{ "name": "google-native", "displayName": "Google Cloud Native", "version": "0.32.0", "description": "A native Pulumi package for creating and managing Google Cloud resources.", "keywords": [ "pulumi", "google cloud", "category/cloud", "kind/native" ], "homepage": "https://pulumi.com", "license": "Apache-2.0", "repository": "https://github.com/pulumi/pulumi-google-native", "publisher": "Pulumi", "meta": { "moduleFormat": "(.*)" }, "language": { "csharp": { "liftSingleValueMethodReturns": true, "namespaces": { "accessapproval": "AccessApproval", "accessapproval/v1": "AccessApproval.V1", "accesscontextmanager": "AccessContextManager", "accesscontextmanager/v1": "AccessContextManager.V1", "accesscontextmanager/v1beta": "AccessContextManager.V1Beta", "advisorynotifications": "AdvisoryNotifications", "advisorynotifications/v1": "AdvisoryNotifications.V1", "aiplatform": "Aiplatform", "aiplatform/v1": "Aiplatform.V1", "aiplatform/v1beta1": "Aiplatform.V1Beta1", "alloydb": "AlloyDB", "alloydb/v1": "AlloyDB.V1", "alloydb/v1alpha": "AlloyDB.V1Alpha", "alloydb/v1beta": "AlloyDB.V1Beta", "analyticshub": "AnalyticsHub", "analyticshub/v1": "AnalyticsHub.V1", "analyticshub/v1beta1": "AnalyticsHub.V1Beta1", "apigateway": "APIGateway", "apigateway/v1": "APIGateway.V1", "apigateway/v1beta": "APIGateway.V1Beta", "apigee": "Apigee", "apigee/v1": "Apigee.V1", "apigeeregistry": "ApigeeRegistry", "apigeeregistry/v1": "ApigeeRegistry.V1", "apikeys": "APIKeys", "apikeys/v2": "APIKeys.V2", "appengine": "AppEngine", "appengine/v1": "AppEngine.V1", "appengine/v1alpha": "AppEngine.V1Alpha", "appengine/v1beta": "AppEngine.V1Beta", "artifactregistry": "ArtifactRegistry", "artifactregistry/v1": "ArtifactRegistry.V1", "artifactregistry/v1beta1": "ArtifactRegistry.V1Beta1", "artifactregistry/v1beta2": "ArtifactRegistry.V1Beta2", "assuredworkloads": "AssuredWorkloads", "assuredworkloads/v1": "AssuredWorkloads.V1", "assuredworkloads/v1beta1": "AssuredWorkloads.V1Beta1", "backupdr": "Backupdr", "backupdr/v1": "Backupdr.V1", "baremetalsolution": "BareMetalSolution", "baremetalsolution/v1": "BareMetalSolution.V1", "baremetalsolution/v2": "BareMetalSolution.V2", "batch": "Batch", "batch/v1": "Batch.V1", "beyondcorp": "BeyondCorp", "beyondcorp/v1": "BeyondCorp.V1", "beyondcorp/v1alpha": "BeyondCorp.V1Alpha", "biglake": "BigLake", "biglake/v1": "BigLake.V1", "bigquery": "BigQuery", "bigquery/v2": "BigQuery.V2", "bigqueryconnection": "BigQueryConnection", "bigqueryconnection/v1beta1": "BigQueryConnection.V1Beta1", "bigquerydatapolicy": "BigQueryDataPolicy", "bigquerydatapolicy/v1": "BigQueryDataPolicy.V1", "bigquerydatatransfer": "BigQueryDataTransfer", "bigquerydatatransfer/v1": "BigQueryDataTransfer.V1", "bigqueryreservation": "BigQueryReservation", "bigqueryreservation/v1": "BigQueryReservation.V1", "bigqueryreservation/v1beta1": "BigQueryReservation.V1Beta1", "bigtableadmin": "BigtableAdmin", "bigtableadmin/v1": "BigtableAdmin.V1", "bigtableadmin/v2": "BigtableAdmin.V2", "billingbudgets": "Billingbudgets", "billingbudgets/v1": "Billingbudgets.V1", "billingbudgets/v1beta1": "Billingbudgets.V1Beta1", "binaryauthorization": "BinaryAuthorization", "binaryauthorization/v1": "BinaryAuthorization.V1", "binaryauthorization/v1beta1": "BinaryAuthorization.V1Beta1", "blockchainnodeengine": "BlockchainNodeEngine", "blockchainnodeengine/v1": "BlockchainNodeEngine.V1", "certificatemanager": "CertificateManager", "certificatemanager/v1": "CertificateManager.V1", "cloudasset": "CloudAsset", "cloudasset/v1": "CloudAsset.V1", "cloudasset/v1beta1": "CloudAsset.V1Beta1", "cloudbilling": "CloudBilling", "cloudbilling/v1": "CloudBilling.V1", "cloudbilling/v1beta": "CloudBilling.V1Beta", "cloudbuild": "CloudBuild", "cloudbuild/v1": "CloudBuild.V1", "cloudbuild/v1alpha1": "CloudBuild.V1Alpha1", "cloudbuild/v1alpha2": "CloudBuild.V1Alpha2", "cloudbuild/v1beta1": "CloudBuild.V1Beta1", "cloudbuild/v2": "CloudBuild.V2", "cloudchannel": "CloudChannel", "cloudchannel/v1": "CloudChannel.V1", "clouddebugger": "CloudDebugger", "clouddebugger/v2": "CloudDebugger.V2", "clouddeploy": "CloudDeploy", "clouddeploy/v1": "CloudDeploy.V1", "clouderrorreporting": "Clouderrorreporting", "clouderrorreporting/v1beta1": "Clouderrorreporting.V1Beta1", "cloudfunctions": "CloudFunctions", "cloudfunctions/v1": "CloudFunctions.V1", "cloudfunctions/v2": "CloudFunctions.V2", "cloudfunctions/v2alpha": "CloudFunctions.V2Alpha", "cloudfunctions/v2beta": "CloudFunctions.V2Beta", "cloudidentity": "CloudIdentity", "cloudidentity/v1": "CloudIdentity.V1", "cloudidentity/v1beta1": "CloudIdentity.V1Beta1", "cloudiot": "CloudIoT", "cloudiot/v1": "CloudIoT.V1", "cloudkms": "Cloudkms", "cloudkms/v1": "Cloudkms.V1", "cloudprofiler": "CloudProfiler", "cloudprofiler/v2": "CloudProfiler.V2", "cloudresourcemanager": "CloudResourceManager", "cloudresourcemanager/v1": "CloudResourceManager.V1", "cloudresourcemanager/v1beta1": "CloudResourceManager.V1Beta1", "cloudresourcemanager/v2": "CloudResourceManager.V2", "cloudresourcemanager/v2beta1": "CloudResourceManager.V2Beta1", "cloudresourcemanager/v3": "CloudResourceManager.V3", "cloudscheduler": "CloudScheduler", "cloudscheduler/v1": "CloudScheduler.V1", "cloudscheduler/v1beta1": "CloudScheduler.V1Beta1", "cloudsearch": "CloudSearch", "cloudsearch/v1": "CloudSearch.V1", "cloudshell": "CloudShell", "cloudshell/v1": "CloudShell.V1", "cloudsupport": "CloudSupport", "cloudsupport/v2": "CloudSupport.V2", "cloudsupport/v2beta": "CloudSupport.V2Beta", "cloudtasks": "CloudTasks", "cloudtasks/v2": "CloudTasks.V2", "cloudtasks/v2beta2": "CloudTasks.V2Beta2", "cloudtasks/v2beta3": "CloudTasks.V2Beta3", "cloudtrace": "CloudTrace", "cloudtrace/v1": "CloudTrace.V1", "cloudtrace/v2": "CloudTrace.V2", "cloudtrace/v2beta1": "CloudTrace.V2Beta1", "composer": "Composer", "composer/v1": "Composer.V1", "composer/v1beta1": "Composer.V1Beta1", "compute": "Compute", "compute/alpha": "Compute.Alpha", "compute/beta": "Compute.Beta", "compute/v1": "Compute.V1", "connectors": "Connectors", "connectors/v1": "Connectors.V1", "connectors/v2": "Connectors.V2", "contactcenteraiplatform": "ContactCenterAIPlatform", "contactcenteraiplatform/v1alpha1": "ContactCenterAIPlatform.V1Alpha1", "contactcenterinsights": "Contactcenterinsights", "contactcenterinsights/v1": "Contactcenterinsights.V1", "container": "Container", "container/v1": "Container.V1", "container/v1beta1": "Container.V1Beta1", "containeranalysis": "ContainerAnalysis", "containeranalysis/v1": "ContainerAnalysis.V1", "containeranalysis/v1alpha1": "ContainerAnalysis.V1Alpha1", "containeranalysis/v1beta1": "ContainerAnalysis.V1Beta1", "contentwarehouse": "Contentwarehouse", "contentwarehouse/v1": "Contentwarehouse.V1", "datacatalog": "DataCatalog", "datacatalog/v1": "DataCatalog.V1", "datacatalog/v1beta1": "DataCatalog.V1Beta1", "dataflow": "Dataflow", "dataflow/v1b3": "Dataflow.V1b3", "dataform": "Dataform", "dataform/v1beta1": "Dataform.V1Beta1", "datafusion": "DataFusion", "datafusion/v1": "DataFusion.V1", "datafusion/v1beta1": "DataFusion.V1Beta1", "datalabeling": "DataLabeling", "datalabeling/v1beta1": "DataLabeling.V1Beta1", "datalineage": "DataLineage", "datalineage/v1": "DataLineage.V1", "datamigration": "Datamigration", "datamigration/v1": "Datamigration.V1", "datamigration/v1beta1": "Datamigration.V1Beta1", "datapipelines": "Datapipelines", "datapipelines/v1": "Datapipelines.V1", "dataplex": "Dataplex", "dataplex/v1": "Dataplex.V1", "dataproc": "Dataproc", "dataproc/v1": "Dataproc.V1", "dataproc/v1beta2": "Dataproc.V1Beta2", "datastore": "Datastore", "datastore/v1": "Datastore.V1", "datastore/v1beta1": "Datastore.V1Beta1", "datastore/v1beta3": "Datastore.V1Beta3", "datastream": "Datastream", "datastream/v1": "Datastream.V1", "datastream/v1alpha1": "Datastream.V1Alpha1", "deploymentmanager": "DeploymentManager", "deploymentmanager/alpha": "DeploymentManager.Alpha", "deploymentmanager/v2": "DeploymentManager.V2", "deploymentmanager/v2beta": "DeploymentManager.V2Beta", "dialogflow": "Dialogflow", "dialogflow/v2": "Dialogflow.V2", "dialogflow/v2beta1": "Dialogflow.V2Beta1", "dialogflow/v3": "Dialogflow.V3", "dialogflow/v3beta1": "Dialogflow.V3Beta1", "discoveryengine": "DiscoveryEngine", "discoveryengine/v1alpha": "DiscoveryEngine.V1Alpha", "discoveryengine/v1beta": "DiscoveryEngine.V1Beta", "dlp": "DLP", "dlp/v2": "DLP.V2", "dns": "DNS", "dns/v1": "DNS.V1", "dns/v1beta2": "DNS.V1Beta2", "documentai": "DocumentAI", "documentai/v1": "DocumentAI.V1", "documentai/v1beta2": "DocumentAI.V1Beta2", "documentai/v1beta3": "DocumentAI.V1Beta3", "domains": "Domains", "domains/v1": "Domains.V1", "domains/v1alpha2": "Domains.V1Alpha2", "domains/v1beta1": "Domains.V1Beta1", "essentialcontacts": "EssentialContacts", "essentialcontacts/v1": "EssentialContacts.V1", "eventarc": "Eventarc", "eventarc/v1": "Eventarc.V1", "eventarc/v1beta1": "Eventarc.V1Beta1", "fcm": "Fcm", "fcm/v1": "Fcm.V1", "fcmdata": "Fcmdata", "fcmdata/v1beta1": "Fcmdata.V1Beta1", "file": "File", "file/v1": "File.V1", "file/v1beta1": "File.V1Beta1", "firebase": "Firebase", "firebase/v1beta1": "Firebase.V1Beta1", "firebaseappcheck": "FirebaseAppCheck", "firebaseappcheck/v1": "FirebaseAppCheck.V1", "firebaseappcheck/v1beta": "FirebaseAppCheck.V1Beta", "firebaseappdistribution": "FirebaseAppDistribution", "firebaseappdistribution/v1": "FirebaseAppDistribution.V1", "firebasedatabase": "Firebasedatabase", "firebasedatabase/v1beta": "Firebasedatabase.V1Beta", "firebasedynamiclinks": "FirebaseDynamicLinks", "firebasedynamiclinks/v1": "FirebaseDynamicLinks.V1", "firebasehosting": "FirebaseHosting", "firebasehosting/v1": "FirebaseHosting.V1", "firebasehosting/v1beta1": "FirebaseHosting.V1Beta1", "firebaseml": "FirebaseML", "firebaseml/v1": "FirebaseML.V1", "firebaseml/v1beta2": "FirebaseML.V1Beta2", "firebaserules": "FirebaseRules", "firebaserules/v1": "FirebaseRules.V1", "firebasestorage": "Firebasestorage", "firebasestorage/v1beta": "Firebasestorage.V1Beta", "firestore": "Firestore", "firestore/v1": "Firestore.V1", "firestore/v1beta1": "Firestore.V1Beta1", "firestore/v1beta2": "Firestore.V1Beta2", "gameservices": "GameServices", "gameservices/v1": "GameServices.V1", "gameservices/v1beta": "GameServices.V1Beta", "genomics": "Genomics", "genomics/v1": "Genomics.V1", "genomics/v1alpha2": "Genomics.V1Alpha2", "genomics/v2alpha1": "Genomics.V2Alpha1", "gkebackup": "Gkebackup", "gkebackup/v1": "Gkebackup.V1", "gkehub": "GKEHub", "gkehub/v1": "GKEHub.V1", "gkehub/v1alpha": "GKEHub.V1Alpha", "gkehub/v1alpha2": "GKEHub.V1Alpha2", "gkehub/v1beta": "GKEHub.V1Beta", "gkehub/v1beta1": "GKEHub.V1Beta1", "gkehub/v2alpha": "GKEHub.V2Alpha", "gkeonprem": "Gkeonprem", "gkeonprem/v1": "Gkeonprem.V1", "google-native": "GoogleNative", "healthcare": "Healthcare", "healthcare/v1": "Healthcare.V1", "healthcare/v1beta1": "Healthcare.V1Beta1", "iam": "IAM", "iam/v1": "IAM.V1", "iam/v2": "IAM.V2", "iam/v2beta": "IAM.V2Beta", "iamcredentials": "Iamcredentials", "iamcredentials/v1": "Iamcredentials.V1", "iap": "Iap", "iap/v1": "Iap.V1", "iap/v1beta1": "Iap.V1Beta1", "identitytoolkit": "IdentityToolkit", "identitytoolkit/v1": "IdentityToolkit.V1", "identitytoolkit/v2": "IdentityToolkit.V2", "identitytoolkit/v3": "IdentityToolkit.V3", "ids": "IDS", "ids/v1": "IDS.V1", "integrations": "Integrations", "integrations/v1alpha": "Integrations.V1Alpha", "jobs": "Jobs", "jobs/v3": "Jobs.V3", "jobs/v4": "Jobs.V4", "kmsinventory": "KMSInventory", "kmsinventory/v1": "KMSInventory.V1", "language": "Language", "language/v1": "Language.V1", "language/v1beta1": "Language.V1Beta1", "language/v1beta2": "Language.V1Beta2", "language/v2": "Language.V2", "libraryagent": "LibraryAgent", "libraryagent/v1": "LibraryAgent.V1", "lifesciences": "LifeSciences", "lifesciences/v2beta": "LifeSciences.V2Beta", "logging": "Logging", "logging/v2": "Logging.V2", "looker": "Looker", "looker/v1": "Looker.V1", "managedidentities": "Managedidentities", "managedidentities/v1": "Managedidentities.V1", "managedidentities/v1alpha1": "Managedidentities.V1Alpha1", "managedidentities/v1beta1": "Managedidentities.V1Beta1", "memcache": "Memcache", "memcache/v1": "Memcache.V1", "memcache/v1beta2": "Memcache.V1Beta2", "metastore": "Metastore", "metastore/v1": "Metastore.V1", "metastore/v1alpha": "Metastore.V1Alpha", "metastore/v1beta": "Metastore.V1Beta", "migrationcenter": "MigrationCenter", "migrationcenter/v1": "MigrationCenter.V1", "migrationcenter/v1alpha1": "MigrationCenter.V1Alpha1", "ml": "Ml", "ml/v1": "Ml.V1", "monitoring": "Monitoring", "monitoring/v1": "Monitoring.V1", "monitoring/v3": "Monitoring.V3", "networkconnectivity": "NetworkConnectivity", "networkconnectivity/v1": "NetworkConnectivity.V1", "networkconnectivity/v1alpha1": "NetworkConnectivity.V1Alpha1", "networkmanagement": "NetworkManagement", "networkmanagement/v1": "NetworkManagement.V1", "networkmanagement/v1beta1": "NetworkManagement.V1Beta1", "networksecurity": "NetworkSecurity", "networksecurity/v1": "NetworkSecurity.V1", "networksecurity/v1beta1": "NetworkSecurity.V1Beta1", "networkservices": "NetworkServices", "networkservices/v1": "NetworkServices.V1", "networkservices/v1beta1": "NetworkServices.V1Beta1", "notebooks": "Notebooks", "notebooks/v1": "Notebooks.V1", "notebooks/v2": "Notebooks.V2", "ondemandscanning": "OnDemandScanning", "ondemandscanning/v1": "OnDemandScanning.V1", "ondemandscanning/v1beta1": "OnDemandScanning.V1Beta1", "orgpolicy": "Orgpolicy", "orgpolicy/v2": "Orgpolicy.V2", "osconfig": "OSConfig", "osconfig/v1": "OSConfig.V1", "osconfig/v1alpha": "OSConfig.V1Alpha", "osconfig/v1beta": "OSConfig.V1Beta", "oslogin": "OSLogin", "oslogin/v1": "OSLogin.V1", "oslogin/v1alpha": "OSLogin.V1Alpha", "oslogin/v1beta": "OSLogin.V1Beta", "playgrouping": "PlayGrouping", "playgrouping/v1alpha1": "PlayGrouping.V1Alpha1", "policysimulator": "PolicySimulator", "policysimulator/v1": "PolicySimulator.V1", "policysimulator/v1alpha": "PolicySimulator.V1Alpha", "policysimulator/v1beta": "PolicySimulator.V1Beta", "policysimulator/v1beta1": "PolicySimulator.V1Beta1", "policytroubleshooter": "PolicyTroubleshooter", "policytroubleshooter/v1": "PolicyTroubleshooter.V1", "policytroubleshooter/v1beta": "PolicyTroubleshooter.V1Beta", "privateca": "Privateca", "privateca/v1": "Privateca.V1", "privateca/v1beta1": "Privateca.V1Beta1", "publicca": "Publicca", "publicca/v1": "Publicca.V1", "publicca/v1alpha1": "Publicca.V1Alpha1", "publicca/v1beta1": "Publicca.V1Beta1", "pubsub": "Pubsub", "pubsub/v1": "Pubsub.V1", "pubsub/v1beta1a": "Pubsub.V1Beta1a", "pubsub/v1beta2": "Pubsub.V1Beta2", "pubsublite": "Pubsublite", "pubsublite/v1": "Pubsublite.V1", "rapidmigrationassessment": "RapidMigrationAssessment", "rapidmigrationassessment/v1": "RapidMigrationAssessment.V1", "recaptchaenterprise": "reCAPTCHAEnterprise", "recaptchaenterprise/v1": "reCAPTCHAEnterprise.V1", "recommendationengine": "Recommendationengine", "recommendationengine/v1beta1": "Recommendationengine.V1Beta1", "recommender": "Recommender", "recommender/v1": "Recommender.V1", "recommender/v1beta1": "Recommender.V1Beta1", "redis": "Redis", "redis/v1": "Redis.V1", "redis/v1beta1": "Redis.V1Beta1", "remotebuildexecution": "RemoteBuildExecution", "remotebuildexecution/v1": "RemoteBuildExecution.V1", "remotebuildexecution/v1alpha": "RemoteBuildExecution.V1Alpha", "remotebuildexecution/v2": "RemoteBuildExecution.V2", "resourcesettings": "ResourceSettings", "resourcesettings/v1": "ResourceSettings.V1", "retail": "Retail", "retail/v2": "Retail.V2", "retail/v2alpha": "Retail.V2Alpha", "retail/v2beta": "Retail.V2Beta", "run": "Run", "run/v1": "Run.V1", "run/v2": "Run.V2", "runtimeconfig": "RuntimeConfig", "runtimeconfig/v1": "RuntimeConfig.V1", "runtimeconfig/v1beta1": "RuntimeConfig.V1Beta1", "secretmanager": "SecretManager", "secretmanager/v1": "SecretManager.V1", "secretmanager/v1beta1": "SecretManager.V1Beta1", "securitycenter": "Securitycenter", "securitycenter/v1": "Securitycenter.V1", "securitycenter/v1beta1": "Securitycenter.V1Beta1", "securitycenter/v1beta2": "Securitycenter.V1Beta2", "serviceconsumermanagement": "ServiceConsumerManagement", "serviceconsumermanagement/v1": "ServiceConsumerManagement.V1", "serviceconsumermanagement/v1beta1": "ServiceConsumerManagement.V1Beta1", "servicecontrol": "ServiceControl", "servicecontrol/v1": "ServiceControl.V1", "servicecontrol/v2": "ServiceControl.V2", "servicedirectory": "ServiceDirectory", "servicedirectory/v1": "ServiceDirectory.V1", "servicedirectory/v1beta1": "ServiceDirectory.V1Beta1", "servicemanagement": "ServiceManagement", "servicemanagement/v1": "ServiceManagement.V1", "servicenetworking": "ServiceNetworking", "servicenetworking/v1": "ServiceNetworking.V1", "servicenetworking/v1beta": "ServiceNetworking.V1Beta", "serviceusage": "ServiceUsage", "serviceusage/v1": "ServiceUsage.V1", "serviceusage/v1beta1": "ServiceUsage.V1Beta1", "sourcerepo": "SourceRepo", "sourcerepo/v1": "SourceRepo.V1", "spanner": "Spanner", "spanner/v1": "Spanner.V1", "speech": "Speech", "speech/v1": "Speech.V1", "speech/v2beta1": "Speech.V2Beta1", "sqladmin": "SQLAdmin", "sqladmin/v1": "SQLAdmin.V1", "sqladmin/v1beta4": "SQLAdmin.V1Beta4", "storage": "Storage", "storage/v1": "Storage.V1", "storagetransfer": "StorageTransfer", "storagetransfer/v1": "StorageTransfer.V1", "testing": "Testing", "testing/v1": "Testing.V1", "texttospeech": "TexttoSpeech", "texttospeech/v1": "TexttoSpeech.V1", "texttospeech/v1beta1": "TexttoSpeech.V1Beta1", "toolresults": "ToolResults", "toolresults/v1beta3": "ToolResults.V1Beta3", "tpu": "TPU", "tpu/v1": "TPU.V1", "tpu/v1alpha1": "TPU.V1Alpha1", "tpu/v2": "TPU.V2", "tpu/v2alpha1": "TPU.V2Alpha1", "trafficdirector": "TrafficDirector", "trafficdirector/v2": "TrafficDirector.V2", "trafficdirector/v3": "TrafficDirector.V3", "transcoder": "Transcoder", "transcoder/v1": "Transcoder.V1", "translate": "Translate", "translate/v2": "Translate.V2", "translate/v3": "Translate.V3", "translate/v3beta1": "Translate.V3Beta1", "videointelligence": "VideoIntelligence", "videointelligence/v1": "VideoIntelligence.V1", "videointelligence/v1beta2": "VideoIntelligence.V1Beta2", "vision": "Vision", "vision/v1": "Vision.V1", "vmmigration": "VMMigration", "vmmigration/v1": "VMMigration.V1", "vmmigration/v1alpha1": "VMMigration.V1Alpha1", "vmwareengine": "VMwareEngine", "vmwareengine/v1": "VMwareEngine.V1", "vpcaccess": "VPCAccess", "vpcaccess/v1": "VPCAccess.V1", "vpcaccess/v1beta1": "VPCAccess.V1Beta1", "webrisk": "WebRisk", "webrisk/v1": "WebRisk.V1", "websecurityscanner": "WebSecurityScanner", "websecurityscanner/v1": "WebSecurityScanner.V1", "websecurityscanner/v1alpha": "WebSecurityScanner.V1Alpha", "websecurityscanner/v1beta": "WebSecurityScanner.V1Beta", "workflowexecutions": "WorkflowExecutions", "workflowexecutions/v1": "WorkflowExecutions.V1", "workflowexecutions/v1beta": "WorkflowExecutions.V1Beta", "workflows": "Workflows", "workflows/v1": "Workflows.V1", "workflows/v1beta": "Workflows.V1Beta", "workloadmanager": "WorkloadManager", "workloadmanager/v1": "WorkloadManager.V1", "workstations": "Workstations", "workstations/v1": "Workstations.V1", "workstations/v1beta": "Workstations.V1Beta" }, "packageReferences": { "Pulumi": "3.*" } }, "go": { "importBasePath": "github.com/pulumi/pulumi-google-native/sdk/go/google", "liftSingleValueMethodReturns": true, "packageImportAliases": { "github.com/pulumi/pulumi-google-native/sdk/go/google/accessapproval/v1": "accessapproval", "github.com/pulumi/pulumi-google-native/sdk/go/google/accesscontextmanager/v1": "accesscontextmanager", "github.com/pulumi/pulumi-google-native/sdk/go/google/accesscontextmanager/v1beta": "accesscontextmanager", "github.com/pulumi/pulumi-google-native/sdk/go/google/advisorynotifications/v1": "advisorynotifications", "github.com/pulumi/pulumi-google-native/sdk/go/google/aiplatform/v1": "aiplatform", "github.com/pulumi/pulumi-google-native/sdk/go/google/aiplatform/v1beta1": "aiplatform", "github.com/pulumi/pulumi-google-native/sdk/go/google/alloydb/v1": "alloydb", "github.com/pulumi/pulumi-google-native/sdk/go/google/alloydb/v1alpha": "alloydb", "github.com/pulumi/pulumi-google-native/sdk/go/google/alloydb/v1beta": "alloydb", "github.com/pulumi/pulumi-google-native/sdk/go/google/analyticshub/v1": "analyticshub", "github.com/pulumi/pulumi-google-native/sdk/go/google/analyticshub/v1beta1": "analyticshub", "github.com/pulumi/pulumi-google-native/sdk/go/google/apigateway/v1": "apigateway", "github.com/pulumi/pulumi-google-native/sdk/go/google/apigateway/v1beta": "apigateway", "github.com/pulumi/pulumi-google-native/sdk/go/google/apigee/v1": "apigee", "github.com/pulumi/pulumi-google-native/sdk/go/google/apigeeregistry/v1": "apigeeregistry", "github.com/pulumi/pulumi-google-native/sdk/go/google/apikeys/v2": "apikeys", "github.com/pulumi/pulumi-google-native/sdk/go/google/appengine/v1": "appengine", "github.com/pulumi/pulumi-google-native/sdk/go/google/appengine/v1alpha": "appengine", "github.com/pulumi/pulumi-google-native/sdk/go/google/appengine/v1beta": "appengine", "github.com/pulumi/pulumi-google-native/sdk/go/google/artifactregistry/v1": "artifactregistry", "github.com/pulumi/pulumi-google-native/sdk/go/google/artifactregistry/v1beta1": "artifactregistry", "github.com/pulumi/pulumi-google-native/sdk/go/google/artifactregistry/v1beta2": "artifactregistry", "github.com/pulumi/pulumi-google-native/sdk/go/google/assuredworkloads/v1": "assuredworkloads", "github.com/pulumi/pulumi-google-native/sdk/go/google/assuredworkloads/v1beta1": "assuredworkloads", "github.com/pulumi/pulumi-google-native/sdk/go/google/backupdr/v1": "backupdr", "github.com/pulumi/pulumi-google-native/sdk/go/google/baremetalsolution/v1": "baremetalsolution", "github.com/pulumi/pulumi-google-native/sdk/go/google/baremetalsolution/v2": "baremetalsolution", "github.com/pulumi/pulumi-google-native/sdk/go/google/batch/v1": "batch", "github.com/pulumi/pulumi-google-native/sdk/go/google/beyondcorp/v1": "beyondcorp", "github.com/pulumi/pulumi-google-native/sdk/go/google/beyondcorp/v1alpha": "beyondcorp", "github.com/pulumi/pulumi-google-native/sdk/go/google/biglake/v1": "biglake", "github.com/pulumi/pulumi-google-native/sdk/go/google/bigquery/v2": "bigquery", "github.com/pulumi/pulumi-google-native/sdk/go/google/bigqueryconnection/v1beta1": "bigqueryconnection", "github.com/pulumi/pulumi-google-native/sdk/go/google/bigquerydatapolicy/v1": "bigquerydatapolicy", "github.com/pulumi/pulumi-google-native/sdk/go/google/bigquerydatatransfer/v1": "bigquerydatatransfer", "github.com/pulumi/pulumi-google-native/sdk/go/google/bigqueryreservation/v1": "bigqueryreservation", "github.com/pulumi/pulumi-google-native/sdk/go/google/bigqueryreservation/v1beta1": "bigqueryreservation", "github.com/pulumi/pulumi-google-native/sdk/go/google/bigtableadmin/v1": "bigtableadmin", "github.com/pulumi/pulumi-google-native/sdk/go/google/bigtableadmin/v2": "bigtableadmin", "github.com/pulumi/pulumi-google-native/sdk/go/google/billingbudgets/v1": "billingbudgets", "github.com/pulumi/pulumi-google-native/sdk/go/google/billingbudgets/v1beta1": "billingbudgets", "github.com/pulumi/pulumi-google-native/sdk/go/google/binaryauthorization/v1": "binaryauthorization", "github.com/pulumi/pulumi-google-native/sdk/go/google/binaryauthorization/v1beta1": "binaryauthorization", "github.com/pulumi/pulumi-google-native/sdk/go/google/blockchainnodeengine/v1": "blockchainnodeengine", "github.com/pulumi/pulumi-google-native/sdk/go/google/certificatemanager/v1": "certificatemanager", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudasset/v1": "cloudasset", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudasset/v1beta1": "cloudasset", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudbilling/v1": "cloudbilling", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudbilling/v1beta": "cloudbilling", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudbuild/v1": "cloudbuild", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudbuild/v1alpha1": "cloudbuild", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudbuild/v1alpha2": "cloudbuild", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudbuild/v1beta1": "cloudbuild", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudbuild/v2": "cloudbuild", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudchannel/v1": "cloudchannel", "github.com/pulumi/pulumi-google-native/sdk/go/google/clouddebugger/v2": "clouddebugger", "github.com/pulumi/pulumi-google-native/sdk/go/google/clouddeploy/v1": "clouddeploy", "github.com/pulumi/pulumi-google-native/sdk/go/google/clouderrorreporting/v1beta1": "clouderrorreporting", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudfunctions/v1": "cloudfunctions", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudfunctions/v2": "cloudfunctions", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudfunctions/v2alpha": "cloudfunctions", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudfunctions/v2beta": "cloudfunctions", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudidentity/v1": "cloudidentity", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudidentity/v1beta1": "cloudidentity", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudiot/v1": "cloudiot", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudkms/v1": "cloudkms", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudprofiler/v2": "cloudprofiler", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudresourcemanager/v1": "cloudresourcemanager", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudresourcemanager/v1beta1": "cloudresourcemanager", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudresourcemanager/v2": "cloudresourcemanager", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudresourcemanager/v2beta1": "cloudresourcemanager", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudresourcemanager/v3": "cloudresourcemanager", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudscheduler/v1": "cloudscheduler", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudscheduler/v1beta1": "cloudscheduler", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudsearch/v1": "cloudsearch", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudshell/v1": "cloudshell", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudsupport/v2": "cloudsupport", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudsupport/v2beta": "cloudsupport", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudtasks/v2": "cloudtasks", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudtasks/v2beta2": "cloudtasks", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudtasks/v2beta3": "cloudtasks", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudtrace/v1": "cloudtrace", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudtrace/v2": "cloudtrace", "github.com/pulumi/pulumi-google-native/sdk/go/google/cloudtrace/v2beta1": "cloudtrace", "github.com/pulumi/pulumi-google-native/sdk/go/google/composer/v1": "composer", "github.com/pulumi/pulumi-google-native/sdk/go/google/composer/v1beta1": "composer", "github.com/pulumi/pulumi-google-native/sdk/go/google/compute/alpha": "compute", "github.com/pulumi/pulumi-google-native/sdk/go/google/compute/beta": "compute", "github.com/pulumi/pulumi-google-native/sdk/go/google/compute/v1": "compute", "github.com/pulumi/pulumi-google-native/sdk/go/google/connectors/v1": "connectors", "github.com/pulumi/pulumi-google-native/sdk/go/google/connectors/v2": "connectors", "github.com/pulumi/pulumi-google-native/sdk/go/google/contactcenteraiplatform/v1alpha1": "contactcenteraiplatform", "github.com/pulumi/pulumi-google-native/sdk/go/google/contactcenterinsights/v1": "contactcenterinsights", "github.com/pulumi/pulumi-google-native/sdk/go/google/container/v1": "container", "github.com/pulumi/pulumi-google-native/sdk/go/google/container/v1beta1": "container", "github.com/pulumi/pulumi-google-native/sdk/go/google/containeranalysis/v1": "containeranalysis", "github.com/pulumi/pulumi-google-native/sdk/go/google/containeranalysis/v1alpha1": "containeranalysis", "github.com/pulumi/pulumi-google-native/sdk/go/google/containeranalysis/v1beta1": "containeranalysis", "github.com/pulumi/pulumi-google-native/sdk/go/google/contentwarehouse/v1": "contentwarehouse", "github.com/pulumi/pulumi-google-native/sdk/go/google/datacatalog/v1": "datacatalog", "github.com/pulumi/pulumi-google-native/sdk/go/google/datacatalog/v1beta1": "datacatalog", "github.com/pulumi/pulumi-google-native/sdk/go/google/dataflow/v1b3": "dataflow", "github.com/pulumi/pulumi-google-native/sdk/go/google/dataform/v1beta1": "dataform", "github.com/pulumi/pulumi-google-native/sdk/go/google/datafusion/v1": "datafusion", "github.com/pulumi/pulumi-google-native/sdk/go/google/datafusion/v1beta1": "datafusion", "github.com/pulumi/pulumi-google-native/sdk/go/google/datalabeling/v1beta1": "datalabeling", "github.com/pulumi/pulumi-google-native/sdk/go/google/datalineage/v1": "datalineage", "github.com/pulumi/pulumi-google-native/sdk/go/google/datamigration/v1": "datamigration", "github.com/pulumi/pulumi-google-native/sdk/go/google/datamigration/v1beta1": "datamigration", "github.com/pulumi/pulumi-google-native/sdk/go/google/datapipelines/v1": "datapipelines", "github.com/pulumi/pulumi-google-native/sdk/go/google/dataplex/v1": "dataplex", "github.com/pulumi/pulumi-google-native/sdk/go/google/dataproc/v1": "dataproc", "github.com/pulumi/pulumi-google-native/sdk/go/google/dataproc/v1beta2": "dataproc", "github.com/pulumi/pulumi-google-native/sdk/go/google/datastore/v1": "datastore", "github.com/pulumi/pulumi-google-native/sdk/go/google/datastore/v1beta1": "datastore", "github.com/pulumi/pulumi-google-native/sdk/go/google/datastore/v1beta3": "datastore", "github.com/pulumi/pulumi-google-native/sdk/go/google/datastream/v1": "datastream", "github.com/pulumi/pulumi-google-native/sdk/go/google/datastream/v1alpha1": "datastream", "github.com/pulumi/pulumi-google-native/sdk/go/google/deploymentmanager/alpha": "deploymentmanager", "github.com/pulumi/pulumi-google-native/sdk/go/google/deploymentmanager/v2": "deploymentmanager", "github.com/pulumi/pulumi-google-native/sdk/go/google/deploymentmanager/v2beta": "deploymentmanager", "github.com/pulumi/pulumi-google-native/sdk/go/google/dialogflow/v2": "dialogflow", "github.com/pulumi/pulumi-google-native/sdk/go/google/dialogflow/v2beta1": "dialogflow", "github.com/pulumi/pulumi-google-native/sdk/go/google/dialogflow/v3": "dialogflow", "github.com/pulumi/pulumi-google-native/sdk/go/google/dialogflow/v3beta1": "dialogflow", "github.com/pulumi/pulumi-google-native/sdk/go/google/discoveryengine/v1alpha": "discoveryengine", "github.com/pulumi/pulumi-google-native/sdk/go/google/discoveryengine/v1beta": "discoveryengine", "github.com/pulumi/pulumi-google-native/sdk/go/google/dlp/v2": "dlp", "github.com/pulumi/pulumi-google-native/sdk/go/google/dns/v1": "dns", "github.com/pulumi/pulumi-google-native/sdk/go/google/dns/v1beta2": "dns", "github.com/pulumi/pulumi-google-native/sdk/go/google/documentai/v1": "documentai", "github.com/pulumi/pulumi-google-native/sdk/go/google/documentai/v1beta2": "documentai", "github.com/pulumi/pulumi-google-native/sdk/go/google/documentai/v1beta3": "documentai", "github.com/pulumi/pulumi-google-native/sdk/go/google/domains/v1": "domains", "github.com/pulumi/pulumi-google-native/sdk/go/google/domains/v1alpha2": "domains", "github.com/pulumi/pulumi-google-native/sdk/go/google/domains/v1beta1": "domains", "github.com/pulumi/pulumi-google-native/sdk/go/google/essentialcontacts/v1": "essentialcontacts", "github.com/pulumi/pulumi-google-native/sdk/go/google/eventarc/v1": "eventarc", "github.com/pulumi/pulumi-google-native/sdk/go/google/eventarc/v1beta1": "eventarc", "github.com/pulumi/pulumi-google-native/sdk/go/google/fcm/v1": "fcm", "github.com/pulumi/pulumi-google-native/sdk/go/google/fcmdata/v1beta1": "fcmdata", "github.com/pulumi/pulumi-google-native/sdk/go/google/file/v1": "file", "github.com/pulumi/pulumi-google-native/sdk/go/google/file/v1beta1": "file", "github.com/pulumi/pulumi-google-native/sdk/go/google/firebase/v1beta1": "firebase", "github.com/pulumi/pulumi-google-native/sdk/go/google/firebaseappcheck/v1": "firebaseappcheck", "github.com/pulumi/pulumi-google-native/sdk/go/google/firebaseappcheck/v1beta": "firebaseappcheck", "github.com/pulumi/pulumi-google-native/sdk/go/google/firebaseappdistribution/v1": "firebaseappdistribution", "github.com/pulumi/pulumi-google-native/sdk/go/google/firebasedatabase/v1beta": "firebasedatabase", "github.com/pulumi/pulumi-google-native/sdk/go/google/firebasedynamiclinks/v1": "firebasedynamiclinks", "github.com/pulumi/pulumi-google-native/sdk/go/google/firebasehosting/v1": "firebasehosting", "github.com/pulumi/pulumi-google-native/sdk/go/google/firebasehosting/v1beta1": "firebasehosting", "github.com/pulumi/pulumi-google-native/sdk/go/google/firebaseml/v1": "firebaseml", "github.com/pulumi/pulumi-google-native/sdk/go/google/firebaseml/v1beta2": "firebaseml", "github.com/pulumi/pulumi-google-native/sdk/go/google/firebaserules/v1": "firebaserules", "github.com/pulumi/pulumi-google-native/sdk/go/google/firebasestorage/v1beta": "firebasestorage", "github.com/pulumi/pulumi-google-native/sdk/go/google/firestore/v1": "firestore", "github.com/pulumi/pulumi-google-native/sdk/go/google/firestore/v1beta1": "firestore", "github.com/pulumi/pulumi-google-native/sdk/go/google/firestore/v1beta2": "firestore", "github.com/pulumi/pulumi-google-native/sdk/go/google/gameservices/v1": "gameservices", "github.com/pulumi/pulumi-google-native/sdk/go/google/gameservices/v1beta": "gameservices", "github.com/pulumi/pulumi-google-native/sdk/go/google/genomics/v1": "genomics", "github.com/pulumi/pulumi-google-native/sdk/go/google/genomics/v1alpha2": "genomics", "github.com/pulumi/pulumi-google-native/sdk/go/google/genomics/v2alpha1": "genomics", "github.com/pulumi/pulumi-google-native/sdk/go/google/gkebackup/v1": "gkebackup", "github.com/pulumi/pulumi-google-native/sdk/go/google/gkehub/v1": "gkehub", "github.com/pulumi/pulumi-google-native/sdk/go/google/gkehub/v1alpha": "gkehub", "github.com/pulumi/pulumi-google-native/sdk/go/google/gkehub/v1alpha2": "gkehub", "github.com/pulumi/pulumi-google-native/sdk/go/google/gkehub/v1beta": "gkehub", "github.com/pulumi/pulumi-google-native/sdk/go/google/gkehub/v1beta1": "gkehub", "github.com/pulumi/pulumi-google-native/sdk/go/google/gkehub/v2alpha": "gkehub", "github.com/pulumi/pulumi-google-native/sdk/go/google/gkeonprem/v1": "gkeonprem", "github.com/pulumi/pulumi-google-native/sdk/go/google/healthcare/v1": "healthcare", "github.com/pulumi/pulumi-google-native/sdk/go/google/healthcare/v1beta1": "healthcare", "github.com/pulumi/pulumi-google-native/sdk/go/google/iam/v1": "iam", "github.com/pulumi/pulumi-google-native/sdk/go/google/iam/v2": "iam", "github.com/pulumi/pulumi-google-native/sdk/go/google/iam/v2beta": "iam", "github.com/pulumi/pulumi-google-native/sdk/go/google/iamcredentials/v1": "iamcredentials", "github.com/pulumi/pulumi-google-native/sdk/go/google/iap/v1": "iap", "github.com/pulumi/pulumi-google-native/sdk/go/google/iap/v1beta1": "iap", "github.com/pulumi/pulumi-google-native/sdk/go/google/identitytoolkit/v1": "identitytoolkit", "github.com/pulumi/pulumi-google-native/sdk/go/google/identitytoolkit/v2": "identitytoolkit", "github.com/pulumi/pulumi-google-native/sdk/go/google/identitytoolkit/v3": "identitytoolkit", "github.com/pulumi/pulumi-google-native/sdk/go/google/ids/v1": "ids", "github.com/pulumi/pulumi-google-native/sdk/go/google/integrations/v1alpha": "integrations", "github.com/pulumi/pulumi-google-native/sdk/go/google/jobs/v3": "jobs", "github.com/pulumi/pulumi-google-native/sdk/go/google/jobs/v4": "jobs", "github.com/pulumi/pulumi-google-native/sdk/go/google/kmsinventory/v1": "kmsinventory", "github.com/pulumi/pulumi-google-native/sdk/go/google/language/v1": "language", "github.com/pulumi/pulumi-google-native/sdk/go/google/language/v1beta1": "language", "github.com/pulumi/pulumi-google-native/sdk/go/google/language/v1beta2": "language", "github.com/pulumi/pulumi-google-native/sdk/go/google/language/v2": "language", "github.com/pulumi/pulumi-google-native/sdk/go/google/libraryagent/v1": "libraryagent", "github.com/pulumi/pulumi-google-native/sdk/go/google/lifesciences/v2beta": "lifesciences", "github.com/pulumi/pulumi-google-native/sdk/go/google/logging/v2": "logging", "github.com/pulumi/pulumi-google-native/sdk/go/google/looker/v1": "looker", "github.com/pulumi/pulumi-google-native/sdk/go/google/managedidentities/v1": "managedidentities", "github.com/pulumi/pulumi-google-native/sdk/go/google/managedidentities/v1alpha1": "managedidentities", "github.com/pulumi/pulumi-google-native/sdk/go/google/managedidentities/v1beta1": "managedidentities", "github.com/pulumi/pulumi-google-native/sdk/go/google/memcache/v1": "memcache", "github.com/pulumi/pulumi-google-native/sdk/go/google/memcache/v1beta2": "memcache", "github.com/pulumi/pulumi-google-native/sdk/go/google/metastore/v1": "metastore", "github.com/pulumi/pulumi-google-native/sdk/go/google/metastore/v1alpha": "metastore", "github.com/pulumi/pulumi-google-native/sdk/go/google/metastore/v1beta": "metastore", "github.com/pulumi/pulumi-google-native/sdk/go/google/migrationcenter/v1": "migrationcenter", "github.com/pulumi/pulumi-google-native/sdk/go/google/migrationcenter/v1alpha1": "migrationcenter", "github.com/pulumi/pulumi-google-native/sdk/go/google/ml/v1": "ml", "github.com/pulumi/pulumi-google-native/sdk/go/google/monitoring/v1": "monitoring", "github.com/pulumi/pulumi-google-native/sdk/go/google/monitoring/v3": "monitoring", "github.com/pulumi/pulumi-google-native/sdk/go/google/networkconnectivity/v1": "networkconnectivity", "github.com/pulumi/pulumi-google-native/sdk/go/google/networkconnectivity/v1alpha1": "networkconnectivity", "github.com/pulumi/pulumi-google-native/sdk/go/google/networkmanagement/v1": "networkmanagement", "github.com/pulumi/pulumi-google-native/sdk/go/google/networkmanagement/v1beta1": "networkmanagement", "github.com/pulumi/pulumi-google-native/sdk/go/google/networksecurity/v1": "networksecurity", "github.com/pulumi/pulumi-google-native/sdk/go/google/networksecurity/v1beta1": "networksecurity", "github.com/pulumi/pulumi-google-native/sdk/go/google/networkservices/v1": "networkservices", "github.com/pulumi/pulumi-google-native/sdk/go/google/networkservices/v1beta1": "networkservices", "github.com/pulumi/pulumi-google-native/sdk/go/google/notebooks/v1": "notebooks", "github.com/pulumi/pulumi-google-native/sdk/go/google/notebooks/v2": "notebooks", "github.com/pulumi/pulumi-google-native/sdk/go/google/ondemandscanning/v1": "ondemandscanning", "github.com/pulumi/pulumi-google-native/sdk/go/google/ondemandscanning/v1beta1": "ondemandscanning", "github.com/pulumi/pulumi-google-native/sdk/go/google/orgpolicy/v2": "orgpolicy", "github.com/pulumi/pulumi-google-native/sdk/go/google/osconfig/v1": "osconfig", "github.com/pulumi/pulumi-google-native/sdk/go/google/osconfig/v1alpha": "osconfig", "github.com/pulumi/pulumi-google-native/sdk/go/google/osconfig/v1beta": "osconfig", "github.com/pulumi/pulumi-google-native/sdk/go/google/oslogin/v1": "oslogin", "github.com/pulumi/pulumi-google-native/sdk/go/google/oslogin/v1alpha": "oslogin", "github.com/pulumi/pulumi-google-native/sdk/go/google/oslogin/v1beta": "oslogin", "github.com/pulumi/pulumi-google-native/sdk/go/google/playgrouping/v1alpha1": "playgrouping", "github.com/pulumi/pulumi-google-native/sdk/go/google/policysimulator/v1": "policysimulator", "github.com/pulumi/pulumi-google-native/sdk/go/google/policysimulator/v1alpha": "policysimulator", "github.com/pulumi/pulumi-google-native/sdk/go/google/policysimulator/v1beta": "policysimulator", "github.com/pulumi/pulumi-google-native/sdk/go/google/policysimulator/v1beta1": "policysimulator", "github.com/pulumi/pulumi-google-native/sdk/go/google/policytroubleshooter/v1": "policytroubleshooter", "github.com/pulumi/pulumi-google-native/sdk/go/google/policytroubleshooter/v1beta": "policytroubleshooter", "github.com/pulumi/pulumi-google-native/sdk/go/google/privateca/v1": "privateca", "github.com/pulumi/pulumi-google-native/sdk/go/google/privateca/v1beta1": "privateca", "github.com/pulumi/pulumi-google-native/sdk/go/google/publicca/v1": "publicca", "github.com/pulumi/pulumi-google-native/sdk/go/google/publicca/v1alpha1": "publicca", "github.com/pulumi/pulumi-google-native/sdk/go/google/publicca/v1beta1": "publicca", "github.com/pulumi/pulumi-google-native/sdk/go/google/pubsub/v1": "pubsub", "github.com/pulumi/pulumi-google-native/sdk/go/google/pubsub/v1beta1a": "pubsub", "github.com/pulumi/pulumi-google-native/sdk/go/google/pubsub/v1beta2": "pubsub", "github.com/pulumi/pulumi-google-native/sdk/go/google/pubsublite/v1": "pubsublite", "github.com/pulumi/pulumi-google-native/sdk/go/google/rapidmigrationassessment/v1": "rapidmigrationassessment", "github.com/pulumi/pulumi-google-native/sdk/go/google/recaptchaenterprise/v1": "recaptchaenterprise", "github.com/pulumi/pulumi-google-native/sdk/go/google/recommendationengine/v1beta1": "recommendationengine", "github.com/pulumi/pulumi-google-native/sdk/go/google/recommender/v1": "recommender", "github.com/pulumi/pulumi-google-native/sdk/go/google/recommender/v1beta1": "recommender", "github.com/pulumi/pulumi-google-native/sdk/go/google/redis/v1": "redis", "github.com/pulumi/pulumi-google-native/sdk/go/google/redis/v1beta1": "redis", "github.com/pulumi/pulumi-google-native/sdk/go/google/remotebuildexecution/v1": "remotebuildexecution", "github.com/pulumi/pulumi-google-native/sdk/go/google/remotebuildexecution/v1alpha": "remotebuildexecution", "github.com/pulumi/pulumi-google-native/sdk/go/google/remotebuildexecution/v2": "remotebuildexecution", "github.com/pulumi/pulumi-google-native/sdk/go/google/resourcesettings/v1": "resourcesettings", "github.com/pulumi/pulumi-google-native/sdk/go/google/retail/v2": "retail", "github.com/pulumi/pulumi-google-native/sdk/go/google/retail/v2alpha": "retail", "github.com/pulumi/pulumi-google-native/sdk/go/google/retail/v2beta": "retail", "github.com/pulumi/pulumi-google-native/sdk/go/google/run/v1": "run", "github.com/pulumi/pulumi-google-native/sdk/go/google/run/v2": "run", "github.com/pulumi/pulumi-google-native/sdk/go/google/runtimeconfig/v1": "runtimeconfig", "github.com/pulumi/pulumi-google-native/sdk/go/google/runtimeconfig/v1beta1": "runtimeconfig", "github.com/pulumi/pulumi-google-native/sdk/go/google/secretmanager/v1": "secretmanager", "github.com/pulumi/pulumi-google-native/sdk/go/google/secretmanager/v1beta1": "secretmanager", "github.com/pulumi/pulumi-google-native/sdk/go/google/securitycenter/v1": "securitycenter", "github.com/pulumi/pulumi-google-native/sdk/go/google/securitycenter/v1beta1": "securitycenter", "github.com/pulumi/pulumi-google-native/sdk/go/google/securitycenter/v1beta2": "securitycenter", "github.com/pulumi/pulumi-google-native/sdk/go/google/serviceconsumermanagement/v1": "serviceconsumermanagement", "github.com/pulumi/pulumi-google-native/sdk/go/google/serviceconsumermanagement/v1beta1": "serviceconsumermanagement", "github.com/pulumi/pulumi-google-native/sdk/go/google/servicecontrol/v1": "servicecontrol", "github.com/pulumi/pulumi-google-native/sdk/go/google/servicecontrol/v2": "servicecontrol", "github.com/pulumi/pulumi-google-native/sdk/go/google/servicedirectory/v1": "servicedirectory", "github.com/pulumi/pulumi-google-native/sdk/go/google/servicedirectory/v1beta1": "servicedirectory", "github.com/pulumi/pulumi-google-native/sdk/go/google/servicemanagement/v1": "servicemanagement", "github.com/pulumi/pulumi-google-native/sdk/go/google/servicenetworking/v1": "servicenetworking", "github.com/pulumi/pulumi-google-native/sdk/go/google/servicenetworking/v1beta": "servicenetworking", "github.com/pulumi/pulumi-google-native/sdk/go/google/serviceusage/v1": "serviceusage", "github.com/pulumi/pulumi-google-native/sdk/go/google/serviceusage/v1beta1": "serviceusage", "github.com/pulumi/pulumi-google-native/sdk/go/google/sourcerepo/v1": "sourcerepo", "github.com/pulumi/pulumi-google-native/sdk/go/google/spanner/v1": "spanner", "github.com/pulumi/pulumi-google-native/sdk/go/google/speech/v1": "speech", "github.com/pulumi/pulumi-google-native/sdk/go/google/speech/v2beta1": "speech", "github.com/pulumi/pulumi-google-native/sdk/go/google/sqladmin/v1": "sqladmin", "github.com/pulumi/pulumi-google-native/sdk/go/google/sqladmin/v1beta4": "sqladmin", "github.com/pulumi/pulumi-google-native/sdk/go/google/storage/v1": "storage", "github.com/pulumi/pulumi-google-native/sdk/go/google/storagetransfer/v1": "storagetransfer", "github.com/pulumi/pulumi-google-native/sdk/go/google/testing/v1": "testing", "github.com/pulumi/pulumi-google-native/sdk/go/google/texttospeech/v1": "texttospeech", "github.com/pulumi/pulumi-google-native/sdk/go/google/texttospeech/v1beta1": "texttospeech", "github.com/pulumi/pulumi-google-native/sdk/go/google/toolresults/v1beta3": "toolresults", "github.com/pulumi/pulumi-google-native/sdk/go/google/tpu/v1": "tpu", "github.com/pulumi/pulumi-google-native/sdk/go/google/tpu/v1alpha1": "tpu", "github.com/pulumi/pulumi-google-native/sdk/go/google/tpu/v2": "tpu", "github.com/pulumi/pulumi-google-native/sdk/go/google/tpu/v2alpha1": "tpu", "github.com/pulumi/pulumi-google-native/sdk/go/google/trafficdirector/v2": "trafficdirector", "github.com/pulumi/pulumi-google-native/sdk/go/google/trafficdirector/v3": "trafficdirector", "github.com/pulumi/pulumi-google-native/sdk/go/google/transcoder/v1": "transcoder", "github.com/pulumi/pulumi-google-native/sdk/go/google/translate/v2": "translate", "github.com/pulumi/pulumi-google-native/sdk/go/google/translate/v3": "translate", "github.com/pulumi/pulumi-google-native/sdk/go/google/translate/v3beta1": "translate", "github.com/pulumi/pulumi-google-native/sdk/go/google/videointelligence/v1": "videointelligence", "github.com/pulumi/pulumi-google-native/sdk/go/google/videointelligence/v1beta2": "videointelligence", "github.com/pulumi/pulumi-google-native/sdk/go/google/vision/v1": "vision", "github.com/pulumi/pulumi-google-native/sdk/go/google/vmmigration/v1": "vmmigration", "github.com/pulumi/pulumi-google-native/sdk/go/google/vmmigration/v1alpha1": "vmmigration", "github.com/pulumi/pulumi-google-native/sdk/go/google/vmwareengine/v1": "vmwareengine", "github.com/pulumi/pulumi-google-native/sdk/go/google/vpcaccess/v1": "vpcaccess", "github.com/pulumi/pulumi-google-native/sdk/go/google/vpcaccess/v1beta1": "vpcaccess", "github.com/pulumi/pulumi-google-native/sdk/go/google/webrisk/v1": "webrisk", "github.com/pulumi/pulumi-google-native/sdk/go/google/websecurityscanner/v1": "websecurityscanner", "github.com/pulumi/pulumi-google-native/sdk/go/google/websecurityscanner/v1alpha": "websecurityscanner", "github.com/pulumi/pulumi-google-native/sdk/go/google/websecurityscanner/v1beta": "websecurityscanner", "github.com/pulumi/pulumi-google-native/sdk/go/google/workflowexecutions/v1": "workflowexecutions", "github.com/pulumi/pulumi-google-native/sdk/go/google/workflowexecutions/v1beta": "workflowexecutions", "github.com/pulumi/pulumi-google-native/sdk/go/google/workflows/v1": "workflows", "github.com/pulumi/pulumi-google-native/sdk/go/google/workflows/v1beta": "workflows", "github.com/pulumi/pulumi-google-native/sdk/go/google/workloadmanager/v1": "workloadmanager", "github.com/pulumi/pulumi-google-native/sdk/go/google/workstations/v1": "workstations", "github.com/pulumi/pulumi-google-native/sdk/go/google/workstations/v1beta": "workstations" } }, "java": { "liftSingleValueMethodReturns": true, "packages": { "accessapproval/v1": "accessapproval.v1", "accesscontextmanager/v1": "accesscontextmanager.v1", "accesscontextmanager/v1beta": "accesscontextmanager.v1beta", "advisorynotifications/v1": "advisorynotifications.v1", "aiplatform/v1": "aiplatform.v1", "aiplatform/v1beta1": "aiplatform.v1beta1", "alloydb/v1": "alloydb.v1", "alloydb/v1alpha": "alloydb.v1alpha", "alloydb/v1beta": "alloydb.v1beta", "analyticshub/v1": "analyticshub.v1", "analyticshub/v1beta1": "analyticshub.v1beta1", "apigateway/v1": "apigateway.v1", "apigateway/v1beta": "apigateway.v1beta", "apigee/v1": "apigee.v1", "apigeeregistry/v1": "apigeeregistry.v1", "apikeys/v2": "apikeys.v2", "appengine/v1": "appengine.v1", "appengine/v1alpha": "appengine.v1alpha", "appengine/v1beta": "appengine.v1beta", "artifactregistry/v1": "artifactregistry.v1", "artifactregistry/v1beta1": "artifactregistry.v1beta1", "artifactregistry/v1beta2": "artifactregistry.v1beta2", "assuredworkloads/v1": "assuredworkloads.v1", "assuredworkloads/v1beta1": "assuredworkloads.v1beta1", "backupdr/v1": "backupdr.v1", "baremetalsolution/v1": "baremetalsolution.v1", "baremetalsolution/v2": "baremetalsolution.v2", "batch/v1": "batch.v1", "beyondcorp/v1": "beyondcorp.v1", "beyondcorp/v1alpha": "beyondcorp.v1alpha", "biglake/v1": "biglake.v1", "bigquery/v2": "bigquery.v2", "bigqueryconnection/v1beta1": "bigqueryconnection.v1beta1", "bigquerydatapolicy/v1": "bigquerydatapolicy.v1", "bigquerydatatransfer/v1": "bigquerydatatransfer.v1", "bigqueryreservation/v1": "bigqueryreservation.v1", "bigqueryreservation/v1beta1": "bigqueryreservation.v1beta1", "bigtableadmin/v1": "bigtableadmin.v1", "bigtableadmin/v2": "bigtableadmin.v2", "billingbudgets/v1": "billingbudgets.v1", "billingbudgets/v1beta1": "billingbudgets.v1beta1", "binaryauthorization/v1": "binaryauthorization.v1", "binaryauthorization/v1beta1": "binaryauthorization.v1beta1", "blockchainnodeengine/v1": "blockchainnodeengine.v1", "certificatemanager/v1": "certificatemanager.v1", "cloudasset/v1": "cloudasset.v1", "cloudasset/v1beta1": "cloudasset.v1beta1", "cloudbilling/v1": "cloudbilling.v1", "cloudbilling/v1beta": "cloudbilling.v1beta", "cloudbuild/v1": "cloudbuild.v1", "cloudbuild/v1alpha1": "cloudbuild.v1alpha1", "cloudbuild/v1alpha2": "cloudbuild.v1alpha2", "cloudbuild/v1beta1": "cloudbuild.v1beta1", "cloudbuild/v2": "cloudbuild.v2", "cloudchannel/v1": "cloudchannel.v1", "clouddebugger/v2": "clouddebugger.v2", "clouddeploy/v1": "clouddeploy.v1", "clouderrorreporting/v1beta1": "clouderrorreporting.v1beta1", "cloudfunctions/v1": "cloudfunctions.v1", "cloudfunctions/v2": "cloudfunctions.v2", "cloudfunctions/v2alpha": "cloudfunctions.v2alpha", "cloudfunctions/v2beta": "cloudfunctions.v2beta", "cloudidentity/v1": "cloudidentity.v1", "cloudidentity/v1beta1": "cloudidentity.v1beta1", "cloudiot/v1": "cloudiot.v1", "cloudkms/v1": "cloudkms.v1", "cloudprofiler/v2": "cloudprofiler.v2", "cloudresourcemanager/v1": "cloudresourcemanager.v1", "cloudresourcemanager/v1beta1": "cloudresourcemanager.v1beta1", "cloudresourcemanager/v2": "cloudresourcemanager.v2", "cloudresourcemanager/v2beta1": "cloudresourcemanager.v2beta1", "cloudresourcemanager/v3": "cloudresourcemanager.v3", "cloudscheduler/v1": "cloudscheduler.v1", "cloudscheduler/v1beta1": "cloudscheduler.v1beta1", "cloudsearch/v1": "cloudsearch.v1", "cloudshell/v1": "cloudshell.v1", "cloudsupport/v2": "cloudsupport.v2", "cloudsupport/v2beta": "cloudsupport.v2beta", "cloudtasks/v2": "cloudtasks.v2", "cloudtasks/v2beta2": "cloudtasks.v2beta2", "cloudtasks/v2beta3": "cloudtasks.v2beta3", "cloudtrace/v1": "cloudtrace.v1", "cloudtrace/v2": "cloudtrace.v2", "cloudtrace/v2beta1": "cloudtrace.v2beta1", "composer/v1": "composer.v1", "composer/v1beta1": "composer.v1beta1", "compute/alpha": "compute.alpha", "compute/beta": "compute.beta", "compute/v1": "compute.v1", "connectors/v1": "connectors.v1", "connectors/v2": "connectors.v2", "contactcenteraiplatform/v1alpha1": "contactcenteraiplatform.v1alpha1", "contactcenterinsights/v1": "contactcenterinsights.v1", "container/v1": "container.v1", "container/v1beta1": "container.v1beta1", "containeranalysis/v1": "containeranalysis.v1", "containeranalysis/v1alpha1": "containeranalysis.v1alpha1", "containeranalysis/v1beta1": "containeranalysis.v1beta1", "contentwarehouse/v1": "contentwarehouse.v1", "datacatalog/v1": "datacatalog.v1", "datacatalog/v1beta1": "datacatalog.v1beta1", "dataflow/v1b3": "dataflow.v1b3", "dataform/v1beta1": "dataform.v1beta1", "datafusion/v1": "datafusion.v1", "datafusion/v1beta1": "datafusion.v1beta1", "datalabeling/v1beta1": "datalabeling.v1beta1", "datalineage/v1": "datalineage.v1", "datamigration/v1": "datamigration.v1", "datamigration/v1beta1": "datamigration.v1beta1", "datapipelines/v1": "datapipelines.v1", "dataplex/v1": "dataplex.v1", "dataproc/v1": "dataproc.v1", "dataproc/v1beta2": "dataproc.v1beta2", "datastore/v1": "datastore.v1", "datastore/v1beta1": "datastore.v1beta1", "datastore/v1beta3": "datastore.v1beta3", "datastream/v1": "datastream.v1", "datastream/v1alpha1": "datastream.v1alpha1", "deploymentmanager/alpha": "deploymentmanager.alpha", "deploymentmanager/v2": "deploymentmanager.v2", "deploymentmanager/v2beta": "deploymentmanager.v2beta", "dialogflow/v2": "dialogflow.v2", "dialogflow/v2beta1": "dialogflow.v2beta1", "dialogflow/v3": "dialogflow.v3", "dialogflow/v3beta1": "dialogflow.v3beta1", "discoveryengine/v1alpha": "discoveryengine.v1alpha", "discoveryengine/v1beta": "discoveryengine.v1beta", "dlp/v2": "dlp.v2", "dns/v1": "dns.v1", "dns/v1beta2": "dns.v1beta2", "documentai/v1": "documentai.v1", "documentai/v1beta2": "documentai.v1beta2", "documentai/v1beta3": "documentai.v1beta3", "domains/v1": "domains.v1", "domains/v1alpha2": "domains.v1alpha2", "domains/v1beta1": "domains.v1beta1", "essentialcontacts/v1": "essentialcontacts.v1", "eventarc/v1": "eventarc.v1", "eventarc/v1beta1": "eventarc.v1beta1", "fcm/v1": "fcm.v1", "fcmdata/v1beta1": "fcmdata.v1beta1", "file/v1": "file.v1", "file/v1beta1": "file.v1beta1", "firebase/v1beta1": "firebase.v1beta1", "firebaseappcheck/v1": "firebaseappcheck.v1", "firebaseappcheck/v1beta": "firebaseappcheck.v1beta", "firebaseappdistribution/v1": "firebaseappdistribution.v1", "firebasedatabase/v1beta": "firebasedatabase.v1beta", "firebasedynamiclinks/v1": "firebasedynamiclinks.v1", "firebasehosting/v1": "firebasehosting.v1", "firebasehosting/v1beta1": "firebasehosting.v1beta1", "firebaseml/v1": "firebaseml.v1", "firebaseml/v1beta2": "firebaseml.v1beta2", "firebaserules/v1": "firebaserules.v1", "firebasestorage/v1beta": "firebasestorage.v1beta", "firestore/v1": "firestore.v1", "firestore/v1beta1": "firestore.v1beta1", "firestore/v1beta2": "firestore.v1beta2", "gameservices/v1": "gameservices.v1", "gameservices/v1beta": "gameservices.v1beta", "genomics/v1": "genomics.v1", "genomics/v1alpha2": "genomics.v1alpha2", "genomics/v2alpha1": "genomics.v2alpha1", "gkebackup/v1": "gkebackup.v1", "gkehub/v1": "gkehub.v1", "gkehub/v1alpha": "gkehub.v1alpha", "gkehub/v1alpha2": "gkehub.v1alpha2", "gkehub/v1beta": "gkehub.v1beta", "gkehub/v1beta1": "gkehub.v1beta1", "gkehub/v2alpha": "gkehub.v2alpha", "gkeonprem/v1": "gkeonprem.v1", "healthcare/v1": "healthcare.v1", "healthcare/v1beta1": "healthcare.v1beta1", "iam/v1": "iam.v1", "iam/v2": "iam.v2", "iam/v2beta": "iam.v2beta", "iamcredentials/v1": "iamcredentials.v1", "iap/v1": "iap.v1", "iap/v1beta1": "iap.v1beta1", "identitytoolkit/v1": "identitytoolkit.v1", "identitytoolkit/v2": "identitytoolkit.v2", "identitytoolkit/v3": "identitytoolkit.v3", "ids/v1": "ids.v1", "integrations/v1alpha": "integrations.v1alpha", "jobs/v3": "jobs.v3", "jobs/v4": "jobs.v4", "kmsinventory/v1": "kmsinventory.v1", "language/v1": "language.v1", "language/v1beta1": "language.v1beta1", "language/v1beta2": "language.v1beta2", "language/v2": "language.v2", "libraryagent/v1": "libraryagent.v1", "lifesciences/v2beta": "lifesciences.v2beta", "logging/v2": "logging.v2", "looker/v1": "looker.v1", "managedidentities/v1": "managedidentities.v1", "managedidentities/v1alpha1": "managedidentities.v1alpha1", "managedidentities/v1beta1": "managedidentities.v1beta1", "memcache/v1": "memcache.v1", "memcache/v1beta2": "memcache.v1beta2", "metastore/v1": "metastore.v1", "metastore/v1alpha": "metastore.v1alpha", "metastore/v1beta": "metastore.v1beta", "migrationcenter/v1": "migrationcenter.v1", "migrationcenter/v1alpha1": "migrationcenter.v1alpha1", "ml/v1": "ml.v1", "monitoring/v1": "monitoring.v1", "monitoring/v3": "monitoring.v3", "networkconnectivity/v1": "networkconnectivity.v1", "networkconnectivity/v1alpha1": "networkconnectivity.v1alpha1", "networkmanagement/v1": "networkmanagement.v1", "networkmanagement/v1beta1": "networkmanagement.v1beta1", "networksecurity/v1": "networksecurity.v1", "networksecurity/v1beta1": "networksecurity.v1beta1", "networkservices/v1": "networkservices.v1", "networkservices/v1beta1": "networkservices.v1beta1", "notebooks/v1": "notebooks.v1", "notebooks/v2": "notebooks.v2", "ondemandscanning/v1": "ondemandscanning.v1", "ondemandscanning/v1beta1": "ondemandscanning.v1beta1", "orgpolicy/v2": "orgpolicy.v2", "osconfig/v1": "osconfig.v1", "osconfig/v1alpha": "osconfig.v1alpha", "osconfig/v1beta": "osconfig.v1beta", "oslogin/v1": "oslogin.v1", "oslogin/v1alpha": "oslogin.v1alpha", "oslogin/v1beta": "oslogin.v1beta", "playgrouping/v1alpha1": "playgrouping.v1alpha1", "policysimulator/v1": "policysimulator.v1", "policysimulator/v1alpha": "policysimulator.v1alpha", "policysimulator/v1beta": "policysimulator.v1beta", "policysimulator/v1beta1": "policysimulator.v1beta1", "policytroubleshooter/v1": "policytroubleshooter.v1", "policytroubleshooter/v1beta": "policytroubleshooter.v1beta", "privateca/v1": "privateca.v1", "privateca/v1beta1": "privateca.v1beta1", "publicca/v1": "publicca.v1", "publicca/v1alpha1": "publicca.v1alpha1", "publicca/v1beta1": "publicca.v1beta1", "pubsub/v1": "pubsub.v1", "pubsub/v1beta1a": "pubsub.v1beta1a", "pubsub/v1beta2": "pubsub.v1beta2", "pubsublite/v1": "pubsublite.v1", "rapidmigrationassessment/v1": "rapidmigrationassessment.v1", "recaptchaenterprise/v1": "recaptchaenterprise.v1", "recommendationengine/v1beta1": "recommendationengine.v1beta1", "recommender/v1": "recommender.v1", "recommender/v1beta1": "recommender.v1beta1", "redis/v1": "redis.v1", "redis/v1beta1": "redis.v1beta1", "remotebuildexecution/v1": "remotebuildexecution.v1", "remotebuildexecution/v1alpha": "remotebuildexecution.v1alpha", "remotebuildexecution/v2": "remotebuildexecution.v2", "resourcesettings/v1": "resourcesettings.v1", "retail/v2": "retail.v2", "retail/v2alpha": "retail.v2alpha", "retail/v2beta": "retail.v2beta", "run/v1": "run.v1", "run/v2": "run.v2", "runtimeconfig/v1": "runtimeconfig.v1", "runtimeconfig/v1beta1": "runtimeconfig.v1beta1", "secretmanager/v1": "secretmanager.v1", "secretmanager/v1beta1": "secretmanager.v1beta1", "securitycenter/v1": "securitycenter.v1", "securitycenter/v1beta1": "securitycenter.v1beta1", "securitycenter/v1beta2": "securitycenter.v1beta2", "serviceconsumermanagement/v1": "serviceconsumermanagement.v1", "serviceconsumermanagement/v1beta1": "serviceconsumermanagement.v1beta1", "servicecontrol/v1": "servicecontrol.v1", "servicecontrol/v2": "servicecontrol.v2", "servicedirectory/v1": "servicedirectory.v1", "servicedirectory/v1beta1": "servicedirectory.v1beta1", "servicemanagement/v1": "servicemanagement.v1", "servicenetworking/v1": "servicenetworking.v1", "servicenetworking/v1beta": "servicenetworking.v1beta", "serviceusage/v1": "serviceusage.v1", "serviceusage/v1beta1": "serviceusage.v1beta1", "sourcerepo/v1": "sourcerepo.v1", "spanner/v1": "spanner.v1", "speech/v1": "speech.v1", "speech/v2beta1": "speech.v2beta1", "sqladmin/v1": "sqladmin.v1", "sqladmin/v1beta4": "sqladmin.v1beta4", "storage/v1": "storage.v1", "storagetransfer/v1": "storagetransfer.v1", "testing/v1": "testing.v1", "texttospeech/v1": "texttospeech.v1", "texttospeech/v1beta1": "texttospeech.v1beta1", "toolresults/v1beta3": "toolresults.v1beta3", "tpu/v1": "tpu.v1", "tpu/v1alpha1": "tpu.v1alpha1", "tpu/v2": "tpu.v2", "tpu/v2alpha1": "tpu.v2alpha1", "trafficdirector/v2": "trafficdirector.v2", "trafficdirector/v3": "trafficdirector.v3", "transcoder/v1": "transcoder.v1", "translate/v2": "translate.v2", "translate/v3": "translate.v3", "translate/v3beta1": "translate.v3beta1", "videointelligence/v1": "videointelligence.v1", "videointelligence/v1beta2": "videointelligence.v1beta2", "vision/v1": "vision.v1", "vmmigration/v1": "vmmigration.v1", "vmmigration/v1alpha1": "vmmigration.v1alpha1", "vmwareengine/v1": "vmwareengine.v1", "vpcaccess/v1": "vpcaccess.v1", "vpcaccess/v1beta1": "vpcaccess.v1beta1", "webrisk/v1": "webrisk.v1", "websecurityscanner/v1": "websecurityscanner.v1", "websecurityscanner/v1alpha": "websecurityscanner.v1alpha", "websecurityscanner/v1beta": "websecurityscanner.v1beta", "workflowexecutions/v1": "workflowexecutions.v1", "workflowexecutions/v1beta": "workflowexecutions.v1beta", "workflows/v1": "workflows.v1", "workflows/v1beta": "workflows.v1beta", "workloadmanager/v1": "workloadmanager.v1", "workstations/v1": "workstations.v1", "workstations/v1beta": "workstations.v1beta" } }, "nodejs": { "dependencies": { "@pulumi/pulumi": "^3.0.0" }, "liftSingleValueMethodReturns": true, "readme": "The native Google Cloud Provider for Pulumi lets you provision Google Cloud resources in your cloud\nprograms. This provider uses the Google Cloud REST API directly and therefore provides full access to Google Cloud.\nThe provider is currently in public preview and is not recommended for production deployments yet. Breaking changes\nwill be introduced in minor version releases." }, "python": { "liftSingleValueMethodReturns": true, "moduleNameOverrides": { "accessapproval/v1": "accessapproval/v1", "accesscontextmanager/v1": "accesscontextmanager/v1", "accesscontextmanager/v1beta": "accesscontextmanager/v1beta", "advisorynotifications/v1": "advisorynotifications/v1", "aiplatform/v1": "aiplatform/v1", "aiplatform/v1beta1": "aiplatform/v1beta1", "alloydb/v1": "alloydb/v1", "alloydb/v1alpha": "alloydb/v1alpha", "alloydb/v1beta": "alloydb/v1beta", "analyticshub/v1": "analyticshub/v1", "analyticshub/v1beta1": "analyticshub/v1beta1", "apigateway/v1": "apigateway/v1", "apigateway/v1beta": "apigateway/v1beta", "apigee/v1": "apigee/v1", "apigeeregistry/v1": "apigeeregistry/v1", "apikeys/v2": "apikeys/v2", "appengine/v1": "appengine/v1", "appengine/v1alpha": "appengine/v1alpha", "appengine/v1beta": "appengine/v1beta", "artifactregistry/v1": "artifactregistry/v1", "artifactregistry/v1beta1": "artifactregistry/v1beta1", "artifactregistry/v1beta2": "artifactregistry/v1beta2", "assuredworkloads/v1": "assuredworkloads/v1", "assuredworkloads/v1beta1": "assuredworkloads/v1beta1", "backupdr/v1": "backupdr/v1", "baremetalsolution/v1": "baremetalsolution/v1", "baremetalsolution/v2": "baremetalsolution/v2", "batch/v1": "batch/v1", "beyondcorp/v1": "beyondcorp/v1", "beyondcorp/v1alpha": "beyondcorp/v1alpha", "biglake/v1": "biglake/v1", "bigquery/v2": "bigquery/v2", "bigqueryconnection/v1beta1": "bigqueryconnection/v1beta1", "bigquerydatapolicy/v1": "bigquerydatapolicy/v1", "bigquerydatatransfer/v1": "bigquerydatatransfer/v1", "bigqueryreservation/v1": "bigqueryreservation/v1", "bigqueryreservation/v1beta1": "bigqueryreservation/v1beta1", "bigtableadmin/v1": "bigtableadmin/v1", "bigtableadmin/v2": "bigtableadmin/v2", "billingbudgets/v1": "billingbudgets/v1", "billingbudgets/v1beta1": "billingbudgets/v1beta1", "binaryauthorization/v1": "binaryauthorization/v1", "binaryauthorization/v1beta1": "binaryauthorization/v1beta1", "blockchainnodeengine/v1": "blockchainnodeengine/v1", "certificatemanager/v1": "certificatemanager/v1", "cloudasset/v1": "cloudasset/v1", "cloudasset/v1beta1": "cloudasset/v1beta1", "cloudbilling/v1": "cloudbilling/v1", "cloudbilling/v1beta": "cloudbilling/v1beta", "cloudbuild/v1": "cloudbuild/v1", "cloudbuild/v1alpha1": "cloudbuild/v1alpha1", "cloudbuild/v1alpha2": "cloudbuild/v1alpha2", "cloudbuild/v1beta1": "cloudbuild/v1beta1", "cloudbuild/v2": "cloudbuild/v2", "cloudchannel/v1": "cloudchannel/v1", "clouddebugger/v2": "clouddebugger/v2", "clouddeploy/v1": "clouddeploy/v1", "clouderrorreporting/v1beta1": "clouderrorreporting/v1beta1", "cloudfunctions/v1": "cloudfunctions/v1", "cloudfunctions/v2": "cloudfunctions/v2", "cloudfunctions/v2alpha": "cloudfunctions/v2alpha", "cloudfunctions/v2beta": "cloudfunctions/v2beta", "cloudidentity/v1": "cloudidentity/v1", "cloudidentity/v1beta1": "cloudidentity/v1beta1", "cloudiot/v1": "cloudiot/v1", "cloudkms/v1": "cloudkms/v1", "cloudprofiler/v2": "cloudprofiler/v2", "cloudresourcemanager/v1": "cloudresourcemanager/v1", "cloudresourcemanager/v1beta1": "cloudresourcemanager/v1beta1", "cloudresourcemanager/v2": "cloudresourcemanager/v2", "cloudresourcemanager/v2beta1": "cloudresourcemanager/v2beta1", "cloudresourcemanager/v3": "cloudresourcemanager/v3", "cloudscheduler/v1": "cloudscheduler/v1", "cloudscheduler/v1beta1": "cloudscheduler/v1beta1", "cloudsearch/v1": "cloudsearch/v1", "cloudshell/v1": "cloudshell/v1", "cloudsupport/v2": "cloudsupport/v2", "cloudsupport/v2beta": "cloudsupport/v2beta", "cloudtasks/v2": "cloudtasks/v2", "cloudtasks/v2beta2": "cloudtasks/v2beta2", "cloudtasks/v2beta3": "cloudtasks/v2beta3", "cloudtrace/v1": "cloudtrace/v1", "cloudtrace/v2": "cloudtrace/v2", "cloudtrace/v2beta1": "cloudtrace/v2beta1", "composer/v1": "composer/v1", "composer/v1beta1": "composer/v1beta1", "compute/alpha": "compute/alpha", "compute/beta": "compute/beta", "compute/v1": "compute/v1", "connectors/v1": "connectors/v1", "connectors/v2": "connectors/v2", "contactcenteraiplatform/v1alpha1": "contactcenteraiplatform/v1alpha1", "contactcenterinsights/v1": "contactcenterinsights/v1", "container/v1": "container/v1", "container/v1beta1": "container/v1beta1", "containeranalysis/v1": "containeranalysis/v1", "containeranalysis/v1alpha1": "containeranalysis/v1alpha1", "containeranalysis/v1beta1": "containeranalysis/v1beta1", "contentwarehouse/v1": "contentwarehouse/v1", "datacatalog/v1": "datacatalog/v1", "datacatalog/v1beta1": "datacatalog/v1beta1", "dataflow/v1b3": "dataflow/v1b3", "dataform/v1beta1": "dataform/v1beta1", "datafusion/v1": "datafusion/v1", "datafusion/v1beta1": "datafusion/v1beta1", "datalabeling/v1beta1": "datalabeling/v1beta1", "datalineage/v1": "datalineage/v1", "datamigration/v1": "datamigration/v1", "datamigration/v1beta1": "datamigration/v1beta1", "datapipelines/v1": "datapipelines/v1", "dataplex/v1": "dataplex/v1", "dataproc/v1": "dataproc/v1", "dataproc/v1beta2": "dataproc/v1beta2", "datastore/v1": "datastore/v1", "datastore/v1beta1": "datastore/v1beta1", "datastore/v1beta3": "datastore/v1beta3", "datastream/v1": "datastream/v1", "datastream/v1alpha1": "datastream/v1alpha1", "deploymentmanager/alpha": "deploymentmanager/alpha", "deploymentmanager/v2": "deploymentmanager/v2", "deploymentmanager/v2beta": "deploymentmanager/v2beta", "dialogflow/v2": "dialogflow/v2", "dialogflow/v2beta1": "dialogflow/v2beta1", "dialogflow/v3": "dialogflow/v3", "dialogflow/v3beta1": "dialogflow/v3beta1", "discoveryengine/v1alpha": "discoveryengine/v1alpha", "discoveryengine/v1beta": "discoveryengine/v1beta", "dlp/v2": "dlp/v2", "dns/v1": "dns/v1", "dns/v1beta2": "dns/v1beta2", "documentai/v1": "documentai/v1", "documentai/v1beta2": "documentai/v1beta2", "documentai/v1beta3": "documentai/v1beta3", "domains/v1": "domains/v1", "domains/v1alpha2": "domains/v1alpha2", "domains/v1beta1": "domains/v1beta1", "essentialcontacts/v1": "essentialcontacts/v1", "eventarc/v1": "eventarc/v1", "eventarc/v1beta1": "eventarc/v1beta1", "fcm/v1": "fcm/v1", "fcmdata/v1beta1": "fcmdata/v1beta1", "file/v1": "file/v1", "file/v1beta1": "file/v1beta1", "firebase/v1beta1": "firebase/v1beta1", "firebaseappcheck/v1": "firebaseappcheck/v1", "firebaseappcheck/v1beta": "firebaseappcheck/v1beta", "firebaseappdistribution/v1": "firebaseappdistribution/v1", "firebasedatabase/v1beta": "firebasedatabase/v1beta", "firebasedynamiclinks/v1": "firebasedynamiclinks/v1", "firebasehosting/v1": "firebasehosting/v1", "firebasehosting/v1beta1": "firebasehosting/v1beta1", "firebaseml/v1": "firebaseml/v1", "firebaseml/v1beta2": "firebaseml/v1beta2", "firebaserules/v1": "firebaserules/v1", "firebasestorage/v1beta": "firebasestorage/v1beta", "firestore/v1": "firestore/v1", "firestore/v1beta1": "firestore/v1beta1", "firestore/v1beta2": "firestore/v1beta2", "gameservices/v1": "gameservices/v1", "gameservices/v1beta": "gameservices/v1beta", "genomics/v1": "genomics/v1", "genomics/v1alpha2": "genomics/v1alpha2", "genomics/v2alpha1": "genomics/v2alpha1", "gkebackup/v1": "gkebackup/v1", "gkehub/v1": "gkehub/v1", "gkehub/v1alpha": "gkehub/v1alpha", "gkehub/v1alpha2": "gkehub/v1alpha2", "gkehub/v1beta": "gkehub/v1beta", "gkehub/v1beta1": "gkehub/v1beta1", "gkehub/v2alpha": "gkehub/v2alpha", "gkeonprem/v1": "gkeonprem/v1", "healthcare/v1": "healthcare/v1", "healthcare/v1beta1": "healthcare/v1beta1", "iam/v1": "iam/v1", "iam/v2": "iam/v2", "iam/v2beta": "iam/v2beta", "iamcredentials/v1": "iamcredentials/v1", "iap/v1": "iap/v1", "iap/v1beta1": "iap/v1beta1", "identitytoolkit/v1": "identitytoolkit/v1", "identitytoolkit/v2": "identitytoolkit/v2", "identitytoolkit/v3": "identitytoolkit/v3", "ids/v1": "ids/v1", "integrations/v1alpha": "integrations/v1alpha", "jobs/v3": "jobs/v3", "jobs/v4": "jobs/v4", "kmsinventory/v1": "kmsinventory/v1", "language/v1": "language/v1", "language/v1beta1": "language/v1beta1", "language/v1beta2": "language/v1beta2", "language/v2": "language/v2", "libraryagent/v1": "libraryagent/v1", "lifesciences/v2beta": "lifesciences/v2beta", "logging/v2": "logging/v2", "looker/v1": "looker/v1", "managedidentities/v1": "managedidentities/v1", "managedidentities/v1alpha1": "managedidentities/v1alpha1", "managedidentities/v1beta1": "managedidentities/v1beta1", "memcache/v1": "memcache/v1", "memcache/v1beta2": "memcache/v1beta2", "metastore/v1": "metastore/v1", "metastore/v1alpha": "metastore/v1alpha", "metastore/v1beta": "metastore/v1beta", "migrationcenter/v1": "migrationcenter/v1", "migrationcenter/v1alpha1": "migrationcenter/v1alpha1", "ml/v1": "ml/v1", "monitoring/v1": "monitoring/v1", "monitoring/v3": "monitoring/v3", "networkconnectivity/v1": "networkconnectivity/v1", "networkconnectivity/v1alpha1": "networkconnectivity/v1alpha1", "networkmanagement/v1": "networkmanagement/v1", "networkmanagement/v1beta1": "networkmanagement/v1beta1", "networksecurity/v1": "networksecurity/v1", "networksecurity/v1beta1": "networksecurity/v1beta1", "networkservices/v1": "networkservices/v1", "networkservices/v1beta1": "networkservices/v1beta1", "notebooks/v1": "notebooks/v1", "notebooks/v2": "notebooks/v2", "ondemandscanning/v1": "ondemandscanning/v1", "ondemandscanning/v1beta1": "ondemandscanning/v1beta1", "orgpolicy/v2": "orgpolicy/v2", "osconfig/v1": "osconfig/v1", "osconfig/v1alpha": "osconfig/v1alpha", "osconfig/v1beta": "osconfig/v1beta", "oslogin/v1": "oslogin/v1", "oslogin/v1alpha": "oslogin/v1alpha", "oslogin/v1beta": "oslogin/v1beta", "playgrouping/v1alpha1": "playgrouping/v1alpha1", "policysimulator/v1": "policysimulator/v1", "policysimulator/v1alpha": "policysimulator/v1alpha", "policysimulator/v1beta": "policysimulator/v1beta", "policysimulator/v1beta1": "policysimulator/v1beta1", "policytroubleshooter/v1": "policytroubleshooter/v1", "policytroubleshooter/v1beta": "policytroubleshooter/v1beta", "privateca/v1": "privateca/v1", "privateca/v1beta1": "privateca/v1beta1", "publicca/v1": "publicca/v1", "publicca/v1alpha1": "publicca/v1alpha1", "publicca/v1beta1": "publicca/v1beta1", "pubsub/v1": "pubsub/v1", "pubsub/v1beta1a": "pubsub/v1beta1a", "pubsub/v1beta2": "pubsub/v1beta2", "pubsublite/v1": "pubsublite/v1", "rapidmigrationassessment/v1": "rapidmigrationassessment/v1", "recaptchaenterprise/v1": "recaptchaenterprise/v1", "recommendationengine/v1beta1": "recommendationengine/v1beta1", "recommender/v1": "recommender/v1", "recommender/v1beta1": "recommender/v1beta1", "redis/v1": "redis/v1", "redis/v1beta1": "redis/v1beta1", "remotebuildexecution/v1": "remotebuildexecution/v1", "remotebuildexecution/v1alpha": "remotebuildexecution/v1alpha", "remotebuildexecution/v2": "remotebuildexecution/v2", "resourcesettings/v1": "resourcesettings/v1", "retail/v2": "retail/v2", "retail/v2alpha": "retail/v2alpha", "retail/v2beta": "retail/v2beta", "run/v1": "run/v1", "run/v2": "run/v2", "runtimeconfig/v1": "runtimeconfig/v1", "runtimeconfig/v1beta1": "runtimeconfig/v1beta1", "secretmanager/v1": "secretmanager/v1", "secretmanager/v1beta1": "secretmanager/v1beta1", "securitycenter/v1": "securitycenter/v1", "securitycenter/v1beta1": "securitycenter/v1beta1", "securitycenter/v1beta2": "securitycenter/v1beta2", "serviceconsumermanagement/v1": "serviceconsumermanagement/v1", "serviceconsumermanagement/v1beta1": "serviceconsumermanagement/v1beta1", "servicecontrol/v1": "servicecontrol/v1", "servicecontrol/v2": "servicecontrol/v2", "servicedirectory/v1": "servicedirectory/v1", "servicedirectory/v1beta1": "servicedirectory/v1beta1", "servicemanagement/v1": "servicemanagement/v1", "servicenetworking/v1": "servicenetworking/v1", "servicenetworking/v1beta": "servicenetworking/v1beta", "serviceusage/v1": "serviceusage/v1", "serviceusage/v1beta1": "serviceusage/v1beta1", "sourcerepo/v1": "sourcerepo/v1", "spanner/v1": "spanner/v1", "speech/v1": "speech/v1", "speech/v2beta1": "speech/v2beta1", "sqladmin/v1": "sqladmin/v1", "sqladmin/v1beta4": "sqladmin/v1beta4", "storage/v1": "storage/v1", "storagetransfer/v1": "storagetransfer/v1", "testing/v1": "testing/v1", "texttospeech/v1": "texttospeech/v1", "texttospeech/v1beta1": "texttospeech/v1beta1", "toolresults/v1beta3": "toolresults/v1beta3", "tpu/v1": "tpu/v1", "tpu/v1alpha1": "tpu/v1alpha1", "tpu/v2": "tpu/v2", "tpu/v2alpha1": "tpu/v2alpha1", "trafficdirector/v2": "trafficdirector/v2", "trafficdirector/v3": "trafficdirector/v3", "transcoder/v1": "transcoder/v1", "translate/v2": "translate/v2", "translate/v3": "translate/v3", "translate/v3beta1": "translate/v3beta1", "videointelligence/v1": "videointelligence/v1", "videointelligence/v1beta2": "videointelligence/v1beta2", "vision/v1": "vision/v1", "vmmigration/v1": "vmmigration/v1", "vmmigration/v1alpha1": "vmmigration/v1alpha1", "vmwareengine/v1": "vmwareengine/v1", "vpcaccess/v1": "vpcaccess/v1", "vpcaccess/v1beta1": "vpcaccess/v1beta1", "webrisk/v1": "webrisk/v1", "websecurityscanner/v1": "websecurityscanner/v1", "websecurityscanner/v1alpha": "websecurityscanner/v1alpha", "websecurityscanner/v1beta": "websecurityscanner/v1beta", "workflowexecutions/v1": "workflowexecutions/v1", "workflowexecutions/v1beta": "workflowexecutions/v1beta", "workflows/v1": "workflows/v1", "workflows/v1beta": "workflows/v1beta", "workloadmanager/v1": "workloadmanager/v1", "workstations/v1": "workstations/v1", "workstations/v1beta": "workstations/v1beta" }, "pyproject": { "enabled": true }, "readme": "The native Google Cloud Provider for Pulumi lets you provision Google Cloud resources in your cloud\nprograms. This provider uses the Google Cloud REST API directly and therefore provides full access to Google Cloud.\nThe provider is currently in public preview and is not recommended for production deployments yet. Breaking changes\nwill be introduced in minor version releases.", "requires": { "pulumi": ">=3.0.0,<4.0.0" }, "usesIOClasses": true } }, "config": { "variables": { "appendUserAgent": { "type": "string", "description": "Additional user-agent string to append to the default one (/)." }, "disablePartnerName": { "type": "boolean", "description": "This will disable the Pulumi Partner Name which is used if a custom `partnerName` isn't specified." }, "partnerName": { "type": "string", "description": "A Google Partner Name to facilitate partner resource usage attribution." }, "project": { "type": "string", "description": "The default project to manage resources in. If another project is specified on a resource, it will take precedence." }, "region": { "type": "string", "description": "The default region to manage resources in. If another region is specified on a regional resource, it will take precedence." }, "zone": { "type": "string", "description": "The default zone to manage resources in. Generally, this zone should be within the default region you specified. If another zone is specified on a zonal resource, it will take precedence." } } }, "types": { "google-native:accesscontextmanager/v1:ApiOperation": { "description": "Identification for an API Operation.", "properties": { "methodSelectors": { "type": "array", "items": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:MethodSelector" }, "description": "API methods or permissions to allow. Method or permission must belong to the service specified by `service_name` field. A single MethodSelector entry with `*` specified for the `method` field will allow all methods AND permissions for the service specified in `service_name`." }, "serviceName": { "type": "string", "description": "The name of the API whose methods or permissions the IngressPolicy or EgressPolicy want to allow. A single ApiOperation with `service_name` field set to `*` will allow all methods AND permissions for all services." } }, "type": "object" }, "google-native:accesscontextmanager/v1:ApiOperationResponse": { "description": "Identification for an API Operation.", "properties": { "methodSelectors": { "type": "array", "items": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:MethodSelectorResponse" }, "description": "API methods or permissions to allow. Method or permission must belong to the service specified by `service_name` field. A single MethodSelector entry with `*` specified for the `method` field will allow all methods AND permissions for the service specified in `service_name`." }, "serviceName": { "type": "string", "description": "The name of the API whose methods or permissions the IngressPolicy or EgressPolicy want to allow. A single ApiOperation with `service_name` field set to `*` will allow all methods AND permissions for all services." } }, "type": "object", "required": [ "methodSelectors", "serviceName" ] }, "google-native:accesscontextmanager/v1:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:accesscontextmanager/v1:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:accesscontextmanager/v1:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:accesscontextmanager/v1:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:accesscontextmanager/v1:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:accesscontextmanager/v1:AuthorizedOrgsDescAssetType": { "description": "The asset type of this authorized orgs desc. Valid values are `ASSET_TYPE_DEVICE`, and `ASSET_TYPE_CREDENTIAL_STRENGTH`.", "type": "string", "enum": [ { "name": "AssetTypeUnspecified", "description": "No asset type specified.", "value": "ASSET_TYPE_UNSPECIFIED" }, { "name": "AssetTypeDevice", "description": "Device asset type.", "value": "ASSET_TYPE_DEVICE" }, { "name": "AssetTypeCredentialStrength", "description": "Credential strength asset type.", "value": "ASSET_TYPE_CREDENTIAL_STRENGTH" } ] }, "google-native:accesscontextmanager/v1:AuthorizedOrgsDescAuthorizationDirection": { "description": "The direction of the authorization relationship between this organization and the organizations listed in the `orgs` field. The valid values for this field include the following: `AUTHORIZATION_DIRECTION_FROM`: Allows this organization to evaluate traffic in the organizations listed in the `orgs` field. `AUTHORIZATION_DIRECTION_TO`: Allows the organizations listed in the `orgs` field to evaluate the traffic in this organization. For the authorization relationship to take effect, all of the organizations must authorize and specify the appropriate relationship direction. For example, if organization A authorized organization B and C to evaluate its traffic, by specifying `AUTHORIZATION_DIRECTION_TO` as the authorization direction, organizations B and C must specify `AUTHORIZATION_DIRECTION_FROM` as the authorization direction in their `AuthorizedOrgsDesc` resource.", "type": "string", "enum": [ { "name": "AuthorizationDirectionUnspecified", "description": "No direction specified.", "value": "AUTHORIZATION_DIRECTION_UNSPECIFIED" }, { "name": "AuthorizationDirectionTo", "description": "The specified organizations are authorized to evaluate traffic in this organization.", "value": "AUTHORIZATION_DIRECTION_TO" }, { "name": "AuthorizationDirectionFrom", "description": "The traffic of the specified organizations can be evaluated by this organization.", "value": "AUTHORIZATION_DIRECTION_FROM" } ] }, "google-native:accesscontextmanager/v1:AuthorizedOrgsDescAuthorizationType": { "description": "A granular control type for authorization levels. Valid value is `AUTHORIZATION_TYPE_TRUST`.", "type": "string", "enum": [ { "name": "AuthorizationTypeUnspecified", "description": "No authorization type specified.", "value": "AUTHORIZATION_TYPE_UNSPECIFIED" }, { "name": "AuthorizationTypeTrust", "description": "This authorization relationship is \"trust\".", "value": "AUTHORIZATION_TYPE_TRUST" } ] }, "google-native:accesscontextmanager/v1:BasicLevel": { "description": "`BasicLevel` is an `AccessLevel` using a set of recommended features.", "properties": { "combiningFunction": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:BasicLevelCombiningFunction", "description": "How the `conditions` list should be combined to determine if a request is granted this `AccessLevel`. If AND is used, each `Condition` in `conditions` must be satisfied for the `AccessLevel` to be applied. If OR is used, at least one `Condition` in `conditions` must be satisfied for the `AccessLevel` to be applied. Default behavior is AND." }, "conditions": { "type": "array", "items": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:Condition" }, "description": "A list of requirements for the `AccessLevel` to be granted." } }, "type": "object", "required": [ "conditions" ] }, "google-native:accesscontextmanager/v1:BasicLevelCombiningFunction": { "description": "How the `conditions` list should be combined to determine if a request is granted this `AccessLevel`. If AND is used, each `Condition` in `conditions` must be satisfied for the `AccessLevel` to be applied. If OR is used, at least one `Condition` in `conditions` must be satisfied for the `AccessLevel` to be applied. Default behavior is AND.", "type": "string", "enum": [ { "name": "And", "description": "All `Conditions` must be true for the `BasicLevel` to be true.", "value": "AND" }, { "name": "Or", "description": "If at least one `Condition` is true, then the `BasicLevel` is true.", "value": "OR" } ] }, "google-native:accesscontextmanager/v1:BasicLevelResponse": { "description": "`BasicLevel` is an `AccessLevel` using a set of recommended features.", "properties": { "combiningFunction": { "type": "string", "description": "How the `conditions` list should be combined to determine if a request is granted this `AccessLevel`. If AND is used, each `Condition` in `conditions` must be satisfied for the `AccessLevel` to be applied. If OR is used, at least one `Condition` in `conditions` must be satisfied for the `AccessLevel` to be applied. Default behavior is AND." }, "conditions": { "type": "array", "items": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:ConditionResponse" }, "description": "A list of requirements for the `AccessLevel` to be granted." } }, "type": "object", "required": [ "combiningFunction", "conditions" ] }, "google-native:accesscontextmanager/v1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:accesscontextmanager/v1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:accesscontextmanager/v1:Condition": { "description": "A condition necessary for an `AccessLevel` to be granted. The Condition is an AND over its fields. So a Condition is true if: 1) the request IP is from one of the listed subnetworks AND 2) the originating device complies with the listed device policy AND 3) all listed access levels are granted AND 4) the request was sent at a time allowed by the DateTimeRestriction.", "properties": { "devicePolicy": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:DevicePolicy", "description": "Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed." }, "ipSubnetworks": { "type": "array", "items": { "type": "string" }, "description": "CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, \"192.0.2.0/24\" is accepted but \"192.0.2.1/24\" is not. Similarly, for IPv6, \"2001:db8::/32\" is accepted whereas \"2001:db8::1/32\" is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed." }, "members": { "type": "array", "items": { "type": "string" }, "description": "The request must be made by one of the provided user or service accounts. Groups are not supported. Syntax: `user:{emailid}` `serviceAccount:{emailid}` If not specified, a request may come from any user." }, "negate": { "type": "boolean", "description": "Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields. Any non-empty field criteria evaluating to false will result in the Condition to be satisfied. Defaults to false." }, "regions": { "type": "array", "items": { "type": "string" }, "description": "The request must originate from one of the provided countries/regions. Must be valid ISO 3166-1 alpha-2 codes." }, "requiredAccessLevels": { "type": "array", "items": { "type": "string" }, "description": "A list of other access levels defined in the same `Policy`, referenced by resource name. Referencing an `AccessLevel` which does not exist is an error. All access levels listed must be granted for the Condition to be true. Example: \"`accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME\"`" }, "vpcNetworkSources": { "type": "array", "items": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:VpcNetworkSource" }, "description": "The request must originate from one of the provided VPC networks in Google Cloud. Cannot specify this field together with `ip_subnetworks`." } }, "type": "object" }, "google-native:accesscontextmanager/v1:ConditionResponse": { "description": "A condition necessary for an `AccessLevel` to be granted. The Condition is an AND over its fields. So a Condition is true if: 1) the request IP is from one of the listed subnetworks AND 2) the originating device complies with the listed device policy AND 3) all listed access levels are granted AND 4) the request was sent at a time allowed by the DateTimeRestriction.", "properties": { "devicePolicy": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:DevicePolicyResponse", "description": "Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed." }, "ipSubnetworks": { "type": "array", "items": { "type": "string" }, "description": "CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, \"192.0.2.0/24\" is accepted but \"192.0.2.1/24\" is not. Similarly, for IPv6, \"2001:db8::/32\" is accepted whereas \"2001:db8::1/32\" is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed." }, "members": { "type": "array", "items": { "type": "string" }, "description": "The request must be made by one of the provided user or service accounts. Groups are not supported. Syntax: `user:{emailid}` `serviceAccount:{emailid}` If not specified, a request may come from any user." }, "negate": { "type": "boolean", "description": "Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields. Any non-empty field criteria evaluating to false will result in the Condition to be satisfied. Defaults to false." }, "regions": { "type": "array", "items": { "type": "string" }, "description": "The request must originate from one of the provided countries/regions. Must be valid ISO 3166-1 alpha-2 codes." }, "requiredAccessLevels": { "type": "array", "items": { "type": "string" }, "description": "A list of other access levels defined in the same `Policy`, referenced by resource name. Referencing an `AccessLevel` which does not exist is an error. All access levels listed must be granted for the Condition to be true. Example: \"`accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME\"`" }, "vpcNetworkSources": { "type": "array", "items": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:VpcNetworkSourceResponse" }, "description": "The request must originate from one of the provided VPC networks in Google Cloud. Cannot specify this field together with `ip_subnetworks`." } }, "type": "object", "required": [ "devicePolicy", "ipSubnetworks", "members", "negate", "regions", "requiredAccessLevels", "vpcNetworkSources" ] }, "google-native:accesscontextmanager/v1:CustomLevel": { "description": "`CustomLevel` is an `AccessLevel` using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request. See CEL spec at: https://github.com/google/cel-spec", "properties": { "expr": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:Expr", "description": "A Cloud CEL expression evaluating to a boolean." } }, "type": "object", "required": [ "expr" ] }, "google-native:accesscontextmanager/v1:CustomLevelResponse": { "description": "`CustomLevel` is an `AccessLevel` using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request. See CEL spec at: https://github.com/google/cel-spec", "properties": { "expr": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:ExprResponse", "description": "A Cloud CEL expression evaluating to a boolean." } }, "type": "object", "required": [ "expr" ] }, "google-native:accesscontextmanager/v1:DevicePolicy": { "description": "`DevicePolicy` specifies device specific restrictions necessary to acquire a given access level. A `DevicePolicy` specifies requirements for requests from devices to be granted access levels, it does not do any enforcement on the device. `DevicePolicy` acts as an AND over all specified fields, and each repeated field is an OR over its elements. Any unset fields are ignored. For example, if the proto is { os_type : DESKTOP_WINDOWS, os_type : DESKTOP_LINUX, encryption_status: ENCRYPTED}, then the DevicePolicy will be true for requests originating from encrypted Linux desktops and encrypted Windows desktops.", "properties": { "allowedDeviceManagementLevels": { "type": "array", "items": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:DevicePolicyAllowedDeviceManagementLevelsItem" }, "description": "Allowed device management levels, an empty list allows all management levels." }, "allowedEncryptionStatuses": { "type": "array", "items": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:DevicePolicyAllowedEncryptionStatusesItem" }, "description": "Allowed encryptions statuses, an empty list allows all statuses." }, "osConstraints": { "type": "array", "items": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:OsConstraint" }, "description": "Allowed OS versions, an empty list allows all types and all versions." }, "requireAdminApproval": { "type": "boolean", "description": "Whether the device needs to be approved by the customer admin." }, "requireCorpOwned": { "type": "boolean", "description": "Whether the device needs to be corp owned." }, "requireScreenlock": { "type": "boolean", "description": "Whether or not screenlock is required for the DevicePolicy to be true. Defaults to `false`." } }, "type": "object" }, "google-native:accesscontextmanager/v1:DevicePolicyAllowedDeviceManagementLevelsItem": { "type": "string", "enum": [ { "name": "ManagementUnspecified", "description": "The device's management level is not specified or not known.", "value": "MANAGEMENT_UNSPECIFIED" }, { "name": "None", "description": "The device is not managed.", "value": "NONE" }, { "name": "Basic", "description": "Basic management is enabled, which is generally limited to monitoring and wiping the corporate account.", "value": "BASIC" }, { "name": "Complete", "description": "Complete device management. This includes more thorough monitoring and the ability to directly manage the device (such as remote wiping). This can be enabled through the Android Enterprise Platform.", "value": "COMPLETE" } ] }, "google-native:accesscontextmanager/v1:DevicePolicyAllowedEncryptionStatusesItem": { "type": "string", "enum": [ { "name": "EncryptionUnspecified", "description": "The encryption status of the device is not specified or not known.", "value": "ENCRYPTION_UNSPECIFIED" }, { "name": "EncryptionUnsupported", "description": "The device does not support encryption.", "value": "ENCRYPTION_UNSUPPORTED" }, { "name": "Unencrypted", "description": "The device supports encryption, but is currently unencrypted.", "value": "UNENCRYPTED" }, { "name": "Encrypted", "description": "The device is encrypted.", "value": "ENCRYPTED" } ] }, "google-native:accesscontextmanager/v1:DevicePolicyResponse": { "description": "`DevicePolicy` specifies device specific restrictions necessary to acquire a given access level. A `DevicePolicy` specifies requirements for requests from devices to be granted access levels, it does not do any enforcement on the device. `DevicePolicy` acts as an AND over all specified fields, and each repeated field is an OR over its elements. Any unset fields are ignored. For example, if the proto is { os_type : DESKTOP_WINDOWS, os_type : DESKTOP_LINUX, encryption_status: ENCRYPTED}, then the DevicePolicy will be true for requests originating from encrypted Linux desktops and encrypted Windows desktops.", "properties": { "allowedDeviceManagementLevels": { "type": "array", "items": { "type": "string" }, "description": "Allowed device management levels, an empty list allows all management levels." }, "allowedEncryptionStatuses": { "type": "array", "items": { "type": "string" }, "description": "Allowed encryptions statuses, an empty list allows all statuses." }, "osConstraints": { "type": "array", "items": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:OsConstraintResponse" }, "description": "Allowed OS versions, an empty list allows all types and all versions." }, "requireAdminApproval": { "type": "boolean", "description": "Whether the device needs to be approved by the customer admin." }, "requireCorpOwned": { "type": "boolean", "description": "Whether the device needs to be corp owned." }, "requireScreenlock": { "type": "boolean", "description": "Whether or not screenlock is required for the DevicePolicy to be true. Defaults to `false`." } }, "type": "object", "required": [ "allowedDeviceManagementLevels", "allowedEncryptionStatuses", "osConstraints", "requireAdminApproval", "requireCorpOwned", "requireScreenlock" ] }, "google-native:accesscontextmanager/v1:EgressFrom": { "description": "Defines the conditions under which an EgressPolicy matches a request. Conditions based on information about the source of the request. Note that if the destination of the request is also protected by a ServicePerimeter, then that ServicePerimeter must have an IngressPolicy which allows access in order for this request to succeed.", "properties": { "identities": { "type": "array", "items": { "type": "string" }, "description": "A list of identities that are allowed access through this [EgressPolicy]. Should be in the format of email address. The email address should represent individual user or service account only." }, "identityType": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:EgressFromIdentityType", "description": "Specifies the type of identities that are allowed access to outside the perimeter. If left unspecified, then members of `identities` field will be allowed access." }, "sourceRestriction": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:EgressFromSourceRestriction", "description": "Whether to enforce traffic restrictions based on `sources` field. If the `sources` fields is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`." }, "sources": { "type": "array", "items": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:EgressSource" }, "description": "Sources that this EgressPolicy authorizes access from. If this field is not empty, then `source_restriction` must be set to `SOURCE_RESTRICTION_ENABLED`." } }, "type": "object" }, "google-native:accesscontextmanager/v1:EgressFromIdentityType": { "description": "Specifies the type of identities that are allowed access to outside the perimeter. If left unspecified, then members of `identities` field will be allowed access.", "type": "string", "enum": [ { "name": "IdentityTypeUnspecified", "description": "No blanket identity group specified.", "value": "IDENTITY_TYPE_UNSPECIFIED" }, { "name": "AnyIdentity", "description": "Authorize access from all identities outside the perimeter.", "value": "ANY_IDENTITY" }, { "name": "AnyUserAccount", "description": "Authorize access from all human users outside the perimeter.", "value": "ANY_USER_ACCOUNT" }, { "name": "AnyServiceAccount", "description": "Authorize access from all service accounts outside the perimeter.", "value": "ANY_SERVICE_ACCOUNT" } ] }, "google-native:accesscontextmanager/v1:EgressFromResponse": { "description": "Defines the conditions under which an EgressPolicy matches a request. Conditions based on information about the source of the request. Note that if the destination of the request is also protected by a ServicePerimeter, then that ServicePerimeter must have an IngressPolicy which allows access in order for this request to succeed.", "properties": { "identities": { "type": "array", "items": { "type": "string" }, "description": "A list of identities that are allowed access through this [EgressPolicy]. Should be in the format of email address. The email address should represent individual user or service account only." }, "identityType": { "type": "string", "description": "Specifies the type of identities that are allowed access to outside the perimeter. If left unspecified, then members of `identities` field will be allowed access." }, "sourceRestriction": { "type": "string", "description": "Whether to enforce traffic restrictions based on `sources` field. If the `sources` fields is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`." }, "sources": { "type": "array", "items": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:EgressSourceResponse" }, "description": "Sources that this EgressPolicy authorizes access from. If this field is not empty, then `source_restriction` must be set to `SOURCE_RESTRICTION_ENABLED`." } }, "type": "object", "required": [ "identities", "identityType", "sourceRestriction", "sources" ] }, "google-native:accesscontextmanager/v1:EgressFromSourceRestriction": { "description": "Whether to enforce traffic restrictions based on `sources` field. If the `sources` fields is non-empty, then this field must be set to `SOURCE_RESTRICTION_ENABLED`.", "type": "string", "enum": [ { "name": "SourceRestrictionUnspecified", "description": "Enforcement preference unspecified, will not enforce traffic restrictions based on `sources` in EgressFrom.", "value": "SOURCE_RESTRICTION_UNSPECIFIED" }, { "name": "SourceRestrictionEnabled", "description": "Enforcement preference enabled, traffic restrictions will be enforced based on `sources` in EgressFrom.", "value": "SOURCE_RESTRICTION_ENABLED" }, { "name": "SourceRestrictionDisabled", "description": "Enforcement preference disabled, will not enforce traffic restrictions based on `sources` in EgressFrom.", "value": "SOURCE_RESTRICTION_DISABLED" } ] }, "google-native:accesscontextmanager/v1:EgressPolicy": { "description": "Policy for egress from perimeter. EgressPolicies match requests based on `egress_from` and `egress_to` stanzas. For an EgressPolicy to match, both `egress_from` and `egress_to` stanzas must be matched. If an EgressPolicy matches a request, the request is allowed to span the ServicePerimeter boundary. For example, an EgressPolicy can be used to allow VMs on networks within the ServicePerimeter to access a defined set of projects outside the perimeter in certain contexts (e.g. to read data from a Cloud Storage bucket or query against a BigQuery dataset). EgressPolicies are concerned with the *resources* that a request relates as well as the API services and API actions being used. They do not related to the direction of data movement. More detailed documentation for this concept can be found in the descriptions of EgressFrom and EgressTo.", "properties": { "egressFrom": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:EgressFrom", "description": "Defines conditions on the source of a request causing this EgressPolicy to apply." }, "egressTo": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:EgressTo", "description": "Defines the conditions on the ApiOperation and destination resources that cause this EgressPolicy to apply." } }, "type": "object" }, "google-native:accesscontextmanager/v1:EgressPolicyResponse": { "description": "Policy for egress from perimeter. EgressPolicies match requests based on `egress_from` and `egress_to` stanzas. For an EgressPolicy to match, both `egress_from` and `egress_to` stanzas must be matched. If an EgressPolicy matches a request, the request is allowed to span the ServicePerimeter boundary. For example, an EgressPolicy can be used to allow VMs on networks within the ServicePerimeter to access a defined set of projects outside the perimeter in certain contexts (e.g. to read data from a Cloud Storage bucket or query against a BigQuery dataset). EgressPolicies are concerned with the *resources* that a request relates as well as the API services and API actions being used. They do not related to the direction of data movement. More detailed documentation for this concept can be found in the descriptions of EgressFrom and EgressTo.", "properties": { "egressFrom": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:EgressFromResponse", "description": "Defines conditions on the source of a request causing this EgressPolicy to apply." }, "egressTo": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:EgressToResponse", "description": "Defines the conditions on the ApiOperation and destination resources that cause this EgressPolicy to apply." } }, "type": "object", "required": [ "egressFrom", "egressTo" ] }, "google-native:accesscontextmanager/v1:EgressSource": { "description": "The source that EgressPolicy authorizes access from inside the ServicePerimeter to somewhere outside the ServicePerimeter boundaries.", "properties": { "accessLevel": { "type": "string", "description": "An AccessLevel resource name that allows protected resources inside the ServicePerimeters to access outside the ServicePerimeter boundaries. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel will cause an error. If an AccessLevel name is not specified, only resources within the perimeter can be accessed through Google Cloud calls with request origins within the perimeter. Example: `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If a single `*` is specified for `access_level`, then all EgressSources will be allowed." } }, "type": "object" }, "google-native:accesscontextmanager/v1:EgressSourceResponse": { "description": "The source that EgressPolicy authorizes access from inside the ServicePerimeter to somewhere outside the ServicePerimeter boundaries.", "properties": { "accessLevel": { "type": "string", "description": "An AccessLevel resource name that allows protected resources inside the ServicePerimeters to access outside the ServicePerimeter boundaries. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel will cause an error. If an AccessLevel name is not specified, only resources within the perimeter can be accessed through Google Cloud calls with request origins within the perimeter. Example: `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If a single `*` is specified for `access_level`, then all EgressSources will be allowed." } }, "type": "object", "required": [ "accessLevel" ] }, "google-native:accesscontextmanager/v1:EgressTo": { "description": "Defines the conditions under which an EgressPolicy matches a request. Conditions are based on information about the ApiOperation intended to be performed on the `resources` specified. Note that if the destination of the request is also protected by a ServicePerimeter, then that ServicePerimeter must have an IngressPolicy which allows access in order for this request to succeed. The request must match `operations` AND `resources` fields in order to be allowed egress out of the perimeter.", "properties": { "externalResources": { "type": "array", "items": { "type": "string" }, "description": "A list of external resources that are allowed to be accessed. Only AWS and Azure resources are supported. For Amazon S3, the supported format is s3://BUCKET_NAME. For Azure Storage, the supported format is azure://myaccount.blob.core.windows.net/CONTAINER_NAME. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed." }, "operations": { "type": "array", "items": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:ApiOperation" }, "description": "A list of ApiOperations allowed to be performed by the sources specified in the corresponding EgressFrom. A request matches if it uses an operation/service in this list." }, "resources": { "type": "array", "items": { "type": "string" }, "description": "A list of resources, currently only projects in the form `projects/`, that are allowed to be accessed by sources defined in the corresponding EgressFrom. A request matches if it contains a resource in this list. If `*` is specified for `resources`, then this EgressTo rule will authorize access to all resources outside the perimeter." } }, "type": "object" }, "google-native:accesscontextmanager/v1:EgressToResponse": { "description": "Defines the conditions under which an EgressPolicy matches a request. Conditions are based on information about the ApiOperation intended to be performed on the `resources` specified. Note that if the destination of the request is also protected by a ServicePerimeter, then that ServicePerimeter must have an IngressPolicy which allows access in order for this request to succeed. The request must match `operations` AND `resources` fields in order to be allowed egress out of the perimeter.", "properties": { "externalResources": { "type": "array", "items": { "type": "string" }, "description": "A list of external resources that are allowed to be accessed. Only AWS and Azure resources are supported. For Amazon S3, the supported format is s3://BUCKET_NAME. For Azure Storage, the supported format is azure://myaccount.blob.core.windows.net/CONTAINER_NAME. A request matches if it contains an external resource in this list (Example: s3://bucket/path). Currently '*' is not allowed." }, "operations": { "type": "array", "items": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:ApiOperationResponse" }, "description": "A list of ApiOperations allowed to be performed by the sources specified in the corresponding EgressFrom. A request matches if it uses an operation/service in this list." }, "resources": { "type": "array", "items": { "type": "string" }, "description": "A list of resources, currently only projects in the form `projects/`, that are allowed to be accessed by sources defined in the corresponding EgressFrom. A request matches if it contains a resource in this list. If `*` is specified for `resources`, then this EgressTo rule will authorize access to all resources outside the perimeter." } }, "type": "object", "required": [ "externalResources", "operations", "resources" ] }, "google-native:accesscontextmanager/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:accesscontextmanager/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:accesscontextmanager/v1:IngressFrom": { "description": "Defines the conditions under which an IngressPolicy matches a request. Conditions are based on information about the source of the request. The request must satisfy what is defined in `sources` AND identity related fields in order to match.", "properties": { "identities": { "type": "array", "items": { "type": "string" }, "description": "A list of identities that are allowed access through this ingress policy. Should be in the format of email address. The email address should represent individual user or service account only." }, "identityType": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:IngressFromIdentityType", "description": "Specifies the type of identities that are allowed access from outside the perimeter. If left unspecified, then members of `identities` field will be allowed access." }, "sources": { "type": "array", "items": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:IngressSource" }, "description": "Sources that this IngressPolicy authorizes access from." } }, "type": "object" }, "google-native:accesscontextmanager/v1:IngressFromIdentityType": { "description": "Specifies the type of identities that are allowed access from outside the perimeter. If left unspecified, then members of `identities` field will be allowed access.", "type": "string", "enum": [ { "name": "IdentityTypeUnspecified", "description": "No blanket identity group specified.", "value": "IDENTITY_TYPE_UNSPECIFIED" }, { "name": "AnyIdentity", "description": "Authorize access from all identities outside the perimeter.", "value": "ANY_IDENTITY" }, { "name": "AnyUserAccount", "description": "Authorize access from all human users outside the perimeter.", "value": "ANY_USER_ACCOUNT" }, { "name": "AnyServiceAccount", "description": "Authorize access from all service accounts outside the perimeter.", "value": "ANY_SERVICE_ACCOUNT" } ] }, "google-native:accesscontextmanager/v1:IngressFromResponse": { "description": "Defines the conditions under which an IngressPolicy matches a request. Conditions are based on information about the source of the request. The request must satisfy what is defined in `sources` AND identity related fields in order to match.", "properties": { "identities": { "type": "array", "items": { "type": "string" }, "description": "A list of identities that are allowed access through this ingress policy. Should be in the format of email address. The email address should represent individual user or service account only." }, "identityType": { "type": "string", "description": "Specifies the type of identities that are allowed access from outside the perimeter. If left unspecified, then members of `identities` field will be allowed access." }, "sources": { "type": "array", "items": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:IngressSourceResponse" }, "description": "Sources that this IngressPolicy authorizes access from." } }, "type": "object", "required": [ "identities", "identityType", "sources" ] }, "google-native:accesscontextmanager/v1:IngressPolicy": { "description": "Policy for ingress into ServicePerimeter. IngressPolicies match requests based on `ingress_from` and `ingress_to` stanzas. For an ingress policy to match, both the `ingress_from` and `ingress_to` stanzas must be matched. If an IngressPolicy matches a request, the request is allowed through the perimeter boundary from outside the perimeter. For example, access from the internet can be allowed either based on an AccessLevel or, for traffic hosted on Google Cloud, the project of the source network. For access from private networks, using the project of the hosting network is required. Individual ingress policies can be limited by restricting which services and/or actions they match using the `ingress_to` field.", "properties": { "ingressFrom": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:IngressFrom", "description": "Defines the conditions on the source of a request causing this IngressPolicy to apply." }, "ingressTo": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:IngressTo", "description": "Defines the conditions on the ApiOperation and request destination that cause this IngressPolicy to apply." } }, "type": "object" }, "google-native:accesscontextmanager/v1:IngressPolicyResponse": { "description": "Policy for ingress into ServicePerimeter. IngressPolicies match requests based on `ingress_from` and `ingress_to` stanzas. For an ingress policy to match, both the `ingress_from` and `ingress_to` stanzas must be matched. If an IngressPolicy matches a request, the request is allowed through the perimeter boundary from outside the perimeter. For example, access from the internet can be allowed either based on an AccessLevel or, for traffic hosted on Google Cloud, the project of the source network. For access from private networks, using the project of the hosting network is required. Individual ingress policies can be limited by restricting which services and/or actions they match using the `ingress_to` field.", "properties": { "ingressFrom": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:IngressFromResponse", "description": "Defines the conditions on the source of a request causing this IngressPolicy to apply." }, "ingressTo": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:IngressToResponse", "description": "Defines the conditions on the ApiOperation and request destination that cause this IngressPolicy to apply." } }, "type": "object", "required": [ "ingressFrom", "ingressTo" ] }, "google-native:accesscontextmanager/v1:IngressSource": { "description": "The source that IngressPolicy authorizes access from.", "properties": { "accessLevel": { "type": "string", "description": "An AccessLevel resource name that allow resources within the ServicePerimeters to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel will cause an error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If a single `*` is specified for `access_level`, then all IngressSources will be allowed." }, "resource": { "type": "string", "description": "A Google Cloud resource that is allowed to ingress the perimeter. Requests from these resources will be allowed to access perimeter data. Currently only projects and VPCs are allowed. Project format: `projects/{project_number}` VPC network format: `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`. The project may be in any Google Cloud organization, not just the organization that the perimeter is defined in. `*` is not allowed, the case of allowing all Google Cloud resources only is not supported." } }, "type": "object" }, "google-native:accesscontextmanager/v1:IngressSourceResponse": { "description": "The source that IngressPolicy authorizes access from.", "properties": { "accessLevel": { "type": "string", "description": "An AccessLevel resource name that allow resources within the ServicePerimeters to be accessed from the internet. AccessLevels listed must be in the same policy as this ServicePerimeter. Referencing a nonexistent AccessLevel will cause an error. If no AccessLevel names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `accessPolicies/MY_POLICY/accessLevels/MY_LEVEL`. If a single `*` is specified for `access_level`, then all IngressSources will be allowed." }, "resource": { "type": "string", "description": "A Google Cloud resource that is allowed to ingress the perimeter. Requests from these resources will be allowed to access perimeter data. Currently only projects and VPCs are allowed. Project format: `projects/{project_number}` VPC network format: `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`. The project may be in any Google Cloud organization, not just the organization that the perimeter is defined in. `*` is not allowed, the case of allowing all Google Cloud resources only is not supported." } }, "type": "object", "required": [ "accessLevel", "resource" ] }, "google-native:accesscontextmanager/v1:IngressTo": { "description": "Defines the conditions under which an IngressPolicy matches a request. Conditions are based on information about the ApiOperation intended to be performed on the target resource of the request. The request must satisfy what is defined in `operations` AND `resources` in order to match.", "properties": { "operations": { "type": "array", "items": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:ApiOperation" }, "description": "A list of ApiOperations allowed to be performed by the sources specified in corresponding IngressFrom in this ServicePerimeter." }, "resources": { "type": "array", "items": { "type": "string" }, "description": "A list of resources, currently only projects in the form `projects/`, protected by this ServicePerimeter that are allowed to be accessed by sources defined in the corresponding IngressFrom. If a single `*` is specified, then access to all resources inside the perimeter are allowed." } }, "type": "object" }, "google-native:accesscontextmanager/v1:IngressToResponse": { "description": "Defines the conditions under which an IngressPolicy matches a request. Conditions are based on information about the ApiOperation intended to be performed on the target resource of the request. The request must satisfy what is defined in `operations` AND `resources` in order to match.", "properties": { "operations": { "type": "array", "items": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:ApiOperationResponse" }, "description": "A list of ApiOperations allowed to be performed by the sources specified in corresponding IngressFrom in this ServicePerimeter." }, "resources": { "type": "array", "items": { "type": "string" }, "description": "A list of resources, currently only projects in the form `projects/`, protected by this ServicePerimeter that are allowed to be accessed by sources defined in the corresponding IngressFrom. If a single `*` is specified, then access to all resources inside the perimeter are allowed." } }, "type": "object", "required": [ "operations", "resources" ] }, "google-native:accesscontextmanager/v1:MethodSelector": { "description": "An allowed method or permission of a service specified in ApiOperation.", "properties": { "method": { "type": "string", "description": "Value for `method` should be a valid method name for the corresponding `service_name` in ApiOperation. If `*` used as value for `method`, then ALL methods and permissions are allowed." }, "permission": { "type": "string", "description": "Value for `permission` should be a valid Cloud IAM permission for the corresponding `service_name` in ApiOperation." } }, "type": "object" }, "google-native:accesscontextmanager/v1:MethodSelectorResponse": { "description": "An allowed method or permission of a service specified in ApiOperation.", "properties": { "method": { "type": "string", "description": "Value for `method` should be a valid method name for the corresponding `service_name` in ApiOperation. If `*` used as value for `method`, then ALL methods and permissions are allowed." }, "permission": { "type": "string", "description": "Value for `permission` should be a valid Cloud IAM permission for the corresponding `service_name` in ApiOperation." } }, "type": "object", "required": [ "method", "permission" ] }, "google-native:accesscontextmanager/v1:OsConstraint": { "description": "A restriction on the OS type and version of devices making requests.", "properties": { "minimumVersion": { "type": "string", "description": "The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: `\"major.minor.patch\"`. Examples: `\"10.5.301\"`, `\"9.2.1\"`." }, "osType": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:OsConstraintOsType", "description": "The allowed OS type." }, "requireVerifiedChromeOs": { "type": "boolean", "description": "Only allows requests from devices with a verified Chrome OS. Verifications includes requirements that the device is enterprise-managed, conformant to domain policies, and the caller has permission to call the API targeted by the request." } }, "type": "object", "required": [ "osType" ] }, "google-native:accesscontextmanager/v1:OsConstraintOsType": { "description": "Required. The allowed OS type.", "type": "string", "enum": [ { "name": "OsUnspecified", "description": "The operating system of the device is not specified or not known.", "value": "OS_UNSPECIFIED" }, { "name": "DesktopMac", "description": "A desktop Mac operating system.", "value": "DESKTOP_MAC" }, { "name": "DesktopWindows", "description": "A desktop Windows operating system.", "value": "DESKTOP_WINDOWS" }, { "name": "DesktopLinux", "description": "A desktop Linux operating system.", "value": "DESKTOP_LINUX" }, { "name": "DesktopChromeOs", "description": "A desktop ChromeOS operating system.", "value": "DESKTOP_CHROME_OS" }, { "name": "Android", "description": "An Android operating system.", "value": "ANDROID" }, { "name": "Ios", "description": "An iOS operating system.", "value": "IOS" } ] }, "google-native:accesscontextmanager/v1:OsConstraintResponse": { "description": "A restriction on the OS type and version of devices making requests.", "properties": { "minimumVersion": { "type": "string", "description": "The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: `\"major.minor.patch\"`. Examples: `\"10.5.301\"`, `\"9.2.1\"`." }, "osType": { "type": "string", "description": "The allowed OS type." }, "requireVerifiedChromeOs": { "type": "boolean", "description": "Only allows requests from devices with a verified Chrome OS. Verifications includes requirements that the device is enterprise-managed, conformant to domain policies, and the caller has permission to call the API targeted by the request." } }, "type": "object", "required": [ "minimumVersion", "osType", "requireVerifiedChromeOs" ] }, "google-native:accesscontextmanager/v1:ServicePerimeterConfig": { "description": "`ServicePerimeterConfig` specifies a set of Google Cloud resources that describe specific Service Perimeter configuration.", "properties": { "accessLevels": { "type": "array", "items": { "type": "string" }, "description": "A list of `AccessLevel` resource names that allow resources within the `ServicePerimeter` to be accessed from the internet. `AccessLevels` listed must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `\"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL\"`. For Service Perimeter Bridge, must be empty." }, "egressPolicies": { "type": "array", "items": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:EgressPolicy" }, "description": "List of EgressPolicies to apply to the perimeter. A perimeter may have multiple EgressPolicies, each of which is evaluated separately. Access is granted if any EgressPolicy grants it. Must be empty for a perimeter bridge." }, "ingressPolicies": { "type": "array", "items": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:IngressPolicy" }, "description": "List of IngressPolicies to apply to the perimeter. A perimeter may have multiple IngressPolicies, each of which is evaluated separately. Access is granted if any Ingress Policy grants it. Must be empty for a perimeter bridge." }, "resources": { "type": "array", "items": { "type": "string" }, "description": "A list of Google Cloud resources that are inside of the service perimeter. Currently only projects and VPCs are allowed. Project format: `projects/{project_number}` VPC network format: `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`." }, "restrictedServices": { "type": "array", "items": { "type": "string" }, "description": "Google Cloud services that are subject to the Service Perimeter restrictions. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions." }, "vpcAccessibleServices": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:VpcAccessibleServices", "description": "Configuration for APIs allowed within Perimeter." } }, "type": "object" }, "google-native:accesscontextmanager/v1:ServicePerimeterConfigResponse": { "description": "`ServicePerimeterConfig` specifies a set of Google Cloud resources that describe specific Service Perimeter configuration.", "properties": { "accessLevels": { "type": "array", "items": { "type": "string" }, "description": "A list of `AccessLevel` resource names that allow resources within the `ServicePerimeter` to be accessed from the internet. `AccessLevels` listed must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `\"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL\"`. For Service Perimeter Bridge, must be empty." }, "egressPolicies": { "type": "array", "items": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:EgressPolicyResponse" }, "description": "List of EgressPolicies to apply to the perimeter. A perimeter may have multiple EgressPolicies, each of which is evaluated separately. Access is granted if any EgressPolicy grants it. Must be empty for a perimeter bridge." }, "ingressPolicies": { "type": "array", "items": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:IngressPolicyResponse" }, "description": "List of IngressPolicies to apply to the perimeter. A perimeter may have multiple IngressPolicies, each of which is evaluated separately. Access is granted if any Ingress Policy grants it. Must be empty for a perimeter bridge." }, "resources": { "type": "array", "items": { "type": "string" }, "description": "A list of Google Cloud resources that are inside of the service perimeter. Currently only projects and VPCs are allowed. Project format: `projects/{project_number}` VPC network format: `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NAME}`." }, "restrictedServices": { "type": "array", "items": { "type": "string" }, "description": "Google Cloud services that are subject to the Service Perimeter restrictions. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions." }, "vpcAccessibleServices": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:VpcAccessibleServicesResponse", "description": "Configuration for APIs allowed within Perimeter." } }, "type": "object", "required": [ "accessLevels", "egressPolicies", "ingressPolicies", "resources", "restrictedServices", "vpcAccessibleServices" ] }, "google-native:accesscontextmanager/v1:ServicePerimeterPerimeterType": { "description": "Perimeter type indicator. A single project or VPC network is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, the restricted service list as well as access level lists must be empty.", "type": "string", "enum": [ { "name": "PerimeterTypeRegular", "description": "Regular Perimeter. When no value is specified, the perimeter uses this type.", "value": "PERIMETER_TYPE_REGULAR" }, { "name": "PerimeterTypeBridge", "description": "Perimeter Bridge.", "value": "PERIMETER_TYPE_BRIDGE" } ] }, "google-native:accesscontextmanager/v1:VpcAccessibleServices": { "description": "Specifies how APIs are allowed to communicate within the Service Perimeter.", "properties": { "allowedServices": { "type": "array", "items": { "type": "string" }, "description": "The list of APIs usable within the Service Perimeter. Must be empty unless 'enable_restriction' is True. You can specify a list of individual services, as well as include the 'RESTRICTED-SERVICES' value, which automatically includes all of the services protected by the perimeter." }, "enableRestriction": { "type": "boolean", "description": "Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowed_services'." } }, "type": "object" }, "google-native:accesscontextmanager/v1:VpcAccessibleServicesResponse": { "description": "Specifies how APIs are allowed to communicate within the Service Perimeter.", "properties": { "allowedServices": { "type": "array", "items": { "type": "string" }, "description": "The list of APIs usable within the Service Perimeter. Must be empty unless 'enable_restriction' is True. You can specify a list of individual services, as well as include the 'RESTRICTED-SERVICES' value, which automatically includes all of the services protected by the perimeter." }, "enableRestriction": { "type": "boolean", "description": "Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowed_services'." } }, "type": "object", "required": [ "allowedServices", "enableRestriction" ] }, "google-native:accesscontextmanager/v1:VpcNetworkSource": { "description": "The originating network source in Google Cloud.", "properties": { "vpcSubnetwork": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:VpcSubNetwork", "description": "Sub-segment ranges of a VPC network." } }, "type": "object" }, "google-native:accesscontextmanager/v1:VpcNetworkSourceResponse": { "description": "The originating network source in Google Cloud.", "properties": { "vpcSubnetwork": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1:VpcSubNetworkResponse", "description": "Sub-segment ranges of a VPC network." } }, "type": "object", "required": [ "vpcSubnetwork" ] }, "google-native:accesscontextmanager/v1:VpcSubNetwork": { "description": "Sub-segment ranges inside of a VPC Network.", "properties": { "network": { "type": "string", "description": "Network name. If the network is not part of the organization, the `compute.network.get` permission must be granted to the caller. Format: `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NETWORK_NAME}` Example: `//compute.googleapis.com/projects/my-project/global/networks/network-1`" }, "vpcIpSubnetworks": { "type": "array", "items": { "type": "string" }, "description": "CIDR block IP subnetwork specification. The IP address must be an IPv4 address and can be a public or private IP address. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, \"192.0.2.0/24\" is accepted but \"192.0.2.1/24\" is not. If empty, all IP addresses are allowed." } }, "type": "object", "required": [ "network" ] }, "google-native:accesscontextmanager/v1:VpcSubNetworkResponse": { "description": "Sub-segment ranges inside of a VPC Network.", "properties": { "network": { "type": "string", "description": "Network name. If the network is not part of the organization, the `compute.network.get` permission must be granted to the caller. Format: `//compute.googleapis.com/projects/{PROJECT_ID}/global/networks/{NETWORK_NAME}` Example: `//compute.googleapis.com/projects/my-project/global/networks/network-1`" }, "vpcIpSubnetworks": { "type": "array", "items": { "type": "string" }, "description": "CIDR block IP subnetwork specification. The IP address must be an IPv4 address and can be a public or private IP address. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, \"192.0.2.0/24\" is accepted but \"192.0.2.1/24\" is not. If empty, all IP addresses are allowed." } }, "type": "object", "required": [ "network", "vpcIpSubnetworks" ] }, "google-native:accesscontextmanager/v1beta:BasicLevel": { "description": "`BasicLevel` is an `AccessLevel` using a set of recommended features.", "properties": { "combiningFunction": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1beta:BasicLevelCombiningFunction", "description": "How the `conditions` list should be combined to determine if a request is granted this `AccessLevel`. If AND is used, each `Condition` in `conditions` must be satisfied for the `AccessLevel` to be applied. If OR is used, at least one `Condition` in `conditions` must be satisfied for the `AccessLevel` to be applied. Default behavior is AND." }, "conditions": { "type": "array", "items": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1beta:Condition" }, "description": "A list of requirements for the `AccessLevel` to be granted." } }, "type": "object", "required": [ "conditions" ] }, "google-native:accesscontextmanager/v1beta:BasicLevelCombiningFunction": { "description": "How the `conditions` list should be combined to determine if a request is granted this `AccessLevel`. If AND is used, each `Condition` in `conditions` must be satisfied for the `AccessLevel` to be applied. If OR is used, at least one `Condition` in `conditions` must be satisfied for the `AccessLevel` to be applied. Default behavior is AND.", "type": "string", "enum": [ { "name": "And", "description": "All `Conditions` must be true for the `BasicLevel` to be true.", "value": "AND" }, { "name": "Or", "description": "If at least one `Condition` is true, then the `BasicLevel` is true.", "value": "OR" } ] }, "google-native:accesscontextmanager/v1beta:BasicLevelResponse": { "description": "`BasicLevel` is an `AccessLevel` using a set of recommended features.", "properties": { "combiningFunction": { "type": "string", "description": "How the `conditions` list should be combined to determine if a request is granted this `AccessLevel`. If AND is used, each `Condition` in `conditions` must be satisfied for the `AccessLevel` to be applied. If OR is used, at least one `Condition` in `conditions` must be satisfied for the `AccessLevel` to be applied. Default behavior is AND." }, "conditions": { "type": "array", "items": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1beta:ConditionResponse" }, "description": "A list of requirements for the `AccessLevel` to be granted." } }, "type": "object", "required": [ "combiningFunction", "conditions" ] }, "google-native:accesscontextmanager/v1beta:Condition": { "description": "A condition necessary for an `AccessLevel` to be granted. The Condition is an AND over its fields. So a Condition is true if: 1) the request IP is from one of the listed subnetworks AND 2) the originating device complies with the listed device policy AND 3) all listed access levels are granted AND 4) the request was sent at a time allowed by the DateTimeRestriction.", "properties": { "devicePolicy": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1beta:DevicePolicy", "description": "Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed." }, "ipSubnetworks": { "type": "array", "items": { "type": "string" }, "description": "CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, \"192.0.2.0/24\" is accepted but \"192.0.2.1/24\" is not. Similarly, for IPv6, \"2001:db8::/32\" is accepted whereas \"2001:db8::1/32\" is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed." }, "members": { "type": "array", "items": { "type": "string" }, "description": "The request must be made by one of the provided user or service accounts. Groups are not supported. Syntax: `user:{emailid}` `serviceAccount:{emailid}` If not specified, a request may come from any user." }, "negate": { "type": "boolean", "description": "Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields. Any non-empty field criteria evaluating to false will result in the Condition to be satisfied. Defaults to false." }, "regions": { "type": "array", "items": { "type": "string" }, "description": "The request must originate from one of the provided countries/regions. Must be valid ISO 3166-1 alpha-2 codes." }, "requiredAccessLevels": { "type": "array", "items": { "type": "string" }, "description": "A list of other access levels defined in the same `Policy`, referenced by resource name. Referencing an `AccessLevel` which does not exist is an error. All access levels listed must be granted for the Condition to be true. Example: \"`accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME\"`" } }, "type": "object" }, "google-native:accesscontextmanager/v1beta:ConditionResponse": { "description": "A condition necessary for an `AccessLevel` to be granted. The Condition is an AND over its fields. So a Condition is true if: 1) the request IP is from one of the listed subnetworks AND 2) the originating device complies with the listed device policy AND 3) all listed access levels are granted AND 4) the request was sent at a time allowed by the DateTimeRestriction.", "properties": { "devicePolicy": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1beta:DevicePolicyResponse", "description": "Device specific restrictions, all restrictions must hold for the Condition to be true. If not specified, all devices are allowed." }, "ipSubnetworks": { "type": "array", "items": { "type": "string" }, "description": "CIDR block IP subnetwork specification. May be IPv4 or IPv6. Note that for a CIDR IP address block, the specified IP address portion must be properly truncated (i.e. all the host bits must be zero) or the input is considered malformed. For example, \"192.0.2.0/24\" is accepted but \"192.0.2.1/24\" is not. Similarly, for IPv6, \"2001:db8::/32\" is accepted whereas \"2001:db8::1/32\" is not. The originating IP of a request must be in one of the listed subnets in order for this Condition to be true. If empty, all IP addresses are allowed." }, "members": { "type": "array", "items": { "type": "string" }, "description": "The request must be made by one of the provided user or service accounts. Groups are not supported. Syntax: `user:{emailid}` `serviceAccount:{emailid}` If not specified, a request may come from any user." }, "negate": { "type": "boolean", "description": "Whether to negate the Condition. If true, the Condition becomes a NAND over its non-empty fields. Any non-empty field criteria evaluating to false will result in the Condition to be satisfied. Defaults to false." }, "regions": { "type": "array", "items": { "type": "string" }, "description": "The request must originate from one of the provided countries/regions. Must be valid ISO 3166-1 alpha-2 codes." }, "requiredAccessLevels": { "type": "array", "items": { "type": "string" }, "description": "A list of other access levels defined in the same `Policy`, referenced by resource name. Referencing an `AccessLevel` which does not exist is an error. All access levels listed must be granted for the Condition to be true. Example: \"`accessPolicies/MY_POLICY/accessLevels/LEVEL_NAME\"`" } }, "type": "object", "required": [ "devicePolicy", "ipSubnetworks", "members", "negate", "regions", "requiredAccessLevels" ] }, "google-native:accesscontextmanager/v1beta:CustomLevel": { "description": "`CustomLevel` is an `AccessLevel` using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request. See CEL spec at: https://github.com/google/cel-spec", "properties": { "expr": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1beta:Expr", "description": "A Cloud CEL expression evaluating to a boolean." } }, "type": "object", "required": [ "expr" ] }, "google-native:accesscontextmanager/v1beta:CustomLevelResponse": { "description": "`CustomLevel` is an `AccessLevel` using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request. See CEL spec at: https://github.com/google/cel-spec", "properties": { "expr": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1beta:ExprResponse", "description": "A Cloud CEL expression evaluating to a boolean." } }, "type": "object", "required": [ "expr" ] }, "google-native:accesscontextmanager/v1beta:DevicePolicy": { "description": "`DevicePolicy` specifies device specific restrictions necessary to acquire a given access level. A `DevicePolicy` specifies requirements for requests from devices to be granted access levels, it does not do any enforcement on the device. `DevicePolicy` acts as an AND over all specified fields, and each repeated field is an OR over its elements. Any unset fields are ignored. For example, if the proto is { os_type : DESKTOP_WINDOWS, os_type : DESKTOP_LINUX, encryption_status: ENCRYPTED}, then the DevicePolicy will be true for requests originating from encrypted Linux desktops and encrypted Windows desktops.", "properties": { "allowedDeviceManagementLevels": { "type": "array", "items": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1beta:DevicePolicyAllowedDeviceManagementLevelsItem" }, "description": "Allowed device management levels, an empty list allows all management levels." }, "allowedEncryptionStatuses": { "type": "array", "items": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1beta:DevicePolicyAllowedEncryptionStatusesItem" }, "description": "Allowed encryptions statuses, an empty list allows all statuses." }, "osConstraints": { "type": "array", "items": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1beta:OsConstraint" }, "description": "Allowed OS versions, an empty list allows all types and all versions." }, "requireAdminApproval": { "type": "boolean", "description": "Whether the device needs to be approved by the customer admin." }, "requireCorpOwned": { "type": "boolean", "description": "Whether the device needs to be corp owned." }, "requireScreenlock": { "type": "boolean", "description": "Whether or not screenlock is required for the DevicePolicy to be true. Defaults to `false`." } }, "type": "object" }, "google-native:accesscontextmanager/v1beta:DevicePolicyAllowedDeviceManagementLevelsItem": { "type": "string", "enum": [ { "name": "ManagementUnspecified", "description": "The device's management level is not specified or not known.", "value": "MANAGEMENT_UNSPECIFIED" }, { "name": "None", "description": "The device is not managed.", "value": "NONE" }, { "name": "Basic", "description": "Basic management is enabled, which is generally limited to monitoring and wiping the corporate account.", "value": "BASIC" }, { "name": "Complete", "description": "Complete device management. This includes more thorough monitoring and the ability to directly manage the device (such as remote wiping). This can be enabled through the Android Enterprise Platform.", "value": "COMPLETE" } ] }, "google-native:accesscontextmanager/v1beta:DevicePolicyAllowedEncryptionStatusesItem": { "type": "string", "enum": [ { "name": "EncryptionUnspecified", "description": "The encryption status of the device is not specified or not known.", "value": "ENCRYPTION_UNSPECIFIED" }, { "name": "EncryptionUnsupported", "description": "The device does not support encryption.", "value": "ENCRYPTION_UNSUPPORTED" }, { "name": "Unencrypted", "description": "The device supports encryption, but is currently unencrypted.", "value": "UNENCRYPTED" }, { "name": "Encrypted", "description": "The device is encrypted.", "value": "ENCRYPTED" } ] }, "google-native:accesscontextmanager/v1beta:DevicePolicyResponse": { "description": "`DevicePolicy` specifies device specific restrictions necessary to acquire a given access level. A `DevicePolicy` specifies requirements for requests from devices to be granted access levels, it does not do any enforcement on the device. `DevicePolicy` acts as an AND over all specified fields, and each repeated field is an OR over its elements. Any unset fields are ignored. For example, if the proto is { os_type : DESKTOP_WINDOWS, os_type : DESKTOP_LINUX, encryption_status: ENCRYPTED}, then the DevicePolicy will be true for requests originating from encrypted Linux desktops and encrypted Windows desktops.", "properties": { "allowedDeviceManagementLevels": { "type": "array", "items": { "type": "string" }, "description": "Allowed device management levels, an empty list allows all management levels." }, "allowedEncryptionStatuses": { "type": "array", "items": { "type": "string" }, "description": "Allowed encryptions statuses, an empty list allows all statuses." }, "osConstraints": { "type": "array", "items": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1beta:OsConstraintResponse" }, "description": "Allowed OS versions, an empty list allows all types and all versions." }, "requireAdminApproval": { "type": "boolean", "description": "Whether the device needs to be approved by the customer admin." }, "requireCorpOwned": { "type": "boolean", "description": "Whether the device needs to be corp owned." }, "requireScreenlock": { "type": "boolean", "description": "Whether or not screenlock is required for the DevicePolicy to be true. Defaults to `false`." } }, "type": "object", "required": [ "allowedDeviceManagementLevels", "allowedEncryptionStatuses", "osConstraints", "requireAdminApproval", "requireCorpOwned", "requireScreenlock" ] }, "google-native:accesscontextmanager/v1beta:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:accesscontextmanager/v1beta:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:accesscontextmanager/v1beta:OsConstraint": { "description": "A restriction on the OS type and version of devices making requests.", "properties": { "minimumVersion": { "type": "string", "description": "The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: `\"major.minor.patch\"`. Examples: `\"10.5.301\"`, `\"9.2.1\"`." }, "osType": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1beta:OsConstraintOsType", "description": "The allowed OS type." }, "requireVerifiedChromeOs": { "type": "boolean", "description": "Only allows requests from devices with a verified Chrome OS. Verifications includes requirements that the device is enterprise-managed, conformant to domain policies, and the caller has permission to call the API targeted by the request." } }, "type": "object", "required": [ "osType" ] }, "google-native:accesscontextmanager/v1beta:OsConstraintOsType": { "description": "Required. The allowed OS type.", "type": "string", "enum": [ { "name": "OsUnspecified", "description": "The operating system of the device is not specified or not known.", "value": "OS_UNSPECIFIED" }, { "name": "DesktopMac", "description": "A desktop Mac operating system.", "value": "DESKTOP_MAC" }, { "name": "DesktopWindows", "description": "A desktop Windows operating system.", "value": "DESKTOP_WINDOWS" }, { "name": "DesktopLinux", "description": "A desktop Linux operating system.", "value": "DESKTOP_LINUX" }, { "name": "DesktopChromeOs", "description": "A desktop ChromeOS operating system.", "value": "DESKTOP_CHROME_OS" }, { "name": "Android", "description": "An Android operating system.", "value": "ANDROID" }, { "name": "Ios", "description": "An iOS operating system.", "value": "IOS" } ] }, "google-native:accesscontextmanager/v1beta:OsConstraintResponse": { "description": "A restriction on the OS type and version of devices making requests.", "properties": { "minimumVersion": { "type": "string", "description": "The minimum allowed OS version. If not set, any version of this OS satisfies the constraint. Format: `\"major.minor.patch\"`. Examples: `\"10.5.301\"`, `\"9.2.1\"`." }, "osType": { "type": "string", "description": "The allowed OS type." }, "requireVerifiedChromeOs": { "type": "boolean", "description": "Only allows requests from devices with a verified Chrome OS. Verifications includes requirements that the device is enterprise-managed, conformant to domain policies, and the caller has permission to call the API targeted by the request." } }, "type": "object", "required": [ "minimumVersion", "osType", "requireVerifiedChromeOs" ] }, "google-native:accesscontextmanager/v1beta:ServicePerimeterConfig": { "description": "`ServicePerimeterConfig` specifies a set of Google Cloud resources that describe specific Service Perimeter configuration.", "properties": { "accessLevels": { "type": "array", "items": { "type": "string" }, "description": "A list of `AccessLevel` resource names that allow resources within the `ServicePerimeter` to be accessed from the internet. `AccessLevels` listed must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `\"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL\"`. For Service Perimeter Bridge, must be empty." }, "resources": { "type": "array", "items": { "type": "string" }, "description": "A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format: `projects/{project_number}`" }, "restrictedServices": { "type": "array", "items": { "type": "string" }, "description": "Google Cloud services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions." }, "unrestrictedServices": { "type": "array", "items": { "type": "string" }, "description": "Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard \"*\". The wildcard means that unless explicitly specified by \"restricted_services\" list, any service is treated as unrestricted.", "deprecationMessage": "Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard \"*\". The wildcard means that unless explicitly specified by \"restricted_services\" list, any service is treated as unrestricted." }, "vpcAccessibleServices": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1beta:VpcAccessibleServices", "description": "Beta. Configuration for APIs allowed within Perimeter." } }, "type": "object" }, "google-native:accesscontextmanager/v1beta:ServicePerimeterConfigResponse": { "description": "`ServicePerimeterConfig` specifies a set of Google Cloud resources that describe specific Service Perimeter configuration.", "properties": { "accessLevels": { "type": "array", "items": { "type": "string" }, "description": "A list of `AccessLevel` resource names that allow resources within the `ServicePerimeter` to be accessed from the internet. `AccessLevels` listed must be in the same policy as this `ServicePerimeter`. Referencing a nonexistent `AccessLevel` is a syntax error. If no `AccessLevel` names are listed, resources within the perimeter can only be accessed via Google Cloud calls with request origins within the perimeter. Example: `\"accessPolicies/MY_POLICY/accessLevels/MY_LEVEL\"`. For Service Perimeter Bridge, must be empty." }, "resources": { "type": "array", "items": { "type": "string" }, "description": "A list of Google Cloud resources that are inside of the service perimeter. Currently only projects are allowed. Format: `projects/{project_number}`" }, "restrictedServices": { "type": "array", "items": { "type": "string" }, "description": "Google Cloud services that are subject to the Service Perimeter restrictions. Must contain a list of services. For example, if `storage.googleapis.com` is specified, access to the storage buckets inside the perimeter must meet the perimeter's access restrictions." }, "unrestrictedServices": { "type": "array", "items": { "type": "string" }, "description": "Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard \"*\". The wildcard means that unless explicitly specified by \"restricted_services\" list, any service is treated as unrestricted.", "deprecationMessage": "Google Cloud services that are not subject to the Service Perimeter restrictions. Deprecated. Must be set to a single wildcard \"*\". The wildcard means that unless explicitly specified by \"restricted_services\" list, any service is treated as unrestricted." }, "vpcAccessibleServices": { "$ref": "#/types/google-native:accesscontextmanager%2Fv1beta:VpcAccessibleServicesResponse", "description": "Beta. Configuration for APIs allowed within Perimeter." } }, "type": "object", "required": [ "accessLevels", "resources", "restrictedServices", "unrestrictedServices", "vpcAccessibleServices" ] }, "google-native:accesscontextmanager/v1beta:ServicePerimeterPerimeterType": { "description": "Perimeter type indicator. A single project is allowed to be a member of single regular perimeter, but multiple service perimeter bridges. A project cannot be a included in a perimeter bridge without being included in regular perimeter. For perimeter bridges, restricted/unrestricted service lists as well as access lists must be empty.", "type": "string", "enum": [ { "name": "PerimeterTypeRegular", "description": "Regular Perimeter. When no value is specified, the perimeter uses this type.", "value": "PERIMETER_TYPE_REGULAR" }, { "name": "PerimeterTypeBridge", "description": "Perimeter Bridge.", "value": "PERIMETER_TYPE_BRIDGE" } ] }, "google-native:accesscontextmanager/v1beta:VpcAccessibleServices": { "description": "Specifies how APIs are allowed to communicate within the Service Perimeter.", "properties": { "allowedServices": { "type": "array", "items": { "type": "string" }, "description": "The list of APIs usable within the Service Perimeter. Must be empty unless 'enable_restriction' is True. You can specify a list of individual services, as well as include the 'RESTRICTED-SERVICES' value, which automatically includes all of the services protected by the perimeter." }, "enableRestriction": { "type": "boolean", "description": "Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowed_services'." } }, "type": "object" }, "google-native:accesscontextmanager/v1beta:VpcAccessibleServicesResponse": { "description": "Specifies how APIs are allowed to communicate within the Service Perimeter.", "properties": { "allowedServices": { "type": "array", "items": { "type": "string" }, "description": "The list of APIs usable within the Service Perimeter. Must be empty unless 'enable_restriction' is True. You can specify a list of individual services, as well as include the 'RESTRICTED-SERVICES' value, which automatically includes all of the services protected by the perimeter." }, "enableRestriction": { "type": "boolean", "description": "Whether to restrict API calls within the Service Perimeter to the list of APIs specified in 'allowed_services'." } }, "type": "object", "required": [ "allowedServices", "enableRestriction" ] }, "google-native:aiplatform/v1:ArtifactState": { "description": "The state of this Artifact. This is a property of the Artifact, and does not imply or capture any ongoing process. This property is managed by clients (such as Vertex AI Pipelines), and the system does not prescribe or check the validity of state transitions.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "Unspecified state for the Artifact.", "value": "STATE_UNSPECIFIED" }, { "name": "Pending", "description": "A state used by systems like Vertex AI Pipelines to indicate that the underlying data item represented by this Artifact is being created.", "value": "PENDING" }, { "name": "Live", "description": "A state indicating that the Artifact should exist, unless something external to the system deletes it.", "value": "LIVE" } ] }, "google-native:aiplatform/v1:ExecutionState": { "description": "The state of this Execution. This is a property of the Execution, and does not imply or capture any ongoing process. This property is managed by clients (such as Vertex AI Pipelines) and the system does not prescribe or check the validity of state transitions.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "Unspecified Execution state", "value": "STATE_UNSPECIFIED" }, { "name": "New", "description": "The Execution is new", "value": "NEW" }, { "name": "Running", "description": "The Execution is running", "value": "RUNNING" }, { "name": "Complete", "description": "The Execution has finished running", "value": "COMPLETE" }, { "name": "Failed", "description": "The Execution has failed", "value": "FAILED" }, { "name": "Cached", "description": "The Execution completed through Cache hit.", "value": "CACHED" }, { "name": "Cancelled", "description": "The Execution was cancelled.", "value": "CANCELLED" } ] }, "google-native:aiplatform/v1:FeatureGroupFeatureValueType": { "description": "Immutable. Only applicable for Vertex AI Feature Store (Legacy). Type of Feature value.", "type": "string", "enum": [ { "name": "ValueTypeUnspecified", "description": "The value type is unspecified.", "value": "VALUE_TYPE_UNSPECIFIED" }, { "name": "Bool", "description": "Used for Feature that is a boolean.", "value": "BOOL" }, { "name": "BoolArray", "description": "Used for Feature that is a list of boolean.", "value": "BOOL_ARRAY" }, { "name": "Double", "description": "Used for Feature that is double.", "value": "DOUBLE" }, { "name": "DoubleArray", "description": "Used for Feature that is a list of double.", "value": "DOUBLE_ARRAY" }, { "name": "Int64", "description": "Used for Feature that is INT64.", "value": "INT64" }, { "name": "Int64Array", "description": "Used for Feature that is a list of INT64.", "value": "INT64_ARRAY" }, { "name": "String", "description": "Used for Feature that is string.", "value": "STRING" }, { "name": "StringArray", "description": "Used for Feature that is a list of String.", "value": "STRING_ARRAY" }, { "name": "Bytes", "description": "Used for Feature that is bytes.", "value": "BYTES" } ] }, "google-native:aiplatform/v1:FeatureStoreFeatureValueType": { "description": "Immutable. Only applicable for Vertex AI Feature Store (Legacy). Type of Feature value.", "type": "string", "enum": [ { "name": "ValueTypeUnspecified", "description": "The value type is unspecified.", "value": "VALUE_TYPE_UNSPECIFIED" }, { "name": "Bool", "description": "Used for Feature that is a boolean.", "value": "BOOL" }, { "name": "BoolArray", "description": "Used for Feature that is a list of boolean.", "value": "BOOL_ARRAY" }, { "name": "Double", "description": "Used for Feature that is double.", "value": "DOUBLE" }, { "name": "DoubleArray", "description": "Used for Feature that is a list of double.", "value": "DOUBLE_ARRAY" }, { "name": "Int64", "description": "Used for Feature that is INT64.", "value": "INT64" }, { "name": "Int64Array", "description": "Used for Feature that is a list of INT64.", "value": "INT64_ARRAY" }, { "name": "String", "description": "Used for Feature that is string.", "value": "STRING" }, { "name": "StringArray", "description": "Used for Feature that is a list of String.", "value": "STRING_ARRAY" }, { "name": "Bytes", "description": "Used for Feature that is bytes.", "value": "BYTES" } ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ActiveLearningConfig": { "description": "Parameters that configure the active learning pipeline. Active learning will label the data incrementally by several iterations. For every iteration, it will select a batch of data based on the sampling strategy.", "properties": { "maxDataItemCount": { "type": "string", "description": "Max number of human labeled DataItems." }, "maxDataItemPercentage": { "type": "integer", "description": "Max percent of total DataItems for human labeling." }, "sampleConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1SampleConfig", "description": "Active learning data sampling config. For every active learning labeling iteration, it will select a batch of data based on the sampling strategy." }, "trainingConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1TrainingConfig", "description": "CMLE training config. For every active learning labeling iteration, system will train a machine learning model on CMLE. The trained model will be used by data sampling algorithm to select DataItems." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ActiveLearningConfigResponse": { "description": "Parameters that configure the active learning pipeline. Active learning will label the data incrementally by several iterations. For every iteration, it will select a batch of data based on the sampling strategy.", "properties": { "maxDataItemCount": { "type": "string", "description": "Max number of human labeled DataItems." }, "maxDataItemPercentage": { "type": "integer", "description": "Max percent of total DataItems for human labeling." }, "sampleConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1SampleConfigResponse", "description": "Active learning data sampling config. For every active learning labeling iteration, it will select a batch of data based on the sampling strategy." }, "trainingConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1TrainingConfigResponse", "description": "CMLE training config. For every active learning labeling iteration, system will train a machine learning model on CMLE. The trained model will be used by data sampling algorithm to select DataItems." } }, "type": "object", "required": [ "maxDataItemCount", "maxDataItemPercentage", "sampleConfig", "trainingConfig" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1AutomaticResourcesResponse": { "description": "A description of resources that to large degree are decided by Vertex AI, and require only a modest additional configuration. Each Model supporting these resources documents its specific guidelines.", "properties": { "maxReplicaCount": { "type": "integer", "description": "Immutable. The maximum number of replicas this DeployedModel may be deployed on when the traffic against it increases. If the requested value is too large, the deployment will error, but if deployment succeeds then the ability to scale the model to that many replicas is guaranteed (barring service outages). If traffic against the DeployedModel increases beyond what its replicas at maximum may handle, a portion of the traffic will be dropped. If this value is not provided, a no upper bound for scaling under heavy traffic will be assume, though Vertex AI may be unable to scale beyond certain replica number." }, "minReplicaCount": { "type": "integer", "description": "Immutable. The minimum number of replicas this DeployedModel will be always deployed on. If traffic against it increases, it may dynamically be deployed onto more replicas up to max_replica_count, and as traffic decreases, some of these extra replicas may be freed. If the requested value is too large, the deployment will error." } }, "type": "object", "required": [ "maxReplicaCount", "minReplicaCount" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1AutoscalingMetricSpec": { "description": "The metric specification that defines the target resource utilization (CPU utilization, accelerator's duty cycle, and so on) for calculating the desired replica count.", "properties": { "metricName": { "type": "string", "description": "The resource metric name. Supported metrics: * For Online Prediction: * `aiplatform.googleapis.com/prediction/online/accelerator/duty_cycle` * `aiplatform.googleapis.com/prediction/online/cpu/utilization`" }, "target": { "type": "integer", "description": "The target resource utilization in percentage (1% - 100%) for the given metric; once the real usage deviates from the target by a certain percentage, the machine replicas change. The default value is 60 (representing 60%) if not provided." } }, "type": "object", "required": [ "metricName" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1AutoscalingMetricSpecResponse": { "description": "The metric specification that defines the target resource utilization (CPU utilization, accelerator's duty cycle, and so on) for calculating the desired replica count.", "properties": { "metricName": { "type": "string", "description": "The resource metric name. Supported metrics: * For Online Prediction: * `aiplatform.googleapis.com/prediction/online/accelerator/duty_cycle` * `aiplatform.googleapis.com/prediction/online/cpu/utilization`" }, "target": { "type": "integer", "description": "The target resource utilization in percentage (1% - 100%) for the given metric; once the real usage deviates from the target by a certain percentage, the machine replicas change. The default value is 60 (representing 60%) if not provided." } }, "type": "object", "required": [ "metricName", "target" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1BatchDedicatedResources": { "description": "A description of resources that are used for performing batch operations, are dedicated to a Model, and need manual configuration.", "properties": { "machineSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1MachineSpec", "description": "Immutable. The specification of a single machine." }, "maxReplicaCount": { "type": "integer", "description": "Immutable. The maximum number of machine replicas the batch operation may be scaled to. The default value is 10." }, "startingReplicaCount": { "type": "integer", "description": "Immutable. The number of machine replicas used at the start of the batch operation. If not set, Vertex AI decides starting number, not greater than max_replica_count" } }, "type": "object", "required": [ "machineSpec" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1BatchDedicatedResourcesResponse": { "description": "A description of resources that are used for performing batch operations, are dedicated to a Model, and need manual configuration.", "properties": { "machineSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1MachineSpecResponse", "description": "Immutable. The specification of a single machine." }, "maxReplicaCount": { "type": "integer", "description": "Immutable. The maximum number of machine replicas the batch operation may be scaled to. The default value is 10." }, "startingReplicaCount": { "type": "integer", "description": "Immutable. The number of machine replicas used at the start of the batch operation. If not set, Vertex AI decides starting number, not greater than max_replica_count" } }, "type": "object", "required": [ "machineSpec", "maxReplicaCount", "startingReplicaCount" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1BatchPredictionJobInputConfig": { "description": "Configures the input to BatchPredictionJob. See Model.supported_input_storage_formats for Model's supported input formats, and how instances should be expressed via any of them.", "properties": { "bigquerySource": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1BigQuerySource", "description": "The BigQuery location of the input table. The schema of the table should be in the format described by the given context OpenAPI Schema, if one is provided. The table may contain additional columns that are not described by the schema, and they will be ignored." }, "gcsSource": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1GcsSource", "description": "The Cloud Storage location for the input instances." }, "instancesFormat": { "type": "string", "description": "The format in which instances are given, must be one of the Model's supported_input_storage_formats." } }, "type": "object", "required": [ "instancesFormat" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1BatchPredictionJobInputConfigResponse": { "description": "Configures the input to BatchPredictionJob. See Model.supported_input_storage_formats for Model's supported input formats, and how instances should be expressed via any of them.", "properties": { "bigquerySource": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1BigQuerySourceResponse", "description": "The BigQuery location of the input table. The schema of the table should be in the format described by the given context OpenAPI Schema, if one is provided. The table may contain additional columns that are not described by the schema, and they will be ignored." }, "gcsSource": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1GcsSourceResponse", "description": "The Cloud Storage location for the input instances." }, "instancesFormat": { "type": "string", "description": "The format in which instances are given, must be one of the Model's supported_input_storage_formats." } }, "type": "object", "required": [ "bigquerySource", "gcsSource", "instancesFormat" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1BatchPredictionJobInstanceConfig": { "description": "Configuration defining how to transform batch prediction input instances to the instances that the Model accepts.", "properties": { "excludedFields": { "type": "array", "items": { "type": "string" }, "description": "Fields that will be excluded in the prediction instance that is sent to the Model. Excluded will be attached to the batch prediction output if key_field is not specified. When excluded_fields is populated, included_fields must be empty. The input must be JSONL with objects at each line, CSV, BigQuery or TfRecord." }, "includedFields": { "type": "array", "items": { "type": "string" }, "description": "Fields that will be included in the prediction instance that is sent to the Model. If instance_type is `array`, the order of field names in included_fields also determines the order of the values in the array. When included_fields is populated, excluded_fields must be empty. The input must be JSONL with objects at each line, CSV, BigQuery or TfRecord." }, "instanceType": { "type": "string", "description": "The format of the instance that the Model accepts. Vertex AI will convert compatible batch prediction input instance formats to the specified format. Supported values are: * `object`: Each input is converted to JSON object format. * For `bigquery`, each row is converted to an object. * For `jsonl`, each line of the JSONL input must be an object. * Does not apply to `csv`, `file-list`, `tf-record`, or `tf-record-gzip`. * `array`: Each input is converted to JSON array format. * For `bigquery`, each row is converted to an array. The order of columns is determined by the BigQuery column order, unless included_fields is populated. included_fields must be populated for specifying field orders. * For `jsonl`, if each line of the JSONL input is an object, included_fields must be populated for specifying field orders. * Does not apply to `csv`, `file-list`, `tf-record`, or `tf-record-gzip`. If not specified, Vertex AI converts the batch prediction input as follows: * For `bigquery` and `csv`, the behavior is the same as `array`. The order of columns is the same as defined in the file or table, unless included_fields is populated. * For `jsonl`, the prediction instance format is determined by each line of the input. * For `tf-record`/`tf-record-gzip`, each record will be converted to an object in the format of `{\"b64\": }`, where `` is the Base64-encoded string of the content of the record. * For `file-list`, each file in the list will be converted to an object in the format of `{\"b64\": }`, where `` is the Base64-encoded string of the content of the file." }, "keyField": { "type": "string", "description": "The name of the field that is considered as a key. The values identified by the key field is not included in the transformed instances that is sent to the Model. This is similar to specifying this name of the field in excluded_fields. In addition, the batch prediction output will not include the instances. Instead the output will only include the value of the key field, in a field named `key` in the output: * For `jsonl` output format, the output will have a `key` field instead of the `instance` field. * For `csv`/`bigquery` output format, the output will have have a `key` column instead of the instance feature columns. The input must be JSONL with objects at each line, CSV, BigQuery or TfRecord." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1BatchPredictionJobInstanceConfigResponse": { "description": "Configuration defining how to transform batch prediction input instances to the instances that the Model accepts.", "properties": { "excludedFields": { "type": "array", "items": { "type": "string" }, "description": "Fields that will be excluded in the prediction instance that is sent to the Model. Excluded will be attached to the batch prediction output if key_field is not specified. When excluded_fields is populated, included_fields must be empty. The input must be JSONL with objects at each line, CSV, BigQuery or TfRecord." }, "includedFields": { "type": "array", "items": { "type": "string" }, "description": "Fields that will be included in the prediction instance that is sent to the Model. If instance_type is `array`, the order of field names in included_fields also determines the order of the values in the array. When included_fields is populated, excluded_fields must be empty. The input must be JSONL with objects at each line, CSV, BigQuery or TfRecord." }, "instanceType": { "type": "string", "description": "The format of the instance that the Model accepts. Vertex AI will convert compatible batch prediction input instance formats to the specified format. Supported values are: * `object`: Each input is converted to JSON object format. * For `bigquery`, each row is converted to an object. * For `jsonl`, each line of the JSONL input must be an object. * Does not apply to `csv`, `file-list`, `tf-record`, or `tf-record-gzip`. * `array`: Each input is converted to JSON array format. * For `bigquery`, each row is converted to an array. The order of columns is determined by the BigQuery column order, unless included_fields is populated. included_fields must be populated for specifying field orders. * For `jsonl`, if each line of the JSONL input is an object, included_fields must be populated for specifying field orders. * Does not apply to `csv`, `file-list`, `tf-record`, or `tf-record-gzip`. If not specified, Vertex AI converts the batch prediction input as follows: * For `bigquery` and `csv`, the behavior is the same as `array`. The order of columns is the same as defined in the file or table, unless included_fields is populated. * For `jsonl`, the prediction instance format is determined by each line of the input. * For `tf-record`/`tf-record-gzip`, each record will be converted to an object in the format of `{\"b64\": }`, where `` is the Base64-encoded string of the content of the record. * For `file-list`, each file in the list will be converted to an object in the format of `{\"b64\": }`, where `` is the Base64-encoded string of the content of the file." }, "keyField": { "type": "string", "description": "The name of the field that is considered as a key. The values identified by the key field is not included in the transformed instances that is sent to the Model. This is similar to specifying this name of the field in excluded_fields. In addition, the batch prediction output will not include the instances. Instead the output will only include the value of the key field, in a field named `key` in the output: * For `jsonl` output format, the output will have a `key` field instead of the `instance` field. * For `csv`/`bigquery` output format, the output will have have a `key` column instead of the instance feature columns. The input must be JSONL with objects at each line, CSV, BigQuery or TfRecord." } }, "type": "object", "required": [ "excludedFields", "includedFields", "instanceType", "keyField" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1BatchPredictionJobOutputConfig": { "description": "Configures the output of BatchPredictionJob. See Model.supported_output_storage_formats for supported output formats, and how predictions are expressed via any of them.", "properties": { "bigqueryDestination": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1BigQueryDestination", "description": "The BigQuery project or dataset location where the output is to be written to. If project is provided, a new dataset is created with name `prediction__` where is made BigQuery-dataset-name compatible (for example, most special characters become underscores), and timestamp is in YYYY_MM_DDThh_mm_ss_sssZ \"based on ISO-8601\" format. In the dataset two tables will be created, `predictions`, and `errors`. If the Model has both instance and prediction schemata defined then the tables have columns as follows: The `predictions` table contains instances for which the prediction succeeded, it has columns as per a concatenation of the Model's instance and prediction schemata. The `errors` table contains rows for which the prediction has failed, it has instance columns, as per the instance schema, followed by a single \"errors\" column, which as values has google.rpc.Status represented as a STRUCT, and containing only `code` and `message`." }, "gcsDestination": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1GcsDestination", "description": "The Cloud Storage location of the directory where the output is to be written to. In the given directory a new directory is created. Its name is `prediction--`, where timestamp is in YYYY-MM-DDThh:mm:ss.sssZ ISO-8601 format. Inside of it files `predictions_0001.`, `predictions_0002.`, ..., `predictions_N.` are created where `` depends on chosen predictions_format, and N may equal 0001 and depends on the total number of successfully predicted instances. If the Model has both instance and prediction schemata defined then each such file contains predictions as per the predictions_format. If prediction for any instance failed (partially or completely), then an additional `errors_0001.`, `errors_0002.`,..., `errors_N.` files are created (N depends on total number of failed predictions). These files contain the failed instances, as per their schema, followed by an additional `error` field which as value has google.rpc.Status containing only `code` and `message` fields." }, "predictionsFormat": { "type": "string", "description": "The format in which Vertex AI gives the predictions, must be one of the Model's supported_output_storage_formats." } }, "type": "object", "required": [ "predictionsFormat" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1BatchPredictionJobOutputConfigResponse": { "description": "Configures the output of BatchPredictionJob. See Model.supported_output_storage_formats for supported output formats, and how predictions are expressed via any of them.", "properties": { "bigqueryDestination": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1BigQueryDestinationResponse", "description": "The BigQuery project or dataset location where the output is to be written to. If project is provided, a new dataset is created with name `prediction__` where is made BigQuery-dataset-name compatible (for example, most special characters become underscores), and timestamp is in YYYY_MM_DDThh_mm_ss_sssZ \"based on ISO-8601\" format. In the dataset two tables will be created, `predictions`, and `errors`. If the Model has both instance and prediction schemata defined then the tables have columns as follows: The `predictions` table contains instances for which the prediction succeeded, it has columns as per a concatenation of the Model's instance and prediction schemata. The `errors` table contains rows for which the prediction has failed, it has instance columns, as per the instance schema, followed by a single \"errors\" column, which as values has google.rpc.Status represented as a STRUCT, and containing only `code` and `message`." }, "gcsDestination": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1GcsDestinationResponse", "description": "The Cloud Storage location of the directory where the output is to be written to. In the given directory a new directory is created. Its name is `prediction--`, where timestamp is in YYYY-MM-DDThh:mm:ss.sssZ ISO-8601 format. Inside of it files `predictions_0001.`, `predictions_0002.`, ..., `predictions_N.` are created where `` depends on chosen predictions_format, and N may equal 0001 and depends on the total number of successfully predicted instances. If the Model has both instance and prediction schemata defined then each such file contains predictions as per the predictions_format. If prediction for any instance failed (partially or completely), then an additional `errors_0001.`, `errors_0002.`,..., `errors_N.` files are created (N depends on total number of failed predictions). These files contain the failed instances, as per their schema, followed by an additional `error` field which as value has google.rpc.Status containing only `code` and `message` fields." }, "predictionsFormat": { "type": "string", "description": "The format in which Vertex AI gives the predictions, must be one of the Model's supported_output_storage_formats." } }, "type": "object", "required": [ "bigqueryDestination", "gcsDestination", "predictionsFormat" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1BatchPredictionJobOutputInfoResponse": { "description": "Further describes this job's output. Supplements output_config.", "properties": { "bigqueryOutputDataset": { "type": "string", "description": "The path of the BigQuery dataset created, in `bq://projectId.bqDatasetId` format, into which the prediction output is written." }, "bigqueryOutputTable": { "type": "string", "description": "The name of the BigQuery table created, in `predictions_` format, into which the prediction output is written. Can be used by UI to generate the BigQuery output path, for example." }, "gcsOutputDirectory": { "type": "string", "description": "The full path of the Cloud Storage directory created, into which the prediction output is written." } }, "type": "object", "required": [ "bigqueryOutputDataset", "bigqueryOutputTable", "gcsOutputDirectory" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1BigQueryDestination": { "description": "The BigQuery location for the output content.", "properties": { "outputUri": { "type": "string", "description": "BigQuery URI to a project or table, up to 2000 characters long. When only the project is specified, the Dataset and Table is created. When the full table reference is specified, the Dataset must exist and table must not exist. Accepted forms: * BigQuery path. For example: `bq://projectId` or `bq://projectId.bqDatasetId` or `bq://projectId.bqDatasetId.bqTableId`." } }, "type": "object", "required": [ "outputUri" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1BigQueryDestinationResponse": { "description": "The BigQuery location for the output content.", "properties": { "outputUri": { "type": "string", "description": "BigQuery URI to a project or table, up to 2000 characters long. When only the project is specified, the Dataset and Table is created. When the full table reference is specified, the Dataset must exist and table must not exist. Accepted forms: * BigQuery path. For example: `bq://projectId` or `bq://projectId.bqDatasetId` or `bq://projectId.bqDatasetId.bqTableId`." } }, "type": "object", "required": [ "outputUri" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1BigQuerySource": { "description": "The BigQuery location for the input content.", "properties": { "inputUri": { "type": "string", "description": "BigQuery URI to a table, up to 2000 characters long. Accepted forms: * BigQuery path. For example: `bq://projectId.bqDatasetId.bqTableId`." } }, "type": "object", "required": [ "inputUri" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1BigQuerySourceResponse": { "description": "The BigQuery location for the input content.", "properties": { "inputUri": { "type": "string", "description": "BigQuery URI to a table, up to 2000 characters long. Accepted forms: * BigQuery path. For example: `bq://projectId.bqDatasetId.bqTableId`." } }, "type": "object", "required": [ "inputUri" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1BlurBaselineConfig": { "description": "Config for blur baseline. When enabled, a linear path from the maximally blurred image to the input image is created. Using a blurred baseline instead of zero (black image) is motivated by the BlurIG approach explained here: https://arxiv.org/abs/2004.03383", "properties": { "maxBlurSigma": { "type": "number", "description": "The standard deviation of the blur kernel for the blurred baseline. The same blurring parameter is used for both the height and the width dimension. If not set, the method defaults to the zero (i.e. black for images) baseline." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1BlurBaselineConfigResponse": { "description": "Config for blur baseline. When enabled, a linear path from the maximally blurred image to the input image is created. Using a blurred baseline instead of zero (black image) is motivated by the BlurIG approach explained here: https://arxiv.org/abs/2004.03383", "properties": { "maxBlurSigma": { "type": "number", "description": "The standard deviation of the blur kernel for the blurred baseline. The same blurring parameter is used for both the height and the width dimension. If not set, the method defaults to the zero (i.e. black for images) baseline." } }, "type": "object", "required": [ "maxBlurSigma" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1CompletionStatsResponse": { "description": "Success and error statistics of processing multiple entities (for example, DataItems or structured data rows) in batch.", "properties": { "failedCount": { "type": "string", "description": "The number of entities for which any error was encountered." }, "incompleteCount": { "type": "string", "description": "In cases when enough errors are encountered a job, pipeline, or operation may be failed as a whole. Below is the number of entities for which the processing had not been finished (either in successful or failed state). Set to -1 if the number is unknown (for example, the operation failed before the total entity number could be collected)." }, "successfulCount": { "type": "string", "description": "The number of entities that had been processed successfully." }, "successfulForecastPointCount": { "type": "string", "description": "The number of the successful forecast points that are generated by the forecasting model. This is ONLY used by the forecasting batch prediction." } }, "type": "object", "required": [ "failedCount", "incompleteCount", "successfulCount", "successfulForecastPointCount" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ContainerSpec": { "description": "The spec of a Container.", "properties": { "args": { "type": "array", "items": { "type": "string" }, "description": "The arguments to be passed when starting the container." }, "command": { "type": "array", "items": { "type": "string" }, "description": "The command to be invoked when the container is started. It overrides the entrypoint instruction in Dockerfile when provided." }, "env": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1EnvVar" }, "description": "Environment variables to be passed to the container. Maximum limit is 100." }, "imageUri": { "type": "string", "description": "The URI of a container image in the Container Registry that is to be run on each worker replica." } }, "type": "object", "required": [ "imageUri" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ContainerSpecResponse": { "description": "The spec of a Container.", "properties": { "args": { "type": "array", "items": { "type": "string" }, "description": "The arguments to be passed when starting the container." }, "command": { "type": "array", "items": { "type": "string" }, "description": "The command to be invoked when the container is started. It overrides the entrypoint instruction in Dockerfile when provided." }, "env": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1EnvVarResponse" }, "description": "Environment variables to be passed to the container. Maximum limit is 100." }, "imageUri": { "type": "string", "description": "The URI of a container image in the Container Registry that is to be run on each worker replica." } }, "type": "object", "required": [ "args", "command", "env", "imageUri" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ContextResponse": { "description": "Instance of a general context.", "properties": { "createTime": { "type": "string", "description": "Timestamp when this Context was created." }, "description": { "type": "string", "description": "Description of the Context" }, "displayName": { "type": "string", "description": "User provided display name of the Context. May be up to 128 Unicode characters." }, "etag": { "type": "string", "description": "An eTag used to perform consistent read-modify-write updates. If not set, a blind \"overwrite\" update happens." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The labels with user-defined metadata to organize your Contexts. Label keys and values can be no longer than 64 characters (Unicode codepoints), can only contain lowercase letters, numeric characters, underscores and dashes. International characters are allowed. No more than 64 user labels can be associated with one Context (System labels are excluded)." }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Properties of the Context. Top level metadata keys' heading and trailing spaces will be trimmed. The size of this field should not exceed 200KB." }, "name": { "type": "string", "description": "Immutable. The resource name of the Context." }, "parentContexts": { "type": "array", "items": { "type": "string" }, "description": "A list of resource names of Contexts that are parents of this Context. A Context may have at most 10 parent_contexts." }, "schemaTitle": { "type": "string", "description": "The title of the schema describing the metadata. Schema title and version is expected to be registered in earlier Create Schema calls. And both are used together as unique identifiers to identify schemas within the local metadata store." }, "schemaVersion": { "type": "string", "description": "The version of the schema in schema_name to use. Schema title and version is expected to be registered in earlier Create Schema calls. And both are used together as unique identifiers to identify schemas within the local metadata store." }, "updateTime": { "type": "string", "description": "Timestamp when this Context was last updated." } }, "type": "object", "required": [ "createTime", "description", "displayName", "etag", "labels", "metadata", "name", "parentContexts", "schemaTitle", "schemaVersion", "updateTime" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1CreatePipelineJobRequest": { "description": "Request message for PipelineService.CreatePipelineJob.", "properties": { "parent": { "type": "string", "description": "The resource name of the Location to create the PipelineJob in. Format: `projects/{project}/locations/{location}`" }, "pipelineJob": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1PipelineJob", "description": "The PipelineJob to create." }, "pipelineJobId": { "type": "string", "description": "The ID to use for the PipelineJob, which will become the final component of the PipelineJob name. If not provided, an ID will be automatically generated. This value should be less than 128 characters, and valid characters are `/a-z-/`." } }, "type": "object", "required": [ "parent", "pipelineJob" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1CreatePipelineJobRequestResponse": { "description": "Request message for PipelineService.CreatePipelineJob.", "properties": { "parent": { "type": "string", "description": "The resource name of the Location to create the PipelineJob in. Format: `projects/{project}/locations/{location}`" }, "pipelineJob": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1PipelineJobResponse", "description": "The PipelineJob to create." }, "pipelineJobId": { "type": "string", "description": "The ID to use for the PipelineJob, which will become the final component of the PipelineJob name. If not provided, an ID will be automatically generated. This value should be less than 128 characters, and valid characters are `/a-z-/`." } }, "type": "object", "required": [ "parent", "pipelineJob", "pipelineJobId" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1CustomJobSpec": { "description": "Represents the spec of a CustomJob.", "properties": { "baseOutputDirectory": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1GcsDestination", "description": "The Cloud Storage location to store the output of this CustomJob or HyperparameterTuningJob. For HyperparameterTuningJob, the baseOutputDirectory of each child CustomJob backing a Trial is set to a subdirectory of name id under its parent HyperparameterTuningJob's baseOutputDirectory. The following Vertex AI environment variables will be passed to containers or python modules when this field is set: For CustomJob: * AIP_MODEL_DIR = `/model/` * AIP_CHECKPOINT_DIR = `/checkpoints/` * AIP_TENSORBOARD_LOG_DIR = `/logs/` For CustomJob backing a Trial of HyperparameterTuningJob: * AIP_MODEL_DIR = `//model/` * AIP_CHECKPOINT_DIR = `//checkpoints/` * AIP_TENSORBOARD_LOG_DIR = `//logs/`" }, "enableDashboardAccess": { "type": "boolean", "description": "Optional. Whether you want Vertex AI to enable access to the customized dashboard in training chief container. If set to `true`, you can access the dashboard at the URIs given by CustomJob.web_access_uris or Trial.web_access_uris (within HyperparameterTuningJob.trials)." }, "enableWebAccess": { "type": "boolean", "description": "Optional. Whether you want Vertex AI to enable [interactive shell access](https://cloud.google.com/vertex-ai/docs/training/monitor-debug-interactive-shell) to training containers. If set to `true`, you can access interactive shells at the URIs given by CustomJob.web_access_uris or Trial.web_access_uris (within HyperparameterTuningJob.trials)." }, "experiment": { "type": "string", "description": "Optional. The Experiment associated with this job. Format: `projects/{project}/locations/{location}/metadataStores/{metadataStores}/contexts/{experiment-name}`" }, "experimentRun": { "type": "string", "description": "Optional. The Experiment Run associated with this job. Format: `projects/{project}/locations/{location}/metadataStores/{metadataStores}/contexts/{experiment-name}-{experiment-run-name}`" }, "network": { "type": "string", "description": "Optional. The full name of the Compute Engine [network](/compute/docs/networks-and-firewalls#networks) to which the Job should be peered. For example, `projects/12345/global/networks/myVPC`. [Format](/compute/docs/reference/rest/v1/networks/insert) is of the form `projects/{project}/global/networks/{network}`. Where {project} is a project number, as in `12345`, and {network} is a network name. To specify this field, you must have already [configured VPC Network Peering for Vertex AI](https://cloud.google.com/vertex-ai/docs/general/vpc-peering). If this field is left unspecified, the job is not peered with any network." }, "protectedArtifactLocationId": { "type": "string", "description": "The ID of the location to store protected artifacts. e.g. us-central1. Populate only when the location is different than CustomJob location. List of supported locations: https://cloud.google.com/vertex-ai/docs/general/locations" }, "reservedIpRanges": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of names for the reserved ip ranges under the VPC network that can be used for this job. If set, we will deploy the job within the provided ip ranges. Otherwise, the job will be deployed to any ip ranges under the provided VPC network. Example: ['vertex-ai-ip-range']." }, "scheduling": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1Scheduling", "description": "Scheduling options for a CustomJob." }, "serviceAccount": { "type": "string", "description": "Specifies the service account for workload run-as account. Users submitting jobs must have act-as permission on this run-as account. If unspecified, the [Vertex AI Custom Code Service Agent](https://cloud.google.com/vertex-ai/docs/general/access-control#service-agents) for the CustomJob's project is used." }, "tensorboard": { "type": "string", "description": "Optional. The name of a Vertex AI Tensorboard resource to which this CustomJob will upload Tensorboard logs. Format: `projects/{project}/locations/{location}/tensorboards/{tensorboard}`" }, "workerPoolSpecs": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1WorkerPoolSpec" }, "description": "The spec of the worker pools including machine type and Docker image. All worker pools except the first one are optional and can be skipped by providing an empty value." } }, "type": "object", "required": [ "workerPoolSpecs" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1CustomJobSpecResponse": { "description": "Represents the spec of a CustomJob.", "properties": { "baseOutputDirectory": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1GcsDestinationResponse", "description": "The Cloud Storage location to store the output of this CustomJob or HyperparameterTuningJob. For HyperparameterTuningJob, the baseOutputDirectory of each child CustomJob backing a Trial is set to a subdirectory of name id under its parent HyperparameterTuningJob's baseOutputDirectory. The following Vertex AI environment variables will be passed to containers or python modules when this field is set: For CustomJob: * AIP_MODEL_DIR = `/model/` * AIP_CHECKPOINT_DIR = `/checkpoints/` * AIP_TENSORBOARD_LOG_DIR = `/logs/` For CustomJob backing a Trial of HyperparameterTuningJob: * AIP_MODEL_DIR = `//model/` * AIP_CHECKPOINT_DIR = `//checkpoints/` * AIP_TENSORBOARD_LOG_DIR = `//logs/`" }, "enableDashboardAccess": { "type": "boolean", "description": "Optional. Whether you want Vertex AI to enable access to the customized dashboard in training chief container. If set to `true`, you can access the dashboard at the URIs given by CustomJob.web_access_uris or Trial.web_access_uris (within HyperparameterTuningJob.trials)." }, "enableWebAccess": { "type": "boolean", "description": "Optional. Whether you want Vertex AI to enable [interactive shell access](https://cloud.google.com/vertex-ai/docs/training/monitor-debug-interactive-shell) to training containers. If set to `true`, you can access interactive shells at the URIs given by CustomJob.web_access_uris or Trial.web_access_uris (within HyperparameterTuningJob.trials)." }, "experiment": { "type": "string", "description": "Optional. The Experiment associated with this job. Format: `projects/{project}/locations/{location}/metadataStores/{metadataStores}/contexts/{experiment-name}`" }, "experimentRun": { "type": "string", "description": "Optional. The Experiment Run associated with this job. Format: `projects/{project}/locations/{location}/metadataStores/{metadataStores}/contexts/{experiment-name}-{experiment-run-name}`" }, "network": { "type": "string", "description": "Optional. The full name of the Compute Engine [network](/compute/docs/networks-and-firewalls#networks) to which the Job should be peered. For example, `projects/12345/global/networks/myVPC`. [Format](/compute/docs/reference/rest/v1/networks/insert) is of the form `projects/{project}/global/networks/{network}`. Where {project} is a project number, as in `12345`, and {network} is a network name. To specify this field, you must have already [configured VPC Network Peering for Vertex AI](https://cloud.google.com/vertex-ai/docs/general/vpc-peering). If this field is left unspecified, the job is not peered with any network." }, "protectedArtifactLocationId": { "type": "string", "description": "The ID of the location to store protected artifacts. e.g. us-central1. Populate only when the location is different than CustomJob location. List of supported locations: https://cloud.google.com/vertex-ai/docs/general/locations" }, "reservedIpRanges": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of names for the reserved ip ranges under the VPC network that can be used for this job. If set, we will deploy the job within the provided ip ranges. Otherwise, the job will be deployed to any ip ranges under the provided VPC network. Example: ['vertex-ai-ip-range']." }, "scheduling": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1SchedulingResponse", "description": "Scheduling options for a CustomJob." }, "serviceAccount": { "type": "string", "description": "Specifies the service account for workload run-as account. Users submitting jobs must have act-as permission on this run-as account. If unspecified, the [Vertex AI Custom Code Service Agent](https://cloud.google.com/vertex-ai/docs/general/access-control#service-agents) for the CustomJob's project is used." }, "tensorboard": { "type": "string", "description": "Optional. The name of a Vertex AI Tensorboard resource to which this CustomJob will upload Tensorboard logs. Format: `projects/{project}/locations/{location}/tensorboards/{tensorboard}`" }, "workerPoolSpecs": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1WorkerPoolSpecResponse" }, "description": "The spec of the worker pools including machine type and Docker image. All worker pools except the first one are optional and can be skipped by providing an empty value." } }, "type": "object", "required": [ "baseOutputDirectory", "enableDashboardAccess", "enableWebAccess", "experiment", "experimentRun", "network", "protectedArtifactLocationId", "reservedIpRanges", "scheduling", "serviceAccount", "tensorboard", "workerPoolSpecs" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1DedicatedResources": { "description": "A description of resources that are dedicated to a DeployedModel, and that need a higher degree of manual configuration.", "properties": { "autoscalingMetricSpecs": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1AutoscalingMetricSpec" }, "description": "Immutable. The metric specifications that overrides a resource utilization metric (CPU utilization, accelerator's duty cycle, and so on) target value (default to 60 if not set). At most one entry is allowed per metric. If machine_spec.accelerator_count is above 0, the autoscaling will be based on both CPU utilization and accelerator's duty cycle metrics and scale up when either metrics exceeds its target value while scale down if both metrics are under their target value. The default target value is 60 for both metrics. If machine_spec.accelerator_count is 0, the autoscaling will be based on CPU utilization metric only with default target value 60 if not explicitly set. For example, in the case of Online Prediction, if you want to override target CPU utilization to 80, you should set autoscaling_metric_specs.metric_name to `aiplatform.googleapis.com/prediction/online/cpu/utilization` and autoscaling_metric_specs.target to `80`." }, "machineSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1MachineSpec", "description": "Immutable. The specification of a single machine used by the prediction." }, "maxReplicaCount": { "type": "integer", "description": "Immutable. The maximum number of replicas this DeployedModel may be deployed on when the traffic against it increases. If the requested value is too large, the deployment will error, but if deployment succeeds then the ability to scale the model to that many replicas is guaranteed (barring service outages). If traffic against the DeployedModel increases beyond what its replicas at maximum may handle, a portion of the traffic will be dropped. If this value is not provided, will use min_replica_count as the default value. The value of this field impacts the charge against Vertex CPU and GPU quotas. Specifically, you will be charged for (max_replica_count * number of cores in the selected machine type) and (max_replica_count * number of GPUs per replica in the selected machine type)." }, "minReplicaCount": { "type": "integer", "description": "Immutable. The minimum number of machine replicas this DeployedModel will be always deployed on. This value must be greater than or equal to 1. If traffic against the DeployedModel increases, it may dynamically be deployed onto more replicas, and as traffic decreases, some of these extra replicas may be freed." } }, "type": "object", "required": [ "machineSpec", "minReplicaCount" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1DedicatedResourcesResponse": { "description": "A description of resources that are dedicated to a DeployedModel, and that need a higher degree of manual configuration.", "properties": { "autoscalingMetricSpecs": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1AutoscalingMetricSpecResponse" }, "description": "Immutable. The metric specifications that overrides a resource utilization metric (CPU utilization, accelerator's duty cycle, and so on) target value (default to 60 if not set). At most one entry is allowed per metric. If machine_spec.accelerator_count is above 0, the autoscaling will be based on both CPU utilization and accelerator's duty cycle metrics and scale up when either metrics exceeds its target value while scale down if both metrics are under their target value. The default target value is 60 for both metrics. If machine_spec.accelerator_count is 0, the autoscaling will be based on CPU utilization metric only with default target value 60 if not explicitly set. For example, in the case of Online Prediction, if you want to override target CPU utilization to 80, you should set autoscaling_metric_specs.metric_name to `aiplatform.googleapis.com/prediction/online/cpu/utilization` and autoscaling_metric_specs.target to `80`." }, "machineSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1MachineSpecResponse", "description": "Immutable. The specification of a single machine used by the prediction." }, "maxReplicaCount": { "type": "integer", "description": "Immutable. The maximum number of replicas this DeployedModel may be deployed on when the traffic against it increases. If the requested value is too large, the deployment will error, but if deployment succeeds then the ability to scale the model to that many replicas is guaranteed (barring service outages). If traffic against the DeployedModel increases beyond what its replicas at maximum may handle, a portion of the traffic will be dropped. If this value is not provided, will use min_replica_count as the default value. The value of this field impacts the charge against Vertex CPU and GPU quotas. Specifically, you will be charged for (max_replica_count * number of cores in the selected machine type) and (max_replica_count * number of GPUs per replica in the selected machine type)." }, "minReplicaCount": { "type": "integer", "description": "Immutable. The minimum number of machine replicas this DeployedModel will be always deployed on. This value must be greater than or equal to 1. If traffic against the DeployedModel increases, it may dynamically be deployed onto more replicas, and as traffic decreases, some of these extra replicas may be freed." } }, "type": "object", "required": [ "autoscalingMetricSpecs", "machineSpec", "maxReplicaCount", "minReplicaCount" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1DeployedIndexAuthConfigAuthProviderResponse": { "description": "Configuration for an authentication provider, including support for [JSON Web Token (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).", "properties": { "allowedIssuers": { "type": "array", "items": { "type": "string" }, "description": "A list of allowed JWT issuers. Each entry must be a valid Google service account, in the following format: `service-account-name@project-id.iam.gserviceaccount.com`" }, "audiences": { "type": "array", "items": { "type": "string" }, "description": "The list of JWT [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3). that are allowed to access. A JWT containing any of these audiences will be accepted." } }, "type": "object", "required": [ "allowedIssuers", "audiences" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1DeployedIndexAuthConfigResponse": { "description": "Used to set up the auth on the DeployedIndex's private endpoint.", "properties": { "authProvider": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1DeployedIndexAuthConfigAuthProviderResponse", "description": "Defines the authentication provider that the DeployedIndex uses." } }, "type": "object", "required": [ "authProvider" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1DeployedIndexRefResponse": { "description": "Points to a DeployedIndex.", "properties": { "deployedIndexId": { "type": "string", "description": "Immutable. The ID of the DeployedIndex in the above IndexEndpoint." }, "indexEndpoint": { "type": "string", "description": "Immutable. A resource name of the IndexEndpoint." } }, "type": "object", "required": [ "deployedIndexId", "indexEndpoint" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1DeployedIndexResponse": { "description": "A deployment of an Index. IndexEndpoints contain one or more DeployedIndexes.", "properties": { "automaticResources": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1AutomaticResourcesResponse", "description": "Optional. A description of resources that the DeployedIndex uses, which to large degree are decided by Vertex AI, and optionally allows only a modest additional configuration. If min_replica_count is not set, the default value is 2 (we don't provide SLA when min_replica_count=1). If max_replica_count is not set, the default value is min_replica_count. The max allowed replica count is 1000." }, "createTime": { "type": "string", "description": "Timestamp when the DeployedIndex was created." }, "dedicatedResources": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1DedicatedResourcesResponse", "description": "Optional. A description of resources that are dedicated to the DeployedIndex, and that need a higher degree of manual configuration. The field min_replica_count must be set to a value strictly greater than 0, or else validation will fail. We don't provide SLA when min_replica_count=1. If max_replica_count is not set, the default value is min_replica_count. The max allowed replica count is 1000. Available machine types for SMALL shard: e2-standard-2 and all machine types available for MEDIUM and LARGE shard. Available machine types for MEDIUM shard: e2-standard-16 and all machine types available for LARGE shard. Available machine types for LARGE shard: e2-highmem-16, n2d-standard-32. n1-standard-16 and n1-standard-32 are still available, but we recommend e2-standard-16 and e2-highmem-16 for cost efficiency." }, "deployedIndexAuthConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1DeployedIndexAuthConfigResponse", "description": "Optional. If set, the authentication is enabled for the private endpoint." }, "deploymentGroup": { "type": "string", "description": "Optional. The deployment group can be no longer than 64 characters (eg: 'test', 'prod'). If not set, we will use the 'default' deployment group. Creating `deployment_groups` with `reserved_ip_ranges` is a recommended practice when the peered network has multiple peering ranges. This creates your deployments from predictable IP spaces for easier traffic administration. Also, one deployment_group (except 'default') can only be used with the same reserved_ip_ranges which means if the deployment_group has been used with reserved_ip_ranges: [a, b, c], using it with [a, b] or [d, e] is disallowed. Note: we only support up to 5 deployment groups(not including 'default')." }, "displayName": { "type": "string", "description": "The display name of the DeployedIndex. If not provided upon creation, the Index's display_name is used." }, "enableAccessLogging": { "type": "boolean", "description": "Optional. If true, private endpoint's access logs are sent to Cloud Logging. These logs are like standard server access logs, containing information like timestamp and latency for each MatchRequest. Note that logs may incur a cost, especially if the deployed index receives a high queries per second rate (QPS). Estimate your costs before enabling this option." }, "index": { "type": "string", "description": "The name of the Index this is the deployment of. We may refer to this Index as the DeployedIndex's \"original\" Index." }, "indexSyncTime": { "type": "string", "description": "The DeployedIndex may depend on various data on its original Index. Additionally when certain changes to the original Index are being done (e.g. when what the Index contains is being changed) the DeployedIndex may be asynchronously updated in the background to reflect these changes. If this timestamp's value is at least the Index.update_time of the original Index, it means that this DeployedIndex and the original Index are in sync. If this timestamp is older, then to see which updates this DeployedIndex already contains (and which it does not), one must list the operations that are running on the original Index. Only the successfully completed Operations with update_time equal or before this sync time are contained in this DeployedIndex." }, "privateEndpoints": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1IndexPrivateEndpointsResponse", "description": "Provides paths for users to send requests directly to the deployed index services running on Cloud via private services access. This field is populated if network is configured." }, "reservedIpRanges": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of reserved ip ranges under the VPC network that can be used for this DeployedIndex. If set, we will deploy the index within the provided ip ranges. Otherwise, the index might be deployed to any ip ranges under the provided VPC network. The value should be the name of the address (https://cloud.google.com/compute/docs/reference/rest/v1/addresses) Example: ['vertex-ai-ip-range']. For more information about subnets and network IP ranges, please see https://cloud.google.com/vpc/docs/subnets#manually_created_subnet_ip_ranges." } }, "type": "object", "required": [ "automaticResources", "createTime", "dedicatedResources", "deployedIndexAuthConfig", "deploymentGroup", "displayName", "enableAccessLogging", "index", "indexSyncTime", "privateEndpoints", "reservedIpRanges" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1DeployedModelRefResponse": { "description": "Points to a DeployedModel.", "properties": { "deployedModelId": { "type": "string", "description": "Immutable. An ID of a DeployedModel in the above Endpoint." }, "endpoint": { "type": "string", "description": "Immutable. A resource name of an Endpoint." } }, "type": "object", "required": [ "deployedModelId", "endpoint" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1DeployedModelResponse": { "description": "A deployment of a Model. Endpoints contain one or more DeployedModels.", "properties": { "automaticResources": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1AutomaticResourcesResponse", "description": "A description of resources that to large degree are decided by Vertex AI, and require only a modest additional configuration." }, "createTime": { "type": "string", "description": "Timestamp when the DeployedModel was created." }, "dedicatedResources": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1DedicatedResourcesResponse", "description": "A description of resources that are dedicated to the DeployedModel, and that need a higher degree of manual configuration." }, "disableContainerLogging": { "type": "boolean", "description": "For custom-trained Models and AutoML Tabular Models, the container of the DeployedModel instances will send `stderr` and `stdout` streams to Cloud Logging by default. Please note that the logs incur cost, which are subject to [Cloud Logging pricing](https://cloud.google.com/logging/pricing). User can disable container logging by setting this flag to true." }, "displayName": { "type": "string", "description": "The display name of the DeployedModel. If not provided upon creation, the Model's display_name is used." }, "enableAccessLogging": { "type": "boolean", "description": "If true, online prediction access logs are sent to Cloud Logging. These logs are like standard server access logs, containing information like timestamp and latency for each prediction request. Note that logs may incur a cost, especially if your project receives prediction requests at a high queries per second rate (QPS). Estimate your costs before enabling this option." }, "explanationSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ExplanationSpecResponse", "description": "Explanation configuration for this DeployedModel. When deploying a Model using EndpointService.DeployModel, this value overrides the value of Model.explanation_spec. All fields of explanation_spec are optional in the request. If a field of explanation_spec is not populated, the value of the same field of Model.explanation_spec is inherited. If the corresponding Model.explanation_spec is not populated, all fields of the explanation_spec will be used for the explanation configuration." }, "model": { "type": "string", "description": "The resource name of the Model that this is the deployment of. Note that the Model may be in a different location than the DeployedModel's Endpoint. The resource name may contain version id or version alias to specify the version. Example: `projects/{project}/locations/{location}/models/{model}@2` or `projects/{project}/locations/{location}/models/{model}@golden` if no version is specified, the default version will be deployed." }, "modelVersionId": { "type": "string", "description": "The version ID of the model that is deployed." }, "privateEndpoints": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1PrivateEndpointsResponse", "description": "Provide paths for users to send predict/explain/health requests directly to the deployed model services running on Cloud via private services access. This field is populated if network is configured." }, "serviceAccount": { "type": "string", "description": "The service account that the DeployedModel's container runs as. Specify the email address of the service account. If this service account is not specified, the container runs as a service account that doesn't have access to the resource project. Users deploying the Model must have the `iam.serviceAccounts.actAs` permission on this service account." } }, "type": "object", "required": [ "automaticResources", "createTime", "dedicatedResources", "disableContainerLogging", "displayName", "enableAccessLogging", "explanationSpec", "model", "modelVersionId", "privateEndpoints", "serviceAccount" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1DiskSpec": { "description": "Represents the spec of disk options.", "properties": { "bootDiskSizeGb": { "type": "integer", "description": "Size in GB of the boot disk (default is 100GB)." }, "bootDiskType": { "type": "string", "description": "Type of the boot disk (default is \"pd-ssd\"). Valid values: \"pd-ssd\" (Persistent Disk Solid State Drive) or \"pd-standard\" (Persistent Disk Hard Disk Drive)." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1DiskSpecResponse": { "description": "Represents the spec of disk options.", "properties": { "bootDiskSizeGb": { "type": "integer", "description": "Size in GB of the boot disk (default is 100GB)." }, "bootDiskType": { "type": "string", "description": "Type of the boot disk (default is \"pd-ssd\"). Valid values: \"pd-ssd\" (Persistent Disk Solid State Drive) or \"pd-standard\" (Persistent Disk Hard Disk Drive)." } }, "type": "object", "required": [ "bootDiskSizeGb", "bootDiskType" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1EncryptionSpec": { "description": "Represents a customer-managed encryption key spec that can be applied to a top-level resource.", "properties": { "kmsKeyName": { "type": "string", "description": "The Cloud KMS resource identifier of the customer managed encryption key used to protect a resource. Has the form: `projects/my-project/locations/my-region/keyRings/my-kr/cryptoKeys/my-key`. The key needs to be in the same region as where the compute resource is created." } }, "type": "object", "required": [ "kmsKeyName" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1EncryptionSpecResponse": { "description": "Represents a customer-managed encryption key spec that can be applied to a top-level resource.", "properties": { "kmsKeyName": { "type": "string", "description": "The Cloud KMS resource identifier of the customer managed encryption key used to protect a resource. Has the form: `projects/my-project/locations/my-region/keyRings/my-kr/cryptoKeys/my-key`. The key needs to be in the same region as where the compute resource is created." } }, "type": "object", "required": [ "kmsKeyName" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1EnvVar": { "description": "Represents an environment variable present in a Container or Python Module.", "properties": { "name": { "type": "string", "description": "Name of the environment variable. Must be a valid C identifier." }, "value": { "type": "string", "description": "Variables that reference a $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not." } }, "type": "object", "required": [ "name", "value" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1EnvVarResponse": { "description": "Represents an environment variable present in a Container or Python Module.", "properties": { "name": { "type": "string", "description": "Name of the environment variable. Must be a valid C identifier." }, "value": { "type": "string", "description": "Variables that reference a $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not." } }, "type": "object", "required": [ "name", "value" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1Examples": { "description": "Example-based explainability that returns the nearest neighbors from the provided dataset.", "properties": { "exampleGcsSource": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ExamplesExampleGcsSource", "description": "The Cloud Storage input instances." }, "nearestNeighborSearchConfig": { "$ref": "pulumi.json#/Any", "description": "The full configuration for the generated index, the semantics are the same as metadata and should match [NearestNeighborSearchConfig](https://cloud.google.com/vertex-ai/docs/explainable-ai/configuring-explanations-example-based#nearest-neighbor-search-config)." }, "neighborCount": { "type": "integer", "description": "The number of neighbors to return when querying for examples." }, "presets": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1Presets", "description": "Simplified preset configuration, which automatically sets configuration values based on the desired query speed-precision trade-off and modality." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ExamplesExampleGcsSource": { "description": "The Cloud Storage input instances.", "properties": { "dataFormat": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ExamplesExampleGcsSourceDataFormat", "description": "The format in which instances are given, if not specified, assume it's JSONL format. Currently only JSONL format is supported." }, "gcsSource": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1GcsSource", "description": "The Cloud Storage location for the input instances." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ExamplesExampleGcsSourceDataFormat": { "description": "The format in which instances are given, if not specified, assume it's JSONL format. Currently only JSONL format is supported.", "type": "string", "enum": [ { "name": "DataFormatUnspecified", "description": "Format unspecified, used when unset.", "value": "DATA_FORMAT_UNSPECIFIED" }, { "name": "Jsonl", "description": "Examples are stored in JSONL files.", "value": "JSONL" } ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ExamplesExampleGcsSourceResponse": { "description": "The Cloud Storage input instances.", "properties": { "dataFormat": { "type": "string", "description": "The format in which instances are given, if not specified, assume it's JSONL format. Currently only JSONL format is supported." }, "gcsSource": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1GcsSourceResponse", "description": "The Cloud Storage location for the input instances." } }, "type": "object", "required": [ "dataFormat", "gcsSource" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ExamplesResponse": { "description": "Example-based explainability that returns the nearest neighbors from the provided dataset.", "properties": { "exampleGcsSource": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ExamplesExampleGcsSourceResponse", "description": "The Cloud Storage input instances." }, "nearestNeighborSearchConfig": { "$ref": "pulumi.json#/Any", "description": "The full configuration for the generated index, the semantics are the same as metadata and should match [NearestNeighborSearchConfig](https://cloud.google.com/vertex-ai/docs/explainable-ai/configuring-explanations-example-based#nearest-neighbor-search-config)." }, "neighborCount": { "type": "integer", "description": "The number of neighbors to return when querying for examples." }, "presets": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1PresetsResponse", "description": "Simplified preset configuration, which automatically sets configuration values based on the desired query speed-precision trade-off and modality." } }, "type": "object", "required": [ "exampleGcsSource", "nearestNeighborSearchConfig", "neighborCount", "presets" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ExecutionResponse": { "description": "Instance of a general execution.", "properties": { "createTime": { "type": "string", "description": "Timestamp when this Execution was created." }, "description": { "type": "string", "description": "Description of the Execution" }, "displayName": { "type": "string", "description": "User provided display name of the Execution. May be up to 128 Unicode characters." }, "etag": { "type": "string", "description": "An eTag used to perform consistent read-modify-write updates. If not set, a blind \"overwrite\" update happens." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The labels with user-defined metadata to organize your Executions. Label keys and values can be no longer than 64 characters (Unicode codepoints), can only contain lowercase letters, numeric characters, underscores and dashes. International characters are allowed. No more than 64 user labels can be associated with one Execution (System labels are excluded)." }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Properties of the Execution. Top level metadata keys' heading and trailing spaces will be trimmed. The size of this field should not exceed 200KB." }, "name": { "type": "string", "description": "The resource name of the Execution." }, "schemaTitle": { "type": "string", "description": "The title of the schema describing the metadata. Schema title and version is expected to be registered in earlier Create Schema calls. And both are used together as unique identifiers to identify schemas within the local metadata store." }, "schemaVersion": { "type": "string", "description": "The version of the schema in `schema_title` to use. Schema title and version is expected to be registered in earlier Create Schema calls. And both are used together as unique identifiers to identify schemas within the local metadata store." }, "state": { "type": "string", "description": "The state of this Execution. This is a property of the Execution, and does not imply or capture any ongoing process. This property is managed by clients (such as Vertex AI Pipelines) and the system does not prescribe or check the validity of state transitions." }, "updateTime": { "type": "string", "description": "Timestamp when this Execution was last updated." } }, "type": "object", "required": [ "createTime", "description", "displayName", "etag", "labels", "metadata", "name", "schemaTitle", "schemaVersion", "state", "updateTime" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ExplanationMetadata": { "description": "Metadata describing the Model's input and output for explanation.", "properties": { "featureAttributionsSchemaUri": { "type": "string", "description": "Points to a YAML file stored on Google Cloud Storage describing the format of the feature attributions. The schema is defined as an OpenAPI 3.0.2 [Schema Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). AutoML tabular Models always have this field populated by Vertex AI. Note: The URI given on output may be different, including the URI scheme, than the one given on input. The output URI will point to a location where the user only has a read access." }, "inputs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map from feature names to feature input metadata. Keys are the name of the features. Values are the specification of the feature. An empty InputMetadata is valid. It describes a text feature which has the name specified as the key in ExplanationMetadata.inputs. The baseline of the empty feature is chosen by Vertex AI. For Vertex AI-provided Tensorflow images, the key can be any friendly name of the feature. Once specified, featureAttributions are keyed by this key (if not grouped with another feature). For custom images, the key must match with the key in instance." }, "latentSpaceSource": { "type": "string", "description": "Name of the source to generate embeddings for example based explanations." }, "outputs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map from output names to output metadata. For Vertex AI-provided Tensorflow images, keys can be any user defined string that consists of any UTF-8 characters. For custom images, keys are the name of the output field in the prediction to be explained. Currently only one key is allowed." } }, "type": "object", "required": [ "inputs", "outputs" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ExplanationMetadataResponse": { "description": "Metadata describing the Model's input and output for explanation.", "properties": { "featureAttributionsSchemaUri": { "type": "string", "description": "Points to a YAML file stored on Google Cloud Storage describing the format of the feature attributions. The schema is defined as an OpenAPI 3.0.2 [Schema Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). AutoML tabular Models always have this field populated by Vertex AI. Note: The URI given on output may be different, including the URI scheme, than the one given on input. The output URI will point to a location where the user only has a read access." }, "inputs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map from feature names to feature input metadata. Keys are the name of the features. Values are the specification of the feature. An empty InputMetadata is valid. It describes a text feature which has the name specified as the key in ExplanationMetadata.inputs. The baseline of the empty feature is chosen by Vertex AI. For Vertex AI-provided Tensorflow images, the key can be any friendly name of the feature. Once specified, featureAttributions are keyed by this key (if not grouped with another feature). For custom images, the key must match with the key in instance." }, "latentSpaceSource": { "type": "string", "description": "Name of the source to generate embeddings for example based explanations." }, "outputs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map from output names to output metadata. For Vertex AI-provided Tensorflow images, keys can be any user defined string that consists of any UTF-8 characters. For custom images, keys are the name of the output field in the prediction to be explained. Currently only one key is allowed." } }, "type": "object", "required": [ "featureAttributionsSchemaUri", "inputs", "latentSpaceSource", "outputs" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ExplanationParameters": { "description": "Parameters to configure explaining for Model's predictions.", "properties": { "examples": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1Examples", "description": "Example-based explanations that returns the nearest neighbors from the provided dataset." }, "integratedGradientsAttribution": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1IntegratedGradientsAttribution", "description": "An attribution method that computes Aumann-Shapley values taking advantage of the model's fully differentiable structure. Refer to this paper for more details: https://arxiv.org/abs/1703.01365" }, "outputIndices": { "type": "array", "items": { "$ref": "pulumi.json#/Any" }, "description": "If populated, only returns attributions that have output_index contained in output_indices. It must be an ndarray of integers, with the same shape of the output it's explaining. If not populated, returns attributions for top_k indices of outputs. If neither top_k nor output_indices is populated, returns the argmax index of the outputs. Only applicable to Models that predict multiple outputs (e,g, multi-class Models that predict multiple classes)." }, "sampledShapleyAttribution": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1SampledShapleyAttribution", "description": "An attribution method that approximates Shapley values for features that contribute to the label being predicted. A sampling strategy is used to approximate the value rather than considering all subsets of features. Refer to this paper for model details: https://arxiv.org/abs/1306.4265." }, "topK": { "type": "integer", "description": "If populated, returns attributions for top K indices of outputs (defaults to 1). Only applies to Models that predicts more than one outputs (e,g, multi-class Models). When set to -1, returns explanations for all outputs." }, "xraiAttribution": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1XraiAttribution", "description": "An attribution method that redistributes Integrated Gradients attribution to segmented regions, taking advantage of the model's fully differentiable structure. Refer to this paper for more details: https://arxiv.org/abs/1906.02825 XRAI currently performs better on natural images, like a picture of a house or an animal. If the images are taken in artificial environments, like a lab or manufacturing line, or from diagnostic equipment, like x-rays or quality-control cameras, use Integrated Gradients instead." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ExplanationParametersResponse": { "description": "Parameters to configure explaining for Model's predictions.", "properties": { "examples": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ExamplesResponse", "description": "Example-based explanations that returns the nearest neighbors from the provided dataset." }, "integratedGradientsAttribution": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1IntegratedGradientsAttributionResponse", "description": "An attribution method that computes Aumann-Shapley values taking advantage of the model's fully differentiable structure. Refer to this paper for more details: https://arxiv.org/abs/1703.01365" }, "outputIndices": { "type": "array", "items": { "$ref": "pulumi.json#/Any" }, "description": "If populated, only returns attributions that have output_index contained in output_indices. It must be an ndarray of integers, with the same shape of the output it's explaining. If not populated, returns attributions for top_k indices of outputs. If neither top_k nor output_indices is populated, returns the argmax index of the outputs. Only applicable to Models that predict multiple outputs (e,g, multi-class Models that predict multiple classes)." }, "sampledShapleyAttribution": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1SampledShapleyAttributionResponse", "description": "An attribution method that approximates Shapley values for features that contribute to the label being predicted. A sampling strategy is used to approximate the value rather than considering all subsets of features. Refer to this paper for model details: https://arxiv.org/abs/1306.4265." }, "topK": { "type": "integer", "description": "If populated, returns attributions for top K indices of outputs (defaults to 1). Only applies to Models that predicts more than one outputs (e,g, multi-class Models). When set to -1, returns explanations for all outputs." }, "xraiAttribution": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1XraiAttributionResponse", "description": "An attribution method that redistributes Integrated Gradients attribution to segmented regions, taking advantage of the model's fully differentiable structure. Refer to this paper for more details: https://arxiv.org/abs/1906.02825 XRAI currently performs better on natural images, like a picture of a house or an animal. If the images are taken in artificial environments, like a lab or manufacturing line, or from diagnostic equipment, like x-rays or quality-control cameras, use Integrated Gradients instead." } }, "type": "object", "required": [ "examples", "integratedGradientsAttribution", "outputIndices", "sampledShapleyAttribution", "topK", "xraiAttribution" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ExplanationSpec": { "description": "Specification of Model explanation.", "properties": { "metadata": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ExplanationMetadata", "description": "Optional. Metadata describing the Model's input and output for explanation." }, "parameters": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ExplanationParameters", "description": "Parameters that configure explaining of the Model's predictions." } }, "type": "object", "required": [ "parameters" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ExplanationSpecResponse": { "description": "Specification of Model explanation.", "properties": { "metadata": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ExplanationMetadataResponse", "description": "Optional. Metadata describing the Model's input and output for explanation." }, "parameters": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ExplanationParametersResponse", "description": "Parameters that configure explaining of the Model's predictions." } }, "type": "object", "required": [ "metadata", "parameters" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeatureGroupBigQuery": { "description": "Input source type for BigQuery Tables and Views.", "properties": { "bigQuerySource": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1BigQuerySource", "description": "Immutable. The BigQuery source URI that points to either a BigQuery Table or View." }, "entityIdColumns": { "type": "array", "items": { "type": "string" }, "description": "Optional. Columns to construct entity_id / row keys. Currently only supports 1 entity_id_column. If not provided defaults to `entity_id`." } }, "type": "object", "required": [ "bigQuerySource" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeatureGroupBigQueryResponse": { "description": "Input source type for BigQuery Tables and Views.", "properties": { "bigQuerySource": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1BigQuerySourceResponse", "description": "Immutable. The BigQuery source URI that points to either a BigQuery Table or View." }, "entityIdColumns": { "type": "array", "items": { "type": "string" }, "description": "Optional. Columns to construct entity_id / row keys. Currently only supports 1 entity_id_column. If not provided defaults to `entity_id`." } }, "type": "object", "required": [ "bigQuerySource", "entityIdColumns" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeatureMonitoringStatsAnomalyResponse": { "description": "A list of historical SnapshotAnalysis or ImportFeaturesAnalysis stats requested by user, sorted by FeatureStatsAnomaly.start_time descending.", "properties": { "featureStatsAnomaly": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1FeatureStatsAnomalyResponse", "description": "The stats and anomalies generated at specific timestamp." }, "objective": { "type": "string", "description": "The objective for each stats." } }, "type": "object", "required": [ "featureStatsAnomaly", "objective" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeatureNoiseSigma": { "description": "Noise sigma by features. Noise sigma represents the standard deviation of the gaussian kernel that will be used to add noise to interpolated inputs prior to computing gradients.", "properties": { "noiseSigma": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1FeatureNoiseSigmaNoiseSigmaForFeature" }, "description": "Noise sigma per feature. No noise is added to features that are not set." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeatureNoiseSigmaNoiseSigmaForFeature": { "description": "Noise sigma for a single feature.", "properties": { "name": { "type": "string", "description": "The name of the input feature for which noise sigma is provided. The features are defined in explanation metadata inputs." }, "sigma": { "type": "number", "description": "This represents the standard deviation of the Gaussian kernel that will be used to add noise to the feature prior to computing gradients. Similar to noise_sigma but represents the noise added to the current feature. Defaults to 0.1." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeatureNoiseSigmaNoiseSigmaForFeatureResponse": { "description": "Noise sigma for a single feature.", "properties": { "name": { "type": "string", "description": "The name of the input feature for which noise sigma is provided. The features are defined in explanation metadata inputs." }, "sigma": { "type": "number", "description": "This represents the standard deviation of the Gaussian kernel that will be used to add noise to the feature prior to computing gradients. Similar to noise_sigma but represents the noise added to the current feature. Defaults to 0.1." } }, "type": "object", "required": [ "name", "sigma" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeatureNoiseSigmaResponse": { "description": "Noise sigma by features. Noise sigma represents the standard deviation of the gaussian kernel that will be used to add noise to interpolated inputs prior to computing gradients.", "properties": { "noiseSigma": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1FeatureNoiseSigmaNoiseSigmaForFeatureResponse" }, "description": "Noise sigma per feature. No noise is added to features that are not set." } }, "type": "object", "required": [ "noiseSigma" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeatureOnlineStoreBigtable": { "properties": { "autoScaling": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1FeatureOnlineStoreBigtableAutoScaling", "description": "Autoscaling config applied to Bigtable Instance." } }, "type": "object", "required": [ "autoScaling" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeatureOnlineStoreBigtableAutoScaling": { "properties": { "cpuUtilizationTarget": { "type": "integer", "description": "Optional. A percentage of the cluster's CPU capacity. Can be from 10% to 80%. When a cluster's CPU utilization exceeds the target that you have set, Bigtable immediately adds nodes to the cluster. When CPU utilization is substantially lower than the target, Bigtable removes nodes. If not set will default to 50%." }, "maxNodeCount": { "type": "integer", "description": "The maximum number of nodes to scale up to. Must be greater than or equal to min_node_count, and less than or equal to 10 times of 'min_node_count'." }, "minNodeCount": { "type": "integer", "description": "The minimum number of nodes to scale down to. Must be greater than or equal to 1." } }, "type": "object", "required": [ "maxNodeCount", "minNodeCount" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeatureOnlineStoreBigtableAutoScalingResponse": { "properties": { "cpuUtilizationTarget": { "type": "integer", "description": "Optional. A percentage of the cluster's CPU capacity. Can be from 10% to 80%. When a cluster's CPU utilization exceeds the target that you have set, Bigtable immediately adds nodes to the cluster. When CPU utilization is substantially lower than the target, Bigtable removes nodes. If not set will default to 50%." }, "maxNodeCount": { "type": "integer", "description": "The maximum number of nodes to scale up to. Must be greater than or equal to min_node_count, and less than or equal to 10 times of 'min_node_count'." }, "minNodeCount": { "type": "integer", "description": "The minimum number of nodes to scale down to. Must be greater than or equal to 1." } }, "type": "object", "required": [ "cpuUtilizationTarget", "maxNodeCount", "minNodeCount" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeatureOnlineStoreBigtableResponse": { "properties": { "autoScaling": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1FeatureOnlineStoreBigtableAutoScalingResponse", "description": "Autoscaling config applied to Bigtable Instance." } }, "type": "object", "required": [ "autoScaling" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeatureStatsAnomalyResponse": { "description": "Stats and Anomaly generated at specific timestamp for specific Feature. The start_time and end_time are used to define the time range of the dataset that current stats belongs to, e.g. prediction traffic is bucketed into prediction datasets by time window. If the Dataset is not defined by time window, start_time = end_time. Timestamp of the stats and anomalies always refers to end_time. Raw stats and anomalies are stored in stats_uri or anomaly_uri in the tensorflow defined protos. Field data_stats contains almost identical information with the raw stats in Vertex AI defined proto, for UI to display.", "properties": { "anomalyDetectionThreshold": { "type": "number", "description": "This is the threshold used when detecting anomalies. The threshold can be changed by user, so this one might be different from ThresholdConfig.value." }, "anomalyUri": { "type": "string", "description": "Path of the anomaly file for current feature values in Cloud Storage bucket. Format: gs:////anomalies. Example: gs://monitoring_bucket/feature_name/anomalies. Stats are stored as binary format with Protobuf message Anoamlies are stored as binary format with Protobuf message [tensorflow.metadata.v0.AnomalyInfo] (https://github.com/tensorflow/metadata/blob/master/tensorflow_metadata/proto/v0/anomalies.proto)." }, "distributionDeviation": { "type": "number", "description": "Deviation from the current stats to baseline stats. 1. For categorical feature, the distribution distance is calculated by L-inifinity norm. 2. For numerical feature, the distribution distance is calculated by Jensen–Shannon divergence." }, "endTime": { "type": "string", "description": "The end timestamp of window where stats were generated. For objectives where time window doesn't make sense (e.g. Featurestore Snapshot Monitoring), end_time indicates the timestamp of the data used to generate stats (e.g. timestamp we take snapshots for feature values)." }, "score": { "type": "number", "description": "Feature importance score, only populated when cross-feature monitoring is enabled. For now only used to represent feature attribution score within range [0, 1] for ModelDeploymentMonitoringObjectiveType.FEATURE_ATTRIBUTION_SKEW and ModelDeploymentMonitoringObjectiveType.FEATURE_ATTRIBUTION_DRIFT." }, "startTime": { "type": "string", "description": "The start timestamp of window where stats were generated. For objectives where time window doesn't make sense (e.g. Featurestore Snapshot Monitoring), start_time is only used to indicate the monitoring intervals, so it always equals to (end_time - monitoring_interval)." }, "statsUri": { "type": "string", "description": "Path of the stats file for current feature values in Cloud Storage bucket. Format: gs:////stats. Example: gs://monitoring_bucket/feature_name/stats. Stats are stored as binary format with Protobuf message [tensorflow.metadata.v0.FeatureNameStatistics](https://github.com/tensorflow/metadata/blob/master/tensorflow_metadata/proto/v0/statistics.proto)." } }, "type": "object", "required": [ "anomalyDetectionThreshold", "anomalyUri", "distributionDeviation", "endTime", "score", "startTime", "statsUri" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeatureViewBigQuerySource": { "properties": { "entityIdColumns": { "type": "array", "items": { "type": "string" }, "description": "Columns to construct entity_id / row keys. Start by supporting 1 only." }, "uri": { "type": "string", "description": "The BigQuery view URI that will be materialized on each sync trigger based on FeatureView.SyncConfig." } }, "type": "object", "required": [ "entityIdColumns", "uri" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeatureViewBigQuerySourceResponse": { "properties": { "entityIdColumns": { "type": "array", "items": { "type": "string" }, "description": "Columns to construct entity_id / row keys. Start by supporting 1 only." }, "uri": { "type": "string", "description": "The BigQuery view URI that will be materialized on each sync trigger based on FeatureView.SyncConfig." } }, "type": "object", "required": [ "entityIdColumns", "uri" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeatureViewFeatureRegistrySource": { "description": "A Feature Registry source for features that need to be synced to Online Store.", "properties": { "featureGroups": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1FeatureViewFeatureRegistrySourceFeatureGroup" }, "description": "List of features that need to be synced to Online Store." } }, "type": "object", "required": [ "featureGroups" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeatureViewFeatureRegistrySourceFeatureGroup": { "description": "Features belonging to a single feature group that will be synced to Online Store.", "properties": { "featureGroupId": { "type": "string", "description": "Identifier of the feature group." }, "featureIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of features under the feature group." } }, "type": "object", "required": [ "featureGroupId", "featureIds" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeatureViewFeatureRegistrySourceFeatureGroupResponse": { "description": "Features belonging to a single feature group that will be synced to Online Store.", "properties": { "featureGroupId": { "type": "string", "description": "Identifier of the feature group." }, "featureIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of features under the feature group." } }, "type": "object", "required": [ "featureGroupId", "featureIds" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeatureViewFeatureRegistrySourceResponse": { "description": "A Feature Registry source for features that need to be synced to Online Store.", "properties": { "featureGroups": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1FeatureViewFeatureRegistrySourceFeatureGroupResponse" }, "description": "List of features that need to be synced to Online Store." } }, "type": "object", "required": [ "featureGroups" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeatureViewSyncConfig": { "properties": { "cron": { "type": "string", "description": "Cron schedule (https://en.wikipedia.org/wiki/Cron) to launch scheduled runs. To explicitly set a timezone to the cron tab, apply a prefix in the cron tab: \"CRON_TZ=${IANA_TIME_ZONE}\" or \"TZ=${IANA_TIME_ZONE}\". The ${IANA_TIME_ZONE} may only be a valid string from IANA time zone database. For example, \"CRON_TZ=America/New_York 1 * * * *\", or \"TZ=America/New_York 1 * * * *\"." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeatureViewSyncConfigResponse": { "properties": { "cron": { "type": "string", "description": "Cron schedule (https://en.wikipedia.org/wiki/Cron) to launch scheduled runs. To explicitly set a timezone to the cron tab, apply a prefix in the cron tab: \"CRON_TZ=${IANA_TIME_ZONE}\" or \"TZ=${IANA_TIME_ZONE}\". The ${IANA_TIME_ZONE} may only be a valid string from IANA time zone database. For example, \"CRON_TZ=America/New_York 1 * * * *\", or \"TZ=America/New_York 1 * * * *\"." } }, "type": "object", "required": [ "cron" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeaturestoreMonitoringConfig": { "description": "Configuration of how features in Featurestore are monitored.", "properties": { "categoricalThresholdConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1FeaturestoreMonitoringConfigThresholdConfig", "description": "Threshold for categorical features of anomaly detection. This is shared by all types of Featurestore Monitoring for categorical features (i.e. Features with type (Feature.ValueType) BOOL or STRING)." }, "importFeaturesAnalysis": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1FeaturestoreMonitoringConfigImportFeaturesAnalysis", "description": "The config for ImportFeatures Analysis Based Feature Monitoring." }, "numericalThresholdConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1FeaturestoreMonitoringConfigThresholdConfig", "description": "Threshold for numerical features of anomaly detection. This is shared by all objectives of Featurestore Monitoring for numerical features (i.e. Features with type (Feature.ValueType) DOUBLE or INT64)." }, "snapshotAnalysis": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1FeaturestoreMonitoringConfigSnapshotAnalysis", "description": "The config for Snapshot Analysis Based Feature Monitoring." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeaturestoreMonitoringConfigImportFeaturesAnalysis": { "description": "Configuration of the Featurestore's ImportFeature Analysis Based Monitoring. This type of analysis generates statistics for values of each Feature imported by every ImportFeatureValues operation.", "properties": { "anomalyDetectionBaseline": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1FeaturestoreMonitoringConfigImportFeaturesAnalysisAnomalyDetectionBaseline", "description": "The baseline used to do anomaly detection for the statistics generated by import features analysis." }, "state": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1FeaturestoreMonitoringConfigImportFeaturesAnalysisState", "description": "Whether to enable / disable / inherite default hebavior for import features analysis." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeaturestoreMonitoringConfigImportFeaturesAnalysisAnomalyDetectionBaseline": { "description": "The baseline used to do anomaly detection for the statistics generated by import features analysis.", "type": "string", "enum": [ { "name": "BaselineUnspecified", "description": "Should not be used.", "value": "BASELINE_UNSPECIFIED" }, { "name": "LatestStats", "description": "Choose the later one statistics generated by either most recent snapshot analysis or previous import features analysis. If non of them exists, skip anomaly detection and only generate a statistics.", "value": "LATEST_STATS" }, { "name": "MostRecentSnapshotStats", "description": "Use the statistics generated by the most recent snapshot analysis if exists.", "value": "MOST_RECENT_SNAPSHOT_STATS" }, { "name": "PreviousImportFeaturesStats", "description": "Use the statistics generated by the previous import features analysis if exists.", "value": "PREVIOUS_IMPORT_FEATURES_STATS" } ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeaturestoreMonitoringConfigImportFeaturesAnalysisResponse": { "description": "Configuration of the Featurestore's ImportFeature Analysis Based Monitoring. This type of analysis generates statistics for values of each Feature imported by every ImportFeatureValues operation.", "properties": { "anomalyDetectionBaseline": { "type": "string", "description": "The baseline used to do anomaly detection for the statistics generated by import features analysis." }, "state": { "type": "string", "description": "Whether to enable / disable / inherite default hebavior for import features analysis." } }, "type": "object", "required": [ "anomalyDetectionBaseline", "state" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeaturestoreMonitoringConfigImportFeaturesAnalysisState": { "description": "Whether to enable / disable / inherite default hebavior for import features analysis.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "Should not be used.", "value": "STATE_UNSPECIFIED" }, { "name": "Default", "description": "The default behavior of whether to enable the monitoring. EntityType-level config: disabled. Feature-level config: inherited from the configuration of EntityType this Feature belongs to.", "value": "DEFAULT" }, { "name": "Enabled", "description": "Explicitly enables import features analysis. EntityType-level config: by default enables import features analysis for all Features under it. Feature-level config: enables import features analysis regardless of the EntityType-level config.", "value": "ENABLED" }, { "name": "Disabled", "description": "Explicitly disables import features analysis. EntityType-level config: by default disables import features analysis for all Features under it. Feature-level config: disables import features analysis regardless of the EntityType-level config.", "value": "DISABLED" } ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeaturestoreMonitoringConfigResponse": { "description": "Configuration of how features in Featurestore are monitored.", "properties": { "categoricalThresholdConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1FeaturestoreMonitoringConfigThresholdConfigResponse", "description": "Threshold for categorical features of anomaly detection. This is shared by all types of Featurestore Monitoring for categorical features (i.e. Features with type (Feature.ValueType) BOOL or STRING)." }, "importFeaturesAnalysis": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1FeaturestoreMonitoringConfigImportFeaturesAnalysisResponse", "description": "The config for ImportFeatures Analysis Based Feature Monitoring." }, "numericalThresholdConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1FeaturestoreMonitoringConfigThresholdConfigResponse", "description": "Threshold for numerical features of anomaly detection. This is shared by all objectives of Featurestore Monitoring for numerical features (i.e. Features with type (Feature.ValueType) DOUBLE or INT64)." }, "snapshotAnalysis": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1FeaturestoreMonitoringConfigSnapshotAnalysisResponse", "description": "The config for Snapshot Analysis Based Feature Monitoring." } }, "type": "object", "required": [ "categoricalThresholdConfig", "importFeaturesAnalysis", "numericalThresholdConfig", "snapshotAnalysis" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeaturestoreMonitoringConfigSnapshotAnalysis": { "description": "Configuration of the Featurestore's Snapshot Analysis Based Monitoring. This type of analysis generates statistics for each Feature based on a snapshot of the latest feature value of each entities every monitoring_interval.", "properties": { "disabled": { "type": "boolean", "description": "The monitoring schedule for snapshot analysis. For EntityType-level config: unset / disabled = true indicates disabled by default for Features under it; otherwise by default enable snapshot analysis monitoring with monitoring_interval for Features under it. Feature-level config: disabled = true indicates disabled regardless of the EntityType-level config; unset monitoring_interval indicates going with EntityType-level config; otherwise run snapshot analysis monitoring with monitoring_interval regardless of the EntityType-level config. Explicitly Disable the snapshot analysis based monitoring." }, "monitoringIntervalDays": { "type": "integer", "description": "Configuration of the snapshot analysis based monitoring pipeline running interval. The value indicates number of days." }, "stalenessDays": { "type": "integer", "description": "Customized export features time window for snapshot analysis. Unit is one day. Default value is 3 weeks. Minimum value is 1 day. Maximum value is 4000 days." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeaturestoreMonitoringConfigSnapshotAnalysisResponse": { "description": "Configuration of the Featurestore's Snapshot Analysis Based Monitoring. This type of analysis generates statistics for each Feature based on a snapshot of the latest feature value of each entities every monitoring_interval.", "properties": { "disabled": { "type": "boolean", "description": "The monitoring schedule for snapshot analysis. For EntityType-level config: unset / disabled = true indicates disabled by default for Features under it; otherwise by default enable snapshot analysis monitoring with monitoring_interval for Features under it. Feature-level config: disabled = true indicates disabled regardless of the EntityType-level config; unset monitoring_interval indicates going with EntityType-level config; otherwise run snapshot analysis monitoring with monitoring_interval regardless of the EntityType-level config. Explicitly Disable the snapshot analysis based monitoring." }, "monitoringIntervalDays": { "type": "integer", "description": "Configuration of the snapshot analysis based monitoring pipeline running interval. The value indicates number of days." }, "stalenessDays": { "type": "integer", "description": "Customized export features time window for snapshot analysis. Unit is one day. Default value is 3 weeks. Minimum value is 1 day. Maximum value is 4000 days." } }, "type": "object", "required": [ "disabled", "monitoringIntervalDays", "stalenessDays" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeaturestoreMonitoringConfigThresholdConfig": { "description": "The config for Featurestore Monitoring threshold.", "properties": { "value": { "type": "number", "description": "Specify a threshold value that can trigger the alert. 1. For categorical feature, the distribution distance is calculated by L-inifinity norm. 2. For numerical feature, the distribution distance is calculated by Jensen–Shannon divergence. Each feature must have a non-zero threshold if they need to be monitored. Otherwise no alert will be triggered for that feature." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeaturestoreMonitoringConfigThresholdConfigResponse": { "description": "The config for Featurestore Monitoring threshold.", "properties": { "value": { "type": "number", "description": "Specify a threshold value that can trigger the alert. 1. For categorical feature, the distribution distance is calculated by L-inifinity norm. 2. For numerical feature, the distribution distance is calculated by Jensen–Shannon divergence. Each feature must have a non-zero threshold if they need to be monitored. Otherwise no alert will be triggered for that feature." } }, "type": "object", "required": [ "value" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeaturestoreOnlineServingConfig": { "description": "OnlineServingConfig specifies the details for provisioning online serving resources.", "properties": { "fixedNodeCount": { "type": "integer", "description": "The number of nodes for the online store. The number of nodes doesn't scale automatically, but you can manually update the number of nodes. If set to 0, the featurestore will not have an online store and cannot be used for online serving." }, "scaling": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1FeaturestoreOnlineServingConfigScaling", "description": "Online serving scaling configuration. Only one of `fixed_node_count` and `scaling` can be set. Setting one will reset the other." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeaturestoreOnlineServingConfigResponse": { "description": "OnlineServingConfig specifies the details for provisioning online serving resources.", "properties": { "fixedNodeCount": { "type": "integer", "description": "The number of nodes for the online store. The number of nodes doesn't scale automatically, but you can manually update the number of nodes. If set to 0, the featurestore will not have an online store and cannot be used for online serving." }, "scaling": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1FeaturestoreOnlineServingConfigScalingResponse", "description": "Online serving scaling configuration. Only one of `fixed_node_count` and `scaling` can be set. Setting one will reset the other." } }, "type": "object", "required": [ "fixedNodeCount", "scaling" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeaturestoreOnlineServingConfigScaling": { "description": "Online serving scaling configuration. If min_node_count and max_node_count are set to the same value, the cluster will be configured with the fixed number of node (no auto-scaling).", "properties": { "cpuUtilizationTarget": { "type": "integer", "description": "Optional. The cpu utilization that the Autoscaler should be trying to achieve. This number is on a scale from 0 (no utilization) to 100 (total utilization), and is limited between 10 and 80. When a cluster's CPU utilization exceeds the target that you have set, Bigtable immediately adds nodes to the cluster. When CPU utilization is substantially lower than the target, Bigtable removes nodes. If not set or set to 0, default to 50." }, "maxNodeCount": { "type": "integer", "description": "The maximum number of nodes to scale up to. Must be greater than min_node_count, and less than or equal to 10 times of 'min_node_count'." }, "minNodeCount": { "type": "integer", "description": "The minimum number of nodes to scale down to. Must be greater than or equal to 1." } }, "type": "object", "required": [ "minNodeCount" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FeaturestoreOnlineServingConfigScalingResponse": { "description": "Online serving scaling configuration. If min_node_count and max_node_count are set to the same value, the cluster will be configured with the fixed number of node (no auto-scaling).", "properties": { "cpuUtilizationTarget": { "type": "integer", "description": "Optional. The cpu utilization that the Autoscaler should be trying to achieve. This number is on a scale from 0 (no utilization) to 100 (total utilization), and is limited between 10 and 80. When a cluster's CPU utilization exceeds the target that you have set, Bigtable immediately adds nodes to the cluster. When CPU utilization is substantially lower than the target, Bigtable removes nodes. If not set or set to 0, default to 50." }, "maxNodeCount": { "type": "integer", "description": "The maximum number of nodes to scale up to. Must be greater than min_node_count, and less than or equal to 10 times of 'min_node_count'." }, "minNodeCount": { "type": "integer", "description": "The minimum number of nodes to scale down to. Must be greater than or equal to 1." } }, "type": "object", "required": [ "cpuUtilizationTarget", "maxNodeCount", "minNodeCount" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FilterSplit": { "description": "Assigns input data to training, validation, and test sets based on the given filters, data pieces not matched by any filter are ignored. Currently only supported for Datasets containing DataItems. If any of the filters in this message are to match nothing, then they can be set as '-' (the minus sign). Supported only for unstructured Datasets. ", "properties": { "testFilter": { "type": "string", "description": "A filter on DataItems of the Dataset. DataItems that match this filter are used to test the Model. A filter with same syntax as the one used in DatasetService.ListDataItems may be used. If a single DataItem is matched by more than one of the FilterSplit filters, then it is assigned to the first set that applies to it in the training, validation, test order." }, "trainingFilter": { "type": "string", "description": "A filter on DataItems of the Dataset. DataItems that match this filter are used to train the Model. A filter with same syntax as the one used in DatasetService.ListDataItems may be used. If a single DataItem is matched by more than one of the FilterSplit filters, then it is assigned to the first set that applies to it in the training, validation, test order." }, "validationFilter": { "type": "string", "description": "A filter on DataItems of the Dataset. DataItems that match this filter are used to validate the Model. A filter with same syntax as the one used in DatasetService.ListDataItems may be used. If a single DataItem is matched by more than one of the FilterSplit filters, then it is assigned to the first set that applies to it in the training, validation, test order." } }, "type": "object", "required": [ "testFilter", "trainingFilter", "validationFilter" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FilterSplitResponse": { "description": "Assigns input data to training, validation, and test sets based on the given filters, data pieces not matched by any filter are ignored. Currently only supported for Datasets containing DataItems. If any of the filters in this message are to match nothing, then they can be set as '-' (the minus sign). Supported only for unstructured Datasets. ", "properties": { "testFilter": { "type": "string", "description": "A filter on DataItems of the Dataset. DataItems that match this filter are used to test the Model. A filter with same syntax as the one used in DatasetService.ListDataItems may be used. If a single DataItem is matched by more than one of the FilterSplit filters, then it is assigned to the first set that applies to it in the training, validation, test order." }, "trainingFilter": { "type": "string", "description": "A filter on DataItems of the Dataset. DataItems that match this filter are used to train the Model. A filter with same syntax as the one used in DatasetService.ListDataItems may be used. If a single DataItem is matched by more than one of the FilterSplit filters, then it is assigned to the first set that applies to it in the training, validation, test order." }, "validationFilter": { "type": "string", "description": "A filter on DataItems of the Dataset. DataItems that match this filter are used to validate the Model. A filter with same syntax as the one used in DatasetService.ListDataItems may be used. If a single DataItem is matched by more than one of the FilterSplit filters, then it is assigned to the first set that applies to it in the training, validation, test order." } }, "type": "object", "required": [ "testFilter", "trainingFilter", "validationFilter" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FractionSplit": { "description": "Assigns the input data to training, validation, and test sets as per the given fractions. Any of `training_fraction`, `validation_fraction` and `test_fraction` may optionally be provided, they must sum to up to 1. If the provided ones sum to less than 1, the remainder is assigned to sets as decided by Vertex AI. If none of the fractions are set, by default roughly 80% of data is used for training, 10% for validation, and 10% for test.", "properties": { "testFraction": { "type": "number", "description": "The fraction of the input data that is to be used to evaluate the Model." }, "trainingFraction": { "type": "number", "description": "The fraction of the input data that is to be used to train the Model." }, "validationFraction": { "type": "number", "description": "The fraction of the input data that is to be used to validate the Model." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1FractionSplitResponse": { "description": "Assigns the input data to training, validation, and test sets as per the given fractions. Any of `training_fraction`, `validation_fraction` and `test_fraction` may optionally be provided, they must sum to up to 1. If the provided ones sum to less than 1, the remainder is assigned to sets as decided by Vertex AI. If none of the fractions are set, by default roughly 80% of data is used for training, 10% for validation, and 10% for test.", "properties": { "testFraction": { "type": "number", "description": "The fraction of the input data that is to be used to evaluate the Model." }, "trainingFraction": { "type": "number", "description": "The fraction of the input data that is to be used to train the Model." }, "validationFraction": { "type": "number", "description": "The fraction of the input data that is to be used to validate the Model." } }, "type": "object", "required": [ "testFraction", "trainingFraction", "validationFraction" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1GcsDestination": { "description": "The Google Cloud Storage location where the output is to be written to.", "properties": { "outputUriPrefix": { "type": "string", "description": "Google Cloud Storage URI to output directory. If the uri doesn't end with '/', a '/' will be automatically appended. The directory is created if it doesn't exist." } }, "type": "object", "required": [ "outputUriPrefix" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1GcsDestinationResponse": { "description": "The Google Cloud Storage location where the output is to be written to.", "properties": { "outputUriPrefix": { "type": "string", "description": "Google Cloud Storage URI to output directory. If the uri doesn't end with '/', a '/' will be automatically appended. The directory is created if it doesn't exist." } }, "type": "object", "required": [ "outputUriPrefix" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1GcsSource": { "description": "The Google Cloud Storage location for the input content.", "properties": { "uris": { "type": "array", "items": { "type": "string" }, "description": "Google Cloud Storage URI(-s) to the input file(s). May contain wildcards. For more information on wildcards, see https://cloud.google.com/storage/docs/gsutil/addlhelp/WildcardNames." } }, "type": "object", "required": [ "uris" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1GcsSourceResponse": { "description": "The Google Cloud Storage location for the input content.", "properties": { "uris": { "type": "array", "items": { "type": "string" }, "description": "Google Cloud Storage URI(-s) to the input file(s). May contain wildcards. For more information on wildcards, see https://cloud.google.com/storage/docs/gsutil/addlhelp/WildcardNames." } }, "type": "object", "required": [ "uris" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1IndexPrivateEndpointsResponse": { "description": "IndexPrivateEndpoints proto is used to provide paths for users to send requests via private endpoints (e.g. private service access, private service connect). To send request via private service access, use match_grpc_address. To send request via private service connect, use service_attachment.", "properties": { "matchGrpcAddress": { "type": "string", "description": "The ip address used to send match gRPC requests." }, "serviceAttachment": { "type": "string", "description": "The name of the service attachment resource. Populated if private service connect is enabled." } }, "type": "object", "required": [ "matchGrpcAddress", "serviceAttachment" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1IndexStatsResponse": { "description": "Stats of the Index.", "properties": { "shardsCount": { "type": "integer", "description": "The number of shards in the Index." }, "vectorsCount": { "type": "string", "description": "The number of vectors in the Index." } }, "type": "object", "required": [ "shardsCount", "vectorsCount" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1InputDataConfig": { "description": "Specifies Vertex AI owned input data to be used for training, and possibly evaluating, the Model.", "properties": { "annotationSchemaUri": { "type": "string", "description": "Applicable only to custom training with Datasets that have DataItems and Annotations. Cloud Storage URI that points to a YAML file describing the annotation schema. The schema is defined as an OpenAPI 3.0.2 [Schema Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). The schema files that can be used here are found in gs://google-cloud-aiplatform/schema/dataset/annotation/ , note that the chosen schema must be consistent with metadata of the Dataset specified by dataset_id. Only Annotations that both match this schema and belong to DataItems not ignored by the split method are used in respectively training, validation or test role, depending on the role of the DataItem they are on. When used in conjunction with annotations_filter, the Annotations used for training are filtered by both annotations_filter and annotation_schema_uri." }, "annotationsFilter": { "type": "string", "description": "Applicable only to Datasets that have DataItems and Annotations. A filter on Annotations of the Dataset. Only Annotations that both match this filter and belong to DataItems not ignored by the split method are used in respectively training, validation or test role, depending on the role of the DataItem they are on (for the auto-assigned that role is decided by Vertex AI). A filter with same syntax as the one used in ListAnnotations may be used, but note here it filters across all Annotations of the Dataset, and not just within a single DataItem." }, "bigqueryDestination": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1BigQueryDestination", "description": "Only applicable to custom training with tabular Dataset with BigQuery source. The BigQuery project location where the training data is to be written to. In the given project a new dataset is created with name `dataset___` where timestamp is in YYYY_MM_DDThh_mm_ss_sssZ format. All training input data is written into that dataset. In the dataset three tables are created, `training`, `validation` and `test`. * AIP_DATA_FORMAT = \"bigquery\". * AIP_TRAINING_DATA_URI = \"bigquery_destination.dataset___.training\" * AIP_VALIDATION_DATA_URI = \"bigquery_destination.dataset___.validation\" * AIP_TEST_DATA_URI = \"bigquery_destination.dataset___.test\"" }, "datasetId": { "type": "string", "description": "The ID of the Dataset in the same Project and Location which data will be used to train the Model. The Dataset must use schema compatible with Model being trained, and what is compatible should be described in the used TrainingPipeline's training_task_definition. For tabular Datasets, all their data is exported to training, to pick and choose from." }, "filterSplit": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1FilterSplit", "description": "Split based on the provided filters for each set." }, "fractionSplit": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1FractionSplit", "description": "Split based on fractions defining the size of each set." }, "gcsDestination": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1GcsDestination", "description": "The Cloud Storage location where the training data is to be written to. In the given directory a new directory is created with name: `dataset---` where timestamp is in YYYY-MM-DDThh:mm:ss.sssZ ISO-8601 format. All training input data is written into that directory. The Vertex AI environment variables representing Cloud Storage data URIs are represented in the Cloud Storage wildcard format to support sharded data. e.g.: \"gs://.../training-*.jsonl\" * AIP_DATA_FORMAT = \"jsonl\" for non-tabular data, \"csv\" for tabular data * AIP_TRAINING_DATA_URI = \"gcs_destination/dataset---/training-*.${AIP_DATA_FORMAT}\" * AIP_VALIDATION_DATA_URI = \"gcs_destination/dataset---/validation-*.${AIP_DATA_FORMAT}\" * AIP_TEST_DATA_URI = \"gcs_destination/dataset---/test-*.${AIP_DATA_FORMAT}\"" }, "persistMlUseAssignment": { "type": "boolean", "description": "Whether to persist the ML use assignment to data item system labels." }, "predefinedSplit": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1PredefinedSplit", "description": "Supported only for tabular Datasets. Split based on a predefined key." }, "savedQueryId": { "type": "string", "description": "Only applicable to Datasets that have SavedQueries. The ID of a SavedQuery (annotation set) under the Dataset specified by dataset_id used for filtering Annotations for training. Only Annotations that are associated with this SavedQuery are used in respectively training. When used in conjunction with annotations_filter, the Annotations used for training are filtered by both saved_query_id and annotations_filter. Only one of saved_query_id and annotation_schema_uri should be specified as both of them represent the same thing: problem type." }, "stratifiedSplit": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StratifiedSplit", "description": "Supported only for tabular Datasets. Split based on the distribution of the specified column." }, "timestampSplit": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1TimestampSplit", "description": "Supported only for tabular Datasets. Split based on the timestamp of the input data pieces." } }, "type": "object", "required": [ "datasetId" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1InputDataConfigResponse": { "description": "Specifies Vertex AI owned input data to be used for training, and possibly evaluating, the Model.", "properties": { "annotationSchemaUri": { "type": "string", "description": "Applicable only to custom training with Datasets that have DataItems and Annotations. Cloud Storage URI that points to a YAML file describing the annotation schema. The schema is defined as an OpenAPI 3.0.2 [Schema Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). The schema files that can be used here are found in gs://google-cloud-aiplatform/schema/dataset/annotation/ , note that the chosen schema must be consistent with metadata of the Dataset specified by dataset_id. Only Annotations that both match this schema and belong to DataItems not ignored by the split method are used in respectively training, validation or test role, depending on the role of the DataItem they are on. When used in conjunction with annotations_filter, the Annotations used for training are filtered by both annotations_filter and annotation_schema_uri." }, "annotationsFilter": { "type": "string", "description": "Applicable only to Datasets that have DataItems and Annotations. A filter on Annotations of the Dataset. Only Annotations that both match this filter and belong to DataItems not ignored by the split method are used in respectively training, validation or test role, depending on the role of the DataItem they are on (for the auto-assigned that role is decided by Vertex AI). A filter with same syntax as the one used in ListAnnotations may be used, but note here it filters across all Annotations of the Dataset, and not just within a single DataItem." }, "bigqueryDestination": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1BigQueryDestinationResponse", "description": "Only applicable to custom training with tabular Dataset with BigQuery source. The BigQuery project location where the training data is to be written to. In the given project a new dataset is created with name `dataset___` where timestamp is in YYYY_MM_DDThh_mm_ss_sssZ format. All training input data is written into that dataset. In the dataset three tables are created, `training`, `validation` and `test`. * AIP_DATA_FORMAT = \"bigquery\". * AIP_TRAINING_DATA_URI = \"bigquery_destination.dataset___.training\" * AIP_VALIDATION_DATA_URI = \"bigquery_destination.dataset___.validation\" * AIP_TEST_DATA_URI = \"bigquery_destination.dataset___.test\"" }, "datasetId": { "type": "string", "description": "The ID of the Dataset in the same Project and Location which data will be used to train the Model. The Dataset must use schema compatible with Model being trained, and what is compatible should be described in the used TrainingPipeline's training_task_definition. For tabular Datasets, all their data is exported to training, to pick and choose from." }, "filterSplit": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1FilterSplitResponse", "description": "Split based on the provided filters for each set." }, "fractionSplit": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1FractionSplitResponse", "description": "Split based on fractions defining the size of each set." }, "gcsDestination": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1GcsDestinationResponse", "description": "The Cloud Storage location where the training data is to be written to. In the given directory a new directory is created with name: `dataset---` where timestamp is in YYYY-MM-DDThh:mm:ss.sssZ ISO-8601 format. All training input data is written into that directory. The Vertex AI environment variables representing Cloud Storage data URIs are represented in the Cloud Storage wildcard format to support sharded data. e.g.: \"gs://.../training-*.jsonl\" * AIP_DATA_FORMAT = \"jsonl\" for non-tabular data, \"csv\" for tabular data * AIP_TRAINING_DATA_URI = \"gcs_destination/dataset---/training-*.${AIP_DATA_FORMAT}\" * AIP_VALIDATION_DATA_URI = \"gcs_destination/dataset---/validation-*.${AIP_DATA_FORMAT}\" * AIP_TEST_DATA_URI = \"gcs_destination/dataset---/test-*.${AIP_DATA_FORMAT}\"" }, "persistMlUseAssignment": { "type": "boolean", "description": "Whether to persist the ML use assignment to data item system labels." }, "predefinedSplit": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1PredefinedSplitResponse", "description": "Supported only for tabular Datasets. Split based on a predefined key." }, "savedQueryId": { "type": "string", "description": "Only applicable to Datasets that have SavedQueries. The ID of a SavedQuery (annotation set) under the Dataset specified by dataset_id used for filtering Annotations for training. Only Annotations that are associated with this SavedQuery are used in respectively training. When used in conjunction with annotations_filter, the Annotations used for training are filtered by both saved_query_id and annotations_filter. Only one of saved_query_id and annotation_schema_uri should be specified as both of them represent the same thing: problem type." }, "stratifiedSplit": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StratifiedSplitResponse", "description": "Supported only for tabular Datasets. Split based on the distribution of the specified column." }, "timestampSplit": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1TimestampSplitResponse", "description": "Supported only for tabular Datasets. Split based on the timestamp of the input data pieces." } }, "type": "object", "required": [ "annotationSchemaUri", "annotationsFilter", "bigqueryDestination", "datasetId", "filterSplit", "fractionSplit", "gcsDestination", "persistMlUseAssignment", "predefinedSplit", "savedQueryId", "stratifiedSplit", "timestampSplit" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1IntegratedGradientsAttribution": { "description": "An attribution method that computes the Aumann-Shapley value taking advantage of the model's fully differentiable structure. Refer to this paper for more details: https://arxiv.org/abs/1703.01365", "properties": { "blurBaselineConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1BlurBaselineConfig", "description": "Config for IG with blur baseline. When enabled, a linear path from the maximally blurred image to the input image is created. Using a blurred baseline instead of zero (black image) is motivated by the BlurIG approach explained here: https://arxiv.org/abs/2004.03383" }, "smoothGradConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1SmoothGradConfig", "description": "Config for SmoothGrad approximation of gradients. When enabled, the gradients are approximated by averaging the gradients from noisy samples in the vicinity of the inputs. Adding noise can help improve the computed gradients. Refer to this paper for more details: https://arxiv.org/pdf/1706.03825.pdf" }, "stepCount": { "type": "integer", "description": "The number of steps for approximating the path integral. A good value to start is 50 and gradually increase until the sum to diff property is within the desired error range. Valid range of its value is [1, 100], inclusively." } }, "type": "object", "required": [ "stepCount" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1IntegratedGradientsAttributionResponse": { "description": "An attribution method that computes the Aumann-Shapley value taking advantage of the model's fully differentiable structure. Refer to this paper for more details: https://arxiv.org/abs/1703.01365", "properties": { "blurBaselineConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1BlurBaselineConfigResponse", "description": "Config for IG with blur baseline. When enabled, a linear path from the maximally blurred image to the input image is created. Using a blurred baseline instead of zero (black image) is motivated by the BlurIG approach explained here: https://arxiv.org/abs/2004.03383" }, "smoothGradConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1SmoothGradConfigResponse", "description": "Config for SmoothGrad approximation of gradients. When enabled, the gradients are approximated by averaging the gradients from noisy samples in the vicinity of the inputs. Adding noise can help improve the computed gradients. Refer to this paper for more details: https://arxiv.org/pdf/1706.03825.pdf" }, "stepCount": { "type": "integer", "description": "The number of steps for approximating the path integral. A good value to start is 50 and gradually increase until the sum to diff property is within the desired error range. Valid range of its value is [1, 100], inclusively." } }, "type": "object", "required": [ "blurBaselineConfig", "smoothGradConfig", "stepCount" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1MachineSpec": { "description": "Specification of a single machine.", "properties": { "acceleratorCount": { "type": "integer", "description": "The number of accelerators to attach to the machine." }, "acceleratorType": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1MachineSpecAcceleratorType", "description": "Immutable. The type of accelerator(s) that may be attached to the machine as per accelerator_count." }, "machineType": { "type": "string", "description": "Immutable. The type of the machine. See the [list of machine types supported for prediction](https://cloud.google.com/vertex-ai/docs/predictions/configure-compute#machine-types) See the [list of machine types supported for custom training](https://cloud.google.com/vertex-ai/docs/training/configure-compute#machine-types). For DeployedModel this field is optional, and the default value is `n1-standard-2`. For BatchPredictionJob or as part of WorkerPoolSpec this field is required." }, "tpuTopology": { "type": "string", "description": "Immutable. The topology of the TPUs. Corresponds to the TPU topologies available from GKE. (Example: tpu_topology: \"2x2x1\")." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1MachineSpecAcceleratorType": { "description": "Immutable. The type of accelerator(s) that may be attached to the machine as per accelerator_count.", "type": "string", "enum": [ { "name": "AcceleratorTypeUnspecified", "description": "Unspecified accelerator type, which means no accelerator.", "value": "ACCELERATOR_TYPE_UNSPECIFIED" }, { "name": "NvidiaTeslaK80", "description": "Nvidia Tesla K80 GPU.", "value": "NVIDIA_TESLA_K80" }, { "name": "NvidiaTeslaP100", "description": "Nvidia Tesla P100 GPU.", "value": "NVIDIA_TESLA_P100" }, { "name": "NvidiaTeslaV100", "description": "Nvidia Tesla V100 GPU.", "value": "NVIDIA_TESLA_V100" }, { "name": "NvidiaTeslaP4", "description": "Nvidia Tesla P4 GPU.", "value": "NVIDIA_TESLA_P4" }, { "name": "NvidiaTeslaT4", "description": "Nvidia Tesla T4 GPU.", "value": "NVIDIA_TESLA_T4" }, { "name": "NvidiaTeslaA100", "description": "Nvidia Tesla A100 GPU.", "value": "NVIDIA_TESLA_A100" }, { "name": "NvidiaA10080gb", "description": "Nvidia A100 80GB GPU.", "value": "NVIDIA_A100_80GB" }, { "name": "NvidiaL4", "description": "Nvidia L4 GPU.", "value": "NVIDIA_L4" }, { "name": "TpuV2", "description": "TPU v2.", "value": "TPU_V2" }, { "name": "TpuV3", "description": "TPU v3.", "value": "TPU_V3" }, { "name": "TpuV4Pod", "description": "TPU v4.", "value": "TPU_V4_POD" } ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1MachineSpecResponse": { "description": "Specification of a single machine.", "properties": { "acceleratorCount": { "type": "integer", "description": "The number of accelerators to attach to the machine." }, "acceleratorType": { "type": "string", "description": "Immutable. The type of accelerator(s) that may be attached to the machine as per accelerator_count." }, "machineType": { "type": "string", "description": "Immutable. The type of the machine. See the [list of machine types supported for prediction](https://cloud.google.com/vertex-ai/docs/predictions/configure-compute#machine-types) See the [list of machine types supported for custom training](https://cloud.google.com/vertex-ai/docs/training/configure-compute#machine-types). For DeployedModel this field is optional, and the default value is `n1-standard-2`. For BatchPredictionJob or as part of WorkerPoolSpec this field is required." }, "tpuTopology": { "type": "string", "description": "Immutable. The topology of the TPUs. Corresponds to the TPU topologies available from GKE. (Example: tpu_topology: \"2x2x1\")." } }, "type": "object", "required": [ "acceleratorCount", "acceleratorType", "machineType", "tpuTopology" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ManualBatchTuningParameters": { "description": "Manual batch tuning parameters.", "properties": { "batchSize": { "type": "integer", "description": "Immutable. The number of the records (e.g. instances) of the operation given in each batch to a machine replica. Machine type, and size of a single record should be considered when setting this parameter, higher value speeds up the batch operation's execution, but too high value will result in a whole batch not fitting in a machine's memory, and the whole operation will fail. The default value is 64." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ManualBatchTuningParametersResponse": { "description": "Manual batch tuning parameters.", "properties": { "batchSize": { "type": "integer", "description": "Immutable. The number of the records (e.g. instances) of the operation given in each batch to a machine replica. Machine type, and size of a single record should be considered when setting this parameter, higher value speeds up the batch operation's execution, but too high value will result in a whole batch not fitting in a machine's memory, and the whole operation will fail. The default value is 64." } }, "type": "object", "required": [ "batchSize" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1MeasurementMetricResponse": { "description": "A message representing a metric in the measurement.", "properties": { "metricId": { "type": "string", "description": "The ID of the Metric. The Metric should be defined in StudySpec's Metrics." }, "value": { "type": "number", "description": "The value for this metric." } }, "type": "object", "required": [ "metricId", "value" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1MeasurementResponse": { "description": "A message representing a Measurement of a Trial. A Measurement contains the Metrics got by executing a Trial using suggested hyperparameter values.", "properties": { "elapsedDuration": { "type": "string", "description": "Time that the Trial has been running at the point of this Measurement." }, "metrics": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1MeasurementMetricResponse" }, "description": "A list of metrics got by evaluating the objective functions using suggested Parameter values." }, "stepCount": { "type": "string", "description": "The number of steps the machine learning model has been trained for. Must be non-negative." } }, "type": "object", "required": [ "elapsedDuration", "metrics", "stepCount" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1MetadataStoreMetadataStoreStateResponse": { "description": "Represents state information for a MetadataStore.", "properties": { "diskUtilizationBytes": { "type": "string", "description": "The disk utilization of the MetadataStore in bytes." } }, "type": "object", "required": [ "diskUtilizationBytes" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1Model": { "description": "A trained machine learning Model.", "properties": { "artifactUri": { "type": "string", "description": "Immutable. The path to the directory containing the Model artifact and any of its supporting files. Not present for AutoML Models or Large Models." }, "containerSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ModelContainerSpec", "description": "Input only. The specification of the container that is to be used when deploying this Model. The specification is ingested upon ModelService.UploadModel, and all binaries it contains are copied and stored internally by Vertex AI. Not present for AutoML Models or Large Models." }, "description": { "type": "string", "description": "The description of the Model." }, "displayName": { "type": "string", "description": "The display name of the Model. The name can be up to 128 characters long and can consist of any UTF-8 characters." }, "encryptionSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1EncryptionSpec", "description": "Customer-managed encryption key spec for a Model. If set, this Model and all sub-resources of this Model will be secured by this key." }, "etag": { "type": "string", "description": "Used to perform consistent read-modify-write updates. If not set, a blind \"overwrite\" update happens." }, "explanationSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ExplanationSpec", "description": "The default explanation specification for this Model. The Model can be used for requesting explanation after being deployed if it is populated. The Model can be used for batch explanation if it is populated. All fields of the explanation_spec can be overridden by explanation_spec of DeployModelRequest.deployed_model, or explanation_spec of BatchPredictionJob. If the default explanation specification is not set for this Model, this Model can still be used for requesting explanation by setting explanation_spec of DeployModelRequest.deployed_model and for batch explanation by setting explanation_spec of BatchPredictionJob." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The labels with user-defined metadata to organize your Models. Label keys and values can be no longer than 64 characters (Unicode codepoints), can only contain lowercase letters, numeric characters, underscores and dashes. International characters are allowed. See https://goo.gl/xmQnxf for more information and examples of labels." }, "metadata": { "$ref": "pulumi.json#/Any", "description": "Immutable. An additional information about the Model; the schema of the metadata can be found in metadata_schema. Unset if the Model does not have any additional information." }, "metadataSchemaUri": { "type": "string", "description": "Immutable. Points to a YAML file stored on Google Cloud Storage describing additional information about the Model, that is specific to it. Unset if the Model does not have any additional information. The schema is defined as an OpenAPI 3.0.2 [Schema Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). AutoML Models always have this field populated by Vertex AI, if no additional metadata is needed, this field is set to an empty string. Note: The URI given on output will be immutable and probably different, including the URI scheme, than the one given on input. The output URI will point to a location where the user only has a read access." }, "name": { "type": "string", "description": "The resource name of the Model." }, "pipelineJob": { "type": "string", "description": "Optional. This field is populated if the model is produced by a pipeline job." }, "predictSchemata": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1PredictSchemata", "description": "The schemata that describe formats of the Model's predictions and explanations as given and returned via PredictionService.Predict and PredictionService.Explain." }, "versionAliases": { "type": "array", "items": { "type": "string" }, "description": "User provided version aliases so that a model version can be referenced via alias (i.e. `projects/{project}/locations/{location}/models/{model_id}@{version_alias}` instead of auto-generated version id (i.e. `projects/{project}/locations/{location}/models/{model_id}@{version_id})`. The format is a-z{0,126}[a-z0-9] to distinguish from version_id. A default version alias will be created for the first version of the model, and there must be exactly one default version alias for a model." }, "versionDescription": { "type": "string", "description": "The description of this version." } }, "type": "object", "required": [ "displayName" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ModelContainerSpec": { "description": "Specification of a container for serving predictions. Some fields in this message correspond to fields in the [Kubernetes Container v1 core specification](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#container-v1-core).", "properties": { "args": { "type": "array", "items": { "type": "string" }, "description": "Immutable. Specifies arguments for the command that runs when the container starts. This overrides the container's [`CMD`](https://docs.docker.com/engine/reference/builder/#cmd). Specify this field as an array of executable and arguments, similar to a Docker `CMD`'s \"default parameters\" form. If you don't specify this field but do specify the command field, then the command from the `command` field runs without any additional arguments. See the [Kubernetes documentation about how the `command` and `args` fields interact with a container's `ENTRYPOINT` and `CMD`](https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#notes). If you don't specify this field and don't specify the `command` field, then the container's [`ENTRYPOINT`](https://docs.docker.com/engine/reference/builder/#cmd) and `CMD` determine what runs based on their default behavior. See the Docker documentation about [how `CMD` and `ENTRYPOINT` interact](https://docs.docker.com/engine/reference/builder/#understand-how-cmd-and-entrypoint-interact). In this field, you can reference [environment variables set by Vertex AI](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables) and environment variables set in the env field. You cannot reference environment variables set in the Docker image. In order for environment variables to be expanded, reference them by using the following syntax: $( VARIABLE_NAME) Note that this differs from Bash variable expansion, which does not use parentheses. If a variable cannot be resolved, the reference in the input string is used unchanged. To avoid variable expansion, you can escape this syntax with `$$`; for example: $$(VARIABLE_NAME) This field corresponds to the `args` field of the Kubernetes Containers [v1 core API](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#container-v1-core)." }, "command": { "type": "array", "items": { "type": "string" }, "description": "Immutable. Specifies the command that runs when the container starts. This overrides the container's [ENTRYPOINT](https://docs.docker.com/engine/reference/builder/#entrypoint). Specify this field as an array of executable and arguments, similar to a Docker `ENTRYPOINT`'s \"exec\" form, not its \"shell\" form. If you do not specify this field, then the container's `ENTRYPOINT` runs, in conjunction with the args field or the container's [`CMD`](https://docs.docker.com/engine/reference/builder/#cmd), if either exists. If this field is not specified and the container does not have an `ENTRYPOINT`, then refer to the Docker documentation about [how `CMD` and `ENTRYPOINT` interact](https://docs.docker.com/engine/reference/builder/#understand-how-cmd-and-entrypoint-interact). If you specify this field, then you can also specify the `args` field to provide additional arguments for this command. However, if you specify this field, then the container's `CMD` is ignored. See the [Kubernetes documentation about how the `command` and `args` fields interact with a container's `ENTRYPOINT` and `CMD`](https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#notes). In this field, you can reference [environment variables set by Vertex AI](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables) and environment variables set in the env field. You cannot reference environment variables set in the Docker image. In order for environment variables to be expanded, reference them by using the following syntax: $( VARIABLE_NAME) Note that this differs from Bash variable expansion, which does not use parentheses. If a variable cannot be resolved, the reference in the input string is used unchanged. To avoid variable expansion, you can escape this syntax with `$$`; for example: $$(VARIABLE_NAME) This field corresponds to the `command` field of the Kubernetes Containers [v1 core API](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#container-v1-core)." }, "deploymentTimeout": { "type": "string", "description": "Immutable. Deployment timeout. TODO (b/306244185): Revise documentation before exposing." }, "env": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1EnvVar" }, "description": "Immutable. List of environment variables to set in the container. After the container starts running, code running in the container can read these environment variables. Additionally, the command and args fields can reference these variables. Later entries in this list can also reference earlier entries. For example, the following example sets the variable `VAR_2` to have the value `foo bar`: ```json [ { \"name\": \"VAR_1\", \"value\": \"foo\" }, { \"name\": \"VAR_2\", \"value\": \"$(VAR_1) bar\" } ] ``` If you switch the order of the variables in the example, then the expansion does not occur. This field corresponds to the `env` field of the Kubernetes Containers [v1 core API](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#container-v1-core)." }, "healthProbe": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1Probe", "description": "Immutable. Specification for Kubernetes readiness probe. TODO (b/306244185): Revise documentation before exposing." }, "healthRoute": { "type": "string", "description": "Immutable. HTTP path on the container to send health checks to. Vertex AI intermittently sends GET requests to this path on the container's IP address and port to check that the container is healthy. Read more about [health checks](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#health). For example, if you set this field to `/bar`, then Vertex AI intermittently sends a GET request to the `/bar` path on the port of your container specified by the first value of this `ModelContainerSpec`'s ports field. If you don't specify this field, it defaults to the following value when you deploy this Model to an Endpoint: /v1/endpoints/ENDPOINT/deployedModels/ DEPLOYED_MODEL:predict The placeholders in this value are replaced as follows: * ENDPOINT: The last segment (following `endpoints/`)of the Endpoint.name][] field of the Endpoint where this Model has been deployed. (Vertex AI makes this value available to your container code as the [`AIP_ENDPOINT_ID` environment variable](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables).) * DEPLOYED_MODEL: DeployedModel.id of the `DeployedModel`. (Vertex AI makes this value available to your container code as the [`AIP_DEPLOYED_MODEL_ID` environment variable](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables).)" }, "imageUri": { "type": "string", "description": "Immutable. URI of the Docker image to be used as the custom container for serving predictions. This URI must identify an image in Artifact Registry or Container Registry. Learn more about the [container publishing requirements](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#publishing), including permissions requirements for the Vertex AI Service Agent. The container image is ingested upon ModelService.UploadModel, stored internally, and this original path is afterwards not used. To learn about the requirements for the Docker image itself, see [Custom container requirements](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#). You can use the URI to one of Vertex AI's [pre-built container images for prediction](https://cloud.google.com/vertex-ai/docs/predictions/pre-built-containers) in this field." }, "ports": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1Port" }, "description": "Immutable. List of ports to expose from the container. Vertex AI sends any prediction requests that it receives to the first port on this list. Vertex AI also sends [liveness and health checks](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#liveness) to this port. If you do not specify this field, it defaults to following value: ```json [ { \"containerPort\": 8080 } ] ``` Vertex AI does not use ports other than the first one listed. This field corresponds to the `ports` field of the Kubernetes Containers [v1 core API](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#container-v1-core)." }, "predictRoute": { "type": "string", "description": "Immutable. HTTP path on the container to send prediction requests to. Vertex AI forwards requests sent using projects.locations.endpoints.predict to this path on the container's IP address and port. Vertex AI then returns the container's response in the API response. For example, if you set this field to `/foo`, then when Vertex AI receives a prediction request, it forwards the request body in a POST request to the `/foo` path on the port of your container specified by the first value of this `ModelContainerSpec`'s ports field. If you don't specify this field, it defaults to the following value when you deploy this Model to an Endpoint: /v1/endpoints/ENDPOINT/deployedModels/DEPLOYED_MODEL:predict The placeholders in this value are replaced as follows: * ENDPOINT: The last segment (following `endpoints/`)of the Endpoint.name][] field of the Endpoint where this Model has been deployed. (Vertex AI makes this value available to your container code as the [`AIP_ENDPOINT_ID` environment variable](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables).) * DEPLOYED_MODEL: DeployedModel.id of the `DeployedModel`. (Vertex AI makes this value available to your container code as the [`AIP_DEPLOYED_MODEL_ID` environment variable](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables).)" }, "sharedMemorySizeMb": { "type": "string", "description": "Immutable. The amount of the VM memory to reserve as the shared memory for the model in megabytes. TODO (b/306244185): Revise documentation before exposing." }, "startupProbe": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1Probe", "description": "Immutable. Specification for Kubernetes startup probe. TODO (b/306244185): Revise documentation before exposing." } }, "type": "object", "required": [ "imageUri" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ModelContainerSpecResponse": { "description": "Specification of a container for serving predictions. Some fields in this message correspond to fields in the [Kubernetes Container v1 core specification](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#container-v1-core).", "properties": { "args": { "type": "array", "items": { "type": "string" }, "description": "Immutable. Specifies arguments for the command that runs when the container starts. This overrides the container's [`CMD`](https://docs.docker.com/engine/reference/builder/#cmd). Specify this field as an array of executable and arguments, similar to a Docker `CMD`'s \"default parameters\" form. If you don't specify this field but do specify the command field, then the command from the `command` field runs without any additional arguments. See the [Kubernetes documentation about how the `command` and `args` fields interact with a container's `ENTRYPOINT` and `CMD`](https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#notes). If you don't specify this field and don't specify the `command` field, then the container's [`ENTRYPOINT`](https://docs.docker.com/engine/reference/builder/#cmd) and `CMD` determine what runs based on their default behavior. See the Docker documentation about [how `CMD` and `ENTRYPOINT` interact](https://docs.docker.com/engine/reference/builder/#understand-how-cmd-and-entrypoint-interact). In this field, you can reference [environment variables set by Vertex AI](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables) and environment variables set in the env field. You cannot reference environment variables set in the Docker image. In order for environment variables to be expanded, reference them by using the following syntax: $( VARIABLE_NAME) Note that this differs from Bash variable expansion, which does not use parentheses. If a variable cannot be resolved, the reference in the input string is used unchanged. To avoid variable expansion, you can escape this syntax with `$$`; for example: $$(VARIABLE_NAME) This field corresponds to the `args` field of the Kubernetes Containers [v1 core API](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#container-v1-core)." }, "command": { "type": "array", "items": { "type": "string" }, "description": "Immutable. Specifies the command that runs when the container starts. This overrides the container's [ENTRYPOINT](https://docs.docker.com/engine/reference/builder/#entrypoint). Specify this field as an array of executable and arguments, similar to a Docker `ENTRYPOINT`'s \"exec\" form, not its \"shell\" form. If you do not specify this field, then the container's `ENTRYPOINT` runs, in conjunction with the args field or the container's [`CMD`](https://docs.docker.com/engine/reference/builder/#cmd), if either exists. If this field is not specified and the container does not have an `ENTRYPOINT`, then refer to the Docker documentation about [how `CMD` and `ENTRYPOINT` interact](https://docs.docker.com/engine/reference/builder/#understand-how-cmd-and-entrypoint-interact). If you specify this field, then you can also specify the `args` field to provide additional arguments for this command. However, if you specify this field, then the container's `CMD` is ignored. See the [Kubernetes documentation about how the `command` and `args` fields interact with a container's `ENTRYPOINT` and `CMD`](https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#notes). In this field, you can reference [environment variables set by Vertex AI](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables) and environment variables set in the env field. You cannot reference environment variables set in the Docker image. In order for environment variables to be expanded, reference them by using the following syntax: $( VARIABLE_NAME) Note that this differs from Bash variable expansion, which does not use parentheses. If a variable cannot be resolved, the reference in the input string is used unchanged. To avoid variable expansion, you can escape this syntax with `$$`; for example: $$(VARIABLE_NAME) This field corresponds to the `command` field of the Kubernetes Containers [v1 core API](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#container-v1-core)." }, "deploymentTimeout": { "type": "string", "description": "Immutable. Deployment timeout. TODO (b/306244185): Revise documentation before exposing." }, "env": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1EnvVarResponse" }, "description": "Immutable. List of environment variables to set in the container. After the container starts running, code running in the container can read these environment variables. Additionally, the command and args fields can reference these variables. Later entries in this list can also reference earlier entries. For example, the following example sets the variable `VAR_2` to have the value `foo bar`: ```json [ { \"name\": \"VAR_1\", \"value\": \"foo\" }, { \"name\": \"VAR_2\", \"value\": \"$(VAR_1) bar\" } ] ``` If you switch the order of the variables in the example, then the expansion does not occur. This field corresponds to the `env` field of the Kubernetes Containers [v1 core API](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#container-v1-core)." }, "healthProbe": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ProbeResponse", "description": "Immutable. Specification for Kubernetes readiness probe. TODO (b/306244185): Revise documentation before exposing." }, "healthRoute": { "type": "string", "description": "Immutable. HTTP path on the container to send health checks to. Vertex AI intermittently sends GET requests to this path on the container's IP address and port to check that the container is healthy. Read more about [health checks](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#health). For example, if you set this field to `/bar`, then Vertex AI intermittently sends a GET request to the `/bar` path on the port of your container specified by the first value of this `ModelContainerSpec`'s ports field. If you don't specify this field, it defaults to the following value when you deploy this Model to an Endpoint: /v1/endpoints/ENDPOINT/deployedModels/ DEPLOYED_MODEL:predict The placeholders in this value are replaced as follows: * ENDPOINT: The last segment (following `endpoints/`)of the Endpoint.name][] field of the Endpoint where this Model has been deployed. (Vertex AI makes this value available to your container code as the [`AIP_ENDPOINT_ID` environment variable](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables).) * DEPLOYED_MODEL: DeployedModel.id of the `DeployedModel`. (Vertex AI makes this value available to your container code as the [`AIP_DEPLOYED_MODEL_ID` environment variable](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables).)" }, "imageUri": { "type": "string", "description": "Immutable. URI of the Docker image to be used as the custom container for serving predictions. This URI must identify an image in Artifact Registry or Container Registry. Learn more about the [container publishing requirements](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#publishing), including permissions requirements for the Vertex AI Service Agent. The container image is ingested upon ModelService.UploadModel, stored internally, and this original path is afterwards not used. To learn about the requirements for the Docker image itself, see [Custom container requirements](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#). You can use the URI to one of Vertex AI's [pre-built container images for prediction](https://cloud.google.com/vertex-ai/docs/predictions/pre-built-containers) in this field." }, "ports": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1PortResponse" }, "description": "Immutable. List of ports to expose from the container. Vertex AI sends any prediction requests that it receives to the first port on this list. Vertex AI also sends [liveness and health checks](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#liveness) to this port. If you do not specify this field, it defaults to following value: ```json [ { \"containerPort\": 8080 } ] ``` Vertex AI does not use ports other than the first one listed. This field corresponds to the `ports` field of the Kubernetes Containers [v1 core API](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#container-v1-core)." }, "predictRoute": { "type": "string", "description": "Immutable. HTTP path on the container to send prediction requests to. Vertex AI forwards requests sent using projects.locations.endpoints.predict to this path on the container's IP address and port. Vertex AI then returns the container's response in the API response. For example, if you set this field to `/foo`, then when Vertex AI receives a prediction request, it forwards the request body in a POST request to the `/foo` path on the port of your container specified by the first value of this `ModelContainerSpec`'s ports field. If you don't specify this field, it defaults to the following value when you deploy this Model to an Endpoint: /v1/endpoints/ENDPOINT/deployedModels/DEPLOYED_MODEL:predict The placeholders in this value are replaced as follows: * ENDPOINT: The last segment (following `endpoints/`)of the Endpoint.name][] field of the Endpoint where this Model has been deployed. (Vertex AI makes this value available to your container code as the [`AIP_ENDPOINT_ID` environment variable](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables).) * DEPLOYED_MODEL: DeployedModel.id of the `DeployedModel`. (Vertex AI makes this value available to your container code as the [`AIP_DEPLOYED_MODEL_ID` environment variable](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables).)" }, "sharedMemorySizeMb": { "type": "string", "description": "Immutable. The amount of the VM memory to reserve as the shared memory for the model in megabytes. TODO (b/306244185): Revise documentation before exposing." }, "startupProbe": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ProbeResponse", "description": "Immutable. Specification for Kubernetes startup probe. TODO (b/306244185): Revise documentation before exposing." } }, "type": "object", "required": [ "args", "command", "deploymentTimeout", "env", "healthProbe", "healthRoute", "imageUri", "ports", "predictRoute", "sharedMemorySizeMb", "startupProbe" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ModelDeploymentMonitoringBigQueryTableResponse": { "description": "ModelDeploymentMonitoringBigQueryTable specifies the BigQuery table name as well as some information of the logs stored in this table.", "properties": { "bigqueryTablePath": { "type": "string", "description": "The created BigQuery table to store logs. Customer could do their own query & analysis. Format: `bq://.model_deployment_monitoring_._`" }, "logSource": { "type": "string", "description": "The source of log." }, "logType": { "type": "string", "description": "The type of log." } }, "type": "object", "required": [ "bigqueryTablePath", "logSource", "logType" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ModelDeploymentMonitoringJobLatestMonitoringPipelineMetadataResponse": { "description": "All metadata of most recent monitoring pipelines.", "properties": { "runTime": { "type": "string", "description": "The time that most recent monitoring pipelines that is related to this run." }, "status": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleRpcStatusResponse", "description": "The status of the most recent monitoring pipeline." } }, "type": "object", "required": [ "runTime", "status" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ModelDeploymentMonitoringObjectiveConfig": { "description": "ModelDeploymentMonitoringObjectiveConfig contains the pair of deployed_model_id to ModelMonitoringObjectiveConfig.", "properties": { "deployedModelId": { "type": "string", "description": "The DeployedModel ID of the objective config." }, "objectiveConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ModelMonitoringObjectiveConfig", "description": "The objective config of for the modelmonitoring job of this deployed model." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ModelDeploymentMonitoringObjectiveConfigResponse": { "description": "ModelDeploymentMonitoringObjectiveConfig contains the pair of deployed_model_id to ModelMonitoringObjectiveConfig.", "properties": { "deployedModelId": { "type": "string", "description": "The DeployedModel ID of the objective config." }, "objectiveConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigResponse", "description": "The objective config of for the modelmonitoring job of this deployed model." } }, "type": "object", "required": [ "deployedModelId", "objectiveConfig" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ModelDeploymentMonitoringScheduleConfig": { "description": "The config for scheduling monitoring job.", "properties": { "monitorInterval": { "type": "string", "description": "The model monitoring job scheduling interval. It will be rounded up to next full hour. This defines how often the monitoring jobs are triggered." }, "monitorWindow": { "type": "string", "description": "The time window of the prediction data being included in each prediction dataset. This window specifies how long the data should be collected from historical model results for each run. If not set, ModelDeploymentMonitoringScheduleConfig.monitor_interval will be used. e.g. If currently the cutoff time is 2022-01-08 14:30:00 and the monitor_window is set to be 3600, then data from 2022-01-08 13:30:00 to 2022-01-08 14:30:00 will be retrieved and aggregated to calculate the monitoring statistics." } }, "type": "object", "required": [ "monitorInterval" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ModelDeploymentMonitoringScheduleConfigResponse": { "description": "The config for scheduling monitoring job.", "properties": { "monitorInterval": { "type": "string", "description": "The model monitoring job scheduling interval. It will be rounded up to next full hour. This defines how often the monitoring jobs are triggered." }, "monitorWindow": { "type": "string", "description": "The time window of the prediction data being included in each prediction dataset. This window specifies how long the data should be collected from historical model results for each run. If not set, ModelDeploymentMonitoringScheduleConfig.monitor_interval will be used. e.g. If currently the cutoff time is 2022-01-08 14:30:00 and the monitor_window is set to be 3600, then data from 2022-01-08 13:30:00 to 2022-01-08 14:30:00 will be retrieved and aggregated to calculate the monitoring statistics." } }, "type": "object", "required": [ "monitorInterval", "monitorWindow" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ModelExportFormatResponse": { "description": "Represents export format supported by the Model. All formats export to Google Cloud Storage.", "properties": { "exportableContents": { "type": "array", "items": { "type": "string" }, "description": "The content of this Model that may be exported." } }, "type": "object", "required": [ "exportableContents" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ModelMonitoringAlertConfig": { "properties": { "emailAlertConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ModelMonitoringAlertConfigEmailAlertConfig", "description": "Email alert config." }, "enableLogging": { "type": "boolean", "description": "Dump the anomalies to Cloud Logging. The anomalies will be put to json payload encoded from proto google.cloud.aiplatform.logging.ModelMonitoringAnomaliesLogEntry. This can be further sinked to Pub/Sub or any other services supported by Cloud Logging." }, "notificationChannels": { "type": "array", "items": { "type": "string" }, "description": "Resource names of the NotificationChannels to send alert. Must be of the format `projects//notificationChannels/`" } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ModelMonitoringAlertConfigEmailAlertConfig": { "description": "The config for email alert.", "properties": { "userEmails": { "type": "array", "items": { "type": "string" }, "description": "The email addresses to send the alert." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ModelMonitoringAlertConfigEmailAlertConfigResponse": { "description": "The config for email alert.", "properties": { "userEmails": { "type": "array", "items": { "type": "string" }, "description": "The email addresses to send the alert." } }, "type": "object", "required": [ "userEmails" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ModelMonitoringAlertConfigResponse": { "properties": { "emailAlertConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ModelMonitoringAlertConfigEmailAlertConfigResponse", "description": "Email alert config." }, "enableLogging": { "type": "boolean", "description": "Dump the anomalies to Cloud Logging. The anomalies will be put to json payload encoded from proto google.cloud.aiplatform.logging.ModelMonitoringAnomaliesLogEntry. This can be further sinked to Pub/Sub or any other services supported by Cloud Logging." }, "notificationChannels": { "type": "array", "items": { "type": "string" }, "description": "Resource names of the NotificationChannels to send alert. Must be of the format `projects//notificationChannels/`" } }, "type": "object", "required": [ "emailAlertConfig", "enableLogging", "notificationChannels" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ModelMonitoringObjectiveConfig": { "description": "The objective configuration for model monitoring, including the information needed to detect anomalies for one particular model.", "properties": { "explanationConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigExplanationConfig", "description": "The config for integrating with Vertex Explainable AI." }, "predictionDriftDetectionConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigPredictionDriftDetectionConfig", "description": "The config for drift of prediction data." }, "trainingDataset": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigTrainingDataset", "description": "Training dataset for models. This field has to be set only if TrainingPredictionSkewDetectionConfig is specified." }, "trainingPredictionSkewDetectionConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigTrainingPredictionSkewDetectionConfig", "description": "The config for skew between training data and prediction data." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigExplanationConfig": { "description": "The config for integrating with Vertex Explainable AI. Only applicable if the Model has explanation_spec populated.", "properties": { "enableFeatureAttributes": { "type": "boolean", "description": "If want to analyze the Vertex Explainable AI feature attribute scores or not. If set to true, Vertex AI will log the feature attributions from explain response and do the skew/drift detection for them." }, "explanationBaseline": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigExplanationConfigExplanationBaseline", "description": "Predictions generated by the BatchPredictionJob using baseline dataset." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigExplanationConfigExplanationBaseline": { "description": "Output from BatchPredictionJob for Model Monitoring baseline dataset, which can be used to generate baseline attribution scores.", "properties": { "bigquery": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1BigQueryDestination", "description": "BigQuery location for BatchExplain output." }, "gcs": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1GcsDestination", "description": "Cloud Storage location for BatchExplain output." }, "predictionFormat": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigExplanationConfigExplanationBaselinePredictionFormat", "description": "The storage format of the predictions generated BatchPrediction job." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigExplanationConfigExplanationBaselinePredictionFormat": { "description": "The storage format of the predictions generated BatchPrediction job.", "type": "string", "enum": [ { "name": "PredictionFormatUnspecified", "description": "Should not be set.", "value": "PREDICTION_FORMAT_UNSPECIFIED" }, { "name": "Jsonl", "description": "Predictions are in JSONL files.", "value": "JSONL" }, { "name": "Bigquery", "description": "Predictions are in BigQuery.", "value": "BIGQUERY" } ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigExplanationConfigExplanationBaselineResponse": { "description": "Output from BatchPredictionJob for Model Monitoring baseline dataset, which can be used to generate baseline attribution scores.", "properties": { "bigquery": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1BigQueryDestinationResponse", "description": "BigQuery location for BatchExplain output." }, "gcs": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1GcsDestinationResponse", "description": "Cloud Storage location for BatchExplain output." }, "predictionFormat": { "type": "string", "description": "The storage format of the predictions generated BatchPrediction job." } }, "type": "object", "required": [ "bigquery", "gcs", "predictionFormat" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigExplanationConfigResponse": { "description": "The config for integrating with Vertex Explainable AI. Only applicable if the Model has explanation_spec populated.", "properties": { "enableFeatureAttributes": { "type": "boolean", "description": "If want to analyze the Vertex Explainable AI feature attribute scores or not. If set to true, Vertex AI will log the feature attributions from explain response and do the skew/drift detection for them." }, "explanationBaseline": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigExplanationConfigExplanationBaselineResponse", "description": "Predictions generated by the BatchPredictionJob using baseline dataset." } }, "type": "object", "required": [ "enableFeatureAttributes", "explanationBaseline" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigPredictionDriftDetectionConfig": { "description": "The config for Prediction data drift detection.", "properties": { "attributionScoreDriftThresholds": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key is the feature name and value is the threshold. The threshold here is against attribution score distance between different time windows." }, "defaultDriftThreshold": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ThresholdConfig", "description": "Drift anomaly detection threshold used by all features. When the per-feature thresholds are not set, this field can be used to specify a threshold for all features." }, "driftThresholds": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key is the feature name and value is the threshold. If a feature needs to be monitored for drift, a value threshold must be configured for that feature. The threshold here is against feature distribution distance between different time windws." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigPredictionDriftDetectionConfigResponse": { "description": "The config for Prediction data drift detection.", "properties": { "attributionScoreDriftThresholds": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key is the feature name and value is the threshold. The threshold here is against attribution score distance between different time windows." }, "defaultDriftThreshold": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ThresholdConfigResponse", "description": "Drift anomaly detection threshold used by all features. When the per-feature thresholds are not set, this field can be used to specify a threshold for all features." }, "driftThresholds": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key is the feature name and value is the threshold. If a feature needs to be monitored for drift, a value threshold must be configured for that feature. The threshold here is against feature distribution distance between different time windws." } }, "type": "object", "required": [ "attributionScoreDriftThresholds", "defaultDriftThreshold", "driftThresholds" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigResponse": { "description": "The objective configuration for model monitoring, including the information needed to detect anomalies for one particular model.", "properties": { "explanationConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigExplanationConfigResponse", "description": "The config for integrating with Vertex Explainable AI." }, "predictionDriftDetectionConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigPredictionDriftDetectionConfigResponse", "description": "The config for drift of prediction data." }, "trainingDataset": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigTrainingDatasetResponse", "description": "Training dataset for models. This field has to be set only if TrainingPredictionSkewDetectionConfig is specified." }, "trainingPredictionSkewDetectionConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigTrainingPredictionSkewDetectionConfigResponse", "description": "The config for skew between training data and prediction data." } }, "type": "object", "required": [ "explanationConfig", "predictionDriftDetectionConfig", "trainingDataset", "trainingPredictionSkewDetectionConfig" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigTrainingDataset": { "description": "Training Dataset information.", "properties": { "bigquerySource": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1BigQuerySource", "description": "The BigQuery table of the unmanaged Dataset used to train this Model." }, "dataFormat": { "type": "string", "description": "Data format of the dataset, only applicable if the input is from Google Cloud Storage. The possible formats are: \"tf-record\" The source file is a TFRecord file. \"csv\" The source file is a CSV file. \"jsonl\" The source file is a JSONL file." }, "dataset": { "type": "string", "description": "The resource name of the Dataset used to train this Model." }, "gcsSource": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1GcsSource", "description": "The Google Cloud Storage uri of the unmanaged Dataset used to train this Model." }, "loggingSamplingStrategy": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1SamplingStrategy", "description": "Strategy to sample data from Training Dataset. If not set, we process the whole dataset." }, "targetField": { "type": "string", "description": "The target field name the model is to predict. This field will be excluded when doing Predict and (or) Explain for the training data." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigTrainingDatasetResponse": { "description": "Training Dataset information.", "properties": { "bigquerySource": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1BigQuerySourceResponse", "description": "The BigQuery table of the unmanaged Dataset used to train this Model." }, "dataFormat": { "type": "string", "description": "Data format of the dataset, only applicable if the input is from Google Cloud Storage. The possible formats are: \"tf-record\" The source file is a TFRecord file. \"csv\" The source file is a CSV file. \"jsonl\" The source file is a JSONL file." }, "dataset": { "type": "string", "description": "The resource name of the Dataset used to train this Model." }, "gcsSource": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1GcsSourceResponse", "description": "The Google Cloud Storage uri of the unmanaged Dataset used to train this Model." }, "loggingSamplingStrategy": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1SamplingStrategyResponse", "description": "Strategy to sample data from Training Dataset. If not set, we process the whole dataset." }, "targetField": { "type": "string", "description": "The target field name the model is to predict. This field will be excluded when doing Predict and (or) Explain for the training data." } }, "type": "object", "required": [ "bigquerySource", "dataFormat", "dataset", "gcsSource", "loggingSamplingStrategy", "targetField" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigTrainingPredictionSkewDetectionConfig": { "description": "The config for Training & Prediction data skew detection. It specifies the training dataset sources and the skew detection parameters.", "properties": { "attributionScoreSkewThresholds": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key is the feature name and value is the threshold. The threshold here is against attribution score distance between the training and prediction feature." }, "defaultSkewThreshold": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ThresholdConfig", "description": "Skew anomaly detection threshold used by all features. When the per-feature thresholds are not set, this field can be used to specify a threshold for all features." }, "skewThresholds": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key is the feature name and value is the threshold. If a feature needs to be monitored for skew, a value threshold must be configured for that feature. The threshold here is against feature distribution distance between the training and prediction feature." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ModelMonitoringObjectiveConfigTrainingPredictionSkewDetectionConfigResponse": { "description": "The config for Training & Prediction data skew detection. It specifies the training dataset sources and the skew detection parameters.", "properties": { "attributionScoreSkewThresholds": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key is the feature name and value is the threshold. The threshold here is against attribution score distance between the training and prediction feature." }, "defaultSkewThreshold": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ThresholdConfigResponse", "description": "Skew anomaly detection threshold used by all features. When the per-feature thresholds are not set, this field can be used to specify a threshold for all features." }, "skewThresholds": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key is the feature name and value is the threshold. If a feature needs to be monitored for skew, a value threshold must be configured for that feature. The threshold here is against feature distribution distance between the training and prediction feature." } }, "type": "object", "required": [ "attributionScoreSkewThresholds", "defaultSkewThreshold", "skewThresholds" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ModelOriginalModelInfoResponse": { "description": "Contains information about the original Model if this Model is a copy.", "properties": { "model": { "type": "string", "description": "The resource name of the Model this Model is a copy of, including the revision. Format: `projects/{project}/locations/{location}/models/{model_id}@{version_id}`" } }, "type": "object", "required": [ "model" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ModelResponse": { "description": "A trained machine learning Model.", "properties": { "artifactUri": { "type": "string", "description": "Immutable. The path to the directory containing the Model artifact and any of its supporting files. Not present for AutoML Models or Large Models." }, "containerSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ModelContainerSpecResponse", "description": "Input only. The specification of the container that is to be used when deploying this Model. The specification is ingested upon ModelService.UploadModel, and all binaries it contains are copied and stored internally by Vertex AI. Not present for AutoML Models or Large Models." }, "createTime": { "type": "string", "description": "Timestamp when this Model was uploaded into Vertex AI." }, "deployedModels": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1DeployedModelRefResponse" }, "description": "The pointers to DeployedModels created from this Model. Note that Model could have been deployed to Endpoints in different Locations." }, "description": { "type": "string", "description": "The description of the Model." }, "displayName": { "type": "string", "description": "The display name of the Model. The name can be up to 128 characters long and can consist of any UTF-8 characters." }, "encryptionSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1EncryptionSpecResponse", "description": "Customer-managed encryption key spec for a Model. If set, this Model and all sub-resources of this Model will be secured by this key." }, "etag": { "type": "string", "description": "Used to perform consistent read-modify-write updates. If not set, a blind \"overwrite\" update happens." }, "explanationSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ExplanationSpecResponse", "description": "The default explanation specification for this Model. The Model can be used for requesting explanation after being deployed if it is populated. The Model can be used for batch explanation if it is populated. All fields of the explanation_spec can be overridden by explanation_spec of DeployModelRequest.deployed_model, or explanation_spec of BatchPredictionJob. If the default explanation specification is not set for this Model, this Model can still be used for requesting explanation by setting explanation_spec of DeployModelRequest.deployed_model and for batch explanation by setting explanation_spec of BatchPredictionJob." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The labels with user-defined metadata to organize your Models. Label keys and values can be no longer than 64 characters (Unicode codepoints), can only contain lowercase letters, numeric characters, underscores and dashes. International characters are allowed. See https://goo.gl/xmQnxf for more information and examples of labels." }, "metadata": { "$ref": "pulumi.json#/Any", "description": "Immutable. An additional information about the Model; the schema of the metadata can be found in metadata_schema. Unset if the Model does not have any additional information." }, "metadataArtifact": { "type": "string", "description": "The resource name of the Artifact that was created in MetadataStore when creating the Model. The Artifact resource name pattern is `projects/{project}/locations/{location}/metadataStores/{metadata_store}/artifacts/{artifact}`." }, "metadataSchemaUri": { "type": "string", "description": "Immutable. Points to a YAML file stored on Google Cloud Storage describing additional information about the Model, that is specific to it. Unset if the Model does not have any additional information. The schema is defined as an OpenAPI 3.0.2 [Schema Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). AutoML Models always have this field populated by Vertex AI, if no additional metadata is needed, this field is set to an empty string. Note: The URI given on output will be immutable and probably different, including the URI scheme, than the one given on input. The output URI will point to a location where the user only has a read access." }, "modelSourceInfo": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ModelSourceInfoResponse", "description": "Source of a model. It can either be automl training pipeline, custom training pipeline, BigQuery ML, or existing Vertex AI Model." }, "name": { "type": "string", "description": "The resource name of the Model." }, "originalModelInfo": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ModelOriginalModelInfoResponse", "description": "If this Model is a copy of another Model, this contains info about the original." }, "pipelineJob": { "type": "string", "description": "Optional. This field is populated if the model is produced by a pipeline job." }, "predictSchemata": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1PredictSchemataResponse", "description": "The schemata that describe formats of the Model's predictions and explanations as given and returned via PredictionService.Predict and PredictionService.Explain." }, "supportedDeploymentResourcesTypes": { "type": "array", "items": { "type": "string" }, "description": "When this Model is deployed, its prediction resources are described by the `prediction_resources` field of the Endpoint.deployed_models object. Because not all Models support all resource configuration types, the configuration types this Model supports are listed here. If no configuration types are listed, the Model cannot be deployed to an Endpoint and does not support online predictions (PredictionService.Predict or PredictionService.Explain). Such a Model can serve predictions by using a BatchPredictionJob, if it has at least one entry each in supported_input_storage_formats and supported_output_storage_formats." }, "supportedExportFormats": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ModelExportFormatResponse" }, "description": "The formats in which this Model may be exported. If empty, this Model is not available for export." }, "supportedInputStorageFormats": { "type": "array", "items": { "type": "string" }, "description": "The formats this Model supports in BatchPredictionJob.input_config. If PredictSchemata.instance_schema_uri exists, the instances should be given as per that schema. The possible formats are: * `jsonl` The JSON Lines format, where each instance is a single line. Uses GcsSource. * `csv` The CSV format, where each instance is a single comma-separated line. The first line in the file is the header, containing comma-separated field names. Uses GcsSource. * `tf-record` The TFRecord format, where each instance is a single record in tfrecord syntax. Uses GcsSource. * `tf-record-gzip` Similar to `tf-record`, but the file is gzipped. Uses GcsSource. * `bigquery` Each instance is a single row in BigQuery. Uses BigQuerySource. * `file-list` Each line of the file is the location of an instance to process, uses `gcs_source` field of the InputConfig object. If this Model doesn't support any of these formats it means it cannot be used with a BatchPredictionJob. However, if it has supported_deployment_resources_types, it could serve online predictions by using PredictionService.Predict or PredictionService.Explain." }, "supportedOutputStorageFormats": { "type": "array", "items": { "type": "string" }, "description": "The formats this Model supports in BatchPredictionJob.output_config. If both PredictSchemata.instance_schema_uri and PredictSchemata.prediction_schema_uri exist, the predictions are returned together with their instances. In other words, the prediction has the original instance data first, followed by the actual prediction content (as per the schema). The possible formats are: * `jsonl` The JSON Lines format, where each prediction is a single line. Uses GcsDestination. * `csv` The CSV format, where each prediction is a single comma-separated line. The first line in the file is the header, containing comma-separated field names. Uses GcsDestination. * `bigquery` Each prediction is a single row in a BigQuery table, uses BigQueryDestination . If this Model doesn't support any of these formats it means it cannot be used with a BatchPredictionJob. However, if it has supported_deployment_resources_types, it could serve online predictions by using PredictionService.Predict or PredictionService.Explain." }, "trainingPipeline": { "type": "string", "description": "The resource name of the TrainingPipeline that uploaded this Model, if any." }, "updateTime": { "type": "string", "description": "Timestamp when this Model was most recently updated." }, "versionAliases": { "type": "array", "items": { "type": "string" }, "description": "User provided version aliases so that a model version can be referenced via alias (i.e. `projects/{project}/locations/{location}/models/{model_id}@{version_alias}` instead of auto-generated version id (i.e. `projects/{project}/locations/{location}/models/{model_id}@{version_id})`. The format is a-z{0,126}[a-z0-9] to distinguish from version_id. A default version alias will be created for the first version of the model, and there must be exactly one default version alias for a model." }, "versionCreateTime": { "type": "string", "description": "Timestamp when this version was created." }, "versionDescription": { "type": "string", "description": "The description of this version." }, "versionId": { "type": "string", "description": "Immutable. The version ID of the model. A new version is committed when a new model version is uploaded or trained under an existing model id. It is an auto-incrementing decimal number in string representation." }, "versionUpdateTime": { "type": "string", "description": "Timestamp when this version was most recently updated." } }, "type": "object", "required": [ "artifactUri", "containerSpec", "createTime", "deployedModels", "description", "displayName", "encryptionSpec", "etag", "explanationSpec", "labels", "metadata", "metadataArtifact", "metadataSchemaUri", "modelSourceInfo", "name", "originalModelInfo", "pipelineJob", "predictSchemata", "supportedDeploymentResourcesTypes", "supportedExportFormats", "supportedInputStorageFormats", "supportedOutputStorageFormats", "trainingPipeline", "updateTime", "versionAliases", "versionCreateTime", "versionDescription", "versionId", "versionUpdateTime" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ModelSourceInfoResponse": { "description": "Detail description of the source information of the model.", "properties": { "copy": { "type": "boolean", "description": "If this Model is copy of another Model. If true then source_type pertains to the original." }, "sourceType": { "type": "string", "description": "Type of the model source." } }, "type": "object", "required": [ "copy", "sourceType" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1NasJobOutputMultiTrialJobOutputResponse": { "description": "The output of a multi-trial Neural Architecture Search (NAS) jobs.", "properties": { "searchTrials": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1NasTrialResponse" }, "description": "List of NasTrials that were started as part of search stage." }, "trainTrials": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1NasTrialResponse" }, "description": "List of NasTrials that were started as part of train stage." } }, "type": "object", "required": [ "searchTrials", "trainTrials" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1NasJobOutputResponse": { "description": "Represents a uCAIP NasJob output.", "properties": { "multiTrialJobOutput": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1NasJobOutputMultiTrialJobOutputResponse", "description": "The output of this multi-trial Neural Architecture Search (NAS) job." } }, "type": "object", "required": [ "multiTrialJobOutput" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1NasJobSpec": { "description": "Represents the spec of a NasJob.", "properties": { "multiTrialAlgorithmSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpec", "description": "The spec of multi-trial algorithms." }, "resumeNasJobId": { "type": "string", "description": "The ID of the existing NasJob in the same Project and Location which will be used to resume search. search_space_spec and nas_algorithm_spec are obtained from previous NasJob hence should not provide them again for this NasJob." }, "searchSpaceSpec": { "type": "string", "description": "It defines the search space for Neural Architecture Search (NAS)." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpec": { "description": "The spec of multi-trial Neural Architecture Search (NAS).", "properties": { "metric": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecMetricSpec", "description": "Metric specs for the NAS job. Validation for this field is done at `multi_trial_algorithm_spec` field." }, "multiTrialAlgorithm": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecMultiTrialAlgorithm", "description": "The multi-trial Neural Architecture Search (NAS) algorithm type. Defaults to `REINFORCEMENT_LEARNING`." }, "searchTrialSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecSearchTrialSpec", "description": "Spec for search trials." }, "trainTrialSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecTrainTrialSpec", "description": "Spec for train trials. Top N [TrainTrialSpec.max_parallel_trial_count] search trials will be trained for every M [TrainTrialSpec.frequency] trials searched." } }, "type": "object", "required": [ "searchTrialSpec" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecMetricSpec": { "description": "Represents a metric to optimize.", "properties": { "goal": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecMetricSpecGoal", "description": "The optimization goal of the metric." }, "metricId": { "type": "string", "description": "The ID of the metric. Must not contain whitespaces." } }, "type": "object", "required": [ "goal", "metricId" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecMetricSpecGoal": { "description": "Required. The optimization goal of the metric.", "type": "string", "enum": [ { "name": "GoalTypeUnspecified", "description": "Goal Type will default to maximize.", "value": "GOAL_TYPE_UNSPECIFIED" }, { "name": "Maximize", "description": "Maximize the goal metric.", "value": "MAXIMIZE" }, { "name": "Minimize", "description": "Minimize the goal metric.", "value": "MINIMIZE" } ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecMetricSpecResponse": { "description": "Represents a metric to optimize.", "properties": { "goal": { "type": "string", "description": "The optimization goal of the metric." }, "metricId": { "type": "string", "description": "The ID of the metric. Must not contain whitespaces." } }, "type": "object", "required": [ "goal", "metricId" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecMultiTrialAlgorithm": { "description": "The multi-trial Neural Architecture Search (NAS) algorithm type. Defaults to `REINFORCEMENT_LEARNING`.", "type": "string", "enum": [ { "name": "MultiTrialAlgorithmUnspecified", "description": "Defaults to `REINFORCEMENT_LEARNING`.", "value": "MULTI_TRIAL_ALGORITHM_UNSPECIFIED" }, { "name": "ReinforcementLearning", "description": "The Reinforcement Learning Algorithm for Multi-trial Neural Architecture Search (NAS).", "value": "REINFORCEMENT_LEARNING" }, { "name": "GridSearch", "description": "The Grid Search Algorithm for Multi-trial Neural Architecture Search (NAS).", "value": "GRID_SEARCH" } ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecResponse": { "description": "The spec of multi-trial Neural Architecture Search (NAS).", "properties": { "metric": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecMetricSpecResponse", "description": "Metric specs for the NAS job. Validation for this field is done at `multi_trial_algorithm_spec` field." }, "multiTrialAlgorithm": { "type": "string", "description": "The multi-trial Neural Architecture Search (NAS) algorithm type. Defaults to `REINFORCEMENT_LEARNING`." }, "searchTrialSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecSearchTrialSpecResponse", "description": "Spec for search trials." }, "trainTrialSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecTrainTrialSpecResponse", "description": "Spec for train trials. Top N [TrainTrialSpec.max_parallel_trial_count] search trials will be trained for every M [TrainTrialSpec.frequency] trials searched." } }, "type": "object", "required": [ "metric", "multiTrialAlgorithm", "searchTrialSpec", "trainTrialSpec" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecSearchTrialSpec": { "description": "Represent spec for search trials.", "properties": { "maxFailedTrialCount": { "type": "integer", "description": "The number of failed trials that need to be seen before failing the NasJob. If set to 0, Vertex AI decides how many trials must fail before the whole job fails." }, "maxParallelTrialCount": { "type": "integer", "description": "The maximum number of trials to run in parallel." }, "maxTrialCount": { "type": "integer", "description": "The maximum number of Neural Architecture Search (NAS) trials to run." }, "searchTrialJobSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1CustomJobSpec", "description": "The spec of a search trial job. The same spec applies to all search trials." } }, "type": "object", "required": [ "maxParallelTrialCount", "maxTrialCount", "searchTrialJobSpec" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecSearchTrialSpecResponse": { "description": "Represent spec for search trials.", "properties": { "maxFailedTrialCount": { "type": "integer", "description": "The number of failed trials that need to be seen before failing the NasJob. If set to 0, Vertex AI decides how many trials must fail before the whole job fails." }, "maxParallelTrialCount": { "type": "integer", "description": "The maximum number of trials to run in parallel." }, "maxTrialCount": { "type": "integer", "description": "The maximum number of Neural Architecture Search (NAS) trials to run." }, "searchTrialJobSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1CustomJobSpecResponse", "description": "The spec of a search trial job. The same spec applies to all search trials." } }, "type": "object", "required": [ "maxFailedTrialCount", "maxParallelTrialCount", "maxTrialCount", "searchTrialJobSpec" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecTrainTrialSpec": { "description": "Represent spec for train trials.", "properties": { "frequency": { "type": "integer", "description": "Frequency of search trials to start train stage. Top N [TrainTrialSpec.max_parallel_trial_count] search trials will be trained for every M [TrainTrialSpec.frequency] trials searched." }, "maxParallelTrialCount": { "type": "integer", "description": "The maximum number of trials to run in parallel." }, "trainTrialJobSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1CustomJobSpec", "description": "The spec of a train trial job. The same spec applies to all train trials." } }, "type": "object", "required": [ "frequency", "maxParallelTrialCount", "trainTrialJobSpec" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecTrainTrialSpecResponse": { "description": "Represent spec for train trials.", "properties": { "frequency": { "type": "integer", "description": "Frequency of search trials to start train stage. Top N [TrainTrialSpec.max_parallel_trial_count] search trials will be trained for every M [TrainTrialSpec.frequency] trials searched." }, "maxParallelTrialCount": { "type": "integer", "description": "The maximum number of trials to run in parallel." }, "trainTrialJobSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1CustomJobSpecResponse", "description": "The spec of a train trial job. The same spec applies to all train trials." } }, "type": "object", "required": [ "frequency", "maxParallelTrialCount", "trainTrialJobSpec" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1NasJobSpecResponse": { "description": "Represents the spec of a NasJob.", "properties": { "multiTrialAlgorithmSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1NasJobSpecMultiTrialAlgorithmSpecResponse", "description": "The spec of multi-trial algorithms." }, "resumeNasJobId": { "type": "string", "description": "The ID of the existing NasJob in the same Project and Location which will be used to resume search. search_space_spec and nas_algorithm_spec are obtained from previous NasJob hence should not provide them again for this NasJob." }, "searchSpaceSpec": { "type": "string", "description": "It defines the search space for Neural Architecture Search (NAS)." } }, "type": "object", "required": [ "multiTrialAlgorithmSpec", "resumeNasJobId", "searchSpaceSpec" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1NasTrialResponse": { "description": "Represents a uCAIP NasJob trial.", "properties": { "endTime": { "type": "string", "description": "Time when the NasTrial's status changed to `SUCCEEDED` or `INFEASIBLE`." }, "finalMeasurement": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1MeasurementResponse", "description": "The final measurement containing the objective value." }, "startTime": { "type": "string", "description": "Time when the NasTrial was started." }, "state": { "type": "string", "description": "The detailed state of the NasTrial." } }, "type": "object", "required": [ "endTime", "finalMeasurement", "startTime", "state" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1NetworkSpec": { "description": "Network spec.", "properties": { "enableInternetAccess": { "type": "boolean", "description": "Whether to enable public internet access. Default false." }, "network": { "type": "string", "description": "The full name of the Google Compute Engine [network](https://cloud.google.com//compute/docs/networks-and-firewalls#networks)" }, "subnetwork": { "type": "string", "description": "The name of the subnet that this instance is in. Format: `projects/{project_id_or_number}/regions/{region}/subnetworks/{subnetwork_id}`" } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1NetworkSpecResponse": { "description": "Network spec.", "properties": { "enableInternetAccess": { "type": "boolean", "description": "Whether to enable public internet access. Default false." }, "network": { "type": "string", "description": "The full name of the Google Compute Engine [network](https://cloud.google.com//compute/docs/networks-and-firewalls#networks)" }, "subnetwork": { "type": "string", "description": "The name of the subnet that this instance is in. Format: `projects/{project_id_or_number}/regions/{region}/subnetworks/{subnetwork_id}`" } }, "type": "object", "required": [ "enableInternetAccess", "network", "subnetwork" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1NfsMount": { "description": "Represents a mount configuration for Network File System (NFS) to mount.", "properties": { "mountPoint": { "type": "string", "description": "Destination mount path. The NFS will be mounted for the user under /mnt/nfs/" }, "path": { "type": "string", "description": "Source path exported from NFS server. Has to start with '/', and combined with the ip address, it indicates the source mount path in the form of `server:path`" }, "server": { "type": "string", "description": "IP address of the NFS server." } }, "type": "object", "required": [ "mountPoint", "path", "server" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1NfsMountResponse": { "description": "Represents a mount configuration for Network File System (NFS) to mount.", "properties": { "mountPoint": { "type": "string", "description": "Destination mount path. The NFS will be mounted for the user under /mnt/nfs/" }, "path": { "type": "string", "description": "Source path exported from NFS server. Has to start with '/', and combined with the ip address, it indicates the source mount path in the form of `server:path`" }, "server": { "type": "string", "description": "IP address of the NFS server." } }, "type": "object", "required": [ "mountPoint", "path", "server" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1NotebookEucConfig": { "description": "The euc configuration of NotebookRuntimeTemplate.", "properties": { "eucDisabled": { "type": "boolean", "description": "Input only. Whether EUC is disabled in this NotebookRuntimeTemplate. In proto3, the default value of a boolean is false. In this way, by default EUC will be enabled for NotebookRuntimeTemplate." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1NotebookEucConfigResponse": { "description": "The euc configuration of NotebookRuntimeTemplate.", "properties": { "bypassActasCheck": { "type": "boolean", "description": "Whether ActAs check is bypassed for service account attached to the VM. If false, we need ActAs check for the default Compute Engine Service account. When a Runtime is created, a VM is allocated using Default Compute Engine Service Account. Any user requesting to use this Runtime requires Service Account User (ActAs) permission over this SA. If true, Runtime owner is using EUC and does not require the above permission as VM no longer use default Compute Engine SA, but a P4SA." }, "eucDisabled": { "type": "boolean", "description": "Input only. Whether EUC is disabled in this NotebookRuntimeTemplate. In proto3, the default value of a boolean is false. In this way, by default EUC will be enabled for NotebookRuntimeTemplate." } }, "type": "object", "required": [ "bypassActasCheck", "eucDisabled" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1NotebookIdleShutdownConfig": { "description": "The idle shutdown configuration of NotebookRuntimeTemplate, which contains the idle_timeout as required field.", "properties": { "idleShutdownDisabled": { "type": "boolean", "description": "Whether Idle Shutdown is disabled in this NotebookRuntimeTemplate." }, "idleTimeout": { "type": "string", "description": "Duration is accurate to the second. In Notebook, Idle Timeout is accurate to minute so the range of idle_timeout (second) is: 10 * 60 ~ 1440 * 60." } }, "type": "object", "required": [ "idleTimeout" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1NotebookIdleShutdownConfigResponse": { "description": "The idle shutdown configuration of NotebookRuntimeTemplate, which contains the idle_timeout as required field.", "properties": { "idleShutdownDisabled": { "type": "boolean", "description": "Whether Idle Shutdown is disabled in this NotebookRuntimeTemplate." }, "idleTimeout": { "type": "string", "description": "Duration is accurate to the second. In Notebook, Idle Timeout is accurate to minute so the range of idle_timeout (second) is: 10 * 60 ~ 1440 * 60." } }, "type": "object", "required": [ "idleShutdownDisabled", "idleTimeout" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1PersistentDiskSpec": { "description": "Represents the spec of persistent disk options.", "properties": { "diskSizeGb": { "type": "string", "description": "Size in GB of the disk (default is 100GB)." }, "diskType": { "type": "string", "description": "Type of the disk (default is \"pd-standard\"). Valid values: \"pd-ssd\" (Persistent Disk Solid State Drive) \"pd-standard\" (Persistent Disk Hard Disk Drive) \"pd-balanced\" (Balanced Persistent Disk) \"pd-extreme\" (Extreme Persistent Disk)" } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1PersistentDiskSpecResponse": { "description": "Represents the spec of persistent disk options.", "properties": { "diskSizeGb": { "type": "string", "description": "Size in GB of the disk (default is 100GB)." }, "diskType": { "type": "string", "description": "Type of the disk (default is \"pd-standard\"). Valid values: \"pd-ssd\" (Persistent Disk Solid State Drive) \"pd-standard\" (Persistent Disk Hard Disk Drive) \"pd-balanced\" (Balanced Persistent Disk) \"pd-extreme\" (Extreme Persistent Disk)" } }, "type": "object", "required": [ "diskSizeGb", "diskType" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1PipelineJob": { "description": "An instance of a machine learning PipelineJob.", "properties": { "displayName": { "type": "string", "description": "The display name of the Pipeline. The name can be up to 128 characters long and can consist of any UTF-8 characters." }, "encryptionSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1EncryptionSpec", "description": "Customer-managed encryption key spec for a pipelineJob. If set, this PipelineJob and all of its sub-resources will be secured by this key." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The labels with user-defined metadata to organize PipelineJob. Label keys and values can be no longer than 64 characters (Unicode codepoints), can only contain lowercase letters, numeric characters, underscores and dashes. International characters are allowed. See https://goo.gl/xmQnxf for more information and examples of labels. Note there is some reserved label key for Vertex AI Pipelines. - `vertex-ai-pipelines-run-billing-id`, user set value will get overrided." }, "network": { "type": "string", "description": "The full name of the Compute Engine [network](/compute/docs/networks-and-firewalls#networks) to which the Pipeline Job's workload should be peered. For example, `projects/12345/global/networks/myVPC`. [Format](/compute/docs/reference/rest/v1/networks/insert) is of the form `projects/{project}/global/networks/{network}`. Where {project} is a project number, as in `12345`, and {network} is a network name. Private services access must already be configured for the network. Pipeline job will apply the network configuration to the Google Cloud resources being launched, if applied, such as Vertex AI Training or Dataflow job. If left unspecified, the workload is not peered with any network." }, "pipelineSpec": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The spec of the pipeline." }, "reservedIpRanges": { "type": "array", "items": { "type": "string" }, "description": "A list of names for the reserved ip ranges under the VPC network that can be used for this Pipeline Job's workload. If set, we will deploy the Pipeline Job's workload within the provided ip ranges. Otherwise, the job will be deployed to any ip ranges under the provided VPC network. Example: ['vertex-ai-ip-range']." }, "runtimeConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1PipelineJobRuntimeConfig", "description": "Runtime config of the pipeline." }, "serviceAccount": { "type": "string", "description": "The service account that the pipeline workload runs as. If not specified, the Compute Engine default service account in the project will be used. See https://cloud.google.com/compute/docs/access/service-accounts#default_service_account Users starting the pipeline must have the `iam.serviceAccounts.actAs` permission on this service account." }, "templateUri": { "type": "string", "description": "A template uri from where the PipelineJob.pipeline_spec, if empty, will be downloaded. Currently, only uri from Vertex Template Registry & Gallery is supported. Reference to https://cloud.google.com/vertex-ai/docs/pipelines/create-pipeline-template." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1PipelineJobDetailResponse": { "description": "The runtime detail of PipelineJob.", "properties": { "pipelineContext": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ContextResponse", "description": "The context of the pipeline." }, "pipelineRunContext": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ContextResponse", "description": "The context of the current pipeline run." }, "taskDetails": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1PipelineTaskDetailResponse" }, "description": "The runtime details of the tasks under the pipeline." } }, "type": "object", "required": [ "pipelineContext", "pipelineRunContext", "taskDetails" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1PipelineJobResponse": { "description": "An instance of a machine learning PipelineJob.", "properties": { "createTime": { "type": "string", "description": "Pipeline creation time." }, "displayName": { "type": "string", "description": "The display name of the Pipeline. The name can be up to 128 characters long and can consist of any UTF-8 characters." }, "encryptionSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1EncryptionSpecResponse", "description": "Customer-managed encryption key spec for a pipelineJob. If set, this PipelineJob and all of its sub-resources will be secured by this key." }, "endTime": { "type": "string", "description": "Pipeline end time." }, "error": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleRpcStatusResponse", "description": "The error that occurred during pipeline execution. Only populated when the pipeline's state is FAILED or CANCELLED." }, "jobDetail": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1PipelineJobDetailResponse", "description": "The details of pipeline run. Not available in the list view." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The labels with user-defined metadata to organize PipelineJob. Label keys and values can be no longer than 64 characters (Unicode codepoints), can only contain lowercase letters, numeric characters, underscores and dashes. International characters are allowed. See https://goo.gl/xmQnxf for more information and examples of labels. Note there is some reserved label key for Vertex AI Pipelines. - `vertex-ai-pipelines-run-billing-id`, user set value will get overrided." }, "name": { "type": "string", "description": "The resource name of the PipelineJob." }, "network": { "type": "string", "description": "The full name of the Compute Engine [network](/compute/docs/networks-and-firewalls#networks) to which the Pipeline Job's workload should be peered. For example, `projects/12345/global/networks/myVPC`. [Format](/compute/docs/reference/rest/v1/networks/insert) is of the form `projects/{project}/global/networks/{network}`. Where {project} is a project number, as in `12345`, and {network} is a network name. Private services access must already be configured for the network. Pipeline job will apply the network configuration to the Google Cloud resources being launched, if applied, such as Vertex AI Training or Dataflow job. If left unspecified, the workload is not peered with any network." }, "pipelineSpec": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The spec of the pipeline." }, "reservedIpRanges": { "type": "array", "items": { "type": "string" }, "description": "A list of names for the reserved ip ranges under the VPC network that can be used for this Pipeline Job's workload. If set, we will deploy the Pipeline Job's workload within the provided ip ranges. Otherwise, the job will be deployed to any ip ranges under the provided VPC network. Example: ['vertex-ai-ip-range']." }, "runtimeConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1PipelineJobRuntimeConfigResponse", "description": "Runtime config of the pipeline." }, "scheduleName": { "type": "string", "description": "The schedule resource name. Only returned if the Pipeline is created by Schedule API." }, "serviceAccount": { "type": "string", "description": "The service account that the pipeline workload runs as. If not specified, the Compute Engine default service account in the project will be used. See https://cloud.google.com/compute/docs/access/service-accounts#default_service_account Users starting the pipeline must have the `iam.serviceAccounts.actAs` permission on this service account." }, "startTime": { "type": "string", "description": "Pipeline start time." }, "state": { "type": "string", "description": "The detailed state of the job." }, "templateMetadata": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1PipelineTemplateMetadataResponse", "description": "Pipeline template metadata. Will fill up fields if PipelineJob.template_uri is from supported template registry." }, "templateUri": { "type": "string", "description": "A template uri from where the PipelineJob.pipeline_spec, if empty, will be downloaded. Currently, only uri from Vertex Template Registry & Gallery is supported. Reference to https://cloud.google.com/vertex-ai/docs/pipelines/create-pipeline-template." }, "updateTime": { "type": "string", "description": "Timestamp when this PipelineJob was most recently updated." } }, "type": "object", "required": [ "createTime", "displayName", "encryptionSpec", "endTime", "error", "jobDetail", "labels", "name", "network", "pipelineSpec", "reservedIpRanges", "runtimeConfig", "scheduleName", "serviceAccount", "startTime", "state", "templateMetadata", "templateUri", "updateTime" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1PipelineJobRuntimeConfig": { "description": "The runtime config of a PipelineJob.", "properties": { "failurePolicy": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1PipelineJobRuntimeConfigFailurePolicy", "description": "Represents the failure policy of a pipeline. Currently, the default of a pipeline is that the pipeline will continue to run until no more tasks can be executed, also known as PIPELINE_FAILURE_POLICY_FAIL_SLOW. However, if a pipeline is set to PIPELINE_FAILURE_POLICY_FAIL_FAST, it will stop scheduling any new tasks when a task has failed. Any scheduled tasks will continue to completion." }, "gcsOutputDirectory": { "type": "string", "description": "A path in a Cloud Storage bucket, which will be treated as the root output directory of the pipeline. It is used by the system to generate the paths of output artifacts. The artifact paths are generated with a sub-path pattern `{job_id}/{task_id}/{output_key}` under the specified output directory. The service account specified in this pipeline must have the `storage.objects.get` and `storage.objects.create` permissions for this bucket." }, "inputArtifacts": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The runtime artifacts of the PipelineJob. The key will be the input artifact name and the value would be one of the InputArtifact." }, "parameterValues": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The runtime parameters of the PipelineJob. The parameters will be passed into PipelineJob.pipeline_spec to replace the placeholders at runtime. This field is used by pipelines built using `PipelineJob.pipeline_spec.schema_version` 2.1.0, such as pipelines built using Kubeflow Pipelines SDK 1.9 or higher and the v2 DSL." }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Deprecated. Use RuntimeConfig.parameter_values instead. The runtime parameters of the PipelineJob. The parameters will be passed into PipelineJob.pipeline_spec to replace the placeholders at runtime. This field is used by pipelines built using `PipelineJob.pipeline_spec.schema_version` 2.0.0 or lower, such as pipelines built using Kubeflow Pipelines SDK 1.8 or lower.", "deprecationMessage": "Deprecated. Use RuntimeConfig.parameter_values instead. The runtime parameters of the PipelineJob. The parameters will be passed into PipelineJob.pipeline_spec to replace the placeholders at runtime. This field is used by pipelines built using `PipelineJob.pipeline_spec.schema_version` 2.0.0 or lower, such as pipelines built using Kubeflow Pipelines SDK 1.8 or lower." } }, "type": "object", "required": [ "gcsOutputDirectory" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1PipelineJobRuntimeConfigFailurePolicy": { "description": "Represents the failure policy of a pipeline. Currently, the default of a pipeline is that the pipeline will continue to run until no more tasks can be executed, also known as PIPELINE_FAILURE_POLICY_FAIL_SLOW. However, if a pipeline is set to PIPELINE_FAILURE_POLICY_FAIL_FAST, it will stop scheduling any new tasks when a task has failed. Any scheduled tasks will continue to completion.", "type": "string", "enum": [ { "name": "PipelineFailurePolicyUnspecified", "description": "Default value, and follows fail slow behavior.", "value": "PIPELINE_FAILURE_POLICY_UNSPECIFIED" }, { "name": "PipelineFailurePolicyFailSlow", "description": "Indicates that the pipeline should continue to run until all possible tasks have been scheduled and completed.", "value": "PIPELINE_FAILURE_POLICY_FAIL_SLOW" }, { "name": "PipelineFailurePolicyFailFast", "description": "Indicates that the pipeline should stop scheduling new tasks after a task has failed.", "value": "PIPELINE_FAILURE_POLICY_FAIL_FAST" } ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1PipelineJobRuntimeConfigResponse": { "description": "The runtime config of a PipelineJob.", "properties": { "failurePolicy": { "type": "string", "description": "Represents the failure policy of a pipeline. Currently, the default of a pipeline is that the pipeline will continue to run until no more tasks can be executed, also known as PIPELINE_FAILURE_POLICY_FAIL_SLOW. However, if a pipeline is set to PIPELINE_FAILURE_POLICY_FAIL_FAST, it will stop scheduling any new tasks when a task has failed. Any scheduled tasks will continue to completion." }, "gcsOutputDirectory": { "type": "string", "description": "A path in a Cloud Storage bucket, which will be treated as the root output directory of the pipeline. It is used by the system to generate the paths of output artifacts. The artifact paths are generated with a sub-path pattern `{job_id}/{task_id}/{output_key}` under the specified output directory. The service account specified in this pipeline must have the `storage.objects.get` and `storage.objects.create` permissions for this bucket." }, "inputArtifacts": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The runtime artifacts of the PipelineJob. The key will be the input artifact name and the value would be one of the InputArtifact." }, "parameterValues": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The runtime parameters of the PipelineJob. The parameters will be passed into PipelineJob.pipeline_spec to replace the placeholders at runtime. This field is used by pipelines built using `PipelineJob.pipeline_spec.schema_version` 2.1.0, such as pipelines built using Kubeflow Pipelines SDK 1.9 or higher and the v2 DSL." }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Deprecated. Use RuntimeConfig.parameter_values instead. The runtime parameters of the PipelineJob. The parameters will be passed into PipelineJob.pipeline_spec to replace the placeholders at runtime. This field is used by pipelines built using `PipelineJob.pipeline_spec.schema_version` 2.0.0 or lower, such as pipelines built using Kubeflow Pipelines SDK 1.8 or lower.", "deprecationMessage": "Deprecated. Use RuntimeConfig.parameter_values instead. The runtime parameters of the PipelineJob. The parameters will be passed into PipelineJob.pipeline_spec to replace the placeholders at runtime. This field is used by pipelines built using `PipelineJob.pipeline_spec.schema_version` 2.0.0 or lower, such as pipelines built using Kubeflow Pipelines SDK 1.8 or lower." } }, "type": "object", "required": [ "failurePolicy", "gcsOutputDirectory", "inputArtifacts", "parameterValues", "parameters" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1PipelineTaskDetailPipelineTaskStatusResponse": { "description": "A single record of the task status.", "properties": { "error": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleRpcStatusResponse", "description": "The error that occurred during the state. May be set when the state is any of the non-final state (PENDING/RUNNING/CANCELLING) or FAILED state. If the state is FAILED, the error here is final and not going to be retried. If the state is a non-final state, the error indicates a system-error being retried." }, "state": { "type": "string", "description": "The state of the task." }, "updateTime": { "type": "string", "description": "Update time of this status." } }, "type": "object", "required": [ "error", "state", "updateTime" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1PipelineTaskDetailResponse": { "description": "The runtime detail of a task execution.", "properties": { "createTime": { "type": "string", "description": "Task create time." }, "endTime": { "type": "string", "description": "Task end time." }, "error": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleRpcStatusResponse", "description": "The error that occurred during task execution. Only populated when the task's state is FAILED or CANCELLED." }, "execution": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ExecutionResponse", "description": "The execution metadata of the task." }, "executorDetail": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1PipelineTaskExecutorDetailResponse", "description": "The detailed execution info." }, "inputs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The runtime input artifacts of the task." }, "outputs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The runtime output artifacts of the task." }, "parentTaskId": { "type": "string", "description": "The id of the parent task if the task is within a component scope. Empty if the task is at the root level." }, "pipelineTaskStatus": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1PipelineTaskDetailPipelineTaskStatusResponse" }, "description": "A list of task status. This field keeps a record of task status evolving over time." }, "startTime": { "type": "string", "description": "Task start time." }, "state": { "type": "string", "description": "State of the task." }, "taskId": { "type": "string", "description": "The system generated ID of the task." }, "taskName": { "type": "string", "description": "The user specified name of the task that is defined in pipeline_spec." } }, "type": "object", "required": [ "createTime", "endTime", "error", "execution", "executorDetail", "inputs", "outputs", "parentTaskId", "pipelineTaskStatus", "startTime", "state", "taskId", "taskName" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1PipelineTaskExecutorDetailContainerDetailResponse": { "description": "The detail of a container execution. It contains the job names of the lifecycle of a container execution.", "properties": { "failedMainJobs": { "type": "array", "items": { "type": "string" }, "description": "The names of the previously failed CustomJob for the main container executions. The list includes the all attempts in chronological order." }, "failedPreCachingCheckJobs": { "type": "array", "items": { "type": "string" }, "description": "The names of the previously failed CustomJob for the pre-caching-check container executions. This job will be available if the PipelineJob.pipeline_spec specifies the `pre_caching_check` hook in the lifecycle events. The list includes the all attempts in chronological order." }, "mainJob": { "type": "string", "description": "The name of the CustomJob for the main container execution." }, "preCachingCheckJob": { "type": "string", "description": "The name of the CustomJob for the pre-caching-check container execution. This job will be available if the PipelineJob.pipeline_spec specifies the `pre_caching_check` hook in the lifecycle events." } }, "type": "object", "required": [ "failedMainJobs", "failedPreCachingCheckJobs", "mainJob", "preCachingCheckJob" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1PipelineTaskExecutorDetailCustomJobDetailResponse": { "description": "The detailed info for a custom job executor.", "properties": { "failedJobs": { "type": "array", "items": { "type": "string" }, "description": "The names of the previously failed CustomJob. The list includes the all attempts in chronological order." }, "job": { "type": "string", "description": "The name of the CustomJob." } }, "type": "object", "required": [ "failedJobs", "job" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1PipelineTaskExecutorDetailResponse": { "description": "The runtime detail of a pipeline executor.", "properties": { "containerDetail": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1PipelineTaskExecutorDetailContainerDetailResponse", "description": "The detailed info for a container executor." }, "customJobDetail": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1PipelineTaskExecutorDetailCustomJobDetailResponse", "description": "The detailed info for a custom job executor." } }, "type": "object", "required": [ "containerDetail", "customJobDetail" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1PipelineTemplateMetadataResponse": { "description": "Pipeline template metadata if PipelineJob.template_uri is from supported template registry. Currently, the only supported registry is Artifact Registry.", "properties": { "version": { "type": "string", "description": "The version_name in artifact registry. Will always be presented in output if the PipelineJob.template_uri is from supported template registry. Format is \"sha256:abcdef123456...\"." } }, "type": "object", "required": [ "version" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1Port": { "description": "Represents a network port in a container.", "properties": { "containerPort": { "type": "integer", "description": "The number of the port to expose on the pod's IP address. Must be a valid port number, between 1 and 65535 inclusive." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1PortResponse": { "description": "Represents a network port in a container.", "properties": { "containerPort": { "type": "integer", "description": "The number of the port to expose on the pod's IP address. Must be a valid port number, between 1 and 65535 inclusive." } }, "type": "object", "required": [ "containerPort" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1PredefinedSplit": { "description": "Assigns input data to training, validation, and test sets based on the value of a provided key. Supported only for tabular Datasets.", "properties": { "key": { "type": "string", "description": "The key is a name of one of the Dataset's data columns. The value of the key (either the label's value or value in the column) must be one of {`training`, `validation`, `test`}, and it defines to which set the given piece of data is assigned. If for a piece of data the key is not present or has an invalid value, that piece is ignored by the pipeline." } }, "type": "object", "required": [ "key" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1PredefinedSplitResponse": { "description": "Assigns input data to training, validation, and test sets based on the value of a provided key. Supported only for tabular Datasets.", "properties": { "key": { "type": "string", "description": "The key is a name of one of the Dataset's data columns. The value of the key (either the label's value or value in the column) must be one of {`training`, `validation`, `test`}, and it defines to which set the given piece of data is assigned. If for a piece of data the key is not present or has an invalid value, that piece is ignored by the pipeline." } }, "type": "object", "required": [ "key" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1PredictRequestResponseLoggingConfig": { "description": "Configuration for logging request-response to a BigQuery table.", "properties": { "bigqueryDestination": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1BigQueryDestination", "description": "BigQuery table for logging. If only given a project, a new dataset will be created with name `logging__` where will be made BigQuery-dataset-name compatible (e.g. most special characters will become underscores). If no table name is given, a new table will be created with name `request_response_logging`" }, "enabled": { "type": "boolean", "description": "If logging is enabled or not." }, "samplingRate": { "type": "number", "description": "Percentage of requests to be logged, expressed as a fraction in range(0,1]." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1PredictRequestResponseLoggingConfigResponse": { "description": "Configuration for logging request-response to a BigQuery table.", "properties": { "bigqueryDestination": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1BigQueryDestinationResponse", "description": "BigQuery table for logging. If only given a project, a new dataset will be created with name `logging__` where will be made BigQuery-dataset-name compatible (e.g. most special characters will become underscores). If no table name is given, a new table will be created with name `request_response_logging`" }, "enabled": { "type": "boolean", "description": "If logging is enabled or not." }, "samplingRate": { "type": "number", "description": "Percentage of requests to be logged, expressed as a fraction in range(0,1]." } }, "type": "object", "required": [ "bigqueryDestination", "enabled", "samplingRate" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1PredictSchemata": { "description": "Contains the schemata used in Model's predictions and explanations via PredictionService.Predict, PredictionService.Explain and BatchPredictionJob.", "properties": { "instanceSchemaUri": { "type": "string", "description": "Immutable. Points to a YAML file stored on Google Cloud Storage describing the format of a single instance, which are used in PredictRequest.instances, ExplainRequest.instances and BatchPredictionJob.input_config. The schema is defined as an OpenAPI 3.0.2 [Schema Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). AutoML Models always have this field populated by Vertex AI. Note: The URI given on output will be immutable and probably different, including the URI scheme, than the one given on input. The output URI will point to a location where the user only has a read access." }, "parametersSchemaUri": { "type": "string", "description": "Immutable. Points to a YAML file stored on Google Cloud Storage describing the parameters of prediction and explanation via PredictRequest.parameters, ExplainRequest.parameters and BatchPredictionJob.model_parameters. The schema is defined as an OpenAPI 3.0.2 [Schema Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). AutoML Models always have this field populated by Vertex AI, if no parameters are supported, then it is set to an empty string. Note: The URI given on output will be immutable and probably different, including the URI scheme, than the one given on input. The output URI will point to a location where the user only has a read access." }, "predictionSchemaUri": { "type": "string", "description": "Immutable. Points to a YAML file stored on Google Cloud Storage describing the format of a single prediction produced by this Model, which are returned via PredictResponse.predictions, ExplainResponse.explanations, and BatchPredictionJob.output_config. The schema is defined as an OpenAPI 3.0.2 [Schema Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). AutoML Models always have this field populated by Vertex AI. Note: The URI given on output will be immutable and probably different, including the URI scheme, than the one given on input. The output URI will point to a location where the user only has a read access." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1PredictSchemataResponse": { "description": "Contains the schemata used in Model's predictions and explanations via PredictionService.Predict, PredictionService.Explain and BatchPredictionJob.", "properties": { "instanceSchemaUri": { "type": "string", "description": "Immutable. Points to a YAML file stored on Google Cloud Storage describing the format of a single instance, which are used in PredictRequest.instances, ExplainRequest.instances and BatchPredictionJob.input_config. The schema is defined as an OpenAPI 3.0.2 [Schema Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). AutoML Models always have this field populated by Vertex AI. Note: The URI given on output will be immutable and probably different, including the URI scheme, than the one given on input. The output URI will point to a location where the user only has a read access." }, "parametersSchemaUri": { "type": "string", "description": "Immutable. Points to a YAML file stored on Google Cloud Storage describing the parameters of prediction and explanation via PredictRequest.parameters, ExplainRequest.parameters and BatchPredictionJob.model_parameters. The schema is defined as an OpenAPI 3.0.2 [Schema Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). AutoML Models always have this field populated by Vertex AI, if no parameters are supported, then it is set to an empty string. Note: The URI given on output will be immutable and probably different, including the URI scheme, than the one given on input. The output URI will point to a location where the user only has a read access." }, "predictionSchemaUri": { "type": "string", "description": "Immutable. Points to a YAML file stored on Google Cloud Storage describing the format of a single prediction produced by this Model, which are returned via PredictResponse.predictions, ExplainResponse.explanations, and BatchPredictionJob.output_config. The schema is defined as an OpenAPI 3.0.2 [Schema Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). AutoML Models always have this field populated by Vertex AI. Note: The URI given on output will be immutable and probably different, including the URI scheme, than the one given on input. The output URI will point to a location where the user only has a read access." } }, "type": "object", "required": [ "instanceSchemaUri", "parametersSchemaUri", "predictionSchemaUri" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1Presets": { "description": "Preset configuration for example-based explanations", "properties": { "modality": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1PresetsModality", "description": "The modality of the uploaded model, which automatically configures the distance measurement and feature normalization for the underlying example index and queries. If your model does not precisely fit one of these types, it is okay to choose the closest type." }, "query": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1PresetsQuery", "description": "Preset option controlling parameters for speed-precision trade-off when querying for examples. If omitted, defaults to `PRECISE`." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1PresetsModality": { "description": "The modality of the uploaded model, which automatically configures the distance measurement and feature normalization for the underlying example index and queries. If your model does not precisely fit one of these types, it is okay to choose the closest type.", "type": "string", "enum": [ { "name": "ModalityUnspecified", "description": "Should not be set. Added as a recommended best practice for enums", "value": "MODALITY_UNSPECIFIED" }, { "name": "Image", "description": "IMAGE modality", "value": "IMAGE" }, { "name": "Text", "description": "TEXT modality", "value": "TEXT" }, { "name": "Tabular", "description": "TABULAR modality", "value": "TABULAR" } ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1PresetsQuery": { "description": "Preset option controlling parameters for speed-precision trade-off when querying for examples. If omitted, defaults to `PRECISE`.", "type": "string", "enum": [ { "name": "Precise", "description": "More precise neighbors as a trade-off against slower response.", "value": "PRECISE" }, { "name": "Fast", "description": "Faster response as a trade-off against less precise neighbors.", "value": "FAST" } ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1PresetsResponse": { "description": "Preset configuration for example-based explanations", "properties": { "modality": { "type": "string", "description": "The modality of the uploaded model, which automatically configures the distance measurement and feature normalization for the underlying example index and queries. If your model does not precisely fit one of these types, it is okay to choose the closest type." }, "query": { "type": "string", "description": "Preset option controlling parameters for speed-precision trade-off when querying for examples. If omitted, defaults to `PRECISE`." } }, "type": "object", "required": [ "modality", "query" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1PrivateEndpointsResponse": { "description": "PrivateEndpoints proto is used to provide paths for users to send requests privately. To send request via private service access, use predict_http_uri, explain_http_uri or health_http_uri. To send request via private service connect, use service_attachment.", "properties": { "explainHttpUri": { "type": "string", "description": "Http(s) path to send explain requests." }, "healthHttpUri": { "type": "string", "description": "Http(s) path to send health check requests." }, "predictHttpUri": { "type": "string", "description": "Http(s) path to send prediction requests." }, "serviceAttachment": { "type": "string", "description": "The name of the service attachment resource. Populated if private service connect is enabled." } }, "type": "object", "required": [ "explainHttpUri", "healthHttpUri", "predictHttpUri", "serviceAttachment" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1PrivateServiceConnectConfig": { "description": "Represents configuration for private service connect.", "properties": { "enablePrivateServiceConnect": { "type": "boolean", "description": "If true, expose the IndexEndpoint via private service connect." }, "projectAllowlist": { "type": "array", "items": { "type": "string" }, "description": "A list of Projects from which the forwarding rule will target the service attachment." } }, "type": "object", "required": [ "enablePrivateServiceConnect" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1PrivateServiceConnectConfigResponse": { "description": "Represents configuration for private service connect.", "properties": { "enablePrivateServiceConnect": { "type": "boolean", "description": "If true, expose the IndexEndpoint via private service connect." }, "projectAllowlist": { "type": "array", "items": { "type": "string" }, "description": "A list of Projects from which the forwarding rule will target the service attachment." } }, "type": "object", "required": [ "enablePrivateServiceConnect", "projectAllowlist" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1Probe": { "description": "Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.", "properties": { "exec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ProbeExecAction", "description": "Exec specifies the action to take." }, "periodSeconds": { "type": "integer", "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Must be less than timeout_seconds. Maps to Kubernetes probe argument 'periodSeconds'." }, "timeoutSeconds": { "type": "integer", "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Must be greater or equal to period_seconds. Maps to Kubernetes probe argument 'timeoutSeconds'." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ProbeExecAction": { "description": "ExecAction specifies a command to execute.", "properties": { "command": { "type": "array", "items": { "type": "string" }, "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ProbeExecActionResponse": { "description": "ExecAction specifies a command to execute.", "properties": { "command": { "type": "array", "items": { "type": "string" }, "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." } }, "type": "object", "required": [ "command" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ProbeResponse": { "description": "Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.", "properties": { "exec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ProbeExecActionResponse", "description": "Exec specifies the action to take." }, "periodSeconds": { "type": "integer", "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Must be less than timeout_seconds. Maps to Kubernetes probe argument 'periodSeconds'." }, "timeoutSeconds": { "type": "integer", "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Must be greater or equal to period_seconds. Maps to Kubernetes probe argument 'timeoutSeconds'." } }, "type": "object", "required": [ "exec", "periodSeconds", "timeoutSeconds" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1PythonPackageSpec": { "description": "The spec of a Python packaged code.", "properties": { "args": { "type": "array", "items": { "type": "string" }, "description": "Command line arguments to be passed to the Python task." }, "env": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1EnvVar" }, "description": "Environment variables to be passed to the python module. Maximum limit is 100." }, "executorImageUri": { "type": "string", "description": "The URI of a container image in Artifact Registry that will run the provided Python package. Vertex AI provides a wide range of executor images with pre-installed packages to meet users' various use cases. See the list of [pre-built containers for training](https://cloud.google.com/vertex-ai/docs/training/pre-built-containers). You must use an image from this list." }, "packageUris": { "type": "array", "items": { "type": "string" }, "description": "The Google Cloud Storage location of the Python package files which are the training program and its dependent packages. The maximum number of package URIs is 100." }, "pythonModule": { "type": "string", "description": "The Python module name to run after installing the packages." } }, "type": "object", "required": [ "executorImageUri", "packageUris", "pythonModule" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1PythonPackageSpecResponse": { "description": "The spec of a Python packaged code.", "properties": { "args": { "type": "array", "items": { "type": "string" }, "description": "Command line arguments to be passed to the Python task." }, "env": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1EnvVarResponse" }, "description": "Environment variables to be passed to the python module. Maximum limit is 100." }, "executorImageUri": { "type": "string", "description": "The URI of a container image in Artifact Registry that will run the provided Python package. Vertex AI provides a wide range of executor images with pre-installed packages to meet users' various use cases. See the list of [pre-built containers for training](https://cloud.google.com/vertex-ai/docs/training/pre-built-containers). You must use an image from this list." }, "packageUris": { "type": "array", "items": { "type": "string" }, "description": "The Google Cloud Storage location of the Python package files which are the training program and its dependent packages. The maximum number of package URIs is 100." }, "pythonModule": { "type": "string", "description": "The Python module name to run after installing the packages." } }, "type": "object", "required": [ "args", "env", "executorImageUri", "packageUris", "pythonModule" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ResourcesConsumedResponse": { "description": "Statistics information about resource consumption.", "properties": { "replicaHours": { "type": "number", "description": "The number of replica hours used. Note that many replicas may run in parallel, and additionally any given work may be queued for some time. Therefore this value is not strictly related to wall time." } }, "type": "object", "required": [ "replicaHours" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1SampleConfig": { "description": "Active learning data sampling config. For every active learning labeling iteration, it will select a batch of data based on the sampling strategy.", "properties": { "followingBatchSamplePercentage": { "type": "integer", "description": "The percentage of data needed to be labeled in each following batch (except the first batch)." }, "initialBatchSamplePercentage": { "type": "integer", "description": "The percentage of data needed to be labeled in the first batch." }, "sampleStrategy": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1SampleConfigSampleStrategy", "description": "Field to choose sampling strategy. Sampling strategy will decide which data should be selected for human labeling in every batch." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1SampleConfigResponse": { "description": "Active learning data sampling config. For every active learning labeling iteration, it will select a batch of data based on the sampling strategy.", "properties": { "followingBatchSamplePercentage": { "type": "integer", "description": "The percentage of data needed to be labeled in each following batch (except the first batch)." }, "initialBatchSamplePercentage": { "type": "integer", "description": "The percentage of data needed to be labeled in the first batch." }, "sampleStrategy": { "type": "string", "description": "Field to choose sampling strategy. Sampling strategy will decide which data should be selected for human labeling in every batch." } }, "type": "object", "required": [ "followingBatchSamplePercentage", "initialBatchSamplePercentage", "sampleStrategy" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1SampleConfigSampleStrategy": { "description": "Field to choose sampling strategy. Sampling strategy will decide which data should be selected for human labeling in every batch.", "type": "string", "enum": [ { "name": "SampleStrategyUnspecified", "description": "Default will be treated as UNCERTAINTY.", "value": "SAMPLE_STRATEGY_UNSPECIFIED" }, { "name": "Uncertainty", "description": "Sample the most uncertain data to label.", "value": "UNCERTAINTY" } ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1SampledShapleyAttribution": { "description": "An attribution method that approximates Shapley values for features that contribute to the label being predicted. A sampling strategy is used to approximate the value rather than considering all subsets of features.", "properties": { "pathCount": { "type": "integer", "description": "The number of feature permutations to consider when approximating the Shapley values. Valid range of its value is [1, 50], inclusively." } }, "type": "object", "required": [ "pathCount" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1SampledShapleyAttributionResponse": { "description": "An attribution method that approximates Shapley values for features that contribute to the label being predicted. A sampling strategy is used to approximate the value rather than considering all subsets of features.", "properties": { "pathCount": { "type": "integer", "description": "The number of feature permutations to consider when approximating the Shapley values. Valid range of its value is [1, 50], inclusively." } }, "type": "object", "required": [ "pathCount" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1SamplingStrategy": { "description": "Sampling Strategy for logging, can be for both training and prediction dataset.", "properties": { "randomSampleConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1SamplingStrategyRandomSampleConfig", "description": "Random sample config. Will support more sampling strategies later." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1SamplingStrategyRandomSampleConfig": { "description": "Requests are randomly selected.", "properties": { "sampleRate": { "type": "number", "description": "Sample rate (0, 1]" } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1SamplingStrategyRandomSampleConfigResponse": { "description": "Requests are randomly selected.", "properties": { "sampleRate": { "type": "number", "description": "Sample rate (0, 1]" } }, "type": "object", "required": [ "sampleRate" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1SamplingStrategyResponse": { "description": "Sampling Strategy for logging, can be for both training and prediction dataset.", "properties": { "randomSampleConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1SamplingStrategyRandomSampleConfigResponse", "description": "Random sample config. Will support more sampling strategies later." } }, "type": "object", "required": [ "randomSampleConfig" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1SavedQuery": { "description": "A SavedQuery is a view of the dataset. It references a subset of annotations by problem type and filters.", "properties": { "displayName": { "type": "string", "description": "The user-defined name of the SavedQuery. The name can be up to 128 characters long and can consist of any UTF-8 characters." }, "etag": { "type": "string", "description": "Used to perform a consistent read-modify-write update. If not set, a blind \"overwrite\" update happens." }, "metadata": { "$ref": "pulumi.json#/Any", "description": "Some additional information about the SavedQuery." }, "problemType": { "type": "string", "description": "Problem type of the SavedQuery. Allowed values: * IMAGE_CLASSIFICATION_SINGLE_LABEL * IMAGE_CLASSIFICATION_MULTI_LABEL * IMAGE_BOUNDING_POLY * IMAGE_BOUNDING_BOX * TEXT_CLASSIFICATION_SINGLE_LABEL * TEXT_CLASSIFICATION_MULTI_LABEL * TEXT_EXTRACTION * TEXT_SENTIMENT * VIDEO_CLASSIFICATION * VIDEO_OBJECT_TRACKING" } }, "type": "object", "required": [ "displayName", "problemType" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1SavedQueryResponse": { "description": "A SavedQuery is a view of the dataset. It references a subset of annotations by problem type and filters.", "properties": { "annotationFilter": { "type": "string", "description": "Filters on the Annotations in the dataset." }, "annotationSpecCount": { "type": "integer", "description": "Number of AnnotationSpecs in the context of the SavedQuery." }, "createTime": { "type": "string", "description": "Timestamp when this SavedQuery was created." }, "displayName": { "type": "string", "description": "The user-defined name of the SavedQuery. The name can be up to 128 characters long and can consist of any UTF-8 characters." }, "etag": { "type": "string", "description": "Used to perform a consistent read-modify-write update. If not set, a blind \"overwrite\" update happens." }, "metadata": { "$ref": "pulumi.json#/Any", "description": "Some additional information about the SavedQuery." }, "name": { "type": "string", "description": "Resource name of the SavedQuery." }, "problemType": { "type": "string", "description": "Problem type of the SavedQuery. Allowed values: * IMAGE_CLASSIFICATION_SINGLE_LABEL * IMAGE_CLASSIFICATION_MULTI_LABEL * IMAGE_BOUNDING_POLY * IMAGE_BOUNDING_BOX * TEXT_CLASSIFICATION_SINGLE_LABEL * TEXT_CLASSIFICATION_MULTI_LABEL * TEXT_EXTRACTION * TEXT_SENTIMENT * VIDEO_CLASSIFICATION * VIDEO_OBJECT_TRACKING" }, "supportAutomlTraining": { "type": "boolean", "description": "If the Annotations belonging to the SavedQuery can be used for AutoML training." }, "updateTime": { "type": "string", "description": "Timestamp when SavedQuery was last updated." } }, "type": "object", "required": [ "annotationFilter", "annotationSpecCount", "createTime", "displayName", "etag", "metadata", "name", "problemType", "supportAutomlTraining", "updateTime" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ScheduleRunResponseResponse": { "description": "Status of a scheduled run.", "properties": { "runResponse": { "type": "string", "description": "The response of the scheduled run." }, "scheduledRunTime": { "type": "string", "description": "The scheduled run time based on the user-specified schedule." } }, "type": "object", "required": [ "runResponse", "scheduledRunTime" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1Scheduling": { "description": "All parameters related to queuing and scheduling of custom jobs.", "properties": { "disableRetries": { "type": "boolean", "description": "Optional. Indicates if the job should retry for internal errors after the job starts running. If true, overrides `Scheduling.restart_job_on_worker_restart` to false." }, "restartJobOnWorkerRestart": { "type": "boolean", "description": "Restarts the entire CustomJob if a worker gets restarted. This feature can be used by distributed training jobs that are not resilient to workers leaving and joining a job." }, "timeout": { "type": "string", "description": "The maximum job running time. The default is 7 days." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1SchedulingResponse": { "description": "All parameters related to queuing and scheduling of custom jobs.", "properties": { "disableRetries": { "type": "boolean", "description": "Optional. Indicates if the job should retry for internal errors after the job starts running. If true, overrides `Scheduling.restart_job_on_worker_restart` to false." }, "restartJobOnWorkerRestart": { "type": "boolean", "description": "Restarts the entire CustomJob if a worker gets restarted. This feature can be used by distributed training jobs that are not resilient to workers leaving and joining a job." }, "timeout": { "type": "string", "description": "The maximum job running time. The default is 7 days." } }, "type": "object", "required": [ "disableRetries", "restartJobOnWorkerRestart", "timeout" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1SmoothGradConfig": { "description": "Config for SmoothGrad approximation of gradients. When enabled, the gradients are approximated by averaging the gradients from noisy samples in the vicinity of the inputs. Adding noise can help improve the computed gradients. Refer to this paper for more details: https://arxiv.org/pdf/1706.03825.pdf", "properties": { "featureNoiseSigma": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1FeatureNoiseSigma", "description": "This is similar to noise_sigma, but provides additional flexibility. A separate noise sigma can be provided for each feature, which is useful if their distributions are different. No noise is added to features that are not set. If this field is unset, noise_sigma will be used for all features." }, "noiseSigma": { "type": "number", "description": "This is a single float value and will be used to add noise to all the features. Use this field when all features are normalized to have the same distribution: scale to range [0, 1], [-1, 1] or z-scoring, where features are normalized to have 0-mean and 1-variance. Learn more about [normalization](https://developers.google.com/machine-learning/data-prep/transform/normalization). For best results the recommended value is about 10% - 20% of the standard deviation of the input feature. Refer to section 3.2 of the SmoothGrad paper: https://arxiv.org/pdf/1706.03825.pdf. Defaults to 0.1. If the distribution is different per feature, set feature_noise_sigma instead for each feature." }, "noisySampleCount": { "type": "integer", "description": "The number of gradient samples to use for approximation. The higher this number, the more accurate the gradient is, but the runtime complexity increases by this factor as well. Valid range of its value is [1, 50]. Defaults to 3." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1SmoothGradConfigResponse": { "description": "Config for SmoothGrad approximation of gradients. When enabled, the gradients are approximated by averaging the gradients from noisy samples in the vicinity of the inputs. Adding noise can help improve the computed gradients. Refer to this paper for more details: https://arxiv.org/pdf/1706.03825.pdf", "properties": { "featureNoiseSigma": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1FeatureNoiseSigmaResponse", "description": "This is similar to noise_sigma, but provides additional flexibility. A separate noise sigma can be provided for each feature, which is useful if their distributions are different. No noise is added to features that are not set. If this field is unset, noise_sigma will be used for all features." }, "noiseSigma": { "type": "number", "description": "This is a single float value and will be used to add noise to all the features. Use this field when all features are normalized to have the same distribution: scale to range [0, 1], [-1, 1] or z-scoring, where features are normalized to have 0-mean and 1-variance. Learn more about [normalization](https://developers.google.com/machine-learning/data-prep/transform/normalization). For best results the recommended value is about 10% - 20% of the standard deviation of the input feature. Refer to section 3.2 of the SmoothGrad paper: https://arxiv.org/pdf/1706.03825.pdf. Defaults to 0.1. If the distribution is different per feature, set feature_noise_sigma instead for each feature." }, "noisySampleCount": { "type": "integer", "description": "The number of gradient samples to use for approximation. The higher this number, the more accurate the gradient is, but the runtime complexity increases by this factor as well. Valid range of its value is [1, 50]. Defaults to 3." } }, "type": "object", "required": [ "featureNoiseSigma", "noiseSigma", "noisySampleCount" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StratifiedSplit": { "description": "Assigns input data to the training, validation, and test sets so that the distribution of values found in the categorical column (as specified by the `key` field) is mirrored within each split. The fraction values determine the relative sizes of the splits. For example, if the specified column has three values, with 50% of the rows having value \"A\", 25% value \"B\", and 25% value \"C\", and the split fractions are specified as 80/10/10, then the training set will constitute 80% of the training data, with about 50% of the training set rows having the value \"A\" for the specified column, about 25% having the value \"B\", and about 25% having the value \"C\". Only the top 500 occurring values are used; any values not in the top 500 values are randomly assigned to a split. If less than three rows contain a specific value, those rows are randomly assigned. Supported only for tabular Datasets.", "properties": { "key": { "type": "string", "description": "The key is a name of one of the Dataset's data columns. The key provided must be for a categorical column." }, "testFraction": { "type": "number", "description": "The fraction of the input data that is to be used to evaluate the Model." }, "trainingFraction": { "type": "number", "description": "The fraction of the input data that is to be used to train the Model." }, "validationFraction": { "type": "number", "description": "The fraction of the input data that is to be used to validate the Model." } }, "type": "object", "required": [ "key" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StratifiedSplitResponse": { "description": "Assigns input data to the training, validation, and test sets so that the distribution of values found in the categorical column (as specified by the `key` field) is mirrored within each split. The fraction values determine the relative sizes of the splits. For example, if the specified column has three values, with 50% of the rows having value \"A\", 25% value \"B\", and 25% value \"C\", and the split fractions are specified as 80/10/10, then the training set will constitute 80% of the training data, with about 50% of the training set rows having the value \"A\" for the specified column, about 25% having the value \"B\", and about 25% having the value \"C\". Only the top 500 occurring values are used; any values not in the top 500 values are randomly assigned to a split. If less than three rows contain a specific value, those rows are randomly assigned. Supported only for tabular Datasets.", "properties": { "key": { "type": "string", "description": "The key is a name of one of the Dataset's data columns. The key provided must be for a categorical column." }, "testFraction": { "type": "number", "description": "The fraction of the input data that is to be used to evaluate the Model." }, "trainingFraction": { "type": "number", "description": "The fraction of the input data that is to be used to train the Model." }, "validationFraction": { "type": "number", "description": "The fraction of the input data that is to be used to validate the Model." } }, "type": "object", "required": [ "key", "testFraction", "trainingFraction", "validationFraction" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpec": { "description": "Represents specification of a Study.", "properties": { "algorithm": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecAlgorithm", "description": "The search algorithm specified for the Study." }, "convexAutomatedStoppingSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecConvexAutomatedStoppingSpec", "description": "The automated early stopping spec using convex stopping rule." }, "decayCurveStoppingSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecDecayCurveAutomatedStoppingSpec", "description": "The automated early stopping spec using decay curve rule." }, "measurementSelectionType": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecMeasurementSelectionType", "description": "Describe which measurement selection type will be used" }, "medianAutomatedStoppingSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecMedianAutomatedStoppingSpec", "description": "The automated early stopping spec using median rule." }, "metrics": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecMetricSpec" }, "description": "Metric specs for the Study." }, "observationNoise": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecObservationNoise", "description": "The observation noise level of the study. Currently only supported by the Vertex AI Vizier service. Not supported by HyperparameterTuningJob or TrainingPipeline." }, "parameters": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecParameterSpec" }, "description": "The set of parameters to tune." }, "studyStoppingConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecStudyStoppingConfig", "description": "Conditions for automated stopping of a Study. Enable automated stopping by configuring at least one condition." } }, "type": "object", "required": [ "metrics", "parameters" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecAlgorithm": { "description": "The search algorithm specified for the Study.", "type": "string", "enum": [ { "name": "AlgorithmUnspecified", "description": "The default algorithm used by Vertex AI for [hyperparameter tuning](https://cloud.google.com/vertex-ai/docs/training/hyperparameter-tuning-overview) and [Vertex AI Vizier](https://cloud.google.com/vertex-ai/docs/vizier).", "value": "ALGORITHM_UNSPECIFIED" }, { "name": "GridSearch", "description": "Simple grid search within the feasible space. To use grid search, all parameters must be `INTEGER`, `CATEGORICAL`, or `DISCRETE`.", "value": "GRID_SEARCH" }, { "name": "RandomSearch", "description": "Simple random search within the feasible space.", "value": "RANDOM_SEARCH" } ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecConvexAutomatedStoppingSpec": { "description": "Configuration for ConvexAutomatedStoppingSpec. When there are enough completed trials (configured by min_measurement_count), for pending trials with enough measurements and steps, the policy first computes an overestimate of the objective value at max_num_steps according to the slope of the incomplete objective value curve. No prediction can be made if the curve is completely flat. If the overestimation is worse than the best objective value of the completed trials, this pending trial will be early-stopped, but a last measurement will be added to the pending trial with max_num_steps and predicted objective value from the autoregression model.", "properties": { "learningRateParameterName": { "type": "string", "description": "The hyper-parameter name used in the tuning job that stands for learning rate. Leave it blank if learning rate is not in a parameter in tuning. The learning_rate is used to estimate the objective value of the ongoing trial." }, "maxStepCount": { "type": "string", "description": "Steps used in predicting the final objective for early stopped trials. In general, it's set to be the same as the defined steps in training / tuning. If not defined, it will learn it from the completed trials. When use_steps is false, this field is set to the maximum elapsed seconds." }, "minMeasurementCount": { "type": "string", "description": "The minimal number of measurements in a Trial. Early-stopping checks will not trigger if less than min_measurement_count+1 completed trials or pending trials with less than min_measurement_count measurements. If not defined, the default value is 5." }, "minStepCount": { "type": "string", "description": "Minimum number of steps for a trial to complete. Trials which do not have a measurement with step_count > min_step_count won't be considered for early stopping. It's ok to set it to 0, and a trial can be early stopped at any stage. By default, min_step_count is set to be one-tenth of the max_step_count. When use_elapsed_duration is true, this field is set to the minimum elapsed seconds." }, "updateAllStoppedTrials": { "type": "boolean", "description": "ConvexAutomatedStoppingSpec by default only updates the trials that needs to be early stopped using a newly trained auto-regressive model. When this flag is set to True, all stopped trials from the beginning are potentially updated in terms of their `final_measurement`. Also, note that the training logic of autoregressive models is different in this case. Enabling this option has shown better results and this may be the default option in the future." }, "useElapsedDuration": { "type": "boolean", "description": "This bool determines whether or not the rule is applied based on elapsed_secs or steps. If use_elapsed_duration==false, the early stopping decision is made according to the predicted objective values according to the target steps. If use_elapsed_duration==true, elapsed_secs is used instead of steps. Also, in this case, the parameters max_num_steps and min_num_steps are overloaded to contain max_elapsed_seconds and min_elapsed_seconds." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecConvexAutomatedStoppingSpecResponse": { "description": "Configuration for ConvexAutomatedStoppingSpec. When there are enough completed trials (configured by min_measurement_count), for pending trials with enough measurements and steps, the policy first computes an overestimate of the objective value at max_num_steps according to the slope of the incomplete objective value curve. No prediction can be made if the curve is completely flat. If the overestimation is worse than the best objective value of the completed trials, this pending trial will be early-stopped, but a last measurement will be added to the pending trial with max_num_steps and predicted objective value from the autoregression model.", "properties": { "learningRateParameterName": { "type": "string", "description": "The hyper-parameter name used in the tuning job that stands for learning rate. Leave it blank if learning rate is not in a parameter in tuning. The learning_rate is used to estimate the objective value of the ongoing trial." }, "maxStepCount": { "type": "string", "description": "Steps used in predicting the final objective for early stopped trials. In general, it's set to be the same as the defined steps in training / tuning. If not defined, it will learn it from the completed trials. When use_steps is false, this field is set to the maximum elapsed seconds." }, "minMeasurementCount": { "type": "string", "description": "The minimal number of measurements in a Trial. Early-stopping checks will not trigger if less than min_measurement_count+1 completed trials or pending trials with less than min_measurement_count measurements. If not defined, the default value is 5." }, "minStepCount": { "type": "string", "description": "Minimum number of steps for a trial to complete. Trials which do not have a measurement with step_count > min_step_count won't be considered for early stopping. It's ok to set it to 0, and a trial can be early stopped at any stage. By default, min_step_count is set to be one-tenth of the max_step_count. When use_elapsed_duration is true, this field is set to the minimum elapsed seconds." }, "updateAllStoppedTrials": { "type": "boolean", "description": "ConvexAutomatedStoppingSpec by default only updates the trials that needs to be early stopped using a newly trained auto-regressive model. When this flag is set to True, all stopped trials from the beginning are potentially updated in terms of their `final_measurement`. Also, note that the training logic of autoregressive models is different in this case. Enabling this option has shown better results and this may be the default option in the future." }, "useElapsedDuration": { "type": "boolean", "description": "This bool determines whether or not the rule is applied based on elapsed_secs or steps. If use_elapsed_duration==false, the early stopping decision is made according to the predicted objective values according to the target steps. If use_elapsed_duration==true, elapsed_secs is used instead of steps. Also, in this case, the parameters max_num_steps and min_num_steps are overloaded to contain max_elapsed_seconds and min_elapsed_seconds." } }, "type": "object", "required": [ "learningRateParameterName", "maxStepCount", "minMeasurementCount", "minStepCount", "updateAllStoppedTrials", "useElapsedDuration" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecDecayCurveAutomatedStoppingSpec": { "description": "The decay curve automated stopping rule builds a Gaussian Process Regressor to predict the final objective value of a Trial based on the already completed Trials and the intermediate measurements of the current Trial. Early stopping is requested for the current Trial if there is very low probability to exceed the optimal value found so far.", "properties": { "useElapsedDuration": { "type": "boolean", "description": "True if Measurement.elapsed_duration is used as the x-axis of each Trials Decay Curve. Otherwise, Measurement.step_count will be used as the x-axis." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecDecayCurveAutomatedStoppingSpecResponse": { "description": "The decay curve automated stopping rule builds a Gaussian Process Regressor to predict the final objective value of a Trial based on the already completed Trials and the intermediate measurements of the current Trial. Early stopping is requested for the current Trial if there is very low probability to exceed the optimal value found so far.", "properties": { "useElapsedDuration": { "type": "boolean", "description": "True if Measurement.elapsed_duration is used as the x-axis of each Trials Decay Curve. Otherwise, Measurement.step_count will be used as the x-axis." } }, "type": "object", "required": [ "useElapsedDuration" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecMeasurementSelectionType": { "description": "Describe which measurement selection type will be used", "type": "string", "enum": [ { "name": "MeasurementSelectionTypeUnspecified", "description": "Will be treated as LAST_MEASUREMENT.", "value": "MEASUREMENT_SELECTION_TYPE_UNSPECIFIED" }, { "name": "LastMeasurement", "description": "Use the last measurement reported.", "value": "LAST_MEASUREMENT" }, { "name": "BestMeasurement", "description": "Use the best measurement reported.", "value": "BEST_MEASUREMENT" } ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecMedianAutomatedStoppingSpec": { "description": "The median automated stopping rule stops a pending Trial if the Trial's best objective_value is strictly below the median 'performance' of all completed Trials reported up to the Trial's last measurement. Currently, 'performance' refers to the running average of the objective values reported by the Trial in each measurement.", "properties": { "useElapsedDuration": { "type": "boolean", "description": "True if median automated stopping rule applies on Measurement.elapsed_duration. It means that elapsed_duration field of latest measurement of current Trial is used to compute median objective value for each completed Trials." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecMedianAutomatedStoppingSpecResponse": { "description": "The median automated stopping rule stops a pending Trial if the Trial's best objective_value is strictly below the median 'performance' of all completed Trials reported up to the Trial's last measurement. Currently, 'performance' refers to the running average of the objective values reported by the Trial in each measurement.", "properties": { "useElapsedDuration": { "type": "boolean", "description": "True if median automated stopping rule applies on Measurement.elapsed_duration. It means that elapsed_duration field of latest measurement of current Trial is used to compute median objective value for each completed Trials." } }, "type": "object", "required": [ "useElapsedDuration" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecMetricSpec": { "description": "Represents a metric to optimize.", "properties": { "goal": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecMetricSpecGoal", "description": "The optimization goal of the metric." }, "metricId": { "type": "string", "description": "The ID of the metric. Must not contain whitespaces and must be unique amongst all MetricSpecs." }, "safetyConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecMetricSpecSafetyMetricConfig", "description": "Used for safe search. In the case, the metric will be a safety metric. You must provide a separate metric for objective metric." } }, "type": "object", "required": [ "goal", "metricId" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecMetricSpecGoal": { "description": "Required. The optimization goal of the metric.", "type": "string", "enum": [ { "name": "GoalTypeUnspecified", "description": "Goal Type will default to maximize.", "value": "GOAL_TYPE_UNSPECIFIED" }, { "name": "Maximize", "description": "Maximize the goal metric.", "value": "MAXIMIZE" }, { "name": "Minimize", "description": "Minimize the goal metric.", "value": "MINIMIZE" } ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecMetricSpecResponse": { "description": "Represents a metric to optimize.", "properties": { "goal": { "type": "string", "description": "The optimization goal of the metric." }, "metricId": { "type": "string", "description": "The ID of the metric. Must not contain whitespaces and must be unique amongst all MetricSpecs." }, "safetyConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecMetricSpecSafetyMetricConfigResponse", "description": "Used for safe search. In the case, the metric will be a safety metric. You must provide a separate metric for objective metric." } }, "type": "object", "required": [ "goal", "metricId", "safetyConfig" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecMetricSpecSafetyMetricConfig": { "description": "Used in safe optimization to specify threshold levels and risk tolerance.", "properties": { "desiredMinSafeTrialsFraction": { "type": "number", "description": "Desired minimum fraction of safe trials (over total number of trials) that should be targeted by the algorithm at any time during the study (best effort). This should be between 0.0 and 1.0 and a value of 0.0 means that there is no minimum and an algorithm proceeds without targeting any specific fraction. A value of 1.0 means that the algorithm attempts to only Suggest safe Trials." }, "safetyThreshold": { "type": "number", "description": "Safety threshold (boundary value between safe and unsafe). NOTE that if you leave SafetyMetricConfig unset, a default value of 0 will be used." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecMetricSpecSafetyMetricConfigResponse": { "description": "Used in safe optimization to specify threshold levels and risk tolerance.", "properties": { "desiredMinSafeTrialsFraction": { "type": "number", "description": "Desired minimum fraction of safe trials (over total number of trials) that should be targeted by the algorithm at any time during the study (best effort). This should be between 0.0 and 1.0 and a value of 0.0 means that there is no minimum and an algorithm proceeds without targeting any specific fraction. A value of 1.0 means that the algorithm attempts to only Suggest safe Trials." }, "safetyThreshold": { "type": "number", "description": "Safety threshold (boundary value between safe and unsafe). NOTE that if you leave SafetyMetricConfig unset, a default value of 0 will be used." } }, "type": "object", "required": [ "desiredMinSafeTrialsFraction", "safetyThreshold" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecObservationNoise": { "description": "The observation noise level of the study. Currently only supported by the Vertex AI Vizier service. Not supported by HyperparameterTuningJob or TrainingPipeline.", "type": "string", "enum": [ { "name": "ObservationNoiseUnspecified", "description": "The default noise level chosen by Vertex AI.", "value": "OBSERVATION_NOISE_UNSPECIFIED" }, { "name": "Low", "description": "Vertex AI assumes that the objective function is (nearly) perfectly reproducible, and will never repeat the same Trial parameters.", "value": "LOW" }, { "name": "High", "description": "Vertex AI will estimate the amount of noise in metric evaluations, it may repeat the same Trial parameters more than once.", "value": "HIGH" } ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecParameterSpec": { "description": "Represents a single parameter to optimize.", "properties": { "categoricalValueSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecParameterSpecCategoricalValueSpec", "description": "The value spec for a 'CATEGORICAL' parameter." }, "conditionalParameterSpecs": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpec" }, "description": "A conditional parameter node is active if the parameter's value matches the conditional node's parent_value_condition. If two items in conditional_parameter_specs have the same name, they must have disjoint parent_value_condition." }, "discreteValueSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecParameterSpecDiscreteValueSpec", "description": "The value spec for a 'DISCRETE' parameter." }, "doubleValueSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecParameterSpecDoubleValueSpec", "description": "The value spec for a 'DOUBLE' parameter." }, "integerValueSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecParameterSpecIntegerValueSpec", "description": "The value spec for an 'INTEGER' parameter." }, "parameterId": { "type": "string", "description": "The ID of the parameter. Must not contain whitespaces and must be unique amongst all ParameterSpecs." }, "scaleType": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecParameterSpecScaleType", "description": "How the parameter should be scaled. Leave unset for `CATEGORICAL` parameters." } }, "type": "object", "required": [ "parameterId" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecParameterSpecCategoricalValueSpec": { "description": "Value specification for a parameter in `CATEGORICAL` type.", "properties": { "defaultValue": { "type": "string", "description": "A default value for a `CATEGORICAL` parameter that is assumed to be a relatively good starting point. Unset value signals that there is no offered starting point. Currently only supported by the Vertex AI Vizier service. Not supported by HyperparameterTuningJob or TrainingPipeline." }, "values": { "type": "array", "items": { "type": "string" }, "description": "The list of possible categories." } }, "type": "object", "required": [ "values" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecParameterSpecCategoricalValueSpecResponse": { "description": "Value specification for a parameter in `CATEGORICAL` type.", "properties": { "defaultValue": { "type": "string", "description": "A default value for a `CATEGORICAL` parameter that is assumed to be a relatively good starting point. Unset value signals that there is no offered starting point. Currently only supported by the Vertex AI Vizier service. Not supported by HyperparameterTuningJob or TrainingPipeline." }, "values": { "type": "array", "items": { "type": "string" }, "description": "The list of possible categories." } }, "type": "object", "required": [ "defaultValue", "values" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpec": { "description": "Represents a parameter spec with condition from its parent parameter.", "properties": { "parameterSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecParameterSpec", "description": "The spec for a conditional parameter." }, "parentCategoricalValues": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecCategoricalValueCondition", "description": "The spec for matching values from a parent parameter of `CATEGORICAL` type." }, "parentDiscreteValues": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecDiscreteValueCondition", "description": "The spec for matching values from a parent parameter of `DISCRETE` type." }, "parentIntValues": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecIntValueCondition", "description": "The spec for matching values from a parent parameter of `INTEGER` type." } }, "type": "object", "required": [ "parameterSpec" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecCategoricalValueCondition": { "description": "Represents the spec to match categorical values from parent parameter.", "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "Matches values of the parent parameter of 'CATEGORICAL' type. All values must exist in `categorical_value_spec` of parent parameter." } }, "type": "object", "required": [ "values" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecCategoricalValueConditionResponse": { "description": "Represents the spec to match categorical values from parent parameter.", "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "Matches values of the parent parameter of 'CATEGORICAL' type. All values must exist in `categorical_value_spec` of parent parameter." } }, "type": "object", "required": [ "values" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecDiscreteValueCondition": { "description": "Represents the spec to match discrete values from parent parameter.", "properties": { "values": { "type": "array", "items": { "type": "number" }, "description": "Matches values of the parent parameter of 'DISCRETE' type. All values must exist in `discrete_value_spec` of parent parameter. The Epsilon of the value matching is 1e-10." } }, "type": "object", "required": [ "values" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecDiscreteValueConditionResponse": { "description": "Represents the spec to match discrete values from parent parameter.", "properties": { "values": { "type": "array", "items": { "type": "number" }, "description": "Matches values of the parent parameter of 'DISCRETE' type. All values must exist in `discrete_value_spec` of parent parameter. The Epsilon of the value matching is 1e-10." } }, "type": "object", "required": [ "values" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecIntValueCondition": { "description": "Represents the spec to match integer values from parent parameter.", "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "Matches values of the parent parameter of 'INTEGER' type. All values must lie in `integer_value_spec` of parent parameter." } }, "type": "object", "required": [ "values" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecIntValueConditionResponse": { "description": "Represents the spec to match integer values from parent parameter.", "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "Matches values of the parent parameter of 'INTEGER' type. All values must lie in `integer_value_spec` of parent parameter." } }, "type": "object", "required": [ "values" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecResponse": { "description": "Represents a parameter spec with condition from its parent parameter.", "properties": { "parameterSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecParameterSpecResponse", "description": "The spec for a conditional parameter." }, "parentCategoricalValues": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecCategoricalValueConditionResponse", "description": "The spec for matching values from a parent parameter of `CATEGORICAL` type." }, "parentDiscreteValues": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecDiscreteValueConditionResponse", "description": "The spec for matching values from a parent parameter of `DISCRETE` type." }, "parentIntValues": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecIntValueConditionResponse", "description": "The spec for matching values from a parent parameter of `INTEGER` type." } }, "type": "object", "required": [ "parameterSpec", "parentCategoricalValues", "parentDiscreteValues", "parentIntValues" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecParameterSpecDiscreteValueSpec": { "description": "Value specification for a parameter in `DISCRETE` type.", "properties": { "defaultValue": { "type": "number", "description": "A default value for a `DISCRETE` parameter that is assumed to be a relatively good starting point. Unset value signals that there is no offered starting point. It automatically rounds to the nearest feasible discrete point. Currently only supported by the Vertex AI Vizier service. Not supported by HyperparameterTuningJob or TrainingPipeline." }, "values": { "type": "array", "items": { "type": "number" }, "description": "A list of possible values. The list should be in increasing order and at least 1e-10 apart. For instance, this parameter might have possible settings of 1.5, 2.5, and 4.0. This list should not contain more than 1,000 values." } }, "type": "object", "required": [ "values" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecParameterSpecDiscreteValueSpecResponse": { "description": "Value specification for a parameter in `DISCRETE` type.", "properties": { "defaultValue": { "type": "number", "description": "A default value for a `DISCRETE` parameter that is assumed to be a relatively good starting point. Unset value signals that there is no offered starting point. It automatically rounds to the nearest feasible discrete point. Currently only supported by the Vertex AI Vizier service. Not supported by HyperparameterTuningJob or TrainingPipeline." }, "values": { "type": "array", "items": { "type": "number" }, "description": "A list of possible values. The list should be in increasing order and at least 1e-10 apart. For instance, this parameter might have possible settings of 1.5, 2.5, and 4.0. This list should not contain more than 1,000 values." } }, "type": "object", "required": [ "defaultValue", "values" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecParameterSpecDoubleValueSpec": { "description": "Value specification for a parameter in `DOUBLE` type.", "properties": { "defaultValue": { "type": "number", "description": "A default value for a `DOUBLE` parameter that is assumed to be a relatively good starting point. Unset value signals that there is no offered starting point. Currently only supported by the Vertex AI Vizier service. Not supported by HyperparameterTuningJob or TrainingPipeline." }, "maxValue": { "type": "number", "description": "Inclusive maximum value of the parameter." }, "minValue": { "type": "number", "description": "Inclusive minimum value of the parameter." } }, "type": "object", "required": [ "maxValue", "minValue" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecParameterSpecDoubleValueSpecResponse": { "description": "Value specification for a parameter in `DOUBLE` type.", "properties": { "defaultValue": { "type": "number", "description": "A default value for a `DOUBLE` parameter that is assumed to be a relatively good starting point. Unset value signals that there is no offered starting point. Currently only supported by the Vertex AI Vizier service. Not supported by HyperparameterTuningJob or TrainingPipeline." }, "maxValue": { "type": "number", "description": "Inclusive maximum value of the parameter." }, "minValue": { "type": "number", "description": "Inclusive minimum value of the parameter." } }, "type": "object", "required": [ "defaultValue", "maxValue", "minValue" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecParameterSpecIntegerValueSpec": { "description": "Value specification for a parameter in `INTEGER` type.", "properties": { "defaultValue": { "type": "string", "description": "A default value for an `INTEGER` parameter that is assumed to be a relatively good starting point. Unset value signals that there is no offered starting point. Currently only supported by the Vertex AI Vizier service. Not supported by HyperparameterTuningJob or TrainingPipeline." }, "maxValue": { "type": "string", "description": "Inclusive maximum value of the parameter." }, "minValue": { "type": "string", "description": "Inclusive minimum value of the parameter." } }, "type": "object", "required": [ "maxValue", "minValue" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecParameterSpecIntegerValueSpecResponse": { "description": "Value specification for a parameter in `INTEGER` type.", "properties": { "defaultValue": { "type": "string", "description": "A default value for an `INTEGER` parameter that is assumed to be a relatively good starting point. Unset value signals that there is no offered starting point. Currently only supported by the Vertex AI Vizier service. Not supported by HyperparameterTuningJob or TrainingPipeline." }, "maxValue": { "type": "string", "description": "Inclusive maximum value of the parameter." }, "minValue": { "type": "string", "description": "Inclusive minimum value of the parameter." } }, "type": "object", "required": [ "defaultValue", "maxValue", "minValue" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecParameterSpecResponse": { "description": "Represents a single parameter to optimize.", "properties": { "categoricalValueSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecParameterSpecCategoricalValueSpecResponse", "description": "The value spec for a 'CATEGORICAL' parameter." }, "conditionalParameterSpecs": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecParameterSpecConditionalParameterSpecResponse" }, "description": "A conditional parameter node is active if the parameter's value matches the conditional node's parent_value_condition. If two items in conditional_parameter_specs have the same name, they must have disjoint parent_value_condition." }, "discreteValueSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecParameterSpecDiscreteValueSpecResponse", "description": "The value spec for a 'DISCRETE' parameter." }, "doubleValueSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecParameterSpecDoubleValueSpecResponse", "description": "The value spec for a 'DOUBLE' parameter." }, "integerValueSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecParameterSpecIntegerValueSpecResponse", "description": "The value spec for an 'INTEGER' parameter." }, "parameterId": { "type": "string", "description": "The ID of the parameter. Must not contain whitespaces and must be unique amongst all ParameterSpecs." }, "scaleType": { "type": "string", "description": "How the parameter should be scaled. Leave unset for `CATEGORICAL` parameters." } }, "type": "object", "required": [ "categoricalValueSpec", "conditionalParameterSpecs", "discreteValueSpec", "doubleValueSpec", "integerValueSpec", "parameterId", "scaleType" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecParameterSpecScaleType": { "description": "How the parameter should be scaled. Leave unset for `CATEGORICAL` parameters.", "type": "string", "enum": [ { "name": "ScaleTypeUnspecified", "description": "By default, no scaling is applied.", "value": "SCALE_TYPE_UNSPECIFIED" }, { "name": "UnitLinearScale", "description": "Scales the feasible space to (0, 1) linearly.", "value": "UNIT_LINEAR_SCALE" }, { "name": "UnitLogScale", "description": "Scales the feasible space logarithmically to (0, 1). The entire feasible space must be strictly positive.", "value": "UNIT_LOG_SCALE" }, { "name": "UnitReverseLogScale", "description": "Scales the feasible space \"reverse\" logarithmically to (0, 1). The result is that values close to the top of the feasible space are spread out more than points near the bottom. The entire feasible space must be strictly positive.", "value": "UNIT_REVERSE_LOG_SCALE" } ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecResponse": { "description": "Represents specification of a Study.", "properties": { "algorithm": { "type": "string", "description": "The search algorithm specified for the Study." }, "convexAutomatedStoppingSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecConvexAutomatedStoppingSpecResponse", "description": "The automated early stopping spec using convex stopping rule." }, "decayCurveStoppingSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecDecayCurveAutomatedStoppingSpecResponse", "description": "The automated early stopping spec using decay curve rule." }, "measurementSelectionType": { "type": "string", "description": "Describe which measurement selection type will be used" }, "medianAutomatedStoppingSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecMedianAutomatedStoppingSpecResponse", "description": "The automated early stopping spec using median rule." }, "metrics": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecMetricSpecResponse" }, "description": "Metric specs for the Study." }, "observationNoise": { "type": "string", "description": "The observation noise level of the study. Currently only supported by the Vertex AI Vizier service. Not supported by HyperparameterTuningJob or TrainingPipeline." }, "parameters": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecParameterSpecResponse" }, "description": "The set of parameters to tune." }, "studyStoppingConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudySpecStudyStoppingConfigResponse", "description": "Conditions for automated stopping of a Study. Enable automated stopping by configuring at least one condition." } }, "type": "object", "required": [ "algorithm", "convexAutomatedStoppingSpec", "decayCurveStoppingSpec", "measurementSelectionType", "medianAutomatedStoppingSpec", "metrics", "observationNoise", "parameters", "studyStoppingConfig" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecStudyStoppingConfig": { "description": "The configuration (stopping conditions) for automated stopping of a Study. Conditions include trial budgets, time budgets, and convergence detection.", "properties": { "maxDurationNoProgress": { "type": "string", "description": "If the objective value has not improved for this much time, stop the study. WARNING: Effective only for single-objective studies." }, "maxNumTrials": { "type": "integer", "description": "If there are more than this many trials, stop the study." }, "maxNumTrialsNoProgress": { "type": "integer", "description": "If the objective value has not improved for this many consecutive trials, stop the study. WARNING: Effective only for single-objective studies." }, "maximumRuntimeConstraint": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudyTimeConstraint", "description": "If the specified time or duration has passed, stop the study." }, "minNumTrials": { "type": "integer", "description": "If there are fewer than this many COMPLETED trials, do not stop the study." }, "minimumRuntimeConstraint": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudyTimeConstraint", "description": "Each \"stopping rule\" in this proto specifies an \"if\" condition. Before Vizier would generate a new suggestion, it first checks each specified stopping rule, from top to bottom in this list. Note that the first few rules (e.g. minimum_runtime_constraint, min_num_trials) will prevent other stopping rules from being evaluated until they are met. For example, setting `min_num_trials=5` and `always_stop_after= 1 hour` means that the Study will ONLY stop after it has 5 COMPLETED trials, even if more than an hour has passed since its creation. It follows the first applicable rule (whose \"if\" condition is satisfied) to make a stopping decision. If none of the specified rules are applicable, then Vizier decides that the study should not stop. If Vizier decides that the study should stop, the study enters STOPPING state (or STOPPING_ASAP if should_stop_asap = true). IMPORTANT: The automatic study state transition happens precisely as described above; that is, deleting trials or updating StudyConfig NEVER automatically moves the study state back to ACTIVE. If you want to _resume_ a Study that was stopped, 1) change the stopping conditions if necessary, 2) activate the study, and then 3) ask for suggestions. If the specified time or duration has not passed, do not stop the study." }, "shouldStopAsap": { "type": "boolean", "description": "If true, a Study enters STOPPING_ASAP whenever it would normally enters STOPPING state. The bottom line is: set to true if you want to interrupt on-going evaluations of Trials as soon as the study stopping condition is met. (Please see Study.State documentation for the source of truth)." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudySpecStudyStoppingConfigResponse": { "description": "The configuration (stopping conditions) for automated stopping of a Study. Conditions include trial budgets, time budgets, and convergence detection.", "properties": { "maxDurationNoProgress": { "type": "string", "description": "If the objective value has not improved for this much time, stop the study. WARNING: Effective only for single-objective studies." }, "maxNumTrials": { "type": "integer", "description": "If there are more than this many trials, stop the study." }, "maxNumTrialsNoProgress": { "type": "integer", "description": "If the objective value has not improved for this many consecutive trials, stop the study. WARNING: Effective only for single-objective studies." }, "maximumRuntimeConstraint": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudyTimeConstraintResponse", "description": "If the specified time or duration has passed, stop the study." }, "minNumTrials": { "type": "integer", "description": "If there are fewer than this many COMPLETED trials, do not stop the study." }, "minimumRuntimeConstraint": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1StudyTimeConstraintResponse", "description": "Each \"stopping rule\" in this proto specifies an \"if\" condition. Before Vizier would generate a new suggestion, it first checks each specified stopping rule, from top to bottom in this list. Note that the first few rules (e.g. minimum_runtime_constraint, min_num_trials) will prevent other stopping rules from being evaluated until they are met. For example, setting `min_num_trials=5` and `always_stop_after= 1 hour` means that the Study will ONLY stop after it has 5 COMPLETED trials, even if more than an hour has passed since its creation. It follows the first applicable rule (whose \"if\" condition is satisfied) to make a stopping decision. If none of the specified rules are applicable, then Vizier decides that the study should not stop. If Vizier decides that the study should stop, the study enters STOPPING state (or STOPPING_ASAP if should_stop_asap = true). IMPORTANT: The automatic study state transition happens precisely as described above; that is, deleting trials or updating StudyConfig NEVER automatically moves the study state back to ACTIVE. If you want to _resume_ a Study that was stopped, 1) change the stopping conditions if necessary, 2) activate the study, and then 3) ask for suggestions. If the specified time or duration has not passed, do not stop the study." }, "shouldStopAsap": { "type": "boolean", "description": "If true, a Study enters STOPPING_ASAP whenever it would normally enters STOPPING state. The bottom line is: set to true if you want to interrupt on-going evaluations of Trials as soon as the study stopping condition is met. (Please see Study.State documentation for the source of truth)." } }, "type": "object", "required": [ "maxDurationNoProgress", "maxNumTrials", "maxNumTrialsNoProgress", "maximumRuntimeConstraint", "minNumTrials", "minimumRuntimeConstraint", "shouldStopAsap" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudyTimeConstraint": { "description": "Time-based Constraint for Study", "properties": { "endTime": { "type": "string", "description": "Compares the wallclock time to this time. Must use UTC timezone." }, "maxDuration": { "type": "string", "description": "Counts the wallclock time passed since the creation of this Study." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1StudyTimeConstraintResponse": { "description": "Time-based Constraint for Study", "properties": { "endTime": { "type": "string", "description": "Compares the wallclock time to this time. Must use UTC timezone." }, "maxDuration": { "type": "string", "description": "Counts the wallclock time passed since the creation of this Study." } }, "type": "object", "required": [ "endTime", "maxDuration" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1TensorboardTimeSeriesMetadataResponse": { "description": "Describes metadata for a TensorboardTimeSeries.", "properties": { "maxBlobSequenceLength": { "type": "string", "description": "The largest blob sequence length (number of blobs) of all data points in this time series, if its ValueType is BLOB_SEQUENCE." }, "maxStep": { "type": "string", "description": "Max step index of all data points within a TensorboardTimeSeries." }, "maxWallTime": { "type": "string", "description": "Max wall clock timestamp of all data points within a TensorboardTimeSeries." } }, "type": "object", "required": [ "maxBlobSequenceLength", "maxStep", "maxWallTime" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ThresholdConfig": { "description": "The config for feature monitoring threshold.", "properties": { "value": { "type": "number", "description": "Specify a threshold value that can trigger the alert. If this threshold config is for feature distribution distance: 1. For categorical feature, the distribution distance is calculated by L-inifinity norm. 2. For numerical feature, the distribution distance is calculated by Jensen–Shannon divergence. Each feature must have a non-zero threshold if they need to be monitored. Otherwise no alert will be triggered for that feature." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1ThresholdConfigResponse": { "description": "The config for feature monitoring threshold.", "properties": { "value": { "type": "number", "description": "Specify a threshold value that can trigger the alert. If this threshold config is for feature distribution distance: 1. For categorical feature, the distribution distance is calculated by L-inifinity norm. 2. For numerical feature, the distribution distance is calculated by Jensen–Shannon divergence. Each feature must have a non-zero threshold if they need to be monitored. Otherwise no alert will be triggered for that feature." } }, "type": "object", "required": [ "value" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1TimestampSplit": { "description": "Assigns input data to training, validation, and test sets based on a provided timestamps. The youngest data pieces are assigned to training set, next to validation set, and the oldest to the test set. Supported only for tabular Datasets.", "properties": { "key": { "type": "string", "description": "The key is a name of one of the Dataset's data columns. The values of the key (the values in the column) must be in RFC 3339 `date-time` format, where `time-offset` = `\"Z\"` (e.g. 1985-04-12T23:20:50.52Z). If for a piece of data the key is not present or has an invalid value, that piece is ignored by the pipeline." }, "testFraction": { "type": "number", "description": "The fraction of the input data that is to be used to evaluate the Model." }, "trainingFraction": { "type": "number", "description": "The fraction of the input data that is to be used to train the Model." }, "validationFraction": { "type": "number", "description": "The fraction of the input data that is to be used to validate the Model." } }, "type": "object", "required": [ "key" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1TimestampSplitResponse": { "description": "Assigns input data to training, validation, and test sets based on a provided timestamps. The youngest data pieces are assigned to training set, next to validation set, and the oldest to the test set. Supported only for tabular Datasets.", "properties": { "key": { "type": "string", "description": "The key is a name of one of the Dataset's data columns. The values of the key (the values in the column) must be in RFC 3339 `date-time` format, where `time-offset` = `\"Z\"` (e.g. 1985-04-12T23:20:50.52Z). If for a piece of data the key is not present or has an invalid value, that piece is ignored by the pipeline." }, "testFraction": { "type": "number", "description": "The fraction of the input data that is to be used to evaluate the Model." }, "trainingFraction": { "type": "number", "description": "The fraction of the input data that is to be used to train the Model." }, "validationFraction": { "type": "number", "description": "The fraction of the input data that is to be used to validate the Model." } }, "type": "object", "required": [ "key", "testFraction", "trainingFraction", "validationFraction" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1TrainingConfig": { "description": "CMLE training config. For every active learning labeling iteration, system will train a machine learning model on CMLE. The trained model will be used by data sampling algorithm to select DataItems.", "properties": { "timeoutTrainingMilliHours": { "type": "string", "description": "The timeout hours for the CMLE training job, expressed in milli hours i.e. 1,000 value in this field means 1 hour." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1TrainingConfigResponse": { "description": "CMLE training config. For every active learning labeling iteration, system will train a machine learning model on CMLE. The trained model will be used by data sampling algorithm to select DataItems.", "properties": { "timeoutTrainingMilliHours": { "type": "string", "description": "The timeout hours for the CMLE training job, expressed in milli hours i.e. 1,000 value in this field means 1 hour." } }, "type": "object", "required": [ "timeoutTrainingMilliHours" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1TrialParameterResponse": { "description": "A message representing a parameter to be tuned.", "properties": { "parameterId": { "type": "string", "description": "The ID of the parameter. The parameter should be defined in StudySpec's Parameters." }, "value": { "$ref": "pulumi.json#/Any", "description": "The value of the parameter. `number_value` will be set if a parameter defined in StudySpec is in type 'INTEGER', 'DOUBLE' or 'DISCRETE'. `string_value` will be set if a parameter defined in StudySpec is in type 'CATEGORICAL'." } }, "type": "object", "required": [ "parameterId", "value" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1TrialResponse": { "description": "A message representing a Trial. A Trial contains a unique set of Parameters that has been or will be evaluated, along with the objective metrics got by running the Trial.", "properties": { "clientId": { "type": "string", "description": "The identifier of the client that originally requested this Trial. Each client is identified by a unique client_id. When a client asks for a suggestion, Vertex AI Vizier will assign it a Trial. The client should evaluate the Trial, complete it, and report back to Vertex AI Vizier. If suggestion is asked again by same client_id before the Trial is completed, the same Trial will be returned. Multiple clients with different client_ids can ask for suggestions simultaneously, each of them will get their own Trial." }, "customJob": { "type": "string", "description": "The CustomJob name linked to the Trial. It's set for a HyperparameterTuningJob's Trial." }, "endTime": { "type": "string", "description": "Time when the Trial's status changed to `SUCCEEDED` or `INFEASIBLE`." }, "finalMeasurement": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1MeasurementResponse", "description": "The final measurement containing the objective value." }, "infeasibleReason": { "type": "string", "description": "A human readable string describing why the Trial is infeasible. This is set only if Trial state is `INFEASIBLE`." }, "measurements": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1MeasurementResponse" }, "description": "A list of measurements that are strictly lexicographically ordered by their induced tuples (steps, elapsed_duration). These are used for early stopping computations." }, "name": { "type": "string", "description": "Resource name of the Trial assigned by the service." }, "parameters": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1TrialParameterResponse" }, "description": "The parameters of the Trial." }, "startTime": { "type": "string", "description": "Time when the Trial was started." }, "state": { "type": "string", "description": "The detailed state of the Trial." }, "webAccessUris": { "type": "object", "additionalProperties": { "type": "string" }, "description": "URIs for accessing [interactive shells](https://cloud.google.com/vertex-ai/docs/training/monitor-debug-interactive-shell) (one URI for each training node). Only available if this trial is part of a HyperparameterTuningJob and the job's trial_job_spec.enable_web_access field is `true`. The keys are names of each node used for the trial; for example, `workerpool0-0` for the primary node, `workerpool1-0` for the first node in the second worker pool, and `workerpool1-1` for the second node in the second worker pool. The values are the URIs for each node's interactive shell." } }, "type": "object", "required": [ "clientId", "customJob", "endTime", "finalMeasurement", "infeasibleReason", "measurements", "name", "parameters", "startTime", "state", "webAccessUris" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1UnmanagedContainerModel": { "description": "Contains model information necessary to perform batch prediction without requiring a full model import.", "properties": { "artifactUri": { "type": "string", "description": "The path to the directory containing the Model artifact and any of its supporting files." }, "containerSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ModelContainerSpec", "description": "Input only. The specification of the container that is to be used when deploying this Model." }, "predictSchemata": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1PredictSchemata", "description": "Contains the schemata used in Model's predictions and explanations" } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1UnmanagedContainerModelResponse": { "description": "Contains model information necessary to perform batch prediction without requiring a full model import.", "properties": { "artifactUri": { "type": "string", "description": "The path to the directory containing the Model artifact and any of its supporting files." }, "containerSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ModelContainerSpecResponse", "description": "Input only. The specification of the container that is to be used when deploying this Model." }, "predictSchemata": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1PredictSchemataResponse", "description": "Contains the schemata used in Model's predictions and explanations" } }, "type": "object", "required": [ "artifactUri", "containerSpec", "predictSchemata" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1WorkerPoolSpec": { "description": "Represents the spec of a worker pool in a job.", "properties": { "containerSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ContainerSpec", "description": "The custom container task." }, "diskSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1DiskSpec", "description": "Disk spec." }, "machineSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1MachineSpec", "description": "Optional. Immutable. The specification of a single machine." }, "nfsMounts": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1NfsMount" }, "description": "Optional. List of NFS mount spec." }, "pythonPackageSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1PythonPackageSpec", "description": "The Python packaged task." }, "replicaCount": { "type": "string", "description": "Optional. The number of worker replicas to use for this worker pool." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1WorkerPoolSpecResponse": { "description": "Represents the spec of a worker pool in a job.", "properties": { "containerSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1ContainerSpecResponse", "description": "The custom container task." }, "diskSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1DiskSpecResponse", "description": "Disk spec." }, "machineSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1MachineSpecResponse", "description": "Optional. Immutable. The specification of a single machine." }, "nfsMounts": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1NfsMountResponse" }, "description": "Optional. List of NFS mount spec." }, "pythonPackageSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1PythonPackageSpecResponse", "description": "The Python packaged task." }, "replicaCount": { "type": "string", "description": "Optional. The number of worker replicas to use for this worker pool." } }, "type": "object", "required": [ "containerSpec", "diskSpec", "machineSpec", "nfsMounts", "pythonPackageSpec", "replicaCount" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1XraiAttribution": { "description": "An explanation method that redistributes Integrated Gradients attributions to segmented regions, taking advantage of the model's fully differentiable structure. Refer to this paper for more details: https://arxiv.org/abs/1906.02825 Supported only by image Models.", "properties": { "blurBaselineConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1BlurBaselineConfig", "description": "Config for XRAI with blur baseline. When enabled, a linear path from the maximally blurred image to the input image is created. Using a blurred baseline instead of zero (black image) is motivated by the BlurIG approach explained here: https://arxiv.org/abs/2004.03383" }, "smoothGradConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1SmoothGradConfig", "description": "Config for SmoothGrad approximation of gradients. When enabled, the gradients are approximated by averaging the gradients from noisy samples in the vicinity of the inputs. Adding noise can help improve the computed gradients. Refer to this paper for more details: https://arxiv.org/pdf/1706.03825.pdf" }, "stepCount": { "type": "integer", "description": "The number of steps for approximating the path integral. A good value to start is 50 and gradually increase until the sum to diff property is met within the desired error range. Valid range of its value is [1, 100], inclusively." } }, "type": "object", "required": [ "stepCount" ] }, "google-native:aiplatform/v1:GoogleCloudAiplatformV1XraiAttributionResponse": { "description": "An explanation method that redistributes Integrated Gradients attributions to segmented regions, taking advantage of the model's fully differentiable structure. Refer to this paper for more details: https://arxiv.org/abs/1906.02825 Supported only by image Models.", "properties": { "blurBaselineConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1BlurBaselineConfigResponse", "description": "Config for XRAI with blur baseline. When enabled, a linear path from the maximally blurred image to the input image is created. Using a blurred baseline instead of zero (black image) is motivated by the BlurIG approach explained here: https://arxiv.org/abs/2004.03383" }, "smoothGradConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleCloudAiplatformV1SmoothGradConfigResponse", "description": "Config for SmoothGrad approximation of gradients. When enabled, the gradients are approximated by averaging the gradients from noisy samples in the vicinity of the inputs. Adding noise can help improve the computed gradients. Refer to this paper for more details: https://arxiv.org/pdf/1706.03825.pdf" }, "stepCount": { "type": "integer", "description": "The number of steps for approximating the path integral. A good value to start is 50 and gradually increase until the sum to diff property is met within the desired error range. Valid range of its value is [1, 100], inclusively." } }, "type": "object", "required": [ "blurBaselineConfig", "smoothGradConfig", "stepCount" ] }, "google-native:aiplatform/v1:GoogleIamV1Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleTypeExpr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleIamV1BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:aiplatform%2Fv1:GoogleTypeExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:aiplatform/v1:GoogleRpcStatusResponse": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object", "required": [ "code", "details", "message" ] }, "google-native:aiplatform/v1:GoogleTypeExpr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:aiplatform/v1:GoogleTypeExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:aiplatform/v1:GoogleTypeMoneyResponse": { "description": "Represents an amount of money with its currency type.", "properties": { "currencyCode": { "type": "string", "description": "The three-letter currency code defined in ISO 4217." }, "nanos": { "type": "integer", "description": "Number of nano (10^-9) units of the amount. The value must be between -999,999,999 and +999,999,999 inclusive. If `units` is positive, `nanos` must be positive or zero. If `units` is zero, `nanos` can be positive, zero, or negative. If `units` is negative, `nanos` must be negative or zero. For example $-1.75 is represented as `units`=-1 and `nanos`=-750,000,000." }, "units": { "type": "string", "description": "The whole units of the amount. For example if `currencyCode` is `\"USD\"`, then 1 unit is one US dollar." } }, "type": "object", "required": [ "currencyCode", "nanos", "units" ] }, "google-native:aiplatform/v1:IndexIndexUpdateMethod": { "description": "Immutable. The update method to use with this Index. If not set, BATCH_UPDATE will be used by default.", "type": "string", "enum": [ { "name": "IndexUpdateMethodUnspecified", "description": "Should not be used.", "value": "INDEX_UPDATE_METHOD_UNSPECIFIED" }, { "name": "BatchUpdate", "description": "BatchUpdate: user can call UpdateIndex with files on Cloud Storage of Datapoints to update.", "value": "BATCH_UPDATE" }, { "name": "StreamUpdate", "description": "StreamUpdate: user can call UpsertDatapoints/DeleteDatapoints to update the Index and the updates will be applied in corresponding DeployedIndexes in nearly real-time.", "value": "STREAM_UPDATE" } ] }, "google-native:aiplatform/v1:MetadataSchemaSchemaType": { "description": "The type of the MetadataSchema. This is a property that identifies which metadata types will use the MetadataSchema.", "type": "string", "enum": [ { "name": "MetadataSchemaTypeUnspecified", "description": "Unspecified type for the MetadataSchema.", "value": "METADATA_SCHEMA_TYPE_UNSPECIFIED" }, { "name": "ArtifactType", "description": "A type indicating that the MetadataSchema will be used by Artifacts.", "value": "ARTIFACT_TYPE" }, { "name": "ExecutionType", "description": "A typee indicating that the MetadataSchema will be used by Executions.", "value": "EXECUTION_TYPE" }, { "name": "ContextType", "description": "A state indicating that the MetadataSchema will be used by Contexts.", "value": "CONTEXT_TYPE" } ] }, "google-native:aiplatform/v1:NotebookRuntimeTemplateNotebookRuntimeType": { "description": "Optional. Immutable. The type of the notebook runtime template.", "type": "string", "enum": [ { "name": "NotebookRuntimeTypeUnspecified", "description": "Unspecified notebook runtime type, NotebookRuntimeType will default to USER_DEFINED.", "value": "NOTEBOOK_RUNTIME_TYPE_UNSPECIFIED" }, { "name": "UserDefined", "description": "runtime or template with coustomized configurations from user.", "value": "USER_DEFINED" }, { "name": "OneClick", "description": "runtime or template with system defined configurations.", "value": "ONE_CLICK" } ] }, "google-native:aiplatform/v1:TimeSeriesValueType": { "description": "Required. Immutable. Type of TensorboardTimeSeries value.", "type": "string", "enum": [ { "name": "ValueTypeUnspecified", "description": "The value type is unspecified.", "value": "VALUE_TYPE_UNSPECIFIED" }, { "name": "Scalar", "description": "Used for TensorboardTimeSeries that is a list of scalars. E.g. accuracy of a model over epochs/time.", "value": "SCALAR" }, { "name": "Tensor", "description": "Used for TensorboardTimeSeries that is a list of tensors. E.g. histograms of weights of layer in a model over epoch/time.", "value": "TENSOR" }, { "name": "BlobSequence", "description": "Used for TensorboardTimeSeries that is a list of blob sequences. E.g. set of sample images with labels over epochs/time.", "value": "BLOB_SEQUENCE" } ] }, "google-native:aiplatform/v1beta1:ArtifactState": { "description": "The state of this Artifact. This is a property of the Artifact, and does not imply or capture any ongoing process. This property is managed by clients (such as Vertex AI Pipelines), and the system does not prescribe or check the validity of state transitions.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "Unspecified state for the Artifact.", "value": "STATE_UNSPECIFIED" }, { "name": "Pending", "description": "A state used by systems like Vertex AI Pipelines to indicate that the underlying data item represented by this Artifact is being created.", "value": "PENDING" }, { "name": "Live", "description": "A state indicating that the Artifact should exist, unless something external to the system deletes it.", "value": "LIVE" } ] }, "google-native:aiplatform/v1beta1:ExecutionState": { "description": "The state of this Execution. This is a property of the Execution, and does not imply or capture any ongoing process. This property is managed by clients (such as Vertex AI Pipelines) and the system does not prescribe or check the validity of state transitions.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "Unspecified Execution state", "value": "STATE_UNSPECIFIED" }, { "name": "New", "description": "The Execution is new", "value": "NEW" }, { "name": "Running", "description": "The Execution is running", "value": "RUNNING" }, { "name": "Complete", "description": "The Execution has finished running", "value": "COMPLETE" }, { "name": "Failed", "description": "The Execution has failed", "value": "FAILED" }, { "name": "Cached", "description": "The Execution completed through Cache hit.", "value": "CACHED" }, { "name": "Cancelled", "description": "The Execution was cancelled.", "value": "CANCELLED" } ] }, "google-native:aiplatform/v1beta1:FeatureGroupFeatureValueType": { "description": "Immutable. Only applicable for Vertex AI Feature Store (Legacy). Type of Feature value.", "type": "string", "enum": [ { "name": "ValueTypeUnspecified", "description": "The value type is unspecified.", "value": "VALUE_TYPE_UNSPECIFIED" }, { "name": "Bool", "description": "Used for Feature that is a boolean.", "value": "BOOL" }, { "name": "BoolArray", "description": "Used for Feature that is a list of boolean.", "value": "BOOL_ARRAY" }, { "name": "Double", "description": "Used for Feature that is double.", "value": "DOUBLE" }, { "name": "DoubleArray", "description": "Used for Feature that is a list of double.", "value": "DOUBLE_ARRAY" }, { "name": "Int64", "description": "Used for Feature that is INT64.", "value": "INT64" }, { "name": "Int64Array", "description": "Used for Feature that is a list of INT64.", "value": "INT64_ARRAY" }, { "name": "String", "description": "Used for Feature that is string.", "value": "STRING" }, { "name": "StringArray", "description": "Used for Feature that is a list of String.", "value": "STRING_ARRAY" }, { "name": "Bytes", "description": "Used for Feature that is bytes.", "value": "BYTES" } ] }, "google-native:aiplatform/v1beta1:FeatureStoreFeatureValueType": { "description": "Immutable. Only applicable for Vertex AI Feature Store (Legacy). Type of Feature value.", "type": "string", "enum": [ { "name": "ValueTypeUnspecified", "description": "The value type is unspecified.", "value": "VALUE_TYPE_UNSPECIFIED" }, { "name": "Bool", "description": "Used for Feature that is a boolean.", "value": "BOOL" }, { "name": "BoolArray", "description": "Used for Feature that is a list of boolean.", "value": "BOOL_ARRAY" }, { "name": "Double", "description": "Used for Feature that is double.", "value": "DOUBLE" }, { "name": "DoubleArray", "description": "Used for Feature that is a list of double.", "value": "DOUBLE_ARRAY" }, { "name": "Int64", "description": "Used for Feature that is INT64.", "value": "INT64" }, { "name": "Int64Array", "description": "Used for Feature that is a list of INT64.", "value": "INT64_ARRAY" }, { "name": "String", "description": "Used for Feature that is string.", "value": "STRING" }, { "name": "StringArray", "description": "Used for Feature that is a list of String.", "value": "STRING_ARRAY" }, { "name": "Bytes", "description": "Used for Feature that is bytes.", "value": "BYTES" } ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ActiveLearningConfig": { "description": "Parameters that configure the active learning pipeline. Active learning will label the data incrementally by several iterations. For every iteration, it will select a batch of data based on the sampling strategy.", "properties": { "maxDataItemCount": { "type": "string", "description": "Max number of human labeled DataItems." }, "maxDataItemPercentage": { "type": "integer", "description": "Max percent of total DataItems for human labeling." }, "sampleConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1SampleConfig", "description": "Active learning data sampling config. For every active learning labeling iteration, it will select a batch of data based on the sampling strategy." }, "trainingConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1TrainingConfig", "description": "CMLE training config. For every active learning labeling iteration, system will train a machine learning model on CMLE. The trained model will be used by data sampling algorithm to select DataItems." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ActiveLearningConfigResponse": { "description": "Parameters that configure the active learning pipeline. Active learning will label the data incrementally by several iterations. For every iteration, it will select a batch of data based on the sampling strategy.", "properties": { "maxDataItemCount": { "type": "string", "description": "Max number of human labeled DataItems." }, "maxDataItemPercentage": { "type": "integer", "description": "Max percent of total DataItems for human labeling." }, "sampleConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1SampleConfigResponse", "description": "Active learning data sampling config. For every active learning labeling iteration, it will select a batch of data based on the sampling strategy." }, "trainingConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1TrainingConfigResponse", "description": "CMLE training config. For every active learning labeling iteration, system will train a machine learning model on CMLE. The trained model will be used by data sampling algorithm to select DataItems." } }, "type": "object", "required": [ "maxDataItemCount", "maxDataItemPercentage", "sampleConfig", "trainingConfig" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1AutomaticResourcesResponse": { "description": "A description of resources that to large degree are decided by Vertex AI, and require only a modest additional configuration. Each Model supporting these resources documents its specific guidelines.", "properties": { "maxReplicaCount": { "type": "integer", "description": "Immutable. The maximum number of replicas this DeployedModel may be deployed on when the traffic against it increases. If the requested value is too large, the deployment will error, but if deployment succeeds then the ability to scale the model to that many replicas is guaranteed (barring service outages). If traffic against the DeployedModel increases beyond what its replicas at maximum may handle, a portion of the traffic will be dropped. If this value is not provided, a no upper bound for scaling under heavy traffic will be assume, though Vertex AI may be unable to scale beyond certain replica number." }, "minReplicaCount": { "type": "integer", "description": "Immutable. The minimum number of replicas this DeployedModel will be always deployed on. If traffic against it increases, it may dynamically be deployed onto more replicas up to max_replica_count, and as traffic decreases, some of these extra replicas may be freed. If the requested value is too large, the deployment will error." } }, "type": "object", "required": [ "maxReplicaCount", "minReplicaCount" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1AutoscalingMetricSpec": { "description": "The metric specification that defines the target resource utilization (CPU utilization, accelerator's duty cycle, and so on) for calculating the desired replica count.", "properties": { "metricName": { "type": "string", "description": "The resource metric name. Supported metrics: * For Online Prediction: * `aiplatform.googleapis.com/prediction/online/accelerator/duty_cycle` * `aiplatform.googleapis.com/prediction/online/cpu/utilization`" }, "target": { "type": "integer", "description": "The target resource utilization in percentage (1% - 100%) for the given metric; once the real usage deviates from the target by a certain percentage, the machine replicas change. The default value is 60 (representing 60%) if not provided." } }, "type": "object", "required": [ "metricName" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1AutoscalingMetricSpecResponse": { "description": "The metric specification that defines the target resource utilization (CPU utilization, accelerator's duty cycle, and so on) for calculating the desired replica count.", "properties": { "metricName": { "type": "string", "description": "The resource metric name. Supported metrics: * For Online Prediction: * `aiplatform.googleapis.com/prediction/online/accelerator/duty_cycle` * `aiplatform.googleapis.com/prediction/online/cpu/utilization`" }, "target": { "type": "integer", "description": "The target resource utilization in percentage (1% - 100%) for the given metric; once the real usage deviates from the target by a certain percentage, the machine replicas change. The default value is 60 (representing 60%) if not provided." } }, "type": "object", "required": [ "metricName", "target" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1BatchDedicatedResources": { "description": "A description of resources that are used for performing batch operations, are dedicated to a Model, and need manual configuration.", "properties": { "machineSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1MachineSpec", "description": "Immutable. The specification of a single machine." }, "maxReplicaCount": { "type": "integer", "description": "Immutable. The maximum number of machine replicas the batch operation may be scaled to. The default value is 10." }, "startingReplicaCount": { "type": "integer", "description": "Immutable. The number of machine replicas used at the start of the batch operation. If not set, Vertex AI decides starting number, not greater than max_replica_count" } }, "type": "object", "required": [ "machineSpec" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1BatchDedicatedResourcesResponse": { "description": "A description of resources that are used for performing batch operations, are dedicated to a Model, and need manual configuration.", "properties": { "machineSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1MachineSpecResponse", "description": "Immutable. The specification of a single machine." }, "maxReplicaCount": { "type": "integer", "description": "Immutable. The maximum number of machine replicas the batch operation may be scaled to. The default value is 10." }, "startingReplicaCount": { "type": "integer", "description": "Immutable. The number of machine replicas used at the start of the batch operation. If not set, Vertex AI decides starting number, not greater than max_replica_count" } }, "type": "object", "required": [ "machineSpec", "maxReplicaCount", "startingReplicaCount" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1BatchPredictionJobInputConfig": { "description": "Configures the input to BatchPredictionJob. See Model.supported_input_storage_formats for Model's supported input formats, and how instances should be expressed via any of them.", "properties": { "bigquerySource": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1BigQuerySource", "description": "The BigQuery location of the input table. The schema of the table should be in the format described by the given context OpenAPI Schema, if one is provided. The table may contain additional columns that are not described by the schema, and they will be ignored." }, "gcsSource": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1GcsSource", "description": "The Cloud Storage location for the input instances." }, "instancesFormat": { "type": "string", "description": "The format in which instances are given, must be one of the Model's supported_input_storage_formats." } }, "type": "object", "required": [ "instancesFormat" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1BatchPredictionJobInputConfigResponse": { "description": "Configures the input to BatchPredictionJob. See Model.supported_input_storage_formats for Model's supported input formats, and how instances should be expressed via any of them.", "properties": { "bigquerySource": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1BigQuerySourceResponse", "description": "The BigQuery location of the input table. The schema of the table should be in the format described by the given context OpenAPI Schema, if one is provided. The table may contain additional columns that are not described by the schema, and they will be ignored." }, "gcsSource": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1GcsSourceResponse", "description": "The Cloud Storage location for the input instances." }, "instancesFormat": { "type": "string", "description": "The format in which instances are given, must be one of the Model's supported_input_storage_formats." } }, "type": "object", "required": [ "bigquerySource", "gcsSource", "instancesFormat" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1BatchPredictionJobInstanceConfig": { "description": "Configuration defining how to transform batch prediction input instances to the instances that the Model accepts.", "properties": { "excludedFields": { "type": "array", "items": { "type": "string" }, "description": "Fields that will be excluded in the prediction instance that is sent to the Model. Excluded will be attached to the batch prediction output if key_field is not specified. When excluded_fields is populated, included_fields must be empty. The input must be JSONL with objects at each line, CSV, BigQuery or TfRecord." }, "includedFields": { "type": "array", "items": { "type": "string" }, "description": "Fields that will be included in the prediction instance that is sent to the Model. If instance_type is `array`, the order of field names in included_fields also determines the order of the values in the array. When included_fields is populated, excluded_fields must be empty. The input must be JSONL with objects at each line, CSV, BigQuery or TfRecord." }, "instanceType": { "type": "string", "description": "The format of the instance that the Model accepts. Vertex AI will convert compatible batch prediction input instance formats to the specified format. Supported values are: * `object`: Each input is converted to JSON object format. * For `bigquery`, each row is converted to an object. * For `jsonl`, each line of the JSONL input must be an object. * Does not apply to `csv`, `file-list`, `tf-record`, or `tf-record-gzip`. * `array`: Each input is converted to JSON array format. * For `bigquery`, each row is converted to an array. The order of columns is determined by the BigQuery column order, unless included_fields is populated. included_fields must be populated for specifying field orders. * For `jsonl`, if each line of the JSONL input is an object, included_fields must be populated for specifying field orders. * Does not apply to `csv`, `file-list`, `tf-record`, or `tf-record-gzip`. If not specified, Vertex AI converts the batch prediction input as follows: * For `bigquery` and `csv`, the behavior is the same as `array`. The order of columns is the same as defined in the file or table, unless included_fields is populated. * For `jsonl`, the prediction instance format is determined by each line of the input. * For `tf-record`/`tf-record-gzip`, each record will be converted to an object in the format of `{\"b64\": }`, where `` is the Base64-encoded string of the content of the record. * For `file-list`, each file in the list will be converted to an object in the format of `{\"b64\": }`, where `` is the Base64-encoded string of the content of the file." }, "keyField": { "type": "string", "description": "The name of the field that is considered as a key. The values identified by the key field is not included in the transformed instances that is sent to the Model. This is similar to specifying this name of the field in excluded_fields. In addition, the batch prediction output will not include the instances. Instead the output will only include the value of the key field, in a field named `key` in the output: * For `jsonl` output format, the output will have a `key` field instead of the `instance` field. * For `csv`/`bigquery` output format, the output will have have a `key` column instead of the instance feature columns. The input must be JSONL with objects at each line, CSV, BigQuery or TfRecord." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1BatchPredictionJobInstanceConfigResponse": { "description": "Configuration defining how to transform batch prediction input instances to the instances that the Model accepts.", "properties": { "excludedFields": { "type": "array", "items": { "type": "string" }, "description": "Fields that will be excluded in the prediction instance that is sent to the Model. Excluded will be attached to the batch prediction output if key_field is not specified. When excluded_fields is populated, included_fields must be empty. The input must be JSONL with objects at each line, CSV, BigQuery or TfRecord." }, "includedFields": { "type": "array", "items": { "type": "string" }, "description": "Fields that will be included in the prediction instance that is sent to the Model. If instance_type is `array`, the order of field names in included_fields also determines the order of the values in the array. When included_fields is populated, excluded_fields must be empty. The input must be JSONL with objects at each line, CSV, BigQuery or TfRecord." }, "instanceType": { "type": "string", "description": "The format of the instance that the Model accepts. Vertex AI will convert compatible batch prediction input instance formats to the specified format. Supported values are: * `object`: Each input is converted to JSON object format. * For `bigquery`, each row is converted to an object. * For `jsonl`, each line of the JSONL input must be an object. * Does not apply to `csv`, `file-list`, `tf-record`, or `tf-record-gzip`. * `array`: Each input is converted to JSON array format. * For `bigquery`, each row is converted to an array. The order of columns is determined by the BigQuery column order, unless included_fields is populated. included_fields must be populated for specifying field orders. * For `jsonl`, if each line of the JSONL input is an object, included_fields must be populated for specifying field orders. * Does not apply to `csv`, `file-list`, `tf-record`, or `tf-record-gzip`. If not specified, Vertex AI converts the batch prediction input as follows: * For `bigquery` and `csv`, the behavior is the same as `array`. The order of columns is the same as defined in the file or table, unless included_fields is populated. * For `jsonl`, the prediction instance format is determined by each line of the input. * For `tf-record`/`tf-record-gzip`, each record will be converted to an object in the format of `{\"b64\": }`, where `` is the Base64-encoded string of the content of the record. * For `file-list`, each file in the list will be converted to an object in the format of `{\"b64\": }`, where `` is the Base64-encoded string of the content of the file." }, "keyField": { "type": "string", "description": "The name of the field that is considered as a key. The values identified by the key field is not included in the transformed instances that is sent to the Model. This is similar to specifying this name of the field in excluded_fields. In addition, the batch prediction output will not include the instances. Instead the output will only include the value of the key field, in a field named `key` in the output: * For `jsonl` output format, the output will have a `key` field instead of the `instance` field. * For `csv`/`bigquery` output format, the output will have have a `key` column instead of the instance feature columns. The input must be JSONL with objects at each line, CSV, BigQuery or TfRecord." } }, "type": "object", "required": [ "excludedFields", "includedFields", "instanceType", "keyField" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1BatchPredictionJobOutputConfig": { "description": "Configures the output of BatchPredictionJob. See Model.supported_output_storage_formats for supported output formats, and how predictions are expressed via any of them.", "properties": { "bigqueryDestination": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1BigQueryDestination", "description": "The BigQuery project or dataset location where the output is to be written to. If project is provided, a new dataset is created with name `prediction__` where is made BigQuery-dataset-name compatible (for example, most special characters become underscores), and timestamp is in YYYY_MM_DDThh_mm_ss_sssZ \"based on ISO-8601\" format. In the dataset two tables will be created, `predictions`, and `errors`. If the Model has both instance and prediction schemata defined then the tables have columns as follows: The `predictions` table contains instances for which the prediction succeeded, it has columns as per a concatenation of the Model's instance and prediction schemata. The `errors` table contains rows for which the prediction has failed, it has instance columns, as per the instance schema, followed by a single \"errors\" column, which as values has google.rpc.Status represented as a STRUCT, and containing only `code` and `message`." }, "gcsDestination": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1GcsDestination", "description": "The Cloud Storage location of the directory where the output is to be written to. In the given directory a new directory is created. Its name is `prediction--`, where timestamp is in YYYY-MM-DDThh:mm:ss.sssZ ISO-8601 format. Inside of it files `predictions_0001.`, `predictions_0002.`, ..., `predictions_N.` are created where `` depends on chosen predictions_format, and N may equal 0001 and depends on the total number of successfully predicted instances. If the Model has both instance and prediction schemata defined then each such file contains predictions as per the predictions_format. If prediction for any instance failed (partially or completely), then an additional `errors_0001.`, `errors_0002.`,..., `errors_N.` files are created (N depends on total number of failed predictions). These files contain the failed instances, as per their schema, followed by an additional `error` field which as value has google.rpc.Status containing only `code` and `message` fields." }, "predictionsFormat": { "type": "string", "description": "The format in which Vertex AI gives the predictions, must be one of the Model's supported_output_storage_formats." } }, "type": "object", "required": [ "predictionsFormat" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1BatchPredictionJobOutputConfigResponse": { "description": "Configures the output of BatchPredictionJob. See Model.supported_output_storage_formats for supported output formats, and how predictions are expressed via any of them.", "properties": { "bigqueryDestination": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1BigQueryDestinationResponse", "description": "The BigQuery project or dataset location where the output is to be written to. If project is provided, a new dataset is created with name `prediction__` where is made BigQuery-dataset-name compatible (for example, most special characters become underscores), and timestamp is in YYYY_MM_DDThh_mm_ss_sssZ \"based on ISO-8601\" format. In the dataset two tables will be created, `predictions`, and `errors`. If the Model has both instance and prediction schemata defined then the tables have columns as follows: The `predictions` table contains instances for which the prediction succeeded, it has columns as per a concatenation of the Model's instance and prediction schemata. The `errors` table contains rows for which the prediction has failed, it has instance columns, as per the instance schema, followed by a single \"errors\" column, which as values has google.rpc.Status represented as a STRUCT, and containing only `code` and `message`." }, "gcsDestination": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1GcsDestinationResponse", "description": "The Cloud Storage location of the directory where the output is to be written to. In the given directory a new directory is created. Its name is `prediction--`, where timestamp is in YYYY-MM-DDThh:mm:ss.sssZ ISO-8601 format. Inside of it files `predictions_0001.`, `predictions_0002.`, ..., `predictions_N.` are created where `` depends on chosen predictions_format, and N may equal 0001 and depends on the total number of successfully predicted instances. If the Model has both instance and prediction schemata defined then each such file contains predictions as per the predictions_format. If prediction for any instance failed (partially or completely), then an additional `errors_0001.`, `errors_0002.`,..., `errors_N.` files are created (N depends on total number of failed predictions). These files contain the failed instances, as per their schema, followed by an additional `error` field which as value has google.rpc.Status containing only `code` and `message` fields." }, "predictionsFormat": { "type": "string", "description": "The format in which Vertex AI gives the predictions, must be one of the Model's supported_output_storage_formats." } }, "type": "object", "required": [ "bigqueryDestination", "gcsDestination", "predictionsFormat" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1BatchPredictionJobOutputInfoResponse": { "description": "Further describes this job's output. Supplements output_config.", "properties": { "bigqueryOutputDataset": { "type": "string", "description": "The path of the BigQuery dataset created, in `bq://projectId.bqDatasetId` format, into which the prediction output is written." }, "bigqueryOutputTable": { "type": "string", "description": "The name of the BigQuery table created, in `predictions_` format, into which the prediction output is written. Can be used by UI to generate the BigQuery output path, for example." }, "gcsOutputDirectory": { "type": "string", "description": "The full path of the Cloud Storage directory created, into which the prediction output is written." } }, "type": "object", "required": [ "bigqueryOutputDataset", "bigqueryOutputTable", "gcsOutputDirectory" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1BigQueryDestination": { "description": "The BigQuery location for the output content.", "properties": { "outputUri": { "type": "string", "description": "BigQuery URI to a project or table, up to 2000 characters long. When only the project is specified, the Dataset and Table is created. When the full table reference is specified, the Dataset must exist and table must not exist. Accepted forms: * BigQuery path. For example: `bq://projectId` or `bq://projectId.bqDatasetId` or `bq://projectId.bqDatasetId.bqTableId`." } }, "type": "object", "required": [ "outputUri" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1BigQueryDestinationResponse": { "description": "The BigQuery location for the output content.", "properties": { "outputUri": { "type": "string", "description": "BigQuery URI to a project or table, up to 2000 characters long. When only the project is specified, the Dataset and Table is created. When the full table reference is specified, the Dataset must exist and table must not exist. Accepted forms: * BigQuery path. For example: `bq://projectId` or `bq://projectId.bqDatasetId` or `bq://projectId.bqDatasetId.bqTableId`." } }, "type": "object", "required": [ "outputUri" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1BigQuerySource": { "description": "The BigQuery location for the input content.", "properties": { "inputUri": { "type": "string", "description": "BigQuery URI to a table, up to 2000 characters long. Accepted forms: * BigQuery path. For example: `bq://projectId.bqDatasetId.bqTableId`." } }, "type": "object", "required": [ "inputUri" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1BigQuerySourceResponse": { "description": "The BigQuery location for the input content.", "properties": { "inputUri": { "type": "string", "description": "BigQuery URI to a table, up to 2000 characters long. Accepted forms: * BigQuery path. For example: `bq://projectId.bqDatasetId.bqTableId`." } }, "type": "object", "required": [ "inputUri" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1BlurBaselineConfig": { "description": "Config for blur baseline. When enabled, a linear path from the maximally blurred image to the input image is created. Using a blurred baseline instead of zero (black image) is motivated by the BlurIG approach explained here: https://arxiv.org/abs/2004.03383", "properties": { "maxBlurSigma": { "type": "number", "description": "The standard deviation of the blur kernel for the blurred baseline. The same blurring parameter is used for both the height and the width dimension. If not set, the method defaults to the zero (i.e. black for images) baseline." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1BlurBaselineConfigResponse": { "description": "Config for blur baseline. When enabled, a linear path from the maximally blurred image to the input image is created. Using a blurred baseline instead of zero (black image) is motivated by the BlurIG approach explained here: https://arxiv.org/abs/2004.03383", "properties": { "maxBlurSigma": { "type": "number", "description": "The standard deviation of the blur kernel for the blurred baseline. The same blurring parameter is used for both the height and the width dimension. If not set, the method defaults to the zero (i.e. black for images) baseline." } }, "type": "object", "required": [ "maxBlurSigma" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1CompletionStatsResponse": { "description": "Success and error statistics of processing multiple entities (for example, DataItems or structured data rows) in batch.", "properties": { "failedCount": { "type": "string", "description": "The number of entities for which any error was encountered." }, "incompleteCount": { "type": "string", "description": "In cases when enough errors are encountered a job, pipeline, or operation may be failed as a whole. Below is the number of entities for which the processing had not been finished (either in successful or failed state). Set to -1 if the number is unknown (for example, the operation failed before the total entity number could be collected)." }, "successfulCount": { "type": "string", "description": "The number of entities that had been processed successfully." }, "successfulForecastPointCount": { "type": "string", "description": "The number of the successful forecast points that are generated by the forecasting model. This is ONLY used by the forecasting batch prediction." } }, "type": "object", "required": [ "failedCount", "incompleteCount", "successfulCount", "successfulForecastPointCount" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ContainerSpec": { "description": "The spec of a Container.", "properties": { "args": { "type": "array", "items": { "type": "string" }, "description": "The arguments to be passed when starting the container." }, "command": { "type": "array", "items": { "type": "string" }, "description": "The command to be invoked when the container is started. It overrides the entrypoint instruction in Dockerfile when provided." }, "env": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1EnvVar" }, "description": "Environment variables to be passed to the container. Maximum limit is 100." }, "imageUri": { "type": "string", "description": "The URI of a container image in the Container Registry that is to be run on each worker replica." } }, "type": "object", "required": [ "imageUri" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ContainerSpecResponse": { "description": "The spec of a Container.", "properties": { "args": { "type": "array", "items": { "type": "string" }, "description": "The arguments to be passed when starting the container." }, "command": { "type": "array", "items": { "type": "string" }, "description": "The command to be invoked when the container is started. It overrides the entrypoint instruction in Dockerfile when provided." }, "env": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1EnvVarResponse" }, "description": "Environment variables to be passed to the container. Maximum limit is 100." }, "imageUri": { "type": "string", "description": "The URI of a container image in the Container Registry that is to be run on each worker replica." } }, "type": "object", "required": [ "args", "command", "env", "imageUri" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ContextResponse": { "description": "Instance of a general context.", "properties": { "createTime": { "type": "string", "description": "Timestamp when this Context was created." }, "description": { "type": "string", "description": "Description of the Context" }, "displayName": { "type": "string", "description": "User provided display name of the Context. May be up to 128 Unicode characters." }, "etag": { "type": "string", "description": "An eTag used to perform consistent read-modify-write updates. If not set, a blind \"overwrite\" update happens." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The labels with user-defined metadata to organize your Contexts. Label keys and values can be no longer than 64 characters (Unicode codepoints), can only contain lowercase letters, numeric characters, underscores and dashes. International characters are allowed. No more than 64 user labels can be associated with one Context (System labels are excluded)." }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Properties of the Context. Top level metadata keys' heading and trailing spaces will be trimmed. The size of this field should not exceed 200KB." }, "name": { "type": "string", "description": "Immutable. The resource name of the Context." }, "parentContexts": { "type": "array", "items": { "type": "string" }, "description": "A list of resource names of Contexts that are parents of this Context. A Context may have at most 10 parent_contexts." }, "schemaTitle": { "type": "string", "description": "The title of the schema describing the metadata. Schema title and version is expected to be registered in earlier Create Schema calls. And both are used together as unique identifiers to identify schemas within the local metadata store." }, "schemaVersion": { "type": "string", "description": "The version of the schema in schema_name to use. Schema title and version is expected to be registered in earlier Create Schema calls. And both are used together as unique identifiers to identify schemas within the local metadata store." }, "updateTime": { "type": "string", "description": "Timestamp when this Context was last updated." } }, "type": "object", "required": [ "createTime", "description", "displayName", "etag", "labels", "metadata", "name", "parentContexts", "schemaTitle", "schemaVersion", "updateTime" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1CreatePipelineJobRequest": { "description": "Request message for PipelineService.CreatePipelineJob.", "properties": { "parent": { "type": "string", "description": "The resource name of the Location to create the PipelineJob in. Format: `projects/{project}/locations/{location}`" }, "pipelineJob": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1PipelineJob", "description": "The PipelineJob to create." }, "pipelineJobId": { "type": "string", "description": "The ID to use for the PipelineJob, which will become the final component of the PipelineJob name. If not provided, an ID will be automatically generated. This value should be less than 128 characters, and valid characters are `/a-z-/`." } }, "type": "object", "required": [ "parent", "pipelineJob" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1CreatePipelineJobRequestResponse": { "description": "Request message for PipelineService.CreatePipelineJob.", "properties": { "parent": { "type": "string", "description": "The resource name of the Location to create the PipelineJob in. Format: `projects/{project}/locations/{location}`" }, "pipelineJob": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1PipelineJobResponse", "description": "The PipelineJob to create." }, "pipelineJobId": { "type": "string", "description": "The ID to use for the PipelineJob, which will become the final component of the PipelineJob name. If not provided, an ID will be automatically generated. This value should be less than 128 characters, and valid characters are `/a-z-/`." } }, "type": "object", "required": [ "parent", "pipelineJob", "pipelineJobId" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1CustomJobSpec": { "description": "Represents the spec of a CustomJob.", "properties": { "baseOutputDirectory": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1GcsDestination", "description": "The Cloud Storage location to store the output of this CustomJob or HyperparameterTuningJob. For HyperparameterTuningJob, the baseOutputDirectory of each child CustomJob backing a Trial is set to a subdirectory of name id under its parent HyperparameterTuningJob's baseOutputDirectory. The following Vertex AI environment variables will be passed to containers or python modules when this field is set: For CustomJob: * AIP_MODEL_DIR = `/model/` * AIP_CHECKPOINT_DIR = `/checkpoints/` * AIP_TENSORBOARD_LOG_DIR = `/logs/` For CustomJob backing a Trial of HyperparameterTuningJob: * AIP_MODEL_DIR = `//model/` * AIP_CHECKPOINT_DIR = `//checkpoints/` * AIP_TENSORBOARD_LOG_DIR = `//logs/`" }, "enableDashboardAccess": { "type": "boolean", "description": "Optional. Whether you want Vertex AI to enable access to the customized dashboard in training chief container. If set to `true`, you can access the dashboard at the URIs given by CustomJob.web_access_uris or Trial.web_access_uris (within HyperparameterTuningJob.trials)." }, "enableWebAccess": { "type": "boolean", "description": "Optional. Whether you want Vertex AI to enable [interactive shell access](https://cloud.google.com/vertex-ai/docs/training/monitor-debug-interactive-shell) to training containers. If set to `true`, you can access interactive shells at the URIs given by CustomJob.web_access_uris or Trial.web_access_uris (within HyperparameterTuningJob.trials)." }, "experiment": { "type": "string", "description": "Optional. The Experiment associated with this job. Format: `projects/{project}/locations/{location}/metadataStores/{metadataStores}/contexts/{experiment-name}`" }, "experimentRun": { "type": "string", "description": "Optional. The Experiment Run associated with this job. Format: `projects/{project}/locations/{location}/metadataStores/{metadataStores}/contexts/{experiment-name}-{experiment-run-name}`" }, "network": { "type": "string", "description": "Optional. The full name of the Compute Engine [network](/compute/docs/networks-and-firewalls#networks) to which the Job should be peered. For example, `projects/12345/global/networks/myVPC`. [Format](/compute/docs/reference/rest/v1/networks/insert) is of the form `projects/{project}/global/networks/{network}`. Where {project} is a project number, as in `12345`, and {network} is a network name. To specify this field, you must have already [configured VPC Network Peering for Vertex AI](https://cloud.google.com/vertex-ai/docs/general/vpc-peering). If this field is left unspecified, the job is not peered with any network." }, "persistentResourceId": { "type": "string", "description": "Optional. The ID of the PersistentResource in the same Project and Location which to run If this is specified, the job will be run on existing machines held by the PersistentResource instead of on-demand short-live machines. The network and CMEK configs on the job should be consistent with those on the PersistentResource, otherwise, the job will be rejected." }, "protectedArtifactLocationId": { "type": "string", "description": "The ID of the location to store protected artifacts. e.g. us-central1. Populate only when the location is different than CustomJob location. List of supported locations: https://cloud.google.com/vertex-ai/docs/general/locations" }, "reservedIpRanges": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of names for the reserved ip ranges under the VPC network that can be used for this job. If set, we will deploy the job within the provided ip ranges. Otherwise, the job will be deployed to any ip ranges under the provided VPC network. Example: ['vertex-ai-ip-range']." }, "scheduling": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1Scheduling", "description": "Scheduling options for a CustomJob." }, "serviceAccount": { "type": "string", "description": "Specifies the service account for workload run-as account. Users submitting jobs must have act-as permission on this run-as account. If unspecified, the [Vertex AI Custom Code Service Agent](https://cloud.google.com/vertex-ai/docs/general/access-control#service-agents) for the CustomJob's project is used." }, "tensorboard": { "type": "string", "description": "Optional. The name of a Vertex AI Tensorboard resource to which this CustomJob will upload Tensorboard logs. Format: `projects/{project}/locations/{location}/tensorboards/{tensorboard}`" }, "workerPoolSpecs": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1WorkerPoolSpec" }, "description": "The spec of the worker pools including machine type and Docker image. All worker pools except the first one are optional and can be skipped by providing an empty value." } }, "type": "object", "required": [ "workerPoolSpecs" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1CustomJobSpecResponse": { "description": "Represents the spec of a CustomJob.", "properties": { "baseOutputDirectory": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1GcsDestinationResponse", "description": "The Cloud Storage location to store the output of this CustomJob or HyperparameterTuningJob. For HyperparameterTuningJob, the baseOutputDirectory of each child CustomJob backing a Trial is set to a subdirectory of name id under its parent HyperparameterTuningJob's baseOutputDirectory. The following Vertex AI environment variables will be passed to containers or python modules when this field is set: For CustomJob: * AIP_MODEL_DIR = `/model/` * AIP_CHECKPOINT_DIR = `/checkpoints/` * AIP_TENSORBOARD_LOG_DIR = `/logs/` For CustomJob backing a Trial of HyperparameterTuningJob: * AIP_MODEL_DIR = `//model/` * AIP_CHECKPOINT_DIR = `//checkpoints/` * AIP_TENSORBOARD_LOG_DIR = `//logs/`" }, "enableDashboardAccess": { "type": "boolean", "description": "Optional. Whether you want Vertex AI to enable access to the customized dashboard in training chief container. If set to `true`, you can access the dashboard at the URIs given by CustomJob.web_access_uris or Trial.web_access_uris (within HyperparameterTuningJob.trials)." }, "enableWebAccess": { "type": "boolean", "description": "Optional. Whether you want Vertex AI to enable [interactive shell access](https://cloud.google.com/vertex-ai/docs/training/monitor-debug-interactive-shell) to training containers. If set to `true`, you can access interactive shells at the URIs given by CustomJob.web_access_uris or Trial.web_access_uris (within HyperparameterTuningJob.trials)." }, "experiment": { "type": "string", "description": "Optional. The Experiment associated with this job. Format: `projects/{project}/locations/{location}/metadataStores/{metadataStores}/contexts/{experiment-name}`" }, "experimentRun": { "type": "string", "description": "Optional. The Experiment Run associated with this job. Format: `projects/{project}/locations/{location}/metadataStores/{metadataStores}/contexts/{experiment-name}-{experiment-run-name}`" }, "network": { "type": "string", "description": "Optional. The full name of the Compute Engine [network](/compute/docs/networks-and-firewalls#networks) to which the Job should be peered. For example, `projects/12345/global/networks/myVPC`. [Format](/compute/docs/reference/rest/v1/networks/insert) is of the form `projects/{project}/global/networks/{network}`. Where {project} is a project number, as in `12345`, and {network} is a network name. To specify this field, you must have already [configured VPC Network Peering for Vertex AI](https://cloud.google.com/vertex-ai/docs/general/vpc-peering). If this field is left unspecified, the job is not peered with any network." }, "persistentResourceId": { "type": "string", "description": "Optional. The ID of the PersistentResource in the same Project and Location which to run If this is specified, the job will be run on existing machines held by the PersistentResource instead of on-demand short-live machines. The network and CMEK configs on the job should be consistent with those on the PersistentResource, otherwise, the job will be rejected." }, "protectedArtifactLocationId": { "type": "string", "description": "The ID of the location to store protected artifacts. e.g. us-central1. Populate only when the location is different than CustomJob location. List of supported locations: https://cloud.google.com/vertex-ai/docs/general/locations" }, "reservedIpRanges": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of names for the reserved ip ranges under the VPC network that can be used for this job. If set, we will deploy the job within the provided ip ranges. Otherwise, the job will be deployed to any ip ranges under the provided VPC network. Example: ['vertex-ai-ip-range']." }, "scheduling": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1SchedulingResponse", "description": "Scheduling options for a CustomJob." }, "serviceAccount": { "type": "string", "description": "Specifies the service account for workload run-as account. Users submitting jobs must have act-as permission on this run-as account. If unspecified, the [Vertex AI Custom Code Service Agent](https://cloud.google.com/vertex-ai/docs/general/access-control#service-agents) for the CustomJob's project is used." }, "tensorboard": { "type": "string", "description": "Optional. The name of a Vertex AI Tensorboard resource to which this CustomJob will upload Tensorboard logs. Format: `projects/{project}/locations/{location}/tensorboards/{tensorboard}`" }, "workerPoolSpecs": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1WorkerPoolSpecResponse" }, "description": "The spec of the worker pools including machine type and Docker image. All worker pools except the first one are optional and can be skipped by providing an empty value." } }, "type": "object", "required": [ "baseOutputDirectory", "enableDashboardAccess", "enableWebAccess", "experiment", "experimentRun", "network", "persistentResourceId", "protectedArtifactLocationId", "reservedIpRanges", "scheduling", "serviceAccount", "tensorboard", "workerPoolSpecs" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1DedicatedResources": { "description": "A description of resources that are dedicated to a DeployedModel, and that need a higher degree of manual configuration.", "properties": { "autoscalingMetricSpecs": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1AutoscalingMetricSpec" }, "description": "Immutable. The metric specifications that overrides a resource utilization metric (CPU utilization, accelerator's duty cycle, and so on) target value (default to 60 if not set). At most one entry is allowed per metric. If machine_spec.accelerator_count is above 0, the autoscaling will be based on both CPU utilization and accelerator's duty cycle metrics and scale up when either metrics exceeds its target value while scale down if both metrics are under their target value. The default target value is 60 for both metrics. If machine_spec.accelerator_count is 0, the autoscaling will be based on CPU utilization metric only with default target value 60 if not explicitly set. For example, in the case of Online Prediction, if you want to override target CPU utilization to 80, you should set autoscaling_metric_specs.metric_name to `aiplatform.googleapis.com/prediction/online/cpu/utilization` and autoscaling_metric_specs.target to `80`." }, "machineSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1MachineSpec", "description": "Immutable. The specification of a single machine used by the prediction." }, "maxReplicaCount": { "type": "integer", "description": "Immutable. The maximum number of replicas this DeployedModel may be deployed on when the traffic against it increases. If the requested value is too large, the deployment will error, but if deployment succeeds then the ability to scale the model to that many replicas is guaranteed (barring service outages). If traffic against the DeployedModel increases beyond what its replicas at maximum may handle, a portion of the traffic will be dropped. If this value is not provided, will use min_replica_count as the default value. The value of this field impacts the charge against Vertex CPU and GPU quotas. Specifically, you will be charged for (max_replica_count * number of cores in the selected machine type) and (max_replica_count * number of GPUs per replica in the selected machine type)." }, "minReplicaCount": { "type": "integer", "description": "Immutable. The minimum number of machine replicas this DeployedModel will be always deployed on. This value must be greater than or equal to 1. If traffic against the DeployedModel increases, it may dynamically be deployed onto more replicas, and as traffic decreases, some of these extra replicas may be freed." } }, "type": "object", "required": [ "machineSpec", "minReplicaCount" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1DedicatedResourcesResponse": { "description": "A description of resources that are dedicated to a DeployedModel, and that need a higher degree of manual configuration.", "properties": { "autoscalingMetricSpecs": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1AutoscalingMetricSpecResponse" }, "description": "Immutable. The metric specifications that overrides a resource utilization metric (CPU utilization, accelerator's duty cycle, and so on) target value (default to 60 if not set). At most one entry is allowed per metric. If machine_spec.accelerator_count is above 0, the autoscaling will be based on both CPU utilization and accelerator's duty cycle metrics and scale up when either metrics exceeds its target value while scale down if both metrics are under their target value. The default target value is 60 for both metrics. If machine_spec.accelerator_count is 0, the autoscaling will be based on CPU utilization metric only with default target value 60 if not explicitly set. For example, in the case of Online Prediction, if you want to override target CPU utilization to 80, you should set autoscaling_metric_specs.metric_name to `aiplatform.googleapis.com/prediction/online/cpu/utilization` and autoscaling_metric_specs.target to `80`." }, "machineSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1MachineSpecResponse", "description": "Immutable. The specification of a single machine used by the prediction." }, "maxReplicaCount": { "type": "integer", "description": "Immutable. The maximum number of replicas this DeployedModel may be deployed on when the traffic against it increases. If the requested value is too large, the deployment will error, but if deployment succeeds then the ability to scale the model to that many replicas is guaranteed (barring service outages). If traffic against the DeployedModel increases beyond what its replicas at maximum may handle, a portion of the traffic will be dropped. If this value is not provided, will use min_replica_count as the default value. The value of this field impacts the charge against Vertex CPU and GPU quotas. Specifically, you will be charged for (max_replica_count * number of cores in the selected machine type) and (max_replica_count * number of GPUs per replica in the selected machine type)." }, "minReplicaCount": { "type": "integer", "description": "Immutable. The minimum number of machine replicas this DeployedModel will be always deployed on. This value must be greater than or equal to 1. If traffic against the DeployedModel increases, it may dynamically be deployed onto more replicas, and as traffic decreases, some of these extra replicas may be freed." } }, "type": "object", "required": [ "autoscalingMetricSpecs", "machineSpec", "maxReplicaCount", "minReplicaCount" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1DeployedIndexAuthConfigAuthProviderResponse": { "description": "Configuration for an authentication provider, including support for [JSON Web Token (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).", "properties": { "allowedIssuers": { "type": "array", "items": { "type": "string" }, "description": "A list of allowed JWT issuers. Each entry must be a valid Google service account, in the following format: `service-account-name@project-id.iam.gserviceaccount.com`" }, "audiences": { "type": "array", "items": { "type": "string" }, "description": "The list of JWT [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3). that are allowed to access. A JWT containing any of these audiences will be accepted." } }, "type": "object", "required": [ "allowedIssuers", "audiences" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1DeployedIndexAuthConfigResponse": { "description": "Used to set up the auth on the DeployedIndex's private endpoint.", "properties": { "authProvider": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1DeployedIndexAuthConfigAuthProviderResponse", "description": "Defines the authentication provider that the DeployedIndex uses." } }, "type": "object", "required": [ "authProvider" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1DeployedIndexRefResponse": { "description": "Points to a DeployedIndex.", "properties": { "deployedIndexId": { "type": "string", "description": "Immutable. The ID of the DeployedIndex in the above IndexEndpoint." }, "indexEndpoint": { "type": "string", "description": "Immutable. A resource name of the IndexEndpoint." } }, "type": "object", "required": [ "deployedIndexId", "indexEndpoint" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1DeployedIndexResponse": { "description": "A deployment of an Index. IndexEndpoints contain one or more DeployedIndexes.", "properties": { "automaticResources": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1AutomaticResourcesResponse", "description": "Optional. A description of resources that the DeployedIndex uses, which to large degree are decided by Vertex AI, and optionally allows only a modest additional configuration. If min_replica_count is not set, the default value is 2 (we don't provide SLA when min_replica_count=1). If max_replica_count is not set, the default value is min_replica_count. The max allowed replica count is 1000." }, "createTime": { "type": "string", "description": "Timestamp when the DeployedIndex was created." }, "dedicatedResources": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1DedicatedResourcesResponse", "description": "Optional. A description of resources that are dedicated to the DeployedIndex, and that need a higher degree of manual configuration. The field min_replica_count must be set to a value strictly greater than 0, or else validation will fail. We don't provide SLA when min_replica_count=1. If max_replica_count is not set, the default value is min_replica_count. The max allowed replica count is 1000. Available machine types for SMALL shard: e2-standard-2 and all machine types available for MEDIUM and LARGE shard. Available machine types for MEDIUM shard: e2-standard-16 and all machine types available for LARGE shard. Available machine types for LARGE shard: e2-highmem-16, n2d-standard-32. n1-standard-16 and n1-standard-32 are still available, but we recommend e2-standard-16 and e2-highmem-16 for cost efficiency." }, "deployedIndexAuthConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1DeployedIndexAuthConfigResponse", "description": "Optional. If set, the authentication is enabled for the private endpoint." }, "deploymentGroup": { "type": "string", "description": "Optional. The deployment group can be no longer than 64 characters (eg: 'test', 'prod'). If not set, we will use the 'default' deployment group. Creating `deployment_groups` with `reserved_ip_ranges` is a recommended practice when the peered network has multiple peering ranges. This creates your deployments from predictable IP spaces for easier traffic administration. Also, one deployment_group (except 'default') can only be used with the same reserved_ip_ranges which means if the deployment_group has been used with reserved_ip_ranges: [a, b, c], using it with [a, b] or [d, e] is disallowed. Note: we only support up to 5 deployment groups(not including 'default')." }, "displayName": { "type": "string", "description": "The display name of the DeployedIndex. If not provided upon creation, the Index's display_name is used." }, "enableAccessLogging": { "type": "boolean", "description": "Optional. If true, private endpoint's access logs are sent to Cloud Logging. These logs are like standard server access logs, containing information like timestamp and latency for each MatchRequest. Note that logs may incur a cost, especially if the deployed index receives a high queries per second rate (QPS). Estimate your costs before enabling this option." }, "index": { "type": "string", "description": "The name of the Index this is the deployment of. We may refer to this Index as the DeployedIndex's \"original\" Index." }, "indexSyncTime": { "type": "string", "description": "The DeployedIndex may depend on various data on its original Index. Additionally when certain changes to the original Index are being done (e.g. when what the Index contains is being changed) the DeployedIndex may be asynchronously updated in the background to reflect these changes. If this timestamp's value is at least the Index.update_time of the original Index, it means that this DeployedIndex and the original Index are in sync. If this timestamp is older, then to see which updates this DeployedIndex already contains (and which it does not), one must list the operations that are running on the original Index. Only the successfully completed Operations with update_time equal or before this sync time are contained in this DeployedIndex." }, "privateEndpoints": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1IndexPrivateEndpointsResponse", "description": "Provides paths for users to send requests directly to the deployed index services running on Cloud via private services access. This field is populated if network is configured." }, "reservedIpRanges": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of reserved ip ranges under the VPC network that can be used for this DeployedIndex. If set, we will deploy the index within the provided ip ranges. Otherwise, the index might be deployed to any ip ranges under the provided VPC network. The value should be the name of the address (https://cloud.google.com/compute/docs/reference/rest/v1/addresses) Example: ['vertex-ai-ip-range']. For more information about subnets and network IP ranges, please see https://cloud.google.com/vpc/docs/subnets#manually_created_subnet_ip_ranges." } }, "type": "object", "required": [ "automaticResources", "createTime", "dedicatedResources", "deployedIndexAuthConfig", "deploymentGroup", "displayName", "enableAccessLogging", "index", "indexSyncTime", "privateEndpoints", "reservedIpRanges" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1DeployedModelRefResponse": { "description": "Points to a DeployedModel.", "properties": { "deployedModelId": { "type": "string", "description": "Immutable. An ID of a DeployedModel in the above Endpoint." }, "endpoint": { "type": "string", "description": "Immutable. A resource name of an Endpoint." } }, "type": "object", "required": [ "deployedModelId", "endpoint" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1DeployedModelResponse": { "description": "A deployment of a Model. Endpoints contain one or more DeployedModels.", "properties": { "automaticResources": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1AutomaticResourcesResponse", "description": "A description of resources that to large degree are decided by Vertex AI, and require only a modest additional configuration." }, "createTime": { "type": "string", "description": "Timestamp when the DeployedModel was created." }, "dedicatedResources": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1DedicatedResourcesResponse", "description": "A description of resources that are dedicated to the DeployedModel, and that need a higher degree of manual configuration." }, "disableExplanations": { "type": "boolean", "description": "If true, deploy the model without explainable feature, regardless the existence of Model.explanation_spec or explanation_spec." }, "displayName": { "type": "string", "description": "The display name of the DeployedModel. If not provided upon creation, the Model's display_name is used." }, "enableAccessLogging": { "type": "boolean", "description": "If true, online prediction access logs are sent to Cloud Logging. These logs are like standard server access logs, containing information like timestamp and latency for each prediction request. Note that logs may incur a cost, especially if your project receives prediction requests at a high queries per second rate (QPS). Estimate your costs before enabling this option." }, "enableContainerLogging": { "type": "boolean", "description": "If true, the container of the DeployedModel instances will send `stderr` and `stdout` streams to Cloud Logging. Only supported for custom-trained Models and AutoML Tabular Models." }, "explanationSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ExplanationSpecResponse", "description": "Explanation configuration for this DeployedModel. When deploying a Model using EndpointService.DeployModel, this value overrides the value of Model.explanation_spec. All fields of explanation_spec are optional in the request. If a field of explanation_spec is not populated, the value of the same field of Model.explanation_spec is inherited. If the corresponding Model.explanation_spec is not populated, all fields of the explanation_spec will be used for the explanation configuration." }, "model": { "type": "string", "description": "The resource name of the Model that this is the deployment of. Note that the Model may be in a different location than the DeployedModel's Endpoint. The resource name may contain version id or version alias to specify the version. Example: `projects/{project}/locations/{location}/models/{model}@2` or `projects/{project}/locations/{location}/models/{model}@golden` if no version is specified, the default version will be deployed." }, "modelVersionId": { "type": "string", "description": "The version ID of the model that is deployed." }, "privateEndpoints": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1PrivateEndpointsResponse", "description": "Provide paths for users to send predict/explain/health requests directly to the deployed model services running on Cloud via private services access. This field is populated if network is configured." }, "serviceAccount": { "type": "string", "description": "The service account that the DeployedModel's container runs as. Specify the email address of the service account. If this service account is not specified, the container runs as a service account that doesn't have access to the resource project. Users deploying the Model must have the `iam.serviceAccounts.actAs` permission on this service account." }, "sharedResources": { "type": "string", "description": "The resource name of the shared DeploymentResourcePool to deploy on. Format: `projects/{project}/locations/{location}/deploymentResourcePools/{deployment_resource_pool}`" } }, "type": "object", "required": [ "automaticResources", "createTime", "dedicatedResources", "disableExplanations", "displayName", "enableAccessLogging", "enableContainerLogging", "explanationSpec", "model", "modelVersionId", "privateEndpoints", "serviceAccount", "sharedResources" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1DiskSpec": { "description": "Represents the spec of disk options.", "properties": { "bootDiskSizeGb": { "type": "integer", "description": "Size in GB of the boot disk (default is 100GB)." }, "bootDiskType": { "type": "string", "description": "Type of the boot disk (default is \"pd-ssd\"). Valid values: \"pd-ssd\" (Persistent Disk Solid State Drive) or \"pd-standard\" (Persistent Disk Hard Disk Drive)." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1DiskSpecResponse": { "description": "Represents the spec of disk options.", "properties": { "bootDiskSizeGb": { "type": "integer", "description": "Size in GB of the boot disk (default is 100GB)." }, "bootDiskType": { "type": "string", "description": "Type of the boot disk (default is \"pd-ssd\"). Valid values: \"pd-ssd\" (Persistent Disk Solid State Drive) or \"pd-standard\" (Persistent Disk Hard Disk Drive)." } }, "type": "object", "required": [ "bootDiskSizeGb", "bootDiskType" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1EncryptionSpec": { "description": "Represents a customer-managed encryption key spec that can be applied to a top-level resource.", "properties": { "kmsKeyName": { "type": "string", "description": "The Cloud KMS resource identifier of the customer managed encryption key used to protect a resource. Has the form: `projects/my-project/locations/my-region/keyRings/my-kr/cryptoKeys/my-key`. The key needs to be in the same region as where the compute resource is created." } }, "type": "object", "required": [ "kmsKeyName" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1EncryptionSpecResponse": { "description": "Represents a customer-managed encryption key spec that can be applied to a top-level resource.", "properties": { "kmsKeyName": { "type": "string", "description": "The Cloud KMS resource identifier of the customer managed encryption key used to protect a resource. Has the form: `projects/my-project/locations/my-region/keyRings/my-kr/cryptoKeys/my-key`. The key needs to be in the same region as where the compute resource is created." } }, "type": "object", "required": [ "kmsKeyName" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1EnvVar": { "description": "Represents an environment variable present in a Container or Python Module.", "properties": { "name": { "type": "string", "description": "Name of the environment variable. Must be a valid C identifier." }, "value": { "type": "string", "description": "Variables that reference a $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not." } }, "type": "object", "required": [ "name", "value" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1EnvVarResponse": { "description": "Represents an environment variable present in a Container or Python Module.", "properties": { "name": { "type": "string", "description": "Name of the environment variable. Must be a valid C identifier." }, "value": { "type": "string", "description": "Variables that reference a $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not." } }, "type": "object", "required": [ "name", "value" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1Examples": { "description": "Example-based explainability that returns the nearest neighbors from the provided dataset.", "properties": { "exampleGcsSource": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ExamplesExampleGcsSource", "description": "The Cloud Storage input instances." }, "gcsSource": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1GcsSource", "description": "The Cloud Storage locations that contain the instances to be indexed for approximate nearest neighbor search." }, "nearestNeighborSearchConfig": { "$ref": "pulumi.json#/Any", "description": "The full configuration for the generated index, the semantics are the same as metadata and should match [NearestNeighborSearchConfig](https://cloud.google.com/vertex-ai/docs/explainable-ai/configuring-explanations-example-based#nearest-neighbor-search-config)." }, "neighborCount": { "type": "integer", "description": "The number of neighbors to return when querying for examples." }, "presets": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1Presets", "description": "Simplified preset configuration, which automatically sets configuration values based on the desired query speed-precision trade-off and modality." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ExamplesExampleGcsSource": { "description": "The Cloud Storage input instances.", "properties": { "dataFormat": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ExamplesExampleGcsSourceDataFormat", "description": "The format in which instances are given, if not specified, assume it's JSONL format. Currently only JSONL format is supported." }, "gcsSource": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1GcsSource", "description": "The Cloud Storage location for the input instances." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ExamplesExampleGcsSourceDataFormat": { "description": "The format in which instances are given, if not specified, assume it's JSONL format. Currently only JSONL format is supported.", "type": "string", "enum": [ { "name": "DataFormatUnspecified", "description": "Format unspecified, used when unset.", "value": "DATA_FORMAT_UNSPECIFIED" }, { "name": "Jsonl", "description": "Examples are stored in JSONL files.", "value": "JSONL" } ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ExamplesExampleGcsSourceResponse": { "description": "The Cloud Storage input instances.", "properties": { "dataFormat": { "type": "string", "description": "The format in which instances are given, if not specified, assume it's JSONL format. Currently only JSONL format is supported." }, "gcsSource": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1GcsSourceResponse", "description": "The Cloud Storage location for the input instances." } }, "type": "object", "required": [ "dataFormat", "gcsSource" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ExamplesResponse": { "description": "Example-based explainability that returns the nearest neighbors from the provided dataset.", "properties": { "exampleGcsSource": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ExamplesExampleGcsSourceResponse", "description": "The Cloud Storage input instances." }, "gcsSource": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1GcsSourceResponse", "description": "The Cloud Storage locations that contain the instances to be indexed for approximate nearest neighbor search." }, "nearestNeighborSearchConfig": { "$ref": "pulumi.json#/Any", "description": "The full configuration for the generated index, the semantics are the same as metadata and should match [NearestNeighborSearchConfig](https://cloud.google.com/vertex-ai/docs/explainable-ai/configuring-explanations-example-based#nearest-neighbor-search-config)." }, "neighborCount": { "type": "integer", "description": "The number of neighbors to return when querying for examples." }, "presets": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1PresetsResponse", "description": "Simplified preset configuration, which automatically sets configuration values based on the desired query speed-precision trade-off and modality." } }, "type": "object", "required": [ "exampleGcsSource", "gcsSource", "nearestNeighborSearchConfig", "neighborCount", "presets" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ExecutionResponse": { "description": "Instance of a general execution.", "properties": { "createTime": { "type": "string", "description": "Timestamp when this Execution was created." }, "description": { "type": "string", "description": "Description of the Execution" }, "displayName": { "type": "string", "description": "User provided display name of the Execution. May be up to 128 Unicode characters." }, "etag": { "type": "string", "description": "An eTag used to perform consistent read-modify-write updates. If not set, a blind \"overwrite\" update happens." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The labels with user-defined metadata to organize your Executions. Label keys and values can be no longer than 64 characters (Unicode codepoints), can only contain lowercase letters, numeric characters, underscores and dashes. International characters are allowed. No more than 64 user labels can be associated with one Execution (System labels are excluded)." }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Properties of the Execution. Top level metadata keys' heading and trailing spaces will be trimmed. The size of this field should not exceed 200KB." }, "name": { "type": "string", "description": "The resource name of the Execution." }, "schemaTitle": { "type": "string", "description": "The title of the schema describing the metadata. Schema title and version is expected to be registered in earlier Create Schema calls. And both are used together as unique identifiers to identify schemas within the local metadata store." }, "schemaVersion": { "type": "string", "description": "The version of the schema in `schema_title` to use. Schema title and version is expected to be registered in earlier Create Schema calls. And both are used together as unique identifiers to identify schemas within the local metadata store." }, "state": { "type": "string", "description": "The state of this Execution. This is a property of the Execution, and does not imply or capture any ongoing process. This property is managed by clients (such as Vertex AI Pipelines) and the system does not prescribe or check the validity of state transitions." }, "updateTime": { "type": "string", "description": "Timestamp when this Execution was last updated." } }, "type": "object", "required": [ "createTime", "description", "displayName", "etag", "labels", "metadata", "name", "schemaTitle", "schemaVersion", "state", "updateTime" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ExplanationMetadata": { "description": "Metadata describing the Model's input and output for explanation.", "properties": { "featureAttributionsSchemaUri": { "type": "string", "description": "Points to a YAML file stored on Google Cloud Storage describing the format of the feature attributions. The schema is defined as an OpenAPI 3.0.2 [Schema Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). AutoML tabular Models always have this field populated by Vertex AI. Note: The URI given on output may be different, including the URI scheme, than the one given on input. The output URI will point to a location where the user only has a read access." }, "inputs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map from feature names to feature input metadata. Keys are the name of the features. Values are the specification of the feature. An empty InputMetadata is valid. It describes a text feature which has the name specified as the key in ExplanationMetadata.inputs. The baseline of the empty feature is chosen by Vertex AI. For Vertex AI-provided Tensorflow images, the key can be any friendly name of the feature. Once specified, featureAttributions are keyed by this key (if not grouped with another feature). For custom images, the key must match with the key in instance." }, "latentSpaceSource": { "type": "string", "description": "Name of the source to generate embeddings for example based explanations." }, "outputs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map from output names to output metadata. For Vertex AI-provided Tensorflow images, keys can be any user defined string that consists of any UTF-8 characters. For custom images, keys are the name of the output field in the prediction to be explained. Currently only one key is allowed." } }, "type": "object", "required": [ "inputs", "outputs" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ExplanationMetadataResponse": { "description": "Metadata describing the Model's input and output for explanation.", "properties": { "featureAttributionsSchemaUri": { "type": "string", "description": "Points to a YAML file stored on Google Cloud Storage describing the format of the feature attributions. The schema is defined as an OpenAPI 3.0.2 [Schema Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). AutoML tabular Models always have this field populated by Vertex AI. Note: The URI given on output may be different, including the URI scheme, than the one given on input. The output URI will point to a location where the user only has a read access." }, "inputs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map from feature names to feature input metadata. Keys are the name of the features. Values are the specification of the feature. An empty InputMetadata is valid. It describes a text feature which has the name specified as the key in ExplanationMetadata.inputs. The baseline of the empty feature is chosen by Vertex AI. For Vertex AI-provided Tensorflow images, the key can be any friendly name of the feature. Once specified, featureAttributions are keyed by this key (if not grouped with another feature). For custom images, the key must match with the key in instance." }, "latentSpaceSource": { "type": "string", "description": "Name of the source to generate embeddings for example based explanations." }, "outputs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map from output names to output metadata. For Vertex AI-provided Tensorflow images, keys can be any user defined string that consists of any UTF-8 characters. For custom images, keys are the name of the output field in the prediction to be explained. Currently only one key is allowed." } }, "type": "object", "required": [ "featureAttributionsSchemaUri", "inputs", "latentSpaceSource", "outputs" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ExplanationParameters": { "description": "Parameters to configure explaining for Model's predictions.", "properties": { "examples": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1Examples", "description": "Example-based explanations that returns the nearest neighbors from the provided dataset." }, "integratedGradientsAttribution": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1IntegratedGradientsAttribution", "description": "An attribution method that computes Aumann-Shapley values taking advantage of the model's fully differentiable structure. Refer to this paper for more details: https://arxiv.org/abs/1703.01365" }, "outputIndices": { "type": "array", "items": { "$ref": "pulumi.json#/Any" }, "description": "If populated, only returns attributions that have output_index contained in output_indices. It must be an ndarray of integers, with the same shape of the output it's explaining. If not populated, returns attributions for top_k indices of outputs. If neither top_k nor output_indices is populated, returns the argmax index of the outputs. Only applicable to Models that predict multiple outputs (e,g, multi-class Models that predict multiple classes)." }, "sampledShapleyAttribution": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1SampledShapleyAttribution", "description": "An attribution method that approximates Shapley values for features that contribute to the label being predicted. A sampling strategy is used to approximate the value rather than considering all subsets of features. Refer to this paper for model details: https://arxiv.org/abs/1306.4265." }, "topK": { "type": "integer", "description": "If populated, returns attributions for top K indices of outputs (defaults to 1). Only applies to Models that predicts more than one outputs (e,g, multi-class Models). When set to -1, returns explanations for all outputs." }, "xraiAttribution": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1XraiAttribution", "description": "An attribution method that redistributes Integrated Gradients attribution to segmented regions, taking advantage of the model's fully differentiable structure. Refer to this paper for more details: https://arxiv.org/abs/1906.02825 XRAI currently performs better on natural images, like a picture of a house or an animal. If the images are taken in artificial environments, like a lab or manufacturing line, or from diagnostic equipment, like x-rays or quality-control cameras, use Integrated Gradients instead." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ExplanationParametersResponse": { "description": "Parameters to configure explaining for Model's predictions.", "properties": { "examples": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ExamplesResponse", "description": "Example-based explanations that returns the nearest neighbors from the provided dataset." }, "integratedGradientsAttribution": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1IntegratedGradientsAttributionResponse", "description": "An attribution method that computes Aumann-Shapley values taking advantage of the model's fully differentiable structure. Refer to this paper for more details: https://arxiv.org/abs/1703.01365" }, "outputIndices": { "type": "array", "items": { "$ref": "pulumi.json#/Any" }, "description": "If populated, only returns attributions that have output_index contained in output_indices. It must be an ndarray of integers, with the same shape of the output it's explaining. If not populated, returns attributions for top_k indices of outputs. If neither top_k nor output_indices is populated, returns the argmax index of the outputs. Only applicable to Models that predict multiple outputs (e,g, multi-class Models that predict multiple classes)." }, "sampledShapleyAttribution": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1SampledShapleyAttributionResponse", "description": "An attribution method that approximates Shapley values for features that contribute to the label being predicted. A sampling strategy is used to approximate the value rather than considering all subsets of features. Refer to this paper for model details: https://arxiv.org/abs/1306.4265." }, "topK": { "type": "integer", "description": "If populated, returns attributions for top K indices of outputs (defaults to 1). Only applies to Models that predicts more than one outputs (e,g, multi-class Models). When set to -1, returns explanations for all outputs." }, "xraiAttribution": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1XraiAttributionResponse", "description": "An attribution method that redistributes Integrated Gradients attribution to segmented regions, taking advantage of the model's fully differentiable structure. Refer to this paper for more details: https://arxiv.org/abs/1906.02825 XRAI currently performs better on natural images, like a picture of a house or an animal. If the images are taken in artificial environments, like a lab or manufacturing line, or from diagnostic equipment, like x-rays or quality-control cameras, use Integrated Gradients instead." } }, "type": "object", "required": [ "examples", "integratedGradientsAttribution", "outputIndices", "sampledShapleyAttribution", "topK", "xraiAttribution" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ExplanationSpec": { "description": "Specification of Model explanation.", "properties": { "metadata": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ExplanationMetadata", "description": "Optional. Metadata describing the Model's input and output for explanation." }, "parameters": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ExplanationParameters", "description": "Parameters that configure explaining of the Model's predictions." } }, "type": "object", "required": [ "parameters" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ExplanationSpecResponse": { "description": "Specification of Model explanation.", "properties": { "metadata": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ExplanationMetadataResponse", "description": "Optional. Metadata describing the Model's input and output for explanation." }, "parameters": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ExplanationParametersResponse", "description": "Parameters that configure explaining of the Model's predictions." } }, "type": "object", "required": [ "metadata", "parameters" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureGroupBigQuery": { "description": "Input source type for BigQuery Tables and Views.", "properties": { "bigQuerySource": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1BigQuerySource", "description": "Immutable. The BigQuery source URI that points to either a BigQuery Table or View." }, "entityIdColumns": { "type": "array", "items": { "type": "string" }, "description": "Optional. Columns to construct entity_id / row keys. Currently only supports 1 entity_id_column. If not provided defaults to `entity_id`." } }, "type": "object", "required": [ "bigQuerySource" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureGroupBigQueryResponse": { "description": "Input source type for BigQuery Tables and Views.", "properties": { "bigQuerySource": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1BigQuerySourceResponse", "description": "Immutable. The BigQuery source URI that points to either a BigQuery Table or View." }, "entityIdColumns": { "type": "array", "items": { "type": "string" }, "description": "Optional. Columns to construct entity_id / row keys. Currently only supports 1 entity_id_column. If not provided defaults to `entity_id`." } }, "type": "object", "required": [ "bigQuerySource", "entityIdColumns" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureMonitoringStatsAnomalyResponse": { "description": "A list of historical SnapshotAnalysis or ImportFeaturesAnalysis stats requested by user, sorted by FeatureStatsAnomaly.start_time descending.", "properties": { "featureStatsAnomaly": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FeatureStatsAnomalyResponse", "description": "The stats and anomalies generated at specific timestamp." }, "objective": { "type": "string", "description": "The objective for each stats." } }, "type": "object", "required": [ "featureStatsAnomaly", "objective" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureNoiseSigma": { "description": "Noise sigma by features. Noise sigma represents the standard deviation of the gaussian kernel that will be used to add noise to interpolated inputs prior to computing gradients.", "properties": { "noiseSigma": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FeatureNoiseSigmaNoiseSigmaForFeature" }, "description": "Noise sigma per feature. No noise is added to features that are not set." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureNoiseSigmaNoiseSigmaForFeature": { "description": "Noise sigma for a single feature.", "properties": { "name": { "type": "string", "description": "The name of the input feature for which noise sigma is provided. The features are defined in explanation metadata inputs." }, "sigma": { "type": "number", "description": "This represents the standard deviation of the Gaussian kernel that will be used to add noise to the feature prior to computing gradients. Similar to noise_sigma but represents the noise added to the current feature. Defaults to 0.1." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureNoiseSigmaNoiseSigmaForFeatureResponse": { "description": "Noise sigma for a single feature.", "properties": { "name": { "type": "string", "description": "The name of the input feature for which noise sigma is provided. The features are defined in explanation metadata inputs." }, "sigma": { "type": "number", "description": "This represents the standard deviation of the Gaussian kernel that will be used to add noise to the feature prior to computing gradients. Similar to noise_sigma but represents the noise added to the current feature. Defaults to 0.1." } }, "type": "object", "required": [ "name", "sigma" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureNoiseSigmaResponse": { "description": "Noise sigma by features. Noise sigma represents the standard deviation of the gaussian kernel that will be used to add noise to interpolated inputs prior to computing gradients.", "properties": { "noiseSigma": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FeatureNoiseSigmaNoiseSigmaForFeatureResponse" }, "description": "Noise sigma per feature. No noise is added to features that are not set." } }, "type": "object", "required": [ "noiseSigma" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureOnlineStoreBigtable": { "properties": { "autoScaling": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FeatureOnlineStoreBigtableAutoScaling", "description": "Autoscaling config applied to Bigtable Instance." } }, "type": "object", "required": [ "autoScaling" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureOnlineStoreBigtableAutoScaling": { "properties": { "cpuUtilizationTarget": { "type": "integer", "description": "Optional. A percentage of the cluster's CPU capacity. Can be from 10% to 80%. When a cluster's CPU utilization exceeds the target that you have set, Bigtable immediately adds nodes to the cluster. When CPU utilization is substantially lower than the target, Bigtable removes nodes. If not set will default to 50%." }, "maxNodeCount": { "type": "integer", "description": "The maximum number of nodes to scale up to. Must be greater than or equal to min_node_count, and less than or equal to 10 times of 'min_node_count'." }, "minNodeCount": { "type": "integer", "description": "The minimum number of nodes to scale down to. Must be greater than or equal to 1." } }, "type": "object", "required": [ "maxNodeCount", "minNodeCount" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureOnlineStoreBigtableAutoScalingResponse": { "properties": { "cpuUtilizationTarget": { "type": "integer", "description": "Optional. A percentage of the cluster's CPU capacity. Can be from 10% to 80%. When a cluster's CPU utilization exceeds the target that you have set, Bigtable immediately adds nodes to the cluster. When CPU utilization is substantially lower than the target, Bigtable removes nodes. If not set will default to 50%." }, "maxNodeCount": { "type": "integer", "description": "The maximum number of nodes to scale up to. Must be greater than or equal to min_node_count, and less than or equal to 10 times of 'min_node_count'." }, "minNodeCount": { "type": "integer", "description": "The minimum number of nodes to scale down to. Must be greater than or equal to 1." } }, "type": "object", "required": [ "cpuUtilizationTarget", "maxNodeCount", "minNodeCount" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureOnlineStoreBigtableResponse": { "properties": { "autoScaling": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FeatureOnlineStoreBigtableAutoScalingResponse", "description": "Autoscaling config applied to Bigtable Instance." } }, "type": "object", "required": [ "autoScaling" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureOnlineStoreDedicatedServingEndpoint": { "description": "The dedicated serving endpoint for this FeatureOnlineStore. Only need to set when you choose Optimized storage type or enable EmbeddingManagement. Will use public endpoint by default.", "properties": { "privateServiceConnectConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1PrivateServiceConnectConfig", "description": "Optional. Private service connect config. If PrivateServiceConnectConfig.enable_private_service_connect set to true, customers will use private service connection to send request. Otherwise, the connection will set to public endpoint." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureOnlineStoreDedicatedServingEndpointResponse": { "description": "The dedicated serving endpoint for this FeatureOnlineStore. Only need to set when you choose Optimized storage type or enable EmbeddingManagement. Will use public endpoint by default.", "properties": { "privateServiceConnectConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1PrivateServiceConnectConfigResponse", "description": "Optional. Private service connect config. If PrivateServiceConnectConfig.enable_private_service_connect set to true, customers will use private service connection to send request. Otherwise, the connection will set to public endpoint." }, "publicEndpointDomainName": { "type": "string", "description": "This field will be populated with the domain name to use for this FeatureOnlineStore" }, "serviceAttachment": { "type": "string", "description": "The name of the service attachment resource. Populated if private service connect is enabled and after FeatureViewSync is created." } }, "type": "object", "required": [ "privateServiceConnectConfig", "publicEndpointDomainName", "serviceAttachment" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureOnlineStoreEmbeddingManagement": { "description": "Contains settings for embedding management.", "properties": { "enabled": { "type": "boolean", "description": "Optional. Immutable. Whether to enable embedding management in this FeatureOnlineStore. It's immutable after creation to ensure the FeatureOnlineStore availability." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureOnlineStoreEmbeddingManagementResponse": { "description": "Contains settings for embedding management.", "properties": { "enabled": { "type": "boolean", "description": "Optional. Immutable. Whether to enable embedding management in this FeatureOnlineStore. It's immutable after creation to ensure the FeatureOnlineStore availability." } }, "type": "object", "required": [ "enabled" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureOnlineStoreOptimized": { "description": "Optimized storage type", "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureOnlineStoreOptimizedResponse": { "description": "Optimized storage type", "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureStatsAnomaly": { "description": "Stats and Anomaly generated at specific timestamp for specific Feature. The start_time and end_time are used to define the time range of the dataset that current stats belongs to, e.g. prediction traffic is bucketed into prediction datasets by time window. If the Dataset is not defined by time window, start_time = end_time. Timestamp of the stats and anomalies always refers to end_time. Raw stats and anomalies are stored in stats_uri or anomaly_uri in the tensorflow defined protos. Field data_stats contains almost identical information with the raw stats in Vertex AI defined proto, for UI to display.", "properties": { "anomalyDetectionThreshold": { "type": "number", "description": "This is the threshold used when detecting anomalies. The threshold can be changed by user, so this one might be different from ThresholdConfig.value." }, "anomalyUri": { "type": "string", "description": "Path of the anomaly file for current feature values in Cloud Storage bucket. Format: gs:////anomalies. Example: gs://monitoring_bucket/feature_name/anomalies. Stats are stored as binary format with Protobuf message Anoamlies are stored as binary format with Protobuf message [tensorflow.metadata.v0.AnomalyInfo] (https://github.com/tensorflow/metadata/blob/master/tensorflow_metadata/proto/v0/anomalies.proto)." }, "distributionDeviation": { "type": "number", "description": "Deviation from the current stats to baseline stats. 1. For categorical feature, the distribution distance is calculated by L-inifinity norm. 2. For numerical feature, the distribution distance is calculated by Jensen–Shannon divergence." }, "endTime": { "type": "string", "description": "The end timestamp of window where stats were generated. For objectives where time window doesn't make sense (e.g. Featurestore Snapshot Monitoring), end_time indicates the timestamp of the data used to generate stats (e.g. timestamp we take snapshots for feature values)." }, "score": { "type": "number", "description": "Feature importance score, only populated when cross-feature monitoring is enabled. For now only used to represent feature attribution score within range [0, 1] for ModelDeploymentMonitoringObjectiveType.FEATURE_ATTRIBUTION_SKEW and ModelDeploymentMonitoringObjectiveType.FEATURE_ATTRIBUTION_DRIFT." }, "startTime": { "type": "string", "description": "The start timestamp of window where stats were generated. For objectives where time window doesn't make sense (e.g. Featurestore Snapshot Monitoring), start_time is only used to indicate the monitoring intervals, so it always equals to (end_time - monitoring_interval)." }, "statsUri": { "type": "string", "description": "Path of the stats file for current feature values in Cloud Storage bucket. Format: gs:////stats. Example: gs://monitoring_bucket/feature_name/stats. Stats are stored as binary format with Protobuf message [tensorflow.metadata.v0.FeatureNameStatistics](https://github.com/tensorflow/metadata/blob/master/tensorflow_metadata/proto/v0/statistics.proto)." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureStatsAnomalyResponse": { "description": "Stats and Anomaly generated at specific timestamp for specific Feature. The start_time and end_time are used to define the time range of the dataset that current stats belongs to, e.g. prediction traffic is bucketed into prediction datasets by time window. If the Dataset is not defined by time window, start_time = end_time. Timestamp of the stats and anomalies always refers to end_time. Raw stats and anomalies are stored in stats_uri or anomaly_uri in the tensorflow defined protos. Field data_stats contains almost identical information with the raw stats in Vertex AI defined proto, for UI to display.", "properties": { "anomalyDetectionThreshold": { "type": "number", "description": "This is the threshold used when detecting anomalies. The threshold can be changed by user, so this one might be different from ThresholdConfig.value." }, "anomalyUri": { "type": "string", "description": "Path of the anomaly file for current feature values in Cloud Storage bucket. Format: gs:////anomalies. Example: gs://monitoring_bucket/feature_name/anomalies. Stats are stored as binary format with Protobuf message Anoamlies are stored as binary format with Protobuf message [tensorflow.metadata.v0.AnomalyInfo] (https://github.com/tensorflow/metadata/blob/master/tensorflow_metadata/proto/v0/anomalies.proto)." }, "distributionDeviation": { "type": "number", "description": "Deviation from the current stats to baseline stats. 1. For categorical feature, the distribution distance is calculated by L-inifinity norm. 2. For numerical feature, the distribution distance is calculated by Jensen–Shannon divergence." }, "endTime": { "type": "string", "description": "The end timestamp of window where stats were generated. For objectives where time window doesn't make sense (e.g. Featurestore Snapshot Monitoring), end_time indicates the timestamp of the data used to generate stats (e.g. timestamp we take snapshots for feature values)." }, "score": { "type": "number", "description": "Feature importance score, only populated when cross-feature monitoring is enabled. For now only used to represent feature attribution score within range [0, 1] for ModelDeploymentMonitoringObjectiveType.FEATURE_ATTRIBUTION_SKEW and ModelDeploymentMonitoringObjectiveType.FEATURE_ATTRIBUTION_DRIFT." }, "startTime": { "type": "string", "description": "The start timestamp of window where stats were generated. For objectives where time window doesn't make sense (e.g. Featurestore Snapshot Monitoring), start_time is only used to indicate the monitoring intervals, so it always equals to (end_time - monitoring_interval)." }, "statsUri": { "type": "string", "description": "Path of the stats file for current feature values in Cloud Storage bucket. Format: gs:////stats. Example: gs://monitoring_bucket/feature_name/stats. Stats are stored as binary format with Protobuf message [tensorflow.metadata.v0.FeatureNameStatistics](https://github.com/tensorflow/metadata/blob/master/tensorflow_metadata/proto/v0/statistics.proto)." } }, "type": "object", "required": [ "anomalyDetectionThreshold", "anomalyUri", "distributionDeviation", "endTime", "score", "startTime", "statsUri" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureViewBigQuerySource": { "properties": { "entityIdColumns": { "type": "array", "items": { "type": "string" }, "description": "Columns to construct entity_id / row keys. Start by supporting 1 only." }, "uri": { "type": "string", "description": "The BigQuery view URI that will be materialized on each sync trigger based on FeatureView.SyncConfig." } }, "type": "object", "required": [ "entityIdColumns", "uri" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureViewBigQuerySourceResponse": { "properties": { "entityIdColumns": { "type": "array", "items": { "type": "string" }, "description": "Columns to construct entity_id / row keys. Start by supporting 1 only." }, "uri": { "type": "string", "description": "The BigQuery view URI that will be materialized on each sync trigger based on FeatureView.SyncConfig." } }, "type": "object", "required": [ "entityIdColumns", "uri" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureViewFeatureRegistrySource": { "description": "A Feature Registry source for features that need to be synced to Online Store.", "properties": { "featureGroups": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FeatureViewFeatureRegistrySourceFeatureGroup" }, "description": "List of features that need to be synced to Online Store." } }, "type": "object", "required": [ "featureGroups" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureViewFeatureRegistrySourceFeatureGroup": { "description": "Features belonging to a single feature group that will be synced to Online Store.", "properties": { "featureGroupId": { "type": "string", "description": "Identifier of the feature group." }, "featureIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of features under the feature group." } }, "type": "object", "required": [ "featureGroupId", "featureIds" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureViewFeatureRegistrySourceFeatureGroupResponse": { "description": "Features belonging to a single feature group that will be synced to Online Store.", "properties": { "featureGroupId": { "type": "string", "description": "Identifier of the feature group." }, "featureIds": { "type": "array", "items": { "type": "string" }, "description": "Identifiers of features under the feature group." } }, "type": "object", "required": [ "featureGroupId", "featureIds" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureViewFeatureRegistrySourceResponse": { "description": "A Feature Registry source for features that need to be synced to Online Store.", "properties": { "featureGroups": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FeatureViewFeatureRegistrySourceFeatureGroupResponse" }, "description": "List of features that need to be synced to Online Store." } }, "type": "object", "required": [ "featureGroups" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureViewSyncConfig": { "properties": { "cron": { "type": "string", "description": "Cron schedule (https://en.wikipedia.org/wiki/Cron) to launch scheduled runs. To explicitly set a timezone to the cron tab, apply a prefix in the cron tab: \"CRON_TZ=${IANA_TIME_ZONE}\" or \"TZ=${IANA_TIME_ZONE}\". The ${IANA_TIME_ZONE} may only be a valid string from IANA time zone database. For example, \"CRON_TZ=America/New_York 1 * * * *\", or \"TZ=America/New_York 1 * * * *\"." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureViewSyncConfigResponse": { "properties": { "cron": { "type": "string", "description": "Cron schedule (https://en.wikipedia.org/wiki/Cron) to launch scheduled runs. To explicitly set a timezone to the cron tab, apply a prefix in the cron tab: \"CRON_TZ=${IANA_TIME_ZONE}\" or \"TZ=${IANA_TIME_ZONE}\". The ${IANA_TIME_ZONE} may only be a valid string from IANA time zone database. For example, \"CRON_TZ=America/New_York 1 * * * *\", or \"TZ=America/New_York 1 * * * *\"." } }, "type": "object", "required": [ "cron" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureViewVectorSearchConfig": { "description": "Configuration for vector search.", "properties": { "bruteForceConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FeatureViewVectorSearchConfigBruteForceConfig", "description": "Optional. Configuration options for using brute force search, which simply implements the standard linear search in the database for each query. It is primarily meant for benchmarking and to generate the ground truth for approximate search." }, "crowdingColumn": { "type": "string", "description": "Optional. Column of crowding. This column contains crowding attribute which is a constraint on a neighbor list produced by nearest neighbor search requiring that no more than some value k' of the k neighbors returned have the same value of crowding_attribute." }, "distanceMeasureType": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FeatureViewVectorSearchConfigDistanceMeasureType", "description": "Optional. The distance measure used in nearest neighbor search." }, "embeddingColumn": { "type": "string", "description": "Optional. Column of embedding. This column contains the source data to create index for vector search. embedding_column must be set when using vector search." }, "embeddingDimension": { "type": "integer", "description": "Optional. The number of dimensions of the input embedding." }, "filterColumns": { "type": "array", "items": { "type": "string" }, "description": "Optional. Columns of features that're used to filter vector search results." }, "treeAhConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FeatureViewVectorSearchConfigTreeAHConfig", "description": "Optional. Configuration options for the tree-AH algorithm (Shallow tree + Asymmetric Hashing). Please refer to this paper for more details: https://arxiv.org/abs/1908.10396" } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureViewVectorSearchConfigBruteForceConfig": { "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureViewVectorSearchConfigBruteForceConfigResponse": { "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureViewVectorSearchConfigDistanceMeasureType": { "description": "Optional. The distance measure used in nearest neighbor search.", "type": "string", "enum": [ { "name": "DistanceMeasureTypeUnspecified", "description": "Should not be set.", "value": "DISTANCE_MEASURE_TYPE_UNSPECIFIED" }, { "name": "SquaredL2Distance", "description": "Euclidean (L_2) Distance.", "value": "SQUARED_L2_DISTANCE" }, { "name": "CosineDistance", "description": "Cosine Distance. Defined as 1 - cosine similarity. We strongly suggest using DOT_PRODUCT_DISTANCE + UNIT_L2_NORM instead of COSINE distance. Our algorithms have been more optimized for DOT_PRODUCT distance which, when combined with UNIT_L2_NORM, is mathematically equivalent to COSINE distance and results in the same ranking.", "value": "COSINE_DISTANCE" }, { "name": "DotProductDistance", "description": "Dot Product Distance. Defined as a negative of the dot product.", "value": "DOT_PRODUCT_DISTANCE" } ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureViewVectorSearchConfigResponse": { "description": "Configuration for vector search.", "properties": { "bruteForceConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FeatureViewVectorSearchConfigBruteForceConfigResponse", "description": "Optional. Configuration options for using brute force search, which simply implements the standard linear search in the database for each query. It is primarily meant for benchmarking and to generate the ground truth for approximate search." }, "crowdingColumn": { "type": "string", "description": "Optional. Column of crowding. This column contains crowding attribute which is a constraint on a neighbor list produced by nearest neighbor search requiring that no more than some value k' of the k neighbors returned have the same value of crowding_attribute." }, "distanceMeasureType": { "type": "string", "description": "Optional. The distance measure used in nearest neighbor search." }, "embeddingColumn": { "type": "string", "description": "Optional. Column of embedding. This column contains the source data to create index for vector search. embedding_column must be set when using vector search." }, "embeddingDimension": { "type": "integer", "description": "Optional. The number of dimensions of the input embedding." }, "filterColumns": { "type": "array", "items": { "type": "string" }, "description": "Optional. Columns of features that're used to filter vector search results." }, "treeAhConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FeatureViewVectorSearchConfigTreeAHConfigResponse", "description": "Optional. Configuration options for the tree-AH algorithm (Shallow tree + Asymmetric Hashing). Please refer to this paper for more details: https://arxiv.org/abs/1908.10396" } }, "type": "object", "required": [ "bruteForceConfig", "crowdingColumn", "distanceMeasureType", "embeddingColumn", "embeddingDimension", "filterColumns", "treeAhConfig" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureViewVectorSearchConfigTreeAHConfig": { "properties": { "leafNodeEmbeddingCount": { "type": "string", "description": "Optional. Number of embeddings on each leaf node. The default value is 1000 if not set." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeatureViewVectorSearchConfigTreeAHConfigResponse": { "properties": { "leafNodeEmbeddingCount": { "type": "string", "description": "Optional. Number of embeddings on each leaf node. The default value is 1000 if not set." } }, "type": "object", "required": [ "leafNodeEmbeddingCount" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeaturestoreMonitoringConfig": { "description": "Configuration of how features in Featurestore are monitored.", "properties": { "categoricalThresholdConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FeaturestoreMonitoringConfigThresholdConfig", "description": "Threshold for categorical features of anomaly detection. This is shared by all types of Featurestore Monitoring for categorical features (i.e. Features with type (Feature.ValueType) BOOL or STRING)." }, "importFeaturesAnalysis": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FeaturestoreMonitoringConfigImportFeaturesAnalysis", "description": "The config for ImportFeatures Analysis Based Feature Monitoring." }, "numericalThresholdConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FeaturestoreMonitoringConfigThresholdConfig", "description": "Threshold for numerical features of anomaly detection. This is shared by all objectives of Featurestore Monitoring for numerical features (i.e. Features with type (Feature.ValueType) DOUBLE or INT64)." }, "snapshotAnalysis": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FeaturestoreMonitoringConfigSnapshotAnalysis", "description": "The config for Snapshot Analysis Based Feature Monitoring." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeaturestoreMonitoringConfigImportFeaturesAnalysis": { "description": "Configuration of the Featurestore's ImportFeature Analysis Based Monitoring. This type of analysis generates statistics for values of each Feature imported by every ImportFeatureValues operation.", "properties": { "anomalyDetectionBaseline": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FeaturestoreMonitoringConfigImportFeaturesAnalysisAnomalyDetectionBaseline", "description": "The baseline used to do anomaly detection for the statistics generated by import features analysis." }, "state": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FeaturestoreMonitoringConfigImportFeaturesAnalysisState", "description": "Whether to enable / disable / inherite default hebavior for import features analysis." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeaturestoreMonitoringConfigImportFeaturesAnalysisAnomalyDetectionBaseline": { "description": "The baseline used to do anomaly detection for the statistics generated by import features analysis.", "type": "string", "enum": [ { "name": "BaselineUnspecified", "description": "Should not be used.", "value": "BASELINE_UNSPECIFIED" }, { "name": "LatestStats", "description": "Choose the later one statistics generated by either most recent snapshot analysis or previous import features analysis. If non of them exists, skip anomaly detection and only generate a statistics.", "value": "LATEST_STATS" }, { "name": "MostRecentSnapshotStats", "description": "Use the statistics generated by the most recent snapshot analysis if exists.", "value": "MOST_RECENT_SNAPSHOT_STATS" }, { "name": "PreviousImportFeaturesStats", "description": "Use the statistics generated by the previous import features analysis if exists.", "value": "PREVIOUS_IMPORT_FEATURES_STATS" } ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeaturestoreMonitoringConfigImportFeaturesAnalysisResponse": { "description": "Configuration of the Featurestore's ImportFeature Analysis Based Monitoring. This type of analysis generates statistics for values of each Feature imported by every ImportFeatureValues operation.", "properties": { "anomalyDetectionBaseline": { "type": "string", "description": "The baseline used to do anomaly detection for the statistics generated by import features analysis." }, "state": { "type": "string", "description": "Whether to enable / disable / inherite default hebavior for import features analysis." } }, "type": "object", "required": [ "anomalyDetectionBaseline", "state" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeaturestoreMonitoringConfigImportFeaturesAnalysisState": { "description": "Whether to enable / disable / inherite default hebavior for import features analysis.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "Should not be used.", "value": "STATE_UNSPECIFIED" }, { "name": "Default", "description": "The default behavior of whether to enable the monitoring. EntityType-level config: disabled. Feature-level config: inherited from the configuration of EntityType this Feature belongs to.", "value": "DEFAULT" }, { "name": "Enabled", "description": "Explicitly enables import features analysis. EntityType-level config: by default enables import features analysis for all Features under it. Feature-level config: enables import features analysis regardless of the EntityType-level config.", "value": "ENABLED" }, { "name": "Disabled", "description": "Explicitly disables import features analysis. EntityType-level config: by default disables import features analysis for all Features under it. Feature-level config: disables import features analysis regardless of the EntityType-level config.", "value": "DISABLED" } ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeaturestoreMonitoringConfigResponse": { "description": "Configuration of how features in Featurestore are monitored.", "properties": { "categoricalThresholdConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FeaturestoreMonitoringConfigThresholdConfigResponse", "description": "Threshold for categorical features of anomaly detection. This is shared by all types of Featurestore Monitoring for categorical features (i.e. Features with type (Feature.ValueType) BOOL or STRING)." }, "importFeaturesAnalysis": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FeaturestoreMonitoringConfigImportFeaturesAnalysisResponse", "description": "The config for ImportFeatures Analysis Based Feature Monitoring." }, "numericalThresholdConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FeaturestoreMonitoringConfigThresholdConfigResponse", "description": "Threshold for numerical features of anomaly detection. This is shared by all objectives of Featurestore Monitoring for numerical features (i.e. Features with type (Feature.ValueType) DOUBLE or INT64)." }, "snapshotAnalysis": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FeaturestoreMonitoringConfigSnapshotAnalysisResponse", "description": "The config for Snapshot Analysis Based Feature Monitoring." } }, "type": "object", "required": [ "categoricalThresholdConfig", "importFeaturesAnalysis", "numericalThresholdConfig", "snapshotAnalysis" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeaturestoreMonitoringConfigSnapshotAnalysis": { "description": "Configuration of the Featurestore's Snapshot Analysis Based Monitoring. This type of analysis generates statistics for each Feature based on a snapshot of the latest feature value of each entities every monitoring_interval.", "properties": { "disabled": { "type": "boolean", "description": "The monitoring schedule for snapshot analysis. For EntityType-level config: unset / disabled = true indicates disabled by default for Features under it; otherwise by default enable snapshot analysis monitoring with monitoring_interval for Features under it. Feature-level config: disabled = true indicates disabled regardless of the EntityType-level config; unset monitoring_interval indicates going with EntityType-level config; otherwise run snapshot analysis monitoring with monitoring_interval regardless of the EntityType-level config. Explicitly Disable the snapshot analysis based monitoring." }, "monitoringInterval": { "type": "string", "description": "Configuration of the snapshot analysis based monitoring pipeline running interval. The value is rolled up to full day. If both monitoring_interval_days and the deprecated `monitoring_interval` field are set when creating/updating EntityTypes/Features, monitoring_interval_days will be used." }, "monitoringIntervalDays": { "type": "integer", "description": "Configuration of the snapshot analysis based monitoring pipeline running interval. The value indicates number of days." }, "stalenessDays": { "type": "integer", "description": "Customized export features time window for snapshot analysis. Unit is one day. Default value is 3 weeks. Minimum value is 1 day. Maximum value is 4000 days." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeaturestoreMonitoringConfigSnapshotAnalysisResponse": { "description": "Configuration of the Featurestore's Snapshot Analysis Based Monitoring. This type of analysis generates statistics for each Feature based on a snapshot of the latest feature value of each entities every monitoring_interval.", "properties": { "disabled": { "type": "boolean", "description": "The monitoring schedule for snapshot analysis. For EntityType-level config: unset / disabled = true indicates disabled by default for Features under it; otherwise by default enable snapshot analysis monitoring with monitoring_interval for Features under it. Feature-level config: disabled = true indicates disabled regardless of the EntityType-level config; unset monitoring_interval indicates going with EntityType-level config; otherwise run snapshot analysis monitoring with monitoring_interval regardless of the EntityType-level config. Explicitly Disable the snapshot analysis based monitoring." }, "monitoringInterval": { "type": "string", "description": "Configuration of the snapshot analysis based monitoring pipeline running interval. The value is rolled up to full day. If both monitoring_interval_days and the deprecated `monitoring_interval` field are set when creating/updating EntityTypes/Features, monitoring_interval_days will be used." }, "monitoringIntervalDays": { "type": "integer", "description": "Configuration of the snapshot analysis based monitoring pipeline running interval. The value indicates number of days." }, "stalenessDays": { "type": "integer", "description": "Customized export features time window for snapshot analysis. Unit is one day. Default value is 3 weeks. Minimum value is 1 day. Maximum value is 4000 days." } }, "type": "object", "required": [ "disabled", "monitoringInterval", "monitoringIntervalDays", "stalenessDays" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeaturestoreMonitoringConfigThresholdConfig": { "description": "The config for Featurestore Monitoring threshold.", "properties": { "value": { "type": "number", "description": "Specify a threshold value that can trigger the alert. 1. For categorical feature, the distribution distance is calculated by L-inifinity norm. 2. For numerical feature, the distribution distance is calculated by Jensen–Shannon divergence. Each feature must have a non-zero threshold if they need to be monitored. Otherwise no alert will be triggered for that feature." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeaturestoreMonitoringConfigThresholdConfigResponse": { "description": "The config for Featurestore Monitoring threshold.", "properties": { "value": { "type": "number", "description": "Specify a threshold value that can trigger the alert. 1. For categorical feature, the distribution distance is calculated by L-inifinity norm. 2. For numerical feature, the distribution distance is calculated by Jensen–Shannon divergence. Each feature must have a non-zero threshold if they need to be monitored. Otherwise no alert will be triggered for that feature." } }, "type": "object", "required": [ "value" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeaturestoreOnlineServingConfig": { "description": "OnlineServingConfig specifies the details for provisioning online serving resources.", "properties": { "fixedNodeCount": { "type": "integer", "description": "The number of nodes for the online store. The number of nodes doesn't scale automatically, but you can manually update the number of nodes. If set to 0, the featurestore will not have an online store and cannot be used for online serving." }, "scaling": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FeaturestoreOnlineServingConfigScaling", "description": "Online serving scaling configuration. Only one of `fixed_node_count` and `scaling` can be set. Setting one will reset the other." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeaturestoreOnlineServingConfigResponse": { "description": "OnlineServingConfig specifies the details for provisioning online serving resources.", "properties": { "fixedNodeCount": { "type": "integer", "description": "The number of nodes for the online store. The number of nodes doesn't scale automatically, but you can manually update the number of nodes. If set to 0, the featurestore will not have an online store and cannot be used for online serving." }, "scaling": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FeaturestoreOnlineServingConfigScalingResponse", "description": "Online serving scaling configuration. Only one of `fixed_node_count` and `scaling` can be set. Setting one will reset the other." } }, "type": "object", "required": [ "fixedNodeCount", "scaling" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeaturestoreOnlineServingConfigScaling": { "description": "Online serving scaling configuration. If min_node_count and max_node_count are set to the same value, the cluster will be configured with the fixed number of node (no auto-scaling).", "properties": { "cpuUtilizationTarget": { "type": "integer", "description": "Optional. The cpu utilization that the Autoscaler should be trying to achieve. This number is on a scale from 0 (no utilization) to 100 (total utilization), and is limited between 10 and 80. When a cluster's CPU utilization exceeds the target that you have set, Bigtable immediately adds nodes to the cluster. When CPU utilization is substantially lower than the target, Bigtable removes nodes. If not set or set to 0, default to 50." }, "maxNodeCount": { "type": "integer", "description": "The maximum number of nodes to scale up to. Must be greater than min_node_count, and less than or equal to 10 times of 'min_node_count'." }, "minNodeCount": { "type": "integer", "description": "The minimum number of nodes to scale down to. Must be greater than or equal to 1." } }, "type": "object", "required": [ "minNodeCount" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FeaturestoreOnlineServingConfigScalingResponse": { "description": "Online serving scaling configuration. If min_node_count and max_node_count are set to the same value, the cluster will be configured with the fixed number of node (no auto-scaling).", "properties": { "cpuUtilizationTarget": { "type": "integer", "description": "Optional. The cpu utilization that the Autoscaler should be trying to achieve. This number is on a scale from 0 (no utilization) to 100 (total utilization), and is limited between 10 and 80. When a cluster's CPU utilization exceeds the target that you have set, Bigtable immediately adds nodes to the cluster. When CPU utilization is substantially lower than the target, Bigtable removes nodes. If not set or set to 0, default to 50." }, "maxNodeCount": { "type": "integer", "description": "The maximum number of nodes to scale up to. Must be greater than min_node_count, and less than or equal to 10 times of 'min_node_count'." }, "minNodeCount": { "type": "integer", "description": "The minimum number of nodes to scale down to. Must be greater than or equal to 1." } }, "type": "object", "required": [ "cpuUtilizationTarget", "maxNodeCount", "minNodeCount" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FilterSplit": { "description": "Assigns input data to training, validation, and test sets based on the given filters, data pieces not matched by any filter are ignored. Currently only supported for Datasets containing DataItems. If any of the filters in this message are to match nothing, then they can be set as '-' (the minus sign). Supported only for unstructured Datasets. ", "properties": { "testFilter": { "type": "string", "description": "A filter on DataItems of the Dataset. DataItems that match this filter are used to test the Model. A filter with same syntax as the one used in DatasetService.ListDataItems may be used. If a single DataItem is matched by more than one of the FilterSplit filters, then it is assigned to the first set that applies to it in the training, validation, test order." }, "trainingFilter": { "type": "string", "description": "A filter on DataItems of the Dataset. DataItems that match this filter are used to train the Model. A filter with same syntax as the one used in DatasetService.ListDataItems may be used. If a single DataItem is matched by more than one of the FilterSplit filters, then it is assigned to the first set that applies to it in the training, validation, test order." }, "validationFilter": { "type": "string", "description": "A filter on DataItems of the Dataset. DataItems that match this filter are used to validate the Model. A filter with same syntax as the one used in DatasetService.ListDataItems may be used. If a single DataItem is matched by more than one of the FilterSplit filters, then it is assigned to the first set that applies to it in the training, validation, test order." } }, "type": "object", "required": [ "testFilter", "trainingFilter", "validationFilter" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FilterSplitResponse": { "description": "Assigns input data to training, validation, and test sets based on the given filters, data pieces not matched by any filter are ignored. Currently only supported for Datasets containing DataItems. If any of the filters in this message are to match nothing, then they can be set as '-' (the minus sign). Supported only for unstructured Datasets. ", "properties": { "testFilter": { "type": "string", "description": "A filter on DataItems of the Dataset. DataItems that match this filter are used to test the Model. A filter with same syntax as the one used in DatasetService.ListDataItems may be used. If a single DataItem is matched by more than one of the FilterSplit filters, then it is assigned to the first set that applies to it in the training, validation, test order." }, "trainingFilter": { "type": "string", "description": "A filter on DataItems of the Dataset. DataItems that match this filter are used to train the Model. A filter with same syntax as the one used in DatasetService.ListDataItems may be used. If a single DataItem is matched by more than one of the FilterSplit filters, then it is assigned to the first set that applies to it in the training, validation, test order." }, "validationFilter": { "type": "string", "description": "A filter on DataItems of the Dataset. DataItems that match this filter are used to validate the Model. A filter with same syntax as the one used in DatasetService.ListDataItems may be used. If a single DataItem is matched by more than one of the FilterSplit filters, then it is assigned to the first set that applies to it in the training, validation, test order." } }, "type": "object", "required": [ "testFilter", "trainingFilter", "validationFilter" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FractionSplit": { "description": "Assigns the input data to training, validation, and test sets as per the given fractions. Any of `training_fraction`, `validation_fraction` and `test_fraction` may optionally be provided, they must sum to up to 1. If the provided ones sum to less than 1, the remainder is assigned to sets as decided by Vertex AI. If none of the fractions are set, by default roughly 80% of data is used for training, 10% for validation, and 10% for test.", "properties": { "testFraction": { "type": "number", "description": "The fraction of the input data that is to be used to evaluate the Model." }, "trainingFraction": { "type": "number", "description": "The fraction of the input data that is to be used to train the Model." }, "validationFraction": { "type": "number", "description": "The fraction of the input data that is to be used to validate the Model." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1FractionSplitResponse": { "description": "Assigns the input data to training, validation, and test sets as per the given fractions. Any of `training_fraction`, `validation_fraction` and `test_fraction` may optionally be provided, they must sum to up to 1. If the provided ones sum to less than 1, the remainder is assigned to sets as decided by Vertex AI. If none of the fractions are set, by default roughly 80% of data is used for training, 10% for validation, and 10% for test.", "properties": { "testFraction": { "type": "number", "description": "The fraction of the input data that is to be used to evaluate the Model." }, "trainingFraction": { "type": "number", "description": "The fraction of the input data that is to be used to train the Model." }, "validationFraction": { "type": "number", "description": "The fraction of the input data that is to be used to validate the Model." } }, "type": "object", "required": [ "testFraction", "trainingFraction", "validationFraction" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1GcsDestination": { "description": "The Google Cloud Storage location where the output is to be written to.", "properties": { "outputUriPrefix": { "type": "string", "description": "Google Cloud Storage URI to output directory. If the uri doesn't end with '/', a '/' will be automatically appended. The directory is created if it doesn't exist." } }, "type": "object", "required": [ "outputUriPrefix" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1GcsDestinationResponse": { "description": "The Google Cloud Storage location where the output is to be written to.", "properties": { "outputUriPrefix": { "type": "string", "description": "Google Cloud Storage URI to output directory. If the uri doesn't end with '/', a '/' will be automatically appended. The directory is created if it doesn't exist." } }, "type": "object", "required": [ "outputUriPrefix" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1GcsSource": { "description": "The Google Cloud Storage location for the input content.", "properties": { "uris": { "type": "array", "items": { "type": "string" }, "description": "Google Cloud Storage URI(-s) to the input file(s). May contain wildcards. For more information on wildcards, see https://cloud.google.com/storage/docs/gsutil/addlhelp/WildcardNames." } }, "type": "object", "required": [ "uris" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1GcsSourceResponse": { "description": "The Google Cloud Storage location for the input content.", "properties": { "uris": { "type": "array", "items": { "type": "string" }, "description": "Google Cloud Storage URI(-s) to the input file(s). May contain wildcards. For more information on wildcards, see https://cloud.google.com/storage/docs/gsutil/addlhelp/WildcardNames." } }, "type": "object", "required": [ "uris" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1IndexPrivateEndpointsResponse": { "description": "IndexPrivateEndpoints proto is used to provide paths for users to send requests via private endpoints (e.g. private service access, private service connect). To send request via private service access, use match_grpc_address. To send request via private service connect, use service_attachment.", "properties": { "matchGrpcAddress": { "type": "string", "description": "The ip address used to send match gRPC requests." }, "serviceAttachment": { "type": "string", "description": "The name of the service attachment resource. Populated if private service connect is enabled." } }, "type": "object", "required": [ "matchGrpcAddress", "serviceAttachment" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1IndexStatsResponse": { "description": "Stats of the Index.", "properties": { "shardsCount": { "type": "integer", "description": "The number of shards in the Index." }, "vectorsCount": { "type": "string", "description": "The number of vectors in the Index." } }, "type": "object", "required": [ "shardsCount", "vectorsCount" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1InputDataConfig": { "description": "Specifies Vertex AI owned input data to be used for training, and possibly evaluating, the Model.", "properties": { "annotationSchemaUri": { "type": "string", "description": "Applicable only to custom training with Datasets that have DataItems and Annotations. Cloud Storage URI that points to a YAML file describing the annotation schema. The schema is defined as an OpenAPI 3.0.2 [Schema Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). The schema files that can be used here are found in gs://google-cloud-aiplatform/schema/dataset/annotation/ , note that the chosen schema must be consistent with metadata of the Dataset specified by dataset_id. Only Annotations that both match this schema and belong to DataItems not ignored by the split method are used in respectively training, validation or test role, depending on the role of the DataItem they are on. When used in conjunction with annotations_filter, the Annotations used for training are filtered by both annotations_filter and annotation_schema_uri." }, "annotationsFilter": { "type": "string", "description": "Applicable only to Datasets that have DataItems and Annotations. A filter on Annotations of the Dataset. Only Annotations that both match this filter and belong to DataItems not ignored by the split method are used in respectively training, validation or test role, depending on the role of the DataItem they are on (for the auto-assigned that role is decided by Vertex AI). A filter with same syntax as the one used in ListAnnotations may be used, but note here it filters across all Annotations of the Dataset, and not just within a single DataItem." }, "bigqueryDestination": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1BigQueryDestination", "description": "Only applicable to custom training with tabular Dataset with BigQuery source. The BigQuery project location where the training data is to be written to. In the given project a new dataset is created with name `dataset___` where timestamp is in YYYY_MM_DDThh_mm_ss_sssZ format. All training input data is written into that dataset. In the dataset three tables are created, `training`, `validation` and `test`. * AIP_DATA_FORMAT = \"bigquery\". * AIP_TRAINING_DATA_URI = \"bigquery_destination.dataset___.training\" * AIP_VALIDATION_DATA_URI = \"bigquery_destination.dataset___.validation\" * AIP_TEST_DATA_URI = \"bigquery_destination.dataset___.test\"" }, "datasetId": { "type": "string", "description": "The ID of the Dataset in the same Project and Location which data will be used to train the Model. The Dataset must use schema compatible with Model being trained, and what is compatible should be described in the used TrainingPipeline's training_task_definition. For tabular Datasets, all their data is exported to training, to pick and choose from." }, "filterSplit": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FilterSplit", "description": "Split based on the provided filters for each set." }, "fractionSplit": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FractionSplit", "description": "Split based on fractions defining the size of each set." }, "gcsDestination": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1GcsDestination", "description": "The Cloud Storage location where the training data is to be written to. In the given directory a new directory is created with name: `dataset---` where timestamp is in YYYY-MM-DDThh:mm:ss.sssZ ISO-8601 format. All training input data is written into that directory. The Vertex AI environment variables representing Cloud Storage data URIs are represented in the Cloud Storage wildcard format to support sharded data. e.g.: \"gs://.../training-*.jsonl\" * AIP_DATA_FORMAT = \"jsonl\" for non-tabular data, \"csv\" for tabular data * AIP_TRAINING_DATA_URI = \"gcs_destination/dataset---/training-*.${AIP_DATA_FORMAT}\" * AIP_VALIDATION_DATA_URI = \"gcs_destination/dataset---/validation-*.${AIP_DATA_FORMAT}\" * AIP_TEST_DATA_URI = \"gcs_destination/dataset---/test-*.${AIP_DATA_FORMAT}\"" }, "persistMlUseAssignment": { "type": "boolean", "description": "Whether to persist the ML use assignment to data item system labels." }, "predefinedSplit": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1PredefinedSplit", "description": "Supported only for tabular Datasets. Split based on a predefined key." }, "savedQueryId": { "type": "string", "description": "Only applicable to Datasets that have SavedQueries. The ID of a SavedQuery (annotation set) under the Dataset specified by dataset_id used for filtering Annotations for training. Only Annotations that are associated with this SavedQuery are used in respectively training. When used in conjunction with annotations_filter, the Annotations used for training are filtered by both saved_query_id and annotations_filter. Only one of saved_query_id and annotation_schema_uri should be specified as both of them represent the same thing: problem type." }, "stratifiedSplit": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StratifiedSplit", "description": "Supported only for tabular Datasets. Split based on the distribution of the specified column." }, "timestampSplit": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1TimestampSplit", "description": "Supported only for tabular Datasets. Split based on the timestamp of the input data pieces." } }, "type": "object", "required": [ "datasetId" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1InputDataConfigResponse": { "description": "Specifies Vertex AI owned input data to be used for training, and possibly evaluating, the Model.", "properties": { "annotationSchemaUri": { "type": "string", "description": "Applicable only to custom training with Datasets that have DataItems and Annotations. Cloud Storage URI that points to a YAML file describing the annotation schema. The schema is defined as an OpenAPI 3.0.2 [Schema Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). The schema files that can be used here are found in gs://google-cloud-aiplatform/schema/dataset/annotation/ , note that the chosen schema must be consistent with metadata of the Dataset specified by dataset_id. Only Annotations that both match this schema and belong to DataItems not ignored by the split method are used in respectively training, validation or test role, depending on the role of the DataItem they are on. When used in conjunction with annotations_filter, the Annotations used for training are filtered by both annotations_filter and annotation_schema_uri." }, "annotationsFilter": { "type": "string", "description": "Applicable only to Datasets that have DataItems and Annotations. A filter on Annotations of the Dataset. Only Annotations that both match this filter and belong to DataItems not ignored by the split method are used in respectively training, validation or test role, depending on the role of the DataItem they are on (for the auto-assigned that role is decided by Vertex AI). A filter with same syntax as the one used in ListAnnotations may be used, but note here it filters across all Annotations of the Dataset, and not just within a single DataItem." }, "bigqueryDestination": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1BigQueryDestinationResponse", "description": "Only applicable to custom training with tabular Dataset with BigQuery source. The BigQuery project location where the training data is to be written to. In the given project a new dataset is created with name `dataset___` where timestamp is in YYYY_MM_DDThh_mm_ss_sssZ format. All training input data is written into that dataset. In the dataset three tables are created, `training`, `validation` and `test`. * AIP_DATA_FORMAT = \"bigquery\". * AIP_TRAINING_DATA_URI = \"bigquery_destination.dataset___.training\" * AIP_VALIDATION_DATA_URI = \"bigquery_destination.dataset___.validation\" * AIP_TEST_DATA_URI = \"bigquery_destination.dataset___.test\"" }, "datasetId": { "type": "string", "description": "The ID of the Dataset in the same Project and Location which data will be used to train the Model. The Dataset must use schema compatible with Model being trained, and what is compatible should be described in the used TrainingPipeline's training_task_definition. For tabular Datasets, all their data is exported to training, to pick and choose from." }, "filterSplit": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FilterSplitResponse", "description": "Split based on the provided filters for each set." }, "fractionSplit": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FractionSplitResponse", "description": "Split based on fractions defining the size of each set." }, "gcsDestination": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1GcsDestinationResponse", "description": "The Cloud Storage location where the training data is to be written to. In the given directory a new directory is created with name: `dataset---` where timestamp is in YYYY-MM-DDThh:mm:ss.sssZ ISO-8601 format. All training input data is written into that directory. The Vertex AI environment variables representing Cloud Storage data URIs are represented in the Cloud Storage wildcard format to support sharded data. e.g.: \"gs://.../training-*.jsonl\" * AIP_DATA_FORMAT = \"jsonl\" for non-tabular data, \"csv\" for tabular data * AIP_TRAINING_DATA_URI = \"gcs_destination/dataset---/training-*.${AIP_DATA_FORMAT}\" * AIP_VALIDATION_DATA_URI = \"gcs_destination/dataset---/validation-*.${AIP_DATA_FORMAT}\" * AIP_TEST_DATA_URI = \"gcs_destination/dataset---/test-*.${AIP_DATA_FORMAT}\"" }, "persistMlUseAssignment": { "type": "boolean", "description": "Whether to persist the ML use assignment to data item system labels." }, "predefinedSplit": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1PredefinedSplitResponse", "description": "Supported only for tabular Datasets. Split based on a predefined key." }, "savedQueryId": { "type": "string", "description": "Only applicable to Datasets that have SavedQueries. The ID of a SavedQuery (annotation set) under the Dataset specified by dataset_id used for filtering Annotations for training. Only Annotations that are associated with this SavedQuery are used in respectively training. When used in conjunction with annotations_filter, the Annotations used for training are filtered by both saved_query_id and annotations_filter. Only one of saved_query_id and annotation_schema_uri should be specified as both of them represent the same thing: problem type." }, "stratifiedSplit": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StratifiedSplitResponse", "description": "Supported only for tabular Datasets. Split based on the distribution of the specified column." }, "timestampSplit": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1TimestampSplitResponse", "description": "Supported only for tabular Datasets. Split based on the timestamp of the input data pieces." } }, "type": "object", "required": [ "annotationSchemaUri", "annotationsFilter", "bigqueryDestination", "datasetId", "filterSplit", "fractionSplit", "gcsDestination", "persistMlUseAssignment", "predefinedSplit", "savedQueryId", "stratifiedSplit", "timestampSplit" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1IntegratedGradientsAttribution": { "description": "An attribution method that computes the Aumann-Shapley value taking advantage of the model's fully differentiable structure. Refer to this paper for more details: https://arxiv.org/abs/1703.01365", "properties": { "blurBaselineConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1BlurBaselineConfig", "description": "Config for IG with blur baseline. When enabled, a linear path from the maximally blurred image to the input image is created. Using a blurred baseline instead of zero (black image) is motivated by the BlurIG approach explained here: https://arxiv.org/abs/2004.03383" }, "smoothGradConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1SmoothGradConfig", "description": "Config for SmoothGrad approximation of gradients. When enabled, the gradients are approximated by averaging the gradients from noisy samples in the vicinity of the inputs. Adding noise can help improve the computed gradients. Refer to this paper for more details: https://arxiv.org/pdf/1706.03825.pdf" }, "stepCount": { "type": "integer", "description": "The number of steps for approximating the path integral. A good value to start is 50 and gradually increase until the sum to diff property is within the desired error range. Valid range of its value is [1, 100], inclusively." } }, "type": "object", "required": [ "stepCount" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1IntegratedGradientsAttributionResponse": { "description": "An attribution method that computes the Aumann-Shapley value taking advantage of the model's fully differentiable structure. Refer to this paper for more details: https://arxiv.org/abs/1703.01365", "properties": { "blurBaselineConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1BlurBaselineConfigResponse", "description": "Config for IG with blur baseline. When enabled, a linear path from the maximally blurred image to the input image is created. Using a blurred baseline instead of zero (black image) is motivated by the BlurIG approach explained here: https://arxiv.org/abs/2004.03383" }, "smoothGradConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1SmoothGradConfigResponse", "description": "Config for SmoothGrad approximation of gradients. When enabled, the gradients are approximated by averaging the gradients from noisy samples in the vicinity of the inputs. Adding noise can help improve the computed gradients. Refer to this paper for more details: https://arxiv.org/pdf/1706.03825.pdf" }, "stepCount": { "type": "integer", "description": "The number of steps for approximating the path integral. A good value to start is 50 and gradually increase until the sum to diff property is within the desired error range. Valid range of its value is [1, 100], inclusively." } }, "type": "object", "required": [ "blurBaselineConfig", "smoothGradConfig", "stepCount" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1MachineSpec": { "description": "Specification of a single machine.", "properties": { "acceleratorCount": { "type": "integer", "description": "The number of accelerators to attach to the machine." }, "acceleratorType": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1MachineSpecAcceleratorType", "description": "Immutable. The type of accelerator(s) that may be attached to the machine as per accelerator_count." }, "machineType": { "type": "string", "description": "Immutable. The type of the machine. See the [list of machine types supported for prediction](https://cloud.google.com/vertex-ai/docs/predictions/configure-compute#machine-types) See the [list of machine types supported for custom training](https://cloud.google.com/vertex-ai/docs/training/configure-compute#machine-types). For DeployedModel this field is optional, and the default value is `n1-standard-2`. For BatchPredictionJob or as part of WorkerPoolSpec this field is required." }, "tpuTopology": { "type": "string", "description": "Immutable. The topology of the TPUs. Corresponds to the TPU topologies available from GKE. (Example: tpu_topology: \"2x2x1\")." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1MachineSpecAcceleratorType": { "description": "Immutable. The type of accelerator(s) that may be attached to the machine as per accelerator_count.", "type": "string", "enum": [ { "name": "AcceleratorTypeUnspecified", "description": "Unspecified accelerator type, which means no accelerator.", "value": "ACCELERATOR_TYPE_UNSPECIFIED" }, { "name": "NvidiaTeslaK80", "description": "Nvidia Tesla K80 GPU.", "value": "NVIDIA_TESLA_K80" }, { "name": "NvidiaTeslaP100", "description": "Nvidia Tesla P100 GPU.", "value": "NVIDIA_TESLA_P100" }, { "name": "NvidiaTeslaV100", "description": "Nvidia Tesla V100 GPU.", "value": "NVIDIA_TESLA_V100" }, { "name": "NvidiaTeslaP4", "description": "Nvidia Tesla P4 GPU.", "value": "NVIDIA_TESLA_P4" }, { "name": "NvidiaTeslaT4", "description": "Nvidia Tesla T4 GPU.", "value": "NVIDIA_TESLA_T4" }, { "name": "NvidiaTeslaA100", "description": "Nvidia Tesla A100 GPU.", "value": "NVIDIA_TESLA_A100" }, { "name": "NvidiaA10080gb", "description": "Nvidia A100 80GB GPU.", "value": "NVIDIA_A100_80GB" }, { "name": "NvidiaL4", "description": "Nvidia L4 GPU.", "value": "NVIDIA_L4" }, { "name": "NvidiaH10080gb", "description": "Nvidia H100 80Gb GPU.", "value": "NVIDIA_H100_80GB" }, { "name": "TpuV2", "description": "TPU v2.", "value": "TPU_V2" }, { "name": "TpuV3", "description": "TPU v3.", "value": "TPU_V3" }, { "name": "TpuV4Pod", "description": "TPU v4.", "value": "TPU_V4_POD" }, { "name": "TpuV5Litepod", "description": "TPU v5.", "value": "TPU_V5_LITEPOD" } ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1MachineSpecResponse": { "description": "Specification of a single machine.", "properties": { "acceleratorCount": { "type": "integer", "description": "The number of accelerators to attach to the machine." }, "acceleratorType": { "type": "string", "description": "Immutable. The type of accelerator(s) that may be attached to the machine as per accelerator_count." }, "machineType": { "type": "string", "description": "Immutable. The type of the machine. See the [list of machine types supported for prediction](https://cloud.google.com/vertex-ai/docs/predictions/configure-compute#machine-types) See the [list of machine types supported for custom training](https://cloud.google.com/vertex-ai/docs/training/configure-compute#machine-types). For DeployedModel this field is optional, and the default value is `n1-standard-2`. For BatchPredictionJob or as part of WorkerPoolSpec this field is required." }, "tpuTopology": { "type": "string", "description": "Immutable. The topology of the TPUs. Corresponds to the TPU topologies available from GKE. (Example: tpu_topology: \"2x2x1\")." } }, "type": "object", "required": [ "acceleratorCount", "acceleratorType", "machineType", "tpuTopology" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ManualBatchTuningParameters": { "description": "Manual batch tuning parameters.", "properties": { "batchSize": { "type": "integer", "description": "Immutable. The number of the records (e.g. instances) of the operation given in each batch to a machine replica. Machine type, and size of a single record should be considered when setting this parameter, higher value speeds up the batch operation's execution, but too high value will result in a whole batch not fitting in a machine's memory, and the whole operation will fail. The default value is 64." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ManualBatchTuningParametersResponse": { "description": "Manual batch tuning parameters.", "properties": { "batchSize": { "type": "integer", "description": "Immutable. The number of the records (e.g. instances) of the operation given in each batch to a machine replica. Machine type, and size of a single record should be considered when setting this parameter, higher value speeds up the batch operation's execution, but too high value will result in a whole batch not fitting in a machine's memory, and the whole operation will fail. The default value is 64." } }, "type": "object", "required": [ "batchSize" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1MeasurementMetricResponse": { "description": "A message representing a metric in the measurement.", "properties": { "metricId": { "type": "string", "description": "The ID of the Metric. The Metric should be defined in StudySpec's Metrics." }, "value": { "type": "number", "description": "The value for this metric." } }, "type": "object", "required": [ "metricId", "value" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1MeasurementResponse": { "description": "A message representing a Measurement of a Trial. A Measurement contains the Metrics got by executing a Trial using suggested hyperparameter values.", "properties": { "elapsedDuration": { "type": "string", "description": "Time that the Trial has been running at the point of this Measurement." }, "metrics": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1MeasurementMetricResponse" }, "description": "A list of metrics got by evaluating the objective functions using suggested Parameter values." }, "stepCount": { "type": "string", "description": "The number of steps the machine learning model has been trained for. Must be non-negative." } }, "type": "object", "required": [ "elapsedDuration", "metrics", "stepCount" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1MetadataStoreMetadataStoreStateResponse": { "description": "Represents state information for a MetadataStore.", "properties": { "diskUtilizationBytes": { "type": "string", "description": "The disk utilization of the MetadataStore in bytes." } }, "type": "object", "required": [ "diskUtilizationBytes" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1Model": { "description": "A trained machine learning Model.", "properties": { "artifactUri": { "type": "string", "description": "Immutable. The path to the directory containing the Model artifact and any of its supporting files. Not present for AutoML Models or Large Models." }, "containerSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ModelContainerSpec", "description": "Input only. The specification of the container that is to be used when deploying this Model. The specification is ingested upon ModelService.UploadModel, and all binaries it contains are copied and stored internally by Vertex AI. Not present for AutoML Models or Large Models." }, "description": { "type": "string", "description": "The description of the Model." }, "displayName": { "type": "string", "description": "The display name of the Model. The name can be up to 128 characters long and can consist of any UTF-8 characters." }, "encryptionSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1EncryptionSpec", "description": "Customer-managed encryption key spec for a Model. If set, this Model and all sub-resources of this Model will be secured by this key." }, "etag": { "type": "string", "description": "Used to perform consistent read-modify-write updates. If not set, a blind \"overwrite\" update happens." }, "explanationSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ExplanationSpec", "description": "The default explanation specification for this Model. The Model can be used for requesting explanation after being deployed if it is populated. The Model can be used for batch explanation if it is populated. All fields of the explanation_spec can be overridden by explanation_spec of DeployModelRequest.deployed_model, or explanation_spec of BatchPredictionJob. If the default explanation specification is not set for this Model, this Model can still be used for requesting explanation by setting explanation_spec of DeployModelRequest.deployed_model and for batch explanation by setting explanation_spec of BatchPredictionJob." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The labels with user-defined metadata to organize your Models. Label keys and values can be no longer than 64 characters (Unicode codepoints), can only contain lowercase letters, numeric characters, underscores and dashes. International characters are allowed. See https://goo.gl/xmQnxf for more information and examples of labels." }, "metadata": { "$ref": "pulumi.json#/Any", "description": "Immutable. An additional information about the Model; the schema of the metadata can be found in metadata_schema. Unset if the Model does not have any additional information." }, "metadataSchemaUri": { "type": "string", "description": "Immutable. Points to a YAML file stored on Google Cloud Storage describing additional information about the Model, that is specific to it. Unset if the Model does not have any additional information. The schema is defined as an OpenAPI 3.0.2 [Schema Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). AutoML Models always have this field populated by Vertex AI, if no additional metadata is needed, this field is set to an empty string. Note: The URI given on output will be immutable and probably different, including the URI scheme, than the one given on input. The output URI will point to a location where the user only has a read access." }, "name": { "type": "string", "description": "The resource name of the Model." }, "predictSchemata": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1PredictSchemata", "description": "The schemata that describe formats of the Model's predictions and explanations as given and returned via PredictionService.Predict and PredictionService.Explain." }, "versionAliases": { "type": "array", "items": { "type": "string" }, "description": "User provided version aliases so that a model version can be referenced via alias (i.e. `projects/{project}/locations/{location}/models/{model_id}@{version_alias}` instead of auto-generated version id (i.e. `projects/{project}/locations/{location}/models/{model_id}@{version_id})`. The format is a-z{0,126}[a-z0-9] to distinguish from version_id. A default version alias will be created for the first version of the model, and there must be exactly one default version alias for a model." }, "versionDescription": { "type": "string", "description": "The description of this version." } }, "type": "object", "required": [ "displayName" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelContainerSpec": { "description": "Specification of a container for serving predictions. Some fields in this message correspond to fields in the [Kubernetes Container v1 core specification](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#container-v1-core).", "properties": { "args": { "type": "array", "items": { "type": "string" }, "description": "Immutable. Specifies arguments for the command that runs when the container starts. This overrides the container's [`CMD`](https://docs.docker.com/engine/reference/builder/#cmd). Specify this field as an array of executable and arguments, similar to a Docker `CMD`'s \"default parameters\" form. If you don't specify this field but do specify the command field, then the command from the `command` field runs without any additional arguments. See the [Kubernetes documentation about how the `command` and `args` fields interact with a container's `ENTRYPOINT` and `CMD`](https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#notes). If you don't specify this field and don't specify the `command` field, then the container's [`ENTRYPOINT`](https://docs.docker.com/engine/reference/builder/#cmd) and `CMD` determine what runs based on their default behavior. See the Docker documentation about [how `CMD` and `ENTRYPOINT` interact](https://docs.docker.com/engine/reference/builder/#understand-how-cmd-and-entrypoint-interact). In this field, you can reference [environment variables set by Vertex AI](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables) and environment variables set in the env field. You cannot reference environment variables set in the Docker image. In order for environment variables to be expanded, reference them by using the following syntax: $( VARIABLE_NAME) Note that this differs from Bash variable expansion, which does not use parentheses. If a variable cannot be resolved, the reference in the input string is used unchanged. To avoid variable expansion, you can escape this syntax with `$$`; for example: $$(VARIABLE_NAME) This field corresponds to the `args` field of the Kubernetes Containers [v1 core API](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#container-v1-core)." }, "command": { "type": "array", "items": { "type": "string" }, "description": "Immutable. Specifies the command that runs when the container starts. This overrides the container's [ENTRYPOINT](https://docs.docker.com/engine/reference/builder/#entrypoint). Specify this field as an array of executable and arguments, similar to a Docker `ENTRYPOINT`'s \"exec\" form, not its \"shell\" form. If you do not specify this field, then the container's `ENTRYPOINT` runs, in conjunction with the args field or the container's [`CMD`](https://docs.docker.com/engine/reference/builder/#cmd), if either exists. If this field is not specified and the container does not have an `ENTRYPOINT`, then refer to the Docker documentation about [how `CMD` and `ENTRYPOINT` interact](https://docs.docker.com/engine/reference/builder/#understand-how-cmd-and-entrypoint-interact). If you specify this field, then you can also specify the `args` field to provide additional arguments for this command. However, if you specify this field, then the container's `CMD` is ignored. See the [Kubernetes documentation about how the `command` and `args` fields interact with a container's `ENTRYPOINT` and `CMD`](https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#notes). In this field, you can reference [environment variables set by Vertex AI](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables) and environment variables set in the env field. You cannot reference environment variables set in the Docker image. In order for environment variables to be expanded, reference them by using the following syntax: $( VARIABLE_NAME) Note that this differs from Bash variable expansion, which does not use parentheses. If a variable cannot be resolved, the reference in the input string is used unchanged. To avoid variable expansion, you can escape this syntax with `$$`; for example: $$(VARIABLE_NAME) This field corresponds to the `command` field of the Kubernetes Containers [v1 core API](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#container-v1-core)." }, "deploymentTimeout": { "type": "string", "description": "Immutable. Deployment timeout. TODO (b/306244185): Revise documentation before exposing." }, "env": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1EnvVar" }, "description": "Immutable. List of environment variables to set in the container. After the container starts running, code running in the container can read these environment variables. Additionally, the command and args fields can reference these variables. Later entries in this list can also reference earlier entries. For example, the following example sets the variable `VAR_2` to have the value `foo bar`: ```json [ { \"name\": \"VAR_1\", \"value\": \"foo\" }, { \"name\": \"VAR_2\", \"value\": \"$(VAR_1) bar\" } ] ``` If you switch the order of the variables in the example, then the expansion does not occur. This field corresponds to the `env` field of the Kubernetes Containers [v1 core API](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#container-v1-core)." }, "healthProbe": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1Probe", "description": "Immutable. Specification for Kubernetes readiness probe. TODO (b/306244185): Revise documentation before exposing." }, "healthRoute": { "type": "string", "description": "Immutable. HTTP path on the container to send health checks to. Vertex AI intermittently sends GET requests to this path on the container's IP address and port to check that the container is healthy. Read more about [health checks](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#health). For example, if you set this field to `/bar`, then Vertex AI intermittently sends a GET request to the `/bar` path on the port of your container specified by the first value of this `ModelContainerSpec`'s ports field. If you don't specify this field, it defaults to the following value when you deploy this Model to an Endpoint: /v1/endpoints/ENDPOINT/deployedModels/ DEPLOYED_MODEL:predict The placeholders in this value are replaced as follows: * ENDPOINT: The last segment (following `endpoints/`)of the Endpoint.name][] field of the Endpoint where this Model has been deployed. (Vertex AI makes this value available to your container code as the [`AIP_ENDPOINT_ID` environment variable](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables).) * DEPLOYED_MODEL: DeployedModel.id of the `DeployedModel`. (Vertex AI makes this value available to your container code as the [`AIP_DEPLOYED_MODEL_ID` environment variable](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables).)" }, "imageUri": { "type": "string", "description": "Immutable. URI of the Docker image to be used as the custom container for serving predictions. This URI must identify an image in Artifact Registry or Container Registry. Learn more about the [container publishing requirements](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#publishing), including permissions requirements for the Vertex AI Service Agent. The container image is ingested upon ModelService.UploadModel, stored internally, and this original path is afterwards not used. To learn about the requirements for the Docker image itself, see [Custom container requirements](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#). You can use the URI to one of Vertex AI's [pre-built container images for prediction](https://cloud.google.com/vertex-ai/docs/predictions/pre-built-containers) in this field." }, "ports": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1Port" }, "description": "Immutable. List of ports to expose from the container. Vertex AI sends any prediction requests that it receives to the first port on this list. Vertex AI also sends [liveness and health checks](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#liveness) to this port. If you do not specify this field, it defaults to following value: ```json [ { \"containerPort\": 8080 } ] ``` Vertex AI does not use ports other than the first one listed. This field corresponds to the `ports` field of the Kubernetes Containers [v1 core API](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#container-v1-core)." }, "predictRoute": { "type": "string", "description": "Immutable. HTTP path on the container to send prediction requests to. Vertex AI forwards requests sent using projects.locations.endpoints.predict to this path on the container's IP address and port. Vertex AI then returns the container's response in the API response. For example, if you set this field to `/foo`, then when Vertex AI receives a prediction request, it forwards the request body in a POST request to the `/foo` path on the port of your container specified by the first value of this `ModelContainerSpec`'s ports field. If you don't specify this field, it defaults to the following value when you deploy this Model to an Endpoint: /v1/endpoints/ENDPOINT/deployedModels/DEPLOYED_MODEL:predict The placeholders in this value are replaced as follows: * ENDPOINT: The last segment (following `endpoints/`)of the Endpoint.name][] field of the Endpoint where this Model has been deployed. (Vertex AI makes this value available to your container code as the [`AIP_ENDPOINT_ID` environment variable](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables).) * DEPLOYED_MODEL: DeployedModel.id of the `DeployedModel`. (Vertex AI makes this value available to your container code as the [`AIP_DEPLOYED_MODEL_ID` environment variable](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables).)" }, "sharedMemorySizeMb": { "type": "string", "description": "Immutable. The amount of the VM memory to reserve as the shared memory for the model in megabytes. TODO (b/306244185): Revise documentation before exposing." }, "startupProbe": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1Probe", "description": "Immutable. Specification for Kubernetes startup probe. TODO (b/306244185): Revise documentation before exposing." } }, "type": "object", "required": [ "imageUri" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelContainerSpecResponse": { "description": "Specification of a container for serving predictions. Some fields in this message correspond to fields in the [Kubernetes Container v1 core specification](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#container-v1-core).", "properties": { "args": { "type": "array", "items": { "type": "string" }, "description": "Immutable. Specifies arguments for the command that runs when the container starts. This overrides the container's [`CMD`](https://docs.docker.com/engine/reference/builder/#cmd). Specify this field as an array of executable and arguments, similar to a Docker `CMD`'s \"default parameters\" form. If you don't specify this field but do specify the command field, then the command from the `command` field runs without any additional arguments. See the [Kubernetes documentation about how the `command` and `args` fields interact with a container's `ENTRYPOINT` and `CMD`](https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#notes). If you don't specify this field and don't specify the `command` field, then the container's [`ENTRYPOINT`](https://docs.docker.com/engine/reference/builder/#cmd) and `CMD` determine what runs based on their default behavior. See the Docker documentation about [how `CMD` and `ENTRYPOINT` interact](https://docs.docker.com/engine/reference/builder/#understand-how-cmd-and-entrypoint-interact). In this field, you can reference [environment variables set by Vertex AI](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables) and environment variables set in the env field. You cannot reference environment variables set in the Docker image. In order for environment variables to be expanded, reference them by using the following syntax: $( VARIABLE_NAME) Note that this differs from Bash variable expansion, which does not use parentheses. If a variable cannot be resolved, the reference in the input string is used unchanged. To avoid variable expansion, you can escape this syntax with `$$`; for example: $$(VARIABLE_NAME) This field corresponds to the `args` field of the Kubernetes Containers [v1 core API](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#container-v1-core)." }, "command": { "type": "array", "items": { "type": "string" }, "description": "Immutable. Specifies the command that runs when the container starts. This overrides the container's [ENTRYPOINT](https://docs.docker.com/engine/reference/builder/#entrypoint). Specify this field as an array of executable and arguments, similar to a Docker `ENTRYPOINT`'s \"exec\" form, not its \"shell\" form. If you do not specify this field, then the container's `ENTRYPOINT` runs, in conjunction with the args field or the container's [`CMD`](https://docs.docker.com/engine/reference/builder/#cmd), if either exists. If this field is not specified and the container does not have an `ENTRYPOINT`, then refer to the Docker documentation about [how `CMD` and `ENTRYPOINT` interact](https://docs.docker.com/engine/reference/builder/#understand-how-cmd-and-entrypoint-interact). If you specify this field, then you can also specify the `args` field to provide additional arguments for this command. However, if you specify this field, then the container's `CMD` is ignored. See the [Kubernetes documentation about how the `command` and `args` fields interact with a container's `ENTRYPOINT` and `CMD`](https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#notes). In this field, you can reference [environment variables set by Vertex AI](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables) and environment variables set in the env field. You cannot reference environment variables set in the Docker image. In order for environment variables to be expanded, reference them by using the following syntax: $( VARIABLE_NAME) Note that this differs from Bash variable expansion, which does not use parentheses. If a variable cannot be resolved, the reference in the input string is used unchanged. To avoid variable expansion, you can escape this syntax with `$$`; for example: $$(VARIABLE_NAME) This field corresponds to the `command` field of the Kubernetes Containers [v1 core API](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#container-v1-core)." }, "deploymentTimeout": { "type": "string", "description": "Immutable. Deployment timeout. TODO (b/306244185): Revise documentation before exposing." }, "env": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1EnvVarResponse" }, "description": "Immutable. List of environment variables to set in the container. After the container starts running, code running in the container can read these environment variables. Additionally, the command and args fields can reference these variables. Later entries in this list can also reference earlier entries. For example, the following example sets the variable `VAR_2` to have the value `foo bar`: ```json [ { \"name\": \"VAR_1\", \"value\": \"foo\" }, { \"name\": \"VAR_2\", \"value\": \"$(VAR_1) bar\" } ] ``` If you switch the order of the variables in the example, then the expansion does not occur. This field corresponds to the `env` field of the Kubernetes Containers [v1 core API](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#container-v1-core)." }, "healthProbe": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ProbeResponse", "description": "Immutable. Specification for Kubernetes readiness probe. TODO (b/306244185): Revise documentation before exposing." }, "healthRoute": { "type": "string", "description": "Immutable. HTTP path on the container to send health checks to. Vertex AI intermittently sends GET requests to this path on the container's IP address and port to check that the container is healthy. Read more about [health checks](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#health). For example, if you set this field to `/bar`, then Vertex AI intermittently sends a GET request to the `/bar` path on the port of your container specified by the first value of this `ModelContainerSpec`'s ports field. If you don't specify this field, it defaults to the following value when you deploy this Model to an Endpoint: /v1/endpoints/ENDPOINT/deployedModels/ DEPLOYED_MODEL:predict The placeholders in this value are replaced as follows: * ENDPOINT: The last segment (following `endpoints/`)of the Endpoint.name][] field of the Endpoint where this Model has been deployed. (Vertex AI makes this value available to your container code as the [`AIP_ENDPOINT_ID` environment variable](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables).) * DEPLOYED_MODEL: DeployedModel.id of the `DeployedModel`. (Vertex AI makes this value available to your container code as the [`AIP_DEPLOYED_MODEL_ID` environment variable](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables).)" }, "imageUri": { "type": "string", "description": "Immutable. URI of the Docker image to be used as the custom container for serving predictions. This URI must identify an image in Artifact Registry or Container Registry. Learn more about the [container publishing requirements](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#publishing), including permissions requirements for the Vertex AI Service Agent. The container image is ingested upon ModelService.UploadModel, stored internally, and this original path is afterwards not used. To learn about the requirements for the Docker image itself, see [Custom container requirements](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#). You can use the URI to one of Vertex AI's [pre-built container images for prediction](https://cloud.google.com/vertex-ai/docs/predictions/pre-built-containers) in this field." }, "ports": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1PortResponse" }, "description": "Immutable. List of ports to expose from the container. Vertex AI sends any prediction requests that it receives to the first port on this list. Vertex AI also sends [liveness and health checks](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#liveness) to this port. If you do not specify this field, it defaults to following value: ```json [ { \"containerPort\": 8080 } ] ``` Vertex AI does not use ports other than the first one listed. This field corresponds to the `ports` field of the Kubernetes Containers [v1 core API](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#container-v1-core)." }, "predictRoute": { "type": "string", "description": "Immutable. HTTP path on the container to send prediction requests to. Vertex AI forwards requests sent using projects.locations.endpoints.predict to this path on the container's IP address and port. Vertex AI then returns the container's response in the API response. For example, if you set this field to `/foo`, then when Vertex AI receives a prediction request, it forwards the request body in a POST request to the `/foo` path on the port of your container specified by the first value of this `ModelContainerSpec`'s ports field. If you don't specify this field, it defaults to the following value when you deploy this Model to an Endpoint: /v1/endpoints/ENDPOINT/deployedModels/DEPLOYED_MODEL:predict The placeholders in this value are replaced as follows: * ENDPOINT: The last segment (following `endpoints/`)of the Endpoint.name][] field of the Endpoint where this Model has been deployed. (Vertex AI makes this value available to your container code as the [`AIP_ENDPOINT_ID` environment variable](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables).) * DEPLOYED_MODEL: DeployedModel.id of the `DeployedModel`. (Vertex AI makes this value available to your container code as the [`AIP_DEPLOYED_MODEL_ID` environment variable](https://cloud.google.com/vertex-ai/docs/predictions/custom-container-requirements#aip-variables).)" }, "sharedMemorySizeMb": { "type": "string", "description": "Immutable. The amount of the VM memory to reserve as the shared memory for the model in megabytes. TODO (b/306244185): Revise documentation before exposing." }, "startupProbe": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ProbeResponse", "description": "Immutable. Specification for Kubernetes startup probe. TODO (b/306244185): Revise documentation before exposing." } }, "type": "object", "required": [ "args", "command", "deploymentTimeout", "env", "healthProbe", "healthRoute", "imageUri", "ports", "predictRoute", "sharedMemorySizeMb", "startupProbe" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelDeploymentMonitoringBigQueryTableResponse": { "description": "ModelDeploymentMonitoringBigQueryTable specifies the BigQuery table name as well as some information of the logs stored in this table.", "properties": { "bigqueryTablePath": { "type": "string", "description": "The created BigQuery table to store logs. Customer could do their own query & analysis. Format: `bq://.model_deployment_monitoring_._`" }, "logSource": { "type": "string", "description": "The source of log." }, "logType": { "type": "string", "description": "The type of log." } }, "type": "object", "required": [ "bigqueryTablePath", "logSource", "logType" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelDeploymentMonitoringJobLatestMonitoringPipelineMetadataResponse": { "description": "All metadata of most recent monitoring pipelines.", "properties": { "runTime": { "type": "string", "description": "The time that most recent monitoring pipelines that is related to this run." }, "status": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleRpcStatusResponse", "description": "The status of the most recent monitoring pipeline." } }, "type": "object", "required": [ "runTime", "status" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelDeploymentMonitoringObjectiveConfig": { "description": "ModelDeploymentMonitoringObjectiveConfig contains the pair of deployed_model_id to ModelMonitoringObjectiveConfig.", "properties": { "deployedModelId": { "type": "string", "description": "The DeployedModel ID of the objective config." }, "objectiveConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringObjectiveConfig", "description": "The objective config of for the modelmonitoring job of this deployed model." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelDeploymentMonitoringObjectiveConfigResponse": { "description": "ModelDeploymentMonitoringObjectiveConfig contains the pair of deployed_model_id to ModelMonitoringObjectiveConfig.", "properties": { "deployedModelId": { "type": "string", "description": "The DeployedModel ID of the objective config." }, "objectiveConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringObjectiveConfigResponse", "description": "The objective config of for the modelmonitoring job of this deployed model." } }, "type": "object", "required": [ "deployedModelId", "objectiveConfig" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelDeploymentMonitoringScheduleConfig": { "description": "The config for scheduling monitoring job.", "properties": { "monitorInterval": { "type": "string", "description": "The model monitoring job scheduling interval. It will be rounded up to next full hour. This defines how often the monitoring jobs are triggered." }, "monitorWindow": { "type": "string", "description": "The time window of the prediction data being included in each prediction dataset. This window specifies how long the data should be collected from historical model results for each run. If not set, ModelDeploymentMonitoringScheduleConfig.monitor_interval will be used. e.g. If currently the cutoff time is 2022-01-08 14:30:00 and the monitor_window is set to be 3600, then data from 2022-01-08 13:30:00 to 2022-01-08 14:30:00 will be retrieved and aggregated to calculate the monitoring statistics." } }, "type": "object", "required": [ "monitorInterval" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelDeploymentMonitoringScheduleConfigResponse": { "description": "The config for scheduling monitoring job.", "properties": { "monitorInterval": { "type": "string", "description": "The model monitoring job scheduling interval. It will be rounded up to next full hour. This defines how often the monitoring jobs are triggered." }, "monitorWindow": { "type": "string", "description": "The time window of the prediction data being included in each prediction dataset. This window specifies how long the data should be collected from historical model results for each run. If not set, ModelDeploymentMonitoringScheduleConfig.monitor_interval will be used. e.g. If currently the cutoff time is 2022-01-08 14:30:00 and the monitor_window is set to be 3600, then data from 2022-01-08 13:30:00 to 2022-01-08 14:30:00 will be retrieved and aggregated to calculate the monitoring statistics." } }, "type": "object", "required": [ "monitorInterval", "monitorWindow" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelExportFormatResponse": { "description": "Represents export format supported by the Model. All formats export to Google Cloud Storage.", "properties": { "exportableContents": { "type": "array", "items": { "type": "string" }, "description": "The content of this Model that may be exported." } }, "type": "object", "required": [ "exportableContents" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringAlertConfig": { "properties": { "emailAlertConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringAlertConfigEmailAlertConfig", "description": "Email alert config." }, "enableLogging": { "type": "boolean", "description": "Dump the anomalies to Cloud Logging. The anomalies will be put to json payload encoded from proto google.cloud.aiplatform.logging.ModelMonitoringAnomaliesLogEntry. This can be further sinked to Pub/Sub or any other services supported by Cloud Logging." }, "notificationChannels": { "type": "array", "items": { "type": "string" }, "description": "Resource names of the NotificationChannels to send alert. Must be of the format `projects//notificationChannels/`" } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringAlertConfigEmailAlertConfig": { "description": "The config for email alert.", "properties": { "userEmails": { "type": "array", "items": { "type": "string" }, "description": "The email addresses to send the alert." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringAlertConfigEmailAlertConfigResponse": { "description": "The config for email alert.", "properties": { "userEmails": { "type": "array", "items": { "type": "string" }, "description": "The email addresses to send the alert." } }, "type": "object", "required": [ "userEmails" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringAlertConfigResponse": { "properties": { "emailAlertConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringAlertConfigEmailAlertConfigResponse", "description": "Email alert config." }, "enableLogging": { "type": "boolean", "description": "Dump the anomalies to Cloud Logging. The anomalies will be put to json payload encoded from proto google.cloud.aiplatform.logging.ModelMonitoringAnomaliesLogEntry. This can be further sinked to Pub/Sub or any other services supported by Cloud Logging." }, "notificationChannels": { "type": "array", "items": { "type": "string" }, "description": "Resource names of the NotificationChannels to send alert. Must be of the format `projects//notificationChannels/`" } }, "type": "object", "required": [ "emailAlertConfig", "enableLogging", "notificationChannels" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringConfig": { "description": "The model monitoring configuration used for Batch Prediction Job.", "properties": { "alertConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringAlertConfig", "description": "Model monitoring alert config." }, "analysisInstanceSchemaUri": { "type": "string", "description": "YAML schema file uri in Cloud Storage describing the format of a single instance that you want Tensorflow Data Validation (TFDV) to analyze. If there are any data type differences between predict instance and TFDV instance, this field can be used to override the schema. For models trained with Vertex AI, this field must be set as all the fields in predict instance formatted as string." }, "objectiveConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringObjectiveConfig" }, "description": "Model monitoring objective config." }, "statsAnomaliesBaseDirectory": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1GcsDestination", "description": "A Google Cloud Storage location for batch prediction model monitoring to dump statistics and anomalies. If not provided, a folder will be created in customer project to hold statistics and anomalies." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringConfigResponse": { "description": "The model monitoring configuration used for Batch Prediction Job.", "properties": { "alertConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringAlertConfigResponse", "description": "Model monitoring alert config." }, "analysisInstanceSchemaUri": { "type": "string", "description": "YAML schema file uri in Cloud Storage describing the format of a single instance that you want Tensorflow Data Validation (TFDV) to analyze. If there are any data type differences between predict instance and TFDV instance, this field can be used to override the schema. For models trained with Vertex AI, this field must be set as all the fields in predict instance formatted as string." }, "objectiveConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringObjectiveConfigResponse" }, "description": "Model monitoring objective config." }, "statsAnomaliesBaseDirectory": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1GcsDestinationResponse", "description": "A Google Cloud Storage location for batch prediction model monitoring to dump statistics and anomalies. If not provided, a folder will be created in customer project to hold statistics and anomalies." } }, "type": "object", "required": [ "alertConfig", "analysisInstanceSchemaUri", "objectiveConfigs", "statsAnomaliesBaseDirectory" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringObjectiveConfig": { "description": "The objective configuration for model monitoring, including the information needed to detect anomalies for one particular model.", "properties": { "explanationConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringObjectiveConfigExplanationConfig", "description": "The config for integrating with Vertex Explainable AI." }, "predictionDriftDetectionConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringObjectiveConfigPredictionDriftDetectionConfig", "description": "The config for drift of prediction data." }, "trainingDataset": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringObjectiveConfigTrainingDataset", "description": "Training dataset for models. This field has to be set only if TrainingPredictionSkewDetectionConfig is specified." }, "trainingPredictionSkewDetectionConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringObjectiveConfigTrainingPredictionSkewDetectionConfig", "description": "The config for skew between training data and prediction data." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringObjectiveConfigExplanationConfig": { "description": "The config for integrating with Vertex Explainable AI. Only applicable if the Model has explanation_spec populated.", "properties": { "enableFeatureAttributes": { "type": "boolean", "description": "If want to analyze the Vertex Explainable AI feature attribute scores or not. If set to true, Vertex AI will log the feature attributions from explain response and do the skew/drift detection for them." }, "explanationBaseline": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringObjectiveConfigExplanationConfigExplanationBaseline", "description": "Predictions generated by the BatchPredictionJob using baseline dataset." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringObjectiveConfigExplanationConfigExplanationBaseline": { "description": "Output from BatchPredictionJob for Model Monitoring baseline dataset, which can be used to generate baseline attribution scores.", "properties": { "bigquery": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1BigQueryDestination", "description": "BigQuery location for BatchExplain output." }, "gcs": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1GcsDestination", "description": "Cloud Storage location for BatchExplain output." }, "predictionFormat": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringObjectiveConfigExplanationConfigExplanationBaselinePredictionFormat", "description": "The storage format of the predictions generated BatchPrediction job." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringObjectiveConfigExplanationConfigExplanationBaselinePredictionFormat": { "description": "The storage format of the predictions generated BatchPrediction job.", "type": "string", "enum": [ { "name": "PredictionFormatUnspecified", "description": "Should not be set.", "value": "PREDICTION_FORMAT_UNSPECIFIED" }, { "name": "Jsonl", "description": "Predictions are in JSONL files.", "value": "JSONL" }, { "name": "Bigquery", "description": "Predictions are in BigQuery.", "value": "BIGQUERY" } ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringObjectiveConfigExplanationConfigExplanationBaselineResponse": { "description": "Output from BatchPredictionJob for Model Monitoring baseline dataset, which can be used to generate baseline attribution scores.", "properties": { "bigquery": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1BigQueryDestinationResponse", "description": "BigQuery location for BatchExplain output." }, "gcs": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1GcsDestinationResponse", "description": "Cloud Storage location for BatchExplain output." }, "predictionFormat": { "type": "string", "description": "The storage format of the predictions generated BatchPrediction job." } }, "type": "object", "required": [ "bigquery", "gcs", "predictionFormat" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringObjectiveConfigExplanationConfigResponse": { "description": "The config for integrating with Vertex Explainable AI. Only applicable if the Model has explanation_spec populated.", "properties": { "enableFeatureAttributes": { "type": "boolean", "description": "If want to analyze the Vertex Explainable AI feature attribute scores or not. If set to true, Vertex AI will log the feature attributions from explain response and do the skew/drift detection for them." }, "explanationBaseline": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringObjectiveConfigExplanationConfigExplanationBaselineResponse", "description": "Predictions generated by the BatchPredictionJob using baseline dataset." } }, "type": "object", "required": [ "enableFeatureAttributes", "explanationBaseline" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringObjectiveConfigPredictionDriftDetectionConfig": { "description": "The config for Prediction data drift detection.", "properties": { "attributionScoreDriftThresholds": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key is the feature name and value is the threshold. The threshold here is against attribution score distance between different time windows." }, "defaultDriftThreshold": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ThresholdConfig", "description": "Drift anomaly detection threshold used by all features. When the per-feature thresholds are not set, this field can be used to specify a threshold for all features." }, "driftThresholds": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key is the feature name and value is the threshold. If a feature needs to be monitored for drift, a value threshold must be configured for that feature. The threshold here is against feature distribution distance between different time windws." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringObjectiveConfigPredictionDriftDetectionConfigResponse": { "description": "The config for Prediction data drift detection.", "properties": { "attributionScoreDriftThresholds": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key is the feature name and value is the threshold. The threshold here is against attribution score distance between different time windows." }, "defaultDriftThreshold": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ThresholdConfigResponse", "description": "Drift anomaly detection threshold used by all features. When the per-feature thresholds are not set, this field can be used to specify a threshold for all features." }, "driftThresholds": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key is the feature name and value is the threshold. If a feature needs to be monitored for drift, a value threshold must be configured for that feature. The threshold here is against feature distribution distance between different time windws." } }, "type": "object", "required": [ "attributionScoreDriftThresholds", "defaultDriftThreshold", "driftThresholds" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringObjectiveConfigResponse": { "description": "The objective configuration for model monitoring, including the information needed to detect anomalies for one particular model.", "properties": { "explanationConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringObjectiveConfigExplanationConfigResponse", "description": "The config for integrating with Vertex Explainable AI." }, "predictionDriftDetectionConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringObjectiveConfigPredictionDriftDetectionConfigResponse", "description": "The config for drift of prediction data." }, "trainingDataset": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringObjectiveConfigTrainingDatasetResponse", "description": "Training dataset for models. This field has to be set only if TrainingPredictionSkewDetectionConfig is specified." }, "trainingPredictionSkewDetectionConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringObjectiveConfigTrainingPredictionSkewDetectionConfigResponse", "description": "The config for skew between training data and prediction data." } }, "type": "object", "required": [ "explanationConfig", "predictionDriftDetectionConfig", "trainingDataset", "trainingPredictionSkewDetectionConfig" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringObjectiveConfigTrainingDataset": { "description": "Training Dataset information.", "properties": { "bigquerySource": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1BigQuerySource", "description": "The BigQuery table of the unmanaged Dataset used to train this Model." }, "dataFormat": { "type": "string", "description": "Data format of the dataset, only applicable if the input is from Google Cloud Storage. The possible formats are: \"tf-record\" The source file is a TFRecord file. \"csv\" The source file is a CSV file. \"jsonl\" The source file is a JSONL file." }, "dataset": { "type": "string", "description": "The resource name of the Dataset used to train this Model." }, "gcsSource": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1GcsSource", "description": "The Google Cloud Storage uri of the unmanaged Dataset used to train this Model." }, "loggingSamplingStrategy": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1SamplingStrategy", "description": "Strategy to sample data from Training Dataset. If not set, we process the whole dataset." }, "targetField": { "type": "string", "description": "The target field name the model is to predict. This field will be excluded when doing Predict and (or) Explain for the training data." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringObjectiveConfigTrainingDatasetResponse": { "description": "Training Dataset information.", "properties": { "bigquerySource": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1BigQuerySourceResponse", "description": "The BigQuery table of the unmanaged Dataset used to train this Model." }, "dataFormat": { "type": "string", "description": "Data format of the dataset, only applicable if the input is from Google Cloud Storage. The possible formats are: \"tf-record\" The source file is a TFRecord file. \"csv\" The source file is a CSV file. \"jsonl\" The source file is a JSONL file." }, "dataset": { "type": "string", "description": "The resource name of the Dataset used to train this Model." }, "gcsSource": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1GcsSourceResponse", "description": "The Google Cloud Storage uri of the unmanaged Dataset used to train this Model." }, "loggingSamplingStrategy": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1SamplingStrategyResponse", "description": "Strategy to sample data from Training Dataset. If not set, we process the whole dataset." }, "targetField": { "type": "string", "description": "The target field name the model is to predict. This field will be excluded when doing Predict and (or) Explain for the training data." } }, "type": "object", "required": [ "bigquerySource", "dataFormat", "dataset", "gcsSource", "loggingSamplingStrategy", "targetField" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringObjectiveConfigTrainingPredictionSkewDetectionConfig": { "description": "The config for Training & Prediction data skew detection. It specifies the training dataset sources and the skew detection parameters.", "properties": { "attributionScoreSkewThresholds": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key is the feature name and value is the threshold. The threshold here is against attribution score distance between the training and prediction feature." }, "defaultSkewThreshold": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ThresholdConfig", "description": "Skew anomaly detection threshold used by all features. When the per-feature thresholds are not set, this field can be used to specify a threshold for all features." }, "skewThresholds": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key is the feature name and value is the threshold. If a feature needs to be monitored for skew, a value threshold must be configured for that feature. The threshold here is against feature distribution distance between the training and prediction feature." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringObjectiveConfigTrainingPredictionSkewDetectionConfigResponse": { "description": "The config for Training & Prediction data skew detection. It specifies the training dataset sources and the skew detection parameters.", "properties": { "attributionScoreSkewThresholds": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key is the feature name and value is the threshold. The threshold here is against attribution score distance between the training and prediction feature." }, "defaultSkewThreshold": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ThresholdConfigResponse", "description": "Skew anomaly detection threshold used by all features. When the per-feature thresholds are not set, this field can be used to specify a threshold for all features." }, "skewThresholds": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key is the feature name and value is the threshold. If a feature needs to be monitored for skew, a value threshold must be configured for that feature. The threshold here is against feature distribution distance between the training and prediction feature." } }, "type": "object", "required": [ "attributionScoreSkewThresholds", "defaultSkewThreshold", "skewThresholds" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringStatsAnomalies": { "description": "Statistics and anomalies generated by Model Monitoring.", "properties": { "anomalyCount": { "type": "integer", "description": "Number of anomalies within all stats." }, "deployedModelId": { "type": "string", "description": "Deployed Model ID." }, "featureStats": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringStatsAnomaliesFeatureHistoricStatsAnomalies" }, "description": "A list of historical Stats and Anomalies generated for all Features." }, "objective": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringStatsAnomaliesObjective", "description": "Model Monitoring Objective those stats and anomalies belonging to." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringStatsAnomaliesFeatureHistoricStatsAnomalies": { "description": "Historical Stats (and Anomalies) for a specific Feature.", "properties": { "featureDisplayName": { "type": "string", "description": "Display Name of the Feature." }, "predictionStats": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FeatureStatsAnomaly" }, "description": "A list of historical stats generated by different time window's Prediction Dataset." }, "threshold": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ThresholdConfig", "description": "Threshold for anomaly detection." }, "trainingStats": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FeatureStatsAnomaly", "description": "Stats calculated for the Training Dataset." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringStatsAnomaliesFeatureHistoricStatsAnomaliesResponse": { "description": "Historical Stats (and Anomalies) for a specific Feature.", "properties": { "featureDisplayName": { "type": "string", "description": "Display Name of the Feature." }, "predictionStats": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FeatureStatsAnomalyResponse" }, "description": "A list of historical stats generated by different time window's Prediction Dataset." }, "threshold": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ThresholdConfigResponse", "description": "Threshold for anomaly detection." }, "trainingStats": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FeatureStatsAnomalyResponse", "description": "Stats calculated for the Training Dataset." } }, "type": "object", "required": [ "featureDisplayName", "predictionStats", "threshold", "trainingStats" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringStatsAnomaliesObjective": { "description": "Model Monitoring Objective those stats and anomalies belonging to.", "type": "string", "enum": [ { "name": "ModelDeploymentMonitoringObjectiveTypeUnspecified", "description": "Default value, should not be set.", "value": "MODEL_DEPLOYMENT_MONITORING_OBJECTIVE_TYPE_UNSPECIFIED" }, { "name": "RawFeatureSkew", "description": "Raw feature values' stats to detect skew between Training-Prediction datasets.", "value": "RAW_FEATURE_SKEW" }, { "name": "RawFeatureDrift", "description": "Raw feature values' stats to detect drift between Serving-Prediction datasets.", "value": "RAW_FEATURE_DRIFT" }, { "name": "FeatureAttributionSkew", "description": "Feature attribution scores to detect skew between Training-Prediction datasets.", "value": "FEATURE_ATTRIBUTION_SKEW" }, { "name": "FeatureAttributionDrift", "description": "Feature attribution scores to detect skew between Prediction datasets collected within different time windows.", "value": "FEATURE_ATTRIBUTION_DRIFT" } ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringStatsAnomaliesResponse": { "description": "Statistics and anomalies generated by Model Monitoring.", "properties": { "anomalyCount": { "type": "integer", "description": "Number of anomalies within all stats." }, "deployedModelId": { "type": "string", "description": "Deployed Model ID." }, "featureStats": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ModelMonitoringStatsAnomaliesFeatureHistoricStatsAnomaliesResponse" }, "description": "A list of historical Stats and Anomalies generated for all Features." }, "objective": { "type": "string", "description": "Model Monitoring Objective those stats and anomalies belonging to." } }, "type": "object", "required": [ "anomalyCount", "deployedModelId", "featureStats", "objective" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelOriginalModelInfoResponse": { "description": "Contains information about the original Model if this Model is a copy.", "properties": { "model": { "type": "string", "description": "The resource name of the Model this Model is a copy of, including the revision. Format: `projects/{project}/locations/{location}/models/{model_id}@{version_id}`" } }, "type": "object", "required": [ "model" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelResponse": { "description": "A trained machine learning Model.", "properties": { "artifactUri": { "type": "string", "description": "Immutable. The path to the directory containing the Model artifact and any of its supporting files. Not present for AutoML Models or Large Models." }, "containerSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ModelContainerSpecResponse", "description": "Input only. The specification of the container that is to be used when deploying this Model. The specification is ingested upon ModelService.UploadModel, and all binaries it contains are copied and stored internally by Vertex AI. Not present for AutoML Models or Large Models." }, "createTime": { "type": "string", "description": "Timestamp when this Model was uploaded into Vertex AI." }, "deployedModels": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1DeployedModelRefResponse" }, "description": "The pointers to DeployedModels created from this Model. Note that Model could have been deployed to Endpoints in different Locations." }, "description": { "type": "string", "description": "The description of the Model." }, "displayName": { "type": "string", "description": "The display name of the Model. The name can be up to 128 characters long and can consist of any UTF-8 characters." }, "encryptionSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1EncryptionSpecResponse", "description": "Customer-managed encryption key spec for a Model. If set, this Model and all sub-resources of this Model will be secured by this key." }, "etag": { "type": "string", "description": "Used to perform consistent read-modify-write updates. If not set, a blind \"overwrite\" update happens." }, "explanationSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ExplanationSpecResponse", "description": "The default explanation specification for this Model. The Model can be used for requesting explanation after being deployed if it is populated. The Model can be used for batch explanation if it is populated. All fields of the explanation_spec can be overridden by explanation_spec of DeployModelRequest.deployed_model, or explanation_spec of BatchPredictionJob. If the default explanation specification is not set for this Model, this Model can still be used for requesting explanation by setting explanation_spec of DeployModelRequest.deployed_model and for batch explanation by setting explanation_spec of BatchPredictionJob." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The labels with user-defined metadata to organize your Models. Label keys and values can be no longer than 64 characters (Unicode codepoints), can only contain lowercase letters, numeric characters, underscores and dashes. International characters are allowed. See https://goo.gl/xmQnxf for more information and examples of labels." }, "metadata": { "$ref": "pulumi.json#/Any", "description": "Immutable. An additional information about the Model; the schema of the metadata can be found in metadata_schema. Unset if the Model does not have any additional information." }, "metadataArtifact": { "type": "string", "description": "The resource name of the Artifact that was created in MetadataStore when creating the Model. The Artifact resource name pattern is `projects/{project}/locations/{location}/metadataStores/{metadata_store}/artifacts/{artifact}`." }, "metadataSchemaUri": { "type": "string", "description": "Immutable. Points to a YAML file stored on Google Cloud Storage describing additional information about the Model, that is specific to it. Unset if the Model does not have any additional information. The schema is defined as an OpenAPI 3.0.2 [Schema Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). AutoML Models always have this field populated by Vertex AI, if no additional metadata is needed, this field is set to an empty string. Note: The URI given on output will be immutable and probably different, including the URI scheme, than the one given on input. The output URI will point to a location where the user only has a read access." }, "modelSourceInfo": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ModelSourceInfoResponse", "description": "Source of a model. It can either be automl training pipeline, custom training pipeline, BigQuery ML, or existing Vertex AI Model." }, "name": { "type": "string", "description": "The resource name of the Model." }, "originalModelInfo": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ModelOriginalModelInfoResponse", "description": "If this Model is a copy of another Model, this contains info about the original." }, "predictSchemata": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1PredictSchemataResponse", "description": "The schemata that describe formats of the Model's predictions and explanations as given and returned via PredictionService.Predict and PredictionService.Explain." }, "supportedDeploymentResourcesTypes": { "type": "array", "items": { "type": "string" }, "description": "When this Model is deployed, its prediction resources are described by the `prediction_resources` field of the Endpoint.deployed_models object. Because not all Models support all resource configuration types, the configuration types this Model supports are listed here. If no configuration types are listed, the Model cannot be deployed to an Endpoint and does not support online predictions (PredictionService.Predict or PredictionService.Explain). Such a Model can serve predictions by using a BatchPredictionJob, if it has at least one entry each in supported_input_storage_formats and supported_output_storage_formats." }, "supportedExportFormats": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ModelExportFormatResponse" }, "description": "The formats in which this Model may be exported. If empty, this Model is not available for export." }, "supportedInputStorageFormats": { "type": "array", "items": { "type": "string" }, "description": "The formats this Model supports in BatchPredictionJob.input_config. If PredictSchemata.instance_schema_uri exists, the instances should be given as per that schema. The possible formats are: * `jsonl` The JSON Lines format, where each instance is a single line. Uses GcsSource. * `csv` The CSV format, where each instance is a single comma-separated line. The first line in the file is the header, containing comma-separated field names. Uses GcsSource. * `tf-record` The TFRecord format, where each instance is a single record in tfrecord syntax. Uses GcsSource. * `tf-record-gzip` Similar to `tf-record`, but the file is gzipped. Uses GcsSource. * `bigquery` Each instance is a single row in BigQuery. Uses BigQuerySource. * `file-list` Each line of the file is the location of an instance to process, uses `gcs_source` field of the InputConfig object. If this Model doesn't support any of these formats it means it cannot be used with a BatchPredictionJob. However, if it has supported_deployment_resources_types, it could serve online predictions by using PredictionService.Predict or PredictionService.Explain." }, "supportedOutputStorageFormats": { "type": "array", "items": { "type": "string" }, "description": "The formats this Model supports in BatchPredictionJob.output_config. If both PredictSchemata.instance_schema_uri and PredictSchemata.prediction_schema_uri exist, the predictions are returned together with their instances. In other words, the prediction has the original instance data first, followed by the actual prediction content (as per the schema). The possible formats are: * `jsonl` The JSON Lines format, where each prediction is a single line. Uses GcsDestination. * `csv` The CSV format, where each prediction is a single comma-separated line. The first line in the file is the header, containing comma-separated field names. Uses GcsDestination. * `bigquery` Each prediction is a single row in a BigQuery table, uses BigQueryDestination . If this Model doesn't support any of these formats it means it cannot be used with a BatchPredictionJob. However, if it has supported_deployment_resources_types, it could serve online predictions by using PredictionService.Predict or PredictionService.Explain." }, "trainingPipeline": { "type": "string", "description": "The resource name of the TrainingPipeline that uploaded this Model, if any." }, "updateTime": { "type": "string", "description": "Timestamp when this Model was most recently updated." }, "versionAliases": { "type": "array", "items": { "type": "string" }, "description": "User provided version aliases so that a model version can be referenced via alias (i.e. `projects/{project}/locations/{location}/models/{model_id}@{version_alias}` instead of auto-generated version id (i.e. `projects/{project}/locations/{location}/models/{model_id}@{version_id})`. The format is a-z{0,126}[a-z0-9] to distinguish from version_id. A default version alias will be created for the first version of the model, and there must be exactly one default version alias for a model." }, "versionCreateTime": { "type": "string", "description": "Timestamp when this version was created." }, "versionDescription": { "type": "string", "description": "The description of this version." }, "versionId": { "type": "string", "description": "Immutable. The version ID of the model. A new version is committed when a new model version is uploaded or trained under an existing model id. It is an auto-incrementing decimal number in string representation." }, "versionUpdateTime": { "type": "string", "description": "Timestamp when this version was most recently updated." } }, "type": "object", "required": [ "artifactUri", "containerSpec", "createTime", "deployedModels", "description", "displayName", "encryptionSpec", "etag", "explanationSpec", "labels", "metadata", "metadataArtifact", "metadataSchemaUri", "modelSourceInfo", "name", "originalModelInfo", "predictSchemata", "supportedDeploymentResourcesTypes", "supportedExportFormats", "supportedInputStorageFormats", "supportedOutputStorageFormats", "trainingPipeline", "updateTime", "versionAliases", "versionCreateTime", "versionDescription", "versionId", "versionUpdateTime" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ModelSourceInfoResponse": { "description": "Detail description of the source information of the model.", "properties": { "copy": { "type": "boolean", "description": "If this Model is copy of another Model. If true then source_type pertains to the original." }, "sourceType": { "type": "string", "description": "Type of the model source." } }, "type": "object", "required": [ "copy", "sourceType" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1NasJobOutputMultiTrialJobOutputResponse": { "description": "The output of a multi-trial Neural Architecture Search (NAS) jobs.", "properties": { "searchTrials": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1NasTrialResponse" }, "description": "List of NasTrials that were started as part of search stage." }, "trainTrials": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1NasTrialResponse" }, "description": "List of NasTrials that were started as part of train stage." } }, "type": "object", "required": [ "searchTrials", "trainTrials" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1NasJobOutputResponse": { "description": "Represents a uCAIP NasJob output.", "properties": { "multiTrialJobOutput": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1NasJobOutputMultiTrialJobOutputResponse", "description": "The output of this multi-trial Neural Architecture Search (NAS) job." } }, "type": "object", "required": [ "multiTrialJobOutput" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1NasJobSpec": { "description": "Represents the spec of a NasJob.", "properties": { "multiTrialAlgorithmSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1NasJobSpecMultiTrialAlgorithmSpec", "description": "The spec of multi-trial algorithms." }, "resumeNasJobId": { "type": "string", "description": "The ID of the existing NasJob in the same Project and Location which will be used to resume search. search_space_spec and nas_algorithm_spec are obtained from previous NasJob hence should not provide them again for this NasJob." }, "searchSpaceSpec": { "type": "string", "description": "It defines the search space for Neural Architecture Search (NAS)." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1NasJobSpecMultiTrialAlgorithmSpec": { "description": "The spec of multi-trial Neural Architecture Search (NAS).", "properties": { "metric": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1NasJobSpecMultiTrialAlgorithmSpecMetricSpec", "description": "Metric specs for the NAS job. Validation for this field is done at `multi_trial_algorithm_spec` field." }, "multiTrialAlgorithm": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1NasJobSpecMultiTrialAlgorithmSpecMultiTrialAlgorithm", "description": "The multi-trial Neural Architecture Search (NAS) algorithm type. Defaults to `REINFORCEMENT_LEARNING`." }, "searchTrialSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1NasJobSpecMultiTrialAlgorithmSpecSearchTrialSpec", "description": "Spec for search trials." }, "trainTrialSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1NasJobSpecMultiTrialAlgorithmSpecTrainTrialSpec", "description": "Spec for train trials. Top N [TrainTrialSpec.max_parallel_trial_count] search trials will be trained for every M [TrainTrialSpec.frequency] trials searched." } }, "type": "object", "required": [ "searchTrialSpec" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1NasJobSpecMultiTrialAlgorithmSpecMetricSpec": { "description": "Represents a metric to optimize.", "properties": { "goal": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1NasJobSpecMultiTrialAlgorithmSpecMetricSpecGoal", "description": "The optimization goal of the metric." }, "metricId": { "type": "string", "description": "The ID of the metric. Must not contain whitespaces." } }, "type": "object", "required": [ "goal", "metricId" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1NasJobSpecMultiTrialAlgorithmSpecMetricSpecGoal": { "description": "Required. The optimization goal of the metric.", "type": "string", "enum": [ { "name": "GoalTypeUnspecified", "description": "Goal Type will default to maximize.", "value": "GOAL_TYPE_UNSPECIFIED" }, { "name": "Maximize", "description": "Maximize the goal metric.", "value": "MAXIMIZE" }, { "name": "Minimize", "description": "Minimize the goal metric.", "value": "MINIMIZE" } ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1NasJobSpecMultiTrialAlgorithmSpecMetricSpecResponse": { "description": "Represents a metric to optimize.", "properties": { "goal": { "type": "string", "description": "The optimization goal of the metric." }, "metricId": { "type": "string", "description": "The ID of the metric. Must not contain whitespaces." } }, "type": "object", "required": [ "goal", "metricId" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1NasJobSpecMultiTrialAlgorithmSpecMultiTrialAlgorithm": { "description": "The multi-trial Neural Architecture Search (NAS) algorithm type. Defaults to `REINFORCEMENT_LEARNING`.", "type": "string", "enum": [ { "name": "MultiTrialAlgorithmUnspecified", "description": "Defaults to `REINFORCEMENT_LEARNING`.", "value": "MULTI_TRIAL_ALGORITHM_UNSPECIFIED" }, { "name": "ReinforcementLearning", "description": "The Reinforcement Learning Algorithm for Multi-trial Neural Architecture Search (NAS).", "value": "REINFORCEMENT_LEARNING" }, { "name": "GridSearch", "description": "The Grid Search Algorithm for Multi-trial Neural Architecture Search (NAS).", "value": "GRID_SEARCH" } ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1NasJobSpecMultiTrialAlgorithmSpecResponse": { "description": "The spec of multi-trial Neural Architecture Search (NAS).", "properties": { "metric": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1NasJobSpecMultiTrialAlgorithmSpecMetricSpecResponse", "description": "Metric specs for the NAS job. Validation for this field is done at `multi_trial_algorithm_spec` field." }, "multiTrialAlgorithm": { "type": "string", "description": "The multi-trial Neural Architecture Search (NAS) algorithm type. Defaults to `REINFORCEMENT_LEARNING`." }, "searchTrialSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1NasJobSpecMultiTrialAlgorithmSpecSearchTrialSpecResponse", "description": "Spec for search trials." }, "trainTrialSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1NasJobSpecMultiTrialAlgorithmSpecTrainTrialSpecResponse", "description": "Spec for train trials. Top N [TrainTrialSpec.max_parallel_trial_count] search trials will be trained for every M [TrainTrialSpec.frequency] trials searched." } }, "type": "object", "required": [ "metric", "multiTrialAlgorithm", "searchTrialSpec", "trainTrialSpec" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1NasJobSpecMultiTrialAlgorithmSpecSearchTrialSpec": { "description": "Represent spec for search trials.", "properties": { "maxFailedTrialCount": { "type": "integer", "description": "The number of failed trials that need to be seen before failing the NasJob. If set to 0, Vertex AI decides how many trials must fail before the whole job fails." }, "maxParallelTrialCount": { "type": "integer", "description": "The maximum number of trials to run in parallel." }, "maxTrialCount": { "type": "integer", "description": "The maximum number of Neural Architecture Search (NAS) trials to run." }, "searchTrialJobSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1CustomJobSpec", "description": "The spec of a search trial job. The same spec applies to all search trials." } }, "type": "object", "required": [ "maxParallelTrialCount", "maxTrialCount", "searchTrialJobSpec" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1NasJobSpecMultiTrialAlgorithmSpecSearchTrialSpecResponse": { "description": "Represent spec for search trials.", "properties": { "maxFailedTrialCount": { "type": "integer", "description": "The number of failed trials that need to be seen before failing the NasJob. If set to 0, Vertex AI decides how many trials must fail before the whole job fails." }, "maxParallelTrialCount": { "type": "integer", "description": "The maximum number of trials to run in parallel." }, "maxTrialCount": { "type": "integer", "description": "The maximum number of Neural Architecture Search (NAS) trials to run." }, "searchTrialJobSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1CustomJobSpecResponse", "description": "The spec of a search trial job. The same spec applies to all search trials." } }, "type": "object", "required": [ "maxFailedTrialCount", "maxParallelTrialCount", "maxTrialCount", "searchTrialJobSpec" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1NasJobSpecMultiTrialAlgorithmSpecTrainTrialSpec": { "description": "Represent spec for train trials.", "properties": { "frequency": { "type": "integer", "description": "Frequency of search trials to start train stage. Top N [TrainTrialSpec.max_parallel_trial_count] search trials will be trained for every M [TrainTrialSpec.frequency] trials searched." }, "maxParallelTrialCount": { "type": "integer", "description": "The maximum number of trials to run in parallel." }, "trainTrialJobSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1CustomJobSpec", "description": "The spec of a train trial job. The same spec applies to all train trials." } }, "type": "object", "required": [ "frequency", "maxParallelTrialCount", "trainTrialJobSpec" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1NasJobSpecMultiTrialAlgorithmSpecTrainTrialSpecResponse": { "description": "Represent spec for train trials.", "properties": { "frequency": { "type": "integer", "description": "Frequency of search trials to start train stage. Top N [TrainTrialSpec.max_parallel_trial_count] search trials will be trained for every M [TrainTrialSpec.frequency] trials searched." }, "maxParallelTrialCount": { "type": "integer", "description": "The maximum number of trials to run in parallel." }, "trainTrialJobSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1CustomJobSpecResponse", "description": "The spec of a train trial job. The same spec applies to all train trials." } }, "type": "object", "required": [ "frequency", "maxParallelTrialCount", "trainTrialJobSpec" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1NasJobSpecResponse": { "description": "Represents the spec of a NasJob.", "properties": { "multiTrialAlgorithmSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1NasJobSpecMultiTrialAlgorithmSpecResponse", "description": "The spec of multi-trial algorithms." }, "resumeNasJobId": { "type": "string", "description": "The ID of the existing NasJob in the same Project and Location which will be used to resume search. search_space_spec and nas_algorithm_spec are obtained from previous NasJob hence should not provide them again for this NasJob." }, "searchSpaceSpec": { "type": "string", "description": "It defines the search space for Neural Architecture Search (NAS)." } }, "type": "object", "required": [ "multiTrialAlgorithmSpec", "resumeNasJobId", "searchSpaceSpec" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1NasTrialResponse": { "description": "Represents a uCAIP NasJob trial.", "properties": { "endTime": { "type": "string", "description": "Time when the NasTrial's status changed to `SUCCEEDED` or `INFEASIBLE`." }, "finalMeasurement": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1MeasurementResponse", "description": "The final measurement containing the objective value." }, "startTime": { "type": "string", "description": "Time when the NasTrial was started." }, "state": { "type": "string", "description": "The detailed state of the NasTrial." } }, "type": "object", "required": [ "endTime", "finalMeasurement", "startTime", "state" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1NetworkSpec": { "description": "Network spec.", "properties": { "enableInternetAccess": { "type": "boolean", "description": "Whether to enable public internet access. Default false." }, "network": { "type": "string", "description": "The full name of the Google Compute Engine [network](https://cloud.google.com//compute/docs/networks-and-firewalls#networks)" }, "subnetwork": { "type": "string", "description": "The name of the subnet that this instance is in. Format: `projects/{project_id_or_number}/regions/{region}/subnetworks/{subnetwork_id}`" } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1NetworkSpecResponse": { "description": "Network spec.", "properties": { "enableInternetAccess": { "type": "boolean", "description": "Whether to enable public internet access. Default false." }, "network": { "type": "string", "description": "The full name of the Google Compute Engine [network](https://cloud.google.com//compute/docs/networks-and-firewalls#networks)" }, "subnetwork": { "type": "string", "description": "The name of the subnet that this instance is in. Format: `projects/{project_id_or_number}/regions/{region}/subnetworks/{subnetwork_id}`" } }, "type": "object", "required": [ "enableInternetAccess", "network", "subnetwork" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1NfsMount": { "description": "Represents a mount configuration for Network File System (NFS) to mount.", "properties": { "mountPoint": { "type": "string", "description": "Destination mount path. The NFS will be mounted for the user under /mnt/nfs/" }, "path": { "type": "string", "description": "Source path exported from NFS server. Has to start with '/', and combined with the ip address, it indicates the source mount path in the form of `server:path`" }, "server": { "type": "string", "description": "IP address of the NFS server." } }, "type": "object", "required": [ "mountPoint", "path", "server" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1NfsMountResponse": { "description": "Represents a mount configuration for Network File System (NFS) to mount.", "properties": { "mountPoint": { "type": "string", "description": "Destination mount path. The NFS will be mounted for the user under /mnt/nfs/" }, "path": { "type": "string", "description": "Source path exported from NFS server. Has to start with '/', and combined with the ip address, it indicates the source mount path in the form of `server:path`" }, "server": { "type": "string", "description": "IP address of the NFS server." } }, "type": "object", "required": [ "mountPoint", "path", "server" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1NotebookEucConfig": { "description": "The euc configuration of NotebookRuntimeTemplate.", "properties": { "eucDisabled": { "type": "boolean", "description": "Input only. Whether EUC is disabled in this NotebookRuntimeTemplate. In proto3, the default value of a boolean is false. In this way, by default EUC will be enabled for NotebookRuntimeTemplate." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1NotebookEucConfigResponse": { "description": "The euc configuration of NotebookRuntimeTemplate.", "properties": { "bypassActasCheck": { "type": "boolean", "description": "Whether ActAs check is bypassed for service account attached to the VM. If false, we need ActAs check for the default Compute Engine Service account. When a Runtime is created, a VM is allocated using Default Compute Engine Service Account. Any user requesting to use this Runtime requires Service Account User (ActAs) permission over this SA. If true, Runtime owner is using EUC and does not require the above permission as VM no longer use default Compute Engine SA, but a P4SA." }, "eucDisabled": { "type": "boolean", "description": "Input only. Whether EUC is disabled in this NotebookRuntimeTemplate. In proto3, the default value of a boolean is false. In this way, by default EUC will be enabled for NotebookRuntimeTemplate." } }, "type": "object", "required": [ "bypassActasCheck", "eucDisabled" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1NotebookIdleShutdownConfig": { "description": "The idle shutdown configuration of NotebookRuntimeTemplate, which contains the idle_timeout as required field.", "properties": { "idleShutdownDisabled": { "type": "boolean", "description": "Whether Idle Shutdown is disabled in this NotebookRuntimeTemplate." }, "idleTimeout": { "type": "string", "description": "Duration is accurate to the second. In Notebook, Idle Timeout is accurate to minute so the range of idle_timeout (second) is: 10 * 60 ~ 1440 * 60." } }, "type": "object", "required": [ "idleTimeout" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1NotebookIdleShutdownConfigResponse": { "description": "The idle shutdown configuration of NotebookRuntimeTemplate, which contains the idle_timeout as required field.", "properties": { "idleShutdownDisabled": { "type": "boolean", "description": "Whether Idle Shutdown is disabled in this NotebookRuntimeTemplate." }, "idleTimeout": { "type": "string", "description": "Duration is accurate to the second. In Notebook, Idle Timeout is accurate to minute so the range of idle_timeout (second) is: 10 * 60 ~ 1440 * 60." } }, "type": "object", "required": [ "idleShutdownDisabled", "idleTimeout" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1PersistentDiskSpec": { "description": "Represents the spec of persistent disk options.", "properties": { "diskSizeGb": { "type": "string", "description": "Size in GB of the disk (default is 100GB)." }, "diskType": { "type": "string", "description": "Type of the disk (default is \"pd-standard\"). Valid values: \"pd-ssd\" (Persistent Disk Solid State Drive) \"pd-standard\" (Persistent Disk Hard Disk Drive) \"pd-balanced\" (Balanced Persistent Disk) \"pd-extreme\" (Extreme Persistent Disk)" } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1PersistentDiskSpecResponse": { "description": "Represents the spec of persistent disk options.", "properties": { "diskSizeGb": { "type": "string", "description": "Size in GB of the disk (default is 100GB)." }, "diskType": { "type": "string", "description": "Type of the disk (default is \"pd-standard\"). Valid values: \"pd-ssd\" (Persistent Disk Solid State Drive) \"pd-standard\" (Persistent Disk Hard Disk Drive) \"pd-balanced\" (Balanced Persistent Disk) \"pd-extreme\" (Extreme Persistent Disk)" } }, "type": "object", "required": [ "diskSizeGb", "diskType" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1PipelineJob": { "description": "An instance of a machine learning PipelineJob.", "properties": { "displayName": { "type": "string", "description": "The display name of the Pipeline. The name can be up to 128 characters long and can consist of any UTF-8 characters." }, "encryptionSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1EncryptionSpec", "description": "Customer-managed encryption key spec for a pipelineJob. If set, this PipelineJob and all of its sub-resources will be secured by this key." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The labels with user-defined metadata to organize PipelineJob. Label keys and values can be no longer than 64 characters (Unicode codepoints), can only contain lowercase letters, numeric characters, underscores and dashes. International characters are allowed. See https://goo.gl/xmQnxf for more information and examples of labels. Note there is some reserved label key for Vertex AI Pipelines. - `vertex-ai-pipelines-run-billing-id`, user set value will get overrided." }, "network": { "type": "string", "description": "The full name of the Compute Engine [network](/compute/docs/networks-and-firewalls#networks) to which the Pipeline Job's workload should be peered. For example, `projects/12345/global/networks/myVPC`. [Format](/compute/docs/reference/rest/v1/networks/insert) is of the form `projects/{project}/global/networks/{network}`. Where {project} is a project number, as in `12345`, and {network} is a network name. Private services access must already be configured for the network. Pipeline job will apply the network configuration to the Google Cloud resources being launched, if applied, such as Vertex AI Training or Dataflow job. If left unspecified, the workload is not peered with any network." }, "pipelineSpec": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The spec of the pipeline." }, "reservedIpRanges": { "type": "array", "items": { "type": "string" }, "description": "A list of names for the reserved ip ranges under the VPC network that can be used for this Pipeline Job's workload. If set, we will deploy the Pipeline Job's workload within the provided ip ranges. Otherwise, the job will be deployed to any ip ranges under the provided VPC network. Example: ['vertex-ai-ip-range']." }, "runtimeConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1PipelineJobRuntimeConfig", "description": "Runtime config of the pipeline." }, "serviceAccount": { "type": "string", "description": "The service account that the pipeline workload runs as. If not specified, the Compute Engine default service account in the project will be used. See https://cloud.google.com/compute/docs/access/service-accounts#default_service_account Users starting the pipeline must have the `iam.serviceAccounts.actAs` permission on this service account." }, "templateUri": { "type": "string", "description": "A template uri from where the PipelineJob.pipeline_spec, if empty, will be downloaded. Currently, only uri from Vertex Template Registry & Gallery is supported. Reference to https://cloud.google.com/vertex-ai/docs/pipelines/create-pipeline-template." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1PipelineJobDetailResponse": { "description": "The runtime detail of PipelineJob.", "properties": { "pipelineContext": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ContextResponse", "description": "The context of the pipeline." }, "pipelineRunContext": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ContextResponse", "description": "The context of the current pipeline run." }, "taskDetails": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1PipelineTaskDetailResponse" }, "description": "The runtime details of the tasks under the pipeline." } }, "type": "object", "required": [ "pipelineContext", "pipelineRunContext", "taskDetails" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1PipelineJobResponse": { "description": "An instance of a machine learning PipelineJob.", "properties": { "createTime": { "type": "string", "description": "Pipeline creation time." }, "displayName": { "type": "string", "description": "The display name of the Pipeline. The name can be up to 128 characters long and can consist of any UTF-8 characters." }, "encryptionSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1EncryptionSpecResponse", "description": "Customer-managed encryption key spec for a pipelineJob. If set, this PipelineJob and all of its sub-resources will be secured by this key." }, "endTime": { "type": "string", "description": "Pipeline end time." }, "error": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleRpcStatusResponse", "description": "The error that occurred during pipeline execution. Only populated when the pipeline's state is FAILED or CANCELLED." }, "jobDetail": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1PipelineJobDetailResponse", "description": "The details of pipeline run. Not available in the list view." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The labels with user-defined metadata to organize PipelineJob. Label keys and values can be no longer than 64 characters (Unicode codepoints), can only contain lowercase letters, numeric characters, underscores and dashes. International characters are allowed. See https://goo.gl/xmQnxf for more information and examples of labels. Note there is some reserved label key for Vertex AI Pipelines. - `vertex-ai-pipelines-run-billing-id`, user set value will get overrided." }, "name": { "type": "string", "description": "The resource name of the PipelineJob." }, "network": { "type": "string", "description": "The full name of the Compute Engine [network](/compute/docs/networks-and-firewalls#networks) to which the Pipeline Job's workload should be peered. For example, `projects/12345/global/networks/myVPC`. [Format](/compute/docs/reference/rest/v1/networks/insert) is of the form `projects/{project}/global/networks/{network}`. Where {project} is a project number, as in `12345`, and {network} is a network name. Private services access must already be configured for the network. Pipeline job will apply the network configuration to the Google Cloud resources being launched, if applied, such as Vertex AI Training or Dataflow job. If left unspecified, the workload is not peered with any network." }, "pipelineSpec": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The spec of the pipeline." }, "reservedIpRanges": { "type": "array", "items": { "type": "string" }, "description": "A list of names for the reserved ip ranges under the VPC network that can be used for this Pipeline Job's workload. If set, we will deploy the Pipeline Job's workload within the provided ip ranges. Otherwise, the job will be deployed to any ip ranges under the provided VPC network. Example: ['vertex-ai-ip-range']." }, "runtimeConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1PipelineJobRuntimeConfigResponse", "description": "Runtime config of the pipeline." }, "scheduleName": { "type": "string", "description": "The schedule resource name. Only returned if the Pipeline is created by Schedule API." }, "serviceAccount": { "type": "string", "description": "The service account that the pipeline workload runs as. If not specified, the Compute Engine default service account in the project will be used. See https://cloud.google.com/compute/docs/access/service-accounts#default_service_account Users starting the pipeline must have the `iam.serviceAccounts.actAs` permission on this service account." }, "startTime": { "type": "string", "description": "Pipeline start time." }, "state": { "type": "string", "description": "The detailed state of the job." }, "templateMetadata": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1PipelineTemplateMetadataResponse", "description": "Pipeline template metadata. Will fill up fields if PipelineJob.template_uri is from supported template registry." }, "templateUri": { "type": "string", "description": "A template uri from where the PipelineJob.pipeline_spec, if empty, will be downloaded. Currently, only uri from Vertex Template Registry & Gallery is supported. Reference to https://cloud.google.com/vertex-ai/docs/pipelines/create-pipeline-template." }, "updateTime": { "type": "string", "description": "Timestamp when this PipelineJob was most recently updated." } }, "type": "object", "required": [ "createTime", "displayName", "encryptionSpec", "endTime", "error", "jobDetail", "labels", "name", "network", "pipelineSpec", "reservedIpRanges", "runtimeConfig", "scheduleName", "serviceAccount", "startTime", "state", "templateMetadata", "templateUri", "updateTime" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1PipelineJobRuntimeConfig": { "description": "The runtime config of a PipelineJob.", "properties": { "failurePolicy": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1PipelineJobRuntimeConfigFailurePolicy", "description": "Represents the failure policy of a pipeline. Currently, the default of a pipeline is that the pipeline will continue to run until no more tasks can be executed, also known as PIPELINE_FAILURE_POLICY_FAIL_SLOW. However, if a pipeline is set to PIPELINE_FAILURE_POLICY_FAIL_FAST, it will stop scheduling any new tasks when a task has failed. Any scheduled tasks will continue to completion." }, "gcsOutputDirectory": { "type": "string", "description": "A path in a Cloud Storage bucket, which will be treated as the root output directory of the pipeline. It is used by the system to generate the paths of output artifacts. The artifact paths are generated with a sub-path pattern `{job_id}/{task_id}/{output_key}` under the specified output directory. The service account specified in this pipeline must have the `storage.objects.get` and `storage.objects.create` permissions for this bucket." }, "inputArtifacts": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The runtime artifacts of the PipelineJob. The key will be the input artifact name and the value would be one of the InputArtifact." }, "parameterValues": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The runtime parameters of the PipelineJob. The parameters will be passed into PipelineJob.pipeline_spec to replace the placeholders at runtime. This field is used by pipelines built using `PipelineJob.pipeline_spec.schema_version` 2.1.0, such as pipelines built using Kubeflow Pipelines SDK 1.9 or higher and the v2 DSL." }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Deprecated. Use RuntimeConfig.parameter_values instead. The runtime parameters of the PipelineJob. The parameters will be passed into PipelineJob.pipeline_spec to replace the placeholders at runtime. This field is used by pipelines built using `PipelineJob.pipeline_spec.schema_version` 2.0.0 or lower, such as pipelines built using Kubeflow Pipelines SDK 1.8 or lower.", "deprecationMessage": "Deprecated. Use RuntimeConfig.parameter_values instead. The runtime parameters of the PipelineJob. The parameters will be passed into PipelineJob.pipeline_spec to replace the placeholders at runtime. This field is used by pipelines built using `PipelineJob.pipeline_spec.schema_version` 2.0.0 or lower, such as pipelines built using Kubeflow Pipelines SDK 1.8 or lower." } }, "type": "object", "required": [ "gcsOutputDirectory" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1PipelineJobRuntimeConfigFailurePolicy": { "description": "Represents the failure policy of a pipeline. Currently, the default of a pipeline is that the pipeline will continue to run until no more tasks can be executed, also known as PIPELINE_FAILURE_POLICY_FAIL_SLOW. However, if a pipeline is set to PIPELINE_FAILURE_POLICY_FAIL_FAST, it will stop scheduling any new tasks when a task has failed. Any scheduled tasks will continue to completion.", "type": "string", "enum": [ { "name": "PipelineFailurePolicyUnspecified", "description": "Default value, and follows fail slow behavior.", "value": "PIPELINE_FAILURE_POLICY_UNSPECIFIED" }, { "name": "PipelineFailurePolicyFailSlow", "description": "Indicates that the pipeline should continue to run until all possible tasks have been scheduled and completed.", "value": "PIPELINE_FAILURE_POLICY_FAIL_SLOW" }, { "name": "PipelineFailurePolicyFailFast", "description": "Indicates that the pipeline should stop scheduling new tasks after a task has failed.", "value": "PIPELINE_FAILURE_POLICY_FAIL_FAST" } ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1PipelineJobRuntimeConfigResponse": { "description": "The runtime config of a PipelineJob.", "properties": { "failurePolicy": { "type": "string", "description": "Represents the failure policy of a pipeline. Currently, the default of a pipeline is that the pipeline will continue to run until no more tasks can be executed, also known as PIPELINE_FAILURE_POLICY_FAIL_SLOW. However, if a pipeline is set to PIPELINE_FAILURE_POLICY_FAIL_FAST, it will stop scheduling any new tasks when a task has failed. Any scheduled tasks will continue to completion." }, "gcsOutputDirectory": { "type": "string", "description": "A path in a Cloud Storage bucket, which will be treated as the root output directory of the pipeline. It is used by the system to generate the paths of output artifacts. The artifact paths are generated with a sub-path pattern `{job_id}/{task_id}/{output_key}` under the specified output directory. The service account specified in this pipeline must have the `storage.objects.get` and `storage.objects.create` permissions for this bucket." }, "inputArtifacts": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The runtime artifacts of the PipelineJob. The key will be the input artifact name and the value would be one of the InputArtifact." }, "parameterValues": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The runtime parameters of the PipelineJob. The parameters will be passed into PipelineJob.pipeline_spec to replace the placeholders at runtime. This field is used by pipelines built using `PipelineJob.pipeline_spec.schema_version` 2.1.0, such as pipelines built using Kubeflow Pipelines SDK 1.9 or higher and the v2 DSL." }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Deprecated. Use RuntimeConfig.parameter_values instead. The runtime parameters of the PipelineJob. The parameters will be passed into PipelineJob.pipeline_spec to replace the placeholders at runtime. This field is used by pipelines built using `PipelineJob.pipeline_spec.schema_version` 2.0.0 or lower, such as pipelines built using Kubeflow Pipelines SDK 1.8 or lower.", "deprecationMessage": "Deprecated. Use RuntimeConfig.parameter_values instead. The runtime parameters of the PipelineJob. The parameters will be passed into PipelineJob.pipeline_spec to replace the placeholders at runtime. This field is used by pipelines built using `PipelineJob.pipeline_spec.schema_version` 2.0.0 or lower, such as pipelines built using Kubeflow Pipelines SDK 1.8 or lower." } }, "type": "object", "required": [ "failurePolicy", "gcsOutputDirectory", "inputArtifacts", "parameterValues", "parameters" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1PipelineTaskDetailPipelineTaskStatusResponse": { "description": "A single record of the task status.", "properties": { "error": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleRpcStatusResponse", "description": "The error that occurred during the state. May be set when the state is any of the non-final state (PENDING/RUNNING/CANCELLING) or FAILED state. If the state is FAILED, the error here is final and not going to be retried. If the state is a non-final state, the error indicates a system-error being retried." }, "state": { "type": "string", "description": "The state of the task." }, "updateTime": { "type": "string", "description": "Update time of this status." } }, "type": "object", "required": [ "error", "state", "updateTime" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1PipelineTaskDetailResponse": { "description": "The runtime detail of a task execution.", "properties": { "createTime": { "type": "string", "description": "Task create time." }, "endTime": { "type": "string", "description": "Task end time." }, "error": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleRpcStatusResponse", "description": "The error that occurred during task execution. Only populated when the task's state is FAILED or CANCELLED." }, "execution": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ExecutionResponse", "description": "The execution metadata of the task." }, "executorDetail": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1PipelineTaskExecutorDetailResponse", "description": "The detailed execution info." }, "inputs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The runtime input artifacts of the task." }, "outputs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The runtime output artifacts of the task." }, "parentTaskId": { "type": "string", "description": "The id of the parent task if the task is within a component scope. Empty if the task is at the root level." }, "pipelineTaskStatus": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1PipelineTaskDetailPipelineTaskStatusResponse" }, "description": "A list of task status. This field keeps a record of task status evolving over time." }, "startTime": { "type": "string", "description": "Task start time." }, "state": { "type": "string", "description": "State of the task." }, "taskId": { "type": "string", "description": "The system generated ID of the task." }, "taskName": { "type": "string", "description": "The user specified name of the task that is defined in pipeline_spec." } }, "type": "object", "required": [ "createTime", "endTime", "error", "execution", "executorDetail", "inputs", "outputs", "parentTaskId", "pipelineTaskStatus", "startTime", "state", "taskId", "taskName" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1PipelineTaskExecutorDetailContainerDetailResponse": { "description": "The detail of a container execution. It contains the job names of the lifecycle of a container execution.", "properties": { "failedMainJobs": { "type": "array", "items": { "type": "string" }, "description": "The names of the previously failed CustomJob for the main container executions. The list includes the all attempts in chronological order." }, "failedPreCachingCheckJobs": { "type": "array", "items": { "type": "string" }, "description": "The names of the previously failed CustomJob for the pre-caching-check container executions. This job will be available if the PipelineJob.pipeline_spec specifies the `pre_caching_check` hook in the lifecycle events. The list includes the all attempts in chronological order." }, "mainJob": { "type": "string", "description": "The name of the CustomJob for the main container execution." }, "preCachingCheckJob": { "type": "string", "description": "The name of the CustomJob for the pre-caching-check container execution. This job will be available if the PipelineJob.pipeline_spec specifies the `pre_caching_check` hook in the lifecycle events." } }, "type": "object", "required": [ "failedMainJobs", "failedPreCachingCheckJobs", "mainJob", "preCachingCheckJob" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1PipelineTaskExecutorDetailCustomJobDetailResponse": { "description": "The detailed info for a custom job executor.", "properties": { "failedJobs": { "type": "array", "items": { "type": "string" }, "description": "The names of the previously failed CustomJob. The list includes the all attempts in chronological order." }, "job": { "type": "string", "description": "The name of the CustomJob." } }, "type": "object", "required": [ "failedJobs", "job" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1PipelineTaskExecutorDetailResponse": { "description": "The runtime detail of a pipeline executor.", "properties": { "containerDetail": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1PipelineTaskExecutorDetailContainerDetailResponse", "description": "The detailed info for a container executor." }, "customJobDetail": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1PipelineTaskExecutorDetailCustomJobDetailResponse", "description": "The detailed info for a custom job executor." } }, "type": "object", "required": [ "containerDetail", "customJobDetail" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1PipelineTemplateMetadataResponse": { "description": "Pipeline template metadata if PipelineJob.template_uri is from supported template registry. Currently, the only supported registry is Artifact Registry.", "properties": { "version": { "type": "string", "description": "The version_name in artifact registry. Will always be presented in output if the PipelineJob.template_uri is from supported template registry. Format is \"sha256:abcdef123456...\"." } }, "type": "object", "required": [ "version" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1Port": { "description": "Represents a network port in a container.", "properties": { "containerPort": { "type": "integer", "description": "The number of the port to expose on the pod's IP address. Must be a valid port number, between 1 and 65535 inclusive." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1PortResponse": { "description": "Represents a network port in a container.", "properties": { "containerPort": { "type": "integer", "description": "The number of the port to expose on the pod's IP address. Must be a valid port number, between 1 and 65535 inclusive." } }, "type": "object", "required": [ "containerPort" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1PredefinedSplit": { "description": "Assigns input data to training, validation, and test sets based on the value of a provided key. Supported only for tabular Datasets.", "properties": { "key": { "type": "string", "description": "The key is a name of one of the Dataset's data columns. The value of the key (either the label's value or value in the column) must be one of {`training`, `validation`, `test`}, and it defines to which set the given piece of data is assigned. If for a piece of data the key is not present or has an invalid value, that piece is ignored by the pipeline." } }, "type": "object", "required": [ "key" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1PredefinedSplitResponse": { "description": "Assigns input data to training, validation, and test sets based on the value of a provided key. Supported only for tabular Datasets.", "properties": { "key": { "type": "string", "description": "The key is a name of one of the Dataset's data columns. The value of the key (either the label's value or value in the column) must be one of {`training`, `validation`, `test`}, and it defines to which set the given piece of data is assigned. If for a piece of data the key is not present or has an invalid value, that piece is ignored by the pipeline." } }, "type": "object", "required": [ "key" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1PredictRequestResponseLoggingConfig": { "description": "Configuration for logging request-response to a BigQuery table.", "properties": { "bigqueryDestination": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1BigQueryDestination", "description": "BigQuery table for logging. If only given a project, a new dataset will be created with name `logging__` where will be made BigQuery-dataset-name compatible (e.g. most special characters will become underscores). If no table name is given, a new table will be created with name `request_response_logging`" }, "enabled": { "type": "boolean", "description": "If logging is enabled or not." }, "samplingRate": { "type": "number", "description": "Percentage of requests to be logged, expressed as a fraction in range(0,1]." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1PredictRequestResponseLoggingConfigResponse": { "description": "Configuration for logging request-response to a BigQuery table.", "properties": { "bigqueryDestination": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1BigQueryDestinationResponse", "description": "BigQuery table for logging. If only given a project, a new dataset will be created with name `logging__` where will be made BigQuery-dataset-name compatible (e.g. most special characters will become underscores). If no table name is given, a new table will be created with name `request_response_logging`" }, "enabled": { "type": "boolean", "description": "If logging is enabled or not." }, "samplingRate": { "type": "number", "description": "Percentage of requests to be logged, expressed as a fraction in range(0,1]." } }, "type": "object", "required": [ "bigqueryDestination", "enabled", "samplingRate" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1PredictSchemata": { "description": "Contains the schemata used in Model's predictions and explanations via PredictionService.Predict, PredictionService.Explain and BatchPredictionJob.", "properties": { "instanceSchemaUri": { "type": "string", "description": "Immutable. Points to a YAML file stored on Google Cloud Storage describing the format of a single instance, which are used in PredictRequest.instances, ExplainRequest.instances and BatchPredictionJob.input_config. The schema is defined as an OpenAPI 3.0.2 [Schema Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). AutoML Models always have this field populated by Vertex AI. Note: The URI given on output will be immutable and probably different, including the URI scheme, than the one given on input. The output URI will point to a location where the user only has a read access." }, "parametersSchemaUri": { "type": "string", "description": "Immutable. Points to a YAML file stored on Google Cloud Storage describing the parameters of prediction and explanation via PredictRequest.parameters, ExplainRequest.parameters and BatchPredictionJob.model_parameters. The schema is defined as an OpenAPI 3.0.2 [Schema Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). AutoML Models always have this field populated by Vertex AI, if no parameters are supported, then it is set to an empty string. Note: The URI given on output will be immutable and probably different, including the URI scheme, than the one given on input. The output URI will point to a location where the user only has a read access." }, "predictionSchemaUri": { "type": "string", "description": "Immutable. Points to a YAML file stored on Google Cloud Storage describing the format of a single prediction produced by this Model, which are returned via PredictResponse.predictions, ExplainResponse.explanations, and BatchPredictionJob.output_config. The schema is defined as an OpenAPI 3.0.2 [Schema Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). AutoML Models always have this field populated by Vertex AI. Note: The URI given on output will be immutable and probably different, including the URI scheme, than the one given on input. The output URI will point to a location where the user only has a read access." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1PredictSchemataResponse": { "description": "Contains the schemata used in Model's predictions and explanations via PredictionService.Predict, PredictionService.Explain and BatchPredictionJob.", "properties": { "instanceSchemaUri": { "type": "string", "description": "Immutable. Points to a YAML file stored on Google Cloud Storage describing the format of a single instance, which are used in PredictRequest.instances, ExplainRequest.instances and BatchPredictionJob.input_config. The schema is defined as an OpenAPI 3.0.2 [Schema Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). AutoML Models always have this field populated by Vertex AI. Note: The URI given on output will be immutable and probably different, including the URI scheme, than the one given on input. The output URI will point to a location where the user only has a read access." }, "parametersSchemaUri": { "type": "string", "description": "Immutable. Points to a YAML file stored on Google Cloud Storage describing the parameters of prediction and explanation via PredictRequest.parameters, ExplainRequest.parameters and BatchPredictionJob.model_parameters. The schema is defined as an OpenAPI 3.0.2 [Schema Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). AutoML Models always have this field populated by Vertex AI, if no parameters are supported, then it is set to an empty string. Note: The URI given on output will be immutable and probably different, including the URI scheme, than the one given on input. The output URI will point to a location where the user only has a read access." }, "predictionSchemaUri": { "type": "string", "description": "Immutable. Points to a YAML file stored on Google Cloud Storage describing the format of a single prediction produced by this Model, which are returned via PredictResponse.predictions, ExplainResponse.explanations, and BatchPredictionJob.output_config. The schema is defined as an OpenAPI 3.0.2 [Schema Object](https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.2.md#schemaObject). AutoML Models always have this field populated by Vertex AI. Note: The URI given on output will be immutable and probably different, including the URI scheme, than the one given on input. The output URI will point to a location where the user only has a read access." } }, "type": "object", "required": [ "instanceSchemaUri", "parametersSchemaUri", "predictionSchemaUri" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1Presets": { "description": "Preset configuration for example-based explanations", "properties": { "modality": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1PresetsModality", "description": "The modality of the uploaded model, which automatically configures the distance measurement and feature normalization for the underlying example index and queries. If your model does not precisely fit one of these types, it is okay to choose the closest type." }, "query": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1PresetsQuery", "description": "Preset option controlling parameters for speed-precision trade-off when querying for examples. If omitted, defaults to `PRECISE`." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1PresetsModality": { "description": "The modality of the uploaded model, which automatically configures the distance measurement and feature normalization for the underlying example index and queries. If your model does not precisely fit one of these types, it is okay to choose the closest type.", "type": "string", "enum": [ { "name": "ModalityUnspecified", "description": "Should not be set. Added as a recommended best practice for enums", "value": "MODALITY_UNSPECIFIED" }, { "name": "Image", "description": "IMAGE modality", "value": "IMAGE" }, { "name": "Text", "description": "TEXT modality", "value": "TEXT" }, { "name": "Tabular", "description": "TABULAR modality", "value": "TABULAR" } ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1PresetsQuery": { "description": "Preset option controlling parameters for speed-precision trade-off when querying for examples. If omitted, defaults to `PRECISE`.", "type": "string", "enum": [ { "name": "Precise", "description": "More precise neighbors as a trade-off against slower response.", "value": "PRECISE" }, { "name": "Fast", "description": "Faster response as a trade-off against less precise neighbors.", "value": "FAST" } ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1PresetsResponse": { "description": "Preset configuration for example-based explanations", "properties": { "modality": { "type": "string", "description": "The modality of the uploaded model, which automatically configures the distance measurement and feature normalization for the underlying example index and queries. If your model does not precisely fit one of these types, it is okay to choose the closest type." }, "query": { "type": "string", "description": "Preset option controlling parameters for speed-precision trade-off when querying for examples. If omitted, defaults to `PRECISE`." } }, "type": "object", "required": [ "modality", "query" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1PrivateEndpointsResponse": { "description": "PrivateEndpoints proto is used to provide paths for users to send requests privately. To send request via private service access, use predict_http_uri, explain_http_uri or health_http_uri. To send request via private service connect, use service_attachment.", "properties": { "explainHttpUri": { "type": "string", "description": "Http(s) path to send explain requests." }, "healthHttpUri": { "type": "string", "description": "Http(s) path to send health check requests." }, "predictHttpUri": { "type": "string", "description": "Http(s) path to send prediction requests." }, "serviceAttachment": { "type": "string", "description": "The name of the service attachment resource. Populated if private service connect is enabled." } }, "type": "object", "required": [ "explainHttpUri", "healthHttpUri", "predictHttpUri", "serviceAttachment" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1PrivateServiceConnectConfig": { "description": "Represents configuration for private service connect.", "properties": { "enablePrivateServiceConnect": { "type": "boolean", "description": "If true, expose the IndexEndpoint via private service connect." }, "projectAllowlist": { "type": "array", "items": { "type": "string" }, "description": "A list of Projects from which the forwarding rule will target the service attachment." } }, "type": "object", "required": [ "enablePrivateServiceConnect" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1PrivateServiceConnectConfigResponse": { "description": "Represents configuration for private service connect.", "properties": { "enablePrivateServiceConnect": { "type": "boolean", "description": "If true, expose the IndexEndpoint via private service connect." }, "projectAllowlist": { "type": "array", "items": { "type": "string" }, "description": "A list of Projects from which the forwarding rule will target the service attachment." } }, "type": "object", "required": [ "enablePrivateServiceConnect", "projectAllowlist" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1Probe": { "description": "Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.", "properties": { "exec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ProbeExecAction", "description": "Exec specifies the action to take." }, "periodSeconds": { "type": "integer", "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Must be less than timeout_seconds. Maps to Kubernetes probe argument 'periodSeconds'." }, "timeoutSeconds": { "type": "integer", "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Must be greater or equal to period_seconds. Maps to Kubernetes probe argument 'timeoutSeconds'." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ProbeExecAction": { "description": "ExecAction specifies a command to execute.", "properties": { "command": { "type": "array", "items": { "type": "string" }, "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ProbeExecActionResponse": { "description": "ExecAction specifies a command to execute.", "properties": { "command": { "type": "array", "items": { "type": "string" }, "description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." } }, "type": "object", "required": [ "command" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ProbeResponse": { "description": "Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.", "properties": { "exec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ProbeExecActionResponse", "description": "Exec specifies the action to take." }, "periodSeconds": { "type": "integer", "description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. Must be less than timeout_seconds. Maps to Kubernetes probe argument 'periodSeconds'." }, "timeoutSeconds": { "type": "integer", "description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. Must be greater or equal to period_seconds. Maps to Kubernetes probe argument 'timeoutSeconds'." } }, "type": "object", "required": [ "exec", "periodSeconds", "timeoutSeconds" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1PythonPackageSpec": { "description": "The spec of a Python packaged code.", "properties": { "args": { "type": "array", "items": { "type": "string" }, "description": "Command line arguments to be passed to the Python task." }, "env": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1EnvVar" }, "description": "Environment variables to be passed to the python module. Maximum limit is 100." }, "executorImageUri": { "type": "string", "description": "The URI of a container image in Artifact Registry that will run the provided Python package. Vertex AI provides a wide range of executor images with pre-installed packages to meet users' various use cases. See the list of [pre-built containers for training](https://cloud.google.com/vertex-ai/docs/training/pre-built-containers). You must use an image from this list." }, "packageUris": { "type": "array", "items": { "type": "string" }, "description": "The Google Cloud Storage location of the Python package files which are the training program and its dependent packages. The maximum number of package URIs is 100." }, "pythonModule": { "type": "string", "description": "The Python module name to run after installing the packages." } }, "type": "object", "required": [ "executorImageUri", "packageUris", "pythonModule" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1PythonPackageSpecResponse": { "description": "The spec of a Python packaged code.", "properties": { "args": { "type": "array", "items": { "type": "string" }, "description": "Command line arguments to be passed to the Python task." }, "env": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1EnvVarResponse" }, "description": "Environment variables to be passed to the python module. Maximum limit is 100." }, "executorImageUri": { "type": "string", "description": "The URI of a container image in Artifact Registry that will run the provided Python package. Vertex AI provides a wide range of executor images with pre-installed packages to meet users' various use cases. See the list of [pre-built containers for training](https://cloud.google.com/vertex-ai/docs/training/pre-built-containers). You must use an image from this list." }, "packageUris": { "type": "array", "items": { "type": "string" }, "description": "The Google Cloud Storage location of the Python package files which are the training program and its dependent packages. The maximum number of package URIs is 100." }, "pythonModule": { "type": "string", "description": "The Python module name to run after installing the packages." } }, "type": "object", "required": [ "args", "env", "executorImageUri", "packageUris", "pythonModule" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1RaySpec": { "description": "Configuration information for the Ray cluster. For experimental launch, Ray cluster creation and Persistent cluster creation are 1:1 mapping: We will provision all the nodes within the Persistent cluster as Ray nodes.", "properties": { "headNodeResourcePoolId": { "type": "string", "description": "Optional. This will be used to indicate which resource pool will serve as the Ray head node(the first node within that pool). Will use the machine from the first workerpool as the head node by default if this field isn't set." }, "imageUri": { "type": "string", "description": "Optional. Default image for user to choose a preferred ML framework (for example, TensorFlow or Pytorch) by choosing from [Vertex prebuilt images](https://cloud.google.com/vertex-ai/docs/training/pre-built-containers). Either this or the resource_pool_images is required. Use this field if you need all the resource pools to have the same Ray image. Otherwise, use the {@code resource_pool_images} field." }, "resourcePoolImages": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Required if image_uri isn't set. A map of resource_pool_id to prebuild Ray image if user need to use different images for different head/worker pools. This map needs to cover all the resource pool ids. Example: { \"ray_head_node_pool\": \"head image\" \"ray_worker_node_pool1\": \"worker image\" \"ray_worker_node_pool2\": \"another worker image\" }" } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1RaySpecResponse": { "description": "Configuration information for the Ray cluster. For experimental launch, Ray cluster creation and Persistent cluster creation are 1:1 mapping: We will provision all the nodes within the Persistent cluster as Ray nodes.", "properties": { "headNodeResourcePoolId": { "type": "string", "description": "Optional. This will be used to indicate which resource pool will serve as the Ray head node(the first node within that pool). Will use the machine from the first workerpool as the head node by default if this field isn't set." }, "imageUri": { "type": "string", "description": "Optional. Default image for user to choose a preferred ML framework (for example, TensorFlow or Pytorch) by choosing from [Vertex prebuilt images](https://cloud.google.com/vertex-ai/docs/training/pre-built-containers). Either this or the resource_pool_images is required. Use this field if you need all the resource pools to have the same Ray image. Otherwise, use the {@code resource_pool_images} field." }, "resourcePoolImages": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Required if image_uri isn't set. A map of resource_pool_id to prebuild Ray image if user need to use different images for different head/worker pools. This map needs to cover all the resource pool ids. Example: { \"ray_head_node_pool\": \"head image\" \"ray_worker_node_pool1\": \"worker image\" \"ray_worker_node_pool2\": \"another worker image\" }" } }, "type": "object", "required": [ "headNodeResourcePoolId", "imageUri", "resourcePoolImages" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ResourcePool": { "description": "Represents the spec of a group of resources of the same type, for example machine type, disk, and accelerators, in a PersistentResource.", "properties": { "autoscalingSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ResourcePoolAutoscalingSpec", "description": "Optional. Optional spec to configure GKE autoscaling" }, "diskSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1DiskSpec", "description": "Optional. Disk spec for the machine in this node pool." }, "id": { "type": "string", "description": "Immutable. The unique ID in a PersistentResource for referring to this resource pool. User can specify it if necessary. Otherwise, it's generated automatically." }, "machineSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1MachineSpec", "description": "Immutable. The specification of a single machine." }, "replicaCount": { "type": "string", "description": "Optional. The total number of machines to use for this resource pool." } }, "type": "object", "required": [ "machineSpec" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ResourcePoolAutoscalingSpec": { "description": "The min/max number of replicas allowed if enabling autoscaling", "properties": { "maxReplicaCount": { "type": "string", "description": "Optional. max replicas in the node pool, must be ≥ replica_count and > min_replica_count or will throw error" }, "minReplicaCount": { "type": "string", "description": "Optional. min replicas in the node pool, must be ≤ replica_count and < max_replica_count or will throw error" } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ResourcePoolAutoscalingSpecResponse": { "description": "The min/max number of replicas allowed if enabling autoscaling", "properties": { "maxReplicaCount": { "type": "string", "description": "Optional. max replicas in the node pool, must be ≥ replica_count and > min_replica_count or will throw error" }, "minReplicaCount": { "type": "string", "description": "Optional. min replicas in the node pool, must be ≤ replica_count and < max_replica_count or will throw error" } }, "type": "object", "required": [ "maxReplicaCount", "minReplicaCount" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ResourcePoolResponse": { "description": "Represents the spec of a group of resources of the same type, for example machine type, disk, and accelerators, in a PersistentResource.", "properties": { "autoscalingSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ResourcePoolAutoscalingSpecResponse", "description": "Optional. Optional spec to configure GKE autoscaling" }, "diskSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1DiskSpecResponse", "description": "Optional. Disk spec for the machine in this node pool." }, "machineSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1MachineSpecResponse", "description": "Immutable. The specification of a single machine." }, "replicaCount": { "type": "string", "description": "Optional. The total number of machines to use for this resource pool." }, "usedReplicaCount": { "type": "string", "description": "The number of machines currently in use by training jobs for this resource pool. Will replace idle_replica_count." } }, "type": "object", "required": [ "autoscalingSpec", "diskSpec", "machineSpec", "replicaCount", "usedReplicaCount" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ResourceRuntimeResponse": { "description": "Persistent Cluster runtime information as output", "properties": { "accessUris": { "type": "object", "additionalProperties": { "type": "string" }, "description": "URIs for user to connect to the Cluster. Example: { \"RAY_HEAD_NODE_INTERNAL_IP\": \"head-node-IP:10001\" \"RAY_DASHBOARD_URI\": \"ray-dashboard-address:8888\" }" }, "notebookRuntimeTemplate": { "type": "string", "description": "The resource name of NotebookRuntimeTemplate for the RoV Persistent Cluster The NotebokRuntimeTemplate is created in the same VPC (if set), and with the same Ray and Python version as the Persistent Cluster. Example: \"projects/1000/locations/us-central1/notebookRuntimeTemplates/abc123\"" } }, "type": "object", "required": [ "accessUris", "notebookRuntimeTemplate" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ResourceRuntimeSpec": { "description": "Configuration for the runtime on a PersistentResource instance, including but not limited to: * Service accounts used to run the workloads. * Whether to make it a dedicated Ray Cluster.", "properties": { "raySpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1RaySpec", "description": "Optional. Ray cluster configuration. Required when creating a dedicated RayCluster on the PersistentResource." }, "serviceAccountSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ServiceAccountSpec", "description": "Optional. Configure the use of workload identity on the PersistentResource" } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ResourceRuntimeSpecResponse": { "description": "Configuration for the runtime on a PersistentResource instance, including but not limited to: * Service accounts used to run the workloads. * Whether to make it a dedicated Ray Cluster.", "properties": { "raySpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1RaySpecResponse", "description": "Optional. Ray cluster configuration. Required when creating a dedicated RayCluster on the PersistentResource." }, "serviceAccountSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ServiceAccountSpecResponse", "description": "Optional. Configure the use of workload identity on the PersistentResource" } }, "type": "object", "required": [ "raySpec", "serviceAccountSpec" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ResourcesConsumedResponse": { "description": "Statistics information about resource consumption.", "properties": { "replicaHours": { "type": "number", "description": "The number of replica hours used. Note that many replicas may run in parallel, and additionally any given work may be queued for some time. Therefore this value is not strictly related to wall time." } }, "type": "object", "required": [ "replicaHours" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1SampleConfig": { "description": "Active learning data sampling config. For every active learning labeling iteration, it will select a batch of data based on the sampling strategy.", "properties": { "followingBatchSamplePercentage": { "type": "integer", "description": "The percentage of data needed to be labeled in each following batch (except the first batch)." }, "initialBatchSamplePercentage": { "type": "integer", "description": "The percentage of data needed to be labeled in the first batch." }, "sampleStrategy": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1SampleConfigSampleStrategy", "description": "Field to choose sampling strategy. Sampling strategy will decide which data should be selected for human labeling in every batch." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1SampleConfigResponse": { "description": "Active learning data sampling config. For every active learning labeling iteration, it will select a batch of data based on the sampling strategy.", "properties": { "followingBatchSamplePercentage": { "type": "integer", "description": "The percentage of data needed to be labeled in each following batch (except the first batch)." }, "initialBatchSamplePercentage": { "type": "integer", "description": "The percentage of data needed to be labeled in the first batch." }, "sampleStrategy": { "type": "string", "description": "Field to choose sampling strategy. Sampling strategy will decide which data should be selected for human labeling in every batch." } }, "type": "object", "required": [ "followingBatchSamplePercentage", "initialBatchSamplePercentage", "sampleStrategy" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1SampleConfigSampleStrategy": { "description": "Field to choose sampling strategy. Sampling strategy will decide which data should be selected for human labeling in every batch.", "type": "string", "enum": [ { "name": "SampleStrategyUnspecified", "description": "Default will be treated as UNCERTAINTY.", "value": "SAMPLE_STRATEGY_UNSPECIFIED" }, { "name": "Uncertainty", "description": "Sample the most uncertain data to label.", "value": "UNCERTAINTY" } ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1SampledShapleyAttribution": { "description": "An attribution method that approximates Shapley values for features that contribute to the label being predicted. A sampling strategy is used to approximate the value rather than considering all subsets of features.", "properties": { "pathCount": { "type": "integer", "description": "The number of feature permutations to consider when approximating the Shapley values. Valid range of its value is [1, 50], inclusively." } }, "type": "object", "required": [ "pathCount" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1SampledShapleyAttributionResponse": { "description": "An attribution method that approximates Shapley values for features that contribute to the label being predicted. A sampling strategy is used to approximate the value rather than considering all subsets of features.", "properties": { "pathCount": { "type": "integer", "description": "The number of feature permutations to consider when approximating the Shapley values. Valid range of its value is [1, 50], inclusively." } }, "type": "object", "required": [ "pathCount" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1SamplingStrategy": { "description": "Sampling Strategy for logging, can be for both training and prediction dataset.", "properties": { "randomSampleConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1SamplingStrategyRandomSampleConfig", "description": "Random sample config. Will support more sampling strategies later." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1SamplingStrategyRandomSampleConfig": { "description": "Requests are randomly selected.", "properties": { "sampleRate": { "type": "number", "description": "Sample rate (0, 1]" } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1SamplingStrategyRandomSampleConfigResponse": { "description": "Requests are randomly selected.", "properties": { "sampleRate": { "type": "number", "description": "Sample rate (0, 1]" } }, "type": "object", "required": [ "sampleRate" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1SamplingStrategyResponse": { "description": "Sampling Strategy for logging, can be for both training and prediction dataset.", "properties": { "randomSampleConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1SamplingStrategyRandomSampleConfigResponse", "description": "Random sample config. Will support more sampling strategies later." } }, "type": "object", "required": [ "randomSampleConfig" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1SavedQuery": { "description": "A SavedQuery is a view of the dataset. It references a subset of annotations by problem type and filters.", "properties": { "displayName": { "type": "string", "description": "The user-defined name of the SavedQuery. The name can be up to 128 characters long and can consist of any UTF-8 characters." }, "etag": { "type": "string", "description": "Used to perform a consistent read-modify-write update. If not set, a blind \"overwrite\" update happens." }, "metadata": { "$ref": "pulumi.json#/Any", "description": "Some additional information about the SavedQuery." }, "problemType": { "type": "string", "description": "Problem type of the SavedQuery. Allowed values: * IMAGE_CLASSIFICATION_SINGLE_LABEL * IMAGE_CLASSIFICATION_MULTI_LABEL * IMAGE_BOUNDING_POLY * IMAGE_BOUNDING_BOX * TEXT_CLASSIFICATION_SINGLE_LABEL * TEXT_CLASSIFICATION_MULTI_LABEL * TEXT_EXTRACTION * TEXT_SENTIMENT * VIDEO_CLASSIFICATION * VIDEO_OBJECT_TRACKING" } }, "type": "object", "required": [ "displayName", "problemType" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1SavedQueryResponse": { "description": "A SavedQuery is a view of the dataset. It references a subset of annotations by problem type and filters.", "properties": { "annotationFilter": { "type": "string", "description": "Filters on the Annotations in the dataset." }, "annotationSpecCount": { "type": "integer", "description": "Number of AnnotationSpecs in the context of the SavedQuery." }, "createTime": { "type": "string", "description": "Timestamp when this SavedQuery was created." }, "displayName": { "type": "string", "description": "The user-defined name of the SavedQuery. The name can be up to 128 characters long and can consist of any UTF-8 characters." }, "etag": { "type": "string", "description": "Used to perform a consistent read-modify-write update. If not set, a blind \"overwrite\" update happens." }, "metadata": { "$ref": "pulumi.json#/Any", "description": "Some additional information about the SavedQuery." }, "name": { "type": "string", "description": "Resource name of the SavedQuery." }, "problemType": { "type": "string", "description": "Problem type of the SavedQuery. Allowed values: * IMAGE_CLASSIFICATION_SINGLE_LABEL * IMAGE_CLASSIFICATION_MULTI_LABEL * IMAGE_BOUNDING_POLY * IMAGE_BOUNDING_BOX * TEXT_CLASSIFICATION_SINGLE_LABEL * TEXT_CLASSIFICATION_MULTI_LABEL * TEXT_EXTRACTION * TEXT_SENTIMENT * VIDEO_CLASSIFICATION * VIDEO_OBJECT_TRACKING" }, "supportAutomlTraining": { "type": "boolean", "description": "If the Annotations belonging to the SavedQuery can be used for AutoML training." }, "updateTime": { "type": "string", "description": "Timestamp when SavedQuery was last updated." } }, "type": "object", "required": [ "annotationFilter", "annotationSpecCount", "createTime", "displayName", "etag", "metadata", "name", "problemType", "supportAutomlTraining", "updateTime" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ScheduleRunResponseResponse": { "description": "Status of a scheduled run.", "properties": { "runResponse": { "type": "string", "description": "The response of the scheduled run." }, "scheduledRunTime": { "type": "string", "description": "The scheduled run time based on the user-specified schedule." } }, "type": "object", "required": [ "runResponse", "scheduledRunTime" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1Scheduling": { "description": "All parameters related to queuing and scheduling of custom jobs.", "properties": { "disableRetries": { "type": "boolean", "description": "Optional. Indicates if the job should retry for internal errors after the job starts running. If true, overrides `Scheduling.restart_job_on_worker_restart` to false." }, "restartJobOnWorkerRestart": { "type": "boolean", "description": "Restarts the entire CustomJob if a worker gets restarted. This feature can be used by distributed training jobs that are not resilient to workers leaving and joining a job." }, "timeout": { "type": "string", "description": "The maximum job running time. The default is 7 days." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1SchedulingResponse": { "description": "All parameters related to queuing and scheduling of custom jobs.", "properties": { "disableRetries": { "type": "boolean", "description": "Optional. Indicates if the job should retry for internal errors after the job starts running. If true, overrides `Scheduling.restart_job_on_worker_restart` to false." }, "restartJobOnWorkerRestart": { "type": "boolean", "description": "Restarts the entire CustomJob if a worker gets restarted. This feature can be used by distributed training jobs that are not resilient to workers leaving and joining a job." }, "timeout": { "type": "string", "description": "The maximum job running time. The default is 7 days." } }, "type": "object", "required": [ "disableRetries", "restartJobOnWorkerRestart", "timeout" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ServiceAccountSpec": { "description": "Configuration for the use of custom service account to run the workloads.", "properties": { "enableCustomServiceAccount": { "type": "boolean", "description": "If true, custom user-managed service account is enforced to run any workloads (for example, Vertex Jobs) on the resource. Otherwise, uses the [Vertex AI Custom Code Service Agent](https://cloud.google.com/vertex-ai/docs/general/access-control#service-agents)." }, "serviceAccount": { "type": "string", "description": "Optional. Default service account that this PersistentResource's workloads run as. The workloads include: * Any runtime specified via `ResourceRuntimeSpec` on creation time, for example, Ray. * Jobs submitted to PersistentResource, if no other service account specified in the job specs. Only works when custom service account is enabled and users have the `iam.serviceAccounts.actAs` permission on this service account. Required if any containers are specified in `ResourceRuntimeSpec`." } }, "type": "object", "required": [ "enableCustomServiceAccount" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ServiceAccountSpecResponse": { "description": "Configuration for the use of custom service account to run the workloads.", "properties": { "enableCustomServiceAccount": { "type": "boolean", "description": "If true, custom user-managed service account is enforced to run any workloads (for example, Vertex Jobs) on the resource. Otherwise, uses the [Vertex AI Custom Code Service Agent](https://cloud.google.com/vertex-ai/docs/general/access-control#service-agents)." }, "serviceAccount": { "type": "string", "description": "Optional. Default service account that this PersistentResource's workloads run as. The workloads include: * Any runtime specified via `ResourceRuntimeSpec` on creation time, for example, Ray. * Jobs submitted to PersistentResource, if no other service account specified in the job specs. Only works when custom service account is enabled and users have the `iam.serviceAccounts.actAs` permission on this service account. Required if any containers are specified in `ResourceRuntimeSpec`." } }, "type": "object", "required": [ "enableCustomServiceAccount", "serviceAccount" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1SmoothGradConfig": { "description": "Config for SmoothGrad approximation of gradients. When enabled, the gradients are approximated by averaging the gradients from noisy samples in the vicinity of the inputs. Adding noise can help improve the computed gradients. Refer to this paper for more details: https://arxiv.org/pdf/1706.03825.pdf", "properties": { "featureNoiseSigma": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FeatureNoiseSigma", "description": "This is similar to noise_sigma, but provides additional flexibility. A separate noise sigma can be provided for each feature, which is useful if their distributions are different. No noise is added to features that are not set. If this field is unset, noise_sigma will be used for all features." }, "noiseSigma": { "type": "number", "description": "This is a single float value and will be used to add noise to all the features. Use this field when all features are normalized to have the same distribution: scale to range [0, 1], [-1, 1] or z-scoring, where features are normalized to have 0-mean and 1-variance. Learn more about [normalization](https://developers.google.com/machine-learning/data-prep/transform/normalization). For best results the recommended value is about 10% - 20% of the standard deviation of the input feature. Refer to section 3.2 of the SmoothGrad paper: https://arxiv.org/pdf/1706.03825.pdf. Defaults to 0.1. If the distribution is different per feature, set feature_noise_sigma instead for each feature." }, "noisySampleCount": { "type": "integer", "description": "The number of gradient samples to use for approximation. The higher this number, the more accurate the gradient is, but the runtime complexity increases by this factor as well. Valid range of its value is [1, 50]. Defaults to 3." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1SmoothGradConfigResponse": { "description": "Config for SmoothGrad approximation of gradients. When enabled, the gradients are approximated by averaging the gradients from noisy samples in the vicinity of the inputs. Adding noise can help improve the computed gradients. Refer to this paper for more details: https://arxiv.org/pdf/1706.03825.pdf", "properties": { "featureNoiseSigma": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1FeatureNoiseSigmaResponse", "description": "This is similar to noise_sigma, but provides additional flexibility. A separate noise sigma can be provided for each feature, which is useful if their distributions are different. No noise is added to features that are not set. If this field is unset, noise_sigma will be used for all features." }, "noiseSigma": { "type": "number", "description": "This is a single float value and will be used to add noise to all the features. Use this field when all features are normalized to have the same distribution: scale to range [0, 1], [-1, 1] or z-scoring, where features are normalized to have 0-mean and 1-variance. Learn more about [normalization](https://developers.google.com/machine-learning/data-prep/transform/normalization). For best results the recommended value is about 10% - 20% of the standard deviation of the input feature. Refer to section 3.2 of the SmoothGrad paper: https://arxiv.org/pdf/1706.03825.pdf. Defaults to 0.1. If the distribution is different per feature, set feature_noise_sigma instead for each feature." }, "noisySampleCount": { "type": "integer", "description": "The number of gradient samples to use for approximation. The higher this number, the more accurate the gradient is, but the runtime complexity increases by this factor as well. Valid range of its value is [1, 50]. Defaults to 3." } }, "type": "object", "required": [ "featureNoiseSigma", "noiseSigma", "noisySampleCount" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StratifiedSplit": { "description": "Assigns input data to the training, validation, and test sets so that the distribution of values found in the categorical column (as specified by the `key` field) is mirrored within each split. The fraction values determine the relative sizes of the splits. For example, if the specified column has three values, with 50% of the rows having value \"A\", 25% value \"B\", and 25% value \"C\", and the split fractions are specified as 80/10/10, then the training set will constitute 80% of the training data, with about 50% of the training set rows having the value \"A\" for the specified column, about 25% having the value \"B\", and about 25% having the value \"C\". Only the top 500 occurring values are used; any values not in the top 500 values are randomly assigned to a split. If less than three rows contain a specific value, those rows are randomly assigned. Supported only for tabular Datasets.", "properties": { "key": { "type": "string", "description": "The key is a name of one of the Dataset's data columns. The key provided must be for a categorical column." }, "testFraction": { "type": "number", "description": "The fraction of the input data that is to be used to evaluate the Model." }, "trainingFraction": { "type": "number", "description": "The fraction of the input data that is to be used to train the Model." }, "validationFraction": { "type": "number", "description": "The fraction of the input data that is to be used to validate the Model." } }, "type": "object", "required": [ "key" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StratifiedSplitResponse": { "description": "Assigns input data to the training, validation, and test sets so that the distribution of values found in the categorical column (as specified by the `key` field) is mirrored within each split. The fraction values determine the relative sizes of the splits. For example, if the specified column has three values, with 50% of the rows having value \"A\", 25% value \"B\", and 25% value \"C\", and the split fractions are specified as 80/10/10, then the training set will constitute 80% of the training data, with about 50% of the training set rows having the value \"A\" for the specified column, about 25% having the value \"B\", and about 25% having the value \"C\". Only the top 500 occurring values are used; any values not in the top 500 values are randomly assigned to a split. If less than three rows contain a specific value, those rows are randomly assigned. Supported only for tabular Datasets.", "properties": { "key": { "type": "string", "description": "The key is a name of one of the Dataset's data columns. The key provided must be for a categorical column." }, "testFraction": { "type": "number", "description": "The fraction of the input data that is to be used to evaluate the Model." }, "trainingFraction": { "type": "number", "description": "The fraction of the input data that is to be used to train the Model." }, "validationFraction": { "type": "number", "description": "The fraction of the input data that is to be used to validate the Model." } }, "type": "object", "required": [ "key", "testFraction", "trainingFraction", "validationFraction" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpec": { "description": "Represents specification of a Study.", "properties": { "algorithm": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecAlgorithm", "description": "The search algorithm specified for the Study." }, "convexAutomatedStoppingSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecConvexAutomatedStoppingSpec", "description": "The automated early stopping spec using convex stopping rule." }, "convexStopConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecConvexStopConfig", "description": "Deprecated. The automated early stopping using convex stopping rule.", "deprecationMessage": "Deprecated. The automated early stopping using convex stopping rule." }, "decayCurveStoppingSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecDecayCurveAutomatedStoppingSpec", "description": "The automated early stopping spec using decay curve rule." }, "measurementSelectionType": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecMeasurementSelectionType", "description": "Describe which measurement selection type will be used" }, "medianAutomatedStoppingSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecMedianAutomatedStoppingSpec", "description": "The automated early stopping spec using median rule." }, "metrics": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecMetricSpec" }, "description": "Metric specs for the Study." }, "observationNoise": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecObservationNoise", "description": "The observation noise level of the study. Currently only supported by the Vertex AI Vizier service. Not supported by HyperparameterTuningJob or TrainingPipeline." }, "parameters": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpec" }, "description": "The set of parameters to tune." }, "studyStoppingConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecStudyStoppingConfig", "description": "Conditions for automated stopping of a Study. Enable automated stopping by configuring at least one condition." }, "transferLearningConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecTransferLearningConfig", "description": "The configuration info/options for transfer learning. Currently supported for Vertex AI Vizier service, not HyperParameterTuningJob" } }, "type": "object", "required": [ "metrics", "parameters" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecAlgorithm": { "description": "The search algorithm specified for the Study.", "type": "string", "enum": [ { "name": "AlgorithmUnspecified", "description": "The default algorithm used by Vertex AI for [hyperparameter tuning](https://cloud.google.com/vertex-ai/docs/training/hyperparameter-tuning-overview) and [Vertex AI Vizier](https://cloud.google.com/vertex-ai/docs/vizier).", "value": "ALGORITHM_UNSPECIFIED" }, { "name": "GridSearch", "description": "Simple grid search within the feasible space. To use grid search, all parameters must be `INTEGER`, `CATEGORICAL`, or `DISCRETE`.", "value": "GRID_SEARCH" }, { "name": "RandomSearch", "description": "Simple random search within the feasible space.", "value": "RANDOM_SEARCH" } ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecConvexAutomatedStoppingSpec": { "description": "Configuration for ConvexAutomatedStoppingSpec. When there are enough completed trials (configured by min_measurement_count), for pending trials with enough measurements and steps, the policy first computes an overestimate of the objective value at max_num_steps according to the slope of the incomplete objective value curve. No prediction can be made if the curve is completely flat. If the overestimation is worse than the best objective value of the completed trials, this pending trial will be early-stopped, but a last measurement will be added to the pending trial with max_num_steps and predicted objective value from the autoregression model.", "properties": { "learningRateParameterName": { "type": "string", "description": "The hyper-parameter name used in the tuning job that stands for learning rate. Leave it blank if learning rate is not in a parameter in tuning. The learning_rate is used to estimate the objective value of the ongoing trial." }, "maxStepCount": { "type": "string", "description": "Steps used in predicting the final objective for early stopped trials. In general, it's set to be the same as the defined steps in training / tuning. If not defined, it will learn it from the completed trials. When use_steps is false, this field is set to the maximum elapsed seconds." }, "minMeasurementCount": { "type": "string", "description": "The minimal number of measurements in a Trial. Early-stopping checks will not trigger if less than min_measurement_count+1 completed trials or pending trials with less than min_measurement_count measurements. If not defined, the default value is 5." }, "minStepCount": { "type": "string", "description": "Minimum number of steps for a trial to complete. Trials which do not have a measurement with step_count > min_step_count won't be considered for early stopping. It's ok to set it to 0, and a trial can be early stopped at any stage. By default, min_step_count is set to be one-tenth of the max_step_count. When use_elapsed_duration is true, this field is set to the minimum elapsed seconds." }, "updateAllStoppedTrials": { "type": "boolean", "description": "ConvexAutomatedStoppingSpec by default only updates the trials that needs to be early stopped using a newly trained auto-regressive model. When this flag is set to True, all stopped trials from the beginning are potentially updated in terms of their `final_measurement`. Also, note that the training logic of autoregressive models is different in this case. Enabling this option has shown better results and this may be the default option in the future." }, "useElapsedDuration": { "type": "boolean", "description": "This bool determines whether or not the rule is applied based on elapsed_secs or steps. If use_elapsed_duration==false, the early stopping decision is made according to the predicted objective values according to the target steps. If use_elapsed_duration==true, elapsed_secs is used instead of steps. Also, in this case, the parameters max_num_steps and min_num_steps are overloaded to contain max_elapsed_seconds and min_elapsed_seconds." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecConvexAutomatedStoppingSpecResponse": { "description": "Configuration for ConvexAutomatedStoppingSpec. When there are enough completed trials (configured by min_measurement_count), for pending trials with enough measurements and steps, the policy first computes an overestimate of the objective value at max_num_steps according to the slope of the incomplete objective value curve. No prediction can be made if the curve is completely flat. If the overestimation is worse than the best objective value of the completed trials, this pending trial will be early-stopped, but a last measurement will be added to the pending trial with max_num_steps and predicted objective value from the autoregression model.", "properties": { "learningRateParameterName": { "type": "string", "description": "The hyper-parameter name used in the tuning job that stands for learning rate. Leave it blank if learning rate is not in a parameter in tuning. The learning_rate is used to estimate the objective value of the ongoing trial." }, "maxStepCount": { "type": "string", "description": "Steps used in predicting the final objective for early stopped trials. In general, it's set to be the same as the defined steps in training / tuning. If not defined, it will learn it from the completed trials. When use_steps is false, this field is set to the maximum elapsed seconds." }, "minMeasurementCount": { "type": "string", "description": "The minimal number of measurements in a Trial. Early-stopping checks will not trigger if less than min_measurement_count+1 completed trials or pending trials with less than min_measurement_count measurements. If not defined, the default value is 5." }, "minStepCount": { "type": "string", "description": "Minimum number of steps for a trial to complete. Trials which do not have a measurement with step_count > min_step_count won't be considered for early stopping. It's ok to set it to 0, and a trial can be early stopped at any stage. By default, min_step_count is set to be one-tenth of the max_step_count. When use_elapsed_duration is true, this field is set to the minimum elapsed seconds." }, "updateAllStoppedTrials": { "type": "boolean", "description": "ConvexAutomatedStoppingSpec by default only updates the trials that needs to be early stopped using a newly trained auto-regressive model. When this flag is set to True, all stopped trials from the beginning are potentially updated in terms of their `final_measurement`. Also, note that the training logic of autoregressive models is different in this case. Enabling this option has shown better results and this may be the default option in the future." }, "useElapsedDuration": { "type": "boolean", "description": "This bool determines whether or not the rule is applied based on elapsed_secs or steps. If use_elapsed_duration==false, the early stopping decision is made according to the predicted objective values according to the target steps. If use_elapsed_duration==true, elapsed_secs is used instead of steps. Also, in this case, the parameters max_num_steps and min_num_steps are overloaded to contain max_elapsed_seconds and min_elapsed_seconds." } }, "type": "object", "required": [ "learningRateParameterName", "maxStepCount", "minMeasurementCount", "minStepCount", "updateAllStoppedTrials", "useElapsedDuration" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecConvexStopConfig": { "description": "Configuration for ConvexStopPolicy.", "properties": { "autoregressiveOrder": { "type": "string", "description": "The number of Trial measurements used in autoregressive model for value prediction. A trial won't be considered early stopping if has fewer measurement points." }, "learningRateParameterName": { "type": "string", "description": "The hyper-parameter name used in the tuning job that stands for learning rate. Leave it blank if learning rate is not in a parameter in tuning. The learning_rate is used to estimate the objective value of the ongoing trial." }, "maxNumSteps": { "type": "string", "description": "Steps used in predicting the final objective for early stopped trials. In general, it's set to be the same as the defined steps in training / tuning. When use_steps is false, this field is set to the maximum elapsed seconds." }, "minNumSteps": { "type": "string", "description": "Minimum number of steps for a trial to complete. Trials which do not have a measurement with num_steps > min_num_steps won't be considered for early stopping. It's ok to set it to 0, and a trial can be early stopped at any stage. By default, min_num_steps is set to be one-tenth of the max_num_steps. When use_steps is false, this field is set to the minimum elapsed seconds." }, "useSeconds": { "type": "boolean", "description": "This bool determines whether or not the rule is applied based on elapsed_secs or steps. If use_seconds==false, the early stopping decision is made according to the predicted objective values according to the target steps. If use_seconds==true, elapsed_secs is used instead of steps. Also, in this case, the parameters max_num_steps and min_num_steps are overloaded to contain max_elapsed_seconds and min_elapsed_seconds." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecConvexStopConfigResponse": { "description": "Configuration for ConvexStopPolicy.", "properties": { "autoregressiveOrder": { "type": "string", "description": "The number of Trial measurements used in autoregressive model for value prediction. A trial won't be considered early stopping if has fewer measurement points." }, "learningRateParameterName": { "type": "string", "description": "The hyper-parameter name used in the tuning job that stands for learning rate. Leave it blank if learning rate is not in a parameter in tuning. The learning_rate is used to estimate the objective value of the ongoing trial." }, "maxNumSteps": { "type": "string", "description": "Steps used in predicting the final objective for early stopped trials. In general, it's set to be the same as the defined steps in training / tuning. When use_steps is false, this field is set to the maximum elapsed seconds." }, "minNumSteps": { "type": "string", "description": "Minimum number of steps for a trial to complete. Trials which do not have a measurement with num_steps > min_num_steps won't be considered for early stopping. It's ok to set it to 0, and a trial can be early stopped at any stage. By default, min_num_steps is set to be one-tenth of the max_num_steps. When use_steps is false, this field is set to the minimum elapsed seconds." }, "useSeconds": { "type": "boolean", "description": "This bool determines whether or not the rule is applied based on elapsed_secs or steps. If use_seconds==false, the early stopping decision is made according to the predicted objective values according to the target steps. If use_seconds==true, elapsed_secs is used instead of steps. Also, in this case, the parameters max_num_steps and min_num_steps are overloaded to contain max_elapsed_seconds and min_elapsed_seconds." } }, "type": "object", "required": [ "autoregressiveOrder", "learningRateParameterName", "maxNumSteps", "minNumSteps", "useSeconds" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecDecayCurveAutomatedStoppingSpec": { "description": "The decay curve automated stopping rule builds a Gaussian Process Regressor to predict the final objective value of a Trial based on the already completed Trials and the intermediate measurements of the current Trial. Early stopping is requested for the current Trial if there is very low probability to exceed the optimal value found so far.", "properties": { "useElapsedDuration": { "type": "boolean", "description": "True if Measurement.elapsed_duration is used as the x-axis of each Trials Decay Curve. Otherwise, Measurement.step_count will be used as the x-axis." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecDecayCurveAutomatedStoppingSpecResponse": { "description": "The decay curve automated stopping rule builds a Gaussian Process Regressor to predict the final objective value of a Trial based on the already completed Trials and the intermediate measurements of the current Trial. Early stopping is requested for the current Trial if there is very low probability to exceed the optimal value found so far.", "properties": { "useElapsedDuration": { "type": "boolean", "description": "True if Measurement.elapsed_duration is used as the x-axis of each Trials Decay Curve. Otherwise, Measurement.step_count will be used as the x-axis." } }, "type": "object", "required": [ "useElapsedDuration" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecMeasurementSelectionType": { "description": "Describe which measurement selection type will be used", "type": "string", "enum": [ { "name": "MeasurementSelectionTypeUnspecified", "description": "Will be treated as LAST_MEASUREMENT.", "value": "MEASUREMENT_SELECTION_TYPE_UNSPECIFIED" }, { "name": "LastMeasurement", "description": "Use the last measurement reported.", "value": "LAST_MEASUREMENT" }, { "name": "BestMeasurement", "description": "Use the best measurement reported.", "value": "BEST_MEASUREMENT" } ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecMedianAutomatedStoppingSpec": { "description": "The median automated stopping rule stops a pending Trial if the Trial's best objective_value is strictly below the median 'performance' of all completed Trials reported up to the Trial's last measurement. Currently, 'performance' refers to the running average of the objective values reported by the Trial in each measurement.", "properties": { "useElapsedDuration": { "type": "boolean", "description": "True if median automated stopping rule applies on Measurement.elapsed_duration. It means that elapsed_duration field of latest measurement of current Trial is used to compute median objective value for each completed Trials." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecMedianAutomatedStoppingSpecResponse": { "description": "The median automated stopping rule stops a pending Trial if the Trial's best objective_value is strictly below the median 'performance' of all completed Trials reported up to the Trial's last measurement. Currently, 'performance' refers to the running average of the objective values reported by the Trial in each measurement.", "properties": { "useElapsedDuration": { "type": "boolean", "description": "True if median automated stopping rule applies on Measurement.elapsed_duration. It means that elapsed_duration field of latest measurement of current Trial is used to compute median objective value for each completed Trials." } }, "type": "object", "required": [ "useElapsedDuration" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecMetricSpec": { "description": "Represents a metric to optimize.", "properties": { "goal": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecMetricSpecGoal", "description": "The optimization goal of the metric." }, "metricId": { "type": "string", "description": "The ID of the metric. Must not contain whitespaces and must be unique amongst all MetricSpecs." }, "safetyConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecMetricSpecSafetyMetricConfig", "description": "Used for safe search. In the case, the metric will be a safety metric. You must provide a separate metric for objective metric." } }, "type": "object", "required": [ "goal", "metricId" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecMetricSpecGoal": { "description": "Required. The optimization goal of the metric.", "type": "string", "enum": [ { "name": "GoalTypeUnspecified", "description": "Goal Type will default to maximize.", "value": "GOAL_TYPE_UNSPECIFIED" }, { "name": "Maximize", "description": "Maximize the goal metric.", "value": "MAXIMIZE" }, { "name": "Minimize", "description": "Minimize the goal metric.", "value": "MINIMIZE" } ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecMetricSpecResponse": { "description": "Represents a metric to optimize.", "properties": { "goal": { "type": "string", "description": "The optimization goal of the metric." }, "metricId": { "type": "string", "description": "The ID of the metric. Must not contain whitespaces and must be unique amongst all MetricSpecs." }, "safetyConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecMetricSpecSafetyMetricConfigResponse", "description": "Used for safe search. In the case, the metric will be a safety metric. You must provide a separate metric for objective metric." } }, "type": "object", "required": [ "goal", "metricId", "safetyConfig" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecMetricSpecSafetyMetricConfig": { "description": "Used in safe optimization to specify threshold levels and risk tolerance.", "properties": { "desiredMinSafeTrialsFraction": { "type": "number", "description": "Desired minimum fraction of safe trials (over total number of trials) that should be targeted by the algorithm at any time during the study (best effort). This should be between 0.0 and 1.0 and a value of 0.0 means that there is no minimum and an algorithm proceeds without targeting any specific fraction. A value of 1.0 means that the algorithm attempts to only Suggest safe Trials." }, "safetyThreshold": { "type": "number", "description": "Safety threshold (boundary value between safe and unsafe). NOTE that if you leave SafetyMetricConfig unset, a default value of 0 will be used." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecMetricSpecSafetyMetricConfigResponse": { "description": "Used in safe optimization to specify threshold levels and risk tolerance.", "properties": { "desiredMinSafeTrialsFraction": { "type": "number", "description": "Desired minimum fraction of safe trials (over total number of trials) that should be targeted by the algorithm at any time during the study (best effort). This should be between 0.0 and 1.0 and a value of 0.0 means that there is no minimum and an algorithm proceeds without targeting any specific fraction. A value of 1.0 means that the algorithm attempts to only Suggest safe Trials." }, "safetyThreshold": { "type": "number", "description": "Safety threshold (boundary value between safe and unsafe). NOTE that if you leave SafetyMetricConfig unset, a default value of 0 will be used." } }, "type": "object", "required": [ "desiredMinSafeTrialsFraction", "safetyThreshold" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecObservationNoise": { "description": "The observation noise level of the study. Currently only supported by the Vertex AI Vizier service. Not supported by HyperparameterTuningJob or TrainingPipeline.", "type": "string", "enum": [ { "name": "ObservationNoiseUnspecified", "description": "The default noise level chosen by Vertex AI.", "value": "OBSERVATION_NOISE_UNSPECIFIED" }, { "name": "Low", "description": "Vertex AI assumes that the objective function is (nearly) perfectly reproducible, and will never repeat the same Trial parameters.", "value": "LOW" }, { "name": "High", "description": "Vertex AI will estimate the amount of noise in metric evaluations, it may repeat the same Trial parameters more than once.", "value": "HIGH" } ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpec": { "description": "Represents a single parameter to optimize.", "properties": { "categoricalValueSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecCategoricalValueSpec", "description": "The value spec for a 'CATEGORICAL' parameter." }, "conditionalParameterSpecs": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecConditionalParameterSpec" }, "description": "A conditional parameter node is active if the parameter's value matches the conditional node's parent_value_condition. If two items in conditional_parameter_specs have the same name, they must have disjoint parent_value_condition." }, "discreteValueSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecDiscreteValueSpec", "description": "The value spec for a 'DISCRETE' parameter." }, "doubleValueSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecDoubleValueSpec", "description": "The value spec for a 'DOUBLE' parameter." }, "integerValueSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecIntegerValueSpec", "description": "The value spec for an 'INTEGER' parameter." }, "parameterId": { "type": "string", "description": "The ID of the parameter. Must not contain whitespaces and must be unique amongst all ParameterSpecs." }, "scaleType": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecScaleType", "description": "How the parameter should be scaled. Leave unset for `CATEGORICAL` parameters." } }, "type": "object", "required": [ "parameterId" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecCategoricalValueSpec": { "description": "Value specification for a parameter in `CATEGORICAL` type.", "properties": { "defaultValue": { "type": "string", "description": "A default value for a `CATEGORICAL` parameter that is assumed to be a relatively good starting point. Unset value signals that there is no offered starting point. Currently only supported by the Vertex AI Vizier service. Not supported by HyperparameterTuningJob or TrainingPipeline." }, "values": { "type": "array", "items": { "type": "string" }, "description": "The list of possible categories." } }, "type": "object", "required": [ "values" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecCategoricalValueSpecResponse": { "description": "Value specification for a parameter in `CATEGORICAL` type.", "properties": { "defaultValue": { "type": "string", "description": "A default value for a `CATEGORICAL` parameter that is assumed to be a relatively good starting point. Unset value signals that there is no offered starting point. Currently only supported by the Vertex AI Vizier service. Not supported by HyperparameterTuningJob or TrainingPipeline." }, "values": { "type": "array", "items": { "type": "string" }, "description": "The list of possible categories." } }, "type": "object", "required": [ "defaultValue", "values" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecConditionalParameterSpec": { "description": "Represents a parameter spec with condition from its parent parameter.", "properties": { "parameterSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpec", "description": "The spec for a conditional parameter." }, "parentCategoricalValues": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecConditionalParameterSpecCategoricalValueCondition", "description": "The spec for matching values from a parent parameter of `CATEGORICAL` type." }, "parentDiscreteValues": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecConditionalParameterSpecDiscreteValueCondition", "description": "The spec for matching values from a parent parameter of `DISCRETE` type." }, "parentIntValues": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecConditionalParameterSpecIntValueCondition", "description": "The spec for matching values from a parent parameter of `INTEGER` type." } }, "type": "object", "required": [ "parameterSpec" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecConditionalParameterSpecCategoricalValueCondition": { "description": "Represents the spec to match categorical values from parent parameter.", "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "Matches values of the parent parameter of 'CATEGORICAL' type. All values must exist in `categorical_value_spec` of parent parameter." } }, "type": "object", "required": [ "values" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecConditionalParameterSpecCategoricalValueConditionResponse": { "description": "Represents the spec to match categorical values from parent parameter.", "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "Matches values of the parent parameter of 'CATEGORICAL' type. All values must exist in `categorical_value_spec` of parent parameter." } }, "type": "object", "required": [ "values" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecConditionalParameterSpecDiscreteValueCondition": { "description": "Represents the spec to match discrete values from parent parameter.", "properties": { "values": { "type": "array", "items": { "type": "number" }, "description": "Matches values of the parent parameter of 'DISCRETE' type. All values must exist in `discrete_value_spec` of parent parameter. The Epsilon of the value matching is 1e-10." } }, "type": "object", "required": [ "values" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecConditionalParameterSpecDiscreteValueConditionResponse": { "description": "Represents the spec to match discrete values from parent parameter.", "properties": { "values": { "type": "array", "items": { "type": "number" }, "description": "Matches values of the parent parameter of 'DISCRETE' type. All values must exist in `discrete_value_spec` of parent parameter. The Epsilon of the value matching is 1e-10." } }, "type": "object", "required": [ "values" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecConditionalParameterSpecIntValueCondition": { "description": "Represents the spec to match integer values from parent parameter.", "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "Matches values of the parent parameter of 'INTEGER' type. All values must lie in `integer_value_spec` of parent parameter." } }, "type": "object", "required": [ "values" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecConditionalParameterSpecIntValueConditionResponse": { "description": "Represents the spec to match integer values from parent parameter.", "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "Matches values of the parent parameter of 'INTEGER' type. All values must lie in `integer_value_spec` of parent parameter." } }, "type": "object", "required": [ "values" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecConditionalParameterSpecResponse": { "description": "Represents a parameter spec with condition from its parent parameter.", "properties": { "parameterSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecResponse", "description": "The spec for a conditional parameter." }, "parentCategoricalValues": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecConditionalParameterSpecCategoricalValueConditionResponse", "description": "The spec for matching values from a parent parameter of `CATEGORICAL` type." }, "parentDiscreteValues": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecConditionalParameterSpecDiscreteValueConditionResponse", "description": "The spec for matching values from a parent parameter of `DISCRETE` type." }, "parentIntValues": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecConditionalParameterSpecIntValueConditionResponse", "description": "The spec for matching values from a parent parameter of `INTEGER` type." } }, "type": "object", "required": [ "parameterSpec", "parentCategoricalValues", "parentDiscreteValues", "parentIntValues" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecDiscreteValueSpec": { "description": "Value specification for a parameter in `DISCRETE` type.", "properties": { "defaultValue": { "type": "number", "description": "A default value for a `DISCRETE` parameter that is assumed to be a relatively good starting point. Unset value signals that there is no offered starting point. It automatically rounds to the nearest feasible discrete point. Currently only supported by the Vertex AI Vizier service. Not supported by HyperparameterTuningJob or TrainingPipeline." }, "values": { "type": "array", "items": { "type": "number" }, "description": "A list of possible values. The list should be in increasing order and at least 1e-10 apart. For instance, this parameter might have possible settings of 1.5, 2.5, and 4.0. This list should not contain more than 1,000 values." } }, "type": "object", "required": [ "values" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecDiscreteValueSpecResponse": { "description": "Value specification for a parameter in `DISCRETE` type.", "properties": { "defaultValue": { "type": "number", "description": "A default value for a `DISCRETE` parameter that is assumed to be a relatively good starting point. Unset value signals that there is no offered starting point. It automatically rounds to the nearest feasible discrete point. Currently only supported by the Vertex AI Vizier service. Not supported by HyperparameterTuningJob or TrainingPipeline." }, "values": { "type": "array", "items": { "type": "number" }, "description": "A list of possible values. The list should be in increasing order and at least 1e-10 apart. For instance, this parameter might have possible settings of 1.5, 2.5, and 4.0. This list should not contain more than 1,000 values." } }, "type": "object", "required": [ "defaultValue", "values" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecDoubleValueSpec": { "description": "Value specification for a parameter in `DOUBLE` type.", "properties": { "defaultValue": { "type": "number", "description": "A default value for a `DOUBLE` parameter that is assumed to be a relatively good starting point. Unset value signals that there is no offered starting point. Currently only supported by the Vertex AI Vizier service. Not supported by HyperparameterTuningJob or TrainingPipeline." }, "maxValue": { "type": "number", "description": "Inclusive maximum value of the parameter." }, "minValue": { "type": "number", "description": "Inclusive minimum value of the parameter." } }, "type": "object", "required": [ "maxValue", "minValue" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecDoubleValueSpecResponse": { "description": "Value specification for a parameter in `DOUBLE` type.", "properties": { "defaultValue": { "type": "number", "description": "A default value for a `DOUBLE` parameter that is assumed to be a relatively good starting point. Unset value signals that there is no offered starting point. Currently only supported by the Vertex AI Vizier service. Not supported by HyperparameterTuningJob or TrainingPipeline." }, "maxValue": { "type": "number", "description": "Inclusive maximum value of the parameter." }, "minValue": { "type": "number", "description": "Inclusive minimum value of the parameter." } }, "type": "object", "required": [ "defaultValue", "maxValue", "minValue" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecIntegerValueSpec": { "description": "Value specification for a parameter in `INTEGER` type.", "properties": { "defaultValue": { "type": "string", "description": "A default value for an `INTEGER` parameter that is assumed to be a relatively good starting point. Unset value signals that there is no offered starting point. Currently only supported by the Vertex AI Vizier service. Not supported by HyperparameterTuningJob or TrainingPipeline." }, "maxValue": { "type": "string", "description": "Inclusive maximum value of the parameter." }, "minValue": { "type": "string", "description": "Inclusive minimum value of the parameter." } }, "type": "object", "required": [ "maxValue", "minValue" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecIntegerValueSpecResponse": { "description": "Value specification for a parameter in `INTEGER` type.", "properties": { "defaultValue": { "type": "string", "description": "A default value for an `INTEGER` parameter that is assumed to be a relatively good starting point. Unset value signals that there is no offered starting point. Currently only supported by the Vertex AI Vizier service. Not supported by HyperparameterTuningJob or TrainingPipeline." }, "maxValue": { "type": "string", "description": "Inclusive maximum value of the parameter." }, "minValue": { "type": "string", "description": "Inclusive minimum value of the parameter." } }, "type": "object", "required": [ "defaultValue", "maxValue", "minValue" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecResponse": { "description": "Represents a single parameter to optimize.", "properties": { "categoricalValueSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecCategoricalValueSpecResponse", "description": "The value spec for a 'CATEGORICAL' parameter." }, "conditionalParameterSpecs": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecConditionalParameterSpecResponse" }, "description": "A conditional parameter node is active if the parameter's value matches the conditional node's parent_value_condition. If two items in conditional_parameter_specs have the same name, they must have disjoint parent_value_condition." }, "discreteValueSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecDiscreteValueSpecResponse", "description": "The value spec for a 'DISCRETE' parameter." }, "doubleValueSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecDoubleValueSpecResponse", "description": "The value spec for a 'DOUBLE' parameter." }, "integerValueSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecIntegerValueSpecResponse", "description": "The value spec for an 'INTEGER' parameter." }, "parameterId": { "type": "string", "description": "The ID of the parameter. Must not contain whitespaces and must be unique amongst all ParameterSpecs." }, "scaleType": { "type": "string", "description": "How the parameter should be scaled. Leave unset for `CATEGORICAL` parameters." } }, "type": "object", "required": [ "categoricalValueSpec", "conditionalParameterSpecs", "discreteValueSpec", "doubleValueSpec", "integerValueSpec", "parameterId", "scaleType" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecScaleType": { "description": "How the parameter should be scaled. Leave unset for `CATEGORICAL` parameters.", "type": "string", "enum": [ { "name": "ScaleTypeUnspecified", "description": "By default, no scaling is applied.", "value": "SCALE_TYPE_UNSPECIFIED" }, { "name": "UnitLinearScale", "description": "Scales the feasible space to (0, 1) linearly.", "value": "UNIT_LINEAR_SCALE" }, { "name": "UnitLogScale", "description": "Scales the feasible space logarithmically to (0, 1). The entire feasible space must be strictly positive.", "value": "UNIT_LOG_SCALE" }, { "name": "UnitReverseLogScale", "description": "Scales the feasible space \"reverse\" logarithmically to (0, 1). The result is that values close to the top of the feasible space are spread out more than points near the bottom. The entire feasible space must be strictly positive.", "value": "UNIT_REVERSE_LOG_SCALE" } ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecResponse": { "description": "Represents specification of a Study.", "properties": { "algorithm": { "type": "string", "description": "The search algorithm specified for the Study." }, "convexAutomatedStoppingSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecConvexAutomatedStoppingSpecResponse", "description": "The automated early stopping spec using convex stopping rule." }, "convexStopConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecConvexStopConfigResponse", "description": "Deprecated. The automated early stopping using convex stopping rule.", "deprecationMessage": "Deprecated. The automated early stopping using convex stopping rule." }, "decayCurveStoppingSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecDecayCurveAutomatedStoppingSpecResponse", "description": "The automated early stopping spec using decay curve rule." }, "measurementSelectionType": { "type": "string", "description": "Describe which measurement selection type will be used" }, "medianAutomatedStoppingSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecMedianAutomatedStoppingSpecResponse", "description": "The automated early stopping spec using median rule." }, "metrics": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecMetricSpecResponse" }, "description": "Metric specs for the Study." }, "observationNoise": { "type": "string", "description": "The observation noise level of the study. Currently only supported by the Vertex AI Vizier service. Not supported by HyperparameterTuningJob or TrainingPipeline." }, "parameters": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecParameterSpecResponse" }, "description": "The set of parameters to tune." }, "studyStoppingConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecStudyStoppingConfigResponse", "description": "Conditions for automated stopping of a Study. Enable automated stopping by configuring at least one condition." }, "transferLearningConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudySpecTransferLearningConfigResponse", "description": "The configuration info/options for transfer learning. Currently supported for Vertex AI Vizier service, not HyperParameterTuningJob" } }, "type": "object", "required": [ "algorithm", "convexAutomatedStoppingSpec", "convexStopConfig", "decayCurveStoppingSpec", "measurementSelectionType", "medianAutomatedStoppingSpec", "metrics", "observationNoise", "parameters", "studyStoppingConfig", "transferLearningConfig" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecStudyStoppingConfig": { "description": "The configuration (stopping conditions) for automated stopping of a Study. Conditions include trial budgets, time budgets, and convergence detection.", "properties": { "maxDurationNoProgress": { "type": "string", "description": "If the objective value has not improved for this much time, stop the study. WARNING: Effective only for single-objective studies." }, "maxNumTrials": { "type": "integer", "description": "If there are more than this many trials, stop the study." }, "maxNumTrialsNoProgress": { "type": "integer", "description": "If the objective value has not improved for this many consecutive trials, stop the study. WARNING: Effective only for single-objective studies." }, "maximumRuntimeConstraint": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudyTimeConstraint", "description": "If the specified time or duration has passed, stop the study." }, "minNumTrials": { "type": "integer", "description": "If there are fewer than this many COMPLETED trials, do not stop the study." }, "minimumRuntimeConstraint": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudyTimeConstraint", "description": "Each \"stopping rule\" in this proto specifies an \"if\" condition. Before Vizier would generate a new suggestion, it first checks each specified stopping rule, from top to bottom in this list. Note that the first few rules (e.g. minimum_runtime_constraint, min_num_trials) will prevent other stopping rules from being evaluated until they are met. For example, setting `min_num_trials=5` and `always_stop_after= 1 hour` means that the Study will ONLY stop after it has 5 COMPLETED trials, even if more than an hour has passed since its creation. It follows the first applicable rule (whose \"if\" condition is satisfied) to make a stopping decision. If none of the specified rules are applicable, then Vizier decides that the study should not stop. If Vizier decides that the study should stop, the study enters STOPPING state (or STOPPING_ASAP if should_stop_asap = true). IMPORTANT: The automatic study state transition happens precisely as described above; that is, deleting trials or updating StudyConfig NEVER automatically moves the study state back to ACTIVE. If you want to _resume_ a Study that was stopped, 1) change the stopping conditions if necessary, 2) activate the study, and then 3) ask for suggestions. If the specified time or duration has not passed, do not stop the study." }, "shouldStopAsap": { "type": "boolean", "description": "If true, a Study enters STOPPING_ASAP whenever it would normally enters STOPPING state. The bottom line is: set to true if you want to interrupt on-going evaluations of Trials as soon as the study stopping condition is met. (Please see Study.State documentation for the source of truth)." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecStudyStoppingConfigResponse": { "description": "The configuration (stopping conditions) for automated stopping of a Study. Conditions include trial budgets, time budgets, and convergence detection.", "properties": { "maxDurationNoProgress": { "type": "string", "description": "If the objective value has not improved for this much time, stop the study. WARNING: Effective only for single-objective studies." }, "maxNumTrials": { "type": "integer", "description": "If there are more than this many trials, stop the study." }, "maxNumTrialsNoProgress": { "type": "integer", "description": "If the objective value has not improved for this many consecutive trials, stop the study. WARNING: Effective only for single-objective studies." }, "maximumRuntimeConstraint": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudyTimeConstraintResponse", "description": "If the specified time or duration has passed, stop the study." }, "minNumTrials": { "type": "integer", "description": "If there are fewer than this many COMPLETED trials, do not stop the study." }, "minimumRuntimeConstraint": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1StudyTimeConstraintResponse", "description": "Each \"stopping rule\" in this proto specifies an \"if\" condition. Before Vizier would generate a new suggestion, it first checks each specified stopping rule, from top to bottom in this list. Note that the first few rules (e.g. minimum_runtime_constraint, min_num_trials) will prevent other stopping rules from being evaluated until they are met. For example, setting `min_num_trials=5` and `always_stop_after= 1 hour` means that the Study will ONLY stop after it has 5 COMPLETED trials, even if more than an hour has passed since its creation. It follows the first applicable rule (whose \"if\" condition is satisfied) to make a stopping decision. If none of the specified rules are applicable, then Vizier decides that the study should not stop. If Vizier decides that the study should stop, the study enters STOPPING state (or STOPPING_ASAP if should_stop_asap = true). IMPORTANT: The automatic study state transition happens precisely as described above; that is, deleting trials or updating StudyConfig NEVER automatically moves the study state back to ACTIVE. If you want to _resume_ a Study that was stopped, 1) change the stopping conditions if necessary, 2) activate the study, and then 3) ask for suggestions. If the specified time or duration has not passed, do not stop the study." }, "shouldStopAsap": { "type": "boolean", "description": "If true, a Study enters STOPPING_ASAP whenever it would normally enters STOPPING state. The bottom line is: set to true if you want to interrupt on-going evaluations of Trials as soon as the study stopping condition is met. (Please see Study.State documentation for the source of truth)." } }, "type": "object", "required": [ "maxDurationNoProgress", "maxNumTrials", "maxNumTrialsNoProgress", "maximumRuntimeConstraint", "minNumTrials", "minimumRuntimeConstraint", "shouldStopAsap" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecTransferLearningConfig": { "description": "This contains flag for manually disabling transfer learning for a study. The names of prior studies being used for transfer learning (if any) are also listed here.", "properties": { "disableTransferLearning": { "type": "boolean", "description": "Flag to to manually prevent vizier from using transfer learning on a new study. Otherwise, vizier will automatically determine whether or not to use transfer learning." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudySpecTransferLearningConfigResponse": { "description": "This contains flag for manually disabling transfer learning for a study. The names of prior studies being used for transfer learning (if any) are also listed here.", "properties": { "disableTransferLearning": { "type": "boolean", "description": "Flag to to manually prevent vizier from using transfer learning on a new study. Otherwise, vizier will automatically determine whether or not to use transfer learning." }, "priorStudyNames": { "type": "array", "items": { "type": "string" }, "description": "Names of previously completed studies" } }, "type": "object", "required": [ "disableTransferLearning", "priorStudyNames" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudyTimeConstraint": { "description": "Time-based Constraint for Study", "properties": { "endTime": { "type": "string", "description": "Compares the wallclock time to this time. Must use UTC timezone." }, "maxDuration": { "type": "string", "description": "Counts the wallclock time passed since the creation of this Study." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1StudyTimeConstraintResponse": { "description": "Time-based Constraint for Study", "properties": { "endTime": { "type": "string", "description": "Compares the wallclock time to this time. Must use UTC timezone." }, "maxDuration": { "type": "string", "description": "Counts the wallclock time passed since the creation of this Study." } }, "type": "object", "required": [ "endTime", "maxDuration" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1TensorboardTimeSeriesMetadataResponse": { "description": "Describes metadata for a TensorboardTimeSeries.", "properties": { "maxBlobSequenceLength": { "type": "string", "description": "The largest blob sequence length (number of blobs) of all data points in this time series, if its ValueType is BLOB_SEQUENCE." }, "maxStep": { "type": "string", "description": "Max step index of all data points within a TensorboardTimeSeries." }, "maxWallTime": { "type": "string", "description": "Max wall clock timestamp of all data points within a TensorboardTimeSeries." } }, "type": "object", "required": [ "maxBlobSequenceLength", "maxStep", "maxWallTime" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ThresholdConfig": { "description": "The config for feature monitoring threshold.", "properties": { "value": { "type": "number", "description": "Specify a threshold value that can trigger the alert. If this threshold config is for feature distribution distance: 1. For categorical feature, the distribution distance is calculated by L-inifinity norm. 2. For numerical feature, the distribution distance is calculated by Jensen–Shannon divergence. Each feature must have a non-zero threshold if they need to be monitored. Otherwise no alert will be triggered for that feature." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1ThresholdConfigResponse": { "description": "The config for feature monitoring threshold.", "properties": { "value": { "type": "number", "description": "Specify a threshold value that can trigger the alert. If this threshold config is for feature distribution distance: 1. For categorical feature, the distribution distance is calculated by L-inifinity norm. 2. For numerical feature, the distribution distance is calculated by Jensen–Shannon divergence. Each feature must have a non-zero threshold if they need to be monitored. Otherwise no alert will be triggered for that feature." } }, "type": "object", "required": [ "value" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1TimestampSplit": { "description": "Assigns input data to training, validation, and test sets based on a provided timestamps. The youngest data pieces are assigned to training set, next to validation set, and the oldest to the test set. Supported only for tabular Datasets.", "properties": { "key": { "type": "string", "description": "The key is a name of one of the Dataset's data columns. The values of the key (the values in the column) must be in RFC 3339 `date-time` format, where `time-offset` = `\"Z\"` (e.g. 1985-04-12T23:20:50.52Z). If for a piece of data the key is not present or has an invalid value, that piece is ignored by the pipeline." }, "testFraction": { "type": "number", "description": "The fraction of the input data that is to be used to evaluate the Model." }, "trainingFraction": { "type": "number", "description": "The fraction of the input data that is to be used to train the Model." }, "validationFraction": { "type": "number", "description": "The fraction of the input data that is to be used to validate the Model." } }, "type": "object", "required": [ "key" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1TimestampSplitResponse": { "description": "Assigns input data to training, validation, and test sets based on a provided timestamps. The youngest data pieces are assigned to training set, next to validation set, and the oldest to the test set. Supported only for tabular Datasets.", "properties": { "key": { "type": "string", "description": "The key is a name of one of the Dataset's data columns. The values of the key (the values in the column) must be in RFC 3339 `date-time` format, where `time-offset` = `\"Z\"` (e.g. 1985-04-12T23:20:50.52Z). If for a piece of data the key is not present or has an invalid value, that piece is ignored by the pipeline." }, "testFraction": { "type": "number", "description": "The fraction of the input data that is to be used to evaluate the Model." }, "trainingFraction": { "type": "number", "description": "The fraction of the input data that is to be used to train the Model." }, "validationFraction": { "type": "number", "description": "The fraction of the input data that is to be used to validate the Model." } }, "type": "object", "required": [ "key", "testFraction", "trainingFraction", "validationFraction" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1TrainingConfig": { "description": "CMLE training config. For every active learning labeling iteration, system will train a machine learning model on CMLE. The trained model will be used by data sampling algorithm to select DataItems.", "properties": { "timeoutTrainingMilliHours": { "type": "string", "description": "The timeout hours for the CMLE training job, expressed in milli hours i.e. 1,000 value in this field means 1 hour." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1TrainingConfigResponse": { "description": "CMLE training config. For every active learning labeling iteration, system will train a machine learning model on CMLE. The trained model will be used by data sampling algorithm to select DataItems.", "properties": { "timeoutTrainingMilliHours": { "type": "string", "description": "The timeout hours for the CMLE training job, expressed in milli hours i.e. 1,000 value in this field means 1 hour." } }, "type": "object", "required": [ "timeoutTrainingMilliHours" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1TrialParameterResponse": { "description": "A message representing a parameter to be tuned.", "properties": { "parameterId": { "type": "string", "description": "The ID of the parameter. The parameter should be defined in StudySpec's Parameters." }, "value": { "$ref": "pulumi.json#/Any", "description": "The value of the parameter. `number_value` will be set if a parameter defined in StudySpec is in type 'INTEGER', 'DOUBLE' or 'DISCRETE'. `string_value` will be set if a parameter defined in StudySpec is in type 'CATEGORICAL'." } }, "type": "object", "required": [ "parameterId", "value" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1TrialResponse": { "description": "A message representing a Trial. A Trial contains a unique set of Parameters that has been or will be evaluated, along with the objective metrics got by running the Trial.", "properties": { "clientId": { "type": "string", "description": "The identifier of the client that originally requested this Trial. Each client is identified by a unique client_id. When a client asks for a suggestion, Vertex AI Vizier will assign it a Trial. The client should evaluate the Trial, complete it, and report back to Vertex AI Vizier. If suggestion is asked again by same client_id before the Trial is completed, the same Trial will be returned. Multiple clients with different client_ids can ask for suggestions simultaneously, each of them will get their own Trial." }, "customJob": { "type": "string", "description": "The CustomJob name linked to the Trial. It's set for a HyperparameterTuningJob's Trial." }, "endTime": { "type": "string", "description": "Time when the Trial's status changed to `SUCCEEDED` or `INFEASIBLE`." }, "finalMeasurement": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1MeasurementResponse", "description": "The final measurement containing the objective value." }, "infeasibleReason": { "type": "string", "description": "A human readable string describing why the Trial is infeasible. This is set only if Trial state is `INFEASIBLE`." }, "measurements": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1MeasurementResponse" }, "description": "A list of measurements that are strictly lexicographically ordered by their induced tuples (steps, elapsed_duration). These are used for early stopping computations." }, "name": { "type": "string", "description": "Resource name of the Trial assigned by the service." }, "parameters": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1TrialParameterResponse" }, "description": "The parameters of the Trial." }, "startTime": { "type": "string", "description": "Time when the Trial was started." }, "state": { "type": "string", "description": "The detailed state of the Trial." }, "webAccessUris": { "type": "object", "additionalProperties": { "type": "string" }, "description": "URIs for accessing [interactive shells](https://cloud.google.com/vertex-ai/docs/training/monitor-debug-interactive-shell) (one URI for each training node). Only available if this trial is part of a HyperparameterTuningJob and the job's trial_job_spec.enable_web_access field is `true`. The keys are names of each node used for the trial; for example, `workerpool0-0` for the primary node, `workerpool1-0` for the first node in the second worker pool, and `workerpool1-1` for the second node in the second worker pool. The values are the URIs for each node's interactive shell." } }, "type": "object", "required": [ "clientId", "customJob", "endTime", "finalMeasurement", "infeasibleReason", "measurements", "name", "parameters", "startTime", "state", "webAccessUris" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1UnmanagedContainerModel": { "description": "Contains model information necessary to perform batch prediction without requiring a full model import.", "properties": { "artifactUri": { "type": "string", "description": "The path to the directory containing the Model artifact and any of its supporting files." }, "containerSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ModelContainerSpec", "description": "Input only. The specification of the container that is to be used when deploying this Model." }, "predictSchemata": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1PredictSchemata", "description": "Contains the schemata used in Model's predictions and explanations" } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1UnmanagedContainerModelResponse": { "description": "Contains model information necessary to perform batch prediction without requiring a full model import.", "properties": { "artifactUri": { "type": "string", "description": "The path to the directory containing the Model artifact and any of its supporting files." }, "containerSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ModelContainerSpecResponse", "description": "Input only. The specification of the container that is to be used when deploying this Model." }, "predictSchemata": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1PredictSchemataResponse", "description": "Contains the schemata used in Model's predictions and explanations" } }, "type": "object", "required": [ "artifactUri", "containerSpec", "predictSchemata" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1WorkerPoolSpec": { "description": "Represents the spec of a worker pool in a job.", "properties": { "containerSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ContainerSpec", "description": "The custom container task." }, "diskSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1DiskSpec", "description": "Disk spec." }, "machineSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1MachineSpec", "description": "Optional. Immutable. The specification of a single machine." }, "nfsMounts": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1NfsMount" }, "description": "Optional. List of NFS mount spec." }, "pythonPackageSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1PythonPackageSpec", "description": "The Python packaged task." }, "replicaCount": { "type": "string", "description": "Optional. The number of worker replicas to use for this worker pool." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1WorkerPoolSpecResponse": { "description": "Represents the spec of a worker pool in a job.", "properties": { "containerSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1ContainerSpecResponse", "description": "The custom container task." }, "diskSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1DiskSpecResponse", "description": "Disk spec." }, "machineSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1MachineSpecResponse", "description": "Optional. Immutable. The specification of a single machine." }, "nfsMounts": { "type": "array", "items": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1NfsMountResponse" }, "description": "Optional. List of NFS mount spec." }, "pythonPackageSpec": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1PythonPackageSpecResponse", "description": "The Python packaged task." }, "replicaCount": { "type": "string", "description": "Optional. The number of worker replicas to use for this worker pool." } }, "type": "object", "required": [ "containerSpec", "diskSpec", "machineSpec", "nfsMounts", "pythonPackageSpec", "replicaCount" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1XraiAttribution": { "description": "An explanation method that redistributes Integrated Gradients attributions to segmented regions, taking advantage of the model's fully differentiable structure. Refer to this paper for more details: https://arxiv.org/abs/1906.02825 Supported only by image Models.", "properties": { "blurBaselineConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1BlurBaselineConfig", "description": "Config for XRAI with blur baseline. When enabled, a linear path from the maximally blurred image to the input image is created. Using a blurred baseline instead of zero (black image) is motivated by the BlurIG approach explained here: https://arxiv.org/abs/2004.03383" }, "smoothGradConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1SmoothGradConfig", "description": "Config for SmoothGrad approximation of gradients. When enabled, the gradients are approximated by averaging the gradients from noisy samples in the vicinity of the inputs. Adding noise can help improve the computed gradients. Refer to this paper for more details: https://arxiv.org/pdf/1706.03825.pdf" }, "stepCount": { "type": "integer", "description": "The number of steps for approximating the path integral. A good value to start is 50 and gradually increase until the sum to diff property is met within the desired error range. Valid range of its value is [1, 100], inclusively." } }, "type": "object", "required": [ "stepCount" ] }, "google-native:aiplatform/v1beta1:GoogleCloudAiplatformV1beta1XraiAttributionResponse": { "description": "An explanation method that redistributes Integrated Gradients attributions to segmented regions, taking advantage of the model's fully differentiable structure. Refer to this paper for more details: https://arxiv.org/abs/1906.02825 Supported only by image Models.", "properties": { "blurBaselineConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1BlurBaselineConfigResponse", "description": "Config for XRAI with blur baseline. When enabled, a linear path from the maximally blurred image to the input image is created. Using a blurred baseline instead of zero (black image) is motivated by the BlurIG approach explained here: https://arxiv.org/abs/2004.03383" }, "smoothGradConfig": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleCloudAiplatformV1beta1SmoothGradConfigResponse", "description": "Config for SmoothGrad approximation of gradients. When enabled, the gradients are approximated by averaging the gradients from noisy samples in the vicinity of the inputs. Adding noise can help improve the computed gradients. Refer to this paper for more details: https://arxiv.org/pdf/1706.03825.pdf" }, "stepCount": { "type": "integer", "description": "The number of steps for approximating the path integral. A good value to start is 50 and gradually increase until the sum to diff property is met within the desired error range. Valid range of its value is [1, 100], inclusively." } }, "type": "object", "required": [ "blurBaselineConfig", "smoothGradConfig", "stepCount" ] }, "google-native:aiplatform/v1beta1:GoogleIamV1Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleTypeExpr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleIamV1BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:aiplatform%2Fv1beta1:GoogleTypeExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:aiplatform/v1beta1:GoogleRpcStatusResponse": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object", "required": [ "code", "details", "message" ] }, "google-native:aiplatform/v1beta1:GoogleTypeExpr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:aiplatform/v1beta1:GoogleTypeExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:aiplatform/v1beta1:GoogleTypeMoneyResponse": { "description": "Represents an amount of money with its currency type.", "properties": { "currencyCode": { "type": "string", "description": "The three-letter currency code defined in ISO 4217." }, "nanos": { "type": "integer", "description": "Number of nano (10^-9) units of the amount. The value must be between -999,999,999 and +999,999,999 inclusive. If `units` is positive, `nanos` must be positive or zero. If `units` is zero, `nanos` can be positive, zero, or negative. If `units` is negative, `nanos` must be negative or zero. For example $-1.75 is represented as `units`=-1 and `nanos`=-750,000,000." }, "units": { "type": "string", "description": "The whole units of the amount. For example if `currencyCode` is `\"USD\"`, then 1 unit is one US dollar." } }, "type": "object", "required": [ "currencyCode", "nanos", "units" ] }, "google-native:aiplatform/v1beta1:IndexIndexUpdateMethod": { "description": "Immutable. The update method to use with this Index. If not set, BATCH_UPDATE will be used by default.", "type": "string", "enum": [ { "name": "IndexUpdateMethodUnspecified", "description": "Should not be used.", "value": "INDEX_UPDATE_METHOD_UNSPECIFIED" }, { "name": "BatchUpdate", "description": "BatchUpdate: user can call UpdateIndex with files on Cloud Storage of Datapoints to update.", "value": "BATCH_UPDATE" }, { "name": "StreamUpdate", "description": "StreamUpdate: user can call UpsertDatapoints/DeleteDatapoints to update the Index and the updates will be applied in corresponding DeployedIndexes in nearly real-time.", "value": "STREAM_UPDATE" } ] }, "google-native:aiplatform/v1beta1:MetadataSchemaSchemaType": { "description": "The type of the MetadataSchema. This is a property that identifies which metadata types will use the MetadataSchema.", "type": "string", "enum": [ { "name": "MetadataSchemaTypeUnspecified", "description": "Unspecified type for the MetadataSchema.", "value": "METADATA_SCHEMA_TYPE_UNSPECIFIED" }, { "name": "ArtifactType", "description": "A type indicating that the MetadataSchema will be used by Artifacts.", "value": "ARTIFACT_TYPE" }, { "name": "ExecutionType", "description": "A typee indicating that the MetadataSchema will be used by Executions.", "value": "EXECUTION_TYPE" }, { "name": "ContextType", "description": "A state indicating that the MetadataSchema will be used by Contexts.", "value": "CONTEXT_TYPE" } ] }, "google-native:aiplatform/v1beta1:NotebookRuntimeTemplateNotebookRuntimeType": { "description": "Optional. Immutable. The type of the notebook runtime template.", "type": "string", "enum": [ { "name": "NotebookRuntimeTypeUnspecified", "description": "Unspecified notebook runtime type, NotebookRuntimeType will default to USER_DEFINED.", "value": "NOTEBOOK_RUNTIME_TYPE_UNSPECIFIED" }, { "name": "UserDefined", "description": "runtime or template with coustomized configurations from user.", "value": "USER_DEFINED" }, { "name": "OneClick", "description": "runtime or template with system defined configurations.", "value": "ONE_CLICK" } ] }, "google-native:aiplatform/v1beta1:TimeSeriesValueType": { "description": "Required. Immutable. Type of TensorboardTimeSeries value.", "type": "string", "enum": [ { "name": "ValueTypeUnspecified", "description": "The value type is unspecified.", "value": "VALUE_TYPE_UNSPECIFIED" }, { "name": "Scalar", "description": "Used for TensorboardTimeSeries that is a list of scalars. E.g. accuracy of a model over epochs/time.", "value": "SCALAR" }, { "name": "Tensor", "description": "Used for TensorboardTimeSeries that is a list of tensors. E.g. histograms of weights of layer in a model over epoch/time.", "value": "TENSOR" }, { "name": "BlobSequence", "description": "Used for TensorboardTimeSeries that is a list of blob sequences. E.g. set of sample images with labels over epochs/time.", "value": "BLOB_SEQUENCE" } ] }, "google-native:alloydb/v1:AutomatedBackupPolicy": { "description": "Message describing the user-specified automated backup policy. All fields in the automated backup policy are optional. Defaults for each field are provided if they are not set.", "properties": { "backupWindow": { "type": "string", "description": "The length of the time window during which a backup can be taken. If a backup does not succeed within this time window, it will be canceled and considered failed. The backup window must be at least 5 minutes long. There is no upper bound on the window. If not set, it defaults to 1 hour." }, "enabled": { "type": "boolean", "description": "Whether automated automated backups are enabled. If not set, defaults to true." }, "encryptionConfig": { "$ref": "#/types/google-native:alloydb%2Fv1:EncryptionConfig", "description": "Optional. The encryption config can be specified to encrypt the backups with a customer-managed encryption key (CMEK). When this field is not specified, the backup will then use default encryption scheme to protect the user data." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels to apply to backups created using this configuration." }, "location": { "type": "string", "description": "The location where the backup will be stored. Currently, the only supported option is to store the backup in the same region as the cluster. If empty, defaults to the region of the cluster." }, "quantityBasedRetention": { "$ref": "#/types/google-native:alloydb%2Fv1:QuantityBasedRetention", "description": "Quantity-based Backup retention policy to retain recent backups." }, "timeBasedRetention": { "$ref": "#/types/google-native:alloydb%2Fv1:TimeBasedRetention", "description": "Time-based Backup retention policy." }, "weeklySchedule": { "$ref": "#/types/google-native:alloydb%2Fv1:WeeklySchedule", "description": "Weekly schedule for the Backup." } }, "type": "object" }, "google-native:alloydb/v1:AutomatedBackupPolicyResponse": { "description": "Message describing the user-specified automated backup policy. All fields in the automated backup policy are optional. Defaults for each field are provided if they are not set.", "properties": { "backupWindow": { "type": "string", "description": "The length of the time window during which a backup can be taken. If a backup does not succeed within this time window, it will be canceled and considered failed. The backup window must be at least 5 minutes long. There is no upper bound on the window. If not set, it defaults to 1 hour." }, "enabled": { "type": "boolean", "description": "Whether automated automated backups are enabled. If not set, defaults to true." }, "encryptionConfig": { "$ref": "#/types/google-native:alloydb%2Fv1:EncryptionConfigResponse", "description": "Optional. The encryption config can be specified to encrypt the backups with a customer-managed encryption key (CMEK). When this field is not specified, the backup will then use default encryption scheme to protect the user data." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels to apply to backups created using this configuration." }, "location": { "type": "string", "description": "The location where the backup will be stored. Currently, the only supported option is to store the backup in the same region as the cluster. If empty, defaults to the region of the cluster." }, "quantityBasedRetention": { "$ref": "#/types/google-native:alloydb%2Fv1:QuantityBasedRetentionResponse", "description": "Quantity-based Backup retention policy to retain recent backups." }, "timeBasedRetention": { "$ref": "#/types/google-native:alloydb%2Fv1:TimeBasedRetentionResponse", "description": "Time-based Backup retention policy." }, "weeklySchedule": { "$ref": "#/types/google-native:alloydb%2Fv1:WeeklyScheduleResponse", "description": "Weekly schedule for the Backup." } }, "type": "object", "required": [ "backupWindow", "enabled", "encryptionConfig", "labels", "location", "quantityBasedRetention", "timeBasedRetention", "weeklySchedule" ] }, "google-native:alloydb/v1:BackupSourceResponse": { "description": "Message describing a BackupSource.", "properties": { "backupName": { "type": "string", "description": "The name of the backup resource with the format: * projects/{project}/locations/{region}/backups/{backup_id}" }, "backupUid": { "type": "string", "description": "The system-generated UID of the backup which was used to create this resource. The UID is generated when the backup is created, and it is retained until the backup is deleted." } }, "type": "object", "required": [ "backupName", "backupUid" ] }, "google-native:alloydb/v1:BackupType": { "description": "The backup type, which suggests the trigger for the backup.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Backup Type is unknown.", "value": "TYPE_UNSPECIFIED" }, { "name": "OnDemand", "description": "ON_DEMAND backups that were triggered by the customer (e.g., not AUTOMATED).", "value": "ON_DEMAND" }, { "name": "Automated", "description": "AUTOMATED backups triggered by the automated backups scheduler pursuant to an automated backup policy.", "value": "AUTOMATED" }, { "name": "Continuous", "description": "CONTINUOUS backups triggered by the automated backups scheduler due to a continuous backup policy.", "value": "CONTINUOUS" } ] }, "google-native:alloydb/v1:ClientConnectionConfig": { "description": "Client connection configuration", "properties": { "requireConnectors": { "type": "boolean", "description": "Optional. Configuration to enforce connectors only (ex: AuthProxy) connections to the database." }, "sslConfig": { "$ref": "#/types/google-native:alloydb%2Fv1:SslConfig", "description": "Optional. SSL config option for this instance." } }, "type": "object" }, "google-native:alloydb/v1:ClientConnectionConfigResponse": { "description": "Client connection configuration", "properties": { "requireConnectors": { "type": "boolean", "description": "Optional. Configuration to enforce connectors only (ex: AuthProxy) connections to the database." }, "sslConfig": { "$ref": "#/types/google-native:alloydb%2Fv1:SslConfigResponse", "description": "Optional. SSL config option for this instance." } }, "type": "object", "required": [ "requireConnectors", "sslConfig" ] }, "google-native:alloydb/v1:ClusterDatabaseVersion": { "description": "Optional. The database engine major version. This is an optional field and it is populated at the Cluster creation time. If a database version is not supplied at cluster creation time, then a default database version will be used.", "type": "string", "enum": [ { "name": "DatabaseVersionUnspecified", "description": "This is an unknown database version.", "value": "DATABASE_VERSION_UNSPECIFIED" }, { "name": "Postgres13", "description": "DEPRECATED - The database version is Postgres 13.", "value": "POSTGRES_13" }, { "name": "Postgres14", "description": "The database version is Postgres 14.", "value": "POSTGRES_14" }, { "name": "Postgres15", "description": "The database version is Postgres 15.", "value": "POSTGRES_15" } ] }, "google-native:alloydb/v1:ContinuousBackupConfig": { "description": "ContinuousBackupConfig describes the continuous backups recovery configurations of a cluster.", "properties": { "enabled": { "type": "boolean", "description": "Whether ContinuousBackup is enabled." }, "encryptionConfig": { "$ref": "#/types/google-native:alloydb%2Fv1:EncryptionConfig", "description": "The encryption config can be specified to encrypt the backups with a customer-managed encryption key (CMEK). When this field is not specified, the backup will then use default encryption scheme to protect the user data." }, "recoveryWindowDays": { "type": "integer", "description": "The number of days that are eligible to restore from using PITR. To support the entire recovery window, backups and logs are retained for one day more than the recovery window. If not set, defaults to 14 days." } }, "type": "object" }, "google-native:alloydb/v1:ContinuousBackupConfigResponse": { "description": "ContinuousBackupConfig describes the continuous backups recovery configurations of a cluster.", "properties": { "enabled": { "type": "boolean", "description": "Whether ContinuousBackup is enabled." }, "encryptionConfig": { "$ref": "#/types/google-native:alloydb%2Fv1:EncryptionConfigResponse", "description": "The encryption config can be specified to encrypt the backups with a customer-managed encryption key (CMEK). When this field is not specified, the backup will then use default encryption scheme to protect the user data." }, "recoveryWindowDays": { "type": "integer", "description": "The number of days that are eligible to restore from using PITR. To support the entire recovery window, backups and logs are retained for one day more than the recovery window. If not set, defaults to 14 days." } }, "type": "object", "required": [ "enabled", "encryptionConfig", "recoveryWindowDays" ] }, "google-native:alloydb/v1:ContinuousBackupInfoResponse": { "description": "ContinuousBackupInfo describes the continuous backup properties of a cluster.", "properties": { "earliestRestorableTime": { "type": "string", "description": "The earliest restorable time that can be restored to. Output only field." }, "enabledTime": { "type": "string", "description": "When ContinuousBackup was most recently enabled. Set to null if ContinuousBackup is not enabled." }, "encryptionInfo": { "$ref": "#/types/google-native:alloydb%2Fv1:EncryptionInfoResponse", "description": "The encryption information for the WALs and backups required for ContinuousBackup." }, "schedule": { "type": "array", "items": { "type": "string" }, "description": "Days of the week on which a continuous backup is taken. Output only field. Ignored if passed into the request." } }, "type": "object", "required": [ "earliestRestorableTime", "enabledTime", "encryptionInfo", "schedule" ] }, "google-native:alloydb/v1:EncryptionConfig": { "description": "EncryptionConfig describes the encryption config of a cluster or a backup that is encrypted with a CMEK (customer-managed encryption key).", "properties": { "kmsKeyName": { "type": "string", "description": "The fully-qualified resource name of the KMS key. Each Cloud KMS key is regionalized and has the following format: projects/[PROJECT]/locations/[REGION]/keyRings/[RING]/cryptoKeys/[KEY_NAME]" } }, "type": "object" }, "google-native:alloydb/v1:EncryptionConfigResponse": { "description": "EncryptionConfig describes the encryption config of a cluster or a backup that is encrypted with a CMEK (customer-managed encryption key).", "properties": { "kmsKeyName": { "type": "string", "description": "The fully-qualified resource name of the KMS key. Each Cloud KMS key is regionalized and has the following format: projects/[PROJECT]/locations/[REGION]/keyRings/[RING]/cryptoKeys/[KEY_NAME]" } }, "type": "object", "required": [ "kmsKeyName" ] }, "google-native:alloydb/v1:EncryptionInfoResponse": { "description": "EncryptionInfo describes the encryption information of a cluster or a backup.", "properties": { "encryptionType": { "type": "string", "description": "Type of encryption." }, "kmsKeyVersions": { "type": "array", "items": { "type": "string" }, "description": "Cloud KMS key versions that are being used to protect the database or the backup." } }, "type": "object", "required": [ "encryptionType", "kmsKeyVersions" ] }, "google-native:alloydb/v1:GoogleTypeTimeOfDay": { "description": "Represents a time of day. The date and time zone are either not significant or are specified elsewhere. An API may choose to allow leap seconds. Related types are google.type.Date and `google.protobuf.Timestamp`.", "properties": { "hours": { "type": "integer", "description": "Hours of day in 24 hour format. Should be from 0 to 23. An API may choose to allow the value \"24:00:00\" for scenarios like business closing time." }, "minutes": { "type": "integer", "description": "Minutes of hour of day. Must be from 0 to 59." }, "nanos": { "type": "integer", "description": "Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999." }, "seconds": { "type": "integer", "description": "Seconds of minutes of the time. Must normally be from 0 to 59. An API may allow the value 60 if it allows leap-seconds." } }, "type": "object" }, "google-native:alloydb/v1:GoogleTypeTimeOfDayResponse": { "description": "Represents a time of day. The date and time zone are either not significant or are specified elsewhere. An API may choose to allow leap seconds. Related types are google.type.Date and `google.protobuf.Timestamp`.", "properties": { "hours": { "type": "integer", "description": "Hours of day in 24 hour format. Should be from 0 to 23. An API may choose to allow the value \"24:00:00\" for scenarios like business closing time." }, "minutes": { "type": "integer", "description": "Minutes of hour of day. Must be from 0 to 59." }, "nanos": { "type": "integer", "description": "Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999." }, "seconds": { "type": "integer", "description": "Seconds of minutes of the time. Must normally be from 0 to 59. An API may allow the value 60 if it allows leap-seconds." } }, "type": "object", "required": [ "hours", "minutes", "nanos", "seconds" ] }, "google-native:alloydb/v1:InstanceAvailabilityType": { "description": "Availability type of an Instance. If empty, defaults to REGIONAL for primary instances. For read pools, availability_type is always UNSPECIFIED. Instances in the read pools are evenly distributed across available zones within the region (i.e. read pools with more than one node will have a node in at least two zones).", "type": "string", "enum": [ { "name": "AvailabilityTypeUnspecified", "description": "This is an unknown Availability type.", "value": "AVAILABILITY_TYPE_UNSPECIFIED" }, { "name": "Zonal", "description": "Zonal available instance.", "value": "ZONAL" }, { "name": "Regional", "description": "Regional (or Highly) available instance.", "value": "REGIONAL" } ] }, "google-native:alloydb/v1:InstanceInstanceType": { "description": "Required. The type of the instance. Specified at creation time.", "type": "string", "enum": [ { "name": "InstanceTypeUnspecified", "description": "The type of the instance is unknown.", "value": "INSTANCE_TYPE_UNSPECIFIED" }, { "name": "Primary", "description": "PRIMARY instances support read and write operations.", "value": "PRIMARY" }, { "name": "ReadPool", "description": "READ POOL instances support read operations only. Each read pool instance consists of one or more homogeneous nodes. * Read pool of size 1 can only have zonal availability. * Read pools with node count of 2 or more can have regional availability (nodes are present in 2 or more zones in a region).", "value": "READ_POOL" }, { "name": "Secondary", "description": "SECONDARY instances support read operations only. SECONDARY instance is a cross-region read replica", "value": "SECONDARY" } ] }, "google-native:alloydb/v1:MachineConfig": { "description": "MachineConfig describes the configuration of a machine.", "properties": { "cpuCount": { "type": "integer", "description": "The number of CPU's in the VM instance." } }, "type": "object" }, "google-native:alloydb/v1:MachineConfigResponse": { "description": "MachineConfig describes the configuration of a machine.", "properties": { "cpuCount": { "type": "integer", "description": "The number of CPU's in the VM instance." } }, "type": "object", "required": [ "cpuCount" ] }, "google-native:alloydb/v1:MigrationSourceResponse": { "description": "Subset of the source instance configuration that is available when reading the cluster resource.", "properties": { "hostPort": { "type": "string", "description": "The host and port of the on-premises instance in host:port format" }, "referenceId": { "type": "string", "description": "Place holder for the external source identifier(e.g DMS job name) that created the cluster." }, "sourceType": { "type": "string", "description": "Type of migration source." } }, "type": "object", "required": [ "hostPort", "referenceId", "sourceType" ] }, "google-native:alloydb/v1:NetworkConfig": { "description": "Metadata related to network configuration.", "properties": { "allocatedIpRange": { "type": "string", "description": "Optional. Name of the allocated IP range for the private IP AlloyDB cluster, for example: \"google-managed-services-default\". If set, the instance IPs for this cluster will be created in the allocated range. The range name must comply with RFC 1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. Field name is intended to be consistent with Cloud SQL." }, "network": { "type": "string", "description": "Optional. The resource link for the VPC network in which cluster resources are created and from which they are accessible via Private IP. The network must belong to the same project as the cluster. It is specified in the form: \"projects/{project_number}/global/networks/{network_id}\". This is required to create a cluster." } }, "type": "object" }, "google-native:alloydb/v1:NetworkConfigResponse": { "description": "Metadata related to network configuration.", "properties": { "allocatedIpRange": { "type": "string", "description": "Optional. Name of the allocated IP range for the private IP AlloyDB cluster, for example: \"google-managed-services-default\". If set, the instance IPs for this cluster will be created in the allocated range. The range name must comply with RFC 1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. Field name is intended to be consistent with Cloud SQL." }, "network": { "type": "string", "description": "Optional. The resource link for the VPC network in which cluster resources are created and from which they are accessible via Private IP. The network must belong to the same project as the cluster. It is specified in the form: \"projects/{project_number}/global/networks/{network_id}\". This is required to create a cluster." } }, "type": "object", "required": [ "allocatedIpRange", "network" ] }, "google-native:alloydb/v1:NodeResponse": { "description": "Details of a single node in the instance. Nodes in an AlloyDB instance are ephemereal, they can change during update, failover, autohealing and resize operations.", "properties": { "ip": { "type": "string", "description": "The private IP address of the VM e.g. \"10.57.0.34\"." }, "state": { "type": "string", "description": "Determined by state of the compute VM and postgres-service health. Compute VM state can have values listed in https://cloud.google.com/compute/docs/instances/instance-life-cycle and postgres-service health can have values: HEALTHY and UNHEALTHY." }, "zone": { "type": "string", "description": "The Compute Engine zone of the VM e.g. \"us-central1-b\"." } }, "type": "object", "required": [ "ip", "state", "zone" ] }, "google-native:alloydb/v1:PrimaryConfigResponse": { "description": "Configuration for the primary cluster. It has the list of clusters that are replicating from this cluster. This should be set if and only if the cluster is of type PRIMARY.", "properties": { "secondaryClusterNames": { "type": "array", "items": { "type": "string" }, "description": "Names of the clusters that are replicating from this cluster." } }, "type": "object", "required": [ "secondaryClusterNames" ] }, "google-native:alloydb/v1:QuantityBasedExpiryResponse": { "description": "A backup's position in a quantity-based retention queue, of backups with the same source cluster and type, with length, retention, specified by the backup's retention policy. Once the position is greater than the retention, the backup is eligible to be garbage collected. Example: 5 backups from the same source cluster and type with a quantity-based retention of 3 and denoted by backup_id (position, retention). Safe: backup_5 (1, 3), backup_4, (2, 3), backup_3 (3, 3). Awaiting garbage collection: backup_2 (4, 3), backup_1 (5, 3)", "properties": { "retentionCount": { "type": "integer", "description": "The backup's position among its backups with the same source cluster and type, by descending chronological order create time(i.e. newest first)." }, "totalRetentionCount": { "type": "integer", "description": "The length of the quantity-based queue, specified by the backup's retention policy." } }, "type": "object", "required": [ "retentionCount", "totalRetentionCount" ] }, "google-native:alloydb/v1:QuantityBasedRetention": { "description": "A quantity based policy specifies that a certain number of the most recent successful backups should be retained.", "properties": { "count": { "type": "integer", "description": "The number of backups to retain." } }, "type": "object" }, "google-native:alloydb/v1:QuantityBasedRetentionResponse": { "description": "A quantity based policy specifies that a certain number of the most recent successful backups should be retained.", "properties": { "count": { "type": "integer", "description": "The number of backups to retain." } }, "type": "object", "required": [ "count" ] }, "google-native:alloydb/v1:QueryInsightsInstanceConfig": { "description": "QueryInsights Instance specific configuration.", "properties": { "queryPlansPerMinute": { "type": "integer", "description": "Number of query execution plans captured by Insights per minute for all queries combined. The default value is 5. Any integer between 0 and 20 is considered valid." }, "queryStringLength": { "type": "integer", "description": "Query string length. The default value is 1024. Any integer between 256 and 4500 is considered valid." }, "recordApplicationTags": { "type": "boolean", "description": "Record application tags for an instance. This flag is turned \"on\" by default." }, "recordClientAddress": { "type": "boolean", "description": "Record client address for an instance. Client address is PII information. This flag is turned \"on\" by default." } }, "type": "object" }, "google-native:alloydb/v1:QueryInsightsInstanceConfigResponse": { "description": "QueryInsights Instance specific configuration.", "properties": { "queryPlansPerMinute": { "type": "integer", "description": "Number of query execution plans captured by Insights per minute for all queries combined. The default value is 5. Any integer between 0 and 20 is considered valid." }, "queryStringLength": { "type": "integer", "description": "Query string length. The default value is 1024. Any integer between 256 and 4500 is considered valid." }, "recordApplicationTags": { "type": "boolean", "description": "Record application tags for an instance. This flag is turned \"on\" by default." }, "recordClientAddress": { "type": "boolean", "description": "Record client address for an instance. Client address is PII information. This flag is turned \"on\" by default." } }, "type": "object", "required": [ "queryPlansPerMinute", "queryStringLength", "recordApplicationTags", "recordClientAddress" ] }, "google-native:alloydb/v1:ReadPoolConfig": { "description": "Configuration for a read pool instance.", "properties": { "nodeCount": { "type": "integer", "description": "Read capacity, i.e. number of nodes in a read pool instance." } }, "type": "object" }, "google-native:alloydb/v1:ReadPoolConfigResponse": { "description": "Configuration for a read pool instance.", "properties": { "nodeCount": { "type": "integer", "description": "Read capacity, i.e. number of nodes in a read pool instance." } }, "type": "object", "required": [ "nodeCount" ] }, "google-native:alloydb/v1:SecondaryConfig": { "description": "Configuration information for the secondary cluster. This should be set if and only if the cluster is of type SECONDARY.", "properties": { "primaryClusterName": { "type": "string", "description": "The name of the primary cluster name with the format: * projects/{project}/locations/{region}/clusters/{cluster_id}" } }, "type": "object" }, "google-native:alloydb/v1:SecondaryConfigResponse": { "description": "Configuration information for the secondary cluster. This should be set if and only if the cluster is of type SECONDARY.", "properties": { "primaryClusterName": { "type": "string", "description": "The name of the primary cluster name with the format: * projects/{project}/locations/{region}/clusters/{cluster_id}" } }, "type": "object", "required": [ "primaryClusterName" ] }, "google-native:alloydb/v1:SslConfig": { "description": "SSL configuration.", "properties": { "caSource": { "$ref": "#/types/google-native:alloydb%2Fv1:SslConfigCaSource", "description": "Optional. Certificate Authority (CA) source. Only CA_SOURCE_MANAGED is supported currently, and is the default value." }, "sslMode": { "$ref": "#/types/google-native:alloydb%2Fv1:SslConfigSslMode", "description": "Optional. SSL mode. Specifies client-server SSL/TLS connection behavior." } }, "type": "object" }, "google-native:alloydb/v1:SslConfigCaSource": { "description": "Optional. Certificate Authority (CA) source. Only CA_SOURCE_MANAGED is supported currently, and is the default value.", "type": "string", "enum": [ { "name": "CaSourceUnspecified", "description": "Certificate Authority (CA) source not specified. Defaults to CA_SOURCE_MANAGED.", "value": "CA_SOURCE_UNSPECIFIED" }, { "name": "CaSourceManaged", "description": "Certificate Authority (CA) managed by the AlloyDB Cluster.", "value": "CA_SOURCE_MANAGED" } ] }, "google-native:alloydb/v1:SslConfigResponse": { "description": "SSL configuration.", "properties": { "caSource": { "type": "string", "description": "Optional. Certificate Authority (CA) source. Only CA_SOURCE_MANAGED is supported currently, and is the default value." }, "sslMode": { "type": "string", "description": "Optional. SSL mode. Specifies client-server SSL/TLS connection behavior." } }, "type": "object", "required": [ "caSource", "sslMode" ] }, "google-native:alloydb/v1:SslConfigSslMode": { "description": "Optional. SSL mode. Specifies client-server SSL/TLS connection behavior.", "type": "string", "enum": [ { "name": "SslModeUnspecified", "description": "SSL mode not specified. Defaults to ENCRYPTED_ONLY.", "value": "SSL_MODE_UNSPECIFIED" }, { "name": "SslModeAllow", "description": "SSL connections are optional. CA verification not enforced.", "value": "SSL_MODE_ALLOW" }, { "name": "SslModeRequire", "description": "SSL connections are required. CA verification not enforced. Clients may use locally self-signed certificates (default psql client behavior).", "value": "SSL_MODE_REQUIRE" }, { "name": "SslModeVerifyCa", "description": "SSL connections are required. CA verification enforced. Clients must have certificates signed by a Cluster CA, e.g. via GenerateClientCertificate.", "value": "SSL_MODE_VERIFY_CA" }, { "name": "AllowUnencryptedAndEncrypted", "description": "SSL connections are optional. CA verification not enforced.", "value": "ALLOW_UNENCRYPTED_AND_ENCRYPTED" }, { "name": "EncryptedOnly", "description": "SSL connections are required. CA verification not enforced.", "value": "ENCRYPTED_ONLY" } ] }, "google-native:alloydb/v1:TimeBasedRetention": { "description": "A time based retention policy specifies that all backups within a certain time period should be retained.", "properties": { "retentionPeriod": { "type": "string", "description": "The retention period." } }, "type": "object" }, "google-native:alloydb/v1:TimeBasedRetentionResponse": { "description": "A time based retention policy specifies that all backups within a certain time period should be retained.", "properties": { "retentionPeriod": { "type": "string", "description": "The retention period." } }, "type": "object", "required": [ "retentionPeriod" ] }, "google-native:alloydb/v1:UserPassword": { "description": "The username/password for a database user. Used for specifying initial users at cluster creation time.", "properties": { "password": { "type": "string", "description": "The initial password for the user." }, "user": { "type": "string", "description": "The database username." } }, "type": "object" }, "google-native:alloydb/v1:UserPasswordResponse": { "description": "The username/password for a database user. Used for specifying initial users at cluster creation time.", "properties": { "password": { "type": "string", "description": "The initial password for the user." }, "user": { "type": "string", "description": "The database username." } }, "type": "object", "required": [ "password", "user" ] }, "google-native:alloydb/v1:UserUserType": { "description": "Optional. Type of this user.", "type": "string", "enum": [ { "name": "UserTypeUnspecified", "description": "Unspecified user type.", "value": "USER_TYPE_UNSPECIFIED" }, { "name": "AlloydbBuiltIn", "description": "The default user type that authenticates via password-based authentication.", "value": "ALLOYDB_BUILT_IN" }, { "name": "AlloydbIamUser", "description": "Database user that can authenticate via IAM-Based authentication.", "value": "ALLOYDB_IAM_USER" } ] }, "google-native:alloydb/v1:WeeklySchedule": { "description": "A weekly schedule starts a backup at prescribed start times within a day, for the specified days of the week. The weekly schedule message is flexible and can be used to create many types of schedules. For example, to have a daily backup that starts at 22:00, configure the `start_times` field to have one element \"22:00\" and the `days_of_week` field to have all seven days of the week.", "properties": { "daysOfWeek": { "type": "array", "items": { "$ref": "#/types/google-native:alloydb%2Fv1:WeeklyScheduleDaysOfWeekItem" }, "description": "The days of the week to perform a backup. If this field is left empty, the default of every day of the week is used." }, "startTimes": { "type": "array", "items": { "$ref": "#/types/google-native:alloydb%2Fv1:GoogleTypeTimeOfDay" }, "description": "The times during the day to start a backup. The start times are assumed to be in UTC and to be an exact hour (e.g., 04:00:00). If no start times are provided, a single fixed start time is chosen arbitrarily." } }, "type": "object" }, "google-native:alloydb/v1:WeeklyScheduleDaysOfWeekItem": { "type": "string", "enum": [ { "name": "DayOfWeekUnspecified", "description": "The day of the week is unspecified.", "value": "DAY_OF_WEEK_UNSPECIFIED" }, { "name": "Monday", "description": "Monday", "value": "MONDAY" }, { "name": "Tuesday", "description": "Tuesday", "value": "TUESDAY" }, { "name": "Wednesday", "description": "Wednesday", "value": "WEDNESDAY" }, { "name": "Thursday", "description": "Thursday", "value": "THURSDAY" }, { "name": "Friday", "description": "Friday", "value": "FRIDAY" }, { "name": "Saturday", "description": "Saturday", "value": "SATURDAY" }, { "name": "Sunday", "description": "Sunday", "value": "SUNDAY" } ] }, "google-native:alloydb/v1:WeeklyScheduleResponse": { "description": "A weekly schedule starts a backup at prescribed start times within a day, for the specified days of the week. The weekly schedule message is flexible and can be used to create many types of schedules. For example, to have a daily backup that starts at 22:00, configure the `start_times` field to have one element \"22:00\" and the `days_of_week` field to have all seven days of the week.", "properties": { "daysOfWeek": { "type": "array", "items": { "type": "string" }, "description": "The days of the week to perform a backup. If this field is left empty, the default of every day of the week is used." }, "startTimes": { "type": "array", "items": { "$ref": "#/types/google-native:alloydb%2Fv1:GoogleTypeTimeOfDayResponse" }, "description": "The times during the day to start a backup. The start times are assumed to be in UTC and to be an exact hour (e.g., 04:00:00). If no start times are provided, a single fixed start time is chosen arbitrarily." } }, "type": "object", "required": [ "daysOfWeek", "startTimes" ] }, "google-native:alloydb/v1alpha:AutomatedBackupPolicy": { "description": "Message describing the user-specified automated backup policy. All fields in the automated backup policy are optional. Defaults for each field are provided if they are not set.", "properties": { "backupWindow": { "type": "string", "description": "The length of the time window during which a backup can be taken. If a backup does not succeed within this time window, it will be canceled and considered failed. The backup window must be at least 5 minutes long. There is no upper bound on the window. If not set, it defaults to 1 hour." }, "enabled": { "type": "boolean", "description": "Whether automated automated backups are enabled. If not set, defaults to true." }, "encryptionConfig": { "$ref": "#/types/google-native:alloydb%2Fv1alpha:EncryptionConfig", "description": "Optional. The encryption config can be specified to encrypt the backups with a customer-managed encryption key (CMEK). When this field is not specified, the backup will then use default encryption scheme to protect the user data." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels to apply to backups created using this configuration." }, "location": { "type": "string", "description": "The location where the backup will be stored. Currently, the only supported option is to store the backup in the same region as the cluster. If empty, defaults to the region of the cluster." }, "quantityBasedRetention": { "$ref": "#/types/google-native:alloydb%2Fv1alpha:QuantityBasedRetention", "description": "Quantity-based Backup retention policy to retain recent backups." }, "timeBasedRetention": { "$ref": "#/types/google-native:alloydb%2Fv1alpha:TimeBasedRetention", "description": "Time-based Backup retention policy." }, "weeklySchedule": { "$ref": "#/types/google-native:alloydb%2Fv1alpha:WeeklySchedule", "description": "Weekly schedule for the Backup." } }, "type": "object" }, "google-native:alloydb/v1alpha:AutomatedBackupPolicyResponse": { "description": "Message describing the user-specified automated backup policy. All fields in the automated backup policy are optional. Defaults for each field are provided if they are not set.", "properties": { "backupWindow": { "type": "string", "description": "The length of the time window during which a backup can be taken. If a backup does not succeed within this time window, it will be canceled and considered failed. The backup window must be at least 5 minutes long. There is no upper bound on the window. If not set, it defaults to 1 hour." }, "enabled": { "type": "boolean", "description": "Whether automated automated backups are enabled. If not set, defaults to true." }, "encryptionConfig": { "$ref": "#/types/google-native:alloydb%2Fv1alpha:EncryptionConfigResponse", "description": "Optional. The encryption config can be specified to encrypt the backups with a customer-managed encryption key (CMEK). When this field is not specified, the backup will then use default encryption scheme to protect the user data." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels to apply to backups created using this configuration." }, "location": { "type": "string", "description": "The location where the backup will be stored. Currently, the only supported option is to store the backup in the same region as the cluster. If empty, defaults to the region of the cluster." }, "quantityBasedRetention": { "$ref": "#/types/google-native:alloydb%2Fv1alpha:QuantityBasedRetentionResponse", "description": "Quantity-based Backup retention policy to retain recent backups." }, "timeBasedRetention": { "$ref": "#/types/google-native:alloydb%2Fv1alpha:TimeBasedRetentionResponse", "description": "Time-based Backup retention policy." }, "weeklySchedule": { "$ref": "#/types/google-native:alloydb%2Fv1alpha:WeeklyScheduleResponse", "description": "Weekly schedule for the Backup." } }, "type": "object", "required": [ "backupWindow", "enabled", "encryptionConfig", "labels", "location", "quantityBasedRetention", "timeBasedRetention", "weeklySchedule" ] }, "google-native:alloydb/v1alpha:BackupSourceResponse": { "description": "Message describing a BackupSource.", "properties": { "backupName": { "type": "string", "description": "The name of the backup resource with the format: * projects/{project}/locations/{region}/backups/{backup_id}" }, "backupUid": { "type": "string", "description": "The system-generated UID of the backup which was used to create this resource. The UID is generated when the backup is created, and it is retained until the backup is deleted." } }, "type": "object", "required": [ "backupName", "backupUid" ] }, "google-native:alloydb/v1alpha:BackupType": { "description": "The backup type, which suggests the trigger for the backup.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Backup Type is unknown.", "value": "TYPE_UNSPECIFIED" }, { "name": "OnDemand", "description": "ON_DEMAND backups that were triggered by the customer (e.g., not AUTOMATED).", "value": "ON_DEMAND" }, { "name": "Automated", "description": "AUTOMATED backups triggered by the automated backups scheduler pursuant to an automated backup policy.", "value": "AUTOMATED" }, { "name": "Continuous", "description": "CONTINUOUS backups triggered by the automated backups scheduler due to a continuous backup policy.", "value": "CONTINUOUS" } ] }, "google-native:alloydb/v1alpha:ClientConnectionConfig": { "description": "Client connection configuration", "properties": { "requireConnectors": { "type": "boolean", "description": "Optional. Configuration to enforce connectors only (ex: AuthProxy) connections to the database." }, "sslConfig": { "$ref": "#/types/google-native:alloydb%2Fv1alpha:SslConfig", "description": "Optional. SSL config option for this instance." } }, "type": "object" }, "google-native:alloydb/v1alpha:ClientConnectionConfigResponse": { "description": "Client connection configuration", "properties": { "requireConnectors": { "type": "boolean", "description": "Optional. Configuration to enforce connectors only (ex: AuthProxy) connections to the database." }, "sslConfig": { "$ref": "#/types/google-native:alloydb%2Fv1alpha:SslConfigResponse", "description": "Optional. SSL config option for this instance." } }, "type": "object", "required": [ "requireConnectors", "sslConfig" ] }, "google-native:alloydb/v1alpha:ClusterDatabaseVersion": { "description": "Optional. The database engine major version. This is an optional field and it is populated at the Cluster creation time. If a database version is not supplied at cluster creation time, then a default database version will be used.", "type": "string", "enum": [ { "name": "DatabaseVersionUnspecified", "description": "This is an unknown database version.", "value": "DATABASE_VERSION_UNSPECIFIED" }, { "name": "Postgres13", "description": "DEPRECATED - The database version is Postgres 13.", "value": "POSTGRES_13" }, { "name": "Postgres14", "description": "The database version is Postgres 14.", "value": "POSTGRES_14" }, { "name": "Postgres15", "description": "The database version is Postgres 15.", "value": "POSTGRES_15" } ] }, "google-native:alloydb/v1alpha:ContinuousBackupConfig": { "description": "ContinuousBackupConfig describes the continuous backups recovery configurations of a cluster.", "properties": { "enabled": { "type": "boolean", "description": "Whether ContinuousBackup is enabled." }, "encryptionConfig": { "$ref": "#/types/google-native:alloydb%2Fv1alpha:EncryptionConfig", "description": "The encryption config can be specified to encrypt the backups with a customer-managed encryption key (CMEK). When this field is not specified, the backup will then use default encryption scheme to protect the user data." }, "recoveryWindowDays": { "type": "integer", "description": "The number of days that are eligible to restore from using PITR. To support the entire recovery window, backups and logs are retained for one day more than the recovery window. If not set, defaults to 14 days." } }, "type": "object" }, "google-native:alloydb/v1alpha:ContinuousBackupConfigResponse": { "description": "ContinuousBackupConfig describes the continuous backups recovery configurations of a cluster.", "properties": { "enabled": { "type": "boolean", "description": "Whether ContinuousBackup is enabled." }, "encryptionConfig": { "$ref": "#/types/google-native:alloydb%2Fv1alpha:EncryptionConfigResponse", "description": "The encryption config can be specified to encrypt the backups with a customer-managed encryption key (CMEK). When this field is not specified, the backup will then use default encryption scheme to protect the user data." }, "recoveryWindowDays": { "type": "integer", "description": "The number of days that are eligible to restore from using PITR. To support the entire recovery window, backups and logs are retained for one day more than the recovery window. If not set, defaults to 14 days." } }, "type": "object", "required": [ "enabled", "encryptionConfig", "recoveryWindowDays" ] }, "google-native:alloydb/v1alpha:ContinuousBackupInfoResponse": { "description": "ContinuousBackupInfo describes the continuous backup properties of a cluster.", "properties": { "earliestRestorableTime": { "type": "string", "description": "The earliest restorable time that can be restored to. Output only field." }, "enabledTime": { "type": "string", "description": "When ContinuousBackup was most recently enabled. Set to null if ContinuousBackup is not enabled." }, "encryptionInfo": { "$ref": "#/types/google-native:alloydb%2Fv1alpha:EncryptionInfoResponse", "description": "The encryption information for the WALs and backups required for ContinuousBackup." }, "schedule": { "type": "array", "items": { "type": "string" }, "description": "Days of the week on which a continuous backup is taken. Output only field. Ignored if passed into the request." } }, "type": "object", "required": [ "earliestRestorableTime", "enabledTime", "encryptionInfo", "schedule" ] }, "google-native:alloydb/v1alpha:EncryptionConfig": { "description": "EncryptionConfig describes the encryption config of a cluster or a backup that is encrypted with a CMEK (customer-managed encryption key).", "properties": { "kmsKeyName": { "type": "string", "description": "The fully-qualified resource name of the KMS key. Each Cloud KMS key is regionalized and has the following format: projects/[PROJECT]/locations/[REGION]/keyRings/[RING]/cryptoKeys/[KEY_NAME]" } }, "type": "object" }, "google-native:alloydb/v1alpha:EncryptionConfigResponse": { "description": "EncryptionConfig describes the encryption config of a cluster or a backup that is encrypted with a CMEK (customer-managed encryption key).", "properties": { "kmsKeyName": { "type": "string", "description": "The fully-qualified resource name of the KMS key. Each Cloud KMS key is regionalized and has the following format: projects/[PROJECT]/locations/[REGION]/keyRings/[RING]/cryptoKeys/[KEY_NAME]" } }, "type": "object", "required": [ "kmsKeyName" ] }, "google-native:alloydb/v1alpha:EncryptionInfoResponse": { "description": "EncryptionInfo describes the encryption information of a cluster or a backup.", "properties": { "encryptionType": { "type": "string", "description": "Type of encryption." }, "kmsKeyVersions": { "type": "array", "items": { "type": "string" }, "description": "Cloud KMS key versions that are being used to protect the database or the backup." } }, "type": "object", "required": [ "encryptionType", "kmsKeyVersions" ] }, "google-native:alloydb/v1alpha:GoogleTypeTimeOfDay": { "description": "Represents a time of day. The date and time zone are either not significant or are specified elsewhere. An API may choose to allow leap seconds. Related types are google.type.Date and `google.protobuf.Timestamp`.", "properties": { "hours": { "type": "integer", "description": "Hours of day in 24 hour format. Should be from 0 to 23. An API may choose to allow the value \"24:00:00\" for scenarios like business closing time." }, "minutes": { "type": "integer", "description": "Minutes of hour of day. Must be from 0 to 59." }, "nanos": { "type": "integer", "description": "Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999." }, "seconds": { "type": "integer", "description": "Seconds of minutes of the time. Must normally be from 0 to 59. An API may allow the value 60 if it allows leap-seconds." } }, "type": "object" }, "google-native:alloydb/v1alpha:GoogleTypeTimeOfDayResponse": { "description": "Represents a time of day. The date and time zone are either not significant or are specified elsewhere. An API may choose to allow leap seconds. Related types are google.type.Date and `google.protobuf.Timestamp`.", "properties": { "hours": { "type": "integer", "description": "Hours of day in 24 hour format. Should be from 0 to 23. An API may choose to allow the value \"24:00:00\" for scenarios like business closing time." }, "minutes": { "type": "integer", "description": "Minutes of hour of day. Must be from 0 to 59." }, "nanos": { "type": "integer", "description": "Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999." }, "seconds": { "type": "integer", "description": "Seconds of minutes of the time. Must normally be from 0 to 59. An API may allow the value 60 if it allows leap-seconds." } }, "type": "object", "required": [ "hours", "minutes", "nanos", "seconds" ] }, "google-native:alloydb/v1alpha:InstanceAvailabilityType": { "description": "Availability type of an Instance. If empty, defaults to REGIONAL for primary instances. For read pools, availability_type is always UNSPECIFIED. Instances in the read pools are evenly distributed across available zones within the region (i.e. read pools with more than one node will have a node in at least two zones).", "type": "string", "enum": [ { "name": "AvailabilityTypeUnspecified", "description": "This is an unknown Availability type.", "value": "AVAILABILITY_TYPE_UNSPECIFIED" }, { "name": "Zonal", "description": "Zonal available instance.", "value": "ZONAL" }, { "name": "Regional", "description": "Regional (or Highly) available instance.", "value": "REGIONAL" } ] }, "google-native:alloydb/v1alpha:InstanceInstanceType": { "description": "Required. The type of the instance. Specified at creation time.", "type": "string", "enum": [ { "name": "InstanceTypeUnspecified", "description": "The type of the instance is unknown.", "value": "INSTANCE_TYPE_UNSPECIFIED" }, { "name": "Primary", "description": "PRIMARY instances support read and write operations.", "value": "PRIMARY" }, { "name": "ReadPool", "description": "READ POOL instances support read operations only. Each read pool instance consists of one or more homogeneous nodes. * Read pool of size 1 can only have zonal availability. * Read pools with node count of 2 or more can have regional availability (nodes are present in 2 or more zones in a region).", "value": "READ_POOL" }, { "name": "Secondary", "description": "SECONDARY instances support read operations only. SECONDARY instance is a cross-region read replica", "value": "SECONDARY" } ] }, "google-native:alloydb/v1alpha:MachineConfig": { "description": "MachineConfig describes the configuration of a machine.", "properties": { "cpuCount": { "type": "integer", "description": "The number of CPU's in the VM instance." } }, "type": "object" }, "google-native:alloydb/v1alpha:MachineConfigResponse": { "description": "MachineConfig describes the configuration of a machine.", "properties": { "cpuCount": { "type": "integer", "description": "The number of CPU's in the VM instance." } }, "type": "object", "required": [ "cpuCount" ] }, "google-native:alloydb/v1alpha:MigrationSourceResponse": { "description": "Subset of the source instance configuration that is available when reading the cluster resource.", "properties": { "hostPort": { "type": "string", "description": "The host and port of the on-premises instance in host:port format" }, "referenceId": { "type": "string", "description": "Place holder for the external source identifier(e.g DMS job name) that created the cluster." }, "sourceType": { "type": "string", "description": "Type of migration source." } }, "type": "object", "required": [ "hostPort", "referenceId", "sourceType" ] }, "google-native:alloydb/v1alpha:NetworkConfig": { "description": "Metadata related to network configuration.", "properties": { "allocatedIpRange": { "type": "string", "description": "Optional. Name of the allocated IP range for the private IP AlloyDB cluster, for example: \"google-managed-services-default\". If set, the instance IPs for this cluster will be created in the allocated range. The range name must comply with RFC 1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. Field name is intended to be consistent with Cloud SQL." }, "network": { "type": "string", "description": "Optional. The resource link for the VPC network in which cluster resources are created and from which they are accessible via Private IP. The network must belong to the same project as the cluster. It is specified in the form: \"projects/{project_number}/global/networks/{network_id}\". This is required to create a cluster." } }, "type": "object" }, "google-native:alloydb/v1alpha:NetworkConfigResponse": { "description": "Metadata related to network configuration.", "properties": { "allocatedIpRange": { "type": "string", "description": "Optional. Name of the allocated IP range for the private IP AlloyDB cluster, for example: \"google-managed-services-default\". If set, the instance IPs for this cluster will be created in the allocated range. The range name must comply with RFC 1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. Field name is intended to be consistent with Cloud SQL." }, "network": { "type": "string", "description": "Optional. The resource link for the VPC network in which cluster resources are created and from which they are accessible via Private IP. The network must belong to the same project as the cluster. It is specified in the form: \"projects/{project_number}/global/networks/{network_id}\". This is required to create a cluster." } }, "type": "object", "required": [ "allocatedIpRange", "network" ] }, "google-native:alloydb/v1alpha:NodeResponse": { "description": "Details of a single node in the instance. Nodes in an AlloyDB instance are ephemereal, they can change during update, failover, autohealing and resize operations.", "properties": { "ip": { "type": "string", "description": "The private IP address of the VM e.g. \"10.57.0.34\"." }, "state": { "type": "string", "description": "Determined by state of the compute VM and postgres-service health. Compute VM state can have values listed in https://cloud.google.com/compute/docs/instances/instance-life-cycle and postgres-service health can have values: HEALTHY and UNHEALTHY." }, "zone": { "type": "string", "description": "The Compute Engine zone of the VM e.g. \"us-central1-b\"." } }, "type": "object", "required": [ "ip", "state", "zone" ] }, "google-native:alloydb/v1alpha:PrimaryConfigResponse": { "description": "Configuration for the primary cluster. It has the list of clusters that are replicating from this cluster. This should be set if and only if the cluster is of type PRIMARY.", "properties": { "secondaryClusterNames": { "type": "array", "items": { "type": "string" }, "description": "Names of the clusters that are replicating from this cluster." } }, "type": "object", "required": [ "secondaryClusterNames" ] }, "google-native:alloydb/v1alpha:PscConfig": { "description": "PscConfig contains PSC related configuration at a cluster level. NEXT ID: 2", "properties": { "pscEnabled": { "type": "boolean", "description": "Optional. Create an instance that allows connections from Private Service Connect endpoints to the instance." } }, "type": "object" }, "google-native:alloydb/v1alpha:PscConfigResponse": { "description": "PscConfig contains PSC related configuration at a cluster level. NEXT ID: 2", "properties": { "pscEnabled": { "type": "boolean", "description": "Optional. Create an instance that allows connections from Private Service Connect endpoints to the instance." } }, "type": "object", "required": [ "pscEnabled" ] }, "google-native:alloydb/v1alpha:QuantityBasedExpiryResponse": { "description": "A backup's position in a quantity-based retention queue, of backups with the same source cluster and type, with length, retention, specified by the backup's retention policy. Once the position is greater than the retention, the backup is eligible to be garbage collected. Example: 5 backups from the same source cluster and type with a quantity-based retention of 3 and denoted by backup_id (position, retention). Safe: backup_5 (1, 3), backup_4, (2, 3), backup_3 (3, 3). Awaiting garbage collection: backup_2 (4, 3), backup_1 (5, 3)", "properties": { "retentionCount": { "type": "integer", "description": "The backup's position among its backups with the same source cluster and type, by descending chronological order create time(i.e. newest first)." }, "totalRetentionCount": { "type": "integer", "description": "The length of the quantity-based queue, specified by the backup's retention policy." } }, "type": "object", "required": [ "retentionCount", "totalRetentionCount" ] }, "google-native:alloydb/v1alpha:QuantityBasedRetention": { "description": "A quantity based policy specifies that a certain number of the most recent successful backups should be retained.", "properties": { "count": { "type": "integer", "description": "The number of backups to retain." } }, "type": "object" }, "google-native:alloydb/v1alpha:QuantityBasedRetentionResponse": { "description": "A quantity based policy specifies that a certain number of the most recent successful backups should be retained.", "properties": { "count": { "type": "integer", "description": "The number of backups to retain." } }, "type": "object", "required": [ "count" ] }, "google-native:alloydb/v1alpha:QueryInsightsInstanceConfig": { "description": "QueryInsights Instance specific configuration.", "properties": { "queryPlansPerMinute": { "type": "integer", "description": "Number of query execution plans captured by Insights per minute for all queries combined. The default value is 5. Any integer between 0 and 20 is considered valid." }, "queryStringLength": { "type": "integer", "description": "Query string length. The default value is 1024. Any integer between 256 and 4500 is considered valid." }, "recordApplicationTags": { "type": "boolean", "description": "Record application tags for an instance. This flag is turned \"on\" by default." }, "recordClientAddress": { "type": "boolean", "description": "Record client address for an instance. Client address is PII information. This flag is turned \"on\" by default." } }, "type": "object" }, "google-native:alloydb/v1alpha:QueryInsightsInstanceConfigResponse": { "description": "QueryInsights Instance specific configuration.", "properties": { "queryPlansPerMinute": { "type": "integer", "description": "Number of query execution plans captured by Insights per minute for all queries combined. The default value is 5. Any integer between 0 and 20 is considered valid." }, "queryStringLength": { "type": "integer", "description": "Query string length. The default value is 1024. Any integer between 256 and 4500 is considered valid." }, "recordApplicationTags": { "type": "boolean", "description": "Record application tags for an instance. This flag is turned \"on\" by default." }, "recordClientAddress": { "type": "boolean", "description": "Record client address for an instance. Client address is PII information. This flag is turned \"on\" by default." } }, "type": "object", "required": [ "queryPlansPerMinute", "queryStringLength", "recordApplicationTags", "recordClientAddress" ] }, "google-native:alloydb/v1alpha:ReadPoolConfig": { "description": "Configuration for a read pool instance.", "properties": { "nodeCount": { "type": "integer", "description": "Read capacity, i.e. number of nodes in a read pool instance." } }, "type": "object" }, "google-native:alloydb/v1alpha:ReadPoolConfigResponse": { "description": "Configuration for a read pool instance.", "properties": { "nodeCount": { "type": "integer", "description": "Read capacity, i.e. number of nodes in a read pool instance." } }, "type": "object", "required": [ "nodeCount" ] }, "google-native:alloydb/v1alpha:SecondaryConfig": { "description": "Configuration information for the secondary cluster. This should be set if and only if the cluster is of type SECONDARY.", "properties": { "primaryClusterName": { "type": "string", "description": "The name of the primary cluster name with the format: * projects/{project}/locations/{region}/clusters/{cluster_id}" } }, "type": "object" }, "google-native:alloydb/v1alpha:SecondaryConfigResponse": { "description": "Configuration information for the secondary cluster. This should be set if and only if the cluster is of type SECONDARY.", "properties": { "primaryClusterName": { "type": "string", "description": "The name of the primary cluster name with the format: * projects/{project}/locations/{region}/clusters/{cluster_id}" } }, "type": "object", "required": [ "primaryClusterName" ] }, "google-native:alloydb/v1alpha:SslConfig": { "description": "SSL configuration.", "properties": { "caSource": { "$ref": "#/types/google-native:alloydb%2Fv1alpha:SslConfigCaSource", "description": "Optional. Certificate Authority (CA) source. Only CA_SOURCE_MANAGED is supported currently, and is the default value." }, "sslMode": { "$ref": "#/types/google-native:alloydb%2Fv1alpha:SslConfigSslMode", "description": "Optional. SSL mode. Specifies client-server SSL/TLS connection behavior." } }, "type": "object" }, "google-native:alloydb/v1alpha:SslConfigCaSource": { "description": "Optional. Certificate Authority (CA) source. Only CA_SOURCE_MANAGED is supported currently, and is the default value.", "type": "string", "enum": [ { "name": "CaSourceUnspecified", "description": "Certificate Authority (CA) source not specified. Defaults to CA_SOURCE_MANAGED.", "value": "CA_SOURCE_UNSPECIFIED" }, { "name": "CaSourceManaged", "description": "Certificate Authority (CA) managed by the AlloyDB Cluster.", "value": "CA_SOURCE_MANAGED" } ] }, "google-native:alloydb/v1alpha:SslConfigResponse": { "description": "SSL configuration.", "properties": { "caSource": { "type": "string", "description": "Optional. Certificate Authority (CA) source. Only CA_SOURCE_MANAGED is supported currently, and is the default value." }, "sslMode": { "type": "string", "description": "Optional. SSL mode. Specifies client-server SSL/TLS connection behavior." } }, "type": "object", "required": [ "caSource", "sslMode" ] }, "google-native:alloydb/v1alpha:SslConfigSslMode": { "description": "Optional. SSL mode. Specifies client-server SSL/TLS connection behavior.", "type": "string", "enum": [ { "name": "SslModeUnspecified", "description": "SSL mode not specified. Defaults to ENCRYPTED_ONLY.", "value": "SSL_MODE_UNSPECIFIED" }, { "name": "SslModeAllow", "description": "SSL connections are optional. CA verification not enforced.", "value": "SSL_MODE_ALLOW" }, { "name": "SslModeRequire", "description": "SSL connections are required. CA verification not enforced. Clients may use locally self-signed certificates (default psql client behavior).", "value": "SSL_MODE_REQUIRE" }, { "name": "SslModeVerifyCa", "description": "SSL connections are required. CA verification enforced. Clients must have certificates signed by a Cluster CA, e.g. via GenerateClientCertificate.", "value": "SSL_MODE_VERIFY_CA" }, { "name": "AllowUnencryptedAndEncrypted", "description": "SSL connections are optional. CA verification not enforced.", "value": "ALLOW_UNENCRYPTED_AND_ENCRYPTED" }, { "name": "EncryptedOnly", "description": "SSL connections are required. CA verification not enforced.", "value": "ENCRYPTED_ONLY" } ] }, "google-native:alloydb/v1alpha:TimeBasedRetention": { "description": "A time based retention policy specifies that all backups within a certain time period should be retained.", "properties": { "retentionPeriod": { "type": "string", "description": "The retention period." } }, "type": "object" }, "google-native:alloydb/v1alpha:TimeBasedRetentionResponse": { "description": "A time based retention policy specifies that all backups within a certain time period should be retained.", "properties": { "retentionPeriod": { "type": "string", "description": "The retention period." } }, "type": "object", "required": [ "retentionPeriod" ] }, "google-native:alloydb/v1alpha:UpdatePolicy": { "description": "Policy to be used while updating the instance.", "properties": { "mode": { "$ref": "#/types/google-native:alloydb%2Fv1alpha:UpdatePolicyMode", "description": "Mode for updating the instance." } }, "type": "object" }, "google-native:alloydb/v1alpha:UpdatePolicyMode": { "description": "Mode for updating the instance.", "type": "string", "enum": [ { "name": "ModeUnspecified", "description": "Mode is unknown.", "value": "MODE_UNSPECIFIED" }, { "name": "Default", "description": "Least disruptive way to apply the update.", "value": "DEFAULT" }, { "name": "ForceApply", "description": "Performs a forced update when applicable. This will be fast but may incur a downtime.", "value": "FORCE_APPLY" } ] }, "google-native:alloydb/v1alpha:UpdatePolicyResponse": { "description": "Policy to be used while updating the instance.", "properties": { "mode": { "type": "string", "description": "Mode for updating the instance." } }, "type": "object", "required": [ "mode" ] }, "google-native:alloydb/v1alpha:UserPassword": { "description": "The username/password for a database user. Used for specifying initial users at cluster creation time.", "properties": { "password": { "type": "string", "description": "The initial password for the user." }, "user": { "type": "string", "description": "The database username." } }, "type": "object" }, "google-native:alloydb/v1alpha:UserPasswordResponse": { "description": "The username/password for a database user. Used for specifying initial users at cluster creation time.", "properties": { "password": { "type": "string", "description": "The initial password for the user." }, "user": { "type": "string", "description": "The database username." } }, "type": "object", "required": [ "password", "user" ] }, "google-native:alloydb/v1alpha:UserUserType": { "description": "Optional. Type of this user.", "type": "string", "enum": [ { "name": "UserTypeUnspecified", "description": "Unspecified user type.", "value": "USER_TYPE_UNSPECIFIED" }, { "name": "AlloydbBuiltIn", "description": "The default user type that authenticates via password-based authentication.", "value": "ALLOYDB_BUILT_IN" }, { "name": "AlloydbIamUser", "description": "Database user that can authenticate via IAM-Based authentication.", "value": "ALLOYDB_IAM_USER" } ] }, "google-native:alloydb/v1alpha:WeeklySchedule": { "description": "A weekly schedule starts a backup at prescribed start times within a day, for the specified days of the week. The weekly schedule message is flexible and can be used to create many types of schedules. For example, to have a daily backup that starts at 22:00, configure the `start_times` field to have one element \"22:00\" and the `days_of_week` field to have all seven days of the week.", "properties": { "daysOfWeek": { "type": "array", "items": { "$ref": "#/types/google-native:alloydb%2Fv1alpha:WeeklyScheduleDaysOfWeekItem" }, "description": "The days of the week to perform a backup. If this field is left empty, the default of every day of the week is used." }, "startTimes": { "type": "array", "items": { "$ref": "#/types/google-native:alloydb%2Fv1alpha:GoogleTypeTimeOfDay" }, "description": "The times during the day to start a backup. The start times are assumed to be in UTC and to be an exact hour (e.g., 04:00:00). If no start times are provided, a single fixed start time is chosen arbitrarily." } }, "type": "object" }, "google-native:alloydb/v1alpha:WeeklyScheduleDaysOfWeekItem": { "type": "string", "enum": [ { "name": "DayOfWeekUnspecified", "description": "The day of the week is unspecified.", "value": "DAY_OF_WEEK_UNSPECIFIED" }, { "name": "Monday", "description": "Monday", "value": "MONDAY" }, { "name": "Tuesday", "description": "Tuesday", "value": "TUESDAY" }, { "name": "Wednesday", "description": "Wednesday", "value": "WEDNESDAY" }, { "name": "Thursday", "description": "Thursday", "value": "THURSDAY" }, { "name": "Friday", "description": "Friday", "value": "FRIDAY" }, { "name": "Saturday", "description": "Saturday", "value": "SATURDAY" }, { "name": "Sunday", "description": "Sunday", "value": "SUNDAY" } ] }, "google-native:alloydb/v1alpha:WeeklyScheduleResponse": { "description": "A weekly schedule starts a backup at prescribed start times within a day, for the specified days of the week. The weekly schedule message is flexible and can be used to create many types of schedules. For example, to have a daily backup that starts at 22:00, configure the `start_times` field to have one element \"22:00\" and the `days_of_week` field to have all seven days of the week.", "properties": { "daysOfWeek": { "type": "array", "items": { "type": "string" }, "description": "The days of the week to perform a backup. If this field is left empty, the default of every day of the week is used." }, "startTimes": { "type": "array", "items": { "$ref": "#/types/google-native:alloydb%2Fv1alpha:GoogleTypeTimeOfDayResponse" }, "description": "The times during the day to start a backup. The start times are assumed to be in UTC and to be an exact hour (e.g., 04:00:00). If no start times are provided, a single fixed start time is chosen arbitrarily." } }, "type": "object", "required": [ "daysOfWeek", "startTimes" ] }, "google-native:alloydb/v1beta:AutomatedBackupPolicy": { "description": "Message describing the user-specified automated backup policy. All fields in the automated backup policy are optional. Defaults for each field are provided if they are not set.", "properties": { "backupWindow": { "type": "string", "description": "The length of the time window during which a backup can be taken. If a backup does not succeed within this time window, it will be canceled and considered failed. The backup window must be at least 5 minutes long. There is no upper bound on the window. If not set, it defaults to 1 hour." }, "enabled": { "type": "boolean", "description": "Whether automated automated backups are enabled. If not set, defaults to true." }, "encryptionConfig": { "$ref": "#/types/google-native:alloydb%2Fv1beta:EncryptionConfig", "description": "Optional. The encryption config can be specified to encrypt the backups with a customer-managed encryption key (CMEK). When this field is not specified, the backup will then use default encryption scheme to protect the user data." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels to apply to backups created using this configuration." }, "location": { "type": "string", "description": "The location where the backup will be stored. Currently, the only supported option is to store the backup in the same region as the cluster. If empty, defaults to the region of the cluster." }, "quantityBasedRetention": { "$ref": "#/types/google-native:alloydb%2Fv1beta:QuantityBasedRetention", "description": "Quantity-based Backup retention policy to retain recent backups." }, "timeBasedRetention": { "$ref": "#/types/google-native:alloydb%2Fv1beta:TimeBasedRetention", "description": "Time-based Backup retention policy." }, "weeklySchedule": { "$ref": "#/types/google-native:alloydb%2Fv1beta:WeeklySchedule", "description": "Weekly schedule for the Backup." } }, "type": "object" }, "google-native:alloydb/v1beta:AutomatedBackupPolicyResponse": { "description": "Message describing the user-specified automated backup policy. All fields in the automated backup policy are optional. Defaults for each field are provided if they are not set.", "properties": { "backupWindow": { "type": "string", "description": "The length of the time window during which a backup can be taken. If a backup does not succeed within this time window, it will be canceled and considered failed. The backup window must be at least 5 minutes long. There is no upper bound on the window. If not set, it defaults to 1 hour." }, "enabled": { "type": "boolean", "description": "Whether automated automated backups are enabled. If not set, defaults to true." }, "encryptionConfig": { "$ref": "#/types/google-native:alloydb%2Fv1beta:EncryptionConfigResponse", "description": "Optional. The encryption config can be specified to encrypt the backups with a customer-managed encryption key (CMEK). When this field is not specified, the backup will then use default encryption scheme to protect the user data." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels to apply to backups created using this configuration." }, "location": { "type": "string", "description": "The location where the backup will be stored. Currently, the only supported option is to store the backup in the same region as the cluster. If empty, defaults to the region of the cluster." }, "quantityBasedRetention": { "$ref": "#/types/google-native:alloydb%2Fv1beta:QuantityBasedRetentionResponse", "description": "Quantity-based Backup retention policy to retain recent backups." }, "timeBasedRetention": { "$ref": "#/types/google-native:alloydb%2Fv1beta:TimeBasedRetentionResponse", "description": "Time-based Backup retention policy." }, "weeklySchedule": { "$ref": "#/types/google-native:alloydb%2Fv1beta:WeeklyScheduleResponse", "description": "Weekly schedule for the Backup." } }, "type": "object", "required": [ "backupWindow", "enabled", "encryptionConfig", "labels", "location", "quantityBasedRetention", "timeBasedRetention", "weeklySchedule" ] }, "google-native:alloydb/v1beta:BackupSourceResponse": { "description": "Message describing a BackupSource.", "properties": { "backupName": { "type": "string", "description": "The name of the backup resource with the format: * projects/{project}/locations/{region}/backups/{backup_id}" }, "backupUid": { "type": "string", "description": "The system-generated UID of the backup which was used to create this resource. The UID is generated when the backup is created, and it is retained until the backup is deleted." } }, "type": "object", "required": [ "backupName", "backupUid" ] }, "google-native:alloydb/v1beta:BackupType": { "description": "The backup type, which suggests the trigger for the backup.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Backup Type is unknown.", "value": "TYPE_UNSPECIFIED" }, { "name": "OnDemand", "description": "ON_DEMAND backups that were triggered by the customer (e.g., not AUTOMATED).", "value": "ON_DEMAND" }, { "name": "Automated", "description": "AUTOMATED backups triggered by the automated backups scheduler pursuant to an automated backup policy.", "value": "AUTOMATED" }, { "name": "Continuous", "description": "CONTINUOUS backups triggered by the automated backups scheduler due to a continuous backup policy.", "value": "CONTINUOUS" } ] }, "google-native:alloydb/v1beta:ClientConnectionConfig": { "description": "Client connection configuration", "properties": { "requireConnectors": { "type": "boolean", "description": "Optional. Configuration to enforce connectors only (ex: AuthProxy) connections to the database." }, "sslConfig": { "$ref": "#/types/google-native:alloydb%2Fv1beta:SslConfig", "description": "Optional. SSL config option for this instance." } }, "type": "object" }, "google-native:alloydb/v1beta:ClientConnectionConfigResponse": { "description": "Client connection configuration", "properties": { "requireConnectors": { "type": "boolean", "description": "Optional. Configuration to enforce connectors only (ex: AuthProxy) connections to the database." }, "sslConfig": { "$ref": "#/types/google-native:alloydb%2Fv1beta:SslConfigResponse", "description": "Optional. SSL config option for this instance." } }, "type": "object", "required": [ "requireConnectors", "sslConfig" ] }, "google-native:alloydb/v1beta:ClusterDatabaseVersion": { "description": "Optional. The database engine major version. This is an optional field and it is populated at the Cluster creation time. If a database version is not supplied at cluster creation time, then a default database version will be used.", "type": "string", "enum": [ { "name": "DatabaseVersionUnspecified", "description": "This is an unknown database version.", "value": "DATABASE_VERSION_UNSPECIFIED" }, { "name": "Postgres13", "description": "DEPRECATED - The database version is Postgres 13.", "value": "POSTGRES_13" }, { "name": "Postgres14", "description": "The database version is Postgres 14.", "value": "POSTGRES_14" }, { "name": "Postgres15", "description": "The database version is Postgres 15.", "value": "POSTGRES_15" } ] }, "google-native:alloydb/v1beta:ContinuousBackupConfig": { "description": "ContinuousBackupConfig describes the continuous backups recovery configurations of a cluster.", "properties": { "enabled": { "type": "boolean", "description": "Whether ContinuousBackup is enabled." }, "encryptionConfig": { "$ref": "#/types/google-native:alloydb%2Fv1beta:EncryptionConfig", "description": "The encryption config can be specified to encrypt the backups with a customer-managed encryption key (CMEK). When this field is not specified, the backup will then use default encryption scheme to protect the user data." }, "recoveryWindowDays": { "type": "integer", "description": "The number of days that are eligible to restore from using PITR. To support the entire recovery window, backups and logs are retained for one day more than the recovery window. If not set, defaults to 14 days." } }, "type": "object" }, "google-native:alloydb/v1beta:ContinuousBackupConfigResponse": { "description": "ContinuousBackupConfig describes the continuous backups recovery configurations of a cluster.", "properties": { "enabled": { "type": "boolean", "description": "Whether ContinuousBackup is enabled." }, "encryptionConfig": { "$ref": "#/types/google-native:alloydb%2Fv1beta:EncryptionConfigResponse", "description": "The encryption config can be specified to encrypt the backups with a customer-managed encryption key (CMEK). When this field is not specified, the backup will then use default encryption scheme to protect the user data." }, "recoveryWindowDays": { "type": "integer", "description": "The number of days that are eligible to restore from using PITR. To support the entire recovery window, backups and logs are retained for one day more than the recovery window. If not set, defaults to 14 days." } }, "type": "object", "required": [ "enabled", "encryptionConfig", "recoveryWindowDays" ] }, "google-native:alloydb/v1beta:ContinuousBackupInfoResponse": { "description": "ContinuousBackupInfo describes the continuous backup properties of a cluster.", "properties": { "earliestRestorableTime": { "type": "string", "description": "The earliest restorable time that can be restored to. Output only field." }, "enabledTime": { "type": "string", "description": "When ContinuousBackup was most recently enabled. Set to null if ContinuousBackup is not enabled." }, "encryptionInfo": { "$ref": "#/types/google-native:alloydb%2Fv1beta:EncryptionInfoResponse", "description": "The encryption information for the WALs and backups required for ContinuousBackup." }, "schedule": { "type": "array", "items": { "type": "string" }, "description": "Days of the week on which a continuous backup is taken. Output only field. Ignored if passed into the request." } }, "type": "object", "required": [ "earliestRestorableTime", "enabledTime", "encryptionInfo", "schedule" ] }, "google-native:alloydb/v1beta:EncryptionConfig": { "description": "EncryptionConfig describes the encryption config of a cluster or a backup that is encrypted with a CMEK (customer-managed encryption key).", "properties": { "kmsKeyName": { "type": "string", "description": "The fully-qualified resource name of the KMS key. Each Cloud KMS key is regionalized and has the following format: projects/[PROJECT]/locations/[REGION]/keyRings/[RING]/cryptoKeys/[KEY_NAME]" } }, "type": "object" }, "google-native:alloydb/v1beta:EncryptionConfigResponse": { "description": "EncryptionConfig describes the encryption config of a cluster or a backup that is encrypted with a CMEK (customer-managed encryption key).", "properties": { "kmsKeyName": { "type": "string", "description": "The fully-qualified resource name of the KMS key. Each Cloud KMS key is regionalized and has the following format: projects/[PROJECT]/locations/[REGION]/keyRings/[RING]/cryptoKeys/[KEY_NAME]" } }, "type": "object", "required": [ "kmsKeyName" ] }, "google-native:alloydb/v1beta:EncryptionInfoResponse": { "description": "EncryptionInfo describes the encryption information of a cluster or a backup.", "properties": { "encryptionType": { "type": "string", "description": "Type of encryption." }, "kmsKeyVersions": { "type": "array", "items": { "type": "string" }, "description": "Cloud KMS key versions that are being used to protect the database or the backup." } }, "type": "object", "required": [ "encryptionType", "kmsKeyVersions" ] }, "google-native:alloydb/v1beta:GoogleTypeTimeOfDay": { "description": "Represents a time of day. The date and time zone are either not significant or are specified elsewhere. An API may choose to allow leap seconds. Related types are google.type.Date and `google.protobuf.Timestamp`.", "properties": { "hours": { "type": "integer", "description": "Hours of day in 24 hour format. Should be from 0 to 23. An API may choose to allow the value \"24:00:00\" for scenarios like business closing time." }, "minutes": { "type": "integer", "description": "Minutes of hour of day. Must be from 0 to 59." }, "nanos": { "type": "integer", "description": "Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999." }, "seconds": { "type": "integer", "description": "Seconds of minutes of the time. Must normally be from 0 to 59. An API may allow the value 60 if it allows leap-seconds." } }, "type": "object" }, "google-native:alloydb/v1beta:GoogleTypeTimeOfDayResponse": { "description": "Represents a time of day. The date and time zone are either not significant or are specified elsewhere. An API may choose to allow leap seconds. Related types are google.type.Date and `google.protobuf.Timestamp`.", "properties": { "hours": { "type": "integer", "description": "Hours of day in 24 hour format. Should be from 0 to 23. An API may choose to allow the value \"24:00:00\" for scenarios like business closing time." }, "minutes": { "type": "integer", "description": "Minutes of hour of day. Must be from 0 to 59." }, "nanos": { "type": "integer", "description": "Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999." }, "seconds": { "type": "integer", "description": "Seconds of minutes of the time. Must normally be from 0 to 59. An API may allow the value 60 if it allows leap-seconds." } }, "type": "object", "required": [ "hours", "minutes", "nanos", "seconds" ] }, "google-native:alloydb/v1beta:InstanceAvailabilityType": { "description": "Availability type of an Instance. If empty, defaults to REGIONAL for primary instances. For read pools, availability_type is always UNSPECIFIED. Instances in the read pools are evenly distributed across available zones within the region (i.e. read pools with more than one node will have a node in at least two zones).", "type": "string", "enum": [ { "name": "AvailabilityTypeUnspecified", "description": "This is an unknown Availability type.", "value": "AVAILABILITY_TYPE_UNSPECIFIED" }, { "name": "Zonal", "description": "Zonal available instance.", "value": "ZONAL" }, { "name": "Regional", "description": "Regional (or Highly) available instance.", "value": "REGIONAL" } ] }, "google-native:alloydb/v1beta:InstanceInstanceType": { "description": "Required. The type of the instance. Specified at creation time.", "type": "string", "enum": [ { "name": "InstanceTypeUnspecified", "description": "The type of the instance is unknown.", "value": "INSTANCE_TYPE_UNSPECIFIED" }, { "name": "Primary", "description": "PRIMARY instances support read and write operations.", "value": "PRIMARY" }, { "name": "ReadPool", "description": "READ POOL instances support read operations only. Each read pool instance consists of one or more homogeneous nodes. * Read pool of size 1 can only have zonal availability. * Read pools with node count of 2 or more can have regional availability (nodes are present in 2 or more zones in a region).", "value": "READ_POOL" }, { "name": "Secondary", "description": "SECONDARY instances support read operations only. SECONDARY instance is a cross-region read replica", "value": "SECONDARY" } ] }, "google-native:alloydb/v1beta:MachineConfig": { "description": "MachineConfig describes the configuration of a machine.", "properties": { "cpuCount": { "type": "integer", "description": "The number of CPU's in the VM instance." } }, "type": "object" }, "google-native:alloydb/v1beta:MachineConfigResponse": { "description": "MachineConfig describes the configuration of a machine.", "properties": { "cpuCount": { "type": "integer", "description": "The number of CPU's in the VM instance." } }, "type": "object", "required": [ "cpuCount" ] }, "google-native:alloydb/v1beta:MigrationSourceResponse": { "description": "Subset of the source instance configuration that is available when reading the cluster resource.", "properties": { "hostPort": { "type": "string", "description": "The host and port of the on-premises instance in host:port format" }, "referenceId": { "type": "string", "description": "Place holder for the external source identifier(e.g DMS job name) that created the cluster." }, "sourceType": { "type": "string", "description": "Type of migration source." } }, "type": "object", "required": [ "hostPort", "referenceId", "sourceType" ] }, "google-native:alloydb/v1beta:NetworkConfig": { "description": "Metadata related to network configuration.", "properties": { "allocatedIpRange": { "type": "string", "description": "Optional. Name of the allocated IP range for the private IP AlloyDB cluster, for example: \"google-managed-services-default\". If set, the instance IPs for this cluster will be created in the allocated range. The range name must comply with RFC 1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. Field name is intended to be consistent with Cloud SQL." }, "network": { "type": "string", "description": "Optional. The resource link for the VPC network in which cluster resources are created and from which they are accessible via Private IP. The network must belong to the same project as the cluster. It is specified in the form: \"projects/{project_number}/global/networks/{network_id}\". This is required to create a cluster." } }, "type": "object" }, "google-native:alloydb/v1beta:NetworkConfigResponse": { "description": "Metadata related to network configuration.", "properties": { "allocatedIpRange": { "type": "string", "description": "Optional. Name of the allocated IP range for the private IP AlloyDB cluster, for example: \"google-managed-services-default\". If set, the instance IPs for this cluster will be created in the allocated range. The range name must comply with RFC 1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. Field name is intended to be consistent with Cloud SQL." }, "network": { "type": "string", "description": "Optional. The resource link for the VPC network in which cluster resources are created and from which they are accessible via Private IP. The network must belong to the same project as the cluster. It is specified in the form: \"projects/{project_number}/global/networks/{network_id}\". This is required to create a cluster." } }, "type": "object", "required": [ "allocatedIpRange", "network" ] }, "google-native:alloydb/v1beta:NodeResponse": { "description": "Details of a single node in the instance. Nodes in an AlloyDB instance are ephemereal, they can change during update, failover, autohealing and resize operations.", "properties": { "ip": { "type": "string", "description": "The private IP address of the VM e.g. \"10.57.0.34\"." }, "state": { "type": "string", "description": "Determined by state of the compute VM and postgres-service health. Compute VM state can have values listed in https://cloud.google.com/compute/docs/instances/instance-life-cycle and postgres-service health can have values: HEALTHY and UNHEALTHY." }, "zone": { "type": "string", "description": "The Compute Engine zone of the VM e.g. \"us-central1-b\"." } }, "type": "object", "required": [ "ip", "state", "zone" ] }, "google-native:alloydb/v1beta:PrimaryConfigResponse": { "description": "Configuration for the primary cluster. It has the list of clusters that are replicating from this cluster. This should be set if and only if the cluster is of type PRIMARY.", "properties": { "secondaryClusterNames": { "type": "array", "items": { "type": "string" }, "description": "Names of the clusters that are replicating from this cluster." } }, "type": "object", "required": [ "secondaryClusterNames" ] }, "google-native:alloydb/v1beta:QuantityBasedExpiryResponse": { "description": "A backup's position in a quantity-based retention queue, of backups with the same source cluster and type, with length, retention, specified by the backup's retention policy. Once the position is greater than the retention, the backup is eligible to be garbage collected. Example: 5 backups from the same source cluster and type with a quantity-based retention of 3 and denoted by backup_id (position, retention). Safe: backup_5 (1, 3), backup_4, (2, 3), backup_3 (3, 3). Awaiting garbage collection: backup_2 (4, 3), backup_1 (5, 3)", "properties": { "retentionCount": { "type": "integer", "description": "The backup's position among its backups with the same source cluster and type, by descending chronological order create time(i.e. newest first)." }, "totalRetentionCount": { "type": "integer", "description": "The length of the quantity-based queue, specified by the backup's retention policy." } }, "type": "object", "required": [ "retentionCount", "totalRetentionCount" ] }, "google-native:alloydb/v1beta:QuantityBasedRetention": { "description": "A quantity based policy specifies that a certain number of the most recent successful backups should be retained.", "properties": { "count": { "type": "integer", "description": "The number of backups to retain." } }, "type": "object" }, "google-native:alloydb/v1beta:QuantityBasedRetentionResponse": { "description": "A quantity based policy specifies that a certain number of the most recent successful backups should be retained.", "properties": { "count": { "type": "integer", "description": "The number of backups to retain." } }, "type": "object", "required": [ "count" ] }, "google-native:alloydb/v1beta:QueryInsightsInstanceConfig": { "description": "QueryInsights Instance specific configuration.", "properties": { "queryPlansPerMinute": { "type": "integer", "description": "Number of query execution plans captured by Insights per minute for all queries combined. The default value is 5. Any integer between 0 and 20 is considered valid." }, "queryStringLength": { "type": "integer", "description": "Query string length. The default value is 1024. Any integer between 256 and 4500 is considered valid." }, "recordApplicationTags": { "type": "boolean", "description": "Record application tags for an instance. This flag is turned \"on\" by default." }, "recordClientAddress": { "type": "boolean", "description": "Record client address for an instance. Client address is PII information. This flag is turned \"on\" by default." } }, "type": "object" }, "google-native:alloydb/v1beta:QueryInsightsInstanceConfigResponse": { "description": "QueryInsights Instance specific configuration.", "properties": { "queryPlansPerMinute": { "type": "integer", "description": "Number of query execution plans captured by Insights per minute for all queries combined. The default value is 5. Any integer between 0 and 20 is considered valid." }, "queryStringLength": { "type": "integer", "description": "Query string length. The default value is 1024. Any integer between 256 and 4500 is considered valid." }, "recordApplicationTags": { "type": "boolean", "description": "Record application tags for an instance. This flag is turned \"on\" by default." }, "recordClientAddress": { "type": "boolean", "description": "Record client address for an instance. Client address is PII information. This flag is turned \"on\" by default." } }, "type": "object", "required": [ "queryPlansPerMinute", "queryStringLength", "recordApplicationTags", "recordClientAddress" ] }, "google-native:alloydb/v1beta:ReadPoolConfig": { "description": "Configuration for a read pool instance.", "properties": { "nodeCount": { "type": "integer", "description": "Read capacity, i.e. number of nodes in a read pool instance." } }, "type": "object" }, "google-native:alloydb/v1beta:ReadPoolConfigResponse": { "description": "Configuration for a read pool instance.", "properties": { "nodeCount": { "type": "integer", "description": "Read capacity, i.e. number of nodes in a read pool instance." } }, "type": "object", "required": [ "nodeCount" ] }, "google-native:alloydb/v1beta:SecondaryConfig": { "description": "Configuration information for the secondary cluster. This should be set if and only if the cluster is of type SECONDARY.", "properties": { "primaryClusterName": { "type": "string", "description": "The name of the primary cluster name with the format: * projects/{project}/locations/{region}/clusters/{cluster_id}" } }, "type": "object" }, "google-native:alloydb/v1beta:SecondaryConfigResponse": { "description": "Configuration information for the secondary cluster. This should be set if and only if the cluster is of type SECONDARY.", "properties": { "primaryClusterName": { "type": "string", "description": "The name of the primary cluster name with the format: * projects/{project}/locations/{region}/clusters/{cluster_id}" } }, "type": "object", "required": [ "primaryClusterName" ] }, "google-native:alloydb/v1beta:SslConfig": { "description": "SSL configuration.", "properties": { "caSource": { "$ref": "#/types/google-native:alloydb%2Fv1beta:SslConfigCaSource", "description": "Optional. Certificate Authority (CA) source. Only CA_SOURCE_MANAGED is supported currently, and is the default value." }, "sslMode": { "$ref": "#/types/google-native:alloydb%2Fv1beta:SslConfigSslMode", "description": "Optional. SSL mode. Specifies client-server SSL/TLS connection behavior." } }, "type": "object" }, "google-native:alloydb/v1beta:SslConfigCaSource": { "description": "Optional. Certificate Authority (CA) source. Only CA_SOURCE_MANAGED is supported currently, and is the default value.", "type": "string", "enum": [ { "name": "CaSourceUnspecified", "description": "Certificate Authority (CA) source not specified. Defaults to CA_SOURCE_MANAGED.", "value": "CA_SOURCE_UNSPECIFIED" }, { "name": "CaSourceManaged", "description": "Certificate Authority (CA) managed by the AlloyDB Cluster.", "value": "CA_SOURCE_MANAGED" } ] }, "google-native:alloydb/v1beta:SslConfigResponse": { "description": "SSL configuration.", "properties": { "caSource": { "type": "string", "description": "Optional. Certificate Authority (CA) source. Only CA_SOURCE_MANAGED is supported currently, and is the default value." }, "sslMode": { "type": "string", "description": "Optional. SSL mode. Specifies client-server SSL/TLS connection behavior." } }, "type": "object", "required": [ "caSource", "sslMode" ] }, "google-native:alloydb/v1beta:SslConfigSslMode": { "description": "Optional. SSL mode. Specifies client-server SSL/TLS connection behavior.", "type": "string", "enum": [ { "name": "SslModeUnspecified", "description": "SSL mode not specified. Defaults to ENCRYPTED_ONLY.", "value": "SSL_MODE_UNSPECIFIED" }, { "name": "SslModeAllow", "description": "SSL connections are optional. CA verification not enforced.", "value": "SSL_MODE_ALLOW" }, { "name": "SslModeRequire", "description": "SSL connections are required. CA verification not enforced. Clients may use locally self-signed certificates (default psql client behavior).", "value": "SSL_MODE_REQUIRE" }, { "name": "SslModeVerifyCa", "description": "SSL connections are required. CA verification enforced. Clients must have certificates signed by a Cluster CA, e.g. via GenerateClientCertificate.", "value": "SSL_MODE_VERIFY_CA" }, { "name": "AllowUnencryptedAndEncrypted", "description": "SSL connections are optional. CA verification not enforced.", "value": "ALLOW_UNENCRYPTED_AND_ENCRYPTED" }, { "name": "EncryptedOnly", "description": "SSL connections are required. CA verification not enforced.", "value": "ENCRYPTED_ONLY" } ] }, "google-native:alloydb/v1beta:TimeBasedRetention": { "description": "A time based retention policy specifies that all backups within a certain time period should be retained.", "properties": { "retentionPeriod": { "type": "string", "description": "The retention period." } }, "type": "object" }, "google-native:alloydb/v1beta:TimeBasedRetentionResponse": { "description": "A time based retention policy specifies that all backups within a certain time period should be retained.", "properties": { "retentionPeriod": { "type": "string", "description": "The retention period." } }, "type": "object", "required": [ "retentionPeriod" ] }, "google-native:alloydb/v1beta:UpdatePolicy": { "description": "Policy to be used while updating the instance.", "properties": { "mode": { "$ref": "#/types/google-native:alloydb%2Fv1beta:UpdatePolicyMode", "description": "Mode for updating the instance." } }, "type": "object" }, "google-native:alloydb/v1beta:UpdatePolicyMode": { "description": "Mode for updating the instance.", "type": "string", "enum": [ { "name": "ModeUnspecified", "description": "Mode is unknown.", "value": "MODE_UNSPECIFIED" }, { "name": "Default", "description": "Least disruptive way to apply the update.", "value": "DEFAULT" }, { "name": "ForceApply", "description": "Performs a forced update when applicable. This will be fast but may incur a downtime.", "value": "FORCE_APPLY" } ] }, "google-native:alloydb/v1beta:UpdatePolicyResponse": { "description": "Policy to be used while updating the instance.", "properties": { "mode": { "type": "string", "description": "Mode for updating the instance." } }, "type": "object", "required": [ "mode" ] }, "google-native:alloydb/v1beta:UserPassword": { "description": "The username/password for a database user. Used for specifying initial users at cluster creation time.", "properties": { "password": { "type": "string", "description": "The initial password for the user." }, "user": { "type": "string", "description": "The database username." } }, "type": "object" }, "google-native:alloydb/v1beta:UserPasswordResponse": { "description": "The username/password for a database user. Used for specifying initial users at cluster creation time.", "properties": { "password": { "type": "string", "description": "The initial password for the user." }, "user": { "type": "string", "description": "The database username." } }, "type": "object", "required": [ "password", "user" ] }, "google-native:alloydb/v1beta:UserUserType": { "description": "Optional. Type of this user.", "type": "string", "enum": [ { "name": "UserTypeUnspecified", "description": "Unspecified user type.", "value": "USER_TYPE_UNSPECIFIED" }, { "name": "AlloydbBuiltIn", "description": "The default user type that authenticates via password-based authentication.", "value": "ALLOYDB_BUILT_IN" }, { "name": "AlloydbIamUser", "description": "Database user that can authenticate via IAM-Based authentication.", "value": "ALLOYDB_IAM_USER" } ] }, "google-native:alloydb/v1beta:WeeklySchedule": { "description": "A weekly schedule starts a backup at prescribed start times within a day, for the specified days of the week. The weekly schedule message is flexible and can be used to create many types of schedules. For example, to have a daily backup that starts at 22:00, configure the `start_times` field to have one element \"22:00\" and the `days_of_week` field to have all seven days of the week.", "properties": { "daysOfWeek": { "type": "array", "items": { "$ref": "#/types/google-native:alloydb%2Fv1beta:WeeklyScheduleDaysOfWeekItem" }, "description": "The days of the week to perform a backup. If this field is left empty, the default of every day of the week is used." }, "startTimes": { "type": "array", "items": { "$ref": "#/types/google-native:alloydb%2Fv1beta:GoogleTypeTimeOfDay" }, "description": "The times during the day to start a backup. The start times are assumed to be in UTC and to be an exact hour (e.g., 04:00:00). If no start times are provided, a single fixed start time is chosen arbitrarily." } }, "type": "object" }, "google-native:alloydb/v1beta:WeeklyScheduleDaysOfWeekItem": { "type": "string", "enum": [ { "name": "DayOfWeekUnspecified", "description": "The day of the week is unspecified.", "value": "DAY_OF_WEEK_UNSPECIFIED" }, { "name": "Monday", "description": "Monday", "value": "MONDAY" }, { "name": "Tuesday", "description": "Tuesday", "value": "TUESDAY" }, { "name": "Wednesday", "description": "Wednesday", "value": "WEDNESDAY" }, { "name": "Thursday", "description": "Thursday", "value": "THURSDAY" }, { "name": "Friday", "description": "Friday", "value": "FRIDAY" }, { "name": "Saturday", "description": "Saturday", "value": "SATURDAY" }, { "name": "Sunday", "description": "Sunday", "value": "SUNDAY" } ] }, "google-native:alloydb/v1beta:WeeklyScheduleResponse": { "description": "A weekly schedule starts a backup at prescribed start times within a day, for the specified days of the week. The weekly schedule message is flexible and can be used to create many types of schedules. For example, to have a daily backup that starts at 22:00, configure the `start_times` field to have one element \"22:00\" and the `days_of_week` field to have all seven days of the week.", "properties": { "daysOfWeek": { "type": "array", "items": { "type": "string" }, "description": "The days of the week to perform a backup. If this field is left empty, the default of every day of the week is used." }, "startTimes": { "type": "array", "items": { "$ref": "#/types/google-native:alloydb%2Fv1beta:GoogleTypeTimeOfDayResponse" }, "description": "The times during the day to start a backup. The start times are assumed to be in UTC and to be an exact hour (e.g., 04:00:00). If no start times are provided, a single fixed start time is chosen arbitrarily." } }, "type": "object", "required": [ "daysOfWeek", "startTimes" ] }, "google-native:analyticshub/v1:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:analyticshub%2Fv1:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:analyticshub/v1:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:analyticshub%2Fv1:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:analyticshub/v1:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:analyticshub%2Fv1:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:analyticshub/v1:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:analyticshub/v1:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:analyticshub/v1:BigQueryDatasetSource": { "description": "A reference to a shared dataset. It is an existing BigQuery dataset with a collection of objects such as tables and views that you want to share with subscribers. When subscriber's subscribe to a listing, Analytics Hub creates a linked dataset in the subscriber's project. A Linked dataset is an opaque, read-only BigQuery dataset that serves as a _symbolic link_ to a shared dataset.", "properties": { "dataset": { "type": "string", "description": "Resource name of the dataset source for this listing. e.g. `projects/myproject/datasets/123`" } }, "type": "object" }, "google-native:analyticshub/v1:BigQueryDatasetSourceResponse": { "description": "A reference to a shared dataset. It is an existing BigQuery dataset with a collection of objects such as tables and views that you want to share with subscribers. When subscriber's subscribe to a listing, Analytics Hub creates a linked dataset in the subscriber's project. A Linked dataset is an opaque, read-only BigQuery dataset that serves as a _symbolic link_ to a shared dataset.", "properties": { "dataset": { "type": "string", "description": "Resource name of the dataset source for this listing. e.g. `projects/myproject/datasets/123`" } }, "type": "object", "required": [ "dataset" ] }, "google-native:analyticshub/v1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:analyticshub%2Fv1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:analyticshub/v1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:analyticshub%2Fv1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:analyticshub/v1:DataProvider": { "description": "Contains details of the data provider.", "properties": { "name": { "type": "string", "description": "Optional. Name of the data provider." }, "primaryContact": { "type": "string", "description": "Optional. Email or URL of the data provider. Max Length: 1000 bytes." } }, "type": "object" }, "google-native:analyticshub/v1:DataProviderResponse": { "description": "Contains details of the data provider.", "properties": { "name": { "type": "string", "description": "Optional. Name of the data provider." }, "primaryContact": { "type": "string", "description": "Optional. Email or URL of the data provider. Max Length: 1000 bytes." } }, "type": "object", "required": [ "name", "primaryContact" ] }, "google-native:analyticshub/v1:DcrExchangeConfig": { "description": "Data Clean Room (DCR), used for privacy-safe and secured data sharing.", "type": "object" }, "google-native:analyticshub/v1:DcrExchangeConfigResponse": { "description": "Data Clean Room (DCR), used for privacy-safe and secured data sharing.", "type": "object" }, "google-native:analyticshub/v1:DefaultExchangeConfig": { "description": "Default Analytics Hub data exchange, used for secured data sharing.", "type": "object" }, "google-native:analyticshub/v1:DefaultExchangeConfigResponse": { "description": "Default Analytics Hub data exchange, used for secured data sharing.", "type": "object" }, "google-native:analyticshub/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:analyticshub/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:analyticshub/v1:ListingCategoriesItem": { "type": "string", "enum": [ { "name": "CategoryUnspecified", "value": "CATEGORY_UNSPECIFIED" }, { "name": "CategoryOthers", "value": "CATEGORY_OTHERS" }, { "name": "CategoryAdvertisingAndMarketing", "value": "CATEGORY_ADVERTISING_AND_MARKETING" }, { "name": "CategoryCommerce", "value": "CATEGORY_COMMERCE" }, { "name": "CategoryClimateAndEnvironment", "value": "CATEGORY_CLIMATE_AND_ENVIRONMENT" }, { "name": "CategoryDemographics", "value": "CATEGORY_DEMOGRAPHICS" }, { "name": "CategoryEconomics", "value": "CATEGORY_ECONOMICS" }, { "name": "CategoryEducation", "value": "CATEGORY_EDUCATION" }, { "name": "CategoryEnergy", "value": "CATEGORY_ENERGY" }, { "name": "CategoryFinancial", "value": "CATEGORY_FINANCIAL" }, { "name": "CategoryGaming", "value": "CATEGORY_GAMING" }, { "name": "CategoryGeospatial", "value": "CATEGORY_GEOSPATIAL" }, { "name": "CategoryHealthcareAndLifeScience", "value": "CATEGORY_HEALTHCARE_AND_LIFE_SCIENCE" }, { "name": "CategoryMedia", "value": "CATEGORY_MEDIA" }, { "name": "CategoryPublicSector", "value": "CATEGORY_PUBLIC_SECTOR" }, { "name": "CategoryRetail", "value": "CATEGORY_RETAIL" }, { "name": "CategorySports", "value": "CATEGORY_SPORTS" }, { "name": "CategoryScienceAndResearch", "value": "CATEGORY_SCIENCE_AND_RESEARCH" }, { "name": "CategoryTransportationAndLogistics", "value": "CATEGORY_TRANSPORTATION_AND_LOGISTICS" }, { "name": "CategoryTravelAndTourism", "value": "CATEGORY_TRAVEL_AND_TOURISM" } ] }, "google-native:analyticshub/v1:Publisher": { "description": "Contains details of the listing publisher.", "properties": { "name": { "type": "string", "description": "Optional. Name of the listing publisher." }, "primaryContact": { "type": "string", "description": "Optional. Email or URL of the listing publisher. Max Length: 1000 bytes." } }, "type": "object" }, "google-native:analyticshub/v1:PublisherResponse": { "description": "Contains details of the listing publisher.", "properties": { "name": { "type": "string", "description": "Optional. Name of the listing publisher." }, "primaryContact": { "type": "string", "description": "Optional. Email or URL of the listing publisher. Max Length: 1000 bytes." } }, "type": "object", "required": [ "name", "primaryContact" ] }, "google-native:analyticshub/v1:RestrictedExportConfig": { "description": "Restricted export config, used to configure restricted export on linked dataset.", "properties": { "enabled": { "type": "boolean", "description": "Optional. If true, enable restricted export." }, "restrictQueryResult": { "type": "boolean", "description": "Optional. If true, restrict export of query result derived from restricted linked dataset table." } }, "type": "object" }, "google-native:analyticshub/v1:RestrictedExportConfigResponse": { "description": "Restricted export config, used to configure restricted export on linked dataset.", "properties": { "enabled": { "type": "boolean", "description": "Optional. If true, enable restricted export." }, "restrictDirectTableAccess": { "type": "boolean", "description": "If true, restrict direct table access(read api/tabledata.list) on linked table." }, "restrictQueryResult": { "type": "boolean", "description": "Optional. If true, restrict export of query result derived from restricted linked dataset table." } }, "type": "object", "required": [ "enabled", "restrictDirectTableAccess", "restrictQueryResult" ] }, "google-native:analyticshub/v1:SharingEnvironmentConfig": { "description": "Sharing environment is a behavior model for sharing data within a data exchange. This option is configurable for a data exchange.", "properties": { "dcrExchangeConfig": { "$ref": "#/types/google-native:analyticshub%2Fv1:DcrExchangeConfig", "description": "Data Clean Room (DCR), used for privacy-safe and secured data sharing." }, "defaultExchangeConfig": { "$ref": "#/types/google-native:analyticshub%2Fv1:DefaultExchangeConfig", "description": "Default Analytics Hub data exchange, used for secured data sharing." } }, "type": "object" }, "google-native:analyticshub/v1:SharingEnvironmentConfigResponse": { "description": "Sharing environment is a behavior model for sharing data within a data exchange. This option is configurable for a data exchange.", "properties": { "dcrExchangeConfig": { "$ref": "#/types/google-native:analyticshub%2Fv1:DcrExchangeConfigResponse", "description": "Data Clean Room (DCR), used for privacy-safe and secured data sharing." }, "defaultExchangeConfig": { "$ref": "#/types/google-native:analyticshub%2Fv1:DefaultExchangeConfigResponse", "description": "Default Analytics Hub data exchange, used for secured data sharing." } }, "type": "object", "required": [ "dcrExchangeConfig", "defaultExchangeConfig" ] }, "google-native:analyticshub/v1beta1:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:analyticshub%2Fv1beta1:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:analyticshub/v1beta1:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:analyticshub%2Fv1beta1:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:analyticshub/v1beta1:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:analyticshub%2Fv1beta1:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:analyticshub/v1beta1:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:analyticshub/v1beta1:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:analyticshub/v1beta1:BigQueryDatasetSource": { "description": "A reference to a shared dataset. It is an existing BigQuery dataset with a collection of objects such as tables and views that you want to share with subscribers. When subscriber's subscribe to a listing, Analytics Hub creates a linked dataset in the subscriber's project. A Linked dataset is an opaque, read-only BigQuery dataset that serves as a _symbolic link_ to a shared dataset.", "properties": { "dataset": { "type": "string", "description": "Resource name of the dataset source for this listing. e.g. `projects/myproject/datasets/123`" } }, "type": "object" }, "google-native:analyticshub/v1beta1:BigQueryDatasetSourceResponse": { "description": "A reference to a shared dataset. It is an existing BigQuery dataset with a collection of objects such as tables and views that you want to share with subscribers. When subscriber's subscribe to a listing, Analytics Hub creates a linked dataset in the subscriber's project. A Linked dataset is an opaque, read-only BigQuery dataset that serves as a _symbolic link_ to a shared dataset.", "properties": { "dataset": { "type": "string", "description": "Resource name of the dataset source for this listing. e.g. `projects/myproject/datasets/123`" } }, "type": "object", "required": [ "dataset" ] }, "google-native:analyticshub/v1beta1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:analyticshub%2Fv1beta1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:analyticshub/v1beta1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:analyticshub%2Fv1beta1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:analyticshub/v1beta1:DataProvider": { "description": "Contains details of the data provider.", "properties": { "name": { "type": "string", "description": "Optional. Name of the data provider." }, "primaryContact": { "type": "string", "description": "Optional. Email or URL of the data provider. Max Length: 1000 bytes." } }, "type": "object" }, "google-native:analyticshub/v1beta1:DataProviderResponse": { "description": "Contains details of the data provider.", "properties": { "name": { "type": "string", "description": "Optional. Name of the data provider." }, "primaryContact": { "type": "string", "description": "Optional. Email or URL of the data provider. Max Length: 1000 bytes." } }, "type": "object", "required": [ "name", "primaryContact" ] }, "google-native:analyticshub/v1beta1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:analyticshub/v1beta1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:analyticshub/v1beta1:ListingCategoriesItem": { "type": "string", "enum": [ { "name": "CategoryUnspecified", "value": "CATEGORY_UNSPECIFIED" }, { "name": "CategoryOthers", "value": "CATEGORY_OTHERS" }, { "name": "CategoryAdvertisingAndMarketing", "value": "CATEGORY_ADVERTISING_AND_MARKETING" }, { "name": "CategoryCommerce", "value": "CATEGORY_COMMERCE" }, { "name": "CategoryClimateAndEnvironment", "value": "CATEGORY_CLIMATE_AND_ENVIRONMENT" }, { "name": "CategoryDemographics", "value": "CATEGORY_DEMOGRAPHICS" }, { "name": "CategoryEconomics", "value": "CATEGORY_ECONOMICS" }, { "name": "CategoryEducation", "value": "CATEGORY_EDUCATION" }, { "name": "CategoryEnergy", "value": "CATEGORY_ENERGY" }, { "name": "CategoryFinancial", "value": "CATEGORY_FINANCIAL" }, { "name": "CategoryGaming", "value": "CATEGORY_GAMING" }, { "name": "CategoryGeospatial", "value": "CATEGORY_GEOSPATIAL" }, { "name": "CategoryHealthcareAndLifeScience", "value": "CATEGORY_HEALTHCARE_AND_LIFE_SCIENCE" }, { "name": "CategoryMedia", "value": "CATEGORY_MEDIA" }, { "name": "CategoryPublicSector", "value": "CATEGORY_PUBLIC_SECTOR" }, { "name": "CategoryRetail", "value": "CATEGORY_RETAIL" }, { "name": "CategorySports", "value": "CATEGORY_SPORTS" }, { "name": "CategoryScienceAndResearch", "value": "CATEGORY_SCIENCE_AND_RESEARCH" }, { "name": "CategoryTransportationAndLogistics", "value": "CATEGORY_TRANSPORTATION_AND_LOGISTICS" }, { "name": "CategoryTravelAndTourism", "value": "CATEGORY_TRAVEL_AND_TOURISM" } ] }, "google-native:analyticshub/v1beta1:Publisher": { "description": "Contains details of the listing publisher.", "properties": { "name": { "type": "string", "description": "Optional. Name of the listing publisher." }, "primaryContact": { "type": "string", "description": "Optional. Email or URL of the listing publisher. Max Length: 1000 bytes." } }, "type": "object" }, "google-native:analyticshub/v1beta1:PublisherResponse": { "description": "Contains details of the listing publisher.", "properties": { "name": { "type": "string", "description": "Optional. Name of the listing publisher." }, "primaryContact": { "type": "string", "description": "Optional. Email or URL of the listing publisher. Max Length: 1000 bytes." } }, "type": "object", "required": [ "name", "primaryContact" ] }, "google-native:analyticshub/v1beta1:RestrictedExportConfig": { "description": "Restricted export config, used to configure restricted export on linked dataset.", "properties": { "enabled": { "type": "boolean", "description": "Optional. If true, enable restricted export." }, "restrictQueryResult": { "type": "boolean", "description": "Optional. If true, restrict export of query result derived from restricted linked dataset table." } }, "type": "object" }, "google-native:analyticshub/v1beta1:RestrictedExportConfigResponse": { "description": "Restricted export config, used to configure restricted export on linked dataset.", "properties": { "enabled": { "type": "boolean", "description": "Optional. If true, enable restricted export." }, "restrictDirectTableAccess": { "type": "boolean", "description": "If true, restrict direct table access(read api/tabledata.list) on linked table." }, "restrictQueryResult": { "type": "boolean", "description": "Optional. If true, restrict export of query result derived from restricted linked dataset table." } }, "type": "object", "required": [ "enabled", "restrictDirectTableAccess", "restrictQueryResult" ] }, "google-native:apigateway/v1:ApigatewayApiConfigFile": { "description": "A lightweight description of a file.", "properties": { "contents": { "type": "string", "description": "The bytes that constitute the file." }, "path": { "type": "string", "description": "The file path (full or relative path). This is typically the path of the file when it is uploaded." } }, "type": "object" }, "google-native:apigateway/v1:ApigatewayApiConfigFileResponse": { "description": "A lightweight description of a file.", "properties": { "contents": { "type": "string", "description": "The bytes that constitute the file." }, "path": { "type": "string", "description": "The file path (full or relative path). This is typically the path of the file when it is uploaded." } }, "type": "object", "required": [ "contents", "path" ] }, "google-native:apigateway/v1:ApigatewayApiConfigGrpcServiceDefinition": { "description": "A gRPC service definition.", "properties": { "fileDescriptorSet": { "$ref": "#/types/google-native:apigateway%2Fv1:ApigatewayApiConfigFile", "description": "Input only. File descriptor set, generated by protoc. To generate, use protoc with imports and source info included. For an example test.proto file, the following command would put the value in a new file named out.pb. $ protoc --include_imports --include_source_info test.proto -o out.pb" }, "source": { "type": "array", "items": { "$ref": "#/types/google-native:apigateway%2Fv1:ApigatewayApiConfigFile" }, "description": "Optional. Uncompiled proto files associated with the descriptor set, used for display purposes (server-side compilation is not supported). These should match the inputs to 'protoc' command used to generate file_descriptor_set." } }, "type": "object" }, "google-native:apigateway/v1:ApigatewayApiConfigGrpcServiceDefinitionResponse": { "description": "A gRPC service definition.", "properties": { "fileDescriptorSet": { "$ref": "#/types/google-native:apigateway%2Fv1:ApigatewayApiConfigFileResponse", "description": "Input only. File descriptor set, generated by protoc. To generate, use protoc with imports and source info included. For an example test.proto file, the following command would put the value in a new file named out.pb. $ protoc --include_imports --include_source_info test.proto -o out.pb" }, "source": { "type": "array", "items": { "$ref": "#/types/google-native:apigateway%2Fv1:ApigatewayApiConfigFileResponse" }, "description": "Optional. Uncompiled proto files associated with the descriptor set, used for display purposes (server-side compilation is not supported). These should match the inputs to 'protoc' command used to generate file_descriptor_set." } }, "type": "object", "required": [ "fileDescriptorSet", "source" ] }, "google-native:apigateway/v1:ApigatewayApiConfigOpenApiDocument": { "description": "An OpenAPI Specification Document describing an API.", "properties": { "document": { "$ref": "#/types/google-native:apigateway%2Fv1:ApigatewayApiConfigFile", "description": "The OpenAPI Specification document file." } }, "type": "object" }, "google-native:apigateway/v1:ApigatewayApiConfigOpenApiDocumentResponse": { "description": "An OpenAPI Specification Document describing an API.", "properties": { "document": { "$ref": "#/types/google-native:apigateway%2Fv1:ApigatewayApiConfigFileResponse", "description": "The OpenAPI Specification document file." } }, "type": "object", "required": [ "document" ] }, "google-native:apigateway/v1:ApigatewayAuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:apigateway%2Fv1:ApigatewayAuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:apigateway/v1:ApigatewayAuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:apigateway%2Fv1:ApigatewayAuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:apigateway/v1:ApigatewayAuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:apigateway%2Fv1:ApigatewayAuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:apigateway/v1:ApigatewayAuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:apigateway/v1:ApigatewayAuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:apigateway/v1:ApigatewayBinding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:apigateway%2Fv1:ApigatewayExpr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:apigateway/v1:ApigatewayBindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:apigateway%2Fv1:ApigatewayExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:apigateway/v1:ApigatewayExpr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:apigateway/v1:ApigatewayExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:apigateway/v1beta:ApigatewayApiConfigFile": { "description": "A lightweight description of a file.", "properties": { "contents": { "type": "string", "description": "The bytes that constitute the file." }, "path": { "type": "string", "description": "The file path (full or relative path). This is typically the path of the file when it is uploaded." } }, "type": "object" }, "google-native:apigateway/v1beta:ApigatewayApiConfigFileResponse": { "description": "A lightweight description of a file.", "properties": { "contents": { "type": "string", "description": "The bytes that constitute the file." }, "path": { "type": "string", "description": "The file path (full or relative path). This is typically the path of the file when it is uploaded." } }, "type": "object", "required": [ "contents", "path" ] }, "google-native:apigateway/v1beta:ApigatewayApiConfigGrpcServiceDefinition": { "description": "A gRPC service definition.", "properties": { "fileDescriptorSet": { "$ref": "#/types/google-native:apigateway%2Fv1beta:ApigatewayApiConfigFile", "description": "Input only. File descriptor set, generated by protoc. To generate, use protoc with imports and source info included. For an example test.proto file, the following command would put the value in a new file named out.pb. $ protoc --include_imports --include_source_info test.proto -o out.pb" }, "source": { "type": "array", "items": { "$ref": "#/types/google-native:apigateway%2Fv1beta:ApigatewayApiConfigFile" }, "description": "Optional. Uncompiled proto files associated with the descriptor set, used for display purposes (server-side compilation is not supported). These should match the inputs to 'protoc' command used to generate file_descriptor_set." } }, "type": "object" }, "google-native:apigateway/v1beta:ApigatewayApiConfigGrpcServiceDefinitionResponse": { "description": "A gRPC service definition.", "properties": { "fileDescriptorSet": { "$ref": "#/types/google-native:apigateway%2Fv1beta:ApigatewayApiConfigFileResponse", "description": "Input only. File descriptor set, generated by protoc. To generate, use protoc with imports and source info included. For an example test.proto file, the following command would put the value in a new file named out.pb. $ protoc --include_imports --include_source_info test.proto -o out.pb" }, "source": { "type": "array", "items": { "$ref": "#/types/google-native:apigateway%2Fv1beta:ApigatewayApiConfigFileResponse" }, "description": "Optional. Uncompiled proto files associated with the descriptor set, used for display purposes (server-side compilation is not supported). These should match the inputs to 'protoc' command used to generate file_descriptor_set." } }, "type": "object", "required": [ "fileDescriptorSet", "source" ] }, "google-native:apigateway/v1beta:ApigatewayApiConfigOpenApiDocument": { "description": "An OpenAPI Specification Document describing an API.", "properties": { "document": { "$ref": "#/types/google-native:apigateway%2Fv1beta:ApigatewayApiConfigFile", "description": "The OpenAPI Specification document file." } }, "type": "object" }, "google-native:apigateway/v1beta:ApigatewayApiConfigOpenApiDocumentResponse": { "description": "An OpenAPI Specification Document describing an API.", "properties": { "document": { "$ref": "#/types/google-native:apigateway%2Fv1beta:ApigatewayApiConfigFileResponse", "description": "The OpenAPI Specification document file." } }, "type": "object", "required": [ "document" ] }, "google-native:apigateway/v1beta:ApigatewayAuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:apigateway%2Fv1beta:ApigatewayAuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:apigateway/v1beta:ApigatewayAuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:apigateway%2Fv1beta:ApigatewayAuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:apigateway/v1beta:ApigatewayAuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:apigateway%2Fv1beta:ApigatewayAuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:apigateway/v1beta:ApigatewayAuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:apigateway/v1beta:ApigatewayAuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:apigateway/v1beta:ApigatewayBackendConfig": { "description": "Configuration for all backends.", "properties": { "googleServiceAccount": { "type": "string", "description": "Google Cloud IAM service account used to sign OIDC tokens for backends that have authentication configured (https://cloud.google.com/service-infrastructure/docs/service-management/reference/rest/v1/services.configs#backend). This may either be the Service Account's email (i.e. \"{ACCOUNT_ID}@{PROJECT}.iam.gserviceaccount.com\") or its full resource name (i.e. \"projects/{PROJECT}/accounts/{UNIQUE_ID}\"). This is most often used when the backend is a GCP resource such as a Cloud Run Service or an IAP-secured service. Note that this token is always sent as an authorization header bearer token. The audience of the OIDC token is configured in the associated Service Config in the BackendRule option (https://github.com/googleapis/googleapis/blob/master/google/api/backend.proto#L125)." } }, "type": "object" }, "google-native:apigateway/v1beta:ApigatewayBackendConfigResponse": { "description": "Configuration for all backends.", "properties": { "googleServiceAccount": { "type": "string", "description": "Google Cloud IAM service account used to sign OIDC tokens for backends that have authentication configured (https://cloud.google.com/service-infrastructure/docs/service-management/reference/rest/v1/services.configs#backend). This may either be the Service Account's email (i.e. \"{ACCOUNT_ID}@{PROJECT}.iam.gserviceaccount.com\") or its full resource name (i.e. \"projects/{PROJECT}/accounts/{UNIQUE_ID}\"). This is most often used when the backend is a GCP resource such as a Cloud Run Service or an IAP-secured service. Note that this token is always sent as an authorization header bearer token. The audience of the OIDC token is configured in the associated Service Config in the BackendRule option (https://github.com/googleapis/googleapis/blob/master/google/api/backend.proto#L125)." } }, "type": "object", "required": [ "googleServiceAccount" ] }, "google-native:apigateway/v1beta:ApigatewayBinding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:apigateway%2Fv1beta:ApigatewayExpr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:apigateway/v1beta:ApigatewayBindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:apigateway%2Fv1beta:ApigatewayExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:apigateway/v1beta:ApigatewayExpr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:apigateway/v1beta:ApigatewayExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:apigateway/v1beta:ApigatewayGatewayConfig": { "description": "Configuration settings for Gateways.", "properties": { "backendConfig": { "$ref": "#/types/google-native:apigateway%2Fv1beta:ApigatewayBackendConfig", "description": "Backend settings that are applied to all backends of the Gateway." } }, "type": "object", "required": [ "backendConfig" ] }, "google-native:apigateway/v1beta:ApigatewayGatewayConfigResponse": { "description": "Configuration settings for Gateways.", "properties": { "backendConfig": { "$ref": "#/types/google-native:apigateway%2Fv1beta:ApigatewayBackendConfigResponse", "description": "Backend settings that are applied to all backends of the Gateway." } }, "type": "object", "required": [ "backendConfig" ] }, "google-native:apigee/v1:ApiProductQuotaCounterScope": { "description": "Scope of the quota decides how the quota counter gets applied and evaluate for quota violation. If the Scope is set as PROXY, then all the operations defined for the APIproduct that are associated with the same proxy will share the same quota counter set at the APIproduct level, making it a global counter at a proxy level. If the Scope is set as OPERATION, then each operations get the counter set at the API product dedicated, making it a local counter. Note that, the QuotaCounterScope applies only when an operation does not have dedicated quota set for itself.", "type": "string", "enum": [ { "name": "QuotaCounterScopeUnspecified", "description": "When quota is not explicitly defined for each operation(REST/GraphQL), the limits set at product level will be used as a local counter for quota evaluation by all the operations, independent of proxy association.", "value": "QUOTA_COUNTER_SCOPE_UNSPECIFIED" }, { "name": "Proxy", "description": "When quota is not explicitly defined for each operation(REST/GraphQL), set at product level will be used as a global counter for quota evaluation by all the operations associated with a particular proxy.", "value": "PROXY" }, { "name": "Operation", "description": "When quota is not explicitly defined for each operation(REST/GraphQL), the limits set at product level will be used as a local counter for quota evaluation by all the operations, independent of proxy association. This behavior mimics the same as QUOTA_COUNTER_SCOPE_UNSPECIFIED.", "value": "OPERATION" } ] }, "google-native:apigee/v1:DataCollectorType": { "description": "Immutable. The type of data this data collector will collect.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "For future compatibility.", "value": "TYPE_UNSPECIFIED" }, { "name": "Integer", "description": "For integer values.", "value": "INTEGER" }, { "name": "Float", "description": "For float values.", "value": "FLOAT" }, { "name": "String", "description": "For string values.", "value": "STRING" }, { "name": "Boolean", "description": "For boolean values.", "value": "BOOLEAN" }, { "name": "Datetime", "description": "For datetime values.", "value": "DATETIME" } ] }, "google-native:apigee/v1:EnvironmentApiProxyType": { "description": "Optional. API Proxy type supported by the environment. The type can be set when creating the Environment and cannot be changed.", "type": "string", "enum": [ { "name": "ApiProxyTypeUnspecified", "description": "API proxy type not specified.", "value": "API_PROXY_TYPE_UNSPECIFIED" }, { "name": "Programmable", "description": "Programmable API Proxies enable you to develop APIs with highly flexible behavior using bundled policy configuration and one or more programming languages to describe complex sequential and/or conditional flows of logic.", "value": "PROGRAMMABLE" }, { "name": "Configurable", "description": "Configurable API Proxies enable you to develop efficient APIs using simple configuration while complex execution control flow logic is handled by Apigee. This type only works with the ARCHIVE deployment type and cannot be combined with the PROXY deployment type.", "value": "CONFIGURABLE" } ] }, "google-native:apigee/v1:EnvironmentDeploymentType": { "description": "Optional. Deployment type supported by the environment. The deployment type can be set when creating the environment and cannot be changed. When you enable archive deployment, you will be **prevented from performing** a [subset of actions](/apigee/docs/api-platform/local-development/overview#prevented-actions) within the environment, including: * Managing the deployment of API proxy or shared flow revisions * Creating, updating, or deleting resource files * Creating, updating, or deleting target servers", "type": "string", "enum": [ { "name": "DeploymentTypeUnspecified", "description": "Deployment type not specified.", "value": "DEPLOYMENT_TYPE_UNSPECIFIED" }, { "name": "Proxy", "description": "Proxy deployment enables you to develop and deploy API proxies using Apigee on Google Cloud. This cannot currently be combined with the CONFIGURABLE API proxy type.", "value": "PROXY" }, { "name": "Archive", "description": "Archive deployment enables you to develop API proxies locally then deploy an archive of your API proxy configuration to an environment in Apigee on Google Cloud. You will be prevented from performing a [subset of actions](/apigee/docs/api-platform/local-development/overview#prevented-actions) within the environment.", "value": "ARCHIVE" } ] }, "google-native:apigee/v1:EnvironmentType": { "description": "Optional. EnvironmentType selected for the environment.", "type": "string", "enum": [ { "name": "EnvironmentTypeUnspecified", "description": "Environment type not specified.", "value": "ENVIRONMENT_TYPE_UNSPECIFIED" }, { "name": "Base", "description": "Base environment has limited capacity and capabilities and are usually used when you are getting started with Apigee or while experimenting. Refer to Apigee's public documentation for more details.", "value": "BASE" }, { "name": "Intermediate", "description": "This is the default type and it supports API management features and higher capacity than Base environment. Refer to Apigee's public documentation for more details.", "value": "INTERMEDIATE" }, { "name": "Comprehensive", "description": "Comprehensive environment supports advanced capabilites and even higher capacity than Intermediate environment. Refer to Apigee's public documentation for more details.", "value": "COMPREHENSIVE" } ] }, "google-native:apigee/v1:GoogleCloudApigeeV1APIProductAssociationResponse": { "description": "APIProductAssociation has the API product and its administrative state association.", "properties": { "apiproduct": { "type": "string", "description": "API product to be associated with the credential." }, "status": { "type": "string", "description": "The API product credential associated status. Valid values are `approved` or `revoked`." } }, "type": "object", "required": [ "apiproduct", "status" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1AddonsConfig": { "description": "Add-on configurations for the Apigee organization.", "properties": { "advancedApiOpsConfig": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1AdvancedApiOpsConfig", "description": "Configuration for the Advanced API Ops add-on." }, "analyticsConfig": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1AnalyticsConfig", "description": "Configuration for the Analytics add-on." }, "apiSecurityConfig": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1ApiSecurityConfig", "description": "Configuration for the API Security add-on." }, "connectorsPlatformConfig": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1ConnectorsPlatformConfig", "description": "Configuration for the Connectors Platform add-on." }, "integrationConfig": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1IntegrationConfig", "description": "Configuration for the Integration add-on." }, "monetizationConfig": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1MonetizationConfig", "description": "Configuration for the Monetization add-on." } }, "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1AddonsConfigResponse": { "description": "Add-on configurations for the Apigee organization.", "properties": { "advancedApiOpsConfig": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1AdvancedApiOpsConfigResponse", "description": "Configuration for the Advanced API Ops add-on." }, "analyticsConfig": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1AnalyticsConfigResponse", "description": "Configuration for the Analytics add-on." }, "apiSecurityConfig": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1ApiSecurityConfigResponse", "description": "Configuration for the API Security add-on." }, "connectorsPlatformConfig": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1ConnectorsPlatformConfigResponse", "description": "Configuration for the Connectors Platform add-on." }, "integrationConfig": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1IntegrationConfigResponse", "description": "Configuration for the Integration add-on." }, "monetizationConfig": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1MonetizationConfigResponse", "description": "Configuration for the Monetization add-on." } }, "type": "object", "required": [ "advancedApiOpsConfig", "analyticsConfig", "apiSecurityConfig", "connectorsPlatformConfig", "integrationConfig", "monetizationConfig" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1AdvancedApiOpsConfig": { "description": "Configuration for the Advanced API Ops add-on.", "properties": { "enabled": { "type": "boolean", "description": "Flag that specifies whether the Advanced API Ops add-on is enabled." } }, "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1AdvancedApiOpsConfigResponse": { "description": "Configuration for the Advanced API Ops add-on.", "properties": { "enabled": { "type": "boolean", "description": "Flag that specifies whether the Advanced API Ops add-on is enabled." } }, "type": "object", "required": [ "enabled" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1AnalyticsConfig": { "description": "Configuration for the Analytics add-on.", "properties": { "enabled": { "type": "boolean", "description": "Whether the Analytics add-on is enabled." } }, "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1AnalyticsConfigResponse": { "description": "Configuration for the Analytics add-on.", "properties": { "enabled": { "type": "boolean", "description": "Whether the Analytics add-on is enabled." }, "expireTimeMillis": { "type": "string", "description": "Time at which the Analytics add-on expires in milliseconds since epoch. If unspecified, the add-on will never expire." }, "state": { "type": "string", "description": "The state of the Analytics add-on." }, "updateTime": { "type": "string", "description": "The latest update time." } }, "type": "object", "required": [ "enabled", "expireTimeMillis", "state", "updateTime" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1ApiCategoryResponse": { "description": "`ApiCategory` represents an API category. [Catalog items](/apigee/docs/reference/apis/apigee/rest/v1/organizations.sites.apidocs) can be tagged with API categories; users viewing the API catalog in the portal will have the option to browse the catalog by category.", "properties": { "name": { "type": "string", "description": "Name of the category." }, "siteId": { "type": "string", "description": "Name of the portal." }, "updateTime": { "type": "string", "description": "Time the category was last modified in milliseconds since epoch." } }, "type": "object", "required": [ "name", "siteId", "updateTime" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1ApiProductRefResponse": { "properties": { "apiproduct": { "type": "string", "description": "Name of the API product." }, "status": { "type": "string", "description": "Status of the API product. Valid values are `approved` or `revoked`." } }, "type": "object", "required": [ "apiproduct", "status" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1ApiSecurityConfig": { "description": "Configurations of the API Security add-on.", "properties": { "enabled": { "type": "boolean", "description": "Flag that specifies whether the API security add-on is enabled." } }, "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1ApiSecurityConfigResponse": { "description": "Configurations of the API Security add-on.", "properties": { "enabled": { "type": "boolean", "description": "Flag that specifies whether the API security add-on is enabled." }, "expiresAt": { "type": "string", "description": "Time at which the API Security add-on expires in in milliseconds since epoch. If unspecified, the add-on will never expire." } }, "type": "object", "required": [ "enabled", "expiresAt" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1AsyncQueryResultResponse": { "properties": { "expires": { "type": "string", "description": "Query result will be unaccessable after this time." }, "self": { "type": "string", "description": "Self link of the query results. Example: `/organizations/myorg/environments/myenv/queries/9cfc0d85-0f30-46d6-ae6f-318d0cb961bd/result` or following format if query is running at host level: `/organizations/myorg/hostQueries/9cfc0d85-0f30-46d6-ae6f-318d0cb961bd/result`" } }, "type": "object", "required": [ "expires", "self" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1Attribute": { "description": "Key-value pair to store extra metadata.", "properties": { "name": { "type": "string", "description": "API key of the attribute." }, "value": { "type": "string", "description": "Value of the attribute." } }, "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1AttributeResponse": { "description": "Key-value pair to store extra metadata.", "properties": { "name": { "type": "string", "description": "API key of the attribute." }, "value": { "type": "string", "description": "Value of the attribute." } }, "type": "object", "required": [ "name", "value" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1CanaryEvaluationMetricLabels": { "description": "Labels that can be used to filter Apigee metrics.", "properties": { "env": { "type": "string", "description": "The environment ID associated with the metrics." }, "instanceId": { "type": "string", "description": "The instance ID associated with the metrics. In Apigee Hybrid, the value is configured during installation." }, "location": { "type": "string", "description": "The location associated with the metrics." } }, "type": "object", "required": [ "instanceId", "location" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1CanaryEvaluationMetricLabelsResponse": { "description": "Labels that can be used to filter Apigee metrics.", "properties": { "env": { "type": "string", "description": "The environment ID associated with the metrics." }, "instanceId": { "type": "string", "description": "The instance ID associated with the metrics. In Apigee Hybrid, the value is configured during installation." }, "location": { "type": "string", "description": "The location associated with the metrics." } }, "type": "object", "required": [ "env", "instanceId", "location" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1CertInfoResponse": { "description": "X.509 certificate as defined in RFC 5280.", "properties": { "basicConstraints": { "type": "string", "description": "X.509 basic constraints extension." }, "expiryDate": { "type": "string", "description": "X.509 `notAfter` validity period in milliseconds since epoch." }, "isValid": { "type": "string", "description": "Flag that specifies whether the certificate is valid. Flag is set to `Yes` if the certificate is valid, `No` if expired, or `Not yet` if not yet valid." }, "issuer": { "type": "string", "description": "X.509 issuer." }, "publicKey": { "type": "string", "description": "Public key component of the X.509 subject public key info." }, "serialNumber": { "type": "string", "description": "X.509 serial number." }, "sigAlgName": { "type": "string", "description": "X.509 signatureAlgorithm." }, "subject": { "type": "string", "description": "X.509 subject." }, "subjectAlternativeNames": { "type": "array", "items": { "type": "string" }, "description": "X.509 subject alternative names (SANs) extension." }, "validFrom": { "type": "string", "description": "X.509 `notBefore` validity period in milliseconds since epoch." }, "version": { "type": "integer", "description": "X.509 version." } }, "type": "object", "required": [ "basicConstraints", "expiryDate", "isValid", "issuer", "publicKey", "serialNumber", "sigAlgName", "subject", "subjectAlternativeNames", "validFrom", "version" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1CertificateResponse": { "properties": { "certInfo": { "type": "array", "items": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1CertInfoResponse" }, "description": "Chain of certificates under this name." } }, "type": "object", "required": [ "certInfo" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1ConnectorsPlatformConfig": { "description": "Configuration for the Connectors Platform add-on.", "properties": { "enabled": { "type": "boolean", "description": "Flag that specifies whether the Connectors Platform add-on is enabled." } }, "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1ConnectorsPlatformConfigResponse": { "description": "Configuration for the Connectors Platform add-on.", "properties": { "enabled": { "type": "boolean", "description": "Flag that specifies whether the Connectors Platform add-on is enabled." }, "expiresAt": { "type": "string", "description": "Time at which the Connectors Platform add-on expires in milliseconds since epoch. If unspecified, the add-on will never expire." } }, "type": "object", "required": [ "enabled", "expiresAt" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1CredentialResponse": { "properties": { "apiProducts": { "type": "array", "items": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1ApiProductRefResponse" }, "description": "List of API products this credential can be used for." }, "attributes": { "type": "array", "items": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1AttributeResponse" }, "description": "List of attributes associated with this credential." }, "consumerKey": { "type": "string", "description": "Consumer key." }, "consumerSecret": { "type": "string", "description": "Secret key." }, "expiresAt": { "type": "string", "description": "Time the credential will expire in milliseconds since epoch." }, "issuedAt": { "type": "string", "description": "Time the credential was issued in milliseconds since epoch." }, "scopes": { "type": "array", "items": { "type": "string" }, "description": "List of scopes to apply to the app. Specified scopes must already exist on the API product that you associate with the app." }, "status": { "type": "string", "description": "Status of the credential. Valid values include `approved` or `revoked`." } }, "type": "object", "required": [ "apiProducts", "attributes", "consumerKey", "consumerSecret", "expiresAt", "issuedAt", "scopes", "status" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1CustomReportMetric": { "description": "This encapsulates a metric property of the form sum(message_count) where name is message_count and function is sum", "properties": { "function": { "type": "string", "description": "aggregate function" }, "name": { "type": "string", "description": "name of the metric" } }, "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1CustomReportMetricResponse": { "description": "This encapsulates a metric property of the form sum(message_count) where name is message_count and function is sum", "properties": { "function": { "type": "string", "description": "aggregate function" }, "name": { "type": "string", "description": "name of the metric" } }, "type": "object", "required": [ "function", "name" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1DatastoreConfig": { "description": "Configuration detail for datastore", "properties": { "bucketName": { "type": "string", "description": "Name of the Cloud Storage bucket. Required for `gcs` target_type." }, "datasetName": { "type": "string", "description": "BigQuery dataset name Required for `bigquery` target_type." }, "path": { "type": "string", "description": "Path of Cloud Storage bucket Required for `gcs` target_type." }, "project": { "type": "string", "description": "GCP project in which the datastore exists" }, "tablePrefix": { "type": "string", "description": "Prefix of BigQuery table Required for `bigquery` target_type." } }, "type": "object", "required": [ "project" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1DatastoreConfigResponse": { "description": "Configuration detail for datastore", "properties": { "bucketName": { "type": "string", "description": "Name of the Cloud Storage bucket. Required for `gcs` target_type." }, "datasetName": { "type": "string", "description": "BigQuery dataset name Required for `bigquery` target_type." }, "path": { "type": "string", "description": "Path of Cloud Storage bucket Required for `gcs` target_type." }, "project": { "type": "string", "description": "GCP project in which the datastore exists" }, "tablePrefix": { "type": "string", "description": "Prefix of BigQuery table Required for `bigquery` target_type." } }, "type": "object", "required": [ "bucketName", "datasetName", "path", "project", "tablePrefix" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1DateRange": { "description": "Date range of the data to export.", "properties": { "end": { "type": "string", "description": "End date (exclusive) of the data to export in the format `yyyy-mm-dd`. The date range ends at 00:00:00 UTC on the end date- which will not be in the output." }, "start": { "type": "string", "description": "Start date of the data to export in the format `yyyy-mm-dd`. The date range begins at 00:00:00 UTC on the start date." } }, "type": "object", "required": [ "end", "start" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1EntityMetadataResponse": { "description": "Metadata common to many entities in this API.", "properties": { "createdAt": { "type": "string", "description": "Time at which the API proxy was created, in milliseconds since epoch." }, "lastModifiedAt": { "type": "string", "description": "Time at which the API proxy was most recently modified, in milliseconds since epoch." }, "subType": { "type": "string", "description": "The type of entity described" } }, "type": "object", "required": [ "createdAt", "lastModifiedAt", "subType" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1GraphQLOperation": { "description": "Represents the pairing of GraphQL operation types and the GraphQL operation name.", "properties": { "operation": { "type": "string", "description": "GraphQL operation name. The name and operation type will be used to apply quotas. If no name is specified, the quota will be applied to all GraphQL operations irrespective of their operation names in the payload." }, "operationTypes": { "type": "array", "items": { "type": "string" }, "description": "GraphQL operation types. Valid values include `query` or `mutation`. **Note**: Apigee does not currently support `subscription` types." } }, "type": "object", "required": [ "operationTypes" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1GraphQLOperationConfig": { "description": "Binds the resources in a proxy or remote service with the GraphQL operation and its associated quota enforcement.", "properties": { "apiSource": { "type": "string", "description": "Name of the API proxy endpoint or remote service with which the GraphQL operation and quota are associated." }, "attributes": { "type": "array", "items": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1Attribute" }, "description": "Custom attributes associated with the operation." }, "operations": { "type": "array", "items": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1GraphQLOperation" }, "description": "List of GraphQL name/operation type pairs for the proxy or remote service to which quota will be applied. If only operation types are specified, the quota will be applied to all GraphQL requests irrespective of the GraphQL name. **Note**: Currently, you can specify only a single GraphQLOperation. Specifying more than one will cause the operation to fail." }, "quota": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1Quota", "description": "Quota parameters to be enforced for the resources, methods, and API source combination. If none are specified, quota enforcement will not be done." } }, "type": "object", "required": [ "apiSource", "operations" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1GraphQLOperationConfigResponse": { "description": "Binds the resources in a proxy or remote service with the GraphQL operation and its associated quota enforcement.", "properties": { "apiSource": { "type": "string", "description": "Name of the API proxy endpoint or remote service with which the GraphQL operation and quota are associated." }, "attributes": { "type": "array", "items": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1AttributeResponse" }, "description": "Custom attributes associated with the operation." }, "operations": { "type": "array", "items": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1GraphQLOperationResponse" }, "description": "List of GraphQL name/operation type pairs for the proxy or remote service to which quota will be applied. If only operation types are specified, the quota will be applied to all GraphQL requests irrespective of the GraphQL name. **Note**: Currently, you can specify only a single GraphQLOperation. Specifying more than one will cause the operation to fail." }, "quota": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1QuotaResponse", "description": "Quota parameters to be enforced for the resources, methods, and API source combination. If none are specified, quota enforcement will not be done." } }, "type": "object", "required": [ "apiSource", "attributes", "operations", "quota" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1GraphQLOperationGroup": { "description": "List of graphQL operation configuration details associated with Apigee API proxies or remote services. Remote services are non-Apigee proxies, such as Istio-Envoy.", "properties": { "operationConfigType": { "type": "string", "description": "Flag that specifies whether the configuration is for Apigee API proxy or a remote service. Valid values include `proxy` or `remoteservice`. Defaults to `proxy`. Set to `proxy` when Apigee API proxies are associated with the API product. Set to `remoteservice` when non-Apigee proxies like Istio-Envoy are associated with the API product." }, "operationConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1GraphQLOperationConfig" }, "description": "List of operation configurations for either Apigee API proxies or other remote services that are associated with this API product." } }, "type": "object", "required": [ "operationConfigs" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1GraphQLOperationGroupResponse": { "description": "List of graphQL operation configuration details associated with Apigee API proxies or remote services. Remote services are non-Apigee proxies, such as Istio-Envoy.", "properties": { "operationConfigType": { "type": "string", "description": "Flag that specifies whether the configuration is for Apigee API proxy or a remote service. Valid values include `proxy` or `remoteservice`. Defaults to `proxy`. Set to `proxy` when Apigee API proxies are associated with the API product. Set to `remoteservice` when non-Apigee proxies like Istio-Envoy are associated with the API product." }, "operationConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1GraphQLOperationConfigResponse" }, "description": "List of operation configurations for either Apigee API proxies or other remote services that are associated with this API product." } }, "type": "object", "required": [ "operationConfigType", "operationConfigs" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1GraphQLOperationResponse": { "description": "Represents the pairing of GraphQL operation types and the GraphQL operation name.", "properties": { "operation": { "type": "string", "description": "GraphQL operation name. The name and operation type will be used to apply quotas. If no name is specified, the quota will be applied to all GraphQL operations irrespective of their operation names in the payload." }, "operationTypes": { "type": "array", "items": { "type": "string" }, "description": "GraphQL operation types. Valid values include `query` or `mutation`. **Note**: Apigee does not currently support `subscription` types." } }, "type": "object", "required": [ "operation", "operationTypes" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1GrpcOperationConfig": { "description": "Binds the resources in a proxy or remote service with the gRPC operation and its associated quota enforcement.", "properties": { "apiSource": { "type": "string", "description": "Name of the API proxy with which the gRPC operation and quota are associated." }, "attributes": { "type": "array", "items": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1Attribute" }, "description": "Custom attributes associated with the operation." }, "methods": { "type": "array", "items": { "type": "string" }, "description": "List of unqualified gRPC method names for the proxy to which quota will be applied. If this field is empty, the Quota will apply to all operations on the gRPC service defined on the proxy. Example: Given a proxy that is configured to serve com.petstore.PetService, the methods com.petstore.PetService.ListPets and com.petstore.PetService.GetPet would be specified here as simply [\"ListPets\", \"GetPet\"]." }, "quota": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1Quota", "description": "Quota parameters to be enforced for the methods and API source combination. If none are specified, quota enforcement will not be done." }, "service": { "type": "string", "description": "gRPC Service name associated to be associated with the API proxy, on which quota rules can be applied upon." } }, "type": "object", "required": [ "apiSource", "service" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1GrpcOperationConfigResponse": { "description": "Binds the resources in a proxy or remote service with the gRPC operation and its associated quota enforcement.", "properties": { "apiSource": { "type": "string", "description": "Name of the API proxy with which the gRPC operation and quota are associated." }, "attributes": { "type": "array", "items": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1AttributeResponse" }, "description": "Custom attributes associated with the operation." }, "methods": { "type": "array", "items": { "type": "string" }, "description": "List of unqualified gRPC method names for the proxy to which quota will be applied. If this field is empty, the Quota will apply to all operations on the gRPC service defined on the proxy. Example: Given a proxy that is configured to serve com.petstore.PetService, the methods com.petstore.PetService.ListPets and com.petstore.PetService.GetPet would be specified here as simply [\"ListPets\", \"GetPet\"]." }, "quota": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1QuotaResponse", "description": "Quota parameters to be enforced for the methods and API source combination. If none are specified, quota enforcement will not be done." }, "service": { "type": "string", "description": "gRPC Service name associated to be associated with the API proxy, on which quota rules can be applied upon." } }, "type": "object", "required": [ "apiSource", "attributes", "methods", "quota", "service" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1GrpcOperationGroup": { "description": "List of gRPC operation configuration details associated with Apigee API proxies.", "properties": { "operationConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1GrpcOperationConfig" }, "description": "List of operation configurations for either Apigee API proxies that are associated with this API product." } }, "type": "object", "required": [ "operationConfigs" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1GrpcOperationGroupResponse": { "description": "List of gRPC operation configuration details associated with Apigee API proxies.", "properties": { "operationConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1GrpcOperationConfigResponse" }, "description": "List of operation configurations for either Apigee API proxies that are associated with this API product." } }, "type": "object", "required": [ "operationConfigs" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1IntegrationConfig": { "description": "Configuration for the Integration add-on.", "properties": { "enabled": { "type": "boolean", "description": "Flag that specifies whether the Integration add-on is enabled." } }, "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1IntegrationConfigResponse": { "description": "Configuration for the Integration add-on.", "properties": { "enabled": { "type": "boolean", "description": "Flag that specifies whether the Integration add-on is enabled." } }, "type": "object", "required": [ "enabled" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1MonetizationConfig": { "description": "Configuration for the Monetization add-on.", "properties": { "enabled": { "type": "boolean", "description": "Flag that specifies whether the Monetization add-on is enabled." } }, "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1MonetizationConfigResponse": { "description": "Configuration for the Monetization add-on.", "properties": { "enabled": { "type": "boolean", "description": "Flag that specifies whether the Monetization add-on is enabled." } }, "type": "object", "required": [ "enabled" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1NodeConfig": { "description": "NodeConfig for setting the min/max number of nodes associated with the environment.", "properties": { "maxNodeCount": { "type": "string", "description": "Optional. The maximum total number of gateway nodes that the is reserved for all instances that has the specified environment. If not specified, the default is determined by the recommended maximum number of nodes for that gateway." }, "minNodeCount": { "type": "string", "description": "Optional. The minimum total number of gateway nodes that the is reserved for all instances that has the specified environment. If not specified, the default is determined by the recommended minimum number of nodes for that gateway." } }, "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1NodeConfigResponse": { "description": "NodeConfig for setting the min/max number of nodes associated with the environment.", "properties": { "currentAggregateNodeCount": { "type": "string", "description": "The current total number of gateway nodes that each environment currently has across all instances." }, "maxNodeCount": { "type": "string", "description": "Optional. The maximum total number of gateway nodes that the is reserved for all instances that has the specified environment. If not specified, the default is determined by the recommended maximum number of nodes for that gateway." }, "minNodeCount": { "type": "string", "description": "Optional. The minimum total number of gateway nodes that the is reserved for all instances that has the specified environment. If not specified, the default is determined by the recommended minimum number of nodes for that gateway." } }, "type": "object", "required": [ "currentAggregateNodeCount", "maxNodeCount", "minNodeCount" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1Operation": { "description": "Represents the pairing of REST resource path and the actions (verbs) allowed on the resource path.", "properties": { "methods": { "type": "array", "items": { "type": "string" }, "description": "methods refers to the REST verbs as in https://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html. When none specified, all verb types are allowed." }, "resource": { "type": "string", "description": "REST resource path associated with the API proxy or remote service." } }, "type": "object", "required": [ "resource" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1OperationConfig": { "description": "Binds the resources in an API proxy or remote service with the allowed REST methods and associated quota enforcement.", "properties": { "apiSource": { "type": "string", "description": "Name of the API proxy or remote service with which the resources, methods, and quota are associated." }, "attributes": { "type": "array", "items": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1Attribute" }, "description": "Custom attributes associated with the operation." }, "operations": { "type": "array", "items": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1Operation" }, "description": "List of resource/method pairs for the API proxy or remote service to which quota will applied. **Note**: Currently, you can specify only a single resource/method pair. The call will fail if more than one resource/method pair is provided." }, "quota": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1Quota", "description": "Quota parameters to be enforced for the resources, methods, and API source combination. If none are specified, quota enforcement will not be done." } }, "type": "object", "required": [ "apiSource" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1OperationConfigResponse": { "description": "Binds the resources in an API proxy or remote service with the allowed REST methods and associated quota enforcement.", "properties": { "apiSource": { "type": "string", "description": "Name of the API proxy or remote service with which the resources, methods, and quota are associated." }, "attributes": { "type": "array", "items": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1AttributeResponse" }, "description": "Custom attributes associated with the operation." }, "operations": { "type": "array", "items": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1OperationResponse" }, "description": "List of resource/method pairs for the API proxy or remote service to which quota will applied. **Note**: Currently, you can specify only a single resource/method pair. The call will fail if more than one resource/method pair is provided." }, "quota": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1QuotaResponse", "description": "Quota parameters to be enforced for the resources, methods, and API source combination. If none are specified, quota enforcement will not be done." } }, "type": "object", "required": [ "apiSource", "attributes", "operations", "quota" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1OperationGroup": { "description": "List of operation configuration details associated with Apigee API proxies or remote services. Remote services are non-Apigee proxies, such as Istio-Envoy.", "properties": { "operationConfigType": { "type": "string", "description": "Flag that specifes whether the configuration is for Apigee API proxy or a remote service. Valid values include `proxy` or `remoteservice`. Defaults to `proxy`. Set to `proxy` when Apigee API proxies are associated with the API product. Set to `remoteservice` when non-Apigee proxies like Istio-Envoy are associated with the API product." }, "operationConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1OperationConfig" }, "description": "List of operation configurations for either Apigee API proxies or other remote services that are associated with this API product." } }, "type": "object", "required": [ "operationConfigs" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1OperationGroupResponse": { "description": "List of operation configuration details associated with Apigee API proxies or remote services. Remote services are non-Apigee proxies, such as Istio-Envoy.", "properties": { "operationConfigType": { "type": "string", "description": "Flag that specifes whether the configuration is for Apigee API proxy or a remote service. Valid values include `proxy` or `remoteservice`. Defaults to `proxy`. Set to `proxy` when Apigee API proxies are associated with the API product. Set to `remoteservice` when non-Apigee proxies like Istio-Envoy are associated with the API product." }, "operationConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1OperationConfigResponse" }, "description": "List of operation configurations for either Apigee API proxies or other remote services that are associated with this API product." } }, "type": "object", "required": [ "operationConfigType", "operationConfigs" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1OperationResponse": { "description": "Represents the pairing of REST resource path and the actions (verbs) allowed on the resource path.", "properties": { "methods": { "type": "array", "items": { "type": "string" }, "description": "methods refers to the REST verbs as in https://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html. When none specified, all verb types are allowed." }, "resource": { "type": "string", "description": "REST resource path associated with the API proxy or remote service." } }, "type": "object", "required": [ "methods", "resource" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1ProfileConfig": { "description": "ProfileConfig defines a set of categories and policies which will be used to compute security score.", "properties": { "categories": { "type": "array", "items": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1ProfileConfigCategory" }, "description": "List of categories of profile config." } }, "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1ProfileConfigAbuse": { "description": "Checks for abuse, which includes any requests sent to the API for purposes other than what it is intended for, such as high volumes of requests, data scraping, and abuse related to authorization.", "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1ProfileConfigAbuseResponse": { "description": "Checks for abuse, which includes any requests sent to the API for purposes other than what it is intended for, such as high volumes of requests, data scraping, and abuse related to authorization.", "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1ProfileConfigAuthorization": { "description": "By default, following policies will be included: - JWS - JWT - OAuth - BasicAuth - APIKey", "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1ProfileConfigAuthorizationResponse": { "description": "By default, following policies will be included: - JWS - JWT - OAuth - BasicAuth - APIKey", "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1ProfileConfigCORS": { "description": "Checks to see if you have CORS policy in place.", "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1ProfileConfigCORSResponse": { "description": "Checks to see if you have CORS policy in place.", "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1ProfileConfigCategory": { "description": "Advanced API Security provides security profile that scores the following categories.", "properties": { "abuse": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1ProfileConfigAbuse", "description": "Checks for abuse, which includes any requests sent to the API for purposes other than what it is intended for, such as high volumes of requests, data scraping, and abuse related to authorization." }, "authorization": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1ProfileConfigAuthorization", "description": "Checks to see if you have an authorization policy in place." }, "cors": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1ProfileConfigCORS", "description": "Checks to see if you have CORS policy in place." }, "mediation": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1ProfileConfigMediation", "description": "Checks to see if you have a mediation policy in place." }, "mtls": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1ProfileConfigMTLS", "description": "Checks to see if you have configured mTLS for the target server." }, "threat": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1ProfileConfigThreat", "description": "Checks to see if you have a threat protection policy in place." } }, "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1ProfileConfigCategoryResponse": { "description": "Advanced API Security provides security profile that scores the following categories.", "properties": { "abuse": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1ProfileConfigAbuseResponse", "description": "Checks for abuse, which includes any requests sent to the API for purposes other than what it is intended for, such as high volumes of requests, data scraping, and abuse related to authorization." }, "authorization": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1ProfileConfigAuthorizationResponse", "description": "Checks to see if you have an authorization policy in place." }, "cors": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1ProfileConfigCORSResponse", "description": "Checks to see if you have CORS policy in place." }, "mediation": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1ProfileConfigMediationResponse", "description": "Checks to see if you have a mediation policy in place." }, "mtls": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1ProfileConfigMTLSResponse", "description": "Checks to see if you have configured mTLS for the target server." }, "threat": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1ProfileConfigThreatResponse", "description": "Checks to see if you have a threat protection policy in place." } }, "type": "object", "required": [ "abuse", "authorization", "cors", "mediation", "mtls", "threat" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1ProfileConfigMTLS": { "description": "Checks to see if you have configured mTLS for the target server.", "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1ProfileConfigMTLSResponse": { "description": "Checks to see if you have configured mTLS for the target server.", "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1ProfileConfigMediation": { "description": "By default, following policies will be included: - OASValidation - SOAPMessageValidation", "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1ProfileConfigMediationResponse": { "description": "By default, following policies will be included: - OASValidation - SOAPMessageValidation", "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1ProfileConfigResponse": { "description": "ProfileConfig defines a set of categories and policies which will be used to compute security score.", "properties": { "categories": { "type": "array", "items": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1ProfileConfigCategoryResponse" }, "description": "List of categories of profile config." } }, "type": "object", "required": [ "categories" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1ProfileConfigThreat": { "description": "By default, following policies will be included: - XMLThreatProtection - JSONThreatProtection", "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1ProfileConfigThreatResponse": { "description": "By default, following policies will be included: - XMLThreatProtection - JSONThreatProtection", "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1Properties": { "description": "Message for compatibility with legacy Edge specification for Java Properties object in JSON.", "properties": { "property": { "type": "array", "items": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1Property" }, "description": "List of all properties in the object" } }, "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1PropertiesResponse": { "description": "Message for compatibility with legacy Edge specification for Java Properties object in JSON.", "properties": { "property": { "type": "array", "items": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1PropertyResponse" }, "description": "List of all properties in the object" } }, "type": "object", "required": [ "property" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1Property": { "description": "A single property entry in the Properties message.", "properties": { "name": { "type": "string", "description": "The property key" }, "value": { "type": "string", "description": "The property value" } }, "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1PropertyResponse": { "description": "A single property entry in the Properties message.", "properties": { "name": { "type": "string", "description": "The property key" }, "value": { "type": "string", "description": "The property value" } }, "type": "object", "required": [ "name", "value" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1QueryMetadataResponse": { "properties": { "dimensions": { "type": "array", "items": { "type": "string" }, "description": "Dimensions of the AsyncQuery." }, "endTimestamp": { "type": "string", "description": "End timestamp of the query range." }, "metrics": { "type": "array", "items": { "type": "string" }, "description": "Metrics of the AsyncQuery. Example: [\"name:message_count,func:sum,alias:sum_message_count\"]" }, "outputFormat": { "type": "string", "description": "Output format." }, "startTimestamp": { "type": "string", "description": "Start timestamp of the query range." }, "timeUnit": { "type": "string", "description": "Query GroupBy time unit." } }, "type": "object", "required": [ "dimensions", "endTimestamp", "metrics", "outputFormat", "startTimestamp", "timeUnit" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1QueryMetric": { "description": "More info about Metric: https://docs.apigee.com/api-platform/analytics/analytics-reference#metrics", "properties": { "alias": { "type": "string", "description": "Alias for the metric. Alias will be used to replace metric name in query results." }, "function": { "type": "string", "description": "Aggregation function: avg, min, max, or sum." }, "name": { "type": "string", "description": "Metric name." }, "operator": { "type": "string", "description": "One of `+`, `-`, `/`, `%`, `*`." }, "value": { "type": "string", "description": "Operand value should be provided when operator is set." } }, "type": "object", "required": [ "name" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1Quota": { "description": "Quota contains the essential parameters needed that can be applied on the resources, methods, API source combination associated with this API product. While Quota is optional, setting it prevents requests from exceeding the provisioned parameters.", "properties": { "interval": { "type": "string", "description": "Time interval over which the number of request messages is calculated." }, "limit": { "type": "string", "description": "Upper limit allowed for the time interval and time unit specified. Requests exceeding this limit will be rejected." }, "timeUnit": { "type": "string", "description": "Time unit defined for the `interval`. Valid values include `minute`, `hour`, `day`, or `month`. If `limit` and `interval` are valid, the default value is `hour`; otherwise, the default is null." } }, "type": "object", "required": [ "interval", "limit" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1QuotaResponse": { "description": "Quota contains the essential parameters needed that can be applied on the resources, methods, API source combination associated with this API product. While Quota is optional, setting it prevents requests from exceeding the provisioned parameters.", "properties": { "interval": { "type": "string", "description": "Time interval over which the number of request messages is calculated." }, "limit": { "type": "string", "description": "Upper limit allowed for the time interval and time unit specified. Requests exceeding this limit will be rejected." }, "timeUnit": { "type": "string", "description": "Time unit defined for the `interval`. Valid values include `minute`, `hour`, `day`, or `month`. If `limit` and `interval` are valid, the default value is `hour`; otherwise, the default is null." } }, "type": "object", "required": [ "interval", "limit", "timeUnit" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1RateRange": { "description": "API call volume range and the fees charged when the total number of API calls is within the range.", "properties": { "end": { "type": "string", "description": "Ending value of the range. Set to 0 or `null` for the last range of values." }, "fee": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleTypeMoney", "description": "Fee to charge when total number of API calls falls within this range." }, "start": { "type": "string", "description": "Starting value of the range. Set to 0 or `null` for the initial range of values." } }, "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1RateRangeResponse": { "description": "API call volume range and the fees charged when the total number of API calls is within the range.", "properties": { "end": { "type": "string", "description": "Ending value of the range. Set to 0 or `null` for the last range of values." }, "fee": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleTypeMoneyResponse", "description": "Fee to charge when total number of API calls falls within this range." }, "start": { "type": "string", "description": "Starting value of the range. Set to 0 or `null` for the initial range of values." } }, "type": "object", "required": [ "end", "fee", "start" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1ReportProperty": { "properties": { "property": { "type": "string", "description": "name of the property" }, "value": { "type": "array", "items": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1Attribute" }, "description": "property values" } }, "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1ReportPropertyResponse": { "properties": { "property": { "type": "string", "description": "name of the property" }, "value": { "type": "array", "items": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1AttributeResponse" }, "description": "property values" } }, "type": "object", "required": [ "property", "value" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1RevenueShareRange": { "description": "API call volume range and the percentage of revenue to share with the developer when the total number of API calls is within the range.", "properties": { "end": { "type": "string", "description": "Ending value of the range. Set to 0 or `null` for the last range of values." }, "sharePercentage": { "type": "number", "description": "Percentage of the revenue to be shared with the developer. For example, to share 21 percent of the total revenue with the developer, set this value to 21. Specify a decimal number with a maximum of two digits following the decimal point." }, "start": { "type": "string", "description": "Starting value of the range. Set to 0 or `null` for the initial range of values." } }, "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1RevenueShareRangeResponse": { "description": "API call volume range and the percentage of revenue to share with the developer when the total number of API calls is within the range.", "properties": { "end": { "type": "string", "description": "Ending value of the range. Set to 0 or `null` for the last range of values." }, "sharePercentage": { "type": "number", "description": "Percentage of the revenue to be shared with the developer. For example, to share 21 percent of the total revenue with the developer, set this value to 21. Specify a decimal number with a maximum of two digits following the decimal point." }, "start": { "type": "string", "description": "Starting value of the range. Set to 0 or `null` for the initial range of values." } }, "type": "object", "required": [ "end", "sharePercentage", "start" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1SecurityActionAllow": { "description": "Message that should be set in case of an Allow Action. This does not have any fields.", "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1SecurityActionAllowResponse": { "description": "Message that should be set in case of an Allow Action. This does not have any fields.", "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1SecurityActionConditionConfig": { "description": "The following are a list of conditions. A valid SecurityAction must contain at least one condition. Within a condition, each element is ORed. Across conditions elements are ANDed. For example if a SecurityAction has the following: api_keys: [\"key1\", \"key2\"] and developers: [\"dev1\", \"dev2\"] then this is interpreted as: enforce the action if the incoming request has ((api_key = \"key1\" OR api_key=\"key\") AND (developer=\"dev1\" OR developer=\"dev2\"))", "properties": { "botReasons": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of Bot Reasons. Current options: Flooder, Brute Guessor, Static Content Scraper, OAuth Abuser, Robot Abuser, TorListRule, Advanced Anomaly Detection and Advanced API Scraper." }, "ipAddressRanges": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of IP addresses. This could be either IPv4 or IPv6. Limited to 100 per action." } }, "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1SecurityActionConditionConfigResponse": { "description": "The following are a list of conditions. A valid SecurityAction must contain at least one condition. Within a condition, each element is ORed. Across conditions elements are ANDed. For example if a SecurityAction has the following: api_keys: [\"key1\", \"key2\"] and developers: [\"dev1\", \"dev2\"] then this is interpreted as: enforce the action if the incoming request has ((api_key = \"key1\" OR api_key=\"key\") AND (developer=\"dev1\" OR developer=\"dev2\"))", "properties": { "botReasons": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of Bot Reasons. Current options: Flooder, Brute Guessor, Static Content Scraper, OAuth Abuser, Robot Abuser, TorListRule, Advanced Anomaly Detection and Advanced API Scraper." }, "ipAddressRanges": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of IP addresses. This could be either IPv4 or IPv6. Limited to 100 per action." } }, "type": "object", "required": [ "botReasons", "ipAddressRanges" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1SecurityActionDeny": { "description": "Message that should be set in case of a Deny Action.", "properties": { "responseCode": { "type": "integer", "description": "Optional. The HTTP response code if the Action = DENY." } }, "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1SecurityActionDenyResponse": { "description": "Message that should be set in case of a Deny Action.", "properties": { "responseCode": { "type": "integer", "description": "Optional. The HTTP response code if the Action = DENY." } }, "type": "object", "required": [ "responseCode" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1SecurityActionFlag": { "description": "The message that should be set in the case of a Flag action.", "properties": { "headers": { "type": "array", "items": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1SecurityActionHttpHeader" }, "description": "Optional. A list of HTTP headers to be sent to the target in case of a FLAG SecurityAction. Limit 5 headers per SecurityAction. At least one is mandatory." } }, "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1SecurityActionFlagResponse": { "description": "The message that should be set in the case of a Flag action.", "properties": { "headers": { "type": "array", "items": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1SecurityActionHttpHeaderResponse" }, "description": "Optional. A list of HTTP headers to be sent to the target in case of a FLAG SecurityAction. Limit 5 headers per SecurityAction. At least one is mandatory." } }, "type": "object", "required": [ "headers" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1SecurityActionHttpHeader": { "description": "An HTTP header.", "properties": { "name": { "type": "string", "description": "The header name to be sent to the target." }, "value": { "type": "string", "description": "The header value to be sent to the target." } }, "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1SecurityActionHttpHeaderResponse": { "description": "An HTTP header.", "properties": { "name": { "type": "string", "description": "The header name to be sent to the target." }, "value": { "type": "string", "description": "The header value to be sent to the target." } }, "type": "object", "required": [ "name", "value" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1SecurityProfileEnvironment": { "description": "Environment information of attached environments. Scoring an environment is enabled only if it is attached to a security profile.", "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1SecurityProfileEnvironmentResponse": { "description": "Environment information of attached environments. Scoring an environment is enabled only if it is attached to a security profile.", "properties": { "attachTime": { "type": "string", "description": "Time at which environment was attached to the security profile." }, "environment": { "type": "string", "description": "Name of the environment." } }, "type": "object", "required": [ "attachTime", "environment" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1SecurityProfileScoringConfig": { "description": "Security configurations to manage scoring.", "properties": { "description": { "type": "string", "description": "Description of the config." }, "scorePath": { "type": "string", "description": "Path of the component config used for scoring." }, "title": { "type": "string", "description": "Title of the config." } }, "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1SecurityProfileScoringConfigResponse": { "description": "Security configurations to manage scoring.", "properties": { "description": { "type": "string", "description": "Description of the config." }, "scorePath": { "type": "string", "description": "Path of the component config used for scoring." }, "title": { "type": "string", "description": "Title of the config." } }, "type": "object", "required": [ "description", "scorePath", "title" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1SecurityReportMetadataResponse": { "description": "Metadata for the security report.", "properties": { "dimensions": { "type": "array", "items": { "type": "string" }, "description": "Dimensions of the SecurityReport." }, "endTimestamp": { "type": "string", "description": "End timestamp of the query range." }, "metrics": { "type": "array", "items": { "type": "string" }, "description": "Metrics of the SecurityReport. Example: [\"name:bot_count,func:sum,alias:sum_bot_count\"]" }, "mimeType": { "type": "string", "description": "MIME type / Output format." }, "startTimestamp": { "type": "string", "description": "Start timestamp of the query range." }, "timeUnit": { "type": "string", "description": "Query GroupBy time unit. Example: \"seconds\", \"minute\", \"hour\"" } }, "type": "object", "required": [ "dimensions", "endTimestamp", "metrics", "mimeType", "startTimestamp", "timeUnit" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1SecurityReportQueryMetric": { "description": "Metric of the Query", "properties": { "aggregationFunction": { "type": "string", "description": "Aggregation function: avg, min, max, or sum." }, "alias": { "type": "string", "description": "Alias for the metric. Alias will be used to replace metric name in query results." }, "name": { "type": "string", "description": "Metric name." }, "operator": { "type": "string", "description": "One of `+`, `-`, `/`, `%`, `*`." }, "value": { "type": "string", "description": "Operand value should be provided when operator is set." } }, "type": "object", "required": [ "name" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1SecurityReportResultMetadataResponse": { "description": "Contains informations about the security report results.", "properties": { "expires": { "type": "string", "description": "Expire_time is set to 7 days after report creation. Query result will be unaccessable after this time. Example: \"2021-05-04T13:38:52-07:00\"" }, "self": { "type": "string", "description": "Self link of the query results. Example: `/organizations/myorg/environments/myenv/securityReports/9cfc0d85-0f30-46d6-ae6f-318d0cb961bd/result` or following format if query is running at host level: `/organizations/myorg/hostSecurityReports/9cfc0d85-0f30-46d6-ae6f-318d0cb961bd/result`" } }, "type": "object", "required": [ "expires", "self" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1TlsInfo": { "description": "TLS configuration information for virtual hosts and TargetServers.", "properties": { "ciphers": { "type": "array", "items": { "type": "string" }, "description": "The SSL/TLS cipher suites to be used. For programmable proxies, it must be one of the cipher suite names listed in: http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#ciphersuites. For configurable proxies, it must follow the configuration specified in: https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration. This setting has no effect for configurable proxies when negotiating TLS 1.3." }, "clientAuthEnabled": { "type": "boolean", "description": "Optional. Enables two-way TLS." }, "commonName": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1TlsInfoCommonName", "description": "The TLS Common Name of the certificate." }, "enabled": { "type": "boolean", "description": "Enables TLS. If false, neither one-way nor two-way TLS will be enabled." }, "ignoreValidationErrors": { "type": "boolean", "description": "If true, Edge ignores TLS certificate errors. Valid when configuring TLS for target servers and target endpoints, and when configuring virtual hosts that use 2-way TLS. When used with a target endpoint/target server, if the backend system uses SNI and returns a cert with a subject Distinguished Name (DN) that does not match the hostname, there is no way to ignore the error and the connection fails." }, "keyAlias": { "type": "string", "description": "Required if `client_auth_enabled` is true. The resource ID for the alias containing the private key and cert." }, "keyStore": { "type": "string", "description": "Required if `client_auth_enabled` is true. The resource ID of the keystore." }, "protocols": { "type": "array", "items": { "type": "string" }, "description": "The TLS versioins to be used." }, "trustStore": { "type": "string", "description": "The resource ID of the truststore." } }, "type": "object", "required": [ "enabled" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1TlsInfoCommonName": { "properties": { "value": { "type": "string", "description": "The TLS Common Name string of the certificate." }, "wildcardMatch": { "type": "boolean", "description": "Indicates whether the cert should be matched against as a wildcard cert." } }, "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1TlsInfoCommonNameResponse": { "properties": { "value": { "type": "string", "description": "The TLS Common Name string of the certificate." }, "wildcardMatch": { "type": "boolean", "description": "Indicates whether the cert should be matched against as a wildcard cert." } }, "type": "object", "required": [ "value", "wildcardMatch" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1TlsInfoResponse": { "description": "TLS configuration information for virtual hosts and TargetServers.", "properties": { "ciphers": { "type": "array", "items": { "type": "string" }, "description": "The SSL/TLS cipher suites to be used. For programmable proxies, it must be one of the cipher suite names listed in: http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#ciphersuites. For configurable proxies, it must follow the configuration specified in: https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration. This setting has no effect for configurable proxies when negotiating TLS 1.3." }, "clientAuthEnabled": { "type": "boolean", "description": "Optional. Enables two-way TLS." }, "commonName": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1TlsInfoCommonNameResponse", "description": "The TLS Common Name of the certificate." }, "enabled": { "type": "boolean", "description": "Enables TLS. If false, neither one-way nor two-way TLS will be enabled." }, "ignoreValidationErrors": { "type": "boolean", "description": "If true, Edge ignores TLS certificate errors. Valid when configuring TLS for target servers and target endpoints, and when configuring virtual hosts that use 2-way TLS. When used with a target endpoint/target server, if the backend system uses SNI and returns a cert with a subject Distinguished Name (DN) that does not match the hostname, there is no way to ignore the error and the connection fails." }, "keyAlias": { "type": "string", "description": "Required if `client_auth_enabled` is true. The resource ID for the alias containing the private key and cert." }, "keyStore": { "type": "string", "description": "Required if `client_auth_enabled` is true. The resource ID of the keystore." }, "protocols": { "type": "array", "items": { "type": "string" }, "description": "The TLS versioins to be used." }, "trustStore": { "type": "string", "description": "The resource ID of the truststore." } }, "type": "object", "required": [ "ciphers", "clientAuthEnabled", "commonName", "enabled", "ignoreValidationErrors", "keyAlias", "keyStore", "protocols", "trustStore" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1TraceSamplingConfig": { "description": "TraceSamplingConfig represents the detail settings of distributed tracing. Only the fields that are defined in the distributed trace configuration can be overridden using the distribute trace configuration override APIs.", "properties": { "sampler": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleCloudApigeeV1TraceSamplingConfigSampler", "description": "Sampler of distributed tracing. OFF is the default value." }, "samplingRate": { "type": "number", "description": "Field sampling rate. This value is only applicable when using the PROBABILITY sampler. The supported values are > 0 and <= 0.5." } }, "type": "object" }, "google-native:apigee/v1:GoogleCloudApigeeV1TraceSamplingConfigResponse": { "description": "TraceSamplingConfig represents the detail settings of distributed tracing. Only the fields that are defined in the distributed trace configuration can be overridden using the distribute trace configuration override APIs.", "properties": { "sampler": { "type": "string", "description": "Sampler of distributed tracing. OFF is the default value." }, "samplingRate": { "type": "number", "description": "Field sampling rate. This value is only applicable when using the PROBABILITY sampler. The supported values are > 0 and <= 0.5." } }, "type": "object", "required": [ "sampler", "samplingRate" ] }, "google-native:apigee/v1:GoogleCloudApigeeV1TraceSamplingConfigSampler": { "description": "Sampler of distributed tracing. OFF is the default value.", "type": "string", "enum": [ { "name": "SamplerUnspecified", "description": "Sampler unspecified.", "value": "SAMPLER_UNSPECIFIED" }, { "name": "Off", "description": "OFF means distributed trace is disabled, or the sampling probability is 0.", "value": "OFF" }, { "name": "Probability", "description": "PROBABILITY means traces are captured on a probability that defined by sampling_rate. The sampling rate is limited to 0 to 0.5 when this is set.", "value": "PROBABILITY" } ] }, "google-native:apigee/v1:GoogleIamV1AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleIamV1AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:apigee/v1:GoogleIamV1AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleIamV1AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:apigee/v1:GoogleIamV1AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleIamV1AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:apigee/v1:GoogleIamV1AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:apigee/v1:GoogleIamV1AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:apigee/v1:GoogleIamV1Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleTypeExpr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:apigee/v1:GoogleIamV1BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:apigee%2Fv1:GoogleTypeExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:apigee/v1:GoogleTypeExpr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:apigee/v1:GoogleTypeExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:apigee/v1:GoogleTypeMoney": { "description": "Represents an amount of money with its currency type.", "properties": { "currencyCode": { "type": "string", "description": "The three-letter currency code defined in ISO 4217." }, "nanos": { "type": "integer", "description": "Number of nano (10^-9) units of the amount. The value must be between -999,999,999 and +999,999,999 inclusive. If `units` is positive, `nanos` must be positive or zero. If `units` is zero, `nanos` can be positive, zero, or negative. If `units` is negative, `nanos` must be negative or zero. For example $-1.75 is represented as `units`=-1 and `nanos`=-750,000,000." }, "units": { "type": "string", "description": "The whole units of the amount. For example if `currencyCode` is `\"USD\"`, then 1 unit is one US dollar." } }, "type": "object" }, "google-native:apigee/v1:GoogleTypeMoneyResponse": { "description": "Represents an amount of money with its currency type.", "properties": { "currencyCode": { "type": "string", "description": "The three-letter currency code defined in ISO 4217." }, "nanos": { "type": "integer", "description": "Number of nano (10^-9) units of the amount. The value must be between -999,999,999 and +999,999,999 inclusive. If `units` is positive, `nanos` must be positive or zero. If `units` is zero, `nanos` can be positive, zero, or negative. If `units` is negative, `nanos` must be negative or zero. For example $-1.75 is represented as `units`=-1 and `nanos`=-750,000,000." }, "units": { "type": "string", "description": "The whole units of the amount. For example if `currencyCode` is `\"USD\"`, then 1 unit is one US dollar." } }, "type": "object", "required": [ "currencyCode", "nanos", "units" ] }, "google-native:apigee/v1:InstancePeeringCidrRange": { "description": "Optional. Size of the CIDR block range that will be reserved by the instance. PAID organizations support `SLASH_16` to `SLASH_20` and defaults to `SLASH_16`. Evaluation organizations support only `SLASH_23`.", "type": "string", "enum": [ { "name": "CidrRangeUnspecified", "description": "Range not specified.", "value": "CIDR_RANGE_UNSPECIFIED" }, { "name": "Slash16", "description": "`/16` CIDR range.", "value": "SLASH_16" }, { "name": "Slash17", "description": "`/17` CIDR range.", "value": "SLASH_17" }, { "name": "Slash18", "description": "`/18` CIDR range.", "value": "SLASH_18" }, { "name": "Slash19", "description": "`/19` CIDR range.", "value": "SLASH_19" }, { "name": "Slash20", "description": "`/20` CIDR range.", "value": "SLASH_20" }, { "name": "Slash22", "description": "`/22` CIDR range. Supported for evaluation only.", "value": "SLASH_22" }, { "name": "Slash23", "description": "`/23` CIDR range. Supported for evaluation only.", "value": "SLASH_23" } ] }, "google-native:apigee/v1:OrganizationBillingType": { "description": "Billing type of the Apigee organization. See [Apigee pricing](https://cloud.google.com/apigee/pricing).", "type": "string", "enum": [ { "name": "BillingTypeUnspecified", "description": "Billing type not specified.", "value": "BILLING_TYPE_UNSPECIFIED" }, { "name": "Subscription", "description": "A pre-paid subscription to Apigee.", "value": "SUBSCRIPTION" }, { "name": "Evaluation", "description": "Free and limited access to Apigee for evaluation purposes only.", "value": "EVALUATION" }, { "name": "Payg", "description": "Access to Apigee using a Pay-As-You-Go plan.", "value": "PAYG" } ] }, "google-native:apigee/v1:OrganizationRuntimeType": { "description": "Required. Runtime type of the Apigee organization based on the Apigee subscription purchased.", "type": "string", "enum": [ { "name": "RuntimeTypeUnspecified", "description": "Runtime type not specified.", "value": "RUNTIME_TYPE_UNSPECIFIED" }, { "name": "Cloud", "description": "Google-managed Apigee runtime.", "value": "CLOUD" }, { "name": "Hybrid", "description": "User-managed Apigee hybrid runtime.", "value": "HYBRID" } ] }, "google-native:apigee/v1:OrganizationType": { "description": "Not used by Apigee.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Subscription type not specified.", "value": "TYPE_UNSPECIFIED" }, { "name": "TypeTrial", "description": "Subscription to Apigee is free, limited, and used for evaluation purposes only.", "value": "TYPE_TRIAL" }, { "name": "TypePaid", "description": "Full subscription to Apigee has been purchased. See [Apigee pricing](https://cloud.google.com/apigee/pricing/).", "value": "TYPE_PAID" }, { "name": "TypeInternal", "description": "For internal users only.", "value": "TYPE_INTERNAL" } ] }, "google-native:apigee/v1:RatePlanBillingPeriod": { "description": "Frequency at which the customer will be billed.", "type": "string", "enum": [ { "name": "BillingPeriodUnspecified", "description": "Billing period not specified.", "value": "BILLING_PERIOD_UNSPECIFIED" }, { "name": "Weekly", "description": "Weekly billing period. **Note**: Not supported by Apigee at this time.", "value": "WEEKLY" }, { "name": "Monthly", "description": "Monthly billing period.", "value": "MONTHLY" } ] }, "google-native:apigee/v1:RatePlanConsumptionPricingType": { "description": "Pricing model used for consumption-based charges.", "type": "string", "enum": [ { "name": "ConsumptionPricingTypeUnspecified", "description": "Pricing model not specified. This is the default.", "value": "CONSUMPTION_PRICING_TYPE_UNSPECIFIED" }, { "name": "FixedPerUnit", "description": "Fixed rate charged for each API call.", "value": "FIXED_PER_UNIT" }, { "name": "Banded", "description": "Variable rate charged for each API call based on price tiers. Example: * 1-100 calls cost $2 per call * 101-200 calls cost $1.50 per call * 201-300 calls cost $1 per call * Total price for 50 calls: 50 x $2 = $100 * Total price for 150 calls: 100 x $2 + 50 x $1.5 = $275 * Total price for 250 calls: 100 x $2 + 100 x $1.5 + 50 x $1 = $400. **Note**: Not supported by Apigee at this time.", "value": "BANDED" }, { "name": "Tiered", "description": "**Note**: Not supported by Apigee at this time.", "value": "TIERED" }, { "name": "Stairstep", "description": "**Note**: Not supported by Apigee at this time.", "value": "STAIRSTEP" } ] }, "google-native:apigee/v1:RatePlanPaymentFundingModel": { "description": "DEPRECATED: This field is no longer supported and will eventually be removed when Apigee Hybrid 1.5/1.6 is no longer supported. Instead, use the `billingType` field inside `DeveloperMonetizationConfig` resource. Flag that specifies the billing account type, prepaid or postpaid.", "type": "string", "enum": [ { "name": "PaymentFundingModelUnspecified", "description": "Billing account type not specified.", "value": "PAYMENT_FUNDING_MODEL_UNSPECIFIED" }, { "name": "Prepaid", "description": "Prepaid billing account type. Developer pays in advance for the use of your API products. Funds are deducted from their prepaid account balance. **Note**: Not supported by Apigee at this time.", "value": "PREPAID" }, { "name": "Postpaid", "description": "Postpaid billing account type. Developer is billed through an invoice after using your API products.", "value": "POSTPAID" } ] }, "google-native:apigee/v1:RatePlanRevenueShareType": { "description": "Method used to calculate the revenue that is shared with developers.", "type": "string", "enum": [ { "name": "RevenueShareTypeUnspecified", "description": "Revenue share type is not specified.", "value": "REVENUE_SHARE_TYPE_UNSPECIFIED" }, { "name": "Fixed", "description": "Fixed percentage of the total revenue will be shared. The percentage to be shared can be configured by the API provider.", "value": "FIXED" }, { "name": "VolumeBanded", "description": "Amount of revenue shared depends on the number of API calls. The API call volume ranges and the revenue share percentage for each volume can be configured by the API provider. **Note**: Not supported by Apigee at this time.", "value": "VOLUME_BANDED" } ] }, "google-native:apigee/v1:RatePlanState": { "description": "Current state of the rate plan (draft or published).", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "State of the rate plan is not specified.", "value": "STATE_UNSPECIFIED" }, { "name": "Draft", "description": "Rate plan is in draft mode and only visible to API providers.", "value": "DRAFT" }, { "name": "Published", "description": "Rate plan is published and will become visible to developers for the configured duration (between `startTime` and `endTime`).", "value": "PUBLISHED" } ] }, "google-native:apigee/v1:SecurityActionState": { "description": "Required. Only an ENABLED SecurityAction is enforced. An ENABLED SecurityAction past its expiration time will not be enforced.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "The default value. This only exists for forward compatibility. A create request with this value will be rejected.", "value": "STATE_UNSPECIFIED" }, { "name": "Enabled", "description": "An ENABLED SecurityAction is actively enforced if the `expiration_time` is in the future.", "value": "ENABLED" }, { "name": "Disabled", "description": "A disabled SecurityAction is never enforced.", "value": "DISABLED" } ] }, "google-native:apigee/v1:TargetServerProtocol": { "description": "Immutable. The protocol used by this TargetServer.", "type": "string", "enum": [ { "name": "ProtocolUnspecified", "description": "UNSPECIFIED defaults to HTTP for backwards compatibility.", "value": "PROTOCOL_UNSPECIFIED" }, { "name": "Http", "description": "The TargetServer uses HTTP.", "value": "HTTP" }, { "name": "Http2", "description": "The TargetSever uses HTTP2.", "value": "HTTP2" }, { "name": "GrpcTarget", "description": "The TargetServer uses GRPC.", "value": "GRPC_TARGET" }, { "name": "Grpc", "description": "GRPC TargetServer to be used in ExternalCallout Policy. Prefer to use EXTERNAL_CALLOUT instead. TODO(b/266125112) deprecate once EXTERNAL _CALLOUT generally available.", "value": "GRPC" }, { "name": "ExternalCallout", "description": "The TargetServer is to be used in the ExternalCallout Policy", "value": "EXTERNAL_CALLOUT" } ] }, "google-native:apigeeregistry/v1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:apigeeregistry%2Fv1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:apigeeregistry/v1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:apigeeregistry%2Fv1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:apigeeregistry/v1:BuildResponse": { "description": "Build information of the Instance if it's in `ACTIVE` state.", "properties": { "commitId": { "type": "string", "description": "Commit ID of the latest commit in the build." }, "commitTime": { "type": "string", "description": "Commit time of the latest commit in the build." }, "repo": { "type": "string", "description": "Path of the open source repository: github.com/apigee/registry." } }, "type": "object", "required": [ "commitId", "commitTime", "repo" ] }, "google-native:apigeeregistry/v1:Config": { "description": "Available configurations to provision an Instance.", "properties": { "cmekKeyName": { "type": "string", "description": "The Customer Managed Encryption Key (CMEK) used for data encryption. The CMEK name should follow the format of `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)`, where the `location` must match InstanceConfig.location." } }, "type": "object", "required": [ "cmekKeyName" ] }, "google-native:apigeeregistry/v1:ConfigResponse": { "description": "Available configurations to provision an Instance.", "properties": { "cmekKeyName": { "type": "string", "description": "The Customer Managed Encryption Key (CMEK) used for data encryption. The CMEK name should follow the format of `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)`, where the `location` must match InstanceConfig.location." }, "location": { "type": "string", "description": "The GCP location where the Instance resides." } }, "type": "object", "required": [ "cmekKeyName", "location" ] }, "google-native:apigeeregistry/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:apigeeregistry/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:apikeys/v2:V2AndroidApplication": { "description": "Identifier of an Android application for key use.", "properties": { "packageName": { "type": "string", "description": "The package name of the application." }, "sha1Fingerprint": { "type": "string", "description": "The SHA1 fingerprint of the application. For example, both sha1 formats are acceptable : DA:39:A3:EE:5E:6B:4B:0D:32:55:BF:EF:95:60:18:90:AF:D8:07:09 or DA39A3EE5E6B4B0D3255BFEF95601890AFD80709. Output format is the latter." } }, "type": "object" }, "google-native:apikeys/v2:V2AndroidApplicationResponse": { "description": "Identifier of an Android application for key use.", "properties": { "packageName": { "type": "string", "description": "The package name of the application." }, "sha1Fingerprint": { "type": "string", "description": "The SHA1 fingerprint of the application. For example, both sha1 formats are acceptable : DA:39:A3:EE:5E:6B:4B:0D:32:55:BF:EF:95:60:18:90:AF:D8:07:09 or DA39A3EE5E6B4B0D3255BFEF95601890AFD80709. Output format is the latter." } }, "type": "object", "required": [ "packageName", "sha1Fingerprint" ] }, "google-native:apikeys/v2:V2AndroidKeyRestrictions": { "description": "The Android apps that are allowed to use the key.", "properties": { "allowedApplications": { "type": "array", "items": { "$ref": "#/types/google-native:apikeys%2Fv2:V2AndroidApplication" }, "description": "A list of Android applications that are allowed to make API calls with this key." } }, "type": "object" }, "google-native:apikeys/v2:V2AndroidKeyRestrictionsResponse": { "description": "The Android apps that are allowed to use the key.", "properties": { "allowedApplications": { "type": "array", "items": { "$ref": "#/types/google-native:apikeys%2Fv2:V2AndroidApplicationResponse" }, "description": "A list of Android applications that are allowed to make API calls with this key." } }, "type": "object", "required": [ "allowedApplications" ] }, "google-native:apikeys/v2:V2ApiTarget": { "description": "A restriction for a specific service and optionally one or multiple specific methods. Both fields are case insensitive.", "properties": { "methods": { "type": "array", "items": { "type": "string" }, "description": "Optional. List of one or more methods that can be called. If empty, all methods for the service are allowed. A wildcard (*) can be used as the last symbol. Valid examples: `google.cloud.translate.v2.TranslateService.GetSupportedLanguage` `TranslateText` `Get*` `translate.googleapis.com.Get*`" }, "service": { "type": "string", "description": "The service for this restriction. It should be the canonical service name, for example: `translate.googleapis.com`. You can use [`gcloud services list`](/sdk/gcloud/reference/services/list) to get a list of services that are enabled in the project." } }, "type": "object" }, "google-native:apikeys/v2:V2ApiTargetResponse": { "description": "A restriction for a specific service and optionally one or multiple specific methods. Both fields are case insensitive.", "properties": { "methods": { "type": "array", "items": { "type": "string" }, "description": "Optional. List of one or more methods that can be called. If empty, all methods for the service are allowed. A wildcard (*) can be used as the last symbol. Valid examples: `google.cloud.translate.v2.TranslateService.GetSupportedLanguage` `TranslateText` `Get*` `translate.googleapis.com.Get*`" }, "service": { "type": "string", "description": "The service for this restriction. It should be the canonical service name, for example: `translate.googleapis.com`. You can use [`gcloud services list`](/sdk/gcloud/reference/services/list) to get a list of services that are enabled in the project." } }, "type": "object", "required": [ "methods", "service" ] }, "google-native:apikeys/v2:V2BrowserKeyRestrictions": { "description": "The HTTP referrers (websites) that are allowed to use the key.", "properties": { "allowedReferrers": { "type": "array", "items": { "type": "string" }, "description": "A list of regular expressions for the referrer URLs that are allowed to make API calls with this key." } }, "type": "object" }, "google-native:apikeys/v2:V2BrowserKeyRestrictionsResponse": { "description": "The HTTP referrers (websites) that are allowed to use the key.", "properties": { "allowedReferrers": { "type": "array", "items": { "type": "string" }, "description": "A list of regular expressions for the referrer URLs that are allowed to make API calls with this key." } }, "type": "object", "required": [ "allowedReferrers" ] }, "google-native:apikeys/v2:V2IosKeyRestrictions": { "description": "The iOS apps that are allowed to use the key.", "properties": { "allowedBundleIds": { "type": "array", "items": { "type": "string" }, "description": "A list of bundle IDs that are allowed when making API calls with this key." } }, "type": "object" }, "google-native:apikeys/v2:V2IosKeyRestrictionsResponse": { "description": "The iOS apps that are allowed to use the key.", "properties": { "allowedBundleIds": { "type": "array", "items": { "type": "string" }, "description": "A list of bundle IDs that are allowed when making API calls with this key." } }, "type": "object", "required": [ "allowedBundleIds" ] }, "google-native:apikeys/v2:V2Restrictions": { "description": "Describes the restrictions on the key.", "properties": { "androidKeyRestrictions": { "$ref": "#/types/google-native:apikeys%2Fv2:V2AndroidKeyRestrictions", "description": "The Android apps that are allowed to use the key." }, "apiTargets": { "type": "array", "items": { "$ref": "#/types/google-native:apikeys%2Fv2:V2ApiTarget" }, "description": "A restriction for a specific service and optionally one or more specific methods. Requests are allowed if they match any of these restrictions. If no restrictions are specified, all targets are allowed." }, "browserKeyRestrictions": { "$ref": "#/types/google-native:apikeys%2Fv2:V2BrowserKeyRestrictions", "description": "The HTTP referrers (websites) that are allowed to use the key." }, "iosKeyRestrictions": { "$ref": "#/types/google-native:apikeys%2Fv2:V2IosKeyRestrictions", "description": "The iOS apps that are allowed to use the key." }, "serverKeyRestrictions": { "$ref": "#/types/google-native:apikeys%2Fv2:V2ServerKeyRestrictions", "description": "The IP addresses of callers that are allowed to use the key." } }, "type": "object" }, "google-native:apikeys/v2:V2RestrictionsResponse": { "description": "Describes the restrictions on the key.", "properties": { "androidKeyRestrictions": { "$ref": "#/types/google-native:apikeys%2Fv2:V2AndroidKeyRestrictionsResponse", "description": "The Android apps that are allowed to use the key." }, "apiTargets": { "type": "array", "items": { "$ref": "#/types/google-native:apikeys%2Fv2:V2ApiTargetResponse" }, "description": "A restriction for a specific service and optionally one or more specific methods. Requests are allowed if they match any of these restrictions. If no restrictions are specified, all targets are allowed." }, "browserKeyRestrictions": { "$ref": "#/types/google-native:apikeys%2Fv2:V2BrowserKeyRestrictionsResponse", "description": "The HTTP referrers (websites) that are allowed to use the key." }, "iosKeyRestrictions": { "$ref": "#/types/google-native:apikeys%2Fv2:V2IosKeyRestrictionsResponse", "description": "The iOS apps that are allowed to use the key." }, "serverKeyRestrictions": { "$ref": "#/types/google-native:apikeys%2Fv2:V2ServerKeyRestrictionsResponse", "description": "The IP addresses of callers that are allowed to use the key." } }, "type": "object", "required": [ "androidKeyRestrictions", "apiTargets", "browserKeyRestrictions", "iosKeyRestrictions", "serverKeyRestrictions" ] }, "google-native:apikeys/v2:V2ServerKeyRestrictions": { "description": "The IP addresses of callers that are allowed to use the key.", "properties": { "allowedIps": { "type": "array", "items": { "type": "string" }, "description": "A list of the caller IP addresses that are allowed to make API calls with this key." } }, "type": "object" }, "google-native:apikeys/v2:V2ServerKeyRestrictionsResponse": { "description": "The IP addresses of callers that are allowed to use the key.", "properties": { "allowedIps": { "type": "array", "items": { "type": "string" }, "description": "A list of the caller IP addresses that are allowed to make API calls with this key." } }, "type": "object", "required": [ "allowedIps" ] }, "google-native:appengine/v1:ApiConfigHandler": { "description": "Google Cloud Endpoints (https://cloud.google.com/endpoints) configuration for API handlers.", "properties": { "authFailAction": { "$ref": "#/types/google-native:appengine%2Fv1:ApiConfigHandlerAuthFailAction", "description": "Action to take when users access resources that require authentication. Defaults to redirect." }, "login": { "$ref": "#/types/google-native:appengine%2Fv1:ApiConfigHandlerLogin", "description": "Level of login required to access this resource. Defaults to optional." }, "script": { "type": "string", "description": "Path to the script from the application root directory." }, "securityLevel": { "$ref": "#/types/google-native:appengine%2Fv1:ApiConfigHandlerSecurityLevel", "description": "Security (HTTPS) enforcement for this URL." }, "url": { "type": "string", "description": "URL to serve the endpoint at." } }, "type": "object" }, "google-native:appengine/v1:ApiConfigHandlerAuthFailAction": { "description": "Action to take when users access resources that require authentication. Defaults to redirect.", "type": "string", "enum": [ { "name": "AuthFailActionUnspecified", "description": "Not specified. AUTH_FAIL_ACTION_REDIRECT is assumed.", "value": "AUTH_FAIL_ACTION_UNSPECIFIED" }, { "name": "AuthFailActionRedirect", "description": "Redirects user to \"accounts.google.com\". The user is redirected back to the application URL after signing in or creating an account.", "value": "AUTH_FAIL_ACTION_REDIRECT" }, { "name": "AuthFailActionUnauthorized", "description": "Rejects request with a 401 HTTP status code and an error message.", "value": "AUTH_FAIL_ACTION_UNAUTHORIZED" } ] }, "google-native:appengine/v1:ApiConfigHandlerLogin": { "description": "Level of login required to access this resource. Defaults to optional.", "type": "string", "enum": [ { "name": "LoginUnspecified", "description": "Not specified. LOGIN_OPTIONAL is assumed.", "value": "LOGIN_UNSPECIFIED" }, { "name": "LoginOptional", "description": "Does not require that the user is signed in.", "value": "LOGIN_OPTIONAL" }, { "name": "LoginAdmin", "description": "If the user is not signed in, the auth_fail_action is taken. In addition, if the user is not an administrator for the application, they are given an error message regardless of auth_fail_action. If the user is an administrator, the handler proceeds.", "value": "LOGIN_ADMIN" }, { "name": "LoginRequired", "description": "If the user has signed in, the handler proceeds normally. Otherwise, the auth_fail_action is taken.", "value": "LOGIN_REQUIRED" } ] }, "google-native:appengine/v1:ApiConfigHandlerResponse": { "description": "Google Cloud Endpoints (https://cloud.google.com/endpoints) configuration for API handlers.", "properties": { "authFailAction": { "type": "string", "description": "Action to take when users access resources that require authentication. Defaults to redirect." }, "login": { "type": "string", "description": "Level of login required to access this resource. Defaults to optional." }, "script": { "type": "string", "description": "Path to the script from the application root directory." }, "securityLevel": { "type": "string", "description": "Security (HTTPS) enforcement for this URL." }, "url": { "type": "string", "description": "URL to serve the endpoint at." } }, "type": "object", "required": [ "authFailAction", "login", "script", "securityLevel", "url" ] }, "google-native:appengine/v1:ApiConfigHandlerSecurityLevel": { "description": "Security (HTTPS) enforcement for this URL.", "type": "string", "enum": [ { "name": "SecureUnspecified", "description": "Not specified.", "value": "SECURE_UNSPECIFIED" }, { "name": "SecureDefault", "description": "Both HTTP and HTTPS requests with URLs that match the handler succeed without redirects. The application can examine the request to determine which protocol was used, and respond accordingly.", "value": "SECURE_DEFAULT" }, { "name": "SecureNever", "description": "Requests for a URL that match this handler that use HTTPS are automatically redirected to the HTTP equivalent URL.", "value": "SECURE_NEVER" }, { "name": "SecureOptional", "description": "Both HTTP and HTTPS requests with URLs that match the handler succeed without redirects. The application can examine the request to determine which protocol was used and respond accordingly.", "value": "SECURE_OPTIONAL" }, { "name": "SecureAlways", "description": "Requests for a URL that match this handler that do not use HTTPS are automatically redirected to the HTTPS URL with the same path. Query parameters are reserved for the redirect.", "value": "SECURE_ALWAYS" } ] }, "google-native:appengine/v1:ApiEndpointHandler": { "description": "Uses Google Cloud Endpoints to handle requests.", "properties": { "scriptPath": { "type": "string", "description": "Path to the script from the application root directory." } }, "type": "object" }, "google-native:appengine/v1:ApiEndpointHandlerResponse": { "description": "Uses Google Cloud Endpoints to handle requests.", "properties": { "scriptPath": { "type": "string", "description": "Path to the script from the application root directory." } }, "type": "object", "required": [ "scriptPath" ] }, "google-native:appengine/v1:AppDatabaseType": { "description": "The type of the Cloud Firestore or Cloud Datastore database associated with this application.", "type": "string", "enum": [ { "name": "DatabaseTypeUnspecified", "description": "Database type is unspecified.", "value": "DATABASE_TYPE_UNSPECIFIED" }, { "name": "CloudDatastore", "description": "Cloud Datastore", "value": "CLOUD_DATASTORE" }, { "name": "CloudFirestore", "description": "Cloud Firestore Native", "value": "CLOUD_FIRESTORE" }, { "name": "CloudDatastoreCompatibility", "description": "Cloud Firestore in Datastore Mode", "value": "CLOUD_DATASTORE_COMPATIBILITY" } ] }, "google-native:appengine/v1:AppServingStatus": { "description": "Serving status of this application.", "type": "string", "enum": [ { "name": "Unspecified", "description": "Serving status is unspecified.", "value": "UNSPECIFIED" }, { "name": "Serving", "description": "Application is serving.", "value": "SERVING" }, { "name": "UserDisabled", "description": "Application has been disabled by the user.", "value": "USER_DISABLED" }, { "name": "SystemDisabled", "description": "Application has been disabled by the system.", "value": "SYSTEM_DISABLED" } ] }, "google-native:appengine/v1:AutomaticScaling": { "description": "Automatic scaling is based on request rate, response latencies, and other application metrics.", "properties": { "coolDownPeriod": { "type": "string", "description": "The time period that the Autoscaler (https://cloud.google.com/compute/docs/autoscaler/) should wait before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. Only applicable in the App Engine flexible environment." }, "cpuUtilization": { "$ref": "#/types/google-native:appengine%2Fv1:CpuUtilization", "description": "Target scaling by CPU usage." }, "diskUtilization": { "$ref": "#/types/google-native:appengine%2Fv1:DiskUtilization", "description": "Target scaling by disk usage." }, "maxConcurrentRequests": { "type": "integer", "description": "Number of concurrent requests an automatic scaling instance can accept before the scheduler spawns a new instance.Defaults to a runtime-specific value." }, "maxIdleInstances": { "type": "integer", "description": "Maximum number of idle instances that should be maintained for this version." }, "maxPendingLatency": { "type": "string", "description": "Maximum amount of time that a request should wait in the pending queue before starting a new instance to handle it." }, "maxTotalInstances": { "type": "integer", "description": "Maximum number of instances that should be started to handle requests for this version." }, "minIdleInstances": { "type": "integer", "description": "Minimum number of idle instances that should be maintained for this version. Only applicable for the default version of a service." }, "minPendingLatency": { "type": "string", "description": "Minimum amount of time a request should wait in the pending queue before starting a new instance to handle it." }, "minTotalInstances": { "type": "integer", "description": "Minimum number of running instances that should be maintained for this version." }, "networkUtilization": { "$ref": "#/types/google-native:appengine%2Fv1:NetworkUtilization", "description": "Target scaling by network usage." }, "requestUtilization": { "$ref": "#/types/google-native:appengine%2Fv1:RequestUtilization", "description": "Target scaling by request utilization." }, "standardSchedulerSettings": { "$ref": "#/types/google-native:appengine%2Fv1:StandardSchedulerSettings", "description": "Scheduler settings for standard environment." } }, "type": "object" }, "google-native:appengine/v1:AutomaticScalingResponse": { "description": "Automatic scaling is based on request rate, response latencies, and other application metrics.", "properties": { "coolDownPeriod": { "type": "string", "description": "The time period that the Autoscaler (https://cloud.google.com/compute/docs/autoscaler/) should wait before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. Only applicable in the App Engine flexible environment." }, "cpuUtilization": { "$ref": "#/types/google-native:appengine%2Fv1:CpuUtilizationResponse", "description": "Target scaling by CPU usage." }, "diskUtilization": { "$ref": "#/types/google-native:appengine%2Fv1:DiskUtilizationResponse", "description": "Target scaling by disk usage." }, "maxConcurrentRequests": { "type": "integer", "description": "Number of concurrent requests an automatic scaling instance can accept before the scheduler spawns a new instance.Defaults to a runtime-specific value." }, "maxIdleInstances": { "type": "integer", "description": "Maximum number of idle instances that should be maintained for this version." }, "maxPendingLatency": { "type": "string", "description": "Maximum amount of time that a request should wait in the pending queue before starting a new instance to handle it." }, "maxTotalInstances": { "type": "integer", "description": "Maximum number of instances that should be started to handle requests for this version." }, "minIdleInstances": { "type": "integer", "description": "Minimum number of idle instances that should be maintained for this version. Only applicable for the default version of a service." }, "minPendingLatency": { "type": "string", "description": "Minimum amount of time a request should wait in the pending queue before starting a new instance to handle it." }, "minTotalInstances": { "type": "integer", "description": "Minimum number of running instances that should be maintained for this version." }, "networkUtilization": { "$ref": "#/types/google-native:appengine%2Fv1:NetworkUtilizationResponse", "description": "Target scaling by network usage." }, "requestUtilization": { "$ref": "#/types/google-native:appengine%2Fv1:RequestUtilizationResponse", "description": "Target scaling by request utilization." }, "standardSchedulerSettings": { "$ref": "#/types/google-native:appengine%2Fv1:StandardSchedulerSettingsResponse", "description": "Scheduler settings for standard environment." } }, "type": "object", "required": [ "coolDownPeriod", "cpuUtilization", "diskUtilization", "maxConcurrentRequests", "maxIdleInstances", "maxPendingLatency", "maxTotalInstances", "minIdleInstances", "minPendingLatency", "minTotalInstances", "networkUtilization", "requestUtilization", "standardSchedulerSettings" ] }, "google-native:appengine/v1:BasicScaling": { "description": "A service with basic scaling will create an instance when the application receives a request. The instance will be turned down when the app becomes idle. Basic scaling is ideal for work that is intermittent or driven by user activity.", "properties": { "idleTimeout": { "type": "string", "description": "Duration of time after the last request that an instance must wait before the instance is shut down." }, "maxInstances": { "type": "integer", "description": "Maximum number of instances to create for this version." } }, "type": "object" }, "google-native:appengine/v1:BasicScalingResponse": { "description": "A service with basic scaling will create an instance when the application receives a request. The instance will be turned down when the app becomes idle. Basic scaling is ideal for work that is intermittent or driven by user activity.", "properties": { "idleTimeout": { "type": "string", "description": "Duration of time after the last request that an instance must wait before the instance is shut down." }, "maxInstances": { "type": "integer", "description": "Maximum number of instances to create for this version." } }, "type": "object", "required": [ "idleTimeout", "maxInstances" ] }, "google-native:appengine/v1:CertificateRawData": { "description": "An SSL certificate obtained from a certificate authority.", "properties": { "privateKey": { "type": "string", "description": "Unencrypted PEM encoded RSA private key. This field is set once on certificate creation and then encrypted. The key size must be 2048 bits or fewer. Must include the header and footer. Example: -----BEGIN RSA PRIVATE KEY----- -----END RSA PRIVATE KEY----- @InputOnly" }, "publicCertificate": { "type": "string", "description": "PEM encoded x.509 public key certificate. This field is set once on certificate creation. Must include the header and footer. Example: -----BEGIN CERTIFICATE----- -----END CERTIFICATE----- " } }, "type": "object" }, "google-native:appengine/v1:CertificateRawDataResponse": { "description": "An SSL certificate obtained from a certificate authority.", "properties": { "privateKey": { "type": "string", "description": "Unencrypted PEM encoded RSA private key. This field is set once on certificate creation and then encrypted. The key size must be 2048 bits or fewer. Must include the header and footer. Example: -----BEGIN RSA PRIVATE KEY----- -----END RSA PRIVATE KEY----- @InputOnly" }, "publicCertificate": { "type": "string", "description": "PEM encoded x.509 public key certificate. This field is set once on certificate creation. Must include the header and footer. Example: -----BEGIN CERTIFICATE----- -----END CERTIFICATE----- " } }, "type": "object", "required": [ "privateKey", "publicCertificate" ] }, "google-native:appengine/v1:CloudBuildOptions": { "description": "Options for the build operations performed as a part of the version deployment. Only applicable for App Engine flexible environment when creating a version using source code directly.", "properties": { "appYamlPath": { "type": "string", "description": "Path to the yaml file used in deployment, used to determine runtime configuration details.Required for flexible environment builds.See https://cloud.google.com/appengine/docs/standard/python/config/appref for more details." }, "cloudBuildTimeout": { "type": "string", "description": "The Cloud Build timeout used as part of any dependent builds performed by version creation. Defaults to 10 minutes." } }, "type": "object" }, "google-native:appengine/v1:CloudBuildOptionsResponse": { "description": "Options for the build operations performed as a part of the version deployment. Only applicable for App Engine flexible environment when creating a version using source code directly.", "properties": { "appYamlPath": { "type": "string", "description": "Path to the yaml file used in deployment, used to determine runtime configuration details.Required for flexible environment builds.See https://cloud.google.com/appengine/docs/standard/python/config/appref for more details." }, "cloudBuildTimeout": { "type": "string", "description": "The Cloud Build timeout used as part of any dependent builds performed by version creation. Defaults to 10 minutes." } }, "type": "object", "required": [ "appYamlPath", "cloudBuildTimeout" ] }, "google-native:appengine/v1:ContainerInfo": { "description": "Docker image that is used to create a container and start a VM instance for the version that you deploy. Only applicable for instances running in the App Engine flexible environment.", "properties": { "image": { "type": "string", "description": "URI to the hosted container image in Google Container Registry. The URI must be fully qualified and include a tag or digest. Examples: \"gcr.io/my-project/image:tag\" or \"gcr.io/my-project/image@digest\"" } }, "type": "object" }, "google-native:appengine/v1:ContainerInfoResponse": { "description": "Docker image that is used to create a container and start a VM instance for the version that you deploy. Only applicable for instances running in the App Engine flexible environment.", "properties": { "image": { "type": "string", "description": "URI to the hosted container image in Google Container Registry. The URI must be fully qualified and include a tag or digest. Examples: \"gcr.io/my-project/image:tag\" or \"gcr.io/my-project/image@digest\"" } }, "type": "object", "required": [ "image" ] }, "google-native:appengine/v1:CpuUtilization": { "description": "Target scaling by CPU usage.", "properties": { "aggregationWindowLength": { "type": "string", "description": "Period of time over which CPU utilization is calculated." }, "targetUtilization": { "type": "number", "description": "Target CPU utilization ratio to maintain when scaling. Must be between 0 and 1." } }, "type": "object" }, "google-native:appengine/v1:CpuUtilizationResponse": { "description": "Target scaling by CPU usage.", "properties": { "aggregationWindowLength": { "type": "string", "description": "Period of time over which CPU utilization is calculated." }, "targetUtilization": { "type": "number", "description": "Target CPU utilization ratio to maintain when scaling. Must be between 0 and 1." } }, "type": "object", "required": [ "aggregationWindowLength", "targetUtilization" ] }, "google-native:appengine/v1:Deployment": { "description": "Code and application artifacts used to deploy a version to App Engine.", "properties": { "cloudBuildOptions": { "$ref": "#/types/google-native:appengine%2Fv1:CloudBuildOptions", "description": "Options for any Google Cloud Build builds created as a part of this deployment.These options will only be used if a new build is created, such as when deploying to the App Engine flexible environment using files or zip." }, "container": { "$ref": "#/types/google-native:appengine%2Fv1:ContainerInfo", "description": "The Docker image for the container that runs the version. Only applicable for instances running in the App Engine flexible environment." }, "files": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Manifest of the files stored in Google Cloud Storage that are included as part of this version. All files must be readable using the credentials supplied with this call." }, "zip": { "$ref": "#/types/google-native:appengine%2Fv1:ZipInfo", "description": "The zip file for this deployment, if this is a zip deployment." } }, "type": "object" }, "google-native:appengine/v1:DeploymentResponse": { "description": "Code and application artifacts used to deploy a version to App Engine.", "properties": { "cloudBuildOptions": { "$ref": "#/types/google-native:appengine%2Fv1:CloudBuildOptionsResponse", "description": "Options for any Google Cloud Build builds created as a part of this deployment.These options will only be used if a new build is created, such as when deploying to the App Engine flexible environment using files or zip." }, "container": { "$ref": "#/types/google-native:appengine%2Fv1:ContainerInfoResponse", "description": "The Docker image for the container that runs the version. Only applicable for instances running in the App Engine flexible environment." }, "files": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Manifest of the files stored in Google Cloud Storage that are included as part of this version. All files must be readable using the credentials supplied with this call." }, "zip": { "$ref": "#/types/google-native:appengine%2Fv1:ZipInfoResponse", "description": "The zip file for this deployment, if this is a zip deployment." } }, "type": "object", "required": [ "cloudBuildOptions", "container", "files", "zip" ] }, "google-native:appengine/v1:DiskUtilization": { "description": "Target scaling by disk usage. Only applicable in the App Engine flexible environment.", "properties": { "targetReadBytesPerSecond": { "type": "integer", "description": "Target bytes read per second." }, "targetReadOpsPerSecond": { "type": "integer", "description": "Target ops read per seconds." }, "targetWriteBytesPerSecond": { "type": "integer", "description": "Target bytes written per second." }, "targetWriteOpsPerSecond": { "type": "integer", "description": "Target ops written per second." } }, "type": "object" }, "google-native:appengine/v1:DiskUtilizationResponse": { "description": "Target scaling by disk usage. Only applicable in the App Engine flexible environment.", "properties": { "targetReadBytesPerSecond": { "type": "integer", "description": "Target bytes read per second." }, "targetReadOpsPerSecond": { "type": "integer", "description": "Target ops read per seconds." }, "targetWriteBytesPerSecond": { "type": "integer", "description": "Target bytes written per second." }, "targetWriteOpsPerSecond": { "type": "integer", "description": "Target ops written per second." } }, "type": "object", "required": [ "targetReadBytesPerSecond", "targetReadOpsPerSecond", "targetWriteBytesPerSecond", "targetWriteOpsPerSecond" ] }, "google-native:appengine/v1:EndpointsApiService": { "description": "Google Cloud Endpoints (https://cloud.google.com/endpoints) configuration. The Endpoints API Service provides tooling for serving Open API and gRPC endpoints via an NGINX proxy. Only valid for App Engine Flexible environment deployments.The fields here refer to the name and configuration ID of a \"service\" resource in the Service Management API (https://cloud.google.com/service-management/overview).", "properties": { "configId": { "type": "string", "description": "Endpoints service configuration ID as specified by the Service Management API. For example \"2016-09-19r1\".By default, the rollout strategy for Endpoints is RolloutStrategy.FIXED. This means that Endpoints starts up with a particular configuration ID. When a new configuration is rolled out, Endpoints must be given the new configuration ID. The config_id field is used to give the configuration ID and is required in this case.Endpoints also has a rollout strategy called RolloutStrategy.MANAGED. When using this, Endpoints fetches the latest configuration and does not need the configuration ID. In this case, config_id must be omitted." }, "disableTraceSampling": { "type": "boolean", "description": "Enable or disable trace sampling. By default, this is set to false for enabled." }, "name": { "type": "string", "description": "Endpoints service name which is the name of the \"service\" resource in the Service Management API. For example \"myapi.endpoints.myproject.cloud.goog\"" }, "rolloutStrategy": { "$ref": "#/types/google-native:appengine%2Fv1:EndpointsApiServiceRolloutStrategy", "description": "Endpoints rollout strategy. If FIXED, config_id must be specified. If MANAGED, config_id must be omitted." } }, "type": "object" }, "google-native:appengine/v1:EndpointsApiServiceResponse": { "description": "Google Cloud Endpoints (https://cloud.google.com/endpoints) configuration. The Endpoints API Service provides tooling for serving Open API and gRPC endpoints via an NGINX proxy. Only valid for App Engine Flexible environment deployments.The fields here refer to the name and configuration ID of a \"service\" resource in the Service Management API (https://cloud.google.com/service-management/overview).", "properties": { "configId": { "type": "string", "description": "Endpoints service configuration ID as specified by the Service Management API. For example \"2016-09-19r1\".By default, the rollout strategy for Endpoints is RolloutStrategy.FIXED. This means that Endpoints starts up with a particular configuration ID. When a new configuration is rolled out, Endpoints must be given the new configuration ID. The config_id field is used to give the configuration ID and is required in this case.Endpoints also has a rollout strategy called RolloutStrategy.MANAGED. When using this, Endpoints fetches the latest configuration and does not need the configuration ID. In this case, config_id must be omitted." }, "disableTraceSampling": { "type": "boolean", "description": "Enable or disable trace sampling. By default, this is set to false for enabled." }, "name": { "type": "string", "description": "Endpoints service name which is the name of the \"service\" resource in the Service Management API. For example \"myapi.endpoints.myproject.cloud.goog\"" }, "rolloutStrategy": { "type": "string", "description": "Endpoints rollout strategy. If FIXED, config_id must be specified. If MANAGED, config_id must be omitted." } }, "type": "object", "required": [ "configId", "disableTraceSampling", "name", "rolloutStrategy" ] }, "google-native:appengine/v1:EndpointsApiServiceRolloutStrategy": { "description": "Endpoints rollout strategy. If FIXED, config_id must be specified. If MANAGED, config_id must be omitted.", "type": "string", "enum": [ { "name": "UnspecifiedRolloutStrategy", "description": "Not specified. Defaults to FIXED.", "value": "UNSPECIFIED_ROLLOUT_STRATEGY" }, { "name": "Fixed", "description": "Endpoints service configuration ID will be fixed to the configuration ID specified by config_id.", "value": "FIXED" }, { "name": "Managed", "description": "Endpoints service configuration ID will be updated with each rollout.", "value": "MANAGED" } ] }, "google-native:appengine/v1:Entrypoint": { "description": "The entrypoint for the application.", "properties": { "shell": { "type": "string", "description": "The format should be a shell command that can be fed to bash -c." } }, "type": "object" }, "google-native:appengine/v1:EntrypointResponse": { "description": "The entrypoint for the application.", "properties": { "shell": { "type": "string", "description": "The format should be a shell command that can be fed to bash -c." } }, "type": "object", "required": [ "shell" ] }, "google-native:appengine/v1:ErrorHandler": { "description": "Custom static error page to be served when an error occurs.", "properties": { "errorCode": { "$ref": "#/types/google-native:appengine%2Fv1:ErrorHandlerErrorCode", "description": "Error condition this handler applies to." }, "mimeType": { "type": "string", "description": "MIME type of file. Defaults to text/html." }, "staticFile": { "type": "string", "description": "Static file content to be served for this error." } }, "type": "object" }, "google-native:appengine/v1:ErrorHandlerErrorCode": { "description": "Error condition this handler applies to.", "type": "string", "enum": [ { "name": "ErrorCodeUnspecified", "description": "Not specified. ERROR_CODE_DEFAULT is assumed.", "value": "ERROR_CODE_UNSPECIFIED" }, { "name": "ErrorCodeDefault", "description": "All other error types.", "value": "ERROR_CODE_DEFAULT" }, { "name": "ErrorCodeOverQuota", "description": "Application has exceeded a resource quota.", "value": "ERROR_CODE_OVER_QUOTA" }, { "name": "ErrorCodeDosApiDenial", "description": "Client blocked by the application's Denial of Service protection configuration.", "value": "ERROR_CODE_DOS_API_DENIAL" }, { "name": "ErrorCodeTimeout", "description": "Deadline reached before the application responds.", "value": "ERROR_CODE_TIMEOUT" } ] }, "google-native:appengine/v1:ErrorHandlerResponse": { "description": "Custom static error page to be served when an error occurs.", "properties": { "errorCode": { "type": "string", "description": "Error condition this handler applies to." }, "mimeType": { "type": "string", "description": "MIME type of file. Defaults to text/html." }, "staticFile": { "type": "string", "description": "Static file content to be served for this error." } }, "type": "object", "required": [ "errorCode", "mimeType", "staticFile" ] }, "google-native:appengine/v1:FeatureSettings": { "description": "The feature specific settings to be used in the application. These define behaviors that are user configurable.", "properties": { "splitHealthChecks": { "type": "boolean", "description": "Boolean value indicating if split health checks should be used instead of the legacy health checks. At an app.yaml level, this means defaulting to 'readiness_check' and 'liveness_check' values instead of 'health_check' ones. Once the legacy 'health_check' behavior is deprecated, and this value is always true, this setting can be removed." }, "useContainerOptimizedOs": { "type": "boolean", "description": "If true, use Container-Optimized OS (https://cloud.google.com/container-optimized-os/) base image for VMs, rather than a base Debian image." } }, "type": "object" }, "google-native:appengine/v1:FeatureSettingsResponse": { "description": "The feature specific settings to be used in the application. These define behaviors that are user configurable.", "properties": { "splitHealthChecks": { "type": "boolean", "description": "Boolean value indicating if split health checks should be used instead of the legacy health checks. At an app.yaml level, this means defaulting to 'readiness_check' and 'liveness_check' values instead of 'health_check' ones. Once the legacy 'health_check' behavior is deprecated, and this value is always true, this setting can be removed." }, "useContainerOptimizedOs": { "type": "boolean", "description": "If true, use Container-Optimized OS (https://cloud.google.com/container-optimized-os/) base image for VMs, rather than a base Debian image." } }, "type": "object", "required": [ "splitHealthChecks", "useContainerOptimizedOs" ] }, "google-native:appengine/v1:FlexibleRuntimeSettings": { "description": "Runtime settings for the App Engine flexible environment.", "properties": { "operatingSystem": { "type": "string", "description": "The operating system of the application runtime." }, "runtimeVersion": { "type": "string", "description": "The runtime version of an App Engine flexible application." } }, "type": "object" }, "google-native:appengine/v1:FlexibleRuntimeSettingsResponse": { "description": "Runtime settings for the App Engine flexible environment.", "properties": { "operatingSystem": { "type": "string", "description": "The operating system of the application runtime." }, "runtimeVersion": { "type": "string", "description": "The runtime version of an App Engine flexible application." } }, "type": "object", "required": [ "operatingSystem", "runtimeVersion" ] }, "google-native:appengine/v1:HealthCheck": { "description": "Health checking configuration for VM instances. Unhealthy instances are killed and replaced with new instances. Only applicable for instances in App Engine flexible environment.", "properties": { "checkInterval": { "type": "string", "description": "Interval between health checks." }, "disableHealthCheck": { "type": "boolean", "description": "Whether to explicitly disable health checks for this instance." }, "healthyThreshold": { "type": "integer", "description": "Number of consecutive successful health checks required before receiving traffic." }, "host": { "type": "string", "description": "Host header to send when performing an HTTP health check. Example: \"myapp.appspot.com\"" }, "restartThreshold": { "type": "integer", "description": "Number of consecutive failed health checks required before an instance is restarted." }, "timeout": { "type": "string", "description": "Time before the health check is considered failed." }, "unhealthyThreshold": { "type": "integer", "description": "Number of consecutive failed health checks required before removing traffic." } }, "type": "object" }, "google-native:appengine/v1:HealthCheckResponse": { "description": "Health checking configuration for VM instances. Unhealthy instances are killed and replaced with new instances. Only applicable for instances in App Engine flexible environment.", "properties": { "checkInterval": { "type": "string", "description": "Interval between health checks." }, "disableHealthCheck": { "type": "boolean", "description": "Whether to explicitly disable health checks for this instance." }, "healthyThreshold": { "type": "integer", "description": "Number of consecutive successful health checks required before receiving traffic." }, "host": { "type": "string", "description": "Host header to send when performing an HTTP health check. Example: \"myapp.appspot.com\"" }, "restartThreshold": { "type": "integer", "description": "Number of consecutive failed health checks required before an instance is restarted." }, "timeout": { "type": "string", "description": "Time before the health check is considered failed." }, "unhealthyThreshold": { "type": "integer", "description": "Number of consecutive failed health checks required before removing traffic." } }, "type": "object", "required": [ "checkInterval", "disableHealthCheck", "healthyThreshold", "host", "restartThreshold", "timeout", "unhealthyThreshold" ] }, "google-native:appengine/v1:IdentityAwareProxy": { "description": "Identity-Aware Proxy", "properties": { "enabled": { "type": "boolean", "description": "Whether the serving infrastructure will authenticate and authorize all incoming requests.If true, the oauth2_client_id and oauth2_client_secret fields must be non-empty." }, "oauth2ClientId": { "type": "string", "description": "OAuth2 client ID to use for the authentication flow." }, "oauth2ClientSecret": { "type": "string", "description": "OAuth2 client secret to use for the authentication flow.For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2_client_secret_sha256 field.@InputOnly" } }, "type": "object" }, "google-native:appengine/v1:IdentityAwareProxyResponse": { "description": "Identity-Aware Proxy", "properties": { "enabled": { "type": "boolean", "description": "Whether the serving infrastructure will authenticate and authorize all incoming requests.If true, the oauth2_client_id and oauth2_client_secret fields must be non-empty." }, "oauth2ClientId": { "type": "string", "description": "OAuth2 client ID to use for the authentication flow." }, "oauth2ClientSecret": { "type": "string", "description": "OAuth2 client secret to use for the authentication flow.For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2_client_secret_sha256 field.@InputOnly" }, "oauth2ClientSecretSha256": { "type": "string", "description": "Hex-encoded SHA-256 hash of the client secret." } }, "type": "object", "required": [ "enabled", "oauth2ClientId", "oauth2ClientSecret", "oauth2ClientSecretSha256" ] }, "google-native:appengine/v1:IngressRuleAction": { "description": "The action to take on matched requests.", "type": "string", "enum": [ { "name": "UnspecifiedAction", "value": "UNSPECIFIED_ACTION" }, { "name": "Allow", "description": "Matching requests are allowed.", "value": "ALLOW" }, { "name": "Deny", "description": "Matching requests are denied.", "value": "DENY" } ] }, "google-native:appengine/v1:Library": { "description": "Third-party Python runtime library that is required by the application.", "properties": { "name": { "type": "string", "description": "Name of the library. Example: \"django\"." }, "version": { "type": "string", "description": "Version of the library to select, or \"latest\"." } }, "type": "object" }, "google-native:appengine/v1:LibraryResponse": { "description": "Third-party Python runtime library that is required by the application.", "properties": { "name": { "type": "string", "description": "Name of the library. Example: \"django\"." }, "version": { "type": "string", "description": "Version of the library to select, or \"latest\"." } }, "type": "object", "required": [ "name", "version" ] }, "google-native:appengine/v1:LivenessCheck": { "description": "Health checking configuration for VM instances. Unhealthy instances are killed and replaced with new instances.", "properties": { "checkInterval": { "type": "string", "description": "Interval between health checks." }, "failureThreshold": { "type": "integer", "description": "Number of consecutive failed checks required before considering the VM unhealthy." }, "host": { "type": "string", "description": "Host header to send when performing a HTTP Liveness check. Example: \"myapp.appspot.com\"" }, "initialDelay": { "type": "string", "description": "The initial delay before starting to execute the checks." }, "path": { "type": "string", "description": "The request path." }, "successThreshold": { "type": "integer", "description": "Number of consecutive successful checks required before considering the VM healthy." }, "timeout": { "type": "string", "description": "Time before the check is considered failed." } }, "type": "object" }, "google-native:appengine/v1:LivenessCheckResponse": { "description": "Health checking configuration for VM instances. Unhealthy instances are killed and replaced with new instances.", "properties": { "checkInterval": { "type": "string", "description": "Interval between health checks." }, "failureThreshold": { "type": "integer", "description": "Number of consecutive failed checks required before considering the VM unhealthy." }, "host": { "type": "string", "description": "Host header to send when performing a HTTP Liveness check. Example: \"myapp.appspot.com\"" }, "initialDelay": { "type": "string", "description": "The initial delay before starting to execute the checks." }, "path": { "type": "string", "description": "The request path." }, "successThreshold": { "type": "integer", "description": "Number of consecutive successful checks required before considering the VM healthy." }, "timeout": { "type": "string", "description": "Time before the check is considered failed." } }, "type": "object", "required": [ "checkInterval", "failureThreshold", "host", "initialDelay", "path", "successThreshold", "timeout" ] }, "google-native:appengine/v1:ManagedCertificateResponse": { "description": "A certificate managed by App Engine.", "properties": { "lastRenewalTime": { "type": "string", "description": "Time at which the certificate was last renewed. The renewal process is fully managed. Certificate renewal will automatically occur before the certificate expires. Renewal errors can be tracked via ManagementStatus." }, "status": { "type": "string", "description": "Status of certificate management. Refers to the most recent certificate acquisition or renewal attempt." } }, "type": "object", "required": [ "lastRenewalTime", "status" ] }, "google-native:appengine/v1:ManualScaling": { "description": "A service with manual scaling runs continuously, allowing you to perform complex initialization and rely on the state of its memory over time.", "properties": { "instances": { "type": "integer", "description": "Number of instances to assign to the service at the start. This number can later be altered by using the Modules API (https://cloud.google.com/appengine/docs/python/modules/functions) set_num_instances() function." } }, "type": "object" }, "google-native:appengine/v1:ManualScalingResponse": { "description": "A service with manual scaling runs continuously, allowing you to perform complex initialization and rely on the state of its memory over time.", "properties": { "instances": { "type": "integer", "description": "Number of instances to assign to the service at the start. This number can later be altered by using the Modules API (https://cloud.google.com/appengine/docs/python/modules/functions) set_num_instances() function." } }, "type": "object", "required": [ "instances" ] }, "google-native:appengine/v1:Network": { "description": "Extra network settings. Only applicable in the App Engine flexible environment.", "properties": { "forwardedPorts": { "type": "array", "items": { "type": "string" }, "description": "List of ports, or port pairs, to forward from the virtual machine to the application container. Only applicable in the App Engine flexible environment." }, "instanceIpMode": { "$ref": "#/types/google-native:appengine%2Fv1:NetworkInstanceIpMode", "description": "The IP mode for instances. Only applicable in the App Engine flexible environment." }, "instanceTag": { "type": "string", "description": "Tag to apply to the instance during creation. Only applicable in the App Engine flexible environment." }, "name": { "type": "string", "description": "Google Compute Engine network where the virtual machines are created. Specify the short name, not the resource path.Defaults to default." }, "sessionAffinity": { "type": "boolean", "description": "Enable session affinity. Only applicable in the App Engine flexible environment." }, "subnetworkName": { "type": "string", "description": "Google Cloud Platform sub-network where the virtual machines are created. Specify the short name, not the resource path.If a subnetwork name is specified, a network name will also be required unless it is for the default network. If the network that the instance is being created in is a Legacy network, then the IP address is allocated from the IPv4Range. If the network that the instance is being created in is an auto Subnet Mode Network, then only network name should be specified (not the subnetwork_name) and the IP address is created from the IPCidrRange of the subnetwork that exists in that zone for that network. If the network that the instance is being created in is a custom Subnet Mode Network, then the subnetwork_name must be specified and the IP address is created from the IPCidrRange of the subnetwork.If specified, the subnetwork must exist in the same region as the App Engine flexible environment application." } }, "type": "object" }, "google-native:appengine/v1:NetworkInstanceIpMode": { "description": "The IP mode for instances. Only applicable in the App Engine flexible environment.", "type": "string", "enum": [ { "name": "InstanceIpModeUnspecified", "description": "Unspecified is treated as EXTERNAL.", "value": "INSTANCE_IP_MODE_UNSPECIFIED" }, { "name": "External", "description": "Instances are created with both internal and external IP addresses.", "value": "EXTERNAL" }, { "name": "Internal", "description": "Instances are created with internal IP addresses only.", "value": "INTERNAL" } ] }, "google-native:appengine/v1:NetworkResponse": { "description": "Extra network settings. Only applicable in the App Engine flexible environment.", "properties": { "forwardedPorts": { "type": "array", "items": { "type": "string" }, "description": "List of ports, or port pairs, to forward from the virtual machine to the application container. Only applicable in the App Engine flexible environment." }, "instanceIpMode": { "type": "string", "description": "The IP mode for instances. Only applicable in the App Engine flexible environment." }, "instanceTag": { "type": "string", "description": "Tag to apply to the instance during creation. Only applicable in the App Engine flexible environment." }, "name": { "type": "string", "description": "Google Compute Engine network where the virtual machines are created. Specify the short name, not the resource path.Defaults to default." }, "sessionAffinity": { "type": "boolean", "description": "Enable session affinity. Only applicable in the App Engine flexible environment." }, "subnetworkName": { "type": "string", "description": "Google Cloud Platform sub-network where the virtual machines are created. Specify the short name, not the resource path.If a subnetwork name is specified, a network name will also be required unless it is for the default network. If the network that the instance is being created in is a Legacy network, then the IP address is allocated from the IPv4Range. If the network that the instance is being created in is an auto Subnet Mode Network, then only network name should be specified (not the subnetwork_name) and the IP address is created from the IPCidrRange of the subnetwork that exists in that zone for that network. If the network that the instance is being created in is a custom Subnet Mode Network, then the subnetwork_name must be specified and the IP address is created from the IPCidrRange of the subnetwork.If specified, the subnetwork must exist in the same region as the App Engine flexible environment application." } }, "type": "object", "required": [ "forwardedPorts", "instanceIpMode", "instanceTag", "name", "sessionAffinity", "subnetworkName" ] }, "google-native:appengine/v1:NetworkUtilization": { "description": "Target scaling by network usage. Only applicable in the App Engine flexible environment.", "properties": { "targetReceivedBytesPerSecond": { "type": "integer", "description": "Target bytes received per second." }, "targetReceivedPacketsPerSecond": { "type": "integer", "description": "Target packets received per second." }, "targetSentBytesPerSecond": { "type": "integer", "description": "Target bytes sent per second." }, "targetSentPacketsPerSecond": { "type": "integer", "description": "Target packets sent per second." } }, "type": "object" }, "google-native:appengine/v1:NetworkUtilizationResponse": { "description": "Target scaling by network usage. Only applicable in the App Engine flexible environment.", "properties": { "targetReceivedBytesPerSecond": { "type": "integer", "description": "Target bytes received per second." }, "targetReceivedPacketsPerSecond": { "type": "integer", "description": "Target packets received per second." }, "targetSentBytesPerSecond": { "type": "integer", "description": "Target bytes sent per second." }, "targetSentPacketsPerSecond": { "type": "integer", "description": "Target packets sent per second." } }, "type": "object", "required": [ "targetReceivedBytesPerSecond", "targetReceivedPacketsPerSecond", "targetSentBytesPerSecond", "targetSentPacketsPerSecond" ] }, "google-native:appengine/v1:ReadinessCheck": { "description": "Readiness checking configuration for VM instances. Unhealthy instances are removed from traffic rotation.", "properties": { "appStartTimeout": { "type": "string", "description": "A maximum time limit on application initialization, measured from moment the application successfully replies to a healthcheck until it is ready to serve traffic." }, "checkInterval": { "type": "string", "description": "Interval between health checks." }, "failureThreshold": { "type": "integer", "description": "Number of consecutive failed checks required before removing traffic." }, "host": { "type": "string", "description": "Host header to send when performing a HTTP Readiness check. Example: \"myapp.appspot.com\"" }, "path": { "type": "string", "description": "The request path." }, "successThreshold": { "type": "integer", "description": "Number of consecutive successful checks required before receiving traffic." }, "timeout": { "type": "string", "description": "Time before the check is considered failed." } }, "type": "object" }, "google-native:appengine/v1:ReadinessCheckResponse": { "description": "Readiness checking configuration for VM instances. Unhealthy instances are removed from traffic rotation.", "properties": { "appStartTimeout": { "type": "string", "description": "A maximum time limit on application initialization, measured from moment the application successfully replies to a healthcheck until it is ready to serve traffic." }, "checkInterval": { "type": "string", "description": "Interval between health checks." }, "failureThreshold": { "type": "integer", "description": "Number of consecutive failed checks required before removing traffic." }, "host": { "type": "string", "description": "Host header to send when performing a HTTP Readiness check. Example: \"myapp.appspot.com\"" }, "path": { "type": "string", "description": "The request path." }, "successThreshold": { "type": "integer", "description": "Number of consecutive successful checks required before receiving traffic." }, "timeout": { "type": "string", "description": "Time before the check is considered failed." } }, "type": "object", "required": [ "appStartTimeout", "checkInterval", "failureThreshold", "host", "path", "successThreshold", "timeout" ] }, "google-native:appengine/v1:RequestUtilization": { "description": "Target scaling by request utilization. Only applicable in the App Engine flexible environment.", "properties": { "targetConcurrentRequests": { "type": "integer", "description": "Target number of concurrent requests." }, "targetRequestCountPerSecond": { "type": "integer", "description": "Target requests per second." } }, "type": "object" }, "google-native:appengine/v1:RequestUtilizationResponse": { "description": "Target scaling by request utilization. Only applicable in the App Engine flexible environment.", "properties": { "targetConcurrentRequests": { "type": "integer", "description": "Target number of concurrent requests." }, "targetRequestCountPerSecond": { "type": "integer", "description": "Target requests per second." } }, "type": "object", "required": [ "targetConcurrentRequests", "targetRequestCountPerSecond" ] }, "google-native:appengine/v1:ResourceRecordResponse": { "description": "A DNS resource record.", "properties": { "name": { "type": "string", "description": "Relative name of the object affected by this record. Only applicable for CNAME records. Example: 'www'." }, "rrdata": { "type": "string", "description": "Data for this record. Values vary by record type, as defined in RFC 1035 (section 5) and RFC 1034 (section 3.6.1)." }, "type": { "type": "string", "description": "Resource record type. Example: AAAA." } }, "type": "object", "required": [ "name", "rrdata", "type" ] }, "google-native:appengine/v1:Resources": { "description": "Machine resources for a version.", "properties": { "cpu": { "type": "number", "description": "Number of CPU cores needed." }, "diskGb": { "type": "number", "description": "Disk size (GB) needed." }, "kmsKeyReference": { "type": "string", "description": "The name of the encryption key that is stored in Google Cloud KMS. Only should be used by Cloud Composer to encrypt the vm disk" }, "memoryGb": { "type": "number", "description": "Memory (GB) needed." }, "volumes": { "type": "array", "items": { "$ref": "#/types/google-native:appengine%2Fv1:Volume" }, "description": "User specified volumes." } }, "type": "object" }, "google-native:appengine/v1:ResourcesResponse": { "description": "Machine resources for a version.", "properties": { "cpu": { "type": "number", "description": "Number of CPU cores needed." }, "diskGb": { "type": "number", "description": "Disk size (GB) needed." }, "kmsKeyReference": { "type": "string", "description": "The name of the encryption key that is stored in Google Cloud KMS. Only should be used by Cloud Composer to encrypt the vm disk" }, "memoryGb": { "type": "number", "description": "Memory (GB) needed." }, "volumes": { "type": "array", "items": { "$ref": "#/types/google-native:appengine%2Fv1:VolumeResponse" }, "description": "User specified volumes." } }, "type": "object", "required": [ "cpu", "diskGb", "kmsKeyReference", "memoryGb", "volumes" ] }, "google-native:appengine/v1:ScriptHandler": { "description": "Executes a script to handle the request that matches the URL pattern.", "properties": { "scriptPath": { "type": "string", "description": "Path to the script from the application root directory." } }, "type": "object" }, "google-native:appengine/v1:ScriptHandlerResponse": { "description": "Executes a script to handle the request that matches the URL pattern.", "properties": { "scriptPath": { "type": "string", "description": "Path to the script from the application root directory." } }, "type": "object", "required": [ "scriptPath" ] }, "google-native:appengine/v1:SslSettings": { "description": "SSL configuration for a DomainMapping resource.", "properties": { "certificateId": { "type": "string", "description": "ID of the AuthorizedCertificate resource configuring SSL for the application. Clearing this field will remove SSL support.By default, a managed certificate is automatically created for every domain mapping. To omit SSL support or to configure SSL manually, specify SslManagementType.MANUAL on a CREATE or UPDATE request. You must be authorized to administer the AuthorizedCertificate resource to manually map it to a DomainMapping resource. Example: 12345." }, "sslManagementType": { "$ref": "#/types/google-native:appengine%2Fv1:SslSettingsSslManagementType", "description": "SSL management type for this domain. If AUTOMATIC, a managed certificate is automatically provisioned. If MANUAL, certificate_id must be manually specified in order to configure SSL for this domain." } }, "type": "object" }, "google-native:appengine/v1:SslSettingsResponse": { "description": "SSL configuration for a DomainMapping resource.", "properties": { "certificateId": { "type": "string", "description": "ID of the AuthorizedCertificate resource configuring SSL for the application. Clearing this field will remove SSL support.By default, a managed certificate is automatically created for every domain mapping. To omit SSL support or to configure SSL manually, specify SslManagementType.MANUAL on a CREATE or UPDATE request. You must be authorized to administer the AuthorizedCertificate resource to manually map it to a DomainMapping resource. Example: 12345." }, "pendingManagedCertificateId": { "type": "string", "description": "ID of the managed AuthorizedCertificate resource currently being provisioned, if applicable. Until the new managed certificate has been successfully provisioned, the previous SSL state will be preserved. Once the provisioning process completes, the certificate_id field will reflect the new managed certificate and this field will be left empty. To remove SSL support while there is still a pending managed certificate, clear the certificate_id field with an UpdateDomainMappingRequest." }, "sslManagementType": { "type": "string", "description": "SSL management type for this domain. If AUTOMATIC, a managed certificate is automatically provisioned. If MANUAL, certificate_id must be manually specified in order to configure SSL for this domain." } }, "type": "object", "required": [ "certificateId", "pendingManagedCertificateId", "sslManagementType" ] }, "google-native:appengine/v1:SslSettingsSslManagementType": { "description": "SSL management type for this domain. If AUTOMATIC, a managed certificate is automatically provisioned. If MANUAL, certificate_id must be manually specified in order to configure SSL for this domain.", "type": "string", "enum": [ { "name": "SslManagementTypeUnspecified", "description": "Defaults to AUTOMATIC.", "value": "SSL_MANAGEMENT_TYPE_UNSPECIFIED" }, { "name": "Automatic", "description": "SSL support for this domain is configured automatically. The mapped SSL certificate will be automatically renewed.", "value": "AUTOMATIC" }, { "name": "Manual", "description": "SSL support for this domain is configured manually by the user. Either the domain has no SSL support or a user-obtained SSL certificate has been explictly mapped to this domain.", "value": "MANUAL" } ] }, "google-native:appengine/v1:StandardSchedulerSettings": { "description": "Scheduler settings for standard environment.", "properties": { "maxInstances": { "type": "integer", "description": "Maximum number of instances to run for this version. Set to zero to disable max_instances configuration." }, "minInstances": { "type": "integer", "description": "Minimum number of instances to run for this version. Set to zero to disable min_instances configuration." }, "targetCpuUtilization": { "type": "number", "description": "Target CPU utilization ratio to maintain when scaling." }, "targetThroughputUtilization": { "type": "number", "description": "Target throughput utilization ratio to maintain when scaling" } }, "type": "object" }, "google-native:appengine/v1:StandardSchedulerSettingsResponse": { "description": "Scheduler settings for standard environment.", "properties": { "maxInstances": { "type": "integer", "description": "Maximum number of instances to run for this version. Set to zero to disable max_instances configuration." }, "minInstances": { "type": "integer", "description": "Minimum number of instances to run for this version. Set to zero to disable min_instances configuration." }, "targetCpuUtilization": { "type": "number", "description": "Target CPU utilization ratio to maintain when scaling." }, "targetThroughputUtilization": { "type": "number", "description": "Target throughput utilization ratio to maintain when scaling" } }, "type": "object", "required": [ "maxInstances", "minInstances", "targetCpuUtilization", "targetThroughputUtilization" ] }, "google-native:appengine/v1:StaticFilesHandler": { "description": "Files served directly to the user for a given URL, such as images, CSS stylesheets, or JavaScript source files. Static file handlers describe which files in the application directory are static files, and which URLs serve them.", "properties": { "applicationReadable": { "type": "boolean", "description": "Whether files should also be uploaded as code data. By default, files declared in static file handlers are uploaded as static data and are only served to end users; they cannot be read by the application. If enabled, uploads are charged against both your code and static data storage resource quotas." }, "expiration": { "type": "string", "description": "Time a static file served by this handler should be cached by web proxies and browsers." }, "httpHeaders": { "type": "object", "additionalProperties": { "type": "string" }, "description": "HTTP headers to use for all responses from these URLs." }, "mimeType": { "type": "string", "description": "MIME type used to serve all files served by this handler.Defaults to file-specific MIME types, which are derived from each file's filename extension." }, "path": { "type": "string", "description": "Path to the static files matched by the URL pattern, from the application root directory. The path can refer to text matched in groupings in the URL pattern." }, "requireMatchingFile": { "type": "boolean", "description": "Whether this handler should match the request if the file referenced by the handler does not exist." }, "uploadPathRegex": { "type": "string", "description": "Regular expression that matches the file paths for all files that should be referenced by this handler." } }, "type": "object" }, "google-native:appengine/v1:StaticFilesHandlerResponse": { "description": "Files served directly to the user for a given URL, such as images, CSS stylesheets, or JavaScript source files. Static file handlers describe which files in the application directory are static files, and which URLs serve them.", "properties": { "applicationReadable": { "type": "boolean", "description": "Whether files should also be uploaded as code data. By default, files declared in static file handlers are uploaded as static data and are only served to end users; they cannot be read by the application. If enabled, uploads are charged against both your code and static data storage resource quotas." }, "expiration": { "type": "string", "description": "Time a static file served by this handler should be cached by web proxies and browsers." }, "httpHeaders": { "type": "object", "additionalProperties": { "type": "string" }, "description": "HTTP headers to use for all responses from these URLs." }, "mimeType": { "type": "string", "description": "MIME type used to serve all files served by this handler.Defaults to file-specific MIME types, which are derived from each file's filename extension." }, "path": { "type": "string", "description": "Path to the static files matched by the URL pattern, from the application root directory. The path can refer to text matched in groupings in the URL pattern." }, "requireMatchingFile": { "type": "boolean", "description": "Whether this handler should match the request if the file referenced by the handler does not exist." }, "uploadPathRegex": { "type": "string", "description": "Regular expression that matches the file paths for all files that should be referenced by this handler." } }, "type": "object", "required": [ "applicationReadable", "expiration", "httpHeaders", "mimeType", "path", "requireMatchingFile", "uploadPathRegex" ] }, "google-native:appengine/v1:UrlDispatchRule": { "description": "Rules to match an HTTP request and dispatch that request to a service.", "properties": { "domain": { "type": "string", "description": "Domain name to match against. The wildcard \"*\" is supported if specified before a period: \"*.\".Defaults to matching all domains: \"*\"." }, "path": { "type": "string", "description": "Pathname within the host. Must start with a \"/\". A single \"*\" can be included at the end of the path.The sum of the lengths of the domain and path may not exceed 100 characters." }, "service": { "type": "string", "description": "Resource ID of a service in this application that should serve the matched request. The service must already exist. Example: default." } }, "type": "object" }, "google-native:appengine/v1:UrlDispatchRuleResponse": { "description": "Rules to match an HTTP request and dispatch that request to a service.", "properties": { "domain": { "type": "string", "description": "Domain name to match against. The wildcard \"*\" is supported if specified before a period: \"*.\".Defaults to matching all domains: \"*\"." }, "path": { "type": "string", "description": "Pathname within the host. Must start with a \"/\". A single \"*\" can be included at the end of the path.The sum of the lengths of the domain and path may not exceed 100 characters." }, "service": { "type": "string", "description": "Resource ID of a service in this application that should serve the matched request. The service must already exist. Example: default." } }, "type": "object", "required": [ "domain", "path", "service" ] }, "google-native:appengine/v1:UrlMap": { "description": "URL pattern and description of how the URL should be handled. App Engine can handle URLs by executing application code or by serving static files uploaded with the version, such as images, CSS, or JavaScript.", "properties": { "apiEndpoint": { "$ref": "#/types/google-native:appengine%2Fv1:ApiEndpointHandler", "description": "Uses API Endpoints to handle requests." }, "authFailAction": { "$ref": "#/types/google-native:appengine%2Fv1:UrlMapAuthFailAction", "description": "Action to take when users access resources that require authentication. Defaults to redirect." }, "login": { "$ref": "#/types/google-native:appengine%2Fv1:UrlMapLogin", "description": "Level of login required to access this resource. Not supported for Node.js in the App Engine standard environment." }, "redirectHttpResponseCode": { "$ref": "#/types/google-native:appengine%2Fv1:UrlMapRedirectHttpResponseCode", "description": "30x code to use when performing redirects for the secure field. Defaults to 302." }, "script": { "$ref": "#/types/google-native:appengine%2Fv1:ScriptHandler", "description": "Executes a script to handle the requests that match this URL pattern. Only the auto value is supported for Node.js in the App Engine standard environment, for example \"script\": \"auto\"." }, "securityLevel": { "$ref": "#/types/google-native:appengine%2Fv1:UrlMapSecurityLevel", "description": "Security (HTTPS) enforcement for this URL." }, "staticFiles": { "$ref": "#/types/google-native:appengine%2Fv1:StaticFilesHandler", "description": "Returns the contents of a file, such as an image, as the response." }, "urlRegex": { "type": "string", "description": "URL prefix. Uses regular expression syntax, which means regexp special characters must be escaped, but should not contain groupings. All URLs that begin with this prefix are handled by this handler, using the portion of the URL after the prefix as part of the file path." } }, "type": "object" }, "google-native:appengine/v1:UrlMapAuthFailAction": { "description": "Action to take when users access resources that require authentication. Defaults to redirect.", "type": "string", "enum": [ { "name": "AuthFailActionUnspecified", "description": "Not specified. AUTH_FAIL_ACTION_REDIRECT is assumed.", "value": "AUTH_FAIL_ACTION_UNSPECIFIED" }, { "name": "AuthFailActionRedirect", "description": "Redirects user to \"accounts.google.com\". The user is redirected back to the application URL after signing in or creating an account.", "value": "AUTH_FAIL_ACTION_REDIRECT" }, { "name": "AuthFailActionUnauthorized", "description": "Rejects request with a 401 HTTP status code and an error message.", "value": "AUTH_FAIL_ACTION_UNAUTHORIZED" } ] }, "google-native:appengine/v1:UrlMapLogin": { "description": "Level of login required to access this resource. Not supported for Node.js in the App Engine standard environment.", "type": "string", "enum": [ { "name": "LoginUnspecified", "description": "Not specified. LOGIN_OPTIONAL is assumed.", "value": "LOGIN_UNSPECIFIED" }, { "name": "LoginOptional", "description": "Does not require that the user is signed in.", "value": "LOGIN_OPTIONAL" }, { "name": "LoginAdmin", "description": "If the user is not signed in, the auth_fail_action is taken. In addition, if the user is not an administrator for the application, they are given an error message regardless of auth_fail_action. If the user is an administrator, the handler proceeds.", "value": "LOGIN_ADMIN" }, { "name": "LoginRequired", "description": "If the user has signed in, the handler proceeds normally. Otherwise, the auth_fail_action is taken.", "value": "LOGIN_REQUIRED" } ] }, "google-native:appengine/v1:UrlMapRedirectHttpResponseCode": { "description": "30x code to use when performing redirects for the secure field. Defaults to 302.", "type": "string", "enum": [ { "name": "RedirectHttpResponseCodeUnspecified", "description": "Not specified. 302 is assumed.", "value": "REDIRECT_HTTP_RESPONSE_CODE_UNSPECIFIED" }, { "name": "RedirectHttpResponseCode301", "description": "301 Moved Permanently code.", "value": "REDIRECT_HTTP_RESPONSE_CODE_301" }, { "name": "RedirectHttpResponseCode302", "description": "302 Moved Temporarily code.", "value": "REDIRECT_HTTP_RESPONSE_CODE_302" }, { "name": "RedirectHttpResponseCode303", "description": "303 See Other code.", "value": "REDIRECT_HTTP_RESPONSE_CODE_303" }, { "name": "RedirectHttpResponseCode307", "description": "307 Temporary Redirect code.", "value": "REDIRECT_HTTP_RESPONSE_CODE_307" } ] }, "google-native:appengine/v1:UrlMapResponse": { "description": "URL pattern and description of how the URL should be handled. App Engine can handle URLs by executing application code or by serving static files uploaded with the version, such as images, CSS, or JavaScript.", "properties": { "apiEndpoint": { "$ref": "#/types/google-native:appengine%2Fv1:ApiEndpointHandlerResponse", "description": "Uses API Endpoints to handle requests." }, "authFailAction": { "type": "string", "description": "Action to take when users access resources that require authentication. Defaults to redirect." }, "login": { "type": "string", "description": "Level of login required to access this resource. Not supported for Node.js in the App Engine standard environment." }, "redirectHttpResponseCode": { "type": "string", "description": "30x code to use when performing redirects for the secure field. Defaults to 302." }, "script": { "$ref": "#/types/google-native:appengine%2Fv1:ScriptHandlerResponse", "description": "Executes a script to handle the requests that match this URL pattern. Only the auto value is supported for Node.js in the App Engine standard environment, for example \"script\": \"auto\"." }, "securityLevel": { "type": "string", "description": "Security (HTTPS) enforcement for this URL." }, "staticFiles": { "$ref": "#/types/google-native:appengine%2Fv1:StaticFilesHandlerResponse", "description": "Returns the contents of a file, such as an image, as the response." }, "urlRegex": { "type": "string", "description": "URL prefix. Uses regular expression syntax, which means regexp special characters must be escaped, but should not contain groupings. All URLs that begin with this prefix are handled by this handler, using the portion of the URL after the prefix as part of the file path." } }, "type": "object", "required": [ "apiEndpoint", "authFailAction", "login", "redirectHttpResponseCode", "script", "securityLevel", "staticFiles", "urlRegex" ] }, "google-native:appengine/v1:UrlMapSecurityLevel": { "description": "Security (HTTPS) enforcement for this URL.", "type": "string", "enum": [ { "name": "SecureUnspecified", "description": "Not specified.", "value": "SECURE_UNSPECIFIED" }, { "name": "SecureDefault", "description": "Both HTTP and HTTPS requests with URLs that match the handler succeed without redirects. The application can examine the request to determine which protocol was used, and respond accordingly.", "value": "SECURE_DEFAULT" }, { "name": "SecureNever", "description": "Requests for a URL that match this handler that use HTTPS are automatically redirected to the HTTP equivalent URL.", "value": "SECURE_NEVER" }, { "name": "SecureOptional", "description": "Both HTTP and HTTPS requests with URLs that match the handler succeed without redirects. The application can examine the request to determine which protocol was used and respond accordingly.", "value": "SECURE_OPTIONAL" }, { "name": "SecureAlways", "description": "Requests for a URL that match this handler that do not use HTTPS are automatically redirected to the HTTPS URL with the same path. Query parameters are reserved for the redirect.", "value": "SECURE_ALWAYS" } ] }, "google-native:appengine/v1:VersionInboundServicesItem": { "type": "string", "enum": [ { "name": "InboundServiceUnspecified", "description": "Not specified.", "value": "INBOUND_SERVICE_UNSPECIFIED" }, { "name": "InboundServiceMail", "description": "Allows an application to receive mail.", "value": "INBOUND_SERVICE_MAIL" }, { "name": "InboundServiceMailBounce", "description": "Allows an application to receive email-bound notifications.", "value": "INBOUND_SERVICE_MAIL_BOUNCE" }, { "name": "InboundServiceXmppError", "description": "Allows an application to receive error stanzas.", "value": "INBOUND_SERVICE_XMPP_ERROR" }, { "name": "InboundServiceXmppMessage", "description": "Allows an application to receive instant messages.", "value": "INBOUND_SERVICE_XMPP_MESSAGE" }, { "name": "InboundServiceXmppSubscribe", "description": "Allows an application to receive user subscription POSTs.", "value": "INBOUND_SERVICE_XMPP_SUBSCRIBE" }, { "name": "InboundServiceXmppPresence", "description": "Allows an application to receive a user's chat presence.", "value": "INBOUND_SERVICE_XMPP_PRESENCE" }, { "name": "InboundServiceChannelPresence", "description": "Registers an application for notifications when a client connects or disconnects from a channel.", "value": "INBOUND_SERVICE_CHANNEL_PRESENCE" }, { "name": "InboundServiceWarmup", "description": "Enables warmup requests.", "value": "INBOUND_SERVICE_WARMUP" } ] }, "google-native:appengine/v1:VersionServingStatus": { "description": "Current serving status of this version. Only the versions with a SERVING status create instances and can be billed.SERVING_STATUS_UNSPECIFIED is an invalid value. Defaults to SERVING.", "type": "string", "enum": [ { "name": "ServingStatusUnspecified", "description": "Not specified.", "value": "SERVING_STATUS_UNSPECIFIED" }, { "name": "Serving", "description": "Currently serving. Instances are created according to the scaling settings of the version.", "value": "SERVING" }, { "name": "Stopped", "description": "Disabled. No instances will be created and the scaling settings are ignored until the state of the version changes to SERVING.", "value": "STOPPED" } ] }, "google-native:appengine/v1:Volume": { "description": "Volumes mounted within the app container. Only applicable in the App Engine flexible environment.", "properties": { "name": { "type": "string", "description": "Unique name for the volume." }, "sizeGb": { "type": "number", "description": "Volume size in gigabytes." }, "volumeType": { "type": "string", "description": "Underlying volume type, e.g. 'tmpfs'." } }, "type": "object" }, "google-native:appengine/v1:VolumeResponse": { "description": "Volumes mounted within the app container. Only applicable in the App Engine flexible environment.", "properties": { "name": { "type": "string", "description": "Unique name for the volume." }, "sizeGb": { "type": "number", "description": "Volume size in gigabytes." }, "volumeType": { "type": "string", "description": "Underlying volume type, e.g. 'tmpfs'." } }, "type": "object", "required": [ "name", "sizeGb", "volumeType" ] }, "google-native:appengine/v1:VpcAccessConnector": { "description": "VPC access connector specification.", "properties": { "egressSetting": { "$ref": "#/types/google-native:appengine%2Fv1:VpcAccessConnectorEgressSetting", "description": "The egress setting for the connector, controlling what traffic is diverted through it." }, "name": { "type": "string", "description": "Full Serverless VPC Access Connector name e.g. projects/my-project/locations/us-central1/connectors/c1." } }, "type": "object" }, "google-native:appengine/v1:VpcAccessConnectorEgressSetting": { "description": "The egress setting for the connector, controlling what traffic is diverted through it.", "type": "string", "enum": [ { "name": "EgressSettingUnspecified", "value": "EGRESS_SETTING_UNSPECIFIED" }, { "name": "AllTraffic", "description": "Force the use of VPC Access for all egress traffic from the function.", "value": "ALL_TRAFFIC" }, { "name": "PrivateIpRanges", "description": "Use the VPC Access Connector for private IP space from RFC1918.", "value": "PRIVATE_IP_RANGES" } ] }, "google-native:appengine/v1:VpcAccessConnectorResponse": { "description": "VPC access connector specification.", "properties": { "egressSetting": { "type": "string", "description": "The egress setting for the connector, controlling what traffic is diverted through it." }, "name": { "type": "string", "description": "Full Serverless VPC Access Connector name e.g. projects/my-project/locations/us-central1/connectors/c1." } }, "type": "object", "required": [ "egressSetting", "name" ] }, "google-native:appengine/v1:ZipInfo": { "description": "The zip file information for a zip deployment.", "properties": { "filesCount": { "type": "integer", "description": "An estimate of the number of files in a zip for a zip deployment. If set, must be greater than or equal to the actual number of files. Used for optimizing performance; if not provided, deployment may be slow." }, "sourceUrl": { "type": "string", "description": "URL of the zip file to deploy from. Must be a URL to a resource in Google Cloud Storage in the form 'http(s)://storage.googleapis.com//'." } }, "type": "object" }, "google-native:appengine/v1:ZipInfoResponse": { "description": "The zip file information for a zip deployment.", "properties": { "filesCount": { "type": "integer", "description": "An estimate of the number of files in a zip for a zip deployment. If set, must be greater than or equal to the actual number of files. Used for optimizing performance; if not provided, deployment may be slow." }, "sourceUrl": { "type": "string", "description": "URL of the zip file to deploy from. Must be a URL to a resource in Google Cloud Storage in the form 'http(s)://storage.googleapis.com//'." } }, "type": "object", "required": [ "filesCount", "sourceUrl" ] }, "google-native:appengine/v1alpha:CertificateRawData": { "description": "An SSL certificate obtained from a certificate authority.", "properties": { "privateKey": { "type": "string", "description": "Unencrypted PEM encoded RSA private key. This field is set once on certificate creation and then encrypted. The key size must be 2048 bits or fewer. Must include the header and footer. Example: -----BEGIN RSA PRIVATE KEY----- -----END RSA PRIVATE KEY----- @InputOnly" }, "publicCertificate": { "type": "string", "description": "PEM encoded x.509 public key certificate. This field is set once on certificate creation. Must include the header and footer. Example: -----BEGIN CERTIFICATE----- -----END CERTIFICATE----- " } }, "type": "object" }, "google-native:appengine/v1alpha:CertificateRawDataResponse": { "description": "An SSL certificate obtained from a certificate authority.", "properties": { "privateKey": { "type": "string", "description": "Unencrypted PEM encoded RSA private key. This field is set once on certificate creation and then encrypted. The key size must be 2048 bits or fewer. Must include the header and footer. Example: -----BEGIN RSA PRIVATE KEY----- -----END RSA PRIVATE KEY----- @InputOnly" }, "publicCertificate": { "type": "string", "description": "PEM encoded x.509 public key certificate. This field is set once on certificate creation. Must include the header and footer. Example: -----BEGIN CERTIFICATE----- -----END CERTIFICATE----- " } }, "type": "object", "required": [ "privateKey", "publicCertificate" ] }, "google-native:appengine/v1alpha:ManagedCertificateResponse": { "description": "A certificate managed by App Engine.", "properties": { "lastRenewalTime": { "type": "string", "description": "Time at which the certificate was last renewed. The renewal process is fully managed. Certificate renewal will automatically occur before the certificate expires. Renewal errors can be tracked via ManagementStatus." }, "status": { "type": "string", "description": "Status of certificate management. Refers to the most recent certificate acquisition or renewal attempt." } }, "type": "object", "required": [ "lastRenewalTime", "status" ] }, "google-native:appengine/v1alpha:ResourceRecordResponse": { "description": "A DNS resource record.", "properties": { "name": { "type": "string", "description": "Relative name of the object affected by this record. Only applicable for CNAME records. Example: 'www'." }, "rrdata": { "type": "string", "description": "Data for this record. Values vary by record type, as defined in RFC 1035 (section 5) and RFC 1034 (section 3.6.1)." }, "type": { "type": "string", "description": "Resource record type. Example: AAAA." } }, "type": "object", "required": [ "name", "rrdata", "type" ] }, "google-native:appengine/v1alpha:SslSettings": { "description": "SSL configuration for a DomainMapping resource.", "properties": { "certificateId": { "type": "string", "description": "ID of the AuthorizedCertificate resource configuring SSL for the application. Clearing this field will remove SSL support.By default, a managed certificate is automatically created for every domain mapping. To omit SSL support or to configure SSL manually, specify no_managed_certificate on a CREATE or UPDATE request. You must be authorized to administer the AuthorizedCertificate resource to manually map it to a DomainMapping resource. Example: 12345." } }, "type": "object" }, "google-native:appengine/v1alpha:SslSettingsResponse": { "description": "SSL configuration for a DomainMapping resource.", "properties": { "certificateId": { "type": "string", "description": "ID of the AuthorizedCertificate resource configuring SSL for the application. Clearing this field will remove SSL support.By default, a managed certificate is automatically created for every domain mapping. To omit SSL support or to configure SSL manually, specify no_managed_certificate on a CREATE or UPDATE request. You must be authorized to administer the AuthorizedCertificate resource to manually map it to a DomainMapping resource. Example: 12345." }, "isManagedCertificate": { "type": "boolean", "description": "Whether the mapped certificate is an App Engine managed certificate. Managed certificates are created by default with a domain mapping. To opt out, specify no_managed_certificate on a CREATE or UPDATE request." } }, "type": "object", "required": [ "certificateId", "isManagedCertificate" ] }, "google-native:appengine/v1beta:ApiConfigHandler": { "description": "Google Cloud Endpoints (https://cloud.google.com/endpoints) configuration for API handlers.", "properties": { "authFailAction": { "$ref": "#/types/google-native:appengine%2Fv1beta:ApiConfigHandlerAuthFailAction", "description": "Action to take when users access resources that require authentication. Defaults to redirect." }, "login": { "$ref": "#/types/google-native:appengine%2Fv1beta:ApiConfigHandlerLogin", "description": "Level of login required to access this resource. Defaults to optional." }, "script": { "type": "string", "description": "Path to the script from the application root directory." }, "securityLevel": { "$ref": "#/types/google-native:appengine%2Fv1beta:ApiConfigHandlerSecurityLevel", "description": "Security (HTTPS) enforcement for this URL." }, "url": { "type": "string", "description": "URL to serve the endpoint at." } }, "type": "object" }, "google-native:appengine/v1beta:ApiConfigHandlerAuthFailAction": { "description": "Action to take when users access resources that require authentication. Defaults to redirect.", "type": "string", "enum": [ { "name": "AuthFailActionUnspecified", "description": "Not specified. AUTH_FAIL_ACTION_REDIRECT is assumed.", "value": "AUTH_FAIL_ACTION_UNSPECIFIED" }, { "name": "AuthFailActionRedirect", "description": "Redirects user to \"accounts.google.com\". The user is redirected back to the application URL after signing in or creating an account.", "value": "AUTH_FAIL_ACTION_REDIRECT" }, { "name": "AuthFailActionUnauthorized", "description": "Rejects request with a 401 HTTP status code and an error message.", "value": "AUTH_FAIL_ACTION_UNAUTHORIZED" } ] }, "google-native:appengine/v1beta:ApiConfigHandlerLogin": { "description": "Level of login required to access this resource. Defaults to optional.", "type": "string", "enum": [ { "name": "LoginUnspecified", "description": "Not specified. LOGIN_OPTIONAL is assumed.", "value": "LOGIN_UNSPECIFIED" }, { "name": "LoginOptional", "description": "Does not require that the user is signed in.", "value": "LOGIN_OPTIONAL" }, { "name": "LoginAdmin", "description": "If the user is not signed in, the auth_fail_action is taken. In addition, if the user is not an administrator for the application, they are given an error message regardless of auth_fail_action. If the user is an administrator, the handler proceeds.", "value": "LOGIN_ADMIN" }, { "name": "LoginRequired", "description": "If the user has signed in, the handler proceeds normally. Otherwise, the auth_fail_action is taken.", "value": "LOGIN_REQUIRED" } ] }, "google-native:appengine/v1beta:ApiConfigHandlerResponse": { "description": "Google Cloud Endpoints (https://cloud.google.com/endpoints) configuration for API handlers.", "properties": { "authFailAction": { "type": "string", "description": "Action to take when users access resources that require authentication. Defaults to redirect." }, "login": { "type": "string", "description": "Level of login required to access this resource. Defaults to optional." }, "script": { "type": "string", "description": "Path to the script from the application root directory." }, "securityLevel": { "type": "string", "description": "Security (HTTPS) enforcement for this URL." }, "url": { "type": "string", "description": "URL to serve the endpoint at." } }, "type": "object", "required": [ "authFailAction", "login", "script", "securityLevel", "url" ] }, "google-native:appengine/v1beta:ApiConfigHandlerSecurityLevel": { "description": "Security (HTTPS) enforcement for this URL.", "type": "string", "enum": [ { "name": "SecureUnspecified", "description": "Not specified.", "value": "SECURE_UNSPECIFIED" }, { "name": "SecureDefault", "description": "Both HTTP and HTTPS requests with URLs that match the handler succeed without redirects. The application can examine the request to determine which protocol was used, and respond accordingly.", "value": "SECURE_DEFAULT" }, { "name": "SecureNever", "description": "Requests for a URL that match this handler that use HTTPS are automatically redirected to the HTTP equivalent URL.", "value": "SECURE_NEVER" }, { "name": "SecureOptional", "description": "Both HTTP and HTTPS requests with URLs that match the handler succeed without redirects. The application can examine the request to determine which protocol was used and respond accordingly.", "value": "SECURE_OPTIONAL" }, { "name": "SecureAlways", "description": "Requests for a URL that match this handler that do not use HTTPS are automatically redirected to the HTTPS URL with the same path. Query parameters are reserved for the redirect.", "value": "SECURE_ALWAYS" } ] }, "google-native:appengine/v1beta:ApiEndpointHandler": { "description": "Uses Google Cloud Endpoints to handle requests.", "properties": { "scriptPath": { "type": "string", "description": "Path to the script from the application root directory." } }, "type": "object" }, "google-native:appengine/v1beta:ApiEndpointHandlerResponse": { "description": "Uses Google Cloud Endpoints to handle requests.", "properties": { "scriptPath": { "type": "string", "description": "Path to the script from the application root directory." } }, "type": "object", "required": [ "scriptPath" ] }, "google-native:appengine/v1beta:AppDatabaseType": { "description": "The type of the Cloud Firestore or Cloud Datastore database associated with this application.", "type": "string", "enum": [ { "name": "DatabaseTypeUnspecified", "description": "Database type is unspecified.", "value": "DATABASE_TYPE_UNSPECIFIED" }, { "name": "CloudDatastore", "description": "Cloud Datastore", "value": "CLOUD_DATASTORE" }, { "name": "CloudFirestore", "description": "Cloud Firestore Native", "value": "CLOUD_FIRESTORE" }, { "name": "CloudDatastoreCompatibility", "description": "Cloud Firestore in Datastore Mode", "value": "CLOUD_DATASTORE_COMPATIBILITY" } ] }, "google-native:appengine/v1beta:AppServingStatus": { "description": "Serving status of this application.", "type": "string", "enum": [ { "name": "Unspecified", "description": "Serving status is unspecified.", "value": "UNSPECIFIED" }, { "name": "Serving", "description": "Application is serving.", "value": "SERVING" }, { "name": "UserDisabled", "description": "Application has been disabled by the user.", "value": "USER_DISABLED" }, { "name": "SystemDisabled", "description": "Application has been disabled by the system.", "value": "SYSTEM_DISABLED" } ] }, "google-native:appengine/v1beta:AutomaticScaling": { "description": "Automatic scaling is based on request rate, response latencies, and other application metrics.", "properties": { "coolDownPeriod": { "type": "string", "description": "The time period that the Autoscaler (https://cloud.google.com/compute/docs/autoscaler/) should wait before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. Only applicable in the App Engine flexible environment." }, "cpuUtilization": { "$ref": "#/types/google-native:appengine%2Fv1beta:CpuUtilization", "description": "Target scaling by CPU usage." }, "customMetrics": { "type": "array", "items": { "$ref": "#/types/google-native:appengine%2Fv1beta:CustomMetric" }, "description": "Target scaling by user-provided metrics. Only applicable in the App Engine flexible environment." }, "diskUtilization": { "$ref": "#/types/google-native:appengine%2Fv1beta:DiskUtilization", "description": "Target scaling by disk usage." }, "maxConcurrentRequests": { "type": "integer", "description": "Number of concurrent requests an automatic scaling instance can accept before the scheduler spawns a new instance.Defaults to a runtime-specific value." }, "maxIdleInstances": { "type": "integer", "description": "Maximum number of idle instances that should be maintained for this version." }, "maxPendingLatency": { "type": "string", "description": "Maximum amount of time that a request should wait in the pending queue before starting a new instance to handle it." }, "maxTotalInstances": { "type": "integer", "description": "Maximum number of instances that should be started to handle requests for this version." }, "minIdleInstances": { "type": "integer", "description": "Minimum number of idle instances that should be maintained for this version. Only applicable for the default version of a service." }, "minPendingLatency": { "type": "string", "description": "Minimum amount of time a request should wait in the pending queue before starting a new instance to handle it." }, "minTotalInstances": { "type": "integer", "description": "Minimum number of running instances that should be maintained for this version." }, "networkUtilization": { "$ref": "#/types/google-native:appengine%2Fv1beta:NetworkUtilization", "description": "Target scaling by network usage." }, "requestUtilization": { "$ref": "#/types/google-native:appengine%2Fv1beta:RequestUtilization", "description": "Target scaling by request utilization." }, "standardSchedulerSettings": { "$ref": "#/types/google-native:appengine%2Fv1beta:StandardSchedulerSettings", "description": "Scheduler settings for standard environment." } }, "type": "object" }, "google-native:appengine/v1beta:AutomaticScalingResponse": { "description": "Automatic scaling is based on request rate, response latencies, and other application metrics.", "properties": { "coolDownPeriod": { "type": "string", "description": "The time period that the Autoscaler (https://cloud.google.com/compute/docs/autoscaler/) should wait before it starts collecting information from a new instance. This prevents the autoscaler from collecting information when the instance is initializing, during which the collected usage would not be reliable. Only applicable in the App Engine flexible environment." }, "cpuUtilization": { "$ref": "#/types/google-native:appengine%2Fv1beta:CpuUtilizationResponse", "description": "Target scaling by CPU usage." }, "customMetrics": { "type": "array", "items": { "$ref": "#/types/google-native:appengine%2Fv1beta:CustomMetricResponse" }, "description": "Target scaling by user-provided metrics. Only applicable in the App Engine flexible environment." }, "diskUtilization": { "$ref": "#/types/google-native:appengine%2Fv1beta:DiskUtilizationResponse", "description": "Target scaling by disk usage." }, "maxConcurrentRequests": { "type": "integer", "description": "Number of concurrent requests an automatic scaling instance can accept before the scheduler spawns a new instance.Defaults to a runtime-specific value." }, "maxIdleInstances": { "type": "integer", "description": "Maximum number of idle instances that should be maintained for this version." }, "maxPendingLatency": { "type": "string", "description": "Maximum amount of time that a request should wait in the pending queue before starting a new instance to handle it." }, "maxTotalInstances": { "type": "integer", "description": "Maximum number of instances that should be started to handle requests for this version." }, "minIdleInstances": { "type": "integer", "description": "Minimum number of idle instances that should be maintained for this version. Only applicable for the default version of a service." }, "minPendingLatency": { "type": "string", "description": "Minimum amount of time a request should wait in the pending queue before starting a new instance to handle it." }, "minTotalInstances": { "type": "integer", "description": "Minimum number of running instances that should be maintained for this version." }, "networkUtilization": { "$ref": "#/types/google-native:appengine%2Fv1beta:NetworkUtilizationResponse", "description": "Target scaling by network usage." }, "requestUtilization": { "$ref": "#/types/google-native:appengine%2Fv1beta:RequestUtilizationResponse", "description": "Target scaling by request utilization." }, "standardSchedulerSettings": { "$ref": "#/types/google-native:appengine%2Fv1beta:StandardSchedulerSettingsResponse", "description": "Scheduler settings for standard environment." } }, "type": "object", "required": [ "coolDownPeriod", "cpuUtilization", "customMetrics", "diskUtilization", "maxConcurrentRequests", "maxIdleInstances", "maxPendingLatency", "maxTotalInstances", "minIdleInstances", "minPendingLatency", "minTotalInstances", "networkUtilization", "requestUtilization", "standardSchedulerSettings" ] }, "google-native:appengine/v1beta:BasicScaling": { "description": "A service with basic scaling will create an instance when the application receives a request. The instance will be turned down when the app becomes idle. Basic scaling is ideal for work that is intermittent or driven by user activity.", "properties": { "idleTimeout": { "type": "string", "description": "Duration of time after the last request that an instance must wait before the instance is shut down." }, "maxInstances": { "type": "integer", "description": "Maximum number of instances to create for this version." } }, "type": "object" }, "google-native:appengine/v1beta:BasicScalingResponse": { "description": "A service with basic scaling will create an instance when the application receives a request. The instance will be turned down when the app becomes idle. Basic scaling is ideal for work that is intermittent or driven by user activity.", "properties": { "idleTimeout": { "type": "string", "description": "Duration of time after the last request that an instance must wait before the instance is shut down." }, "maxInstances": { "type": "integer", "description": "Maximum number of instances to create for this version." } }, "type": "object", "required": [ "idleTimeout", "maxInstances" ] }, "google-native:appengine/v1beta:BuildInfo": { "description": "Google Cloud Build information.", "properties": { "cloudBuildId": { "type": "string", "description": "The Google Cloud Build id. Example: \"f966068f-08b2-42c8-bdfe-74137dff2bf9\"" } }, "type": "object" }, "google-native:appengine/v1beta:BuildInfoResponse": { "description": "Google Cloud Build information.", "properties": { "cloudBuildId": { "type": "string", "description": "The Google Cloud Build id. Example: \"f966068f-08b2-42c8-bdfe-74137dff2bf9\"" } }, "type": "object", "required": [ "cloudBuildId" ] }, "google-native:appengine/v1beta:CertificateRawData": { "description": "An SSL certificate obtained from a certificate authority.", "properties": { "privateKey": { "type": "string", "description": "Unencrypted PEM encoded RSA private key. This field is set once on certificate creation and then encrypted. The key size must be 2048 bits or fewer. Must include the header and footer. Example: -----BEGIN RSA PRIVATE KEY----- -----END RSA PRIVATE KEY----- @InputOnly" }, "publicCertificate": { "type": "string", "description": "PEM encoded x.509 public key certificate. This field is set once on certificate creation. Must include the header and footer. Example: -----BEGIN CERTIFICATE----- -----END CERTIFICATE----- " } }, "type": "object" }, "google-native:appengine/v1beta:CertificateRawDataResponse": { "description": "An SSL certificate obtained from a certificate authority.", "properties": { "privateKey": { "type": "string", "description": "Unencrypted PEM encoded RSA private key. This field is set once on certificate creation and then encrypted. The key size must be 2048 bits or fewer. Must include the header and footer. Example: -----BEGIN RSA PRIVATE KEY----- -----END RSA PRIVATE KEY----- @InputOnly" }, "publicCertificate": { "type": "string", "description": "PEM encoded x.509 public key certificate. This field is set once on certificate creation. Must include the header and footer. Example: -----BEGIN CERTIFICATE----- -----END CERTIFICATE----- " } }, "type": "object", "required": [ "privateKey", "publicCertificate" ] }, "google-native:appengine/v1beta:CloudBuildOptions": { "description": "Options for the build operations performed as a part of the version deployment. Only applicable for App Engine flexible environment when creating a version using source code directly.", "properties": { "appYamlPath": { "type": "string", "description": "Path to the yaml file used in deployment, used to determine runtime configuration details.Required for flexible environment builds.See https://cloud.google.com/appengine/docs/standard/python/config/appref for more details." }, "cloudBuildTimeout": { "type": "string", "description": "The Cloud Build timeout used as part of any dependent builds performed by version creation. Defaults to 10 minutes." } }, "type": "object" }, "google-native:appengine/v1beta:CloudBuildOptionsResponse": { "description": "Options for the build operations performed as a part of the version deployment. Only applicable for App Engine flexible environment when creating a version using source code directly.", "properties": { "appYamlPath": { "type": "string", "description": "Path to the yaml file used in deployment, used to determine runtime configuration details.Required for flexible environment builds.See https://cloud.google.com/appengine/docs/standard/python/config/appref for more details." }, "cloudBuildTimeout": { "type": "string", "description": "The Cloud Build timeout used as part of any dependent builds performed by version creation. Defaults to 10 minutes." } }, "type": "object", "required": [ "appYamlPath", "cloudBuildTimeout" ] }, "google-native:appengine/v1beta:ContainerInfo": { "description": "Docker image that is used to create a container and start a VM instance for the version that you deploy. Only applicable for instances running in the App Engine flexible environment.", "properties": { "image": { "type": "string", "description": "URI to the hosted container image in Google Container Registry. The URI must be fully qualified and include a tag or digest. Examples: \"gcr.io/my-project/image:tag\" or \"gcr.io/my-project/image@digest\"" } }, "type": "object" }, "google-native:appengine/v1beta:ContainerInfoResponse": { "description": "Docker image that is used to create a container and start a VM instance for the version that you deploy. Only applicable for instances running in the App Engine flexible environment.", "properties": { "image": { "type": "string", "description": "URI to the hosted container image in Google Container Registry. The URI must be fully qualified and include a tag or digest. Examples: \"gcr.io/my-project/image:tag\" or \"gcr.io/my-project/image@digest\"" } }, "type": "object", "required": [ "image" ] }, "google-native:appengine/v1beta:CpuUtilization": { "description": "Target scaling by CPU usage.", "properties": { "aggregationWindowLength": { "type": "string", "description": "Period of time over which CPU utilization is calculated." }, "targetUtilization": { "type": "number", "description": "Target CPU utilization ratio to maintain when scaling. Must be between 0 and 1." } }, "type": "object" }, "google-native:appengine/v1beta:CpuUtilizationResponse": { "description": "Target scaling by CPU usage.", "properties": { "aggregationWindowLength": { "type": "string", "description": "Period of time over which CPU utilization is calculated." }, "targetUtilization": { "type": "number", "description": "Target CPU utilization ratio to maintain when scaling. Must be between 0 and 1." } }, "type": "object", "required": [ "aggregationWindowLength", "targetUtilization" ] }, "google-native:appengine/v1beta:CustomMetric": { "description": "Allows autoscaling based on Stackdriver metrics.", "properties": { "filter": { "type": "string", "description": "Allows filtering on the metric's fields." }, "metricName": { "type": "string", "description": "The name of the metric." }, "singleInstanceAssignment": { "type": "number", "description": "May be used instead of target_utilization when an instance can handle a specific amount of work/resources and the metric value is equal to the current amount of work remaining. The autoscaler will try to keep the number of instances equal to the metric value divided by single_instance_assignment." }, "targetType": { "type": "string", "description": "The type of the metric. Must be a string representing a Stackdriver metric type e.g. GAGUE, DELTA_PER_SECOND, etc." }, "targetUtilization": { "type": "number", "description": "The target value for the metric." } }, "type": "object" }, "google-native:appengine/v1beta:CustomMetricResponse": { "description": "Allows autoscaling based on Stackdriver metrics.", "properties": { "filter": { "type": "string", "description": "Allows filtering on the metric's fields." }, "metricName": { "type": "string", "description": "The name of the metric." }, "singleInstanceAssignment": { "type": "number", "description": "May be used instead of target_utilization when an instance can handle a specific amount of work/resources and the metric value is equal to the current amount of work remaining. The autoscaler will try to keep the number of instances equal to the metric value divided by single_instance_assignment." }, "targetType": { "type": "string", "description": "The type of the metric. Must be a string representing a Stackdriver metric type e.g. GAGUE, DELTA_PER_SECOND, etc." }, "targetUtilization": { "type": "number", "description": "The target value for the metric." } }, "type": "object", "required": [ "filter", "metricName", "singleInstanceAssignment", "targetType", "targetUtilization" ] }, "google-native:appengine/v1beta:Deployment": { "description": "Code and application artifacts used to deploy a version to App Engine.", "properties": { "build": { "$ref": "#/types/google-native:appengine%2Fv1beta:BuildInfo", "description": "Google Cloud Build build information. Only applicable for instances running in the App Engine flexible environment." }, "cloudBuildOptions": { "$ref": "#/types/google-native:appengine%2Fv1beta:CloudBuildOptions", "description": "Options for any Google Cloud Build builds created as a part of this deployment.These options will only be used if a new build is created, such as when deploying to the App Engine flexible environment using files or zip." }, "container": { "$ref": "#/types/google-native:appengine%2Fv1beta:ContainerInfo", "description": "The Docker image for the container that runs the version. Only applicable for instances running in the App Engine flexible environment." }, "files": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Manifest of the files stored in Google Cloud Storage that are included as part of this version. All files must be readable using the credentials supplied with this call." }, "zip": { "$ref": "#/types/google-native:appengine%2Fv1beta:ZipInfo", "description": "The zip file for this deployment, if this is a zip deployment." } }, "type": "object" }, "google-native:appengine/v1beta:DeploymentResponse": { "description": "Code and application artifacts used to deploy a version to App Engine.", "properties": { "build": { "$ref": "#/types/google-native:appengine%2Fv1beta:BuildInfoResponse", "description": "Google Cloud Build build information. Only applicable for instances running in the App Engine flexible environment." }, "cloudBuildOptions": { "$ref": "#/types/google-native:appengine%2Fv1beta:CloudBuildOptionsResponse", "description": "Options for any Google Cloud Build builds created as a part of this deployment.These options will only be used if a new build is created, such as when deploying to the App Engine flexible environment using files or zip." }, "container": { "$ref": "#/types/google-native:appengine%2Fv1beta:ContainerInfoResponse", "description": "The Docker image for the container that runs the version. Only applicable for instances running in the App Engine flexible environment." }, "files": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Manifest of the files stored in Google Cloud Storage that are included as part of this version. All files must be readable using the credentials supplied with this call." }, "zip": { "$ref": "#/types/google-native:appengine%2Fv1beta:ZipInfoResponse", "description": "The zip file for this deployment, if this is a zip deployment." } }, "type": "object", "required": [ "build", "cloudBuildOptions", "container", "files", "zip" ] }, "google-native:appengine/v1beta:DiskUtilization": { "description": "Target scaling by disk usage. Only applicable in the App Engine flexible environment.", "properties": { "targetReadBytesPerSecond": { "type": "integer", "description": "Target bytes read per second." }, "targetReadOpsPerSecond": { "type": "integer", "description": "Target ops read per seconds." }, "targetWriteBytesPerSecond": { "type": "integer", "description": "Target bytes written per second." }, "targetWriteOpsPerSecond": { "type": "integer", "description": "Target ops written per second." } }, "type": "object" }, "google-native:appengine/v1beta:DiskUtilizationResponse": { "description": "Target scaling by disk usage. Only applicable in the App Engine flexible environment.", "properties": { "targetReadBytesPerSecond": { "type": "integer", "description": "Target bytes read per second." }, "targetReadOpsPerSecond": { "type": "integer", "description": "Target ops read per seconds." }, "targetWriteBytesPerSecond": { "type": "integer", "description": "Target bytes written per second." }, "targetWriteOpsPerSecond": { "type": "integer", "description": "Target ops written per second." } }, "type": "object", "required": [ "targetReadBytesPerSecond", "targetReadOpsPerSecond", "targetWriteBytesPerSecond", "targetWriteOpsPerSecond" ] }, "google-native:appengine/v1beta:EndpointsApiService": { "description": "Google Cloud Endpoints (https://cloud.google.com/endpoints) configuration. The Endpoints API Service provides tooling for serving Open API and gRPC endpoints via an NGINX proxy. Only valid for App Engine Flexible environment deployments.The fields here refer to the name and configuration ID of a \"service\" resource in the Service Management API (https://cloud.google.com/service-management/overview).", "properties": { "configId": { "type": "string", "description": "Endpoints service configuration ID as specified by the Service Management API. For example \"2016-09-19r1\".By default, the rollout strategy for Endpoints is RolloutStrategy.FIXED. This means that Endpoints starts up with a particular configuration ID. When a new configuration is rolled out, Endpoints must be given the new configuration ID. The config_id field is used to give the configuration ID and is required in this case.Endpoints also has a rollout strategy called RolloutStrategy.MANAGED. When using this, Endpoints fetches the latest configuration and does not need the configuration ID. In this case, config_id must be omitted." }, "disableTraceSampling": { "type": "boolean", "description": "Enable or disable trace sampling. By default, this is set to false for enabled." }, "name": { "type": "string", "description": "Endpoints service name which is the name of the \"service\" resource in the Service Management API. For example \"myapi.endpoints.myproject.cloud.goog\"" }, "rolloutStrategy": { "$ref": "#/types/google-native:appengine%2Fv1beta:EndpointsApiServiceRolloutStrategy", "description": "Endpoints rollout strategy. If FIXED, config_id must be specified. If MANAGED, config_id must be omitted." } }, "type": "object" }, "google-native:appengine/v1beta:EndpointsApiServiceResponse": { "description": "Google Cloud Endpoints (https://cloud.google.com/endpoints) configuration. The Endpoints API Service provides tooling for serving Open API and gRPC endpoints via an NGINX proxy. Only valid for App Engine Flexible environment deployments.The fields here refer to the name and configuration ID of a \"service\" resource in the Service Management API (https://cloud.google.com/service-management/overview).", "properties": { "configId": { "type": "string", "description": "Endpoints service configuration ID as specified by the Service Management API. For example \"2016-09-19r1\".By default, the rollout strategy for Endpoints is RolloutStrategy.FIXED. This means that Endpoints starts up with a particular configuration ID. When a new configuration is rolled out, Endpoints must be given the new configuration ID. The config_id field is used to give the configuration ID and is required in this case.Endpoints also has a rollout strategy called RolloutStrategy.MANAGED. When using this, Endpoints fetches the latest configuration and does not need the configuration ID. In this case, config_id must be omitted." }, "disableTraceSampling": { "type": "boolean", "description": "Enable or disable trace sampling. By default, this is set to false for enabled." }, "name": { "type": "string", "description": "Endpoints service name which is the name of the \"service\" resource in the Service Management API. For example \"myapi.endpoints.myproject.cloud.goog\"" }, "rolloutStrategy": { "type": "string", "description": "Endpoints rollout strategy. If FIXED, config_id must be specified. If MANAGED, config_id must be omitted." } }, "type": "object", "required": [ "configId", "disableTraceSampling", "name", "rolloutStrategy" ] }, "google-native:appengine/v1beta:EndpointsApiServiceRolloutStrategy": { "description": "Endpoints rollout strategy. If FIXED, config_id must be specified. If MANAGED, config_id must be omitted.", "type": "string", "enum": [ { "name": "UnspecifiedRolloutStrategy", "description": "Not specified. Defaults to FIXED.", "value": "UNSPECIFIED_ROLLOUT_STRATEGY" }, { "name": "Fixed", "description": "Endpoints service configuration ID will be fixed to the configuration ID specified by config_id.", "value": "FIXED" }, { "name": "Managed", "description": "Endpoints service configuration ID will be updated with each rollout.", "value": "MANAGED" } ] }, "google-native:appengine/v1beta:Entrypoint": { "description": "The entrypoint for the application.", "properties": { "shell": { "type": "string", "description": "The format should be a shell command that can be fed to bash -c." } }, "type": "object" }, "google-native:appengine/v1beta:EntrypointResponse": { "description": "The entrypoint for the application.", "properties": { "shell": { "type": "string", "description": "The format should be a shell command that can be fed to bash -c." } }, "type": "object", "required": [ "shell" ] }, "google-native:appengine/v1beta:ErrorHandler": { "description": "Custom static error page to be served when an error occurs.", "properties": { "errorCode": { "$ref": "#/types/google-native:appengine%2Fv1beta:ErrorHandlerErrorCode", "description": "Error condition this handler applies to." }, "mimeType": { "type": "string", "description": "MIME type of file. Defaults to text/html." }, "staticFile": { "type": "string", "description": "Static file content to be served for this error." } }, "type": "object" }, "google-native:appengine/v1beta:ErrorHandlerErrorCode": { "description": "Error condition this handler applies to.", "type": "string", "enum": [ { "name": "ErrorCodeUnspecified", "description": "Not specified. ERROR_CODE_DEFAULT is assumed.", "value": "ERROR_CODE_UNSPECIFIED" }, { "name": "ErrorCodeDefault", "description": "All other error types.", "value": "ERROR_CODE_DEFAULT" }, { "name": "ErrorCodeOverQuota", "description": "Application has exceeded a resource quota.", "value": "ERROR_CODE_OVER_QUOTA" }, { "name": "ErrorCodeDosApiDenial", "description": "Client blocked by the application's Denial of Service protection configuration.", "value": "ERROR_CODE_DOS_API_DENIAL" }, { "name": "ErrorCodeTimeout", "description": "Deadline reached before the application responds.", "value": "ERROR_CODE_TIMEOUT" } ] }, "google-native:appengine/v1beta:ErrorHandlerResponse": { "description": "Custom static error page to be served when an error occurs.", "properties": { "errorCode": { "type": "string", "description": "Error condition this handler applies to." }, "mimeType": { "type": "string", "description": "MIME type of file. Defaults to text/html." }, "staticFile": { "type": "string", "description": "Static file content to be served for this error." } }, "type": "object", "required": [ "errorCode", "mimeType", "staticFile" ] }, "google-native:appengine/v1beta:FeatureSettings": { "description": "The feature specific settings to be used in the application. These define behaviors that are user configurable.", "properties": { "splitHealthChecks": { "type": "boolean", "description": "Boolean value indicating if split health checks should be used instead of the legacy health checks. At an app.yaml level, this means defaulting to 'readiness_check' and 'liveness_check' values instead of 'health_check' ones. Once the legacy 'health_check' behavior is deprecated, and this value is always true, this setting can be removed." }, "useContainerOptimizedOs": { "type": "boolean", "description": "If true, use Container-Optimized OS (https://cloud.google.com/container-optimized-os/) base image for VMs, rather than a base Debian image." } }, "type": "object" }, "google-native:appengine/v1beta:FeatureSettingsResponse": { "description": "The feature specific settings to be used in the application. These define behaviors that are user configurable.", "properties": { "splitHealthChecks": { "type": "boolean", "description": "Boolean value indicating if split health checks should be used instead of the legacy health checks. At an app.yaml level, this means defaulting to 'readiness_check' and 'liveness_check' values instead of 'health_check' ones. Once the legacy 'health_check' behavior is deprecated, and this value is always true, this setting can be removed." }, "useContainerOptimizedOs": { "type": "boolean", "description": "If true, use Container-Optimized OS (https://cloud.google.com/container-optimized-os/) base image for VMs, rather than a base Debian image." } }, "type": "object", "required": [ "splitHealthChecks", "useContainerOptimizedOs" ] }, "google-native:appengine/v1beta:FlexibleRuntimeSettings": { "description": "Runtime settings for the App Engine flexible environment.", "properties": { "operatingSystem": { "type": "string", "description": "The operating system of the application runtime." }, "runtimeVersion": { "type": "string", "description": "The runtime version of an App Engine flexible application." } }, "type": "object" }, "google-native:appengine/v1beta:FlexibleRuntimeSettingsResponse": { "description": "Runtime settings for the App Engine flexible environment.", "properties": { "operatingSystem": { "type": "string", "description": "The operating system of the application runtime." }, "runtimeVersion": { "type": "string", "description": "The runtime version of an App Engine flexible application." } }, "type": "object", "required": [ "operatingSystem", "runtimeVersion" ] }, "google-native:appengine/v1beta:HealthCheck": { "description": "Health checking configuration for VM instances. Unhealthy instances are killed and replaced with new instances. Only applicable for instances in App Engine flexible environment.", "properties": { "checkInterval": { "type": "string", "description": "Interval between health checks." }, "disableHealthCheck": { "type": "boolean", "description": "Whether to explicitly disable health checks for this instance." }, "healthyThreshold": { "type": "integer", "description": "Number of consecutive successful health checks required before receiving traffic." }, "host": { "type": "string", "description": "Host header to send when performing an HTTP health check. Example: \"myapp.appspot.com\"" }, "restartThreshold": { "type": "integer", "description": "Number of consecutive failed health checks required before an instance is restarted." }, "timeout": { "type": "string", "description": "Time before the health check is considered failed." }, "unhealthyThreshold": { "type": "integer", "description": "Number of consecutive failed health checks required before removing traffic." } }, "type": "object" }, "google-native:appengine/v1beta:HealthCheckResponse": { "description": "Health checking configuration for VM instances. Unhealthy instances are killed and replaced with new instances. Only applicable for instances in App Engine flexible environment.", "properties": { "checkInterval": { "type": "string", "description": "Interval between health checks." }, "disableHealthCheck": { "type": "boolean", "description": "Whether to explicitly disable health checks for this instance." }, "healthyThreshold": { "type": "integer", "description": "Number of consecutive successful health checks required before receiving traffic." }, "host": { "type": "string", "description": "Host header to send when performing an HTTP health check. Example: \"myapp.appspot.com\"" }, "restartThreshold": { "type": "integer", "description": "Number of consecutive failed health checks required before an instance is restarted." }, "timeout": { "type": "string", "description": "Time before the health check is considered failed." }, "unhealthyThreshold": { "type": "integer", "description": "Number of consecutive failed health checks required before removing traffic." } }, "type": "object", "required": [ "checkInterval", "disableHealthCheck", "healthyThreshold", "host", "restartThreshold", "timeout", "unhealthyThreshold" ] }, "google-native:appengine/v1beta:IdentityAwareProxy": { "description": "Identity-Aware Proxy", "properties": { "enabled": { "type": "boolean", "description": "Whether the serving infrastructure will authenticate and authorize all incoming requests.If true, the oauth2_client_id and oauth2_client_secret fields must be non-empty." }, "oauth2ClientId": { "type": "string", "description": "OAuth2 client ID to use for the authentication flow." }, "oauth2ClientSecret": { "type": "string", "description": "OAuth2 client secret to use for the authentication flow.For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2_client_secret_sha256 field.@InputOnly" } }, "type": "object" }, "google-native:appengine/v1beta:IdentityAwareProxyResponse": { "description": "Identity-Aware Proxy", "properties": { "enabled": { "type": "boolean", "description": "Whether the serving infrastructure will authenticate and authorize all incoming requests.If true, the oauth2_client_id and oauth2_client_secret fields must be non-empty." }, "oauth2ClientId": { "type": "string", "description": "OAuth2 client ID to use for the authentication flow." }, "oauth2ClientSecret": { "type": "string", "description": "OAuth2 client secret to use for the authentication flow.For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2_client_secret_sha256 field.@InputOnly" }, "oauth2ClientSecretSha256": { "type": "string", "description": "Hex-encoded SHA-256 hash of the client secret." } }, "type": "object", "required": [ "enabled", "oauth2ClientId", "oauth2ClientSecret", "oauth2ClientSecretSha256" ] }, "google-native:appengine/v1beta:IngressRuleAction": { "description": "The action to take on matched requests.", "type": "string", "enum": [ { "name": "UnspecifiedAction", "value": "UNSPECIFIED_ACTION" }, { "name": "Allow", "description": "Matching requests are allowed.", "value": "ALLOW" }, { "name": "Deny", "description": "Matching requests are denied.", "value": "DENY" } ] }, "google-native:appengine/v1beta:Library": { "description": "Third-party Python runtime library that is required by the application.", "properties": { "name": { "type": "string", "description": "Name of the library. Example: \"django\"." }, "version": { "type": "string", "description": "Version of the library to select, or \"latest\"." } }, "type": "object" }, "google-native:appengine/v1beta:LibraryResponse": { "description": "Third-party Python runtime library that is required by the application.", "properties": { "name": { "type": "string", "description": "Name of the library. Example: \"django\"." }, "version": { "type": "string", "description": "Version of the library to select, or \"latest\"." } }, "type": "object", "required": [ "name", "version" ] }, "google-native:appengine/v1beta:LivenessCheck": { "description": "Health checking configuration for VM instances. Unhealthy instances are killed and replaced with new instances.", "properties": { "checkInterval": { "type": "string", "description": "Interval between health checks." }, "failureThreshold": { "type": "integer", "description": "Number of consecutive failed checks required before considering the VM unhealthy." }, "host": { "type": "string", "description": "Host header to send when performing a HTTP Liveness check. Example: \"myapp.appspot.com\"" }, "initialDelay": { "type": "string", "description": "The initial delay before starting to execute the checks." }, "path": { "type": "string", "description": "The request path." }, "successThreshold": { "type": "integer", "description": "Number of consecutive successful checks required before considering the VM healthy." }, "timeout": { "type": "string", "description": "Time before the check is considered failed." } }, "type": "object" }, "google-native:appengine/v1beta:LivenessCheckResponse": { "description": "Health checking configuration for VM instances. Unhealthy instances are killed and replaced with new instances.", "properties": { "checkInterval": { "type": "string", "description": "Interval between health checks." }, "failureThreshold": { "type": "integer", "description": "Number of consecutive failed checks required before considering the VM unhealthy." }, "host": { "type": "string", "description": "Host header to send when performing a HTTP Liveness check. Example: \"myapp.appspot.com\"" }, "initialDelay": { "type": "string", "description": "The initial delay before starting to execute the checks." }, "path": { "type": "string", "description": "The request path." }, "successThreshold": { "type": "integer", "description": "Number of consecutive successful checks required before considering the VM healthy." }, "timeout": { "type": "string", "description": "Time before the check is considered failed." } }, "type": "object", "required": [ "checkInterval", "failureThreshold", "host", "initialDelay", "path", "successThreshold", "timeout" ] }, "google-native:appengine/v1beta:ManagedCertificateResponse": { "description": "A certificate managed by App Engine.", "properties": { "lastRenewalTime": { "type": "string", "description": "Time at which the certificate was last renewed. The renewal process is fully managed. Certificate renewal will automatically occur before the certificate expires. Renewal errors can be tracked via ManagementStatus." }, "status": { "type": "string", "description": "Status of certificate management. Refers to the most recent certificate acquisition or renewal attempt." } }, "type": "object", "required": [ "lastRenewalTime", "status" ] }, "google-native:appengine/v1beta:ManualScaling": { "description": "A service with manual scaling runs continuously, allowing you to perform complex initialization and rely on the state of its memory over time.", "properties": { "instances": { "type": "integer", "description": "Number of instances to assign to the service at the start. This number can later be altered by using the Modules API (https://cloud.google.com/appengine/docs/python/modules/functions) set_num_instances() function." } }, "type": "object" }, "google-native:appengine/v1beta:ManualScalingResponse": { "description": "A service with manual scaling runs continuously, allowing you to perform complex initialization and rely on the state of its memory over time.", "properties": { "instances": { "type": "integer", "description": "Number of instances to assign to the service at the start. This number can later be altered by using the Modules API (https://cloud.google.com/appengine/docs/python/modules/functions) set_num_instances() function." } }, "type": "object", "required": [ "instances" ] }, "google-native:appengine/v1beta:Network": { "description": "Extra network settings. Only applicable in the App Engine flexible environment.", "properties": { "forwardedPorts": { "type": "array", "items": { "type": "string" }, "description": "List of ports, or port pairs, to forward from the virtual machine to the application container. Only applicable in the App Engine flexible environment." }, "instanceIpMode": { "$ref": "#/types/google-native:appengine%2Fv1beta:NetworkInstanceIpMode", "description": "The IP mode for instances. Only applicable in the App Engine flexible environment." }, "instanceTag": { "type": "string", "description": "Tag to apply to the instance during creation. Only applicable in the App Engine flexible environment." }, "name": { "type": "string", "description": "Google Compute Engine network where the virtual machines are created. Specify the short name, not the resource path.Defaults to default." }, "sessionAffinity": { "type": "boolean", "description": "Enable session affinity. Only applicable in the App Engine flexible environment." }, "subnetworkName": { "type": "string", "description": "Google Cloud Platform sub-network where the virtual machines are created. Specify the short name, not the resource path.If a subnetwork name is specified, a network name will also be required unless it is for the default network. If the network that the instance is being created in is a Legacy network, then the IP address is allocated from the IPv4Range. If the network that the instance is being created in is an auto Subnet Mode Network, then only network name should be specified (not the subnetwork_name) and the IP address is created from the IPCidrRange of the subnetwork that exists in that zone for that network. If the network that the instance is being created in is a custom Subnet Mode Network, then the subnetwork_name must be specified and the IP address is created from the IPCidrRange of the subnetwork.If specified, the subnetwork must exist in the same region as the App Engine flexible environment application." } }, "type": "object" }, "google-native:appengine/v1beta:NetworkInstanceIpMode": { "description": "The IP mode for instances. Only applicable in the App Engine flexible environment.", "type": "string", "enum": [ { "name": "InstanceIpModeUnspecified", "description": "Unspecified is treated as EXTERNAL.", "value": "INSTANCE_IP_MODE_UNSPECIFIED" }, { "name": "External", "description": "Instances are created with both internal and external IP addresses.", "value": "EXTERNAL" }, { "name": "Internal", "description": "Instances are created with internal IP addresses only.", "value": "INTERNAL" } ] }, "google-native:appengine/v1beta:NetworkResponse": { "description": "Extra network settings. Only applicable in the App Engine flexible environment.", "properties": { "forwardedPorts": { "type": "array", "items": { "type": "string" }, "description": "List of ports, or port pairs, to forward from the virtual machine to the application container. Only applicable in the App Engine flexible environment." }, "instanceIpMode": { "type": "string", "description": "The IP mode for instances. Only applicable in the App Engine flexible environment." }, "instanceTag": { "type": "string", "description": "Tag to apply to the instance during creation. Only applicable in the App Engine flexible environment." }, "name": { "type": "string", "description": "Google Compute Engine network where the virtual machines are created. Specify the short name, not the resource path.Defaults to default." }, "sessionAffinity": { "type": "boolean", "description": "Enable session affinity. Only applicable in the App Engine flexible environment." }, "subnetworkName": { "type": "string", "description": "Google Cloud Platform sub-network where the virtual machines are created. Specify the short name, not the resource path.If a subnetwork name is specified, a network name will also be required unless it is for the default network. If the network that the instance is being created in is a Legacy network, then the IP address is allocated from the IPv4Range. If the network that the instance is being created in is an auto Subnet Mode Network, then only network name should be specified (not the subnetwork_name) and the IP address is created from the IPCidrRange of the subnetwork that exists in that zone for that network. If the network that the instance is being created in is a custom Subnet Mode Network, then the subnetwork_name must be specified and the IP address is created from the IPCidrRange of the subnetwork.If specified, the subnetwork must exist in the same region as the App Engine flexible environment application." } }, "type": "object", "required": [ "forwardedPorts", "instanceIpMode", "instanceTag", "name", "sessionAffinity", "subnetworkName" ] }, "google-native:appengine/v1beta:NetworkUtilization": { "description": "Target scaling by network usage. Only applicable in the App Engine flexible environment.", "properties": { "targetReceivedBytesPerSecond": { "type": "integer", "description": "Target bytes received per second." }, "targetReceivedPacketsPerSecond": { "type": "integer", "description": "Target packets received per second." }, "targetSentBytesPerSecond": { "type": "integer", "description": "Target bytes sent per second." }, "targetSentPacketsPerSecond": { "type": "integer", "description": "Target packets sent per second." } }, "type": "object" }, "google-native:appengine/v1beta:NetworkUtilizationResponse": { "description": "Target scaling by network usage. Only applicable in the App Engine flexible environment.", "properties": { "targetReceivedBytesPerSecond": { "type": "integer", "description": "Target bytes received per second." }, "targetReceivedPacketsPerSecond": { "type": "integer", "description": "Target packets received per second." }, "targetSentBytesPerSecond": { "type": "integer", "description": "Target bytes sent per second." }, "targetSentPacketsPerSecond": { "type": "integer", "description": "Target packets sent per second." } }, "type": "object", "required": [ "targetReceivedBytesPerSecond", "targetReceivedPacketsPerSecond", "targetSentBytesPerSecond", "targetSentPacketsPerSecond" ] }, "google-native:appengine/v1beta:ReadinessCheck": { "description": "Readiness checking configuration for VM instances. Unhealthy instances are removed from traffic rotation.", "properties": { "appStartTimeout": { "type": "string", "description": "A maximum time limit on application initialization, measured from moment the application successfully replies to a healthcheck until it is ready to serve traffic." }, "checkInterval": { "type": "string", "description": "Interval between health checks." }, "failureThreshold": { "type": "integer", "description": "Number of consecutive failed checks required before removing traffic." }, "host": { "type": "string", "description": "Host header to send when performing a HTTP Readiness check. Example: \"myapp.appspot.com\"" }, "path": { "type": "string", "description": "The request path." }, "successThreshold": { "type": "integer", "description": "Number of consecutive successful checks required before receiving traffic." }, "timeout": { "type": "string", "description": "Time before the check is considered failed." } }, "type": "object" }, "google-native:appengine/v1beta:ReadinessCheckResponse": { "description": "Readiness checking configuration for VM instances. Unhealthy instances are removed from traffic rotation.", "properties": { "appStartTimeout": { "type": "string", "description": "A maximum time limit on application initialization, measured from moment the application successfully replies to a healthcheck until it is ready to serve traffic." }, "checkInterval": { "type": "string", "description": "Interval between health checks." }, "failureThreshold": { "type": "integer", "description": "Number of consecutive failed checks required before removing traffic." }, "host": { "type": "string", "description": "Host header to send when performing a HTTP Readiness check. Example: \"myapp.appspot.com\"" }, "path": { "type": "string", "description": "The request path." }, "successThreshold": { "type": "integer", "description": "Number of consecutive successful checks required before receiving traffic." }, "timeout": { "type": "string", "description": "Time before the check is considered failed." } }, "type": "object", "required": [ "appStartTimeout", "checkInterval", "failureThreshold", "host", "path", "successThreshold", "timeout" ] }, "google-native:appengine/v1beta:RequestUtilization": { "description": "Target scaling by request utilization. Only applicable in the App Engine flexible environment.", "properties": { "targetConcurrentRequests": { "type": "integer", "description": "Target number of concurrent requests." }, "targetRequestCountPerSecond": { "type": "integer", "description": "Target requests per second." } }, "type": "object" }, "google-native:appengine/v1beta:RequestUtilizationResponse": { "description": "Target scaling by request utilization. Only applicable in the App Engine flexible environment.", "properties": { "targetConcurrentRequests": { "type": "integer", "description": "Target number of concurrent requests." }, "targetRequestCountPerSecond": { "type": "integer", "description": "Target requests per second." } }, "type": "object", "required": [ "targetConcurrentRequests", "targetRequestCountPerSecond" ] }, "google-native:appengine/v1beta:ResourceRecordResponse": { "description": "A DNS resource record.", "properties": { "name": { "type": "string", "description": "Relative name of the object affected by this record. Only applicable for CNAME records. Example: 'www'." }, "rrdata": { "type": "string", "description": "Data for this record. Values vary by record type, as defined in RFC 1035 (section 5) and RFC 1034 (section 3.6.1)." }, "type": { "type": "string", "description": "Resource record type. Example: AAAA." } }, "type": "object", "required": [ "name", "rrdata", "type" ] }, "google-native:appengine/v1beta:Resources": { "description": "Machine resources for a version.", "properties": { "cpu": { "type": "number", "description": "Number of CPU cores needed." }, "diskGb": { "type": "number", "description": "Disk size (GB) needed." }, "kmsKeyReference": { "type": "string", "description": "The name of the encryption key that is stored in Google Cloud KMS. Only should be used by Cloud Composer to encrypt the vm disk" }, "memoryGb": { "type": "number", "description": "Memory (GB) needed." }, "volumes": { "type": "array", "items": { "$ref": "#/types/google-native:appengine%2Fv1beta:Volume" }, "description": "User specified volumes." } }, "type": "object" }, "google-native:appengine/v1beta:ResourcesResponse": { "description": "Machine resources for a version.", "properties": { "cpu": { "type": "number", "description": "Number of CPU cores needed." }, "diskGb": { "type": "number", "description": "Disk size (GB) needed." }, "kmsKeyReference": { "type": "string", "description": "The name of the encryption key that is stored in Google Cloud KMS. Only should be used by Cloud Composer to encrypt the vm disk" }, "memoryGb": { "type": "number", "description": "Memory (GB) needed." }, "volumes": { "type": "array", "items": { "$ref": "#/types/google-native:appengine%2Fv1beta:VolumeResponse" }, "description": "User specified volumes." } }, "type": "object", "required": [ "cpu", "diskGb", "kmsKeyReference", "memoryGb", "volumes" ] }, "google-native:appengine/v1beta:ScriptHandler": { "description": "Executes a script to handle the request that matches the URL pattern.", "properties": { "scriptPath": { "type": "string", "description": "Path to the script from the application root directory." } }, "type": "object" }, "google-native:appengine/v1beta:ScriptHandlerResponse": { "description": "Executes a script to handle the request that matches the URL pattern.", "properties": { "scriptPath": { "type": "string", "description": "Path to the script from the application root directory." } }, "type": "object", "required": [ "scriptPath" ] }, "google-native:appengine/v1beta:SslSettings": { "description": "SSL configuration for a DomainMapping resource.", "properties": { "certificateId": { "type": "string", "description": "ID of the AuthorizedCertificate resource configuring SSL for the application. Clearing this field will remove SSL support.By default, a managed certificate is automatically created for every domain mapping. To omit SSL support or to configure SSL manually, specify SslManagementType.MANUAL on a CREATE or UPDATE request. You must be authorized to administer the AuthorizedCertificate resource to manually map it to a DomainMapping resource. Example: 12345." }, "sslManagementType": { "$ref": "#/types/google-native:appengine%2Fv1beta:SslSettingsSslManagementType", "description": "SSL management type for this domain. If AUTOMATIC, a managed certificate is automatically provisioned. If MANUAL, certificate_id must be manually specified in order to configure SSL for this domain." } }, "type": "object" }, "google-native:appengine/v1beta:SslSettingsResponse": { "description": "SSL configuration for a DomainMapping resource.", "properties": { "certificateId": { "type": "string", "description": "ID of the AuthorizedCertificate resource configuring SSL for the application. Clearing this field will remove SSL support.By default, a managed certificate is automatically created for every domain mapping. To omit SSL support or to configure SSL manually, specify SslManagementType.MANUAL on a CREATE or UPDATE request. You must be authorized to administer the AuthorizedCertificate resource to manually map it to a DomainMapping resource. Example: 12345." }, "pendingManagedCertificateId": { "type": "string", "description": "ID of the managed AuthorizedCertificate resource currently being provisioned, if applicable. Until the new managed certificate has been successfully provisioned, the previous SSL state will be preserved. Once the provisioning process completes, the certificate_id field will reflect the new managed certificate and this field will be left empty. To remove SSL support while there is still a pending managed certificate, clear the certificate_id field with an UpdateDomainMappingRequest." }, "sslManagementType": { "type": "string", "description": "SSL management type for this domain. If AUTOMATIC, a managed certificate is automatically provisioned. If MANUAL, certificate_id must be manually specified in order to configure SSL for this domain." } }, "type": "object", "required": [ "certificateId", "pendingManagedCertificateId", "sslManagementType" ] }, "google-native:appengine/v1beta:SslSettingsSslManagementType": { "description": "SSL management type for this domain. If AUTOMATIC, a managed certificate is automatically provisioned. If MANUAL, certificate_id must be manually specified in order to configure SSL for this domain.", "type": "string", "enum": [ { "name": "Automatic", "description": "SSL support for this domain is configured automatically. The mapped SSL certificate will be automatically renewed.", "value": "AUTOMATIC" }, { "name": "Manual", "description": "SSL support for this domain is configured manually by the user. Either the domain has no SSL support or a user-obtained SSL certificate has been explictly mapped to this domain.", "value": "MANUAL" } ] }, "google-native:appengine/v1beta:StandardSchedulerSettings": { "description": "Scheduler settings for standard environment.", "properties": { "maxInstances": { "type": "integer", "description": "Maximum number of instances to run for this version. Set to zero to disable max_instances configuration." }, "minInstances": { "type": "integer", "description": "Minimum number of instances to run for this version. Set to zero to disable min_instances configuration." }, "targetCpuUtilization": { "type": "number", "description": "Target CPU utilization ratio to maintain when scaling." }, "targetThroughputUtilization": { "type": "number", "description": "Target throughput utilization ratio to maintain when scaling" } }, "type": "object" }, "google-native:appengine/v1beta:StandardSchedulerSettingsResponse": { "description": "Scheduler settings for standard environment.", "properties": { "maxInstances": { "type": "integer", "description": "Maximum number of instances to run for this version. Set to zero to disable max_instances configuration." }, "minInstances": { "type": "integer", "description": "Minimum number of instances to run for this version. Set to zero to disable min_instances configuration." }, "targetCpuUtilization": { "type": "number", "description": "Target CPU utilization ratio to maintain when scaling." }, "targetThroughputUtilization": { "type": "number", "description": "Target throughput utilization ratio to maintain when scaling" } }, "type": "object", "required": [ "maxInstances", "minInstances", "targetCpuUtilization", "targetThroughputUtilization" ] }, "google-native:appengine/v1beta:StaticFilesHandler": { "description": "Files served directly to the user for a given URL, such as images, CSS stylesheets, or JavaScript source files. Static file handlers describe which files in the application directory are static files, and which URLs serve them.", "properties": { "applicationReadable": { "type": "boolean", "description": "Whether files should also be uploaded as code data. By default, files declared in static file handlers are uploaded as static data and are only served to end users; they cannot be read by the application. If enabled, uploads are charged against both your code and static data storage resource quotas." }, "expiration": { "type": "string", "description": "Time a static file served by this handler should be cached by web proxies and browsers." }, "httpHeaders": { "type": "object", "additionalProperties": { "type": "string" }, "description": "HTTP headers to use for all responses from these URLs." }, "mimeType": { "type": "string", "description": "MIME type used to serve all files served by this handler.Defaults to file-specific MIME types, which are derived from each file's filename extension." }, "path": { "type": "string", "description": "Path to the static files matched by the URL pattern, from the application root directory. The path can refer to text matched in groupings in the URL pattern." }, "requireMatchingFile": { "type": "boolean", "description": "Whether this handler should match the request if the file referenced by the handler does not exist." }, "uploadPathRegex": { "type": "string", "description": "Regular expression that matches the file paths for all files that should be referenced by this handler." } }, "type": "object" }, "google-native:appengine/v1beta:StaticFilesHandlerResponse": { "description": "Files served directly to the user for a given URL, such as images, CSS stylesheets, or JavaScript source files. Static file handlers describe which files in the application directory are static files, and which URLs serve them.", "properties": { "applicationReadable": { "type": "boolean", "description": "Whether files should also be uploaded as code data. By default, files declared in static file handlers are uploaded as static data and are only served to end users; they cannot be read by the application. If enabled, uploads are charged against both your code and static data storage resource quotas." }, "expiration": { "type": "string", "description": "Time a static file served by this handler should be cached by web proxies and browsers." }, "httpHeaders": { "type": "object", "additionalProperties": { "type": "string" }, "description": "HTTP headers to use for all responses from these URLs." }, "mimeType": { "type": "string", "description": "MIME type used to serve all files served by this handler.Defaults to file-specific MIME types, which are derived from each file's filename extension." }, "path": { "type": "string", "description": "Path to the static files matched by the URL pattern, from the application root directory. The path can refer to text matched in groupings in the URL pattern." }, "requireMatchingFile": { "type": "boolean", "description": "Whether this handler should match the request if the file referenced by the handler does not exist." }, "uploadPathRegex": { "type": "string", "description": "Regular expression that matches the file paths for all files that should be referenced by this handler." } }, "type": "object", "required": [ "applicationReadable", "expiration", "httpHeaders", "mimeType", "path", "requireMatchingFile", "uploadPathRegex" ] }, "google-native:appengine/v1beta:UrlDispatchRule": { "description": "Rules to match an HTTP request and dispatch that request to a service.", "properties": { "domain": { "type": "string", "description": "Domain name to match against. The wildcard \"*\" is supported if specified before a period: \"*.\".Defaults to matching all domains: \"*\"." }, "path": { "type": "string", "description": "Pathname within the host. Must start with a \"/\". A single \"*\" can be included at the end of the path.The sum of the lengths of the domain and path may not exceed 100 characters." }, "service": { "type": "string", "description": "Resource ID of a service in this application that should serve the matched request. The service must already exist. Example: default." } }, "type": "object" }, "google-native:appengine/v1beta:UrlDispatchRuleResponse": { "description": "Rules to match an HTTP request and dispatch that request to a service.", "properties": { "domain": { "type": "string", "description": "Domain name to match against. The wildcard \"*\" is supported if specified before a period: \"*.\".Defaults to matching all domains: \"*\"." }, "path": { "type": "string", "description": "Pathname within the host. Must start with a \"/\". A single \"*\" can be included at the end of the path.The sum of the lengths of the domain and path may not exceed 100 characters." }, "service": { "type": "string", "description": "Resource ID of a service in this application that should serve the matched request. The service must already exist. Example: default." } }, "type": "object", "required": [ "domain", "path", "service" ] }, "google-native:appengine/v1beta:UrlMap": { "description": "URL pattern and description of how the URL should be handled. App Engine can handle URLs by executing application code or by serving static files uploaded with the version, such as images, CSS, or JavaScript.", "properties": { "apiEndpoint": { "$ref": "#/types/google-native:appengine%2Fv1beta:ApiEndpointHandler", "description": "Uses API Endpoints to handle requests." }, "authFailAction": { "$ref": "#/types/google-native:appengine%2Fv1beta:UrlMapAuthFailAction", "description": "Action to take when users access resources that require authentication. Defaults to redirect." }, "login": { "$ref": "#/types/google-native:appengine%2Fv1beta:UrlMapLogin", "description": "Level of login required to access this resource. Not supported for Node.js in the App Engine standard environment." }, "redirectHttpResponseCode": { "$ref": "#/types/google-native:appengine%2Fv1beta:UrlMapRedirectHttpResponseCode", "description": "30x code to use when performing redirects for the secure field. Defaults to 302." }, "script": { "$ref": "#/types/google-native:appengine%2Fv1beta:ScriptHandler", "description": "Executes a script to handle the requests that match this URL pattern. Only the auto value is supported for Node.js in the App Engine standard environment, for example \"script\": \"auto\"." }, "securityLevel": { "$ref": "#/types/google-native:appengine%2Fv1beta:UrlMapSecurityLevel", "description": "Security (HTTPS) enforcement for this URL." }, "staticFiles": { "$ref": "#/types/google-native:appengine%2Fv1beta:StaticFilesHandler", "description": "Returns the contents of a file, such as an image, as the response." }, "urlRegex": { "type": "string", "description": "URL prefix. Uses regular expression syntax, which means regexp special characters must be escaped, but should not contain groupings. All URLs that begin with this prefix are handled by this handler, using the portion of the URL after the prefix as part of the file path." } }, "type": "object" }, "google-native:appengine/v1beta:UrlMapAuthFailAction": { "description": "Action to take when users access resources that require authentication. Defaults to redirect.", "type": "string", "enum": [ { "name": "AuthFailActionUnspecified", "description": "Not specified. AUTH_FAIL_ACTION_REDIRECT is assumed.", "value": "AUTH_FAIL_ACTION_UNSPECIFIED" }, { "name": "AuthFailActionRedirect", "description": "Redirects user to \"accounts.google.com\". The user is redirected back to the application URL after signing in or creating an account.", "value": "AUTH_FAIL_ACTION_REDIRECT" }, { "name": "AuthFailActionUnauthorized", "description": "Rejects request with a 401 HTTP status code and an error message.", "value": "AUTH_FAIL_ACTION_UNAUTHORIZED" } ] }, "google-native:appengine/v1beta:UrlMapLogin": { "description": "Level of login required to access this resource. Not supported for Node.js in the App Engine standard environment.", "type": "string", "enum": [ { "name": "LoginUnspecified", "description": "Not specified. LOGIN_OPTIONAL is assumed.", "value": "LOGIN_UNSPECIFIED" }, { "name": "LoginOptional", "description": "Does not require that the user is signed in.", "value": "LOGIN_OPTIONAL" }, { "name": "LoginAdmin", "description": "If the user is not signed in, the auth_fail_action is taken. In addition, if the user is not an administrator for the application, they are given an error message regardless of auth_fail_action. If the user is an administrator, the handler proceeds.", "value": "LOGIN_ADMIN" }, { "name": "LoginRequired", "description": "If the user has signed in, the handler proceeds normally. Otherwise, the auth_fail_action is taken.", "value": "LOGIN_REQUIRED" } ] }, "google-native:appengine/v1beta:UrlMapRedirectHttpResponseCode": { "description": "30x code to use when performing redirects for the secure field. Defaults to 302.", "type": "string", "enum": [ { "name": "RedirectHttpResponseCodeUnspecified", "description": "Not specified. 302 is assumed.", "value": "REDIRECT_HTTP_RESPONSE_CODE_UNSPECIFIED" }, { "name": "RedirectHttpResponseCode301", "description": "301 Moved Permanently code.", "value": "REDIRECT_HTTP_RESPONSE_CODE_301" }, { "name": "RedirectHttpResponseCode302", "description": "302 Moved Temporarily code.", "value": "REDIRECT_HTTP_RESPONSE_CODE_302" }, { "name": "RedirectHttpResponseCode303", "description": "303 See Other code.", "value": "REDIRECT_HTTP_RESPONSE_CODE_303" }, { "name": "RedirectHttpResponseCode307", "description": "307 Temporary Redirect code.", "value": "REDIRECT_HTTP_RESPONSE_CODE_307" } ] }, "google-native:appengine/v1beta:UrlMapResponse": { "description": "URL pattern and description of how the URL should be handled. App Engine can handle URLs by executing application code or by serving static files uploaded with the version, such as images, CSS, or JavaScript.", "properties": { "apiEndpoint": { "$ref": "#/types/google-native:appengine%2Fv1beta:ApiEndpointHandlerResponse", "description": "Uses API Endpoints to handle requests." }, "authFailAction": { "type": "string", "description": "Action to take when users access resources that require authentication. Defaults to redirect." }, "login": { "type": "string", "description": "Level of login required to access this resource. Not supported for Node.js in the App Engine standard environment." }, "redirectHttpResponseCode": { "type": "string", "description": "30x code to use when performing redirects for the secure field. Defaults to 302." }, "script": { "$ref": "#/types/google-native:appengine%2Fv1beta:ScriptHandlerResponse", "description": "Executes a script to handle the requests that match this URL pattern. Only the auto value is supported for Node.js in the App Engine standard environment, for example \"script\": \"auto\"." }, "securityLevel": { "type": "string", "description": "Security (HTTPS) enforcement for this URL." }, "staticFiles": { "$ref": "#/types/google-native:appengine%2Fv1beta:StaticFilesHandlerResponse", "description": "Returns the contents of a file, such as an image, as the response." }, "urlRegex": { "type": "string", "description": "URL prefix. Uses regular expression syntax, which means regexp special characters must be escaped, but should not contain groupings. All URLs that begin with this prefix are handled by this handler, using the portion of the URL after the prefix as part of the file path." } }, "type": "object", "required": [ "apiEndpoint", "authFailAction", "login", "redirectHttpResponseCode", "script", "securityLevel", "staticFiles", "urlRegex" ] }, "google-native:appengine/v1beta:UrlMapSecurityLevel": { "description": "Security (HTTPS) enforcement for this URL.", "type": "string", "enum": [ { "name": "SecureUnspecified", "description": "Not specified.", "value": "SECURE_UNSPECIFIED" }, { "name": "SecureDefault", "description": "Both HTTP and HTTPS requests with URLs that match the handler succeed without redirects. The application can examine the request to determine which protocol was used, and respond accordingly.", "value": "SECURE_DEFAULT" }, { "name": "SecureNever", "description": "Requests for a URL that match this handler that use HTTPS are automatically redirected to the HTTP equivalent URL.", "value": "SECURE_NEVER" }, { "name": "SecureOptional", "description": "Both HTTP and HTTPS requests with URLs that match the handler succeed without redirects. The application can examine the request to determine which protocol was used and respond accordingly.", "value": "SECURE_OPTIONAL" }, { "name": "SecureAlways", "description": "Requests for a URL that match this handler that do not use HTTPS are automatically redirected to the HTTPS URL with the same path. Query parameters are reserved for the redirect.", "value": "SECURE_ALWAYS" } ] }, "google-native:appengine/v1beta:VersionInboundServicesItem": { "type": "string", "enum": [ { "name": "InboundServiceUnspecified", "description": "Not specified.", "value": "INBOUND_SERVICE_UNSPECIFIED" }, { "name": "InboundServiceMail", "description": "Allows an application to receive mail.", "value": "INBOUND_SERVICE_MAIL" }, { "name": "InboundServiceMailBounce", "description": "Allows an application to receive email-bound notifications.", "value": "INBOUND_SERVICE_MAIL_BOUNCE" }, { "name": "InboundServiceXmppError", "description": "Allows an application to receive error stanzas.", "value": "INBOUND_SERVICE_XMPP_ERROR" }, { "name": "InboundServiceXmppMessage", "description": "Allows an application to receive instant messages.", "value": "INBOUND_SERVICE_XMPP_MESSAGE" }, { "name": "InboundServiceXmppSubscribe", "description": "Allows an application to receive user subscription POSTs.", "value": "INBOUND_SERVICE_XMPP_SUBSCRIBE" }, { "name": "InboundServiceXmppPresence", "description": "Allows an application to receive a user's chat presence.", "value": "INBOUND_SERVICE_XMPP_PRESENCE" }, { "name": "InboundServiceChannelPresence", "description": "Registers an application for notifications when a client connects or disconnects from a channel.", "value": "INBOUND_SERVICE_CHANNEL_PRESENCE" }, { "name": "InboundServiceWarmup", "description": "Enables warmup requests.", "value": "INBOUND_SERVICE_WARMUP" } ] }, "google-native:appengine/v1beta:VersionServingStatus": { "description": "Current serving status of this version. Only the versions with a SERVING status create instances and can be billed.SERVING_STATUS_UNSPECIFIED is an invalid value. Defaults to SERVING.", "type": "string", "enum": [ { "name": "ServingStatusUnspecified", "description": "Not specified.", "value": "SERVING_STATUS_UNSPECIFIED" }, { "name": "Serving", "description": "Currently serving. Instances are created according to the scaling settings of the version.", "value": "SERVING" }, { "name": "Stopped", "description": "Disabled. No instances will be created and the scaling settings are ignored until the state of the version changes to SERVING.", "value": "STOPPED" } ] }, "google-native:appengine/v1beta:Volume": { "description": "Volumes mounted within the app container. Only applicable in the App Engine flexible environment.", "properties": { "name": { "type": "string", "description": "Unique name for the volume." }, "sizeGb": { "type": "number", "description": "Volume size in gigabytes." }, "volumeType": { "type": "string", "description": "Underlying volume type, e.g. 'tmpfs'." } }, "type": "object" }, "google-native:appengine/v1beta:VolumeResponse": { "description": "Volumes mounted within the app container. Only applicable in the App Engine flexible environment.", "properties": { "name": { "type": "string", "description": "Unique name for the volume." }, "sizeGb": { "type": "number", "description": "Volume size in gigabytes." }, "volumeType": { "type": "string", "description": "Underlying volume type, e.g. 'tmpfs'." } }, "type": "object", "required": [ "name", "sizeGb", "volumeType" ] }, "google-native:appengine/v1beta:VpcAccessConnector": { "description": "VPC access connector specification.", "properties": { "egressSetting": { "$ref": "#/types/google-native:appengine%2Fv1beta:VpcAccessConnectorEgressSetting", "description": "The egress setting for the connector, controlling what traffic is diverted through it." }, "name": { "type": "string", "description": "Full Serverless VPC Access Connector name e.g. projects/my-project/locations/us-central1/connectors/c1." } }, "type": "object" }, "google-native:appengine/v1beta:VpcAccessConnectorEgressSetting": { "description": "The egress setting for the connector, controlling what traffic is diverted through it.", "type": "string", "enum": [ { "name": "EgressSettingUnspecified", "value": "EGRESS_SETTING_UNSPECIFIED" }, { "name": "AllTraffic", "description": "Force the use of VPC Access for all egress traffic from the function.", "value": "ALL_TRAFFIC" }, { "name": "PrivateIpRanges", "description": "Use the VPC Access Connector for private IP space from RFC1918.", "value": "PRIVATE_IP_RANGES" } ] }, "google-native:appengine/v1beta:VpcAccessConnectorResponse": { "description": "VPC access connector specification.", "properties": { "egressSetting": { "type": "string", "description": "The egress setting for the connector, controlling what traffic is diverted through it." }, "name": { "type": "string", "description": "Full Serverless VPC Access Connector name e.g. projects/my-project/locations/us-central1/connectors/c1." } }, "type": "object", "required": [ "egressSetting", "name" ] }, "google-native:appengine/v1beta:ZipInfo": { "description": "The zip file information for a zip deployment.", "properties": { "filesCount": { "type": "integer", "description": "An estimate of the number of files in a zip for a zip deployment. If set, must be greater than or equal to the actual number of files. Used for optimizing performance; if not provided, deployment may be slow." }, "sourceUrl": { "type": "string", "description": "URL of the zip file to deploy from. Must be a URL to a resource in Google Cloud Storage in the form 'http(s)://storage.googleapis.com//'." } }, "type": "object" }, "google-native:appengine/v1beta:ZipInfoResponse": { "description": "The zip file information for a zip deployment.", "properties": { "filesCount": { "type": "integer", "description": "An estimate of the number of files in a zip for a zip deployment. If set, must be greater than or equal to the actual number of files. Used for optimizing performance; if not provided, deployment may be slow." }, "sourceUrl": { "type": "string", "description": "URL of the zip file to deploy from. Must be a URL to a resource in Google Cloud Storage in the form 'http(s)://storage.googleapis.com//'." } }, "type": "object", "required": [ "filesCount", "sourceUrl" ] }, "google-native:artifactregistry/v1:AptRepository": { "description": "Configuration for an Apt remote repository.", "properties": { "publicRepository": { "$ref": "#/types/google-native:artifactregistry%2Fv1:GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigAptRepositoryPublicRepository", "description": "One of the publicly available Apt repositories supported by Artifact Registry." } }, "type": "object" }, "google-native:artifactregistry/v1:AptRepositoryResponse": { "description": "Configuration for an Apt remote repository.", "properties": { "publicRepository": { "$ref": "#/types/google-native:artifactregistry%2Fv1:GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigAptRepositoryPublicRepositoryResponse", "description": "One of the publicly available Apt repositories supported by Artifact Registry." } }, "type": "object", "required": [ "publicRepository" ] }, "google-native:artifactregistry/v1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:artifactregistry%2Fv1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:artifactregistry/v1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:artifactregistry%2Fv1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:artifactregistry/v1:DockerRepository": { "description": "Configuration for a Docker remote repository.", "properties": { "publicRepository": { "$ref": "#/types/google-native:artifactregistry%2Fv1:DockerRepositoryPublicRepository", "description": "One of the publicly available Docker repositories supported by Artifact Registry." } }, "type": "object" }, "google-native:artifactregistry/v1:DockerRepositoryConfig": { "description": "DockerRepositoryConfig is docker related repository details. Provides additional configuration details for repositories of the docker format type.", "properties": { "immutableTags": { "type": "boolean", "description": "The repository which enabled this flag prevents all tags from being modified, moved or deleted. This does not prevent tags from being created." } }, "type": "object" }, "google-native:artifactregistry/v1:DockerRepositoryConfigResponse": { "description": "DockerRepositoryConfig is docker related repository details. Provides additional configuration details for repositories of the docker format type.", "properties": { "immutableTags": { "type": "boolean", "description": "The repository which enabled this flag prevents all tags from being modified, moved or deleted. This does not prevent tags from being created." } }, "type": "object", "required": [ "immutableTags" ] }, "google-native:artifactregistry/v1:DockerRepositoryPublicRepository": { "description": "One of the publicly available Docker repositories supported by Artifact Registry.", "type": "string", "enum": [ { "name": "PublicRepositoryUnspecified", "description": "Unspecified repository.", "value": "PUBLIC_REPOSITORY_UNSPECIFIED" }, { "name": "DockerHub", "description": "Docker Hub.", "value": "DOCKER_HUB" } ] }, "google-native:artifactregistry/v1:DockerRepositoryResponse": { "description": "Configuration for a Docker remote repository.", "properties": { "publicRepository": { "type": "string", "description": "One of the publicly available Docker repositories supported by Artifact Registry." } }, "type": "object", "required": [ "publicRepository" ] }, "google-native:artifactregistry/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:artifactregistry/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:artifactregistry/v1:GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigAptRepositoryPublicRepository": { "description": "Publicly available Apt repositories constructed from a common repository base and a custom repository path.", "properties": { "repositoryBase": { "$ref": "#/types/google-native:artifactregistry%2Fv1:GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigAptRepositoryPublicRepositoryRepositoryBase", "description": "A common public repository base for Apt." }, "repositoryPath": { "type": "string", "description": "A custom field to define a path to a specific repository from the base." } }, "type": "object" }, "google-native:artifactregistry/v1:GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigAptRepositoryPublicRepositoryRepositoryBase": { "description": "A common public repository base for Apt.", "type": "string", "enum": [ { "name": "RepositoryBaseUnspecified", "description": "Unspecified repository base.", "value": "REPOSITORY_BASE_UNSPECIFIED" }, { "name": "Debian", "description": "Debian.", "value": "DEBIAN" }, { "name": "Ubuntu", "description": "Ubuntu LTS/Pro.", "value": "UBUNTU" }, { "name": "DebianSnapshot", "description": "Archived Debian.", "value": "DEBIAN_SNAPSHOT" } ] }, "google-native:artifactregistry/v1:GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigAptRepositoryPublicRepositoryResponse": { "description": "Publicly available Apt repositories constructed from a common repository base and a custom repository path.", "properties": { "repositoryBase": { "type": "string", "description": "A common public repository base for Apt." }, "repositoryPath": { "type": "string", "description": "A custom field to define a path to a specific repository from the base." } }, "type": "object", "required": [ "repositoryBase", "repositoryPath" ] }, "google-native:artifactregistry/v1:GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigYumRepositoryPublicRepository": { "description": "Publicly available Yum repositories constructed from a common repository base and a custom repository path.", "properties": { "repositoryBase": { "$ref": "#/types/google-native:artifactregistry%2Fv1:GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigYumRepositoryPublicRepositoryRepositoryBase", "description": "A common public repository base for Yum." }, "repositoryPath": { "type": "string", "description": "A custom field to define a path to a specific repository from the base." } }, "type": "object" }, "google-native:artifactregistry/v1:GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigYumRepositoryPublicRepositoryRepositoryBase": { "description": "A common public repository base for Yum.", "type": "string", "enum": [ { "name": "RepositoryBaseUnspecified", "description": "Unspecified repository base.", "value": "REPOSITORY_BASE_UNSPECIFIED" }, { "name": "Centos", "description": "CentOS.", "value": "CENTOS" }, { "name": "CentosDebug", "description": "CentOS Debug.", "value": "CENTOS_DEBUG" }, { "name": "CentosVault", "description": "CentOS Vault.", "value": "CENTOS_VAULT" }, { "name": "CentosStream", "description": "CentOS Stream.", "value": "CENTOS_STREAM" }, { "name": "Rocky", "description": "Rocky.", "value": "ROCKY" }, { "name": "Epel", "description": "Fedora Extra Packages for Enterprise Linux (EPEL).", "value": "EPEL" } ] }, "google-native:artifactregistry/v1:GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigYumRepositoryPublicRepositoryResponse": { "description": "Publicly available Yum repositories constructed from a common repository base and a custom repository path.", "properties": { "repositoryBase": { "type": "string", "description": "A common public repository base for Yum." }, "repositoryPath": { "type": "string", "description": "A custom field to define a path to a specific repository from the base." } }, "type": "object", "required": [ "repositoryBase", "repositoryPath" ] }, "google-native:artifactregistry/v1:MavenRepository": { "description": "Configuration for a Maven remote repository.", "properties": { "publicRepository": { "$ref": "#/types/google-native:artifactregistry%2Fv1:MavenRepositoryPublicRepository", "description": "One of the publicly available Maven repositories supported by Artifact Registry." } }, "type": "object" }, "google-native:artifactregistry/v1:MavenRepositoryConfig": { "description": "MavenRepositoryConfig is maven related repository details. Provides additional configuration details for repositories of the maven format type.", "properties": { "allowSnapshotOverwrites": { "type": "boolean", "description": "The repository with this flag will allow publishing the same snapshot versions." }, "versionPolicy": { "$ref": "#/types/google-native:artifactregistry%2Fv1:MavenRepositoryConfigVersionPolicy", "description": "Version policy defines the versions that the registry will accept." } }, "type": "object" }, "google-native:artifactregistry/v1:MavenRepositoryConfigResponse": { "description": "MavenRepositoryConfig is maven related repository details. Provides additional configuration details for repositories of the maven format type.", "properties": { "allowSnapshotOverwrites": { "type": "boolean", "description": "The repository with this flag will allow publishing the same snapshot versions." }, "versionPolicy": { "type": "string", "description": "Version policy defines the versions that the registry will accept." } }, "type": "object", "required": [ "allowSnapshotOverwrites", "versionPolicy" ] }, "google-native:artifactregistry/v1:MavenRepositoryConfigVersionPolicy": { "description": "Version policy defines the versions that the registry will accept.", "type": "string", "enum": [ { "name": "VersionPolicyUnspecified", "description": "VERSION_POLICY_UNSPECIFIED - the version policy is not defined. When the version policy is not defined, no validation is performed for the versions.", "value": "VERSION_POLICY_UNSPECIFIED" }, { "name": "Release", "description": "RELEASE - repository will accept only Release versions.", "value": "RELEASE" }, { "name": "Snapshot", "description": "SNAPSHOT - repository will accept only Snapshot versions.", "value": "SNAPSHOT" } ] }, "google-native:artifactregistry/v1:MavenRepositoryPublicRepository": { "description": "One of the publicly available Maven repositories supported by Artifact Registry.", "type": "string", "enum": [ { "name": "PublicRepositoryUnspecified", "description": "Unspecified repository.", "value": "PUBLIC_REPOSITORY_UNSPECIFIED" }, { "name": "MavenCentral", "description": "Maven Central.", "value": "MAVEN_CENTRAL" } ] }, "google-native:artifactregistry/v1:MavenRepositoryResponse": { "description": "Configuration for a Maven remote repository.", "properties": { "publicRepository": { "type": "string", "description": "One of the publicly available Maven repositories supported by Artifact Registry." } }, "type": "object", "required": [ "publicRepository" ] }, "google-native:artifactregistry/v1:NpmRepository": { "description": "Configuration for a Npm remote repository.", "properties": { "publicRepository": { "$ref": "#/types/google-native:artifactregistry%2Fv1:NpmRepositoryPublicRepository", "description": "One of the publicly available Npm repositories supported by Artifact Registry." } }, "type": "object" }, "google-native:artifactregistry/v1:NpmRepositoryPublicRepository": { "description": "One of the publicly available Npm repositories supported by Artifact Registry.", "type": "string", "enum": [ { "name": "PublicRepositoryUnspecified", "description": "Unspecified repository.", "value": "PUBLIC_REPOSITORY_UNSPECIFIED" }, { "name": "Npmjs", "description": "npmjs.", "value": "NPMJS" } ] }, "google-native:artifactregistry/v1:NpmRepositoryResponse": { "description": "Configuration for a Npm remote repository.", "properties": { "publicRepository": { "type": "string", "description": "One of the publicly available Npm repositories supported by Artifact Registry." } }, "type": "object", "required": [ "publicRepository" ] }, "google-native:artifactregistry/v1:PythonRepository": { "description": "Configuration for a Python remote repository.", "properties": { "publicRepository": { "$ref": "#/types/google-native:artifactregistry%2Fv1:PythonRepositoryPublicRepository", "description": "One of the publicly available Python repositories supported by Artifact Registry." } }, "type": "object" }, "google-native:artifactregistry/v1:PythonRepositoryPublicRepository": { "description": "One of the publicly available Python repositories supported by Artifact Registry.", "type": "string", "enum": [ { "name": "PublicRepositoryUnspecified", "description": "Unspecified repository.", "value": "PUBLIC_REPOSITORY_UNSPECIFIED" }, { "name": "Pypi", "description": "PyPI.", "value": "PYPI" } ] }, "google-native:artifactregistry/v1:PythonRepositoryResponse": { "description": "Configuration for a Python remote repository.", "properties": { "publicRepository": { "type": "string", "description": "One of the publicly available Python repositories supported by Artifact Registry." } }, "type": "object", "required": [ "publicRepository" ] }, "google-native:artifactregistry/v1:RemoteRepositoryConfig": { "description": "Remote repository configuration.", "properties": { "aptRepository": { "$ref": "#/types/google-native:artifactregistry%2Fv1:AptRepository", "description": "Specific settings for an Apt remote repository." }, "description": { "type": "string", "description": "The description of the remote source." }, "dockerRepository": { "$ref": "#/types/google-native:artifactregistry%2Fv1:DockerRepository", "description": "Specific settings for a Docker remote repository." }, "mavenRepository": { "$ref": "#/types/google-native:artifactregistry%2Fv1:MavenRepository", "description": "Specific settings for a Maven remote repository." }, "npmRepository": { "$ref": "#/types/google-native:artifactregistry%2Fv1:NpmRepository", "description": "Specific settings for an Npm remote repository." }, "pythonRepository": { "$ref": "#/types/google-native:artifactregistry%2Fv1:PythonRepository", "description": "Specific settings for a Python remote repository." }, "upstreamCredentials": { "$ref": "#/types/google-native:artifactregistry%2Fv1:UpstreamCredentials", "description": "Optional. The credentials used to access the remote repository." }, "yumRepository": { "$ref": "#/types/google-native:artifactregistry%2Fv1:YumRepository", "description": "Specific settings for a Yum remote repository." } }, "type": "object" }, "google-native:artifactregistry/v1:RemoteRepositoryConfigResponse": { "description": "Remote repository configuration.", "properties": { "aptRepository": { "$ref": "#/types/google-native:artifactregistry%2Fv1:AptRepositoryResponse", "description": "Specific settings for an Apt remote repository." }, "description": { "type": "string", "description": "The description of the remote source." }, "dockerRepository": { "$ref": "#/types/google-native:artifactregistry%2Fv1:DockerRepositoryResponse", "description": "Specific settings for a Docker remote repository." }, "mavenRepository": { "$ref": "#/types/google-native:artifactregistry%2Fv1:MavenRepositoryResponse", "description": "Specific settings for a Maven remote repository." }, "npmRepository": { "$ref": "#/types/google-native:artifactregistry%2Fv1:NpmRepositoryResponse", "description": "Specific settings for an Npm remote repository." }, "pythonRepository": { "$ref": "#/types/google-native:artifactregistry%2Fv1:PythonRepositoryResponse", "description": "Specific settings for a Python remote repository." }, "upstreamCredentials": { "$ref": "#/types/google-native:artifactregistry%2Fv1:UpstreamCredentialsResponse", "description": "Optional. The credentials used to access the remote repository." }, "yumRepository": { "$ref": "#/types/google-native:artifactregistry%2Fv1:YumRepositoryResponse", "description": "Specific settings for a Yum remote repository." } }, "type": "object", "required": [ "aptRepository", "description", "dockerRepository", "mavenRepository", "npmRepository", "pythonRepository", "upstreamCredentials", "yumRepository" ] }, "google-native:artifactregistry/v1:RepositoryFormat": { "description": "Optional. The format of packages that are stored in the repository.", "type": "string", "enum": [ { "name": "FormatUnspecified", "description": "Unspecified package format.", "value": "FORMAT_UNSPECIFIED" }, { "name": "Docker", "description": "Docker package format.", "value": "DOCKER" }, { "name": "Maven", "description": "Maven package format.", "value": "MAVEN" }, { "name": "Npm", "description": "NPM package format.", "value": "NPM" }, { "name": "Apt", "description": "APT package format.", "value": "APT" }, { "name": "Yum", "description": "YUM package format.", "value": "YUM" }, { "name": "Googet", "description": "GooGet package format.", "value": "GOOGET" }, { "name": "Python", "description": "Python package format.", "value": "PYTHON" }, { "name": "Kfp", "description": "Kubeflow Pipelines package format.", "value": "KFP" }, { "name": "Go", "description": "Go package format.", "value": "GO" } ] }, "google-native:artifactregistry/v1:RepositoryMode": { "description": "Optional. The mode of the repository.", "type": "string", "enum": [ { "name": "ModeUnspecified", "description": "Unspecified mode.", "value": "MODE_UNSPECIFIED" }, { "name": "StandardRepository", "description": "A standard repository storing artifacts.", "value": "STANDARD_REPOSITORY" }, { "name": "VirtualRepository", "description": "A virtual repository to serve artifacts from one or more sources.", "value": "VIRTUAL_REPOSITORY" }, { "name": "RemoteRepository", "description": "A remote repository to serve artifacts from a remote source.", "value": "REMOTE_REPOSITORY" } ] }, "google-native:artifactregistry/v1:UpstreamCredentials": { "description": "The credentials to access the remote repository.", "properties": { "usernamePasswordCredentials": { "$ref": "#/types/google-native:artifactregistry%2Fv1:UsernamePasswordCredentials", "description": "Use username and password to access the remote repository." } }, "type": "object" }, "google-native:artifactregistry/v1:UpstreamCredentialsResponse": { "description": "The credentials to access the remote repository.", "properties": { "usernamePasswordCredentials": { "$ref": "#/types/google-native:artifactregistry%2Fv1:UsernamePasswordCredentialsResponse", "description": "Use username and password to access the remote repository." } }, "type": "object", "required": [ "usernamePasswordCredentials" ] }, "google-native:artifactregistry/v1:UpstreamPolicy": { "description": "Artifact policy configuration for the repository contents.", "properties": { "id": { "type": "string", "description": "The user-provided ID of the upstream policy." }, "priority": { "type": "integer", "description": "Entries with a greater priority value take precedence in the pull order." }, "repository": { "type": "string", "description": "A reference to the repository resource, for example: `projects/p1/locations/us-central1/repositories/repo1`." } }, "type": "object" }, "google-native:artifactregistry/v1:UpstreamPolicyResponse": { "description": "Artifact policy configuration for the repository contents.", "properties": { "priority": { "type": "integer", "description": "Entries with a greater priority value take precedence in the pull order." }, "repository": { "type": "string", "description": "A reference to the repository resource, for example: `projects/p1/locations/us-central1/repositories/repo1`." } }, "type": "object", "required": [ "priority", "repository" ] }, "google-native:artifactregistry/v1:UsernamePasswordCredentials": { "description": "Username and password credentials.", "properties": { "passwordSecretVersion": { "type": "string", "description": "The Secret Manager key version that holds the password to access the remote repository. Must be in the format of `projects/{project}/secrets/{secret}/versions/{version}`." }, "username": { "type": "string", "description": "The username to access the remote repository." } }, "type": "object" }, "google-native:artifactregistry/v1:UsernamePasswordCredentialsResponse": { "description": "Username and password credentials.", "properties": { "passwordSecretVersion": { "type": "string", "description": "The Secret Manager key version that holds the password to access the remote repository. Must be in the format of `projects/{project}/secrets/{secret}/versions/{version}`." }, "username": { "type": "string", "description": "The username to access the remote repository." } }, "type": "object", "required": [ "passwordSecretVersion", "username" ] }, "google-native:artifactregistry/v1:VirtualRepositoryConfig": { "description": "Virtual repository configuration.", "properties": { "upstreamPolicies": { "type": "array", "items": { "$ref": "#/types/google-native:artifactregistry%2Fv1:UpstreamPolicy" }, "description": "Policies that configure the upstream artifacts distributed by the Virtual Repository. Upstream policies cannot be set on a standard repository." } }, "type": "object" }, "google-native:artifactregistry/v1:VirtualRepositoryConfigResponse": { "description": "Virtual repository configuration.", "properties": { "upstreamPolicies": { "type": "array", "items": { "$ref": "#/types/google-native:artifactregistry%2Fv1:UpstreamPolicyResponse" }, "description": "Policies that configure the upstream artifacts distributed by the Virtual Repository. Upstream policies cannot be set on a standard repository." } }, "type": "object", "required": [ "upstreamPolicies" ] }, "google-native:artifactregistry/v1:YumRepository": { "description": "Configuration for a Yum remote repository.", "properties": { "publicRepository": { "$ref": "#/types/google-native:artifactregistry%2Fv1:GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigYumRepositoryPublicRepository", "description": "One of the publicly available Yum repositories supported by Artifact Registry." } }, "type": "object" }, "google-native:artifactregistry/v1:YumRepositoryResponse": { "description": "Configuration for a Yum remote repository.", "properties": { "publicRepository": { "$ref": "#/types/google-native:artifactregistry%2Fv1:GoogleDevtoolsArtifactregistryV1RemoteRepositoryConfigYumRepositoryPublicRepositoryResponse", "description": "One of the publicly available Yum repositories supported by Artifact Registry." } }, "type": "object", "required": [ "publicRepository" ] }, "google-native:artifactregistry/v1beta1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:artifactregistry%2Fv1beta1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:artifactregistry/v1beta1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:artifactregistry%2Fv1beta1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:artifactregistry/v1beta1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:artifactregistry/v1beta1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:artifactregistry/v1beta1:RepositoryFormat": { "description": "Optional. The format of packages that are stored in the repository.", "type": "string", "enum": [ { "name": "FormatUnspecified", "description": "Unspecified package format.", "value": "FORMAT_UNSPECIFIED" }, { "name": "Docker", "description": "Docker package format.", "value": "DOCKER" }, { "name": "Maven", "description": "Maven package format.", "value": "MAVEN" }, { "name": "Npm", "description": "NPM package format.", "value": "NPM" }, { "name": "Apt", "description": "APT package format.", "value": "APT" }, { "name": "Yum", "description": "YUM package format.", "value": "YUM" }, { "name": "Googet", "description": "GooGet package format.", "value": "GOOGET" }, { "name": "Python", "description": "Python package format.", "value": "PYTHON" } ] }, "google-native:artifactregistry/v1beta2:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:artifactregistry%2Fv1beta2:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:artifactregistry/v1beta2:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:artifactregistry%2Fv1beta2:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:artifactregistry/v1beta2:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:artifactregistry/v1beta2:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:artifactregistry/v1beta2:MavenRepositoryConfig": { "description": "MavenRepositoryConfig is maven related repository details. Provides additional configuration details for repositories of the maven format type.", "properties": { "allowSnapshotOverwrites": { "type": "boolean", "description": "The repository with this flag will allow publishing the same snapshot versions." }, "versionPolicy": { "$ref": "#/types/google-native:artifactregistry%2Fv1beta2:MavenRepositoryConfigVersionPolicy", "description": "Version policy defines the versions that the registry will accept." } }, "type": "object" }, "google-native:artifactregistry/v1beta2:MavenRepositoryConfigResponse": { "description": "MavenRepositoryConfig is maven related repository details. Provides additional configuration details for repositories of the maven format type.", "properties": { "allowSnapshotOverwrites": { "type": "boolean", "description": "The repository with this flag will allow publishing the same snapshot versions." }, "versionPolicy": { "type": "string", "description": "Version policy defines the versions that the registry will accept." } }, "type": "object", "required": [ "allowSnapshotOverwrites", "versionPolicy" ] }, "google-native:artifactregistry/v1beta2:MavenRepositoryConfigVersionPolicy": { "description": "Version policy defines the versions that the registry will accept.", "type": "string", "enum": [ { "name": "VersionPolicyUnspecified", "description": "VERSION_POLICY_UNSPECIFIED - the version policy is not defined. When the version policy is not defined, no validation is performed for the versions.", "value": "VERSION_POLICY_UNSPECIFIED" }, { "name": "Release", "description": "RELEASE - repository will accept only Release versions.", "value": "RELEASE" }, { "name": "Snapshot", "description": "SNAPSHOT - repository will accept only Snapshot versions.", "value": "SNAPSHOT" } ] }, "google-native:artifactregistry/v1beta2:RepositoryFormat": { "description": "Optional. The format of packages that are stored in the repository.", "type": "string", "enum": [ { "name": "FormatUnspecified", "description": "Unspecified package format.", "value": "FORMAT_UNSPECIFIED" }, { "name": "Docker", "description": "Docker package format.", "value": "DOCKER" }, { "name": "Maven", "description": "Maven package format.", "value": "MAVEN" }, { "name": "Npm", "description": "NPM package format.", "value": "NPM" }, { "name": "Apt", "description": "APT package format.", "value": "APT" }, { "name": "Yum", "description": "YUM package format.", "value": "YUM" }, { "name": "Googet", "description": "GooGet package format.", "value": "GOOGET" }, { "name": "Python", "description": "Python package format.", "value": "PYTHON" } ] }, "google-native:assuredworkloads/v1:GoogleCloudAssuredworkloadsV1WorkloadComplianceStatusResponse": { "description": "Represents the Compliance Status of this workload", "properties": { "acknowledgedResourceViolationCount": { "type": "integer", "description": "Number of current resource violations which are not acknowledged." }, "acknowledgedViolationCount": { "type": "integer", "description": "Number of current orgPolicy violations which are acknowledged." }, "activeResourceViolationCount": { "type": "integer", "description": "Number of current resource violations which are acknowledged." }, "activeViolationCount": { "type": "integer", "description": "Number of current orgPolicy violations which are not acknowledged." } }, "type": "object", "required": [ "acknowledgedResourceViolationCount", "acknowledgedViolationCount", "activeResourceViolationCount", "activeViolationCount" ] }, "google-native:assuredworkloads/v1:GoogleCloudAssuredworkloadsV1WorkloadEkmProvisioningResponseResponse": { "description": "External key management systems(EKM) Provisioning response", "properties": { "ekmProvisioningErrorDomain": { "type": "string", "description": "Indicates Ekm provisioning error if any." }, "ekmProvisioningErrorMapping": { "type": "string", "description": "Detailed error message if Ekm provisioning fails" }, "ekmProvisioningState": { "type": "string", "description": "Indicates Ekm enrollment Provisioning of a given workload." } }, "type": "object", "required": [ "ekmProvisioningErrorDomain", "ekmProvisioningErrorMapping", "ekmProvisioningState" ] }, "google-native:assuredworkloads/v1:GoogleCloudAssuredworkloadsV1WorkloadKMSSettings": { "description": "Settings specific to the Key Management Service.", "properties": { "nextRotationTime": { "type": "string", "description": "Input only. Immutable. The time at which the Key Management Service will automatically create a new version of the crypto key and mark it as the primary." }, "rotationPeriod": { "type": "string", "description": "Input only. Immutable. [next_rotation_time] will be advanced by this period when the Key Management Service automatically rotates a key. Must be at least 24 hours and at most 876,000 hours." } }, "type": "object", "required": [ "nextRotationTime", "rotationPeriod" ] }, "google-native:assuredworkloads/v1:GoogleCloudAssuredworkloadsV1WorkloadKMSSettingsResponse": { "description": "Settings specific to the Key Management Service.", "properties": { "nextRotationTime": { "type": "string", "description": "Input only. Immutable. The time at which the Key Management Service will automatically create a new version of the crypto key and mark it as the primary." }, "rotationPeriod": { "type": "string", "description": "Input only. Immutable. [next_rotation_time] will be advanced by this period when the Key Management Service automatically rotates a key. Must be at least 24 hours and at most 876,000 hours." } }, "type": "object", "required": [ "nextRotationTime", "rotationPeriod" ] }, "google-native:assuredworkloads/v1:GoogleCloudAssuredworkloadsV1WorkloadPartnerPermissions": { "description": "Permissions granted to the AW Partner SA account for the customer workload", "properties": { "assuredWorkloadsMonitoring": { "type": "boolean", "description": "Optional. Allow partner to view violation alerts." }, "dataLogsViewer": { "type": "boolean", "description": "Allow the partner to view inspectability logs and monitoring violations." }, "serviceAccessApprover": { "type": "boolean", "description": "Optional. Allow partner to view access approval logs." } }, "type": "object" }, "google-native:assuredworkloads/v1:GoogleCloudAssuredworkloadsV1WorkloadPartnerPermissionsResponse": { "description": "Permissions granted to the AW Partner SA account for the customer workload", "properties": { "assuredWorkloadsMonitoring": { "type": "boolean", "description": "Optional. Allow partner to view violation alerts." }, "dataLogsViewer": { "type": "boolean", "description": "Allow the partner to view inspectability logs and monitoring violations." }, "serviceAccessApprover": { "type": "boolean", "description": "Optional. Allow partner to view access approval logs." } }, "type": "object", "required": [ "assuredWorkloadsMonitoring", "dataLogsViewer", "serviceAccessApprover" ] }, "google-native:assuredworkloads/v1:GoogleCloudAssuredworkloadsV1WorkloadResourceInfoResponse": { "description": "Represent the resources that are children of this Workload.", "properties": { "resourceId": { "type": "string", "description": "Resource identifier. For a project this represents project_number." }, "resourceType": { "type": "string", "description": "Indicates the type of resource." } }, "type": "object", "required": [ "resourceId", "resourceType" ] }, "google-native:assuredworkloads/v1:GoogleCloudAssuredworkloadsV1WorkloadResourceSettings": { "description": "Represent the custom settings for the resources to be created.", "properties": { "displayName": { "type": "string", "description": "User-assigned resource display name. If not empty it will be used to create a resource with the specified name." }, "resourceId": { "type": "string", "description": "Resource identifier. For a project this represents project_id. If the project is already taken, the workload creation will fail. For KeyRing, this represents the keyring_id. For a folder, don't set this value as folder_id is assigned by Google." }, "resourceType": { "$ref": "#/types/google-native:assuredworkloads%2Fv1:GoogleCloudAssuredworkloadsV1WorkloadResourceSettingsResourceType", "description": "Indicates the type of resource. This field should be specified to correspond the id to the right project type (CONSUMER_PROJECT or ENCRYPTION_KEYS_PROJECT)" } }, "type": "object" }, "google-native:assuredworkloads/v1:GoogleCloudAssuredworkloadsV1WorkloadResourceSettingsResourceType": { "description": "Indicates the type of resource. This field should be specified to correspond the id to the right project type (CONSUMER_PROJECT or ENCRYPTION_KEYS_PROJECT)", "type": "string", "enum": [ { "name": "ResourceTypeUnspecified", "description": "Unknown resource type.", "value": "RESOURCE_TYPE_UNSPECIFIED" }, { "name": "ConsumerProject", "description": "Deprecated. Existing workloads will continue to support this, but new CreateWorkloadRequests should not specify this as an input value.", "value": "CONSUMER_PROJECT" }, { "name": "ConsumerFolder", "description": "Consumer Folder.", "value": "CONSUMER_FOLDER" }, { "name": "EncryptionKeysProject", "description": "Consumer project containing encryption keys.", "value": "ENCRYPTION_KEYS_PROJECT" }, { "name": "Keyring", "description": "Keyring resource that hosts encryption keys.", "value": "KEYRING" } ] }, "google-native:assuredworkloads/v1:GoogleCloudAssuredworkloadsV1WorkloadResourceSettingsResponse": { "description": "Represent the custom settings for the resources to be created.", "properties": { "displayName": { "type": "string", "description": "User-assigned resource display name. If not empty it will be used to create a resource with the specified name." }, "resourceId": { "type": "string", "description": "Resource identifier. For a project this represents project_id. If the project is already taken, the workload creation will fail. For KeyRing, this represents the keyring_id. For a folder, don't set this value as folder_id is assigned by Google." }, "resourceType": { "type": "string", "description": "Indicates the type of resource. This field should be specified to correspond the id to the right project type (CONSUMER_PROJECT or ENCRYPTION_KEYS_PROJECT)" } }, "type": "object", "required": [ "displayName", "resourceId", "resourceType" ] }, "google-native:assuredworkloads/v1:GoogleCloudAssuredworkloadsV1WorkloadSaaEnrollmentResponseResponse": { "description": "Signed Access Approvals (SAA) enrollment response.", "properties": { "setupErrors": { "type": "array", "items": { "type": "string" }, "description": "Indicates SAA enrollment setup error if any." }, "setupStatus": { "type": "string", "description": "Indicates SAA enrollment status of a given workload." } }, "type": "object", "required": [ "setupErrors", "setupStatus" ] }, "google-native:assuredworkloads/v1:WorkloadComplianceRegime": { "description": "Required. Immutable. Compliance Regime associated with this workload.", "type": "string", "enum": [ { "name": "ComplianceRegimeUnspecified", "description": "Unknown compliance regime.", "value": "COMPLIANCE_REGIME_UNSPECIFIED" }, { "name": "Il4", "description": "Information protection as per DoD IL4 requirements.", "value": "IL4" }, { "name": "Cjis", "description": "Criminal Justice Information Services (CJIS) Security policies.", "value": "CJIS" }, { "name": "FedrampHigh", "description": "FedRAMP High data protection controls", "value": "FEDRAMP_HIGH" }, { "name": "FedrampModerate", "description": "FedRAMP Moderate data protection controls", "value": "FEDRAMP_MODERATE" }, { "name": "UsRegionalAccess", "description": "Assured Workloads For US Regions data protection controls", "value": "US_REGIONAL_ACCESS" }, { "name": "Hipaa", "description": "Health Insurance Portability and Accountability Act controls", "value": "HIPAA" }, { "name": "Hitrust", "description": "Health Information Trust Alliance controls", "value": "HITRUST" }, { "name": "EuRegionsAndSupport", "description": "Assured Workloads For EU Regions and Support controls", "value": "EU_REGIONS_AND_SUPPORT" }, { "name": "CaRegionsAndSupport", "description": "Assured Workloads For Canada Regions and Support controls", "value": "CA_REGIONS_AND_SUPPORT" }, { "name": "Itar", "description": "International Traffic in Arms Regulations", "value": "ITAR" }, { "name": "AuRegionsAndUsSupport", "description": "Assured Workloads for Australia Regions and Support controls", "value": "AU_REGIONS_AND_US_SUPPORT" }, { "name": "AssuredWorkloadsForPartners", "description": "Assured Workloads for Partners;", "value": "ASSURED_WORKLOADS_FOR_PARTNERS" }, { "name": "IsrRegions", "description": "Assured Workloads for Israel", "value": "ISR_REGIONS" }, { "name": "IsrRegionsAndSupport", "description": "Assured Workloads for Israel Regions", "value": "ISR_REGIONS_AND_SUPPORT" }, { "name": "CaProtectedB", "description": "Assured Workloads for Canada Protected B regime", "value": "CA_PROTECTED_B" }, { "name": "Il5", "description": "Information protection as per DoD IL5 requirements.", "value": "IL5" }, { "name": "Il2", "description": "Information protection as per DoD IL2 requirements.", "value": "IL2" }, { "name": "JpRegionsAndSupport", "description": "Assured Workloads for Japan Regions", "value": "JP_REGIONS_AND_SUPPORT" } ] }, "google-native:assuredworkloads/v1:WorkloadPartner": { "description": "Optional. Partner regime associated with this workload.", "type": "string", "enum": [ { "name": "PartnerUnspecified", "value": "PARTNER_UNSPECIFIED" }, { "name": "LocalControlsByS3ns", "description": "Enum representing S3NS (Thales) partner.", "value": "LOCAL_CONTROLS_BY_S3NS" }, { "name": "SovereignControlsByTSystems", "description": "Enum representing T_SYSTEM (TSI) partner.", "value": "SOVEREIGN_CONTROLS_BY_T_SYSTEMS" }, { "name": "SovereignControlsBySiaMinsait", "description": "Enum representing SIA_MINSAIT (Indra) partner.", "value": "SOVEREIGN_CONTROLS_BY_SIA_MINSAIT" }, { "name": "SovereignControlsByPsn", "description": "Enum representing PSN (TIM) partner.", "value": "SOVEREIGN_CONTROLS_BY_PSN" } ] }, "google-native:assuredworkloads/v1beta1:GoogleCloudAssuredworkloadsV1beta1WorkloadCJISSettings": { "description": "Settings specific to resources needed for CJIS.", "properties": { "kmsSettings": { "$ref": "#/types/google-native:assuredworkloads%2Fv1beta1:GoogleCloudAssuredworkloadsV1beta1WorkloadKMSSettings", "description": "Input only. Immutable. Settings used to create a CMEK crypto key." } }, "type": "object" }, "google-native:assuredworkloads/v1beta1:GoogleCloudAssuredworkloadsV1beta1WorkloadCJISSettingsResponse": { "description": "Settings specific to resources needed for CJIS.", "properties": { "kmsSettings": { "$ref": "#/types/google-native:assuredworkloads%2Fv1beta1:GoogleCloudAssuredworkloadsV1beta1WorkloadKMSSettingsResponse", "description": "Input only. Immutable. Settings used to create a CMEK crypto key." } }, "type": "object", "required": [ "kmsSettings" ] }, "google-native:assuredworkloads/v1beta1:GoogleCloudAssuredworkloadsV1beta1WorkloadComplianceStatusResponse": { "description": "Represents the Compliance Status of this workload", "properties": { "acknowledgedResourceViolationCount": { "type": "integer", "description": "Number of current resource violations which are not acknowledged." }, "acknowledgedViolationCount": { "type": "integer", "description": "Number of current orgPolicy violations which are acknowledged." }, "activeResourceViolationCount": { "type": "integer", "description": "Number of current resource violations which are acknowledged." }, "activeViolationCount": { "type": "integer", "description": "Number of current orgPolicy violations which are not acknowledged." } }, "type": "object", "required": [ "acknowledgedResourceViolationCount", "acknowledgedViolationCount", "activeResourceViolationCount", "activeViolationCount" ] }, "google-native:assuredworkloads/v1beta1:GoogleCloudAssuredworkloadsV1beta1WorkloadEkmProvisioningResponseResponse": { "description": "External key management systems(EKM) Provisioning response", "properties": { "ekmProvisioningErrorDomain": { "type": "string", "description": "Indicates Ekm provisioning error if any." }, "ekmProvisioningErrorMapping": { "type": "string", "description": "Detailed error message if Ekm provisioning fails" }, "ekmProvisioningState": { "type": "string", "description": "Indicates Ekm enrollment Provisioning of a given workload." } }, "type": "object", "required": [ "ekmProvisioningErrorDomain", "ekmProvisioningErrorMapping", "ekmProvisioningState" ] }, "google-native:assuredworkloads/v1beta1:GoogleCloudAssuredworkloadsV1beta1WorkloadFedrampHighSettings": { "description": "Settings specific to resources needed for FedRAMP High.", "properties": { "kmsSettings": { "$ref": "#/types/google-native:assuredworkloads%2Fv1beta1:GoogleCloudAssuredworkloadsV1beta1WorkloadKMSSettings", "description": "Input only. Immutable. Settings used to create a CMEK crypto key." } }, "type": "object" }, "google-native:assuredworkloads/v1beta1:GoogleCloudAssuredworkloadsV1beta1WorkloadFedrampHighSettingsResponse": { "description": "Settings specific to resources needed for FedRAMP High.", "properties": { "kmsSettings": { "$ref": "#/types/google-native:assuredworkloads%2Fv1beta1:GoogleCloudAssuredworkloadsV1beta1WorkloadKMSSettingsResponse", "description": "Input only. Immutable. Settings used to create a CMEK crypto key." } }, "type": "object", "required": [ "kmsSettings" ] }, "google-native:assuredworkloads/v1beta1:GoogleCloudAssuredworkloadsV1beta1WorkloadFedrampModerateSettings": { "description": "Settings specific to resources needed for FedRAMP Moderate.", "properties": { "kmsSettings": { "$ref": "#/types/google-native:assuredworkloads%2Fv1beta1:GoogleCloudAssuredworkloadsV1beta1WorkloadKMSSettings", "description": "Input only. Immutable. Settings used to create a CMEK crypto key." } }, "type": "object" }, "google-native:assuredworkloads/v1beta1:GoogleCloudAssuredworkloadsV1beta1WorkloadFedrampModerateSettingsResponse": { "description": "Settings specific to resources needed for FedRAMP Moderate.", "properties": { "kmsSettings": { "$ref": "#/types/google-native:assuredworkloads%2Fv1beta1:GoogleCloudAssuredworkloadsV1beta1WorkloadKMSSettingsResponse", "description": "Input only. Immutable. Settings used to create a CMEK crypto key." } }, "type": "object", "required": [ "kmsSettings" ] }, "google-native:assuredworkloads/v1beta1:GoogleCloudAssuredworkloadsV1beta1WorkloadIL4Settings": { "description": "Settings specific to resources needed for IL4.", "properties": { "kmsSettings": { "$ref": "#/types/google-native:assuredworkloads%2Fv1beta1:GoogleCloudAssuredworkloadsV1beta1WorkloadKMSSettings", "description": "Input only. Immutable. Settings used to create a CMEK crypto key." } }, "type": "object" }, "google-native:assuredworkloads/v1beta1:GoogleCloudAssuredworkloadsV1beta1WorkloadIL4SettingsResponse": { "description": "Settings specific to resources needed for IL4.", "properties": { "kmsSettings": { "$ref": "#/types/google-native:assuredworkloads%2Fv1beta1:GoogleCloudAssuredworkloadsV1beta1WorkloadKMSSettingsResponse", "description": "Input only. Immutable. Settings used to create a CMEK crypto key." } }, "type": "object", "required": [ "kmsSettings" ] }, "google-native:assuredworkloads/v1beta1:GoogleCloudAssuredworkloadsV1beta1WorkloadKMSSettings": { "description": "Settings specific to the Key Management Service.", "properties": { "nextRotationTime": { "type": "string", "description": "Input only. Immutable. The time at which the Key Management Service will automatically create a new version of the crypto key and mark it as the primary." }, "rotationPeriod": { "type": "string", "description": "Input only. Immutable. [next_rotation_time] will be advanced by this period when the Key Management Service automatically rotates a key. Must be at least 24 hours and at most 876,000 hours." } }, "type": "object", "required": [ "nextRotationTime", "rotationPeriod" ] }, "google-native:assuredworkloads/v1beta1:GoogleCloudAssuredworkloadsV1beta1WorkloadKMSSettingsResponse": { "description": "Settings specific to the Key Management Service.", "properties": { "nextRotationTime": { "type": "string", "description": "Input only. Immutable. The time at which the Key Management Service will automatically create a new version of the crypto key and mark it as the primary." }, "rotationPeriod": { "type": "string", "description": "Input only. Immutable. [next_rotation_time] will be advanced by this period when the Key Management Service automatically rotates a key. Must be at least 24 hours and at most 876,000 hours." } }, "type": "object", "required": [ "nextRotationTime", "rotationPeriod" ] }, "google-native:assuredworkloads/v1beta1:GoogleCloudAssuredworkloadsV1beta1WorkloadPartnerPermissions": { "description": "Permissions granted to the AW Partner SA account for the customer workload", "properties": { "assuredWorkloadsMonitoring": { "type": "boolean", "description": "Optional. Allow partner to view violation alerts." }, "dataLogsViewer": { "type": "boolean", "description": "Allow the partner to view inspectability logs and monitoring violations." }, "serviceAccessApprover": { "type": "boolean", "description": "Optional. Allow partner to view access approval logs." } }, "type": "object" }, "google-native:assuredworkloads/v1beta1:GoogleCloudAssuredworkloadsV1beta1WorkloadPartnerPermissionsResponse": { "description": "Permissions granted to the AW Partner SA account for the customer workload", "properties": { "assuredWorkloadsMonitoring": { "type": "boolean", "description": "Optional. Allow partner to view violation alerts." }, "dataLogsViewer": { "type": "boolean", "description": "Allow the partner to view inspectability logs and monitoring violations." }, "serviceAccessApprover": { "type": "boolean", "description": "Optional. Allow partner to view access approval logs." } }, "type": "object", "required": [ "assuredWorkloadsMonitoring", "dataLogsViewer", "serviceAccessApprover" ] }, "google-native:assuredworkloads/v1beta1:GoogleCloudAssuredworkloadsV1beta1WorkloadResourceInfoResponse": { "description": "Represent the resources that are children of this Workload.", "properties": { "resourceId": { "type": "string", "description": "Resource identifier. For a project this represents project_number." }, "resourceType": { "type": "string", "description": "Indicates the type of resource." } }, "type": "object", "required": [ "resourceId", "resourceType" ] }, "google-native:assuredworkloads/v1beta1:GoogleCloudAssuredworkloadsV1beta1WorkloadResourceSettings": { "description": "Represent the custom settings for the resources to be created.", "properties": { "displayName": { "type": "string", "description": "User-assigned resource display name. If not empty it will be used to create a resource with the specified name." }, "resourceId": { "type": "string", "description": "Resource identifier. For a project this represents project_id. If the project is already taken, the workload creation will fail. For KeyRing, this represents the keyring_id. For a folder, don't set this value as folder_id is assigned by Google." }, "resourceType": { "$ref": "#/types/google-native:assuredworkloads%2Fv1beta1:GoogleCloudAssuredworkloadsV1beta1WorkloadResourceSettingsResourceType", "description": "Indicates the type of resource. This field should be specified to correspond the id to the right project type (CONSUMER_PROJECT or ENCRYPTION_KEYS_PROJECT)" } }, "type": "object" }, "google-native:assuredworkloads/v1beta1:GoogleCloudAssuredworkloadsV1beta1WorkloadResourceSettingsResourceType": { "description": "Indicates the type of resource. This field should be specified to correspond the id to the right project type (CONSUMER_PROJECT or ENCRYPTION_KEYS_PROJECT)", "type": "string", "enum": [ { "name": "ResourceTypeUnspecified", "description": "Unknown resource type.", "value": "RESOURCE_TYPE_UNSPECIFIED" }, { "name": "ConsumerProject", "description": "Deprecated. Existing workloads will continue to support this, but new CreateWorkloadRequests should not specify this as an input value.", "value": "CONSUMER_PROJECT" }, { "name": "ConsumerFolder", "description": "Consumer Folder.", "value": "CONSUMER_FOLDER" }, { "name": "EncryptionKeysProject", "description": "Consumer project containing encryption keys.", "value": "ENCRYPTION_KEYS_PROJECT" }, { "name": "Keyring", "description": "Keyring resource that hosts encryption keys.", "value": "KEYRING" } ] }, "google-native:assuredworkloads/v1beta1:GoogleCloudAssuredworkloadsV1beta1WorkloadResourceSettingsResponse": { "description": "Represent the custom settings for the resources to be created.", "properties": { "displayName": { "type": "string", "description": "User-assigned resource display name. If not empty it will be used to create a resource with the specified name." }, "resourceId": { "type": "string", "description": "Resource identifier. For a project this represents project_id. If the project is already taken, the workload creation will fail. For KeyRing, this represents the keyring_id. For a folder, don't set this value as folder_id is assigned by Google." }, "resourceType": { "type": "string", "description": "Indicates the type of resource. This field should be specified to correspond the id to the right project type (CONSUMER_PROJECT or ENCRYPTION_KEYS_PROJECT)" } }, "type": "object", "required": [ "displayName", "resourceId", "resourceType" ] }, "google-native:assuredworkloads/v1beta1:GoogleCloudAssuredworkloadsV1beta1WorkloadSaaEnrollmentResponseResponse": { "description": "Signed Access Approvals (SAA) enrollment response.", "properties": { "setupErrors": { "type": "array", "items": { "type": "string" }, "description": "Indicates SAA enrollment setup error if any." }, "setupStatus": { "type": "string", "description": "Indicates SAA enrollment status of a given workload." } }, "type": "object", "required": [ "setupErrors", "setupStatus" ] }, "google-native:assuredworkloads/v1beta1:WorkloadComplianceRegime": { "description": "Required. Immutable. Compliance Regime associated with this workload.", "type": "string", "enum": [ { "name": "ComplianceRegimeUnspecified", "description": "Unknown compliance regime.", "value": "COMPLIANCE_REGIME_UNSPECIFIED" }, { "name": "Il4", "description": "Information protection as per DoD IL4 requirements.", "value": "IL4" }, { "name": "Cjis", "description": "Criminal Justice Information Services (CJIS) Security policies.", "value": "CJIS" }, { "name": "FedrampHigh", "description": "FedRAMP High data protection controls", "value": "FEDRAMP_HIGH" }, { "name": "FedrampModerate", "description": "FedRAMP Moderate data protection controls", "value": "FEDRAMP_MODERATE" }, { "name": "UsRegionalAccess", "description": "Assured Workloads For US Regions data protection controls", "value": "US_REGIONAL_ACCESS" }, { "name": "Hipaa", "description": "Health Insurance Portability and Accountability Act controls", "value": "HIPAA" }, { "name": "Hitrust", "description": "Health Information Trust Alliance controls", "value": "HITRUST" }, { "name": "EuRegionsAndSupport", "description": "Assured Workloads For EU Regions and Support controls", "value": "EU_REGIONS_AND_SUPPORT" }, { "name": "CaRegionsAndSupport", "description": "Assured Workloads For Canada Regions and Support controls", "value": "CA_REGIONS_AND_SUPPORT" }, { "name": "Itar", "description": "International Traffic in Arms Regulations", "value": "ITAR" }, { "name": "AuRegionsAndUsSupport", "description": "Assured Workloads for Australia Regions and Support controls", "value": "AU_REGIONS_AND_US_SUPPORT" }, { "name": "AssuredWorkloadsForPartners", "description": "Assured Workloads for Partners;", "value": "ASSURED_WORKLOADS_FOR_PARTNERS" }, { "name": "IsrRegions", "description": "Assured Workloads for Israel", "value": "ISR_REGIONS" }, { "name": "IsrRegionsAndSupport", "description": "Assured Workloads for Israel Regions", "value": "ISR_REGIONS_AND_SUPPORT" }, { "name": "CaProtectedB", "description": "Assured Workloads for Canada Protected B regime", "value": "CA_PROTECTED_B" }, { "name": "Il5", "description": "Information protection as per DoD IL5 requirements.", "value": "IL5" }, { "name": "Il2", "description": "Information protection as per DoD IL2 requirements.", "value": "IL2" }, { "name": "JpRegionsAndSupport", "description": "Assured Workloads for Japan Regions", "value": "JP_REGIONS_AND_SUPPORT" } ] }, "google-native:assuredworkloads/v1beta1:WorkloadPartner": { "description": "Optional. Partner regime associated with this workload.", "type": "string", "enum": [ { "name": "PartnerUnspecified", "value": "PARTNER_UNSPECIFIED" }, { "name": "LocalControlsByS3ns", "description": "Enum representing S3NS (Thales) partner.", "value": "LOCAL_CONTROLS_BY_S3NS" }, { "name": "SovereignControlsByTSystems", "description": "Enum representing T_SYSTEM (TSI) partner.", "value": "SOVEREIGN_CONTROLS_BY_T_SYSTEMS" }, { "name": "SovereignControlsBySiaMinsait", "description": "Enum representing SIA_MINSAIT (Indra) partner.", "value": "SOVEREIGN_CONTROLS_BY_SIA_MINSAIT" }, { "name": "SovereignControlsByPsn", "description": "Enum representing PSN (TIM) partner.", "value": "SOVEREIGN_CONTROLS_BY_PSN" } ] }, "google-native:backupdr/v1:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:backupdr%2Fv1:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:backupdr/v1:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:backupdr%2Fv1:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:backupdr/v1:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:backupdr%2Fv1:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:backupdr/v1:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:backupdr/v1:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:backupdr/v1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:backupdr%2Fv1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:backupdr/v1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:backupdr%2Fv1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:backupdr/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:backupdr/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:backupdr/v1:ManagementServerType": { "description": "Required. The type of the ManagementServer resource.", "type": "string", "enum": [ { "name": "InstanceTypeUnspecified", "description": "Instance type is not mentioned.", "value": "INSTANCE_TYPE_UNSPECIFIED" }, { "name": "BackupRestore", "description": "Instance for backup and restore management (i.e., AGM).", "value": "BACKUP_RESTORE" } ] }, "google-native:backupdr/v1:ManagementURIResponse": { "description": "ManagementURI for the Management Server resource.", "properties": { "api": { "type": "string", "description": "The ManagementServer AGM/RD API URL." }, "webUi": { "type": "string", "description": "The ManagementServer AGM/RD WebUI URL." } }, "type": "object", "required": [ "api", "webUi" ] }, "google-native:backupdr/v1:NetworkConfig": { "description": "Network configuration for ManagementServer instance.", "properties": { "network": { "type": "string", "description": "Optional. The resource name of the Google Compute Engine VPC network to which the ManagementServer instance is connected." }, "peeringMode": { "$ref": "#/types/google-native:backupdr%2Fv1:NetworkConfigPeeringMode", "description": "Optional. The network connect mode of the ManagementServer instance. For this version, only PRIVATE_SERVICE_ACCESS is supported." } }, "type": "object" }, "google-native:backupdr/v1:NetworkConfigPeeringMode": { "description": "Optional. The network connect mode of the ManagementServer instance. For this version, only PRIVATE_SERVICE_ACCESS is supported.", "type": "string", "enum": [ { "name": "PeeringModeUnspecified", "description": "Peering mode not set.", "value": "PEERING_MODE_UNSPECIFIED" }, { "name": "PrivateServiceAccess", "description": "Connect using Private Service Access to the Management Server. Private services access provides an IP address range for multiple Google Cloud services, including Cloud BackupDR.", "value": "PRIVATE_SERVICE_ACCESS" } ] }, "google-native:backupdr/v1:NetworkConfigResponse": { "description": "Network configuration for ManagementServer instance.", "properties": { "network": { "type": "string", "description": "Optional. The resource name of the Google Compute Engine VPC network to which the ManagementServer instance is connected." }, "peeringMode": { "type": "string", "description": "Optional. The network connect mode of the ManagementServer instance. For this version, only PRIVATE_SERVICE_ACCESS is supported." } }, "type": "object", "required": [ "network", "peeringMode" ] }, "google-native:backupdr/v1:WorkforceIdentityBasedManagementURIResponse": { "description": "ManagementURI depending on the Workforce Identity i.e. either 1p or 3p.", "properties": { "firstPartyManagementUri": { "type": "string", "description": "First party Management URI for Google Identities." }, "thirdPartyManagementUri": { "type": "string", "description": "Third party Management URI for External Identity Providers." } }, "type": "object", "required": [ "firstPartyManagementUri", "thirdPartyManagementUri" ] }, "google-native:backupdr/v1:WorkforceIdentityBasedOAuth2ClientIDResponse": { "description": "OAuth Client ID depending on the Workforce Identity i.e. either 1p or 3p,", "properties": { "firstPartyOauth2ClientId": { "type": "string", "description": "First party OAuth Client ID for Google Identities." }, "thirdPartyOauth2ClientId": { "type": "string", "description": "Third party OAuth Client ID for External Identity Providers." } }, "type": "object", "required": [ "firstPartyOauth2ClientId", "thirdPartyOauth2ClientId" ] }, "google-native:baremetalsolution/v2:AllowedClient": { "description": "Represents an 'access point' for the share.", "properties": { "allowDev": { "type": "boolean", "description": "Allow dev flag. Which controls whether to allow creation of devices." }, "allowSuid": { "type": "boolean", "description": "Allow the setuid flag." }, "allowedClientsCidr": { "type": "string", "description": "The subnet of IP addresses permitted to access the share." }, "mountPermissions": { "$ref": "#/types/google-native:baremetalsolution%2Fv2:AllowedClientMountPermissions", "description": "Mount permissions." }, "network": { "type": "string", "description": "The network the access point sits on." }, "noRootSquash": { "type": "boolean", "description": "Disable root squashing, which is a feature of NFS. Root squash is a special mapping of the remote superuser (root) identity when using identity authentication." } }, "type": "object" }, "google-native:baremetalsolution/v2:AllowedClientMountPermissions": { "description": "Mount permissions.", "type": "string", "enum": [ { "name": "MountPermissionsUnspecified", "description": "Permissions were not specified.", "value": "MOUNT_PERMISSIONS_UNSPECIFIED" }, { "name": "Read", "description": "NFS share can be mount with read-only permissions.", "value": "READ" }, { "name": "ReadWrite", "description": "NFS share can be mount with read-write permissions.", "value": "READ_WRITE" } ] }, "google-native:baremetalsolution/v2:AllowedClientResponse": { "description": "Represents an 'access point' for the share.", "properties": { "allowDev": { "type": "boolean", "description": "Allow dev flag. Which controls whether to allow creation of devices." }, "allowSuid": { "type": "boolean", "description": "Allow the setuid flag." }, "allowedClientsCidr": { "type": "string", "description": "The subnet of IP addresses permitted to access the share." }, "mountPermissions": { "type": "string", "description": "Mount permissions." }, "network": { "type": "string", "description": "The network the access point sits on." }, "nfsPath": { "type": "string", "description": "The path to access NFS, in format shareIP:/InstanceID InstanceID is the generated ID instead of customer provided name. example like \"10.0.0.0:/g123456789-nfs001\"" }, "noRootSquash": { "type": "boolean", "description": "Disable root squashing, which is a feature of NFS. Root squash is a special mapping of the remote superuser (root) identity when using identity authentication." }, "shareIp": { "type": "string", "description": "The IP address of the share on this network. Assigned automatically during provisioning based on the network's services_cidr." } }, "type": "object", "required": [ "allowDev", "allowSuid", "allowedClientsCidr", "mountPermissions", "network", "nfsPath", "noRootSquash", "shareIp" ] }, "google-native:baremetalsolution/v2:GoogleCloudBaremetalsolutionV2LogicalInterface": { "description": "Each logical interface represents a logical abstraction of the underlying physical interface (for eg. bond, nic) of the instance. Each logical interface can effectively map to multiple network-IP pairs and still be mapped to one underlying physical interface.", "properties": { "interfaceIndex": { "type": "integer", "description": "The index of the logical interface mapping to the index of the hardware bond or nic on the chosen network template. This field is deprecated.", "deprecationMessage": "The index of the logical interface mapping to the index of the hardware bond or nic on the chosen network template. This field is deprecated." }, "logicalNetworkInterfaces": { "type": "array", "items": { "$ref": "#/types/google-native:baremetalsolution%2Fv2:LogicalNetworkInterface" }, "description": "List of logical network interfaces within a logical interface." }, "name": { "type": "string", "description": "Interface name. This is of syntax or and forms part of the network template name." } }, "type": "object" }, "google-native:baremetalsolution/v2:GoogleCloudBaremetalsolutionV2LogicalInterfaceResponse": { "description": "Each logical interface represents a logical abstraction of the underlying physical interface (for eg. bond, nic) of the instance. Each logical interface can effectively map to multiple network-IP pairs and still be mapped to one underlying physical interface.", "properties": { "interfaceIndex": { "type": "integer", "description": "The index of the logical interface mapping to the index of the hardware bond or nic on the chosen network template. This field is deprecated.", "deprecationMessage": "The index of the logical interface mapping to the index of the hardware bond or nic on the chosen network template. This field is deprecated." }, "logicalNetworkInterfaces": { "type": "array", "items": { "$ref": "#/types/google-native:baremetalsolution%2Fv2:LogicalNetworkInterfaceResponse" }, "description": "List of logical network interfaces within a logical interface." }, "name": { "type": "string", "description": "Interface name. This is of syntax or and forms part of the network template name." } }, "type": "object", "required": [ "interfaceIndex", "logicalNetworkInterfaces", "name" ] }, "google-native:baremetalsolution/v2:InstanceConfig": { "description": "Configuration parameters for a new instance.", "properties": { "accountNetworksEnabled": { "type": "boolean", "description": "If true networks can be from different projects of the same vendor account." }, "clientNetwork": { "$ref": "#/types/google-native:baremetalsolution%2Fv2:NetworkAddress", "description": "Client network address. Filled if InstanceConfig.multivlan_config is false." }, "hyperthreading": { "type": "boolean", "description": "Whether the instance should be provisioned with Hyperthreading enabled." }, "id": { "type": "string", "description": "A transient unique identifier to idenfity an instance within an ProvisioningConfig request." }, "instanceType": { "type": "string", "description": "Instance type. [Available types](https://cloud.google.com/bare-metal/docs/bms-planning#server_configurations)" }, "logicalInterfaces": { "type": "array", "items": { "$ref": "#/types/google-native:baremetalsolution%2Fv2:GoogleCloudBaremetalsolutionV2LogicalInterface" }, "description": "List of logical interfaces for the instance. The number of logical interfaces will be the same as number of hardware bond/nic on the chosen network template. Filled if InstanceConfig.multivlan_config is true." }, "name": { "type": "string", "description": "The name of the instance config." }, "networkConfig": { "$ref": "#/types/google-native:baremetalsolution%2Fv2:InstanceConfigNetworkConfig", "description": "The type of network configuration on the instance." }, "networkTemplate": { "type": "string", "description": "Server network template name. Filled if InstanceConfig.multivlan_config is true." }, "osImage": { "type": "string", "description": "OS image to initialize the instance. [Available images](https://cloud.google.com/bare-metal/docs/bms-planning#server_configurations)" }, "privateNetwork": { "$ref": "#/types/google-native:baremetalsolution%2Fv2:NetworkAddress", "description": "Private network address, if any. Filled if InstanceConfig.multivlan_config is false." }, "sshKeyNames": { "type": "array", "items": { "type": "string" }, "description": "Optional. List of names of ssh keys used to provision the instance." }, "userNote": { "type": "string", "description": "User note field, it can be used by customers to add additional information for the BMS Ops team ." } }, "type": "object" }, "google-native:baremetalsolution/v2:InstanceConfigNetworkConfig": { "description": "The type of network configuration on the instance.", "type": "string", "enum": [ { "name": "NetworkconfigUnspecified", "description": "The unspecified network configuration.", "value": "NETWORKCONFIG_UNSPECIFIED" }, { "name": "SingleVlan", "description": "Instance part of single client network and single private network.", "value": "SINGLE_VLAN" }, { "name": "MultiVlan", "description": "Instance part of multiple (or single) client networks and private networks.", "value": "MULTI_VLAN" } ] }, "google-native:baremetalsolution/v2:InstanceConfigResponse": { "description": "Configuration parameters for a new instance.", "properties": { "accountNetworksEnabled": { "type": "boolean", "description": "If true networks can be from different projects of the same vendor account." }, "clientNetwork": { "$ref": "#/types/google-native:baremetalsolution%2Fv2:NetworkAddressResponse", "description": "Client network address. Filled if InstanceConfig.multivlan_config is false." }, "hyperthreading": { "type": "boolean", "description": "Whether the instance should be provisioned with Hyperthreading enabled." }, "instanceType": { "type": "string", "description": "Instance type. [Available types](https://cloud.google.com/bare-metal/docs/bms-planning#server_configurations)" }, "logicalInterfaces": { "type": "array", "items": { "$ref": "#/types/google-native:baremetalsolution%2Fv2:GoogleCloudBaremetalsolutionV2LogicalInterfaceResponse" }, "description": "List of logical interfaces for the instance. The number of logical interfaces will be the same as number of hardware bond/nic on the chosen network template. Filled if InstanceConfig.multivlan_config is true." }, "name": { "type": "string", "description": "The name of the instance config." }, "networkConfig": { "type": "string", "description": "The type of network configuration on the instance." }, "networkTemplate": { "type": "string", "description": "Server network template name. Filled if InstanceConfig.multivlan_config is true." }, "osImage": { "type": "string", "description": "OS image to initialize the instance. [Available images](https://cloud.google.com/bare-metal/docs/bms-planning#server_configurations)" }, "privateNetwork": { "$ref": "#/types/google-native:baremetalsolution%2Fv2:NetworkAddressResponse", "description": "Private network address, if any. Filled if InstanceConfig.multivlan_config is false." }, "sshKeyNames": { "type": "array", "items": { "type": "string" }, "description": "Optional. List of names of ssh keys used to provision the instance." }, "userNote": { "type": "string", "description": "User note field, it can be used by customers to add additional information for the BMS Ops team ." } }, "type": "object", "required": [ "accountNetworksEnabled", "clientNetwork", "hyperthreading", "instanceType", "logicalInterfaces", "name", "networkConfig", "networkTemplate", "osImage", "privateNetwork", "sshKeyNames", "userNote" ] }, "google-native:baremetalsolution/v2:IntakeVlanAttachment": { "description": "A GCP vlan attachment.", "properties": { "id": { "type": "string", "description": "Identifier of the VLAN attachment." }, "pairingKey": { "type": "string", "description": "Attachment pairing key." } }, "type": "object" }, "google-native:baremetalsolution/v2:IntakeVlanAttachmentResponse": { "description": "A GCP vlan attachment.", "properties": { "pairingKey": { "type": "string", "description": "Attachment pairing key." } }, "type": "object", "required": [ "pairingKey" ] }, "google-native:baremetalsolution/v2:LogicalNetworkInterface": { "description": "Each logical network interface is effectively a network and IP pair.", "properties": { "defaultGateway": { "type": "boolean", "description": "Whether this interface is the default gateway for the instance. Only one interface can be the default gateway for the instance." }, "id": { "type": "string", "description": "An identifier for the `Network`, generated by the backend." }, "ipAddress": { "type": "string", "description": "IP address in the network" }, "network": { "type": "string", "description": "Name of the network" }, "networkType": { "$ref": "#/types/google-native:baremetalsolution%2Fv2:LogicalNetworkInterfaceNetworkType", "description": "Type of network." } }, "type": "object" }, "google-native:baremetalsolution/v2:LogicalNetworkInterfaceNetworkType": { "description": "Type of network.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Unspecified value.", "value": "TYPE_UNSPECIFIED" }, { "name": "Client", "description": "Client network, a network peered to a Google Cloud VPC.", "value": "CLIENT" }, { "name": "Private", "description": "Private network, a network local to the Bare Metal Solution environment.", "value": "PRIVATE" } ] }, "google-native:baremetalsolution/v2:LogicalNetworkInterfaceResponse": { "description": "Each logical network interface is effectively a network and IP pair.", "properties": { "defaultGateway": { "type": "boolean", "description": "Whether this interface is the default gateway for the instance. Only one interface can be the default gateway for the instance." }, "ipAddress": { "type": "string", "description": "IP address in the network" }, "network": { "type": "string", "description": "Name of the network" }, "networkType": { "type": "string", "description": "Type of network." } }, "type": "object", "required": [ "defaultGateway", "ipAddress", "network", "networkType" ] }, "google-native:baremetalsolution/v2:LunRange": { "description": "A LUN(Logical Unit Number) range.", "properties": { "quantity": { "type": "integer", "description": "Number of LUNs to create." }, "sizeGb": { "type": "integer", "description": "The requested size of each LUN, in GB." } }, "type": "object" }, "google-native:baremetalsolution/v2:LunRangeResponse": { "description": "A LUN(Logical Unit Number) range.", "properties": { "quantity": { "type": "integer", "description": "Number of LUNs to create." }, "sizeGb": { "type": "integer", "description": "The requested size of each LUN, in GB." } }, "type": "object", "required": [ "quantity", "sizeGb" ] }, "google-native:baremetalsolution/v2:NetworkAddress": { "description": "A network.", "properties": { "address": { "type": "string", "description": "IPv4 address to be assigned to the server." }, "existingNetworkId": { "type": "string", "description": "Name of the existing network to use." }, "networkId": { "type": "string", "description": "Id of the network to use, within the same ProvisioningConfig request." } }, "type": "object" }, "google-native:baremetalsolution/v2:NetworkAddressResponse": { "description": "A network.", "properties": { "address": { "type": "string", "description": "IPv4 address to be assigned to the server." }, "existingNetworkId": { "type": "string", "description": "Name of the existing network to use." }, "networkId": { "type": "string", "description": "Id of the network to use, within the same ProvisioningConfig request." } }, "type": "object", "required": [ "address", "existingNetworkId", "networkId" ] }, "google-native:baremetalsolution/v2:NetworkConfig": { "description": "Configuration parameters for a new network.", "properties": { "bandwidth": { "$ref": "#/types/google-native:baremetalsolution%2Fv2:NetworkConfigBandwidth", "description": "Interconnect bandwidth. Set only when type is CLIENT." }, "cidr": { "type": "string", "description": "CIDR range of the network." }, "gcpService": { "type": "string", "description": "The GCP service of the network. Available gcp_service are in https://cloud.google.com/bare-metal/docs/bms-planning." }, "id": { "type": "string", "description": "A transient unique identifier to identify a volume within an ProvisioningConfig request." }, "jumboFramesEnabled": { "type": "boolean", "description": "The JumboFramesEnabled option for customer to set." }, "serviceCidr": { "$ref": "#/types/google-native:baremetalsolution%2Fv2:NetworkConfigServiceCidr", "description": "Service CIDR, if any." }, "type": { "$ref": "#/types/google-native:baremetalsolution%2Fv2:NetworkConfigType", "description": "The type of this network, either Client or Private." }, "userNote": { "type": "string", "description": "User note field, it can be used by customers to add additional information for the BMS Ops team ." }, "vlanAttachments": { "type": "array", "items": { "$ref": "#/types/google-native:baremetalsolution%2Fv2:IntakeVlanAttachment" }, "description": "List of VLAN attachments. As of now there are always 2 attachments, but it is going to change in the future (multi vlan)." }, "vlanSameProject": { "type": "boolean", "description": "Whether the VLAN attachment pair is located in the same project." } }, "type": "object" }, "google-native:baremetalsolution/v2:NetworkConfigBandwidth": { "description": "Interconnect bandwidth. Set only when type is CLIENT.", "type": "string", "enum": [ { "name": "BandwidthUnspecified", "description": "Unspecified value.", "value": "BANDWIDTH_UNSPECIFIED" }, { "name": "Bw1Gbps", "description": "1 Gbps.", "value": "BW_1_GBPS" }, { "name": "Bw2Gbps", "description": "2 Gbps.", "value": "BW_2_GBPS" }, { "name": "Bw5Gbps", "description": "5 Gbps.", "value": "BW_5_GBPS" }, { "name": "Bw10Gbps", "description": "10 Gbps.", "value": "BW_10_GBPS" } ] }, "google-native:baremetalsolution/v2:NetworkConfigResponse": { "description": "Configuration parameters for a new network.", "properties": { "bandwidth": { "type": "string", "description": "Interconnect bandwidth. Set only when type is CLIENT." }, "cidr": { "type": "string", "description": "CIDR range of the network." }, "gcpService": { "type": "string", "description": "The GCP service of the network. Available gcp_service are in https://cloud.google.com/bare-metal/docs/bms-planning." }, "jumboFramesEnabled": { "type": "boolean", "description": "The JumboFramesEnabled option for customer to set." }, "name": { "type": "string", "description": "The name of the network config." }, "serviceCidr": { "type": "string", "description": "Service CIDR, if any." }, "type": { "type": "string", "description": "The type of this network, either Client or Private." }, "userNote": { "type": "string", "description": "User note field, it can be used by customers to add additional information for the BMS Ops team ." }, "vlanAttachments": { "type": "array", "items": { "$ref": "#/types/google-native:baremetalsolution%2Fv2:IntakeVlanAttachmentResponse" }, "description": "List of VLAN attachments. As of now there are always 2 attachments, but it is going to change in the future (multi vlan)." }, "vlanSameProject": { "type": "boolean", "description": "Whether the VLAN attachment pair is located in the same project." } }, "type": "object", "required": [ "bandwidth", "cidr", "gcpService", "jumboFramesEnabled", "name", "serviceCidr", "type", "userNote", "vlanAttachments", "vlanSameProject" ] }, "google-native:baremetalsolution/v2:NetworkConfigServiceCidr": { "description": "Service CIDR, if any.", "type": "string", "enum": [ { "name": "ServiceCidrUnspecified", "description": "Unspecified value.", "value": "SERVICE_CIDR_UNSPECIFIED" }, { "name": "Disabled", "description": "Services are disabled for the given network.", "value": "DISABLED" }, { "name": "High26", "description": "Use the highest /26 block of the network to host services.", "value": "HIGH_26" }, { "name": "High27", "description": "Use the highest /27 block of the network to host services.", "value": "HIGH_27" }, { "name": "High28", "description": "Use the highest /28 block of the network to host services.", "value": "HIGH_28" } ] }, "google-native:baremetalsolution/v2:NetworkConfigType": { "description": "The type of this network, either Client or Private.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Unspecified value.", "value": "TYPE_UNSPECIFIED" }, { "name": "Client", "description": "Client network, that is a network peered to a GCP VPC.", "value": "CLIENT" }, { "name": "Private", "description": "Private network, that is a network local to the BMS POD.", "value": "PRIVATE" } ] }, "google-native:baremetalsolution/v2:NfsExport": { "description": "A NFS export entry.", "properties": { "allowDev": { "type": "boolean", "description": "Allow dev flag in NfsShare AllowedClientsRequest." }, "allowSuid": { "type": "boolean", "description": "Allow the setuid flag." }, "cidr": { "type": "string", "description": "A CIDR range." }, "machineId": { "type": "string", "description": "Either a single machine, identified by an ID, or a comma-separated list of machine IDs." }, "networkId": { "type": "string", "description": "Network to use to publish the export." }, "noRootSquash": { "type": "boolean", "description": "Disable root squashing, which is a feature of NFS. Root squash is a special mapping of the remote superuser (root) identity when using identity authentication." }, "permissions": { "$ref": "#/types/google-native:baremetalsolution%2Fv2:NfsExportPermissions", "description": "Export permissions." } }, "type": "object" }, "google-native:baremetalsolution/v2:NfsExportPermissions": { "description": "Export permissions.", "type": "string", "enum": [ { "name": "PermissionsUnspecified", "description": "Unspecified value.", "value": "PERMISSIONS_UNSPECIFIED" }, { "name": "ReadOnly", "description": "Read-only permission.", "value": "READ_ONLY" }, { "name": "ReadWrite", "description": "Read-write permission.", "value": "READ_WRITE" } ] }, "google-native:baremetalsolution/v2:NfsExportResponse": { "description": "A NFS export entry.", "properties": { "allowDev": { "type": "boolean", "description": "Allow dev flag in NfsShare AllowedClientsRequest." }, "allowSuid": { "type": "boolean", "description": "Allow the setuid flag." }, "cidr": { "type": "string", "description": "A CIDR range." }, "machineId": { "type": "string", "description": "Either a single machine, identified by an ID, or a comma-separated list of machine IDs." }, "networkId": { "type": "string", "description": "Network to use to publish the export." }, "noRootSquash": { "type": "boolean", "description": "Disable root squashing, which is a feature of NFS. Root squash is a special mapping of the remote superuser (root) identity when using identity authentication." }, "permissions": { "type": "string", "description": "Export permissions." } }, "type": "object", "required": [ "allowDev", "allowSuid", "cidr", "machineId", "networkId", "noRootSquash", "permissions" ] }, "google-native:baremetalsolution/v2:NfsShareStorageType": { "description": "Immutable. The storage type of the underlying volume.", "type": "string", "enum": [ { "name": "StorageTypeUnspecified", "description": "The storage type for this volume is unknown.", "value": "STORAGE_TYPE_UNSPECIFIED" }, { "name": "Ssd", "description": "The storage type for this volume is SSD.", "value": "SSD" }, { "name": "Hdd", "description": "This storage type for this volume is HDD.", "value": "HDD" } ] }, "google-native:baremetalsolution/v2:VolumeConfig": { "description": "Configuration parameters for a new volume.", "properties": { "gcpService": { "type": "string", "description": "The GCP service of the storage volume. Available gcp_service are in https://cloud.google.com/bare-metal/docs/bms-planning." }, "id": { "type": "string", "description": "A transient unique identifier to identify a volume within an ProvisioningConfig request." }, "lunRanges": { "type": "array", "items": { "$ref": "#/types/google-native:baremetalsolution%2Fv2:LunRange" }, "description": "LUN ranges to be configured. Set only when protocol is PROTOCOL_FC." }, "machineIds": { "type": "array", "items": { "type": "string" }, "description": "Machine ids connected to this volume. Set only when protocol is PROTOCOL_FC." }, "nfsExports": { "type": "array", "items": { "$ref": "#/types/google-native:baremetalsolution%2Fv2:NfsExport" }, "description": "NFS exports. Set only when protocol is PROTOCOL_NFS." }, "performanceTier": { "$ref": "#/types/google-native:baremetalsolution%2Fv2:VolumeConfigPerformanceTier", "description": "Performance tier of the Volume. Default is SHARED." }, "protocol": { "$ref": "#/types/google-native:baremetalsolution%2Fv2:VolumeConfigProtocol", "description": "Volume protocol." }, "sizeGb": { "type": "integer", "description": "The requested size of this volume, in GB." }, "snapshotsEnabled": { "type": "boolean", "description": "Whether snapshots should be enabled." }, "type": { "$ref": "#/types/google-native:baremetalsolution%2Fv2:VolumeConfigType", "description": "The type of this Volume." }, "userNote": { "type": "string", "description": "User note field, it can be used by customers to add additional information for the BMS Ops team ." } }, "type": "object" }, "google-native:baremetalsolution/v2:VolumeConfigPerformanceTier": { "description": "Performance tier of the Volume. Default is SHARED.", "type": "string", "enum": [ { "name": "VolumePerformanceTierUnspecified", "description": "Value is not specified.", "value": "VOLUME_PERFORMANCE_TIER_UNSPECIFIED" }, { "name": "VolumePerformanceTierShared", "description": "Regular volumes, shared aggregates.", "value": "VOLUME_PERFORMANCE_TIER_SHARED" }, { "name": "VolumePerformanceTierAssigned", "description": "Assigned aggregates.", "value": "VOLUME_PERFORMANCE_TIER_ASSIGNED" }, { "name": "VolumePerformanceTierHt", "description": "High throughput aggregates.", "value": "VOLUME_PERFORMANCE_TIER_HT" } ] }, "google-native:baremetalsolution/v2:VolumeConfigProtocol": { "description": "Volume protocol.", "type": "string", "enum": [ { "name": "ProtocolUnspecified", "description": "Unspecified value.", "value": "PROTOCOL_UNSPECIFIED" }, { "name": "ProtocolFc", "description": "Fibre channel.", "value": "PROTOCOL_FC" }, { "name": "ProtocolNfs", "description": "Network file system.", "value": "PROTOCOL_NFS" } ] }, "google-native:baremetalsolution/v2:VolumeConfigResponse": { "description": "Configuration parameters for a new volume.", "properties": { "gcpService": { "type": "string", "description": "The GCP service of the storage volume. Available gcp_service are in https://cloud.google.com/bare-metal/docs/bms-planning." }, "lunRanges": { "type": "array", "items": { "$ref": "#/types/google-native:baremetalsolution%2Fv2:LunRangeResponse" }, "description": "LUN ranges to be configured. Set only when protocol is PROTOCOL_FC." }, "machineIds": { "type": "array", "items": { "type": "string" }, "description": "Machine ids connected to this volume. Set only when protocol is PROTOCOL_FC." }, "name": { "type": "string", "description": "The name of the volume config." }, "nfsExports": { "type": "array", "items": { "$ref": "#/types/google-native:baremetalsolution%2Fv2:NfsExportResponse" }, "description": "NFS exports. Set only when protocol is PROTOCOL_NFS." }, "performanceTier": { "type": "string", "description": "Performance tier of the Volume. Default is SHARED." }, "protocol": { "type": "string", "description": "Volume protocol." }, "sizeGb": { "type": "integer", "description": "The requested size of this volume, in GB." }, "snapshotsEnabled": { "type": "boolean", "description": "Whether snapshots should be enabled." }, "type": { "type": "string", "description": "The type of this Volume." }, "userNote": { "type": "string", "description": "User note field, it can be used by customers to add additional information for the BMS Ops team ." } }, "type": "object", "required": [ "gcpService", "lunRanges", "machineIds", "name", "nfsExports", "performanceTier", "protocol", "sizeGb", "snapshotsEnabled", "type", "userNote" ] }, "google-native:baremetalsolution/v2:VolumeConfigType": { "description": "The type of this Volume.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "The unspecified type.", "value": "TYPE_UNSPECIFIED" }, { "name": "Flash", "description": "This Volume is on flash.", "value": "FLASH" }, { "name": "Disk", "description": "This Volume is on disk.", "value": "DISK" } ] }, "google-native:batch/v1:Accelerator": { "description": "Accelerator describes Compute Engine accelerators to be attached to the VM.", "properties": { "count": { "type": "string", "description": "The number of accelerators of this type." }, "driverVersion": { "type": "string", "description": "Optional. The NVIDIA GPU driver version that should be installed for this type. You can define the specific driver version such as \"470.103.01\", following the driver version requirements in https://cloud.google.com/compute/docs/gpus/install-drivers-gpu#minimum-driver. Batch will install the specific accelerator driver if qualified." }, "installGpuDrivers": { "type": "boolean", "description": "Deprecated: please use instances[0].install_gpu_drivers instead.", "deprecationMessage": "Deprecated: please use instances[0].install_gpu_drivers instead." }, "type": { "type": "string", "description": "The accelerator type. For example, \"nvidia-tesla-t4\". See `gcloud compute accelerator-types list`." } }, "type": "object" }, "google-native:batch/v1:AcceleratorResponse": { "description": "Accelerator describes Compute Engine accelerators to be attached to the VM.", "properties": { "count": { "type": "string", "description": "The number of accelerators of this type." }, "driverVersion": { "type": "string", "description": "Optional. The NVIDIA GPU driver version that should be installed for this type. You can define the specific driver version such as \"470.103.01\", following the driver version requirements in https://cloud.google.com/compute/docs/gpus/install-drivers-gpu#minimum-driver. Batch will install the specific accelerator driver if qualified." }, "installGpuDrivers": { "type": "boolean", "description": "Deprecated: please use instances[0].install_gpu_drivers instead.", "deprecationMessage": "Deprecated: please use instances[0].install_gpu_drivers instead." }, "type": { "type": "string", "description": "The accelerator type. For example, \"nvidia-tesla-t4\". See `gcloud compute accelerator-types list`." } }, "type": "object", "required": [ "count", "driverVersion", "installGpuDrivers", "type" ] }, "google-native:batch/v1:ActionCondition": { "description": "Conditions for actions to deal with task failures.", "properties": { "exitCodes": { "type": "array", "items": { "type": "integer" }, "description": "Exit codes of a task execution. If there are more than 1 exit codes, when task executes with any of the exit code in the list, the condition is met and the action will be executed." } }, "type": "object" }, "google-native:batch/v1:ActionConditionResponse": { "description": "Conditions for actions to deal with task failures.", "properties": { "exitCodes": { "type": "array", "items": { "type": "integer" }, "description": "Exit codes of a task execution. If there are more than 1 exit codes, when task executes with any of the exit code in the list, the condition is met and the action will be executed." } }, "type": "object", "required": [ "exitCodes" ] }, "google-native:batch/v1:AllocationPolicy": { "description": "A Job's resource allocation policy describes when, where, and how compute resources should be allocated for the Job.", "properties": { "instances": { "type": "array", "items": { "$ref": "#/types/google-native:batch%2Fv1:InstancePolicyOrTemplate" }, "description": "Describe instances that can be created by this AllocationPolicy. Only instances[0] is supported now." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels applied to all VM instances and other resources created by AllocationPolicy. Labels could be user provided or system generated. You can assign up to 64 labels. [Google Compute Engine label restrictions](https://cloud.google.com/compute/docs/labeling-resources#restrictions) apply. Label names that start with \"goog-\" or \"google-\" are reserved." }, "location": { "$ref": "#/types/google-native:batch%2Fv1:LocationPolicy", "description": "Location where compute resources should be allocated for the Job." }, "network": { "$ref": "#/types/google-native:batch%2Fv1:NetworkPolicy", "description": "The network policy. If you define an instance template in the InstancePolicyOrTemplate field, Batch will use the network settings in the instance template instead of this field." }, "placement": { "$ref": "#/types/google-native:batch%2Fv1:PlacementPolicy", "description": "The placement policy." }, "serviceAccount": { "$ref": "#/types/google-native:batch%2Fv1:ServiceAccount", "description": "Service account that VMs will run as." } }, "type": "object" }, "google-native:batch/v1:AllocationPolicyResponse": { "description": "A Job's resource allocation policy describes when, where, and how compute resources should be allocated for the Job.", "properties": { "instances": { "type": "array", "items": { "$ref": "#/types/google-native:batch%2Fv1:InstancePolicyOrTemplateResponse" }, "description": "Describe instances that can be created by this AllocationPolicy. Only instances[0] is supported now." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels applied to all VM instances and other resources created by AllocationPolicy. Labels could be user provided or system generated. You can assign up to 64 labels. [Google Compute Engine label restrictions](https://cloud.google.com/compute/docs/labeling-resources#restrictions) apply. Label names that start with \"goog-\" or \"google-\" are reserved." }, "location": { "$ref": "#/types/google-native:batch%2Fv1:LocationPolicyResponse", "description": "Location where compute resources should be allocated for the Job." }, "network": { "$ref": "#/types/google-native:batch%2Fv1:NetworkPolicyResponse", "description": "The network policy. If you define an instance template in the InstancePolicyOrTemplate field, Batch will use the network settings in the instance template instead of this field." }, "placement": { "$ref": "#/types/google-native:batch%2Fv1:PlacementPolicyResponse", "description": "The placement policy." }, "serviceAccount": { "$ref": "#/types/google-native:batch%2Fv1:ServiceAccountResponse", "description": "Service account that VMs will run as." } }, "type": "object", "required": [ "instances", "labels", "location", "network", "placement", "serviceAccount" ] }, "google-native:batch/v1:AttachedDisk": { "description": "A new or an existing persistent disk (PD) or a local ssd attached to a VM instance.", "properties": { "deviceName": { "type": "string", "description": "Device name that the guest operating system will see. It is used by Runnable.volumes field to mount disks. So please specify the device_name if you want Batch to help mount the disk, and it should match the device_name field in volumes." }, "existingDisk": { "type": "string", "description": "Name of an existing PD." }, "newDisk": { "$ref": "#/types/google-native:batch%2Fv1:Disk" } }, "type": "object" }, "google-native:batch/v1:AttachedDiskResponse": { "description": "A new or an existing persistent disk (PD) or a local ssd attached to a VM instance.", "properties": { "deviceName": { "type": "string", "description": "Device name that the guest operating system will see. It is used by Runnable.volumes field to mount disks. So please specify the device_name if you want Batch to help mount the disk, and it should match the device_name field in volumes." }, "existingDisk": { "type": "string", "description": "Name of an existing PD." }, "newDisk": { "$ref": "#/types/google-native:batch%2Fv1:DiskResponse" } }, "type": "object", "required": [ "deviceName", "existingDisk", "newDisk" ] }, "google-native:batch/v1:Barrier": { "description": "Barrier runnable blocks until all tasks in a taskgroup reach it.", "properties": { "name": { "type": "string", "description": "Barriers are identified by their index in runnable list. Names are not required, but if present should be an identifier." } }, "type": "object" }, "google-native:batch/v1:BarrierResponse": { "description": "Barrier runnable blocks until all tasks in a taskgroup reach it.", "properties": { "name": { "type": "string", "description": "Barriers are identified by their index in runnable list. Names are not required, but if present should be an identifier." } }, "type": "object", "required": [ "name" ] }, "google-native:batch/v1:CloudLoggingOption": { "description": "CloudLoggingOption contains additional settings for cloud logging generated by Batch job.", "type": "object" }, "google-native:batch/v1:CloudLoggingOptionResponse": { "description": "CloudLoggingOption contains additional settings for cloud logging generated by Batch job.", "type": "object" }, "google-native:batch/v1:ComputeResource": { "description": "Compute resource requirements. ComputeResource defines the amount of resources required for each task. Make sure your tasks have enough resources to successfully run. If you also define the types of resources for a job to use with the [InstancePolicyOrTemplate](https://cloud.google.com/batch/docs/reference/rest/v1/projects.locations.jobs#instancepolicyortemplate) field, make sure both fields are compatible with each other.", "properties": { "bootDiskMib": { "type": "string", "description": "Extra boot disk size in MiB for each task." }, "cpuMilli": { "type": "string", "description": "The milliCPU count. `cpuMilli` defines the amount of CPU resources per task in milliCPU units. For example, `1000` corresponds to 1 vCPU per task. If undefined, the default value is `2000`. If you also define the VM's machine type using the `machineType` in [InstancePolicy](https://cloud.google.com/batch/docs/reference/rest/v1/projects.locations.jobs#instancepolicy) field or inside the `instanceTemplate` in the [InstancePolicyOrTemplate](https://cloud.google.com/batch/docs/reference/rest/v1/projects.locations.jobs#instancepolicyortemplate) field, make sure the CPU resources for both fields are compatible with each other and with how many tasks you want to allow to run on the same VM at the same time. For example, if you specify the `n2-standard-2` machine type, which has 2 vCPUs each, you are recommended to set `cpuMilli` no more than `2000`, or you are recommended to run two tasks on the same VM if you set `cpuMilli` to `1000` or less." }, "memoryMib": { "type": "string", "description": "Memory in MiB. `memoryMib` defines the amount of memory per task in MiB units. If undefined, the default value is `2000`. If you also define the VM's machine type using the `machineType` in [InstancePolicy](https://cloud.google.com/batch/docs/reference/rest/v1/projects.locations.jobs#instancepolicy) field or inside the `instanceTemplate` in the [InstancePolicyOrTemplate](https://cloud.google.com/batch/docs/reference/rest/v1/projects.locations.jobs#instancepolicyortemplate) field, make sure the memory resources for both fields are compatible with each other and with how many tasks you want to allow to run on the same VM at the same time. For example, if you specify the `n2-standard-2` machine type, which has 8 GiB each, you are recommended to set `memoryMib` to no more than `8192`, or you are recommended to run two tasks on the same VM if you set `memoryMib` to `4096` or less." } }, "type": "object" }, "google-native:batch/v1:ComputeResourceResponse": { "description": "Compute resource requirements. ComputeResource defines the amount of resources required for each task. Make sure your tasks have enough resources to successfully run. If you also define the types of resources for a job to use with the [InstancePolicyOrTemplate](https://cloud.google.com/batch/docs/reference/rest/v1/projects.locations.jobs#instancepolicyortemplate) field, make sure both fields are compatible with each other.", "properties": { "bootDiskMib": { "type": "string", "description": "Extra boot disk size in MiB for each task." }, "cpuMilli": { "type": "string", "description": "The milliCPU count. `cpuMilli` defines the amount of CPU resources per task in milliCPU units. For example, `1000` corresponds to 1 vCPU per task. If undefined, the default value is `2000`. If you also define the VM's machine type using the `machineType` in [InstancePolicy](https://cloud.google.com/batch/docs/reference/rest/v1/projects.locations.jobs#instancepolicy) field or inside the `instanceTemplate` in the [InstancePolicyOrTemplate](https://cloud.google.com/batch/docs/reference/rest/v1/projects.locations.jobs#instancepolicyortemplate) field, make sure the CPU resources for both fields are compatible with each other and with how many tasks you want to allow to run on the same VM at the same time. For example, if you specify the `n2-standard-2` machine type, which has 2 vCPUs each, you are recommended to set `cpuMilli` no more than `2000`, or you are recommended to run two tasks on the same VM if you set `cpuMilli` to `1000` or less." }, "memoryMib": { "type": "string", "description": "Memory in MiB. `memoryMib` defines the amount of memory per task in MiB units. If undefined, the default value is `2000`. If you also define the VM's machine type using the `machineType` in [InstancePolicy](https://cloud.google.com/batch/docs/reference/rest/v1/projects.locations.jobs#instancepolicy) field or inside the `instanceTemplate` in the [InstancePolicyOrTemplate](https://cloud.google.com/batch/docs/reference/rest/v1/projects.locations.jobs#instancepolicyortemplate) field, make sure the memory resources for both fields are compatible with each other and with how many tasks you want to allow to run on the same VM at the same time. For example, if you specify the `n2-standard-2` machine type, which has 8 GiB each, you are recommended to set `memoryMib` to no more than `8192`, or you are recommended to run two tasks on the same VM if you set `memoryMib` to `4096` or less." } }, "type": "object", "required": [ "bootDiskMib", "cpuMilli", "memoryMib" ] }, "google-native:batch/v1:Container": { "description": "Container runnable.", "properties": { "blockExternalNetwork": { "type": "boolean", "description": "If set to true, external network access to and from container will be blocked, containers that are with block_external_network as true can still communicate with each other, network cannot be specified in the `container.options` field." }, "commands": { "type": "array", "items": { "type": "string" }, "description": "Overrides the `CMD` specified in the container. If there is an ENTRYPOINT (either in the container image or with the entrypoint field below) then commands are appended as arguments to the ENTRYPOINT." }, "entrypoint": { "type": "string", "description": "Overrides the `ENTRYPOINT` specified in the container." }, "imageUri": { "type": "string", "description": "The URI to pull the container image from." }, "options": { "type": "string", "description": "Arbitrary additional options to include in the \"docker run\" command when running this container, e.g. \"--network host\"." }, "password": { "type": "string", "description": "Optional password for logging in to a docker registry. If password matches `projects/*/secrets/*/versions/*` then Batch will read the password from the Secret Manager;" }, "username": { "type": "string", "description": "Optional username for logging in to a docker registry. If username matches `projects/*/secrets/*/versions/*` then Batch will read the username from the Secret Manager." }, "volumes": { "type": "array", "items": { "type": "string" }, "description": "Volumes to mount (bind mount) from the host machine files or directories into the container, formatted to match docker run's --volume option, e.g. /foo:/bar, or /foo:/bar:ro If the `TaskSpec.Volumes` field is specified but this field is not, Batch will mount each volume from the host machine to the container with the same mount path by default. In this case, the default mount option for containers will be read-only (ro) for existing persistent disks and read-write (rw) for other volume types, regardless of the original mount options specified in `TaskSpec.Volumes`. If you need different mount settings, you can explicitly configure them in this field." } }, "type": "object" }, "google-native:batch/v1:ContainerResponse": { "description": "Container runnable.", "properties": { "blockExternalNetwork": { "type": "boolean", "description": "If set to true, external network access to and from container will be blocked, containers that are with block_external_network as true can still communicate with each other, network cannot be specified in the `container.options` field." }, "commands": { "type": "array", "items": { "type": "string" }, "description": "Overrides the `CMD` specified in the container. If there is an ENTRYPOINT (either in the container image or with the entrypoint field below) then commands are appended as arguments to the ENTRYPOINT." }, "entrypoint": { "type": "string", "description": "Overrides the `ENTRYPOINT` specified in the container." }, "imageUri": { "type": "string", "description": "The URI to pull the container image from." }, "options": { "type": "string", "description": "Arbitrary additional options to include in the \"docker run\" command when running this container, e.g. \"--network host\"." }, "password": { "type": "string", "description": "Optional password for logging in to a docker registry. If password matches `projects/*/secrets/*/versions/*` then Batch will read the password from the Secret Manager;" }, "username": { "type": "string", "description": "Optional username for logging in to a docker registry. If username matches `projects/*/secrets/*/versions/*` then Batch will read the username from the Secret Manager." }, "volumes": { "type": "array", "items": { "type": "string" }, "description": "Volumes to mount (bind mount) from the host machine files or directories into the container, formatted to match docker run's --volume option, e.g. /foo:/bar, or /foo:/bar:ro If the `TaskSpec.Volumes` field is specified but this field is not, Batch will mount each volume from the host machine to the container with the same mount path by default. In this case, the default mount option for containers will be read-only (ro) for existing persistent disks and read-write (rw) for other volume types, regardless of the original mount options specified in `TaskSpec.Volumes`. If you need different mount settings, you can explicitly configure them in this field." } }, "type": "object", "required": [ "blockExternalNetwork", "commands", "entrypoint", "imageUri", "options", "password", "username", "volumes" ] }, "google-native:batch/v1:Disk": { "description": "A new persistent disk or a local ssd. A VM can only have one local SSD setting but multiple local SSD partitions. See https://cloud.google.com/compute/docs/disks#pdspecs and https://cloud.google.com/compute/docs/disks#localssds.", "properties": { "diskInterface": { "type": "string", "description": "Local SSDs are available through both \"SCSI\" and \"NVMe\" interfaces. If not indicated, \"NVMe\" will be the default one for local ssds. This field is ignored for persistent disks as the interface is chosen automatically. See https://cloud.google.com/compute/docs/disks/persistent-disks#choose_an_interface." }, "image": { "type": "string", "description": "URL for a VM image to use as the data source for this disk. For example, the following are all valid URLs: * Specify the image by its family name: projects/{project}/global/images/family/{image_family} * Specify the image version: projects/{project}/global/images/{image_version} You can also use Batch customized image in short names. The following image values are supported for a boot disk: * `batch-debian`: use Batch Debian images. * `batch-centos`: use Batch CentOS images. * `batch-cos`: use Batch Container-Optimized images. * `batch-hpc-centos`: use Batch HPC CentOS images. * `batch-hpc-rocky`: use Batch HPC Rocky Linux images." }, "sizeGb": { "type": "string", "description": "Disk size in GB. **Non-Boot Disk**: If the `type` specifies a persistent disk, this field is ignored if `data_source` is set as `image` or `snapshot`. If the `type` specifies a local SSD, this field should be a multiple of 375 GB, otherwise, the final size will be the next greater multiple of 375 GB. **Boot Disk**: Batch will calculate the boot disk size based on source image and task requirements if you do not speicify the size. If both this field and the `boot_disk_mib` field in task spec's `compute_resource` are defined, Batch will only honor this field. Also, this field should be no smaller than the source disk's size when the `data_source` is set as `snapshot` or `image`. For example, if you set an image as the `data_source` field and the image's default disk size 30 GB, you can only use this field to make the disk larger or equal to 30 GB." }, "snapshot": { "type": "string", "description": "Name of a snapshot used as the data source. Snapshot is not supported as boot disk now." }, "type": { "type": "string", "description": "Disk type as shown in `gcloud compute disk-types list`. For example, local SSD uses type \"local-ssd\". Persistent disks and boot disks use \"pd-balanced\", \"pd-extreme\", \"pd-ssd\" or \"pd-standard\"." } }, "type": "object" }, "google-native:batch/v1:DiskResponse": { "description": "A new persistent disk or a local ssd. A VM can only have one local SSD setting but multiple local SSD partitions. See https://cloud.google.com/compute/docs/disks#pdspecs and https://cloud.google.com/compute/docs/disks#localssds.", "properties": { "diskInterface": { "type": "string", "description": "Local SSDs are available through both \"SCSI\" and \"NVMe\" interfaces. If not indicated, \"NVMe\" will be the default one for local ssds. This field is ignored for persistent disks as the interface is chosen automatically. See https://cloud.google.com/compute/docs/disks/persistent-disks#choose_an_interface." }, "image": { "type": "string", "description": "URL for a VM image to use as the data source for this disk. For example, the following are all valid URLs: * Specify the image by its family name: projects/{project}/global/images/family/{image_family} * Specify the image version: projects/{project}/global/images/{image_version} You can also use Batch customized image in short names. The following image values are supported for a boot disk: * `batch-debian`: use Batch Debian images. * `batch-centos`: use Batch CentOS images. * `batch-cos`: use Batch Container-Optimized images. * `batch-hpc-centos`: use Batch HPC CentOS images. * `batch-hpc-rocky`: use Batch HPC Rocky Linux images." }, "sizeGb": { "type": "string", "description": "Disk size in GB. **Non-Boot Disk**: If the `type` specifies a persistent disk, this field is ignored if `data_source` is set as `image` or `snapshot`. If the `type` specifies a local SSD, this field should be a multiple of 375 GB, otherwise, the final size will be the next greater multiple of 375 GB. **Boot Disk**: Batch will calculate the boot disk size based on source image and task requirements if you do not speicify the size. If both this field and the `boot_disk_mib` field in task spec's `compute_resource` are defined, Batch will only honor this field. Also, this field should be no smaller than the source disk's size when the `data_source` is set as `snapshot` or `image`. For example, if you set an image as the `data_source` field and the image's default disk size 30 GB, you can only use this field to make the disk larger or equal to 30 GB." }, "snapshot": { "type": "string", "description": "Name of a snapshot used as the data source. Snapshot is not supported as boot disk now." }, "type": { "type": "string", "description": "Disk type as shown in `gcloud compute disk-types list`. For example, local SSD uses type \"local-ssd\". Persistent disks and boot disks use \"pd-balanced\", \"pd-extreme\", \"pd-ssd\" or \"pd-standard\"." } }, "type": "object", "required": [ "diskInterface", "image", "sizeGb", "snapshot", "type" ] }, "google-native:batch/v1:Environment": { "description": "An Environment describes a collection of environment variables to set when executing Tasks.", "properties": { "encryptedVariables": { "$ref": "#/types/google-native:batch%2Fv1:KMSEnvMap", "description": "An encrypted JSON dictionary where the key/value pairs correspond to environment variable names and their values." }, "secretVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of environment variable names to Secret Manager secret names. The VM will access the named secrets to set the value of each environment variable." }, "variables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of environment variable names to values." } }, "type": "object" }, "google-native:batch/v1:EnvironmentResponse": { "description": "An Environment describes a collection of environment variables to set when executing Tasks.", "properties": { "encryptedVariables": { "$ref": "#/types/google-native:batch%2Fv1:KMSEnvMapResponse", "description": "An encrypted JSON dictionary where the key/value pairs correspond to environment variable names and their values." }, "secretVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of environment variable names to Secret Manager secret names. The VM will access the named secrets to set the value of each environment variable." }, "variables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of environment variable names to values." } }, "type": "object", "required": [ "encryptedVariables", "secretVariables", "variables" ] }, "google-native:batch/v1:GCS": { "description": "Represents a Google Cloud Storage volume.", "properties": { "remotePath": { "type": "string", "description": "Remote path, either a bucket name or a subdirectory of a bucket, e.g.: bucket_name, bucket_name/subdirectory/" } }, "type": "object" }, "google-native:batch/v1:GCSResponse": { "description": "Represents a Google Cloud Storage volume.", "properties": { "remotePath": { "type": "string", "description": "Remote path, either a bucket name or a subdirectory of a bucket, e.g.: bucket_name, bucket_name/subdirectory/" } }, "type": "object", "required": [ "remotePath" ] }, "google-native:batch/v1:InstancePolicy": { "description": "InstancePolicy describes an instance type and resources attached to each VM created by this InstancePolicy.", "properties": { "accelerators": { "type": "array", "items": { "$ref": "#/types/google-native:batch%2Fv1:Accelerator" }, "description": "The accelerators attached to each VM instance." }, "bootDisk": { "$ref": "#/types/google-native:batch%2Fv1:Disk", "description": "Boot disk to be created and attached to each VM by this InstancePolicy. Boot disk will be deleted when the VM is deleted. Batch API now only supports booting from image." }, "disks": { "type": "array", "items": { "$ref": "#/types/google-native:batch%2Fv1:AttachedDisk" }, "description": "Non-boot disks to be attached for each VM created by this InstancePolicy. New disks will be deleted when the VM is deleted. A non-boot disk is a disk that can be of a device with a file system or a raw storage drive that is not ready for data storage and accessing." }, "machineType": { "type": "string", "description": "The Compute Engine machine type." }, "minCpuPlatform": { "type": "string", "description": "The minimum CPU platform. See https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform." }, "provisioningModel": { "$ref": "#/types/google-native:batch%2Fv1:InstancePolicyProvisioningModel", "description": "The provisioning model." }, "reservation": { "type": "string", "description": "Optional. If specified, VMs will consume only the specified reservation. If not specified (default), VMs will consume any applicable reservation." } }, "type": "object" }, "google-native:batch/v1:InstancePolicyOrTemplate": { "description": "InstancePolicyOrTemplate lets you define the type of resources to use for this job either with an InstancePolicy or an instance template. If undefined, Batch picks the type of VM to use and doesn't include optional VM resources such as GPUs and extra disks.", "properties": { "installGpuDrivers": { "type": "boolean", "description": "Set this field true if users want Batch to help fetch drivers from a third party location and install them for GPUs specified in policy.accelerators or instance_template on their behalf. Default is false. For Container-Optimized Image cases, Batch will install the accelerator driver following milestones of https://cloud.google.com/container-optimized-os/docs/release-notes. For non Container-Optimized Image cases, following https://github.com/GoogleCloudPlatform/compute-gpu-installation/blob/main/linux/install_gpu_driver.py." }, "instanceTemplate": { "type": "string", "description": "Name of an instance template used to create VMs. Named the field as 'instance_template' instead of 'template' to avoid c++ keyword conflict." }, "policy": { "$ref": "#/types/google-native:batch%2Fv1:InstancePolicy", "description": "InstancePolicy." } }, "type": "object" }, "google-native:batch/v1:InstancePolicyOrTemplateResponse": { "description": "InstancePolicyOrTemplate lets you define the type of resources to use for this job either with an InstancePolicy or an instance template. If undefined, Batch picks the type of VM to use and doesn't include optional VM resources such as GPUs and extra disks.", "properties": { "installGpuDrivers": { "type": "boolean", "description": "Set this field true if users want Batch to help fetch drivers from a third party location and install them for GPUs specified in policy.accelerators or instance_template on their behalf. Default is false. For Container-Optimized Image cases, Batch will install the accelerator driver following milestones of https://cloud.google.com/container-optimized-os/docs/release-notes. For non Container-Optimized Image cases, following https://github.com/GoogleCloudPlatform/compute-gpu-installation/blob/main/linux/install_gpu_driver.py." }, "instanceTemplate": { "type": "string", "description": "Name of an instance template used to create VMs. Named the field as 'instance_template' instead of 'template' to avoid c++ keyword conflict." }, "policy": { "$ref": "#/types/google-native:batch%2Fv1:InstancePolicyResponse", "description": "InstancePolicy." } }, "type": "object", "required": [ "installGpuDrivers", "instanceTemplate", "policy" ] }, "google-native:batch/v1:InstancePolicyProvisioningModel": { "description": "The provisioning model.", "type": "string", "enum": [ { "name": "ProvisioningModelUnspecified", "description": "Unspecified.", "value": "PROVISIONING_MODEL_UNSPECIFIED" }, { "name": "Standard", "description": "Standard VM.", "value": "STANDARD" }, { "name": "Spot", "description": "SPOT VM.", "value": "SPOT" }, { "name": "Preemptible", "description": "Preemptible VM (PVM). Above SPOT VM is the preferable model for preemptible VM instances: the old preemptible VM model (indicated by this field) is the older model, and has been migrated to use the SPOT model as the underlying technology. This old model will still be supported.", "value": "PREEMPTIBLE" } ] }, "google-native:batch/v1:InstancePolicyResponse": { "description": "InstancePolicy describes an instance type and resources attached to each VM created by this InstancePolicy.", "properties": { "accelerators": { "type": "array", "items": { "$ref": "#/types/google-native:batch%2Fv1:AcceleratorResponse" }, "description": "The accelerators attached to each VM instance." }, "bootDisk": { "$ref": "#/types/google-native:batch%2Fv1:DiskResponse", "description": "Boot disk to be created and attached to each VM by this InstancePolicy. Boot disk will be deleted when the VM is deleted. Batch API now only supports booting from image." }, "disks": { "type": "array", "items": { "$ref": "#/types/google-native:batch%2Fv1:AttachedDiskResponse" }, "description": "Non-boot disks to be attached for each VM created by this InstancePolicy. New disks will be deleted when the VM is deleted. A non-boot disk is a disk that can be of a device with a file system or a raw storage drive that is not ready for data storage and accessing." }, "machineType": { "type": "string", "description": "The Compute Engine machine type." }, "minCpuPlatform": { "type": "string", "description": "The minimum CPU platform. See https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform." }, "provisioningModel": { "type": "string", "description": "The provisioning model." }, "reservation": { "type": "string", "description": "Optional. If specified, VMs will consume only the specified reservation. If not specified (default), VMs will consume any applicable reservation." } }, "type": "object", "required": [ "accelerators", "bootDisk", "disks", "machineType", "minCpuPlatform", "provisioningModel", "reservation" ] }, "google-native:batch/v1:JobNotification": { "description": "Notification configurations.", "properties": { "message": { "$ref": "#/types/google-native:batch%2Fv1:Message", "description": "The attribute requirements of messages to be sent to this Pub/Sub topic. Without this field, no message will be sent." }, "pubsubTopic": { "type": "string", "description": "The Pub/Sub topic where notifications like the job state changes will be published. The topic must exist in the same project as the job and billings will be charged to this project. If not specified, no Pub/Sub messages will be sent. Topic format: `projects/{project}/topics/{topic}`." } }, "type": "object" }, "google-native:batch/v1:JobNotificationResponse": { "description": "Notification configurations.", "properties": { "message": { "$ref": "#/types/google-native:batch%2Fv1:MessageResponse", "description": "The attribute requirements of messages to be sent to this Pub/Sub topic. Without this field, no message will be sent." }, "pubsubTopic": { "type": "string", "description": "The Pub/Sub topic where notifications like the job state changes will be published. The topic must exist in the same project as the job and billings will be charged to this project. If not specified, no Pub/Sub messages will be sent. Topic format: `projects/{project}/topics/{topic}`." } }, "type": "object", "required": [ "message", "pubsubTopic" ] }, "google-native:batch/v1:JobStatusResponse": { "description": "Job status.", "properties": { "runDuration": { "type": "string", "description": "The duration of time that the Job spent in status RUNNING." }, "state": { "type": "string", "description": "Job state" }, "statusEvents": { "type": "array", "items": { "$ref": "#/types/google-native:batch%2Fv1:StatusEventResponse" }, "description": "Job status events" }, "taskGroups": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Aggregated task status for each TaskGroup in the Job. The map key is TaskGroup ID." } }, "type": "object", "required": [ "runDuration", "state", "statusEvents", "taskGroups" ] }, "google-native:batch/v1:KMSEnvMap": { "properties": { "cipherText": { "type": "string", "description": "The value of the cipherText response from the `encrypt` method." }, "keyName": { "type": "string", "description": "The name of the KMS key that will be used to decrypt the cipher text." } }, "type": "object" }, "google-native:batch/v1:KMSEnvMapResponse": { "properties": { "cipherText": { "type": "string", "description": "The value of the cipherText response from the `encrypt` method." }, "keyName": { "type": "string", "description": "The name of the KMS key that will be used to decrypt the cipher text." } }, "type": "object", "required": [ "cipherText", "keyName" ] }, "google-native:batch/v1:LifecyclePolicy": { "description": "LifecyclePolicy describes how to deal with task failures based on different conditions.", "properties": { "action": { "$ref": "#/types/google-native:batch%2Fv1:LifecyclePolicyAction", "description": "Action to execute when ActionCondition is true. When RETRY_TASK is specified, we will retry failed tasks if we notice any exit code match and fail tasks if no match is found. Likewise, when FAIL_TASK is specified, we will fail tasks if we notice any exit code match and retry tasks if no match is found." }, "actionCondition": { "$ref": "#/types/google-native:batch%2Fv1:ActionCondition", "description": "Conditions that decide why a task failure is dealt with a specific action." } }, "type": "object" }, "google-native:batch/v1:LifecyclePolicyAction": { "description": "Action to execute when ActionCondition is true. When RETRY_TASK is specified, we will retry failed tasks if we notice any exit code match and fail tasks if no match is found. Likewise, when FAIL_TASK is specified, we will fail tasks if we notice any exit code match and retry tasks if no match is found.", "type": "string", "enum": [ { "name": "ActionUnspecified", "description": "Action unspecified.", "value": "ACTION_UNSPECIFIED" }, { "name": "RetryTask", "description": "Action that tasks in the group will be scheduled to re-execute.", "value": "RETRY_TASK" }, { "name": "FailTask", "description": "Action that tasks in the group will be stopped immediately.", "value": "FAIL_TASK" } ] }, "google-native:batch/v1:LifecyclePolicyResponse": { "description": "LifecyclePolicy describes how to deal with task failures based on different conditions.", "properties": { "action": { "type": "string", "description": "Action to execute when ActionCondition is true. When RETRY_TASK is specified, we will retry failed tasks if we notice any exit code match and fail tasks if no match is found. Likewise, when FAIL_TASK is specified, we will fail tasks if we notice any exit code match and retry tasks if no match is found." }, "actionCondition": { "$ref": "#/types/google-native:batch%2Fv1:ActionConditionResponse", "description": "Conditions that decide why a task failure is dealt with a specific action." } }, "type": "object", "required": [ "action", "actionCondition" ] }, "google-native:batch/v1:LocationPolicy": { "properties": { "allowedLocations": { "type": "array", "items": { "type": "string" }, "description": "A list of allowed location names represented by internal URLs. Each location can be a region or a zone. Only one region or multiple zones in one region is supported now. For example, [\"regions/us-central1\"] allow VMs in any zones in region us-central1. [\"zones/us-central1-a\", \"zones/us-central1-c\"] only allow VMs in zones us-central1-a and us-central1-c. All locations end up in different regions would cause errors. For example, [\"regions/us-central1\", \"zones/us-central1-a\", \"zones/us-central1-b\", \"zones/us-west1-a\"] contains 2 regions \"us-central1\" and \"us-west1\". An error is expected in this case." } }, "type": "object" }, "google-native:batch/v1:LocationPolicyResponse": { "properties": { "allowedLocations": { "type": "array", "items": { "type": "string" }, "description": "A list of allowed location names represented by internal URLs. Each location can be a region or a zone. Only one region or multiple zones in one region is supported now. For example, [\"regions/us-central1\"] allow VMs in any zones in region us-central1. [\"zones/us-central1-a\", \"zones/us-central1-c\"] only allow VMs in zones us-central1-a and us-central1-c. All locations end up in different regions would cause errors. For example, [\"regions/us-central1\", \"zones/us-central1-a\", \"zones/us-central1-b\", \"zones/us-west1-a\"] contains 2 regions \"us-central1\" and \"us-west1\". An error is expected in this case." } }, "type": "object", "required": [ "allowedLocations" ] }, "google-native:batch/v1:LogsPolicy": { "description": "LogsPolicy describes how outputs from a Job's Tasks (stdout/stderr) will be preserved.", "properties": { "cloudLoggingOption": { "$ref": "#/types/google-native:batch%2Fv1:CloudLoggingOption", "description": "Optional. Additional settings for Cloud Logging. It will only take effect when the destination of LogsPolicy is set to CLOUD_LOGGING." }, "destination": { "$ref": "#/types/google-native:batch%2Fv1:LogsPolicyDestination", "description": "Where logs should be saved." }, "logsPath": { "type": "string", "description": "The path to which logs are saved when the destination = PATH. This can be a local file path on the VM, or under the mount point of a Persistent Disk or Filestore, or a Cloud Storage path." } }, "type": "object" }, "google-native:batch/v1:LogsPolicyDestination": { "description": "Where logs should be saved.", "type": "string", "enum": [ { "name": "DestinationUnspecified", "description": "Logs are not preserved.", "value": "DESTINATION_UNSPECIFIED" }, { "name": "CloudLogging", "description": "Logs are streamed to Cloud Logging.", "value": "CLOUD_LOGGING" }, { "name": "Path", "description": "Logs are saved to a file path.", "value": "PATH" } ] }, "google-native:batch/v1:LogsPolicyResponse": { "description": "LogsPolicy describes how outputs from a Job's Tasks (stdout/stderr) will be preserved.", "properties": { "cloudLoggingOption": { "$ref": "#/types/google-native:batch%2Fv1:CloudLoggingOptionResponse", "description": "Optional. Additional settings for Cloud Logging. It will only take effect when the destination of LogsPolicy is set to CLOUD_LOGGING." }, "destination": { "type": "string", "description": "Where logs should be saved." }, "logsPath": { "type": "string", "description": "The path to which logs are saved when the destination = PATH. This can be a local file path on the VM, or under the mount point of a Persistent Disk or Filestore, or a Cloud Storage path." } }, "type": "object", "required": [ "cloudLoggingOption", "destination", "logsPath" ] }, "google-native:batch/v1:Message": { "description": "Message details. Describe the conditions under which messages will be sent. If no attribute is defined, no message will be sent by default. One message should specify either the job or the task level attributes, but not both. For example, job level: JOB_STATE_CHANGED and/or a specified new_job_state; task level: TASK_STATE_CHANGED and/or a specified new_task_state.", "properties": { "newJobState": { "$ref": "#/types/google-native:batch%2Fv1:MessageNewJobState", "description": "The new job state." }, "newTaskState": { "$ref": "#/types/google-native:batch%2Fv1:MessageNewTaskState", "description": "The new task state." }, "type": { "$ref": "#/types/google-native:batch%2Fv1:MessageType", "description": "The message type." } }, "type": "object" }, "google-native:batch/v1:MessageNewJobState": { "description": "The new job state.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "Job state unspecified.", "value": "STATE_UNSPECIFIED" }, { "name": "Queued", "description": "Job is admitted (validated and persisted) and waiting for resources.", "value": "QUEUED" }, { "name": "Scheduled", "description": "Job is scheduled to run as soon as resource allocation is ready. The resource allocation may happen at a later time but with a high chance to succeed.", "value": "SCHEDULED" }, { "name": "Running", "description": "Resource allocation has been successful. At least one Task in the Job is RUNNING.", "value": "RUNNING" }, { "name": "Succeeded", "description": "All Tasks in the Job have finished successfully.", "value": "SUCCEEDED" }, { "name": "Failed", "description": "At least one Task in the Job has failed.", "value": "FAILED" }, { "name": "DeletionInProgress", "description": "The Job will be deleted, but has not been deleted yet. Typically this is because resources used by the Job are still being cleaned up.", "value": "DELETION_IN_PROGRESS" } ] }, "google-native:batch/v1:MessageNewTaskState": { "description": "The new task state.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "Unknown state.", "value": "STATE_UNSPECIFIED" }, { "name": "Pending", "description": "The Task is created and waiting for resources.", "value": "PENDING" }, { "name": "Assigned", "description": "The Task is assigned to at least one VM.", "value": "ASSIGNED" }, { "name": "Running", "description": "The Task is running.", "value": "RUNNING" }, { "name": "Failed", "description": "The Task has failed.", "value": "FAILED" }, { "name": "Succeeded", "description": "The Task has succeeded.", "value": "SUCCEEDED" }, { "name": "Unexecuted", "description": "The Task has not been executed when the Job finishes.", "value": "UNEXECUTED" } ] }, "google-native:batch/v1:MessageResponse": { "description": "Message details. Describe the conditions under which messages will be sent. If no attribute is defined, no message will be sent by default. One message should specify either the job or the task level attributes, but not both. For example, job level: JOB_STATE_CHANGED and/or a specified new_job_state; task level: TASK_STATE_CHANGED and/or a specified new_task_state.", "properties": { "newJobState": { "type": "string", "description": "The new job state." }, "newTaskState": { "type": "string", "description": "The new task state." }, "type": { "type": "string", "description": "The message type." } }, "type": "object", "required": [ "newJobState", "newTaskState", "type" ] }, "google-native:batch/v1:MessageType": { "description": "The message type.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Unspecified.", "value": "TYPE_UNSPECIFIED" }, { "name": "JobStateChanged", "description": "Notify users that the job state has changed.", "value": "JOB_STATE_CHANGED" }, { "name": "TaskStateChanged", "description": "Notify users that the task state has changed.", "value": "TASK_STATE_CHANGED" } ] }, "google-native:batch/v1:NFS": { "description": "Represents an NFS volume.", "properties": { "remotePath": { "type": "string", "description": "Remote source path exported from the NFS, e.g., \"/share\"." }, "server": { "type": "string", "description": "The IP address of the NFS." } }, "type": "object" }, "google-native:batch/v1:NFSResponse": { "description": "Represents an NFS volume.", "properties": { "remotePath": { "type": "string", "description": "Remote source path exported from the NFS, e.g., \"/share\"." }, "server": { "type": "string", "description": "The IP address of the NFS." } }, "type": "object", "required": [ "remotePath", "server" ] }, "google-native:batch/v1:NetworkInterface": { "description": "A network interface.", "properties": { "network": { "type": "string", "description": "The URL of an existing network resource. You can specify the network as a full or partial URL. For example, the following are all valid URLs: * https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network} * projects/{project}/global/networks/{network} * global/networks/{network}" }, "noExternalIpAddress": { "type": "boolean", "description": "Default is false (with an external IP address). Required if no external public IP address is attached to the VM. If no external public IP address, additional configuration is required to allow the VM to access Google Services. See https://cloud.google.com/vpc/docs/configure-private-google-access and https://cloud.google.com/nat/docs/gce-example#create-nat for more information." }, "subnetwork": { "type": "string", "description": "The URL of an existing subnetwork resource in the network. You can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: * https://www.googleapis.com/compute/v1/projects/{project}/regions/{region}/subnetworks/{subnetwork} * projects/{project}/regions/{region}/subnetworks/{subnetwork} * regions/{region}/subnetworks/{subnetwork}" } }, "type": "object" }, "google-native:batch/v1:NetworkInterfaceResponse": { "description": "A network interface.", "properties": { "network": { "type": "string", "description": "The URL of an existing network resource. You can specify the network as a full or partial URL. For example, the following are all valid URLs: * https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network} * projects/{project}/global/networks/{network} * global/networks/{network}" }, "noExternalIpAddress": { "type": "boolean", "description": "Default is false (with an external IP address). Required if no external public IP address is attached to the VM. If no external public IP address, additional configuration is required to allow the VM to access Google Services. See https://cloud.google.com/vpc/docs/configure-private-google-access and https://cloud.google.com/nat/docs/gce-example#create-nat for more information." }, "subnetwork": { "type": "string", "description": "The URL of an existing subnetwork resource in the network. You can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: * https://www.googleapis.com/compute/v1/projects/{project}/regions/{region}/subnetworks/{subnetwork} * projects/{project}/regions/{region}/subnetworks/{subnetwork} * regions/{region}/subnetworks/{subnetwork}" } }, "type": "object", "required": [ "network", "noExternalIpAddress", "subnetwork" ] }, "google-native:batch/v1:NetworkPolicy": { "description": "NetworkPolicy describes VM instance network configurations.", "properties": { "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/google-native:batch%2Fv1:NetworkInterface" }, "description": "Network configurations." } }, "type": "object" }, "google-native:batch/v1:NetworkPolicyResponse": { "description": "NetworkPolicy describes VM instance network configurations.", "properties": { "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/google-native:batch%2Fv1:NetworkInterfaceResponse" }, "description": "Network configurations." } }, "type": "object", "required": [ "networkInterfaces" ] }, "google-native:batch/v1:PlacementPolicy": { "description": "PlacementPolicy describes a group placement policy for the VMs controlled by this AllocationPolicy.", "properties": { "collocation": { "type": "string", "description": "UNSPECIFIED vs. COLLOCATED (default UNSPECIFIED). Use COLLOCATED when you want VMs to be located close to each other for low network latency between the VMs. No placement policy will be generated when collocation is UNSPECIFIED." }, "maxDistance": { "type": "string", "description": "When specified, causes the job to fail if more than max_distance logical switches are required between VMs. Batch uses the most compact possible placement of VMs even when max_distance is not specified. An explicit max_distance makes that level of compactness a strict requirement. Not yet implemented" } }, "type": "object" }, "google-native:batch/v1:PlacementPolicyResponse": { "description": "PlacementPolicy describes a group placement policy for the VMs controlled by this AllocationPolicy.", "properties": { "collocation": { "type": "string", "description": "UNSPECIFIED vs. COLLOCATED (default UNSPECIFIED). Use COLLOCATED when you want VMs to be located close to each other for low network latency between the VMs. No placement policy will be generated when collocation is UNSPECIFIED." }, "maxDistance": { "type": "string", "description": "When specified, causes the job to fail if more than max_distance logical switches are required between VMs. Batch uses the most compact possible placement of VMs even when max_distance is not specified. An explicit max_distance makes that level of compactness a strict requirement. Not yet implemented" } }, "type": "object", "required": [ "collocation", "maxDistance" ] }, "google-native:batch/v1:Runnable": { "description": "Runnable describes instructions for executing a specific script or container as part of a Task.", "properties": { "alwaysRun": { "type": "boolean", "description": "By default, after a Runnable fails, no further Runnable are executed. This flag indicates that this Runnable must be run even if the Task has already failed. This is useful for Runnables that copy output files off of the VM or for debugging. The always_run flag does not override the Task's overall max_run_duration. If the max_run_duration has expired then no further Runnables will execute, not even always_run Runnables." }, "background": { "type": "boolean", "description": "This flag allows a Runnable to continue running in the background while the Task executes subsequent Runnables. This is useful to provide services to other Runnables (or to provide debugging support tools like SSH servers)." }, "barrier": { "$ref": "#/types/google-native:batch%2Fv1:Barrier", "description": "Barrier runnable." }, "container": { "$ref": "#/types/google-native:batch%2Fv1:Container", "description": "Container runnable." }, "displayName": { "type": "string", "description": "Optional. DisplayName is an optional field that can be provided by the caller. If provided, it will be used in logs and other outputs to identify the script, making it easier for users to understand the logs. If not provided the index of the runnable will be used for outputs." }, "environment": { "$ref": "#/types/google-native:batch%2Fv1:Environment", "description": "Environment variables for this Runnable (overrides variables set for the whole Task or TaskGroup)." }, "ignoreExitStatus": { "type": "boolean", "description": "Normally, a non-zero exit status causes the Task to fail. This flag allows execution of other Runnables to continue instead." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels for this Runnable." }, "script": { "$ref": "#/types/google-native:batch%2Fv1:Script", "description": "Script runnable." }, "timeout": { "type": "string", "description": "Timeout for this Runnable." } }, "type": "object" }, "google-native:batch/v1:RunnableResponse": { "description": "Runnable describes instructions for executing a specific script or container as part of a Task.", "properties": { "alwaysRun": { "type": "boolean", "description": "By default, after a Runnable fails, no further Runnable are executed. This flag indicates that this Runnable must be run even if the Task has already failed. This is useful for Runnables that copy output files off of the VM or for debugging. The always_run flag does not override the Task's overall max_run_duration. If the max_run_duration has expired then no further Runnables will execute, not even always_run Runnables." }, "background": { "type": "boolean", "description": "This flag allows a Runnable to continue running in the background while the Task executes subsequent Runnables. This is useful to provide services to other Runnables (or to provide debugging support tools like SSH servers)." }, "barrier": { "$ref": "#/types/google-native:batch%2Fv1:BarrierResponse", "description": "Barrier runnable." }, "container": { "$ref": "#/types/google-native:batch%2Fv1:ContainerResponse", "description": "Container runnable." }, "displayName": { "type": "string", "description": "Optional. DisplayName is an optional field that can be provided by the caller. If provided, it will be used in logs and other outputs to identify the script, making it easier for users to understand the logs. If not provided the index of the runnable will be used for outputs." }, "environment": { "$ref": "#/types/google-native:batch%2Fv1:EnvironmentResponse", "description": "Environment variables for this Runnable (overrides variables set for the whole Task or TaskGroup)." }, "ignoreExitStatus": { "type": "boolean", "description": "Normally, a non-zero exit status causes the Task to fail. This flag allows execution of other Runnables to continue instead." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels for this Runnable." }, "script": { "$ref": "#/types/google-native:batch%2Fv1:ScriptResponse", "description": "Script runnable." }, "timeout": { "type": "string", "description": "Timeout for this Runnable." } }, "type": "object", "required": [ "alwaysRun", "background", "barrier", "container", "displayName", "environment", "ignoreExitStatus", "labels", "script", "timeout" ] }, "google-native:batch/v1:Script": { "description": "Script runnable.", "properties": { "path": { "type": "string", "description": "Script file path on the host VM. To specify an interpreter, please add a `#!`(also known as [shebang line](https://en.wikipedia.org/wiki/Shebang_(Unix))) as the first line of the file.(For example, to execute the script using bash, `#!/bin/bash` should be the first line of the file. To execute the script using`Python3`, `#!/usr/bin/env python3` should be the first line of the file.) Otherwise, the file will by default be excuted by `/bin/sh`." }, "text": { "type": "string", "description": "Shell script text. To specify an interpreter, please add a `#!\\n` at the beginning of the text.(For example, to execute the script using bash, `#!/bin/bash\\n` should be added. To execute the script using`Python3`, `#!/usr/bin/env python3\\n` should be added.) Otherwise, the script will by default be excuted by `/bin/sh`." } }, "type": "object" }, "google-native:batch/v1:ScriptResponse": { "description": "Script runnable.", "properties": { "path": { "type": "string", "description": "Script file path on the host VM. To specify an interpreter, please add a `#!`(also known as [shebang line](https://en.wikipedia.org/wiki/Shebang_(Unix))) as the first line of the file.(For example, to execute the script using bash, `#!/bin/bash` should be the first line of the file. To execute the script using`Python3`, `#!/usr/bin/env python3` should be the first line of the file.) Otherwise, the file will by default be excuted by `/bin/sh`." }, "text": { "type": "string", "description": "Shell script text. To specify an interpreter, please add a `#!\\n` at the beginning of the text.(For example, to execute the script using bash, `#!/bin/bash\\n` should be added. To execute the script using`Python3`, `#!/usr/bin/env python3\\n` should be added.) Otherwise, the script will by default be excuted by `/bin/sh`." } }, "type": "object", "required": [ "path", "text" ] }, "google-native:batch/v1:ServiceAccount": { "description": "Carries information about a Google Cloud service account.", "properties": { "email": { "type": "string", "description": "Email address of the service account. If not specified, the default Compute Engine service account for the project will be used. If instance template is being used, the service account has to be specified in the instance template and it has to match the email field here." }, "scopes": { "type": "array", "items": { "type": "string" }, "description": "List of scopes to be enabled for this service account on the VM, in addition to the cloud-platform API scope that will be added by default." } }, "type": "object" }, "google-native:batch/v1:ServiceAccountResponse": { "description": "Carries information about a Google Cloud service account.", "properties": { "email": { "type": "string", "description": "Email address of the service account. If not specified, the default Compute Engine service account for the project will be used. If instance template is being used, the service account has to be specified in the instance template and it has to match the email field here." }, "scopes": { "type": "array", "items": { "type": "string" }, "description": "List of scopes to be enabled for this service account on the VM, in addition to the cloud-platform API scope that will be added by default." } }, "type": "object", "required": [ "email", "scopes" ] }, "google-native:batch/v1:StatusEventResponse": { "description": "Status event", "properties": { "description": { "type": "string", "description": "Description of the event." }, "eventTime": { "type": "string", "description": "The time this event occurred." }, "taskExecution": { "$ref": "#/types/google-native:batch%2Fv1:TaskExecutionResponse", "description": "Task Execution" }, "taskState": { "type": "string", "description": "Task State" }, "type": { "type": "string", "description": "Type of the event." } }, "type": "object", "required": [ "description", "eventTime", "taskExecution", "taskState", "type" ] }, "google-native:batch/v1:TaskExecutionResponse": { "description": "This Task Execution field includes detail information for task execution procedures, based on StatusEvent types.", "properties": { "exitCode": { "type": "integer", "description": "When task is completed as the status of FAILED or SUCCEEDED, exit code is for one task execution result, default is 0 as success." } }, "type": "object", "required": [ "exitCode" ] }, "google-native:batch/v1:TaskGroup": { "description": "A TaskGroup defines one or more Tasks that all share the same TaskSpec.", "properties": { "parallelism": { "type": "string", "description": "Max number of tasks that can run in parallel. Default to min(task_count, parallel tasks per job limit). See: [Job Limits](https://cloud.google.com/batch/quotas#job_limits). Field parallelism must be 1 if the scheduling_policy is IN_ORDER." }, "permissiveSsh": { "type": "boolean", "description": "When true, Batch will configure SSH to allow passwordless login between VMs running the Batch tasks in the same TaskGroup." }, "requireHostsFile": { "type": "boolean", "description": "When true, Batch will populate a file with a list of all VMs assigned to the TaskGroup and set the BATCH_HOSTS_FILE environment variable to the path of that file. Defaults to false." }, "schedulingPolicy": { "$ref": "#/types/google-native:batch%2Fv1:TaskGroupSchedulingPolicy", "description": "Scheduling policy for Tasks in the TaskGroup. The default value is AS_SOON_AS_POSSIBLE." }, "taskCount": { "type": "string", "description": "Number of Tasks in the TaskGroup. Default is 1." }, "taskCountPerNode": { "type": "string", "description": "Max number of tasks that can be run on a VM at the same time. If not specified, the system will decide a value based on available compute resources on a VM and task requirements." }, "taskEnvironments": { "type": "array", "items": { "$ref": "#/types/google-native:batch%2Fv1:Environment" }, "description": "An array of environment variable mappings, which are passed to Tasks with matching indices. If task_environments is used then task_count should not be specified in the request (and will be ignored). Task count will be the length of task_environments. Tasks get a BATCH_TASK_INDEX and BATCH_TASK_COUNT environment variable, in addition to any environment variables set in task_environments, specifying the number of Tasks in the Task's parent TaskGroup, and the specific Task's index in the TaskGroup (0 through BATCH_TASK_COUNT - 1)." }, "taskSpec": { "$ref": "#/types/google-native:batch%2Fv1:TaskSpec", "description": "Tasks in the group share the same task spec." } }, "type": "object", "required": [ "taskSpec" ] }, "google-native:batch/v1:TaskGroupResponse": { "description": "A TaskGroup defines one or more Tasks that all share the same TaskSpec.", "properties": { "name": { "type": "string", "description": "TaskGroup name. The system generates this field based on parent Job name. For example: \"projects/123456/locations/us-west1/jobs/job01/taskGroups/group01\"." }, "parallelism": { "type": "string", "description": "Max number of tasks that can run in parallel. Default to min(task_count, parallel tasks per job limit). See: [Job Limits](https://cloud.google.com/batch/quotas#job_limits). Field parallelism must be 1 if the scheduling_policy is IN_ORDER." }, "permissiveSsh": { "type": "boolean", "description": "When true, Batch will configure SSH to allow passwordless login between VMs running the Batch tasks in the same TaskGroup." }, "requireHostsFile": { "type": "boolean", "description": "When true, Batch will populate a file with a list of all VMs assigned to the TaskGroup and set the BATCH_HOSTS_FILE environment variable to the path of that file. Defaults to false." }, "schedulingPolicy": { "type": "string", "description": "Scheduling policy for Tasks in the TaskGroup. The default value is AS_SOON_AS_POSSIBLE." }, "taskCount": { "type": "string", "description": "Number of Tasks in the TaskGroup. Default is 1." }, "taskCountPerNode": { "type": "string", "description": "Max number of tasks that can be run on a VM at the same time. If not specified, the system will decide a value based on available compute resources on a VM and task requirements." }, "taskEnvironments": { "type": "array", "items": { "$ref": "#/types/google-native:batch%2Fv1:EnvironmentResponse" }, "description": "An array of environment variable mappings, which are passed to Tasks with matching indices. If task_environments is used then task_count should not be specified in the request (and will be ignored). Task count will be the length of task_environments. Tasks get a BATCH_TASK_INDEX and BATCH_TASK_COUNT environment variable, in addition to any environment variables set in task_environments, specifying the number of Tasks in the Task's parent TaskGroup, and the specific Task's index in the TaskGroup (0 through BATCH_TASK_COUNT - 1)." }, "taskSpec": { "$ref": "#/types/google-native:batch%2Fv1:TaskSpecResponse", "description": "Tasks in the group share the same task spec." } }, "type": "object", "required": [ "name", "parallelism", "permissiveSsh", "requireHostsFile", "schedulingPolicy", "taskCount", "taskCountPerNode", "taskEnvironments", "taskSpec" ] }, "google-native:batch/v1:TaskGroupSchedulingPolicy": { "description": "Scheduling policy for Tasks in the TaskGroup. The default value is AS_SOON_AS_POSSIBLE.", "type": "string", "enum": [ { "name": "SchedulingPolicyUnspecified", "description": "Unspecified.", "value": "SCHEDULING_POLICY_UNSPECIFIED" }, { "name": "AsSoonAsPossible", "description": "Run Tasks as soon as resources are available. Tasks might be executed in parallel depending on parallelism and task_count values.", "value": "AS_SOON_AS_POSSIBLE" }, { "name": "InOrder", "description": "Run Tasks sequentially with increased task index.", "value": "IN_ORDER" } ] }, "google-native:batch/v1:TaskSpec": { "description": "Spec of a task", "properties": { "computeResource": { "$ref": "#/types/google-native:batch%2Fv1:ComputeResource", "description": "ComputeResource requirements." }, "environment": { "$ref": "#/types/google-native:batch%2Fv1:Environment", "description": "Environment variables to set before running the Task." }, "environments": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Deprecated: please use environment(non-plural) instead.", "deprecationMessage": "Deprecated: please use environment(non-plural) instead." }, "lifecyclePolicies": { "type": "array", "items": { "$ref": "#/types/google-native:batch%2Fv1:LifecyclePolicy" }, "description": "Lifecycle management schema when any task in a task group is failed. Currently we only support one lifecycle policy. When the lifecycle policy condition is met, the action in the policy will execute. If task execution result does not meet with the defined lifecycle policy, we consider it as the default policy. Default policy means if the exit code is 0, exit task. If task ends with non-zero exit code, retry the task with max_retry_count." }, "maxRetryCount": { "type": "integer", "description": "Maximum number of retries on failures. The default, 0, which means never retry. The valid value range is [0, 10]." }, "maxRunDuration": { "type": "string", "description": "Maximum duration the task should run. The task will be killed and marked as FAILED if over this limit." }, "runnables": { "type": "array", "items": { "$ref": "#/types/google-native:batch%2Fv1:Runnable" }, "description": "The sequence of scripts or containers to run for this Task. Each Task using this TaskSpec executes its list of runnables in order. The Task succeeds if all of its runnables either exit with a zero status or any that exit with a non-zero status have the ignore_exit_status flag. Background runnables are killed automatically (if they have not already exited) a short time after all foreground runnables have completed. Even though this is likely to result in a non-zero exit status for the background runnable, these automatic kills are not treated as Task failures." }, "volumes": { "type": "array", "items": { "$ref": "#/types/google-native:batch%2Fv1:Volume" }, "description": "Volumes to mount before running Tasks using this TaskSpec." } }, "type": "object" }, "google-native:batch/v1:TaskSpecResponse": { "description": "Spec of a task", "properties": { "computeResource": { "$ref": "#/types/google-native:batch%2Fv1:ComputeResourceResponse", "description": "ComputeResource requirements." }, "environment": { "$ref": "#/types/google-native:batch%2Fv1:EnvironmentResponse", "description": "Environment variables to set before running the Task." }, "environments": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Deprecated: please use environment(non-plural) instead.", "deprecationMessage": "Deprecated: please use environment(non-plural) instead." }, "lifecyclePolicies": { "type": "array", "items": { "$ref": "#/types/google-native:batch%2Fv1:LifecyclePolicyResponse" }, "description": "Lifecycle management schema when any task in a task group is failed. Currently we only support one lifecycle policy. When the lifecycle policy condition is met, the action in the policy will execute. If task execution result does not meet with the defined lifecycle policy, we consider it as the default policy. Default policy means if the exit code is 0, exit task. If task ends with non-zero exit code, retry the task with max_retry_count." }, "maxRetryCount": { "type": "integer", "description": "Maximum number of retries on failures. The default, 0, which means never retry. The valid value range is [0, 10]." }, "maxRunDuration": { "type": "string", "description": "Maximum duration the task should run. The task will be killed and marked as FAILED if over this limit." }, "runnables": { "type": "array", "items": { "$ref": "#/types/google-native:batch%2Fv1:RunnableResponse" }, "description": "The sequence of scripts or containers to run for this Task. Each Task using this TaskSpec executes its list of runnables in order. The Task succeeds if all of its runnables either exit with a zero status or any that exit with a non-zero status have the ignore_exit_status flag. Background runnables are killed automatically (if they have not already exited) a short time after all foreground runnables have completed. Even though this is likely to result in a non-zero exit status for the background runnable, these automatic kills are not treated as Task failures." }, "volumes": { "type": "array", "items": { "$ref": "#/types/google-native:batch%2Fv1:VolumeResponse" }, "description": "Volumes to mount before running Tasks using this TaskSpec." } }, "type": "object", "required": [ "computeResource", "environment", "environments", "lifecyclePolicies", "maxRetryCount", "maxRunDuration", "runnables", "volumes" ] }, "google-native:batch/v1:Volume": { "description": "Volume describes a volume and parameters for it to be mounted to a VM.", "properties": { "deviceName": { "type": "string", "description": "Device name of an attached disk volume, which should align with a device_name specified by job.allocation_policy.instances[0].policy.disks[i].device_name or defined by the given instance template in job.allocation_policy.instances[0].instance_template." }, "gcs": { "$ref": "#/types/google-native:batch%2Fv1:GCS", "description": "A Google Cloud Storage (GCS) volume." }, "mountOptions": { "type": "array", "items": { "type": "string" }, "description": "For Google Cloud Storage (GCS), mount options are the options supported by the gcsfuse tool (https://github.com/GoogleCloudPlatform/gcsfuse). For existing persistent disks, mount options provided by the mount command (https://man7.org/linux/man-pages/man8/mount.8.html) except writing are supported. This is due to restrictions of multi-writer mode (https://cloud.google.com/compute/docs/disks/sharing-disks-between-vms). For other attached disks and Network File System (NFS), mount options are these supported by the mount command (https://man7.org/linux/man-pages/man8/mount.8.html)." }, "mountPath": { "type": "string", "description": "The mount path for the volume, e.g. /mnt/disks/share." }, "nfs": { "$ref": "#/types/google-native:batch%2Fv1:NFS", "description": "A Network File System (NFS) volume. For example, a Filestore file share." } }, "type": "object" }, "google-native:batch/v1:VolumeResponse": { "description": "Volume describes a volume and parameters for it to be mounted to a VM.", "properties": { "deviceName": { "type": "string", "description": "Device name of an attached disk volume, which should align with a device_name specified by job.allocation_policy.instances[0].policy.disks[i].device_name or defined by the given instance template in job.allocation_policy.instances[0].instance_template." }, "gcs": { "$ref": "#/types/google-native:batch%2Fv1:GCSResponse", "description": "A Google Cloud Storage (GCS) volume." }, "mountOptions": { "type": "array", "items": { "type": "string" }, "description": "For Google Cloud Storage (GCS), mount options are the options supported by the gcsfuse tool (https://github.com/GoogleCloudPlatform/gcsfuse). For existing persistent disks, mount options provided by the mount command (https://man7.org/linux/man-pages/man8/mount.8.html) except writing are supported. This is due to restrictions of multi-writer mode (https://cloud.google.com/compute/docs/disks/sharing-disks-between-vms). For other attached disks and Network File System (NFS), mount options are these supported by the mount command (https://man7.org/linux/man-pages/man8/mount.8.html)." }, "mountPath": { "type": "string", "description": "The mount path for the volume, e.g. /mnt/disks/share." }, "nfs": { "$ref": "#/types/google-native:batch%2Fv1:NFSResponse", "description": "A Network File System (NFS) volume. For example, a Filestore file share." } }, "type": "object", "required": [ "deviceName", "gcs", "mountOptions", "mountPath", "nfs" ] }, "google-native:beyondcorp/v1:AllocatedConnectionResponse": { "description": "Allocated connection of the AppGateway.", "properties": { "ingressPort": { "type": "integer", "description": "The ingress port of an allocated connection" }, "pscUri": { "type": "string", "description": "The PSC uri of an allocated connection" } }, "type": "object", "required": [ "ingressPort", "pscUri" ] }, "google-native:beyondcorp/v1:AppConnectionType": { "description": "Required. The type of network connectivity used by the AppConnection.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Default value. This value is unused.", "value": "TYPE_UNSPECIFIED" }, { "name": "TcpProxy", "description": "TCP Proxy based BeyondCorp AppConnection. API will default to this if unset.", "value": "TCP_PROXY" } ] }, "google-native:beyondcorp/v1:AppGatewayHostType": { "description": "Required. The type of hosting used by the AppGateway.", "type": "string", "enum": [ { "name": "HostTypeUnspecified", "description": "Default value. This value is unused.", "value": "HOST_TYPE_UNSPECIFIED" }, { "name": "GcpRegionalMig", "description": "AppGateway hosted in a GCP regional managed instance group.", "value": "GCP_REGIONAL_MIG" } ] }, "google-native:beyondcorp/v1:AppGatewayType": { "description": "Required. The type of network connectivity used by the AppGateway.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Default value. This value is unused.", "value": "TYPE_UNSPECIFIED" }, { "name": "TcpProxy", "description": "TCP Proxy based BeyondCorp Connection. API will default to this if unset.", "value": "TCP_PROXY" } ] }, "google-native:beyondcorp/v1:GoogleCloudBeyondcorpAppconnectionsV1AppConnectionApplicationEndpoint": { "description": "ApplicationEndpoint represents a remote application endpoint.", "properties": { "host": { "type": "string", "description": "Hostname or IP address of the remote application endpoint." }, "port": { "type": "integer", "description": "Port of the remote application endpoint." } }, "type": "object", "required": [ "host", "port" ] }, "google-native:beyondcorp/v1:GoogleCloudBeyondcorpAppconnectionsV1AppConnectionApplicationEndpointResponse": { "description": "ApplicationEndpoint represents a remote application endpoint.", "properties": { "host": { "type": "string", "description": "Hostname or IP address of the remote application endpoint." }, "port": { "type": "integer", "description": "Port of the remote application endpoint." } }, "type": "object", "required": [ "host", "port" ] }, "google-native:beyondcorp/v1:GoogleCloudBeyondcorpAppconnectionsV1AppConnectionGateway": { "description": "Gateway represents a user facing component that serves as an entrance to enable connectivity.", "properties": { "appGateway": { "type": "string", "description": "AppGateway name in following format: `projects/{project_id}/locations/{location_id}/appgateways/{gateway_id}`" }, "type": { "$ref": "#/types/google-native:beyondcorp%2Fv1:GoogleCloudBeyondcorpAppconnectionsV1AppConnectionGatewayType", "description": "The type of hosting used by the gateway." } }, "type": "object", "required": [ "appGateway", "type" ] }, "google-native:beyondcorp/v1:GoogleCloudBeyondcorpAppconnectionsV1AppConnectionGatewayResponse": { "description": "Gateway represents a user facing component that serves as an entrance to enable connectivity.", "properties": { "appGateway": { "type": "string", "description": "AppGateway name in following format: `projects/{project_id}/locations/{location_id}/appgateways/{gateway_id}`" }, "ingressPort": { "type": "integer", "description": "Ingress port reserved on the gateways for this AppConnection, if not specified or zero, the default port is 19443." }, "l7psc": { "type": "string", "description": "L7 private service connection for this resource." }, "type": { "type": "string", "description": "The type of hosting used by the gateway." }, "uri": { "type": "string", "description": "Server-defined URI for this resource." } }, "type": "object", "required": [ "appGateway", "ingressPort", "l7psc", "type", "uri" ] }, "google-native:beyondcorp/v1:GoogleCloudBeyondcorpAppconnectionsV1AppConnectionGatewayType": { "description": "Required. The type of hosting used by the gateway.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Default value. This value is unused.", "value": "TYPE_UNSPECIFIED" }, { "name": "GcpRegionalMig", "description": "Gateway hosted in a GCP regional managed instance group.", "value": "GCP_REGIONAL_MIG" } ] }, "google-native:beyondcorp/v1:GoogleCloudBeyondcorpAppconnectorsV1AppConnectorPrincipalInfo": { "description": "PrincipalInfo represents an Identity oneof.", "properties": { "serviceAccount": { "$ref": "#/types/google-native:beyondcorp%2Fv1:GoogleCloudBeyondcorpAppconnectorsV1AppConnectorPrincipalInfoServiceAccount", "description": "A GCP service account." } }, "type": "object" }, "google-native:beyondcorp/v1:GoogleCloudBeyondcorpAppconnectorsV1AppConnectorPrincipalInfoResponse": { "description": "PrincipalInfo represents an Identity oneof.", "properties": { "serviceAccount": { "$ref": "#/types/google-native:beyondcorp%2Fv1:GoogleCloudBeyondcorpAppconnectorsV1AppConnectorPrincipalInfoServiceAccountResponse", "description": "A GCP service account." } }, "type": "object", "required": [ "serviceAccount" ] }, "google-native:beyondcorp/v1:GoogleCloudBeyondcorpAppconnectorsV1AppConnectorPrincipalInfoServiceAccount": { "description": "ServiceAccount represents a GCP service account.", "properties": { "email": { "type": "string", "description": "Email address of the service account." } }, "type": "object" }, "google-native:beyondcorp/v1:GoogleCloudBeyondcorpAppconnectorsV1AppConnectorPrincipalInfoServiceAccountResponse": { "description": "ServiceAccount represents a GCP service account.", "properties": { "email": { "type": "string", "description": "Email address of the service account." } }, "type": "object", "required": [ "email" ] }, "google-native:beyondcorp/v1:GoogleCloudBeyondcorpAppconnectorsV1ResourceInfo": { "description": "ResourceInfo represents the information/status of an app connector resource. Such as: - remote_agent - container - runtime - appgateway - appconnector - appconnection - tunnel - logagent", "properties": { "id": { "type": "string", "description": "Unique Id for the resource." }, "resource": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Specific details for the resource. This is for internal use only." }, "status": { "$ref": "#/types/google-native:beyondcorp%2Fv1:GoogleCloudBeyondcorpAppconnectorsV1ResourceInfoStatus", "description": "Overall health status. Overall status is derived based on the status of each sub level resources." }, "sub": { "type": "array", "items": { "$ref": "#/types/google-native:beyondcorp%2Fv1:GoogleCloudBeyondcorpAppconnectorsV1ResourceInfo" }, "description": "List of Info for the sub level resources." }, "time": { "type": "string", "description": "The timestamp to collect the info. It is suggested to be set by the topmost level resource only." } }, "type": "object", "required": [ "id" ] }, "google-native:beyondcorp/v1:GoogleCloudBeyondcorpAppconnectorsV1ResourceInfoResponse": { "description": "ResourceInfo represents the information/status of an app connector resource. Such as: - remote_agent - container - runtime - appgateway - appconnector - appconnection - tunnel - logagent", "properties": { "resource": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Specific details for the resource. This is for internal use only." }, "status": { "type": "string", "description": "Overall health status. Overall status is derived based on the status of each sub level resources." }, "sub": { "type": "array", "items": { "$ref": "#/types/google-native:beyondcorp%2Fv1:GoogleCloudBeyondcorpAppconnectorsV1ResourceInfoResponse" }, "description": "List of Info for the sub level resources." }, "time": { "type": "string", "description": "The timestamp to collect the info. It is suggested to be set by the topmost level resource only." } }, "type": "object", "required": [ "resource", "status", "sub", "time" ] }, "google-native:beyondcorp/v1:GoogleCloudBeyondcorpAppconnectorsV1ResourceInfoStatus": { "description": "Overall health status. Overall status is derived based on the status of each sub level resources.", "type": "string", "enum": [ { "name": "HealthStatusUnspecified", "description": "Health status is unknown: not initialized or failed to retrieve.", "value": "HEALTH_STATUS_UNSPECIFIED" }, { "name": "Healthy", "description": "The resource is healthy.", "value": "HEALTHY" }, { "name": "Unhealthy", "description": "The resource is unhealthy.", "value": "UNHEALTHY" }, { "name": "Unresponsive", "description": "The resource is unresponsive.", "value": "UNRESPONSIVE" }, { "name": "Degraded", "description": "Some sub-resources are UNHEALTHY.", "value": "DEGRADED" } ] }, "google-native:beyondcorp/v1:GoogleIamV1AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:beyondcorp%2Fv1:GoogleIamV1AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:beyondcorp/v1:GoogleIamV1AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:beyondcorp%2Fv1:GoogleIamV1AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:beyondcorp/v1:GoogleIamV1AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:beyondcorp%2Fv1:GoogleIamV1AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:beyondcorp/v1:GoogleIamV1AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:beyondcorp/v1:GoogleIamV1AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:beyondcorp/v1:GoogleIamV1Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:beyondcorp%2Fv1:GoogleTypeExpr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:beyondcorp/v1:GoogleIamV1BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:beyondcorp%2Fv1:GoogleTypeExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:beyondcorp/v1:GoogleTypeExpr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:beyondcorp/v1:GoogleTypeExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:beyondcorp/v1alpha:AllocatedConnectionResponse": { "description": "Allocated connection of the AppGateway.", "properties": { "ingressPort": { "type": "integer", "description": "The ingress port of an allocated connection" }, "pscUri": { "type": "string", "description": "The PSC uri of an allocated connection" } }, "type": "object", "required": [ "ingressPort", "pscUri" ] }, "google-native:beyondcorp/v1alpha:AppConnectionType": { "description": "Required. The type of network connectivity used by the AppConnection.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Default value. This value is unused.", "value": "TYPE_UNSPECIFIED" }, { "name": "TcpProxy", "description": "TCP Proxy based BeyondCorp AppConnection. API will default to this if unset.", "value": "TCP_PROXY" } ] }, "google-native:beyondcorp/v1alpha:AppGatewayHostType": { "description": "Required. The type of hosting used by the AppGateway.", "type": "string", "enum": [ { "name": "HostTypeUnspecified", "description": "Default value. This value is unused.", "value": "HOST_TYPE_UNSPECIFIED" }, { "name": "GcpRegionalMig", "description": "AppGateway hosted in a GCP regional managed instance group.", "value": "GCP_REGIONAL_MIG" } ] }, "google-native:beyondcorp/v1alpha:AppGatewayType": { "description": "Required. The type of network connectivity used by the AppGateway.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Default value. This value is unused.", "value": "TYPE_UNSPECIFIED" }, { "name": "TcpProxy", "description": "TCP Proxy based BeyondCorp Connection. API will default to this if unset.", "value": "TCP_PROXY" } ] }, "google-native:beyondcorp/v1alpha:ApplicationEndpoint": { "description": "ApplicationEndpoint represents a remote application endpoint.", "properties": { "host": { "type": "string", "description": "Hostname or IP address of the remote application endpoint." }, "port": { "type": "integer", "description": "Port of the remote application endpoint." } }, "type": "object", "required": [ "host", "port" ] }, "google-native:beyondcorp/v1alpha:ApplicationEndpointResponse": { "description": "ApplicationEndpoint represents a remote application endpoint.", "properties": { "host": { "type": "string", "description": "Hostname or IP address of the remote application endpoint." }, "port": { "type": "integer", "description": "Port of the remote application endpoint." } }, "type": "object", "required": [ "host", "port" ] }, "google-native:beyondcorp/v1alpha:ConnectionType": { "description": "Required. The type of network connectivity used by the connection.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Default value. This value is unused.", "value": "TYPE_UNSPECIFIED" }, { "name": "TcpProxy", "description": "TCP Proxy based BeyondCorp Connection. API will default to this if unset.", "value": "TCP_PROXY" } ] }, "google-native:beyondcorp/v1alpha:Gateway": { "description": "Gateway represents a user facing component that serves as an entrance to enable connectivity.", "properties": { "type": { "$ref": "#/types/google-native:beyondcorp%2Fv1alpha:GatewayType", "description": "The type of hosting used by the gateway." } }, "type": "object", "required": [ "type" ] }, "google-native:beyondcorp/v1alpha:GatewayResponse": { "description": "Gateway represents a user facing component that serves as an entrance to enable connectivity.", "properties": { "type": { "type": "string", "description": "The type of hosting used by the gateway." }, "uri": { "type": "string", "description": "Server-defined URI for this resource." }, "userPort": { "type": "integer", "description": "User port reserved on the gateways for this connection, if not specified or zero, the default port is 19443." } }, "type": "object", "required": [ "type", "uri", "userPort" ] }, "google-native:beyondcorp/v1alpha:GatewayType": { "description": "Required. The type of hosting used by the gateway.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Default value. This value is unused.", "value": "TYPE_UNSPECIFIED" }, { "name": "GcpRegionalMig", "description": "Gateway hosted in a GCP regional managed instance group.", "value": "GCP_REGIONAL_MIG" } ] }, "google-native:beyondcorp/v1alpha:GoogleCloudBeyondcorpAppconnectionsV1alphaAppConnectionApplicationEndpoint": { "description": "ApplicationEndpoint represents a remote application endpoint.", "properties": { "host": { "type": "string", "description": "Hostname or IP address of the remote application endpoint." }, "port": { "type": "integer", "description": "Port of the remote application endpoint." } }, "type": "object", "required": [ "host", "port" ] }, "google-native:beyondcorp/v1alpha:GoogleCloudBeyondcorpAppconnectionsV1alphaAppConnectionApplicationEndpointResponse": { "description": "ApplicationEndpoint represents a remote application endpoint.", "properties": { "host": { "type": "string", "description": "Hostname or IP address of the remote application endpoint." }, "port": { "type": "integer", "description": "Port of the remote application endpoint." } }, "type": "object", "required": [ "host", "port" ] }, "google-native:beyondcorp/v1alpha:GoogleCloudBeyondcorpAppconnectionsV1alphaAppConnectionGateway": { "description": "Gateway represents a user facing component that serves as an entrance to enable connectivity.", "properties": { "appGateway": { "type": "string", "description": "AppGateway name in following format: `projects/{project_id}/locations/{location_id}/appgateways/{gateway_id}`" }, "type": { "$ref": "#/types/google-native:beyondcorp%2Fv1alpha:GoogleCloudBeyondcorpAppconnectionsV1alphaAppConnectionGatewayType", "description": "The type of hosting used by the gateway." } }, "type": "object", "required": [ "appGateway", "type" ] }, "google-native:beyondcorp/v1alpha:GoogleCloudBeyondcorpAppconnectionsV1alphaAppConnectionGatewayResponse": { "description": "Gateway represents a user facing component that serves as an entrance to enable connectivity.", "properties": { "appGateway": { "type": "string", "description": "AppGateway name in following format: `projects/{project_id}/locations/{location_id}/appgateways/{gateway_id}`" }, "ingressPort": { "type": "integer", "description": "Ingress port reserved on the gateways for this AppConnection, if not specified or zero, the default port is 19443." }, "l7psc": { "type": "string", "description": "L7 private service connection for this resource." }, "type": { "type": "string", "description": "The type of hosting used by the gateway." }, "uri": { "type": "string", "description": "Server-defined URI for this resource." } }, "type": "object", "required": [ "appGateway", "ingressPort", "l7psc", "type", "uri" ] }, "google-native:beyondcorp/v1alpha:GoogleCloudBeyondcorpAppconnectionsV1alphaAppConnectionGatewayType": { "description": "Required. The type of hosting used by the gateway.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Default value. This value is unused.", "value": "TYPE_UNSPECIFIED" }, { "name": "GcpRegionalMig", "description": "Gateway hosted in a GCP regional managed instance group.", "value": "GCP_REGIONAL_MIG" } ] }, "google-native:beyondcorp/v1alpha:GoogleCloudBeyondcorpAppconnectorsV1alphaAppConnectorPrincipalInfo": { "description": "PrincipalInfo represents an Identity oneof.", "properties": { "serviceAccount": { "$ref": "#/types/google-native:beyondcorp%2Fv1alpha:GoogleCloudBeyondcorpAppconnectorsV1alphaAppConnectorPrincipalInfoServiceAccount", "description": "A GCP service account." } }, "type": "object" }, "google-native:beyondcorp/v1alpha:GoogleCloudBeyondcorpAppconnectorsV1alphaAppConnectorPrincipalInfoResponse": { "description": "PrincipalInfo represents an Identity oneof.", "properties": { "serviceAccount": { "$ref": "#/types/google-native:beyondcorp%2Fv1alpha:GoogleCloudBeyondcorpAppconnectorsV1alphaAppConnectorPrincipalInfoServiceAccountResponse", "description": "A GCP service account." } }, "type": "object", "required": [ "serviceAccount" ] }, "google-native:beyondcorp/v1alpha:GoogleCloudBeyondcorpAppconnectorsV1alphaAppConnectorPrincipalInfoServiceAccount": { "description": "ServiceAccount represents a GCP service account.", "properties": { "email": { "type": "string", "description": "Email address of the service account." } }, "type": "object" }, "google-native:beyondcorp/v1alpha:GoogleCloudBeyondcorpAppconnectorsV1alphaAppConnectorPrincipalInfoServiceAccountResponse": { "description": "ServiceAccount represents a GCP service account.", "properties": { "email": { "type": "string", "description": "Email address of the service account." } }, "type": "object", "required": [ "email" ] }, "google-native:beyondcorp/v1alpha:GoogleCloudBeyondcorpAppconnectorsV1alphaResourceInfo": { "description": "ResourceInfo represents the information/status of an app connector resource. Such as: - remote_agent - container - runtime - appgateway - appconnector - appconnection - tunnel - logagent", "properties": { "id": { "type": "string", "description": "Unique Id for the resource." }, "resource": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Specific details for the resource. This is for internal use only." }, "status": { "$ref": "#/types/google-native:beyondcorp%2Fv1alpha:GoogleCloudBeyondcorpAppconnectorsV1alphaResourceInfoStatus", "description": "Overall health status. Overall status is derived based on the status of each sub level resources." }, "sub": { "type": "array", "items": { "$ref": "#/types/google-native:beyondcorp%2Fv1alpha:GoogleCloudBeyondcorpAppconnectorsV1alphaResourceInfo" }, "description": "List of Info for the sub level resources." }, "time": { "type": "string", "description": "The timestamp to collect the info. It is suggested to be set by the topmost level resource only." } }, "type": "object", "required": [ "id" ] }, "google-native:beyondcorp/v1alpha:GoogleCloudBeyondcorpAppconnectorsV1alphaResourceInfoResponse": { "description": "ResourceInfo represents the information/status of an app connector resource. Such as: - remote_agent - container - runtime - appgateway - appconnector - appconnection - tunnel - logagent", "properties": { "resource": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Specific details for the resource. This is for internal use only." }, "status": { "type": "string", "description": "Overall health status. Overall status is derived based on the status of each sub level resources." }, "sub": { "type": "array", "items": { "$ref": "#/types/google-native:beyondcorp%2Fv1alpha:GoogleCloudBeyondcorpAppconnectorsV1alphaResourceInfoResponse" }, "description": "List of Info for the sub level resources." }, "time": { "type": "string", "description": "The timestamp to collect the info. It is suggested to be set by the topmost level resource only." } }, "type": "object", "required": [ "resource", "status", "sub", "time" ] }, "google-native:beyondcorp/v1alpha:GoogleCloudBeyondcorpAppconnectorsV1alphaResourceInfoStatus": { "description": "Overall health status. Overall status is derived based on the status of each sub level resources.", "type": "string", "enum": [ { "name": "HealthStatusUnspecified", "description": "Health status is unknown: not initialized or failed to retrieve.", "value": "HEALTH_STATUS_UNSPECIFIED" }, { "name": "Healthy", "description": "The resource is healthy.", "value": "HEALTHY" }, { "name": "Unhealthy", "description": "The resource is unhealthy.", "value": "UNHEALTHY" }, { "name": "Unresponsive", "description": "The resource is unresponsive.", "value": "UNRESPONSIVE" }, { "name": "Degraded", "description": "Some sub-resources are UNHEALTHY.", "value": "DEGRADED" } ] }, "google-native:beyondcorp/v1alpha:GoogleCloudBeyondcorpPartnerservicesV1alphaEncryptionInfo": { "description": "Message contains the JWT encryption information for the proxy server.", "properties": { "encryptionSaEmail": { "type": "string", "description": "Optional. Service Account for encryption key." }, "jwk": { "type": "string", "description": "Optional. JWK in string." } }, "type": "object" }, "google-native:beyondcorp/v1alpha:GoogleCloudBeyondcorpPartnerservicesV1alphaEncryptionInfoResponse": { "description": "Message contains the JWT encryption information for the proxy server.", "properties": { "encryptionSaEmail": { "type": "string", "description": "Optional. Service Account for encryption key." }, "jwk": { "type": "string", "description": "Optional. JWK in string." } }, "type": "object", "required": [ "encryptionSaEmail", "jwk" ] }, "google-native:beyondcorp/v1alpha:GoogleCloudBeyondcorpPartnerservicesV1alphaGroup": { "description": "Message to capture group information", "properties": { "email": { "type": "string", "description": "The group email id" }, "id": { "type": "string", "description": "Google group id" } }, "type": "object" }, "google-native:beyondcorp/v1alpha:GoogleCloudBeyondcorpPartnerservicesV1alphaGroupResponse": { "description": "Message to capture group information", "properties": { "email": { "type": "string", "description": "The group email id" } }, "type": "object", "required": [ "email" ] }, "google-native:beyondcorp/v1alpha:GoogleCloudBeyondcorpPartnerservicesV1alphaPartnerMetadata": { "description": "Metadata associated with PartnerTenant and is provided by the Partner.", "properties": { "internalTenantId": { "type": "string", "description": "Optional. UUID used by the Partner to refer to the PartnerTenant in their internal systems." }, "partnerTenantId": { "type": "string", "description": "Optional. UUID used by the Partner to refer to the PartnerTenant in their internal systems." } }, "type": "object" }, "google-native:beyondcorp/v1alpha:GoogleCloudBeyondcorpPartnerservicesV1alphaPartnerMetadataResponse": { "description": "Metadata associated with PartnerTenant and is provided by the Partner.", "properties": { "internalTenantId": { "type": "string", "description": "Optional. UUID used by the Partner to refer to the PartnerTenant in their internal systems." }, "partnerTenantId": { "type": "string", "description": "Optional. UUID used by the Partner to refer to the PartnerTenant in their internal systems." } }, "type": "object", "required": [ "internalTenantId", "partnerTenantId" ] }, "google-native:beyondcorp/v1alpha:GoogleCloudBeyondcorpPartnerservicesV1alphaRoutingInfo": { "description": "Message contains the routing information to direct traffic to the proxy server.", "properties": { "pacUri": { "type": "string", "description": "Proxy Auto-Configuration (PAC) URI." } }, "type": "object", "required": [ "pacUri" ] }, "google-native:beyondcorp/v1alpha:GoogleCloudBeyondcorpPartnerservicesV1alphaRoutingInfoResponse": { "description": "Message contains the routing information to direct traffic to the proxy server.", "properties": { "pacUri": { "type": "string", "description": "Proxy Auto-Configuration (PAC) URI." } }, "type": "object", "required": [ "pacUri" ] }, "google-native:beyondcorp/v1alpha:GoogleCloudBeyondcorpPartnerservicesV1alphaRuleSetting": { "description": "Message to capture settings for a BrowserDlpRule", "properties": { "type": { "type": "string", "description": "Immutable. The type of the Setting. ." }, "value": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The value of the Setting." } }, "type": "object", "required": [ "type", "value" ] }, "google-native:beyondcorp/v1alpha:GoogleCloudBeyondcorpPartnerservicesV1alphaRuleSettingResponse": { "description": "Message to capture settings for a BrowserDlpRule", "properties": { "type": { "type": "string", "description": "Immutable. The type of the Setting. ." }, "value": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The value of the Setting." } }, "type": "object", "required": [ "type", "value" ] }, "google-native:beyondcorp/v1alpha:GoogleCloudBeyondcorpPartnerservicesV1alphaTransportInfo": { "description": "Message contains the transport layer information to verify the proxy server.", "properties": { "serverCaCertPem": { "type": "string", "description": "PEM encoded CA certificate associated with the proxy server certificate." }, "sslDecryptCaCertPem": { "type": "string", "description": "Optional. PEM encoded CA certificate associated with the certificate used by proxy server for SSL decryption." } }, "type": "object", "required": [ "serverCaCertPem" ] }, "google-native:beyondcorp/v1alpha:GoogleCloudBeyondcorpPartnerservicesV1alphaTransportInfoResponse": { "description": "Message contains the transport layer information to verify the proxy server.", "properties": { "serverCaCertPem": { "type": "string", "description": "PEM encoded CA certificate associated with the proxy server certificate." }, "sslDecryptCaCertPem": { "type": "string", "description": "Optional. PEM encoded CA certificate associated with the certificate used by proxy server for SSL decryption." } }, "type": "object", "required": [ "serverCaCertPem", "sslDecryptCaCertPem" ] }, "google-native:beyondcorp/v1alpha:GoogleIamV1AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:beyondcorp%2Fv1alpha:GoogleIamV1AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:beyondcorp/v1alpha:GoogleIamV1AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:beyondcorp%2Fv1alpha:GoogleIamV1AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:beyondcorp/v1alpha:GoogleIamV1AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:beyondcorp%2Fv1alpha:GoogleIamV1AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:beyondcorp/v1alpha:GoogleIamV1AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:beyondcorp/v1alpha:GoogleIamV1AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:beyondcorp/v1alpha:GoogleIamV1Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:beyondcorp%2Fv1alpha:GoogleTypeExpr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:beyondcorp/v1alpha:GoogleIamV1BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:beyondcorp%2Fv1alpha:GoogleTypeExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:beyondcorp/v1alpha:GoogleTypeExpr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:beyondcorp/v1alpha:GoogleTypeExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:beyondcorp/v1alpha:PrincipalInfo": { "description": "PrincipalInfo represents an Identity oneof.", "properties": { "serviceAccount": { "$ref": "#/types/google-native:beyondcorp%2Fv1alpha:ServiceAccount", "description": "A GCP service account." } }, "type": "object" }, "google-native:beyondcorp/v1alpha:PrincipalInfoResponse": { "description": "PrincipalInfo represents an Identity oneof.", "properties": { "serviceAccount": { "$ref": "#/types/google-native:beyondcorp%2Fv1alpha:ServiceAccountResponse", "description": "A GCP service account." } }, "type": "object", "required": [ "serviceAccount" ] }, "google-native:beyondcorp/v1alpha:ResourceInfo": { "description": "ResourceInfo represents the information/status of the associated resource.", "properties": { "id": { "type": "string", "description": "Unique Id for the resource." }, "resource": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Specific details for the resource." }, "status": { "$ref": "#/types/google-native:beyondcorp%2Fv1alpha:ResourceInfoStatus", "description": "Overall health status. Overall status is derived based on the status of each sub level resources." }, "sub": { "type": "array", "items": { "$ref": "#/types/google-native:beyondcorp%2Fv1alpha:ResourceInfo" }, "description": "List of Info for the sub level resources." }, "time": { "type": "string", "description": "The timestamp to collect the info. It is suggested to be set by the topmost level resource only." } }, "type": "object", "required": [ "id" ] }, "google-native:beyondcorp/v1alpha:ResourceInfoResponse": { "description": "ResourceInfo represents the information/status of the associated resource.", "properties": { "resource": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Specific details for the resource." }, "status": { "type": "string", "description": "Overall health status. Overall status is derived based on the status of each sub level resources." }, "sub": { "type": "array", "items": { "$ref": "#/types/google-native:beyondcorp%2Fv1alpha:ResourceInfoResponse" }, "description": "List of Info for the sub level resources." }, "time": { "type": "string", "description": "The timestamp to collect the info. It is suggested to be set by the topmost level resource only." } }, "type": "object", "required": [ "resource", "status", "sub", "time" ] }, "google-native:beyondcorp/v1alpha:ResourceInfoStatus": { "description": "Overall health status. Overall status is derived based on the status of each sub level resources.", "type": "string", "enum": [ { "name": "HealthStatusUnspecified", "description": "Health status is unknown: not initialized or failed to retrieve.", "value": "HEALTH_STATUS_UNSPECIFIED" }, { "name": "Healthy", "description": "The resource is healthy.", "value": "HEALTHY" }, { "name": "Unhealthy", "description": "The resource is unhealthy.", "value": "UNHEALTHY" }, { "name": "Unresponsive", "description": "The resource is unresponsive.", "value": "UNRESPONSIVE" }, { "name": "Degraded", "description": "Some sub-resources are UNHEALTHY.", "value": "DEGRADED" } ] }, "google-native:beyondcorp/v1alpha:ServiceAccount": { "description": "ServiceAccount represents a GCP service account.", "properties": { "email": { "type": "string", "description": "Email address of the service account." } }, "type": "object" }, "google-native:beyondcorp/v1alpha:ServiceAccountResponse": { "description": "ServiceAccount represents a GCP service account.", "properties": { "email": { "type": "string", "description": "Email address of the service account." } }, "type": "object", "required": [ "email" ] }, "google-native:beyondcorp/v1alpha:SubscriptionSku": { "description": "Required. SKU of subscription.", "type": "string", "enum": [ { "name": "SkuUnspecified", "description": "Default value. This value is unused.", "value": "SKU_UNSPECIFIED" }, { "name": "BceStandardSku", "description": "Represents BeyondCorp Standard SKU.", "value": "BCE_STANDARD_SKU" } ] }, "google-native:beyondcorp/v1alpha:SubscriptionType": { "description": "Required. Type of subscription.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Default value. This value is unused.", "value": "TYPE_UNSPECIFIED" }, { "name": "Trial", "description": "Represents a trial subscription.", "value": "TRIAL" }, { "name": "Paid", "description": "Represents a paid subscription.", "value": "PAID" }, { "name": "Allowlist", "description": "Reresents an allowlisted subscription.", "value": "ALLOWLIST" } ] }, "google-native:biglake/v1:DatabaseType": { "description": "The database type.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "The type is not specified.", "value": "TYPE_UNSPECIFIED" }, { "name": "Hive", "description": "Represents a database storing tables compatible with Hive Metastore tables.", "value": "HIVE" } ] }, "google-native:biglake/v1:HiveDatabaseOptions": { "description": "Options of a Hive database.", "properties": { "locationUri": { "type": "string", "description": "Cloud Storage folder URI where the database data is stored, starting with \"gs://\"." }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Stores user supplied Hive database parameters." } }, "type": "object" }, "google-native:biglake/v1:HiveDatabaseOptionsResponse": { "description": "Options of a Hive database.", "properties": { "locationUri": { "type": "string", "description": "Cloud Storage folder URI where the database data is stored, starting with \"gs://\"." }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Stores user supplied Hive database parameters." } }, "type": "object", "required": [ "locationUri", "parameters" ] }, "google-native:biglake/v1:HiveTableOptions": { "description": "Options of a Hive table.", "properties": { "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Stores user supplied Hive table parameters." }, "storageDescriptor": { "$ref": "#/types/google-native:biglake%2Fv1:StorageDescriptor", "description": "Stores physical storage information of the data." }, "tableType": { "type": "string", "description": "Hive table type. For example, MANAGED_TABLE, EXTERNAL_TABLE." } }, "type": "object" }, "google-native:biglake/v1:HiveTableOptionsResponse": { "description": "Options of a Hive table.", "properties": { "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Stores user supplied Hive table parameters." }, "storageDescriptor": { "$ref": "#/types/google-native:biglake%2Fv1:StorageDescriptorResponse", "description": "Stores physical storage information of the data." }, "tableType": { "type": "string", "description": "Hive table type. For example, MANAGED_TABLE, EXTERNAL_TABLE." } }, "type": "object", "required": [ "parameters", "storageDescriptor", "tableType" ] }, "google-native:biglake/v1:SerDeInfo": { "description": "Serializer and deserializer information.", "properties": { "serializationLib": { "type": "string", "description": "The fully qualified Java class name of the serialization library." } }, "type": "object" }, "google-native:biglake/v1:SerDeInfoResponse": { "description": "Serializer and deserializer information.", "properties": { "serializationLib": { "type": "string", "description": "The fully qualified Java class name of the serialization library." } }, "type": "object", "required": [ "serializationLib" ] }, "google-native:biglake/v1:StorageDescriptor": { "description": "Stores physical storage information of the data.", "properties": { "inputFormat": { "type": "string", "description": "The fully qualified Java class name of the input format." }, "locationUri": { "type": "string", "description": "Cloud Storage folder URI where the table data is stored, starting with \"gs://\"." }, "outputFormat": { "type": "string", "description": "The fully qualified Java class name of the output format." }, "serdeInfo": { "$ref": "#/types/google-native:biglake%2Fv1:SerDeInfo", "description": "Serializer and deserializer information." } }, "type": "object" }, "google-native:biglake/v1:StorageDescriptorResponse": { "description": "Stores physical storage information of the data.", "properties": { "inputFormat": { "type": "string", "description": "The fully qualified Java class name of the input format." }, "locationUri": { "type": "string", "description": "Cloud Storage folder URI where the table data is stored, starting with \"gs://\"." }, "outputFormat": { "type": "string", "description": "The fully qualified Java class name of the output format." }, "serdeInfo": { "$ref": "#/types/google-native:biglake%2Fv1:SerDeInfoResponse", "description": "Serializer and deserializer information." } }, "type": "object", "required": [ "inputFormat", "locationUri", "outputFormat", "serdeInfo" ] }, "google-native:biglake/v1:TableType": { "description": "The table type.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "The type is not specified.", "value": "TYPE_UNSPECIFIED" }, { "name": "Hive", "description": "Represents a table compatible with Hive Metastore tables.", "value": "HIVE" } ] }, "google-native:bigquery/v2:Argument": { "description": "Input/output argument of a function or a stored procedure.", "properties": { "argumentKind": { "$ref": "#/types/google-native:bigquery%2Fv2:ArgumentArgumentKind", "description": "Optional. Defaults to FIXED_TYPE." }, "dataType": { "$ref": "#/types/google-native:bigquery%2Fv2:StandardSqlDataType", "description": "Required unless argument_kind = ANY_TYPE." }, "isAggregate": { "type": "boolean", "description": "Optional. Whether the argument is an aggregate function parameter. Must be Unset for routine types other than AGGREGATE_FUNCTION. For AGGREGATE_FUNCTION, if set to false, it is equivalent to adding \"NOT AGGREGATE\" clause in DDL; Otherwise, it is equivalent to omitting \"NOT AGGREGATE\" clause in DDL." }, "mode": { "$ref": "#/types/google-native:bigquery%2Fv2:ArgumentMode", "description": "Optional. Specifies whether the argument is input or output. Can be set for procedures only." }, "name": { "type": "string", "description": "Optional. The name of this argument. Can be absent for function return argument." } }, "type": "object" }, "google-native:bigquery/v2:ArgumentArgumentKind": { "description": "Optional. Defaults to FIXED_TYPE.", "type": "string", "enum": [ { "name": "ArgumentKindUnspecified", "description": "Default value.", "value": "ARGUMENT_KIND_UNSPECIFIED" }, { "name": "FixedType", "description": "The argument is a variable with fully specified type, which can be a struct or an array, but not a table.", "value": "FIXED_TYPE" }, { "name": "AnyType", "description": "The argument is any type, including struct or array, but not a table. To be added: FIXED_TABLE, ANY_TABLE", "value": "ANY_TYPE" } ] }, "google-native:bigquery/v2:ArgumentMode": { "description": "Optional. Specifies whether the argument is input or output. Can be set for procedures only.", "type": "string", "enum": [ { "name": "ModeUnspecified", "description": "Default value.", "value": "MODE_UNSPECIFIED" }, { "name": "In", "description": "The argument is input-only.", "value": "IN" }, { "name": "Out", "description": "The argument is output-only.", "value": "OUT" }, { "name": "Inout", "description": "The argument is both an input and an output.", "value": "INOUT" } ] }, "google-native:bigquery/v2:ArgumentResponse": { "description": "Input/output argument of a function or a stored procedure.", "properties": { "argumentKind": { "type": "string", "description": "Optional. Defaults to FIXED_TYPE." }, "dataType": { "$ref": "#/types/google-native:bigquery%2Fv2:StandardSqlDataTypeResponse", "description": "Required unless argument_kind = ANY_TYPE." }, "isAggregate": { "type": "boolean", "description": "Optional. Whether the argument is an aggregate function parameter. Must be Unset for routine types other than AGGREGATE_FUNCTION. For AGGREGATE_FUNCTION, if set to false, it is equivalent to adding \"NOT AGGREGATE\" clause in DDL; Otherwise, it is equivalent to omitting \"NOT AGGREGATE\" clause in DDL." }, "mode": { "type": "string", "description": "Optional. Specifies whether the argument is input or output. Can be set for procedures only." }, "name": { "type": "string", "description": "Optional. The name of this argument. Can be absent for function return argument." } }, "type": "object", "required": [ "argumentKind", "dataType", "isAggregate", "mode", "name" ] }, "google-native:bigquery/v2:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:bigquery/v2:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:bigquery/v2:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:bigquery%2Fv2:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:bigquery/v2:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:bigquery/v2:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:bigquery/v2:AvroOptions": { "properties": { "useAvroLogicalTypes": { "type": "boolean", "description": "[Optional] If sourceFormat is set to \"AVRO\", indicates whether to interpret logical types as the corresponding BigQuery data type (for example, TIMESTAMP), instead of using the raw type (for example, INTEGER)." } }, "type": "object" }, "google-native:bigquery/v2:AvroOptionsResponse": { "properties": { "useAvroLogicalTypes": { "type": "boolean", "description": "[Optional] If sourceFormat is set to \"AVRO\", indicates whether to interpret logical types as the corresponding BigQuery data type (for example, TIMESTAMP), instead of using the raw type (for example, INTEGER)." } }, "type": "object", "required": [ "useAvroLogicalTypes" ] }, "google-native:bigquery/v2:BiEngineReasonResponse": { "properties": { "code": { "type": "string", "description": "High-level BI Engine reason for partial or disabled acceleration." }, "message": { "type": "string", "description": "Free form human-readable reason for partial or disabled acceleration." } }, "type": "object", "required": [ "code", "message" ] }, "google-native:bigquery/v2:BiEngineStatisticsResponse": { "properties": { "accelerationMode": { "type": "string", "description": "Specifies which mode of BI Engine acceleration was performed (if any)." }, "biEngineMode": { "type": "string", "description": "Specifies which mode of BI Engine acceleration was performed (if any)." }, "biEngineReasons": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:BiEngineReasonResponse" }, "description": "In case of DISABLED or PARTIAL bi_engine_mode, these contain the explanatory reasons as to why BI Engine could not accelerate. In case the full query was accelerated, this field is not populated." } }, "type": "object", "required": [ "accelerationMode", "biEngineMode", "biEngineReasons" ] }, "google-native:bigquery/v2:BigLakeConfiguration": { "properties": { "connectionId": { "type": "string", "description": "[Required] Required and immutable. Credential reference for accessing external storage system. Normalized as project_id.location_id.connection_id." }, "fileFormat": { "type": "string", "description": "[Required] Required and immutable. Open source file format that the table data is stored in. Currently only PARQUET is supported." }, "storageUri": { "type": "string", "description": "[Required] Required and immutable. Fully qualified location prefix of the external folder where data is stored. Normalized to standard format: \"gs:////\". Starts with \"gs://\" rather than \"/bigstore/\". Ends with \"/\". Does not contain \"*\". See also BigLakeStorageMetadata on how it is used." }, "tableFormat": { "type": "string", "description": "[Required] Required and immutable. Open source file format that the table data is stored in. Currently only PARQUET is supported." } }, "type": "object" }, "google-native:bigquery/v2:BigLakeConfigurationResponse": { "properties": { "connectionId": { "type": "string", "description": "[Required] Required and immutable. Credential reference for accessing external storage system. Normalized as project_id.location_id.connection_id." }, "fileFormat": { "type": "string", "description": "[Required] Required and immutable. Open source file format that the table data is stored in. Currently only PARQUET is supported." }, "storageUri": { "type": "string", "description": "[Required] Required and immutable. Fully qualified location prefix of the external folder where data is stored. Normalized to standard format: \"gs:////\". Starts with \"gs://\" rather than \"/bigstore/\". Ends with \"/\". Does not contain \"*\". See also BigLakeStorageMetadata on how it is used." }, "tableFormat": { "type": "string", "description": "[Required] Required and immutable. Open source file format that the table data is stored in. Currently only PARQUET is supported." } }, "type": "object", "required": [ "connectionId", "fileFormat", "storageUri", "tableFormat" ] }, "google-native:bigquery/v2:BigQueryModelTrainingResponse": { "properties": { "currentIteration": { "type": "integer", "description": "[Output-only, Beta] Index of current ML training iteration. Updated during create model query job to show job progress." }, "expectedTotalIterations": { "type": "string", "description": "[Output-only, Beta] Expected number of iterations for the create model query job specified as num_iterations in the input query. The actual total number of iterations may be less than this number due to early stop." } }, "type": "object", "required": [ "currentIteration", "expectedTotalIterations" ] }, "google-native:bigquery/v2:BigtableColumn": { "properties": { "encoding": { "type": "string", "description": "[Optional] The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. 'encoding' can also be set at the column family level. However, the setting at this level takes precedence if 'encoding' is set at both levels." }, "fieldName": { "type": "string", "description": "[Optional] If the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as the column field name and is used as field name in queries." }, "onlyReadLatest": { "type": "boolean", "description": "[Optional] If this is set, only the latest version of value in this column are exposed. 'onlyReadLatest' can also be set at the column family level. However, the setting at this level takes precedence if 'onlyReadLatest' is set at both levels." }, "qualifierEncoded": { "type": "string", "description": "[Required] Qualifier of the column. Columns in the parent column family that has this exact qualifier are exposed as . field. If the qualifier is valid UTF-8 string, it can be specified in the qualifier_string field. Otherwise, a base-64 encoded value must be set to qualifier_encoded. The column field name is the same as the column qualifier. However, if the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as field_name." }, "qualifierString": { "type": "string" }, "type": { "type": "string", "description": "[Optional] The type to convert the value in cells of this column. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive) - BYTES STRING INTEGER FLOAT BOOLEAN Default type is BYTES. 'type' can also be set at the column family level. However, the setting at this level takes precedence if 'type' is set at both levels." } }, "type": "object" }, "google-native:bigquery/v2:BigtableColumnFamily": { "properties": { "columns": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:BigtableColumn" }, "description": "[Optional] Lists of columns that should be exposed as individual fields as opposed to a list of (column name, value) pairs. All columns whose qualifier matches a qualifier in this list can be accessed as .. Other columns can be accessed as a list through .Column field." }, "encoding": { "type": "string", "description": "[Optional] The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. This can be overridden for a specific column by listing that column in 'columns' and specifying an encoding for it." }, "familyId": { "type": "string", "description": "Identifier of the column family." }, "onlyReadLatest": { "type": "boolean", "description": "[Optional] If this is set only the latest version of value are exposed for all columns in this column family. This can be overridden for a specific column by listing that column in 'columns' and specifying a different setting for that column." }, "type": { "type": "string", "description": "[Optional] The type to convert the value in cells of this column family. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive) - BYTES STRING INTEGER FLOAT BOOLEAN Default type is BYTES. This can be overridden for a specific column by listing that column in 'columns' and specifying a type for it." } }, "type": "object" }, "google-native:bigquery/v2:BigtableColumnFamilyResponse": { "properties": { "columns": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:BigtableColumnResponse" }, "description": "[Optional] Lists of columns that should be exposed as individual fields as opposed to a list of (column name, value) pairs. All columns whose qualifier matches a qualifier in this list can be accessed as .. Other columns can be accessed as a list through .Column field." }, "encoding": { "type": "string", "description": "[Optional] The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. This can be overridden for a specific column by listing that column in 'columns' and specifying an encoding for it." }, "familyId": { "type": "string", "description": "Identifier of the column family." }, "onlyReadLatest": { "type": "boolean", "description": "[Optional] If this is set only the latest version of value are exposed for all columns in this column family. This can be overridden for a specific column by listing that column in 'columns' and specifying a different setting for that column." }, "type": { "type": "string", "description": "[Optional] The type to convert the value in cells of this column family. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive) - BYTES STRING INTEGER FLOAT BOOLEAN Default type is BYTES. This can be overridden for a specific column by listing that column in 'columns' and specifying a type for it." } }, "type": "object", "required": [ "columns", "encoding", "familyId", "onlyReadLatest", "type" ] }, "google-native:bigquery/v2:BigtableColumnResponse": { "properties": { "encoding": { "type": "string", "description": "[Optional] The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. 'encoding' can also be set at the column family level. However, the setting at this level takes precedence if 'encoding' is set at both levels." }, "fieldName": { "type": "string", "description": "[Optional] If the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as the column field name and is used as field name in queries." }, "onlyReadLatest": { "type": "boolean", "description": "[Optional] If this is set, only the latest version of value in this column are exposed. 'onlyReadLatest' can also be set at the column family level. However, the setting at this level takes precedence if 'onlyReadLatest' is set at both levels." }, "qualifierEncoded": { "type": "string", "description": "[Required] Qualifier of the column. Columns in the parent column family that has this exact qualifier are exposed as . field. If the qualifier is valid UTF-8 string, it can be specified in the qualifier_string field. Otherwise, a base-64 encoded value must be set to qualifier_encoded. The column field name is the same as the column qualifier. However, if the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as field_name." }, "qualifierString": { "type": "string" }, "type": { "type": "string", "description": "[Optional] The type to convert the value in cells of this column. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive) - BYTES STRING INTEGER FLOAT BOOLEAN Default type is BYTES. 'type' can also be set at the column family level. However, the setting at this level takes precedence if 'type' is set at both levels." } }, "type": "object", "required": [ "encoding", "fieldName", "onlyReadLatest", "qualifierEncoded", "qualifierString", "type" ] }, "google-native:bigquery/v2:BigtableOptions": { "properties": { "columnFamilies": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:BigtableColumnFamily" }, "description": "[Optional] List of column families to expose in the table schema along with their types. This list restricts the column families that can be referenced in queries and specifies their value types. You can use this list to do type conversions - see the 'type' field for more details. If you leave this list empty, all column families are present in the table schema and their values are read as BYTES. During a query only the column families referenced in that query are read from Bigtable." }, "ignoreUnspecifiedColumnFamilies": { "type": "boolean", "description": "[Optional] If field is true, then the column families that are not specified in columnFamilies list are not exposed in the table schema. Otherwise, they are read with BYTES type values. The default value is false." }, "readRowkeyAsString": { "type": "boolean", "description": "[Optional] If field is true, then the rowkey column families will be read and converted to string. Otherwise they are read with BYTES type values and users need to manually cast them with CAST if necessary. The default value is false." } }, "type": "object" }, "google-native:bigquery/v2:BigtableOptionsResponse": { "properties": { "columnFamilies": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:BigtableColumnFamilyResponse" }, "description": "[Optional] List of column families to expose in the table schema along with their types. This list restricts the column families that can be referenced in queries and specifies their value types. You can use this list to do type conversions - see the 'type' field for more details. If you leave this list empty, all column families are present in the table schema and their values are read as BYTES. During a query only the column families referenced in that query are read from Bigtable." }, "ignoreUnspecifiedColumnFamilies": { "type": "boolean", "description": "[Optional] If field is true, then the column families that are not specified in columnFamilies list are not exposed in the table schema. Otherwise, they are read with BYTES type values. The default value is false." }, "readRowkeyAsString": { "type": "boolean", "description": "[Optional] If field is true, then the rowkey column families will be read and converted to string. Otherwise they are read with BYTES type values and users need to manually cast them with CAST if necessary. The default value is false." } }, "type": "object", "required": [ "columnFamilies", "ignoreUnspecifiedColumnFamilies", "readRowkeyAsString" ] }, "google-native:bigquery/v2:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:bigquery%2Fv2:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:bigquery/v2:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:bigquery%2Fv2:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:bigquery/v2:BqmlIterationResult": { "properties": { "durationMs": { "type": "string", "description": "[Output-only, Beta] Time taken to run the training iteration in milliseconds." }, "evalLoss": { "type": "number", "description": "[Output-only, Beta] Eval loss computed on the eval data at the end of the iteration. The eval loss is used for early stopping to avoid overfitting. No eval loss if eval_split_method option is specified as no_split or auto_split with input data size less than 500 rows." }, "index": { "type": "integer", "description": "[Output-only, Beta] Index of the ML training iteration, starting from zero for each training run." }, "learnRate": { "type": "number", "description": "[Output-only, Beta] Learning rate used for this iteration, it varies for different training iterations if learn_rate_strategy option is not constant." }, "trainingLoss": { "type": "number", "description": "[Output-only, Beta] Training loss computed on the training data at the end of the iteration. The training loss function is defined by model type." } }, "type": "object" }, "google-native:bigquery/v2:BqmlIterationResultResponse": { "properties": { "durationMs": { "type": "string", "description": "[Output-only, Beta] Time taken to run the training iteration in milliseconds." }, "evalLoss": { "type": "number", "description": "[Output-only, Beta] Eval loss computed on the eval data at the end of the iteration. The eval loss is used for early stopping to avoid overfitting. No eval loss if eval_split_method option is specified as no_split or auto_split with input data size less than 500 rows." }, "index": { "type": "integer", "description": "[Output-only, Beta] Index of the ML training iteration, starting from zero for each training run." }, "learnRate": { "type": "number", "description": "[Output-only, Beta] Learning rate used for this iteration, it varies for different training iterations if learn_rate_strategy option is not constant." }, "trainingLoss": { "type": "number", "description": "[Output-only, Beta] Training loss computed on the training data at the end of the iteration. The training loss function is defined by model type." } }, "type": "object", "required": [ "durationMs", "evalLoss", "index", "learnRate", "trainingLoss" ] }, "google-native:bigquery/v2:BqmlTrainingRun": { "properties": { "iterationResults": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:BqmlIterationResult" }, "description": "[Output-only, Beta] List of each iteration results." }, "startTime": { "type": "string", "description": "[Output-only, Beta] Training run start time in milliseconds since the epoch." }, "state": { "type": "string", "description": "[Output-only, Beta] Different state applicable for a training run. IN PROGRESS: Training run is in progress. FAILED: Training run ended due to a non-retryable failure. SUCCEEDED: Training run successfully completed. CANCELLED: Training run cancelled by the user." }, "trainingOptions": { "$ref": "#/types/google-native:bigquery%2Fv2:BqmlTrainingRunTrainingOptions", "description": "[Output-only, Beta] Training options used by this training run. These options are mutable for subsequent training runs. Default values are explicitly stored for options not specified in the input query of the first training run. For subsequent training runs, any option not explicitly specified in the input query will be copied from the previous training run." } }, "type": "object" }, "google-native:bigquery/v2:BqmlTrainingRunResponse": { "properties": { "iterationResults": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:BqmlIterationResultResponse" }, "description": "[Output-only, Beta] List of each iteration results." }, "startTime": { "type": "string", "description": "[Output-only, Beta] Training run start time in milliseconds since the epoch." }, "state": { "type": "string", "description": "[Output-only, Beta] Different state applicable for a training run. IN PROGRESS: Training run is in progress. FAILED: Training run ended due to a non-retryable failure. SUCCEEDED: Training run successfully completed. CANCELLED: Training run cancelled by the user." }, "trainingOptions": { "$ref": "#/types/google-native:bigquery%2Fv2:BqmlTrainingRunTrainingOptionsResponse", "description": "[Output-only, Beta] Training options used by this training run. These options are mutable for subsequent training runs. Default values are explicitly stored for options not specified in the input query of the first training run. For subsequent training runs, any option not explicitly specified in the input query will be copied from the previous training run." } }, "type": "object", "required": [ "iterationResults", "startTime", "state", "trainingOptions" ] }, "google-native:bigquery/v2:BqmlTrainingRunTrainingOptions": { "description": "[Output-only, Beta] Training options used by this training run. These options are mutable for subsequent training runs. Default values are explicitly stored for options not specified in the input query of the first training run. For subsequent training runs, any option not explicitly specified in the input query will be copied from the previous training run.", "properties": { "earlyStop": { "type": "boolean" }, "l1Reg": { "type": "number" }, "l2Reg": { "type": "number" }, "learnRate": { "type": "number" }, "learnRateStrategy": { "type": "string" }, "lineSearchInitLearnRate": { "type": "number" }, "maxIteration": { "type": "string" }, "minRelProgress": { "type": "number" }, "warmStart": { "type": "boolean" } }, "type": "object" }, "google-native:bigquery/v2:BqmlTrainingRunTrainingOptionsResponse": { "description": "[Output-only, Beta] Training options used by this training run. These options are mutable for subsequent training runs. Default values are explicitly stored for options not specified in the input query of the first training run. For subsequent training runs, any option not explicitly specified in the input query will be copied from the previous training run.", "properties": { "earlyStop": { "type": "boolean" }, "l1Reg": { "type": "number" }, "l2Reg": { "type": "number" }, "learnRate": { "type": "number" }, "learnRateStrategy": { "type": "string" }, "lineSearchInitLearnRate": { "type": "number" }, "maxIteration": { "type": "string" }, "minRelProgress": { "type": "number" }, "warmStart": { "type": "boolean" } }, "type": "object", "required": [ "earlyStop", "l1Reg", "l2Reg", "learnRate", "learnRateStrategy", "lineSearchInitLearnRate", "maxIteration", "minRelProgress", "warmStart" ] }, "google-native:bigquery/v2:CloneDefinitionResponse": { "properties": { "baseTableReference": { "$ref": "#/types/google-native:bigquery%2Fv2:TableReferenceResponse", "description": "[Required] Reference describing the ID of the table that was cloned." }, "cloneTime": { "type": "string", "description": "[Required] The time at which the base table was cloned. This value is reported in the JSON response using RFC3339 format." } }, "type": "object", "required": [ "baseTableReference", "cloneTime" ] }, "google-native:bigquery/v2:Clustering": { "properties": { "fields": { "type": "array", "items": { "type": "string" }, "description": "[Repeated] One or more fields on which data should be clustered. Only top-level, non-repeated, simple-type fields are supported. When you cluster a table using multiple columns, the order of columns you specify is important. The order of the specified columns determines the sort order of the data." } }, "type": "object" }, "google-native:bigquery/v2:ClusteringResponse": { "properties": { "fields": { "type": "array", "items": { "type": "string" }, "description": "[Repeated] One or more fields on which data should be clustered. Only top-level, non-repeated, simple-type fields are supported. When you cluster a table using multiple columns, the order of columns you specify is important. The order of the specified columns determines the sort order of the data." } }, "type": "object", "required": [ "fields" ] }, "google-native:bigquery/v2:ConnectionProperty": { "properties": { "key": { "type": "string", "description": "[Required] Name of the connection property to set." }, "value": { "type": "string", "description": "[Required] Value of the connection property." } }, "type": "object" }, "google-native:bigquery/v2:ConnectionPropertyResponse": { "properties": { "key": { "type": "string", "description": "[Required] Name of the connection property to set." }, "value": { "type": "string", "description": "[Required] Value of the connection property." } }, "type": "object", "required": [ "key", "value" ] }, "google-native:bigquery/v2:CsvOptions": { "properties": { "allowJaggedRows": { "type": "boolean", "description": "[Optional] Indicates if BigQuery should accept rows that are missing trailing optional columns. If true, BigQuery treats missing trailing columns as null values. If false, records with missing trailing columns are treated as bad records, and if there are too many bad records, an invalid error is returned in the job result. The default value is false." }, "allowQuotedNewlines": { "type": "boolean", "description": "[Optional] Indicates if BigQuery should allow quoted data sections that contain newline characters in a CSV file. The default value is false." }, "encoding": { "type": "string", "description": "[Optional] The character encoding of the data. The supported values are UTF-8 or ISO-8859-1. The default value is UTF-8. BigQuery decodes the data after the raw, binary data has been split using the values of the quote and fieldDelimiter properties." }, "fieldDelimiter": { "type": "string", "description": "[Optional] The separator for fields in a CSV file. BigQuery converts the string to ISO-8859-1 encoding, and then uses the first byte of the encoded string to split the data in its raw, binary state. BigQuery also supports the escape sequence \"\\t\" to specify a tab separator. The default value is a comma (',')." }, "nullMarker": { "type": "string", "description": "[Optional] An custom string that will represent a NULL value in CSV import data." }, "preserveAsciiControlCharacters": { "type": "boolean", "description": "[Optional] Preserves the embedded ASCII control characters (the first 32 characters in the ASCII-table, from '\\x00' to '\\x1F') when loading from CSV. Only applicable to CSV, ignored for other formats." }, "quote": { "type": "string", "description": "[Optional] The value that is used to quote data sections in a CSV file. BigQuery converts the string to ISO-8859-1 encoding, and then uses the first byte of the encoded string to split the data in its raw, binary state. The default value is a double-quote ('\"'). If your data does not contain quoted sections, set the property value to an empty string. If your data contains quoted newline characters, you must also set the allowQuotedNewlines property to true." }, "skipLeadingRows": { "type": "string", "description": "[Optional] The number of rows at the top of a CSV file that BigQuery will skip when reading the data. The default value is 0. This property is useful if you have header rows in the file that should be skipped. When autodetect is on, the behavior is the following: * skipLeadingRows unspecified - Autodetect tries to detect headers in the first row. If they are not detected, the row is read as data. Otherwise data is read starting from the second row. * skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. * skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, row N is just skipped. Otherwise row N is used to extract column names for the detected schema." } }, "type": "object" }, "google-native:bigquery/v2:CsvOptionsResponse": { "properties": { "allowJaggedRows": { "type": "boolean", "description": "[Optional] Indicates if BigQuery should accept rows that are missing trailing optional columns. If true, BigQuery treats missing trailing columns as null values. If false, records with missing trailing columns are treated as bad records, and if there are too many bad records, an invalid error is returned in the job result. The default value is false." }, "allowQuotedNewlines": { "type": "boolean", "description": "[Optional] Indicates if BigQuery should allow quoted data sections that contain newline characters in a CSV file. The default value is false." }, "encoding": { "type": "string", "description": "[Optional] The character encoding of the data. The supported values are UTF-8 or ISO-8859-1. The default value is UTF-8. BigQuery decodes the data after the raw, binary data has been split using the values of the quote and fieldDelimiter properties." }, "fieldDelimiter": { "type": "string", "description": "[Optional] The separator for fields in a CSV file. BigQuery converts the string to ISO-8859-1 encoding, and then uses the first byte of the encoded string to split the data in its raw, binary state. BigQuery also supports the escape sequence \"\\t\" to specify a tab separator. The default value is a comma (',')." }, "nullMarker": { "type": "string", "description": "[Optional] An custom string that will represent a NULL value in CSV import data." }, "preserveAsciiControlCharacters": { "type": "boolean", "description": "[Optional] Preserves the embedded ASCII control characters (the first 32 characters in the ASCII-table, from '\\x00' to '\\x1F') when loading from CSV. Only applicable to CSV, ignored for other formats." }, "quote": { "type": "string", "description": "[Optional] The value that is used to quote data sections in a CSV file. BigQuery converts the string to ISO-8859-1 encoding, and then uses the first byte of the encoded string to split the data in its raw, binary state. The default value is a double-quote ('\"'). If your data does not contain quoted sections, set the property value to an empty string. If your data contains quoted newline characters, you must also set the allowQuotedNewlines property to true." }, "skipLeadingRows": { "type": "string", "description": "[Optional] The number of rows at the top of a CSV file that BigQuery will skip when reading the data. The default value is 0. This property is useful if you have header rows in the file that should be skipped. When autodetect is on, the behavior is the following: * skipLeadingRows unspecified - Autodetect tries to detect headers in the first row. If they are not detected, the row is read as data. Otherwise data is read starting from the second row. * skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. * skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, row N is just skipped. Otherwise row N is used to extract column names for the detected schema." } }, "type": "object", "required": [ "allowJaggedRows", "allowQuotedNewlines", "encoding", "fieldDelimiter", "nullMarker", "preserveAsciiControlCharacters", "quote", "skipLeadingRows" ] }, "google-native:bigquery/v2:DataMaskingStatisticsResponse": { "properties": { "dataMaskingApplied": { "type": "boolean", "description": "[Preview] Whether any accessed data was protected by data masking. The actual evaluation is done by accessStats.masked_field_count > 0. Since this is only used for the discovery_doc generation purpose, as long as the type (boolean) matches, client library can leverage this. The actual evaluation of the variable is done else-where." } }, "type": "object", "required": [ "dataMaskingApplied" ] }, "google-native:bigquery/v2:DatasetAccessEntry": { "properties": { "dataset": { "$ref": "#/types/google-native:bigquery%2Fv2:DatasetReference", "description": "[Required] The dataset this entry applies to." }, "targetTypes": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:DatasetAccessEntryTargetTypesItem" } } }, "type": "object" }, "google-native:bigquery/v2:DatasetAccessEntryResponse": { "properties": { "dataset": { "$ref": "#/types/google-native:bigquery%2Fv2:DatasetReferenceResponse", "description": "[Required] The dataset this entry applies to." }, "targetTypes": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "dataset", "targetTypes" ] }, "google-native:bigquery/v2:DatasetAccessEntryTargetTypesItem": { "type": "string", "enum": [ { "name": "TargetTypeUnspecified", "description": "Do not use. You must set a target type explicitly.", "value": "TARGET_TYPE_UNSPECIFIED" }, { "name": "Views", "description": "This entry applies to views in the dataset.", "value": "VIEWS" }, { "name": "Routines", "description": "This entry applies to routines in the dataset.", "value": "ROUTINES" } ] }, "google-native:bigquery/v2:DatasetAccessItem": { "properties": { "dataset": { "$ref": "#/types/google-native:bigquery%2Fv2:DatasetAccessEntry", "description": "[Pick one] A grant authorizing all resources of a particular type in a particular dataset access to this dataset. Only views are supported for now. The role field is not required when this field is set. If that dataset is deleted and re-created, its access needs to be granted again via an update operation." }, "domain": { "type": "string", "description": "[Pick one] A domain to grant access to. Any users signed in with the domain specified will be granted the specified access. Example: \"example.com\". Maps to IAM policy member \"domain:DOMAIN\"." }, "groupByEmail": { "type": "string", "description": "[Pick one] An email address of a Google Group to grant access to. Maps to IAM policy member \"group:GROUP\"." }, "iamMember": { "type": "string", "description": "[Pick one] Some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group." }, "role": { "type": "string", "description": "[Required] An IAM role ID that should be granted to the user, group, or domain specified in this access entry. The following legacy mappings will be applied: OWNER roles/bigquery.dataOwner WRITER roles/bigquery.dataEditor READER roles/bigquery.dataViewer This field will accept any of the above formats, but will return only the legacy format. For example, if you set this field to \"roles/bigquery.dataOwner\", it will be returned back as \"OWNER\"." }, "routine": { "$ref": "#/types/google-native:bigquery%2Fv2:RoutineReference", "description": "[Pick one] A routine from a different dataset to grant access to. Queries executed against that routine will have read access to views/tables/routines in this dataset. Only UDF is supported for now. The role field is not required when this field is set. If that routine is updated by any user, access to the routine needs to be granted again via an update operation." }, "specialGroup": { "type": "string", "description": "[Pick one] A special group to grant access to. Possible values include: projectOwners: Owners of the enclosing project. projectReaders: Readers of the enclosing project. projectWriters: Writers of the enclosing project. allAuthenticatedUsers: All authenticated BigQuery users. Maps to similarly-named IAM members." }, "userByEmail": { "type": "string", "description": "[Pick one] An email address of a user to grant access to. For example: fred@example.com. Maps to IAM policy member \"user:EMAIL\" or \"serviceAccount:EMAIL\"." }, "view": { "$ref": "#/types/google-native:bigquery%2Fv2:TableReference", "description": "[Pick one] A view from a different dataset to grant access to. Queries executed against that view will have read access to tables in this dataset. The role field is not required when this field is set. If that view is updated by any user, access to the view needs to be granted again via an update operation." } }, "type": "object" }, "google-native:bigquery/v2:DatasetAccessItemResponse": { "properties": { "dataset": { "$ref": "#/types/google-native:bigquery%2Fv2:DatasetAccessEntryResponse", "description": "[Pick one] A grant authorizing all resources of a particular type in a particular dataset access to this dataset. Only views are supported for now. The role field is not required when this field is set. If that dataset is deleted and re-created, its access needs to be granted again via an update operation." }, "domain": { "type": "string", "description": "[Pick one] A domain to grant access to. Any users signed in with the domain specified will be granted the specified access. Example: \"example.com\". Maps to IAM policy member \"domain:DOMAIN\"." }, "groupByEmail": { "type": "string", "description": "[Pick one] An email address of a Google Group to grant access to. Maps to IAM policy member \"group:GROUP\"." }, "iamMember": { "type": "string", "description": "[Pick one] Some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group." }, "role": { "type": "string", "description": "[Required] An IAM role ID that should be granted to the user, group, or domain specified in this access entry. The following legacy mappings will be applied: OWNER roles/bigquery.dataOwner WRITER roles/bigquery.dataEditor READER roles/bigquery.dataViewer This field will accept any of the above formats, but will return only the legacy format. For example, if you set this field to \"roles/bigquery.dataOwner\", it will be returned back as \"OWNER\"." }, "routine": { "$ref": "#/types/google-native:bigquery%2Fv2:RoutineReferenceResponse", "description": "[Pick one] A routine from a different dataset to grant access to. Queries executed against that routine will have read access to views/tables/routines in this dataset. Only UDF is supported for now. The role field is not required when this field is set. If that routine is updated by any user, access to the routine needs to be granted again via an update operation." }, "specialGroup": { "type": "string", "description": "[Pick one] A special group to grant access to. Possible values include: projectOwners: Owners of the enclosing project. projectReaders: Readers of the enclosing project. projectWriters: Writers of the enclosing project. allAuthenticatedUsers: All authenticated BigQuery users. Maps to similarly-named IAM members." }, "userByEmail": { "type": "string", "description": "[Pick one] An email address of a user to grant access to. For example: fred@example.com. Maps to IAM policy member \"user:EMAIL\" or \"serviceAccount:EMAIL\"." }, "view": { "$ref": "#/types/google-native:bigquery%2Fv2:TableReferenceResponse", "description": "[Pick one] A view from a different dataset to grant access to. Queries executed against that view will have read access to tables in this dataset. The role field is not required when this field is set. If that view is updated by any user, access to the view needs to be granted again via an update operation." } }, "type": "object", "required": [ "dataset", "domain", "groupByEmail", "iamMember", "role", "routine", "specialGroup", "userByEmail", "view" ] }, "google-native:bigquery/v2:DatasetReference": { "properties": { "datasetId": { "type": "string", "description": "[Required] A unique ID for this dataset, without the project name. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 1,024 characters." }, "project": { "type": "string", "description": "[Optional] The ID of the project containing this dataset." } }, "type": "object" }, "google-native:bigquery/v2:DatasetReferenceResponse": { "properties": { "datasetId": { "type": "string", "description": "[Required] A unique ID for this dataset, without the project name. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 1,024 characters." }, "project": { "type": "string", "description": "[Optional] The ID of the project containing this dataset." } }, "type": "object", "required": [ "datasetId", "project" ] }, "google-native:bigquery/v2:DatasetTagsItem": { "properties": { "tagKey": { "type": "string", "description": "[Required] The namespaced friendly name of the tag key, e.g. \"12345/environment\" where 12345 is org id." }, "tagValue": { "type": "string", "description": "[Required] Friendly short name of the tag value, e.g. \"production\"." } }, "type": "object" }, "google-native:bigquery/v2:DatasetTagsItemResponse": { "properties": { "tagKey": { "type": "string", "description": "[Required] The namespaced friendly name of the tag key, e.g. \"12345/environment\" where 12345 is org id." }, "tagValue": { "type": "string", "description": "[Required] Friendly short name of the tag value, e.g. \"production\"." } }, "type": "object", "required": [ "tagKey", "tagValue" ] }, "google-native:bigquery/v2:DestinationTableProperties": { "properties": { "description": { "type": "string", "description": "[Optional] The description for the destination table. This will only be used if the destination table is newly created. If the table already exists and a value different than the current description is provided, the job will fail." }, "expirationTime": { "type": "string", "description": "[Internal] This field is for Google internal use only." }, "friendlyName": { "type": "string", "description": "[Optional] The friendly name for the destination table. This will only be used if the destination table is newly created. If the table already exists and a value different than the current friendly name is provided, the job will fail." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "[Optional] The labels associated with this table. You can use these to organize and group your tables. This will only be used if the destination table is newly created. If the table already exists and labels are different than the current labels are provided, the job will fail." } }, "type": "object" }, "google-native:bigquery/v2:DestinationTablePropertiesResponse": { "properties": { "description": { "type": "string", "description": "[Optional] The description for the destination table. This will only be used if the destination table is newly created. If the table already exists and a value different than the current description is provided, the job will fail." }, "expirationTime": { "type": "string", "description": "[Internal] This field is for Google internal use only." }, "friendlyName": { "type": "string", "description": "[Optional] The friendly name for the destination table. This will only be used if the destination table is newly created. If the table already exists and a value different than the current friendly name is provided, the job will fail." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "[Optional] The labels associated with this table. You can use these to organize and group your tables. This will only be used if the destination table is newly created. If the table already exists and labels are different than the current labels are provided, the job will fail." } }, "type": "object", "required": [ "description", "expirationTime", "friendlyName", "labels" ] }, "google-native:bigquery/v2:DmlStatisticsResponse": { "properties": { "deletedRowCount": { "type": "string", "description": "Number of deleted Rows. populated by DML DELETE, MERGE and TRUNCATE statements." }, "insertedRowCount": { "type": "string", "description": "Number of inserted Rows. Populated by DML INSERT and MERGE statements." }, "updatedRowCount": { "type": "string", "description": "Number of updated Rows. Populated by DML UPDATE and MERGE statements." } }, "type": "object", "required": [ "deletedRowCount", "insertedRowCount", "updatedRowCount" ] }, "google-native:bigquery/v2:EncryptionConfiguration": { "properties": { "kmsKeyName": { "type": "string", "description": "Optional. Describes the Cloud KMS encryption key that will be used to protect destination BigQuery table. The BigQuery Service Account associated with your project requires access to this encryption key." } }, "type": "object" }, "google-native:bigquery/v2:EncryptionConfigurationResponse": { "properties": { "kmsKeyName": { "type": "string", "description": "Optional. Describes the Cloud KMS encryption key that will be used to protect destination BigQuery table. The BigQuery Service Account associated with your project requires access to this encryption key." } }, "type": "object", "required": [ "kmsKeyName" ] }, "google-native:bigquery/v2:ErrorProtoResponse": { "properties": { "debugInfo": { "type": "string", "description": "Debugging information. This property is internal to Google and should not be used." }, "location": { "type": "string", "description": "Specifies where the error occurred, if present." }, "message": { "type": "string", "description": "A human-readable description of the error." }, "reason": { "type": "string", "description": "A short error code that summarizes the error." } }, "type": "object", "required": [ "debugInfo", "location", "message", "reason" ] }, "google-native:bigquery/v2:ExplainQueryStageResponse": { "properties": { "completedParallelInputs": { "type": "string", "description": "Number of parallel input segments completed." }, "computeMsAvg": { "type": "string", "description": "Milliseconds the average shard spent on CPU-bound tasks." }, "computeMsMax": { "type": "string", "description": "Milliseconds the slowest shard spent on CPU-bound tasks." }, "computeRatioAvg": { "type": "number", "description": "Relative amount of time the average shard spent on CPU-bound tasks." }, "computeRatioMax": { "type": "number", "description": "Relative amount of time the slowest shard spent on CPU-bound tasks." }, "endMs": { "type": "string", "description": "Stage end time represented as milliseconds since epoch." }, "inputStages": { "type": "array", "items": { "type": "string" }, "description": "IDs for stages that are inputs to this stage." }, "name": { "type": "string", "description": "Human-readable name for stage." }, "parallelInputs": { "type": "string", "description": "Number of parallel input segments to be processed." }, "readMsAvg": { "type": "string", "description": "Milliseconds the average shard spent reading input." }, "readMsMax": { "type": "string", "description": "Milliseconds the slowest shard spent reading input." }, "readRatioAvg": { "type": "number", "description": "Relative amount of time the average shard spent reading input." }, "readRatioMax": { "type": "number", "description": "Relative amount of time the slowest shard spent reading input." }, "recordsRead": { "type": "string", "description": "Number of records read into the stage." }, "recordsWritten": { "type": "string", "description": "Number of records written by the stage." }, "shuffleOutputBytes": { "type": "string", "description": "Total number of bytes written to shuffle." }, "shuffleOutputBytesSpilled": { "type": "string", "description": "Total number of bytes written to shuffle and spilled to disk." }, "slotMs": { "type": "string", "description": "Slot-milliseconds used by the stage." }, "startMs": { "type": "string", "description": "Stage start time represented as milliseconds since epoch." }, "status": { "type": "string", "description": "Current status for the stage." }, "steps": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:ExplainQueryStepResponse" }, "description": "List of operations within the stage in dependency order (approximately chronological)." }, "waitMsAvg": { "type": "string", "description": "Milliseconds the average shard spent waiting to be scheduled." }, "waitMsMax": { "type": "string", "description": "Milliseconds the slowest shard spent waiting to be scheduled." }, "waitRatioAvg": { "type": "number", "description": "Relative amount of time the average shard spent waiting to be scheduled." }, "waitRatioMax": { "type": "number", "description": "Relative amount of time the slowest shard spent waiting to be scheduled." }, "writeMsAvg": { "type": "string", "description": "Milliseconds the average shard spent on writing output." }, "writeMsMax": { "type": "string", "description": "Milliseconds the slowest shard spent on writing output." }, "writeRatioAvg": { "type": "number", "description": "Relative amount of time the average shard spent on writing output." }, "writeRatioMax": { "type": "number", "description": "Relative amount of time the slowest shard spent on writing output." } }, "type": "object", "required": [ "completedParallelInputs", "computeMsAvg", "computeMsMax", "computeRatioAvg", "computeRatioMax", "endMs", "inputStages", "name", "parallelInputs", "readMsAvg", "readMsMax", "readRatioAvg", "readRatioMax", "recordsRead", "recordsWritten", "shuffleOutputBytes", "shuffleOutputBytesSpilled", "slotMs", "startMs", "status", "steps", "waitMsAvg", "waitMsMax", "waitRatioAvg", "waitRatioMax", "writeMsAvg", "writeMsMax", "writeRatioAvg", "writeRatioMax" ] }, "google-native:bigquery/v2:ExplainQueryStepResponse": { "properties": { "kind": { "type": "string", "description": "Machine-readable operation type." }, "substeps": { "type": "array", "items": { "type": "string" }, "description": "Human-readable stage descriptions." } }, "type": "object", "required": [ "kind", "substeps" ] }, "google-native:bigquery/v2:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:bigquery/v2:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:bigquery/v2:ExternalDataConfiguration": { "properties": { "autodetect": { "type": "boolean", "description": "Try to detect schema and format options automatically. Any option specified explicitly will be honored." }, "avroOptions": { "$ref": "#/types/google-native:bigquery%2Fv2:AvroOptions", "description": "Additional properties to set if sourceFormat is set to Avro." }, "bigtableOptions": { "$ref": "#/types/google-native:bigquery%2Fv2:BigtableOptions", "description": "[Optional] Additional options if sourceFormat is set to BIGTABLE." }, "compression": { "type": "string", "description": "[Optional] The compression type of the data source. Possible values include GZIP and NONE. The default value is NONE. This setting is ignored for Google Cloud Bigtable, Google Cloud Datastore backups and Avro formats." }, "connectionId": { "type": "string", "description": "[Optional, Trusted Tester] Connection for external data source." }, "csvOptions": { "$ref": "#/types/google-native:bigquery%2Fv2:CsvOptions", "description": "Additional properties to set if sourceFormat is set to CSV." }, "decimalTargetTypes": { "type": "array", "items": { "type": "string" }, "description": "[Optional] Defines the list of possible SQL data types to which the source decimal values are converted. This list and the precision and the scale parameters of the decimal field determine the target type. In the order of NUMERIC, BIGNUMERIC, and STRING, a type is picked if it is in the specified list and if it supports the precision and the scale. STRING supports all precision and scale values. If none of the listed types supports the precision and the scale, the type supporting the widest range in the specified list is picked, and if a value exceeds the supported range when reading the data, an error will be thrown. Example: Suppose the value of this field is [\"NUMERIC\", \"BIGNUMERIC\"]. If (precision,scale) is: (38,9) -> NUMERIC; (39,9) -> BIGNUMERIC (NUMERIC cannot hold 30 integer digits); (38,10) -> BIGNUMERIC (NUMERIC cannot hold 10 fractional digits); (76,38) -> BIGNUMERIC; (77,38) -> BIGNUMERIC (error if value exeeds supported range). This field cannot contain duplicate types. The order of the types in this field is ignored. For example, [\"BIGNUMERIC\", \"NUMERIC\"] is the same as [\"NUMERIC\", \"BIGNUMERIC\"] and NUMERIC always takes precedence over BIGNUMERIC. Defaults to [\"NUMERIC\", \"STRING\"] for ORC and [\"NUMERIC\"] for the other file formats." }, "fileSetSpecType": { "type": "string", "description": "[Optional] Specifies how source URIs are interpreted for constructing the file set to load. By default source URIs are expanded against the underlying storage. Other options include specifying manifest files. Only applicable to object storage systems." }, "googleSheetsOptions": { "$ref": "#/types/google-native:bigquery%2Fv2:GoogleSheetsOptions", "description": "[Optional] Additional options if sourceFormat is set to GOOGLE_SHEETS." }, "hivePartitioningOptions": { "$ref": "#/types/google-native:bigquery%2Fv2:HivePartitioningOptions", "description": "[Optional] Options to configure hive partitioning support." }, "ignoreUnknownValues": { "type": "boolean", "description": "[Optional] Indicates if BigQuery should allow extra values that are not represented in the table schema. If true, the extra values are ignored. If false, records with extra columns are treated as bad records, and if there are too many bad records, an invalid error is returned in the job result. The default value is false. The sourceFormat property determines what BigQuery treats as an extra value: CSV: Trailing columns JSON: Named values that don't match any column names Google Cloud Bigtable: This setting is ignored. Google Cloud Datastore backups: This setting is ignored. Avro: This setting is ignored." }, "jsonOptions": { "$ref": "#/types/google-native:bigquery%2Fv2:JsonOptions", "description": "Additional properties to set if `sourceFormat` is set to `NEWLINE_DELIMITED_JSON`." }, "maxBadRecords": { "type": "integer", "description": "[Optional] The maximum number of bad records that BigQuery can ignore when reading data. If the number of bad records exceeds this value, an invalid error is returned in the job result. This is only valid for CSV, JSON, and Google Sheets. The default value is 0, which requires that all records are valid. This setting is ignored for Google Cloud Bigtable, Google Cloud Datastore backups and Avro formats." }, "metadataCacheMode": { "type": "string", "description": "[Optional] Metadata Cache Mode for the table. Set this to enable caching of metadata from external data source." }, "objectMetadata": { "type": "string", "description": "ObjectMetadata is used to create Object Tables. Object Tables contain a listing of objects (with their metadata) found at the source_uris. If ObjectMetadata is set, source_format should be omitted. Currently SIMPLE is the only supported Object Metadata type." }, "parquetOptions": { "$ref": "#/types/google-native:bigquery%2Fv2:ParquetOptions", "description": "Additional properties to set if sourceFormat is set to Parquet." }, "referenceFileSchemaUri": { "type": "string", "description": "[Optional] Provide a referencing file with the expected table schema. Enabled for the format: AVRO, PARQUET, ORC." }, "schema": { "$ref": "#/types/google-native:bigquery%2Fv2:TableSchema", "description": "[Optional] The schema for the data. Schema is required for CSV and JSON formats. Schema is disallowed for Google Cloud Bigtable, Cloud Datastore backups, and Avro formats." }, "sourceFormat": { "type": "string", "description": "[Required] The data format. For CSV files, specify \"CSV\". For Google sheets, specify \"GOOGLE_SHEETS\". For newline-delimited JSON, specify \"NEWLINE_DELIMITED_JSON\". For Avro files, specify \"AVRO\". For Google Cloud Datastore backups, specify \"DATASTORE_BACKUP\". [Beta] For Google Cloud Bigtable, specify \"BIGTABLE\"." }, "sourceUris": { "type": "array", "items": { "type": "string" }, "description": "[Required] The fully-qualified URIs that point to your data in Google Cloud. For Google Cloud Storage URIs: Each URI can contain one '*' wildcard character and it must come after the 'bucket' name. Size limits related to load jobs apply to external data sources. For Google Cloud Bigtable URIs: Exactly one URI can be specified and it has be a fully specified and valid HTTPS URL for a Google Cloud Bigtable table. For Google Cloud Datastore backups, exactly one URI can be specified. Also, the '*' wildcard character is not allowed." } }, "type": "object" }, "google-native:bigquery/v2:ExternalDataConfigurationResponse": { "properties": { "autodetect": { "type": "boolean", "description": "Try to detect schema and format options automatically. Any option specified explicitly will be honored." }, "avroOptions": { "$ref": "#/types/google-native:bigquery%2Fv2:AvroOptionsResponse", "description": "Additional properties to set if sourceFormat is set to Avro." }, "bigtableOptions": { "$ref": "#/types/google-native:bigquery%2Fv2:BigtableOptionsResponse", "description": "[Optional] Additional options if sourceFormat is set to BIGTABLE." }, "compression": { "type": "string", "description": "[Optional] The compression type of the data source. Possible values include GZIP and NONE. The default value is NONE. This setting is ignored for Google Cloud Bigtable, Google Cloud Datastore backups and Avro formats." }, "connectionId": { "type": "string", "description": "[Optional, Trusted Tester] Connection for external data source." }, "csvOptions": { "$ref": "#/types/google-native:bigquery%2Fv2:CsvOptionsResponse", "description": "Additional properties to set if sourceFormat is set to CSV." }, "decimalTargetTypes": { "type": "array", "items": { "type": "string" }, "description": "[Optional] Defines the list of possible SQL data types to which the source decimal values are converted. This list and the precision and the scale parameters of the decimal field determine the target type. In the order of NUMERIC, BIGNUMERIC, and STRING, a type is picked if it is in the specified list and if it supports the precision and the scale. STRING supports all precision and scale values. If none of the listed types supports the precision and the scale, the type supporting the widest range in the specified list is picked, and if a value exceeds the supported range when reading the data, an error will be thrown. Example: Suppose the value of this field is [\"NUMERIC\", \"BIGNUMERIC\"]. If (precision,scale) is: (38,9) -> NUMERIC; (39,9) -> BIGNUMERIC (NUMERIC cannot hold 30 integer digits); (38,10) -> BIGNUMERIC (NUMERIC cannot hold 10 fractional digits); (76,38) -> BIGNUMERIC; (77,38) -> BIGNUMERIC (error if value exeeds supported range). This field cannot contain duplicate types. The order of the types in this field is ignored. For example, [\"BIGNUMERIC\", \"NUMERIC\"] is the same as [\"NUMERIC\", \"BIGNUMERIC\"] and NUMERIC always takes precedence over BIGNUMERIC. Defaults to [\"NUMERIC\", \"STRING\"] for ORC and [\"NUMERIC\"] for the other file formats." }, "fileSetSpecType": { "type": "string", "description": "[Optional] Specifies how source URIs are interpreted for constructing the file set to load. By default source URIs are expanded against the underlying storage. Other options include specifying manifest files. Only applicable to object storage systems." }, "googleSheetsOptions": { "$ref": "#/types/google-native:bigquery%2Fv2:GoogleSheetsOptionsResponse", "description": "[Optional] Additional options if sourceFormat is set to GOOGLE_SHEETS." }, "hivePartitioningOptions": { "$ref": "#/types/google-native:bigquery%2Fv2:HivePartitioningOptionsResponse", "description": "[Optional] Options to configure hive partitioning support." }, "ignoreUnknownValues": { "type": "boolean", "description": "[Optional] Indicates if BigQuery should allow extra values that are not represented in the table schema. If true, the extra values are ignored. If false, records with extra columns are treated as bad records, and if there are too many bad records, an invalid error is returned in the job result. The default value is false. The sourceFormat property determines what BigQuery treats as an extra value: CSV: Trailing columns JSON: Named values that don't match any column names Google Cloud Bigtable: This setting is ignored. Google Cloud Datastore backups: This setting is ignored. Avro: This setting is ignored." }, "jsonOptions": { "$ref": "#/types/google-native:bigquery%2Fv2:JsonOptionsResponse", "description": "Additional properties to set if `sourceFormat` is set to `NEWLINE_DELIMITED_JSON`." }, "maxBadRecords": { "type": "integer", "description": "[Optional] The maximum number of bad records that BigQuery can ignore when reading data. If the number of bad records exceeds this value, an invalid error is returned in the job result. This is only valid for CSV, JSON, and Google Sheets. The default value is 0, which requires that all records are valid. This setting is ignored for Google Cloud Bigtable, Google Cloud Datastore backups and Avro formats." }, "metadataCacheMode": { "type": "string", "description": "[Optional] Metadata Cache Mode for the table. Set this to enable caching of metadata from external data source." }, "objectMetadata": { "type": "string", "description": "ObjectMetadata is used to create Object Tables. Object Tables contain a listing of objects (with their metadata) found at the source_uris. If ObjectMetadata is set, source_format should be omitted. Currently SIMPLE is the only supported Object Metadata type." }, "parquetOptions": { "$ref": "#/types/google-native:bigquery%2Fv2:ParquetOptionsResponse", "description": "Additional properties to set if sourceFormat is set to Parquet." }, "referenceFileSchemaUri": { "type": "string", "description": "[Optional] Provide a referencing file with the expected table schema. Enabled for the format: AVRO, PARQUET, ORC." }, "schema": { "$ref": "#/types/google-native:bigquery%2Fv2:TableSchemaResponse", "description": "[Optional] The schema for the data. Schema is required for CSV and JSON formats. Schema is disallowed for Google Cloud Bigtable, Cloud Datastore backups, and Avro formats." }, "sourceFormat": { "type": "string", "description": "[Required] The data format. For CSV files, specify \"CSV\". For Google sheets, specify \"GOOGLE_SHEETS\". For newline-delimited JSON, specify \"NEWLINE_DELIMITED_JSON\". For Avro files, specify \"AVRO\". For Google Cloud Datastore backups, specify \"DATASTORE_BACKUP\". [Beta] For Google Cloud Bigtable, specify \"BIGTABLE\"." }, "sourceUris": { "type": "array", "items": { "type": "string" }, "description": "[Required] The fully-qualified URIs that point to your data in Google Cloud. For Google Cloud Storage URIs: Each URI can contain one '*' wildcard character and it must come after the 'bucket' name. Size limits related to load jobs apply to external data sources. For Google Cloud Bigtable URIs: Exactly one URI can be specified and it has be a fully specified and valid HTTPS URL for a Google Cloud Bigtable table. For Google Cloud Datastore backups, exactly one URI can be specified. Also, the '*' wildcard character is not allowed." } }, "type": "object", "required": [ "autodetect", "avroOptions", "bigtableOptions", "compression", "connectionId", "csvOptions", "decimalTargetTypes", "fileSetSpecType", "googleSheetsOptions", "hivePartitioningOptions", "ignoreUnknownValues", "jsonOptions", "maxBadRecords", "metadataCacheMode", "objectMetadata", "parquetOptions", "referenceFileSchemaUri", "schema", "sourceFormat", "sourceUris" ] }, "google-native:bigquery/v2:ExternalDatasetReference": { "properties": { "connection": { "type": "string", "description": "[Required] The connection id that is used to access the external_source. Format: projects/{project_id}/locations/{location_id}/connections/{connection_id}" }, "externalSource": { "type": "string", "description": "[Required] External source that backs this dataset." } }, "type": "object" }, "google-native:bigquery/v2:ExternalDatasetReferenceResponse": { "properties": { "connection": { "type": "string", "description": "[Required] The connection id that is used to access the external_source. Format: projects/{project_id}/locations/{location_id}/connections/{connection_id}" }, "externalSource": { "type": "string", "description": "[Required] External source that backs this dataset." } }, "type": "object", "required": [ "connection", "externalSource" ] }, "google-native:bigquery/v2:GoogleSheetsOptions": { "properties": { "range": { "type": "string", "description": "[Optional] Range of a sheet to query from. Only used when non-empty. Typical format: sheet_name!top_left_cell_id:bottom_right_cell_id For example: sheet1!A1:B20" }, "skipLeadingRows": { "type": "string", "description": "[Optional] The number of rows at the top of a sheet that BigQuery will skip when reading the data. The default value is 0. This property is useful if you have header rows that should be skipped. When autodetect is on, behavior is the following: * skipLeadingRows unspecified - Autodetect tries to detect headers in the first row. If they are not detected, the row is read as data. Otherwise data is read starting from the second row. * skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. * skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, row N is just skipped. Otherwise row N is used to extract column names for the detected schema." } }, "type": "object" }, "google-native:bigquery/v2:GoogleSheetsOptionsResponse": { "properties": { "range": { "type": "string", "description": "[Optional] Range of a sheet to query from. Only used when non-empty. Typical format: sheet_name!top_left_cell_id:bottom_right_cell_id For example: sheet1!A1:B20" }, "skipLeadingRows": { "type": "string", "description": "[Optional] The number of rows at the top of a sheet that BigQuery will skip when reading the data. The default value is 0. This property is useful if you have header rows that should be skipped. When autodetect is on, behavior is the following: * skipLeadingRows unspecified - Autodetect tries to detect headers in the first row. If they are not detected, the row is read as data. Otherwise data is read starting from the second row. * skipLeadingRows is 0 - Instructs autodetect that there are no headers and data should be read starting from the first row. * skipLeadingRows = N > 0 - Autodetect skips N-1 rows and tries to detect headers in row N. If headers are not detected, row N is just skipped. Otherwise row N is used to extract column names for the detected schema." } }, "type": "object", "required": [ "range", "skipLeadingRows" ] }, "google-native:bigquery/v2:HivePartitioningOptions": { "properties": { "mode": { "type": "string", "description": "[Optional] When set, what mode of hive partitioning to use when reading data. The following modes are supported. (1) AUTO: automatically infer partition key name(s) and type(s). (2) STRINGS: automatically infer partition key name(s). All types are interpreted as strings. (3) CUSTOM: partition key schema is encoded in the source URI prefix. Not all storage formats support hive partitioning. Requesting hive partitioning on an unsupported format will lead to an error. Currently supported types include: AVRO, CSV, JSON, ORC and Parquet." }, "requirePartitionFilter": { "type": "boolean", "description": "[Optional] If set to true, queries over this table require a partition filter that can be used for partition elimination to be specified. Note that this field should only be true when creating a permanent external table or querying a temporary external table. Hive-partitioned loads with requirePartitionFilter explicitly set to true will fail." }, "sourceUriPrefix": { "type": "string", "description": "[Optional] When hive partition detection is requested, a common prefix for all source uris should be supplied. The prefix must end immediately before the partition key encoding begins. For example, consider files following this data layout. gs://bucket/path_to_table/dt=2019-01-01/country=BR/id=7/file.avro gs://bucket/path_to_table/dt=2018-12-31/country=CA/id=3/file.avro When hive partitioning is requested with either AUTO or STRINGS detection, the common prefix can be either of gs://bucket/path_to_table or gs://bucket/path_to_table/ (trailing slash does not matter)." } }, "type": "object" }, "google-native:bigquery/v2:HivePartitioningOptionsResponse": { "properties": { "fields": { "type": "array", "items": { "type": "string" }, "description": "For permanent external tables, this field is populated with the hive partition keys in the order they were inferred. The types of the partition keys can be deduced by checking the table schema (which will include the partition keys). Not every API will populate this field in the output. For example, Tables.Get will populate it, but Tables.List will not contain this field." }, "mode": { "type": "string", "description": "[Optional] When set, what mode of hive partitioning to use when reading data. The following modes are supported. (1) AUTO: automatically infer partition key name(s) and type(s). (2) STRINGS: automatically infer partition key name(s). All types are interpreted as strings. (3) CUSTOM: partition key schema is encoded in the source URI prefix. Not all storage formats support hive partitioning. Requesting hive partitioning on an unsupported format will lead to an error. Currently supported types include: AVRO, CSV, JSON, ORC and Parquet." }, "requirePartitionFilter": { "type": "boolean", "description": "[Optional] If set to true, queries over this table require a partition filter that can be used for partition elimination to be specified. Note that this field should only be true when creating a permanent external table or querying a temporary external table. Hive-partitioned loads with requirePartitionFilter explicitly set to true will fail." }, "sourceUriPrefix": { "type": "string", "description": "[Optional] When hive partition detection is requested, a common prefix for all source uris should be supplied. The prefix must end immediately before the partition key encoding begins. For example, consider files following this data layout. gs://bucket/path_to_table/dt=2019-01-01/country=BR/id=7/file.avro gs://bucket/path_to_table/dt=2018-12-31/country=CA/id=3/file.avro When hive partitioning is requested with either AUTO or STRINGS detection, the common prefix can be either of gs://bucket/path_to_table or gs://bucket/path_to_table/ (trailing slash does not matter)." } }, "type": "object", "required": [ "fields", "mode", "requirePartitionFilter", "sourceUriPrefix" ] }, "google-native:bigquery/v2:IndexUnusedReasonResponse": { "properties": { "baseTable": { "$ref": "#/types/google-native:bigquery%2Fv2:TableReferenceResponse", "description": "Specifies the base table involved in the reason that no search index was used." }, "code": { "type": "string", "description": "Specifies the high-level reason for the scenario when no search index was used." }, "indexName": { "type": "string", "description": "Specifies the name of the unused search index, if available." }, "message": { "type": "string", "description": "Free form human-readable reason for the scenario when no search index was used." } }, "type": "object", "required": [ "baseTable", "code", "indexName", "message" ] }, "google-native:bigquery/v2:IterationResultResponse": { "properties": { "durationMs": { "type": "string", "description": "Time taken to run the iteration in milliseconds." }, "evalLoss": { "type": "number", "description": "Loss computed on the eval data at the end of iteration." }, "index": { "type": "integer", "description": "Index of the iteration, 0 based." }, "learnRate": { "type": "number", "description": "Learn rate used for this iteration." }, "trainingLoss": { "type": "number", "description": "Loss computed on the training data at the end of iteration." } }, "type": "object", "required": [ "durationMs", "evalLoss", "index", "learnRate", "trainingLoss" ] }, "google-native:bigquery/v2:JobConfiguration": { "properties": { "copy": { "$ref": "#/types/google-native:bigquery%2Fv2:JobConfigurationTableCopy", "description": "[Pick one] Copies a table." }, "dryRun": { "type": "boolean", "description": "[Optional] If set, don't actually run this job. A valid query will return a mostly empty response with some processing statistics, while an invalid query will return the same error it would if it wasn't a dry run. Behavior of non-query jobs is undefined." }, "extract": { "$ref": "#/types/google-native:bigquery%2Fv2:JobConfigurationExtract", "description": "[Pick one] Configures an extract job." }, "jobTimeoutMs": { "type": "string", "description": "[Optional] Job timeout in milliseconds. If this time limit is exceeded, BigQuery may attempt to terminate the job." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The labels associated with this job. You can use these to organize and group your jobs. Label keys and values can be no longer than 63 characters, can only contain lowercase letters, numeric characters, underscores and dashes. International characters are allowed. Label values are optional. Label keys must start with a letter and each label in the list must have a different key." }, "load": { "$ref": "#/types/google-native:bigquery%2Fv2:JobConfigurationLoad", "description": "[Pick one] Configures a load job." }, "query": { "$ref": "#/types/google-native:bigquery%2Fv2:JobConfigurationQuery", "description": "[Pick one] Configures a query job." } }, "type": "object" }, "google-native:bigquery/v2:JobConfigurationExtract": { "properties": { "compression": { "type": "string", "description": "[Optional] The compression type to use for exported files. Possible values include GZIP, DEFLATE, SNAPPY, and NONE. The default value is NONE. DEFLATE and SNAPPY are only supported for Avro. Not applicable when extracting models." }, "destinationFormat": { "type": "string", "description": "[Optional] The exported file format. Possible values include CSV, NEWLINE_DELIMITED_JSON, PARQUET or AVRO for tables and ML_TF_SAVED_MODEL or ML_XGBOOST_BOOSTER for models. The default value for tables is CSV. Tables with nested or repeated fields cannot be exported as CSV. The default value for models is ML_TF_SAVED_MODEL." }, "destinationUri": { "type": "string", "description": "[Pick one] DEPRECATED: Use destinationUris instead, passing only one URI as necessary. The fully-qualified Google Cloud Storage URI where the extracted table should be written." }, "destinationUris": { "type": "array", "items": { "type": "string" }, "description": "[Pick one] A list of fully-qualified Google Cloud Storage URIs where the extracted table should be written." }, "fieldDelimiter": { "type": "string", "description": "[Optional] Delimiter to use between fields in the exported data. Default is ','. Not applicable when extracting models." }, "printHeader": { "type": "boolean", "description": "[Optional] Whether to print out a header row in the results. Default is true. Not applicable when extracting models." }, "sourceModel": { "$ref": "#/types/google-native:bigquery%2Fv2:ModelReference", "description": "A reference to the model being exported." }, "sourceTable": { "$ref": "#/types/google-native:bigquery%2Fv2:TableReference", "description": "A reference to the table being exported." }, "useAvroLogicalTypes": { "type": "boolean", "description": "[Optional] If destinationFormat is set to \"AVRO\", this flag indicates whether to enable extracting applicable column types (such as TIMESTAMP) to their corresponding AVRO logical types (timestamp-micros), instead of only using their raw types (avro-long). Not applicable when extracting models." } }, "type": "object" }, "google-native:bigquery/v2:JobConfigurationExtractResponse": { "properties": { "compression": { "type": "string", "description": "[Optional] The compression type to use for exported files. Possible values include GZIP, DEFLATE, SNAPPY, and NONE. The default value is NONE. DEFLATE and SNAPPY are only supported for Avro. Not applicable when extracting models." }, "destinationFormat": { "type": "string", "description": "[Optional] The exported file format. Possible values include CSV, NEWLINE_DELIMITED_JSON, PARQUET or AVRO for tables and ML_TF_SAVED_MODEL or ML_XGBOOST_BOOSTER for models. The default value for tables is CSV. Tables with nested or repeated fields cannot be exported as CSV. The default value for models is ML_TF_SAVED_MODEL." }, "destinationUri": { "type": "string", "description": "[Pick one] DEPRECATED: Use destinationUris instead, passing only one URI as necessary. The fully-qualified Google Cloud Storage URI where the extracted table should be written." }, "destinationUris": { "type": "array", "items": { "type": "string" }, "description": "[Pick one] A list of fully-qualified Google Cloud Storage URIs where the extracted table should be written." }, "fieldDelimiter": { "type": "string", "description": "[Optional] Delimiter to use between fields in the exported data. Default is ','. Not applicable when extracting models." }, "printHeader": { "type": "boolean", "description": "[Optional] Whether to print out a header row in the results. Default is true. Not applicable when extracting models." }, "sourceModel": { "$ref": "#/types/google-native:bigquery%2Fv2:ModelReferenceResponse", "description": "A reference to the model being exported." }, "sourceTable": { "$ref": "#/types/google-native:bigquery%2Fv2:TableReferenceResponse", "description": "A reference to the table being exported." }, "useAvroLogicalTypes": { "type": "boolean", "description": "[Optional] If destinationFormat is set to \"AVRO\", this flag indicates whether to enable extracting applicable column types (such as TIMESTAMP) to their corresponding AVRO logical types (timestamp-micros), instead of only using their raw types (avro-long). Not applicable when extracting models." } }, "type": "object", "required": [ "compression", "destinationFormat", "destinationUri", "destinationUris", "fieldDelimiter", "printHeader", "sourceModel", "sourceTable", "useAvroLogicalTypes" ] }, "google-native:bigquery/v2:JobConfigurationLoad": { "properties": { "allowJaggedRows": { "type": "boolean", "description": "[Optional] Accept rows that are missing trailing optional columns. The missing values are treated as nulls. If false, records with missing trailing columns are treated as bad records, and if there are too many bad records, an invalid error is returned in the job result. The default value is false. Only applicable to CSV, ignored for other formats." }, "allowQuotedNewlines": { "type": "boolean", "description": "Indicates if BigQuery should allow quoted data sections that contain newline characters in a CSV file. The default value is false." }, "autodetect": { "type": "boolean", "description": "[Optional] Indicates if we should automatically infer the options and schema for CSV and JSON sources." }, "clustering": { "$ref": "#/types/google-native:bigquery%2Fv2:Clustering", "description": "[Beta] Clustering specification for the destination table. Must be specified with time-based partitioning, data in the table will be first partitioned and subsequently clustered." }, "connectionProperties": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:ConnectionProperty" }, "description": "Connection properties." }, "createDisposition": { "type": "string", "description": "[Optional] Specifies whether the job is allowed to create new tables. The following values are supported: CREATE_IF_NEEDED: If the table does not exist, BigQuery creates the table. CREATE_NEVER: The table must already exist. If it does not, a 'notFound' error is returned in the job result. The default value is CREATE_IF_NEEDED. Creation, truncation and append actions occur as one atomic update upon job completion." }, "createSession": { "type": "boolean", "description": "If true, creates a new session, where session id will be a server generated random id. If false, runs query with an existing session_id passed in ConnectionProperty, otherwise runs the load job in non-session mode." }, "decimalTargetTypes": { "type": "array", "items": { "type": "string" }, "description": "[Optional] Defines the list of possible SQL data types to which the source decimal values are converted. This list and the precision and the scale parameters of the decimal field determine the target type. In the order of NUMERIC, BIGNUMERIC, and STRING, a type is picked if it is in the specified list and if it supports the precision and the scale. STRING supports all precision and scale values. If none of the listed types supports the precision and the scale, the type supporting the widest range in the specified list is picked, and if a value exceeds the supported range when reading the data, an error will be thrown. Example: Suppose the value of this field is [\"NUMERIC\", \"BIGNUMERIC\"]. If (precision,scale) is: (38,9) -> NUMERIC; (39,9) -> BIGNUMERIC (NUMERIC cannot hold 30 integer digits); (38,10) -> BIGNUMERIC (NUMERIC cannot hold 10 fractional digits); (76,38) -> BIGNUMERIC; (77,38) -> BIGNUMERIC (error if value exeeds supported range). This field cannot contain duplicate types. The order of the types in this field is ignored. For example, [\"BIGNUMERIC\", \"NUMERIC\"] is the same as [\"NUMERIC\", \"BIGNUMERIC\"] and NUMERIC always takes precedence over BIGNUMERIC. Defaults to [\"NUMERIC\", \"STRING\"] for ORC and [\"NUMERIC\"] for the other file formats." }, "destinationEncryptionConfiguration": { "$ref": "#/types/google-native:bigquery%2Fv2:EncryptionConfiguration", "description": "Custom encryption configuration (e.g., Cloud KMS keys)." }, "destinationTable": { "$ref": "#/types/google-native:bigquery%2Fv2:TableReference", "description": "[Required] The destination table to load the data into." }, "destinationTableProperties": { "$ref": "#/types/google-native:bigquery%2Fv2:DestinationTableProperties", "description": "[Beta] [Optional] Properties with which to create the destination table if it is new." }, "encoding": { "type": "string", "description": "[Optional] The character encoding of the data. The supported values are UTF-8 or ISO-8859-1. The default value is UTF-8. BigQuery decodes the data after the raw, binary data has been split using the values of the quote and fieldDelimiter properties." }, "fieldDelimiter": { "type": "string", "description": "[Optional] The separator for fields in a CSV file. The separator can be any ISO-8859-1 single-byte character. To use a character in the range 128-255, you must encode the character as UTF8. BigQuery converts the string to ISO-8859-1 encoding, and then uses the first byte of the encoded string to split the data in its raw, binary state. BigQuery also supports the escape sequence \"\\t\" to specify a tab separator. The default value is a comma (',')." }, "fileSetSpecType": { "type": "string", "description": "[Optional] Specifies how source URIs are interpreted for constructing the file set to load. By default source URIs are expanded against the underlying storage. Other options include specifying manifest files. Only applicable to object storage systems." }, "hivePartitioningOptions": { "$ref": "#/types/google-native:bigquery%2Fv2:HivePartitioningOptions", "description": "[Optional] Options to configure hive partitioning support." }, "ignoreUnknownValues": { "type": "boolean", "description": "[Optional] Indicates if BigQuery should allow extra values that are not represented in the table schema. If true, the extra values are ignored. If false, records with extra columns are treated as bad records, and if there are too many bad records, an invalid error is returned in the job result. The default value is false. The sourceFormat property determines what BigQuery treats as an extra value: CSV: Trailing columns JSON: Named values that don't match any column names" }, "jsonExtension": { "type": "string", "description": "[Optional] If sourceFormat is set to newline-delimited JSON, indicates whether it should be processed as a JSON variant such as GeoJSON. For a sourceFormat other than JSON, omit this field. If the sourceFormat is newline-delimited JSON: - for newline-delimited GeoJSON: set to GEOJSON." }, "maxBadRecords": { "type": "integer", "description": "[Optional] The maximum number of bad records that BigQuery can ignore when running the job. If the number of bad records exceeds this value, an invalid error is returned in the job result. This is only valid for CSV and JSON. The default value is 0, which requires that all records are valid." }, "nullMarker": { "type": "string", "description": "[Optional] Specifies a string that represents a null value in a CSV file. For example, if you specify \"\\N\", BigQuery interprets \"\\N\" as a null value when loading a CSV file. The default value is the empty string. If you set this property to a custom value, BigQuery throws an error if an empty string is present for all data types except for STRING and BYTE. For STRING and BYTE columns, BigQuery interprets the empty string as an empty value." }, "parquetOptions": { "$ref": "#/types/google-native:bigquery%2Fv2:ParquetOptions", "description": "[Optional] Options to configure parquet support." }, "preserveAsciiControlCharacters": { "type": "boolean", "description": "[Optional] Preserves the embedded ASCII control characters (the first 32 characters in the ASCII-table, from '\\x00' to '\\x1F') when loading from CSV. Only applicable to CSV, ignored for other formats." }, "projectionFields": { "type": "array", "items": { "type": "string" }, "description": "If sourceFormat is set to \"DATASTORE_BACKUP\", indicates which entity properties to load into BigQuery from a Cloud Datastore backup. Property names are case sensitive and must be top-level properties. If no properties are specified, BigQuery loads all properties. If any named property isn't found in the Cloud Datastore backup, an invalid error is returned in the job result." }, "quote": { "type": "string", "description": "[Optional] The value that is used to quote data sections in a CSV file. BigQuery converts the string to ISO-8859-1 encoding, and then uses the first byte of the encoded string to split the data in its raw, binary state. The default value is a double-quote ('\"'). If your data does not contain quoted sections, set the property value to an empty string. If your data contains quoted newline characters, you must also set the allowQuotedNewlines property to true." }, "rangePartitioning": { "$ref": "#/types/google-native:bigquery%2Fv2:RangePartitioning", "description": "[TrustedTester] Range partitioning specification for this table. Only one of timePartitioning and rangePartitioning should be specified." }, "referenceFileSchemaUri": { "type": "string", "description": "User provided referencing file with the expected reader schema, Available for the format: AVRO, PARQUET, ORC." }, "schema": { "$ref": "#/types/google-native:bigquery%2Fv2:TableSchema", "description": "[Optional] The schema for the destination table. The schema can be omitted if the destination table already exists, or if you're loading data from Google Cloud Datastore." }, "schemaInline": { "type": "string", "description": "[Deprecated] The inline schema. For CSV schemas, specify as \"Field1:Type1[,Field2:Type2]*\". For example, \"foo:STRING, bar:INTEGER, baz:FLOAT\".", "deprecationMessage": "[Deprecated] The inline schema. For CSV schemas, specify as \"Field1:Type1[,Field2:Type2]*\". For example, \"foo:STRING, bar:INTEGER, baz:FLOAT\"." }, "schemaInlineFormat": { "type": "string", "description": "[Deprecated] The format of the schemaInline property.", "deprecationMessage": "[Deprecated] The format of the schemaInline property." }, "schemaUpdateOptions": { "type": "array", "items": { "type": "string" }, "description": "Allows the schema of the destination table to be updated as a side effect of the load job if a schema is autodetected or supplied in the job configuration. Schema update options are supported in two cases: when writeDisposition is WRITE_APPEND; when writeDisposition is WRITE_TRUNCATE and the destination table is a partition of a table, specified by partition decorators. For normal tables, WRITE_TRUNCATE will always overwrite the schema. One or more of the following values are specified: ALLOW_FIELD_ADDITION: allow adding a nullable field to the schema. ALLOW_FIELD_RELAXATION: allow relaxing a required field in the original schema to nullable." }, "skipLeadingRows": { "type": "integer", "description": "[Optional] The number of rows at the top of a CSV file that BigQuery will skip when loading the data. The default value is 0. This property is useful if you have header rows in the file that should be skipped." }, "sourceFormat": { "type": "string", "description": "[Optional] The format of the data files. For CSV files, specify \"CSV\". For datastore backups, specify \"DATASTORE_BACKUP\". For newline-delimited JSON, specify \"NEWLINE_DELIMITED_JSON\". For Avro, specify \"AVRO\". For parquet, specify \"PARQUET\". For orc, specify \"ORC\". The default value is CSV." }, "sourceUris": { "type": "array", "items": { "type": "string" }, "description": "[Required] The fully-qualified URIs that point to your data in Google Cloud. For Google Cloud Storage URIs: Each URI can contain one '*' wildcard character and it must come after the 'bucket' name. Size limits related to load jobs apply to external data sources. For Google Cloud Bigtable URIs: Exactly one URI can be specified and it has be a fully specified and valid HTTPS URL for a Google Cloud Bigtable table. For Google Cloud Datastore backups: Exactly one URI can be specified. Also, the '*' wildcard character is not allowed." }, "timePartitioning": { "$ref": "#/types/google-native:bigquery%2Fv2:TimePartitioning", "description": "Time-based partitioning specification for the destination table. Only one of timePartitioning and rangePartitioning should be specified." }, "useAvroLogicalTypes": { "type": "boolean", "description": "[Optional] If sourceFormat is set to \"AVRO\", indicates whether to interpret logical types as the corresponding BigQuery data type (for example, TIMESTAMP), instead of using the raw type (for example, INTEGER)." }, "writeDisposition": { "type": "string", "description": "[Optional] Specifies the action that occurs if the destination table already exists. The following values are supported: WRITE_TRUNCATE: If the table already exists, BigQuery overwrites the table data. WRITE_APPEND: If the table already exists, BigQuery appends the data to the table. WRITE_EMPTY: If the table already exists and contains data, a 'duplicate' error is returned in the job result. The default value is WRITE_APPEND. Each action is atomic and only occurs if BigQuery is able to complete the job successfully. Creation, truncation and append actions occur as one atomic update upon job completion." } }, "type": "object" }, "google-native:bigquery/v2:JobConfigurationLoadResponse": { "properties": { "allowJaggedRows": { "type": "boolean", "description": "[Optional] Accept rows that are missing trailing optional columns. The missing values are treated as nulls. If false, records with missing trailing columns are treated as bad records, and if there are too many bad records, an invalid error is returned in the job result. The default value is false. Only applicable to CSV, ignored for other formats." }, "allowQuotedNewlines": { "type": "boolean", "description": "Indicates if BigQuery should allow quoted data sections that contain newline characters in a CSV file. The default value is false." }, "autodetect": { "type": "boolean", "description": "[Optional] Indicates if we should automatically infer the options and schema for CSV and JSON sources." }, "clustering": { "$ref": "#/types/google-native:bigquery%2Fv2:ClusteringResponse", "description": "[Beta] Clustering specification for the destination table. Must be specified with time-based partitioning, data in the table will be first partitioned and subsequently clustered." }, "connectionProperties": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:ConnectionPropertyResponse" }, "description": "Connection properties." }, "createDisposition": { "type": "string", "description": "[Optional] Specifies whether the job is allowed to create new tables. The following values are supported: CREATE_IF_NEEDED: If the table does not exist, BigQuery creates the table. CREATE_NEVER: The table must already exist. If it does not, a 'notFound' error is returned in the job result. The default value is CREATE_IF_NEEDED. Creation, truncation and append actions occur as one atomic update upon job completion." }, "createSession": { "type": "boolean", "description": "If true, creates a new session, where session id will be a server generated random id. If false, runs query with an existing session_id passed in ConnectionProperty, otherwise runs the load job in non-session mode." }, "decimalTargetTypes": { "type": "array", "items": { "type": "string" }, "description": "[Optional] Defines the list of possible SQL data types to which the source decimal values are converted. This list and the precision and the scale parameters of the decimal field determine the target type. In the order of NUMERIC, BIGNUMERIC, and STRING, a type is picked if it is in the specified list and if it supports the precision and the scale. STRING supports all precision and scale values. If none of the listed types supports the precision and the scale, the type supporting the widest range in the specified list is picked, and if a value exceeds the supported range when reading the data, an error will be thrown. Example: Suppose the value of this field is [\"NUMERIC\", \"BIGNUMERIC\"]. If (precision,scale) is: (38,9) -> NUMERIC; (39,9) -> BIGNUMERIC (NUMERIC cannot hold 30 integer digits); (38,10) -> BIGNUMERIC (NUMERIC cannot hold 10 fractional digits); (76,38) -> BIGNUMERIC; (77,38) -> BIGNUMERIC (error if value exeeds supported range). This field cannot contain duplicate types. The order of the types in this field is ignored. For example, [\"BIGNUMERIC\", \"NUMERIC\"] is the same as [\"NUMERIC\", \"BIGNUMERIC\"] and NUMERIC always takes precedence over BIGNUMERIC. Defaults to [\"NUMERIC\", \"STRING\"] for ORC and [\"NUMERIC\"] for the other file formats." }, "destinationEncryptionConfiguration": { "$ref": "#/types/google-native:bigquery%2Fv2:EncryptionConfigurationResponse", "description": "Custom encryption configuration (e.g., Cloud KMS keys)." }, "destinationTable": { "$ref": "#/types/google-native:bigquery%2Fv2:TableReferenceResponse", "description": "[Required] The destination table to load the data into." }, "destinationTableProperties": { "$ref": "#/types/google-native:bigquery%2Fv2:DestinationTablePropertiesResponse", "description": "[Beta] [Optional] Properties with which to create the destination table if it is new." }, "encoding": { "type": "string", "description": "[Optional] The character encoding of the data. The supported values are UTF-8 or ISO-8859-1. The default value is UTF-8. BigQuery decodes the data after the raw, binary data has been split using the values of the quote and fieldDelimiter properties." }, "fieldDelimiter": { "type": "string", "description": "[Optional] The separator for fields in a CSV file. The separator can be any ISO-8859-1 single-byte character. To use a character in the range 128-255, you must encode the character as UTF8. BigQuery converts the string to ISO-8859-1 encoding, and then uses the first byte of the encoded string to split the data in its raw, binary state. BigQuery also supports the escape sequence \"\\t\" to specify a tab separator. The default value is a comma (',')." }, "fileSetSpecType": { "type": "string", "description": "[Optional] Specifies how source URIs are interpreted for constructing the file set to load. By default source URIs are expanded against the underlying storage. Other options include specifying manifest files. Only applicable to object storage systems." }, "hivePartitioningOptions": { "$ref": "#/types/google-native:bigquery%2Fv2:HivePartitioningOptionsResponse", "description": "[Optional] Options to configure hive partitioning support." }, "ignoreUnknownValues": { "type": "boolean", "description": "[Optional] Indicates if BigQuery should allow extra values that are not represented in the table schema. If true, the extra values are ignored. If false, records with extra columns are treated as bad records, and if there are too many bad records, an invalid error is returned in the job result. The default value is false. The sourceFormat property determines what BigQuery treats as an extra value: CSV: Trailing columns JSON: Named values that don't match any column names" }, "jsonExtension": { "type": "string", "description": "[Optional] If sourceFormat is set to newline-delimited JSON, indicates whether it should be processed as a JSON variant such as GeoJSON. For a sourceFormat other than JSON, omit this field. If the sourceFormat is newline-delimited JSON: - for newline-delimited GeoJSON: set to GEOJSON." }, "maxBadRecords": { "type": "integer", "description": "[Optional] The maximum number of bad records that BigQuery can ignore when running the job. If the number of bad records exceeds this value, an invalid error is returned in the job result. This is only valid for CSV and JSON. The default value is 0, which requires that all records are valid." }, "nullMarker": { "type": "string", "description": "[Optional] Specifies a string that represents a null value in a CSV file. For example, if you specify \"\\N\", BigQuery interprets \"\\N\" as a null value when loading a CSV file. The default value is the empty string. If you set this property to a custom value, BigQuery throws an error if an empty string is present for all data types except for STRING and BYTE. For STRING and BYTE columns, BigQuery interprets the empty string as an empty value." }, "parquetOptions": { "$ref": "#/types/google-native:bigquery%2Fv2:ParquetOptionsResponse", "description": "[Optional] Options to configure parquet support." }, "preserveAsciiControlCharacters": { "type": "boolean", "description": "[Optional] Preserves the embedded ASCII control characters (the first 32 characters in the ASCII-table, from '\\x00' to '\\x1F') when loading from CSV. Only applicable to CSV, ignored for other formats." }, "projectionFields": { "type": "array", "items": { "type": "string" }, "description": "If sourceFormat is set to \"DATASTORE_BACKUP\", indicates which entity properties to load into BigQuery from a Cloud Datastore backup. Property names are case sensitive and must be top-level properties. If no properties are specified, BigQuery loads all properties. If any named property isn't found in the Cloud Datastore backup, an invalid error is returned in the job result." }, "quote": { "type": "string", "description": "[Optional] The value that is used to quote data sections in a CSV file. BigQuery converts the string to ISO-8859-1 encoding, and then uses the first byte of the encoded string to split the data in its raw, binary state. The default value is a double-quote ('\"'). If your data does not contain quoted sections, set the property value to an empty string. If your data contains quoted newline characters, you must also set the allowQuotedNewlines property to true." }, "rangePartitioning": { "$ref": "#/types/google-native:bigquery%2Fv2:RangePartitioningResponse", "description": "[TrustedTester] Range partitioning specification for this table. Only one of timePartitioning and rangePartitioning should be specified." }, "referenceFileSchemaUri": { "type": "string", "description": "User provided referencing file with the expected reader schema, Available for the format: AVRO, PARQUET, ORC." }, "schema": { "$ref": "#/types/google-native:bigquery%2Fv2:TableSchemaResponse", "description": "[Optional] The schema for the destination table. The schema can be omitted if the destination table already exists, or if you're loading data from Google Cloud Datastore." }, "schemaInline": { "type": "string", "description": "[Deprecated] The inline schema. For CSV schemas, specify as \"Field1:Type1[,Field2:Type2]*\". For example, \"foo:STRING, bar:INTEGER, baz:FLOAT\".", "deprecationMessage": "[Deprecated] The inline schema. For CSV schemas, specify as \"Field1:Type1[,Field2:Type2]*\". For example, \"foo:STRING, bar:INTEGER, baz:FLOAT\"." }, "schemaInlineFormat": { "type": "string", "description": "[Deprecated] The format of the schemaInline property.", "deprecationMessage": "[Deprecated] The format of the schemaInline property." }, "schemaUpdateOptions": { "type": "array", "items": { "type": "string" }, "description": "Allows the schema of the destination table to be updated as a side effect of the load job if a schema is autodetected or supplied in the job configuration. Schema update options are supported in two cases: when writeDisposition is WRITE_APPEND; when writeDisposition is WRITE_TRUNCATE and the destination table is a partition of a table, specified by partition decorators. For normal tables, WRITE_TRUNCATE will always overwrite the schema. One or more of the following values are specified: ALLOW_FIELD_ADDITION: allow adding a nullable field to the schema. ALLOW_FIELD_RELAXATION: allow relaxing a required field in the original schema to nullable." }, "skipLeadingRows": { "type": "integer", "description": "[Optional] The number of rows at the top of a CSV file that BigQuery will skip when loading the data. The default value is 0. This property is useful if you have header rows in the file that should be skipped." }, "sourceFormat": { "type": "string", "description": "[Optional] The format of the data files. For CSV files, specify \"CSV\". For datastore backups, specify \"DATASTORE_BACKUP\". For newline-delimited JSON, specify \"NEWLINE_DELIMITED_JSON\". For Avro, specify \"AVRO\". For parquet, specify \"PARQUET\". For orc, specify \"ORC\". The default value is CSV." }, "sourceUris": { "type": "array", "items": { "type": "string" }, "description": "[Required] The fully-qualified URIs that point to your data in Google Cloud. For Google Cloud Storage URIs: Each URI can contain one '*' wildcard character and it must come after the 'bucket' name. Size limits related to load jobs apply to external data sources. For Google Cloud Bigtable URIs: Exactly one URI can be specified and it has be a fully specified and valid HTTPS URL for a Google Cloud Bigtable table. For Google Cloud Datastore backups: Exactly one URI can be specified. Also, the '*' wildcard character is not allowed." }, "timePartitioning": { "$ref": "#/types/google-native:bigquery%2Fv2:TimePartitioningResponse", "description": "Time-based partitioning specification for the destination table. Only one of timePartitioning and rangePartitioning should be specified." }, "useAvroLogicalTypes": { "type": "boolean", "description": "[Optional] If sourceFormat is set to \"AVRO\", indicates whether to interpret logical types as the corresponding BigQuery data type (for example, TIMESTAMP), instead of using the raw type (for example, INTEGER)." }, "writeDisposition": { "type": "string", "description": "[Optional] Specifies the action that occurs if the destination table already exists. The following values are supported: WRITE_TRUNCATE: If the table already exists, BigQuery overwrites the table data. WRITE_APPEND: If the table already exists, BigQuery appends the data to the table. WRITE_EMPTY: If the table already exists and contains data, a 'duplicate' error is returned in the job result. The default value is WRITE_APPEND. Each action is atomic and only occurs if BigQuery is able to complete the job successfully. Creation, truncation and append actions occur as one atomic update upon job completion." } }, "type": "object", "required": [ "allowJaggedRows", "allowQuotedNewlines", "autodetect", "clustering", "connectionProperties", "createDisposition", "createSession", "decimalTargetTypes", "destinationEncryptionConfiguration", "destinationTable", "destinationTableProperties", "encoding", "fieldDelimiter", "fileSetSpecType", "hivePartitioningOptions", "ignoreUnknownValues", "jsonExtension", "maxBadRecords", "nullMarker", "parquetOptions", "preserveAsciiControlCharacters", "projectionFields", "quote", "rangePartitioning", "referenceFileSchemaUri", "schema", "schemaInline", "schemaInlineFormat", "schemaUpdateOptions", "skipLeadingRows", "sourceFormat", "sourceUris", "timePartitioning", "useAvroLogicalTypes", "writeDisposition" ] }, "google-native:bigquery/v2:JobConfigurationQuery": { "properties": { "allowLargeResults": { "type": "boolean", "description": "[Optional] If true and query uses legacy SQL dialect, allows the query to produce arbitrarily large result tables at a slight cost in performance. Requires destinationTable to be set. For standard SQL queries, this flag is ignored and large results are always allowed. However, you must still set destinationTable when result size exceeds the allowed maximum response size." }, "clustering": { "$ref": "#/types/google-native:bigquery%2Fv2:Clustering", "description": "[Beta] Clustering specification for the destination table. Must be specified with time-based partitioning, data in the table will be first partitioned and subsequently clustered." }, "connectionProperties": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:ConnectionProperty" }, "description": "Connection properties." }, "continuous": { "type": "boolean", "description": "[Optional] Specifies whether the query should be executed as a continuous query. The default value is false." }, "createDisposition": { "type": "string", "description": "[Optional] Specifies whether the job is allowed to create new tables. The following values are supported: CREATE_IF_NEEDED: If the table does not exist, BigQuery creates the table. CREATE_NEVER: The table must already exist. If it does not, a 'notFound' error is returned in the job result. The default value is CREATE_IF_NEEDED. Creation, truncation and append actions occur as one atomic update upon job completion." }, "createSession": { "type": "boolean", "description": "If true, creates a new session, where session id will be a server generated random id. If false, runs query with an existing session_id passed in ConnectionProperty, otherwise runs query in non-session mode." }, "defaultDataset": { "$ref": "#/types/google-native:bigquery%2Fv2:DatasetReference", "description": "[Optional] Specifies the default dataset to use for unqualified table names in the query. Note that this does not alter behavior of unqualified dataset names." }, "destinationEncryptionConfiguration": { "$ref": "#/types/google-native:bigquery%2Fv2:EncryptionConfiguration", "description": "Custom encryption configuration (e.g., Cloud KMS keys)." }, "destinationTable": { "$ref": "#/types/google-native:bigquery%2Fv2:TableReference", "description": "[Optional] Describes the table where the query results should be stored. If not present, a new table will be created to store the results. This property must be set for large results that exceed the maximum response size." }, "flattenResults": { "type": "boolean", "description": "[Optional] If true and query uses legacy SQL dialect, flattens all nested and repeated fields in the query results. allowLargeResults must be true if this is set to false. For standard SQL queries, this flag is ignored and results are never flattened." }, "maximumBillingTier": { "type": "integer", "description": "[Optional] Limits the billing tier for this job. Queries that have resource usage beyond this tier will fail (without incurring a charge). If unspecified, this will be set to your project default." }, "maximumBytesBilled": { "type": "string", "description": "[Optional] Limits the bytes billed for this job. Queries that will have bytes billed beyond this limit will fail (without incurring a charge). If unspecified, this will be set to your project default." }, "parameterMode": { "type": "string", "description": "Standard SQL only. Set to POSITIONAL to use positional (?) query parameters or to NAMED to use named (@myparam) query parameters in this query." }, "preserveNulls": { "type": "boolean", "description": "[Deprecated] This property is deprecated.", "deprecationMessage": "[Deprecated] This property is deprecated." }, "priority": { "type": "string", "description": "[Optional] Specifies a priority for the query. Possible values include INTERACTIVE and BATCH. The default value is INTERACTIVE." }, "query": { "type": "string", "description": "[Required] SQL query text to execute. The useLegacySql field can be used to indicate whether the query uses legacy SQL or standard SQL." }, "queryParameters": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:QueryParameter" }, "description": "Query parameters for standard SQL queries." }, "rangePartitioning": { "$ref": "#/types/google-native:bigquery%2Fv2:RangePartitioning", "description": "[TrustedTester] Range partitioning specification for this table. Only one of timePartitioning and rangePartitioning should be specified." }, "schemaUpdateOptions": { "type": "array", "items": { "type": "string" }, "description": "Allows the schema of the destination table to be updated as a side effect of the query job. Schema update options are supported in two cases: when writeDisposition is WRITE_APPEND; when writeDisposition is WRITE_TRUNCATE and the destination table is a partition of a table, specified by partition decorators. For normal tables, WRITE_TRUNCATE will always overwrite the schema. One or more of the following values are specified: ALLOW_FIELD_ADDITION: allow adding a nullable field to the schema. ALLOW_FIELD_RELAXATION: allow relaxing a required field in the original schema to nullable." }, "tableDefinitions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "[Optional] If querying an external data source outside of BigQuery, describes the data format, location and other properties of the data source. By defining these properties, the data source can then be queried as if it were a standard BigQuery table." }, "timePartitioning": { "$ref": "#/types/google-native:bigquery%2Fv2:TimePartitioning", "description": "Time-based partitioning specification for the destination table. Only one of timePartitioning and rangePartitioning should be specified." }, "useLegacySql": { "type": "boolean", "description": "Specifies whether to use BigQuery's legacy SQL dialect for this query. The default value is true. If set to false, the query will use BigQuery's standard SQL: https://cloud.google.com/bigquery/sql-reference/ When useLegacySql is set to false, the value of flattenResults is ignored; query will be run as if flattenResults is false." }, "useQueryCache": { "type": "boolean", "description": "[Optional] Whether to look for the result in the query cache. The query cache is a best-effort cache that will be flushed whenever tables in the query are modified. Moreover, the query cache is only available when a query does not have a destination table specified. The default value is true." }, "userDefinedFunctionResources": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:UserDefinedFunctionResource" }, "description": "Describes user-defined function resources used in the query." }, "writeDisposition": { "type": "string", "description": "[Optional] Specifies the action that occurs if the destination table already exists. The following values are supported: WRITE_TRUNCATE: If the table already exists, BigQuery overwrites the table data and uses the schema from the query result. WRITE_APPEND: If the table already exists, BigQuery appends the data to the table. WRITE_EMPTY: If the table already exists and contains data, a 'duplicate' error is returned in the job result. The default value is WRITE_EMPTY. Each action is atomic and only occurs if BigQuery is able to complete the job successfully. Creation, truncation and append actions occur as one atomic update upon job completion." } }, "type": "object" }, "google-native:bigquery/v2:JobConfigurationQueryResponse": { "properties": { "allowLargeResults": { "type": "boolean", "description": "[Optional] If true and query uses legacy SQL dialect, allows the query to produce arbitrarily large result tables at a slight cost in performance. Requires destinationTable to be set. For standard SQL queries, this flag is ignored and large results are always allowed. However, you must still set destinationTable when result size exceeds the allowed maximum response size." }, "clustering": { "$ref": "#/types/google-native:bigquery%2Fv2:ClusteringResponse", "description": "[Beta] Clustering specification for the destination table. Must be specified with time-based partitioning, data in the table will be first partitioned and subsequently clustered." }, "connectionProperties": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:ConnectionPropertyResponse" }, "description": "Connection properties." }, "continuous": { "type": "boolean", "description": "[Optional] Specifies whether the query should be executed as a continuous query. The default value is false." }, "createDisposition": { "type": "string", "description": "[Optional] Specifies whether the job is allowed to create new tables. The following values are supported: CREATE_IF_NEEDED: If the table does not exist, BigQuery creates the table. CREATE_NEVER: The table must already exist. If it does not, a 'notFound' error is returned in the job result. The default value is CREATE_IF_NEEDED. Creation, truncation and append actions occur as one atomic update upon job completion." }, "createSession": { "type": "boolean", "description": "If true, creates a new session, where session id will be a server generated random id. If false, runs query with an existing session_id passed in ConnectionProperty, otherwise runs query in non-session mode." }, "defaultDataset": { "$ref": "#/types/google-native:bigquery%2Fv2:DatasetReferenceResponse", "description": "[Optional] Specifies the default dataset to use for unqualified table names in the query. Note that this does not alter behavior of unqualified dataset names." }, "destinationEncryptionConfiguration": { "$ref": "#/types/google-native:bigquery%2Fv2:EncryptionConfigurationResponse", "description": "Custom encryption configuration (e.g., Cloud KMS keys)." }, "destinationTable": { "$ref": "#/types/google-native:bigquery%2Fv2:TableReferenceResponse", "description": "[Optional] Describes the table where the query results should be stored. If not present, a new table will be created to store the results. This property must be set for large results that exceed the maximum response size." }, "flattenResults": { "type": "boolean", "description": "[Optional] If true and query uses legacy SQL dialect, flattens all nested and repeated fields in the query results. allowLargeResults must be true if this is set to false. For standard SQL queries, this flag is ignored and results are never flattened." }, "maximumBillingTier": { "type": "integer", "description": "[Optional] Limits the billing tier for this job. Queries that have resource usage beyond this tier will fail (without incurring a charge). If unspecified, this will be set to your project default." }, "maximumBytesBilled": { "type": "string", "description": "[Optional] Limits the bytes billed for this job. Queries that will have bytes billed beyond this limit will fail (without incurring a charge). If unspecified, this will be set to your project default." }, "parameterMode": { "type": "string", "description": "Standard SQL only. Set to POSITIONAL to use positional (?) query parameters or to NAMED to use named (@myparam) query parameters in this query." }, "preserveNulls": { "type": "boolean", "description": "[Deprecated] This property is deprecated.", "deprecationMessage": "[Deprecated] This property is deprecated." }, "priority": { "type": "string", "description": "[Optional] Specifies a priority for the query. Possible values include INTERACTIVE and BATCH. The default value is INTERACTIVE." }, "query": { "type": "string", "description": "[Required] SQL query text to execute. The useLegacySql field can be used to indicate whether the query uses legacy SQL or standard SQL." }, "queryParameters": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:QueryParameterResponse" }, "description": "Query parameters for standard SQL queries." }, "rangePartitioning": { "$ref": "#/types/google-native:bigquery%2Fv2:RangePartitioningResponse", "description": "[TrustedTester] Range partitioning specification for this table. Only one of timePartitioning and rangePartitioning should be specified." }, "schemaUpdateOptions": { "type": "array", "items": { "type": "string" }, "description": "Allows the schema of the destination table to be updated as a side effect of the query job. Schema update options are supported in two cases: when writeDisposition is WRITE_APPEND; when writeDisposition is WRITE_TRUNCATE and the destination table is a partition of a table, specified by partition decorators. For normal tables, WRITE_TRUNCATE will always overwrite the schema. One or more of the following values are specified: ALLOW_FIELD_ADDITION: allow adding a nullable field to the schema. ALLOW_FIELD_RELAXATION: allow relaxing a required field in the original schema to nullable." }, "tableDefinitions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "[Optional] If querying an external data source outside of BigQuery, describes the data format, location and other properties of the data source. By defining these properties, the data source can then be queried as if it were a standard BigQuery table." }, "timePartitioning": { "$ref": "#/types/google-native:bigquery%2Fv2:TimePartitioningResponse", "description": "Time-based partitioning specification for the destination table. Only one of timePartitioning and rangePartitioning should be specified." }, "useLegacySql": { "type": "boolean", "description": "Specifies whether to use BigQuery's legacy SQL dialect for this query. The default value is true. If set to false, the query will use BigQuery's standard SQL: https://cloud.google.com/bigquery/sql-reference/ When useLegacySql is set to false, the value of flattenResults is ignored; query will be run as if flattenResults is false." }, "useQueryCache": { "type": "boolean", "description": "[Optional] Whether to look for the result in the query cache. The query cache is a best-effort cache that will be flushed whenever tables in the query are modified. Moreover, the query cache is only available when a query does not have a destination table specified. The default value is true." }, "userDefinedFunctionResources": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:UserDefinedFunctionResourceResponse" }, "description": "Describes user-defined function resources used in the query." }, "writeDisposition": { "type": "string", "description": "[Optional] Specifies the action that occurs if the destination table already exists. The following values are supported: WRITE_TRUNCATE: If the table already exists, BigQuery overwrites the table data and uses the schema from the query result. WRITE_APPEND: If the table already exists, BigQuery appends the data to the table. WRITE_EMPTY: If the table already exists and contains data, a 'duplicate' error is returned in the job result. The default value is WRITE_EMPTY. Each action is atomic and only occurs if BigQuery is able to complete the job successfully. Creation, truncation and append actions occur as one atomic update upon job completion." } }, "type": "object", "required": [ "allowLargeResults", "clustering", "connectionProperties", "continuous", "createDisposition", "createSession", "defaultDataset", "destinationEncryptionConfiguration", "destinationTable", "flattenResults", "maximumBillingTier", "maximumBytesBilled", "parameterMode", "preserveNulls", "priority", "query", "queryParameters", "rangePartitioning", "schemaUpdateOptions", "tableDefinitions", "timePartitioning", "useLegacySql", "useQueryCache", "userDefinedFunctionResources", "writeDisposition" ] }, "google-native:bigquery/v2:JobConfigurationResponse": { "properties": { "copy": { "$ref": "#/types/google-native:bigquery%2Fv2:JobConfigurationTableCopyResponse", "description": "[Pick one] Copies a table." }, "dryRun": { "type": "boolean", "description": "[Optional] If set, don't actually run this job. A valid query will return a mostly empty response with some processing statistics, while an invalid query will return the same error it would if it wasn't a dry run. Behavior of non-query jobs is undefined." }, "extract": { "$ref": "#/types/google-native:bigquery%2Fv2:JobConfigurationExtractResponse", "description": "[Pick one] Configures an extract job." }, "jobTimeoutMs": { "type": "string", "description": "[Optional] Job timeout in milliseconds. If this time limit is exceeded, BigQuery may attempt to terminate the job." }, "jobType": { "type": "string", "description": "The type of the job. Can be QUERY, LOAD, EXTRACT, COPY or UNKNOWN." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The labels associated with this job. You can use these to organize and group your jobs. Label keys and values can be no longer than 63 characters, can only contain lowercase letters, numeric characters, underscores and dashes. International characters are allowed. Label values are optional. Label keys must start with a letter and each label in the list must have a different key." }, "load": { "$ref": "#/types/google-native:bigquery%2Fv2:JobConfigurationLoadResponse", "description": "[Pick one] Configures a load job." }, "query": { "$ref": "#/types/google-native:bigquery%2Fv2:JobConfigurationQueryResponse", "description": "[Pick one] Configures a query job." } }, "type": "object", "required": [ "copy", "dryRun", "extract", "jobTimeoutMs", "jobType", "labels", "load", "query" ] }, "google-native:bigquery/v2:JobConfigurationTableCopy": { "properties": { "createDisposition": { "type": "string", "description": "[Optional] Specifies whether the job is allowed to create new tables. The following values are supported: CREATE_IF_NEEDED: If the table does not exist, BigQuery creates the table. CREATE_NEVER: The table must already exist. If it does not, a 'notFound' error is returned in the job result. The default value is CREATE_IF_NEEDED. Creation, truncation and append actions occur as one atomic update upon job completion." }, "destinationEncryptionConfiguration": { "$ref": "#/types/google-native:bigquery%2Fv2:EncryptionConfiguration", "description": "Custom encryption configuration (e.g., Cloud KMS keys)." }, "destinationExpirationTime": { "$ref": "pulumi.json#/Any", "description": "[Optional] The time when the destination table expires. Expired tables will be deleted and their storage reclaimed." }, "destinationTable": { "$ref": "#/types/google-native:bigquery%2Fv2:TableReference", "description": "[Required] The destination table" }, "operationType": { "type": "string", "description": "[Optional] Supported operation types in table copy job." }, "sourceTable": { "$ref": "#/types/google-native:bigquery%2Fv2:TableReference", "description": "[Pick one] Source table to copy." }, "sourceTables": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:TableReference" }, "description": "[Pick one] Source tables to copy." }, "writeDisposition": { "type": "string", "description": "[Optional] Specifies the action that occurs if the destination table already exists. The following values are supported: WRITE_TRUNCATE: If the table already exists, BigQuery overwrites the table data. WRITE_APPEND: If the table already exists, BigQuery appends the data to the table. WRITE_EMPTY: If the table already exists and contains data, a 'duplicate' error is returned in the job result. The default value is WRITE_EMPTY. Each action is atomic and only occurs if BigQuery is able to complete the job successfully. Creation, truncation and append actions occur as one atomic update upon job completion." } }, "type": "object" }, "google-native:bigquery/v2:JobConfigurationTableCopyResponse": { "properties": { "createDisposition": { "type": "string", "description": "[Optional] Specifies whether the job is allowed to create new tables. The following values are supported: CREATE_IF_NEEDED: If the table does not exist, BigQuery creates the table. CREATE_NEVER: The table must already exist. If it does not, a 'notFound' error is returned in the job result. The default value is CREATE_IF_NEEDED. Creation, truncation and append actions occur as one atomic update upon job completion." }, "destinationEncryptionConfiguration": { "$ref": "#/types/google-native:bigquery%2Fv2:EncryptionConfigurationResponse", "description": "Custom encryption configuration (e.g., Cloud KMS keys)." }, "destinationExpirationTime": { "$ref": "pulumi.json#/Any", "description": "[Optional] The time when the destination table expires. Expired tables will be deleted and their storage reclaimed." }, "destinationTable": { "$ref": "#/types/google-native:bigquery%2Fv2:TableReferenceResponse", "description": "[Required] The destination table" }, "operationType": { "type": "string", "description": "[Optional] Supported operation types in table copy job." }, "sourceTable": { "$ref": "#/types/google-native:bigquery%2Fv2:TableReferenceResponse", "description": "[Pick one] Source table to copy." }, "sourceTables": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:TableReferenceResponse" }, "description": "[Pick one] Source tables to copy." }, "writeDisposition": { "type": "string", "description": "[Optional] Specifies the action that occurs if the destination table already exists. The following values are supported: WRITE_TRUNCATE: If the table already exists, BigQuery overwrites the table data. WRITE_APPEND: If the table already exists, BigQuery appends the data to the table. WRITE_EMPTY: If the table already exists and contains data, a 'duplicate' error is returned in the job result. The default value is WRITE_EMPTY. Each action is atomic and only occurs if BigQuery is able to complete the job successfully. Creation, truncation and append actions occur as one atomic update upon job completion." } }, "type": "object", "required": [ "createDisposition", "destinationEncryptionConfiguration", "destinationExpirationTime", "destinationTable", "operationType", "sourceTable", "sourceTables", "writeDisposition" ] }, "google-native:bigquery/v2:JobReference": { "properties": { "jobId": { "type": "string", "description": "[Required] The ID of the job. The ID must contain only letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-). The maximum length is 1,024 characters." }, "location": { "type": "string", "description": "The geographic location of the job. See details at https://cloud.google.com/bigquery/docs/locations#specifying_your_location." }, "project": { "type": "string", "description": "[Required] The ID of the project containing this job." } }, "type": "object" }, "google-native:bigquery/v2:JobReferenceResponse": { "properties": { "jobId": { "type": "string", "description": "[Required] The ID of the job. The ID must contain only letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-). The maximum length is 1,024 characters." }, "location": { "type": "string", "description": "The geographic location of the job. See details at https://cloud.google.com/bigquery/docs/locations#specifying_your_location." }, "project": { "type": "string", "description": "[Required] The ID of the project containing this job." } }, "type": "object", "required": [ "jobId", "location", "project" ] }, "google-native:bigquery/v2:JobStatistics2ReservationUsageItemResponse": { "properties": { "name": { "type": "string", "description": "[Output only] Reservation name or \"unreserved\" for on-demand resources usage." }, "slotMs": { "type": "string", "description": "[Output only] Slot-milliseconds the job spent in the given reservation." } }, "type": "object", "required": [ "name", "slotMs" ] }, "google-native:bigquery/v2:JobStatistics2Response": { "properties": { "biEngineStatistics": { "$ref": "#/types/google-native:bigquery%2Fv2:BiEngineStatisticsResponse", "description": "BI Engine specific Statistics. [Output only] BI Engine specific Statistics." }, "billingTier": { "type": "integer", "description": "[Output only] Billing tier for the job." }, "cacheHit": { "type": "boolean", "description": "[Output only] Whether the query result was fetched from the query cache." }, "ddlAffectedRowAccessPolicyCount": { "type": "string", "description": "[Output only] [Preview] The number of row access policies affected by a DDL statement. Present only for DROP ALL ROW ACCESS POLICIES queries." }, "ddlDestinationTable": { "$ref": "#/types/google-native:bigquery%2Fv2:TableReferenceResponse", "description": "[Output only] The DDL destination table. Present only for ALTER TABLE RENAME TO queries. Note that ddl_target_table is used just for its type information." }, "ddlOperationPerformed": { "type": "string", "description": "The DDL operation performed, possibly dependent on the pre-existence of the DDL target. Possible values (new values might be added in the future): \"CREATE\": The query created the DDL target. \"SKIP\": No-op. Example cases: the query is CREATE TABLE IF NOT EXISTS while the table already exists, or the query is DROP TABLE IF EXISTS while the table does not exist. \"REPLACE\": The query replaced the DDL target. Example case: the query is CREATE OR REPLACE TABLE, and the table already exists. \"DROP\": The query deleted the DDL target." }, "ddlTargetDataset": { "$ref": "#/types/google-native:bigquery%2Fv2:DatasetReferenceResponse", "description": "[Output only] The DDL target dataset. Present only for CREATE/ALTER/DROP/UNDROP SCHEMA queries." }, "ddlTargetRoutine": { "$ref": "#/types/google-native:bigquery%2Fv2:RoutineReferenceResponse", "description": "The DDL target routine. Present only for CREATE/DROP FUNCTION/PROCEDURE queries." }, "ddlTargetRowAccessPolicy": { "$ref": "#/types/google-native:bigquery%2Fv2:RowAccessPolicyReferenceResponse", "description": "[Output only] [Preview] The DDL target row access policy. Present only for CREATE/DROP ROW ACCESS POLICY queries." }, "ddlTargetTable": { "$ref": "#/types/google-native:bigquery%2Fv2:TableReferenceResponse", "description": "[Output only] The DDL target table. Present only for CREATE/DROP TABLE/VIEW and DROP ALL ROW ACCESS POLICIES queries." }, "dmlStats": { "$ref": "#/types/google-native:bigquery%2Fv2:DmlStatisticsResponse", "description": "[Output only] Detailed statistics for DML statements Present only for DML statements INSERT, UPDATE, DELETE or TRUNCATE." }, "estimatedBytesProcessed": { "type": "string", "description": "[Output only] The original estimate of bytes processed for the job." }, "mlStatistics": { "$ref": "#/types/google-native:bigquery%2Fv2:MlStatisticsResponse", "description": "[Output only] Statistics of a BigQuery ML training job." }, "modelTraining": { "$ref": "#/types/google-native:bigquery%2Fv2:BigQueryModelTrainingResponse", "description": "[Output only, Beta] Information about create model query job progress." }, "modelTrainingCurrentIteration": { "type": "integer", "description": "[Output only, Beta] Deprecated; do not use.", "deprecationMessage": "[Output only, Beta] Deprecated; do not use." }, "modelTrainingExpectedTotalIteration": { "type": "string", "description": "[Output only, Beta] Deprecated; do not use.", "deprecationMessage": "[Output only, Beta] Deprecated; do not use." }, "numDmlAffectedRows": { "type": "string", "description": "[Output only] The number of rows affected by a DML statement. Present only for DML statements INSERT, UPDATE or DELETE." }, "queryPlan": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:ExplainQueryStageResponse" }, "description": "[Output only] Describes execution plan for the query." }, "referencedRoutines": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:RoutineReferenceResponse" }, "description": "[Output only] Referenced routines (persistent user-defined functions and stored procedures) for the job." }, "referencedTables": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:TableReferenceResponse" }, "description": "[Output only] Referenced tables for the job. Queries that reference more than 50 tables will not have a complete list." }, "reservationUsage": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:JobStatistics2ReservationUsageItemResponse" }, "description": "[Output only] Job resource usage breakdown by reservation." }, "schema": { "$ref": "#/types/google-native:bigquery%2Fv2:TableSchemaResponse", "description": "[Output only] The schema of the results. Present only for successful dry run of non-legacy SQL queries." }, "searchStatistics": { "$ref": "#/types/google-native:bigquery%2Fv2:SearchStatisticsResponse", "description": "[Output only] Search query specific statistics." }, "sparkStatistics": { "$ref": "#/types/google-native:bigquery%2Fv2:SparkStatisticsResponse", "description": "[Output only] Statistics of a Spark procedure job." }, "statementType": { "type": "string", "description": "The type of query statement, if valid. Possible values (new values might be added in the future): \"SELECT\": SELECT query. \"INSERT\": INSERT query; see https://cloud.google.com/bigquery/docs/reference/standard-sql/data-manipulation-language. \"UPDATE\": UPDATE query; see https://cloud.google.com/bigquery/docs/reference/standard-sql/data-manipulation-language. \"DELETE\": DELETE query; see https://cloud.google.com/bigquery/docs/reference/standard-sql/data-manipulation-language. \"MERGE\": MERGE query; see https://cloud.google.com/bigquery/docs/reference/standard-sql/data-manipulation-language. \"ALTER_TABLE\": ALTER TABLE query. \"ALTER_VIEW\": ALTER VIEW query. \"ASSERT\": ASSERT condition AS 'description'. \"CREATE_FUNCTION\": CREATE FUNCTION query. \"CREATE_MODEL\": CREATE [OR REPLACE] MODEL ... AS SELECT ... . \"CREATE_PROCEDURE\": CREATE PROCEDURE query. \"CREATE_TABLE\": CREATE [OR REPLACE] TABLE without AS SELECT. \"CREATE_TABLE_AS_SELECT\": CREATE [OR REPLACE] TABLE ... AS SELECT ... . \"CREATE_VIEW\": CREATE [OR REPLACE] VIEW ... AS SELECT ... . \"DROP_FUNCTION\" : DROP FUNCTION query. \"DROP_PROCEDURE\": DROP PROCEDURE query. \"DROP_TABLE\": DROP TABLE query. \"DROP_VIEW\": DROP VIEW query." }, "timeline": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:QueryTimelineSampleResponse" }, "description": "[Output only] [Beta] Describes a timeline of job execution." }, "totalBytesBilled": { "type": "string", "description": "[Output only] Total bytes billed for the job." }, "totalBytesProcessed": { "type": "string", "description": "[Output only] Total bytes processed for the job." }, "totalBytesProcessedAccuracy": { "type": "string", "description": "[Output only] For dry-run jobs, totalBytesProcessed is an estimate and this field specifies the accuracy of the estimate. Possible values can be: UNKNOWN: accuracy of the estimate is unknown. PRECISE: estimate is precise. LOWER_BOUND: estimate is lower bound of what the query would cost. UPPER_BOUND: estimate is upper bound of what the query would cost." }, "totalPartitionsProcessed": { "type": "string", "description": "[Output only] Total number of partitions processed from all partitioned tables referenced in the job." }, "totalSlotMs": { "type": "string", "description": "[Output only] Slot-milliseconds for the job." }, "transferredBytes": { "type": "string", "description": "Total bytes transferred for cross-cloud queries such as Cross Cloud Transfer and CREATE TABLE AS SELECT (CTAS)." }, "undeclaredQueryParameters": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:QueryParameterResponse" }, "description": "Standard SQL only: list of undeclared query parameters detected during a dry run validation." } }, "type": "object", "required": [ "biEngineStatistics", "billingTier", "cacheHit", "ddlAffectedRowAccessPolicyCount", "ddlDestinationTable", "ddlOperationPerformed", "ddlTargetDataset", "ddlTargetRoutine", "ddlTargetRowAccessPolicy", "ddlTargetTable", "dmlStats", "estimatedBytesProcessed", "mlStatistics", "modelTraining", "modelTrainingCurrentIteration", "modelTrainingExpectedTotalIteration", "numDmlAffectedRows", "queryPlan", "referencedRoutines", "referencedTables", "reservationUsage", "schema", "searchStatistics", "sparkStatistics", "statementType", "timeline", "totalBytesBilled", "totalBytesProcessed", "totalBytesProcessedAccuracy", "totalPartitionsProcessed", "totalSlotMs", "transferredBytes", "undeclaredQueryParameters" ] }, "google-native:bigquery/v2:JobStatistics3Response": { "properties": { "badRecords": { "type": "string", "description": "The number of bad records encountered. Note that if the job has failed because of more bad records encountered than the maximum allowed in the load job configuration, then this number can be less than the total number of bad records present in the input data." }, "inputFileBytes": { "type": "string", "description": "Number of bytes of source data in a load job." }, "inputFiles": { "type": "string", "description": "Number of source files in a load job." }, "outputBytes": { "type": "string", "description": "Size of the loaded data in bytes. Note that while a load job is in the running state, this value may change." }, "outputRows": { "type": "string", "description": "Number of rows imported in a load job. Note that while an import job is in the running state, this value may change." } }, "type": "object", "required": [ "badRecords", "inputFileBytes", "inputFiles", "outputBytes", "outputRows" ] }, "google-native:bigquery/v2:JobStatistics4Response": { "properties": { "destinationUriFileCounts": { "type": "array", "items": { "type": "string" }, "description": "Number of files per destination URI or URI pattern specified in the extract configuration. These values will be in the same order as the URIs specified in the 'destinationUris' field." }, "inputBytes": { "type": "string", "description": "Number of user bytes extracted into the result. This is the byte count as computed by BigQuery for billing purposes." } }, "type": "object", "required": [ "destinationUriFileCounts", "inputBytes" ] }, "google-native:bigquery/v2:JobStatistics5Response": { "properties": { "copiedLogicalBytes": { "type": "string", "description": "Number of logical bytes copied to the destination table." }, "copiedRows": { "type": "string", "description": "Number of rows copied to the destination table." } }, "type": "object", "required": [ "copiedLogicalBytes", "copiedRows" ] }, "google-native:bigquery/v2:JobStatisticsReservationUsageItemResponse": { "properties": { "name": { "type": "string", "description": "Reservation name or \"unreserved\" for on-demand resources usage." }, "slotMs": { "type": "string", "description": "Slot-milliseconds the job spent in the given reservation." } }, "type": "object", "required": [ "name", "slotMs" ] }, "google-native:bigquery/v2:JobStatisticsResponse": { "properties": { "completionRatio": { "type": "number", "description": "[TrustedTester] [Output-only] Job progress (0.0 -> 1.0) for LOAD and EXTRACT jobs." }, "copy": { "$ref": "#/types/google-native:bigquery%2Fv2:JobStatistics5Response", "description": "Statistics for a copy job." }, "creationTime": { "type": "string", "description": "Creation time of this job, in milliseconds since the epoch. This field will be present on all jobs." }, "dataMaskingStatistics": { "$ref": "#/types/google-native:bigquery%2Fv2:DataMaskingStatisticsResponse", "description": "Statistics for data masking. Present only for query and extract jobs." }, "endTime": { "type": "string", "description": "End time of this job, in milliseconds since the epoch. This field will be present whenever a job is in the DONE state." }, "extract": { "$ref": "#/types/google-native:bigquery%2Fv2:JobStatistics4Response", "description": "Statistics for an extract job." }, "load": { "$ref": "#/types/google-native:bigquery%2Fv2:JobStatistics3Response", "description": "Statistics for a load job." }, "numChildJobs": { "type": "string", "description": "Number of child jobs executed." }, "parentJobId": { "type": "string", "description": "If this is a child job, the id of the parent." }, "query": { "$ref": "#/types/google-native:bigquery%2Fv2:JobStatistics2Response", "description": "Statistics for a query job." }, "quotaDeferments": { "type": "array", "items": { "type": "string" }, "description": "Quotas which delayed this job's start time." }, "reservationId": { "type": "string", "description": "Name of the primary reservation assigned to this job. Note that this could be different than reservations reported in the reservation usage field if parent reservations were used to execute this job." }, "reservationUsage": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:JobStatisticsReservationUsageItemResponse" }, "description": "Job resource usage breakdown by reservation." }, "rowLevelSecurityStatistics": { "$ref": "#/types/google-native:bigquery%2Fv2:RowLevelSecurityStatisticsResponse", "description": "[Preview] Statistics for row-level security. Present only for query and extract jobs." }, "scriptStatistics": { "$ref": "#/types/google-native:bigquery%2Fv2:ScriptStatisticsResponse", "description": "Statistics for a child job of a script." }, "sessionInfo": { "$ref": "#/types/google-native:bigquery%2Fv2:SessionInfoResponse", "description": "[Preview] Information of the session if this job is part of one." }, "startTime": { "type": "string", "description": "Start time of this job, in milliseconds since the epoch. This field will be present when the job transitions from the PENDING state to either RUNNING or DONE." }, "totalBytesProcessed": { "type": "string", "description": "[Deprecated] Use the bytes processed in the query statistics instead.", "deprecationMessage": "[Output-only] [Deprecated] Use the bytes processed in the query statistics instead." }, "totalSlotMs": { "type": "string", "description": "Slot-milliseconds for the job." }, "transactionInfo": { "$ref": "#/types/google-native:bigquery%2Fv2:TransactionInfoResponse", "description": "[Alpha] Information of the multi-statement transaction if this job is part of one." } }, "type": "object", "required": [ "completionRatio", "copy", "creationTime", "dataMaskingStatistics", "endTime", "extract", "load", "numChildJobs", "parentJobId", "query", "quotaDeferments", "reservationId", "reservationUsage", "rowLevelSecurityStatistics", "scriptStatistics", "sessionInfo", "startTime", "totalBytesProcessed", "totalSlotMs", "transactionInfo" ] }, "google-native:bigquery/v2:JobStatusResponse": { "properties": { "errorResult": { "$ref": "#/types/google-native:bigquery%2Fv2:ErrorProtoResponse", "description": "Final error result of the job. If present, indicates that the job has completed and was unsuccessful." }, "errors": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:ErrorProtoResponse" }, "description": "The first errors encountered during the running of the job. The final message includes the number of errors that caused the process to stop. Errors here do not necessarily mean that the job has completed or was unsuccessful." }, "state": { "type": "string", "description": "Running state of the job." } }, "type": "object", "required": [ "errorResult", "errors", "state" ] }, "google-native:bigquery/v2:JsonOptions": { "properties": { "encoding": { "type": "string", "description": "[Optional] The character encoding of the data. The supported values are UTF-8, UTF-16BE, UTF-16LE, UTF-32BE, and UTF-32LE. The default value is UTF-8." } }, "type": "object" }, "google-native:bigquery/v2:JsonOptionsResponse": { "properties": { "encoding": { "type": "string", "description": "[Optional] The character encoding of the data. The supported values are UTF-8, UTF-16BE, UTF-16LE, UTF-32BE, and UTF-32LE. The default value is UTF-8." } }, "type": "object", "required": [ "encoding" ] }, "google-native:bigquery/v2:MaterializedViewDefinition": { "properties": { "allowNonIncrementalDefinition": { "type": "boolean", "description": "[Optional] Allow non incremental materialized view definition. The default value is \"false\"." }, "enableRefresh": { "type": "boolean", "description": "[Optional] [TrustedTester] Enable automatic refresh of the materialized view when the base table is updated. The default value is \"true\"." }, "maxStaleness": { "type": "string", "description": "[Optional] Max staleness of data that could be returned when materizlized view is queried (formatted as Google SQL Interval type)." }, "query": { "type": "string", "description": "[Required] A query whose result is persisted." }, "refreshIntervalMs": { "type": "string", "description": "[Optional] [TrustedTester] The maximum frequency at which this materialized view will be refreshed. The default value is \"1800000\" (30 minutes)." } }, "type": "object" }, "google-native:bigquery/v2:MaterializedViewDefinitionResponse": { "properties": { "allowNonIncrementalDefinition": { "type": "boolean", "description": "[Optional] Allow non incremental materialized view definition. The default value is \"false\"." }, "enableRefresh": { "type": "boolean", "description": "[Optional] [TrustedTester] Enable automatic refresh of the materialized view when the base table is updated. The default value is \"true\"." }, "lastRefreshTime": { "type": "string", "description": "[TrustedTester] The time when this materialized view was last modified, in milliseconds since the epoch." }, "maxStaleness": { "type": "string", "description": "[Optional] Max staleness of data that could be returned when materizlized view is queried (formatted as Google SQL Interval type)." }, "query": { "type": "string", "description": "[Required] A query whose result is persisted." }, "refreshIntervalMs": { "type": "string", "description": "[Optional] [TrustedTester] The maximum frequency at which this materialized view will be refreshed. The default value is \"1800000\" (30 minutes)." } }, "type": "object", "required": [ "allowNonIncrementalDefinition", "enableRefresh", "lastRefreshTime", "maxStaleness", "query", "refreshIntervalMs" ] }, "google-native:bigquery/v2:MlStatisticsResponse": { "properties": { "iterationResults": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:IterationResultResponse" }, "description": "Results for all completed iterations." }, "maxIterations": { "type": "string", "description": "Maximum number of iterations specified as max_iterations in the 'CREATE MODEL' query. The actual number of iterations may be less than this number due to early stop." } }, "type": "object", "required": [ "iterationResults", "maxIterations" ] }, "google-native:bigquery/v2:ModelDefinition": { "properties": { "modelOptions": { "$ref": "#/types/google-native:bigquery%2Fv2:ModelDefinitionModelOptions", "description": "[Output-only, Beta] Model options used for the first training run. These options are immutable for subsequent training runs. Default values are used for any options not specified in the input query." }, "trainingRuns": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:BqmlTrainingRun" }, "description": "[Output-only, Beta] Information about ml training runs, each training run comprises of multiple iterations and there may be multiple training runs for the model if warm start is used or if a user decides to continue a previously cancelled query." } }, "type": "object" }, "google-native:bigquery/v2:ModelDefinitionModelOptions": { "description": "[Output-only, Beta] Model options used for the first training run. These options are immutable for subsequent training runs. Default values are used for any options not specified in the input query.", "properties": { "labels": { "type": "array", "items": { "type": "string" } }, "lossType": { "type": "string" }, "modelType": { "type": "string" } }, "type": "object" }, "google-native:bigquery/v2:ModelDefinitionModelOptionsResponse": { "description": "[Output-only, Beta] Model options used for the first training run. These options are immutable for subsequent training runs. Default values are used for any options not specified in the input query.", "properties": { "labels": { "type": "array", "items": { "type": "string" } }, "lossType": { "type": "string" }, "modelType": { "type": "string" } }, "type": "object", "required": [ "labels", "lossType", "modelType" ] }, "google-native:bigquery/v2:ModelDefinitionResponse": { "properties": { "modelOptions": { "$ref": "#/types/google-native:bigquery%2Fv2:ModelDefinitionModelOptionsResponse", "description": "[Output-only, Beta] Model options used for the first training run. These options are immutable for subsequent training runs. Default values are used for any options not specified in the input query." }, "trainingRuns": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:BqmlTrainingRunResponse" }, "description": "[Output-only, Beta] Information about ml training runs, each training run comprises of multiple iterations and there may be multiple training runs for the model if warm start is used or if a user decides to continue a previously cancelled query." } }, "type": "object", "required": [ "modelOptions", "trainingRuns" ] }, "google-native:bigquery/v2:ModelReference": { "properties": { "datasetId": { "type": "string", "description": "The ID of the dataset containing this model." }, "modelId": { "type": "string", "description": "The ID of the model. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 1,024 characters." }, "project": { "type": "string", "description": "The ID of the project containing this model." } }, "type": "object", "required": [ "datasetId", "modelId", "project" ] }, "google-native:bigquery/v2:ModelReferenceResponse": { "properties": { "datasetId": { "type": "string", "description": "The ID of the dataset containing this model." }, "modelId": { "type": "string", "description": "The ID of the model. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 1,024 characters." }, "project": { "type": "string", "description": "The ID of the project containing this model." } }, "type": "object", "required": [ "datasetId", "modelId", "project" ] }, "google-native:bigquery/v2:ParquetOptions": { "properties": { "enableListInference": { "type": "boolean", "description": "[Optional] Indicates whether to use schema inference specifically for Parquet LIST logical type." }, "enumAsString": { "type": "boolean", "description": "[Optional] Indicates whether to infer Parquet ENUM logical type as STRING instead of BYTES by default." } }, "type": "object" }, "google-native:bigquery/v2:ParquetOptionsResponse": { "properties": { "enableListInference": { "type": "boolean", "description": "[Optional] Indicates whether to use schema inference specifically for Parquet LIST logical type." }, "enumAsString": { "type": "boolean", "description": "[Optional] Indicates whether to infer Parquet ENUM logical type as STRING instead of BYTES by default." } }, "type": "object", "required": [ "enableListInference", "enumAsString" ] }, "google-native:bigquery/v2:QueryParameter": { "properties": { "name": { "type": "string", "description": "[Optional] If unset, this is a positional parameter. Otherwise, should be unique within a query." }, "parameterType": { "$ref": "#/types/google-native:bigquery%2Fv2:QueryParameterType", "description": "[Required] The type of this parameter." }, "parameterValue": { "$ref": "#/types/google-native:bigquery%2Fv2:QueryParameterValue", "description": "[Required] The value of this parameter." } }, "type": "object" }, "google-native:bigquery/v2:QueryParameterResponse": { "properties": { "name": { "type": "string", "description": "[Optional] If unset, this is a positional parameter. Otherwise, should be unique within a query." }, "parameterType": { "$ref": "#/types/google-native:bigquery%2Fv2:QueryParameterTypeResponse", "description": "[Required] The type of this parameter." }, "parameterValue": { "$ref": "#/types/google-native:bigquery%2Fv2:QueryParameterValueResponse", "description": "[Required] The value of this parameter." } }, "type": "object", "required": [ "name", "parameterType", "parameterValue" ] }, "google-native:bigquery/v2:QueryParameterType": { "properties": { "arrayType": { "$ref": "#/types/google-native:bigquery%2Fv2:QueryParameterType", "description": "[Optional] The type of the array's elements, if this is an array." }, "structTypes": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:QueryParameterTypeStructTypesItem" }, "description": "[Optional] The types of the fields of this struct, in order, if this is a struct." }, "type": { "type": "string", "description": "[Required] The top level type of this field." } }, "type": "object" }, "google-native:bigquery/v2:QueryParameterTypeResponse": { "properties": { "arrayType": { "$ref": "#/types/google-native:bigquery%2Fv2:QueryParameterTypeResponse", "description": "[Optional] The type of the array's elements, if this is an array." }, "structTypes": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:QueryParameterTypeStructTypesItemResponse" }, "description": "[Optional] The types of the fields of this struct, in order, if this is a struct." }, "type": { "type": "string", "description": "[Required] The top level type of this field." } }, "type": "object", "required": [ "arrayType", "structTypes", "type" ] }, "google-native:bigquery/v2:QueryParameterTypeStructTypesItem": { "properties": { "description": { "type": "string", "description": "[Optional] Human-oriented description of the field." }, "name": { "type": "string", "description": "[Optional] The name of this field." }, "type": { "$ref": "#/types/google-native:bigquery%2Fv2:QueryParameterType", "description": "[Required] The type of this field." } }, "type": "object" }, "google-native:bigquery/v2:QueryParameterTypeStructTypesItemResponse": { "properties": { "description": { "type": "string", "description": "[Optional] Human-oriented description of the field." }, "name": { "type": "string", "description": "[Optional] The name of this field." }, "type": { "$ref": "#/types/google-native:bigquery%2Fv2:QueryParameterTypeResponse", "description": "[Required] The type of this field." } }, "type": "object", "required": [ "description", "name", "type" ] }, "google-native:bigquery/v2:QueryParameterValue": { "properties": { "arrayValues": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:QueryParameterValue" }, "description": "[Optional] The array values, if this is an array type." }, "structValues": { "type": "object", "additionalProperties": { "type": "string" }, "description": "[Optional] The struct field values, in order of the struct type's declaration." }, "value": { "type": "string", "description": "[Optional] The value of this value, if a simple scalar type." } }, "type": "object" }, "google-native:bigquery/v2:QueryParameterValueResponse": { "properties": { "arrayValues": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:QueryParameterValueResponse" }, "description": "[Optional] The array values, if this is an array type." }, "structValues": { "type": "object", "additionalProperties": { "type": "string" }, "description": "[Optional] The struct field values, in order of the struct type's declaration." }, "value": { "type": "string", "description": "[Optional] The value of this value, if a simple scalar type." } }, "type": "object", "required": [ "arrayValues", "structValues", "value" ] }, "google-native:bigquery/v2:QueryTimelineSampleResponse": { "properties": { "activeUnits": { "type": "string", "description": "Total number of units currently being processed by workers. This does not correspond directly to slot usage. This is the largest value observed since the last sample." }, "completedUnits": { "type": "string", "description": "Total parallel units of work completed by this query." }, "elapsedMs": { "type": "string", "description": "Milliseconds elapsed since the start of query execution." }, "estimatedRunnableUnits": { "type": "string", "description": "Units of work that can be scheduled immediately. Providing additional slots for these units of work will speed up the query, provided no other query in the reservation needs additional slots." }, "pendingUnits": { "type": "string", "description": "Total units of work remaining for the query. This number can be revised (increased or decreased) while the query is running." }, "totalSlotMs": { "type": "string", "description": "Cumulative slot-ms consumed by the query." } }, "type": "object", "required": [ "activeUnits", "completedUnits", "elapsedMs", "estimatedRunnableUnits", "pendingUnits", "totalSlotMs" ] }, "google-native:bigquery/v2:RangePartitioning": { "properties": { "field": { "type": "string", "description": "[TrustedTester] [Required] The table is partitioned by this field. The field must be a top-level NULLABLE/REQUIRED field. The only supported type is INTEGER/INT64." }, "range": { "$ref": "#/types/google-native:bigquery%2Fv2:RangePartitioningRange", "description": "[TrustedTester] [Required] Defines the ranges for range partitioning." } }, "type": "object" }, "google-native:bigquery/v2:RangePartitioningRange": { "description": "[TrustedTester] [Required] Defines the ranges for range partitioning.", "properties": { "end": { "type": "string", "description": "[TrustedTester] [Required] The end of range partitioning, exclusive." }, "interval": { "type": "string", "description": "[TrustedTester] [Required] The width of each interval." }, "start": { "type": "string", "description": "[TrustedTester] [Required] The start of range partitioning, inclusive." } }, "type": "object" }, "google-native:bigquery/v2:RangePartitioningRangeResponse": { "description": "[TrustedTester] [Required] Defines the ranges for range partitioning.", "properties": { "end": { "type": "string", "description": "[TrustedTester] [Required] The end of range partitioning, exclusive." }, "interval": { "type": "string", "description": "[TrustedTester] [Required] The width of each interval." }, "start": { "type": "string", "description": "[TrustedTester] [Required] The start of range partitioning, inclusive." } }, "type": "object", "required": [ "end", "interval", "start" ] }, "google-native:bigquery/v2:RangePartitioningResponse": { "properties": { "field": { "type": "string", "description": "[TrustedTester] [Required] The table is partitioned by this field. The field must be a top-level NULLABLE/REQUIRED field. The only supported type is INTEGER/INT64." }, "range": { "$ref": "#/types/google-native:bigquery%2Fv2:RangePartitioningRangeResponse", "description": "[TrustedTester] [Required] Defines the ranges for range partitioning." } }, "type": "object", "required": [ "field", "range" ] }, "google-native:bigquery/v2:RemoteFunctionOptions": { "description": "Options for a remote user-defined function.", "properties": { "connection": { "type": "string", "description": "Fully qualified name of the user-provided connection object which holds the authentication information to send requests to the remote service. Format: ```\"projects/{projectId}/locations/{locationId}/connections/{connectionId}\"```" }, "endpoint": { "type": "string", "description": "Endpoint of the user-provided remote service, e.g. ```https://us-east1-my_gcf_project.cloudfunctions.net/remote_add```" }, "maxBatchingRows": { "type": "string", "description": "Max number of rows in each batch sent to the remote service. If absent or if 0, BigQuery dynamically decides the number of rows in a batch." }, "userDefinedContext": { "type": "object", "additionalProperties": { "type": "string" }, "description": "User-defined context as a set of key/value pairs, which will be sent as function invocation context together with batched arguments in the requests to the remote service. The total number of bytes of keys and values must be less than 8KB." } }, "type": "object" }, "google-native:bigquery/v2:RemoteFunctionOptionsResponse": { "description": "Options for a remote user-defined function.", "properties": { "connection": { "type": "string", "description": "Fully qualified name of the user-provided connection object which holds the authentication information to send requests to the remote service. Format: ```\"projects/{projectId}/locations/{locationId}/connections/{connectionId}\"```" }, "endpoint": { "type": "string", "description": "Endpoint of the user-provided remote service, e.g. ```https://us-east1-my_gcf_project.cloudfunctions.net/remote_add```" }, "maxBatchingRows": { "type": "string", "description": "Max number of rows in each batch sent to the remote service. If absent or if 0, BigQuery dynamically decides the number of rows in a batch." }, "userDefinedContext": { "type": "object", "additionalProperties": { "type": "string" }, "description": "User-defined context as a set of key/value pairs, which will be sent as function invocation context together with batched arguments in the requests to the remote service. The total number of bytes of keys and values must be less than 8KB." } }, "type": "object", "required": [ "connection", "endpoint", "maxBatchingRows", "userDefinedContext" ] }, "google-native:bigquery/v2:RoutineDataGovernanceType": { "description": "Optional. If set to `DATA_MASKING`, the function is validated and made available as a masking function. For more information, see [Create custom masking routines](https://cloud.google.com/bigquery/docs/user-defined-functions#custom-mask).", "type": "string", "enum": [ { "name": "DataGovernanceTypeUnspecified", "description": "The data governance type is unspecified.", "value": "DATA_GOVERNANCE_TYPE_UNSPECIFIED" }, { "name": "DataMasking", "description": "The data governance type is data masking.", "value": "DATA_MASKING" } ] }, "google-native:bigquery/v2:RoutineDeterminismLevel": { "description": "Optional. The determinism level of the JavaScript UDF, if defined.", "type": "string", "enum": [ { "name": "DeterminismLevelUnspecified", "description": "The determinism of the UDF is unspecified.", "value": "DETERMINISM_LEVEL_UNSPECIFIED" }, { "name": "Deterministic", "description": "The UDF is deterministic, meaning that 2 function calls with the same inputs always produce the same result, even across 2 query runs.", "value": "DETERMINISTIC" }, { "name": "NotDeterministic", "description": "The UDF is not deterministic.", "value": "NOT_DETERMINISTIC" } ] }, "google-native:bigquery/v2:RoutineLanguage": { "description": "Optional. Defaults to \"SQL\" if remote_function_options field is absent, not set otherwise.", "type": "string", "enum": [ { "name": "LanguageUnspecified", "description": "Default value.", "value": "LANGUAGE_UNSPECIFIED" }, { "name": "Sql", "description": "SQL language.", "value": "SQL" }, { "name": "Javascript", "description": "JavaScript language.", "value": "JAVASCRIPT" }, { "name": "Python", "description": "Python language.", "value": "PYTHON" }, { "name": "Java", "description": "Java language.", "value": "JAVA" }, { "name": "Scala", "description": "Scala language.", "value": "SCALA" } ] }, "google-native:bigquery/v2:RoutineReference": { "properties": { "datasetId": { "type": "string", "description": "The ID of the dataset containing this routine." }, "project": { "type": "string", "description": "The ID of the project containing this routine." }, "routineId": { "type": "string", "description": "The ID of the routine. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 256 characters." } }, "type": "object", "required": [ "datasetId", "project", "routineId" ] }, "google-native:bigquery/v2:RoutineReferenceResponse": { "properties": { "datasetId": { "type": "string", "description": "The ID of the dataset containing this routine." }, "project": { "type": "string", "description": "The ID of the project containing this routine." }, "routineId": { "type": "string", "description": "The ID of the routine. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 256 characters." } }, "type": "object", "required": [ "datasetId", "project", "routineId" ] }, "google-native:bigquery/v2:RoutineRoutineType": { "description": "Required. The type of routine.", "type": "string", "enum": [ { "name": "RoutineTypeUnspecified", "description": "Default value.", "value": "ROUTINE_TYPE_UNSPECIFIED" }, { "name": "ScalarFunction", "description": "Non-built-in persistent scalar function.", "value": "SCALAR_FUNCTION" }, { "name": "Procedure", "description": "Stored procedure.", "value": "PROCEDURE" }, { "name": "TableValuedFunction", "description": "Non-built-in persistent TVF.", "value": "TABLE_VALUED_FUNCTION" }, { "name": "AggregateFunction", "description": "Non-built-in persistent aggregate function.", "value": "AGGREGATE_FUNCTION" } ] }, "google-native:bigquery/v2:RoutineSecurityMode": { "description": "Optional. The security mode of the routine, if defined. If not defined, the security mode is automatically determined from the routine's configuration.", "type": "string", "enum": [ { "name": "SecurityModeUnspecified", "description": "The security mode of the routine is unspecified.", "value": "SECURITY_MODE_UNSPECIFIED" }, { "name": "Definer", "description": "The routine is to be executed with the privileges of the user who defines it.", "value": "DEFINER" }, { "name": "Invoker", "description": "The routine is to be executed with the privileges of the user who invokes it.", "value": "INVOKER" } ] }, "google-native:bigquery/v2:RowAccessPolicyReferenceResponse": { "properties": { "datasetId": { "type": "string", "description": "The ID of the dataset containing this row access policy." }, "policyId": { "type": "string", "description": "The ID of the row access policy. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 256 characters." }, "project": { "type": "string", "description": "The ID of the project containing this row access policy." }, "tableId": { "type": "string", "description": "The ID of the table containing this row access policy." } }, "type": "object", "required": [ "datasetId", "policyId", "project", "tableId" ] }, "google-native:bigquery/v2:RowLevelSecurityStatisticsResponse": { "properties": { "rowLevelSecurityApplied": { "type": "boolean", "description": "[Preview] Whether any accessed data was protected by row access policies." } }, "type": "object", "required": [ "rowLevelSecurityApplied" ] }, "google-native:bigquery/v2:ScriptStackFrameResponse": { "properties": { "endColumn": { "type": "integer", "description": "One-based end column." }, "endLine": { "type": "integer", "description": "One-based end line." }, "procedureId": { "type": "string", "description": "Name of the active procedure, empty if in a top-level script." }, "startColumn": { "type": "integer", "description": "One-based start column." }, "startLine": { "type": "integer", "description": "One-based start line." }, "text": { "type": "string", "description": "Text of the current statement/expression." } }, "type": "object", "required": [ "endColumn", "endLine", "procedureId", "startColumn", "startLine", "text" ] }, "google-native:bigquery/v2:ScriptStatisticsResponse": { "properties": { "evaluationKind": { "type": "string", "description": "Whether this child job was a statement or expression." }, "stackFrames": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:ScriptStackFrameResponse" }, "description": "Stack trace showing the line/column/procedure name of each frame on the stack at the point where the current evaluation happened. The leaf frame is first, the primary script is last. Never empty." } }, "type": "object", "required": [ "evaluationKind", "stackFrames" ] }, "google-native:bigquery/v2:SearchStatisticsResponse": { "properties": { "indexUnusedReasons": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:IndexUnusedReasonResponse" }, "description": "When index_usage_mode is UNUSED or PARTIALLY_USED, this field explains why index was not used in all or part of the search query. If index_usage_mode is FULLLY_USED, this field is not populated." }, "indexUsageMode": { "type": "string", "description": "Specifies index usage mode for the query." } }, "type": "object", "required": [ "indexUnusedReasons", "indexUsageMode" ] }, "google-native:bigquery/v2:SessionInfoResponse": { "properties": { "sessionId": { "type": "string", "description": "// [Preview] Id of the session." } }, "type": "object", "required": [ "sessionId" ] }, "google-native:bigquery/v2:SnapshotDefinitionResponse": { "properties": { "baseTableReference": { "$ref": "#/types/google-native:bigquery%2Fv2:TableReferenceResponse", "description": "[Required] Reference describing the ID of the table that was snapshot." }, "snapshotTime": { "type": "string", "description": "[Required] The time at which the base table was snapshot. This value is reported in the JSON response using RFC3339 format." } }, "type": "object", "required": [ "baseTableReference", "snapshotTime" ] }, "google-native:bigquery/v2:SparkLoggingInfoResponse": { "properties": { "project": { "type": "string", "description": "Project ID used for logging" }, "resourceType": { "type": "string", "description": "Resource type used for logging" } }, "type": "object", "required": [ "project", "resourceType" ] }, "google-native:bigquery/v2:SparkOptions": { "description": "Options for a user-defined Spark routine.", "properties": { "archiveUris": { "type": "array", "items": { "type": "string" }, "description": "Archive files to be extracted into the working directory of each executor. For more information about Apache Spark, see [Apache Spark](https://spark.apache.org/docs/latest/index.html)." }, "connection": { "type": "string", "description": "Fully qualified name of the user-provided Spark connection object. Format: ```\"projects/{project_id}/locations/{location_id}/connections/{connection_id}\"```" }, "containerImage": { "type": "string", "description": "Custom container image for the runtime environment." }, "fileUris": { "type": "array", "items": { "type": "string" }, "description": "Files to be placed in the working directory of each executor. For more information about Apache Spark, see [Apache Spark](https://spark.apache.org/docs/latest/index.html)." }, "jarUris": { "type": "array", "items": { "type": "string" }, "description": "JARs to include on the driver and executor CLASSPATH. For more information about Apache Spark, see [Apache Spark](https://spark.apache.org/docs/latest/index.html)." }, "mainClass": { "type": "string", "description": "The fully qualified name of a class in jar_uris, for example, com.example.wordcount. Exactly one of main_class and main_jar_uri field should be set for Java/Scala language type." }, "mainFileUri": { "type": "string", "description": "The main file/jar URI of the Spark application. Exactly one of the definition_body field and the main_file_uri field must be set for Python. Exactly one of main_class and main_file_uri field should be set for Java/Scala language type." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Configuration properties as a set of key/value pairs, which will be passed on to the Spark application. For more information, see [Apache Spark](https://spark.apache.org/docs/latest/index.html) and the [procedure option list](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#procedure_option_list)." }, "pyFileUris": { "type": "array", "items": { "type": "string" }, "description": "Python files to be placed on the PYTHONPATH for PySpark application. Supported file types: `.py`, `.egg`, and `.zip`. For more information about Apache Spark, see [Apache Spark](https://spark.apache.org/docs/latest/index.html)." }, "runtimeVersion": { "type": "string", "description": "Runtime version. If not specified, the default runtime version is used." } }, "type": "object" }, "google-native:bigquery/v2:SparkOptionsResponse": { "description": "Options for a user-defined Spark routine.", "properties": { "archiveUris": { "type": "array", "items": { "type": "string" }, "description": "Archive files to be extracted into the working directory of each executor. For more information about Apache Spark, see [Apache Spark](https://spark.apache.org/docs/latest/index.html)." }, "connection": { "type": "string", "description": "Fully qualified name of the user-provided Spark connection object. Format: ```\"projects/{project_id}/locations/{location_id}/connections/{connection_id}\"```" }, "containerImage": { "type": "string", "description": "Custom container image for the runtime environment." }, "fileUris": { "type": "array", "items": { "type": "string" }, "description": "Files to be placed in the working directory of each executor. For more information about Apache Spark, see [Apache Spark](https://spark.apache.org/docs/latest/index.html)." }, "jarUris": { "type": "array", "items": { "type": "string" }, "description": "JARs to include on the driver and executor CLASSPATH. For more information about Apache Spark, see [Apache Spark](https://spark.apache.org/docs/latest/index.html)." }, "mainClass": { "type": "string", "description": "The fully qualified name of a class in jar_uris, for example, com.example.wordcount. Exactly one of main_class and main_jar_uri field should be set for Java/Scala language type." }, "mainFileUri": { "type": "string", "description": "The main file/jar URI of the Spark application. Exactly one of the definition_body field and the main_file_uri field must be set for Python. Exactly one of main_class and main_file_uri field should be set for Java/Scala language type." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Configuration properties as a set of key/value pairs, which will be passed on to the Spark application. For more information, see [Apache Spark](https://spark.apache.org/docs/latest/index.html) and the [procedure option list](https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#procedure_option_list)." }, "pyFileUris": { "type": "array", "items": { "type": "string" }, "description": "Python files to be placed on the PYTHONPATH for PySpark application. Supported file types: `.py`, `.egg`, and `.zip`. For more information about Apache Spark, see [Apache Spark](https://spark.apache.org/docs/latest/index.html)." }, "runtimeVersion": { "type": "string", "description": "Runtime version. If not specified, the default runtime version is used." } }, "type": "object", "required": [ "archiveUris", "connection", "containerImage", "fileUris", "jarUris", "mainClass", "mainFileUri", "properties", "pyFileUris", "runtimeVersion" ] }, "google-native:bigquery/v2:SparkStatisticsResponse": { "properties": { "endpoints": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Endpoints generated for the Spark job." }, "loggingInfo": { "$ref": "#/types/google-native:bigquery%2Fv2:SparkLoggingInfoResponse", "description": "Logging info is used to generate a link to Cloud Logging." }, "sparkJobId": { "type": "string", "description": "Spark job id if a Spark job is created successfully." }, "sparkJobLocation": { "type": "string", "description": "Location where the Spark job is executed." } }, "type": "object", "required": [ "endpoints", "loggingInfo", "sparkJobId", "sparkJobLocation" ] }, "google-native:bigquery/v2:StandardSqlDataType": { "description": "The data type of a variable such as a function argument. Examples include: * INT64: `{\"typeKind\": \"INT64\"}` * ARRAY: { \"typeKind\": \"ARRAY\", \"arrayElementType\": {\"typeKind\": \"STRING\"} } * STRUCT>: { \"typeKind\": \"STRUCT\", \"structType\": { \"fields\": [ { \"name\": \"x\", \"type\": {\"typeKind\": \"STRING\"} }, { \"name\": \"y\", \"type\": { \"typeKind\": \"ARRAY\", \"arrayElementType\": {\"typeKind\": \"DATE\"} } } ] } }", "properties": { "arrayElementType": { "$ref": "#/types/google-native:bigquery%2Fv2:StandardSqlDataType", "description": "The type of the array's elements, if type_kind = \"ARRAY\"." }, "rangeElementType": { "$ref": "#/types/google-native:bigquery%2Fv2:StandardSqlDataType", "description": "The type of the range's elements, if type_kind = \"RANGE\"." }, "structType": { "$ref": "#/types/google-native:bigquery%2Fv2:StandardSqlStructType", "description": "The fields of this struct, in order, if type_kind = \"STRUCT\"." }, "typeKind": { "$ref": "#/types/google-native:bigquery%2Fv2:StandardSqlDataTypeTypeKind", "description": "The top level type of this field. Can be any GoogleSQL data type (e.g., \"INT64\", \"DATE\", \"ARRAY\")." } }, "type": "object", "required": [ "typeKind" ] }, "google-native:bigquery/v2:StandardSqlDataTypeResponse": { "description": "The data type of a variable such as a function argument. Examples include: * INT64: `{\"typeKind\": \"INT64\"}` * ARRAY: { \"typeKind\": \"ARRAY\", \"arrayElementType\": {\"typeKind\": \"STRING\"} } * STRUCT>: { \"typeKind\": \"STRUCT\", \"structType\": { \"fields\": [ { \"name\": \"x\", \"type\": {\"typeKind\": \"STRING\"} }, { \"name\": \"y\", \"type\": { \"typeKind\": \"ARRAY\", \"arrayElementType\": {\"typeKind\": \"DATE\"} } } ] } }", "properties": { "arrayElementType": { "$ref": "#/types/google-native:bigquery%2Fv2:StandardSqlDataTypeResponse", "description": "The type of the array's elements, if type_kind = \"ARRAY\"." }, "rangeElementType": { "$ref": "#/types/google-native:bigquery%2Fv2:StandardSqlDataTypeResponse", "description": "The type of the range's elements, if type_kind = \"RANGE\"." }, "structType": { "$ref": "#/types/google-native:bigquery%2Fv2:StandardSqlStructTypeResponse", "description": "The fields of this struct, in order, if type_kind = \"STRUCT\"." }, "typeKind": { "type": "string", "description": "The top level type of this field. Can be any GoogleSQL data type (e.g., \"INT64\", \"DATE\", \"ARRAY\")." } }, "type": "object", "required": [ "arrayElementType", "rangeElementType", "structType", "typeKind" ] }, "google-native:bigquery/v2:StandardSqlDataTypeTypeKind": { "description": "Required. The top level type of this field. Can be any GoogleSQL data type (e.g., \"INT64\", \"DATE\", \"ARRAY\").", "type": "string", "enum": [ { "name": "TypeKindUnspecified", "description": "Invalid type.", "value": "TYPE_KIND_UNSPECIFIED" }, { "name": "Int64", "description": "Encoded as a string in decimal format.", "value": "INT64" }, { "name": "Bool", "description": "Encoded as a boolean \"false\" or \"true\".", "value": "BOOL" }, { "name": "Float64", "description": "Encoded as a number, or string \"NaN\", \"Infinity\" or \"-Infinity\".", "value": "FLOAT64" }, { "name": "String", "description": "Encoded as a string value.", "value": "STRING" }, { "name": "Bytes", "description": "Encoded as a base64 string per RFC 4648, section 4.", "value": "BYTES" }, { "name": "Timestamp", "description": "Encoded as an RFC 3339 timestamp with mandatory \"Z\" time zone string: 1985-04-12T23:20:50.52Z", "value": "TIMESTAMP" }, { "name": "Date", "description": "Encoded as RFC 3339 full-date format string: 1985-04-12", "value": "DATE" }, { "name": "Time", "description": "Encoded as RFC 3339 partial-time format string: 23:20:50.52", "value": "TIME" }, { "name": "Datetime", "description": "Encoded as RFC 3339 full-date \"T\" partial-time: 1985-04-12T23:20:50.52", "value": "DATETIME" }, { "name": "Interval", "description": "Encoded as fully qualified 3 part: 0-5 15 2:30:45.6", "value": "INTERVAL" }, { "name": "Geography", "description": "Encoded as WKT", "value": "GEOGRAPHY" }, { "name": "Numeric", "description": "Encoded as a decimal string.", "value": "NUMERIC" }, { "name": "Bignumeric", "description": "Encoded as a decimal string.", "value": "BIGNUMERIC" }, { "name": "Json", "description": "Encoded as a string.", "value": "JSON" }, { "name": "Array", "description": "Encoded as a list with types matching Type.array_type.", "value": "ARRAY" }, { "name": "Struct", "description": "Encoded as a list with fields of type Type.struct_type[i]. List is used because a JSON object cannot have duplicate field names.", "value": "STRUCT" }, { "name": "Range", "description": "Encoded as a pair with types matching range_element_type. Pairs must begin with \"[\", end with \")\", and be separated by \", \".", "value": "RANGE" } ] }, "google-native:bigquery/v2:StandardSqlField": { "description": "A field or a column.", "properties": { "name": { "type": "string", "description": "Optional. The name of this field. Can be absent for struct fields." }, "type": { "$ref": "#/types/google-native:bigquery%2Fv2:StandardSqlDataType", "description": "Optional. The type of this parameter. Absent if not explicitly specified (e.g., CREATE FUNCTION statement can omit the return type; in this case the output parameter does not have this \"type\" field)." } }, "type": "object" }, "google-native:bigquery/v2:StandardSqlFieldResponse": { "description": "A field or a column.", "properties": { "name": { "type": "string", "description": "Optional. The name of this field. Can be absent for struct fields." }, "type": { "$ref": "#/types/google-native:bigquery%2Fv2:StandardSqlDataTypeResponse", "description": "Optional. The type of this parameter. Absent if not explicitly specified (e.g., CREATE FUNCTION statement can omit the return type; in this case the output parameter does not have this \"type\" field)." } }, "type": "object", "required": [ "name", "type" ] }, "google-native:bigquery/v2:StandardSqlStructType": { "description": "The representation of a SQL STRUCT type.", "properties": { "fields": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:StandardSqlField" }, "description": "Fields within the struct." } }, "type": "object" }, "google-native:bigquery/v2:StandardSqlStructTypeResponse": { "description": "The representation of a SQL STRUCT type.", "properties": { "fields": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:StandardSqlFieldResponse" }, "description": "Fields within the struct." } }, "type": "object", "required": [ "fields" ] }, "google-native:bigquery/v2:StandardSqlTableType": { "description": "A table type", "properties": { "columns": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:StandardSqlField" }, "description": "The columns in this table type" } }, "type": "object" }, "google-native:bigquery/v2:StandardSqlTableTypeResponse": { "description": "A table type", "properties": { "columns": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:StandardSqlFieldResponse" }, "description": "The columns in this table type" } }, "type": "object", "required": [ "columns" ] }, "google-native:bigquery/v2:StreamingbufferResponse": { "properties": { "estimatedBytes": { "type": "string", "description": "A lower-bound estimate of the number of bytes currently in the streaming buffer." }, "estimatedRows": { "type": "string", "description": "A lower-bound estimate of the number of rows currently in the streaming buffer." }, "oldestEntryTime": { "type": "string", "description": "Contains the timestamp of the oldest entry in the streaming buffer, in milliseconds since the epoch, if the streaming buffer is available." } }, "type": "object", "required": [ "estimatedBytes", "estimatedRows", "oldestEntryTime" ] }, "google-native:bigquery/v2:TableConstraints": { "properties": { "foreignKeys": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:TableConstraintsForeignKeysItem" }, "description": "[Optional] The foreign keys of the tables." }, "primaryKey": { "$ref": "#/types/google-native:bigquery%2Fv2:TableConstraintsPrimaryKey", "description": "[Optional] The primary key of the table." } }, "type": "object" }, "google-native:bigquery/v2:TableConstraintsForeignKeysItem": { "properties": { "columnReferences": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:TableConstraintsForeignKeysItemColumnReferencesItem" } }, "name": { "type": "string" }, "referencedTable": { "$ref": "#/types/google-native:bigquery%2Fv2:TableConstraintsForeignKeysItemReferencedTable" } }, "type": "object" }, "google-native:bigquery/v2:TableConstraintsForeignKeysItemColumnReferencesItem": { "properties": { "referencedColumn": { "type": "string" }, "referencingColumn": { "type": "string" } }, "type": "object" }, "google-native:bigquery/v2:TableConstraintsForeignKeysItemColumnReferencesItemResponse": { "properties": { "referencedColumn": { "type": "string" }, "referencingColumn": { "type": "string" } }, "type": "object", "required": [ "referencedColumn", "referencingColumn" ] }, "google-native:bigquery/v2:TableConstraintsForeignKeysItemReferencedTable": { "properties": { "datasetId": { "type": "string" }, "project": { "type": "string" }, "tableId": { "type": "string" } }, "type": "object" }, "google-native:bigquery/v2:TableConstraintsForeignKeysItemReferencedTableResponse": { "properties": { "datasetId": { "type": "string" }, "project": { "type": "string" }, "tableId": { "type": "string" } }, "type": "object", "required": [ "datasetId", "project", "tableId" ] }, "google-native:bigquery/v2:TableConstraintsForeignKeysItemResponse": { "properties": { "columnReferences": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:TableConstraintsForeignKeysItemColumnReferencesItemResponse" } }, "name": { "type": "string" }, "referencedTable": { "$ref": "#/types/google-native:bigquery%2Fv2:TableConstraintsForeignKeysItemReferencedTableResponse" } }, "type": "object", "required": [ "columnReferences", "name", "referencedTable" ] }, "google-native:bigquery/v2:TableConstraintsPrimaryKey": { "description": "[Optional] The primary key of the table.", "properties": { "columns": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "google-native:bigquery/v2:TableConstraintsPrimaryKeyResponse": { "description": "[Optional] The primary key of the table.", "properties": { "columns": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "columns" ] }, "google-native:bigquery/v2:TableConstraintsResponse": { "properties": { "foreignKeys": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:TableConstraintsForeignKeysItemResponse" }, "description": "[Optional] The foreign keys of the tables." }, "primaryKey": { "$ref": "#/types/google-native:bigquery%2Fv2:TableConstraintsPrimaryKeyResponse", "description": "[Optional] The primary key of the table." } }, "type": "object", "required": [ "foreignKeys", "primaryKey" ] }, "google-native:bigquery/v2:TableFieldSchema": { "properties": { "categories": { "$ref": "#/types/google-native:bigquery%2Fv2:TableFieldSchemaCategories", "description": "[Optional] The categories attached to this field, used for field-level access control." }, "collation": { "type": "string", "description": "Optional. Collation specification of the field. It only can be set on string type field." }, "defaultValueExpression": { "type": "string", "description": "Optional. A SQL expression to specify the default value for this field. It can only be set for top level fields (columns). You can use struct or array expression to specify default value for the entire struct or array. The valid SQL expressions are: - Literals for all data types, including STRUCT and ARRAY. - Following functions: - CURRENT_TIMESTAMP - CURRENT_TIME - CURRENT_DATE - CURRENT_DATETIME - GENERATE_UUID - RAND - SESSION_USER - ST_GEOGPOINT - Struct or array composed with the above allowed functions, for example, [CURRENT_DATE(), DATE '2020-01-01']" }, "description": { "type": "string", "description": "[Optional] The field description. The maximum length is 1,024 characters." }, "fields": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:TableFieldSchema" }, "description": "[Optional] Describes the nested schema fields if the type property is set to RECORD." }, "maxLength": { "type": "string", "description": "[Optional] Maximum length of values of this field for STRINGS or BYTES. If max_length is not specified, no maximum length constraint is imposed on this field. If type = \"STRING\", then max_length represents the maximum UTF-8 length of strings in this field. If type = \"BYTES\", then max_length represents the maximum number of bytes in this field. It is invalid to set this field if type ≠ \"STRING\" and ≠ \"BYTES\"." }, "mode": { "type": "string", "description": "[Optional] The field mode. Possible values include NULLABLE, REQUIRED and REPEATED. The default value is NULLABLE." }, "name": { "type": "string", "description": "[Required] The field name. The name must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_), and must start with a letter or underscore. The maximum length is 300 characters." }, "policyTags": { "$ref": "#/types/google-native:bigquery%2Fv2:TableFieldSchemaPolicyTags" }, "precision": { "type": "string", "description": "[Optional] Precision (maximum number of total digits in base 10) and scale (maximum number of digits in the fractional part in base 10) constraints for values of this field for NUMERIC or BIGNUMERIC. It is invalid to set precision or scale if type ≠ \"NUMERIC\" and ≠ \"BIGNUMERIC\". If precision and scale are not specified, no value range constraint is imposed on this field insofar as values are permitted by the type. Values of this NUMERIC or BIGNUMERIC field must be in this range when: - Precision (P) and scale (S) are specified: [-10P-S + 10-S, 10P-S - 10-S] - Precision (P) is specified but not scale (and thus scale is interpreted to be equal to zero): [-10P + 1, 10P - 1]. Acceptable values for precision and scale if both are specified: - If type = \"NUMERIC\": 1 ≤ precision - scale ≤ 29 and 0 ≤ scale ≤ 9. - If type = \"BIGNUMERIC\": 1 ≤ precision - scale ≤ 38 and 0 ≤ scale ≤ 38. Acceptable values for precision if only precision is specified but not scale (and thus scale is interpreted to be equal to zero): - If type = \"NUMERIC\": 1 ≤ precision ≤ 29. - If type = \"BIGNUMERIC\": 1 ≤ precision ≤ 38. If scale is specified but not precision, then it is invalid." }, "rangeElementType": { "$ref": "#/types/google-native:bigquery%2Fv2:TableFieldSchemaRangeElementType", "description": "Optional. The subtype of the RANGE, if the type of this field is RANGE. If the type is RANGE, this field is required. Possible values for the field element type of a RANGE include: - DATE - DATETIME - TIMESTAMP" }, "roundingMode": { "type": "string", "description": "Optional. Rounding Mode specification of the field. It only can be set on NUMERIC or BIGNUMERIC type fields." }, "scale": { "type": "string", "description": "[Optional] See documentation for precision." }, "type": { "type": "string", "description": "[Required] The field data type. Possible values include STRING, BYTES, INTEGER, INT64 (same as INTEGER), FLOAT, FLOAT64 (same as FLOAT), NUMERIC, BIGNUMERIC, BOOLEAN, BOOL (same as BOOLEAN), TIMESTAMP, DATE, TIME, DATETIME, INTERVAL, RECORD (where RECORD indicates that the field contains a nested schema) or STRUCT (same as RECORD)." } }, "type": "object" }, "google-native:bigquery/v2:TableFieldSchemaCategories": { "description": "[Optional] The categories attached to this field, used for field-level access control.", "properties": { "names": { "type": "array", "items": { "type": "string" }, "description": "A list of category resource names. For example, \"projects/1/taxonomies/2/categories/3\". At most 5 categories are allowed." } }, "type": "object" }, "google-native:bigquery/v2:TableFieldSchemaCategoriesResponse": { "description": "[Optional] The categories attached to this field, used for field-level access control.", "properties": { "names": { "type": "array", "items": { "type": "string" }, "description": "A list of category resource names. For example, \"projects/1/taxonomies/2/categories/3\". At most 5 categories are allowed." } }, "type": "object", "required": [ "names" ] }, "google-native:bigquery/v2:TableFieldSchemaPolicyTags": { "properties": { "names": { "type": "array", "items": { "type": "string" }, "description": "A list of category resource names. For example, \"projects/1/location/eu/taxonomies/2/policyTags/3\". At most 1 policy tag is allowed." } }, "type": "object" }, "google-native:bigquery/v2:TableFieldSchemaPolicyTagsResponse": { "properties": { "names": { "type": "array", "items": { "type": "string" }, "description": "A list of category resource names. For example, \"projects/1/location/eu/taxonomies/2/policyTags/3\". At most 1 policy tag is allowed." } }, "type": "object", "required": [ "names" ] }, "google-native:bigquery/v2:TableFieldSchemaRangeElementType": { "description": "Optional. The subtype of the RANGE, if the type of this field is RANGE. If the type is RANGE, this field is required. Possible values for the field element type of a RANGE include: - DATE - DATETIME - TIMESTAMP", "properties": { "type": { "type": "string", "description": "The field element type of a RANGE" } }, "type": "object" }, "google-native:bigquery/v2:TableFieldSchemaRangeElementTypeResponse": { "description": "Optional. The subtype of the RANGE, if the type of this field is RANGE. If the type is RANGE, this field is required. Possible values for the field element type of a RANGE include: - DATE - DATETIME - TIMESTAMP", "properties": { "type": { "type": "string", "description": "The field element type of a RANGE" } }, "type": "object", "required": [ "type" ] }, "google-native:bigquery/v2:TableFieldSchemaResponse": { "properties": { "categories": { "$ref": "#/types/google-native:bigquery%2Fv2:TableFieldSchemaCategoriesResponse", "description": "[Optional] The categories attached to this field, used for field-level access control." }, "collation": { "type": "string", "description": "Optional. Collation specification of the field. It only can be set on string type field." }, "defaultValueExpression": { "type": "string", "description": "Optional. A SQL expression to specify the default value for this field. It can only be set for top level fields (columns). You can use struct or array expression to specify default value for the entire struct or array. The valid SQL expressions are: - Literals for all data types, including STRUCT and ARRAY. - Following functions: - CURRENT_TIMESTAMP - CURRENT_TIME - CURRENT_DATE - CURRENT_DATETIME - GENERATE_UUID - RAND - SESSION_USER - ST_GEOGPOINT - Struct or array composed with the above allowed functions, for example, [CURRENT_DATE(), DATE '2020-01-01']" }, "description": { "type": "string", "description": "[Optional] The field description. The maximum length is 1,024 characters." }, "fields": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:TableFieldSchemaResponse" }, "description": "[Optional] Describes the nested schema fields if the type property is set to RECORD." }, "maxLength": { "type": "string", "description": "[Optional] Maximum length of values of this field for STRINGS or BYTES. If max_length is not specified, no maximum length constraint is imposed on this field. If type = \"STRING\", then max_length represents the maximum UTF-8 length of strings in this field. If type = \"BYTES\", then max_length represents the maximum number of bytes in this field. It is invalid to set this field if type ≠ \"STRING\" and ≠ \"BYTES\"." }, "mode": { "type": "string", "description": "[Optional] The field mode. Possible values include NULLABLE, REQUIRED and REPEATED. The default value is NULLABLE." }, "name": { "type": "string", "description": "[Required] The field name. The name must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_), and must start with a letter or underscore. The maximum length is 300 characters." }, "policyTags": { "$ref": "#/types/google-native:bigquery%2Fv2:TableFieldSchemaPolicyTagsResponse" }, "precision": { "type": "string", "description": "[Optional] Precision (maximum number of total digits in base 10) and scale (maximum number of digits in the fractional part in base 10) constraints for values of this field for NUMERIC or BIGNUMERIC. It is invalid to set precision or scale if type ≠ \"NUMERIC\" and ≠ \"BIGNUMERIC\". If precision and scale are not specified, no value range constraint is imposed on this field insofar as values are permitted by the type. Values of this NUMERIC or BIGNUMERIC field must be in this range when: - Precision (P) and scale (S) are specified: [-10P-S + 10-S, 10P-S - 10-S] - Precision (P) is specified but not scale (and thus scale is interpreted to be equal to zero): [-10P + 1, 10P - 1]. Acceptable values for precision and scale if both are specified: - If type = \"NUMERIC\": 1 ≤ precision - scale ≤ 29 and 0 ≤ scale ≤ 9. - If type = \"BIGNUMERIC\": 1 ≤ precision - scale ≤ 38 and 0 ≤ scale ≤ 38. Acceptable values for precision if only precision is specified but not scale (and thus scale is interpreted to be equal to zero): - If type = \"NUMERIC\": 1 ≤ precision ≤ 29. - If type = \"BIGNUMERIC\": 1 ≤ precision ≤ 38. If scale is specified but not precision, then it is invalid." }, "rangeElementType": { "$ref": "#/types/google-native:bigquery%2Fv2:TableFieldSchemaRangeElementTypeResponse", "description": "Optional. The subtype of the RANGE, if the type of this field is RANGE. If the type is RANGE, this field is required. Possible values for the field element type of a RANGE include: - DATE - DATETIME - TIMESTAMP" }, "roundingMode": { "type": "string", "description": "Optional. Rounding Mode specification of the field. It only can be set on NUMERIC or BIGNUMERIC type fields." }, "scale": { "type": "string", "description": "[Optional] See documentation for precision." }, "type": { "type": "string", "description": "[Required] The field data type. Possible values include STRING, BYTES, INTEGER, INT64 (same as INTEGER), FLOAT, FLOAT64 (same as FLOAT), NUMERIC, BIGNUMERIC, BOOLEAN, BOOL (same as BOOLEAN), TIMESTAMP, DATE, TIME, DATETIME, INTERVAL, RECORD (where RECORD indicates that the field contains a nested schema) or STRUCT (same as RECORD)." } }, "type": "object", "required": [ "categories", "collation", "defaultValueExpression", "description", "fields", "maxLength", "mode", "name", "policyTags", "precision", "rangeElementType", "roundingMode", "scale", "type" ] }, "google-native:bigquery/v2:TableReference": { "properties": { "datasetId": { "type": "string", "description": "[Required] The ID of the dataset containing this table." }, "project": { "type": "string", "description": "[Required] The ID of the project containing this table." }, "tableId": { "type": "string", "description": "[Required] The ID of the table. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 1,024 characters." } }, "type": "object" }, "google-native:bigquery/v2:TableReferenceResponse": { "properties": { "datasetId": { "type": "string", "description": "[Required] The ID of the dataset containing this table." }, "project": { "type": "string", "description": "[Required] The ID of the project containing this table." }, "tableId": { "type": "string", "description": "[Required] The ID of the table. The ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). The maximum length is 1,024 characters." } }, "type": "object", "required": [ "datasetId", "project", "tableId" ] }, "google-native:bigquery/v2:TableSchema": { "properties": { "fields": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:TableFieldSchema" }, "description": "Describes the fields in a table." } }, "type": "object" }, "google-native:bigquery/v2:TableSchemaResponse": { "properties": { "fields": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:TableFieldSchemaResponse" }, "description": "Describes the fields in a table." } }, "type": "object", "required": [ "fields" ] }, "google-native:bigquery/v2:TimePartitioning": { "properties": { "expirationMs": { "type": "string", "description": "[Optional] Number of milliseconds for which to keep the storage for partitions in the table. The storage in a partition will have an expiration time of its partition time plus this value." }, "field": { "type": "string", "description": "[Beta] [Optional] If not set, the table is partitioned by pseudo column, referenced via either '_PARTITIONTIME' as TIMESTAMP type, or '_PARTITIONDATE' as DATE type. If field is specified, the table is instead partitioned by this field. The field must be a top-level TIMESTAMP or DATE field. Its mode must be NULLABLE or REQUIRED." }, "requirePartitionFilter": { "type": "boolean" }, "type": { "type": "string", "description": "[Required] The supported types are DAY, HOUR, MONTH, and YEAR, which will generate one partition per day, hour, month, and year, respectively. When the type is not specified, the default behavior is DAY." } }, "type": "object" }, "google-native:bigquery/v2:TimePartitioningResponse": { "properties": { "expirationMs": { "type": "string", "description": "[Optional] Number of milliseconds for which to keep the storage for partitions in the table. The storage in a partition will have an expiration time of its partition time plus this value." }, "field": { "type": "string", "description": "[Beta] [Optional] If not set, the table is partitioned by pseudo column, referenced via either '_PARTITIONTIME' as TIMESTAMP type, or '_PARTITIONDATE' as DATE type. If field is specified, the table is instead partitioned by this field. The field must be a top-level TIMESTAMP or DATE field. Its mode must be NULLABLE or REQUIRED." }, "requirePartitionFilter": { "type": "boolean" }, "type": { "type": "string", "description": "[Required] The supported types are DAY, HOUR, MONTH, and YEAR, which will generate one partition per day, hour, month, and year, respectively. When the type is not specified, the default behavior is DAY." } }, "type": "object", "required": [ "expirationMs", "field", "requirePartitionFilter", "type" ] }, "google-native:bigquery/v2:TransactionInfoResponse": { "properties": { "transactionId": { "type": "string", "description": "// [Alpha] Id of the transaction." } }, "type": "object", "required": [ "transactionId" ] }, "google-native:bigquery/v2:UserDefinedFunctionResource": { "description": "This is used for defining User Defined Function (UDF) resources only when using legacy SQL. Users of Standard SQL should leverage either DDL (e.g. CREATE [TEMPORARY] FUNCTION ... ) or the Routines API to define UDF resources. For additional information on migrating, see: https://cloud.google.com/bigquery/docs/reference/standard-sql/migrating-from-legacy-sql#differences_in_user-defined_javascript_functions", "properties": { "inlineCode": { "type": "string", "description": "[Pick one] An inline resource that contains code for a user-defined function (UDF). Providing a inline code resource is equivalent to providing a URI for a file containing the same code." }, "resourceUri": { "type": "string", "description": "[Pick one] A code resource to load from a Google Cloud Storage URI (gs://bucket/path)." } }, "type": "object" }, "google-native:bigquery/v2:UserDefinedFunctionResourceResponse": { "description": "This is used for defining User Defined Function (UDF) resources only when using legacy SQL. Users of Standard SQL should leverage either DDL (e.g. CREATE [TEMPORARY] FUNCTION ... ) or the Routines API to define UDF resources. For additional information on migrating, see: https://cloud.google.com/bigquery/docs/reference/standard-sql/migrating-from-legacy-sql#differences_in_user-defined_javascript_functions", "properties": { "inlineCode": { "type": "string", "description": "[Pick one] An inline resource that contains code for a user-defined function (UDF). Providing a inline code resource is equivalent to providing a URI for a file containing the same code." }, "resourceUri": { "type": "string", "description": "[Pick one] A code resource to load from a Google Cloud Storage URI (gs://bucket/path)." } }, "type": "object", "required": [ "inlineCode", "resourceUri" ] }, "google-native:bigquery/v2:ViewDefinition": { "properties": { "query": { "type": "string", "description": "[Required] A query that BigQuery executes when the view is referenced." }, "useExplicitColumnNames": { "type": "boolean", "description": "True if the column names are explicitly specified. For example by using the 'CREATE VIEW v(c1, c2) AS ...' syntax. Can only be set using BigQuery's standard SQL: https://cloud.google.com/bigquery/sql-reference/" }, "useLegacySql": { "type": "boolean", "description": "Specifies whether to use BigQuery's legacy SQL for this view. The default value is true. If set to false, the view will use BigQuery's standard SQL: https://cloud.google.com/bigquery/sql-reference/ Queries and views that reference this view must use the same flag value." }, "userDefinedFunctionResources": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:UserDefinedFunctionResource" }, "description": "Describes user-defined function resources used in the query." } }, "type": "object" }, "google-native:bigquery/v2:ViewDefinitionResponse": { "properties": { "query": { "type": "string", "description": "[Required] A query that BigQuery executes when the view is referenced." }, "useExplicitColumnNames": { "type": "boolean", "description": "True if the column names are explicitly specified. For example by using the 'CREATE VIEW v(c1, c2) AS ...' syntax. Can only be set using BigQuery's standard SQL: https://cloud.google.com/bigquery/sql-reference/" }, "useLegacySql": { "type": "boolean", "description": "Specifies whether to use BigQuery's legacy SQL for this view. The default value is true. If set to false, the view will use BigQuery's standard SQL: https://cloud.google.com/bigquery/sql-reference/ Queries and views that reference this view must use the same flag value." }, "userDefinedFunctionResources": { "type": "array", "items": { "$ref": "#/types/google-native:bigquery%2Fv2:UserDefinedFunctionResourceResponse" }, "description": "Describes user-defined function resources used in the query." } }, "type": "object", "required": [ "query", "useExplicitColumnNames", "useLegacySql", "userDefinedFunctionResources" ] }, "google-native:bigqueryconnection/v1beta1:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:bigqueryconnection%2Fv1beta1:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:bigqueryconnection/v1beta1:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:bigqueryconnection%2Fv1beta1:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:bigqueryconnection/v1beta1:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:bigqueryconnection%2Fv1beta1:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:bigqueryconnection/v1beta1:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:bigqueryconnection/v1beta1:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:bigqueryconnection/v1beta1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:bigqueryconnection%2Fv1beta1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:bigqueryconnection/v1beta1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:bigqueryconnection%2Fv1beta1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:bigqueryconnection/v1beta1:CloudSqlCredential": { "description": "Credential info for the Cloud SQL.", "properties": { "password": { "type": "string", "description": "The password for the credential." }, "username": { "type": "string", "description": "The username for the credential." } }, "type": "object" }, "google-native:bigqueryconnection/v1beta1:CloudSqlCredentialResponse": { "description": "Credential info for the Cloud SQL.", "properties": { "password": { "type": "string", "description": "The password for the credential." }, "username": { "type": "string", "description": "The username for the credential." } }, "type": "object", "required": [ "password", "username" ] }, "google-native:bigqueryconnection/v1beta1:CloudSqlProperties": { "description": "Connection properties specific to the Cloud SQL.", "properties": { "credential": { "$ref": "#/types/google-native:bigqueryconnection%2Fv1beta1:CloudSqlCredential", "description": "Input only. Cloud SQL credential." }, "database": { "type": "string", "description": "Database name." }, "instanceId": { "type": "string", "description": "Cloud SQL instance ID in the form `project:location:instance`." }, "type": { "$ref": "#/types/google-native:bigqueryconnection%2Fv1beta1:CloudSqlPropertiesType", "description": "Type of the Cloud SQL database." } }, "type": "object" }, "google-native:bigqueryconnection/v1beta1:CloudSqlPropertiesResponse": { "description": "Connection properties specific to the Cloud SQL.", "properties": { "credential": { "$ref": "#/types/google-native:bigqueryconnection%2Fv1beta1:CloudSqlCredentialResponse", "description": "Input only. Cloud SQL credential." }, "database": { "type": "string", "description": "Database name." }, "instanceId": { "type": "string", "description": "Cloud SQL instance ID in the form `project:location:instance`." }, "serviceAccountId": { "type": "string", "description": "The account ID of the service used for the purpose of this connection. When the connection is used in the context of an operation in BigQuery, this service account will serve as the identity being used for connecting to the CloudSQL instance specified in this connection." }, "type": { "type": "string", "description": "Type of the Cloud SQL database." } }, "type": "object", "required": [ "credential", "database", "instanceId", "serviceAccountId", "type" ] }, "google-native:bigqueryconnection/v1beta1:CloudSqlPropertiesType": { "description": "Type of the Cloud SQL database.", "type": "string", "enum": [ { "name": "DatabaseTypeUnspecified", "description": "Unspecified database type.", "value": "DATABASE_TYPE_UNSPECIFIED" }, { "name": "Postgres", "description": "Cloud SQL for PostgreSQL.", "value": "POSTGRES" }, { "name": "Mysql", "description": "Cloud SQL for MySQL.", "value": "MYSQL" } ] }, "google-native:bigqueryconnection/v1beta1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:bigqueryconnection/v1beta1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:bigquerydatapolicy/v1:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:bigquerydatapolicy%2Fv1:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:bigquerydatapolicy/v1:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:bigquerydatapolicy%2Fv1:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:bigquerydatapolicy/v1:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:bigquerydatapolicy%2Fv1:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:bigquerydatapolicy/v1:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:bigquerydatapolicy/v1:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:bigquerydatapolicy/v1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:bigquerydatapolicy%2Fv1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:bigquerydatapolicy/v1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:bigquerydatapolicy%2Fv1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:bigquerydatapolicy/v1:DataMaskingPolicy": { "description": "The data masking policy that is used to specify data masking rule.", "properties": { "predefinedExpression": { "$ref": "#/types/google-native:bigquerydatapolicy%2Fv1:DataMaskingPolicyPredefinedExpression", "description": "A predefined masking expression." }, "routine": { "type": "string", "description": "The name of the BigQuery routine that contains the custom masking routine, in the format of `projects/{project_number}/datasets/{dataset_id}/routines/{routine_id}`." } }, "type": "object" }, "google-native:bigquerydatapolicy/v1:DataMaskingPolicyPredefinedExpression": { "description": "A predefined masking expression.", "type": "string", "enum": [ { "name": "PredefinedExpressionUnspecified", "description": "Default, unspecified predefined expression. No masking will take place since no expression is specified.", "value": "PREDEFINED_EXPRESSION_UNSPECIFIED" }, { "name": "Sha256", "description": "Masking expression to replace data with SHA-256 hash.", "value": "SHA256" }, { "name": "AlwaysNull", "description": "Masking expression to replace data with NULLs.", "value": "ALWAYS_NULL" }, { "name": "DefaultMaskingValue", "description": "Masking expression to replace data with their default masking values. The default masking values for each type listed as below: * STRING: \"\" * BYTES: b'' * INTEGER: 0 * FLOAT: 0.0 * NUMERIC: 0 * BOOLEAN: FALSE * TIMESTAMP: 1970-01-01 00:00:00 UTC * DATE: 1970-01-01 * TIME: 00:00:00 * DATETIME: 1970-01-01T00:00:00 * GEOGRAPHY: POINT(0 0) * BIGNUMERIC: 0 * ARRAY: [] * STRUCT: NOT_APPLICABLE * JSON: NULL", "value": "DEFAULT_MASKING_VALUE" }, { "name": "LastFourCharacters", "description": "Masking expression shows the last four characters of text. The masking behavior is as follows: * If text length > 4 characters: Replace text with XXXXX, append last four characters of original text. * If text length <= 4 characters: Apply SHA-256 hash.", "value": "LAST_FOUR_CHARACTERS" }, { "name": "FirstFourCharacters", "description": "Masking expression shows the first four characters of text. The masking behavior is as follows: * If text length > 4 characters: Replace text with XXXXX, prepend first four characters of original text. * If text length <= 4 characters: Apply SHA-256 hash.", "value": "FIRST_FOUR_CHARACTERS" }, { "name": "EmailMask", "description": "Masking expression for email addresses. The masking behavior is as follows: * Syntax-valid email address: Replace username with XXXXX. For example, cloudysanfrancisco@gmail.com becomes XXXXX@gmail.com. * Syntax-invalid email address: Apply SHA-256 hash. For more information, see Email mask.", "value": "EMAIL_MASK" }, { "name": "DateYearMask", "description": "Masking expression to only show the *year* of `Date`, `DateTime` and `TimeStamp`. For example, with the year 2076: * DATE : 2076-01-01 * DATETIME : 2076-01-01T00:00:00 * TIMESTAMP : 2076-01-01 00:00:00 UTC Truncation occurs according to the UTC time zone. To change this, adjust the default time zone using the `time_zone` system variable. For more information, see the System variables reference.", "value": "DATE_YEAR_MASK" } ] }, "google-native:bigquerydatapolicy/v1:DataMaskingPolicyResponse": { "description": "The data masking policy that is used to specify data masking rule.", "properties": { "predefinedExpression": { "type": "string", "description": "A predefined masking expression." }, "routine": { "type": "string", "description": "The name of the BigQuery routine that contains the custom masking routine, in the format of `projects/{project_number}/datasets/{dataset_id}/routines/{routine_id}`." } }, "type": "object", "required": [ "predefinedExpression", "routine" ] }, "google-native:bigquerydatapolicy/v1:DataPolicyDataPolicyType": { "description": "Type of data policy.", "type": "string", "enum": [ { "name": "DataPolicyTypeUnspecified", "description": "Default value for the data policy type. This should not be used.", "value": "DATA_POLICY_TYPE_UNSPECIFIED" }, { "name": "ColumnLevelSecurityPolicy", "description": "Used to create a data policy for column-level security, without data masking.", "value": "COLUMN_LEVEL_SECURITY_POLICY" }, { "name": "DataMaskingPolicy", "description": "Used to create a data policy for data masking.", "value": "DATA_MASKING_POLICY" } ] }, "google-native:bigquerydatapolicy/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:bigquerydatapolicy/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:bigquerydatatransfer/v1:EmailPreferences": { "description": "Represents preferences for sending email notifications for transfer run events.", "properties": { "enableFailureEmail": { "type": "boolean", "description": "If true, email notifications will be sent on transfer run failures." } }, "type": "object" }, "google-native:bigquerydatatransfer/v1:EmailPreferencesResponse": { "description": "Represents preferences for sending email notifications for transfer run events.", "properties": { "enableFailureEmail": { "type": "boolean", "description": "If true, email notifications will be sent on transfer run failures." } }, "type": "object", "required": [ "enableFailureEmail" ] }, "google-native:bigquerydatatransfer/v1:EncryptionConfiguration": { "description": "Represents the encryption configuration for a transfer.", "properties": { "kmsKeyName": { "type": "string", "description": "The name of the KMS key used for encrypting BigQuery data." } }, "type": "object" }, "google-native:bigquerydatatransfer/v1:EncryptionConfigurationResponse": { "description": "Represents the encryption configuration for a transfer.", "properties": { "kmsKeyName": { "type": "string", "description": "The name of the KMS key used for encrypting BigQuery data." } }, "type": "object", "required": [ "kmsKeyName" ] }, "google-native:bigquerydatatransfer/v1:ScheduleOptions": { "description": "Options customizing the data transfer schedule.", "properties": { "disableAutoScheduling": { "type": "boolean", "description": "If true, automatic scheduling of data transfer runs for this configuration will be disabled. The runs can be started on ad-hoc basis using StartManualTransferRuns API. When automatic scheduling is disabled, the TransferConfig.schedule field will be ignored." }, "endTime": { "type": "string", "description": "Defines time to stop scheduling transfer runs. A transfer run cannot be scheduled at or after the end time. The end time can be changed at any moment. The time when a data transfer can be trigerred manually is not limited by this option." }, "startTime": { "type": "string", "description": "Specifies time to start scheduling transfer runs. The first run will be scheduled at or after the start time according to a recurrence pattern defined in the schedule string. The start time can be changed at any moment. The time when a data transfer can be trigerred manually is not limited by this option." } }, "type": "object" }, "google-native:bigquerydatatransfer/v1:ScheduleOptionsResponse": { "description": "Options customizing the data transfer schedule.", "properties": { "disableAutoScheduling": { "type": "boolean", "description": "If true, automatic scheduling of data transfer runs for this configuration will be disabled. The runs can be started on ad-hoc basis using StartManualTransferRuns API. When automatic scheduling is disabled, the TransferConfig.schedule field will be ignored." }, "endTime": { "type": "string", "description": "Defines time to stop scheduling transfer runs. A transfer run cannot be scheduled at or after the end time. The end time can be changed at any moment. The time when a data transfer can be trigerred manually is not limited by this option." }, "startTime": { "type": "string", "description": "Specifies time to start scheduling transfer runs. The first run will be scheduled at or after the start time according to a recurrence pattern defined in the schedule string. The start time can be changed at any moment. The time when a data transfer can be trigerred manually is not limited by this option." } }, "type": "object", "required": [ "disableAutoScheduling", "endTime", "startTime" ] }, "google-native:bigquerydatatransfer/v1:UserInfoResponse": { "description": "Information about a user.", "properties": { "email": { "type": "string", "description": "E-mail address of the user." } }, "type": "object", "required": [ "email" ] }, "google-native:bigqueryreservation/v1:Autoscale": { "description": "Auto scaling settings.", "properties": { "maxSlots": { "type": "string", "description": "Number of slots to be scaled when needed." } }, "type": "object" }, "google-native:bigqueryreservation/v1:AutoscaleResponse": { "description": "Auto scaling settings.", "properties": { "currentSlots": { "type": "string", "description": "The slot capacity added to this reservation when autoscale happens. Will be between [0, max_slots]." }, "maxSlots": { "type": "string", "description": "Number of slots to be scaled when needed." } }, "type": "object", "required": [ "currentSlots", "maxSlots" ] }, "google-native:bigqueryreservation/v1:CapacityCommitmentEdition": { "description": "Edition of the capacity commitment.", "type": "string", "enum": [ { "name": "EditionUnspecified", "description": "Default value, which will be treated as ENTERPRISE.", "value": "EDITION_UNSPECIFIED" }, { "name": "Standard", "description": "Standard edition.", "value": "STANDARD" }, { "name": "Enterprise", "description": "Enterprise edition.", "value": "ENTERPRISE" }, { "name": "EnterprisePlus", "description": "Enterprise plus edition.", "value": "ENTERPRISE_PLUS" } ] }, "google-native:bigqueryreservation/v1:CapacityCommitmentPlan": { "description": "Capacity commitment commitment plan.", "type": "string", "enum": [ { "name": "CommitmentPlanUnspecified", "description": "Invalid plan value. Requests with this value will be rejected with error code `google.rpc.Code.INVALID_ARGUMENT`.", "value": "COMMITMENT_PLAN_UNSPECIFIED" }, { "name": "Flex", "description": "Flex commitments have committed period of 1 minute after becoming ACTIVE. After that, they are not in a committed period anymore and can be removed any time.", "value": "FLEX" }, { "name": "FlexFlatRate", "description": "Same as FLEX, should only be used if flat-rate commitments are still available.", "value": "FLEX_FLAT_RATE" }, { "name": "Trial", "description": "Trial commitments have a committed period of 182 days after becoming ACTIVE. After that, they are converted to a new commitment based on the `renewal_plan`. Default `renewal_plan` for Trial commitment is Flex so that it can be deleted right after committed period ends.", "value": "TRIAL" }, { "name": "Monthly", "description": "Monthly commitments have a committed period of 30 days after becoming ACTIVE. After that, they are not in a committed period anymore and can be removed any time.", "value": "MONTHLY" }, { "name": "MonthlyFlatRate", "description": "Same as MONTHLY, should only be used if flat-rate commitments are still available.", "value": "MONTHLY_FLAT_RATE" }, { "name": "Annual", "description": "Annual commitments have a committed period of 365 days after becoming ACTIVE. After that they are converted to a new commitment based on the renewal_plan.", "value": "ANNUAL" }, { "name": "AnnualFlatRate", "description": "Same as ANNUAL, should only be used if flat-rate commitments are still available.", "value": "ANNUAL_FLAT_RATE" }, { "name": "ThreeYear", "description": "3-year commitments have a committed period of 1095(3 * 365) days after becoming ACTIVE. After that they are converted to a new commitment based on the renewal_plan.", "value": "THREE_YEAR" }, { "name": "None", "description": "Should only be used for `renewal_plan` and is only meaningful if edition is specified to values other than EDITION_UNSPECIFIED. Otherwise CreateCapacityCommitmentRequest or UpdateCapacityCommitmentRequest will be rejected with error code `google.rpc.Code.INVALID_ARGUMENT`. If the renewal_plan is NONE, capacity commitment will be removed at the end of its commitment period.", "value": "NONE" } ] }, "google-native:bigqueryreservation/v1:CapacityCommitmentRenewalPlan": { "description": "The plan this capacity commitment is converted to after commitment_end_time passes. Once the plan is changed, committed period is extended according to commitment plan. Only applicable for ANNUAL and TRIAL commitments.", "type": "string", "enum": [ { "name": "CommitmentPlanUnspecified", "description": "Invalid plan value. Requests with this value will be rejected with error code `google.rpc.Code.INVALID_ARGUMENT`.", "value": "COMMITMENT_PLAN_UNSPECIFIED" }, { "name": "Flex", "description": "Flex commitments have committed period of 1 minute after becoming ACTIVE. After that, they are not in a committed period anymore and can be removed any time.", "value": "FLEX" }, { "name": "FlexFlatRate", "description": "Same as FLEX, should only be used if flat-rate commitments are still available.", "value": "FLEX_FLAT_RATE" }, { "name": "Trial", "description": "Trial commitments have a committed period of 182 days after becoming ACTIVE. After that, they are converted to a new commitment based on the `renewal_plan`. Default `renewal_plan` for Trial commitment is Flex so that it can be deleted right after committed period ends.", "value": "TRIAL" }, { "name": "Monthly", "description": "Monthly commitments have a committed period of 30 days after becoming ACTIVE. After that, they are not in a committed period anymore and can be removed any time.", "value": "MONTHLY" }, { "name": "MonthlyFlatRate", "description": "Same as MONTHLY, should only be used if flat-rate commitments are still available.", "value": "MONTHLY_FLAT_RATE" }, { "name": "Annual", "description": "Annual commitments have a committed period of 365 days after becoming ACTIVE. After that they are converted to a new commitment based on the renewal_plan.", "value": "ANNUAL" }, { "name": "AnnualFlatRate", "description": "Same as ANNUAL, should only be used if flat-rate commitments are still available.", "value": "ANNUAL_FLAT_RATE" }, { "name": "ThreeYear", "description": "3-year commitments have a committed period of 1095(3 * 365) days after becoming ACTIVE. After that they are converted to a new commitment based on the renewal_plan.", "value": "THREE_YEAR" }, { "name": "None", "description": "Should only be used for `renewal_plan` and is only meaningful if edition is specified to values other than EDITION_UNSPECIFIED. Otherwise CreateCapacityCommitmentRequest or UpdateCapacityCommitmentRequest will be rejected with error code `google.rpc.Code.INVALID_ARGUMENT`. If the renewal_plan is NONE, capacity commitment will be removed at the end of its commitment period.", "value": "NONE" } ] }, "google-native:bigqueryreservation/v1:ReservationEdition": { "description": "Edition of the reservation.", "type": "string", "enum": [ { "name": "EditionUnspecified", "description": "Default value, which will be treated as ENTERPRISE.", "value": "EDITION_UNSPECIFIED" }, { "name": "Standard", "description": "Standard edition.", "value": "STANDARD" }, { "name": "Enterprise", "description": "Enterprise edition.", "value": "ENTERPRISE" }, { "name": "EnterprisePlus", "description": "Enterprise plus edition.", "value": "ENTERPRISE_PLUS" } ] }, "google-native:bigqueryreservation/v1:StatusResponse": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object", "required": [ "code", "details", "message" ] }, "google-native:bigqueryreservation/v1beta1:CapacityCommitmentPlan": { "description": "Capacity commitment commitment plan.", "type": "string", "enum": [ { "name": "CommitmentPlanUnspecified", "description": "Invalid plan value. Requests with this value will be rejected with error code `google.rpc.Code.INVALID_ARGUMENT`.", "value": "COMMITMENT_PLAN_UNSPECIFIED" }, { "name": "Flex", "description": "Flex commitments have committed period of 1 minute after becoming ACTIVE. After that, they are not in a committed period anymore and can be removed any time.", "value": "FLEX" }, { "name": "Trial", "description": "Trial commitments have a committed period of 182 days after becoming ACTIVE. After that, they are converted to a new commitment based on the `renewal_plan`. Default `renewal_plan` for Trial commitment is Flex so that it can be deleted right after committed period ends.", "value": "TRIAL" }, { "name": "Monthly", "description": "Monthly commitments have a committed period of 30 days after becoming ACTIVE. After that, they are not in a committed period anymore and can be removed any time.", "value": "MONTHLY" }, { "name": "Annual", "description": "Annual commitments have a committed period of 365 days after becoming ACTIVE. After that they are converted to a new commitment based on the renewal_plan.", "value": "ANNUAL" } ] }, "google-native:bigqueryreservation/v1beta1:CapacityCommitmentRenewalPlan": { "description": "The plan this capacity commitment is converted to after commitment_end_time passes. Once the plan is changed, committed period is extended according to commitment plan. Only applicable for ANNUAL commitments.", "type": "string", "enum": [ { "name": "CommitmentPlanUnspecified", "description": "Invalid plan value. Requests with this value will be rejected with error code `google.rpc.Code.INVALID_ARGUMENT`.", "value": "COMMITMENT_PLAN_UNSPECIFIED" }, { "name": "Flex", "description": "Flex commitments have committed period of 1 minute after becoming ACTIVE. After that, they are not in a committed period anymore and can be removed any time.", "value": "FLEX" }, { "name": "Trial", "description": "Trial commitments have a committed period of 182 days after becoming ACTIVE. After that, they are converted to a new commitment based on the `renewal_plan`. Default `renewal_plan` for Trial commitment is Flex so that it can be deleted right after committed period ends.", "value": "TRIAL" }, { "name": "Monthly", "description": "Monthly commitments have a committed period of 30 days after becoming ACTIVE. After that, they are not in a committed period anymore and can be removed any time.", "value": "MONTHLY" }, { "name": "Annual", "description": "Annual commitments have a committed period of 365 days after becoming ACTIVE. After that they are converted to a new commitment based on the renewal_plan.", "value": "ANNUAL" } ] }, "google-native:bigqueryreservation/v1beta1:StatusResponse": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object", "required": [ "code", "details", "message" ] }, "google-native:bigtableadmin/v2:AppProfilePriority": { "description": "This field has been deprecated in favor of `standard_isolation.priority`. If you set this field, `standard_isolation.priority` will be set instead. The priority of requests sent using this app profile.", "type": "string", "enum": [ { "name": "PriorityUnspecified", "description": "Default value. Mapped to PRIORITY_HIGH (the legacy behavior) on creation.", "value": "PRIORITY_UNSPECIFIED" }, { "name": "PriorityLow", "value": "PRIORITY_LOW" }, { "name": "PriorityMedium", "value": "PRIORITY_MEDIUM" }, { "name": "PriorityHigh", "value": "PRIORITY_HIGH" } ] }, "google-native:bigtableadmin/v2:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:bigtableadmin%2Fv2:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:bigtableadmin/v2:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:bigtableadmin%2Fv2:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:bigtableadmin/v2:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:bigtableadmin%2Fv2:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:bigtableadmin/v2:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:bigtableadmin/v2:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:bigtableadmin/v2:AutoscalingLimits": { "description": "Limits for the number of nodes a Cluster can autoscale up/down to.", "properties": { "maxServeNodes": { "type": "integer", "description": "Maximum number of nodes to scale up to." }, "minServeNodes": { "type": "integer", "description": "Minimum number of nodes to scale down to." } }, "type": "object", "required": [ "maxServeNodes", "minServeNodes" ] }, "google-native:bigtableadmin/v2:AutoscalingLimitsResponse": { "description": "Limits for the number of nodes a Cluster can autoscale up/down to.", "properties": { "maxServeNodes": { "type": "integer", "description": "Maximum number of nodes to scale up to." }, "minServeNodes": { "type": "integer", "description": "Minimum number of nodes to scale down to." } }, "type": "object", "required": [ "maxServeNodes", "minServeNodes" ] }, "google-native:bigtableadmin/v2:AutoscalingTargets": { "description": "The Autoscaling targets for a Cluster. These determine the recommended nodes.", "properties": { "cpuUtilizationPercent": { "type": "integer", "description": "The cpu utilization that the Autoscaler should be trying to achieve. This number is on a scale from 0 (no utilization) to 100 (total utilization), and is limited between 10 and 80, otherwise it will return INVALID_ARGUMENT error." }, "storageUtilizationGibPerNode": { "type": "integer", "description": "The storage utilization that the Autoscaler should be trying to achieve. This number is limited between 2560 (2.5TiB) and 5120 (5TiB) for a SSD cluster and between 8192 (8TiB) and 16384 (16TiB) for an HDD cluster, otherwise it will return INVALID_ARGUMENT error. If this value is set to 0, it will be treated as if it were set to the default value: 2560 for SSD, 8192 for HDD." } }, "type": "object" }, "google-native:bigtableadmin/v2:AutoscalingTargetsResponse": { "description": "The Autoscaling targets for a Cluster. These determine the recommended nodes.", "properties": { "cpuUtilizationPercent": { "type": "integer", "description": "The cpu utilization that the Autoscaler should be trying to achieve. This number is on a scale from 0 (no utilization) to 100 (total utilization), and is limited between 10 and 80, otherwise it will return INVALID_ARGUMENT error." }, "storageUtilizationGibPerNode": { "type": "integer", "description": "The storage utilization that the Autoscaler should be trying to achieve. This number is limited between 2560 (2.5TiB) and 5120 (5TiB) for a SSD cluster and between 8192 (8TiB) and 16384 (16TiB) for an HDD cluster, otherwise it will return INVALID_ARGUMENT error. If this value is set to 0, it will be treated as if it were set to the default value: 2560 for SSD, 8192 for HDD." } }, "type": "object", "required": [ "cpuUtilizationPercent", "storageUtilizationGibPerNode" ] }, "google-native:bigtableadmin/v2:BackupInfoResponse": { "description": "Information about a backup.", "properties": { "backup": { "type": "string", "description": "Name of the backup." }, "endTime": { "type": "string", "description": "This time that the backup was finished. Row data in the backup will be no newer than this timestamp." }, "sourceBackup": { "type": "string", "description": "Name of the backup from which this backup was copied. If a backup is not created by copying a backup, this field will be empty. Values are of the form: projects//instances//backups/." }, "sourceTable": { "type": "string", "description": "Name of the table the backup was created from." }, "startTime": { "type": "string", "description": "The time that the backup was started. Row data in the backup will be no older than this timestamp." } }, "type": "object", "required": [ "backup", "endTime", "sourceBackup", "sourceTable", "startTime" ] }, "google-native:bigtableadmin/v2:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:bigtableadmin%2Fv2:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:bigtableadmin/v2:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:bigtableadmin%2Fv2:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:bigtableadmin/v2:ChangeStreamConfig": { "description": "Change stream configuration.", "properties": { "retentionPeriod": { "type": "string", "description": "How long the change stream should be retained. Change stream data older than the retention period will not be returned when reading the change stream from the table. Values must be at least 1 day and at most 7 days, and will be truncated to microsecond granularity." } }, "type": "object" }, "google-native:bigtableadmin/v2:ChangeStreamConfigResponse": { "description": "Change stream configuration.", "properties": { "retentionPeriod": { "type": "string", "description": "How long the change stream should be retained. Change stream data older than the retention period will not be returned when reading the change stream from the table. Values must be at least 1 day and at most 7 days, and will be truncated to microsecond granularity." } }, "type": "object", "required": [ "retentionPeriod" ] }, "google-native:bigtableadmin/v2:ClusterAutoscalingConfig": { "description": "Autoscaling config for a cluster.", "properties": { "autoscalingLimits": { "$ref": "#/types/google-native:bigtableadmin%2Fv2:AutoscalingLimits", "description": "Autoscaling limits for this cluster." }, "autoscalingTargets": { "$ref": "#/types/google-native:bigtableadmin%2Fv2:AutoscalingTargets", "description": "Autoscaling targets for this cluster." } }, "type": "object", "required": [ "autoscalingLimits", "autoscalingTargets" ] }, "google-native:bigtableadmin/v2:ClusterAutoscalingConfigResponse": { "description": "Autoscaling config for a cluster.", "properties": { "autoscalingLimits": { "$ref": "#/types/google-native:bigtableadmin%2Fv2:AutoscalingLimitsResponse", "description": "Autoscaling limits for this cluster." }, "autoscalingTargets": { "$ref": "#/types/google-native:bigtableadmin%2Fv2:AutoscalingTargetsResponse", "description": "Autoscaling targets for this cluster." } }, "type": "object", "required": [ "autoscalingLimits", "autoscalingTargets" ] }, "google-native:bigtableadmin/v2:ClusterConfig": { "description": "Configuration for a cluster.", "properties": { "clusterAutoscalingConfig": { "$ref": "#/types/google-native:bigtableadmin%2Fv2:ClusterAutoscalingConfig", "description": "Autoscaling configuration for this cluster." } }, "type": "object" }, "google-native:bigtableadmin/v2:ClusterConfigResponse": { "description": "Configuration for a cluster.", "properties": { "clusterAutoscalingConfig": { "$ref": "#/types/google-native:bigtableadmin%2Fv2:ClusterAutoscalingConfigResponse", "description": "Autoscaling configuration for this cluster." } }, "type": "object", "required": [ "clusterAutoscalingConfig" ] }, "google-native:bigtableadmin/v2:ClusterDefaultStorageType": { "description": "Immutable. The type of storage used by this cluster to serve its parent instance's tables, unless explicitly overridden.", "type": "string", "enum": [ { "name": "StorageTypeUnspecified", "description": "The user did not specify a storage type.", "value": "STORAGE_TYPE_UNSPECIFIED" }, { "name": "Ssd", "description": "Flash (SSD) storage should be used.", "value": "SSD" }, { "name": "Hdd", "description": "Magnetic drive (HDD) storage should be used.", "value": "HDD" } ] }, "google-native:bigtableadmin/v2:EncryptionConfig": { "description": "Cloud Key Management Service (Cloud KMS) settings for a CMEK-protected cluster.", "properties": { "kmsKeyName": { "type": "string", "description": "Describes the Cloud KMS encryption key that will be used to protect the destination Bigtable cluster. The requirements for this key are: 1) The Cloud Bigtable service account associated with the project that contains this cluster must be granted the `cloudkms.cryptoKeyEncrypterDecrypter` role on the CMEK key. 2) Only regional keys can be used and the region of the CMEK key must match the region of the cluster. Values are of the form `projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{key}`" } }, "type": "object" }, "google-native:bigtableadmin/v2:EncryptionConfigResponse": { "description": "Cloud Key Management Service (Cloud KMS) settings for a CMEK-protected cluster.", "properties": { "kmsKeyName": { "type": "string", "description": "Describes the Cloud KMS encryption key that will be used to protect the destination Bigtable cluster. The requirements for this key are: 1) The Cloud Bigtable service account associated with the project that contains this cluster must be granted the `cloudkms.cryptoKeyEncrypterDecrypter` role on the CMEK key. 2) Only regional keys can be used and the region of the CMEK key must match the region of the cluster. Values are of the form `projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{key}`" } }, "type": "object", "required": [ "kmsKeyName" ] }, "google-native:bigtableadmin/v2:EncryptionInfoResponse": { "description": "Encryption information for a given resource. If this resource is protected with customer managed encryption, the in-use Cloud Key Management Service (Cloud KMS) key version is specified along with its status.", "properties": { "encryptionStatus": { "$ref": "#/types/google-native:bigtableadmin%2Fv2:StatusResponse", "description": "The status of encrypt/decrypt calls on underlying data for this resource. Regardless of status, the existing data is always encrypted at rest." }, "encryptionType": { "type": "string", "description": "The type of encryption used to protect this resource." }, "kmsKeyVersion": { "type": "string", "description": "The version of the Cloud KMS key specified in the parent cluster that is in use for the data underlying this table." } }, "type": "object", "required": [ "encryptionStatus", "encryptionType", "kmsKeyVersion" ] }, "google-native:bigtableadmin/v2:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:bigtableadmin/v2:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:bigtableadmin/v2:InstanceType": { "description": "The type of the instance. Defaults to `PRODUCTION`.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "The type of the instance is unspecified. If set when creating an instance, a `PRODUCTION` instance will be created. If set when updating an instance, the type will be left unchanged.", "value": "TYPE_UNSPECIFIED" }, { "name": "Production", "description": "An instance meant for production use. `serve_nodes` must be set on the cluster.", "value": "PRODUCTION" }, { "name": "Development", "description": "DEPRECATED: Prefer PRODUCTION for all use cases, as it no longer enforces a higher minimum node count than DEVELOPMENT.", "value": "DEVELOPMENT" } ] }, "google-native:bigtableadmin/v2:MultiClusterRoutingUseAny": { "description": "Read/write requests are routed to the nearest cluster in the instance, and will fail over to the nearest cluster that is available in the event of transient errors or delays. Clusters in a region are considered equidistant. Choosing this option sacrifices read-your-writes consistency to improve availability.", "properties": { "clusterIds": { "type": "array", "items": { "type": "string" }, "description": "The set of clusters to route to. The order is ignored; clusters will be tried in order of distance. If left empty, all clusters are eligible." } }, "type": "object" }, "google-native:bigtableadmin/v2:MultiClusterRoutingUseAnyResponse": { "description": "Read/write requests are routed to the nearest cluster in the instance, and will fail over to the nearest cluster that is available in the event of transient errors or delays. Clusters in a region are considered equidistant. Choosing this option sacrifices read-your-writes consistency to improve availability.", "properties": { "clusterIds": { "type": "array", "items": { "type": "string" }, "description": "The set of clusters to route to. The order is ignored; clusters will be tried in order of distance. If left empty, all clusters are eligible." } }, "type": "object", "required": [ "clusterIds" ] }, "google-native:bigtableadmin/v2:RestoreInfoResponse": { "description": "Information about a table restore.", "properties": { "backupInfo": { "$ref": "#/types/google-native:bigtableadmin%2Fv2:BackupInfoResponse", "description": "Information about the backup used to restore the table. The backup may no longer exist." }, "sourceType": { "type": "string", "description": "The type of the restore source." } }, "type": "object", "required": [ "backupInfo", "sourceType" ] }, "google-native:bigtableadmin/v2:SingleClusterRouting": { "description": "Unconditionally routes all read/write requests to a specific cluster. This option preserves read-your-writes consistency but does not improve availability.", "properties": { "allowTransactionalWrites": { "type": "boolean", "description": "Whether or not `CheckAndMutateRow` and `ReadModifyWriteRow` requests are allowed by this app profile. It is unsafe to send these requests to the same table/row/column in multiple clusters." }, "clusterId": { "type": "string", "description": "The cluster to which read/write requests should be routed." } }, "type": "object" }, "google-native:bigtableadmin/v2:SingleClusterRoutingResponse": { "description": "Unconditionally routes all read/write requests to a specific cluster. This option preserves read-your-writes consistency but does not improve availability.", "properties": { "allowTransactionalWrites": { "type": "boolean", "description": "Whether or not `CheckAndMutateRow` and `ReadModifyWriteRow` requests are allowed by this app profile. It is unsafe to send these requests to the same table/row/column in multiple clusters." }, "clusterId": { "type": "string", "description": "The cluster to which read/write requests should be routed." } }, "type": "object", "required": [ "allowTransactionalWrites", "clusterId" ] }, "google-native:bigtableadmin/v2:Split": { "description": "An initial split point for a newly created table.", "properties": { "key": { "type": "string", "description": "Row key to use as an initial tablet boundary." } }, "type": "object" }, "google-native:bigtableadmin/v2:StandardIsolation": { "description": "Standard options for isolating this app profile's traffic from other use cases.", "properties": { "priority": { "$ref": "#/types/google-native:bigtableadmin%2Fv2:StandardIsolationPriority", "description": "The priority of requests sent using this app profile." } }, "type": "object" }, "google-native:bigtableadmin/v2:StandardIsolationPriority": { "description": "The priority of requests sent using this app profile.", "type": "string", "enum": [ { "name": "PriorityUnspecified", "description": "Default value. Mapped to PRIORITY_HIGH (the legacy behavior) on creation.", "value": "PRIORITY_UNSPECIFIED" }, { "name": "PriorityLow", "value": "PRIORITY_LOW" }, { "name": "PriorityMedium", "value": "PRIORITY_MEDIUM" }, { "name": "PriorityHigh", "value": "PRIORITY_HIGH" } ] }, "google-native:bigtableadmin/v2:StandardIsolationResponse": { "description": "Standard options for isolating this app profile's traffic from other use cases.", "properties": { "priority": { "type": "string", "description": "The priority of requests sent using this app profile." } }, "type": "object", "required": [ "priority" ] }, "google-native:bigtableadmin/v2:StatusResponse": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object", "required": [ "code", "details", "message" ] }, "google-native:bigtableadmin/v2:TableGranularity": { "description": "Immutable. The granularity (i.e. `MILLIS`) at which timestamps are stored in this table. Timestamps not matching the granularity will be rejected. If unspecified at creation time, the value will be set to `MILLIS`. Views: `SCHEMA_VIEW`, `FULL`.", "type": "string", "enum": [ { "name": "TimestampGranularityUnspecified", "description": "The user did not specify a granularity. Should not be returned. When specified during table creation, MILLIS will be used.", "value": "TIMESTAMP_GRANULARITY_UNSPECIFIED" }, { "name": "Millis", "description": "The table keeps data versioned at a granularity of 1ms.", "value": "MILLIS" } ] }, "google-native:bigtableadmin/v2:TableStatsResponse": { "description": "Approximate statistics related to a table. These statistics are calculated infrequently, while simultaneously, data in the table can change rapidly. Thus the values reported here (e.g. row count) are very likely out-of date, even the instant they are received in this API. Thus, only treat these values as approximate. IMPORTANT: Everything below is approximate, unless otherwise specified.", "properties": { "averageCellsPerColumn": { "type": "number", "description": "How many cells are present per column (column family, column qualifier) combinations, averaged over all columns in all rows in the table. e.g. A table with 2 rows: * A row with 3 cells in \"family:col\" and 1 cell in \"other:col\" (4 cells / 2 columns) * A row with 1 cell in \"family:col\", 7 cells in \"family:other_col\", and 7 cells in \"other:data\" (15 cells / 3 columns) would report (4 + 15)/(2 + 3) = 3.8 in this field." }, "averageColumnsPerRow": { "type": "number", "description": "How many (column family, column qualifier) combinations are present per row in the table, averaged over all rows in the table. e.g. A table with 2 rows: * A row with cells in \"family:col\" and \"other:col\" (2 distinct columns) * A row with cells in \"family:col\", \"family:other_col\", and \"other:data\" (3 distinct columns) would report (2 + 3)/2 = 2.5 in this field." }, "logicalDataBytes": { "type": "string", "description": "This is roughly how many bytes would be needed to read the entire table (e.g. by streaming all contents out)." }, "rowCount": { "type": "string", "description": "How many rows are in the table." } }, "type": "object", "required": [ "averageCellsPerColumn", "averageColumnsPerRow", "logicalDataBytes", "rowCount" ] }, "google-native:billingbudgets/v1:BudgetOwnershipScope": { "type": "string", "enum": [ { "name": "OwnershipScopeUnspecified", "description": "Unspecified ownership scope, same as ALL_USERS.", "value": "OWNERSHIP_SCOPE_UNSPECIFIED" }, { "name": "AllUsers", "description": "Both billing account-level users and project-level users have full access to the budget, if the users have the required IAM permissions.", "value": "ALL_USERS" }, { "name": "BillingAccount", "description": "Only billing account-level users have full access to the budget. Project-level users have read-only access, even if they have the required IAM permissions.", "value": "BILLING_ACCOUNT" } ] }, "google-native:billingbudgets/v1:GoogleCloudBillingBudgetsV1BudgetAmount": { "description": "The budgeted amount for each usage period.", "properties": { "lastPeriodAmount": { "$ref": "#/types/google-native:billingbudgets%2Fv1:GoogleCloudBillingBudgetsV1LastPeriodAmount", "description": "Use the last period's actual spend as the budget for the present period. LastPeriodAmount can only be set when the budget's time period is a Filter.calendar_period. It cannot be set in combination with Filter.custom_period." }, "specifiedAmount": { "$ref": "#/types/google-native:billingbudgets%2Fv1:GoogleTypeMoney", "description": "A specified amount to use as the budget. `currency_code` is optional. If specified when creating a budget, it must match the currency of the billing account. If specified when updating a budget, it must match the currency_code of the existing budget. The `currency_code` is provided on output." } }, "type": "object" }, "google-native:billingbudgets/v1:GoogleCloudBillingBudgetsV1BudgetAmountResponse": { "description": "The budgeted amount for each usage period.", "properties": { "lastPeriodAmount": { "$ref": "#/types/google-native:billingbudgets%2Fv1:GoogleCloudBillingBudgetsV1LastPeriodAmountResponse", "description": "Use the last period's actual spend as the budget for the present period. LastPeriodAmount can only be set when the budget's time period is a Filter.calendar_period. It cannot be set in combination with Filter.custom_period." }, "specifiedAmount": { "$ref": "#/types/google-native:billingbudgets%2Fv1:GoogleTypeMoneyResponse", "description": "A specified amount to use as the budget. `currency_code` is optional. If specified when creating a budget, it must match the currency of the billing account. If specified when updating a budget, it must match the currency_code of the existing budget. The `currency_code` is provided on output." } }, "type": "object", "required": [ "lastPeriodAmount", "specifiedAmount" ] }, "google-native:billingbudgets/v1:GoogleCloudBillingBudgetsV1CustomPeriod": { "description": "All date times begin at 12 AM US and Canadian Pacific Time (UTC-8).", "properties": { "endDate": { "$ref": "#/types/google-native:billingbudgets%2Fv1:GoogleTypeDate", "description": "Optional. The end date of the time period. Budgets with elapsed end date won't be processed. If unset, specifies to track all usage incurred since the start_date." }, "startDate": { "$ref": "#/types/google-native:billingbudgets%2Fv1:GoogleTypeDate", "description": "The start date must be after January 1, 2017." } }, "type": "object", "required": [ "startDate" ] }, "google-native:billingbudgets/v1:GoogleCloudBillingBudgetsV1CustomPeriodResponse": { "description": "All date times begin at 12 AM US and Canadian Pacific Time (UTC-8).", "properties": { "endDate": { "$ref": "#/types/google-native:billingbudgets%2Fv1:GoogleTypeDateResponse", "description": "Optional. The end date of the time period. Budgets with elapsed end date won't be processed. If unset, specifies to track all usage incurred since the start_date." }, "startDate": { "$ref": "#/types/google-native:billingbudgets%2Fv1:GoogleTypeDateResponse", "description": "The start date must be after January 1, 2017." } }, "type": "object", "required": [ "endDate", "startDate" ] }, "google-native:billingbudgets/v1:GoogleCloudBillingBudgetsV1Filter": { "description": "A filter for a budget, limiting the scope of the cost to calculate.", "properties": { "calendarPeriod": { "$ref": "#/types/google-native:billingbudgets%2Fv1:GoogleCloudBillingBudgetsV1FilterCalendarPeriod", "description": "Optional. Specifies to track usage for recurring calendar period. For example, assume that CalendarPeriod.QUARTER is set. The budget tracks usage from April 1 to June 30, when the current calendar month is April, May, June. After that, it tracks usage from July 1 to September 30 when the current calendar month is July, August, September, so on." }, "creditTypes": { "type": "array", "items": { "type": "string" }, "description": "Optional. If Filter.credit_types_treatment is INCLUDE_SPECIFIED_CREDITS, this is a list of credit types to be subtracted from gross cost to determine the spend for threshold calculations. See [a list of acceptable credit type values](https://cloud.google.com/billing/docs/how-to/export-data-bigquery-tables#credits-type). If Filter.credit_types_treatment is **not** INCLUDE_SPECIFIED_CREDITS, this field must be empty." }, "creditTypesTreatment": { "$ref": "#/types/google-native:billingbudgets%2Fv1:GoogleCloudBillingBudgetsV1FilterCreditTypesTreatment", "description": "Optional. If not set, default behavior is `INCLUDE_ALL_CREDITS`." }, "customPeriod": { "$ref": "#/types/google-native:billingbudgets%2Fv1:GoogleCloudBillingBudgetsV1CustomPeriod", "description": "Optional. Specifies to track usage from any start date (required) to any end date (optional). This time period is static, it does not recur." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A single label and value pair specifying that usage from only this set of labeled resources should be included in the budget. If omitted, the report includes all labeled and unlabeled usage. An object containing a single `\"key\": value` pair. Example: `{ \"name\": \"wrench\" }`. _Currently, multiple entries or multiple values per entry are not allowed._" }, "projects": { "type": "array", "items": { "type": "string" }, "description": "Optional. A set of projects of the form `projects/{project}`, specifying that usage from only this set of projects should be included in the budget. If omitted, the report includes all usage for the billing account, regardless of which project the usage occurred on." }, "resourceAncestors": { "type": "array", "items": { "type": "string" }, "description": "Optional. A set of folder and organization names of the form `folders/{folderId}` or `organizations/{organizationId}`, specifying that usage from only this set of folders and organizations should be included in the budget. If omitted, the budget includes all usage that the billing account pays for. If the folder or organization contains projects that are paid for by a different Cloud Billing account, the budget *doesn't* apply to those projects." }, "services": { "type": "array", "items": { "type": "string" }, "description": "Optional. A set of services of the form `services/{service_id}`, specifying that usage from only this set of services should be included in the budget. If omitted, the report includes usage for all the services. The service names are available through the Catalog API: https://cloud.google.com/billing/v1/how-tos/catalog-api." }, "subaccounts": { "type": "array", "items": { "type": "string" }, "description": "Optional. A set of subaccounts of the form `billingAccounts/{account_id}`, specifying that usage from only this set of subaccounts should be included in the budget. If a subaccount is set to the name of the parent account, usage from the parent account is included. If the field is omitted, the report includes usage from the parent account and all subaccounts, if they exist." } }, "type": "object" }, "google-native:billingbudgets/v1:GoogleCloudBillingBudgetsV1FilterCalendarPeriod": { "description": "Optional. Specifies to track usage for recurring calendar period. For example, assume that CalendarPeriod.QUARTER is set. The budget tracks usage from April 1 to June 30, when the current calendar month is April, May, June. After that, it tracks usage from July 1 to September 30 when the current calendar month is July, August, September, so on.", "type": "string", "enum": [ { "name": "CalendarPeriodUnspecified", "description": "Calendar period is unset. This is the default if the budget is for a custom time period (CustomPeriod).", "value": "CALENDAR_PERIOD_UNSPECIFIED" }, { "name": "Month", "description": "A month. Month starts on the first day of each month, such as January 1, February 1, March 1, and so on.", "value": "MONTH" }, { "name": "Quarter", "description": "A quarter. Quarters start on dates January 1, April 1, July 1, and October 1 of each year.", "value": "QUARTER" }, { "name": "Year", "description": "A year. Year starts on January 1.", "value": "YEAR" } ] }, "google-native:billingbudgets/v1:GoogleCloudBillingBudgetsV1FilterCreditTypesTreatment": { "description": "Optional. If not set, default behavior is `INCLUDE_ALL_CREDITS`.", "type": "string", "enum": [ { "name": "CreditTypesTreatmentUnspecified", "value": "CREDIT_TYPES_TREATMENT_UNSPECIFIED" }, { "name": "IncludeAllCredits", "description": "All types of credit are subtracted from the gross cost to determine the spend for threshold calculations.", "value": "INCLUDE_ALL_CREDITS" }, { "name": "ExcludeAllCredits", "description": "All types of credit are added to the net cost to determine the spend for threshold calculations.", "value": "EXCLUDE_ALL_CREDITS" }, { "name": "IncludeSpecifiedCredits", "description": "[Credit types](https://cloud.google.com/billing/docs/how-to/export-data-bigquery-tables#credits-type) specified in the credit_types field are subtracted from the gross cost to determine the spend for threshold calculations.", "value": "INCLUDE_SPECIFIED_CREDITS" } ] }, "google-native:billingbudgets/v1:GoogleCloudBillingBudgetsV1FilterResponse": { "description": "A filter for a budget, limiting the scope of the cost to calculate.", "properties": { "calendarPeriod": { "type": "string", "description": "Optional. Specifies to track usage for recurring calendar period. For example, assume that CalendarPeriod.QUARTER is set. The budget tracks usage from April 1 to June 30, when the current calendar month is April, May, June. After that, it tracks usage from July 1 to September 30 when the current calendar month is July, August, September, so on." }, "creditTypes": { "type": "array", "items": { "type": "string" }, "description": "Optional. If Filter.credit_types_treatment is INCLUDE_SPECIFIED_CREDITS, this is a list of credit types to be subtracted from gross cost to determine the spend for threshold calculations. See [a list of acceptable credit type values](https://cloud.google.com/billing/docs/how-to/export-data-bigquery-tables#credits-type). If Filter.credit_types_treatment is **not** INCLUDE_SPECIFIED_CREDITS, this field must be empty." }, "creditTypesTreatment": { "type": "string", "description": "Optional. If not set, default behavior is `INCLUDE_ALL_CREDITS`." }, "customPeriod": { "$ref": "#/types/google-native:billingbudgets%2Fv1:GoogleCloudBillingBudgetsV1CustomPeriodResponse", "description": "Optional. Specifies to track usage from any start date (required) to any end date (optional). This time period is static, it does not recur." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A single label and value pair specifying that usage from only this set of labeled resources should be included in the budget. If omitted, the report includes all labeled and unlabeled usage. An object containing a single `\"key\": value` pair. Example: `{ \"name\": \"wrench\" }`. _Currently, multiple entries or multiple values per entry are not allowed._" }, "projects": { "type": "array", "items": { "type": "string" }, "description": "Optional. A set of projects of the form `projects/{project}`, specifying that usage from only this set of projects should be included in the budget. If omitted, the report includes all usage for the billing account, regardless of which project the usage occurred on." }, "resourceAncestors": { "type": "array", "items": { "type": "string" }, "description": "Optional. A set of folder and organization names of the form `folders/{folderId}` or `organizations/{organizationId}`, specifying that usage from only this set of folders and organizations should be included in the budget. If omitted, the budget includes all usage that the billing account pays for. If the folder or organization contains projects that are paid for by a different Cloud Billing account, the budget *doesn't* apply to those projects." }, "services": { "type": "array", "items": { "type": "string" }, "description": "Optional. A set of services of the form `services/{service_id}`, specifying that usage from only this set of services should be included in the budget. If omitted, the report includes usage for all the services. The service names are available through the Catalog API: https://cloud.google.com/billing/v1/how-tos/catalog-api." }, "subaccounts": { "type": "array", "items": { "type": "string" }, "description": "Optional. A set of subaccounts of the form `billingAccounts/{account_id}`, specifying that usage from only this set of subaccounts should be included in the budget. If a subaccount is set to the name of the parent account, usage from the parent account is included. If the field is omitted, the report includes usage from the parent account and all subaccounts, if they exist." } }, "type": "object", "required": [ "calendarPeriod", "creditTypes", "creditTypesTreatment", "customPeriod", "labels", "projects", "resourceAncestors", "services", "subaccounts" ] }, "google-native:billingbudgets/v1:GoogleCloudBillingBudgetsV1LastPeriodAmount": { "description": "Describes a budget amount targeted to the last Filter.calendar_period spend. At this time, the amount is automatically 100% of the last calendar period's spend; that is, there are no other options yet. LastPeriodAmount cannot be set for a budget configured with a Filter.custom_period.", "type": "object" }, "google-native:billingbudgets/v1:GoogleCloudBillingBudgetsV1LastPeriodAmountResponse": { "description": "Describes a budget amount targeted to the last Filter.calendar_period spend. At this time, the amount is automatically 100% of the last calendar period's spend; that is, there are no other options yet. LastPeriodAmount cannot be set for a budget configured with a Filter.custom_period.", "type": "object" }, "google-native:billingbudgets/v1:GoogleCloudBillingBudgetsV1NotificationsRule": { "description": "NotificationsRule defines notifications that are sent based on budget spend and thresholds.", "properties": { "disableDefaultIamRecipients": { "type": "boolean", "description": "Optional. When set to true, disables default notifications sent when a threshold is exceeded. Default notifications are sent to those with Billing Account Administrator and Billing Account User IAM roles for the target account." }, "enableProjectLevelRecipients": { "type": "boolean", "description": "Optional. When set to true, and when the budget has a single project configured, notifications will be sent to project level recipients of that project. This field will be ignored if the budget has multiple or no project configured. Currently, project level recipients are the users with `Owner` role on a cloud project." }, "monitoringNotificationChannels": { "type": "array", "items": { "type": "string" }, "description": "Optional. Email targets to send notifications to when a threshold is exceeded. This is in addition to the `DefaultIamRecipients` who receive alert emails based on their billing account IAM role. The value is the full REST resource name of a Cloud Monitoring email notification channel with the form `projects/{project_id}/notificationChannels/{channel_id}`. A maximum of 5 email notifications are allowed. To customize budget alert email recipients with monitoring notification channels, you _must create the monitoring notification channels before you link them to a budget_. For guidance on setting up notification channels to use with budgets, see [Customize budget alert email recipients](https://cloud.google.com/billing/docs/how-to/budgets-notification-recipients). For Cloud Billing budget alerts, you _must use email notification channels_. The other types of notification channels are _not_ supported, such as Slack, SMS, or PagerDuty. If you want to [send budget notifications to Slack](https://cloud.google.com/billing/docs/how-to/notify#send_notifications_to_slack), use a pubsubTopic and configure [programmatic notifications](https://cloud.google.com/billing/docs/how-to/budgets-programmatic-notifications)." }, "pubsubTopic": { "type": "string", "description": "Optional. The name of the Pub/Sub topic where budget-related messages are published, in the form `projects/{project_id}/topics/{topic_id}`. Updates are sent to the topic at regular intervals; the timing of the updates is not dependent on the [threshold rules](#thresholdrule) you've set. Note that if you want your [Pub/Sub JSON object](https://cloud.google.com/billing/docs/how-to/budgets-programmatic-notifications#notification_format) to contain data for `alertThresholdExceeded`, you need at least one [alert threshold rule](#thresholdrule). When you set threshold rules, you must also enable at least one of the email notification options, either using the default IAM recipients or Cloud Monitoring email notification channels. To use Pub/Sub topics with budgets, you must do the following: 1. Create the Pub/Sub topic before connecting it to your budget. For guidance, see [Manage programmatic budget alert notifications](https://cloud.google.com/billing/docs/how-to/budgets-programmatic-notifications). 2. Grant the API caller the `pubsub.topics.setIamPolicy` permission on the Pub/Sub topic. If not set, the API call fails with PERMISSION_DENIED. For additional details on Pub/Sub roles and permissions, see [Permissions required for this task](https://cloud.google.com/billing/docs/how-to/budgets-programmatic-notifications#permissions_required_for_this_task)." }, "schemaVersion": { "type": "string", "description": "Optional. Required when NotificationsRule.pubsub_topic is set. The schema version of the notification sent to NotificationsRule.pubsub_topic. Only \"1.0\" is accepted. It represents the JSON schema as defined in https://cloud.google.com/billing/docs/how-to/budgets-programmatic-notifications#notification_format." } }, "type": "object" }, "google-native:billingbudgets/v1:GoogleCloudBillingBudgetsV1NotificationsRuleResponse": { "description": "NotificationsRule defines notifications that are sent based on budget spend and thresholds.", "properties": { "disableDefaultIamRecipients": { "type": "boolean", "description": "Optional. When set to true, disables default notifications sent when a threshold is exceeded. Default notifications are sent to those with Billing Account Administrator and Billing Account User IAM roles for the target account." }, "enableProjectLevelRecipients": { "type": "boolean", "description": "Optional. When set to true, and when the budget has a single project configured, notifications will be sent to project level recipients of that project. This field will be ignored if the budget has multiple or no project configured. Currently, project level recipients are the users with `Owner` role on a cloud project." }, "monitoringNotificationChannels": { "type": "array", "items": { "type": "string" }, "description": "Optional. Email targets to send notifications to when a threshold is exceeded. This is in addition to the `DefaultIamRecipients` who receive alert emails based on their billing account IAM role. The value is the full REST resource name of a Cloud Monitoring email notification channel with the form `projects/{project_id}/notificationChannels/{channel_id}`. A maximum of 5 email notifications are allowed. To customize budget alert email recipients with monitoring notification channels, you _must create the monitoring notification channels before you link them to a budget_. For guidance on setting up notification channels to use with budgets, see [Customize budget alert email recipients](https://cloud.google.com/billing/docs/how-to/budgets-notification-recipients). For Cloud Billing budget alerts, you _must use email notification channels_. The other types of notification channels are _not_ supported, such as Slack, SMS, or PagerDuty. If you want to [send budget notifications to Slack](https://cloud.google.com/billing/docs/how-to/notify#send_notifications_to_slack), use a pubsubTopic and configure [programmatic notifications](https://cloud.google.com/billing/docs/how-to/budgets-programmatic-notifications)." }, "pubsubTopic": { "type": "string", "description": "Optional. The name of the Pub/Sub topic where budget-related messages are published, in the form `projects/{project_id}/topics/{topic_id}`. Updates are sent to the topic at regular intervals; the timing of the updates is not dependent on the [threshold rules](#thresholdrule) you've set. Note that if you want your [Pub/Sub JSON object](https://cloud.google.com/billing/docs/how-to/budgets-programmatic-notifications#notification_format) to contain data for `alertThresholdExceeded`, you need at least one [alert threshold rule](#thresholdrule). When you set threshold rules, you must also enable at least one of the email notification options, either using the default IAM recipients or Cloud Monitoring email notification channels. To use Pub/Sub topics with budgets, you must do the following: 1. Create the Pub/Sub topic before connecting it to your budget. For guidance, see [Manage programmatic budget alert notifications](https://cloud.google.com/billing/docs/how-to/budgets-programmatic-notifications). 2. Grant the API caller the `pubsub.topics.setIamPolicy` permission on the Pub/Sub topic. If not set, the API call fails with PERMISSION_DENIED. For additional details on Pub/Sub roles and permissions, see [Permissions required for this task](https://cloud.google.com/billing/docs/how-to/budgets-programmatic-notifications#permissions_required_for_this_task)." }, "schemaVersion": { "type": "string", "description": "Optional. Required when NotificationsRule.pubsub_topic is set. The schema version of the notification sent to NotificationsRule.pubsub_topic. Only \"1.0\" is accepted. It represents the JSON schema as defined in https://cloud.google.com/billing/docs/how-to/budgets-programmatic-notifications#notification_format." } }, "type": "object", "required": [ "disableDefaultIamRecipients", "enableProjectLevelRecipients", "monitoringNotificationChannels", "pubsubTopic", "schemaVersion" ] }, "google-native:billingbudgets/v1:GoogleCloudBillingBudgetsV1ThresholdRule": { "description": "ThresholdRule contains the definition of a threshold. Threshold rules define the triggering events used to generate a budget notification email. When a threshold is crossed (spend exceeds the specified percentages of the budget), budget alert emails are sent to the email recipients you specify in the [NotificationsRule](#notificationsrule). Threshold rules also affect the fields included in the [JSON data object](https://cloud.google.com/billing/docs/how-to/budgets-programmatic-notifications#notification_format) sent to a Pub/Sub topic. Threshold rules are _required_ if using email notifications. Threshold rules are _optional_ if only setting a [`pubsubTopic` NotificationsRule](#NotificationsRule), unless you want your JSON data object to include data about the thresholds you set. For more information, see [set budget threshold rules and actions](https://cloud.google.com/billing/docs/how-to/budgets#budget-actions).", "properties": { "spendBasis": { "$ref": "#/types/google-native:billingbudgets%2Fv1:GoogleCloudBillingBudgetsV1ThresholdRuleSpendBasis", "description": "Optional. The type of basis used to determine if spend has passed the threshold. Behavior defaults to CURRENT_SPEND if not set." }, "thresholdPercent": { "type": "number", "description": "Send an alert when this threshold is exceeded. This is a 1.0-based percentage, so 0.5 = 50%. Validation: non-negative number." } }, "type": "object", "required": [ "thresholdPercent" ] }, "google-native:billingbudgets/v1:GoogleCloudBillingBudgetsV1ThresholdRuleResponse": { "description": "ThresholdRule contains the definition of a threshold. Threshold rules define the triggering events used to generate a budget notification email. When a threshold is crossed (spend exceeds the specified percentages of the budget), budget alert emails are sent to the email recipients you specify in the [NotificationsRule](#notificationsrule). Threshold rules also affect the fields included in the [JSON data object](https://cloud.google.com/billing/docs/how-to/budgets-programmatic-notifications#notification_format) sent to a Pub/Sub topic. Threshold rules are _required_ if using email notifications. Threshold rules are _optional_ if only setting a [`pubsubTopic` NotificationsRule](#NotificationsRule), unless you want your JSON data object to include data about the thresholds you set. For more information, see [set budget threshold rules and actions](https://cloud.google.com/billing/docs/how-to/budgets#budget-actions).", "properties": { "spendBasis": { "type": "string", "description": "Optional. The type of basis used to determine if spend has passed the threshold. Behavior defaults to CURRENT_SPEND if not set." }, "thresholdPercent": { "type": "number", "description": "Send an alert when this threshold is exceeded. This is a 1.0-based percentage, so 0.5 = 50%. Validation: non-negative number." } }, "type": "object", "required": [ "spendBasis", "thresholdPercent" ] }, "google-native:billingbudgets/v1:GoogleCloudBillingBudgetsV1ThresholdRuleSpendBasis": { "description": "Optional. The type of basis used to determine if spend has passed the threshold. Behavior defaults to CURRENT_SPEND if not set.", "type": "string", "enum": [ { "name": "BasisUnspecified", "description": "Unspecified threshold basis.", "value": "BASIS_UNSPECIFIED" }, { "name": "CurrentSpend", "description": "Use current spend as the basis for comparison against the threshold.", "value": "CURRENT_SPEND" }, { "name": "ForecastedSpend", "description": "Use forecasted spend for the period as the basis for comparison against the threshold. FORECASTED_SPEND can only be set when the budget's time period is a Filter.calendar_period. It cannot be set in combination with Filter.custom_period.", "value": "FORECASTED_SPEND" } ] }, "google-native:billingbudgets/v1:GoogleTypeDate": { "description": "Represents a whole or partial calendar date, such as a birthday. The time of day and time zone are either specified elsewhere or are insignificant. The date is relative to the Gregorian Calendar. This can represent one of the following: * A full date, with non-zero year, month, and day values. * A month and day, with a zero year (for example, an anniversary). * A year on its own, with a zero month and a zero day. * A year and month, with a zero day (for example, a credit card expiration date). Related types: * google.type.TimeOfDay * google.type.DateTime * google.protobuf.Timestamp", "properties": { "day": { "type": "integer", "description": "Day of a month. Must be from 1 to 31 and valid for the year and month, or 0 to specify a year by itself or a year and month where the day isn't significant." }, "month": { "type": "integer", "description": "Month of a year. Must be from 1 to 12, or 0 to specify a year without a month and day." }, "year": { "type": "integer", "description": "Year of the date. Must be from 1 to 9999, or 0 to specify a date without a year." } }, "type": "object" }, "google-native:billingbudgets/v1:GoogleTypeDateResponse": { "description": "Represents a whole or partial calendar date, such as a birthday. The time of day and time zone are either specified elsewhere or are insignificant. The date is relative to the Gregorian Calendar. This can represent one of the following: * A full date, with non-zero year, month, and day values. * A month and day, with a zero year (for example, an anniversary). * A year on its own, with a zero month and a zero day. * A year and month, with a zero day (for example, a credit card expiration date). Related types: * google.type.TimeOfDay * google.type.DateTime * google.protobuf.Timestamp", "properties": { "day": { "type": "integer", "description": "Day of a month. Must be from 1 to 31 and valid for the year and month, or 0 to specify a year by itself or a year and month where the day isn't significant." }, "month": { "type": "integer", "description": "Month of a year. Must be from 1 to 12, or 0 to specify a year without a month and day." }, "year": { "type": "integer", "description": "Year of the date. Must be from 1 to 9999, or 0 to specify a date without a year." } }, "type": "object", "required": [ "day", "month", "year" ] }, "google-native:billingbudgets/v1:GoogleTypeMoney": { "description": "Represents an amount of money with its currency type.", "properties": { "currencyCode": { "type": "string", "description": "The three-letter currency code defined in ISO 4217." }, "nanos": { "type": "integer", "description": "Number of nano (10^-9) units of the amount. The value must be between -999,999,999 and +999,999,999 inclusive. If `units` is positive, `nanos` must be positive or zero. If `units` is zero, `nanos` can be positive, zero, or negative. If `units` is negative, `nanos` must be negative or zero. For example $-1.75 is represented as `units`=-1 and `nanos`=-750,000,000." }, "units": { "type": "string", "description": "The whole units of the amount. For example if `currencyCode` is `\"USD\"`, then 1 unit is one US dollar." } }, "type": "object" }, "google-native:billingbudgets/v1:GoogleTypeMoneyResponse": { "description": "Represents an amount of money with its currency type.", "properties": { "currencyCode": { "type": "string", "description": "The three-letter currency code defined in ISO 4217." }, "nanos": { "type": "integer", "description": "Number of nano (10^-9) units of the amount. The value must be between -999,999,999 and +999,999,999 inclusive. If `units` is positive, `nanos` must be positive or zero. If `units` is zero, `nanos` can be positive, zero, or negative. If `units` is negative, `nanos` must be negative or zero. For example $-1.75 is represented as `units`=-1 and `nanos`=-750,000,000." }, "units": { "type": "string", "description": "The whole units of the amount. For example if `currencyCode` is `\"USD\"`, then 1 unit is one US dollar." } }, "type": "object", "required": [ "currencyCode", "nanos", "units" ] }, "google-native:billingbudgets/v1beta1:BudgetOwnershipScope": { "type": "string", "enum": [ { "name": "OwnershipScopeUnspecified", "description": "Unspecified ownership scope, same as ALL_USERS.", "value": "OWNERSHIP_SCOPE_UNSPECIFIED" }, { "name": "AllUsers", "description": "The Budget is fully accessible to both billing account users and resource users, provided that they have the required IAM permissions.", "value": "ALL_USERS" }, { "name": "BillingAccount", "description": "Only billing account users have full access to the `Budget`, resource-level users have read-only access, provided that they have the required IAM permissions.", "value": "BILLING_ACCOUNT" } ] }, "google-native:billingbudgets/v1beta1:GoogleCloudBillingBudgetsV1beta1AllUpdatesRule": { "description": "AllUpdatesRule defines notifications that are sent based on budget spend and thresholds.", "properties": { "disableDefaultIamRecipients": { "type": "boolean", "description": "Optional. When set to true, disables default notifications sent when a threshold is exceeded. Default notifications are sent to those with Billing Account Administrator and Billing Account User IAM roles for the target account." }, "enableProjectLevelRecipients": { "type": "boolean", "description": "Optional. When set to true, and when the budget has a single project configured, notifications will be sent to project level recipients of that project. This field will be ignored if the budget has multiple or no project configured. Currently, project level recipients are the users with `Owner` role on a cloud project." }, "monitoringNotificationChannels": { "type": "array", "items": { "type": "string" }, "description": "Optional. Targets to send notifications to when a threshold is exceeded. This is in addition to default recipients who have billing account IAM roles. The value is the full REST resource name of a monitoring notification channel with the form `projects/{project_id}/notificationChannels/{channel_id}`. A maximum of 5 channels are allowed. See https://cloud.google.com/billing/docs/how-to/budgets-notification-recipients for more details." }, "pubsubTopic": { "type": "string", "description": "Optional. The name of the Pub/Sub topic where budget related messages will be published, in the form `projects/{project_id}/topics/{topic_id}`. Updates are sent at regular intervals to the topic. The topic needs to be created before the budget is created; see https://cloud.google.com/billing/docs/how-to/budgets-programmatic-notifications for more details. Caller is expected to have `pubsub.topics.setIamPolicy` permission on the topic when it's set for a budget, otherwise, the API call will fail with PERMISSION_DENIED. See https://cloud.google.com/billing/docs/how-to/budgets-programmatic-notifications#permissions_required_for_this_task for more details on Pub/Sub roles and permissions." }, "schemaVersion": { "type": "string", "description": "Optional. Required when AllUpdatesRule.pubsub_topic is set. The schema version of the notification sent to AllUpdatesRule.pubsub_topic. Only \"1.0\" is accepted. It represents the JSON schema as defined in https://cloud.google.com/billing/docs/how-to/budgets-programmatic-notifications#notification_format." } }, "type": "object" }, "google-native:billingbudgets/v1beta1:GoogleCloudBillingBudgetsV1beta1AllUpdatesRuleResponse": { "description": "AllUpdatesRule defines notifications that are sent based on budget spend and thresholds.", "properties": { "disableDefaultIamRecipients": { "type": "boolean", "description": "Optional. When set to true, disables default notifications sent when a threshold is exceeded. Default notifications are sent to those with Billing Account Administrator and Billing Account User IAM roles for the target account." }, "enableProjectLevelRecipients": { "type": "boolean", "description": "Optional. When set to true, and when the budget has a single project configured, notifications will be sent to project level recipients of that project. This field will be ignored if the budget has multiple or no project configured. Currently, project level recipients are the users with `Owner` role on a cloud project." }, "monitoringNotificationChannels": { "type": "array", "items": { "type": "string" }, "description": "Optional. Targets to send notifications to when a threshold is exceeded. This is in addition to default recipients who have billing account IAM roles. The value is the full REST resource name of a monitoring notification channel with the form `projects/{project_id}/notificationChannels/{channel_id}`. A maximum of 5 channels are allowed. See https://cloud.google.com/billing/docs/how-to/budgets-notification-recipients for more details." }, "pubsubTopic": { "type": "string", "description": "Optional. The name of the Pub/Sub topic where budget related messages will be published, in the form `projects/{project_id}/topics/{topic_id}`. Updates are sent at regular intervals to the topic. The topic needs to be created before the budget is created; see https://cloud.google.com/billing/docs/how-to/budgets-programmatic-notifications for more details. Caller is expected to have `pubsub.topics.setIamPolicy` permission on the topic when it's set for a budget, otherwise, the API call will fail with PERMISSION_DENIED. See https://cloud.google.com/billing/docs/how-to/budgets-programmatic-notifications#permissions_required_for_this_task for more details on Pub/Sub roles and permissions." }, "schemaVersion": { "type": "string", "description": "Optional. Required when AllUpdatesRule.pubsub_topic is set. The schema version of the notification sent to AllUpdatesRule.pubsub_topic. Only \"1.0\" is accepted. It represents the JSON schema as defined in https://cloud.google.com/billing/docs/how-to/budgets-programmatic-notifications#notification_format." } }, "type": "object", "required": [ "disableDefaultIamRecipients", "enableProjectLevelRecipients", "monitoringNotificationChannels", "pubsubTopic", "schemaVersion" ] }, "google-native:billingbudgets/v1beta1:GoogleCloudBillingBudgetsV1beta1BudgetAmount": { "description": "The budgeted amount for each usage period.", "properties": { "lastPeriodAmount": { "$ref": "#/types/google-native:billingbudgets%2Fv1beta1:GoogleCloudBillingBudgetsV1beta1LastPeriodAmount", "description": "Use the last period's actual spend as the budget for the present period. LastPeriodAmount can only be set when the budget's time period is a Filter.calendar_period. It cannot be set in combination with Filter.custom_period." }, "specifiedAmount": { "$ref": "#/types/google-native:billingbudgets%2Fv1beta1:GoogleTypeMoney", "description": "A specified amount to use as the budget. `currency_code` is optional. If specified when creating a budget, it must match the currency of the billing account. If specified when updating a budget, it must match the currency_code of the existing budget. The `currency_code` is provided on output." } }, "type": "object" }, "google-native:billingbudgets/v1beta1:GoogleCloudBillingBudgetsV1beta1BudgetAmountResponse": { "description": "The budgeted amount for each usage period.", "properties": { "lastPeriodAmount": { "$ref": "#/types/google-native:billingbudgets%2Fv1beta1:GoogleCloudBillingBudgetsV1beta1LastPeriodAmountResponse", "description": "Use the last period's actual spend as the budget for the present period. LastPeriodAmount can only be set when the budget's time period is a Filter.calendar_period. It cannot be set in combination with Filter.custom_period." }, "specifiedAmount": { "$ref": "#/types/google-native:billingbudgets%2Fv1beta1:GoogleTypeMoneyResponse", "description": "A specified amount to use as the budget. `currency_code` is optional. If specified when creating a budget, it must match the currency of the billing account. If specified when updating a budget, it must match the currency_code of the existing budget. The `currency_code` is provided on output." } }, "type": "object", "required": [ "lastPeriodAmount", "specifiedAmount" ] }, "google-native:billingbudgets/v1beta1:GoogleCloudBillingBudgetsV1beta1CustomPeriod": { "description": "All date times begin at 12 AM US and Canadian Pacific Time (UTC-8).", "properties": { "endDate": { "$ref": "#/types/google-native:billingbudgets%2Fv1beta1:GoogleTypeDate", "description": "Optional. The end date of the time period. Budgets with elapsed end date won't be processed. If unset, specifies to track all usage incurred since the start_date." }, "startDate": { "$ref": "#/types/google-native:billingbudgets%2Fv1beta1:GoogleTypeDate", "description": "The start date must be after January 1, 2017." } }, "type": "object", "required": [ "startDate" ] }, "google-native:billingbudgets/v1beta1:GoogleCloudBillingBudgetsV1beta1CustomPeriodResponse": { "description": "All date times begin at 12 AM US and Canadian Pacific Time (UTC-8).", "properties": { "endDate": { "$ref": "#/types/google-native:billingbudgets%2Fv1beta1:GoogleTypeDateResponse", "description": "Optional. The end date of the time period. Budgets with elapsed end date won't be processed. If unset, specifies to track all usage incurred since the start_date." }, "startDate": { "$ref": "#/types/google-native:billingbudgets%2Fv1beta1:GoogleTypeDateResponse", "description": "The start date must be after January 1, 2017." } }, "type": "object", "required": [ "endDate", "startDate" ] }, "google-native:billingbudgets/v1beta1:GoogleCloudBillingBudgetsV1beta1Filter": { "description": "A filter for a budget, limiting the scope of the cost to calculate.", "properties": { "calendarPeriod": { "$ref": "#/types/google-native:billingbudgets%2Fv1beta1:GoogleCloudBillingBudgetsV1beta1FilterCalendarPeriod", "description": "Optional. Specifies to track usage for recurring calendar period. For example, assume that CalendarPeriod.QUARTER is set. The budget will track usage from April 1 to June 30, when the current calendar month is April, May, June. After that, it will track usage from July 1 to September 30 when the current calendar month is July, August, September, so on." }, "creditTypes": { "type": "array", "items": { "type": "string" }, "description": "Optional. If Filter.credit_types_treatment is INCLUDE_SPECIFIED_CREDITS, this is a list of credit types to be subtracted from gross cost to determine the spend for threshold calculations. See [a list of acceptable credit type values](https://cloud.google.com/billing/docs/how-to/export-data-bigquery-tables#credits-type). If Filter.credit_types_treatment is **not** INCLUDE_SPECIFIED_CREDITS, this field must be empty." }, "creditTypesTreatment": { "$ref": "#/types/google-native:billingbudgets%2Fv1beta1:GoogleCloudBillingBudgetsV1beta1FilterCreditTypesTreatment", "description": "Optional. If not set, default behavior is `INCLUDE_ALL_CREDITS`." }, "customPeriod": { "$ref": "#/types/google-native:billingbudgets%2Fv1beta1:GoogleCloudBillingBudgetsV1beta1CustomPeriod", "description": "Optional. Specifies to track usage from any start date (required) to any end date (optional). This time period is static, it does not recur." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A single label and value pair specifying that usage from only this set of labeled resources should be included in the budget. If omitted, the report will include all labeled and unlabeled usage. An object containing a single `\"key\": value` pair. Example: `{ \"name\": \"wrench\" }`. _Currently, multiple entries or multiple values per entry are not allowed._" }, "projects": { "type": "array", "items": { "type": "string" }, "description": "Optional. A set of projects of the form `projects/{project}`, specifying that usage from only this set of projects should be included in the budget. If omitted, the report will include all usage for the billing account, regardless of which project the usage occurred on." }, "resourceAncestors": { "type": "array", "items": { "type": "string" }, "description": "Optional. A set of folder and organization names of the form `folders/{folderId}` or `organizations/{organizationId}`, specifying that usage from only this set of folders and organizations should be included in the budget. If omitted, the budget includes all usage that the billing account pays for. If the folder or organization contains projects that are paid for by a different Cloud Billing account, the budget *doesn't* apply to those projects." }, "services": { "type": "array", "items": { "type": "string" }, "description": "Optional. A set of services of the form `services/{service_id}`, specifying that usage from only this set of services should be included in the budget. If omitted, the report will include usage for all the services. The service names are available through the Catalog API: https://cloud.google.com/billing/v1/how-tos/catalog-api." }, "subaccounts": { "type": "array", "items": { "type": "string" }, "description": "Optional. A set of subaccounts of the form `billingAccounts/{account_id}`, specifying that usage from only this set of subaccounts should be included in the budget. If a subaccount is set to the name of the parent account, usage from the parent account will be included. If omitted, the report will include usage from the parent account and all subaccounts, if they exist." } }, "type": "object" }, "google-native:billingbudgets/v1beta1:GoogleCloudBillingBudgetsV1beta1FilterCalendarPeriod": { "description": "Optional. Specifies to track usage for recurring calendar period. For example, assume that CalendarPeriod.QUARTER is set. The budget will track usage from April 1 to June 30, when the current calendar month is April, May, June. After that, it will track usage from July 1 to September 30 when the current calendar month is July, August, September, so on.", "type": "string", "enum": [ { "name": "CalendarPeriodUnspecified", "description": "Calendar period is unset. This is the default if the budget is for a custom time period (CustomPeriod).", "value": "CALENDAR_PERIOD_UNSPECIFIED" }, { "name": "Month", "description": "A month. Month starts on the first day of each month, such as January 1, February 1, March 1, and so on.", "value": "MONTH" }, { "name": "Quarter", "description": "A quarter. Quarters start on dates January 1, April 1, July 1, and October 1 of each year.", "value": "QUARTER" }, { "name": "Year", "description": "A year. Year starts on January 1.", "value": "YEAR" } ] }, "google-native:billingbudgets/v1beta1:GoogleCloudBillingBudgetsV1beta1FilterCreditTypesTreatment": { "description": "Optional. If not set, default behavior is `INCLUDE_ALL_CREDITS`.", "type": "string", "enum": [ { "name": "CreditTypesTreatmentUnspecified", "value": "CREDIT_TYPES_TREATMENT_UNSPECIFIED" }, { "name": "IncludeAllCredits", "description": "All types of credit are subtracted from the gross cost to determine the spend for threshold calculations.", "value": "INCLUDE_ALL_CREDITS" }, { "name": "ExcludeAllCredits", "description": "All types of credit are added to the net cost to determine the spend for threshold calculations.", "value": "EXCLUDE_ALL_CREDITS" }, { "name": "IncludeSpecifiedCredits", "description": "[Credit types](https://cloud.google.com/billing/docs/how-to/export-data-bigquery-tables#credits-type) specified in the credit_types field are subtracted from the gross cost to determine the spend for threshold calculations.", "value": "INCLUDE_SPECIFIED_CREDITS" } ] }, "google-native:billingbudgets/v1beta1:GoogleCloudBillingBudgetsV1beta1FilterResponse": { "description": "A filter for a budget, limiting the scope of the cost to calculate.", "properties": { "calendarPeriod": { "type": "string", "description": "Optional. Specifies to track usage for recurring calendar period. For example, assume that CalendarPeriod.QUARTER is set. The budget will track usage from April 1 to June 30, when the current calendar month is April, May, June. After that, it will track usage from July 1 to September 30 when the current calendar month is July, August, September, so on." }, "creditTypes": { "type": "array", "items": { "type": "string" }, "description": "Optional. If Filter.credit_types_treatment is INCLUDE_SPECIFIED_CREDITS, this is a list of credit types to be subtracted from gross cost to determine the spend for threshold calculations. See [a list of acceptable credit type values](https://cloud.google.com/billing/docs/how-to/export-data-bigquery-tables#credits-type). If Filter.credit_types_treatment is **not** INCLUDE_SPECIFIED_CREDITS, this field must be empty." }, "creditTypesTreatment": { "type": "string", "description": "Optional. If not set, default behavior is `INCLUDE_ALL_CREDITS`." }, "customPeriod": { "$ref": "#/types/google-native:billingbudgets%2Fv1beta1:GoogleCloudBillingBudgetsV1beta1CustomPeriodResponse", "description": "Optional. Specifies to track usage from any start date (required) to any end date (optional). This time period is static, it does not recur." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A single label and value pair specifying that usage from only this set of labeled resources should be included in the budget. If omitted, the report will include all labeled and unlabeled usage. An object containing a single `\"key\": value` pair. Example: `{ \"name\": \"wrench\" }`. _Currently, multiple entries or multiple values per entry are not allowed._" }, "projects": { "type": "array", "items": { "type": "string" }, "description": "Optional. A set of projects of the form `projects/{project}`, specifying that usage from only this set of projects should be included in the budget. If omitted, the report will include all usage for the billing account, regardless of which project the usage occurred on." }, "resourceAncestors": { "type": "array", "items": { "type": "string" }, "description": "Optional. A set of folder and organization names of the form `folders/{folderId}` or `organizations/{organizationId}`, specifying that usage from only this set of folders and organizations should be included in the budget. If omitted, the budget includes all usage that the billing account pays for. If the folder or organization contains projects that are paid for by a different Cloud Billing account, the budget *doesn't* apply to those projects." }, "services": { "type": "array", "items": { "type": "string" }, "description": "Optional. A set of services of the form `services/{service_id}`, specifying that usage from only this set of services should be included in the budget. If omitted, the report will include usage for all the services. The service names are available through the Catalog API: https://cloud.google.com/billing/v1/how-tos/catalog-api." }, "subaccounts": { "type": "array", "items": { "type": "string" }, "description": "Optional. A set of subaccounts of the form `billingAccounts/{account_id}`, specifying that usage from only this set of subaccounts should be included in the budget. If a subaccount is set to the name of the parent account, usage from the parent account will be included. If omitted, the report will include usage from the parent account and all subaccounts, if they exist." } }, "type": "object", "required": [ "calendarPeriod", "creditTypes", "creditTypesTreatment", "customPeriod", "labels", "projects", "resourceAncestors", "services", "subaccounts" ] }, "google-native:billingbudgets/v1beta1:GoogleCloudBillingBudgetsV1beta1LastPeriodAmount": { "description": "Describes a budget amount targeted to the last Filter.calendar_period spend. At this time, the amount is automatically 100% of the last calendar period's spend; that is, there are no other options yet. Future configuration options will be described here (for example, configuring a percentage of last period's spend). LastPeriodAmount cannot be set for a budget configured with a Filter.custom_period.", "type": "object" }, "google-native:billingbudgets/v1beta1:GoogleCloudBillingBudgetsV1beta1LastPeriodAmountResponse": { "description": "Describes a budget amount targeted to the last Filter.calendar_period spend. At this time, the amount is automatically 100% of the last calendar period's spend; that is, there are no other options yet. Future configuration options will be described here (for example, configuring a percentage of last period's spend). LastPeriodAmount cannot be set for a budget configured with a Filter.custom_period.", "type": "object" }, "google-native:billingbudgets/v1beta1:GoogleCloudBillingBudgetsV1beta1ThresholdRule": { "description": "ThresholdRule contains the definition of a threshold. Threshold rules define the triggering events used to generate a budget notification email. When a threshold is crossed (spend exceeds the specified percentages of the budget), budget alert emails are sent to the email recipients you specify in the [NotificationsRule](#notificationsrule). Threshold rules also affect the fields included in the [JSON data object](https://cloud.google.com/billing/docs/how-to/budgets-programmatic-notifications#notification_format) sent to a Pub/Sub topic. Threshold rules are _required_ if using email notifications. Threshold rules are _optional_ if only setting a [`pubsubTopic` NotificationsRule](#NotificationsRule), unless you want your JSON data object to include data about the thresholds you set. For more information, see [set budget threshold rules and actions](https://cloud.google.com/billing/docs/how-to/budgets#budget-actions).", "properties": { "spendBasis": { "$ref": "#/types/google-native:billingbudgets%2Fv1beta1:GoogleCloudBillingBudgetsV1beta1ThresholdRuleSpendBasis", "description": "Optional. The type of basis used to determine if spend has passed the threshold. Behavior defaults to CURRENT_SPEND if not set." }, "thresholdPercent": { "type": "number", "description": "Send an alert when this threshold is exceeded. This is a 1.0-based percentage, so 0.5 = 50%. Validation: non-negative number." } }, "type": "object", "required": [ "thresholdPercent" ] }, "google-native:billingbudgets/v1beta1:GoogleCloudBillingBudgetsV1beta1ThresholdRuleResponse": { "description": "ThresholdRule contains the definition of a threshold. Threshold rules define the triggering events used to generate a budget notification email. When a threshold is crossed (spend exceeds the specified percentages of the budget), budget alert emails are sent to the email recipients you specify in the [NotificationsRule](#notificationsrule). Threshold rules also affect the fields included in the [JSON data object](https://cloud.google.com/billing/docs/how-to/budgets-programmatic-notifications#notification_format) sent to a Pub/Sub topic. Threshold rules are _required_ if using email notifications. Threshold rules are _optional_ if only setting a [`pubsubTopic` NotificationsRule](#NotificationsRule), unless you want your JSON data object to include data about the thresholds you set. For more information, see [set budget threshold rules and actions](https://cloud.google.com/billing/docs/how-to/budgets#budget-actions).", "properties": { "spendBasis": { "type": "string", "description": "Optional. The type of basis used to determine if spend has passed the threshold. Behavior defaults to CURRENT_SPEND if not set." }, "thresholdPercent": { "type": "number", "description": "Send an alert when this threshold is exceeded. This is a 1.0-based percentage, so 0.5 = 50%. Validation: non-negative number." } }, "type": "object", "required": [ "spendBasis", "thresholdPercent" ] }, "google-native:billingbudgets/v1beta1:GoogleCloudBillingBudgetsV1beta1ThresholdRuleSpendBasis": { "description": "Optional. The type of basis used to determine if spend has passed the threshold. Behavior defaults to CURRENT_SPEND if not set.", "type": "string", "enum": [ { "name": "BasisUnspecified", "description": "Unspecified threshold basis.", "value": "BASIS_UNSPECIFIED" }, { "name": "CurrentSpend", "description": "Use current spend as the basis for comparison against the threshold.", "value": "CURRENT_SPEND" }, { "name": "ForecastedSpend", "description": "Use forecasted spend for the period as the basis for comparison against the threshold. FORECASTED_SPEND can only be set when the budget's time period is a Filter.calendar_period. It cannot be set in combination with Filter.custom_period.", "value": "FORECASTED_SPEND" } ] }, "google-native:billingbudgets/v1beta1:GoogleTypeDate": { "description": "Represents a whole or partial calendar date, such as a birthday. The time of day and time zone are either specified elsewhere or are insignificant. The date is relative to the Gregorian Calendar. This can represent one of the following: * A full date, with non-zero year, month, and day values. * A month and day, with a zero year (for example, an anniversary). * A year on its own, with a zero month and a zero day. * A year and month, with a zero day (for example, a credit card expiration date). Related types: * google.type.TimeOfDay * google.type.DateTime * google.protobuf.Timestamp", "properties": { "day": { "type": "integer", "description": "Day of a month. Must be from 1 to 31 and valid for the year and month, or 0 to specify a year by itself or a year and month where the day isn't significant." }, "month": { "type": "integer", "description": "Month of a year. Must be from 1 to 12, or 0 to specify a year without a month and day." }, "year": { "type": "integer", "description": "Year of the date. Must be from 1 to 9999, or 0 to specify a date without a year." } }, "type": "object" }, "google-native:billingbudgets/v1beta1:GoogleTypeDateResponse": { "description": "Represents a whole or partial calendar date, such as a birthday. The time of day and time zone are either specified elsewhere or are insignificant. The date is relative to the Gregorian Calendar. This can represent one of the following: * A full date, with non-zero year, month, and day values. * A month and day, with a zero year (for example, an anniversary). * A year on its own, with a zero month and a zero day. * A year and month, with a zero day (for example, a credit card expiration date). Related types: * google.type.TimeOfDay * google.type.DateTime * google.protobuf.Timestamp", "properties": { "day": { "type": "integer", "description": "Day of a month. Must be from 1 to 31 and valid for the year and month, or 0 to specify a year by itself or a year and month where the day isn't significant." }, "month": { "type": "integer", "description": "Month of a year. Must be from 1 to 12, or 0 to specify a year without a month and day." }, "year": { "type": "integer", "description": "Year of the date. Must be from 1 to 9999, or 0 to specify a date without a year." } }, "type": "object", "required": [ "day", "month", "year" ] }, "google-native:billingbudgets/v1beta1:GoogleTypeMoney": { "description": "Represents an amount of money with its currency type.", "properties": { "currencyCode": { "type": "string", "description": "The three-letter currency code defined in ISO 4217." }, "nanos": { "type": "integer", "description": "Number of nano (10^-9) units of the amount. The value must be between -999,999,999 and +999,999,999 inclusive. If `units` is positive, `nanos` must be positive or zero. If `units` is zero, `nanos` can be positive, zero, or negative. If `units` is negative, `nanos` must be negative or zero. For example $-1.75 is represented as `units`=-1 and `nanos`=-750,000,000." }, "units": { "type": "string", "description": "The whole units of the amount. For example if `currencyCode` is `\"USD\"`, then 1 unit is one US dollar." } }, "type": "object" }, "google-native:billingbudgets/v1beta1:GoogleTypeMoneyResponse": { "description": "Represents an amount of money with its currency type.", "properties": { "currencyCode": { "type": "string", "description": "The three-letter currency code defined in ISO 4217." }, "nanos": { "type": "integer", "description": "Number of nano (10^-9) units of the amount. The value must be between -999,999,999 and +999,999,999 inclusive. If `units` is positive, `nanos` must be positive or zero. If `units` is zero, `nanos` can be positive, zero, or negative. If `units` is negative, `nanos` must be negative or zero. For example $-1.75 is represented as `units`=-1 and `nanos`=-750,000,000." }, "units": { "type": "string", "description": "The whole units of the amount. For example if `currencyCode` is `\"USD\"`, then 1 unit is one US dollar." } }, "type": "object", "required": [ "currencyCode", "nanos", "units" ] }, "google-native:binaryauthorization/v1:AttestationAuthenticator": { "description": "An attestation authenticator that will be used to verify attestations. Typically this is just a set of public keys. Conceptually, an authenticator can be treated as always returning either \"authenticated\" or \"not authenticated\" when presented with a signed attestation (almost always assumed to be a [DSSE](https://github.com/secure-systems-lab/dsse) attestation). The details of how an authenticator makes this decision are specific to the type of 'authenticator' that this message wraps.", "properties": { "displayName": { "type": "string", "description": "Optional. A user-provided name for this `AttestationAuthenticator`. This field has no effect on the policy evaluation behavior except to improve readability of messages in evaluation results." }, "pkixPublicKeySet": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:PkixPublicKeySet", "description": "Optional. A set of raw PKIX SubjectPublicKeyInfo format public keys. If any public key in the set validates the attestation signature, then the signature is considered authenticated (i.e. any one key is sufficient to authenticate)." } }, "type": "object" }, "google-native:binaryauthorization/v1:AttestationAuthenticatorResponse": { "description": "An attestation authenticator that will be used to verify attestations. Typically this is just a set of public keys. Conceptually, an authenticator can be treated as always returning either \"authenticated\" or \"not authenticated\" when presented with a signed attestation (almost always assumed to be a [DSSE](https://github.com/secure-systems-lab/dsse) attestation). The details of how an authenticator makes this decision are specific to the type of 'authenticator' that this message wraps.", "properties": { "displayName": { "type": "string", "description": "Optional. A user-provided name for this `AttestationAuthenticator`. This field has no effect on the policy evaluation behavior except to improve readability of messages in evaluation results." }, "pkixPublicKeySet": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:PkixPublicKeySetResponse", "description": "Optional. A set of raw PKIX SubjectPublicKeyInfo format public keys. If any public key in the set validates the attestation signature, then the signature is considered authenticated (i.e. any one key is sufficient to authenticate)." } }, "type": "object", "required": [ "displayName", "pkixPublicKeySet" ] }, "google-native:binaryauthorization/v1:AttestationSource": { "description": "Specifies the locations for fetching the provenance attestations.", "properties": { "containerAnalysisAttestationProjects": { "type": "array", "items": { "type": "string" }, "description": "The IDs of the GCP projects storing the SLSA attestations as Container Analysis Occurrences." } }, "type": "object" }, "google-native:binaryauthorization/v1:AttestationSourceResponse": { "description": "Specifies the locations for fetching the provenance attestations.", "properties": { "containerAnalysisAttestationProjects": { "type": "array", "items": { "type": "string" }, "description": "The IDs of the GCP projects storing the SLSA attestations as Container Analysis Occurrences." } }, "type": "object", "required": [ "containerAnalysisAttestationProjects" ] }, "google-native:binaryauthorization/v1:AttestorPublicKey": { "description": "An attestor public key that will be used to verify attestations signed by this attestor.", "properties": { "asciiArmoredPgpPublicKey": { "type": "string", "description": "ASCII-armored representation of a PGP public key, as the entire output by the command `gpg --export --armor foo@example.com` (either LF or CRLF line endings). When using this field, `id` should be left blank. The Binary Authorization API handlers will calculate the ID and fill it in automatically. Binary Authorization computes this ID as the OpenPGP RFC4880 V4 fingerprint, represented as upper-case hex. If `id` is provided by the caller, it will be overwritten by the API-calculated ID." }, "comment": { "type": "string", "description": "Optional. A descriptive comment. This field may be updated." }, "id": { "type": "string", "description": "The ID of this public key. Signatures verified by Binary Authorization must include the ID of the public key that can be used to verify them, and that ID must match the contents of this field exactly. Additional restrictions on this field can be imposed based on which public key type is encapsulated. See the documentation on `public_key` cases below for details." }, "pkixPublicKey": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:PkixPublicKey", "description": "A raw PKIX SubjectPublicKeyInfo format public key. NOTE: `id` may be explicitly provided by the caller when using this type of public key, but it MUST be a valid RFC3986 URI. If `id` is left blank, a default one will be computed based on the digest of the DER encoding of the public key." } }, "type": "object" }, "google-native:binaryauthorization/v1:AttestorPublicKeyResponse": { "description": "An attestor public key that will be used to verify attestations signed by this attestor.", "properties": { "asciiArmoredPgpPublicKey": { "type": "string", "description": "ASCII-armored representation of a PGP public key, as the entire output by the command `gpg --export --armor foo@example.com` (either LF or CRLF line endings). When using this field, `id` should be left blank. The Binary Authorization API handlers will calculate the ID and fill it in automatically. Binary Authorization computes this ID as the OpenPGP RFC4880 V4 fingerprint, represented as upper-case hex. If `id` is provided by the caller, it will be overwritten by the API-calculated ID." }, "comment": { "type": "string", "description": "Optional. A descriptive comment. This field may be updated." }, "pkixPublicKey": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:PkixPublicKeyResponse", "description": "A raw PKIX SubjectPublicKeyInfo format public key. NOTE: `id` may be explicitly provided by the caller when using this type of public key, but it MUST be a valid RFC3986 URI. If `id` is left blank, a default one will be computed based on the digest of the DER encoding of the public key." } }, "type": "object", "required": [ "asciiArmoredPgpPublicKey", "comment", "pkixPublicKey" ] }, "google-native:binaryauthorization/v1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:binaryauthorization/v1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:binaryauthorization/v1:Check": { "description": "A single check to perform against a Pod. Checks are grouped into `CheckSet` objects, which are defined by the top-level policy.", "properties": { "alwaysDeny": { "type": "boolean", "description": "Optional. A special-case check that always denies. Note that this still only applies when the scope of the `CheckSet` applies and the image isn't exempted by an image allowlist. This check is primarily useful for testing, or to set the default behavior for all unmatched scopes to \"deny\"." }, "displayName": { "type": "string", "description": "Optional. A user-provided name for this check. This field has no effect on the policy evaluation behavior except to improve readability of messages in evaluation results." }, "imageAllowlist": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:ImageAllowlist", "description": "Optional. Images exempted from this check. If any of the patterns match the image url, the check will not be evaluated." }, "imageFreshnessCheck": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:ImageFreshnessCheck", "description": "Optional. Require that an image is no older than a configured expiration time. Image age is determined by its upload time." }, "simpleSigningAttestationCheck": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:SimpleSigningAttestationCheck", "description": "Optional. Require a SimpleSigning-type attestation for every image in the deployment." }, "slsaCheck": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:SlsaCheck", "description": "Optional. Require that an image was built by a trusted builder (such as Google Cloud Build), meets requirements for Supply chain Levels for Software Artifacts (SLSA), and was built from a trusted source code repostitory." }, "trustedDirectoryCheck": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:TrustedDirectoryCheck", "description": "Optional. Require that an image lives in a trusted directory." }, "vulnerabilityCheck": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:VulnerabilityCheck", "description": "Optional. Require that an image does not contain vulnerabilities that violate the configured rules, such as based on severity levels." } }, "type": "object" }, "google-native:binaryauthorization/v1:CheckResponse": { "description": "A single check to perform against a Pod. Checks are grouped into `CheckSet` objects, which are defined by the top-level policy.", "properties": { "alwaysDeny": { "type": "boolean", "description": "Optional. A special-case check that always denies. Note that this still only applies when the scope of the `CheckSet` applies and the image isn't exempted by an image allowlist. This check is primarily useful for testing, or to set the default behavior for all unmatched scopes to \"deny\"." }, "displayName": { "type": "string", "description": "Optional. A user-provided name for this check. This field has no effect on the policy evaluation behavior except to improve readability of messages in evaluation results." }, "imageAllowlist": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:ImageAllowlistResponse", "description": "Optional. Images exempted from this check. If any of the patterns match the image url, the check will not be evaluated." }, "imageFreshnessCheck": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:ImageFreshnessCheckResponse", "description": "Optional. Require that an image is no older than a configured expiration time. Image age is determined by its upload time." }, "simpleSigningAttestationCheck": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:SimpleSigningAttestationCheckResponse", "description": "Optional. Require a SimpleSigning-type attestation for every image in the deployment." }, "slsaCheck": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:SlsaCheckResponse", "description": "Optional. Require that an image was built by a trusted builder (such as Google Cloud Build), meets requirements for Supply chain Levels for Software Artifacts (SLSA), and was built from a trusted source code repostitory." }, "trustedDirectoryCheck": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:TrustedDirectoryCheckResponse", "description": "Optional. Require that an image lives in a trusted directory." }, "vulnerabilityCheck": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:VulnerabilityCheckResponse", "description": "Optional. Require that an image does not contain vulnerabilities that violate the configured rules, such as based on severity levels." } }, "type": "object", "required": [ "alwaysDeny", "displayName", "imageAllowlist", "imageFreshnessCheck", "simpleSigningAttestationCheck", "slsaCheck", "trustedDirectoryCheck", "vulnerabilityCheck" ] }, "google-native:binaryauthorization/v1:CheckSet": { "description": "A conjunction of policy checks, scoped to a particular namespace or Kubernetes service account. In order for evaluation of a `CheckSet` to return \"allowed\" for a given image in a given Pod, one of the following conditions must be satisfied: * The image is explicitly exempted by an entry in `image_allowlist`, OR * ALL of the `checks` evaluate to \"allowed\".", "properties": { "checks": { "type": "array", "items": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:Check" }, "description": "Optional. The checks to apply. The ultimate result of evaluating the check set will be \"allow\" if and only if every check in `checks` evaluates to \"allow\". If `checks` is empty, the default behavior is \"always allow\"." }, "displayName": { "type": "string", "description": "Optional. A user-provided name for this `CheckSet`. This field has no effect on the policy evaluation behavior except to improve readability of messages in evaluation results." }, "imageAllowlist": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:ImageAllowlist", "description": "Optional. Images exempted from this `CheckSet`. If any of the patterns match the image being evaluated, no checks in the `CheckSet` will be evaluated." }, "scope": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:Scope", "description": "Optional. The scope to which this `CheckSet` applies. If unset or an empty string (the default), applies to all namespaces and service accounts. See the `Scope` message documentation for details on scoping rules." } }, "type": "object" }, "google-native:binaryauthorization/v1:CheckSetResponse": { "description": "A conjunction of policy checks, scoped to a particular namespace or Kubernetes service account. In order for evaluation of a `CheckSet` to return \"allowed\" for a given image in a given Pod, one of the following conditions must be satisfied: * The image is explicitly exempted by an entry in `image_allowlist`, OR * ALL of the `checks` evaluate to \"allowed\".", "properties": { "checks": { "type": "array", "items": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:CheckResponse" }, "description": "Optional. The checks to apply. The ultimate result of evaluating the check set will be \"allow\" if and only if every check in `checks` evaluates to \"allow\". If `checks` is empty, the default behavior is \"always allow\"." }, "displayName": { "type": "string", "description": "Optional. A user-provided name for this `CheckSet`. This field has no effect on the policy evaluation behavior except to improve readability of messages in evaluation results." }, "imageAllowlist": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:ImageAllowlistResponse", "description": "Optional. Images exempted from this `CheckSet`. If any of the patterns match the image being evaluated, no checks in the `CheckSet` will be evaluated." }, "scope": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:ScopeResponse", "description": "Optional. The scope to which this `CheckSet` applies. If unset or an empty string (the default), applies to all namespaces and service accounts. See the `Scope` message documentation for details on scoping rules." } }, "type": "object", "required": [ "checks", "displayName", "imageAllowlist", "scope" ] }, "google-native:binaryauthorization/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:binaryauthorization/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:binaryauthorization/v1:GkePolicy": { "description": "A Binary Authorization policy for a GKE cluster. This is one type of policy that can occur as a `PlatformPolicy`.", "properties": { "checkSets": { "type": "array", "items": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:CheckSet" }, "description": "Optional. The `CheckSet` objects to apply, scoped by namespace or namespace and service account. Exactly one `CheckSet` will be evaluated for a given Pod (unless the list is empty, in which case the behavior is \"always allow\"). If multiple `CheckSet` objects have scopes that match the namespace and service account of the Pod being evaluated, only the `CheckSet` with the MOST SPECIFIC scope will match. `CheckSet` objects must be listed in order of decreasing specificity, i.e. if a scope matches a given service account (which must include the namespace), it must come before a `CheckSet` with a scope matching just that namespace. This property is enforced by server-side validation. The purpose of this restriction is to ensure that if more than one `CheckSet` matches a given Pod, the `CheckSet` that will be evaluated will always be the first in the list to match (because if any other matches, it must be less specific). If `check_sets` is empty, the default behavior is to allow all images. If `check_sets` is non-empty, the last `check_sets` entry must always be a `CheckSet` with no scope set, i.e. a catchall to handle any situation not caught by the preceding `CheckSet` objects." }, "imageAllowlist": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:ImageAllowlist", "description": "Optional. Images exempted from this policy. If any of the patterns match the image being evaluated, the rest of the policy will not be evaluated." } }, "type": "object" }, "google-native:binaryauthorization/v1:GkePolicyResponse": { "description": "A Binary Authorization policy for a GKE cluster. This is one type of policy that can occur as a `PlatformPolicy`.", "properties": { "checkSets": { "type": "array", "items": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:CheckSetResponse" }, "description": "Optional. The `CheckSet` objects to apply, scoped by namespace or namespace and service account. Exactly one `CheckSet` will be evaluated for a given Pod (unless the list is empty, in which case the behavior is \"always allow\"). If multiple `CheckSet` objects have scopes that match the namespace and service account of the Pod being evaluated, only the `CheckSet` with the MOST SPECIFIC scope will match. `CheckSet` objects must be listed in order of decreasing specificity, i.e. if a scope matches a given service account (which must include the namespace), it must come before a `CheckSet` with a scope matching just that namespace. This property is enforced by server-side validation. The purpose of this restriction is to ensure that if more than one `CheckSet` matches a given Pod, the `CheckSet` that will be evaluated will always be the first in the list to match (because if any other matches, it must be less specific). If `check_sets` is empty, the default behavior is to allow all images. If `check_sets` is non-empty, the last `check_sets` entry must always be a `CheckSet` with no scope set, i.e. a catchall to handle any situation not caught by the preceding `CheckSet` objects." }, "imageAllowlist": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:ImageAllowlistResponse", "description": "Optional. Images exempted from this policy. If any of the patterns match the image being evaluated, the rest of the policy will not be evaluated." } }, "type": "object", "required": [ "checkSets", "imageAllowlist" ] }, "google-native:binaryauthorization/v1:ImageAllowlist": { "description": "Images that are exempted from normal checks based on name pattern only.", "properties": { "allowPattern": { "type": "array", "items": { "type": "string" }, "description": "A disjunction of image patterns to allow. If any of these patterns match, then the image is considered exempted by this allowlist." } }, "type": "object", "required": [ "allowPattern" ] }, "google-native:binaryauthorization/v1:ImageAllowlistResponse": { "description": "Images that are exempted from normal checks based on name pattern only.", "properties": { "allowPattern": { "type": "array", "items": { "type": "string" }, "description": "A disjunction of image patterns to allow. If any of these patterns match, then the image is considered exempted by this allowlist." } }, "type": "object", "required": [ "allowPattern" ] }, "google-native:binaryauthorization/v1:ImageFreshnessCheck": { "description": "An image freshness check, which rejects images that were uploaded before the set number of days ago to the supported repositories.", "properties": { "maxUploadAgeDays": { "type": "integer", "description": "The max number of days that is allowed since the image was uploaded. Must be greater than zero." } }, "type": "object", "required": [ "maxUploadAgeDays" ] }, "google-native:binaryauthorization/v1:ImageFreshnessCheckResponse": { "description": "An image freshness check, which rejects images that were uploaded before the set number of days ago to the supported repositories.", "properties": { "maxUploadAgeDays": { "type": "integer", "description": "The max number of days that is allowed since the image was uploaded. Must be greater than zero." } }, "type": "object", "required": [ "maxUploadAgeDays" ] }, "google-native:binaryauthorization/v1:PkixPublicKey": { "description": "A public key in the PkixPublicKey [format](https://tools.ietf.org/html/rfc5280#section-4.1.2.7). Public keys of this type are typically textually encoded using the PEM format.", "properties": { "keyId": { "type": "string", "description": "Optional. The ID of this public key. Signatures verified by Binary Authorization must include the ID of the public key that can be used to verify them, and that ID must match the contents of this field exactly. This may be explicitly provided by the caller, but it MUST be a valid RFC3986 URI. If `key_id` is left blank and this `PkixPublicKey` is not used in the context of a wrapper (see next paragraph), a default key ID will be computed based on the digest of the DER encoding of the public key. If this `PkixPublicKey` is used in the context of a wrapper that has its own notion of key ID (e.g. `AttestorPublicKey`), then this field can either: * Match that value exactly. * Or be left blank, in which case it behaves exactly as though it is equal to that wrapper value." }, "publicKeyPem": { "type": "string", "description": "A PEM-encoded public key, as described in https://tools.ietf.org/html/rfc7468#section-13" }, "signatureAlgorithm": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:PkixPublicKeySignatureAlgorithm", "description": "The signature algorithm used to verify a message against a signature using this key. These signature algorithm must match the structure and any object identifiers encoded in `public_key_pem` (i.e. this algorithm must match that of the public key)." } }, "type": "object" }, "google-native:binaryauthorization/v1:PkixPublicKeyResponse": { "description": "A public key in the PkixPublicKey [format](https://tools.ietf.org/html/rfc5280#section-4.1.2.7). Public keys of this type are typically textually encoded using the PEM format.", "properties": { "keyId": { "type": "string", "description": "Optional. The ID of this public key. Signatures verified by Binary Authorization must include the ID of the public key that can be used to verify them, and that ID must match the contents of this field exactly. This may be explicitly provided by the caller, but it MUST be a valid RFC3986 URI. If `key_id` is left blank and this `PkixPublicKey` is not used in the context of a wrapper (see next paragraph), a default key ID will be computed based on the digest of the DER encoding of the public key. If this `PkixPublicKey` is used in the context of a wrapper that has its own notion of key ID (e.g. `AttestorPublicKey`), then this field can either: * Match that value exactly. * Or be left blank, in which case it behaves exactly as though it is equal to that wrapper value." }, "publicKeyPem": { "type": "string", "description": "A PEM-encoded public key, as described in https://tools.ietf.org/html/rfc7468#section-13" }, "signatureAlgorithm": { "type": "string", "description": "The signature algorithm used to verify a message against a signature using this key. These signature algorithm must match the structure and any object identifiers encoded in `public_key_pem` (i.e. this algorithm must match that of the public key)." } }, "type": "object", "required": [ "keyId", "publicKeyPem", "signatureAlgorithm" ] }, "google-native:binaryauthorization/v1:PkixPublicKeySet": { "description": "A bundle of PKIX public keys, used to authenticate attestation signatures. Generally, a signature is considered to be authenticated by a `PkixPublicKeySet` if any of the public keys verify it (i.e. it is an \"OR\" of the keys).", "properties": { "pkixPublicKeys": { "type": "array", "items": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:PkixPublicKey" }, "description": "`pkix_public_keys` must have at least one entry." } }, "type": "object", "required": [ "pkixPublicKeys" ] }, "google-native:binaryauthorization/v1:PkixPublicKeySetResponse": { "description": "A bundle of PKIX public keys, used to authenticate attestation signatures. Generally, a signature is considered to be authenticated by a `PkixPublicKeySet` if any of the public keys verify it (i.e. it is an \"OR\" of the keys).", "properties": { "pkixPublicKeys": { "type": "array", "items": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:PkixPublicKeyResponse" }, "description": "`pkix_public_keys` must have at least one entry." } }, "type": "object", "required": [ "pkixPublicKeys" ] }, "google-native:binaryauthorization/v1:PkixPublicKeySignatureAlgorithm": { "description": "The signature algorithm used to verify a message against a signature using this key. These signature algorithm must match the structure and any object identifiers encoded in `public_key_pem` (i.e. this algorithm must match that of the public key).", "type": "string", "enum": [ { "name": "SignatureAlgorithmUnspecified", "description": "Not specified.", "value": "SIGNATURE_ALGORITHM_UNSPECIFIED" }, { "name": "RsaPss2048Sha256", "description": "RSASSA-PSS 2048 bit key with a SHA256 digest.", "value": "RSA_PSS_2048_SHA256" }, { "name": "RsaSignPss2048Sha256", "description": "RSASSA-PSS 2048 bit key with a SHA256 digest.", "value": "RSA_SIGN_PSS_2048_SHA256" }, { "name": "RsaPss3072Sha256", "description": "RSASSA-PSS 3072 bit key with a SHA256 digest.", "value": "RSA_PSS_3072_SHA256" }, { "name": "RsaSignPss3072Sha256", "description": "RSASSA-PSS 3072 bit key with a SHA256 digest.", "value": "RSA_SIGN_PSS_3072_SHA256" }, { "name": "RsaPss4096Sha256", "description": "RSASSA-PSS 4096 bit key with a SHA256 digest.", "value": "RSA_PSS_4096_SHA256" }, { "name": "RsaSignPss4096Sha256", "description": "RSASSA-PSS 4096 bit key with a SHA256 digest.", "value": "RSA_SIGN_PSS_4096_SHA256" }, { "name": "RsaPss4096Sha512", "description": "RSASSA-PSS 4096 bit key with a SHA512 digest.", "value": "RSA_PSS_4096_SHA512" }, { "name": "RsaSignPss4096Sha512", "description": "RSASSA-PSS 4096 bit key with a SHA512 digest.", "value": "RSA_SIGN_PSS_4096_SHA512" }, { "name": "RsaSignPkcs12048Sha256", "description": "RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest.", "value": "RSA_SIGN_PKCS1_2048_SHA256" }, { "name": "RsaSignPkcs13072Sha256", "description": "RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest.", "value": "RSA_SIGN_PKCS1_3072_SHA256" }, { "name": "RsaSignPkcs14096Sha256", "description": "RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest.", "value": "RSA_SIGN_PKCS1_4096_SHA256" }, { "name": "RsaSignPkcs14096Sha512", "description": "RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest.", "value": "RSA_SIGN_PKCS1_4096_SHA512" }, { "name": "EcdsaP256Sha256", "description": "ECDSA on the NIST P-256 curve with a SHA256 digest.", "value": "ECDSA_P256_SHA256" }, { "name": "EcSignP256Sha256", "description": "ECDSA on the NIST P-256 curve with a SHA256 digest.", "value": "EC_SIGN_P256_SHA256" }, { "name": "EcdsaP384Sha384", "description": "ECDSA on the NIST P-384 curve with a SHA384 digest.", "value": "ECDSA_P384_SHA384" }, { "name": "EcSignP384Sha384", "description": "ECDSA on the NIST P-384 curve with a SHA384 digest.", "value": "EC_SIGN_P384_SHA384" }, { "name": "EcdsaP521Sha512", "description": "ECDSA on the NIST P-521 curve with a SHA512 digest.", "value": "ECDSA_P521_SHA512" }, { "name": "EcSignP521Sha512", "description": "ECDSA on the NIST P-521 curve with a SHA512 digest.", "value": "EC_SIGN_P521_SHA512" } ] }, "google-native:binaryauthorization/v1:Scope": { "description": "A scope specifier for `CheckSet` objects.", "properties": { "kubernetesNamespace": { "type": "string", "description": "Optional. Matches all Kubernetes service accounts in the provided namespace, unless a more specific `kubernetes_service_account` scope already matched." }, "kubernetesServiceAccount": { "type": "string", "description": "Optional. Matches a single Kubernetes service account, e.g. `my-namespace:my-service-account`. `kubernetes_service_account` scope is always more specific than `kubernetes_namespace` scope for the same namespace." } }, "type": "object" }, "google-native:binaryauthorization/v1:ScopeResponse": { "description": "A scope specifier for `CheckSet` objects.", "properties": { "kubernetesNamespace": { "type": "string", "description": "Optional. Matches all Kubernetes service accounts in the provided namespace, unless a more specific `kubernetes_service_account` scope already matched." }, "kubernetesServiceAccount": { "type": "string", "description": "Optional. Matches a single Kubernetes service account, e.g. `my-namespace:my-service-account`. `kubernetes_service_account` scope is always more specific than `kubernetes_namespace` scope for the same namespace." } }, "type": "object", "required": [ "kubernetesNamespace", "kubernetesServiceAccount" ] }, "google-native:binaryauthorization/v1:SimpleSigningAttestationCheck": { "description": "Require a signed [DSSE](https://github.com/secure-systems-lab/dsse) attestation with type SimpleSigning.", "properties": { "attestationAuthenticators": { "type": "array", "items": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:AttestationAuthenticator" }, "description": "The authenticators required by this check to verify an attestation. Typically this is one or more PKIX public keys for signature verification. Only one authenticator needs to consider an attestation verified in order for an attestation to be considered fully authenticated. In otherwords, this list of authenticators is an \"OR\" of the authenticator results. At least one authenticator is required." }, "containerAnalysisAttestationProjects": { "type": "array", "items": { "type": "string" }, "description": "Optional. The projects where attestations are stored as Container Analysis Occurrences. Only one attestation needs to successfully verify an image for this check to pass, so a single verified attestation found in any of `container_analysis_attestation_projects` is sufficient for the check to pass. When fetching Occurrences from Container Analysis, only 'AttestationOccurrence' kinds are considered. In the future, additional Occurrence kinds may be added to the query." } }, "type": "object", "required": [ "attestationAuthenticators" ] }, "google-native:binaryauthorization/v1:SimpleSigningAttestationCheckResponse": { "description": "Require a signed [DSSE](https://github.com/secure-systems-lab/dsse) attestation with type SimpleSigning.", "properties": { "attestationAuthenticators": { "type": "array", "items": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:AttestationAuthenticatorResponse" }, "description": "The authenticators required by this check to verify an attestation. Typically this is one or more PKIX public keys for signature verification. Only one authenticator needs to consider an attestation verified in order for an attestation to be considered fully authenticated. In otherwords, this list of authenticators is an \"OR\" of the authenticator results. At least one authenticator is required." }, "containerAnalysisAttestationProjects": { "type": "array", "items": { "type": "string" }, "description": "Optional. The projects where attestations are stored as Container Analysis Occurrences. Only one attestation needs to successfully verify an image for this check to pass, so a single verified attestation found in any of `container_analysis_attestation_projects` is sufficient for the check to pass. When fetching Occurrences from Container Analysis, only 'AttestationOccurrence' kinds are considered. In the future, additional Occurrence kinds may be added to the query." } }, "type": "object", "required": [ "attestationAuthenticators", "containerAnalysisAttestationProjects" ] }, "google-native:binaryauthorization/v1:SlsaCheck": { "description": "A SLSA provenance attestation check, which ensures that images are built by a trusted builder using source code from its trusted repositories only.", "properties": { "rules": { "type": "array", "items": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:VerificationRule" }, "description": "Specifies a list of verification rules for the SLSA attestations. An image is considered compliant with the SlsaCheck if any of the rules are satisfied." } }, "type": "object" }, "google-native:binaryauthorization/v1:SlsaCheckResponse": { "description": "A SLSA provenance attestation check, which ensures that images are built by a trusted builder using source code from its trusted repositories only.", "properties": { "rules": { "type": "array", "items": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:VerificationRuleResponse" }, "description": "Specifies a list of verification rules for the SLSA attestations. An image is considered compliant with the SlsaCheck if any of the rules are satisfied." } }, "type": "object", "required": [ "rules" ] }, "google-native:binaryauthorization/v1:TrustedDirectoryCheck": { "description": "A trusted directory check, which rejects images that do not come from the set of user-configured trusted directories.", "properties": { "trustedDirPatterns": { "type": "array", "items": { "type": "string" }, "description": "List of trusted directory patterns. A pattern is in the form \"registry/path/to/directory\". The registry domain part is defined as two or more dot-separated words, e.g., `us.pkg.dev`, or `gcr.io`. Additionally, `*` can be used in three ways as wildcards: 1. leading `*` to match varying prefixes in registry subdomain (useful for location prefixes); 2. trailing `*` after registry/ to match varying endings; 3. trailing `**` after registry/ to match \"/\" as well. For example: -- `gcr.io/my-project/my-repo` is valid to match a single directory -- `*-docker.pkg.dev/my-project/my-repo` or `*.gcr.io/my-project` are valid to match varying prefixes -- `gcr.io/my-project/*` will match all direct directories in `my-project` -- `gcr.io/my-project/**` would match all directories in `my-project` -- `gcr.i*` is not allowed since the registry is not completely specified -- `sub*domain.gcr.io/nginx` is not valid because only leading `*` or trailing `*` are allowed. -- `*pkg.dev/my-project/my-repo` is not valid because leading `*` can only match subdomain -- `**-docker.pkg.dev` is not valid because one leading `*` is allowed, and that it cannot match `/`" } }, "type": "object", "required": [ "trustedDirPatterns" ] }, "google-native:binaryauthorization/v1:TrustedDirectoryCheckResponse": { "description": "A trusted directory check, which rejects images that do not come from the set of user-configured trusted directories.", "properties": { "trustedDirPatterns": { "type": "array", "items": { "type": "string" }, "description": "List of trusted directory patterns. A pattern is in the form \"registry/path/to/directory\". The registry domain part is defined as two or more dot-separated words, e.g., `us.pkg.dev`, or `gcr.io`. Additionally, `*` can be used in three ways as wildcards: 1. leading `*` to match varying prefixes in registry subdomain (useful for location prefixes); 2. trailing `*` after registry/ to match varying endings; 3. trailing `**` after registry/ to match \"/\" as well. For example: -- `gcr.io/my-project/my-repo` is valid to match a single directory -- `*-docker.pkg.dev/my-project/my-repo` or `*.gcr.io/my-project` are valid to match varying prefixes -- `gcr.io/my-project/*` will match all direct directories in `my-project` -- `gcr.io/my-project/**` would match all directories in `my-project` -- `gcr.i*` is not allowed since the registry is not completely specified -- `sub*domain.gcr.io/nginx` is not valid because only leading `*` or trailing `*` are allowed. -- `*pkg.dev/my-project/my-repo` is not valid because leading `*` can only match subdomain -- `**-docker.pkg.dev` is not valid because one leading `*` is allowed, and that it cannot match `/`" } }, "type": "object", "required": [ "trustedDirPatterns" ] }, "google-native:binaryauthorization/v1:UserOwnedGrafeasNote": { "description": "An user owned Grafeas note references a Grafeas Attestation.Authority Note created by the user.", "properties": { "noteReference": { "type": "string", "description": "The Grafeas resource name of a Attestation.Authority Note, created by the user, in the format: `projects/*/notes/*`. This field may not be updated. An attestation by this attestor is stored as a Grafeas Attestation.Authority Occurrence that names a container image and that links to this Note. Grafeas is an external dependency." }, "publicKeys": { "type": "array", "items": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:AttestorPublicKey" }, "description": "Optional. Public keys that verify attestations signed by this attestor. This field may be updated. If this field is non-empty, one of the specified public keys must verify that an attestation was signed by this attestor for the image specified in the admission request. If this field is empty, this attestor always returns that no valid attestations exist." } }, "type": "object", "required": [ "noteReference" ] }, "google-native:binaryauthorization/v1:UserOwnedGrafeasNoteResponse": { "description": "An user owned Grafeas note references a Grafeas Attestation.Authority Note created by the user.", "properties": { "delegationServiceAccountEmail": { "type": "string", "description": "This field will contain the service account email address that this attestor will use as the principal when querying Container Analysis. Attestor administrators must grant this service account the IAM role needed to read attestations from the note_reference in Container Analysis (`containeranalysis.notes.occurrences.viewer`). This email address is fixed for the lifetime of the attestor, but callers should not make any other assumptions about the service account email; future versions may use an email based on a different naming pattern." }, "noteReference": { "type": "string", "description": "The Grafeas resource name of a Attestation.Authority Note, created by the user, in the format: `projects/*/notes/*`. This field may not be updated. An attestation by this attestor is stored as a Grafeas Attestation.Authority Occurrence that names a container image and that links to this Note. Grafeas is an external dependency." }, "publicKeys": { "type": "array", "items": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:AttestorPublicKeyResponse" }, "description": "Optional. Public keys that verify attestations signed by this attestor. This field may be updated. If this field is non-empty, one of the specified public keys must verify that an attestation was signed by this attestor for the image specified in the admission request. If this field is empty, this attestor always returns that no valid attestations exist." } }, "type": "object", "required": [ "delegationServiceAccountEmail", "noteReference", "publicKeys" ] }, "google-native:binaryauthorization/v1:VerificationRule": { "description": "Specifies verification rules for evaluating the SLSA attestations including: which builders to trust, where to fetch the SLSA attestations generated by those builders, and other builder-specific evaluation rules such as which source repositories are trusted. An image is considered verified by the rule if any of the fetched SLSA attestations is verified.", "properties": { "attestationSource": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:AttestationSource", "description": "Specifies where to fetch the provenances attestations generated by the builder (group)." }, "configBasedBuildRequired": { "type": "boolean", "description": "If true, require the image to be built from a top-level configuration. `trusted_source_repo_patterns` specifies the repositories containing this configuration." }, "trustedBuilder": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:VerificationRuleTrustedBuilder", "description": "Each verification rule is used for evaluation against provenances generated by a specific builder (group). For some of the builders, such as the Google Cloud Build, users don't need to explicitly specify their roots of trust in the policy since the evaluation service can automatically fetch them based on the builder (group)." }, "trustedSourceRepoPatterns": { "type": "array", "items": { "type": "string" }, "description": "List of trusted source code repository URL patterns. These patterns match the full repository URL without its scheme (e.g. `https://`). The patterns must not include schemes. For example, the pattern `source.cloud.google.com/my-project/my-repo-name` matches the following URLs: - `source.cloud.google.com/my-project/my-repo-name` - `git+ssh://source.cloud.google.com/my-project/my-repo-name` - `https://source.cloud.google.com/my-project/my-repo-name` A pattern matches a URL either exactly or with `*` wildcards. `*` can be used in only two ways: 1. trailing `*` after hosturi/ to match varying endings; 2. trailing `**` after hosturi/ to match `/` as well. `*` and `**` can only be used as wildcards and can only occur at the end of the pattern after a `/`. (So it's not possible to match a URL that contains literal `*`.) For example: - `github.com/my-project/my-repo` is valid to match a single repo - `github.com/my-project/*` will match all direct repos in `my-project` - `github.com/**` matches all repos in GitHub" } }, "type": "object" }, "google-native:binaryauthorization/v1:VerificationRuleResponse": { "description": "Specifies verification rules for evaluating the SLSA attestations including: which builders to trust, where to fetch the SLSA attestations generated by those builders, and other builder-specific evaluation rules such as which source repositories are trusted. An image is considered verified by the rule if any of the fetched SLSA attestations is verified.", "properties": { "attestationSource": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:AttestationSourceResponse", "description": "Specifies where to fetch the provenances attestations generated by the builder (group)." }, "configBasedBuildRequired": { "type": "boolean", "description": "If true, require the image to be built from a top-level configuration. `trusted_source_repo_patterns` specifies the repositories containing this configuration." }, "trustedBuilder": { "type": "string", "description": "Each verification rule is used for evaluation against provenances generated by a specific builder (group). For some of the builders, such as the Google Cloud Build, users don't need to explicitly specify their roots of trust in the policy since the evaluation service can automatically fetch them based on the builder (group)." }, "trustedSourceRepoPatterns": { "type": "array", "items": { "type": "string" }, "description": "List of trusted source code repository URL patterns. These patterns match the full repository URL without its scheme (e.g. `https://`). The patterns must not include schemes. For example, the pattern `source.cloud.google.com/my-project/my-repo-name` matches the following URLs: - `source.cloud.google.com/my-project/my-repo-name` - `git+ssh://source.cloud.google.com/my-project/my-repo-name` - `https://source.cloud.google.com/my-project/my-repo-name` A pattern matches a URL either exactly or with `*` wildcards. `*` can be used in only two ways: 1. trailing `*` after hosturi/ to match varying endings; 2. trailing `**` after hosturi/ to match `/` as well. `*` and `**` can only be used as wildcards and can only occur at the end of the pattern after a `/`. (So it's not possible to match a URL that contains literal `*`.) For example: - `github.com/my-project/my-repo` is valid to match a single repo - `github.com/my-project/*` will match all direct repos in `my-project` - `github.com/**` matches all repos in GitHub" } }, "type": "object", "required": [ "attestationSource", "configBasedBuildRequired", "trustedBuilder", "trustedSourceRepoPatterns" ] }, "google-native:binaryauthorization/v1:VerificationRuleTrustedBuilder": { "description": "Each verification rule is used for evaluation against provenances generated by a specific builder (group). For some of the builders, such as the Google Cloud Build, users don't need to explicitly specify their roots of trust in the policy since the evaluation service can automatically fetch them based on the builder (group).", "type": "string", "enum": [ { "name": "BuilderUnspecified", "description": "Should never happen.", "value": "BUILDER_UNSPECIFIED" }, { "name": "GoogleCloudBuild", "description": "The whole Google Cloud Build (GCB) builder group, including all GCB builder types.", "value": "GOOGLE_CLOUD_BUILD" } ] }, "google-native:binaryauthorization/v1:VulnerabilityCheck": { "description": "An image vulnerability check, which rejects images that violate the configured vulnerability rules.", "properties": { "allowedCves": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of specific CVEs to ignore even if the vulnerability level violates `maximumUnfixableSeverity` or `maximumFixableSeverity`. CVEs are listed in the format of Container Analysis note id. For example: - CVE-2021-20305 - CVE-2020-10543 The CVEs are applicable regardless of note provider project, e.g., an entry of `CVE-2021-20305` will allow vulnerabilities with a note name of either `projects/goog-vulnz/notes/CVE-2021-20305` or `projects/CUSTOM-PROJECT/notes/CVE-2021-20305`." }, "blockedCves": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of specific CVEs to always raise warnings about even if the vulnerability level meets `maximumUnfixableSeverity` or `maximumFixableSeverity`. CVEs are listed in the format of Container Analysis note id. For example: - CVE-2021-20305 - CVE-2020-10543 The CVEs are applicable regardless of note provider project, e.g., an entry of `CVE-2021-20305` will block vulnerabilities with a note name of either `projects/goog-vulnz/notes/CVE-2021-20305` or `projects/CUSTOM-PROJECT/notes/CVE-2021-20305`." }, "containerAnalysisVulnerabilityProjects": { "type": "array", "items": { "type": "string" }, "description": "Optional. The projects where vulnerabilities are stored as Container Analysis Occurrences. Each project is expressed in the resource format of `projects/[PROJECT_ID]`, e.g., `projects/my-gcp-project`. An attempt will be made for each project to fetch vulnerabilities, and all valid vulnerabilities will be used to check against the vulnerability policy. If no valid scan is found in all projects configured here, an error will be returned for the check." }, "maximumFixableSeverity": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:VulnerabilityCheckMaximumFixableSeverity", "description": "The threshold for severity for which a fix is currently available. This field is required and must be set." }, "maximumUnfixableSeverity": { "$ref": "#/types/google-native:binaryauthorization%2Fv1:VulnerabilityCheckMaximumUnfixableSeverity", "description": "The threshold for severity for which a fix isn't currently available. This field is required and must be set." } }, "type": "object", "required": [ "maximumFixableSeverity", "maximumUnfixableSeverity" ] }, "google-native:binaryauthorization/v1:VulnerabilityCheckMaximumFixableSeverity": { "description": "Required. The threshold for severity for which a fix is currently available. This field is required and must be set.", "type": "string", "enum": [ { "name": "MaximumAllowedSeverityUnspecified", "description": "Not specified.", "value": "MAXIMUM_ALLOWED_SEVERITY_UNSPECIFIED" }, { "name": "BlockAll", "description": "Block any vulnerability.", "value": "BLOCK_ALL" }, { "name": "Minimal", "description": "Allow only minimal severity.", "value": "MINIMAL" }, { "name": "Low", "description": "Allow only low severity and lower.", "value": "LOW" }, { "name": "Medium", "description": "Allow medium severity and lower.", "value": "MEDIUM" }, { "name": "High", "description": "Allow high severity and lower.", "value": "HIGH" }, { "name": "Critical", "description": "Allow critical severity and lower.", "value": "CRITICAL" }, { "name": "AllowAll", "description": "Allow all severity, even vulnerability with unspecified severity.", "value": "ALLOW_ALL" } ] }, "google-native:binaryauthorization/v1:VulnerabilityCheckMaximumUnfixableSeverity": { "description": "Required. The threshold for severity for which a fix isn't currently available. This field is required and must be set.", "type": "string", "enum": [ { "name": "MaximumAllowedSeverityUnspecified", "description": "Not specified.", "value": "MAXIMUM_ALLOWED_SEVERITY_UNSPECIFIED" }, { "name": "BlockAll", "description": "Block any vulnerability.", "value": "BLOCK_ALL" }, { "name": "Minimal", "description": "Allow only minimal severity.", "value": "MINIMAL" }, { "name": "Low", "description": "Allow only low severity and lower.", "value": "LOW" }, { "name": "Medium", "description": "Allow medium severity and lower.", "value": "MEDIUM" }, { "name": "High", "description": "Allow high severity and lower.", "value": "HIGH" }, { "name": "Critical", "description": "Allow critical severity and lower.", "value": "CRITICAL" }, { "name": "AllowAll", "description": "Allow all severity, even vulnerability with unspecified severity.", "value": "ALLOW_ALL" } ] }, "google-native:binaryauthorization/v1:VulnerabilityCheckResponse": { "description": "An image vulnerability check, which rejects images that violate the configured vulnerability rules.", "properties": { "allowedCves": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of specific CVEs to ignore even if the vulnerability level violates `maximumUnfixableSeverity` or `maximumFixableSeverity`. CVEs are listed in the format of Container Analysis note id. For example: - CVE-2021-20305 - CVE-2020-10543 The CVEs are applicable regardless of note provider project, e.g., an entry of `CVE-2021-20305` will allow vulnerabilities with a note name of either `projects/goog-vulnz/notes/CVE-2021-20305` or `projects/CUSTOM-PROJECT/notes/CVE-2021-20305`." }, "blockedCves": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of specific CVEs to always raise warnings about even if the vulnerability level meets `maximumUnfixableSeverity` or `maximumFixableSeverity`. CVEs are listed in the format of Container Analysis note id. For example: - CVE-2021-20305 - CVE-2020-10543 The CVEs are applicable regardless of note provider project, e.g., an entry of `CVE-2021-20305` will block vulnerabilities with a note name of either `projects/goog-vulnz/notes/CVE-2021-20305` or `projects/CUSTOM-PROJECT/notes/CVE-2021-20305`." }, "containerAnalysisVulnerabilityProjects": { "type": "array", "items": { "type": "string" }, "description": "Optional. The projects where vulnerabilities are stored as Container Analysis Occurrences. Each project is expressed in the resource format of `projects/[PROJECT_ID]`, e.g., `projects/my-gcp-project`. An attempt will be made for each project to fetch vulnerabilities, and all valid vulnerabilities will be used to check against the vulnerability policy. If no valid scan is found in all projects configured here, an error will be returned for the check." }, "maximumFixableSeverity": { "type": "string", "description": "The threshold for severity for which a fix is currently available. This field is required and must be set." }, "maximumUnfixableSeverity": { "type": "string", "description": "The threshold for severity for which a fix isn't currently available. This field is required and must be set." } }, "type": "object", "required": [ "allowedCves", "blockedCves", "containerAnalysisVulnerabilityProjects", "maximumFixableSeverity", "maximumUnfixableSeverity" ] }, "google-native:binaryauthorization/v1beta1:AttestorPublicKey": { "description": "An attestor public key that will be used to verify attestations signed by this attestor.", "properties": { "asciiArmoredPgpPublicKey": { "type": "string", "description": "ASCII-armored representation of a PGP public key, as the entire output by the command `gpg --export --armor foo@example.com` (either LF or CRLF line endings). When using this field, `id` should be left blank. The BinAuthz API handlers will calculate the ID and fill it in automatically. BinAuthz computes this ID as the OpenPGP RFC4880 V4 fingerprint, represented as upper-case hex. If `id` is provided by the caller, it will be overwritten by the API-calculated ID." }, "comment": { "type": "string", "description": "Optional. A descriptive comment. This field may be updated." }, "id": { "type": "string", "description": "The ID of this public key. Signatures verified by BinAuthz must include the ID of the public key that can be used to verify them, and that ID must match the contents of this field exactly. Additional restrictions on this field can be imposed based on which public key type is encapsulated. See the documentation on `public_key` cases below for details." }, "pkixPublicKey": { "$ref": "#/types/google-native:binaryauthorization%2Fv1beta1:PkixPublicKey", "description": "A raw PKIX SubjectPublicKeyInfo format public key. NOTE: `id` may be explicitly provided by the caller when using this type of public key, but it MUST be a valid RFC3986 URI. If `id` is left blank, a default one will be computed based on the digest of the DER encoding of the public key." } }, "type": "object" }, "google-native:binaryauthorization/v1beta1:AttestorPublicKeyResponse": { "description": "An attestor public key that will be used to verify attestations signed by this attestor.", "properties": { "asciiArmoredPgpPublicKey": { "type": "string", "description": "ASCII-armored representation of a PGP public key, as the entire output by the command `gpg --export --armor foo@example.com` (either LF or CRLF line endings). When using this field, `id` should be left blank. The BinAuthz API handlers will calculate the ID and fill it in automatically. BinAuthz computes this ID as the OpenPGP RFC4880 V4 fingerprint, represented as upper-case hex. If `id` is provided by the caller, it will be overwritten by the API-calculated ID." }, "comment": { "type": "string", "description": "Optional. A descriptive comment. This field may be updated." }, "pkixPublicKey": { "$ref": "#/types/google-native:binaryauthorization%2Fv1beta1:PkixPublicKeyResponse", "description": "A raw PKIX SubjectPublicKeyInfo format public key. NOTE: `id` may be explicitly provided by the caller when using this type of public key, but it MUST be a valid RFC3986 URI. If `id` is left blank, a default one will be computed based on the digest of the DER encoding of the public key." } }, "type": "object", "required": [ "asciiArmoredPgpPublicKey", "comment", "pkixPublicKey" ] }, "google-native:binaryauthorization/v1beta1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:binaryauthorization%2Fv1beta1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:binaryauthorization/v1beta1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:binaryauthorization%2Fv1beta1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:binaryauthorization/v1beta1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:binaryauthorization/v1beta1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:binaryauthorization/v1beta1:PkixPublicKey": { "description": "A public key in the PkixPublicKey format (see https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for details). Public keys of this type are typically textually encoded using the PEM format.", "properties": { "publicKeyPem": { "type": "string", "description": "A PEM-encoded public key, as described in https://tools.ietf.org/html/rfc7468#section-13" }, "signatureAlgorithm": { "$ref": "#/types/google-native:binaryauthorization%2Fv1beta1:PkixPublicKeySignatureAlgorithm", "description": "The signature algorithm used to verify a message against a signature using this key. These signature algorithm must match the structure and any object identifiers encoded in `public_key_pem` (i.e. this algorithm must match that of the public key)." } }, "type": "object" }, "google-native:binaryauthorization/v1beta1:PkixPublicKeyResponse": { "description": "A public key in the PkixPublicKey format (see https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for details). Public keys of this type are typically textually encoded using the PEM format.", "properties": { "publicKeyPem": { "type": "string", "description": "A PEM-encoded public key, as described in https://tools.ietf.org/html/rfc7468#section-13" }, "signatureAlgorithm": { "type": "string", "description": "The signature algorithm used to verify a message against a signature using this key. These signature algorithm must match the structure and any object identifiers encoded in `public_key_pem` (i.e. this algorithm must match that of the public key)." } }, "type": "object", "required": [ "publicKeyPem", "signatureAlgorithm" ] }, "google-native:binaryauthorization/v1beta1:PkixPublicKeySignatureAlgorithm": { "description": "The signature algorithm used to verify a message against a signature using this key. These signature algorithm must match the structure and any object identifiers encoded in `public_key_pem` (i.e. this algorithm must match that of the public key).", "type": "string", "enum": [ { "name": "SignatureAlgorithmUnspecified", "description": "Not specified.", "value": "SIGNATURE_ALGORITHM_UNSPECIFIED" }, { "name": "RsaPss2048Sha256", "description": "RSASSA-PSS 2048 bit key with a SHA256 digest.", "value": "RSA_PSS_2048_SHA256" }, { "name": "RsaSignPss2048Sha256", "description": "RSASSA-PSS 2048 bit key with a SHA256 digest.", "value": "RSA_SIGN_PSS_2048_SHA256" }, { "name": "RsaPss3072Sha256", "description": "RSASSA-PSS 3072 bit key with a SHA256 digest.", "value": "RSA_PSS_3072_SHA256" }, { "name": "RsaSignPss3072Sha256", "description": "RSASSA-PSS 3072 bit key with a SHA256 digest.", "value": "RSA_SIGN_PSS_3072_SHA256" }, { "name": "RsaPss4096Sha256", "description": "RSASSA-PSS 4096 bit key with a SHA256 digest.", "value": "RSA_PSS_4096_SHA256" }, { "name": "RsaSignPss4096Sha256", "description": "RSASSA-PSS 4096 bit key with a SHA256 digest.", "value": "RSA_SIGN_PSS_4096_SHA256" }, { "name": "RsaPss4096Sha512", "description": "RSASSA-PSS 4096 bit key with a SHA512 digest.", "value": "RSA_PSS_4096_SHA512" }, { "name": "RsaSignPss4096Sha512", "description": "RSASSA-PSS 4096 bit key with a SHA512 digest.", "value": "RSA_SIGN_PSS_4096_SHA512" }, { "name": "RsaSignPkcs12048Sha256", "description": "RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest.", "value": "RSA_SIGN_PKCS1_2048_SHA256" }, { "name": "RsaSignPkcs13072Sha256", "description": "RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest.", "value": "RSA_SIGN_PKCS1_3072_SHA256" }, { "name": "RsaSignPkcs14096Sha256", "description": "RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest.", "value": "RSA_SIGN_PKCS1_4096_SHA256" }, { "name": "RsaSignPkcs14096Sha512", "description": "RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest.", "value": "RSA_SIGN_PKCS1_4096_SHA512" }, { "name": "EcdsaP256Sha256", "description": "ECDSA on the NIST P-256 curve with a SHA256 digest.", "value": "ECDSA_P256_SHA256" }, { "name": "EcSignP256Sha256", "description": "ECDSA on the NIST P-256 curve with a SHA256 digest.", "value": "EC_SIGN_P256_SHA256" }, { "name": "EcdsaP384Sha384", "description": "ECDSA on the NIST P-384 curve with a SHA384 digest.", "value": "ECDSA_P384_SHA384" }, { "name": "EcSignP384Sha384", "description": "ECDSA on the NIST P-384 curve with a SHA384 digest.", "value": "EC_SIGN_P384_SHA384" }, { "name": "EcdsaP521Sha512", "description": "ECDSA on the NIST P-521 curve with a SHA512 digest.", "value": "ECDSA_P521_SHA512" }, { "name": "EcSignP521Sha512", "description": "ECDSA on the NIST P-521 curve with a SHA512 digest.", "value": "EC_SIGN_P521_SHA512" } ] }, "google-native:binaryauthorization/v1beta1:UserOwnedDrydockNote": { "description": "An user owned drydock note references a Drydock ATTESTATION_AUTHORITY Note created by the user.", "properties": { "noteReference": { "type": "string", "description": "The Drydock resource name of a ATTESTATION_AUTHORITY Note, created by the user, in the format: `projects/*/notes/*` (or the legacy `providers/*/notes/*`). This field may not be updated. An attestation by this attestor is stored as a Drydock ATTESTATION_AUTHORITY Occurrence that names a container image and that links to this Note. Drydock is an external dependency." }, "publicKeys": { "type": "array", "items": { "$ref": "#/types/google-native:binaryauthorization%2Fv1beta1:AttestorPublicKey" }, "description": "Optional. Public keys that verify attestations signed by this attestor. This field may be updated. If this field is non-empty, one of the specified public keys must verify that an attestation was signed by this attestor for the image specified in the admission request. If this field is empty, this attestor always returns that no valid attestations exist." } }, "type": "object", "required": [ "noteReference" ] }, "google-native:binaryauthorization/v1beta1:UserOwnedDrydockNoteResponse": { "description": "An user owned drydock note references a Drydock ATTESTATION_AUTHORITY Note created by the user.", "properties": { "delegationServiceAccountEmail": { "type": "string", "description": "This field will contain the service account email address that this Attestor will use as the principal when querying Container Analysis. Attestor administrators must grant this service account the IAM role needed to read attestations from the note_reference in Container Analysis (`containeranalysis.notes.occurrences.viewer`). This email address is fixed for the lifetime of the Attestor, but callers should not make any other assumptions about the service account email; future versions may use an email based on a different naming pattern." }, "noteReference": { "type": "string", "description": "The Drydock resource name of a ATTESTATION_AUTHORITY Note, created by the user, in the format: `projects/*/notes/*` (or the legacy `providers/*/notes/*`). This field may not be updated. An attestation by this attestor is stored as a Drydock ATTESTATION_AUTHORITY Occurrence that names a container image and that links to this Note. Drydock is an external dependency." }, "publicKeys": { "type": "array", "items": { "$ref": "#/types/google-native:binaryauthorization%2Fv1beta1:AttestorPublicKeyResponse" }, "description": "Optional. Public keys that verify attestations signed by this attestor. This field may be updated. If this field is non-empty, one of the specified public keys must verify that an attestation was signed by this attestor for the image specified in the admission request. If this field is empty, this attestor always returns that no valid attestations exist." } }, "type": "object", "required": [ "delegationServiceAccountEmail", "noteReference", "publicKeys" ] }, "google-native:blockchainnodeengine/v1:BlockchainNodeBlockchainType": { "description": "Immutable. The blockchain type of the node.", "type": "string", "enum": [ { "name": "BlockchainTypeUnspecified", "description": "Blockchain type has not been specified, but should be.", "value": "BLOCKCHAIN_TYPE_UNSPECIFIED" }, { "name": "Ethereum", "description": "The blockchain type is Ethereum.", "value": "ETHEREUM" } ] }, "google-native:blockchainnodeengine/v1:ConnectionInfoResponse": { "description": "The connection information through which to interact with a blockchain node.", "properties": { "endpointInfo": { "$ref": "#/types/google-native:blockchainnodeengine%2Fv1:EndpointInfoResponse", "description": "The endpoint information through which to interact with a blockchain node." }, "serviceAttachment": { "type": "string", "description": "A service attachment that exposes a node, and has the following format: projects/{project}/regions/{region}/serviceAttachments/{service_attachment_name}" } }, "type": "object", "required": [ "endpointInfo", "serviceAttachment" ] }, "google-native:blockchainnodeengine/v1:EndpointInfoResponse": { "description": "Contains endpoint information through which to interact with a blockchain node.", "properties": { "jsonRpcApiEndpoint": { "type": "string", "description": "The assigned URL for the node JSON-RPC API endpoint." }, "websocketsApiEndpoint": { "type": "string", "description": "The assigned URL for the node WebSockets API endpoint." } }, "type": "object", "required": [ "jsonRpcApiEndpoint", "websocketsApiEndpoint" ] }, "google-native:blockchainnodeengine/v1:EthereumDetails": { "description": "Ethereum-specific blockchain node details.", "properties": { "apiEnableAdmin": { "type": "boolean", "description": "Immutable. Enables JSON-RPC access to functions in the `admin` namespace. Defaults to `false`." }, "apiEnableDebug": { "type": "boolean", "description": "Immutable. Enables JSON-RPC access to functions in the `debug` namespace. Defaults to `false`." }, "beaconFeeRecipient": { "type": "string", "description": "An Ethereum address which the beacon client will send fee rewards to if no recipient is configured in the validator client. See https://lighthouse-book.sigmaprime.io/suggested-fee-recipient.html or https://docs.prylabs.network/docs/execution-node/fee-recipient for examples of how this is used. Note that while this is often described as \"suggested\", as we run the execution node we can trust the execution node, and therefore this is considered enforced." }, "consensusClient": { "$ref": "#/types/google-native:blockchainnodeengine%2Fv1:EthereumDetailsConsensusClient", "description": "Immutable. The consensus client." }, "executionClient": { "$ref": "#/types/google-native:blockchainnodeengine%2Fv1:EthereumDetailsExecutionClient", "description": "Immutable. The execution client" }, "gethDetails": { "$ref": "#/types/google-native:blockchainnodeengine%2Fv1:GethDetails", "description": "Details for the Geth execution client." }, "network": { "$ref": "#/types/google-native:blockchainnodeengine%2Fv1:EthereumDetailsNetwork", "description": "Immutable. The Ethereum environment being accessed." }, "nodeType": { "$ref": "#/types/google-native:blockchainnodeengine%2Fv1:EthereumDetailsNodeType", "description": "Immutable. The type of Ethereum node." } }, "type": "object" }, "google-native:blockchainnodeengine/v1:EthereumDetailsConsensusClient": { "description": "Immutable. The consensus client.", "type": "string", "enum": [ { "name": "ConsensusClientUnspecified", "description": "Consensus client has not been specified, but should be.", "value": "CONSENSUS_CLIENT_UNSPECIFIED" }, { "name": "Lighthouse", "description": "Consensus client implementation written in Rust, maintained by Sigma Prime. See [Lighthouse - Sigma Prime](https://lighthouse.sigmaprime.io/) for details.", "value": "LIGHTHOUSE" }, { "name": "ErigonEmbeddedConsensusLayer", "description": "Erigon's embedded consensus client embedded in the execution client. Note this option is not currently available when creating new blockchain nodes. See [Erigon on GitHub](https://github.com/ledgerwatch/erigon#embedded-consensus-layer) for details.", "value": "ERIGON_EMBEDDED_CONSENSUS_LAYER" } ] }, "google-native:blockchainnodeengine/v1:EthereumDetailsExecutionClient": { "description": "Immutable. The execution client", "type": "string", "enum": [ { "name": "ExecutionClientUnspecified", "description": "Execution client has not been specified, but should be.", "value": "EXECUTION_CLIENT_UNSPECIFIED" }, { "name": "Geth", "description": "Official Go implementation of the Ethereum protocol. See [go-ethereum](https://geth.ethereum.org/) for details.", "value": "GETH" }, { "name": "Erigon", "description": "An implementation of Ethereum (execution client), on the efficiency frontier, written in Go. See [Erigon on GitHub](https://github.com/ledgerwatch/erigon) for details.", "value": "ERIGON" } ] }, "google-native:blockchainnodeengine/v1:EthereumDetailsNetwork": { "description": "Immutable. The Ethereum environment being accessed.", "type": "string", "enum": [ { "name": "NetworkUnspecified", "description": "The network has not been specified, but should be.", "value": "NETWORK_UNSPECIFIED" }, { "name": "Mainnet", "description": "The Ethereum Mainnet.", "value": "MAINNET" }, { "name": "TestnetGoerliPrater", "description": "The Ethereum Testnet based on Goerli protocol.", "value": "TESTNET_GOERLI_PRATER" }, { "name": "TestnetSepolia", "description": "The Ethereum Testnet based on Sepolia/Bepolia protocol. See https://github.com/eth-clients/sepolia.", "value": "TESTNET_SEPOLIA" }, { "name": "TestnetHolesky", "description": "The Ethereum Testnet based on Holesky specification. See https://github.com/eth-clients/holesky.", "value": "TESTNET_HOLESKY" } ] }, "google-native:blockchainnodeengine/v1:EthereumDetailsNodeType": { "description": "Immutable. The type of Ethereum node.", "type": "string", "enum": [ { "name": "NodeTypeUnspecified", "description": "Node type has not been specified, but should be.", "value": "NODE_TYPE_UNSPECIFIED" }, { "name": "Light", "description": "An Ethereum node that only downloads Ethereum block headers.", "value": "LIGHT" }, { "name": "Full", "description": "Keeps a complete copy of the blockchain data, and contributes to the network by receiving, validating, and forwarding transactions.", "value": "FULL" }, { "name": "Archive", "description": "Holds the same data as full node as well as all of the blockchain's history state data dating back to the Genesis Block.", "value": "ARCHIVE" } ] }, "google-native:blockchainnodeengine/v1:EthereumDetailsResponse": { "description": "Ethereum-specific blockchain node details.", "properties": { "additionalEndpoints": { "$ref": "#/types/google-native:blockchainnodeengine%2Fv1:EthereumEndpointsResponse", "description": "Ethereum-specific endpoint information." }, "apiEnableAdmin": { "type": "boolean", "description": "Immutable. Enables JSON-RPC access to functions in the `admin` namespace. Defaults to `false`." }, "apiEnableDebug": { "type": "boolean", "description": "Immutable. Enables JSON-RPC access to functions in the `debug` namespace. Defaults to `false`." }, "beaconFeeRecipient": { "type": "string", "description": "An Ethereum address which the beacon client will send fee rewards to if no recipient is configured in the validator client. See https://lighthouse-book.sigmaprime.io/suggested-fee-recipient.html or https://docs.prylabs.network/docs/execution-node/fee-recipient for examples of how this is used. Note that while this is often described as \"suggested\", as we run the execution node we can trust the execution node, and therefore this is considered enforced." }, "consensusClient": { "type": "string", "description": "Immutable. The consensus client." }, "executionClient": { "type": "string", "description": "Immutable. The execution client" }, "gethDetails": { "$ref": "#/types/google-native:blockchainnodeengine%2Fv1:GethDetailsResponse", "description": "Details for the Geth execution client." }, "network": { "type": "string", "description": "Immutable. The Ethereum environment being accessed." }, "nodeType": { "type": "string", "description": "Immutable. The type of Ethereum node." } }, "type": "object", "required": [ "additionalEndpoints", "apiEnableAdmin", "apiEnableDebug", "beaconFeeRecipient", "consensusClient", "executionClient", "gethDetails", "network", "nodeType" ] }, "google-native:blockchainnodeengine/v1:EthereumEndpointsResponse": { "description": "Contains endpoint information specific to Ethereum nodes.", "properties": { "beaconApiEndpoint": { "type": "string", "description": "The assigned URL for the node's Beacon API endpoint." }, "beaconPrometheusMetricsApiEndpoint": { "type": "string", "description": "The assigned URL for the node's Beacon Prometheus metrics endpoint. See [Prometheus Metrics](https://lighthouse-book.sigmaprime.io/advanced_metrics.html) for more details." }, "executionClientPrometheusMetricsApiEndpoint": { "type": "string", "description": "The assigned URL for the node's execution client's Prometheus metrics endpoint." } }, "type": "object", "required": [ "beaconApiEndpoint", "beaconPrometheusMetricsApiEndpoint", "executionClientPrometheusMetricsApiEndpoint" ] }, "google-native:blockchainnodeengine/v1:GethDetails": { "description": "Options for the Geth execution client. See [Command-line Options](https://geth.ethereum.org/docs/fundamentals/command-line-options) for more details.", "properties": { "garbageCollectionMode": { "$ref": "#/types/google-native:blockchainnodeengine%2Fv1:GethDetailsGarbageCollectionMode", "description": "Immutable. Blockchain garbage collection mode." } }, "type": "object" }, "google-native:blockchainnodeengine/v1:GethDetailsGarbageCollectionMode": { "description": "Immutable. Blockchain garbage collection mode.", "type": "string", "enum": [ { "name": "GarbageCollectionModeUnspecified", "description": "The garbage collection has not been specified.", "value": "GARBAGE_COLLECTION_MODE_UNSPECIFIED" }, { "name": "Full", "description": "Configures Geth's garbage collection so that older data not needed for a full node is deleted. This is the default mode when creating a full node.", "value": "FULL" }, { "name": "Archive", "description": "Configures Geth's garbage collection so that old data is never deleted. This is the default mode when creating an archive node. This value can also be chosen when creating a full node in order to create a partial/recent archive node. See [Sync modes](https://geth.ethereum.org/docs/fundamentals/sync-modes) for more details.", "value": "ARCHIVE" } ] }, "google-native:blockchainnodeengine/v1:GethDetailsResponse": { "description": "Options for the Geth execution client. See [Command-line Options](https://geth.ethereum.org/docs/fundamentals/command-line-options) for more details.", "properties": { "garbageCollectionMode": { "type": "string", "description": "Immutable. Blockchain garbage collection mode." } }, "type": "object", "required": [ "garbageCollectionMode" ] }, "google-native:certificatemanager/v1:AuthorizationAttemptInfoResponse": { "description": "State of the latest attempt to authorize a domain for certificate issuance.", "properties": { "details": { "type": "string", "description": "Human readable explanation for reaching the state. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use FailureReason enum." }, "domain": { "type": "string", "description": "Domain name of the authorization attempt." }, "failureReason": { "type": "string", "description": "Reason for failure of the authorization attempt for the domain." }, "state": { "type": "string", "description": "State of the domain for managed certificate issuance." } }, "type": "object", "required": [ "details", "domain", "failureReason", "state" ] }, "google-native:certificatemanager/v1:CertificateAuthorityConfig": { "description": "The CA that issues the workload certificate. It includes CA address, type, authentication to CA service, etc.", "properties": { "certificateAuthorityServiceConfig": { "$ref": "#/types/google-native:certificatemanager%2Fv1:CertificateAuthorityServiceConfig", "description": "Defines a CertificateAuthorityServiceConfig." } }, "type": "object" }, "google-native:certificatemanager/v1:CertificateAuthorityConfigResponse": { "description": "The CA that issues the workload certificate. It includes CA address, type, authentication to CA service, etc.", "properties": { "certificateAuthorityServiceConfig": { "$ref": "#/types/google-native:certificatemanager%2Fv1:CertificateAuthorityServiceConfigResponse", "description": "Defines a CertificateAuthorityServiceConfig." } }, "type": "object", "required": [ "certificateAuthorityServiceConfig" ] }, "google-native:certificatemanager/v1:CertificateAuthorityServiceConfig": { "description": "Contains information required to contact CA service.", "properties": { "caPool": { "type": "string", "description": "A CA pool resource used to issue a certificate. The CA pool string has a relative resource path following the form \"projects/{project}/locations/{location}/caPools/{ca_pool}\"." } }, "type": "object", "required": [ "caPool" ] }, "google-native:certificatemanager/v1:CertificateAuthorityServiceConfigResponse": { "description": "Contains information required to contact CA service.", "properties": { "caPool": { "type": "string", "description": "A CA pool resource used to issue a certificate. The CA pool string has a relative resource path following the form \"projects/{project}/locations/{location}/caPools/{ca_pool}\"." } }, "type": "object", "required": [ "caPool" ] }, "google-native:certificatemanager/v1:CertificateIssuanceConfigKeyAlgorithm": { "description": "Required. The key algorithm to use when generating the private key.", "type": "string", "enum": [ { "name": "KeyAlgorithmUnspecified", "description": "Unspecified key algorithm.", "value": "KEY_ALGORITHM_UNSPECIFIED" }, { "name": "Rsa2048", "description": "Specifies RSA with a 2048-bit modulus.", "value": "RSA_2048" }, { "name": "EcdsaP256", "description": "Specifies ECDSA with curve P256.", "value": "ECDSA_P256" } ] }, "google-native:certificatemanager/v1:CertificateMapEntryMatcher": { "description": "A predefined matcher for particular cases, other than SNI selection.", "type": "string", "enum": [ { "name": "MatcherUnspecified", "description": "A matcher has't been recognized.", "value": "MATCHER_UNSPECIFIED" }, { "name": "Primary", "description": "A primary certificate that is served when SNI wasn't specified in the request or SNI couldn't be found in the map.", "value": "PRIMARY" } ] }, "google-native:certificatemanager/v1:CertificateScope": { "description": "Immutable. The scope of the certificate.", "type": "string", "enum": [ { "name": "Default", "description": "Certificates with default scope are served from core Google data centers. If unsure, choose this option.", "value": "DEFAULT" }, { "name": "EdgeCache", "description": "Certificates with scope EDGE_CACHE are special-purposed certificates, served from Edge Points of Presence. See https://cloud.google.com/vpc/docs/edge-locations.", "value": "EDGE_CACHE" }, { "name": "AllRegions", "description": "Certificates with ALL_REGIONS scope are served from all Google Cloud regions. See https://cloud.google.com/compute/docs/regions-zones.", "value": "ALL_REGIONS" } ] }, "google-native:certificatemanager/v1:DnsResourceRecordResponse": { "description": "The structure describing the DNS Resource Record that needs to be added to DNS configuration for the authorization to be usable by certificate.", "properties": { "data": { "type": "string", "description": "Data of the DNS Resource Record." }, "name": { "type": "string", "description": "Fully qualified name of the DNS Resource Record. e.g. `_acme-challenge.example.com`" }, "type": { "type": "string", "description": "Type of the DNS Resource Record. Currently always set to \"CNAME\"." } }, "type": "object", "required": [ "data", "name", "type" ] }, "google-native:certificatemanager/v1:GclbTargetResponse": { "description": "Describes a Target Proxy that uses this Certificate Map.", "properties": { "ipConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:certificatemanager%2Fv1:IpConfigResponse" }, "description": "IP configurations for this Target Proxy where the Certificate Map is serving." }, "targetHttpsProxy": { "type": "string", "description": "This field returns the resource name in the following format: `//compute.googleapis.com/projects/*/global/targetHttpsProxies/*`." }, "targetSslProxy": { "type": "string", "description": "This field returns the resource name in the following format: `//compute.googleapis.com/projects/*/global/targetSslProxies/*`." } }, "type": "object", "required": [ "ipConfigs", "targetHttpsProxy", "targetSslProxy" ] }, "google-native:certificatemanager/v1:IntermediateCA": { "description": "Defines an intermediate CA.", "properties": { "pemCertificate": { "type": "string", "description": "PEM intermediate certificate used for building up paths for validation. Each certificate provided in PEM format may occupy up to 5kB." } }, "type": "object" }, "google-native:certificatemanager/v1:IntermediateCAResponse": { "description": "Defines an intermediate CA.", "properties": { "pemCertificate": { "type": "string", "description": "PEM intermediate certificate used for building up paths for validation. Each certificate provided in PEM format may occupy up to 5kB." } }, "type": "object", "required": [ "pemCertificate" ] }, "google-native:certificatemanager/v1:IpConfigResponse": { "description": "Defines IP configuration where this Certificate Map is serving.", "properties": { "ipAddress": { "type": "string", "description": "An external IP address." }, "ports": { "type": "array", "items": { "type": "integer" }, "description": "Ports." } }, "type": "object", "required": [ "ipAddress", "ports" ] }, "google-native:certificatemanager/v1:ManagedCertificate": { "description": "Configuration and state of a Managed Certificate. Certificate Manager provisions and renews Managed Certificates automatically, for as long as it's authorized to do so.", "properties": { "dnsAuthorizations": { "type": "array", "items": { "type": "string" }, "description": "Immutable. Authorizations that will be used for performing domain authorization." }, "domains": { "type": "array", "items": { "type": "string" }, "description": "Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution." }, "issuanceConfig": { "type": "string", "description": "Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format `projects/*/locations/*/certificateIssuanceConfigs/*`. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa." } }, "type": "object" }, "google-native:certificatemanager/v1:ManagedCertificateResponse": { "description": "Configuration and state of a Managed Certificate. Certificate Manager provisions and renews Managed Certificates automatically, for as long as it's authorized to do so.", "properties": { "authorizationAttemptInfo": { "type": "array", "items": { "$ref": "#/types/google-native:certificatemanager%2Fv1:AuthorizationAttemptInfoResponse" }, "description": "Detailed state of the latest authorization attempt for each domain specified for managed certificate resource." }, "dnsAuthorizations": { "type": "array", "items": { "type": "string" }, "description": "Immutable. Authorizations that will be used for performing domain authorization." }, "domains": { "type": "array", "items": { "type": "string" }, "description": "Immutable. The domains for which a managed SSL certificate will be generated. Wildcard domains are only supported with DNS challenge resolution." }, "issuanceConfig": { "type": "string", "description": "Immutable. The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format `projects/*/locations/*/certificateIssuanceConfigs/*`. If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa." }, "provisioningIssue": { "$ref": "#/types/google-native:certificatemanager%2Fv1:ProvisioningIssueResponse", "description": "Information about issues with provisioning a Managed Certificate." }, "state": { "type": "string", "description": "State of the managed certificate resource." } }, "type": "object", "required": [ "authorizationAttemptInfo", "dnsAuthorizations", "domains", "issuanceConfig", "provisioningIssue", "state" ] }, "google-native:certificatemanager/v1:ProvisioningIssueResponse": { "description": "Information about issues with provisioning a Managed Certificate.", "properties": { "details": { "type": "string", "description": "Human readable explanation about the issue. Provided to help address the configuration issues. Not guaranteed to be stable. For programmatic access use Reason enum." }, "reason": { "type": "string", "description": "Reason for provisioning failures." } }, "type": "object", "required": [ "details", "reason" ] }, "google-native:certificatemanager/v1:SelfManagedCertificate": { "description": "Certificate data for a SelfManaged Certificate. SelfManaged Certificates are uploaded by the user. Updating such certificates before they expire remains the user's responsibility.", "properties": { "pemCertificate": { "type": "string", "description": "Input only. The PEM-encoded certificate chain. Leaf certificate comes first, followed by intermediate ones if any." }, "pemPrivateKey": { "type": "string", "description": "Input only. The PEM-encoded private key of the leaf certificate." } }, "type": "object" }, "google-native:certificatemanager/v1:SelfManagedCertificateResponse": { "description": "Certificate data for a SelfManaged Certificate. SelfManaged Certificates are uploaded by the user. Updating such certificates before they expire remains the user's responsibility.", "properties": { "pemCertificate": { "type": "string", "description": "Input only. The PEM-encoded certificate chain. Leaf certificate comes first, followed by intermediate ones if any." }, "pemPrivateKey": { "type": "string", "description": "Input only. The PEM-encoded private key of the leaf certificate." } }, "type": "object", "required": [ "pemCertificate", "pemPrivateKey" ] }, "google-native:certificatemanager/v1:TrustAnchor": { "description": "Defines a trust anchor.", "properties": { "pemCertificate": { "type": "string", "description": "PEM root certificate of the PKI used for validation. Each certificate provided in PEM format may occupy up to 5kB." } }, "type": "object" }, "google-native:certificatemanager/v1:TrustAnchorResponse": { "description": "Defines a trust anchor.", "properties": { "pemCertificate": { "type": "string", "description": "PEM root certificate of the PKI used for validation. Each certificate provided in PEM format may occupy up to 5kB." } }, "type": "object", "required": [ "pemCertificate" ] }, "google-native:certificatemanager/v1:TrustStore": { "description": "Defines a trust store.", "properties": { "intermediateCas": { "type": "array", "items": { "$ref": "#/types/google-native:certificatemanager%2Fv1:IntermediateCA" }, "description": "Set of intermediate CA certificates used for the path building phase of chain validation. The field is currently not supported if TrustConfig is used for the workload certificate feature." }, "trustAnchors": { "type": "array", "items": { "$ref": "#/types/google-native:certificatemanager%2Fv1:TrustAnchor" }, "description": "List of Trust Anchors to be used while performing validation against a given TrustStore." } }, "type": "object" }, "google-native:certificatemanager/v1:TrustStoreResponse": { "description": "Defines a trust store.", "properties": { "intermediateCas": { "type": "array", "items": { "$ref": "#/types/google-native:certificatemanager%2Fv1:IntermediateCAResponse" }, "description": "Set of intermediate CA certificates used for the path building phase of chain validation. The field is currently not supported if TrustConfig is used for the workload certificate feature." }, "trustAnchors": { "type": "array", "items": { "$ref": "#/types/google-native:certificatemanager%2Fv1:TrustAnchorResponse" }, "description": "List of Trust Anchors to be used while performing validation against a given TrustStore." } }, "type": "object", "required": [ "intermediateCas", "trustAnchors" ] }, "google-native:cloudasset/v1:AccessSelector": { "description": "Specifies roles and/or permissions to analyze, to determine both the identities possessing them and the resources they control. If multiple values are specified, results will include roles or permissions matching any of them. The total number of roles and permissions should be equal or less than 10.", "properties": { "permissions": { "type": "array", "items": { "type": "string" }, "description": "Optional. The permissions to appear in result." }, "roles": { "type": "array", "items": { "type": "string" }, "description": "Optional. The roles to appear in result." } }, "type": "object" }, "google-native:cloudasset/v1:AccessSelectorResponse": { "description": "Specifies roles and/or permissions to analyze, to determine both the identities possessing them and the resources they control. If multiple values are specified, results will include roles or permissions matching any of them. The total number of roles and permissions should be equal or less than 10.", "properties": { "permissions": { "type": "array", "items": { "type": "string" }, "description": "Optional. The permissions to appear in result." }, "roles": { "type": "array", "items": { "type": "string" }, "description": "Optional. The roles to appear in result." } }, "type": "object", "required": [ "permissions", "roles" ] }, "google-native:cloudasset/v1:ConditionContext": { "description": "The IAM conditions context.", "properties": { "accessTime": { "type": "string", "description": "The hypothetical access timestamp to evaluate IAM conditions. Note that this value must not be earlier than the current time; otherwise, an INVALID_ARGUMENT error will be returned." } }, "type": "object" }, "google-native:cloudasset/v1:ConditionContextResponse": { "description": "The IAM conditions context.", "properties": { "accessTime": { "type": "string", "description": "The hypothetical access timestamp to evaluate IAM conditions. Note that this value must not be earlier than the current time; otherwise, an INVALID_ARGUMENT error will be returned." } }, "type": "object", "required": [ "accessTime" ] }, "google-native:cloudasset/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:cloudasset/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:cloudasset/v1:FeedContentType": { "description": "Asset content type. If not specified, no content but the asset name and type will be returned.", "type": "string", "enum": [ { "name": "ContentTypeUnspecified", "description": "Unspecified content type.", "value": "CONTENT_TYPE_UNSPECIFIED" }, { "name": "Resource", "description": "Resource metadata.", "value": "RESOURCE" }, { "name": "IamPolicy", "description": "The actual IAM policy set on a resource.", "value": "IAM_POLICY" }, { "name": "OrgPolicy", "description": "The organization policy set on an asset.", "value": "ORG_POLICY" }, { "name": "AccessPolicy", "description": "The Access Context Manager policy set on an asset.", "value": "ACCESS_POLICY" }, { "name": "OsInventory", "description": "The runtime OS Inventory information.", "value": "OS_INVENTORY" }, { "name": "Relationship", "description": "The related resources.", "value": "RELATIONSHIP" } ] }, "google-native:cloudasset/v1:FeedOutputConfig": { "description": "Output configuration for asset feed destination.", "properties": { "pubsubDestination": { "$ref": "#/types/google-native:cloudasset%2Fv1:PubsubDestination", "description": "Destination on Pub/Sub." } }, "type": "object" }, "google-native:cloudasset/v1:FeedOutputConfigResponse": { "description": "Output configuration for asset feed destination.", "properties": { "pubsubDestination": { "$ref": "#/types/google-native:cloudasset%2Fv1:PubsubDestinationResponse", "description": "Destination on Pub/Sub." } }, "type": "object", "required": [ "pubsubDestination" ] }, "google-native:cloudasset/v1:IamPolicyAnalysisQuery": { "description": "IAM policy analysis query message.", "properties": { "accessSelector": { "$ref": "#/types/google-native:cloudasset%2Fv1:AccessSelector", "description": "Optional. Specifies roles or permissions for analysis. This is optional." }, "conditionContext": { "$ref": "#/types/google-native:cloudasset%2Fv1:ConditionContext", "description": "Optional. The hypothetical context for IAM conditions evaluation." }, "identitySelector": { "$ref": "#/types/google-native:cloudasset%2Fv1:IdentitySelector", "description": "Optional. Specifies an identity for analysis." }, "options": { "$ref": "#/types/google-native:cloudasset%2Fv1:Options", "description": "Optional. The query options." }, "resourceSelector": { "$ref": "#/types/google-native:cloudasset%2Fv1:ResourceSelector", "description": "Optional. Specifies a resource for analysis." }, "scope": { "type": "string", "description": "The relative name of the root asset. Only resources and IAM policies within the scope will be analyzed. This can only be an organization number (such as \"organizations/123\"), a folder number (such as \"folders/123\"), a project ID (such as \"projects/my-project-id\"), or a project number (such as \"projects/12345\"). To know how to get organization id, visit [here ](https://cloud.google.com/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id). To know how to get folder or project id, visit [here ](https://cloud.google.com/resource-manager/docs/creating-managing-folders#viewing_or_listing_folders_and_projects)." } }, "type": "object", "required": [ "scope" ] }, "google-native:cloudasset/v1:IamPolicyAnalysisQueryResponse": { "description": "IAM policy analysis query message.", "properties": { "accessSelector": { "$ref": "#/types/google-native:cloudasset%2Fv1:AccessSelectorResponse", "description": "Optional. Specifies roles or permissions for analysis. This is optional." }, "conditionContext": { "$ref": "#/types/google-native:cloudasset%2Fv1:ConditionContextResponse", "description": "Optional. The hypothetical context for IAM conditions evaluation." }, "identitySelector": { "$ref": "#/types/google-native:cloudasset%2Fv1:IdentitySelectorResponse", "description": "Optional. Specifies an identity for analysis." }, "options": { "$ref": "#/types/google-native:cloudasset%2Fv1:OptionsResponse", "description": "Optional. The query options." }, "resourceSelector": { "$ref": "#/types/google-native:cloudasset%2Fv1:ResourceSelectorResponse", "description": "Optional. Specifies a resource for analysis." }, "scope": { "type": "string", "description": "The relative name of the root asset. Only resources and IAM policies within the scope will be analyzed. This can only be an organization number (such as \"organizations/123\"), a folder number (such as \"folders/123\"), a project ID (such as \"projects/my-project-id\"), or a project number (such as \"projects/12345\"). To know how to get organization id, visit [here ](https://cloud.google.com/resource-manager/docs/creating-managing-organization#retrieving_your_organization_id). To know how to get folder or project id, visit [here ](https://cloud.google.com/resource-manager/docs/creating-managing-folders#viewing_or_listing_folders_and_projects)." } }, "type": "object", "required": [ "accessSelector", "conditionContext", "identitySelector", "options", "resourceSelector", "scope" ] }, "google-native:cloudasset/v1:IdentitySelector": { "description": "Specifies an identity for which to determine resource access, based on roles assigned either directly to them or to the groups they belong to, directly or indirectly.", "properties": { "identity": { "type": "string", "description": "The identity appear in the form of principals in [IAM policy binding](https://cloud.google.com/iam/reference/rest/v1/Binding). The examples of supported forms are: \"user:mike@example.com\", \"group:admins@example.com\", \"domain:google.com\", \"serviceAccount:my-project-id@appspot.gserviceaccount.com\". Notice that wildcard characters (such as * and ?) are not supported. You must give a specific identity." } }, "type": "object", "required": [ "identity" ] }, "google-native:cloudasset/v1:IdentitySelectorResponse": { "description": "Specifies an identity for which to determine resource access, based on roles assigned either directly to them or to the groups they belong to, directly or indirectly.", "properties": { "identity": { "type": "string", "description": "The identity appear in the form of principals in [IAM policy binding](https://cloud.google.com/iam/reference/rest/v1/Binding). The examples of supported forms are: \"user:mike@example.com\", \"group:admins@example.com\", \"domain:google.com\", \"serviceAccount:my-project-id@appspot.gserviceaccount.com\". Notice that wildcard characters (such as * and ?) are not supported. You must give a specific identity." } }, "type": "object", "required": [ "identity" ] }, "google-native:cloudasset/v1:Options": { "description": "Contains query options.", "properties": { "analyzeServiceAccountImpersonation": { "type": "boolean", "description": "Optional. If true, the response will include access analysis from identities to resources via service account impersonation. This is a very expensive operation, because many derived queries will be executed. We highly recommend you use AssetService.AnalyzeIamPolicyLongrunning RPC instead. For example, if the request analyzes for which resources user A has permission P, and there's an IAM policy states user A has iam.serviceAccounts.getAccessToken permission to a service account SA, and there's another IAM policy states service account SA has permission P to a Google Cloud folder F, then user A potentially has access to the Google Cloud folder F. And those advanced analysis results will be included in AnalyzeIamPolicyResponse.service_account_impersonation_analysis. Another example, if the request analyzes for who has permission P to a Google Cloud folder F, and there's an IAM policy states user A has iam.serviceAccounts.actAs permission to a service account SA, and there's another IAM policy states service account SA has permission P to the Google Cloud folder F, then user A potentially has access to the Google Cloud folder F. And those advanced analysis results will be included in AnalyzeIamPolicyResponse.service_account_impersonation_analysis. Only the following permissions are considered in this analysis: * `iam.serviceAccounts.actAs` * `iam.serviceAccounts.signBlob` * `iam.serviceAccounts.signJwt` * `iam.serviceAccounts.getAccessToken` * `iam.serviceAccounts.getOpenIdToken` * `iam.serviceAccounts.implicitDelegation` Default is false." }, "expandGroups": { "type": "boolean", "description": "Optional. If true, the identities section of the result will expand any Google groups appearing in an IAM policy binding. If IamPolicyAnalysisQuery.identity_selector is specified, the identity in the result will be determined by the selector, and this flag is not allowed to set. If true, the default max expansion per group is 1000 for AssetService.AnalyzeIamPolicy][]. Default is false." }, "expandResources": { "type": "boolean", "description": "Optional. If true and IamPolicyAnalysisQuery.resource_selector is not specified, the resource section of the result will expand any resource attached to an IAM policy to include resources lower in the resource hierarchy. For example, if the request analyzes for which resources user A has permission P, and the results include an IAM policy with P on a Google Cloud folder, the results will also include resources in that folder with permission P. If true and IamPolicyAnalysisQuery.resource_selector is specified, the resource section of the result will expand the specified resource to include resources lower in the resource hierarchy. Only project or lower resources are supported. Folder and organization resources cannot be used together with this option. For example, if the request analyzes for which users have permission P on a Google Cloud project with this option enabled, the results will include all users who have permission P on that project or any lower resource. If true, the default max expansion per resource is 1000 for AssetService.AnalyzeIamPolicy][] and 100000 for AssetService.AnalyzeIamPolicyLongrunning][]. Default is false." }, "expandRoles": { "type": "boolean", "description": "Optional. If true, the access section of result will expand any roles appearing in IAM policy bindings to include their permissions. If IamPolicyAnalysisQuery.access_selector is specified, the access section of the result will be determined by the selector, and this flag is not allowed to set. Default is false." }, "outputGroupEdges": { "type": "boolean", "description": "Optional. If true, the result will output the relevant membership relationships between groups and other groups, and between groups and principals. Default is false." }, "outputResourceEdges": { "type": "boolean", "description": "Optional. If true, the result will output the relevant parent/child relationships between resources. Default is false." } }, "type": "object" }, "google-native:cloudasset/v1:OptionsResponse": { "description": "Contains query options.", "properties": { "analyzeServiceAccountImpersonation": { "type": "boolean", "description": "Optional. If true, the response will include access analysis from identities to resources via service account impersonation. This is a very expensive operation, because many derived queries will be executed. We highly recommend you use AssetService.AnalyzeIamPolicyLongrunning RPC instead. For example, if the request analyzes for which resources user A has permission P, and there's an IAM policy states user A has iam.serviceAccounts.getAccessToken permission to a service account SA, and there's another IAM policy states service account SA has permission P to a Google Cloud folder F, then user A potentially has access to the Google Cloud folder F. And those advanced analysis results will be included in AnalyzeIamPolicyResponse.service_account_impersonation_analysis. Another example, if the request analyzes for who has permission P to a Google Cloud folder F, and there's an IAM policy states user A has iam.serviceAccounts.actAs permission to a service account SA, and there's another IAM policy states service account SA has permission P to the Google Cloud folder F, then user A potentially has access to the Google Cloud folder F. And those advanced analysis results will be included in AnalyzeIamPolicyResponse.service_account_impersonation_analysis. Only the following permissions are considered in this analysis: * `iam.serviceAccounts.actAs` * `iam.serviceAccounts.signBlob` * `iam.serviceAccounts.signJwt` * `iam.serviceAccounts.getAccessToken` * `iam.serviceAccounts.getOpenIdToken` * `iam.serviceAccounts.implicitDelegation` Default is false." }, "expandGroups": { "type": "boolean", "description": "Optional. If true, the identities section of the result will expand any Google groups appearing in an IAM policy binding. If IamPolicyAnalysisQuery.identity_selector is specified, the identity in the result will be determined by the selector, and this flag is not allowed to set. If true, the default max expansion per group is 1000 for AssetService.AnalyzeIamPolicy][]. Default is false." }, "expandResources": { "type": "boolean", "description": "Optional. If true and IamPolicyAnalysisQuery.resource_selector is not specified, the resource section of the result will expand any resource attached to an IAM policy to include resources lower in the resource hierarchy. For example, if the request analyzes for which resources user A has permission P, and the results include an IAM policy with P on a Google Cloud folder, the results will also include resources in that folder with permission P. If true and IamPolicyAnalysisQuery.resource_selector is specified, the resource section of the result will expand the specified resource to include resources lower in the resource hierarchy. Only project or lower resources are supported. Folder and organization resources cannot be used together with this option. For example, if the request analyzes for which users have permission P on a Google Cloud project with this option enabled, the results will include all users who have permission P on that project or any lower resource. If true, the default max expansion per resource is 1000 for AssetService.AnalyzeIamPolicy][] and 100000 for AssetService.AnalyzeIamPolicyLongrunning][]. Default is false." }, "expandRoles": { "type": "boolean", "description": "Optional. If true, the access section of result will expand any roles appearing in IAM policy bindings to include their permissions. If IamPolicyAnalysisQuery.access_selector is specified, the access section of the result will be determined by the selector, and this flag is not allowed to set. Default is false." }, "outputGroupEdges": { "type": "boolean", "description": "Optional. If true, the result will output the relevant membership relationships between groups and other groups, and between groups and principals. Default is false." }, "outputResourceEdges": { "type": "boolean", "description": "Optional. If true, the result will output the relevant parent/child relationships between resources. Default is false." } }, "type": "object", "required": [ "analyzeServiceAccountImpersonation", "expandGroups", "expandResources", "expandRoles", "outputGroupEdges", "outputResourceEdges" ] }, "google-native:cloudasset/v1:PubsubDestination": { "description": "A Pub/Sub destination.", "properties": { "topic": { "type": "string", "description": "The name of the Pub/Sub topic to publish to. Example: `projects/PROJECT_ID/topics/TOPIC_ID`." } }, "type": "object" }, "google-native:cloudasset/v1:PubsubDestinationResponse": { "description": "A Pub/Sub destination.", "properties": { "topic": { "type": "string", "description": "The name of the Pub/Sub topic to publish to. Example: `projects/PROJECT_ID/topics/TOPIC_ID`." } }, "type": "object", "required": [ "topic" ] }, "google-native:cloudasset/v1:QueryContent": { "description": "The query content.", "properties": { "iamPolicyAnalysisQuery": { "$ref": "#/types/google-native:cloudasset%2Fv1:IamPolicyAnalysisQuery", "description": "An IAM Policy Analysis query, which could be used in the AssetService.AnalyzeIamPolicy RPC or the AssetService.AnalyzeIamPolicyLongrunning RPC." } }, "type": "object" }, "google-native:cloudasset/v1:QueryContentResponse": { "description": "The query content.", "properties": { "iamPolicyAnalysisQuery": { "$ref": "#/types/google-native:cloudasset%2Fv1:IamPolicyAnalysisQueryResponse", "description": "An IAM Policy Analysis query, which could be used in the AssetService.AnalyzeIamPolicy RPC or the AssetService.AnalyzeIamPolicyLongrunning RPC." } }, "type": "object", "required": [ "iamPolicyAnalysisQuery" ] }, "google-native:cloudasset/v1:ResourceSelector": { "description": "Specifies the resource to analyze for access policies, which may be set directly on the resource, or on ancestors such as organizations, folders or projects.", "properties": { "fullResourceName": { "type": "string", "description": "The [full resource name] (https://cloud.google.com/asset-inventory/docs/resource-name-format) of a resource of [supported resource types](https://cloud.google.com/asset-inventory/docs/supported-asset-types#analyzable_asset_types)." } }, "type": "object", "required": [ "fullResourceName" ] }, "google-native:cloudasset/v1:ResourceSelectorResponse": { "description": "Specifies the resource to analyze for access policies, which may be set directly on the resource, or on ancestors such as organizations, folders or projects.", "properties": { "fullResourceName": { "type": "string", "description": "The [full resource name] (https://cloud.google.com/asset-inventory/docs/resource-name-format) of a resource of [supported resource types](https://cloud.google.com/asset-inventory/docs/supported-asset-types#analyzable_asset_types)." } }, "type": "object", "required": [ "fullResourceName" ] }, "google-native:cloudbilling/v1:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:cloudbilling%2Fv1:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:cloudbilling/v1:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:cloudbilling%2Fv1:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:cloudbilling/v1:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:cloudbilling%2Fv1:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:cloudbilling/v1:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:cloudbilling/v1:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:cloudbilling/v1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudbilling%2Fv1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:cloudbilling/v1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudbilling%2Fv1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:cloudbilling/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:cloudbilling/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:cloudbuild/v1:ApprovalConfig": { "description": "ApprovalConfig describes configuration for manual approval of a build.", "properties": { "approvalRequired": { "type": "boolean", "description": "Whether or not approval is needed. If this is set on a build, it will become pending when created, and will need to be explicitly approved to start." } }, "type": "object" }, "google-native:cloudbuild/v1:ApprovalConfigResponse": { "description": "ApprovalConfig describes configuration for manual approval of a build.", "properties": { "approvalRequired": { "type": "boolean", "description": "Whether or not approval is needed. If this is set on a build, it will become pending when created, and will need to be explicitly approved to start." } }, "type": "object", "required": [ "approvalRequired" ] }, "google-native:cloudbuild/v1:ApprovalResultResponse": { "description": "ApprovalResult describes the decision and associated metadata of a manual approval of a build.", "properties": { "approvalTime": { "type": "string", "description": "The time when the approval decision was made." }, "approverAccount": { "type": "string", "description": "Email of the user that called the ApproveBuild API to approve or reject a build at the time that the API was called." }, "comment": { "type": "string", "description": "Optional. An optional comment for this manual approval result." }, "decision": { "type": "string", "description": "The decision of this manual approval." }, "url": { "type": "string", "description": "Optional. An optional URL tied to this manual approval result. This field is essentially the same as comment, except that it will be rendered by the UI differently. An example use case is a link to an external job that approved this Build." } }, "type": "object", "required": [ "approvalTime", "approverAccount", "comment", "decision", "url" ] }, "google-native:cloudbuild/v1:ArtifactObjects": { "description": "Files in the workspace to upload to Cloud Storage upon successful completion of all build steps.", "properties": { "location": { "type": "string", "description": "Cloud Storage bucket and optional object path, in the form \"gs://bucket/path/to/somewhere/\". (see [Bucket Name Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). Files in the workspace matching any path pattern will be uploaded to Cloud Storage with this location as a prefix." }, "paths": { "type": "array", "items": { "type": "string" }, "description": "Path globs used to match files in the build's workspace." } }, "type": "object" }, "google-native:cloudbuild/v1:ArtifactObjectsResponse": { "description": "Files in the workspace to upload to Cloud Storage upon successful completion of all build steps.", "properties": { "location": { "type": "string", "description": "Cloud Storage bucket and optional object path, in the form \"gs://bucket/path/to/somewhere/\". (see [Bucket Name Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). Files in the workspace matching any path pattern will be uploaded to Cloud Storage with this location as a prefix." }, "paths": { "type": "array", "items": { "type": "string" }, "description": "Path globs used to match files in the build's workspace." }, "timing": { "$ref": "#/types/google-native:cloudbuild%2Fv1:TimeSpanResponse", "description": "Stores timing information for pushing all artifact objects." } }, "type": "object", "required": [ "location", "paths", "timing" ] }, "google-native:cloudbuild/v1:Artifacts": { "description": "Artifacts produced by a build that should be uploaded upon successful completion of all build steps.", "properties": { "images": { "type": "array", "items": { "type": "string" }, "description": "A list of images to be pushed upon the successful completion of all build steps. The images will be pushed using the builder service account's credentials. The digests of the pushed images will be stored in the Build resource's results field. If any of the images fail to be pushed, the build is marked FAILURE." }, "mavenArtifacts": { "type": "array", "items": { "$ref": "#/types/google-native:cloudbuild%2Fv1:MavenArtifact" }, "description": "A list of Maven artifacts to be uploaded to Artifact Registry upon successful completion of all build steps. Artifacts in the workspace matching specified paths globs will be uploaded to the specified Artifact Registry repository using the builder service account's credentials. If any artifacts fail to be pushed, the build is marked FAILURE." }, "npmPackages": { "type": "array", "items": { "$ref": "#/types/google-native:cloudbuild%2Fv1:NpmPackage" }, "description": "A list of npm packages to be uploaded to Artifact Registry upon successful completion of all build steps. Npm packages in the specified paths will be uploaded to the specified Artifact Registry repository using the builder service account's credentials. If any packages fail to be pushed, the build is marked FAILURE." }, "objects": { "$ref": "#/types/google-native:cloudbuild%2Fv1:ArtifactObjects", "description": "A list of objects to be uploaded to Cloud Storage upon successful completion of all build steps. Files in the workspace matching specified paths globs will be uploaded to the specified Cloud Storage location using the builder service account's credentials. The location and generation of the uploaded objects will be stored in the Build resource's results field. If any objects fail to be pushed, the build is marked FAILURE." }, "pythonPackages": { "type": "array", "items": { "$ref": "#/types/google-native:cloudbuild%2Fv1:PythonPackage" }, "description": "A list of Python packages to be uploaded to Artifact Registry upon successful completion of all build steps. The build service account credentials will be used to perform the upload. If any objects fail to be pushed, the build is marked FAILURE." } }, "type": "object" }, "google-native:cloudbuild/v1:ArtifactsResponse": { "description": "Artifacts produced by a build that should be uploaded upon successful completion of all build steps.", "properties": { "images": { "type": "array", "items": { "type": "string" }, "description": "A list of images to be pushed upon the successful completion of all build steps. The images will be pushed using the builder service account's credentials. The digests of the pushed images will be stored in the Build resource's results field. If any of the images fail to be pushed, the build is marked FAILURE." }, "mavenArtifacts": { "type": "array", "items": { "$ref": "#/types/google-native:cloudbuild%2Fv1:MavenArtifactResponse" }, "description": "A list of Maven artifacts to be uploaded to Artifact Registry upon successful completion of all build steps. Artifacts in the workspace matching specified paths globs will be uploaded to the specified Artifact Registry repository using the builder service account's credentials. If any artifacts fail to be pushed, the build is marked FAILURE." }, "npmPackages": { "type": "array", "items": { "$ref": "#/types/google-native:cloudbuild%2Fv1:NpmPackageResponse" }, "description": "A list of npm packages to be uploaded to Artifact Registry upon successful completion of all build steps. Npm packages in the specified paths will be uploaded to the specified Artifact Registry repository using the builder service account's credentials. If any packages fail to be pushed, the build is marked FAILURE." }, "objects": { "$ref": "#/types/google-native:cloudbuild%2Fv1:ArtifactObjectsResponse", "description": "A list of objects to be uploaded to Cloud Storage upon successful completion of all build steps. Files in the workspace matching specified paths globs will be uploaded to the specified Cloud Storage location using the builder service account's credentials. The location and generation of the uploaded objects will be stored in the Build resource's results field. If any objects fail to be pushed, the build is marked FAILURE." }, "pythonPackages": { "type": "array", "items": { "$ref": "#/types/google-native:cloudbuild%2Fv1:PythonPackageResponse" }, "description": "A list of Python packages to be uploaded to Artifact Registry upon successful completion of all build steps. The build service account credentials will be used to perform the upload. If any objects fail to be pushed, the build is marked FAILURE." } }, "type": "object", "required": [ "images", "mavenArtifacts", "npmPackages", "objects", "pythonPackages" ] }, "google-native:cloudbuild/v1:BitbucketServerConfigResponse": { "description": "BitbucketServerConfig represents the configuration for a Bitbucket Server.", "properties": { "apiKey": { "type": "string", "description": "Immutable. API Key that will be attached to webhook. Once this field has been set, it cannot be changed. If you need to change it, please create another BitbucketServerConfig." }, "connectedRepositories": { "type": "array", "items": { "$ref": "#/types/google-native:cloudbuild%2Fv1:BitbucketServerRepositoryIdResponse" }, "description": "Connected Bitbucket Server repositories for this config." }, "createTime": { "type": "string", "description": "Time when the config was created." }, "hostUri": { "type": "string", "description": "Immutable. The URI of the Bitbucket Server host. Once this field has been set, it cannot be changed. If you need to change it, please create another BitbucketServerConfig." }, "name": { "type": "string", "description": "The resource name for the config." }, "peeredNetwork": { "type": "string", "description": "Optional. The network to be used when reaching out to the Bitbucket Server instance. The VPC network must be enabled for private service connection. This should be set if the Bitbucket Server instance is hosted on-premises and not reachable by public internet. If this field is left empty, no network peering will occur and calls to the Bitbucket Server instance will be made over the public internet. Must be in the format `projects/{project}/global/networks/{network}`, where {project} is a project number or id and {network} is the name of a VPC network in the project." }, "peeredNetworkIpRange": { "type": "string", "description": "Immutable. IP range within the peered network. This is specified in CIDR notation with a slash and the subnet prefix size. You can optionally specify an IP address before the subnet prefix value. e.g. `192.168.0.0/29` would specify an IP range starting at 192.168.0.0 with a 29 bit prefix size. `/16` would specify a prefix size of 16 bits, with an automatically determined IP within the peered VPC. If unspecified, a value of `/24` will be used. The field only has an effect if peered_network is set." }, "secrets": { "$ref": "#/types/google-native:cloudbuild%2Fv1:BitbucketServerSecretsResponse", "description": "Secret Manager secrets needed by the config." }, "sslCa": { "type": "string", "description": "Optional. SSL certificate to use for requests to Bitbucket Server. The format should be PEM format but the extension can be one of .pem, .cer, or .crt." }, "username": { "type": "string", "description": "Username of the account Cloud Build will use on Bitbucket Server." }, "webhookKey": { "type": "string", "description": "UUID included in webhook requests. The UUID is used to look up the corresponding config." } }, "type": "object", "required": [ "apiKey", "connectedRepositories", "createTime", "hostUri", "name", "peeredNetwork", "peeredNetworkIpRange", "secrets", "sslCa", "username", "webhookKey" ] }, "google-native:cloudbuild/v1:BitbucketServerRepositoryIdResponse": { "description": "BitbucketServerRepositoryId identifies a specific repository hosted on a Bitbucket Server.", "properties": { "projectKey": { "type": "string", "description": "Identifier for the project storing the repository." }, "repoSlug": { "type": "string", "description": "Identifier for the repository." }, "webhookId": { "type": "integer", "description": "The ID of the webhook that was created for receiving events from this repo. We only create and manage a single webhook for each repo." } }, "type": "object", "required": [ "projectKey", "repoSlug", "webhookId" ] }, "google-native:cloudbuild/v1:BitbucketServerSecrets": { "description": "BitbucketServerSecrets represents the secrets in Secret Manager for a Bitbucket Server.", "properties": { "adminAccessTokenVersionName": { "type": "string", "description": "The resource name for the admin access token's secret version." }, "readAccessTokenVersionName": { "type": "string", "description": "The resource name for the read access token's secret version." }, "webhookSecretVersionName": { "type": "string", "description": "Immutable. The resource name for the webhook secret's secret version. Once this field has been set, it cannot be changed. If you need to change it, please create another BitbucketServerConfig." } }, "type": "object", "required": [ "adminAccessTokenVersionName", "readAccessTokenVersionName", "webhookSecretVersionName" ] }, "google-native:cloudbuild/v1:BitbucketServerSecretsResponse": { "description": "BitbucketServerSecrets represents the secrets in Secret Manager for a Bitbucket Server.", "properties": { "adminAccessTokenVersionName": { "type": "string", "description": "The resource name for the admin access token's secret version." }, "readAccessTokenVersionName": { "type": "string", "description": "The resource name for the read access token's secret version." }, "webhookSecretVersionName": { "type": "string", "description": "Immutable. The resource name for the webhook secret's secret version. Once this field has been set, it cannot be changed. If you need to change it, please create another BitbucketServerConfig." } }, "type": "object", "required": [ "adminAccessTokenVersionName", "readAccessTokenVersionName", "webhookSecretVersionName" ] }, "google-native:cloudbuild/v1:BitbucketServerTriggerConfig": { "description": "BitbucketServerTriggerConfig describes the configuration of a trigger that creates a build whenever a Bitbucket Server event is received.", "properties": { "bitbucketServerConfigResource": { "type": "string", "description": "The Bitbucket server config resource that this trigger config maps to." }, "projectKey": { "type": "string", "description": "Key of the project that the repo is in. For example: The key for https://mybitbucket.server/projects/TEST/repos/test-repo is \"TEST\"." }, "pullRequest": { "$ref": "#/types/google-native:cloudbuild%2Fv1:PullRequestFilter", "description": "Filter to match changes in pull requests." }, "push": { "$ref": "#/types/google-native:cloudbuild%2Fv1:PushFilter", "description": "Filter to match changes in refs like branches, tags." }, "repoSlug": { "type": "string", "description": "Slug of the repository. A repository slug is a URL-friendly version of a repository name, automatically generated by Bitbucket for use in the URL. For example, if the repository name is 'test repo', in the URL it would become 'test-repo' as in https://mybitbucket.server/projects/TEST/repos/test-repo." } }, "type": "object", "required": [ "bitbucketServerConfigResource", "projectKey", "repoSlug" ] }, "google-native:cloudbuild/v1:BitbucketServerTriggerConfigResponse": { "description": "BitbucketServerTriggerConfig describes the configuration of a trigger that creates a build whenever a Bitbucket Server event is received.", "properties": { "bitbucketServerConfig": { "$ref": "#/types/google-native:cloudbuild%2Fv1:BitbucketServerConfigResponse", "description": "The BitbucketServerConfig specified in the bitbucket_server_config_resource field." }, "bitbucketServerConfigResource": { "type": "string", "description": "The Bitbucket server config resource that this trigger config maps to." }, "projectKey": { "type": "string", "description": "Key of the project that the repo is in. For example: The key for https://mybitbucket.server/projects/TEST/repos/test-repo is \"TEST\"." }, "pullRequest": { "$ref": "#/types/google-native:cloudbuild%2Fv1:PullRequestFilterResponse", "description": "Filter to match changes in pull requests." }, "push": { "$ref": "#/types/google-native:cloudbuild%2Fv1:PushFilterResponse", "description": "Filter to match changes in refs like branches, tags." }, "repoSlug": { "type": "string", "description": "Slug of the repository. A repository slug is a URL-friendly version of a repository name, automatically generated by Bitbucket for use in the URL. For example, if the repository name is 'test repo', in the URL it would become 'test-repo' as in https://mybitbucket.server/projects/TEST/repos/test-repo." } }, "type": "object", "required": [ "bitbucketServerConfig", "bitbucketServerConfigResource", "projectKey", "pullRequest", "push", "repoSlug" ] }, "google-native:cloudbuild/v1:Build": { "description": "A build resource in the Cloud Build API. At a high level, a `Build` describes where to find source code, how to build it (for example, the builder image to run on the source), and where to store the built artifacts. Fields can include the following variables, which will be expanded when the build is created: - $PROJECT_ID: the project ID of the build. - $PROJECT_NUMBER: the project number of the build. - $LOCATION: the location/region of the build. - $BUILD_ID: the autogenerated ID of the build. - $REPO_NAME: the source repository name specified by RepoSource. - $BRANCH_NAME: the branch name specified by RepoSource. - $TAG_NAME: the tag name specified by RepoSource. - $REVISION_ID or $COMMIT_SHA: the commit SHA specified by RepoSource or resolved from the specified branch or tag. - $SHORT_SHA: first 7 characters of $REVISION_ID or $COMMIT_SHA.", "properties": { "artifacts": { "$ref": "#/types/google-native:cloudbuild%2Fv1:Artifacts", "description": "Artifacts produced by the build that should be uploaded upon successful completion of all build steps." }, "availableSecrets": { "$ref": "#/types/google-native:cloudbuild%2Fv1:Secrets", "description": "Secrets and secret environment variables." }, "images": { "type": "array", "items": { "type": "string" }, "description": "A list of images to be pushed upon the successful completion of all build steps. The images are pushed using the builder service account's credentials. The digests of the pushed images will be stored in the `Build` resource's results field. If any of the images fail to be pushed, the build status is marked `FAILURE`." }, "logsBucket": { "type": "string", "description": "Cloud Storage bucket where logs should be written (see [Bucket Name Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). Logs file names will be of the format `${logs_bucket}/log-${build_id}.txt`." }, "options": { "$ref": "#/types/google-native:cloudbuild%2Fv1:BuildOptions", "description": "Special options for this build." }, "queueTtl": { "type": "string", "description": "TTL in queue for this build. If provided and the build is enqueued longer than this value, the build will expire and the build status will be `EXPIRED`. The TTL starts ticking from create_time." }, "secrets": { "type": "array", "items": { "$ref": "#/types/google-native:cloudbuild%2Fv1:Secret" }, "description": "Secrets to decrypt using Cloud Key Management Service. Note: Secret Manager is the recommended technique for managing sensitive data with Cloud Build. Use `available_secrets` to configure builds to access secrets from Secret Manager. For instructions, see: https://cloud.google.com/cloud-build/docs/securing-builds/use-secrets" }, "serviceAccount": { "type": "string", "description": "IAM service account whose credentials will be used at build runtime. Must be of the format `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. ACCOUNT can be email address or uniqueId of the service account. " }, "source": { "$ref": "#/types/google-native:cloudbuild%2Fv1:Source", "description": "The location of the source files to build." }, "steps": { "type": "array", "items": { "$ref": "#/types/google-native:cloudbuild%2Fv1:BuildStep" }, "description": "The operations to be performed on the workspace." }, "substitutions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Substitutions data for `Build` resource." }, "tags": { "type": "array", "items": { "type": "string" }, "description": "Tags for annotation of a `Build`. These are not docker tags." }, "timeout": { "type": "string", "description": "Amount of time that this build should be allowed to run, to second granularity. If this amount of time elapses, work on the build will cease and the build status will be `TIMEOUT`. `timeout` starts ticking from `startTime`. Default time is 60 minutes." } }, "type": "object", "required": [ "steps" ] }, "google-native:cloudbuild/v1:BuildApprovalResponse": { "description": "BuildApproval describes a build's approval configuration, state, and result.", "properties": { "config": { "$ref": "#/types/google-native:cloudbuild%2Fv1:ApprovalConfigResponse", "description": "Configuration for manual approval of this build." }, "result": { "$ref": "#/types/google-native:cloudbuild%2Fv1:ApprovalResultResponse", "description": "Result of manual approval for this Build." }, "state": { "type": "string", "description": "The state of this build's approval." } }, "type": "object", "required": [ "config", "result", "state" ] }, "google-native:cloudbuild/v1:BuildOptions": { "description": "Optional arguments to enable specific features of builds.", "properties": { "automapSubstitutions": { "type": "boolean", "description": "Option to include built-in and custom substitutions as env variables for all build steps." }, "defaultLogsBucketBehavior": { "$ref": "#/types/google-native:cloudbuild%2Fv1:BuildOptionsDefaultLogsBucketBehavior", "description": "Optional. Option to specify how default logs buckets are setup." }, "diskSizeGb": { "type": "string", "description": "Requested disk size for the VM that runs the build. Note that this is *NOT* \"disk free\"; some of the space will be used by the operating system and build utilities. Also note that this is the minimum disk size that will be allocated for the build -- the build may run with a larger disk than requested. At present, the maximum disk size is 2000GB; builds that request more than the maximum are rejected with an error." }, "dynamicSubstitutions": { "type": "boolean", "description": "Option to specify whether or not to apply bash style string operations to the substitutions. NOTE: this is always enabled for triggered builds and cannot be overridden in the build configuration file." }, "env": { "type": "array", "items": { "type": "string" }, "description": "A list of global environment variable definitions that will exist for all build steps in this build. If a variable is defined in both globally and in a build step, the variable will use the build step value. The elements are of the form \"KEY=VALUE\" for the environment variable \"KEY\" being given the value \"VALUE\"." }, "logStreamingOption": { "$ref": "#/types/google-native:cloudbuild%2Fv1:BuildOptionsLogStreamingOption", "description": "Option to define build log streaming behavior to Cloud Storage." }, "logging": { "$ref": "#/types/google-native:cloudbuild%2Fv1:BuildOptionsLogging", "description": "Option to specify the logging mode, which determines if and where build logs are stored." }, "machineType": { "$ref": "#/types/google-native:cloudbuild%2Fv1:BuildOptionsMachineType", "description": "Compute Engine machine type on which to run the build." }, "pool": { "$ref": "#/types/google-native:cloudbuild%2Fv1:PoolOption", "description": "Optional. Specification for execution on a `WorkerPool`. See [running builds in a private pool](https://cloud.google.com/build/docs/private-pools/run-builds-in-private-pool) for more information." }, "requestedVerifyOption": { "$ref": "#/types/google-native:cloudbuild%2Fv1:BuildOptionsRequestedVerifyOption", "description": "Requested verifiability options." }, "secretEnv": { "type": "array", "items": { "type": "string" }, "description": "A list of global environment variables, which are encrypted using a Cloud Key Management Service crypto key. These values must be specified in the build's `Secret`. These variables will be available to all build steps in this build." }, "sourceProvenanceHash": { "type": "array", "items": { "$ref": "#/types/google-native:cloudbuild%2Fv1:BuildOptionsSourceProvenanceHashItem" }, "description": "Requested hash for SourceProvenance." }, "substitutionOption": { "$ref": "#/types/google-native:cloudbuild%2Fv1:BuildOptionsSubstitutionOption", "description": "Option to specify behavior when there is an error in the substitution checks. NOTE: this is always set to ALLOW_LOOSE for triggered builds and cannot be overridden in the build configuration file." }, "volumes": { "type": "array", "items": { "$ref": "#/types/google-native:cloudbuild%2Fv1:Volume" }, "description": "Global list of volumes to mount for ALL build steps Each volume is created as an empty volume prior to starting the build process. Upon completion of the build, volumes and their contents are discarded. Global volume names and paths cannot conflict with the volumes defined a build step. Using a global volume in a build with only one step is not valid as it is indicative of a build request with an incorrect configuration." }, "workerPool": { "type": "string", "description": "This field deprecated; please use `pool.name` instead." } }, "type": "object" }, "google-native:cloudbuild/v1:BuildOptionsDefaultLogsBucketBehavior": { "description": "Optional. Option to specify how default logs buckets are setup.", "type": "string", "enum": [ { "name": "DefaultLogsBucketBehaviorUnspecified", "description": "Unspecified.", "value": "DEFAULT_LOGS_BUCKET_BEHAVIOR_UNSPECIFIED" }, { "name": "RegionalUserOwnedBucket", "description": "Bucket is located in user-owned project in the same region as the build. The builder service account must have access to create and write to Cloud Storage buckets in the build project.", "value": "REGIONAL_USER_OWNED_BUCKET" } ] }, "google-native:cloudbuild/v1:BuildOptionsLogStreamingOption": { "description": "Option to define build log streaming behavior to Cloud Storage.", "type": "string", "enum": [ { "name": "StreamDefault", "description": "Service may automatically determine build log streaming behavior.", "value": "STREAM_DEFAULT" }, { "name": "StreamOn", "description": "Build logs should be streamed to Cloud Storage.", "value": "STREAM_ON" }, { "name": "StreamOff", "description": "Build logs should not be streamed to Cloud Storage; they will be written when the build is completed.", "value": "STREAM_OFF" } ] }, "google-native:cloudbuild/v1:BuildOptionsLogging": { "description": "Option to specify the logging mode, which determines if and where build logs are stored.", "type": "string", "enum": [ { "name": "LoggingUnspecified", "description": "The service determines the logging mode. The default is `LEGACY`. Do not rely on the default logging behavior as it may change in the future.", "value": "LOGGING_UNSPECIFIED" }, { "name": "Legacy", "description": "Build logs are stored in Cloud Logging and Cloud Storage.", "value": "LEGACY" }, { "name": "GcsOnly", "description": "Build logs are stored in Cloud Storage.", "value": "GCS_ONLY" }, { "name": "StackdriverOnly", "description": "This option is the same as CLOUD_LOGGING_ONLY.", "value": "STACKDRIVER_ONLY" }, { "name": "CloudLoggingOnly", "description": "Build logs are stored in Cloud Logging. Selecting this option will not allow [logs streaming](https://cloud.google.com/sdk/gcloud/reference/builds/log).", "value": "CLOUD_LOGGING_ONLY" }, { "name": "None", "description": "Turn off all logging. No build logs will be captured.", "value": "NONE" } ] }, "google-native:cloudbuild/v1:BuildOptionsMachineType": { "description": "Compute Engine machine type on which to run the build.", "type": "string", "enum": [ { "name": "Unspecified", "description": "Standard machine type.", "value": "UNSPECIFIED" }, { "name": "N1Highcpu8", "description": "Highcpu machine with 8 CPUs.", "value": "N1_HIGHCPU_8" }, { "name": "N1Highcpu32", "description": "Highcpu machine with 32 CPUs.", "value": "N1_HIGHCPU_32" }, { "name": "E2Highcpu8", "description": "Highcpu e2 machine with 8 CPUs.", "value": "E2_HIGHCPU_8" }, { "name": "E2Highcpu32", "description": "Highcpu e2 machine with 32 CPUs.", "value": "E2_HIGHCPU_32" }, { "name": "E2Medium", "description": "E2 machine with 1 CPU.", "value": "E2_MEDIUM" } ] }, "google-native:cloudbuild/v1:BuildOptionsRequestedVerifyOption": { "description": "Requested verifiability options.", "type": "string", "enum": [ { "name": "NotVerified", "description": "Not a verifiable build (the default).", "value": "NOT_VERIFIED" }, { "name": "Verified", "description": "Build must be verified.", "value": "VERIFIED" } ] }, "google-native:cloudbuild/v1:BuildOptionsResponse": { "description": "Optional arguments to enable specific features of builds.", "properties": { "automapSubstitutions": { "type": "boolean", "description": "Option to include built-in and custom substitutions as env variables for all build steps." }, "defaultLogsBucketBehavior": { "type": "string", "description": "Optional. Option to specify how default logs buckets are setup." }, "diskSizeGb": { "type": "string", "description": "Requested disk size for the VM that runs the build. Note that this is *NOT* \"disk free\"; some of the space will be used by the operating system and build utilities. Also note that this is the minimum disk size that will be allocated for the build -- the build may run with a larger disk than requested. At present, the maximum disk size is 2000GB; builds that request more than the maximum are rejected with an error." }, "dynamicSubstitutions": { "type": "boolean", "description": "Option to specify whether or not to apply bash style string operations to the substitutions. NOTE: this is always enabled for triggered builds and cannot be overridden in the build configuration file." }, "env": { "type": "array", "items": { "type": "string" }, "description": "A list of global environment variable definitions that will exist for all build steps in this build. If a variable is defined in both globally and in a build step, the variable will use the build step value. The elements are of the form \"KEY=VALUE\" for the environment variable \"KEY\" being given the value \"VALUE\"." }, "logStreamingOption": { "type": "string", "description": "Option to define build log streaming behavior to Cloud Storage." }, "logging": { "type": "string", "description": "Option to specify the logging mode, which determines if and where build logs are stored." }, "machineType": { "type": "string", "description": "Compute Engine machine type on which to run the build." }, "pool": { "$ref": "#/types/google-native:cloudbuild%2Fv1:PoolOptionResponse", "description": "Optional. Specification for execution on a `WorkerPool`. See [running builds in a private pool](https://cloud.google.com/build/docs/private-pools/run-builds-in-private-pool) for more information." }, "requestedVerifyOption": { "type": "string", "description": "Requested verifiability options." }, "secretEnv": { "type": "array", "items": { "type": "string" }, "description": "A list of global environment variables, which are encrypted using a Cloud Key Management Service crypto key. These values must be specified in the build's `Secret`. These variables will be available to all build steps in this build." }, "sourceProvenanceHash": { "type": "array", "items": { "type": "string" }, "description": "Requested hash for SourceProvenance." }, "substitutionOption": { "type": "string", "description": "Option to specify behavior when there is an error in the substitution checks. NOTE: this is always set to ALLOW_LOOSE for triggered builds and cannot be overridden in the build configuration file." }, "volumes": { "type": "array", "items": { "$ref": "#/types/google-native:cloudbuild%2Fv1:VolumeResponse" }, "description": "Global list of volumes to mount for ALL build steps Each volume is created as an empty volume prior to starting the build process. Upon completion of the build, volumes and their contents are discarded. Global volume names and paths cannot conflict with the volumes defined a build step. Using a global volume in a build with only one step is not valid as it is indicative of a build request with an incorrect configuration." }, "workerPool": { "type": "string", "description": "This field deprecated; please use `pool.name` instead." } }, "type": "object", "required": [ "automapSubstitutions", "defaultLogsBucketBehavior", "diskSizeGb", "dynamicSubstitutions", "env", "logStreamingOption", "logging", "machineType", "pool", "requestedVerifyOption", "secretEnv", "sourceProvenanceHash", "substitutionOption", "volumes", "workerPool" ] }, "google-native:cloudbuild/v1:BuildOptionsSourceProvenanceHashItem": { "type": "string", "enum": [ { "name": "None", "description": "No hash requested.", "value": "NONE" }, { "name": "Sha256", "description": "Use a sha256 hash.", "value": "SHA256" }, { "name": "Md5", "description": "Use a md5 hash.", "value": "MD5" }, { "name": "Sha512", "description": "Use a sha512 hash.", "value": "SHA512" } ] }, "google-native:cloudbuild/v1:BuildOptionsSubstitutionOption": { "description": "Option to specify behavior when there is an error in the substitution checks. NOTE: this is always set to ALLOW_LOOSE for triggered builds and cannot be overridden in the build configuration file.", "type": "string", "enum": [ { "name": "MustMatch", "description": "Fails the build if error in substitutions checks, like missing a substitution in the template or in the map.", "value": "MUST_MATCH" }, { "name": "AllowLoose", "description": "Do not fail the build if error in substitutions checks.", "value": "ALLOW_LOOSE" } ] }, "google-native:cloudbuild/v1:BuildResponse": { "description": "A build resource in the Cloud Build API. At a high level, a `Build` describes where to find source code, how to build it (for example, the builder image to run on the source), and where to store the built artifacts. Fields can include the following variables, which will be expanded when the build is created: - $PROJECT_ID: the project ID of the build. - $PROJECT_NUMBER: the project number of the build. - $LOCATION: the location/region of the build. - $BUILD_ID: the autogenerated ID of the build. - $REPO_NAME: the source repository name specified by RepoSource. - $BRANCH_NAME: the branch name specified by RepoSource. - $TAG_NAME: the tag name specified by RepoSource. - $REVISION_ID or $COMMIT_SHA: the commit SHA specified by RepoSource or resolved from the specified branch or tag. - $SHORT_SHA: first 7 characters of $REVISION_ID or $COMMIT_SHA.", "properties": { "approval": { "$ref": "#/types/google-native:cloudbuild%2Fv1:BuildApprovalResponse", "description": "Describes this build's approval configuration, status, and result." }, "artifacts": { "$ref": "#/types/google-native:cloudbuild%2Fv1:ArtifactsResponse", "description": "Artifacts produced by the build that should be uploaded upon successful completion of all build steps." }, "availableSecrets": { "$ref": "#/types/google-native:cloudbuild%2Fv1:SecretsResponse", "description": "Secrets and secret environment variables." }, "buildTriggerId": { "type": "string", "description": "The ID of the `BuildTrigger` that triggered this build, if it was triggered automatically." }, "createTime": { "type": "string", "description": "Time at which the request to create the build was received." }, "failureInfo": { "$ref": "#/types/google-native:cloudbuild%2Fv1:FailureInfoResponse", "description": "Contains information about the build when status=FAILURE." }, "finishTime": { "type": "string", "description": "Time at which execution of the build was finished. The difference between finish_time and start_time is the duration of the build's execution." }, "images": { "type": "array", "items": { "type": "string" }, "description": "A list of images to be pushed upon the successful completion of all build steps. The images are pushed using the builder service account's credentials. The digests of the pushed images will be stored in the `Build` resource's results field. If any of the images fail to be pushed, the build status is marked `FAILURE`." }, "logUrl": { "type": "string", "description": "URL to logs for this build in Google Cloud Console." }, "logsBucket": { "type": "string", "description": "Cloud Storage bucket where logs should be written (see [Bucket Name Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). Logs file names will be of the format `${logs_bucket}/log-${build_id}.txt`." }, "name": { "type": "string", "description": "The 'Build' name with format: `projects/{project}/locations/{location}/builds/{build}`, where {build} is a unique identifier generated by the service." }, "options": { "$ref": "#/types/google-native:cloudbuild%2Fv1:BuildOptionsResponse", "description": "Special options for this build." }, "project": { "type": "string", "description": "ID of the project." }, "queueTtl": { "type": "string", "description": "TTL in queue for this build. If provided and the build is enqueued longer than this value, the build will expire and the build status will be `EXPIRED`. The TTL starts ticking from create_time." }, "results": { "$ref": "#/types/google-native:cloudbuild%2Fv1:ResultsResponse", "description": "Results of the build." }, "secrets": { "type": "array", "items": { "$ref": "#/types/google-native:cloudbuild%2Fv1:SecretResponse" }, "description": "Secrets to decrypt using Cloud Key Management Service. Note: Secret Manager is the recommended technique for managing sensitive data with Cloud Build. Use `available_secrets` to configure builds to access secrets from Secret Manager. For instructions, see: https://cloud.google.com/cloud-build/docs/securing-builds/use-secrets" }, "serviceAccount": { "type": "string", "description": "IAM service account whose credentials will be used at build runtime. Must be of the format `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. ACCOUNT can be email address or uniqueId of the service account. " }, "source": { "$ref": "#/types/google-native:cloudbuild%2Fv1:SourceResponse", "description": "The location of the source files to build." }, "sourceProvenance": { "$ref": "#/types/google-native:cloudbuild%2Fv1:SourceProvenanceResponse", "description": "A permanent fixed identifier for source." }, "startTime": { "type": "string", "description": "Time at which execution of the build was started." }, "status": { "type": "string", "description": "Status of the build." }, "statusDetail": { "type": "string", "description": "Customer-readable message about the current status." }, "steps": { "type": "array", "items": { "$ref": "#/types/google-native:cloudbuild%2Fv1:BuildStepResponse" }, "description": "The operations to be performed on the workspace." }, "substitutions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Substitutions data for `Build` resource." }, "tags": { "type": "array", "items": { "type": "string" }, "description": "Tags for annotation of a `Build`. These are not docker tags." }, "timeout": { "type": "string", "description": "Amount of time that this build should be allowed to run, to second granularity. If this amount of time elapses, work on the build will cease and the build status will be `TIMEOUT`. `timeout` starts ticking from `startTime`. Default time is 60 minutes." }, "timing": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Stores timing information for phases of the build. Valid keys are: * BUILD: time to execute all build steps. * PUSH: time to push all artifacts including docker images and non docker artifacts. * FETCHSOURCE: time to fetch source. * SETUPBUILD: time to set up build. If the build does not specify source or images, these keys will not be included." }, "warnings": { "type": "array", "items": { "$ref": "#/types/google-native:cloudbuild%2Fv1:WarningResponse" }, "description": "Non-fatal problems encountered during the execution of the build." } }, "type": "object", "required": [ "approval", "artifacts", "availableSecrets", "buildTriggerId", "createTime", "failureInfo", "finishTime", "images", "logUrl", "logsBucket", "name", "options", "project", "queueTtl", "results", "secrets", "serviceAccount", "source", "sourceProvenance", "startTime", "status", "statusDetail", "steps", "substitutions", "tags", "timeout", "timing", "warnings" ] }, "google-native:cloudbuild/v1:BuildStep": { "description": "A step in the build pipeline.", "properties": { "allowExitCodes": { "type": "array", "items": { "type": "integer" }, "description": "Allow this build step to fail without failing the entire build if and only if the exit code is one of the specified codes. If allow_failure is also specified, this field will take precedence." }, "allowFailure": { "type": "boolean", "description": "Allow this build step to fail without failing the entire build. If false, the entire build will fail if this step fails. Otherwise, the build will succeed, but this step will still have a failure status. Error information will be reported in the failure_detail field." }, "args": { "type": "array", "items": { "type": "string" }, "description": "A list of arguments that will be presented to the step when it is started. If the image used to run the step's container has an entrypoint, the `args` are used as arguments to that entrypoint. If the image does not define an entrypoint, the first element in args is used as the entrypoint, and the remainder will be used as arguments." }, "automapSubstitutions": { "type": "boolean", "description": "Option to include built-in and custom substitutions as env variables for this build step. This option will override the global option in BuildOption." }, "dir": { "type": "string", "description": "Working directory to use when running this step's container. If this value is a relative path, it is relative to the build's working directory. If this value is absolute, it may be outside the build's working directory, in which case the contents of the path may not be persisted across build step executions, unless a `volume` for that path is specified. If the build specifies a `RepoSource` with `dir` and a step with a `dir`, which specifies an absolute path, the `RepoSource` `dir` is ignored for the step's execution." }, "entrypoint": { "type": "string", "description": "Entrypoint to be used instead of the build step image's default entrypoint. If unset, the image's default entrypoint is used." }, "env": { "type": "array", "items": { "type": "string" }, "description": "A list of environment variable definitions to be used when running a step. The elements are of the form \"KEY=VALUE\" for the environment variable \"KEY\" being given the value \"VALUE\"." }, "id": { "type": "string", "description": "Unique identifier for this build step, used in `wait_for` to reference this build step as a dependency." }, "name": { "type": "string", "description": "The name of the container image that will run this particular build step. If the image is available in the host's Docker daemon's cache, it will be run directly. If not, the host will attempt to pull the image first, using the builder service account's credentials if necessary. The Docker daemon's cache will already have the latest versions of all of the officially supported build steps ([https://github.com/GoogleCloudPlatform/cloud-builders](https://github.com/GoogleCloudPlatform/cloud-builders)). The Docker daemon will also have cached many of the layers for some popular images, like \"ubuntu\", \"debian\", but they will be refreshed at the time you attempt to use them. If you built an image in a previous build step, it will be stored in the host's Docker daemon's cache and is available to use as the name for a later build step." }, "script": { "type": "string", "description": "A shell script to be executed in the step. When script is provided, the user cannot specify the entrypoint or args." }, "secretEnv": { "type": "array", "items": { "type": "string" }, "description": "A list of environment variables which are encrypted using a Cloud Key Management Service crypto key. These values must be specified in the build's `Secret`." }, "timeout": { "type": "string", "description": "Time limit for executing this build step. If not defined, the step has no time limit and will be allowed to continue to run until either it completes or the build itself times out." }, "volumes": { "type": "array", "items": { "$ref": "#/types/google-native:cloudbuild%2Fv1:Volume" }, "description": "List of volumes to mount into the build step. Each volume is created as an empty volume prior to execution of the build step. Upon completion of the build, volumes and their contents are discarded. Using a named volume in only one step is not valid as it is indicative of a build request with an incorrect configuration." }, "waitFor": { "type": "array", "items": { "type": "string" }, "description": "The ID(s) of the step(s) that this build step depends on. This build step will not start until all the build steps in `wait_for` have completed successfully. If `wait_for` is empty, this build step will start when all previous build steps in the `Build.Steps` list have completed successfully." } }, "type": "object", "required": [ "name" ] }, "google-native:cloudbuild/v1:BuildStepResponse": { "description": "A step in the build pipeline.", "properties": { "allowExitCodes": { "type": "array", "items": { "type": "integer" }, "description": "Allow this build step to fail without failing the entire build if and only if the exit code is one of the specified codes. If allow_failure is also specified, this field will take precedence." }, "allowFailure": { "type": "boolean", "description": "Allow this build step to fail without failing the entire build. If false, the entire build will fail if this step fails. Otherwise, the build will succeed, but this step will still have a failure status. Error information will be reported in the failure_detail field." }, "args": { "type": "array", "items": { "type": "string" }, "description": "A list of arguments that will be presented to the step when it is started. If the image used to run the step's container has an entrypoint, the `args` are used as arguments to that entrypoint. If the image does not define an entrypoint, the first element in args is used as the entrypoint, and the remainder will be used as arguments." }, "automapSubstitutions": { "type": "boolean", "description": "Option to include built-in and custom substitutions as env variables for this build step. This option will override the global option in BuildOption." }, "dir": { "type": "string", "description": "Working directory to use when running this step's container. If this value is a relative path, it is relative to the build's working directory. If this value is absolute, it may be outside the build's working directory, in which case the contents of the path may not be persisted across build step executions, unless a `volume` for that path is specified. If the build specifies a `RepoSource` with `dir` and a step with a `dir`, which specifies an absolute path, the `RepoSource` `dir` is ignored for the step's execution." }, "entrypoint": { "type": "string", "description": "Entrypoint to be used instead of the build step image's default entrypoint. If unset, the image's default entrypoint is used." }, "env": { "type": "array", "items": { "type": "string" }, "description": "A list of environment variable definitions to be used when running a step. The elements are of the form \"KEY=VALUE\" for the environment variable \"KEY\" being given the value \"VALUE\"." }, "exitCode": { "type": "integer", "description": "Return code from running the step." }, "name": { "type": "string", "description": "The name of the container image that will run this particular build step. If the image is available in the host's Docker daemon's cache, it will be run directly. If not, the host will attempt to pull the image first, using the builder service account's credentials if necessary. The Docker daemon's cache will already have the latest versions of all of the officially supported build steps ([https://github.com/GoogleCloudPlatform/cloud-builders](https://github.com/GoogleCloudPlatform/cloud-builders)). The Docker daemon will also have cached many of the layers for some popular images, like \"ubuntu\", \"debian\", but they will be refreshed at the time you attempt to use them. If you built an image in a previous build step, it will be stored in the host's Docker daemon's cache and is available to use as the name for a later build step." }, "pullTiming": { "$ref": "#/types/google-native:cloudbuild%2Fv1:TimeSpanResponse", "description": "Stores timing information for pulling this build step's builder image only." }, "script": { "type": "string", "description": "A shell script to be executed in the step. When script is provided, the user cannot specify the entrypoint or args." }, "secretEnv": { "type": "array", "items": { "type": "string" }, "description": "A list of environment variables which are encrypted using a Cloud Key Management Service crypto key. These values must be specified in the build's `Secret`." }, "status": { "type": "string", "description": "Status of the build step. At this time, build step status is only updated on build completion; step status is not updated in real-time as the build progresses." }, "timeout": { "type": "string", "description": "Time limit for executing this build step. If not defined, the step has no time limit and will be allowed to continue to run until either it completes or the build itself times out." }, "timing": { "$ref": "#/types/google-native:cloudbuild%2Fv1:TimeSpanResponse", "description": "Stores timing information for executing this build step." }, "volumes": { "type": "array", "items": { "$ref": "#/types/google-native:cloudbuild%2Fv1:VolumeResponse" }, "description": "List of volumes to mount into the build step. Each volume is created as an empty volume prior to execution of the build step. Upon completion of the build, volumes and their contents are discarded. Using a named volume in only one step is not valid as it is indicative of a build request with an incorrect configuration." }, "waitFor": { "type": "array", "items": { "type": "string" }, "description": "The ID(s) of the step(s) that this build step depends on. This build step will not start until all the build steps in `wait_for` have completed successfully. If `wait_for` is empty, this build step will start when all previous build steps in the `Build.Steps` list have completed successfully." } }, "type": "object", "required": [ "allowExitCodes", "allowFailure", "args", "automapSubstitutions", "dir", "entrypoint", "env", "exitCode", "name", "pullTiming", "script", "secretEnv", "status", "timeout", "timing", "volumes", "waitFor" ] }, "google-native:cloudbuild/v1:BuiltImageResponse": { "description": "An image built by the pipeline.", "properties": { "digest": { "type": "string", "description": "Docker Registry 2.0 digest." }, "name": { "type": "string", "description": "Name used to push the container image to Google Container Registry, as presented to `docker push`." }, "pushTiming": { "$ref": "#/types/google-native:cloudbuild%2Fv1:TimeSpanResponse", "description": "Stores timing information for pushing the specified image." } }, "type": "object", "required": [ "digest", "name", "pushTiming" ] }, "google-native:cloudbuild/v1:ConnectedRepository": { "description": "Location of the source in a 2nd-gen Google Cloud Build repository resource.", "properties": { "dir": { "type": "string", "description": "Directory, relative to the source root, in which to run the build." }, "repository": { "type": "string", "description": "Name of the Google Cloud Build repository, formatted as `projects/*/locations/*/connections/*/repositories/*`." }, "revision": { "type": "string", "description": "The revision to fetch from the Git repository such as a branch, a tag, a commit SHA, or any Git ref." } }, "type": "object", "required": [ "repository" ] }, "google-native:cloudbuild/v1:ConnectedRepositoryResponse": { "description": "Location of the source in a 2nd-gen Google Cloud Build repository resource.", "properties": { "dir": { "type": "string", "description": "Directory, relative to the source root, in which to run the build." }, "repository": { "type": "string", "description": "Name of the Google Cloud Build repository, formatted as `projects/*/locations/*/connections/*/repositories/*`." }, "revision": { "type": "string", "description": "The revision to fetch from the Git repository such as a branch, a tag, a commit SHA, or any Git ref." } }, "type": "object", "required": [ "dir", "repository", "revision" ] }, "google-native:cloudbuild/v1:FailureInfoResponse": { "description": "A fatal problem encountered during the execution of the build.", "properties": { "detail": { "type": "string", "description": "Explains the failure issue in more detail using hard-coded text." }, "type": { "type": "string", "description": "The name of the failure." } }, "type": "object", "required": [ "detail", "type" ] }, "google-native:cloudbuild/v1:FileHashesResponse": { "description": "Container message for hashes of byte content of files, used in SourceProvenance messages to verify integrity of source input to the build.", "properties": { "fileHash": { "type": "array", "items": { "$ref": "#/types/google-native:cloudbuild%2Fv1:HashResponse" }, "description": "Collection of file hashes." } }, "type": "object", "required": [ "fileHash" ] }, "google-native:cloudbuild/v1:GitFileSource": { "description": "GitFileSource describes a file within a (possibly remote) code repository.", "properties": { "bitbucketServerConfig": { "type": "string", "description": "The full resource name of the bitbucket server config. Format: `projects/{project}/locations/{location}/bitbucketServerConfigs/{id}`." }, "githubEnterpriseConfig": { "type": "string", "description": "The full resource name of the github enterprise config. Format: `projects/{project}/locations/{location}/githubEnterpriseConfigs/{id}`. `projects/{project}/githubEnterpriseConfigs/{id}`." }, "path": { "type": "string", "description": "The path of the file, with the repo root as the root of the path." }, "repoType": { "$ref": "#/types/google-native:cloudbuild%2Fv1:GitFileSourceRepoType", "description": "See RepoType above." }, "repository": { "type": "string", "description": "The fully qualified resource name of the Repos API repository. Either URI or repository can be specified. If unspecified, the repo from which the trigger invocation originated is assumed to be the repo from which to read the specified path." }, "revision": { "type": "string", "description": "The branch, tag, arbitrary ref, or SHA version of the repo to use when resolving the filename (optional). This field respects the same syntax/resolution as described here: https://git-scm.com/docs/gitrevisions If unspecified, the revision from which the trigger invocation originated is assumed to be the revision from which to read the specified path." }, "uri": { "type": "string", "description": "The URI of the repo. Either uri or repository can be specified. If unspecified, the repo from which the trigger invocation originated is assumed to be the repo from which to read the specified path." } }, "type": "object" }, "google-native:cloudbuild/v1:GitFileSourceRepoType": { "description": "See RepoType above.", "type": "string", "enum": [ { "name": "Unknown", "description": "The default, unknown repo type. Don't use it, instead use one of the other repo types.", "value": "UNKNOWN" }, { "name": "CloudSourceRepositories", "description": "A Google Cloud Source Repositories-hosted repo.", "value": "CLOUD_SOURCE_REPOSITORIES" }, { "name": "Github", "description": "A GitHub-hosted repo not necessarily on \"github.com\" (i.e. GitHub Enterprise).", "value": "GITHUB" }, { "name": "BitbucketServer", "description": "A Bitbucket Server-hosted repo.", "value": "BITBUCKET_SERVER" }, { "name": "Gitlab", "description": "A GitLab-hosted repo.", "value": "GITLAB" } ] }, "google-native:cloudbuild/v1:GitFileSourceResponse": { "description": "GitFileSource describes a file within a (possibly remote) code repository.", "properties": { "bitbucketServerConfig": { "type": "string", "description": "The full resource name of the bitbucket server config. Format: `projects/{project}/locations/{location}/bitbucketServerConfigs/{id}`." }, "githubEnterpriseConfig": { "type": "string", "description": "The full resource name of the github enterprise config. Format: `projects/{project}/locations/{location}/githubEnterpriseConfigs/{id}`. `projects/{project}/githubEnterpriseConfigs/{id}`." }, "path": { "type": "string", "description": "The path of the file, with the repo root as the root of the path." }, "repoType": { "type": "string", "description": "See RepoType above." }, "repository": { "type": "string", "description": "The fully qualified resource name of the Repos API repository. Either URI or repository can be specified. If unspecified, the repo from which the trigger invocation originated is assumed to be the repo from which to read the specified path." }, "revision": { "type": "string", "description": "The branch, tag, arbitrary ref, or SHA version of the repo to use when resolving the filename (optional). This field respects the same syntax/resolution as described here: https://git-scm.com/docs/gitrevisions If unspecified, the revision from which the trigger invocation originated is assumed to be the revision from which to read the specified path." }, "uri": { "type": "string", "description": "The URI of the repo. Either uri or repository can be specified. If unspecified, the repo from which the trigger invocation originated is assumed to be the repo from which to read the specified path." } }, "type": "object", "required": [ "bitbucketServerConfig", "githubEnterpriseConfig", "path", "repoType", "repository", "revision", "uri" ] }, "google-native:cloudbuild/v1:GitHubEnterpriseSecrets": { "description": "GitHubEnterpriseSecrets represents the names of all necessary secrets in Secret Manager for a GitHub Enterprise server. Format is: projects//secrets/.", "properties": { "oauthClientIdName": { "type": "string", "description": "The resource name for the OAuth client ID secret in Secret Manager." }, "oauthClientIdVersionName": { "type": "string", "description": "The resource name for the OAuth client ID secret version in Secret Manager." }, "oauthSecretName": { "type": "string", "description": "The resource name for the OAuth secret in Secret Manager." }, "oauthSecretVersionName": { "type": "string", "description": "The resource name for the OAuth secret secret version in Secret Manager." }, "privateKeyName": { "type": "string", "description": "The resource name for the private key secret." }, "privateKeyVersionName": { "type": "string", "description": "The resource name for the private key secret version." }, "webhookSecretName": { "type": "string", "description": "The resource name for the webhook secret in Secret Manager." }, "webhookSecretVersionName": { "type": "string", "description": "The resource name for the webhook secret secret version in Secret Manager." } }, "type": "object" }, "google-native:cloudbuild/v1:GitHubEnterpriseSecretsResponse": { "description": "GitHubEnterpriseSecrets represents the names of all necessary secrets in Secret Manager for a GitHub Enterprise server. Format is: projects//secrets/.", "properties": { "oauthClientIdName": { "type": "string", "description": "The resource name for the OAuth client ID secret in Secret Manager." }, "oauthClientIdVersionName": { "type": "string", "description": "The resource name for the OAuth client ID secret version in Secret Manager." }, "oauthSecretName": { "type": "string", "description": "The resource name for the OAuth secret in Secret Manager." }, "oauthSecretVersionName": { "type": "string", "description": "The resource name for the OAuth secret secret version in Secret Manager." }, "privateKeyName": { "type": "string", "description": "The resource name for the private key secret." }, "privateKeyVersionName": { "type": "string", "description": "The resource name for the private key secret version." }, "webhookSecretName": { "type": "string", "description": "The resource name for the webhook secret in Secret Manager." }, "webhookSecretVersionName": { "type": "string", "description": "The resource name for the webhook secret secret version in Secret Manager." } }, "type": "object", "required": [ "oauthClientIdName", "oauthClientIdVersionName", "oauthSecretName", "oauthSecretVersionName", "privateKeyName", "privateKeyVersionName", "webhookSecretName", "webhookSecretVersionName" ] }, "google-native:cloudbuild/v1:GitHubEventsConfig": { "description": "GitHubEventsConfig describes the configuration of a trigger that creates a build whenever a GitHub event is received.", "properties": { "enterpriseConfigResourceName": { "type": "string", "description": "Optional. The resource name of the github enterprise config that should be applied to this installation. For example: \"projects/{$project_id}/locations/{$location_id}/githubEnterpriseConfigs/{$config_id}\"" }, "installationId": { "type": "string", "description": "The installationID that emits the GitHub event." }, "name": { "type": "string", "description": "Name of the repository. For example: The name for https://github.com/googlecloudplatform/cloud-builders is \"cloud-builders\"." }, "owner": { "type": "string", "description": "Owner of the repository. For example: The owner for https://github.com/googlecloudplatform/cloud-builders is \"googlecloudplatform\"." }, "pullRequest": { "$ref": "#/types/google-native:cloudbuild%2Fv1:PullRequestFilter", "description": "filter to match changes in pull requests." }, "push": { "$ref": "#/types/google-native:cloudbuild%2Fv1:PushFilter", "description": "filter to match changes in refs like branches, tags." } }, "type": "object" }, "google-native:cloudbuild/v1:GitHubEventsConfigResponse": { "description": "GitHubEventsConfig describes the configuration of a trigger that creates a build whenever a GitHub event is received.", "properties": { "enterpriseConfigResourceName": { "type": "string", "description": "Optional. The resource name of the github enterprise config that should be applied to this installation. For example: \"projects/{$project_id}/locations/{$location_id}/githubEnterpriseConfigs/{$config_id}\"" }, "installationId": { "type": "string", "description": "The installationID that emits the GitHub event." }, "name": { "type": "string", "description": "Name of the repository. For example: The name for https://github.com/googlecloudplatform/cloud-builders is \"cloud-builders\"." }, "owner": { "type": "string", "description": "Owner of the repository. For example: The owner for https://github.com/googlecloudplatform/cloud-builders is \"googlecloudplatform\"." }, "pullRequest": { "$ref": "#/types/google-native:cloudbuild%2Fv1:PullRequestFilterResponse", "description": "filter to match changes in pull requests." }, "push": { "$ref": "#/types/google-native:cloudbuild%2Fv1:PushFilterResponse", "description": "filter to match changes in refs like branches, tags." } }, "type": "object", "required": [ "enterpriseConfigResourceName", "installationId", "name", "owner", "pullRequest", "push" ] }, "google-native:cloudbuild/v1:GitLabConfigResponse": { "description": "GitLabConfig represents the configuration for a GitLab integration.", "properties": { "connectedRepositories": { "type": "array", "items": { "$ref": "#/types/google-native:cloudbuild%2Fv1:GitLabRepositoryIdResponse" }, "description": "Connected GitLab.com or GitLabEnterprise repositories for this config." }, "createTime": { "type": "string", "description": "Time when the config was created." }, "enterpriseConfig": { "$ref": "#/types/google-native:cloudbuild%2Fv1:GitLabEnterpriseConfigResponse", "description": "Optional. GitLabEnterprise config." }, "name": { "type": "string", "description": "The resource name for the config." }, "secrets": { "$ref": "#/types/google-native:cloudbuild%2Fv1:GitLabSecretsResponse", "description": "Secret Manager secrets needed by the config." }, "username": { "type": "string", "description": "Username of the GitLab.com or GitLab Enterprise account Cloud Build will use." }, "webhookKey": { "type": "string", "description": "UUID included in webhook requests. The UUID is used to look up the corresponding config." } }, "type": "object", "required": [ "connectedRepositories", "createTime", "enterpriseConfig", "name", "secrets", "username", "webhookKey" ] }, "google-native:cloudbuild/v1:GitLabEnterpriseConfig": { "description": "GitLabEnterpriseConfig represents the configuration for a GitLabEnterprise integration.", "properties": { "hostUri": { "type": "string", "description": "Immutable. The URI of the GitlabEnterprise host." }, "serviceDirectoryConfig": { "$ref": "#/types/google-native:cloudbuild%2Fv1:ServiceDirectoryConfig", "description": "The Service Directory configuration to be used when reaching out to the GitLab Enterprise instance." }, "sslCa": { "type": "string", "description": "The SSL certificate to use in requests to GitLab Enterprise instances." } }, "type": "object" }, "google-native:cloudbuild/v1:GitLabEnterpriseConfigResponse": { "description": "GitLabEnterpriseConfig represents the configuration for a GitLabEnterprise integration.", "properties": { "hostUri": { "type": "string", "description": "Immutable. The URI of the GitlabEnterprise host." }, "serviceDirectoryConfig": { "$ref": "#/types/google-native:cloudbuild%2Fv1:ServiceDirectoryConfigResponse", "description": "The Service Directory configuration to be used when reaching out to the GitLab Enterprise instance." }, "sslCa": { "type": "string", "description": "The SSL certificate to use in requests to GitLab Enterprise instances." } }, "type": "object", "required": [ "hostUri", "serviceDirectoryConfig", "sslCa" ] }, "google-native:cloudbuild/v1:GitLabEventsConfig": { "description": "GitLabEventsConfig describes the configuration of a trigger that creates a build whenever a GitLab event is received.", "properties": { "gitlabConfigResource": { "type": "string", "description": "The GitLab config resource that this trigger config maps to." }, "projectNamespace": { "type": "string", "description": "Namespace of the GitLab project." }, "pullRequest": { "$ref": "#/types/google-native:cloudbuild%2Fv1:PullRequestFilter", "description": "Filter to match changes in pull requests." }, "push": { "$ref": "#/types/google-native:cloudbuild%2Fv1:PushFilter", "description": "Filter to match changes in refs like branches, tags." } }, "type": "object" }, "google-native:cloudbuild/v1:GitLabEventsConfigResponse": { "description": "GitLabEventsConfig describes the configuration of a trigger that creates a build whenever a GitLab event is received.", "properties": { "gitlabConfig": { "$ref": "#/types/google-native:cloudbuild%2Fv1:GitLabConfigResponse", "description": "The GitLabConfig specified in the gitlab_config_resource field." }, "gitlabConfigResource": { "type": "string", "description": "The GitLab config resource that this trigger config maps to." }, "projectNamespace": { "type": "string", "description": "Namespace of the GitLab project." }, "pullRequest": { "$ref": "#/types/google-native:cloudbuild%2Fv1:PullRequestFilterResponse", "description": "Filter to match changes in pull requests." }, "push": { "$ref": "#/types/google-native:cloudbuild%2Fv1:PushFilterResponse", "description": "Filter to match changes in refs like branches, tags." } }, "type": "object", "required": [ "gitlabConfig", "gitlabConfigResource", "projectNamespace", "pullRequest", "push" ] }, "google-native:cloudbuild/v1:GitLabRepositoryId": { "description": "GitLabRepositoryId identifies a specific repository hosted on GitLab.com or GitLabEnterprise", "properties": { "id": { "type": "string", "description": "Identifier for the repository. example: \"namespace/project-slug\", namespace is usually the username or group ID" } }, "type": "object", "required": [ "id" ] }, "google-native:cloudbuild/v1:GitLabRepositoryIdResponse": { "description": "GitLabRepositoryId identifies a specific repository hosted on GitLab.com or GitLabEnterprise", "properties": { "webhookId": { "type": "integer", "description": "The ID of the webhook that was created for receiving events from this repo. We only create and manage a single webhook for each repo." } }, "type": "object", "required": [ "webhookId" ] }, "google-native:cloudbuild/v1:GitLabSecrets": { "description": "GitLabSecrets represents the secrets in Secret Manager for a GitLab integration.", "properties": { "apiAccessTokenVersion": { "type": "string", "description": "The resource name for the api access token’s secret version" }, "apiKeyVersion": { "type": "string", "description": "Immutable. API Key that will be attached to webhook requests from GitLab to Cloud Build." }, "readAccessTokenVersion": { "type": "string", "description": "The resource name for the read access token’s secret version" }, "webhookSecretVersion": { "type": "string", "description": "Immutable. The resource name for the webhook secret’s secret version. Once this field has been set, it cannot be changed. If you need to change it, please create another GitLabConfig." } }, "type": "object", "required": [ "apiAccessTokenVersion", "apiKeyVersion", "readAccessTokenVersion", "webhookSecretVersion" ] }, "google-native:cloudbuild/v1:GitLabSecretsResponse": { "description": "GitLabSecrets represents the secrets in Secret Manager for a GitLab integration.", "properties": { "apiAccessTokenVersion": { "type": "string", "description": "The resource name for the api access token’s secret version" }, "apiKeyVersion": { "type": "string", "description": "Immutable. API Key that will be attached to webhook requests from GitLab to Cloud Build." }, "readAccessTokenVersion": { "type": "string", "description": "The resource name for the read access token’s secret version" }, "webhookSecretVersion": { "type": "string", "description": "Immutable. The resource name for the webhook secret’s secret version. Once this field has been set, it cannot be changed. If you need to change it, please create another GitLabConfig." } }, "type": "object", "required": [ "apiAccessTokenVersion", "apiKeyVersion", "readAccessTokenVersion", "webhookSecretVersion" ] }, "google-native:cloudbuild/v1:GitRepoSource": { "description": "GitRepoSource describes a repo and ref of a code repository.", "properties": { "bitbucketServerConfig": { "type": "string", "description": "The full resource name of the bitbucket server config. Format: `projects/{project}/locations/{location}/bitbucketServerConfigs/{id}`." }, "githubEnterpriseConfig": { "type": "string", "description": "The full resource name of the github enterprise config. Format: `projects/{project}/locations/{location}/githubEnterpriseConfigs/{id}`. `projects/{project}/githubEnterpriseConfigs/{id}`." }, "ref": { "type": "string", "description": "The branch or tag to use. Must start with \"refs/\" (required)." }, "repoType": { "$ref": "#/types/google-native:cloudbuild%2Fv1:GitRepoSourceRepoType", "description": "See RepoType below." }, "repository": { "type": "string", "description": "The connected repository resource name, in the format `projects/*/locations/*/connections/*/repositories/*`. Either `uri` or `repository` can be specified and is required." }, "uri": { "type": "string", "description": "The URI of the repo (e.g. https://github.com/user/repo.git). Either `uri` or `repository` can be specified and is required." } }, "type": "object" }, "google-native:cloudbuild/v1:GitRepoSourceRepoType": { "description": "See RepoType below.", "type": "string", "enum": [ { "name": "Unknown", "description": "The default, unknown repo type. Don't use it, instead use one of the other repo types.", "value": "UNKNOWN" }, { "name": "CloudSourceRepositories", "description": "A Google Cloud Source Repositories-hosted repo.", "value": "CLOUD_SOURCE_REPOSITORIES" }, { "name": "Github", "description": "A GitHub-hosted repo not necessarily on \"github.com\" (i.e. GitHub Enterprise).", "value": "GITHUB" }, { "name": "BitbucketServer", "description": "A Bitbucket Server-hosted repo.", "value": "BITBUCKET_SERVER" }, { "name": "Gitlab", "description": "A GitLab-hosted repo.", "value": "GITLAB" } ] }, "google-native:cloudbuild/v1:GitRepoSourceResponse": { "description": "GitRepoSource describes a repo and ref of a code repository.", "properties": { "bitbucketServerConfig": { "type": "string", "description": "The full resource name of the bitbucket server config. Format: `projects/{project}/locations/{location}/bitbucketServerConfigs/{id}`." }, "githubEnterpriseConfig": { "type": "string", "description": "The full resource name of the github enterprise config. Format: `projects/{project}/locations/{location}/githubEnterpriseConfigs/{id}`. `projects/{project}/githubEnterpriseConfigs/{id}`." }, "ref": { "type": "string", "description": "The branch or tag to use. Must start with \"refs/\" (required)." }, "repoType": { "type": "string", "description": "See RepoType below." }, "repository": { "type": "string", "description": "The connected repository resource name, in the format `projects/*/locations/*/connections/*/repositories/*`. Either `uri` or `repository` can be specified and is required." }, "uri": { "type": "string", "description": "The URI of the repo (e.g. https://github.com/user/repo.git). Either `uri` or `repository` can be specified and is required." } }, "type": "object", "required": [ "bitbucketServerConfig", "githubEnterpriseConfig", "ref", "repoType", "repository", "uri" ] }, "google-native:cloudbuild/v1:GitSource": { "description": "Location of the source in any accessible Git repository.", "properties": { "dir": { "type": "string", "description": "Directory, relative to the source root, in which to run the build. This must be a relative path. If a step's `dir` is specified and is an absolute path, this value is ignored for that step's execution." }, "revision": { "type": "string", "description": "The revision to fetch from the Git repository such as a branch, a tag, a commit SHA, or any Git ref. Cloud Build uses `git fetch` to fetch the revision from the Git repository; therefore make sure that the string you provide for `revision` is parsable by the command. For information on string values accepted by `git fetch`, see https://git-scm.com/docs/gitrevisions#_specifying_revisions. For information on `git fetch`, see https://git-scm.com/docs/git-fetch." }, "url": { "type": "string", "description": "Location of the Git repo to build. This will be used as a `git remote`, see https://git-scm.com/docs/git-remote." } }, "type": "object" }, "google-native:cloudbuild/v1:GitSourceResponse": { "description": "Location of the source in any accessible Git repository.", "properties": { "dir": { "type": "string", "description": "Directory, relative to the source root, in which to run the build. This must be a relative path. If a step's `dir` is specified and is an absolute path, this value is ignored for that step's execution." }, "revision": { "type": "string", "description": "The revision to fetch from the Git repository such as a branch, a tag, a commit SHA, or any Git ref. Cloud Build uses `git fetch` to fetch the revision from the Git repository; therefore make sure that the string you provide for `revision` is parsable by the command. For information on string values accepted by `git fetch`, see https://git-scm.com/docs/gitrevisions#_specifying_revisions. For information on `git fetch`, see https://git-scm.com/docs/git-fetch." }, "url": { "type": "string", "description": "Location of the Git repo to build. This will be used as a `git remote`, see https://git-scm.com/docs/git-remote." } }, "type": "object", "required": [ "dir", "revision", "url" ] }, "google-native:cloudbuild/v1:HashResponse": { "description": "Container message for hash values.", "properties": { "type": { "type": "string", "description": "The type of hash that was performed." }, "value": { "type": "string", "description": "The hash value." } }, "type": "object", "required": [ "type", "value" ] }, "google-native:cloudbuild/v1:InlineSecret": { "description": "Pairs a set of secret environment variables mapped to encrypted values with the Cloud KMS key to use to decrypt the value.", "properties": { "envMap": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of environment variable name to its encrypted value. Secret environment variables must be unique across all of a build's secrets, and must be used by at least one build step. Values can be at most 64 KB in size. There can be at most 100 secret values across all of a build's secrets." }, "kmsKeyName": { "type": "string", "description": "Resource name of Cloud KMS crypto key to decrypt the encrypted value. In format: projects/*/locations/*/keyRings/*/cryptoKeys/*" } }, "type": "object" }, "google-native:cloudbuild/v1:InlineSecretResponse": { "description": "Pairs a set of secret environment variables mapped to encrypted values with the Cloud KMS key to use to decrypt the value.", "properties": { "envMap": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of environment variable name to its encrypted value. Secret environment variables must be unique across all of a build's secrets, and must be used by at least one build step. Values can be at most 64 KB in size. There can be at most 100 secret values across all of a build's secrets." }, "kmsKeyName": { "type": "string", "description": "Resource name of Cloud KMS crypto key to decrypt the encrypted value. In format: projects/*/locations/*/keyRings/*/cryptoKeys/*" } }, "type": "object", "required": [ "envMap", "kmsKeyName" ] }, "google-native:cloudbuild/v1:MavenArtifact": { "description": "A Maven artifact to upload to Artifact Registry upon successful completion of all build steps.", "properties": { "artifactId": { "type": "string", "description": "Maven `artifactId` value used when uploading the artifact to Artifact Registry." }, "groupId": { "type": "string", "description": "Maven `groupId` value used when uploading the artifact to Artifact Registry." }, "path": { "type": "string", "description": "Path to an artifact in the build's workspace to be uploaded to Artifact Registry. This can be either an absolute path, e.g. /workspace/my-app/target/my-app-1.0.SNAPSHOT.jar or a relative path from /workspace, e.g. my-app/target/my-app-1.0.SNAPSHOT.jar." }, "repository": { "type": "string", "description": "Artifact Registry repository, in the form \"https://$REGION-maven.pkg.dev/$PROJECT/$REPOSITORY\" Artifact in the workspace specified by path will be uploaded to Artifact Registry with this location as a prefix." }, "version": { "type": "string", "description": "Maven `version` value used when uploading the artifact to Artifact Registry." } }, "type": "object" }, "google-native:cloudbuild/v1:MavenArtifactResponse": { "description": "A Maven artifact to upload to Artifact Registry upon successful completion of all build steps.", "properties": { "artifactId": { "type": "string", "description": "Maven `artifactId` value used when uploading the artifact to Artifact Registry." }, "groupId": { "type": "string", "description": "Maven `groupId` value used when uploading the artifact to Artifact Registry." }, "path": { "type": "string", "description": "Path to an artifact in the build's workspace to be uploaded to Artifact Registry. This can be either an absolute path, e.g. /workspace/my-app/target/my-app-1.0.SNAPSHOT.jar or a relative path from /workspace, e.g. my-app/target/my-app-1.0.SNAPSHOT.jar." }, "repository": { "type": "string", "description": "Artifact Registry repository, in the form \"https://$REGION-maven.pkg.dev/$PROJECT/$REPOSITORY\" Artifact in the workspace specified by path will be uploaded to Artifact Registry with this location as a prefix." }, "version": { "type": "string", "description": "Maven `version` value used when uploading the artifact to Artifact Registry." } }, "type": "object", "required": [ "artifactId", "groupId", "path", "repository", "version" ] }, "google-native:cloudbuild/v1:NetworkConfig": { "description": "Defines the network configuration for the pool.", "properties": { "egressOption": { "$ref": "#/types/google-native:cloudbuild%2Fv1:NetworkConfigEgressOption", "description": "Option to configure network egress for the workers." }, "peeredNetwork": { "type": "string", "description": "Immutable. The network definition that the workers are peered to. If this section is left empty, the workers will be peered to `WorkerPool.project_id` on the service producer network. Must be in the format `projects/{project}/global/networks/{network}`, where `{project}` is a project number, such as `12345`, and `{network}` is the name of a VPC network in the project. See [Understanding network configuration options](https://cloud.google.com/build/docs/private-pools/set-up-private-pool-environment)" }, "peeredNetworkIpRange": { "type": "string", "description": "Immutable. Subnet IP range within the peered network. This is specified in CIDR notation with a slash and the subnet prefix size. You can optionally specify an IP address before the subnet prefix value. e.g. `192.168.0.0/29` would specify an IP range starting at 192.168.0.0 with a prefix size of 29 bits. `/16` would specify a prefix size of 16 bits, with an automatically determined IP within the peered VPC. If unspecified, a value of `/24` will be used." } }, "type": "object", "required": [ "peeredNetwork" ] }, "google-native:cloudbuild/v1:NetworkConfigEgressOption": { "description": "Option to configure network egress for the workers.", "type": "string", "enum": [ { "name": "EgressOptionUnspecified", "description": "If set, defaults to PUBLIC_EGRESS.", "value": "EGRESS_OPTION_UNSPECIFIED" }, { "name": "NoPublicEgress", "description": "If set, workers are created without any public address, which prevents network egress to public IPs unless a network proxy is configured.", "value": "NO_PUBLIC_EGRESS" }, { "name": "PublicEgress", "description": "If set, workers are created with a public address which allows for public internet egress.", "value": "PUBLIC_EGRESS" } ] }, "google-native:cloudbuild/v1:NetworkConfigResponse": { "description": "Defines the network configuration for the pool.", "properties": { "egressOption": { "type": "string", "description": "Option to configure network egress for the workers." }, "peeredNetwork": { "type": "string", "description": "Immutable. The network definition that the workers are peered to. If this section is left empty, the workers will be peered to `WorkerPool.project_id` on the service producer network. Must be in the format `projects/{project}/global/networks/{network}`, where `{project}` is a project number, such as `12345`, and `{network}` is the name of a VPC network in the project. See [Understanding network configuration options](https://cloud.google.com/build/docs/private-pools/set-up-private-pool-environment)" }, "peeredNetworkIpRange": { "type": "string", "description": "Immutable. Subnet IP range within the peered network. This is specified in CIDR notation with a slash and the subnet prefix size. You can optionally specify an IP address before the subnet prefix value. e.g. `192.168.0.0/29` would specify an IP range starting at 192.168.0.0 with a prefix size of 29 bits. `/16` would specify a prefix size of 16 bits, with an automatically determined IP within the peered VPC. If unspecified, a value of `/24` will be used." } }, "type": "object", "required": [ "egressOption", "peeredNetwork", "peeredNetworkIpRange" ] }, "google-native:cloudbuild/v1:NpmPackage": { "description": "Npm package to upload to Artifact Registry upon successful completion of all build steps.", "properties": { "packagePath": { "type": "string", "description": "Path to the package.json. e.g. workspace/path/to/package" }, "repository": { "type": "string", "description": "Artifact Registry repository, in the form \"https://$REGION-npm.pkg.dev/$PROJECT/$REPOSITORY\" Npm package in the workspace specified by path will be zipped and uploaded to Artifact Registry with this location as a prefix." } }, "type": "object" }, "google-native:cloudbuild/v1:NpmPackageResponse": { "description": "Npm package to upload to Artifact Registry upon successful completion of all build steps.", "properties": { "packagePath": { "type": "string", "description": "Path to the package.json. e.g. workspace/path/to/package" }, "repository": { "type": "string", "description": "Artifact Registry repository, in the form \"https://$REGION-npm.pkg.dev/$PROJECT/$REPOSITORY\" Npm package in the workspace specified by path will be zipped and uploaded to Artifact Registry with this location as a prefix." } }, "type": "object", "required": [ "packagePath", "repository" ] }, "google-native:cloudbuild/v1:PoolOption": { "description": "Details about how a build should be executed on a `WorkerPool`. See [running builds in a private pool](https://cloud.google.com/build/docs/private-pools/run-builds-in-private-pool) for more information.", "properties": { "name": { "type": "string", "description": "The `WorkerPool` resource to execute the build on. You must have `cloudbuild.workerpools.use` on the project hosting the WorkerPool. Format projects/{project}/locations/{location}/workerPools/{workerPoolId}" } }, "type": "object" }, "google-native:cloudbuild/v1:PoolOptionResponse": { "description": "Details about how a build should be executed on a `WorkerPool`. See [running builds in a private pool](https://cloud.google.com/build/docs/private-pools/run-builds-in-private-pool) for more information.", "properties": { "name": { "type": "string", "description": "The `WorkerPool` resource to execute the build on. You must have `cloudbuild.workerpools.use` on the project hosting the WorkerPool. Format projects/{project}/locations/{location}/workerPools/{workerPoolId}" } }, "type": "object", "required": [ "name" ] }, "google-native:cloudbuild/v1:PrivatePoolV1Config": { "description": "Configuration for a V1 `PrivatePool`.", "properties": { "networkConfig": { "$ref": "#/types/google-native:cloudbuild%2Fv1:NetworkConfig", "description": "Network configuration for the pool." }, "workerConfig": { "$ref": "#/types/google-native:cloudbuild%2Fv1:WorkerConfig", "description": "Machine configuration for the workers in the pool." } }, "type": "object" }, "google-native:cloudbuild/v1:PrivatePoolV1ConfigResponse": { "description": "Configuration for a V1 `PrivatePool`.", "properties": { "networkConfig": { "$ref": "#/types/google-native:cloudbuild%2Fv1:NetworkConfigResponse", "description": "Network configuration for the pool." }, "workerConfig": { "$ref": "#/types/google-native:cloudbuild%2Fv1:WorkerConfigResponse", "description": "Machine configuration for the workers in the pool." } }, "type": "object", "required": [ "networkConfig", "workerConfig" ] }, "google-native:cloudbuild/v1:PubsubConfig": { "description": "PubsubConfig describes the configuration of a trigger that creates a build whenever a Pub/Sub message is published.", "properties": { "serviceAccountEmail": { "type": "string", "description": "Service account that will make the push request." }, "state": { "$ref": "#/types/google-native:cloudbuild%2Fv1:PubsubConfigState", "description": "Potential issues with the underlying Pub/Sub subscription configuration. Only populated on get requests." }, "topic": { "type": "string", "description": "The name of the topic from which this subscription is receiving messages. Format is `projects/{project}/topics/{topic}`." } }, "type": "object" }, "google-native:cloudbuild/v1:PubsubConfigResponse": { "description": "PubsubConfig describes the configuration of a trigger that creates a build whenever a Pub/Sub message is published.", "properties": { "serviceAccountEmail": { "type": "string", "description": "Service account that will make the push request." }, "state": { "type": "string", "description": "Potential issues with the underlying Pub/Sub subscription configuration. Only populated on get requests." }, "subscription": { "type": "string", "description": "Name of the subscription. Format is `projects/{project}/subscriptions/{subscription}`." }, "topic": { "type": "string", "description": "The name of the topic from which this subscription is receiving messages. Format is `projects/{project}/topics/{topic}`." } }, "type": "object", "required": [ "serviceAccountEmail", "state", "subscription", "topic" ] }, "google-native:cloudbuild/v1:PubsubConfigState": { "description": "Potential issues with the underlying Pub/Sub subscription configuration. Only populated on get requests.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "The subscription configuration has not been checked.", "value": "STATE_UNSPECIFIED" }, { "name": "Ok", "description": "The Pub/Sub subscription is properly configured.", "value": "OK" }, { "name": "SubscriptionDeleted", "description": "The subscription has been deleted.", "value": "SUBSCRIPTION_DELETED" }, { "name": "TopicDeleted", "description": "The topic has been deleted.", "value": "TOPIC_DELETED" }, { "name": "SubscriptionMisconfigured", "description": "Some of the subscription's field are misconfigured.", "value": "SUBSCRIPTION_MISCONFIGURED" } ] }, "google-native:cloudbuild/v1:PullRequestFilter": { "description": "PullRequestFilter contains filter properties for matching GitHub Pull Requests.", "properties": { "branch": { "type": "string", "description": "Regex of branches to match. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax" }, "commentControl": { "$ref": "#/types/google-native:cloudbuild%2Fv1:PullRequestFilterCommentControl", "description": "Configure builds to run whether a repository owner or collaborator need to comment `/gcbrun`." }, "invertRegex": { "type": "boolean", "description": "If true, branches that do NOT match the git_ref will trigger a build." } }, "type": "object" }, "google-native:cloudbuild/v1:PullRequestFilterCommentControl": { "description": "Configure builds to run whether a repository owner or collaborator need to comment `/gcbrun`.", "type": "string", "enum": [ { "name": "CommentsDisabled", "description": "Do not require comments on Pull Requests before builds are triggered.", "value": "COMMENTS_DISABLED" }, { "name": "CommentsEnabled", "description": "Enforce that repository owners or collaborators must comment on Pull Requests before builds are triggered.", "value": "COMMENTS_ENABLED" }, { "name": "CommentsEnabledForExternalContributorsOnly", "description": "Enforce that repository owners or collaborators must comment on external contributors' Pull Requests before builds are triggered.", "value": "COMMENTS_ENABLED_FOR_EXTERNAL_CONTRIBUTORS_ONLY" } ] }, "google-native:cloudbuild/v1:PullRequestFilterResponse": { "description": "PullRequestFilter contains filter properties for matching GitHub Pull Requests.", "properties": { "branch": { "type": "string", "description": "Regex of branches to match. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax" }, "commentControl": { "type": "string", "description": "Configure builds to run whether a repository owner or collaborator need to comment `/gcbrun`." }, "invertRegex": { "type": "boolean", "description": "If true, branches that do NOT match the git_ref will trigger a build." } }, "type": "object", "required": [ "branch", "commentControl", "invertRegex" ] }, "google-native:cloudbuild/v1:PushFilter": { "description": "Push contains filter properties for matching GitHub git pushes.", "properties": { "branch": { "type": "string", "description": "Regexes matching branches to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax" }, "invertRegex": { "type": "boolean", "description": "When true, only trigger a build if the revision regex does NOT match the git_ref regex." }, "tag": { "type": "string", "description": "Regexes matching tags to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax" } }, "type": "object" }, "google-native:cloudbuild/v1:PushFilterResponse": { "description": "Push contains filter properties for matching GitHub git pushes.", "properties": { "branch": { "type": "string", "description": "Regexes matching branches to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax" }, "invertRegex": { "type": "boolean", "description": "When true, only trigger a build if the revision regex does NOT match the git_ref regex." }, "tag": { "type": "string", "description": "Regexes matching tags to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax" } }, "type": "object", "required": [ "branch", "invertRegex", "tag" ] }, "google-native:cloudbuild/v1:PythonPackage": { "description": "Python package to upload to Artifact Registry upon successful completion of all build steps. A package can encapsulate multiple objects to be uploaded to a single repository.", "properties": { "paths": { "type": "array", "items": { "type": "string" }, "description": "Path globs used to match files in the build's workspace. For Python/ Twine, this is usually `dist/*`, and sometimes additionally an `.asc` file." }, "repository": { "type": "string", "description": "Artifact Registry repository, in the form \"https://$REGION-python.pkg.dev/$PROJECT/$REPOSITORY\" Files in the workspace matching any path pattern will be uploaded to Artifact Registry with this location as a prefix." } }, "type": "object" }, "google-native:cloudbuild/v1:PythonPackageResponse": { "description": "Python package to upload to Artifact Registry upon successful completion of all build steps. A package can encapsulate multiple objects to be uploaded to a single repository.", "properties": { "paths": { "type": "array", "items": { "type": "string" }, "description": "Path globs used to match files in the build's workspace. For Python/ Twine, this is usually `dist/*`, and sometimes additionally an `.asc` file." }, "repository": { "type": "string", "description": "Artifact Registry repository, in the form \"https://$REGION-python.pkg.dev/$PROJECT/$REPOSITORY\" Files in the workspace matching any path pattern will be uploaded to Artifact Registry with this location as a prefix." } }, "type": "object", "required": [ "paths", "repository" ] }, "google-native:cloudbuild/v1:RepoSource": { "description": "Location of the source in a Google Cloud Source Repository.", "properties": { "branchName": { "type": "string", "description": "Regex matching branches to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax" }, "commitSha": { "type": "string", "description": "Explicit commit SHA to build." }, "dir": { "type": "string", "description": "Directory, relative to the source root, in which to run the build. This must be a relative path. If a step's `dir` is specified and is an absolute path, this value is ignored for that step's execution." }, "invertRegex": { "type": "boolean", "description": "Only trigger a build if the revision regex does NOT match the revision regex." }, "project": { "type": "string", "description": "ID of the project that owns the Cloud Source Repository. If omitted, the project ID requesting the build is assumed." }, "repoName": { "type": "string", "description": "Name of the Cloud Source Repository." }, "substitutions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Substitutions to use in a triggered build. Should only be used with RunBuildTrigger" }, "tagName": { "type": "string", "description": "Regex matching tags to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax" } }, "type": "object" }, "google-native:cloudbuild/v1:RepoSourceResponse": { "description": "Location of the source in a Google Cloud Source Repository.", "properties": { "branchName": { "type": "string", "description": "Regex matching branches to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax" }, "commitSha": { "type": "string", "description": "Explicit commit SHA to build." }, "dir": { "type": "string", "description": "Directory, relative to the source root, in which to run the build. This must be a relative path. If a step's `dir` is specified and is an absolute path, this value is ignored for that step's execution." }, "invertRegex": { "type": "boolean", "description": "Only trigger a build if the revision regex does NOT match the revision regex." }, "project": { "type": "string", "description": "ID of the project that owns the Cloud Source Repository. If omitted, the project ID requesting the build is assumed." }, "repoName": { "type": "string", "description": "Name of the Cloud Source Repository." }, "substitutions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Substitutions to use in a triggered build. Should only be used with RunBuildTrigger" }, "tagName": { "type": "string", "description": "Regex matching tags to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax" } }, "type": "object", "required": [ "branchName", "commitSha", "dir", "invertRegex", "project", "repoName", "substitutions", "tagName" ] }, "google-native:cloudbuild/v1:RepositoryEventConfig": { "description": "The configuration of a trigger that creates a build whenever an event from Repo API is received.", "properties": { "pullRequest": { "$ref": "#/types/google-native:cloudbuild%2Fv1:PullRequestFilter", "description": "Filter to match changes in pull requests." }, "push": { "$ref": "#/types/google-native:cloudbuild%2Fv1:PushFilter", "description": "Filter to match changes in refs like branches, tags." }, "repository": { "type": "string", "description": "The resource name of the Repo API resource." } }, "type": "object" }, "google-native:cloudbuild/v1:RepositoryEventConfigResponse": { "description": "The configuration of a trigger that creates a build whenever an event from Repo API is received.", "properties": { "pullRequest": { "$ref": "#/types/google-native:cloudbuild%2Fv1:PullRequestFilterResponse", "description": "Filter to match changes in pull requests." }, "push": { "$ref": "#/types/google-native:cloudbuild%2Fv1:PushFilterResponse", "description": "Filter to match changes in refs like branches, tags." }, "repository": { "type": "string", "description": "The resource name of the Repo API resource." }, "repositoryType": { "type": "string", "description": "The type of the SCM vendor the repository points to." } }, "type": "object", "required": [ "pullRequest", "push", "repository", "repositoryType" ] }, "google-native:cloudbuild/v1:ResultsResponse": { "description": "Artifacts created by the build pipeline.", "properties": { "artifactManifest": { "type": "string", "description": "Path to the artifact manifest for non-container artifacts uploaded to Cloud Storage. Only populated when artifacts are uploaded to Cloud Storage." }, "artifactTiming": { "$ref": "#/types/google-native:cloudbuild%2Fv1:TimeSpanResponse", "description": "Time to push all non-container artifacts to Cloud Storage." }, "buildStepImages": { "type": "array", "items": { "type": "string" }, "description": "List of build step digests, in the order corresponding to build step indices." }, "buildStepOutputs": { "type": "array", "items": { "type": "string" }, "description": "List of build step outputs, produced by builder images, in the order corresponding to build step indices. [Cloud Builders](https://cloud.google.com/cloud-build/docs/cloud-builders) can produce this output by writing to `$BUILDER_OUTPUT/output`. Only the first 50KB of data is stored." }, "images": { "type": "array", "items": { "$ref": "#/types/google-native:cloudbuild%2Fv1:BuiltImageResponse" }, "description": "Container images that were built as a part of the build." }, "mavenArtifacts": { "type": "array", "items": { "$ref": "#/types/google-native:cloudbuild%2Fv1:UploadedMavenArtifactResponse" }, "description": "Maven artifacts uploaded to Artifact Registry at the end of the build." }, "npmPackages": { "type": "array", "items": { "$ref": "#/types/google-native:cloudbuild%2Fv1:UploadedNpmPackageResponse" }, "description": "Npm packages uploaded to Artifact Registry at the end of the build." }, "numArtifacts": { "type": "string", "description": "Number of non-container artifacts uploaded to Cloud Storage. Only populated when artifacts are uploaded to Cloud Storage." }, "pythonPackages": { "type": "array", "items": { "$ref": "#/types/google-native:cloudbuild%2Fv1:UploadedPythonPackageResponse" }, "description": "Python artifacts uploaded to Artifact Registry at the end of the build." } }, "type": "object", "required": [ "artifactManifest", "artifactTiming", "buildStepImages", "buildStepOutputs", "images", "mavenArtifacts", "npmPackages", "numArtifacts", "pythonPackages" ] }, "google-native:cloudbuild/v1:Secret": { "description": "Pairs a set of secret environment variables containing encrypted values with the Cloud KMS key to use to decrypt the value. Note: Use `kmsKeyName` with `available_secrets` instead of using `kmsKeyName` with `secret`. For instructions see: https://cloud.google.com/cloud-build/docs/securing-builds/use-encrypted-credentials.", "properties": { "kmsKeyName": { "type": "string", "description": "Cloud KMS key name to use to decrypt these envs." }, "secretEnv": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of environment variable name to its encrypted value. Secret environment variables must be unique across all of a build's secrets, and must be used by at least one build step. Values can be at most 64 KB in size. There can be at most 100 secret values across all of a build's secrets." } }, "type": "object" }, "google-native:cloudbuild/v1:SecretManagerSecret": { "description": "Pairs a secret environment variable with a SecretVersion in Secret Manager.", "properties": { "env": { "type": "string", "description": "Environment variable name to associate with the secret. Secret environment variables must be unique across all of a build's secrets, and must be used by at least one build step." }, "versionName": { "type": "string", "description": "Resource name of the SecretVersion. In format: projects/*/secrets/*/versions/*" } }, "type": "object" }, "google-native:cloudbuild/v1:SecretManagerSecretResponse": { "description": "Pairs a secret environment variable with a SecretVersion in Secret Manager.", "properties": { "env": { "type": "string", "description": "Environment variable name to associate with the secret. Secret environment variables must be unique across all of a build's secrets, and must be used by at least one build step." }, "versionName": { "type": "string", "description": "Resource name of the SecretVersion. In format: projects/*/secrets/*/versions/*" } }, "type": "object", "required": [ "env", "versionName" ] }, "google-native:cloudbuild/v1:SecretResponse": { "description": "Pairs a set of secret environment variables containing encrypted values with the Cloud KMS key to use to decrypt the value. Note: Use `kmsKeyName` with `available_secrets` instead of using `kmsKeyName` with `secret`. For instructions see: https://cloud.google.com/cloud-build/docs/securing-builds/use-encrypted-credentials.", "properties": { "kmsKeyName": { "type": "string", "description": "Cloud KMS key name to use to decrypt these envs." }, "secretEnv": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of environment variable name to its encrypted value. Secret environment variables must be unique across all of a build's secrets, and must be used by at least one build step. Values can be at most 64 KB in size. There can be at most 100 secret values across all of a build's secrets." } }, "type": "object", "required": [ "kmsKeyName", "secretEnv" ] }, "google-native:cloudbuild/v1:Secrets": { "description": "Secrets and secret environment variables.", "properties": { "inline": { "type": "array", "items": { "$ref": "#/types/google-native:cloudbuild%2Fv1:InlineSecret" }, "description": "Secrets encrypted with KMS key and the associated secret environment variable." }, "secretManager": { "type": "array", "items": { "$ref": "#/types/google-native:cloudbuild%2Fv1:SecretManagerSecret" }, "description": "Secrets in Secret Manager and associated secret environment variable." } }, "type": "object" }, "google-native:cloudbuild/v1:SecretsResponse": { "description": "Secrets and secret environment variables.", "properties": { "inline": { "type": "array", "items": { "$ref": "#/types/google-native:cloudbuild%2Fv1:InlineSecretResponse" }, "description": "Secrets encrypted with KMS key and the associated secret environment variable." }, "secretManager": { "type": "array", "items": { "$ref": "#/types/google-native:cloudbuild%2Fv1:SecretManagerSecretResponse" }, "description": "Secrets in Secret Manager and associated secret environment variable." } }, "type": "object", "required": [ "inline", "secretManager" ] }, "google-native:cloudbuild/v1:ServiceDirectoryConfig": { "description": "ServiceDirectoryConfig represents Service Directory configuration for a SCM host connection.", "properties": { "service": { "type": "string", "description": "The Service Directory service name. Format: projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}." } }, "type": "object" }, "google-native:cloudbuild/v1:ServiceDirectoryConfigResponse": { "description": "ServiceDirectoryConfig represents Service Directory configuration for a SCM host connection.", "properties": { "service": { "type": "string", "description": "The Service Directory service name. Format: projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}." } }, "type": "object", "required": [ "service" ] }, "google-native:cloudbuild/v1:Source": { "description": "Location of the source in a supported storage service.", "properties": { "connectedRepository": { "$ref": "#/types/google-native:cloudbuild%2Fv1:ConnectedRepository", "description": "Optional. If provided, get the source from this 2nd-gen Google Cloud Build repository resource." }, "gitSource": { "$ref": "#/types/google-native:cloudbuild%2Fv1:GitSource", "description": "If provided, get the source from this Git repository." }, "repoSource": { "$ref": "#/types/google-native:cloudbuild%2Fv1:RepoSource", "description": "If provided, get the source from this location in a Cloud Source Repository." }, "storageSource": { "$ref": "#/types/google-native:cloudbuild%2Fv1:StorageSource", "description": "If provided, get the source from this location in Cloud Storage." }, "storageSourceManifest": { "$ref": "#/types/google-native:cloudbuild%2Fv1:StorageSourceManifest", "description": "If provided, get the source from this manifest in Cloud Storage. This feature is in Preview; see description [here](https://github.com/GoogleCloudPlatform/cloud-builders/tree/master/gcs-fetcher)." } }, "type": "object" }, "google-native:cloudbuild/v1:SourceProvenanceResponse": { "description": "Provenance of the source. Ways to find the original source, or verify that some source was used for this build.", "properties": { "fileHashes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Hash(es) of the build source, which can be used to verify that the original source integrity was maintained in the build. Note that `FileHashes` will only be populated if `BuildOptions` has requested a `SourceProvenanceHash`. The keys to this map are file paths used as build source and the values contain the hash values for those files. If the build source came in a single package such as a gzipped tarfile (`.tar.gz`), the `FileHash` will be for the single path to that file." }, "resolvedConnectedRepository": { "$ref": "#/types/google-native:cloudbuild%2Fv1:ConnectedRepositoryResponse", "description": "A copy of the build's `source.connected_repository`, if exists, with any revisions resolved." }, "resolvedGitSource": { "$ref": "#/types/google-native:cloudbuild%2Fv1:GitSourceResponse", "description": "A copy of the build's `source.git_source`, if exists, with any revisions resolved." }, "resolvedRepoSource": { "$ref": "#/types/google-native:cloudbuild%2Fv1:RepoSourceResponse", "description": "A copy of the build's `source.repo_source`, if exists, with any revisions resolved." }, "resolvedStorageSource": { "$ref": "#/types/google-native:cloudbuild%2Fv1:StorageSourceResponse", "description": "A copy of the build's `source.storage_source`, if exists, with any generations resolved." }, "resolvedStorageSourceManifest": { "$ref": "#/types/google-native:cloudbuild%2Fv1:StorageSourceManifestResponse", "description": "A copy of the build's `source.storage_source_manifest`, if exists, with any revisions resolved. This feature is in Preview." } }, "type": "object", "required": [ "fileHashes", "resolvedConnectedRepository", "resolvedGitSource", "resolvedRepoSource", "resolvedStorageSource", "resolvedStorageSourceManifest" ] }, "google-native:cloudbuild/v1:SourceResponse": { "description": "Location of the source in a supported storage service.", "properties": { "connectedRepository": { "$ref": "#/types/google-native:cloudbuild%2Fv1:ConnectedRepositoryResponse", "description": "Optional. If provided, get the source from this 2nd-gen Google Cloud Build repository resource." }, "gitSource": { "$ref": "#/types/google-native:cloudbuild%2Fv1:GitSourceResponse", "description": "If provided, get the source from this Git repository." }, "repoSource": { "$ref": "#/types/google-native:cloudbuild%2Fv1:RepoSourceResponse", "description": "If provided, get the source from this location in a Cloud Source Repository." }, "storageSource": { "$ref": "#/types/google-native:cloudbuild%2Fv1:StorageSourceResponse", "description": "If provided, get the source from this location in Cloud Storage." }, "storageSourceManifest": { "$ref": "#/types/google-native:cloudbuild%2Fv1:StorageSourceManifestResponse", "description": "If provided, get the source from this manifest in Cloud Storage. This feature is in Preview; see description [here](https://github.com/GoogleCloudPlatform/cloud-builders/tree/master/gcs-fetcher)." } }, "type": "object", "required": [ "connectedRepository", "gitSource", "repoSource", "storageSource", "storageSourceManifest" ] }, "google-native:cloudbuild/v1:StorageSource": { "description": "Location of the source in an archive file in Cloud Storage.", "properties": { "bucket": { "type": "string", "description": "Cloud Storage bucket containing the source (see [Bucket Name Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements))." }, "generation": { "type": "string", "description": "Cloud Storage generation for the object. If the generation is omitted, the latest generation will be used." }, "object": { "type": "string", "description": "Cloud Storage object containing the source. This object must be a zipped (`.zip`) or gzipped archive file (`.tar.gz`) containing source to build." }, "sourceFetcher": { "$ref": "#/types/google-native:cloudbuild%2Fv1:StorageSourceSourceFetcher", "description": "Optional. Option to specify the tool to fetch the source file for the build." } }, "type": "object" }, "google-native:cloudbuild/v1:StorageSourceManifest": { "description": "Location of the source manifest in Cloud Storage. This feature is in Preview; see description [here](https://github.com/GoogleCloudPlatform/cloud-builders/tree/master/gcs-fetcher).", "properties": { "bucket": { "type": "string", "description": "Cloud Storage bucket containing the source manifest (see [Bucket Name Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements))." }, "generation": { "type": "string", "description": "Cloud Storage generation for the object. If the generation is omitted, the latest generation will be used." }, "object": { "type": "string", "description": "Cloud Storage object containing the source manifest. This object must be a JSON file." } }, "type": "object" }, "google-native:cloudbuild/v1:StorageSourceManifestResponse": { "description": "Location of the source manifest in Cloud Storage. This feature is in Preview; see description [here](https://github.com/GoogleCloudPlatform/cloud-builders/tree/master/gcs-fetcher).", "properties": { "bucket": { "type": "string", "description": "Cloud Storage bucket containing the source manifest (see [Bucket Name Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements))." }, "generation": { "type": "string", "description": "Cloud Storage generation for the object. If the generation is omitted, the latest generation will be used." }, "object": { "type": "string", "description": "Cloud Storage object containing the source manifest. This object must be a JSON file." } }, "type": "object", "required": [ "bucket", "generation", "object" ] }, "google-native:cloudbuild/v1:StorageSourceResponse": { "description": "Location of the source in an archive file in Cloud Storage.", "properties": { "bucket": { "type": "string", "description": "Cloud Storage bucket containing the source (see [Bucket Name Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements))." }, "generation": { "type": "string", "description": "Cloud Storage generation for the object. If the generation is omitted, the latest generation will be used." }, "object": { "type": "string", "description": "Cloud Storage object containing the source. This object must be a zipped (`.zip`) or gzipped archive file (`.tar.gz`) containing source to build." }, "sourceFetcher": { "type": "string", "description": "Optional. Option to specify the tool to fetch the source file for the build." } }, "type": "object", "required": [ "bucket", "generation", "object", "sourceFetcher" ] }, "google-native:cloudbuild/v1:StorageSourceSourceFetcher": { "description": "Optional. Option to specify the tool to fetch the source file for the build.", "type": "string", "enum": [ { "name": "SourceFetcherUnspecified", "description": "Unspecified defaults to GSUTIL.", "value": "SOURCE_FETCHER_UNSPECIFIED" }, { "name": "Gsutil", "description": "Use the \"gsutil\" tool to download the source file.", "value": "GSUTIL" }, { "name": "GcsFetcher", "description": "Use the Cloud Storage Fetcher tool to download the source file.", "value": "GCS_FETCHER" } ] }, "google-native:cloudbuild/v1:TimeSpanResponse": { "description": "Start and end times for a build execution phase.", "properties": { "endTime": { "type": "string", "description": "End of time span." }, "startTime": { "type": "string", "description": "Start of time span." } }, "type": "object", "required": [ "endTime", "startTime" ] }, "google-native:cloudbuild/v1:TriggerEventType": { "description": "EventType allows the user to explicitly set the type of event to which this BuildTrigger should respond. This field will be validated against the rest of the configuration if it is set.", "type": "string", "enum": [ { "name": "EventTypeUnspecified", "description": "EVENT_TYPE_UNSPECIFIED event_types are ignored.", "value": "EVENT_TYPE_UNSPECIFIED" }, { "name": "Repo", "description": "REPO corresponds to the supported VCS integrations.", "value": "REPO" }, { "name": "Webhook", "description": "WEBHOOK corresponds to webhook triggers.", "value": "WEBHOOK" }, { "name": "Pubsub", "description": "PUBSUB corresponds to pubsub triggers.", "value": "PUBSUB" }, { "name": "Manual", "description": "MANUAL corresponds to manual-only invoked triggers.", "value": "MANUAL" } ] }, "google-native:cloudbuild/v1:TriggerIncludeBuildLogs": { "description": "If set to INCLUDE_BUILD_LOGS_WITH_STATUS, log url will be shown on GitHub page when build status is final. Setting this field to INCLUDE_BUILD_LOGS_WITH_STATUS for non GitHub triggers results in INVALID_ARGUMENT error.", "type": "string", "enum": [ { "name": "IncludeBuildLogsUnspecified", "description": "Build logs will not be shown on GitHub.", "value": "INCLUDE_BUILD_LOGS_UNSPECIFIED" }, { "name": "IncludeBuildLogsWithStatus", "description": "Build logs will be shown on GitHub.", "value": "INCLUDE_BUILD_LOGS_WITH_STATUS" } ] }, "google-native:cloudbuild/v1:UploadedMavenArtifactResponse": { "description": "A Maven artifact uploaded using the MavenArtifact directive.", "properties": { "fileHashes": { "$ref": "#/types/google-native:cloudbuild%2Fv1:FileHashesResponse", "description": "Hash types and values of the Maven Artifact." }, "pushTiming": { "$ref": "#/types/google-native:cloudbuild%2Fv1:TimeSpanResponse", "description": "Stores timing information for pushing the specified artifact." }, "uri": { "type": "string", "description": "URI of the uploaded artifact." } }, "type": "object", "required": [ "fileHashes", "pushTiming", "uri" ] }, "google-native:cloudbuild/v1:UploadedNpmPackageResponse": { "description": "An npm package uploaded to Artifact Registry using the NpmPackage directive.", "properties": { "fileHashes": { "$ref": "#/types/google-native:cloudbuild%2Fv1:FileHashesResponse", "description": "Hash types and values of the npm package." }, "pushTiming": { "$ref": "#/types/google-native:cloudbuild%2Fv1:TimeSpanResponse", "description": "Stores timing information for pushing the specified artifact." }, "uri": { "type": "string", "description": "URI of the uploaded npm package." } }, "type": "object", "required": [ "fileHashes", "pushTiming", "uri" ] }, "google-native:cloudbuild/v1:UploadedPythonPackageResponse": { "description": "Artifact uploaded using the PythonPackage directive.", "properties": { "fileHashes": { "$ref": "#/types/google-native:cloudbuild%2Fv1:FileHashesResponse", "description": "Hash types and values of the Python Artifact." }, "pushTiming": { "$ref": "#/types/google-native:cloudbuild%2Fv1:TimeSpanResponse", "description": "Stores timing information for pushing the specified artifact." }, "uri": { "type": "string", "description": "URI of the uploaded artifact." } }, "type": "object", "required": [ "fileHashes", "pushTiming", "uri" ] }, "google-native:cloudbuild/v1:Volume": { "description": "Volume describes a Docker container volume which is mounted into build steps in order to persist files across build step execution.", "properties": { "name": { "type": "string", "description": "Name of the volume to mount. Volume names must be unique per build step and must be valid names for Docker volumes. Each named volume must be used by at least two build steps." }, "path": { "type": "string", "description": "Path at which to mount the volume. Paths must be absolute and cannot conflict with other volume paths on the same build step or with certain reserved volume paths." } }, "type": "object" }, "google-native:cloudbuild/v1:VolumeResponse": { "description": "Volume describes a Docker container volume which is mounted into build steps in order to persist files across build step execution.", "properties": { "name": { "type": "string", "description": "Name of the volume to mount. Volume names must be unique per build step and must be valid names for Docker volumes. Each named volume must be used by at least two build steps." }, "path": { "type": "string", "description": "Path at which to mount the volume. Paths must be absolute and cannot conflict with other volume paths on the same build step or with certain reserved volume paths." } }, "type": "object", "required": [ "name", "path" ] }, "google-native:cloudbuild/v1:WarningResponse": { "description": "A non-fatal problem encountered during the execution of the build.", "properties": { "priority": { "type": "string", "description": "The priority for this warning." }, "text": { "type": "string", "description": "Explanation of the warning generated." } }, "type": "object", "required": [ "priority", "text" ] }, "google-native:cloudbuild/v1:WebhookConfig": { "description": "WebhookConfig describes the configuration of a trigger that creates a build whenever a webhook is sent to a trigger's webhook URL.", "properties": { "secret": { "type": "string", "description": "Resource name for the secret required as a URL parameter." }, "state": { "$ref": "#/types/google-native:cloudbuild%2Fv1:WebhookConfigState", "description": "Potential issues with the underlying Pub/Sub subscription configuration. Only populated on get requests." } }, "type": "object", "required": [ "secret" ] }, "google-native:cloudbuild/v1:WebhookConfigResponse": { "description": "WebhookConfig describes the configuration of a trigger that creates a build whenever a webhook is sent to a trigger's webhook URL.", "properties": { "secret": { "type": "string", "description": "Resource name for the secret required as a URL parameter." }, "state": { "type": "string", "description": "Potential issues with the underlying Pub/Sub subscription configuration. Only populated on get requests." } }, "type": "object", "required": [ "secret", "state" ] }, "google-native:cloudbuild/v1:WebhookConfigState": { "description": "Potential issues with the underlying Pub/Sub subscription configuration. Only populated on get requests.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "The webhook auth configuration not been checked.", "value": "STATE_UNSPECIFIED" }, { "name": "Ok", "description": "The auth configuration is properly setup.", "value": "OK" }, { "name": "SecretDeleted", "description": "The secret provided in auth_method has been deleted.", "value": "SECRET_DELETED" } ] }, "google-native:cloudbuild/v1:WorkerConfig": { "description": "Defines the configuration to be used for creating workers in the pool.", "properties": { "diskSizeGb": { "type": "string", "description": "Size of the disk attached to the worker, in GB. See [Worker pool config file](https://cloud.google.com/build/docs/private-pools/worker-pool-config-file-schema). Specify a value of up to 2000. If `0` is specified, Cloud Build will use a standard disk size." }, "machineType": { "type": "string", "description": "Machine type of a worker, such as `e2-medium`. See [Worker pool config file](https://cloud.google.com/build/docs/private-pools/worker-pool-config-file-schema). If left blank, Cloud Build will use a sensible default." } }, "type": "object" }, "google-native:cloudbuild/v1:WorkerConfigResponse": { "description": "Defines the configuration to be used for creating workers in the pool.", "properties": { "diskSizeGb": { "type": "string", "description": "Size of the disk attached to the worker, in GB. See [Worker pool config file](https://cloud.google.com/build/docs/private-pools/worker-pool-config-file-schema). Specify a value of up to 2000. If `0` is specified, Cloud Build will use a standard disk size." }, "machineType": { "type": "string", "description": "Machine type of a worker, such as `e2-medium`. See [Worker pool config file](https://cloud.google.com/build/docs/private-pools/worker-pool-config-file-schema). If left blank, Cloud Build will use a sensible default." } }, "type": "object", "required": [ "diskSizeGb", "machineType" ] }, "google-native:cloudbuild/v1alpha1:Network": { "description": "Network describes the GCP network used to create workers in.", "properties": { "network": { "type": "string", "description": "Network on which the workers are created. \"default\" network is used if empty." }, "project": { "type": "string", "description": "Project id containing the defined network and subnetwork. For a peered VPC, this will be the same as the project_id in which the workers are created. For a shared VPC, this will be the project sharing the network with the project_id project in which workers will be created. For custom workers with no VPC, this will be the same as project_id." }, "subnetwork": { "type": "string", "description": "Subnetwork on which the workers are created. \"default\" subnetwork is used if empty." } }, "type": "object" }, "google-native:cloudbuild/v1alpha1:NetworkResponse": { "description": "Network describes the GCP network used to create workers in.", "properties": { "network": { "type": "string", "description": "Network on which the workers are created. \"default\" network is used if empty." }, "project": { "type": "string", "description": "Project id containing the defined network and subnetwork. For a peered VPC, this will be the same as the project_id in which the workers are created. For a shared VPC, this will be the project sharing the network with the project_id project in which workers will be created. For custom workers with no VPC, this will be the same as project_id." }, "subnetwork": { "type": "string", "description": "Subnetwork on which the workers are created. \"default\" subnetwork is used if empty." } }, "type": "object", "required": [ "network", "project", "subnetwork" ] }, "google-native:cloudbuild/v1alpha1:WorkerConfig": { "description": "WorkerConfig defines the configuration to be used for a creating workers in the pool.", "properties": { "diskSizeGb": { "type": "string", "description": "Size of the disk attached to the worker, in GB. See https://cloud.google.com/compute/docs/disks/ If `0` is specified, Cloud Build will use a standard disk size. `disk_size` is overridden if you specify a different disk size in `build_options`. In this case, a VM with a disk size specified in the `build_options` will be created on demand at build time. For more information see https://cloud.google.com/cloud-build/docs/api/reference/rest/v1/projects.builds#buildoptions" }, "machineType": { "type": "string", "description": "Machine Type of the worker, such as n1-standard-1. See https://cloud.google.com/compute/docs/machine-types. If left blank, Cloud Build will use a standard unspecified machine to create the worker pool. `machine_type` is overridden if you specify a different machine type in `build_options`. In this case, the VM specified in the `build_options` will be created on demand at build time. For more information see https://cloud.google.com/cloud-build/docs/speeding-up-builds#using_custom_virtual_machine_sizes" }, "network": { "$ref": "#/types/google-native:cloudbuild%2Fv1alpha1:Network", "description": "The network definition used to create the worker. If this section is left empty, the workers will be created in WorkerPool.project_id on the default network." }, "tag": { "type": "string", "description": "The tag applied to the worker, and the same tag used by the firewall rule. It is used to identify the Cloud Build workers among other VMs. The default value for tag is `worker`." } }, "type": "object" }, "google-native:cloudbuild/v1alpha1:WorkerConfigResponse": { "description": "WorkerConfig defines the configuration to be used for a creating workers in the pool.", "properties": { "diskSizeGb": { "type": "string", "description": "Size of the disk attached to the worker, in GB. See https://cloud.google.com/compute/docs/disks/ If `0` is specified, Cloud Build will use a standard disk size. `disk_size` is overridden if you specify a different disk size in `build_options`. In this case, a VM with a disk size specified in the `build_options` will be created on demand at build time. For more information see https://cloud.google.com/cloud-build/docs/api/reference/rest/v1/projects.builds#buildoptions" }, "machineType": { "type": "string", "description": "Machine Type of the worker, such as n1-standard-1. See https://cloud.google.com/compute/docs/machine-types. If left blank, Cloud Build will use a standard unspecified machine to create the worker pool. `machine_type` is overridden if you specify a different machine type in `build_options`. In this case, the VM specified in the `build_options` will be created on demand at build time. For more information see https://cloud.google.com/cloud-build/docs/speeding-up-builds#using_custom_virtual_machine_sizes" }, "network": { "$ref": "#/types/google-native:cloudbuild%2Fv1alpha1:NetworkResponse", "description": "The network definition used to create the worker. If this section is left empty, the workers will be created in WorkerPool.project_id on the default network." }, "tag": { "type": "string", "description": "The tag applied to the worker, and the same tag used by the firewall rule. It is used to identify the Cloud Build workers among other VMs. The default value for tag is `worker`." } }, "type": "object", "required": [ "diskSizeGb", "machineType", "network", "tag" ] }, "google-native:cloudbuild/v1alpha1:WorkerPoolRegionsItem": { "type": "string", "enum": [ { "name": "RegionUnspecified", "description": "no region", "value": "REGION_UNSPECIFIED" }, { "name": "UsCentral1", "description": "us-central1 region", "value": "us-central1" }, { "name": "UsWest1", "description": "us-west1 region", "value": "us-west1" }, { "name": "UsEast1", "description": "us-east1 region", "value": "us-east1" }, { "name": "UsEast4", "description": "us-east4 region", "value": "us-east4" } ] }, "google-native:cloudbuild/v1alpha2:NetworkConfig": { "description": "Network describes the network configuration for a `WorkerPool`.", "properties": { "peeredNetwork": { "type": "string", "description": "Immutable. The network definition that the workers are peered to. If this section is left empty, the workers will be peered to WorkerPool.project_id on the default network. Must be in the format `projects/{project}/global/networks/{network}`, where {project} is a project number, such as `12345`, and {network} is the name of a VPC network in the project." } }, "type": "object", "required": [ "peeredNetwork" ] }, "google-native:cloudbuild/v1alpha2:NetworkConfigResponse": { "description": "Network describes the network configuration for a `WorkerPool`.", "properties": { "peeredNetwork": { "type": "string", "description": "Immutable. The network definition that the workers are peered to. If this section is left empty, the workers will be peered to WorkerPool.project_id on the default network. Must be in the format `projects/{project}/global/networks/{network}`, where {project} is a project number, such as `12345`, and {network} is the name of a VPC network in the project." } }, "type": "object", "required": [ "peeredNetwork" ] }, "google-native:cloudbuild/v1alpha2:WorkerConfig": { "description": "WorkerConfig defines the configuration to be used for a creating workers in the pool.", "properties": { "diskSizeGb": { "type": "string", "description": "Size of the disk attached to the worker, in GB. See https://cloud.google.com/compute/docs/disks/ If `0` is specified, Cloud Build will use a standard disk size." }, "machineType": { "type": "string", "description": "Machine Type of the worker, such as n1-standard-1. See https://cloud.google.com/compute/docs/machine-types. If left blank, Cloud Build will use a standard unspecified machine to create the worker pool." } }, "type": "object" }, "google-native:cloudbuild/v1alpha2:WorkerConfigResponse": { "description": "WorkerConfig defines the configuration to be used for a creating workers in the pool.", "properties": { "diskSizeGb": { "type": "string", "description": "Size of the disk attached to the worker, in GB. See https://cloud.google.com/compute/docs/disks/ If `0` is specified, Cloud Build will use a standard disk size." }, "machineType": { "type": "string", "description": "Machine Type of the worker, such as n1-standard-1. See https://cloud.google.com/compute/docs/machine-types. If left blank, Cloud Build will use a standard unspecified machine to create the worker pool." } }, "type": "object", "required": [ "diskSizeGb", "machineType" ] }, "google-native:cloudbuild/v1beta1:NetworkConfig": { "description": "Network describes the network configuration for a `WorkerPool`.", "properties": { "peeredNetwork": { "type": "string", "description": "Immutable. The network definition that the workers are peered to. If this section is left empty, the workers will be peered to `WorkerPool.project_id` on the service producer network. Must be in the format `projects/{project}/global/networks/{network}`, where `{project}` is a project number, such as `12345`, and `{network}` is the name of a VPC network in the project. See [Understanding network configuration options](https://cloud.google.com/cloud-build/docs/custom-workers/set-up-custom-worker-pool-environment#understanding_the_network_configuration_options)" } }, "type": "object", "required": [ "peeredNetwork" ] }, "google-native:cloudbuild/v1beta1:NetworkConfigResponse": { "description": "Network describes the network configuration for a `WorkerPool`.", "properties": { "peeredNetwork": { "type": "string", "description": "Immutable. The network definition that the workers are peered to. If this section is left empty, the workers will be peered to `WorkerPool.project_id` on the service producer network. Must be in the format `projects/{project}/global/networks/{network}`, where `{project}` is a project number, such as `12345`, and `{network}` is the name of a VPC network in the project. See [Understanding network configuration options](https://cloud.google.com/cloud-build/docs/custom-workers/set-up-custom-worker-pool-environment#understanding_the_network_configuration_options)" } }, "type": "object", "required": [ "peeredNetwork" ] }, "google-native:cloudbuild/v1beta1:WorkerConfig": { "description": "Defines the configuration to be used for creating workers in the pool.", "properties": { "diskSizeGb": { "type": "string", "description": "Size of the disk attached to the worker, in GB. See [Worker pool config file](https://cloud.google.com/cloud-build/docs/custom-workers/worker-pool-config-file). Specify a value of up to 1000. If `0` is specified, Cloud Build will use a standard disk size." }, "machineType": { "type": "string", "description": "Machine type of a worker, such as `n1-standard-1`. See [Worker pool config file](https://cloud.google.com/cloud-build/docs/custom-workers/worker-pool-config-file). If left blank, Cloud Build will use `n1-standard-1`." }, "noExternalIp": { "type": "boolean", "description": "If true, workers are created without any public address, which prevents network egress to public IPs." } }, "type": "object" }, "google-native:cloudbuild/v1beta1:WorkerConfigResponse": { "description": "Defines the configuration to be used for creating workers in the pool.", "properties": { "diskSizeGb": { "type": "string", "description": "Size of the disk attached to the worker, in GB. See [Worker pool config file](https://cloud.google.com/cloud-build/docs/custom-workers/worker-pool-config-file). Specify a value of up to 1000. If `0` is specified, Cloud Build will use a standard disk size." }, "machineType": { "type": "string", "description": "Machine type of a worker, such as `n1-standard-1`. See [Worker pool config file](https://cloud.google.com/cloud-build/docs/custom-workers/worker-pool-config-file). If left blank, Cloud Build will use `n1-standard-1`." }, "noExternalIp": { "type": "boolean", "description": "If true, workers are created without any public address, which prevents network egress to public IPs." } }, "type": "object", "required": [ "diskSizeGb", "machineType", "noExternalIp" ] }, "google-native:cloudbuild/v2:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:cloudbuild%2Fv2:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:cloudbuild/v2:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:cloudbuild%2Fv2:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:cloudbuild/v2:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:cloudbuild%2Fv2:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:cloudbuild/v2:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:cloudbuild/v2:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:cloudbuild/v2:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudbuild%2Fv2:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:cloudbuild/v2:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudbuild%2Fv2:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:cloudbuild/v2:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:cloudbuild/v2:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:cloudbuild/v2:GitHubConfig": { "description": "Configuration for connections to github.com.", "properties": { "appInstallationId": { "type": "string", "description": "GitHub App installation id." }, "authorizerCredential": { "$ref": "#/types/google-native:cloudbuild%2Fv2:OAuthCredential", "description": "OAuth credential of the account that authorized the Cloud Build GitHub App. It is recommended to use a robot account instead of a human user account. The OAuth token must be tied to the Cloud Build GitHub App." } }, "type": "object" }, "google-native:cloudbuild/v2:GitHubConfigResponse": { "description": "Configuration for connections to github.com.", "properties": { "appInstallationId": { "type": "string", "description": "GitHub App installation id." }, "authorizerCredential": { "$ref": "#/types/google-native:cloudbuild%2Fv2:OAuthCredentialResponse", "description": "OAuth credential of the account that authorized the Cloud Build GitHub App. It is recommended to use a robot account instead of a human user account. The OAuth token must be tied to the Cloud Build GitHub App." } }, "type": "object", "required": [ "appInstallationId", "authorizerCredential" ] }, "google-native:cloudbuild/v2:GoogleDevtoolsCloudbuildV2GitHubEnterpriseConfig": { "description": "Configuration for connections to an instance of GitHub Enterprise.", "properties": { "apiKey": { "type": "string", "description": "API Key used for authentication of webhook events." }, "appId": { "type": "string", "description": "Id of the GitHub App created from the manifest." }, "appInstallationId": { "type": "string", "description": "ID of the installation of the GitHub App." }, "appSlug": { "type": "string", "description": "The URL-friendly name of the GitHub App." }, "hostUri": { "type": "string", "description": "The URI of the GitHub Enterprise host this connection is for." }, "privateKeySecretVersion": { "type": "string", "description": "SecretManager resource containing the private key of the GitHub App, formatted as `projects/*/secrets/*/versions/*`." }, "serviceDirectoryConfig": { "$ref": "#/types/google-native:cloudbuild%2Fv2:GoogleDevtoolsCloudbuildV2ServiceDirectoryConfig", "description": "Configuration for using Service Directory to privately connect to a GitHub Enterprise server. This should only be set if the GitHub Enterprise server is hosted on-premises and not reachable by public internet. If this field is left empty, calls to the GitHub Enterprise server will be made over the public internet." }, "sslCa": { "type": "string", "description": "SSL certificate to use for requests to GitHub Enterprise." }, "webhookSecretSecretVersion": { "type": "string", "description": "SecretManager resource containing the webhook secret of the GitHub App, formatted as `projects/*/secrets/*/versions/*`." } }, "type": "object", "required": [ "apiKey", "hostUri" ] }, "google-native:cloudbuild/v2:GoogleDevtoolsCloudbuildV2GitHubEnterpriseConfigResponse": { "description": "Configuration for connections to an instance of GitHub Enterprise.", "properties": { "apiKey": { "type": "string", "description": "API Key used for authentication of webhook events." }, "appId": { "type": "string", "description": "Id of the GitHub App created from the manifest." }, "appInstallationId": { "type": "string", "description": "ID of the installation of the GitHub App." }, "appSlug": { "type": "string", "description": "The URL-friendly name of the GitHub App." }, "hostUri": { "type": "string", "description": "The URI of the GitHub Enterprise host this connection is for." }, "privateKeySecretVersion": { "type": "string", "description": "SecretManager resource containing the private key of the GitHub App, formatted as `projects/*/secrets/*/versions/*`." }, "serverVersion": { "type": "string", "description": "GitHub Enterprise version installed at the host_uri." }, "serviceDirectoryConfig": { "$ref": "#/types/google-native:cloudbuild%2Fv2:GoogleDevtoolsCloudbuildV2ServiceDirectoryConfigResponse", "description": "Configuration for using Service Directory to privately connect to a GitHub Enterprise server. This should only be set if the GitHub Enterprise server is hosted on-premises and not reachable by public internet. If this field is left empty, calls to the GitHub Enterprise server will be made over the public internet." }, "sslCa": { "type": "string", "description": "SSL certificate to use for requests to GitHub Enterprise." }, "webhookSecretSecretVersion": { "type": "string", "description": "SecretManager resource containing the webhook secret of the GitHub App, formatted as `projects/*/secrets/*/versions/*`." } }, "type": "object", "required": [ "apiKey", "appId", "appInstallationId", "appSlug", "hostUri", "privateKeySecretVersion", "serverVersion", "serviceDirectoryConfig", "sslCa", "webhookSecretSecretVersion" ] }, "google-native:cloudbuild/v2:GoogleDevtoolsCloudbuildV2GitLabConfig": { "description": "Configuration for connections to gitlab.com or an instance of GitLab Enterprise.", "properties": { "authorizerCredential": { "$ref": "#/types/google-native:cloudbuild%2Fv2:UserCredential", "description": "A GitLab personal access token with the `api` scope access." }, "hostUri": { "type": "string", "description": "The URI of the GitLab Enterprise host this connection is for. If not specified, the default value is https://gitlab.com." }, "readAuthorizerCredential": { "$ref": "#/types/google-native:cloudbuild%2Fv2:UserCredential", "description": "A GitLab personal access token with the minimum `read_api` scope access." }, "serviceDirectoryConfig": { "$ref": "#/types/google-native:cloudbuild%2Fv2:GoogleDevtoolsCloudbuildV2ServiceDirectoryConfig", "description": "Configuration for using Service Directory to privately connect to a GitLab Enterprise server. This should only be set if the GitLab Enterprise server is hosted on-premises and not reachable by public internet. If this field is left empty, calls to the GitLab Enterprise server will be made over the public internet." }, "sslCa": { "type": "string", "description": "SSL certificate to use for requests to GitLab Enterprise." }, "webhookSecretSecretVersion": { "type": "string", "description": "Immutable. SecretManager resource containing the webhook secret of a GitLab Enterprise project, formatted as `projects/*/secrets/*/versions/*`." } }, "type": "object", "required": [ "authorizerCredential", "readAuthorizerCredential", "webhookSecretSecretVersion" ] }, "google-native:cloudbuild/v2:GoogleDevtoolsCloudbuildV2GitLabConfigResponse": { "description": "Configuration for connections to gitlab.com or an instance of GitLab Enterprise.", "properties": { "authorizerCredential": { "$ref": "#/types/google-native:cloudbuild%2Fv2:UserCredentialResponse", "description": "A GitLab personal access token with the `api` scope access." }, "hostUri": { "type": "string", "description": "The URI of the GitLab Enterprise host this connection is for. If not specified, the default value is https://gitlab.com." }, "readAuthorizerCredential": { "$ref": "#/types/google-native:cloudbuild%2Fv2:UserCredentialResponse", "description": "A GitLab personal access token with the minimum `read_api` scope access." }, "serverVersion": { "type": "string", "description": "Version of the GitLab Enterprise server running on the `host_uri`." }, "serviceDirectoryConfig": { "$ref": "#/types/google-native:cloudbuild%2Fv2:GoogleDevtoolsCloudbuildV2ServiceDirectoryConfigResponse", "description": "Configuration for using Service Directory to privately connect to a GitLab Enterprise server. This should only be set if the GitLab Enterprise server is hosted on-premises and not reachable by public internet. If this field is left empty, calls to the GitLab Enterprise server will be made over the public internet." }, "sslCa": { "type": "string", "description": "SSL certificate to use for requests to GitLab Enterprise." }, "webhookSecretSecretVersion": { "type": "string", "description": "Immutable. SecretManager resource containing the webhook secret of a GitLab Enterprise project, formatted as `projects/*/secrets/*/versions/*`." } }, "type": "object", "required": [ "authorizerCredential", "hostUri", "readAuthorizerCredential", "serverVersion", "serviceDirectoryConfig", "sslCa", "webhookSecretSecretVersion" ] }, "google-native:cloudbuild/v2:GoogleDevtoolsCloudbuildV2ServiceDirectoryConfig": { "description": "ServiceDirectoryConfig represents Service Directory configuration for a connection.", "properties": { "service": { "type": "string", "description": "The Service Directory service name. Format: projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}." } }, "type": "object", "required": [ "service" ] }, "google-native:cloudbuild/v2:GoogleDevtoolsCloudbuildV2ServiceDirectoryConfigResponse": { "description": "ServiceDirectoryConfig represents Service Directory configuration for a connection.", "properties": { "service": { "type": "string", "description": "The Service Directory service name. Format: projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}." } }, "type": "object", "required": [ "service" ] }, "google-native:cloudbuild/v2:InstallationStateResponse": { "description": "Describes stage and necessary actions to be taken by the user to complete the installation. Used for GitHub and GitHub Enterprise based connections.", "properties": { "actionUri": { "type": "string", "description": "Link to follow for next action. Empty string if the installation is already complete." }, "message": { "type": "string", "description": "Message of what the user should do next to continue the installation. Empty string if the installation is already complete." }, "stage": { "type": "string", "description": "Current step of the installation process." } }, "type": "object", "required": [ "actionUri", "message", "stage" ] }, "google-native:cloudbuild/v2:OAuthCredential": { "description": "Represents an OAuth token of the account that authorized the Connection, and associated metadata.", "properties": { "oauthTokenSecretVersion": { "type": "string", "description": "A SecretManager resource containing the OAuth token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`." } }, "type": "object" }, "google-native:cloudbuild/v2:OAuthCredentialResponse": { "description": "Represents an OAuth token of the account that authorized the Connection, and associated metadata.", "properties": { "oauthTokenSecretVersion": { "type": "string", "description": "A SecretManager resource containing the OAuth token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`." }, "username": { "type": "string", "description": "The username associated to this token." } }, "type": "object", "required": [ "oauthTokenSecretVersion", "username" ] }, "google-native:cloudbuild/v2:UserCredential": { "description": "Represents a personal access token that authorized the Connection, and associated metadata.", "properties": { "userTokenSecretVersion": { "type": "string", "description": "A SecretManager resource containing the user token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`." } }, "type": "object", "required": [ "userTokenSecretVersion" ] }, "google-native:cloudbuild/v2:UserCredentialResponse": { "description": "Represents a personal access token that authorized the Connection, and associated metadata.", "properties": { "userTokenSecretVersion": { "type": "string", "description": "A SecretManager resource containing the user token that authorizes the Cloud Build connection. Format: `projects/*/secrets/*/versions/*`." }, "username": { "type": "string", "description": "The username associated to this token." } }, "type": "object", "required": [ "userTokenSecretVersion", "username" ] }, "google-native:cloudchannel/v1:ChannelPartnerLinkLinkState": { "description": "Required. State of the channel partner link.", "type": "string", "enum": [ { "name": "ChannelPartnerLinkStateUnspecified", "description": "Not used.", "value": "CHANNEL_PARTNER_LINK_STATE_UNSPECIFIED" }, { "name": "Invited", "description": "An invitation has been sent to the reseller to create a channel partner link.", "value": "INVITED" }, { "name": "Active", "description": "Status when the reseller is active.", "value": "ACTIVE" }, { "name": "Revoked", "description": "Status when the reseller has been revoked by the distributor.", "value": "REVOKED" }, { "name": "Suspended", "description": "Status when the reseller is suspended by Google or distributor.", "value": "SUSPENDED" } ] }, "google-native:cloudchannel/v1:GoogleCloudChannelV1AssociationInfo": { "description": "Association links that an entitlement has to other entitlements.", "properties": { "baseEntitlement": { "type": "string", "description": "The name of the base entitlement, for which this entitlement is an add-on." } }, "type": "object" }, "google-native:cloudchannel/v1:GoogleCloudChannelV1AssociationInfoResponse": { "description": "Association links that an entitlement has to other entitlements.", "properties": { "baseEntitlement": { "type": "string", "description": "The name of the base entitlement, for which this entitlement is an add-on." } }, "type": "object", "required": [ "baseEntitlement" ] }, "google-native:cloudchannel/v1:GoogleCloudChannelV1CloudIdentityInfoResponse": { "description": "Cloud Identity information for the Cloud Channel Customer.", "properties": { "adminConsoleUri": { "type": "string", "description": "URI of Customer's Admin console dashboard." }, "alternateEmail": { "type": "string", "description": "The alternate email." }, "customerType": { "type": "string", "description": "CustomerType indicates verification type needed for using services." }, "eduData": { "$ref": "#/types/google-native:cloudchannel%2Fv1:GoogleCloudChannelV1EduDataResponse", "description": "Edu information about the customer." }, "isDomainVerified": { "type": "boolean", "description": "Whether the domain is verified. This field is not returned for a Customer's cloud_identity_info resource. Partners can use the domains.get() method of the Workspace SDK's Directory API, or listen to the PRIMARY_DOMAIN_VERIFIED Pub/Sub event in to track domain verification of their resolve Workspace customers." }, "languageCode": { "type": "string", "description": "Language code." }, "phoneNumber": { "type": "string", "description": "Phone number associated with the Cloud Identity." }, "primaryDomain": { "type": "string", "description": "The primary domain name." } }, "type": "object", "required": [ "adminConsoleUri", "alternateEmail", "customerType", "eduData", "isDomainVerified", "languageCode", "phoneNumber", "primaryDomain" ] }, "google-native:cloudchannel/v1:GoogleCloudChannelV1CommitmentSettings": { "description": "Commitment settings for commitment-based offers.", "properties": { "renewalSettings": { "$ref": "#/types/google-native:cloudchannel%2Fv1:GoogleCloudChannelV1RenewalSettings", "description": "Optional. Renewal settings applicable for a commitment-based Offer." } }, "type": "object" }, "google-native:cloudchannel/v1:GoogleCloudChannelV1CommitmentSettingsResponse": { "description": "Commitment settings for commitment-based offers.", "properties": { "endTime": { "type": "string", "description": "Commitment end timestamp." }, "renewalSettings": { "$ref": "#/types/google-native:cloudchannel%2Fv1:GoogleCloudChannelV1RenewalSettingsResponse", "description": "Optional. Renewal settings applicable for a commitment-based Offer." }, "startTime": { "type": "string", "description": "Commitment start timestamp." } }, "type": "object", "required": [ "endTime", "renewalSettings", "startTime" ] }, "google-native:cloudchannel/v1:GoogleCloudChannelV1ConditionalOverride": { "description": "Specifies the override to conditionally apply.", "properties": { "adjustment": { "$ref": "#/types/google-native:cloudchannel%2Fv1:GoogleCloudChannelV1RepricingAdjustment", "description": "Information about the applied override's adjustment." }, "rebillingBasis": { "$ref": "#/types/google-native:cloudchannel%2Fv1:GoogleCloudChannelV1ConditionalOverrideRebillingBasis", "description": "The RebillingBasis to use for the applied override. Shows the relative cost based on your repricing costs." }, "repricingCondition": { "$ref": "#/types/google-native:cloudchannel%2Fv1:GoogleCloudChannelV1RepricingCondition", "description": "Specifies the condition which, if met, will apply the override." } }, "type": "object", "required": [ "adjustment", "rebillingBasis", "repricingCondition" ] }, "google-native:cloudchannel/v1:GoogleCloudChannelV1ConditionalOverrideRebillingBasis": { "description": "Required. The RebillingBasis to use for the applied override. Shows the relative cost based on your repricing costs.", "type": "string", "enum": [ { "name": "RebillingBasisUnspecified", "description": "Not used.", "value": "REBILLING_BASIS_UNSPECIFIED" }, { "name": "CostAtList", "description": "Use the list cost, also known as the MSRP.", "value": "COST_AT_LIST" }, { "name": "DirectCustomerCost", "description": "Pass through all discounts except the Reseller Program Discount. If this is the default cost base and no adjustments are specified, the output cost will be exactly what the customer would see if they viewed the bill in the Google Cloud Console.", "value": "DIRECT_CUSTOMER_COST" } ] }, "google-native:cloudchannel/v1:GoogleCloudChannelV1ConditionalOverrideResponse": { "description": "Specifies the override to conditionally apply.", "properties": { "adjustment": { "$ref": "#/types/google-native:cloudchannel%2Fv1:GoogleCloudChannelV1RepricingAdjustmentResponse", "description": "Information about the applied override's adjustment." }, "rebillingBasis": { "type": "string", "description": "The RebillingBasis to use for the applied override. Shows the relative cost based on your repricing costs." }, "repricingCondition": { "$ref": "#/types/google-native:cloudchannel%2Fv1:GoogleCloudChannelV1RepricingConditionResponse", "description": "Specifies the condition which, if met, will apply the override." } }, "type": "object", "required": [ "adjustment", "rebillingBasis", "repricingCondition" ] }, "google-native:cloudchannel/v1:GoogleCloudChannelV1ContactInfo": { "description": "Contact information for a customer account.", "properties": { "email": { "type": "string", "description": "The customer account's contact email. Required for entitlements that create admin.google.com accounts, and serves as the customer's username for those accounts. Use this email to invite Team customers." }, "firstName": { "type": "string", "description": "The customer account contact's first name. Optional for Team customers." }, "lastName": { "type": "string", "description": "The customer account contact's last name. Optional for Team customers." }, "phone": { "type": "string", "description": "The customer account's contact phone number." }, "title": { "type": "string", "description": "Optional. The customer account contact's job title." } }, "type": "object" }, "google-native:cloudchannel/v1:GoogleCloudChannelV1ContactInfoResponse": { "description": "Contact information for a customer account.", "properties": { "displayName": { "type": "string", "description": "The customer account contact's display name, formatted as a combination of the customer's first and last name." }, "email": { "type": "string", "description": "The customer account's contact email. Required for entitlements that create admin.google.com accounts, and serves as the customer's username for those accounts. Use this email to invite Team customers." }, "firstName": { "type": "string", "description": "The customer account contact's first name. Optional for Team customers." }, "lastName": { "type": "string", "description": "The customer account contact's last name. Optional for Team customers." }, "phone": { "type": "string", "description": "The customer account's contact phone number." }, "title": { "type": "string", "description": "Optional. The customer account contact's job title." } }, "type": "object", "required": [ "displayName", "email", "firstName", "lastName", "phone", "title" ] }, "google-native:cloudchannel/v1:GoogleCloudChannelV1EduDataResponse": { "description": "Required Edu Attributes", "properties": { "instituteSize": { "type": "string", "description": "Size of the institute." }, "instituteType": { "type": "string", "description": "Designated institute type of customer." }, "website": { "type": "string", "description": "Web address for the edu customer's institution." } }, "type": "object", "required": [ "instituteSize", "instituteType", "website" ] }, "google-native:cloudchannel/v1:GoogleCloudChannelV1Parameter": { "description": "Definition for extended entitlement parameters.", "properties": { "name": { "type": "string", "description": "Name of the parameter." }, "value": { "$ref": "#/types/google-native:cloudchannel%2Fv1:GoogleCloudChannelV1Value", "description": "Value of the parameter." } }, "type": "object" }, "google-native:cloudchannel/v1:GoogleCloudChannelV1ParameterResponse": { "description": "Definition for extended entitlement parameters.", "properties": { "editable": { "type": "boolean", "description": "Specifies whether this parameter is allowed to be changed. For example, for a Google Workspace Business Starter entitlement in commitment plan, num_units is editable when entitlement is active." }, "name": { "type": "string", "description": "Name of the parameter." }, "value": { "$ref": "#/types/google-native:cloudchannel%2Fv1:GoogleCloudChannelV1ValueResponse", "description": "Value of the parameter." } }, "type": "object", "required": [ "editable", "name", "value" ] }, "google-native:cloudchannel/v1:GoogleCloudChannelV1PercentageAdjustment": { "description": "An adjustment that applies a flat markup or markdown to an entire bill.", "properties": { "percentage": { "$ref": "#/types/google-native:cloudchannel%2Fv1:GoogleTypeDecimal", "description": "The percentage of the bill to adjust. For example: Mark down by 1% => \"-1.00\" Mark up by 1% => \"1.00\" Pass-Through => \"0.00\"" } }, "type": "object" }, "google-native:cloudchannel/v1:GoogleCloudChannelV1PercentageAdjustmentResponse": { "description": "An adjustment that applies a flat markup or markdown to an entire bill.", "properties": { "percentage": { "$ref": "#/types/google-native:cloudchannel%2Fv1:GoogleTypeDecimalResponse", "description": "The percentage of the bill to adjust. For example: Mark down by 1% => \"-1.00\" Mark up by 1% => \"1.00\" Pass-Through => \"0.00\"" } }, "type": "object", "required": [ "percentage" ] }, "google-native:cloudchannel/v1:GoogleCloudChannelV1Period": { "description": "Represents period in days/months/years.", "properties": { "duration": { "type": "integer", "description": "Total duration of Period Type defined." }, "periodType": { "$ref": "#/types/google-native:cloudchannel%2Fv1:GoogleCloudChannelV1PeriodPeriodType", "description": "Period Type." } }, "type": "object" }, "google-native:cloudchannel/v1:GoogleCloudChannelV1PeriodPeriodType": { "description": "Period Type.", "type": "string", "enum": [ { "name": "PeriodTypeUnspecified", "description": "Not used.", "value": "PERIOD_TYPE_UNSPECIFIED" }, { "name": "Day", "description": "Day.", "value": "DAY" }, { "name": "Month", "description": "Month.", "value": "MONTH" }, { "name": "Year", "description": "Year.", "value": "YEAR" } ] }, "google-native:cloudchannel/v1:GoogleCloudChannelV1PeriodResponse": { "description": "Represents period in days/months/years.", "properties": { "duration": { "type": "integer", "description": "Total duration of Period Type defined." }, "periodType": { "type": "string", "description": "Period Type." } }, "type": "object", "required": [ "duration", "periodType" ] }, "google-native:cloudchannel/v1:GoogleCloudChannelV1ProvisionedServiceResponse": { "description": "Service provisioned for an entitlement.", "properties": { "productId": { "type": "string", "description": "The product pertaining to the provisioning resource as specified in the Offer." }, "provisioningId": { "type": "string", "description": "Provisioning ID of the entitlement. For Google Workspace, this is the underlying Subscription ID. For Google Cloud, this is the Billing Account ID of the billing subaccount." }, "skuId": { "type": "string", "description": "The SKU pertaining to the provisioning resource as specified in the Offer." } }, "type": "object", "required": [ "productId", "provisioningId", "skuId" ] }, "google-native:cloudchannel/v1:GoogleCloudChannelV1RenewalSettings": { "description": "Renewal settings for renewable Offers.", "properties": { "enableRenewal": { "type": "boolean", "description": "If false, the plan will be completed at the end date." }, "paymentCycle": { "$ref": "#/types/google-native:cloudchannel%2Fv1:GoogleCloudChannelV1Period", "description": "Describes how frequently the reseller will be billed, such as once per month." }, "paymentPlan": { "$ref": "#/types/google-native:cloudchannel%2Fv1:GoogleCloudChannelV1RenewalSettingsPaymentPlan", "description": "Describes how a reseller will be billed." }, "resizeUnitCount": { "type": "boolean", "description": "If true and enable_renewal = true, the unit (for example seats or licenses) will be set to the number of active units at renewal time." } }, "type": "object" }, "google-native:cloudchannel/v1:GoogleCloudChannelV1RenewalSettingsPaymentPlan": { "description": "Describes how a reseller will be billed.", "type": "string", "enum": [ { "name": "PaymentPlanUnspecified", "description": "Not used.", "value": "PAYMENT_PLAN_UNSPECIFIED" }, { "name": "Commitment", "description": "Commitment.", "value": "COMMITMENT" }, { "name": "Flexible", "description": "No commitment.", "value": "FLEXIBLE" }, { "name": "Free", "description": "Free.", "value": "FREE" }, { "name": "Trial", "description": "Trial.", "value": "TRIAL" }, { "name": "Offline", "description": "Price and ordering not available through API.", "value": "OFFLINE" } ] }, "google-native:cloudchannel/v1:GoogleCloudChannelV1RenewalSettingsResponse": { "description": "Renewal settings for renewable Offers.", "properties": { "enableRenewal": { "type": "boolean", "description": "If false, the plan will be completed at the end date." }, "paymentCycle": { "$ref": "#/types/google-native:cloudchannel%2Fv1:GoogleCloudChannelV1PeriodResponse", "description": "Describes how frequently the reseller will be billed, such as once per month." }, "paymentPlan": { "type": "string", "description": "Describes how a reseller will be billed." }, "resizeUnitCount": { "type": "boolean", "description": "If true and enable_renewal = true, the unit (for example seats or licenses) will be set to the number of active units at renewal time." } }, "type": "object", "required": [ "enableRenewal", "paymentCycle", "paymentPlan", "resizeUnitCount" ] }, "google-native:cloudchannel/v1:GoogleCloudChannelV1RepricingAdjustment": { "description": "A type that represents the various adjustments you can apply to a bill.", "properties": { "percentageAdjustment": { "$ref": "#/types/google-native:cloudchannel%2Fv1:GoogleCloudChannelV1PercentageAdjustment", "description": "Flat markup or markdown on an entire bill." } }, "type": "object" }, "google-native:cloudchannel/v1:GoogleCloudChannelV1RepricingAdjustmentResponse": { "description": "A type that represents the various adjustments you can apply to a bill.", "properties": { "percentageAdjustment": { "$ref": "#/types/google-native:cloudchannel%2Fv1:GoogleCloudChannelV1PercentageAdjustmentResponse", "description": "Flat markup or markdown on an entire bill." } }, "type": "object", "required": [ "percentageAdjustment" ] }, "google-native:cloudchannel/v1:GoogleCloudChannelV1RepricingCondition": { "description": "Represents the various repricing conditions you can use for a conditional override.", "properties": { "skuGroupCondition": { "$ref": "#/types/google-native:cloudchannel%2Fv1:GoogleCloudChannelV1SkuGroupCondition", "description": "SKU Group condition for override." } }, "type": "object" }, "google-native:cloudchannel/v1:GoogleCloudChannelV1RepricingConditionResponse": { "description": "Represents the various repricing conditions you can use for a conditional override.", "properties": { "skuGroupCondition": { "$ref": "#/types/google-native:cloudchannel%2Fv1:GoogleCloudChannelV1SkuGroupConditionResponse", "description": "SKU Group condition for override." } }, "type": "object", "required": [ "skuGroupCondition" ] }, "google-native:cloudchannel/v1:GoogleCloudChannelV1RepricingConfig": { "description": "Configuration for repricing a Google bill over a period of time.", "properties": { "adjustment": { "$ref": "#/types/google-native:cloudchannel%2Fv1:GoogleCloudChannelV1RepricingAdjustment", "description": "Information about the adjustment." }, "channelPartnerGranularity": { "$ref": "#/types/google-native:cloudchannel%2Fv1:GoogleCloudChannelV1RepricingConfigChannelPartnerGranularity", "description": "Applies the repricing configuration at the channel partner level. Only ChannelPartnerRepricingConfig supports this value. Deprecated: This is no longer supported. Use RepricingConfig.entitlement_granularity instead.", "deprecationMessage": "Applies the repricing configuration at the channel partner level. Only ChannelPartnerRepricingConfig supports this value. Deprecated: This is no longer supported. Use RepricingConfig.entitlement_granularity instead." }, "conditionalOverrides": { "type": "array", "items": { "$ref": "#/types/google-native:cloudchannel%2Fv1:GoogleCloudChannelV1ConditionalOverride" }, "description": "The conditional overrides to apply for this configuration. If you list multiple overrides, only the first valid override is used. If you don't list any overrides, the API uses the normal adjustment and rebilling basis." }, "effectiveInvoiceMonth": { "$ref": "#/types/google-native:cloudchannel%2Fv1:GoogleTypeDate", "description": "The YearMonth when these adjustments activate. The Day field needs to be \"0\" since we only accept YearMonth repricing boundaries." }, "entitlementGranularity": { "$ref": "#/types/google-native:cloudchannel%2Fv1:GoogleCloudChannelV1RepricingConfigEntitlementGranularity", "description": "Applies the repricing configuration at the entitlement level. Note: If a ChannelPartnerRepricingConfig using RepricingConfig.EntitlementGranularity becomes effective, then no existing or future RepricingConfig.ChannelPartnerGranularity will apply to the RepricingConfig.EntitlementGranularity.entitlement. This is the recommended value for both CustomerRepricingConfig and ChannelPartnerRepricingConfig." }, "rebillingBasis": { "$ref": "#/types/google-native:cloudchannel%2Fv1:GoogleCloudChannelV1RepricingConfigRebillingBasis", "description": "The RebillingBasis to use for this bill. Specifies the relative cost based on repricing costs you will apply." } }, "type": "object", "required": [ "adjustment", "effectiveInvoiceMonth", "rebillingBasis" ] }, "google-native:cloudchannel/v1:GoogleCloudChannelV1RepricingConfigChannelPartnerGranularity": { "description": "Applies the repricing configuration at the channel partner level. The channel partner value is derived from the resource name. Takes an empty json object. Deprecated: This is no longer supported. Use RepricingConfig.EntitlementGranularity instead.", "type": "object" }, "google-native:cloudchannel/v1:GoogleCloudChannelV1RepricingConfigChannelPartnerGranularityResponse": { "description": "Applies the repricing configuration at the channel partner level. The channel partner value is derived from the resource name. Takes an empty json object. Deprecated: This is no longer supported. Use RepricingConfig.EntitlementGranularity instead.", "type": "object" }, "google-native:cloudchannel/v1:GoogleCloudChannelV1RepricingConfigEntitlementGranularity": { "description": "Applies the repricing configuration at the entitlement level.", "properties": { "entitlement": { "type": "string", "description": "Resource name of the entitlement. Format: accounts/{account_id}/customers/{customer_id}/entitlements/{entitlement_id}" } }, "type": "object" }, "google-native:cloudchannel/v1:GoogleCloudChannelV1RepricingConfigEntitlementGranularityResponse": { "description": "Applies the repricing configuration at the entitlement level.", "properties": { "entitlement": { "type": "string", "description": "Resource name of the entitlement. Format: accounts/{account_id}/customers/{customer_id}/entitlements/{entitlement_id}" } }, "type": "object", "required": [ "entitlement" ] }, "google-native:cloudchannel/v1:GoogleCloudChannelV1RepricingConfigRebillingBasis": { "description": "Required. The RebillingBasis to use for this bill. Specifies the relative cost based on repricing costs you will apply.", "type": "string", "enum": [ { "name": "RebillingBasisUnspecified", "description": "Not used.", "value": "REBILLING_BASIS_UNSPECIFIED" }, { "name": "CostAtList", "description": "Use the list cost, also known as the MSRP.", "value": "COST_AT_LIST" }, { "name": "DirectCustomerCost", "description": "Pass through all discounts except the Reseller Program Discount. If this is the default cost base and no adjustments are specified, the output cost will be exactly what the customer would see if they viewed the bill in the Google Cloud Console.", "value": "DIRECT_CUSTOMER_COST" } ] }, "google-native:cloudchannel/v1:GoogleCloudChannelV1RepricingConfigResponse": { "description": "Configuration for repricing a Google bill over a period of time.", "properties": { "adjustment": { "$ref": "#/types/google-native:cloudchannel%2Fv1:GoogleCloudChannelV1RepricingAdjustmentResponse", "description": "Information about the adjustment." }, "channelPartnerGranularity": { "$ref": "#/types/google-native:cloudchannel%2Fv1:GoogleCloudChannelV1RepricingConfigChannelPartnerGranularityResponse", "description": "Applies the repricing configuration at the channel partner level. Only ChannelPartnerRepricingConfig supports this value. Deprecated: This is no longer supported. Use RepricingConfig.entitlement_granularity instead.", "deprecationMessage": "Applies the repricing configuration at the channel partner level. Only ChannelPartnerRepricingConfig supports this value. Deprecated: This is no longer supported. Use RepricingConfig.entitlement_granularity instead." }, "conditionalOverrides": { "type": "array", "items": { "$ref": "#/types/google-native:cloudchannel%2Fv1:GoogleCloudChannelV1ConditionalOverrideResponse" }, "description": "The conditional overrides to apply for this configuration. If you list multiple overrides, only the first valid override is used. If you don't list any overrides, the API uses the normal adjustment and rebilling basis." }, "effectiveInvoiceMonth": { "$ref": "#/types/google-native:cloudchannel%2Fv1:GoogleTypeDateResponse", "description": "The YearMonth when these adjustments activate. The Day field needs to be \"0\" since we only accept YearMonth repricing boundaries." }, "entitlementGranularity": { "$ref": "#/types/google-native:cloudchannel%2Fv1:GoogleCloudChannelV1RepricingConfigEntitlementGranularityResponse", "description": "Applies the repricing configuration at the entitlement level. Note: If a ChannelPartnerRepricingConfig using RepricingConfig.EntitlementGranularity becomes effective, then no existing or future RepricingConfig.ChannelPartnerGranularity will apply to the RepricingConfig.EntitlementGranularity.entitlement. This is the recommended value for both CustomerRepricingConfig and ChannelPartnerRepricingConfig." }, "rebillingBasis": { "type": "string", "description": "The RebillingBasis to use for this bill. Specifies the relative cost based on repricing costs you will apply." } }, "type": "object", "required": [ "adjustment", "channelPartnerGranularity", "conditionalOverrides", "effectiveInvoiceMonth", "entitlementGranularity", "rebillingBasis" ] }, "google-native:cloudchannel/v1:GoogleCloudChannelV1SkuGroupCondition": { "description": "A condition that applies the override if a line item SKU is found in the SKU group.", "properties": { "skuGroup": { "type": "string", "description": "Specifies a SKU group (https://cloud.google.com/skus/sku-groups). Resource name of SKU group. Format: accounts/{account}/skuGroups/{sku_group}. Example: \"accounts/C01234/skuGroups/3d50fd57-3157-4577-a5a9-a219b8490041\"." } }, "type": "object" }, "google-native:cloudchannel/v1:GoogleCloudChannelV1SkuGroupConditionResponse": { "description": "A condition that applies the override if a line item SKU is found in the SKU group.", "properties": { "skuGroup": { "type": "string", "description": "Specifies a SKU group (https://cloud.google.com/skus/sku-groups). Resource name of SKU group. Format: accounts/{account}/skuGroups/{sku_group}. Example: \"accounts/C01234/skuGroups/3d50fd57-3157-4577-a5a9-a219b8490041\"." } }, "type": "object", "required": [ "skuGroup" ] }, "google-native:cloudchannel/v1:GoogleCloudChannelV1TrialSettingsResponse": { "description": "Settings for trial offers.", "properties": { "endTime": { "type": "string", "description": "Date when the trial ends. The value is in milliseconds using the UNIX Epoch format. See an example [Epoch converter](https://www.epochconverter.com)." }, "trial": { "type": "boolean", "description": "Determines if the entitlement is in a trial or not: * `true` - The entitlement is in trial. * `false` - The entitlement is not in trial." } }, "type": "object", "required": [ "endTime", "trial" ] }, "google-native:cloudchannel/v1:GoogleCloudChannelV1Value": { "description": "Data type and value of a parameter.", "properties": { "boolValue": { "type": "boolean", "description": "Represents a boolean value." }, "doubleValue": { "type": "number", "description": "Represents a double value." }, "int64Value": { "type": "string", "description": "Represents an int64 value." }, "protoValue": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Represents an 'Any' proto value." }, "stringValue": { "type": "string", "description": "Represents a string value." } }, "type": "object" }, "google-native:cloudchannel/v1:GoogleCloudChannelV1ValueResponse": { "description": "Data type and value of a parameter.", "properties": { "boolValue": { "type": "boolean", "description": "Represents a boolean value." }, "doubleValue": { "type": "number", "description": "Represents a double value." }, "int64Value": { "type": "string", "description": "Represents an int64 value." }, "protoValue": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Represents an 'Any' proto value." }, "stringValue": { "type": "string", "description": "Represents a string value." } }, "type": "object", "required": [ "boolValue", "doubleValue", "int64Value", "protoValue", "stringValue" ] }, "google-native:cloudchannel/v1:GoogleTypeDate": { "description": "Represents a whole or partial calendar date, such as a birthday. The time of day and time zone are either specified elsewhere or are insignificant. The date is relative to the Gregorian Calendar. This can represent one of the following: * A full date, with non-zero year, month, and day values. * A month and day, with a zero year (for example, an anniversary). * A year on its own, with a zero month and a zero day. * A year and month, with a zero day (for example, a credit card expiration date). Related types: * google.type.TimeOfDay * google.type.DateTime * google.protobuf.Timestamp", "properties": { "day": { "type": "integer", "description": "Day of a month. Must be from 1 to 31 and valid for the year and month, or 0 to specify a year by itself or a year and month where the day isn't significant." }, "month": { "type": "integer", "description": "Month of a year. Must be from 1 to 12, or 0 to specify a year without a month and day." }, "year": { "type": "integer", "description": "Year of the date. Must be from 1 to 9999, or 0 to specify a date without a year." } }, "type": "object" }, "google-native:cloudchannel/v1:GoogleTypeDateResponse": { "description": "Represents a whole or partial calendar date, such as a birthday. The time of day and time zone are either specified elsewhere or are insignificant. The date is relative to the Gregorian Calendar. This can represent one of the following: * A full date, with non-zero year, month, and day values. * A month and day, with a zero year (for example, an anniversary). * A year on its own, with a zero month and a zero day. * A year and month, with a zero day (for example, a credit card expiration date). Related types: * google.type.TimeOfDay * google.type.DateTime * google.protobuf.Timestamp", "properties": { "day": { "type": "integer", "description": "Day of a month. Must be from 1 to 31 and valid for the year and month, or 0 to specify a year by itself or a year and month where the day isn't significant." }, "month": { "type": "integer", "description": "Month of a year. Must be from 1 to 12, or 0 to specify a year without a month and day." }, "year": { "type": "integer", "description": "Year of the date. Must be from 1 to 9999, or 0 to specify a date without a year." } }, "type": "object", "required": [ "day", "month", "year" ] }, "google-native:cloudchannel/v1:GoogleTypeDecimal": { "description": "A representation of a decimal value, such as 2.5. Clients may convert values into language-native decimal formats, such as Java's BigDecimal or Python's decimal.Decimal. [BigDecimal]: https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/math/BigDecimal.html [decimal.Decimal]: https://docs.python.org/3/library/decimal.html", "properties": { "value": { "type": "string", "description": "The decimal value, as a string. The string representation consists of an optional sign, `+` (`U+002B`) or `-` (`U+002D`), followed by a sequence of zero or more decimal digits (\"the integer\"), optionally followed by a fraction, optionally followed by an exponent. An empty string **should** be interpreted as `0`. The fraction consists of a decimal point followed by zero or more decimal digits. The string must contain at least one digit in either the integer or the fraction. The number formed by the sign, the integer and the fraction is referred to as the significand. The exponent consists of the character `e` (`U+0065`) or `E` (`U+0045`) followed by one or more decimal digits. Services **should** normalize decimal values before storing them by: - Removing an explicitly-provided `+` sign (`+2.5` -> `2.5`). - Replacing a zero-length integer value with `0` (`.5` -> `0.5`). - Coercing the exponent character to upper-case, with explicit sign (`2.5e8` -> `2.5E+8`). - Removing an explicitly-provided zero exponent (`2.5E0` -> `2.5`). Services **may** perform additional normalization based on its own needs and the internal decimal implementation selected, such as shifting the decimal point and exponent value together (example: `2.5E-1` <-> `0.25`). Additionally, services **may** preserve trailing zeroes in the fraction to indicate increased precision, but are not required to do so. Note that only the `.` character is supported to divide the integer and the fraction; `,` **should not** be supported regardless of locale. Additionally, thousand separators **should not** be supported. If a service does support them, values **must** be normalized. The ENBF grammar is: DecimalString = '' | [Sign] Significand [Exponent]; Sign = '+' | '-'; Significand = Digits '.' | [Digits] '.' Digits; Exponent = ('e' | 'E') [Sign] Digits; Digits = { '0' | '1' | '2' | '3' | '4' | '5' | '6' | '7' | '8' | '9' }; Services **should** clearly document the range of supported values, the maximum supported precision (total number of digits), and, if applicable, the scale (number of digits after the decimal point), as well as how it behaves when receiving out-of-bounds values. Services **may** choose to accept values passed as input even when the value has a higher precision or scale than the service supports, and **should** round the value to fit the supported scale. Alternatively, the service **may** error with `400 Bad Request` (`INVALID_ARGUMENT` in gRPC) if precision would be lost. Services **should** error with `400 Bad Request` (`INVALID_ARGUMENT` in gRPC) if the service receives a value outside of the supported range." } }, "type": "object" }, "google-native:cloudchannel/v1:GoogleTypeDecimalResponse": { "description": "A representation of a decimal value, such as 2.5. Clients may convert values into language-native decimal formats, such as Java's BigDecimal or Python's decimal.Decimal. [BigDecimal]: https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/math/BigDecimal.html [decimal.Decimal]: https://docs.python.org/3/library/decimal.html", "properties": { "value": { "type": "string", "description": "The decimal value, as a string. The string representation consists of an optional sign, `+` (`U+002B`) or `-` (`U+002D`), followed by a sequence of zero or more decimal digits (\"the integer\"), optionally followed by a fraction, optionally followed by an exponent. An empty string **should** be interpreted as `0`. The fraction consists of a decimal point followed by zero or more decimal digits. The string must contain at least one digit in either the integer or the fraction. The number formed by the sign, the integer and the fraction is referred to as the significand. The exponent consists of the character `e` (`U+0065`) or `E` (`U+0045`) followed by one or more decimal digits. Services **should** normalize decimal values before storing them by: - Removing an explicitly-provided `+` sign (`+2.5` -> `2.5`). - Replacing a zero-length integer value with `0` (`.5` -> `0.5`). - Coercing the exponent character to upper-case, with explicit sign (`2.5e8` -> `2.5E+8`). - Removing an explicitly-provided zero exponent (`2.5E0` -> `2.5`). Services **may** perform additional normalization based on its own needs and the internal decimal implementation selected, such as shifting the decimal point and exponent value together (example: `2.5E-1` <-> `0.25`). Additionally, services **may** preserve trailing zeroes in the fraction to indicate increased precision, but are not required to do so. Note that only the `.` character is supported to divide the integer and the fraction; `,` **should not** be supported regardless of locale. Additionally, thousand separators **should not** be supported. If a service does support them, values **must** be normalized. The ENBF grammar is: DecimalString = '' | [Sign] Significand [Exponent]; Sign = '+' | '-'; Significand = Digits '.' | [Digits] '.' Digits; Exponent = ('e' | 'E') [Sign] Digits; Digits = { '0' | '1' | '2' | '3' | '4' | '5' | '6' | '7' | '8' | '9' }; Services **should** clearly document the range of supported values, the maximum supported precision (total number of digits), and, if applicable, the scale (number of digits after the decimal point), as well as how it behaves when receiving out-of-bounds values. Services **may** choose to accept values passed as input even when the value has a higher precision or scale than the service supports, and **should** round the value to fit the supported scale. Alternatively, the service **may** error with `400 Bad Request` (`INVALID_ARGUMENT` in gRPC) if precision would be lost. Services **should** error with `400 Bad Request` (`INVALID_ARGUMENT` in gRPC) if the service receives a value outside of the supported range." } }, "type": "object", "required": [ "value" ] }, "google-native:cloudchannel/v1:GoogleTypePostalAddress": { "description": "Represents a postal address, e.g. for postal delivery or payments addresses. Given a postal address, a postal service can deliver items to a premise, P.O. Box or similar. It is not intended to model geographical locations (roads, towns, mountains). In typical usage an address would be created via user input or from importing existing data, depending on the type of process. Advice on address input / editing: - Use an internationalization-ready address widget such as https://github.com/google/libaddressinput) - Users should not be presented with UI elements for input or editing of fields outside countries where that field is used. For more guidance on how to use this schema, please see: https://support.google.com/business/answer/6397478", "properties": { "addressLines": { "type": "array", "items": { "type": "string" }, "description": "Unstructured address lines describing the lower levels of an address. Because values in address_lines do not have type information and may sometimes contain multiple values in a single field (e.g. \"Austin, TX\"), it is important that the line order is clear. The order of address lines should be \"envelope order\" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. \"ja\" for large-to-small ordering and \"ja-Latn\" or \"en\" for small-to-large). This way, the most specific line of an address can be selected based on the language. The minimum permitted structural representation of an address consists of a region_code with all remaining information placed in the address_lines. It would be possible to format such an address very approximately without geocoding, but no semantic reasoning could be made about any of the address components until it was at least partially resolved. Creating an address only containing a region_code and address_lines, and then geocoding is the recommended way to handle completely unstructured addresses (as opposed to guessing which parts of the address should be localities or administrative areas)." }, "administrativeArea": { "type": "string", "description": "Optional. Highest administrative subdivision which is used for postal addresses of a country or region. For example, this can be a state, a province, an oblast, or a prefecture. Specifically, for Spain this is the province and not the autonomous community (e.g. \"Barcelona\" and not \"Catalonia\"). Many countries don't use an administrative area in postal addresses. E.g. in Switzerland this should be left unpopulated." }, "languageCode": { "type": "string", "description": "Optional. BCP-47 language code of the contents of this address (if known). This is often the UI language of the input form or is expected to match one of the languages used in the address' country/region, or their transliterated equivalents. This can affect formatting in certain countries, but is not critical to the correctness of the data and will never affect any validation or other non-formatting related operations. If this value is not known, it should be omitted (rather than specifying a possibly incorrect default). Examples: \"zh-Hant\", \"ja\", \"ja-Latn\", \"en\"." }, "locality": { "type": "string", "description": "Optional. Generally refers to the city/town portion of the address. Examples: US city, IT comune, UK post town. In regions of the world where localities are not well defined or do not fit into this structure well, leave locality empty and use address_lines." }, "organization": { "type": "string", "description": "Optional. The name of the organization at the address." }, "postalCode": { "type": "string", "description": "Optional. Postal code of the address. Not all countries use or require postal codes to be present, but where they are used, they may trigger additional validation with other parts of the address (e.g. state/zip validation in the U.S.A.)." }, "recipients": { "type": "array", "items": { "type": "string" }, "description": "Optional. The recipient at the address. This field may, under certain circumstances, contain multiline information. For example, it might contain \"care of\" information." }, "regionCode": { "type": "string", "description": "CLDR region code of the country/region of the address. This is never inferred and it is up to the user to ensure the value is correct. See https://cldr.unicode.org/ and https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html for details. Example: \"CH\" for Switzerland." }, "revision": { "type": "integer", "description": "The schema revision of the `PostalAddress`. This must be set to 0, which is the latest revision. All new revisions **must** be backward compatible with old revisions." }, "sortingCode": { "type": "string", "description": "Optional. Additional, country-specific, sorting code. This is not used in most regions. Where it is used, the value is either a string like \"CEDEX\", optionally followed by a number (e.g. \"CEDEX 7\"), or just a number alone, representing the \"sector code\" (Jamaica), \"delivery area indicator\" (Malawi) or \"post office indicator\" (e.g. Côte d'Ivoire)." }, "sublocality": { "type": "string", "description": "Optional. Sublocality of the address. For example, this can be neighborhoods, boroughs, districts." } }, "type": "object", "required": [ "regionCode" ] }, "google-native:cloudchannel/v1:GoogleTypePostalAddressResponse": { "description": "Represents a postal address, e.g. for postal delivery or payments addresses. Given a postal address, a postal service can deliver items to a premise, P.O. Box or similar. It is not intended to model geographical locations (roads, towns, mountains). In typical usage an address would be created via user input or from importing existing data, depending on the type of process. Advice on address input / editing: - Use an internationalization-ready address widget such as https://github.com/google/libaddressinput) - Users should not be presented with UI elements for input or editing of fields outside countries where that field is used. For more guidance on how to use this schema, please see: https://support.google.com/business/answer/6397478", "properties": { "addressLines": { "type": "array", "items": { "type": "string" }, "description": "Unstructured address lines describing the lower levels of an address. Because values in address_lines do not have type information and may sometimes contain multiple values in a single field (e.g. \"Austin, TX\"), it is important that the line order is clear. The order of address lines should be \"envelope order\" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. \"ja\" for large-to-small ordering and \"ja-Latn\" or \"en\" for small-to-large). This way, the most specific line of an address can be selected based on the language. The minimum permitted structural representation of an address consists of a region_code with all remaining information placed in the address_lines. It would be possible to format such an address very approximately without geocoding, but no semantic reasoning could be made about any of the address components until it was at least partially resolved. Creating an address only containing a region_code and address_lines, and then geocoding is the recommended way to handle completely unstructured addresses (as opposed to guessing which parts of the address should be localities or administrative areas)." }, "administrativeArea": { "type": "string", "description": "Optional. Highest administrative subdivision which is used for postal addresses of a country or region. For example, this can be a state, a province, an oblast, or a prefecture. Specifically, for Spain this is the province and not the autonomous community (e.g. \"Barcelona\" and not \"Catalonia\"). Many countries don't use an administrative area in postal addresses. E.g. in Switzerland this should be left unpopulated." }, "languageCode": { "type": "string", "description": "Optional. BCP-47 language code of the contents of this address (if known). This is often the UI language of the input form or is expected to match one of the languages used in the address' country/region, or their transliterated equivalents. This can affect formatting in certain countries, but is not critical to the correctness of the data and will never affect any validation or other non-formatting related operations. If this value is not known, it should be omitted (rather than specifying a possibly incorrect default). Examples: \"zh-Hant\", \"ja\", \"ja-Latn\", \"en\"." }, "locality": { "type": "string", "description": "Optional. Generally refers to the city/town portion of the address. Examples: US city, IT comune, UK post town. In regions of the world where localities are not well defined or do not fit into this structure well, leave locality empty and use address_lines." }, "organization": { "type": "string", "description": "Optional. The name of the organization at the address." }, "postalCode": { "type": "string", "description": "Optional. Postal code of the address. Not all countries use or require postal codes to be present, but where they are used, they may trigger additional validation with other parts of the address (e.g. state/zip validation in the U.S.A.)." }, "recipients": { "type": "array", "items": { "type": "string" }, "description": "Optional. The recipient at the address. This field may, under certain circumstances, contain multiline information. For example, it might contain \"care of\" information." }, "regionCode": { "type": "string", "description": "CLDR region code of the country/region of the address. This is never inferred and it is up to the user to ensure the value is correct. See https://cldr.unicode.org/ and https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html for details. Example: \"CH\" for Switzerland." }, "revision": { "type": "integer", "description": "The schema revision of the `PostalAddress`. This must be set to 0, which is the latest revision. All new revisions **must** be backward compatible with old revisions." }, "sortingCode": { "type": "string", "description": "Optional. Additional, country-specific, sorting code. This is not used in most regions. Where it is used, the value is either a string like \"CEDEX\", optionally followed by a number (e.g. \"CEDEX 7\"), or just a number alone, representing the \"sector code\" (Jamaica), \"delivery area indicator\" (Malawi) or \"post office indicator\" (e.g. Côte d'Ivoire)." }, "sublocality": { "type": "string", "description": "Optional. Sublocality of the address. For example, this can be neighborhoods, boroughs, districts." } }, "type": "object", "required": [ "addressLines", "administrativeArea", "languageCode", "locality", "organization", "postalCode", "recipients", "regionCode", "revision", "sortingCode", "sublocality" ] }, "google-native:clouddeploy/v1:AdvanceChildRolloutJobResponse": { "description": "An advanceChildRollout Job.", "type": "object" }, "google-native:clouddeploy/v1:AdvanceRolloutRule": { "description": "The `AdvanceRollout` automation rule will automatically advance a successful Rollout to the next phase.", "properties": { "id": { "type": "string", "description": "ID of the rule. This id must be unique in the `Automation` resource to which this rule belongs. The format is `a-z{0,62}`." }, "sourcePhases": { "type": "array", "items": { "type": "string" }, "description": "Optional. Proceeds only after phase name matched any one in the list. This value must consist of lower-case letters, numbers, and hyphens, start with a letter and end with a letter or a number, and have a max length of 63 characters. In other words, it must match the following regex: `^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$`." }, "wait": { "type": "string", "description": "Optional. How long to wait after a rollout is finished." } }, "type": "object", "required": [ "id" ] }, "google-native:clouddeploy/v1:AdvanceRolloutRuleResponse": { "description": "The `AdvanceRollout` automation rule will automatically advance a successful Rollout to the next phase.", "properties": { "condition": { "$ref": "#/types/google-native:clouddeploy%2Fv1:AutomationRuleConditionResponse", "description": "Information around the state of the Automation rule." }, "sourcePhases": { "type": "array", "items": { "type": "string" }, "description": "Optional. Proceeds only after phase name matched any one in the list. This value must consist of lower-case letters, numbers, and hyphens, start with a letter and end with a letter or a number, and have a max length of 63 characters. In other words, it must match the following regex: `^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$`." }, "wait": { "type": "string", "description": "Optional. How long to wait after a rollout is finished." } }, "type": "object", "required": [ "condition", "sourcePhases", "wait" ] }, "google-native:clouddeploy/v1:AnthosCluster": { "description": "Information specifying an Anthos Cluster.", "properties": { "membership": { "type": "string", "description": "Membership of the GKE Hub-registered cluster to which to apply the Skaffold configuration. Format is `projects/{project}/locations/{location}/memberships/{membership_name}`." } }, "type": "object" }, "google-native:clouddeploy/v1:AnthosClusterResponse": { "description": "Information specifying an Anthos Cluster.", "properties": { "membership": { "type": "string", "description": "Membership of the GKE Hub-registered cluster to which to apply the Skaffold configuration. Format is `projects/{project}/locations/{location}/memberships/{membership_name}`." } }, "type": "object", "required": [ "membership" ] }, "google-native:clouddeploy/v1:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:clouddeploy%2Fv1:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:clouddeploy/v1:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:clouddeploy%2Fv1:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:clouddeploy/v1:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:clouddeploy%2Fv1:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:clouddeploy/v1:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:clouddeploy/v1:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:clouddeploy/v1:AutomationResourceSelector": { "description": "AutomationResourceSelector contains the information to select the resources to which an Automation is going to be applied.", "properties": { "targets": { "type": "array", "items": { "$ref": "#/types/google-native:clouddeploy%2Fv1:TargetAttribute" }, "description": "Contains attributes about a target." } }, "type": "object" }, "google-native:clouddeploy/v1:AutomationResourceSelectorResponse": { "description": "AutomationResourceSelector contains the information to select the resources to which an Automation is going to be applied.", "properties": { "targets": { "type": "array", "items": { "$ref": "#/types/google-native:clouddeploy%2Fv1:TargetAttributeResponse" }, "description": "Contains attributes about a target." } }, "type": "object", "required": [ "targets" ] }, "google-native:clouddeploy/v1:AutomationRolloutMetadataResponse": { "description": "AutomationRolloutMetadata contains Automation-related actions that were performed on a rollout.", "properties": { "advanceAutomationRuns": { "type": "array", "items": { "type": "string" }, "description": "The IDs of the AutomationRuns initiated by an advance rollout rule." }, "promoteAutomationRun": { "type": "string", "description": "The ID of the AutomationRun initiated by a promote release rule." }, "repairAutomationRuns": { "type": "array", "items": { "type": "string" }, "description": "The IDs of the AutomationRuns initiated by a repair rollout rule." } }, "type": "object", "required": [ "advanceAutomationRuns", "promoteAutomationRun", "repairAutomationRuns" ] }, "google-native:clouddeploy/v1:AutomationRule": { "description": "`AutomationRule` defines the automation activities.", "properties": { "advanceRolloutRule": { "$ref": "#/types/google-native:clouddeploy%2Fv1:AdvanceRolloutRule", "description": "Optional. The `AdvanceRolloutRule` will automatically advance a successful Rollout." }, "promoteReleaseRule": { "$ref": "#/types/google-native:clouddeploy%2Fv1:PromoteReleaseRule", "description": "Optional. `PromoteReleaseRule` will automatically promote a release from the current target to a specified target." }, "repairRolloutRule": { "$ref": "#/types/google-native:clouddeploy%2Fv1:RepairRolloutRule", "description": "Optional. The `RepairRolloutRule` will automatically repair a failed rollout." } }, "type": "object" }, "google-native:clouddeploy/v1:AutomationRuleConditionResponse": { "description": "`AutomationRuleCondition` contains conditions relevant to an `Automation` rule.", "properties": { "targetsPresentCondition": { "$ref": "#/types/google-native:clouddeploy%2Fv1:TargetsPresentConditionResponse", "description": "Optional. Details around targets enumerated in the rule." } }, "type": "object", "required": [ "targetsPresentCondition" ] }, "google-native:clouddeploy/v1:AutomationRuleResponse": { "description": "`AutomationRule` defines the automation activities.", "properties": { "advanceRolloutRule": { "$ref": "#/types/google-native:clouddeploy%2Fv1:AdvanceRolloutRuleResponse", "description": "Optional. The `AdvanceRolloutRule` will automatically advance a successful Rollout." }, "promoteReleaseRule": { "$ref": "#/types/google-native:clouddeploy%2Fv1:PromoteReleaseRuleResponse", "description": "Optional. `PromoteReleaseRule` will automatically promote a release from the current target to a specified target." }, "repairRolloutRule": { "$ref": "#/types/google-native:clouddeploy%2Fv1:RepairRolloutRuleResponse", "description": "Optional. The `RepairRolloutRule` will automatically repair a failed rollout." } }, "type": "object", "required": [ "advanceRolloutRule", "promoteReleaseRule", "repairRolloutRule" ] }, "google-native:clouddeploy/v1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:clouddeploy%2Fv1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:clouddeploy/v1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:clouddeploy%2Fv1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:clouddeploy/v1:BuildArtifact": { "description": "Description of an a image to use during Skaffold rendering.", "properties": { "image": { "type": "string", "description": "Image name in Skaffold configuration." }, "tag": { "type": "string", "description": "Image tag to use. This will generally be the full path to an image, such as \"gcr.io/my-project/busybox:1.2.3\" or \"gcr.io/my-project/busybox@sha256:abc123\"." } }, "type": "object" }, "google-native:clouddeploy/v1:BuildArtifactResponse": { "description": "Description of an a image to use during Skaffold rendering.", "properties": { "image": { "type": "string", "description": "Image name in Skaffold configuration." }, "tag": { "type": "string", "description": "Image tag to use. This will generally be the full path to an image, such as \"gcr.io/my-project/busybox:1.2.3\" or \"gcr.io/my-project/busybox@sha256:abc123\"." } }, "type": "object", "required": [ "image", "tag" ] }, "google-native:clouddeploy/v1:Canary": { "description": "Canary represents the canary deployment strategy.", "properties": { "canaryDeployment": { "$ref": "#/types/google-native:clouddeploy%2Fv1:CanaryDeployment", "description": "Configures the progressive based deployment for a Target." }, "customCanaryDeployment": { "$ref": "#/types/google-native:clouddeploy%2Fv1:CustomCanaryDeployment", "description": "Configures the progressive based deployment for a Target, but allows customizing at the phase level where a phase represents each of the percentage deployments." }, "runtimeConfig": { "$ref": "#/types/google-native:clouddeploy%2Fv1:RuntimeConfig", "description": "Optional. Runtime specific configurations for the deployment strategy. The runtime configuration is used to determine how Cloud Deploy will split traffic to enable a progressive deployment." } }, "type": "object" }, "google-native:clouddeploy/v1:CanaryDeployment": { "description": "CanaryDeployment represents the canary deployment configuration", "properties": { "percentages": { "type": "array", "items": { "type": "integer" }, "description": "The percentage based deployments that will occur as a part of a `Rollout`. List is expected in ascending order and each integer n is 0 <= n < 100." }, "postdeploy": { "$ref": "#/types/google-native:clouddeploy%2Fv1:Postdeploy", "description": "Optional. Configuration for the postdeploy job of the last phase. If this is not configured, there will be no postdeploy job for this phase." }, "predeploy": { "$ref": "#/types/google-native:clouddeploy%2Fv1:Predeploy", "description": "Optional. Configuration for the predeploy job of the first phase. If this is not configured, there will be no predeploy job for this phase." }, "verify": { "type": "boolean", "description": "Whether to run verify tests after each percentage deployment." } }, "type": "object", "required": [ "percentages" ] }, "google-native:clouddeploy/v1:CanaryDeploymentResponse": { "description": "CanaryDeployment represents the canary deployment configuration", "properties": { "percentages": { "type": "array", "items": { "type": "integer" }, "description": "The percentage based deployments that will occur as a part of a `Rollout`. List is expected in ascending order and each integer n is 0 <= n < 100." }, "postdeploy": { "$ref": "#/types/google-native:clouddeploy%2Fv1:PostdeployResponse", "description": "Optional. Configuration for the postdeploy job of the last phase. If this is not configured, there will be no postdeploy job for this phase." }, "predeploy": { "$ref": "#/types/google-native:clouddeploy%2Fv1:PredeployResponse", "description": "Optional. Configuration for the predeploy job of the first phase. If this is not configured, there will be no predeploy job for this phase." }, "verify": { "type": "boolean", "description": "Whether to run verify tests after each percentage deployment." } }, "type": "object", "required": [ "percentages", "postdeploy", "predeploy", "verify" ] }, "google-native:clouddeploy/v1:CanaryResponse": { "description": "Canary represents the canary deployment strategy.", "properties": { "canaryDeployment": { "$ref": "#/types/google-native:clouddeploy%2Fv1:CanaryDeploymentResponse", "description": "Configures the progressive based deployment for a Target." }, "customCanaryDeployment": { "$ref": "#/types/google-native:clouddeploy%2Fv1:CustomCanaryDeploymentResponse", "description": "Configures the progressive based deployment for a Target, but allows customizing at the phase level where a phase represents each of the percentage deployments." }, "runtimeConfig": { "$ref": "#/types/google-native:clouddeploy%2Fv1:RuntimeConfigResponse", "description": "Optional. Runtime specific configurations for the deployment strategy. The runtime configuration is used to determine how Cloud Deploy will split traffic to enable a progressive deployment." } }, "type": "object", "required": [ "canaryDeployment", "customCanaryDeployment", "runtimeConfig" ] }, "google-native:clouddeploy/v1:ChildRolloutJobsResponse": { "description": "ChildRollouts job composition", "properties": { "advanceRolloutJobs": { "type": "array", "items": { "$ref": "#/types/google-native:clouddeploy%2Fv1:JobResponse" }, "description": "List of AdvanceChildRolloutJobs" }, "createRolloutJobs": { "type": "array", "items": { "$ref": "#/types/google-native:clouddeploy%2Fv1:JobResponse" }, "description": "List of CreateChildRolloutJobs" } }, "type": "object", "required": [ "advanceRolloutJobs", "createRolloutJobs" ] }, "google-native:clouddeploy/v1:CloudRunConfig": { "description": "CloudRunConfig contains the Cloud Run runtime configuration.", "properties": { "automaticTrafficControl": { "type": "boolean", "description": "Whether Cloud Deploy should update the traffic stanza in a Cloud Run Service on the user's behalf to facilitate traffic splitting. This is required to be true for CanaryDeployments, but optional for CustomCanaryDeployments." } }, "type": "object" }, "google-native:clouddeploy/v1:CloudRunConfigResponse": { "description": "CloudRunConfig contains the Cloud Run runtime configuration.", "properties": { "automaticTrafficControl": { "type": "boolean", "description": "Whether Cloud Deploy should update the traffic stanza in a Cloud Run Service on the user's behalf to facilitate traffic splitting. This is required to be true for CanaryDeployments, but optional for CustomCanaryDeployments." } }, "type": "object", "required": [ "automaticTrafficControl" ] }, "google-native:clouddeploy/v1:CloudRunLocation": { "description": "Information specifying where to deploy a Cloud Run Service.", "properties": { "location": { "type": "string", "description": "The location for the Cloud Run Service. Format must be `projects/{project}/locations/{location}`." } }, "type": "object", "required": [ "location" ] }, "google-native:clouddeploy/v1:CloudRunLocationResponse": { "description": "Information specifying where to deploy a Cloud Run Service.", "properties": { "location": { "type": "string", "description": "The location for the Cloud Run Service. Format must be `projects/{project}/locations/{location}`." } }, "type": "object", "required": [ "location" ] }, "google-native:clouddeploy/v1:CloudRunMetadataResponse": { "description": "CloudRunMetadata contains information from a Cloud Run deployment.", "properties": { "job": { "type": "string", "description": "The name of the Cloud Run job that is associated with a `Rollout`. Format is `projects/{project}/locations/{location}/jobs/{job_name}`." }, "revision": { "type": "string", "description": "The Cloud Run Revision id associated with a `Rollout`." }, "service": { "type": "string", "description": "The name of the Cloud Run Service that is associated with a `Rollout`. Format is `projects/{project}/locations/{location}/services/{service}`." }, "serviceUrls": { "type": "array", "items": { "type": "string" }, "description": "The Cloud Run Service urls that are associated with a `Rollout`." } }, "type": "object", "required": [ "job", "revision", "service", "serviceUrls" ] }, "google-native:clouddeploy/v1:CreateChildRolloutJobResponse": { "description": "A createChildRollout Job.", "type": "object" }, "google-native:clouddeploy/v1:CustomCanaryDeployment": { "description": "CustomCanaryDeployment represents the custom canary deployment configuration.", "properties": { "phaseConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:clouddeploy%2Fv1:PhaseConfig" }, "description": "Configuration for each phase in the canary deployment in the order executed." } }, "type": "object", "required": [ "phaseConfigs" ] }, "google-native:clouddeploy/v1:CustomCanaryDeploymentResponse": { "description": "CustomCanaryDeployment represents the custom canary deployment configuration.", "properties": { "phaseConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:clouddeploy%2Fv1:PhaseConfigResponse" }, "description": "Configuration for each phase in the canary deployment in the order executed." } }, "type": "object", "required": [ "phaseConfigs" ] }, "google-native:clouddeploy/v1:DefaultPool": { "description": "Execution using the default Cloud Build pool.", "properties": { "artifactStorage": { "type": "string", "description": "Optional. Cloud Storage location where execution outputs should be stored. This can either be a bucket (\"gs://my-bucket\") or a path within a bucket (\"gs://my-bucket/my-dir\"). If unspecified, a default bucket located in the same region will be used." }, "serviceAccount": { "type": "string", "description": "Optional. Google service account to use for execution. If unspecified, the project execution service account (-compute@developer.gserviceaccount.com) will be used." } }, "type": "object" }, "google-native:clouddeploy/v1:DefaultPoolResponse": { "description": "Execution using the default Cloud Build pool.", "properties": { "artifactStorage": { "type": "string", "description": "Optional. Cloud Storage location where execution outputs should be stored. This can either be a bucket (\"gs://my-bucket\") or a path within a bucket (\"gs://my-bucket/my-dir\"). If unspecified, a default bucket located in the same region will be used." }, "serviceAccount": { "type": "string", "description": "Optional. Google service account to use for execution. If unspecified, the project execution service account (-compute@developer.gserviceaccount.com) will be used." } }, "type": "object", "required": [ "artifactStorage", "serviceAccount" ] }, "google-native:clouddeploy/v1:DeliveryPipelineResponse": { "description": "A `DeliveryPipeline` resource in the Cloud Deploy API. A `DeliveryPipeline` defines a pipeline through which a Skaffold configuration can progress.", "properties": { "annotations": { "type": "object", "additionalProperties": { "type": "string" }, "description": "User annotations. These attributes can only be set and used by the user, and not by Cloud Deploy." }, "condition": { "$ref": "#/types/google-native:clouddeploy%2Fv1:PipelineConditionResponse", "description": "Information around the state of the Delivery Pipeline." }, "createTime": { "type": "string", "description": "Time at which the pipeline was created." }, "description": { "type": "string", "description": "Description of the `DeliveryPipeline`. Max length is 255 characters." }, "etag": { "type": "string", "description": "This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels are attributes that can be set and used by both the user and by Cloud Deploy. Labels must meet the following constraints: * Keys and values can contain only lowercase letters, numeric characters, underscores, and dashes. * All characters must use UTF-8 encoding, and international characters are allowed. * Keys must start with a lowercase letter or international character. * Each resource is limited to a maximum of 64 labels. Both keys and values are additionally constrained to be <= 128 bytes." }, "name": { "type": "string", "description": "Optional. Name of the `DeliveryPipeline`. Format is `projects/{project}/locations/{location}/deliveryPipelines/a-z{0,62}`." }, "serialPipeline": { "$ref": "#/types/google-native:clouddeploy%2Fv1:SerialPipelineResponse", "description": "SerialPipeline defines a sequential set of stages for a `DeliveryPipeline`." }, "suspended": { "type": "boolean", "description": "When suspended, no new releases or rollouts can be created, but in-progress ones will complete." }, "uid": { "type": "string", "description": "Unique identifier of the `DeliveryPipeline`." }, "updateTime": { "type": "string", "description": "Most recent time at which the pipeline was updated." } }, "type": "object", "required": [ "annotations", "condition", "createTime", "description", "etag", "labels", "name", "serialPipeline", "suspended", "uid", "updateTime" ] }, "google-native:clouddeploy/v1:DeployJobResponse": { "description": "A deploy Job.", "type": "object" }, "google-native:clouddeploy/v1:DeployParameters": { "description": "DeployParameters contains deploy parameters information.", "properties": { "matchTargetLabels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Deploy parameters are applied to targets with match labels. If unspecified, deploy parameters are applied to all targets (including child targets of a multi-target)." }, "values": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Values are deploy parameters in key-value pairs." } }, "type": "object", "required": [ "values" ] }, "google-native:clouddeploy/v1:DeployParametersResponse": { "description": "DeployParameters contains deploy parameters information.", "properties": { "matchTargetLabels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Deploy parameters are applied to targets with match labels. If unspecified, deploy parameters are applied to all targets (including child targets of a multi-target)." }, "values": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Values are deploy parameters in key-value pairs." } }, "type": "object", "required": [ "matchTargetLabels", "values" ] }, "google-native:clouddeploy/v1:DeploymentJobsResponse": { "description": "Deployment job composition.", "properties": { "deployJob": { "$ref": "#/types/google-native:clouddeploy%2Fv1:JobResponse", "description": "The deploy Job. This is the deploy job in the phase." }, "postdeployJob": { "$ref": "#/types/google-native:clouddeploy%2Fv1:JobResponse", "description": "The postdeploy Job, which is the last job on the phase." }, "predeployJob": { "$ref": "#/types/google-native:clouddeploy%2Fv1:JobResponse", "description": "The predeploy Job, which is the first job on the phase." }, "verifyJob": { "$ref": "#/types/google-native:clouddeploy%2Fv1:JobResponse", "description": "The verify Job. Runs after a deploy if the deploy succeeds." } }, "type": "object", "required": [ "deployJob", "postdeployJob", "predeployJob", "verifyJob" ] }, "google-native:clouddeploy/v1:ExecutionConfig": { "description": "Configuration of the environment to use when calling Skaffold.", "properties": { "artifactStorage": { "type": "string", "description": "Optional. Cloud Storage location in which to store execution outputs. This can either be a bucket (\"gs://my-bucket\") or a path within a bucket (\"gs://my-bucket/my-dir\"). If unspecified, a default bucket located in the same region will be used." }, "defaultPool": { "$ref": "#/types/google-native:clouddeploy%2Fv1:DefaultPool", "description": "Optional. Use default Cloud Build pool." }, "executionTimeout": { "type": "string", "description": "Optional. Execution timeout for a Cloud Build Execution. This must be between 10m and 24h in seconds format. If unspecified, a default timeout of 1h is used." }, "privatePool": { "$ref": "#/types/google-native:clouddeploy%2Fv1:PrivatePool", "description": "Optional. Use private Cloud Build pool." }, "serviceAccount": { "type": "string", "description": "Optional. Google service account to use for execution. If unspecified, the project execution service account (-compute@developer.gserviceaccount.com) is used." }, "usages": { "type": "array", "items": { "$ref": "#/types/google-native:clouddeploy%2Fv1:ExecutionConfigUsagesItem" }, "description": "Usages when this configuration should be applied." }, "workerPool": { "type": "string", "description": "Optional. The resource name of the `WorkerPool`, with the format `projects/{project}/locations/{location}/workerPools/{worker_pool}`. If this optional field is unspecified, the default Cloud Build pool will be used." } }, "type": "object", "required": [ "usages" ] }, "google-native:clouddeploy/v1:ExecutionConfigResponse": { "description": "Configuration of the environment to use when calling Skaffold.", "properties": { "artifactStorage": { "type": "string", "description": "Optional. Cloud Storage location in which to store execution outputs. This can either be a bucket (\"gs://my-bucket\") or a path within a bucket (\"gs://my-bucket/my-dir\"). If unspecified, a default bucket located in the same region will be used." }, "defaultPool": { "$ref": "#/types/google-native:clouddeploy%2Fv1:DefaultPoolResponse", "description": "Optional. Use default Cloud Build pool." }, "executionTimeout": { "type": "string", "description": "Optional. Execution timeout for a Cloud Build Execution. This must be between 10m and 24h in seconds format. If unspecified, a default timeout of 1h is used." }, "privatePool": { "$ref": "#/types/google-native:clouddeploy%2Fv1:PrivatePoolResponse", "description": "Optional. Use private Cloud Build pool." }, "serviceAccount": { "type": "string", "description": "Optional. Google service account to use for execution. If unspecified, the project execution service account (-compute@developer.gserviceaccount.com) is used." }, "usages": { "type": "array", "items": { "type": "string" }, "description": "Usages when this configuration should be applied." }, "workerPool": { "type": "string", "description": "Optional. The resource name of the `WorkerPool`, with the format `projects/{project}/locations/{location}/workerPools/{worker_pool}`. If this optional field is unspecified, the default Cloud Build pool will be used." } }, "type": "object", "required": [ "artifactStorage", "defaultPool", "executionTimeout", "privatePool", "serviceAccount", "usages", "workerPool" ] }, "google-native:clouddeploy/v1:ExecutionConfigUsagesItem": { "type": "string", "enum": [ { "name": "ExecutionEnvironmentUsageUnspecified", "description": "Default value. This value is unused.", "value": "EXECUTION_ENVIRONMENT_USAGE_UNSPECIFIED" }, { "name": "Render", "description": "Use for rendering.", "value": "RENDER" }, { "name": "Deploy", "description": "Use for deploying and deployment hooks.", "value": "DEPLOY" }, { "name": "Verify", "description": "Use for deployment verification.", "value": "VERIFY" }, { "name": "Predeploy", "description": "Use for predeploy job execution.", "value": "PREDEPLOY" }, { "name": "Postdeploy", "description": "Use for postdeploy job execution.", "value": "POSTDEPLOY" } ] }, "google-native:clouddeploy/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:clouddeploy/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:clouddeploy/v1:GatewayServiceMesh": { "description": "Information about the Kubernetes Gateway API service mesh configuration.", "properties": { "deployment": { "type": "string", "description": "Name of the Kubernetes Deployment whose traffic is managed by the specified HTTPRoute and Service." }, "httpRoute": { "type": "string", "description": "Name of the Gateway API HTTPRoute." }, "routeUpdateWaitTime": { "type": "string", "description": "Optional. The time to wait for route updates to propagate. The maximum configurable time is 3 hours, in seconds format. If unspecified, there is no wait time." }, "service": { "type": "string", "description": "Name of the Kubernetes Service." } }, "type": "object", "required": [ "deployment", "httpRoute", "service" ] }, "google-native:clouddeploy/v1:GatewayServiceMeshResponse": { "description": "Information about the Kubernetes Gateway API service mesh configuration.", "properties": { "deployment": { "type": "string", "description": "Name of the Kubernetes Deployment whose traffic is managed by the specified HTTPRoute and Service." }, "httpRoute": { "type": "string", "description": "Name of the Gateway API HTTPRoute." }, "routeUpdateWaitTime": { "type": "string", "description": "Optional. The time to wait for route updates to propagate. The maximum configurable time is 3 hours, in seconds format. If unspecified, there is no wait time." }, "service": { "type": "string", "description": "Name of the Kubernetes Service." } }, "type": "object", "required": [ "deployment", "httpRoute", "routeUpdateWaitTime", "service" ] }, "google-native:clouddeploy/v1:GkeCluster": { "description": "Information specifying a GKE Cluster.", "properties": { "cluster": { "type": "string", "description": "Information specifying a GKE Cluster. Format is `projects/{project_id}/locations/{location_id}/clusters/{cluster_id}`." }, "internalIp": { "type": "boolean", "description": "Optional. If true, `cluster` is accessed using the private IP address of the control plane endpoint. Otherwise, the default IP address of the control plane endpoint is used. The default IP address is the private IP address for clusters with private control-plane endpoints and the public IP address otherwise. Only specify this option when `cluster` is a [private GKE cluster](https://cloud.google.com/kubernetes-engine/docs/concepts/private-cluster-concept)." } }, "type": "object" }, "google-native:clouddeploy/v1:GkeClusterResponse": { "description": "Information specifying a GKE Cluster.", "properties": { "cluster": { "type": "string", "description": "Information specifying a GKE Cluster. Format is `projects/{project_id}/locations/{location_id}/clusters/{cluster_id}`." }, "internalIp": { "type": "boolean", "description": "Optional. If true, `cluster` is accessed using the private IP address of the control plane endpoint. Otherwise, the default IP address of the control plane endpoint is used. The default IP address is the private IP address for clusters with private control-plane endpoints and the public IP address otherwise. Only specify this option when `cluster` is a [private GKE cluster](https://cloud.google.com/kubernetes-engine/docs/concepts/private-cluster-concept)." } }, "type": "object", "required": [ "cluster", "internalIp" ] }, "google-native:clouddeploy/v1:JobResponse": { "description": "Job represents an operation for a `Rollout`.", "properties": { "advanceChildRolloutJob": { "$ref": "#/types/google-native:clouddeploy%2Fv1:AdvanceChildRolloutJobResponse", "description": "An advanceChildRollout Job." }, "createChildRolloutJob": { "$ref": "#/types/google-native:clouddeploy%2Fv1:CreateChildRolloutJobResponse", "description": "A createChildRollout Job." }, "deployJob": { "$ref": "#/types/google-native:clouddeploy%2Fv1:DeployJobResponse", "description": "A deploy Job." }, "jobRun": { "type": "string", "description": "The name of the `JobRun` responsible for the most recent invocation of this Job." }, "postdeployJob": { "$ref": "#/types/google-native:clouddeploy%2Fv1:PostdeployJobResponse", "description": "A postdeploy Job." }, "predeployJob": { "$ref": "#/types/google-native:clouddeploy%2Fv1:PredeployJobResponse", "description": "A predeploy Job." }, "skipMessage": { "type": "string", "description": "Additional information on why the Job was skipped, if available." }, "state": { "type": "string", "description": "The current state of the Job." }, "verifyJob": { "$ref": "#/types/google-native:clouddeploy%2Fv1:VerifyJobResponse", "description": "A verify Job." } }, "type": "object", "required": [ "advanceChildRolloutJob", "createChildRolloutJob", "deployJob", "jobRun", "postdeployJob", "predeployJob", "skipMessage", "state", "verifyJob" ] }, "google-native:clouddeploy/v1:KubernetesConfig": { "description": "KubernetesConfig contains the Kubernetes runtime configuration.", "properties": { "gatewayServiceMesh": { "$ref": "#/types/google-native:clouddeploy%2Fv1:GatewayServiceMesh", "description": "Kubernetes Gateway API service mesh configuration." }, "serviceNetworking": { "$ref": "#/types/google-native:clouddeploy%2Fv1:ServiceNetworking", "description": "Kubernetes Service networking configuration." } }, "type": "object" }, "google-native:clouddeploy/v1:KubernetesConfigResponse": { "description": "KubernetesConfig contains the Kubernetes runtime configuration.", "properties": { "gatewayServiceMesh": { "$ref": "#/types/google-native:clouddeploy%2Fv1:GatewayServiceMeshResponse", "description": "Kubernetes Gateway API service mesh configuration." }, "serviceNetworking": { "$ref": "#/types/google-native:clouddeploy%2Fv1:ServiceNetworkingResponse", "description": "Kubernetes Service networking configuration." } }, "type": "object", "required": [ "gatewayServiceMesh", "serviceNetworking" ] }, "google-native:clouddeploy/v1:MetadataResponse": { "description": "Metadata includes information associated with a `Rollout`.", "properties": { "automation": { "$ref": "#/types/google-native:clouddeploy%2Fv1:AutomationRolloutMetadataResponse", "description": "AutomationRolloutMetadata contains the information about the interactions between Automation service and this rollout." }, "cloudRun": { "$ref": "#/types/google-native:clouddeploy%2Fv1:CloudRunMetadataResponse", "description": "The name of the Cloud Run Service that is associated with a `Rollout`." } }, "type": "object", "required": [ "automation", "cloudRun" ] }, "google-native:clouddeploy/v1:MultiTarget": { "description": "Information specifying a multiTarget.", "properties": { "targetIds": { "type": "array", "items": { "type": "string" }, "description": "The target_ids of this multiTarget." } }, "type": "object", "required": [ "targetIds" ] }, "google-native:clouddeploy/v1:MultiTargetResponse": { "description": "Information specifying a multiTarget.", "properties": { "targetIds": { "type": "array", "items": { "type": "string" }, "description": "The target_ids of this multiTarget." } }, "type": "object", "required": [ "targetIds" ] }, "google-native:clouddeploy/v1:PhaseConfig": { "description": "PhaseConfig represents the configuration for a phase in the custom canary deployment.", "properties": { "percentage": { "type": "integer", "description": "Percentage deployment for the phase." }, "phaseId": { "type": "string", "description": "The ID to assign to the `Rollout` phase. This value must consist of lower-case letters, numbers, and hyphens, start with a letter and end with a letter or a number, and have a max length of 63 characters. In other words, it must match the following regex: `^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$`." }, "postdeploy": { "$ref": "#/types/google-native:clouddeploy%2Fv1:Postdeploy", "description": "Optional. Configuration for the postdeploy job of this phase. If this is not configured, there will be no postdeploy job for this phase." }, "predeploy": { "$ref": "#/types/google-native:clouddeploy%2Fv1:Predeploy", "description": "Optional. Configuration for the predeploy job of this phase. If this is not configured, there will be no predeploy job for this phase." }, "profiles": { "type": "array", "items": { "type": "string" }, "description": "Skaffold profiles to use when rendering the manifest for this phase. These are in addition to the profiles list specified in the `DeliveryPipeline` stage." }, "verify": { "type": "boolean", "description": "Whether to run verify tests after the deployment." } }, "type": "object", "required": [ "percentage", "phaseId" ] }, "google-native:clouddeploy/v1:PhaseConfigResponse": { "description": "PhaseConfig represents the configuration for a phase in the custom canary deployment.", "properties": { "percentage": { "type": "integer", "description": "Percentage deployment for the phase." }, "phaseId": { "type": "string", "description": "The ID to assign to the `Rollout` phase. This value must consist of lower-case letters, numbers, and hyphens, start with a letter and end with a letter or a number, and have a max length of 63 characters. In other words, it must match the following regex: `^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$`." }, "postdeploy": { "$ref": "#/types/google-native:clouddeploy%2Fv1:PostdeployResponse", "description": "Optional. Configuration for the postdeploy job of this phase. If this is not configured, there will be no postdeploy job for this phase." }, "predeploy": { "$ref": "#/types/google-native:clouddeploy%2Fv1:PredeployResponse", "description": "Optional. Configuration for the predeploy job of this phase. If this is not configured, there will be no predeploy job for this phase." }, "profiles": { "type": "array", "items": { "type": "string" }, "description": "Skaffold profiles to use when rendering the manifest for this phase. These are in addition to the profiles list specified in the `DeliveryPipeline` stage." }, "verify": { "type": "boolean", "description": "Whether to run verify tests after the deployment." } }, "type": "object", "required": [ "percentage", "phaseId", "postdeploy", "predeploy", "profiles", "verify" ] }, "google-native:clouddeploy/v1:PhaseResponse": { "description": "Phase represents a collection of jobs that are logically grouped together for a `Rollout`.", "properties": { "childRolloutJobs": { "$ref": "#/types/google-native:clouddeploy%2Fv1:ChildRolloutJobsResponse", "description": "ChildRollout job composition." }, "deploymentJobs": { "$ref": "#/types/google-native:clouddeploy%2Fv1:DeploymentJobsResponse", "description": "Deployment job composition." }, "skipMessage": { "type": "string", "description": "Additional information on why the Phase was skipped, if available." }, "state": { "type": "string", "description": "Current state of the Phase." } }, "type": "object", "required": [ "childRolloutJobs", "deploymentJobs", "skipMessage", "state" ] }, "google-native:clouddeploy/v1:PipelineConditionResponse": { "description": "PipelineCondition contains all conditions relevant to a Delivery Pipeline.", "properties": { "pipelineReadyCondition": { "$ref": "#/types/google-native:clouddeploy%2Fv1:PipelineReadyConditionResponse", "description": "Details around the Pipeline's overall status." }, "targetsPresentCondition": { "$ref": "#/types/google-native:clouddeploy%2Fv1:TargetsPresentConditionResponse", "description": "Details around targets enumerated in the pipeline." }, "targetsTypeCondition": { "$ref": "#/types/google-native:clouddeploy%2Fv1:TargetsTypeConditionResponse", "description": "Details on the whether the targets enumerated in the pipeline are of the same type." } }, "type": "object", "required": [ "pipelineReadyCondition", "targetsPresentCondition", "targetsTypeCondition" ] }, "google-native:clouddeploy/v1:PipelineReadyConditionResponse": { "description": "PipelineReadyCondition contains information around the status of the Pipeline.", "properties": { "status": { "type": "boolean", "description": "True if the Pipeline is in a valid state. Otherwise at least one condition in `PipelineCondition` is in an invalid state. Iterate over those conditions and see which condition(s) has status = false to find out what is wrong with the Pipeline." }, "updateTime": { "type": "string", "description": "Last time the condition was updated." } }, "type": "object", "required": [ "status", "updateTime" ] }, "google-native:clouddeploy/v1:Postdeploy": { "description": "Postdeploy contains the postdeploy job configuration information.", "properties": { "actions": { "type": "array", "items": { "type": "string" }, "description": "Optional. A sequence of Skaffold custom actions to invoke during execution of the postdeploy job." } }, "type": "object" }, "google-native:clouddeploy/v1:PostdeployJobResponse": { "description": "A postdeploy Job.", "properties": { "actions": { "type": "array", "items": { "type": "string" }, "description": "The custom actions that the postdeploy Job executes." } }, "type": "object", "required": [ "actions" ] }, "google-native:clouddeploy/v1:PostdeployResponse": { "description": "Postdeploy contains the postdeploy job configuration information.", "properties": { "actions": { "type": "array", "items": { "type": "string" }, "description": "Optional. A sequence of Skaffold custom actions to invoke during execution of the postdeploy job." } }, "type": "object", "required": [ "actions" ] }, "google-native:clouddeploy/v1:Predeploy": { "description": "Predeploy contains the predeploy job configuration information.", "properties": { "actions": { "type": "array", "items": { "type": "string" }, "description": "Optional. A sequence of Skaffold custom actions to invoke during execution of the predeploy job." } }, "type": "object" }, "google-native:clouddeploy/v1:PredeployJobResponse": { "description": "A predeploy Job.", "properties": { "actions": { "type": "array", "items": { "type": "string" }, "description": "The custom actions that the predeploy Job executes." } }, "type": "object", "required": [ "actions" ] }, "google-native:clouddeploy/v1:PredeployResponse": { "description": "Predeploy contains the predeploy job configuration information.", "properties": { "actions": { "type": "array", "items": { "type": "string" }, "description": "Optional. A sequence of Skaffold custom actions to invoke during execution of the predeploy job." } }, "type": "object", "required": [ "actions" ] }, "google-native:clouddeploy/v1:PrivatePool": { "description": "Execution using a private Cloud Build pool.", "properties": { "artifactStorage": { "type": "string", "description": "Optional. Cloud Storage location where execution outputs should be stored. This can either be a bucket (\"gs://my-bucket\") or a path within a bucket (\"gs://my-bucket/my-dir\"). If unspecified, a default bucket located in the same region will be used." }, "serviceAccount": { "type": "string", "description": "Optional. Google service account to use for execution. If unspecified, the project execution service account (-compute@developer.gserviceaccount.com) will be used." }, "workerPool": { "type": "string", "description": "Resource name of the Cloud Build worker pool to use. The format is `projects/{project}/locations/{location}/workerPools/{pool}`." } }, "type": "object", "required": [ "workerPool" ] }, "google-native:clouddeploy/v1:PrivatePoolResponse": { "description": "Execution using a private Cloud Build pool.", "properties": { "artifactStorage": { "type": "string", "description": "Optional. Cloud Storage location where execution outputs should be stored. This can either be a bucket (\"gs://my-bucket\") or a path within a bucket (\"gs://my-bucket/my-dir\"). If unspecified, a default bucket located in the same region will be used." }, "serviceAccount": { "type": "string", "description": "Optional. Google service account to use for execution. If unspecified, the project execution service account (-compute@developer.gserviceaccount.com) will be used." }, "workerPool": { "type": "string", "description": "Resource name of the Cloud Build worker pool to use. The format is `projects/{project}/locations/{location}/workerPools/{pool}`." } }, "type": "object", "required": [ "artifactStorage", "serviceAccount", "workerPool" ] }, "google-native:clouddeploy/v1:PromoteReleaseRule": { "description": "`PromoteRelease` rule will automatically promote a release from the current target to a specified target.", "properties": { "destinationPhase": { "type": "string", "description": "Optional. The starting phase of the rollout created by this operation. Default to the first phase." }, "destinationTargetId": { "type": "string", "description": "Optional. The ID of the stage in the pipeline to which this `Release` is deploying. If unspecified, default it to the next stage in the promotion flow. The value of this field could be one of the following: * The last segment of a target name. It only needs the ID to determine if the target is one of the stages in the promotion sequence defined in the pipeline. * \"@next\", the next target in the promotion sequence." }, "id": { "type": "string", "description": "ID of the rule. This id must be unique in the `Automation` resource to which this rule belongs. The format is `a-z{0,62}`." }, "wait": { "type": "string", "description": "Optional. How long the release need to be paused until being promoted to the next target." } }, "type": "object", "required": [ "id" ] }, "google-native:clouddeploy/v1:PromoteReleaseRuleResponse": { "description": "`PromoteRelease` rule will automatically promote a release from the current target to a specified target.", "properties": { "condition": { "$ref": "#/types/google-native:clouddeploy%2Fv1:AutomationRuleConditionResponse", "description": "Information around the state of the Automation rule." }, "destinationPhase": { "type": "string", "description": "Optional. The starting phase of the rollout created by this operation. Default to the first phase." }, "destinationTargetId": { "type": "string", "description": "Optional. The ID of the stage in the pipeline to which this `Release` is deploying. If unspecified, default it to the next stage in the promotion flow. The value of this field could be one of the following: * The last segment of a target name. It only needs the ID to determine if the target is one of the stages in the promotion sequence defined in the pipeline. * \"@next\", the next target in the promotion sequence." }, "wait": { "type": "string", "description": "Optional. How long the release need to be paused until being promoted to the next target." } }, "type": "object", "required": [ "condition", "destinationPhase", "destinationTargetId", "wait" ] }, "google-native:clouddeploy/v1:ReleaseConditionResponse": { "description": "ReleaseCondition contains all conditions relevant to a Release.", "properties": { "releaseReadyCondition": { "$ref": "#/types/google-native:clouddeploy%2Fv1:ReleaseReadyConditionResponse", "description": "Details around the Releases's overall status." }, "skaffoldSupportedCondition": { "$ref": "#/types/google-native:clouddeploy%2Fv1:SkaffoldSupportedConditionResponse", "description": "Details around the support state of the release's skaffold version." } }, "type": "object", "required": [ "releaseReadyCondition", "skaffoldSupportedCondition" ] }, "google-native:clouddeploy/v1:ReleaseReadyConditionResponse": { "description": "ReleaseReadyCondition contains information around the status of the Release. If a release is not ready, you cannot create a rollout with the release.", "properties": { "status": { "type": "boolean", "description": "True if the Release is in a valid state. Otherwise at least one condition in `ReleaseCondition` is in an invalid state. Iterate over those conditions and see which condition(s) has status = false to find out what is wrong with the Release." } }, "type": "object", "required": [ "status" ] }, "google-native:clouddeploy/v1:RepairMode": { "description": "Configuration of the repair action.", "properties": { "retry": { "$ref": "#/types/google-native:clouddeploy%2Fv1:Retry", "description": "Optional. Retries a failed job." }, "rollback": { "$ref": "#/types/google-native:clouddeploy%2Fv1:Rollback", "description": "Optional. Rolls back a `Rollout`." } }, "type": "object" }, "google-native:clouddeploy/v1:RepairModeResponse": { "description": "Configuration of the repair action.", "properties": { "retry": { "$ref": "#/types/google-native:clouddeploy%2Fv1:RetryResponse", "description": "Optional. Retries a failed job." }, "rollback": { "$ref": "#/types/google-native:clouddeploy%2Fv1:RollbackResponse", "description": "Optional. Rolls back a `Rollout`." } }, "type": "object", "required": [ "retry", "rollback" ] }, "google-native:clouddeploy/v1:RepairRolloutRule": { "description": "The `RepairRolloutRule` automation rule will automatically repair a failed `Rollout`.", "properties": { "id": { "type": "string", "description": "ID of the rule. This id must be unique in the `Automation` resource to which this rule belongs. The format is `a-z{0,62}`." }, "jobs": { "type": "array", "items": { "type": "string" }, "description": "Optional. Jobs to repair. Proceeds only after job name matched any one in the list, or for all jobs if unspecified or empty. The phase that includes the job must match the phase ID specified in `source_phase`. This value must consist of lower-case letters, numbers, and hyphens, start with a letter and end with a letter or a number, and have a max length of 63 characters. In other words, it must match the following regex: `^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$`." }, "repairModes": { "type": "array", "items": { "$ref": "#/types/google-native:clouddeploy%2Fv1:RepairMode" }, "description": "Defines the types of automatic repair actions for failed jobs." }, "sourcePhases": { "type": "array", "items": { "type": "string" }, "description": "Optional. Phases within which jobs are subject to automatic repair actions on failure. Proceeds only after phase name matched any one in the list, or for all phases if unspecified. This value must consist of lower-case letters, numbers, and hyphens, start with a letter and end with a letter or a number, and have a max length of 63 characters. In other words, it must match the following regex: `^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$`." } }, "type": "object", "required": [ "id", "repairModes" ] }, "google-native:clouddeploy/v1:RepairRolloutRuleResponse": { "description": "The `RepairRolloutRule` automation rule will automatically repair a failed `Rollout`.", "properties": { "condition": { "$ref": "#/types/google-native:clouddeploy%2Fv1:AutomationRuleConditionResponse", "description": "Information around the state of the 'Automation' rule." }, "jobs": { "type": "array", "items": { "type": "string" }, "description": "Optional. Jobs to repair. Proceeds only after job name matched any one in the list, or for all jobs if unspecified or empty. The phase that includes the job must match the phase ID specified in `source_phase`. This value must consist of lower-case letters, numbers, and hyphens, start with a letter and end with a letter or a number, and have a max length of 63 characters. In other words, it must match the following regex: `^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$`." }, "repairModes": { "type": "array", "items": { "$ref": "#/types/google-native:clouddeploy%2Fv1:RepairModeResponse" }, "description": "Defines the types of automatic repair actions for failed jobs." }, "sourcePhases": { "type": "array", "items": { "type": "string" }, "description": "Optional. Phases within which jobs are subject to automatic repair actions on failure. Proceeds only after phase name matched any one in the list, or for all phases if unspecified. This value must consist of lower-case letters, numbers, and hyphens, start with a letter and end with a letter or a number, and have a max length of 63 characters. In other words, it must match the following regex: `^[a-z]([a-z0-9-]{0,61}[a-z0-9])?$`." } }, "type": "object", "required": [ "condition", "jobs", "repairModes", "sourcePhases" ] }, "google-native:clouddeploy/v1:Retry": { "description": "Retries the failed job.", "properties": { "attempts": { "type": "string", "description": "Total number of retries. Retry will skipped if set to 0; The minimum value is 1, and the maximum value is 10." }, "backoffMode": { "$ref": "#/types/google-native:clouddeploy%2Fv1:RetryBackoffMode", "description": "Optional. The pattern of how wait time will be increased. Default is linear. Backoff mode will be ignored if `wait` is 0." }, "wait": { "type": "string", "description": "Optional. How long to wait for the first retry. Default is 0, and the maximum value is 14d." } }, "type": "object", "required": [ "attempts" ] }, "google-native:clouddeploy/v1:RetryBackoffMode": { "description": "Optional. The pattern of how wait time will be increased. Default is linear. Backoff mode will be ignored if `wait` is 0.", "type": "string", "enum": [ { "name": "BackoffModeUnspecified", "description": "No WaitMode is specified.", "value": "BACKOFF_MODE_UNSPECIFIED" }, { "name": "BackoffModeLinear", "description": "Increases the wait time linearly.", "value": "BACKOFF_MODE_LINEAR" }, { "name": "BackoffModeExponential", "description": "Increases the wait time exponentially.", "value": "BACKOFF_MODE_EXPONENTIAL" } ] }, "google-native:clouddeploy/v1:RetryResponse": { "description": "Retries the failed job.", "properties": { "attempts": { "type": "string", "description": "Total number of retries. Retry will skipped if set to 0; The minimum value is 1, and the maximum value is 10." }, "backoffMode": { "type": "string", "description": "Optional. The pattern of how wait time will be increased. Default is linear. Backoff mode will be ignored if `wait` is 0." }, "wait": { "type": "string", "description": "Optional. How long to wait for the first retry. Default is 0, and the maximum value is 14d." } }, "type": "object", "required": [ "attempts", "backoffMode", "wait" ] }, "google-native:clouddeploy/v1:Rollback": { "description": "Rolls back a `Rollout`.", "properties": { "destinationPhase": { "type": "string", "description": "Optional. The starting phase ID for the `Rollout`. If unspecified, the `Rollout` will start in the stable phase." } }, "type": "object" }, "google-native:clouddeploy/v1:RollbackResponse": { "description": "Rolls back a `Rollout`.", "properties": { "destinationPhase": { "type": "string", "description": "Optional. The starting phase ID for the `Rollout`. If unspecified, the `Rollout` will start in the stable phase." } }, "type": "object", "required": [ "destinationPhase" ] }, "google-native:clouddeploy/v1:RuntimeConfig": { "description": "RuntimeConfig contains the runtime specific configurations for a deployment strategy.", "properties": { "cloudRun": { "$ref": "#/types/google-native:clouddeploy%2Fv1:CloudRunConfig", "description": "Cloud Run runtime configuration." }, "kubernetes": { "$ref": "#/types/google-native:clouddeploy%2Fv1:KubernetesConfig", "description": "Kubernetes runtime configuration." } }, "type": "object" }, "google-native:clouddeploy/v1:RuntimeConfigResponse": { "description": "RuntimeConfig contains the runtime specific configurations for a deployment strategy.", "properties": { "cloudRun": { "$ref": "#/types/google-native:clouddeploy%2Fv1:CloudRunConfigResponse", "description": "Cloud Run runtime configuration." }, "kubernetes": { "$ref": "#/types/google-native:clouddeploy%2Fv1:KubernetesConfigResponse", "description": "Kubernetes runtime configuration." } }, "type": "object", "required": [ "cloudRun", "kubernetes" ] }, "google-native:clouddeploy/v1:SerialPipeline": { "description": "SerialPipeline defines a sequential set of stages for a `DeliveryPipeline`.", "properties": { "stages": { "type": "array", "items": { "$ref": "#/types/google-native:clouddeploy%2Fv1:Stage" }, "description": "Each stage specifies configuration for a `Target`. The ordering of this list defines the promotion flow." } }, "type": "object" }, "google-native:clouddeploy/v1:SerialPipelineResponse": { "description": "SerialPipeline defines a sequential set of stages for a `DeliveryPipeline`.", "properties": { "stages": { "type": "array", "items": { "$ref": "#/types/google-native:clouddeploy%2Fv1:StageResponse" }, "description": "Each stage specifies configuration for a `Target`. The ordering of this list defines the promotion flow." } }, "type": "object", "required": [ "stages" ] }, "google-native:clouddeploy/v1:ServiceNetworking": { "description": "Information about the Kubernetes Service networking configuration.", "properties": { "deployment": { "type": "string", "description": "Name of the Kubernetes Deployment whose traffic is managed by the specified Service." }, "disablePodOverprovisioning": { "type": "boolean", "description": "Optional. Whether to disable Pod overprovisioning. If Pod overprovisioning is disabled then Cloud Deploy will limit the number of total Pods used for the deployment strategy to the number of Pods the Deployment has on the cluster." }, "service": { "type": "string", "description": "Name of the Kubernetes Service." } }, "type": "object", "required": [ "deployment", "service" ] }, "google-native:clouddeploy/v1:ServiceNetworkingResponse": { "description": "Information about the Kubernetes Service networking configuration.", "properties": { "deployment": { "type": "string", "description": "Name of the Kubernetes Deployment whose traffic is managed by the specified Service." }, "disablePodOverprovisioning": { "type": "boolean", "description": "Optional. Whether to disable Pod overprovisioning. If Pod overprovisioning is disabled then Cloud Deploy will limit the number of total Pods used for the deployment strategy to the number of Pods the Deployment has on the cluster." }, "service": { "type": "string", "description": "Name of the Kubernetes Service." } }, "type": "object", "required": [ "deployment", "disablePodOverprovisioning", "service" ] }, "google-native:clouddeploy/v1:SkaffoldSupportedConditionResponse": { "description": "SkaffoldSupportedCondition contains information about when support for the release's version of skaffold ends.", "properties": { "maintenanceModeTime": { "type": "string", "description": "The time at which this release's version of skaffold will enter maintenance mode." }, "skaffoldSupportState": { "type": "string", "description": "The skaffold support state for this release's version of skaffold." }, "status": { "type": "boolean", "description": "True if the version of skaffold used by this release is supported." }, "supportExpirationTime": { "type": "string", "description": "The time at which this release's version of skaffold will no longer be supported." } }, "type": "object", "required": [ "maintenanceModeTime", "skaffoldSupportState", "status", "supportExpirationTime" ] }, "google-native:clouddeploy/v1:Stage": { "description": "Stage specifies a location to which to deploy.", "properties": { "deployParameters": { "type": "array", "items": { "$ref": "#/types/google-native:clouddeploy%2Fv1:DeployParameters" }, "description": "Optional. The deploy parameters to use for the target in this stage." }, "profiles": { "type": "array", "items": { "type": "string" }, "description": "Skaffold profiles to use when rendering the manifest for this stage's `Target`." }, "strategy": { "$ref": "#/types/google-native:clouddeploy%2Fv1:Strategy", "description": "Optional. The strategy to use for a `Rollout` to this stage." }, "targetId": { "type": "string", "description": "The target_id to which this stage points. This field refers exclusively to the last segment of a target name. For example, this field would just be `my-target` (rather than `projects/project/locations/location/targets/my-target`). The location of the `Target` is inferred to be the same as the location of the `DeliveryPipeline` that contains this `Stage`." } }, "type": "object" }, "google-native:clouddeploy/v1:StageResponse": { "description": "Stage specifies a location to which to deploy.", "properties": { "deployParameters": { "type": "array", "items": { "$ref": "#/types/google-native:clouddeploy%2Fv1:DeployParametersResponse" }, "description": "Optional. The deploy parameters to use for the target in this stage." }, "profiles": { "type": "array", "items": { "type": "string" }, "description": "Skaffold profiles to use when rendering the manifest for this stage's `Target`." }, "strategy": { "$ref": "#/types/google-native:clouddeploy%2Fv1:StrategyResponse", "description": "Optional. The strategy to use for a `Rollout` to this stage." }, "targetId": { "type": "string", "description": "The target_id to which this stage points. This field refers exclusively to the last segment of a target name. For example, this field would just be `my-target` (rather than `projects/project/locations/location/targets/my-target`). The location of the `Target` is inferred to be the same as the location of the `DeliveryPipeline` that contains this `Stage`." } }, "type": "object", "required": [ "deployParameters", "profiles", "strategy", "targetId" ] }, "google-native:clouddeploy/v1:Standard": { "description": "Standard represents the standard deployment strategy.", "properties": { "postdeploy": { "$ref": "#/types/google-native:clouddeploy%2Fv1:Postdeploy", "description": "Optional. Configuration for the postdeploy job. If this is not configured, postdeploy job will not be present." }, "predeploy": { "$ref": "#/types/google-native:clouddeploy%2Fv1:Predeploy", "description": "Optional. Configuration for the predeploy job. If this is not configured, predeploy job will not be present." }, "verify": { "type": "boolean", "description": "Whether to verify a deployment." } }, "type": "object" }, "google-native:clouddeploy/v1:StandardResponse": { "description": "Standard represents the standard deployment strategy.", "properties": { "postdeploy": { "$ref": "#/types/google-native:clouddeploy%2Fv1:PostdeployResponse", "description": "Optional. Configuration for the postdeploy job. If this is not configured, postdeploy job will not be present." }, "predeploy": { "$ref": "#/types/google-native:clouddeploy%2Fv1:PredeployResponse", "description": "Optional. Configuration for the predeploy job. If this is not configured, predeploy job will not be present." }, "verify": { "type": "boolean", "description": "Whether to verify a deployment." } }, "type": "object", "required": [ "postdeploy", "predeploy", "verify" ] }, "google-native:clouddeploy/v1:Strategy": { "description": "Strategy contains deployment strategy information.", "properties": { "canary": { "$ref": "#/types/google-native:clouddeploy%2Fv1:Canary", "description": "Canary deployment strategy provides progressive percentage based deployments to a Target." }, "standard": { "$ref": "#/types/google-native:clouddeploy%2Fv1:Standard", "description": "Standard deployment strategy executes a single deploy and allows verifying the deployment." } }, "type": "object" }, "google-native:clouddeploy/v1:StrategyResponse": { "description": "Strategy contains deployment strategy information.", "properties": { "canary": { "$ref": "#/types/google-native:clouddeploy%2Fv1:CanaryResponse", "description": "Canary deployment strategy provides progressive percentage based deployments to a Target." }, "standard": { "$ref": "#/types/google-native:clouddeploy%2Fv1:StandardResponse", "description": "Standard deployment strategy executes a single deploy and allows verifying the deployment." } }, "type": "object", "required": [ "canary", "standard" ] }, "google-native:clouddeploy/v1:TargetAttribute": { "description": "Contains criteria for selecting Targets. Attributes provided must match the target resource in order for policy restrictions to apply. E.g. if id \"prod\" and labels \"foo: bar\" are given the target resource must match both that id and have that label in order to be selected.", "properties": { "id": { "type": "string", "description": "ID of the `Target`. The value of this field could be one of the following: * The last segment of a target name. It only needs the ID to determine which target is being referred to * \"*\", all targets in a location." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Target labels." } }, "type": "object" }, "google-native:clouddeploy/v1:TargetAttributeResponse": { "description": "Contains criteria for selecting Targets. Attributes provided must match the target resource in order for policy restrictions to apply. E.g. if id \"prod\" and labels \"foo: bar\" are given the target resource must match both that id and have that label in order to be selected.", "properties": { "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Target labels." } }, "type": "object", "required": [ "labels" ] }, "google-native:clouddeploy/v1:TargetResponse": { "description": "A `Target` resource in the Cloud Deploy API. A `Target` defines a location to which a Skaffold configuration can be deployed.", "properties": { "annotations": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. User annotations. These attributes can only be set and used by the user, and not by Cloud Deploy. See https://google.aip.dev/128#annotations for more details such as format and size limitations." }, "anthosCluster": { "$ref": "#/types/google-native:clouddeploy%2Fv1:AnthosClusterResponse", "description": "Optional. Information specifying an Anthos Cluster." }, "createTime": { "type": "string", "description": "Time at which the `Target` was created." }, "deployParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. The deploy parameters to use for this target." }, "description": { "type": "string", "description": "Optional. Description of the `Target`. Max length is 255 characters." }, "etag": { "type": "string", "description": "Optional. This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding." }, "executionConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:clouddeploy%2Fv1:ExecutionConfigResponse" }, "description": "Configurations for all execution that relates to this `Target`. Each `ExecutionEnvironmentUsage` value may only be used in a single configuration; using the same value multiple times is an error. When one or more configurations are specified, they must include the `RENDER` and `DEPLOY` `ExecutionEnvironmentUsage` values. When no configurations are specified, execution will use the default specified in `DefaultPool`." }, "gke": { "$ref": "#/types/google-native:clouddeploy%2Fv1:GkeClusterResponse", "description": "Optional. Information specifying a GKE Cluster." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Labels are attributes that can be set and used by both the user and by Cloud Deploy. Labels must meet the following constraints: * Keys and values can contain only lowercase letters, numeric characters, underscores, and dashes. * All characters must use UTF-8 encoding, and international characters are allowed. * Keys must start with a lowercase letter or international character. * Each resource is limited to a maximum of 64 labels. Both keys and values are additionally constrained to be <= 128 bytes." }, "multiTarget": { "$ref": "#/types/google-native:clouddeploy%2Fv1:MultiTargetResponse", "description": "Optional. Information specifying a multiTarget." }, "name": { "type": "string", "description": "Optional. Name of the `Target`. Format is `projects/{project}/locations/{location}/targets/a-z{0,62}`." }, "requireApproval": { "type": "boolean", "description": "Optional. Whether or not the `Target` requires approval." }, "run": { "$ref": "#/types/google-native:clouddeploy%2Fv1:CloudRunLocationResponse", "description": "Optional. Information specifying a Cloud Run deployment target." }, "targetId": { "type": "string", "description": "Resource id of the `Target`." }, "uid": { "type": "string", "description": "Unique identifier of the `Target`." }, "updateTime": { "type": "string", "description": "Most recent time at which the `Target` was updated." } }, "type": "object", "required": [ "annotations", "anthosCluster", "createTime", "deployParameters", "description", "etag", "executionConfigs", "gke", "labels", "multiTarget", "name", "requireApproval", "run", "targetId", "uid", "updateTime" ] }, "google-native:clouddeploy/v1:TargetsPresentConditionResponse": { "description": "TargetsPresentCondition contains information on any Targets defined in the Delivery Pipeline that do not actually exist.", "properties": { "missingTargets": { "type": "array", "items": { "type": "string" }, "description": "The list of Target names that do not exist. For example, `projects/{project_id}/locations/{location_name}/targets/{target_name}`." }, "status": { "type": "boolean", "description": "True if there aren't any missing Targets." }, "updateTime": { "type": "string", "description": "Last time the condition was updated." } }, "type": "object", "required": [ "missingTargets", "status", "updateTime" ] }, "google-native:clouddeploy/v1:TargetsTypeConditionResponse": { "description": "TargetsTypeCondition contains information on whether the Targets defined in the Delivery Pipeline are of the same type.", "properties": { "errorDetails": { "type": "string", "description": "Human readable error message." }, "status": { "type": "boolean", "description": "True if the targets are all a comparable type. For example this is true if all targets are GKE clusters. This is false if some targets are Cloud Run targets and others are GKE clusters." } }, "type": "object", "required": [ "errorDetails", "status" ] }, "google-native:clouddeploy/v1:VerifyJobResponse": { "description": "A verify Job.", "type": "object" }, "google-native:cloudfunctions/v1:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv1:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:cloudfunctions/v1:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv1:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:cloudfunctions/v1:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:cloudfunctions%2Fv1:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:cloudfunctions/v1:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:cloudfunctions/v1:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:cloudfunctions/v1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudfunctions%2Fv1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:cloudfunctions/v1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudfunctions%2Fv1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:cloudfunctions/v1:EventTrigger": { "description": "Describes EventTrigger, used to request events be sent from another service.", "properties": { "eventType": { "type": "string", "description": "The type of event to observe. For example: `providers/cloud.storage/eventTypes/object.change` and `providers/cloud.pubsub/eventTypes/topic.publish`. Event types match pattern `providers/*/eventTypes/*.*`. The pattern contains: 1. namespace: For example, `cloud.storage` and `google.firebase.analytics`. 2. resource type: The type of resource on which event occurs. For example, the Google Cloud Storage API includes the type `object`. 3. action: The action that generates the event. For example, action for a Google Cloud Storage Object is 'change'. These parts are lower case." }, "failurePolicy": { "$ref": "#/types/google-native:cloudfunctions%2Fv1:FailurePolicy", "description": "Specifies policy for failed executions." }, "resource": { "type": "string", "description": "The resource(s) from which to observe events, for example, `projects/_/buckets/myBucket`. Not all syntactically correct values are accepted by all services. For example: 1. The authorization model must support it. Google Cloud Functions only allows EventTriggers to be deployed that observe resources in the same project as the `CloudFunction`. 2. The resource type must match the pattern expected for an `event_type`. For example, an `EventTrigger` that has an `event_type` of \"google.pubsub.topic.publish\" should have a resource that matches Google Cloud Pub/Sub topics. Additionally, some services may support short names when creating an `EventTrigger`. These will always be returned in the normalized \"long\" format. See each *service's* documentation for supported formats." }, "service": { "type": "string", "description": "The hostname of the service that should be observed. If no string is provided, the default service implementing the API will be used. For example, `storage.googleapis.com` is the default for all event types in the `google.storage` namespace." } }, "type": "object", "required": [ "eventType", "resource" ] }, "google-native:cloudfunctions/v1:EventTriggerResponse": { "description": "Describes EventTrigger, used to request events be sent from another service.", "properties": { "eventType": { "type": "string", "description": "The type of event to observe. For example: `providers/cloud.storage/eventTypes/object.change` and `providers/cloud.pubsub/eventTypes/topic.publish`. Event types match pattern `providers/*/eventTypes/*.*`. The pattern contains: 1. namespace: For example, `cloud.storage` and `google.firebase.analytics`. 2. resource type: The type of resource on which event occurs. For example, the Google Cloud Storage API includes the type `object`. 3. action: The action that generates the event. For example, action for a Google Cloud Storage Object is 'change'. These parts are lower case." }, "failurePolicy": { "$ref": "#/types/google-native:cloudfunctions%2Fv1:FailurePolicyResponse", "description": "Specifies policy for failed executions." }, "resource": { "type": "string", "description": "The resource(s) from which to observe events, for example, `projects/_/buckets/myBucket`. Not all syntactically correct values are accepted by all services. For example: 1. The authorization model must support it. Google Cloud Functions only allows EventTriggers to be deployed that observe resources in the same project as the `CloudFunction`. 2. The resource type must match the pattern expected for an `event_type`. For example, an `EventTrigger` that has an `event_type` of \"google.pubsub.topic.publish\" should have a resource that matches Google Cloud Pub/Sub topics. Additionally, some services may support short names when creating an `EventTrigger`. These will always be returned in the normalized \"long\" format. See each *service's* documentation for supported formats." }, "service": { "type": "string", "description": "The hostname of the service that should be observed. If no string is provided, the default service implementing the API will be used. For example, `storage.googleapis.com` is the default for all event types in the `google.storage` namespace." } }, "type": "object", "required": [ "eventType", "failurePolicy", "resource", "service" ] }, "google-native:cloudfunctions/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:cloudfunctions/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:cloudfunctions/v1:FailurePolicy": { "description": "Describes the policy in case of function's execution failure. If empty, then defaults to ignoring failures (i.e. not retrying them).", "properties": { "retry": { "$ref": "#/types/google-native:cloudfunctions%2Fv1:Retry", "description": "If specified, then the function will be retried in case of a failure." } }, "type": "object" }, "google-native:cloudfunctions/v1:FailurePolicyResponse": { "description": "Describes the policy in case of function's execution failure. If empty, then defaults to ignoring failures (i.e. not retrying them).", "properties": { "retry": { "$ref": "#/types/google-native:cloudfunctions%2Fv1:RetryResponse", "description": "If specified, then the function will be retried in case of a failure." } }, "type": "object", "required": [ "retry" ] }, "google-native:cloudfunctions/v1:FunctionDockerRegistry": { "description": "Docker Registry to use for this deployment. If `docker_repository` field is specified, this field will be automatically set as `ARTIFACT_REGISTRY`. If unspecified, it currently defaults to `CONTAINER_REGISTRY`. This field may be overridden by the backend for eligible deployments.", "type": "string", "enum": [ { "name": "DockerRegistryUnspecified", "description": "Unspecified.", "value": "DOCKER_REGISTRY_UNSPECIFIED" }, { "name": "ContainerRegistry", "description": "Docker images will be stored in multi-regional Container Registry repositories named `gcf`.", "value": "CONTAINER_REGISTRY" }, { "name": "ArtifactRegistry", "description": "Docker images will be stored in regional Artifact Registry repositories. By default, GCF will create and use repositories named `gcf-artifacts` in every region in which a function is deployed. But the repository to use can also be specified by the user using the `docker_repository` field.", "value": "ARTIFACT_REGISTRY" } ] }, "google-native:cloudfunctions/v1:FunctionIngressSettings": { "description": "The ingress settings for the function, controlling what traffic can reach it.", "type": "string", "enum": [ { "name": "IngressSettingsUnspecified", "description": "Unspecified.", "value": "INGRESS_SETTINGS_UNSPECIFIED" }, { "name": "AllowAll", "description": "Allow HTTP traffic from public and private sources.", "value": "ALLOW_ALL" }, { "name": "AllowInternalOnly", "description": "Allow HTTP traffic from only private VPC sources.", "value": "ALLOW_INTERNAL_ONLY" }, { "name": "AllowInternalAndGclb", "description": "Allow HTTP traffic from private VPC sources and through GCLB.", "value": "ALLOW_INTERNAL_AND_GCLB" } ] }, "google-native:cloudfunctions/v1:FunctionVpcConnectorEgressSettings": { "description": "The egress settings for the connector, controlling what traffic is diverted through it.", "type": "string", "enum": [ { "name": "VpcConnectorEgressSettingsUnspecified", "description": "Unspecified.", "value": "VPC_CONNECTOR_EGRESS_SETTINGS_UNSPECIFIED" }, { "name": "PrivateRangesOnly", "description": "Use the VPC Access Connector only for private IP space from RFC1918.", "value": "PRIVATE_RANGES_ONLY" }, { "name": "AllTraffic", "description": "Force the use of VPC Access Connector for all egress traffic from the function.", "value": "ALL_TRAFFIC" } ] }, "google-native:cloudfunctions/v1:HttpsTrigger": { "description": "Describes HttpsTrigger, could be used to connect web hooks to function.", "properties": { "securityLevel": { "$ref": "#/types/google-native:cloudfunctions%2Fv1:HttpsTriggerSecurityLevel", "description": "The security level for the function." } }, "type": "object" }, "google-native:cloudfunctions/v1:HttpsTriggerResponse": { "description": "Describes HttpsTrigger, could be used to connect web hooks to function.", "properties": { "securityLevel": { "type": "string", "description": "The security level for the function." }, "url": { "type": "string", "description": "The deployed url for the function." } }, "type": "object", "required": [ "securityLevel", "url" ] }, "google-native:cloudfunctions/v1:HttpsTriggerSecurityLevel": { "description": "The security level for the function.", "type": "string", "enum": [ { "name": "SecurityLevelUnspecified", "description": "Unspecified.", "value": "SECURITY_LEVEL_UNSPECIFIED" }, { "name": "SecureAlways", "description": "Requests for a URL that match this handler that do not use HTTPS are automatically redirected to the HTTPS URL with the same path. Query parameters are reserved for the redirect.", "value": "SECURE_ALWAYS" }, { "name": "SecureOptional", "description": "Both HTTP and HTTPS requests with URLs that match the handler succeed without redirects. The application can examine the request to determine which protocol was used and respond accordingly.", "value": "SECURE_OPTIONAL" } ] }, "google-native:cloudfunctions/v1:Retry": { "description": "Describes the retry policy in case of function's execution failure. A function execution will be retried on any failure. A failed execution will be retried up to 7 days with an exponential backoff (capped at 10 seconds). Retried execution is charged as any other execution.", "type": "object" }, "google-native:cloudfunctions/v1:RetryResponse": { "description": "Describes the retry policy in case of function's execution failure. A function execution will be retried on any failure. A failed execution will be retried up to 7 days with an exponential backoff (capped at 10 seconds). Retried execution is charged as any other execution.", "type": "object" }, "google-native:cloudfunctions/v1:SecretEnvVar": { "description": "Configuration for a secret environment variable. It has the information necessary to fetch the secret value from secret manager and expose it as an environment variable.", "properties": { "key": { "type": "string", "description": "Name of the environment variable." }, "project": { "type": "string", "description": "Project identifier (preferrably project number but can also be the project ID) of the project that contains the secret. If not set, it will be populated with the function's project assuming that the secret exists in the same project as of the function." }, "secret": { "type": "string", "description": "Name of the secret in secret manager (not the full resource name)." }, "version": { "type": "string", "description": "Version of the secret (version number or the string 'latest'). It is recommended to use a numeric version for secret environment variables as any updates to the secret value is not reflected until new instances start." } }, "type": "object" }, "google-native:cloudfunctions/v1:SecretEnvVarResponse": { "description": "Configuration for a secret environment variable. It has the information necessary to fetch the secret value from secret manager and expose it as an environment variable.", "properties": { "key": { "type": "string", "description": "Name of the environment variable." }, "project": { "type": "string", "description": "Project identifier (preferrably project number but can also be the project ID) of the project that contains the secret. If not set, it will be populated with the function's project assuming that the secret exists in the same project as of the function." }, "secret": { "type": "string", "description": "Name of the secret in secret manager (not the full resource name)." }, "version": { "type": "string", "description": "Version of the secret (version number or the string 'latest'). It is recommended to use a numeric version for secret environment variables as any updates to the secret value is not reflected until new instances start." } }, "type": "object", "required": [ "key", "project", "secret", "version" ] }, "google-native:cloudfunctions/v1:SecretVersion": { "description": "Configuration for a single version.", "properties": { "path": { "type": "string", "description": "Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mount_path as '/etc/secrets' and path as `/secret_foo` would mount the secret value file at `/etc/secrets/secret_foo`." }, "version": { "type": "string", "description": "Version of the secret (version number or the string 'latest'). It is preferable to use `latest` version with secret volumes as secret value changes are reflected immediately." } }, "type": "object" }, "google-native:cloudfunctions/v1:SecretVersionResponse": { "description": "Configuration for a single version.", "properties": { "path": { "type": "string", "description": "Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mount_path as '/etc/secrets' and path as `/secret_foo` would mount the secret value file at `/etc/secrets/secret_foo`." }, "version": { "type": "string", "description": "Version of the secret (version number or the string 'latest'). It is preferable to use `latest` version with secret volumes as secret value changes are reflected immediately." } }, "type": "object", "required": [ "path", "version" ] }, "google-native:cloudfunctions/v1:SecretVolume": { "description": "Configuration for a secret volume. It has the information necessary to fetch the secret value from secret manager and make it available as files mounted at the requested paths within the application container. Secret value is not a part of the configuration. Every filesystem read operation performs a lookup in secret manager to retrieve the secret value.", "properties": { "mountPath": { "type": "string", "description": "The path within the container to mount the secret volume. For example, setting the mount_path as `/etc/secrets` would mount the secret value files under the `/etc/secrets` directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount paths: /etc/secrets Restricted mount paths: /cloudsql, /dev/log, /pod, /proc, /var/log" }, "project": { "type": "string", "description": "Project identifier (preferrably project number but can also be the project ID) of the project that contains the secret. If not set, it will be populated with the function's project assuming that the secret exists in the same project as of the function." }, "secret": { "type": "string", "description": "Name of the secret in secret manager (not the full resource name)." }, "versions": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv1:SecretVersion" }, "description": "List of secret versions to mount for this secret. If empty, the `latest` version of the secret will be made available in a file named after the secret under the mount point." } }, "type": "object" }, "google-native:cloudfunctions/v1:SecretVolumeResponse": { "description": "Configuration for a secret volume. It has the information necessary to fetch the secret value from secret manager and make it available as files mounted at the requested paths within the application container. Secret value is not a part of the configuration. Every filesystem read operation performs a lookup in secret manager to retrieve the secret value.", "properties": { "mountPath": { "type": "string", "description": "The path within the container to mount the secret volume. For example, setting the mount_path as `/etc/secrets` would mount the secret value files under the `/etc/secrets` directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount paths: /etc/secrets Restricted mount paths: /cloudsql, /dev/log, /pod, /proc, /var/log" }, "project": { "type": "string", "description": "Project identifier (preferrably project number but can also be the project ID) of the project that contains the secret. If not set, it will be populated with the function's project assuming that the secret exists in the same project as of the function." }, "secret": { "type": "string", "description": "Name of the secret in secret manager (not the full resource name)." }, "versions": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv1:SecretVersionResponse" }, "description": "List of secret versions to mount for this secret. If empty, the `latest` version of the secret will be made available in a file named after the secret under the mount point." } }, "type": "object", "required": [ "mountPath", "project", "secret", "versions" ] }, "google-native:cloudfunctions/v1:SourceRepository": { "description": "Describes SourceRepository, used to represent parameters related to source repository where a function is hosted.", "properties": { "url": { "type": "string", "description": "The URL pointing to the hosted repository where the function is defined. There are supported Cloud Source Repository URLs in the following formats: To refer to a specific commit: `https://source.developers.google.com/projects/*/repos/*/revisions/*/paths/*` To refer to a moveable alias (branch): `https://source.developers.google.com/projects/*/repos/*/moveable-aliases/*/paths/*` In particular, to refer to HEAD use `master` moveable alias. To refer to a specific fixed alias (tag): `https://source.developers.google.com/projects/*/repos/*/fixed-aliases/*/paths/*` You may omit `paths/*` if you want to use the main directory." } }, "type": "object" }, "google-native:cloudfunctions/v1:SourceRepositoryResponse": { "description": "Describes SourceRepository, used to represent parameters related to source repository where a function is hosted.", "properties": { "deployedUrl": { "type": "string", "description": "The URL pointing to the hosted repository where the function were defined at the time of deployment. It always points to a specific commit in the format described above." }, "url": { "type": "string", "description": "The URL pointing to the hosted repository where the function is defined. There are supported Cloud Source Repository URLs in the following formats: To refer to a specific commit: `https://source.developers.google.com/projects/*/repos/*/revisions/*/paths/*` To refer to a moveable alias (branch): `https://source.developers.google.com/projects/*/repos/*/moveable-aliases/*/paths/*` In particular, to refer to HEAD use `master` moveable alias. To refer to a specific fixed alias (tag): `https://source.developers.google.com/projects/*/repos/*/fixed-aliases/*/paths/*` You may omit `paths/*` if you want to use the main directory." } }, "type": "object", "required": [ "deployedUrl", "url" ] }, "google-native:cloudfunctions/v2:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv2:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:cloudfunctions/v2:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv2:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:cloudfunctions/v2:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:cloudfunctions%2Fv2:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:cloudfunctions/v2:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:cloudfunctions/v2:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:cloudfunctions/v2:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudfunctions%2Fv2:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:cloudfunctions/v2:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudfunctions%2Fv2:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:cloudfunctions/v2:BuildConfig": { "description": "Describes the Build step of the function that builds a container from the given source.", "properties": { "dockerRegistry": { "$ref": "#/types/google-native:cloudfunctions%2Fv2:BuildConfigDockerRegistry", "description": "Docker Registry to use for this deployment. This configuration is only applicable to 1st Gen functions, 2nd Gen functions can only use Artifact Registry. If `docker_repository` field is specified, this field will be automatically set as `ARTIFACT_REGISTRY`. If unspecified, it currently defaults to `CONTAINER_REGISTRY`. This field may be overridden by the backend for eligible deployments." }, "dockerRepository": { "type": "string", "description": "User managed repository created in Artifact Registry optionally with a customer managed encryption key. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, GCF will create and use a repository named 'gcf-artifacts' for every deployed region. It must match the pattern `projects/{project}/locations/{location}/repositories/{repository}`. Cross-project repositories are not supported. Cross-location repositories are not supported. Repository format must be 'DOCKER'." }, "entryPoint": { "type": "string", "description": "The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named \"function\". For Node.js this is name of a function exported by the module specified in `source_location`." }, "environmentVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "User-provided build-time environment variables for the function" }, "runtime": { "type": "string", "description": "The runtime in which to run the function. Required when deploying a new function, optional when updating an existing function. For a complete list of possible choices, see the [`gcloud` command reference](https://cloud.google.com/sdk/gcloud/reference/functions/deploy#--runtime)." }, "source": { "$ref": "#/types/google-native:cloudfunctions%2Fv2:Source", "description": "The location of the function source code." }, "sourceToken": { "type": "string", "description": "An identifier for Firebase function sources. Disclaimer: This field is only supported for Firebase function deployments." }, "workerPool": { "type": "string", "description": "Name of the Cloud Build Custom Worker Pool that should be used to build the function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. If the project id is not the same as the function, then the Cloud Functions Service Agent (service-@gcf-admin-robot.iam.gserviceaccount.com) must be granted the role Cloud Build Custom Workers Builder (roles/cloudbuild.customworkers.builder) in the project." } }, "type": "object" }, "google-native:cloudfunctions/v2:BuildConfigDockerRegistry": { "description": "Docker Registry to use for this deployment. This configuration is only applicable to 1st Gen functions, 2nd Gen functions can only use Artifact Registry. If `docker_repository` field is specified, this field will be automatically set as `ARTIFACT_REGISTRY`. If unspecified, it currently defaults to `CONTAINER_REGISTRY`. This field may be overridden by the backend for eligible deployments.", "type": "string", "enum": [ { "name": "DockerRegistryUnspecified", "description": "Unspecified.", "value": "DOCKER_REGISTRY_UNSPECIFIED" }, { "name": "ContainerRegistry", "description": "Docker images will be stored in multi-regional Container Registry repositories named `gcf`.", "value": "CONTAINER_REGISTRY" }, { "name": "ArtifactRegistry", "description": "Docker images will be stored in regional Artifact Registry repositories. By default, GCF will create and use repositories named `gcf-artifacts` in every region in which a function is deployed. But the repository to use can also be specified by the user using the `docker_repository` field.", "value": "ARTIFACT_REGISTRY" } ] }, "google-native:cloudfunctions/v2:BuildConfigResponse": { "description": "Describes the Build step of the function that builds a container from the given source.", "properties": { "build": { "type": "string", "description": "The Cloud Build name of the latest successful deployment of the function." }, "dockerRegistry": { "type": "string", "description": "Docker Registry to use for this deployment. This configuration is only applicable to 1st Gen functions, 2nd Gen functions can only use Artifact Registry. If `docker_repository` field is specified, this field will be automatically set as `ARTIFACT_REGISTRY`. If unspecified, it currently defaults to `CONTAINER_REGISTRY`. This field may be overridden by the backend for eligible deployments." }, "dockerRepository": { "type": "string", "description": "User managed repository created in Artifact Registry optionally with a customer managed encryption key. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, GCF will create and use a repository named 'gcf-artifacts' for every deployed region. It must match the pattern `projects/{project}/locations/{location}/repositories/{repository}`. Cross-project repositories are not supported. Cross-location repositories are not supported. Repository format must be 'DOCKER'." }, "entryPoint": { "type": "string", "description": "The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named \"function\". For Node.js this is name of a function exported by the module specified in `source_location`." }, "environmentVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "User-provided build-time environment variables for the function" }, "runtime": { "type": "string", "description": "The runtime in which to run the function. Required when deploying a new function, optional when updating an existing function. For a complete list of possible choices, see the [`gcloud` command reference](https://cloud.google.com/sdk/gcloud/reference/functions/deploy#--runtime)." }, "source": { "$ref": "#/types/google-native:cloudfunctions%2Fv2:SourceResponse", "description": "The location of the function source code." }, "sourceProvenance": { "$ref": "#/types/google-native:cloudfunctions%2Fv2:SourceProvenanceResponse", "description": "A permanent fixed identifier for source." }, "sourceToken": { "type": "string", "description": "An identifier for Firebase function sources. Disclaimer: This field is only supported for Firebase function deployments." }, "workerPool": { "type": "string", "description": "Name of the Cloud Build Custom Worker Pool that should be used to build the function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. If the project id is not the same as the function, then the Cloud Functions Service Agent (service-@gcf-admin-robot.iam.gserviceaccount.com) must be granted the role Cloud Build Custom Workers Builder (roles/cloudbuild.customworkers.builder) in the project." } }, "type": "object", "required": [ "build", "dockerRegistry", "dockerRepository", "entryPoint", "environmentVariables", "runtime", "source", "sourceProvenance", "sourceToken", "workerPool" ] }, "google-native:cloudfunctions/v2:EventFilter": { "description": "Filters events based on exact matches on the CloudEvents attributes.", "properties": { "attribute": { "type": "string", "description": "The name of a CloudEvents attribute." }, "operator": { "type": "string", "description": "Optional. The operator used for matching the events with the value of the filter. If not specified, only events that have an exact key-value pair specified in the filter are matched. The only allowed value is `match-path-pattern`." }, "value": { "type": "string", "description": "The value for the attribute." } }, "type": "object", "required": [ "attribute", "value" ] }, "google-native:cloudfunctions/v2:EventFilterResponse": { "description": "Filters events based on exact matches on the CloudEvents attributes.", "properties": { "attribute": { "type": "string", "description": "The name of a CloudEvents attribute." }, "operator": { "type": "string", "description": "Optional. The operator used for matching the events with the value of the filter. If not specified, only events that have an exact key-value pair specified in the filter are matched. The only allowed value is `match-path-pattern`." }, "value": { "type": "string", "description": "The value for the attribute." } }, "type": "object", "required": [ "attribute", "operator", "value" ] }, "google-native:cloudfunctions/v2:EventTrigger": { "description": "Describes EventTrigger, used to request events to be sent from another service.", "properties": { "channel": { "type": "string", "description": "Optional. The name of the channel associated with the trigger in `projects/{project}/locations/{location}/channels/{channel}` format. You must provide a channel to receive events from Eventarc SaaS partners." }, "eventFilters": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv2:EventFilter" }, "description": "Criteria used to filter events." }, "eventType": { "type": "string", "description": "The type of event to observe. For example: `google.cloud.audit.log.v1.written` or `google.cloud.pubsub.topic.v1.messagePublished`." }, "pubsubTopic": { "type": "string", "description": "Optional. The name of a Pub/Sub topic in the same project that will be used as the transport topic for the event delivery. Format: `projects/{project}/topics/{topic}`. This is only valid for events of type `google.cloud.pubsub.topic.v1.messagePublished`. The topic provided here will not be deleted at function deletion." }, "retryPolicy": { "$ref": "#/types/google-native:cloudfunctions%2Fv2:EventTriggerRetryPolicy", "description": "Optional. If unset, then defaults to ignoring failures (i.e. not retrying them)." }, "serviceAccountEmail": { "type": "string", "description": "Optional. The email of the trigger's service account. The service account must have permission to invoke Cloud Run services, the permission is `run.routes.invoke`. If empty, defaults to the Compute Engine default service account: `{project_number}-compute@developer.gserviceaccount.com`." }, "triggerRegion": { "type": "string", "description": "The region that the trigger will be in. The trigger will only receive events originating in this region. It can be the same region as the function, a different region or multi-region, or the global region. If not provided, defaults to the same region as the function." } }, "type": "object", "required": [ "eventType" ] }, "google-native:cloudfunctions/v2:EventTriggerResponse": { "description": "Describes EventTrigger, used to request events to be sent from another service.", "properties": { "channel": { "type": "string", "description": "Optional. The name of the channel associated with the trigger in `projects/{project}/locations/{location}/channels/{channel}` format. You must provide a channel to receive events from Eventarc SaaS partners." }, "eventFilters": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv2:EventFilterResponse" }, "description": "Criteria used to filter events." }, "eventType": { "type": "string", "description": "The type of event to observe. For example: `google.cloud.audit.log.v1.written` or `google.cloud.pubsub.topic.v1.messagePublished`." }, "pubsubTopic": { "type": "string", "description": "Optional. The name of a Pub/Sub topic in the same project that will be used as the transport topic for the event delivery. Format: `projects/{project}/topics/{topic}`. This is only valid for events of type `google.cloud.pubsub.topic.v1.messagePublished`. The topic provided here will not be deleted at function deletion." }, "retryPolicy": { "type": "string", "description": "Optional. If unset, then defaults to ignoring failures (i.e. not retrying them)." }, "serviceAccountEmail": { "type": "string", "description": "Optional. The email of the trigger's service account. The service account must have permission to invoke Cloud Run services, the permission is `run.routes.invoke`. If empty, defaults to the Compute Engine default service account: `{project_number}-compute@developer.gserviceaccount.com`." }, "trigger": { "type": "string", "description": "The resource name of the Eventarc trigger. The format of this field is `projects/{project}/locations/{region}/triggers/{trigger}`." }, "triggerRegion": { "type": "string", "description": "The region that the trigger will be in. The trigger will only receive events originating in this region. It can be the same region as the function, a different region or multi-region, or the global region. If not provided, defaults to the same region as the function." } }, "type": "object", "required": [ "channel", "eventFilters", "eventType", "pubsubTopic", "retryPolicy", "serviceAccountEmail", "trigger", "triggerRegion" ] }, "google-native:cloudfunctions/v2:EventTriggerRetryPolicy": { "description": "Optional. If unset, then defaults to ignoring failures (i.e. not retrying them).", "type": "string", "enum": [ { "name": "RetryPolicyUnspecified", "description": "Not specified.", "value": "RETRY_POLICY_UNSPECIFIED" }, { "name": "RetryPolicyDoNotRetry", "description": "Do not retry.", "value": "RETRY_POLICY_DO_NOT_RETRY" }, { "name": "RetryPolicyRetry", "description": "Retry on any failure, retry up to 7 days with an exponential backoff (capped at 10 seconds).", "value": "RETRY_POLICY_RETRY" } ] }, "google-native:cloudfunctions/v2:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:cloudfunctions/v2:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:cloudfunctions/v2:FunctionEnvironment": { "description": "Describe whether the function is 1st Gen or 2nd Gen.", "type": "string", "enum": [ { "name": "EnvironmentUnspecified", "description": "Unspecified", "value": "ENVIRONMENT_UNSPECIFIED" }, { "name": "Gen1", "description": "Gen 1", "value": "GEN_1" }, { "name": "Gen2", "description": "Gen 2", "value": "GEN_2" } ] }, "google-native:cloudfunctions/v2:GoogleCloudFunctionsV2StateMessageResponse": { "description": "Informational messages about the state of the Cloud Function or Operation.", "properties": { "message": { "type": "string", "description": "The message." }, "severity": { "type": "string", "description": "Severity of the state message." }, "type": { "type": "string", "description": "One-word CamelCase type of the state message." } }, "type": "object", "required": [ "message", "severity", "type" ] }, "google-native:cloudfunctions/v2:RepoSource": { "description": "Location of the source in a Google Cloud Source Repository.", "properties": { "branchName": { "type": "string", "description": "Regex matching branches to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax" }, "commitSha": { "type": "string", "description": "Explicit commit SHA to build." }, "dir": { "type": "string", "description": "Directory, relative to the source root, in which to run the build. This must be a relative path. If a step's `dir` is specified and is an absolute path, this value is ignored for that step's execution. eg. helloworld (no leading slash allowed)" }, "project": { "type": "string", "description": "ID of the project that owns the Cloud Source Repository. If omitted, the project ID requesting the build is assumed." }, "repoName": { "type": "string", "description": "Name of the Cloud Source Repository." }, "tagName": { "type": "string", "description": "Regex matching tags to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax" } }, "type": "object" }, "google-native:cloudfunctions/v2:RepoSourceResponse": { "description": "Location of the source in a Google Cloud Source Repository.", "properties": { "branchName": { "type": "string", "description": "Regex matching branches to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax" }, "commitSha": { "type": "string", "description": "Explicit commit SHA to build." }, "dir": { "type": "string", "description": "Directory, relative to the source root, in which to run the build. This must be a relative path. If a step's `dir` is specified and is an absolute path, this value is ignored for that step's execution. eg. helloworld (no leading slash allowed)" }, "project": { "type": "string", "description": "ID of the project that owns the Cloud Source Repository. If omitted, the project ID requesting the build is assumed." }, "repoName": { "type": "string", "description": "Name of the Cloud Source Repository." }, "tagName": { "type": "string", "description": "Regex matching tags to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax" } }, "type": "object", "required": [ "branchName", "commitSha", "dir", "project", "repoName", "tagName" ] }, "google-native:cloudfunctions/v2:SecretEnvVar": { "description": "Configuration for a secret environment variable. It has the information necessary to fetch the secret value from secret manager and expose it as an environment variable.", "properties": { "key": { "type": "string", "description": "Name of the environment variable." }, "project": { "type": "string", "description": "Project identifier (preferably project number but can also be the project ID) of the project that contains the secret. If not set, it is assumed that the secret is in the same project as the function." }, "secret": { "type": "string", "description": "Name of the secret in secret manager (not the full resource name)." }, "version": { "type": "string", "description": "Version of the secret (version number or the string 'latest'). It is recommended to use a numeric version for secret environment variables as any updates to the secret value is not reflected until new instances start." } }, "type": "object" }, "google-native:cloudfunctions/v2:SecretEnvVarResponse": { "description": "Configuration for a secret environment variable. It has the information necessary to fetch the secret value from secret manager and expose it as an environment variable.", "properties": { "key": { "type": "string", "description": "Name of the environment variable." }, "project": { "type": "string", "description": "Project identifier (preferably project number but can also be the project ID) of the project that contains the secret. If not set, it is assumed that the secret is in the same project as the function." }, "secret": { "type": "string", "description": "Name of the secret in secret manager (not the full resource name)." }, "version": { "type": "string", "description": "Version of the secret (version number or the string 'latest'). It is recommended to use a numeric version for secret environment variables as any updates to the secret value is not reflected until new instances start." } }, "type": "object", "required": [ "key", "project", "secret", "version" ] }, "google-native:cloudfunctions/v2:SecretVersion": { "description": "Configuration for a single version.", "properties": { "path": { "type": "string", "description": "Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mount_path as '/etc/secrets' and path as `secret_foo` would mount the secret value file at `/etc/secrets/secret_foo`." }, "version": { "type": "string", "description": "Version of the secret (version number or the string 'latest'). It is preferable to use `latest` version with secret volumes as secret value changes are reflected immediately." } }, "type": "object" }, "google-native:cloudfunctions/v2:SecretVersionResponse": { "description": "Configuration for a single version.", "properties": { "path": { "type": "string", "description": "Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mount_path as '/etc/secrets' and path as `secret_foo` would mount the secret value file at `/etc/secrets/secret_foo`." }, "version": { "type": "string", "description": "Version of the secret (version number or the string 'latest'). It is preferable to use `latest` version with secret volumes as secret value changes are reflected immediately." } }, "type": "object", "required": [ "path", "version" ] }, "google-native:cloudfunctions/v2:SecretVolume": { "description": "Configuration for a secret volume. It has the information necessary to fetch the secret value from secret manager and make it available as files mounted at the requested paths within the application container.", "properties": { "mountPath": { "type": "string", "description": "The path within the container to mount the secret volume. For example, setting the mount_path as `/etc/secrets` would mount the secret value files under the `/etc/secrets` directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount path: /etc/secrets" }, "project": { "type": "string", "description": "Project identifier (preferably project number but can also be the project ID) of the project that contains the secret. If not set, it is assumed that the secret is in the same project as the function." }, "secret": { "type": "string", "description": "Name of the secret in secret manager (not the full resource name)." }, "versions": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv2:SecretVersion" }, "description": "List of secret versions to mount for this secret. If empty, the `latest` version of the secret will be made available in a file named after the secret under the mount point." } }, "type": "object" }, "google-native:cloudfunctions/v2:SecretVolumeResponse": { "description": "Configuration for a secret volume. It has the information necessary to fetch the secret value from secret manager and make it available as files mounted at the requested paths within the application container.", "properties": { "mountPath": { "type": "string", "description": "The path within the container to mount the secret volume. For example, setting the mount_path as `/etc/secrets` would mount the secret value files under the `/etc/secrets` directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount path: /etc/secrets" }, "project": { "type": "string", "description": "Project identifier (preferably project number but can also be the project ID) of the project that contains the secret. If not set, it is assumed that the secret is in the same project as the function." }, "secret": { "type": "string", "description": "Name of the secret in secret manager (not the full resource name)." }, "versions": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv2:SecretVersionResponse" }, "description": "List of secret versions to mount for this secret. If empty, the `latest` version of the secret will be made available in a file named after the secret under the mount point." } }, "type": "object", "required": [ "mountPath", "project", "secret", "versions" ] }, "google-native:cloudfunctions/v2:ServiceConfig": { "description": "Describes the Service being deployed. Currently Supported : Cloud Run (fully managed).", "properties": { "allTrafficOnLatestRevision": { "type": "boolean", "description": "Whether 100% of traffic is routed to the latest revision. On CreateFunction and UpdateFunction, when set to true, the revision being deployed will serve 100% of traffic, ignoring any traffic split settings, if any. On GetFunction, true will be returned if the latest revision is serving 100% of traffic." }, "availableCpu": { "type": "string", "description": "[Preview] The number of CPUs used in a single container instance. Default value is calculated from available memory. Supports the same values as Cloud Run, see https://cloud.google.com/run/docs/reference/rest/v1/Container#resourcerequirements Example: \"1\" indicates 1 vCPU" }, "availableMemory": { "type": "string", "description": "The amount of memory available for a function. Defaults to 256M. Supported units are k, M, G, Mi, Gi. If no unit is supplied the value is interpreted as bytes. See https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go a full description." }, "environmentVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Environment variables that shall be available during function execution." }, "ingressSettings": { "$ref": "#/types/google-native:cloudfunctions%2Fv2:ServiceConfigIngressSettings", "description": "The ingress settings for the function, controlling what traffic can reach it." }, "maxInstanceCount": { "type": "integer", "description": "The limit on the maximum number of function instances that may coexist at a given time. In some cases, such as rapid traffic surges, Cloud Functions may, for a short period of time, create more instances than the specified max instances limit. If your function cannot tolerate this temporary behavior, you may want to factor in a safety margin and set a lower max instances value than your function can tolerate. See the [Max Instances](https://cloud.google.com/functions/docs/max-instances) Guide for more details." }, "maxInstanceRequestConcurrency": { "type": "integer", "description": "[Preview] Sets the maximum number of concurrent requests that each instance can receive. Defaults to 1." }, "minInstanceCount": { "type": "integer", "description": "The limit on the minimum number of function instances that may coexist at a given time. Function instances are kept in idle state for a short period after they finished executing the request to reduce cold start time for subsequent requests. Setting a minimum instance count will ensure that the given number of instances are kept running in idle state always. This can help with cold start times when jump in incoming request count occurs after the idle instance would have been stopped in the default case." }, "secretEnvironmentVariables": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv2:SecretEnvVar" }, "description": "Secret environment variables configuration." }, "secretVolumes": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv2:SecretVolume" }, "description": "Secret volumes configuration." }, "securityLevel": { "$ref": "#/types/google-native:cloudfunctions%2Fv2:ServiceConfigSecurityLevel", "description": "Security level configure whether the function only accepts https. This configuration is only applicable to 1st Gen functions with Http trigger. By default https is optional for 1st Gen functions; 2nd Gen functions are https ONLY." }, "serviceAccountEmail": { "type": "string", "description": "The email of the service's service account. If empty, defaults to `{project_number}-compute@developer.gserviceaccount.com`." }, "timeoutSeconds": { "type": "integer", "description": "The function execution timeout. Execution is considered failed and can be terminated if the function is not completed at the end of the timeout period. Defaults to 60 seconds." }, "vpcConnector": { "type": "string", "description": "The Serverless VPC Access connector that this cloud function can connect to. The format of this field is `projects/*/locations/*/connectors/*`." }, "vpcConnectorEgressSettings": { "$ref": "#/types/google-native:cloudfunctions%2Fv2:ServiceConfigVpcConnectorEgressSettings", "description": "The egress settings for the connector, controlling what traffic is diverted through it." } }, "type": "object" }, "google-native:cloudfunctions/v2:ServiceConfigIngressSettings": { "description": "The ingress settings for the function, controlling what traffic can reach it.", "type": "string", "enum": [ { "name": "IngressSettingsUnspecified", "description": "Unspecified.", "value": "INGRESS_SETTINGS_UNSPECIFIED" }, { "name": "AllowAll", "description": "Allow HTTP traffic from public and private sources.", "value": "ALLOW_ALL" }, { "name": "AllowInternalOnly", "description": "Allow HTTP traffic from only private VPC sources.", "value": "ALLOW_INTERNAL_ONLY" }, { "name": "AllowInternalAndGclb", "description": "Allow HTTP traffic from private VPC sources and through GCLB.", "value": "ALLOW_INTERNAL_AND_GCLB" } ] }, "google-native:cloudfunctions/v2:ServiceConfigResponse": { "description": "Describes the Service being deployed. Currently Supported : Cloud Run (fully managed).", "properties": { "allTrafficOnLatestRevision": { "type": "boolean", "description": "Whether 100% of traffic is routed to the latest revision. On CreateFunction and UpdateFunction, when set to true, the revision being deployed will serve 100% of traffic, ignoring any traffic split settings, if any. On GetFunction, true will be returned if the latest revision is serving 100% of traffic." }, "availableCpu": { "type": "string", "description": "[Preview] The number of CPUs used in a single container instance. Default value is calculated from available memory. Supports the same values as Cloud Run, see https://cloud.google.com/run/docs/reference/rest/v1/Container#resourcerequirements Example: \"1\" indicates 1 vCPU" }, "availableMemory": { "type": "string", "description": "The amount of memory available for a function. Defaults to 256M. Supported units are k, M, G, Mi, Gi. If no unit is supplied the value is interpreted as bytes. See https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go a full description." }, "environmentVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Environment variables that shall be available during function execution." }, "ingressSettings": { "type": "string", "description": "The ingress settings for the function, controlling what traffic can reach it." }, "maxInstanceCount": { "type": "integer", "description": "The limit on the maximum number of function instances that may coexist at a given time. In some cases, such as rapid traffic surges, Cloud Functions may, for a short period of time, create more instances than the specified max instances limit. If your function cannot tolerate this temporary behavior, you may want to factor in a safety margin and set a lower max instances value than your function can tolerate. See the [Max Instances](https://cloud.google.com/functions/docs/max-instances) Guide for more details." }, "maxInstanceRequestConcurrency": { "type": "integer", "description": "[Preview] Sets the maximum number of concurrent requests that each instance can receive. Defaults to 1." }, "minInstanceCount": { "type": "integer", "description": "The limit on the minimum number of function instances that may coexist at a given time. Function instances are kept in idle state for a short period after they finished executing the request to reduce cold start time for subsequent requests. Setting a minimum instance count will ensure that the given number of instances are kept running in idle state always. This can help with cold start times when jump in incoming request count occurs after the idle instance would have been stopped in the default case." }, "revision": { "type": "string", "description": "The name of service revision." }, "secretEnvironmentVariables": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv2:SecretEnvVarResponse" }, "description": "Secret environment variables configuration." }, "secretVolumes": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv2:SecretVolumeResponse" }, "description": "Secret volumes configuration." }, "securityLevel": { "type": "string", "description": "Security level configure whether the function only accepts https. This configuration is only applicable to 1st Gen functions with Http trigger. By default https is optional for 1st Gen functions; 2nd Gen functions are https ONLY." }, "service": { "type": "string", "description": "Name of the service associated with a Function. The format of this field is `projects/{project}/locations/{region}/services/{service}`" }, "serviceAccountEmail": { "type": "string", "description": "The email of the service's service account. If empty, defaults to `{project_number}-compute@developer.gserviceaccount.com`." }, "timeoutSeconds": { "type": "integer", "description": "The function execution timeout. Execution is considered failed and can be terminated if the function is not completed at the end of the timeout period. Defaults to 60 seconds." }, "uri": { "type": "string", "description": "URI of the Service deployed." }, "vpcConnector": { "type": "string", "description": "The Serverless VPC Access connector that this cloud function can connect to. The format of this field is `projects/*/locations/*/connectors/*`." }, "vpcConnectorEgressSettings": { "type": "string", "description": "The egress settings for the connector, controlling what traffic is diverted through it." } }, "type": "object", "required": [ "allTrafficOnLatestRevision", "availableCpu", "availableMemory", "environmentVariables", "ingressSettings", "maxInstanceCount", "maxInstanceRequestConcurrency", "minInstanceCount", "revision", "secretEnvironmentVariables", "secretVolumes", "securityLevel", "service", "serviceAccountEmail", "timeoutSeconds", "uri", "vpcConnector", "vpcConnectorEgressSettings" ] }, "google-native:cloudfunctions/v2:ServiceConfigSecurityLevel": { "description": "Security level configure whether the function only accepts https. This configuration is only applicable to 1st Gen functions with Http trigger. By default https is optional for 1st Gen functions; 2nd Gen functions are https ONLY.", "type": "string", "enum": [ { "name": "SecurityLevelUnspecified", "description": "Unspecified.", "value": "SECURITY_LEVEL_UNSPECIFIED" }, { "name": "SecureAlways", "description": "Requests for a URL that match this handler that do not use HTTPS are automatically redirected to the HTTPS URL with the same path. Query parameters are reserved for the redirect.", "value": "SECURE_ALWAYS" }, { "name": "SecureOptional", "description": "Both HTTP and HTTPS requests with URLs that match the handler succeed without redirects. The application can examine the request to determine which protocol was used and respond accordingly.", "value": "SECURE_OPTIONAL" } ] }, "google-native:cloudfunctions/v2:ServiceConfigVpcConnectorEgressSettings": { "description": "The egress settings for the connector, controlling what traffic is diverted through it.", "type": "string", "enum": [ { "name": "VpcConnectorEgressSettingsUnspecified", "description": "Unspecified.", "value": "VPC_CONNECTOR_EGRESS_SETTINGS_UNSPECIFIED" }, { "name": "PrivateRangesOnly", "description": "Use the VPC Access Connector only for private IP space from RFC1918.", "value": "PRIVATE_RANGES_ONLY" }, { "name": "AllTraffic", "description": "Force the use of VPC Access Connector for all egress traffic from the function.", "value": "ALL_TRAFFIC" } ] }, "google-native:cloudfunctions/v2:Source": { "description": "The location of the function source code.", "properties": { "gitUri": { "type": "string", "description": "If provided, get the source from GitHub repository. This option is valid only for GCF 1st Gen function. Example: https://github.com///blob//" }, "repoSource": { "$ref": "#/types/google-native:cloudfunctions%2Fv2:RepoSource", "description": "If provided, get the source from this location in a Cloud Source Repository." }, "storageSource": { "$ref": "#/types/google-native:cloudfunctions%2Fv2:StorageSource", "description": "If provided, get the source from this location in Google Cloud Storage." } }, "type": "object" }, "google-native:cloudfunctions/v2:SourceProvenanceResponse": { "description": "Provenance of the source. Ways to find the original source, or verify that some source was used for this build.", "properties": { "gitUri": { "type": "string", "description": "A copy of the build's `source.git_uri`, if exists, with any commits resolved." }, "resolvedRepoSource": { "$ref": "#/types/google-native:cloudfunctions%2Fv2:RepoSourceResponse", "description": "A copy of the build's `source.repo_source`, if exists, with any revisions resolved." }, "resolvedStorageSource": { "$ref": "#/types/google-native:cloudfunctions%2Fv2:StorageSourceResponse", "description": "A copy of the build's `source.storage_source`, if exists, with any generations resolved." } }, "type": "object", "required": [ "gitUri", "resolvedRepoSource", "resolvedStorageSource" ] }, "google-native:cloudfunctions/v2:SourceResponse": { "description": "The location of the function source code.", "properties": { "gitUri": { "type": "string", "description": "If provided, get the source from GitHub repository. This option is valid only for GCF 1st Gen function. Example: https://github.com///blob//" }, "repoSource": { "$ref": "#/types/google-native:cloudfunctions%2Fv2:RepoSourceResponse", "description": "If provided, get the source from this location in a Cloud Source Repository." }, "storageSource": { "$ref": "#/types/google-native:cloudfunctions%2Fv2:StorageSourceResponse", "description": "If provided, get the source from this location in Google Cloud Storage." } }, "type": "object", "required": [ "gitUri", "repoSource", "storageSource" ] }, "google-native:cloudfunctions/v2:StorageSource": { "description": "Location of the source in an archive file in Google Cloud Storage.", "properties": { "bucket": { "type": "string", "description": "Google Cloud Storage bucket containing the source (see [Bucket Name Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements))." }, "generation": { "type": "string", "description": "Google Cloud Storage generation for the object. If the generation is omitted, the latest generation will be used." }, "object": { "type": "string", "description": "Google Cloud Storage object containing the source. This object must be a gzipped archive file (`.tar.gz`) containing source to build." } }, "type": "object" }, "google-native:cloudfunctions/v2:StorageSourceResponse": { "description": "Location of the source in an archive file in Google Cloud Storage.", "properties": { "bucket": { "type": "string", "description": "Google Cloud Storage bucket containing the source (see [Bucket Name Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements))." }, "generation": { "type": "string", "description": "Google Cloud Storage generation for the object. If the generation is omitted, the latest generation will be used." }, "object": { "type": "string", "description": "Google Cloud Storage object containing the source. This object must be a gzipped archive file (`.tar.gz`) containing source to build." } }, "type": "object", "required": [ "bucket", "generation", "object" ] }, "google-native:cloudfunctions/v2alpha:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv2alpha:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:cloudfunctions/v2alpha:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv2alpha:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:cloudfunctions/v2alpha:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:cloudfunctions%2Fv2alpha:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:cloudfunctions/v2alpha:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:cloudfunctions/v2alpha:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:cloudfunctions/v2alpha:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudfunctions%2Fv2alpha:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:cloudfunctions/v2alpha:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudfunctions%2Fv2alpha:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:cloudfunctions/v2alpha:BuildConfig": { "description": "Describes the Build step of the function that builds a container from the given source.", "properties": { "dockerRegistry": { "$ref": "#/types/google-native:cloudfunctions%2Fv2alpha:BuildConfigDockerRegistry", "description": "Docker Registry to use for this deployment. This configuration is only applicable to 1st Gen functions, 2nd Gen functions can only use Artifact Registry. If `docker_repository` field is specified, this field will be automatically set as `ARTIFACT_REGISTRY`. If unspecified, it currently defaults to `CONTAINER_REGISTRY`. This field may be overridden by the backend for eligible deployments." }, "dockerRepository": { "type": "string", "description": "User managed repository created in Artifact Registry optionally with a customer managed encryption key. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, GCF will create and use a repository named 'gcf-artifacts' for every deployed region. It must match the pattern `projects/{project}/locations/{location}/repositories/{repository}`. Cross-project repositories are not supported. Cross-location repositories are not supported. Repository format must be 'DOCKER'." }, "entryPoint": { "type": "string", "description": "The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named \"function\". For Node.js this is name of a function exported by the module specified in `source_location`." }, "environmentVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "User-provided build-time environment variables for the function" }, "runtime": { "type": "string", "description": "The runtime in which to run the function. Required when deploying a new function, optional when updating an existing function. For a complete list of possible choices, see the [`gcloud` command reference](https://cloud.google.com/sdk/gcloud/reference/functions/deploy#--runtime)." }, "source": { "$ref": "#/types/google-native:cloudfunctions%2Fv2alpha:Source", "description": "The location of the function source code." }, "sourceToken": { "type": "string", "description": "An identifier for Firebase function sources. Disclaimer: This field is only supported for Firebase function deployments." }, "workerPool": { "type": "string", "description": "Name of the Cloud Build Custom Worker Pool that should be used to build the function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. If the project id is not the same as the function, then the Cloud Functions Service Agent (service-@gcf-admin-robot.iam.gserviceaccount.com) must be granted the role Cloud Build Custom Workers Builder (roles/cloudbuild.customworkers.builder) in the project." } }, "type": "object" }, "google-native:cloudfunctions/v2alpha:BuildConfigDockerRegistry": { "description": "Docker Registry to use for this deployment. This configuration is only applicable to 1st Gen functions, 2nd Gen functions can only use Artifact Registry. If `docker_repository` field is specified, this field will be automatically set as `ARTIFACT_REGISTRY`. If unspecified, it currently defaults to `CONTAINER_REGISTRY`. This field may be overridden by the backend for eligible deployments.", "type": "string", "enum": [ { "name": "DockerRegistryUnspecified", "description": "Unspecified.", "value": "DOCKER_REGISTRY_UNSPECIFIED" }, { "name": "ContainerRegistry", "description": "Docker images will be stored in multi-regional Container Registry repositories named `gcf`.", "value": "CONTAINER_REGISTRY" }, { "name": "ArtifactRegistry", "description": "Docker images will be stored in regional Artifact Registry repositories. By default, GCF will create and use repositories named `gcf-artifacts` in every region in which a function is deployed. But the repository to use can also be specified by the user using the `docker_repository` field.", "value": "ARTIFACT_REGISTRY" } ] }, "google-native:cloudfunctions/v2alpha:BuildConfigResponse": { "description": "Describes the Build step of the function that builds a container from the given source.", "properties": { "build": { "type": "string", "description": "The Cloud Build name of the latest successful deployment of the function." }, "dockerRegistry": { "type": "string", "description": "Docker Registry to use for this deployment. This configuration is only applicable to 1st Gen functions, 2nd Gen functions can only use Artifact Registry. If `docker_repository` field is specified, this field will be automatically set as `ARTIFACT_REGISTRY`. If unspecified, it currently defaults to `CONTAINER_REGISTRY`. This field may be overridden by the backend for eligible deployments." }, "dockerRepository": { "type": "string", "description": "User managed repository created in Artifact Registry optionally with a customer managed encryption key. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, GCF will create and use a repository named 'gcf-artifacts' for every deployed region. It must match the pattern `projects/{project}/locations/{location}/repositories/{repository}`. Cross-project repositories are not supported. Cross-location repositories are not supported. Repository format must be 'DOCKER'." }, "entryPoint": { "type": "string", "description": "The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named \"function\". For Node.js this is name of a function exported by the module specified in `source_location`." }, "environmentVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "User-provided build-time environment variables for the function" }, "runtime": { "type": "string", "description": "The runtime in which to run the function. Required when deploying a new function, optional when updating an existing function. For a complete list of possible choices, see the [`gcloud` command reference](https://cloud.google.com/sdk/gcloud/reference/functions/deploy#--runtime)." }, "source": { "$ref": "#/types/google-native:cloudfunctions%2Fv2alpha:SourceResponse", "description": "The location of the function source code." }, "sourceProvenance": { "$ref": "#/types/google-native:cloudfunctions%2Fv2alpha:SourceProvenanceResponse", "description": "A permanent fixed identifier for source." }, "sourceToken": { "type": "string", "description": "An identifier for Firebase function sources. Disclaimer: This field is only supported for Firebase function deployments." }, "workerPool": { "type": "string", "description": "Name of the Cloud Build Custom Worker Pool that should be used to build the function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. If the project id is not the same as the function, then the Cloud Functions Service Agent (service-@gcf-admin-robot.iam.gserviceaccount.com) must be granted the role Cloud Build Custom Workers Builder (roles/cloudbuild.customworkers.builder) in the project." } }, "type": "object", "required": [ "build", "dockerRegistry", "dockerRepository", "entryPoint", "environmentVariables", "runtime", "source", "sourceProvenance", "sourceToken", "workerPool" ] }, "google-native:cloudfunctions/v2alpha:EventFilter": { "description": "Filters events based on exact matches on the CloudEvents attributes.", "properties": { "attribute": { "type": "string", "description": "The name of a CloudEvents attribute." }, "operator": { "type": "string", "description": "Optional. The operator used for matching the events with the value of the filter. If not specified, only events that have an exact key-value pair specified in the filter are matched. The only allowed value is `match-path-pattern`." }, "value": { "type": "string", "description": "The value for the attribute." } }, "type": "object", "required": [ "attribute", "value" ] }, "google-native:cloudfunctions/v2alpha:EventFilterResponse": { "description": "Filters events based on exact matches on the CloudEvents attributes.", "properties": { "attribute": { "type": "string", "description": "The name of a CloudEvents attribute." }, "operator": { "type": "string", "description": "Optional. The operator used for matching the events with the value of the filter. If not specified, only events that have an exact key-value pair specified in the filter are matched. The only allowed value is `match-path-pattern`." }, "value": { "type": "string", "description": "The value for the attribute." } }, "type": "object", "required": [ "attribute", "operator", "value" ] }, "google-native:cloudfunctions/v2alpha:EventTrigger": { "description": "Describes EventTrigger, used to request events to be sent from another service.", "properties": { "channel": { "type": "string", "description": "Optional. The name of the channel associated with the trigger in `projects/{project}/locations/{location}/channels/{channel}` format. You must provide a channel to receive events from Eventarc SaaS partners." }, "eventFilters": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv2alpha:EventFilter" }, "description": "Criteria used to filter events." }, "eventType": { "type": "string", "description": "The type of event to observe. For example: `google.cloud.audit.log.v1.written` or `google.cloud.pubsub.topic.v1.messagePublished`." }, "pubsubTopic": { "type": "string", "description": "Optional. The name of a Pub/Sub topic in the same project that will be used as the transport topic for the event delivery. Format: `projects/{project}/topics/{topic}`. This is only valid for events of type `google.cloud.pubsub.topic.v1.messagePublished`. The topic provided here will not be deleted at function deletion." }, "retryPolicy": { "$ref": "#/types/google-native:cloudfunctions%2Fv2alpha:EventTriggerRetryPolicy", "description": "Optional. If unset, then defaults to ignoring failures (i.e. not retrying them)." }, "serviceAccountEmail": { "type": "string", "description": "Optional. The email of the trigger's service account. The service account must have permission to invoke Cloud Run services, the permission is `run.routes.invoke`. If empty, defaults to the Compute Engine default service account: `{project_number}-compute@developer.gserviceaccount.com`." }, "triggerRegion": { "type": "string", "description": "The region that the trigger will be in. The trigger will only receive events originating in this region. It can be the same region as the function, a different region or multi-region, or the global region. If not provided, defaults to the same region as the function." } }, "type": "object", "required": [ "eventType" ] }, "google-native:cloudfunctions/v2alpha:EventTriggerResponse": { "description": "Describes EventTrigger, used to request events to be sent from another service.", "properties": { "channel": { "type": "string", "description": "Optional. The name of the channel associated with the trigger in `projects/{project}/locations/{location}/channels/{channel}` format. You must provide a channel to receive events from Eventarc SaaS partners." }, "eventFilters": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv2alpha:EventFilterResponse" }, "description": "Criteria used to filter events." }, "eventType": { "type": "string", "description": "The type of event to observe. For example: `google.cloud.audit.log.v1.written` or `google.cloud.pubsub.topic.v1.messagePublished`." }, "pubsubTopic": { "type": "string", "description": "Optional. The name of a Pub/Sub topic in the same project that will be used as the transport topic for the event delivery. Format: `projects/{project}/topics/{topic}`. This is only valid for events of type `google.cloud.pubsub.topic.v1.messagePublished`. The topic provided here will not be deleted at function deletion." }, "retryPolicy": { "type": "string", "description": "Optional. If unset, then defaults to ignoring failures (i.e. not retrying them)." }, "serviceAccountEmail": { "type": "string", "description": "Optional. The email of the trigger's service account. The service account must have permission to invoke Cloud Run services, the permission is `run.routes.invoke`. If empty, defaults to the Compute Engine default service account: `{project_number}-compute@developer.gserviceaccount.com`." }, "trigger": { "type": "string", "description": "The resource name of the Eventarc trigger. The format of this field is `projects/{project}/locations/{region}/triggers/{trigger}`." }, "triggerRegion": { "type": "string", "description": "The region that the trigger will be in. The trigger will only receive events originating in this region. It can be the same region as the function, a different region or multi-region, or the global region. If not provided, defaults to the same region as the function." } }, "type": "object", "required": [ "channel", "eventFilters", "eventType", "pubsubTopic", "retryPolicy", "serviceAccountEmail", "trigger", "triggerRegion" ] }, "google-native:cloudfunctions/v2alpha:EventTriggerRetryPolicy": { "description": "Optional. If unset, then defaults to ignoring failures (i.e. not retrying them).", "type": "string", "enum": [ { "name": "RetryPolicyUnspecified", "description": "Not specified.", "value": "RETRY_POLICY_UNSPECIFIED" }, { "name": "RetryPolicyDoNotRetry", "description": "Do not retry.", "value": "RETRY_POLICY_DO_NOT_RETRY" }, { "name": "RetryPolicyRetry", "description": "Retry on any failure, retry up to 7 days with an exponential backoff (capped at 10 seconds).", "value": "RETRY_POLICY_RETRY" } ] }, "google-native:cloudfunctions/v2alpha:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:cloudfunctions/v2alpha:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:cloudfunctions/v2alpha:FunctionEnvironment": { "description": "Describe whether the function is 1st Gen or 2nd Gen.", "type": "string", "enum": [ { "name": "EnvironmentUnspecified", "description": "Unspecified", "value": "ENVIRONMENT_UNSPECIFIED" }, { "name": "Gen1", "description": "Gen 1", "value": "GEN_1" }, { "name": "Gen2", "description": "Gen 2", "value": "GEN_2" } ] }, "google-native:cloudfunctions/v2alpha:GoogleCloudFunctionsV2alphaStateMessageResponse": { "description": "Informational messages about the state of the Cloud Function or Operation.", "properties": { "message": { "type": "string", "description": "The message." }, "severity": { "type": "string", "description": "Severity of the state message." }, "type": { "type": "string", "description": "One-word CamelCase type of the state message." } }, "type": "object", "required": [ "message", "severity", "type" ] }, "google-native:cloudfunctions/v2alpha:RepoSource": { "description": "Location of the source in a Google Cloud Source Repository.", "properties": { "branchName": { "type": "string", "description": "Regex matching branches to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax" }, "commitSha": { "type": "string", "description": "Explicit commit SHA to build." }, "dir": { "type": "string", "description": "Directory, relative to the source root, in which to run the build. This must be a relative path. If a step's `dir` is specified and is an absolute path, this value is ignored for that step's execution. eg. helloworld (no leading slash allowed)" }, "project": { "type": "string", "description": "ID of the project that owns the Cloud Source Repository. If omitted, the project ID requesting the build is assumed." }, "repoName": { "type": "string", "description": "Name of the Cloud Source Repository." }, "tagName": { "type": "string", "description": "Regex matching tags to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax" } }, "type": "object" }, "google-native:cloudfunctions/v2alpha:RepoSourceResponse": { "description": "Location of the source in a Google Cloud Source Repository.", "properties": { "branchName": { "type": "string", "description": "Regex matching branches to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax" }, "commitSha": { "type": "string", "description": "Explicit commit SHA to build." }, "dir": { "type": "string", "description": "Directory, relative to the source root, in which to run the build. This must be a relative path. If a step's `dir` is specified and is an absolute path, this value is ignored for that step's execution. eg. helloworld (no leading slash allowed)" }, "project": { "type": "string", "description": "ID of the project that owns the Cloud Source Repository. If omitted, the project ID requesting the build is assumed." }, "repoName": { "type": "string", "description": "Name of the Cloud Source Repository." }, "tagName": { "type": "string", "description": "Regex matching tags to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax" } }, "type": "object", "required": [ "branchName", "commitSha", "dir", "project", "repoName", "tagName" ] }, "google-native:cloudfunctions/v2alpha:SecretEnvVar": { "description": "Configuration for a secret environment variable. It has the information necessary to fetch the secret value from secret manager and expose it as an environment variable.", "properties": { "key": { "type": "string", "description": "Name of the environment variable." }, "project": { "type": "string", "description": "Project identifier (preferably project number but can also be the project ID) of the project that contains the secret. If not set, it is assumed that the secret is in the same project as the function." }, "secret": { "type": "string", "description": "Name of the secret in secret manager (not the full resource name)." }, "version": { "type": "string", "description": "Version of the secret (version number or the string 'latest'). It is recommended to use a numeric version for secret environment variables as any updates to the secret value is not reflected until new instances start." } }, "type": "object" }, "google-native:cloudfunctions/v2alpha:SecretEnvVarResponse": { "description": "Configuration for a secret environment variable. It has the information necessary to fetch the secret value from secret manager and expose it as an environment variable.", "properties": { "key": { "type": "string", "description": "Name of the environment variable." }, "project": { "type": "string", "description": "Project identifier (preferably project number but can also be the project ID) of the project that contains the secret. If not set, it is assumed that the secret is in the same project as the function." }, "secret": { "type": "string", "description": "Name of the secret in secret manager (not the full resource name)." }, "version": { "type": "string", "description": "Version of the secret (version number or the string 'latest'). It is recommended to use a numeric version for secret environment variables as any updates to the secret value is not reflected until new instances start." } }, "type": "object", "required": [ "key", "project", "secret", "version" ] }, "google-native:cloudfunctions/v2alpha:SecretVersion": { "description": "Configuration for a single version.", "properties": { "path": { "type": "string", "description": "Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mount_path as '/etc/secrets' and path as `secret_foo` would mount the secret value file at `/etc/secrets/secret_foo`." }, "version": { "type": "string", "description": "Version of the secret (version number or the string 'latest'). It is preferable to use `latest` version with secret volumes as secret value changes are reflected immediately." } }, "type": "object" }, "google-native:cloudfunctions/v2alpha:SecretVersionResponse": { "description": "Configuration for a single version.", "properties": { "path": { "type": "string", "description": "Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mount_path as '/etc/secrets' and path as `secret_foo` would mount the secret value file at `/etc/secrets/secret_foo`." }, "version": { "type": "string", "description": "Version of the secret (version number or the string 'latest'). It is preferable to use `latest` version with secret volumes as secret value changes are reflected immediately." } }, "type": "object", "required": [ "path", "version" ] }, "google-native:cloudfunctions/v2alpha:SecretVolume": { "description": "Configuration for a secret volume. It has the information necessary to fetch the secret value from secret manager and make it available as files mounted at the requested paths within the application container.", "properties": { "mountPath": { "type": "string", "description": "The path within the container to mount the secret volume. For example, setting the mount_path as `/etc/secrets` would mount the secret value files under the `/etc/secrets` directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount path: /etc/secrets" }, "project": { "type": "string", "description": "Project identifier (preferably project number but can also be the project ID) of the project that contains the secret. If not set, it is assumed that the secret is in the same project as the function." }, "secret": { "type": "string", "description": "Name of the secret in secret manager (not the full resource name)." }, "versions": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv2alpha:SecretVersion" }, "description": "List of secret versions to mount for this secret. If empty, the `latest` version of the secret will be made available in a file named after the secret under the mount point." } }, "type": "object" }, "google-native:cloudfunctions/v2alpha:SecretVolumeResponse": { "description": "Configuration for a secret volume. It has the information necessary to fetch the secret value from secret manager and make it available as files mounted at the requested paths within the application container.", "properties": { "mountPath": { "type": "string", "description": "The path within the container to mount the secret volume. For example, setting the mount_path as `/etc/secrets` would mount the secret value files under the `/etc/secrets` directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount path: /etc/secrets" }, "project": { "type": "string", "description": "Project identifier (preferably project number but can also be the project ID) of the project that contains the secret. If not set, it is assumed that the secret is in the same project as the function." }, "secret": { "type": "string", "description": "Name of the secret in secret manager (not the full resource name)." }, "versions": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv2alpha:SecretVersionResponse" }, "description": "List of secret versions to mount for this secret. If empty, the `latest` version of the secret will be made available in a file named after the secret under the mount point." } }, "type": "object", "required": [ "mountPath", "project", "secret", "versions" ] }, "google-native:cloudfunctions/v2alpha:ServiceConfig": { "description": "Describes the Service being deployed. Currently Supported : Cloud Run (fully managed).", "properties": { "allTrafficOnLatestRevision": { "type": "boolean", "description": "Whether 100% of traffic is routed to the latest revision. On CreateFunction and UpdateFunction, when set to true, the revision being deployed will serve 100% of traffic, ignoring any traffic split settings, if any. On GetFunction, true will be returned if the latest revision is serving 100% of traffic." }, "availableCpu": { "type": "string", "description": "[Preview] The number of CPUs used in a single container instance. Default value is calculated from available memory. Supports the same values as Cloud Run, see https://cloud.google.com/run/docs/reference/rest/v1/Container#resourcerequirements Example: \"1\" indicates 1 vCPU" }, "availableMemory": { "type": "string", "description": "The amount of memory available for a function. Defaults to 256M. Supported units are k, M, G, Mi, Gi. If no unit is supplied the value is interpreted as bytes. See https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go a full description." }, "environmentVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Environment variables that shall be available during function execution." }, "ingressSettings": { "$ref": "#/types/google-native:cloudfunctions%2Fv2alpha:ServiceConfigIngressSettings", "description": "The ingress settings for the function, controlling what traffic can reach it." }, "maxInstanceCount": { "type": "integer", "description": "The limit on the maximum number of function instances that may coexist at a given time. In some cases, such as rapid traffic surges, Cloud Functions may, for a short period of time, create more instances than the specified max instances limit. If your function cannot tolerate this temporary behavior, you may want to factor in a safety margin and set a lower max instances value than your function can tolerate. See the [Max Instances](https://cloud.google.com/functions/docs/max-instances) Guide for more details." }, "maxInstanceRequestConcurrency": { "type": "integer", "description": "[Preview] Sets the maximum number of concurrent requests that each instance can receive. Defaults to 1." }, "minInstanceCount": { "type": "integer", "description": "The limit on the minimum number of function instances that may coexist at a given time. Function instances are kept in idle state for a short period after they finished executing the request to reduce cold start time for subsequent requests. Setting a minimum instance count will ensure that the given number of instances are kept running in idle state always. This can help with cold start times when jump in incoming request count occurs after the idle instance would have been stopped in the default case." }, "secretEnvironmentVariables": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv2alpha:SecretEnvVar" }, "description": "Secret environment variables configuration." }, "secretVolumes": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv2alpha:SecretVolume" }, "description": "Secret volumes configuration." }, "securityLevel": { "$ref": "#/types/google-native:cloudfunctions%2Fv2alpha:ServiceConfigSecurityLevel", "description": "Security level configure whether the function only accepts https. This configuration is only applicable to 1st Gen functions with Http trigger. By default https is optional for 1st Gen functions; 2nd Gen functions are https ONLY." }, "serviceAccountEmail": { "type": "string", "description": "The email of the service's service account. If empty, defaults to `{project_number}-compute@developer.gserviceaccount.com`." }, "timeoutSeconds": { "type": "integer", "description": "The function execution timeout. Execution is considered failed and can be terminated if the function is not completed at the end of the timeout period. Defaults to 60 seconds." }, "vpcConnector": { "type": "string", "description": "The Serverless VPC Access connector that this cloud function can connect to. The format of this field is `projects/*/locations/*/connectors/*`." }, "vpcConnectorEgressSettings": { "$ref": "#/types/google-native:cloudfunctions%2Fv2alpha:ServiceConfigVpcConnectorEgressSettings", "description": "The egress settings for the connector, controlling what traffic is diverted through it." } }, "type": "object" }, "google-native:cloudfunctions/v2alpha:ServiceConfigIngressSettings": { "description": "The ingress settings for the function, controlling what traffic can reach it.", "type": "string", "enum": [ { "name": "IngressSettingsUnspecified", "description": "Unspecified.", "value": "INGRESS_SETTINGS_UNSPECIFIED" }, { "name": "AllowAll", "description": "Allow HTTP traffic from public and private sources.", "value": "ALLOW_ALL" }, { "name": "AllowInternalOnly", "description": "Allow HTTP traffic from only private VPC sources.", "value": "ALLOW_INTERNAL_ONLY" }, { "name": "AllowInternalAndGclb", "description": "Allow HTTP traffic from private VPC sources and through GCLB.", "value": "ALLOW_INTERNAL_AND_GCLB" } ] }, "google-native:cloudfunctions/v2alpha:ServiceConfigResponse": { "description": "Describes the Service being deployed. Currently Supported : Cloud Run (fully managed).", "properties": { "allTrafficOnLatestRevision": { "type": "boolean", "description": "Whether 100% of traffic is routed to the latest revision. On CreateFunction and UpdateFunction, when set to true, the revision being deployed will serve 100% of traffic, ignoring any traffic split settings, if any. On GetFunction, true will be returned if the latest revision is serving 100% of traffic." }, "availableCpu": { "type": "string", "description": "[Preview] The number of CPUs used in a single container instance. Default value is calculated from available memory. Supports the same values as Cloud Run, see https://cloud.google.com/run/docs/reference/rest/v1/Container#resourcerequirements Example: \"1\" indicates 1 vCPU" }, "availableMemory": { "type": "string", "description": "The amount of memory available for a function. Defaults to 256M. Supported units are k, M, G, Mi, Gi. If no unit is supplied the value is interpreted as bytes. See https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go a full description." }, "environmentVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Environment variables that shall be available during function execution." }, "ingressSettings": { "type": "string", "description": "The ingress settings for the function, controlling what traffic can reach it." }, "maxInstanceCount": { "type": "integer", "description": "The limit on the maximum number of function instances that may coexist at a given time. In some cases, such as rapid traffic surges, Cloud Functions may, for a short period of time, create more instances than the specified max instances limit. If your function cannot tolerate this temporary behavior, you may want to factor in a safety margin and set a lower max instances value than your function can tolerate. See the [Max Instances](https://cloud.google.com/functions/docs/max-instances) Guide for more details." }, "maxInstanceRequestConcurrency": { "type": "integer", "description": "[Preview] Sets the maximum number of concurrent requests that each instance can receive. Defaults to 1." }, "minInstanceCount": { "type": "integer", "description": "The limit on the minimum number of function instances that may coexist at a given time. Function instances are kept in idle state for a short period after they finished executing the request to reduce cold start time for subsequent requests. Setting a minimum instance count will ensure that the given number of instances are kept running in idle state always. This can help with cold start times when jump in incoming request count occurs after the idle instance would have been stopped in the default case." }, "revision": { "type": "string", "description": "The name of service revision." }, "secretEnvironmentVariables": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv2alpha:SecretEnvVarResponse" }, "description": "Secret environment variables configuration." }, "secretVolumes": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv2alpha:SecretVolumeResponse" }, "description": "Secret volumes configuration." }, "securityLevel": { "type": "string", "description": "Security level configure whether the function only accepts https. This configuration is only applicable to 1st Gen functions with Http trigger. By default https is optional for 1st Gen functions; 2nd Gen functions are https ONLY." }, "service": { "type": "string", "description": "Name of the service associated with a Function. The format of this field is `projects/{project}/locations/{region}/services/{service}`" }, "serviceAccountEmail": { "type": "string", "description": "The email of the service's service account. If empty, defaults to `{project_number}-compute@developer.gserviceaccount.com`." }, "timeoutSeconds": { "type": "integer", "description": "The function execution timeout. Execution is considered failed and can be terminated if the function is not completed at the end of the timeout period. Defaults to 60 seconds." }, "uri": { "type": "string", "description": "URI of the Service deployed." }, "vpcConnector": { "type": "string", "description": "The Serverless VPC Access connector that this cloud function can connect to. The format of this field is `projects/*/locations/*/connectors/*`." }, "vpcConnectorEgressSettings": { "type": "string", "description": "The egress settings for the connector, controlling what traffic is diverted through it." } }, "type": "object", "required": [ "allTrafficOnLatestRevision", "availableCpu", "availableMemory", "environmentVariables", "ingressSettings", "maxInstanceCount", "maxInstanceRequestConcurrency", "minInstanceCount", "revision", "secretEnvironmentVariables", "secretVolumes", "securityLevel", "service", "serviceAccountEmail", "timeoutSeconds", "uri", "vpcConnector", "vpcConnectorEgressSettings" ] }, "google-native:cloudfunctions/v2alpha:ServiceConfigSecurityLevel": { "description": "Security level configure whether the function only accepts https. This configuration is only applicable to 1st Gen functions with Http trigger. By default https is optional for 1st Gen functions; 2nd Gen functions are https ONLY.", "type": "string", "enum": [ { "name": "SecurityLevelUnspecified", "description": "Unspecified.", "value": "SECURITY_LEVEL_UNSPECIFIED" }, { "name": "SecureAlways", "description": "Requests for a URL that match this handler that do not use HTTPS are automatically redirected to the HTTPS URL with the same path. Query parameters are reserved for the redirect.", "value": "SECURE_ALWAYS" }, { "name": "SecureOptional", "description": "Both HTTP and HTTPS requests with URLs that match the handler succeed without redirects. The application can examine the request to determine which protocol was used and respond accordingly.", "value": "SECURE_OPTIONAL" } ] }, "google-native:cloudfunctions/v2alpha:ServiceConfigVpcConnectorEgressSettings": { "description": "The egress settings for the connector, controlling what traffic is diverted through it.", "type": "string", "enum": [ { "name": "VpcConnectorEgressSettingsUnspecified", "description": "Unspecified.", "value": "VPC_CONNECTOR_EGRESS_SETTINGS_UNSPECIFIED" }, { "name": "PrivateRangesOnly", "description": "Use the VPC Access Connector only for private IP space from RFC1918.", "value": "PRIVATE_RANGES_ONLY" }, { "name": "AllTraffic", "description": "Force the use of VPC Access Connector for all egress traffic from the function.", "value": "ALL_TRAFFIC" } ] }, "google-native:cloudfunctions/v2alpha:Source": { "description": "The location of the function source code.", "properties": { "gitUri": { "type": "string", "description": "If provided, get the source from GitHub repository. This option is valid only for GCF 1st Gen function. Example: https://github.com///blob//" }, "repoSource": { "$ref": "#/types/google-native:cloudfunctions%2Fv2alpha:RepoSource", "description": "If provided, get the source from this location in a Cloud Source Repository." }, "storageSource": { "$ref": "#/types/google-native:cloudfunctions%2Fv2alpha:StorageSource", "description": "If provided, get the source from this location in Google Cloud Storage." } }, "type": "object" }, "google-native:cloudfunctions/v2alpha:SourceProvenanceResponse": { "description": "Provenance of the source. Ways to find the original source, or verify that some source was used for this build.", "properties": { "gitUri": { "type": "string", "description": "A copy of the build's `source.git_uri`, if exists, with any commits resolved." }, "resolvedRepoSource": { "$ref": "#/types/google-native:cloudfunctions%2Fv2alpha:RepoSourceResponse", "description": "A copy of the build's `source.repo_source`, if exists, with any revisions resolved." }, "resolvedStorageSource": { "$ref": "#/types/google-native:cloudfunctions%2Fv2alpha:StorageSourceResponse", "description": "A copy of the build's `source.storage_source`, if exists, with any generations resolved." } }, "type": "object", "required": [ "gitUri", "resolvedRepoSource", "resolvedStorageSource" ] }, "google-native:cloudfunctions/v2alpha:SourceResponse": { "description": "The location of the function source code.", "properties": { "gitUri": { "type": "string", "description": "If provided, get the source from GitHub repository. This option is valid only for GCF 1st Gen function. Example: https://github.com///blob//" }, "repoSource": { "$ref": "#/types/google-native:cloudfunctions%2Fv2alpha:RepoSourceResponse", "description": "If provided, get the source from this location in a Cloud Source Repository." }, "storageSource": { "$ref": "#/types/google-native:cloudfunctions%2Fv2alpha:StorageSourceResponse", "description": "If provided, get the source from this location in Google Cloud Storage." } }, "type": "object", "required": [ "gitUri", "repoSource", "storageSource" ] }, "google-native:cloudfunctions/v2alpha:StorageSource": { "description": "Location of the source in an archive file in Google Cloud Storage.", "properties": { "bucket": { "type": "string", "description": "Google Cloud Storage bucket containing the source (see [Bucket Name Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements))." }, "generation": { "type": "string", "description": "Google Cloud Storage generation for the object. If the generation is omitted, the latest generation will be used." }, "object": { "type": "string", "description": "Google Cloud Storage object containing the source. This object must be a gzipped archive file (`.tar.gz`) containing source to build." } }, "type": "object" }, "google-native:cloudfunctions/v2alpha:StorageSourceResponse": { "description": "Location of the source in an archive file in Google Cloud Storage.", "properties": { "bucket": { "type": "string", "description": "Google Cloud Storage bucket containing the source (see [Bucket Name Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements))." }, "generation": { "type": "string", "description": "Google Cloud Storage generation for the object. If the generation is omitted, the latest generation will be used." }, "object": { "type": "string", "description": "Google Cloud Storage object containing the source. This object must be a gzipped archive file (`.tar.gz`) containing source to build." } }, "type": "object", "required": [ "bucket", "generation", "object" ] }, "google-native:cloudfunctions/v2beta:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv2beta:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:cloudfunctions/v2beta:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv2beta:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:cloudfunctions/v2beta:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:cloudfunctions%2Fv2beta:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:cloudfunctions/v2beta:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:cloudfunctions/v2beta:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:cloudfunctions/v2beta:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudfunctions%2Fv2beta:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:cloudfunctions/v2beta:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudfunctions%2Fv2beta:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:cloudfunctions/v2beta:BuildConfig": { "description": "Describes the Build step of the function that builds a container from the given source.", "properties": { "dockerRegistry": { "$ref": "#/types/google-native:cloudfunctions%2Fv2beta:BuildConfigDockerRegistry", "description": "Docker Registry to use for this deployment. This configuration is only applicable to 1st Gen functions, 2nd Gen functions can only use Artifact Registry. If `docker_repository` field is specified, this field will be automatically set as `ARTIFACT_REGISTRY`. If unspecified, it currently defaults to `CONTAINER_REGISTRY`. This field may be overridden by the backend for eligible deployments." }, "dockerRepository": { "type": "string", "description": "User managed repository created in Artifact Registry optionally with a customer managed encryption key. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, GCF will create and use a repository named 'gcf-artifacts' for every deployed region. It must match the pattern `projects/{project}/locations/{location}/repositories/{repository}`. Cross-project repositories are not supported. Cross-location repositories are not supported. Repository format must be 'DOCKER'." }, "entryPoint": { "type": "string", "description": "The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named \"function\". For Node.js this is name of a function exported by the module specified in `source_location`." }, "environmentVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "User-provided build-time environment variables for the function" }, "runtime": { "type": "string", "description": "The runtime in which to run the function. Required when deploying a new function, optional when updating an existing function. For a complete list of possible choices, see the [`gcloud` command reference](https://cloud.google.com/sdk/gcloud/reference/functions/deploy#--runtime)." }, "source": { "$ref": "#/types/google-native:cloudfunctions%2Fv2beta:Source", "description": "The location of the function source code." }, "sourceToken": { "type": "string", "description": "An identifier for Firebase function sources. Disclaimer: This field is only supported for Firebase function deployments." }, "workerPool": { "type": "string", "description": "Name of the Cloud Build Custom Worker Pool that should be used to build the function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. If the project id is not the same as the function, then the Cloud Functions Service Agent (service-@gcf-admin-robot.iam.gserviceaccount.com) must be granted the role Cloud Build Custom Workers Builder (roles/cloudbuild.customworkers.builder) in the project." } }, "type": "object" }, "google-native:cloudfunctions/v2beta:BuildConfigDockerRegistry": { "description": "Docker Registry to use for this deployment. This configuration is only applicable to 1st Gen functions, 2nd Gen functions can only use Artifact Registry. If `docker_repository` field is specified, this field will be automatically set as `ARTIFACT_REGISTRY`. If unspecified, it currently defaults to `CONTAINER_REGISTRY`. This field may be overridden by the backend for eligible deployments.", "type": "string", "enum": [ { "name": "DockerRegistryUnspecified", "description": "Unspecified.", "value": "DOCKER_REGISTRY_UNSPECIFIED" }, { "name": "ContainerRegistry", "description": "Docker images will be stored in multi-regional Container Registry repositories named `gcf`.", "value": "CONTAINER_REGISTRY" }, { "name": "ArtifactRegistry", "description": "Docker images will be stored in regional Artifact Registry repositories. By default, GCF will create and use repositories named `gcf-artifacts` in every region in which a function is deployed. But the repository to use can also be specified by the user using the `docker_repository` field.", "value": "ARTIFACT_REGISTRY" } ] }, "google-native:cloudfunctions/v2beta:BuildConfigResponse": { "description": "Describes the Build step of the function that builds a container from the given source.", "properties": { "build": { "type": "string", "description": "The Cloud Build name of the latest successful deployment of the function." }, "dockerRegistry": { "type": "string", "description": "Docker Registry to use for this deployment. This configuration is only applicable to 1st Gen functions, 2nd Gen functions can only use Artifact Registry. If `docker_repository` field is specified, this field will be automatically set as `ARTIFACT_REGISTRY`. If unspecified, it currently defaults to `CONTAINER_REGISTRY`. This field may be overridden by the backend for eligible deployments." }, "dockerRepository": { "type": "string", "description": "User managed repository created in Artifact Registry optionally with a customer managed encryption key. This is the repository to which the function docker image will be pushed after it is built by Cloud Build. If unspecified, GCF will create and use a repository named 'gcf-artifacts' for every deployed region. It must match the pattern `projects/{project}/locations/{location}/repositories/{repository}`. Cross-project repositories are not supported. Cross-location repositories are not supported. Repository format must be 'DOCKER'." }, "entryPoint": { "type": "string", "description": "The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified. For backward compatibility, if function with given name is not found, then the system will try to use function named \"function\". For Node.js this is name of a function exported by the module specified in `source_location`." }, "environmentVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "User-provided build-time environment variables for the function" }, "runtime": { "type": "string", "description": "The runtime in which to run the function. Required when deploying a new function, optional when updating an existing function. For a complete list of possible choices, see the [`gcloud` command reference](https://cloud.google.com/sdk/gcloud/reference/functions/deploy#--runtime)." }, "source": { "$ref": "#/types/google-native:cloudfunctions%2Fv2beta:SourceResponse", "description": "The location of the function source code." }, "sourceProvenance": { "$ref": "#/types/google-native:cloudfunctions%2Fv2beta:SourceProvenanceResponse", "description": "A permanent fixed identifier for source." }, "sourceToken": { "type": "string", "description": "An identifier for Firebase function sources. Disclaimer: This field is only supported for Firebase function deployments." }, "workerPool": { "type": "string", "description": "Name of the Cloud Build Custom Worker Pool that should be used to build the function. The format of this field is `projects/{project}/locations/{region}/workerPools/{workerPool}` where {project} and {region} are the project id and region respectively where the worker pool is defined and {workerPool} is the short name of the worker pool. If the project id is not the same as the function, then the Cloud Functions Service Agent (service-@gcf-admin-robot.iam.gserviceaccount.com) must be granted the role Cloud Build Custom Workers Builder (roles/cloudbuild.customworkers.builder) in the project." } }, "type": "object", "required": [ "build", "dockerRegistry", "dockerRepository", "entryPoint", "environmentVariables", "runtime", "source", "sourceProvenance", "sourceToken", "workerPool" ] }, "google-native:cloudfunctions/v2beta:EventFilter": { "description": "Filters events based on exact matches on the CloudEvents attributes.", "properties": { "attribute": { "type": "string", "description": "The name of a CloudEvents attribute." }, "operator": { "type": "string", "description": "Optional. The operator used for matching the events with the value of the filter. If not specified, only events that have an exact key-value pair specified in the filter are matched. The only allowed value is `match-path-pattern`." }, "value": { "type": "string", "description": "The value for the attribute." } }, "type": "object", "required": [ "attribute", "value" ] }, "google-native:cloudfunctions/v2beta:EventFilterResponse": { "description": "Filters events based on exact matches on the CloudEvents attributes.", "properties": { "attribute": { "type": "string", "description": "The name of a CloudEvents attribute." }, "operator": { "type": "string", "description": "Optional. The operator used for matching the events with the value of the filter. If not specified, only events that have an exact key-value pair specified in the filter are matched. The only allowed value is `match-path-pattern`." }, "value": { "type": "string", "description": "The value for the attribute." } }, "type": "object", "required": [ "attribute", "operator", "value" ] }, "google-native:cloudfunctions/v2beta:EventTrigger": { "description": "Describes EventTrigger, used to request events to be sent from another service.", "properties": { "channel": { "type": "string", "description": "Optional. The name of the channel associated with the trigger in `projects/{project}/locations/{location}/channels/{channel}` format. You must provide a channel to receive events from Eventarc SaaS partners." }, "eventFilters": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv2beta:EventFilter" }, "description": "Criteria used to filter events." }, "eventType": { "type": "string", "description": "The type of event to observe. For example: `google.cloud.audit.log.v1.written` or `google.cloud.pubsub.topic.v1.messagePublished`." }, "pubsubTopic": { "type": "string", "description": "Optional. The name of a Pub/Sub topic in the same project that will be used as the transport topic for the event delivery. Format: `projects/{project}/topics/{topic}`. This is only valid for events of type `google.cloud.pubsub.topic.v1.messagePublished`. The topic provided here will not be deleted at function deletion." }, "retryPolicy": { "$ref": "#/types/google-native:cloudfunctions%2Fv2beta:EventTriggerRetryPolicy", "description": "Optional. If unset, then defaults to ignoring failures (i.e. not retrying them)." }, "serviceAccountEmail": { "type": "string", "description": "Optional. The email of the trigger's service account. The service account must have permission to invoke Cloud Run services, the permission is `run.routes.invoke`. If empty, defaults to the Compute Engine default service account: `{project_number}-compute@developer.gserviceaccount.com`." }, "triggerRegion": { "type": "string", "description": "The region that the trigger will be in. The trigger will only receive events originating in this region. It can be the same region as the function, a different region or multi-region, or the global region. If not provided, defaults to the same region as the function." } }, "type": "object", "required": [ "eventType" ] }, "google-native:cloudfunctions/v2beta:EventTriggerResponse": { "description": "Describes EventTrigger, used to request events to be sent from another service.", "properties": { "channel": { "type": "string", "description": "Optional. The name of the channel associated with the trigger in `projects/{project}/locations/{location}/channels/{channel}` format. You must provide a channel to receive events from Eventarc SaaS partners." }, "eventFilters": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv2beta:EventFilterResponse" }, "description": "Criteria used to filter events." }, "eventType": { "type": "string", "description": "The type of event to observe. For example: `google.cloud.audit.log.v1.written` or `google.cloud.pubsub.topic.v1.messagePublished`." }, "pubsubTopic": { "type": "string", "description": "Optional. The name of a Pub/Sub topic in the same project that will be used as the transport topic for the event delivery. Format: `projects/{project}/topics/{topic}`. This is only valid for events of type `google.cloud.pubsub.topic.v1.messagePublished`. The topic provided here will not be deleted at function deletion." }, "retryPolicy": { "type": "string", "description": "Optional. If unset, then defaults to ignoring failures (i.e. not retrying them)." }, "serviceAccountEmail": { "type": "string", "description": "Optional. The email of the trigger's service account. The service account must have permission to invoke Cloud Run services, the permission is `run.routes.invoke`. If empty, defaults to the Compute Engine default service account: `{project_number}-compute@developer.gserviceaccount.com`." }, "trigger": { "type": "string", "description": "The resource name of the Eventarc trigger. The format of this field is `projects/{project}/locations/{region}/triggers/{trigger}`." }, "triggerRegion": { "type": "string", "description": "The region that the trigger will be in. The trigger will only receive events originating in this region. It can be the same region as the function, a different region or multi-region, or the global region. If not provided, defaults to the same region as the function." } }, "type": "object", "required": [ "channel", "eventFilters", "eventType", "pubsubTopic", "retryPolicy", "serviceAccountEmail", "trigger", "triggerRegion" ] }, "google-native:cloudfunctions/v2beta:EventTriggerRetryPolicy": { "description": "Optional. If unset, then defaults to ignoring failures (i.e. not retrying them).", "type": "string", "enum": [ { "name": "RetryPolicyUnspecified", "description": "Not specified.", "value": "RETRY_POLICY_UNSPECIFIED" }, { "name": "RetryPolicyDoNotRetry", "description": "Do not retry.", "value": "RETRY_POLICY_DO_NOT_RETRY" }, { "name": "RetryPolicyRetry", "description": "Retry on any failure, retry up to 7 days with an exponential backoff (capped at 10 seconds).", "value": "RETRY_POLICY_RETRY" } ] }, "google-native:cloudfunctions/v2beta:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:cloudfunctions/v2beta:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:cloudfunctions/v2beta:FunctionEnvironment": { "description": "Describe whether the function is 1st Gen or 2nd Gen.", "type": "string", "enum": [ { "name": "EnvironmentUnspecified", "description": "Unspecified", "value": "ENVIRONMENT_UNSPECIFIED" }, { "name": "Gen1", "description": "Gen 1", "value": "GEN_1" }, { "name": "Gen2", "description": "Gen 2", "value": "GEN_2" } ] }, "google-native:cloudfunctions/v2beta:GoogleCloudFunctionsV2betaStateMessageResponse": { "description": "Informational messages about the state of the Cloud Function or Operation.", "properties": { "message": { "type": "string", "description": "The message." }, "severity": { "type": "string", "description": "Severity of the state message." }, "type": { "type": "string", "description": "One-word CamelCase type of the state message." } }, "type": "object", "required": [ "message", "severity", "type" ] }, "google-native:cloudfunctions/v2beta:RepoSource": { "description": "Location of the source in a Google Cloud Source Repository.", "properties": { "branchName": { "type": "string", "description": "Regex matching branches to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax" }, "commitSha": { "type": "string", "description": "Explicit commit SHA to build." }, "dir": { "type": "string", "description": "Directory, relative to the source root, in which to run the build. This must be a relative path. If a step's `dir` is specified and is an absolute path, this value is ignored for that step's execution. eg. helloworld (no leading slash allowed)" }, "project": { "type": "string", "description": "ID of the project that owns the Cloud Source Repository. If omitted, the project ID requesting the build is assumed." }, "repoName": { "type": "string", "description": "Name of the Cloud Source Repository." }, "tagName": { "type": "string", "description": "Regex matching tags to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax" } }, "type": "object" }, "google-native:cloudfunctions/v2beta:RepoSourceResponse": { "description": "Location of the source in a Google Cloud Source Repository.", "properties": { "branchName": { "type": "string", "description": "Regex matching branches to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax" }, "commitSha": { "type": "string", "description": "Explicit commit SHA to build." }, "dir": { "type": "string", "description": "Directory, relative to the source root, in which to run the build. This must be a relative path. If a step's `dir` is specified and is an absolute path, this value is ignored for that step's execution. eg. helloworld (no leading slash allowed)" }, "project": { "type": "string", "description": "ID of the project that owns the Cloud Source Repository. If omitted, the project ID requesting the build is assumed." }, "repoName": { "type": "string", "description": "Name of the Cloud Source Repository." }, "tagName": { "type": "string", "description": "Regex matching tags to build. The syntax of the regular expressions accepted is the syntax accepted by RE2 and described at https://github.com/google/re2/wiki/Syntax" } }, "type": "object", "required": [ "branchName", "commitSha", "dir", "project", "repoName", "tagName" ] }, "google-native:cloudfunctions/v2beta:SecretEnvVar": { "description": "Configuration for a secret environment variable. It has the information necessary to fetch the secret value from secret manager and expose it as an environment variable.", "properties": { "key": { "type": "string", "description": "Name of the environment variable." }, "project": { "type": "string", "description": "Project identifier (preferably project number but can also be the project ID) of the project that contains the secret. If not set, it is assumed that the secret is in the same project as the function." }, "secret": { "type": "string", "description": "Name of the secret in secret manager (not the full resource name)." }, "version": { "type": "string", "description": "Version of the secret (version number or the string 'latest'). It is recommended to use a numeric version for secret environment variables as any updates to the secret value is not reflected until new instances start." } }, "type": "object" }, "google-native:cloudfunctions/v2beta:SecretEnvVarResponse": { "description": "Configuration for a secret environment variable. It has the information necessary to fetch the secret value from secret manager and expose it as an environment variable.", "properties": { "key": { "type": "string", "description": "Name of the environment variable." }, "project": { "type": "string", "description": "Project identifier (preferably project number but can also be the project ID) of the project that contains the secret. If not set, it is assumed that the secret is in the same project as the function." }, "secret": { "type": "string", "description": "Name of the secret in secret manager (not the full resource name)." }, "version": { "type": "string", "description": "Version of the secret (version number or the string 'latest'). It is recommended to use a numeric version for secret environment variables as any updates to the secret value is not reflected until new instances start." } }, "type": "object", "required": [ "key", "project", "secret", "version" ] }, "google-native:cloudfunctions/v2beta:SecretVersion": { "description": "Configuration for a single version.", "properties": { "path": { "type": "string", "description": "Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mount_path as '/etc/secrets' and path as `secret_foo` would mount the secret value file at `/etc/secrets/secret_foo`." }, "version": { "type": "string", "description": "Version of the secret (version number or the string 'latest'). It is preferable to use `latest` version with secret volumes as secret value changes are reflected immediately." } }, "type": "object" }, "google-native:cloudfunctions/v2beta:SecretVersionResponse": { "description": "Configuration for a single version.", "properties": { "path": { "type": "string", "description": "Relative path of the file under the mount path where the secret value for this version will be fetched and made available. For example, setting the mount_path as '/etc/secrets' and path as `secret_foo` would mount the secret value file at `/etc/secrets/secret_foo`." }, "version": { "type": "string", "description": "Version of the secret (version number or the string 'latest'). It is preferable to use `latest` version with secret volumes as secret value changes are reflected immediately." } }, "type": "object", "required": [ "path", "version" ] }, "google-native:cloudfunctions/v2beta:SecretVolume": { "description": "Configuration for a secret volume. It has the information necessary to fetch the secret value from secret manager and make it available as files mounted at the requested paths within the application container.", "properties": { "mountPath": { "type": "string", "description": "The path within the container to mount the secret volume. For example, setting the mount_path as `/etc/secrets` would mount the secret value files under the `/etc/secrets` directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount path: /etc/secrets" }, "project": { "type": "string", "description": "Project identifier (preferably project number but can also be the project ID) of the project that contains the secret. If not set, it is assumed that the secret is in the same project as the function." }, "secret": { "type": "string", "description": "Name of the secret in secret manager (not the full resource name)." }, "versions": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv2beta:SecretVersion" }, "description": "List of secret versions to mount for this secret. If empty, the `latest` version of the secret will be made available in a file named after the secret under the mount point." } }, "type": "object" }, "google-native:cloudfunctions/v2beta:SecretVolumeResponse": { "description": "Configuration for a secret volume. It has the information necessary to fetch the secret value from secret manager and make it available as files mounted at the requested paths within the application container.", "properties": { "mountPath": { "type": "string", "description": "The path within the container to mount the secret volume. For example, setting the mount_path as `/etc/secrets` would mount the secret value files under the `/etc/secrets` directory. This directory will also be completely shadowed and unavailable to mount any other secrets. Recommended mount path: /etc/secrets" }, "project": { "type": "string", "description": "Project identifier (preferably project number but can also be the project ID) of the project that contains the secret. If not set, it is assumed that the secret is in the same project as the function." }, "secret": { "type": "string", "description": "Name of the secret in secret manager (not the full resource name)." }, "versions": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv2beta:SecretVersionResponse" }, "description": "List of secret versions to mount for this secret. If empty, the `latest` version of the secret will be made available in a file named after the secret under the mount point." } }, "type": "object", "required": [ "mountPath", "project", "secret", "versions" ] }, "google-native:cloudfunctions/v2beta:ServiceConfig": { "description": "Describes the Service being deployed. Currently Supported : Cloud Run (fully managed).", "properties": { "allTrafficOnLatestRevision": { "type": "boolean", "description": "Whether 100% of traffic is routed to the latest revision. On CreateFunction and UpdateFunction, when set to true, the revision being deployed will serve 100% of traffic, ignoring any traffic split settings, if any. On GetFunction, true will be returned if the latest revision is serving 100% of traffic." }, "availableCpu": { "type": "string", "description": "[Preview] The number of CPUs used in a single container instance. Default value is calculated from available memory. Supports the same values as Cloud Run, see https://cloud.google.com/run/docs/reference/rest/v1/Container#resourcerequirements Example: \"1\" indicates 1 vCPU" }, "availableMemory": { "type": "string", "description": "The amount of memory available for a function. Defaults to 256M. Supported units are k, M, G, Mi, Gi. If no unit is supplied the value is interpreted as bytes. See https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go a full description." }, "environmentVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Environment variables that shall be available during function execution." }, "ingressSettings": { "$ref": "#/types/google-native:cloudfunctions%2Fv2beta:ServiceConfigIngressSettings", "description": "The ingress settings for the function, controlling what traffic can reach it." }, "maxInstanceCount": { "type": "integer", "description": "The limit on the maximum number of function instances that may coexist at a given time. In some cases, such as rapid traffic surges, Cloud Functions may, for a short period of time, create more instances than the specified max instances limit. If your function cannot tolerate this temporary behavior, you may want to factor in a safety margin and set a lower max instances value than your function can tolerate. See the [Max Instances](https://cloud.google.com/functions/docs/max-instances) Guide for more details." }, "maxInstanceRequestConcurrency": { "type": "integer", "description": "[Preview] Sets the maximum number of concurrent requests that each instance can receive. Defaults to 1." }, "minInstanceCount": { "type": "integer", "description": "The limit on the minimum number of function instances that may coexist at a given time. Function instances are kept in idle state for a short period after they finished executing the request to reduce cold start time for subsequent requests. Setting a minimum instance count will ensure that the given number of instances are kept running in idle state always. This can help with cold start times when jump in incoming request count occurs after the idle instance would have been stopped in the default case." }, "secretEnvironmentVariables": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv2beta:SecretEnvVar" }, "description": "Secret environment variables configuration." }, "secretVolumes": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv2beta:SecretVolume" }, "description": "Secret volumes configuration." }, "securityLevel": { "$ref": "#/types/google-native:cloudfunctions%2Fv2beta:ServiceConfigSecurityLevel", "description": "Security level configure whether the function only accepts https. This configuration is only applicable to 1st Gen functions with Http trigger. By default https is optional for 1st Gen functions; 2nd Gen functions are https ONLY." }, "serviceAccountEmail": { "type": "string", "description": "The email of the service's service account. If empty, defaults to `{project_number}-compute@developer.gserviceaccount.com`." }, "timeoutSeconds": { "type": "integer", "description": "The function execution timeout. Execution is considered failed and can be terminated if the function is not completed at the end of the timeout period. Defaults to 60 seconds." }, "vpcConnector": { "type": "string", "description": "The Serverless VPC Access connector that this cloud function can connect to. The format of this field is `projects/*/locations/*/connectors/*`." }, "vpcConnectorEgressSettings": { "$ref": "#/types/google-native:cloudfunctions%2Fv2beta:ServiceConfigVpcConnectorEgressSettings", "description": "The egress settings for the connector, controlling what traffic is diverted through it." } }, "type": "object" }, "google-native:cloudfunctions/v2beta:ServiceConfigIngressSettings": { "description": "The ingress settings for the function, controlling what traffic can reach it.", "type": "string", "enum": [ { "name": "IngressSettingsUnspecified", "description": "Unspecified.", "value": "INGRESS_SETTINGS_UNSPECIFIED" }, { "name": "AllowAll", "description": "Allow HTTP traffic from public and private sources.", "value": "ALLOW_ALL" }, { "name": "AllowInternalOnly", "description": "Allow HTTP traffic from only private VPC sources.", "value": "ALLOW_INTERNAL_ONLY" }, { "name": "AllowInternalAndGclb", "description": "Allow HTTP traffic from private VPC sources and through GCLB.", "value": "ALLOW_INTERNAL_AND_GCLB" } ] }, "google-native:cloudfunctions/v2beta:ServiceConfigResponse": { "description": "Describes the Service being deployed. Currently Supported : Cloud Run (fully managed).", "properties": { "allTrafficOnLatestRevision": { "type": "boolean", "description": "Whether 100% of traffic is routed to the latest revision. On CreateFunction and UpdateFunction, when set to true, the revision being deployed will serve 100% of traffic, ignoring any traffic split settings, if any. On GetFunction, true will be returned if the latest revision is serving 100% of traffic." }, "availableCpu": { "type": "string", "description": "[Preview] The number of CPUs used in a single container instance. Default value is calculated from available memory. Supports the same values as Cloud Run, see https://cloud.google.com/run/docs/reference/rest/v1/Container#resourcerequirements Example: \"1\" indicates 1 vCPU" }, "availableMemory": { "type": "string", "description": "The amount of memory available for a function. Defaults to 256M. Supported units are k, M, G, Mi, Gi. If no unit is supplied the value is interpreted as bytes. See https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go a full description." }, "environmentVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Environment variables that shall be available during function execution." }, "ingressSettings": { "type": "string", "description": "The ingress settings for the function, controlling what traffic can reach it." }, "maxInstanceCount": { "type": "integer", "description": "The limit on the maximum number of function instances that may coexist at a given time. In some cases, such as rapid traffic surges, Cloud Functions may, for a short period of time, create more instances than the specified max instances limit. If your function cannot tolerate this temporary behavior, you may want to factor in a safety margin and set a lower max instances value than your function can tolerate. See the [Max Instances](https://cloud.google.com/functions/docs/max-instances) Guide for more details." }, "maxInstanceRequestConcurrency": { "type": "integer", "description": "[Preview] Sets the maximum number of concurrent requests that each instance can receive. Defaults to 1." }, "minInstanceCount": { "type": "integer", "description": "The limit on the minimum number of function instances that may coexist at a given time. Function instances are kept in idle state for a short period after they finished executing the request to reduce cold start time for subsequent requests. Setting a minimum instance count will ensure that the given number of instances are kept running in idle state always. This can help with cold start times when jump in incoming request count occurs after the idle instance would have been stopped in the default case." }, "revision": { "type": "string", "description": "The name of service revision." }, "secretEnvironmentVariables": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv2beta:SecretEnvVarResponse" }, "description": "Secret environment variables configuration." }, "secretVolumes": { "type": "array", "items": { "$ref": "#/types/google-native:cloudfunctions%2Fv2beta:SecretVolumeResponse" }, "description": "Secret volumes configuration." }, "securityLevel": { "type": "string", "description": "Security level configure whether the function only accepts https. This configuration is only applicable to 1st Gen functions with Http trigger. By default https is optional for 1st Gen functions; 2nd Gen functions are https ONLY." }, "service": { "type": "string", "description": "Name of the service associated with a Function. The format of this field is `projects/{project}/locations/{region}/services/{service}`" }, "serviceAccountEmail": { "type": "string", "description": "The email of the service's service account. If empty, defaults to `{project_number}-compute@developer.gserviceaccount.com`." }, "timeoutSeconds": { "type": "integer", "description": "The function execution timeout. Execution is considered failed and can be terminated if the function is not completed at the end of the timeout period. Defaults to 60 seconds." }, "uri": { "type": "string", "description": "URI of the Service deployed." }, "vpcConnector": { "type": "string", "description": "The Serverless VPC Access connector that this cloud function can connect to. The format of this field is `projects/*/locations/*/connectors/*`." }, "vpcConnectorEgressSettings": { "type": "string", "description": "The egress settings for the connector, controlling what traffic is diverted through it." } }, "type": "object", "required": [ "allTrafficOnLatestRevision", "availableCpu", "availableMemory", "environmentVariables", "ingressSettings", "maxInstanceCount", "maxInstanceRequestConcurrency", "minInstanceCount", "revision", "secretEnvironmentVariables", "secretVolumes", "securityLevel", "service", "serviceAccountEmail", "timeoutSeconds", "uri", "vpcConnector", "vpcConnectorEgressSettings" ] }, "google-native:cloudfunctions/v2beta:ServiceConfigSecurityLevel": { "description": "Security level configure whether the function only accepts https. This configuration is only applicable to 1st Gen functions with Http trigger. By default https is optional for 1st Gen functions; 2nd Gen functions are https ONLY.", "type": "string", "enum": [ { "name": "SecurityLevelUnspecified", "description": "Unspecified.", "value": "SECURITY_LEVEL_UNSPECIFIED" }, { "name": "SecureAlways", "description": "Requests for a URL that match this handler that do not use HTTPS are automatically redirected to the HTTPS URL with the same path. Query parameters are reserved for the redirect.", "value": "SECURE_ALWAYS" }, { "name": "SecureOptional", "description": "Both HTTP and HTTPS requests with URLs that match the handler succeed without redirects. The application can examine the request to determine which protocol was used and respond accordingly.", "value": "SECURE_OPTIONAL" } ] }, "google-native:cloudfunctions/v2beta:ServiceConfigVpcConnectorEgressSettings": { "description": "The egress settings for the connector, controlling what traffic is diverted through it.", "type": "string", "enum": [ { "name": "VpcConnectorEgressSettingsUnspecified", "description": "Unspecified.", "value": "VPC_CONNECTOR_EGRESS_SETTINGS_UNSPECIFIED" }, { "name": "PrivateRangesOnly", "description": "Use the VPC Access Connector only for private IP space from RFC1918.", "value": "PRIVATE_RANGES_ONLY" }, { "name": "AllTraffic", "description": "Force the use of VPC Access Connector for all egress traffic from the function.", "value": "ALL_TRAFFIC" } ] }, "google-native:cloudfunctions/v2beta:Source": { "description": "The location of the function source code.", "properties": { "gitUri": { "type": "string", "description": "If provided, get the source from GitHub repository. This option is valid only for GCF 1st Gen function. Example: https://github.com///blob//" }, "repoSource": { "$ref": "#/types/google-native:cloudfunctions%2Fv2beta:RepoSource", "description": "If provided, get the source from this location in a Cloud Source Repository." }, "storageSource": { "$ref": "#/types/google-native:cloudfunctions%2Fv2beta:StorageSource", "description": "If provided, get the source from this location in Google Cloud Storage." } }, "type": "object" }, "google-native:cloudfunctions/v2beta:SourceProvenanceResponse": { "description": "Provenance of the source. Ways to find the original source, or verify that some source was used for this build.", "properties": { "gitUri": { "type": "string", "description": "A copy of the build's `source.git_uri`, if exists, with any commits resolved." }, "resolvedRepoSource": { "$ref": "#/types/google-native:cloudfunctions%2Fv2beta:RepoSourceResponse", "description": "A copy of the build's `source.repo_source`, if exists, with any revisions resolved." }, "resolvedStorageSource": { "$ref": "#/types/google-native:cloudfunctions%2Fv2beta:StorageSourceResponse", "description": "A copy of the build's `source.storage_source`, if exists, with any generations resolved." } }, "type": "object", "required": [ "gitUri", "resolvedRepoSource", "resolvedStorageSource" ] }, "google-native:cloudfunctions/v2beta:SourceResponse": { "description": "The location of the function source code.", "properties": { "gitUri": { "type": "string", "description": "If provided, get the source from GitHub repository. This option is valid only for GCF 1st Gen function. Example: https://github.com///blob//" }, "repoSource": { "$ref": "#/types/google-native:cloudfunctions%2Fv2beta:RepoSourceResponse", "description": "If provided, get the source from this location in a Cloud Source Repository." }, "storageSource": { "$ref": "#/types/google-native:cloudfunctions%2Fv2beta:StorageSourceResponse", "description": "If provided, get the source from this location in Google Cloud Storage." } }, "type": "object", "required": [ "gitUri", "repoSource", "storageSource" ] }, "google-native:cloudfunctions/v2beta:StorageSource": { "description": "Location of the source in an archive file in Google Cloud Storage.", "properties": { "bucket": { "type": "string", "description": "Google Cloud Storage bucket containing the source (see [Bucket Name Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements))." }, "generation": { "type": "string", "description": "Google Cloud Storage generation for the object. If the generation is omitted, the latest generation will be used." }, "object": { "type": "string", "description": "Google Cloud Storage object containing the source. This object must be a gzipped archive file (`.tar.gz`) containing source to build." } }, "type": "object" }, "google-native:cloudfunctions/v2beta:StorageSourceResponse": { "description": "Location of the source in an archive file in Google Cloud Storage.", "properties": { "bucket": { "type": "string", "description": "Google Cloud Storage bucket containing the source (see [Bucket Name Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements))." }, "generation": { "type": "string", "description": "Google Cloud Storage generation for the object. If the generation is omitted, the latest generation will be used." }, "object": { "type": "string", "description": "Google Cloud Storage object containing the source. This object must be a gzipped archive file (`.tar.gz`) containing source to build." } }, "type": "object", "required": [ "bucket", "generation", "object" ] }, "google-native:cloudidentity/v1:DynamicGroupMetadata": { "description": "Dynamic group metadata like queries and status.", "properties": { "queries": { "type": "array", "items": { "$ref": "#/types/google-native:cloudidentity%2Fv1:DynamicGroupQuery" }, "description": "Memberships will be the union of all queries. Only one entry with USER resource is currently supported. Customers can create up to 100 dynamic groups." } }, "type": "object" }, "google-native:cloudidentity/v1:DynamicGroupMetadataResponse": { "description": "Dynamic group metadata like queries and status.", "properties": { "queries": { "type": "array", "items": { "$ref": "#/types/google-native:cloudidentity%2Fv1:DynamicGroupQueryResponse" }, "description": "Memberships will be the union of all queries. Only one entry with USER resource is currently supported. Customers can create up to 100 dynamic groups." }, "status": { "$ref": "#/types/google-native:cloudidentity%2Fv1:DynamicGroupStatusResponse", "description": "Status of the dynamic group." } }, "type": "object", "required": [ "queries", "status" ] }, "google-native:cloudidentity/v1:DynamicGroupQuery": { "description": "Defines a query on a resource.", "properties": { "query": { "type": "string", "description": "Query that determines the memberships of the dynamic group. Examples: All users with at least one `organizations.department` of engineering. `user.organizations.exists(org, org.department=='engineering')` All users with at least one location that has `area` of `foo` and `building_id` of `bar`. `user.locations.exists(loc, loc.area=='foo' && loc.building_id=='bar')` All users with any variation of the name John Doe (case-insensitive queries add `equalsIgnoreCase()` to the value being queried). `user.name.value.equalsIgnoreCase('jOhn DoE')`" }, "resourceType": { "$ref": "#/types/google-native:cloudidentity%2Fv1:DynamicGroupQueryResourceType", "description": "Resource type for the Dynamic Group Query" } }, "type": "object" }, "google-native:cloudidentity/v1:DynamicGroupQueryResourceType": { "description": "Resource type for the Dynamic Group Query", "type": "string", "enum": [ { "name": "ResourceTypeUnspecified", "description": "Default value (not valid)", "value": "RESOURCE_TYPE_UNSPECIFIED" }, { "name": "User", "description": "For queries on User", "value": "USER" } ] }, "google-native:cloudidentity/v1:DynamicGroupQueryResponse": { "description": "Defines a query on a resource.", "properties": { "query": { "type": "string", "description": "Query that determines the memberships of the dynamic group. Examples: All users with at least one `organizations.department` of engineering. `user.organizations.exists(org, org.department=='engineering')` All users with at least one location that has `area` of `foo` and `building_id` of `bar`. `user.locations.exists(loc, loc.area=='foo' && loc.building_id=='bar')` All users with any variation of the name John Doe (case-insensitive queries add `equalsIgnoreCase()` to the value being queried). `user.name.value.equalsIgnoreCase('jOhn DoE')`" }, "resourceType": { "type": "string", "description": "Resource type for the Dynamic Group Query" } }, "type": "object", "required": [ "query", "resourceType" ] }, "google-native:cloudidentity/v1:DynamicGroupStatusResponse": { "description": "The current status of a dynamic group along with timestamp.", "properties": { "status": { "type": "string", "description": "Status of the dynamic group." }, "statusTime": { "type": "string", "description": "The latest time at which the dynamic group is guaranteed to be in the given status. If status is `UP_TO_DATE`, the latest time at which the dynamic group was confirmed to be up-to-date. If status is `UPDATING_MEMBERSHIPS`, the time at which dynamic group was created." } }, "type": "object", "required": [ "status", "statusTime" ] }, "google-native:cloudidentity/v1:EntityKey": { "description": "A unique identifier for an entity in the Cloud Identity Groups API. An entity can represent either a group with an optional `namespace` or a user without a `namespace`. The combination of `id` and `namespace` must be unique; however, the same `id` can be used with different `namespace`s.", "properties": { "id": { "type": "string", "description": "The ID of the entity. For Google-managed entities, the `id` should be the email address of an existing group or user. For external-identity-mapped entities, the `id` must be a string conforming to the Identity Source's requirements. Must be unique within a `namespace`." }, "namespace": { "type": "string", "description": "The namespace in which the entity exists. If not specified, the `EntityKey` represents a Google-managed entity such as a Google user or a Google Group. If specified, the `EntityKey` represents an external-identity-mapped group. The namespace must correspond to an identity source created in Admin Console and must be in the form of `identitysources/{identity_source}`." } }, "type": "object" }, "google-native:cloudidentity/v1:EntityKeyResponse": { "description": "A unique identifier for an entity in the Cloud Identity Groups API. An entity can represent either a group with an optional `namespace` or a user without a `namespace`. The combination of `id` and `namespace` must be unique; however, the same `id` can be used with different `namespace`s.", "properties": { "namespace": { "type": "string", "description": "The namespace in which the entity exists. If not specified, the `EntityKey` represents a Google-managed entity such as a Google user or a Google Group. If specified, the `EntityKey` represents an external-identity-mapped group. The namespace must correspond to an identity source created in Admin Console and must be in the form of `identitysources/{identity_source}`." } }, "type": "object", "required": [ "namespace" ] }, "google-native:cloudidentity/v1:ExpiryDetail": { "description": "The `MembershipRole` expiry details.", "properties": { "expireTime": { "type": "string", "description": "The time at which the `MembershipRole` will expire." } }, "type": "object" }, "google-native:cloudidentity/v1:ExpiryDetailResponse": { "description": "The `MembershipRole` expiry details.", "properties": { "expireTime": { "type": "string", "description": "The time at which the `MembershipRole` will expire." } }, "type": "object", "required": [ "expireTime" ] }, "google-native:cloudidentity/v1:GoogleAppsCloudidentityDevicesV1AndroidAttributesResponse": { "description": "Resource representing the Android specific attributes of a Device.", "properties": { "ctsProfileMatch": { "type": "boolean", "description": "Whether the device passes Android CTS compliance." }, "enabledUnknownSources": { "type": "boolean", "description": "Whether applications from unknown sources can be installed on device." }, "hasPotentiallyHarmfulApps": { "type": "boolean", "description": "Whether any potentially harmful apps were detected on the device." }, "ownerProfileAccount": { "type": "boolean", "description": "Whether this account is on an owner/primary profile. For phones, only true for owner profiles. Android 4+ devices can have secondary or restricted user profiles." }, "ownershipPrivilege": { "type": "string", "description": "Ownership privileges on device." }, "supportsWorkProfile": { "type": "boolean", "description": "Whether device supports Android work profiles. If false, this service will not block access to corp data even if an administrator turns on the \"Enforce Work Profile\" policy." }, "verifiedBoot": { "type": "boolean", "description": "Whether Android verified boot status is GREEN." }, "verifyAppsEnabled": { "type": "boolean", "description": "Whether Google Play Protect Verify Apps is enabled." } }, "type": "object", "required": [ "ctsProfileMatch", "enabledUnknownSources", "hasPotentiallyHarmfulApps", "ownerProfileAccount", "ownershipPrivilege", "supportsWorkProfile", "verifiedBoot", "verifyAppsEnabled" ] }, "google-native:cloudidentity/v1:InboundSsoAssignmentSsoMode": { "description": "Inbound SSO behavior.", "type": "string", "enum": [ { "name": "SsoModeUnspecified", "description": "Not allowed.", "value": "SSO_MODE_UNSPECIFIED" }, { "name": "SsoOff", "description": "Disable SSO for the targeted users.", "value": "SSO_OFF" }, { "name": "SamlSso", "description": "Use an external SAML Identity Provider for SSO for the targeted users.", "value": "SAML_SSO" }, { "name": "DomainWideSamlIfEnabled", "description": "Use the domain-wide SAML Identity Provider for the targeted users if one is configured; otherwise, this is equivalent to `SSO_OFF`. Note that this will also be equivalent to `SSO_OFF` if/when support for domain-wide SAML is removed. Google may disallow this mode at that point and existing assignments with this mode may be automatically changed to `SSO_OFF`.", "value": "DOMAIN_WIDE_SAML_IF_ENABLED" } ] }, "google-native:cloudidentity/v1:MembershipRole": { "description": "A membership role within the Cloud Identity Groups API. A `MembershipRole` defines the privileges granted to a `Membership`.", "properties": { "expiryDetail": { "$ref": "#/types/google-native:cloudidentity%2Fv1:ExpiryDetail", "description": "The expiry details of the `MembershipRole`. Expiry details are only supported for `MEMBER` `MembershipRoles`. May be set if `name` is `MEMBER`. Must not be set if `name` is any other value." }, "name": { "type": "string", "description": "The name of the `MembershipRole`. Must be one of `OWNER`, `MANAGER`, `MEMBER`." }, "restrictionEvaluations": { "$ref": "#/types/google-native:cloudidentity%2Fv1:RestrictionEvaluations", "description": "Evaluations of restrictions applied to parent group on this membership." } }, "type": "object" }, "google-native:cloudidentity/v1:MembershipRoleResponse": { "description": "A membership role within the Cloud Identity Groups API. A `MembershipRole` defines the privileges granted to a `Membership`.", "properties": { "expiryDetail": { "$ref": "#/types/google-native:cloudidentity%2Fv1:ExpiryDetailResponse", "description": "The expiry details of the `MembershipRole`. Expiry details are only supported for `MEMBER` `MembershipRoles`. May be set if `name` is `MEMBER`. Must not be set if `name` is any other value." }, "name": { "type": "string", "description": "The name of the `MembershipRole`. Must be one of `OWNER`, `MANAGER`, `MEMBER`." }, "restrictionEvaluations": { "$ref": "#/types/google-native:cloudidentity%2Fv1:RestrictionEvaluationsResponse", "description": "Evaluations of restrictions applied to parent group on this membership." } }, "type": "object", "required": [ "expiryDetail", "name", "restrictionEvaluations" ] }, "google-native:cloudidentity/v1:MembershipRoleRestrictionEvaluation": { "description": "The evaluated state of this restriction.", "type": "object" }, "google-native:cloudidentity/v1:MembershipRoleRestrictionEvaluationResponse": { "description": "The evaluated state of this restriction.", "properties": { "state": { "type": "string", "description": "The current state of the restriction" } }, "type": "object", "required": [ "state" ] }, "google-native:cloudidentity/v1:RestrictionEvaluations": { "description": "Evaluations of restrictions applied to parent group on this membership.", "properties": { "memberRestrictionEvaluation": { "$ref": "#/types/google-native:cloudidentity%2Fv1:MembershipRoleRestrictionEvaluation", "description": "Evaluation of the member restriction applied to this membership. Empty if the user lacks permission to view the restriction evaluation." } }, "type": "object" }, "google-native:cloudidentity/v1:RestrictionEvaluationsResponse": { "description": "Evaluations of restrictions applied to parent group on this membership.", "properties": { "memberRestrictionEvaluation": { "$ref": "#/types/google-native:cloudidentity%2Fv1:MembershipRoleRestrictionEvaluationResponse", "description": "Evaluation of the member restriction applied to this membership. Empty if the user lacks permission to view the restriction evaluation." } }, "type": "object", "required": [ "memberRestrictionEvaluation" ] }, "google-native:cloudidentity/v1:SamlIdpConfig": { "description": "SAML IDP (identity provider) configuration.", "properties": { "changePasswordUri": { "type": "string", "description": "The **Change Password URL** of the identity provider. Users will be sent to this URL when changing their passwords at `myaccount.google.com`. This takes precedence over the change password URL configured at customer-level. Must use `HTTPS`." }, "entityId": { "type": "string", "description": "The SAML **Entity ID** of the identity provider." }, "logoutRedirectUri": { "type": "string", "description": "The **Logout Redirect URL** (sign-out page URL) of the identity provider. When a user clicks the sign-out link on a Google page, they will be redirected to this URL. This is a pure redirect with no attached SAML `LogoutRequest` i.e. SAML single logout is not supported. Must use `HTTPS`." }, "singleSignOnServiceUri": { "type": "string", "description": "The `SingleSignOnService` endpoint location (sign-in page URL) of the identity provider. This is the URL where the `AuthnRequest` will be sent. Must use `HTTPS`. Assumed to accept the `HTTP-Redirect` binding." } }, "type": "object", "required": [ "entityId", "singleSignOnServiceUri" ] }, "google-native:cloudidentity/v1:SamlIdpConfigResponse": { "description": "SAML IDP (identity provider) configuration.", "properties": { "changePasswordUri": { "type": "string", "description": "The **Change Password URL** of the identity provider. Users will be sent to this URL when changing their passwords at `myaccount.google.com`. This takes precedence over the change password URL configured at customer-level. Must use `HTTPS`." }, "entityId": { "type": "string", "description": "The SAML **Entity ID** of the identity provider." }, "logoutRedirectUri": { "type": "string", "description": "The **Logout Redirect URL** (sign-out page URL) of the identity provider. When a user clicks the sign-out link on a Google page, they will be redirected to this URL. This is a pure redirect with no attached SAML `LogoutRequest` i.e. SAML single logout is not supported. Must use `HTTPS`." }, "singleSignOnServiceUri": { "type": "string", "description": "The `SingleSignOnService` endpoint location (sign-in page URL) of the identity provider. This is the URL where the `AuthnRequest` will be sent. Must use `HTTPS`. Assumed to accept the `HTTP-Redirect` binding." } }, "type": "object", "required": [ "changePasswordUri", "entityId", "logoutRedirectUri", "singleSignOnServiceUri" ] }, "google-native:cloudidentity/v1:SamlSpConfig": { "description": "SAML SP (service provider) configuration.", "type": "object" }, "google-native:cloudidentity/v1:SamlSpConfigResponse": { "description": "SAML SP (service provider) configuration.", "properties": { "assertionConsumerServiceUri": { "type": "string", "description": "The SAML **Assertion Consumer Service (ACS) URL** to be used for the IDP-initiated login. Assumed to accept response messages via the `HTTP-POST` binding." }, "entityId": { "type": "string", "description": "The SAML **Entity ID** for this service provider." } }, "type": "object", "required": [ "assertionConsumerServiceUri", "entityId" ] }, "google-native:cloudidentity/v1:SamlSsoInfo": { "description": "Details that are applicable when `sso_mode` == `SAML_SSO`.", "properties": { "inboundSamlSsoProfile": { "type": "string", "description": "Name of the `InboundSamlSsoProfile` to use. Must be of the form `inboundSamlSsoProfiles/{inbound_saml_sso_profile}`. " } }, "type": "object", "required": [ "inboundSamlSsoProfile" ] }, "google-native:cloudidentity/v1:SamlSsoInfoResponse": { "description": "Details that are applicable when `sso_mode` == `SAML_SSO`.", "properties": { "inboundSamlSsoProfile": { "type": "string", "description": "Name of the `InboundSamlSsoProfile` to use. Must be of the form `inboundSamlSsoProfiles/{inbound_saml_sso_profile}`. " } }, "type": "object", "required": [ "inboundSamlSsoProfile" ] }, "google-native:cloudidentity/v1:SignInBehavior": { "description": "Controls sign-in behavior.", "properties": { "redirectCondition": { "$ref": "#/types/google-native:cloudidentity%2Fv1:SignInBehaviorRedirectCondition", "description": "When to redirect sign-ins to the IdP." } }, "type": "object" }, "google-native:cloudidentity/v1:SignInBehaviorRedirectCondition": { "description": "When to redirect sign-ins to the IdP.", "type": "string", "enum": [ { "name": "RedirectConditionUnspecified", "description": "Default and means \"always\"", "value": "REDIRECT_CONDITION_UNSPECIFIED" }, { "name": "Never", "description": "Sign-in flows where the user is prompted for their identity will not redirect to the IdP (so the user will most likely be prompted by Google for a password), but special flows like IdP-initiated SAML and sign-in following automatic redirection to the IdP by domain-specific service URLs will accept the IdP's assertion of the user's identity.", "value": "NEVER" } ] }, "google-native:cloudidentity/v1:SignInBehaviorResponse": { "description": "Controls sign-in behavior.", "properties": { "redirectCondition": { "type": "string", "description": "When to redirect sign-ins to the IdP." } }, "type": "object", "required": [ "redirectCondition" ] }, "google-native:cloudidentity/v1beta1:AndroidAttributesResponse": { "description": "Resource representing the Android specific attributes of a Device.", "properties": { "ctsProfileMatch": { "type": "boolean", "description": "Whether the device passes Android CTS compliance." }, "enabledUnknownSources": { "type": "boolean", "description": "Whether applications from unknown sources can be installed on device." }, "hasPotentiallyHarmfulApps": { "type": "boolean", "description": "Whether any potentially harmful apps were detected on the device." }, "ownerProfileAccount": { "type": "boolean", "description": "Whether this account is on an owner/primary profile. For phones, only true for owner profiles. Android 4+ devices can have secondary or restricted user profiles." }, "ownershipPrivilege": { "type": "string", "description": "Ownership privileges on device." }, "supportsWorkProfile": { "type": "boolean", "description": "Whether device supports Android work profiles. If false, this service will not block access to corp data even if an administrator turns on the \"Enforce Work Profile\" policy." }, "verifiedBoot": { "type": "boolean", "description": "Whether Android verified boot status is GREEN." }, "verifyAppsEnabled": { "type": "boolean", "description": "Whether Google Play Protect Verify Apps is enabled." } }, "type": "object", "required": [ "ctsProfileMatch", "enabledUnknownSources", "hasPotentiallyHarmfulApps", "ownerProfileAccount", "ownershipPrivilege", "supportsWorkProfile", "verifiedBoot", "verifyAppsEnabled" ] }, "google-native:cloudidentity/v1beta1:CertificateAttributesResponse": { "description": "Stores information about a certificate.", "properties": { "certificateTemplate": { "$ref": "#/types/google-native:cloudidentity%2Fv1beta1:CertificateTemplateResponse", "description": "The X.509 extension for CertificateTemplate." }, "fingerprint": { "type": "string", "description": "The encoded certificate fingerprint." }, "issuer": { "type": "string", "description": "The name of the issuer of this certificate." }, "serialNumber": { "type": "string", "description": "Serial number of the certificate, Example: \"123456789\"." }, "subject": { "type": "string", "description": "The subject name of this certificate." }, "thumbprint": { "type": "string", "description": "The certificate thumbprint." }, "validationState": { "type": "string", "description": "Validation state of this certificate." }, "validityExpirationTime": { "type": "string", "description": "Certificate not valid at or after this timestamp." }, "validityStartTime": { "type": "string", "description": "Certificate not valid before this timestamp." } }, "type": "object", "required": [ "certificateTemplate", "fingerprint", "issuer", "serialNumber", "subject", "thumbprint", "validationState", "validityExpirationTime", "validityStartTime" ] }, "google-native:cloudidentity/v1beta1:CertificateTemplateResponse": { "description": "CertificateTemplate (v3 Extension in X.509).", "properties": { "majorVersion": { "type": "integer", "description": "The Major version of the template. Example: 100." }, "minorVersion": { "type": "integer", "description": "The minor version of the template. Example: 12." } }, "type": "object", "required": [ "majorVersion", "minorVersion" ] }, "google-native:cloudidentity/v1beta1:DeviceClientTypesItem": { "type": "string", "enum": [ { "name": "ClientTypeUnspecified", "description": "Default value", "value": "CLIENT_TYPE_UNSPECIFIED" }, { "name": "DriveFs", "description": "Managed by DriveFS", "value": "DRIVE_FS" }, { "name": "Fundamental", "description": "Management type for every secure device", "value": "FUNDAMENTAL" }, { "name": "EndpointVerification", "description": "Managed by Endpoint Verification", "value": "ENDPOINT_VERIFICATION" }, { "name": "WindowsAdvanced", "description": "Managed by Windows", "value": "WINDOWS_ADVANCED" }, { "name": "GoogleCredentialsProviderForWindows", "description": "Managed by Google credential provider for windows", "value": "GOOGLE_CREDENTIALS_PROVIDER_FOR_WINDOWS" } ] }, "google-native:cloudidentity/v1beta1:DynamicGroupMetadata": { "description": "Dynamic group metadata like queries and status.", "properties": { "queries": { "type": "array", "items": { "$ref": "#/types/google-native:cloudidentity%2Fv1beta1:DynamicGroupQuery" }, "description": "Memberships will be the union of all queries. Only one entry with USER resource is currently supported. Customers can create up to 100 dynamic groups." } }, "type": "object" }, "google-native:cloudidentity/v1beta1:DynamicGroupMetadataResponse": { "description": "Dynamic group metadata like queries and status.", "properties": { "queries": { "type": "array", "items": { "$ref": "#/types/google-native:cloudidentity%2Fv1beta1:DynamicGroupQueryResponse" }, "description": "Memberships will be the union of all queries. Only one entry with USER resource is currently supported. Customers can create up to 100 dynamic groups." }, "status": { "$ref": "#/types/google-native:cloudidentity%2Fv1beta1:DynamicGroupStatusResponse", "description": "Status of the dynamic group." } }, "type": "object", "required": [ "queries", "status" ] }, "google-native:cloudidentity/v1beta1:DynamicGroupQuery": { "description": "Defines a query on a resource.", "properties": { "query": { "type": "string", "description": "Query that determines the memberships of the dynamic group. Examples: All users with at least one `organizations.department` of engineering. `user.organizations.exists(org, org.department=='engineering')` All users with at least one location that has `area` of `foo` and `building_id` of `bar`. `user.locations.exists(loc, loc.area=='foo' && loc.building_id=='bar')` All users with any variation of the name John Doe (case-insensitive queries add `equalsIgnoreCase()` to the value being queried). `user.name.value.equalsIgnoreCase('jOhn DoE')`" }, "resourceType": { "$ref": "#/types/google-native:cloudidentity%2Fv1beta1:DynamicGroupQueryResourceType" } }, "type": "object" }, "google-native:cloudidentity/v1beta1:DynamicGroupQueryResourceType": { "type": "string", "enum": [ { "name": "ResourceTypeUnspecified", "description": "Default value (not valid)", "value": "RESOURCE_TYPE_UNSPECIFIED" }, { "name": "User", "description": "For queries on User", "value": "USER" } ] }, "google-native:cloudidentity/v1beta1:DynamicGroupQueryResponse": { "description": "Defines a query on a resource.", "properties": { "query": { "type": "string", "description": "Query that determines the memberships of the dynamic group. Examples: All users with at least one `organizations.department` of engineering. `user.organizations.exists(org, org.department=='engineering')` All users with at least one location that has `area` of `foo` and `building_id` of `bar`. `user.locations.exists(loc, loc.area=='foo' && loc.building_id=='bar')` All users with any variation of the name John Doe (case-insensitive queries add `equalsIgnoreCase()` to the value being queried). `user.name.value.equalsIgnoreCase('jOhn DoE')`" }, "resourceType": { "type": "string" } }, "type": "object", "required": [ "query", "resourceType" ] }, "google-native:cloudidentity/v1beta1:DynamicGroupStatusResponse": { "description": "The current status of a dynamic group along with timestamp.", "properties": { "status": { "type": "string", "description": "Status of the dynamic group." }, "statusTime": { "type": "string", "description": "The latest time at which the dynamic group is guaranteed to be in the given status. If status is `UP_TO_DATE`, the latest time at which the dynamic group was confirmed to be up-to-date. If status is `UPDATING_MEMBERSHIPS`, the time at which dynamic group was created." } }, "type": "object", "required": [ "status", "statusTime" ] }, "google-native:cloudidentity/v1beta1:EndpointVerificationSpecificAttributesResponse": { "description": "Resource representing the Endpoint Verification-specific attributes of a Device. https://cloud.google.com/endpoint-verification/docs/overview", "properties": { "certificateAttributes": { "type": "array", "items": { "$ref": "#/types/google-native:cloudidentity%2Fv1beta1:CertificateAttributesResponse" }, "description": "Details of certificates." } }, "type": "object", "required": [ "certificateAttributes" ] }, "google-native:cloudidentity/v1beta1:EntityKey": { "description": "A unique identifier for an entity in the Cloud Identity Groups API. An entity can represent either a group with an optional `namespace` or a user without a `namespace`. The combination of `id` and `namespace` must be unique; however, the same `id` can be used with different `namespace`s.", "properties": { "id": { "type": "string", "description": "The ID of the entity. For Google-managed entities, the `id` must be the email address of an existing group or user. For external-identity-mapped entities, the `id` must be a string conforming to the Identity Source's requirements. Must be unique within a `namespace`." }, "namespace": { "type": "string", "description": "The namespace in which the entity exists. If not specified, the `EntityKey` represents a Google-managed entity such as a Google user or a Google Group. If specified, the `EntityKey` represents an external-identity-mapped group. The namespace must correspond to an identity source created in Admin Console and must be in the form of `identitysources/{identity_source_id}`." } }, "type": "object" }, "google-native:cloudidentity/v1beta1:EntityKeyResponse": { "description": "A unique identifier for an entity in the Cloud Identity Groups API. An entity can represent either a group with an optional `namespace` or a user without a `namespace`. The combination of `id` and `namespace` must be unique; however, the same `id` can be used with different `namespace`s.", "properties": { "namespace": { "type": "string", "description": "The namespace in which the entity exists. If not specified, the `EntityKey` represents a Google-managed entity such as a Google user or a Google Group. If specified, the `EntityKey` represents an external-identity-mapped group. The namespace must correspond to an identity source created in Admin Console and must be in the form of `identitysources/{identity_source_id}`." } }, "type": "object", "required": [ "namespace" ] }, "google-native:cloudidentity/v1beta1:ExpiryDetail": { "description": "The `MembershipRole` expiry details.", "properties": { "expireTime": { "type": "string", "description": "The time at which the `MembershipRole` will expire." } }, "type": "object" }, "google-native:cloudidentity/v1beta1:ExpiryDetailResponse": { "description": "The `MembershipRole` expiry details.", "properties": { "expireTime": { "type": "string", "description": "The time at which the `MembershipRole` will expire." } }, "type": "object", "required": [ "expireTime" ] }, "google-native:cloudidentity/v1beta1:InboundSsoAssignmentSsoMode": { "description": "Inbound SSO behavior.", "type": "string", "enum": [ { "name": "SsoModeUnspecified", "description": "Not allowed.", "value": "SSO_MODE_UNSPECIFIED" }, { "name": "SsoOff", "description": "Disable SSO for the targeted users.", "value": "SSO_OFF" }, { "name": "SamlSso", "description": "Use an external SAML Identity Provider for SSO for the targeted users.", "value": "SAML_SSO" }, { "name": "DomainWideSamlIfEnabled", "description": "Use the domain-wide SAML Identity Provider for the targeted users if one is configured; otherwise, this is equivalent to `SSO_OFF`. Note that this will also be equivalent to `SSO_OFF` if/when support for domain-wide SAML is removed. Google may disallow this mode at that point and existing assignments with this mode may be automatically changed to `SSO_OFF`.", "value": "DOMAIN_WIDE_SAML_IF_ENABLED" } ] }, "google-native:cloudidentity/v1beta1:MembershipRole": { "description": "A membership role within the Cloud Identity Groups API. A `MembershipRole` defines the privileges granted to a `Membership`.", "properties": { "expiryDetail": { "$ref": "#/types/google-native:cloudidentity%2Fv1beta1:ExpiryDetail", "description": "The expiry details of the `MembershipRole`. Expiry details are only supported for `MEMBER` `MembershipRoles`. May be set if `name` is `MEMBER`. Must not be set if `name` is any other value." }, "name": { "type": "string", "description": "The name of the `MembershipRole`. Must be one of `OWNER`, `MANAGER`, `MEMBER`." }, "restrictionEvaluations": { "$ref": "#/types/google-native:cloudidentity%2Fv1beta1:RestrictionEvaluations", "description": "Evaluations of restrictions applied to parent group on this membership." } }, "type": "object" }, "google-native:cloudidentity/v1beta1:MembershipRoleResponse": { "description": "A membership role within the Cloud Identity Groups API. A `MembershipRole` defines the privileges granted to a `Membership`.", "properties": { "expiryDetail": { "$ref": "#/types/google-native:cloudidentity%2Fv1beta1:ExpiryDetailResponse", "description": "The expiry details of the `MembershipRole`. Expiry details are only supported for `MEMBER` `MembershipRoles`. May be set if `name` is `MEMBER`. Must not be set if `name` is any other value." }, "name": { "type": "string", "description": "The name of the `MembershipRole`. Must be one of `OWNER`, `MANAGER`, `MEMBER`." }, "restrictionEvaluations": { "$ref": "#/types/google-native:cloudidentity%2Fv1beta1:RestrictionEvaluationsResponse", "description": "Evaluations of restrictions applied to parent group on this membership." } }, "type": "object", "required": [ "expiryDetail", "name", "restrictionEvaluations" ] }, "google-native:cloudidentity/v1beta1:MembershipRoleRestrictionEvaluation": { "description": "The evaluated state of this restriction.", "type": "object" }, "google-native:cloudidentity/v1beta1:MembershipRoleRestrictionEvaluationResponse": { "description": "The evaluated state of this restriction.", "properties": { "state": { "type": "string", "description": "The current state of the restriction" } }, "type": "object", "required": [ "state" ] }, "google-native:cloudidentity/v1beta1:PosixGroup": { "description": "POSIX Group definition to represent a group in a POSIX compliant system.", "properties": { "gid": { "type": "string", "description": "GID of the POSIX group." }, "name": { "type": "string", "description": "Name of the POSIX group." }, "systemId": { "type": "string", "description": "System identifier for which group name and gid apply to. If not specified it will default to empty value." } }, "type": "object" }, "google-native:cloudidentity/v1beta1:PosixGroupResponse": { "description": "POSIX Group definition to represent a group in a POSIX compliant system.", "properties": { "gid": { "type": "string", "description": "GID of the POSIX group." }, "name": { "type": "string", "description": "Name of the POSIX group." }, "systemId": { "type": "string", "description": "System identifier for which group name and gid apply to. If not specified it will default to empty value." } }, "type": "object", "required": [ "gid", "name", "systemId" ] }, "google-native:cloudidentity/v1beta1:RestrictionEvaluations": { "description": "Evaluations of restrictions applied to parent group on this membership.", "properties": { "memberRestrictionEvaluation": { "$ref": "#/types/google-native:cloudidentity%2Fv1beta1:MembershipRoleRestrictionEvaluation", "description": "Evaluation of the member restriction applied to this membership. Empty if the user lacks permission to view the restriction evaluation." } }, "type": "object" }, "google-native:cloudidentity/v1beta1:RestrictionEvaluationsResponse": { "description": "Evaluations of restrictions applied to parent group on this membership.", "properties": { "memberRestrictionEvaluation": { "$ref": "#/types/google-native:cloudidentity%2Fv1beta1:MembershipRoleRestrictionEvaluationResponse", "description": "Evaluation of the member restriction applied to this membership. Empty if the user lacks permission to view the restriction evaluation." } }, "type": "object", "required": [ "memberRestrictionEvaluation" ] }, "google-native:cloudidentity/v1beta1:SamlIdpConfig": { "description": "SAML IDP (identity provider) configuration.", "properties": { "changePasswordUri": { "type": "string", "description": "The **Change Password URL** of the identity provider. Users will be sent to this URL when changing their passwords at `myaccount.google.com`. This takes precedence over the change password URL configured at customer-level. Must use `HTTPS`." }, "entityId": { "type": "string", "description": "The SAML **Entity ID** of the identity provider." }, "logoutRedirectUri": { "type": "string", "description": "The **Logout Redirect URL** (sign-out page URL) of the identity provider. When a user clicks the sign-out link on a Google page, they will be redirected to this URL. This is a pure redirect with no attached SAML `LogoutRequest` i.e. SAML single logout is not supported. Must use `HTTPS`." }, "singleSignOnServiceUri": { "type": "string", "description": "The `SingleSignOnService` endpoint location (sign-in page URL) of the identity provider. This is the URL where the `AuthnRequest` will be sent. Must use `HTTPS`. Assumed to accept the `HTTP-Redirect` binding." } }, "type": "object", "required": [ "entityId", "singleSignOnServiceUri" ] }, "google-native:cloudidentity/v1beta1:SamlIdpConfigResponse": { "description": "SAML IDP (identity provider) configuration.", "properties": { "changePasswordUri": { "type": "string", "description": "The **Change Password URL** of the identity provider. Users will be sent to this URL when changing their passwords at `myaccount.google.com`. This takes precedence over the change password URL configured at customer-level. Must use `HTTPS`." }, "entityId": { "type": "string", "description": "The SAML **Entity ID** of the identity provider." }, "logoutRedirectUri": { "type": "string", "description": "The **Logout Redirect URL** (sign-out page URL) of the identity provider. When a user clicks the sign-out link on a Google page, they will be redirected to this URL. This is a pure redirect with no attached SAML `LogoutRequest` i.e. SAML single logout is not supported. Must use `HTTPS`." }, "singleSignOnServiceUri": { "type": "string", "description": "The `SingleSignOnService` endpoint location (sign-in page URL) of the identity provider. This is the URL where the `AuthnRequest` will be sent. Must use `HTTPS`. Assumed to accept the `HTTP-Redirect` binding." } }, "type": "object", "required": [ "changePasswordUri", "entityId", "logoutRedirectUri", "singleSignOnServiceUri" ] }, "google-native:cloudidentity/v1beta1:SamlSpConfig": { "description": "SAML SP (service provider) configuration.", "type": "object" }, "google-native:cloudidentity/v1beta1:SamlSpConfigResponse": { "description": "SAML SP (service provider) configuration.", "properties": { "assertionConsumerServiceUri": { "type": "string", "description": "The SAML **Assertion Consumer Service (ACS) URL** to be used for the IDP-initiated login. Assumed to accept response messages via the `HTTP-POST` binding." }, "entityId": { "type": "string", "description": "The SAML **Entity ID** for this service provider." } }, "type": "object", "required": [ "assertionConsumerServiceUri", "entityId" ] }, "google-native:cloudidentity/v1beta1:SamlSsoInfo": { "description": "Details that are applicable when `sso_mode` == `SAML_SSO`.", "properties": { "inboundSamlSsoProfile": { "type": "string", "description": "Name of the `InboundSamlSsoProfile` to use. Must be of the form `inboundSamlSsoProfiles/{inbound_saml_sso_profile}`. " } }, "type": "object", "required": [ "inboundSamlSsoProfile" ] }, "google-native:cloudidentity/v1beta1:SamlSsoInfoResponse": { "description": "Details that are applicable when `sso_mode` == `SAML_SSO`.", "properties": { "inboundSamlSsoProfile": { "type": "string", "description": "Name of the `InboundSamlSsoProfile` to use. Must be of the form `inboundSamlSsoProfiles/{inbound_saml_sso_profile}`. " } }, "type": "object", "required": [ "inboundSamlSsoProfile" ] }, "google-native:cloudidentity/v1beta1:SignInBehavior": { "description": "Controls sign-in behavior.", "properties": { "redirectCondition": { "$ref": "#/types/google-native:cloudidentity%2Fv1beta1:SignInBehaviorRedirectCondition", "description": "When to redirect sign-ins to the IdP." } }, "type": "object" }, "google-native:cloudidentity/v1beta1:SignInBehaviorRedirectCondition": { "description": "When to redirect sign-ins to the IdP.", "type": "string", "enum": [ { "name": "RedirectConditionUnspecified", "description": "Default and means \"always\"", "value": "REDIRECT_CONDITION_UNSPECIFIED" }, { "name": "Never", "description": "Sign-in flows where the user is prompted for their identity will not redirect to the IdP (so the user will most likely be prompted by Google for a password), but special flows like IdP-initiated SAML and sign-in following automatic redirection to the IdP by domain-specific service URLs will accept the IdP's assertion of the user's identity.", "value": "NEVER" } ] }, "google-native:cloudidentity/v1beta1:SignInBehaviorResponse": { "description": "Controls sign-in behavior.", "properties": { "redirectCondition": { "type": "string", "description": "When to redirect sign-ins to the IdP." } }, "type": "object", "required": [ "redirectCondition" ] }, "google-native:cloudiot/v1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudiot%2Fv1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:cloudiot/v1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudiot%2Fv1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:cloudiot/v1:DeviceConfig": { "description": "The device configuration. Eventually delivered to devices.", "properties": { "binaryData": { "type": "string", "description": "The device configuration data." } }, "type": "object" }, "google-native:cloudiot/v1:DeviceConfigResponse": { "description": "The device configuration. Eventually delivered to devices.", "properties": { "binaryData": { "type": "string", "description": "The device configuration data." }, "cloudUpdateTime": { "type": "string", "description": "[Output only] The time at which this configuration version was updated in Cloud IoT Core. This timestamp is set by the server." }, "deviceAckTime": { "type": "string", "description": "[Output only] The time at which Cloud IoT Core received the acknowledgment from the device, indicating that the device has received this configuration version. If this field is not present, the device has not yet acknowledged that it received this version. Note that when the config was sent to the device, many config versions may have been available in Cloud IoT Core while the device was disconnected, and on connection, only the latest version is sent to the device. Some versions may never be sent to the device, and therefore are never acknowledged. This timestamp is set by Cloud IoT Core." }, "version": { "type": "string", "description": "[Output only] The version of this update. The version number is assigned by the server, and is always greater than 0 after device creation. The version must be 0 on the `CreateDevice` request if a `config` is specified; the response of `CreateDevice` will always have a value of 1." } }, "type": "object", "required": [ "binaryData", "cloudUpdateTime", "deviceAckTime", "version" ] }, "google-native:cloudiot/v1:DeviceCredential": { "description": "A server-stored device credential used for authentication.", "properties": { "expirationTime": { "type": "string", "description": "[Optional] The time at which this credential becomes invalid. This credential will be ignored for new client authentication requests after this timestamp; however, it will not be automatically deleted." }, "publicKey": { "$ref": "#/types/google-native:cloudiot%2Fv1:PublicKeyCredential", "description": "A public key used to verify the signature of JSON Web Tokens (JWTs). When adding a new device credential, either via device creation or via modifications, this public key credential may be required to be signed by one of the registry level certificates. More specifically, if the registry contains at least one certificate, any new device credential must be signed by one of the registry certificates. As a result, when the registry contains certificates, only X.509 certificates are accepted as device credentials. However, if the registry does not contain a certificate, self-signed certificates and public keys will be accepted. New device credentials must be different from every registry-level certificate." } }, "type": "object" }, "google-native:cloudiot/v1:DeviceCredentialResponse": { "description": "A server-stored device credential used for authentication.", "properties": { "expirationTime": { "type": "string", "description": "[Optional] The time at which this credential becomes invalid. This credential will be ignored for new client authentication requests after this timestamp; however, it will not be automatically deleted." }, "publicKey": { "$ref": "#/types/google-native:cloudiot%2Fv1:PublicKeyCredentialResponse", "description": "A public key used to verify the signature of JSON Web Tokens (JWTs). When adding a new device credential, either via device creation or via modifications, this public key credential may be required to be signed by one of the registry level certificates. More specifically, if the registry contains at least one certificate, any new device credential must be signed by one of the registry certificates. As a result, when the registry contains certificates, only X.509 certificates are accepted as device credentials. However, if the registry does not contain a certificate, self-signed certificates and public keys will be accepted. New device credentials must be different from every registry-level certificate." } }, "type": "object", "required": [ "expirationTime", "publicKey" ] }, "google-native:cloudiot/v1:DeviceLogLevel": { "description": "**Beta Feature** The logging verbosity for device activity. If unspecified, DeviceRegistry.log_level will be used.", "type": "string", "enum": [ { "name": "LogLevelUnspecified", "description": "No logging specified. If not specified, logging will be disabled.", "value": "LOG_LEVEL_UNSPECIFIED" }, { "name": "None", "description": "Disables logging.", "value": "NONE" }, { "name": "Error", "description": "Error events will be logged.", "value": "ERROR" }, { "name": "Info", "description": "Informational events will be logged, such as connections and disconnections.", "value": "INFO" }, { "name": "Debug", "description": "All events will be logged.", "value": "DEBUG" } ] }, "google-native:cloudiot/v1:DeviceStateResponse": { "description": "The device state, as reported by the device.", "properties": { "binaryData": { "type": "string", "description": "The device state data." }, "updateTime": { "type": "string", "description": "[Output only] The time at which this state version was updated in Cloud IoT Core." } }, "type": "object", "required": [ "binaryData", "updateTime" ] }, "google-native:cloudiot/v1:EventNotificationConfig": { "description": "The configuration for forwarding telemetry events.", "properties": { "pubsubTopicName": { "type": "string", "description": "A Cloud Pub/Sub topic name. For example, `projects/myProject/topics/deviceEvents`." }, "subfolderMatches": { "type": "string", "description": "If the subfolder name matches this string exactly, this configuration will be used. The string must not include the leading '/' character. If empty, all strings are matched. This field is used only for telemetry events; subfolders are not supported for state changes." } }, "type": "object" }, "google-native:cloudiot/v1:EventNotificationConfigResponse": { "description": "The configuration for forwarding telemetry events.", "properties": { "pubsubTopicName": { "type": "string", "description": "A Cloud Pub/Sub topic name. For example, `projects/myProject/topics/deviceEvents`." }, "subfolderMatches": { "type": "string", "description": "If the subfolder name matches this string exactly, this configuration will be used. The string must not include the leading '/' character. If empty, all strings are matched. This field is used only for telemetry events; subfolders are not supported for state changes." } }, "type": "object", "required": [ "pubsubTopicName", "subfolderMatches" ] }, "google-native:cloudiot/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:cloudiot/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:cloudiot/v1:GatewayConfig": { "description": "Gateway-related configuration and state.", "properties": { "gatewayAuthMethod": { "$ref": "#/types/google-native:cloudiot%2Fv1:GatewayConfigGatewayAuthMethod", "description": "Indicates how to authorize and/or authenticate devices to access the gateway." }, "gatewayType": { "$ref": "#/types/google-native:cloudiot%2Fv1:GatewayConfigGatewayType", "description": "Indicates whether the device is a gateway." } }, "type": "object" }, "google-native:cloudiot/v1:GatewayConfigGatewayAuthMethod": { "description": "Indicates how to authorize and/or authenticate devices to access the gateway.", "type": "string", "enum": [ { "name": "GatewayAuthMethodUnspecified", "description": "No authentication/authorization method specified. No devices are allowed to access the gateway.", "value": "GATEWAY_AUTH_METHOD_UNSPECIFIED" }, { "name": "AssociationOnly", "description": "The device is authenticated through the gateway association only. Device credentials are ignored even if provided.", "value": "ASSOCIATION_ONLY" }, { "name": "DeviceAuthTokenOnly", "description": "The device is authenticated through its own credentials. Gateway association is not checked.", "value": "DEVICE_AUTH_TOKEN_ONLY" }, { "name": "AssociationAndDeviceAuthToken", "description": "The device is authenticated through both device credentials and gateway association. The device must be bound to the gateway and must provide its own credentials.", "value": "ASSOCIATION_AND_DEVICE_AUTH_TOKEN" } ] }, "google-native:cloudiot/v1:GatewayConfigGatewayType": { "description": "Indicates whether the device is a gateway.", "type": "string", "enum": [ { "name": "GatewayTypeUnspecified", "description": "If unspecified, the device is considered a non-gateway device.", "value": "GATEWAY_TYPE_UNSPECIFIED" }, { "name": "Gateway", "description": "The device is a gateway.", "value": "GATEWAY" }, { "name": "NonGateway", "description": "The device is not a gateway.", "value": "NON_GATEWAY" } ] }, "google-native:cloudiot/v1:GatewayConfigResponse": { "description": "Gateway-related configuration and state.", "properties": { "gatewayAuthMethod": { "type": "string", "description": "Indicates how to authorize and/or authenticate devices to access the gateway." }, "gatewayType": { "type": "string", "description": "Indicates whether the device is a gateway." }, "lastAccessedGatewayId": { "type": "string", "description": "[Output only] The ID of the gateway the device accessed most recently." }, "lastAccessedGatewayTime": { "type": "string", "description": "[Output only] The most recent time at which the device accessed the gateway specified in `last_accessed_gateway`." } }, "type": "object", "required": [ "gatewayAuthMethod", "gatewayType", "lastAccessedGatewayId", "lastAccessedGatewayTime" ] }, "google-native:cloudiot/v1:HttpConfig": { "description": "The configuration of the HTTP bridge for a device registry.", "properties": { "httpEnabledState": { "$ref": "#/types/google-native:cloudiot%2Fv1:HttpConfigHttpEnabledState", "description": "If enabled, allows devices to use DeviceService via the HTTP protocol. Otherwise, any requests to DeviceService will fail for this registry." } }, "type": "object" }, "google-native:cloudiot/v1:HttpConfigHttpEnabledState": { "description": "If enabled, allows devices to use DeviceService via the HTTP protocol. Otherwise, any requests to DeviceService will fail for this registry.", "type": "string", "enum": [ { "name": "HttpStateUnspecified", "description": "No HTTP state specified. If not specified, DeviceService will be enabled by default.", "value": "HTTP_STATE_UNSPECIFIED" }, { "name": "HttpEnabled", "description": "Enables DeviceService (HTTP) service for the registry.", "value": "HTTP_ENABLED" }, { "name": "HttpDisabled", "description": "Disables DeviceService (HTTP) service for the registry.", "value": "HTTP_DISABLED" } ] }, "google-native:cloudiot/v1:HttpConfigResponse": { "description": "The configuration of the HTTP bridge for a device registry.", "properties": { "httpEnabledState": { "type": "string", "description": "If enabled, allows devices to use DeviceService via the HTTP protocol. Otherwise, any requests to DeviceService will fail for this registry." } }, "type": "object", "required": [ "httpEnabledState" ] }, "google-native:cloudiot/v1:MqttConfig": { "description": "The configuration of MQTT for a device registry.", "properties": { "mqttEnabledState": { "$ref": "#/types/google-native:cloudiot%2Fv1:MqttConfigMqttEnabledState", "description": "If enabled, allows connections using the MQTT protocol. Otherwise, MQTT connections to this registry will fail." } }, "type": "object" }, "google-native:cloudiot/v1:MqttConfigMqttEnabledState": { "description": "If enabled, allows connections using the MQTT protocol. Otherwise, MQTT connections to this registry will fail.", "type": "string", "enum": [ { "name": "MqttStateUnspecified", "description": "No MQTT state specified. If not specified, MQTT will be enabled by default.", "value": "MQTT_STATE_UNSPECIFIED" }, { "name": "MqttEnabled", "description": "Enables a MQTT connection.", "value": "MQTT_ENABLED" }, { "name": "MqttDisabled", "description": "Disables a MQTT connection.", "value": "MQTT_DISABLED" } ] }, "google-native:cloudiot/v1:MqttConfigResponse": { "description": "The configuration of MQTT for a device registry.", "properties": { "mqttEnabledState": { "type": "string", "description": "If enabled, allows connections using the MQTT protocol. Otherwise, MQTT connections to this registry will fail." } }, "type": "object", "required": [ "mqttEnabledState" ] }, "google-native:cloudiot/v1:PublicKeyCertificate": { "description": "A public key certificate format and data.", "properties": { "certificate": { "type": "string", "description": "The certificate data." }, "format": { "$ref": "#/types/google-native:cloudiot%2Fv1:PublicKeyCertificateFormat", "description": "The certificate format." } }, "type": "object" }, "google-native:cloudiot/v1:PublicKeyCertificateFormat": { "description": "The certificate format.", "type": "string", "enum": [ { "name": "UnspecifiedPublicKeyCertificateFormat", "description": "The format has not been specified. This is an invalid default value and must not be used.", "value": "UNSPECIFIED_PUBLIC_KEY_CERTIFICATE_FORMAT" }, { "name": "X509CertificatePem", "description": "An X.509v3 certificate ([RFC5280](https://www.ietf.org/rfc/rfc5280.txt)), encoded in base64, and wrapped by `-----BEGIN CERTIFICATE-----` and `-----END CERTIFICATE-----`.", "value": "X509_CERTIFICATE_PEM" } ] }, "google-native:cloudiot/v1:PublicKeyCertificateResponse": { "description": "A public key certificate format and data.", "properties": { "certificate": { "type": "string", "description": "The certificate data." }, "format": { "type": "string", "description": "The certificate format." }, "x509Details": { "$ref": "#/types/google-native:cloudiot%2Fv1:X509CertificateDetailsResponse", "description": "[Output only] The certificate details. Used only for X.509 certificates." } }, "type": "object", "required": [ "certificate", "format", "x509Details" ] }, "google-native:cloudiot/v1:PublicKeyCredential": { "description": "A public key format and data.", "properties": { "format": { "$ref": "#/types/google-native:cloudiot%2Fv1:PublicKeyCredentialFormat", "description": "The format of the key." }, "key": { "type": "string", "description": "The key data." } }, "type": "object" }, "google-native:cloudiot/v1:PublicKeyCredentialFormat": { "description": "The format of the key.", "type": "string", "enum": [ { "name": "UnspecifiedPublicKeyFormat", "description": "The format has not been specified. This is an invalid default value and must not be used.", "value": "UNSPECIFIED_PUBLIC_KEY_FORMAT" }, { "name": "RsaPem", "description": "An RSA public key encoded in base64, and wrapped by `-----BEGIN PUBLIC KEY-----` and `-----END PUBLIC KEY-----`. This can be used to verify `RS256` signatures in JWT tokens ([RFC7518]( https://www.ietf.org/rfc/rfc7518.txt)).", "value": "RSA_PEM" }, { "name": "RsaX509Pem", "description": "As RSA_PEM, but wrapped in an X.509v3 certificate ([RFC5280]( https://www.ietf.org/rfc/rfc5280.txt)), encoded in base64, and wrapped by `-----BEGIN CERTIFICATE-----` and `-----END CERTIFICATE-----`.", "value": "RSA_X509_PEM" }, { "name": "Es256Pem", "description": "Public key for the ECDSA algorithm using P-256 and SHA-256, encoded in base64, and wrapped by `-----BEGIN PUBLIC KEY-----` and `-----END PUBLIC KEY-----`. This can be used to verify JWT tokens with the `ES256` algorithm ([RFC7518](https://www.ietf.org/rfc/rfc7518.txt)). This curve is defined in [OpenSSL](https://www.openssl.org/) as the `prime256v1` curve.", "value": "ES256_PEM" }, { "name": "Es256X509Pem", "description": "As ES256_PEM, but wrapped in an X.509v3 certificate ([RFC5280]( https://www.ietf.org/rfc/rfc5280.txt)), encoded in base64, and wrapped by `-----BEGIN CERTIFICATE-----` and `-----END CERTIFICATE-----`.", "value": "ES256_X509_PEM" } ] }, "google-native:cloudiot/v1:PublicKeyCredentialResponse": { "description": "A public key format and data.", "properties": { "format": { "type": "string", "description": "The format of the key." }, "key": { "type": "string", "description": "The key data." } }, "type": "object", "required": [ "format", "key" ] }, "google-native:cloudiot/v1:RegistryCredential": { "description": "A server-stored registry credential used to validate device credentials.", "properties": { "publicKeyCertificate": { "$ref": "#/types/google-native:cloudiot%2Fv1:PublicKeyCertificate", "description": "A public key certificate used to verify the device credentials." } }, "type": "object" }, "google-native:cloudiot/v1:RegistryCredentialResponse": { "description": "A server-stored registry credential used to validate device credentials.", "properties": { "publicKeyCertificate": { "$ref": "#/types/google-native:cloudiot%2Fv1:PublicKeyCertificateResponse", "description": "A public key certificate used to verify the device credentials." } }, "type": "object", "required": [ "publicKeyCertificate" ] }, "google-native:cloudiot/v1:RegistryLogLevel": { "description": "**Beta Feature** The default logging verbosity for activity from devices in this registry. The verbosity level can be overridden by Device.log_level.", "type": "string", "enum": [ { "name": "LogLevelUnspecified", "description": "No logging specified. If not specified, logging will be disabled.", "value": "LOG_LEVEL_UNSPECIFIED" }, { "name": "None", "description": "Disables logging.", "value": "NONE" }, { "name": "Error", "description": "Error events will be logged.", "value": "ERROR" }, { "name": "Info", "description": "Informational events will be logged, such as connections and disconnections.", "value": "INFO" }, { "name": "Debug", "description": "All events will be logged.", "value": "DEBUG" } ] }, "google-native:cloudiot/v1:StateNotificationConfig": { "description": "The configuration for notification of new states received from the device.", "properties": { "pubsubTopicName": { "type": "string", "description": "A Cloud Pub/Sub topic name. For example, `projects/myProject/topics/deviceEvents`." } }, "type": "object" }, "google-native:cloudiot/v1:StateNotificationConfigResponse": { "description": "The configuration for notification of new states received from the device.", "properties": { "pubsubTopicName": { "type": "string", "description": "A Cloud Pub/Sub topic name. For example, `projects/myProject/topics/deviceEvents`." } }, "type": "object", "required": [ "pubsubTopicName" ] }, "google-native:cloudiot/v1:StatusResponse": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object", "required": [ "code", "details", "message" ] }, "google-native:cloudiot/v1:X509CertificateDetailsResponse": { "description": "Details of an X.509 certificate. For informational purposes only.", "properties": { "expiryTime": { "type": "string", "description": "The time the certificate becomes invalid." }, "issuer": { "type": "string", "description": "The entity that signed the certificate." }, "publicKeyType": { "type": "string", "description": "The type of public key in the certificate." }, "signatureAlgorithm": { "type": "string", "description": "The algorithm used to sign the certificate." }, "startTime": { "type": "string", "description": "The time the certificate becomes valid." }, "subject": { "type": "string", "description": "The entity the certificate and public key belong to." } }, "type": "object", "required": [ "expiryTime", "issuer", "publicKeyType", "signatureAlgorithm", "startTime", "subject" ] }, "google-native:cloudkms/v1:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:cloudkms%2Fv1:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:cloudkms/v1:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:cloudkms%2Fv1:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:cloudkms/v1:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:cloudkms%2Fv1:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:cloudkms/v1:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:cloudkms/v1:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:cloudkms/v1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudkms%2Fv1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:cloudkms/v1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudkms%2Fv1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:cloudkms/v1:Certificate": { "description": "A Certificate represents an X.509 certificate used to authenticate HTTPS connections to EKM replicas.", "properties": { "rawDer": { "type": "string", "description": "The raw certificate bytes in DER format." } }, "type": "object", "required": [ "rawDer" ] }, "google-native:cloudkms/v1:CertificateChainsResponse": { "description": "Certificate chains needed to verify the attestation. Certificates in chains are PEM-encoded and are ordered based on https://tools.ietf.org/html/rfc5246#section-7.4.2.", "properties": { "caviumCerts": { "type": "array", "items": { "type": "string" }, "description": "Cavium certificate chain corresponding to the attestation." }, "googleCardCerts": { "type": "array", "items": { "type": "string" }, "description": "Google card certificate chain corresponding to the attestation." }, "googlePartitionCerts": { "type": "array", "items": { "type": "string" }, "description": "Google partition certificate chain corresponding to the attestation." } }, "type": "object", "required": [ "caviumCerts", "googleCardCerts", "googlePartitionCerts" ] }, "google-native:cloudkms/v1:CertificateResponse": { "description": "A Certificate represents an X.509 certificate used to authenticate HTTPS connections to EKM replicas.", "properties": { "issuer": { "type": "string", "description": "The issuer distinguished name in RFC 2253 format. Only present if parsed is true." }, "notAfterTime": { "type": "string", "description": "The certificate is not valid after this time. Only present if parsed is true." }, "notBeforeTime": { "type": "string", "description": "The certificate is not valid before this time. Only present if parsed is true." }, "parsed": { "type": "boolean", "description": "True if the certificate was parsed successfully." }, "rawDer": { "type": "string", "description": "The raw certificate bytes in DER format." }, "serialNumber": { "type": "string", "description": "The certificate serial number as a hex string. Only present if parsed is true." }, "sha256Fingerprint": { "type": "string", "description": "The SHA-256 certificate fingerprint as a hex string. Only present if parsed is true." }, "subject": { "type": "string", "description": "The subject distinguished name in RFC 2253 format. Only present if parsed is true." }, "subjectAlternativeDnsNames": { "type": "array", "items": { "type": "string" }, "description": "The subject Alternative DNS names. Only present if parsed is true." } }, "type": "object", "required": [ "issuer", "notAfterTime", "notBeforeTime", "parsed", "rawDer", "serialNumber", "sha256Fingerprint", "subject", "subjectAlternativeDnsNames" ] }, "google-native:cloudkms/v1:CryptoKeyPurpose": { "description": "Immutable. The immutable purpose of this CryptoKey.", "type": "string", "enum": [ { "name": "CryptoKeyPurposeUnspecified", "description": "Not specified.", "value": "CRYPTO_KEY_PURPOSE_UNSPECIFIED" }, { "name": "EncryptDecrypt", "description": "CryptoKeys with this purpose may be used with Encrypt and Decrypt.", "value": "ENCRYPT_DECRYPT" }, { "name": "AsymmetricSign", "description": "CryptoKeys with this purpose may be used with AsymmetricSign and GetPublicKey.", "value": "ASYMMETRIC_SIGN" }, { "name": "AsymmetricDecrypt", "description": "CryptoKeys with this purpose may be used with AsymmetricDecrypt and GetPublicKey.", "value": "ASYMMETRIC_DECRYPT" }, { "name": "RawEncryptDecrypt", "description": "CryptoKeys with this purpose may be used with RawEncrypt and RawDecrypt. This purpose is meant to be used for interoperable symmetric encryption and does not support automatic CryptoKey rotation.", "value": "RAW_ENCRYPT_DECRYPT" }, { "name": "Mac", "description": "CryptoKeys with this purpose may be used with MacSign.", "value": "MAC" } ] }, "google-native:cloudkms/v1:CryptoKeyVersionResponse": { "description": "A CryptoKeyVersion represents an individual cryptographic key, and the associated key material. An ENABLED version can be used for cryptographic operations. For security reasons, the raw cryptographic key material represented by a CryptoKeyVersion can never be viewed or exported. It can only be used to encrypt, decrypt, or sign data when an authorized user or application invokes Cloud KMS.", "properties": { "algorithm": { "type": "string", "description": "The CryptoKeyVersionAlgorithm that this CryptoKeyVersion supports." }, "attestation": { "$ref": "#/types/google-native:cloudkms%2Fv1:KeyOperationAttestationResponse", "description": "Statement that was generated and signed by the HSM at key creation time. Use this statement to verify attributes of the key as stored on the HSM, independently of Google. Only provided for key versions with protection_level HSM." }, "createTime": { "type": "string", "description": "The time at which this CryptoKeyVersion was created." }, "destroyEventTime": { "type": "string", "description": "The time this CryptoKeyVersion's key material was destroyed. Only present if state is DESTROYED." }, "destroyTime": { "type": "string", "description": "The time this CryptoKeyVersion's key material is scheduled for destruction. Only present if state is DESTROY_SCHEDULED." }, "externalDestructionFailureReason": { "type": "string", "description": "The root cause of the most recent external destruction failure. Only present if state is EXTERNAL_DESTRUCTION_FAILED." }, "externalProtectionLevelOptions": { "$ref": "#/types/google-native:cloudkms%2Fv1:ExternalProtectionLevelOptionsResponse", "description": "ExternalProtectionLevelOptions stores a group of additional fields for configuring a CryptoKeyVersion that are specific to the EXTERNAL protection level and EXTERNAL_VPC protection levels." }, "generateTime": { "type": "string", "description": "The time this CryptoKeyVersion's key material was generated." }, "generationFailureReason": { "type": "string", "description": "The root cause of the most recent generation failure. Only present if state is GENERATION_FAILED." }, "importFailureReason": { "type": "string", "description": "The root cause of the most recent import failure. Only present if state is IMPORT_FAILED." }, "importJob": { "type": "string", "description": "The name of the ImportJob used in the most recent import of this CryptoKeyVersion. Only present if the underlying key material was imported." }, "importTime": { "type": "string", "description": "The time at which this CryptoKeyVersion's key material was most recently imported." }, "name": { "type": "string", "description": "The resource name for this CryptoKeyVersion in the format `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`." }, "protectionLevel": { "type": "string", "description": "The ProtectionLevel describing how crypto operations are performed with this CryptoKeyVersion." }, "reimportEligible": { "type": "boolean", "description": "Whether or not this key version is eligible for reimport, by being specified as a target in ImportCryptoKeyVersionRequest.crypto_key_version." }, "state": { "type": "string", "description": "The current state of the CryptoKeyVersion." } }, "type": "object", "required": [ "algorithm", "attestation", "createTime", "destroyEventTime", "destroyTime", "externalDestructionFailureReason", "externalProtectionLevelOptions", "generateTime", "generationFailureReason", "importFailureReason", "importJob", "importTime", "name", "protectionLevel", "reimportEligible", "state" ] }, "google-native:cloudkms/v1:CryptoKeyVersionState": { "description": "The current state of the CryptoKeyVersion.", "type": "string", "enum": [ { "name": "CryptoKeyVersionStateUnspecified", "description": "Not specified.", "value": "CRYPTO_KEY_VERSION_STATE_UNSPECIFIED" }, { "name": "PendingGeneration", "description": "This version is still being generated. It may not be used, enabled, disabled, or destroyed yet. Cloud KMS will automatically mark this version ENABLED as soon as the version is ready.", "value": "PENDING_GENERATION" }, { "name": "Enabled", "description": "This version may be used for cryptographic operations.", "value": "ENABLED" }, { "name": "Disabled", "description": "This version may not be used, but the key material is still available, and the version can be placed back into the ENABLED state.", "value": "DISABLED" }, { "name": "Destroyed", "description": "This version is destroyed, and the key material is no longer stored. This version may only become ENABLED again if this version is reimport_eligible and the original key material is reimported with a call to KeyManagementService.ImportCryptoKeyVersion.", "value": "DESTROYED" }, { "name": "DestroyScheduled", "description": "This version is scheduled for destruction, and will be destroyed soon. Call RestoreCryptoKeyVersion to put it back into the DISABLED state.", "value": "DESTROY_SCHEDULED" }, { "name": "PendingImport", "description": "This version is still being imported. It may not be used, enabled, disabled, or destroyed yet. Cloud KMS will automatically mark this version ENABLED as soon as the version is ready.", "value": "PENDING_IMPORT" }, { "name": "ImportFailed", "description": "This version was not imported successfully. It may not be used, enabled, disabled, or destroyed. The submitted key material has been discarded. Additional details can be found in CryptoKeyVersion.import_failure_reason.", "value": "IMPORT_FAILED" }, { "name": "GenerationFailed", "description": "This version was not generated successfully. It may not be used, enabled, disabled, or destroyed. Additional details can be found in CryptoKeyVersion.generation_failure_reason.", "value": "GENERATION_FAILED" }, { "name": "PendingExternalDestruction", "description": "This version was destroyed, and it may not be used or enabled again. Cloud KMS is waiting for the corresponding key material residing in an external key manager to be destroyed.", "value": "PENDING_EXTERNAL_DESTRUCTION" }, { "name": "ExternalDestructionFailed", "description": "This version was destroyed, and it may not be used or enabled again. However, Cloud KMS could not confirm that the corresponding key material residing in an external key manager was destroyed. Additional details can be found in CryptoKeyVersion.external_destruction_failure_reason.", "value": "EXTERNAL_DESTRUCTION_FAILED" } ] }, "google-native:cloudkms/v1:CryptoKeyVersionTemplate": { "description": "A CryptoKeyVersionTemplate specifies the properties to use when creating a new CryptoKeyVersion, either manually with CreateCryptoKeyVersion or automatically as a result of auto-rotation.", "properties": { "algorithm": { "$ref": "#/types/google-native:cloudkms%2Fv1:CryptoKeyVersionTemplateAlgorithm", "description": "Algorithm to use when creating a CryptoKeyVersion based on this template. For backwards compatibility, GOOGLE_SYMMETRIC_ENCRYPTION is implied if both this field is omitted and CryptoKey.purpose is ENCRYPT_DECRYPT." }, "protectionLevel": { "$ref": "#/types/google-native:cloudkms%2Fv1:CryptoKeyVersionTemplateProtectionLevel", "description": "ProtectionLevel to use when creating a CryptoKeyVersion based on this template. Immutable. Defaults to SOFTWARE." } }, "type": "object", "required": [ "algorithm" ] }, "google-native:cloudkms/v1:CryptoKeyVersionTemplateAlgorithm": { "description": "Required. Algorithm to use when creating a CryptoKeyVersion based on this template. For backwards compatibility, GOOGLE_SYMMETRIC_ENCRYPTION is implied if both this field is omitted and CryptoKey.purpose is ENCRYPT_DECRYPT.", "type": "string", "enum": [ { "name": "CryptoKeyVersionAlgorithmUnspecified", "description": "Not specified.", "value": "CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED" }, { "name": "GoogleSymmetricEncryption", "description": "Creates symmetric encryption keys.", "value": "GOOGLE_SYMMETRIC_ENCRYPTION" }, { "name": "Aes128Gcm", "description": "AES-GCM (Galois Counter Mode) using 128-bit keys.", "value": "AES_128_GCM" }, { "name": "Aes256Gcm", "description": "AES-GCM (Galois Counter Mode) using 256-bit keys.", "value": "AES_256_GCM" }, { "name": "Aes128Cbc", "description": "AES-CBC (Cipher Block Chaining Mode) using 128-bit keys.", "value": "AES_128_CBC" }, { "name": "Aes256Cbc", "description": "AES-CBC (Cipher Block Chaining Mode) using 256-bit keys.", "value": "AES_256_CBC" }, { "name": "Aes128Ctr", "description": "AES-CTR (Counter Mode) using 128-bit keys.", "value": "AES_128_CTR" }, { "name": "Aes256Ctr", "description": "AES-CTR (Counter Mode) using 256-bit keys.", "value": "AES_256_CTR" }, { "name": "RsaSignPss2048Sha256", "description": "RSASSA-PSS 2048 bit key with a SHA256 digest.", "value": "RSA_SIGN_PSS_2048_SHA256" }, { "name": "RsaSignPss3072Sha256", "description": "RSASSA-PSS 3072 bit key with a SHA256 digest.", "value": "RSA_SIGN_PSS_3072_SHA256" }, { "name": "RsaSignPss4096Sha256", "description": "RSASSA-PSS 4096 bit key with a SHA256 digest.", "value": "RSA_SIGN_PSS_4096_SHA256" }, { "name": "RsaSignPss4096Sha512", "description": "RSASSA-PSS 4096 bit key with a SHA512 digest.", "value": "RSA_SIGN_PSS_4096_SHA512" }, { "name": "RsaSignPkcs12048Sha256", "description": "RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest.", "value": "RSA_SIGN_PKCS1_2048_SHA256" }, { "name": "RsaSignPkcs13072Sha256", "description": "RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest.", "value": "RSA_SIGN_PKCS1_3072_SHA256" }, { "name": "RsaSignPkcs14096Sha256", "description": "RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest.", "value": "RSA_SIGN_PKCS1_4096_SHA256" }, { "name": "RsaSignPkcs14096Sha512", "description": "RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest.", "value": "RSA_SIGN_PKCS1_4096_SHA512" }, { "name": "RsaSignRawPkcs12048", "description": "RSASSA-PKCS1-v1_5 signing without encoding, with a 2048 bit key.", "value": "RSA_SIGN_RAW_PKCS1_2048" }, { "name": "RsaSignRawPkcs13072", "description": "RSASSA-PKCS1-v1_5 signing without encoding, with a 3072 bit key.", "value": "RSA_SIGN_RAW_PKCS1_3072" }, { "name": "RsaSignRawPkcs14096", "description": "RSASSA-PKCS1-v1_5 signing without encoding, with a 4096 bit key.", "value": "RSA_SIGN_RAW_PKCS1_4096" }, { "name": "RsaDecryptOaep2048Sha256", "description": "RSAES-OAEP 2048 bit key with a SHA256 digest.", "value": "RSA_DECRYPT_OAEP_2048_SHA256" }, { "name": "RsaDecryptOaep3072Sha256", "description": "RSAES-OAEP 3072 bit key with a SHA256 digest.", "value": "RSA_DECRYPT_OAEP_3072_SHA256" }, { "name": "RsaDecryptOaep4096Sha256", "description": "RSAES-OAEP 4096 bit key with a SHA256 digest.", "value": "RSA_DECRYPT_OAEP_4096_SHA256" }, { "name": "RsaDecryptOaep4096Sha512", "description": "RSAES-OAEP 4096 bit key with a SHA512 digest.", "value": "RSA_DECRYPT_OAEP_4096_SHA512" }, { "name": "RsaDecryptOaep2048Sha1", "description": "RSAES-OAEP 2048 bit key with a SHA1 digest.", "value": "RSA_DECRYPT_OAEP_2048_SHA1" }, { "name": "RsaDecryptOaep3072Sha1", "description": "RSAES-OAEP 3072 bit key with a SHA1 digest.", "value": "RSA_DECRYPT_OAEP_3072_SHA1" }, { "name": "RsaDecryptOaep4096Sha1", "description": "RSAES-OAEP 4096 bit key with a SHA1 digest.", "value": "RSA_DECRYPT_OAEP_4096_SHA1" }, { "name": "EcSignP256Sha256", "description": "ECDSA on the NIST P-256 curve with a SHA256 digest. Other hash functions can also be used: https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms", "value": "EC_SIGN_P256_SHA256" }, { "name": "EcSignP384Sha384", "description": "ECDSA on the NIST P-384 curve with a SHA384 digest. Other hash functions can also be used: https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms", "value": "EC_SIGN_P384_SHA384" }, { "name": "EcSignSecp256k1Sha256", "description": "ECDSA on the non-NIST secp256k1 curve. This curve is only supported for HSM protection level. Other hash functions can also be used: https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms", "value": "EC_SIGN_SECP256K1_SHA256" }, { "name": "HmacSha256", "description": "HMAC-SHA256 signing with a 256 bit key.", "value": "HMAC_SHA256" }, { "name": "HmacSha1", "description": "HMAC-SHA1 signing with a 160 bit key.", "value": "HMAC_SHA1" }, { "name": "HmacSha384", "description": "HMAC-SHA384 signing with a 384 bit key.", "value": "HMAC_SHA384" }, { "name": "HmacSha512", "description": "HMAC-SHA512 signing with a 512 bit key.", "value": "HMAC_SHA512" }, { "name": "HmacSha224", "description": "HMAC-SHA224 signing with a 224 bit key.", "value": "HMAC_SHA224" }, { "name": "ExternalSymmetricEncryption", "description": "Algorithm representing symmetric encryption by an external key manager.", "value": "EXTERNAL_SYMMETRIC_ENCRYPTION" } ] }, "google-native:cloudkms/v1:CryptoKeyVersionTemplateProtectionLevel": { "description": "ProtectionLevel to use when creating a CryptoKeyVersion based on this template. Immutable. Defaults to SOFTWARE.", "type": "string", "enum": [ { "name": "ProtectionLevelUnspecified", "description": "Not specified.", "value": "PROTECTION_LEVEL_UNSPECIFIED" }, { "name": "Software", "description": "Crypto operations are performed in software.", "value": "SOFTWARE" }, { "name": "Hsm", "description": "Crypto operations are performed in a Hardware Security Module.", "value": "HSM" }, { "name": "External", "description": "Crypto operations are performed by an external key manager.", "value": "EXTERNAL" }, { "name": "ExternalVpc", "description": "Crypto operations are performed in an EKM-over-VPC backend.", "value": "EXTERNAL_VPC" } ] }, "google-native:cloudkms/v1:CryptoKeyVersionTemplateResponse": { "description": "A CryptoKeyVersionTemplate specifies the properties to use when creating a new CryptoKeyVersion, either manually with CreateCryptoKeyVersion or automatically as a result of auto-rotation.", "properties": { "algorithm": { "type": "string", "description": "Algorithm to use when creating a CryptoKeyVersion based on this template. For backwards compatibility, GOOGLE_SYMMETRIC_ENCRYPTION is implied if both this field is omitted and CryptoKey.purpose is ENCRYPT_DECRYPT." }, "protectionLevel": { "type": "string", "description": "ProtectionLevel to use when creating a CryptoKeyVersion based on this template. Immutable. Defaults to SOFTWARE." } }, "type": "object", "required": [ "algorithm", "protectionLevel" ] }, "google-native:cloudkms/v1:EkmConnectionKeyManagementMode": { "description": "Optional. Describes who can perform control plane operations on the EKM. If unset, this defaults to MANUAL.", "type": "string", "enum": [ { "name": "KeyManagementModeUnspecified", "description": "Not specified.", "value": "KEY_MANAGEMENT_MODE_UNSPECIFIED" }, { "name": "Manual", "description": "EKM-side key management operations on CryptoKeys created with this EkmConnection must be initiated from the EKM directly and cannot be performed from Cloud KMS. This means that: * When creating a CryptoKeyVersion associated with this EkmConnection, the caller must supply the key path of pre-existing external key material that will be linked to the CryptoKeyVersion. * Destruction of external key material cannot be requested via the Cloud KMS API and must be performed directly in the EKM. * Automatic rotation of key material is not supported.", "value": "MANUAL" }, { "name": "CloudKms", "description": "All CryptoKeys created with this EkmConnection use EKM-side key management operations initiated from Cloud KMS. This means that: * When a CryptoKeyVersion associated with this EkmConnection is created, the EKM automatically generates new key material and a new key path. The caller cannot supply the key path of pre-existing external key material. * Destruction of external key material associated with this EkmConnection can be requested by calling DestroyCryptoKeyVersion. * Automatic rotation of key material is supported.", "value": "CLOUD_KMS" } ] }, "google-native:cloudkms/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:cloudkms/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:cloudkms/v1:ExternalProtectionLevelOptions": { "description": "ExternalProtectionLevelOptions stores a group of additional fields for configuring a CryptoKeyVersion that are specific to the EXTERNAL protection level and EXTERNAL_VPC protection levels.", "properties": { "ekmConnectionKeyPath": { "type": "string", "description": "The path to the external key material on the EKM when using EkmConnection e.g., \"v0/my/key\". Set this field instead of external_key_uri when using an EkmConnection." }, "externalKeyUri": { "type": "string", "description": "The URI for an external resource that this CryptoKeyVersion represents." } }, "type": "object" }, "google-native:cloudkms/v1:ExternalProtectionLevelOptionsResponse": { "description": "ExternalProtectionLevelOptions stores a group of additional fields for configuring a CryptoKeyVersion that are specific to the EXTERNAL protection level and EXTERNAL_VPC protection levels.", "properties": { "ekmConnectionKeyPath": { "type": "string", "description": "The path to the external key material on the EKM when using EkmConnection e.g., \"v0/my/key\". Set this field instead of external_key_uri when using an EkmConnection." }, "externalKeyUri": { "type": "string", "description": "The URI for an external resource that this CryptoKeyVersion represents." } }, "type": "object", "required": [ "ekmConnectionKeyPath", "externalKeyUri" ] }, "google-native:cloudkms/v1:ImportJobImportMethod": { "description": "Required. Immutable. The wrapping method to be used for incoming key material.", "type": "string", "enum": [ { "name": "ImportMethodUnspecified", "description": "Not specified.", "value": "IMPORT_METHOD_UNSPECIFIED" }, { "name": "RsaOaep3072Sha1Aes256", "description": "This ImportMethod represents the CKM_RSA_AES_KEY_WRAP key wrapping scheme defined in the PKCS #11 standard. In summary, this involves wrapping the raw key with an ephemeral AES key, and wrapping the ephemeral AES key with a 3072 bit RSA key. For more details, see [RSA AES key wrap mechanism](http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/cos01/pkcs11-curr-v2.40-cos01.html#_Toc408226908).", "value": "RSA_OAEP_3072_SHA1_AES_256" }, { "name": "RsaOaep4096Sha1Aes256", "description": "This ImportMethod represents the CKM_RSA_AES_KEY_WRAP key wrapping scheme defined in the PKCS #11 standard. In summary, this involves wrapping the raw key with an ephemeral AES key, and wrapping the ephemeral AES key with a 4096 bit RSA key. For more details, see [RSA AES key wrap mechanism](http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/cos01/pkcs11-curr-v2.40-cos01.html#_Toc408226908).", "value": "RSA_OAEP_4096_SHA1_AES_256" }, { "name": "RsaOaep3072Sha256Aes256", "description": "This ImportMethod represents the CKM_RSA_AES_KEY_WRAP key wrapping scheme defined in the PKCS #11 standard. In summary, this involves wrapping the raw key with an ephemeral AES key, and wrapping the ephemeral AES key with a 3072 bit RSA key. For more details, see [RSA AES key wrap mechanism](http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/cos01/pkcs11-curr-v2.40-cos01.html#_Toc408226908).", "value": "RSA_OAEP_3072_SHA256_AES_256" }, { "name": "RsaOaep4096Sha256Aes256", "description": "This ImportMethod represents the CKM_RSA_AES_KEY_WRAP key wrapping scheme defined in the PKCS #11 standard. In summary, this involves wrapping the raw key with an ephemeral AES key, and wrapping the ephemeral AES key with a 4096 bit RSA key. For more details, see [RSA AES key wrap mechanism](http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/cos01/pkcs11-curr-v2.40-cos01.html#_Toc408226908).", "value": "RSA_OAEP_4096_SHA256_AES_256" }, { "name": "RsaOaep3072Sha256", "description": "This ImportMethod represents RSAES-OAEP with a 3072 bit RSA key. The key material to be imported is wrapped directly with the RSA key. Due to technical limitations of RSA wrapping, this method cannot be used to wrap RSA keys for import.", "value": "RSA_OAEP_3072_SHA256" }, { "name": "RsaOaep4096Sha256", "description": "This ImportMethod represents RSAES-OAEP with a 4096 bit RSA key. The key material to be imported is wrapped directly with the RSA key. Due to technical limitations of RSA wrapping, this method cannot be used to wrap RSA keys for import.", "value": "RSA_OAEP_4096_SHA256" } ] }, "google-native:cloudkms/v1:ImportJobProtectionLevel": { "description": "Required. Immutable. The protection level of the ImportJob. This must match the protection_level of the version_template on the CryptoKey you attempt to import into.", "type": "string", "enum": [ { "name": "ProtectionLevelUnspecified", "description": "Not specified.", "value": "PROTECTION_LEVEL_UNSPECIFIED" }, { "name": "Software", "description": "Crypto operations are performed in software.", "value": "SOFTWARE" }, { "name": "Hsm", "description": "Crypto operations are performed in a Hardware Security Module.", "value": "HSM" }, { "name": "External", "description": "Crypto operations are performed by an external key manager.", "value": "EXTERNAL" }, { "name": "ExternalVpc", "description": "Crypto operations are performed in an EKM-over-VPC backend.", "value": "EXTERNAL_VPC" } ] }, "google-native:cloudkms/v1:KeyOperationAttestationResponse": { "description": "Contains an HSM-generated attestation about a key operation. For more information, see [Verifying attestations] (https://cloud.google.com/kms/docs/attest-key).", "properties": { "certChains": { "$ref": "#/types/google-native:cloudkms%2Fv1:CertificateChainsResponse", "description": "The certificate chains needed to validate the attestation" }, "content": { "type": "string", "description": "The attestation data provided by the HSM when the key operation was performed." }, "format": { "type": "string", "description": "The format of the attestation data." } }, "type": "object", "required": [ "certChains", "content", "format" ] }, "google-native:cloudkms/v1:ServiceResolver": { "description": "A ServiceResolver represents an EKM replica that can be reached within an EkmConnection.", "properties": { "endpointFilter": { "type": "string", "description": "Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest." }, "hostname": { "type": "string", "description": "The hostname of the EKM replica used at TLS and HTTP layers." }, "serverCertificates": { "type": "array", "items": { "$ref": "#/types/google-native:cloudkms%2Fv1:Certificate" }, "description": "A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported." }, "serviceDirectoryService": { "type": "string", "description": "The resource name of the Service Directory service pointing to an EKM replica, in the format `projects/*/locations/*/namespaces/*/services/*`." } }, "type": "object", "required": [ "hostname", "serverCertificates", "serviceDirectoryService" ] }, "google-native:cloudkms/v1:ServiceResolverResponse": { "description": "A ServiceResolver represents an EKM replica that can be reached within an EkmConnection.", "properties": { "endpointFilter": { "type": "string", "description": "Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest." }, "hostname": { "type": "string", "description": "The hostname of the EKM replica used at TLS and HTTP layers." }, "serverCertificates": { "type": "array", "items": { "$ref": "#/types/google-native:cloudkms%2Fv1:CertificateResponse" }, "description": "A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported." }, "serviceDirectoryService": { "type": "string", "description": "The resource name of the Service Directory service pointing to an EKM replica, in the format `projects/*/locations/*/namespaces/*/services/*`." } }, "type": "object", "required": [ "endpointFilter", "hostname", "serverCertificates", "serviceDirectoryService" ] }, "google-native:cloudkms/v1:WrappingPublicKeyResponse": { "description": "The public key component of the wrapping key. For details of the type of key this public key corresponds to, see the ImportMethod.", "properties": { "pem": { "type": "string", "description": "The public key, encoded in PEM format. For more information, see the [RFC 7468](https://tools.ietf.org/html/rfc7468) sections for [General Considerations](https://tools.ietf.org/html/rfc7468#section-2) and [Textual Encoding of Subject Public Key Info] (https://tools.ietf.org/html/rfc7468#section-13)." } }, "type": "object", "required": [ "pem" ] }, "google-native:cloudresourcemanager/v1:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:cloudresourcemanager%2Fv1:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:cloudresourcemanager/v1:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:cloudresourcemanager%2Fv1:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:cloudresourcemanager/v1:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:cloudresourcemanager%2Fv1:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:cloudresourcemanager/v1:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:cloudresourcemanager/v1:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:cloudresourcemanager/v1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudresourcemanager%2Fv1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:cloudresourcemanager/v1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudresourcemanager%2Fv1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:cloudresourcemanager/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:cloudresourcemanager/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:cloudresourcemanager/v1:ProjectLifecycleState": { "description": "The Project lifecycle state. Read-only.", "type": "string", "enum": [ { "name": "LifecycleStateUnspecified", "description": "Unspecified state. This is only used/useful for distinguishing unset values.", "value": "LIFECYCLE_STATE_UNSPECIFIED" }, { "name": "Active", "description": "The normal and active state.", "value": "ACTIVE" }, { "name": "DeleteRequested", "description": "The project has been marked for deletion by the user (by invoking DeleteProject) or by the system (Google Cloud Platform). This can generally be reversed by invoking UndeleteProject.", "value": "DELETE_REQUESTED" }, { "name": "DeleteInProgress", "description": "This lifecycle state is no longer used and not returned by the API.", "value": "DELETE_IN_PROGRESS" } ] }, "google-native:cloudresourcemanager/v1:ResourceId": { "description": "A container to reference an id for any resource type. A `resource` in Google Cloud Platform is a generic term for something you (a developer) may want to interact with through one of our API's. Some examples are an App Engine app, a Compute Engine instance, a Cloud SQL database, and so on.", "properties": { "id": { "type": "string", "description": "The type-specific id. This should correspond to the id used in the type-specific API's." }, "type": { "type": "string", "description": "The resource type this id is for. At present, the valid types are: \"organization\", \"folder\", and \"project\"." } }, "type": "object" }, "google-native:cloudresourcemanager/v1:ResourceIdResponse": { "description": "A container to reference an id for any resource type. A `resource` in Google Cloud Platform is a generic term for something you (a developer) may want to interact with through one of our API's. Some examples are an App Engine app, a Compute Engine instance, a Cloud SQL database, and so on.", "properties": { "type": { "type": "string", "description": "The resource type this id is for. At present, the valid types are: \"organization\", \"folder\", and \"project\"." } }, "type": "object", "required": [ "type" ] }, "google-native:cloudresourcemanager/v1beta1:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:cloudresourcemanager%2Fv1beta1:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:cloudresourcemanager/v1beta1:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:cloudresourcemanager%2Fv1beta1:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:cloudresourcemanager/v1beta1:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:cloudresourcemanager%2Fv1beta1:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:cloudresourcemanager/v1beta1:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:cloudresourcemanager/v1beta1:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:cloudresourcemanager/v1beta1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudresourcemanager%2Fv1beta1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:cloudresourcemanager/v1beta1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudresourcemanager%2Fv1beta1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:cloudresourcemanager/v1beta1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:cloudresourcemanager/v1beta1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:cloudresourcemanager/v1beta1:ProjectLifecycleState": { "description": "The Project lifecycle state. Read-only.", "type": "string", "enum": [ { "name": "LifecycleStateUnspecified", "description": "Unspecified state. This is only used/useful for distinguishing unset values.", "value": "LIFECYCLE_STATE_UNSPECIFIED" }, { "name": "Active", "description": "The normal and active state.", "value": "ACTIVE" }, { "name": "DeleteRequested", "description": "The project has been marked for deletion by the user (by invoking DeleteProject) or by the system (Google Cloud Platform). This can generally be reversed by invoking UndeleteProject.", "value": "DELETE_REQUESTED" }, { "name": "DeleteInProgress", "description": "This lifecycle state is no longer used and is not returned by the API.", "value": "DELETE_IN_PROGRESS" } ] }, "google-native:cloudresourcemanager/v1beta1:ResourceId": { "description": "A container to reference an id for any resource type. A `resource` in Google Cloud Platform is a generic term for something you (a developer) may want to interact with through one of our API's. Some examples are an App Engine app, a Compute Engine instance, a Cloud SQL database, and so on.", "properties": { "id": { "type": "string", "description": "Required field for the type-specific id. This should correspond to the id used in the type-specific API's." }, "type": { "type": "string", "description": "Required field representing the resource type this id is for. At present, the valid types are \"project\", \"folder\", and \"organization\"." } }, "type": "object" }, "google-native:cloudresourcemanager/v1beta1:ResourceIdResponse": { "description": "A container to reference an id for any resource type. A `resource` in Google Cloud Platform is a generic term for something you (a developer) may want to interact with through one of our API's. Some examples are an App Engine app, a Compute Engine instance, a Cloud SQL database, and so on.", "properties": { "type": { "type": "string", "description": "Required field representing the resource type this id is for. At present, the valid types are \"project\", \"folder\", and \"organization\"." } }, "type": "object", "required": [ "type" ] }, "google-native:cloudresourcemanager/v2:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:cloudresourcemanager%2Fv2:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:cloudresourcemanager/v2:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:cloudresourcemanager%2Fv2:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:cloudresourcemanager/v2:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:cloudresourcemanager%2Fv2:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:cloudresourcemanager/v2:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:cloudresourcemanager/v2:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:cloudresourcemanager/v2:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudresourcemanager%2Fv2:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:cloudresourcemanager/v2:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudresourcemanager%2Fv2:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:cloudresourcemanager/v2:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:cloudresourcemanager/v2:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:cloudresourcemanager/v2beta1:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:cloudresourcemanager%2Fv2beta1:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:cloudresourcemanager/v2beta1:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:cloudresourcemanager%2Fv2beta1:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:cloudresourcemanager/v2beta1:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:cloudresourcemanager%2Fv2beta1:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:cloudresourcemanager/v2beta1:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:cloudresourcemanager/v2beta1:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:cloudresourcemanager/v2beta1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudresourcemanager%2Fv2beta1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:cloudresourcemanager/v2beta1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudresourcemanager%2Fv2beta1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:cloudresourcemanager/v2beta1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:cloudresourcemanager/v2beta1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:cloudresourcemanager/v3:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:cloudresourcemanager%2Fv3:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:cloudresourcemanager/v3:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:cloudresourcemanager%2Fv3:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:cloudresourcemanager/v3:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:cloudresourcemanager%2Fv3:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:cloudresourcemanager/v3:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:cloudresourcemanager/v3:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:cloudresourcemanager/v3:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudresourcemanager%2Fv3:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:cloudresourcemanager/v3:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudresourcemanager%2Fv3:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:cloudresourcemanager/v3:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:cloudresourcemanager/v3:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:cloudresourcemanager/v3:TagKeyPurpose": { "description": "Optional. A purpose denotes that this Tag is intended for use in policies of a specific policy engine, and will involve that policy engine in management operations involving this Tag. A purpose does not grant a policy engine exclusive rights to the Tag, and it may be referenced by other policy engines. A purpose cannot be changed once set.", "type": "string", "enum": [ { "name": "PurposeUnspecified", "description": "Unspecified purpose.", "value": "PURPOSE_UNSPECIFIED" }, { "name": "GceFirewall", "description": "Purpose for Compute Engine firewalls. A corresponding `purpose_data` should be set for the network the tag is intended for. The key should be `network` and the value should be in ## either of these two formats: `https://www.googleapis.com/compute/{compute_version}/projects/{project_id}/global/networks/{network_id}` - `{project_id}/{network_name}` ## Examples: `https://www.googleapis.com/compute/staging_v1/projects/fail-closed-load-testing/global/networks/6992953698831725600` - `fail-closed-load-testing/load-testing-network`", "value": "GCE_FIREWALL" }, { "name": "DataGovernance", "description": "Purpose for data governance. Tag Values created under a key with this purpose may have Tag Value children. No `purpose_data` should be set.", "value": "DATA_GOVERNANCE" } ] }, "google-native:cloudscheduler/v1:AppEngineHttpTarget": { "description": "App Engine target. The job will be pushed to a job handler by means of an HTTP request via an http_method such as HTTP POST, HTTP GET, etc. The job is acknowledged by means of an HTTP response code in the range [200 - 299]. Error 503 is considered an App Engine system error instead of an application error. Requests returning error 503 will be retried regardless of retry configuration and not counted against retry counts. Any other response code, or a failure to receive a response before the deadline, constitutes a failed attempt.", "properties": { "appEngineRouting": { "$ref": "#/types/google-native:cloudscheduler%2Fv1:AppEngineRouting", "description": "App Engine Routing setting for the job." }, "body": { "type": "string", "description": "Body. HTTP request body. A request body is allowed only if the HTTP method is POST or PUT. It will result in invalid argument error to set a body on a job with an incompatible HttpMethod." }, "headers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "HTTP request headers. This map contains the header field names and values. Headers can be set when the job is created. Cloud Scheduler sets some headers to default values: * `User-Agent`: By default, this header is `\"AppEngine-Google; (+http://code.google.com/appengine)\"`. This header can be modified, but Cloud Scheduler will append `\"AppEngine-Google; (+http://code.google.com/appengine)\"` to the modified `User-Agent`. * `X-CloudScheduler`: This header will be set to true. * `X-CloudScheduler-JobName`: This header will contain the job name. * `X-CloudScheduler-ScheduleTime`: For Cloud Scheduler jobs specified in the unix-cron format, this header will contain the job schedule time in RFC3339 UTC \"Zulu\" format. If the job has a body and the following headers are not set by the user, Cloud Scheduler sets default values: * `Content-Type`: This will be set to `\"application/octet-stream\"`. You can override this default by explicitly setting `Content-Type` to a particular media type when creating the job. For example, you can set `Content-Type` to `\"application/json\"`. The headers below are output only. They cannot be set or overridden: * `Content-Length`: This is computed by Cloud Scheduler. * `X-Google-*`: For Google internal use only. * `X-AppEngine-*`: For Google internal use only. In addition, some App Engine headers, which contain job-specific information, are also be sent to the job handler." }, "httpMethod": { "$ref": "#/types/google-native:cloudscheduler%2Fv1:AppEngineHttpTargetHttpMethod", "description": "The HTTP method to use for the request. PATCH and OPTIONS are not permitted." }, "relativeUri": { "type": "string", "description": "The relative URI. The relative URL must begin with \"/\" and must be a valid HTTP relative URL. It can contain a path, query string arguments, and `#` fragments. If the relative URL is empty, then the root path \"/\" will be used. No spaces are allowed, and the maximum length allowed is 2083 characters." } }, "type": "object" }, "google-native:cloudscheduler/v1:AppEngineHttpTargetHttpMethod": { "description": "The HTTP method to use for the request. PATCH and OPTIONS are not permitted.", "type": "string", "enum": [ { "name": "HttpMethodUnspecified", "description": "HTTP method unspecified. Defaults to POST.", "value": "HTTP_METHOD_UNSPECIFIED" }, { "name": "Post", "description": "HTTP POST", "value": "POST" }, { "name": "Get", "description": "HTTP GET", "value": "GET" }, { "name": "Head", "description": "HTTP HEAD", "value": "HEAD" }, { "name": "Put", "description": "HTTP PUT", "value": "PUT" }, { "name": "Delete", "description": "HTTP DELETE", "value": "DELETE" }, { "name": "Patch", "description": "HTTP PATCH", "value": "PATCH" }, { "name": "Options", "description": "HTTP OPTIONS", "value": "OPTIONS" } ] }, "google-native:cloudscheduler/v1:AppEngineHttpTargetResponse": { "description": "App Engine target. The job will be pushed to a job handler by means of an HTTP request via an http_method such as HTTP POST, HTTP GET, etc. The job is acknowledged by means of an HTTP response code in the range [200 - 299]. Error 503 is considered an App Engine system error instead of an application error. Requests returning error 503 will be retried regardless of retry configuration and not counted against retry counts. Any other response code, or a failure to receive a response before the deadline, constitutes a failed attempt.", "properties": { "appEngineRouting": { "$ref": "#/types/google-native:cloudscheduler%2Fv1:AppEngineRoutingResponse", "description": "App Engine Routing setting for the job." }, "body": { "type": "string", "description": "Body. HTTP request body. A request body is allowed only if the HTTP method is POST or PUT. It will result in invalid argument error to set a body on a job with an incompatible HttpMethod." }, "headers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "HTTP request headers. This map contains the header field names and values. Headers can be set when the job is created. Cloud Scheduler sets some headers to default values: * `User-Agent`: By default, this header is `\"AppEngine-Google; (+http://code.google.com/appengine)\"`. This header can be modified, but Cloud Scheduler will append `\"AppEngine-Google; (+http://code.google.com/appengine)\"` to the modified `User-Agent`. * `X-CloudScheduler`: This header will be set to true. * `X-CloudScheduler-JobName`: This header will contain the job name. * `X-CloudScheduler-ScheduleTime`: For Cloud Scheduler jobs specified in the unix-cron format, this header will contain the job schedule time in RFC3339 UTC \"Zulu\" format. If the job has a body and the following headers are not set by the user, Cloud Scheduler sets default values: * `Content-Type`: This will be set to `\"application/octet-stream\"`. You can override this default by explicitly setting `Content-Type` to a particular media type when creating the job. For example, you can set `Content-Type` to `\"application/json\"`. The headers below are output only. They cannot be set or overridden: * `Content-Length`: This is computed by Cloud Scheduler. * `X-Google-*`: For Google internal use only. * `X-AppEngine-*`: For Google internal use only. In addition, some App Engine headers, which contain job-specific information, are also be sent to the job handler." }, "httpMethod": { "type": "string", "description": "The HTTP method to use for the request. PATCH and OPTIONS are not permitted." }, "relativeUri": { "type": "string", "description": "The relative URI. The relative URL must begin with \"/\" and must be a valid HTTP relative URL. It can contain a path, query string arguments, and `#` fragments. If the relative URL is empty, then the root path \"/\" will be used. No spaces are allowed, and the maximum length allowed is 2083 characters." } }, "type": "object", "required": [ "appEngineRouting", "body", "headers", "httpMethod", "relativeUri" ] }, "google-native:cloudscheduler/v1:AppEngineRouting": { "description": "App Engine Routing. For more information about services, versions, and instances see [An Overview of App Engine](https://cloud.google.com/appengine/docs/python/an-overview-of-app-engine), [Microservices Architecture on Google App Engine](https://cloud.google.com/appengine/docs/python/microservices-on-app-engine), [App Engine Standard request routing](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed), and [App Engine Flex request routing](https://cloud.google.com/appengine/docs/flexible/python/how-requests-are-routed).", "properties": { "instance": { "type": "string", "description": "App instance. By default, the job is sent to an instance which is available when the job is attempted. Requests can only be sent to a specific instance if [manual scaling is used in App Engine Standard](https://cloud.google.com/appengine/docs/python/an-overview-of-app-engine?#scaling_types_and_instance_classes). App Engine Flex does not support instances. For more information, see [App Engine Standard request routing](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed) and [App Engine Flex request routing](https://cloud.google.com/appengine/docs/flexible/python/how-requests-are-routed)." }, "service": { "type": "string", "description": "App service. By default, the job is sent to the service which is the default service when the job is attempted." }, "version": { "type": "string", "description": "App version. By default, the job is sent to the version which is the default version when the job is attempted." } }, "type": "object" }, "google-native:cloudscheduler/v1:AppEngineRoutingResponse": { "description": "App Engine Routing. For more information about services, versions, and instances see [An Overview of App Engine](https://cloud.google.com/appengine/docs/python/an-overview-of-app-engine), [Microservices Architecture on Google App Engine](https://cloud.google.com/appengine/docs/python/microservices-on-app-engine), [App Engine Standard request routing](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed), and [App Engine Flex request routing](https://cloud.google.com/appengine/docs/flexible/python/how-requests-are-routed).", "properties": { "host": { "type": "string", "description": "The host that the job is sent to. For more information about how App Engine requests are routed, see [here](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed). The host is constructed as: * `host = [application_domain_name]` `| [service] + '.' + [application_domain_name]` `| [version] + '.' + [application_domain_name]` `| [version_dot_service]+ '.' + [application_domain_name]` `| [instance] + '.' + [application_domain_name]` `| [instance_dot_service] + '.' + [application_domain_name]` `| [instance_dot_version] + '.' + [application_domain_name]` `| [instance_dot_version_dot_service] + '.' + [application_domain_name]` * `application_domain_name` = The domain name of the app, for example .appspot.com, which is associated with the job's project ID. * `service =` service * `version =` version * `version_dot_service =` version `+ '.' +` service * `instance =` instance * `instance_dot_service =` instance `+ '.' +` service * `instance_dot_version =` instance `+ '.' +` version * `instance_dot_version_dot_service =` instance `+ '.' +` version `+ '.' +` service If service is empty, then the job will be sent to the service which is the default service when the job is attempted. If version is empty, then the job will be sent to the version which is the default version when the job is attempted. If instance is empty, then the job will be sent to an instance which is available when the job is attempted. If service, version, or instance is invalid, then the job will be sent to the default version of the default service when the job is attempted." }, "instance": { "type": "string", "description": "App instance. By default, the job is sent to an instance which is available when the job is attempted. Requests can only be sent to a specific instance if [manual scaling is used in App Engine Standard](https://cloud.google.com/appengine/docs/python/an-overview-of-app-engine?#scaling_types_and_instance_classes). App Engine Flex does not support instances. For more information, see [App Engine Standard request routing](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed) and [App Engine Flex request routing](https://cloud.google.com/appengine/docs/flexible/python/how-requests-are-routed)." }, "service": { "type": "string", "description": "App service. By default, the job is sent to the service which is the default service when the job is attempted." }, "version": { "type": "string", "description": "App version. By default, the job is sent to the version which is the default version when the job is attempted." } }, "type": "object", "required": [ "host", "instance", "service", "version" ] }, "google-native:cloudscheduler/v1:HttpTarget": { "description": "Http target. The job will be pushed to the job handler by means of an HTTP request via an http_method such as HTTP POST, HTTP GET, etc. The job is acknowledged by means of an HTTP response code in the range [200 - 299]. A failure to receive a response constitutes a failed execution. For a redirected request, the response returned by the redirected request is considered.", "properties": { "body": { "type": "string", "description": "HTTP request body. A request body is allowed only if the HTTP method is POST, PUT, or PATCH. It is an error to set body on a job with an incompatible HttpMethod." }, "headers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "HTTP request headers. This map contains the header field names and values. The user can specify HTTP request headers to send with the job's HTTP request. Repeated headers are not supported, but a header value can contain commas. The following headers represent a subset of the headers that accompany the job's HTTP request. Some HTTP request headers are ignored or replaced. A partial list of headers that are ignored or replaced is below: * Host: This will be computed by Cloud Scheduler and derived from uri. * `Content-Length`: This will be computed by Cloud Scheduler. * `User-Agent`: This will be set to `\"Google-Cloud-Scheduler\"`. * `X-Google-*`: Google internal use only. * `X-AppEngine-*`: Google internal use only. * `X-CloudScheduler`: This header will be set to true. * `X-CloudScheduler-JobName`: This header will contain the job name. * `X-CloudScheduler-ScheduleTime`: For Cloud Scheduler jobs specified in the unix-cron format, this header will contain the job schedule time in RFC3339 UTC \"Zulu\" format. If the job has a body and the following headers are not set by the user, Cloud Scheduler sets default values: * `Content-Type`: This will be set to `\"application/octet-stream\"`. You can override this default by explicitly setting `Content-Type` to a particular media type when creating the job. For example, you can set `Content-Type` to `\"application/json\"`. The total size of headers must be less than 80KB." }, "httpMethod": { "$ref": "#/types/google-native:cloudscheduler%2Fv1:HttpTargetHttpMethod", "description": "Which HTTP method to use for the request." }, "oauthToken": { "$ref": "#/types/google-native:cloudscheduler%2Fv1:OAuthToken", "description": "If specified, an [OAuth token](https://developers.google.com/identity/protocols/OAuth2) will be generated and attached as an `Authorization` header in the HTTP request. This type of authorization should generally only be used when calling Google APIs hosted on *.googleapis.com." }, "oidcToken": { "$ref": "#/types/google-native:cloudscheduler%2Fv1:OidcToken", "description": "If specified, an [OIDC](https://developers.google.com/identity/protocols/OpenIDConnect) token will be generated and attached as an `Authorization` header in the HTTP request. This type of authorization can be used for many scenarios, including calling Cloud Run, or endpoints where you intend to validate the token yourself." }, "uri": { "type": "string", "description": "The full URI path that the request will be sent to. This string must begin with either \"http://\" or \"https://\". Some examples of valid values for uri are: `http://acme.com` and `https://acme.com/sales:8080`. Cloud Scheduler will encode some characters for safety and compatibility. The maximum allowed URL length is 2083 characters after encoding." } }, "type": "object", "required": [ "uri" ] }, "google-native:cloudscheduler/v1:HttpTargetHttpMethod": { "description": "Which HTTP method to use for the request.", "type": "string", "enum": [ { "name": "HttpMethodUnspecified", "description": "HTTP method unspecified. Defaults to POST.", "value": "HTTP_METHOD_UNSPECIFIED" }, { "name": "Post", "description": "HTTP POST", "value": "POST" }, { "name": "Get", "description": "HTTP GET", "value": "GET" }, { "name": "Head", "description": "HTTP HEAD", "value": "HEAD" }, { "name": "Put", "description": "HTTP PUT", "value": "PUT" }, { "name": "Delete", "description": "HTTP DELETE", "value": "DELETE" }, { "name": "Patch", "description": "HTTP PATCH", "value": "PATCH" }, { "name": "Options", "description": "HTTP OPTIONS", "value": "OPTIONS" } ] }, "google-native:cloudscheduler/v1:HttpTargetResponse": { "description": "Http target. The job will be pushed to the job handler by means of an HTTP request via an http_method such as HTTP POST, HTTP GET, etc. The job is acknowledged by means of an HTTP response code in the range [200 - 299]. A failure to receive a response constitutes a failed execution. For a redirected request, the response returned by the redirected request is considered.", "properties": { "body": { "type": "string", "description": "HTTP request body. A request body is allowed only if the HTTP method is POST, PUT, or PATCH. It is an error to set body on a job with an incompatible HttpMethod." }, "headers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "HTTP request headers. This map contains the header field names and values. The user can specify HTTP request headers to send with the job's HTTP request. Repeated headers are not supported, but a header value can contain commas. The following headers represent a subset of the headers that accompany the job's HTTP request. Some HTTP request headers are ignored or replaced. A partial list of headers that are ignored or replaced is below: * Host: This will be computed by Cloud Scheduler and derived from uri. * `Content-Length`: This will be computed by Cloud Scheduler. * `User-Agent`: This will be set to `\"Google-Cloud-Scheduler\"`. * `X-Google-*`: Google internal use only. * `X-AppEngine-*`: Google internal use only. * `X-CloudScheduler`: This header will be set to true. * `X-CloudScheduler-JobName`: This header will contain the job name. * `X-CloudScheduler-ScheduleTime`: For Cloud Scheduler jobs specified in the unix-cron format, this header will contain the job schedule time in RFC3339 UTC \"Zulu\" format. If the job has a body and the following headers are not set by the user, Cloud Scheduler sets default values: * `Content-Type`: This will be set to `\"application/octet-stream\"`. You can override this default by explicitly setting `Content-Type` to a particular media type when creating the job. For example, you can set `Content-Type` to `\"application/json\"`. The total size of headers must be less than 80KB." }, "httpMethod": { "type": "string", "description": "Which HTTP method to use for the request." }, "oauthToken": { "$ref": "#/types/google-native:cloudscheduler%2Fv1:OAuthTokenResponse", "description": "If specified, an [OAuth token](https://developers.google.com/identity/protocols/OAuth2) will be generated and attached as an `Authorization` header in the HTTP request. This type of authorization should generally only be used when calling Google APIs hosted on *.googleapis.com." }, "oidcToken": { "$ref": "#/types/google-native:cloudscheduler%2Fv1:OidcTokenResponse", "description": "If specified, an [OIDC](https://developers.google.com/identity/protocols/OpenIDConnect) token will be generated and attached as an `Authorization` header in the HTTP request. This type of authorization can be used for many scenarios, including calling Cloud Run, or endpoints where you intend to validate the token yourself." }, "uri": { "type": "string", "description": "The full URI path that the request will be sent to. This string must begin with either \"http://\" or \"https://\". Some examples of valid values for uri are: `http://acme.com` and `https://acme.com/sales:8080`. Cloud Scheduler will encode some characters for safety and compatibility. The maximum allowed URL length is 2083 characters after encoding." } }, "type": "object", "required": [ "body", "headers", "httpMethod", "oauthToken", "oidcToken", "uri" ] }, "google-native:cloudscheduler/v1:OAuthToken": { "description": "Contains information needed for generating an [OAuth token](https://developers.google.com/identity/protocols/OAuth2). This type of authorization should generally only be used when calling Google APIs hosted on *.googleapis.com.", "properties": { "scope": { "type": "string", "description": "OAuth scope to be used for generating OAuth access token. If not specified, \"https://www.googleapis.com/auth/cloud-platform\" will be used." }, "serviceAccountEmail": { "type": "string", "description": "[Service account email](https://cloud.google.com/iam/docs/service-accounts) to be used for generating OAuth token. The service account must be within the same project as the job. The caller must have iam.serviceAccounts.actAs permission for the service account." } }, "type": "object" }, "google-native:cloudscheduler/v1:OAuthTokenResponse": { "description": "Contains information needed for generating an [OAuth token](https://developers.google.com/identity/protocols/OAuth2). This type of authorization should generally only be used when calling Google APIs hosted on *.googleapis.com.", "properties": { "scope": { "type": "string", "description": "OAuth scope to be used for generating OAuth access token. If not specified, \"https://www.googleapis.com/auth/cloud-platform\" will be used." }, "serviceAccountEmail": { "type": "string", "description": "[Service account email](https://cloud.google.com/iam/docs/service-accounts) to be used for generating OAuth token. The service account must be within the same project as the job. The caller must have iam.serviceAccounts.actAs permission for the service account." } }, "type": "object", "required": [ "scope", "serviceAccountEmail" ] }, "google-native:cloudscheduler/v1:OidcToken": { "description": "Contains information needed for generating an [OpenID Connect token](https://developers.google.com/identity/protocols/OpenIDConnect). This type of authorization can be used for many scenarios, including calling Cloud Run, or endpoints where you intend to validate the token yourself.", "properties": { "audience": { "type": "string", "description": "Audience to be used when generating OIDC token. If not specified, the URI specified in target will be used." }, "serviceAccountEmail": { "type": "string", "description": "[Service account email](https://cloud.google.com/iam/docs/service-accounts) to be used for generating OIDC token. The service account must be within the same project as the job. The caller must have iam.serviceAccounts.actAs permission for the service account." } }, "type": "object" }, "google-native:cloudscheduler/v1:OidcTokenResponse": { "description": "Contains information needed for generating an [OpenID Connect token](https://developers.google.com/identity/protocols/OpenIDConnect). This type of authorization can be used for many scenarios, including calling Cloud Run, or endpoints where you intend to validate the token yourself.", "properties": { "audience": { "type": "string", "description": "Audience to be used when generating OIDC token. If not specified, the URI specified in target will be used." }, "serviceAccountEmail": { "type": "string", "description": "[Service account email](https://cloud.google.com/iam/docs/service-accounts) to be used for generating OIDC token. The service account must be within the same project as the job. The caller must have iam.serviceAccounts.actAs permission for the service account." } }, "type": "object", "required": [ "audience", "serviceAccountEmail" ] }, "google-native:cloudscheduler/v1:PubsubTarget": { "description": "Pub/Sub target. The job will be delivered by publishing a message to the given Pub/Sub topic.", "properties": { "attributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Attributes for PubsubMessage. Pubsub message must contain either non-empty data, or at least one attribute." }, "data": { "type": "string", "description": "The message payload for PubsubMessage. Pubsub message must contain either non-empty data, or at least one attribute." }, "topicName": { "type": "string", "description": "The name of the Cloud Pub/Sub topic to which messages will be published when a job is delivered. The topic name must be in the same format as required by Pub/Sub's [PublishRequest.name](https://cloud.google.com/pubsub/docs/reference/rpc/google.pubsub.v1#publishrequest), for example `projects/PROJECT_ID/topics/TOPIC_ID`. The topic must be in the same project as the Cloud Scheduler job." } }, "type": "object", "required": [ "topicName" ] }, "google-native:cloudscheduler/v1:PubsubTargetResponse": { "description": "Pub/Sub target. The job will be delivered by publishing a message to the given Pub/Sub topic.", "properties": { "attributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Attributes for PubsubMessage. Pubsub message must contain either non-empty data, or at least one attribute." }, "data": { "type": "string", "description": "The message payload for PubsubMessage. Pubsub message must contain either non-empty data, or at least one attribute." }, "topicName": { "type": "string", "description": "The name of the Cloud Pub/Sub topic to which messages will be published when a job is delivered. The topic name must be in the same format as required by Pub/Sub's [PublishRequest.name](https://cloud.google.com/pubsub/docs/reference/rpc/google.pubsub.v1#publishrequest), for example `projects/PROJECT_ID/topics/TOPIC_ID`. The topic must be in the same project as the Cloud Scheduler job." } }, "type": "object", "required": [ "attributes", "data", "topicName" ] }, "google-native:cloudscheduler/v1:RetryConfig": { "description": "Settings that determine the retry behavior. By default, if a job does not complete successfully (meaning that an acknowledgement is not received from the handler, then it will be retried with exponential backoff according to the settings in RetryConfig.", "properties": { "maxBackoffDuration": { "type": "string", "description": "The maximum amount of time to wait before retrying a job after it fails. The default value of this field is 1 hour." }, "maxDoublings": { "type": "integer", "description": "The time between retries will double `max_doublings` times. A job's retry interval starts at min_backoff_duration, then doubles `max_doublings` times, then increases linearly, and finally retries at intervals of max_backoff_duration up to retry_count times. For example, if min_backoff_duration is 10s, max_backoff_duration is 300s, and `max_doublings` is 3, then the job will first be retried in 10s. The retry interval will double three times, and then increase linearly by 2^3 * 10s. Finally, the job will retry at intervals of max_backoff_duration until the job has been attempted retry_count times. Thus, the requests will retry at 10s, 20s, 40s, 80s, 160s, 240s, 300s, 300s, .... The default value of this field is 5." }, "maxRetryDuration": { "type": "string", "description": "The time limit for retrying a failed job, measured from time when an execution was first attempted. If specified with retry_count, the job will be retried until both limits are reached. The default value for max_retry_duration is zero, which means retry duration is unlimited." }, "minBackoffDuration": { "type": "string", "description": "The minimum amount of time to wait before retrying a job after it fails. The default value of this field is 5 seconds." }, "retryCount": { "type": "integer", "description": "The number of attempts that the system will make to run a job using the exponential backoff procedure described by max_doublings. The default value of retry_count is zero. If retry_count is 0, a job attempt will not be retried if it fails. Instead the Cloud Scheduler system will wait for the next scheduled execution time. Setting retry_count to 0 does not prevent failed jobs from running according to schedule after the failure. If retry_count is set to a non-zero number then Cloud Scheduler will retry failed attempts, using exponential backoff, retry_count times, or until the next scheduled execution time, whichever comes first. Values greater than 5 and negative values are not allowed." } }, "type": "object" }, "google-native:cloudscheduler/v1:RetryConfigResponse": { "description": "Settings that determine the retry behavior. By default, if a job does not complete successfully (meaning that an acknowledgement is not received from the handler, then it will be retried with exponential backoff according to the settings in RetryConfig.", "properties": { "maxBackoffDuration": { "type": "string", "description": "The maximum amount of time to wait before retrying a job after it fails. The default value of this field is 1 hour." }, "maxDoublings": { "type": "integer", "description": "The time between retries will double `max_doublings` times. A job's retry interval starts at min_backoff_duration, then doubles `max_doublings` times, then increases linearly, and finally retries at intervals of max_backoff_duration up to retry_count times. For example, if min_backoff_duration is 10s, max_backoff_duration is 300s, and `max_doublings` is 3, then the job will first be retried in 10s. The retry interval will double three times, and then increase linearly by 2^3 * 10s. Finally, the job will retry at intervals of max_backoff_duration until the job has been attempted retry_count times. Thus, the requests will retry at 10s, 20s, 40s, 80s, 160s, 240s, 300s, 300s, .... The default value of this field is 5." }, "maxRetryDuration": { "type": "string", "description": "The time limit for retrying a failed job, measured from time when an execution was first attempted. If specified with retry_count, the job will be retried until both limits are reached. The default value for max_retry_duration is zero, which means retry duration is unlimited." }, "minBackoffDuration": { "type": "string", "description": "The minimum amount of time to wait before retrying a job after it fails. The default value of this field is 5 seconds." }, "retryCount": { "type": "integer", "description": "The number of attempts that the system will make to run a job using the exponential backoff procedure described by max_doublings. The default value of retry_count is zero. If retry_count is 0, a job attempt will not be retried if it fails. Instead the Cloud Scheduler system will wait for the next scheduled execution time. Setting retry_count to 0 does not prevent failed jobs from running according to schedule after the failure. If retry_count is set to a non-zero number then Cloud Scheduler will retry failed attempts, using exponential backoff, retry_count times, or until the next scheduled execution time, whichever comes first. Values greater than 5 and negative values are not allowed." } }, "type": "object", "required": [ "maxBackoffDuration", "maxDoublings", "maxRetryDuration", "minBackoffDuration", "retryCount" ] }, "google-native:cloudscheduler/v1:StatusResponse": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object", "required": [ "code", "details", "message" ] }, "google-native:cloudscheduler/v1beta1:AppEngineHttpTarget": { "description": "App Engine target. The job will be pushed to a job handler by means of an HTTP request via an http_method such as HTTP POST, HTTP GET, etc. The job is acknowledged by means of an HTTP response code in the range [200 - 299]. Error 503 is considered an App Engine system error instead of an application error. Requests returning error 503 will be retried regardless of retry configuration and not counted against retry counts. Any other response code, or a failure to receive a response before the deadline, constitutes a failed attempt.", "properties": { "appEngineRouting": { "$ref": "#/types/google-native:cloudscheduler%2Fv1beta1:AppEngineRouting", "description": "App Engine Routing setting for the job." }, "body": { "type": "string", "description": "Body. HTTP request body. A request body is allowed only if the HTTP method is POST or PUT. It will result in invalid argument error to set a body on a job with an incompatible HttpMethod." }, "headers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "HTTP request headers. This map contains the header field names and values. Headers can be set when the job is created. Cloud Scheduler sets some headers to default values: * `User-Agent`: By default, this header is `\"AppEngine-Google; (+http://code.google.com/appengine)\"`. This header can be modified, but Cloud Scheduler will append `\"AppEngine-Google; (+http://code.google.com/appengine)\"` to the modified `User-Agent`. * `X-CloudScheduler`: This header will be set to true. * `X-CloudScheduler-JobName`: This header will contain the job name. * `X-CloudScheduler-ScheduleTime`: For Cloud Scheduler jobs specified in the unix-cron format, this header will contain the job schedule time in RFC3339 UTC \"Zulu\" format. If the job has a body and the following headers are not set by the user, Cloud Scheduler sets default values: * `Content-Type`: This will be set to `\"application/octet-stream\"`. You can override this default by explicitly setting `Content-Type` to a particular media type when creating the job. For example, you can set `Content-Type` to `\"application/json\"`. The headers below are output only. They cannot be set or overridden: * `Content-Length`: This is computed by Cloud Scheduler. * `X-Google-*`: For Google internal use only. * `X-AppEngine-*`: For Google internal use only. In addition, some App Engine headers, which contain job-specific information, are also be sent to the job handler." }, "httpMethod": { "$ref": "#/types/google-native:cloudscheduler%2Fv1beta1:AppEngineHttpTargetHttpMethod", "description": "The HTTP method to use for the request. PATCH and OPTIONS are not permitted." }, "relativeUri": { "type": "string", "description": "The relative URI. The relative URL must begin with \"/\" and must be a valid HTTP relative URL. It can contain a path, query string arguments, and `#` fragments. If the relative URL is empty, then the root path \"/\" will be used. No spaces are allowed, and the maximum length allowed is 2083 characters." } }, "type": "object" }, "google-native:cloudscheduler/v1beta1:AppEngineHttpTargetHttpMethod": { "description": "The HTTP method to use for the request. PATCH and OPTIONS are not permitted.", "type": "string", "enum": [ { "name": "HttpMethodUnspecified", "description": "HTTP method unspecified. Defaults to POST.", "value": "HTTP_METHOD_UNSPECIFIED" }, { "name": "Post", "description": "HTTP POST", "value": "POST" }, { "name": "Get", "description": "HTTP GET", "value": "GET" }, { "name": "Head", "description": "HTTP HEAD", "value": "HEAD" }, { "name": "Put", "description": "HTTP PUT", "value": "PUT" }, { "name": "Delete", "description": "HTTP DELETE", "value": "DELETE" }, { "name": "Patch", "description": "HTTP PATCH", "value": "PATCH" }, { "name": "Options", "description": "HTTP OPTIONS", "value": "OPTIONS" } ] }, "google-native:cloudscheduler/v1beta1:AppEngineHttpTargetResponse": { "description": "App Engine target. The job will be pushed to a job handler by means of an HTTP request via an http_method such as HTTP POST, HTTP GET, etc. The job is acknowledged by means of an HTTP response code in the range [200 - 299]. Error 503 is considered an App Engine system error instead of an application error. Requests returning error 503 will be retried regardless of retry configuration and not counted against retry counts. Any other response code, or a failure to receive a response before the deadline, constitutes a failed attempt.", "properties": { "appEngineRouting": { "$ref": "#/types/google-native:cloudscheduler%2Fv1beta1:AppEngineRoutingResponse", "description": "App Engine Routing setting for the job." }, "body": { "type": "string", "description": "Body. HTTP request body. A request body is allowed only if the HTTP method is POST or PUT. It will result in invalid argument error to set a body on a job with an incompatible HttpMethod." }, "headers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "HTTP request headers. This map contains the header field names and values. Headers can be set when the job is created. Cloud Scheduler sets some headers to default values: * `User-Agent`: By default, this header is `\"AppEngine-Google; (+http://code.google.com/appengine)\"`. This header can be modified, but Cloud Scheduler will append `\"AppEngine-Google; (+http://code.google.com/appengine)\"` to the modified `User-Agent`. * `X-CloudScheduler`: This header will be set to true. * `X-CloudScheduler-JobName`: This header will contain the job name. * `X-CloudScheduler-ScheduleTime`: For Cloud Scheduler jobs specified in the unix-cron format, this header will contain the job schedule time in RFC3339 UTC \"Zulu\" format. If the job has a body and the following headers are not set by the user, Cloud Scheduler sets default values: * `Content-Type`: This will be set to `\"application/octet-stream\"`. You can override this default by explicitly setting `Content-Type` to a particular media type when creating the job. For example, you can set `Content-Type` to `\"application/json\"`. The headers below are output only. They cannot be set or overridden: * `Content-Length`: This is computed by Cloud Scheduler. * `X-Google-*`: For Google internal use only. * `X-AppEngine-*`: For Google internal use only. In addition, some App Engine headers, which contain job-specific information, are also be sent to the job handler." }, "httpMethod": { "type": "string", "description": "The HTTP method to use for the request. PATCH and OPTIONS are not permitted." }, "relativeUri": { "type": "string", "description": "The relative URI. The relative URL must begin with \"/\" and must be a valid HTTP relative URL. It can contain a path, query string arguments, and `#` fragments. If the relative URL is empty, then the root path \"/\" will be used. No spaces are allowed, and the maximum length allowed is 2083 characters." } }, "type": "object", "required": [ "appEngineRouting", "body", "headers", "httpMethod", "relativeUri" ] }, "google-native:cloudscheduler/v1beta1:AppEngineRouting": { "description": "App Engine Routing. For more information about services, versions, and instances see [An Overview of App Engine](https://cloud.google.com/appengine/docs/python/an-overview-of-app-engine), [Microservices Architecture on Google App Engine](https://cloud.google.com/appengine/docs/python/microservices-on-app-engine), [App Engine Standard request routing](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed), and [App Engine Flex request routing](https://cloud.google.com/appengine/docs/flexible/python/how-requests-are-routed).", "properties": { "instance": { "type": "string", "description": "App instance. By default, the job is sent to an instance which is available when the job is attempted. Requests can only be sent to a specific instance if [manual scaling is used in App Engine Standard](https://cloud.google.com/appengine/docs/python/an-overview-of-app-engine?#scaling_types_and_instance_classes). App Engine Flex does not support instances. For more information, see [App Engine Standard request routing](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed) and [App Engine Flex request routing](https://cloud.google.com/appengine/docs/flexible/python/how-requests-are-routed)." }, "service": { "type": "string", "description": "App service. By default, the job is sent to the service which is the default service when the job is attempted." }, "version": { "type": "string", "description": "App version. By default, the job is sent to the version which is the default version when the job is attempted." } }, "type": "object" }, "google-native:cloudscheduler/v1beta1:AppEngineRoutingResponse": { "description": "App Engine Routing. For more information about services, versions, and instances see [An Overview of App Engine](https://cloud.google.com/appengine/docs/python/an-overview-of-app-engine), [Microservices Architecture on Google App Engine](https://cloud.google.com/appengine/docs/python/microservices-on-app-engine), [App Engine Standard request routing](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed), and [App Engine Flex request routing](https://cloud.google.com/appengine/docs/flexible/python/how-requests-are-routed).", "properties": { "host": { "type": "string", "description": "The host that the job is sent to. For more information about how App Engine requests are routed, see [here](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed). The host is constructed as: * `host = [application_domain_name]` `| [service] + '.' + [application_domain_name]` `| [version] + '.' + [application_domain_name]` `| [version_dot_service]+ '.' + [application_domain_name]` `| [instance] + '.' + [application_domain_name]` `| [instance_dot_service] + '.' + [application_domain_name]` `| [instance_dot_version] + '.' + [application_domain_name]` `| [instance_dot_version_dot_service] + '.' + [application_domain_name]` * `application_domain_name` = The domain name of the app, for example .appspot.com, which is associated with the job's project ID. * `service =` service * `version =` version * `version_dot_service =` version `+ '.' +` service * `instance =` instance * `instance_dot_service =` instance `+ '.' +` service * `instance_dot_version =` instance `+ '.' +` version * `instance_dot_version_dot_service =` instance `+ '.' +` version `+ '.' +` service If service is empty, then the job will be sent to the service which is the default service when the job is attempted. If version is empty, then the job will be sent to the version which is the default version when the job is attempted. If instance is empty, then the job will be sent to an instance which is available when the job is attempted. If service, version, or instance is invalid, then the job will be sent to the default version of the default service when the job is attempted." }, "instance": { "type": "string", "description": "App instance. By default, the job is sent to an instance which is available when the job is attempted. Requests can only be sent to a specific instance if [manual scaling is used in App Engine Standard](https://cloud.google.com/appengine/docs/python/an-overview-of-app-engine?#scaling_types_and_instance_classes). App Engine Flex does not support instances. For more information, see [App Engine Standard request routing](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed) and [App Engine Flex request routing](https://cloud.google.com/appengine/docs/flexible/python/how-requests-are-routed)." }, "service": { "type": "string", "description": "App service. By default, the job is sent to the service which is the default service when the job is attempted." }, "version": { "type": "string", "description": "App version. By default, the job is sent to the version which is the default version when the job is attempted." } }, "type": "object", "required": [ "host", "instance", "service", "version" ] }, "google-native:cloudscheduler/v1beta1:HttpTarget": { "description": "Http target. The job will be pushed to the job handler by means of an HTTP request via an http_method such as HTTP POST, HTTP GET, etc. The job is acknowledged by means of an HTTP response code in the range [200 - 299]. A failure to receive a response constitutes a failed execution. For a redirected request, the response returned by the redirected request is considered.", "properties": { "body": { "type": "string", "description": "HTTP request body. A request body is allowed only if the HTTP method is POST, PUT, or PATCH. It is an error to set body on a job with an incompatible HttpMethod." }, "headers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "HTTP request headers. This map contains the header field names and values. The user can specify HTTP request headers to send with the job's HTTP request. Repeated headers are not supported, but a header value can contain commas. The following headers represent a subset of the headers that accompany the job's HTTP request. Some HTTP request headers are ignored or replaced. A partial list of headers that are ignored or replaced is below: * Host: This will be computed by Cloud Scheduler and derived from uri. * `Content-Length`: This will be computed by Cloud Scheduler. * `User-Agent`: This will be set to `\"Google-Cloud-Scheduler\"`. * `X-Google-*`: Google internal use only. * `X-AppEngine-*`: Google internal use only. * `X-CloudScheduler`: This header will be set to true. * `X-CloudScheduler-JobName`: This header will contain the job name. * `X-CloudScheduler-ScheduleTime`: For Cloud Scheduler jobs specified in the unix-cron format, this header will contain the job schedule time in RFC3339 UTC \"Zulu\" format. If the job has a body and the following headers are not set by the user, Cloud Scheduler sets default values: * `Content-Type`: This will be set to `\"application/octet-stream\"`. You can override this default by explicitly setting `Content-Type` to a particular media type when creating the job. For example, you can set `Content-Type` to `\"application/json\"`. The total size of headers must be less than 80KB." }, "httpMethod": { "$ref": "#/types/google-native:cloudscheduler%2Fv1beta1:HttpTargetHttpMethod", "description": "Which HTTP method to use for the request." }, "oauthToken": { "$ref": "#/types/google-native:cloudscheduler%2Fv1beta1:OAuthToken", "description": "If specified, an [OAuth token](https://developers.google.com/identity/protocols/OAuth2) will be generated and attached as an `Authorization` header in the HTTP request. This type of authorization should generally only be used when calling Google APIs hosted on *.googleapis.com." }, "oidcToken": { "$ref": "#/types/google-native:cloudscheduler%2Fv1beta1:OidcToken", "description": "If specified, an [OIDC](https://developers.google.com/identity/protocols/OpenIDConnect) token will be generated and attached as an `Authorization` header in the HTTP request. This type of authorization can be used for many scenarios, including calling Cloud Run, or endpoints where you intend to validate the token yourself." }, "uri": { "type": "string", "description": "The full URI path that the request will be sent to. This string must begin with either \"http://\" or \"https://\". Some examples of valid values for uri are: `http://acme.com` and `https://acme.com/sales:8080`. Cloud Scheduler will encode some characters for safety and compatibility. The maximum allowed URL length is 2083 characters after encoding." } }, "type": "object", "required": [ "uri" ] }, "google-native:cloudscheduler/v1beta1:HttpTargetHttpMethod": { "description": "Which HTTP method to use for the request.", "type": "string", "enum": [ { "name": "HttpMethodUnspecified", "description": "HTTP method unspecified. Defaults to POST.", "value": "HTTP_METHOD_UNSPECIFIED" }, { "name": "Post", "description": "HTTP POST", "value": "POST" }, { "name": "Get", "description": "HTTP GET", "value": "GET" }, { "name": "Head", "description": "HTTP HEAD", "value": "HEAD" }, { "name": "Put", "description": "HTTP PUT", "value": "PUT" }, { "name": "Delete", "description": "HTTP DELETE", "value": "DELETE" }, { "name": "Patch", "description": "HTTP PATCH", "value": "PATCH" }, { "name": "Options", "description": "HTTP OPTIONS", "value": "OPTIONS" } ] }, "google-native:cloudscheduler/v1beta1:HttpTargetResponse": { "description": "Http target. The job will be pushed to the job handler by means of an HTTP request via an http_method such as HTTP POST, HTTP GET, etc. The job is acknowledged by means of an HTTP response code in the range [200 - 299]. A failure to receive a response constitutes a failed execution. For a redirected request, the response returned by the redirected request is considered.", "properties": { "body": { "type": "string", "description": "HTTP request body. A request body is allowed only if the HTTP method is POST, PUT, or PATCH. It is an error to set body on a job with an incompatible HttpMethod." }, "headers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "HTTP request headers. This map contains the header field names and values. The user can specify HTTP request headers to send with the job's HTTP request. Repeated headers are not supported, but a header value can contain commas. The following headers represent a subset of the headers that accompany the job's HTTP request. Some HTTP request headers are ignored or replaced. A partial list of headers that are ignored or replaced is below: * Host: This will be computed by Cloud Scheduler and derived from uri. * `Content-Length`: This will be computed by Cloud Scheduler. * `User-Agent`: This will be set to `\"Google-Cloud-Scheduler\"`. * `X-Google-*`: Google internal use only. * `X-AppEngine-*`: Google internal use only. * `X-CloudScheduler`: This header will be set to true. * `X-CloudScheduler-JobName`: This header will contain the job name. * `X-CloudScheduler-ScheduleTime`: For Cloud Scheduler jobs specified in the unix-cron format, this header will contain the job schedule time in RFC3339 UTC \"Zulu\" format. If the job has a body and the following headers are not set by the user, Cloud Scheduler sets default values: * `Content-Type`: This will be set to `\"application/octet-stream\"`. You can override this default by explicitly setting `Content-Type` to a particular media type when creating the job. For example, you can set `Content-Type` to `\"application/json\"`. The total size of headers must be less than 80KB." }, "httpMethod": { "type": "string", "description": "Which HTTP method to use for the request." }, "oauthToken": { "$ref": "#/types/google-native:cloudscheduler%2Fv1beta1:OAuthTokenResponse", "description": "If specified, an [OAuth token](https://developers.google.com/identity/protocols/OAuth2) will be generated and attached as an `Authorization` header in the HTTP request. This type of authorization should generally only be used when calling Google APIs hosted on *.googleapis.com." }, "oidcToken": { "$ref": "#/types/google-native:cloudscheduler%2Fv1beta1:OidcTokenResponse", "description": "If specified, an [OIDC](https://developers.google.com/identity/protocols/OpenIDConnect) token will be generated and attached as an `Authorization` header in the HTTP request. This type of authorization can be used for many scenarios, including calling Cloud Run, or endpoints where you intend to validate the token yourself." }, "uri": { "type": "string", "description": "The full URI path that the request will be sent to. This string must begin with either \"http://\" or \"https://\". Some examples of valid values for uri are: `http://acme.com` and `https://acme.com/sales:8080`. Cloud Scheduler will encode some characters for safety and compatibility. The maximum allowed URL length is 2083 characters after encoding." } }, "type": "object", "required": [ "body", "headers", "httpMethod", "oauthToken", "oidcToken", "uri" ] }, "google-native:cloudscheduler/v1beta1:OAuthToken": { "description": "Contains information needed for generating an [OAuth token](https://developers.google.com/identity/protocols/OAuth2). This type of authorization should generally only be used when calling Google APIs hosted on *.googleapis.com.", "properties": { "scope": { "type": "string", "description": "OAuth scope to be used for generating OAuth access token. If not specified, \"https://www.googleapis.com/auth/cloud-platform\" will be used." }, "serviceAccountEmail": { "type": "string", "description": "[Service account email](https://cloud.google.com/iam/docs/service-accounts) to be used for generating OAuth token. The service account must be within the same project as the job. The caller must have iam.serviceAccounts.actAs permission for the service account." } }, "type": "object" }, "google-native:cloudscheduler/v1beta1:OAuthTokenResponse": { "description": "Contains information needed for generating an [OAuth token](https://developers.google.com/identity/protocols/OAuth2). This type of authorization should generally only be used when calling Google APIs hosted on *.googleapis.com.", "properties": { "scope": { "type": "string", "description": "OAuth scope to be used for generating OAuth access token. If not specified, \"https://www.googleapis.com/auth/cloud-platform\" will be used." }, "serviceAccountEmail": { "type": "string", "description": "[Service account email](https://cloud.google.com/iam/docs/service-accounts) to be used for generating OAuth token. The service account must be within the same project as the job. The caller must have iam.serviceAccounts.actAs permission for the service account." } }, "type": "object", "required": [ "scope", "serviceAccountEmail" ] }, "google-native:cloudscheduler/v1beta1:OidcToken": { "description": "Contains information needed for generating an [OpenID Connect token](https://developers.google.com/identity/protocols/OpenIDConnect). This type of authorization can be used for many scenarios, including calling Cloud Run, or endpoints where you intend to validate the token yourself.", "properties": { "audience": { "type": "string", "description": "Audience to be used when generating OIDC token. If not specified, the URI specified in target will be used." }, "serviceAccountEmail": { "type": "string", "description": "[Service account email](https://cloud.google.com/iam/docs/service-accounts) to be used for generating OIDC token. The service account must be within the same project as the job. The caller must have iam.serviceAccounts.actAs permission for the service account." } }, "type": "object" }, "google-native:cloudscheduler/v1beta1:OidcTokenResponse": { "description": "Contains information needed for generating an [OpenID Connect token](https://developers.google.com/identity/protocols/OpenIDConnect). This type of authorization can be used for many scenarios, including calling Cloud Run, or endpoints where you intend to validate the token yourself.", "properties": { "audience": { "type": "string", "description": "Audience to be used when generating OIDC token. If not specified, the URI specified in target will be used." }, "serviceAccountEmail": { "type": "string", "description": "[Service account email](https://cloud.google.com/iam/docs/service-accounts) to be used for generating OIDC token. The service account must be within the same project as the job. The caller must have iam.serviceAccounts.actAs permission for the service account." } }, "type": "object", "required": [ "audience", "serviceAccountEmail" ] }, "google-native:cloudscheduler/v1beta1:PubsubTarget": { "description": "Pub/Sub target. The job will be delivered by publishing a message to the given Pub/Sub topic.", "properties": { "attributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Attributes for PubsubMessage. Pubsub message must contain either non-empty data, or at least one attribute." }, "data": { "type": "string", "description": "The message payload for PubsubMessage. Pubsub message must contain either non-empty data, or at least one attribute." }, "topicName": { "type": "string", "description": "The name of the Cloud Pub/Sub topic to which messages will be published when a job is delivered. The topic name must be in the same format as required by Pub/Sub's [PublishRequest.name](https://cloud.google.com/pubsub/docs/reference/rpc/google.pubsub.v1#publishrequest), for example `projects/PROJECT_ID/topics/TOPIC_ID`. The topic must be in the same project as the Cloud Scheduler job." } }, "type": "object", "required": [ "topicName" ] }, "google-native:cloudscheduler/v1beta1:PubsubTargetResponse": { "description": "Pub/Sub target. The job will be delivered by publishing a message to the given Pub/Sub topic.", "properties": { "attributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Attributes for PubsubMessage. Pubsub message must contain either non-empty data, or at least one attribute." }, "data": { "type": "string", "description": "The message payload for PubsubMessage. Pubsub message must contain either non-empty data, or at least one attribute." }, "topicName": { "type": "string", "description": "The name of the Cloud Pub/Sub topic to which messages will be published when a job is delivered. The topic name must be in the same format as required by Pub/Sub's [PublishRequest.name](https://cloud.google.com/pubsub/docs/reference/rpc/google.pubsub.v1#publishrequest), for example `projects/PROJECT_ID/topics/TOPIC_ID`. The topic must be in the same project as the Cloud Scheduler job." } }, "type": "object", "required": [ "attributes", "data", "topicName" ] }, "google-native:cloudscheduler/v1beta1:RetryConfig": { "description": "Settings that determine the retry behavior. By default, if a job does not complete successfully (meaning that an acknowledgement is not received from the handler, then it will be retried with exponential backoff according to the settings in RetryConfig.", "properties": { "maxBackoffDuration": { "type": "string", "description": "The maximum amount of time to wait before retrying a job after it fails. The default value of this field is 1 hour." }, "maxDoublings": { "type": "integer", "description": "The time between retries will double `max_doublings` times. A job's retry interval starts at min_backoff_duration, then doubles `max_doublings` times, then increases linearly, and finally retries at intervals of max_backoff_duration up to retry_count times. For example, if min_backoff_duration is 10s, max_backoff_duration is 300s, and `max_doublings` is 3, then the job will first be retried in 10s. The retry interval will double three times, and then increase linearly by 2^3 * 10s. Finally, the job will retry at intervals of max_backoff_duration until the job has been attempted retry_count times. Thus, the requests will retry at 10s, 20s, 40s, 80s, 160s, 240s, 300s, 300s, .... The default value of this field is 5." }, "maxRetryDuration": { "type": "string", "description": "The time limit for retrying a failed job, measured from time when an execution was first attempted. If specified with retry_count, the job will be retried until both limits are reached. The default value for max_retry_duration is zero, which means retry duration is unlimited." }, "minBackoffDuration": { "type": "string", "description": "The minimum amount of time to wait before retrying a job after it fails. The default value of this field is 5 seconds." }, "retryCount": { "type": "integer", "description": "The number of attempts that the system will make to run a job using the exponential backoff procedure described by max_doublings. The default value of retry_count is zero. If retry_count is 0, a job attempt will not be retried if it fails. Instead the Cloud Scheduler system will wait for the next scheduled execution time. Setting retry_count to 0 does not prevent failed jobs from running according to schedule after the failure. If retry_count is set to a non-zero number then Cloud Scheduler will retry failed attempts, using exponential backoff, retry_count times, or until the next scheduled execution time, whichever comes first. Values greater than 5 and negative values are not allowed." } }, "type": "object" }, "google-native:cloudscheduler/v1beta1:RetryConfigResponse": { "description": "Settings that determine the retry behavior. By default, if a job does not complete successfully (meaning that an acknowledgement is not received from the handler, then it will be retried with exponential backoff according to the settings in RetryConfig.", "properties": { "maxBackoffDuration": { "type": "string", "description": "The maximum amount of time to wait before retrying a job after it fails. The default value of this field is 1 hour." }, "maxDoublings": { "type": "integer", "description": "The time between retries will double `max_doublings` times. A job's retry interval starts at min_backoff_duration, then doubles `max_doublings` times, then increases linearly, and finally retries at intervals of max_backoff_duration up to retry_count times. For example, if min_backoff_duration is 10s, max_backoff_duration is 300s, and `max_doublings` is 3, then the job will first be retried in 10s. The retry interval will double three times, and then increase linearly by 2^3 * 10s. Finally, the job will retry at intervals of max_backoff_duration until the job has been attempted retry_count times. Thus, the requests will retry at 10s, 20s, 40s, 80s, 160s, 240s, 300s, 300s, .... The default value of this field is 5." }, "maxRetryDuration": { "type": "string", "description": "The time limit for retrying a failed job, measured from time when an execution was first attempted. If specified with retry_count, the job will be retried until both limits are reached. The default value for max_retry_duration is zero, which means retry duration is unlimited." }, "minBackoffDuration": { "type": "string", "description": "The minimum amount of time to wait before retrying a job after it fails. The default value of this field is 5 seconds." }, "retryCount": { "type": "integer", "description": "The number of attempts that the system will make to run a job using the exponential backoff procedure described by max_doublings. The default value of retry_count is zero. If retry_count is 0, a job attempt will not be retried if it fails. Instead the Cloud Scheduler system will wait for the next scheduled execution time. Setting retry_count to 0 does not prevent failed jobs from running according to schedule after the failure. If retry_count is set to a non-zero number then Cloud Scheduler will retry failed attempts, using exponential backoff, retry_count times, or until the next scheduled execution time, whichever comes first. Values greater than 5 and negative values are not allowed." } }, "type": "object", "required": [ "maxBackoffDuration", "maxDoublings", "maxRetryDuration", "minBackoffDuration", "retryCount" ] }, "google-native:cloudscheduler/v1beta1:StatusResponse": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object", "required": [ "code", "details", "message" ] }, "google-native:cloudsearch/v1:CompositeFilter": { "properties": { "logicOperator": { "$ref": "#/types/google-native:cloudsearch%2Fv1:CompositeFilterLogicOperator", "description": "The logic operator of the sub filter." }, "subFilters": { "type": "array", "items": { "$ref": "#/types/google-native:cloudsearch%2Fv1:Filter" }, "description": "Sub filters." } }, "type": "object" }, "google-native:cloudsearch/v1:CompositeFilterLogicOperator": { "description": "The logic operator of the sub filter.", "type": "string", "enum": [ { "name": "And", "description": "Logical operators, which can only be applied to sub filters.", "value": "AND" }, { "name": "Or", "value": "OR" }, { "name": "Not", "description": "NOT can only be applied on a single sub filter.", "value": "NOT" } ] }, "google-native:cloudsearch/v1:CompositeFilterResponse": { "properties": { "logicOperator": { "type": "string", "description": "The logic operator of the sub filter." }, "subFilters": { "type": "array", "items": { "$ref": "#/types/google-native:cloudsearch%2Fv1:FilterResponse" }, "description": "Sub filters." } }, "type": "object", "required": [ "logicOperator", "subFilters" ] }, "google-native:cloudsearch/v1:DataSourceRestriction": { "description": "Restriction on Datasource.", "properties": { "filterOptions": { "type": "array", "items": { "$ref": "#/types/google-native:cloudsearch%2Fv1:FilterOptions" }, "description": "Filter options restricting the results. If multiple filters are present, they are grouped by object type before joining. Filters with the same object type are joined conjunctively, then the resulting expressions are joined disjunctively. The maximum number of elements is 20. NOTE: Suggest API supports only few filters at the moment: \"objecttype\", \"type\" and \"mimetype\". For now, schema specific filters cannot be used to filter suggestions." }, "source": { "$ref": "#/types/google-native:cloudsearch%2Fv1:Source", "description": "The source of restriction." } }, "type": "object" }, "google-native:cloudsearch/v1:DataSourceRestrictionResponse": { "description": "Restriction on Datasource.", "properties": { "filterOptions": { "type": "array", "items": { "$ref": "#/types/google-native:cloudsearch%2Fv1:FilterOptionsResponse" }, "description": "Filter options restricting the results. If multiple filters are present, they are grouped by object type before joining. Filters with the same object type are joined conjunctively, then the resulting expressions are joined disjunctively. The maximum number of elements is 20. NOTE: Suggest API supports only few filters at the moment: \"objecttype\", \"type\" and \"mimetype\". For now, schema specific filters cannot be used to filter suggestions." }, "source": { "$ref": "#/types/google-native:cloudsearch%2Fv1:SourceResponse", "description": "The source of restriction." } }, "type": "object", "required": [ "filterOptions", "source" ] }, "google-native:cloudsearch/v1:Date": { "description": "Represents a whole calendar date, for example a date of birth. The time of day and time zone are either specified elsewhere or are not significant. The date is relative to the [Proleptic Gregorian Calendar](https://en.wikipedia.org/wiki/Proleptic_Gregorian_calendar). The date must be a valid calendar date between the year 1 and 9999.", "properties": { "day": { "type": "integer", "description": "Day of month. Must be from 1 to 31 and valid for the year and month." }, "month": { "type": "integer", "description": "Month of date. Must be from 1 to 12." }, "year": { "type": "integer", "description": "Year of date. Must be from 1 to 9999." } }, "type": "object" }, "google-native:cloudsearch/v1:DateResponse": { "description": "Represents a whole calendar date, for example a date of birth. The time of day and time zone are either specified elsewhere or are not significant. The date is relative to the [Proleptic Gregorian Calendar](https://en.wikipedia.org/wiki/Proleptic_Gregorian_calendar). The date must be a valid calendar date between the year 1 and 9999.", "properties": { "day": { "type": "integer", "description": "Day of month. Must be from 1 to 31 and valid for the year and month." }, "month": { "type": "integer", "description": "Month of date. Must be from 1 to 12." }, "year": { "type": "integer", "description": "Year of date. Must be from 1 to 9999." } }, "type": "object", "required": [ "day", "month", "year" ] }, "google-native:cloudsearch/v1:FacetOptions": { "description": "Specifies operators to return facet results for. There will be one FacetResult for every source_name/object_type/operator_name combination.", "properties": { "integerFacetingOptions": { "$ref": "#/types/google-native:cloudsearch%2Fv1:IntegerFacetingOptions", "description": "If set, describes integer faceting options for the given integer property. The corresponding integer property in the schema should be marked isFacetable. The number of buckets returned would be minimum of this and num_facet_buckets." }, "numFacetBuckets": { "type": "integer", "description": "Maximum number of facet buckets that should be returned for this facet. Defaults to 10. Maximum value is 100." }, "objectType": { "type": "string", "description": "If object_type is set, only those objects of that type will be used to compute facets. If empty, then all objects will be used to compute facets." }, "operatorName": { "type": "string", "description": "The name of the operator chosen for faceting. @see cloudsearch.SchemaPropertyOptions" }, "sourceName": { "type": "string", "description": "Source name to facet on. Format: datasources/{source_id} If empty, all data sources will be used." } }, "type": "object" }, "google-native:cloudsearch/v1:FacetOptionsResponse": { "description": "Specifies operators to return facet results for. There will be one FacetResult for every source_name/object_type/operator_name combination.", "properties": { "integerFacetingOptions": { "$ref": "#/types/google-native:cloudsearch%2Fv1:IntegerFacetingOptionsResponse", "description": "If set, describes integer faceting options for the given integer property. The corresponding integer property in the schema should be marked isFacetable. The number of buckets returned would be minimum of this and num_facet_buckets." }, "numFacetBuckets": { "type": "integer", "description": "Maximum number of facet buckets that should be returned for this facet. Defaults to 10. Maximum value is 100." }, "objectType": { "type": "string", "description": "If object_type is set, only those objects of that type will be used to compute facets. If empty, then all objects will be used to compute facets." }, "operatorName": { "type": "string", "description": "The name of the operator chosen for faceting. @see cloudsearch.SchemaPropertyOptions" }, "sourceName": { "type": "string", "description": "Source name to facet on. Format: datasources/{source_id} If empty, all data sources will be used." } }, "type": "object", "required": [ "integerFacetingOptions", "numFacetBuckets", "objectType", "operatorName", "sourceName" ] }, "google-native:cloudsearch/v1:Filter": { "description": "A generic way of expressing filters in a query, which supports two approaches: **1. Setting a ValueFilter.** The name must match an operator_name defined in the schema for your data source. **2. Setting a CompositeFilter.** The filters are evaluated using the logical operator. The top-level operators can only be either an AND or a NOT. AND can appear only at the top-most level. OR can appear only under a top-level AND.", "properties": { "compositeFilter": { "$ref": "#/types/google-native:cloudsearch%2Fv1:CompositeFilter" }, "valueFilter": { "$ref": "#/types/google-native:cloudsearch%2Fv1:ValueFilter" } }, "type": "object" }, "google-native:cloudsearch/v1:FilterOptions": { "description": "Filter options to be applied on query.", "properties": { "filter": { "$ref": "#/types/google-native:cloudsearch%2Fv1:Filter", "description": "Generic filter to restrict the search, such as `lang:en`, `site:xyz`." }, "objectType": { "type": "string", "description": "If object_type is set, only objects of that type are returned. This should correspond to the name of the object that was registered within the definition of schema. The maximum length is 256 characters." } }, "type": "object" }, "google-native:cloudsearch/v1:FilterOptionsResponse": { "description": "Filter options to be applied on query.", "properties": { "filter": { "$ref": "#/types/google-native:cloudsearch%2Fv1:FilterResponse", "description": "Generic filter to restrict the search, such as `lang:en`, `site:xyz`." }, "objectType": { "type": "string", "description": "If object_type is set, only objects of that type are returned. This should correspond to the name of the object that was registered within the definition of schema. The maximum length is 256 characters." } }, "type": "object", "required": [ "filter", "objectType" ] }, "google-native:cloudsearch/v1:FilterResponse": { "description": "A generic way of expressing filters in a query, which supports two approaches: **1. Setting a ValueFilter.** The name must match an operator_name defined in the schema for your data source. **2. Setting a CompositeFilter.** The filters are evaluated using the logical operator. The top-level operators can only be either an AND or a NOT. AND can appear only at the top-most level. OR can appear only under a top-level AND.", "properties": { "compositeFilter": { "$ref": "#/types/google-native:cloudsearch%2Fv1:CompositeFilterResponse" }, "valueFilter": { "$ref": "#/types/google-native:cloudsearch%2Fv1:ValueFilterResponse" } }, "type": "object", "required": [ "compositeFilter", "valueFilter" ] }, "google-native:cloudsearch/v1:GSuitePrincipal": { "properties": { "gsuiteDomain": { "type": "boolean", "description": "This principal represents all users of the Google Workspace domain of the customer." }, "gsuiteGroupEmail": { "type": "string", "description": "This principal references a Google Workspace group name." }, "gsuiteUserEmail": { "type": "string", "description": "This principal references a Google Workspace user account." } }, "type": "object" }, "google-native:cloudsearch/v1:GSuitePrincipalResponse": { "properties": { "gsuiteDomain": { "type": "boolean", "description": "This principal represents all users of the Google Workspace domain of the customer." }, "gsuiteGroupEmail": { "type": "string", "description": "This principal references a Google Workspace group name." }, "gsuiteUserEmail": { "type": "string", "description": "This principal references a Google Workspace user account." } }, "type": "object", "required": [ "gsuiteDomain", "gsuiteGroupEmail", "gsuiteUserEmail" ] }, "google-native:cloudsearch/v1:IntegerFacetingOptions": { "description": "Used to specify integer faceting options.", "properties": { "integerBuckets": { "type": "array", "items": { "type": "string" }, "description": "Buckets for given integer values should be in strictly ascending order. For example, if values supplied are (1,5,10,100), the following facet buckets will be formed {<1, [1,5), [5-10), [10-100), >=100}." } }, "type": "object" }, "google-native:cloudsearch/v1:IntegerFacetingOptionsResponse": { "description": "Used to specify integer faceting options.", "properties": { "integerBuckets": { "type": "array", "items": { "type": "string" }, "description": "Buckets for given integer values should be in strictly ascending order. For example, if values supplied are (1,5,10,100), the following facet buckets will be formed {<1, [1,5), [5-10), [10-100), >=100}." } }, "type": "object", "required": [ "integerBuckets" ] }, "google-native:cloudsearch/v1:QueryInterpretationConfig": { "description": "Default options to interpret user query.", "properties": { "forceDisableSupplementalResults": { "type": "boolean", "description": "Set this flag to disable supplemental results retrieval, setting a flag here will not retrieve supplemental results for queries associated with a given search application. If this flag is set to True, it will take precedence over the option set at Query level. For the default value of False, query level flag will set the correct interpretation for supplemental results." }, "forceVerbatimMode": { "type": "boolean", "description": "Enable this flag to turn off all internal optimizations like natural language (NL) interpretation of queries, supplemental results retrieval, and usage of synonyms including custom ones. If this flag is set to True, it will take precedence over the option set at Query level. For the default value of False, query level flag will set the correct interpretation for verbatim mode." } }, "type": "object" }, "google-native:cloudsearch/v1:QueryInterpretationConfigResponse": { "description": "Default options to interpret user query.", "properties": { "forceDisableSupplementalResults": { "type": "boolean", "description": "Set this flag to disable supplemental results retrieval, setting a flag here will not retrieve supplemental results for queries associated with a given search application. If this flag is set to True, it will take precedence over the option set at Query level. For the default value of False, query level flag will set the correct interpretation for supplemental results." }, "forceVerbatimMode": { "type": "boolean", "description": "Enable this flag to turn off all internal optimizations like natural language (NL) interpretation of queries, supplemental results retrieval, and usage of synonyms including custom ones. If this flag is set to True, it will take precedence over the option set at Query level. For the default value of False, query level flag will set the correct interpretation for verbatim mode." } }, "type": "object", "required": [ "forceDisableSupplementalResults", "forceVerbatimMode" ] }, "google-native:cloudsearch/v1:ScoringConfig": { "description": "Scoring configurations for a source while processing a Search or Suggest request.", "properties": { "disableFreshness": { "type": "boolean", "description": "Whether to use freshness as a ranking signal. By default, freshness is used as a ranking signal. Note that this setting is not available in the Admin UI." }, "disablePersonalization": { "type": "boolean", "description": "Whether to personalize the results. By default, personal signals will be used to boost results." } }, "type": "object" }, "google-native:cloudsearch/v1:ScoringConfigResponse": { "description": "Scoring configurations for a source while processing a Search or Suggest request.", "properties": { "disableFreshness": { "type": "boolean", "description": "Whether to use freshness as a ranking signal. By default, freshness is used as a ranking signal. Note that this setting is not available in the Admin UI." }, "disablePersonalization": { "type": "boolean", "description": "Whether to personalize the results. By default, personal signals will be used to boost results." } }, "type": "object", "required": [ "disableFreshness", "disablePersonalization" ] }, "google-native:cloudsearch/v1:SortOptions": { "properties": { "operatorName": { "type": "string", "description": "The name of the operator corresponding to the field to sort on. The corresponding property must be marked as sortable." }, "sortOrder": { "$ref": "#/types/google-native:cloudsearch%2Fv1:SortOptionsSortOrder", "description": "Ascending is the default sort order" } }, "type": "object" }, "google-native:cloudsearch/v1:SortOptionsResponse": { "properties": { "operatorName": { "type": "string", "description": "The name of the operator corresponding to the field to sort on. The corresponding property must be marked as sortable." }, "sortOrder": { "type": "string", "description": "Ascending is the default sort order" } }, "type": "object", "required": [ "operatorName", "sortOrder" ] }, "google-native:cloudsearch/v1:SortOptionsSortOrder": { "description": "Ascending is the default sort order", "type": "string", "enum": [ { "name": "Ascending", "value": "ASCENDING" }, { "name": "Descending", "value": "DESCENDING" } ] }, "google-native:cloudsearch/v1:Source": { "description": "Defines sources for the suggest/search APIs.", "properties": { "name": { "type": "string", "description": "Source name for content indexed by the Indexing API." }, "predefinedSource": { "$ref": "#/types/google-native:cloudsearch%2Fv1:SourcePredefinedSource", "description": "Predefined content source for Google Apps." } }, "type": "object" }, "google-native:cloudsearch/v1:SourceConfig": { "description": "Configurations for a source while processing a Search or Suggest request.", "properties": { "crowdingConfig": { "$ref": "#/types/google-native:cloudsearch%2Fv1:SourceCrowdingConfig", "description": "The crowding configuration for the source." }, "scoringConfig": { "$ref": "#/types/google-native:cloudsearch%2Fv1:SourceScoringConfig", "description": "The scoring configuration for the source." }, "source": { "$ref": "#/types/google-native:cloudsearch%2Fv1:Source", "description": "The source for which this configuration is to be used." } }, "type": "object" }, "google-native:cloudsearch/v1:SourceConfigResponse": { "description": "Configurations for a source while processing a Search or Suggest request.", "properties": { "crowdingConfig": { "$ref": "#/types/google-native:cloudsearch%2Fv1:SourceCrowdingConfigResponse", "description": "The crowding configuration for the source." }, "scoringConfig": { "$ref": "#/types/google-native:cloudsearch%2Fv1:SourceScoringConfigResponse", "description": "The scoring configuration for the source." }, "source": { "$ref": "#/types/google-native:cloudsearch%2Fv1:SourceResponse", "description": "The source for which this configuration is to be used." } }, "type": "object", "required": [ "crowdingConfig", "scoringConfig", "source" ] }, "google-native:cloudsearch/v1:SourceCrowdingConfig": { "description": "Set search results crowding limits. Crowding is a situation in which multiple results from the same source or host \"crowd out\" other results, diminishing the quality of search for users. To foster better search quality and source diversity in search results, you can set a condition to reduce repetitive results by source.", "properties": { "numResults": { "type": "integer", "description": "Maximum number of results allowed from a datasource in a result page as long as results from other sources are not exhausted. Value specified must not be negative. A default value is used if this value is equal to 0. To disable crowding, set the value greater than 100." }, "numSuggestions": { "type": "integer", "description": "Maximum number of suggestions allowed from a source. No limits will be set on results if this value is less than or equal to 0." } }, "type": "object" }, "google-native:cloudsearch/v1:SourceCrowdingConfigResponse": { "description": "Set search results crowding limits. Crowding is a situation in which multiple results from the same source or host \"crowd out\" other results, diminishing the quality of search for users. To foster better search quality and source diversity in search results, you can set a condition to reduce repetitive results by source.", "properties": { "numResults": { "type": "integer", "description": "Maximum number of results allowed from a datasource in a result page as long as results from other sources are not exhausted. Value specified must not be negative. A default value is used if this value is equal to 0. To disable crowding, set the value greater than 100." }, "numSuggestions": { "type": "integer", "description": "Maximum number of suggestions allowed from a source. No limits will be set on results if this value is less than or equal to 0." } }, "type": "object", "required": [ "numResults", "numSuggestions" ] }, "google-native:cloudsearch/v1:SourcePredefinedSource": { "description": "Predefined content source for Google Apps.", "type": "string", "enum": [ { "name": "None", "value": "NONE" }, { "name": "QueryHistory", "description": "Suggests queries issued by the user in the past. Only valid when used with the suggest API. Ignored when used in the query API.", "value": "QUERY_HISTORY" }, { "name": "Person", "description": "Suggests people in the organization. Only valid when used with the suggest API. Results in an error when used in the query API.", "value": "PERSON" }, { "name": "GoogleDrive", "value": "GOOGLE_DRIVE" }, { "name": "GoogleGmail", "value": "GOOGLE_GMAIL" }, { "name": "GoogleSites", "value": "GOOGLE_SITES" }, { "name": "GoogleGroups", "value": "GOOGLE_GROUPS" }, { "name": "GoogleCalendar", "value": "GOOGLE_CALENDAR" }, { "name": "GoogleKeep", "value": "GOOGLE_KEEP" } ] }, "google-native:cloudsearch/v1:SourceResponse": { "description": "Defines sources for the suggest/search APIs.", "properties": { "name": { "type": "string", "description": "Source name for content indexed by the Indexing API." }, "predefinedSource": { "type": "string", "description": "Predefined content source for Google Apps." } }, "type": "object", "required": [ "name", "predefinedSource" ] }, "google-native:cloudsearch/v1:SourceScoringConfig": { "description": "Set the scoring configuration. This allows modifying the ranking of results for a source.", "properties": { "sourceImportance": { "$ref": "#/types/google-native:cloudsearch%2Fv1:SourceScoringConfigSourceImportance", "description": "Importance of the source." } }, "type": "object" }, "google-native:cloudsearch/v1:SourceScoringConfigResponse": { "description": "Set the scoring configuration. This allows modifying the ranking of results for a source.", "properties": { "sourceImportance": { "type": "string", "description": "Importance of the source." } }, "type": "object", "required": [ "sourceImportance" ] }, "google-native:cloudsearch/v1:SourceScoringConfigSourceImportance": { "description": "Importance of the source.", "type": "string", "enum": [ { "name": "Default", "value": "DEFAULT" }, { "name": "Low", "value": "LOW" }, { "name": "High", "value": "HIGH" } ] }, "google-native:cloudsearch/v1:Value": { "description": "Definition of a single value with generic type.", "properties": { "booleanValue": { "type": "boolean" }, "dateValue": { "$ref": "#/types/google-native:cloudsearch%2Fv1:Date" }, "doubleValue": { "type": "number" }, "integerValue": { "type": "string" }, "stringValue": { "type": "string" }, "timestampValue": { "type": "string" } }, "type": "object" }, "google-native:cloudsearch/v1:ValueFilter": { "properties": { "operatorName": { "type": "string", "description": "The `operator_name` applied to the query, such as *price_greater_than*. The filter can work against both types of filters defined in the schema for your data source: 1. `operator_name`, where the query filters results by the property that matches the value. 2. `greater_than_operator_name` or `less_than_operator_name` in your schema. The query filters the results for the property values that are greater than or less than the supplied value in the query." }, "value": { "$ref": "#/types/google-native:cloudsearch%2Fv1:Value", "description": "The value to be compared with." } }, "type": "object" }, "google-native:cloudsearch/v1:ValueFilterResponse": { "properties": { "operatorName": { "type": "string", "description": "The `operator_name` applied to the query, such as *price_greater_than*. The filter can work against both types of filters defined in the schema for your data source: 1. `operator_name`, where the query filters results by the property that matches the value. 2. `greater_than_operator_name` or `less_than_operator_name` in your schema. The query filters the results for the property values that are greater than or less than the supplied value in the query." }, "value": { "$ref": "#/types/google-native:cloudsearch%2Fv1:ValueResponse", "description": "The value to be compared with." } }, "type": "object", "required": [ "operatorName", "value" ] }, "google-native:cloudsearch/v1:ValueResponse": { "description": "Definition of a single value with generic type.", "properties": { "booleanValue": { "type": "boolean" }, "dateValue": { "$ref": "#/types/google-native:cloudsearch%2Fv1:DateResponse" }, "doubleValue": { "type": "number" }, "integerValue": { "type": "string" }, "stringValue": { "type": "string" }, "timestampValue": { "type": "string" } }, "type": "object", "required": [ "booleanValue", "dateValue", "doubleValue", "integerValue", "stringValue", "timestampValue" ] }, "google-native:cloudsupport/v2:Actor": { "description": "An object containing information about the effective user and authenticated principal responsible for an action.", "properties": { "displayName": { "type": "string", "description": "The name to display for the actor. If not provided, it is inferred from credentials supplied during case creation. When an email is provided, a display name must also be provided. This will be obfuscated if the user is a Google Support agent." }, "email": { "type": "string", "description": "The email address of the actor. If not provided, it is inferred from credentials supplied during case creation. If the authenticated principal does not have an email address, one must be provided. When a name is provided, an email must also be provided. This will be obfuscated if the user is a Google Support agent." } }, "type": "object" }, "google-native:cloudsupport/v2:ActorResponse": { "description": "An object containing information about the effective user and authenticated principal responsible for an action.", "properties": { "displayName": { "type": "string", "description": "The name to display for the actor. If not provided, it is inferred from credentials supplied during case creation. When an email is provided, a display name must also be provided. This will be obfuscated if the user is a Google Support agent." }, "email": { "type": "string", "description": "The email address of the actor. If not provided, it is inferred from credentials supplied during case creation. If the authenticated principal does not have an email address, one must be provided. When a name is provided, an email must also be provided. This will be obfuscated if the user is a Google Support agent." }, "googleSupport": { "type": "boolean", "description": "Whether the actor is a Google support actor." } }, "type": "object", "required": [ "displayName", "email", "googleSupport" ] }, "google-native:cloudsupport/v2:CaseClassification": { "description": "A classification object with a product type and value.", "properties": { "displayName": { "type": "string", "description": "A display name for the classification. The display name is not static and can change. To uniquely and consistently identify classifications, use the `CaseClassification.id` field." }, "id": { "type": "string", "description": "The unique ID for a classification. Must be specified for case creation. To retrieve valid classification IDs for case creation, use `caseClassifications.search`. Classification IDs returned by `caseClassifications.search` are guaranteed to be valid for at least 6 months. If a given classification is deactiveated, it will immediately stop being returned. After 6 months, `case.create` requests using the classification ID will fail." } }, "type": "object" }, "google-native:cloudsupport/v2:CaseClassificationResponse": { "description": "A classification object with a product type and value.", "properties": { "displayName": { "type": "string", "description": "A display name for the classification. The display name is not static and can change. To uniquely and consistently identify classifications, use the `CaseClassification.id` field." } }, "type": "object", "required": [ "displayName" ] }, "google-native:cloudsupport/v2:CasePriority": { "description": "The priority of this case.", "type": "string", "enum": [ { "name": "PriorityUnspecified", "description": "Priority is undefined or has not been set yet.", "value": "PRIORITY_UNSPECIFIED" }, { "name": "P0", "description": "Extreme impact on a production service. Service is hard down.", "value": "P0" }, { "name": "P1", "description": "Critical impact on a production service. Service is currently unusable.", "value": "P1" }, { "name": "P2", "description": "Severe impact on a production service. Service is usable but greatly impaired.", "value": "P2" }, { "name": "P3", "description": "Medium impact on a production service. Service is available, but moderately impaired.", "value": "P3" }, { "name": "P4", "description": "General questions or minor issues. Production service is fully available.", "value": "P4" } ] }, "google-native:cloudsupport/v2beta:Actor": { "description": "An object containing information about the effective user and authenticated principal responsible for an action.", "properties": { "displayName": { "type": "string", "description": "The name to display for the actor. If not provided, it is inferred from credentials supplied during case creation. When an email is provided, a display name must also be provided. This will be obfuscated if the user is a Google Support agent." }, "email": { "type": "string", "description": "The email address of the actor. If not provided, it is inferred from credentials supplied during case creation. If the authenticated principal does not have an email address, one must be provided. When a name is provided, an email must also be provided. This will be obfuscated if the user is a Google Support agent." } }, "type": "object" }, "google-native:cloudsupport/v2beta:ActorResponse": { "description": "An object containing information about the effective user and authenticated principal responsible for an action.", "properties": { "displayName": { "type": "string", "description": "The name to display for the actor. If not provided, it is inferred from credentials supplied during case creation. When an email is provided, a display name must also be provided. This will be obfuscated if the user is a Google Support agent." }, "email": { "type": "string", "description": "The email address of the actor. If not provided, it is inferred from credentials supplied during case creation. If the authenticated principal does not have an email address, one must be provided. When a name is provided, an email must also be provided. This will be obfuscated if the user is a Google Support agent." }, "googleSupport": { "type": "boolean", "description": "Whether the actor is a Google support actor." } }, "type": "object", "required": [ "displayName", "email", "googleSupport" ] }, "google-native:cloudsupport/v2beta:CaseClassification": { "description": "A classification object with a product type and value.", "properties": { "displayName": { "type": "string", "description": "A display name for the classification. The display name is not static and can change. To uniquely and consistently identify classifications, use the `CaseClassification.id` field." }, "id": { "type": "string", "description": "The unique ID for a classification. Must be specified for case creation. To retrieve valid classification IDs for case creation, use `caseClassifications.search`. Classification IDs returned by `caseClassifications.search` are guaranteed to be valid for at least 6 months. If a given classification is deactiveated, it will immediately stop being returned. After 6 months, `case.create` requests using the classification ID will fail." } }, "type": "object" }, "google-native:cloudsupport/v2beta:CaseClassificationResponse": { "description": "A classification object with a product type and value.", "properties": { "displayName": { "type": "string", "description": "A display name for the classification. The display name is not static and can change. To uniquely and consistently identify classifications, use the `CaseClassification.id` field." } }, "type": "object", "required": [ "displayName" ] }, "google-native:cloudsupport/v2beta:CasePriority": { "description": "The priority of this case.", "type": "string", "enum": [ { "name": "PriorityUnspecified", "description": "Priority is undefined or has not been set yet.", "value": "PRIORITY_UNSPECIFIED" }, { "name": "P0", "description": "Extreme impact on a production service. Service is hard down.", "value": "P0" }, { "name": "P1", "description": "Critical impact on a production service. Service is currently unusable.", "value": "P1" }, { "name": "P2", "description": "Severe impact on a production service. Service is usable but greatly impaired.", "value": "P2" }, { "name": "P3", "description": "Medium impact on a production service. Service is available, but moderately impaired.", "value": "P3" }, { "name": "P4", "description": "General questions or minor issues. Production service is fully available.", "value": "P4" } ] }, "google-native:cloudsupport/v2beta:CaseSeverity": { "description": "REMOVED. The severity of this case. Use priority instead.", "type": "string", "enum": [ { "name": "SeverityUnspecified", "description": "Severity is undefined or has not been set yet.", "value": "SEVERITY_UNSPECIFIED" }, { "name": "S0", "description": "Extreme impact on a production service. Service is hard down.", "value": "S0" }, { "name": "S1", "description": "Critical impact on a production service. Service is currently unusable.", "value": "S1" }, { "name": "S2", "description": "Severe impact on a production service. Service is usable but greatly impaired.", "value": "S2" }, { "name": "S3", "description": "Medium impact on a production service. Service is available, but moderately impaired.", "value": "S3" }, { "name": "S4", "description": "General questions or minor issues. Production service is fully available.", "value": "S4" } ] }, "google-native:cloudtasks/v2:AppEngineHttpRequest": { "description": "App Engine HTTP request. The message defines the HTTP request that is sent to an App Engine app when the task is dispatched. Using AppEngineHttpRequest requires [`appengine.applications.get`](https://cloud.google.com/appengine/docs/admin-api/access-control) Google IAM permission for the project and the following scope: `https://www.googleapis.com/auth/cloud-platform` The task will be delivered to the App Engine app which belongs to the same project as the queue. For more information, see [How Requests are Routed](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed) and how routing is affected by [dispatch files](https://cloud.google.com/appengine/docs/python/config/dispatchref). Traffic is encrypted during transport and never leaves Google datacenters. Because this traffic is carried over a communication mechanism internal to Google, you cannot explicitly set the protocol (for example, HTTP or HTTPS). The request to the handler, however, will appear to have used the HTTP protocol. The AppEngineRouting used to construct the URL that the task is delivered to can be set at the queue-level or task-level: * If app_engine_routing_override is set on the queue, this value is used for all tasks in the queue, no matter what the setting is for the task-level app_engine_routing. The `url` that the task will be sent to is: * `url =` host `+` relative_uri Tasks can be dispatched to secure app handlers, unsecure app handlers, and URIs restricted with [`login: admin`](https://cloud.google.com/appengine/docs/standard/python/config/appref). Because tasks are not run as any user, they cannot be dispatched to URIs restricted with [`login: required`](https://cloud.google.com/appengine/docs/standard/python/config/appref) Task dispatches also do not follow redirects. The task attempt has succeeded if the app's request handler returns an HTTP response code in the range [`200` - `299`]. The task attempt has failed if the app's handler returns a non-2xx response code or Cloud Tasks does not receive response before the deadline. Failed tasks will be retried according to the retry configuration. `503` (Service Unavailable) is considered an App Engine system error instead of an application error and will cause Cloud Tasks' traffic congestion control to temporarily throttle the queue's dispatches. Unlike other types of task targets, a `429` (Too Many Requests) response from an app handler does not cause traffic congestion control to throttle the queue.", "properties": { "appEngineRouting": { "$ref": "#/types/google-native:cloudtasks%2Fv2:AppEngineRouting", "description": "Task-level setting for App Engine routing. * If app_engine_routing_override is set on the queue, this value is used for all tasks in the queue, no matter what the setting is for the task-level app_engine_routing." }, "body": { "type": "string", "description": "HTTP request body. A request body is allowed only if the HTTP method is POST or PUT. It is an error to set a body on a task with an incompatible HttpMethod." }, "headers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "HTTP request headers. This map contains the header field names and values. Headers can be set when the task is created. Repeated headers are not supported but a header value can contain commas. Cloud Tasks sets some headers to default values: * `User-Agent`: By default, this header is `\"AppEngine-Google; (+http://code.google.com/appengine)\"`. This header can be modified, but Cloud Tasks will append `\"AppEngine-Google; (+http://code.google.com/appengine)\"` to the modified `User-Agent`. If the task has a body, Cloud Tasks sets the following headers: * `Content-Type`: By default, the `Content-Type` header is set to `\"application/octet-stream\"`. The default can be overridden by explicitly setting `Content-Type` to a particular media type when the task is created. For example, `Content-Type` can be set to `\"application/json\"`. * `Content-Length`: This is computed by Cloud Tasks. This value is output only. It cannot be changed. The headers below cannot be set or overridden: * `Host` * `X-Google-*` * `X-AppEngine-*` In addition, Cloud Tasks sets some headers when the task is dispatched, such as headers containing information about the task; see [request headers](https://cloud.google.com/tasks/docs/creating-appengine-handlers#reading_request_headers). These headers are set only when the task is dispatched, so they are not visible when the task is returned in a Cloud Tasks response. Although there is no specific limit for the maximum number of headers or the size, there is a limit on the maximum size of the Task. For more information, see the CreateTask documentation." }, "httpMethod": { "$ref": "#/types/google-native:cloudtasks%2Fv2:AppEngineHttpRequestHttpMethod", "description": "The HTTP method to use for the request. The default is POST. The app's request handler for the task's target URL must be able to handle HTTP requests with this http_method, otherwise the task attempt fails with error code 405 (Method Not Allowed). See [Writing a push task request handler](https://cloud.google.com/appengine/docs/java/taskqueue/push/creating-handlers#writing_a_push_task_request_handler) and the App Engine documentation for your runtime on [How Requests are Handled](https://cloud.google.com/appengine/docs/standard/python3/how-requests-are-handled)." }, "relativeUri": { "type": "string", "description": "The relative URI. The relative URI must begin with \"/\" and must be a valid HTTP relative URI. It can contain a path and query string arguments. If the relative URI is empty, then the root path \"/\" will be used. No spaces are allowed, and the maximum length allowed is 2083 characters." } }, "type": "object" }, "google-native:cloudtasks/v2:AppEngineHttpRequestHttpMethod": { "description": "The HTTP method to use for the request. The default is POST. The app's request handler for the task's target URL must be able to handle HTTP requests with this http_method, otherwise the task attempt fails with error code 405 (Method Not Allowed). See [Writing a push task request handler](https://cloud.google.com/appengine/docs/java/taskqueue/push/creating-handlers#writing_a_push_task_request_handler) and the App Engine documentation for your runtime on [How Requests are Handled](https://cloud.google.com/appengine/docs/standard/python3/how-requests-are-handled).", "type": "string", "enum": [ { "name": "HttpMethodUnspecified", "description": "HTTP method unspecified", "value": "HTTP_METHOD_UNSPECIFIED" }, { "name": "Post", "description": "HTTP POST", "value": "POST" }, { "name": "Get", "description": "HTTP GET", "value": "GET" }, { "name": "Head", "description": "HTTP HEAD", "value": "HEAD" }, { "name": "Put", "description": "HTTP PUT", "value": "PUT" }, { "name": "Delete", "description": "HTTP DELETE", "value": "DELETE" }, { "name": "Patch", "description": "HTTP PATCH", "value": "PATCH" }, { "name": "Options", "description": "HTTP OPTIONS", "value": "OPTIONS" } ] }, "google-native:cloudtasks/v2:AppEngineHttpRequestResponse": { "description": "App Engine HTTP request. The message defines the HTTP request that is sent to an App Engine app when the task is dispatched. Using AppEngineHttpRequest requires [`appengine.applications.get`](https://cloud.google.com/appengine/docs/admin-api/access-control) Google IAM permission for the project and the following scope: `https://www.googleapis.com/auth/cloud-platform` The task will be delivered to the App Engine app which belongs to the same project as the queue. For more information, see [How Requests are Routed](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed) and how routing is affected by [dispatch files](https://cloud.google.com/appengine/docs/python/config/dispatchref). Traffic is encrypted during transport and never leaves Google datacenters. Because this traffic is carried over a communication mechanism internal to Google, you cannot explicitly set the protocol (for example, HTTP or HTTPS). The request to the handler, however, will appear to have used the HTTP protocol. The AppEngineRouting used to construct the URL that the task is delivered to can be set at the queue-level or task-level: * If app_engine_routing_override is set on the queue, this value is used for all tasks in the queue, no matter what the setting is for the task-level app_engine_routing. The `url` that the task will be sent to is: * `url =` host `+` relative_uri Tasks can be dispatched to secure app handlers, unsecure app handlers, and URIs restricted with [`login: admin`](https://cloud.google.com/appengine/docs/standard/python/config/appref). Because tasks are not run as any user, they cannot be dispatched to URIs restricted with [`login: required`](https://cloud.google.com/appengine/docs/standard/python/config/appref) Task dispatches also do not follow redirects. The task attempt has succeeded if the app's request handler returns an HTTP response code in the range [`200` - `299`]. The task attempt has failed if the app's handler returns a non-2xx response code or Cloud Tasks does not receive response before the deadline. Failed tasks will be retried according to the retry configuration. `503` (Service Unavailable) is considered an App Engine system error instead of an application error and will cause Cloud Tasks' traffic congestion control to temporarily throttle the queue's dispatches. Unlike other types of task targets, a `429` (Too Many Requests) response from an app handler does not cause traffic congestion control to throttle the queue.", "properties": { "appEngineRouting": { "$ref": "#/types/google-native:cloudtasks%2Fv2:AppEngineRoutingResponse", "description": "Task-level setting for App Engine routing. * If app_engine_routing_override is set on the queue, this value is used for all tasks in the queue, no matter what the setting is for the task-level app_engine_routing." }, "body": { "type": "string", "description": "HTTP request body. A request body is allowed only if the HTTP method is POST or PUT. It is an error to set a body on a task with an incompatible HttpMethod." }, "headers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "HTTP request headers. This map contains the header field names and values. Headers can be set when the task is created. Repeated headers are not supported but a header value can contain commas. Cloud Tasks sets some headers to default values: * `User-Agent`: By default, this header is `\"AppEngine-Google; (+http://code.google.com/appengine)\"`. This header can be modified, but Cloud Tasks will append `\"AppEngine-Google; (+http://code.google.com/appengine)\"` to the modified `User-Agent`. If the task has a body, Cloud Tasks sets the following headers: * `Content-Type`: By default, the `Content-Type` header is set to `\"application/octet-stream\"`. The default can be overridden by explicitly setting `Content-Type` to a particular media type when the task is created. For example, `Content-Type` can be set to `\"application/json\"`. * `Content-Length`: This is computed by Cloud Tasks. This value is output only. It cannot be changed. The headers below cannot be set or overridden: * `Host` * `X-Google-*` * `X-AppEngine-*` In addition, Cloud Tasks sets some headers when the task is dispatched, such as headers containing information about the task; see [request headers](https://cloud.google.com/tasks/docs/creating-appengine-handlers#reading_request_headers). These headers are set only when the task is dispatched, so they are not visible when the task is returned in a Cloud Tasks response. Although there is no specific limit for the maximum number of headers or the size, there is a limit on the maximum size of the Task. For more information, see the CreateTask documentation." }, "httpMethod": { "type": "string", "description": "The HTTP method to use for the request. The default is POST. The app's request handler for the task's target URL must be able to handle HTTP requests with this http_method, otherwise the task attempt fails with error code 405 (Method Not Allowed). See [Writing a push task request handler](https://cloud.google.com/appengine/docs/java/taskqueue/push/creating-handlers#writing_a_push_task_request_handler) and the App Engine documentation for your runtime on [How Requests are Handled](https://cloud.google.com/appengine/docs/standard/python3/how-requests-are-handled)." }, "relativeUri": { "type": "string", "description": "The relative URI. The relative URI must begin with \"/\" and must be a valid HTTP relative URI. It can contain a path and query string arguments. If the relative URI is empty, then the root path \"/\" will be used. No spaces are allowed, and the maximum length allowed is 2083 characters." } }, "type": "object", "required": [ "appEngineRouting", "body", "headers", "httpMethod", "relativeUri" ] }, "google-native:cloudtasks/v2:AppEngineRouting": { "description": "App Engine Routing. Defines routing characteristics specific to App Engine - service, version, and instance. For more information about services, versions, and instances see [An Overview of App Engine](https://cloud.google.com/appengine/docs/python/an-overview-of-app-engine), [Microservices Architecture on Google App Engine](https://cloud.google.com/appengine/docs/python/microservices-on-app-engine), [App Engine Standard request routing](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed), and [App Engine Flex request routing](https://cloud.google.com/appengine/docs/flexible/python/how-requests-are-routed). Using AppEngineRouting requires [`appengine.applications.get`](https://cloud.google.com/appengine/docs/admin-api/access-control) Google IAM permission for the project and the following scope: `https://www.googleapis.com/auth/cloud-platform`", "properties": { "instance": { "type": "string", "description": "App instance. By default, the task is sent to an instance which is available when the task is attempted. Requests can only be sent to a specific instance if [manual scaling is used in App Engine Standard](https://cloud.google.com/appengine/docs/python/an-overview-of-app-engine?hl=en_US#scaling_types_and_instance_classes). App Engine Flex does not support instances. For more information, see [App Engine Standard request routing](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed) and [App Engine Flex request routing](https://cloud.google.com/appengine/docs/flexible/python/how-requests-are-routed)." }, "service": { "type": "string", "description": "App service. By default, the task is sent to the service which is the default service when the task is attempted. For some queues or tasks which were created using the App Engine Task Queue API, host is not parsable into service, version, and instance. For example, some tasks which were created using the App Engine SDK use a custom domain name; custom domains are not parsed by Cloud Tasks. If host is not parsable, then service, version, and instance are the empty string." }, "version": { "type": "string", "description": "App version. By default, the task is sent to the version which is the default version when the task is attempted. For some queues or tasks which were created using the App Engine Task Queue API, host is not parsable into service, version, and instance. For example, some tasks which were created using the App Engine SDK use a custom domain name; custom domains are not parsed by Cloud Tasks. If host is not parsable, then service, version, and instance are the empty string." } }, "type": "object" }, "google-native:cloudtasks/v2:AppEngineRoutingResponse": { "description": "App Engine Routing. Defines routing characteristics specific to App Engine - service, version, and instance. For more information about services, versions, and instances see [An Overview of App Engine](https://cloud.google.com/appengine/docs/python/an-overview-of-app-engine), [Microservices Architecture on Google App Engine](https://cloud.google.com/appengine/docs/python/microservices-on-app-engine), [App Engine Standard request routing](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed), and [App Engine Flex request routing](https://cloud.google.com/appengine/docs/flexible/python/how-requests-are-routed). Using AppEngineRouting requires [`appengine.applications.get`](https://cloud.google.com/appengine/docs/admin-api/access-control) Google IAM permission for the project and the following scope: `https://www.googleapis.com/auth/cloud-platform`", "properties": { "host": { "type": "string", "description": "The host that the task is sent to. The host is constructed from the domain name of the app associated with the queue's project ID (for example .appspot.com), and the service, version, and instance. Tasks which were created using the App Engine SDK might have a custom domain name. For more information, see [How Requests are Routed](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed)." }, "instance": { "type": "string", "description": "App instance. By default, the task is sent to an instance which is available when the task is attempted. Requests can only be sent to a specific instance if [manual scaling is used in App Engine Standard](https://cloud.google.com/appengine/docs/python/an-overview-of-app-engine?hl=en_US#scaling_types_and_instance_classes). App Engine Flex does not support instances. For more information, see [App Engine Standard request routing](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed) and [App Engine Flex request routing](https://cloud.google.com/appengine/docs/flexible/python/how-requests-are-routed)." }, "service": { "type": "string", "description": "App service. By default, the task is sent to the service which is the default service when the task is attempted. For some queues or tasks which were created using the App Engine Task Queue API, host is not parsable into service, version, and instance. For example, some tasks which were created using the App Engine SDK use a custom domain name; custom domains are not parsed by Cloud Tasks. If host is not parsable, then service, version, and instance are the empty string." }, "version": { "type": "string", "description": "App version. By default, the task is sent to the version which is the default version when the task is attempted. For some queues or tasks which were created using the App Engine Task Queue API, host is not parsable into service, version, and instance. For example, some tasks which were created using the App Engine SDK use a custom domain name; custom domains are not parsed by Cloud Tasks. If host is not parsable, then service, version, and instance are the empty string." } }, "type": "object", "required": [ "host", "instance", "service", "version" ] }, "google-native:cloudtasks/v2:AttemptResponse": { "description": "The status of a task attempt.", "properties": { "dispatchTime": { "type": "string", "description": "The time that this attempt was dispatched. `dispatch_time` will be truncated to the nearest microsecond." }, "responseStatus": { "$ref": "#/types/google-native:cloudtasks%2Fv2:StatusResponse", "description": "The response from the worker for this attempt. If `response_time` is unset, then the task has not been attempted or is currently running and the `response_status` field is meaningless." }, "responseTime": { "type": "string", "description": "The time that this attempt response was received. `response_time` will be truncated to the nearest microsecond." }, "scheduleTime": { "type": "string", "description": "The time that this attempt was scheduled. `schedule_time` will be truncated to the nearest microsecond." } }, "type": "object", "required": [ "dispatchTime", "responseStatus", "responseTime", "scheduleTime" ] }, "google-native:cloudtasks/v2:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudtasks%2Fv2:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:cloudtasks/v2:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudtasks%2Fv2:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:cloudtasks/v2:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:cloudtasks/v2:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:cloudtasks/v2:Header": { "description": "Defines a header message. A header can have a key and a value.", "properties": { "key": { "type": "string", "description": "The Key of the header." }, "value": { "type": "string", "description": "The Value of the header." } }, "type": "object" }, "google-native:cloudtasks/v2:HeaderOverride": { "description": "Wraps the Header object.", "properties": { "header": { "$ref": "#/types/google-native:cloudtasks%2Fv2:Header", "description": "header embodying a key and a value." } }, "type": "object" }, "google-native:cloudtasks/v2:HeaderOverrideResponse": { "description": "Wraps the Header object.", "properties": { "header": { "$ref": "#/types/google-native:cloudtasks%2Fv2:HeaderResponse", "description": "header embodying a key and a value." } }, "type": "object", "required": [ "header" ] }, "google-native:cloudtasks/v2:HeaderResponse": { "description": "Defines a header message. A header can have a key and a value.", "properties": { "key": { "type": "string", "description": "The Key of the header." }, "value": { "type": "string", "description": "The Value of the header." } }, "type": "object", "required": [ "key", "value" ] }, "google-native:cloudtasks/v2:HttpRequest": { "description": "HTTP request. The task will be pushed to the worker as an HTTP request. If the worker or the redirected worker acknowledges the task by returning a successful HTTP response code ([`200` - `299`]), the task will be removed from the queue. If any other HTTP response code is returned or no response is received, the task will be retried according to the following: * User-specified throttling: retry configuration, rate limits, and the queue's state. * System throttling: To prevent the worker from overloading, Cloud Tasks may temporarily reduce the queue's effective rate. User-specified settings will not be changed. System throttling happens because: * Cloud Tasks backs off on all errors. Normally the backoff specified in rate limits will be used. But if the worker returns `429` (Too Many Requests), `503` (Service Unavailable), or the rate of errors is high, Cloud Tasks will use a higher backoff rate. The retry specified in the `Retry-After` HTTP response header is considered. * To prevent traffic spikes and to smooth sudden increases in traffic, dispatches ramp up slowly when the queue is newly created or idle and if large numbers of tasks suddenly become available to dispatch (due to spikes in create task rates, the queue being unpaused, or many tasks that are scheduled at the same time).", "properties": { "body": { "type": "string", "description": "HTTP request body. A request body is allowed only if the HTTP method is POST, PUT, or PATCH. It is an error to set body on a task with an incompatible HttpMethod." }, "headers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "HTTP request headers. This map contains the header field names and values. Headers can be set when the task is created. These headers represent a subset of the headers that will accompany the task's HTTP request. Some HTTP request headers will be ignored or replaced. A partial list of headers that will be ignored or replaced is: * Host: This will be computed by Cloud Tasks and derived from HttpRequest.url. * Content-Length: This will be computed by Cloud Tasks. * User-Agent: This will be set to `\"Google-Cloud-Tasks\"`. * `X-Google-*`: Google use only. * `X-AppEngine-*`: Google use only. `Content-Type` won't be set by Cloud Tasks. You can explicitly set `Content-Type` to a media type when the task is created. For example, `Content-Type` can be set to `\"application/octet-stream\"` or `\"application/json\"`. Headers which can have multiple values (according to RFC2616) can be specified using comma-separated values. The size of the headers must be less than 80KB." }, "httpMethod": { "$ref": "#/types/google-native:cloudtasks%2Fv2:HttpRequestHttpMethod", "description": "The HTTP method to use for the request. The default is POST." }, "oauthToken": { "$ref": "#/types/google-native:cloudtasks%2Fv2:OAuthToken", "description": "If specified, an [OAuth token](https://developers.google.com/identity/protocols/OAuth2) will be generated and attached as an `Authorization` header in the HTTP request. This type of authorization should generally only be used when calling Google APIs hosted on *.googleapis.com." }, "oidcToken": { "$ref": "#/types/google-native:cloudtasks%2Fv2:OidcToken", "description": "If specified, an [OIDC](https://developers.google.com/identity/protocols/OpenIDConnect) token will be generated and attached as an `Authorization` header in the HTTP request. This type of authorization can be used for many scenarios, including calling Cloud Run, or endpoints where you intend to validate the token yourself." }, "url": { "type": "string", "description": "The full url path that the request will be sent to. This string must begin with either \"http://\" or \"https://\". Some examples are: `http://acme.com` and `https://acme.com/sales:8080`. Cloud Tasks will encode some characters for safety and compatibility. The maximum allowed URL length is 2083 characters after encoding. The `Location` header response from a redirect response [`300` - `399`] may be followed. The redirect is not counted as a separate attempt." } }, "type": "object", "required": [ "url" ] }, "google-native:cloudtasks/v2:HttpRequestHttpMethod": { "description": "The HTTP method to use for the request. The default is POST.", "type": "string", "enum": [ { "name": "HttpMethodUnspecified", "description": "HTTP method unspecified", "value": "HTTP_METHOD_UNSPECIFIED" }, { "name": "Post", "description": "HTTP POST", "value": "POST" }, { "name": "Get", "description": "HTTP GET", "value": "GET" }, { "name": "Head", "description": "HTTP HEAD", "value": "HEAD" }, { "name": "Put", "description": "HTTP PUT", "value": "PUT" }, { "name": "Delete", "description": "HTTP DELETE", "value": "DELETE" }, { "name": "Patch", "description": "HTTP PATCH", "value": "PATCH" }, { "name": "Options", "description": "HTTP OPTIONS", "value": "OPTIONS" } ] }, "google-native:cloudtasks/v2:HttpRequestResponse": { "description": "HTTP request. The task will be pushed to the worker as an HTTP request. If the worker or the redirected worker acknowledges the task by returning a successful HTTP response code ([`200` - `299`]), the task will be removed from the queue. If any other HTTP response code is returned or no response is received, the task will be retried according to the following: * User-specified throttling: retry configuration, rate limits, and the queue's state. * System throttling: To prevent the worker from overloading, Cloud Tasks may temporarily reduce the queue's effective rate. User-specified settings will not be changed. System throttling happens because: * Cloud Tasks backs off on all errors. Normally the backoff specified in rate limits will be used. But if the worker returns `429` (Too Many Requests), `503` (Service Unavailable), or the rate of errors is high, Cloud Tasks will use a higher backoff rate. The retry specified in the `Retry-After` HTTP response header is considered. * To prevent traffic spikes and to smooth sudden increases in traffic, dispatches ramp up slowly when the queue is newly created or idle and if large numbers of tasks suddenly become available to dispatch (due to spikes in create task rates, the queue being unpaused, or many tasks that are scheduled at the same time).", "properties": { "body": { "type": "string", "description": "HTTP request body. A request body is allowed only if the HTTP method is POST, PUT, or PATCH. It is an error to set body on a task with an incompatible HttpMethod." }, "headers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "HTTP request headers. This map contains the header field names and values. Headers can be set when the task is created. These headers represent a subset of the headers that will accompany the task's HTTP request. Some HTTP request headers will be ignored or replaced. A partial list of headers that will be ignored or replaced is: * Host: This will be computed by Cloud Tasks and derived from HttpRequest.url. * Content-Length: This will be computed by Cloud Tasks. * User-Agent: This will be set to `\"Google-Cloud-Tasks\"`. * `X-Google-*`: Google use only. * `X-AppEngine-*`: Google use only. `Content-Type` won't be set by Cloud Tasks. You can explicitly set `Content-Type` to a media type when the task is created. For example, `Content-Type` can be set to `\"application/octet-stream\"` or `\"application/json\"`. Headers which can have multiple values (according to RFC2616) can be specified using comma-separated values. The size of the headers must be less than 80KB." }, "httpMethod": { "type": "string", "description": "The HTTP method to use for the request. The default is POST." }, "oauthToken": { "$ref": "#/types/google-native:cloudtasks%2Fv2:OAuthTokenResponse", "description": "If specified, an [OAuth token](https://developers.google.com/identity/protocols/OAuth2) will be generated and attached as an `Authorization` header in the HTTP request. This type of authorization should generally only be used when calling Google APIs hosted on *.googleapis.com." }, "oidcToken": { "$ref": "#/types/google-native:cloudtasks%2Fv2:OidcTokenResponse", "description": "If specified, an [OIDC](https://developers.google.com/identity/protocols/OpenIDConnect) token will be generated and attached as an `Authorization` header in the HTTP request. This type of authorization can be used for many scenarios, including calling Cloud Run, or endpoints where you intend to validate the token yourself." }, "url": { "type": "string", "description": "The full url path that the request will be sent to. This string must begin with either \"http://\" or \"https://\". Some examples are: `http://acme.com` and `https://acme.com/sales:8080`. Cloud Tasks will encode some characters for safety and compatibility. The maximum allowed URL length is 2083 characters after encoding. The `Location` header response from a redirect response [`300` - `399`] may be followed. The redirect is not counted as a separate attempt." } }, "type": "object", "required": [ "body", "headers", "httpMethod", "oauthToken", "oidcToken", "url" ] }, "google-native:cloudtasks/v2:HttpTarget": { "description": "HTTP target. When specified as a Queue, all the tasks with [HttpRequest] will be overridden according to the target.", "properties": { "headerOverrides": { "type": "array", "items": { "$ref": "#/types/google-native:cloudtasks%2Fv2:HeaderOverride" }, "description": "HTTP target headers. This map contains the header field names and values. Headers will be set when running the CreateTask and/or BufferTask. These headers represent a subset of the headers that will be configured for the task's HTTP request. Some HTTP request headers will be ignored or replaced. A partial list of headers that will be ignored or replaced is: * Several predefined headers, prefixed with \"X-CloudTasks-\", can be used to define properties of the task. * Host: This will be computed by Cloud Tasks and derived from HttpRequest.url. * Content-Length: This will be computed by Cloud Tasks. `Content-Type` won't be set by Cloud Tasks. You can explicitly set `Content-Type` to a media type when the task is created. For example,`Content-Type` can be set to `\"application/octet-stream\"` or `\"application/json\"`. The default value is set to \"application/json\"`. * User-Agent: This will be set to `\"Google-Cloud-Tasks\"`. Headers which can have multiple values (according to RFC2616) can be specified using comma-separated values. The size of the headers must be less than 80KB. Queue-level headers to override headers of all the tasks in the queue." }, "httpMethod": { "$ref": "#/types/google-native:cloudtasks%2Fv2:HttpTargetHttpMethod", "description": "The HTTP method to use for the request. When specified, it overrides HttpRequest for the task. Note that if the value is set to HttpMethod the HttpRequest of the task will be ignored at execution time." }, "oauthToken": { "$ref": "#/types/google-native:cloudtasks%2Fv2:OAuthToken", "description": "If specified, an [OAuth token](https://developers.google.com/identity/protocols/OAuth2) will be generated and attached as the `Authorization` header in the HTTP request. This type of authorization should generally only be used when calling Google APIs hosted on *.googleapis.com." }, "oidcToken": { "$ref": "#/types/google-native:cloudtasks%2Fv2:OidcToken", "description": "If specified, an [OIDC](https://developers.google.com/identity/protocols/OpenIDConnect) token will be generated and attached as an `Authorization` header in the HTTP request. This type of authorization can be used for many scenarios, including calling Cloud Run, or endpoints where you intend to validate the token yourself." }, "uriOverride": { "$ref": "#/types/google-native:cloudtasks%2Fv2:UriOverride", "description": "URI override. When specified, overrides the execution URI for all the tasks in the queue." } }, "type": "object" }, "google-native:cloudtasks/v2:HttpTargetHttpMethod": { "description": "The HTTP method to use for the request. When specified, it overrides HttpRequest for the task. Note that if the value is set to HttpMethod the HttpRequest of the task will be ignored at execution time.", "type": "string", "enum": [ { "name": "HttpMethodUnspecified", "description": "HTTP method unspecified", "value": "HTTP_METHOD_UNSPECIFIED" }, { "name": "Post", "description": "HTTP POST", "value": "POST" }, { "name": "Get", "description": "HTTP GET", "value": "GET" }, { "name": "Head", "description": "HTTP HEAD", "value": "HEAD" }, { "name": "Put", "description": "HTTP PUT", "value": "PUT" }, { "name": "Delete", "description": "HTTP DELETE", "value": "DELETE" }, { "name": "Patch", "description": "HTTP PATCH", "value": "PATCH" }, { "name": "Options", "description": "HTTP OPTIONS", "value": "OPTIONS" } ] }, "google-native:cloudtasks/v2:HttpTargetResponse": { "description": "HTTP target. When specified as a Queue, all the tasks with [HttpRequest] will be overridden according to the target.", "properties": { "headerOverrides": { "type": "array", "items": { "$ref": "#/types/google-native:cloudtasks%2Fv2:HeaderOverrideResponse" }, "description": "HTTP target headers. This map contains the header field names and values. Headers will be set when running the CreateTask and/or BufferTask. These headers represent a subset of the headers that will be configured for the task's HTTP request. Some HTTP request headers will be ignored or replaced. A partial list of headers that will be ignored or replaced is: * Several predefined headers, prefixed with \"X-CloudTasks-\", can be used to define properties of the task. * Host: This will be computed by Cloud Tasks and derived from HttpRequest.url. * Content-Length: This will be computed by Cloud Tasks. `Content-Type` won't be set by Cloud Tasks. You can explicitly set `Content-Type` to a media type when the task is created. For example,`Content-Type` can be set to `\"application/octet-stream\"` or `\"application/json\"`. The default value is set to \"application/json\"`. * User-Agent: This will be set to `\"Google-Cloud-Tasks\"`. Headers which can have multiple values (according to RFC2616) can be specified using comma-separated values. The size of the headers must be less than 80KB. Queue-level headers to override headers of all the tasks in the queue." }, "httpMethod": { "type": "string", "description": "The HTTP method to use for the request. When specified, it overrides HttpRequest for the task. Note that if the value is set to HttpMethod the HttpRequest of the task will be ignored at execution time." }, "oauthToken": { "$ref": "#/types/google-native:cloudtasks%2Fv2:OAuthTokenResponse", "description": "If specified, an [OAuth token](https://developers.google.com/identity/protocols/OAuth2) will be generated and attached as the `Authorization` header in the HTTP request. This type of authorization should generally only be used when calling Google APIs hosted on *.googleapis.com." }, "oidcToken": { "$ref": "#/types/google-native:cloudtasks%2Fv2:OidcTokenResponse", "description": "If specified, an [OIDC](https://developers.google.com/identity/protocols/OpenIDConnect) token will be generated and attached as an `Authorization` header in the HTTP request. This type of authorization can be used for many scenarios, including calling Cloud Run, or endpoints where you intend to validate the token yourself." }, "uriOverride": { "$ref": "#/types/google-native:cloudtasks%2Fv2:UriOverrideResponse", "description": "URI override. When specified, overrides the execution URI for all the tasks in the queue." } }, "type": "object", "required": [ "headerOverrides", "httpMethod", "oauthToken", "oidcToken", "uriOverride" ] }, "google-native:cloudtasks/v2:OAuthToken": { "description": "Contains information needed for generating an [OAuth token](https://developers.google.com/identity/protocols/OAuth2). This type of authorization should generally only be used when calling Google APIs hosted on *.googleapis.com.", "properties": { "scope": { "type": "string", "description": "OAuth scope to be used for generating OAuth access token. If not specified, \"https://www.googleapis.com/auth/cloud-platform\" will be used." }, "serviceAccountEmail": { "type": "string", "description": "[Service account email](https://cloud.google.com/iam/docs/service-accounts) to be used for generating OAuth token. The service account must be within the same project as the queue. The caller must have iam.serviceAccounts.actAs permission for the service account." } }, "type": "object" }, "google-native:cloudtasks/v2:OAuthTokenResponse": { "description": "Contains information needed for generating an [OAuth token](https://developers.google.com/identity/protocols/OAuth2). This type of authorization should generally only be used when calling Google APIs hosted on *.googleapis.com.", "properties": { "scope": { "type": "string", "description": "OAuth scope to be used for generating OAuth access token. If not specified, \"https://www.googleapis.com/auth/cloud-platform\" will be used." }, "serviceAccountEmail": { "type": "string", "description": "[Service account email](https://cloud.google.com/iam/docs/service-accounts) to be used for generating OAuth token. The service account must be within the same project as the queue. The caller must have iam.serviceAccounts.actAs permission for the service account." } }, "type": "object", "required": [ "scope", "serviceAccountEmail" ] }, "google-native:cloudtasks/v2:OidcToken": { "description": "Contains information needed for generating an [OpenID Connect token](https://developers.google.com/identity/protocols/OpenIDConnect). This type of authorization can be used for many scenarios, including calling Cloud Run, or endpoints where you intend to validate the token yourself.", "properties": { "audience": { "type": "string", "description": "Audience to be used when generating OIDC token. If not specified, the URI specified in target will be used." }, "serviceAccountEmail": { "type": "string", "description": "[Service account email](https://cloud.google.com/iam/docs/service-accounts) to be used for generating OIDC token. The service account must be within the same project as the queue. The caller must have iam.serviceAccounts.actAs permission for the service account." } }, "type": "object" }, "google-native:cloudtasks/v2:OidcTokenResponse": { "description": "Contains information needed for generating an [OpenID Connect token](https://developers.google.com/identity/protocols/OpenIDConnect). This type of authorization can be used for many scenarios, including calling Cloud Run, or endpoints where you intend to validate the token yourself.", "properties": { "audience": { "type": "string", "description": "Audience to be used when generating OIDC token. If not specified, the URI specified in target will be used." }, "serviceAccountEmail": { "type": "string", "description": "[Service account email](https://cloud.google.com/iam/docs/service-accounts) to be used for generating OIDC token. The service account must be within the same project as the queue. The caller must have iam.serviceAccounts.actAs permission for the service account." } }, "type": "object", "required": [ "audience", "serviceAccountEmail" ] }, "google-native:cloudtasks/v2:PathOverride": { "description": "PathOverride. Path message defines path override for HTTP targets.", "properties": { "path": { "type": "string", "description": "The URI path (e.g., /users/1234). Default is an empty string." } }, "type": "object" }, "google-native:cloudtasks/v2:PathOverrideResponse": { "description": "PathOverride. Path message defines path override for HTTP targets.", "properties": { "path": { "type": "string", "description": "The URI path (e.g., /users/1234). Default is an empty string." } }, "type": "object", "required": [ "path" ] }, "google-native:cloudtasks/v2:QueryOverride": { "description": "QueryOverride. Query message defines query override for HTTP targets.", "properties": { "queryParams": { "type": "string", "description": "The query parameters (e.g., qparam1=123&qparam2=456). Default is an empty string." } }, "type": "object" }, "google-native:cloudtasks/v2:QueryOverrideResponse": { "description": "QueryOverride. Query message defines query override for HTTP targets.", "properties": { "queryParams": { "type": "string", "description": "The query parameters (e.g., qparam1=123&qparam2=456). Default is an empty string." } }, "type": "object", "required": [ "queryParams" ] }, "google-native:cloudtasks/v2:RateLimits": { "description": "Rate limits. This message determines the maximum rate that tasks can be dispatched by a queue, regardless of whether the dispatch is a first task attempt or a retry. Note: The debugging command, RunTask, will run a task even if the queue has reached its RateLimits.", "properties": { "maxConcurrentDispatches": { "type": "integer", "description": "The maximum number of concurrent tasks that Cloud Tasks allows to be dispatched for this queue. After this threshold has been reached, Cloud Tasks stops dispatching tasks until the number of concurrent requests decreases. If unspecified when the queue is created, Cloud Tasks will pick the default. The maximum allowed value is 5,000. This field has the same meaning as [max_concurrent_requests in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#max_concurrent_requests)." }, "maxDispatchesPerSecond": { "type": "number", "description": "The maximum rate at which tasks are dispatched from this queue. If unspecified when the queue is created, Cloud Tasks will pick the default. * The maximum allowed value is 500. This field has the same meaning as [rate in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#rate)." } }, "type": "object" }, "google-native:cloudtasks/v2:RateLimitsResponse": { "description": "Rate limits. This message determines the maximum rate that tasks can be dispatched by a queue, regardless of whether the dispatch is a first task attempt or a retry. Note: The debugging command, RunTask, will run a task even if the queue has reached its RateLimits.", "properties": { "maxBurstSize": { "type": "integer", "description": "The max burst size. Max burst size limits how fast tasks in queue are processed when many tasks are in the queue and the rate is high. This field allows the queue to have a high rate so processing starts shortly after a task is enqueued, but still limits resource usage when many tasks are enqueued in a short period of time. The [token bucket](https://wikipedia.org/wiki/Token_Bucket) algorithm is used to control the rate of task dispatches. Each queue has a token bucket that holds tokens, up to the maximum specified by `max_burst_size`. Each time a task is dispatched, a token is removed from the bucket. Tasks will be dispatched until the queue's bucket runs out of tokens. The bucket will be continuously refilled with new tokens based on max_dispatches_per_second. Cloud Tasks will pick the value of `max_burst_size` based on the value of max_dispatches_per_second. For queues that were created or updated using `queue.yaml/xml`, `max_burst_size` is equal to [bucket_size](https://cloud.google.com/appengine/docs/standard/python/config/queueref#bucket_size). Since `max_burst_size` is output only, if UpdateQueue is called on a queue created by `queue.yaml/xml`, `max_burst_size` will be reset based on the value of max_dispatches_per_second, regardless of whether max_dispatches_per_second is updated. " }, "maxConcurrentDispatches": { "type": "integer", "description": "The maximum number of concurrent tasks that Cloud Tasks allows to be dispatched for this queue. After this threshold has been reached, Cloud Tasks stops dispatching tasks until the number of concurrent requests decreases. If unspecified when the queue is created, Cloud Tasks will pick the default. The maximum allowed value is 5,000. This field has the same meaning as [max_concurrent_requests in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#max_concurrent_requests)." }, "maxDispatchesPerSecond": { "type": "number", "description": "The maximum rate at which tasks are dispatched from this queue. If unspecified when the queue is created, Cloud Tasks will pick the default. * The maximum allowed value is 500. This field has the same meaning as [rate in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#rate)." } }, "type": "object", "required": [ "maxBurstSize", "maxConcurrentDispatches", "maxDispatchesPerSecond" ] }, "google-native:cloudtasks/v2:RetryConfig": { "description": "Retry config. These settings determine when a failed task attempt is retried.", "properties": { "maxAttempts": { "type": "integer", "description": "Number of attempts per task. Cloud Tasks will attempt the task `max_attempts` times (that is, if the first attempt fails, then there will be `max_attempts - 1` retries). Must be >= -1. If unspecified when the queue is created, Cloud Tasks will pick the default. -1 indicates unlimited attempts. This field has the same meaning as [task_retry_limit in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters)." }, "maxBackoff": { "type": "string", "description": "A task will be scheduled for retry between min_backoff and max_backoff duration after it fails, if the queue's RetryConfig specifies that the task should be retried. If unspecified when the queue is created, Cloud Tasks will pick the default. The value must be given as a string that indicates the length of time (in seconds) followed by `s` (for \"seconds\"). For more information on the format, see the documentation for [Duration](https://protobuf.dev/reference/protobuf/google.protobuf/#duration). `max_backoff` will be truncated to the nearest second. This field has the same meaning as [max_backoff_seconds in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters)." }, "maxDoublings": { "type": "integer", "description": "The time between retries will double `max_doublings` times. A task's retry interval starts at min_backoff, then doubles `max_doublings` times, then increases linearly, and finally retries at intervals of max_backoff up to max_attempts times. For example, if min_backoff is 10s, max_backoff is 300s, and `max_doublings` is 3, then the a task will first be retried in 10s. The retry interval will double three times, and then increase linearly by 2^3 * 10s. Finally, the task will retry at intervals of max_backoff until the task has been attempted max_attempts times. Thus, the requests will retry at 10s, 20s, 40s, 80s, 160s, 240s, 300s, 300s, .... If unspecified when the queue is created, Cloud Tasks will pick the default. This field has the same meaning as [max_doublings in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters)." }, "maxRetryDuration": { "type": "string", "description": "If positive, `max_retry_duration` specifies the time limit for retrying a failed task, measured from when the task was first attempted. Once `max_retry_duration` time has passed *and* the task has been attempted max_attempts times, no further attempts will be made and the task will be deleted. If zero, then the task age is unlimited. If unspecified when the queue is created, Cloud Tasks will pick the default. The value must be given as a string that indicates the length of time (in seconds) followed by `s` (for \"seconds\"). For the maximum possible value or the format, see the documentation for [Duration](https://protobuf.dev/reference/protobuf/google.protobuf/#duration). `max_retry_duration` will be truncated to the nearest second. This field has the same meaning as [task_age_limit in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters)." }, "minBackoff": { "type": "string", "description": "A task will be scheduled for retry between min_backoff and max_backoff duration after it fails, if the queue's RetryConfig specifies that the task should be retried. If unspecified when the queue is created, Cloud Tasks will pick the default. The value must be given as a string that indicates the length of time (in seconds) followed by `s` (for \"seconds\"). For more information on the format, see the documentation for [Duration](https://protobuf.dev/reference/protobuf/google.protobuf/#duration). `min_backoff` will be truncated to the nearest second. This field has the same meaning as [min_backoff_seconds in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters)." } }, "type": "object" }, "google-native:cloudtasks/v2:RetryConfigResponse": { "description": "Retry config. These settings determine when a failed task attempt is retried.", "properties": { "maxAttempts": { "type": "integer", "description": "Number of attempts per task. Cloud Tasks will attempt the task `max_attempts` times (that is, if the first attempt fails, then there will be `max_attempts - 1` retries). Must be >= -1. If unspecified when the queue is created, Cloud Tasks will pick the default. -1 indicates unlimited attempts. This field has the same meaning as [task_retry_limit in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters)." }, "maxBackoff": { "type": "string", "description": "A task will be scheduled for retry between min_backoff and max_backoff duration after it fails, if the queue's RetryConfig specifies that the task should be retried. If unspecified when the queue is created, Cloud Tasks will pick the default. The value must be given as a string that indicates the length of time (in seconds) followed by `s` (for \"seconds\"). For more information on the format, see the documentation for [Duration](https://protobuf.dev/reference/protobuf/google.protobuf/#duration). `max_backoff` will be truncated to the nearest second. This field has the same meaning as [max_backoff_seconds in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters)." }, "maxDoublings": { "type": "integer", "description": "The time between retries will double `max_doublings` times. A task's retry interval starts at min_backoff, then doubles `max_doublings` times, then increases linearly, and finally retries at intervals of max_backoff up to max_attempts times. For example, if min_backoff is 10s, max_backoff is 300s, and `max_doublings` is 3, then the a task will first be retried in 10s. The retry interval will double three times, and then increase linearly by 2^3 * 10s. Finally, the task will retry at intervals of max_backoff until the task has been attempted max_attempts times. Thus, the requests will retry at 10s, 20s, 40s, 80s, 160s, 240s, 300s, 300s, .... If unspecified when the queue is created, Cloud Tasks will pick the default. This field has the same meaning as [max_doublings in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters)." }, "maxRetryDuration": { "type": "string", "description": "If positive, `max_retry_duration` specifies the time limit for retrying a failed task, measured from when the task was first attempted. Once `max_retry_duration` time has passed *and* the task has been attempted max_attempts times, no further attempts will be made and the task will be deleted. If zero, then the task age is unlimited. If unspecified when the queue is created, Cloud Tasks will pick the default. The value must be given as a string that indicates the length of time (in seconds) followed by `s` (for \"seconds\"). For the maximum possible value or the format, see the documentation for [Duration](https://protobuf.dev/reference/protobuf/google.protobuf/#duration). `max_retry_duration` will be truncated to the nearest second. This field has the same meaning as [task_age_limit in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters)." }, "minBackoff": { "type": "string", "description": "A task will be scheduled for retry between min_backoff and max_backoff duration after it fails, if the queue's RetryConfig specifies that the task should be retried. If unspecified when the queue is created, Cloud Tasks will pick the default. The value must be given as a string that indicates the length of time (in seconds) followed by `s` (for \"seconds\"). For more information on the format, see the documentation for [Duration](https://protobuf.dev/reference/protobuf/google.protobuf/#duration). `min_backoff` will be truncated to the nearest second. This field has the same meaning as [min_backoff_seconds in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters)." } }, "type": "object", "required": [ "maxAttempts", "maxBackoff", "maxDoublings", "maxRetryDuration", "minBackoff" ] }, "google-native:cloudtasks/v2:StackdriverLoggingConfig": { "description": "Configuration options for writing logs to [Stackdriver Logging](https://cloud.google.com/logging/docs/).", "properties": { "samplingRatio": { "type": "number", "description": "Specifies the fraction of operations to write to [Stackdriver Logging](https://cloud.google.com/logging/docs/). This field may contain any value between 0.0 and 1.0, inclusive. 0.0 is the default and means that no operations are logged." } }, "type": "object" }, "google-native:cloudtasks/v2:StackdriverLoggingConfigResponse": { "description": "Configuration options for writing logs to [Stackdriver Logging](https://cloud.google.com/logging/docs/).", "properties": { "samplingRatio": { "type": "number", "description": "Specifies the fraction of operations to write to [Stackdriver Logging](https://cloud.google.com/logging/docs/). This field may contain any value between 0.0 and 1.0, inclusive. 0.0 is the default and means that no operations are logged." } }, "type": "object", "required": [ "samplingRatio" ] }, "google-native:cloudtasks/v2:StatusResponse": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object", "required": [ "code", "details", "message" ] }, "google-native:cloudtasks/v2:TaskResponseView": { "description": "The response_view specifies which subset of the Task will be returned. By default response_view is BASIC; not all information is retrieved by default because some data, such as payloads, might be desirable to return only when needed because of its large size or because of the sensitivity of data that it contains. Authorization for FULL requires `cloudtasks.tasks.fullView` [Google IAM](https://cloud.google.com/iam/) permission on the Task resource.", "type": "string", "enum": [ { "name": "ViewUnspecified", "description": "Unspecified. Defaults to BASIC.", "value": "VIEW_UNSPECIFIED" }, { "name": "Basic", "description": "The basic view omits fields which can be large or can contain sensitive data. This view does not include the body in AppEngineHttpRequest. Bodies are desirable to return only when needed, because they can be large and because of the sensitivity of the data that you choose to store in it.", "value": "BASIC" }, { "name": "Full", "description": "All information is returned. Authorization for FULL requires `cloudtasks.tasks.fullView` [Google IAM](https://cloud.google.com/iam/) permission on the Queue resource.", "value": "FULL" } ] }, "google-native:cloudtasks/v2:UriOverride": { "description": "URI Override. When specified, all the HTTP tasks inside the queue will be partially or fully overridden depending on the configured values.", "properties": { "host": { "type": "string", "description": "Host override. When specified, replaces the host part of the task URL. For example, if the task URL is \"https://www.google.com,\" and host value is set to \"example.net\", the overridden URI will be changed to \"https://example.net.\" Host value cannot be an empty string (INVALID_ARGUMENT)." }, "pathOverride": { "$ref": "#/types/google-native:cloudtasks%2Fv2:PathOverride", "description": "URI path. When specified, replaces the existing path of the task URL. Setting the path value to an empty string clears the URI path segment." }, "port": { "type": "string", "description": "Port override. When specified, replaces the port part of the task URI. For instance, for a URI http://www.google.com/foo and port=123, the overridden URI becomes http://www.google.com:123/foo. Note that the port value must be a positive integer. Setting the port to 0 (Zero) clears the URI port." }, "queryOverride": { "$ref": "#/types/google-native:cloudtasks%2Fv2:QueryOverride", "description": "URI query. When specified, replaces the query part of the task URI. Setting the query value to an empty string clears the URI query segment." }, "scheme": { "$ref": "#/types/google-native:cloudtasks%2Fv2:UriOverrideScheme", "description": "Scheme override. When specified, the task URI scheme is replaced by the provided value (HTTP or HTTPS)." }, "uriOverrideEnforceMode": { "$ref": "#/types/google-native:cloudtasks%2Fv2:UriOverrideUriOverrideEnforceMode", "description": "URI Override Enforce Mode When specified, determines the Target UriOverride mode. If not specified, it defaults to ALWAYS." } }, "type": "object" }, "google-native:cloudtasks/v2:UriOverrideResponse": { "description": "URI Override. When specified, all the HTTP tasks inside the queue will be partially or fully overridden depending on the configured values.", "properties": { "host": { "type": "string", "description": "Host override. When specified, replaces the host part of the task URL. For example, if the task URL is \"https://www.google.com,\" and host value is set to \"example.net\", the overridden URI will be changed to \"https://example.net.\" Host value cannot be an empty string (INVALID_ARGUMENT)." }, "pathOverride": { "$ref": "#/types/google-native:cloudtasks%2Fv2:PathOverrideResponse", "description": "URI path. When specified, replaces the existing path of the task URL. Setting the path value to an empty string clears the URI path segment." }, "port": { "type": "string", "description": "Port override. When specified, replaces the port part of the task URI. For instance, for a URI http://www.google.com/foo and port=123, the overridden URI becomes http://www.google.com:123/foo. Note that the port value must be a positive integer. Setting the port to 0 (Zero) clears the URI port." }, "queryOverride": { "$ref": "#/types/google-native:cloudtasks%2Fv2:QueryOverrideResponse", "description": "URI query. When specified, replaces the query part of the task URI. Setting the query value to an empty string clears the URI query segment." }, "scheme": { "type": "string", "description": "Scheme override. When specified, the task URI scheme is replaced by the provided value (HTTP or HTTPS)." }, "uriOverrideEnforceMode": { "type": "string", "description": "URI Override Enforce Mode When specified, determines the Target UriOverride mode. If not specified, it defaults to ALWAYS." } }, "type": "object", "required": [ "host", "pathOverride", "port", "queryOverride", "scheme", "uriOverrideEnforceMode" ] }, "google-native:cloudtasks/v2:UriOverrideScheme": { "description": "Scheme override. When specified, the task URI scheme is replaced by the provided value (HTTP or HTTPS).", "type": "string", "enum": [ { "name": "SchemeUnspecified", "description": "Scheme unspecified. Defaults to HTTPS.", "value": "SCHEME_UNSPECIFIED" }, { "name": "Http", "description": "Convert the scheme to HTTP, e.g., https://www.google.ca will change to http://www.google.ca.", "value": "HTTP" }, { "name": "Https", "description": "Convert the scheme to HTTPS, e.g., http://www.google.ca will change to https://www.google.ca.", "value": "HTTPS" } ] }, "google-native:cloudtasks/v2:UriOverrideUriOverrideEnforceMode": { "description": "URI Override Enforce Mode When specified, determines the Target UriOverride mode. If not specified, it defaults to ALWAYS.", "type": "string", "enum": [ { "name": "UriOverrideEnforceModeUnspecified", "description": "UriOverrideEnforceMode Unspecified. Defaults to ALWAYS.", "value": "URI_OVERRIDE_ENFORCE_MODE_UNSPECIFIED" }, { "name": "IfNotExists", "description": "In the IF_NOT_EXISTS mode, queue-level configuration is only applied where task-level configuration does not exist.", "value": "IF_NOT_EXISTS" }, { "name": "Always", "description": "In the ALWAYS mode, queue-level configuration overrides all task-level configuration", "value": "ALWAYS" } ] }, "google-native:cloudtasks/v2beta2:AppEngineHttpRequest": { "description": "App Engine HTTP request. The message defines the HTTP request that is sent to an App Engine app when the task is dispatched. This proto can only be used for tasks in a queue which has app_engine_http_target set. Using AppEngineHttpRequest requires [`appengine.applications.get`](https://cloud.google.com/appengine/docs/admin-api/access-control) Google IAM permission for the project and the following scope: `https://www.googleapis.com/auth/cloud-platform` The task will be delivered to the App Engine app which belongs to the same project as the queue. For more information, see [How Requests are Routed](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed) and how routing is affected by [dispatch files](https://cloud.google.com/appengine/docs/python/config/dispatchref). Traffic is encrypted during transport and never leaves Google datacenters. Because this traffic is carried over a communication mechanism internal to Google, you cannot explicitly set the protocol (for example, HTTP or HTTPS). The request to the handler, however, will appear to have used the HTTP protocol. The AppEngineRouting used to construct the URL that the task is delivered to can be set at the queue-level or task-level: * If set, app_engine_routing_override is used for all tasks in the queue, no matter what the setting is for the task-level app_engine_routing. The `url` that the task will be sent to is: * `url =` host `+` relative_url Tasks can be dispatched to secure app handlers, unsecure app handlers, and URIs restricted with [`login: admin`](https://cloud.google.com/appengine/docs/standard/python/config/appref). Because tasks are not run as any user, they cannot be dispatched to URIs restricted with [`login: required`](https://cloud.google.com/appengine/docs/standard/python/config/appref) Task dispatches also do not follow redirects. The task attempt has succeeded if the app's request handler returns an HTTP response code in the range [`200` - `299`]. The task attempt has failed if the app's handler returns a non-2xx response code or Cloud Tasks does not receive response before the deadline. Failed tasks will be retried according to the retry configuration. `503` (Service Unavailable) is considered an App Engine system error instead of an application error and will cause Cloud Tasks' traffic congestion control to temporarily throttle the queue's dispatches. Unlike other types of task targets, a `429` (Too Many Requests) response from an app handler does not cause traffic congestion control to throttle the queue.", "properties": { "appEngineRouting": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:AppEngineRouting", "description": "Task-level setting for App Engine routing. If set, app_engine_routing_override is used for all tasks in the queue, no matter what the setting is for the task-level app_engine_routing." }, "headers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "HTTP request headers. This map contains the header field names and values. Headers can be set when the task is created. Repeated headers are not supported but a header value can contain commas. Cloud Tasks sets some headers to default values: * `User-Agent`: By default, this header is `\"AppEngine-Google; (+http://code.google.com/appengine)\"`. This header can be modified, but Cloud Tasks will append `\"AppEngine-Google; (+http://code.google.com/appengine)\"` to the modified `User-Agent`. If the task has a payload, Cloud Tasks sets the following headers: * `Content-Type`: By default, the `Content-Type` header is set to `\"application/octet-stream\"`. The default can be overridden by explicitly setting `Content-Type` to a particular media type when the task is created. For example, `Content-Type` can be set to `\"application/json\"`. * `Content-Length`: This is computed by Cloud Tasks. This value is output only. It cannot be changed. The headers below cannot be set or overridden: * `Host` * `X-Google-*` * `X-AppEngine-*` In addition, Cloud Tasks sets some headers when the task is dispatched, such as headers containing information about the task; see [request headers](https://cloud.google.com/appengine/docs/python/taskqueue/push/creating-handlers#reading_request_headers). These headers are set only when the task is dispatched, so they are not visible when the task is returned in a Cloud Tasks response. Although there is no specific limit for the maximum number of headers or the size, there is a limit on the maximum size of the Task. For more information, see the CreateTask documentation." }, "httpMethod": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:AppEngineHttpRequestHttpMethod", "description": "The HTTP method to use for the request. The default is POST. The app's request handler for the task's target URL must be able to handle HTTP requests with this http_method, otherwise the task attempt fails with error code 405 (Method Not Allowed). See [Writing a push task request handler](https://cloud.google.com/appengine/docs/java/taskqueue/push/creating-handlers#writing_a_push_task_request_handler) and the App Engine documentation for your runtime on [How Requests are Handled](https://cloud.google.com/appengine/docs/standard/python3/how-requests-are-handled)." }, "payload": { "type": "string", "description": "Payload. The payload will be sent as the HTTP message body. A message body, and thus a payload, is allowed only if the HTTP method is POST or PUT. It is an error to set a data payload on a task with an incompatible HttpMethod." }, "relativeUrl": { "type": "string", "description": "The relative URL. The relative URL must begin with \"/\" and must be a valid HTTP relative URL. It can contain a path and query string arguments. If the relative URL is empty, then the root path \"/\" will be used. No spaces are allowed, and the maximum length allowed is 2083 characters." } }, "type": "object" }, "google-native:cloudtasks/v2beta2:AppEngineHttpRequestHttpMethod": { "description": "The HTTP method to use for the request. The default is POST. The app's request handler for the task's target URL must be able to handle HTTP requests with this http_method, otherwise the task attempt fails with error code 405 (Method Not Allowed). See [Writing a push task request handler](https://cloud.google.com/appengine/docs/java/taskqueue/push/creating-handlers#writing_a_push_task_request_handler) and the App Engine documentation for your runtime on [How Requests are Handled](https://cloud.google.com/appengine/docs/standard/python3/how-requests-are-handled).", "type": "string", "enum": [ { "name": "HttpMethodUnspecified", "description": "HTTP method unspecified", "value": "HTTP_METHOD_UNSPECIFIED" }, { "name": "Post", "description": "HTTP POST", "value": "POST" }, { "name": "Get", "description": "HTTP GET", "value": "GET" }, { "name": "Head", "description": "HTTP HEAD", "value": "HEAD" }, { "name": "Put", "description": "HTTP PUT", "value": "PUT" }, { "name": "Delete", "description": "HTTP DELETE", "value": "DELETE" }, { "name": "Patch", "description": "HTTP PATCH", "value": "PATCH" }, { "name": "Options", "description": "HTTP OPTIONS", "value": "OPTIONS" } ] }, "google-native:cloudtasks/v2beta2:AppEngineHttpRequestResponse": { "description": "App Engine HTTP request. The message defines the HTTP request that is sent to an App Engine app when the task is dispatched. This proto can only be used for tasks in a queue which has app_engine_http_target set. Using AppEngineHttpRequest requires [`appengine.applications.get`](https://cloud.google.com/appengine/docs/admin-api/access-control) Google IAM permission for the project and the following scope: `https://www.googleapis.com/auth/cloud-platform` The task will be delivered to the App Engine app which belongs to the same project as the queue. For more information, see [How Requests are Routed](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed) and how routing is affected by [dispatch files](https://cloud.google.com/appengine/docs/python/config/dispatchref). Traffic is encrypted during transport and never leaves Google datacenters. Because this traffic is carried over a communication mechanism internal to Google, you cannot explicitly set the protocol (for example, HTTP or HTTPS). The request to the handler, however, will appear to have used the HTTP protocol. The AppEngineRouting used to construct the URL that the task is delivered to can be set at the queue-level or task-level: * If set, app_engine_routing_override is used for all tasks in the queue, no matter what the setting is for the task-level app_engine_routing. The `url` that the task will be sent to is: * `url =` host `+` relative_url Tasks can be dispatched to secure app handlers, unsecure app handlers, and URIs restricted with [`login: admin`](https://cloud.google.com/appengine/docs/standard/python/config/appref). Because tasks are not run as any user, they cannot be dispatched to URIs restricted with [`login: required`](https://cloud.google.com/appengine/docs/standard/python/config/appref) Task dispatches also do not follow redirects. The task attempt has succeeded if the app's request handler returns an HTTP response code in the range [`200` - `299`]. The task attempt has failed if the app's handler returns a non-2xx response code or Cloud Tasks does not receive response before the deadline. Failed tasks will be retried according to the retry configuration. `503` (Service Unavailable) is considered an App Engine system error instead of an application error and will cause Cloud Tasks' traffic congestion control to temporarily throttle the queue's dispatches. Unlike other types of task targets, a `429` (Too Many Requests) response from an app handler does not cause traffic congestion control to throttle the queue.", "properties": { "appEngineRouting": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:AppEngineRoutingResponse", "description": "Task-level setting for App Engine routing. If set, app_engine_routing_override is used for all tasks in the queue, no matter what the setting is for the task-level app_engine_routing." }, "headers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "HTTP request headers. This map contains the header field names and values. Headers can be set when the task is created. Repeated headers are not supported but a header value can contain commas. Cloud Tasks sets some headers to default values: * `User-Agent`: By default, this header is `\"AppEngine-Google; (+http://code.google.com/appengine)\"`. This header can be modified, but Cloud Tasks will append `\"AppEngine-Google; (+http://code.google.com/appengine)\"` to the modified `User-Agent`. If the task has a payload, Cloud Tasks sets the following headers: * `Content-Type`: By default, the `Content-Type` header is set to `\"application/octet-stream\"`. The default can be overridden by explicitly setting `Content-Type` to a particular media type when the task is created. For example, `Content-Type` can be set to `\"application/json\"`. * `Content-Length`: This is computed by Cloud Tasks. This value is output only. It cannot be changed. The headers below cannot be set or overridden: * `Host` * `X-Google-*` * `X-AppEngine-*` In addition, Cloud Tasks sets some headers when the task is dispatched, such as headers containing information about the task; see [request headers](https://cloud.google.com/appengine/docs/python/taskqueue/push/creating-handlers#reading_request_headers). These headers are set only when the task is dispatched, so they are not visible when the task is returned in a Cloud Tasks response. Although there is no specific limit for the maximum number of headers or the size, there is a limit on the maximum size of the Task. For more information, see the CreateTask documentation." }, "httpMethod": { "type": "string", "description": "The HTTP method to use for the request. The default is POST. The app's request handler for the task's target URL must be able to handle HTTP requests with this http_method, otherwise the task attempt fails with error code 405 (Method Not Allowed). See [Writing a push task request handler](https://cloud.google.com/appengine/docs/java/taskqueue/push/creating-handlers#writing_a_push_task_request_handler) and the App Engine documentation for your runtime on [How Requests are Handled](https://cloud.google.com/appengine/docs/standard/python3/how-requests-are-handled)." }, "payload": { "type": "string", "description": "Payload. The payload will be sent as the HTTP message body. A message body, and thus a payload, is allowed only if the HTTP method is POST or PUT. It is an error to set a data payload on a task with an incompatible HttpMethod." }, "relativeUrl": { "type": "string", "description": "The relative URL. The relative URL must begin with \"/\" and must be a valid HTTP relative URL. It can contain a path and query string arguments. If the relative URL is empty, then the root path \"/\" will be used. No spaces are allowed, and the maximum length allowed is 2083 characters." } }, "type": "object", "required": [ "appEngineRouting", "headers", "httpMethod", "payload", "relativeUrl" ] }, "google-native:cloudtasks/v2beta2:AppEngineHttpTarget": { "description": "App Engine HTTP target. The task will be delivered to the App Engine application hostname specified by its AppEngineHttpTarget and AppEngineHttpRequest. The documentation for AppEngineHttpRequest explains how the task's host URL is constructed. Using AppEngineHttpTarget requires [`appengine.applications.get`](https://cloud.google.com/appengine/docs/admin-api/access-control) Google IAM permission for the project and the following scope: `https://www.googleapis.com/auth/cloud-platform`", "properties": { "appEngineRoutingOverride": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:AppEngineRouting", "description": "Overrides for the task-level app_engine_routing. If set, `app_engine_routing_override` is used for all tasks in the queue, no matter what the setting is for the task-level app_engine_routing." } }, "type": "object" }, "google-native:cloudtasks/v2beta2:AppEngineHttpTargetResponse": { "description": "App Engine HTTP target. The task will be delivered to the App Engine application hostname specified by its AppEngineHttpTarget and AppEngineHttpRequest. The documentation for AppEngineHttpRequest explains how the task's host URL is constructed. Using AppEngineHttpTarget requires [`appengine.applications.get`](https://cloud.google.com/appengine/docs/admin-api/access-control) Google IAM permission for the project and the following scope: `https://www.googleapis.com/auth/cloud-platform`", "properties": { "appEngineRoutingOverride": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:AppEngineRoutingResponse", "description": "Overrides for the task-level app_engine_routing. If set, `app_engine_routing_override` is used for all tasks in the queue, no matter what the setting is for the task-level app_engine_routing." } }, "type": "object", "required": [ "appEngineRoutingOverride" ] }, "google-native:cloudtasks/v2beta2:AppEngineRouting": { "description": "App Engine Routing. Defines routing characteristics specific to App Engine - service, version, and instance. For more information about services, versions, and instances see [An Overview of App Engine](https://cloud.google.com/appengine/docs/python/an-overview-of-app-engine), [Microservices Architecture on Google App Engine](https://cloud.google.com/appengine/docs/python/microservices-on-app-engine), [App Engine Standard request routing](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed), and [App Engine Flex request routing](https://cloud.google.com/appengine/docs/flexible/python/how-requests-are-routed).", "properties": { "instance": { "type": "string", "description": "App instance. By default, the task is sent to an instance which is available when the task is attempted. Requests can only be sent to a specific instance if [manual scaling is used in App Engine Standard](https://cloud.google.com/appengine/docs/python/an-overview-of-app-engine?hl=en_US#scaling_types_and_instance_classes). App Engine Flex does not support instances. For more information, see [App Engine Standard request routing](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed) and [App Engine Flex request routing](https://cloud.google.com/appengine/docs/flexible/python/how-requests-are-routed)." }, "service": { "type": "string", "description": "App service. By default, the task is sent to the service which is the default service when the task is attempted. For some queues or tasks which were created using the App Engine Task Queue API, host is not parsable into service, version, and instance. For example, some tasks which were created using the App Engine SDK use a custom domain name; custom domains are not parsed by Cloud Tasks. If host is not parsable, then service, version, and instance are the empty string." }, "version": { "type": "string", "description": "App version. By default, the task is sent to the version which is the default version when the task is attempted. For some queues or tasks which were created using the App Engine Task Queue API, host is not parsable into service, version, and instance. For example, some tasks which were created using the App Engine SDK use a custom domain name; custom domains are not parsed by Cloud Tasks. If host is not parsable, then service, version, and instance are the empty string." } }, "type": "object" }, "google-native:cloudtasks/v2beta2:AppEngineRoutingResponse": { "description": "App Engine Routing. Defines routing characteristics specific to App Engine - service, version, and instance. For more information about services, versions, and instances see [An Overview of App Engine](https://cloud.google.com/appengine/docs/python/an-overview-of-app-engine), [Microservices Architecture on Google App Engine](https://cloud.google.com/appengine/docs/python/microservices-on-app-engine), [App Engine Standard request routing](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed), and [App Engine Flex request routing](https://cloud.google.com/appengine/docs/flexible/python/how-requests-are-routed).", "properties": { "host": { "type": "string", "description": "The host that the task is sent to. For more information, see [How Requests are Routed](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed). The host is constructed as: * `host = [application_domain_name]` `| [service] + '.' + [application_domain_name]` `| [version] + '.' + [application_domain_name]` `| [version_dot_service]+ '.' + [application_domain_name]` `| [instance] + '.' + [application_domain_name]` `| [instance_dot_service] + '.' + [application_domain_name]` `| [instance_dot_version] + '.' + [application_domain_name]` `| [instance_dot_version_dot_service] + '.' + [application_domain_name]` * `application_domain_name` = The domain name of the app, for example .appspot.com, which is associated with the queue's project ID. Some tasks which were created using the App Engine SDK use a custom domain name. * `service =` service * `version =` version * `version_dot_service =` version `+ '.' +` service * `instance =` instance * `instance_dot_service =` instance `+ '.' +` service * `instance_dot_version =` instance `+ '.' +` version * `instance_dot_version_dot_service =` instance `+ '.' +` version `+ '.' +` service If service is empty, then the task will be sent to the service which is the default service when the task is attempted. If version is empty, then the task will be sent to the version which is the default version when the task is attempted. If instance is empty, then the task will be sent to an instance which is available when the task is attempted. If service, version, or instance is invalid, then the task will be sent to the default version of the default service when the task is attempted." }, "instance": { "type": "string", "description": "App instance. By default, the task is sent to an instance which is available when the task is attempted. Requests can only be sent to a specific instance if [manual scaling is used in App Engine Standard](https://cloud.google.com/appengine/docs/python/an-overview-of-app-engine?hl=en_US#scaling_types_and_instance_classes). App Engine Flex does not support instances. For more information, see [App Engine Standard request routing](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed) and [App Engine Flex request routing](https://cloud.google.com/appengine/docs/flexible/python/how-requests-are-routed)." }, "service": { "type": "string", "description": "App service. By default, the task is sent to the service which is the default service when the task is attempted. For some queues or tasks which were created using the App Engine Task Queue API, host is not parsable into service, version, and instance. For example, some tasks which were created using the App Engine SDK use a custom domain name; custom domains are not parsed by Cloud Tasks. If host is not parsable, then service, version, and instance are the empty string." }, "version": { "type": "string", "description": "App version. By default, the task is sent to the version which is the default version when the task is attempted. For some queues or tasks which were created using the App Engine Task Queue API, host is not parsable into service, version, and instance. For example, some tasks which were created using the App Engine SDK use a custom domain name; custom domains are not parsed by Cloud Tasks. If host is not parsable, then service, version, and instance are the empty string." } }, "type": "object", "required": [ "host", "instance", "service", "version" ] }, "google-native:cloudtasks/v2beta2:AttemptStatusResponse": { "description": "The status of a task attempt.", "properties": { "dispatchTime": { "type": "string", "description": "The time that this attempt was dispatched. `dispatch_time` will be truncated to the nearest microsecond." }, "responseStatus": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:StatusResponse", "description": "The response from the target for this attempt. If the task has not been attempted or the task is currently running then the response status is unset." }, "responseTime": { "type": "string", "description": "The time that this attempt response was received. `response_time` will be truncated to the nearest microsecond." }, "scheduleTime": { "type": "string", "description": "The time that this attempt was scheduled. `schedule_time` will be truncated to the nearest microsecond." } }, "type": "object", "required": [ "dispatchTime", "responseStatus", "responseTime", "scheduleTime" ] }, "google-native:cloudtasks/v2beta2:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:cloudtasks/v2beta2:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:cloudtasks/v2beta2:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:cloudtasks/v2beta2:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:cloudtasks/v2beta2:Header": { "description": "Defines a header message. A header can have a key and a value.", "properties": { "key": { "type": "string", "description": "The key of the header." }, "value": { "type": "string", "description": "The value of the header." } }, "type": "object" }, "google-native:cloudtasks/v2beta2:HeaderOverride": { "description": "Wraps the Header object.", "properties": { "header": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:Header", "description": "header embodying a key and a value." } }, "type": "object" }, "google-native:cloudtasks/v2beta2:HeaderOverrideResponse": { "description": "Wraps the Header object.", "properties": { "header": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:HeaderResponse", "description": "header embodying a key and a value." } }, "type": "object", "required": [ "header" ] }, "google-native:cloudtasks/v2beta2:HeaderResponse": { "description": "Defines a header message. A header can have a key and a value.", "properties": { "key": { "type": "string", "description": "The key of the header." }, "value": { "type": "string", "description": "The value of the header." } }, "type": "object", "required": [ "key", "value" ] }, "google-native:cloudtasks/v2beta2:HttpRequest": { "description": "HTTP request. The task will be pushed to the worker as an HTTP request. An HTTP request embodies a url, an http method, headers, body and authorization for the http task.", "properties": { "body": { "type": "string", "description": "HTTP request body. A request body is allowed only if the HTTP method is POST, PUT, or PATCH. It is an error to set body on a task with an incompatible HttpMethod." }, "headers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "HTTP request headers. This map contains the header field names and values. Headers can be set when running the task is created or task is created. These headers represent a subset of the headers that will accompany the task's HTTP request. Some HTTP request headers will be ignored or replaced. A partial list of headers that will be ignored or replaced is: * Any header that is prefixed with \"X-CloudTasks-\" will be treated as service header. Service headers define properties of the task and are predefined in CloudTask. * Host: This will be computed by Cloud Tasks and derived from HttpRequest.url. * Content-Length: This will be computed by Cloud Tasks. * User-Agent: This will be set to `\"Google-Cloud-Tasks\"`. * `X-Google-*`: Google use only. * `X-AppEngine-*`: Google use only. `Content-Type` won't be set by Cloud Tasks. You can explicitly set `Content-Type` to a media type when the task is created. For example, `Content-Type` can be set to `\"application/octet-stream\"` or `\"application/json\"`. Headers which can have multiple values (according to RFC2616) can be specified using comma-separated values. The size of the headers must be less than 80KB." }, "httpMethod": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:HttpRequestHttpMethod", "description": "The HTTP method to use for the request. The default is POST." }, "oauthToken": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:OAuthToken", "description": "If specified, an [OAuth token](https://developers.google.com/identity/protocols/OAuth2) will be generated and attached as an `Authorization` header in the HTTP request. This type of authorization should generally only be used when calling Google APIs hosted on *.googleapis.com." }, "oidcToken": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:OidcToken", "description": "If specified, an [OIDC](https://developers.google.com/identity/protocols/OpenIDConnect) token will be generated and attached as an `Authorization` header in the HTTP request. This type of authorization can be used for many scenarios, including calling Cloud Run, or endpoints where you intend to validate the token yourself." }, "url": { "type": "string", "description": "The full url path that the request will be sent to. This string must begin with either \"http://\" or \"https://\". Some examples are: `http://acme.com` and `https://acme.com/sales:8080`. Cloud Tasks will encode some characters for safety and compatibility. The maximum allowed URL length is 2083 characters after encoding. The `Location` header response from a redirect response [`300` - `399`] may be followed. The redirect is not counted as a separate attempt." } }, "type": "object", "required": [ "url" ] }, "google-native:cloudtasks/v2beta2:HttpRequestHttpMethod": { "description": "The HTTP method to use for the request. The default is POST.", "type": "string", "enum": [ { "name": "HttpMethodUnspecified", "description": "HTTP method unspecified", "value": "HTTP_METHOD_UNSPECIFIED" }, { "name": "Post", "description": "HTTP POST", "value": "POST" }, { "name": "Get", "description": "HTTP GET", "value": "GET" }, { "name": "Head", "description": "HTTP HEAD", "value": "HEAD" }, { "name": "Put", "description": "HTTP PUT", "value": "PUT" }, { "name": "Delete", "description": "HTTP DELETE", "value": "DELETE" }, { "name": "Patch", "description": "HTTP PATCH", "value": "PATCH" }, { "name": "Options", "description": "HTTP OPTIONS", "value": "OPTIONS" } ] }, "google-native:cloudtasks/v2beta2:HttpRequestResponse": { "description": "HTTP request. The task will be pushed to the worker as an HTTP request. An HTTP request embodies a url, an http method, headers, body and authorization for the http task.", "properties": { "body": { "type": "string", "description": "HTTP request body. A request body is allowed only if the HTTP method is POST, PUT, or PATCH. It is an error to set body on a task with an incompatible HttpMethod." }, "headers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "HTTP request headers. This map contains the header field names and values. Headers can be set when running the task is created or task is created. These headers represent a subset of the headers that will accompany the task's HTTP request. Some HTTP request headers will be ignored or replaced. A partial list of headers that will be ignored or replaced is: * Any header that is prefixed with \"X-CloudTasks-\" will be treated as service header. Service headers define properties of the task and are predefined in CloudTask. * Host: This will be computed by Cloud Tasks and derived from HttpRequest.url. * Content-Length: This will be computed by Cloud Tasks. * User-Agent: This will be set to `\"Google-Cloud-Tasks\"`. * `X-Google-*`: Google use only. * `X-AppEngine-*`: Google use only. `Content-Type` won't be set by Cloud Tasks. You can explicitly set `Content-Type` to a media type when the task is created. For example, `Content-Type` can be set to `\"application/octet-stream\"` or `\"application/json\"`. Headers which can have multiple values (according to RFC2616) can be specified using comma-separated values. The size of the headers must be less than 80KB." }, "httpMethod": { "type": "string", "description": "The HTTP method to use for the request. The default is POST." }, "oauthToken": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:OAuthTokenResponse", "description": "If specified, an [OAuth token](https://developers.google.com/identity/protocols/OAuth2) will be generated and attached as an `Authorization` header in the HTTP request. This type of authorization should generally only be used when calling Google APIs hosted on *.googleapis.com." }, "oidcToken": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:OidcTokenResponse", "description": "If specified, an [OIDC](https://developers.google.com/identity/protocols/OpenIDConnect) token will be generated and attached as an `Authorization` header in the HTTP request. This type of authorization can be used for many scenarios, including calling Cloud Run, or endpoints where you intend to validate the token yourself." }, "url": { "type": "string", "description": "The full url path that the request will be sent to. This string must begin with either \"http://\" or \"https://\". Some examples are: `http://acme.com` and `https://acme.com/sales:8080`. Cloud Tasks will encode some characters for safety and compatibility. The maximum allowed URL length is 2083 characters after encoding. The `Location` header response from a redirect response [`300` - `399`] may be followed. The redirect is not counted as a separate attempt." } }, "type": "object", "required": [ "body", "headers", "httpMethod", "oauthToken", "oidcToken", "url" ] }, "google-native:cloudtasks/v2beta2:HttpTarget": { "description": "HTTP target. When specified as a Queue, all the tasks with [HttpRequest] will be overridden according to the target.", "properties": { "headerOverrides": { "type": "array", "items": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:HeaderOverride" }, "description": "HTTP target headers. This map contains the header field names and values. Headers will be set when running the task is created and/or task is created. These headers represent a subset of the headers that will accompany the task's HTTP request. Some HTTP request headers will be ignored or replaced. A partial list of headers that will be ignored or replaced is: * Any header that is prefixed with \"X-CloudTasks-\" will be treated as service header. Service headers define properties of the task and are predefined in CloudTask. * Host: This will be computed by Cloud Tasks and derived from HttpRequest.url. * Content-Length: This will be computed by Cloud Tasks. * User-Agent: This will be set to `\"Google-CloudTasks\"`. * `X-Google-*`: Google use only. * `X-AppEngine-*`: Google use only. `Content-Type` won't be set by Cloud Tasks. You can explicitly set `Content-Type` to a media type when the task is created. For example, `Content-Type` can be set to `\"application/octet-stream\"` or `\"application/json\"`. Headers which can have multiple values (according to RFC2616) can be specified using comma-separated values. The size of the headers must be less than 80KB. Queue-level headers to override headers of all the tasks in the queue." }, "httpMethod": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:HttpTargetHttpMethod", "description": "The HTTP method to use for the request. When specified, it overrides HttpRequest for the task. Note that if the value is set to HttpMethod the HttpRequest of the task will be ignored at execution time." }, "oauthToken": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:OAuthToken", "description": "If specified, an [OAuth token](https://developers.google.com/identity/protocols/OAuth2) will be generated and attached as an `Authorization` header in the HTTP request. This type of authorization should generally only be used when calling Google APIs hosted on *.googleapis.com." }, "oidcToken": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:OidcToken", "description": "If specified, an [OIDC](https://developers.google.com/identity/protocols/OpenIDConnect) token will be generated and attached as an `Authorization` header in the HTTP request. This type of authorization can be used for many scenarios, including calling Cloud Run, or endpoints where you intend to validate the token yourself." }, "uriOverride": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:UriOverride", "description": "Uri override. When specified, overrides the execution Uri for all the tasks in the queue." } }, "type": "object" }, "google-native:cloudtasks/v2beta2:HttpTargetHttpMethod": { "description": "The HTTP method to use for the request. When specified, it overrides HttpRequest for the task. Note that if the value is set to HttpMethod the HttpRequest of the task will be ignored at execution time.", "type": "string", "enum": [ { "name": "HttpMethodUnspecified", "description": "HTTP method unspecified", "value": "HTTP_METHOD_UNSPECIFIED" }, { "name": "Post", "description": "HTTP POST", "value": "POST" }, { "name": "Get", "description": "HTTP GET", "value": "GET" }, { "name": "Head", "description": "HTTP HEAD", "value": "HEAD" }, { "name": "Put", "description": "HTTP PUT", "value": "PUT" }, { "name": "Delete", "description": "HTTP DELETE", "value": "DELETE" }, { "name": "Patch", "description": "HTTP PATCH", "value": "PATCH" }, { "name": "Options", "description": "HTTP OPTIONS", "value": "OPTIONS" } ] }, "google-native:cloudtasks/v2beta2:HttpTargetResponse": { "description": "HTTP target. When specified as a Queue, all the tasks with [HttpRequest] will be overridden according to the target.", "properties": { "headerOverrides": { "type": "array", "items": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:HeaderOverrideResponse" }, "description": "HTTP target headers. This map contains the header field names and values. Headers will be set when running the task is created and/or task is created. These headers represent a subset of the headers that will accompany the task's HTTP request. Some HTTP request headers will be ignored or replaced. A partial list of headers that will be ignored or replaced is: * Any header that is prefixed with \"X-CloudTasks-\" will be treated as service header. Service headers define properties of the task and are predefined in CloudTask. * Host: This will be computed by Cloud Tasks and derived from HttpRequest.url. * Content-Length: This will be computed by Cloud Tasks. * User-Agent: This will be set to `\"Google-CloudTasks\"`. * `X-Google-*`: Google use only. * `X-AppEngine-*`: Google use only. `Content-Type` won't be set by Cloud Tasks. You can explicitly set `Content-Type` to a media type when the task is created. For example, `Content-Type` can be set to `\"application/octet-stream\"` or `\"application/json\"`. Headers which can have multiple values (according to RFC2616) can be specified using comma-separated values. The size of the headers must be less than 80KB. Queue-level headers to override headers of all the tasks in the queue." }, "httpMethod": { "type": "string", "description": "The HTTP method to use for the request. When specified, it overrides HttpRequest for the task. Note that if the value is set to HttpMethod the HttpRequest of the task will be ignored at execution time." }, "oauthToken": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:OAuthTokenResponse", "description": "If specified, an [OAuth token](https://developers.google.com/identity/protocols/OAuth2) will be generated and attached as an `Authorization` header in the HTTP request. This type of authorization should generally only be used when calling Google APIs hosted on *.googleapis.com." }, "oidcToken": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:OidcTokenResponse", "description": "If specified, an [OIDC](https://developers.google.com/identity/protocols/OpenIDConnect) token will be generated and attached as an `Authorization` header in the HTTP request. This type of authorization can be used for many scenarios, including calling Cloud Run, or endpoints where you intend to validate the token yourself." }, "uriOverride": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:UriOverrideResponse", "description": "Uri override. When specified, overrides the execution Uri for all the tasks in the queue." } }, "type": "object", "required": [ "headerOverrides", "httpMethod", "oauthToken", "oidcToken", "uriOverride" ] }, "google-native:cloudtasks/v2beta2:OAuthToken": { "description": "Contains information needed for generating an [OAuth token](https://developers.google.com/identity/protocols/OAuth2). This type of authorization should generally only be used when calling Google APIs hosted on *.googleapis.com.", "properties": { "scope": { "type": "string", "description": "OAuth scope to be used for generating OAuth access token. If not specified, \"https://www.googleapis.com/auth/cloud-platform\" will be used." }, "serviceAccountEmail": { "type": "string", "description": "[Service account email](https://cloud.google.com/iam/docs/service-accounts) to be used for generating OAuth token. The service account must be within the same project as the queue. The caller must have iam.serviceAccounts.actAs permission for the service account." } }, "type": "object" }, "google-native:cloudtasks/v2beta2:OAuthTokenResponse": { "description": "Contains information needed for generating an [OAuth token](https://developers.google.com/identity/protocols/OAuth2). This type of authorization should generally only be used when calling Google APIs hosted on *.googleapis.com.", "properties": { "scope": { "type": "string", "description": "OAuth scope to be used for generating OAuth access token. If not specified, \"https://www.googleapis.com/auth/cloud-platform\" will be used." }, "serviceAccountEmail": { "type": "string", "description": "[Service account email](https://cloud.google.com/iam/docs/service-accounts) to be used for generating OAuth token. The service account must be within the same project as the queue. The caller must have iam.serviceAccounts.actAs permission for the service account." } }, "type": "object", "required": [ "scope", "serviceAccountEmail" ] }, "google-native:cloudtasks/v2beta2:OidcToken": { "description": "Contains information needed for generating an [OpenID Connect token](https://developers.google.com/identity/protocols/OpenIDConnect). This type of authorization can be used for many scenarios, including calling Cloud Run, or endpoints where you intend to validate the token yourself.", "properties": { "audience": { "type": "string", "description": "Audience to be used when generating OIDC token. If not specified, the URI specified in target will be used." }, "serviceAccountEmail": { "type": "string", "description": "[Service account email](https://cloud.google.com/iam/docs/service-accounts) to be used for generating OIDC token. The service account must be within the same project as the queue. The caller must have iam.serviceAccounts.actAs permission for the service account." } }, "type": "object" }, "google-native:cloudtasks/v2beta2:OidcTokenResponse": { "description": "Contains information needed for generating an [OpenID Connect token](https://developers.google.com/identity/protocols/OpenIDConnect). This type of authorization can be used for many scenarios, including calling Cloud Run, or endpoints where you intend to validate the token yourself.", "properties": { "audience": { "type": "string", "description": "Audience to be used when generating OIDC token. If not specified, the URI specified in target will be used." }, "serviceAccountEmail": { "type": "string", "description": "[Service account email](https://cloud.google.com/iam/docs/service-accounts) to be used for generating OIDC token. The service account must be within the same project as the queue. The caller must have iam.serviceAccounts.actAs permission for the service account." } }, "type": "object", "required": [ "audience", "serviceAccountEmail" ] }, "google-native:cloudtasks/v2beta2:PathOverride": { "description": "PathOverride. Path message defines path override for HTTP targets.", "properties": { "path": { "type": "string", "description": "The URI path (e.g., /users/1234). Default is an empty string." } }, "type": "object" }, "google-native:cloudtasks/v2beta2:PathOverrideResponse": { "description": "PathOverride. Path message defines path override for HTTP targets.", "properties": { "path": { "type": "string", "description": "The URI path (e.g., /users/1234). Default is an empty string." } }, "type": "object", "required": [ "path" ] }, "google-native:cloudtasks/v2beta2:PullMessage": { "description": "The pull message contains data that can be used by the caller of LeaseTasks to process the task. This proto can only be used for tasks in a queue which has pull_target set.", "properties": { "payload": { "type": "string", "description": "A data payload consumed by the worker to execute the task." }, "tag": { "type": "string", "description": "The task's tag. Tags allow similar tasks to be processed in a batch. If you label tasks with a tag, your worker can lease tasks with the same tag using filter. For example, if you want to aggregate the events associated with a specific user once a day, you could tag tasks with the user ID. The task's tag can only be set when the task is created. The tag must be less than 500 characters. SDK compatibility: Although the SDK allows tags to be either string or [bytes](https://cloud.google.com/appengine/docs/standard/java/javadoc/com/google/appengine/api/taskqueue/TaskOptions.html#tag-byte:A-), only UTF-8 encoded tags can be used in Cloud Tasks. If a tag isn't UTF-8 encoded, the tag will be empty when the task is returned by Cloud Tasks." } }, "type": "object" }, "google-native:cloudtasks/v2beta2:PullMessageResponse": { "description": "The pull message contains data that can be used by the caller of LeaseTasks to process the task. This proto can only be used for tasks in a queue which has pull_target set.", "properties": { "payload": { "type": "string", "description": "A data payload consumed by the worker to execute the task." }, "tag": { "type": "string", "description": "The task's tag. Tags allow similar tasks to be processed in a batch. If you label tasks with a tag, your worker can lease tasks with the same tag using filter. For example, if you want to aggregate the events associated with a specific user once a day, you could tag tasks with the user ID. The task's tag can only be set when the task is created. The tag must be less than 500 characters. SDK compatibility: Although the SDK allows tags to be either string or [bytes](https://cloud.google.com/appengine/docs/standard/java/javadoc/com/google/appengine/api/taskqueue/TaskOptions.html#tag-byte:A-), only UTF-8 encoded tags can be used in Cloud Tasks. If a tag isn't UTF-8 encoded, the tag will be empty when the task is returned by Cloud Tasks." } }, "type": "object", "required": [ "payload", "tag" ] }, "google-native:cloudtasks/v2beta2:PullTarget": { "description": "Pull target.", "type": "object" }, "google-native:cloudtasks/v2beta2:PullTargetResponse": { "description": "Pull target.", "type": "object" }, "google-native:cloudtasks/v2beta2:QueryOverride": { "description": "QueryOverride. Query message defines query override for HTTP targets.", "properties": { "queryParams": { "type": "string", "description": "The query parameters (e.g., qparam1=123&qparam2=456). Default is an empty string." } }, "type": "object" }, "google-native:cloudtasks/v2beta2:QueryOverrideResponse": { "description": "QueryOverride. Query message defines query override for HTTP targets.", "properties": { "queryParams": { "type": "string", "description": "The query parameters (e.g., qparam1=123&qparam2=456). Default is an empty string." } }, "type": "object", "required": [ "queryParams" ] }, "google-native:cloudtasks/v2beta2:QueueStatsResponse": { "description": "Statistics for a queue.", "properties": { "concurrentDispatchesCount": { "type": "string", "description": "The number of requests that the queue has dispatched but has not received a reply for yet." }, "effectiveExecutionRate": { "type": "number", "description": "The current maximum number of tasks per second executed by the queue. The maximum value of this variable is controlled by the RateLimits of the Queue. However, this value could be less to avoid overloading the endpoints tasks in the queue are targeting." }, "executedLastMinuteCount": { "type": "string", "description": "The number of tasks that the queue has dispatched and received a reply for during the last minute. This variable counts both successful and non-successful executions." }, "oldestEstimatedArrivalTime": { "type": "string", "description": "An estimation of the nearest time in the future where a task in the queue is scheduled to be executed." }, "tasksCount": { "type": "string", "description": "An estimation of the number of tasks in the queue, that is, the tasks in the queue that haven't been executed, the tasks in the queue which the queue has dispatched but has not yet received a reply for, and the failed tasks that the queue is retrying." } }, "type": "object", "required": [ "concurrentDispatchesCount", "effectiveExecutionRate", "executedLastMinuteCount", "oldestEstimatedArrivalTime", "tasksCount" ] }, "google-native:cloudtasks/v2beta2:RateLimits": { "description": "Rate limits. This message determines the maximum rate that tasks can be dispatched by a queue, regardless of whether the dispatch is a first task attempt or a retry. Note: The debugging command, RunTask, will run a task even if the queue has reached its RateLimits.", "properties": { "maxBurstSize": { "type": "integer", "description": "The max burst size. Max burst size limits how fast tasks in queue are processed when many tasks are in the queue and the rate is high. This field allows the queue to have a high rate so processing starts shortly after a task is enqueued, but still limits resource usage when many tasks are enqueued in a short period of time. The [token bucket](https://wikipedia.org/wiki/Token_Bucket) algorithm is used to control the rate of task dispatches. Each queue has a token bucket that holds tokens, up to the maximum specified by `max_burst_size`. Each time a task is dispatched, a token is removed from the bucket. Tasks will be dispatched until the queue's bucket runs out of tokens. The bucket will be continuously refilled with new tokens based on max_dispatches_per_second. The default value of `max_burst_size` is picked by Cloud Tasks based on the value of max_dispatches_per_second. The maximum value of `max_burst_size` is 500. For App Engine queues that were created or updated using `queue.yaml/xml`, `max_burst_size` is equal to [bucket_size](https://cloud.google.com/appengine/docs/standard/python/config/queueref#bucket_size). If UpdateQueue is called on a queue without explicitly setting a value for `max_burst_size`, `max_burst_size` value will get updated if UpdateQueue is updating max_dispatches_per_second. " }, "maxConcurrentTasks": { "type": "integer", "description": "The maximum number of concurrent tasks that Cloud Tasks allows to be dispatched for this queue. After this threshold has been reached, Cloud Tasks stops dispatching tasks until the number of concurrent requests decreases. If unspecified when the queue is created, Cloud Tasks will pick the default. The maximum allowed value is 5,000. This field is output only for pull queues and always -1, which indicates no limit. No other queue types can have `max_concurrent_tasks` set to -1. This field has the same meaning as [max_concurrent_requests in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#max_concurrent_requests)." }, "maxTasksDispatchedPerSecond": { "type": "number", "description": "The maximum rate at which tasks are dispatched from this queue. If unspecified when the queue is created, Cloud Tasks will pick the default. * For App Engine queues, the maximum allowed value is 500. * This field is output only for pull queues. In addition to the `max_tasks_dispatched_per_second` limit, a maximum of 10 QPS of LeaseTasks requests are allowed per pull queue. This field has the same meaning as [rate in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#rate)." } }, "type": "object" }, "google-native:cloudtasks/v2beta2:RateLimitsResponse": { "description": "Rate limits. This message determines the maximum rate that tasks can be dispatched by a queue, regardless of whether the dispatch is a first task attempt or a retry. Note: The debugging command, RunTask, will run a task even if the queue has reached its RateLimits.", "properties": { "maxBurstSize": { "type": "integer", "description": "The max burst size. Max burst size limits how fast tasks in queue are processed when many tasks are in the queue and the rate is high. This field allows the queue to have a high rate so processing starts shortly after a task is enqueued, but still limits resource usage when many tasks are enqueued in a short period of time. The [token bucket](https://wikipedia.org/wiki/Token_Bucket) algorithm is used to control the rate of task dispatches. Each queue has a token bucket that holds tokens, up to the maximum specified by `max_burst_size`. Each time a task is dispatched, a token is removed from the bucket. Tasks will be dispatched until the queue's bucket runs out of tokens. The bucket will be continuously refilled with new tokens based on max_dispatches_per_second. The default value of `max_burst_size` is picked by Cloud Tasks based on the value of max_dispatches_per_second. The maximum value of `max_burst_size` is 500. For App Engine queues that were created or updated using `queue.yaml/xml`, `max_burst_size` is equal to [bucket_size](https://cloud.google.com/appengine/docs/standard/python/config/queueref#bucket_size). If UpdateQueue is called on a queue without explicitly setting a value for `max_burst_size`, `max_burst_size` value will get updated if UpdateQueue is updating max_dispatches_per_second. " }, "maxConcurrentTasks": { "type": "integer", "description": "The maximum number of concurrent tasks that Cloud Tasks allows to be dispatched for this queue. After this threshold has been reached, Cloud Tasks stops dispatching tasks until the number of concurrent requests decreases. If unspecified when the queue is created, Cloud Tasks will pick the default. The maximum allowed value is 5,000. This field is output only for pull queues and always -1, which indicates no limit. No other queue types can have `max_concurrent_tasks` set to -1. This field has the same meaning as [max_concurrent_requests in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#max_concurrent_requests)." }, "maxTasksDispatchedPerSecond": { "type": "number", "description": "The maximum rate at which tasks are dispatched from this queue. If unspecified when the queue is created, Cloud Tasks will pick the default. * For App Engine queues, the maximum allowed value is 500. * This field is output only for pull queues. In addition to the `max_tasks_dispatched_per_second` limit, a maximum of 10 QPS of LeaseTasks requests are allowed per pull queue. This field has the same meaning as [rate in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#rate)." } }, "type": "object", "required": [ "maxBurstSize", "maxConcurrentTasks", "maxTasksDispatchedPerSecond" ] }, "google-native:cloudtasks/v2beta2:RetryConfig": { "description": "Retry config. These settings determine how a failed task attempt is retried.", "properties": { "maxAttempts": { "type": "integer", "description": "The maximum number of attempts for a task. Cloud Tasks will attempt the task `max_attempts` times (that is, if the first attempt fails, then there will be `max_attempts - 1` retries). Must be > 0." }, "maxBackoff": { "type": "string", "description": "A task will be scheduled for retry between min_backoff and max_backoff duration after it fails, if the queue's RetryConfig specifies that the task should be retried. If unspecified when the queue is created, Cloud Tasks will pick the default. This field is output only for pull queues. `max_backoff` will be truncated to the nearest second. This field has the same meaning as [max_backoff_seconds in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters)." }, "maxDoublings": { "type": "integer", "description": "The time between retries will double `max_doublings` times. A task's retry interval starts at min_backoff, then doubles `max_doublings` times, then increases linearly, and finally retries at intervals of max_backoff up to max_attempts times. For example, if min_backoff is 10s, max_backoff is 300s, and `max_doublings` is 3, then the a task will first be retried in 10s. The retry interval will double three times, and then increase linearly by 2^3 * 10s. Finally, the task will retry at intervals of max_backoff until the task has been attempted max_attempts times. Thus, the requests will retry at 10s, 20s, 40s, 80s, 160s, 240s, 300s, 300s, .... If unspecified when the queue is created, Cloud Tasks will pick the default. This field is output only for pull queues. This field has the same meaning as [max_doublings in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters)." }, "maxRetryDuration": { "type": "string", "description": "If positive, `max_retry_duration` specifies the time limit for retrying a failed task, measured from when the task was first attempted. Once `max_retry_duration` time has passed *and* the task has been attempted max_attempts times, no further attempts will be made and the task will be deleted. If zero, then the task age is unlimited. If unspecified when the queue is created, Cloud Tasks will pick the default. This field is output only for pull queues. `max_retry_duration` will be truncated to the nearest second. This field has the same meaning as [task_age_limit in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters)." }, "minBackoff": { "type": "string", "description": "A task will be scheduled for retry between min_backoff and max_backoff duration after it fails, if the queue's RetryConfig specifies that the task should be retried. If unspecified when the queue is created, Cloud Tasks will pick the default. This field is output only for pull queues. `min_backoff` will be truncated to the nearest second. This field has the same meaning as [min_backoff_seconds in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters)." }, "unlimitedAttempts": { "type": "boolean", "description": "If true, then the number of attempts is unlimited." } }, "type": "object" }, "google-native:cloudtasks/v2beta2:RetryConfigResponse": { "description": "Retry config. These settings determine how a failed task attempt is retried.", "properties": { "maxAttempts": { "type": "integer", "description": "The maximum number of attempts for a task. Cloud Tasks will attempt the task `max_attempts` times (that is, if the first attempt fails, then there will be `max_attempts - 1` retries). Must be > 0." }, "maxBackoff": { "type": "string", "description": "A task will be scheduled for retry between min_backoff and max_backoff duration after it fails, if the queue's RetryConfig specifies that the task should be retried. If unspecified when the queue is created, Cloud Tasks will pick the default. This field is output only for pull queues. `max_backoff` will be truncated to the nearest second. This field has the same meaning as [max_backoff_seconds in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters)." }, "maxDoublings": { "type": "integer", "description": "The time between retries will double `max_doublings` times. A task's retry interval starts at min_backoff, then doubles `max_doublings` times, then increases linearly, and finally retries at intervals of max_backoff up to max_attempts times. For example, if min_backoff is 10s, max_backoff is 300s, and `max_doublings` is 3, then the a task will first be retried in 10s. The retry interval will double three times, and then increase linearly by 2^3 * 10s. Finally, the task will retry at intervals of max_backoff until the task has been attempted max_attempts times. Thus, the requests will retry at 10s, 20s, 40s, 80s, 160s, 240s, 300s, 300s, .... If unspecified when the queue is created, Cloud Tasks will pick the default. This field is output only for pull queues. This field has the same meaning as [max_doublings in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters)." }, "maxRetryDuration": { "type": "string", "description": "If positive, `max_retry_duration` specifies the time limit for retrying a failed task, measured from when the task was first attempted. Once `max_retry_duration` time has passed *and* the task has been attempted max_attempts times, no further attempts will be made and the task will be deleted. If zero, then the task age is unlimited. If unspecified when the queue is created, Cloud Tasks will pick the default. This field is output only for pull queues. `max_retry_duration` will be truncated to the nearest second. This field has the same meaning as [task_age_limit in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters)." }, "minBackoff": { "type": "string", "description": "A task will be scheduled for retry between min_backoff and max_backoff duration after it fails, if the queue's RetryConfig specifies that the task should be retried. If unspecified when the queue is created, Cloud Tasks will pick the default. This field is output only for pull queues. `min_backoff` will be truncated to the nearest second. This field has the same meaning as [min_backoff_seconds in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters)." }, "unlimitedAttempts": { "type": "boolean", "description": "If true, then the number of attempts is unlimited." } }, "type": "object", "required": [ "maxAttempts", "maxBackoff", "maxDoublings", "maxRetryDuration", "minBackoff", "unlimitedAttempts" ] }, "google-native:cloudtasks/v2beta2:StatusResponse": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object", "required": [ "code", "details", "message" ] }, "google-native:cloudtasks/v2beta2:TaskResponseView": { "description": "The response_view specifies which subset of the Task will be returned. By default response_view is BASIC; not all information is retrieved by default because some data, such as payloads, might be desirable to return only when needed because of its large size or because of the sensitivity of data that it contains. Authorization for FULL requires `cloudtasks.tasks.fullView` [Google IAM](https://cloud.google.com/iam/) permission on the Task resource.", "type": "string", "enum": [ { "name": "ViewUnspecified", "description": "Unspecified. Defaults to BASIC.", "value": "VIEW_UNSPECIFIED" }, { "name": "Basic", "description": "The basic view omits fields which can be large or can contain sensitive data. This view does not include the (payload in AppEngineHttpRequest and payload in PullMessage). These payloads are desirable to return only when needed, because they can be large and because of the sensitivity of the data that you choose to store in it.", "value": "BASIC" }, { "name": "Full", "description": "All information is returned. Authorization for FULL requires `cloudtasks.tasks.fullView` [Google IAM](https://cloud.google.com/iam/) permission on the Queue resource.", "value": "FULL" } ] }, "google-native:cloudtasks/v2beta2:TaskStatusResponse": { "description": "Status of the task.", "properties": { "attemptDispatchCount": { "type": "integer", "description": "The number of attempts dispatched. This count includes attempts which have been dispatched but haven't received a response." }, "attemptResponseCount": { "type": "integer", "description": "The number of attempts which have received a response. This field is not calculated for pull tasks." }, "firstAttemptStatus": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:AttemptStatusResponse", "description": "The status of the task's first attempt. Only dispatch_time will be set. The other AttemptStatus information is not retained by Cloud Tasks. This field is not calculated for pull tasks." }, "lastAttemptStatus": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:AttemptStatusResponse", "description": "The status of the task's last attempt. This field is not calculated for pull tasks." } }, "type": "object", "required": [ "attemptDispatchCount", "attemptResponseCount", "firstAttemptStatus", "lastAttemptStatus" ] }, "google-native:cloudtasks/v2beta2:UriOverride": { "description": "Uri Override. When specified, all the HTTP tasks inside the queue will be partially or fully overridden depending on the configured values.", "properties": { "host": { "type": "string", "description": "Host override. When specified, replaces the host part of the task URL. For example, if the task URL is \"https://www.google.com,\" and host value is set to \"example.net\", the overridden URI will be changed to \"https://example.net.\" Host value cannot be an empty string (INVALID_ARGUMENT)." }, "pathOverride": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:PathOverride", "description": "URI path. When specified, replaces the existing path of the task URL. Setting the path value to an empty string clears the URI path segment." }, "port": { "type": "string", "description": "Port override. When specified, replaces the port part of the task URI. For instance, for a URI http://www.google.com/foo and port=123, the overridden URI becomes http://www.google.com:123/foo. Note that the port value must be a positive integer. Setting the port to 0 (Zero) clears the URI port." }, "queryOverride": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:QueryOverride", "description": "URI Query. When specified, replaces the query part of the task URI. Setting the query value to an empty string clears the URI query segment." }, "scheme": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:UriOverrideScheme", "description": "Scheme override. When specified, the task URI scheme is replaced by the provided value (HTTP or HTTPS)." }, "uriOverrideEnforceMode": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:UriOverrideUriOverrideEnforceMode", "description": "URI Override Enforce Mode When specified, determines the Target UriOverride mode. If not specified, it defaults to ALWAYS." } }, "type": "object" }, "google-native:cloudtasks/v2beta2:UriOverrideResponse": { "description": "Uri Override. When specified, all the HTTP tasks inside the queue will be partially or fully overridden depending on the configured values.", "properties": { "host": { "type": "string", "description": "Host override. When specified, replaces the host part of the task URL. For example, if the task URL is \"https://www.google.com,\" and host value is set to \"example.net\", the overridden URI will be changed to \"https://example.net.\" Host value cannot be an empty string (INVALID_ARGUMENT)." }, "pathOverride": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:PathOverrideResponse", "description": "URI path. When specified, replaces the existing path of the task URL. Setting the path value to an empty string clears the URI path segment." }, "port": { "type": "string", "description": "Port override. When specified, replaces the port part of the task URI. For instance, for a URI http://www.google.com/foo and port=123, the overridden URI becomes http://www.google.com:123/foo. Note that the port value must be a positive integer. Setting the port to 0 (Zero) clears the URI port." }, "queryOverride": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta2:QueryOverrideResponse", "description": "URI Query. When specified, replaces the query part of the task URI. Setting the query value to an empty string clears the URI query segment." }, "scheme": { "type": "string", "description": "Scheme override. When specified, the task URI scheme is replaced by the provided value (HTTP or HTTPS)." }, "uriOverrideEnforceMode": { "type": "string", "description": "URI Override Enforce Mode When specified, determines the Target UriOverride mode. If not specified, it defaults to ALWAYS." } }, "type": "object", "required": [ "host", "pathOverride", "port", "queryOverride", "scheme", "uriOverrideEnforceMode" ] }, "google-native:cloudtasks/v2beta2:UriOverrideScheme": { "description": "Scheme override. When specified, the task URI scheme is replaced by the provided value (HTTP or HTTPS).", "type": "string", "enum": [ { "name": "SchemeUnspecified", "description": "Scheme unspecified. Defaults to HTTPS.", "value": "SCHEME_UNSPECIFIED" }, { "name": "Http", "description": "Convert the scheme to HTTP, e.g., https://www.google.ca will change to http://www.google.ca.", "value": "HTTP" }, { "name": "Https", "description": "Convert the scheme to HTTPS, e.g., http://www.google.ca will change to https://www.google.ca.", "value": "HTTPS" } ] }, "google-native:cloudtasks/v2beta2:UriOverrideUriOverrideEnforceMode": { "description": "URI Override Enforce Mode When specified, determines the Target UriOverride mode. If not specified, it defaults to ALWAYS.", "type": "string", "enum": [ { "name": "UriOverrideEnforceModeUnspecified", "description": "OverrideMode Unspecified. Defaults to ALWAYS.", "value": "URI_OVERRIDE_ENFORCE_MODE_UNSPECIFIED" }, { "name": "IfNotExists", "description": "In the IF_NOT_EXISTS mode, queue-level configuration is only applied where task-level configuration does not exist.", "value": "IF_NOT_EXISTS" }, { "name": "Always", "description": "In the ALWAYS mode, queue-level configuration overrides all task-level configuration", "value": "ALWAYS" } ] }, "google-native:cloudtasks/v2beta3:AppEngineHttpQueue": { "description": "App Engine HTTP queue. The task will be delivered to the App Engine application hostname specified by its AppEngineHttpQueue and AppEngineHttpRequest. The documentation for AppEngineHttpRequest explains how the task's host URL is constructed. Using AppEngineHttpQueue requires [`appengine.applications.get`](https://cloud.google.com/appengine/docs/admin-api/access-control) Google IAM permission for the project and the following scope: `https://www.googleapis.com/auth/cloud-platform`", "properties": { "appEngineRoutingOverride": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta3:AppEngineRouting", "description": "Overrides for the task-level app_engine_routing. If set, `app_engine_routing_override` is used for all tasks in the queue, no matter what the setting is for the task-level app_engine_routing." } }, "type": "object" }, "google-native:cloudtasks/v2beta3:AppEngineHttpQueueResponse": { "description": "App Engine HTTP queue. The task will be delivered to the App Engine application hostname specified by its AppEngineHttpQueue and AppEngineHttpRequest. The documentation for AppEngineHttpRequest explains how the task's host URL is constructed. Using AppEngineHttpQueue requires [`appengine.applications.get`](https://cloud.google.com/appengine/docs/admin-api/access-control) Google IAM permission for the project and the following scope: `https://www.googleapis.com/auth/cloud-platform`", "properties": { "appEngineRoutingOverride": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta3:AppEngineRoutingResponse", "description": "Overrides for the task-level app_engine_routing. If set, `app_engine_routing_override` is used for all tasks in the queue, no matter what the setting is for the task-level app_engine_routing." } }, "type": "object", "required": [ "appEngineRoutingOverride" ] }, "google-native:cloudtasks/v2beta3:AppEngineHttpRequest": { "description": "App Engine HTTP request. The message defines the HTTP request that is sent to an App Engine app when the task is dispatched. Using AppEngineHttpRequest requires [`appengine.applications.get`](https://cloud.google.com/appengine/docs/admin-api/access-control) Google IAM permission for the project and the following scope: `https://www.googleapis.com/auth/cloud-platform` The task will be delivered to the App Engine app which belongs to the same project as the queue. For more information, see [How Requests are Routed](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed) and how routing is affected by [dispatch files](https://cloud.google.com/appengine/docs/python/config/dispatchref). Traffic is encrypted during transport and never leaves Google datacenters. Because this traffic is carried over a communication mechanism internal to Google, you cannot explicitly set the protocol (for example, HTTP or HTTPS). The request to the handler, however, will appear to have used the HTTP protocol. The AppEngineRouting used to construct the URL that the task is delivered to can be set at the queue-level or task-level: * If set, app_engine_routing_override is used for all tasks in the queue, no matter what the setting is for the task-level app_engine_routing. The `url` that the task will be sent to is: * `url =` host `+` relative_uri Tasks can be dispatched to secure app handlers, unsecure app handlers, and URIs restricted with [`login: admin`](https://cloud.google.com/appengine/docs/standard/python/config/appref). Because tasks are not run as any user, they cannot be dispatched to URIs restricted with [`login: required`](https://cloud.google.com/appengine/docs/standard/python/config/appref) Task dispatches also do not follow redirects. The task attempt has succeeded if the app's request handler returns an HTTP response code in the range [`200` - `299`]. The task attempt has failed if the app's handler returns a non-2xx response code or Cloud Tasks does not receive response before the deadline. Failed tasks will be retried according to the retry configuration. `503` (Service Unavailable) is considered an App Engine system error instead of an application error and will cause Cloud Tasks' traffic congestion control to temporarily throttle the queue's dispatches. Unlike other types of task targets, a `429` (Too Many Requests) response from an app handler does not cause traffic congestion control to throttle the queue.", "properties": { "appEngineRouting": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta3:AppEngineRouting", "description": "Task-level setting for App Engine routing. If set, app_engine_routing_override is used for all tasks in the queue, no matter what the setting is for the task-level app_engine_routing." }, "body": { "type": "string", "description": "HTTP request body. A request body is allowed only if the HTTP method is POST or PUT. It is an error to set a body on a task with an incompatible HttpMethod." }, "headers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "HTTP request headers. This map contains the header field names and values. Headers can be set when the task is created. Repeated headers are not supported but a header value can contain commas. Cloud Tasks sets some headers to default values: * `User-Agent`: By default, this header is `\"AppEngine-Google; (+http://code.google.com/appengine)\"`. This header can be modified, but Cloud Tasks will append `\"AppEngine-Google; (+http://code.google.com/appengine)\"` to the modified `User-Agent`. If the task has a body, Cloud Tasks sets the following headers: * `Content-Type`: By default, the `Content-Type` header is set to `\"application/octet-stream\"`. The default can be overridden by explicitly setting `Content-Type` to a particular media type when the task is created. For example, `Content-Type` can be set to `\"application/json\"`. * `Content-Length`: This is computed by Cloud Tasks. This value is output only. It cannot be changed. The headers below cannot be set or overridden: * `Host` * `X-Google-*` * `X-AppEngine-*` In addition, Cloud Tasks sets some headers when the task is dispatched, such as headers containing information about the task; see [request headers](https://cloud.google.com/tasks/docs/creating-appengine-handlers#reading_request_headers). These headers are set only when the task is dispatched, so they are not visible when the task is returned in a Cloud Tasks response. Although there is no specific limit for the maximum number of headers or the size, there is a limit on the maximum size of the Task. For more information, see the CreateTask documentation." }, "httpMethod": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta3:AppEngineHttpRequestHttpMethod", "description": "The HTTP method to use for the request. The default is POST. The app's request handler for the task's target URL must be able to handle HTTP requests with this http_method, otherwise the task attempt fails with error code 405 (Method Not Allowed). See [Writing a push task request handler](https://cloud.google.com/appengine/docs/java/taskqueue/push/creating-handlers#writing_a_push_task_request_handler) and the App Engine documentation for your runtime on [How Requests are Handled](https://cloud.google.com/appengine/docs/standard/python3/how-requests-are-handled)." }, "relativeUri": { "type": "string", "description": "The relative URI. The relative URI must begin with \"/\" and must be a valid HTTP relative URI. It can contain a path and query string arguments. If the relative URI is empty, then the root path \"/\" will be used. No spaces are allowed, and the maximum length allowed is 2083 characters." } }, "type": "object" }, "google-native:cloudtasks/v2beta3:AppEngineHttpRequestHttpMethod": { "description": "The HTTP method to use for the request. The default is POST. The app's request handler for the task's target URL must be able to handle HTTP requests with this http_method, otherwise the task attempt fails with error code 405 (Method Not Allowed). See [Writing a push task request handler](https://cloud.google.com/appengine/docs/java/taskqueue/push/creating-handlers#writing_a_push_task_request_handler) and the App Engine documentation for your runtime on [How Requests are Handled](https://cloud.google.com/appengine/docs/standard/python3/how-requests-are-handled).", "type": "string", "enum": [ { "name": "HttpMethodUnspecified", "description": "HTTP method unspecified", "value": "HTTP_METHOD_UNSPECIFIED" }, { "name": "Post", "description": "HTTP POST", "value": "POST" }, { "name": "Get", "description": "HTTP GET", "value": "GET" }, { "name": "Head", "description": "HTTP HEAD", "value": "HEAD" }, { "name": "Put", "description": "HTTP PUT", "value": "PUT" }, { "name": "Delete", "description": "HTTP DELETE", "value": "DELETE" }, { "name": "Patch", "description": "HTTP PATCH", "value": "PATCH" }, { "name": "Options", "description": "HTTP OPTIONS", "value": "OPTIONS" } ] }, "google-native:cloudtasks/v2beta3:AppEngineHttpRequestResponse": { "description": "App Engine HTTP request. The message defines the HTTP request that is sent to an App Engine app when the task is dispatched. Using AppEngineHttpRequest requires [`appengine.applications.get`](https://cloud.google.com/appengine/docs/admin-api/access-control) Google IAM permission for the project and the following scope: `https://www.googleapis.com/auth/cloud-platform` The task will be delivered to the App Engine app which belongs to the same project as the queue. For more information, see [How Requests are Routed](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed) and how routing is affected by [dispatch files](https://cloud.google.com/appengine/docs/python/config/dispatchref). Traffic is encrypted during transport and never leaves Google datacenters. Because this traffic is carried over a communication mechanism internal to Google, you cannot explicitly set the protocol (for example, HTTP or HTTPS). The request to the handler, however, will appear to have used the HTTP protocol. The AppEngineRouting used to construct the URL that the task is delivered to can be set at the queue-level or task-level: * If set, app_engine_routing_override is used for all tasks in the queue, no matter what the setting is for the task-level app_engine_routing. The `url` that the task will be sent to is: * `url =` host `+` relative_uri Tasks can be dispatched to secure app handlers, unsecure app handlers, and URIs restricted with [`login: admin`](https://cloud.google.com/appengine/docs/standard/python/config/appref). Because tasks are not run as any user, they cannot be dispatched to URIs restricted with [`login: required`](https://cloud.google.com/appengine/docs/standard/python/config/appref) Task dispatches also do not follow redirects. The task attempt has succeeded if the app's request handler returns an HTTP response code in the range [`200` - `299`]. The task attempt has failed if the app's handler returns a non-2xx response code or Cloud Tasks does not receive response before the deadline. Failed tasks will be retried according to the retry configuration. `503` (Service Unavailable) is considered an App Engine system error instead of an application error and will cause Cloud Tasks' traffic congestion control to temporarily throttle the queue's dispatches. Unlike other types of task targets, a `429` (Too Many Requests) response from an app handler does not cause traffic congestion control to throttle the queue.", "properties": { "appEngineRouting": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta3:AppEngineRoutingResponse", "description": "Task-level setting for App Engine routing. If set, app_engine_routing_override is used for all tasks in the queue, no matter what the setting is for the task-level app_engine_routing." }, "body": { "type": "string", "description": "HTTP request body. A request body is allowed only if the HTTP method is POST or PUT. It is an error to set a body on a task with an incompatible HttpMethod." }, "headers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "HTTP request headers. This map contains the header field names and values. Headers can be set when the task is created. Repeated headers are not supported but a header value can contain commas. Cloud Tasks sets some headers to default values: * `User-Agent`: By default, this header is `\"AppEngine-Google; (+http://code.google.com/appengine)\"`. This header can be modified, but Cloud Tasks will append `\"AppEngine-Google; (+http://code.google.com/appengine)\"` to the modified `User-Agent`. If the task has a body, Cloud Tasks sets the following headers: * `Content-Type`: By default, the `Content-Type` header is set to `\"application/octet-stream\"`. The default can be overridden by explicitly setting `Content-Type` to a particular media type when the task is created. For example, `Content-Type` can be set to `\"application/json\"`. * `Content-Length`: This is computed by Cloud Tasks. This value is output only. It cannot be changed. The headers below cannot be set or overridden: * `Host` * `X-Google-*` * `X-AppEngine-*` In addition, Cloud Tasks sets some headers when the task is dispatched, such as headers containing information about the task; see [request headers](https://cloud.google.com/tasks/docs/creating-appengine-handlers#reading_request_headers). These headers are set only when the task is dispatched, so they are not visible when the task is returned in a Cloud Tasks response. Although there is no specific limit for the maximum number of headers or the size, there is a limit on the maximum size of the Task. For more information, see the CreateTask documentation." }, "httpMethod": { "type": "string", "description": "The HTTP method to use for the request. The default is POST. The app's request handler for the task's target URL must be able to handle HTTP requests with this http_method, otherwise the task attempt fails with error code 405 (Method Not Allowed). See [Writing a push task request handler](https://cloud.google.com/appengine/docs/java/taskqueue/push/creating-handlers#writing_a_push_task_request_handler) and the App Engine documentation for your runtime on [How Requests are Handled](https://cloud.google.com/appengine/docs/standard/python3/how-requests-are-handled)." }, "relativeUri": { "type": "string", "description": "The relative URI. The relative URI must begin with \"/\" and must be a valid HTTP relative URI. It can contain a path and query string arguments. If the relative URI is empty, then the root path \"/\" will be used. No spaces are allowed, and the maximum length allowed is 2083 characters." } }, "type": "object", "required": [ "appEngineRouting", "body", "headers", "httpMethod", "relativeUri" ] }, "google-native:cloudtasks/v2beta3:AppEngineRouting": { "description": "App Engine Routing. Defines routing characteristics specific to App Engine - service, version, and instance. For more information about services, versions, and instances see [An Overview of App Engine](https://cloud.google.com/appengine/docs/python/an-overview-of-app-engine), [Microservices Architecture on Google App Engine](https://cloud.google.com/appengine/docs/python/microservices-on-app-engine), [App Engine Standard request routing](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed), and [App Engine Flex request routing](https://cloud.google.com/appengine/docs/flexible/python/how-requests-are-routed).", "properties": { "instance": { "type": "string", "description": "App instance. By default, the task is sent to an instance which is available when the task is attempted. Requests can only be sent to a specific instance if [manual scaling is used in App Engine Standard](https://cloud.google.com/appengine/docs/python/an-overview-of-app-engine?hl=en_US#scaling_types_and_instance_classes). App Engine Flex does not support instances. For more information, see [App Engine Standard request routing](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed) and [App Engine Flex request routing](https://cloud.google.com/appengine/docs/flexible/python/how-requests-are-routed)." }, "service": { "type": "string", "description": "App service. By default, the task is sent to the service which is the default service when the task is attempted. For some queues or tasks which were created using the App Engine Task Queue API, host is not parsable into service, version, and instance. For example, some tasks which were created using the App Engine SDK use a custom domain name; custom domains are not parsed by Cloud Tasks. If host is not parsable, then service, version, and instance are the empty string." }, "version": { "type": "string", "description": "App version. By default, the task is sent to the version which is the default version when the task is attempted. For some queues or tasks which were created using the App Engine Task Queue API, host is not parsable into service, version, and instance. For example, some tasks which were created using the App Engine SDK use a custom domain name; custom domains are not parsed by Cloud Tasks. If host is not parsable, then service, version, and instance are the empty string." } }, "type": "object" }, "google-native:cloudtasks/v2beta3:AppEngineRoutingResponse": { "description": "App Engine Routing. Defines routing characteristics specific to App Engine - service, version, and instance. For more information about services, versions, and instances see [An Overview of App Engine](https://cloud.google.com/appengine/docs/python/an-overview-of-app-engine), [Microservices Architecture on Google App Engine](https://cloud.google.com/appengine/docs/python/microservices-on-app-engine), [App Engine Standard request routing](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed), and [App Engine Flex request routing](https://cloud.google.com/appengine/docs/flexible/python/how-requests-are-routed).", "properties": { "host": { "type": "string", "description": "The host that the task is sent to. The host is constructed from the domain name of the app associated with the queue's project ID (for example .appspot.com), and the service, version, and instance. Tasks which were created using the App Engine SDK might have a custom domain name. For more information, see [How Requests are Routed](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed)." }, "instance": { "type": "string", "description": "App instance. By default, the task is sent to an instance which is available when the task is attempted. Requests can only be sent to a specific instance if [manual scaling is used in App Engine Standard](https://cloud.google.com/appengine/docs/python/an-overview-of-app-engine?hl=en_US#scaling_types_and_instance_classes). App Engine Flex does not support instances. For more information, see [App Engine Standard request routing](https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed) and [App Engine Flex request routing](https://cloud.google.com/appengine/docs/flexible/python/how-requests-are-routed)." }, "service": { "type": "string", "description": "App service. By default, the task is sent to the service which is the default service when the task is attempted. For some queues or tasks which were created using the App Engine Task Queue API, host is not parsable into service, version, and instance. For example, some tasks which were created using the App Engine SDK use a custom domain name; custom domains are not parsed by Cloud Tasks. If host is not parsable, then service, version, and instance are the empty string." }, "version": { "type": "string", "description": "App version. By default, the task is sent to the version which is the default version when the task is attempted. For some queues or tasks which were created using the App Engine Task Queue API, host is not parsable into service, version, and instance. For example, some tasks which were created using the App Engine SDK use a custom domain name; custom domains are not parsed by Cloud Tasks. If host is not parsable, then service, version, and instance are the empty string." } }, "type": "object", "required": [ "host", "instance", "service", "version" ] }, "google-native:cloudtasks/v2beta3:AttemptResponse": { "description": "The status of a task attempt.", "properties": { "dispatchTime": { "type": "string", "description": "The time that this attempt was dispatched. `dispatch_time` will be truncated to the nearest microsecond." }, "responseStatus": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta3:StatusResponse", "description": "The response from the worker for this attempt. If `response_time` is unset, then the task has not been attempted or is currently running and the `response_status` field is meaningless." }, "responseTime": { "type": "string", "description": "The time that this attempt response was received. `response_time` will be truncated to the nearest microsecond." }, "scheduleTime": { "type": "string", "description": "The time that this attempt was scheduled. `schedule_time` will be truncated to the nearest microsecond." } }, "type": "object", "required": [ "dispatchTime", "responseStatus", "responseTime", "scheduleTime" ] }, "google-native:cloudtasks/v2beta3:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta3:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:cloudtasks/v2beta3:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta3:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:cloudtasks/v2beta3:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:cloudtasks/v2beta3:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:cloudtasks/v2beta3:Header": { "description": "Defines a header message. A header can have a key and a value.", "properties": { "key": { "type": "string", "description": "The Key of the header." }, "value": { "type": "string", "description": "The Value of the header." } }, "type": "object" }, "google-native:cloudtasks/v2beta3:HeaderOverride": { "description": "Wraps the Header object.", "properties": { "header": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta3:Header", "description": "header embodying a key and a value." } }, "type": "object" }, "google-native:cloudtasks/v2beta3:HeaderOverrideResponse": { "description": "Wraps the Header object.", "properties": { "header": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta3:HeaderResponse", "description": "header embodying a key and a value." } }, "type": "object", "required": [ "header" ] }, "google-native:cloudtasks/v2beta3:HeaderResponse": { "description": "Defines a header message. A header can have a key and a value.", "properties": { "key": { "type": "string", "description": "The Key of the header." }, "value": { "type": "string", "description": "The Value of the header." } }, "type": "object", "required": [ "key", "value" ] }, "google-native:cloudtasks/v2beta3:HttpRequest": { "description": "HTTP request. The task will be pushed to the worker as an HTTP request. If the worker or the redirected worker acknowledges the task by returning a successful HTTP response code ([`200` - `299`]), the task will be removed from the queue. If any other HTTP response code is returned or no response is received, the task will be retried according to the following: * User-specified throttling: retry configuration, rate limits, and the queue's state. * System throttling: To prevent the worker from overloading, Cloud Tasks may temporarily reduce the queue's effective rate. User-specified settings will not be changed. System throttling happens because: * Cloud Tasks backs off on all errors. Normally the backoff specified in rate limits will be used. But if the worker returns `429` (Too Many Requests), `503` (Service Unavailable), or the rate of errors is high, Cloud Tasks will use a higher backoff rate. The retry specified in the `Retry-After` HTTP response header is considered. * To prevent traffic spikes and to smooth sudden increases in traffic, dispatches ramp up slowly when the queue is newly created or idle and if large numbers of tasks suddenly become available to dispatch (due to spikes in create task rates, the queue being unpaused, or many tasks that are scheduled at the same time).", "properties": { "body": { "type": "string", "description": "HTTP request body. A request body is allowed only if the HTTP method is POST, PUT, or PATCH. It is an error to set body on a task with an incompatible HttpMethod." }, "headers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "HTTP request headers. This map contains the header field names and values. Headers can be set when the task is created. These headers represent a subset of the headers that will accompany the task's HTTP request. Some HTTP request headers will be ignored or replaced. A partial list of headers that will be ignored or replaced is: * Any header that is prefixed with \"X-CloudTasks-\" will be treated as service header. Service headers define properties of the task and are predefined in CloudTask. * Host: This will be computed by Cloud Tasks and derived from HttpRequest.url. * Content-Length: This will be computed by Cloud Tasks. * User-Agent: This will be set to `\"Google-Cloud-Tasks\"`. * `X-Google-*`: Google use only. * `X-AppEngine-*`: Google use only. `Content-Type` won't be set by Cloud Tasks. You can explicitly set `Content-Type` to a media type when the task is created. For example, `Content-Type` can be set to `\"application/octet-stream\"` or `\"application/json\"`. Headers which can have multiple values (according to RFC2616) can be specified using comma-separated values. The size of the headers must be less than 80KB." }, "httpMethod": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta3:HttpRequestHttpMethod", "description": "The HTTP method to use for the request. The default is POST." }, "oauthToken": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta3:OAuthToken", "description": "If specified, an [OAuth token](https://developers.google.com/identity/protocols/OAuth2) will be generated and attached as an `Authorization` header in the HTTP request. This type of authorization should generally only be used when calling Google APIs hosted on *.googleapis.com." }, "oidcToken": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta3:OidcToken", "description": "If specified, an [OIDC](https://developers.google.com/identity/protocols/OpenIDConnect) token will be generated and attached as an `Authorization` header in the HTTP request. This type of authorization can be used for many scenarios, including calling Cloud Run, or endpoints where you intend to validate the token yourself." }, "url": { "type": "string", "description": "The full url path that the request will be sent to. This string must begin with either \"http://\" or \"https://\". Some examples are: `http://acme.com` and `https://acme.com/sales:8080`. Cloud Tasks will encode some characters for safety and compatibility. The maximum allowed URL length is 2083 characters after encoding. The `Location` header response from a redirect response [`300` - `399`] may be followed. The redirect is not counted as a separate attempt." } }, "type": "object", "required": [ "url" ] }, "google-native:cloudtasks/v2beta3:HttpRequestHttpMethod": { "description": "The HTTP method to use for the request. The default is POST.", "type": "string", "enum": [ { "name": "HttpMethodUnspecified", "description": "HTTP method unspecified", "value": "HTTP_METHOD_UNSPECIFIED" }, { "name": "Post", "description": "HTTP POST", "value": "POST" }, { "name": "Get", "description": "HTTP GET", "value": "GET" }, { "name": "Head", "description": "HTTP HEAD", "value": "HEAD" }, { "name": "Put", "description": "HTTP PUT", "value": "PUT" }, { "name": "Delete", "description": "HTTP DELETE", "value": "DELETE" }, { "name": "Patch", "description": "HTTP PATCH", "value": "PATCH" }, { "name": "Options", "description": "HTTP OPTIONS", "value": "OPTIONS" } ] }, "google-native:cloudtasks/v2beta3:HttpRequestResponse": { "description": "HTTP request. The task will be pushed to the worker as an HTTP request. If the worker or the redirected worker acknowledges the task by returning a successful HTTP response code ([`200` - `299`]), the task will be removed from the queue. If any other HTTP response code is returned or no response is received, the task will be retried according to the following: * User-specified throttling: retry configuration, rate limits, and the queue's state. * System throttling: To prevent the worker from overloading, Cloud Tasks may temporarily reduce the queue's effective rate. User-specified settings will not be changed. System throttling happens because: * Cloud Tasks backs off on all errors. Normally the backoff specified in rate limits will be used. But if the worker returns `429` (Too Many Requests), `503` (Service Unavailable), or the rate of errors is high, Cloud Tasks will use a higher backoff rate. The retry specified in the `Retry-After` HTTP response header is considered. * To prevent traffic spikes and to smooth sudden increases in traffic, dispatches ramp up slowly when the queue is newly created or idle and if large numbers of tasks suddenly become available to dispatch (due to spikes in create task rates, the queue being unpaused, or many tasks that are scheduled at the same time).", "properties": { "body": { "type": "string", "description": "HTTP request body. A request body is allowed only if the HTTP method is POST, PUT, or PATCH. It is an error to set body on a task with an incompatible HttpMethod." }, "headers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "HTTP request headers. This map contains the header field names and values. Headers can be set when the task is created. These headers represent a subset of the headers that will accompany the task's HTTP request. Some HTTP request headers will be ignored or replaced. A partial list of headers that will be ignored or replaced is: * Any header that is prefixed with \"X-CloudTasks-\" will be treated as service header. Service headers define properties of the task and are predefined in CloudTask. * Host: This will be computed by Cloud Tasks and derived from HttpRequest.url. * Content-Length: This will be computed by Cloud Tasks. * User-Agent: This will be set to `\"Google-Cloud-Tasks\"`. * `X-Google-*`: Google use only. * `X-AppEngine-*`: Google use only. `Content-Type` won't be set by Cloud Tasks. You can explicitly set `Content-Type` to a media type when the task is created. For example, `Content-Type` can be set to `\"application/octet-stream\"` or `\"application/json\"`. Headers which can have multiple values (according to RFC2616) can be specified using comma-separated values. The size of the headers must be less than 80KB." }, "httpMethod": { "type": "string", "description": "The HTTP method to use for the request. The default is POST." }, "oauthToken": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta3:OAuthTokenResponse", "description": "If specified, an [OAuth token](https://developers.google.com/identity/protocols/OAuth2) will be generated and attached as an `Authorization` header in the HTTP request. This type of authorization should generally only be used when calling Google APIs hosted on *.googleapis.com." }, "oidcToken": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta3:OidcTokenResponse", "description": "If specified, an [OIDC](https://developers.google.com/identity/protocols/OpenIDConnect) token will be generated and attached as an `Authorization` header in the HTTP request. This type of authorization can be used for many scenarios, including calling Cloud Run, or endpoints where you intend to validate the token yourself." }, "url": { "type": "string", "description": "The full url path that the request will be sent to. This string must begin with either \"http://\" or \"https://\". Some examples are: `http://acme.com` and `https://acme.com/sales:8080`. Cloud Tasks will encode some characters for safety and compatibility. The maximum allowed URL length is 2083 characters after encoding. The `Location` header response from a redirect response [`300` - `399`] may be followed. The redirect is not counted as a separate attempt." } }, "type": "object", "required": [ "body", "headers", "httpMethod", "oauthToken", "oidcToken", "url" ] }, "google-native:cloudtasks/v2beta3:HttpTarget": { "description": "HTTP target. When specified as a Queue, all the tasks with [HttpRequest] will be overridden according to the target.", "properties": { "headerOverrides": { "type": "array", "items": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta3:HeaderOverride" }, "description": "HTTP target headers. This map contains the header field names and values. Headers will be set when running the CreateTask and/or BufferTask. These headers represent a subset of the headers that will be configured for the task's HTTP request. Some HTTP request headers will be ignored or replaced. A partial list of headers that will be ignored or replaced is: * Several predefined headers, prefixed with \"X-CloudTasks-\", can be used to define properties of the task. * Host: This will be computed by Cloud Tasks and derived from HttpRequest.url. * Content-Length: This will be computed by Cloud Tasks. `Content-Type` won't be set by Cloud Tasks. You can explicitly set `Content-Type` to a media type when the task is created. For example,`Content-Type` can be set to `\"application/octet-stream\"` or `\"application/json\"`. The default value is set to `\"application/json\"`. * User-Agent: This will be set to `\"Google-Cloud-Tasks\"`. Headers which can have multiple values (according to RFC2616) can be specified using comma-separated values. The size of the headers must be less than 80KB. Queue-level headers to override headers of all the tasks in the queue." }, "httpMethod": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta3:HttpTargetHttpMethod", "description": "The HTTP method to use for the request. When specified, it overrides HttpRequest for the task. Note that if the value is set to HttpMethod the HttpRequest of the task will be ignored at execution time." }, "oauthToken": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta3:OAuthToken", "description": "If specified, an [OAuth token](https://developers.google.com/identity/protocols/OAuth2) will be generated and attached as the `Authorization` header in the HTTP request. This type of authorization should generally only be used when calling Google APIs hosted on *.googleapis.com." }, "oidcToken": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta3:OidcToken", "description": "If specified, an [OIDC](https://developers.google.com/identity/protocols/OpenIDConnect) token will be generated and attached as an `Authorization` header in the HTTP request. This type of authorization can be used for many scenarios, including calling Cloud Run, or endpoints where you intend to validate the token yourself." }, "uriOverride": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta3:UriOverride", "description": "URI override. When specified, overrides the execution URI for all the tasks in the queue." } }, "type": "object" }, "google-native:cloudtasks/v2beta3:HttpTargetHttpMethod": { "description": "The HTTP method to use for the request. When specified, it overrides HttpRequest for the task. Note that if the value is set to HttpMethod the HttpRequest of the task will be ignored at execution time.", "type": "string", "enum": [ { "name": "HttpMethodUnspecified", "description": "HTTP method unspecified", "value": "HTTP_METHOD_UNSPECIFIED" }, { "name": "Post", "description": "HTTP POST", "value": "POST" }, { "name": "Get", "description": "HTTP GET", "value": "GET" }, { "name": "Head", "description": "HTTP HEAD", "value": "HEAD" }, { "name": "Put", "description": "HTTP PUT", "value": "PUT" }, { "name": "Delete", "description": "HTTP DELETE", "value": "DELETE" }, { "name": "Patch", "description": "HTTP PATCH", "value": "PATCH" }, { "name": "Options", "description": "HTTP OPTIONS", "value": "OPTIONS" } ] }, "google-native:cloudtasks/v2beta3:HttpTargetResponse": { "description": "HTTP target. When specified as a Queue, all the tasks with [HttpRequest] will be overridden according to the target.", "properties": { "headerOverrides": { "type": "array", "items": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta3:HeaderOverrideResponse" }, "description": "HTTP target headers. This map contains the header field names and values. Headers will be set when running the CreateTask and/or BufferTask. These headers represent a subset of the headers that will be configured for the task's HTTP request. Some HTTP request headers will be ignored or replaced. A partial list of headers that will be ignored or replaced is: * Several predefined headers, prefixed with \"X-CloudTasks-\", can be used to define properties of the task. * Host: This will be computed by Cloud Tasks and derived from HttpRequest.url. * Content-Length: This will be computed by Cloud Tasks. `Content-Type` won't be set by Cloud Tasks. You can explicitly set `Content-Type` to a media type when the task is created. For example,`Content-Type` can be set to `\"application/octet-stream\"` or `\"application/json\"`. The default value is set to `\"application/json\"`. * User-Agent: This will be set to `\"Google-Cloud-Tasks\"`. Headers which can have multiple values (according to RFC2616) can be specified using comma-separated values. The size of the headers must be less than 80KB. Queue-level headers to override headers of all the tasks in the queue." }, "httpMethod": { "type": "string", "description": "The HTTP method to use for the request. When specified, it overrides HttpRequest for the task. Note that if the value is set to HttpMethod the HttpRequest of the task will be ignored at execution time." }, "oauthToken": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta3:OAuthTokenResponse", "description": "If specified, an [OAuth token](https://developers.google.com/identity/protocols/OAuth2) will be generated and attached as the `Authorization` header in the HTTP request. This type of authorization should generally only be used when calling Google APIs hosted on *.googleapis.com." }, "oidcToken": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta3:OidcTokenResponse", "description": "If specified, an [OIDC](https://developers.google.com/identity/protocols/OpenIDConnect) token will be generated and attached as an `Authorization` header in the HTTP request. This type of authorization can be used for many scenarios, including calling Cloud Run, or endpoints where you intend to validate the token yourself." }, "uriOverride": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta3:UriOverrideResponse", "description": "URI override. When specified, overrides the execution URI for all the tasks in the queue." } }, "type": "object", "required": [ "headerOverrides", "httpMethod", "oauthToken", "oidcToken", "uriOverride" ] }, "google-native:cloudtasks/v2beta3:OAuthToken": { "description": "Contains information needed for generating an [OAuth token](https://developers.google.com/identity/protocols/OAuth2). This type of authorization should generally only be used when calling Google APIs hosted on *.googleapis.com.", "properties": { "scope": { "type": "string", "description": "OAuth scope to be used for generating OAuth access token. If not specified, \"https://www.googleapis.com/auth/cloud-platform\" will be used." }, "serviceAccountEmail": { "type": "string", "description": "[Service account email](https://cloud.google.com/iam/docs/service-accounts) to be used for generating OAuth token. The service account must be within the same project as the queue. The caller must have iam.serviceAccounts.actAs permission for the service account." } }, "type": "object" }, "google-native:cloudtasks/v2beta3:OAuthTokenResponse": { "description": "Contains information needed for generating an [OAuth token](https://developers.google.com/identity/protocols/OAuth2). This type of authorization should generally only be used when calling Google APIs hosted on *.googleapis.com.", "properties": { "scope": { "type": "string", "description": "OAuth scope to be used for generating OAuth access token. If not specified, \"https://www.googleapis.com/auth/cloud-platform\" will be used." }, "serviceAccountEmail": { "type": "string", "description": "[Service account email](https://cloud.google.com/iam/docs/service-accounts) to be used for generating OAuth token. The service account must be within the same project as the queue. The caller must have iam.serviceAccounts.actAs permission for the service account." } }, "type": "object", "required": [ "scope", "serviceAccountEmail" ] }, "google-native:cloudtasks/v2beta3:OidcToken": { "description": "Contains information needed for generating an [OpenID Connect token](https://developers.google.com/identity/protocols/OpenIDConnect). This type of authorization can be used for many scenarios, including calling Cloud Run, or endpoints where you intend to validate the token yourself.", "properties": { "audience": { "type": "string", "description": "Audience to be used when generating OIDC token. If not specified, the URI specified in target will be used." }, "serviceAccountEmail": { "type": "string", "description": "[Service account email](https://cloud.google.com/iam/docs/service-accounts) to be used for generating OIDC token. The service account must be within the same project as the queue. The caller must have iam.serviceAccounts.actAs permission for the service account." } }, "type": "object" }, "google-native:cloudtasks/v2beta3:OidcTokenResponse": { "description": "Contains information needed for generating an [OpenID Connect token](https://developers.google.com/identity/protocols/OpenIDConnect). This type of authorization can be used for many scenarios, including calling Cloud Run, or endpoints where you intend to validate the token yourself.", "properties": { "audience": { "type": "string", "description": "Audience to be used when generating OIDC token. If not specified, the URI specified in target will be used." }, "serviceAccountEmail": { "type": "string", "description": "[Service account email](https://cloud.google.com/iam/docs/service-accounts) to be used for generating OIDC token. The service account must be within the same project as the queue. The caller must have iam.serviceAccounts.actAs permission for the service account." } }, "type": "object", "required": [ "audience", "serviceAccountEmail" ] }, "google-native:cloudtasks/v2beta3:PathOverride": { "description": "PathOverride. Path message defines path override for HTTP targets.", "properties": { "path": { "type": "string", "description": "The URI path (e.g., /users/1234). Default is an empty string." } }, "type": "object" }, "google-native:cloudtasks/v2beta3:PathOverrideResponse": { "description": "PathOverride. Path message defines path override for HTTP targets.", "properties": { "path": { "type": "string", "description": "The URI path (e.g., /users/1234). Default is an empty string." } }, "type": "object", "required": [ "path" ] }, "google-native:cloudtasks/v2beta3:PullMessage": { "description": "Pull Message. This proto can only be used for tasks in a queue which has PULL type. It currently exists for backwards compatibility with the App Engine Task Queue SDK. This message type maybe returned with methods list and get, when the response view is FULL.", "properties": { "payload": { "type": "string", "description": "A data payload consumed by the worker to execute the task." }, "tag": { "type": "string", "description": "The tasks's tag. The tag is less than 500 characters. SDK compatibility: Although the SDK allows tags to be either string or [bytes](https://cloud.google.com/appengine/docs/standard/java/javadoc/com/google/appengine/api/taskqueue/TaskOptions.html#tag-byte:A-), only UTF-8 encoded tags can be used in Cloud Tasks. If a tag isn't UTF-8 encoded, the tag will be empty when the task is returned by Cloud Tasks." } }, "type": "object" }, "google-native:cloudtasks/v2beta3:PullMessageResponse": { "description": "Pull Message. This proto can only be used for tasks in a queue which has PULL type. It currently exists for backwards compatibility with the App Engine Task Queue SDK. This message type maybe returned with methods list and get, when the response view is FULL.", "properties": { "payload": { "type": "string", "description": "A data payload consumed by the worker to execute the task." }, "tag": { "type": "string", "description": "The tasks's tag. The tag is less than 500 characters. SDK compatibility: Although the SDK allows tags to be either string or [bytes](https://cloud.google.com/appengine/docs/standard/java/javadoc/com/google/appengine/api/taskqueue/TaskOptions.html#tag-byte:A-), only UTF-8 encoded tags can be used in Cloud Tasks. If a tag isn't UTF-8 encoded, the tag will be empty when the task is returned by Cloud Tasks." } }, "type": "object", "required": [ "payload", "tag" ] }, "google-native:cloudtasks/v2beta3:QueryOverride": { "description": "QueryOverride. Query message defines query override for HTTP targets.", "properties": { "queryParams": { "type": "string", "description": "The query parameters (e.g., qparam1=123&qparam2=456). Default is an empty string." } }, "type": "object" }, "google-native:cloudtasks/v2beta3:QueryOverrideResponse": { "description": "QueryOverride. Query message defines query override for HTTP targets.", "properties": { "queryParams": { "type": "string", "description": "The query parameters (e.g., qparam1=123&qparam2=456). Default is an empty string." } }, "type": "object", "required": [ "queryParams" ] }, "google-native:cloudtasks/v2beta3:QueueStatsResponse": { "description": "Statistics for a queue.", "properties": { "concurrentDispatchesCount": { "type": "string", "description": "The number of requests that the queue has dispatched but has not received a reply for yet." }, "effectiveExecutionRate": { "type": "number", "description": "The current maximum number of tasks per second executed by the queue. The maximum value of this variable is controlled by the RateLimits of the Queue. However, this value could be less to avoid overloading the endpoints tasks in the queue are targeting." }, "executedLastMinuteCount": { "type": "string", "description": "The number of tasks that the queue has dispatched and received a reply for during the last minute. This variable counts both successful and non-successful executions." }, "oldestEstimatedArrivalTime": { "type": "string", "description": "An estimation of the nearest time in the future where a task in the queue is scheduled to be executed." }, "tasksCount": { "type": "string", "description": "An estimation of the number of tasks in the queue, that is, the tasks in the queue that haven't been executed, the tasks in the queue which the queue has dispatched but has not yet received a reply for, and the failed tasks that the queue is retrying." } }, "type": "object", "required": [ "concurrentDispatchesCount", "effectiveExecutionRate", "executedLastMinuteCount", "oldestEstimatedArrivalTime", "tasksCount" ] }, "google-native:cloudtasks/v2beta3:QueueType": { "description": "Immutable. The type of a queue (push or pull). `Queue.type` is an immutable property of the queue that is set at the queue creation time. When left unspecified, the default value of `PUSH` is selected.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Default value.", "value": "TYPE_UNSPECIFIED" }, { "name": "Pull", "description": "A pull queue.", "value": "PULL" }, { "name": "Push", "description": "A push queue.", "value": "PUSH" } ] }, "google-native:cloudtasks/v2beta3:RateLimits": { "description": "Rate limits. This message determines the maximum rate that tasks can be dispatched by a queue, regardless of whether the dispatch is a first task attempt or a retry. Note: The debugging command, RunTask, will run a task even if the queue has reached its RateLimits.", "properties": { "maxBurstSize": { "type": "integer", "description": "The max burst size. Max burst size limits how fast tasks in queue are processed when many tasks are in the queue and the rate is high. This field allows the queue to have a high rate so processing starts shortly after a task is enqueued, but still limits resource usage when many tasks are enqueued in a short period of time. The [token bucket](https://wikipedia.org/wiki/Token_Bucket) algorithm is used to control the rate of task dispatches. Each queue has a token bucket that holds tokens, up to the maximum specified by `max_burst_size`. Each time a task is dispatched, a token is removed from the bucket. Tasks will be dispatched until the queue's bucket runs out of tokens. The bucket will be continuously refilled with new tokens based on max_dispatches_per_second. The default value of `max_burst_size` is picked by Cloud Tasks based on the value of max_dispatches_per_second. The maximum value of `max_burst_size` is 500. For App Engine queues that were created or updated using `queue.yaml/xml`, `max_burst_size` is equal to [bucket_size](https://cloud.google.com/appengine/docs/standard/python/config/queueref#bucket_size). If UpdateQueue is called on a queue without explicitly setting a value for `max_burst_size`, `max_burst_size` value will get updated if UpdateQueue is updating max_dispatches_per_second. " }, "maxConcurrentDispatches": { "type": "integer", "description": "The maximum number of concurrent tasks that Cloud Tasks allows to be dispatched for this queue. After this threshold has been reached, Cloud Tasks stops dispatching tasks until the number of concurrent requests decreases. If unspecified when the queue is created, Cloud Tasks will pick the default. The maximum allowed value is 5,000. This field has the same meaning as [max_concurrent_requests in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#max_concurrent_requests)." }, "maxDispatchesPerSecond": { "type": "number", "description": "The maximum rate at which tasks are dispatched from this queue. If unspecified when the queue is created, Cloud Tasks will pick the default. * For App Engine queues, the maximum allowed value is 500. This field has the same meaning as [rate in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#rate)." } }, "type": "object" }, "google-native:cloudtasks/v2beta3:RateLimitsResponse": { "description": "Rate limits. This message determines the maximum rate that tasks can be dispatched by a queue, regardless of whether the dispatch is a first task attempt or a retry. Note: The debugging command, RunTask, will run a task even if the queue has reached its RateLimits.", "properties": { "maxBurstSize": { "type": "integer", "description": "The max burst size. Max burst size limits how fast tasks in queue are processed when many tasks are in the queue and the rate is high. This field allows the queue to have a high rate so processing starts shortly after a task is enqueued, but still limits resource usage when many tasks are enqueued in a short period of time. The [token bucket](https://wikipedia.org/wiki/Token_Bucket) algorithm is used to control the rate of task dispatches. Each queue has a token bucket that holds tokens, up to the maximum specified by `max_burst_size`. Each time a task is dispatched, a token is removed from the bucket. Tasks will be dispatched until the queue's bucket runs out of tokens. The bucket will be continuously refilled with new tokens based on max_dispatches_per_second. The default value of `max_burst_size` is picked by Cloud Tasks based on the value of max_dispatches_per_second. The maximum value of `max_burst_size` is 500. For App Engine queues that were created or updated using `queue.yaml/xml`, `max_burst_size` is equal to [bucket_size](https://cloud.google.com/appengine/docs/standard/python/config/queueref#bucket_size). If UpdateQueue is called on a queue without explicitly setting a value for `max_burst_size`, `max_burst_size` value will get updated if UpdateQueue is updating max_dispatches_per_second. " }, "maxConcurrentDispatches": { "type": "integer", "description": "The maximum number of concurrent tasks that Cloud Tasks allows to be dispatched for this queue. After this threshold has been reached, Cloud Tasks stops dispatching tasks until the number of concurrent requests decreases. If unspecified when the queue is created, Cloud Tasks will pick the default. The maximum allowed value is 5,000. This field has the same meaning as [max_concurrent_requests in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#max_concurrent_requests)." }, "maxDispatchesPerSecond": { "type": "number", "description": "The maximum rate at which tasks are dispatched from this queue. If unspecified when the queue is created, Cloud Tasks will pick the default. * For App Engine queues, the maximum allowed value is 500. This field has the same meaning as [rate in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#rate)." } }, "type": "object", "required": [ "maxBurstSize", "maxConcurrentDispatches", "maxDispatchesPerSecond" ] }, "google-native:cloudtasks/v2beta3:RetryConfig": { "description": "Retry config. These settings determine when a failed task attempt is retried.", "properties": { "maxAttempts": { "type": "integer", "description": "Number of attempts per task. Cloud Tasks will attempt the task `max_attempts` times (that is, if the first attempt fails, then there will be `max_attempts - 1` retries). Must be >= -1. If unspecified when the queue is created, Cloud Tasks will pick the default. -1 indicates unlimited attempts. This field has the same meaning as [task_retry_limit in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters)." }, "maxBackoff": { "type": "string", "description": "A task will be scheduled for retry between min_backoff and max_backoff duration after it fails, if the queue's RetryConfig specifies that the task should be retried. If unspecified when the queue is created, Cloud Tasks will pick the default. The value must be given as a string that indicates the length of time (in seconds) followed by `s` (for \"seconds\"). For more information on the format, see the documentation for [Duration](https://protobuf.dev/reference/protobuf/google.protobuf/#duration). `max_backoff` will be truncated to the nearest second. This field has the same meaning as [max_backoff_seconds in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters)." }, "maxDoublings": { "type": "integer", "description": "The time between retries will double `max_doublings` times. A task's retry interval starts at min_backoff, then doubles `max_doublings` times, then increases linearly, and finally retries at intervals of max_backoff up to max_attempts times. For example, if min_backoff is 10s, max_backoff is 300s, and `max_doublings` is 3, then the a task will first be retried in 10s. The retry interval will double three times, and then increase linearly by 2^3 * 10s. Finally, the task will retry at intervals of max_backoff until the task has been attempted max_attempts times. Thus, the requests will retry at 10s, 20s, 40s, 80s, 160s, 240s, 300s, 300s, .... If unspecified when the queue is created, Cloud Tasks will pick the default. This field has the same meaning as [max_doublings in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters)." }, "maxRetryDuration": { "type": "string", "description": "If positive, `max_retry_duration` specifies the time limit for retrying a failed task, measured from when the task was first attempted. Once `max_retry_duration` time has passed *and* the task has been attempted max_attempts times, no further attempts will be made and the task will be deleted. If zero, then the task age is unlimited. If unspecified when the queue is created, Cloud Tasks will pick the default. The value must be given as a string that indicates the length of time (in seconds) followed by `s` (for \"seconds\"). For the maximum possible value or the format, see the documentation for [Duration](https://protobuf.dev/reference/protobuf/google.protobuf/#duration). `max_retry_duration` will be truncated to the nearest second. This field has the same meaning as [task_age_limit in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters)." }, "minBackoff": { "type": "string", "description": "A task will be scheduled for retry between min_backoff and max_backoff duration after it fails, if the queue's RetryConfig specifies that the task should be retried. If unspecified when the queue is created, Cloud Tasks will pick the default. The value must be given as a string that indicates the length of time (in seconds) followed by `s` (for \"seconds\"). For more information on the format, see the documentation for [Duration](https://protobuf.dev/reference/protobuf/google.protobuf/#duration). `min_backoff` will be truncated to the nearest second. This field has the same meaning as [min_backoff_seconds in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters)." } }, "type": "object" }, "google-native:cloudtasks/v2beta3:RetryConfigResponse": { "description": "Retry config. These settings determine when a failed task attempt is retried.", "properties": { "maxAttempts": { "type": "integer", "description": "Number of attempts per task. Cloud Tasks will attempt the task `max_attempts` times (that is, if the first attempt fails, then there will be `max_attempts - 1` retries). Must be >= -1. If unspecified when the queue is created, Cloud Tasks will pick the default. -1 indicates unlimited attempts. This field has the same meaning as [task_retry_limit in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters)." }, "maxBackoff": { "type": "string", "description": "A task will be scheduled for retry between min_backoff and max_backoff duration after it fails, if the queue's RetryConfig specifies that the task should be retried. If unspecified when the queue is created, Cloud Tasks will pick the default. The value must be given as a string that indicates the length of time (in seconds) followed by `s` (for \"seconds\"). For more information on the format, see the documentation for [Duration](https://protobuf.dev/reference/protobuf/google.protobuf/#duration). `max_backoff` will be truncated to the nearest second. This field has the same meaning as [max_backoff_seconds in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters)." }, "maxDoublings": { "type": "integer", "description": "The time between retries will double `max_doublings` times. A task's retry interval starts at min_backoff, then doubles `max_doublings` times, then increases linearly, and finally retries at intervals of max_backoff up to max_attempts times. For example, if min_backoff is 10s, max_backoff is 300s, and `max_doublings` is 3, then the a task will first be retried in 10s. The retry interval will double three times, and then increase linearly by 2^3 * 10s. Finally, the task will retry at intervals of max_backoff until the task has been attempted max_attempts times. Thus, the requests will retry at 10s, 20s, 40s, 80s, 160s, 240s, 300s, 300s, .... If unspecified when the queue is created, Cloud Tasks will pick the default. This field has the same meaning as [max_doublings in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters)." }, "maxRetryDuration": { "type": "string", "description": "If positive, `max_retry_duration` specifies the time limit for retrying a failed task, measured from when the task was first attempted. Once `max_retry_duration` time has passed *and* the task has been attempted max_attempts times, no further attempts will be made and the task will be deleted. If zero, then the task age is unlimited. If unspecified when the queue is created, Cloud Tasks will pick the default. The value must be given as a string that indicates the length of time (in seconds) followed by `s` (for \"seconds\"). For the maximum possible value or the format, see the documentation for [Duration](https://protobuf.dev/reference/protobuf/google.protobuf/#duration). `max_retry_duration` will be truncated to the nearest second. This field has the same meaning as [task_age_limit in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters)." }, "minBackoff": { "type": "string", "description": "A task will be scheduled for retry between min_backoff and max_backoff duration after it fails, if the queue's RetryConfig specifies that the task should be retried. If unspecified when the queue is created, Cloud Tasks will pick the default. The value must be given as a string that indicates the length of time (in seconds) followed by `s` (for \"seconds\"). For more information on the format, see the documentation for [Duration](https://protobuf.dev/reference/protobuf/google.protobuf/#duration). `min_backoff` will be truncated to the nearest second. This field has the same meaning as [min_backoff_seconds in queue.yaml/xml](https://cloud.google.com/appengine/docs/standard/python/config/queueref#retry_parameters)." } }, "type": "object", "required": [ "maxAttempts", "maxBackoff", "maxDoublings", "maxRetryDuration", "minBackoff" ] }, "google-native:cloudtasks/v2beta3:StackdriverLoggingConfig": { "description": "Configuration options for writing logs to [Stackdriver Logging](https://cloud.google.com/logging/docs/).", "properties": { "samplingRatio": { "type": "number", "description": "Specifies the fraction of operations to write to [Stackdriver Logging](https://cloud.google.com/logging/docs/). This field may contain any value between 0.0 and 1.0, inclusive. 0.0 is the default and means that no operations are logged." } }, "type": "object" }, "google-native:cloudtasks/v2beta3:StackdriverLoggingConfigResponse": { "description": "Configuration options for writing logs to [Stackdriver Logging](https://cloud.google.com/logging/docs/).", "properties": { "samplingRatio": { "type": "number", "description": "Specifies the fraction of operations to write to [Stackdriver Logging](https://cloud.google.com/logging/docs/). This field may contain any value between 0.0 and 1.0, inclusive. 0.0 is the default and means that no operations are logged." } }, "type": "object", "required": [ "samplingRatio" ] }, "google-native:cloudtasks/v2beta3:StatusResponse": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object", "required": [ "code", "details", "message" ] }, "google-native:cloudtasks/v2beta3:TaskResponseView": { "description": "The response_view specifies which subset of the Task will be returned. By default response_view is BASIC; not all information is retrieved by default because some data, such as payloads, might be desirable to return only when needed because of its large size or because of the sensitivity of data that it contains. Authorization for FULL requires `cloudtasks.tasks.fullView` [Google IAM](https://cloud.google.com/iam/) permission on the Task resource.", "type": "string", "enum": [ { "name": "ViewUnspecified", "description": "Unspecified. Defaults to BASIC.", "value": "VIEW_UNSPECIFIED" }, { "name": "Basic", "description": "The basic view omits fields which can be large or can contain sensitive data. This view does not include the body in AppEngineHttpRequest. Bodies are desirable to return only when needed, because they can be large and because of the sensitivity of the data that you choose to store in it.", "value": "BASIC" }, { "name": "Full", "description": "All information is returned. Authorization for FULL requires `cloudtasks.tasks.fullView` [Google IAM](https://cloud.google.com/iam/) permission on the Queue resource.", "value": "FULL" } ] }, "google-native:cloudtasks/v2beta3:UriOverride": { "description": "URI Override. When specified, all the HTTP tasks inside the queue will be partially or fully overridden depending on the configured values.", "properties": { "host": { "type": "string", "description": "Host override. When specified, replaces the host part of the task URL. For example, if the task URL is \"https://www.google.com,\" and host value is set to \"example.net\", the overridden URI will be changed to \"https://example.net.\" Host value cannot be an empty string (INVALID_ARGUMENT)." }, "pathOverride": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta3:PathOverride", "description": "URI path. When specified, replaces the existing path of the task URL. Setting the path value to an empty string clears the URI path segment." }, "port": { "type": "string", "description": "Port override. When specified, replaces the port part of the task URI. For instance, for a URI http://www.google.com/foo and port=123, the overridden URI becomes http://www.google.com:123/foo. Note that the port value must be a positive integer. Setting the port to 0 (Zero) clears the URI port." }, "queryOverride": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta3:QueryOverride", "description": "URI Query. When specified, replaces the query part of the task URI. Setting the query value to an empty string clears the URI query segment." }, "scheme": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta3:UriOverrideScheme", "description": "Scheme override. When specified, the task URI scheme is replaced by the provided value (HTTP or HTTPS)." }, "uriOverrideEnforceMode": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta3:UriOverrideUriOverrideEnforceMode", "description": "URI Override Enforce Mode When specified, determines the Target UriOverride mode. If not specified, it defaults to ALWAYS." } }, "type": "object" }, "google-native:cloudtasks/v2beta3:UriOverrideResponse": { "description": "URI Override. When specified, all the HTTP tasks inside the queue will be partially or fully overridden depending on the configured values.", "properties": { "host": { "type": "string", "description": "Host override. When specified, replaces the host part of the task URL. For example, if the task URL is \"https://www.google.com,\" and host value is set to \"example.net\", the overridden URI will be changed to \"https://example.net.\" Host value cannot be an empty string (INVALID_ARGUMENT)." }, "pathOverride": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta3:PathOverrideResponse", "description": "URI path. When specified, replaces the existing path of the task URL. Setting the path value to an empty string clears the URI path segment." }, "port": { "type": "string", "description": "Port override. When specified, replaces the port part of the task URI. For instance, for a URI http://www.google.com/foo and port=123, the overridden URI becomes http://www.google.com:123/foo. Note that the port value must be a positive integer. Setting the port to 0 (Zero) clears the URI port." }, "queryOverride": { "$ref": "#/types/google-native:cloudtasks%2Fv2beta3:QueryOverrideResponse", "description": "URI Query. When specified, replaces the query part of the task URI. Setting the query value to an empty string clears the URI query segment." }, "scheme": { "type": "string", "description": "Scheme override. When specified, the task URI scheme is replaced by the provided value (HTTP or HTTPS)." }, "uriOverrideEnforceMode": { "type": "string", "description": "URI Override Enforce Mode When specified, determines the Target UriOverride mode. If not specified, it defaults to ALWAYS." } }, "type": "object", "required": [ "host", "pathOverride", "port", "queryOverride", "scheme", "uriOverrideEnforceMode" ] }, "google-native:cloudtasks/v2beta3:UriOverrideScheme": { "description": "Scheme override. When specified, the task URI scheme is replaced by the provided value (HTTP or HTTPS).", "type": "string", "enum": [ { "name": "SchemeUnspecified", "description": "Scheme unspecified. Defaults to HTTPS.", "value": "SCHEME_UNSPECIFIED" }, { "name": "Http", "description": "Convert the scheme to HTTP, e.g., https://www.google.ca will change to http://www.google.ca.", "value": "HTTP" }, { "name": "Https", "description": "Convert the scheme to HTTPS, e.g., http://www.google.ca will change to https://www.google.ca.", "value": "HTTPS" } ] }, "google-native:cloudtasks/v2beta3:UriOverrideUriOverrideEnforceMode": { "description": "URI Override Enforce Mode When specified, determines the Target UriOverride mode. If not specified, it defaults to ALWAYS.", "type": "string", "enum": [ { "name": "UriOverrideEnforceModeUnspecified", "description": "OverrideMode Unspecified. Defaults to ALWAYS.", "value": "URI_OVERRIDE_ENFORCE_MODE_UNSPECIFIED" }, { "name": "IfNotExists", "description": "In the IF_NOT_EXISTS mode, queue-level configuration is only applied where task-level configuration does not exist.", "value": "IF_NOT_EXISTS" }, { "name": "Always", "description": "In the ALWAYS mode, queue-level configuration overrides all task-level configuration", "value": "ALWAYS" } ] }, "google-native:cloudtrace/v2beta1:OutputConfig": { "description": "OutputConfig contains a destination for writing trace data.", "properties": { "destination": { "type": "string", "description": "The destination for writing trace data. Supported formats include: \"bigquery.googleapis.com/projects/[PROJECT_ID]/datasets/[DATASET]\"" } }, "type": "object" }, "google-native:cloudtrace/v2beta1:OutputConfigResponse": { "description": "OutputConfig contains a destination for writing trace data.", "properties": { "destination": { "type": "string", "description": "The destination for writing trace data. Supported formats include: \"bigquery.googleapis.com/projects/[PROJECT_ID]/datasets/[DATASET]\"" } }, "type": "object", "required": [ "destination" ] }, "google-native:composer/v1:AllowedIpRange": { "description": "Allowed IP range with user-provided description.", "properties": { "description": { "type": "string", "description": "Optional. User-provided description. It must contain at most 300 characters." }, "value": { "type": "string", "description": "IP address or range, defined using CIDR notation, of requests that this rule applies to. Examples: `192.168.1.1` or `192.168.0.0/16` or `2001:db8::/32` or `2001:0db8:0000:0042:0000:8a2e:0370:7334`. IP range prefixes should be properly truncated. For example, `1.2.3.4/24` should be truncated to `1.2.3.0/24`. Similarly, for IPv6, `2001:db8::1/32` should be truncated to `2001:db8::/32`." } }, "type": "object" }, "google-native:composer/v1:AllowedIpRangeResponse": { "description": "Allowed IP range with user-provided description.", "properties": { "description": { "type": "string", "description": "Optional. User-provided description. It must contain at most 300 characters." }, "value": { "type": "string", "description": "IP address or range, defined using CIDR notation, of requests that this rule applies to. Examples: `192.168.1.1` or `192.168.0.0/16` or `2001:db8::/32` or `2001:0db8:0000:0042:0000:8a2e:0370:7334`. IP range prefixes should be properly truncated. For example, `1.2.3.4/24` should be truncated to `1.2.3.0/24`. Similarly, for IPv6, `2001:db8::1/32` should be truncated to `2001:db8::/32`." } }, "type": "object", "required": [ "description", "value" ] }, "google-native:composer/v1:CidrBlock": { "description": "CIDR block with an optional name.", "properties": { "cidrBlock": { "type": "string", "description": "CIDR block that must be specified in CIDR notation." }, "displayName": { "type": "string", "description": "User-defined name that identifies the CIDR block." } }, "type": "object" }, "google-native:composer/v1:CidrBlockResponse": { "description": "CIDR block with an optional name.", "properties": { "cidrBlock": { "type": "string", "description": "CIDR block that must be specified in CIDR notation." }, "displayName": { "type": "string", "description": "User-defined name that identifies the CIDR block." } }, "type": "object", "required": [ "cidrBlock", "displayName" ] }, "google-native:composer/v1:DatabaseConfig": { "description": "The configuration of Cloud SQL instance that is used by the Apache Airflow software.", "properties": { "machineType": { "type": "string", "description": "Optional. Cloud SQL machine type used by Airflow database. It has to be one of: db-n1-standard-2, db-n1-standard-4, db-n1-standard-8 or db-n1-standard-16. If not specified, db-n1-standard-2 will be used. Supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "zone": { "type": "string", "description": "Optional. The Compute Engine zone where the Airflow database is created. If zone is provided, it must be in the region selected for the environment. If zone is not provided, a zone is automatically selected. The zone can only be set during environment creation. Supported for Cloud Composer environments in versions composer-2.*.*-airflow-*.*.*." } }, "type": "object" }, "google-native:composer/v1:DatabaseConfigResponse": { "description": "The configuration of Cloud SQL instance that is used by the Apache Airflow software.", "properties": { "machineType": { "type": "string", "description": "Optional. Cloud SQL machine type used by Airflow database. It has to be one of: db-n1-standard-2, db-n1-standard-4, db-n1-standard-8 or db-n1-standard-16. If not specified, db-n1-standard-2 will be used. Supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "zone": { "type": "string", "description": "Optional. The Compute Engine zone where the Airflow database is created. If zone is provided, it must be in the region selected for the environment. If zone is not provided, a zone is automatically selected. The zone can only be set during environment creation. Supported for Cloud Composer environments in versions composer-2.*.*-airflow-*.*.*." } }, "type": "object", "required": [ "machineType", "zone" ] }, "google-native:composer/v1:EncryptionConfig": { "description": "The encryption options for the Cloud Composer environment and its dependencies.Supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*.", "properties": { "kmsKeyName": { "type": "string", "description": "Optional. Customer-managed Encryption Key available through Google's Key Management Service. Cannot be updated. If not specified, Google-managed key will be used." } }, "type": "object" }, "google-native:composer/v1:EncryptionConfigResponse": { "description": "The encryption options for the Cloud Composer environment and its dependencies.Supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*.", "properties": { "kmsKeyName": { "type": "string", "description": "Optional. Customer-managed Encryption Key available through Google's Key Management Service. Cannot be updated. If not specified, Google-managed key will be used." } }, "type": "object", "required": [ "kmsKeyName" ] }, "google-native:composer/v1:EnvironmentConfig": { "description": "Configuration information for an environment.", "properties": { "databaseConfig": { "$ref": "#/types/google-native:composer%2Fv1:DatabaseConfig", "description": "Optional. The configuration settings for Cloud SQL instance used internally by Apache Airflow software." }, "encryptionConfig": { "$ref": "#/types/google-native:composer%2Fv1:EncryptionConfig", "description": "Optional. The encryption options for the Cloud Composer environment and its dependencies. Cannot be updated." }, "environmentSize": { "$ref": "#/types/google-native:composer%2Fv1:EnvironmentConfigEnvironmentSize", "description": "Optional. The size of the Cloud Composer environment. This field is supported for Cloud Composer environments in versions composer-2.*.*-airflow-*.*.* and newer." }, "maintenanceWindow": { "$ref": "#/types/google-native:composer%2Fv1:MaintenanceWindow", "description": "Optional. The maintenance window is the period when Cloud Composer components may undergo maintenance. It is defined so that maintenance is not executed during peak hours or critical time periods. The system will not be under maintenance for every occurrence of this window, but when maintenance is planned, it will be scheduled during the window. The maintenance window period must encompass at least 12 hours per week. This may be split into multiple chunks, each with a size of at least 4 hours. If this value is omitted, the default value for maintenance window will be applied. The default value is Saturday and Sunday 00-06 GMT." }, "masterAuthorizedNetworksConfig": { "$ref": "#/types/google-native:composer%2Fv1:MasterAuthorizedNetworksConfig", "description": "Optional. The configuration options for GKE cluster master authorized networks. By default master authorized networks feature is: - in case of private environment: enabled with no external networks allowlisted. - in case of public environment: disabled." }, "nodeConfig": { "$ref": "#/types/google-native:composer%2Fv1:NodeConfig", "description": "The configuration used for the Kubernetes Engine cluster." }, "nodeCount": { "type": "integer", "description": "The number of nodes in the Kubernetes Engine cluster that will be used to run this environment. This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "privateEnvironmentConfig": { "$ref": "#/types/google-native:composer%2Fv1:PrivateEnvironmentConfig", "description": "The configuration used for the Private IP Cloud Composer environment." }, "recoveryConfig": { "$ref": "#/types/google-native:composer%2Fv1:RecoveryConfig", "description": "Optional. The Recovery settings configuration of an environment. This field is supported for Cloud Composer environments in versions composer-2.*.*-airflow-*.*.* and newer." }, "resilienceMode": { "$ref": "#/types/google-native:composer%2Fv1:EnvironmentConfigResilienceMode", "description": "Optional. Resilience mode of the Cloud Composer Environment. This field is supported for Cloud Composer environments in versions composer-2.2.0-airflow-*.*.* and newer." }, "softwareConfig": { "$ref": "#/types/google-native:composer%2Fv1:SoftwareConfig", "description": "The configuration settings for software inside the environment." }, "webServerConfig": { "$ref": "#/types/google-native:composer%2Fv1:WebServerConfig", "description": "Optional. The configuration settings for the Airflow web server App Engine instance." }, "webServerNetworkAccessControl": { "$ref": "#/types/google-native:composer%2Fv1:WebServerNetworkAccessControl", "description": "Optional. The network-level access control policy for the Airflow web server. If unspecified, no network-level access restrictions will be applied." }, "workloadsConfig": { "$ref": "#/types/google-native:composer%2Fv1:WorkloadsConfig", "description": "Optional. The workloads configuration settings for the GKE cluster associated with the Cloud Composer environment. The GKE cluster runs Airflow scheduler, web server and workers workloads. This field is supported for Cloud Composer environments in versions composer-2.*.*-airflow-*.*.* and newer." } }, "type": "object" }, "google-native:composer/v1:EnvironmentConfigEnvironmentSize": { "description": "Optional. The size of the Cloud Composer environment. This field is supported for Cloud Composer environments in versions composer-2.*.*-airflow-*.*.* and newer.", "type": "string", "enum": [ { "name": "EnvironmentSizeUnspecified", "description": "The size of the environment is unspecified.", "value": "ENVIRONMENT_SIZE_UNSPECIFIED" }, { "name": "EnvironmentSizeSmall", "description": "The environment size is small.", "value": "ENVIRONMENT_SIZE_SMALL" }, { "name": "EnvironmentSizeMedium", "description": "The environment size is medium.", "value": "ENVIRONMENT_SIZE_MEDIUM" }, { "name": "EnvironmentSizeLarge", "description": "The environment size is large.", "value": "ENVIRONMENT_SIZE_LARGE" } ] }, "google-native:composer/v1:EnvironmentConfigResilienceMode": { "description": "Optional. Resilience mode of the Cloud Composer Environment. This field is supported for Cloud Composer environments in versions composer-2.2.0-airflow-*.*.* and newer.", "type": "string", "enum": [ { "name": "ResilienceModeUnspecified", "description": "Default mode doesn't change environment parameters.", "value": "RESILIENCE_MODE_UNSPECIFIED" }, { "name": "HighResilience", "description": "Enabled High Resilience mode, including Cloud SQL HA.", "value": "HIGH_RESILIENCE" } ] }, "google-native:composer/v1:EnvironmentConfigResponse": { "description": "Configuration information for an environment.", "properties": { "airflowByoidUri": { "type": "string", "description": "The 'bring your own identity' variant of the URI of the Apache Airflow Web UI hosted within this environment, to be accessed with external identities using workforce identity federation (see [Access environments with workforce identity federation](/composer/docs/composer-2/access-environments-with-workforce-identity-federation))." }, "airflowUri": { "type": "string", "description": "The URI of the Apache Airflow Web UI hosted within this environment (see [Airflow web interface](/composer/docs/how-to/accessing/airflow-web-interface))." }, "dagGcsPrefix": { "type": "string", "description": "The Cloud Storage prefix of the DAGs for this environment. Although Cloud Storage objects reside in a flat namespace, a hierarchical file tree can be simulated using \"/\"-delimited object name prefixes. DAG objects for this environment reside in a simulated directory with the given prefix." }, "databaseConfig": { "$ref": "#/types/google-native:composer%2Fv1:DatabaseConfigResponse", "description": "Optional. The configuration settings for Cloud SQL instance used internally by Apache Airflow software." }, "encryptionConfig": { "$ref": "#/types/google-native:composer%2Fv1:EncryptionConfigResponse", "description": "Optional. The encryption options for the Cloud Composer environment and its dependencies. Cannot be updated." }, "environmentSize": { "type": "string", "description": "Optional. The size of the Cloud Composer environment. This field is supported for Cloud Composer environments in versions composer-2.*.*-airflow-*.*.* and newer." }, "gkeCluster": { "type": "string", "description": "The Kubernetes Engine cluster used to run this environment." }, "maintenanceWindow": { "$ref": "#/types/google-native:composer%2Fv1:MaintenanceWindowResponse", "description": "Optional. The maintenance window is the period when Cloud Composer components may undergo maintenance. It is defined so that maintenance is not executed during peak hours or critical time periods. The system will not be under maintenance for every occurrence of this window, but when maintenance is planned, it will be scheduled during the window. The maintenance window period must encompass at least 12 hours per week. This may be split into multiple chunks, each with a size of at least 4 hours. If this value is omitted, the default value for maintenance window will be applied. The default value is Saturday and Sunday 00-06 GMT." }, "masterAuthorizedNetworksConfig": { "$ref": "#/types/google-native:composer%2Fv1:MasterAuthorizedNetworksConfigResponse", "description": "Optional. The configuration options for GKE cluster master authorized networks. By default master authorized networks feature is: - in case of private environment: enabled with no external networks allowlisted. - in case of public environment: disabled." }, "nodeConfig": { "$ref": "#/types/google-native:composer%2Fv1:NodeConfigResponse", "description": "The configuration used for the Kubernetes Engine cluster." }, "nodeCount": { "type": "integer", "description": "The number of nodes in the Kubernetes Engine cluster that will be used to run this environment. This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "privateEnvironmentConfig": { "$ref": "#/types/google-native:composer%2Fv1:PrivateEnvironmentConfigResponse", "description": "The configuration used for the Private IP Cloud Composer environment." }, "recoveryConfig": { "$ref": "#/types/google-native:composer%2Fv1:RecoveryConfigResponse", "description": "Optional. The Recovery settings configuration of an environment. This field is supported for Cloud Composer environments in versions composer-2.*.*-airflow-*.*.* and newer." }, "resilienceMode": { "type": "string", "description": "Optional. Resilience mode of the Cloud Composer Environment. This field is supported for Cloud Composer environments in versions composer-2.2.0-airflow-*.*.* and newer." }, "softwareConfig": { "$ref": "#/types/google-native:composer%2Fv1:SoftwareConfigResponse", "description": "The configuration settings for software inside the environment." }, "webServerConfig": { "$ref": "#/types/google-native:composer%2Fv1:WebServerConfigResponse", "description": "Optional. The configuration settings for the Airflow web server App Engine instance." }, "webServerNetworkAccessControl": { "$ref": "#/types/google-native:composer%2Fv1:WebServerNetworkAccessControlResponse", "description": "Optional. The network-level access control policy for the Airflow web server. If unspecified, no network-level access restrictions will be applied." }, "workloadsConfig": { "$ref": "#/types/google-native:composer%2Fv1:WorkloadsConfigResponse", "description": "Optional. The workloads configuration settings for the GKE cluster associated with the Cloud Composer environment. The GKE cluster runs Airflow scheduler, web server and workers workloads. This field is supported for Cloud Composer environments in versions composer-2.*.*-airflow-*.*.* and newer." } }, "type": "object", "required": [ "airflowByoidUri", "airflowUri", "dagGcsPrefix", "databaseConfig", "encryptionConfig", "environmentSize", "gkeCluster", "maintenanceWindow", "masterAuthorizedNetworksConfig", "nodeConfig", "nodeCount", "privateEnvironmentConfig", "recoveryConfig", "resilienceMode", "softwareConfig", "webServerConfig", "webServerNetworkAccessControl", "workloadsConfig" ] }, "google-native:composer/v1:EnvironmentState": { "description": "The current state of the environment.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "The state of the environment is unknown.", "value": "STATE_UNSPECIFIED" }, { "name": "Creating", "description": "The environment is in the process of being created.", "value": "CREATING" }, { "name": "Running", "description": "The environment is currently running and healthy. It is ready for use.", "value": "RUNNING" }, { "name": "Updating", "description": "The environment is being updated. It remains usable but cannot receive additional update requests or be deleted at this time.", "value": "UPDATING" }, { "name": "Deleting", "description": "The environment is undergoing deletion. It cannot be used.", "value": "DELETING" }, { "name": "Error", "description": "The environment has encountered an error and cannot be used.", "value": "ERROR" } ] }, "google-native:composer/v1:IPAllocationPolicy": { "description": "Configuration for controlling how IPs are allocated in the GKE cluster running the Apache Airflow software.", "properties": { "clusterIpv4CidrBlock": { "type": "string", "description": "Optional. The IP address range used to allocate IP addresses to pods in the GKE cluster. For Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*, this field is applicable only when `use_ip_aliases` is true. Set to blank to have GKE choose a range with the default size. Set to /netmask (e.g. `/14`) to have GKE choose a range with a specific netmask. Set to a [CIDR](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range to use." }, "clusterSecondaryRangeName": { "type": "string", "description": "Optional. The name of the GKE cluster's secondary range used to allocate IP addresses to pods. For Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*, this field is applicable only when `use_ip_aliases` is true." }, "servicesIpv4CidrBlock": { "type": "string", "description": "Optional. The IP address range of the services IP addresses in this GKE cluster. For Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*, this field is applicable only when `use_ip_aliases` is true. Set to blank to have GKE choose a range with the default size. Set to /netmask (e.g. `/14`) to have GKE choose a range with a specific netmask. Set to a [CIDR](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range to use." }, "servicesSecondaryRangeName": { "type": "string", "description": "Optional. The name of the services' secondary range used to allocate IP addresses to the GKE cluster. For Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*, this field is applicable only when `use_ip_aliases` is true." }, "useIpAliases": { "type": "boolean", "description": "Optional. Whether or not to enable Alias IPs in the GKE cluster. If `true`, a VPC-native cluster is created. This field is only supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*. Environments in newer versions always use VPC-native GKE clusters." } }, "type": "object" }, "google-native:composer/v1:IPAllocationPolicyResponse": { "description": "Configuration for controlling how IPs are allocated in the GKE cluster running the Apache Airflow software.", "properties": { "clusterIpv4CidrBlock": { "type": "string", "description": "Optional. The IP address range used to allocate IP addresses to pods in the GKE cluster. For Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*, this field is applicable only when `use_ip_aliases` is true. Set to blank to have GKE choose a range with the default size. Set to /netmask (e.g. `/14`) to have GKE choose a range with a specific netmask. Set to a [CIDR](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range to use." }, "clusterSecondaryRangeName": { "type": "string", "description": "Optional. The name of the GKE cluster's secondary range used to allocate IP addresses to pods. For Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*, this field is applicable only when `use_ip_aliases` is true." }, "servicesIpv4CidrBlock": { "type": "string", "description": "Optional. The IP address range of the services IP addresses in this GKE cluster. For Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*, this field is applicable only when `use_ip_aliases` is true. Set to blank to have GKE choose a range with the default size. Set to /netmask (e.g. `/14`) to have GKE choose a range with a specific netmask. Set to a [CIDR](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range to use." }, "servicesSecondaryRangeName": { "type": "string", "description": "Optional. The name of the services' secondary range used to allocate IP addresses to the GKE cluster. For Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*, this field is applicable only when `use_ip_aliases` is true." }, "useIpAliases": { "type": "boolean", "description": "Optional. Whether or not to enable Alias IPs in the GKE cluster. If `true`, a VPC-native cluster is created. This field is only supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*. Environments in newer versions always use VPC-native GKE clusters." } }, "type": "object", "required": [ "clusterIpv4CidrBlock", "clusterSecondaryRangeName", "servicesIpv4CidrBlock", "servicesSecondaryRangeName", "useIpAliases" ] }, "google-native:composer/v1:MaintenanceWindow": { "description": "The configuration settings for Cloud Composer maintenance window. The following example: ``` { \"startTime\":\"2019-08-01T01:00:00Z\" \"endTime\":\"2019-08-01T07:00:00Z\" \"recurrence\":\"FREQ=WEEKLY;BYDAY=TU,WE\" } ``` would define a maintenance window between 01 and 07 hours UTC during each Tuesday and Wednesday.", "properties": { "endTime": { "type": "string", "description": "Maintenance window end time. It is used only to calculate the duration of the maintenance window. The value for end-time must be in the future, relative to `start_time`." }, "recurrence": { "type": "string", "description": "Maintenance window recurrence. Format is a subset of [RFC-5545](https://tools.ietf.org/html/rfc5545) `RRULE`. The only allowed values for `FREQ` field are `FREQ=DAILY` and `FREQ=WEEKLY;BYDAY=...` Example values: `FREQ=WEEKLY;BYDAY=TU,WE`, `FREQ=DAILY`." }, "startTime": { "type": "string", "description": "Start time of the first recurrence of the maintenance window." } }, "type": "object", "required": [ "endTime", "recurrence", "startTime" ] }, "google-native:composer/v1:MaintenanceWindowResponse": { "description": "The configuration settings for Cloud Composer maintenance window. The following example: ``` { \"startTime\":\"2019-08-01T01:00:00Z\" \"endTime\":\"2019-08-01T07:00:00Z\" \"recurrence\":\"FREQ=WEEKLY;BYDAY=TU,WE\" } ``` would define a maintenance window between 01 and 07 hours UTC during each Tuesday and Wednesday.", "properties": { "endTime": { "type": "string", "description": "Maintenance window end time. It is used only to calculate the duration of the maintenance window. The value for end-time must be in the future, relative to `start_time`." }, "recurrence": { "type": "string", "description": "Maintenance window recurrence. Format is a subset of [RFC-5545](https://tools.ietf.org/html/rfc5545) `RRULE`. The only allowed values for `FREQ` field are `FREQ=DAILY` and `FREQ=WEEKLY;BYDAY=...` Example values: `FREQ=WEEKLY;BYDAY=TU,WE`, `FREQ=DAILY`." }, "startTime": { "type": "string", "description": "Start time of the first recurrence of the maintenance window." } }, "type": "object", "required": [ "endTime", "recurrence", "startTime" ] }, "google-native:composer/v1:MasterAuthorizedNetworksConfig": { "description": "Configuration options for the master authorized networks feature. Enabled master authorized networks will disallow all external traffic to access Kubernetes master through HTTPS except traffic from the given CIDR blocks, Google Compute Engine Public IPs and Google Prod IPs.", "properties": { "cidrBlocks": { "type": "array", "items": { "$ref": "#/types/google-native:composer%2Fv1:CidrBlock" }, "description": "Up to 50 external networks that could access Kubernetes master through HTTPS." }, "enabled": { "type": "boolean", "description": "Whether or not master authorized networks feature is enabled." } }, "type": "object" }, "google-native:composer/v1:MasterAuthorizedNetworksConfigResponse": { "description": "Configuration options for the master authorized networks feature. Enabled master authorized networks will disallow all external traffic to access Kubernetes master through HTTPS except traffic from the given CIDR blocks, Google Compute Engine Public IPs and Google Prod IPs.", "properties": { "cidrBlocks": { "type": "array", "items": { "$ref": "#/types/google-native:composer%2Fv1:CidrBlockResponse" }, "description": "Up to 50 external networks that could access Kubernetes master through HTTPS." }, "enabled": { "type": "boolean", "description": "Whether or not master authorized networks feature is enabled." } }, "type": "object", "required": [ "cidrBlocks", "enabled" ] }, "google-native:composer/v1:NetworkingConfig": { "description": "Configuration options for networking connections in the Composer 2 environment.", "properties": { "connectionType": { "$ref": "#/types/google-native:composer%2Fv1:NetworkingConfigConnectionType", "description": "Optional. Indicates the user requested specifc connection type between Tenant and Customer projects. You cannot set networking connection type in public IP environment." } }, "type": "object" }, "google-native:composer/v1:NetworkingConfigConnectionType": { "description": "Optional. Indicates the user requested specifc connection type between Tenant and Customer projects. You cannot set networking connection type in public IP environment.", "type": "string", "enum": [ { "name": "ConnectionTypeUnspecified", "description": "No specific connection type was requested, so the environment uses the default value corresponding to the rest of its configuration.", "value": "CONNECTION_TYPE_UNSPECIFIED" }, { "name": "VpcPeering", "description": "Requests the use of VPC peerings for connecting the Customer and Tenant projects.", "value": "VPC_PEERING" }, { "name": "PrivateServiceConnect", "description": "Requests the use of Private Service Connect for connecting the Customer and Tenant projects.", "value": "PRIVATE_SERVICE_CONNECT" } ] }, "google-native:composer/v1:NetworkingConfigResponse": { "description": "Configuration options for networking connections in the Composer 2 environment.", "properties": { "connectionType": { "type": "string", "description": "Optional. Indicates the user requested specifc connection type between Tenant and Customer projects. You cannot set networking connection type in public IP environment." } }, "type": "object", "required": [ "connectionType" ] }, "google-native:composer/v1:NodeConfig": { "description": "The configuration information for the Kubernetes Engine nodes running the Apache Airflow software.", "properties": { "diskSizeGb": { "type": "integer", "description": "Optional. The disk size in GB used for node VMs. Minimum size is 30GB. If unspecified, defaults to 100GB. Cannot be updated. This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "enableIpMasqAgent": { "type": "boolean", "description": "Optional. Deploys 'ip-masq-agent' daemon set in the GKE cluster and defines nonMasqueradeCIDRs equals to pod IP range so IP masquerading is used for all destination addresses, except between pods traffic. See: https://cloud.google.com/kubernetes-engine/docs/how-to/ip-masquerade-agent" }, "ipAllocationPolicy": { "$ref": "#/types/google-native:composer%2Fv1:IPAllocationPolicy", "description": "Optional. The configuration for controlling how IPs are allocated in the GKE cluster." }, "location": { "type": "string", "description": "Optional. The Compute Engine [zone](/compute/docs/regions-zones) in which to deploy the VMs used to run the Apache Airflow software, specified as a [relative resource name](/apis/design/resource_names#relative_resource_name). For example: \"projects/{projectId}/zones/{zoneId}\". This `location` must belong to the enclosing environment's project and location. If both this field and `nodeConfig.machineType` are specified, `nodeConfig.machineType` must belong to this `location`; if both are unspecified, the service will pick a zone in the Compute Engine region corresponding to the Cloud Composer location, and propagate that choice to both fields. If only one field (`location` or `nodeConfig.machineType`) is specified, the location information from the specified field will be propagated to the unspecified field. This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "machineType": { "type": "string", "description": "Optional. The Compute Engine [machine type](/compute/docs/machine-types) used for cluster instances, specified as a [relative resource name](/apis/design/resource_names#relative_resource_name). For example: \"projects/{projectId}/zones/{zoneId}/machineTypes/{machineTypeId}\". The `machineType` must belong to the enclosing environment's project and location. If both this field and `nodeConfig.location` are specified, this `machineType` must belong to the `nodeConfig.location`; if both are unspecified, the service will pick a zone in the Compute Engine region corresponding to the Cloud Composer location, and propagate that choice to both fields. If exactly one of this field and `nodeConfig.location` is specified, the location information from the specified field will be propagated to the unspecified field. The `machineTypeId` must not be a [shared-core machine type](/compute/docs/machine-types#sharedcore). If this field is unspecified, the `machineTypeId` defaults to \"n1-standard-1\". This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "network": { "type": "string", "description": "Optional. The Compute Engine network to be used for machine communications, specified as a [relative resource name](/apis/design/resource_names#relative_resource_name). For example: \"projects/{projectId}/global/networks/{networkId}\". If unspecified, the \"default\" network ID in the environment's project is used. If a [Custom Subnet Network](/vpc/docs/vpc#vpc_networks_and_subnets) is provided, `nodeConfig.subnetwork` must also be provided. For [Shared VPC](/vpc/docs/shared-vpc) subnetwork requirements, see `nodeConfig.subnetwork`." }, "oauthScopes": { "type": "array", "items": { "type": "string" }, "description": "Optional. The set of Google API scopes to be made available on all node VMs. If `oauth_scopes` is empty, defaults to [\"https://www.googleapis.com/auth/cloud-platform\"]. Cannot be updated. This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "serviceAccount": { "type": "string", "description": "Optional. The Google Cloud Platform Service Account to be used by the node VMs. If a service account is not specified, the \"default\" Compute Engine service account is used. Cannot be updated." }, "subnetwork": { "type": "string", "description": "Optional. The Compute Engine subnetwork to be used for machine communications, specified as a [relative resource name](/apis/design/resource_names#relative_resource_name). For example: \"projects/{projectId}/regions/{regionId}/subnetworks/{subnetworkId}\" If a subnetwork is provided, `nodeConfig.network` must also be provided, and the subnetwork must belong to the enclosing environment's project and location." }, "tags": { "type": "array", "items": { "type": "string" }, "description": "Optional. The list of instance tags applied to all node VMs. Tags are used to identify valid sources or targets for network firewalls. Each tag within the list must comply with [RFC1035](https://www.ietf.org/rfc/rfc1035.txt). Cannot be updated." } }, "type": "object" }, "google-native:composer/v1:NodeConfigResponse": { "description": "The configuration information for the Kubernetes Engine nodes running the Apache Airflow software.", "properties": { "diskSizeGb": { "type": "integer", "description": "Optional. The disk size in GB used for node VMs. Minimum size is 30GB. If unspecified, defaults to 100GB. Cannot be updated. This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "enableIpMasqAgent": { "type": "boolean", "description": "Optional. Deploys 'ip-masq-agent' daemon set in the GKE cluster and defines nonMasqueradeCIDRs equals to pod IP range so IP masquerading is used for all destination addresses, except between pods traffic. See: https://cloud.google.com/kubernetes-engine/docs/how-to/ip-masquerade-agent" }, "ipAllocationPolicy": { "$ref": "#/types/google-native:composer%2Fv1:IPAllocationPolicyResponse", "description": "Optional. The configuration for controlling how IPs are allocated in the GKE cluster." }, "location": { "type": "string", "description": "Optional. The Compute Engine [zone](/compute/docs/regions-zones) in which to deploy the VMs used to run the Apache Airflow software, specified as a [relative resource name](/apis/design/resource_names#relative_resource_name). For example: \"projects/{projectId}/zones/{zoneId}\". This `location` must belong to the enclosing environment's project and location. If both this field and `nodeConfig.machineType` are specified, `nodeConfig.machineType` must belong to this `location`; if both are unspecified, the service will pick a zone in the Compute Engine region corresponding to the Cloud Composer location, and propagate that choice to both fields. If only one field (`location` or `nodeConfig.machineType`) is specified, the location information from the specified field will be propagated to the unspecified field. This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "machineType": { "type": "string", "description": "Optional. The Compute Engine [machine type](/compute/docs/machine-types) used for cluster instances, specified as a [relative resource name](/apis/design/resource_names#relative_resource_name). For example: \"projects/{projectId}/zones/{zoneId}/machineTypes/{machineTypeId}\". The `machineType` must belong to the enclosing environment's project and location. If both this field and `nodeConfig.location` are specified, this `machineType` must belong to the `nodeConfig.location`; if both are unspecified, the service will pick a zone in the Compute Engine region corresponding to the Cloud Composer location, and propagate that choice to both fields. If exactly one of this field and `nodeConfig.location` is specified, the location information from the specified field will be propagated to the unspecified field. The `machineTypeId` must not be a [shared-core machine type](/compute/docs/machine-types#sharedcore). If this field is unspecified, the `machineTypeId` defaults to \"n1-standard-1\". This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "network": { "type": "string", "description": "Optional. The Compute Engine network to be used for machine communications, specified as a [relative resource name](/apis/design/resource_names#relative_resource_name). For example: \"projects/{projectId}/global/networks/{networkId}\". If unspecified, the \"default\" network ID in the environment's project is used. If a [Custom Subnet Network](/vpc/docs/vpc#vpc_networks_and_subnets) is provided, `nodeConfig.subnetwork` must also be provided. For [Shared VPC](/vpc/docs/shared-vpc) subnetwork requirements, see `nodeConfig.subnetwork`." }, "oauthScopes": { "type": "array", "items": { "type": "string" }, "description": "Optional. The set of Google API scopes to be made available on all node VMs. If `oauth_scopes` is empty, defaults to [\"https://www.googleapis.com/auth/cloud-platform\"]. Cannot be updated. This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "serviceAccount": { "type": "string", "description": "Optional. The Google Cloud Platform Service Account to be used by the node VMs. If a service account is not specified, the \"default\" Compute Engine service account is used. Cannot be updated." }, "subnetwork": { "type": "string", "description": "Optional. The Compute Engine subnetwork to be used for machine communications, specified as a [relative resource name](/apis/design/resource_names#relative_resource_name). For example: \"projects/{projectId}/regions/{regionId}/subnetworks/{subnetworkId}\" If a subnetwork is provided, `nodeConfig.network` must also be provided, and the subnetwork must belong to the enclosing environment's project and location." }, "tags": { "type": "array", "items": { "type": "string" }, "description": "Optional. The list of instance tags applied to all node VMs. Tags are used to identify valid sources or targets for network firewalls. Each tag within the list must comply with [RFC1035](https://www.ietf.org/rfc/rfc1035.txt). Cannot be updated." } }, "type": "object", "required": [ "diskSizeGb", "enableIpMasqAgent", "ipAllocationPolicy", "location", "machineType", "network", "oauthScopes", "serviceAccount", "subnetwork", "tags" ] }, "google-native:composer/v1:PrivateClusterConfig": { "description": "Configuration options for the private GKE cluster in a Cloud Composer environment.", "properties": { "enablePrivateEndpoint": { "type": "boolean", "description": "Optional. If `true`, access to the public endpoint of the GKE cluster is denied." }, "masterIpv4CidrBlock": { "type": "string", "description": "Optional. The CIDR block from which IPv4 range for GKE master will be reserved. If left blank, the default value of '172.16.0.0/23' is used." } }, "type": "object" }, "google-native:composer/v1:PrivateClusterConfigResponse": { "description": "Configuration options for the private GKE cluster in a Cloud Composer environment.", "properties": { "enablePrivateEndpoint": { "type": "boolean", "description": "Optional. If `true`, access to the public endpoint of the GKE cluster is denied." }, "masterIpv4CidrBlock": { "type": "string", "description": "Optional. The CIDR block from which IPv4 range for GKE master will be reserved. If left blank, the default value of '172.16.0.0/23' is used." }, "masterIpv4ReservedRange": { "type": "string", "description": "The IP range in CIDR notation to use for the hosted master network. This range is used for assigning internal IP addresses to the GKE cluster master or set of masters and to the internal load balancer virtual IP. This range must not overlap with any other ranges in use within the cluster's network." } }, "type": "object", "required": [ "enablePrivateEndpoint", "masterIpv4CidrBlock", "masterIpv4ReservedRange" ] }, "google-native:composer/v1:PrivateEnvironmentConfig": { "description": "The configuration information for configuring a Private IP Cloud Composer environment.", "properties": { "cloudComposerConnectionSubnetwork": { "type": "string", "description": "Optional. When specified, the environment will use Private Service Connect instead of VPC peerings to connect to Cloud SQL in the Tenant Project, and the PSC endpoint in the Customer Project will use an IP address from this subnetwork." }, "cloudComposerNetworkIpv4CidrBlock": { "type": "string", "description": "Optional. The CIDR block from which IP range for Cloud Composer Network in tenant project will be reserved. Needs to be disjoint from private_cluster_config.master_ipv4_cidr_block and cloud_sql_ipv4_cidr_block. This field is supported for Cloud Composer environments in versions composer-2.*.*-airflow-*.*.* and newer." }, "cloudSqlIpv4CidrBlock": { "type": "string", "description": "Optional. The CIDR block from which IP range in tenant project will be reserved for Cloud SQL. Needs to be disjoint from `web_server_ipv4_cidr_block`." }, "enablePrivateEnvironment": { "type": "boolean", "description": "Optional. If `true`, a Private IP Cloud Composer environment is created. If this field is set to true, `IPAllocationPolicy.use_ip_aliases` must be set to true for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "enablePrivatelyUsedPublicIps": { "type": "boolean", "description": "Optional. When enabled, IPs from public (non-RFC1918) ranges can be used for `IPAllocationPolicy.cluster_ipv4_cidr_block` and `IPAllocationPolicy.service_ipv4_cidr_block`." }, "networkingConfig": { "$ref": "#/types/google-native:composer%2Fv1:NetworkingConfig", "description": "Optional. Configuration for the network connections configuration in the environment." }, "privateClusterConfig": { "$ref": "#/types/google-native:composer%2Fv1:PrivateClusterConfig", "description": "Optional. Configuration for the private GKE cluster for a Private IP Cloud Composer environment." }, "webServerIpv4CidrBlock": { "type": "string", "description": "Optional. The CIDR block from which IP range for web server will be reserved. Needs to be disjoint from `private_cluster_config.master_ipv4_cidr_block` and `cloud_sql_ipv4_cidr_block`. This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." } }, "type": "object" }, "google-native:composer/v1:PrivateEnvironmentConfigResponse": { "description": "The configuration information for configuring a Private IP Cloud Composer environment.", "properties": { "cloudComposerConnectionSubnetwork": { "type": "string", "description": "Optional. When specified, the environment will use Private Service Connect instead of VPC peerings to connect to Cloud SQL in the Tenant Project, and the PSC endpoint in the Customer Project will use an IP address from this subnetwork." }, "cloudComposerNetworkIpv4CidrBlock": { "type": "string", "description": "Optional. The CIDR block from which IP range for Cloud Composer Network in tenant project will be reserved. Needs to be disjoint from private_cluster_config.master_ipv4_cidr_block and cloud_sql_ipv4_cidr_block. This field is supported for Cloud Composer environments in versions composer-2.*.*-airflow-*.*.* and newer." }, "cloudComposerNetworkIpv4ReservedRange": { "type": "string", "description": "The IP range reserved for the tenant project's Cloud Composer network. This field is supported for Cloud Composer environments in versions composer-2.*.*-airflow-*.*.* and newer." }, "cloudSqlIpv4CidrBlock": { "type": "string", "description": "Optional. The CIDR block from which IP range in tenant project will be reserved for Cloud SQL. Needs to be disjoint from `web_server_ipv4_cidr_block`." }, "enablePrivateEnvironment": { "type": "boolean", "description": "Optional. If `true`, a Private IP Cloud Composer environment is created. If this field is set to true, `IPAllocationPolicy.use_ip_aliases` must be set to true for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "enablePrivatelyUsedPublicIps": { "type": "boolean", "description": "Optional. When enabled, IPs from public (non-RFC1918) ranges can be used for `IPAllocationPolicy.cluster_ipv4_cidr_block` and `IPAllocationPolicy.service_ipv4_cidr_block`." }, "networkingConfig": { "$ref": "#/types/google-native:composer%2Fv1:NetworkingConfigResponse", "description": "Optional. Configuration for the network connections configuration in the environment." }, "privateClusterConfig": { "$ref": "#/types/google-native:composer%2Fv1:PrivateClusterConfigResponse", "description": "Optional. Configuration for the private GKE cluster for a Private IP Cloud Composer environment." }, "webServerIpv4CidrBlock": { "type": "string", "description": "Optional. The CIDR block from which IP range for web server will be reserved. Needs to be disjoint from `private_cluster_config.master_ipv4_cidr_block` and `cloud_sql_ipv4_cidr_block`. This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "webServerIpv4ReservedRange": { "type": "string", "description": "The IP range reserved for the tenant project's App Engine VMs. This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." } }, "type": "object", "required": [ "cloudComposerConnectionSubnetwork", "cloudComposerNetworkIpv4CidrBlock", "cloudComposerNetworkIpv4ReservedRange", "cloudSqlIpv4CidrBlock", "enablePrivateEnvironment", "enablePrivatelyUsedPublicIps", "networkingConfig", "privateClusterConfig", "webServerIpv4CidrBlock", "webServerIpv4ReservedRange" ] }, "google-native:composer/v1:RecoveryConfig": { "description": "The Recovery settings of an environment.", "properties": { "scheduledSnapshotsConfig": { "$ref": "#/types/google-native:composer%2Fv1:ScheduledSnapshotsConfig", "description": "Optional. The configuration for scheduled snapshot creation mechanism." } }, "type": "object" }, "google-native:composer/v1:RecoveryConfigResponse": { "description": "The Recovery settings of an environment.", "properties": { "scheduledSnapshotsConfig": { "$ref": "#/types/google-native:composer%2Fv1:ScheduledSnapshotsConfigResponse", "description": "Optional. The configuration for scheduled snapshot creation mechanism." } }, "type": "object", "required": [ "scheduledSnapshotsConfig" ] }, "google-native:composer/v1:ScheduledSnapshotsConfig": { "description": "The configuration for scheduled snapshot creation mechanism.", "properties": { "enabled": { "type": "boolean", "description": "Optional. Whether scheduled snapshots creation is enabled." }, "snapshotCreationSchedule": { "type": "string", "description": "Optional. The cron expression representing the time when snapshots creation mechanism runs. This field is subject to additional validation around frequency of execution." }, "snapshotLocation": { "type": "string", "description": "Optional. The Cloud Storage location for storing automatically created snapshots." }, "timeZone": { "type": "string", "description": "Optional. Time zone that sets the context to interpret snapshot_creation_schedule." } }, "type": "object" }, "google-native:composer/v1:ScheduledSnapshotsConfigResponse": { "description": "The configuration for scheduled snapshot creation mechanism.", "properties": { "enabled": { "type": "boolean", "description": "Optional. Whether scheduled snapshots creation is enabled." }, "snapshotCreationSchedule": { "type": "string", "description": "Optional. The cron expression representing the time when snapshots creation mechanism runs. This field is subject to additional validation around frequency of execution." }, "snapshotLocation": { "type": "string", "description": "Optional. The Cloud Storage location for storing automatically created snapshots." }, "timeZone": { "type": "string", "description": "Optional. Time zone that sets the context to interpret snapshot_creation_schedule." } }, "type": "object", "required": [ "enabled", "snapshotCreationSchedule", "snapshotLocation", "timeZone" ] }, "google-native:composer/v1:SchedulerResource": { "description": "Configuration for resources used by Airflow schedulers.", "properties": { "count": { "type": "integer", "description": "Optional. The number of schedulers." }, "cpu": { "type": "number", "description": "Optional. CPU request and limit for a single Airflow scheduler replica." }, "memoryGb": { "type": "number", "description": "Optional. Memory (GB) request and limit for a single Airflow scheduler replica." }, "storageGb": { "type": "number", "description": "Optional. Storage (GB) request and limit for a single Airflow scheduler replica." } }, "type": "object" }, "google-native:composer/v1:SchedulerResourceResponse": { "description": "Configuration for resources used by Airflow schedulers.", "properties": { "count": { "type": "integer", "description": "Optional. The number of schedulers." }, "cpu": { "type": "number", "description": "Optional. CPU request and limit for a single Airflow scheduler replica." }, "memoryGb": { "type": "number", "description": "Optional. Memory (GB) request and limit for a single Airflow scheduler replica." }, "storageGb": { "type": "number", "description": "Optional. Storage (GB) request and limit for a single Airflow scheduler replica." } }, "type": "object", "required": [ "count", "cpu", "memoryGb", "storageGb" ] }, "google-native:composer/v1:SoftwareConfig": { "description": "Specifies the selection and configuration of software inside the environment.", "properties": { "airflowConfigOverrides": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Apache Airflow configuration properties to override. Property keys contain the section and property names, separated by a hyphen, for example \"core-dags_are_paused_at_creation\". Section names must not contain hyphens (\"-\"), opening square brackets (\"[\"), or closing square brackets (\"]\"). The property name must not be empty and must not contain an equals sign (\"=\") or semicolon (\";\"). Section and property names must not contain a period (\".\"). Apache Airflow configuration property names must be written in [snake_case](https://en.wikipedia.org/wiki/Snake_case). Property values can contain any character, and can be written in any lower/upper case format. Certain Apache Airflow configuration property values are [blocked](/composer/docs/concepts/airflow-configurations), and cannot be overridden." }, "envVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Additional environment variables to provide to the Apache Airflow scheduler, worker, and webserver processes. Environment variable names must match the regular expression `a-zA-Z_*`. They cannot specify Apache Airflow software configuration overrides (they cannot match the regular expression `AIRFLOW__[A-Z0-9_]+__[A-Z0-9_]+`), and they cannot match any of the following reserved names: * `AIRFLOW_HOME` * `C_FORCE_ROOT` * `CONTAINER_NAME` * `DAGS_FOLDER` * `GCP_PROJECT` * `GCS_BUCKET` * `GKE_CLUSTER_NAME` * `SQL_DATABASE` * `SQL_INSTANCE` * `SQL_PASSWORD` * `SQL_PROJECT` * `SQL_REGION` * `SQL_USER`" }, "imageVersion": { "type": "string", "description": "The version of the software running in the environment. This encapsulates both the version of Cloud Composer functionality and the version of Apache Airflow. It must match the regular expression `composer-([0-9]+(\\.[0-9]+\\.[0-9]+(-preview\\.[0-9]+)?)?|latest)-airflow-([0-9]+(\\.[0-9]+(\\.[0-9]+)?)?)`. When used as input, the server also checks if the provided version is supported and denies the request for an unsupported version. The Cloud Composer portion of the image version is a full [semantic version](https://semver.org), or an alias in the form of major version number or `latest`. When an alias is provided, the server replaces it with the current Cloud Composer version that satisfies the alias. The Apache Airflow portion of the image version is a full semantic version that points to one of the supported Apache Airflow versions, or an alias in the form of only major or major.minor versions specified. When an alias is provided, the server replaces it with the latest Apache Airflow version that satisfies the alias and is supported in the given Cloud Composer version. In all cases, the resolved image version is stored in the same field. See also [version list](/composer/docs/concepts/versioning/composer-versions) and [versioning overview](/composer/docs/concepts/versioning/composer-versioning-overview)." }, "pypiPackages": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Custom Python Package Index (PyPI) packages to be installed in the environment. Keys refer to the lowercase package name such as \"numpy\" and values are the lowercase extras and version specifier such as \"==1.12.0\", \"[devel,gcp_api]\", or \"[devel]>=1.8.2, <1.9.2\". To specify a package without pinning it to a version specifier, use the empty string as the value." }, "pythonVersion": { "type": "string", "description": "Optional. The major version of Python used to run the Apache Airflow scheduler, worker, and webserver processes. Can be set to '2' or '3'. If not specified, the default is '3'. Cannot be updated. This field is only supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*. Environments in newer versions always use Python major version 3." }, "schedulerCount": { "type": "integer", "description": "Optional. The number of schedulers for Airflow. This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-2.*.*." } }, "type": "object" }, "google-native:composer/v1:SoftwareConfigResponse": { "description": "Specifies the selection and configuration of software inside the environment.", "properties": { "airflowConfigOverrides": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Apache Airflow configuration properties to override. Property keys contain the section and property names, separated by a hyphen, for example \"core-dags_are_paused_at_creation\". Section names must not contain hyphens (\"-\"), opening square brackets (\"[\"), or closing square brackets (\"]\"). The property name must not be empty and must not contain an equals sign (\"=\") or semicolon (\";\"). Section and property names must not contain a period (\".\"). Apache Airflow configuration property names must be written in [snake_case](https://en.wikipedia.org/wiki/Snake_case). Property values can contain any character, and can be written in any lower/upper case format. Certain Apache Airflow configuration property values are [blocked](/composer/docs/concepts/airflow-configurations), and cannot be overridden." }, "envVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Additional environment variables to provide to the Apache Airflow scheduler, worker, and webserver processes. Environment variable names must match the regular expression `a-zA-Z_*`. They cannot specify Apache Airflow software configuration overrides (they cannot match the regular expression `AIRFLOW__[A-Z0-9_]+__[A-Z0-9_]+`), and they cannot match any of the following reserved names: * `AIRFLOW_HOME` * `C_FORCE_ROOT` * `CONTAINER_NAME` * `DAGS_FOLDER` * `GCP_PROJECT` * `GCS_BUCKET` * `GKE_CLUSTER_NAME` * `SQL_DATABASE` * `SQL_INSTANCE` * `SQL_PASSWORD` * `SQL_PROJECT` * `SQL_REGION` * `SQL_USER`" }, "imageVersion": { "type": "string", "description": "The version of the software running in the environment. This encapsulates both the version of Cloud Composer functionality and the version of Apache Airflow. It must match the regular expression `composer-([0-9]+(\\.[0-9]+\\.[0-9]+(-preview\\.[0-9]+)?)?|latest)-airflow-([0-9]+(\\.[0-9]+(\\.[0-9]+)?)?)`. When used as input, the server also checks if the provided version is supported and denies the request for an unsupported version. The Cloud Composer portion of the image version is a full [semantic version](https://semver.org), or an alias in the form of major version number or `latest`. When an alias is provided, the server replaces it with the current Cloud Composer version that satisfies the alias. The Apache Airflow portion of the image version is a full semantic version that points to one of the supported Apache Airflow versions, or an alias in the form of only major or major.minor versions specified. When an alias is provided, the server replaces it with the latest Apache Airflow version that satisfies the alias and is supported in the given Cloud Composer version. In all cases, the resolved image version is stored in the same field. See also [version list](/composer/docs/concepts/versioning/composer-versions) and [versioning overview](/composer/docs/concepts/versioning/composer-versioning-overview)." }, "pypiPackages": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Custom Python Package Index (PyPI) packages to be installed in the environment. Keys refer to the lowercase package name such as \"numpy\" and values are the lowercase extras and version specifier such as \"==1.12.0\", \"[devel,gcp_api]\", or \"[devel]>=1.8.2, <1.9.2\". To specify a package without pinning it to a version specifier, use the empty string as the value." }, "pythonVersion": { "type": "string", "description": "Optional. The major version of Python used to run the Apache Airflow scheduler, worker, and webserver processes. Can be set to '2' or '3'. If not specified, the default is '3'. Cannot be updated. This field is only supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*. Environments in newer versions always use Python major version 3." }, "schedulerCount": { "type": "integer", "description": "Optional. The number of schedulers for Airflow. This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-2.*.*." } }, "type": "object", "required": [ "airflowConfigOverrides", "envVariables", "imageVersion", "pypiPackages", "pythonVersion", "schedulerCount" ] }, "google-native:composer/v1:StorageConfig": { "description": "The configuration for data storage in the environment.", "properties": { "bucket": { "type": "string", "description": "Optional. The name of the Cloud Storage bucket used by the environment. No `gs://` prefix." } }, "type": "object" }, "google-native:composer/v1:StorageConfigResponse": { "description": "The configuration for data storage in the environment.", "properties": { "bucket": { "type": "string", "description": "Optional. The name of the Cloud Storage bucket used by the environment. No `gs://` prefix." } }, "type": "object", "required": [ "bucket" ] }, "google-native:composer/v1:TriggererResource": { "description": "Configuration for resources used by Airflow triggerers.", "properties": { "count": { "type": "integer", "description": "Optional. The number of triggerers." }, "cpu": { "type": "number", "description": "Optional. CPU request and limit for a single Airflow triggerer replica." }, "memoryGb": { "type": "number", "description": "Optional. Memory (GB) request and limit for a single Airflow triggerer replica." } }, "type": "object" }, "google-native:composer/v1:TriggererResourceResponse": { "description": "Configuration for resources used by Airflow triggerers.", "properties": { "count": { "type": "integer", "description": "Optional. The number of triggerers." }, "cpu": { "type": "number", "description": "Optional. CPU request and limit for a single Airflow triggerer replica." }, "memoryGb": { "type": "number", "description": "Optional. Memory (GB) request and limit for a single Airflow triggerer replica." } }, "type": "object", "required": [ "count", "cpu", "memoryGb" ] }, "google-native:composer/v1:WebServerConfig": { "description": "The configuration settings for the Airflow web server App Engine instance. Supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*", "properties": { "machineType": { "type": "string", "description": "Optional. Machine type on which Airflow web server is running. It has to be one of: composer-n1-webserver-2, composer-n1-webserver-4 or composer-n1-webserver-8. If not specified, composer-n1-webserver-2 will be used. Value custom is returned only in response, if Airflow web server parameters were manually changed to a non-standard values." } }, "type": "object" }, "google-native:composer/v1:WebServerConfigResponse": { "description": "The configuration settings for the Airflow web server App Engine instance. Supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*", "properties": { "machineType": { "type": "string", "description": "Optional. Machine type on which Airflow web server is running. It has to be one of: composer-n1-webserver-2, composer-n1-webserver-4 or composer-n1-webserver-8. If not specified, composer-n1-webserver-2 will be used. Value custom is returned only in response, if Airflow web server parameters were manually changed to a non-standard values." } }, "type": "object", "required": [ "machineType" ] }, "google-native:composer/v1:WebServerNetworkAccessControl": { "description": "Network-level access control policy for the Airflow web server.", "properties": { "allowedIpRanges": { "type": "array", "items": { "$ref": "#/types/google-native:composer%2Fv1:AllowedIpRange" }, "description": "A collection of allowed IP ranges with descriptions." } }, "type": "object" }, "google-native:composer/v1:WebServerNetworkAccessControlResponse": { "description": "Network-level access control policy for the Airflow web server.", "properties": { "allowedIpRanges": { "type": "array", "items": { "$ref": "#/types/google-native:composer%2Fv1:AllowedIpRangeResponse" }, "description": "A collection of allowed IP ranges with descriptions." } }, "type": "object", "required": [ "allowedIpRanges" ] }, "google-native:composer/v1:WebServerResource": { "description": "Configuration for resources used by Airflow web server.", "properties": { "cpu": { "type": "number", "description": "Optional. CPU request and limit for Airflow web server." }, "memoryGb": { "type": "number", "description": "Optional. Memory (GB) request and limit for Airflow web server." }, "storageGb": { "type": "number", "description": "Optional. Storage (GB) request and limit for Airflow web server." } }, "type": "object" }, "google-native:composer/v1:WebServerResourceResponse": { "description": "Configuration for resources used by Airflow web server.", "properties": { "cpu": { "type": "number", "description": "Optional. CPU request and limit for Airflow web server." }, "memoryGb": { "type": "number", "description": "Optional. Memory (GB) request and limit for Airflow web server." }, "storageGb": { "type": "number", "description": "Optional. Storage (GB) request and limit for Airflow web server." } }, "type": "object", "required": [ "cpu", "memoryGb", "storageGb" ] }, "google-native:composer/v1:WorkerResource": { "description": "Configuration for resources used by Airflow workers.", "properties": { "cpu": { "type": "number", "description": "Optional. CPU request and limit for a single Airflow worker replica." }, "maxCount": { "type": "integer", "description": "Optional. Maximum number of workers for autoscaling." }, "memoryGb": { "type": "number", "description": "Optional. Memory (GB) request and limit for a single Airflow worker replica." }, "minCount": { "type": "integer", "description": "Optional. Minimum number of workers for autoscaling." }, "storageGb": { "type": "number", "description": "Optional. Storage (GB) request and limit for a single Airflow worker replica." } }, "type": "object" }, "google-native:composer/v1:WorkerResourceResponse": { "description": "Configuration for resources used by Airflow workers.", "properties": { "cpu": { "type": "number", "description": "Optional. CPU request and limit for a single Airflow worker replica." }, "maxCount": { "type": "integer", "description": "Optional. Maximum number of workers for autoscaling." }, "memoryGb": { "type": "number", "description": "Optional. Memory (GB) request and limit for a single Airflow worker replica." }, "minCount": { "type": "integer", "description": "Optional. Minimum number of workers for autoscaling." }, "storageGb": { "type": "number", "description": "Optional. Storage (GB) request and limit for a single Airflow worker replica." } }, "type": "object", "required": [ "cpu", "maxCount", "memoryGb", "minCount", "storageGb" ] }, "google-native:composer/v1:WorkloadsConfig": { "description": "The Kubernetes workloads configuration for GKE cluster associated with the Cloud Composer environment. Supported for Cloud Composer environments in versions composer-2.*.*-airflow-*.*.* and newer.", "properties": { "scheduler": { "$ref": "#/types/google-native:composer%2Fv1:SchedulerResource", "description": "Optional. Resources used by Airflow schedulers." }, "triggerer": { "$ref": "#/types/google-native:composer%2Fv1:TriggererResource", "description": "Optional. Resources used by Airflow triggerers." }, "webServer": { "$ref": "#/types/google-native:composer%2Fv1:WebServerResource", "description": "Optional. Resources used by Airflow web server." }, "worker": { "$ref": "#/types/google-native:composer%2Fv1:WorkerResource", "description": "Optional. Resources used by Airflow workers." } }, "type": "object" }, "google-native:composer/v1:WorkloadsConfigResponse": { "description": "The Kubernetes workloads configuration for GKE cluster associated with the Cloud Composer environment. Supported for Cloud Composer environments in versions composer-2.*.*-airflow-*.*.* and newer.", "properties": { "scheduler": { "$ref": "#/types/google-native:composer%2Fv1:SchedulerResourceResponse", "description": "Optional. Resources used by Airflow schedulers." }, "triggerer": { "$ref": "#/types/google-native:composer%2Fv1:TriggererResourceResponse", "description": "Optional. Resources used by Airflow triggerers." }, "webServer": { "$ref": "#/types/google-native:composer%2Fv1:WebServerResourceResponse", "description": "Optional. Resources used by Airflow web server." }, "worker": { "$ref": "#/types/google-native:composer%2Fv1:WorkerResourceResponse", "description": "Optional. Resources used by Airflow workers." } }, "type": "object", "required": [ "scheduler", "triggerer", "webServer", "worker" ] }, "google-native:composer/v1beta1:AllowedIpRange": { "description": "Allowed IP range with user-provided description.", "properties": { "description": { "type": "string", "description": "Optional. User-provided description. It must contain at most 300 characters." }, "value": { "type": "string", "description": "IP address or range, defined using CIDR notation, of requests that this rule applies to. Examples: `192.168.1.1` or `192.168.0.0/16` or `2001:db8::/32` or `2001:0db8:0000:0042:0000:8a2e:0370:7334`. IP range prefixes should be properly truncated. For example, `1.2.3.4/24` should be truncated to `1.2.3.0/24`. Similarly, for IPv6, `2001:db8::1/32` should be truncated to `2001:db8::/32`." } }, "type": "object" }, "google-native:composer/v1beta1:AllowedIpRangeResponse": { "description": "Allowed IP range with user-provided description.", "properties": { "description": { "type": "string", "description": "Optional. User-provided description. It must contain at most 300 characters." }, "value": { "type": "string", "description": "IP address or range, defined using CIDR notation, of requests that this rule applies to. Examples: `192.168.1.1` or `192.168.0.0/16` or `2001:db8::/32` or `2001:0db8:0000:0042:0000:8a2e:0370:7334`. IP range prefixes should be properly truncated. For example, `1.2.3.4/24` should be truncated to `1.2.3.0/24`. Similarly, for IPv6, `2001:db8::1/32` should be truncated to `2001:db8::/32`." } }, "type": "object", "required": [ "description", "value" ] }, "google-native:composer/v1beta1:CidrBlock": { "description": "CIDR block with an optional name.", "properties": { "cidrBlock": { "type": "string", "description": "CIDR block that must be specified in CIDR notation." }, "displayName": { "type": "string", "description": "User-defined name that identifies the CIDR block." } }, "type": "object" }, "google-native:composer/v1beta1:CidrBlockResponse": { "description": "CIDR block with an optional name.", "properties": { "cidrBlock": { "type": "string", "description": "CIDR block that must be specified in CIDR notation." }, "displayName": { "type": "string", "description": "User-defined name that identifies the CIDR block." } }, "type": "object", "required": [ "cidrBlock", "displayName" ] }, "google-native:composer/v1beta1:CloudDataLineageIntegration": { "description": "Configuration for Cloud Data Lineage integration.", "properties": { "enabled": { "type": "boolean", "description": "Optional. Whether or not Cloud Data Lineage integration is enabled." } }, "type": "object" }, "google-native:composer/v1beta1:CloudDataLineageIntegrationResponse": { "description": "Configuration for Cloud Data Lineage integration.", "properties": { "enabled": { "type": "boolean", "description": "Optional. Whether or not Cloud Data Lineage integration is enabled." } }, "type": "object", "required": [ "enabled" ] }, "google-native:composer/v1beta1:DatabaseConfig": { "description": "The configuration of Cloud SQL instance that is used by the Apache Airflow software.", "properties": { "machineType": { "type": "string", "description": "Optional. Cloud SQL machine type used by Airflow database. It has to be one of: db-n1-standard-2, db-n1-standard-4, db-n1-standard-8 or db-n1-standard-16. If not specified, db-n1-standard-2 will be used. Supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "zone": { "type": "string", "description": "Optional. The Compute Engine zone where the Airflow database is created. If zone is provided, it must be in the region selected for the environment. If zone is not provided, a zone is automatically selected. The zone can only be set during environment creation. Supported for Cloud Composer environments in versions composer-2.*.*-airflow-*.*.*." } }, "type": "object" }, "google-native:composer/v1beta1:DatabaseConfigResponse": { "description": "The configuration of Cloud SQL instance that is used by the Apache Airflow software.", "properties": { "machineType": { "type": "string", "description": "Optional. Cloud SQL machine type used by Airflow database. It has to be one of: db-n1-standard-2, db-n1-standard-4, db-n1-standard-8 or db-n1-standard-16. If not specified, db-n1-standard-2 will be used. Supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "zone": { "type": "string", "description": "Optional. The Compute Engine zone where the Airflow database is created. If zone is provided, it must be in the region selected for the environment. If zone is not provided, a zone is automatically selected. The zone can only be set during environment creation. Supported for Cloud Composer environments in versions composer-2.*.*-airflow-*.*.*." } }, "type": "object", "required": [ "machineType", "zone" ] }, "google-native:composer/v1beta1:EncryptionConfig": { "description": "The encryption options for the Cloud Composer environment and its dependencies. Supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*.", "properties": { "kmsKeyName": { "type": "string", "description": "Optional. Customer-managed Encryption Key available through Google's Key Management Service. Cannot be updated. If not specified, Google-managed key will be used." } }, "type": "object" }, "google-native:composer/v1beta1:EncryptionConfigResponse": { "description": "The encryption options for the Cloud Composer environment and its dependencies. Supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*.", "properties": { "kmsKeyName": { "type": "string", "description": "Optional. Customer-managed Encryption Key available through Google's Key Management Service. Cannot be updated. If not specified, Google-managed key will be used." } }, "type": "object", "required": [ "kmsKeyName" ] }, "google-native:composer/v1beta1:EnvironmentConfig": { "description": "Configuration information for an environment.", "properties": { "databaseConfig": { "$ref": "#/types/google-native:composer%2Fv1beta1:DatabaseConfig", "description": "Optional. The configuration settings for Cloud SQL instance used internally by Apache Airflow software." }, "encryptionConfig": { "$ref": "#/types/google-native:composer%2Fv1beta1:EncryptionConfig", "description": "Optional. The encryption options for the Cloud Composer environment and its dependencies. Cannot be updated." }, "environmentSize": { "$ref": "#/types/google-native:composer%2Fv1beta1:EnvironmentConfigEnvironmentSize", "description": "Optional. The size of the Cloud Composer environment. This field is supported for Cloud Composer environments in versions composer-2.*.*-airflow-*.*.* and newer." }, "maintenanceWindow": { "$ref": "#/types/google-native:composer%2Fv1beta1:MaintenanceWindow", "description": "Optional. The maintenance window is the period when Cloud Composer components may undergo maintenance. It is defined so that maintenance is not executed during peak hours or critical time periods. The system will not be under maintenance for every occurrence of this window, but when maintenance is planned, it will be scheduled during the window. The maintenance window period must encompass at least 12 hours per week. This may be split into multiple chunks, each with a size of at least 4 hours. If this value is omitted, Cloud Composer components may be subject to maintenance at any time." }, "masterAuthorizedNetworksConfig": { "$ref": "#/types/google-native:composer%2Fv1beta1:MasterAuthorizedNetworksConfig", "description": "Optional. The configuration options for GKE cluster master authorized networks. By default master authorized networks feature is: - in case of private environment: enabled with no external networks allowlisted. - in case of public environment: disabled." }, "nodeConfig": { "$ref": "#/types/google-native:composer%2Fv1beta1:NodeConfig", "description": "The configuration used for the Kubernetes Engine cluster." }, "nodeCount": { "type": "integer", "description": "The number of nodes in the Kubernetes Engine cluster that will be used to run this environment. This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "privateEnvironmentConfig": { "$ref": "#/types/google-native:composer%2Fv1beta1:PrivateEnvironmentConfig", "description": "The configuration used for the Private IP Cloud Composer environment." }, "recoveryConfig": { "$ref": "#/types/google-native:composer%2Fv1beta1:RecoveryConfig", "description": "Optional. The Recovery settings configuration of an environment. This field is supported for Cloud Composer environments in versions composer-2.*.*-airflow-*.*.* and newer." }, "resilienceMode": { "$ref": "#/types/google-native:composer%2Fv1beta1:EnvironmentConfigResilienceMode", "description": "Optional. Resilience mode of the Cloud Composer Environment. This field is supported for Cloud Composer environments in versions composer-2.2.0-airflow-*.*.* and newer." }, "softwareConfig": { "$ref": "#/types/google-native:composer%2Fv1beta1:SoftwareConfig", "description": "The configuration settings for software inside the environment." }, "webServerConfig": { "$ref": "#/types/google-native:composer%2Fv1beta1:WebServerConfig", "description": "Optional. The configuration settings for the Airflow web server App Engine instance. This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "webServerNetworkAccessControl": { "$ref": "#/types/google-native:composer%2Fv1beta1:WebServerNetworkAccessControl", "description": "Optional. The network-level access control policy for the Airflow web server. If unspecified, no network-level access restrictions will be applied." }, "workloadsConfig": { "$ref": "#/types/google-native:composer%2Fv1beta1:WorkloadsConfig", "description": "Optional. The workloads configuration settings for the GKE cluster associated with the Cloud Composer environment. The GKE cluster runs Airflow scheduler, web server and workers workloads. This field is supported for Cloud Composer environments in versions composer-2.*.*-airflow-*.*.* and newer." } }, "type": "object" }, "google-native:composer/v1beta1:EnvironmentConfigEnvironmentSize": { "description": "Optional. The size of the Cloud Composer environment. This field is supported for Cloud Composer environments in versions composer-2.*.*-airflow-*.*.* and newer.", "type": "string", "enum": [ { "name": "EnvironmentSizeUnspecified", "description": "The size of the environment is unspecified.", "value": "ENVIRONMENT_SIZE_UNSPECIFIED" }, { "name": "EnvironmentSizeSmall", "description": "The environment size is small.", "value": "ENVIRONMENT_SIZE_SMALL" }, { "name": "EnvironmentSizeMedium", "description": "The environment size is medium.", "value": "ENVIRONMENT_SIZE_MEDIUM" }, { "name": "EnvironmentSizeLarge", "description": "The environment size is large.", "value": "ENVIRONMENT_SIZE_LARGE" } ] }, "google-native:composer/v1beta1:EnvironmentConfigResilienceMode": { "description": "Optional. Resilience mode of the Cloud Composer Environment. This field is supported for Cloud Composer environments in versions composer-2.2.0-airflow-*.*.* and newer.", "type": "string", "enum": [ { "name": "ResilienceModeUnspecified", "description": "Default mode doesn't change environment parameters.", "value": "RESILIENCE_MODE_UNSPECIFIED" }, { "name": "HighResilience", "description": "Enabled High Resilience mode, including Cloud SQL HA.", "value": "HIGH_RESILIENCE" } ] }, "google-native:composer/v1beta1:EnvironmentConfigResponse": { "description": "Configuration information for an environment.", "properties": { "airflowByoidUri": { "type": "string", "description": "The 'bring your own identity' variant of the URI of the Apache Airflow Web UI hosted within this environment, to be accessed with external identities using workforce identity federation (see [Access environments with workforce identity federation](/composer/docs/composer-2/access-environments-with-workforce-identity-federation))." }, "airflowUri": { "type": "string", "description": "The URI of the Apache Airflow Web UI hosted within this environment (see [Airflow web interface](/composer/docs/how-to/accessing/airflow-web-interface))." }, "dagGcsPrefix": { "type": "string", "description": "The Cloud Storage prefix of the DAGs for this environment. Although Cloud Storage objects reside in a flat namespace, a hierarchical file tree can be simulated using \"/\"-delimited object name prefixes. DAG objects for this environment reside in a simulated directory with the given prefix." }, "databaseConfig": { "$ref": "#/types/google-native:composer%2Fv1beta1:DatabaseConfigResponse", "description": "Optional. The configuration settings for Cloud SQL instance used internally by Apache Airflow software." }, "encryptionConfig": { "$ref": "#/types/google-native:composer%2Fv1beta1:EncryptionConfigResponse", "description": "Optional. The encryption options for the Cloud Composer environment and its dependencies. Cannot be updated." }, "environmentSize": { "type": "string", "description": "Optional. The size of the Cloud Composer environment. This field is supported for Cloud Composer environments in versions composer-2.*.*-airflow-*.*.* and newer." }, "gkeCluster": { "type": "string", "description": "The Kubernetes Engine cluster used to run this environment." }, "maintenanceWindow": { "$ref": "#/types/google-native:composer%2Fv1beta1:MaintenanceWindowResponse", "description": "Optional. The maintenance window is the period when Cloud Composer components may undergo maintenance. It is defined so that maintenance is not executed during peak hours or critical time periods. The system will not be under maintenance for every occurrence of this window, but when maintenance is planned, it will be scheduled during the window. The maintenance window period must encompass at least 12 hours per week. This may be split into multiple chunks, each with a size of at least 4 hours. If this value is omitted, Cloud Composer components may be subject to maintenance at any time." }, "masterAuthorizedNetworksConfig": { "$ref": "#/types/google-native:composer%2Fv1beta1:MasterAuthorizedNetworksConfigResponse", "description": "Optional. The configuration options for GKE cluster master authorized networks. By default master authorized networks feature is: - in case of private environment: enabled with no external networks allowlisted. - in case of public environment: disabled." }, "nodeConfig": { "$ref": "#/types/google-native:composer%2Fv1beta1:NodeConfigResponse", "description": "The configuration used for the Kubernetes Engine cluster." }, "nodeCount": { "type": "integer", "description": "The number of nodes in the Kubernetes Engine cluster that will be used to run this environment. This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "privateEnvironmentConfig": { "$ref": "#/types/google-native:composer%2Fv1beta1:PrivateEnvironmentConfigResponse", "description": "The configuration used for the Private IP Cloud Composer environment." }, "recoveryConfig": { "$ref": "#/types/google-native:composer%2Fv1beta1:RecoveryConfigResponse", "description": "Optional. The Recovery settings configuration of an environment. This field is supported for Cloud Composer environments in versions composer-2.*.*-airflow-*.*.* and newer." }, "resilienceMode": { "type": "string", "description": "Optional. Resilience mode of the Cloud Composer Environment. This field is supported for Cloud Composer environments in versions composer-2.2.0-airflow-*.*.* and newer." }, "softwareConfig": { "$ref": "#/types/google-native:composer%2Fv1beta1:SoftwareConfigResponse", "description": "The configuration settings for software inside the environment." }, "webServerConfig": { "$ref": "#/types/google-native:composer%2Fv1beta1:WebServerConfigResponse", "description": "Optional. The configuration settings for the Airflow web server App Engine instance. This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "webServerNetworkAccessControl": { "$ref": "#/types/google-native:composer%2Fv1beta1:WebServerNetworkAccessControlResponse", "description": "Optional. The network-level access control policy for the Airflow web server. If unspecified, no network-level access restrictions will be applied." }, "workloadsConfig": { "$ref": "#/types/google-native:composer%2Fv1beta1:WorkloadsConfigResponse", "description": "Optional. The workloads configuration settings for the GKE cluster associated with the Cloud Composer environment. The GKE cluster runs Airflow scheduler, web server and workers workloads. This field is supported for Cloud Composer environments in versions composer-2.*.*-airflow-*.*.* and newer." } }, "type": "object", "required": [ "airflowByoidUri", "airflowUri", "dagGcsPrefix", "databaseConfig", "encryptionConfig", "environmentSize", "gkeCluster", "maintenanceWindow", "masterAuthorizedNetworksConfig", "nodeConfig", "nodeCount", "privateEnvironmentConfig", "recoveryConfig", "resilienceMode", "softwareConfig", "webServerConfig", "webServerNetworkAccessControl", "workloadsConfig" ] }, "google-native:composer/v1beta1:EnvironmentState": { "description": "The current state of the environment.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "The state of the environment is unknown.", "value": "STATE_UNSPECIFIED" }, { "name": "Creating", "description": "The environment is in the process of being created.", "value": "CREATING" }, { "name": "Running", "description": "The environment is currently running and healthy. It is ready for use.", "value": "RUNNING" }, { "name": "Updating", "description": "The environment is being updated. It remains usable but cannot receive additional update requests or be deleted at this time.", "value": "UPDATING" }, { "name": "Deleting", "description": "The environment is undergoing deletion. It cannot be used.", "value": "DELETING" }, { "name": "Error", "description": "The environment has encountered an error and cannot be used.", "value": "ERROR" } ] }, "google-native:composer/v1beta1:IPAllocationPolicy": { "description": "Configuration for controlling how IPs are allocated in the GKE cluster.", "properties": { "clusterIpv4CidrBlock": { "type": "string", "description": "Optional. The IP address range used to allocate IP addresses to pods in the cluster. For Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*, this field is applicable only when `use_ip_aliases` is true. Set to blank to have GKE choose a range with the default size. Set to /netmask (e.g. `/14`) to have GKE choose a range with a specific netmask. Set to a [CIDR](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range to use. Specify `cluster_secondary_range_name` or `cluster_ipv4_cidr_block` but not both." }, "clusterSecondaryRangeName": { "type": "string", "description": "Optional. The name of the cluster's secondary range used to allocate IP addresses to pods. Specify either `cluster_secondary_range_name` or `cluster_ipv4_cidr_block` but not both. For Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*, this field is applicable only when `use_ip_aliases` is true." }, "servicesIpv4CidrBlock": { "type": "string", "description": "Optional. The IP address range of the services IP addresses in this cluster. For Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*, this field is applicable only when `use_ip_aliases` is true. Set to blank to have GKE choose a range with the default size. Set to /netmask (e.g. `/14`) to have GKE choose a range with a specific netmask. Set to a [CIDR](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range to use. Specify `services_secondary_range_name` or `services_ipv4_cidr_block` but not both." }, "servicesSecondaryRangeName": { "type": "string", "description": "Optional. The name of the services' secondary range used to allocate IP addresses to the cluster. Specify either `services_secondary_range_name` or `services_ipv4_cidr_block` but not both. For Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*, this field is applicable only when `use_ip_aliases` is true." }, "useIpAliases": { "type": "boolean", "description": "Optional. Whether or not to enable Alias IPs in the GKE cluster. If `true`, a VPC-native cluster is created. This field is only supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*. Environments in newer versions always use VPC-native GKE clusters." } }, "type": "object" }, "google-native:composer/v1beta1:IPAllocationPolicyResponse": { "description": "Configuration for controlling how IPs are allocated in the GKE cluster.", "properties": { "clusterIpv4CidrBlock": { "type": "string", "description": "Optional. The IP address range used to allocate IP addresses to pods in the cluster. For Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*, this field is applicable only when `use_ip_aliases` is true. Set to blank to have GKE choose a range with the default size. Set to /netmask (e.g. `/14`) to have GKE choose a range with a specific netmask. Set to a [CIDR](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range to use. Specify `cluster_secondary_range_name` or `cluster_ipv4_cidr_block` but not both." }, "clusterSecondaryRangeName": { "type": "string", "description": "Optional. The name of the cluster's secondary range used to allocate IP addresses to pods. Specify either `cluster_secondary_range_name` or `cluster_ipv4_cidr_block` but not both. For Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*, this field is applicable only when `use_ip_aliases` is true." }, "servicesIpv4CidrBlock": { "type": "string", "description": "Optional. The IP address range of the services IP addresses in this cluster. For Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*, this field is applicable only when `use_ip_aliases` is true. Set to blank to have GKE choose a range with the default size. Set to /netmask (e.g. `/14`) to have GKE choose a range with a specific netmask. Set to a [CIDR](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range to use. Specify `services_secondary_range_name` or `services_ipv4_cidr_block` but not both." }, "servicesSecondaryRangeName": { "type": "string", "description": "Optional. The name of the services' secondary range used to allocate IP addresses to the cluster. Specify either `services_secondary_range_name` or `services_ipv4_cidr_block` but not both. For Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*, this field is applicable only when `use_ip_aliases` is true." }, "useIpAliases": { "type": "boolean", "description": "Optional. Whether or not to enable Alias IPs in the GKE cluster. If `true`, a VPC-native cluster is created. This field is only supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*. Environments in newer versions always use VPC-native GKE clusters." } }, "type": "object", "required": [ "clusterIpv4CidrBlock", "clusterSecondaryRangeName", "servicesIpv4CidrBlock", "servicesSecondaryRangeName", "useIpAliases" ] }, "google-native:composer/v1beta1:MaintenanceWindow": { "description": "The configuration settings for Cloud Composer maintenance window. The following example: ``` { \"startTime\":\"2019-08-01T01:00:00Z\" \"endTime\":\"2019-08-01T07:00:00Z\" \"recurrence\":\"FREQ=WEEKLY;BYDAY=TU,WE\" } ``` would define a maintenance window between 01 and 07 hours UTC during each Tuesday and Wednesday.", "properties": { "endTime": { "type": "string", "description": "Maintenance window end time. It is used only to calculate the duration of the maintenance window. The value for end_time must be in the future, relative to `start_time`." }, "recurrence": { "type": "string", "description": "Maintenance window recurrence. Format is a subset of [RFC-5545](https://tools.ietf.org/html/rfc5545) `RRULE`. The only allowed values for `FREQ` field are `FREQ=DAILY` and `FREQ=WEEKLY;BYDAY=...` Example values: `FREQ=WEEKLY;BYDAY=TU,WE`, `FREQ=DAILY`." }, "startTime": { "type": "string", "description": "Start time of the first recurrence of the maintenance window." } }, "type": "object", "required": [ "endTime", "recurrence", "startTime" ] }, "google-native:composer/v1beta1:MaintenanceWindowResponse": { "description": "The configuration settings for Cloud Composer maintenance window. The following example: ``` { \"startTime\":\"2019-08-01T01:00:00Z\" \"endTime\":\"2019-08-01T07:00:00Z\" \"recurrence\":\"FREQ=WEEKLY;BYDAY=TU,WE\" } ``` would define a maintenance window between 01 and 07 hours UTC during each Tuesday and Wednesday.", "properties": { "endTime": { "type": "string", "description": "Maintenance window end time. It is used only to calculate the duration of the maintenance window. The value for end_time must be in the future, relative to `start_time`." }, "recurrence": { "type": "string", "description": "Maintenance window recurrence. Format is a subset of [RFC-5545](https://tools.ietf.org/html/rfc5545) `RRULE`. The only allowed values for `FREQ` field are `FREQ=DAILY` and `FREQ=WEEKLY;BYDAY=...` Example values: `FREQ=WEEKLY;BYDAY=TU,WE`, `FREQ=DAILY`." }, "startTime": { "type": "string", "description": "Start time of the first recurrence of the maintenance window." } }, "type": "object", "required": [ "endTime", "recurrence", "startTime" ] }, "google-native:composer/v1beta1:MasterAuthorizedNetworksConfig": { "description": "Configuration options for the master authorized networks feature. Enabled master authorized networks will disallow all external traffic to access Kubernetes master through HTTPS except traffic from the given CIDR blocks, Google Compute Engine Public IPs and Google Prod IPs.", "properties": { "cidrBlocks": { "type": "array", "items": { "$ref": "#/types/google-native:composer%2Fv1beta1:CidrBlock" }, "description": "Up to 50 external networks that could access Kubernetes master through HTTPS." }, "enabled": { "type": "boolean", "description": "Whether or not master authorized networks feature is enabled." } }, "type": "object" }, "google-native:composer/v1beta1:MasterAuthorizedNetworksConfigResponse": { "description": "Configuration options for the master authorized networks feature. Enabled master authorized networks will disallow all external traffic to access Kubernetes master through HTTPS except traffic from the given CIDR blocks, Google Compute Engine Public IPs and Google Prod IPs.", "properties": { "cidrBlocks": { "type": "array", "items": { "$ref": "#/types/google-native:composer%2Fv1beta1:CidrBlockResponse" }, "description": "Up to 50 external networks that could access Kubernetes master through HTTPS." }, "enabled": { "type": "boolean", "description": "Whether or not master authorized networks feature is enabled." } }, "type": "object", "required": [ "cidrBlocks", "enabled" ] }, "google-native:composer/v1beta1:NetworkingConfig": { "description": "Configuration options for networking connections in the Composer 2 environment.", "properties": { "connectionType": { "$ref": "#/types/google-native:composer%2Fv1beta1:NetworkingConfigConnectionType", "description": "Optional. Indicates the user requested specifc connection type between Tenant and Customer projects. You cannot set networking connection type in public IP environment." } }, "type": "object" }, "google-native:composer/v1beta1:NetworkingConfigConnectionType": { "description": "Optional. Indicates the user requested specifc connection type between Tenant and Customer projects. You cannot set networking connection type in public IP environment.", "type": "string", "enum": [ { "name": "ConnectionTypeUnspecified", "description": "No specific connection type was requested, so the environment uses the default value corresponding to the rest of its configuration.", "value": "CONNECTION_TYPE_UNSPECIFIED" }, { "name": "VpcPeering", "description": "Requests the use of VPC peerings for connecting the Customer and Tenant projects.", "value": "VPC_PEERING" }, { "name": "PrivateServiceConnect", "description": "Requests the use of Private Service Connect for connecting the Customer and Tenant projects.", "value": "PRIVATE_SERVICE_CONNECT" } ] }, "google-native:composer/v1beta1:NetworkingConfigResponse": { "description": "Configuration options for networking connections in the Composer 2 environment.", "properties": { "connectionType": { "type": "string", "description": "Optional. Indicates the user requested specifc connection type between Tenant and Customer projects. You cannot set networking connection type in public IP environment." } }, "type": "object", "required": [ "connectionType" ] }, "google-native:composer/v1beta1:NodeConfig": { "description": "The configuration information for the Kubernetes Engine nodes running the Apache Airflow software.", "properties": { "diskSizeGb": { "type": "integer", "description": "Optional. The disk size in GB used for node VMs. Minimum size is 30GB. If unspecified, defaults to 100GB. Cannot be updated. This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "enableIpMasqAgent": { "type": "boolean", "description": "Optional. Deploys 'ip-masq-agent' daemon set in the GKE cluster and defines nonMasqueradeCIDRs equals to pod IP range so IP masquerading is used for all destination addresses, except between pods traffic. See: https://cloud.google.com/kubernetes-engine/docs/how-to/ip-masquerade-agent" }, "ipAllocationPolicy": { "$ref": "#/types/google-native:composer%2Fv1beta1:IPAllocationPolicy", "description": "Optional. The IPAllocationPolicy fields for the GKE cluster." }, "location": { "type": "string", "description": "Optional. The Compute Engine [zone](/compute/docs/regions-zones) in which to deploy the VMs used to run the Apache Airflow software, specified as a [relative resource name](/apis/design/resource_names#relative_resource_name). For example: \"projects/{projectId}/zones/{zoneId}\". This `location` must belong to the enclosing environment's project and location. If both this field and `nodeConfig.machineType` are specified, `nodeConfig.machineType` must belong to this `location`; if both are unspecified, the service will pick a zone in the Compute Engine region corresponding to the Cloud Composer location, and propagate that choice to both fields. If only one field (`location` or `nodeConfig.machineType`) is specified, the location information from the specified field will be propagated to the unspecified field. This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "machineType": { "type": "string", "description": "Optional. The Compute Engine [machine type](/compute/docs/machine-types) used for cluster instances, specified as a [relative resource name](/apis/design/resource_names#relative_resource_name). For example: \"projects/{projectId}/zones/{zoneId}/machineTypes/{machineTypeId}\". The `machineType` must belong to the enclosing environment's project and location. If both this field and `nodeConfig.location` are specified, this `machineType` must belong to the `nodeConfig.location`; if both are unspecified, the service will pick a zone in the Compute Engine region corresponding to the Cloud Composer location, and propagate that choice to both fields. If exactly one of this field and `nodeConfig.location` is specified, the location information from the specified field will be propagated to the unspecified field. The `machineTypeId` must not be a [shared-core machine type](/compute/docs/machine-types#sharedcore). If this field is unspecified, the `machineTypeId` defaults to \"n1-standard-1\". This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "maxPodsPerNode": { "type": "integer", "description": "Optional. The maximum number of pods per node in the Cloud Composer GKE cluster. The value must be between 8 and 110 and it can be set only if the environment is VPC-native. The default value is 32. Values of this field will be propagated both to the `default-pool` node pool of the newly created GKE cluster, and to the default \"Maximum Pods per Node\" value which is used for newly created node pools if their value is not explicitly set during node pool creation. For more information, see [Optimizing IP address allocation] (https://cloud.google.com/kubernetes-engine/docs/how-to/flexible-pod-cidr). Cannot be updated. This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "network": { "type": "string", "description": "Optional. The Compute Engine network to be used for machine communications, specified as a [relative resource name](/apis/design/resource_names#relative_resource_name). For example: \"projects/{projectId}/global/networks/{networkId}\". If unspecified, the default network in the environment's project is used. If a [Custom Subnet Network](/vpc/docs/vpc#vpc_networks_and_subnets) is provided, `nodeConfig.subnetwork` must also be provided. For [Shared VPC](/vpc/docs/shared-vpc) subnetwork requirements, see `nodeConfig.subnetwork`." }, "oauthScopes": { "type": "array", "items": { "type": "string" }, "description": "Optional. The set of Google API scopes to be made available on all node VMs. If `oauth_scopes` is empty, defaults to [\"https://www.googleapis.com/auth/cloud-platform\"]. Cannot be updated. This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "serviceAccount": { "type": "string", "description": "Optional. The Google Cloud Platform Service Account to be used by the workloads. If a service account is not specified, the \"default\" Compute Engine service account is used. Cannot be updated." }, "subnetwork": { "type": "string", "description": "Optional. The Compute Engine subnetwork to be used for machine communications, specified as a [relative resource name](/apis/design/resource_names#relative_resource_name). For example: \"projects/{projectId}/regions/{regionId}/subnetworks/{subnetworkId}\" If a subnetwork is provided, `nodeConfig.network` must also be provided, and the subnetwork must belong to the enclosing environment's project and location." }, "tags": { "type": "array", "items": { "type": "string" }, "description": "Optional. The list of instance tags applied to all node VMs. Tags are used to identify valid sources or targets for network firewalls. Each tag within the list must comply with [RFC1035](https://www.ietf.org/rfc/rfc1035.txt). Cannot be updated." } }, "type": "object" }, "google-native:composer/v1beta1:NodeConfigResponse": { "description": "The configuration information for the Kubernetes Engine nodes running the Apache Airflow software.", "properties": { "diskSizeGb": { "type": "integer", "description": "Optional. The disk size in GB used for node VMs. Minimum size is 30GB. If unspecified, defaults to 100GB. Cannot be updated. This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "enableIpMasqAgent": { "type": "boolean", "description": "Optional. Deploys 'ip-masq-agent' daemon set in the GKE cluster and defines nonMasqueradeCIDRs equals to pod IP range so IP masquerading is used for all destination addresses, except between pods traffic. See: https://cloud.google.com/kubernetes-engine/docs/how-to/ip-masquerade-agent" }, "ipAllocationPolicy": { "$ref": "#/types/google-native:composer%2Fv1beta1:IPAllocationPolicyResponse", "description": "Optional. The IPAllocationPolicy fields for the GKE cluster." }, "location": { "type": "string", "description": "Optional. The Compute Engine [zone](/compute/docs/regions-zones) in which to deploy the VMs used to run the Apache Airflow software, specified as a [relative resource name](/apis/design/resource_names#relative_resource_name). For example: \"projects/{projectId}/zones/{zoneId}\". This `location` must belong to the enclosing environment's project and location. If both this field and `nodeConfig.machineType` are specified, `nodeConfig.machineType` must belong to this `location`; if both are unspecified, the service will pick a zone in the Compute Engine region corresponding to the Cloud Composer location, and propagate that choice to both fields. If only one field (`location` or `nodeConfig.machineType`) is specified, the location information from the specified field will be propagated to the unspecified field. This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "machineType": { "type": "string", "description": "Optional. The Compute Engine [machine type](/compute/docs/machine-types) used for cluster instances, specified as a [relative resource name](/apis/design/resource_names#relative_resource_name). For example: \"projects/{projectId}/zones/{zoneId}/machineTypes/{machineTypeId}\". The `machineType` must belong to the enclosing environment's project and location. If both this field and `nodeConfig.location` are specified, this `machineType` must belong to the `nodeConfig.location`; if both are unspecified, the service will pick a zone in the Compute Engine region corresponding to the Cloud Composer location, and propagate that choice to both fields. If exactly one of this field and `nodeConfig.location` is specified, the location information from the specified field will be propagated to the unspecified field. The `machineTypeId` must not be a [shared-core machine type](/compute/docs/machine-types#sharedcore). If this field is unspecified, the `machineTypeId` defaults to \"n1-standard-1\". This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "maxPodsPerNode": { "type": "integer", "description": "Optional. The maximum number of pods per node in the Cloud Composer GKE cluster. The value must be between 8 and 110 and it can be set only if the environment is VPC-native. The default value is 32. Values of this field will be propagated both to the `default-pool` node pool of the newly created GKE cluster, and to the default \"Maximum Pods per Node\" value which is used for newly created node pools if their value is not explicitly set during node pool creation. For more information, see [Optimizing IP address allocation] (https://cloud.google.com/kubernetes-engine/docs/how-to/flexible-pod-cidr). Cannot be updated. This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "network": { "type": "string", "description": "Optional. The Compute Engine network to be used for machine communications, specified as a [relative resource name](/apis/design/resource_names#relative_resource_name). For example: \"projects/{projectId}/global/networks/{networkId}\". If unspecified, the default network in the environment's project is used. If a [Custom Subnet Network](/vpc/docs/vpc#vpc_networks_and_subnets) is provided, `nodeConfig.subnetwork` must also be provided. For [Shared VPC](/vpc/docs/shared-vpc) subnetwork requirements, see `nodeConfig.subnetwork`." }, "oauthScopes": { "type": "array", "items": { "type": "string" }, "description": "Optional. The set of Google API scopes to be made available on all node VMs. If `oauth_scopes` is empty, defaults to [\"https://www.googleapis.com/auth/cloud-platform\"]. Cannot be updated. This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "serviceAccount": { "type": "string", "description": "Optional. The Google Cloud Platform Service Account to be used by the workloads. If a service account is not specified, the \"default\" Compute Engine service account is used. Cannot be updated." }, "subnetwork": { "type": "string", "description": "Optional. The Compute Engine subnetwork to be used for machine communications, specified as a [relative resource name](/apis/design/resource_names#relative_resource_name). For example: \"projects/{projectId}/regions/{regionId}/subnetworks/{subnetworkId}\" If a subnetwork is provided, `nodeConfig.network` must also be provided, and the subnetwork must belong to the enclosing environment's project and location." }, "tags": { "type": "array", "items": { "type": "string" }, "description": "Optional. The list of instance tags applied to all node VMs. Tags are used to identify valid sources or targets for network firewalls. Each tag within the list must comply with [RFC1035](https://www.ietf.org/rfc/rfc1035.txt). Cannot be updated." } }, "type": "object", "required": [ "diskSizeGb", "enableIpMasqAgent", "ipAllocationPolicy", "location", "machineType", "maxPodsPerNode", "network", "oauthScopes", "serviceAccount", "subnetwork", "tags" ] }, "google-native:composer/v1beta1:PrivateClusterConfig": { "description": "Configuration options for the private GKE cluster in a Cloud Composer environment.", "properties": { "enablePrivateEndpoint": { "type": "boolean", "description": "Optional. If `true`, access to the public endpoint of the GKE cluster is denied." }, "masterIpv4CidrBlock": { "type": "string", "description": "Optional. The CIDR block from which IPv4 range for GKE master will be reserved. If left blank, the default value of '172.16.0.0/23' is used." } }, "type": "object" }, "google-native:composer/v1beta1:PrivateClusterConfigResponse": { "description": "Configuration options for the private GKE cluster in a Cloud Composer environment.", "properties": { "enablePrivateEndpoint": { "type": "boolean", "description": "Optional. If `true`, access to the public endpoint of the GKE cluster is denied." }, "masterIpv4CidrBlock": { "type": "string", "description": "Optional. The CIDR block from which IPv4 range for GKE master will be reserved. If left blank, the default value of '172.16.0.0/23' is used." }, "masterIpv4ReservedRange": { "type": "string", "description": "The IP range in CIDR notation to use for the hosted master network. This range is used for assigning internal IP addresses to the cluster master or set of masters and to the internal load balancer virtual IP. This range must not overlap with any other ranges in use within the cluster's network." } }, "type": "object", "required": [ "enablePrivateEndpoint", "masterIpv4CidrBlock", "masterIpv4ReservedRange" ] }, "google-native:composer/v1beta1:PrivateEnvironmentConfig": { "description": "The configuration information for configuring a Private IP Cloud Composer environment.", "properties": { "cloudComposerConnectionSubnetwork": { "type": "string", "description": "Optional. When specified, the environment will use Private Service Connect instead of VPC peerings to connect to Cloud SQL in the Tenant Project, and the PSC endpoint in the Customer Project will use an IP address from this subnetwork." }, "cloudComposerNetworkIpv4CidrBlock": { "type": "string", "description": "Optional. The CIDR block from which IP range for Cloud Composer Network in tenant project will be reserved. Needs to be disjoint from private_cluster_config.master_ipv4_cidr_block and cloud_sql_ipv4_cidr_block. This field is supported for Cloud Composer environments in versions composer-2.*.*-airflow-*.*.* and newer." }, "cloudSqlIpv4CidrBlock": { "type": "string", "description": "Optional. The CIDR block from which IP range in tenant project will be reserved for Cloud SQL. Needs to be disjoint from web_server_ipv4_cidr_block" }, "enablePrivateEnvironment": { "type": "boolean", "description": "Optional. If `true`, a Private IP Cloud Composer environment is created. If this field is set to true, `IPAllocationPolicy.use_ip_aliases` must be set to true for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "enablePrivatelyUsedPublicIps": { "type": "boolean", "description": "Optional. When enabled, IPs from public (non-RFC1918) ranges can be used for `IPAllocationPolicy.cluster_ipv4_cidr_block` and `IPAllocationPolicy.service_ipv4_cidr_block`." }, "networkingConfig": { "$ref": "#/types/google-native:composer%2Fv1beta1:NetworkingConfig", "description": "Optional. Configuration for the network connections configuration in the environment." }, "privateClusterConfig": { "$ref": "#/types/google-native:composer%2Fv1beta1:PrivateClusterConfig", "description": "Optional. Configuration for the private GKE cluster for a Private IP Cloud Composer environment." }, "webServerIpv4CidrBlock": { "type": "string", "description": "Optional. The CIDR block from which IP range for web server will be reserved. Needs to be disjoint from private_cluster_config.master_ipv4_cidr_block and cloud_sql_ipv4_cidr_block. This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." } }, "type": "object" }, "google-native:composer/v1beta1:PrivateEnvironmentConfigResponse": { "description": "The configuration information for configuring a Private IP Cloud Composer environment.", "properties": { "cloudComposerConnectionSubnetwork": { "type": "string", "description": "Optional. When specified, the environment will use Private Service Connect instead of VPC peerings to connect to Cloud SQL in the Tenant Project, and the PSC endpoint in the Customer Project will use an IP address from this subnetwork." }, "cloudComposerNetworkIpv4CidrBlock": { "type": "string", "description": "Optional. The CIDR block from which IP range for Cloud Composer Network in tenant project will be reserved. Needs to be disjoint from private_cluster_config.master_ipv4_cidr_block and cloud_sql_ipv4_cidr_block. This field is supported for Cloud Composer environments in versions composer-2.*.*-airflow-*.*.* and newer." }, "cloudComposerNetworkIpv4ReservedRange": { "type": "string", "description": "The IP range reserved for the tenant project's Cloud Composer network. This field is supported for Cloud Composer environments in versions composer-2.*.*-airflow-*.*.* and newer." }, "cloudSqlIpv4CidrBlock": { "type": "string", "description": "Optional. The CIDR block from which IP range in tenant project will be reserved for Cloud SQL. Needs to be disjoint from web_server_ipv4_cidr_block" }, "enablePrivateEnvironment": { "type": "boolean", "description": "Optional. If `true`, a Private IP Cloud Composer environment is created. If this field is set to true, `IPAllocationPolicy.use_ip_aliases` must be set to true for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "enablePrivatelyUsedPublicIps": { "type": "boolean", "description": "Optional. When enabled, IPs from public (non-RFC1918) ranges can be used for `IPAllocationPolicy.cluster_ipv4_cidr_block` and `IPAllocationPolicy.service_ipv4_cidr_block`." }, "networkingConfig": { "$ref": "#/types/google-native:composer%2Fv1beta1:NetworkingConfigResponse", "description": "Optional. Configuration for the network connections configuration in the environment." }, "privateClusterConfig": { "$ref": "#/types/google-native:composer%2Fv1beta1:PrivateClusterConfigResponse", "description": "Optional. Configuration for the private GKE cluster for a Private IP Cloud Composer environment." }, "webServerIpv4CidrBlock": { "type": "string", "description": "Optional. The CIDR block from which IP range for web server will be reserved. Needs to be disjoint from private_cluster_config.master_ipv4_cidr_block and cloud_sql_ipv4_cidr_block. This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." }, "webServerIpv4ReservedRange": { "type": "string", "description": "The IP range reserved for the tenant project's App Engine VMs. This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*." } }, "type": "object", "required": [ "cloudComposerConnectionSubnetwork", "cloudComposerNetworkIpv4CidrBlock", "cloudComposerNetworkIpv4ReservedRange", "cloudSqlIpv4CidrBlock", "enablePrivateEnvironment", "enablePrivatelyUsedPublicIps", "networkingConfig", "privateClusterConfig", "webServerIpv4CidrBlock", "webServerIpv4ReservedRange" ] }, "google-native:composer/v1beta1:RecoveryConfig": { "description": "The Recovery settings of an environment.", "properties": { "scheduledSnapshotsConfig": { "$ref": "#/types/google-native:composer%2Fv1beta1:ScheduledSnapshotsConfig", "description": "Optional. The configuration for scheduled snapshot creation mechanism." } }, "type": "object" }, "google-native:composer/v1beta1:RecoveryConfigResponse": { "description": "The Recovery settings of an environment.", "properties": { "scheduledSnapshotsConfig": { "$ref": "#/types/google-native:composer%2Fv1beta1:ScheduledSnapshotsConfigResponse", "description": "Optional. The configuration for scheduled snapshot creation mechanism." } }, "type": "object", "required": [ "scheduledSnapshotsConfig" ] }, "google-native:composer/v1beta1:ScheduledSnapshotsConfig": { "description": "The configuration for scheduled snapshot creation mechanism.", "properties": { "enabled": { "type": "boolean", "description": "Optional. Whether scheduled snapshots creation is enabled." }, "snapshotCreationSchedule": { "type": "string", "description": "Optional. The cron expression representing the time when snapshots creation mechanism runs. This field is subject to additional validation around frequency of execution." }, "snapshotLocation": { "type": "string", "description": "Optional. The Cloud Storage location for storing automatically created snapshots." }, "timeZone": { "type": "string", "description": "Optional. Time zone that sets the context to interpret snapshot_creation_schedule." } }, "type": "object" }, "google-native:composer/v1beta1:ScheduledSnapshotsConfigResponse": { "description": "The configuration for scheduled snapshot creation mechanism.", "properties": { "enabled": { "type": "boolean", "description": "Optional. Whether scheduled snapshots creation is enabled." }, "snapshotCreationSchedule": { "type": "string", "description": "Optional. The cron expression representing the time when snapshots creation mechanism runs. This field is subject to additional validation around frequency of execution." }, "snapshotLocation": { "type": "string", "description": "Optional. The Cloud Storage location for storing automatically created snapshots." }, "timeZone": { "type": "string", "description": "Optional. Time zone that sets the context to interpret snapshot_creation_schedule." } }, "type": "object", "required": [ "enabled", "snapshotCreationSchedule", "snapshotLocation", "timeZone" ] }, "google-native:composer/v1beta1:SchedulerResource": { "description": "Configuration for resources used by Airflow schedulers.", "properties": { "count": { "type": "integer", "description": "Optional. The number of schedulers." }, "cpu": { "type": "number", "description": "Optional. CPU request and limit for a single Airflow scheduler replica." }, "memoryGb": { "type": "number", "description": "Optional. Memory (GB) request and limit for a single Airflow scheduler replica." }, "storageGb": { "type": "number", "description": "Optional. Storage (GB) request and limit for a single Airflow scheduler replica." } }, "type": "object" }, "google-native:composer/v1beta1:SchedulerResourceResponse": { "description": "Configuration for resources used by Airflow schedulers.", "properties": { "count": { "type": "integer", "description": "Optional. The number of schedulers." }, "cpu": { "type": "number", "description": "Optional. CPU request and limit for a single Airflow scheduler replica." }, "memoryGb": { "type": "number", "description": "Optional. Memory (GB) request and limit for a single Airflow scheduler replica." }, "storageGb": { "type": "number", "description": "Optional. Storage (GB) request and limit for a single Airflow scheduler replica." } }, "type": "object", "required": [ "count", "cpu", "memoryGb", "storageGb" ] }, "google-native:composer/v1beta1:SoftwareConfig": { "description": "Specifies the selection and configuration of software inside the environment.", "properties": { "airflowConfigOverrides": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Apache Airflow configuration properties to override. Property keys contain the section and property names, separated by a hyphen, for example \"core-dags_are_paused_at_creation\". Section names must not contain hyphens (\"-\"), opening square brackets (\"[\"), or closing square brackets (\"]\"). The property name must not be empty and must not contain an equals sign (\"=\") or semicolon (\";\"). Section and property names must not contain a period (\".\"). Apache Airflow configuration property names must be written in [snake_case](https://en.wikipedia.org/wiki/Snake_case). Property values can contain any character, and can be written in any lower/upper case format. Certain Apache Airflow configuration property values are [blocked](/composer/docs/concepts/airflow-configurations), and cannot be overridden." }, "cloudDataLineageIntegration": { "$ref": "#/types/google-native:composer%2Fv1beta1:CloudDataLineageIntegration", "description": "Optional. The configuration for Cloud Data Lineage integration." }, "envVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Additional environment variables to provide to the Apache Airflow scheduler, worker, and webserver processes. Environment variable names must match the regular expression `a-zA-Z_*`. They cannot specify Apache Airflow software configuration overrides (they cannot match the regular expression `AIRFLOW__[A-Z0-9_]+__[A-Z0-9_]+`), and they cannot match any of the following reserved names: * `AIRFLOW_HOME` * `C_FORCE_ROOT` * `CONTAINER_NAME` * `DAGS_FOLDER` * `GCP_PROJECT` * `GCS_BUCKET` * `GKE_CLUSTER_NAME` * `SQL_DATABASE` * `SQL_INSTANCE` * `SQL_PASSWORD` * `SQL_PROJECT` * `SQL_REGION` * `SQL_USER`" }, "imageVersion": { "type": "string", "description": "The version of the software running in the environment. This encapsulates both the version of Cloud Composer functionality and the version of Apache Airflow. It must match the regular expression `composer-([0-9]+(\\.[0-9]+\\.[0-9]+(-preview\\.[0-9]+)?)?|latest)-airflow-([0-9]+(\\.[0-9]+(\\.[0-9]+)?)?)`. When used as input, the server also checks if the provided version is supported and denies the request for an unsupported version. The Cloud Composer portion of the image version is a full [semantic version](https://semver.org), or an alias in the form of major version number or `latest`. When an alias is provided, the server replaces it with the current Cloud Composer version that satisfies the alias. The Apache Airflow portion of the image version is a full semantic version that points to one of the supported Apache Airflow versions, or an alias in the form of only major or major.minor versions specified. When an alias is provided, the server replaces it with the latest Apache Airflow version that satisfies the alias and is supported in the given Cloud Composer version. In all cases, the resolved image version is stored in the same field. See also [version list](/composer/docs/concepts/versioning/composer-versions) and [versioning overview](/composer/docs/concepts/versioning/composer-versioning-overview)." }, "pypiPackages": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Custom Python Package Index (PyPI) packages to be installed in the environment. Keys refer to the lowercase package name such as \"numpy\" and values are the lowercase extras and version specifier such as \"==1.12.0\", \"[devel,gcp_api]\", or \"[devel]>=1.8.2, <1.9.2\". To specify a package without pinning it to a version specifier, use the empty string as the value." }, "pythonVersion": { "type": "string", "description": "Optional. The major version of Python used to run the Apache Airflow scheduler, worker, and webserver processes. Can be set to '2' or '3'. If not specified, the default is '3'. Cannot be updated. This field is only supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*. Environments in newer versions always use Python major version 3." }, "schedulerCount": { "type": "integer", "description": "Optional. The number of schedulers for Airflow. This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-2.*.*." } }, "type": "object" }, "google-native:composer/v1beta1:SoftwareConfigResponse": { "description": "Specifies the selection and configuration of software inside the environment.", "properties": { "airflowConfigOverrides": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Apache Airflow configuration properties to override. Property keys contain the section and property names, separated by a hyphen, for example \"core-dags_are_paused_at_creation\". Section names must not contain hyphens (\"-\"), opening square brackets (\"[\"), or closing square brackets (\"]\"). The property name must not be empty and must not contain an equals sign (\"=\") or semicolon (\";\"). Section and property names must not contain a period (\".\"). Apache Airflow configuration property names must be written in [snake_case](https://en.wikipedia.org/wiki/Snake_case). Property values can contain any character, and can be written in any lower/upper case format. Certain Apache Airflow configuration property values are [blocked](/composer/docs/concepts/airflow-configurations), and cannot be overridden." }, "cloudDataLineageIntegration": { "$ref": "#/types/google-native:composer%2Fv1beta1:CloudDataLineageIntegrationResponse", "description": "Optional. The configuration for Cloud Data Lineage integration." }, "envVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Additional environment variables to provide to the Apache Airflow scheduler, worker, and webserver processes. Environment variable names must match the regular expression `a-zA-Z_*`. They cannot specify Apache Airflow software configuration overrides (they cannot match the regular expression `AIRFLOW__[A-Z0-9_]+__[A-Z0-9_]+`), and they cannot match any of the following reserved names: * `AIRFLOW_HOME` * `C_FORCE_ROOT` * `CONTAINER_NAME` * `DAGS_FOLDER` * `GCP_PROJECT` * `GCS_BUCKET` * `GKE_CLUSTER_NAME` * `SQL_DATABASE` * `SQL_INSTANCE` * `SQL_PASSWORD` * `SQL_PROJECT` * `SQL_REGION` * `SQL_USER`" }, "imageVersion": { "type": "string", "description": "The version of the software running in the environment. This encapsulates both the version of Cloud Composer functionality and the version of Apache Airflow. It must match the regular expression `composer-([0-9]+(\\.[0-9]+\\.[0-9]+(-preview\\.[0-9]+)?)?|latest)-airflow-([0-9]+(\\.[0-9]+(\\.[0-9]+)?)?)`. When used as input, the server also checks if the provided version is supported and denies the request for an unsupported version. The Cloud Composer portion of the image version is a full [semantic version](https://semver.org), or an alias in the form of major version number or `latest`. When an alias is provided, the server replaces it with the current Cloud Composer version that satisfies the alias. The Apache Airflow portion of the image version is a full semantic version that points to one of the supported Apache Airflow versions, or an alias in the form of only major or major.minor versions specified. When an alias is provided, the server replaces it with the latest Apache Airflow version that satisfies the alias and is supported in the given Cloud Composer version. In all cases, the resolved image version is stored in the same field. See also [version list](/composer/docs/concepts/versioning/composer-versions) and [versioning overview](/composer/docs/concepts/versioning/composer-versioning-overview)." }, "pypiPackages": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Custom Python Package Index (PyPI) packages to be installed in the environment. Keys refer to the lowercase package name such as \"numpy\" and values are the lowercase extras and version specifier such as \"==1.12.0\", \"[devel,gcp_api]\", or \"[devel]>=1.8.2, <1.9.2\". To specify a package without pinning it to a version specifier, use the empty string as the value." }, "pythonVersion": { "type": "string", "description": "Optional. The major version of Python used to run the Apache Airflow scheduler, worker, and webserver processes. Can be set to '2' or '3'. If not specified, the default is '3'. Cannot be updated. This field is only supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*. Environments in newer versions always use Python major version 3." }, "schedulerCount": { "type": "integer", "description": "Optional. The number of schedulers for Airflow. This field is supported for Cloud Composer environments in versions composer-1.*.*-airflow-2.*.*." } }, "type": "object", "required": [ "airflowConfigOverrides", "cloudDataLineageIntegration", "envVariables", "imageVersion", "pypiPackages", "pythonVersion", "schedulerCount" ] }, "google-native:composer/v1beta1:StorageConfig": { "description": "The configuration for data storage in the environment.", "properties": { "bucket": { "type": "string", "description": "Optional. The name of the Cloud Storage bucket used by the environment. No `gs://` prefix." } }, "type": "object" }, "google-native:composer/v1beta1:StorageConfigResponse": { "description": "The configuration for data storage in the environment.", "properties": { "bucket": { "type": "string", "description": "Optional. The name of the Cloud Storage bucket used by the environment. No `gs://` prefix." } }, "type": "object", "required": [ "bucket" ] }, "google-native:composer/v1beta1:TriggererResource": { "description": "Configuration for resources used by Airflow triggerers.", "properties": { "count": { "type": "integer", "description": "Optional. The number of triggerers." }, "cpu": { "type": "number", "description": "Optional. CPU request and limit for a single Airflow triggerer replica." }, "memoryGb": { "type": "number", "description": "Optional. Memory (GB) request and limit for a single Airflow triggerer replica." } }, "type": "object" }, "google-native:composer/v1beta1:TriggererResourceResponse": { "description": "Configuration for resources used by Airflow triggerers.", "properties": { "count": { "type": "integer", "description": "Optional. The number of triggerers." }, "cpu": { "type": "number", "description": "Optional. CPU request and limit for a single Airflow triggerer replica." }, "memoryGb": { "type": "number", "description": "Optional. Memory (GB) request and limit for a single Airflow triggerer replica." } }, "type": "object", "required": [ "count", "cpu", "memoryGb" ] }, "google-native:composer/v1beta1:WebServerConfig": { "description": "The configuration settings for the Airflow web server App Engine instance. Supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*.", "properties": { "machineType": { "type": "string", "description": "Optional. Machine type on which Airflow web server is running. It has to be one of: composer-n1-webserver-2, composer-n1-webserver-4 or composer-n1-webserver-8. If not specified, composer-n1-webserver-2 will be used. Value custom is returned only in response, if Airflow web server parameters were manually changed to a non-standard values." } }, "type": "object" }, "google-native:composer/v1beta1:WebServerConfigResponse": { "description": "The configuration settings for the Airflow web server App Engine instance. Supported for Cloud Composer environments in versions composer-1.*.*-airflow-*.*.*.", "properties": { "machineType": { "type": "string", "description": "Optional. Machine type on which Airflow web server is running. It has to be one of: composer-n1-webserver-2, composer-n1-webserver-4 or composer-n1-webserver-8. If not specified, composer-n1-webserver-2 will be used. Value custom is returned only in response, if Airflow web server parameters were manually changed to a non-standard values." } }, "type": "object", "required": [ "machineType" ] }, "google-native:composer/v1beta1:WebServerNetworkAccessControl": { "description": "Network-level access control policy for the Airflow web server.", "properties": { "allowedIpRanges": { "type": "array", "items": { "$ref": "#/types/google-native:composer%2Fv1beta1:AllowedIpRange" }, "description": "A collection of allowed IP ranges with descriptions." } }, "type": "object" }, "google-native:composer/v1beta1:WebServerNetworkAccessControlResponse": { "description": "Network-level access control policy for the Airflow web server.", "properties": { "allowedIpRanges": { "type": "array", "items": { "$ref": "#/types/google-native:composer%2Fv1beta1:AllowedIpRangeResponse" }, "description": "A collection of allowed IP ranges with descriptions." } }, "type": "object", "required": [ "allowedIpRanges" ] }, "google-native:composer/v1beta1:WebServerResource": { "description": "Configuration for resources used by Airflow web server.", "properties": { "cpu": { "type": "number", "description": "Optional. CPU request and limit for Airflow web server." }, "memoryGb": { "type": "number", "description": "Optional. Memory (GB) request and limit for Airflow web server." }, "storageGb": { "type": "number", "description": "Optional. Storage (GB) request and limit for Airflow web server." } }, "type": "object" }, "google-native:composer/v1beta1:WebServerResourceResponse": { "description": "Configuration for resources used by Airflow web server.", "properties": { "cpu": { "type": "number", "description": "Optional. CPU request and limit for Airflow web server." }, "memoryGb": { "type": "number", "description": "Optional. Memory (GB) request and limit for Airflow web server." }, "storageGb": { "type": "number", "description": "Optional. Storage (GB) request and limit for Airflow web server." } }, "type": "object", "required": [ "cpu", "memoryGb", "storageGb" ] }, "google-native:composer/v1beta1:WorkerResource": { "description": "Configuration for resources used by Airflow workers.", "properties": { "cpu": { "type": "number", "description": "Optional. CPU request and limit for a single Airflow worker replica." }, "maxCount": { "type": "integer", "description": "Optional. Maximum number of workers for autoscaling." }, "memoryGb": { "type": "number", "description": "Optional. Memory (GB) request and limit for a single Airflow worker replica." }, "minCount": { "type": "integer", "description": "Optional. Minimum number of workers for autoscaling." }, "storageGb": { "type": "number", "description": "Optional. Storage (GB) request and limit for a single Airflow worker replica." } }, "type": "object" }, "google-native:composer/v1beta1:WorkerResourceResponse": { "description": "Configuration for resources used by Airflow workers.", "properties": { "cpu": { "type": "number", "description": "Optional. CPU request and limit for a single Airflow worker replica." }, "maxCount": { "type": "integer", "description": "Optional. Maximum number of workers for autoscaling." }, "memoryGb": { "type": "number", "description": "Optional. Memory (GB) request and limit for a single Airflow worker replica." }, "minCount": { "type": "integer", "description": "Optional. Minimum number of workers for autoscaling." }, "storageGb": { "type": "number", "description": "Optional. Storage (GB) request and limit for a single Airflow worker replica." } }, "type": "object", "required": [ "cpu", "maxCount", "memoryGb", "minCount", "storageGb" ] }, "google-native:composer/v1beta1:WorkloadsConfig": { "description": "The Kubernetes workloads configuration for GKE cluster associated with the Cloud Composer environment. Supported for Cloud Composer environments in versions composer-2.*.*-airflow-*.*.* and newer.", "properties": { "scheduler": { "$ref": "#/types/google-native:composer%2Fv1beta1:SchedulerResource", "description": "Optional. Resources used by Airflow schedulers." }, "triggerer": { "$ref": "#/types/google-native:composer%2Fv1beta1:TriggererResource", "description": "Optional. Resources used by Airflow triggerers." }, "webServer": { "$ref": "#/types/google-native:composer%2Fv1beta1:WebServerResource", "description": "Optional. Resources used by Airflow web server." }, "worker": { "$ref": "#/types/google-native:composer%2Fv1beta1:WorkerResource", "description": "Optional. Resources used by Airflow workers." } }, "type": "object" }, "google-native:composer/v1beta1:WorkloadsConfigResponse": { "description": "The Kubernetes workloads configuration for GKE cluster associated with the Cloud Composer environment. Supported for Cloud Composer environments in versions composer-2.*.*-airflow-*.*.* and newer.", "properties": { "scheduler": { "$ref": "#/types/google-native:composer%2Fv1beta1:SchedulerResourceResponse", "description": "Optional. Resources used by Airflow schedulers." }, "triggerer": { "$ref": "#/types/google-native:composer%2Fv1beta1:TriggererResourceResponse", "description": "Optional. Resources used by Airflow triggerers." }, "webServer": { "$ref": "#/types/google-native:composer%2Fv1beta1:WebServerResourceResponse", "description": "Optional. Resources used by Airflow web server." }, "worker": { "$ref": "#/types/google-native:composer%2Fv1beta1:WorkerResourceResponse", "description": "Optional. Resources used by Airflow workers." } }, "type": "object", "required": [ "scheduler", "triggerer", "webServer", "worker" ] }, "google-native:compute/alpha:AWSV4Signature": { "description": "Contains the configurations necessary to generate a signature for access to private storage buckets that support Signature Version 4 for authentication. The service name for generating the authentication header will always default to 's3'.", "properties": { "accessKey": { "type": "string", "description": "The access key used for s3 bucket authentication. Required for updating or creating a backend that uses AWS v4 signature authentication, but will not be returned as part of the configuration when queried with a REST API GET request. @InputOnly" }, "accessKeyId": { "type": "string", "description": "The identifier of an access key used for s3 bucket authentication." }, "accessKeyVersion": { "type": "string", "description": "The optional version identifier for the access key. You can use this to keep track of different iterations of your access key." }, "originRegion": { "type": "string", "description": "The name of the cloud region of your origin. This is a free-form field with the name of the region your cloud uses to host your origin. For example, \"us-east-1\" for AWS or \"us-ashburn-1\" for OCI." } }, "type": "object" }, "google-native:compute/alpha:AWSV4SignatureResponse": { "description": "Contains the configurations necessary to generate a signature for access to private storage buckets that support Signature Version 4 for authentication. The service name for generating the authentication header will always default to 's3'.", "properties": { "accessKey": { "type": "string", "description": "The access key used for s3 bucket authentication. Required for updating or creating a backend that uses AWS v4 signature authentication, but will not be returned as part of the configuration when queried with a REST API GET request. @InputOnly" }, "accessKeyId": { "type": "string", "description": "The identifier of an access key used for s3 bucket authentication." }, "accessKeyVersion": { "type": "string", "description": "The optional version identifier for the access key. You can use this to keep track of different iterations of your access key." }, "originRegion": { "type": "string", "description": "The name of the cloud region of your origin. This is a free-form field with the name of the region your cloud uses to host your origin. For example, \"us-east-1\" for AWS or \"us-ashburn-1\" for OCI." } }, "type": "object", "required": [ "accessKey", "accessKeyId", "accessKeyVersion", "originRegion" ] }, "google-native:compute/alpha:AcceleratorConfig": { "description": "A specification of the type and number of accelerator cards attached to the instance.", "properties": { "acceleratorCount": { "type": "integer", "description": "The number of the guest accelerator cards exposed to this instance." }, "acceleratorType": { "type": "string", "description": "Full or partial URL of the accelerator type resource to attach to this instance. For example: projects/my-project/zones/us-central1-c/acceleratorTypes/nvidia-tesla-p100 If you are creating an instance template, specify only the accelerator name. See GPUs on Compute Engine for a full list of accelerator types." } }, "type": "object" }, "google-native:compute/alpha:AcceleratorConfigResponse": { "description": "A specification of the type and number of accelerator cards attached to the instance.", "properties": { "acceleratorCount": { "type": "integer", "description": "The number of the guest accelerator cards exposed to this instance." }, "acceleratorType": { "type": "string", "description": "Full or partial URL of the accelerator type resource to attach to this instance. For example: projects/my-project/zones/us-central1-c/acceleratorTypes/nvidia-tesla-p100 If you are creating an instance template, specify only the accelerator name. See GPUs on Compute Engine for a full list of accelerator types." } }, "type": "object", "required": [ "acceleratorCount", "acceleratorType" ] }, "google-native:compute/alpha:AccessConfig": { "description": "An access configuration attached to an instance's network interface. Only one access config per instance is supported.", "properties": { "externalIpv6": { "type": "string", "description": "Applies to ipv6AccessConfigs only. The first IPv6 address of the external IPv6 range associated with this instance, prefix length is stored in externalIpv6PrefixLength in ipv6AccessConfig. To use a static external IP address, it must be unused and in the same region as the instance's zone. If not specified, Google Cloud will automatically assign an external IPv6 address from the instance's subnetwork." }, "externalIpv6PrefixLength": { "type": "integer", "description": "Applies to ipv6AccessConfigs only. The prefix length of the external IPv6 range." }, "name": { "type": "string", "description": "The name of this access configuration. In accessConfigs (IPv4), the default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access. In ipv6AccessConfigs, the recommend name is External IPv6." }, "natIP": { "type": "string", "description": "Applies to accessConfigs (IPv4) only. An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance." }, "networkTier": { "$ref": "#/types/google-native:compute%2Falpha:AccessConfigNetworkTier", "description": "This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP." }, "publicPtrDomainName": { "type": "string", "description": "The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range." }, "setPublicDns": { "type": "boolean", "description": "Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration." }, "setPublicPtr": { "type": "boolean", "description": "Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated." }, "type": { "$ref": "#/types/google-native:compute%2Falpha:AccessConfigType", "description": "The type of configuration. In accessConfigs (IPv4), the default and only option is ONE_TO_ONE_NAT. In ipv6AccessConfigs, the default and only option is DIRECT_IPV6." } }, "type": "object" }, "google-native:compute/alpha:AccessConfigNetworkTier": { "description": "This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.", "type": "string", "enum": [ { "name": "FixedStandard", "description": "Public internet quality with fixed bandwidth.", "value": "FIXED_STANDARD" }, { "name": "Premium", "description": "High quality, Google-grade network tier, support for all networking products.", "value": "PREMIUM" }, { "name": "Select", "description": "Price competitive network tier, support for all networking products.", "value": "SELECT" }, { "name": "Standard", "description": "Public internet quality, only limited support for other networking products.", "value": "STANDARD" }, { "name": "StandardOverridesFixedStandard", "description": "(Output only) Temporary tier for FIXED_STANDARD when fixed standard tier is expired or not configured.", "value": "STANDARD_OVERRIDES_FIXED_STANDARD" } ] }, "google-native:compute/alpha:AccessConfigResponse": { "description": "An access configuration attached to an instance's network interface. Only one access config per instance is supported.", "properties": { "externalIpv6": { "type": "string", "description": "Applies to ipv6AccessConfigs only. The first IPv6 address of the external IPv6 range associated with this instance, prefix length is stored in externalIpv6PrefixLength in ipv6AccessConfig. To use a static external IP address, it must be unused and in the same region as the instance's zone. If not specified, Google Cloud will automatically assign an external IPv6 address from the instance's subnetwork." }, "externalIpv6PrefixLength": { "type": "integer", "description": "Applies to ipv6AccessConfigs only. The prefix length of the external IPv6 range." }, "kind": { "type": "string", "description": "Type of the resource. Always compute#accessConfig for access configs." }, "name": { "type": "string", "description": "The name of this access configuration. In accessConfigs (IPv4), the default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access. In ipv6AccessConfigs, the recommend name is External IPv6." }, "natIP": { "type": "string", "description": "Applies to accessConfigs (IPv4) only. An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance." }, "networkTier": { "type": "string", "description": "This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP." }, "publicDnsName": { "type": "string", "description": "The public DNS domain name for the instance." }, "publicPtrDomainName": { "type": "string", "description": "The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range." }, "securityPolicy": { "type": "string", "description": "The resource URL for the security policy associated with this access config." }, "setPublicDns": { "type": "boolean", "description": "Specifies whether a public DNS 'A' record should be created for the external IP address of this access configuration." }, "setPublicPtr": { "type": "boolean", "description": "Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated." }, "type": { "type": "string", "description": "The type of configuration. In accessConfigs (IPv4), the default and only option is ONE_TO_ONE_NAT. In ipv6AccessConfigs, the default and only option is DIRECT_IPV6." } }, "type": "object", "required": [ "externalIpv6", "externalIpv6PrefixLength", "kind", "name", "natIP", "networkTier", "publicDnsName", "publicPtrDomainName", "securityPolicy", "setPublicDns", "setPublicPtr", "type" ] }, "google-native:compute/alpha:AccessConfigType": { "description": "The type of configuration. In accessConfigs (IPv4), the default and only option is ONE_TO_ONE_NAT. In ipv6AccessConfigs, the default and only option is DIRECT_IPV6.", "type": "string", "enum": [ { "name": "DirectIpv6", "value": "DIRECT_IPV6" }, { "name": "OneToOneNat", "value": "ONE_TO_ONE_NAT" } ] }, "google-native:compute/alpha:AddressAddressType": { "description": "The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.", "type": "string", "enum": [ { "name": "DnsForwarding", "description": "DNS resolver address in the subnetwork.", "value": "DNS_FORWARDING" }, { "name": "External", "description": "A publicly visible external IP address.", "value": "EXTERNAL" }, { "name": "Internal", "description": "A private network IP address, for use with an Instance or Internal Load Balancer forwarding rule.", "value": "INTERNAL" }, { "name": "UnspecifiedType", "value": "UNSPECIFIED_TYPE" } ] }, "google-native:compute/alpha:AddressIpVersion": { "description": "The IP version that will be used by this address. Valid options are IPV4 or IPV6.", "type": "string", "enum": [ { "name": "Ipv4", "value": "IPV4" }, { "name": "Ipv6", "value": "IPV6" }, { "name": "UnspecifiedVersion", "value": "UNSPECIFIED_VERSION" } ] }, "google-native:compute/alpha:AddressIpv6EndpointType": { "description": "The endpoint type of this address, which should be VM or NETLB. This is used for deciding which type of endpoint this address can be used after the external IPv6 address reservation.", "type": "string", "enum": [ { "name": "Netlb", "description": "Reserved IPv6 address can be used on network load balancer.", "value": "NETLB" }, { "name": "Vm", "description": "Reserved IPv6 address can be used on VM.", "value": "VM" } ] }, "google-native:compute/alpha:AddressNetworkTier": { "description": "This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Internal IP addresses are always Premium Tier; global external IP addresses are always Premium Tier; regional external IP addresses can be either Standard or Premium Tier. If this field is not specified, it is assumed to be PREMIUM.", "type": "string", "enum": [ { "name": "FixedStandard", "description": "Public internet quality with fixed bandwidth.", "value": "FIXED_STANDARD" }, { "name": "Premium", "description": "High quality, Google-grade network tier, support for all networking products.", "value": "PREMIUM" }, { "name": "Select", "description": "Price competitive network tier, support for all networking products.", "value": "SELECT" }, { "name": "Standard", "description": "Public internet quality, only limited support for other networking products.", "value": "STANDARD" }, { "name": "StandardOverridesFixedStandard", "description": "(Output only) Temporary tier for FIXED_STANDARD when fixed standard tier is expired or not configured.", "value": "STANDARD_OVERRIDES_FIXED_STANDARD" } ] }, "google-native:compute/alpha:AddressPurpose": { "description": "The purpose of this resource, which can be one of the following values: - GCE_ENDPOINT for addresses that are used by VM instances, alias IP ranges, load balancers, and similar resources. - DNS_RESOLVER for a DNS resolver address in a subnetwork for a Cloud DNS inbound forwarder IP addresses (regional internal IP address in a subnet of a VPC network) - VPC_PEERING for global internal IP addresses used for private services access allocated ranges. - NAT_AUTO for the regional external IP addresses used by Cloud NAT when allocating addresses using automatic NAT IP address allocation. - IPSEC_INTERCONNECT for addresses created from a private IP range that are reserved for a VLAN attachment in an *HA VPN over Cloud Interconnect* configuration. These addresses are regional resources. - `SHARED_LOADBALANCER_VIP` for an internal IP address that is assigned to multiple internal forwarding rules. - `PRIVATE_SERVICE_CONNECT` for a private network address that is used to configure Private Service Connect. Only global internal addresses can use this purpose. ", "type": "string", "enum": [ { "name": "DnsResolver", "description": "DNS resolver address in the subnetwork.", "value": "DNS_RESOLVER" }, { "name": "GceEndpoint", "description": "VM internal/alias IP, Internal LB service IP, etc.", "value": "GCE_ENDPOINT" }, { "name": "IpsecInterconnect", "description": "A regional internal IP address range reserved for the VLAN attachment that is used in HA VPN over Cloud Interconnect. This regional internal IP address range must not overlap with any IP address range of subnet/route in the VPC network and its peering networks. After the VLAN attachment is created with the reserved IP address range, when creating a new VPN gateway, its interface IP address is allocated from the associated VLAN attachment’s IP address range.", "value": "IPSEC_INTERCONNECT" }, { "name": "NatAuto", "description": "External IP automatically reserved for Cloud NAT.", "value": "NAT_AUTO" }, { "name": "PrivateServiceConnect", "description": "A private network IP address that can be used to configure Private Service Connect. This purpose can be specified only for GLOBAL addresses of Type INTERNAL", "value": "PRIVATE_SERVICE_CONNECT" }, { "name": "Serverless", "description": "A regional internal IP address range reserved for Serverless.", "value": "SERVERLESS" }, { "name": "SharedLoadbalancerVip", "description": "A private network IP address that can be shared by multiple Internal Load Balancer forwarding rules.", "value": "SHARED_LOADBALANCER_VIP" }, { "name": "VpcPeering", "description": "IP range for peer networks.", "value": "VPC_PEERING" } ] }, "google-native:compute/alpha:AdvancedMachineFeatures": { "description": "Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled).", "properties": { "enableNestedVirtualization": { "type": "boolean", "description": "Whether to enable nested virtualization or not (default is false)." }, "enableUefiNetworking": { "type": "boolean", "description": "Whether to enable UEFI networking for instance creation." }, "numaNodeCount": { "type": "integer", "description": "The number of vNUMA nodes." }, "performanceMonitoringUnit": { "$ref": "#/types/google-native:compute%2Falpha:AdvancedMachineFeaturesPerformanceMonitoringUnit", "description": "Type of Performance Monitoring Unit requested on instance." }, "threadsPerCore": { "type": "integer", "description": "The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed." }, "visibleCoreCount": { "type": "integer", "description": "The number of physical cores to expose to an instance. Multiply by the number of threads per core to compute the total number of virtual CPUs to expose to the instance. If unset, the number of cores is inferred from the instance's nominal CPU count and the underlying platform's SMT width." } }, "type": "object" }, "google-native:compute/alpha:AdvancedMachineFeaturesPerformanceMonitoringUnit": { "description": "Type of Performance Monitoring Unit requested on instance.", "type": "string", "enum": [ { "name": "Architectural", "description": "Architecturally defined non-LLC events.", "value": "ARCHITECTURAL" }, { "name": "Enhanced", "description": "Most documented core/L2 and LLC events.", "value": "ENHANCED" }, { "name": "PerformanceMonitoringUnitUnspecified", "value": "PERFORMANCE_MONITORING_UNIT_UNSPECIFIED" }, { "name": "Standard", "description": "Most documented core/L2 events.", "value": "STANDARD" } ] }, "google-native:compute/alpha:AdvancedMachineFeaturesResponse": { "description": "Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled).", "properties": { "enableNestedVirtualization": { "type": "boolean", "description": "Whether to enable nested virtualization or not (default is false)." }, "enableUefiNetworking": { "type": "boolean", "description": "Whether to enable UEFI networking for instance creation." }, "numaNodeCount": { "type": "integer", "description": "The number of vNUMA nodes." }, "performanceMonitoringUnit": { "type": "string", "description": "Type of Performance Monitoring Unit requested on instance." }, "threadsPerCore": { "type": "integer", "description": "The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed." }, "visibleCoreCount": { "type": "integer", "description": "The number of physical cores to expose to an instance. Multiply by the number of threads per core to compute the total number of virtual CPUs to expose to the instance. If unset, the number of cores is inferred from the instance's nominal CPU count and the underlying platform's SMT width." } }, "type": "object", "required": [ "enableNestedVirtualization", "enableUefiNetworking", "numaNodeCount", "performanceMonitoringUnit", "threadsPerCore", "visibleCoreCount" ] }, "google-native:compute/alpha:AliasIpRange": { "description": "An alias IP range attached to an instance's network interface.", "properties": { "ipCidrRange": { "type": "string", "description": "The IP alias ranges to allocate for this interface. This IP CIDR range must belong to the specified subnetwork and cannot contain IP addresses reserved by system or used by other network interfaces. This range may be a single IP address (such as 10.2.3.4), a netmask (such as /24) or a CIDR-formatted string (such as 10.1.2.0/24)." }, "subnetworkRangeName": { "type": "string", "description": "The name of a subnetwork secondary IP range from which to allocate an IP alias range. If not specified, the primary range of the subnetwork is used." } }, "type": "object" }, "google-native:compute/alpha:AliasIpRangeResponse": { "description": "An alias IP range attached to an instance's network interface.", "properties": { "ipCidrRange": { "type": "string", "description": "The IP alias ranges to allocate for this interface. This IP CIDR range must belong to the specified subnetwork and cannot contain IP addresses reserved by system or used by other network interfaces. This range may be a single IP address (such as 10.2.3.4), a netmask (such as /24) or a CIDR-formatted string (such as 10.1.2.0/24)." }, "subnetworkRangeName": { "type": "string", "description": "The name of a subnetwork secondary IP range from which to allocate an IP alias range. If not specified, the primary range of the subnetwork is used." } }, "type": "object", "required": [ "ipCidrRange", "subnetworkRangeName" ] }, "google-native:compute/alpha:AllocationAggregateReservation": { "description": "This reservation type is specified by total resource amounts (e.g. total count of CPUs) and can account for multiple instance SKUs. In other words, one can create instances of varying shapes against this reservation.", "properties": { "reservedResources": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:AllocationAggregateReservationReservedResourceInfo" }, "description": "List of reserved resources (CPUs, memory, accelerators)." }, "vmFamily": { "$ref": "#/types/google-native:compute%2Falpha:AllocationAggregateReservationVmFamily", "description": "The VM family that all instances scheduled against this reservation must belong to." }, "workloadType": { "$ref": "#/types/google-native:compute%2Falpha:AllocationAggregateReservationWorkloadType", "description": "The workload type of the instances that will target this reservation." } }, "type": "object" }, "google-native:compute/alpha:AllocationAggregateReservationReservedResourceInfo": { "properties": { "accelerator": { "$ref": "#/types/google-native:compute%2Falpha:AllocationAggregateReservationReservedResourceInfoAccelerator", "description": "Properties of accelerator resources in this reservation." } }, "type": "object" }, "google-native:compute/alpha:AllocationAggregateReservationReservedResourceInfoAccelerator": { "properties": { "acceleratorCount": { "type": "integer", "description": "Number of accelerators of specified type." }, "acceleratorType": { "type": "string", "description": "Full or partial URL to accelerator type. e.g. \"projects/{PROJECT}/zones/{ZONE}/acceleratorTypes/ct4l\"" } }, "type": "object" }, "google-native:compute/alpha:AllocationAggregateReservationReservedResourceInfoAcceleratorResponse": { "properties": { "acceleratorCount": { "type": "integer", "description": "Number of accelerators of specified type." }, "acceleratorType": { "type": "string", "description": "Full or partial URL to accelerator type. e.g. \"projects/{PROJECT}/zones/{ZONE}/acceleratorTypes/ct4l\"" } }, "type": "object", "required": [ "acceleratorCount", "acceleratorType" ] }, "google-native:compute/alpha:AllocationAggregateReservationReservedResourceInfoResponse": { "properties": { "accelerator": { "$ref": "#/types/google-native:compute%2Falpha:AllocationAggregateReservationReservedResourceInfoAcceleratorResponse", "description": "Properties of accelerator resources in this reservation." } }, "type": "object", "required": [ "accelerator" ] }, "google-native:compute/alpha:AllocationAggregateReservationResponse": { "description": "This reservation type is specified by total resource amounts (e.g. total count of CPUs) and can account for multiple instance SKUs. In other words, one can create instances of varying shapes against this reservation.", "properties": { "inUseResources": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:AllocationAggregateReservationReservedResourceInfoResponse" }, "description": "[Output only] List of resources currently in use." }, "reservedResources": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:AllocationAggregateReservationReservedResourceInfoResponse" }, "description": "List of reserved resources (CPUs, memory, accelerators)." }, "vmFamily": { "type": "string", "description": "The VM family that all instances scheduled against this reservation must belong to." }, "workloadType": { "type": "string", "description": "The workload type of the instances that will target this reservation." } }, "type": "object", "required": [ "inUseResources", "reservedResources", "vmFamily", "workloadType" ] }, "google-native:compute/alpha:AllocationAggregateReservationVmFamily": { "description": "The VM family that all instances scheduled against this reservation must belong to.", "type": "string", "enum": [ { "name": "VmFamilyCloudTpuLiteDeviceCt5l", "value": "VM_FAMILY_CLOUD_TPU_LITE_DEVICE_CT5L" }, { "name": "VmFamilyCloudTpuLitePodSliceCt5lp", "value": "VM_FAMILY_CLOUD_TPU_LITE_POD_SLICE_CT5LP" }, { "name": "VmFamilyCloudTpuPodSliceCt4p", "value": "VM_FAMILY_CLOUD_TPU_POD_SLICE_CT4P" } ] }, "google-native:compute/alpha:AllocationAggregateReservationWorkloadType": { "description": "The workload type of the instances that will target this reservation.", "type": "string", "enum": [ { "name": "Batch", "description": "Reserved resources will be optimized for BATCH workloads, such as ML training.", "value": "BATCH" }, { "name": "Serving", "description": "Reserved resources will be optimized for SERVING workloads, such as ML inference.", "value": "SERVING" }, { "name": "Unspecified", "value": "UNSPECIFIED" } ] }, "google-native:compute/alpha:AllocationResourceStatusResponse": { "description": "[Output Only] Contains output only fields.", "properties": { "specificSkuAllocation": { "$ref": "#/types/google-native:compute%2Falpha:AllocationResourceStatusSpecificSKUAllocationResponse", "description": "Allocation Properties of this reservation." } }, "type": "object", "required": [ "specificSkuAllocation" ] }, "google-native:compute/alpha:AllocationResourceStatusSpecificSKUAllocationResponse": { "description": "Contains Properties set for the reservation.", "properties": { "sourceInstanceTemplateId": { "type": "string", "description": "ID of the instance template used to populate reservation properties." } }, "type": "object", "required": [ "sourceInstanceTemplateId" ] }, "google-native:compute/alpha:AllocationSpecificSKUAllocationAllocatedInstancePropertiesReservedDisk": { "properties": { "diskSizeGb": { "type": "string", "description": "Specifies the size of the disk in base-2 GB." }, "interface": { "$ref": "#/types/google-native:compute%2Falpha:AllocationSpecificSKUAllocationAllocatedInstancePropertiesReservedDiskInterface", "description": "Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. For performance characteristics of SCSI over NVMe, see Local SSD performance." } }, "type": "object" }, "google-native:compute/alpha:AllocationSpecificSKUAllocationAllocatedInstancePropertiesReservedDiskInterface": { "description": "Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. For performance characteristics of SCSI over NVMe, see Local SSD performance.", "type": "string", "enum": [ { "name": "Nvdimm", "value": "NVDIMM" }, { "name": "Nvme", "value": "NVME" }, { "name": "Scsi", "value": "SCSI" } ] }, "google-native:compute/alpha:AllocationSpecificSKUAllocationAllocatedInstancePropertiesReservedDiskResponse": { "properties": { "diskSizeGb": { "type": "string", "description": "Specifies the size of the disk in base-2 GB." }, "interface": { "type": "string", "description": "Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. For performance characteristics of SCSI over NVMe, see Local SSD performance." } }, "type": "object", "required": [ "diskSizeGb", "interface" ] }, "google-native:compute/alpha:AllocationSpecificSKUAllocationReservedInstanceProperties": { "description": "Properties of the SKU instances being reserved. Next ID: 9", "properties": { "guestAccelerators": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:AcceleratorConfig" }, "description": "Specifies accelerator type and count." }, "localSsds": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:AllocationSpecificSKUAllocationAllocatedInstancePropertiesReservedDisk" }, "description": "Specifies amount of local ssd to reserve with each instance. The type of disk is local-ssd." }, "locationHint": { "type": "string", "description": "An opaque location hint used to place the allocation close to other resources. This field is for use by internal tools that use the public API." }, "machineType": { "type": "string", "description": "Specifies type of machine (name only) which has fixed number of vCPUs and fixed amount of memory. This also includes specifying custom machine type following custom-NUMBER_OF_CPUS-AMOUNT_OF_MEMORY pattern." }, "maintenanceFreezeDurationHours": { "type": "integer", "description": "Specifies the number of hours after reservation creation where instances using the reservation won't be scheduled for maintenance." }, "maintenanceInterval": { "$ref": "#/types/google-native:compute%2Falpha:AllocationSpecificSKUAllocationReservedInstancePropertiesMaintenanceInterval", "description": "Specifies the frequency of planned maintenance events. The accepted values are: `PERIODIC`." }, "minCpuPlatform": { "type": "string", "description": "Minimum cpu platform the reservation." } }, "type": "object" }, "google-native:compute/alpha:AllocationSpecificSKUAllocationReservedInstancePropertiesMaintenanceInterval": { "description": "Specifies the frequency of planned maintenance events. The accepted values are: `PERIODIC`.", "type": "string", "enum": [ { "name": "AsNeeded", "description": "VMs are eligible to receive infrastructure and hypervisor updates as they become available. This may result in more maintenance operations (live migrations or terminations) for the VM than the PERIODIC and RECURRENT options.", "value": "AS_NEEDED" }, { "name": "Periodic", "description": "VMs receive infrastructure and hypervisor updates on a periodic basis, minimizing the number of maintenance operations (live migrations or terminations) on an individual VM. This may mean a VM will take longer to receive an update than if it was configured for AS_NEEDED. Security updates will still be applied as soon as they are available.", "value": "PERIODIC" }, { "name": "Recurrent", "description": "VMs receive infrastructure and hypervisor updates on a periodic basis, minimizing the number of maintenance operations (live migrations or terminations) on an individual VM. This may mean a VM will take longer to receive an update than if it was configured for AS_NEEDED. Security updates will still be applied as soon as they are available. RECURRENT is used for GEN3 and Slice of Hardware VMs.", "value": "RECURRENT" } ] }, "google-native:compute/alpha:AllocationSpecificSKUAllocationReservedInstancePropertiesResponse": { "description": "Properties of the SKU instances being reserved. Next ID: 9", "properties": { "guestAccelerators": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:AcceleratorConfigResponse" }, "description": "Specifies accelerator type and count." }, "localSsds": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:AllocationSpecificSKUAllocationAllocatedInstancePropertiesReservedDiskResponse" }, "description": "Specifies amount of local ssd to reserve with each instance. The type of disk is local-ssd." }, "locationHint": { "type": "string", "description": "An opaque location hint used to place the allocation close to other resources. This field is for use by internal tools that use the public API." }, "machineType": { "type": "string", "description": "Specifies type of machine (name only) which has fixed number of vCPUs and fixed amount of memory. This also includes specifying custom machine type following custom-NUMBER_OF_CPUS-AMOUNT_OF_MEMORY pattern." }, "maintenanceFreezeDurationHours": { "type": "integer", "description": "Specifies the number of hours after reservation creation where instances using the reservation won't be scheduled for maintenance." }, "maintenanceInterval": { "type": "string", "description": "Specifies the frequency of planned maintenance events. The accepted values are: `PERIODIC`." }, "minCpuPlatform": { "type": "string", "description": "Minimum cpu platform the reservation." } }, "type": "object", "required": [ "guestAccelerators", "localSsds", "locationHint", "machineType", "maintenanceFreezeDurationHours", "maintenanceInterval", "minCpuPlatform" ] }, "google-native:compute/alpha:AllocationSpecificSKUReservation": { "description": "This reservation type allows to pre allocate specific instance configuration. Next ID: 6", "properties": { "count": { "type": "string", "description": "Specifies the number of resources that are allocated." }, "instanceProperties": { "$ref": "#/types/google-native:compute%2Falpha:AllocationSpecificSKUAllocationReservedInstanceProperties", "description": "The instance properties for the reservation." }, "sourceInstanceTemplate": { "type": "string", "description": "Specifies the instance template to create the reservation. If you use this field, you must exclude the instanceProperties field. This field is optional, and it can be a full or partial URL. For example, the following are all valid URLs to an instance template: - https://www.googleapis.com/compute/v1/projects/project /global/instanceTemplates/instanceTemplate - projects/project/global/instanceTemplates/instanceTemplate - global/instanceTemplates/instanceTemplate " } }, "type": "object" }, "google-native:compute/alpha:AllocationSpecificSKUReservationResponse": { "description": "This reservation type allows to pre allocate specific instance configuration. Next ID: 6", "properties": { "assuredCount": { "type": "string", "description": "Indicates how many instances are actually usable currently." }, "count": { "type": "string", "description": "Specifies the number of resources that are allocated." }, "inUseCount": { "type": "string", "description": "Indicates how many instances are in use." }, "instanceProperties": { "$ref": "#/types/google-native:compute%2Falpha:AllocationSpecificSKUAllocationReservedInstancePropertiesResponse", "description": "The instance properties for the reservation." }, "sourceInstanceTemplate": { "type": "string", "description": "Specifies the instance template to create the reservation. If you use this field, you must exclude the instanceProperties field. This field is optional, and it can be a full or partial URL. For example, the following are all valid URLs to an instance template: - https://www.googleapis.com/compute/v1/projects/project /global/instanceTemplates/instanceTemplate - projects/project/global/instanceTemplates/instanceTemplate - global/instanceTemplates/instanceTemplate " } }, "type": "object", "required": [ "assuredCount", "count", "inUseCount", "instanceProperties", "sourceInstanceTemplate" ] }, "google-native:compute/alpha:AttachedDisk": { "description": "An instance-attached disk resource.", "properties": { "autoDelete": { "type": "boolean", "description": "Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance)." }, "boot": { "type": "boolean", "description": "Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem." }, "deviceName": { "type": "string", "description": "Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks." }, "diskEncryptionKey": { "$ref": "#/types/google-native:compute%2Falpha:CustomerEncryptionKey", "description": "Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group." }, "diskSizeGb": { "type": "string", "description": "The size of the disk in GB." }, "forceAttach": { "type": "boolean", "description": "[Input Only] Whether to force attach the regional disk even if it's currently attached to another instance. If you try to force attach a zonal disk to an instance, you will receive an error." }, "guestOsFeatures": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:GuestOsFeature" }, "description": "A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options." }, "initializeParams": { "$ref": "#/types/google-native:compute%2Falpha:AttachedDiskInitializeParams", "description": "[Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both." }, "interface": { "$ref": "#/types/google-native:compute%2Falpha:AttachedDiskInterface", "description": "Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. For most machine types, the default is SCSI. Local SSDs can use either NVME or SCSI. In certain configurations, persistent disks can use NVMe. For more information, see About persistent disks." }, "mode": { "$ref": "#/types/google-native:compute%2Falpha:AttachedDiskMode", "description": "The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not specified, the default is to attach the disk in READ_WRITE mode." }, "savedState": { "$ref": "#/types/google-native:compute%2Falpha:AttachedDiskSavedState", "description": "For LocalSSD disks on VM Instances in STOPPED or SUSPENDED state, this field is set to PRESERVED if the LocalSSD data has been saved to a persistent location by customer request. (see the discard_local_ssd option on Stop/Suspend). Read-only in the api." }, "source": { "type": "string", "description": "Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name for zonal disk, and the URL for regional disk." }, "type": { "$ref": "#/types/google-native:compute%2Falpha:AttachedDiskType", "description": "Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT." } }, "type": "object" }, "google-native:compute/alpha:AttachedDiskInitializeParams": { "description": "[Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This field is persisted and returned for instanceTemplate and not returned in the context of instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.", "properties": { "architecture": { "$ref": "#/types/google-native:compute%2Falpha:AttachedDiskInitializeParamsArchitecture", "description": "The architecture of the attached disk. Valid values are arm64 or x86_64." }, "description": { "type": "string", "description": "An optional description. Provide this property when creating the disk." }, "diskName": { "type": "string", "description": "Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created." }, "diskSizeGb": { "type": "string", "description": "Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB." }, "diskType": { "type": "string", "description": "Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard For a full list of acceptable values, see Persistent disk types. If you specify this field when creating a VM, you can provide either the full or partial URL. For example, the following values are valid: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType If you specify this field when creating or updating an instance template or all-instances configuration, specify the type of the disk, not the URL. For example: pd-standard." }, "enableConfidentialCompute": { "type": "boolean", "description": "Whether this disk is using confidential compute mode." }, "guestOsFeatures": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:GuestOsFeature" }, "description": "A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures" }, "interface": { "$ref": "#/types/google-native:compute%2Falpha:AttachedDiskInitializeParamsInterface", "description": "[Deprecated] Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI.", "deprecationMessage": "[Deprecated] Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks." }, "licenseCodes": { "type": "array", "items": { "type": "string" }, "description": "Integer license codes indicating which licenses are attached to this disk." }, "licenses": { "type": "array", "items": { "type": "string" }, "description": "A list of publicly visible licenses. Reserved for Google's use." }, "multiWriter": { "type": "boolean", "description": "Indicates whether or not the disk can be read/write attached to more than one instance." }, "onUpdateAction": { "$ref": "#/types/google-native:compute%2Falpha:AttachedDiskInitializeParamsOnUpdateAction", "description": "Specifies which action to take on instance update with this disk. Default is to use the existing disk." }, "provisionedIops": { "type": "string", "description": "Indicates how many IOPS to provision for the disk. This sets the number of I/O operations per second that the disk can handle. Values must be between 10,000 and 120,000. For more details, see the Extreme persistent disk documentation." }, "provisionedThroughput": { "type": "string", "description": "Indicates how much throughput to provision for the disk. This sets the number of throughput mb per second that the disk can handle. Values must be between 1 and 7,124." }, "replicaZones": { "type": "array", "items": { "type": "string" }, "description": "Required for each regional disk associated with the instance. Specify the URLs of the zones where the disk should be replicated to. You must provide exactly two replica zones, and one zone must be the same as the instance zone." }, "resourceManagerTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource manager tags to be bound to the disk. Tag keys and values have the same definition as resource manager tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values are in the format `tagValues/456`. The field is ignored (both PUT & PATCH) when empty." }, "resourcePolicies": { "type": "array", "items": { "type": "string" }, "description": "Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name." }, "sourceImage": { "type": "string", "description": "The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set." }, "sourceImageEncryptionKey": { "$ref": "#/types/google-native:compute%2Falpha:CustomerEncryptionKey", "description": "The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. InstanceTemplate and InstancePropertiesPatch do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys." }, "sourceInstantSnapshot": { "type": "string", "description": "The source instant-snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceInstantSnapshot initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: us-central1-a/instantSnapshots/my-backup If the source instant-snapshot is deleted later, this field will not be set." }, "sourceSnapshot": { "type": "string", "description": "The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set." }, "sourceSnapshotEncryptionKey": { "$ref": "#/types/google-native:compute%2Falpha:CustomerEncryptionKey", "description": "The customer-supplied encryption key of the source snapshot." }, "storagePool": { "type": "string", "description": "The storage pool in which the new disk is created. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /storagePools/storagePool - projects/project/zones/zone/storagePools/storagePool - zones/zone/storagePools/storagePool " } }, "type": "object" }, "google-native:compute/alpha:AttachedDiskInitializeParamsArchitecture": { "description": "The architecture of the attached disk. Valid values are arm64 or x86_64.", "type": "string", "enum": [ { "name": "ArchitectureUnspecified", "description": "Default value indicating Architecture is not set.", "value": "ARCHITECTURE_UNSPECIFIED" }, { "name": "Arm64", "description": "Machines with architecture ARM64", "value": "ARM64" }, { "name": "X8664", "description": "Machines with architecture X86_64", "value": "X86_64" } ] }, "google-native:compute/alpha:AttachedDiskInitializeParamsInterface": { "description": "[Deprecated] Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI.", "type": "string", "enum": [ { "name": "Nvme", "value": "NVME" }, { "name": "Scsi", "value": "SCSI" }, { "name": "Unspecified", "value": "UNSPECIFIED" } ] }, "google-native:compute/alpha:AttachedDiskInitializeParamsOnUpdateAction": { "description": "Specifies which action to take on instance update with this disk. Default is to use the existing disk.", "type": "string", "enum": [ { "name": "RecreateDisk", "description": "Always recreate the disk.", "value": "RECREATE_DISK" }, { "name": "RecreateDiskIfSourceChanged", "description": "Recreate the disk if source (image, snapshot) of this disk is different from source of existing disk.", "value": "RECREATE_DISK_IF_SOURCE_CHANGED" }, { "name": "UseExistingDisk", "description": "Use the existing disk, this is the default behaviour.", "value": "USE_EXISTING_DISK" } ] }, "google-native:compute/alpha:AttachedDiskInitializeParamsResponse": { "description": "[Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This field is persisted and returned for instanceTemplate and not returned in the context of instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.", "properties": { "architecture": { "type": "string", "description": "The architecture of the attached disk. Valid values are arm64 or x86_64." }, "description": { "type": "string", "description": "An optional description. Provide this property when creating the disk." }, "diskName": { "type": "string", "description": "Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created." }, "diskSizeGb": { "type": "string", "description": "Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB." }, "diskType": { "type": "string", "description": "Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard For a full list of acceptable values, see Persistent disk types. If you specify this field when creating a VM, you can provide either the full or partial URL. For example, the following values are valid: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType If you specify this field when creating or updating an instance template or all-instances configuration, specify the type of the disk, not the URL. For example: pd-standard." }, "enableConfidentialCompute": { "type": "boolean", "description": "Whether this disk is using confidential compute mode." }, "guestOsFeatures": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:GuestOsFeatureResponse" }, "description": "A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures" }, "interface": { "type": "string", "description": "[Deprecated] Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI.", "deprecationMessage": "[Deprecated] Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks." }, "licenseCodes": { "type": "array", "items": { "type": "string" }, "description": "Integer license codes indicating which licenses are attached to this disk." }, "licenses": { "type": "array", "items": { "type": "string" }, "description": "A list of publicly visible licenses. Reserved for Google's use." }, "multiWriter": { "type": "boolean", "description": "Indicates whether or not the disk can be read/write attached to more than one instance." }, "onUpdateAction": { "type": "string", "description": "Specifies which action to take on instance update with this disk. Default is to use the existing disk." }, "provisionedIops": { "type": "string", "description": "Indicates how many IOPS to provision for the disk. This sets the number of I/O operations per second that the disk can handle. Values must be between 10,000 and 120,000. For more details, see the Extreme persistent disk documentation." }, "provisionedThroughput": { "type": "string", "description": "Indicates how much throughput to provision for the disk. This sets the number of throughput mb per second that the disk can handle. Values must be between 1 and 7,124." }, "replicaZones": { "type": "array", "items": { "type": "string" }, "description": "Required for each regional disk associated with the instance. Specify the URLs of the zones where the disk should be replicated to. You must provide exactly two replica zones, and one zone must be the same as the instance zone." }, "resourceManagerTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource manager tags to be bound to the disk. Tag keys and values have the same definition as resource manager tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values are in the format `tagValues/456`. The field is ignored (both PUT & PATCH) when empty." }, "resourcePolicies": { "type": "array", "items": { "type": "string" }, "description": "Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name." }, "sourceImage": { "type": "string", "description": "The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set." }, "sourceImageEncryptionKey": { "$ref": "#/types/google-native:compute%2Falpha:CustomerEncryptionKeyResponse", "description": "The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. InstanceTemplate and InstancePropertiesPatch do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys." }, "sourceInstantSnapshot": { "type": "string", "description": "The source instant-snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceInstantSnapshot initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: us-central1-a/instantSnapshots/my-backup If the source instant-snapshot is deleted later, this field will not be set." }, "sourceSnapshot": { "type": "string", "description": "The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set." }, "sourceSnapshotEncryptionKey": { "$ref": "#/types/google-native:compute%2Falpha:CustomerEncryptionKeyResponse", "description": "The customer-supplied encryption key of the source snapshot." }, "storagePool": { "type": "string", "description": "The storage pool in which the new disk is created. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /storagePools/storagePool - projects/project/zones/zone/storagePools/storagePool - zones/zone/storagePools/storagePool " } }, "type": "object", "required": [ "architecture", "description", "diskName", "diskSizeGb", "diskType", "enableConfidentialCompute", "guestOsFeatures", "interface", "labels", "licenseCodes", "licenses", "multiWriter", "onUpdateAction", "provisionedIops", "provisionedThroughput", "replicaZones", "resourceManagerTags", "resourcePolicies", "sourceImage", "sourceImageEncryptionKey", "sourceInstantSnapshot", "sourceSnapshot", "sourceSnapshotEncryptionKey", "storagePool" ] }, "google-native:compute/alpha:AttachedDiskInterface": { "description": "Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. For most machine types, the default is SCSI. Local SSDs can use either NVME or SCSI. In certain configurations, persistent disks can use NVMe. For more information, see About persistent disks.", "type": "string", "enum": [ { "name": "Nvdimm", "value": "NVDIMM" }, { "name": "Nvme", "value": "NVME" }, { "name": "Scsi", "value": "SCSI" } ] }, "google-native:compute/alpha:AttachedDiskMode": { "description": "The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not specified, the default is to attach the disk in READ_WRITE mode.", "type": "string", "enum": [ { "name": "ReadOnly", "description": "Attaches this disk in read-only mode. Multiple virtual machines can use a disk in read-only mode at a time.", "value": "READ_ONLY" }, { "name": "ReadWrite", "description": "*[Default]* Attaches this disk in read-write mode. Only one virtual machine at a time can be attached to a disk in read-write mode.", "value": "READ_WRITE" } ] }, "google-native:compute/alpha:AttachedDiskResponse": { "description": "An instance-attached disk resource.", "properties": { "architecture": { "type": "string", "description": "The architecture of the attached disk. Valid values are ARM64 or X86_64." }, "autoDelete": { "type": "boolean", "description": "Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance)." }, "boot": { "type": "boolean", "description": "Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem." }, "deviceName": { "type": "string", "description": "Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks." }, "diskEncryptionKey": { "$ref": "#/types/google-native:compute%2Falpha:CustomerEncryptionKeyResponse", "description": "Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group." }, "diskSizeGb": { "type": "string", "description": "The size of the disk in GB." }, "forceAttach": { "type": "boolean", "description": "[Input Only] Whether to force attach the regional disk even if it's currently attached to another instance. If you try to force attach a zonal disk to an instance, you will receive an error." }, "guestOsFeatures": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:GuestOsFeatureResponse" }, "description": "A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options." }, "index": { "type": "integer", "description": "A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number." }, "initializeParams": { "$ref": "#/types/google-native:compute%2Falpha:AttachedDiskInitializeParamsResponse", "description": "[Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both." }, "interface": { "type": "string", "description": "Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. For most machine types, the default is SCSI. Local SSDs can use either NVME or SCSI. In certain configurations, persistent disks can use NVMe. For more information, see About persistent disks." }, "kind": { "type": "string", "description": "Type of the resource. Always compute#attachedDisk for attached disks." }, "licenses": { "type": "array", "items": { "type": "string" }, "description": "Any valid publicly visible licenses." }, "locked": { "type": "boolean", "description": "Whether to indicate the attached disk is locked. The locked disk is not allowed to be detached from the instance, or to be used as the source of the snapshot creation, and the image creation. The instance with at least one locked attached disk is not allow to be used as source of machine image creation, instant snapshot creation, and not allowed to be deleted with --keep-disk parameter set to true for locked disks." }, "mode": { "type": "string", "description": "The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not specified, the default is to attach the disk in READ_WRITE mode." }, "savedState": { "type": "string", "description": "For LocalSSD disks on VM Instances in STOPPED or SUSPENDED state, this field is set to PRESERVED if the LocalSSD data has been saved to a persistent location by customer request. (see the discard_local_ssd option on Stop/Suspend). Read-only in the api." }, "shieldedInstanceInitialState": { "$ref": "#/types/google-native:compute%2Falpha:InitialStateConfigResponse", "description": "shielded vm initial state stored on disk" }, "source": { "type": "string", "description": "Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name for zonal disk, and the URL for regional disk." }, "type": { "type": "string", "description": "Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT." }, "userLicenses": { "type": "array", "items": { "type": "string" }, "description": "A list of user provided licenses. It represents a list of URLs to the license resource. Unlike regular licenses, user provided licenses can be modified after the disk is created." } }, "type": "object", "required": [ "architecture", "autoDelete", "boot", "deviceName", "diskEncryptionKey", "diskSizeGb", "forceAttach", "guestOsFeatures", "index", "initializeParams", "interface", "kind", "licenses", "locked", "mode", "savedState", "shieldedInstanceInitialState", "source", "type", "userLicenses" ] }, "google-native:compute/alpha:AttachedDiskSavedState": { "description": "For LocalSSD disks on VM Instances in STOPPED or SUSPENDED state, this field is set to PRESERVED if the LocalSSD data has been saved to a persistent location by customer request. (see the discard_local_ssd option on Stop/Suspend). Read-only in the api.", "type": "string", "enum": [ { "name": "DiskSavedStateUnspecified", "description": "*[Default]* Disk state has not been preserved.", "value": "DISK_SAVED_STATE_UNSPECIFIED" }, { "name": "Preserved", "description": "Disk state has been preserved.", "value": "PRESERVED" } ] }, "google-native:compute/alpha:AttachedDiskType": { "description": "Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.", "type": "string", "enum": [ { "name": "Persistent", "value": "PERSISTENT" }, { "name": "Scratch", "value": "SCRATCH" } ] }, "google-native:compute/alpha:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "This is deprecated and has no effect. Do not use." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:compute/alpha:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "This is deprecated and has no effect. Do not use." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "exemptedMembers", "service" ] }, "google-native:compute/alpha:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "ignoreChildExemptions": { "type": "boolean", "description": "This is deprecated and has no effect. Do not use." }, "logType": { "$ref": "#/types/google-native:compute%2Falpha:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:compute/alpha:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" } ] }, "google-native:compute/alpha:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "ignoreChildExemptions": { "type": "boolean", "description": "This is deprecated and has no effect. Do not use." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "ignoreChildExemptions", "logType" ] }, "google-native:compute/alpha:AuthenticationPolicy": { "description": "[Deprecated] The authentication settings for the backend service. The authentication settings for the backend service.", "properties": { "origins": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:OriginAuthenticationMethod" }, "description": "List of authentication methods that can be used for origin authentication. Similar to peers, these will be evaluated in order the first valid one will be used to set origin identity. If none of these methods pass, the request will be rejected with authentication failed error (401). Leave the list empty if origin authentication is not required." }, "peers": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:PeerAuthenticationMethod" }, "description": "List of authentication methods that can be used for peer authentication. They will be evaluated in order the first valid one will be used to set peer identity. If none of these methods pass, the request will be rejected with authentication failed error (401). Leave the list empty if peer authentication is not required." }, "principalBinding": { "$ref": "#/types/google-native:compute%2Falpha:AuthenticationPolicyPrincipalBinding", "description": "Define whether peer or origin identity should be used for principal. Default value is USE_PEER. If peer (or origin) identity is not available, either because peer/origin authentication is not defined, or failed, principal will be left unset. In other words, binding rule does not affect the decision to accept or reject request. This field can be set to one of the following: USE_PEER: Principal will be set to the identity from peer authentication. USE_ORIGIN: Principal will be set to the identity from origin authentication." }, "serverTlsContext": { "$ref": "#/types/google-native:compute%2Falpha:TlsContext", "description": "Configures the mechanism to obtain server-side security certificates and identity information." } }, "type": "object" }, "google-native:compute/alpha:AuthenticationPolicyPrincipalBinding": { "description": "Define whether peer or origin identity should be used for principal. Default value is USE_PEER. If peer (or origin) identity is not available, either because peer/origin authentication is not defined, or failed, principal will be left unset. In other words, binding rule does not affect the decision to accept or reject request. This field can be set to one of the following: USE_PEER: Principal will be set to the identity from peer authentication. USE_ORIGIN: Principal will be set to the identity from origin authentication.", "type": "string", "enum": [ { "name": "Invalid", "value": "INVALID" }, { "name": "UseOrigin", "description": "Principal will be set to the identity from origin authentication.", "value": "USE_ORIGIN" }, { "name": "UsePeer", "description": "Principal will be set to the identity from peer authentication.", "value": "USE_PEER" } ] }, "google-native:compute/alpha:AuthenticationPolicyResponse": { "description": "[Deprecated] The authentication settings for the backend service. The authentication settings for the backend service.", "properties": { "origins": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:OriginAuthenticationMethodResponse" }, "description": "List of authentication methods that can be used for origin authentication. Similar to peers, these will be evaluated in order the first valid one will be used to set origin identity. If none of these methods pass, the request will be rejected with authentication failed error (401). Leave the list empty if origin authentication is not required." }, "peers": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:PeerAuthenticationMethodResponse" }, "description": "List of authentication methods that can be used for peer authentication. They will be evaluated in order the first valid one will be used to set peer identity. If none of these methods pass, the request will be rejected with authentication failed error (401). Leave the list empty if peer authentication is not required." }, "principalBinding": { "type": "string", "description": "Define whether peer or origin identity should be used for principal. Default value is USE_PEER. If peer (or origin) identity is not available, either because peer/origin authentication is not defined, or failed, principal will be left unset. In other words, binding rule does not affect the decision to accept or reject request. This field can be set to one of the following: USE_PEER: Principal will be set to the identity from peer authentication. USE_ORIGIN: Principal will be set to the identity from origin authentication." }, "serverTlsContext": { "$ref": "#/types/google-native:compute%2Falpha:TlsContextResponse", "description": "Configures the mechanism to obtain server-side security certificates and identity information." } }, "type": "object", "required": [ "origins", "peers", "principalBinding", "serverTlsContext" ] }, "google-native:compute/alpha:AuthorizationConfig": { "description": "[Deprecated] Authorization configuration provides service-level and method-level access control for a service. control for a service.", "properties": { "policies": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:RbacPolicy" }, "description": "List of RbacPolicies." } }, "type": "object" }, "google-native:compute/alpha:AuthorizationConfigResponse": { "description": "[Deprecated] Authorization configuration provides service-level and method-level access control for a service. control for a service.", "properties": { "policies": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:RbacPolicyResponse" }, "description": "List of RbacPolicies." } }, "type": "object", "required": [ "policies" ] }, "google-native:compute/alpha:AuthorizationLoggingOptions": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "permissionType": { "$ref": "#/types/google-native:compute%2Falpha:AuthorizationLoggingOptionsPermissionType", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object" }, "google-native:compute/alpha:AuthorizationLoggingOptionsPermissionType": { "description": "This is deprecated and has no effect. Do not use.", "type": "string", "enum": [ { "name": "AdminRead", "description": "This is deprecated and has no effect. Do not use.", "value": "ADMIN_READ" }, { "name": "AdminWrite", "description": "This is deprecated and has no effect. Do not use.", "value": "ADMIN_WRITE" }, { "name": "DataRead", "description": "This is deprecated and has no effect. Do not use.", "value": "DATA_READ" }, { "name": "DataWrite", "description": "This is deprecated and has no effect. Do not use.", "value": "DATA_WRITE" }, { "name": "PermissionTypeUnspecified", "description": "This is deprecated and has no effect. Do not use.", "value": "PERMISSION_TYPE_UNSPECIFIED" } ] }, "google-native:compute/alpha:AuthorizationLoggingOptionsResponse": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "permissionType": { "type": "string", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object", "required": [ "permissionType" ] }, "google-native:compute/alpha:AutoscalerStatusDetailsResponse": { "properties": { "message": { "type": "string", "description": "The status message." }, "type": { "type": "string", "description": "The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the \"Autoscale only out\" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions." } }, "type": "object", "required": [ "message", "type" ] }, "google-native:compute/alpha:AutoscalingPolicy": { "description": "Cloud Autoscaler policy.", "properties": { "coolDownPeriodSec": { "type": "integer", "description": "The number of seconds that your application takes to initialize on a VM instance. This is referred to as the [initialization period](/compute/docs/autoscaler#cool_down_period). Specifying an accurate initialization period improves autoscaler decisions. For example, when scaling out, the autoscaler ignores data from VMs that are still initializing because those VMs might not yet represent normal usage of your application. The default initialization period is 60 seconds. Initialization periods might vary because of numerous factors. We recommend that you test how long your application takes to initialize. To do this, create a VM and time your application's startup process." }, "cpuUtilization": { "$ref": "#/types/google-native:compute%2Falpha:AutoscalingPolicyCpuUtilization", "description": "Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group." }, "customMetricUtilizations": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:AutoscalingPolicyCustomMetricUtilization" }, "description": "Configuration parameters of autoscaling based on a custom metric." }, "loadBalancingUtilization": { "$ref": "#/types/google-native:compute%2Falpha:AutoscalingPolicyLoadBalancingUtilization", "description": "Configuration parameters of autoscaling based on load balancer." }, "maxNumReplicas": { "type": "integer", "description": "The maximum number of instances that the autoscaler can scale out to. This is required when creating or updating an autoscaler. The maximum number of replicas must not be lower than minimal number of replicas." }, "minNumReplicas": { "type": "integer", "description": "The minimum number of replicas that the autoscaler can scale in to. This cannot be less than 0. If not provided, autoscaler chooses a default value depending on maximum number of instances allowed." }, "mode": { "$ref": "#/types/google-native:compute%2Falpha:AutoscalingPolicyMode", "description": "Defines the operating mode for this policy. The following modes are available: - OFF: Disables the autoscaler but maintains its configuration. - ONLY_SCALE_OUT: Restricts the autoscaler to add VM instances only. - ON: Enables all autoscaler activities according to its policy. For more information, see \"Turning off or restricting an autoscaler\"" }, "scaleDownControl": { "$ref": "#/types/google-native:compute%2Falpha:AutoscalingPolicyScaleDownControl" }, "scaleInControl": { "$ref": "#/types/google-native:compute%2Falpha:AutoscalingPolicyScaleInControl" }, "scalingSchedules": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Scaling schedules defined for an autoscaler. Multiple schedules can be set on an autoscaler, and they can overlap. During overlapping periods the greatest min_required_replicas of all scaling schedules is applied. Up to 128 scaling schedules are allowed." } }, "type": "object" }, "google-native:compute/alpha:AutoscalingPolicyCpuUtilization": { "description": "CPU utilization policy.", "properties": { "predictiveMethod": { "$ref": "#/types/google-native:compute%2Falpha:AutoscalingPolicyCpuUtilizationPredictiveMethod", "description": "Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand." }, "utilizationTarget": { "type": "number", "description": "The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization." } }, "type": "object" }, "google-native:compute/alpha:AutoscalingPolicyCpuUtilizationPredictiveMethod": { "description": "Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.", "type": "string", "enum": [ { "name": "None", "description": "No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics", "value": "NONE" }, { "name": "OptimizeAvailability", "description": "Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.", "value": "OPTIMIZE_AVAILABILITY" }, { "name": "PredictiveMethodUnspecified", "value": "PREDICTIVE_METHOD_UNSPECIFIED" }, { "name": "Standard", "description": "Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand. This value is being DEPRECATED - it won't be promoted to beta and v1. Use OPTIMIZE_AVAILABILITY instead.", "value": "STANDARD" } ] }, "google-native:compute/alpha:AutoscalingPolicyCpuUtilizationResponse": { "description": "CPU utilization policy.", "properties": { "predictiveMethod": { "type": "string", "description": "Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand." }, "utilizationTarget": { "type": "number", "description": "The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization." } }, "type": "object", "required": [ "predictiveMethod", "utilizationTarget" ] }, "google-native:compute/alpha:AutoscalingPolicyCustomMetricUtilization": { "description": "Custom utilization metric policy.", "properties": { "filter": { "type": "string", "description": "A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value." }, "metric": { "type": "string", "description": "The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE." }, "singleInstanceAssignment": { "type": "number", "description": "If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead." }, "utilizationTarget": { "type": "number", "description": "The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances." }, "utilizationTargetType": { "$ref": "#/types/google-native:compute%2Falpha:AutoscalingPolicyCustomMetricUtilizationUtilizationTargetType", "description": "Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE." } }, "type": "object" }, "google-native:compute/alpha:AutoscalingPolicyCustomMetricUtilizationResponse": { "description": "Custom utilization metric policy.", "properties": { "filter": { "type": "string", "description": "A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value." }, "metric": { "type": "string", "description": "The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE." }, "singleInstanceAssignment": { "type": "number", "description": "If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead." }, "utilizationTarget": { "type": "number", "description": "The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances." }, "utilizationTargetType": { "type": "string", "description": "Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE." } }, "type": "object", "required": [ "filter", "metric", "singleInstanceAssignment", "utilizationTarget", "utilizationTargetType" ] }, "google-native:compute/alpha:AutoscalingPolicyCustomMetricUtilizationUtilizationTargetType": { "description": "Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.", "type": "string", "enum": [ { "name": "DeltaPerMinute", "description": "Sets the utilization target value for a cumulative or delta metric, expressed as the rate of growth per minute.", "value": "DELTA_PER_MINUTE" }, { "name": "DeltaPerSecond", "description": "Sets the utilization target value for a cumulative or delta metric, expressed as the rate of growth per second.", "value": "DELTA_PER_SECOND" }, { "name": "Gauge", "description": "Sets the utilization target value for a gauge metric. The autoscaler will collect the average utilization of the virtual machines from the last couple of minutes, and compare the value to the utilization target value to perform autoscaling.", "value": "GAUGE" } ] }, "google-native:compute/alpha:AutoscalingPolicyLoadBalancingUtilization": { "description": "Configuration parameters of autoscaling based on load balancing.", "properties": { "utilizationTarget": { "type": "number", "description": "Fraction of backend capacity utilization (set in HTTP(S) load balancing configuration) that the autoscaler maintains. Must be a positive float value. If not defined, the default is 0.8." } }, "type": "object" }, "google-native:compute/alpha:AutoscalingPolicyLoadBalancingUtilizationResponse": { "description": "Configuration parameters of autoscaling based on load balancing.", "properties": { "utilizationTarget": { "type": "number", "description": "Fraction of backend capacity utilization (set in HTTP(S) load balancing configuration) that the autoscaler maintains. Must be a positive float value. If not defined, the default is 0.8." } }, "type": "object", "required": [ "utilizationTarget" ] }, "google-native:compute/alpha:AutoscalingPolicyMode": { "description": "Defines the operating mode for this policy. The following modes are available: - OFF: Disables the autoscaler but maintains its configuration. - ONLY_SCALE_OUT: Restricts the autoscaler to add VM instances only. - ON: Enables all autoscaler activities according to its policy. For more information, see \"Turning off or restricting an autoscaler\"", "type": "string", "enum": [ { "name": "Off", "description": "Do not automatically scale the MIG in or out. The recommended_size field contains the size of MIG that would be set if the actuation mode was enabled.", "value": "OFF" }, { "name": "On", "description": "Automatically scale the MIG in and out according to the policy.", "value": "ON" }, { "name": "OnlyScaleOut", "description": "Automatically create VMs according to the policy, but do not scale the MIG in.", "value": "ONLY_SCALE_OUT" }, { "name": "OnlyUp", "description": "Automatically create VMs according to the policy, but do not scale the MIG in.", "value": "ONLY_UP" } ] }, "google-native:compute/alpha:AutoscalingPolicyResponse": { "description": "Cloud Autoscaler policy.", "properties": { "coolDownPeriodSec": { "type": "integer", "description": "The number of seconds that your application takes to initialize on a VM instance. This is referred to as the [initialization period](/compute/docs/autoscaler#cool_down_period). Specifying an accurate initialization period improves autoscaler decisions. For example, when scaling out, the autoscaler ignores data from VMs that are still initializing because those VMs might not yet represent normal usage of your application. The default initialization period is 60 seconds. Initialization periods might vary because of numerous factors. We recommend that you test how long your application takes to initialize. To do this, create a VM and time your application's startup process." }, "cpuUtilization": { "$ref": "#/types/google-native:compute%2Falpha:AutoscalingPolicyCpuUtilizationResponse", "description": "Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group." }, "customMetricUtilizations": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:AutoscalingPolicyCustomMetricUtilizationResponse" }, "description": "Configuration parameters of autoscaling based on a custom metric." }, "loadBalancingUtilization": { "$ref": "#/types/google-native:compute%2Falpha:AutoscalingPolicyLoadBalancingUtilizationResponse", "description": "Configuration parameters of autoscaling based on load balancer." }, "maxNumReplicas": { "type": "integer", "description": "The maximum number of instances that the autoscaler can scale out to. This is required when creating or updating an autoscaler. The maximum number of replicas must not be lower than minimal number of replicas." }, "minNumReplicas": { "type": "integer", "description": "The minimum number of replicas that the autoscaler can scale in to. This cannot be less than 0. If not provided, autoscaler chooses a default value depending on maximum number of instances allowed." }, "mode": { "type": "string", "description": "Defines the operating mode for this policy. The following modes are available: - OFF: Disables the autoscaler but maintains its configuration. - ONLY_SCALE_OUT: Restricts the autoscaler to add VM instances only. - ON: Enables all autoscaler activities according to its policy. For more information, see \"Turning off or restricting an autoscaler\"" }, "scaleDownControl": { "$ref": "#/types/google-native:compute%2Falpha:AutoscalingPolicyScaleDownControlResponse" }, "scaleInControl": { "$ref": "#/types/google-native:compute%2Falpha:AutoscalingPolicyScaleInControlResponse" }, "scalingSchedules": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Scaling schedules defined for an autoscaler. Multiple schedules can be set on an autoscaler, and they can overlap. During overlapping periods the greatest min_required_replicas of all scaling schedules is applied. Up to 128 scaling schedules are allowed." } }, "type": "object", "required": [ "coolDownPeriodSec", "cpuUtilization", "customMetricUtilizations", "loadBalancingUtilization", "maxNumReplicas", "minNumReplicas", "mode", "scaleDownControl", "scaleInControl", "scalingSchedules" ] }, "google-native:compute/alpha:AutoscalingPolicyScaleDownControl": { "description": "Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.", "properties": { "maxScaledDownReplicas": { "$ref": "#/types/google-native:compute%2Falpha:FixedOrPercent", "description": "Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step." }, "timeWindowSec": { "type": "integer", "description": "How far back autoscaling looks when computing recommendations to include directives regarding slower scale in, as described above." } }, "type": "object" }, "google-native:compute/alpha:AutoscalingPolicyScaleDownControlResponse": { "description": "Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.", "properties": { "maxScaledDownReplicas": { "$ref": "#/types/google-native:compute%2Falpha:FixedOrPercentResponse", "description": "Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step." }, "timeWindowSec": { "type": "integer", "description": "How far back autoscaling looks when computing recommendations to include directives regarding slower scale in, as described above." } }, "type": "object", "required": [ "maxScaledDownReplicas", "timeWindowSec" ] }, "google-native:compute/alpha:AutoscalingPolicyScaleInControl": { "description": "Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.", "properties": { "maxScaledInReplicas": { "$ref": "#/types/google-native:compute%2Falpha:FixedOrPercent", "description": "Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step." }, "timeWindowSec": { "type": "integer", "description": "How far back autoscaling looks when computing recommendations to include directives regarding slower scale in, as described above." } }, "type": "object" }, "google-native:compute/alpha:AutoscalingPolicyScaleInControlResponse": { "description": "Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.", "properties": { "maxScaledInReplicas": { "$ref": "#/types/google-native:compute%2Falpha:FixedOrPercentResponse", "description": "Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step." }, "timeWindowSec": { "type": "integer", "description": "How far back autoscaling looks when computing recommendations to include directives regarding slower scale in, as described above." } }, "type": "object", "required": [ "maxScaledInReplicas", "timeWindowSec" ] }, "google-native:compute/alpha:Backend": { "description": "Message containing information of one individual backend.", "properties": { "balancingMode": { "$ref": "#/types/google-native:compute%2Falpha:BackendBalancingMode", "description": "Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode. Backends must use compatible balancing modes. For more information, see Supported balancing modes and target capacity settings and Restrictions and guidance for instance groups. Note: Currently, if you use the API to configure incompatible balancing modes, the configuration might be accepted even though it has no impact and is ignored. Specifically, Backend.maxUtilization is ignored when Backend.balancingMode is RATE. In the future, this incompatible combination will be rejected." }, "capacityScaler": { "type": "number", "description": "A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not available with backends that don't support using a balancingMode. This includes backends such as global internet NEGs, regional serverless NEGs, and PSC NEGs." }, "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "failover": { "type": "boolean", "description": "This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService." }, "group": { "type": "string", "description": "The fully-qualified URL of an instance group or network endpoint group (NEG) resource. To determine what types of backends a load balancer supports, see the [Backend services overview](https://cloud.google.com/load-balancing/docs/backend-service#backends). You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported." }, "maxConnections": { "type": "integer", "description": "Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE." }, "maxConnectionsPerEndpoint": { "type": "integer", "description": "Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE." }, "maxConnectionsPerInstance": { "type": "integer", "description": "Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE." }, "maxRate": { "type": "integer", "description": "Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION." }, "maxRatePerEndpoint": { "type": "number", "description": "Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION." }, "maxRatePerInstance": { "type": "number", "description": "Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION." }, "maxUtilization": { "type": "number", "description": "Optional parameter to define a target capacity for the UTILIZATION balancing mode. The valid range is [0.0, 1.0]. For usage guidelines, see Utilization balancing mode." }, "preference": { "$ref": "#/types/google-native:compute%2Falpha:BackendPreference", "description": "This field indicates whether this backend should be fully utilized before sending traffic to backends with default preference. The possible values are: - PREFERRED: Backends with this preference level will be filled up to their capacity limits first, based on RTT. - DEFAULT: If preferred backends don't have enough capacity, backends in this layer would be used and traffic would be assigned based on the load balancing algorithm you use. This is the default " } }, "type": "object" }, "google-native:compute/alpha:BackendBalancingMode": { "description": "Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode. Backends must use compatible balancing modes. For more information, see Supported balancing modes and target capacity settings and Restrictions and guidance for instance groups. Note: Currently, if you use the API to configure incompatible balancing modes, the configuration might be accepted even though it has no impact and is ignored. Specifically, Backend.maxUtilization is ignored when Backend.balancingMode is RATE. In the future, this incompatible combination will be rejected.", "type": "string", "enum": [ { "name": "Connection", "description": "Balance based on the number of simultaneous connections.", "value": "CONNECTION" }, { "name": "Rate", "description": "Balance based on requests per second (RPS).", "value": "RATE" }, { "name": "Utilization", "description": "Balance based on the backend utilization.", "value": "UTILIZATION" } ] }, "google-native:compute/alpha:BackendBucketCdnPolicy": { "description": "Message containing Cloud CDN configuration for a backend bucket.", "properties": { "bypassCacheOnRequestHeaders": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:BackendBucketCdnPolicyBypassCacheOnRequestHeader" }, "description": "Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings." }, "cacheKeyPolicy": { "$ref": "#/types/google-native:compute%2Falpha:BackendBucketCdnPolicyCacheKeyPolicy", "description": "The CacheKeyPolicy for this CdnPolicy." }, "cacheMode": { "$ref": "#/types/google-native:compute%2Falpha:BackendBucketCdnPolicyCacheMode", "description": "Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any \"private\", \"no-store\" or \"no-cache\" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached." }, "clientTtl": { "type": "integer", "description": "Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a \"public\" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a \"public\" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year)." }, "defaultTtl": { "type": "integer", "description": "Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of \"0\" means \"always revalidate\". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." }, "maxTtl": { "type": "integer", "description": "Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of \"0\" means \"always revalidate\". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." }, "negativeCaching": { "type": "boolean", "description": "Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy." }, "negativeCachingPolicy": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:BackendBucketCdnPolicyNegativeCachingPolicy" }, "description": "Sets a cache TTL for the specified HTTP status code. negative_caching must be enabled to configure negative_caching_policy. Omitting the policy and leaving negative_caching enabled will use Cloud CDN's default cache TTLs. Note that when specifying an explicit negative_caching_policy, you should take care to specify a cache TTL for all response codes that you wish to cache. Cloud CDN will not apply any default negative caching when a policy exists." }, "requestCoalescing": { "type": "boolean", "description": "If true then Cloud CDN will combine multiple concurrent cache fill requests into a small number of requests to the origin." }, "serveWhileStale": { "type": "integer", "description": "Serve existing content from the cache (if available) when revalidating content with the origin, or when an error is encountered when refreshing the cache. This setting defines the default \"max-stale\" duration for any cached responses that do not specify a max-stale directive. Stale responses that exceed the TTL configured here will not be served. The default limit (max-stale) is 86400s (1 day), which will allow stale content to be served up to this limit beyond the max-age (or s-max-age) of a cached response. The maximum allowed value is 604800 (1 week). Set this to zero (0) to disable serve-while-stale." }, "signedUrlCacheMaxAgeSec": { "type": "string", "description": "Maximum number of seconds the response to a signed URL request will be considered fresh. After this time period, the response will be revalidated before being served. Defaults to 1hr (3600s). When serving responses to signed URL requests, Cloud CDN will internally behave as though all responses from this backend had a \"Cache-Control: public, max-age=[TTL]\" header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered." } }, "type": "object" }, "google-native:compute/alpha:BackendBucketCdnPolicyBypassCacheOnRequestHeader": { "description": "Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.", "properties": { "headerName": { "type": "string", "description": "The header field name to match on when bypassing cache. Values are case-insensitive." } }, "type": "object" }, "google-native:compute/alpha:BackendBucketCdnPolicyBypassCacheOnRequestHeaderResponse": { "description": "Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.", "properties": { "headerName": { "type": "string", "description": "The header field name to match on when bypassing cache. Values are case-insensitive." } }, "type": "object", "required": [ "headerName" ] }, "google-native:compute/alpha:BackendBucketCdnPolicyCacheKeyPolicy": { "description": "Message containing what to include in the cache key for a request for Cloud CDN.", "properties": { "includeHttpHeaders": { "type": "array", "items": { "type": "string" }, "description": "Allows HTTP request headers (by name) to be used in the cache key." }, "queryStringWhitelist": { "type": "array", "items": { "type": "string" }, "description": "Names of query string parameters to include in cache keys. Default parameters are always included. '&' and '=' will be percent encoded and not treated as delimiters." } }, "type": "object" }, "google-native:compute/alpha:BackendBucketCdnPolicyCacheKeyPolicyResponse": { "description": "Message containing what to include in the cache key for a request for Cloud CDN.", "properties": { "includeHttpHeaders": { "type": "array", "items": { "type": "string" }, "description": "Allows HTTP request headers (by name) to be used in the cache key." }, "queryStringWhitelist": { "type": "array", "items": { "type": "string" }, "description": "Names of query string parameters to include in cache keys. Default parameters are always included. '&' and '=' will be percent encoded and not treated as delimiters." } }, "type": "object", "required": [ "includeHttpHeaders", "queryStringWhitelist" ] }, "google-native:compute/alpha:BackendBucketCdnPolicyCacheMode": { "description": "Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any \"private\", \"no-store\" or \"no-cache\" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.", "type": "string", "enum": [ { "name": "CacheAllStatic", "description": "Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.", "value": "CACHE_ALL_STATIC" }, { "name": "ForceCacheAll", "description": "Cache all content, ignoring any \"private\", \"no-store\" or \"no-cache\" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.", "value": "FORCE_CACHE_ALL" }, { "name": "InvalidCacheMode", "value": "INVALID_CACHE_MODE" }, { "name": "UseOriginHeaders", "description": "Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.", "value": "USE_ORIGIN_HEADERS" } ] }, "google-native:compute/alpha:BackendBucketCdnPolicyNegativeCachingPolicy": { "description": "Specify CDN TTLs for response error codes.", "properties": { "code": { "type": "integer", "description": "The HTTP status code to define a TTL against. Only HTTP status codes 300, 301, 302, 307, 308, 404, 405, 410, 421, 451 and 501 are can be specified as values, and you cannot specify a status code more than once." }, "ttl": { "type": "integer", "description": "The TTL (in seconds) for which to cache responses with the corresponding status code. The maximum allowed value is 1800s (30 minutes), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." } }, "type": "object" }, "google-native:compute/alpha:BackendBucketCdnPolicyNegativeCachingPolicyResponse": { "description": "Specify CDN TTLs for response error codes.", "properties": { "code": { "type": "integer", "description": "The HTTP status code to define a TTL against. Only HTTP status codes 300, 301, 302, 307, 308, 404, 405, 410, 421, 451 and 501 are can be specified as values, and you cannot specify a status code more than once." }, "ttl": { "type": "integer", "description": "The TTL (in seconds) for which to cache responses with the corresponding status code. The maximum allowed value is 1800s (30 minutes), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." } }, "type": "object", "required": [ "code", "ttl" ] }, "google-native:compute/alpha:BackendBucketCdnPolicyResponse": { "description": "Message containing Cloud CDN configuration for a backend bucket.", "properties": { "bypassCacheOnRequestHeaders": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:BackendBucketCdnPolicyBypassCacheOnRequestHeaderResponse" }, "description": "Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings." }, "cacheKeyPolicy": { "$ref": "#/types/google-native:compute%2Falpha:BackendBucketCdnPolicyCacheKeyPolicyResponse", "description": "The CacheKeyPolicy for this CdnPolicy." }, "cacheMode": { "type": "string", "description": "Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any \"private\", \"no-store\" or \"no-cache\" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached." }, "clientTtl": { "type": "integer", "description": "Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a \"public\" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a \"public\" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year)." }, "defaultTtl": { "type": "integer", "description": "Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of \"0\" means \"always revalidate\". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." }, "maxTtl": { "type": "integer", "description": "Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of \"0\" means \"always revalidate\". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." }, "negativeCaching": { "type": "boolean", "description": "Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy." }, "negativeCachingPolicy": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:BackendBucketCdnPolicyNegativeCachingPolicyResponse" }, "description": "Sets a cache TTL for the specified HTTP status code. negative_caching must be enabled to configure negative_caching_policy. Omitting the policy and leaving negative_caching enabled will use Cloud CDN's default cache TTLs. Note that when specifying an explicit negative_caching_policy, you should take care to specify a cache TTL for all response codes that you wish to cache. Cloud CDN will not apply any default negative caching when a policy exists." }, "requestCoalescing": { "type": "boolean", "description": "If true then Cloud CDN will combine multiple concurrent cache fill requests into a small number of requests to the origin." }, "serveWhileStale": { "type": "integer", "description": "Serve existing content from the cache (if available) when revalidating content with the origin, or when an error is encountered when refreshing the cache. This setting defines the default \"max-stale\" duration for any cached responses that do not specify a max-stale directive. Stale responses that exceed the TTL configured here will not be served. The default limit (max-stale) is 86400s (1 day), which will allow stale content to be served up to this limit beyond the max-age (or s-max-age) of a cached response. The maximum allowed value is 604800 (1 week). Set this to zero (0) to disable serve-while-stale." }, "signedUrlCacheMaxAgeSec": { "type": "string", "description": "Maximum number of seconds the response to a signed URL request will be considered fresh. After this time period, the response will be revalidated before being served. Defaults to 1hr (3600s). When serving responses to signed URL requests, Cloud CDN will internally behave as though all responses from this backend had a \"Cache-Control: public, max-age=[TTL]\" header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered." }, "signedUrlKeyNames": { "type": "array", "items": { "type": "string" }, "description": "Names of the keys for signing request URLs." } }, "type": "object", "required": [ "bypassCacheOnRequestHeaders", "cacheKeyPolicy", "cacheMode", "clientTtl", "defaultTtl", "maxTtl", "negativeCaching", "negativeCachingPolicy", "requestCoalescing", "serveWhileStale", "signedUrlCacheMaxAgeSec", "signedUrlKeyNames" ] }, "google-native:compute/alpha:BackendBucketCompressionMode": { "description": "Compress text responses using Brotli or gzip compression, based on the client's Accept-Encoding header.", "type": "string", "enum": [ { "name": "Automatic", "description": "Automatically uses the best compression based on the Accept-Encoding header sent by the client.", "value": "AUTOMATIC" }, { "name": "Disabled", "description": "Disables compression. Existing compressed responses cached by Cloud CDN will not be served to clients.", "value": "DISABLED" } ] }, "google-native:compute/alpha:BackendPreference": { "description": "This field indicates whether this backend should be fully utilized before sending traffic to backends with default preference. The possible values are: - PREFERRED: Backends with this preference level will be filled up to their capacity limits first, based on RTT. - DEFAULT: If preferred backends don't have enough capacity, backends in this layer would be used and traffic would be assigned based on the load balancing algorithm you use. This is the default ", "type": "string", "enum": [ { "name": "Default", "description": "No preference.", "value": "DEFAULT" }, { "name": "PreferenceUnspecified", "description": "If preference is unspecified, we set it to the DEFAULT value", "value": "PREFERENCE_UNSPECIFIED" }, { "name": "Preferred", "description": "Traffic will be sent to this backend first.", "value": "PREFERRED" } ] }, "google-native:compute/alpha:BackendResponse": { "description": "Message containing information of one individual backend.", "properties": { "balancingMode": { "type": "string", "description": "Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode. Backends must use compatible balancing modes. For more information, see Supported balancing modes and target capacity settings and Restrictions and guidance for instance groups. Note: Currently, if you use the API to configure incompatible balancing modes, the configuration might be accepted even though it has no impact and is ignored. Specifically, Backend.maxUtilization is ignored when Backend.balancingMode is RATE. In the future, this incompatible combination will be rejected." }, "capacityScaler": { "type": "number", "description": "A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not available with backends that don't support using a balancingMode. This includes backends such as global internet NEGs, regional serverless NEGs, and PSC NEGs." }, "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "failover": { "type": "boolean", "description": "This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService." }, "group": { "type": "string", "description": "The fully-qualified URL of an instance group or network endpoint group (NEG) resource. To determine what types of backends a load balancer supports, see the [Backend services overview](https://cloud.google.com/load-balancing/docs/backend-service#backends). You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported." }, "maxConnections": { "type": "integer", "description": "Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE." }, "maxConnectionsPerEndpoint": { "type": "integer", "description": "Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE." }, "maxConnectionsPerInstance": { "type": "integer", "description": "Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE." }, "maxRate": { "type": "integer", "description": "Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION." }, "maxRatePerEndpoint": { "type": "number", "description": "Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION." }, "maxRatePerInstance": { "type": "number", "description": "Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION." }, "maxUtilization": { "type": "number", "description": "Optional parameter to define a target capacity for the UTILIZATION balancing mode. The valid range is [0.0, 1.0]. For usage guidelines, see Utilization balancing mode." }, "preference": { "type": "string", "description": "This field indicates whether this backend should be fully utilized before sending traffic to backends with default preference. The possible values are: - PREFERRED: Backends with this preference level will be filled up to their capacity limits first, based on RTT. - DEFAULT: If preferred backends don't have enough capacity, backends in this layer would be used and traffic would be assigned based on the load balancing algorithm you use. This is the default " } }, "type": "object", "required": [ "balancingMode", "capacityScaler", "description", "failover", "group", "maxConnections", "maxConnectionsPerEndpoint", "maxConnectionsPerInstance", "maxRate", "maxRatePerEndpoint", "maxRatePerInstance", "maxUtilization", "preference" ] }, "google-native:compute/alpha:BackendServiceCdnPolicy": { "description": "Message containing Cloud CDN configuration for a backend service.", "properties": { "bypassCacheOnRequestHeaders": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:BackendServiceCdnPolicyBypassCacheOnRequestHeader" }, "description": "Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings." }, "cacheKeyPolicy": { "$ref": "#/types/google-native:compute%2Falpha:CacheKeyPolicy", "description": "The CacheKeyPolicy for this CdnPolicy." }, "cacheMode": { "$ref": "#/types/google-native:compute%2Falpha:BackendServiceCdnPolicyCacheMode", "description": "Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any \"private\", \"no-store\" or \"no-cache\" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached." }, "clientTtl": { "type": "integer", "description": "Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a \"public\" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a \"public\" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year)." }, "defaultTtl": { "type": "integer", "description": "Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of \"0\" means \"always revalidate\". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." }, "maxTtl": { "type": "integer", "description": "Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of \"0\" means \"always revalidate\". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." }, "negativeCaching": { "type": "boolean", "description": "Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy." }, "negativeCachingPolicy": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:BackendServiceCdnPolicyNegativeCachingPolicy" }, "description": "Sets a cache TTL for the specified HTTP status code. negative_caching must be enabled to configure negative_caching_policy. Omitting the policy and leaving negative_caching enabled will use Cloud CDN's default cache TTLs. Note that when specifying an explicit negative_caching_policy, you should take care to specify a cache TTL for all response codes that you wish to cache. Cloud CDN will not apply any default negative caching when a policy exists." }, "requestCoalescing": { "type": "boolean", "description": "If true then Cloud CDN will combine multiple concurrent cache fill requests into a small number of requests to the origin." }, "serveWhileStale": { "type": "integer", "description": "Serve existing content from the cache (if available) when revalidating content with the origin, or when an error is encountered when refreshing the cache. This setting defines the default \"max-stale\" duration for any cached responses that do not specify a max-stale directive. Stale responses that exceed the TTL configured here will not be served. The default limit (max-stale) is 86400s (1 day), which will allow stale content to be served up to this limit beyond the max-age (or s-max-age) of a cached response. The maximum allowed value is 604800 (1 week). Set this to zero (0) to disable serve-while-stale." }, "signedUrlCacheMaxAgeSec": { "type": "string", "description": "Maximum number of seconds the response to a signed URL request will be considered fresh. After this time period, the response will be revalidated before being served. Defaults to 1hr (3600s). When serving responses to signed URL requests, Cloud CDN will internally behave as though all responses from this backend had a \"Cache-Control: public, max-age=[TTL]\" header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered." } }, "type": "object" }, "google-native:compute/alpha:BackendServiceCdnPolicyBypassCacheOnRequestHeader": { "description": "Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.", "properties": { "headerName": { "type": "string", "description": "The header field name to match on when bypassing cache. Values are case-insensitive." } }, "type": "object" }, "google-native:compute/alpha:BackendServiceCdnPolicyBypassCacheOnRequestHeaderResponse": { "description": "Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.", "properties": { "headerName": { "type": "string", "description": "The header field name to match on when bypassing cache. Values are case-insensitive." } }, "type": "object", "required": [ "headerName" ] }, "google-native:compute/alpha:BackendServiceCdnPolicyCacheMode": { "description": "Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any \"private\", \"no-store\" or \"no-cache\" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.", "type": "string", "enum": [ { "name": "CacheAllStatic", "description": "Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.", "value": "CACHE_ALL_STATIC" }, { "name": "ForceCacheAll", "description": "Cache all content, ignoring any \"private\", \"no-store\" or \"no-cache\" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.", "value": "FORCE_CACHE_ALL" }, { "name": "InvalidCacheMode", "value": "INVALID_CACHE_MODE" }, { "name": "UseOriginHeaders", "description": "Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.", "value": "USE_ORIGIN_HEADERS" } ] }, "google-native:compute/alpha:BackendServiceCdnPolicyNegativeCachingPolicy": { "description": "Specify CDN TTLs for response error codes.", "properties": { "code": { "type": "integer", "description": "The HTTP status code to define a TTL against. Only HTTP status codes 300, 301, 302, 307, 308, 404, 405, 410, 421, 451 and 501 are can be specified as values, and you cannot specify a status code more than once." }, "ttl": { "type": "integer", "description": "The TTL (in seconds) for which to cache responses with the corresponding status code. The maximum allowed value is 1800s (30 minutes), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." } }, "type": "object" }, "google-native:compute/alpha:BackendServiceCdnPolicyNegativeCachingPolicyResponse": { "description": "Specify CDN TTLs for response error codes.", "properties": { "code": { "type": "integer", "description": "The HTTP status code to define a TTL against. Only HTTP status codes 300, 301, 302, 307, 308, 404, 405, 410, 421, 451 and 501 are can be specified as values, and you cannot specify a status code more than once." }, "ttl": { "type": "integer", "description": "The TTL (in seconds) for which to cache responses with the corresponding status code. The maximum allowed value is 1800s (30 minutes), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." } }, "type": "object", "required": [ "code", "ttl" ] }, "google-native:compute/alpha:BackendServiceCdnPolicyResponse": { "description": "Message containing Cloud CDN configuration for a backend service.", "properties": { "bypassCacheOnRequestHeaders": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:BackendServiceCdnPolicyBypassCacheOnRequestHeaderResponse" }, "description": "Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings." }, "cacheKeyPolicy": { "$ref": "#/types/google-native:compute%2Falpha:CacheKeyPolicyResponse", "description": "The CacheKeyPolicy for this CdnPolicy." }, "cacheMode": { "type": "string", "description": "Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any \"private\", \"no-store\" or \"no-cache\" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached." }, "clientTtl": { "type": "integer", "description": "Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a \"public\" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a \"public\" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year)." }, "defaultTtl": { "type": "integer", "description": "Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of \"0\" means \"always revalidate\". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." }, "maxTtl": { "type": "integer", "description": "Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of \"0\" means \"always revalidate\". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." }, "negativeCaching": { "type": "boolean", "description": "Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy." }, "negativeCachingPolicy": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:BackendServiceCdnPolicyNegativeCachingPolicyResponse" }, "description": "Sets a cache TTL for the specified HTTP status code. negative_caching must be enabled to configure negative_caching_policy. Omitting the policy and leaving negative_caching enabled will use Cloud CDN's default cache TTLs. Note that when specifying an explicit negative_caching_policy, you should take care to specify a cache TTL for all response codes that you wish to cache. Cloud CDN will not apply any default negative caching when a policy exists." }, "requestCoalescing": { "type": "boolean", "description": "If true then Cloud CDN will combine multiple concurrent cache fill requests into a small number of requests to the origin." }, "serveWhileStale": { "type": "integer", "description": "Serve existing content from the cache (if available) when revalidating content with the origin, or when an error is encountered when refreshing the cache. This setting defines the default \"max-stale\" duration for any cached responses that do not specify a max-stale directive. Stale responses that exceed the TTL configured here will not be served. The default limit (max-stale) is 86400s (1 day), which will allow stale content to be served up to this limit beyond the max-age (or s-max-age) of a cached response. The maximum allowed value is 604800 (1 week). Set this to zero (0) to disable serve-while-stale." }, "signedUrlCacheMaxAgeSec": { "type": "string", "description": "Maximum number of seconds the response to a signed URL request will be considered fresh. After this time period, the response will be revalidated before being served. Defaults to 1hr (3600s). When serving responses to signed URL requests, Cloud CDN will internally behave as though all responses from this backend had a \"Cache-Control: public, max-age=[TTL]\" header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered." }, "signedUrlKeyNames": { "type": "array", "items": { "type": "string" }, "description": "Names of the keys for signing request URLs." } }, "type": "object", "required": [ "bypassCacheOnRequestHeaders", "cacheKeyPolicy", "cacheMode", "clientTtl", "defaultTtl", "maxTtl", "negativeCaching", "negativeCachingPolicy", "requestCoalescing", "serveWhileStale", "signedUrlCacheMaxAgeSec", "signedUrlKeyNames" ] }, "google-native:compute/alpha:BackendServiceCompressionMode": { "description": "Compress text responses using Brotli or gzip compression, based on the client's Accept-Encoding header.", "type": "string", "enum": [ { "name": "Automatic", "description": "Automatically uses the best compression based on the Accept-Encoding header sent by the client.", "value": "AUTOMATIC" }, { "name": "Disabled", "description": "Disables compression. Existing compressed responses cached by Cloud CDN will not be served to clients.", "value": "DISABLED" } ] }, "google-native:compute/alpha:BackendServiceConnectionTrackingPolicy": { "description": "Connection Tracking configuration for this BackendService.", "properties": { "connectionPersistenceOnUnhealthyBackends": { "$ref": "#/types/google-native:compute%2Falpha:BackendServiceConnectionTrackingPolicyConnectionPersistenceOnUnhealthyBackends", "description": "Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default. For more details, see [Connection Persistence for Network Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-backend-service#connection-persistence) and [Connection Persistence for Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal#connection-persistence)." }, "enableStrongAffinity": { "type": "boolean", "description": "Enable Strong Session Affinity for Network Load Balancing. This option is not available publicly." }, "idleTimeoutSec": { "type": "integer", "description": "Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds). For Internal TCP/UDP Load Balancing: - The minimum (default) is 10 minutes and the maximum is 16 hours. - It can be set only if Connection Tracking is less than 5-tuple (i.e. Session Affinity is CLIENT_IP_NO_DESTINATION, CLIENT_IP or CLIENT_IP_PROTO, and Tracking Mode is PER_SESSION). For Network Load Balancer the default is 60 seconds. This option is not available publicly." }, "trackingMode": { "$ref": "#/types/google-native:compute%2Falpha:BackendServiceConnectionTrackingPolicyTrackingMode", "description": "Specifies the key used for connection tracking. There are two options: - PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. - PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity. For more details, see [Tracking Mode for Network Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-backend-service#tracking-mode) and [Tracking Mode for Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal#tracking-mode)." } }, "type": "object" }, "google-native:compute/alpha:BackendServiceConnectionTrackingPolicyConnectionPersistenceOnUnhealthyBackends": { "description": "Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default. For more details, see [Connection Persistence for Network Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-backend-service#connection-persistence) and [Connection Persistence for Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal#connection-persistence).", "type": "string", "enum": [ { "name": "AlwaysPersist", "value": "ALWAYS_PERSIST" }, { "name": "DefaultForProtocol", "value": "DEFAULT_FOR_PROTOCOL" }, { "name": "NeverPersist", "value": "NEVER_PERSIST" } ] }, "google-native:compute/alpha:BackendServiceConnectionTrackingPolicyResponse": { "description": "Connection Tracking configuration for this BackendService.", "properties": { "connectionPersistenceOnUnhealthyBackends": { "type": "string", "description": "Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default. For more details, see [Connection Persistence for Network Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-backend-service#connection-persistence) and [Connection Persistence for Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal#connection-persistence)." }, "enableStrongAffinity": { "type": "boolean", "description": "Enable Strong Session Affinity for Network Load Balancing. This option is not available publicly." }, "idleTimeoutSec": { "type": "integer", "description": "Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds). For Internal TCP/UDP Load Balancing: - The minimum (default) is 10 minutes and the maximum is 16 hours. - It can be set only if Connection Tracking is less than 5-tuple (i.e. Session Affinity is CLIENT_IP_NO_DESTINATION, CLIENT_IP or CLIENT_IP_PROTO, and Tracking Mode is PER_SESSION). For Network Load Balancer the default is 60 seconds. This option is not available publicly." }, "trackingMode": { "type": "string", "description": "Specifies the key used for connection tracking. There are two options: - PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. - PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity. For more details, see [Tracking Mode for Network Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-backend-service#tracking-mode) and [Tracking Mode for Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal#tracking-mode)." } }, "type": "object", "required": [ "connectionPersistenceOnUnhealthyBackends", "enableStrongAffinity", "idleTimeoutSec", "trackingMode" ] }, "google-native:compute/alpha:BackendServiceConnectionTrackingPolicyTrackingMode": { "description": "Specifies the key used for connection tracking. There are two options: - PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. - PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity. For more details, see [Tracking Mode for Network Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-backend-service#tracking-mode) and [Tracking Mode for Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal#tracking-mode).", "type": "string", "enum": [ { "name": "InvalidTrackingMode", "value": "INVALID_TRACKING_MODE" }, { "name": "PerConnection", "value": "PER_CONNECTION" }, { "name": "PerSession", "value": "PER_SESSION" } ] }, "google-native:compute/alpha:BackendServiceFailoverPolicy": { "description": "For load balancers that have configurable failover: [Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal/failover-overview) and [external TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-failover-overview). On failover or failback, this field indicates whether connection draining will be honored. Google Cloud has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes).", "properties": { "disableConnectionDrainOnFailover": { "type": "boolean", "description": "This can be set to true only if the protocol is TCP. The default is false." }, "dropTrafficIfUnhealthy": { "type": "boolean", "description": "If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. For load balancers that have configurable failover: [Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal/failover-overview) and [external TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-failover-overview). The default is false." }, "failoverRatio": { "type": "number", "description": "The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio. For load balancers that have configurable failover: [Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal/failover-overview) and [external TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-failover-overview)." } }, "type": "object" }, "google-native:compute/alpha:BackendServiceFailoverPolicyResponse": { "description": "For load balancers that have configurable failover: [Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal/failover-overview) and [external TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-failover-overview). On failover or failback, this field indicates whether connection draining will be honored. Google Cloud has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes).", "properties": { "disableConnectionDrainOnFailover": { "type": "boolean", "description": "This can be set to true only if the protocol is TCP. The default is false." }, "dropTrafficIfUnhealthy": { "type": "boolean", "description": "If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. For load balancers that have configurable failover: [Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal/failover-overview) and [external TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-failover-overview). The default is false." }, "failoverRatio": { "type": "number", "description": "The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio. For load balancers that have configurable failover: [Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal/failover-overview) and [external TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-failover-overview)." } }, "type": "object", "required": [ "disableConnectionDrainOnFailover", "dropTrafficIfUnhealthy", "failoverRatio" ] }, "google-native:compute/alpha:BackendServiceIAP": { "description": "Identity-Aware Proxy", "properties": { "enabled": { "type": "boolean", "description": "Whether the serving infrastructure will authenticate and authorize all incoming requests." }, "oauth2ClientId": { "type": "string", "description": "OAuth2 client ID to use for the authentication flow." }, "oauth2ClientInfo": { "$ref": "#/types/google-native:compute%2Falpha:BackendServiceIAPOAuth2ClientInfo", "description": "[Input Only] OAuth client info required to generate client id to be used for IAP." }, "oauth2ClientSecret": { "type": "string", "description": "OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly" } }, "type": "object" }, "google-native:compute/alpha:BackendServiceIAPOAuth2ClientInfo": { "properties": { "applicationName": { "type": "string", "description": "Application name to be used in OAuth consent screen." }, "clientName": { "type": "string", "description": "Name of the client to be generated. Optional - If not provided, the name will be autogenerated by the backend." }, "developerEmailAddress": { "type": "string", "description": "Developer's information to be used in OAuth consent screen." } }, "type": "object" }, "google-native:compute/alpha:BackendServiceIAPOAuth2ClientInfoResponse": { "properties": { "applicationName": { "type": "string", "description": "Application name to be used in OAuth consent screen." }, "clientName": { "type": "string", "description": "Name of the client to be generated. Optional - If not provided, the name will be autogenerated by the backend." }, "developerEmailAddress": { "type": "string", "description": "Developer's information to be used in OAuth consent screen." } }, "type": "object", "required": [ "applicationName", "clientName", "developerEmailAddress" ] }, "google-native:compute/alpha:BackendServiceIAPResponse": { "description": "Identity-Aware Proxy", "properties": { "enabled": { "type": "boolean", "description": "Whether the serving infrastructure will authenticate and authorize all incoming requests." }, "oauth2ClientId": { "type": "string", "description": "OAuth2 client ID to use for the authentication flow." }, "oauth2ClientInfo": { "$ref": "#/types/google-native:compute%2Falpha:BackendServiceIAPOAuth2ClientInfoResponse", "description": "[Input Only] OAuth client info required to generate client id to be used for IAP." }, "oauth2ClientSecret": { "type": "string", "description": "OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly" }, "oauth2ClientSecretSha256": { "type": "string", "description": "SHA256 hash value for the field oauth2_client_secret above." } }, "type": "object", "required": [ "enabled", "oauth2ClientId", "oauth2ClientInfo", "oauth2ClientSecret", "oauth2ClientSecretSha256" ] }, "google-native:compute/alpha:BackendServiceIpAddressSelectionPolicy": { "description": "Specifies a preference for traffic sent from the proxy to the backend (or from the client to the backend for proxyless gRPC). The possible values are: - IPV4_ONLY: Only send IPv4 traffic to the backends of the backend service (Instance Group, Managed Instance Group, Network Endpoint Group), regardless of traffic from the client to the proxy. Only IPv4 health checks are used to check the health of the backends. This is the default setting. - PREFER_IPV6: Prioritize the connection to the endpoint's IPv6 address over its IPv4 address (provided there is a healthy IPv6 address). - IPV6_ONLY: Only send IPv6 traffic to the backends of the backend service (Instance Group, Managed Instance Group, Network Endpoint Group), regardless of traffic from the client to the proxy. Only IPv6 health checks are used to check the health of the backends. This field is applicable to either: - Advanced Global External HTTPS Load Balancing (load balancing scheme EXTERNAL_MANAGED), - Regional External HTTPS Load Balancing, - Internal TCP Proxy (load balancing scheme INTERNAL_MANAGED), - Regional Internal HTTPS Load Balancing (load balancing scheme INTERNAL_MANAGED), - Traffic Director with Envoy proxies and proxyless gRPC (load balancing scheme INTERNAL_SELF_MANAGED). ", "type": "string", "enum": [ { "name": "Ipv4Only", "description": "Only send IPv4 traffic to the backends of the Backend Service (Instance Group, Managed Instance Group, Network Endpoint Group) regardless of traffic from the client to the proxy. Only IPv4 health-checks are used to check the health of the backends. This is the default setting.", "value": "IPV4_ONLY" }, { "name": "Ipv6Only", "description": "Only send IPv6 traffic to the backends of the Backend Service (Instance Group, Managed Instance Group, Network Endpoint Group) regardless of traffic from the client to the proxy. Only IPv6 health-checks are used to check the health of the backends.", "value": "IPV6_ONLY" }, { "name": "IpAddressSelectionPolicyUnspecified", "description": "Unspecified IP address selection policy.", "value": "IP_ADDRESS_SELECTION_POLICY_UNSPECIFIED" }, { "name": "PreferIpv6", "description": "Prioritize the connection to the endpoints IPv6 address over its IPv4 address (provided there is a healthy IPv6 address).", "value": "PREFER_IPV6" } ] }, "google-native:compute/alpha:BackendServiceLoadBalancingScheme": { "description": "Specifies the load balancer type. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.", "type": "string", "enum": [ { "name": "External", "description": "Signifies that this will be used for external HTTP(S), SSL Proxy, TCP Proxy, or Network Load Balancing", "value": "EXTERNAL" }, { "name": "ExternalManaged", "description": "Signifies that this will be used for External Managed HTTP(S) Load Balancing.", "value": "EXTERNAL_MANAGED" }, { "name": "Internal", "description": "Signifies that this will be used for Internal TCP/UDP Load Balancing.", "value": "INTERNAL" }, { "name": "InternalManaged", "description": "Signifies that this will be used for Internal HTTP(S) Load Balancing.", "value": "INTERNAL_MANAGED" }, { "name": "InternalSelfManaged", "description": "Signifies that this will be used by Traffic Director.", "value": "INTERNAL_SELF_MANAGED" }, { "name": "InvalidLoadBalancingScheme", "value": "INVALID_LOAD_BALANCING_SCHEME" } ] }, "google-native:compute/alpha:BackendServiceLocalityLbPolicy": { "description": "The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED, INTERNAL_MANAGED, or EXTERNAL_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only ROUND_ROBIN and RING_HASH are supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.", "type": "string", "enum": [ { "name": "InvalidLbPolicy", "value": "INVALID_LB_POLICY" }, { "name": "LeastRequest", "description": "An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.", "value": "LEAST_REQUEST" }, { "name": "Maglev", "description": "This algorithm implements consistent hashing to backends. Maglev can be used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824", "value": "MAGLEV" }, { "name": "OriginalDestination", "description": "Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.", "value": "ORIGINAL_DESTINATION" }, { "name": "Random", "description": "The load balancer selects a random healthy host.", "value": "RANDOM" }, { "name": "RingHash", "description": "The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.", "value": "RING_HASH" }, { "name": "RoundRobin", "description": "This is a simple policy in which each healthy backend is selected in round robin order. This is the default.", "value": "ROUND_ROBIN" }, { "name": "WeightedMaglev", "description": "Per-instance weighted Load Balancing via health check reported weights. If set, the Backend Service must configure a non legacy HTTP-based Health Check, and health check replies are expected to contain non-standard HTTP response header field X-Load-Balancing-Endpoint-Weight to specify the per-instance weights. If set, Load Balancing is weighted based on the per-instance weights reported in the last processed health check replies, as long as every instance either reported a valid weight or had UNAVAILABLE_WEIGHT. Otherwise, Load Balancing remains equal-weight. This option is only supported in Network Load Balancing.", "value": "WEIGHTED_MAGLEV" } ] }, "google-native:compute/alpha:BackendServiceLocalityLoadBalancingPolicyConfig": { "description": "Container for either a built-in LB policy supported by gRPC or Envoy or a custom one implemented by the end user.", "properties": { "customPolicy": { "$ref": "#/types/google-native:compute%2Falpha:BackendServiceLocalityLoadBalancingPolicyConfigCustomPolicy" }, "policy": { "$ref": "#/types/google-native:compute%2Falpha:BackendServiceLocalityLoadBalancingPolicyConfigPolicy" } }, "type": "object" }, "google-native:compute/alpha:BackendServiceLocalityLoadBalancingPolicyConfigCustomPolicy": { "description": "The configuration for a custom policy implemented by the user and deployed with the client.", "properties": { "data": { "type": "string", "description": "An optional, arbitrary JSON object with configuration data, understood by a locally installed custom policy implementation." }, "name": { "type": "string", "description": "Identifies the custom policy. The value should match the name of a custom implementation registered on the gRPC clients. It should follow protocol buffer message naming conventions and include the full path (for example, myorg.CustomLbPolicy). The maximum length is 256 characters. Do not specify the same custom policy more than once for a backend. If you do, the configuration is rejected. For an example of how to use this field, see Use a custom policy." } }, "type": "object" }, "google-native:compute/alpha:BackendServiceLocalityLoadBalancingPolicyConfigCustomPolicyResponse": { "description": "The configuration for a custom policy implemented by the user and deployed with the client.", "properties": { "data": { "type": "string", "description": "An optional, arbitrary JSON object with configuration data, understood by a locally installed custom policy implementation." }, "name": { "type": "string", "description": "Identifies the custom policy. The value should match the name of a custom implementation registered on the gRPC clients. It should follow protocol buffer message naming conventions and include the full path (for example, myorg.CustomLbPolicy). The maximum length is 256 characters. Do not specify the same custom policy more than once for a backend. If you do, the configuration is rejected. For an example of how to use this field, see Use a custom policy." } }, "type": "object", "required": [ "data", "name" ] }, "google-native:compute/alpha:BackendServiceLocalityLoadBalancingPolicyConfigPolicy": { "description": "The configuration for a built-in load balancing policy.", "properties": { "name": { "$ref": "#/types/google-native:compute%2Falpha:BackendServiceLocalityLoadBalancingPolicyConfigPolicyName", "description": "The name of a locality load-balancing policy. Valid values include ROUND_ROBIN and, for Java clients, LEAST_REQUEST. For information about these values, see the description of localityLbPolicy. Do not specify the same policy more than once for a backend. If you do, the configuration is rejected." } }, "type": "object" }, "google-native:compute/alpha:BackendServiceLocalityLoadBalancingPolicyConfigPolicyName": { "description": "The name of a locality load-balancing policy. Valid values include ROUND_ROBIN and, for Java clients, LEAST_REQUEST. For information about these values, see the description of localityLbPolicy. Do not specify the same policy more than once for a backend. If you do, the configuration is rejected.", "type": "string", "enum": [ { "name": "InvalidLbPolicy", "value": "INVALID_LB_POLICY" }, { "name": "LeastRequest", "description": "An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.", "value": "LEAST_REQUEST" }, { "name": "Maglev", "description": "This algorithm implements consistent hashing to backends. Maglev can be used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824", "value": "MAGLEV" }, { "name": "OriginalDestination", "description": "Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.", "value": "ORIGINAL_DESTINATION" }, { "name": "Random", "description": "The load balancer selects a random healthy host.", "value": "RANDOM" }, { "name": "RingHash", "description": "The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.", "value": "RING_HASH" }, { "name": "RoundRobin", "description": "This is a simple policy in which each healthy backend is selected in round robin order. This is the default.", "value": "ROUND_ROBIN" }, { "name": "WeightedMaglev", "description": "Per-instance weighted Load Balancing via health check reported weights. If set, the Backend Service must configure a non legacy HTTP-based Health Check, and health check replies are expected to contain non-standard HTTP response header field X-Load-Balancing-Endpoint-Weight to specify the per-instance weights. If set, Load Balancing is weighted based on the per-instance weights reported in the last processed health check replies, as long as every instance either reported a valid weight or had UNAVAILABLE_WEIGHT. Otherwise, Load Balancing remains equal-weight. This option is only supported in Network Load Balancing.", "value": "WEIGHTED_MAGLEV" } ] }, "google-native:compute/alpha:BackendServiceLocalityLoadBalancingPolicyConfigPolicyResponse": { "description": "The configuration for a built-in load balancing policy.", "properties": { "name": { "type": "string", "description": "The name of a locality load-balancing policy. Valid values include ROUND_ROBIN and, for Java clients, LEAST_REQUEST. For information about these values, see the description of localityLbPolicy. Do not specify the same policy more than once for a backend. If you do, the configuration is rejected." } }, "type": "object", "required": [ "name" ] }, "google-native:compute/alpha:BackendServiceLocalityLoadBalancingPolicyConfigResponse": { "description": "Container for either a built-in LB policy supported by gRPC or Envoy or a custom one implemented by the end user.", "properties": { "customPolicy": { "$ref": "#/types/google-native:compute%2Falpha:BackendServiceLocalityLoadBalancingPolicyConfigCustomPolicyResponse" }, "policy": { "$ref": "#/types/google-native:compute%2Falpha:BackendServiceLocalityLoadBalancingPolicyConfigPolicyResponse" } }, "type": "object", "required": [ "customPolicy", "policy" ] }, "google-native:compute/alpha:BackendServiceLogConfig": { "description": "The available logging options for the load balancer traffic served by this backend service.", "properties": { "enable": { "type": "boolean", "description": "Denotes whether to enable logging for the load balancer traffic served by this backend service. The default value is false." }, "optional": { "$ref": "#/types/google-native:compute%2Falpha:BackendServiceLogConfigOptional", "description": "Deprecated in favor of optionalMode. This field can only be specified if logging is enabled for this backend service. Configures whether all, none or a subset of optional fields should be added to the reported logs. One of [INCLUDE_ALL_OPTIONAL, EXCLUDE_ALL_OPTIONAL, CUSTOM]. Default is EXCLUDE_ALL_OPTIONAL.", "deprecationMessage": "Deprecated in favor of optionalMode. This field can only be specified if logging is enabled for this backend service. Configures whether all, none or a subset of optional fields should be added to the reported logs. One of [INCLUDE_ALL_OPTIONAL, EXCLUDE_ALL_OPTIONAL, CUSTOM]. Default is EXCLUDE_ALL_OPTIONAL." }, "optionalFields": { "type": "array", "items": { "type": "string" }, "description": "This field can only be specified if logging is enabled for this backend service and \"logConfig.optionalMode\" was set to CUSTOM. Contains a list of optional fields you want to include in the logs. For example: serverInstance, serverGkeDetails.cluster, serverGkeDetails.pod.podNamespace" }, "optionalMode": { "$ref": "#/types/google-native:compute%2Falpha:BackendServiceLogConfigOptionalMode", "description": "This field can only be specified if logging is enabled for this backend service. Configures whether all, none or a subset of optional fields should be added to the reported logs. One of [INCLUDE_ALL_OPTIONAL, EXCLUDE_ALL_OPTIONAL, CUSTOM]. Default is EXCLUDE_ALL_OPTIONAL." }, "sampleRate": { "type": "number", "description": "This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0." } }, "type": "object" }, "google-native:compute/alpha:BackendServiceLogConfigOptional": { "description": "Deprecated in favor of optionalMode. This field can only be specified if logging is enabled for this backend service. Configures whether all, none or a subset of optional fields should be added to the reported logs. One of [INCLUDE_ALL_OPTIONAL, EXCLUDE_ALL_OPTIONAL, CUSTOM]. Default is EXCLUDE_ALL_OPTIONAL.", "type": "string", "enum": [ { "name": "Custom", "description": "A subset of optional fields.", "value": "CUSTOM" }, { "name": "ExcludeAllOptional", "description": "None optional fields.", "value": "EXCLUDE_ALL_OPTIONAL" }, { "name": "IncludeAllOptional", "description": "All optional fields.", "value": "INCLUDE_ALL_OPTIONAL" }, { "name": "UnspecifiedOptionalMode", "value": "UNSPECIFIED_OPTIONAL_MODE" } ] }, "google-native:compute/alpha:BackendServiceLogConfigOptionalMode": { "description": "This field can only be specified if logging is enabled for this backend service. Configures whether all, none or a subset of optional fields should be added to the reported logs. One of [INCLUDE_ALL_OPTIONAL, EXCLUDE_ALL_OPTIONAL, CUSTOM]. Default is EXCLUDE_ALL_OPTIONAL.", "type": "string", "enum": [ { "name": "Custom", "description": "A subset of optional fields.", "value": "CUSTOM" }, { "name": "ExcludeAllOptional", "description": "None optional fields.", "value": "EXCLUDE_ALL_OPTIONAL" }, { "name": "IncludeAllOptional", "description": "All optional fields.", "value": "INCLUDE_ALL_OPTIONAL" }, { "name": "UnspecifiedOptionalMode", "value": "UNSPECIFIED_OPTIONAL_MODE" } ] }, "google-native:compute/alpha:BackendServiceLogConfigResponse": { "description": "The available logging options for the load balancer traffic served by this backend service.", "properties": { "enable": { "type": "boolean", "description": "Denotes whether to enable logging for the load balancer traffic served by this backend service. The default value is false." }, "optional": { "type": "string", "description": "Deprecated in favor of optionalMode. This field can only be specified if logging is enabled for this backend service. Configures whether all, none or a subset of optional fields should be added to the reported logs. One of [INCLUDE_ALL_OPTIONAL, EXCLUDE_ALL_OPTIONAL, CUSTOM]. Default is EXCLUDE_ALL_OPTIONAL.", "deprecationMessage": "Deprecated in favor of optionalMode. This field can only be specified if logging is enabled for this backend service. Configures whether all, none or a subset of optional fields should be added to the reported logs. One of [INCLUDE_ALL_OPTIONAL, EXCLUDE_ALL_OPTIONAL, CUSTOM]. Default is EXCLUDE_ALL_OPTIONAL." }, "optionalFields": { "type": "array", "items": { "type": "string" }, "description": "This field can only be specified if logging is enabled for this backend service and \"logConfig.optionalMode\" was set to CUSTOM. Contains a list of optional fields you want to include in the logs. For example: serverInstance, serverGkeDetails.cluster, serverGkeDetails.pod.podNamespace" }, "optionalMode": { "type": "string", "description": "This field can only be specified if logging is enabled for this backend service. Configures whether all, none or a subset of optional fields should be added to the reported logs. One of [INCLUDE_ALL_OPTIONAL, EXCLUDE_ALL_OPTIONAL, CUSTOM]. Default is EXCLUDE_ALL_OPTIONAL." }, "sampleRate": { "type": "number", "description": "This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0." } }, "type": "object", "required": [ "enable", "optional", "optionalFields", "optionalMode", "sampleRate" ] }, "google-native:compute/alpha:BackendServiceProtocol": { "description": "The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancers or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.", "type": "string", "enum": [ { "name": "All", "description": "ALL includes TCP, UDP, ICMP, ESP, AH and SCTP. Note that this should never be used together with target_xx_proxies.", "value": "ALL" }, { "name": "Grpc", "description": "gRPC (available for Traffic Director).", "value": "GRPC" }, { "name": "Http", "value": "HTTP" }, { "name": "Http2", "description": "HTTP/2 with SSL.", "value": "HTTP2" }, { "name": "Https", "value": "HTTPS" }, { "name": "Ssl", "description": "TCP proxying with SSL.", "value": "SSL" }, { "name": "Tcp", "description": "TCP proxying or TCP pass-through.", "value": "TCP" }, { "name": "Udp", "description": "UDP.", "value": "UDP" }, { "name": "Unspecified", "description": "If a Backend Service has UNSPECIFIED as its protocol, it can be used with any L3/L4 Forwarding Rules.", "value": "UNSPECIFIED" } ] }, "google-native:compute/alpha:BackendServiceSessionAffinity": { "description": "Type of session affinity to use. The default is NONE. Only NONE and HEADER_FIELD are supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. For more details, see: [Session Affinity](https://cloud.google.com/load-balancing/docs/backend-service#session_affinity).", "type": "string", "enum": [ { "name": "ClientIp", "description": "2-tuple hash on packet's source and destination IP addresses. Connections from the same source IP address to the same destination IP address will be served by the same backend VM while that VM remains healthy.", "value": "CLIENT_IP" }, { "name": "ClientIpNoDestination", "description": "1-tuple hash only on packet's source IP address. Connections from the same source IP address will be served by the same backend VM while that VM remains healthy. This option can only be used for Internal TCP/UDP Load Balancing.", "value": "CLIENT_IP_NO_DESTINATION" }, { "name": "ClientIpPortProto", "description": "5-tuple hash on packet's source and destination IP addresses, IP protocol, and source and destination ports. Connections for the same IP protocol from the same source IP address and port to the same destination IP address and port will be served by the same backend VM while that VM remains healthy. This option cannot be used for HTTP(S) load balancing.", "value": "CLIENT_IP_PORT_PROTO" }, { "name": "ClientIpProto", "description": "3-tuple hash on packet's source and destination IP addresses, and IP protocol. Connections for the same IP protocol from the same source IP address to the same destination IP address will be served by the same backend VM while that VM remains healthy. This option cannot be used for HTTP(S) load balancing.", "value": "CLIENT_IP_PROTO" }, { "name": "GeneratedCookie", "description": "Hash based on a cookie generated by the L7 loadbalancer. Only valid for HTTP(S) load balancing.", "value": "GENERATED_COOKIE" }, { "name": "HeaderField", "description": "The hash is based on a user specified header field.", "value": "HEADER_FIELD" }, { "name": "HttpCookie", "description": "The hash is based on a user provided cookie.", "value": "HTTP_COOKIE" }, { "name": "None", "description": "No session affinity. Connections from the same client IP may go to any instance in the pool.", "value": "NONE" } ] }, "google-native:compute/alpha:BackendServiceUsedBy": { "properties": { "reference": { "type": "string" } }, "type": "object" }, "google-native:compute/alpha:BackendServiceUsedByResponse": { "properties": { "reference": { "type": "string" } }, "type": "object", "required": [ "reference" ] }, "google-native:compute/alpha:BackendServiceVpcNetworkScope": { "description": "The network scope of the backends that can be added to the backend service. This field can be either GLOBAL_VPC_NETWORK or REGIONAL_VPC_NETWORK. A backend service with the VPC scope set to GLOBAL_VPC_NETWORK is only allowed to have backends in global VPC networks. When the VPC scope is set to REGIONAL_VPC_NETWORK the backend service is only allowed to have backends in regional networks in the same scope as the backend service. Note: if not specified then GLOBAL_VPC_NETWORK will be used.", "type": "string", "enum": [ { "name": "GlobalVpcNetwork", "description": "The backend service can only have backends in global VPCs", "value": "GLOBAL_VPC_NETWORK" }, { "name": "RegionalVpcNetwork", "description": "The backend service can only have backends in regional VPCs", "value": "REGIONAL_VPC_NETWORK" } ] }, "google-native:compute/alpha:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "bindingId": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "condition": { "$ref": "#/types/google-native:compute%2Falpha:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:compute/alpha:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "bindingId": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "condition": { "$ref": "#/types/google-native:compute%2Falpha:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "bindingId", "condition", "members", "role" ] }, "google-native:compute/alpha:BulkInsertInstanceResource": { "description": "A transient resource used in compute.instances.bulkInsert and compute.regionInstances.bulkInsert . This resource is not persisted anywhere, it is used only for processing the requests.", "properties": { "count": { "type": "string", "description": "The maximum number of instances to create." }, "instanceProperties": { "$ref": "#/types/google-native:compute%2Falpha:InstanceProperties", "description": "The instance properties defining the VM instances to be created. Required if sourceInstanceTemplate is not provided." }, "locationPolicy": { "$ref": "#/types/google-native:compute%2Falpha:LocationPolicy", "description": "Policy for chosing target zone. For more information, see Create VMs in bulk ." }, "minCount": { "type": "string", "description": "The minimum number of instances to create. If no min_count is specified then count is used as the default value. If min_count instances cannot be created, then no instances will be created and instances already created will be deleted." }, "namePattern": { "type": "string", "description": "The string pattern used for the names of the VMs. Either name_pattern or per_instance_properties must be set. The pattern must contain one continuous sequence of placeholder hash characters (#) with each character corresponding to one digit of the generated instance name. Example: a name_pattern of inst-#### generates instance names such as inst-0001 and inst-0002. If existing instances in the same project and zone have names that match the name pattern then the generated instance numbers start after the biggest existing number. For example, if there exists an instance with name inst-0050, then instance names generated using the pattern inst-#### begin with inst-0051. The name pattern placeholder #...# can contain up to 18 characters." }, "perInstanceProperties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Per-instance properties to be set on individual instances. Keys of this map specify requested instance names. Can be empty if name_pattern is used." }, "sourceInstanceTemplate": { "type": "string", "description": "Specifies the instance template from which to create instances. You may combine sourceInstanceTemplate with instanceProperties to override specific values from an existing instance template. Bulk API follows the semantics of JSON Merge Patch described by RFC 7396. It can be a full or partial URL. For example, the following are all valid URLs to an instance template: - https://www.googleapis.com/compute/v1/projects/project /global/instanceTemplates/instanceTemplate - projects/project/global/instanceTemplates/instanceTemplate - global/instanceTemplates/instanceTemplate This field is optional." } }, "type": "object" }, "google-native:compute/alpha:BulkInsertInstanceResourceResponse": { "description": "A transient resource used in compute.instances.bulkInsert and compute.regionInstances.bulkInsert . This resource is not persisted anywhere, it is used only for processing the requests.", "properties": { "count": { "type": "string", "description": "The maximum number of instances to create." }, "instanceProperties": { "$ref": "#/types/google-native:compute%2Falpha:InstancePropertiesResponse", "description": "The instance properties defining the VM instances to be created. Required if sourceInstanceTemplate is not provided." }, "locationPolicy": { "$ref": "#/types/google-native:compute%2Falpha:LocationPolicyResponse", "description": "Policy for chosing target zone. For more information, see Create VMs in bulk ." }, "minCount": { "type": "string", "description": "The minimum number of instances to create. If no min_count is specified then count is used as the default value. If min_count instances cannot be created, then no instances will be created and instances already created will be deleted." }, "namePattern": { "type": "string", "description": "The string pattern used for the names of the VMs. Either name_pattern or per_instance_properties must be set. The pattern must contain one continuous sequence of placeholder hash characters (#) with each character corresponding to one digit of the generated instance name. Example: a name_pattern of inst-#### generates instance names such as inst-0001 and inst-0002. If existing instances in the same project and zone have names that match the name pattern then the generated instance numbers start after the biggest existing number. For example, if there exists an instance with name inst-0050, then instance names generated using the pattern inst-#### begin with inst-0051. The name pattern placeholder #...# can contain up to 18 characters." }, "perInstanceProperties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Per-instance properties to be set on individual instances. Keys of this map specify requested instance names. Can be empty if name_pattern is used." }, "sourceInstanceTemplate": { "type": "string", "description": "Specifies the instance template from which to create instances. You may combine sourceInstanceTemplate with instanceProperties to override specific values from an existing instance template. Bulk API follows the semantics of JSON Merge Patch described by RFC 7396. It can be a full or partial URL. For example, the following are all valid URLs to an instance template: - https://www.googleapis.com/compute/v1/projects/project /global/instanceTemplates/instanceTemplate - projects/project/global/instanceTemplates/instanceTemplate - global/instanceTemplates/instanceTemplate This field is optional." } }, "type": "object", "required": [ "count", "instanceProperties", "locationPolicy", "minCount", "namePattern", "perInstanceProperties", "sourceInstanceTemplate" ] }, "google-native:compute/alpha:CacheKeyPolicy": { "description": "Message containing what to include in the cache key for a request for Cloud CDN.", "properties": { "includeHost": { "type": "boolean", "description": "If true, requests to different hosts will be cached separately." }, "includeHttpHeaders": { "type": "array", "items": { "type": "string" }, "description": "Allows HTTP request headers (by name) to be used in the cache key." }, "includeNamedCookies": { "type": "array", "items": { "type": "string" }, "description": "Allows HTTP cookies (by name) to be used in the cache key. The name=value pair will be used in the cache key Cloud CDN generates." }, "includeProtocol": { "type": "boolean", "description": "If true, http and https requests will be cached separately." }, "includeQueryString": { "type": "boolean", "description": "If true, include query string parameters in the cache key according to query_string_whitelist and query_string_blacklist. If neither is set, the entire query string will be included. If false, the query string will be excluded from the cache key entirely." }, "queryStringBlacklist": { "type": "array", "items": { "type": "string" }, "description": "Names of query string parameters to exclude in cache keys. All other parameters will be included. Either specify query_string_whitelist or query_string_blacklist, not both. '&' and '=' will be percent encoded and not treated as delimiters." }, "queryStringWhitelist": { "type": "array", "items": { "type": "string" }, "description": "Names of query string parameters to include in cache keys. All other parameters will be excluded. Either specify query_string_whitelist or query_string_blacklist, not both. '&' and '=' will be percent encoded and not treated as delimiters." } }, "type": "object" }, "google-native:compute/alpha:CacheKeyPolicyResponse": { "description": "Message containing what to include in the cache key for a request for Cloud CDN.", "properties": { "includeHost": { "type": "boolean", "description": "If true, requests to different hosts will be cached separately." }, "includeHttpHeaders": { "type": "array", "items": { "type": "string" }, "description": "Allows HTTP request headers (by name) to be used in the cache key." }, "includeNamedCookies": { "type": "array", "items": { "type": "string" }, "description": "Allows HTTP cookies (by name) to be used in the cache key. The name=value pair will be used in the cache key Cloud CDN generates." }, "includeProtocol": { "type": "boolean", "description": "If true, http and https requests will be cached separately." }, "includeQueryString": { "type": "boolean", "description": "If true, include query string parameters in the cache key according to query_string_whitelist and query_string_blacklist. If neither is set, the entire query string will be included. If false, the query string will be excluded from the cache key entirely." }, "queryStringBlacklist": { "type": "array", "items": { "type": "string" }, "description": "Names of query string parameters to exclude in cache keys. All other parameters will be included. Either specify query_string_whitelist or query_string_blacklist, not both. '&' and '=' will be percent encoded and not treated as delimiters." }, "queryStringWhitelist": { "type": "array", "items": { "type": "string" }, "description": "Names of query string parameters to include in cache keys. All other parameters will be excluded. Either specify query_string_whitelist or query_string_blacklist, not both. '&' and '=' will be percent encoded and not treated as delimiters." } }, "type": "object", "required": [ "includeHost", "includeHttpHeaders", "includeNamedCookies", "includeProtocol", "includeQueryString", "queryStringBlacklist", "queryStringWhitelist" ] }, "google-native:compute/alpha:CallCredentials": { "description": "[Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server.", "properties": { "callCredentialType": { "$ref": "#/types/google-native:compute%2Falpha:CallCredentialsCallCredentialType", "description": "The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server." }, "fromPlugin": { "$ref": "#/types/google-native:compute%2Falpha:MetadataCredentialsFromPlugin", "description": "Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN." } }, "type": "object" }, "google-native:compute/alpha:CallCredentialsCallCredentialType": { "description": "The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server.", "type": "string", "enum": [ { "name": "FromPlugin", "description": "Custom authenticator credentials are used to access the SDS server.", "value": "FROM_PLUGIN" }, { "name": "GceVm", "description": "The local GCE VM service account credentials are used to access the SDS server.", "value": "GCE_VM" }, { "name": "Invalid", "value": "INVALID" } ] }, "google-native:compute/alpha:CallCredentialsResponse": { "description": "[Deprecated] gRPC call credentials to access the SDS server. gRPC call credentials to access the SDS server.", "properties": { "callCredentialType": { "type": "string", "description": "The type of call credentials to use for GRPC requests to the SDS server. This field can be set to one of the following: - GCE_VM: The local GCE VM service account credentials are used to access the SDS server. - FROM_PLUGIN: Custom authenticator credentials are used to access the SDS server." }, "fromPlugin": { "$ref": "#/types/google-native:compute%2Falpha:MetadataCredentialsFromPluginResponse", "description": "Custom authenticator credentials. Valid if callCredentialType is FROM_PLUGIN." } }, "type": "object", "required": [ "callCredentialType", "fromPlugin" ] }, "google-native:compute/alpha:ChannelCredentials": { "description": "[Deprecated] gRPC channel credentials to access the SDS server. gRPC channel credentials to access the SDS server.", "properties": { "certificates": { "$ref": "#/types/google-native:compute%2Falpha:TlsCertificatePaths", "description": "The call credentials to access the SDS server." }, "channelCredentialType": { "$ref": "#/types/google-native:compute%2Falpha:ChannelCredentialsChannelCredentialType", "description": "The channel credentials to access the SDS server. This field can be set to one of the following: CERTIFICATES: Use TLS certificates to access the SDS server. GCE_VM: Use local GCE VM credentials to access the SDS server." } }, "type": "object" }, "google-native:compute/alpha:ChannelCredentialsChannelCredentialType": { "description": "The channel credentials to access the SDS server. This field can be set to one of the following: CERTIFICATES: Use TLS certificates to access the SDS server. GCE_VM: Use local GCE VM credentials to access the SDS server.", "type": "string", "enum": [ { "name": "Certificates", "description": "Use TLS certificates to access the SDS server.", "value": "CERTIFICATES" }, { "name": "GceVm", "description": "Use local GCE VM credentials to access the SDS server.", "value": "GCE_VM" }, { "name": "Invalid", "value": "INVALID" } ] }, "google-native:compute/alpha:ChannelCredentialsResponse": { "description": "[Deprecated] gRPC channel credentials to access the SDS server. gRPC channel credentials to access the SDS server.", "properties": { "certificates": { "$ref": "#/types/google-native:compute%2Falpha:TlsCertificatePathsResponse", "description": "The call credentials to access the SDS server." }, "channelCredentialType": { "type": "string", "description": "The channel credentials to access the SDS server. This field can be set to one of the following: CERTIFICATES: Use TLS certificates to access the SDS server. GCE_VM: Use local GCE VM credentials to access the SDS server." } }, "type": "object", "required": [ "certificates", "channelCredentialType" ] }, "google-native:compute/alpha:CircuitBreakers": { "description": "Settings controlling the volume of requests, connections and retries to this backend service.", "properties": { "connectTimeout": { "$ref": "#/types/google-native:compute%2Falpha:Duration", "description": "The timeout for new network connections to hosts." }, "maxConnections": { "type": "integer", "description": "The maximum number of connections to the backend service. If not specified, there is no limit. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true." }, "maxPendingRequests": { "type": "integer", "description": "The maximum number of pending requests allowed to the backend service. If not specified, there is no limit. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true." }, "maxRequests": { "type": "integer", "description": "The maximum number of parallel requests that allowed to the backend service. If not specified, there is no limit." }, "maxRequestsPerConnection": { "type": "integer", "description": "Maximum requests for a single connection to the backend service. This parameter is respected by both the HTTP/1.1 and HTTP/2 implementations. If not specified, there is no limit. Setting this parameter to 1 will effectively disable keep alive. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true." }, "maxRetries": { "type": "integer", "description": "The maximum number of parallel retries allowed to the backend cluster. If not specified, the default is 1. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true." } }, "type": "object" }, "google-native:compute/alpha:CircuitBreakersResponse": { "description": "Settings controlling the volume of requests, connections and retries to this backend service.", "properties": { "connectTimeout": { "$ref": "#/types/google-native:compute%2Falpha:DurationResponse", "description": "The timeout for new network connections to hosts." }, "maxConnections": { "type": "integer", "description": "The maximum number of connections to the backend service. If not specified, there is no limit. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true." }, "maxPendingRequests": { "type": "integer", "description": "The maximum number of pending requests allowed to the backend service. If not specified, there is no limit. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true." }, "maxRequests": { "type": "integer", "description": "The maximum number of parallel requests that allowed to the backend service. If not specified, there is no limit." }, "maxRequestsPerConnection": { "type": "integer", "description": "Maximum requests for a single connection to the backend service. This parameter is respected by both the HTTP/1.1 and HTTP/2 implementations. If not specified, there is no limit. Setting this parameter to 1 will effectively disable keep alive. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true." }, "maxRetries": { "type": "integer", "description": "The maximum number of parallel retries allowed to the backend cluster. If not specified, the default is 1. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true." } }, "type": "object", "required": [ "connectTimeout", "maxConnections", "maxPendingRequests", "maxRequests", "maxRequestsPerConnection", "maxRetries" ] }, "google-native:compute/alpha:ClientTlsSettings": { "description": "[Deprecated] The client side authentication settings for connection originating from the backend service. the backend service.", "properties": { "clientTlsContext": { "$ref": "#/types/google-native:compute%2Falpha:TlsContext", "description": "Configures the mechanism to obtain client-side security certificates and identity information. This field is only applicable when mode is set to MUTUAL." }, "mode": { "$ref": "#/types/google-native:compute%2Falpha:ClientTlsSettingsMode", "description": "Indicates whether connections to this port should be secured using TLS. The value of this field determines how TLS is enforced. This can be set to one of the following values: DISABLE: Do not setup a TLS connection to the backends. SIMPLE: Originate a TLS connection to the backends. MUTUAL: Secure connections to the backends using mutual TLS by presenting client certificates for authentication." }, "sni": { "type": "string", "description": "SNI string to present to the server during TLS handshake. This field is applicable only when mode is SIMPLE or MUTUAL." }, "subjectAltNames": { "type": "array", "items": { "type": "string" }, "description": "A list of alternate names to verify the subject identity in the certificate.If specified, the proxy will verify that the server certificate's subject alt name matches one of the specified values. This field is applicable only when mode is SIMPLE or MUTUAL." } }, "type": "object" }, "google-native:compute/alpha:ClientTlsSettingsMode": { "description": "Indicates whether connections to this port should be secured using TLS. The value of this field determines how TLS is enforced. This can be set to one of the following values: DISABLE: Do not setup a TLS connection to the backends. SIMPLE: Originate a TLS connection to the backends. MUTUAL: Secure connections to the backends using mutual TLS by presenting client certificates for authentication.", "type": "string", "enum": [ { "name": "Disable", "description": "Do not setup a TLS connection to the backends.", "value": "DISABLE" }, { "name": "Invalid", "value": "INVALID" }, { "name": "Mutual", "description": "Secure connections to the backends using mutual TLS by presenting client certificates for authentication.", "value": "MUTUAL" }, { "name": "Simple", "description": "Originate a TLS connection to the backends.", "value": "SIMPLE" } ] }, "google-native:compute/alpha:ClientTlsSettingsResponse": { "description": "[Deprecated] The client side authentication settings for connection originating from the backend service. the backend service.", "properties": { "clientTlsContext": { "$ref": "#/types/google-native:compute%2Falpha:TlsContextResponse", "description": "Configures the mechanism to obtain client-side security certificates and identity information. This field is only applicable when mode is set to MUTUAL." }, "mode": { "type": "string", "description": "Indicates whether connections to this port should be secured using TLS. The value of this field determines how TLS is enforced. This can be set to one of the following values: DISABLE: Do not setup a TLS connection to the backends. SIMPLE: Originate a TLS connection to the backends. MUTUAL: Secure connections to the backends using mutual TLS by presenting client certificates for authentication." }, "sni": { "type": "string", "description": "SNI string to present to the server during TLS handshake. This field is applicable only when mode is SIMPLE or MUTUAL." }, "subjectAltNames": { "type": "array", "items": { "type": "string" }, "description": "A list of alternate names to verify the subject identity in the certificate.If specified, the proxy will verify that the server certificate's subject alt name matches one of the specified values. This field is applicable only when mode is SIMPLE or MUTUAL." } }, "type": "object", "required": [ "clientTlsContext", "mode", "sni", "subjectAltNames" ] }, "google-native:compute/alpha:CommitmentResourceStatusCancellationInformationResponse": { "properties": { "canceledCommitment": { "$ref": "#/types/google-native:compute%2Falpha:MoneyResponse", "description": "An optional amount of CUDs canceled so far in the last 365 days." }, "canceledCommitmentLastUpdatedTimestamp": { "type": "string", "description": "An optional last update time of canceled_commitment. RFC3339 text format." }, "cancellationCap": { "$ref": "#/types/google-native:compute%2Falpha:MoneyResponse", "description": "An optional,the cancellation cap for how much commitments can be canceled in a rolling 365 per billing account." }, "cancellationFee": { "$ref": "#/types/google-native:compute%2Falpha:MoneyResponse", "description": "An optional, cancellation fee." }, "cancellationFeeExpirationTimestamp": { "type": "string", "description": "An optional, cancellation fee expiration time. RFC3339 text format." } }, "type": "object", "required": [ "canceledCommitment", "canceledCommitmentLastUpdatedTimestamp", "cancellationCap", "cancellationFee", "cancellationFeeExpirationTimestamp" ] }, "google-native:compute/alpha:CommitmentResourceStatusResponse": { "description": "[Output Only] Contains output only fields.", "properties": { "cancellationInformation": { "$ref": "#/types/google-native:compute%2Falpha:CommitmentResourceStatusCancellationInformationResponse", "description": "An optional, contains all the needed information of cancellation." } }, "type": "object", "required": [ "cancellationInformation" ] }, "google-native:compute/alpha:Condition": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "iam": { "$ref": "#/types/google-native:compute%2Falpha:ConditionIam", "description": "This is deprecated and has no effect. Do not use." }, "op": { "$ref": "#/types/google-native:compute%2Falpha:ConditionOp", "description": "This is deprecated and has no effect. Do not use." }, "svc": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "sys": { "$ref": "#/types/google-native:compute%2Falpha:ConditionSys", "description": "This is deprecated and has no effect. Do not use." }, "values": { "type": "array", "items": { "type": "string" }, "description": "This is deprecated and has no effect. Do not use." } }, "type": "object" }, "google-native:compute/alpha:ConditionIam": { "description": "This is deprecated and has no effect. Do not use.", "type": "string", "enum": [ { "name": "Approver", "description": "This is deprecated and has no effect. Do not use.", "value": "APPROVER" }, { "name": "Attribution", "description": "This is deprecated and has no effect. Do not use.", "value": "ATTRIBUTION" }, { "name": "Authority", "description": "This is deprecated and has no effect. Do not use.", "value": "AUTHORITY" }, { "name": "CredentialsType", "description": "This is deprecated and has no effect. Do not use.", "value": "CREDENTIALS_TYPE" }, { "name": "CredsAssertion", "description": "This is deprecated and has no effect. Do not use.", "value": "CREDS_ASSERTION" }, { "name": "JustificationType", "description": "This is deprecated and has no effect. Do not use.", "value": "JUSTIFICATION_TYPE" }, { "name": "NoAttr", "description": "This is deprecated and has no effect. Do not use.", "value": "NO_ATTR" }, { "name": "SecurityRealm", "description": "This is deprecated and has no effect. Do not use.", "value": "SECURITY_REALM" } ] }, "google-native:compute/alpha:ConditionOp": { "description": "This is deprecated and has no effect. Do not use.", "type": "string", "enum": [ { "name": "Discharged", "description": "This is deprecated and has no effect. Do not use.", "value": "DISCHARGED" }, { "name": "Equals", "description": "This is deprecated and has no effect. Do not use.", "value": "EQUALS" }, { "name": "In", "description": "This is deprecated and has no effect. Do not use.", "value": "IN" }, { "name": "NotEquals", "description": "This is deprecated and has no effect. Do not use.", "value": "NOT_EQUALS" }, { "name": "NotIn", "description": "This is deprecated and has no effect. Do not use.", "value": "NOT_IN" }, { "name": "NoOp", "description": "This is deprecated and has no effect. Do not use.", "value": "NO_OP" } ] }, "google-native:compute/alpha:ConditionResponse": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "iam": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "op": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "svc": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "sys": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "values": { "type": "array", "items": { "type": "string" }, "description": "This is deprecated and has no effect. Do not use." } }, "type": "object", "required": [ "iam", "op", "svc", "sys", "values" ] }, "google-native:compute/alpha:ConditionSys": { "description": "This is deprecated and has no effect. Do not use.", "type": "string", "enum": [ { "name": "Ip", "description": "This is deprecated and has no effect. Do not use.", "value": "IP" }, { "name": "Name", "description": "This is deprecated and has no effect. Do not use.", "value": "NAME" }, { "name": "NoAttr", "description": "This is deprecated and has no effect. Do not use.", "value": "NO_ATTR" }, { "name": "Region", "description": "This is deprecated and has no effect. Do not use.", "value": "REGION" }, { "name": "Service", "description": "This is deprecated and has no effect. Do not use.", "value": "SERVICE" } ] }, "google-native:compute/alpha:ConfidentialInstanceConfig": { "description": "A set of Confidential Instance options.", "properties": { "confidentialInstanceType": { "$ref": "#/types/google-native:compute%2Falpha:ConfidentialInstanceConfigConfidentialInstanceType", "description": "Defines the type of technology used by the confidential instance." }, "enableConfidentialCompute": { "type": "boolean", "description": "Defines whether the instance should have confidential compute enabled." } }, "type": "object" }, "google-native:compute/alpha:ConfidentialInstanceConfigConfidentialInstanceType": { "description": "Defines the type of technology used by the confidential instance.", "type": "string", "enum": [ { "name": "ConfidentialInstanceTypeUnspecified", "description": "No type specified. Do not use this value.", "value": "CONFIDENTIAL_INSTANCE_TYPE_UNSPECIFIED" }, { "name": "Sev", "description": "AMD Secure Encrypted Virtualization.", "value": "SEV" }, { "name": "SevSnp", "description": "AMD Secure Encrypted Virtualization - Secure Nested Paging.", "value": "SEV_SNP" }, { "name": "Tdx", "description": "Intel Trust Domain eXtension.", "value": "TDX" } ] }, "google-native:compute/alpha:ConfidentialInstanceConfigResponse": { "description": "A set of Confidential Instance options.", "properties": { "confidentialInstanceType": { "type": "string", "description": "Defines the type of technology used by the confidential instance." }, "enableConfidentialCompute": { "type": "boolean", "description": "Defines whether the instance should have confidential compute enabled." } }, "type": "object", "required": [ "confidentialInstanceType", "enableConfidentialCompute" ] }, "google-native:compute/alpha:ConnectionDraining": { "description": "Message containing connection draining configuration.", "properties": { "drainingTimeoutSec": { "type": "integer", "description": "Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining." } }, "type": "object" }, "google-native:compute/alpha:ConnectionDrainingResponse": { "description": "Message containing connection draining configuration.", "properties": { "drainingTimeoutSec": { "type": "integer", "description": "Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining." } }, "type": "object", "required": [ "drainingTimeoutSec" ] }, "google-native:compute/alpha:ConsistentHashLoadBalancerSettings": { "description": "This message defines settings for a consistent hash style load balancer.", "properties": { "httpCookie": { "$ref": "#/types/google-native:compute%2Falpha:ConsistentHashLoadBalancerSettingsHttpCookie", "description": "Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true." }, "httpHeaderName": { "type": "string", "description": "The hash based on the value of the specified header field. This field is applicable if the sessionAffinity is set to HEADER_FIELD." }, "minimumRingSize": { "type": "string", "description": "The minimum number of virtual nodes to use for the hash ring. Defaults to 1024. Larger ring sizes result in more granular load distributions. If the number of hosts in the load balancing pool is larger than the ring size, each host will be assigned a single virtual node." } }, "type": "object" }, "google-native:compute/alpha:ConsistentHashLoadBalancerSettingsHttpCookie": { "description": "The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash.", "properties": { "name": { "type": "string", "description": "Name of the cookie." }, "path": { "type": "string", "description": "Path to set for the cookie." }, "ttl": { "$ref": "#/types/google-native:compute%2Falpha:Duration", "description": "Lifetime of the cookie." } }, "type": "object" }, "google-native:compute/alpha:ConsistentHashLoadBalancerSettingsHttpCookieResponse": { "description": "The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash.", "properties": { "name": { "type": "string", "description": "Name of the cookie." }, "path": { "type": "string", "description": "Path to set for the cookie." }, "ttl": { "$ref": "#/types/google-native:compute%2Falpha:DurationResponse", "description": "Lifetime of the cookie." } }, "type": "object", "required": [ "name", "path", "ttl" ] }, "google-native:compute/alpha:ConsistentHashLoadBalancerSettingsResponse": { "description": "This message defines settings for a consistent hash style load balancer.", "properties": { "httpCookie": { "$ref": "#/types/google-native:compute%2Falpha:ConsistentHashLoadBalancerSettingsHttpCookieResponse", "description": "Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true." }, "httpHeaderName": { "type": "string", "description": "The hash based on the value of the specified header field. This field is applicable if the sessionAffinity is set to HEADER_FIELD." }, "minimumRingSize": { "type": "string", "description": "The minimum number of virtual nodes to use for the hash ring. Defaults to 1024. Larger ring sizes result in more granular load distributions. If the number of hosts in the load balancing pool is larger than the ring size, each host will be assigned a single virtual node." } }, "type": "object", "required": [ "httpCookie", "httpHeaderName", "minimumRingSize" ] }, "google-native:compute/alpha:CorsPolicy": { "description": "The specification for allowing client-side cross-origin requests. For more information about the W3C recommendation for cross-origin resource sharing (CORS), see Fetch API Living Standard.", "properties": { "allowCredentials": { "type": "boolean", "description": "In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This field translates to the Access-Control-Allow-Credentials header. Default is false." }, "allowHeaders": { "type": "array", "items": { "type": "string" }, "description": "Specifies the content for the Access-Control-Allow-Headers header." }, "allowMethods": { "type": "array", "items": { "type": "string" }, "description": "Specifies the content for the Access-Control-Allow-Methods header." }, "allowOriginRegexes": { "type": "array", "items": { "type": "string" }, "description": "Specifies a regular expression that matches allowed origins. For more information about the regular expression syntax, see Syntax. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. Regular expressions can only be used when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED." }, "allowOrigins": { "type": "array", "items": { "type": "string" }, "description": "Specifies the list of origins that is allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes." }, "disabled": { "type": "boolean", "description": "If true, the setting specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect." }, "exposeHeaders": { "type": "array", "items": { "type": "string" }, "description": "Specifies the content for the Access-Control-Expose-Headers header." }, "maxAge": { "type": "integer", "description": "Specifies how long results of a preflight request can be cached in seconds. This field translates to the Access-Control-Max-Age header." } }, "type": "object" }, "google-native:compute/alpha:CorsPolicyResponse": { "description": "The specification for allowing client-side cross-origin requests. For more information about the W3C recommendation for cross-origin resource sharing (CORS), see Fetch API Living Standard.", "properties": { "allowCredentials": { "type": "boolean", "description": "In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This field translates to the Access-Control-Allow-Credentials header. Default is false." }, "allowHeaders": { "type": "array", "items": { "type": "string" }, "description": "Specifies the content for the Access-Control-Allow-Headers header." }, "allowMethods": { "type": "array", "items": { "type": "string" }, "description": "Specifies the content for the Access-Control-Allow-Methods header." }, "allowOriginRegexes": { "type": "array", "items": { "type": "string" }, "description": "Specifies a regular expression that matches allowed origins. For more information about the regular expression syntax, see Syntax. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. Regular expressions can only be used when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED." }, "allowOrigins": { "type": "array", "items": { "type": "string" }, "description": "Specifies the list of origins that is allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes." }, "disabled": { "type": "boolean", "description": "If true, the setting specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect." }, "exposeHeaders": { "type": "array", "items": { "type": "string" }, "description": "Specifies the content for the Access-Control-Expose-Headers header." }, "maxAge": { "type": "integer", "description": "Specifies how long results of a preflight request can be cached in seconds. This field translates to the Access-Control-Max-Age header." } }, "type": "object", "required": [ "allowCredentials", "allowHeaders", "allowMethods", "allowOriginRegexes", "allowOrigins", "disabled", "exposeHeaders", "maxAge" ] }, "google-native:compute/alpha:CustomErrorResponsePolicy": { "description": "Specifies the custom error response policy that must be applied when the backend service or backend bucket responds with an error.", "properties": { "errorResponseRules": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:CustomErrorResponsePolicyCustomErrorResponseRule" }, "description": "Specifies rules for returning error responses. In a given policy, if you specify rules for both a range of error codes as well as rules for specific error codes then rules with specific error codes have a higher priority. For example, assume that you configure a rule for 401 (Un-authorized) code, and another for all 4 series error codes (4XX). If the backend service returns a 401, then the rule for 401 will be applied. However if the backend service returns a 403, the rule for 4xx takes effect." }, "errorService": { "type": "string", "description": "The full or partial URL to the BackendBucket resource that contains the custom error content. Examples are: - https://www.googleapis.com/compute/v1/projects/project/global/backendBuckets/myBackendBucket - compute/v1/projects/project/global/backendBuckets/myBackendBucket - global/backendBuckets/myBackendBucket If errorService is not specified at lower levels like pathMatcher, pathRule and routeRule, an errorService specified at a higher level in the UrlMap will be used. If UrlMap.defaultCustomErrorResponsePolicy contains one or more errorResponseRules[], it must specify errorService. If load balancer cannot reach the backendBucket, a simple Not Found Error will be returned, with the original response code (or overrideResponseCode if configured). errorService is not supported for internal or regional HTTP/HTTPS load balancers." } }, "type": "object" }, "google-native:compute/alpha:CustomErrorResponsePolicyCustomErrorResponseRule": { "description": "Specifies the mapping between the response code that will be returned along with the custom error content and the response code returned by the backend service.", "properties": { "matchResponseCodes": { "type": "array", "items": { "type": "string" }, "description": "Valid values include: - A number between 400 and 599: For example 401 or 503, in which case the load balancer applies the policy if the error code exactly matches this value. - 5xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 500 to 599. - 4xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 400 to 499. Values must be unique within matchResponseCodes and across all errorResponseRules of CustomErrorResponsePolicy." }, "overrideResponseCode": { "type": "integer", "description": "The HTTP status code returned with the response containing the custom error content. If overrideResponseCode is not supplied, the same response code returned by the original backend bucket or backend service is returned to the client." }, "path": { "type": "string", "description": "The full path to a file within backendBucket . For example: /errors/defaultError.html path must start with a leading slash. path cannot have trailing slashes. If the file is not available in backendBucket or the load balancer cannot reach the BackendBucket, a simple Not Found Error is returned to the client. The value must be from 1 to 1024 characters" } }, "type": "object" }, "google-native:compute/alpha:CustomErrorResponsePolicyCustomErrorResponseRuleResponse": { "description": "Specifies the mapping between the response code that will be returned along with the custom error content and the response code returned by the backend service.", "properties": { "matchResponseCodes": { "type": "array", "items": { "type": "string" }, "description": "Valid values include: - A number between 400 and 599: For example 401 or 503, in which case the load balancer applies the policy if the error code exactly matches this value. - 5xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 500 to 599. - 4xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 400 to 499. Values must be unique within matchResponseCodes and across all errorResponseRules of CustomErrorResponsePolicy." }, "overrideResponseCode": { "type": "integer", "description": "The HTTP status code returned with the response containing the custom error content. If overrideResponseCode is not supplied, the same response code returned by the original backend bucket or backend service is returned to the client." }, "path": { "type": "string", "description": "The full path to a file within backendBucket . For example: /errors/defaultError.html path must start with a leading slash. path cannot have trailing slashes. If the file is not available in backendBucket or the load balancer cannot reach the BackendBucket, a simple Not Found Error is returned to the client. The value must be from 1 to 1024 characters" } }, "type": "object", "required": [ "matchResponseCodes", "overrideResponseCode", "path" ] }, "google-native:compute/alpha:CustomErrorResponsePolicyResponse": { "description": "Specifies the custom error response policy that must be applied when the backend service or backend bucket responds with an error.", "properties": { "errorResponseRules": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:CustomErrorResponsePolicyCustomErrorResponseRuleResponse" }, "description": "Specifies rules for returning error responses. In a given policy, if you specify rules for both a range of error codes as well as rules for specific error codes then rules with specific error codes have a higher priority. For example, assume that you configure a rule for 401 (Un-authorized) code, and another for all 4 series error codes (4XX). If the backend service returns a 401, then the rule for 401 will be applied. However if the backend service returns a 403, the rule for 4xx takes effect." }, "errorService": { "type": "string", "description": "The full or partial URL to the BackendBucket resource that contains the custom error content. Examples are: - https://www.googleapis.com/compute/v1/projects/project/global/backendBuckets/myBackendBucket - compute/v1/projects/project/global/backendBuckets/myBackendBucket - global/backendBuckets/myBackendBucket If errorService is not specified at lower levels like pathMatcher, pathRule and routeRule, an errorService specified at a higher level in the UrlMap will be used. If UrlMap.defaultCustomErrorResponsePolicy contains one or more errorResponseRules[], it must specify errorService. If load balancer cannot reach the backendBucket, a simple Not Found Error will be returned, with the original response code (or overrideResponseCode if configured). errorService is not supported for internal or regional HTTP/HTTPS load balancers." } }, "type": "object", "required": [ "errorResponseRules", "errorService" ] }, "google-native:compute/alpha:CustomerEncryptionKey": { "properties": { "kmsKeyName": { "type": "string", "description": "The name of the encryption key that is stored in Google Cloud KMS. For example: \"kmsKeyName\": \"projects/kms_project_id/locations/region/keyRings/ key_region/cryptoKeys/key The fully-qualifed key name may be returned for resource GET requests. For example: \"kmsKeyName\": \"projects/kms_project_id/locations/region/keyRings/ key_region/cryptoKeys/key /cryptoKeyVersions/1 " }, "kmsKeyServiceAccount": { "type": "string", "description": "The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used. For example: \"kmsKeyServiceAccount\": \"name@project_id.iam.gserviceaccount.com/ " }, "rawKey": { "type": "string", "description": "Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: \"rawKey\": \"SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0=\" " }, "rsaEncryptedKey": { "type": "string", "description": "Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: \"rsaEncryptedKey\": \"ieCx/NcW06PcT7Ep1X6LUTc/hLvUDYyzSZPPVCVPTVEohpeHASqC8uw5TzyO9U+Fka9JFH z0mBibXUInrC/jEk014kCK/NPjYgEMOyssZ4ZINPKxlUh2zn1bV+MCaTICrdmuSBTWlUUiFoD D6PYznLwh8ZNdaheCeZ8ewEXgFQ8V+sDroLaN3Xs3MDTXQEMMoNUXMCZEIpg9Vtp9x2oe==\" The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem " } }, "type": "object" }, "google-native:compute/alpha:CustomerEncryptionKeyResponse": { "properties": { "kmsKeyName": { "type": "string", "description": "The name of the encryption key that is stored in Google Cloud KMS. For example: \"kmsKeyName\": \"projects/kms_project_id/locations/region/keyRings/ key_region/cryptoKeys/key The fully-qualifed key name may be returned for resource GET requests. For example: \"kmsKeyName\": \"projects/kms_project_id/locations/region/keyRings/ key_region/cryptoKeys/key /cryptoKeyVersions/1 " }, "kmsKeyServiceAccount": { "type": "string", "description": "The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used. For example: \"kmsKeyServiceAccount\": \"name@project_id.iam.gserviceaccount.com/ " }, "rawKey": { "type": "string", "description": "Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: \"rawKey\": \"SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0=\" " }, "rsaEncryptedKey": { "type": "string", "description": "Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: \"rsaEncryptedKey\": \"ieCx/NcW06PcT7Ep1X6LUTc/hLvUDYyzSZPPVCVPTVEohpeHASqC8uw5TzyO9U+Fka9JFH z0mBibXUInrC/jEk014kCK/NPjYgEMOyssZ4ZINPKxlUh2zn1bV+MCaTICrdmuSBTWlUUiFoD D6PYznLwh8ZNdaheCeZ8ewEXgFQ8V+sDroLaN3Xs3MDTXQEMMoNUXMCZEIpg9Vtp9x2oe==\" The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem " }, "sha256": { "type": "string", "description": "[Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource." } }, "type": "object", "required": [ "kmsKeyName", "kmsKeyServiceAccount", "rawKey", "rsaEncryptedKey", "sha256" ] }, "google-native:compute/alpha:DeprecationStatus": { "description": "Deprecation status for a public resource.", "properties": { "deleted": { "type": "string", "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DELETED. This is only informational and the status will not change unless the client explicitly changes it." }, "deprecated": { "type": "string", "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DEPRECATED. This is only informational and the status will not change unless the client explicitly changes it." }, "obsolete": { "type": "string", "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to OBSOLETE. This is only informational and the status will not change unless the client explicitly changes it." }, "replacement": { "type": "string", "description": "The URL of the suggested replacement for a deprecated resource. The suggested replacement resource must be the same kind of resource as the deprecated resource." }, "state": { "$ref": "#/types/google-native:compute%2Falpha:DeprecationStatusState", "description": "The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error." }, "stateOverride": { "$ref": "#/types/google-native:compute%2Falpha:RolloutPolicy", "description": "The rollout policy for this deprecation. This policy is only enforced by image family views. The rollout policy restricts the zones where the associated resource is considered in a deprecated state. When the rollout policy does not include the user specified zone, or if the zone is rolled out, the associated resource is considered in a deprecated state. The rollout policy for this deprecation is read-only, except for allowlisted users. This field might not be configured. To view the latest non-deprecated image in a specific zone, use the imageFamilyViews.get method." } }, "type": "object" }, "google-native:compute/alpha:DeprecationStatusResponse": { "description": "Deprecation status for a public resource.", "properties": { "deleted": { "type": "string", "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DELETED. This is only informational and the status will not change unless the client explicitly changes it." }, "deprecated": { "type": "string", "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DEPRECATED. This is only informational and the status will not change unless the client explicitly changes it." }, "obsolete": { "type": "string", "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to OBSOLETE. This is only informational and the status will not change unless the client explicitly changes it." }, "replacement": { "type": "string", "description": "The URL of the suggested replacement for a deprecated resource. The suggested replacement resource must be the same kind of resource as the deprecated resource." }, "state": { "type": "string", "description": "The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error." }, "stateOverride": { "$ref": "#/types/google-native:compute%2Falpha:RolloutPolicyResponse", "description": "The rollout policy for this deprecation. This policy is only enforced by image family views. The rollout policy restricts the zones where the associated resource is considered in a deprecated state. When the rollout policy does not include the user specified zone, or if the zone is rolled out, the associated resource is considered in a deprecated state. The rollout policy for this deprecation is read-only, except for allowlisted users. This field might not be configured. To view the latest non-deprecated image in a specific zone, use the imageFamilyViews.get method." } }, "type": "object", "required": [ "deleted", "deprecated", "obsolete", "replacement", "state", "stateOverride" ] }, "google-native:compute/alpha:DeprecationStatusState": { "description": "The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.", "type": "string", "enum": [ { "name": "Active", "value": "ACTIVE" }, { "name": "Deleted", "value": "DELETED" }, { "name": "Deprecated", "value": "DEPRECATED" }, { "name": "Obsolete", "value": "OBSOLETE" } ] }, "google-native:compute/alpha:DiskAccessMode": { "description": "The access mode of the disk. - READ_WRITE_SINGLE: The default AccessMode, means the disk can be attached to single instance in RW mode. - READ_WRITE_MANY: The AccessMode means the disk can be attached to multiple instances in RW mode. - READ_ONLY_MANY: The AccessMode means the disk can be attached to multiple instances in RO mode. The AccessMode is only valid for Hyperdisk disk types.", "type": "string", "enum": [ { "name": "ReadOnlyMany", "description": "The AccessMode means the disk can be attached to multiple instances in RO mode.", "value": "READ_ONLY_MANY" }, { "name": "ReadWriteMany", "description": "The AccessMode means the disk can be attached to multiple instances in RW mode.", "value": "READ_WRITE_MANY" }, { "name": "ReadWriteSingle", "description": "The default AccessMode, means the disk can be attached to single instance in RW mode.", "value": "READ_WRITE_SINGLE" } ] }, "google-native:compute/alpha:DiskArchitecture": { "description": "The architecture of the disk. Valid values are ARM64 or X86_64.", "type": "string", "enum": [ { "name": "ArchitectureUnspecified", "description": "Default value indicating Architecture is not set.", "value": "ARCHITECTURE_UNSPECIFIED" }, { "name": "Arm64", "description": "Machines with architecture ARM64", "value": "ARM64" }, { "name": "X8664", "description": "Machines with architecture X86_64", "value": "X86_64" } ] }, "google-native:compute/alpha:DiskAsyncReplication": { "properties": { "disk": { "type": "string", "description": "The other disk asynchronously replicated to or from the current disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk " } }, "type": "object" }, "google-native:compute/alpha:DiskAsyncReplicationResponse": { "properties": { "consistencyGroupPolicy": { "type": "string", "description": "URL of the DiskConsistencyGroupPolicy if replication was started on the disk as a member of a group." }, "consistencyGroupPolicyId": { "type": "string", "description": "ID of the DiskConsistencyGroupPolicy if replication was started on the disk as a member of a group." }, "disk": { "type": "string", "description": "The other disk asynchronously replicated to or from the current disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk " }, "diskId": { "type": "string", "description": "The unique ID of the other disk asynchronously replicated to or from the current disk. This value identifies the exact disk that was used to create this replication. For example, if you started replicating the persistent disk from a disk that was later deleted and recreated under the same name, the disk ID would identify the exact version of the disk that was used." } }, "type": "object", "required": [ "consistencyGroupPolicy", "consistencyGroupPolicyId", "disk", "diskId" ] }, "google-native:compute/alpha:DiskInstantiationConfig": { "description": "A specification of the desired way to instantiate a disk in the instance template when its created from a source instance.", "properties": { "autoDelete": { "type": "boolean", "description": "Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance)." }, "customImage": { "type": "string", "description": "The custom source image to be used to restore this disk when instantiating this instance template." }, "deviceName": { "type": "string", "description": "Specifies the device name of the disk to which the configurations apply to." }, "instantiateFrom": { "$ref": "#/types/google-native:compute%2Falpha:DiskInstantiationConfigInstantiateFrom", "description": "Specifies whether to include the disk and what image to use. Possible values are: - source-image: to use the same image that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - source-image-family: to use the same image family that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - custom-image: to use a user-provided image url for disk creation. Applicable to the boot disk and additional read-write disks. - attach-read-only: to attach a read-only disk. Applicable to read-only disks. - do-not-include: to exclude a disk from the template. Applicable to additional read-write disks, local SSDs, and read-only disks. " } }, "type": "object" }, "google-native:compute/alpha:DiskInstantiationConfigInstantiateFrom": { "description": "Specifies whether to include the disk and what image to use. Possible values are: - source-image: to use the same image that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - source-image-family: to use the same image family that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - custom-image: to use a user-provided image url for disk creation. Applicable to the boot disk and additional read-write disks. - attach-read-only: to attach a read-only disk. Applicable to read-only disks. - do-not-include: to exclude a disk from the template. Applicable to additional read-write disks, local SSDs, and read-only disks. ", "type": "string", "enum": [ { "name": "AttachReadOnly", "description": "Attach the existing disk in read-only mode. The request will fail if the disk was attached in read-write mode on the source instance. Applicable to: read-only disks.", "value": "ATTACH_READ_ONLY" }, { "name": "Blank", "description": "Create a blank disk. The disk will be created unformatted. Applicable to: additional read-write disks, local SSDs.", "value": "BLANK" }, { "name": "CustomImage", "description": "Use the custom image specified in the custom_image field. Applicable to: boot disk, additional read-write disks.", "value": "CUSTOM_IMAGE" }, { "name": "Default", "description": "Use the default instantiation option for the corresponding type of disk. For boot disk and any other R/W disks, new custom images will be created from each disk. For read-only disks, they will be attached in read-only mode. Local SSD disks will be created as blank volumes.", "value": "DEFAULT" }, { "name": "DoNotInclude", "description": "Do not include the disk in the instance template. Applicable to: additional read-write disks, local SSDs, read-only disks.", "value": "DO_NOT_INCLUDE" }, { "name": "SourceImage", "description": "Use the same source image used for creation of the source instance's corresponding disk. The request will fail if the source VM's disk was created from a snapshot. Applicable to: boot disk, additional read-write disks.", "value": "SOURCE_IMAGE" }, { "name": "SourceImageFamily", "description": "Use the same source image family used for creation of the source instance's corresponding disk. The request will fail if the source image of the source disk does not belong to any image family. Applicable to: boot disk, additional read-write disks.", "value": "SOURCE_IMAGE_FAMILY" } ] }, "google-native:compute/alpha:DiskInstantiationConfigResponse": { "description": "A specification of the desired way to instantiate a disk in the instance template when its created from a source instance.", "properties": { "autoDelete": { "type": "boolean", "description": "Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance)." }, "customImage": { "type": "string", "description": "The custom source image to be used to restore this disk when instantiating this instance template." }, "deviceName": { "type": "string", "description": "Specifies the device name of the disk to which the configurations apply to." }, "instantiateFrom": { "type": "string", "description": "Specifies whether to include the disk and what image to use. Possible values are: - source-image: to use the same image that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - source-image-family: to use the same image family that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - custom-image: to use a user-provided image url for disk creation. Applicable to the boot disk and additional read-write disks. - attach-read-only: to attach a read-only disk. Applicable to read-only disks. - do-not-include: to exclude a disk from the template. Applicable to additional read-write disks, local SSDs, and read-only disks. " } }, "type": "object", "required": [ "autoDelete", "customImage", "deviceName", "instantiateFrom" ] }, "google-native:compute/alpha:DiskInterface": { "description": "[Deprecated] Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI.", "type": "string", "enum": [ { "name": "Nvme", "value": "NVME" }, { "name": "Scsi", "value": "SCSI" }, { "name": "Unspecified", "value": "UNSPECIFIED" } ] }, "google-native:compute/alpha:DiskParams": { "description": "Additional disk params.", "properties": { "resourceManagerTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource manager tags to be bound to the disk. Tag keys and values have the same definition as resource manager tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values are in the format `tagValues/456`. The field is ignored (both PUT & PATCH) when empty." } }, "type": "object" }, "google-native:compute/alpha:DiskParamsResponse": { "description": "Additional disk params.", "properties": { "resourceManagerTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource manager tags to be bound to the disk. Tag keys and values have the same definition as resource manager tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values are in the format `tagValues/456`. The field is ignored (both PUT & PATCH) when empty." } }, "type": "object", "required": [ "resourceManagerTags" ] }, "google-native:compute/alpha:DiskResourceStatusAsyncReplicationStatusResponse": { "properties": { "state": { "type": "string" } }, "type": "object", "required": [ "state" ] }, "google-native:compute/alpha:DiskResourceStatusResponse": { "properties": { "asyncPrimaryDisk": { "$ref": "#/types/google-native:compute%2Falpha:DiskResourceStatusAsyncReplicationStatusResponse" }, "asyncSecondaryDisks": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key: disk, value: AsyncReplicationStatus message" }, "usedBytes": { "type": "string", "description": "Space used by data stored in the disk (in bytes). Note that this field is set only when the disk is in a storage pool." } }, "type": "object", "required": [ "asyncPrimaryDisk", "asyncSecondaryDisks", "usedBytes" ] }, "google-native:compute/alpha:DiskStorageType": { "description": "[Deprecated] Storage type of the persistent disk.", "type": "string", "enum": [ { "name": "Hdd", "value": "HDD" }, { "name": "Ssd", "value": "SSD" } ] }, "google-native:compute/alpha:DisplayDevice": { "description": "A set of Display Device options", "properties": { "enableDisplay": { "type": "boolean", "description": "Defines whether the instance has Display enabled." } }, "type": "object" }, "google-native:compute/alpha:DisplayDeviceResponse": { "description": "A set of Display Device options", "properties": { "enableDisplay": { "type": "boolean", "description": "Defines whether the instance has Display enabled." } }, "type": "object", "required": [ "enableDisplay" ] }, "google-native:compute/alpha:DistributionPolicy": { "properties": { "targetShape": { "$ref": "#/types/google-native:compute%2Falpha:DistributionPolicyTargetShape", "description": "The distribution shape to which the group converges either proactively or on resize events (depending on the value set in updatePolicy.instanceRedistributionType)." }, "zones": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:DistributionPolicyZoneConfiguration" }, "description": "Zones where the regional managed instance group will create and manage its instances." } }, "type": "object" }, "google-native:compute/alpha:DistributionPolicyResponse": { "properties": { "targetShape": { "type": "string", "description": "The distribution shape to which the group converges either proactively or on resize events (depending on the value set in updatePolicy.instanceRedistributionType)." }, "zones": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:DistributionPolicyZoneConfigurationResponse" }, "description": "Zones where the regional managed instance group will create and manage its instances." } }, "type": "object", "required": [ "targetShape", "zones" ] }, "google-native:compute/alpha:DistributionPolicyTargetShape": { "description": "The distribution shape to which the group converges either proactively or on resize events (depending on the value set in updatePolicy.instanceRedistributionType).", "type": "string", "enum": [ { "name": "Any", "description": "The group picks zones for creating VM instances to fulfill the requested number of VMs within present resource constraints and to maximize utilization of unused zonal reservations. Recommended for batch workloads that do not require high availability.", "value": "ANY" }, { "name": "AnySingleZone", "description": "The group creates all VM instances within a single zone. The zone is selected based on the present resource constraints and to maximize utilization of unused zonal reservations. Recommended for batch workloads with heavy interprocess communication.", "value": "ANY_SINGLE_ZONE" }, { "name": "Balanced", "description": "The group prioritizes acquisition of resources, scheduling VMs in zones where resources are available while distributing VMs as evenly as possible across selected zones to minimize the impact of zonal failure. Recommended for highly available serving workloads.", "value": "BALANCED" }, { "name": "Even", "description": "The group schedules VM instance creation and deletion to achieve and maintain an even number of managed instances across the selected zones. The distribution is even when the number of managed instances does not differ by more than 1 between any two zones. Recommended for highly available serving workloads.", "value": "EVEN" } ] }, "google-native:compute/alpha:DistributionPolicyZoneConfiguration": { "properties": { "zone": { "type": "string", "description": "The URL of the zone. The zone must exist in the region where the managed instance group is located." } }, "type": "object" }, "google-native:compute/alpha:DistributionPolicyZoneConfigurationResponse": { "properties": { "zone": { "type": "string", "description": "The URL of the zone. The zone must exist in the region where the managed instance group is located." } }, "type": "object", "required": [ "zone" ] }, "google-native:compute/alpha:Duration": { "description": "A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like \"day\" or \"month\". Range is approximately 10,000 years.", "properties": { "nanos": { "type": "integer", "description": "Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive." }, "seconds": { "type": "string", "description": "Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years" } }, "type": "object" }, "google-native:compute/alpha:DurationResponse": { "description": "A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like \"day\" or \"month\". Range is approximately 10,000 years.", "properties": { "nanos": { "type": "integer", "description": "Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive." }, "seconds": { "type": "string", "description": "Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years" } }, "type": "object", "required": [ "nanos", "seconds" ] }, "google-native:compute/alpha:ErrorInfoResponse": { "description": "Describes the cause of the error with structured details. Example of an error when contacting the \"pubsub.googleapis.com\" API when it is not enabled: { \"reason\": \"API_DISABLED\" \"domain\": \"googleapis.com\" \"metadata\": { \"resource\": \"projects/123\", \"service\": \"pubsub.googleapis.com\" } } This response indicates that the pubsub.googleapis.com API is not enabled. Example of an error that is returned when attempting to create a Spanner instance in a region that is out of stock: { \"reason\": \"STOCKOUT\" \"domain\": \"spanner.googleapis.com\", \"metadata\": { \"availableRegions\": \"us-central1,us-east2\" } }", "properties": { "domain": { "type": "string", "description": "The logical grouping to which the \"reason\" belongs. The error domain is typically the registered service name of the tool or product that generates the error. Example: \"pubsub.googleapis.com\". If the error is generated by some common infrastructure, the error domain must be a globally unique value that identifies the infrastructure. For Google API infrastructure, the error domain is \"googleapis.com\"." }, "metadatas": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional structured details about this error. Keys should match /[a-zA-Z0-9-_]/ and be limited to 64 characters in length. When identifying the current value of an exceeded limit, the units should be contained in the key, not the value. For example, rather than {\"instanceLimit\": \"100/request\"}, should be returned as, {\"instanceLimitPerRequest\": \"100\"}, if the client exceeds the number of instances that can be created in a single (batch) request." }, "reason": { "type": "string", "description": "The reason of the error. This is a constant value that identifies the proximate cause of the error. Error reasons are unique within a particular domain of errors. This should be at most 63 characters and match a regular expression of `A-Z+[A-Z0-9]`, which represents UPPER_SNAKE_CASE." } }, "type": "object", "required": [ "domain", "metadatas", "reason" ] }, "google-native:compute/alpha:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:compute/alpha:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:compute/alpha:ExternalVpnGatewayInterface": { "description": "The interface for the external VPN gateway.", "properties": { "id": { "type": "integer", "description": "The numeric ID of this interface. The allowed input values for this id for different redundancy types of external VPN gateway: - SINGLE_IP_INTERNALLY_REDUNDANT - 0 - TWO_IPS_REDUNDANCY - 0, 1 - FOUR_IPS_REDUNDANCY - 0, 1, 2, 3 " }, "ipAddress": { "type": "string", "description": "IP address of the interface in the external VPN gateway. Only IPv4 is supported. This IP address can be either from your on-premise gateway or another Cloud provider's VPN gateway, it cannot be an IP address from Google Compute Engine." }, "ipv6Address": { "type": "string", "description": "IPv6 address of the interface in the external VPN gateway. This IPv6 address can be either from your on-premise gateway or another Cloud provider's VPN gateway, it cannot be an IP address from Google Compute Engine. Must specify an IPv6 address (not IPV4-mapped) using any format described in RFC 4291 (e.g. 2001:db8:0:0:2d9:51:0:0). The output format is RFC 5952 format (e.g. 2001:db8::2d9:51:0:0)." } }, "type": "object" }, "google-native:compute/alpha:ExternalVpnGatewayInterfaceResponse": { "description": "The interface for the external VPN gateway.", "properties": { "ipAddress": { "type": "string", "description": "IP address of the interface in the external VPN gateway. Only IPv4 is supported. This IP address can be either from your on-premise gateway or another Cloud provider's VPN gateway, it cannot be an IP address from Google Compute Engine." }, "ipv6Address": { "type": "string", "description": "IPv6 address of the interface in the external VPN gateway. This IPv6 address can be either from your on-premise gateway or another Cloud provider's VPN gateway, it cannot be an IP address from Google Compute Engine. Must specify an IPv6 address (not IPV4-mapped) using any format described in RFC 4291 (e.g. 2001:db8:0:0:2d9:51:0:0). The output format is RFC 5952 format (e.g. 2001:db8::2d9:51:0:0)." } }, "type": "object", "required": [ "ipAddress", "ipv6Address" ] }, "google-native:compute/alpha:ExternalVpnGatewayRedundancyType": { "description": "Indicates the user-supplied redundancy type of this external VPN gateway.", "type": "string", "enum": [ { "name": "FourIpsRedundancy", "description": "The external VPN gateway has four public IP addresses; at the time of writing this API, the AWS virtual private gateway is an example which has four public IP addresses for high availability connections; there should be two VPN connections in the AWS virtual private gateway , each AWS VPN connection has two public IP addresses; please make sure to put two public IP addresses from one AWS VPN connection into interfaces 0 and 1 of this external VPN gateway, and put the other two public IP addresses from another AWS VPN connection into interfaces 2 and 3 of this external VPN gateway. When displaying highly available configuration status for the VPN tunnels connected to FOUR_IPS_REDUNDANCY external VPN gateway, Google will always detect whether interfaces 0 and 1 are connected on one interface of HA Cloud VPN gateway, and detect whether interfaces 2 and 3 are connected to another interface of the HA Cloud VPN gateway.", "value": "FOUR_IPS_REDUNDANCY" }, { "name": "SingleIpInternallyRedundant", "description": "The external VPN gateway has only one public IP address which internally provide redundancy or failover.", "value": "SINGLE_IP_INTERNALLY_REDUNDANT" }, { "name": "TwoIpsRedundancy", "description": "The external VPN gateway has two public IP addresses which are redundant with each other, the following two types of setup on your on-premises side would have this type of redundancy: (1) Two separate on-premises gateways, each with one public IP address, the two on-premises gateways are redundant with each other. (2) A single on-premise gateway with two public IP addresses that are redundant with eatch other.", "value": "TWO_IPS_REDUNDANCY" } ] }, "google-native:compute/alpha:FileContentBuffer": { "properties": { "content": { "type": "string", "description": "The raw content in the secure keys file." }, "fileType": { "$ref": "#/types/google-native:compute%2Falpha:FileContentBufferFileType", "description": "The file type of source file." } }, "type": "object" }, "google-native:compute/alpha:FileContentBufferFileType": { "description": "The file type of source file.", "type": "string", "enum": [ { "name": "Bin", "value": "BIN" }, { "name": "Undefined", "value": "UNDEFINED" }, { "name": "X509", "value": "X509" } ] }, "google-native:compute/alpha:FileContentBufferResponse": { "properties": { "content": { "type": "string", "description": "The raw content in the secure keys file." }, "fileType": { "type": "string", "description": "The file type of source file." } }, "type": "object", "required": [ "content", "fileType" ] }, "google-native:compute/alpha:FirewallAllowedItem": { "properties": { "ipProtocol": { "type": "string", "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number." }, "ports": { "type": "array", "items": { "type": "string" }, "description": "An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"]." } }, "type": "object" }, "google-native:compute/alpha:FirewallAllowedItemResponse": { "properties": { "ipProtocol": { "type": "string", "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number." }, "ports": { "type": "array", "items": { "type": "string" }, "description": "An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"]." } }, "type": "object", "required": [ "ipProtocol", "ports" ] }, "google-native:compute/alpha:FirewallDeniedItem": { "properties": { "ipProtocol": { "type": "string", "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number." }, "ports": { "type": "array", "items": { "type": "string" }, "description": "An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"]." } }, "type": "object" }, "google-native:compute/alpha:FirewallDeniedItemResponse": { "properties": { "ipProtocol": { "type": "string", "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number." }, "ports": { "type": "array", "items": { "type": "string" }, "description": "An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"]." } }, "type": "object", "required": [ "ipProtocol", "ports" ] }, "google-native:compute/alpha:FirewallDirection": { "description": "Direction of traffic to which this firewall applies, either `INGRESS` or `EGRESS`. The default is `INGRESS`. For `EGRESS` traffic, you cannot specify the sourceTags fields.", "type": "string", "enum": [ { "name": "Egress", "description": "Indicates that firewall should apply to outgoing traffic.", "value": "EGRESS" }, { "name": "Ingress", "description": "Indicates that firewall should apply to incoming traffic.", "value": "INGRESS" } ] }, "google-native:compute/alpha:FirewallLogConfig": { "description": "The available logging options for a firewall rule.", "properties": { "enable": { "type": "boolean", "description": "This field denotes whether to enable logging for a particular firewall rule." }, "metadata": { "$ref": "#/types/google-native:compute%2Falpha:FirewallLogConfigMetadata", "description": "This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs." } }, "type": "object" }, "google-native:compute/alpha:FirewallLogConfigMetadata": { "description": "This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.", "type": "string", "enum": [ { "name": "ExcludeAllMetadata", "value": "EXCLUDE_ALL_METADATA" }, { "name": "IncludeAllMetadata", "value": "INCLUDE_ALL_METADATA" } ] }, "google-native:compute/alpha:FirewallLogConfigResponse": { "description": "The available logging options for a firewall rule.", "properties": { "enable": { "type": "boolean", "description": "This field denotes whether to enable logging for a particular firewall rule." }, "metadata": { "type": "string", "description": "This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs." } }, "type": "object", "required": [ "enable", "metadata" ] }, "google-native:compute/alpha:FirewallPolicyAssociation": { "properties": { "attachmentTarget": { "type": "string", "description": "The target that the firewall policy is attached to." }, "name": { "type": "string", "description": "The name for an association." }, "priority": { "type": "integer", "description": "An integer indicating the priority of an association. The priority must be a positive value between 1 and 2147483647. Firewall Policies are evaluated from highest to lowest priority where 1 is the highest priority and 2147483647 is the lowest priority. The default value is `1000`. If two associations have the same priority then lexicographical order on association names is applied." } }, "type": "object" }, "google-native:compute/alpha:FirewallPolicyAssociationResponse": { "properties": { "attachmentTarget": { "type": "string", "description": "The target that the firewall policy is attached to." }, "displayName": { "type": "string", "description": "Deprecated, please use short name instead. The display name of the firewall policy of the association." }, "firewallPolicyId": { "type": "string", "description": "The firewall policy ID of the association." }, "name": { "type": "string", "description": "The name for an association." }, "priority": { "type": "integer", "description": "An integer indicating the priority of an association. The priority must be a positive value between 1 and 2147483647. Firewall Policies are evaluated from highest to lowest priority where 1 is the highest priority and 2147483647 is the lowest priority. The default value is `1000`. If two associations have the same priority then lexicographical order on association names is applied." }, "shortName": { "type": "string", "description": "The short name of the firewall policy of the association." } }, "type": "object", "required": [ "attachmentTarget", "displayName", "firewallPolicyId", "name", "priority", "shortName" ] }, "google-native:compute/alpha:FirewallPolicyRule": { "description": "Represents a rule that describes one or more match conditions along with the action to be taken when traffic matches this condition (allow or deny).", "properties": { "action": { "type": "string", "description": "The Action to perform when the client connection triggers the rule. Valid actions are \"allow\", \"deny\" and \"goto_next\"." }, "description": { "type": "string", "description": "An optional description for this resource." }, "direction": { "$ref": "#/types/google-native:compute%2Falpha:FirewallPolicyRuleDirection", "description": "The direction in which this rule applies." }, "disabled": { "type": "boolean", "description": "Denotes whether the firewall policy rule is disabled. When set to true, the firewall policy rule is not enforced and traffic behaves as if it did not exist. If this is unspecified, the firewall policy rule will be enabled." }, "enableLogging": { "type": "boolean", "description": "Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on \"goto_next\" rules." }, "match": { "$ref": "#/types/google-native:compute%2Falpha:FirewallPolicyRuleMatcher", "description": "A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced." }, "priority": { "type": "integer", "description": "An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest prority." }, "ruleName": { "type": "string", "description": "An optional name for the rule. This field is not a unique identifier and can be updated." }, "securityProfileGroup": { "type": "string", "description": "A fully-qualified URL of a SecurityProfile resource instance. Example: https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group Must be specified if action = 'apply_security_profile_group' and cannot be specified for other actions." }, "targetResources": { "type": "array", "items": { "type": "string" }, "description": "A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule." }, "targetSecureTags": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:FirewallPolicyRuleSecureTag" }, "description": "A list of secure tags that controls which instances the firewall rule applies to. If targetSecureTag are specified, then the firewall rule applies only to instances in the VPC network that have one of those EFFECTIVE secure tags, if all the target_secure_tag are in INEFFECTIVE state, then this rule will be ignored. targetSecureTag may not be set at the same time as targetServiceAccounts. If neither targetServiceAccounts nor targetSecureTag are specified, the firewall rule applies to all instances on the specified network. Maximum number of target label tags allowed is 256." }, "targetServiceAccounts": { "type": "array", "items": { "type": "string" }, "description": "A list of service accounts indicating the sets of instances that are applied with this rule." }, "tlsInspect": { "type": "boolean", "description": "Boolean flag indicating if the traffic should be TLS decrypted. Can be set only if action = 'apply_security_profile_group' and cannot be set for other actions." } }, "type": "object" }, "google-native:compute/alpha:FirewallPolicyRuleDirection": { "description": "The direction in which this rule applies.", "type": "string", "enum": [ { "name": "Egress", "value": "EGRESS" }, { "name": "Ingress", "value": "INGRESS" } ] }, "google-native:compute/alpha:FirewallPolicyRuleMatcher": { "description": "Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified.", "properties": { "destAddressGroups": { "type": "array", "items": { "type": "string" }, "description": "Address groups which should be matched against the traffic destination. Maximum number of destination address groups is 10." }, "destFqdns": { "type": "array", "items": { "type": "string" }, "description": "Fully Qualified Domain Name (FQDN) which should be matched against traffic destination. Maximum number of destination fqdn allowed is 100." }, "destIpRanges": { "type": "array", "items": { "type": "string" }, "description": "CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000." }, "destRegionCodes": { "type": "array", "items": { "type": "string" }, "description": "Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex.\"US\" Maximum number of dest region codes allowed is 5000." }, "destThreatIntelligences": { "type": "array", "items": { "type": "string" }, "description": "Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic destination." }, "layer4Configs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:FirewallPolicyRuleMatcherLayer4Config" }, "description": "Pairs of IP protocols and ports that the rule should match." }, "srcAddressGroups": { "type": "array", "items": { "type": "string" }, "description": "Address groups which should be matched against the traffic source. Maximum number of source address groups is 10." }, "srcFqdns": { "type": "array", "items": { "type": "string" }, "description": "Fully Qualified Domain Name (FQDN) which should be matched against traffic source. Maximum number of source fqdn allowed is 100." }, "srcIpRanges": { "type": "array", "items": { "type": "string" }, "description": "CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000." }, "srcRegionCodes": { "type": "array", "items": { "type": "string" }, "description": "Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex.\"US\" Maximum number of source region codes allowed is 5000." }, "srcSecureTags": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:FirewallPolicyRuleSecureTag" }, "description": "List of secure tag values, which should be matched at the source of the traffic. For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, and there is no srcIpRange, this rule will be ignored. Maximum number of source tag values allowed is 256." }, "srcThreatIntelligences": { "type": "array", "items": { "type": "string" }, "description": "Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic source." } }, "type": "object" }, "google-native:compute/alpha:FirewallPolicyRuleMatcherLayer4Config": { "properties": { "ipProtocol": { "type": "string", "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number." }, "ports": { "type": "array", "items": { "type": "string" }, "description": "An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"]." } }, "type": "object" }, "google-native:compute/alpha:FirewallPolicyRuleMatcherLayer4ConfigResponse": { "properties": { "ipProtocol": { "type": "string", "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number." }, "ports": { "type": "array", "items": { "type": "string" }, "description": "An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"]." } }, "type": "object", "required": [ "ipProtocol", "ports" ] }, "google-native:compute/alpha:FirewallPolicyRuleMatcherResponse": { "description": "Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified.", "properties": { "destAddressGroups": { "type": "array", "items": { "type": "string" }, "description": "Address groups which should be matched against the traffic destination. Maximum number of destination address groups is 10." }, "destFqdns": { "type": "array", "items": { "type": "string" }, "description": "Fully Qualified Domain Name (FQDN) which should be matched against traffic destination. Maximum number of destination fqdn allowed is 100." }, "destIpRanges": { "type": "array", "items": { "type": "string" }, "description": "CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000." }, "destRegionCodes": { "type": "array", "items": { "type": "string" }, "description": "Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex.\"US\" Maximum number of dest region codes allowed is 5000." }, "destThreatIntelligences": { "type": "array", "items": { "type": "string" }, "description": "Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic destination." }, "layer4Configs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:FirewallPolicyRuleMatcherLayer4ConfigResponse" }, "description": "Pairs of IP protocols and ports that the rule should match." }, "srcAddressGroups": { "type": "array", "items": { "type": "string" }, "description": "Address groups which should be matched against the traffic source. Maximum number of source address groups is 10." }, "srcFqdns": { "type": "array", "items": { "type": "string" }, "description": "Fully Qualified Domain Name (FQDN) which should be matched against traffic source. Maximum number of source fqdn allowed is 100." }, "srcIpRanges": { "type": "array", "items": { "type": "string" }, "description": "CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000." }, "srcRegionCodes": { "type": "array", "items": { "type": "string" }, "description": "Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex.\"US\" Maximum number of source region codes allowed is 5000." }, "srcSecureTags": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:FirewallPolicyRuleSecureTagResponse" }, "description": "List of secure tag values, which should be matched at the source of the traffic. For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, and there is no srcIpRange, this rule will be ignored. Maximum number of source tag values allowed is 256." }, "srcThreatIntelligences": { "type": "array", "items": { "type": "string" }, "description": "Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic source." } }, "type": "object", "required": [ "destAddressGroups", "destFqdns", "destIpRanges", "destRegionCodes", "destThreatIntelligences", "layer4Configs", "srcAddressGroups", "srcFqdns", "srcIpRanges", "srcRegionCodes", "srcSecureTags", "srcThreatIntelligences" ] }, "google-native:compute/alpha:FirewallPolicyRuleResponse": { "description": "Represents a rule that describes one or more match conditions along with the action to be taken when traffic matches this condition (allow or deny).", "properties": { "action": { "type": "string", "description": "The Action to perform when the client connection triggers the rule. Valid actions are \"allow\", \"deny\" and \"goto_next\"." }, "description": { "type": "string", "description": "An optional description for this resource." }, "direction": { "type": "string", "description": "The direction in which this rule applies." }, "disabled": { "type": "boolean", "description": "Denotes whether the firewall policy rule is disabled. When set to true, the firewall policy rule is not enforced and traffic behaves as if it did not exist. If this is unspecified, the firewall policy rule will be enabled." }, "enableLogging": { "type": "boolean", "description": "Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on \"goto_next\" rules." }, "kind": { "type": "string", "description": "[Output only] Type of the resource. Always compute#firewallPolicyRule for firewall policy rules" }, "match": { "$ref": "#/types/google-native:compute%2Falpha:FirewallPolicyRuleMatcherResponse", "description": "A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced." }, "priority": { "type": "integer", "description": "An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest prority." }, "ruleName": { "type": "string", "description": "An optional name for the rule. This field is not a unique identifier and can be updated." }, "ruleTupleCount": { "type": "integer", "description": "Calculation of the complexity of a single firewall policy rule." }, "securityProfileGroup": { "type": "string", "description": "A fully-qualified URL of a SecurityProfile resource instance. Example: https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group Must be specified if action = 'apply_security_profile_group' and cannot be specified for other actions." }, "targetResources": { "type": "array", "items": { "type": "string" }, "description": "A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule." }, "targetSecureTags": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:FirewallPolicyRuleSecureTagResponse" }, "description": "A list of secure tags that controls which instances the firewall rule applies to. If targetSecureTag are specified, then the firewall rule applies only to instances in the VPC network that have one of those EFFECTIVE secure tags, if all the target_secure_tag are in INEFFECTIVE state, then this rule will be ignored. targetSecureTag may not be set at the same time as targetServiceAccounts. If neither targetServiceAccounts nor targetSecureTag are specified, the firewall rule applies to all instances on the specified network. Maximum number of target label tags allowed is 256." }, "targetServiceAccounts": { "type": "array", "items": { "type": "string" }, "description": "A list of service accounts indicating the sets of instances that are applied with this rule." }, "tlsInspect": { "type": "boolean", "description": "Boolean flag indicating if the traffic should be TLS decrypted. Can be set only if action = 'apply_security_profile_group' and cannot be set for other actions." } }, "type": "object", "required": [ "action", "description", "direction", "disabled", "enableLogging", "kind", "match", "priority", "ruleName", "ruleTupleCount", "securityProfileGroup", "targetResources", "targetSecureTags", "targetServiceAccounts", "tlsInspect" ] }, "google-native:compute/alpha:FirewallPolicyRuleSecureTag": { "properties": { "name": { "type": "string", "description": "Name of the secure tag, created with TagManager's TagValue API." } }, "type": "object" }, "google-native:compute/alpha:FirewallPolicyRuleSecureTagResponse": { "properties": { "name": { "type": "string", "description": "Name of the secure tag, created with TagManager's TagValue API." }, "state": { "type": "string", "description": "State of the secure tag, either `EFFECTIVE` or `INEFFECTIVE`. A secure tag is `INEFFECTIVE` when it is deleted or its network is deleted." } }, "type": "object", "required": [ "name", "state" ] }, "google-native:compute/alpha:FirewallPolicyVpcNetworkScope": { "description": "The scope of networks allowed to be associated with the firewall policy. This field can be either GLOBAL_VPC_NETWORK or REGIONAL_VPC_NETWORK. A firewall policy with the VPC scope set to GLOBAL_VPC_NETWORK is allowed to be attached only to global networks. When the VPC scope is set to REGIONAL_VPC_NETWORK the firewall policy is allowed to be attached only to regional networks in the same scope as the firewall policy. Note: if not specified then GLOBAL_VPC_NETWORK will be used.", "type": "string", "enum": [ { "name": "GlobalVpcNetwork", "description": "The firewall policy is allowed to be attached only to global networks.", "value": "GLOBAL_VPC_NETWORK" }, { "name": "RegionalVpcNetwork", "description": "The firewall policy is allowed to be attached only to regional networks in the same scope as the firewall policy. This option is applicable only to regional firewall policies.", "value": "REGIONAL_VPC_NETWORK" } ] }, "google-native:compute/alpha:FixedOrPercent": { "description": "Encapsulates numeric value that can be either absolute or relative.", "properties": { "fixed": { "type": "integer", "description": "Specifies a fixed number of VM instances. This must be a positive integer." }, "percent": { "type": "integer", "description": "Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%." } }, "type": "object" }, "google-native:compute/alpha:FixedOrPercentResponse": { "description": "Encapsulates numeric value that can be either absolute or relative.", "properties": { "calculated": { "type": "integer", "description": "Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded. " }, "fixed": { "type": "integer", "description": "Specifies a fixed number of VM instances. This must be a positive integer." }, "percent": { "type": "integer", "description": "Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%." } }, "type": "object", "required": [ "calculated", "fixed", "percent" ] }, "google-native:compute/alpha:ForwardingRuleIpProtocol": { "description": "The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products as described in [Load balancing features](https://cloud.google.com/load-balancing/docs/features#protocols_from_the_load_balancer_to_the_backends).", "type": "string", "enum": [ { "name": "Ah", "value": "AH" }, { "name": "All", "value": "ALL" }, { "name": "Esp", "value": "ESP" }, { "name": "Icmp", "value": "ICMP" }, { "name": "L3Default", "value": "L3_DEFAULT" }, { "name": "Sctp", "value": "SCTP" }, { "name": "Tcp", "value": "TCP" }, { "name": "Udp", "value": "UDP" } ] }, "google-native:compute/alpha:ForwardingRuleIpVersion": { "description": "The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6.", "type": "string", "enum": [ { "name": "Ipv4", "value": "IPV4" }, { "name": "Ipv6", "value": "IPV6" }, { "name": "UnspecifiedVersion", "value": "UNSPECIFIED_VERSION" } ] }, "google-native:compute/alpha:ForwardingRuleLoadBalancingScheme": { "description": "Specifies the forwarding rule type. For more information about forwarding rules, refer to Forwarding rule concepts.", "type": "string", "enum": [ { "name": "External", "value": "EXTERNAL" }, { "name": "ExternalManaged", "value": "EXTERNAL_MANAGED" }, { "name": "Internal", "value": "INTERNAL" }, { "name": "InternalManaged", "value": "INTERNAL_MANAGED" }, { "name": "InternalSelfManaged", "value": "INTERNAL_SELF_MANAGED" }, { "name": "Invalid", "value": "INVALID" } ] }, "google-native:compute/alpha:ForwardingRuleNetworkTier": { "description": "This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.", "type": "string", "enum": [ { "name": "FixedStandard", "description": "Public internet quality with fixed bandwidth.", "value": "FIXED_STANDARD" }, { "name": "Premium", "description": "High quality, Google-grade network tier, support for all networking products.", "value": "PREMIUM" }, { "name": "Select", "description": "Price competitive network tier, support for all networking products.", "value": "SELECT" }, { "name": "Standard", "description": "Public internet quality, only limited support for other networking products.", "value": "STANDARD" }, { "name": "StandardOverridesFixedStandard", "description": "(Output only) Temporary tier for FIXED_STANDARD when fixed standard tier is expired or not configured.", "value": "STANDARD_OVERRIDES_FIXED_STANDARD" } ] }, "google-native:compute/alpha:ForwardingRulePscConnectionStatus": { "type": "string", "enum": [ { "name": "Accepted", "description": "The connection has been accepted by the producer.", "value": "ACCEPTED" }, { "name": "Closed", "description": "The connection has been closed by the producer and will not serve traffic going forward.", "value": "CLOSED" }, { "name": "NeedsAttention", "description": "The connection has been accepted by the producer, but the producer needs to take further action before the forwarding rule can serve traffic.", "value": "NEEDS_ATTENTION" }, { "name": "Pending", "description": "The connection is pending acceptance by the producer.", "value": "PENDING" }, { "name": "Rejected", "description": "The connection has been rejected by the producer.", "value": "REJECTED" }, { "name": "StatusUnspecified", "value": "STATUS_UNSPECIFIED" } ] }, "google-native:compute/alpha:ForwardingRuleServiceDirectoryRegistration": { "description": "Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.", "properties": { "namespace": { "type": "string", "description": "Service Directory namespace to register the forwarding rule under." }, "service": { "type": "string", "description": "Service Directory service to register the forwarding rule under." }, "serviceDirectoryRegion": { "type": "string", "description": "[Optional] Service Directory region to register this global forwarding rule under. Default to \"us-central1\". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region." } }, "type": "object" }, "google-native:compute/alpha:ForwardingRuleServiceDirectoryRegistrationResponse": { "description": "Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.", "properties": { "namespace": { "type": "string", "description": "Service Directory namespace to register the forwarding rule under." }, "service": { "type": "string", "description": "Service Directory service to register the forwarding rule under." }, "serviceDirectoryRegion": { "type": "string", "description": "[Optional] Service Directory region to register this global forwarding rule under. Default to \"us-central1\". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region." } }, "type": "object", "required": [ "namespace", "service", "serviceDirectoryRegion" ] }, "google-native:compute/alpha:FutureReservationPlanningStatus": { "description": "Planning state before being submitted for evaluation", "type": "string", "enum": [ { "name": "Draft", "description": "Future Reservation is being drafted.", "value": "DRAFT" }, { "name": "PlanningStatusUnspecified", "value": "PLANNING_STATUS_UNSPECIFIED" }, { "name": "Submitted", "description": "Future Reservation has been submitted for evaluation by GCP.", "value": "SUBMITTED" } ] }, "google-native:compute/alpha:FutureReservationSpecificSKUProperties": { "properties": { "instanceProperties": { "$ref": "#/types/google-native:compute%2Falpha:AllocationSpecificSKUAllocationReservedInstanceProperties", "description": "Properties of the SKU instances being reserved." }, "sourceInstanceTemplate": { "type": "string", "description": "The instance template that will be used to populate the ReservedInstanceProperties of the future reservation" }, "totalCount": { "type": "string", "description": "Total number of instances for which capacity assurance is requested at a future time period." } }, "type": "object" }, "google-native:compute/alpha:FutureReservationSpecificSKUPropertiesResponse": { "properties": { "instanceProperties": { "$ref": "#/types/google-native:compute%2Falpha:AllocationSpecificSKUAllocationReservedInstancePropertiesResponse", "description": "Properties of the SKU instances being reserved." }, "sourceInstanceTemplate": { "type": "string", "description": "The instance template that will be used to populate the ReservedInstanceProperties of the future reservation" }, "totalCount": { "type": "string", "description": "Total number of instances for which capacity assurance is requested at a future time period." } }, "type": "object", "required": [ "instanceProperties", "sourceInstanceTemplate", "totalCount" ] }, "google-native:compute/alpha:FutureReservationStatusLastKnownGoodStateFutureReservationSpecsResponse": { "description": "The properties of the last known good state for the Future Reservation.", "properties": { "shareSettings": { "$ref": "#/types/google-native:compute%2Falpha:ShareSettingsResponse", "description": "The previous share settings of the Future Reservation." }, "specificSkuProperties": { "$ref": "#/types/google-native:compute%2Falpha:FutureReservationSpecificSKUPropertiesResponse", "description": "The previous instance related properties of the Future Reservation." }, "timeWindow": { "$ref": "#/types/google-native:compute%2Falpha:FutureReservationTimeWindowResponse", "description": "The previous time window of the Future Reservation." } }, "type": "object", "required": [ "shareSettings", "specificSkuProperties", "timeWindow" ] }, "google-native:compute/alpha:FutureReservationStatusLastKnownGoodStateResponse": { "description": "The state that the future reservation will be reverted to should the amendment be declined.", "properties": { "description": { "type": "string", "description": "The description of the FutureReservation before an amendment was requested." }, "futureReservationSpecs": { "$ref": "#/types/google-native:compute%2Falpha:FutureReservationStatusLastKnownGoodStateFutureReservationSpecsResponse" }, "lockTime": { "type": "string", "description": "The lock time of the FutureReservation before an amendment was requested." }, "namePrefix": { "type": "string", "description": "The name prefix of the Future Reservation before an amendment was requested." }, "procurementStatus": { "type": "string", "description": "The status of the last known good state for the Future Reservation." } }, "type": "object", "required": [ "description", "futureReservationSpecs", "lockTime", "namePrefix", "procurementStatus" ] }, "google-native:compute/alpha:FutureReservationStatusResponse": { "description": "[Output only] Represents status related to the future reservation.", "properties": { "amendmentStatus": { "type": "string", "description": "The current status of the requested amendment." }, "autoCreatedReservations": { "type": "array", "items": { "type": "string" }, "description": "Fully qualified urls of the automatically created reservations at start_time." }, "fulfilledCount": { "type": "string", "description": "This count indicates the fulfilled capacity so far. This is set during \"PROVISIONING\" state. This count also includes capacity delivered as part of existing matching reservations." }, "lastKnownGoodState": { "$ref": "#/types/google-native:compute%2Falpha:FutureReservationStatusLastKnownGoodStateResponse", "description": "This field represents the future reservation before an amendment was requested. If the amendment is declined, the Future Reservation will be reverted to the last known good state. The last known good state is not set when updating a future reservation whose Procurement Status is DRAFTING." }, "lockTime": { "type": "string", "description": "Time when Future Reservation would become LOCKED, after which no modifications to Future Reservation will be allowed. Applicable only after the Future Reservation is in the APPROVED state. The lock_time is an RFC3339 string. The procurement_status will transition to PROCURING state at this time." }, "procurementStatus": { "type": "string", "description": "Current state of this Future Reservation" }, "specificSkuProperties": { "$ref": "#/types/google-native:compute%2Falpha:FutureReservationStatusSpecificSKUPropertiesResponse" } }, "type": "object", "required": [ "amendmentStatus", "autoCreatedReservations", "fulfilledCount", "lastKnownGoodState", "lockTime", "procurementStatus", "specificSkuProperties" ] }, "google-native:compute/alpha:FutureReservationStatusSpecificSKUPropertiesResponse": { "description": "Properties to be set for the Future Reservation.", "properties": { "sourceInstanceTemplateId": { "type": "string", "description": "ID of the instance template used to populate the Future Reservation properties." } }, "type": "object", "required": [ "sourceInstanceTemplateId" ] }, "google-native:compute/alpha:FutureReservationTimeWindow": { "properties": { "duration": { "$ref": "#/types/google-native:compute%2Falpha:Duration" }, "endTime": { "type": "string" }, "startTime": { "type": "string", "description": "Start time of the Future Reservation. The start_time is an RFC3339 string." } }, "type": "object" }, "google-native:compute/alpha:FutureReservationTimeWindowResponse": { "properties": { "duration": { "$ref": "#/types/google-native:compute%2Falpha:DurationResponse" }, "endTime": { "type": "string" }, "startTime": { "type": "string", "description": "Start time of the Future Reservation. The start_time is an RFC3339 string." } }, "type": "object", "required": [ "duration", "endTime", "startTime" ] }, "google-native:compute/alpha:GRPCHealthCheck": { "properties": { "grpcServiceName": { "type": "string", "description": "The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII." }, "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "$ref": "#/types/google-native:compute%2Falpha:GRPCHealthCheckPortSpecification", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." } }, "type": "object" }, "google-native:compute/alpha:GRPCHealthCheckPortSpecification": { "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports.", "type": "string", "enum": [ { "name": "UseFixedPort", "description": "The port number in the health check's port is used for health checking. Applies to network endpoint group and instance group backends.", "value": "USE_FIXED_PORT" }, { "name": "UseNamedPort", "description": "Not supported.", "value": "USE_NAMED_PORT" }, { "name": "UseServingPort", "description": "For network endpoint group backends, the health check uses the port number specified on each endpoint in the network endpoint group. For instance group backends, the health check uses the port number specified for the backend service's named port defined in the instance group's named ports.", "value": "USE_SERVING_PORT" } ] }, "google-native:compute/alpha:GRPCHealthCheckResponse": { "properties": { "grpcServiceName": { "type": "string", "description": "The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII." }, "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "type": "string", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." } }, "type": "object", "required": [ "grpcServiceName", "port", "portName", "portSpecification" ] }, "google-native:compute/alpha:GlobalAddressAddressType": { "description": "The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.", "type": "string", "enum": [ { "name": "DnsForwarding", "description": "DNS resolver address in the subnetwork.", "value": "DNS_FORWARDING" }, { "name": "External", "description": "A publicly visible external IP address.", "value": "EXTERNAL" }, { "name": "Internal", "description": "A private network IP address, for use with an Instance or Internal Load Balancer forwarding rule.", "value": "INTERNAL" }, { "name": "UnspecifiedType", "value": "UNSPECIFIED_TYPE" } ] }, "google-native:compute/alpha:GlobalAddressIpVersion": { "description": "The IP version that will be used by this address. Valid options are IPV4 or IPV6.", "type": "string", "enum": [ { "name": "Ipv4", "value": "IPV4" }, { "name": "Ipv6", "value": "IPV6" }, { "name": "UnspecifiedVersion", "value": "UNSPECIFIED_VERSION" } ] }, "google-native:compute/alpha:GlobalAddressIpv6EndpointType": { "description": "The endpoint type of this address, which should be VM or NETLB. This is used for deciding which type of endpoint this address can be used after the external IPv6 address reservation.", "type": "string", "enum": [ { "name": "Netlb", "description": "Reserved IPv6 address can be used on network load balancer.", "value": "NETLB" }, { "name": "Vm", "description": "Reserved IPv6 address can be used on VM.", "value": "VM" } ] }, "google-native:compute/alpha:GlobalAddressNetworkTier": { "description": "This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Internal IP addresses are always Premium Tier; global external IP addresses are always Premium Tier; regional external IP addresses can be either Standard or Premium Tier. If this field is not specified, it is assumed to be PREMIUM.", "type": "string", "enum": [ { "name": "FixedStandard", "description": "Public internet quality with fixed bandwidth.", "value": "FIXED_STANDARD" }, { "name": "Premium", "description": "High quality, Google-grade network tier, support for all networking products.", "value": "PREMIUM" }, { "name": "Select", "description": "Price competitive network tier, support for all networking products.", "value": "SELECT" }, { "name": "Standard", "description": "Public internet quality, only limited support for other networking products.", "value": "STANDARD" }, { "name": "StandardOverridesFixedStandard", "description": "(Output only) Temporary tier for FIXED_STANDARD when fixed standard tier is expired or not configured.", "value": "STANDARD_OVERRIDES_FIXED_STANDARD" } ] }, "google-native:compute/alpha:GlobalAddressPurpose": { "description": "The purpose of this resource, which can be one of the following values: - GCE_ENDPOINT for addresses that are used by VM instances, alias IP ranges, load balancers, and similar resources. - DNS_RESOLVER for a DNS resolver address in a subnetwork for a Cloud DNS inbound forwarder IP addresses (regional internal IP address in a subnet of a VPC network) - VPC_PEERING for global internal IP addresses used for private services access allocated ranges. - NAT_AUTO for the regional external IP addresses used by Cloud NAT when allocating addresses using automatic NAT IP address allocation. - IPSEC_INTERCONNECT for addresses created from a private IP range that are reserved for a VLAN attachment in an *HA VPN over Cloud Interconnect* configuration. These addresses are regional resources. - `SHARED_LOADBALANCER_VIP` for an internal IP address that is assigned to multiple internal forwarding rules. - `PRIVATE_SERVICE_CONNECT` for a private network address that is used to configure Private Service Connect. Only global internal addresses can use this purpose. ", "type": "string", "enum": [ { "name": "DnsResolver", "description": "DNS resolver address in the subnetwork.", "value": "DNS_RESOLVER" }, { "name": "GceEndpoint", "description": "VM internal/alias IP, Internal LB service IP, etc.", "value": "GCE_ENDPOINT" }, { "name": "IpsecInterconnect", "description": "A regional internal IP address range reserved for the VLAN attachment that is used in HA VPN over Cloud Interconnect. This regional internal IP address range must not overlap with any IP address range of subnet/route in the VPC network and its peering networks. After the VLAN attachment is created with the reserved IP address range, when creating a new VPN gateway, its interface IP address is allocated from the associated VLAN attachment’s IP address range.", "value": "IPSEC_INTERCONNECT" }, { "name": "NatAuto", "description": "External IP automatically reserved for Cloud NAT.", "value": "NAT_AUTO" }, { "name": "PrivateServiceConnect", "description": "A private network IP address that can be used to configure Private Service Connect. This purpose can be specified only for GLOBAL addresses of Type INTERNAL", "value": "PRIVATE_SERVICE_CONNECT" }, { "name": "Serverless", "description": "A regional internal IP address range reserved for Serverless.", "value": "SERVERLESS" }, { "name": "SharedLoadbalancerVip", "description": "A private network IP address that can be shared by multiple Internal Load Balancer forwarding rules.", "value": "SHARED_LOADBALANCER_VIP" }, { "name": "VpcPeering", "description": "IP range for peer networks.", "value": "VPC_PEERING" } ] }, "google-native:compute/alpha:GlobalForwardingRuleIpProtocol": { "description": "The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products as described in [Load balancing features](https://cloud.google.com/load-balancing/docs/features#protocols_from_the_load_balancer_to_the_backends).", "type": "string", "enum": [ { "name": "Ah", "value": "AH" }, { "name": "All", "value": "ALL" }, { "name": "Esp", "value": "ESP" }, { "name": "Icmp", "value": "ICMP" }, { "name": "L3Default", "value": "L3_DEFAULT" }, { "name": "Sctp", "value": "SCTP" }, { "name": "Tcp", "value": "TCP" }, { "name": "Udp", "value": "UDP" } ] }, "google-native:compute/alpha:GlobalForwardingRuleIpVersion": { "description": "The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6.", "type": "string", "enum": [ { "name": "Ipv4", "value": "IPV4" }, { "name": "Ipv6", "value": "IPV6" }, { "name": "UnspecifiedVersion", "value": "UNSPECIFIED_VERSION" } ] }, "google-native:compute/alpha:GlobalForwardingRuleLoadBalancingScheme": { "description": "Specifies the forwarding rule type. For more information about forwarding rules, refer to Forwarding rule concepts.", "type": "string", "enum": [ { "name": "External", "value": "EXTERNAL" }, { "name": "ExternalManaged", "value": "EXTERNAL_MANAGED" }, { "name": "Internal", "value": "INTERNAL" }, { "name": "InternalManaged", "value": "INTERNAL_MANAGED" }, { "name": "InternalSelfManaged", "value": "INTERNAL_SELF_MANAGED" }, { "name": "Invalid", "value": "INVALID" } ] }, "google-native:compute/alpha:GlobalForwardingRuleNetworkTier": { "description": "This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.", "type": "string", "enum": [ { "name": "FixedStandard", "description": "Public internet quality with fixed bandwidth.", "value": "FIXED_STANDARD" }, { "name": "Premium", "description": "High quality, Google-grade network tier, support for all networking products.", "value": "PREMIUM" }, { "name": "Select", "description": "Price competitive network tier, support for all networking products.", "value": "SELECT" }, { "name": "Standard", "description": "Public internet quality, only limited support for other networking products.", "value": "STANDARD" }, { "name": "StandardOverridesFixedStandard", "description": "(Output only) Temporary tier for FIXED_STANDARD when fixed standard tier is expired or not configured.", "value": "STANDARD_OVERRIDES_FIXED_STANDARD" } ] }, "google-native:compute/alpha:GlobalForwardingRulePscConnectionStatus": { "type": "string", "enum": [ { "name": "Accepted", "description": "The connection has been accepted by the producer.", "value": "ACCEPTED" }, { "name": "Closed", "description": "The connection has been closed by the producer and will not serve traffic going forward.", "value": "CLOSED" }, { "name": "NeedsAttention", "description": "The connection has been accepted by the producer, but the producer needs to take further action before the forwarding rule can serve traffic.", "value": "NEEDS_ATTENTION" }, { "name": "Pending", "description": "The connection is pending acceptance by the producer.", "value": "PENDING" }, { "name": "Rejected", "description": "The connection has been rejected by the producer.", "value": "REJECTED" }, { "name": "StatusUnspecified", "value": "STATUS_UNSPECIFIED" } ] }, "google-native:compute/alpha:GlobalNetworkEndpointGroupClientPortMappingMode": { "description": "Only valid when networkEndpointType is \"GCE_VM_IP_PORT\" and the NEG is regional.", "type": "string", "enum": [ { "name": "ClientPortPerEndpoint", "description": "For each endpoint there is exactly one client port.", "value": "CLIENT_PORT_PER_ENDPOINT" }, { "name": "PortMappingDisabled", "description": "NEG should not be used for mapping client port to destination.", "value": "PORT_MAPPING_DISABLED" } ] }, "google-native:compute/alpha:GlobalNetworkEndpointGroupNetworkEndpointType": { "description": "Type of network endpoints in this network endpoint group. Can be one of GCE_VM_IP, GCE_VM_IP_PORT, NON_GCP_PRIVATE_IP_PORT, INTERNET_FQDN_PORT, INTERNET_IP_PORT, SERVERLESS, PRIVATE_SERVICE_CONNECT.", "type": "string", "enum": [ { "name": "GceVmIp", "description": "The network endpoint is represented by an IP address.", "value": "GCE_VM_IP" }, { "name": "GceVmIpPort", "description": "The network endpoint is represented by IP address and port pair.", "value": "GCE_VM_IP_PORT" }, { "name": "InternetFqdnPort", "description": "The network endpoint is represented by fully qualified domain name and port.", "value": "INTERNET_FQDN_PORT" }, { "name": "InternetIpPort", "description": "The network endpoint is represented by an internet IP address and port.", "value": "INTERNET_IP_PORT" }, { "name": "NonGcpPrivateIpPort", "description": "The network endpoint is represented by an IP address and port. The endpoint belongs to a VM or pod running in a customer's on-premises.", "value": "NON_GCP_PRIVATE_IP_PORT" }, { "name": "PrivateServiceConnect", "description": "The network endpoint is either public Google APIs or services exposed by other GCP Project with a Service Attachment. The connection is set up by private service connect", "value": "PRIVATE_SERVICE_CONNECT" }, { "name": "Serverless", "description": "The network endpoint is handled by specified serverless infrastructure.", "value": "SERVERLESS" } ] }, "google-native:compute/alpha:GlobalNetworkEndpointGroupType": { "description": "Specify the type of this network endpoint group. Only LOAD_BALANCING is valid for now.", "type": "string", "enum": [ { "name": "LoadBalancing", "description": "The network endpoint group is a backend of a load balancer.", "value": "LOAD_BALANCING" } ] }, "google-native:compute/alpha:GlobalPublicDelegatedPrefixMode": { "description": "The public delegated prefix mode for IPv6 only.", "type": "string", "enum": [ { "name": "Delegation", "description": "The public delegated prefix is used for further sub-delegation only. Such prefixes cannot set allocatablePrefixLength.", "value": "DELEGATION" }, { "name": "ExternalIpv6ForwardingRuleCreation", "description": "The public delegated prefix is used for creating forwarding rules only. Such prefixes cannot set publicDelegatedSubPrefixes.", "value": "EXTERNAL_IPV6_FORWARDING_RULE_CREATION" } ] }, "google-native:compute/alpha:GrpcServiceConfig": { "description": "[Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server.", "properties": { "callCredentials": { "$ref": "#/types/google-native:compute%2Falpha:CallCredentials", "description": "The call credentials to access the SDS server." }, "channelCredentials": { "$ref": "#/types/google-native:compute%2Falpha:ChannelCredentials", "description": "The channel credentials to access the SDS server." }, "targetUri": { "type": "string", "description": "The target URI of the SDS server." } }, "type": "object" }, "google-native:compute/alpha:GrpcServiceConfigResponse": { "description": "[Deprecated] gRPC config to access the SDS server. gRPC config to access the SDS server.", "properties": { "callCredentials": { "$ref": "#/types/google-native:compute%2Falpha:CallCredentialsResponse", "description": "The call credentials to access the SDS server." }, "channelCredentials": { "$ref": "#/types/google-native:compute%2Falpha:ChannelCredentialsResponse", "description": "The channel credentials to access the SDS server." }, "targetUri": { "type": "string", "description": "The target URI of the SDS server." } }, "type": "object", "required": [ "callCredentials", "channelCredentials", "targetUri" ] }, "google-native:compute/alpha:GuestOsFeature": { "description": "Guest OS features.", "properties": { "type": { "$ref": "#/types/google-native:compute%2Falpha:GuestOsFeatureType", "description": "The ID of a supported feature. To add multiple values, use commas to separate values. Set to one or more of the following values: - VIRTIO_SCSI_MULTIQUEUE - WINDOWS - MULTI_IP_SUBNET - UEFI_COMPATIBLE - GVNIC - SEV_CAPABLE - SUSPEND_RESUME_COMPATIBLE - SEV_LIVE_MIGRATABLE - SEV_SNP_CAPABLE For more information, see Enabling guest operating system features." } }, "type": "object" }, "google-native:compute/alpha:GuestOsFeatureResponse": { "description": "Guest OS features.", "properties": { "type": { "type": "string", "description": "The ID of a supported feature. To add multiple values, use commas to separate values. Set to one or more of the following values: - VIRTIO_SCSI_MULTIQUEUE - WINDOWS - MULTI_IP_SUBNET - UEFI_COMPATIBLE - GVNIC - SEV_CAPABLE - SUSPEND_RESUME_COMPATIBLE - SEV_LIVE_MIGRATABLE - SEV_SNP_CAPABLE For more information, see Enabling guest operating system features." } }, "type": "object", "required": [ "type" ] }, "google-native:compute/alpha:GuestOsFeatureType": { "description": "The ID of a supported feature. To add multiple values, use commas to separate values. Set to one or more of the following values: - VIRTIO_SCSI_MULTIQUEUE - WINDOWS - MULTI_IP_SUBNET - UEFI_COMPATIBLE - GVNIC - SEV_CAPABLE - SUSPEND_RESUME_COMPATIBLE - SEV_LIVE_MIGRATABLE - SEV_SNP_CAPABLE For more information, see Enabling guest operating system features.", "type": "string", "enum": [ { "name": "BareMetalLinuxCompatible", "value": "BARE_METAL_LINUX_COMPATIBLE" }, { "name": "FeatureTypeUnspecified", "value": "FEATURE_TYPE_UNSPECIFIED" }, { "name": "Gvnic", "value": "GVNIC" }, { "name": "Idpf", "value": "IDPF" }, { "name": "MultiIpSubnet", "value": "MULTI_IP_SUBNET" }, { "name": "SecureBoot", "value": "SECURE_BOOT" }, { "name": "SevCapable", "value": "SEV_CAPABLE" }, { "name": "SevLiveMigratable", "value": "SEV_LIVE_MIGRATABLE" }, { "name": "SevLiveMigratableV2", "value": "SEV_LIVE_MIGRATABLE_V2" }, { "name": "SevSnpCapable", "value": "SEV_SNP_CAPABLE" }, { "name": "TdxCapable", "value": "TDX_CAPABLE" }, { "name": "UefiCompatible", "value": "UEFI_COMPATIBLE" }, { "name": "VirtioScsiMultiqueue", "value": "VIRTIO_SCSI_MULTIQUEUE" }, { "name": "Windows", "value": "WINDOWS" } ] }, "google-native:compute/alpha:HTTP2HealthCheck": { "properties": { "host": { "type": "string", "description": "The value of the host header in the HTTP/2 health check request. If left empty (default value), the host header is set to the destination IP address to which health check packets are sent. The destination IP address depends on the type of load balancer. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#hc-packet-dest" }, "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. The default value is 443. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "$ref": "#/types/google-native:compute%2Falpha:HTTP2HealthCheckPortSpecification", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." }, "proxyHeader": { "$ref": "#/types/google-native:compute%2Falpha:HTTP2HealthCheckProxyHeader", "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE." }, "requestPath": { "type": "string", "description": "The request path of the HTTP/2 health check request. The default value is /." }, "response": { "type": "string", "description": "Creates a content-based HTTP/2 health check. In addition to the required HTTP 200 (OK) status code, you can configure the health check to pass only when the backend sends this specific ASCII response string within the first 1024 bytes of the HTTP response body. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#criteria-protocol-http" }, "weightReportMode": { "$ref": "#/types/google-native:compute%2Falpha:HTTP2HealthCheckWeightReportMode", "description": "Weight report mode. used for weighted Load Balancing." } }, "type": "object" }, "google-native:compute/alpha:HTTP2HealthCheckPortSpecification": { "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports.", "type": "string", "enum": [ { "name": "UseFixedPort", "description": "The port number in the health check's port is used for health checking. Applies to network endpoint group and instance group backends.", "value": "USE_FIXED_PORT" }, { "name": "UseNamedPort", "description": "Not supported.", "value": "USE_NAMED_PORT" }, { "name": "UseServingPort", "description": "For network endpoint group backends, the health check uses the port number specified on each endpoint in the network endpoint group. For instance group backends, the health check uses the port number specified for the backend service's named port defined in the instance group's named ports.", "value": "USE_SERVING_PORT" } ] }, "google-native:compute/alpha:HTTP2HealthCheckProxyHeader": { "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.", "type": "string", "enum": [ { "name": "None", "value": "NONE" }, { "name": "ProxyV1", "value": "PROXY_V1" } ] }, "google-native:compute/alpha:HTTP2HealthCheckResponse": { "properties": { "host": { "type": "string", "description": "The value of the host header in the HTTP/2 health check request. If left empty (default value), the host header is set to the destination IP address to which health check packets are sent. The destination IP address depends on the type of load balancer. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#hc-packet-dest" }, "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. The default value is 443. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "type": "string", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." }, "proxyHeader": { "type": "string", "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE." }, "requestPath": { "type": "string", "description": "The request path of the HTTP/2 health check request. The default value is /." }, "response": { "type": "string", "description": "Creates a content-based HTTP/2 health check. In addition to the required HTTP 200 (OK) status code, you can configure the health check to pass only when the backend sends this specific ASCII response string within the first 1024 bytes of the HTTP response body. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#criteria-protocol-http" }, "weightReportMode": { "type": "string", "description": "Weight report mode. used for weighted Load Balancing." } }, "type": "object", "required": [ "host", "port", "portName", "portSpecification", "proxyHeader", "requestPath", "response", "weightReportMode" ] }, "google-native:compute/alpha:HTTP2HealthCheckWeightReportMode": { "description": "Weight report mode. used for weighted Load Balancing.", "type": "string", "enum": [ { "name": "Disable", "description": "Health Checker will not parse the header field.", "value": "DISABLE" }, { "name": "DryRun", "description": "Health Checker will parse and report the weight in the header field, but load balancing will not be based on the weights and will use equal weights.", "value": "DRY_RUN" }, { "name": "Enable", "description": "Health Checker will try to parse and report the weight in the header field, and load balancing will be based on the weights as long as all backends have a valid weight or only a subset of backends has the UNAVAILABLE_WEIGHT WeightError. The latter case is to continue the weighted load balancing while some backends are in TIMEOUT or UNKNOWN health status.", "value": "ENABLE" } ] }, "google-native:compute/alpha:HTTPHealthCheck": { "properties": { "host": { "type": "string", "description": "The value of the host header in the HTTP health check request. If left empty (default value), the host header is set to the destination IP address to which health check packets are sent. The destination IP address depends on the type of load balancer. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#hc-packet-dest" }, "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. The default value is 80. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "$ref": "#/types/google-native:compute%2Falpha:HTTPHealthCheckPortSpecification", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Also supported in legacy HTTP health checks for target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." }, "proxyHeader": { "$ref": "#/types/google-native:compute%2Falpha:HTTPHealthCheckProxyHeader", "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE." }, "requestPath": { "type": "string", "description": "The request path of the HTTP health check request. The default value is /." }, "response": { "type": "string", "description": "Creates a content-based HTTP health check. In addition to the required HTTP 200 (OK) status code, you can configure the health check to pass only when the backend sends this specific ASCII response string within the first 1024 bytes of the HTTP response body. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#criteria-protocol-http" }, "weightReportMode": { "$ref": "#/types/google-native:compute%2Falpha:HTTPHealthCheckWeightReportMode", "description": "Weight report mode. used for weighted Load Balancing." } }, "type": "object" }, "google-native:compute/alpha:HTTPHealthCheckPortSpecification": { "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Also supported in legacy HTTP health checks for target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports.", "type": "string", "enum": [ { "name": "UseFixedPort", "description": "The port number in the health check's port is used for health checking. Applies to network endpoint group and instance group backends.", "value": "USE_FIXED_PORT" }, { "name": "UseNamedPort", "description": "Not supported.", "value": "USE_NAMED_PORT" }, { "name": "UseServingPort", "description": "For network endpoint group backends, the health check uses the port number specified on each endpoint in the network endpoint group. For instance group backends, the health check uses the port number specified for the backend service's named port defined in the instance group's named ports.", "value": "USE_SERVING_PORT" } ] }, "google-native:compute/alpha:HTTPHealthCheckProxyHeader": { "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.", "type": "string", "enum": [ { "name": "None", "value": "NONE" }, { "name": "ProxyV1", "value": "PROXY_V1" } ] }, "google-native:compute/alpha:HTTPHealthCheckResponse": { "properties": { "host": { "type": "string", "description": "The value of the host header in the HTTP health check request. If left empty (default value), the host header is set to the destination IP address to which health check packets are sent. The destination IP address depends on the type of load balancer. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#hc-packet-dest" }, "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. The default value is 80. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "type": "string", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Also supported in legacy HTTP health checks for target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." }, "proxyHeader": { "type": "string", "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE." }, "requestPath": { "type": "string", "description": "The request path of the HTTP health check request. The default value is /." }, "response": { "type": "string", "description": "Creates a content-based HTTP health check. In addition to the required HTTP 200 (OK) status code, you can configure the health check to pass only when the backend sends this specific ASCII response string within the first 1024 bytes of the HTTP response body. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#criteria-protocol-http" }, "weightReportMode": { "type": "string", "description": "Weight report mode. used for weighted Load Balancing." } }, "type": "object", "required": [ "host", "port", "portName", "portSpecification", "proxyHeader", "requestPath", "response", "weightReportMode" ] }, "google-native:compute/alpha:HTTPHealthCheckWeightReportMode": { "description": "Weight report mode. used for weighted Load Balancing.", "type": "string", "enum": [ { "name": "Disable", "description": "Health Checker will not parse the header field.", "value": "DISABLE" }, { "name": "DryRun", "description": "Health Checker will parse and report the weight in the header field, but load balancing will not be based on the weights and will use equal weights.", "value": "DRY_RUN" }, { "name": "Enable", "description": "Health Checker will try to parse and report the weight in the header field, and load balancing will be based on the weights as long as all backends have a valid weight or only a subset of backends has the UNAVAILABLE_WEIGHT WeightError. The latter case is to continue the weighted load balancing while some backends are in TIMEOUT or UNKNOWN health status.", "value": "ENABLE" } ] }, "google-native:compute/alpha:HTTPSHealthCheck": { "properties": { "host": { "type": "string", "description": "The value of the host header in the HTTPS health check request. If left empty (default value), the host header is set to the destination IP address to which health check packets are sent. The destination IP address depends on the type of load balancer. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#hc-packet-dest" }, "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. The default value is 443. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "$ref": "#/types/google-native:compute%2Falpha:HTTPSHealthCheckPortSpecification", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." }, "proxyHeader": { "$ref": "#/types/google-native:compute%2Falpha:HTTPSHealthCheckProxyHeader", "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE." }, "requestPath": { "type": "string", "description": "The request path of the HTTPS health check request. The default value is /." }, "response": { "type": "string", "description": "Creates a content-based HTTPS health check. In addition to the required HTTP 200 (OK) status code, you can configure the health check to pass only when the backend sends this specific ASCII response string within the first 1024 bytes of the HTTP response body. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#criteria-protocol-http" }, "weightReportMode": { "$ref": "#/types/google-native:compute%2Falpha:HTTPSHealthCheckWeightReportMode", "description": "Weight report mode. used for weighted Load Balancing." } }, "type": "object" }, "google-native:compute/alpha:HTTPSHealthCheckPortSpecification": { "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports.", "type": "string", "enum": [ { "name": "UseFixedPort", "description": "The port number in the health check's port is used for health checking. Applies to network endpoint group and instance group backends.", "value": "USE_FIXED_PORT" }, { "name": "UseNamedPort", "description": "Not supported.", "value": "USE_NAMED_PORT" }, { "name": "UseServingPort", "description": "For network endpoint group backends, the health check uses the port number specified on each endpoint in the network endpoint group. For instance group backends, the health check uses the port number specified for the backend service's named port defined in the instance group's named ports.", "value": "USE_SERVING_PORT" } ] }, "google-native:compute/alpha:HTTPSHealthCheckProxyHeader": { "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.", "type": "string", "enum": [ { "name": "None", "value": "NONE" }, { "name": "ProxyV1", "value": "PROXY_V1" } ] }, "google-native:compute/alpha:HTTPSHealthCheckResponse": { "properties": { "host": { "type": "string", "description": "The value of the host header in the HTTPS health check request. If left empty (default value), the host header is set to the destination IP address to which health check packets are sent. The destination IP address depends on the type of load balancer. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#hc-packet-dest" }, "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. The default value is 443. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "type": "string", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." }, "proxyHeader": { "type": "string", "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE." }, "requestPath": { "type": "string", "description": "The request path of the HTTPS health check request. The default value is /." }, "response": { "type": "string", "description": "Creates a content-based HTTPS health check. In addition to the required HTTP 200 (OK) status code, you can configure the health check to pass only when the backend sends this specific ASCII response string within the first 1024 bytes of the HTTP response body. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#criteria-protocol-http" }, "weightReportMode": { "type": "string", "description": "Weight report mode. used for weighted Load Balancing." } }, "type": "object", "required": [ "host", "port", "portName", "portSpecification", "proxyHeader", "requestPath", "response", "weightReportMode" ] }, "google-native:compute/alpha:HTTPSHealthCheckWeightReportMode": { "description": "Weight report mode. used for weighted Load Balancing.", "type": "string", "enum": [ { "name": "Disable", "description": "Health Checker will not parse the header field.", "value": "DISABLE" }, { "name": "DryRun", "description": "Health Checker will parse and report the weight in the header field, but load balancing will not be based on the weights and will use equal weights.", "value": "DRY_RUN" }, { "name": "Enable", "description": "Health Checker will try to parse and report the weight in the header field, and load balancing will be based on the weights as long as all backends have a valid weight or only a subset of backends has the UNAVAILABLE_WEIGHT WeightError. The latter case is to continue the weighted load balancing while some backends are in TIMEOUT or UNKNOWN health status.", "value": "ENABLE" } ] }, "google-native:compute/alpha:HealthCheckLogConfig": { "description": "Configuration of logging on a health check. If logging is enabled, logs will be exported to Stackdriver.", "properties": { "enable": { "type": "boolean", "description": "Indicates whether or not to export logs. This is false by default, which means no health check logging will be done." } }, "type": "object" }, "google-native:compute/alpha:HealthCheckLogConfigResponse": { "description": "Configuration of logging on a health check. If logging is enabled, logs will be exported to Stackdriver.", "properties": { "enable": { "type": "boolean", "description": "Indicates whether or not to export logs. This is false by default, which means no health check logging will be done." } }, "type": "object", "required": [ "enable" ] }, "google-native:compute/alpha:HealthCheckType": { "description": "Specifies the type of the healthCheck, either TCP, SSL, HTTP, HTTPS, HTTP2 or GRPC. Exactly one of the protocol-specific health check fields must be specified, which must match type field.", "type": "string", "enum": [ { "name": "Grpc", "value": "GRPC" }, { "name": "Http", "value": "HTTP" }, { "name": "Http2", "value": "HTTP2" }, { "name": "Https", "value": "HTTPS" }, { "name": "Invalid", "value": "INVALID" }, { "name": "Ssl", "value": "SSL" }, { "name": "Tcp", "value": "TCP" }, { "name": "Udp", "value": "UDP" } ] }, "google-native:compute/alpha:HelpLinkResponse": { "description": "Describes a URL link.", "properties": { "description": { "type": "string", "description": "Describes what the link offers." }, "url": { "type": "string", "description": "The URL of the link." } }, "type": "object", "required": [ "description", "url" ] }, "google-native:compute/alpha:HelpResponse": { "description": "Provides links to documentation or for performing an out of band action. For example, if a quota check failed with an error indicating the calling project hasn't enabled the accessed service, this can contain a URL pointing directly to the right place in the developer console to flip the bit.", "properties": { "links": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:HelpLinkResponse" }, "description": "URL(s) pointing to additional information on handling the current error." } }, "type": "object", "required": [ "links" ] }, "google-native:compute/alpha:HostRule": { "description": "UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.", "properties": { "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "hosts": { "type": "array", "items": { "type": "string" }, "description": "The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character, and if followed by anything, the immediate following character must be either - or .. * based matching is not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true." }, "pathMatcher": { "type": "string", "description": "The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion." } }, "type": "object" }, "google-native:compute/alpha:HostRuleResponse": { "description": "UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.", "properties": { "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "hosts": { "type": "array", "items": { "type": "string" }, "description": "The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character, and if followed by anything, the immediate following character must be either - or .. * based matching is not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true." }, "pathMatcher": { "type": "string", "description": "The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion." } }, "type": "object", "required": [ "description", "hosts", "pathMatcher" ] }, "google-native:compute/alpha:HttpFaultAbort": { "description": "Specification for how requests are aborted as part of fault injection.", "properties": { "httpStatus": { "type": "integer", "description": "The HTTP status code used to abort the request. The value must be from 200 to 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director." }, "percentage": { "type": "number", "description": "The percentage of traffic for connections, operations, or requests that is aborted as part of fault injection. The value must be from 0.0 to 100.0 inclusive." } }, "type": "object" }, "google-native:compute/alpha:HttpFaultAbortResponse": { "description": "Specification for how requests are aborted as part of fault injection.", "properties": { "httpStatus": { "type": "integer", "description": "The HTTP status code used to abort the request. The value must be from 200 to 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director." }, "percentage": { "type": "number", "description": "The percentage of traffic for connections, operations, or requests that is aborted as part of fault injection. The value must be from 0.0 to 100.0 inclusive." } }, "type": "object", "required": [ "httpStatus", "percentage" ] }, "google-native:compute/alpha:HttpFaultDelay": { "description": "Specifies the delay introduced by the load balancer before forwarding the request to the backend service as part of fault injection.", "properties": { "fixedDelay": { "$ref": "#/types/google-native:compute%2Falpha:Duration", "description": "Specifies the value of the fixed delay interval." }, "percentage": { "type": "number", "description": "The percentage of traffic for connections, operations, or requests for which a delay is introduced as part of fault injection. The value must be from 0.0 to 100.0 inclusive." } }, "type": "object" }, "google-native:compute/alpha:HttpFaultDelayResponse": { "description": "Specifies the delay introduced by the load balancer before forwarding the request to the backend service as part of fault injection.", "properties": { "fixedDelay": { "$ref": "#/types/google-native:compute%2Falpha:DurationResponse", "description": "Specifies the value of the fixed delay interval." }, "percentage": { "type": "number", "description": "The percentage of traffic for connections, operations, or requests for which a delay is introduced as part of fault injection. The value must be from 0.0 to 100.0 inclusive." } }, "type": "object", "required": [ "fixedDelay", "percentage" ] }, "google-native:compute/alpha:HttpFaultInjection": { "description": "The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by the load balancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the load balancer for a percentage of requests.", "properties": { "abort": { "$ref": "#/types/google-native:compute%2Falpha:HttpFaultAbort", "description": "The specification for how client requests are aborted as part of fault injection." }, "delay": { "$ref": "#/types/google-native:compute%2Falpha:HttpFaultDelay", "description": "The specification for how client requests are delayed as part of fault injection, before being sent to a backend service." } }, "type": "object" }, "google-native:compute/alpha:HttpFaultInjectionResponse": { "description": "The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by the load balancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the load balancer for a percentage of requests.", "properties": { "abort": { "$ref": "#/types/google-native:compute%2Falpha:HttpFaultAbortResponse", "description": "The specification for how client requests are aborted as part of fault injection." }, "delay": { "$ref": "#/types/google-native:compute%2Falpha:HttpFaultDelayResponse", "description": "The specification for how client requests are delayed as part of fault injection, before being sent to a backend service." } }, "type": "object", "required": [ "abort", "delay" ] }, "google-native:compute/alpha:HttpFilterConfig": { "description": "HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.", "properties": { "config": { "type": "string", "description": "The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl" }, "configTypeUrl": { "type": "string", "description": "The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct" }, "filterName": { "type": "string", "description": "Name of the networkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example: envoy.wasm" } }, "type": "object" }, "google-native:compute/alpha:HttpFilterConfigResponse": { "description": "HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.", "properties": { "config": { "type": "string", "description": "The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl" }, "configTypeUrl": { "type": "string", "description": "The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct" }, "filterName": { "type": "string", "description": "Name of the networkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example: envoy.wasm" } }, "type": "object", "required": [ "config", "configTypeUrl", "filterName" ] }, "google-native:compute/alpha:HttpHeaderAction": { "description": "The request and response header transformations that take effect before the request is passed along to the selected backendService.", "properties": { "requestHeadersToAdd": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:HttpHeaderOption" }, "description": "Headers to add to a matching request before forwarding the request to the backendService." }, "requestHeadersToRemove": { "type": "array", "items": { "type": "string" }, "description": "A list of header names for headers that need to be removed from the request before forwarding the request to the backendService." }, "responseHeadersToAdd": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:HttpHeaderOption" }, "description": "Headers to add the response before sending the response back to the client." }, "responseHeadersToRemove": { "type": "array", "items": { "type": "string" }, "description": "A list of header names for headers that need to be removed from the response before sending the response back to the client." } }, "type": "object" }, "google-native:compute/alpha:HttpHeaderActionResponse": { "description": "The request and response header transformations that take effect before the request is passed along to the selected backendService.", "properties": { "requestHeadersToAdd": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:HttpHeaderOptionResponse" }, "description": "Headers to add to a matching request before forwarding the request to the backendService." }, "requestHeadersToRemove": { "type": "array", "items": { "type": "string" }, "description": "A list of header names for headers that need to be removed from the request before forwarding the request to the backendService." }, "responseHeadersToAdd": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:HttpHeaderOptionResponse" }, "description": "Headers to add the response before sending the response back to the client." }, "responseHeadersToRemove": { "type": "array", "items": { "type": "string" }, "description": "A list of header names for headers that need to be removed from the response before sending the response back to the client." } }, "type": "object", "required": [ "requestHeadersToAdd", "requestHeadersToRemove", "responseHeadersToAdd", "responseHeadersToRemove" ] }, "google-native:compute/alpha:HttpHeaderMatch": { "description": "matchRule criteria for request header matches.", "properties": { "exactMatch": { "type": "string", "description": "The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set." }, "headerName": { "type": "string", "description": "The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name \":authority\". For matching a request's method, use the headerName \":method\". When the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin`." }, "invertMatch": { "type": "boolean", "description": "If set to false, the headerMatch is considered a match if the preceding match criteria are met. If set to true, the headerMatch is considered a match if the preceding match criteria are NOT met. The default setting is false. " }, "prefixMatch": { "type": "string", "description": "The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set." }, "presentMatch": { "type": "boolean", "description": "A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set." }, "rangeMatch": { "$ref": "#/types/google-native:compute%2Falpha:Int64RangeMatch", "description": "The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. rangeMatch is not supported for load balancers that have loadBalancingScheme set to EXTERNAL." }, "regexMatch": { "type": "string", "description": "The value of the header must match the regular expression specified in regexMatch. For more information about regular expression syntax, see Syntax. For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Regular expressions can only be used when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED." }, "suffixMatch": { "type": "string", "description": "The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set." } }, "type": "object" }, "google-native:compute/alpha:HttpHeaderMatchResponse": { "description": "matchRule criteria for request header matches.", "properties": { "exactMatch": { "type": "string", "description": "The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set." }, "headerName": { "type": "string", "description": "The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name \":authority\". For matching a request's method, use the headerName \":method\". When the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin`." }, "invertMatch": { "type": "boolean", "description": "If set to false, the headerMatch is considered a match if the preceding match criteria are met. If set to true, the headerMatch is considered a match if the preceding match criteria are NOT met. The default setting is false. " }, "prefixMatch": { "type": "string", "description": "The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set." }, "presentMatch": { "type": "boolean", "description": "A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set." }, "rangeMatch": { "$ref": "#/types/google-native:compute%2Falpha:Int64RangeMatchResponse", "description": "The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. rangeMatch is not supported for load balancers that have loadBalancingScheme set to EXTERNAL." }, "regexMatch": { "type": "string", "description": "The value of the header must match the regular expression specified in regexMatch. For more information about regular expression syntax, see Syntax. For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Regular expressions can only be used when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED." }, "suffixMatch": { "type": "string", "description": "The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set." } }, "type": "object", "required": [ "exactMatch", "headerName", "invertMatch", "prefixMatch", "presentMatch", "rangeMatch", "regexMatch", "suffixMatch" ] }, "google-native:compute/alpha:HttpHeaderOption": { "description": "Specification determining how headers are added to requests or responses.", "properties": { "headerName": { "type": "string", "description": "The name of the header." }, "headerValue": { "type": "string", "description": "The value of the header to add." }, "replace": { "type": "boolean", "description": "If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false. " } }, "type": "object" }, "google-native:compute/alpha:HttpHeaderOptionResponse": { "description": "Specification determining how headers are added to requests or responses.", "properties": { "headerName": { "type": "string", "description": "The name of the header." }, "headerValue": { "type": "string", "description": "The value of the header to add." }, "replace": { "type": "boolean", "description": "If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false. " } }, "type": "object", "required": [ "headerName", "headerValue", "replace" ] }, "google-native:compute/alpha:HttpQueryParameterMatch": { "description": "HttpRouteRuleMatch criteria for a request's query parameter.", "properties": { "exactMatch": { "type": "string", "description": "The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch, or regexMatch must be set. " }, "name": { "type": "string", "description": "The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails." }, "presentMatch": { "type": "boolean", "description": "Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch, or regexMatch must be set. " }, "regexMatch": { "type": "string", "description": "The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For more information about regular expression syntax, see Syntax. Only one of presentMatch, exactMatch, or regexMatch must be set. Regular expressions can only be used when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED. " } }, "type": "object" }, "google-native:compute/alpha:HttpQueryParameterMatchResponse": { "description": "HttpRouteRuleMatch criteria for a request's query parameter.", "properties": { "exactMatch": { "type": "string", "description": "The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch, or regexMatch must be set. " }, "name": { "type": "string", "description": "The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails." }, "presentMatch": { "type": "boolean", "description": "Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch, or regexMatch must be set. " }, "regexMatch": { "type": "string", "description": "The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For more information about regular expression syntax, see Syntax. Only one of presentMatch, exactMatch, or regexMatch must be set. Regular expressions can only be used when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED. " } }, "type": "object", "required": [ "exactMatch", "name", "presentMatch", "regexMatch" ] }, "google-native:compute/alpha:HttpRedirectAction": { "description": "Specifies settings for an HTTP redirect.", "properties": { "hostRedirect": { "type": "string", "description": "The host that is used in the redirect response instead of the one that was supplied in the request. The value must be from 1 to 255 characters." }, "httpsRedirect": { "type": "boolean", "description": "If set to true, the URL scheme in the redirected request is set to HTTPS. If set to false, the URL scheme of the redirected request remains the same as that of the request. This must only be set for URL maps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false." }, "pathRedirect": { "type": "string", "description": "The path that is used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request is used for the redirect. The value must be from 1 to 1024 characters." }, "prefixRedirect": { "type": "string", "description": "The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request is used for the redirect. The value must be from 1 to 1024 characters." }, "redirectResponseCode": { "$ref": "#/types/google-native:compute%2Falpha:HttpRedirectActionRedirectResponseCode", "description": "The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method is retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method is retained. " }, "stripQuery": { "type": "boolean", "description": "If set to true, any accompanying query portion of the original URL is removed before redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false. " } }, "type": "object" }, "google-native:compute/alpha:HttpRedirectActionRedirectResponseCode": { "description": "The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method is retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method is retained. ", "type": "string", "enum": [ { "name": "Found", "description": "Http Status Code 302 - Found.", "value": "FOUND" }, { "name": "MovedPermanentlyDefault", "description": "Http Status Code 301 - Moved Permanently.", "value": "MOVED_PERMANENTLY_DEFAULT" }, { "name": "PermanentRedirect", "description": "Http Status Code 308 - Permanent Redirect maintaining HTTP method.", "value": "PERMANENT_REDIRECT" }, { "name": "SeeOther", "description": "Http Status Code 303 - See Other.", "value": "SEE_OTHER" }, { "name": "TemporaryRedirect", "description": "Http Status Code 307 - Temporary Redirect maintaining HTTP method.", "value": "TEMPORARY_REDIRECT" } ] }, "google-native:compute/alpha:HttpRedirectActionResponse": { "description": "Specifies settings for an HTTP redirect.", "properties": { "hostRedirect": { "type": "string", "description": "The host that is used in the redirect response instead of the one that was supplied in the request. The value must be from 1 to 255 characters." }, "httpsRedirect": { "type": "boolean", "description": "If set to true, the URL scheme in the redirected request is set to HTTPS. If set to false, the URL scheme of the redirected request remains the same as that of the request. This must only be set for URL maps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false." }, "pathRedirect": { "type": "string", "description": "The path that is used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request is used for the redirect. The value must be from 1 to 1024 characters." }, "prefixRedirect": { "type": "string", "description": "The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request is used for the redirect. The value must be from 1 to 1024 characters." }, "redirectResponseCode": { "type": "string", "description": "The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method is retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method is retained. " }, "stripQuery": { "type": "boolean", "description": "If set to true, any accompanying query portion of the original URL is removed before redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false. " } }, "type": "object", "required": [ "hostRedirect", "httpsRedirect", "pathRedirect", "prefixRedirect", "redirectResponseCode", "stripQuery" ] }, "google-native:compute/alpha:HttpRetryPolicy": { "description": "The retry policy associates with HttpRouteRule", "properties": { "numRetries": { "type": "integer", "description": "Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1." }, "perTryTimeout": { "$ref": "#/types/google-native:compute%2Falpha:Duration", "description": "Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in the HttpRouteAction field. If timeout in the HttpRouteAction field is not set, this field uses the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true." }, "retryConditions": { "type": "array", "items": { "type": "string" }, "description": "Specifies one or more conditions when this retry policy applies. Valid values are: - 5xx: retry is attempted if the instance or endpoint responds with any 5xx response code, or if the instance or endpoint does not respond at all. For example, disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - connect-failure: a retry is attempted on failures connecting to the instance or endpoint. For example, connection timeouts. - retriable-4xx: a retry is attempted if the instance or endpoint responds with a 4xx response code. The only error that you can retry is error code 409. - refused-stream: a retry is attempted if the instance or endpoint resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelled: a retry is attempted if the gRPC status code in the response header is set to cancelled. - deadline-exceeded: a retry is attempted if the gRPC status code in the response header is set to deadline-exceeded. - internal: a retry is attempted if the gRPC status code in the response header is set to internal. - resource-exhausted: a retry is attempted if the gRPC status code in the response header is set to resource-exhausted. - unavailable: a retry is attempted if the gRPC status code in the response header is set to unavailable. Only the following codes are supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true. - cancelled - deadline-exceeded - internal - resource-exhausted - unavailable " } }, "type": "object" }, "google-native:compute/alpha:HttpRetryPolicyResponse": { "description": "The retry policy associates with HttpRouteRule", "properties": { "numRetries": { "type": "integer", "description": "Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1." }, "perTryTimeout": { "$ref": "#/types/google-native:compute%2Falpha:DurationResponse", "description": "Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in the HttpRouteAction field. If timeout in the HttpRouteAction field is not set, this field uses the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true." }, "retryConditions": { "type": "array", "items": { "type": "string" }, "description": "Specifies one or more conditions when this retry policy applies. Valid values are: - 5xx: retry is attempted if the instance or endpoint responds with any 5xx response code, or if the instance or endpoint does not respond at all. For example, disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - connect-failure: a retry is attempted on failures connecting to the instance or endpoint. For example, connection timeouts. - retriable-4xx: a retry is attempted if the instance or endpoint responds with a 4xx response code. The only error that you can retry is error code 409. - refused-stream: a retry is attempted if the instance or endpoint resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelled: a retry is attempted if the gRPC status code in the response header is set to cancelled. - deadline-exceeded: a retry is attempted if the gRPC status code in the response header is set to deadline-exceeded. - internal: a retry is attempted if the gRPC status code in the response header is set to internal. - resource-exhausted: a retry is attempted if the gRPC status code in the response header is set to resource-exhausted. - unavailable: a retry is attempted if the gRPC status code in the response header is set to unavailable. Only the following codes are supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true. - cancelled - deadline-exceeded - internal - resource-exhausted - unavailable " } }, "type": "object", "required": [ "numRetries", "perTryTimeout", "retryConditions" ] }, "google-native:compute/alpha:HttpRouteAction": { "properties": { "corsPolicy": { "$ref": "#/types/google-native:compute%2Falpha:CorsPolicy", "description": "The specification for allowing client-side cross-origin requests. For more information about the W3C recommendation for cross-origin resource sharing (CORS), see Fetch API Living Standard. Not supported when the URL map is bound to a target gRPC proxy." }, "faultInjectionPolicy": { "$ref": "#/types/google-native:compute%2Falpha:HttpFaultInjection", "description": "The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by a load balancer on a percentage of requests before sending those requests to the backend service. Similarly requests from clients can be aborted by the load balancer for a percentage of requests. timeout and retry_policy is ignored by clients that are configured with a fault_injection_policy if: 1. The traffic is generated by fault injection AND 2. The fault injection is not a delay fault injection. Fault injection is not supported with the classic Application Load Balancer . To see which load balancers support fault injection, see Load balancing: Routing and traffic management features." }, "maxStreamDuration": { "$ref": "#/types/google-native:compute%2Falpha:Duration", "description": "Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (known as *end-of-stream*), the duration in this field is computed from the beginning of the stream until the response has been processed, including all retries. A stream that does not complete in this duration is closed. If not specified, this field uses the maximum maxStreamDuration value among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED." }, "requestMirrorPolicy": { "$ref": "#/types/google-native:compute%2Falpha:RequestMirrorPolicy", "description": "Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. The load balancer does not wait for responses from the shadow service. Before sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true." }, "retryPolicy": { "$ref": "#/types/google-native:compute%2Falpha:HttpRetryPolicy", "description": "Specifies the retry policy associated with this route." }, "timeout": { "$ref": "#/types/google-native:compute%2Falpha:Duration", "description": "Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (known as *end-of-stream*) up until the response has been processed. Timeout includes all retries. If not specified, this field uses the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "urlRewrite": { "$ref": "#/types/google-native:compute%2Falpha:UrlRewrite", "description": "The spec to modify the URL of the request, before forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for classic Application Load Balancers. Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true." }, "weightedBackendServices": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:WeightedBackendService" }, "description": "A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. After a backend service is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction." } }, "type": "object" }, "google-native:compute/alpha:HttpRouteActionResponse": { "properties": { "corsPolicy": { "$ref": "#/types/google-native:compute%2Falpha:CorsPolicyResponse", "description": "The specification for allowing client-side cross-origin requests. For more information about the W3C recommendation for cross-origin resource sharing (CORS), see Fetch API Living Standard. Not supported when the URL map is bound to a target gRPC proxy." }, "faultInjectionPolicy": { "$ref": "#/types/google-native:compute%2Falpha:HttpFaultInjectionResponse", "description": "The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by a load balancer on a percentage of requests before sending those requests to the backend service. Similarly requests from clients can be aborted by the load balancer for a percentage of requests. timeout and retry_policy is ignored by clients that are configured with a fault_injection_policy if: 1. The traffic is generated by fault injection AND 2. The fault injection is not a delay fault injection. Fault injection is not supported with the classic Application Load Balancer . To see which load balancers support fault injection, see Load balancing: Routing and traffic management features." }, "maxStreamDuration": { "$ref": "#/types/google-native:compute%2Falpha:DurationResponse", "description": "Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (known as *end-of-stream*), the duration in this field is computed from the beginning of the stream until the response has been processed, including all retries. A stream that does not complete in this duration is closed. If not specified, this field uses the maximum maxStreamDuration value among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED." }, "requestMirrorPolicy": { "$ref": "#/types/google-native:compute%2Falpha:RequestMirrorPolicyResponse", "description": "Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. The load balancer does not wait for responses from the shadow service. Before sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true." }, "retryPolicy": { "$ref": "#/types/google-native:compute%2Falpha:HttpRetryPolicyResponse", "description": "Specifies the retry policy associated with this route." }, "timeout": { "$ref": "#/types/google-native:compute%2Falpha:DurationResponse", "description": "Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (known as *end-of-stream*) up until the response has been processed. Timeout includes all retries. If not specified, this field uses the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "urlRewrite": { "$ref": "#/types/google-native:compute%2Falpha:UrlRewriteResponse", "description": "The spec to modify the URL of the request, before forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for classic Application Load Balancers. Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true." }, "weightedBackendServices": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:WeightedBackendServiceResponse" }, "description": "A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. After a backend service is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction." } }, "type": "object", "required": [ "corsPolicy", "faultInjectionPolicy", "maxStreamDuration", "requestMirrorPolicy", "retryPolicy", "timeout", "urlRewrite", "weightedBackendServices" ] }, "google-native:compute/alpha:HttpRouteRule": { "description": "The HttpRouteRule setting specifies how to match an HTTP request and the corresponding routing action that load balancing proxies perform.", "properties": { "customErrorResponsePolicy": { "$ref": "#/types/google-native:compute%2Falpha:CustomErrorResponsePolicy", "description": "customErrorResponsePolicy specifies how the Load Balancer returns error responses when BackendServiceor BackendBucket responds with an error. If a policy for an error code is not configured for the RouteRule, a policy for the error code configured in pathMatcher.defaultCustomErrorResponsePolicy is applied. If one is not specified in pathMatcher.defaultCustomErrorResponsePolicy, the policy configured in UrlMap.defaultCustomErrorResponsePolicy takes effect. For example, consider a UrlMap with the following configuration: - UrlMap.defaultCustomErrorResponsePolicy are configured with policies for 5xx and 4xx errors - A RouteRule for /coming_soon/ is configured for the error code 404. If the request is for www.myotherdomain.com and a 404 is encountered, the policy under UrlMap.defaultCustomErrorResponsePolicy takes effect. If a 404 response is encountered for the request www.example.com/current_events/, the pathMatcher's policy takes effect. If however, the request for www.example.com/coming_soon/ encounters a 404, the policy in RouteRule.customErrorResponsePolicy takes effect. If any of the requests in this example encounter a 500 error code, the policy at UrlMap.defaultCustomErrorResponsePolicy takes effect. When used in conjunction with routeRules.routeAction.retryPolicy, retries take precedence. Only once all retries are exhausted, the customErrorResponsePolicy is applied. While attempting a retry, if load balancer is successful in reaching the service, the customErrorResponsePolicy is ignored and the response from the service is returned to the client. customErrorResponsePolicy is supported only for global external Application Load Balancers." }, "description": { "type": "string", "description": "The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters." }, "headerAction": { "$ref": "#/types/google-native:compute%2Falpha:HttpHeaderAction", "description": "Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction value specified here is applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction HeaderAction is not supported for load balancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "httpFilterConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:HttpFilterConfig" }, "description": "Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for load balancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "httpFilterMetadata": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:HttpFilterConfig" }, "description": "Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for load balancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "matchRules": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:HttpRouteRuleMatch" }, "description": "The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule." }, "priority": { "type": "integer", "description": "For routeRules within a given pathMatcher, priority determines the order in which a load balancer interprets routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number from 0 to 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules." }, "routeAction": { "$ref": "#/types/google-native:compute%2Falpha:HttpRouteAction", "description": "In response to a matching matchRule, the load balancer performs advanced routing actions, such as URL rewrites and header transformations, before forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. URL maps for classic Application Load Balancers only support the urlRewrite action within a route rule's routeAction." }, "service": { "type": "string", "description": "The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is also specified, advanced routing actions, such as URL rewrites, take effect before sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set." }, "urlRedirect": { "$ref": "#/types/google-native:compute%2Falpha:HttpRedirectAction", "description": "When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to a target gRPC proxy." } }, "type": "object" }, "google-native:compute/alpha:HttpRouteRuleMatch": { "description": "HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.", "properties": { "fullPathMatch": { "type": "string", "description": "For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be from 1 to 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified." }, "headerMatches": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:HttpHeaderMatch" }, "description": "Specifies a list of header match criteria, all of which must match corresponding headers in the request." }, "ignoreCase": { "type": "boolean", "description": "Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to a target gRPC proxy." }, "metadataFilters": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:MetadataFilter" }, "description": "Opaque filter criteria used by the load balancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to the load balancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadata filters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here is applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to load balancers that have loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "pathTemplateMatch": { "type": "string", "description": "If specified, the route is a pattern match expression that must match the :path header once the query string is removed. A pattern match allows you to match - The value must be between 1 and 1024 characters - The pattern must start with a leading slash (\"/\") - There may be no more than 5 operators in pattern Precisely one of prefix_match, full_path_match, regex_match or path_template_match must be set." }, "prefixMatch": { "type": "string", "description": "For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be from 1 to 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified." }, "queryParameterMatches": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:HttpQueryParameterMatch" }, "description": "Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to a target gRPC proxy." }, "regexMatch": { "type": "string", "description": "For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For more information about regular expression syntax, see Syntax. Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Regular expressions can only be used when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED." } }, "type": "object" }, "google-native:compute/alpha:HttpRouteRuleMatchResponse": { "description": "HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.", "properties": { "fullPathMatch": { "type": "string", "description": "For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be from 1 to 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified." }, "headerMatches": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:HttpHeaderMatchResponse" }, "description": "Specifies a list of header match criteria, all of which must match corresponding headers in the request." }, "ignoreCase": { "type": "boolean", "description": "Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to a target gRPC proxy." }, "metadataFilters": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:MetadataFilterResponse" }, "description": "Opaque filter criteria used by the load balancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to the load balancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadata filters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here is applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to load balancers that have loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "pathTemplateMatch": { "type": "string", "description": "If specified, the route is a pattern match expression that must match the :path header once the query string is removed. A pattern match allows you to match - The value must be between 1 and 1024 characters - The pattern must start with a leading slash (\"/\") - There may be no more than 5 operators in pattern Precisely one of prefix_match, full_path_match, regex_match or path_template_match must be set." }, "prefixMatch": { "type": "string", "description": "For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be from 1 to 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified." }, "queryParameterMatches": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:HttpQueryParameterMatchResponse" }, "description": "Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to a target gRPC proxy." }, "regexMatch": { "type": "string", "description": "For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For more information about regular expression syntax, see Syntax. Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Regular expressions can only be used when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED." } }, "type": "object", "required": [ "fullPathMatch", "headerMatches", "ignoreCase", "metadataFilters", "pathTemplateMatch", "prefixMatch", "queryParameterMatches", "regexMatch" ] }, "google-native:compute/alpha:HttpRouteRuleResponse": { "description": "The HttpRouteRule setting specifies how to match an HTTP request and the corresponding routing action that load balancing proxies perform.", "properties": { "customErrorResponsePolicy": { "$ref": "#/types/google-native:compute%2Falpha:CustomErrorResponsePolicyResponse", "description": "customErrorResponsePolicy specifies how the Load Balancer returns error responses when BackendServiceor BackendBucket responds with an error. If a policy for an error code is not configured for the RouteRule, a policy for the error code configured in pathMatcher.defaultCustomErrorResponsePolicy is applied. If one is not specified in pathMatcher.defaultCustomErrorResponsePolicy, the policy configured in UrlMap.defaultCustomErrorResponsePolicy takes effect. For example, consider a UrlMap with the following configuration: - UrlMap.defaultCustomErrorResponsePolicy are configured with policies for 5xx and 4xx errors - A RouteRule for /coming_soon/ is configured for the error code 404. If the request is for www.myotherdomain.com and a 404 is encountered, the policy under UrlMap.defaultCustomErrorResponsePolicy takes effect. If a 404 response is encountered for the request www.example.com/current_events/, the pathMatcher's policy takes effect. If however, the request for www.example.com/coming_soon/ encounters a 404, the policy in RouteRule.customErrorResponsePolicy takes effect. If any of the requests in this example encounter a 500 error code, the policy at UrlMap.defaultCustomErrorResponsePolicy takes effect. When used in conjunction with routeRules.routeAction.retryPolicy, retries take precedence. Only once all retries are exhausted, the customErrorResponsePolicy is applied. While attempting a retry, if load balancer is successful in reaching the service, the customErrorResponsePolicy is ignored and the response from the service is returned to the client. customErrorResponsePolicy is supported only for global external Application Load Balancers." }, "description": { "type": "string", "description": "The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters." }, "headerAction": { "$ref": "#/types/google-native:compute%2Falpha:HttpHeaderActionResponse", "description": "Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction value specified here is applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction HeaderAction is not supported for load balancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "httpFilterConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:HttpFilterConfigResponse" }, "description": "Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for load balancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "httpFilterMetadata": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:HttpFilterConfigResponse" }, "description": "Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for load balancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "matchRules": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:HttpRouteRuleMatchResponse" }, "description": "The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule." }, "priority": { "type": "integer", "description": "For routeRules within a given pathMatcher, priority determines the order in which a load balancer interprets routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number from 0 to 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules." }, "routeAction": { "$ref": "#/types/google-native:compute%2Falpha:HttpRouteActionResponse", "description": "In response to a matching matchRule, the load balancer performs advanced routing actions, such as URL rewrites and header transformations, before forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. URL maps for classic Application Load Balancers only support the urlRewrite action within a route rule's routeAction." }, "service": { "type": "string", "description": "The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is also specified, advanced routing actions, such as URL rewrites, take effect before sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set." }, "urlRedirect": { "$ref": "#/types/google-native:compute%2Falpha:HttpRedirectActionResponse", "description": "When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to a target gRPC proxy." } }, "type": "object", "required": [ "customErrorResponsePolicy", "description", "headerAction", "httpFilterConfigs", "httpFilterMetadata", "matchRules", "priority", "routeAction", "service", "urlRedirect" ] }, "google-native:compute/alpha:ImageArchitecture": { "description": "The architecture of the image. Valid values are ARM64 or X86_64.", "type": "string", "enum": [ { "name": "ArchitectureUnspecified", "description": "Default value indicating Architecture is not set.", "value": "ARCHITECTURE_UNSPECIFIED" }, { "name": "Arm64", "description": "Machines with architecture ARM64", "value": "ARM64" }, { "name": "X8664", "description": "Machines with architecture X86_64", "value": "X86_64" } ] }, "google-native:compute/alpha:ImageRawDisk": { "description": "The parameters of the raw disk image.", "properties": { "containerType": { "$ref": "#/types/google-native:compute%2Falpha:ImageRawDiskContainerType", "description": "The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created." }, "sha1Checksum": { "type": "string", "description": "[Deprecated] This field is deprecated. An optional SHA1 checksum of the disk image before unpackaging provided by the client when the disk image is created.", "deprecationMessage": "[Deprecated] This field is deprecated. An optional SHA1 checksum of the disk image before unpackaging provided by the client when the disk image is created." }, "source": { "type": "string", "description": "The full Google Cloud Storage URL where the raw disk image archive is stored. The following are valid formats for the URL: - https://storage.googleapis.com/bucket_name/image_archive_name - https://storage.googleapis.com/bucket_name/folder_name/ image_archive_name In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL " } }, "type": "object" }, "google-native:compute/alpha:ImageRawDiskContainerType": { "description": "The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created.", "type": "string", "enum": [ { "name": "Tar", "value": "TAR" } ] }, "google-native:compute/alpha:ImageRawDiskResponse": { "description": "The parameters of the raw disk image.", "properties": { "containerType": { "type": "string", "description": "The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created." }, "sha1Checksum": { "type": "string", "description": "[Deprecated] This field is deprecated. An optional SHA1 checksum of the disk image before unpackaging provided by the client when the disk image is created.", "deprecationMessage": "[Deprecated] This field is deprecated. An optional SHA1 checksum of the disk image before unpackaging provided by the client when the disk image is created." }, "source": { "type": "string", "description": "The full Google Cloud Storage URL where the raw disk image archive is stored. The following are valid formats for the URL: - https://storage.googleapis.com/bucket_name/image_archive_name - https://storage.googleapis.com/bucket_name/folder_name/ image_archive_name In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL " } }, "type": "object", "required": [ "containerType", "sha1Checksum", "source" ] }, "google-native:compute/alpha:ImageSourceType": { "description": "The type of the image used to create this disk. The default and only valid value is RAW.", "type": "string", "enum": [ { "name": "Raw", "value": "RAW" } ] }, "google-native:compute/alpha:InitialStateConfig": { "description": "Initial State for shielded instance, these are public keys which are safe to store in public", "properties": { "dbs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:FileContentBuffer" }, "description": "The Key Database (db)." }, "dbxs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:FileContentBuffer" }, "description": "The forbidden key database (dbx)." }, "keks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:FileContentBuffer" }, "description": "The Key Exchange Key (KEK)." }, "pk": { "$ref": "#/types/google-native:compute%2Falpha:FileContentBuffer", "description": "The Platform Key (PK)." } }, "type": "object" }, "google-native:compute/alpha:InitialStateConfigResponse": { "description": "Initial State for shielded instance, these are public keys which are safe to store in public", "properties": { "dbs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:FileContentBufferResponse" }, "description": "The Key Database (db)." }, "dbxs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:FileContentBufferResponse" }, "description": "The forbidden key database (dbx)." }, "keks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:FileContentBufferResponse" }, "description": "The Key Exchange Key (KEK)." }, "pk": { "$ref": "#/types/google-native:compute%2Falpha:FileContentBufferResponse", "description": "The Platform Key (PK)." } }, "type": "object", "required": [ "dbs", "dbxs", "keks", "pk" ] }, "google-native:compute/alpha:InstanceGroupManagerActionsSummaryResponse": { "properties": { "abandoning": { "type": "integer", "description": "The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it." }, "creating": { "type": "integer", "description": "The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated." }, "creatingAtomically": { "type": "integer", "description": "The number of instances that the managed instance group will attempt to create atomically, in a batch mode. If the desired count of instances can not be created, entire batch will be deleted and the group will decrease its targetSize value accordingly." }, "creatingWithoutRetries": { "type": "integer", "description": "The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly." }, "deleting": { "type": "integer", "description": "The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted." }, "none": { "type": "integer", "description": "The number of instances in the managed instance group that are running and have no scheduled actions." }, "queuing": { "type": "integer", "description": "The number of instances that the managed instance group is currently queuing." }, "recreating": { "type": "integer", "description": "The number of instances in the managed instance group that are scheduled to be recreated or are currently being being recreated. Recreating an instance deletes the existing root persistent disk and creates a new disk from the image that is defined in the instance template." }, "refreshing": { "type": "integer", "description": "The number of instances in the managed instance group that are being reconfigured with properties that do not require a restart or a recreate action. For example, setting or removing target pools for the instance." }, "restarting": { "type": "integer", "description": "The number of instances in the managed instance group that are scheduled to be restarted or are currently being restarted." }, "resuming": { "type": "integer", "description": "The number of instances in the managed instance group that are scheduled to be resumed or are currently being resumed." }, "starting": { "type": "integer", "description": "The number of instances in the managed instance group that are scheduled to be started or are currently being started." }, "stopping": { "type": "integer", "description": "The number of instances in the managed instance group that are scheduled to be stopped or are currently being stopped." }, "suspending": { "type": "integer", "description": "The number of instances in the managed instance group that are scheduled to be suspended or are currently being suspended." }, "verifying": { "type": "integer", "description": "The number of instances in the managed instance group that are being verified. See the managedInstances[].currentAction property in the listManagedInstances method documentation." } }, "type": "object", "required": [ "abandoning", "creating", "creatingAtomically", "creatingWithoutRetries", "deleting", "none", "queuing", "recreating", "refreshing", "restarting", "resuming", "starting", "stopping", "suspending", "verifying" ] }, "google-native:compute/alpha:InstanceGroupManagerAllInstancesConfig": { "properties": { "properties": { "$ref": "#/types/google-native:compute%2Falpha:InstancePropertiesPatch", "description": "Properties to set on all instances in the group. You can add or modify properties using the instanceGroupManagers.patch or regionInstanceGroupManagers.patch. After setting allInstancesConfig on the group, you must update the group's instances to apply the configuration. To apply the configuration, set the group's updatePolicy.type field to use proactive updates or use the applyUpdatesToInstances method." } }, "type": "object" }, "google-native:compute/alpha:InstanceGroupManagerAllInstancesConfigResponse": { "properties": { "properties": { "$ref": "#/types/google-native:compute%2Falpha:InstancePropertiesPatchResponse", "description": "Properties to set on all instances in the group. You can add or modify properties using the instanceGroupManagers.patch or regionInstanceGroupManagers.patch. After setting allInstancesConfig on the group, you must update the group's instances to apply the configuration. To apply the configuration, set the group's updatePolicy.type field to use proactive updates or use the applyUpdatesToInstances method." } }, "type": "object", "required": [ "properties" ] }, "google-native:compute/alpha:InstanceGroupManagerAutoHealingPolicy": { "properties": { "autoHealingTriggers": { "$ref": "#/types/google-native:compute%2Falpha:InstanceGroupManagerAutoHealingPolicyAutoHealingTriggers", "description": "Restricts what triggers autohealing." }, "healthCheck": { "type": "string", "description": "The URL for the health check that signals autohealing." }, "initialDelaySec": { "type": "integer", "description": "The initial delay is the number of seconds that a new VM takes to initialize and run its startup script. During a VM's initial delay period, the MIG ignores unsuccessful health checks because the VM might be in the startup process. This prevents the MIG from prematurely recreating a VM. If the health check receives a healthy response during the initial delay, it indicates that the startup process is complete and the VM is ready. The value of initial delay must be between 0 and 3600 seconds. The default value is 0." }, "maxUnavailable": { "$ref": "#/types/google-native:compute%2Falpha:FixedOrPercent", "description": "Maximum number of instances that can be unavailable when autohealing. When 'percent' is used, the value is rounded if necessary. The instance is considered available if all of the following conditions are satisfied: 1. Instance's status is RUNNING. 2. Instance's currentAction is NONE (in particular its liveness health check result was observed to be HEALTHY at least once as it passed VERIFYING). 3. There is no outgoing action on an instance triggered by IGM. By default, number of concurrently autohealed instances is smaller than the managed instance group target size. However, if a zonal managed instance group has only one instance, or a regional managed instance group has only one instance per zone, autohealing will recreate these instances when they become unhealthy." } }, "type": "object" }, "google-native:compute/alpha:InstanceGroupManagerAutoHealingPolicyAutoHealingTriggers": { "properties": { "onHealthCheck": { "$ref": "#/types/google-native:compute%2Falpha:InstanceGroupManagerAutoHealingPolicyAutoHealingTriggersOnHealthCheck", "description": "If you have configured an application-based health check for the group, this field controls whether to trigger VM autohealing based on a failed health check. Valid values are: - ON (default): The group recreates running VMs that fail the application-based health check. - OFF: When set to OFF, you can still observe instance health state, but the group does not recreate VMs that fail the application-based health check. This is useful for troubleshooting and setting up your health check configuration. " } }, "type": "object" }, "google-native:compute/alpha:InstanceGroupManagerAutoHealingPolicyAutoHealingTriggersOnHealthCheck": { "description": "If you have configured an application-based health check for the group, this field controls whether to trigger VM autohealing based on a failed health check. Valid values are: - ON (default): The group recreates running VMs that fail the application-based health check. - OFF: When set to OFF, you can still observe instance health state, but the group does not recreate VMs that fail the application-based health check. This is useful for troubleshooting and setting up your health check configuration. ", "type": "string", "enum": [ { "name": "Off", "description": "When set to OFF, you can still observe instance health state, but the group does not recreate VMs that fail the application-based health check. This is useful for troubleshooting and setting up your health check configuration.", "value": "OFF" }, { "name": "On", "description": "(Default) The group recreates running VMs that fail the group's application-based health check.", "value": "ON" } ] }, "google-native:compute/alpha:InstanceGroupManagerAutoHealingPolicyAutoHealingTriggersResponse": { "properties": { "onHealthCheck": { "type": "string", "description": "If you have configured an application-based health check for the group, this field controls whether to trigger VM autohealing based on a failed health check. Valid values are: - ON (default): The group recreates running VMs that fail the application-based health check. - OFF: When set to OFF, you can still observe instance health state, but the group does not recreate VMs that fail the application-based health check. This is useful for troubleshooting and setting up your health check configuration. " } }, "type": "object", "required": [ "onHealthCheck" ] }, "google-native:compute/alpha:InstanceGroupManagerAutoHealingPolicyResponse": { "properties": { "autoHealingTriggers": { "$ref": "#/types/google-native:compute%2Falpha:InstanceGroupManagerAutoHealingPolicyAutoHealingTriggersResponse", "description": "Restricts what triggers autohealing." }, "healthCheck": { "type": "string", "description": "The URL for the health check that signals autohealing." }, "initialDelaySec": { "type": "integer", "description": "The initial delay is the number of seconds that a new VM takes to initialize and run its startup script. During a VM's initial delay period, the MIG ignores unsuccessful health checks because the VM might be in the startup process. This prevents the MIG from prematurely recreating a VM. If the health check receives a healthy response during the initial delay, it indicates that the startup process is complete and the VM is ready. The value of initial delay must be between 0 and 3600 seconds. The default value is 0." }, "maxUnavailable": { "$ref": "#/types/google-native:compute%2Falpha:FixedOrPercentResponse", "description": "Maximum number of instances that can be unavailable when autohealing. When 'percent' is used, the value is rounded if necessary. The instance is considered available if all of the following conditions are satisfied: 1. Instance's status is RUNNING. 2. Instance's currentAction is NONE (in particular its liveness health check result was observed to be HEALTHY at least once as it passed VERIFYING). 3. There is no outgoing action on an instance triggered by IGM. By default, number of concurrently autohealed instances is smaller than the managed instance group target size. However, if a zonal managed instance group has only one instance, or a regional managed instance group has only one instance per zone, autohealing will recreate these instances when they become unhealthy." } }, "type": "object", "required": [ "autoHealingTriggers", "healthCheck", "initialDelaySec", "maxUnavailable" ] }, "google-native:compute/alpha:InstanceGroupManagerFailoverAction": { "description": "The action to perform in case of zone failure. Only one value is supported, NO_FAILOVER. The default is NO_FAILOVER.", "type": "string", "enum": [ { "name": "NoFailover", "value": "NO_FAILOVER" }, { "name": "Unknown", "value": "UNKNOWN" } ] }, "google-native:compute/alpha:InstanceGroupManagerInstanceFlexibilityPolicy": { "properties": { "instanceSelectionLists": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Named instance selections configuring properties that the group will use when creating new VMs." }, "instanceSelections": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Named instance selections configuring properties that the group will use when creating new VMs." } }, "type": "object" }, "google-native:compute/alpha:InstanceGroupManagerInstanceFlexibilityPolicyResponse": { "properties": { "instanceSelectionLists": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Named instance selections configuring properties that the group will use when creating new VMs." }, "instanceSelections": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Named instance selections configuring properties that the group will use when creating new VMs." } }, "type": "object", "required": [ "instanceSelectionLists", "instanceSelections" ] }, "google-native:compute/alpha:InstanceGroupManagerInstanceLifecyclePolicy": { "properties": { "defaultActionOnFailure": { "$ref": "#/types/google-native:compute%2Falpha:InstanceGroupManagerInstanceLifecyclePolicyDefaultActionOnFailure", "description": "The action that a MIG performs on a failed or an unhealthy VM. A VM is marked as unhealthy when the application running on that VM fails a health check. Valid values are - REPAIR (default): MIG automatically repairs a failed or an unhealthy VM by recreating it. For more information, see About repairing VMs in a MIG. - DO_NOTHING: MIG does not repair a failed or an unhealthy VM. " }, "forceUpdateOnRepair": { "$ref": "#/types/google-native:compute%2Falpha:InstanceGroupManagerInstanceLifecyclePolicyForceUpdateOnRepair", "description": "A bit indicating whether to forcefully apply the group's latest configuration when repairing a VM. Valid options are: - NO (default): If configuration updates are available, they are not forcefully applied during repair. Instead, configuration updates are applied according to the group's update policy. - YES: If configuration updates are available, they are applied during repair. " }, "metadataBasedReadinessSignal": { "$ref": "#/types/google-native:compute%2Falpha:InstanceGroupManagerInstanceLifecyclePolicyMetadataBasedReadinessSignal", "description": "The configuration for metadata based readiness signal sent by the instance during initialization when stopping / suspending an instance. The Instance Group Manager will wait for a signal that indicates successful initialization before stopping / suspending an instance. If a successful readiness signal is not sent before timeout, the corresponding instance will not be stopped / suspended. Instead, an error will be visible in the lastAttempt.errors field of the managed instance in the listmanagedinstances method. If metadataBasedReadinessSignal.timeoutSec is unset, the Instance Group Manager will directly proceed to suspend / stop instances, skipping initialization on them." } }, "type": "object" }, "google-native:compute/alpha:InstanceGroupManagerInstanceLifecyclePolicyDefaultActionOnFailure": { "description": "The action that a MIG performs on a failed or an unhealthy VM. A VM is marked as unhealthy when the application running on that VM fails a health check. Valid values are - REPAIR (default): MIG automatically repairs a failed or an unhealthy VM by recreating it. For more information, see About repairing VMs in a MIG. - DO_NOTHING: MIG does not repair a failed or an unhealthy VM. ", "type": "string", "enum": [ { "name": "Delete", "description": "MIG deletes a failed or an unhealthy VM. Deleting the VM decreases the target size of the MIG.", "value": "DELETE" }, { "name": "DoNothing", "description": "MIG does not repair a failed or an unhealthy VM.", "value": "DO_NOTHING" }, { "name": "Repair", "description": "(Default) MIG automatically repairs a failed or an unhealthy VM by recreating it. For more information, see About repairing VMs in a MIG.", "value": "REPAIR" } ] }, "google-native:compute/alpha:InstanceGroupManagerInstanceLifecyclePolicyForceUpdateOnRepair": { "description": "A bit indicating whether to forcefully apply the group's latest configuration when repairing a VM. Valid options are: - NO (default): If configuration updates are available, they are not forcefully applied during repair. Instead, configuration updates are applied according to the group's update policy. - YES: If configuration updates are available, they are applied during repair. ", "type": "string", "enum": [ { "name": "No", "value": "NO" }, { "name": "Yes", "value": "YES" } ] }, "google-native:compute/alpha:InstanceGroupManagerInstanceLifecyclePolicyMetadataBasedReadinessSignal": { "properties": { "timeoutSec": { "type": "integer", "description": "The number of seconds to wait for a readiness signal during initialization before timing out." } }, "type": "object" }, "google-native:compute/alpha:InstanceGroupManagerInstanceLifecyclePolicyMetadataBasedReadinessSignalResponse": { "properties": { "timeoutSec": { "type": "integer", "description": "The number of seconds to wait for a readiness signal during initialization before timing out." } }, "type": "object", "required": [ "timeoutSec" ] }, "google-native:compute/alpha:InstanceGroupManagerInstanceLifecyclePolicyResponse": { "properties": { "defaultActionOnFailure": { "type": "string", "description": "The action that a MIG performs on a failed or an unhealthy VM. A VM is marked as unhealthy when the application running on that VM fails a health check. Valid values are - REPAIR (default): MIG automatically repairs a failed or an unhealthy VM by recreating it. For more information, see About repairing VMs in a MIG. - DO_NOTHING: MIG does not repair a failed or an unhealthy VM. " }, "forceUpdateOnRepair": { "type": "string", "description": "A bit indicating whether to forcefully apply the group's latest configuration when repairing a VM. Valid options are: - NO (default): If configuration updates are available, they are not forcefully applied during repair. Instead, configuration updates are applied according to the group's update policy. - YES: If configuration updates are available, they are applied during repair. " }, "metadataBasedReadinessSignal": { "$ref": "#/types/google-native:compute%2Falpha:InstanceGroupManagerInstanceLifecyclePolicyMetadataBasedReadinessSignalResponse", "description": "The configuration for metadata based readiness signal sent by the instance during initialization when stopping / suspending an instance. The Instance Group Manager will wait for a signal that indicates successful initialization before stopping / suspending an instance. If a successful readiness signal is not sent before timeout, the corresponding instance will not be stopped / suspended. Instead, an error will be visible in the lastAttempt.errors field of the managed instance in the listmanagedinstances method. If metadataBasedReadinessSignal.timeoutSec is unset, the Instance Group Manager will directly proceed to suspend / stop instances, skipping initialization on them." } }, "type": "object", "required": [ "defaultActionOnFailure", "forceUpdateOnRepair", "metadataBasedReadinessSignal" ] }, "google-native:compute/alpha:InstanceGroupManagerListManagedInstancesResults": { "description": "Pagination behavior of the listManagedInstances API method for this managed instance group.", "type": "string", "enum": [ { "name": "Pageless", "description": "(Default) Pagination is disabled for the group's listManagedInstances API method. maxResults and pageToken query parameters are ignored and all instances are returned in a single response.", "value": "PAGELESS" }, { "name": "Paginated", "description": "Pagination is enabled for the group's listManagedInstances API method. maxResults and pageToken query parameters are respected.", "value": "PAGINATED" } ] }, "google-native:compute/alpha:InstanceGroupManagerResizeRequestStatusErrorErrorsItemErrorDetailsItemResponse": { "properties": { "errorInfo": { "$ref": "#/types/google-native:compute%2Falpha:ErrorInfoResponse" }, "help": { "$ref": "#/types/google-native:compute%2Falpha:HelpResponse" }, "localizedMessage": { "$ref": "#/types/google-native:compute%2Falpha:LocalizedMessageResponse" }, "quotaInfo": { "$ref": "#/types/google-native:compute%2Falpha:QuotaExceededInfoResponse" } }, "type": "object", "required": [ "errorInfo", "help", "localizedMessage", "quotaInfo" ] }, "google-native:compute/alpha:InstanceGroupManagerResizeRequestStatusErrorErrorsItemResponse": { "properties": { "code": { "type": "string", "description": "The error type identifier for this error." }, "errorDetails": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:InstanceGroupManagerResizeRequestStatusErrorErrorsItemErrorDetailsItemResponse" }, "description": "An optional list of messages that contain the error details. There is a set of defined message types to use for providing details.The syntax depends on the error code. For example, QuotaExceededInfo will have details when the error code is QUOTA_EXCEEDED." }, "location": { "type": "string", "description": "Indicates the field in the request that caused the error. This property is optional." }, "message": { "type": "string", "description": "An optional, human-readable error message." } }, "type": "object", "required": [ "code", "errorDetails", "location", "message" ] }, "google-native:compute/alpha:InstanceGroupManagerResizeRequestStatusErrorResponse": { "description": "Errors encountered during the queueing or provisioning phases of the ResizeRequest.", "properties": { "errors": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:InstanceGroupManagerResizeRequestStatusErrorErrorsItemResponse" }, "description": "The array of errors encountered while processing this operation." } }, "type": "object", "required": [ "errors" ] }, "google-native:compute/alpha:InstanceGroupManagerResizeRequestStatusResponse": { "properties": { "error": { "$ref": "#/types/google-native:compute%2Falpha:InstanceGroupManagerResizeRequestStatusErrorResponse", "description": "Errors encountered during the queueing or provisioning phases of the ResizeRequest." }, "queuingPolicy": { "$ref": "#/types/google-native:compute%2Falpha:QueuingPolicyResponse", "description": "Constraints for the time when the instances start provisioning. Always exposed as absolute time." } }, "type": "object", "required": [ "error", "queuingPolicy" ] }, "google-native:compute/alpha:InstanceGroupManagerStandbyPolicy": { "properties": { "initialDelaySec": { "type": "integer" }, "mode": { "$ref": "#/types/google-native:compute%2Falpha:InstanceGroupManagerStandbyPolicyMode", "description": "Defines behaviour of using instances from standby pool to resize MIG." } }, "type": "object" }, "google-native:compute/alpha:InstanceGroupManagerStandbyPolicyMode": { "description": "Defines behaviour of using instances from standby pool to resize MIG.", "type": "string", "enum": [ { "name": "Manual", "description": "MIG does not automatically stop/start or suspend/resume VMs.", "value": "MANUAL" }, { "name": "ScaleOutPool", "description": "MIG automatically resumes and starts VMs when it scales out, and replenishes the standby pool afterwards.", "value": "SCALE_OUT_POOL" } ] }, "google-native:compute/alpha:InstanceGroupManagerStandbyPolicyResponse": { "properties": { "initialDelaySec": { "type": "integer" }, "mode": { "type": "string", "description": "Defines behaviour of using instances from standby pool to resize MIG." } }, "type": "object", "required": [ "initialDelaySec", "mode" ] }, "google-native:compute/alpha:InstanceGroupManagerStatusAllInstancesConfigResponse": { "properties": { "currentRevision": { "type": "string", "description": "Current all-instances configuration revision. This value is in RFC3339 text format." }, "effective": { "type": "boolean", "description": "A bit indicating whether this configuration has been applied to all managed instances in the group." } }, "type": "object", "required": [ "currentRevision", "effective" ] }, "google-native:compute/alpha:InstanceGroupManagerStatusResponse": { "properties": { "allInstancesConfig": { "$ref": "#/types/google-native:compute%2Falpha:InstanceGroupManagerStatusAllInstancesConfigResponse", "description": "[Output only] Status of all-instances configuration on the group." }, "autoscaler": { "type": "string", "description": "The URL of the Autoscaler that targets this instance group manager." }, "isStable": { "type": "boolean", "description": "A bit indicating whether the managed instance group is in a stable state. A stable state means that: none of the instances in the managed instance group is currently undergoing any type of change (for example, creation, restart, or deletion); no future changes are scheduled for instances in the managed instance group; and the managed instance group itself is not being modified." }, "stateful": { "$ref": "#/types/google-native:compute%2Falpha:InstanceGroupManagerStatusStatefulResponse", "description": "Stateful status of the given Instance Group Manager." }, "versionTarget": { "$ref": "#/types/google-native:compute%2Falpha:InstanceGroupManagerStatusVersionTargetResponse", "description": "A status of consistency of Instances' versions with their target version specified by version field on Instance Group Manager." } }, "type": "object", "required": [ "allInstancesConfig", "autoscaler", "isStable", "stateful", "versionTarget" ] }, "google-native:compute/alpha:InstanceGroupManagerStatusStatefulPerInstanceConfigsResponse": { "properties": { "allEffective": { "type": "boolean", "description": "A bit indicating if all of the group's per-instance configurations (listed in the output of a listPerInstanceConfigs API call) have status EFFECTIVE or there are no per-instance-configs." } }, "type": "object", "required": [ "allEffective" ] }, "google-native:compute/alpha:InstanceGroupManagerStatusStatefulResponse": { "properties": { "hasStatefulConfig": { "type": "boolean", "description": "A bit indicating whether the managed instance group has stateful configuration, that is, if you have configured any items in a stateful policy or in per-instance configs. The group might report that it has no stateful configuration even when there is still some preserved state on a managed instance, for example, if you have deleted all PICs but not yet applied those deletions." }, "isStateful": { "type": "boolean", "description": "A bit indicating whether the managed instance group has stateful configuration, that is, if you have configured any items in a stateful policy or in per-instance configs. The group might report that it has no stateful configuration even when there is still some preserved state on a managed instance, for example, if you have deleted all PICs but not yet applied those deletions. This field is deprecated in favor of has_stateful_config.", "deprecationMessage": "[Output Only] A bit indicating whether the managed instance group has stateful configuration, that is, if you have configured any items in a stateful policy or in per-instance configs. The group might report that it has no stateful configuration even when there is still some preserved state on a managed instance, for example, if you have deleted all PICs but not yet applied those deletions. This field is deprecated in favor of has_stateful_config." }, "perInstanceConfigs": { "$ref": "#/types/google-native:compute%2Falpha:InstanceGroupManagerStatusStatefulPerInstanceConfigsResponse", "description": "Status of per-instance configurations on the instance." } }, "type": "object", "required": [ "hasStatefulConfig", "isStateful", "perInstanceConfigs" ] }, "google-native:compute/alpha:InstanceGroupManagerStatusVersionTargetResponse": { "properties": { "isReached": { "type": "boolean", "description": "A bit indicating whether version target has been reached in this managed instance group, i.e. all instances are in their target version. Instances' target version are specified by version field on Instance Group Manager." } }, "type": "object", "required": [ "isReached" ] }, "google-native:compute/alpha:InstanceGroupManagerTargetSizeUnit": { "description": "The unit of measure for the target size.", "type": "string", "enum": [ { "name": "Instance", "description": "[Default] TargetSize is the target number of instances.", "value": "INSTANCE" }, { "name": "Vcpu", "description": "TargetSize is the target count of vCPUs of VMs.", "value": "VCPU" } ] }, "google-native:compute/alpha:InstanceGroupManagerUpdatePolicy": { "properties": { "instanceRedistributionType": { "$ref": "#/types/google-native:compute%2Falpha:InstanceGroupManagerUpdatePolicyInstanceRedistributionType", "description": "The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled. " }, "maxSurge": { "$ref": "#/types/google-native:compute%2Falpha:FixedOrPercent", "description": "The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge." }, "maxUnavailable": { "$ref": "#/types/google-native:compute%2Falpha:FixedOrPercent", "description": "The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable." }, "minReadySec": { "type": "integer", "description": "Minimum number of seconds to wait for after a newly created instance becomes available. This value must be from range [0, 3600]." }, "minimalAction": { "$ref": "#/types/google-native:compute%2Falpha:InstanceGroupManagerUpdatePolicyMinimalAction", "description": "Minimal action to be taken on an instance. Use this option to minimize disruption as much as possible or to apply a more disruptive action than is necessary. - To limit disruption as much as possible, set the minimal action to REFRESH. If your update requires a more disruptive action, Compute Engine performs the necessary action to execute the update. - To apply a more disruptive action than is strictly necessary, set the minimal action to RESTART or REPLACE. For example, Compute Engine does not need to restart a VM to change its metadata. But if your application reads instance metadata only when a VM is restarted, you can set the minimal action to RESTART in order to pick up metadata changes. " }, "mostDisruptiveAllowedAction": { "$ref": "#/types/google-native:compute%2Falpha:InstanceGroupManagerUpdatePolicyMostDisruptiveAllowedAction", "description": "Most disruptive action that is allowed to be taken on an instance. You can specify either NONE to forbid any actions, REFRESH to avoid restarting the VM and to limit disruption as much as possible. RESTART to allow actions that can be applied without instance replacing or REPLACE to allow all possible actions. If the Updater determines that the minimal update action needed is more disruptive than most disruptive allowed action you specify it will not perform the update at all." }, "replacementMethod": { "$ref": "#/types/google-native:compute%2Falpha:InstanceGroupManagerUpdatePolicyReplacementMethod", "description": "What action should be used to replace instances. See minimal_action.REPLACE" }, "type": { "$ref": "#/types/google-native:compute%2Falpha:InstanceGroupManagerUpdatePolicyType", "description": "The type of update process. You can specify either PROACTIVE so that the MIG automatically updates VMs to the latest configurations or OPPORTUNISTIC so that you can select the VMs that you want to update." } }, "type": "object" }, "google-native:compute/alpha:InstanceGroupManagerUpdatePolicyInstanceRedistributionType": { "description": "The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled. ", "type": "string", "enum": [ { "name": "None", "description": "No action is being proactively performed in order to bring this IGM to its target instance distribution.", "value": "NONE" }, { "name": "Proactive", "description": "This IGM will actively converge to its target instance distribution.", "value": "PROACTIVE" } ] }, "google-native:compute/alpha:InstanceGroupManagerUpdatePolicyMinimalAction": { "description": "Minimal action to be taken on an instance. Use this option to minimize disruption as much as possible or to apply a more disruptive action than is necessary. - To limit disruption as much as possible, set the minimal action to REFRESH. If your update requires a more disruptive action, Compute Engine performs the necessary action to execute the update. - To apply a more disruptive action than is strictly necessary, set the minimal action to RESTART or REPLACE. For example, Compute Engine does not need to restart a VM to change its metadata. But if your application reads instance metadata only when a VM is restarted, you can set the minimal action to RESTART in order to pick up metadata changes. ", "type": "string", "enum": [ { "name": "None", "description": "Do not perform any action.", "value": "NONE" }, { "name": "Refresh", "description": "Do not stop the instance.", "value": "REFRESH" }, { "name": "Replace", "description": "(Default.) Replace the instance according to the replacement method option.", "value": "REPLACE" }, { "name": "Restart", "description": "Stop the instance and start it again.", "value": "RESTART" } ] }, "google-native:compute/alpha:InstanceGroupManagerUpdatePolicyMostDisruptiveAllowedAction": { "description": "Most disruptive action that is allowed to be taken on an instance. You can specify either NONE to forbid any actions, REFRESH to avoid restarting the VM and to limit disruption as much as possible. RESTART to allow actions that can be applied without instance replacing or REPLACE to allow all possible actions. If the Updater determines that the minimal update action needed is more disruptive than most disruptive allowed action you specify it will not perform the update at all.", "type": "string", "enum": [ { "name": "None", "description": "Do not perform any action.", "value": "NONE" }, { "name": "Refresh", "description": "Do not stop the instance.", "value": "REFRESH" }, { "name": "Replace", "description": "(Default.) Replace the instance according to the replacement method option.", "value": "REPLACE" }, { "name": "Restart", "description": "Stop the instance and start it again.", "value": "RESTART" } ] }, "google-native:compute/alpha:InstanceGroupManagerUpdatePolicyReplacementMethod": { "description": "What action should be used to replace instances. See minimal_action.REPLACE", "type": "string", "enum": [ { "name": "Recreate", "description": "Instances will be recreated (with the same name)", "value": "RECREATE" }, { "name": "Substitute", "description": "Default option: instances will be deleted and created (with a new name)", "value": "SUBSTITUTE" } ] }, "google-native:compute/alpha:InstanceGroupManagerUpdatePolicyResponse": { "properties": { "instanceRedistributionType": { "type": "string", "description": "The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled. " }, "maxSurge": { "$ref": "#/types/google-native:compute%2Falpha:FixedOrPercentResponse", "description": "The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge." }, "maxUnavailable": { "$ref": "#/types/google-native:compute%2Falpha:FixedOrPercentResponse", "description": "The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable." }, "minReadySec": { "type": "integer", "description": "Minimum number of seconds to wait for after a newly created instance becomes available. This value must be from range [0, 3600]." }, "minimalAction": { "type": "string", "description": "Minimal action to be taken on an instance. Use this option to minimize disruption as much as possible or to apply a more disruptive action than is necessary. - To limit disruption as much as possible, set the minimal action to REFRESH. If your update requires a more disruptive action, Compute Engine performs the necessary action to execute the update. - To apply a more disruptive action than is strictly necessary, set the minimal action to RESTART or REPLACE. For example, Compute Engine does not need to restart a VM to change its metadata. But if your application reads instance metadata only when a VM is restarted, you can set the minimal action to RESTART in order to pick up metadata changes. " }, "mostDisruptiveAllowedAction": { "type": "string", "description": "Most disruptive action that is allowed to be taken on an instance. You can specify either NONE to forbid any actions, REFRESH to avoid restarting the VM and to limit disruption as much as possible. RESTART to allow actions that can be applied without instance replacing or REPLACE to allow all possible actions. If the Updater determines that the minimal update action needed is more disruptive than most disruptive allowed action you specify it will not perform the update at all." }, "replacementMethod": { "type": "string", "description": "What action should be used to replace instances. See minimal_action.REPLACE" }, "type": { "type": "string", "description": "The type of update process. You can specify either PROACTIVE so that the MIG automatically updates VMs to the latest configurations or OPPORTUNISTIC so that you can select the VMs that you want to update." } }, "type": "object", "required": [ "instanceRedistributionType", "maxSurge", "maxUnavailable", "minReadySec", "minimalAction", "mostDisruptiveAllowedAction", "replacementMethod", "type" ] }, "google-native:compute/alpha:InstanceGroupManagerUpdatePolicyType": { "description": "The type of update process. You can specify either PROACTIVE so that the MIG automatically updates VMs to the latest configurations or OPPORTUNISTIC so that you can select the VMs that you want to update.", "type": "string", "enum": [ { "name": "Opportunistic", "description": "MIG will apply new configurations to existing VMs only when you selectively target specific or all VMs to be updated.", "value": "OPPORTUNISTIC" }, { "name": "Proactive", "description": "MIG will automatically apply new configurations to all or a subset of existing VMs and also to new VMs that are added to the group.", "value": "PROACTIVE" } ] }, "google-native:compute/alpha:InstanceGroupManagerVersion": { "properties": { "instanceTemplate": { "type": "string", "description": "The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached." }, "name": { "type": "string", "description": "Name of the version. Unique among all versions in the scope of this managed instance group." }, "tag": { "type": "string", "description": "Tag describing the version. Used to trigger rollout of a target version even if instance_template remains unchanged. Deprecated in favor of 'name'.", "deprecationMessage": "Tag describing the version. Used to trigger rollout of a target version even if instance_template remains unchanged. Deprecated in favor of 'name'." }, "targetSize": { "$ref": "#/types/google-native:compute%2Falpha:FixedOrPercent", "description": "Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information." } }, "type": "object" }, "google-native:compute/alpha:InstanceGroupManagerVersionResponse": { "properties": { "instanceTemplate": { "type": "string", "description": "The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached." }, "name": { "type": "string", "description": "Name of the version. Unique among all versions in the scope of this managed instance group." }, "tag": { "type": "string", "description": "Tag describing the version. Used to trigger rollout of a target version even if instance_template remains unchanged. Deprecated in favor of 'name'.", "deprecationMessage": "Tag describing the version. Used to trigger rollout of a target version even if instance_template remains unchanged. Deprecated in favor of 'name'." }, "targetSize": { "$ref": "#/types/google-native:compute%2Falpha:FixedOrPercentResponse", "description": "Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information." } }, "type": "object", "required": [ "instanceTemplate", "name", "tag", "targetSize" ] }, "google-native:compute/alpha:InstanceKeyRevocationActionType": { "description": "KeyRevocationActionType of the instance. Supported options are \"STOP\" and \"NONE\". The default value is \"NONE\" if it is not specified.", "type": "string", "enum": [ { "name": "KeyRevocationActionTypeUnspecified", "description": "Default value. This value is unused.", "value": "KEY_REVOCATION_ACTION_TYPE_UNSPECIFIED" }, { "name": "None", "description": "Indicates user chose no operation.", "value": "NONE" }, { "name": "Stop", "description": "Indicates user chose to opt for VM shutdown on key revocation.", "value": "STOP" } ] }, "google-native:compute/alpha:InstanceParams": { "description": "Additional instance params.", "properties": { "resourceManagerTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource manager tags to be bound to the instance. Tag keys and values have the same definition as resource manager tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values are in the format `tagValues/456`. The field is ignored (both PUT & PATCH) when empty." } }, "type": "object" }, "google-native:compute/alpha:InstanceParamsResponse": { "description": "Additional instance params.", "properties": { "resourceManagerTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource manager tags to be bound to the instance. Tag keys and values have the same definition as resource manager tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values are in the format `tagValues/456`. The field is ignored (both PUT & PATCH) when empty." } }, "type": "object", "required": [ "resourceManagerTags" ] }, "google-native:compute/alpha:InstancePostKeyRevocationActionType": { "description": "PostKeyRevocationActionType of the instance.", "type": "string", "enum": [ { "name": "Noop", "description": "Indicates user chose no operation.", "value": "NOOP" }, { "name": "PostKeyRevocationActionTypeUnspecified", "description": "Default value. This value is unused.", "value": "POST_KEY_REVOCATION_ACTION_TYPE_UNSPECIFIED" }, { "name": "Shutdown", "description": "Indicates user chose to opt for VM shutdown on key revocation.", "value": "SHUTDOWN" } ] }, "google-native:compute/alpha:InstancePrivateIpv6GoogleAccess": { "description": "The private IPv6 google access type for the VM. If not specified, use INHERIT_FROM_SUBNETWORK as default.", "type": "string", "enum": [ { "name": "EnableBidirectionalAccessToGoogle", "description": "Bidirectional private IPv6 access to/from Google services. If specified, the subnetwork who is attached to the instance's default network interface will be assigned an internal IPv6 prefix if it doesn't have before.", "value": "ENABLE_BIDIRECTIONAL_ACCESS_TO_GOOGLE" }, { "name": "EnableOutboundVmAccessToGoogle", "description": "Outbound private IPv6 access from VMs in this subnet to Google services. If specified, the subnetwork who is attached to the instance's default network interface will be assigned an internal IPv6 prefix if it doesn't have before.", "value": "ENABLE_OUTBOUND_VM_ACCESS_TO_GOOGLE" }, { "name": "InheritFromSubnetwork", "description": "Each network interface inherits PrivateIpv6GoogleAccess from its subnetwork.", "value": "INHERIT_FROM_SUBNETWORK" } ] }, "google-native:compute/alpha:InstanceProperties": { "properties": { "advancedMachineFeatures": { "$ref": "#/types/google-native:compute%2Falpha:AdvancedMachineFeatures", "description": "Controls for advanced machine-related behavior features. Note that for MachineImage, this is not supported yet." }, "canIpForward": { "type": "boolean", "description": "Enables instances created based on these properties to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information." }, "confidentialInstanceConfig": { "$ref": "#/types/google-native:compute%2Falpha:ConfidentialInstanceConfig", "description": "Specifies the Confidential Instance options. Note that for MachineImage, this is not supported yet." }, "description": { "type": "string", "description": "An optional text description for the instances that are created from these properties." }, "disks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:AttachedDisk" }, "description": "An array of disks that are associated with the instances that are created from these properties." }, "displayDevice": { "$ref": "#/types/google-native:compute%2Falpha:DisplayDevice", "description": "Display Device properties to enable support for remote display products like: Teradici, VNC and TeamViewer Note that for MachineImage, this is not supported yet." }, "guestAccelerators": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:AcceleratorConfig" }, "description": "A list of guest accelerator cards' type and count to use for instances created from these properties." }, "keyRevocationActionType": { "$ref": "#/types/google-native:compute%2Falpha:InstancePropertiesKeyRevocationActionType", "description": "KeyRevocationActionType of the instance. Supported options are \"STOP\" and \"NONE\". The default value is \"NONE\" if it is not specified." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels to apply to instances that are created from these properties." }, "machineType": { "type": "string", "description": "The machine type to use for instances that are created from these properties." }, "metadata": { "$ref": "#/types/google-native:compute%2Falpha:Metadata", "description": "The metadata key/value pairs to assign to instances that are created from these properties. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information." }, "minCpuPlatform": { "type": "string", "description": "Minimum cpu/platform to be used by instances. The instance may be scheduled on the specified or newer cpu/platform. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: \"Intel Haswell\" or minCpuPlatform: \"Intel Sandy Bridge\". For more information, read Specifying a Minimum CPU Platform." }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:NetworkInterface" }, "description": "An array of network access configurations for this interface." }, "networkPerformanceConfig": { "$ref": "#/types/google-native:compute%2Falpha:NetworkPerformanceConfig", "description": "Note that for MachineImage, this is not supported yet." }, "partnerMetadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Partner Metadata assigned to the instance properties. A map from a subdomain (namespace) to entries map." }, "postKeyRevocationActionType": { "$ref": "#/types/google-native:compute%2Falpha:InstancePropertiesPostKeyRevocationActionType", "description": "PostKeyRevocationActionType of the instance." }, "privateIpv6GoogleAccess": { "$ref": "#/types/google-native:compute%2Falpha:InstancePropertiesPrivateIpv6GoogleAccess", "description": "The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default. Note that for MachineImage, this is not supported yet." }, "reservationAffinity": { "$ref": "#/types/google-native:compute%2Falpha:ReservationAffinity", "description": "Specifies the reservations that instances can consume from. Note that for MachineImage, this is not supported yet." }, "resourceManagerTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource manager tags to be bound to the instance. Tag keys and values have the same definition as resource manager tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values are in the format `tagValues/456`. The field is ignored (both PUT & PATCH) when empty." }, "resourcePolicies": { "type": "array", "items": { "type": "string" }, "description": "Resource policies (names, not URLs) applied to instances created from these properties. Note that for MachineImage, this is not supported yet." }, "scheduling": { "$ref": "#/types/google-native:compute%2Falpha:Scheduling", "description": "Specifies the scheduling options for the instances that are created from these properties." }, "secureTags": { "type": "array", "items": { "type": "string" }, "description": "[Input Only] Secure tags to apply to this instance. Maximum number of secure tags allowed is 50. Note that for MachineImage, this is not supported yet." }, "serviceAccounts": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:ServiceAccount" }, "description": "A list of service accounts with specified scopes. Access tokens for these service accounts are available to the instances that are created from these properties. Use metadata queries to obtain the access tokens for these instances." }, "serviceIntegrationSpecs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Mapping of user defined keys to ServiceIntegrationSpec." }, "shieldedInstanceConfig": { "$ref": "#/types/google-native:compute%2Falpha:ShieldedInstanceConfig", "description": "Note that for MachineImage, this is not supported yet." }, "shieldedVmConfig": { "$ref": "#/types/google-native:compute%2Falpha:ShieldedVmConfig", "description": "Specifies the Shielded VM options for the instances that are created from these properties." }, "tags": { "$ref": "#/types/google-native:compute%2Falpha:Tags", "description": "A list of tags to apply to the instances that are created from these properties. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035." } }, "type": "object" }, "google-native:compute/alpha:InstancePropertiesKeyRevocationActionType": { "description": "KeyRevocationActionType of the instance. Supported options are \"STOP\" and \"NONE\". The default value is \"NONE\" if it is not specified.", "type": "string", "enum": [ { "name": "KeyRevocationActionTypeUnspecified", "description": "Default value. This value is unused.", "value": "KEY_REVOCATION_ACTION_TYPE_UNSPECIFIED" }, { "name": "None", "description": "Indicates user chose no operation.", "value": "NONE" }, { "name": "Stop", "description": "Indicates user chose to opt for VM shutdown on key revocation.", "value": "STOP" } ] }, "google-native:compute/alpha:InstancePropertiesPatch": { "description": "Represents the change that you want to make to the instance properties.", "properties": { "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The label key-value pairs that you want to patch onto the instance." }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The metadata key-value pairs that you want to patch onto the instance. For more information, see Project and instance metadata." } }, "type": "object" }, "google-native:compute/alpha:InstancePropertiesPatchResponse": { "description": "Represents the change that you want to make to the instance properties.", "properties": { "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The label key-value pairs that you want to patch onto the instance." }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The metadata key-value pairs that you want to patch onto the instance. For more information, see Project and instance metadata." } }, "type": "object", "required": [ "labels", "metadata" ] }, "google-native:compute/alpha:InstancePropertiesPostKeyRevocationActionType": { "description": "PostKeyRevocationActionType of the instance.", "type": "string", "enum": [ { "name": "Noop", "description": "Indicates user chose no operation.", "value": "NOOP" }, { "name": "PostKeyRevocationActionTypeUnspecified", "description": "Default value. This value is unused.", "value": "POST_KEY_REVOCATION_ACTION_TYPE_UNSPECIFIED" }, { "name": "Shutdown", "description": "Indicates user chose to opt for VM shutdown on key revocation.", "value": "SHUTDOWN" } ] }, "google-native:compute/alpha:InstancePropertiesPrivateIpv6GoogleAccess": { "description": "The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default. Note that for MachineImage, this is not supported yet.", "type": "string", "enum": [ { "name": "EnableBidirectionalAccessToGoogle", "description": "Bidirectional private IPv6 access to/from Google services. If specified, the subnetwork who is attached to the instance's default network interface will be assigned an internal IPv6 prefix if it doesn't have before.", "value": "ENABLE_BIDIRECTIONAL_ACCESS_TO_GOOGLE" }, { "name": "EnableOutboundVmAccessToGoogle", "description": "Outbound private IPv6 access from VMs in this subnet to Google services. If specified, the subnetwork who is attached to the instance's default network interface will be assigned an internal IPv6 prefix if it doesn't have before.", "value": "ENABLE_OUTBOUND_VM_ACCESS_TO_GOOGLE" }, { "name": "InheritFromSubnetwork", "description": "Each network interface inherits PrivateIpv6GoogleAccess from its subnetwork.", "value": "INHERIT_FROM_SUBNETWORK" } ] }, "google-native:compute/alpha:InstancePropertiesResponse": { "properties": { "advancedMachineFeatures": { "$ref": "#/types/google-native:compute%2Falpha:AdvancedMachineFeaturesResponse", "description": "Controls for advanced machine-related behavior features. Note that for MachineImage, this is not supported yet." }, "canIpForward": { "type": "boolean", "description": "Enables instances created based on these properties to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information." }, "confidentialInstanceConfig": { "$ref": "#/types/google-native:compute%2Falpha:ConfidentialInstanceConfigResponse", "description": "Specifies the Confidential Instance options. Note that for MachineImage, this is not supported yet." }, "description": { "type": "string", "description": "An optional text description for the instances that are created from these properties." }, "disks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:AttachedDiskResponse" }, "description": "An array of disks that are associated with the instances that are created from these properties." }, "displayDevice": { "$ref": "#/types/google-native:compute%2Falpha:DisplayDeviceResponse", "description": "Display Device properties to enable support for remote display products like: Teradici, VNC and TeamViewer Note that for MachineImage, this is not supported yet." }, "guestAccelerators": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:AcceleratorConfigResponse" }, "description": "A list of guest accelerator cards' type and count to use for instances created from these properties." }, "keyRevocationActionType": { "type": "string", "description": "KeyRevocationActionType of the instance. Supported options are \"STOP\" and \"NONE\". The default value is \"NONE\" if it is not specified." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels to apply to instances that are created from these properties." }, "machineType": { "type": "string", "description": "The machine type to use for instances that are created from these properties." }, "metadata": { "$ref": "#/types/google-native:compute%2Falpha:MetadataResponse", "description": "The metadata key/value pairs to assign to instances that are created from these properties. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information." }, "minCpuPlatform": { "type": "string", "description": "Minimum cpu/platform to be used by instances. The instance may be scheduled on the specified or newer cpu/platform. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: \"Intel Haswell\" or minCpuPlatform: \"Intel Sandy Bridge\". For more information, read Specifying a Minimum CPU Platform." }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:NetworkInterfaceResponse" }, "description": "An array of network access configurations for this interface." }, "networkPerformanceConfig": { "$ref": "#/types/google-native:compute%2Falpha:NetworkPerformanceConfigResponse", "description": "Note that for MachineImage, this is not supported yet." }, "partnerMetadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Partner Metadata assigned to the instance properties. A map from a subdomain (namespace) to entries map." }, "postKeyRevocationActionType": { "type": "string", "description": "PostKeyRevocationActionType of the instance." }, "privateIpv6GoogleAccess": { "type": "string", "description": "The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default. Note that for MachineImage, this is not supported yet." }, "reservationAffinity": { "$ref": "#/types/google-native:compute%2Falpha:ReservationAffinityResponse", "description": "Specifies the reservations that instances can consume from. Note that for MachineImage, this is not supported yet." }, "resourceManagerTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource manager tags to be bound to the instance. Tag keys and values have the same definition as resource manager tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values are in the format `tagValues/456`. The field is ignored (both PUT & PATCH) when empty." }, "resourcePolicies": { "type": "array", "items": { "type": "string" }, "description": "Resource policies (names, not URLs) applied to instances created from these properties. Note that for MachineImage, this is not supported yet." }, "scheduling": { "$ref": "#/types/google-native:compute%2Falpha:SchedulingResponse", "description": "Specifies the scheduling options for the instances that are created from these properties." }, "secureTags": { "type": "array", "items": { "type": "string" }, "description": "[Input Only] Secure tags to apply to this instance. Maximum number of secure tags allowed is 50. Note that for MachineImage, this is not supported yet." }, "serviceAccounts": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:ServiceAccountResponse" }, "description": "A list of service accounts with specified scopes. Access tokens for these service accounts are available to the instances that are created from these properties. Use metadata queries to obtain the access tokens for these instances." }, "serviceIntegrationSpecs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Mapping of user defined keys to ServiceIntegrationSpec." }, "shieldedInstanceConfig": { "$ref": "#/types/google-native:compute%2Falpha:ShieldedInstanceConfigResponse", "description": "Note that for MachineImage, this is not supported yet." }, "shieldedVmConfig": { "$ref": "#/types/google-native:compute%2Falpha:ShieldedVmConfigResponse", "description": "Specifies the Shielded VM options for the instances that are created from these properties." }, "tags": { "$ref": "#/types/google-native:compute%2Falpha:TagsResponse", "description": "A list of tags to apply to the instances that are created from these properties. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035." } }, "type": "object", "required": [ "advancedMachineFeatures", "canIpForward", "confidentialInstanceConfig", "description", "disks", "displayDevice", "guestAccelerators", "keyRevocationActionType", "labels", "machineType", "metadata", "minCpuPlatform", "networkInterfaces", "networkPerformanceConfig", "partnerMetadata", "postKeyRevocationActionType", "privateIpv6GoogleAccess", "reservationAffinity", "resourceManagerTags", "resourcePolicies", "scheduling", "secureTags", "serviceAccounts", "serviceIntegrationSpecs", "shieldedInstanceConfig", "shieldedVmConfig", "tags" ] }, "google-native:compute/alpha:InstantSnapshotResourceStatusResponse": { "properties": { "storageSizeBytes": { "type": "string", "description": "The storage size of this instant snapshot." } }, "type": "object", "required": [ "storageSizeBytes" ] }, "google-native:compute/alpha:Int64RangeMatch": { "description": "HttpRouteRuleMatch criteria for field values that must stay within the specified integer range.", "properties": { "rangeEnd": { "type": "string", "description": "The end of the range (exclusive) in signed long integer format." }, "rangeStart": { "type": "string", "description": "The start of the range (inclusive) in signed long integer format." } }, "type": "object" }, "google-native:compute/alpha:Int64RangeMatchResponse": { "description": "HttpRouteRuleMatch criteria for field values that must stay within the specified integer range.", "properties": { "rangeEnd": { "type": "string", "description": "The end of the range (exclusive) in signed long integer format." }, "rangeStart": { "type": "string", "description": "The start of the range (inclusive) in signed long integer format." } }, "type": "object", "required": [ "rangeEnd", "rangeStart" ] }, "google-native:compute/alpha:InterconnectAttachmentBandwidth": { "description": "Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values: - BPS_50M: 50 Mbit/s - BPS_100M: 100 Mbit/s - BPS_200M: 200 Mbit/s - BPS_300M: 300 Mbit/s - BPS_400M: 400 Mbit/s - BPS_500M: 500 Mbit/s - BPS_1G: 1 Gbit/s - BPS_2G: 2 Gbit/s - BPS_5G: 5 Gbit/s - BPS_10G: 10 Gbit/s - BPS_20G: 20 Gbit/s - BPS_50G: 50 Gbit/s ", "type": "string", "enum": [ { "name": "Bps100m", "description": "100 Mbit/s", "value": "BPS_100M" }, { "name": "Bps10g", "description": "10 Gbit/s", "value": "BPS_10G" }, { "name": "Bps1g", "description": "1 Gbit/s", "value": "BPS_1G" }, { "name": "Bps200m", "description": "200 Mbit/s", "value": "BPS_200M" }, { "name": "Bps20g", "description": "20 Gbit/s", "value": "BPS_20G" }, { "name": "Bps2g", "description": "2 Gbit/s", "value": "BPS_2G" }, { "name": "Bps300m", "description": "300 Mbit/s", "value": "BPS_300M" }, { "name": "Bps400m", "description": "400 Mbit/s", "value": "BPS_400M" }, { "name": "Bps500m", "description": "500 Mbit/s", "value": "BPS_500M" }, { "name": "Bps50g", "description": "50 Gbit/s", "value": "BPS_50G" }, { "name": "Bps50m", "description": "50 Mbit/s", "value": "BPS_50M" }, { "name": "Bps5g", "description": "5 Gbit/s", "value": "BPS_5G" } ] }, "google-native:compute/alpha:InterconnectAttachmentConfigurationConstraintsBgpPeerASNRangeResponse": { "properties": { "max": { "type": "integer" }, "min": { "type": "integer" } }, "type": "object", "required": [ "max", "min" ] }, "google-native:compute/alpha:InterconnectAttachmentConfigurationConstraintsResponse": { "properties": { "bgpMd5": { "type": "string", "description": "Whether the attachment's BGP session requires/allows/disallows BGP MD5 authentication. This can take one of the following values: MD5_OPTIONAL, MD5_REQUIRED, MD5_UNSUPPORTED. For example, a Cross-Cloud Interconnect connection to a remote cloud provider that requires BGP MD5 authentication has the interconnectRemoteLocation attachment_configuration_constraints.bgp_md5 field set to MD5_REQUIRED, and that property is propagated to the attachment. Similarly, if BGP MD5 is MD5_UNSUPPORTED, an error is returned if MD5 is requested." }, "bgpPeerAsnRanges": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:InterconnectAttachmentConfigurationConstraintsBgpPeerASNRangeResponse" }, "description": "List of ASN ranges that the remote location is known to support. Formatted as an array of inclusive ranges {min: min-value, max: max-value}. For example, [{min: 123, max: 123}, {min: 64512, max: 65534}] allows the peer ASN to be 123 or anything in the range 64512-65534. This field is only advisory. Although the API accepts other ranges, these are the ranges that we recommend." } }, "type": "object", "required": [ "bgpMd5", "bgpPeerAsnRanges" ] }, "google-native:compute/alpha:InterconnectAttachmentEdgeAvailabilityDomain": { "description": "Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values: - AVAILABILITY_DOMAIN_ANY - AVAILABILITY_DOMAIN_1 - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.", "type": "string", "enum": [ { "name": "AvailabilityDomain1", "value": "AVAILABILITY_DOMAIN_1" }, { "name": "AvailabilityDomain2", "value": "AVAILABILITY_DOMAIN_2" }, { "name": "AvailabilityDomainAny", "value": "AVAILABILITY_DOMAIN_ANY" } ] }, "google-native:compute/alpha:InterconnectAttachmentEncryption": { "description": "Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are: - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment. - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use *HA VPN over Cloud Interconnect*, the VLAN attachment must be created with this option. ", "type": "string", "enum": [ { "name": "Ipsec", "description": "The interconnect attachment will carry only encrypted traffic that is encrypted by an IPsec device such as HA VPN gateway; VMs cannot directly send traffic to or receive traffic from such an interconnect attachment. To use HA VPN over Cloud Interconnect, the interconnect attachment must be created with this option.", "value": "IPSEC" }, { "name": "None", "description": "This is the default value, which means the Interconnect Attachment will carry unencrypted traffic. VMs will be able to send traffic to or receive traffic from such interconnect attachment.", "value": "NONE" } ] }, "google-native:compute/alpha:InterconnectAttachmentPartnerMetadata": { "description": "Informational metadata about Partner attachments from Partners to display to customers. These fields are propagated from PARTNER_PROVIDER attachments to their corresponding PARTNER attachments.", "properties": { "interconnectName": { "type": "string", "description": "Plain text name of the Interconnect this attachment is connected to, as displayed in the Partner's portal. For instance \"Chicago 1\". This value may be validated to match approved Partner values." }, "partnerName": { "type": "string", "description": "Plain text name of the Partner providing this attachment. This value may be validated to match approved Partner values." }, "portalUrl": { "type": "string", "description": "URL of the Partner's portal for this Attachment. Partners may customise this to be a deep link to the specific resource on the Partner portal. This value may be validated to match approved Partner values." } }, "type": "object" }, "google-native:compute/alpha:InterconnectAttachmentPartnerMetadataResponse": { "description": "Informational metadata about Partner attachments from Partners to display to customers. These fields are propagated from PARTNER_PROVIDER attachments to their corresponding PARTNER attachments.", "properties": { "interconnectName": { "type": "string", "description": "Plain text name of the Interconnect this attachment is connected to, as displayed in the Partner's portal. For instance \"Chicago 1\". This value may be validated to match approved Partner values." }, "partnerName": { "type": "string", "description": "Plain text name of the Partner providing this attachment. This value may be validated to match approved Partner values." }, "portalUrl": { "type": "string", "description": "URL of the Partner's portal for this Attachment. Partners may customise this to be a deep link to the specific resource on the Partner portal. This value may be validated to match approved Partner values." } }, "type": "object", "required": [ "interconnectName", "partnerName", "portalUrl" ] }, "google-native:compute/alpha:InterconnectAttachmentPrivateInfoResponse": { "description": "Information for an interconnect attachment when this belongs to an interconnect of type DEDICATED.", "properties": { "tag8021q": { "type": "integer", "description": "802.1q encapsulation tag to be used for traffic between Google and the customer, going to and from this network and region." } }, "type": "object", "required": [ "tag8021q" ] }, "google-native:compute/alpha:InterconnectAttachmentStackType": { "description": "The stack type for this interconnect attachment to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at interconnect attachments creation and update interconnect attachment operations.", "type": "string", "enum": [ { "name": "Ipv4Ipv6", "description": "The interconnect attachment can have both IPv4 and IPv6 addresses.", "value": "IPV4_IPV6" }, { "name": "Ipv4Only", "description": "The interconnect attachment will only be assigned IPv4 addresses.", "value": "IPV4_ONLY" } ] }, "google-native:compute/alpha:InterconnectAttachmentType": { "description": "The type of interconnect attachment this is, which can take one of the following values: - DEDICATED: an attachment to a Dedicated Interconnect. - PARTNER: an attachment to a Partner Interconnect, created by the customer. - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner. ", "type": "string", "enum": [ { "name": "Dedicated", "description": "Attachment to a dedicated interconnect.", "value": "DEDICATED" }, { "name": "Partner", "description": "Attachment to a partner interconnect, created by the customer.", "value": "PARTNER" }, { "name": "PartnerProvider", "description": "Attachment to a partner interconnect, created by the partner.", "value": "PARTNER_PROVIDER" } ] }, "google-native:compute/alpha:InterconnectCircuitInfoResponse": { "description": "Describes a single physical circuit between the Customer and Google. CircuitInfo objects are created by Google, so all fields are output only.", "properties": { "customerDemarcId": { "type": "string", "description": "Customer-side demarc ID for this circuit." }, "googleCircuitId": { "type": "string", "description": "Google-assigned unique ID for this circuit. Assigned at circuit turn-up." }, "googleDemarcId": { "type": "string", "description": "Google-side demarc ID for this circuit. Assigned at circuit turn-up and provided by Google to the customer in the LOA." } }, "type": "object", "required": [ "customerDemarcId", "googleCircuitId", "googleDemarcId" ] }, "google-native:compute/alpha:InterconnectInterconnectType": { "description": "Type of interconnect, which can take one of the following values: - PARTNER: A partner-managed interconnection shared between customers though a partner. - DEDICATED: A dedicated physical interconnection with the customer. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED.", "type": "string", "enum": [ { "name": "Dedicated", "description": "A dedicated physical interconnection with the customer.", "value": "DEDICATED" }, { "name": "ItPrivate", "description": "[Deprecated] A private, physical interconnection with the customer.", "value": "IT_PRIVATE" }, { "name": "Partner", "description": "A partner-managed interconnection shared between customers via partner.", "value": "PARTNER" } ] }, "google-native:compute/alpha:InterconnectLinkType": { "description": "Type of link requested, which can take one of the following values: - LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics - LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. Note that this field indicates the speed of each of the links in the bundle, not the speed of the entire bundle.", "type": "string", "enum": [ { "name": "LinkTypeEthernet100gLr", "description": "100G Ethernet, LR Optics.", "value": "LINK_TYPE_ETHERNET_100G_LR" }, { "name": "LinkTypeEthernet10gLr", "description": "10G Ethernet, LR Optics. [(rate_bps) = 10000000000];", "value": "LINK_TYPE_ETHERNET_10G_LR" } ] }, "google-native:compute/alpha:InterconnectMacsec": { "description": "Configuration information for enabling Media Access Control security (MACsec) on this Cloud Interconnect connection between Google and your on-premises router.", "properties": { "failOpen": { "type": "boolean", "description": "If set to true, the Interconnect connection is configured with a should-secure MACsec security policy, that allows the Google router to fallback to cleartext traffic if the MKA session cannot be established. By default, the Interconnect connection is configured with a must-secure security policy that drops all traffic if the MKA session cannot be established with your router." }, "preSharedKeys": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:InterconnectMacsecPreSharedKey" }, "description": "A keychain placeholder describing a set of named key objects along with their start times. A MACsec CKN/CAK is generated for each key in the key chain. Google router automatically picks the key with the most recent startTime when establishing or re-establishing a MACsec secure link." } }, "type": "object", "required": [ "preSharedKeys" ] }, "google-native:compute/alpha:InterconnectMacsecPreSharedKey": { "description": "Describes a pre-shared key used to setup MACsec in static connectivity association key (CAK) mode.", "properties": { "name": { "type": "string", "description": "A name for this pre-shared key. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "startTime": { "type": "string", "description": "A RFC3339 timestamp on or after which the key is valid. startTime can be in the future. If the keychain has a single key, startTime can be omitted. If the keychain has multiple keys, startTime is mandatory for each key. The start times of keys must be in increasing order. The start times of two consecutive keys must be at least 6 hours apart." } }, "type": "object", "required": [ "name" ] }, "google-native:compute/alpha:InterconnectMacsecPreSharedKeyResponse": { "description": "Describes a pre-shared key used to setup MACsec in static connectivity association key (CAK) mode.", "properties": { "name": { "type": "string", "description": "A name for this pre-shared key. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "startTime": { "type": "string", "description": "A RFC3339 timestamp on or after which the key is valid. startTime can be in the future. If the keychain has a single key, startTime can be omitted. If the keychain has multiple keys, startTime is mandatory for each key. The start times of keys must be in increasing order. The start times of two consecutive keys must be at least 6 hours apart." } }, "type": "object", "required": [ "name", "startTime" ] }, "google-native:compute/alpha:InterconnectMacsecResponse": { "description": "Configuration information for enabling Media Access Control security (MACsec) on this Cloud Interconnect connection between Google and your on-premises router.", "properties": { "failOpen": { "type": "boolean", "description": "If set to true, the Interconnect connection is configured with a should-secure MACsec security policy, that allows the Google router to fallback to cleartext traffic if the MKA session cannot be established. By default, the Interconnect connection is configured with a must-secure security policy that drops all traffic if the MKA session cannot be established with your router." }, "preSharedKeys": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:InterconnectMacsecPreSharedKeyResponse" }, "description": "A keychain placeholder describing a set of named key objects along with their start times. A MACsec CKN/CAK is generated for each key in the key chain. Google router automatically picks the key with the most recent startTime when establishing or re-establishing a MACsec secure link." } }, "type": "object", "required": [ "failOpen", "preSharedKeys" ] }, "google-native:compute/alpha:InterconnectOutageNotificationResponse": { "description": "Description of a planned outage on this Interconnect.", "properties": { "affectedCircuits": { "type": "array", "items": { "type": "string" }, "description": "If issue_type is IT_PARTIAL_OUTAGE, a list of the Google-side circuit IDs that will be affected." }, "description": { "type": "string", "description": "A description about the purpose of the outage." }, "endTime": { "type": "string", "description": "Scheduled end time for the outage (milliseconds since Unix epoch)." }, "issueType": { "type": "string", "description": "Form this outage is expected to take, which can take one of the following values: - OUTAGE: The Interconnect may be completely out of service for some or all of the specified window. - PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain up, but with reduced bandwidth. Note that the versions of this enum prefixed with \"IT_\" have been deprecated in favor of the unprefixed values." }, "name": { "type": "string", "description": "Unique identifier for this outage notification." }, "source": { "type": "string", "description": "The party that generated this notification, which can take the following value: - GOOGLE: this notification as generated by Google. Note that the value of NSRC_GOOGLE has been deprecated in favor of GOOGLE." }, "startTime": { "type": "string", "description": "Scheduled start time for the outage (milliseconds since Unix epoch)." }, "state": { "type": "string", "description": "State of this notification, which can take one of the following values: - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. - COMPLETED: The outage associated with this notification is complete. Note that the versions of this enum prefixed with \"NS_\" have been deprecated in favor of the unprefixed values." } }, "type": "object", "required": [ "affectedCircuits", "description", "endTime", "issueType", "name", "source", "startTime", "state" ] }, "google-native:compute/alpha:InterconnectRequestedFeaturesItem": { "type": "string", "enum": [ { "name": "IfMacsec", "description": "Media Access Control security (MACsec)", "value": "IF_MACSEC" } ] }, "google-native:compute/alpha:Jwt": { "description": "[Deprecated] JWT configuration for origin authentication. JWT configuration for origin authentication.", "properties": { "audiences": { "type": "array", "items": { "type": "string" }, "description": "A JWT containing any of these audiences will be accepted. The service name will be accepted if audiences is empty. Examples: bookstore_android.apps.googleusercontent.com, bookstore_web.apps.googleusercontent.com" }, "issuer": { "type": "string", "description": "Identifies the issuer that issued the JWT, which is usually a URL or an email address. Examples: https://securetoken.google.com, 1234567-compute@developer.gserviceaccount.com" }, "jwksPublicKeys": { "type": "string", "description": "The provider's public key set to validate the signature of the JWT." }, "jwtHeaders": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:JwtHeader" }, "description": "jwt_headers and jwt_params define where to extract the JWT from an HTTP request. If no explicit location is specified, the following default locations are tried in order: 1. The Authorization header using the Bearer schema. See `here `_. Example: Authorization: Bearer . 2. `access_token` query parameter. See `this `_ Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations its issuer specified or from the default locations. This field is set if JWT is sent in a request header. This field specifies the header name. For example, if `header=x-goog-iap-jwt-assertion`, the header format will be x-goog-iap-jwt-assertion: ." }, "jwtParams": { "type": "array", "items": { "type": "string" }, "description": "This field is set if JWT is sent in a query parameter. This field specifies the query parameter name. For example, if jwt_params[0] is jwt_token, the JWT format in the query parameter is /path?jwt_token=." } }, "type": "object" }, "google-native:compute/alpha:JwtHeader": { "description": "[Deprecated] This message specifies a header location to extract JWT token. This message specifies a header location to extract JWT token.", "properties": { "name": { "type": "string", "description": "The HTTP header name." }, "valuePrefix": { "type": "string", "description": "The value prefix. The value format is \"value_prefix\" For example, for \"Authorization: Bearer \", value_prefix=\"Bearer \" with a space at the end." } }, "type": "object" }, "google-native:compute/alpha:JwtHeaderResponse": { "description": "[Deprecated] This message specifies a header location to extract JWT token. This message specifies a header location to extract JWT token.", "properties": { "name": { "type": "string", "description": "The HTTP header name." }, "valuePrefix": { "type": "string", "description": "The value prefix. The value format is \"value_prefix\" For example, for \"Authorization: Bearer \", value_prefix=\"Bearer \" with a space at the end." } }, "type": "object", "required": [ "name", "valuePrefix" ] }, "google-native:compute/alpha:JwtResponse": { "description": "[Deprecated] JWT configuration for origin authentication. JWT configuration for origin authentication.", "properties": { "audiences": { "type": "array", "items": { "type": "string" }, "description": "A JWT containing any of these audiences will be accepted. The service name will be accepted if audiences is empty. Examples: bookstore_android.apps.googleusercontent.com, bookstore_web.apps.googleusercontent.com" }, "issuer": { "type": "string", "description": "Identifies the issuer that issued the JWT, which is usually a URL or an email address. Examples: https://securetoken.google.com, 1234567-compute@developer.gserviceaccount.com" }, "jwksPublicKeys": { "type": "string", "description": "The provider's public key set to validate the signature of the JWT." }, "jwtHeaders": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:JwtHeaderResponse" }, "description": "jwt_headers and jwt_params define where to extract the JWT from an HTTP request. If no explicit location is specified, the following default locations are tried in order: 1. The Authorization header using the Bearer schema. See `here `_. Example: Authorization: Bearer . 2. `access_token` query parameter. See `this `_ Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations its issuer specified or from the default locations. This field is set if JWT is sent in a request header. This field specifies the header name. For example, if `header=x-goog-iap-jwt-assertion`, the header format will be x-goog-iap-jwt-assertion: ." }, "jwtParams": { "type": "array", "items": { "type": "string" }, "description": "This field is set if JWT is sent in a query parameter. This field specifies the query parameter name. For example, if jwt_params[0] is jwt_token, the JWT format in the query parameter is /path?jwt_token=." } }, "type": "object", "required": [ "audiences", "issuer", "jwksPublicKeys", "jwtHeaders", "jwtParams" ] }, "google-native:compute/alpha:LicenseResourceCommitment": { "description": "Commitment for a particular license resource.", "properties": { "amount": { "type": "string", "description": "The number of licenses purchased." }, "coresPerLicense": { "type": "string", "description": "Specifies the core range of the instance for which this license applies." }, "license": { "type": "string", "description": "Any applicable license URI." } }, "type": "object" }, "google-native:compute/alpha:LicenseResourceCommitmentResponse": { "description": "Commitment for a particular license resource.", "properties": { "amount": { "type": "string", "description": "The number of licenses purchased." }, "coresPerLicense": { "type": "string", "description": "Specifies the core range of the instance for which this license applies." }, "license": { "type": "string", "description": "Any applicable license URI." } }, "type": "object", "required": [ "amount", "coresPerLicense", "license" ] }, "google-native:compute/alpha:LicenseResourceRequirements": { "properties": { "minGuestCpuCount": { "type": "integer", "description": "Minimum number of guest cpus required to use the Instance. Enforced at Instance creation and Instance start." }, "minMemoryMb": { "type": "integer", "description": "Minimum memory required to use the Instance. Enforced at Instance creation and Instance start." } }, "type": "object" }, "google-native:compute/alpha:LicenseResourceRequirementsResponse": { "properties": { "minGuestCpuCount": { "type": "integer", "description": "Minimum number of guest cpus required to use the Instance. Enforced at Instance creation and Instance start." }, "minMemoryMb": { "type": "integer", "description": "Minimum memory required to use the Instance. Enforced at Instance creation and Instance start." } }, "type": "object", "required": [ "minGuestCpuCount", "minMemoryMb" ] }, "google-native:compute/alpha:LocalDisk": { "properties": { "diskCount": { "type": "integer", "description": "Specifies the number of such disks." }, "diskSizeGb": { "type": "integer", "description": "Specifies the size of the disk in base-2 GB." }, "diskType": { "type": "string", "description": "Specifies the desired disk type on the node. This disk type must be a local storage type (e.g.: local-ssd). Note that for nodeTemplates, this should be the name of the disk type and not its URL." } }, "type": "object" }, "google-native:compute/alpha:LocalDiskResponse": { "properties": { "diskCount": { "type": "integer", "description": "Specifies the number of such disks." }, "diskSizeGb": { "type": "integer", "description": "Specifies the size of the disk in base-2 GB." }, "diskType": { "type": "string", "description": "Specifies the desired disk type on the node. This disk type must be a local storage type (e.g.: local-ssd). Note that for nodeTemplates, this should be the name of the disk type and not its URL." } }, "type": "object", "required": [ "diskCount", "diskSizeGb", "diskType" ] }, "google-native:compute/alpha:LocalizedMessageResponse": { "description": "Provides a localized error message that is safe to return to the user which can be attached to an RPC error.", "properties": { "locale": { "type": "string", "description": "The locale used following the specification defined at https://www.rfc-editor.org/rfc/bcp/bcp47.txt. Examples are: \"en-US\", \"fr-CH\", \"es-MX\"" }, "message": { "type": "string", "description": "The localized error message in the above locale." } }, "type": "object", "required": [ "locale", "message" ] }, "google-native:compute/alpha:LocationPolicy": { "description": "Configuration for location policy among multiple possible locations (e.g. preferences for zone selection among zones in a single region).", "properties": { "locations": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Location configurations mapped by location name. Currently only zone names are supported and must be represented as valid internal URLs, such as zones/us-central1-a." }, "targetShape": { "$ref": "#/types/google-native:compute%2Falpha:LocationPolicyTargetShape", "description": "Strategy for distributing VMs across zones in a region." } }, "type": "object" }, "google-native:compute/alpha:LocationPolicyResponse": { "description": "Configuration for location policy among multiple possible locations (e.g. preferences for zone selection among zones in a single region).", "properties": { "locations": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Location configurations mapped by location name. Currently only zone names are supported and must be represented as valid internal URLs, such as zones/us-central1-a." }, "targetShape": { "type": "string", "description": "Strategy for distributing VMs across zones in a region." } }, "type": "object", "required": [ "locations", "targetShape" ] }, "google-native:compute/alpha:LocationPolicyTargetShape": { "description": "Strategy for distributing VMs across zones in a region.", "type": "string", "enum": [ { "name": "Any", "description": "GCE picks zones for creating VM instances to fulfill the requested number of VMs within present resource constraints and to maximize utilization of unused zonal reservations. Recommended for batch workloads that do not require high availability.", "value": "ANY" }, { "name": "AnySingleZone", "description": "GCE always selects a single zone for all the VMs, optimizing for resource quotas, available reservations and general capacity. Recommended for batch workloads that cannot tollerate distribution over multiple zones. This the default shape in Bulk Insert and Capacity Advisor APIs.", "value": "ANY_SINGLE_ZONE" }, { "name": "Balanced", "description": "GCE prioritizes acquisition of resources, scheduling VMs in zones where resources are available while distributing VMs as evenly as possible across allowed zones to minimize the impact of zonal failure. Recommended for highly available serving workloads.", "value": "BALANCED" } ] }, "google-native:compute/alpha:LogConfig": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "cloudAudit": { "$ref": "#/types/google-native:compute%2Falpha:LogConfigCloudAuditOptions", "description": "This is deprecated and has no effect. Do not use." }, "counter": { "$ref": "#/types/google-native:compute%2Falpha:LogConfigCounterOptions", "description": "This is deprecated and has no effect. Do not use." }, "dataAccess": { "$ref": "#/types/google-native:compute%2Falpha:LogConfigDataAccessOptions", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object" }, "google-native:compute/alpha:LogConfigCloudAuditOptions": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "authorizationLoggingOptions": { "$ref": "#/types/google-native:compute%2Falpha:AuthorizationLoggingOptions", "description": "This is deprecated and has no effect. Do not use." }, "logName": { "$ref": "#/types/google-native:compute%2Falpha:LogConfigCloudAuditOptionsLogName", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object" }, "google-native:compute/alpha:LogConfigCloudAuditOptionsLogName": { "description": "This is deprecated and has no effect. Do not use.", "type": "string", "enum": [ { "name": "AdminActivity", "description": "This is deprecated and has no effect. Do not use.", "value": "ADMIN_ACTIVITY" }, { "name": "DataAccess", "description": "This is deprecated and has no effect. Do not use.", "value": "DATA_ACCESS" }, { "name": "UnspecifiedLogName", "description": "This is deprecated and has no effect. Do not use.", "value": "UNSPECIFIED_LOG_NAME" } ] }, "google-native:compute/alpha:LogConfigCloudAuditOptionsResponse": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "authorizationLoggingOptions": { "$ref": "#/types/google-native:compute%2Falpha:AuthorizationLoggingOptionsResponse", "description": "This is deprecated and has no effect. Do not use." }, "logName": { "type": "string", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object", "required": [ "authorizationLoggingOptions", "logName" ] }, "google-native:compute/alpha:LogConfigCounterOptions": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "customFields": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:LogConfigCounterOptionsCustomField" }, "description": "This is deprecated and has no effect. Do not use." }, "field": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "metric": { "type": "string", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object" }, "google-native:compute/alpha:LogConfigCounterOptionsCustomField": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "name": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "value": { "type": "string", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object" }, "google-native:compute/alpha:LogConfigCounterOptionsCustomFieldResponse": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "name": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "value": { "type": "string", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object", "required": [ "name", "value" ] }, "google-native:compute/alpha:LogConfigCounterOptionsResponse": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "customFields": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:LogConfigCounterOptionsCustomFieldResponse" }, "description": "This is deprecated and has no effect. Do not use." }, "field": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "metric": { "type": "string", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object", "required": [ "customFields", "field", "metric" ] }, "google-native:compute/alpha:LogConfigDataAccessOptions": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "logMode": { "$ref": "#/types/google-native:compute%2Falpha:LogConfigDataAccessOptionsLogMode", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object" }, "google-native:compute/alpha:LogConfigDataAccessOptionsLogMode": { "description": "This is deprecated and has no effect. Do not use.", "type": "string", "enum": [ { "name": "LogFailClosed", "description": "This is deprecated and has no effect. Do not use.", "value": "LOG_FAIL_CLOSED" }, { "name": "LogModeUnspecified", "description": "This is deprecated and has no effect. Do not use.", "value": "LOG_MODE_UNSPECIFIED" } ] }, "google-native:compute/alpha:LogConfigDataAccessOptionsResponse": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "logMode": { "type": "string", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object", "required": [ "logMode" ] }, "google-native:compute/alpha:LogConfigResponse": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "cloudAudit": { "$ref": "#/types/google-native:compute%2Falpha:LogConfigCloudAuditOptionsResponse", "description": "This is deprecated and has no effect. Do not use." }, "counter": { "$ref": "#/types/google-native:compute%2Falpha:LogConfigCounterOptionsResponse", "description": "This is deprecated and has no effect. Do not use." }, "dataAccess": { "$ref": "#/types/google-native:compute%2Falpha:LogConfigDataAccessOptionsResponse", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object", "required": [ "cloudAudit", "counter", "dataAccess" ] }, "google-native:compute/alpha:Metadata": { "description": "A metadata key/value entry.", "properties": { "items": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:MetadataItemsItem" }, "description": "Array of key/value pairs. The total size of all keys and values must be less than 512 KB." } }, "type": "object" }, "google-native:compute/alpha:MetadataCredentialsFromPlugin": { "description": "[Deprecated] Custom authenticator credentials. Custom authenticator credentials.", "properties": { "name": { "type": "string", "description": "Plugin name." }, "structConfig": { "type": "string", "description": "A text proto that conforms to a Struct type definition interpreted by the plugin." } }, "type": "object" }, "google-native:compute/alpha:MetadataCredentialsFromPluginResponse": { "description": "[Deprecated] Custom authenticator credentials. Custom authenticator credentials.", "properties": { "name": { "type": "string", "description": "Plugin name." }, "structConfig": { "type": "string", "description": "A text proto that conforms to a Struct type definition interpreted by the plugin." } }, "type": "object", "required": [ "name", "structConfig" ] }, "google-native:compute/alpha:MetadataFilter": { "description": "Opaque filter criteria used by load balancers to restrict routing configuration to a limited set of load balancing proxies. Proxies and sidecars involved in load balancing would typically present metadata to the load balancers that need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if load balancing involves Envoys, they receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.", "properties": { "filterLabels": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:MetadataFilterLabelMatch" }, "description": "The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries." }, "filterMatchCriteria": { "$ref": "#/types/google-native:compute%2Falpha:MetadataFilterFilterMatchCriteria", "description": "Specifies how individual filter label matches within the list of filterLabels and contributes toward the overall metadataFilter match. Supported values are: - MATCH_ANY: at least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: all filterLabels must have matching labels in the provided metadata. " } }, "type": "object" }, "google-native:compute/alpha:MetadataFilterFilterMatchCriteria": { "description": "Specifies how individual filter label matches within the list of filterLabels and contributes toward the overall metadataFilter match. Supported values are: - MATCH_ANY: at least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: all filterLabels must have matching labels in the provided metadata. ", "type": "string", "enum": [ { "name": "MatchAll", "description": "Specifies that all filterLabels must match for the metadataFilter to be considered a match.", "value": "MATCH_ALL" }, { "name": "MatchAny", "description": "Specifies that any filterLabel must match for the metadataFilter to be considered a match.", "value": "MATCH_ANY" }, { "name": "NotSet", "description": "Indicates that the match criteria was not set. A metadataFilter must never be created with this value.", "value": "NOT_SET" } ] }, "google-native:compute/alpha:MetadataFilterLabelMatch": { "description": "MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the load balancer.", "properties": { "name": { "type": "string", "description": "Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long." }, "value": { "type": "string", "description": "The value of the label must match the specified value. value can have a maximum length of 1024 characters." } }, "type": "object" }, "google-native:compute/alpha:MetadataFilterLabelMatchResponse": { "description": "MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the load balancer.", "properties": { "name": { "type": "string", "description": "Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long." }, "value": { "type": "string", "description": "The value of the label must match the specified value. value can have a maximum length of 1024 characters." } }, "type": "object", "required": [ "name", "value" ] }, "google-native:compute/alpha:MetadataFilterResponse": { "description": "Opaque filter criteria used by load balancers to restrict routing configuration to a limited set of load balancing proxies. Proxies and sidecars involved in load balancing would typically present metadata to the load balancers that need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if load balancing involves Envoys, they receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.", "properties": { "filterLabels": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:MetadataFilterLabelMatchResponse" }, "description": "The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries." }, "filterMatchCriteria": { "type": "string", "description": "Specifies how individual filter label matches within the list of filterLabels and contributes toward the overall metadataFilter match. Supported values are: - MATCH_ANY: at least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: all filterLabels must have matching labels in the provided metadata. " } }, "type": "object", "required": [ "filterLabels", "filterMatchCriteria" ] }, "google-native:compute/alpha:MetadataItemsItem": { "description": "Metadata", "properties": { "key": { "type": "string", "description": "Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project." }, "value": { "type": "string", "description": "Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB)." } }, "type": "object" }, "google-native:compute/alpha:MetadataItemsItemResponse": { "description": "Metadata", "properties": { "key": { "type": "string", "description": "Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project." }, "value": { "type": "string", "description": "Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB)." } }, "type": "object", "required": [ "key", "value" ] }, "google-native:compute/alpha:MetadataResponse": { "description": "A metadata key/value entry.", "properties": { "fingerprint": { "type": "string", "description": "Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource." }, "items": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:MetadataItemsItemResponse" }, "description": "Array of key/value pairs. The total size of all keys and values must be less than 512 KB." }, "kind": { "type": "string", "description": "Type of the resource. Always compute#metadata for metadata." } }, "type": "object", "required": [ "fingerprint", "items", "kind" ] }, "google-native:compute/alpha:MoneyResponse": { "description": "Represents an amount of money with its currency type.", "properties": { "currencyCode": { "type": "string", "description": "The three-letter currency code defined in ISO 4217." }, "nanos": { "type": "integer", "description": "Number of nano (10^-9) units of the amount. The value must be between -999,999,999 and +999,999,999 inclusive. If `units` is positive, `nanos` must be positive or zero. If `units` is zero, `nanos` can be positive, zero, or negative. If `units` is negative, `nanos` must be negative or zero. For example $-1.75 is represented as `units`=-1 and `nanos`=-750,000,000." }, "units": { "type": "string", "description": "The whole units of the amount. For example if `currencyCode` is `\"USD\"`, then 1 unit is one US dollar." } }, "type": "object", "required": [ "currencyCode", "nanos", "units" ] }, "google-native:compute/alpha:MutualTls": { "description": "[Deprecated] Configuration for the mutual Tls mode for peer authentication. Configuration for the mutual Tls mode for peer authentication.", "properties": { "mode": { "$ref": "#/types/google-native:compute%2Falpha:MutualTlsMode", "description": "Specifies if the server TLS is configured to be strict or permissive. This field can be set to one of the following: STRICT: Client certificate must be presented, connection is in TLS. PERMISSIVE: Client certificate can be omitted, connection can be either plaintext or TLS." } }, "type": "object" }, "google-native:compute/alpha:MutualTlsMode": { "description": "Specifies if the server TLS is configured to be strict or permissive. This field can be set to one of the following: STRICT: Client certificate must be presented, connection is in TLS. PERMISSIVE: Client certificate can be omitted, connection can be either plaintext or TLS.", "type": "string", "enum": [ { "name": "Invalid", "value": "INVALID" }, { "name": "Permissive", "description": "Client certificate can be omitted, connection can be either plaintext or TLS.", "value": "PERMISSIVE" }, { "name": "Strict", "description": "Client certificate must be presented, connection is in TLS.", "value": "STRICT" } ] }, "google-native:compute/alpha:MutualTlsResponse": { "description": "[Deprecated] Configuration for the mutual Tls mode for peer authentication. Configuration for the mutual Tls mode for peer authentication.", "properties": { "mode": { "type": "string", "description": "Specifies if the server TLS is configured to be strict or permissive. This field can be set to one of the following: STRICT: Client certificate must be presented, connection is in TLS. PERMISSIVE: Client certificate can be omitted, connection can be either plaintext or TLS." } }, "type": "object", "required": [ "mode" ] }, "google-native:compute/alpha:NamedPort": { "description": "The named port. For example: <\"http\", 80>.", "properties": { "name": { "type": "string", "description": "The name for this named port. The name must be 1-63 characters long, and comply with RFC1035." }, "port": { "type": "integer", "description": "The port number, which can be a value between 1 and 65535." } }, "type": "object" }, "google-native:compute/alpha:NamedPortResponse": { "description": "The named port. For example: <\"http\", 80>.", "properties": { "name": { "type": "string", "description": "The name for this named port. The name must be 1-63 characters long, and comply with RFC1035." }, "port": { "type": "integer", "description": "The port number, which can be a value between 1 and 65535." } }, "type": "object", "required": [ "name", "port" ] }, "google-native:compute/alpha:NetworkAttachmentConnectedEndpointResponse": { "description": "[Output Only] A connection connected to this network attachment.", "properties": { "ipAddress": { "type": "string", "description": "The IPv4 address assigned to the producer instance network interface. This value will be a range in case of Serverless." }, "ipv6Address": { "type": "string", "description": "The IPv6 address assigned to the producer instance network interface. This is only assigned when the stack types of both the instance network interface and the consumer subnet are IPv4_IPv6." }, "projectIdOrNum": { "type": "string", "description": "The project id or number of the interface to which the IP was assigned." }, "secondaryIpCidrRanges": { "type": "array", "items": { "type": "string" }, "description": "Alias IP ranges from the same subnetwork." }, "status": { "type": "string", "description": "The status of a connected endpoint to this network attachment." }, "subnetwork": { "type": "string", "description": "The subnetwork used to assign the IP to the producer instance network interface." }, "subnetworkCidrRange": { "type": "string", "description": "The CIDR range of the subnet from which the IPv4 internal IP was allocated from." } }, "type": "object", "required": [ "ipAddress", "ipv6Address", "projectIdOrNum", "secondaryIpCidrRanges", "status", "subnetwork", "subnetworkCidrRange" ] }, "google-native:compute/alpha:NetworkAttachmentConnectionPreference": { "type": "string", "enum": [ { "name": "AcceptAutomatic", "value": "ACCEPT_AUTOMATIC" }, { "name": "AcceptManual", "value": "ACCEPT_MANUAL" }, { "name": "Invalid", "value": "INVALID" } ] }, "google-native:compute/alpha:NetworkEndpointGroupAppEngine": { "description": "Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.", "properties": { "service": { "type": "string", "description": "Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: \"default\", \"my-service\"." }, "urlMask": { "type": "string", "description": "A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs \"foo1-dot-appname.appspot.com/v1\" and \"foo1-dot-appname.appspot.com/v2\" can be backed by the same Serverless NEG with URL mask \"-dot-appname.appspot.com/\". The URL mask will parse them to { service = \"foo1\", version = \"v1\" } and { service = \"foo1\", version = \"v2\" } respectively." }, "version": { "type": "string", "description": "Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: \"v1\", \"v2\"." } }, "type": "object" }, "google-native:compute/alpha:NetworkEndpointGroupAppEngineResponse": { "description": "Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.", "properties": { "service": { "type": "string", "description": "Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: \"default\", \"my-service\"." }, "urlMask": { "type": "string", "description": "A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs \"foo1-dot-appname.appspot.com/v1\" and \"foo1-dot-appname.appspot.com/v2\" can be backed by the same Serverless NEG with URL mask \"-dot-appname.appspot.com/\". The URL mask will parse them to { service = \"foo1\", version = \"v1\" } and { service = \"foo1\", version = \"v2\" } respectively." }, "version": { "type": "string", "description": "Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: \"v1\", \"v2\"." } }, "type": "object", "required": [ "service", "urlMask", "version" ] }, "google-native:compute/alpha:NetworkEndpointGroupClientPortMappingMode": { "description": "Only valid when networkEndpointType is \"GCE_VM_IP_PORT\" and the NEG is regional.", "type": "string", "enum": [ { "name": "ClientPortPerEndpoint", "description": "For each endpoint there is exactly one client port.", "value": "CLIENT_PORT_PER_ENDPOINT" }, { "name": "PortMappingDisabled", "description": "NEG should not be used for mapping client port to destination.", "value": "PORT_MAPPING_DISABLED" } ] }, "google-native:compute/alpha:NetworkEndpointGroupCloudFunction": { "description": "Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.", "properties": { "function": { "type": "string", "description": "A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: \"func1\"." }, "urlMask": { "type": "string", "description": "A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs \" mydomain.com/function1\" and \"mydomain.com/function2\" can be backed by the same Serverless NEG with URL mask \"/\". The URL mask will parse them to { function = \"function1\" } and { function = \"function2\" } respectively." } }, "type": "object" }, "google-native:compute/alpha:NetworkEndpointGroupCloudFunctionResponse": { "description": "Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.", "properties": { "function": { "type": "string", "description": "A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: \"func1\"." }, "urlMask": { "type": "string", "description": "A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs \" mydomain.com/function1\" and \"mydomain.com/function2\" can be backed by the same Serverless NEG with URL mask \"/\". The URL mask will parse them to { function = \"function1\" } and { function = \"function2\" } respectively." } }, "type": "object", "required": [ "function", "urlMask" ] }, "google-native:compute/alpha:NetworkEndpointGroupCloudRun": { "description": "Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.", "properties": { "service": { "type": "string", "description": "Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: \"run-service\"." }, "tag": { "type": "string", "description": "Optional Cloud Run tag represents the \"named-revision\" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: \"revision-0010\"." }, "urlMask": { "type": "string", "description": "A template to parse and fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs \"foo1.domain.com/bar1\" and \"foo1.domain.com/bar2\" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask \".domain.com/\". The URL mask will parse them to { service=\"bar1\", tag=\"foo1\" } and { service=\"bar2\", tag=\"foo2\" } respectively." } }, "type": "object" }, "google-native:compute/alpha:NetworkEndpointGroupCloudRunResponse": { "description": "Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.", "properties": { "service": { "type": "string", "description": "Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: \"run-service\"." }, "tag": { "type": "string", "description": "Optional Cloud Run tag represents the \"named-revision\" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: \"revision-0010\"." }, "urlMask": { "type": "string", "description": "A template to parse and fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs \"foo1.domain.com/bar1\" and \"foo1.domain.com/bar2\" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask \".domain.com/\". The URL mask will parse them to { service=\"bar1\", tag=\"foo1\" } and { service=\"bar2\", tag=\"foo2\" } respectively." } }, "type": "object", "required": [ "service", "tag", "urlMask" ] }, "google-native:compute/alpha:NetworkEndpointGroupLbNetworkEndpointGroup": { "description": "Load balancing specific fields for network endpoint group.", "properties": { "defaultPort": { "type": "integer", "description": "The default port used if the port number is not specified in the network endpoint. [Deprecated] This field is deprecated.", "deprecationMessage": "The default port used if the port number is not specified in the network endpoint. [Deprecated] This field is deprecated." }, "network": { "type": "string", "description": "The URL of the network to which all network endpoints in the NEG belong. Uses \"default\" project network if unspecified. [Deprecated] This field is deprecated.", "deprecationMessage": "The URL of the network to which all network endpoints in the NEG belong. Uses \"default\" project network if unspecified. [Deprecated] This field is deprecated." }, "subnetwork": { "type": "string", "description": "Optional URL of the subnetwork to which all network endpoints in the NEG belong. [Deprecated] This field is deprecated.", "deprecationMessage": "Optional URL of the subnetwork to which all network endpoints in the NEG belong. [Deprecated] This field is deprecated." } }, "type": "object" }, "google-native:compute/alpha:NetworkEndpointGroupLbNetworkEndpointGroupResponse": { "description": "Load balancing specific fields for network endpoint group.", "properties": { "defaultPort": { "type": "integer", "description": "The default port used if the port number is not specified in the network endpoint. [Deprecated] This field is deprecated.", "deprecationMessage": "The default port used if the port number is not specified in the network endpoint. [Deprecated] This field is deprecated." }, "network": { "type": "string", "description": "The URL of the network to which all network endpoints in the NEG belong. Uses \"default\" project network if unspecified. [Deprecated] This field is deprecated.", "deprecationMessage": "The URL of the network to which all network endpoints in the NEG belong. Uses \"default\" project network if unspecified. [Deprecated] This field is deprecated." }, "subnetwork": { "type": "string", "description": "Optional URL of the subnetwork to which all network endpoints in the NEG belong. [Deprecated] This field is deprecated.", "deprecationMessage": "Optional URL of the subnetwork to which all network endpoints in the NEG belong. [Deprecated] This field is deprecated." }, "zone": { "type": "string", "description": "The URL of the zone where the network endpoint group is located. [Deprecated] This field is deprecated.", "deprecationMessage": "[Output Only] The URL of the zone where the network endpoint group is located. [Deprecated] This field is deprecated." } }, "type": "object", "required": [ "defaultPort", "network", "subnetwork", "zone" ] }, "google-native:compute/alpha:NetworkEndpointGroupNetworkEndpointType": { "description": "Type of network endpoints in this network endpoint group. Can be one of GCE_VM_IP, GCE_VM_IP_PORT, NON_GCP_PRIVATE_IP_PORT, INTERNET_FQDN_PORT, INTERNET_IP_PORT, SERVERLESS, PRIVATE_SERVICE_CONNECT.", "type": "string", "enum": [ { "name": "GceVmIp", "description": "The network endpoint is represented by an IP address.", "value": "GCE_VM_IP" }, { "name": "GceVmIpPort", "description": "The network endpoint is represented by IP address and port pair.", "value": "GCE_VM_IP_PORT" }, { "name": "InternetFqdnPort", "description": "The network endpoint is represented by fully qualified domain name and port.", "value": "INTERNET_FQDN_PORT" }, { "name": "InternetIpPort", "description": "The network endpoint is represented by an internet IP address and port.", "value": "INTERNET_IP_PORT" }, { "name": "NonGcpPrivateIpPort", "description": "The network endpoint is represented by an IP address and port. The endpoint belongs to a VM or pod running in a customer's on-premises.", "value": "NON_GCP_PRIVATE_IP_PORT" }, { "name": "PrivateServiceConnect", "description": "The network endpoint is either public Google APIs or services exposed by other GCP Project with a Service Attachment. The connection is set up by private service connect", "value": "PRIVATE_SERVICE_CONNECT" }, { "name": "Serverless", "description": "The network endpoint is handled by specified serverless infrastructure.", "value": "SERVERLESS" } ] }, "google-native:compute/alpha:NetworkEndpointGroupPscData": { "description": "All data that is specifically relevant to only network endpoint groups of type PRIVATE_SERVICE_CONNECT.", "type": "object" }, "google-native:compute/alpha:NetworkEndpointGroupPscDataResponse": { "description": "All data that is specifically relevant to only network endpoint groups of type PRIVATE_SERVICE_CONNECT.", "properties": { "consumerPscAddress": { "type": "string", "description": "Address allocated from given subnetwork for PSC. This IP address acts as a VIP for a PSC NEG, allowing it to act as an endpoint in L7 PSC-XLB." }, "pscConnectionId": { "type": "string", "description": "The PSC connection id of the PSC Network Endpoint Group Consumer." }, "pscConnectionStatus": { "type": "string", "description": "The connection status of the PSC Forwarding Rule." } }, "type": "object", "required": [ "consumerPscAddress", "pscConnectionId", "pscConnectionStatus" ] }, "google-native:compute/alpha:NetworkEndpointGroupServerlessDeployment": { "description": "Configuration for a serverless network endpoint group (NEG). The platform must be provided. Note: The target backend service must be in the same project and located in the same region as the Serverless NEG.", "properties": { "platform": { "type": "string", "description": "The platform of the backend target(s) of this NEG. The only supported value is API Gateway: apigateway.googleapis.com." }, "resource": { "type": "string", "description": "The user-defined name of the workload/instance. This value must be provided explicitly or in the urlMask. The resource identified by this value is platform-specific and is as follows: 1. API Gateway: The gateway ID 2. App Engine: The service name 3. Cloud Functions: The function name 4. Cloud Run: The service name " }, "urlMask": { "type": "string", "description": "A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources. The fields parsed by this template are platform-specific and are as follows: 1. API Gateway: The gateway ID 2. App Engine: The service and version 3. Cloud Functions: The function name 4. Cloud Run: The service and tag " }, "version": { "type": "string", "description": "The optional resource version. The version identified by this value is platform-specific and is follows: 1. API Gateway: Unused 2. App Engine: The service version 3. Cloud Functions: Unused 4. Cloud Run: The service tag " } }, "type": "object" }, "google-native:compute/alpha:NetworkEndpointGroupServerlessDeploymentResponse": { "description": "Configuration for a serverless network endpoint group (NEG). The platform must be provided. Note: The target backend service must be in the same project and located in the same region as the Serverless NEG.", "properties": { "platform": { "type": "string", "description": "The platform of the backend target(s) of this NEG. The only supported value is API Gateway: apigateway.googleapis.com." }, "resource": { "type": "string", "description": "The user-defined name of the workload/instance. This value must be provided explicitly or in the urlMask. The resource identified by this value is platform-specific and is as follows: 1. API Gateway: The gateway ID 2. App Engine: The service name 3. Cloud Functions: The function name 4. Cloud Run: The service name " }, "urlMask": { "type": "string", "description": "A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources. The fields parsed by this template are platform-specific and are as follows: 1. API Gateway: The gateway ID 2. App Engine: The service and version 3. Cloud Functions: The function name 4. Cloud Run: The service and tag " }, "version": { "type": "string", "description": "The optional resource version. The version identified by this value is platform-specific and is follows: 1. API Gateway: Unused 2. App Engine: The service version 3. Cloud Functions: Unused 4. Cloud Run: The service tag " } }, "type": "object", "required": [ "platform", "resource", "urlMask", "version" ] }, "google-native:compute/alpha:NetworkEndpointGroupType": { "description": "Specify the type of this network endpoint group. Only LOAD_BALANCING is valid for now.", "type": "string", "enum": [ { "name": "LoadBalancing", "description": "The network endpoint group is a backend of a load balancer.", "value": "LOAD_BALANCING" } ] }, "google-native:compute/alpha:NetworkFirewallPolicyVpcNetworkScope": { "description": "The scope of networks allowed to be associated with the firewall policy. This field can be either GLOBAL_VPC_NETWORK or REGIONAL_VPC_NETWORK. A firewall policy with the VPC scope set to GLOBAL_VPC_NETWORK is allowed to be attached only to global networks. When the VPC scope is set to REGIONAL_VPC_NETWORK the firewall policy is allowed to be attached only to regional networks in the same scope as the firewall policy. Note: if not specified then GLOBAL_VPC_NETWORK will be used.", "type": "string", "enum": [ { "name": "GlobalVpcNetwork", "description": "The firewall policy is allowed to be attached only to global networks.", "value": "GLOBAL_VPC_NETWORK" }, { "name": "RegionalVpcNetwork", "description": "The firewall policy is allowed to be attached only to regional networks in the same scope as the firewall policy. This option is applicable only to regional firewall policies.", "value": "REGIONAL_VPC_NETWORK" } ] }, "google-native:compute/alpha:NetworkInterface": { "description": "A network interface resource attached to an instance.", "properties": { "accessConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:AccessConfig" }, "description": "An array of configurations for this interface. Currently, only one access config, ONE_TO_ONE_NAT, is supported. If there are no accessConfigs specified, then this instance will have no external internet access." }, "aliasIpRanges": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:AliasIpRange" }, "description": "An array of alias IP ranges for this network interface. You can only specify this field for network interfaces in VPC networks." }, "internalIpv6PrefixLength": { "type": "integer", "description": "The prefix length of the primary internal IPv6 range." }, "ipv6AccessConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:AccessConfig" }, "description": "An array of IPv6 access configurations for this interface. Currently, only one IPv6 access config, DIRECT_IPV6, is supported. If there is no ipv6AccessConfig specified, then this instance will have no external IPv6 Internet access." }, "ipv6Address": { "type": "string", "description": "An IPv6 internal network address for this network interface. To use a static internal IP address, it must be unused and in the same region as the instance's zone. If not specified, Google Cloud will automatically assign an internal IPv6 address from the instance's subnetwork." }, "network": { "type": "string", "description": "URL of the VPC network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used. If the selected project doesn't have the default network, you must specify a network or subnet. If the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default " }, "networkAttachment": { "type": "string", "description": "The URL of the network attachment that this interface should connect to in the following format: projects/{project_number}/regions/{region_name}/networkAttachments/{network_attachment_name}." }, "networkIP": { "type": "string", "description": "An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system." }, "nicType": { "$ref": "#/types/google-native:compute%2Falpha:NetworkInterfaceNicType", "description": "The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet." }, "parentNicName": { "type": "string", "description": "Name of the parent network interface of a VLAN based nic. If this field is specified, vlan must be set." }, "queueCount": { "type": "integer", "description": "The networking queue count that's specified by users for the network interface. Both Rx and Tx queues will be set to this number. It'll be empty if not specified by the users." }, "stackType": { "$ref": "#/types/google-native:compute%2Falpha:NetworkInterfaceStackType", "description": "The stack type for this network interface. To assign only IPv4 addresses, use IPV4_ONLY. To assign both IPv4 and IPv6 addresses, use IPV4_IPV6. If not specified, IPV4_ONLY is used. This field can be both set at instance creation and update network interface operations." }, "subinterfaces": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:NetworkInterfaceSubInterface" }, "description": "SubInterfaces help enable L2 communication for the instance over subnetworks that support L2. Every network interface will get a default untagged (vlan not specified) subinterface. Users can specify additional tagged subinterfaces which are sub-fields to the Network Interface." }, "subnetwork": { "type": "string", "description": "The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork " }, "vlan": { "type": "integer", "description": "VLAN tag of a VLAN based network interface, must be in range from 2 to 4094 inclusively. This field is mandatory if the parent network interface name is set." } }, "type": "object" }, "google-native:compute/alpha:NetworkInterfaceNicType": { "description": "The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.", "type": "string", "enum": [ { "name": "Gvnic", "description": "GVNIC", "value": "GVNIC" }, { "name": "UnspecifiedNicType", "description": "No type specified.", "value": "UNSPECIFIED_NIC_TYPE" }, { "name": "VirtioNet", "description": "VIRTIO", "value": "VIRTIO_NET" } ] }, "google-native:compute/alpha:NetworkInterfaceResponse": { "description": "A network interface resource attached to an instance.", "properties": { "accessConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:AccessConfigResponse" }, "description": "An array of configurations for this interface. Currently, only one access config, ONE_TO_ONE_NAT, is supported. If there are no accessConfigs specified, then this instance will have no external internet access." }, "aliasIpRanges": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:AliasIpRangeResponse" }, "description": "An array of alias IP ranges for this network interface. You can only specify this field for network interfaces in VPC networks." }, "fingerprint": { "type": "string", "description": "Fingerprint hash of contents stored in this network interface. This field will be ignored when inserting an Instance or adding a NetworkInterface. An up-to-date fingerprint must be provided in order to update the NetworkInterface. The request will fail with error 400 Bad Request if the fingerprint is not provided, or 412 Precondition Failed if the fingerprint is out of date." }, "internalIpv6PrefixLength": { "type": "integer", "description": "The prefix length of the primary internal IPv6 range." }, "ipv6AccessConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:AccessConfigResponse" }, "description": "An array of IPv6 access configurations for this interface. Currently, only one IPv6 access config, DIRECT_IPV6, is supported. If there is no ipv6AccessConfig specified, then this instance will have no external IPv6 Internet access." }, "ipv6AccessType": { "type": "string", "description": "One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6." }, "ipv6Address": { "type": "string", "description": "An IPv6 internal network address for this network interface. To use a static internal IP address, it must be unused and in the same region as the instance's zone. If not specified, Google Cloud will automatically assign an internal IPv6 address from the instance's subnetwork." }, "kind": { "type": "string", "description": "Type of the resource. Always compute#networkInterface for network interfaces." }, "name": { "type": "string", "description": "The name of the network interface, which is generated by the server. For a VM, the network interface uses the nicN naming format. Where N is a value between 0 and 7. The default interface value is nic0." }, "network": { "type": "string", "description": "URL of the VPC network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used. If the selected project doesn't have the default network, you must specify a network or subnet. If the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default " }, "networkAttachment": { "type": "string", "description": "The URL of the network attachment that this interface should connect to in the following format: projects/{project_number}/regions/{region_name}/networkAttachments/{network_attachment_name}." }, "networkIP": { "type": "string", "description": "An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system." }, "nicType": { "type": "string", "description": "The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet." }, "parentNicName": { "type": "string", "description": "Name of the parent network interface of a VLAN based nic. If this field is specified, vlan must be set." }, "queueCount": { "type": "integer", "description": "The networking queue count that's specified by users for the network interface. Both Rx and Tx queues will be set to this number. It'll be empty if not specified by the users." }, "stackType": { "type": "string", "description": "The stack type for this network interface. To assign only IPv4 addresses, use IPV4_ONLY. To assign both IPv4 and IPv6 addresses, use IPV4_IPV6. If not specified, IPV4_ONLY is used. This field can be both set at instance creation and update network interface operations." }, "subinterfaces": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:NetworkInterfaceSubInterfaceResponse" }, "description": "SubInterfaces help enable L2 communication for the instance over subnetworks that support L2. Every network interface will get a default untagged (vlan not specified) subinterface. Users can specify additional tagged subinterfaces which are sub-fields to the Network Interface." }, "subnetwork": { "type": "string", "description": "The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork " }, "vlan": { "type": "integer", "description": "VLAN tag of a VLAN based network interface, must be in range from 2 to 4094 inclusively. This field is mandatory if the parent network interface name is set." } }, "type": "object", "required": [ "accessConfigs", "aliasIpRanges", "fingerprint", "internalIpv6PrefixLength", "ipv6AccessConfigs", "ipv6AccessType", "ipv6Address", "kind", "name", "network", "networkAttachment", "networkIP", "nicType", "parentNicName", "queueCount", "stackType", "subinterfaces", "subnetwork", "vlan" ] }, "google-native:compute/alpha:NetworkInterfaceStackType": { "description": "The stack type for this network interface. To assign only IPv4 addresses, use IPV4_ONLY. To assign both IPv4 and IPv6 addresses, use IPV4_IPV6. If not specified, IPV4_ONLY is used. This field can be both set at instance creation and update network interface operations.", "type": "string", "enum": [ { "name": "Ipv4Ipv6", "description": "The network interface can have both IPv4 and IPv6 addresses.", "value": "IPV4_IPV6" }, { "name": "Ipv4Only", "description": "The network interface will be assigned IPv4 address.", "value": "IPV4_ONLY" }, { "name": "Ipv6Only", "description": "The network interface will only be assigned IPv6 addresses.", "value": "IPV6_ONLY" } ] }, "google-native:compute/alpha:NetworkInterfaceSubInterface": { "properties": { "ipAddress": { "type": "string", "description": "An IPv4 internal IP address to assign to the instance for this subinterface. If specified, ip_allocation_mode should be set to ALLOCATE_IP." }, "ipAllocationMode": { "$ref": "#/types/google-native:compute%2Falpha:NetworkInterfaceSubInterfaceIpAllocationMode" }, "subnetwork": { "type": "string", "description": "If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork " }, "vlan": { "type": "integer", "description": "VLAN tag. Should match the VLAN(s) supported by the subnetwork to which this subinterface is connecting." } }, "type": "object" }, "google-native:compute/alpha:NetworkInterfaceSubInterfaceIpAllocationMode": { "type": "string", "enum": [ { "name": "AllocateIp", "description": "Allocates an internal IPv4 IP address from subnets secondary IP Range.", "value": "ALLOCATE_IP" }, { "name": "DoNotAllocateIp", "description": "No IP allocation is done for the subinterface.", "value": "DO_NOT_ALLOCATE_IP" }, { "name": "Unspecified", "value": "UNSPECIFIED" } ] }, "google-native:compute/alpha:NetworkInterfaceSubInterfaceResponse": { "properties": { "ipAddress": { "type": "string", "description": "An IPv4 internal IP address to assign to the instance for this subinterface. If specified, ip_allocation_mode should be set to ALLOCATE_IP." }, "ipAllocationMode": { "type": "string" }, "subnetwork": { "type": "string", "description": "If specified, this subnetwork must belong to the same network as that of the network interface. If not specified the subnet of network interface will be used. If you specify this property, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork " }, "vlan": { "type": "integer", "description": "VLAN tag. Should match the VLAN(s) supported by the subnetwork to which this subinterface is connecting." } }, "type": "object", "required": [ "ipAddress", "ipAllocationMode", "subnetwork", "vlan" ] }, "google-native:compute/alpha:NetworkNetworkFirewallPolicyEnforcementOrder": { "description": "The network firewall policy enforcement order. Can be either AFTER_CLASSIC_FIREWALL or BEFORE_CLASSIC_FIREWALL. Defaults to AFTER_CLASSIC_FIREWALL if the field is not specified.", "type": "string", "enum": [ { "name": "AfterClassicFirewall", "value": "AFTER_CLASSIC_FIREWALL" }, { "name": "BeforeClassicFirewall", "value": "BEFORE_CLASSIC_FIREWALL" } ] }, "google-native:compute/alpha:NetworkPeeringResponse": { "description": "A network peering attached to a network resource. The message includes the peering name, peer network, peering state, and a flag indicating whether Google Compute Engine should automatically create routes for the peering.", "properties": { "advertisePeerSubnetsViaRouters": { "type": "boolean", "description": "Whether Cloud Routers in this network can automatically advertise subnets from the peer network." }, "autoCreateRoutes": { "type": "boolean", "description": "This field will be deprecated soon. Use the exchange_subnet_routes field instead. Indicates whether full mesh connectivity is created and managed automatically between peered networks. Currently this field should always be true since Google Compute Engine will automatically create and manage subnetwork routes between two networks when peering state is ACTIVE." }, "exchangeSubnetRoutes": { "type": "boolean", "description": "Indicates whether full mesh connectivity is created and managed automatically between peered networks. Currently this field should always be true since Google Compute Engine will automatically create and manage subnetwork routes between two networks when peering state is ACTIVE." }, "exportCustomRoutes": { "type": "boolean", "description": "Whether to export the custom routes to peer network. The default value is false." }, "exportSubnetRoutesWithPublicIp": { "type": "boolean", "description": "Whether subnet routes with public IP range are exported. The default value is true, all subnet routes are exported. IPv4 special-use ranges are always exported to peers and are not controlled by this field." }, "importCustomRoutes": { "type": "boolean", "description": "Whether to import the custom routes from peer network. The default value is false." }, "importSubnetRoutesWithPublicIp": { "type": "boolean", "description": "Whether subnet routes with public IP range are imported. The default value is false. IPv4 special-use ranges are always imported from peers and are not controlled by this field." }, "name": { "type": "string", "description": "Name of this peering. Provided by the client when the peering is created. The name must comply with RFC1035. Specifically, the name must be 1-63 characters long and match regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all the following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "network": { "type": "string", "description": "The URL of the peer network. It can be either full URL or partial URL. The peer network may belong to a different project. If the partial URL does not contain project, it is assumed that the peer network is in the same project as the current network." }, "peerMtu": { "type": "integer", "description": "Maximum Transmission Unit in bytes." }, "stackType": { "type": "string", "description": "Which IP version(s) of traffic and routes are allowed to be imported or exported between peer networks. The default value is IPV4_ONLY." }, "state": { "type": "string", "description": "State for the peering, either `ACTIVE` or `INACTIVE`. The peering is `ACTIVE` when there's a matching configuration in the peer network." }, "stateDetails": { "type": "string", "description": "Details about the current state of the peering." } }, "type": "object", "required": [ "advertisePeerSubnetsViaRouters", "autoCreateRoutes", "exchangeSubnetRoutes", "exportCustomRoutes", "exportSubnetRoutesWithPublicIp", "importCustomRoutes", "importSubnetRoutesWithPublicIp", "name", "network", "peerMtu", "stackType", "state", "stateDetails" ] }, "google-native:compute/alpha:NetworkPerformanceConfig": { "properties": { "externalIpEgressBandwidthTier": { "$ref": "#/types/google-native:compute%2Falpha:NetworkPerformanceConfigExternalIpEgressBandwidthTier" }, "totalEgressBandwidthTier": { "$ref": "#/types/google-native:compute%2Falpha:NetworkPerformanceConfigTotalEgressBandwidthTier" } }, "type": "object" }, "google-native:compute/alpha:NetworkPerformanceConfigExternalIpEgressBandwidthTier": { "type": "string", "enum": [ { "name": "Default", "value": "DEFAULT" }, { "name": "Tier1", "value": "TIER_1" } ] }, "google-native:compute/alpha:NetworkPerformanceConfigResponse": { "properties": { "externalIpEgressBandwidthTier": { "type": "string" }, "totalEgressBandwidthTier": { "type": "string" } }, "type": "object", "required": [ "externalIpEgressBandwidthTier", "totalEgressBandwidthTier" ] }, "google-native:compute/alpha:NetworkPerformanceConfigTotalEgressBandwidthTier": { "type": "string", "enum": [ { "name": "Default", "value": "DEFAULT" }, { "name": "Tier1", "value": "TIER_1" } ] }, "google-native:compute/alpha:NetworkRoutingConfig": { "description": "A routing configuration attached to a network resource. The message includes the list of routers associated with the network, and a flag indicating the type of routing behavior to enforce network-wide.", "properties": { "bgpAlwaysCompareMed": { "type": "boolean", "description": "Enable comparison of Multi-Exit Discriminators (MED) across routes with different neighbor ASNs when using the STANDARD BGP best path selection algorithm." }, "bgpBestPathSelectionMode": { "$ref": "#/types/google-native:compute%2Falpha:NetworkRoutingConfigBgpBestPathSelectionMode", "description": "The BGP best path selection algorithm to be employed within this network for dynamic routes learned by Cloud Routers. Can be LEGACY (default) or STANDARD." }, "bgpInterRegionCost": { "$ref": "#/types/google-native:compute%2Falpha:NetworkRoutingConfigBgpInterRegionCost", "description": "Allows to define a preferred approach for handling inter-region cost in the selection process when using the STANDARD BGP best path selection algorithm. Can be DEFAULT or ADD_COST_TO_MED." }, "routingMode": { "$ref": "#/types/google-native:compute%2Falpha:NetworkRoutingConfigRoutingMode", "description": "The network-wide routing mode to use. If set to REGIONAL, this network's Cloud Routers will only advertise routes with subnets of this network in the same region as the router. If set to GLOBAL, this network's Cloud Routers will advertise routes with all subnets of this network, across regions." } }, "type": "object" }, "google-native:compute/alpha:NetworkRoutingConfigBgpBestPathSelectionMode": { "description": "The BGP best path selection algorithm to be employed within this network for dynamic routes learned by Cloud Routers. Can be LEGACY (default) or STANDARD.", "type": "string", "enum": [ { "name": "Legacy", "value": "LEGACY" }, { "name": "Standard", "value": "STANDARD" } ] }, "google-native:compute/alpha:NetworkRoutingConfigBgpInterRegionCost": { "description": "Allows to define a preferred approach for handling inter-region cost in the selection process when using the STANDARD BGP best path selection algorithm. Can be DEFAULT or ADD_COST_TO_MED.", "type": "string", "enum": [ { "name": "AddCostToMed", "value": "ADD_COST_TO_MED" }, { "name": "Default", "value": "DEFAULT" } ] }, "google-native:compute/alpha:NetworkRoutingConfigResponse": { "description": "A routing configuration attached to a network resource. The message includes the list of routers associated with the network, and a flag indicating the type of routing behavior to enforce network-wide.", "properties": { "bgpAlwaysCompareMed": { "type": "boolean", "description": "Enable comparison of Multi-Exit Discriminators (MED) across routes with different neighbor ASNs when using the STANDARD BGP best path selection algorithm." }, "bgpBestPathSelectionMode": { "type": "string", "description": "The BGP best path selection algorithm to be employed within this network for dynamic routes learned by Cloud Routers. Can be LEGACY (default) or STANDARD." }, "bgpInterRegionCost": { "type": "string", "description": "Allows to define a preferred approach for handling inter-region cost in the selection process when using the STANDARD BGP best path selection algorithm. Can be DEFAULT or ADD_COST_TO_MED." }, "routingMode": { "type": "string", "description": "The network-wide routing mode to use. If set to REGIONAL, this network's Cloud Routers will only advertise routes with subnets of this network in the same region as the router. If set to GLOBAL, this network's Cloud Routers will advertise routes with all subnets of this network, across regions." } }, "type": "object", "required": [ "bgpAlwaysCompareMed", "bgpBestPathSelectionMode", "bgpInterRegionCost", "routingMode" ] }, "google-native:compute/alpha:NetworkRoutingConfigRoutingMode": { "description": "The network-wide routing mode to use. If set to REGIONAL, this network's Cloud Routers will only advertise routes with subnets of this network in the same region as the router. If set to GLOBAL, this network's Cloud Routers will advertise routes with all subnets of this network, across regions.", "type": "string", "enum": [ { "name": "Global", "value": "GLOBAL" }, { "name": "Regional", "value": "REGIONAL" } ] }, "google-native:compute/alpha:NodeGroupAutoscalingPolicy": { "properties": { "maxNodes": { "type": "integer", "description": "The maximum number of nodes that the group should have. Must be set if autoscaling is enabled. Maximum value allowed is 100." }, "minNodes": { "type": "integer", "description": "The minimum number of nodes that the group should have." }, "mode": { "$ref": "#/types/google-native:compute%2Falpha:NodeGroupAutoscalingPolicyMode", "description": "The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see Autoscaler modes." } }, "type": "object" }, "google-native:compute/alpha:NodeGroupAutoscalingPolicyMode": { "description": "The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see Autoscaler modes.", "type": "string", "enum": [ { "name": "ModeUnspecified", "value": "MODE_UNSPECIFIED" }, { "name": "Off", "description": "Autoscaling is disabled.", "value": "OFF" }, { "name": "On", "description": "Autocaling is fully enabled.", "value": "ON" }, { "name": "OnlyScaleOut", "description": "Autoscaling will only scale out and will not remove nodes.", "value": "ONLY_SCALE_OUT" } ] }, "google-native:compute/alpha:NodeGroupAutoscalingPolicyResponse": { "properties": { "maxNodes": { "type": "integer", "description": "The maximum number of nodes that the group should have. Must be set if autoscaling is enabled. Maximum value allowed is 100." }, "minNodes": { "type": "integer", "description": "The minimum number of nodes that the group should have." }, "mode": { "type": "string", "description": "The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see Autoscaler modes." } }, "type": "object", "required": [ "maxNodes", "minNodes", "mode" ] }, "google-native:compute/alpha:NodeGroupMaintenanceInterval": { "description": "Specifies the frequency of planned maintenance events. The accepted values are: `AS_NEEDED` and `RECURRENT`.", "type": "string", "enum": [ { "name": "AsNeeded", "description": "VMs are eligible to receive infrastructure and hypervisor updates as they become available. This may result in more maintenance operations (live migrations or terminations) for the VM than the PERIODIC and RECURRENT options.", "value": "AS_NEEDED" }, { "name": "Periodic", "description": "VMs receive infrastructure and hypervisor updates on a periodic basis, minimizing the number of maintenance operations (live migrations or terminations) on an individual VM. This may mean a VM will take longer to receive an update than if it was configured for AS_NEEDED. Security updates will still be applied as soon as they are available.", "value": "PERIODIC" }, { "name": "Recurrent", "description": "VMs receive infrastructure and hypervisor updates on a periodic basis, minimizing the number of maintenance operations (live migrations or terminations) on an individual VM. This may mean a VM will take longer to receive an update than if it was configured for AS_NEEDED. Security updates will still be applied as soon as they are available. RECURRENT is used for GEN3 and Slice of Hardware VMs.", "value": "RECURRENT" } ] }, "google-native:compute/alpha:NodeGroupMaintenancePolicy": { "description": "Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see Maintenance policies.", "type": "string", "enum": [ { "name": "Default", "description": "Allow the node and corresponding instances to retain default maintenance behavior.", "value": "DEFAULT" }, { "name": "MaintenancePolicyUnspecified", "value": "MAINTENANCE_POLICY_UNSPECIFIED" }, { "name": "MigrateWithinNodeGroup", "description": "When maintenance must be done on a node, the instances on that node will be moved to other nodes in the group. Instances with onHostMaintenance = MIGRATE will live migrate to their destinations while instances with onHostMaintenance = TERMINATE will terminate and then restart on their destination nodes if automaticRestart = true.", "value": "MIGRATE_WITHIN_NODE_GROUP" }, { "name": "RestartInPlace", "description": "Instances in this group will restart on the same node when maintenance has completed. Instances must have onHostMaintenance = TERMINATE, and they will only restart if automaticRestart = true.", "value": "RESTART_IN_PLACE" } ] }, "google-native:compute/alpha:NodeGroupMaintenanceWindow": { "description": "Time window specified for daily maintenance operations. GCE's internal maintenance will be performed within this window.", "properties": { "startTime": { "type": "string", "description": "Start time of the window. This must be in UTC format that resolves to one of 00:00, 04:00, 08:00, 12:00, 16:00, or 20:00. For example, both 13:00-5 and 08:00 are valid." } }, "type": "object" }, "google-native:compute/alpha:NodeGroupMaintenanceWindowResponse": { "description": "Time window specified for daily maintenance operations. GCE's internal maintenance will be performed within this window.", "properties": { "duration": { "type": "string", "description": "[Output only] A predetermined duration for the window, automatically chosen to be the smallest possible in the given scenario." }, "maintenanceDuration": { "$ref": "#/types/google-native:compute%2Falpha:DurationResponse", "description": "[Output only] A predetermined duration for the window, automatically chosen to be the smallest possible in the given scenario." }, "startTime": { "type": "string", "description": "Start time of the window. This must be in UTC format that resolves to one of 00:00, 04:00, 08:00, 12:00, 16:00, or 20:00. For example, both 13:00-5 and 08:00 are valid." } }, "type": "object", "required": [ "duration", "maintenanceDuration", "startTime" ] }, "google-native:compute/alpha:NodeGroupStatus": { "type": "string", "enum": [ { "name": "Creating", "value": "CREATING" }, { "name": "Deleting", "value": "DELETING" }, { "name": "Invalid", "value": "INVALID" }, { "name": "Ready", "value": "READY" } ] }, "google-native:compute/alpha:NodeTemplateCpuOvercommitType": { "description": "CPU overcommit.", "type": "string", "enum": [ { "name": "CpuOvercommitTypeUnspecified", "value": "CPU_OVERCOMMIT_TYPE_UNSPECIFIED" }, { "name": "Enabled", "value": "ENABLED" }, { "name": "None", "value": "NONE" } ] }, "google-native:compute/alpha:NodeTemplateNodeTypeFlexibility": { "properties": { "cpus": { "type": "string" }, "localSsd": { "type": "string" }, "memory": { "type": "string" } }, "type": "object" }, "google-native:compute/alpha:NodeTemplateNodeTypeFlexibilityResponse": { "properties": { "cpus": { "type": "string" }, "localSsd": { "type": "string" }, "memory": { "type": "string" } }, "type": "object", "required": [ "cpus", "localSsd", "memory" ] }, "google-native:compute/alpha:NotificationEndpointGrpcSettings": { "description": "Represents a gRPC setting that describes one gRPC notification endpoint and the retry duration attempting to send notification to this endpoint.", "properties": { "authority": { "type": "string", "description": "Optional. If specified, this field is used to set the authority header by the sender of notifications. See https://tools.ietf.org/html/rfc7540#section-8.1.2.3" }, "endpoint": { "type": "string", "description": "Endpoint to which gRPC notifications are sent. This must be a valid gRPCLB DNS name." }, "payloadName": { "type": "string", "description": "Optional. If specified, this field is used to populate the \"name\" field in gRPC requests." }, "resendInterval": { "$ref": "#/types/google-native:compute%2Falpha:Duration", "description": "Optional. This field is used to configure how often to send a full update of all non-healthy backends. If unspecified, full updates are not sent. If specified, must be in the range between 600 seconds to 3600 seconds. Nanos are disallowed. Can only be set for regional notification endpoints." }, "retryDurationSec": { "type": "integer", "description": "How much time (in seconds) is spent attempting notification retries until a successful response is received. Default is 30s. Limit is 20m (1200s). Must be a positive number." } }, "type": "object" }, "google-native:compute/alpha:NotificationEndpointGrpcSettingsResponse": { "description": "Represents a gRPC setting that describes one gRPC notification endpoint and the retry duration attempting to send notification to this endpoint.", "properties": { "authority": { "type": "string", "description": "Optional. If specified, this field is used to set the authority header by the sender of notifications. See https://tools.ietf.org/html/rfc7540#section-8.1.2.3" }, "endpoint": { "type": "string", "description": "Endpoint to which gRPC notifications are sent. This must be a valid gRPCLB DNS name." }, "payloadName": { "type": "string", "description": "Optional. If specified, this field is used to populate the \"name\" field in gRPC requests." }, "resendInterval": { "$ref": "#/types/google-native:compute%2Falpha:DurationResponse", "description": "Optional. This field is used to configure how often to send a full update of all non-healthy backends. If unspecified, full updates are not sent. If specified, must be in the range between 600 seconds to 3600 seconds. Nanos are disallowed. Can only be set for regional notification endpoints." }, "retryDurationSec": { "type": "integer", "description": "How much time (in seconds) is spent attempting notification retries until a successful response is received. Default is 30s. Limit is 20m (1200s). Must be a positive number." } }, "type": "object", "required": [ "authority", "endpoint", "payloadName", "resendInterval", "retryDurationSec" ] }, "google-native:compute/alpha:OrganizationSecurityPolicyType": { "description": "The type indicates the intended use of the security policy. - CLOUD_ARMOR: Cloud Armor backend security policies can be configured to filter incoming HTTP requests targeting backend services. They filter requests before they hit the origin servers. - CLOUD_ARMOR_EDGE: Cloud Armor edge security policies can be configured to filter incoming HTTP requests targeting backend services (including Cloud CDN-enabled) as well as backend buckets (Cloud Storage). They filter requests before the request is served from Google's cache. - CLOUD_ARMOR_INTERNAL_SERVICE: Cloud Armor internal service policies can be configured to filter HTTP requests targeting services managed by Traffic Director in a service mesh. They filter requests before the request is served from the application. - CLOUD_ARMOR_NETWORK: Cloud Armor network policies can be configured to filter packets targeting network load balancing resources such as backend services, target pools, target instances, and instances with external IPs. They filter requests before the request is served from the application. This field can be set only at resource creation time.", "type": "string", "enum": [ { "name": "CloudArmor", "value": "CLOUD_ARMOR" }, { "name": "CloudArmorEdge", "value": "CLOUD_ARMOR_EDGE" }, { "name": "CloudArmorInternalService", "value": "CLOUD_ARMOR_INTERNAL_SERVICE" }, { "name": "CloudArmorNetwork", "value": "CLOUD_ARMOR_NETWORK" }, { "name": "Firewall", "value": "FIREWALL" } ] }, "google-native:compute/alpha:OriginAuthenticationMethod": { "description": "[Deprecated] Configuration for the origin authentication method. Configuration for the origin authentication method.", "properties": { "jwt": { "$ref": "#/types/google-native:compute%2Falpha:Jwt" } }, "type": "object" }, "google-native:compute/alpha:OriginAuthenticationMethodResponse": { "description": "[Deprecated] Configuration for the origin authentication method. Configuration for the origin authentication method.", "properties": { "jwt": { "$ref": "#/types/google-native:compute%2Falpha:JwtResponse" } }, "type": "object", "required": [ "jwt" ] }, "google-native:compute/alpha:OutlierDetection": { "description": "Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service.", "properties": { "baseEjectionTime": { "$ref": "#/types/google-native:compute%2Falpha:Duration", "description": "The base time that a backend endpoint is ejected for. Defaults to 30000ms or 30s. After a backend endpoint is returned back to the load balancing pool, it can be ejected again in another ejection analysis. Thus, the total ejection time is equal to the base ejection time multiplied by the number of times the backend endpoint has been ejected. Defaults to 30000ms or 30s." }, "consecutiveErrors": { "type": "integer", "description": "Number of consecutive errors before a backend endpoint is ejected from the load balancing pool. When the backend endpoint is accessed over HTTP, a 5xx return code qualifies as an error. Defaults to 5." }, "consecutiveGatewayFailure": { "type": "integer", "description": "The number of consecutive gateway failures (502, 503, 504 status or connection errors that are mapped to one of those status codes) before a consecutive gateway failure ejection occurs. Defaults to 3." }, "enforcingConsecutiveErrors": { "type": "integer", "description": "The percentage chance that a backend endpoint will be ejected when an outlier status is detected through consecutive 5xx. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 0." }, "enforcingConsecutiveGatewayFailure": { "type": "integer", "description": "The percentage chance that a backend endpoint will be ejected when an outlier status is detected through consecutive gateway failures. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100." }, "enforcingSuccessRate": { "type": "integer", "description": "The percentage chance that a backend endpoint will be ejected when an outlier status is detected through success rate statistics. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100. Not supported when the backend service uses Serverless NEG." }, "interval": { "$ref": "#/types/google-native:compute%2Falpha:Duration", "description": "Time interval between ejection analysis sweeps. This can result in both new ejections and backend endpoints being returned to service. The interval is equal to the number of seconds as defined in outlierDetection.interval.seconds plus the number of nanoseconds as defined in outlierDetection.interval.nanos. Defaults to 1 second." }, "maxEjectionPercent": { "type": "integer", "description": "Maximum percentage of backend endpoints in the load balancing pool for the backend service that can be ejected if the ejection conditions are met. Defaults to 50%." }, "successRateMinimumHosts": { "type": "integer", "description": "The number of backend endpoints in the load balancing pool that must have enough request volume to detect success rate outliers. If the number of backend endpoints is fewer than this setting, outlier detection via success rate statistics is not performed for any backend endpoint in the load balancing pool. Defaults to 5. Not supported when the backend service uses Serverless NEG." }, "successRateRequestVolume": { "type": "integer", "description": "The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this backend endpoint in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that backend endpoint. Defaults to 100. Not supported when the backend service uses Serverless NEG." }, "successRateStdevFactor": { "type": "integer", "description": "This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * successRateStdevFactor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900. Not supported when the backend service uses Serverless NEG." } }, "type": "object" }, "google-native:compute/alpha:OutlierDetectionResponse": { "description": "Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service.", "properties": { "baseEjectionTime": { "$ref": "#/types/google-native:compute%2Falpha:DurationResponse", "description": "The base time that a backend endpoint is ejected for. Defaults to 30000ms or 30s. After a backend endpoint is returned back to the load balancing pool, it can be ejected again in another ejection analysis. Thus, the total ejection time is equal to the base ejection time multiplied by the number of times the backend endpoint has been ejected. Defaults to 30000ms or 30s." }, "consecutiveErrors": { "type": "integer", "description": "Number of consecutive errors before a backend endpoint is ejected from the load balancing pool. When the backend endpoint is accessed over HTTP, a 5xx return code qualifies as an error. Defaults to 5." }, "consecutiveGatewayFailure": { "type": "integer", "description": "The number of consecutive gateway failures (502, 503, 504 status or connection errors that are mapped to one of those status codes) before a consecutive gateway failure ejection occurs. Defaults to 3." }, "enforcingConsecutiveErrors": { "type": "integer", "description": "The percentage chance that a backend endpoint will be ejected when an outlier status is detected through consecutive 5xx. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 0." }, "enforcingConsecutiveGatewayFailure": { "type": "integer", "description": "The percentage chance that a backend endpoint will be ejected when an outlier status is detected through consecutive gateway failures. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100." }, "enforcingSuccessRate": { "type": "integer", "description": "The percentage chance that a backend endpoint will be ejected when an outlier status is detected through success rate statistics. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100. Not supported when the backend service uses Serverless NEG." }, "interval": { "$ref": "#/types/google-native:compute%2Falpha:DurationResponse", "description": "Time interval between ejection analysis sweeps. This can result in both new ejections and backend endpoints being returned to service. The interval is equal to the number of seconds as defined in outlierDetection.interval.seconds plus the number of nanoseconds as defined in outlierDetection.interval.nanos. Defaults to 1 second." }, "maxEjectionPercent": { "type": "integer", "description": "Maximum percentage of backend endpoints in the load balancing pool for the backend service that can be ejected if the ejection conditions are met. Defaults to 50%." }, "successRateMinimumHosts": { "type": "integer", "description": "The number of backend endpoints in the load balancing pool that must have enough request volume to detect success rate outliers. If the number of backend endpoints is fewer than this setting, outlier detection via success rate statistics is not performed for any backend endpoint in the load balancing pool. Defaults to 5. Not supported when the backend service uses Serverless NEG." }, "successRateRequestVolume": { "type": "integer", "description": "The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this backend endpoint in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that backend endpoint. Defaults to 100. Not supported when the backend service uses Serverless NEG." }, "successRateStdevFactor": { "type": "integer", "description": "This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * successRateStdevFactor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900. Not supported when the backend service uses Serverless NEG." } }, "type": "object", "required": [ "baseEjectionTime", "consecutiveErrors", "consecutiveGatewayFailure", "enforcingConsecutiveErrors", "enforcingConsecutiveGatewayFailure", "enforcingSuccessRate", "interval", "maxEjectionPercent", "successRateMinimumHosts", "successRateRequestVolume", "successRateStdevFactor" ] }, "google-native:compute/alpha:PacketMirroringEnable": { "description": "Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network. The default is TRUE.", "type": "string", "enum": [ { "name": "False", "value": "FALSE" }, { "name": "True", "value": "TRUE" } ] }, "google-native:compute/alpha:PacketMirroringFilter": { "properties": { "cidrRanges": { "type": "array", "items": { "type": "string" }, "description": "IP CIDR ranges that apply as filter on the source (ingress) or destination (egress) IP in the IP header. Only IPv4 is supported. If no ranges are specified, all traffic that matches the specified IPProtocols is mirrored. If neither cidrRanges nor IPProtocols is specified, all traffic is mirrored." }, "direction": { "$ref": "#/types/google-native:compute%2Falpha:PacketMirroringFilterDirection", "description": "Direction of traffic to mirror, either INGRESS, EGRESS, or BOTH. The default is BOTH." }, "ipProtocols": { "type": "array", "items": { "type": "string" }, "description": "Protocols that apply as filter on mirrored traffic. If no protocols are specified, all traffic that matches the specified CIDR ranges is mirrored. If neither cidrRanges nor IPProtocols is specified, all traffic is mirrored." } }, "type": "object" }, "google-native:compute/alpha:PacketMirroringFilterDirection": { "description": "Direction of traffic to mirror, either INGRESS, EGRESS, or BOTH. The default is BOTH.", "type": "string", "enum": [ { "name": "Both", "description": "Default, both directions are mirrored.", "value": "BOTH" }, { "name": "Egress", "description": "Only egress traffic is mirrored.", "value": "EGRESS" }, { "name": "Ingress", "description": "Only ingress traffic is mirrored.", "value": "INGRESS" } ] }, "google-native:compute/alpha:PacketMirroringFilterResponse": { "properties": { "cidrRanges": { "type": "array", "items": { "type": "string" }, "description": "IP CIDR ranges that apply as filter on the source (ingress) or destination (egress) IP in the IP header. Only IPv4 is supported. If no ranges are specified, all traffic that matches the specified IPProtocols is mirrored. If neither cidrRanges nor IPProtocols is specified, all traffic is mirrored." }, "direction": { "type": "string", "description": "Direction of traffic to mirror, either INGRESS, EGRESS, or BOTH. The default is BOTH." }, "ipProtocols": { "type": "array", "items": { "type": "string" }, "description": "Protocols that apply as filter on mirrored traffic. If no protocols are specified, all traffic that matches the specified CIDR ranges is mirrored. If neither cidrRanges nor IPProtocols is specified, all traffic is mirrored." } }, "type": "object", "required": [ "cidrRanges", "direction", "ipProtocols" ] }, "google-native:compute/alpha:PacketMirroringForwardingRuleInfo": { "properties": { "url": { "type": "string", "description": "Resource URL to the forwarding rule representing the ILB configured as destination of the mirrored traffic." } }, "type": "object" }, "google-native:compute/alpha:PacketMirroringForwardingRuleInfoResponse": { "properties": { "canonicalUrl": { "type": "string", "description": "Unique identifier for the forwarding rule; defined by the server." }, "url": { "type": "string", "description": "Resource URL to the forwarding rule representing the ILB configured as destination of the mirrored traffic." } }, "type": "object", "required": [ "canonicalUrl", "url" ] }, "google-native:compute/alpha:PacketMirroringMirroredResourceInfo": { "properties": { "instances": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:PacketMirroringMirroredResourceInfoInstanceInfo" }, "description": "A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring. Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring. You may specify a maximum of 50 Instances." }, "subnetworks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:PacketMirroringMirroredResourceInfoSubnetInfo" }, "description": "A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring. You may specify a maximum of 5 subnetworks." }, "tags": { "type": "array", "items": { "type": "string" }, "description": "A set of mirrored tags. Traffic from/to all VM instances that have one or more of these tags will be mirrored." } }, "type": "object" }, "google-native:compute/alpha:PacketMirroringMirroredResourceInfoInstanceInfo": { "properties": { "url": { "type": "string", "description": "Resource URL to the virtual machine instance which is being mirrored." } }, "type": "object" }, "google-native:compute/alpha:PacketMirroringMirroredResourceInfoInstanceInfoResponse": { "properties": { "canonicalUrl": { "type": "string", "description": "Unique identifier for the instance; defined by the server." }, "url": { "type": "string", "description": "Resource URL to the virtual machine instance which is being mirrored." } }, "type": "object", "required": [ "canonicalUrl", "url" ] }, "google-native:compute/alpha:PacketMirroringMirroredResourceInfoResponse": { "properties": { "instances": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:PacketMirroringMirroredResourceInfoInstanceInfoResponse" }, "description": "A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring. Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring. You may specify a maximum of 50 Instances." }, "subnetworks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:PacketMirroringMirroredResourceInfoSubnetInfoResponse" }, "description": "A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring. You may specify a maximum of 5 subnetworks." }, "tags": { "type": "array", "items": { "type": "string" }, "description": "A set of mirrored tags. Traffic from/to all VM instances that have one or more of these tags will be mirrored." } }, "type": "object", "required": [ "instances", "subnetworks", "tags" ] }, "google-native:compute/alpha:PacketMirroringMirroredResourceInfoSubnetInfo": { "properties": { "url": { "type": "string", "description": "Resource URL to the subnetwork for which traffic from/to all VM instances will be mirrored." } }, "type": "object" }, "google-native:compute/alpha:PacketMirroringMirroredResourceInfoSubnetInfoResponse": { "properties": { "canonicalUrl": { "type": "string", "description": "Unique identifier for the subnetwork; defined by the server." }, "url": { "type": "string", "description": "Resource URL to the subnetwork for which traffic from/to all VM instances will be mirrored." } }, "type": "object", "required": [ "canonicalUrl", "url" ] }, "google-native:compute/alpha:PacketMirroringNetworkInfo": { "properties": { "url": { "type": "string", "description": "URL of the network resource." } }, "type": "object" }, "google-native:compute/alpha:PacketMirroringNetworkInfoResponse": { "properties": { "canonicalUrl": { "type": "string", "description": "Unique identifier for the network; defined by the server." }, "url": { "type": "string", "description": "URL of the network resource." } }, "type": "object", "required": [ "canonicalUrl", "url" ] }, "google-native:compute/alpha:PathMatcher": { "description": "A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service is used.", "properties": { "defaultCustomErrorResponsePolicy": { "$ref": "#/types/google-native:compute%2Falpha:CustomErrorResponsePolicy", "description": "defaultCustomErrorResponsePolicy specifies how the Load Balancer returns error responses when BackendServiceor BackendBucket responds with an error. This policy takes effect at the PathMatcher level and applies only when no policy has been defined for the error code at lower levels like RouteRule and PathRule within this PathMatcher. If an error code does not have a policy defined in defaultCustomErrorResponsePolicy, then a policy defined for the error code in UrlMap.defaultCustomErrorResponsePolicy takes effect. For example, consider a UrlMap with the following configuration: - UrlMap.defaultCustomErrorResponsePolicy is configured with policies for 5xx and 4xx errors - A RouteRule for /coming_soon/ is configured for the error code 404. If the request is for www.myotherdomain.com and a 404 is encountered, the policy under UrlMap.defaultCustomErrorResponsePolicy takes effect. If a 404 response is encountered for the request www.example.com/current_events/, the pathMatcher's policy takes effect. If however, the request for www.example.com/coming_soon/ encounters a 404, the policy in RouteRule.customErrorResponsePolicy takes effect. If any of the requests in this example encounter a 500 error code, the policy at UrlMap.defaultCustomErrorResponsePolicy takes effect. When used in conjunction with pathMatcher.defaultRouteAction.retryPolicy, retries take precedence. Only once all retries are exhausted, the defaultCustomErrorResponsePolicy is applied. While attempting a retry, if load balancer is successful in reaching the service, the defaultCustomErrorResponsePolicy is ignored and the response from the service is returned to the client. defaultCustomErrorResponsePolicy is supported only for global external Application Load Balancers." }, "defaultRouteAction": { "$ref": "#/types/google-native:compute%2Falpha:HttpRouteAction", "description": "defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions, such as URL rewrites and header transformations, before forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. URL maps for classic Application Load Balancers only support the urlRewrite action within a path matcher's defaultRouteAction." }, "defaultService": { "type": "string", "description": "The full or partial URL to the BackendService resource. This URL is used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is also specified, advanced routing actions, such as URL rewrites, take effect before sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect , or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use " }, "defaultUrlRedirect": { "$ref": "#/types/google-native:compute%2Falpha:HttpRedirectAction", "description": "When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to a target gRPC proxy." }, "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "headerAction": { "$ref": "#/types/google-native:compute%2Falpha:HttpHeaderAction", "description": "Specifies changes to request and response headers that need to take effect for the selected backend service. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap HeaderAction is not supported for load balancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "name": { "type": "string", "description": "The name to which this PathMatcher is referred by the HostRule." }, "pathRules": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:PathRule" }, "description": "The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set." }, "routeRules": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:HttpRouteRule" }, "description": "The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules." } }, "type": "object" }, "google-native:compute/alpha:PathMatcherResponse": { "description": "A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service is used.", "properties": { "defaultCustomErrorResponsePolicy": { "$ref": "#/types/google-native:compute%2Falpha:CustomErrorResponsePolicyResponse", "description": "defaultCustomErrorResponsePolicy specifies how the Load Balancer returns error responses when BackendServiceor BackendBucket responds with an error. This policy takes effect at the PathMatcher level and applies only when no policy has been defined for the error code at lower levels like RouteRule and PathRule within this PathMatcher. If an error code does not have a policy defined in defaultCustomErrorResponsePolicy, then a policy defined for the error code in UrlMap.defaultCustomErrorResponsePolicy takes effect. For example, consider a UrlMap with the following configuration: - UrlMap.defaultCustomErrorResponsePolicy is configured with policies for 5xx and 4xx errors - A RouteRule for /coming_soon/ is configured for the error code 404. If the request is for www.myotherdomain.com and a 404 is encountered, the policy under UrlMap.defaultCustomErrorResponsePolicy takes effect. If a 404 response is encountered for the request www.example.com/current_events/, the pathMatcher's policy takes effect. If however, the request for www.example.com/coming_soon/ encounters a 404, the policy in RouteRule.customErrorResponsePolicy takes effect. If any of the requests in this example encounter a 500 error code, the policy at UrlMap.defaultCustomErrorResponsePolicy takes effect. When used in conjunction with pathMatcher.defaultRouteAction.retryPolicy, retries take precedence. Only once all retries are exhausted, the defaultCustomErrorResponsePolicy is applied. While attempting a retry, if load balancer is successful in reaching the service, the defaultCustomErrorResponsePolicy is ignored and the response from the service is returned to the client. defaultCustomErrorResponsePolicy is supported only for global external Application Load Balancers." }, "defaultRouteAction": { "$ref": "#/types/google-native:compute%2Falpha:HttpRouteActionResponse", "description": "defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions, such as URL rewrites and header transformations, before forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. URL maps for classic Application Load Balancers only support the urlRewrite action within a path matcher's defaultRouteAction." }, "defaultService": { "type": "string", "description": "The full or partial URL to the BackendService resource. This URL is used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is also specified, advanced routing actions, such as URL rewrites, take effect before sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect , or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use " }, "defaultUrlRedirect": { "$ref": "#/types/google-native:compute%2Falpha:HttpRedirectActionResponse", "description": "When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to a target gRPC proxy." }, "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "headerAction": { "$ref": "#/types/google-native:compute%2Falpha:HttpHeaderActionResponse", "description": "Specifies changes to request and response headers that need to take effect for the selected backend service. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap HeaderAction is not supported for load balancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "name": { "type": "string", "description": "The name to which this PathMatcher is referred by the HostRule." }, "pathRules": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:PathRuleResponse" }, "description": "The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set." }, "routeRules": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:HttpRouteRuleResponse" }, "description": "The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules." } }, "type": "object", "required": [ "defaultCustomErrorResponsePolicy", "defaultRouteAction", "defaultService", "defaultUrlRedirect", "description", "headerAction", "name", "pathRules", "routeRules" ] }, "google-native:compute/alpha:PathRule": { "description": "A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.", "properties": { "customErrorResponsePolicy": { "$ref": "#/types/google-native:compute%2Falpha:CustomErrorResponsePolicy", "description": "customErrorResponsePolicy specifies how the Load Balancer returns error responses when BackendServiceor BackendBucket responds with an error. If a policy for an error code is not configured for the PathRule, a policy for the error code configured in pathMatcher.defaultCustomErrorResponsePolicy is applied. If one is not specified in pathMatcher.defaultCustomErrorResponsePolicy, the policy configured in UrlMap.defaultCustomErrorResponsePolicy takes effect. For example, consider a UrlMap with the following configuration: - UrlMap.defaultCustomErrorResponsePolicy are configured with policies for 5xx and 4xx errors - A PathRule for /coming_soon/ is configured for the error code 404. If the request is for www.myotherdomain.com and a 404 is encountered, the policy under UrlMap.defaultCustomErrorResponsePolicy takes effect. If a 404 response is encountered for the request www.example.com/current_events/, the pathMatcher's policy takes effect. If however, the request for www.example.com/coming_soon/ encounters a 404, the policy in PathRule.customErrorResponsePolicy takes effect. If any of the requests in this example encounter a 500 error code, the policy at UrlMap.defaultCustomErrorResponsePolicy takes effect. customErrorResponsePolicy is supported only for global external Application Load Balancers." }, "paths": { "type": "array", "items": { "type": "string" }, "description": "The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here." }, "routeAction": { "$ref": "#/types/google-native:compute%2Falpha:HttpRouteAction", "description": "In response to a matching path, the load balancer performs advanced routing actions, such as URL rewrites and header transformations, before forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. URL maps for classic Application Load Balancers only support the urlRewrite action within a path rule's routeAction." }, "service": { "type": "string", "description": "The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is also specified, advanced routing actions, such as URL rewrites, take effect before sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set." }, "urlRedirect": { "$ref": "#/types/google-native:compute%2Falpha:HttpRedirectAction", "description": "When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to a target gRPC proxy." } }, "type": "object" }, "google-native:compute/alpha:PathRuleResponse": { "description": "A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.", "properties": { "customErrorResponsePolicy": { "$ref": "#/types/google-native:compute%2Falpha:CustomErrorResponsePolicyResponse", "description": "customErrorResponsePolicy specifies how the Load Balancer returns error responses when BackendServiceor BackendBucket responds with an error. If a policy for an error code is not configured for the PathRule, a policy for the error code configured in pathMatcher.defaultCustomErrorResponsePolicy is applied. If one is not specified in pathMatcher.defaultCustomErrorResponsePolicy, the policy configured in UrlMap.defaultCustomErrorResponsePolicy takes effect. For example, consider a UrlMap with the following configuration: - UrlMap.defaultCustomErrorResponsePolicy are configured with policies for 5xx and 4xx errors - A PathRule for /coming_soon/ is configured for the error code 404. If the request is for www.myotherdomain.com and a 404 is encountered, the policy under UrlMap.defaultCustomErrorResponsePolicy takes effect. If a 404 response is encountered for the request www.example.com/current_events/, the pathMatcher's policy takes effect. If however, the request for www.example.com/coming_soon/ encounters a 404, the policy in PathRule.customErrorResponsePolicy takes effect. If any of the requests in this example encounter a 500 error code, the policy at UrlMap.defaultCustomErrorResponsePolicy takes effect. customErrorResponsePolicy is supported only for global external Application Load Balancers." }, "paths": { "type": "array", "items": { "type": "string" }, "description": "The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here." }, "routeAction": { "$ref": "#/types/google-native:compute%2Falpha:HttpRouteActionResponse", "description": "In response to a matching path, the load balancer performs advanced routing actions, such as URL rewrites and header transformations, before forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. URL maps for classic Application Load Balancers only support the urlRewrite action within a path rule's routeAction." }, "service": { "type": "string", "description": "The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is also specified, advanced routing actions, such as URL rewrites, take effect before sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set." }, "urlRedirect": { "$ref": "#/types/google-native:compute%2Falpha:HttpRedirectActionResponse", "description": "When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to a target gRPC proxy." } }, "type": "object", "required": [ "customErrorResponsePolicy", "paths", "routeAction", "service", "urlRedirect" ] }, "google-native:compute/alpha:PeerAuthenticationMethod": { "description": "[Deprecated] Configuration for the peer authentication method. Configuration for the peer authentication method.", "properties": { "mtls": { "$ref": "#/types/google-native:compute%2Falpha:MutualTls", "description": "Set if mTLS is used for peer authentication." } }, "type": "object" }, "google-native:compute/alpha:PeerAuthenticationMethodResponse": { "description": "[Deprecated] Configuration for the peer authentication method. Configuration for the peer authentication method.", "properties": { "mtls": { "$ref": "#/types/google-native:compute%2Falpha:MutualTlsResponse", "description": "Set if mTLS is used for peer authentication." } }, "type": "object", "required": [ "mtls" ] }, "google-native:compute/alpha:Permission": { "description": "[Deprecated] All fields defined in a permission are ANDed.", "properties": { "constraints": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:PermissionConstraint" }, "description": "Extra custom constraints. The constraints are ANDed together." }, "hosts": { "type": "array", "items": { "type": "string" }, "description": "Used in Ingress or Egress Gateway cases to specify hosts that the policy applies to. Exact match, prefix match, and suffix match are supported." }, "methods": { "type": "array", "items": { "type": "string" }, "description": "HTTP method." }, "notHosts": { "type": "array", "items": { "type": "string" }, "description": "Negate of hosts. Specifies exclusions." }, "notMethods": { "type": "array", "items": { "type": "string" }, "description": "Negate of methods. Specifies exclusions." }, "notPaths": { "type": "array", "items": { "type": "string" }, "description": "Negate of paths. Specifies exclusions." }, "notPorts": { "type": "array", "items": { "type": "string" }, "description": "Negate of ports. Specifies exclusions." }, "paths": { "type": "array", "items": { "type": "string" }, "description": "HTTP request paths or gRPC methods. Exact match, prefix match, and suffix match are supported." }, "ports": { "type": "array", "items": { "type": "string" }, "description": "Port names or numbers." } }, "type": "object" }, "google-native:compute/alpha:PermissionConstraint": { "description": "Custom constraint that specifies a key and a list of allowed values for Istio attributes.", "properties": { "key": { "type": "string", "description": "Key of the constraint." }, "values": { "type": "array", "items": { "type": "string" }, "description": "A list of allowed values." } }, "type": "object" }, "google-native:compute/alpha:PermissionConstraintResponse": { "description": "Custom constraint that specifies a key and a list of allowed values for Istio attributes.", "properties": { "key": { "type": "string", "description": "Key of the constraint." }, "values": { "type": "array", "items": { "type": "string" }, "description": "A list of allowed values." } }, "type": "object", "required": [ "key", "values" ] }, "google-native:compute/alpha:PermissionResponse": { "description": "[Deprecated] All fields defined in a permission are ANDed.", "properties": { "constraints": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:PermissionConstraintResponse" }, "description": "Extra custom constraints. The constraints are ANDed together." }, "hosts": { "type": "array", "items": { "type": "string" }, "description": "Used in Ingress or Egress Gateway cases to specify hosts that the policy applies to. Exact match, prefix match, and suffix match are supported." }, "methods": { "type": "array", "items": { "type": "string" }, "description": "HTTP method." }, "notHosts": { "type": "array", "items": { "type": "string" }, "description": "Negate of hosts. Specifies exclusions." }, "notMethods": { "type": "array", "items": { "type": "string" }, "description": "Negate of methods. Specifies exclusions." }, "notPaths": { "type": "array", "items": { "type": "string" }, "description": "Negate of paths. Specifies exclusions." }, "notPorts": { "type": "array", "items": { "type": "string" }, "description": "Negate of ports. Specifies exclusions." }, "paths": { "type": "array", "items": { "type": "string" }, "description": "HTTP request paths or gRPC methods. Exact match, prefix match, and suffix match are supported." }, "ports": { "type": "array", "items": { "type": "string" }, "description": "Port names or numbers." } }, "type": "object", "required": [ "constraints", "hosts", "methods", "notHosts", "notMethods", "notPaths", "notPorts", "paths", "ports" ] }, "google-native:compute/alpha:Principal": { "description": "[Deprecated] All fields defined in a principal are ANDed.", "properties": { "condition": { "type": "string", "description": "An expression to specify custom condition." }, "groups": { "type": "array", "items": { "type": "string" }, "description": "The groups the principal belongs to. Exact match, prefix match, and suffix match are supported." }, "ips": { "type": "array", "items": { "type": "string" }, "description": "IPv4 or IPv6 address or range (In CIDR format)" }, "namespaces": { "type": "array", "items": { "type": "string" }, "description": "The namespaces. Exact match, prefix match, and suffix match are supported." }, "notGroups": { "type": "array", "items": { "type": "string" }, "description": "Negate of groups. Specifies exclusions." }, "notIps": { "type": "array", "items": { "type": "string" }, "description": "Negate of IPs. Specifies exclusions." }, "notNamespaces": { "type": "array", "items": { "type": "string" }, "description": "Negate of namespaces. Specifies exclusions." }, "notUsers": { "type": "array", "items": { "type": "string" }, "description": "Negate of users. Specifies exclusions." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of Istio attribute to expected values. Exact match, prefix match, and suffix match are supported for values. For example, `request.headers[version]: \"v1\"`. The properties are ANDed together." }, "users": { "type": "array", "items": { "type": "string" }, "description": "The user names/IDs or service accounts. Exact match, prefix match, and suffix match are supported." } }, "type": "object" }, "google-native:compute/alpha:PrincipalResponse": { "description": "[Deprecated] All fields defined in a principal are ANDed.", "properties": { "condition": { "type": "string", "description": "An expression to specify custom condition." }, "groups": { "type": "array", "items": { "type": "string" }, "description": "The groups the principal belongs to. Exact match, prefix match, and suffix match are supported." }, "ips": { "type": "array", "items": { "type": "string" }, "description": "IPv4 or IPv6 address or range (In CIDR format)" }, "namespaces": { "type": "array", "items": { "type": "string" }, "description": "The namespaces. Exact match, prefix match, and suffix match are supported." }, "notGroups": { "type": "array", "items": { "type": "string" }, "description": "Negate of groups. Specifies exclusions." }, "notIps": { "type": "array", "items": { "type": "string" }, "description": "Negate of IPs. Specifies exclusions." }, "notNamespaces": { "type": "array", "items": { "type": "string" }, "description": "Negate of namespaces. Specifies exclusions." }, "notUsers": { "type": "array", "items": { "type": "string" }, "description": "Negate of users. Specifies exclusions." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of Istio attribute to expected values. Exact match, prefix match, and suffix match are supported for values. For example, `request.headers[version]: \"v1\"`. The properties are ANDed together." }, "users": { "type": "array", "items": { "type": "string" }, "description": "The user names/IDs or service accounts. Exact match, prefix match, and suffix match are supported." } }, "type": "object", "required": [ "condition", "groups", "ips", "namespaces", "notGroups", "notIps", "notNamespaces", "notUsers", "properties", "users" ] }, "google-native:compute/alpha:PublicAdvertisedPrefixPdpScope": { "description": "Specifies how child public delegated prefix will be scoped. It could be one of following values: - `REGIONAL`: The public delegated prefix is regional only. The provisioning will take a few minutes. - `GLOBAL`: The public delegated prefix is global only. The provisioning will take ~4 weeks. - `GLOBAL_AND_REGIONAL` [output only]: The public delegated prefixes is BYOIP V1 legacy prefix. This is output only value and no longer supported in BYOIP V2. ", "type": "string", "enum": [ { "name": "Global", "description": "The public delegated prefix is global only. The provisioning will take ~4 weeks.", "value": "GLOBAL" }, { "name": "GlobalAndRegional", "description": "The public delegated prefixes is BYOIP V1 legacy prefix. This is output only value and no longer supported in BYOIP V2.", "value": "GLOBAL_AND_REGIONAL" }, { "name": "Regional", "description": "The public delegated prefix is regional only. The provisioning will take a few minutes.", "value": "REGIONAL" } ] }, "google-native:compute/alpha:PublicAdvertisedPrefixPublicDelegatedPrefixResponse": { "description": "Represents a CIDR range which can be used to assign addresses.", "properties": { "ipRange": { "type": "string", "description": "The IP address range of the public delegated prefix" }, "name": { "type": "string", "description": "The name of the public delegated prefix" }, "project": { "type": "string", "description": "The project number of the public delegated prefix" }, "region": { "type": "string", "description": "The region of the public delegated prefix if it is regional. If absent, the prefix is global." }, "status": { "type": "string", "description": "The status of the public delegated prefix. Possible values are: INITIALIZING: The public delegated prefix is being initialized and addresses cannot be created yet. ANNOUNCED: The public delegated prefix is active." } }, "type": "object", "required": [ "ipRange", "name", "project", "region", "status" ] }, "google-native:compute/alpha:PublicAdvertisedPrefixStatus": { "description": "The status of the public advertised prefix. Possible values include: - `INITIAL`: RPKI validation is complete. - `PTR_CONFIGURED`: User has configured the PTR. - `VALIDATED`: Reverse DNS lookup is successful. - `REVERSE_DNS_LOOKUP_FAILED`: Reverse DNS lookup failed. - `PREFIX_CONFIGURATION_IN_PROGRESS`: The prefix is being configured. - `PREFIX_CONFIGURATION_COMPLETE`: The prefix is fully configured. - `PREFIX_REMOVAL_IN_PROGRESS`: The prefix is being removed. ", "type": "string", "enum": [ { "name": "AnnouncedToInternet", "description": "The prefix is announced to Internet.", "value": "ANNOUNCED_TO_INTERNET" }, { "name": "Initial", "description": "RPKI validation is complete.", "value": "INITIAL" }, { "name": "PrefixConfigurationComplete", "description": "The prefix is fully configured.", "value": "PREFIX_CONFIGURATION_COMPLETE" }, { "name": "PrefixConfigurationInProgress", "description": "The prefix is being configured.", "value": "PREFIX_CONFIGURATION_IN_PROGRESS" }, { "name": "PrefixRemovalInProgress", "description": "The prefix is being removed.", "value": "PREFIX_REMOVAL_IN_PROGRESS" }, { "name": "PtrConfigured", "description": "User has configured the PTR.", "value": "PTR_CONFIGURED" }, { "name": "ReadyToAnnounce", "description": "The prefix is currently withdrawn but ready to be announced.", "value": "READY_TO_ANNOUNCE" }, { "name": "ReverseDnsLookupFailed", "description": "Reverse DNS lookup failed.", "value": "REVERSE_DNS_LOOKUP_FAILED" }, { "name": "Validated", "description": "Reverse DNS lookup is successful.", "value": "VALIDATED" } ] }, "google-native:compute/alpha:PublicDelegatedPrefixMode": { "description": "The public delegated prefix mode for IPv6 only.", "type": "string", "enum": [ { "name": "Delegation", "description": "The public delegated prefix is used for further sub-delegation only. Such prefixes cannot set allocatablePrefixLength.", "value": "DELEGATION" }, { "name": "ExternalIpv6ForwardingRuleCreation", "description": "The public delegated prefix is used for creating forwarding rules only. Such prefixes cannot set publicDelegatedSubPrefixes.", "value": "EXTERNAL_IPV6_FORWARDING_RULE_CREATION" } ] }, "google-native:compute/alpha:PublicDelegatedPrefixPublicDelegatedSubPrefix": { "description": "Represents a sub PublicDelegatedPrefix.", "properties": { "allocatablePrefixLength": { "type": "integer", "description": "The allocatable prefix length supported by this PublicDelegatedSubPrefix." }, "delegateeProject": { "type": "string", "description": "Name of the project scoping this PublicDelegatedSubPrefix." }, "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "ipCidrRange": { "type": "string", "description": "The IP address range, in CIDR format, represented by this sub public delegated prefix." }, "isAddress": { "type": "boolean", "description": "Whether the sub prefix is delegated to create Address resources in the delegatee project." }, "mode": { "$ref": "#/types/google-native:compute%2Falpha:PublicDelegatedPrefixPublicDelegatedSubPrefixMode", "description": "The PublicDelegatedSubPrefix mode for IPv6 only." }, "name": { "type": "string", "description": "The name of the sub public delegated prefix." } }, "type": "object" }, "google-native:compute/alpha:PublicDelegatedPrefixPublicDelegatedSubPrefixMode": { "description": "The PublicDelegatedSubPrefix mode for IPv6 only.", "type": "string", "enum": [ { "name": "Delegation", "description": "The public delegated prefix is used for further sub-delegation only. Such prefixes cannot set allocatablePrefixLength.", "value": "DELEGATION" }, { "name": "ExternalIpv6ForwardingRuleCreation", "description": "The public delegated prefix is used for creating forwarding rules only. Such prefixes cannot set publicDelegatedSubPrefixes.", "value": "EXTERNAL_IPV6_FORWARDING_RULE_CREATION" } ] }, "google-native:compute/alpha:PublicDelegatedPrefixPublicDelegatedSubPrefixResponse": { "description": "Represents a sub PublicDelegatedPrefix.", "properties": { "allocatablePrefixLength": { "type": "integer", "description": "The allocatable prefix length supported by this PublicDelegatedSubPrefix." }, "delegateeProject": { "type": "string", "description": "Name of the project scoping this PublicDelegatedSubPrefix." }, "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "ipCidrRange": { "type": "string", "description": "The IP address range, in CIDR format, represented by this sub public delegated prefix." }, "isAddress": { "type": "boolean", "description": "Whether the sub prefix is delegated to create Address resources in the delegatee project." }, "mode": { "type": "string", "description": "The PublicDelegatedSubPrefix mode for IPv6 only." }, "name": { "type": "string", "description": "The name of the sub public delegated prefix." }, "region": { "type": "string", "description": "The region of the sub public delegated prefix if it is regional. If absent, the sub prefix is global." }, "status": { "type": "string", "description": "The status of the sub public delegated prefix." } }, "type": "object", "required": [ "allocatablePrefixLength", "delegateeProject", "description", "ipCidrRange", "isAddress", "mode", "name", "region", "status" ] }, "google-native:compute/alpha:QueuedResourceStatusFailedDataErrorErrorsItemErrorDetailsItemResponse": { "properties": { "errorInfo": { "$ref": "#/types/google-native:compute%2Falpha:ErrorInfoResponse" }, "help": { "$ref": "#/types/google-native:compute%2Falpha:HelpResponse" }, "localizedMessage": { "$ref": "#/types/google-native:compute%2Falpha:LocalizedMessageResponse" }, "quotaInfo": { "$ref": "#/types/google-native:compute%2Falpha:QuotaExceededInfoResponse" } }, "type": "object", "required": [ "errorInfo", "help", "localizedMessage", "quotaInfo" ] }, "google-native:compute/alpha:QueuedResourceStatusFailedDataErrorErrorsItemResponse": { "properties": { "code": { "type": "string", "description": "The error type identifier for this error." }, "errorDetails": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:QueuedResourceStatusFailedDataErrorErrorsItemErrorDetailsItemResponse" }, "description": "An optional list of messages that contain the error details. There is a set of defined message types to use for providing details.The syntax depends on the error code. For example, QuotaExceededInfo will have details when the error code is QUOTA_EXCEEDED." }, "location": { "type": "string", "description": "Indicates the field in the request that caused the error. This property is optional." }, "message": { "type": "string", "description": "An optional, human-readable error message." } }, "type": "object", "required": [ "code", "errorDetails", "location", "message" ] }, "google-native:compute/alpha:QueuedResourceStatusFailedDataErrorResponse": { "description": "The error(s) that caused the QueuedResource to enter the FAILED state.", "properties": { "errors": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:QueuedResourceStatusFailedDataErrorErrorsItemResponse" }, "description": "The array of errors encountered while processing this operation." } }, "type": "object", "required": [ "errors" ] }, "google-native:compute/alpha:QueuedResourceStatusFailedDataResponse": { "description": "Additional status detail for the FAILED state.", "properties": { "error": { "$ref": "#/types/google-native:compute%2Falpha:QueuedResourceStatusFailedDataErrorResponse", "description": "The error(s) that caused the QueuedResource to enter the FAILED state." } }, "type": "object", "required": [ "error" ] }, "google-native:compute/alpha:QueuedResourceStatusResponse": { "description": "[Output only] Result of queuing and provisioning based on deferred capacity.", "properties": { "failedData": { "$ref": "#/types/google-native:compute%2Falpha:QueuedResourceStatusFailedDataResponse", "description": "Additional status detail for the FAILED state." }, "provisioningOperations": { "type": "array", "items": { "type": "string" }, "description": "[Output only] Fully qualified URL of the provisioning GCE operation to track the provisioning along with provisioning errors. The referenced operation may not exist after having been deleted or expired." }, "queuingPolicy": { "$ref": "#/types/google-native:compute%2Falpha:QueuingPolicyResponse", "description": "Constraints for the time when the resource(s) start provisioning. Always exposed as absolute times." } }, "type": "object", "required": [ "failedData", "provisioningOperations", "queuingPolicy" ] }, "google-native:compute/alpha:QueuingPolicy": { "description": "Queuing parameters for the requested deferred capacity.", "properties": { "validUntilDuration": { "$ref": "#/types/google-native:compute%2Falpha:Duration", "description": "Relative deadline for waiting for capacity." }, "validUntilTime": { "type": "string", "description": "Absolute deadline for waiting for capacity in RFC3339 text format." } }, "type": "object" }, "google-native:compute/alpha:QueuingPolicyResponse": { "description": "Queuing parameters for the requested deferred capacity.", "properties": { "validUntilDuration": { "$ref": "#/types/google-native:compute%2Falpha:DurationResponse", "description": "Relative deadline for waiting for capacity." }, "validUntilTime": { "type": "string", "description": "Absolute deadline for waiting for capacity in RFC3339 text format." } }, "type": "object", "required": [ "validUntilDuration", "validUntilTime" ] }, "google-native:compute/alpha:QuotaExceededInfoResponse": { "description": "Additional details for quota exceeded error for resource quota.", "properties": { "dimensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map holding related quota dimensions." }, "futureLimit": { "type": "number", "description": "Future quota limit being rolled out. The limit's unit depends on the quota type or metric." }, "limit": { "type": "number", "description": "Current effective quota limit. The limit's unit depends on the quota type or metric." }, "limitName": { "type": "string", "description": "The name of the quota limit." }, "metricName": { "type": "string", "description": "The Compute Engine quota metric name." }, "rolloutStatus": { "type": "string", "description": "Rollout status of the future quota limit." } }, "type": "object", "required": [ "dimensions", "futureLimit", "limit", "limitName", "metricName", "rolloutStatus" ] }, "google-native:compute/alpha:RbacPolicy": { "properties": { "name": { "type": "string", "description": "Name of the RbacPolicy." }, "permissions": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:Permission" }, "description": "The list of permissions." }, "principals": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:Principal" }, "description": "The list of principals." } }, "type": "object" }, "google-native:compute/alpha:RbacPolicyResponse": { "properties": { "name": { "type": "string", "description": "Name of the RbacPolicy." }, "permissions": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:PermissionResponse" }, "description": "The list of permissions." }, "principals": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:PrincipalResponse" }, "description": "The list of principals." } }, "type": "object", "required": [ "name", "permissions", "principals" ] }, "google-native:compute/alpha:RegionBackendServiceCompressionMode": { "description": "Compress text responses using Brotli or gzip compression, based on the client's Accept-Encoding header.", "type": "string", "enum": [ { "name": "Automatic", "description": "Automatically uses the best compression based on the Accept-Encoding header sent by the client.", "value": "AUTOMATIC" }, { "name": "Disabled", "description": "Disables compression. Existing compressed responses cached by Cloud CDN will not be served to clients.", "value": "DISABLED" } ] }, "google-native:compute/alpha:RegionBackendServiceIpAddressSelectionPolicy": { "description": "Specifies a preference for traffic sent from the proxy to the backend (or from the client to the backend for proxyless gRPC). The possible values are: - IPV4_ONLY: Only send IPv4 traffic to the backends of the backend service (Instance Group, Managed Instance Group, Network Endpoint Group), regardless of traffic from the client to the proxy. Only IPv4 health checks are used to check the health of the backends. This is the default setting. - PREFER_IPV6: Prioritize the connection to the endpoint's IPv6 address over its IPv4 address (provided there is a healthy IPv6 address). - IPV6_ONLY: Only send IPv6 traffic to the backends of the backend service (Instance Group, Managed Instance Group, Network Endpoint Group), regardless of traffic from the client to the proxy. Only IPv6 health checks are used to check the health of the backends. This field is applicable to either: - Advanced Global External HTTPS Load Balancing (load balancing scheme EXTERNAL_MANAGED), - Regional External HTTPS Load Balancing, - Internal TCP Proxy (load balancing scheme INTERNAL_MANAGED), - Regional Internal HTTPS Load Balancing (load balancing scheme INTERNAL_MANAGED), - Traffic Director with Envoy proxies and proxyless gRPC (load balancing scheme INTERNAL_SELF_MANAGED). ", "type": "string", "enum": [ { "name": "Ipv4Only", "description": "Only send IPv4 traffic to the backends of the Backend Service (Instance Group, Managed Instance Group, Network Endpoint Group) regardless of traffic from the client to the proxy. Only IPv4 health-checks are used to check the health of the backends. This is the default setting.", "value": "IPV4_ONLY" }, { "name": "Ipv6Only", "description": "Only send IPv6 traffic to the backends of the Backend Service (Instance Group, Managed Instance Group, Network Endpoint Group) regardless of traffic from the client to the proxy. Only IPv6 health-checks are used to check the health of the backends.", "value": "IPV6_ONLY" }, { "name": "IpAddressSelectionPolicyUnspecified", "description": "Unspecified IP address selection policy.", "value": "IP_ADDRESS_SELECTION_POLICY_UNSPECIFIED" }, { "name": "PreferIpv6", "description": "Prioritize the connection to the endpoints IPv6 address over its IPv4 address (provided there is a healthy IPv6 address).", "value": "PREFER_IPV6" } ] }, "google-native:compute/alpha:RegionBackendServiceLoadBalancingScheme": { "description": "Specifies the load balancer type. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.", "type": "string", "enum": [ { "name": "External", "description": "Signifies that this will be used for external HTTP(S), SSL Proxy, TCP Proxy, or Network Load Balancing", "value": "EXTERNAL" }, { "name": "ExternalManaged", "description": "Signifies that this will be used for External Managed HTTP(S) Load Balancing.", "value": "EXTERNAL_MANAGED" }, { "name": "Internal", "description": "Signifies that this will be used for Internal TCP/UDP Load Balancing.", "value": "INTERNAL" }, { "name": "InternalManaged", "description": "Signifies that this will be used for Internal HTTP(S) Load Balancing.", "value": "INTERNAL_MANAGED" }, { "name": "InternalSelfManaged", "description": "Signifies that this will be used by Traffic Director.", "value": "INTERNAL_SELF_MANAGED" }, { "name": "InvalidLoadBalancingScheme", "value": "INVALID_LOAD_BALANCING_SCHEME" } ] }, "google-native:compute/alpha:RegionBackendServiceLocalityLbPolicy": { "description": "The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED, INTERNAL_MANAGED, or EXTERNAL_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only ROUND_ROBIN and RING_HASH are supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.", "type": "string", "enum": [ { "name": "InvalidLbPolicy", "value": "INVALID_LB_POLICY" }, { "name": "LeastRequest", "description": "An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.", "value": "LEAST_REQUEST" }, { "name": "Maglev", "description": "This algorithm implements consistent hashing to backends. Maglev can be used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824", "value": "MAGLEV" }, { "name": "OriginalDestination", "description": "Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.", "value": "ORIGINAL_DESTINATION" }, { "name": "Random", "description": "The load balancer selects a random healthy host.", "value": "RANDOM" }, { "name": "RingHash", "description": "The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.", "value": "RING_HASH" }, { "name": "RoundRobin", "description": "This is a simple policy in which each healthy backend is selected in round robin order. This is the default.", "value": "ROUND_ROBIN" }, { "name": "WeightedMaglev", "description": "Per-instance weighted Load Balancing via health check reported weights. If set, the Backend Service must configure a non legacy HTTP-based Health Check, and health check replies are expected to contain non-standard HTTP response header field X-Load-Balancing-Endpoint-Weight to specify the per-instance weights. If set, Load Balancing is weighted based on the per-instance weights reported in the last processed health check replies, as long as every instance either reported a valid weight or had UNAVAILABLE_WEIGHT. Otherwise, Load Balancing remains equal-weight. This option is only supported in Network Load Balancing.", "value": "WEIGHTED_MAGLEV" } ] }, "google-native:compute/alpha:RegionBackendServiceProtocol": { "description": "The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancers or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.", "type": "string", "enum": [ { "name": "All", "description": "ALL includes TCP, UDP, ICMP, ESP, AH and SCTP. Note that this should never be used together with target_xx_proxies.", "value": "ALL" }, { "name": "Grpc", "description": "gRPC (available for Traffic Director).", "value": "GRPC" }, { "name": "Http", "value": "HTTP" }, { "name": "Http2", "description": "HTTP/2 with SSL.", "value": "HTTP2" }, { "name": "Https", "value": "HTTPS" }, { "name": "Ssl", "description": "TCP proxying with SSL.", "value": "SSL" }, { "name": "Tcp", "description": "TCP proxying or TCP pass-through.", "value": "TCP" }, { "name": "Udp", "description": "UDP.", "value": "UDP" }, { "name": "Unspecified", "description": "If a Backend Service has UNSPECIFIED as its protocol, it can be used with any L3/L4 Forwarding Rules.", "value": "UNSPECIFIED" } ] }, "google-native:compute/alpha:RegionBackendServiceSessionAffinity": { "description": "Type of session affinity to use. The default is NONE. Only NONE and HEADER_FIELD are supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. For more details, see: [Session Affinity](https://cloud.google.com/load-balancing/docs/backend-service#session_affinity).", "type": "string", "enum": [ { "name": "ClientIp", "description": "2-tuple hash on packet's source and destination IP addresses. Connections from the same source IP address to the same destination IP address will be served by the same backend VM while that VM remains healthy.", "value": "CLIENT_IP" }, { "name": "ClientIpNoDestination", "description": "1-tuple hash only on packet's source IP address. Connections from the same source IP address will be served by the same backend VM while that VM remains healthy. This option can only be used for Internal TCP/UDP Load Balancing.", "value": "CLIENT_IP_NO_DESTINATION" }, { "name": "ClientIpPortProto", "description": "5-tuple hash on packet's source and destination IP addresses, IP protocol, and source and destination ports. Connections for the same IP protocol from the same source IP address and port to the same destination IP address and port will be served by the same backend VM while that VM remains healthy. This option cannot be used for HTTP(S) load balancing.", "value": "CLIENT_IP_PORT_PROTO" }, { "name": "ClientIpProto", "description": "3-tuple hash on packet's source and destination IP addresses, and IP protocol. Connections for the same IP protocol from the same source IP address to the same destination IP address will be served by the same backend VM while that VM remains healthy. This option cannot be used for HTTP(S) load balancing.", "value": "CLIENT_IP_PROTO" }, { "name": "GeneratedCookie", "description": "Hash based on a cookie generated by the L7 loadbalancer. Only valid for HTTP(S) load balancing.", "value": "GENERATED_COOKIE" }, { "name": "HeaderField", "description": "The hash is based on a user specified header field.", "value": "HEADER_FIELD" }, { "name": "HttpCookie", "description": "The hash is based on a user provided cookie.", "value": "HTTP_COOKIE" }, { "name": "None", "description": "No session affinity. Connections from the same client IP may go to any instance in the pool.", "value": "NONE" } ] }, "google-native:compute/alpha:RegionBackendServiceVpcNetworkScope": { "description": "The network scope of the backends that can be added to the backend service. This field can be either GLOBAL_VPC_NETWORK or REGIONAL_VPC_NETWORK. A backend service with the VPC scope set to GLOBAL_VPC_NETWORK is only allowed to have backends in global VPC networks. When the VPC scope is set to REGIONAL_VPC_NETWORK the backend service is only allowed to have backends in regional networks in the same scope as the backend service. Note: if not specified then GLOBAL_VPC_NETWORK will be used.", "type": "string", "enum": [ { "name": "GlobalVpcNetwork", "description": "The backend service can only have backends in global VPCs", "value": "GLOBAL_VPC_NETWORK" }, { "name": "RegionalVpcNetwork", "description": "The backend service can only have backends in regional VPCs", "value": "REGIONAL_VPC_NETWORK" } ] }, "google-native:compute/alpha:RegionCommitmentCategory": { "description": "The category of the commitment. Category MACHINE specifies commitments composed of machine resources such as VCPU or MEMORY, listed in resources. Category LICENSE specifies commitments composed of software licenses, listed in licenseResources. Note that only MACHINE commitments should have a Type specified.", "type": "string", "enum": [ { "name": "CategoryUnspecified", "value": "CATEGORY_UNSPECIFIED" }, { "name": "License", "value": "LICENSE" }, { "name": "Machine", "value": "MACHINE" } ] }, "google-native:compute/alpha:RegionCommitmentPlan": { "description": "The plan for this commitment, which determines duration and discount rate. The currently supported plans are TWELVE_MONTH (1 year), and THIRTY_SIX_MONTH (3 years).", "type": "string", "enum": [ { "name": "Invalid", "value": "INVALID" }, { "name": "ThirtySixMonth", "value": "THIRTY_SIX_MONTH" }, { "name": "TwelveMonth", "value": "TWELVE_MONTH" } ] }, "google-native:compute/alpha:RegionCommitmentType": { "description": "The type of commitment, which affects the discount rate and the eligible resources. Type MEMORY_OPTIMIZED specifies a commitment that will only apply to memory optimized machines. Type ACCELERATOR_OPTIMIZED specifies a commitment that will only apply to accelerator optimized machines.", "type": "string", "enum": [ { "name": "AcceleratorOptimized", "value": "ACCELERATOR_OPTIMIZED" }, { "name": "AcceleratorOptimizedA3", "value": "ACCELERATOR_OPTIMIZED_A3" }, { "name": "ComputeOptimized", "value": "COMPUTE_OPTIMIZED" }, { "name": "ComputeOptimizedC2d", "value": "COMPUTE_OPTIMIZED_C2D" }, { "name": "ComputeOptimizedC3", "value": "COMPUTE_OPTIMIZED_C3" }, { "name": "ComputeOptimizedC3d", "value": "COMPUTE_OPTIMIZED_C3D" }, { "name": "ComputeOptimizedH3", "value": "COMPUTE_OPTIMIZED_H3" }, { "name": "GeneralPurpose", "value": "GENERAL_PURPOSE" }, { "name": "GeneralPurposeE2", "value": "GENERAL_PURPOSE_E2" }, { "name": "GeneralPurposeN2", "value": "GENERAL_PURPOSE_N2" }, { "name": "GeneralPurposeN2d", "value": "GENERAL_PURPOSE_N2D" }, { "name": "GeneralPurposeT2d", "value": "GENERAL_PURPOSE_T2D" }, { "name": "GraphicsOptimized", "value": "GRAPHICS_OPTIMIZED" }, { "name": "MemoryOptimized", "value": "MEMORY_OPTIMIZED" }, { "name": "MemoryOptimizedM3", "value": "MEMORY_OPTIMIZED_M3" }, { "name": "TypeUnspecified", "value": "TYPE_UNSPECIFIED" } ] }, "google-native:compute/alpha:RegionDiskAccessMode": { "description": "The access mode of the disk. - READ_WRITE_SINGLE: The default AccessMode, means the disk can be attached to single instance in RW mode. - READ_WRITE_MANY: The AccessMode means the disk can be attached to multiple instances in RW mode. - READ_ONLY_MANY: The AccessMode means the disk can be attached to multiple instances in RO mode. The AccessMode is only valid for Hyperdisk disk types.", "type": "string", "enum": [ { "name": "ReadOnlyMany", "description": "The AccessMode means the disk can be attached to multiple instances in RO mode.", "value": "READ_ONLY_MANY" }, { "name": "ReadWriteMany", "description": "The AccessMode means the disk can be attached to multiple instances in RW mode.", "value": "READ_WRITE_MANY" }, { "name": "ReadWriteSingle", "description": "The default AccessMode, means the disk can be attached to single instance in RW mode.", "value": "READ_WRITE_SINGLE" } ] }, "google-native:compute/alpha:RegionDiskArchitecture": { "description": "The architecture of the disk. Valid values are ARM64 or X86_64.", "type": "string", "enum": [ { "name": "ArchitectureUnspecified", "description": "Default value indicating Architecture is not set.", "value": "ARCHITECTURE_UNSPECIFIED" }, { "name": "Arm64", "description": "Machines with architecture ARM64", "value": "ARM64" }, { "name": "X8664", "description": "Machines with architecture X86_64", "value": "X86_64" } ] }, "google-native:compute/alpha:RegionDiskInterface": { "description": "[Deprecated] Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI.", "type": "string", "enum": [ { "name": "Nvme", "value": "NVME" }, { "name": "Scsi", "value": "SCSI" }, { "name": "Unspecified", "value": "UNSPECIFIED" } ] }, "google-native:compute/alpha:RegionDiskStorageType": { "description": "[Deprecated] Storage type of the persistent disk.", "type": "string", "enum": [ { "name": "Hdd", "value": "HDD" }, { "name": "Ssd", "value": "SSD" } ] }, "google-native:compute/alpha:RegionHealthCheckServiceHealthStatusAggregationPolicy": { "description": "Optional. Policy for how the results from multiple health checks for the same endpoint are aggregated. Defaults to NO_AGGREGATION if unspecified. - NO_AGGREGATION. An EndpointHealth message is returned for each pair in the health check service. - AND. If any health check of an endpoint reports UNHEALTHY, then UNHEALTHY is the HealthState of the endpoint. If all health checks report HEALTHY, the HealthState of the endpoint is HEALTHY. . This is only allowed with regional HealthCheckService.", "type": "string", "enum": [ { "name": "And", "description": "If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY.", "value": "AND" }, { "name": "NoAggregation", "description": "An EndpointHealth message is returned for each backend in the health check service.", "value": "NO_AGGREGATION" } ] }, "google-native:compute/alpha:RegionHealthCheckServiceHealthStatusAggregationStrategy": { "description": "This field is deprecated. Use health_status_aggregation_policy instead. Policy for how the results from multiple health checks for the same endpoint are aggregated. - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service. - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .", "type": "string", "enum": [ { "name": "And", "description": "This is deprecated. Use health_status_aggregation_policy instead. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY.", "value": "AND" }, { "name": "NoAggregation", "description": "This is deprecated. Use health_status_aggregation_policy instead. An EndpointHealth message is returned for each backend in the health check service.", "value": "NO_AGGREGATION" } ] }, "google-native:compute/alpha:RegionHealthCheckType": { "description": "Specifies the type of the healthCheck, either TCP, SSL, HTTP, HTTPS, HTTP2 or GRPC. Exactly one of the protocol-specific health check fields must be specified, which must match type field.", "type": "string", "enum": [ { "name": "Grpc", "value": "GRPC" }, { "name": "Http", "value": "HTTP" }, { "name": "Http2", "value": "HTTP2" }, { "name": "Https", "value": "HTTPS" }, { "name": "Invalid", "value": "INVALID" }, { "name": "Ssl", "value": "SSL" }, { "name": "Tcp", "value": "TCP" }, { "name": "Udp", "value": "UDP" } ] }, "google-native:compute/alpha:RegionInstanceGroupManagerFailoverAction": { "description": "The action to perform in case of zone failure. Only one value is supported, NO_FAILOVER. The default is NO_FAILOVER.", "type": "string", "enum": [ { "name": "NoFailover", "value": "NO_FAILOVER" }, { "name": "Unknown", "value": "UNKNOWN" } ] }, "google-native:compute/alpha:RegionInstanceGroupManagerListManagedInstancesResults": { "description": "Pagination behavior of the listManagedInstances API method for this managed instance group.", "type": "string", "enum": [ { "name": "Pageless", "description": "(Default) Pagination is disabled for the group's listManagedInstances API method. maxResults and pageToken query parameters are ignored and all instances are returned in a single response.", "value": "PAGELESS" }, { "name": "Paginated", "description": "Pagination is enabled for the group's listManagedInstances API method. maxResults and pageToken query parameters are respected.", "value": "PAGINATED" } ] }, "google-native:compute/alpha:RegionInstanceGroupManagerTargetSizeUnit": { "description": "The unit of measure for the target size.", "type": "string", "enum": [ { "name": "Instance", "description": "[Default] TargetSize is the target number of instances.", "value": "INSTANCE" }, { "name": "Vcpu", "description": "TargetSize is the target count of vCPUs of VMs.", "value": "VCPU" } ] }, "google-native:compute/alpha:RegionNetworkEndpointGroupClientPortMappingMode": { "description": "Only valid when networkEndpointType is \"GCE_VM_IP_PORT\" and the NEG is regional.", "type": "string", "enum": [ { "name": "ClientPortPerEndpoint", "description": "For each endpoint there is exactly one client port.", "value": "CLIENT_PORT_PER_ENDPOINT" }, { "name": "PortMappingDisabled", "description": "NEG should not be used for mapping client port to destination.", "value": "PORT_MAPPING_DISABLED" } ] }, "google-native:compute/alpha:RegionNetworkEndpointGroupNetworkEndpointType": { "description": "Type of network endpoints in this network endpoint group. Can be one of GCE_VM_IP, GCE_VM_IP_PORT, NON_GCP_PRIVATE_IP_PORT, INTERNET_FQDN_PORT, INTERNET_IP_PORT, SERVERLESS, PRIVATE_SERVICE_CONNECT.", "type": "string", "enum": [ { "name": "GceVmIp", "description": "The network endpoint is represented by an IP address.", "value": "GCE_VM_IP" }, { "name": "GceVmIpPort", "description": "The network endpoint is represented by IP address and port pair.", "value": "GCE_VM_IP_PORT" }, { "name": "InternetFqdnPort", "description": "The network endpoint is represented by fully qualified domain name and port.", "value": "INTERNET_FQDN_PORT" }, { "name": "InternetIpPort", "description": "The network endpoint is represented by an internet IP address and port.", "value": "INTERNET_IP_PORT" }, { "name": "NonGcpPrivateIpPort", "description": "The network endpoint is represented by an IP address and port. The endpoint belongs to a VM or pod running in a customer's on-premises.", "value": "NON_GCP_PRIVATE_IP_PORT" }, { "name": "PrivateServiceConnect", "description": "The network endpoint is either public Google APIs or services exposed by other GCP Project with a Service Attachment. The connection is set up by private service connect", "value": "PRIVATE_SERVICE_CONNECT" }, { "name": "Serverless", "description": "The network endpoint is handled by specified serverless infrastructure.", "value": "SERVERLESS" } ] }, "google-native:compute/alpha:RegionNetworkEndpointGroupType": { "description": "Specify the type of this network endpoint group. Only LOAD_BALANCING is valid for now.", "type": "string", "enum": [ { "name": "LoadBalancing", "description": "The network endpoint group is a backend of a load balancer.", "value": "LOAD_BALANCING" } ] }, "google-native:compute/alpha:RegionNetworkFirewallPolicyVpcNetworkScope": { "description": "The scope of networks allowed to be associated with the firewall policy. This field can be either GLOBAL_VPC_NETWORK or REGIONAL_VPC_NETWORK. A firewall policy with the VPC scope set to GLOBAL_VPC_NETWORK is allowed to be attached only to global networks. When the VPC scope is set to REGIONAL_VPC_NETWORK the firewall policy is allowed to be attached only to regional networks in the same scope as the firewall policy. Note: if not specified then GLOBAL_VPC_NETWORK will be used.", "type": "string", "enum": [ { "name": "GlobalVpcNetwork", "description": "The firewall policy is allowed to be attached only to global networks.", "value": "GLOBAL_VPC_NETWORK" }, { "name": "RegionalVpcNetwork", "description": "The firewall policy is allowed to be attached only to regional networks in the same scope as the firewall policy. This option is applicable only to regional firewall policies.", "value": "REGIONAL_VPC_NETWORK" } ] }, "google-native:compute/alpha:RegionSecurityPolicyType": { "description": "The type indicates the intended use of the security policy. - CLOUD_ARMOR: Cloud Armor backend security policies can be configured to filter incoming HTTP requests targeting backend services. They filter requests before they hit the origin servers. - CLOUD_ARMOR_EDGE: Cloud Armor edge security policies can be configured to filter incoming HTTP requests targeting backend services (including Cloud CDN-enabled) as well as backend buckets (Cloud Storage). They filter requests before the request is served from Google's cache. - CLOUD_ARMOR_INTERNAL_SERVICE: Cloud Armor internal service policies can be configured to filter HTTP requests targeting services managed by Traffic Director in a service mesh. They filter requests before the request is served from the application. - CLOUD_ARMOR_NETWORK: Cloud Armor network policies can be configured to filter packets targeting network load balancing resources such as backend services, target pools, target instances, and instances with external IPs. They filter requests before the request is served from the application. This field can be set only at resource creation time.", "type": "string", "enum": [ { "name": "CloudArmor", "value": "CLOUD_ARMOR" }, { "name": "CloudArmorEdge", "value": "CLOUD_ARMOR_EDGE" }, { "name": "CloudArmorInternalService", "value": "CLOUD_ARMOR_INTERNAL_SERVICE" }, { "name": "CloudArmorNetwork", "value": "CLOUD_ARMOR_NETWORK" }, { "name": "Firewall", "value": "FIREWALL" } ] }, "google-native:compute/alpha:RegionSnapshotSnapshotType": { "description": "Indicates the type of the snapshot.", "type": "string", "enum": [ { "name": "Archive", "value": "ARCHIVE" }, { "name": "Standard", "value": "STANDARD" } ] }, "google-native:compute/alpha:RegionSslCertificateType": { "description": "(Optional) Specifies the type of SSL certificate, either \"SELF_MANAGED\" or \"MANAGED\". If not specified, the certificate is self-managed and the fields certificate and private_key are used.", "type": "string", "enum": [ { "name": "Managed", "description": "Google-managed SSLCertificate.", "value": "MANAGED" }, { "name": "SelfManaged", "description": "Certificate uploaded by user.", "value": "SELF_MANAGED" }, { "name": "TypeUnspecified", "value": "TYPE_UNSPECIFIED" } ] }, "google-native:compute/alpha:RegionSslPolicyMinTlsVersion": { "description": "The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. This can be one of TLS_1_0, TLS_1_1, TLS_1_2.", "type": "string", "enum": [ { "name": "Tls10", "description": "TLS 1.0", "value": "TLS_1_0" }, { "name": "Tls11", "description": "TLS 1.1", "value": "TLS_1_1" }, { "name": "Tls12", "description": "TLS 1.2", "value": "TLS_1_2" } ] }, "google-native:compute/alpha:RegionSslPolicyProfile": { "description": "Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one of COMPATIBLE, MODERN, RESTRICTED, or CUSTOM. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field.", "type": "string", "enum": [ { "name": "Compatible", "description": "Compatible profile. Allows the broadset set of clients, even those which support only out-of-date SSL features to negotiate with the load balancer.", "value": "COMPATIBLE" }, { "name": "Custom", "description": "Custom profile. Allow only the set of allowed SSL features specified in the customFeatures field.", "value": "CUSTOM" }, { "name": "Modern", "description": "Modern profile. Supports a wide set of SSL features, allowing modern clients to negotiate SSL with the load balancer.", "value": "MODERN" }, { "name": "Restricted", "description": "Restricted profile. Supports a reduced set of SSL features, intended to meet stricter compliance requirements.", "value": "RESTRICTED" } ] }, "google-native:compute/alpha:RegionSslPolicyWarningsItemDataItemResponse": { "properties": { "key": { "type": "string", "description": "A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)." }, "value": { "type": "string", "description": "A warning data value corresponding to the key." } }, "type": "object", "required": [ "key", "value" ] }, "google-native:compute/alpha:RegionSslPolicyWarningsItemResponse": { "properties": { "code": { "type": "string", "description": "A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response." }, "data": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:RegionSslPolicyWarningsItemDataItemResponse" }, "description": "Metadata about this warning in key: value format. For example: \"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" } " }, "message": { "type": "string", "description": "A human-readable description of the warning code." } }, "type": "object", "required": [ "code", "data", "message" ] }, "google-native:compute/alpha:RegionTargetHttpsProxyQuicOverride": { "description": "Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE. - When quic-override is set to NONE, Google manages whether QUIC is used. - When quic-override is set to ENABLE, the load balancer uses QUIC when possible. - When quic-override is set to DISABLE, the load balancer doesn't use QUIC. - If the quic-override flag is not specified, NONE is implied. ", "type": "string", "enum": [ { "name": "Disable", "description": "The load balancer will not attempt to negotiate QUIC with clients.", "value": "DISABLE" }, { "name": "Enable", "description": "The load balancer will attempt to negotiate QUIC with clients.", "value": "ENABLE" }, { "name": "None", "description": "No overrides to the default QUIC policy. This option is implicit if no QUIC override has been specified in the request.", "value": "NONE" } ] }, "google-native:compute/alpha:RegionTargetTcpProxyProxyHeader": { "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.", "type": "string", "enum": [ { "name": "None", "value": "NONE" }, { "name": "ProxyV1", "value": "PROXY_V1" } ] }, "google-native:compute/alpha:RequestMirrorPolicy": { "description": "A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. The load balancer doesn't wait for responses from the shadow service. Before sending traffic to the shadow service, the host or authority header is suffixed with -shadow.", "properties": { "backendService": { "type": "string", "description": "The full or partial URL to the BackendService resource being mirrored to. The backend service configured for a mirroring policy must reference backends that are of the same type as the original backend service matched in the URL map. Serverless NEG backends are not currently supported as a mirrored backend service. " } }, "type": "object" }, "google-native:compute/alpha:RequestMirrorPolicyResponse": { "description": "A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. The load balancer doesn't wait for responses from the shadow service. Before sending traffic to the shadow service, the host or authority header is suffixed with -shadow.", "properties": { "backendService": { "type": "string", "description": "The full or partial URL to the BackendService resource being mirrored to. The backend service configured for a mirroring policy must reference backends that are of the same type as the original backend service matched in the URL map. Serverless NEG backends are not currently supported as a mirrored backend service. " } }, "type": "object", "required": [ "backendService" ] }, "google-native:compute/alpha:Reservation": { "description": "Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.", "properties": { "aggregateReservation": { "$ref": "#/types/google-native:compute%2Falpha:AllocationAggregateReservation", "description": "Reservation for aggregated resources, providing shape flexibility." }, "deleteAfterDuration": { "$ref": "#/types/google-native:compute%2Falpha:Duration", "description": "Duration time relative to reservation creation when GCE will automatically delete this resource." }, "deleteAtTime": { "type": "string", "description": "Absolute time in future when the reservation will be auto-deleted by GCE. Timestamp is represented in RFC3339 text format." }, "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "name": { "type": "string", "description": "The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "resourcePolicies": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource policies to be added to this reservation. The key is defined by user, and the value is resource policy url. This is to define placement policy with reservation." }, "shareSettings": { "$ref": "#/types/google-native:compute%2Falpha:ShareSettings", "description": "Specify share-settings to create a shared reservation. This property is optional. For more information about the syntax and options for this field and its subfields, see the guide for creating a shared reservation." }, "specificReservation": { "$ref": "#/types/google-native:compute%2Falpha:AllocationSpecificSKUReservation", "description": "Reservation for instances with specific machine shapes." }, "specificReservationRequired": { "type": "boolean", "description": "Indicates whether the reservation can be consumed by VMs with affinity for \"any\" reservation. If the field is set, then only VMs that target the reservation by name can consume from this reservation." }, "zone": { "type": "string", "description": "Zone in which the reservation resides. A zone must be provided if the reservation is created within a commitment." } }, "type": "object" }, "google-native:compute/alpha:ReservationAffinity": { "description": "Specifies the reservations that this instance can consume from.", "properties": { "consumeReservationType": { "$ref": "#/types/google-native:compute%2Falpha:ReservationAffinityConsumeReservationType", "description": "Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples." }, "key": { "type": "string", "description": "Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value." }, "values": { "type": "array", "items": { "type": "string" }, "description": "Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or \"projects/different-project/reservations/some-reservation-name\" to target a shared reservation in the same zone but in a different project." } }, "type": "object" }, "google-native:compute/alpha:ReservationAffinityConsumeReservationType": { "description": "Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.", "type": "string", "enum": [ { "name": "AnyReservation", "description": "Consume any allocation available.", "value": "ANY_RESERVATION" }, { "name": "NoReservation", "description": "Do not consume from any allocated capacity.", "value": "NO_RESERVATION" }, { "name": "SpecificReservation", "description": "Must consume from a specific reservation. Must specify key value fields for specifying the reservations.", "value": "SPECIFIC_RESERVATION" }, { "name": "SpecificThenAnyReservation", "description": "Prefer to consume from a specific reservation, but still consume any reservation available if the specified reservation is not available or exhausted. Must specify key value fields for specifying the reservations.", "value": "SPECIFIC_THEN_ANY_RESERVATION" }, { "name": "SpecificThenNoReservation", "description": "Prefer to consume from a specific reservation, but still consume from the on-demand pool if the specified reservation is exhausted. Must specify key value fields for specifying the reservations.", "value": "SPECIFIC_THEN_NO_RESERVATION" }, { "name": "Unspecified", "value": "UNSPECIFIED" } ] }, "google-native:compute/alpha:ReservationAffinityResponse": { "description": "Specifies the reservations that this instance can consume from.", "properties": { "consumeReservationType": { "type": "string", "description": "Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples." }, "key": { "type": "string", "description": "Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value." }, "values": { "type": "array", "items": { "type": "string" }, "description": "Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or \"projects/different-project/reservations/some-reservation-name\" to target a shared reservation in the same zone but in a different project." } }, "type": "object", "required": [ "consumeReservationType", "key", "values" ] }, "google-native:compute/alpha:ReservationResponse": { "description": "Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.", "properties": { "aggregateReservation": { "$ref": "#/types/google-native:compute%2Falpha:AllocationAggregateReservationResponse", "description": "Reservation for aggregated resources, providing shape flexibility." }, "commitment": { "type": "string", "description": "Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment." }, "creationTimestamp": { "type": "string", "description": "Creation timestamp in RFC3339 text format." }, "deleteAfterDuration": { "$ref": "#/types/google-native:compute%2Falpha:DurationResponse", "description": "Duration time relative to reservation creation when GCE will automatically delete this resource." }, "deleteAtTime": { "type": "string", "description": "Absolute time in future when the reservation will be auto-deleted by GCE. Timestamp is represented in RFC3339 text format." }, "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "kind": { "type": "string", "description": "Type of the resource. Always compute#reservations for reservations." }, "name": { "type": "string", "description": "The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "resourcePolicies": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource policies to be added to this reservation. The key is defined by user, and the value is resource policy url. This is to define placement policy with reservation." }, "resourceStatus": { "$ref": "#/types/google-native:compute%2Falpha:AllocationResourceStatusResponse", "description": "Status information for Reservation resource." }, "satisfiesPzs": { "type": "boolean", "description": "Reserved for future use." }, "selfLink": { "type": "string", "description": "Server-defined fully-qualified URL for this resource." }, "selfLinkWithId": { "type": "string", "description": "Server-defined URL for this resource with the resource id." }, "shareSettings": { "$ref": "#/types/google-native:compute%2Falpha:ShareSettingsResponse", "description": "Specify share-settings to create a shared reservation. This property is optional. For more information about the syntax and options for this field and its subfields, see the guide for creating a shared reservation." }, "specificReservation": { "$ref": "#/types/google-native:compute%2Falpha:AllocationSpecificSKUReservationResponse", "description": "Reservation for instances with specific machine shapes." }, "specificReservationRequired": { "type": "boolean", "description": "Indicates whether the reservation can be consumed by VMs with affinity for \"any\" reservation. If the field is set, then only VMs that target the reservation by name can consume from this reservation." }, "status": { "type": "string", "description": "The status of the reservation." }, "zone": { "type": "string", "description": "Zone in which the reservation resides. A zone must be provided if the reservation is created within a commitment." } }, "type": "object", "required": [ "aggregateReservation", "commitment", "creationTimestamp", "deleteAfterDuration", "deleteAtTime", "description", "kind", "name", "resourcePolicies", "resourceStatus", "satisfiesPzs", "selfLink", "selfLinkWithId", "shareSettings", "specificReservation", "specificReservationRequired", "status", "zone" ] }, "google-native:compute/alpha:ResourceCommitment": { "description": "Commitment for a particular resource (a Commitment is composed of one or more of these).", "properties": { "acceleratorType": { "type": "string", "description": "Name of the accelerator type resource. Applicable only when the type is ACCELERATOR." }, "amount": { "type": "string", "description": "The amount of the resource purchased (in a type-dependent unit, such as bytes). For vCPUs, this can just be an integer. For memory, this must be provided in MB. Memory must be a multiple of 256 MB, with up to 6.5GB of memory per every vCPU." }, "type": { "$ref": "#/types/google-native:compute%2Falpha:ResourceCommitmentType", "description": "Type of resource for which this commitment applies. Possible values are VCPU, MEMORY, LOCAL_SSD, and ACCELERATOR." } }, "type": "object" }, "google-native:compute/alpha:ResourceCommitmentResponse": { "description": "Commitment for a particular resource (a Commitment is composed of one or more of these).", "properties": { "acceleratorType": { "type": "string", "description": "Name of the accelerator type resource. Applicable only when the type is ACCELERATOR." }, "amount": { "type": "string", "description": "The amount of the resource purchased (in a type-dependent unit, such as bytes). For vCPUs, this can just be an integer. For memory, this must be provided in MB. Memory must be a multiple of 256 MB, with up to 6.5GB of memory per every vCPU." }, "type": { "type": "string", "description": "Type of resource for which this commitment applies. Possible values are VCPU, MEMORY, LOCAL_SSD, and ACCELERATOR." } }, "type": "object", "required": [ "acceleratorType", "amount", "type" ] }, "google-native:compute/alpha:ResourceCommitmentType": { "description": "Type of resource for which this commitment applies. Possible values are VCPU, MEMORY, LOCAL_SSD, and ACCELERATOR.", "type": "string", "enum": [ { "name": "Accelerator", "value": "ACCELERATOR" }, { "name": "LocalSsd", "value": "LOCAL_SSD" }, { "name": "Memory", "value": "MEMORY" }, { "name": "Unspecified", "value": "UNSPECIFIED" }, { "name": "Vcpu", "value": "VCPU" } ] }, "google-native:compute/alpha:ResourcePolicyDailyCycle": { "description": "Time window specified for daily operations.", "properties": { "daysInCycle": { "type": "integer", "description": "Defines a schedule with units measured in days. The value determines how many days pass between the start of each cycle." }, "startTime": { "type": "string", "description": "Start time of the window. This must be in UTC format that resolves to one of 00:00, 04:00, 08:00, 12:00, 16:00, or 20:00. For example, both 13:00-5 and 08:00 are valid." } }, "type": "object" }, "google-native:compute/alpha:ResourcePolicyDailyCycleResponse": { "description": "Time window specified for daily operations.", "properties": { "daysInCycle": { "type": "integer", "description": "Defines a schedule with units measured in days. The value determines how many days pass between the start of each cycle." }, "duration": { "type": "string", "description": "[Output only] A predetermined duration for the window, automatically chosen to be the smallest possible in the given scenario." }, "startTime": { "type": "string", "description": "Start time of the window. This must be in UTC format that resolves to one of 00:00, 04:00, 08:00, 12:00, 16:00, or 20:00. For example, both 13:00-5 and 08:00 are valid." } }, "type": "object", "required": [ "daysInCycle", "duration", "startTime" ] }, "google-native:compute/alpha:ResourcePolicyDiskConsistencyGroupPolicy": { "description": "Resource policy for disk consistency groups.", "type": "object" }, "google-native:compute/alpha:ResourcePolicyDiskConsistencyGroupPolicyResponse": { "description": "Resource policy for disk consistency groups.", "type": "object" }, "google-native:compute/alpha:ResourcePolicyGroupPlacementPolicy": { "description": "A GroupPlacementPolicy specifies resource placement configuration. It specifies the failure bucket separation as well as network locality", "properties": { "availabilityDomainCount": { "type": "integer", "description": "The number of availability domains to spread instances across. If two instances are in different availability domain, they are not in the same low latency network." }, "collocation": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicyGroupPlacementPolicyCollocation", "description": "Specifies network collocation" }, "locality": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicyGroupPlacementPolicyLocality", "description": "Specifies network locality" }, "maxDistance": { "type": "integer", "description": "Specifies the number of max logical switches." }, "scope": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicyGroupPlacementPolicyScope", "description": "Scope specifies the availability domain to which the VMs should be spread." }, "sliceCount": { "type": "integer", "description": "Specifies the number of slices in a multislice workload." }, "style": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicyGroupPlacementPolicyStyle", "description": "Specifies instances to hosts placement relationship" }, "tpuTopology": { "type": "string", "description": "Specifies the shape of the TPU slice" }, "vmCount": { "type": "integer", "description": "Number of VMs in this placement group. Google does not recommend that you use this field unless you use a compact policy and you want your policy to work only if it contains this exact number of VMs." } }, "type": "object" }, "google-native:compute/alpha:ResourcePolicyGroupPlacementPolicyCollocation": { "description": "Specifies network collocation", "type": "string", "enum": [ { "name": "Clustered", "description": "Specifies collocation option that provides tight collocation with minimum network latency.", "value": "CLUSTERED" }, { "name": "Collocated", "value": "COLLOCATED" }, { "name": "UnspecifiedCollocation", "value": "UNSPECIFIED_COLLOCATION" } ] }, "google-native:compute/alpha:ResourcePolicyGroupPlacementPolicyLocality": { "description": "Specifies network locality", "type": "string", "enum": [ { "name": "BestEffort", "value": "BEST_EFFORT" }, { "name": "Strict", "value": "STRICT" }, { "name": "UnspecifiedLocality", "value": "UNSPECIFIED_LOCALITY" } ] }, "google-native:compute/alpha:ResourcePolicyGroupPlacementPolicyResponse": { "description": "A GroupPlacementPolicy specifies resource placement configuration. It specifies the failure bucket separation as well as network locality", "properties": { "availabilityDomainCount": { "type": "integer", "description": "The number of availability domains to spread instances across. If two instances are in different availability domain, they are not in the same low latency network." }, "collocation": { "type": "string", "description": "Specifies network collocation" }, "locality": { "type": "string", "description": "Specifies network locality" }, "maxDistance": { "type": "integer", "description": "Specifies the number of max logical switches." }, "scope": { "type": "string", "description": "Scope specifies the availability domain to which the VMs should be spread." }, "sliceCount": { "type": "integer", "description": "Specifies the number of slices in a multislice workload." }, "style": { "type": "string", "description": "Specifies instances to hosts placement relationship" }, "tpuTopology": { "type": "string", "description": "Specifies the shape of the TPU slice" }, "vmCount": { "type": "integer", "description": "Number of VMs in this placement group. Google does not recommend that you use this field unless you use a compact policy and you want your policy to work only if it contains this exact number of VMs." } }, "type": "object", "required": [ "availabilityDomainCount", "collocation", "locality", "maxDistance", "scope", "sliceCount", "style", "tpuTopology", "vmCount" ] }, "google-native:compute/alpha:ResourcePolicyGroupPlacementPolicyScope": { "description": "Scope specifies the availability domain to which the VMs should be spread.", "type": "string", "enum": [ { "name": "Host", "description": "Specifies availability domain scope across hosts. VMs will be spread across different hosts.", "value": "HOST" }, { "name": "UnspecifiedScope", "description": "VMs will be spread across different instrastructure to not share power, host and networking.", "value": "UNSPECIFIED_SCOPE" } ] }, "google-native:compute/alpha:ResourcePolicyGroupPlacementPolicyStyle": { "description": "Specifies instances to hosts placement relationship", "type": "string", "enum": [ { "name": "Compact", "description": "VMs are placed without regard for shared hosts", "value": "COMPACT" }, { "name": "FullySpread", "description": "VMs do not share the same hosts", "value": "FULLY_SPREAD" }, { "name": "UnspecifiedPlacementType", "value": "UNSPECIFIED_PLACEMENT_TYPE" } ] }, "google-native:compute/alpha:ResourcePolicyHourlyCycle": { "description": "Time window specified for hourly operations.", "properties": { "hoursInCycle": { "type": "integer", "description": "Defines a schedule with units measured in hours. The value determines how many hours pass between the start of each cycle." }, "startTime": { "type": "string", "description": "Time within the window to start the operations. It must be in format \"HH:MM\", where HH : [00-23] and MM : [00-00] GMT." } }, "type": "object" }, "google-native:compute/alpha:ResourcePolicyHourlyCycleResponse": { "description": "Time window specified for hourly operations.", "properties": { "duration": { "type": "string", "description": "[Output only] Duration of the time window, automatically chosen to be smallest possible in the given scenario." }, "hoursInCycle": { "type": "integer", "description": "Defines a schedule with units measured in hours. The value determines how many hours pass between the start of each cycle." }, "startTime": { "type": "string", "description": "Time within the window to start the operations. It must be in format \"HH:MM\", where HH : [00-23] and MM : [00-00] GMT." } }, "type": "object", "required": [ "duration", "hoursInCycle", "startTime" ] }, "google-native:compute/alpha:ResourcePolicyInstanceSchedulePolicy": { "description": "An InstanceSchedulePolicy specifies when and how frequent certain operations are performed on the instance.", "properties": { "expirationTime": { "type": "string", "description": "The expiration time of the schedule. The timestamp is an RFC3339 string." }, "startTime": { "type": "string", "description": "The start time of the schedule. The timestamp is an RFC3339 string." }, "timeZone": { "type": "string", "description": "Specifies the time zone to be used in interpreting Schedule.schedule. The value of this field must be a time zone name from the tz database: https://wikipedia.org/wiki/Tz_database." }, "vmStartSchedule": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicyInstanceSchedulePolicySchedule", "description": "Specifies the schedule for starting instances." }, "vmStopSchedule": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicyInstanceSchedulePolicySchedule", "description": "Specifies the schedule for stopping instances." } }, "type": "object" }, "google-native:compute/alpha:ResourcePolicyInstanceSchedulePolicyResponse": { "description": "An InstanceSchedulePolicy specifies when and how frequent certain operations are performed on the instance.", "properties": { "expirationTime": { "type": "string", "description": "The expiration time of the schedule. The timestamp is an RFC3339 string." }, "startTime": { "type": "string", "description": "The start time of the schedule. The timestamp is an RFC3339 string." }, "timeZone": { "type": "string", "description": "Specifies the time zone to be used in interpreting Schedule.schedule. The value of this field must be a time zone name from the tz database: https://wikipedia.org/wiki/Tz_database." }, "vmStartSchedule": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicyInstanceSchedulePolicyScheduleResponse", "description": "Specifies the schedule for starting instances." }, "vmStopSchedule": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicyInstanceSchedulePolicyScheduleResponse", "description": "Specifies the schedule for stopping instances." } }, "type": "object", "required": [ "expirationTime", "startTime", "timeZone", "vmStartSchedule", "vmStopSchedule" ] }, "google-native:compute/alpha:ResourcePolicyInstanceSchedulePolicySchedule": { "description": "Schedule for an instance operation.", "properties": { "schedule": { "type": "string", "description": "Specifies the frequency for the operation, using the unix-cron format." } }, "type": "object" }, "google-native:compute/alpha:ResourcePolicyInstanceSchedulePolicyScheduleResponse": { "description": "Schedule for an instance operation.", "properties": { "schedule": { "type": "string", "description": "Specifies the frequency for the operation, using the unix-cron format." } }, "type": "object", "required": [ "schedule" ] }, "google-native:compute/alpha:ResourcePolicyResourceStatusInstanceSchedulePolicyStatusResponse": { "properties": { "lastRunStartTime": { "type": "string", "description": "The last time the schedule successfully ran. The timestamp is an RFC3339 string." }, "nextRunStartTime": { "type": "string", "description": "The next time the schedule is planned to run. The actual time might be slightly different. The timestamp is an RFC3339 string." } }, "type": "object", "required": [ "lastRunStartTime", "nextRunStartTime" ] }, "google-native:compute/alpha:ResourcePolicyResourceStatusResponse": { "description": "Contains output only fields. Use this sub-message for all output fields set on ResourcePolicy. The internal structure of this \"status\" field should mimic the structure of ResourcePolicy proto specification.", "properties": { "instanceSchedulePolicy": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicyResourceStatusInstanceSchedulePolicyStatusResponse", "description": "Specifies a set of output values reffering to the instance_schedule_policy system status. This field should have the same name as corresponding policy field." } }, "type": "object", "required": [ "instanceSchedulePolicy" ] }, "google-native:compute/alpha:ResourcePolicySnapshotSchedulePolicy": { "description": "A snapshot schedule policy specifies when and how frequently snapshots are to be created for the target disk. Also specifies how many and how long these scheduled snapshots should be retained.", "properties": { "retentionPolicy": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicySnapshotSchedulePolicyRetentionPolicy", "description": "Retention policy applied to snapshots created by this resource policy." }, "schedule": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicySnapshotSchedulePolicySchedule", "description": "A Vm Maintenance Policy specifies what kind of infrastructure maintenance we are allowed to perform on this VM and when. Schedule that is applied to disks covered by this policy." }, "snapshotProperties": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicySnapshotSchedulePolicySnapshotProperties", "description": "Properties with which snapshots are created such as labels, encryption keys." } }, "type": "object" }, "google-native:compute/alpha:ResourcePolicySnapshotSchedulePolicyResponse": { "description": "A snapshot schedule policy specifies when and how frequently snapshots are to be created for the target disk. Also specifies how many and how long these scheduled snapshots should be retained.", "properties": { "retentionPolicy": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicySnapshotSchedulePolicyRetentionPolicyResponse", "description": "Retention policy applied to snapshots created by this resource policy." }, "schedule": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicySnapshotSchedulePolicyScheduleResponse", "description": "A Vm Maintenance Policy specifies what kind of infrastructure maintenance we are allowed to perform on this VM and when. Schedule that is applied to disks covered by this policy." }, "snapshotProperties": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicySnapshotSchedulePolicySnapshotPropertiesResponse", "description": "Properties with which snapshots are created such as labels, encryption keys." } }, "type": "object", "required": [ "retentionPolicy", "schedule", "snapshotProperties" ] }, "google-native:compute/alpha:ResourcePolicySnapshotSchedulePolicyRetentionPolicy": { "description": "Policy for retention of scheduled snapshots.", "properties": { "maxRetentionDays": { "type": "integer", "description": "Maximum age of the snapshot that is allowed to be kept." }, "onPolicySwitch": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicySnapshotSchedulePolicyRetentionPolicyOnPolicySwitch" }, "onSourceDiskDelete": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicySnapshotSchedulePolicyRetentionPolicyOnSourceDiskDelete", "description": "Specifies the behavior to apply to scheduled snapshots when the source disk is deleted." } }, "type": "object" }, "google-native:compute/alpha:ResourcePolicySnapshotSchedulePolicyRetentionPolicyOnPolicySwitch": { "type": "string", "enum": [ { "name": "DoNotRetroactivelyApply", "value": "DO_NOT_RETROACTIVELY_APPLY" }, { "name": "RetroactivelyApply", "value": "RETROACTIVELY_APPLY" }, { "name": "UnspecifiedOnPolicySwitch", "value": "UNSPECIFIED_ON_POLICY_SWITCH" } ] }, "google-native:compute/alpha:ResourcePolicySnapshotSchedulePolicyRetentionPolicyOnSourceDiskDelete": { "description": "Specifies the behavior to apply to scheduled snapshots when the source disk is deleted.", "type": "string", "enum": [ { "name": "ApplyRetentionPolicy", "value": "APPLY_RETENTION_POLICY" }, { "name": "KeepAutoSnapshots", "value": "KEEP_AUTO_SNAPSHOTS" }, { "name": "UnspecifiedOnSourceDiskDelete", "value": "UNSPECIFIED_ON_SOURCE_DISK_DELETE" } ] }, "google-native:compute/alpha:ResourcePolicySnapshotSchedulePolicyRetentionPolicyResponse": { "description": "Policy for retention of scheduled snapshots.", "properties": { "maxRetentionDays": { "type": "integer", "description": "Maximum age of the snapshot that is allowed to be kept." }, "onPolicySwitch": { "type": "string" }, "onSourceDiskDelete": { "type": "string", "description": "Specifies the behavior to apply to scheduled snapshots when the source disk is deleted." } }, "type": "object", "required": [ "maxRetentionDays", "onPolicySwitch", "onSourceDiskDelete" ] }, "google-native:compute/alpha:ResourcePolicySnapshotSchedulePolicySchedule": { "description": "A schedule for disks where the schedueled operations are performed.", "properties": { "dailySchedule": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicyDailyCycle" }, "hourlySchedule": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicyHourlyCycle" }, "weeklySchedule": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicyWeeklyCycle" } }, "type": "object" }, "google-native:compute/alpha:ResourcePolicySnapshotSchedulePolicyScheduleResponse": { "description": "A schedule for disks where the schedueled operations are performed.", "properties": { "dailySchedule": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicyDailyCycleResponse" }, "hourlySchedule": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicyHourlyCycleResponse" }, "weeklySchedule": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicyWeeklyCycleResponse" } }, "type": "object", "required": [ "dailySchedule", "hourlySchedule", "weeklySchedule" ] }, "google-native:compute/alpha:ResourcePolicySnapshotSchedulePolicySnapshotProperties": { "description": "Specified snapshot properties for scheduled snapshots created by this policy.", "properties": { "chainName": { "type": "string", "description": "Chain name that the snapshot is created in." }, "guestFlush": { "type": "boolean", "description": "Indication to perform a 'guest aware' snapshot." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels to apply to scheduled snapshots. These can be later modified by the setLabels method. Label values may be empty." }, "storageLocations": { "type": "array", "items": { "type": "string" }, "description": "Cloud Storage bucket storage location of the auto snapshot (regional or multi-regional)." } }, "type": "object" }, "google-native:compute/alpha:ResourcePolicySnapshotSchedulePolicySnapshotPropertiesResponse": { "description": "Specified snapshot properties for scheduled snapshots created by this policy.", "properties": { "chainName": { "type": "string", "description": "Chain name that the snapshot is created in." }, "guestFlush": { "type": "boolean", "description": "Indication to perform a 'guest aware' snapshot." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels to apply to scheduled snapshots. These can be later modified by the setLabels method. Label values may be empty." }, "storageLocations": { "type": "array", "items": { "type": "string" }, "description": "Cloud Storage bucket storage location of the auto snapshot (regional or multi-regional)." } }, "type": "object", "required": [ "chainName", "guestFlush", "labels", "storageLocations" ] }, "google-native:compute/alpha:ResourcePolicyVmMaintenancePolicy": { "properties": { "concurrencyControlGroup": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicyVmMaintenancePolicyConcurrencyControl" }, "maintenanceWindow": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicyVmMaintenancePolicyMaintenanceWindow", "description": "Maintenance windows that are applied to VMs covered by this policy." } }, "type": "object" }, "google-native:compute/alpha:ResourcePolicyVmMaintenancePolicyConcurrencyControl": { "description": "A concurrency control configuration. Defines a group config that, when attached to an instance, recognizes that instance as part of a group of instances where only up the concurrency_limit of instances in that group can undergo simultaneous maintenance. For more information: go/concurrency-control-design-doc", "properties": { "concurrencyLimit": { "type": "integer" } }, "type": "object" }, "google-native:compute/alpha:ResourcePolicyVmMaintenancePolicyConcurrencyControlResponse": { "description": "A concurrency control configuration. Defines a group config that, when attached to an instance, recognizes that instance as part of a group of instances where only up the concurrency_limit of instances in that group can undergo simultaneous maintenance. For more information: go/concurrency-control-design-doc", "properties": { "concurrencyLimit": { "type": "integer" } }, "type": "object", "required": [ "concurrencyLimit" ] }, "google-native:compute/alpha:ResourcePolicyVmMaintenancePolicyMaintenanceWindow": { "description": "A maintenance window for VMs. When set, we restrict our maintenance operations to this window.", "properties": { "dailyMaintenanceWindow": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicyDailyCycle" } }, "type": "object" }, "google-native:compute/alpha:ResourcePolicyVmMaintenancePolicyMaintenanceWindowResponse": { "description": "A maintenance window for VMs. When set, we restrict our maintenance operations to this window.", "properties": { "dailyMaintenanceWindow": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicyDailyCycleResponse" } }, "type": "object", "required": [ "dailyMaintenanceWindow" ] }, "google-native:compute/alpha:ResourcePolicyVmMaintenancePolicyResponse": { "properties": { "concurrencyControlGroup": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicyVmMaintenancePolicyConcurrencyControlResponse" }, "maintenanceWindow": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicyVmMaintenancePolicyMaintenanceWindowResponse", "description": "Maintenance windows that are applied to VMs covered by this policy." } }, "type": "object", "required": [ "concurrencyControlGroup", "maintenanceWindow" ] }, "google-native:compute/alpha:ResourcePolicyWeeklyCycle": { "description": "Time window specified for weekly operations.", "properties": { "dayOfWeeks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicyWeeklyCycleDayOfWeek" }, "description": "Up to 7 intervals/windows, one for each day of the week." } }, "type": "object" }, "google-native:compute/alpha:ResourcePolicyWeeklyCycleDayOfWeek": { "properties": { "day": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicyWeeklyCycleDayOfWeekDay", "description": "Defines a schedule that runs on specific days of the week. Specify one or more days. The following options are available: MONDAY, TUESDAY, WEDNESDAY, THURSDAY, FRIDAY, SATURDAY, SUNDAY." }, "startTime": { "type": "string", "description": "Time within the window to start the operations. It must be in format \"HH:MM\", where HH : [00-23] and MM : [00-00] GMT." } }, "type": "object" }, "google-native:compute/alpha:ResourcePolicyWeeklyCycleDayOfWeekDay": { "description": "Defines a schedule that runs on specific days of the week. Specify one or more days. The following options are available: MONDAY, TUESDAY, WEDNESDAY, THURSDAY, FRIDAY, SATURDAY, SUNDAY.", "type": "string", "enum": [ { "name": "Friday", "value": "FRIDAY" }, { "name": "Invalid", "value": "INVALID" }, { "name": "Monday", "value": "MONDAY" }, { "name": "Saturday", "value": "SATURDAY" }, { "name": "Sunday", "value": "SUNDAY" }, { "name": "Thursday", "value": "THURSDAY" }, { "name": "Tuesday", "value": "TUESDAY" }, { "name": "Wednesday", "value": "WEDNESDAY" } ] }, "google-native:compute/alpha:ResourcePolicyWeeklyCycleDayOfWeekResponse": { "properties": { "day": { "type": "string", "description": "Defines a schedule that runs on specific days of the week. Specify one or more days. The following options are available: MONDAY, TUESDAY, WEDNESDAY, THURSDAY, FRIDAY, SATURDAY, SUNDAY." }, "duration": { "type": "string", "description": "[Output only] Duration of the time window, automatically chosen to be smallest possible in the given scenario." }, "startTime": { "type": "string", "description": "Time within the window to start the operations. It must be in format \"HH:MM\", where HH : [00-23] and MM : [00-00] GMT." } }, "type": "object", "required": [ "day", "duration", "startTime" ] }, "google-native:compute/alpha:ResourcePolicyWeeklyCycleResponse": { "description": "Time window specified for weekly operations.", "properties": { "dayOfWeeks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:ResourcePolicyWeeklyCycleDayOfWeekResponse" }, "description": "Up to 7 intervals/windows, one for each day of the week." } }, "type": "object", "required": [ "dayOfWeeks" ] }, "google-native:compute/alpha:ResourceStatusLastInstanceTerminationDetailsResponse": { "properties": { "terminationReason": { "type": "string", "description": "Reason for termination" } }, "type": "object", "required": [ "terminationReason" ] }, "google-native:compute/alpha:ResourceStatusResponse": { "description": "Contains output only fields. Use this sub-message for actual values set on Instance attributes as compared to the value requested by the user (intent) in their instance CRUD calls.", "properties": { "lastInstanceTerminationDetails": { "$ref": "#/types/google-native:compute%2Falpha:ResourceStatusLastInstanceTerminationDetailsResponse", "description": "Contains last termination details why the instance was terminated." }, "physicalHost": { "type": "string", "description": "An opaque ID of the host on which the VM is running." }, "scheduling": { "$ref": "#/types/google-native:compute%2Falpha:ResourceStatusSchedulingResponse" }, "serviceIntegrationStatuses": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Represents the status of the service integration specs defined by the user in instance.serviceIntegrationSpecs." }, "shutdownDetails": { "$ref": "#/types/google-native:compute%2Falpha:ResourceStatusShutdownDetailsResponse", "description": "Details about stopping state of instance" }, "upcomingMaintenance": { "$ref": "#/types/google-native:compute%2Falpha:UpcomingMaintenanceResponse" } }, "type": "object", "required": [ "lastInstanceTerminationDetails", "physicalHost", "scheduling", "serviceIntegrationStatuses", "shutdownDetails", "upcomingMaintenance" ] }, "google-native:compute/alpha:ResourceStatusSchedulingResponse": { "properties": { "availabilityDomain": { "type": "integer", "description": "Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details." }, "terminationTimestamp": { "type": "string", "description": "Time in future when the instance will be terminated in RFC3339 text format." } }, "type": "object", "required": [ "availabilityDomain", "terminationTimestamp" ] }, "google-native:compute/alpha:ResourceStatusShutdownDetailsResponse": { "description": "Specifies if the instance is in `SHUTTING_DOWN` state or there is a instance stopping scheduled.", "properties": { "maxDuration": { "$ref": "#/types/google-native:compute%2Falpha:DurationResponse", "description": "Duration for graceful shutdown. Only applicable when `stop_state=SHUTTING_DOWN`." }, "requestTimestamp": { "type": "string", "description": "Past timestamp indicating the beginning of current `stopState` in RFC3339 text format." }, "stopState": { "type": "string", "description": "Current stopping state of the instance." }, "targetState": { "type": "string", "description": "Target instance state." } }, "type": "object", "required": [ "maxDuration", "requestTimestamp", "stopState", "targetState" ] }, "google-native:compute/alpha:RolloutPolicy": { "description": "A rollout policy configuration.", "properties": { "defaultRolloutTime": { "type": "string", "description": "An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated." }, "locationRolloutPolicies": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location." } }, "type": "object" }, "google-native:compute/alpha:RolloutPolicyResponse": { "description": "A rollout policy configuration.", "properties": { "defaultRolloutTime": { "type": "string", "description": "An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated." }, "locationRolloutPolicies": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location." } }, "type": "object", "required": [ "defaultRolloutTime", "locationRolloutPolicies" ] }, "google-native:compute/alpha:RouteAsPathResponse": { "properties": { "asLists": { "type": "array", "items": { "type": "integer" }, "description": "The AS numbers of the AS Path." }, "pathSegmentType": { "type": "string", "description": "The type of the AS Path, which can be one of the following values: - 'AS_SET': unordered set of autonomous systems that the route in has traversed - 'AS_SEQUENCE': ordered set of autonomous systems that the route has traversed - 'AS_CONFED_SEQUENCE': ordered set of Member Autonomous Systems in the local confederation that the route has traversed - 'AS_CONFED_SET': unordered set of Member Autonomous Systems in the local confederation that the route has traversed " } }, "type": "object", "required": [ "asLists", "pathSegmentType" ] }, "google-native:compute/alpha:RouteIlbRouteBehaviorOnUnhealthy": { "description": "ILB route behavior when ILB is deemed unhealthy based on user specified threshold on the Backend Service of the internal load balancing.", "type": "string", "enum": [ { "name": "DoNotWithdrawRouteIfIlbUnhealthy", "description": "Do not Withdraw route if the ILB is deemed unhealthy based on user specified threshold on the Backend Service of the ILB. This is default behavior for ilb as next hop route without IlbRouteBehavior.", "value": "DO_NOT_WITHDRAW_ROUTE_IF_ILB_UNHEALTHY" }, { "name": "WithdrawRouteIfIlbUnhealthy", "description": "Withdraw route if the ILB is deemed unhealthy based on user specified threshold on the Backend Service of the internal load balancing. Currently the withdrawn route will be reinserted when the backends are restored to healthy. If you wish to prevent the re-insertion of the route and trigger the fall-back at your discretion, override the health result from the backends to signal as healthy only when ready to fallback.", "value": "WITHDRAW_ROUTE_IF_ILB_UNHEALTHY" } ] }, "google-native:compute/alpha:RouteWarningsItemDataItemResponse": { "properties": { "key": { "type": "string", "description": "A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)." }, "value": { "type": "string", "description": "A warning data value corresponding to the key." } }, "type": "object", "required": [ "key", "value" ] }, "google-native:compute/alpha:RouteWarningsItemResponse": { "properties": { "code": { "type": "string", "description": "A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response." }, "data": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:RouteWarningsItemDataItemResponse" }, "description": "Metadata about this warning in key: value format. For example: \"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" } " }, "message": { "type": "string", "description": "A human-readable description of the warning code." } }, "type": "object", "required": [ "code", "data", "message" ] }, "google-native:compute/alpha:RouterAdvertisedIpRange": { "description": "Description-tagged IP ranges for the router to advertise.", "properties": { "description": { "type": "string", "description": "User-specified description for the IP range." }, "range": { "type": "string", "description": "The IP range to advertise. The value must be a CIDR-formatted string." } }, "type": "object" }, "google-native:compute/alpha:RouterAdvertisedIpRangeResponse": { "description": "Description-tagged IP ranges for the router to advertise.", "properties": { "description": { "type": "string", "description": "User-specified description for the IP range." }, "range": { "type": "string", "description": "The IP range to advertise. The value must be a CIDR-formatted string." } }, "type": "object", "required": [ "description", "range" ] }, "google-native:compute/alpha:RouterBgp": { "properties": { "advertiseMode": { "$ref": "#/types/google-native:compute%2Falpha:RouterBgpAdvertiseMode", "description": "User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM." }, "advertisedGroups": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:RouterBgpAdvertisedGroupsItem" }, "description": "User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups." }, "advertisedIpRanges": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:RouterAdvertisedIpRange" }, "description": "User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These IP ranges will be advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges." }, "asn": { "type": "integer", "description": "Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN." }, "identifierRange": { "type": "string", "description": "Explicitly specifies a range of valid BGP Identifiers for this Router. It is provided as a link-local IPv4 range (from 169.254.0.0/16), of size at least /30, even if the BGP sessions are over IPv6. It must not overlap with any IPv4 BGP session ranges. Other vendors commonly call this \"router ID\"." }, "keepaliveInterval": { "type": "integer", "description": "The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20." } }, "type": "object" }, "google-native:compute/alpha:RouterBgpAdvertiseMode": { "description": "User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM.", "type": "string", "enum": [ { "name": "Custom", "value": "CUSTOM" }, { "name": "Default", "value": "DEFAULT" } ] }, "google-native:compute/alpha:RouterBgpAdvertisedGroupsItem": { "type": "string", "enum": [ { "name": "AllPeerVpcSubnets", "description": "Advertise peer subnets of the router's VPC.", "value": "ALL_PEER_VPC_SUBNETS" }, { "name": "AllSubnets", "description": "Advertise all available subnets (including peer VPC subnets).", "value": "ALL_SUBNETS" }, { "name": "AllVpcSubnets", "description": "Advertise the router's own VPC subnets.", "value": "ALL_VPC_SUBNETS" } ] }, "google-native:compute/alpha:RouterBgpPeer": { "properties": { "advertiseMode": { "$ref": "#/types/google-native:compute%2Falpha:RouterBgpPeerAdvertiseMode", "description": "User-specified flag to indicate which mode to use for advertisement." }, "advertisedGroups": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:RouterBgpPeerAdvertisedGroupsItem" }, "description": "User-specified list of prefix groups to advertise in custom mode, which currently supports the following option: - ALL_SUBNETS: Advertises all of the router's own VPC subnets. This excludes any routes learned for subnets that use VPC Network Peering. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the \"bgp\" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups." }, "advertisedIpRanges": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:RouterAdvertisedIpRange" }, "description": "User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the \"bgp\" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges." }, "advertisedRoutePriority": { "type": "integer", "description": "The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win." }, "bfd": { "$ref": "#/types/google-native:compute%2Falpha:RouterBgpPeerBfd", "description": "BFD configuration for the BGP peering." }, "customLearnedIpRanges": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:RouterBgpPeerCustomLearnedIpRange" }, "description": "A list of user-defined custom learned route IP address ranges for a BGP session." }, "customLearnedRoutePriority": { "type": "integer", "description": "The user-defined custom learned route priority for a BGP session. This value is applied to all custom learned route ranges for the session. You can choose a value from `0` to `65335`. If you don't provide a value, Google Cloud assigns a priority of `100` to the ranges." }, "enable": { "$ref": "#/types/google-native:compute%2Falpha:RouterBgpPeerEnable", "description": "The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE." }, "enableIpv4": { "type": "boolean", "description": "Enable IPv4 traffic over BGP Peer. It is enabled by default if the peerIpAddress is version 4." }, "enableIpv6": { "type": "boolean", "description": "Enable IPv6 traffic over BGP Peer. If not specified, it is disabled by default." }, "exportPolicies": { "type": "array", "items": { "type": "string" }, "description": "List of export policies applied to this peer, in the order they must be evaluated. The name must correspond to an existing policy that has ROUTE_POLICY_TYPE_EXPORT type." }, "importPolicies": { "type": "array", "items": { "type": "string" }, "description": "List of import policies applied to this peer, in the order they must be evaluated. The name must correspond to an existing policy that has ROUTE_POLICY_TYPE_IMPORT type." }, "interfaceName": { "type": "string", "description": "Name of the interface the BGP peer is associated with." }, "ipAddress": { "type": "string", "description": "IP address of the interface inside Google Cloud Platform. Only IPv4 is supported." }, "ipv4NexthopAddress": { "type": "string", "description": "IPv4 address of the interface inside Google Cloud Platform." }, "ipv6NexthopAddress": { "type": "string", "description": "IPv6 address of the interface inside Google Cloud Platform." }, "md5AuthenticationKeyName": { "type": "string", "description": "Present if MD5 authentication is enabled for the peering. Must be the name of one of the entries in the Router.md5_authentication_keys. The field must comply with RFC1035." }, "name": { "type": "string", "description": "Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "peerAsn": { "type": "integer", "description": "Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value." }, "peerIpAddress": { "type": "string", "description": "IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported." }, "peerIpv4NexthopAddress": { "type": "string", "description": "IPv4 address of the BGP interface outside Google Cloud Platform." }, "peerIpv6NexthopAddress": { "type": "string", "description": "IPv6 address of the BGP interface outside Google Cloud Platform." }, "routerApplianceInstance": { "type": "string", "description": "URI of the VM instance that is used as third-party router appliances such as Next Gen Firewalls, Virtual Routers, or Router Appliances. The VM instance must be located in zones contained in the same region as this Cloud Router. The VM instance is the peer side of the BGP session." } }, "type": "object" }, "google-native:compute/alpha:RouterBgpPeerAdvertiseMode": { "description": "User-specified flag to indicate which mode to use for advertisement.", "type": "string", "enum": [ { "name": "Custom", "value": "CUSTOM" }, { "name": "Default", "value": "DEFAULT" } ] }, "google-native:compute/alpha:RouterBgpPeerAdvertisedGroupsItem": { "type": "string", "enum": [ { "name": "AllPeerVpcSubnets", "description": "Advertise peer subnets of the router's VPC.", "value": "ALL_PEER_VPC_SUBNETS" }, { "name": "AllSubnets", "description": "Advertise all available subnets (including peer VPC subnets).", "value": "ALL_SUBNETS" }, { "name": "AllVpcSubnets", "description": "Advertise the router's own VPC subnets.", "value": "ALL_VPC_SUBNETS" } ] }, "google-native:compute/alpha:RouterBgpPeerBfd": { "properties": { "minReceiveInterval": { "type": "integer", "description": "The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router. If set, this value must be between 1000 and 30000. The default is 1000." }, "minTransmitInterval": { "type": "integer", "description": "The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router. If set, this value must be between 1000 and 30000. The default is 1000." }, "mode": { "$ref": "#/types/google-native:compute%2Falpha:RouterBgpPeerBfdMode", "description": "The BFD session initialization mode for this BGP peer. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE." }, "multiplier": { "type": "integer", "description": "The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable. If set, the value must be a value between 5 and 16. The default is 5." }, "packetMode": { "$ref": "#/types/google-native:compute%2Falpha:RouterBgpPeerBfdPacketMode", "description": "The BFD packet mode for this BGP peer. If set to CONTROL_AND_ECHO, BFD echo mode is enabled for this BGP peer. In this mode, if the peer router also has BFD echo mode enabled, BFD echo packets will be sent to the other router. If the peer router does not have BFD echo mode enabled, only control packets will be sent. If set to CONTROL_ONLY, BFD echo mode is disabled for this BGP peer. If this router and the peer router have a multihop connection, this should be set to CONTROL_ONLY as BFD echo mode is only supported on singlehop connections. The default is CONTROL_AND_ECHO." }, "sessionInitializationMode": { "$ref": "#/types/google-native:compute%2Falpha:RouterBgpPeerBfdSessionInitializationMode", "description": "The BFD session initialization mode for this BGP peer. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is DISABLED." }, "slowTimerInterval": { "type": "integer", "description": "The minimum interval, in milliseconds, between BFD control packets transmitted to and received from the peer router when BFD echo mode is enabled on both routers. The actual transmit and receive intervals are negotiated between the two routers and are equal to the greater of this value and the corresponding interval on the other router. If set, this value must be between 1000 and 30000. The default is 5000." } }, "type": "object" }, "google-native:compute/alpha:RouterBgpPeerBfdMode": { "description": "The BFD session initialization mode for this BGP peer. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE.", "type": "string", "enum": [ { "name": "Active", "value": "ACTIVE" }, { "name": "Disabled", "value": "DISABLED" }, { "name": "Passive", "value": "PASSIVE" } ] }, "google-native:compute/alpha:RouterBgpPeerBfdPacketMode": { "description": "The BFD packet mode for this BGP peer. If set to CONTROL_AND_ECHO, BFD echo mode is enabled for this BGP peer. In this mode, if the peer router also has BFD echo mode enabled, BFD echo packets will be sent to the other router. If the peer router does not have BFD echo mode enabled, only control packets will be sent. If set to CONTROL_ONLY, BFD echo mode is disabled for this BGP peer. If this router and the peer router have a multihop connection, this should be set to CONTROL_ONLY as BFD echo mode is only supported on singlehop connections. The default is CONTROL_AND_ECHO.", "type": "string", "enum": [ { "name": "ControlAndEcho", "value": "CONTROL_AND_ECHO" }, { "name": "ControlOnly", "value": "CONTROL_ONLY" } ] }, "google-native:compute/alpha:RouterBgpPeerBfdResponse": { "properties": { "minReceiveInterval": { "type": "integer", "description": "The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router. If set, this value must be between 1000 and 30000. The default is 1000." }, "minTransmitInterval": { "type": "integer", "description": "The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router. If set, this value must be between 1000 and 30000. The default is 1000." }, "mode": { "type": "string", "description": "The BFD session initialization mode for this BGP peer. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is PASSIVE." }, "multiplier": { "type": "integer", "description": "The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable. If set, the value must be a value between 5 and 16. The default is 5." }, "packetMode": { "type": "string", "description": "The BFD packet mode for this BGP peer. If set to CONTROL_AND_ECHO, BFD echo mode is enabled for this BGP peer. In this mode, if the peer router also has BFD echo mode enabled, BFD echo packets will be sent to the other router. If the peer router does not have BFD echo mode enabled, only control packets will be sent. If set to CONTROL_ONLY, BFD echo mode is disabled for this BGP peer. If this router and the peer router have a multihop connection, this should be set to CONTROL_ONLY as BFD echo mode is only supported on singlehop connections. The default is CONTROL_AND_ECHO." }, "sessionInitializationMode": { "type": "string", "description": "The BFD session initialization mode for this BGP peer. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is DISABLED." }, "slowTimerInterval": { "type": "integer", "description": "The minimum interval, in milliseconds, between BFD control packets transmitted to and received from the peer router when BFD echo mode is enabled on both routers. The actual transmit and receive intervals are negotiated between the two routers and are equal to the greater of this value and the corresponding interval on the other router. If set, this value must be between 1000 and 30000. The default is 5000." } }, "type": "object", "required": [ "minReceiveInterval", "minTransmitInterval", "mode", "multiplier", "packetMode", "sessionInitializationMode", "slowTimerInterval" ] }, "google-native:compute/alpha:RouterBgpPeerBfdSessionInitializationMode": { "description": "The BFD session initialization mode for this BGP peer. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is DISABLED.", "type": "string", "enum": [ { "name": "Active", "value": "ACTIVE" }, { "name": "Disabled", "value": "DISABLED" }, { "name": "Passive", "value": "PASSIVE" } ] }, "google-native:compute/alpha:RouterBgpPeerCustomLearnedIpRange": { "properties": { "range": { "type": "string", "description": "The custom learned route IP address range. Must be a valid CIDR-formatted prefix. If an IP address is provided without a subnet mask, it is interpreted as, for IPv4, a `/32` singular IP address range, and, for IPv6, `/128`." } }, "type": "object" }, "google-native:compute/alpha:RouterBgpPeerCustomLearnedIpRangeResponse": { "properties": { "range": { "type": "string", "description": "The custom learned route IP address range. Must be a valid CIDR-formatted prefix. If an IP address is provided without a subnet mask, it is interpreted as, for IPv4, a `/32` singular IP address range, and, for IPv6, `/128`." } }, "type": "object", "required": [ "range" ] }, "google-native:compute/alpha:RouterBgpPeerEnable": { "description": "The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.", "type": "string", "enum": [ { "name": "False", "value": "FALSE" }, { "name": "True", "value": "TRUE" } ] }, "google-native:compute/alpha:RouterBgpPeerResponse": { "properties": { "advertiseMode": { "type": "string", "description": "User-specified flag to indicate which mode to use for advertisement." }, "advertisedGroups": { "type": "array", "items": { "type": "string" }, "description": "User-specified list of prefix groups to advertise in custom mode, which currently supports the following option: - ALL_SUBNETS: Advertises all of the router's own VPC subnets. This excludes any routes learned for subnets that use VPC Network Peering. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the \"bgp\" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups." }, "advertisedIpRanges": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:RouterAdvertisedIpRangeResponse" }, "description": "User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the \"bgp\" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges." }, "advertisedRoutePriority": { "type": "integer", "description": "The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win." }, "bfd": { "$ref": "#/types/google-native:compute%2Falpha:RouterBgpPeerBfdResponse", "description": "BFD configuration for the BGP peering." }, "customLearnedIpRanges": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:RouterBgpPeerCustomLearnedIpRangeResponse" }, "description": "A list of user-defined custom learned route IP address ranges for a BGP session." }, "customLearnedRoutePriority": { "type": "integer", "description": "The user-defined custom learned route priority for a BGP session. This value is applied to all custom learned route ranges for the session. You can choose a value from `0` to `65335`. If you don't provide a value, Google Cloud assigns a priority of `100` to the ranges." }, "enable": { "type": "string", "description": "The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE." }, "enableIpv4": { "type": "boolean", "description": "Enable IPv4 traffic over BGP Peer. It is enabled by default if the peerIpAddress is version 4." }, "enableIpv6": { "type": "boolean", "description": "Enable IPv6 traffic over BGP Peer. If not specified, it is disabled by default." }, "exportPolicies": { "type": "array", "items": { "type": "string" }, "description": "List of export policies applied to this peer, in the order they must be evaluated. The name must correspond to an existing policy that has ROUTE_POLICY_TYPE_EXPORT type." }, "importPolicies": { "type": "array", "items": { "type": "string" }, "description": "List of import policies applied to this peer, in the order they must be evaluated. The name must correspond to an existing policy that has ROUTE_POLICY_TYPE_IMPORT type." }, "interfaceName": { "type": "string", "description": "Name of the interface the BGP peer is associated with." }, "ipAddress": { "type": "string", "description": "IP address of the interface inside Google Cloud Platform. Only IPv4 is supported." }, "ipv4NexthopAddress": { "type": "string", "description": "IPv4 address of the interface inside Google Cloud Platform." }, "ipv6NexthopAddress": { "type": "string", "description": "IPv6 address of the interface inside Google Cloud Platform." }, "managementType": { "type": "string", "description": "The resource that configures and manages this BGP peer. - MANAGED_BY_USER is the default value and can be managed by you or other users - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted. " }, "md5AuthenticationKeyName": { "type": "string", "description": "Present if MD5 authentication is enabled for the peering. Must be the name of one of the entries in the Router.md5_authentication_keys. The field must comply with RFC1035." }, "name": { "type": "string", "description": "Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "peerAsn": { "type": "integer", "description": "Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value." }, "peerIpAddress": { "type": "string", "description": "IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported." }, "peerIpv4NexthopAddress": { "type": "string", "description": "IPv4 address of the BGP interface outside Google Cloud Platform." }, "peerIpv6NexthopAddress": { "type": "string", "description": "IPv6 address of the BGP interface outside Google Cloud Platform." }, "routerApplianceInstance": { "type": "string", "description": "URI of the VM instance that is used as third-party router appliances such as Next Gen Firewalls, Virtual Routers, or Router Appliances. The VM instance must be located in zones contained in the same region as this Cloud Router. The VM instance is the peer side of the BGP session." } }, "type": "object", "required": [ "advertiseMode", "advertisedGroups", "advertisedIpRanges", "advertisedRoutePriority", "bfd", "customLearnedIpRanges", "customLearnedRoutePriority", "enable", "enableIpv4", "enableIpv6", "exportPolicies", "importPolicies", "interfaceName", "ipAddress", "ipv4NexthopAddress", "ipv6NexthopAddress", "managementType", "md5AuthenticationKeyName", "name", "peerAsn", "peerIpAddress", "peerIpv4NexthopAddress", "peerIpv6NexthopAddress", "routerApplianceInstance" ] }, "google-native:compute/alpha:RouterBgpResponse": { "properties": { "advertiseMode": { "type": "string", "description": "User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM." }, "advertisedGroups": { "type": "array", "items": { "type": "string" }, "description": "User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups." }, "advertisedIpRanges": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:RouterAdvertisedIpRangeResponse" }, "description": "User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These IP ranges will be advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges." }, "asn": { "type": "integer", "description": "Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN." }, "identifierRange": { "type": "string", "description": "Explicitly specifies a range of valid BGP Identifiers for this Router. It is provided as a link-local IPv4 range (from 169.254.0.0/16), of size at least /30, even if the BGP sessions are over IPv6. It must not overlap with any IPv4 BGP session ranges. Other vendors commonly call this \"router ID\"." }, "keepaliveInterval": { "type": "integer", "description": "The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20." } }, "type": "object", "required": [ "advertiseMode", "advertisedGroups", "advertisedIpRanges", "asn", "identifierRange", "keepaliveInterval" ] }, "google-native:compute/alpha:RouterInterface": { "properties": { "ipRange": { "type": "string", "description": "IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface." }, "ipVersion": { "$ref": "#/types/google-native:compute%2Falpha:RouterInterfaceIpVersion", "description": "IP version of this interface." }, "linkedInterconnectAttachment": { "type": "string", "description": "URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a subnetwork." }, "linkedVpnTunnel": { "type": "string", "description": "URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a subnetwork." }, "name": { "type": "string", "description": "Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "privateIpAddress": { "type": "string", "description": "The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM." }, "redundantInterface": { "type": "string", "description": "Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "subnetwork": { "type": "string", "description": "The URI of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here." } }, "type": "object" }, "google-native:compute/alpha:RouterInterfaceIpVersion": { "description": "IP version of this interface.", "type": "string", "enum": [ { "name": "Ipv4", "value": "IPV4" }, { "name": "Ipv6", "value": "IPV6" } ] }, "google-native:compute/alpha:RouterInterfaceResponse": { "properties": { "ipRange": { "type": "string", "description": "IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface." }, "ipVersion": { "type": "string", "description": "IP version of this interface." }, "linkedInterconnectAttachment": { "type": "string", "description": "URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a subnetwork." }, "linkedVpnTunnel": { "type": "string", "description": "URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a subnetwork." }, "managementType": { "type": "string", "description": "The resource that configures and manages this interface. - MANAGED_BY_USER is the default value and can be managed directly by users. - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted. " }, "name": { "type": "string", "description": "Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "privateIpAddress": { "type": "string", "description": "The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM." }, "redundantInterface": { "type": "string", "description": "Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "subnetwork": { "type": "string", "description": "The URI of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here." } }, "type": "object", "required": [ "ipRange", "ipVersion", "linkedInterconnectAttachment", "linkedVpnTunnel", "managementType", "name", "privateIpAddress", "redundantInterface", "subnetwork" ] }, "google-native:compute/alpha:RouterMd5AuthenticationKey": { "properties": { "key": { "type": "string", "description": "[Input only] Value of the key. For patch and update calls, it can be skipped to copy the value from the previous configuration. This is allowed if the key with the same name existed before the operation. Maximum length is 80 characters. Can only contain printable ASCII characters." }, "name": { "type": "string", "description": "Name used to identify the key. Must be unique within a router. Must be referenced by exactly one bgpPeer. Must comply with RFC1035." } }, "type": "object" }, "google-native:compute/alpha:RouterMd5AuthenticationKeyResponse": { "properties": { "key": { "type": "string", "description": "[Input only] Value of the key. For patch and update calls, it can be skipped to copy the value from the previous configuration. This is allowed if the key with the same name existed before the operation. Maximum length is 80 characters. Can only contain printable ASCII characters." }, "name": { "type": "string", "description": "Name used to identify the key. Must be unique within a router. Must be referenced by exactly one bgpPeer. Must comply with RFC1035." } }, "type": "object", "required": [ "key", "name" ] }, "google-native:compute/alpha:RouterNat": { "description": "Represents a Nat resource. It enables the VMs within the specified subnetworks to access Internet without external IP addresses. It specifies a list of subnetworks (and the ranges within) that want to use NAT. Customers can also provide the external IPs that would be used for NAT. GCP would auto-allocate ephemeral IPs if no external IPs are provided.", "properties": { "autoNetworkTier": { "$ref": "#/types/google-native:compute%2Falpha:RouterNatAutoNetworkTier", "description": "The network tier to use when automatically reserving NAT IP addresses. Must be one of: PREMIUM, STANDARD. If not specified, then the current project-level default tier is used." }, "drainNatIps": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT only." }, "enableDynamicPortAllocation": { "type": "boolean", "description": "Enable Dynamic Port Allocation. If not specified, it is disabled by default. If set to true, - Dynamic Port Allocation will be enabled on this NAT config. - enableEndpointIndependentMapping cannot be set to true. - If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config. " }, "enableEndpointIndependentMapping": { "type": "boolean" }, "endpointTypes": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:RouterNatEndpointTypesItem" }, "description": "List of NAT-ted endpoint types supported by the Nat Gateway. If the list is empty, then it will be equivalent to include ENDPOINT_TYPE_VM" }, "icmpIdleTimeoutSec": { "type": "integer", "description": "Timeout (in seconds) for ICMP connections. Defaults to 30s if not set." }, "logConfig": { "$ref": "#/types/google-native:compute%2Falpha:RouterNatLogConfig", "description": "Configure logging on this NAT." }, "maxPortsPerVm": { "type": "integer", "description": "Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled. If Dynamic Port Allocation is not enabled, this field has no effect. If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set. If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config." }, "minPortsPerVm": { "type": "integer", "description": "Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM." }, "name": { "type": "string", "description": "Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035." }, "natIpAllocateOption": { "$ref": "#/types/google-native:compute%2Falpha:RouterNatNatIpAllocateOption", "description": "Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty. " }, "natIps": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project." }, "rules": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:RouterNatRule" }, "description": "A list of rules associated with this NAT." }, "sourceSubnetworkIpRangesToNat": { "$ref": "#/types/google-native:compute%2Falpha:RouterNatSourceSubnetworkIpRangesToNat", "description": "Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES then there should not be any other Router.Nat section in any Router for this network in this region." }, "subnetworks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:RouterNatSubnetworkToNat" }, "description": "A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above." }, "tcpEstablishedIdleTimeoutSec": { "type": "integer", "description": "Timeout (in seconds) for TCP established connections. Defaults to 1200s if not set." }, "tcpTimeWaitTimeoutSec": { "type": "integer", "description": "Timeout (in seconds) for TCP connections that are in TIME_WAIT state. Defaults to 120s if not set." }, "tcpTransitoryIdleTimeoutSec": { "type": "integer", "description": "Timeout (in seconds) for TCP transitory connections. Defaults to 30s if not set." }, "type": { "$ref": "#/types/google-native:compute%2Falpha:RouterNatType", "description": "Indicates whether this NAT is used for public or private IP translation. If unspecified, it defaults to PUBLIC." }, "udpIdleTimeoutSec": { "type": "integer", "description": "Timeout (in seconds) for UDP connections. Defaults to 30s if not set." } }, "type": "object" }, "google-native:compute/alpha:RouterNatAutoNetworkTier": { "description": "The network tier to use when automatically reserving NAT IP addresses. Must be one of: PREMIUM, STANDARD. If not specified, then the current project-level default tier is used.", "type": "string", "enum": [ { "name": "FixedStandard", "description": "Public internet quality with fixed bandwidth.", "value": "FIXED_STANDARD" }, { "name": "Premium", "description": "High quality, Google-grade network tier, support for all networking products.", "value": "PREMIUM" }, { "name": "Select", "description": "Price competitive network tier, support for all networking products.", "value": "SELECT" }, { "name": "Standard", "description": "Public internet quality, only limited support for other networking products.", "value": "STANDARD" }, { "name": "StandardOverridesFixedStandard", "description": "(Output only) Temporary tier for FIXED_STANDARD when fixed standard tier is expired or not configured.", "value": "STANDARD_OVERRIDES_FIXED_STANDARD" } ] }, "google-native:compute/alpha:RouterNatEndpointTypesItem": { "type": "string", "enum": [ { "name": "EndpointTypeManagedProxyLb", "description": "This is used for regional Application Load Balancers (internal and external) and regional proxy Network Load Balancers (internal and external) endpoints.", "value": "ENDPOINT_TYPE_MANAGED_PROXY_LB" }, { "name": "EndpointTypeSwg", "description": "This is used for Secure Web Gateway endpoints.", "value": "ENDPOINT_TYPE_SWG" }, { "name": "EndpointTypeVm", "description": "This is the default.", "value": "ENDPOINT_TYPE_VM" } ] }, "google-native:compute/alpha:RouterNatLogConfig": { "description": "Configuration of logging on a NAT.", "properties": { "enable": { "type": "boolean", "description": "Indicates whether or not to export logs. This is false by default." }, "filter": { "$ref": "#/types/google-native:compute%2Falpha:RouterNatLogConfigFilter", "description": "Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful. " } }, "type": "object" }, "google-native:compute/alpha:RouterNatLogConfigFilter": { "description": "Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful. ", "type": "string", "enum": [ { "name": "All", "description": "Export logs for all (successful and unsuccessful) connections.", "value": "ALL" }, { "name": "ErrorsOnly", "description": "Export logs for connection failures only.", "value": "ERRORS_ONLY" }, { "name": "TranslationsOnly", "description": "Export logs for successful connections only.", "value": "TRANSLATIONS_ONLY" } ] }, "google-native:compute/alpha:RouterNatLogConfigResponse": { "description": "Configuration of logging on a NAT.", "properties": { "enable": { "type": "boolean", "description": "Indicates whether or not to export logs. This is false by default." }, "filter": { "type": "string", "description": "Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful. " } }, "type": "object", "required": [ "enable", "filter" ] }, "google-native:compute/alpha:RouterNatNatIpAllocateOption": { "description": "Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty. ", "type": "string", "enum": [ { "name": "AutoOnly", "description": "Nat IPs are allocated by GCP; customers can not specify any Nat IPs.", "value": "AUTO_ONLY" }, { "name": "ManualOnly", "description": "Only use Nat IPs provided by customers. When specified Nat IPs are not enough then the Nat service fails for new VMs.", "value": "MANUAL_ONLY" } ] }, "google-native:compute/alpha:RouterNatResponse": { "description": "Represents a Nat resource. It enables the VMs within the specified subnetworks to access Internet without external IP addresses. It specifies a list of subnetworks (and the ranges within) that want to use NAT. Customers can also provide the external IPs that would be used for NAT. GCP would auto-allocate ephemeral IPs if no external IPs are provided.", "properties": { "autoNetworkTier": { "type": "string", "description": "The network tier to use when automatically reserving NAT IP addresses. Must be one of: PREMIUM, STANDARD. If not specified, then the current project-level default tier is used." }, "drainNatIps": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT only." }, "enableDynamicPortAllocation": { "type": "boolean", "description": "Enable Dynamic Port Allocation. If not specified, it is disabled by default. If set to true, - Dynamic Port Allocation will be enabled on this NAT config. - enableEndpointIndependentMapping cannot be set to true. - If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config. " }, "enableEndpointIndependentMapping": { "type": "boolean" }, "endpointTypes": { "type": "array", "items": { "type": "string" }, "description": "List of NAT-ted endpoint types supported by the Nat Gateway. If the list is empty, then it will be equivalent to include ENDPOINT_TYPE_VM" }, "icmpIdleTimeoutSec": { "type": "integer", "description": "Timeout (in seconds) for ICMP connections. Defaults to 30s if not set." }, "logConfig": { "$ref": "#/types/google-native:compute%2Falpha:RouterNatLogConfigResponse", "description": "Configure logging on this NAT." }, "maxPortsPerVm": { "type": "integer", "description": "Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled. If Dynamic Port Allocation is not enabled, this field has no effect. If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set. If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config." }, "minPortsPerVm": { "type": "integer", "description": "Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM." }, "name": { "type": "string", "description": "Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035." }, "natIpAllocateOption": { "type": "string", "description": "Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty. " }, "natIps": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project." }, "rules": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:RouterNatRuleResponse" }, "description": "A list of rules associated with this NAT." }, "sourceSubnetworkIpRangesToNat": { "type": "string", "description": "Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES then there should not be any other Router.Nat section in any Router for this network in this region." }, "subnetworks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:RouterNatSubnetworkToNatResponse" }, "description": "A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above." }, "tcpEstablishedIdleTimeoutSec": { "type": "integer", "description": "Timeout (in seconds) for TCP established connections. Defaults to 1200s if not set." }, "tcpTimeWaitTimeoutSec": { "type": "integer", "description": "Timeout (in seconds) for TCP connections that are in TIME_WAIT state. Defaults to 120s if not set." }, "tcpTransitoryIdleTimeoutSec": { "type": "integer", "description": "Timeout (in seconds) for TCP transitory connections. Defaults to 30s if not set." }, "type": { "type": "string", "description": "Indicates whether this NAT is used for public or private IP translation. If unspecified, it defaults to PUBLIC." }, "udpIdleTimeoutSec": { "type": "integer", "description": "Timeout (in seconds) for UDP connections. Defaults to 30s if not set." } }, "type": "object", "required": [ "autoNetworkTier", "drainNatIps", "enableDynamicPortAllocation", "enableEndpointIndependentMapping", "endpointTypes", "icmpIdleTimeoutSec", "logConfig", "maxPortsPerVm", "minPortsPerVm", "name", "natIpAllocateOption", "natIps", "rules", "sourceSubnetworkIpRangesToNat", "subnetworks", "tcpEstablishedIdleTimeoutSec", "tcpTimeWaitTimeoutSec", "tcpTransitoryIdleTimeoutSec", "type", "udpIdleTimeoutSec" ] }, "google-native:compute/alpha:RouterNatRule": { "properties": { "action": { "$ref": "#/types/google-native:compute%2Falpha:RouterNatRuleAction", "description": "The action to be enforced for traffic that matches this rule." }, "description": { "type": "string", "description": "An optional description of this rule." }, "match": { "type": "string", "description": "CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding `action` is enforced. The following examples are valid match expressions for public NAT: \"inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')\" \"destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'\" The following example is a valid match expression for private NAT: \"nexthop.hub == '//networkconnectivity.googleapis.com/projects/my-project/locations/global/hubs/hub-1'\"" }, "ruleNumber": { "type": "integer", "description": "An integer uniquely identifying a rule in the list. The rule number must be a positive value between 0 and 65000, and must be unique among rules within a NAT." } }, "type": "object" }, "google-native:compute/alpha:RouterNatRuleAction": { "properties": { "sourceNatActiveIps": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of the IP resources used for this NAT rule. These IP addresses must be valid static external IP addresses assigned to the project. This field is used for public NAT." }, "sourceNatActiveRanges": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of the subnetworks used as source ranges for this NAT Rule. These subnetworks must have purpose set to PRIVATE_NAT. This field is used for private NAT." }, "sourceNatDrainIps": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT rule only. This field is used for public NAT." }, "sourceNatDrainRanges": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of subnetworks representing source ranges to be drained. This is only supported on patch/update, and these subnetworks must have previously been used as active ranges in this NAT Rule. This field is used for private NAT." } }, "type": "object" }, "google-native:compute/alpha:RouterNatRuleActionResponse": { "properties": { "sourceNatActiveIps": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of the IP resources used for this NAT rule. These IP addresses must be valid static external IP addresses assigned to the project. This field is used for public NAT." }, "sourceNatActiveRanges": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of the subnetworks used as source ranges for this NAT Rule. These subnetworks must have purpose set to PRIVATE_NAT. This field is used for private NAT." }, "sourceNatDrainIps": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT rule only. This field is used for public NAT." }, "sourceNatDrainRanges": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of subnetworks representing source ranges to be drained. This is only supported on patch/update, and these subnetworks must have previously been used as active ranges in this NAT Rule. This field is used for private NAT." } }, "type": "object", "required": [ "sourceNatActiveIps", "sourceNatActiveRanges", "sourceNatDrainIps", "sourceNatDrainRanges" ] }, "google-native:compute/alpha:RouterNatRuleResponse": { "properties": { "action": { "$ref": "#/types/google-native:compute%2Falpha:RouterNatRuleActionResponse", "description": "The action to be enforced for traffic that matches this rule." }, "description": { "type": "string", "description": "An optional description of this rule." }, "match": { "type": "string", "description": "CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding `action` is enforced. The following examples are valid match expressions for public NAT: \"inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')\" \"destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'\" The following example is a valid match expression for private NAT: \"nexthop.hub == '//networkconnectivity.googleapis.com/projects/my-project/locations/global/hubs/hub-1'\"" }, "ruleNumber": { "type": "integer", "description": "An integer uniquely identifying a rule in the list. The rule number must be a positive value between 0 and 65000, and must be unique among rules within a NAT." } }, "type": "object", "required": [ "action", "description", "match", "ruleNumber" ] }, "google-native:compute/alpha:RouterNatSourceSubnetworkIpRangesToNat": { "description": "Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES then there should not be any other Router.Nat section in any Router for this network in this region.", "type": "string", "enum": [ { "name": "AllSubnetworksAllIpRanges", "description": "All the IP ranges in every Subnetwork are allowed to Nat.", "value": "ALL_SUBNETWORKS_ALL_IP_RANGES" }, { "name": "AllSubnetworksAllPrimaryIpRanges", "description": "All the primary IP ranges in every Subnetwork are allowed to Nat.", "value": "ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES" }, { "name": "ListOfSubnetworks", "description": "A list of Subnetworks are allowed to Nat (specified in the field subnetwork below)", "value": "LIST_OF_SUBNETWORKS" } ] }, "google-native:compute/alpha:RouterNatSubnetworkToNat": { "description": "Defines the IP ranges that want to use NAT for a subnetwork.", "properties": { "name": { "type": "string", "description": "URL for the subnetwork resource that will use NAT." }, "secondaryIpRangeNames": { "type": "array", "items": { "type": "string" }, "description": "A list of the secondary ranges of the Subnetwork that are allowed to use NAT. This can be populated only if \"LIST_OF_SECONDARY_IP_RANGES\" is one of the values in source_ip_ranges_to_nat." }, "sourceIpRangesToNat": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:RouterNatSubnetworkToNatSourceIpRangesToNatItem" }, "description": "Specify the options for NAT ranges in the Subnetwork. All options of a single value are valid except NAT_IP_RANGE_OPTION_UNSPECIFIED. The only valid option with multiple values is: [\"PRIMARY_IP_RANGE\", \"LIST_OF_SECONDARY_IP_RANGES\"] Default: [ALL_IP_RANGES]" } }, "type": "object" }, "google-native:compute/alpha:RouterNatSubnetworkToNatResponse": { "description": "Defines the IP ranges that want to use NAT for a subnetwork.", "properties": { "name": { "type": "string", "description": "URL for the subnetwork resource that will use NAT." }, "secondaryIpRangeNames": { "type": "array", "items": { "type": "string" }, "description": "A list of the secondary ranges of the Subnetwork that are allowed to use NAT. This can be populated only if \"LIST_OF_SECONDARY_IP_RANGES\" is one of the values in source_ip_ranges_to_nat." }, "sourceIpRangesToNat": { "type": "array", "items": { "type": "string" }, "description": "Specify the options for NAT ranges in the Subnetwork. All options of a single value are valid except NAT_IP_RANGE_OPTION_UNSPECIFIED. The only valid option with multiple values is: [\"PRIMARY_IP_RANGE\", \"LIST_OF_SECONDARY_IP_RANGES\"] Default: [ALL_IP_RANGES]" } }, "type": "object", "required": [ "name", "secondaryIpRangeNames", "sourceIpRangesToNat" ] }, "google-native:compute/alpha:RouterNatSubnetworkToNatSourceIpRangesToNatItem": { "type": "string", "enum": [ { "name": "AllIpRanges", "description": "The primary and all the secondary ranges are allowed to Nat.", "value": "ALL_IP_RANGES" }, { "name": "ListOfSecondaryIpRanges", "description": "A list of secondary ranges are allowed to Nat.", "value": "LIST_OF_SECONDARY_IP_RANGES" }, { "name": "PrimaryIpRange", "description": "The primary range is allowed to Nat.", "value": "PRIMARY_IP_RANGE" } ] }, "google-native:compute/alpha:RouterNatType": { "description": "Indicates whether this NAT is used for public or private IP translation. If unspecified, it defaults to PUBLIC.", "type": "string", "enum": [ { "name": "Private", "description": "NAT used for private IP translation.", "value": "PRIVATE" }, { "name": "Public", "description": "NAT used for public IP translation. This is the default.", "value": "PUBLIC" } ] }, "google-native:compute/alpha:Rule": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "action": { "$ref": "#/types/google-native:compute%2Falpha:RuleAction", "description": "This is deprecated and has no effect. Do not use." }, "conditions": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:Condition" }, "description": "This is deprecated and has no effect. Do not use." }, "description": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "ins": { "type": "array", "items": { "type": "string" }, "description": "This is deprecated and has no effect. Do not use." }, "logConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:LogConfig" }, "description": "This is deprecated and has no effect. Do not use." }, "notIns": { "type": "array", "items": { "type": "string" }, "description": "This is deprecated and has no effect. Do not use." }, "permissions": { "type": "array", "items": { "type": "string" }, "description": "This is deprecated and has no effect. Do not use." } }, "type": "object" }, "google-native:compute/alpha:RuleAction": { "description": "This is deprecated and has no effect. Do not use.", "type": "string", "enum": [ { "name": "Allow", "description": "This is deprecated and has no effect. Do not use.", "value": "ALLOW" }, { "name": "AllowWithLog", "description": "This is deprecated and has no effect. Do not use.", "value": "ALLOW_WITH_LOG" }, { "name": "Deny", "description": "This is deprecated and has no effect. Do not use.", "value": "DENY" }, { "name": "DenyWithLog", "description": "This is deprecated and has no effect. Do not use.", "value": "DENY_WITH_LOG" }, { "name": "Log", "description": "This is deprecated and has no effect. Do not use.", "value": "LOG" }, { "name": "NoAction", "description": "This is deprecated and has no effect. Do not use.", "value": "NO_ACTION" } ] }, "google-native:compute/alpha:RuleResponse": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "action": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "conditions": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:ConditionResponse" }, "description": "This is deprecated and has no effect. Do not use." }, "description": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "ins": { "type": "array", "items": { "type": "string" }, "description": "This is deprecated and has no effect. Do not use." }, "logConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:LogConfigResponse" }, "description": "This is deprecated and has no effect. Do not use." }, "notIns": { "type": "array", "items": { "type": "string" }, "description": "This is deprecated and has no effect. Do not use." }, "permissions": { "type": "array", "items": { "type": "string" }, "description": "This is deprecated and has no effect. Do not use." } }, "type": "object", "required": [ "action", "conditions", "description", "ins", "logConfigs", "notIns", "permissions" ] }, "google-native:compute/alpha:SSLHealthCheck": { "properties": { "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. The default value is 443. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "$ref": "#/types/google-native:compute%2Falpha:SSLHealthCheckPortSpecification", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." }, "proxyHeader": { "$ref": "#/types/google-native:compute%2Falpha:SSLHealthCheckProxyHeader", "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE." }, "request": { "type": "string", "description": "Instructs the health check prober to send this exact ASCII string, up to 1024 bytes in length, after establishing the TCP connection and SSL handshake." }, "response": { "type": "string", "description": "Creates a content-based SSL health check. In addition to establishing a TCP connection and the TLS handshake, you can configure the health check to pass only when the backend sends this exact response ASCII string, up to 1024 bytes in length. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#criteria-protocol-ssl-tcp" } }, "type": "object" }, "google-native:compute/alpha:SSLHealthCheckPortSpecification": { "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports.", "type": "string", "enum": [ { "name": "UseFixedPort", "description": "The port number in the health check's port is used for health checking. Applies to network endpoint group and instance group backends.", "value": "USE_FIXED_PORT" }, { "name": "UseNamedPort", "description": "Not supported.", "value": "USE_NAMED_PORT" }, { "name": "UseServingPort", "description": "For network endpoint group backends, the health check uses the port number specified on each endpoint in the network endpoint group. For instance group backends, the health check uses the port number specified for the backend service's named port defined in the instance group's named ports.", "value": "USE_SERVING_PORT" } ] }, "google-native:compute/alpha:SSLHealthCheckProxyHeader": { "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.", "type": "string", "enum": [ { "name": "None", "value": "NONE" }, { "name": "ProxyV1", "value": "PROXY_V1" } ] }, "google-native:compute/alpha:SSLHealthCheckResponse": { "properties": { "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. The default value is 443. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "type": "string", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." }, "proxyHeader": { "type": "string", "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE." }, "request": { "type": "string", "description": "Instructs the health check prober to send this exact ASCII string, up to 1024 bytes in length, after establishing the TCP connection and SSL handshake." }, "response": { "type": "string", "description": "Creates a content-based SSL health check. In addition to establishing a TCP connection and the TLS handshake, you can configure the health check to pass only when the backend sends this exact response ASCII string, up to 1024 bytes in length. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#criteria-protocol-ssl-tcp" } }, "type": "object", "required": [ "port", "portName", "portSpecification", "proxyHeader", "request", "response" ] }, "google-native:compute/alpha:SavedAttachedDiskResponse": { "description": "DEPRECATED: Please use compute#savedDisk instead. An instance-attached disk resource.", "properties": { "autoDelete": { "type": "boolean", "description": "Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance)." }, "boot": { "type": "boolean", "description": "Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem." }, "deviceName": { "type": "string", "description": "Specifies the name of the disk attached to the source instance." }, "diskEncryptionKey": { "$ref": "#/types/google-native:compute%2Falpha:CustomerEncryptionKeyResponse", "description": "The encryption key for the disk." }, "diskSizeGb": { "type": "string", "description": "The size of the disk in base-2 GB." }, "diskType": { "type": "string", "description": "URL of the disk type resource. For example: projects/project /zones/zone/diskTypes/pd-standard or pd-ssd" }, "guestOsFeatures": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:GuestOsFeatureResponse" }, "description": "A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options." }, "index": { "type": "integer", "description": "Specifies zero-based index of the disk that is attached to the source instance." }, "interface": { "type": "string", "description": "Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME." }, "kind": { "type": "string", "description": "Type of the resource. Always compute#attachedDisk for attached disks." }, "licenses": { "type": "array", "items": { "type": "string" }, "description": "Any valid publicly visible licenses." }, "mode": { "type": "string", "description": "The mode in which this disk is attached to the source instance, either READ_WRITE or READ_ONLY." }, "source": { "type": "string", "description": "Specifies a URL of the disk attached to the source instance." }, "storageBytes": { "type": "string", "description": "A size of the storage used by the disk's snapshot by this machine image." }, "storageBytesStatus": { "type": "string", "description": "An indicator whether storageBytes is in a stable state or it is being adjusted as a result of shared storage reallocation. This status can either be UPDATING, meaning the size of the snapshot is being updated, or UP_TO_DATE, meaning the size of the snapshot is up-to-date." }, "type": { "type": "string", "description": "Specifies the type of the attached disk, either SCRATCH or PERSISTENT." } }, "type": "object", "required": [ "autoDelete", "boot", "deviceName", "diskEncryptionKey", "diskSizeGb", "diskType", "guestOsFeatures", "index", "interface", "kind", "licenses", "mode", "source", "storageBytes", "storageBytesStatus", "type" ] }, "google-native:compute/alpha:SavedDisk": { "description": "An instance-attached disk resource.", "properties": { "sourceDisk": { "type": "string", "description": "Specifies a URL of the disk attached to the source instance." } }, "type": "object" }, "google-native:compute/alpha:SavedDiskResponse": { "description": "An instance-attached disk resource.", "properties": { "architecture": { "type": "string", "description": "The architecture of the attached disk." }, "kind": { "type": "string", "description": "Type of the resource. Always compute#savedDisk for attached disks." }, "sourceDisk": { "type": "string", "description": "Specifies a URL of the disk attached to the source instance." }, "storageBytes": { "type": "string", "description": "Size of the individual disk snapshot used by this machine image." }, "storageBytesStatus": { "type": "string", "description": "An indicator whether storageBytes is in a stable state or it is being adjusted as a result of shared storage reallocation. This status can either be UPDATING, meaning the size of the snapshot is being updated, or UP_TO_DATE, meaning the size of the snapshot is up-to-date." } }, "type": "object", "required": [ "architecture", "kind", "sourceDisk", "storageBytes", "storageBytesStatus" ] }, "google-native:compute/alpha:Scheduling": { "description": "Sets the scheduling options for an Instance.", "properties": { "automaticRestart": { "type": "boolean", "description": "Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine." }, "availabilityDomain": { "type": "integer", "description": "Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details." }, "currentCpus": { "type": "integer", "description": "Current number of vCPUs available for VM. 0 or unset means default vCPUs of the current machine type." }, "currentMemoryMb": { "type": "string", "description": "Current amount of memory (in MB) available for VM. 0 or unset means default amount of memory of the current machine type." }, "gracefulShutdown": { "$ref": "#/types/google-native:compute%2Falpha:SchedulingGracefulShutdown" }, "hostErrorTimeoutSeconds": { "type": "integer", "description": "Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used." }, "instanceTerminationAction": { "$ref": "#/types/google-native:compute%2Falpha:SchedulingInstanceTerminationAction", "description": "Specifies the termination action for the instance." }, "latencyTolerant": { "type": "boolean", "description": "Defines whether the instance is tolerant of higher cpu latency. This can only be set during instance creation, or when the instance is not currently running. It must not be set if the preemptible option is also set." }, "localSsdRecoveryTimeout": { "$ref": "#/types/google-native:compute%2Falpha:Duration", "description": "Specifies the maximum amount of time a Local Ssd Vm should wait while recovery of the Local Ssd state is attempted. Its value should be in between 0 and 168 hours with hour granularity and the default value being 1 hour." }, "locationHint": { "type": "string", "description": "An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API." }, "maintenanceFreezeDurationHours": { "type": "integer", "description": "Specifies the number of hours after VM instance creation where the VM won't be scheduled for maintenance." }, "maintenanceInterval": { "$ref": "#/types/google-native:compute%2Falpha:SchedulingMaintenanceInterval", "description": "Specifies the frequency of planned maintenance events. The accepted values are: `PERIODIC`." }, "maxRunDuration": { "$ref": "#/types/google-native:compute%2Falpha:Duration", "description": "Specifies the max run duration for the given instance. If specified, the instance termination action will be performed at the end of the run duration." }, "minNodeCpus": { "type": "integer", "description": "The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node." }, "nodeAffinities": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:SchedulingNodeAffinity" }, "description": "A set of node affinity and anti-affinity configurations. Refer to Configuring node affinity for more information. Overrides reservationAffinity." }, "onHostMaintenance": { "$ref": "#/types/google-native:compute%2Falpha:SchedulingOnHostMaintenance", "description": "Defines the maintenance behavior for this instance. For standard instances, the default behavior is MIGRATE. For preemptible instances, the default and only possible behavior is TERMINATE. For more information, see Set VM host maintenance policy." }, "preemptible": { "type": "boolean", "description": "Defines whether the instance is preemptible. This can only be set during instance creation or while the instance is stopped and therefore, in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states." }, "provisioningModel": { "$ref": "#/types/google-native:compute%2Falpha:SchedulingProvisioningModel", "description": "Specifies the provisioning model of the instance." }, "terminationTime": { "type": "string", "description": "Specifies the timestamp, when the instance will be terminated, in RFC3339 text format. If specified, the instance termination action will be performed at the termination time." } }, "type": "object" }, "google-native:compute/alpha:SchedulingGracefulShutdown": { "description": "Configuration for gracefully shutting down the instance.", "properties": { "enabled": { "type": "boolean", "description": "Opts-in for graceful shutdown." }, "maxDuration": { "$ref": "#/types/google-native:compute%2Falpha:Duration", "description": "Specifies time needed to gracefully shut down the instance. After that time, the instance goes to STOPPING even if graceful shutdown is not completed." } }, "type": "object" }, "google-native:compute/alpha:SchedulingGracefulShutdownResponse": { "description": "Configuration for gracefully shutting down the instance.", "properties": { "enabled": { "type": "boolean", "description": "Opts-in for graceful shutdown." }, "maxDuration": { "$ref": "#/types/google-native:compute%2Falpha:DurationResponse", "description": "Specifies time needed to gracefully shut down the instance. After that time, the instance goes to STOPPING even if graceful shutdown is not completed." } }, "type": "object", "required": [ "enabled", "maxDuration" ] }, "google-native:compute/alpha:SchedulingInstanceTerminationAction": { "description": "Specifies the termination action for the instance.", "type": "string", "enum": [ { "name": "Delete", "description": "Delete the VM.", "value": "DELETE" }, { "name": "InstanceTerminationActionUnspecified", "description": "Default value. This value is unused.", "value": "INSTANCE_TERMINATION_ACTION_UNSPECIFIED" }, { "name": "Stop", "description": "Stop the VM without storing in-memory content. default action.", "value": "STOP" } ] }, "google-native:compute/alpha:SchedulingMaintenanceInterval": { "description": "Specifies the frequency of planned maintenance events. The accepted values are: `PERIODIC`.", "type": "string", "enum": [ { "name": "AsNeeded", "description": "VMs are eligible to receive infrastructure and hypervisor updates as they become available. This may result in more maintenance operations (live migrations or terminations) for the VM than the PERIODIC and RECURRENT options.", "value": "AS_NEEDED" }, { "name": "Periodic", "description": "VMs receive infrastructure and hypervisor updates on a periodic basis, minimizing the number of maintenance operations (live migrations or terminations) on an individual VM. This may mean a VM will take longer to receive an update than if it was configured for AS_NEEDED. Security updates will still be applied as soon as they are available.", "value": "PERIODIC" }, { "name": "Recurrent", "description": "VMs receive infrastructure and hypervisor updates on a periodic basis, minimizing the number of maintenance operations (live migrations or terminations) on an individual VM. This may mean a VM will take longer to receive an update than if it was configured for AS_NEEDED. Security updates will still be applied as soon as they are available. RECURRENT is used for GEN3 and Slice of Hardware VMs.", "value": "RECURRENT" } ] }, "google-native:compute/alpha:SchedulingNodeAffinity": { "description": "Node Affinity: the configuration of desired nodes onto which this Instance could be scheduled.", "properties": { "key": { "type": "string", "description": "Corresponds to the label key of Node resource." }, "operator": { "$ref": "#/types/google-native:compute%2Falpha:SchedulingNodeAffinityOperator", "description": "Defines the operation of node selection. Valid operators are IN for affinity and NOT_IN for anti-affinity." }, "values": { "type": "array", "items": { "type": "string" }, "description": "Corresponds to the label values of Node resource." } }, "type": "object" }, "google-native:compute/alpha:SchedulingNodeAffinityOperator": { "description": "Defines the operation of node selection. Valid operators are IN for affinity and NOT_IN for anti-affinity.", "type": "string", "enum": [ { "name": "In", "description": "Requires Compute Engine to seek for matched nodes.", "value": "IN" }, { "name": "NotIn", "description": "Requires Compute Engine to avoid certain nodes.", "value": "NOT_IN" }, { "name": "OperatorUnspecified", "value": "OPERATOR_UNSPECIFIED" } ] }, "google-native:compute/alpha:SchedulingNodeAffinityResponse": { "description": "Node Affinity: the configuration of desired nodes onto which this Instance could be scheduled.", "properties": { "key": { "type": "string", "description": "Corresponds to the label key of Node resource." }, "operator": { "type": "string", "description": "Defines the operation of node selection. Valid operators are IN for affinity and NOT_IN for anti-affinity." }, "values": { "type": "array", "items": { "type": "string" }, "description": "Corresponds to the label values of Node resource." } }, "type": "object", "required": [ "key", "operator", "values" ] }, "google-native:compute/alpha:SchedulingOnHostMaintenance": { "description": "Defines the maintenance behavior for this instance. For standard instances, the default behavior is MIGRATE. For preemptible instances, the default and only possible behavior is TERMINATE. For more information, see Set VM host maintenance policy.", "type": "string", "enum": [ { "name": "Migrate", "description": "*[Default]* Allows Compute Engine to automatically migrate instances out of the way of maintenance events.", "value": "MIGRATE" }, { "name": "Terminate", "description": "Tells Compute Engine to terminate and (optionally) restart the instance away from the maintenance activity. If you would like your instance to be restarted, set the automaticRestart flag to true. Your instance may be restarted more than once, and it may be restarted outside the window of maintenance events.", "value": "TERMINATE" } ] }, "google-native:compute/alpha:SchedulingProvisioningModel": { "description": "Specifies the provisioning model of the instance.", "type": "string", "enum": [ { "name": "Spot", "description": "Heavily discounted, no guaranteed runtime.", "value": "SPOT" }, { "name": "Standard", "description": "Standard provisioning with user controlled runtime, no discounts.", "value": "STANDARD" } ] }, "google-native:compute/alpha:SchedulingResponse": { "description": "Sets the scheduling options for an Instance.", "properties": { "automaticRestart": { "type": "boolean", "description": "Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine." }, "availabilityDomain": { "type": "integer", "description": "Specifies the availability domain (AD), which this instance should be scheduled on. The AD belongs to the spread GroupPlacementPolicy resource policy that has been assigned to the instance. Specify a value between 1-max count of availability domains in your GroupPlacementPolicy. See go/placement-policy-extension for more details." }, "currentCpus": { "type": "integer", "description": "Current number of vCPUs available for VM. 0 or unset means default vCPUs of the current machine type." }, "currentMemoryMb": { "type": "string", "description": "Current amount of memory (in MB) available for VM. 0 or unset means default amount of memory of the current machine type." }, "gracefulShutdown": { "$ref": "#/types/google-native:compute%2Falpha:SchedulingGracefulShutdownResponse" }, "hostErrorTimeoutSeconds": { "type": "integer", "description": "Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used." }, "instanceTerminationAction": { "type": "string", "description": "Specifies the termination action for the instance." }, "latencyTolerant": { "type": "boolean", "description": "Defines whether the instance is tolerant of higher cpu latency. This can only be set during instance creation, or when the instance is not currently running. It must not be set if the preemptible option is also set." }, "localSsdRecoveryTimeout": { "$ref": "#/types/google-native:compute%2Falpha:DurationResponse", "description": "Specifies the maximum amount of time a Local Ssd Vm should wait while recovery of the Local Ssd state is attempted. Its value should be in between 0 and 168 hours with hour granularity and the default value being 1 hour." }, "locationHint": { "type": "string", "description": "An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API." }, "maintenanceFreezeDurationHours": { "type": "integer", "description": "Specifies the number of hours after VM instance creation where the VM won't be scheduled for maintenance." }, "maintenanceInterval": { "type": "string", "description": "Specifies the frequency of planned maintenance events. The accepted values are: `PERIODIC`." }, "maxRunDuration": { "$ref": "#/types/google-native:compute%2Falpha:DurationResponse", "description": "Specifies the max run duration for the given instance. If specified, the instance termination action will be performed at the end of the run duration." }, "minNodeCpus": { "type": "integer", "description": "The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node." }, "nodeAffinities": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:SchedulingNodeAffinityResponse" }, "description": "A set of node affinity and anti-affinity configurations. Refer to Configuring node affinity for more information. Overrides reservationAffinity." }, "onHostMaintenance": { "type": "string", "description": "Defines the maintenance behavior for this instance. For standard instances, the default behavior is MIGRATE. For preemptible instances, the default and only possible behavior is TERMINATE. For more information, see Set VM host maintenance policy." }, "preemptible": { "type": "boolean", "description": "Defines whether the instance is preemptible. This can only be set during instance creation or while the instance is stopped and therefore, in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states." }, "provisioningModel": { "type": "string", "description": "Specifies the provisioning model of the instance." }, "terminationTime": { "type": "string", "description": "Specifies the timestamp, when the instance will be terminated, in RFC3339 text format. If specified, the instance termination action will be performed at the termination time." } }, "type": "object", "required": [ "automaticRestart", "availabilityDomain", "currentCpus", "currentMemoryMb", "gracefulShutdown", "hostErrorTimeoutSeconds", "instanceTerminationAction", "latencyTolerant", "localSsdRecoveryTimeout", "locationHint", "maintenanceFreezeDurationHours", "maintenanceInterval", "maxRunDuration", "minNodeCpus", "nodeAffinities", "onHostMaintenance", "preemptible", "provisioningModel", "terminationTime" ] }, "google-native:compute/alpha:SdsConfig": { "description": "[Deprecated] The configuration to access the SDS server. The configuration to access the SDS server.", "properties": { "grpcServiceConfig": { "$ref": "#/types/google-native:compute%2Falpha:GrpcServiceConfig", "description": "The configuration to access the SDS server over GRPC." } }, "type": "object" }, "google-native:compute/alpha:SdsConfigResponse": { "description": "[Deprecated] The configuration to access the SDS server. The configuration to access the SDS server.", "properties": { "grpcServiceConfig": { "$ref": "#/types/google-native:compute%2Falpha:GrpcServiceConfigResponse", "description": "The configuration to access the SDS server over GRPC." } }, "type": "object", "required": [ "grpcServiceConfig" ] }, "google-native:compute/alpha:SecurityPolicyAdaptiveProtectionConfig": { "description": "Configuration options for Cloud Armor Adaptive Protection (CAAP).", "properties": { "autoDeployConfig": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyAdaptiveProtectionConfigAutoDeployConfig" }, "layer7DdosDefenseConfig": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig", "description": "If set to true, enables Cloud Armor Machine Learning." } }, "type": "object" }, "google-native:compute/alpha:SecurityPolicyAdaptiveProtectionConfigAutoDeployConfig": { "description": "Configuration options for Adaptive Protection auto-deploy feature.", "properties": { "confidenceThreshold": { "type": "number" }, "expirationSec": { "type": "integer" }, "impactedBaselineThreshold": { "type": "number" }, "loadThreshold": { "type": "number" } }, "type": "object" }, "google-native:compute/alpha:SecurityPolicyAdaptiveProtectionConfigAutoDeployConfigResponse": { "description": "Configuration options for Adaptive Protection auto-deploy feature.", "properties": { "confidenceThreshold": { "type": "number" }, "expirationSec": { "type": "integer" }, "impactedBaselineThreshold": { "type": "number" }, "loadThreshold": { "type": "number" } }, "type": "object", "required": [ "confidenceThreshold", "expirationSec", "impactedBaselineThreshold", "loadThreshold" ] }, "google-native:compute/alpha:SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig": { "description": "Configuration options for L7 DDoS detection. This field is only supported in Global Security Policies of type CLOUD_ARMOR.", "properties": { "enable": { "type": "boolean", "description": "If set to true, enables CAAP for L7 DDoS detection. This field is only supported in Global Security Policies of type CLOUD_ARMOR." }, "ruleVisibility": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigRuleVisibility", "description": "Rule visibility can be one of the following: STANDARD - opaque rules. (default) PREMIUM - transparent rules. This field is only supported in Global Security Policies of type CLOUD_ARMOR." }, "thresholdConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig" }, "description": "Configuration options for layer7 adaptive protection for various customizable thresholds." } }, "type": "object" }, "google-native:compute/alpha:SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigResponse": { "description": "Configuration options for L7 DDoS detection. This field is only supported in Global Security Policies of type CLOUD_ARMOR.", "properties": { "enable": { "type": "boolean", "description": "If set to true, enables CAAP for L7 DDoS detection. This field is only supported in Global Security Policies of type CLOUD_ARMOR." }, "ruleVisibility": { "type": "string", "description": "Rule visibility can be one of the following: STANDARD - opaque rules. (default) PREMIUM - transparent rules. This field is only supported in Global Security Policies of type CLOUD_ARMOR." }, "thresholdConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigResponse" }, "description": "Configuration options for layer7 adaptive protection for various customizable thresholds." } }, "type": "object", "required": [ "enable", "ruleVisibility", "thresholdConfigs" ] }, "google-native:compute/alpha:SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigRuleVisibility": { "description": "Rule visibility can be one of the following: STANDARD - opaque rules. (default) PREMIUM - transparent rules. This field is only supported in Global Security Policies of type CLOUD_ARMOR.", "type": "string", "enum": [ { "name": "Premium", "value": "PREMIUM" }, { "name": "Standard", "value": "STANDARD" } ] }, "google-native:compute/alpha:SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig": { "properties": { "autoDeployConfidenceThreshold": { "type": "number" }, "autoDeployExpirationSec": { "type": "integer" }, "autoDeployImpactedBaselineThreshold": { "type": "number" }, "autoDeployLoadThreshold": { "type": "number" }, "name": { "type": "string", "description": "The name must be 1-63 characters long, and comply with RFC1035. The name must be unique within the security policy." } }, "type": "object" }, "google-native:compute/alpha:SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigResponse": { "properties": { "autoDeployConfidenceThreshold": { "type": "number" }, "autoDeployExpirationSec": { "type": "integer" }, "autoDeployImpactedBaselineThreshold": { "type": "number" }, "autoDeployLoadThreshold": { "type": "number" }, "name": { "type": "string", "description": "The name must be 1-63 characters long, and comply with RFC1035. The name must be unique within the security policy." } }, "type": "object", "required": [ "autoDeployConfidenceThreshold", "autoDeployExpirationSec", "autoDeployImpactedBaselineThreshold", "autoDeployLoadThreshold", "name" ] }, "google-native:compute/alpha:SecurityPolicyAdaptiveProtectionConfigResponse": { "description": "Configuration options for Cloud Armor Adaptive Protection (CAAP).", "properties": { "autoDeployConfig": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyAdaptiveProtectionConfigAutoDeployConfigResponse" }, "layer7DdosDefenseConfig": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigResponse", "description": "If set to true, enables Cloud Armor Machine Learning." } }, "type": "object", "required": [ "autoDeployConfig", "layer7DdosDefenseConfig" ] }, "google-native:compute/alpha:SecurityPolicyAdvancedOptionsConfig": { "properties": { "jsonCustomConfig": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyAdvancedOptionsConfigJsonCustomConfig", "description": "Custom configuration to apply the JSON parsing. Only applicable when json_parsing is set to STANDARD." }, "jsonParsing": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyAdvancedOptionsConfigJsonParsing" }, "logLevel": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyAdvancedOptionsConfigLogLevel" }, "userIpRequestHeaders": { "type": "array", "items": { "type": "string" }, "description": "An optional list of case-insensitive request header names to use for resolving the callers client IP address." } }, "type": "object" }, "google-native:compute/alpha:SecurityPolicyAdvancedOptionsConfigJsonCustomConfig": { "properties": { "contentTypes": { "type": "array", "items": { "type": "string" }, "description": "A list of custom Content-Type header values to apply the JSON parsing. As per RFC 1341, a Content-Type header value has the following format: Content-Type := type \"/\" subtype *[\";\" parameter] When configuring a custom Content-Type header value, only the type/subtype needs to be specified, and the parameters should be excluded." } }, "type": "object" }, "google-native:compute/alpha:SecurityPolicyAdvancedOptionsConfigJsonCustomConfigResponse": { "properties": { "contentTypes": { "type": "array", "items": { "type": "string" }, "description": "A list of custom Content-Type header values to apply the JSON parsing. As per RFC 1341, a Content-Type header value has the following format: Content-Type := type \"/\" subtype *[\";\" parameter] When configuring a custom Content-Type header value, only the type/subtype needs to be specified, and the parameters should be excluded." } }, "type": "object", "required": [ "contentTypes" ] }, "google-native:compute/alpha:SecurityPolicyAdvancedOptionsConfigJsonParsing": { "type": "string", "enum": [ { "name": "Disabled", "value": "DISABLED" }, { "name": "Standard", "value": "STANDARD" }, { "name": "StandardWithGraphql", "value": "STANDARD_WITH_GRAPHQL" } ] }, "google-native:compute/alpha:SecurityPolicyAdvancedOptionsConfigLogLevel": { "type": "string", "enum": [ { "name": "Normal", "value": "NORMAL" }, { "name": "Verbose", "value": "VERBOSE" } ] }, "google-native:compute/alpha:SecurityPolicyAdvancedOptionsConfigResponse": { "properties": { "jsonCustomConfig": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyAdvancedOptionsConfigJsonCustomConfigResponse", "description": "Custom configuration to apply the JSON parsing. Only applicable when json_parsing is set to STANDARD." }, "jsonParsing": { "type": "string" }, "logLevel": { "type": "string" }, "userIpRequestHeaders": { "type": "array", "items": { "type": "string" }, "description": "An optional list of case-insensitive request header names to use for resolving the callers client IP address." } }, "type": "object", "required": [ "jsonCustomConfig", "jsonParsing", "logLevel", "userIpRequestHeaders" ] }, "google-native:compute/alpha:SecurityPolicyAssociation": { "properties": { "attachmentId": { "type": "string", "description": "The resource that the security policy is attached to." }, "name": { "type": "string", "description": "The name for an association." } }, "type": "object" }, "google-native:compute/alpha:SecurityPolicyAssociationResponse": { "properties": { "attachmentId": { "type": "string", "description": "The resource that the security policy is attached to." }, "displayName": { "type": "string", "description": "The display name of the security policy of the association." }, "name": { "type": "string", "description": "The name for an association." }, "securityPolicyId": { "type": "string", "description": "The security policy ID of the association." } }, "type": "object", "required": [ "attachmentId", "displayName", "name", "securityPolicyId" ] }, "google-native:compute/alpha:SecurityPolicyCloudArmorConfig": { "description": "Configuration options for Cloud Armor.", "properties": { "enableMl": { "type": "boolean", "description": "If set to true, enables Cloud Armor Machine Learning." } }, "type": "object" }, "google-native:compute/alpha:SecurityPolicyCloudArmorConfigResponse": { "description": "Configuration options for Cloud Armor.", "properties": { "enableMl": { "type": "boolean", "description": "If set to true, enables Cloud Armor Machine Learning." } }, "type": "object", "required": [ "enableMl" ] }, "google-native:compute/alpha:SecurityPolicyDdosProtectionConfig": { "properties": { "ddosProtection": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyDdosProtectionConfigDdosProtection" } }, "type": "object" }, "google-native:compute/alpha:SecurityPolicyDdosProtectionConfigDdosProtection": { "type": "string", "enum": [ { "name": "Advanced", "value": "ADVANCED" }, { "name": "AdvancedPreview", "value": "ADVANCED_PREVIEW" }, { "name": "Standard", "value": "STANDARD" } ] }, "google-native:compute/alpha:SecurityPolicyDdosProtectionConfigResponse": { "properties": { "ddosProtection": { "type": "string" } }, "type": "object", "required": [ "ddosProtection" ] }, "google-native:compute/alpha:SecurityPolicyRecaptchaOptionsConfig": { "properties": { "redirectSiteKey": { "type": "string", "description": "An optional field to supply a reCAPTCHA site key to be used for all the rules using the redirect action with the type of GOOGLE_RECAPTCHA under the security policy. The specified site key needs to be created from the reCAPTCHA API. The user is responsible for the validity of the specified site key. If not specified, a Google-managed site key is used. This field is only supported in Global Security Policies of type CLOUD_ARMOR." } }, "type": "object" }, "google-native:compute/alpha:SecurityPolicyRecaptchaOptionsConfigResponse": { "properties": { "redirectSiteKey": { "type": "string", "description": "An optional field to supply a reCAPTCHA site key to be used for all the rules using the redirect action with the type of GOOGLE_RECAPTCHA under the security policy. The specified site key needs to be created from the reCAPTCHA API. The user is responsible for the validity of the specified site key. If not specified, a Google-managed site key is used. This field is only supported in Global Security Policies of type CLOUD_ARMOR." } }, "type": "object", "required": [ "redirectSiteKey" ] }, "google-native:compute/alpha:SecurityPolicyRule": { "description": "Represents a rule that describes one or more match conditions along with the action to be taken when traffic matches this condition (allow or deny).", "properties": { "action": { "type": "string", "description": "The Action to perform when the rule is matched. The following are the valid actions: - allow: allow access to target. - deny(STATUS): deny access to target, returns the HTTP response code specified. Valid values for `STATUS` are 403, 404, and 502. - rate_based_ban: limit client traffic to the configured threshold and ban the client if the traffic exceeds the threshold. Configure parameters for this action in RateLimitOptions. Requires rate_limit_options to be set. - redirect: redirect to a different target. This can either be an internal reCAPTCHA redirect, or an external URL-based redirect via a 302 response. Parameters for this action can be configured via redirectOptions. This action is only supported in Global Security Policies of type CLOUD_ARMOR. - throttle: limit client traffic to the configured threshold. Configure parameters for this action in rateLimitOptions. Requires rate_limit_options to be set for this. " }, "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "direction": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleDirection", "description": "The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL." }, "enableLogging": { "type": "boolean", "description": "Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on \"goto_next\" rules. This field may only be specified when the versioned_expr is set to FIREWALL." }, "headerAction": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleHttpHeaderAction", "description": "Optional, additional actions that are performed on headers. This field is only supported in Global Security Policies of type CLOUD_ARMOR." }, "match": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleMatcher", "description": "A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced." }, "networkMatch": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleNetworkMatcher", "description": "A match condition that incoming packets are evaluated against for CLOUD_ARMOR_NETWORK security policies. If it matches, the corresponding 'action' is enforced. The match criteria for a rule consists of built-in match fields (like 'srcIpRanges') and potentially multiple user-defined match fields ('userDefinedFields'). Field values may be extracted directly from the packet or derived from it (e.g. 'srcRegionCodes'). Some fields may not be present in every packet (e.g. 'srcPorts'). A user-defined field is only present if the base header is found in the packet and the entire field is in bounds. Each match field may specify which values can match it, listing one or more ranges, prefixes, or exact values that are considered a match for the field. A field value must be present in order to match a specified match field. If no match values are specified for a match field, then any field value is considered to match it, and it's not required to be present. For strings specifying '*' is also equivalent to match all. For a packet to match a rule, all specified match fields must match the corresponding field values derived from the packet. Example: networkMatch: srcIpRanges: - \"192.0.2.0/24\" - \"198.51.100.0/24\" userDefinedFields: - name: \"ipv4_fragment_offset\" values: - \"1-0x1fff\" The above match condition matches packets with a source IP in 192.0.2.0/24 or 198.51.100.0/24 and a user-defined field named \"ipv4_fragment_offset\" with a value between 1 and 0x1fff inclusive." }, "preconfiguredWafConfig": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRulePreconfiguredWafConfig", "description": "Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect." }, "preview": { "type": "boolean", "description": "If set to true, the specified action is not enforced." }, "priority": { "type": "integer", "description": "An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority." }, "rateLimitOptions": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleRateLimitOptions", "description": "Must be specified if the action is \"rate_based_ban\" or \"throttle\". Cannot be specified for any other actions." }, "redirectOptions": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleRedirectOptions", "description": "Parameters defining the redirect action. Cannot be specified for any other actions. This field is only supported in Global Security Policies of type CLOUD_ARMOR." }, "redirectTarget": { "type": "string", "description": "This must be specified for redirect actions. Cannot be specified for any other actions." }, "ruleNumber": { "type": "string", "description": "Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server." }, "targetResources": { "type": "array", "items": { "type": "string" }, "description": "A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL." }, "targetServiceAccounts": { "type": "array", "items": { "type": "string" }, "description": "A list of service accounts indicating the sets of instances that are applied with this rule." } }, "type": "object" }, "google-native:compute/alpha:SecurityPolicyRuleDirection": { "description": "The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.", "type": "string", "enum": [ { "name": "Egress", "value": "EGRESS" }, { "name": "Ingress", "value": "INGRESS" } ] }, "google-native:compute/alpha:SecurityPolicyRuleHttpHeaderAction": { "properties": { "requestHeadersToAdds": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleHttpHeaderActionHttpHeaderOption" }, "description": "The list of request headers to add or overwrite if they're already present." } }, "type": "object" }, "google-native:compute/alpha:SecurityPolicyRuleHttpHeaderActionHttpHeaderOption": { "properties": { "headerName": { "type": "string", "description": "The name of the header to set." }, "headerValue": { "type": "string", "description": "The value to set the named header to." } }, "type": "object" }, "google-native:compute/alpha:SecurityPolicyRuleHttpHeaderActionHttpHeaderOptionResponse": { "properties": { "headerName": { "type": "string", "description": "The name of the header to set." }, "headerValue": { "type": "string", "description": "The value to set the named header to." } }, "type": "object", "required": [ "headerName", "headerValue" ] }, "google-native:compute/alpha:SecurityPolicyRuleHttpHeaderActionResponse": { "properties": { "requestHeadersToAdds": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleHttpHeaderActionHttpHeaderOptionResponse" }, "description": "The list of request headers to add or overwrite if they're already present." } }, "type": "object", "required": [ "requestHeadersToAdds" ] }, "google-native:compute/alpha:SecurityPolicyRuleMatcher": { "description": "Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified.", "properties": { "config": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleMatcherConfig", "description": "The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified." }, "expr": { "$ref": "#/types/google-native:compute%2Falpha:Expr", "description": "User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header. Expressions containing `evaluateThreatIntelligence` require Cloud Armor Managed Protection Plus tier and are not supported in Edge Policies nor in Regional Policies. Expressions containing `evaluatePreconfiguredExpr('sourceiplist-*')` require Cloud Armor Managed Protection Plus tier and are only supported in Global Security Policies." }, "exprOptions": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleMatcherExprOptions", "description": "The configuration options available when specifying a user defined CEVAL expression (i.e., 'expr')." }, "versionedExpr": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleMatcherVersionedExpr", "description": "Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config." } }, "type": "object" }, "google-native:compute/alpha:SecurityPolicyRuleMatcherConfig": { "properties": { "destIpRanges": { "type": "array", "items": { "type": "string" }, "description": "CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL." }, "destPorts": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleMatcherConfigDestinationPort" }, "description": "Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL." }, "layer4Configs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleMatcherConfigLayer4Config" }, "description": "Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL." }, "srcIpRanges": { "type": "array", "items": { "type": "string" }, "description": "CIDR IP address range. Maximum number of src_ip_ranges allowed is 10." } }, "type": "object" }, "google-native:compute/alpha:SecurityPolicyRuleMatcherConfigDestinationPort": { "properties": { "ipProtocol": { "type": "string", "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number." }, "ports": { "type": "array", "items": { "type": "string" }, "description": "An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"]. This field may only be specified when versioned_expr is set to FIREWALL." } }, "type": "object" }, "google-native:compute/alpha:SecurityPolicyRuleMatcherConfigDestinationPortResponse": { "properties": { "ipProtocol": { "type": "string", "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number." }, "ports": { "type": "array", "items": { "type": "string" }, "description": "An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"]. This field may only be specified when versioned_expr is set to FIREWALL." } }, "type": "object", "required": [ "ipProtocol", "ports" ] }, "google-native:compute/alpha:SecurityPolicyRuleMatcherConfigLayer4Config": { "properties": { "ipProtocol": { "type": "string", "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number." }, "ports": { "type": "array", "items": { "type": "string" }, "description": "An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"]. This field may only be specified when versioned_expr is set to FIREWALL." } }, "type": "object" }, "google-native:compute/alpha:SecurityPolicyRuleMatcherConfigLayer4ConfigResponse": { "properties": { "ipProtocol": { "type": "string", "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number." }, "ports": { "type": "array", "items": { "type": "string" }, "description": "An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"]. This field may only be specified when versioned_expr is set to FIREWALL." } }, "type": "object", "required": [ "ipProtocol", "ports" ] }, "google-native:compute/alpha:SecurityPolicyRuleMatcherConfigResponse": { "properties": { "destIpRanges": { "type": "array", "items": { "type": "string" }, "description": "CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL." }, "destPorts": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleMatcherConfigDestinationPortResponse" }, "description": "Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL." }, "layer4Configs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleMatcherConfigLayer4ConfigResponse" }, "description": "Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL." }, "srcIpRanges": { "type": "array", "items": { "type": "string" }, "description": "CIDR IP address range. Maximum number of src_ip_ranges allowed is 10." } }, "type": "object", "required": [ "destIpRanges", "destPorts", "layer4Configs", "srcIpRanges" ] }, "google-native:compute/alpha:SecurityPolicyRuleMatcherExprOptions": { "properties": { "recaptchaOptions": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleMatcherExprOptionsRecaptchaOptions", "description": "reCAPTCHA configuration options to be applied for the rule. If the rule does not evaluate reCAPTCHA tokens, this field will have no effect." } }, "type": "object" }, "google-native:compute/alpha:SecurityPolicyRuleMatcherExprOptionsRecaptchaOptions": { "properties": { "actionTokenSiteKeys": { "type": "array", "items": { "type": "string" }, "description": "A list of site keys to be used during the validation of reCAPTCHA action-tokens. The provided site keys need to be created from reCAPTCHA API under the same project where the security policy is created." }, "sessionTokenSiteKeys": { "type": "array", "items": { "type": "string" }, "description": "A list of site keys to be used during the validation of reCAPTCHA session-tokens. The provided site keys need to be created from reCAPTCHA API under the same project where the security policy is created." } }, "type": "object" }, "google-native:compute/alpha:SecurityPolicyRuleMatcherExprOptionsRecaptchaOptionsResponse": { "properties": { "actionTokenSiteKeys": { "type": "array", "items": { "type": "string" }, "description": "A list of site keys to be used during the validation of reCAPTCHA action-tokens. The provided site keys need to be created from reCAPTCHA API under the same project where the security policy is created." }, "sessionTokenSiteKeys": { "type": "array", "items": { "type": "string" }, "description": "A list of site keys to be used during the validation of reCAPTCHA session-tokens. The provided site keys need to be created from reCAPTCHA API under the same project where the security policy is created." } }, "type": "object", "required": [ "actionTokenSiteKeys", "sessionTokenSiteKeys" ] }, "google-native:compute/alpha:SecurityPolicyRuleMatcherExprOptionsResponse": { "properties": { "recaptchaOptions": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleMatcherExprOptionsRecaptchaOptionsResponse", "description": "reCAPTCHA configuration options to be applied for the rule. If the rule does not evaluate reCAPTCHA tokens, this field will have no effect." } }, "type": "object", "required": [ "recaptchaOptions" ] }, "google-native:compute/alpha:SecurityPolicyRuleMatcherResponse": { "description": "Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified.", "properties": { "config": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleMatcherConfigResponse", "description": "The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified." }, "expr": { "$ref": "#/types/google-native:compute%2Falpha:ExprResponse", "description": "User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header. Expressions containing `evaluateThreatIntelligence` require Cloud Armor Managed Protection Plus tier and are not supported in Edge Policies nor in Regional Policies. Expressions containing `evaluatePreconfiguredExpr('sourceiplist-*')` require Cloud Armor Managed Protection Plus tier and are only supported in Global Security Policies." }, "exprOptions": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleMatcherExprOptionsResponse", "description": "The configuration options available when specifying a user defined CEVAL expression (i.e., 'expr')." }, "versionedExpr": { "type": "string", "description": "Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config." } }, "type": "object", "required": [ "config", "expr", "exprOptions", "versionedExpr" ] }, "google-native:compute/alpha:SecurityPolicyRuleMatcherVersionedExpr": { "description": "Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config.", "type": "string", "enum": [ { "name": "Firewall", "value": "FIREWALL" }, { "name": "SrcIpsV1", "description": "Matches the source IP address of a request to the IP ranges supplied in config.", "value": "SRC_IPS_V1" } ] }, "google-native:compute/alpha:SecurityPolicyRuleNetworkMatcher": { "description": "Represents a match condition that incoming network traffic is evaluated against.", "properties": { "destIpRanges": { "type": "array", "items": { "type": "string" }, "description": "Destination IPv4/IPv6 addresses or CIDR prefixes, in standard text format." }, "destPorts": { "type": "array", "items": { "type": "string" }, "description": "Destination port numbers for TCP/UDP/SCTP. Each element can be a 16-bit unsigned decimal number (e.g. \"80\") or range (e.g. \"0-1023\")." }, "ipProtocols": { "type": "array", "items": { "type": "string" }, "description": "IPv4 protocol / IPv6 next header (after extension headers). Each element can be an 8-bit unsigned decimal number (e.g. \"6\"), range (e.g. \"253-254\"), or one of the following protocol names: \"tcp\", \"udp\", \"icmp\", \"esp\", \"ah\", \"ipip\", or \"sctp\"." }, "srcAsns": { "type": "array", "items": { "type": "integer" }, "description": "BGP Autonomous System Number associated with the source IP address." }, "srcIpRanges": { "type": "array", "items": { "type": "string" }, "description": "Source IPv4/IPv6 addresses or CIDR prefixes, in standard text format." }, "srcPorts": { "type": "array", "items": { "type": "string" }, "description": "Source port numbers for TCP/UDP/SCTP. Each element can be a 16-bit unsigned decimal number (e.g. \"80\") or range (e.g. \"0-1023\")." }, "srcRegionCodes": { "type": "array", "items": { "type": "string" }, "description": "Two-letter ISO 3166-1 alpha-2 country code associated with the source IP address." }, "userDefinedFields": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleNetworkMatcherUserDefinedFieldMatch" }, "description": "User-defined fields. Each element names a defined field and lists the matching values for that field." } }, "type": "object" }, "google-native:compute/alpha:SecurityPolicyRuleNetworkMatcherResponse": { "description": "Represents a match condition that incoming network traffic is evaluated against.", "properties": { "destIpRanges": { "type": "array", "items": { "type": "string" }, "description": "Destination IPv4/IPv6 addresses or CIDR prefixes, in standard text format." }, "destPorts": { "type": "array", "items": { "type": "string" }, "description": "Destination port numbers for TCP/UDP/SCTP. Each element can be a 16-bit unsigned decimal number (e.g. \"80\") or range (e.g. \"0-1023\")." }, "ipProtocols": { "type": "array", "items": { "type": "string" }, "description": "IPv4 protocol / IPv6 next header (after extension headers). Each element can be an 8-bit unsigned decimal number (e.g. \"6\"), range (e.g. \"253-254\"), or one of the following protocol names: \"tcp\", \"udp\", \"icmp\", \"esp\", \"ah\", \"ipip\", or \"sctp\"." }, "srcAsns": { "type": "array", "items": { "type": "integer" }, "description": "BGP Autonomous System Number associated with the source IP address." }, "srcIpRanges": { "type": "array", "items": { "type": "string" }, "description": "Source IPv4/IPv6 addresses or CIDR prefixes, in standard text format." }, "srcPorts": { "type": "array", "items": { "type": "string" }, "description": "Source port numbers for TCP/UDP/SCTP. Each element can be a 16-bit unsigned decimal number (e.g. \"80\") or range (e.g. \"0-1023\")." }, "srcRegionCodes": { "type": "array", "items": { "type": "string" }, "description": "Two-letter ISO 3166-1 alpha-2 country code associated with the source IP address." }, "userDefinedFields": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleNetworkMatcherUserDefinedFieldMatchResponse" }, "description": "User-defined fields. Each element names a defined field and lists the matching values for that field." } }, "type": "object", "required": [ "destIpRanges", "destPorts", "ipProtocols", "srcAsns", "srcIpRanges", "srcPorts", "srcRegionCodes", "userDefinedFields" ] }, "google-native:compute/alpha:SecurityPolicyRuleNetworkMatcherUserDefinedFieldMatch": { "properties": { "name": { "type": "string", "description": "Name of the user-defined field, as given in the definition." }, "values": { "type": "array", "items": { "type": "string" }, "description": "Matching values of the field. Each element can be a 32-bit unsigned decimal or hexadecimal (starting with \"0x\") number (e.g. \"64\") or range (e.g. \"0x400-0x7ff\")." } }, "type": "object" }, "google-native:compute/alpha:SecurityPolicyRuleNetworkMatcherUserDefinedFieldMatchResponse": { "properties": { "name": { "type": "string", "description": "Name of the user-defined field, as given in the definition." }, "values": { "type": "array", "items": { "type": "string" }, "description": "Matching values of the field. Each element can be a 32-bit unsigned decimal or hexadecimal (starting with \"0x\") number (e.g. \"64\") or range (e.g. \"0x400-0x7ff\")." } }, "type": "object", "required": [ "name", "values" ] }, "google-native:compute/alpha:SecurityPolicyRulePreconfiguredWafConfig": { "properties": { "exclusions": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRulePreconfiguredWafConfigExclusion" }, "description": "A list of exclusions to apply during preconfigured WAF evaluation." } }, "type": "object" }, "google-native:compute/alpha:SecurityPolicyRulePreconfiguredWafConfigExclusion": { "properties": { "requestCookiesToExclude": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParams" }, "description": "A list of request cookie names whose value will be excluded from inspection during preconfigured WAF evaluation." }, "requestHeadersToExclude": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParams" }, "description": "A list of request header names whose value will be excluded from inspection during preconfigured WAF evaluation." }, "requestQueryParamsToExclude": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParams" }, "description": "A list of request query parameter names whose value will be excluded from inspection during preconfigured WAF evaluation. Note that the parameter can be in the query string or in the POST body." }, "requestUrisToExclude": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParams" }, "description": "A list of request URIs from the request line to be excluded from inspection during preconfigured WAF evaluation. When specifying this field, the query or fragment part should be excluded." }, "targetRuleIds": { "type": "array", "items": { "type": "string" }, "description": "A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. If omitted, it refers to all the rule IDs under the WAF rule set." }, "targetRuleSet": { "type": "string", "description": "Target WAF rule set to apply the preconfigured WAF exclusion." } }, "type": "object" }, "google-native:compute/alpha:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParams": { "properties": { "op": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParamsOp", "description": "The match operator for the field." }, "val": { "type": "string", "description": "The value of the field." } }, "type": "object" }, "google-native:compute/alpha:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParamsOp": { "description": "The match operator for the field.", "type": "string", "enum": [ { "name": "Contains", "description": "The operator matches if the field value contains the specified value.", "value": "CONTAINS" }, { "name": "EndsWith", "description": "The operator matches if the field value ends with the specified value.", "value": "ENDS_WITH" }, { "name": "Equals", "description": "The operator matches if the field value equals the specified value.", "value": "EQUALS" }, { "name": "EqualsAny", "description": "The operator matches if the field value is any value.", "value": "EQUALS_ANY" }, { "name": "StartsWith", "description": "The operator matches if the field value starts with the specified value.", "value": "STARTS_WITH" } ] }, "google-native:compute/alpha:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParamsResponse": { "properties": { "op": { "type": "string", "description": "The match operator for the field." }, "val": { "type": "string", "description": "The value of the field." } }, "type": "object", "required": [ "op", "val" ] }, "google-native:compute/alpha:SecurityPolicyRulePreconfiguredWafConfigExclusionResponse": { "properties": { "requestCookiesToExclude": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParamsResponse" }, "description": "A list of request cookie names whose value will be excluded from inspection during preconfigured WAF evaluation." }, "requestHeadersToExclude": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParamsResponse" }, "description": "A list of request header names whose value will be excluded from inspection during preconfigured WAF evaluation." }, "requestQueryParamsToExclude": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParamsResponse" }, "description": "A list of request query parameter names whose value will be excluded from inspection during preconfigured WAF evaluation. Note that the parameter can be in the query string or in the POST body." }, "requestUrisToExclude": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParamsResponse" }, "description": "A list of request URIs from the request line to be excluded from inspection during preconfigured WAF evaluation. When specifying this field, the query or fragment part should be excluded." }, "targetRuleIds": { "type": "array", "items": { "type": "string" }, "description": "A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. If omitted, it refers to all the rule IDs under the WAF rule set." }, "targetRuleSet": { "type": "string", "description": "Target WAF rule set to apply the preconfigured WAF exclusion." } }, "type": "object", "required": [ "requestCookiesToExclude", "requestHeadersToExclude", "requestQueryParamsToExclude", "requestUrisToExclude", "targetRuleIds", "targetRuleSet" ] }, "google-native:compute/alpha:SecurityPolicyRulePreconfiguredWafConfigResponse": { "properties": { "exclusions": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRulePreconfiguredWafConfigExclusionResponse" }, "description": "A list of exclusions to apply during preconfigured WAF evaluation." } }, "type": "object", "required": [ "exclusions" ] }, "google-native:compute/alpha:SecurityPolicyRuleRateLimitOptions": { "properties": { "banDurationSec": { "type": "integer", "description": "Can only be specified if the action for the rule is \"rate_based_ban\". If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold." }, "banThreshold": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleRateLimitOptionsThreshold", "description": "Can only be specified if the action for the rule is \"rate_based_ban\". If specified, the key will be banned for the configured 'ban_duration_sec' when the number of requests that exceed the 'rate_limit_threshold' also exceed this 'ban_threshold'." }, "conformAction": { "type": "string", "description": "Action to take for requests that are under the configured rate limit threshold. Valid option is \"allow\" only." }, "enforceOnKey": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleRateLimitOptionsEnforceOnKey", "description": "Determines the key to enforce the rate_limit_threshold on. Possible values are: - ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if \"enforceOnKey\" is not configured. - IP: The source IP address of the request is the key. Each IP has this limit enforced separately. - HTTP_HEADER: The value of the HTTP header whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. - XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. - HTTP_COOKIE: The value of the HTTP cookie whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. - HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. - SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. - REGION_CODE: The country/region from which the request originates. " }, "enforceOnKeyConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig" }, "description": "If specified, any combination of values of enforce_on_key_type/enforce_on_key_name is treated as the key on which ratelimit threshold/action is enforced. You can specify up to 3 enforce_on_key_configs. If enforce_on_key_configs is specified, enforce_on_key must not be specified." }, "enforceOnKeyName": { "type": "string", "description": "Rate limit key name applicable only for the following key types: HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value." }, "exceedAction": { "type": "string", "description": "Action to take for requests that are above the configured rate limit threshold, to either deny with a specified HTTP response code, or redirect to a different endpoint. Valid options are `deny(STATUS)`, where valid values for `STATUS` are 403, 404, 429, and 502, and `redirect`, where the redirect parameters come from `exceedRedirectOptions` below. The `redirect` action is only supported in Global Security Policies of type CLOUD_ARMOR." }, "exceedActionRpcStatus": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleRateLimitOptionsRpcStatus", "description": "Specified gRPC response status for proxyless gRPC requests that are above the configured rate limit threshold" }, "exceedRedirectOptions": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleRedirectOptions", "description": "Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. This field is only supported in Global Security Policies of type CLOUD_ARMOR." }, "rateLimitThreshold": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleRateLimitOptionsThreshold", "description": "Threshold at which to begin ratelimiting." } }, "type": "object" }, "google-native:compute/alpha:SecurityPolicyRuleRateLimitOptionsEnforceOnKey": { "description": "Determines the key to enforce the rate_limit_threshold on. Possible values are: - ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if \"enforceOnKey\" is not configured. - IP: The source IP address of the request is the key. Each IP has this limit enforced separately. - HTTP_HEADER: The value of the HTTP header whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. - XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. - HTTP_COOKIE: The value of the HTTP cookie whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. - HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. - SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. - REGION_CODE: The country/region from which the request originates. ", "type": "string", "enum": [ { "name": "All", "value": "ALL" }, { "name": "AllIps", "value": "ALL_IPS" }, { "name": "HttpCookie", "value": "HTTP_COOKIE" }, { "name": "HttpHeader", "value": "HTTP_HEADER" }, { "name": "HttpPath", "value": "HTTP_PATH" }, { "name": "Ip", "value": "IP" }, { "name": "RegionCode", "value": "REGION_CODE" }, { "name": "Sni", "value": "SNI" }, { "name": "XffIp", "value": "XFF_IP" } ] }, "google-native:compute/alpha:SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig": { "properties": { "enforceOnKeyName": { "type": "string", "description": "Rate limit key name applicable only for the following key types: HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value." }, "enforceOnKeyType": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigEnforceOnKeyType", "description": "Determines the key to enforce the rate_limit_threshold on. Possible values are: - ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if \"enforceOnKeyConfigs\" is not configured. - IP: The source IP address of the request is the key. Each IP has this limit enforced separately. - HTTP_HEADER: The value of the HTTP header whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. - XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. - HTTP_COOKIE: The value of the HTTP cookie whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. - HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. - SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. - REGION_CODE: The country/region from which the request originates. " } }, "type": "object" }, "google-native:compute/alpha:SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigEnforceOnKeyType": { "description": "Determines the key to enforce the rate_limit_threshold on. Possible values are: - ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if \"enforceOnKeyConfigs\" is not configured. - IP: The source IP address of the request is the key. Each IP has this limit enforced separately. - HTTP_HEADER: The value of the HTTP header whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. - XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. - HTTP_COOKIE: The value of the HTTP cookie whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. - HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. - SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. - REGION_CODE: The country/region from which the request originates. ", "type": "string", "enum": [ { "name": "All", "value": "ALL" }, { "name": "AllIps", "value": "ALL_IPS" }, { "name": "HttpCookie", "value": "HTTP_COOKIE" }, { "name": "HttpHeader", "value": "HTTP_HEADER" }, { "name": "HttpPath", "value": "HTTP_PATH" }, { "name": "Ip", "value": "IP" }, { "name": "RegionCode", "value": "REGION_CODE" }, { "name": "Sni", "value": "SNI" }, { "name": "XffIp", "value": "XFF_IP" } ] }, "google-native:compute/alpha:SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigResponse": { "properties": { "enforceOnKeyName": { "type": "string", "description": "Rate limit key name applicable only for the following key types: HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value." }, "enforceOnKeyType": { "type": "string", "description": "Determines the key to enforce the rate_limit_threshold on. Possible values are: - ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if \"enforceOnKeyConfigs\" is not configured. - IP: The source IP address of the request is the key. Each IP has this limit enforced separately. - HTTP_HEADER: The value of the HTTP header whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. - XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. - HTTP_COOKIE: The value of the HTTP cookie whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. - HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. - SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. - REGION_CODE: The country/region from which the request originates. " } }, "type": "object", "required": [ "enforceOnKeyName", "enforceOnKeyType" ] }, "google-native:compute/alpha:SecurityPolicyRuleRateLimitOptionsResponse": { "properties": { "banDurationSec": { "type": "integer", "description": "Can only be specified if the action for the rule is \"rate_based_ban\". If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold." }, "banThreshold": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleRateLimitOptionsThresholdResponse", "description": "Can only be specified if the action for the rule is \"rate_based_ban\". If specified, the key will be banned for the configured 'ban_duration_sec' when the number of requests that exceed the 'rate_limit_threshold' also exceed this 'ban_threshold'." }, "conformAction": { "type": "string", "description": "Action to take for requests that are under the configured rate limit threshold. Valid option is \"allow\" only." }, "enforceOnKey": { "type": "string", "description": "Determines the key to enforce the rate_limit_threshold on. Possible values are: - ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if \"enforceOnKey\" is not configured. - IP: The source IP address of the request is the key. Each IP has this limit enforced separately. - HTTP_HEADER: The value of the HTTP header whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. - XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. - HTTP_COOKIE: The value of the HTTP cookie whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. - HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. - SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. - REGION_CODE: The country/region from which the request originates. " }, "enforceOnKeyConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigResponse" }, "description": "If specified, any combination of values of enforce_on_key_type/enforce_on_key_name is treated as the key on which ratelimit threshold/action is enforced. You can specify up to 3 enforce_on_key_configs. If enforce_on_key_configs is specified, enforce_on_key must not be specified." }, "enforceOnKeyName": { "type": "string", "description": "Rate limit key name applicable only for the following key types: HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value." }, "exceedAction": { "type": "string", "description": "Action to take for requests that are above the configured rate limit threshold, to either deny with a specified HTTP response code, or redirect to a different endpoint. Valid options are `deny(STATUS)`, where valid values for `STATUS` are 403, 404, 429, and 502, and `redirect`, where the redirect parameters come from `exceedRedirectOptions` below. The `redirect` action is only supported in Global Security Policies of type CLOUD_ARMOR." }, "exceedActionRpcStatus": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleRateLimitOptionsRpcStatusResponse", "description": "Specified gRPC response status for proxyless gRPC requests that are above the configured rate limit threshold" }, "exceedRedirectOptions": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleRedirectOptionsResponse", "description": "Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. This field is only supported in Global Security Policies of type CLOUD_ARMOR." }, "rateLimitThreshold": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleRateLimitOptionsThresholdResponse", "description": "Threshold at which to begin ratelimiting." } }, "type": "object", "required": [ "banDurationSec", "banThreshold", "conformAction", "enforceOnKey", "enforceOnKeyConfigs", "enforceOnKeyName", "exceedAction", "exceedActionRpcStatus", "exceedRedirectOptions", "rateLimitThreshold" ] }, "google-native:compute/alpha:SecurityPolicyRuleRateLimitOptionsRpcStatus": { "description": "Simplified google.rpc.Status type (omitting details).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English." } }, "type": "object" }, "google-native:compute/alpha:SecurityPolicyRuleRateLimitOptionsRpcStatusResponse": { "description": "Simplified google.rpc.Status type (omitting details).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English." } }, "type": "object", "required": [ "code", "message" ] }, "google-native:compute/alpha:SecurityPolicyRuleRateLimitOptionsThreshold": { "properties": { "count": { "type": "integer", "description": "Number of HTTP(S) requests for calculating the threshold." }, "intervalSec": { "type": "integer", "description": "Interval over which the threshold is computed." } }, "type": "object" }, "google-native:compute/alpha:SecurityPolicyRuleRateLimitOptionsThresholdResponse": { "properties": { "count": { "type": "integer", "description": "Number of HTTP(S) requests for calculating the threshold." }, "intervalSec": { "type": "integer", "description": "Interval over which the threshold is computed." } }, "type": "object", "required": [ "count", "intervalSec" ] }, "google-native:compute/alpha:SecurityPolicyRuleRedirectOptions": { "properties": { "target": { "type": "string", "description": "Target for the redirect action. This is required if the type is EXTERNAL_302 and cannot be specified for GOOGLE_RECAPTCHA." }, "type": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleRedirectOptionsType", "description": "Type of the redirect action." } }, "type": "object" }, "google-native:compute/alpha:SecurityPolicyRuleRedirectOptionsResponse": { "properties": { "target": { "type": "string", "description": "Target for the redirect action. This is required if the type is EXTERNAL_302 and cannot be specified for GOOGLE_RECAPTCHA." }, "type": { "type": "string", "description": "Type of the redirect action." } }, "type": "object", "required": [ "target", "type" ] }, "google-native:compute/alpha:SecurityPolicyRuleRedirectOptionsType": { "description": "Type of the redirect action.", "type": "string", "enum": [ { "name": "External302", "value": "EXTERNAL_302" }, { "name": "GoogleRecaptcha", "value": "GOOGLE_RECAPTCHA" } ] }, "google-native:compute/alpha:SecurityPolicyRuleResponse": { "description": "Represents a rule that describes one or more match conditions along with the action to be taken when traffic matches this condition (allow or deny).", "properties": { "action": { "type": "string", "description": "The Action to perform when the rule is matched. The following are the valid actions: - allow: allow access to target. - deny(STATUS): deny access to target, returns the HTTP response code specified. Valid values for `STATUS` are 403, 404, and 502. - rate_based_ban: limit client traffic to the configured threshold and ban the client if the traffic exceeds the threshold. Configure parameters for this action in RateLimitOptions. Requires rate_limit_options to be set. - redirect: redirect to a different target. This can either be an internal reCAPTCHA redirect, or an external URL-based redirect via a 302 response. Parameters for this action can be configured via redirectOptions. This action is only supported in Global Security Policies of type CLOUD_ARMOR. - throttle: limit client traffic to the configured threshold. Configure parameters for this action in rateLimitOptions. Requires rate_limit_options to be set for this. " }, "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "direction": { "type": "string", "description": "The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL." }, "enableLogging": { "type": "boolean", "description": "Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on \"goto_next\" rules. This field may only be specified when the versioned_expr is set to FIREWALL." }, "headerAction": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleHttpHeaderActionResponse", "description": "Optional, additional actions that are performed on headers. This field is only supported in Global Security Policies of type CLOUD_ARMOR." }, "kind": { "type": "string", "description": "[Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules" }, "match": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleMatcherResponse", "description": "A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced." }, "networkMatch": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleNetworkMatcherResponse", "description": "A match condition that incoming packets are evaluated against for CLOUD_ARMOR_NETWORK security policies. If it matches, the corresponding 'action' is enforced. The match criteria for a rule consists of built-in match fields (like 'srcIpRanges') and potentially multiple user-defined match fields ('userDefinedFields'). Field values may be extracted directly from the packet or derived from it (e.g. 'srcRegionCodes'). Some fields may not be present in every packet (e.g. 'srcPorts'). A user-defined field is only present if the base header is found in the packet and the entire field is in bounds. Each match field may specify which values can match it, listing one or more ranges, prefixes, or exact values that are considered a match for the field. A field value must be present in order to match a specified match field. If no match values are specified for a match field, then any field value is considered to match it, and it's not required to be present. For strings specifying '*' is also equivalent to match all. For a packet to match a rule, all specified match fields must match the corresponding field values derived from the packet. Example: networkMatch: srcIpRanges: - \"192.0.2.0/24\" - \"198.51.100.0/24\" userDefinedFields: - name: \"ipv4_fragment_offset\" values: - \"1-0x1fff\" The above match condition matches packets with a source IP in 192.0.2.0/24 or 198.51.100.0/24 and a user-defined field named \"ipv4_fragment_offset\" with a value between 1 and 0x1fff inclusive." }, "preconfiguredWafConfig": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRulePreconfiguredWafConfigResponse", "description": "Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect." }, "preview": { "type": "boolean", "description": "If set to true, the specified action is not enforced." }, "priority": { "type": "integer", "description": "An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority." }, "rateLimitOptions": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleRateLimitOptionsResponse", "description": "Must be specified if the action is \"rate_based_ban\" or \"throttle\". Cannot be specified for any other actions." }, "redirectOptions": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyRuleRedirectOptionsResponse", "description": "Parameters defining the redirect action. Cannot be specified for any other actions. This field is only supported in Global Security Policies of type CLOUD_ARMOR." }, "redirectTarget": { "type": "string", "description": "This must be specified for redirect actions. Cannot be specified for any other actions." }, "ruleManagedProtectionTier": { "type": "string", "description": "The minimum managed protection tier required for this rule. [Deprecated] Use requiredManagedProtectionTiers instead.", "deprecationMessage": "[Output Only] The minimum managed protection tier required for this rule. [Deprecated] Use requiredManagedProtectionTiers instead." }, "ruleNumber": { "type": "string", "description": "Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server." }, "ruleTupleCount": { "type": "integer", "description": "Calculation of the complexity of a single firewall security policy rule." }, "targetResources": { "type": "array", "items": { "type": "string" }, "description": "A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL." }, "targetServiceAccounts": { "type": "array", "items": { "type": "string" }, "description": "A list of service accounts indicating the sets of instances that are applied with this rule." } }, "type": "object", "required": [ "action", "description", "direction", "enableLogging", "headerAction", "kind", "match", "networkMatch", "preconfiguredWafConfig", "preview", "priority", "rateLimitOptions", "redirectOptions", "redirectTarget", "ruleManagedProtectionTier", "ruleNumber", "ruleTupleCount", "targetResources", "targetServiceAccounts" ] }, "google-native:compute/alpha:SecurityPolicyType": { "description": "The type indicates the intended use of the security policy. - CLOUD_ARMOR: Cloud Armor backend security policies can be configured to filter incoming HTTP requests targeting backend services. They filter requests before they hit the origin servers. - CLOUD_ARMOR_EDGE: Cloud Armor edge security policies can be configured to filter incoming HTTP requests targeting backend services (including Cloud CDN-enabled) as well as backend buckets (Cloud Storage). They filter requests before the request is served from Google's cache. - CLOUD_ARMOR_INTERNAL_SERVICE: Cloud Armor internal service policies can be configured to filter HTTP requests targeting services managed by Traffic Director in a service mesh. They filter requests before the request is served from the application. - CLOUD_ARMOR_NETWORK: Cloud Armor network policies can be configured to filter packets targeting network load balancing resources such as backend services, target pools, target instances, and instances with external IPs. They filter requests before the request is served from the application. This field can be set only at resource creation time.", "type": "string", "enum": [ { "name": "CloudArmor", "value": "CLOUD_ARMOR" }, { "name": "CloudArmorEdge", "value": "CLOUD_ARMOR_EDGE" }, { "name": "CloudArmorInternalService", "value": "CLOUD_ARMOR_INTERNAL_SERVICE" }, { "name": "CloudArmorNetwork", "value": "CLOUD_ARMOR_NETWORK" }, { "name": "Firewall", "value": "FIREWALL" } ] }, "google-native:compute/alpha:SecurityPolicyUserDefinedField": { "properties": { "base": { "$ref": "#/types/google-native:compute%2Falpha:SecurityPolicyUserDefinedFieldBase", "description": "The base relative to which 'offset' is measured. Possible values are: - IPV4: Points to the beginning of the IPv4 header. - IPV6: Points to the beginning of the IPv6 header. - TCP: Points to the beginning of the TCP header, skipping over any IPv4 options or IPv6 extension headers. Not present for non-first fragments. - UDP: Points to the beginning of the UDP header, skipping over any IPv4 options or IPv6 extension headers. Not present for non-first fragments. required" }, "mask": { "type": "string", "description": "If specified, apply this mask (bitwise AND) to the field to ignore bits before matching. Encoded as a hexadecimal number (starting with \"0x\"). The last byte of the field (in network byte order) corresponds to the least significant byte of the mask." }, "name": { "type": "string", "description": "The name of this field. Must be unique within the policy." }, "offset": { "type": "integer", "description": "Offset of the first byte of the field (in network byte order) relative to 'base'." }, "size": { "type": "integer", "description": "Size of the field in bytes. Valid values: 1-4." } }, "type": "object" }, "google-native:compute/alpha:SecurityPolicyUserDefinedFieldBase": { "description": "The base relative to which 'offset' is measured. Possible values are: - IPV4: Points to the beginning of the IPv4 header. - IPV6: Points to the beginning of the IPv6 header. - TCP: Points to the beginning of the TCP header, skipping over any IPv4 options or IPv6 extension headers. Not present for non-first fragments. - UDP: Points to the beginning of the UDP header, skipping over any IPv4 options or IPv6 extension headers. Not present for non-first fragments. required", "type": "string", "enum": [ { "name": "Ipv4", "value": "IPV4" }, { "name": "Ipv6", "value": "IPV6" }, { "name": "Tcp", "value": "TCP" }, { "name": "Udp", "value": "UDP" } ] }, "google-native:compute/alpha:SecurityPolicyUserDefinedFieldResponse": { "properties": { "base": { "type": "string", "description": "The base relative to which 'offset' is measured. Possible values are: - IPV4: Points to the beginning of the IPv4 header. - IPV6: Points to the beginning of the IPv6 header. - TCP: Points to the beginning of the TCP header, skipping over any IPv4 options or IPv6 extension headers. Not present for non-first fragments. - UDP: Points to the beginning of the UDP header, skipping over any IPv4 options or IPv6 extension headers. Not present for non-first fragments. required" }, "mask": { "type": "string", "description": "If specified, apply this mask (bitwise AND) to the field to ignore bits before matching. Encoded as a hexadecimal number (starting with \"0x\"). The last byte of the field (in network byte order) corresponds to the least significant byte of the mask." }, "name": { "type": "string", "description": "The name of this field. Must be unique within the policy." }, "offset": { "type": "integer", "description": "Offset of the first byte of the field (in network byte order) relative to 'base'." }, "size": { "type": "integer", "description": "Size of the field in bytes. Valid values: 1-4." } }, "type": "object", "required": [ "base", "mask", "name", "offset", "size" ] }, "google-native:compute/alpha:SecuritySettings": { "description": "The authentication and authorization settings for a BackendService.", "properties": { "authentication": { "type": "string", "description": "[Deprecated] Use clientTlsPolicy instead.", "deprecationMessage": "[Deprecated] Use clientTlsPolicy instead." }, "authenticationPolicy": { "$ref": "#/types/google-native:compute%2Falpha:AuthenticationPolicy", "description": "[Deprecated] Authentication policy defines what authentication methods can be accepted on backends, and if authenticated, which method/certificate will set the request principal. request principal.", "deprecationMessage": "[Deprecated] Authentication policy defines what authentication methods can be accepted on backends, and if authenticated, which method/certificate will set the request principal. request principal." }, "authorizationConfig": { "$ref": "#/types/google-native:compute%2Falpha:AuthorizationConfig", "description": "[Deprecated] Authorization config defines the Role Based Access Control (RBAC) config. Authorization config defines the Role Based Access Control (RBAC) config.", "deprecationMessage": "[Deprecated] Authorization config defines the Role Based Access Control (RBAC) config. Authorization config defines the Role Based Access Control (RBAC) config." }, "awsV4Authentication": { "$ref": "#/types/google-native:compute%2Falpha:AWSV4Signature", "description": "The configuration needed to generate a signature for access to private storage buckets that support AWS's Signature Version 4 for authentication. Allowed only for INTERNET_IP_PORT and INTERNET_FQDN_PORT NEG backends." }, "clientTlsPolicy": { "type": "string", "description": "Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted." }, "clientTlsSettings": { "$ref": "#/types/google-native:compute%2Falpha:ClientTlsSettings", "description": "[Deprecated] TLS Settings for the backend service.", "deprecationMessage": "[Deprecated] TLS Settings for the backend service." }, "subjectAltNames": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode)." } }, "type": "object" }, "google-native:compute/alpha:SecuritySettingsResponse": { "description": "The authentication and authorization settings for a BackendService.", "properties": { "authentication": { "type": "string", "description": "[Deprecated] Use clientTlsPolicy instead.", "deprecationMessage": "[Deprecated] Use clientTlsPolicy instead." }, "authenticationPolicy": { "$ref": "#/types/google-native:compute%2Falpha:AuthenticationPolicyResponse", "description": "[Deprecated] Authentication policy defines what authentication methods can be accepted on backends, and if authenticated, which method/certificate will set the request principal. request principal.", "deprecationMessage": "[Deprecated] Authentication policy defines what authentication methods can be accepted on backends, and if authenticated, which method/certificate will set the request principal. request principal." }, "authorizationConfig": { "$ref": "#/types/google-native:compute%2Falpha:AuthorizationConfigResponse", "description": "[Deprecated] Authorization config defines the Role Based Access Control (RBAC) config. Authorization config defines the Role Based Access Control (RBAC) config.", "deprecationMessage": "[Deprecated] Authorization config defines the Role Based Access Control (RBAC) config. Authorization config defines the Role Based Access Control (RBAC) config." }, "awsV4Authentication": { "$ref": "#/types/google-native:compute%2Falpha:AWSV4SignatureResponse", "description": "The configuration needed to generate a signature for access to private storage buckets that support AWS's Signature Version 4 for authentication. Allowed only for INTERNET_IP_PORT and INTERNET_FQDN_PORT NEG backends." }, "clientTlsPolicy": { "type": "string", "description": "Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted." }, "clientTlsSettings": { "$ref": "#/types/google-native:compute%2Falpha:ClientTlsSettingsResponse", "description": "[Deprecated] TLS Settings for the backend service.", "deprecationMessage": "[Deprecated] TLS Settings for the backend service." }, "subjectAltNames": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode)." } }, "type": "object", "required": [ "authentication", "authenticationPolicy", "authorizationConfig", "awsV4Authentication", "clientTlsPolicy", "clientTlsSettings", "subjectAltNames" ] }, "google-native:compute/alpha:ServerBinding": { "properties": { "type": { "$ref": "#/types/google-native:compute%2Falpha:ServerBindingType" } }, "type": "object" }, "google-native:compute/alpha:ServerBindingResponse": { "properties": { "type": { "type": "string" } }, "type": "object", "required": [ "type" ] }, "google-native:compute/alpha:ServerBindingType": { "type": "string", "enum": [ { "name": "RestartNodeOnAnyServer", "description": "Node may associate with any physical server over its lifetime.", "value": "RESTART_NODE_ON_ANY_SERVER" }, { "name": "RestartNodeOnMinimalServers", "description": "Node may associate with minimal physical servers over its lifetime.", "value": "RESTART_NODE_ON_MINIMAL_SERVERS" }, { "name": "ServerBindingTypeUnspecified", "value": "SERVER_BINDING_TYPE_UNSPECIFIED" } ] }, "google-native:compute/alpha:ServerTlsSettings": { "description": "The TLS settings for the server.", "properties": { "proxyTlsContext": { "$ref": "#/types/google-native:compute%2Falpha:TlsContext", "description": "Configures the mechanism to obtain security certificates and identity information." }, "subjectAltNames": { "type": "array", "items": { "type": "string" }, "description": "A list of alternate names to verify the subject identity in the certificate presented by the client." }, "tlsMode": { "$ref": "#/types/google-native:compute%2Falpha:ServerTlsSettingsTlsMode", "description": "Indicates whether connections should be secured using TLS. The value of this field determines how TLS is enforced. This field can be set to one of the following: - SIMPLE Secure connections with standard TLS semantics. - MUTUAL Secure connections to the backends using mutual TLS by presenting client certificates for authentication. " } }, "type": "object" }, "google-native:compute/alpha:ServerTlsSettingsResponse": { "description": "The TLS settings for the server.", "properties": { "proxyTlsContext": { "$ref": "#/types/google-native:compute%2Falpha:TlsContextResponse", "description": "Configures the mechanism to obtain security certificates and identity information." }, "subjectAltNames": { "type": "array", "items": { "type": "string" }, "description": "A list of alternate names to verify the subject identity in the certificate presented by the client." }, "tlsMode": { "type": "string", "description": "Indicates whether connections should be secured using TLS. The value of this field determines how TLS is enforced. This field can be set to one of the following: - SIMPLE Secure connections with standard TLS semantics. - MUTUAL Secure connections to the backends using mutual TLS by presenting client certificates for authentication. " } }, "type": "object", "required": [ "proxyTlsContext", "subjectAltNames", "tlsMode" ] }, "google-native:compute/alpha:ServerTlsSettingsTlsMode": { "description": "Indicates whether connections should be secured using TLS. The value of this field determines how TLS is enforced. This field can be set to one of the following: - SIMPLE Secure connections with standard TLS semantics. - MUTUAL Secure connections to the backends using mutual TLS by presenting client certificates for authentication. ", "type": "string", "enum": [ { "name": "Invalid", "value": "INVALID" }, { "name": "Mutual", "description": "Secure connections to the backends using mutual TLS by presenting client certificates for authentication.", "value": "MUTUAL" }, { "name": "Simple", "description": "Secure connections with standard TLS semantics.", "value": "SIMPLE" } ] }, "google-native:compute/alpha:ServiceAccount": { "description": "A service account.", "properties": { "email": { "type": "string", "description": "Email address of the service account." }, "scopes": { "type": "array", "items": { "type": "string" }, "description": "The list of scopes to be made available for this service account." } }, "type": "object" }, "google-native:compute/alpha:ServiceAccountResponse": { "description": "A service account.", "properties": { "email": { "type": "string", "description": "Email address of the service account." }, "scopes": { "type": "array", "items": { "type": "string" }, "description": "The list of scopes to be made available for this service account." } }, "type": "object", "required": [ "email", "scopes" ] }, "google-native:compute/alpha:ServiceAttachmentConnectedEndpointResponse": { "description": "[Output Only] A connection connected to this service attachment.", "properties": { "consumerNetwork": { "type": "string", "description": "The url of the consumer network." }, "endpoint": { "type": "string", "description": "The url of a connected endpoint." }, "pscConnectionId": { "type": "string", "description": "The PSC connection id of the connected endpoint." }, "status": { "type": "string", "description": "The status of a connected endpoint to this service attachment." } }, "type": "object", "required": [ "consumerNetwork", "endpoint", "pscConnectionId", "status" ] }, "google-native:compute/alpha:ServiceAttachmentConnectionPreference": { "description": "The connection preference of service attachment. The value can be set to ACCEPT_AUTOMATIC. An ACCEPT_AUTOMATIC service attachment is one that always accepts the connection from consumer forwarding rules.", "type": "string", "enum": [ { "name": "AcceptAutomatic", "value": "ACCEPT_AUTOMATIC" }, { "name": "AcceptManual", "value": "ACCEPT_MANUAL" }, { "name": "ConnectionPreferenceUnspecified", "value": "CONNECTION_PREFERENCE_UNSPECIFIED" } ] }, "google-native:compute/alpha:ServiceAttachmentConsumerProjectLimit": { "properties": { "connectionLimit": { "type": "integer", "description": "The value of the limit to set." }, "networkUrl": { "type": "string", "description": "The network URL for the network to set the limit for." }, "projectIdOrNum": { "type": "string", "description": "The project id or number for the project to set the limit for." } }, "type": "object" }, "google-native:compute/alpha:ServiceAttachmentConsumerProjectLimitResponse": { "properties": { "connectionLimit": { "type": "integer", "description": "The value of the limit to set." }, "networkUrl": { "type": "string", "description": "The network URL for the network to set the limit for." }, "projectIdOrNum": { "type": "string", "description": "The project id or number for the project to set the limit for." } }, "type": "object", "required": [ "connectionLimit", "networkUrl", "projectIdOrNum" ] }, "google-native:compute/alpha:ServiceAttachmentTunnelingConfig": { "description": "Use to configure this PSC connection in tunneling mode. In tunneling mode traffic from consumer to producer will be encapsulated as it crosses the VPC boundary and traffic from producer to consumer will be decapsulated in the same manner.", "properties": { "encapsulationProfile": { "$ref": "#/types/google-native:compute%2Falpha:ServiceAttachmentTunnelingConfigEncapsulationProfile", "description": "Specify the encapsulation protocol and what metadata to include in incoming encapsulated packet headers." }, "routingMode": { "$ref": "#/types/google-native:compute%2Falpha:ServiceAttachmentTunnelingConfigRoutingMode", "description": "How this Service Attachment will treat traffic sent to the tunnel_ip, destined for the consumer network." } }, "type": "object" }, "google-native:compute/alpha:ServiceAttachmentTunnelingConfigEncapsulationProfile": { "description": "Specify the encapsulation protocol and what metadata to include in incoming encapsulated packet headers.", "type": "string", "enum": [ { "name": "GeneveSecurityV1", "description": "Use GENEVE encapsulation protocol and include the SECURITY_V1 set of GENEVE headers.", "value": "GENEVE_SECURITY_V1" }, { "name": "UnspecifiedEncapsulationProfile", "value": "UNSPECIFIED_ENCAPSULATION_PROFILE" } ] }, "google-native:compute/alpha:ServiceAttachmentTunnelingConfigResponse": { "description": "Use to configure this PSC connection in tunneling mode. In tunneling mode traffic from consumer to producer will be encapsulated as it crosses the VPC boundary and traffic from producer to consumer will be decapsulated in the same manner.", "properties": { "encapsulationProfile": { "type": "string", "description": "Specify the encapsulation protocol and what metadata to include in incoming encapsulated packet headers." }, "routingMode": { "type": "string", "description": "How this Service Attachment will treat traffic sent to the tunnel_ip, destined for the consumer network." } }, "type": "object", "required": [ "encapsulationProfile", "routingMode" ] }, "google-native:compute/alpha:ServiceAttachmentTunnelingConfigRoutingMode": { "description": "How this Service Attachment will treat traffic sent to the tunnel_ip, destined for the consumer network.", "type": "string", "enum": [ { "name": "PacketInjection", "description": "Traffic sent to this service attachment will be reinjected into the consumer network.", "value": "PACKET_INJECTION" }, { "name": "StandardRouting", "description": "Response traffic, after de-encapsulation, will be returned to the client.", "value": "STANDARD_ROUTING" }, { "name": "UnspecifiedRoutingMode", "value": "UNSPECIFIED_ROUTING_MODE" } ] }, "google-native:compute/alpha:ShareSettings": { "description": "The share setting for reservations and sole tenancy node groups.", "properties": { "folderMap": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of folder id and folder config to specify consumer projects for this shared-reservation. This is only valid when share_type's value is DIRECT_PROJECTS_UNDER_SPECIFIC_FOLDERS. Folder id should be a string of number, and without \"folders/\" prefix." }, "projectMap": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of project id and project config. This is only valid when share_type's value is SPECIFIC_PROJECTS." }, "projects": { "type": "array", "items": { "type": "string" }, "description": "A List of Project names to specify consumer projects for this shared-reservation. This is only valid when share_type's value is SPECIFIC_PROJECTS." }, "shareType": { "$ref": "#/types/google-native:compute%2Falpha:ShareSettingsShareType", "description": "Type of sharing for this shared-reservation" } }, "type": "object" }, "google-native:compute/alpha:ShareSettingsResponse": { "description": "The share setting for reservations and sole tenancy node groups.", "properties": { "folderMap": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of folder id and folder config to specify consumer projects for this shared-reservation. This is only valid when share_type's value is DIRECT_PROJECTS_UNDER_SPECIFIC_FOLDERS. Folder id should be a string of number, and without \"folders/\" prefix." }, "projectMap": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of project id and project config. This is only valid when share_type's value is SPECIFIC_PROJECTS." }, "projects": { "type": "array", "items": { "type": "string" }, "description": "A List of Project names to specify consumer projects for this shared-reservation. This is only valid when share_type's value is SPECIFIC_PROJECTS." }, "shareType": { "type": "string", "description": "Type of sharing for this shared-reservation" } }, "type": "object", "required": [ "folderMap", "projectMap", "projects", "shareType" ] }, "google-native:compute/alpha:ShareSettingsShareType": { "description": "Type of sharing for this shared-reservation", "type": "string", "enum": [ { "name": "DirectProjectsUnderSpecificFolders", "description": "Shared-reservation is open to direct child projects of specific folders.", "value": "DIRECT_PROJECTS_UNDER_SPECIFIC_FOLDERS" }, { "name": "Local", "description": "Default value.", "value": "LOCAL" }, { "name": "Organization", "description": "Shared-reservation is open to entire Organization", "value": "ORGANIZATION" }, { "name": "ShareTypeUnspecified", "description": "Default value. This value is unused.", "value": "SHARE_TYPE_UNSPECIFIED" }, { "name": "SpecificProjects", "description": "Shared-reservation is open to specific projects", "value": "SPECIFIC_PROJECTS" } ] }, "google-native:compute/alpha:ShieldedInstanceConfig": { "description": "A set of Shielded Instance options.", "properties": { "enableIntegrityMonitoring": { "type": "boolean", "description": "Defines whether the instance has integrity monitoring enabled. Enabled by default." }, "enableSecureBoot": { "type": "boolean", "description": "Defines whether the instance has Secure Boot enabled. Disabled by default." }, "enableVtpm": { "type": "boolean", "description": "Defines whether the instance has the vTPM enabled. Enabled by default." } }, "type": "object" }, "google-native:compute/alpha:ShieldedInstanceConfigResponse": { "description": "A set of Shielded Instance options.", "properties": { "enableIntegrityMonitoring": { "type": "boolean", "description": "Defines whether the instance has integrity monitoring enabled. Enabled by default." }, "enableSecureBoot": { "type": "boolean", "description": "Defines whether the instance has Secure Boot enabled. Disabled by default." }, "enableVtpm": { "type": "boolean", "description": "Defines whether the instance has the vTPM enabled. Enabled by default." } }, "type": "object", "required": [ "enableIntegrityMonitoring", "enableSecureBoot", "enableVtpm" ] }, "google-native:compute/alpha:ShieldedInstanceIntegrityPolicy": { "description": "The policy describes the baseline against which Instance boot integrity is measured.", "properties": { "updateAutoLearnPolicy": { "type": "boolean", "description": "Updates the integrity policy baseline using the measurements from the VM instance's most recent boot." } }, "type": "object" }, "google-native:compute/alpha:ShieldedInstanceIntegrityPolicyResponse": { "description": "The policy describes the baseline against which Instance boot integrity is measured.", "properties": { "updateAutoLearnPolicy": { "type": "boolean", "description": "Updates the integrity policy baseline using the measurements from the VM instance's most recent boot." } }, "type": "object", "required": [ "updateAutoLearnPolicy" ] }, "google-native:compute/alpha:ShieldedVmConfig": { "description": "A set of Shielded VM options.", "properties": { "enableIntegrityMonitoring": { "type": "boolean", "description": "Defines whether the instance has integrity monitoring enabled." }, "enableSecureBoot": { "type": "boolean", "description": "Defines whether the instance has Secure Boot enabled." }, "enableVtpm": { "type": "boolean", "description": "Defines whether the instance has the vTPM enabled." } }, "type": "object" }, "google-native:compute/alpha:ShieldedVmConfigResponse": { "description": "A set of Shielded VM options.", "properties": { "enableIntegrityMonitoring": { "type": "boolean", "description": "Defines whether the instance has integrity monitoring enabled." }, "enableSecureBoot": { "type": "boolean", "description": "Defines whether the instance has Secure Boot enabled." }, "enableVtpm": { "type": "boolean", "description": "Defines whether the instance has the vTPM enabled." } }, "type": "object", "required": [ "enableIntegrityMonitoring", "enableSecureBoot", "enableVtpm" ] }, "google-native:compute/alpha:ShieldedVmIntegrityPolicy": { "description": "The policy describes the baseline against which VM instance boot integrity is measured.", "properties": { "updateAutoLearnPolicy": { "type": "boolean", "description": "Updates the integrity policy baseline using the measurements from the VM instance's most recent boot." } }, "type": "object" }, "google-native:compute/alpha:ShieldedVmIntegrityPolicyResponse": { "description": "The policy describes the baseline against which VM instance boot integrity is measured.", "properties": { "updateAutoLearnPolicy": { "type": "boolean", "description": "Updates the integrity policy baseline using the measurements from the VM instance's most recent boot." } }, "type": "object", "required": [ "updateAutoLearnPolicy" ] }, "google-native:compute/alpha:SnapshotSnapshotType": { "description": "Indicates the type of the snapshot.", "type": "string", "enum": [ { "name": "Archive", "value": "ARCHIVE" }, { "name": "Standard", "value": "STANDARD" } ] }, "google-native:compute/alpha:SourceDiskEncryptionKey": { "properties": { "diskEncryptionKey": { "$ref": "#/types/google-native:compute%2Falpha:CustomerEncryptionKey", "description": "The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key." }, "sourceDisk": { "type": "string", "description": "URL of the disk attached to the source instance. This can be a full or valid partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk " } }, "type": "object" }, "google-native:compute/alpha:SourceDiskEncryptionKeyResponse": { "properties": { "diskEncryptionKey": { "$ref": "#/types/google-native:compute%2Falpha:CustomerEncryptionKeyResponse", "description": "The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key." }, "sourceDisk": { "type": "string", "description": "URL of the disk attached to the source instance. This can be a full or valid partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk " } }, "type": "object", "required": [ "diskEncryptionKey", "sourceDisk" ] }, "google-native:compute/alpha:SourceInstanceParams": { "description": "A specification of the parameters to use when creating the instance template from a source instance.", "properties": { "diskConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:DiskInstantiationConfig" }, "description": "Attached disks configuration. If not provided, defaults are applied: For boot disk and any other R/W disks, the source images for each disk will be used. For read-only disks, they will be attached in read-only mode. Local SSD disks will be created as blank volumes." } }, "type": "object" }, "google-native:compute/alpha:SourceInstanceParamsResponse": { "description": "A specification of the parameters to use when creating the instance template from a source instance.", "properties": { "diskConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:DiskInstantiationConfigResponse" }, "description": "Attached disks configuration. If not provided, defaults are applied: For boot disk and any other R/W disks, the source images for each disk will be used. For read-only disks, they will be attached in read-only mode. Local SSD disks will be created as blank volumes." } }, "type": "object", "required": [ "diskConfigs" ] }, "google-native:compute/alpha:SourceInstancePropertiesResponse": { "description": "DEPRECATED: Please use compute#instanceProperties instead. New properties will not be added to this field.", "properties": { "canIpForward": { "type": "boolean", "description": "Enables instances created based on this machine image to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information." }, "deletionProtection": { "type": "boolean", "description": "Whether the instance created from this machine image should be protected against deletion." }, "description": { "type": "string", "description": "An optional text description for the instances that are created from this machine image." }, "disks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:SavedAttachedDiskResponse" }, "description": "An array of disks that are associated with the instances that are created from this machine image." }, "guestAccelerators": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:AcceleratorConfigResponse" }, "description": "A list of guest accelerator cards' type and count to use for instances created from this machine image." }, "keyRevocationActionType": { "type": "string", "description": "KeyRevocationActionType of the instance. Supported options are \"STOP\" and \"NONE\". The default value is \"NONE\" if it is not specified." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels to apply to instances that are created from this machine image." }, "machineType": { "type": "string", "description": "The machine type to use for instances that are created from this machine image." }, "metadata": { "$ref": "#/types/google-native:compute%2Falpha:MetadataResponse", "description": "The metadata key/value pairs to assign to instances that are created from this machine image. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information." }, "minCpuPlatform": { "type": "string", "description": "Minimum cpu/platform to be used by instances created from this machine image. The instance may be scheduled on the specified or newer cpu/platform. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: \"Intel Haswell\" or minCpuPlatform: \"Intel Sandy Bridge\". For more information, read Specifying a Minimum CPU Platform." }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:NetworkInterfaceResponse" }, "description": "An array of network access configurations for this interface." }, "postKeyRevocationActionType": { "type": "string", "description": "PostKeyRevocationActionType of the instance." }, "scheduling": { "$ref": "#/types/google-native:compute%2Falpha:SchedulingResponse", "description": "Specifies the scheduling options for the instances that are created from this machine image." }, "serviceAccounts": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:ServiceAccountResponse" }, "description": "A list of service accounts with specified scopes. Access tokens for these service accounts are available to the instances that are created from this machine image. Use metadata queries to obtain the access tokens for these instances." }, "tags": { "$ref": "#/types/google-native:compute%2Falpha:TagsResponse", "description": "A list of tags to apply to the instances that are created from this machine image. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035." } }, "type": "object", "required": [ "canIpForward", "deletionProtection", "description", "disks", "guestAccelerators", "keyRevocationActionType", "labels", "machineType", "metadata", "minCpuPlatform", "networkInterfaces", "postKeyRevocationActionType", "scheduling", "serviceAccounts", "tags" ] }, "google-native:compute/alpha:SslCertificateManagedSslCertificate": { "description": "Configuration and status of a managed SSL certificate.", "properties": { "domains": { "type": "array", "items": { "type": "string" }, "description": "The domains for which a managed SSL certificate will be generated. Each Google-managed SSL certificate supports up to the [maximum number of domains per Google-managed SSL certificate](/load-balancing/docs/quotas#ssl_certificates)." } }, "type": "object" }, "google-native:compute/alpha:SslCertificateManagedSslCertificateResponse": { "description": "Configuration and status of a managed SSL certificate.", "properties": { "domainStatus": { "type": "object", "additionalProperties": { "type": "string" }, "description": "[Output only] Detailed statuses of the domains specified for managed certificate resource." }, "domains": { "type": "array", "items": { "type": "string" }, "description": "The domains for which a managed SSL certificate will be generated. Each Google-managed SSL certificate supports up to the [maximum number of domains per Google-managed SSL certificate](/load-balancing/docs/quotas#ssl_certificates)." }, "status": { "type": "string", "description": "[Output only] Status of the managed certificate resource." } }, "type": "object", "required": [ "domainStatus", "domains", "status" ] }, "google-native:compute/alpha:SslCertificateSelfManagedSslCertificate": { "description": "Configuration and status of a self-managed SSL certificate.", "properties": { "certificate": { "type": "string", "description": "A local certificate file. The certificate must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert." }, "privateKey": { "type": "string", "description": "A write-only private key in PEM format. Only insert requests will include this field." } }, "type": "object" }, "google-native:compute/alpha:SslCertificateSelfManagedSslCertificateResponse": { "description": "Configuration and status of a self-managed SSL certificate.", "properties": { "certificate": { "type": "string", "description": "A local certificate file. The certificate must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert." }, "privateKey": { "type": "string", "description": "A write-only private key in PEM format. Only insert requests will include this field." } }, "type": "object", "required": [ "certificate", "privateKey" ] }, "google-native:compute/alpha:SslCertificateType": { "description": "(Optional) Specifies the type of SSL certificate, either \"SELF_MANAGED\" or \"MANAGED\". If not specified, the certificate is self-managed and the fields certificate and private_key are used.", "type": "string", "enum": [ { "name": "Managed", "description": "Google-managed SSLCertificate.", "value": "MANAGED" }, { "name": "SelfManaged", "description": "Certificate uploaded by user.", "value": "SELF_MANAGED" }, { "name": "TypeUnspecified", "value": "TYPE_UNSPECIFIED" } ] }, "google-native:compute/alpha:SslPolicyMinTlsVersion": { "description": "The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. This can be one of TLS_1_0, TLS_1_1, TLS_1_2.", "type": "string", "enum": [ { "name": "Tls10", "description": "TLS 1.0", "value": "TLS_1_0" }, { "name": "Tls11", "description": "TLS 1.1", "value": "TLS_1_1" }, { "name": "Tls12", "description": "TLS 1.2", "value": "TLS_1_2" } ] }, "google-native:compute/alpha:SslPolicyProfile": { "description": "Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one of COMPATIBLE, MODERN, RESTRICTED, or CUSTOM. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field.", "type": "string", "enum": [ { "name": "Compatible", "description": "Compatible profile. Allows the broadset set of clients, even those which support only out-of-date SSL features to negotiate with the load balancer.", "value": "COMPATIBLE" }, { "name": "Custom", "description": "Custom profile. Allow only the set of allowed SSL features specified in the customFeatures field.", "value": "CUSTOM" }, { "name": "Modern", "description": "Modern profile. Supports a wide set of SSL features, allowing modern clients to negotiate SSL with the load balancer.", "value": "MODERN" }, { "name": "Restricted", "description": "Restricted profile. Supports a reduced set of SSL features, intended to meet stricter compliance requirements.", "value": "RESTRICTED" } ] }, "google-native:compute/alpha:SslPolicyWarningsItemDataItemResponse": { "properties": { "key": { "type": "string", "description": "A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)." }, "value": { "type": "string", "description": "A warning data value corresponding to the key." } }, "type": "object", "required": [ "key", "value" ] }, "google-native:compute/alpha:SslPolicyWarningsItemResponse": { "properties": { "code": { "type": "string", "description": "A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response." }, "data": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:SslPolicyWarningsItemDataItemResponse" }, "description": "Metadata about this warning in key: value format. For example: \"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" } " }, "message": { "type": "string", "description": "A human-readable description of the warning code." } }, "type": "object", "required": [ "code", "data", "message" ] }, "google-native:compute/alpha:StatefulPolicy": { "properties": { "preservedState": { "$ref": "#/types/google-native:compute%2Falpha:StatefulPolicyPreservedState" } }, "type": "object" }, "google-native:compute/alpha:StatefulPolicyPreservedState": { "description": "Configuration of preserved resources.", "properties": { "disks": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Disks created on the instances that will be preserved on instance delete, update, etc. This map is keyed with the device names of the disks." }, "externalIPs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "External network IPs assigned to the instances that will be preserved on instance delete, update, etc. This map is keyed with the network interface name." }, "internalIPs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Internal network IPs assigned to the instances that will be preserved on instance delete, update, etc. This map is keyed with the network interface name." } }, "type": "object" }, "google-native:compute/alpha:StatefulPolicyPreservedStateResponse": { "description": "Configuration of preserved resources.", "properties": { "disks": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Disks created on the instances that will be preserved on instance delete, update, etc. This map is keyed with the device names of the disks." }, "externalIPs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "External network IPs assigned to the instances that will be preserved on instance delete, update, etc. This map is keyed with the network interface name." }, "internalIPs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Internal network IPs assigned to the instances that will be preserved on instance delete, update, etc. This map is keyed with the network interface name." } }, "type": "object", "required": [ "disks", "externalIPs", "internalIPs" ] }, "google-native:compute/alpha:StatefulPolicyResponse": { "properties": { "preservedState": { "$ref": "#/types/google-native:compute%2Falpha:StatefulPolicyPreservedStateResponse" } }, "type": "object", "required": [ "preservedState" ] }, "google-native:compute/alpha:StoragePoolCapacityProvisioningType": { "description": "Provisioning type of the byte capacity of the pool.", "type": "string", "enum": [ { "name": "Advanced", "description": "Advanced provisioning \"thinly\" allocates the related resource.", "value": "ADVANCED" }, { "name": "Standard", "description": "Standard provisioning allocates the related resource for the pool disks' exclusive use.", "value": "STANDARD" }, { "name": "Unspecified", "value": "UNSPECIFIED" } ] }, "google-native:compute/alpha:StoragePoolPerformanceProvisioningType": { "description": "Provisioning type of the performance-related parameters of the pool, such as throughput and IOPS.", "type": "string", "enum": [ { "name": "Advanced", "description": "Advanced provisioning \"thinly\" allocates the related resource.", "value": "ADVANCED" }, { "name": "Standard", "description": "Standard provisioning allocates the related resource for the pool disks' exclusive use.", "value": "STANDARD" }, { "name": "Unspecified", "value": "UNSPECIFIED" } ] }, "google-native:compute/alpha:StoragePoolResourceStatusResponse": { "description": "[Output Only] Contains output only fields.", "properties": { "aggregateDiskProvisionedIops": { "type": "string", "description": "Sum of all the disks' provisioned IOPS." }, "aggregateDiskSizeGb": { "type": "string", "description": "Sum of all the capacity provisioned in disks in this storage pool. A disk's provisioned capacity is the same as its total capacity." }, "lastResizeTimestamp": { "type": "string", "description": "Timestamp of the last successful resize in RFC3339 text format." }, "maxAggregateDiskSizeGb": { "type": "string", "description": "Maximum allowed aggregate disk size in gigabytes." }, "numberOfDisks": { "type": "string", "description": "Number of disks used." }, "usedBytes": { "type": "string", "description": "Space used by data stored in disks within the storage pool (in bytes)." }, "usedReducedBytes": { "type": "string", "description": "Space used by compressed and deduped data stored in disks within the storage pool (in bytes)." }, "usedThroughput": { "type": "string", "description": "Sum of all the disks' provisioned throughput in MB/s." } }, "type": "object", "required": [ "aggregateDiskProvisionedIops", "aggregateDiskSizeGb", "lastResizeTimestamp", "maxAggregateDiskSizeGb", "numberOfDisks", "usedBytes", "usedReducedBytes", "usedThroughput" ] }, "google-native:compute/alpha:SubnetworkAggregationInterval": { "description": "Can only be specified if VPC flow logging for this subnetwork is enabled. Sets the aggregation interval for collecting flow logs. Increasing the interval time reduces the amount of generated flow logs for long-lasting connections. Default is an interval of 5 seconds per connection. Valid values: INTERVAL_5_SEC, INTERVAL_30_SEC, INTERVAL_1_MIN, INTERVAL_5_MIN, INTERVAL_10_MIN, INTERVAL_15_MIN.", "type": "string", "enum": [ { "name": "Interval10Min", "value": "INTERVAL_10_MIN" }, { "name": "Interval15Min", "value": "INTERVAL_15_MIN" }, { "name": "Interval1Min", "value": "INTERVAL_1_MIN" }, { "name": "Interval30Sec", "value": "INTERVAL_30_SEC" }, { "name": "Interval5Min", "value": "INTERVAL_5_MIN" }, { "name": "Interval5Sec", "value": "INTERVAL_5_SEC" } ] }, "google-native:compute/alpha:SubnetworkIpv6AccessType": { "description": "The access type of IPv6 address this subnet holds. It's immutable and can only be specified during creation or the first time the subnet is updated into IPV4_IPV6 dual stack.", "type": "string", "enum": [ { "name": "External", "description": "VMs on this subnet will be assigned IPv6 addresses that are accessible via the Internet, as well as the VPC network.", "value": "EXTERNAL" }, { "name": "Internal", "description": "VMs on this subnet will be assigned IPv6 addresses that are only accessible over the VPC network.", "value": "INTERNAL" } ] }, "google-native:compute/alpha:SubnetworkLogConfig": { "description": "The available logging options for this subnetwork.", "properties": { "aggregationInterval": { "$ref": "#/types/google-native:compute%2Falpha:SubnetworkLogConfigAggregationInterval", "description": "Can only be specified if VPC flow logging for this subnetwork is enabled. Toggles the aggregation interval for collecting flow logs. Increasing the interval time will reduce the amount of generated flow logs for long lasting connections. Default is an interval of 5 seconds per connection." }, "enable": { "type": "boolean", "description": "Whether to enable flow logging for this subnetwork. If this field is not explicitly set, it will not appear in get listings. If not set the default behavior is determined by the org policy, if there is no org policy specified, then it will default to disabled. Flow logging isn't supported if the subnet purpose field is set to REGIONAL_MANAGED_PROXY." }, "filterExpr": { "type": "string", "description": "Can only be specified if VPC flow logs for this subnetwork is enabled. The filter expression is used to define which VPC flow logs should be exported to Cloud Logging." }, "flowSampling": { "type": "number", "description": "Can only be specified if VPC flow logging for this subnetwork is enabled. The value of the field must be in [0, 1]. Set the sampling rate of VPC flow logs within the subnetwork where 1.0 means all collected logs are reported and 0.0 means no logs are reported. Default is 0.5 unless otherwise specified by the org policy, which means half of all collected logs are reported." }, "metadata": { "$ref": "#/types/google-native:compute%2Falpha:SubnetworkLogConfigMetadata", "description": "Can only be specified if VPC flow logs for this subnetwork is enabled. Configures whether all, none or a subset of metadata fields should be added to the reported VPC flow logs. Default is EXCLUDE_ALL_METADATA." }, "metadataFields": { "type": "array", "items": { "type": "string" }, "description": "Can only be specified if VPC flow logs for this subnetwork is enabled and \"metadata\" was set to CUSTOM_METADATA." } }, "type": "object" }, "google-native:compute/alpha:SubnetworkLogConfigAggregationInterval": { "description": "Can only be specified if VPC flow logging for this subnetwork is enabled. Toggles the aggregation interval for collecting flow logs. Increasing the interval time will reduce the amount of generated flow logs for long lasting connections. Default is an interval of 5 seconds per connection.", "type": "string", "enum": [ { "name": "Interval10Min", "value": "INTERVAL_10_MIN" }, { "name": "Interval15Min", "value": "INTERVAL_15_MIN" }, { "name": "Interval1Min", "value": "INTERVAL_1_MIN" }, { "name": "Interval30Sec", "value": "INTERVAL_30_SEC" }, { "name": "Interval5Min", "value": "INTERVAL_5_MIN" }, { "name": "Interval5Sec", "value": "INTERVAL_5_SEC" } ] }, "google-native:compute/alpha:SubnetworkLogConfigMetadata": { "description": "Can only be specified if VPC flow logs for this subnetwork is enabled. Configures whether all, none or a subset of metadata fields should be added to the reported VPC flow logs. Default is EXCLUDE_ALL_METADATA.", "type": "string", "enum": [ { "name": "CustomMetadata", "value": "CUSTOM_METADATA" }, { "name": "ExcludeAllMetadata", "value": "EXCLUDE_ALL_METADATA" }, { "name": "IncludeAllMetadata", "value": "INCLUDE_ALL_METADATA" } ] }, "google-native:compute/alpha:SubnetworkLogConfigResponse": { "description": "The available logging options for this subnetwork.", "properties": { "aggregationInterval": { "type": "string", "description": "Can only be specified if VPC flow logging for this subnetwork is enabled. Toggles the aggregation interval for collecting flow logs. Increasing the interval time will reduce the amount of generated flow logs for long lasting connections. Default is an interval of 5 seconds per connection." }, "enable": { "type": "boolean", "description": "Whether to enable flow logging for this subnetwork. If this field is not explicitly set, it will not appear in get listings. If not set the default behavior is determined by the org policy, if there is no org policy specified, then it will default to disabled. Flow logging isn't supported if the subnet purpose field is set to REGIONAL_MANAGED_PROXY." }, "filterExpr": { "type": "string", "description": "Can only be specified if VPC flow logs for this subnetwork is enabled. The filter expression is used to define which VPC flow logs should be exported to Cloud Logging." }, "flowSampling": { "type": "number", "description": "Can only be specified if VPC flow logging for this subnetwork is enabled. The value of the field must be in [0, 1]. Set the sampling rate of VPC flow logs within the subnetwork where 1.0 means all collected logs are reported and 0.0 means no logs are reported. Default is 0.5 unless otherwise specified by the org policy, which means half of all collected logs are reported." }, "metadata": { "type": "string", "description": "Can only be specified if VPC flow logs for this subnetwork is enabled. Configures whether all, none or a subset of metadata fields should be added to the reported VPC flow logs. Default is EXCLUDE_ALL_METADATA." }, "metadataFields": { "type": "array", "items": { "type": "string" }, "description": "Can only be specified if VPC flow logs for this subnetwork is enabled and \"metadata\" was set to CUSTOM_METADATA." } }, "type": "object", "required": [ "aggregationInterval", "enable", "filterExpr", "flowSampling", "metadata", "metadataFields" ] }, "google-native:compute/alpha:SubnetworkMetadata": { "description": "Can only be specified if VPC flow logging for this subnetwork is enabled. Configures whether metadata fields should be added to the reported VPC flow logs. Options are INCLUDE_ALL_METADATA, EXCLUDE_ALL_METADATA, and CUSTOM_METADATA. Default is EXCLUDE_ALL_METADATA.", "type": "string", "enum": [ { "name": "ExcludeAllMetadata", "value": "EXCLUDE_ALL_METADATA" }, { "name": "IncludeAllMetadata", "value": "INCLUDE_ALL_METADATA" } ] }, "google-native:compute/alpha:SubnetworkPrivateIpv6GoogleAccess": { "description": "This field is for internal use. This field can be both set at resource creation time and updated using patch.", "type": "string", "enum": [ { "name": "DisableGoogleAccess", "description": "Disable private IPv6 access to/from Google services.", "value": "DISABLE_GOOGLE_ACCESS" }, { "name": "EnableBidirectionalAccessToGoogle", "description": "Bidirectional private IPv6 access to/from Google services.", "value": "ENABLE_BIDIRECTIONAL_ACCESS_TO_GOOGLE" }, { "name": "EnableOutboundVmAccessToGoogle", "description": "Outbound private IPv6 access from VMs in this subnet to Google services.", "value": "ENABLE_OUTBOUND_VM_ACCESS_TO_GOOGLE" } ] }, "google-native:compute/alpha:SubnetworkPurpose": { "description": "The purpose of the resource. This field can be either PRIVATE, REGIONAL_MANAGED_PROXY, PRIVATE_SERVICE_CONNECT, or INTERNAL_HTTPS_LOAD_BALANCER. PRIVATE is the default purpose for user-created subnets or subnets that are automatically created in auto mode networks. A subnet with purpose set to REGIONAL_MANAGED_PROXY is a user-created subnetwork that is reserved for regional Envoy-based load balancers. A subnet with purpose set to PRIVATE_SERVICE_CONNECT is used to publish services using Private Service Connect. A subnet with purpose set to INTERNAL_HTTPS_LOAD_BALANCER is a proxy-only subnet that can be used only by regional internal HTTP(S) load balancers. Note that REGIONAL_MANAGED_PROXY is the preferred setting for all regional Envoy load balancers. If unspecified, the subnet purpose defaults to PRIVATE. The enableFlowLogs field isn't supported if the subnet purpose field is set to REGIONAL_MANAGED_PROXY.", "type": "string", "enum": [ { "name": "Aggregate", "description": "Subnetwork used to aggregate multiple private subnetworks.", "value": "AGGREGATE" }, { "name": "CloudExtension", "description": "Subnetworks created for Cloud Extension Machines.", "value": "CLOUD_EXTENSION" }, { "name": "GlobalManagedProxy", "description": "Subnet reserved for Global Envoy-based Load Balancing.", "value": "GLOBAL_MANAGED_PROXY" }, { "name": "InternalHttpsLoadBalancer", "description": "Subnet reserved for Internal HTTP(S) Load Balancing.", "value": "INTERNAL_HTTPS_LOAD_BALANCER" }, { "name": "Private", "description": "Regular user created or automatically created subnet.", "value": "PRIVATE" }, { "name": "PrivateNat", "description": "Subnetwork used as source range for Private NAT Gateways.", "value": "PRIVATE_NAT" }, { "name": "PrivateRfc1918", "description": "Regular user created or automatically created subnet.", "value": "PRIVATE_RFC_1918" }, { "name": "PrivateServiceConnect", "description": "Subnetworks created for Private Service Connect in the producer network.", "value": "PRIVATE_SERVICE_CONNECT" }, { "name": "RegionalManagedProxy", "description": "Subnetwork used for Regional Envoy-based Load Balancing.", "value": "REGIONAL_MANAGED_PROXY" } ] }, "google-native:compute/alpha:SubnetworkRole": { "description": "The role of subnetwork. Currently, this field is only used when purpose = REGIONAL_MANAGED_PROXY. The value can be set to ACTIVE or BACKUP. An ACTIVE subnetwork is one that is currently being used for Envoy-based load balancers in a region. A BACKUP subnetwork is one that is ready to be promoted to ACTIVE or is currently draining. This field can be updated with a patch request.", "type": "string", "enum": [ { "name": "Active", "description": "The ACTIVE subnet that is currently used.", "value": "ACTIVE" }, { "name": "Backup", "description": "The BACKUP subnet that could be promoted to ACTIVE.", "value": "BACKUP" } ] }, "google-native:compute/alpha:SubnetworkSecondaryRange": { "description": "Represents a secondary IP range of a subnetwork.", "properties": { "ipCidrRange": { "type": "string", "description": "The range of IP addresses belonging to this subnetwork secondary range. Provide this property when you create the subnetwork. Ranges must be unique and non-overlapping with all primary and secondary IP ranges within a network. Only IPv4 is supported. The range can be any range listed in the Valid ranges list." }, "rangeName": { "type": "string", "description": "The name associated with this subnetwork secondary range, used when adding an alias IP range to a VM instance. The name must be 1-63 characters long, and comply with RFC1035. The name must be unique within the subnetwork." }, "reservedInternalRange": { "type": "string", "description": "The URL of the reserved internal range." } }, "type": "object" }, "google-native:compute/alpha:SubnetworkSecondaryRangeResponse": { "description": "Represents a secondary IP range of a subnetwork.", "properties": { "ipCidrRange": { "type": "string", "description": "The range of IP addresses belonging to this subnetwork secondary range. Provide this property when you create the subnetwork. Ranges must be unique and non-overlapping with all primary and secondary IP ranges within a network. Only IPv4 is supported. The range can be any range listed in the Valid ranges list." }, "rangeName": { "type": "string", "description": "The name associated with this subnetwork secondary range, used when adding an alias IP range to a VM instance. The name must be 1-63 characters long, and comply with RFC1035. The name must be unique within the subnetwork." }, "reservedInternalRange": { "type": "string", "description": "The URL of the reserved internal range." } }, "type": "object", "required": [ "ipCidrRange", "rangeName", "reservedInternalRange" ] }, "google-native:compute/alpha:SubnetworkStackType": { "description": "The stack type for the subnet. If set to IPV4_ONLY, new VMs in the subnet are assigned IPv4 addresses only. If set to IPV4_IPV6, new VMs in the subnet can be assigned both IPv4 and IPv6 addresses. If not specified, IPV4_ONLY is used. This field can be both set at resource creation time and updated using patch.", "type": "string", "enum": [ { "name": "Ipv4Ipv6", "description": "New VMs in this subnet can have both IPv4 and IPv6 addresses.", "value": "IPV4_IPV6" }, { "name": "Ipv4Only", "description": "New VMs in this subnet will only be assigned IPv4 addresses.", "value": "IPV4_ONLY" }, { "name": "Ipv6Only", "description": "New VMs in this subnet will only be assigned IPv6 addresses.", "value": "IPV6_ONLY" } ] }, "google-native:compute/alpha:Subsetting": { "description": "Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.", "properties": { "policy": { "$ref": "#/types/google-native:compute%2Falpha:SubsettingPolicy" }, "subsetSize": { "type": "integer", "description": "The number of backends per backend group assigned to each proxy instance or each service mesh client. An input parameter to the `CONSISTENT_HASH_SUBSETTING` algorithm. Can only be set if `policy` is set to `CONSISTENT_HASH_SUBSETTING`. Can only be set if load balancing scheme is `INTERNAL_MANAGED` or `INTERNAL_SELF_MANAGED`. `subset_size` is optional for Internal HTTP(S) load balancing and required for Traffic Director. If you do not provide this value, Cloud Load Balancing will calculate it dynamically to optimize the number of proxies/clients visible to each backend and vice versa. Must be greater than 0. If `subset_size` is larger than the number of backends/endpoints, then subsetting is disabled." } }, "type": "object" }, "google-native:compute/alpha:SubsettingPolicy": { "type": "string", "enum": [ { "name": "ConsistentHashSubsetting", "description": "Subsetting based on consistent hashing. For Traffic Director, the number of backends per backend group (the subset size) is based on the `subset_size` parameter. For Internal HTTP(S) load balancing, the number of backends per backend group (the subset size) is dynamically adjusted in two cases: - As the number of proxy instances participating in Internal HTTP(S) load balancing increases, the subset size decreases. - When the total number of backends in a network exceeds the capacity of a single proxy instance, subset sizes are reduced automatically for each service that has backend subsetting enabled.", "value": "CONSISTENT_HASH_SUBSETTING" }, { "name": "None", "description": "No Subsetting. Clients may open connections and send traffic to all backends of this backend service. This can lead to performance issues if there is substantial imbalance in the count of clients and backends.", "value": "NONE" } ] }, "google-native:compute/alpha:SubsettingResponse": { "description": "Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.", "properties": { "policy": { "type": "string" }, "subsetSize": { "type": "integer", "description": "The number of backends per backend group assigned to each proxy instance or each service mesh client. An input parameter to the `CONSISTENT_HASH_SUBSETTING` algorithm. Can only be set if `policy` is set to `CONSISTENT_HASH_SUBSETTING`. Can only be set if load balancing scheme is `INTERNAL_MANAGED` or `INTERNAL_SELF_MANAGED`. `subset_size` is optional for Internal HTTP(S) load balancing and required for Traffic Director. If you do not provide this value, Cloud Load Balancing will calculate it dynamically to optimize the number of proxies/clients visible to each backend and vice versa. Must be greater than 0. If `subset_size` is larger than the number of backends/endpoints, then subsetting is disabled." } }, "type": "object", "required": [ "policy", "subsetSize" ] }, "google-native:compute/alpha:TCPHealthCheck": { "properties": { "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. The default value is 80. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "$ref": "#/types/google-native:compute%2Falpha:TCPHealthCheckPortSpecification", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." }, "proxyHeader": { "$ref": "#/types/google-native:compute%2Falpha:TCPHealthCheckProxyHeader", "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE." }, "request": { "type": "string", "description": "Instructs the health check prober to send this exact ASCII string, up to 1024 bytes in length, after establishing the TCP connection." }, "response": { "type": "string", "description": "Creates a content-based TCP health check. In addition to establishing a TCP connection, you can configure the health check to pass only when the backend sends this exact response ASCII string, up to 1024 bytes in length. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#criteria-protocol-ssl-tcp" } }, "type": "object" }, "google-native:compute/alpha:TCPHealthCheckPortSpecification": { "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports.", "type": "string", "enum": [ { "name": "UseFixedPort", "description": "The port number in the health check's port is used for health checking. Applies to network endpoint group and instance group backends.", "value": "USE_FIXED_PORT" }, { "name": "UseNamedPort", "description": "Not supported.", "value": "USE_NAMED_PORT" }, { "name": "UseServingPort", "description": "For network endpoint group backends, the health check uses the port number specified on each endpoint in the network endpoint group. For instance group backends, the health check uses the port number specified for the backend service's named port defined in the instance group's named ports.", "value": "USE_SERVING_PORT" } ] }, "google-native:compute/alpha:TCPHealthCheckProxyHeader": { "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.", "type": "string", "enum": [ { "name": "None", "value": "NONE" }, { "name": "ProxyV1", "value": "PROXY_V1" } ] }, "google-native:compute/alpha:TCPHealthCheckResponse": { "properties": { "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. The default value is 80. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "type": "string", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." }, "proxyHeader": { "type": "string", "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE." }, "request": { "type": "string", "description": "Instructs the health check prober to send this exact ASCII string, up to 1024 bytes in length, after establishing the TCP connection." }, "response": { "type": "string", "description": "Creates a content-based TCP health check. In addition to establishing a TCP connection, you can configure the health check to pass only when the backend sends this exact response ASCII string, up to 1024 bytes in length. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#criteria-protocol-ssl-tcp" } }, "type": "object", "required": [ "port", "portName", "portSpecification", "proxyHeader", "request", "response" ] }, "google-native:compute/alpha:Tags": { "description": "A set of instance tags.", "properties": { "items": { "type": "array", "items": { "type": "string" }, "description": "An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035." } }, "type": "object" }, "google-native:compute/alpha:TagsResponse": { "description": "A set of instance tags.", "properties": { "fingerprint": { "type": "string", "description": "Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance." }, "items": { "type": "array", "items": { "type": "string" }, "description": "An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035." } }, "type": "object", "required": [ "fingerprint", "items" ] }, "google-native:compute/alpha:TargetHttpsProxyQuicOverride": { "description": "Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE. - When quic-override is set to NONE, Google manages whether QUIC is used. - When quic-override is set to ENABLE, the load balancer uses QUIC when possible. - When quic-override is set to DISABLE, the load balancer doesn't use QUIC. - If the quic-override flag is not specified, NONE is implied. ", "type": "string", "enum": [ { "name": "Disable", "description": "The load balancer will not attempt to negotiate QUIC with clients.", "value": "DISABLE" }, { "name": "Enable", "description": "The load balancer will attempt to negotiate QUIC with clients.", "value": "ENABLE" }, { "name": "None", "description": "No overrides to the default QUIC policy. This option is implicit if no QUIC override has been specified in the request.", "value": "NONE" } ] }, "google-native:compute/alpha:TargetInstanceNatPolicy": { "description": "Must have a value of NO_NAT. Protocol forwarding delivers packets while preserving the destination IP address of the forwarding rule referencing the target instance.", "type": "string", "enum": [ { "name": "NoNat", "description": "No NAT performed.", "value": "NO_NAT" } ] }, "google-native:compute/alpha:TargetPoolSessionAffinity": { "description": "Session affinity option, must be one of the following values: NONE: Connections from the same client IP may go to any instance in the pool. CLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy. CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.", "type": "string", "enum": [ { "name": "ClientIp", "description": "2-tuple hash on packet's source and destination IP addresses. Connections from the same source IP address to the same destination IP address will be served by the same backend VM while that VM remains healthy.", "value": "CLIENT_IP" }, { "name": "ClientIpNoDestination", "description": "1-tuple hash only on packet's source IP address. Connections from the same source IP address will be served by the same backend VM while that VM remains healthy. This option can only be used for Internal TCP/UDP Load Balancing.", "value": "CLIENT_IP_NO_DESTINATION" }, { "name": "ClientIpPortProto", "description": "5-tuple hash on packet's source and destination IP addresses, IP protocol, and source and destination ports. Connections for the same IP protocol from the same source IP address and port to the same destination IP address and port will be served by the same backend VM while that VM remains healthy. This option cannot be used for HTTP(S) load balancing.", "value": "CLIENT_IP_PORT_PROTO" }, { "name": "ClientIpProto", "description": "3-tuple hash on packet's source and destination IP addresses, and IP protocol. Connections for the same IP protocol from the same source IP address to the same destination IP address will be served by the same backend VM while that VM remains healthy. This option cannot be used for HTTP(S) load balancing.", "value": "CLIENT_IP_PROTO" }, { "name": "GeneratedCookie", "description": "Hash based on a cookie generated by the L7 loadbalancer. Only valid for HTTP(S) load balancing.", "value": "GENERATED_COOKIE" }, { "name": "HeaderField", "description": "The hash is based on a user specified header field.", "value": "HEADER_FIELD" }, { "name": "HttpCookie", "description": "The hash is based on a user provided cookie.", "value": "HTTP_COOKIE" }, { "name": "None", "description": "No session affinity. Connections from the same client IP may go to any instance in the pool.", "value": "NONE" } ] }, "google-native:compute/alpha:TargetSslProxyProxyHeader": { "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.", "type": "string", "enum": [ { "name": "None", "value": "NONE" }, { "name": "ProxyV1", "value": "PROXY_V1" } ] }, "google-native:compute/alpha:TargetTcpProxyProxyHeader": { "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.", "type": "string", "enum": [ { "name": "None", "value": "NONE" }, { "name": "ProxyV1", "value": "PROXY_V1" } ] }, "google-native:compute/alpha:TlsCertificateContext": { "description": "[Deprecated] Defines the mechanism to obtain the client or server certificate. Defines the mechanism to obtain the client or server certificate.", "properties": { "certificatePaths": { "$ref": "#/types/google-native:compute%2Falpha:TlsCertificatePaths", "description": "Specifies the certificate and private key paths. This field is applicable only if tlsCertificateSource is set to USE_PATH." }, "certificateSource": { "$ref": "#/types/google-native:compute%2Falpha:TlsCertificateContextCertificateSource", "description": "Defines how TLS certificates are obtained." }, "sdsConfig": { "$ref": "#/types/google-native:compute%2Falpha:SdsConfig", "description": "Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS." } }, "type": "object" }, "google-native:compute/alpha:TlsCertificateContextCertificateSource": { "description": "Defines how TLS certificates are obtained.", "type": "string", "enum": [ { "name": "Invalid", "value": "INVALID" }, { "name": "UsePath", "description": "USE_PATH specifies that the certificates and private key are obtained from a locally mounted filesystem path.", "value": "USE_PATH" }, { "name": "UseSds", "description": "USE_SDS specifies that the certificates and private key are obtained from a SDS server.", "value": "USE_SDS" } ] }, "google-native:compute/alpha:TlsCertificateContextResponse": { "description": "[Deprecated] Defines the mechanism to obtain the client or server certificate. Defines the mechanism to obtain the client or server certificate.", "properties": { "certificatePaths": { "$ref": "#/types/google-native:compute%2Falpha:TlsCertificatePathsResponse", "description": "Specifies the certificate and private key paths. This field is applicable only if tlsCertificateSource is set to USE_PATH." }, "certificateSource": { "type": "string", "description": "Defines how TLS certificates are obtained." }, "sdsConfig": { "$ref": "#/types/google-native:compute%2Falpha:SdsConfigResponse", "description": "Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS." } }, "type": "object", "required": [ "certificatePaths", "certificateSource", "sdsConfig" ] }, "google-native:compute/alpha:TlsCertificatePaths": { "description": "[Deprecated] The paths to the mounted TLS Certificates and private key. The paths to the mounted TLS Certificates and private key.", "properties": { "certificatePath": { "type": "string", "description": "The path to the file holding the client or server TLS certificate to use." }, "privateKeyPath": { "type": "string", "description": "The path to the file holding the client or server private key." } }, "type": "object" }, "google-native:compute/alpha:TlsCertificatePathsResponse": { "description": "[Deprecated] The paths to the mounted TLS Certificates and private key. The paths to the mounted TLS Certificates and private key.", "properties": { "certificatePath": { "type": "string", "description": "The path to the file holding the client or server TLS certificate to use." }, "privateKeyPath": { "type": "string", "description": "The path to the file holding the client or server private key." } }, "type": "object", "required": [ "certificatePath", "privateKeyPath" ] }, "google-native:compute/alpha:TlsContext": { "description": "[Deprecated] The TLS settings for the client or server. The TLS settings for the client or server.", "properties": { "certificateContext": { "$ref": "#/types/google-native:compute%2Falpha:TlsCertificateContext", "description": "Defines the mechanism to obtain the client or server certificate." }, "validationContext": { "$ref": "#/types/google-native:compute%2Falpha:TlsValidationContext", "description": "Defines the mechanism to obtain the Certificate Authority certificate to validate the client/server certificate. If omitted, the proxy will not validate the server or client certificate." } }, "type": "object" }, "google-native:compute/alpha:TlsContextResponse": { "description": "[Deprecated] The TLS settings for the client or server. The TLS settings for the client or server.", "properties": { "certificateContext": { "$ref": "#/types/google-native:compute%2Falpha:TlsCertificateContextResponse", "description": "Defines the mechanism to obtain the client or server certificate." }, "validationContext": { "$ref": "#/types/google-native:compute%2Falpha:TlsValidationContextResponse", "description": "Defines the mechanism to obtain the Certificate Authority certificate to validate the client/server certificate. If omitted, the proxy will not validate the server or client certificate." } }, "type": "object", "required": [ "certificateContext", "validationContext" ] }, "google-native:compute/alpha:TlsValidationContext": { "description": "[Deprecated] Defines the mechanism to obtain the Certificate Authority certificate to validate the client/server certificate. validate the client/server certificate.", "properties": { "certificatePath": { "type": "string", "description": "The path to the file holding the CA certificate to validate the client or server certificate." }, "sdsConfig": { "$ref": "#/types/google-native:compute%2Falpha:SdsConfig", "description": "Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS." }, "validationSource": { "$ref": "#/types/google-native:compute%2Falpha:TlsValidationContextValidationSource", "description": "Defines how TLS certificates are obtained." } }, "type": "object" }, "google-native:compute/alpha:TlsValidationContextResponse": { "description": "[Deprecated] Defines the mechanism to obtain the Certificate Authority certificate to validate the client/server certificate. validate the client/server certificate.", "properties": { "certificatePath": { "type": "string", "description": "The path to the file holding the CA certificate to validate the client or server certificate." }, "sdsConfig": { "$ref": "#/types/google-native:compute%2Falpha:SdsConfigResponse", "description": "Specifies the config to retrieve certificates through SDS. This field is applicable only if tlsCertificateSource is set to USE_SDS." }, "validationSource": { "type": "string", "description": "Defines how TLS certificates are obtained." } }, "type": "object", "required": [ "certificatePath", "sdsConfig", "validationSource" ] }, "google-native:compute/alpha:TlsValidationContextValidationSource": { "description": "Defines how TLS certificates are obtained.", "type": "string", "enum": [ { "name": "Invalid", "value": "INVALID" }, { "name": "UsePath", "description": "USE_PATH specifies that the certificates and private key are obtained from a locally mounted filesystem path.", "value": "USE_PATH" }, { "name": "UseSds", "description": "USE_SDS specifies that the certificates and private key are obtained from a SDS server.", "value": "USE_SDS" } ] }, "google-native:compute/alpha:UDPHealthCheck": { "properties": { "port": { "type": "integer", "description": "The UDP port number to which the health check prober sends packets. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "request": { "type": "string", "description": "Raw data of request to send in payload of UDP packet. It is an error if this is empty. The request data can only be ASCII." }, "response": { "type": "string", "description": "The bytes to match against the beginning of the response data. It is an error if this is empty. The response data can only be ASCII." } }, "type": "object" }, "google-native:compute/alpha:UDPHealthCheckResponse": { "properties": { "port": { "type": "integer", "description": "The UDP port number to which the health check prober sends packets. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "request": { "type": "string", "description": "Raw data of request to send in payload of UDP packet. It is an error if this is empty. The request data can only be ASCII." }, "response": { "type": "string", "description": "The bytes to match against the beginning of the response data. It is an error if this is empty. The response data can only be ASCII." } }, "type": "object", "required": [ "port", "portName", "request", "response" ] }, "google-native:compute/alpha:Uint128Response": { "properties": { "high": { "type": "string" }, "low": { "type": "string" } }, "type": "object", "required": [ "high", "low" ] }, "google-native:compute/alpha:UpcomingMaintenanceResponse": { "description": "Upcoming Maintenance notification information.", "properties": { "canReschedule": { "type": "boolean", "description": "Indicates if the maintenance can be customer triggered." }, "date": { "type": "string", "description": "The date when the maintenance will take place. This value is in RFC3339 text format. DEPRECATED: Use window_start_time instead.", "deprecationMessage": "[Output Only] The date when the maintenance will take place. This value is in RFC3339 text format. DEPRECATED: Use window_start_time instead." }, "latestWindowStartTime": { "type": "string", "description": "The latest time for the planned maintenance window to start. This timestamp value is in RFC3339 text format." }, "maintenanceStatus": { "type": "string" }, "startTimeWindow": { "$ref": "#/types/google-native:compute%2Falpha:UpcomingMaintenanceTimeWindowResponse", "description": "The start time window of the maintenance disruption. DEPRECATED: Use window_start_time instead. TimeWindow is a container for two strings that represent timestamps in \"yyyy-MM-dd'T'HH:mm:ssZ\" text format.", "deprecationMessage": "[Output Only] The start time window of the maintenance disruption. DEPRECATED: Use window_start_time instead. TimeWindow is a container for two strings that represent timestamps in \"yyyy-MM-dd'T'HH:mm:ssZ\" text format." }, "time": { "type": "string", "description": "The time when the maintenance will take place. This value is in RFC3339 text format. DEPRECATED: Use window_start_time instead.", "deprecationMessage": "[Output Only] The time when the maintenance will take place. This value is in RFC3339 text format. DEPRECATED: Use window_start_time instead." }, "type": { "type": "string", "description": "Defines the type of maintenance." }, "windowEndTime": { "type": "string", "description": "The time by which the maintenance disruption will be completed. This timestamp value is in RFC3339 text format." }, "windowStartTime": { "type": "string", "description": "The current start time of the maintenance window. This timestamp value is in RFC3339 text format." } }, "type": "object", "required": [ "canReschedule", "date", "latestWindowStartTime", "maintenanceStatus", "startTimeWindow", "time", "type", "windowEndTime", "windowStartTime" ] }, "google-native:compute/alpha:UpcomingMaintenanceTimeWindowResponse": { "description": "Represents a window of time using two timestamps: `earliest` and `latest`.", "properties": { "earliest": { "type": "string" }, "latest": { "type": "string" } }, "type": "object", "required": [ "earliest", "latest" ] }, "google-native:compute/alpha:UrlMapTest": { "description": "Message for the expected URL mappings.", "properties": { "backendServiceWeight": { "type": "integer", "description": "The weight to use for the supplied host and path when using advanced routing rules that involve traffic splitting." }, "description": { "type": "string", "description": "Description of this test case." }, "expectedOutputUrl": { "type": "string", "description": "The expected output URL evaluated by the load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by the load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to HTTPS. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified." }, "expectedRedirectResponseCode": { "type": "integer", "description": "For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set." }, "expectedUrlRedirect": { "type": "string", "description": "The expected URL that should be redirected to for the host and path being tested. [Deprecated] This field is deprecated. Use expected_output_url instead.", "deprecationMessage": "The expected URL that should be redirected to for the host and path being tested. [Deprecated] This field is deprecated. Use expected_output_url instead." }, "headers": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:UrlMapTestHeader" }, "description": "HTTP headers for this request. If headers contains a host header, then host must also match the header value." }, "host": { "type": "string", "description": "Host portion of the URL. If headers contains a host header, then host must also match the header value." }, "path": { "type": "string", "description": "Path portion of the URL." }, "service": { "type": "string", "description": "Expected BackendService or BackendBucket resource the given URL should be mapped to. The service field cannot be set if expectedRedirectResponseCode is set." } }, "type": "object" }, "google-native:compute/alpha:UrlMapTestHeader": { "description": "HTTP headers used in UrlMapTests.", "properties": { "name": { "type": "string", "description": "Header name." }, "value": { "type": "string", "description": "Header value." } }, "type": "object" }, "google-native:compute/alpha:UrlMapTestHeaderResponse": { "description": "HTTP headers used in UrlMapTests.", "properties": { "name": { "type": "string", "description": "Header name." }, "value": { "type": "string", "description": "Header value." } }, "type": "object", "required": [ "name", "value" ] }, "google-native:compute/alpha:UrlMapTestResponse": { "description": "Message for the expected URL mappings.", "properties": { "backendServiceWeight": { "type": "integer", "description": "The weight to use for the supplied host and path when using advanced routing rules that involve traffic splitting." }, "description": { "type": "string", "description": "Description of this test case." }, "expectedOutputUrl": { "type": "string", "description": "The expected output URL evaluated by the load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by the load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to HTTPS. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified." }, "expectedRedirectResponseCode": { "type": "integer", "description": "For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set." }, "expectedUrlRedirect": { "type": "string", "description": "The expected URL that should be redirected to for the host and path being tested. [Deprecated] This field is deprecated. Use expected_output_url instead.", "deprecationMessage": "The expected URL that should be redirected to for the host and path being tested. [Deprecated] This field is deprecated. Use expected_output_url instead." }, "headers": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Falpha:UrlMapTestHeaderResponse" }, "description": "HTTP headers for this request. If headers contains a host header, then host must also match the header value." }, "host": { "type": "string", "description": "Host portion of the URL. If headers contains a host header, then host must also match the header value." }, "path": { "type": "string", "description": "Path portion of the URL." }, "service": { "type": "string", "description": "Expected BackendService or BackendBucket resource the given URL should be mapped to. The service field cannot be set if expectedRedirectResponseCode is set." } }, "type": "object", "required": [ "backendServiceWeight", "description", "expectedOutputUrl", "expectedRedirectResponseCode", "expectedUrlRedirect", "headers", "host", "path", "service" ] }, "google-native:compute/alpha:UrlRewrite": { "description": "The spec for modifying the path before sending the request to the matched backend service.", "properties": { "hostRewrite": { "type": "string", "description": "Before forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be from 1 to 255 characters." }, "pathPrefixRewrite": { "type": "string", "description": "Before forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be from 1 to 1024 characters." }, "pathTemplateRewrite": { "type": "string", "description": " If specified, the pattern rewrites the URL path (based on the :path header) using the HTTP template syntax. A corresponding path_template_match must be specified. Any template variables must exist in the path_template_match field. - -At least one variable must be specified in the path_template_match field - You can omit variables from the rewritten URL - The * and ** operators cannot be matched unless they have a corresponding variable name - e.g. {format=*} or {var=**}. For example, a path_template_match of /static/{format=**} could be rewritten as /static/content/{format} to prefix /content to the URL. Variables can also be re-ordered in a rewrite, so that /{country}/{format}/{suffix=**} can be rewritten as /content/{format}/{country}/{suffix}. At least one non-empty routeRules[].matchRules[].path_template_match is required. Only one of path_prefix_rewrite or path_template_rewrite may be specified." } }, "type": "object" }, "google-native:compute/alpha:UrlRewriteResponse": { "description": "The spec for modifying the path before sending the request to the matched backend service.", "properties": { "hostRewrite": { "type": "string", "description": "Before forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be from 1 to 255 characters." }, "pathPrefixRewrite": { "type": "string", "description": "Before forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be from 1 to 1024 characters." }, "pathTemplateRewrite": { "type": "string", "description": " If specified, the pattern rewrites the URL path (based on the :path header) using the HTTP template syntax. A corresponding path_template_match must be specified. Any template variables must exist in the path_template_match field. - -At least one variable must be specified in the path_template_match field - You can omit variables from the rewritten URL - The * and ** operators cannot be matched unless they have a corresponding variable name - e.g. {format=*} or {var=**}. For example, a path_template_match of /static/{format=**} could be rewritten as /static/content/{format} to prefix /content to the URL. Variables can also be re-ordered in a rewrite, so that /{country}/{format}/{suffix=**} can be rewritten as /content/{format}/{country}/{suffix}. At least one non-empty routeRules[].matchRules[].path_template_match is required. Only one of path_prefix_rewrite or path_template_rewrite may be specified." } }, "type": "object", "required": [ "hostRewrite", "pathPrefixRewrite", "pathTemplateRewrite" ] }, "google-native:compute/alpha:VpnGatewayGatewayIpVersion": { "description": "The IP family of the gateway IPs for the HA-VPN gateway interfaces. If not specified, IPV4 will be used.", "type": "string", "enum": [ { "name": "Ipv4", "description": "Every HA-VPN gateway interface is configured with an IPv4 address.", "value": "IPV4" }, { "name": "Ipv6", "description": "Every HA-VPN gateway interface is configured with an IPv6 address.", "value": "IPV6" } ] }, "google-native:compute/alpha:VpnGatewayStackType": { "description": "The stack type for this VPN gateway to identify the IP protocols that are enabled. Possible values are: IPV4_ONLY, IPV4_IPV6. If not specified, IPV4_ONLY will be used.", "type": "string", "enum": [ { "name": "Ipv4Ipv6", "description": "Enable VPN gateway with both IPv4 and IPv6 protocols.", "value": "IPV4_IPV6" }, { "name": "Ipv4Only", "description": "Enable VPN gateway with only IPv4 protocol.", "value": "IPV4_ONLY" }, { "name": "Ipv6Only", "description": "Enable VPN gateway with only IPv6 protocol.", "value": "IPV6_ONLY" } ] }, "google-native:compute/alpha:VpnGatewayVpnGatewayInterface": { "description": "A VPN gateway interface.", "properties": { "interconnectAttachment": { "type": "string", "description": "URL of the VLAN attachment (interconnectAttachment) resource for this VPN gateway interface. When the value of this field is present, the VPN gateway is used for HA VPN over Cloud Interconnect; all egress or ingress traffic for this VPN gateway interface goes through the specified VLAN attachment resource." } }, "type": "object" }, "google-native:compute/alpha:VpnGatewayVpnGatewayInterfaceResponse": { "description": "A VPN gateway interface.", "properties": { "interconnectAttachment": { "type": "string", "description": "URL of the VLAN attachment (interconnectAttachment) resource for this VPN gateway interface. When the value of this field is present, the VPN gateway is used for HA VPN over Cloud Interconnect; all egress or ingress traffic for this VPN gateway interface goes through the specified VLAN attachment resource." }, "ipAddress": { "type": "string", "description": "IP address for this VPN interface associated with the VPN gateway. The IP address could be either a regional external IP address or a regional internal IP address. The two IP addresses for a VPN gateway must be all regional external or regional internal IP addresses. There cannot be a mix of regional external IP addresses and regional internal IP addresses. For HA VPN over Cloud Interconnect, the IP addresses for both interfaces could either be regional internal IP addresses or regional external IP addresses. For regular (non HA VPN over Cloud Interconnect) HA VPN tunnels, the IP address must be a regional external IP address." }, "ipv6Address": { "type": "string", "description": "IPv6 address for this VPN interface associated with the VPN gateway. The IPv6 address must be a regional external IPv6 address. The format is RFC 5952 format (e.g. 2001:db8::2d9:51:0:0)." } }, "type": "object", "required": [ "interconnectAttachment", "ipAddress", "ipv6Address" ] }, "google-native:compute/alpha:WeightedBackendService": { "description": "In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple backend services. The volume of traffic for each backend service is proportional to the weight specified in each WeightedBackendService", "properties": { "backendService": { "type": "string", "description": "The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the load balancer applies any relevant headerActions specified as part of this backendServiceWeight." }, "headerAction": { "$ref": "#/types/google-native:compute%2Falpha:HttpHeaderAction", "description": "Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. headerAction is not supported for load balancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "weight": { "type": "integer", "description": "Specifies the fraction of traffic sent to a backend service, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backend service, subsequent requests are sent to the same backend service as determined by the backend service's session affinity policy. The value must be from 0 to 1000." } }, "type": "object" }, "google-native:compute/alpha:WeightedBackendServiceResponse": { "description": "In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple backend services. The volume of traffic for each backend service is proportional to the weight specified in each WeightedBackendService", "properties": { "backendService": { "type": "string", "description": "The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the load balancer applies any relevant headerActions specified as part of this backendServiceWeight." }, "headerAction": { "$ref": "#/types/google-native:compute%2Falpha:HttpHeaderActionResponse", "description": "Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. headerAction is not supported for load balancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "weight": { "type": "integer", "description": "Specifies the fraction of traffic sent to a backend service, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backend service, subsequent requests are sent to the same backend service as determined by the backend service's session affinity policy. The value must be from 0 to 1000." } }, "type": "object", "required": [ "backendService", "headerAction", "weight" ] }, "google-native:compute/beta:AWSV4Signature": { "description": "Contains the configurations necessary to generate a signature for access to private storage buckets that support Signature Version 4 for authentication. The service name for generating the authentication header will always default to 's3'.", "properties": { "accessKey": { "type": "string", "description": "The access key used for s3 bucket authentication. Required for updating or creating a backend that uses AWS v4 signature authentication, but will not be returned as part of the configuration when queried with a REST API GET request. @InputOnly" }, "accessKeyId": { "type": "string", "description": "The identifier of an access key used for s3 bucket authentication." }, "accessKeyVersion": { "type": "string", "description": "The optional version identifier for the access key. You can use this to keep track of different iterations of your access key." }, "originRegion": { "type": "string", "description": "The name of the cloud region of your origin. This is a free-form field with the name of the region your cloud uses to host your origin. For example, \"us-east-1\" for AWS or \"us-ashburn-1\" for OCI." } }, "type": "object" }, "google-native:compute/beta:AWSV4SignatureResponse": { "description": "Contains the configurations necessary to generate a signature for access to private storage buckets that support Signature Version 4 for authentication. The service name for generating the authentication header will always default to 's3'.", "properties": { "accessKey": { "type": "string", "description": "The access key used for s3 bucket authentication. Required for updating or creating a backend that uses AWS v4 signature authentication, but will not be returned as part of the configuration when queried with a REST API GET request. @InputOnly" }, "accessKeyId": { "type": "string", "description": "The identifier of an access key used for s3 bucket authentication." }, "accessKeyVersion": { "type": "string", "description": "The optional version identifier for the access key. You can use this to keep track of different iterations of your access key." }, "originRegion": { "type": "string", "description": "The name of the cloud region of your origin. This is a free-form field with the name of the region your cloud uses to host your origin. For example, \"us-east-1\" for AWS or \"us-ashburn-1\" for OCI." } }, "type": "object", "required": [ "accessKey", "accessKeyId", "accessKeyVersion", "originRegion" ] }, "google-native:compute/beta:AcceleratorConfig": { "description": "A specification of the type and number of accelerator cards attached to the instance.", "properties": { "acceleratorCount": { "type": "integer", "description": "The number of the guest accelerator cards exposed to this instance." }, "acceleratorType": { "type": "string", "description": "Full or partial URL of the accelerator type resource to attach to this instance. For example: projects/my-project/zones/us-central1-c/acceleratorTypes/nvidia-tesla-p100 If you are creating an instance template, specify only the accelerator name. See GPUs on Compute Engine for a full list of accelerator types." } }, "type": "object" }, "google-native:compute/beta:AcceleratorConfigResponse": { "description": "A specification of the type and number of accelerator cards attached to the instance.", "properties": { "acceleratorCount": { "type": "integer", "description": "The number of the guest accelerator cards exposed to this instance." }, "acceleratorType": { "type": "string", "description": "Full or partial URL of the accelerator type resource to attach to this instance. For example: projects/my-project/zones/us-central1-c/acceleratorTypes/nvidia-tesla-p100 If you are creating an instance template, specify only the accelerator name. See GPUs on Compute Engine for a full list of accelerator types." } }, "type": "object", "required": [ "acceleratorCount", "acceleratorType" ] }, "google-native:compute/beta:AccessConfig": { "description": "An access configuration attached to an instance's network interface. Only one access config per instance is supported.", "properties": { "externalIpv6": { "type": "string", "description": "Applies to ipv6AccessConfigs only. The first IPv6 address of the external IPv6 range associated with this instance, prefix length is stored in externalIpv6PrefixLength in ipv6AccessConfig. To use a static external IP address, it must be unused and in the same region as the instance's zone. If not specified, Google Cloud will automatically assign an external IPv6 address from the instance's subnetwork." }, "externalIpv6PrefixLength": { "type": "integer", "description": "Applies to ipv6AccessConfigs only. The prefix length of the external IPv6 range." }, "name": { "type": "string", "description": "The name of this access configuration. In accessConfigs (IPv4), the default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access. In ipv6AccessConfigs, the recommend name is External IPv6." }, "natIP": { "type": "string", "description": "Applies to accessConfigs (IPv4) only. An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance." }, "networkTier": { "$ref": "#/types/google-native:compute%2Fbeta:AccessConfigNetworkTier", "description": "This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP." }, "publicPtrDomainName": { "type": "string", "description": "The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range." }, "setPublicPtr": { "type": "boolean", "description": "Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated." }, "type": { "$ref": "#/types/google-native:compute%2Fbeta:AccessConfigType", "description": "The type of configuration. In accessConfigs (IPv4), the default and only option is ONE_TO_ONE_NAT. In ipv6AccessConfigs, the default and only option is DIRECT_IPV6." } }, "type": "object" }, "google-native:compute/beta:AccessConfigNetworkTier": { "description": "This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.", "type": "string", "enum": [ { "name": "FixedStandard", "description": "Public internet quality with fixed bandwidth.", "value": "FIXED_STANDARD" }, { "name": "Premium", "description": "High quality, Google-grade network tier, support for all networking products.", "value": "PREMIUM" }, { "name": "Standard", "description": "Public internet quality, only limited support for other networking products.", "value": "STANDARD" }, { "name": "StandardOverridesFixedStandard", "description": "(Output only) Temporary tier for FIXED_STANDARD when fixed standard tier is expired or not configured.", "value": "STANDARD_OVERRIDES_FIXED_STANDARD" } ] }, "google-native:compute/beta:AccessConfigResponse": { "description": "An access configuration attached to an instance's network interface. Only one access config per instance is supported.", "properties": { "externalIpv6": { "type": "string", "description": "Applies to ipv6AccessConfigs only. The first IPv6 address of the external IPv6 range associated with this instance, prefix length is stored in externalIpv6PrefixLength in ipv6AccessConfig. To use a static external IP address, it must be unused and in the same region as the instance's zone. If not specified, Google Cloud will automatically assign an external IPv6 address from the instance's subnetwork." }, "externalIpv6PrefixLength": { "type": "integer", "description": "Applies to ipv6AccessConfigs only. The prefix length of the external IPv6 range." }, "kind": { "type": "string", "description": "Type of the resource. Always compute#accessConfig for access configs." }, "name": { "type": "string", "description": "The name of this access configuration. In accessConfigs (IPv4), the default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access. In ipv6AccessConfigs, the recommend name is External IPv6." }, "natIP": { "type": "string", "description": "Applies to accessConfigs (IPv4) only. An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance." }, "networkTier": { "type": "string", "description": "This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP." }, "publicPtrDomainName": { "type": "string", "description": "The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range." }, "securityPolicy": { "type": "string", "description": "The resource URL for the security policy associated with this access config." }, "setPublicPtr": { "type": "boolean", "description": "Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated." }, "type": { "type": "string", "description": "The type of configuration. In accessConfigs (IPv4), the default and only option is ONE_TO_ONE_NAT. In ipv6AccessConfigs, the default and only option is DIRECT_IPV6." } }, "type": "object", "required": [ "externalIpv6", "externalIpv6PrefixLength", "kind", "name", "natIP", "networkTier", "publicPtrDomainName", "securityPolicy", "setPublicPtr", "type" ] }, "google-native:compute/beta:AccessConfigType": { "description": "The type of configuration. In accessConfigs (IPv4), the default and only option is ONE_TO_ONE_NAT. In ipv6AccessConfigs, the default and only option is DIRECT_IPV6.", "type": "string", "enum": [ { "name": "DirectIpv6", "value": "DIRECT_IPV6" }, { "name": "OneToOneNat", "value": "ONE_TO_ONE_NAT" } ] }, "google-native:compute/beta:AddressAddressType": { "description": "The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.", "type": "string", "enum": [ { "name": "External", "description": "A publicly visible external IP address.", "value": "EXTERNAL" }, { "name": "Internal", "description": "A private network IP address, for use with an Instance or Internal Load Balancer forwarding rule.", "value": "INTERNAL" }, { "name": "UnspecifiedType", "value": "UNSPECIFIED_TYPE" } ] }, "google-native:compute/beta:AddressIpVersion": { "description": "The IP version that will be used by this address. Valid options are IPV4 or IPV6.", "type": "string", "enum": [ { "name": "Ipv4", "value": "IPV4" }, { "name": "Ipv6", "value": "IPV6" }, { "name": "UnspecifiedVersion", "value": "UNSPECIFIED_VERSION" } ] }, "google-native:compute/beta:AddressIpv6EndpointType": { "description": "The endpoint type of this address, which should be VM or NETLB. This is used for deciding which type of endpoint this address can be used after the external IPv6 address reservation.", "type": "string", "enum": [ { "name": "Netlb", "description": "Reserved IPv6 address can be used on network load balancer.", "value": "NETLB" }, { "name": "Vm", "description": "Reserved IPv6 address can be used on VM.", "value": "VM" } ] }, "google-native:compute/beta:AddressNetworkTier": { "description": "This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Internal IP addresses are always Premium Tier; global external IP addresses are always Premium Tier; regional external IP addresses can be either Standard or Premium Tier. If this field is not specified, it is assumed to be PREMIUM.", "type": "string", "enum": [ { "name": "FixedStandard", "description": "Public internet quality with fixed bandwidth.", "value": "FIXED_STANDARD" }, { "name": "Premium", "description": "High quality, Google-grade network tier, support for all networking products.", "value": "PREMIUM" }, { "name": "Standard", "description": "Public internet quality, only limited support for other networking products.", "value": "STANDARD" }, { "name": "StandardOverridesFixedStandard", "description": "(Output only) Temporary tier for FIXED_STANDARD when fixed standard tier is expired or not configured.", "value": "STANDARD_OVERRIDES_FIXED_STANDARD" } ] }, "google-native:compute/beta:AddressPurpose": { "description": "The purpose of this resource, which can be one of the following values: - GCE_ENDPOINT for addresses that are used by VM instances, alias IP ranges, load balancers, and similar resources. - DNS_RESOLVER for a DNS resolver address in a subnetwork for a Cloud DNS inbound forwarder IP addresses (regional internal IP address in a subnet of a VPC network) - VPC_PEERING for global internal IP addresses used for private services access allocated ranges. - NAT_AUTO for the regional external IP addresses used by Cloud NAT when allocating addresses using automatic NAT IP address allocation. - IPSEC_INTERCONNECT for addresses created from a private IP range that are reserved for a VLAN attachment in an *HA VPN over Cloud Interconnect* configuration. These addresses are regional resources. - `SHARED_LOADBALANCER_VIP` for an internal IP address that is assigned to multiple internal forwarding rules. - `PRIVATE_SERVICE_CONNECT` for a private network address that is used to configure Private Service Connect. Only global internal addresses can use this purpose. ", "type": "string", "enum": [ { "name": "DnsResolver", "description": "DNS resolver address in the subnetwork.", "value": "DNS_RESOLVER" }, { "name": "GceEndpoint", "description": "VM internal/alias IP, Internal LB service IP, etc.", "value": "GCE_ENDPOINT" }, { "name": "IpsecInterconnect", "description": "A regional internal IP address range reserved for the VLAN attachment that is used in HA VPN over Cloud Interconnect. This regional internal IP address range must not overlap with any IP address range of subnet/route in the VPC network and its peering networks. After the VLAN attachment is created with the reserved IP address range, when creating a new VPN gateway, its interface IP address is allocated from the associated VLAN attachment’s IP address range.", "value": "IPSEC_INTERCONNECT" }, { "name": "NatAuto", "description": "External IP automatically reserved for Cloud NAT.", "value": "NAT_AUTO" }, { "name": "PrivateServiceConnect", "description": "A private network IP address that can be used to configure Private Service Connect. This purpose can be specified only for GLOBAL addresses of Type INTERNAL", "value": "PRIVATE_SERVICE_CONNECT" }, { "name": "Serverless", "description": "A regional internal IP address range reserved for Serverless.", "value": "SERVERLESS" }, { "name": "SharedLoadbalancerVip", "description": "A private network IP address that can be shared by multiple Internal Load Balancer forwarding rules.", "value": "SHARED_LOADBALANCER_VIP" }, { "name": "VpcPeering", "description": "IP range for peer networks.", "value": "VPC_PEERING" } ] }, "google-native:compute/beta:AdvancedMachineFeatures": { "description": "Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled).", "properties": { "enableNestedVirtualization": { "type": "boolean", "description": "Whether to enable nested virtualization or not (default is false)." }, "enableUefiNetworking": { "type": "boolean", "description": "Whether to enable UEFI networking for instance creation." }, "threadsPerCore": { "type": "integer", "description": "The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed." }, "visibleCoreCount": { "type": "integer", "description": "The number of physical cores to expose to an instance. Multiply by the number of threads per core to compute the total number of virtual CPUs to expose to the instance. If unset, the number of cores is inferred from the instance's nominal CPU count and the underlying platform's SMT width." } }, "type": "object" }, "google-native:compute/beta:AdvancedMachineFeaturesResponse": { "description": "Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled).", "properties": { "enableNestedVirtualization": { "type": "boolean", "description": "Whether to enable nested virtualization or not (default is false)." }, "enableUefiNetworking": { "type": "boolean", "description": "Whether to enable UEFI networking for instance creation." }, "threadsPerCore": { "type": "integer", "description": "The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed." }, "visibleCoreCount": { "type": "integer", "description": "The number of physical cores to expose to an instance. Multiply by the number of threads per core to compute the total number of virtual CPUs to expose to the instance. If unset, the number of cores is inferred from the instance's nominal CPU count and the underlying platform's SMT width." } }, "type": "object", "required": [ "enableNestedVirtualization", "enableUefiNetworking", "threadsPerCore", "visibleCoreCount" ] }, "google-native:compute/beta:AliasIpRange": { "description": "An alias IP range attached to an instance's network interface.", "properties": { "ipCidrRange": { "type": "string", "description": "The IP alias ranges to allocate for this interface. This IP CIDR range must belong to the specified subnetwork and cannot contain IP addresses reserved by system or used by other network interfaces. This range may be a single IP address (such as 10.2.3.4), a netmask (such as /24) or a CIDR-formatted string (such as 10.1.2.0/24)." }, "subnetworkRangeName": { "type": "string", "description": "The name of a subnetwork secondary IP range from which to allocate an IP alias range. If not specified, the primary range of the subnetwork is used." } }, "type": "object" }, "google-native:compute/beta:AliasIpRangeResponse": { "description": "An alias IP range attached to an instance's network interface.", "properties": { "ipCidrRange": { "type": "string", "description": "The IP alias ranges to allocate for this interface. This IP CIDR range must belong to the specified subnetwork and cannot contain IP addresses reserved by system or used by other network interfaces. This range may be a single IP address (such as 10.2.3.4), a netmask (such as /24) or a CIDR-formatted string (such as 10.1.2.0/24)." }, "subnetworkRangeName": { "type": "string", "description": "The name of a subnetwork secondary IP range from which to allocate an IP alias range. If not specified, the primary range of the subnetwork is used." } }, "type": "object", "required": [ "ipCidrRange", "subnetworkRangeName" ] }, "google-native:compute/beta:AllocationAggregateReservation": { "description": "This reservation type is specified by total resource amounts (e.g. total count of CPUs) and can account for multiple instance SKUs. In other words, one can create instances of varying shapes against this reservation.", "properties": { "reservedResources": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:AllocationAggregateReservationReservedResourceInfo" }, "description": "List of reserved resources (CPUs, memory, accelerators)." }, "vmFamily": { "$ref": "#/types/google-native:compute%2Fbeta:AllocationAggregateReservationVmFamily", "description": "The VM family that all instances scheduled against this reservation must belong to." }, "workloadType": { "$ref": "#/types/google-native:compute%2Fbeta:AllocationAggregateReservationWorkloadType", "description": "The workload type of the instances that will target this reservation." } }, "type": "object" }, "google-native:compute/beta:AllocationAggregateReservationReservedResourceInfo": { "properties": { "accelerator": { "$ref": "#/types/google-native:compute%2Fbeta:AllocationAggregateReservationReservedResourceInfoAccelerator", "description": "Properties of accelerator resources in this reservation." } }, "type": "object" }, "google-native:compute/beta:AllocationAggregateReservationReservedResourceInfoAccelerator": { "properties": { "acceleratorCount": { "type": "integer", "description": "Number of accelerators of specified type." }, "acceleratorType": { "type": "string", "description": "Full or partial URL to accelerator type. e.g. \"projects/{PROJECT}/zones/{ZONE}/acceleratorTypes/ct4l\"" } }, "type": "object" }, "google-native:compute/beta:AllocationAggregateReservationReservedResourceInfoAcceleratorResponse": { "properties": { "acceleratorCount": { "type": "integer", "description": "Number of accelerators of specified type." }, "acceleratorType": { "type": "string", "description": "Full or partial URL to accelerator type. e.g. \"projects/{PROJECT}/zones/{ZONE}/acceleratorTypes/ct4l\"" } }, "type": "object", "required": [ "acceleratorCount", "acceleratorType" ] }, "google-native:compute/beta:AllocationAggregateReservationReservedResourceInfoResponse": { "properties": { "accelerator": { "$ref": "#/types/google-native:compute%2Fbeta:AllocationAggregateReservationReservedResourceInfoAcceleratorResponse", "description": "Properties of accelerator resources in this reservation." } }, "type": "object", "required": [ "accelerator" ] }, "google-native:compute/beta:AllocationAggregateReservationResponse": { "description": "This reservation type is specified by total resource amounts (e.g. total count of CPUs) and can account for multiple instance SKUs. In other words, one can create instances of varying shapes against this reservation.", "properties": { "inUseResources": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:AllocationAggregateReservationReservedResourceInfoResponse" }, "description": "[Output only] List of resources currently in use." }, "reservedResources": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:AllocationAggregateReservationReservedResourceInfoResponse" }, "description": "List of reserved resources (CPUs, memory, accelerators)." }, "vmFamily": { "type": "string", "description": "The VM family that all instances scheduled against this reservation must belong to." }, "workloadType": { "type": "string", "description": "The workload type of the instances that will target this reservation." } }, "type": "object", "required": [ "inUseResources", "reservedResources", "vmFamily", "workloadType" ] }, "google-native:compute/beta:AllocationAggregateReservationVmFamily": { "description": "The VM family that all instances scheduled against this reservation must belong to.", "type": "string", "enum": [ { "name": "VmFamilyCloudTpuLiteDeviceCt5l", "value": "VM_FAMILY_CLOUD_TPU_LITE_DEVICE_CT5L" }, { "name": "VmFamilyCloudTpuLitePodSliceCt5lp", "value": "VM_FAMILY_CLOUD_TPU_LITE_POD_SLICE_CT5LP" }, { "name": "VmFamilyCloudTpuPodSliceCt4p", "value": "VM_FAMILY_CLOUD_TPU_POD_SLICE_CT4P" } ] }, "google-native:compute/beta:AllocationAggregateReservationWorkloadType": { "description": "The workload type of the instances that will target this reservation.", "type": "string", "enum": [ { "name": "Batch", "description": "Reserved resources will be optimized for BATCH workloads, such as ML training.", "value": "BATCH" }, { "name": "Serving", "description": "Reserved resources will be optimized for SERVING workloads, such as ML inference.", "value": "SERVING" }, { "name": "Unspecified", "value": "UNSPECIFIED" } ] }, "google-native:compute/beta:AllocationResourceStatusResponse": { "description": "[Output Only] Contains output only fields.", "properties": { "specificSkuAllocation": { "$ref": "#/types/google-native:compute%2Fbeta:AllocationResourceStatusSpecificSKUAllocationResponse", "description": "Allocation Properties of this reservation." } }, "type": "object", "required": [ "specificSkuAllocation" ] }, "google-native:compute/beta:AllocationResourceStatusSpecificSKUAllocationResponse": { "description": "Contains Properties set for the reservation.", "properties": { "sourceInstanceTemplateId": { "type": "string", "description": "ID of the instance template used to populate reservation properties." } }, "type": "object", "required": [ "sourceInstanceTemplateId" ] }, "google-native:compute/beta:AllocationSpecificSKUAllocationAllocatedInstancePropertiesReservedDisk": { "properties": { "diskSizeGb": { "type": "string", "description": "Specifies the size of the disk in base-2 GB." }, "interface": { "$ref": "#/types/google-native:compute%2Fbeta:AllocationSpecificSKUAllocationAllocatedInstancePropertiesReservedDiskInterface", "description": "Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. For performance characteristics of SCSI over NVMe, see Local SSD performance." } }, "type": "object" }, "google-native:compute/beta:AllocationSpecificSKUAllocationAllocatedInstancePropertiesReservedDiskInterface": { "description": "Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. For performance characteristics of SCSI over NVMe, see Local SSD performance.", "type": "string", "enum": [ { "name": "Nvme", "value": "NVME" }, { "name": "Scsi", "value": "SCSI" } ] }, "google-native:compute/beta:AllocationSpecificSKUAllocationAllocatedInstancePropertiesReservedDiskResponse": { "properties": { "diskSizeGb": { "type": "string", "description": "Specifies the size of the disk in base-2 GB." }, "interface": { "type": "string", "description": "Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. For performance characteristics of SCSI over NVMe, see Local SSD performance." } }, "type": "object", "required": [ "diskSizeGb", "interface" ] }, "google-native:compute/beta:AllocationSpecificSKUAllocationReservedInstanceProperties": { "description": "Properties of the SKU instances being reserved. Next ID: 9", "properties": { "guestAccelerators": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:AcceleratorConfig" }, "description": "Specifies accelerator type and count." }, "localSsds": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:AllocationSpecificSKUAllocationAllocatedInstancePropertiesReservedDisk" }, "description": "Specifies amount of local ssd to reserve with each instance. The type of disk is local-ssd." }, "locationHint": { "type": "string", "description": "An opaque location hint used to place the allocation close to other resources. This field is for use by internal tools that use the public API." }, "machineType": { "type": "string", "description": "Specifies type of machine (name only) which has fixed number of vCPUs and fixed amount of memory. This also includes specifying custom machine type following custom-NUMBER_OF_CPUS-AMOUNT_OF_MEMORY pattern." }, "maintenanceFreezeDurationHours": { "type": "integer", "description": "Specifies the number of hours after reservation creation where instances using the reservation won't be scheduled for maintenance." }, "maintenanceInterval": { "$ref": "#/types/google-native:compute%2Fbeta:AllocationSpecificSKUAllocationReservedInstancePropertiesMaintenanceInterval", "description": "Specifies the frequency of planned maintenance events. The accepted values are: `PERIODIC`." }, "minCpuPlatform": { "type": "string", "description": "Minimum cpu platform the reservation." } }, "type": "object" }, "google-native:compute/beta:AllocationSpecificSKUAllocationReservedInstancePropertiesMaintenanceInterval": { "description": "Specifies the frequency of planned maintenance events. The accepted values are: `PERIODIC`.", "type": "string", "enum": [ { "name": "AsNeeded", "description": "VMs are eligible to receive infrastructure and hypervisor updates as they become available. This may result in more maintenance operations (live migrations or terminations) for the VM than the PERIODIC and RECURRENT options.", "value": "AS_NEEDED" }, { "name": "Periodic", "description": "VMs receive infrastructure and hypervisor updates on a periodic basis, minimizing the number of maintenance operations (live migrations or terminations) on an individual VM. This may mean a VM will take longer to receive an update than if it was configured for AS_NEEDED. Security updates will still be applied as soon as they are available.", "value": "PERIODIC" }, { "name": "Recurrent", "description": "VMs receive infrastructure and hypervisor updates on a periodic basis, minimizing the number of maintenance operations (live migrations or terminations) on an individual VM. This may mean a VM will take longer to receive an update than if it was configured for AS_NEEDED. Security updates will still be applied as soon as they are available. RECURRENT is used for GEN3 and Slice of Hardware VMs.", "value": "RECURRENT" } ] }, "google-native:compute/beta:AllocationSpecificSKUAllocationReservedInstancePropertiesResponse": { "description": "Properties of the SKU instances being reserved. Next ID: 9", "properties": { "guestAccelerators": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:AcceleratorConfigResponse" }, "description": "Specifies accelerator type and count." }, "localSsds": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:AllocationSpecificSKUAllocationAllocatedInstancePropertiesReservedDiskResponse" }, "description": "Specifies amount of local ssd to reserve with each instance. The type of disk is local-ssd." }, "locationHint": { "type": "string", "description": "An opaque location hint used to place the allocation close to other resources. This field is for use by internal tools that use the public API." }, "machineType": { "type": "string", "description": "Specifies type of machine (name only) which has fixed number of vCPUs and fixed amount of memory. This also includes specifying custom machine type following custom-NUMBER_OF_CPUS-AMOUNT_OF_MEMORY pattern." }, "maintenanceFreezeDurationHours": { "type": "integer", "description": "Specifies the number of hours after reservation creation where instances using the reservation won't be scheduled for maintenance." }, "maintenanceInterval": { "type": "string", "description": "Specifies the frequency of planned maintenance events. The accepted values are: `PERIODIC`." }, "minCpuPlatform": { "type": "string", "description": "Minimum cpu platform the reservation." } }, "type": "object", "required": [ "guestAccelerators", "localSsds", "locationHint", "machineType", "maintenanceFreezeDurationHours", "maintenanceInterval", "minCpuPlatform" ] }, "google-native:compute/beta:AllocationSpecificSKUReservation": { "description": "This reservation type allows to pre allocate specific instance configuration. Next ID: 6", "properties": { "count": { "type": "string", "description": "Specifies the number of resources that are allocated." }, "instanceProperties": { "$ref": "#/types/google-native:compute%2Fbeta:AllocationSpecificSKUAllocationReservedInstanceProperties", "description": "The instance properties for the reservation." }, "sourceInstanceTemplate": { "type": "string", "description": "Specifies the instance template to create the reservation. If you use this field, you must exclude the instanceProperties field. This field is optional, and it can be a full or partial URL. For example, the following are all valid URLs to an instance template: - https://www.googleapis.com/compute/v1/projects/project /global/instanceTemplates/instanceTemplate - projects/project/global/instanceTemplates/instanceTemplate - global/instanceTemplates/instanceTemplate " } }, "type": "object" }, "google-native:compute/beta:AllocationSpecificSKUReservationResponse": { "description": "This reservation type allows to pre allocate specific instance configuration. Next ID: 6", "properties": { "assuredCount": { "type": "string", "description": "Indicates how many instances are actually usable currently." }, "count": { "type": "string", "description": "Specifies the number of resources that are allocated." }, "inUseCount": { "type": "string", "description": "Indicates how many instances are in use." }, "instanceProperties": { "$ref": "#/types/google-native:compute%2Fbeta:AllocationSpecificSKUAllocationReservedInstancePropertiesResponse", "description": "The instance properties for the reservation." }, "sourceInstanceTemplate": { "type": "string", "description": "Specifies the instance template to create the reservation. If you use this field, you must exclude the instanceProperties field. This field is optional, and it can be a full or partial URL. For example, the following are all valid URLs to an instance template: - https://www.googleapis.com/compute/v1/projects/project /global/instanceTemplates/instanceTemplate - projects/project/global/instanceTemplates/instanceTemplate - global/instanceTemplates/instanceTemplate " } }, "type": "object", "required": [ "assuredCount", "count", "inUseCount", "instanceProperties", "sourceInstanceTemplate" ] }, "google-native:compute/beta:AttachedDisk": { "description": "An instance-attached disk resource.", "properties": { "autoDelete": { "type": "boolean", "description": "Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance)." }, "boot": { "type": "boolean", "description": "Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem." }, "deviceName": { "type": "string", "description": "Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks." }, "diskEncryptionKey": { "$ref": "#/types/google-native:compute%2Fbeta:CustomerEncryptionKey", "description": "Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group." }, "diskSizeGb": { "type": "string", "description": "The size of the disk in GB." }, "forceAttach": { "type": "boolean", "description": "[Input Only] Whether to force attach the regional disk even if it's currently attached to another instance. If you try to force attach a zonal disk to an instance, you will receive an error." }, "guestOsFeatures": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:GuestOsFeature" }, "description": "A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options." }, "initializeParams": { "$ref": "#/types/google-native:compute%2Fbeta:AttachedDiskInitializeParams", "description": "[Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both." }, "interface": { "$ref": "#/types/google-native:compute%2Fbeta:AttachedDiskInterface", "description": "Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. For most machine types, the default is SCSI. Local SSDs can use either NVME or SCSI. In certain configurations, persistent disks can use NVMe. For more information, see About persistent disks." }, "mode": { "$ref": "#/types/google-native:compute%2Fbeta:AttachedDiskMode", "description": "The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not specified, the default is to attach the disk in READ_WRITE mode." }, "savedState": { "$ref": "#/types/google-native:compute%2Fbeta:AttachedDiskSavedState", "description": "For LocalSSD disks on VM Instances in STOPPED or SUSPENDED state, this field is set to PRESERVED if the LocalSSD data has been saved to a persistent location by customer request. (see the discard_local_ssd option on Stop/Suspend). Read-only in the api." }, "source": { "type": "string", "description": "Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name for zonal disk, and the URL for regional disk." }, "type": { "$ref": "#/types/google-native:compute%2Fbeta:AttachedDiskType", "description": "Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT." } }, "type": "object" }, "google-native:compute/beta:AttachedDiskInitializeParams": { "description": "[Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This field is persisted and returned for instanceTemplate and not returned in the context of instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.", "properties": { "architecture": { "$ref": "#/types/google-native:compute%2Fbeta:AttachedDiskInitializeParamsArchitecture", "description": "The architecture of the attached disk. Valid values are arm64 or x86_64." }, "description": { "type": "string", "description": "An optional description. Provide this property when creating the disk." }, "diskName": { "type": "string", "description": "Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created." }, "diskSizeGb": { "type": "string", "description": "Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB." }, "diskType": { "type": "string", "description": "Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard For a full list of acceptable values, see Persistent disk types. If you specify this field when creating a VM, you can provide either the full or partial URL. For example, the following values are valid: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType If you specify this field when creating or updating an instance template or all-instances configuration, specify the type of the disk, not the URL. For example: pd-standard." }, "enableConfidentialCompute": { "type": "boolean", "description": "Whether this disk is using confidential compute mode." }, "guestOsFeatures": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:GuestOsFeature" }, "description": "A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures" }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks." }, "licenses": { "type": "array", "items": { "type": "string" }, "description": "A list of publicly visible licenses. Reserved for Google's use." }, "multiWriter": { "type": "boolean", "description": "Indicates whether or not the disk can be read/write attached to more than one instance." }, "onUpdateAction": { "$ref": "#/types/google-native:compute%2Fbeta:AttachedDiskInitializeParamsOnUpdateAction", "description": "Specifies which action to take on instance update with this disk. Default is to use the existing disk." }, "provisionedIops": { "type": "string", "description": "Indicates how many IOPS to provision for the disk. This sets the number of I/O operations per second that the disk can handle. Values must be between 10,000 and 120,000. For more details, see the Extreme persistent disk documentation." }, "provisionedThroughput": { "type": "string", "description": "Indicates how much throughput to provision for the disk. This sets the number of throughput mb per second that the disk can handle. Values must be between 1 and 7,124." }, "replicaZones": { "type": "array", "items": { "type": "string" }, "description": "Required for each regional disk associated with the instance. Specify the URLs of the zones where the disk should be replicated to. You must provide exactly two replica zones, and one zone must be the same as the instance zone." }, "resourceManagerTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource manager tags to be bound to the disk. Tag keys and values have the same definition as resource manager tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values are in the format `tagValues/456`. The field is ignored (both PUT & PATCH) when empty." }, "resourcePolicies": { "type": "array", "items": { "type": "string" }, "description": "Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name." }, "sourceImage": { "type": "string", "description": "The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set." }, "sourceImageEncryptionKey": { "$ref": "#/types/google-native:compute%2Fbeta:CustomerEncryptionKey", "description": "The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. InstanceTemplate and InstancePropertiesPatch do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys." }, "sourceInstantSnapshot": { "type": "string", "description": "The source instant-snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceInstantSnapshot initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: us-central1-a/instantSnapshots/my-backup If the source instant-snapshot is deleted later, this field will not be set." }, "sourceSnapshot": { "type": "string", "description": "The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set." }, "sourceSnapshotEncryptionKey": { "$ref": "#/types/google-native:compute%2Fbeta:CustomerEncryptionKey", "description": "The customer-supplied encryption key of the source snapshot." } }, "type": "object" }, "google-native:compute/beta:AttachedDiskInitializeParamsArchitecture": { "description": "The architecture of the attached disk. Valid values are arm64 or x86_64.", "type": "string", "enum": [ { "name": "ArchitectureUnspecified", "description": "Default value indicating Architecture is not set.", "value": "ARCHITECTURE_UNSPECIFIED" }, { "name": "Arm64", "description": "Machines with architecture ARM64", "value": "ARM64" }, { "name": "X8664", "description": "Machines with architecture X86_64", "value": "X86_64" } ] }, "google-native:compute/beta:AttachedDiskInitializeParamsOnUpdateAction": { "description": "Specifies which action to take on instance update with this disk. Default is to use the existing disk.", "type": "string", "enum": [ { "name": "RecreateDisk", "description": "Always recreate the disk.", "value": "RECREATE_DISK" }, { "name": "RecreateDiskIfSourceChanged", "description": "Recreate the disk if source (image, snapshot) of this disk is different from source of existing disk.", "value": "RECREATE_DISK_IF_SOURCE_CHANGED" }, { "name": "UseExistingDisk", "description": "Use the existing disk, this is the default behaviour.", "value": "USE_EXISTING_DISK" } ] }, "google-native:compute/beta:AttachedDiskInitializeParamsResponse": { "description": "[Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This field is persisted and returned for instanceTemplate and not returned in the context of instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.", "properties": { "architecture": { "type": "string", "description": "The architecture of the attached disk. Valid values are arm64 or x86_64." }, "description": { "type": "string", "description": "An optional description. Provide this property when creating the disk." }, "diskName": { "type": "string", "description": "Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created." }, "diskSizeGb": { "type": "string", "description": "Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB." }, "diskType": { "type": "string", "description": "Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard For a full list of acceptable values, see Persistent disk types. If you specify this field when creating a VM, you can provide either the full or partial URL. For example, the following values are valid: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType If you specify this field when creating or updating an instance template or all-instances configuration, specify the type of the disk, not the URL. For example: pd-standard." }, "enableConfidentialCompute": { "type": "boolean", "description": "Whether this disk is using confidential compute mode." }, "guestOsFeatures": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:GuestOsFeatureResponse" }, "description": "A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options. Guest OS features are applied by merging initializeParams.guestOsFeatures and disks.guestOsFeatures" }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks." }, "licenses": { "type": "array", "items": { "type": "string" }, "description": "A list of publicly visible licenses. Reserved for Google's use." }, "multiWriter": { "type": "boolean", "description": "Indicates whether or not the disk can be read/write attached to more than one instance." }, "onUpdateAction": { "type": "string", "description": "Specifies which action to take on instance update with this disk. Default is to use the existing disk." }, "provisionedIops": { "type": "string", "description": "Indicates how many IOPS to provision for the disk. This sets the number of I/O operations per second that the disk can handle. Values must be between 10,000 and 120,000. For more details, see the Extreme persistent disk documentation." }, "provisionedThroughput": { "type": "string", "description": "Indicates how much throughput to provision for the disk. This sets the number of throughput mb per second that the disk can handle. Values must be between 1 and 7,124." }, "replicaZones": { "type": "array", "items": { "type": "string" }, "description": "Required for each regional disk associated with the instance. Specify the URLs of the zones where the disk should be replicated to. You must provide exactly two replica zones, and one zone must be the same as the instance zone." }, "resourceManagerTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource manager tags to be bound to the disk. Tag keys and values have the same definition as resource manager tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values are in the format `tagValues/456`. The field is ignored (both PUT & PATCH) when empty." }, "resourcePolicies": { "type": "array", "items": { "type": "string" }, "description": "Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name." }, "sourceImage": { "type": "string", "description": "The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set." }, "sourceImageEncryptionKey": { "$ref": "#/types/google-native:compute%2Fbeta:CustomerEncryptionKeyResponse", "description": "The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. InstanceTemplate and InstancePropertiesPatch do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys." }, "sourceInstantSnapshot": { "type": "string", "description": "The source instant-snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceInstantSnapshot initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: us-central1-a/instantSnapshots/my-backup If the source instant-snapshot is deleted later, this field will not be set." }, "sourceSnapshot": { "type": "string", "description": "The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set." }, "sourceSnapshotEncryptionKey": { "$ref": "#/types/google-native:compute%2Fbeta:CustomerEncryptionKeyResponse", "description": "The customer-supplied encryption key of the source snapshot." } }, "type": "object", "required": [ "architecture", "description", "diskName", "diskSizeGb", "diskType", "enableConfidentialCompute", "guestOsFeatures", "labels", "licenses", "multiWriter", "onUpdateAction", "provisionedIops", "provisionedThroughput", "replicaZones", "resourceManagerTags", "resourcePolicies", "sourceImage", "sourceImageEncryptionKey", "sourceInstantSnapshot", "sourceSnapshot", "sourceSnapshotEncryptionKey" ] }, "google-native:compute/beta:AttachedDiskInterface": { "description": "Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. For most machine types, the default is SCSI. Local SSDs can use either NVME or SCSI. In certain configurations, persistent disks can use NVMe. For more information, see About persistent disks.", "type": "string", "enum": [ { "name": "Nvme", "value": "NVME" }, { "name": "Scsi", "value": "SCSI" } ] }, "google-native:compute/beta:AttachedDiskMode": { "description": "The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not specified, the default is to attach the disk in READ_WRITE mode.", "type": "string", "enum": [ { "name": "ReadOnly", "description": "Attaches this disk in read-only mode. Multiple virtual machines can use a disk in read-only mode at a time.", "value": "READ_ONLY" }, { "name": "ReadWrite", "description": "*[Default]* Attaches this disk in read-write mode. Only one virtual machine at a time can be attached to a disk in read-write mode.", "value": "READ_WRITE" } ] }, "google-native:compute/beta:AttachedDiskResponse": { "description": "An instance-attached disk resource.", "properties": { "architecture": { "type": "string", "description": "The architecture of the attached disk. Valid values are ARM64 or X86_64." }, "autoDelete": { "type": "boolean", "description": "Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance)." }, "boot": { "type": "boolean", "description": "Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem." }, "deviceName": { "type": "string", "description": "Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks." }, "diskEncryptionKey": { "$ref": "#/types/google-native:compute%2Fbeta:CustomerEncryptionKeyResponse", "description": "Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group." }, "diskSizeGb": { "type": "string", "description": "The size of the disk in GB." }, "forceAttach": { "type": "boolean", "description": "[Input Only] Whether to force attach the regional disk even if it's currently attached to another instance. If you try to force attach a zonal disk to an instance, you will receive an error." }, "guestOsFeatures": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:GuestOsFeatureResponse" }, "description": "A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options." }, "index": { "type": "integer", "description": "A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number." }, "initializeParams": { "$ref": "#/types/google-native:compute%2Fbeta:AttachedDiskInitializeParamsResponse", "description": "[Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both." }, "interface": { "type": "string", "description": "Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. For most machine types, the default is SCSI. Local SSDs can use either NVME or SCSI. In certain configurations, persistent disks can use NVMe. For more information, see About persistent disks." }, "kind": { "type": "string", "description": "Type of the resource. Always compute#attachedDisk for attached disks." }, "licenses": { "type": "array", "items": { "type": "string" }, "description": "Any valid publicly visible licenses." }, "locked": { "type": "boolean", "description": "Whether to indicate the attached disk is locked. The locked disk is not allowed to be detached from the instance, or to be used as the source of the snapshot creation, and the image creation. The instance with at least one locked attached disk is not allow to be used as source of machine image creation, instant snapshot creation, and not allowed to be deleted with --keep-disk parameter set to true for locked disks." }, "mode": { "type": "string", "description": "The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not specified, the default is to attach the disk in READ_WRITE mode." }, "savedState": { "type": "string", "description": "For LocalSSD disks on VM Instances in STOPPED or SUSPENDED state, this field is set to PRESERVED if the LocalSSD data has been saved to a persistent location by customer request. (see the discard_local_ssd option on Stop/Suspend). Read-only in the api." }, "shieldedInstanceInitialState": { "$ref": "#/types/google-native:compute%2Fbeta:InitialStateConfigResponse", "description": "shielded vm initial state stored on disk" }, "source": { "type": "string", "description": "Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name for zonal disk, and the URL for regional disk." }, "type": { "type": "string", "description": "Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT." }, "userLicenses": { "type": "array", "items": { "type": "string" }, "description": "A list of user provided licenses. It represents a list of URLs to the license resource. Unlike regular licenses, user provided licenses can be modified after the disk is created." } }, "type": "object", "required": [ "architecture", "autoDelete", "boot", "deviceName", "diskEncryptionKey", "diskSizeGb", "forceAttach", "guestOsFeatures", "index", "initializeParams", "interface", "kind", "licenses", "locked", "mode", "savedState", "shieldedInstanceInitialState", "source", "type", "userLicenses" ] }, "google-native:compute/beta:AttachedDiskSavedState": { "description": "For LocalSSD disks on VM Instances in STOPPED or SUSPENDED state, this field is set to PRESERVED if the LocalSSD data has been saved to a persistent location by customer request. (see the discard_local_ssd option on Stop/Suspend). Read-only in the api.", "type": "string", "enum": [ { "name": "DiskSavedStateUnspecified", "description": "*[Default]* Disk state has not been preserved.", "value": "DISK_SAVED_STATE_UNSPECIFIED" }, { "name": "Preserved", "description": "Disk state has been preserved.", "value": "PRESERVED" } ] }, "google-native:compute/beta:AttachedDiskType": { "description": "Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.", "type": "string", "enum": [ { "name": "Persistent", "value": "PERSISTENT" }, { "name": "Scratch", "value": "SCRATCH" } ] }, "google-native:compute/beta:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "This is deprecated and has no effect. Do not use." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:compute/beta:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "This is deprecated and has no effect. Do not use." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "exemptedMembers", "service" ] }, "google-native:compute/beta:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "ignoreChildExemptions": { "type": "boolean", "description": "This is deprecated and has no effect. Do not use." }, "logType": { "$ref": "#/types/google-native:compute%2Fbeta:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:compute/beta:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" } ] }, "google-native:compute/beta:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "ignoreChildExemptions": { "type": "boolean", "description": "This is deprecated and has no effect. Do not use." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "ignoreChildExemptions", "logType" ] }, "google-native:compute/beta:AuthorizationLoggingOptions": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "permissionType": { "$ref": "#/types/google-native:compute%2Fbeta:AuthorizationLoggingOptionsPermissionType", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object" }, "google-native:compute/beta:AuthorizationLoggingOptionsPermissionType": { "description": "This is deprecated and has no effect. Do not use.", "type": "string", "enum": [ { "name": "AdminRead", "description": "This is deprecated and has no effect. Do not use.", "value": "ADMIN_READ" }, { "name": "AdminWrite", "description": "This is deprecated and has no effect. Do not use.", "value": "ADMIN_WRITE" }, { "name": "DataRead", "description": "This is deprecated and has no effect. Do not use.", "value": "DATA_READ" }, { "name": "DataWrite", "description": "This is deprecated and has no effect. Do not use.", "value": "DATA_WRITE" }, { "name": "PermissionTypeUnspecified", "description": "This is deprecated and has no effect. Do not use.", "value": "PERMISSION_TYPE_UNSPECIFIED" } ] }, "google-native:compute/beta:AuthorizationLoggingOptionsResponse": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "permissionType": { "type": "string", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object", "required": [ "permissionType" ] }, "google-native:compute/beta:AutoscalerStatusDetailsResponse": { "properties": { "message": { "type": "string", "description": "The status message." }, "type": { "type": "string", "description": "The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the \"Autoscale only out\" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions." } }, "type": "object", "required": [ "message", "type" ] }, "google-native:compute/beta:AutoscalingPolicy": { "description": "Cloud Autoscaler policy.", "properties": { "coolDownPeriodSec": { "type": "integer", "description": "The number of seconds that your application takes to initialize on a VM instance. This is referred to as the [initialization period](/compute/docs/autoscaler#cool_down_period). Specifying an accurate initialization period improves autoscaler decisions. For example, when scaling out, the autoscaler ignores data from VMs that are still initializing because those VMs might not yet represent normal usage of your application. The default initialization period is 60 seconds. Initialization periods might vary because of numerous factors. We recommend that you test how long your application takes to initialize. To do this, create a VM and time your application's startup process." }, "cpuUtilization": { "$ref": "#/types/google-native:compute%2Fbeta:AutoscalingPolicyCpuUtilization", "description": "Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group." }, "customMetricUtilizations": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:AutoscalingPolicyCustomMetricUtilization" }, "description": "Configuration parameters of autoscaling based on a custom metric." }, "loadBalancingUtilization": { "$ref": "#/types/google-native:compute%2Fbeta:AutoscalingPolicyLoadBalancingUtilization", "description": "Configuration parameters of autoscaling based on load balancer." }, "maxNumReplicas": { "type": "integer", "description": "The maximum number of instances that the autoscaler can scale out to. This is required when creating or updating an autoscaler. The maximum number of replicas must not be lower than minimal number of replicas." }, "minNumReplicas": { "type": "integer", "description": "The minimum number of replicas that the autoscaler can scale in to. This cannot be less than 0. If not provided, autoscaler chooses a default value depending on maximum number of instances allowed." }, "mode": { "$ref": "#/types/google-native:compute%2Fbeta:AutoscalingPolicyMode", "description": "Defines the operating mode for this policy. The following modes are available: - OFF: Disables the autoscaler but maintains its configuration. - ONLY_SCALE_OUT: Restricts the autoscaler to add VM instances only. - ON: Enables all autoscaler activities according to its policy. For more information, see \"Turning off or restricting an autoscaler\"" }, "scaleDownControl": { "$ref": "#/types/google-native:compute%2Fbeta:AutoscalingPolicyScaleDownControl" }, "scaleInControl": { "$ref": "#/types/google-native:compute%2Fbeta:AutoscalingPolicyScaleInControl" }, "scalingSchedules": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Scaling schedules defined for an autoscaler. Multiple schedules can be set on an autoscaler, and they can overlap. During overlapping periods the greatest min_required_replicas of all scaling schedules is applied. Up to 128 scaling schedules are allowed." } }, "type": "object" }, "google-native:compute/beta:AutoscalingPolicyCpuUtilization": { "description": "CPU utilization policy.", "properties": { "predictiveMethod": { "$ref": "#/types/google-native:compute%2Fbeta:AutoscalingPolicyCpuUtilizationPredictiveMethod", "description": "Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand." }, "utilizationTarget": { "type": "number", "description": "The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization." } }, "type": "object" }, "google-native:compute/beta:AutoscalingPolicyCpuUtilizationPredictiveMethod": { "description": "Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.", "type": "string", "enum": [ { "name": "None", "description": "No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics", "value": "NONE" }, { "name": "OptimizeAvailability", "description": "Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.", "value": "OPTIMIZE_AVAILABILITY" }, { "name": "PredictiveMethodUnspecified", "value": "PREDICTIVE_METHOD_UNSPECIFIED" } ] }, "google-native:compute/beta:AutoscalingPolicyCpuUtilizationResponse": { "description": "CPU utilization policy.", "properties": { "predictiveMethod": { "type": "string", "description": "Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand." }, "utilizationTarget": { "type": "number", "description": "The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization." } }, "type": "object", "required": [ "predictiveMethod", "utilizationTarget" ] }, "google-native:compute/beta:AutoscalingPolicyCustomMetricUtilization": { "description": "Custom utilization metric policy.", "properties": { "filter": { "type": "string", "description": "A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value." }, "metric": { "type": "string", "description": "The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE." }, "singleInstanceAssignment": { "type": "number", "description": "If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead." }, "utilizationTarget": { "type": "number", "description": "The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances." }, "utilizationTargetType": { "$ref": "#/types/google-native:compute%2Fbeta:AutoscalingPolicyCustomMetricUtilizationUtilizationTargetType", "description": "Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE." } }, "type": "object" }, "google-native:compute/beta:AutoscalingPolicyCustomMetricUtilizationResponse": { "description": "Custom utilization metric policy.", "properties": { "filter": { "type": "string", "description": "A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value." }, "metric": { "type": "string", "description": "The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE." }, "singleInstanceAssignment": { "type": "number", "description": "If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead." }, "utilizationTarget": { "type": "number", "description": "The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances." }, "utilizationTargetType": { "type": "string", "description": "Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE." } }, "type": "object", "required": [ "filter", "metric", "singleInstanceAssignment", "utilizationTarget", "utilizationTargetType" ] }, "google-native:compute/beta:AutoscalingPolicyCustomMetricUtilizationUtilizationTargetType": { "description": "Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.", "type": "string", "enum": [ { "name": "DeltaPerMinute", "description": "Sets the utilization target value for a cumulative or delta metric, expressed as the rate of growth per minute.", "value": "DELTA_PER_MINUTE" }, { "name": "DeltaPerSecond", "description": "Sets the utilization target value for a cumulative or delta metric, expressed as the rate of growth per second.", "value": "DELTA_PER_SECOND" }, { "name": "Gauge", "description": "Sets the utilization target value for a gauge metric. The autoscaler will collect the average utilization of the virtual machines from the last couple of minutes, and compare the value to the utilization target value to perform autoscaling.", "value": "GAUGE" } ] }, "google-native:compute/beta:AutoscalingPolicyLoadBalancingUtilization": { "description": "Configuration parameters of autoscaling based on load balancing.", "properties": { "utilizationTarget": { "type": "number", "description": "Fraction of backend capacity utilization (set in HTTP(S) load balancing configuration) that the autoscaler maintains. Must be a positive float value. If not defined, the default is 0.8." } }, "type": "object" }, "google-native:compute/beta:AutoscalingPolicyLoadBalancingUtilizationResponse": { "description": "Configuration parameters of autoscaling based on load balancing.", "properties": { "utilizationTarget": { "type": "number", "description": "Fraction of backend capacity utilization (set in HTTP(S) load balancing configuration) that the autoscaler maintains. Must be a positive float value. If not defined, the default is 0.8." } }, "type": "object", "required": [ "utilizationTarget" ] }, "google-native:compute/beta:AutoscalingPolicyMode": { "description": "Defines the operating mode for this policy. The following modes are available: - OFF: Disables the autoscaler but maintains its configuration. - ONLY_SCALE_OUT: Restricts the autoscaler to add VM instances only. - ON: Enables all autoscaler activities according to its policy. For more information, see \"Turning off or restricting an autoscaler\"", "type": "string", "enum": [ { "name": "Off", "description": "Do not automatically scale the MIG in or out. The recommended_size field contains the size of MIG that would be set if the actuation mode was enabled.", "value": "OFF" }, { "name": "On", "description": "Automatically scale the MIG in and out according to the policy.", "value": "ON" }, { "name": "OnlyScaleOut", "description": "Automatically create VMs according to the policy, but do not scale the MIG in.", "value": "ONLY_SCALE_OUT" }, { "name": "OnlyUp", "description": "Automatically create VMs according to the policy, but do not scale the MIG in.", "value": "ONLY_UP" } ] }, "google-native:compute/beta:AutoscalingPolicyResponse": { "description": "Cloud Autoscaler policy.", "properties": { "coolDownPeriodSec": { "type": "integer", "description": "The number of seconds that your application takes to initialize on a VM instance. This is referred to as the [initialization period](/compute/docs/autoscaler#cool_down_period). Specifying an accurate initialization period improves autoscaler decisions. For example, when scaling out, the autoscaler ignores data from VMs that are still initializing because those VMs might not yet represent normal usage of your application. The default initialization period is 60 seconds. Initialization periods might vary because of numerous factors. We recommend that you test how long your application takes to initialize. To do this, create a VM and time your application's startup process." }, "cpuUtilization": { "$ref": "#/types/google-native:compute%2Fbeta:AutoscalingPolicyCpuUtilizationResponse", "description": "Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group." }, "customMetricUtilizations": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:AutoscalingPolicyCustomMetricUtilizationResponse" }, "description": "Configuration parameters of autoscaling based on a custom metric." }, "loadBalancingUtilization": { "$ref": "#/types/google-native:compute%2Fbeta:AutoscalingPolicyLoadBalancingUtilizationResponse", "description": "Configuration parameters of autoscaling based on load balancer." }, "maxNumReplicas": { "type": "integer", "description": "The maximum number of instances that the autoscaler can scale out to. This is required when creating or updating an autoscaler. The maximum number of replicas must not be lower than minimal number of replicas." }, "minNumReplicas": { "type": "integer", "description": "The minimum number of replicas that the autoscaler can scale in to. This cannot be less than 0. If not provided, autoscaler chooses a default value depending on maximum number of instances allowed." }, "mode": { "type": "string", "description": "Defines the operating mode for this policy. The following modes are available: - OFF: Disables the autoscaler but maintains its configuration. - ONLY_SCALE_OUT: Restricts the autoscaler to add VM instances only. - ON: Enables all autoscaler activities according to its policy. For more information, see \"Turning off or restricting an autoscaler\"" }, "scaleDownControl": { "$ref": "#/types/google-native:compute%2Fbeta:AutoscalingPolicyScaleDownControlResponse" }, "scaleInControl": { "$ref": "#/types/google-native:compute%2Fbeta:AutoscalingPolicyScaleInControlResponse" }, "scalingSchedules": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Scaling schedules defined for an autoscaler. Multiple schedules can be set on an autoscaler, and they can overlap. During overlapping periods the greatest min_required_replicas of all scaling schedules is applied. Up to 128 scaling schedules are allowed." } }, "type": "object", "required": [ "coolDownPeriodSec", "cpuUtilization", "customMetricUtilizations", "loadBalancingUtilization", "maxNumReplicas", "minNumReplicas", "mode", "scaleDownControl", "scaleInControl", "scalingSchedules" ] }, "google-native:compute/beta:AutoscalingPolicyScaleDownControl": { "description": "Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.", "properties": { "maxScaledDownReplicas": { "$ref": "#/types/google-native:compute%2Fbeta:FixedOrPercent", "description": "Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step." }, "timeWindowSec": { "type": "integer", "description": "How far back autoscaling looks when computing recommendations to include directives regarding slower scale in, as described above." } }, "type": "object" }, "google-native:compute/beta:AutoscalingPolicyScaleDownControlResponse": { "description": "Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.", "properties": { "maxScaledDownReplicas": { "$ref": "#/types/google-native:compute%2Fbeta:FixedOrPercentResponse", "description": "Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step." }, "timeWindowSec": { "type": "integer", "description": "How far back autoscaling looks when computing recommendations to include directives regarding slower scale in, as described above." } }, "type": "object", "required": [ "maxScaledDownReplicas", "timeWindowSec" ] }, "google-native:compute/beta:AutoscalingPolicyScaleInControl": { "description": "Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.", "properties": { "maxScaledInReplicas": { "$ref": "#/types/google-native:compute%2Fbeta:FixedOrPercent", "description": "Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step." }, "timeWindowSec": { "type": "integer", "description": "How far back autoscaling looks when computing recommendations to include directives regarding slower scale in, as described above." } }, "type": "object" }, "google-native:compute/beta:AutoscalingPolicyScaleInControlResponse": { "description": "Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.", "properties": { "maxScaledInReplicas": { "$ref": "#/types/google-native:compute%2Fbeta:FixedOrPercentResponse", "description": "Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step." }, "timeWindowSec": { "type": "integer", "description": "How far back autoscaling looks when computing recommendations to include directives regarding slower scale in, as described above." } }, "type": "object", "required": [ "maxScaledInReplicas", "timeWindowSec" ] }, "google-native:compute/beta:Backend": { "description": "Message containing information of one individual backend.", "properties": { "balancingMode": { "$ref": "#/types/google-native:compute%2Fbeta:BackendBalancingMode", "description": "Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode. Backends must use compatible balancing modes. For more information, see Supported balancing modes and target capacity settings and Restrictions and guidance for instance groups. Note: Currently, if you use the API to configure incompatible balancing modes, the configuration might be accepted even though it has no impact and is ignored. Specifically, Backend.maxUtilization is ignored when Backend.balancingMode is RATE. In the future, this incompatible combination will be rejected." }, "capacityScaler": { "type": "number", "description": "A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not available with backends that don't support using a balancingMode. This includes backends such as global internet NEGs, regional serverless NEGs, and PSC NEGs." }, "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "failover": { "type": "boolean", "description": "This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService." }, "group": { "type": "string", "description": "The fully-qualified URL of an instance group or network endpoint group (NEG) resource. To determine what types of backends a load balancer supports, see the [Backend services overview](https://cloud.google.com/load-balancing/docs/backend-service#backends). You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported." }, "maxConnections": { "type": "integer", "description": "Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE." }, "maxConnectionsPerEndpoint": { "type": "integer", "description": "Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE." }, "maxConnectionsPerInstance": { "type": "integer", "description": "Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE." }, "maxRate": { "type": "integer", "description": "Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION." }, "maxRatePerEndpoint": { "type": "number", "description": "Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION." }, "maxRatePerInstance": { "type": "number", "description": "Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION." }, "maxUtilization": { "type": "number", "description": "Optional parameter to define a target capacity for the UTILIZATION balancing mode. The valid range is [0.0, 1.0]. For usage guidelines, see Utilization balancing mode." }, "preference": { "$ref": "#/types/google-native:compute%2Fbeta:BackendPreference", "description": "This field indicates whether this backend should be fully utilized before sending traffic to backends with default preference. The possible values are: - PREFERRED: Backends with this preference level will be filled up to their capacity limits first, based on RTT. - DEFAULT: If preferred backends don't have enough capacity, backends in this layer would be used and traffic would be assigned based on the load balancing algorithm you use. This is the default " } }, "type": "object" }, "google-native:compute/beta:BackendBalancingMode": { "description": "Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode. Backends must use compatible balancing modes. For more information, see Supported balancing modes and target capacity settings and Restrictions and guidance for instance groups. Note: Currently, if you use the API to configure incompatible balancing modes, the configuration might be accepted even though it has no impact and is ignored. Specifically, Backend.maxUtilization is ignored when Backend.balancingMode is RATE. In the future, this incompatible combination will be rejected.", "type": "string", "enum": [ { "name": "Connection", "description": "Balance based on the number of simultaneous connections.", "value": "CONNECTION" }, { "name": "Rate", "description": "Balance based on requests per second (RPS).", "value": "RATE" }, { "name": "Utilization", "description": "Balance based on the backend utilization.", "value": "UTILIZATION" } ] }, "google-native:compute/beta:BackendBucketCdnPolicy": { "description": "Message containing Cloud CDN configuration for a backend bucket.", "properties": { "bypassCacheOnRequestHeaders": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:BackendBucketCdnPolicyBypassCacheOnRequestHeader" }, "description": "Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings." }, "cacheKeyPolicy": { "$ref": "#/types/google-native:compute%2Fbeta:BackendBucketCdnPolicyCacheKeyPolicy", "description": "The CacheKeyPolicy for this CdnPolicy." }, "cacheMode": { "$ref": "#/types/google-native:compute%2Fbeta:BackendBucketCdnPolicyCacheMode", "description": "Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any \"private\", \"no-store\" or \"no-cache\" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached." }, "clientTtl": { "type": "integer", "description": "Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a \"public\" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a \"public\" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year)." }, "defaultTtl": { "type": "integer", "description": "Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of \"0\" means \"always revalidate\". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." }, "maxTtl": { "type": "integer", "description": "Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of \"0\" means \"always revalidate\". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." }, "negativeCaching": { "type": "boolean", "description": "Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy." }, "negativeCachingPolicy": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:BackendBucketCdnPolicyNegativeCachingPolicy" }, "description": "Sets a cache TTL for the specified HTTP status code. negative_caching must be enabled to configure negative_caching_policy. Omitting the policy and leaving negative_caching enabled will use Cloud CDN's default cache TTLs. Note that when specifying an explicit negative_caching_policy, you should take care to specify a cache TTL for all response codes that you wish to cache. Cloud CDN will not apply any default negative caching when a policy exists." }, "requestCoalescing": { "type": "boolean", "description": "If true then Cloud CDN will combine multiple concurrent cache fill requests into a small number of requests to the origin." }, "serveWhileStale": { "type": "integer", "description": "Serve existing content from the cache (if available) when revalidating content with the origin, or when an error is encountered when refreshing the cache. This setting defines the default \"max-stale\" duration for any cached responses that do not specify a max-stale directive. Stale responses that exceed the TTL configured here will not be served. The default limit (max-stale) is 86400s (1 day), which will allow stale content to be served up to this limit beyond the max-age (or s-max-age) of a cached response. The maximum allowed value is 604800 (1 week). Set this to zero (0) to disable serve-while-stale." }, "signedUrlCacheMaxAgeSec": { "type": "string", "description": "Maximum number of seconds the response to a signed URL request will be considered fresh. After this time period, the response will be revalidated before being served. Defaults to 1hr (3600s). When serving responses to signed URL requests, Cloud CDN will internally behave as though all responses from this backend had a \"Cache-Control: public, max-age=[TTL]\" header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered." } }, "type": "object" }, "google-native:compute/beta:BackendBucketCdnPolicyBypassCacheOnRequestHeader": { "description": "Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.", "properties": { "headerName": { "type": "string", "description": "The header field name to match on when bypassing cache. Values are case-insensitive." } }, "type": "object" }, "google-native:compute/beta:BackendBucketCdnPolicyBypassCacheOnRequestHeaderResponse": { "description": "Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.", "properties": { "headerName": { "type": "string", "description": "The header field name to match on when bypassing cache. Values are case-insensitive." } }, "type": "object", "required": [ "headerName" ] }, "google-native:compute/beta:BackendBucketCdnPolicyCacheKeyPolicy": { "description": "Message containing what to include in the cache key for a request for Cloud CDN.", "properties": { "includeHttpHeaders": { "type": "array", "items": { "type": "string" }, "description": "Allows HTTP request headers (by name) to be used in the cache key." }, "queryStringWhitelist": { "type": "array", "items": { "type": "string" }, "description": "Names of query string parameters to include in cache keys. Default parameters are always included. '&' and '=' will be percent encoded and not treated as delimiters." } }, "type": "object" }, "google-native:compute/beta:BackendBucketCdnPolicyCacheKeyPolicyResponse": { "description": "Message containing what to include in the cache key for a request for Cloud CDN.", "properties": { "includeHttpHeaders": { "type": "array", "items": { "type": "string" }, "description": "Allows HTTP request headers (by name) to be used in the cache key." }, "queryStringWhitelist": { "type": "array", "items": { "type": "string" }, "description": "Names of query string parameters to include in cache keys. Default parameters are always included. '&' and '=' will be percent encoded and not treated as delimiters." } }, "type": "object", "required": [ "includeHttpHeaders", "queryStringWhitelist" ] }, "google-native:compute/beta:BackendBucketCdnPolicyCacheMode": { "description": "Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any \"private\", \"no-store\" or \"no-cache\" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.", "type": "string", "enum": [ { "name": "CacheAllStatic", "description": "Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.", "value": "CACHE_ALL_STATIC" }, { "name": "ForceCacheAll", "description": "Cache all content, ignoring any \"private\", \"no-store\" or \"no-cache\" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.", "value": "FORCE_CACHE_ALL" }, { "name": "InvalidCacheMode", "value": "INVALID_CACHE_MODE" }, { "name": "UseOriginHeaders", "description": "Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.", "value": "USE_ORIGIN_HEADERS" } ] }, "google-native:compute/beta:BackendBucketCdnPolicyNegativeCachingPolicy": { "description": "Specify CDN TTLs for response error codes.", "properties": { "code": { "type": "integer", "description": "The HTTP status code to define a TTL against. Only HTTP status codes 300, 301, 302, 307, 308, 404, 405, 410, 421, 451 and 501 are can be specified as values, and you cannot specify a status code more than once." }, "ttl": { "type": "integer", "description": "The TTL (in seconds) for which to cache responses with the corresponding status code. The maximum allowed value is 1800s (30 minutes), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." } }, "type": "object" }, "google-native:compute/beta:BackendBucketCdnPolicyNegativeCachingPolicyResponse": { "description": "Specify CDN TTLs for response error codes.", "properties": { "code": { "type": "integer", "description": "The HTTP status code to define a TTL against. Only HTTP status codes 300, 301, 302, 307, 308, 404, 405, 410, 421, 451 and 501 are can be specified as values, and you cannot specify a status code more than once." }, "ttl": { "type": "integer", "description": "The TTL (in seconds) for which to cache responses with the corresponding status code. The maximum allowed value is 1800s (30 minutes), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." } }, "type": "object", "required": [ "code", "ttl" ] }, "google-native:compute/beta:BackendBucketCdnPolicyResponse": { "description": "Message containing Cloud CDN configuration for a backend bucket.", "properties": { "bypassCacheOnRequestHeaders": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:BackendBucketCdnPolicyBypassCacheOnRequestHeaderResponse" }, "description": "Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings." }, "cacheKeyPolicy": { "$ref": "#/types/google-native:compute%2Fbeta:BackendBucketCdnPolicyCacheKeyPolicyResponse", "description": "The CacheKeyPolicy for this CdnPolicy." }, "cacheMode": { "type": "string", "description": "Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any \"private\", \"no-store\" or \"no-cache\" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached." }, "clientTtl": { "type": "integer", "description": "Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a \"public\" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a \"public\" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year)." }, "defaultTtl": { "type": "integer", "description": "Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of \"0\" means \"always revalidate\". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." }, "maxTtl": { "type": "integer", "description": "Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of \"0\" means \"always revalidate\". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." }, "negativeCaching": { "type": "boolean", "description": "Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy." }, "negativeCachingPolicy": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:BackendBucketCdnPolicyNegativeCachingPolicyResponse" }, "description": "Sets a cache TTL for the specified HTTP status code. negative_caching must be enabled to configure negative_caching_policy. Omitting the policy and leaving negative_caching enabled will use Cloud CDN's default cache TTLs. Note that when specifying an explicit negative_caching_policy, you should take care to specify a cache TTL for all response codes that you wish to cache. Cloud CDN will not apply any default negative caching when a policy exists." }, "requestCoalescing": { "type": "boolean", "description": "If true then Cloud CDN will combine multiple concurrent cache fill requests into a small number of requests to the origin." }, "serveWhileStale": { "type": "integer", "description": "Serve existing content from the cache (if available) when revalidating content with the origin, or when an error is encountered when refreshing the cache. This setting defines the default \"max-stale\" duration for any cached responses that do not specify a max-stale directive. Stale responses that exceed the TTL configured here will not be served. The default limit (max-stale) is 86400s (1 day), which will allow stale content to be served up to this limit beyond the max-age (or s-max-age) of a cached response. The maximum allowed value is 604800 (1 week). Set this to zero (0) to disable serve-while-stale." }, "signedUrlCacheMaxAgeSec": { "type": "string", "description": "Maximum number of seconds the response to a signed URL request will be considered fresh. After this time period, the response will be revalidated before being served. Defaults to 1hr (3600s). When serving responses to signed URL requests, Cloud CDN will internally behave as though all responses from this backend had a \"Cache-Control: public, max-age=[TTL]\" header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered." }, "signedUrlKeyNames": { "type": "array", "items": { "type": "string" }, "description": "Names of the keys for signing request URLs." } }, "type": "object", "required": [ "bypassCacheOnRequestHeaders", "cacheKeyPolicy", "cacheMode", "clientTtl", "defaultTtl", "maxTtl", "negativeCaching", "negativeCachingPolicy", "requestCoalescing", "serveWhileStale", "signedUrlCacheMaxAgeSec", "signedUrlKeyNames" ] }, "google-native:compute/beta:BackendBucketCompressionMode": { "description": "Compress text responses using Brotli or gzip compression, based on the client's Accept-Encoding header.", "type": "string", "enum": [ { "name": "Automatic", "description": "Automatically uses the best compression based on the Accept-Encoding header sent by the client.", "value": "AUTOMATIC" }, { "name": "Disabled", "description": "Disables compression. Existing compressed responses cached by Cloud CDN will not be served to clients.", "value": "DISABLED" } ] }, "google-native:compute/beta:BackendPreference": { "description": "This field indicates whether this backend should be fully utilized before sending traffic to backends with default preference. The possible values are: - PREFERRED: Backends with this preference level will be filled up to their capacity limits first, based on RTT. - DEFAULT: If preferred backends don't have enough capacity, backends in this layer would be used and traffic would be assigned based on the load balancing algorithm you use. This is the default ", "type": "string", "enum": [ { "name": "Default", "description": "No preference.", "value": "DEFAULT" }, { "name": "PreferenceUnspecified", "description": "If preference is unspecified, we set it to the DEFAULT value", "value": "PREFERENCE_UNSPECIFIED" }, { "name": "Preferred", "description": "Traffic will be sent to this backend first.", "value": "PREFERRED" } ] }, "google-native:compute/beta:BackendResponse": { "description": "Message containing information of one individual backend.", "properties": { "balancingMode": { "type": "string", "description": "Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode. Backends must use compatible balancing modes. For more information, see Supported balancing modes and target capacity settings and Restrictions and guidance for instance groups. Note: Currently, if you use the API to configure incompatible balancing modes, the configuration might be accepted even though it has no impact and is ignored. Specifically, Backend.maxUtilization is ignored when Backend.balancingMode is RATE. In the future, this incompatible combination will be rejected." }, "capacityScaler": { "type": "number", "description": "A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not available with backends that don't support using a balancingMode. This includes backends such as global internet NEGs, regional serverless NEGs, and PSC NEGs." }, "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "failover": { "type": "boolean", "description": "This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService." }, "group": { "type": "string", "description": "The fully-qualified URL of an instance group or network endpoint group (NEG) resource. To determine what types of backends a load balancer supports, see the [Backend services overview](https://cloud.google.com/load-balancing/docs/backend-service#backends). You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported." }, "maxConnections": { "type": "integer", "description": "Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE." }, "maxConnectionsPerEndpoint": { "type": "integer", "description": "Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE." }, "maxConnectionsPerInstance": { "type": "integer", "description": "Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE." }, "maxRate": { "type": "integer", "description": "Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION." }, "maxRatePerEndpoint": { "type": "number", "description": "Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION." }, "maxRatePerInstance": { "type": "number", "description": "Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION." }, "maxUtilization": { "type": "number", "description": "Optional parameter to define a target capacity for the UTILIZATION balancing mode. The valid range is [0.0, 1.0]. For usage guidelines, see Utilization balancing mode." }, "preference": { "type": "string", "description": "This field indicates whether this backend should be fully utilized before sending traffic to backends with default preference. The possible values are: - PREFERRED: Backends with this preference level will be filled up to their capacity limits first, based on RTT. - DEFAULT: If preferred backends don't have enough capacity, backends in this layer would be used and traffic would be assigned based on the load balancing algorithm you use. This is the default " } }, "type": "object", "required": [ "balancingMode", "capacityScaler", "description", "failover", "group", "maxConnections", "maxConnectionsPerEndpoint", "maxConnectionsPerInstance", "maxRate", "maxRatePerEndpoint", "maxRatePerInstance", "maxUtilization", "preference" ] }, "google-native:compute/beta:BackendServiceCdnPolicy": { "description": "Message containing Cloud CDN configuration for a backend service.", "properties": { "bypassCacheOnRequestHeaders": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:BackendServiceCdnPolicyBypassCacheOnRequestHeader" }, "description": "Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings." }, "cacheKeyPolicy": { "$ref": "#/types/google-native:compute%2Fbeta:CacheKeyPolicy", "description": "The CacheKeyPolicy for this CdnPolicy." }, "cacheMode": { "$ref": "#/types/google-native:compute%2Fbeta:BackendServiceCdnPolicyCacheMode", "description": "Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any \"private\", \"no-store\" or \"no-cache\" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached." }, "clientTtl": { "type": "integer", "description": "Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a \"public\" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a \"public\" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year)." }, "defaultTtl": { "type": "integer", "description": "Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of \"0\" means \"always revalidate\". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." }, "maxTtl": { "type": "integer", "description": "Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of \"0\" means \"always revalidate\". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." }, "negativeCaching": { "type": "boolean", "description": "Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy." }, "negativeCachingPolicy": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:BackendServiceCdnPolicyNegativeCachingPolicy" }, "description": "Sets a cache TTL for the specified HTTP status code. negative_caching must be enabled to configure negative_caching_policy. Omitting the policy and leaving negative_caching enabled will use Cloud CDN's default cache TTLs. Note that when specifying an explicit negative_caching_policy, you should take care to specify a cache TTL for all response codes that you wish to cache. Cloud CDN will not apply any default negative caching when a policy exists." }, "requestCoalescing": { "type": "boolean", "description": "If true then Cloud CDN will combine multiple concurrent cache fill requests into a small number of requests to the origin." }, "serveWhileStale": { "type": "integer", "description": "Serve existing content from the cache (if available) when revalidating content with the origin, or when an error is encountered when refreshing the cache. This setting defines the default \"max-stale\" duration for any cached responses that do not specify a max-stale directive. Stale responses that exceed the TTL configured here will not be served. The default limit (max-stale) is 86400s (1 day), which will allow stale content to be served up to this limit beyond the max-age (or s-max-age) of a cached response. The maximum allowed value is 604800 (1 week). Set this to zero (0) to disable serve-while-stale." }, "signedUrlCacheMaxAgeSec": { "type": "string", "description": "Maximum number of seconds the response to a signed URL request will be considered fresh. After this time period, the response will be revalidated before being served. Defaults to 1hr (3600s). When serving responses to signed URL requests, Cloud CDN will internally behave as though all responses from this backend had a \"Cache-Control: public, max-age=[TTL]\" header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered." } }, "type": "object" }, "google-native:compute/beta:BackendServiceCdnPolicyBypassCacheOnRequestHeader": { "description": "Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.", "properties": { "headerName": { "type": "string", "description": "The header field name to match on when bypassing cache. Values are case-insensitive." } }, "type": "object" }, "google-native:compute/beta:BackendServiceCdnPolicyBypassCacheOnRequestHeaderResponse": { "description": "Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.", "properties": { "headerName": { "type": "string", "description": "The header field name to match on when bypassing cache. Values are case-insensitive." } }, "type": "object", "required": [ "headerName" ] }, "google-native:compute/beta:BackendServiceCdnPolicyCacheMode": { "description": "Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any \"private\", \"no-store\" or \"no-cache\" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.", "type": "string", "enum": [ { "name": "CacheAllStatic", "description": "Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.", "value": "CACHE_ALL_STATIC" }, { "name": "ForceCacheAll", "description": "Cache all content, ignoring any \"private\", \"no-store\" or \"no-cache\" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.", "value": "FORCE_CACHE_ALL" }, { "name": "InvalidCacheMode", "value": "INVALID_CACHE_MODE" }, { "name": "UseOriginHeaders", "description": "Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.", "value": "USE_ORIGIN_HEADERS" } ] }, "google-native:compute/beta:BackendServiceCdnPolicyNegativeCachingPolicy": { "description": "Specify CDN TTLs for response error codes.", "properties": { "code": { "type": "integer", "description": "The HTTP status code to define a TTL against. Only HTTP status codes 300, 301, 302, 307, 308, 404, 405, 410, 421, 451 and 501 are can be specified as values, and you cannot specify a status code more than once." }, "ttl": { "type": "integer", "description": "The TTL (in seconds) for which to cache responses with the corresponding status code. The maximum allowed value is 1800s (30 minutes), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." } }, "type": "object" }, "google-native:compute/beta:BackendServiceCdnPolicyNegativeCachingPolicyResponse": { "description": "Specify CDN TTLs for response error codes.", "properties": { "code": { "type": "integer", "description": "The HTTP status code to define a TTL against. Only HTTP status codes 300, 301, 302, 307, 308, 404, 405, 410, 421, 451 and 501 are can be specified as values, and you cannot specify a status code more than once." }, "ttl": { "type": "integer", "description": "The TTL (in seconds) for which to cache responses with the corresponding status code. The maximum allowed value is 1800s (30 minutes), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." } }, "type": "object", "required": [ "code", "ttl" ] }, "google-native:compute/beta:BackendServiceCdnPolicyResponse": { "description": "Message containing Cloud CDN configuration for a backend service.", "properties": { "bypassCacheOnRequestHeaders": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:BackendServiceCdnPolicyBypassCacheOnRequestHeaderResponse" }, "description": "Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings." }, "cacheKeyPolicy": { "$ref": "#/types/google-native:compute%2Fbeta:CacheKeyPolicyResponse", "description": "The CacheKeyPolicy for this CdnPolicy." }, "cacheMode": { "type": "string", "description": "Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any \"private\", \"no-store\" or \"no-cache\" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached." }, "clientTtl": { "type": "integer", "description": "Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a \"public\" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a \"public\" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year)." }, "defaultTtl": { "type": "integer", "description": "Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of \"0\" means \"always revalidate\". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." }, "maxTtl": { "type": "integer", "description": "Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of \"0\" means \"always revalidate\". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." }, "negativeCaching": { "type": "boolean", "description": "Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy." }, "negativeCachingPolicy": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:BackendServiceCdnPolicyNegativeCachingPolicyResponse" }, "description": "Sets a cache TTL for the specified HTTP status code. negative_caching must be enabled to configure negative_caching_policy. Omitting the policy and leaving negative_caching enabled will use Cloud CDN's default cache TTLs. Note that when specifying an explicit negative_caching_policy, you should take care to specify a cache TTL for all response codes that you wish to cache. Cloud CDN will not apply any default negative caching when a policy exists." }, "requestCoalescing": { "type": "boolean", "description": "If true then Cloud CDN will combine multiple concurrent cache fill requests into a small number of requests to the origin." }, "serveWhileStale": { "type": "integer", "description": "Serve existing content from the cache (if available) when revalidating content with the origin, or when an error is encountered when refreshing the cache. This setting defines the default \"max-stale\" duration for any cached responses that do not specify a max-stale directive. Stale responses that exceed the TTL configured here will not be served. The default limit (max-stale) is 86400s (1 day), which will allow stale content to be served up to this limit beyond the max-age (or s-max-age) of a cached response. The maximum allowed value is 604800 (1 week). Set this to zero (0) to disable serve-while-stale." }, "signedUrlCacheMaxAgeSec": { "type": "string", "description": "Maximum number of seconds the response to a signed URL request will be considered fresh. After this time period, the response will be revalidated before being served. Defaults to 1hr (3600s). When serving responses to signed URL requests, Cloud CDN will internally behave as though all responses from this backend had a \"Cache-Control: public, max-age=[TTL]\" header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered." }, "signedUrlKeyNames": { "type": "array", "items": { "type": "string" }, "description": "Names of the keys for signing request URLs." } }, "type": "object", "required": [ "bypassCacheOnRequestHeaders", "cacheKeyPolicy", "cacheMode", "clientTtl", "defaultTtl", "maxTtl", "negativeCaching", "negativeCachingPolicy", "requestCoalescing", "serveWhileStale", "signedUrlCacheMaxAgeSec", "signedUrlKeyNames" ] }, "google-native:compute/beta:BackendServiceCompressionMode": { "description": "Compress text responses using Brotli or gzip compression, based on the client's Accept-Encoding header.", "type": "string", "enum": [ { "name": "Automatic", "description": "Automatically uses the best compression based on the Accept-Encoding header sent by the client.", "value": "AUTOMATIC" }, { "name": "Disabled", "description": "Disables compression. Existing compressed responses cached by Cloud CDN will not be served to clients.", "value": "DISABLED" } ] }, "google-native:compute/beta:BackendServiceConnectionTrackingPolicy": { "description": "Connection Tracking configuration for this BackendService.", "properties": { "connectionPersistenceOnUnhealthyBackends": { "$ref": "#/types/google-native:compute%2Fbeta:BackendServiceConnectionTrackingPolicyConnectionPersistenceOnUnhealthyBackends", "description": "Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default. For more details, see [Connection Persistence for Network Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-backend-service#connection-persistence) and [Connection Persistence for Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal#connection-persistence)." }, "enableStrongAffinity": { "type": "boolean", "description": "Enable Strong Session Affinity for Network Load Balancing. This option is not available publicly." }, "idleTimeoutSec": { "type": "integer", "description": "Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds). For Internal TCP/UDP Load Balancing: - The minimum (default) is 10 minutes and the maximum is 16 hours. - It can be set only if Connection Tracking is less than 5-tuple (i.e. Session Affinity is CLIENT_IP_NO_DESTINATION, CLIENT_IP or CLIENT_IP_PROTO, and Tracking Mode is PER_SESSION). For Network Load Balancer the default is 60 seconds. This option is not available publicly." }, "trackingMode": { "$ref": "#/types/google-native:compute%2Fbeta:BackendServiceConnectionTrackingPolicyTrackingMode", "description": "Specifies the key used for connection tracking. There are two options: - PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. - PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity. For more details, see [Tracking Mode for Network Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-backend-service#tracking-mode) and [Tracking Mode for Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal#tracking-mode)." } }, "type": "object" }, "google-native:compute/beta:BackendServiceConnectionTrackingPolicyConnectionPersistenceOnUnhealthyBackends": { "description": "Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default. For more details, see [Connection Persistence for Network Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-backend-service#connection-persistence) and [Connection Persistence for Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal#connection-persistence).", "type": "string", "enum": [ { "name": "AlwaysPersist", "value": "ALWAYS_PERSIST" }, { "name": "DefaultForProtocol", "value": "DEFAULT_FOR_PROTOCOL" }, { "name": "NeverPersist", "value": "NEVER_PERSIST" } ] }, "google-native:compute/beta:BackendServiceConnectionTrackingPolicyResponse": { "description": "Connection Tracking configuration for this BackendService.", "properties": { "connectionPersistenceOnUnhealthyBackends": { "type": "string", "description": "Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default. For more details, see [Connection Persistence for Network Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-backend-service#connection-persistence) and [Connection Persistence for Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal#connection-persistence)." }, "enableStrongAffinity": { "type": "boolean", "description": "Enable Strong Session Affinity for Network Load Balancing. This option is not available publicly." }, "idleTimeoutSec": { "type": "integer", "description": "Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds). For Internal TCP/UDP Load Balancing: - The minimum (default) is 10 minutes and the maximum is 16 hours. - It can be set only if Connection Tracking is less than 5-tuple (i.e. Session Affinity is CLIENT_IP_NO_DESTINATION, CLIENT_IP or CLIENT_IP_PROTO, and Tracking Mode is PER_SESSION). For Network Load Balancer the default is 60 seconds. This option is not available publicly." }, "trackingMode": { "type": "string", "description": "Specifies the key used for connection tracking. There are two options: - PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. - PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity. For more details, see [Tracking Mode for Network Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-backend-service#tracking-mode) and [Tracking Mode for Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal#tracking-mode)." } }, "type": "object", "required": [ "connectionPersistenceOnUnhealthyBackends", "enableStrongAffinity", "idleTimeoutSec", "trackingMode" ] }, "google-native:compute/beta:BackendServiceConnectionTrackingPolicyTrackingMode": { "description": "Specifies the key used for connection tracking. There are two options: - PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. - PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity. For more details, see [Tracking Mode for Network Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-backend-service#tracking-mode) and [Tracking Mode for Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal#tracking-mode).", "type": "string", "enum": [ { "name": "InvalidTrackingMode", "value": "INVALID_TRACKING_MODE" }, { "name": "PerConnection", "value": "PER_CONNECTION" }, { "name": "PerSession", "value": "PER_SESSION" } ] }, "google-native:compute/beta:BackendServiceFailoverPolicy": { "description": "For load balancers that have configurable failover: [Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal/failover-overview) and [external TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-failover-overview). On failover or failback, this field indicates whether connection draining will be honored. Google Cloud has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes).", "properties": { "disableConnectionDrainOnFailover": { "type": "boolean", "description": "This can be set to true only if the protocol is TCP. The default is false." }, "dropTrafficIfUnhealthy": { "type": "boolean", "description": "If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. For load balancers that have configurable failover: [Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal/failover-overview) and [external TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-failover-overview). The default is false." }, "failoverRatio": { "type": "number", "description": "The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio. For load balancers that have configurable failover: [Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal/failover-overview) and [external TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-failover-overview)." } }, "type": "object" }, "google-native:compute/beta:BackendServiceFailoverPolicyResponse": { "description": "For load balancers that have configurable failover: [Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal/failover-overview) and [external TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-failover-overview). On failover or failback, this field indicates whether connection draining will be honored. Google Cloud has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes).", "properties": { "disableConnectionDrainOnFailover": { "type": "boolean", "description": "This can be set to true only if the protocol is TCP. The default is false." }, "dropTrafficIfUnhealthy": { "type": "boolean", "description": "If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. For load balancers that have configurable failover: [Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal/failover-overview) and [external TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-failover-overview). The default is false." }, "failoverRatio": { "type": "number", "description": "The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio. For load balancers that have configurable failover: [Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal/failover-overview) and [external TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-failover-overview)." } }, "type": "object", "required": [ "disableConnectionDrainOnFailover", "dropTrafficIfUnhealthy", "failoverRatio" ] }, "google-native:compute/beta:BackendServiceIAP": { "description": "Identity-Aware Proxy", "properties": { "enabled": { "type": "boolean", "description": "Whether the serving infrastructure will authenticate and authorize all incoming requests." }, "oauth2ClientId": { "type": "string", "description": "OAuth2 client ID to use for the authentication flow." }, "oauth2ClientSecret": { "type": "string", "description": "OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly" } }, "type": "object" }, "google-native:compute/beta:BackendServiceIAPResponse": { "description": "Identity-Aware Proxy", "properties": { "enabled": { "type": "boolean", "description": "Whether the serving infrastructure will authenticate and authorize all incoming requests." }, "oauth2ClientId": { "type": "string", "description": "OAuth2 client ID to use for the authentication flow." }, "oauth2ClientSecret": { "type": "string", "description": "OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly" }, "oauth2ClientSecretSha256": { "type": "string", "description": "SHA256 hash value for the field oauth2_client_secret above." } }, "type": "object", "required": [ "enabled", "oauth2ClientId", "oauth2ClientSecret", "oauth2ClientSecretSha256" ] }, "google-native:compute/beta:BackendServiceIpAddressSelectionPolicy": { "description": "Specifies a preference for traffic sent from the proxy to the backend (or from the client to the backend for proxyless gRPC). The possible values are: - IPV4_ONLY: Only send IPv4 traffic to the backends of the backend service (Instance Group, Managed Instance Group, Network Endpoint Group), regardless of traffic from the client to the proxy. Only IPv4 health checks are used to check the health of the backends. This is the default setting. - PREFER_IPV6: Prioritize the connection to the endpoint's IPv6 address over its IPv4 address (provided there is a healthy IPv6 address). - IPV6_ONLY: Only send IPv6 traffic to the backends of the backend service (Instance Group, Managed Instance Group, Network Endpoint Group), regardless of traffic from the client to the proxy. Only IPv6 health checks are used to check the health of the backends. This field is applicable to either: - Advanced Global External HTTPS Load Balancing (load balancing scheme EXTERNAL_MANAGED), - Regional External HTTPS Load Balancing, - Internal TCP Proxy (load balancing scheme INTERNAL_MANAGED), - Regional Internal HTTPS Load Balancing (load balancing scheme INTERNAL_MANAGED), - Traffic Director with Envoy proxies and proxyless gRPC (load balancing scheme INTERNAL_SELF_MANAGED). ", "type": "string", "enum": [ { "name": "Ipv4Only", "description": "Only send IPv4 traffic to the backends of the Backend Service (Instance Group, Managed Instance Group, Network Endpoint Group) regardless of traffic from the client to the proxy. Only IPv4 health-checks are used to check the health of the backends. This is the default setting.", "value": "IPV4_ONLY" }, { "name": "Ipv6Only", "description": "Only send IPv6 traffic to the backends of the Backend Service (Instance Group, Managed Instance Group, Network Endpoint Group) regardless of traffic from the client to the proxy. Only IPv6 health-checks are used to check the health of the backends.", "value": "IPV6_ONLY" }, { "name": "IpAddressSelectionPolicyUnspecified", "description": "Unspecified IP address selection policy.", "value": "IP_ADDRESS_SELECTION_POLICY_UNSPECIFIED" }, { "name": "PreferIpv6", "description": "Prioritize the connection to the endpoints IPv6 address over its IPv4 address (provided there is a healthy IPv6 address).", "value": "PREFER_IPV6" } ] }, "google-native:compute/beta:BackendServiceLoadBalancingScheme": { "description": "Specifies the load balancer type. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.", "type": "string", "enum": [ { "name": "External", "description": "Signifies that this will be used for external HTTP(S), SSL Proxy, TCP Proxy, or Network Load Balancing", "value": "EXTERNAL" }, { "name": "ExternalManaged", "description": "Signifies that this will be used for External Managed HTTP(S) Load Balancing.", "value": "EXTERNAL_MANAGED" }, { "name": "Internal", "description": "Signifies that this will be used for Internal TCP/UDP Load Balancing.", "value": "INTERNAL" }, { "name": "InternalManaged", "description": "Signifies that this will be used for Internal HTTP(S) Load Balancing.", "value": "INTERNAL_MANAGED" }, { "name": "InternalSelfManaged", "description": "Signifies that this will be used by Traffic Director.", "value": "INTERNAL_SELF_MANAGED" }, { "name": "InvalidLoadBalancingScheme", "value": "INVALID_LOAD_BALANCING_SCHEME" } ] }, "google-native:compute/beta:BackendServiceLocalityLbPolicy": { "description": "The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED, INTERNAL_MANAGED, or EXTERNAL_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only ROUND_ROBIN and RING_HASH are supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.", "type": "string", "enum": [ { "name": "InvalidLbPolicy", "value": "INVALID_LB_POLICY" }, { "name": "LeastRequest", "description": "An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.", "value": "LEAST_REQUEST" }, { "name": "Maglev", "description": "This algorithm implements consistent hashing to backends. Maglev can be used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824", "value": "MAGLEV" }, { "name": "OriginalDestination", "description": "Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.", "value": "ORIGINAL_DESTINATION" }, { "name": "Random", "description": "The load balancer selects a random healthy host.", "value": "RANDOM" }, { "name": "RingHash", "description": "The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.", "value": "RING_HASH" }, { "name": "RoundRobin", "description": "This is a simple policy in which each healthy backend is selected in round robin order. This is the default.", "value": "ROUND_ROBIN" }, { "name": "WeightedMaglev", "description": "Per-instance weighted Load Balancing via health check reported weights. If set, the Backend Service must configure a non legacy HTTP-based Health Check, and health check replies are expected to contain non-standard HTTP response header field X-Load-Balancing-Endpoint-Weight to specify the per-instance weights. If set, Load Balancing is weighted based on the per-instance weights reported in the last processed health check replies, as long as every instance either reported a valid weight or had UNAVAILABLE_WEIGHT. Otherwise, Load Balancing remains equal-weight. This option is only supported in Network Load Balancing.", "value": "WEIGHTED_MAGLEV" } ] }, "google-native:compute/beta:BackendServiceLocalityLoadBalancingPolicyConfig": { "description": "Container for either a built-in LB policy supported by gRPC or Envoy or a custom one implemented by the end user.", "properties": { "customPolicy": { "$ref": "#/types/google-native:compute%2Fbeta:BackendServiceLocalityLoadBalancingPolicyConfigCustomPolicy" }, "policy": { "$ref": "#/types/google-native:compute%2Fbeta:BackendServiceLocalityLoadBalancingPolicyConfigPolicy" } }, "type": "object" }, "google-native:compute/beta:BackendServiceLocalityLoadBalancingPolicyConfigCustomPolicy": { "description": "The configuration for a custom policy implemented by the user and deployed with the client.", "properties": { "data": { "type": "string", "description": "An optional, arbitrary JSON object with configuration data, understood by a locally installed custom policy implementation." }, "name": { "type": "string", "description": "Identifies the custom policy. The value should match the name of a custom implementation registered on the gRPC clients. It should follow protocol buffer message naming conventions and include the full path (for example, myorg.CustomLbPolicy). The maximum length is 256 characters. Do not specify the same custom policy more than once for a backend. If you do, the configuration is rejected. For an example of how to use this field, see Use a custom policy." } }, "type": "object" }, "google-native:compute/beta:BackendServiceLocalityLoadBalancingPolicyConfigCustomPolicyResponse": { "description": "The configuration for a custom policy implemented by the user and deployed with the client.", "properties": { "data": { "type": "string", "description": "An optional, arbitrary JSON object with configuration data, understood by a locally installed custom policy implementation." }, "name": { "type": "string", "description": "Identifies the custom policy. The value should match the name of a custom implementation registered on the gRPC clients. It should follow protocol buffer message naming conventions and include the full path (for example, myorg.CustomLbPolicy). The maximum length is 256 characters. Do not specify the same custom policy more than once for a backend. If you do, the configuration is rejected. For an example of how to use this field, see Use a custom policy." } }, "type": "object", "required": [ "data", "name" ] }, "google-native:compute/beta:BackendServiceLocalityLoadBalancingPolicyConfigPolicy": { "description": "The configuration for a built-in load balancing policy.", "properties": { "name": { "$ref": "#/types/google-native:compute%2Fbeta:BackendServiceLocalityLoadBalancingPolicyConfigPolicyName", "description": "The name of a locality load-balancing policy. Valid values include ROUND_ROBIN and, for Java clients, LEAST_REQUEST. For information about these values, see the description of localityLbPolicy. Do not specify the same policy more than once for a backend. If you do, the configuration is rejected." } }, "type": "object" }, "google-native:compute/beta:BackendServiceLocalityLoadBalancingPolicyConfigPolicyName": { "description": "The name of a locality load-balancing policy. Valid values include ROUND_ROBIN and, for Java clients, LEAST_REQUEST. For information about these values, see the description of localityLbPolicy. Do not specify the same policy more than once for a backend. If you do, the configuration is rejected.", "type": "string", "enum": [ { "name": "InvalidLbPolicy", "value": "INVALID_LB_POLICY" }, { "name": "LeastRequest", "description": "An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.", "value": "LEAST_REQUEST" }, { "name": "Maglev", "description": "This algorithm implements consistent hashing to backends. Maglev can be used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824", "value": "MAGLEV" }, { "name": "OriginalDestination", "description": "Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.", "value": "ORIGINAL_DESTINATION" }, { "name": "Random", "description": "The load balancer selects a random healthy host.", "value": "RANDOM" }, { "name": "RingHash", "description": "The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.", "value": "RING_HASH" }, { "name": "RoundRobin", "description": "This is a simple policy in which each healthy backend is selected in round robin order. This is the default.", "value": "ROUND_ROBIN" }, { "name": "WeightedMaglev", "description": "Per-instance weighted Load Balancing via health check reported weights. If set, the Backend Service must configure a non legacy HTTP-based Health Check, and health check replies are expected to contain non-standard HTTP response header field X-Load-Balancing-Endpoint-Weight to specify the per-instance weights. If set, Load Balancing is weighted based on the per-instance weights reported in the last processed health check replies, as long as every instance either reported a valid weight or had UNAVAILABLE_WEIGHT. Otherwise, Load Balancing remains equal-weight. This option is only supported in Network Load Balancing.", "value": "WEIGHTED_MAGLEV" } ] }, "google-native:compute/beta:BackendServiceLocalityLoadBalancingPolicyConfigPolicyResponse": { "description": "The configuration for a built-in load balancing policy.", "properties": { "name": { "type": "string", "description": "The name of a locality load-balancing policy. Valid values include ROUND_ROBIN and, for Java clients, LEAST_REQUEST. For information about these values, see the description of localityLbPolicy. Do not specify the same policy more than once for a backend. If you do, the configuration is rejected." } }, "type": "object", "required": [ "name" ] }, "google-native:compute/beta:BackendServiceLocalityLoadBalancingPolicyConfigResponse": { "description": "Container for either a built-in LB policy supported by gRPC or Envoy or a custom one implemented by the end user.", "properties": { "customPolicy": { "$ref": "#/types/google-native:compute%2Fbeta:BackendServiceLocalityLoadBalancingPolicyConfigCustomPolicyResponse" }, "policy": { "$ref": "#/types/google-native:compute%2Fbeta:BackendServiceLocalityLoadBalancingPolicyConfigPolicyResponse" } }, "type": "object", "required": [ "customPolicy", "policy" ] }, "google-native:compute/beta:BackendServiceLogConfig": { "description": "The available logging options for the load balancer traffic served by this backend service.", "properties": { "enable": { "type": "boolean", "description": "Denotes whether to enable logging for the load balancer traffic served by this backend service. The default value is false." }, "optionalFields": { "type": "array", "items": { "type": "string" }, "description": "This field can only be specified if logging is enabled for this backend service and \"logConfig.optionalMode\" was set to CUSTOM. Contains a list of optional fields you want to include in the logs. For example: serverInstance, serverGkeDetails.cluster, serverGkeDetails.pod.podNamespace" }, "optionalMode": { "$ref": "#/types/google-native:compute%2Fbeta:BackendServiceLogConfigOptionalMode", "description": "This field can only be specified if logging is enabled for this backend service. Configures whether all, none or a subset of optional fields should be added to the reported logs. One of [INCLUDE_ALL_OPTIONAL, EXCLUDE_ALL_OPTIONAL, CUSTOM]. Default is EXCLUDE_ALL_OPTIONAL." }, "sampleRate": { "type": "number", "description": "This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0." } }, "type": "object" }, "google-native:compute/beta:BackendServiceLogConfigOptionalMode": { "description": "This field can only be specified if logging is enabled for this backend service. Configures whether all, none or a subset of optional fields should be added to the reported logs. One of [INCLUDE_ALL_OPTIONAL, EXCLUDE_ALL_OPTIONAL, CUSTOM]. Default is EXCLUDE_ALL_OPTIONAL.", "type": "string", "enum": [ { "name": "Custom", "description": "A subset of optional fields.", "value": "CUSTOM" }, { "name": "ExcludeAllOptional", "description": "None optional fields.", "value": "EXCLUDE_ALL_OPTIONAL" }, { "name": "IncludeAllOptional", "description": "All optional fields.", "value": "INCLUDE_ALL_OPTIONAL" } ] }, "google-native:compute/beta:BackendServiceLogConfigResponse": { "description": "The available logging options for the load balancer traffic served by this backend service.", "properties": { "enable": { "type": "boolean", "description": "Denotes whether to enable logging for the load balancer traffic served by this backend service. The default value is false." }, "optionalFields": { "type": "array", "items": { "type": "string" }, "description": "This field can only be specified if logging is enabled for this backend service and \"logConfig.optionalMode\" was set to CUSTOM. Contains a list of optional fields you want to include in the logs. For example: serverInstance, serverGkeDetails.cluster, serverGkeDetails.pod.podNamespace" }, "optionalMode": { "type": "string", "description": "This field can only be specified if logging is enabled for this backend service. Configures whether all, none or a subset of optional fields should be added to the reported logs. One of [INCLUDE_ALL_OPTIONAL, EXCLUDE_ALL_OPTIONAL, CUSTOM]. Default is EXCLUDE_ALL_OPTIONAL." }, "sampleRate": { "type": "number", "description": "This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0." } }, "type": "object", "required": [ "enable", "optionalFields", "optionalMode", "sampleRate" ] }, "google-native:compute/beta:BackendServiceProtocol": { "description": "The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancers or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.", "type": "string", "enum": [ { "name": "Grpc", "description": "gRPC (available for Traffic Director).", "value": "GRPC" }, { "name": "Http", "value": "HTTP" }, { "name": "Http2", "description": "HTTP/2 with SSL.", "value": "HTTP2" }, { "name": "Https", "value": "HTTPS" }, { "name": "Ssl", "description": "TCP proxying with SSL.", "value": "SSL" }, { "name": "Tcp", "description": "TCP proxying or TCP pass-through.", "value": "TCP" }, { "name": "Udp", "description": "UDP.", "value": "UDP" }, { "name": "Unspecified", "description": "If a Backend Service has UNSPECIFIED as its protocol, it can be used with any L3/L4 Forwarding Rules.", "value": "UNSPECIFIED" } ] }, "google-native:compute/beta:BackendServiceSessionAffinity": { "description": "Type of session affinity to use. The default is NONE. Only NONE and HEADER_FIELD are supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. For more details, see: [Session Affinity](https://cloud.google.com/load-balancing/docs/backend-service#session_affinity).", "type": "string", "enum": [ { "name": "ClientIp", "description": "2-tuple hash on packet's source and destination IP addresses. Connections from the same source IP address to the same destination IP address will be served by the same backend VM while that VM remains healthy.", "value": "CLIENT_IP" }, { "name": "ClientIpNoDestination", "description": "1-tuple hash only on packet's source IP address. Connections from the same source IP address will be served by the same backend VM while that VM remains healthy. This option can only be used for Internal TCP/UDP Load Balancing.", "value": "CLIENT_IP_NO_DESTINATION" }, { "name": "ClientIpPortProto", "description": "5-tuple hash on packet's source and destination IP addresses, IP protocol, and source and destination ports. Connections for the same IP protocol from the same source IP address and port to the same destination IP address and port will be served by the same backend VM while that VM remains healthy. This option cannot be used for HTTP(S) load balancing.", "value": "CLIENT_IP_PORT_PROTO" }, { "name": "ClientIpProto", "description": "3-tuple hash on packet's source and destination IP addresses, and IP protocol. Connections for the same IP protocol from the same source IP address to the same destination IP address will be served by the same backend VM while that VM remains healthy. This option cannot be used for HTTP(S) load balancing.", "value": "CLIENT_IP_PROTO" }, { "name": "GeneratedCookie", "description": "Hash based on a cookie generated by the L7 loadbalancer. Only valid for HTTP(S) load balancing.", "value": "GENERATED_COOKIE" }, { "name": "HeaderField", "description": "The hash is based on a user specified header field.", "value": "HEADER_FIELD" }, { "name": "HttpCookie", "description": "The hash is based on a user provided cookie.", "value": "HTTP_COOKIE" }, { "name": "None", "description": "No session affinity. Connections from the same client IP may go to any instance in the pool.", "value": "NONE" } ] }, "google-native:compute/beta:BackendServiceUsedBy": { "properties": { "reference": { "type": "string" } }, "type": "object" }, "google-native:compute/beta:BackendServiceUsedByResponse": { "properties": { "reference": { "type": "string" } }, "type": "object", "required": [ "reference" ] }, "google-native:compute/beta:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "bindingId": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "condition": { "$ref": "#/types/google-native:compute%2Fbeta:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:compute/beta:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "bindingId": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "condition": { "$ref": "#/types/google-native:compute%2Fbeta:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "bindingId", "condition", "members", "role" ] }, "google-native:compute/beta:CacheKeyPolicy": { "description": "Message containing what to include in the cache key for a request for Cloud CDN.", "properties": { "includeHost": { "type": "boolean", "description": "If true, requests to different hosts will be cached separately." }, "includeHttpHeaders": { "type": "array", "items": { "type": "string" }, "description": "Allows HTTP request headers (by name) to be used in the cache key." }, "includeNamedCookies": { "type": "array", "items": { "type": "string" }, "description": "Allows HTTP cookies (by name) to be used in the cache key. The name=value pair will be used in the cache key Cloud CDN generates." }, "includeProtocol": { "type": "boolean", "description": "If true, http and https requests will be cached separately." }, "includeQueryString": { "type": "boolean", "description": "If true, include query string parameters in the cache key according to query_string_whitelist and query_string_blacklist. If neither is set, the entire query string will be included. If false, the query string will be excluded from the cache key entirely." }, "queryStringBlacklist": { "type": "array", "items": { "type": "string" }, "description": "Names of query string parameters to exclude in cache keys. All other parameters will be included. Either specify query_string_whitelist or query_string_blacklist, not both. '&' and '=' will be percent encoded and not treated as delimiters." }, "queryStringWhitelist": { "type": "array", "items": { "type": "string" }, "description": "Names of query string parameters to include in cache keys. All other parameters will be excluded. Either specify query_string_whitelist or query_string_blacklist, not both. '&' and '=' will be percent encoded and not treated as delimiters." } }, "type": "object" }, "google-native:compute/beta:CacheKeyPolicyResponse": { "description": "Message containing what to include in the cache key for a request for Cloud CDN.", "properties": { "includeHost": { "type": "boolean", "description": "If true, requests to different hosts will be cached separately." }, "includeHttpHeaders": { "type": "array", "items": { "type": "string" }, "description": "Allows HTTP request headers (by name) to be used in the cache key." }, "includeNamedCookies": { "type": "array", "items": { "type": "string" }, "description": "Allows HTTP cookies (by name) to be used in the cache key. The name=value pair will be used in the cache key Cloud CDN generates." }, "includeProtocol": { "type": "boolean", "description": "If true, http and https requests will be cached separately." }, "includeQueryString": { "type": "boolean", "description": "If true, include query string parameters in the cache key according to query_string_whitelist and query_string_blacklist. If neither is set, the entire query string will be included. If false, the query string will be excluded from the cache key entirely." }, "queryStringBlacklist": { "type": "array", "items": { "type": "string" }, "description": "Names of query string parameters to exclude in cache keys. All other parameters will be included. Either specify query_string_whitelist or query_string_blacklist, not both. '&' and '=' will be percent encoded and not treated as delimiters." }, "queryStringWhitelist": { "type": "array", "items": { "type": "string" }, "description": "Names of query string parameters to include in cache keys. All other parameters will be excluded. Either specify query_string_whitelist or query_string_blacklist, not both. '&' and '=' will be percent encoded and not treated as delimiters." } }, "type": "object", "required": [ "includeHost", "includeHttpHeaders", "includeNamedCookies", "includeProtocol", "includeQueryString", "queryStringBlacklist", "queryStringWhitelist" ] }, "google-native:compute/beta:CircuitBreakers": { "description": "Settings controlling the volume of requests, connections and retries to this backend service.", "properties": { "connectTimeout": { "$ref": "#/types/google-native:compute%2Fbeta:Duration", "description": "The timeout for new network connections to hosts." }, "maxConnections": { "type": "integer", "description": "The maximum number of connections to the backend service. If not specified, there is no limit. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true." }, "maxPendingRequests": { "type": "integer", "description": "The maximum number of pending requests allowed to the backend service. If not specified, there is no limit. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true." }, "maxRequests": { "type": "integer", "description": "The maximum number of parallel requests that allowed to the backend service. If not specified, there is no limit." }, "maxRequestsPerConnection": { "type": "integer", "description": "Maximum requests for a single connection to the backend service. This parameter is respected by both the HTTP/1.1 and HTTP/2 implementations. If not specified, there is no limit. Setting this parameter to 1 will effectively disable keep alive. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true." }, "maxRetries": { "type": "integer", "description": "The maximum number of parallel retries allowed to the backend cluster. If not specified, the default is 1. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true." } }, "type": "object" }, "google-native:compute/beta:CircuitBreakersResponse": { "description": "Settings controlling the volume of requests, connections and retries to this backend service.", "properties": { "connectTimeout": { "$ref": "#/types/google-native:compute%2Fbeta:DurationResponse", "description": "The timeout for new network connections to hosts." }, "maxConnections": { "type": "integer", "description": "The maximum number of connections to the backend service. If not specified, there is no limit. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true." }, "maxPendingRequests": { "type": "integer", "description": "The maximum number of pending requests allowed to the backend service. If not specified, there is no limit. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true." }, "maxRequests": { "type": "integer", "description": "The maximum number of parallel requests that allowed to the backend service. If not specified, there is no limit." }, "maxRequestsPerConnection": { "type": "integer", "description": "Maximum requests for a single connection to the backend service. This parameter is respected by both the HTTP/1.1 and HTTP/2 implementations. If not specified, there is no limit. Setting this parameter to 1 will effectively disable keep alive. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true." }, "maxRetries": { "type": "integer", "description": "The maximum number of parallel retries allowed to the backend cluster. If not specified, the default is 1. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true." } }, "type": "object", "required": [ "connectTimeout", "maxConnections", "maxPendingRequests", "maxRequests", "maxRequestsPerConnection", "maxRetries" ] }, "google-native:compute/beta:Condition": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "iam": { "$ref": "#/types/google-native:compute%2Fbeta:ConditionIam", "description": "This is deprecated and has no effect. Do not use." }, "op": { "$ref": "#/types/google-native:compute%2Fbeta:ConditionOp", "description": "This is deprecated and has no effect. Do not use." }, "svc": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "sys": { "$ref": "#/types/google-native:compute%2Fbeta:ConditionSys", "description": "This is deprecated and has no effect. Do not use." }, "values": { "type": "array", "items": { "type": "string" }, "description": "This is deprecated and has no effect. Do not use." } }, "type": "object" }, "google-native:compute/beta:ConditionIam": { "description": "This is deprecated and has no effect. Do not use.", "type": "string", "enum": [ { "name": "Approver", "description": "This is deprecated and has no effect. Do not use.", "value": "APPROVER" }, { "name": "Attribution", "description": "This is deprecated and has no effect. Do not use.", "value": "ATTRIBUTION" }, { "name": "Authority", "description": "This is deprecated and has no effect. Do not use.", "value": "AUTHORITY" }, { "name": "CredentialsType", "description": "This is deprecated and has no effect. Do not use.", "value": "CREDENTIALS_TYPE" }, { "name": "CredsAssertion", "description": "This is deprecated and has no effect. Do not use.", "value": "CREDS_ASSERTION" }, { "name": "JustificationType", "description": "This is deprecated and has no effect. Do not use.", "value": "JUSTIFICATION_TYPE" }, { "name": "NoAttr", "description": "This is deprecated and has no effect. Do not use.", "value": "NO_ATTR" }, { "name": "SecurityRealm", "description": "This is deprecated and has no effect. Do not use.", "value": "SECURITY_REALM" } ] }, "google-native:compute/beta:ConditionOp": { "description": "This is deprecated and has no effect. Do not use.", "type": "string", "enum": [ { "name": "Discharged", "description": "This is deprecated and has no effect. Do not use.", "value": "DISCHARGED" }, { "name": "Equals", "description": "This is deprecated and has no effect. Do not use.", "value": "EQUALS" }, { "name": "In", "description": "This is deprecated and has no effect. Do not use.", "value": "IN" }, { "name": "NotEquals", "description": "This is deprecated and has no effect. Do not use.", "value": "NOT_EQUALS" }, { "name": "NotIn", "description": "This is deprecated and has no effect. Do not use.", "value": "NOT_IN" }, { "name": "NoOp", "description": "This is deprecated and has no effect. Do not use.", "value": "NO_OP" } ] }, "google-native:compute/beta:ConditionResponse": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "iam": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "op": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "svc": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "sys": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "values": { "type": "array", "items": { "type": "string" }, "description": "This is deprecated and has no effect. Do not use." } }, "type": "object", "required": [ "iam", "op", "svc", "sys", "values" ] }, "google-native:compute/beta:ConditionSys": { "description": "This is deprecated and has no effect. Do not use.", "type": "string", "enum": [ { "name": "Ip", "description": "This is deprecated and has no effect. Do not use.", "value": "IP" }, { "name": "Name", "description": "This is deprecated and has no effect. Do not use.", "value": "NAME" }, { "name": "NoAttr", "description": "This is deprecated and has no effect. Do not use.", "value": "NO_ATTR" }, { "name": "Region", "description": "This is deprecated and has no effect. Do not use.", "value": "REGION" }, { "name": "Service", "description": "This is deprecated and has no effect. Do not use.", "value": "SERVICE" } ] }, "google-native:compute/beta:ConfidentialInstanceConfig": { "description": "A set of Confidential Instance options.", "properties": { "confidentialInstanceType": { "$ref": "#/types/google-native:compute%2Fbeta:ConfidentialInstanceConfigConfidentialInstanceType", "description": "Defines the type of technology used by the confidential instance." }, "enableConfidentialCompute": { "type": "boolean", "description": "Defines whether the instance should have confidential compute enabled." } }, "type": "object" }, "google-native:compute/beta:ConfidentialInstanceConfigConfidentialInstanceType": { "description": "Defines the type of technology used by the confidential instance.", "type": "string", "enum": [ { "name": "ConfidentialInstanceTypeUnspecified", "description": "No type specified. Do not use this value.", "value": "CONFIDENTIAL_INSTANCE_TYPE_UNSPECIFIED" }, { "name": "Sev", "description": "AMD Secure Encrypted Virtualization.", "value": "SEV" }, { "name": "SevSnp", "description": "AMD Secure Encrypted Virtualization - Secure Nested Paging.", "value": "SEV_SNP" } ] }, "google-native:compute/beta:ConfidentialInstanceConfigResponse": { "description": "A set of Confidential Instance options.", "properties": { "confidentialInstanceType": { "type": "string", "description": "Defines the type of technology used by the confidential instance." }, "enableConfidentialCompute": { "type": "boolean", "description": "Defines whether the instance should have confidential compute enabled." } }, "type": "object", "required": [ "confidentialInstanceType", "enableConfidentialCompute" ] }, "google-native:compute/beta:ConnectionDraining": { "description": "Message containing connection draining configuration.", "properties": { "drainingTimeoutSec": { "type": "integer", "description": "Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining." } }, "type": "object" }, "google-native:compute/beta:ConnectionDrainingResponse": { "description": "Message containing connection draining configuration.", "properties": { "drainingTimeoutSec": { "type": "integer", "description": "Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining." } }, "type": "object", "required": [ "drainingTimeoutSec" ] }, "google-native:compute/beta:ConsistentHashLoadBalancerSettings": { "description": "This message defines settings for a consistent hash style load balancer.", "properties": { "httpCookie": { "$ref": "#/types/google-native:compute%2Fbeta:ConsistentHashLoadBalancerSettingsHttpCookie", "description": "Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true." }, "httpHeaderName": { "type": "string", "description": "The hash based on the value of the specified header field. This field is applicable if the sessionAffinity is set to HEADER_FIELD." }, "minimumRingSize": { "type": "string", "description": "The minimum number of virtual nodes to use for the hash ring. Defaults to 1024. Larger ring sizes result in more granular load distributions. If the number of hosts in the load balancing pool is larger than the ring size, each host will be assigned a single virtual node." } }, "type": "object" }, "google-native:compute/beta:ConsistentHashLoadBalancerSettingsHttpCookie": { "description": "The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash.", "properties": { "name": { "type": "string", "description": "Name of the cookie." }, "path": { "type": "string", "description": "Path to set for the cookie." }, "ttl": { "$ref": "#/types/google-native:compute%2Fbeta:Duration", "description": "Lifetime of the cookie." } }, "type": "object" }, "google-native:compute/beta:ConsistentHashLoadBalancerSettingsHttpCookieResponse": { "description": "The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash.", "properties": { "name": { "type": "string", "description": "Name of the cookie." }, "path": { "type": "string", "description": "Path to set for the cookie." }, "ttl": { "$ref": "#/types/google-native:compute%2Fbeta:DurationResponse", "description": "Lifetime of the cookie." } }, "type": "object", "required": [ "name", "path", "ttl" ] }, "google-native:compute/beta:ConsistentHashLoadBalancerSettingsResponse": { "description": "This message defines settings for a consistent hash style load balancer.", "properties": { "httpCookie": { "$ref": "#/types/google-native:compute%2Fbeta:ConsistentHashLoadBalancerSettingsHttpCookieResponse", "description": "Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true." }, "httpHeaderName": { "type": "string", "description": "The hash based on the value of the specified header field. This field is applicable if the sessionAffinity is set to HEADER_FIELD." }, "minimumRingSize": { "type": "string", "description": "The minimum number of virtual nodes to use for the hash ring. Defaults to 1024. Larger ring sizes result in more granular load distributions. If the number of hosts in the load balancing pool is larger than the ring size, each host will be assigned a single virtual node." } }, "type": "object", "required": [ "httpCookie", "httpHeaderName", "minimumRingSize" ] }, "google-native:compute/beta:CorsPolicy": { "description": "The specification for allowing client-side cross-origin requests. For more information about the W3C recommendation for cross-origin resource sharing (CORS), see Fetch API Living Standard.", "properties": { "allowCredentials": { "type": "boolean", "description": "In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This field translates to the Access-Control-Allow-Credentials header. Default is false." }, "allowHeaders": { "type": "array", "items": { "type": "string" }, "description": "Specifies the content for the Access-Control-Allow-Headers header." }, "allowMethods": { "type": "array", "items": { "type": "string" }, "description": "Specifies the content for the Access-Control-Allow-Methods header." }, "allowOriginRegexes": { "type": "array", "items": { "type": "string" }, "description": "Specifies a regular expression that matches allowed origins. For more information about the regular expression syntax, see Syntax. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. Regular expressions can only be used when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED." }, "allowOrigins": { "type": "array", "items": { "type": "string" }, "description": "Specifies the list of origins that is allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes." }, "disabled": { "type": "boolean", "description": "If true, the setting specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect." }, "exposeHeaders": { "type": "array", "items": { "type": "string" }, "description": "Specifies the content for the Access-Control-Expose-Headers header." }, "maxAge": { "type": "integer", "description": "Specifies how long results of a preflight request can be cached in seconds. This field translates to the Access-Control-Max-Age header." } }, "type": "object" }, "google-native:compute/beta:CorsPolicyResponse": { "description": "The specification for allowing client-side cross-origin requests. For more information about the W3C recommendation for cross-origin resource sharing (CORS), see Fetch API Living Standard.", "properties": { "allowCredentials": { "type": "boolean", "description": "In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This field translates to the Access-Control-Allow-Credentials header. Default is false." }, "allowHeaders": { "type": "array", "items": { "type": "string" }, "description": "Specifies the content for the Access-Control-Allow-Headers header." }, "allowMethods": { "type": "array", "items": { "type": "string" }, "description": "Specifies the content for the Access-Control-Allow-Methods header." }, "allowOriginRegexes": { "type": "array", "items": { "type": "string" }, "description": "Specifies a regular expression that matches allowed origins. For more information about the regular expression syntax, see Syntax. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. Regular expressions can only be used when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED." }, "allowOrigins": { "type": "array", "items": { "type": "string" }, "description": "Specifies the list of origins that is allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes." }, "disabled": { "type": "boolean", "description": "If true, the setting specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect." }, "exposeHeaders": { "type": "array", "items": { "type": "string" }, "description": "Specifies the content for the Access-Control-Expose-Headers header." }, "maxAge": { "type": "integer", "description": "Specifies how long results of a preflight request can be cached in seconds. This field translates to the Access-Control-Max-Age header." } }, "type": "object", "required": [ "allowCredentials", "allowHeaders", "allowMethods", "allowOriginRegexes", "allowOrigins", "disabled", "exposeHeaders", "maxAge" ] }, "google-native:compute/beta:CustomErrorResponsePolicy": { "description": "Specifies the custom error response policy that must be applied when the backend service or backend bucket responds with an error.", "properties": { "errorResponseRules": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:CustomErrorResponsePolicyCustomErrorResponseRule" }, "description": "Specifies rules for returning error responses. In a given policy, if you specify rules for both a range of error codes as well as rules for specific error codes then rules with specific error codes have a higher priority. For example, assume that you configure a rule for 401 (Un-authorized) code, and another for all 4 series error codes (4XX). If the backend service returns a 401, then the rule for 401 will be applied. However if the backend service returns a 403, the rule for 4xx takes effect." }, "errorService": { "type": "string", "description": "The full or partial URL to the BackendBucket resource that contains the custom error content. Examples are: - https://www.googleapis.com/compute/v1/projects/project/global/backendBuckets/myBackendBucket - compute/v1/projects/project/global/backendBuckets/myBackendBucket - global/backendBuckets/myBackendBucket If errorService is not specified at lower levels like pathMatcher, pathRule and routeRule, an errorService specified at a higher level in the UrlMap will be used. If UrlMap.defaultCustomErrorResponsePolicy contains one or more errorResponseRules[], it must specify errorService. If load balancer cannot reach the backendBucket, a simple Not Found Error will be returned, with the original response code (or overrideResponseCode if configured). errorService is not supported for internal or regional HTTP/HTTPS load balancers." } }, "type": "object" }, "google-native:compute/beta:CustomErrorResponsePolicyCustomErrorResponseRule": { "description": "Specifies the mapping between the response code that will be returned along with the custom error content and the response code returned by the backend service.", "properties": { "matchResponseCodes": { "type": "array", "items": { "type": "string" }, "description": "Valid values include: - A number between 400 and 599: For example 401 or 503, in which case the load balancer applies the policy if the error code exactly matches this value. - 5xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 500 to 599. - 4xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 400 to 499. Values must be unique within matchResponseCodes and across all errorResponseRules of CustomErrorResponsePolicy." }, "overrideResponseCode": { "type": "integer", "description": "The HTTP status code returned with the response containing the custom error content. If overrideResponseCode is not supplied, the same response code returned by the original backend bucket or backend service is returned to the client." }, "path": { "type": "string", "description": "The full path to a file within backendBucket . For example: /errors/defaultError.html path must start with a leading slash. path cannot have trailing slashes. If the file is not available in backendBucket or the load balancer cannot reach the BackendBucket, a simple Not Found Error is returned to the client. The value must be from 1 to 1024 characters" } }, "type": "object" }, "google-native:compute/beta:CustomErrorResponsePolicyCustomErrorResponseRuleResponse": { "description": "Specifies the mapping between the response code that will be returned along with the custom error content and the response code returned by the backend service.", "properties": { "matchResponseCodes": { "type": "array", "items": { "type": "string" }, "description": "Valid values include: - A number between 400 and 599: For example 401 or 503, in which case the load balancer applies the policy if the error code exactly matches this value. - 5xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 500 to 599. - 4xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 400 to 499. Values must be unique within matchResponseCodes and across all errorResponseRules of CustomErrorResponsePolicy." }, "overrideResponseCode": { "type": "integer", "description": "The HTTP status code returned with the response containing the custom error content. If overrideResponseCode is not supplied, the same response code returned by the original backend bucket or backend service is returned to the client." }, "path": { "type": "string", "description": "The full path to a file within backendBucket . For example: /errors/defaultError.html path must start with a leading slash. path cannot have trailing slashes. If the file is not available in backendBucket or the load balancer cannot reach the BackendBucket, a simple Not Found Error is returned to the client. The value must be from 1 to 1024 characters" } }, "type": "object", "required": [ "matchResponseCodes", "overrideResponseCode", "path" ] }, "google-native:compute/beta:CustomErrorResponsePolicyResponse": { "description": "Specifies the custom error response policy that must be applied when the backend service or backend bucket responds with an error.", "properties": { "errorResponseRules": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:CustomErrorResponsePolicyCustomErrorResponseRuleResponse" }, "description": "Specifies rules for returning error responses. In a given policy, if you specify rules for both a range of error codes as well as rules for specific error codes then rules with specific error codes have a higher priority. For example, assume that you configure a rule for 401 (Un-authorized) code, and another for all 4 series error codes (4XX). If the backend service returns a 401, then the rule for 401 will be applied. However if the backend service returns a 403, the rule for 4xx takes effect." }, "errorService": { "type": "string", "description": "The full or partial URL to the BackendBucket resource that contains the custom error content. Examples are: - https://www.googleapis.com/compute/v1/projects/project/global/backendBuckets/myBackendBucket - compute/v1/projects/project/global/backendBuckets/myBackendBucket - global/backendBuckets/myBackendBucket If errorService is not specified at lower levels like pathMatcher, pathRule and routeRule, an errorService specified at a higher level in the UrlMap will be used. If UrlMap.defaultCustomErrorResponsePolicy contains one or more errorResponseRules[], it must specify errorService. If load balancer cannot reach the backendBucket, a simple Not Found Error will be returned, with the original response code (or overrideResponseCode if configured). errorService is not supported for internal or regional HTTP/HTTPS load balancers." } }, "type": "object", "required": [ "errorResponseRules", "errorService" ] }, "google-native:compute/beta:CustomerEncryptionKey": { "properties": { "kmsKeyName": { "type": "string", "description": "The name of the encryption key that is stored in Google Cloud KMS. For example: \"kmsKeyName\": \"projects/kms_project_id/locations/region/keyRings/ key_region/cryptoKeys/key The fully-qualifed key name may be returned for resource GET requests. For example: \"kmsKeyName\": \"projects/kms_project_id/locations/region/keyRings/ key_region/cryptoKeys/key /cryptoKeyVersions/1 " }, "kmsKeyServiceAccount": { "type": "string", "description": "The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used. For example: \"kmsKeyServiceAccount\": \"name@project_id.iam.gserviceaccount.com/ " }, "rawKey": { "type": "string", "description": "Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: \"rawKey\": \"SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0=\" " }, "rsaEncryptedKey": { "type": "string", "description": "Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: \"rsaEncryptedKey\": \"ieCx/NcW06PcT7Ep1X6LUTc/hLvUDYyzSZPPVCVPTVEohpeHASqC8uw5TzyO9U+Fka9JFH z0mBibXUInrC/jEk014kCK/NPjYgEMOyssZ4ZINPKxlUh2zn1bV+MCaTICrdmuSBTWlUUiFoD D6PYznLwh8ZNdaheCeZ8ewEXgFQ8V+sDroLaN3Xs3MDTXQEMMoNUXMCZEIpg9Vtp9x2oe==\" The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem " } }, "type": "object" }, "google-native:compute/beta:CustomerEncryptionKeyResponse": { "properties": { "kmsKeyName": { "type": "string", "description": "The name of the encryption key that is stored in Google Cloud KMS. For example: \"kmsKeyName\": \"projects/kms_project_id/locations/region/keyRings/ key_region/cryptoKeys/key The fully-qualifed key name may be returned for resource GET requests. For example: \"kmsKeyName\": \"projects/kms_project_id/locations/region/keyRings/ key_region/cryptoKeys/key /cryptoKeyVersions/1 " }, "kmsKeyServiceAccount": { "type": "string", "description": "The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used. For example: \"kmsKeyServiceAccount\": \"name@project_id.iam.gserviceaccount.com/ " }, "rawKey": { "type": "string", "description": "Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: \"rawKey\": \"SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0=\" " }, "rsaEncryptedKey": { "type": "string", "description": "Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: \"rsaEncryptedKey\": \"ieCx/NcW06PcT7Ep1X6LUTc/hLvUDYyzSZPPVCVPTVEohpeHASqC8uw5TzyO9U+Fka9JFH z0mBibXUInrC/jEk014kCK/NPjYgEMOyssZ4ZINPKxlUh2zn1bV+MCaTICrdmuSBTWlUUiFoD D6PYznLwh8ZNdaheCeZ8ewEXgFQ8V+sDroLaN3Xs3MDTXQEMMoNUXMCZEIpg9Vtp9x2oe==\" The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem " }, "sha256": { "type": "string", "description": "[Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource." } }, "type": "object", "required": [ "kmsKeyName", "kmsKeyServiceAccount", "rawKey", "rsaEncryptedKey", "sha256" ] }, "google-native:compute/beta:DeprecationStatus": { "description": "Deprecation status for a public resource.", "properties": { "deleted": { "type": "string", "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DELETED. This is only informational and the status will not change unless the client explicitly changes it." }, "deprecated": { "type": "string", "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DEPRECATED. This is only informational and the status will not change unless the client explicitly changes it." }, "obsolete": { "type": "string", "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to OBSOLETE. This is only informational and the status will not change unless the client explicitly changes it." }, "replacement": { "type": "string", "description": "The URL of the suggested replacement for a deprecated resource. The suggested replacement resource must be the same kind of resource as the deprecated resource." }, "state": { "$ref": "#/types/google-native:compute%2Fbeta:DeprecationStatusState", "description": "The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error." }, "stateOverride": { "$ref": "#/types/google-native:compute%2Fbeta:RolloutPolicy", "description": "The rollout policy for this deprecation. This policy is only enforced by image family views. The rollout policy restricts the zones where the associated resource is considered in a deprecated state. When the rollout policy does not include the user specified zone, or if the zone is rolled out, the associated resource is considered in a deprecated state. The rollout policy for this deprecation is read-only, except for allowlisted users. This field might not be configured. To view the latest non-deprecated image in a specific zone, use the imageFamilyViews.get method." } }, "type": "object" }, "google-native:compute/beta:DeprecationStatusResponse": { "description": "Deprecation status for a public resource.", "properties": { "deleted": { "type": "string", "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DELETED. This is only informational and the status will not change unless the client explicitly changes it." }, "deprecated": { "type": "string", "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DEPRECATED. This is only informational and the status will not change unless the client explicitly changes it." }, "obsolete": { "type": "string", "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to OBSOLETE. This is only informational and the status will not change unless the client explicitly changes it." }, "replacement": { "type": "string", "description": "The URL of the suggested replacement for a deprecated resource. The suggested replacement resource must be the same kind of resource as the deprecated resource." }, "state": { "type": "string", "description": "The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error." }, "stateOverride": { "$ref": "#/types/google-native:compute%2Fbeta:RolloutPolicyResponse", "description": "The rollout policy for this deprecation. This policy is only enforced by image family views. The rollout policy restricts the zones where the associated resource is considered in a deprecated state. When the rollout policy does not include the user specified zone, or if the zone is rolled out, the associated resource is considered in a deprecated state. The rollout policy for this deprecation is read-only, except for allowlisted users. This field might not be configured. To view the latest non-deprecated image in a specific zone, use the imageFamilyViews.get method." } }, "type": "object", "required": [ "deleted", "deprecated", "obsolete", "replacement", "state", "stateOverride" ] }, "google-native:compute/beta:DeprecationStatusState": { "description": "The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.", "type": "string", "enum": [ { "name": "Active", "value": "ACTIVE" }, { "name": "Deleted", "value": "DELETED" }, { "name": "Deprecated", "value": "DEPRECATED" }, { "name": "Obsolete", "value": "OBSOLETE" } ] }, "google-native:compute/beta:DiskArchitecture": { "description": "The architecture of the disk. Valid values are ARM64 or X86_64.", "type": "string", "enum": [ { "name": "ArchitectureUnspecified", "description": "Default value indicating Architecture is not set.", "value": "ARCHITECTURE_UNSPECIFIED" }, { "name": "Arm64", "description": "Machines with architecture ARM64", "value": "ARM64" }, { "name": "X8664", "description": "Machines with architecture X86_64", "value": "X86_64" } ] }, "google-native:compute/beta:DiskAsyncReplication": { "properties": { "disk": { "type": "string", "description": "The other disk asynchronously replicated to or from the current disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk " } }, "type": "object" }, "google-native:compute/beta:DiskAsyncReplicationResponse": { "properties": { "consistencyGroupPolicy": { "type": "string", "description": "URL of the DiskConsistencyGroupPolicy if replication was started on the disk as a member of a group." }, "consistencyGroupPolicyId": { "type": "string", "description": "ID of the DiskConsistencyGroupPolicy if replication was started on the disk as a member of a group." }, "disk": { "type": "string", "description": "The other disk asynchronously replicated to or from the current disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk " }, "diskId": { "type": "string", "description": "The unique ID of the other disk asynchronously replicated to or from the current disk. This value identifies the exact disk that was used to create this replication. For example, if you started replicating the persistent disk from a disk that was later deleted and recreated under the same name, the disk ID would identify the exact version of the disk that was used." } }, "type": "object", "required": [ "consistencyGroupPolicy", "consistencyGroupPolicyId", "disk", "diskId" ] }, "google-native:compute/beta:DiskInstantiationConfig": { "description": "A specification of the desired way to instantiate a disk in the instance template when its created from a source instance.", "properties": { "autoDelete": { "type": "boolean", "description": "Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance)." }, "customImage": { "type": "string", "description": "The custom source image to be used to restore this disk when instantiating this instance template." }, "deviceName": { "type": "string", "description": "Specifies the device name of the disk to which the configurations apply to." }, "instantiateFrom": { "$ref": "#/types/google-native:compute%2Fbeta:DiskInstantiationConfigInstantiateFrom", "description": "Specifies whether to include the disk and what image to use. Possible values are: - source-image: to use the same image that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - source-image-family: to use the same image family that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - custom-image: to use a user-provided image url for disk creation. Applicable to the boot disk and additional read-write disks. - attach-read-only: to attach a read-only disk. Applicable to read-only disks. - do-not-include: to exclude a disk from the template. Applicable to additional read-write disks, local SSDs, and read-only disks. " } }, "type": "object" }, "google-native:compute/beta:DiskInstantiationConfigInstantiateFrom": { "description": "Specifies whether to include the disk and what image to use. Possible values are: - source-image: to use the same image that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - source-image-family: to use the same image family that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - custom-image: to use a user-provided image url for disk creation. Applicable to the boot disk and additional read-write disks. - attach-read-only: to attach a read-only disk. Applicable to read-only disks. - do-not-include: to exclude a disk from the template. Applicable to additional read-write disks, local SSDs, and read-only disks. ", "type": "string", "enum": [ { "name": "AttachReadOnly", "description": "Attach the existing disk in read-only mode. The request will fail if the disk was attached in read-write mode on the source instance. Applicable to: read-only disks.", "value": "ATTACH_READ_ONLY" }, { "name": "Blank", "description": "Create a blank disk. The disk will be created unformatted. Applicable to: additional read-write disks, local SSDs.", "value": "BLANK" }, { "name": "CustomImage", "description": "Use the custom image specified in the custom_image field. Applicable to: boot disk, additional read-write disks.", "value": "CUSTOM_IMAGE" }, { "name": "Default", "description": "Use the default instantiation option for the corresponding type of disk. For boot disk and any other R/W disks, new custom images will be created from each disk. For read-only disks, they will be attached in read-only mode. Local SSD disks will be created as blank volumes.", "value": "DEFAULT" }, { "name": "DoNotInclude", "description": "Do not include the disk in the instance template. Applicable to: additional read-write disks, local SSDs, read-only disks.", "value": "DO_NOT_INCLUDE" }, { "name": "SourceImage", "description": "Use the same source image used for creation of the source instance's corresponding disk. The request will fail if the source VM's disk was created from a snapshot. Applicable to: boot disk, additional read-write disks.", "value": "SOURCE_IMAGE" }, { "name": "SourceImageFamily", "description": "Use the same source image family used for creation of the source instance's corresponding disk. The request will fail if the source image of the source disk does not belong to any image family. Applicable to: boot disk, additional read-write disks.", "value": "SOURCE_IMAGE_FAMILY" } ] }, "google-native:compute/beta:DiskInstantiationConfigResponse": { "description": "A specification of the desired way to instantiate a disk in the instance template when its created from a source instance.", "properties": { "autoDelete": { "type": "boolean", "description": "Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance)." }, "customImage": { "type": "string", "description": "The custom source image to be used to restore this disk when instantiating this instance template." }, "deviceName": { "type": "string", "description": "Specifies the device name of the disk to which the configurations apply to." }, "instantiateFrom": { "type": "string", "description": "Specifies whether to include the disk and what image to use. Possible values are: - source-image: to use the same image that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - source-image-family: to use the same image family that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - custom-image: to use a user-provided image url for disk creation. Applicable to the boot disk and additional read-write disks. - attach-read-only: to attach a read-only disk. Applicable to read-only disks. - do-not-include: to exclude a disk from the template. Applicable to additional read-write disks, local SSDs, and read-only disks. " } }, "type": "object", "required": [ "autoDelete", "customImage", "deviceName", "instantiateFrom" ] }, "google-native:compute/beta:DiskInterface": { "description": "[Deprecated] Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI.", "type": "string", "enum": [ { "name": "Nvme", "value": "NVME" }, { "name": "Scsi", "value": "SCSI" }, { "name": "Unspecified", "value": "UNSPECIFIED" } ] }, "google-native:compute/beta:DiskParams": { "description": "Additional disk params.", "properties": { "resourceManagerTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource manager tags to be bound to the disk. Tag keys and values have the same definition as resource manager tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values are in the format `tagValues/456`. The field is ignored (both PUT & PATCH) when empty." } }, "type": "object" }, "google-native:compute/beta:DiskParamsResponse": { "description": "Additional disk params.", "properties": { "resourceManagerTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource manager tags to be bound to the disk. Tag keys and values have the same definition as resource manager tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values are in the format `tagValues/456`. The field is ignored (both PUT & PATCH) when empty." } }, "type": "object", "required": [ "resourceManagerTags" ] }, "google-native:compute/beta:DiskResourceStatusAsyncReplicationStatusResponse": { "properties": { "state": { "type": "string" } }, "type": "object", "required": [ "state" ] }, "google-native:compute/beta:DiskResourceStatusResponse": { "properties": { "asyncPrimaryDisk": { "$ref": "#/types/google-native:compute%2Fbeta:DiskResourceStatusAsyncReplicationStatusResponse" }, "asyncSecondaryDisks": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key: disk, value: AsyncReplicationStatus message" } }, "type": "object", "required": [ "asyncPrimaryDisk", "asyncSecondaryDisks" ] }, "google-native:compute/beta:DiskStorageType": { "description": "[Deprecated] Storage type of the persistent disk.", "type": "string", "enum": [ { "name": "Hdd", "value": "HDD" }, { "name": "Ssd", "value": "SSD" } ] }, "google-native:compute/beta:DisplayDevice": { "description": "A set of Display Device options", "properties": { "enableDisplay": { "type": "boolean", "description": "Defines whether the instance has Display enabled." } }, "type": "object" }, "google-native:compute/beta:DisplayDeviceResponse": { "description": "A set of Display Device options", "properties": { "enableDisplay": { "type": "boolean", "description": "Defines whether the instance has Display enabled." } }, "type": "object", "required": [ "enableDisplay" ] }, "google-native:compute/beta:DistributionPolicy": { "properties": { "targetShape": { "$ref": "#/types/google-native:compute%2Fbeta:DistributionPolicyTargetShape", "description": "The distribution shape to which the group converges either proactively or on resize events (depending on the value set in updatePolicy.instanceRedistributionType)." }, "zones": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:DistributionPolicyZoneConfiguration" }, "description": "Zones where the regional managed instance group will create and manage its instances." } }, "type": "object" }, "google-native:compute/beta:DistributionPolicyResponse": { "properties": { "targetShape": { "type": "string", "description": "The distribution shape to which the group converges either proactively or on resize events (depending on the value set in updatePolicy.instanceRedistributionType)." }, "zones": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:DistributionPolicyZoneConfigurationResponse" }, "description": "Zones where the regional managed instance group will create and manage its instances." } }, "type": "object", "required": [ "targetShape", "zones" ] }, "google-native:compute/beta:DistributionPolicyTargetShape": { "description": "The distribution shape to which the group converges either proactively or on resize events (depending on the value set in updatePolicy.instanceRedistributionType).", "type": "string", "enum": [ { "name": "Any", "description": "The group picks zones for creating VM instances to fulfill the requested number of VMs within present resource constraints and to maximize utilization of unused zonal reservations. Recommended for batch workloads that do not require high availability.", "value": "ANY" }, { "name": "AnySingleZone", "description": "The group creates all VM instances within a single zone. The zone is selected based on the present resource constraints and to maximize utilization of unused zonal reservations. Recommended for batch workloads with heavy interprocess communication.", "value": "ANY_SINGLE_ZONE" }, { "name": "Balanced", "description": "The group prioritizes acquisition of resources, scheduling VMs in zones where resources are available while distributing VMs as evenly as possible across selected zones to minimize the impact of zonal failure. Recommended for highly available serving workloads.", "value": "BALANCED" }, { "name": "Even", "description": "The group schedules VM instance creation and deletion to achieve and maintain an even number of managed instances across the selected zones. The distribution is even when the number of managed instances does not differ by more than 1 between any two zones. Recommended for highly available serving workloads.", "value": "EVEN" } ] }, "google-native:compute/beta:DistributionPolicyZoneConfiguration": { "properties": { "zone": { "type": "string", "description": "The URL of the zone. The zone must exist in the region where the managed instance group is located." } }, "type": "object" }, "google-native:compute/beta:DistributionPolicyZoneConfigurationResponse": { "properties": { "zone": { "type": "string", "description": "The URL of the zone. The zone must exist in the region where the managed instance group is located." } }, "type": "object", "required": [ "zone" ] }, "google-native:compute/beta:Duration": { "description": "A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like \"day\" or \"month\". Range is approximately 10,000 years.", "properties": { "nanos": { "type": "integer", "description": "Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive." }, "seconds": { "type": "string", "description": "Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years" } }, "type": "object" }, "google-native:compute/beta:DurationResponse": { "description": "A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like \"day\" or \"month\". Range is approximately 10,000 years.", "properties": { "nanos": { "type": "integer", "description": "Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive." }, "seconds": { "type": "string", "description": "Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years" } }, "type": "object", "required": [ "nanos", "seconds" ] }, "google-native:compute/beta:ErrorInfoResponse": { "description": "Describes the cause of the error with structured details. Example of an error when contacting the \"pubsub.googleapis.com\" API when it is not enabled: { \"reason\": \"API_DISABLED\" \"domain\": \"googleapis.com\" \"metadata\": { \"resource\": \"projects/123\", \"service\": \"pubsub.googleapis.com\" } } This response indicates that the pubsub.googleapis.com API is not enabled. Example of an error that is returned when attempting to create a Spanner instance in a region that is out of stock: { \"reason\": \"STOCKOUT\" \"domain\": \"spanner.googleapis.com\", \"metadata\": { \"availableRegions\": \"us-central1,us-east2\" } }", "properties": { "domain": { "type": "string", "description": "The logical grouping to which the \"reason\" belongs. The error domain is typically the registered service name of the tool or product that generates the error. Example: \"pubsub.googleapis.com\". If the error is generated by some common infrastructure, the error domain must be a globally unique value that identifies the infrastructure. For Google API infrastructure, the error domain is \"googleapis.com\"." }, "metadatas": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional structured details about this error. Keys should match /[a-zA-Z0-9-_]/ and be limited to 64 characters in length. When identifying the current value of an exceeded limit, the units should be contained in the key, not the value. For example, rather than {\"instanceLimit\": \"100/request\"}, should be returned as, {\"instanceLimitPerRequest\": \"100\"}, if the client exceeds the number of instances that can be created in a single (batch) request." }, "reason": { "type": "string", "description": "The reason of the error. This is a constant value that identifies the proximate cause of the error. Error reasons are unique within a particular domain of errors. This should be at most 63 characters and match a regular expression of `A-Z+[A-Z0-9]`, which represents UPPER_SNAKE_CASE." } }, "type": "object", "required": [ "domain", "metadatas", "reason" ] }, "google-native:compute/beta:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:compute/beta:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:compute/beta:ExternalVpnGatewayInterface": { "description": "The interface for the external VPN gateway.", "properties": { "id": { "type": "integer", "description": "The numeric ID of this interface. The allowed input values for this id for different redundancy types of external VPN gateway: - SINGLE_IP_INTERNALLY_REDUNDANT - 0 - TWO_IPS_REDUNDANCY - 0, 1 - FOUR_IPS_REDUNDANCY - 0, 1, 2, 3 " }, "ipAddress": { "type": "string", "description": "IP address of the interface in the external VPN gateway. Only IPv4 is supported. This IP address can be either from your on-premise gateway or another Cloud provider's VPN gateway, it cannot be an IP address from Google Compute Engine." }, "ipv6Address": { "type": "string", "description": "IPv6 address of the interface in the external VPN gateway. This IPv6 address can be either from your on-premise gateway or another Cloud provider's VPN gateway, it cannot be an IP address from Google Compute Engine. Must specify an IPv6 address (not IPV4-mapped) using any format described in RFC 4291 (e.g. 2001:db8:0:0:2d9:51:0:0). The output format is RFC 5952 format (e.g. 2001:db8::2d9:51:0:0)." } }, "type": "object" }, "google-native:compute/beta:ExternalVpnGatewayInterfaceResponse": { "description": "The interface for the external VPN gateway.", "properties": { "ipAddress": { "type": "string", "description": "IP address of the interface in the external VPN gateway. Only IPv4 is supported. This IP address can be either from your on-premise gateway or another Cloud provider's VPN gateway, it cannot be an IP address from Google Compute Engine." }, "ipv6Address": { "type": "string", "description": "IPv6 address of the interface in the external VPN gateway. This IPv6 address can be either from your on-premise gateway or another Cloud provider's VPN gateway, it cannot be an IP address from Google Compute Engine. Must specify an IPv6 address (not IPV4-mapped) using any format described in RFC 4291 (e.g. 2001:db8:0:0:2d9:51:0:0). The output format is RFC 5952 format (e.g. 2001:db8::2d9:51:0:0)." } }, "type": "object", "required": [ "ipAddress", "ipv6Address" ] }, "google-native:compute/beta:ExternalVpnGatewayRedundancyType": { "description": "Indicates the user-supplied redundancy type of this external VPN gateway.", "type": "string", "enum": [ { "name": "FourIpsRedundancy", "description": "The external VPN gateway has four public IP addresses; at the time of writing this API, the AWS virtual private gateway is an example which has four public IP addresses for high availability connections; there should be two VPN connections in the AWS virtual private gateway , each AWS VPN connection has two public IP addresses; please make sure to put two public IP addresses from one AWS VPN connection into interfaces 0 and 1 of this external VPN gateway, and put the other two public IP addresses from another AWS VPN connection into interfaces 2 and 3 of this external VPN gateway. When displaying highly available configuration status for the VPN tunnels connected to FOUR_IPS_REDUNDANCY external VPN gateway, Google will always detect whether interfaces 0 and 1 are connected on one interface of HA Cloud VPN gateway, and detect whether interfaces 2 and 3 are connected to another interface of the HA Cloud VPN gateway.", "value": "FOUR_IPS_REDUNDANCY" }, { "name": "SingleIpInternallyRedundant", "description": "The external VPN gateway has only one public IP address which internally provide redundancy or failover.", "value": "SINGLE_IP_INTERNALLY_REDUNDANT" }, { "name": "TwoIpsRedundancy", "description": "The external VPN gateway has two public IP addresses which are redundant with each other, the following two types of setup on your on-premises side would have this type of redundancy: (1) Two separate on-premises gateways, each with one public IP address, the two on-premises gateways are redundant with each other. (2) A single on-premise gateway with two public IP addresses that are redundant with eatch other.", "value": "TWO_IPS_REDUNDANCY" } ] }, "google-native:compute/beta:FileContentBuffer": { "properties": { "content": { "type": "string", "description": "The raw content in the secure keys file." }, "fileType": { "$ref": "#/types/google-native:compute%2Fbeta:FileContentBufferFileType", "description": "The file type of source file." } }, "type": "object" }, "google-native:compute/beta:FileContentBufferFileType": { "description": "The file type of source file.", "type": "string", "enum": [ { "name": "Bin", "value": "BIN" }, { "name": "Undefined", "value": "UNDEFINED" }, { "name": "X509", "value": "X509" } ] }, "google-native:compute/beta:FileContentBufferResponse": { "properties": { "content": { "type": "string", "description": "The raw content in the secure keys file." }, "fileType": { "type": "string", "description": "The file type of source file." } }, "type": "object", "required": [ "content", "fileType" ] }, "google-native:compute/beta:FirewallAllowedItem": { "properties": { "ipProtocol": { "type": "string", "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number." }, "ports": { "type": "array", "items": { "type": "string" }, "description": "An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"]." } }, "type": "object" }, "google-native:compute/beta:FirewallAllowedItemResponse": { "properties": { "ipProtocol": { "type": "string", "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number." }, "ports": { "type": "array", "items": { "type": "string" }, "description": "An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"]." } }, "type": "object", "required": [ "ipProtocol", "ports" ] }, "google-native:compute/beta:FirewallDeniedItem": { "properties": { "ipProtocol": { "type": "string", "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number." }, "ports": { "type": "array", "items": { "type": "string" }, "description": "An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"]." } }, "type": "object" }, "google-native:compute/beta:FirewallDeniedItemResponse": { "properties": { "ipProtocol": { "type": "string", "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number." }, "ports": { "type": "array", "items": { "type": "string" }, "description": "An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"]." } }, "type": "object", "required": [ "ipProtocol", "ports" ] }, "google-native:compute/beta:FirewallDirection": { "description": "Direction of traffic to which this firewall applies, either `INGRESS` or `EGRESS`. The default is `INGRESS`. For `EGRESS` traffic, you cannot specify the sourceTags fields.", "type": "string", "enum": [ { "name": "Egress", "description": "Indicates that firewall should apply to outgoing traffic.", "value": "EGRESS" }, { "name": "Ingress", "description": "Indicates that firewall should apply to incoming traffic.", "value": "INGRESS" } ] }, "google-native:compute/beta:FirewallLogConfig": { "description": "The available logging options for a firewall rule.", "properties": { "enable": { "type": "boolean", "description": "This field denotes whether to enable logging for a particular firewall rule." }, "metadata": { "$ref": "#/types/google-native:compute%2Fbeta:FirewallLogConfigMetadata", "description": "This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs." } }, "type": "object" }, "google-native:compute/beta:FirewallLogConfigMetadata": { "description": "This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.", "type": "string", "enum": [ { "name": "ExcludeAllMetadata", "value": "EXCLUDE_ALL_METADATA" }, { "name": "IncludeAllMetadata", "value": "INCLUDE_ALL_METADATA" } ] }, "google-native:compute/beta:FirewallLogConfigResponse": { "description": "The available logging options for a firewall rule.", "properties": { "enable": { "type": "boolean", "description": "This field denotes whether to enable logging for a particular firewall rule." }, "metadata": { "type": "string", "description": "This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs." } }, "type": "object", "required": [ "enable", "metadata" ] }, "google-native:compute/beta:FirewallPolicyAssociation": { "properties": { "attachmentTarget": { "type": "string", "description": "The target that the firewall policy is attached to." }, "name": { "type": "string", "description": "The name for an association." } }, "type": "object" }, "google-native:compute/beta:FirewallPolicyAssociationResponse": { "properties": { "attachmentTarget": { "type": "string", "description": "The target that the firewall policy is attached to." }, "displayName": { "type": "string", "description": "Deprecated, please use short name instead. The display name of the firewall policy of the association." }, "firewallPolicyId": { "type": "string", "description": "The firewall policy ID of the association." }, "name": { "type": "string", "description": "The name for an association." }, "shortName": { "type": "string", "description": "The short name of the firewall policy of the association." } }, "type": "object", "required": [ "attachmentTarget", "displayName", "firewallPolicyId", "name", "shortName" ] }, "google-native:compute/beta:FirewallPolicyRule": { "description": "Represents a rule that describes one or more match conditions along with the action to be taken when traffic matches this condition (allow or deny).", "properties": { "action": { "type": "string", "description": "The Action to perform when the client connection triggers the rule. Valid actions are \"allow\", \"deny\" and \"goto_next\"." }, "description": { "type": "string", "description": "An optional description for this resource." }, "direction": { "$ref": "#/types/google-native:compute%2Fbeta:FirewallPolicyRuleDirection", "description": "The direction in which this rule applies." }, "disabled": { "type": "boolean", "description": "Denotes whether the firewall policy rule is disabled. When set to true, the firewall policy rule is not enforced and traffic behaves as if it did not exist. If this is unspecified, the firewall policy rule will be enabled." }, "enableLogging": { "type": "boolean", "description": "Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on \"goto_next\" rules." }, "match": { "$ref": "#/types/google-native:compute%2Fbeta:FirewallPolicyRuleMatcher", "description": "A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced." }, "priority": { "type": "integer", "description": "An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest prority." }, "ruleName": { "type": "string", "description": "An optional name for the rule. This field is not a unique identifier and can be updated." }, "securityProfileGroup": { "type": "string", "description": "A fully-qualified URL of a SecurityProfile resource instance. Example: https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group Must be specified if action = 'apply_security_profile_group' and cannot be specified for other actions." }, "targetResources": { "type": "array", "items": { "type": "string" }, "description": "A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule." }, "targetSecureTags": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:FirewallPolicyRuleSecureTag" }, "description": "A list of secure tags that controls which instances the firewall rule applies to. If targetSecureTag are specified, then the firewall rule applies only to instances in the VPC network that have one of those EFFECTIVE secure tags, if all the target_secure_tag are in INEFFECTIVE state, then this rule will be ignored. targetSecureTag may not be set at the same time as targetServiceAccounts. If neither targetServiceAccounts nor targetSecureTag are specified, the firewall rule applies to all instances on the specified network. Maximum number of target label tags allowed is 256." }, "targetServiceAccounts": { "type": "array", "items": { "type": "string" }, "description": "A list of service accounts indicating the sets of instances that are applied with this rule." }, "tlsInspect": { "type": "boolean", "description": "Boolean flag indicating if the traffic should be TLS decrypted. Can be set only if action = 'apply_security_profile_group' and cannot be set for other actions." } }, "type": "object" }, "google-native:compute/beta:FirewallPolicyRuleDirection": { "description": "The direction in which this rule applies.", "type": "string", "enum": [ { "name": "Egress", "value": "EGRESS" }, { "name": "Ingress", "value": "INGRESS" } ] }, "google-native:compute/beta:FirewallPolicyRuleMatcher": { "description": "Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified.", "properties": { "destAddressGroups": { "type": "array", "items": { "type": "string" }, "description": "Address groups which should be matched against the traffic destination. Maximum number of destination address groups is 10." }, "destFqdns": { "type": "array", "items": { "type": "string" }, "description": "Fully Qualified Domain Name (FQDN) which should be matched against traffic destination. Maximum number of destination fqdn allowed is 100." }, "destIpRanges": { "type": "array", "items": { "type": "string" }, "description": "CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000." }, "destRegionCodes": { "type": "array", "items": { "type": "string" }, "description": "Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex.\"US\" Maximum number of dest region codes allowed is 5000." }, "destThreatIntelligences": { "type": "array", "items": { "type": "string" }, "description": "Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic destination." }, "layer4Configs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:FirewallPolicyRuleMatcherLayer4Config" }, "description": "Pairs of IP protocols and ports that the rule should match." }, "srcAddressGroups": { "type": "array", "items": { "type": "string" }, "description": "Address groups which should be matched against the traffic source. Maximum number of source address groups is 10." }, "srcFqdns": { "type": "array", "items": { "type": "string" }, "description": "Fully Qualified Domain Name (FQDN) which should be matched against traffic source. Maximum number of source fqdn allowed is 100." }, "srcIpRanges": { "type": "array", "items": { "type": "string" }, "description": "CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000." }, "srcRegionCodes": { "type": "array", "items": { "type": "string" }, "description": "Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex.\"US\" Maximum number of source region codes allowed is 5000." }, "srcSecureTags": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:FirewallPolicyRuleSecureTag" }, "description": "List of secure tag values, which should be matched at the source of the traffic. For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, and there is no srcIpRange, this rule will be ignored. Maximum number of source tag values allowed is 256." }, "srcThreatIntelligences": { "type": "array", "items": { "type": "string" }, "description": "Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic source." } }, "type": "object" }, "google-native:compute/beta:FirewallPolicyRuleMatcherLayer4Config": { "properties": { "ipProtocol": { "type": "string", "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number." }, "ports": { "type": "array", "items": { "type": "string" }, "description": "An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"]." } }, "type": "object" }, "google-native:compute/beta:FirewallPolicyRuleMatcherLayer4ConfigResponse": { "properties": { "ipProtocol": { "type": "string", "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number." }, "ports": { "type": "array", "items": { "type": "string" }, "description": "An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"]." } }, "type": "object", "required": [ "ipProtocol", "ports" ] }, "google-native:compute/beta:FirewallPolicyRuleMatcherResponse": { "description": "Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified.", "properties": { "destAddressGroups": { "type": "array", "items": { "type": "string" }, "description": "Address groups which should be matched against the traffic destination. Maximum number of destination address groups is 10." }, "destFqdns": { "type": "array", "items": { "type": "string" }, "description": "Fully Qualified Domain Name (FQDN) which should be matched against traffic destination. Maximum number of destination fqdn allowed is 100." }, "destIpRanges": { "type": "array", "items": { "type": "string" }, "description": "CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000." }, "destRegionCodes": { "type": "array", "items": { "type": "string" }, "description": "Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex.\"US\" Maximum number of dest region codes allowed is 5000." }, "destThreatIntelligences": { "type": "array", "items": { "type": "string" }, "description": "Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic destination." }, "layer4Configs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:FirewallPolicyRuleMatcherLayer4ConfigResponse" }, "description": "Pairs of IP protocols and ports that the rule should match." }, "srcAddressGroups": { "type": "array", "items": { "type": "string" }, "description": "Address groups which should be matched against the traffic source. Maximum number of source address groups is 10." }, "srcFqdns": { "type": "array", "items": { "type": "string" }, "description": "Fully Qualified Domain Name (FQDN) which should be matched against traffic source. Maximum number of source fqdn allowed is 100." }, "srcIpRanges": { "type": "array", "items": { "type": "string" }, "description": "CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000." }, "srcRegionCodes": { "type": "array", "items": { "type": "string" }, "description": "Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex.\"US\" Maximum number of source region codes allowed is 5000." }, "srcSecureTags": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:FirewallPolicyRuleSecureTagResponse" }, "description": "List of secure tag values, which should be matched at the source of the traffic. For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, and there is no srcIpRange, this rule will be ignored. Maximum number of source tag values allowed is 256." }, "srcThreatIntelligences": { "type": "array", "items": { "type": "string" }, "description": "Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic source." } }, "type": "object", "required": [ "destAddressGroups", "destFqdns", "destIpRanges", "destRegionCodes", "destThreatIntelligences", "layer4Configs", "srcAddressGroups", "srcFqdns", "srcIpRanges", "srcRegionCodes", "srcSecureTags", "srcThreatIntelligences" ] }, "google-native:compute/beta:FirewallPolicyRuleResponse": { "description": "Represents a rule that describes one or more match conditions along with the action to be taken when traffic matches this condition (allow or deny).", "properties": { "action": { "type": "string", "description": "The Action to perform when the client connection triggers the rule. Valid actions are \"allow\", \"deny\" and \"goto_next\"." }, "description": { "type": "string", "description": "An optional description for this resource." }, "direction": { "type": "string", "description": "The direction in which this rule applies." }, "disabled": { "type": "boolean", "description": "Denotes whether the firewall policy rule is disabled. When set to true, the firewall policy rule is not enforced and traffic behaves as if it did not exist. If this is unspecified, the firewall policy rule will be enabled." }, "enableLogging": { "type": "boolean", "description": "Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on \"goto_next\" rules." }, "kind": { "type": "string", "description": "[Output only] Type of the resource. Always compute#firewallPolicyRule for firewall policy rules" }, "match": { "$ref": "#/types/google-native:compute%2Fbeta:FirewallPolicyRuleMatcherResponse", "description": "A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced." }, "priority": { "type": "integer", "description": "An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest prority." }, "ruleName": { "type": "string", "description": "An optional name for the rule. This field is not a unique identifier and can be updated." }, "ruleTupleCount": { "type": "integer", "description": "Calculation of the complexity of a single firewall policy rule." }, "securityProfileGroup": { "type": "string", "description": "A fully-qualified URL of a SecurityProfile resource instance. Example: https://networksecurity.googleapis.com/v1/projects/{project}/locations/{location}/securityProfileGroups/my-security-profile-group Must be specified if action = 'apply_security_profile_group' and cannot be specified for other actions." }, "targetResources": { "type": "array", "items": { "type": "string" }, "description": "A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule." }, "targetSecureTags": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:FirewallPolicyRuleSecureTagResponse" }, "description": "A list of secure tags that controls which instances the firewall rule applies to. If targetSecureTag are specified, then the firewall rule applies only to instances in the VPC network that have one of those EFFECTIVE secure tags, if all the target_secure_tag are in INEFFECTIVE state, then this rule will be ignored. targetSecureTag may not be set at the same time as targetServiceAccounts. If neither targetServiceAccounts nor targetSecureTag are specified, the firewall rule applies to all instances on the specified network. Maximum number of target label tags allowed is 256." }, "targetServiceAccounts": { "type": "array", "items": { "type": "string" }, "description": "A list of service accounts indicating the sets of instances that are applied with this rule." }, "tlsInspect": { "type": "boolean", "description": "Boolean flag indicating if the traffic should be TLS decrypted. Can be set only if action = 'apply_security_profile_group' and cannot be set for other actions." } }, "type": "object", "required": [ "action", "description", "direction", "disabled", "enableLogging", "kind", "match", "priority", "ruleName", "ruleTupleCount", "securityProfileGroup", "targetResources", "targetSecureTags", "targetServiceAccounts", "tlsInspect" ] }, "google-native:compute/beta:FirewallPolicyRuleSecureTag": { "properties": { "name": { "type": "string", "description": "Name of the secure tag, created with TagManager's TagValue API." } }, "type": "object" }, "google-native:compute/beta:FirewallPolicyRuleSecureTagResponse": { "properties": { "name": { "type": "string", "description": "Name of the secure tag, created with TagManager's TagValue API." }, "state": { "type": "string", "description": "State of the secure tag, either `EFFECTIVE` or `INEFFECTIVE`. A secure tag is `INEFFECTIVE` when it is deleted or its network is deleted." } }, "type": "object", "required": [ "name", "state" ] }, "google-native:compute/beta:FixedOrPercent": { "description": "Encapsulates numeric value that can be either absolute or relative.", "properties": { "fixed": { "type": "integer", "description": "Specifies a fixed number of VM instances. This must be a positive integer." }, "percent": { "type": "integer", "description": "Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%." } }, "type": "object" }, "google-native:compute/beta:FixedOrPercentResponse": { "description": "Encapsulates numeric value that can be either absolute or relative.", "properties": { "calculated": { "type": "integer", "description": "Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded. " }, "fixed": { "type": "integer", "description": "Specifies a fixed number of VM instances. This must be a positive integer." }, "percent": { "type": "integer", "description": "Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%." } }, "type": "object", "required": [ "calculated", "fixed", "percent" ] }, "google-native:compute/beta:ForwardingRuleIpProtocol": { "description": "The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products as described in [Load balancing features](https://cloud.google.com/load-balancing/docs/features#protocols_from_the_load_balancer_to_the_backends).", "type": "string", "enum": [ { "name": "Ah", "value": "AH" }, { "name": "Esp", "value": "ESP" }, { "name": "Icmp", "value": "ICMP" }, { "name": "L3Default", "value": "L3_DEFAULT" }, { "name": "Sctp", "value": "SCTP" }, { "name": "Tcp", "value": "TCP" }, { "name": "Udp", "value": "UDP" } ] }, "google-native:compute/beta:ForwardingRuleIpVersion": { "description": "The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6.", "type": "string", "enum": [ { "name": "Ipv4", "value": "IPV4" }, { "name": "Ipv6", "value": "IPV6" }, { "name": "UnspecifiedVersion", "value": "UNSPECIFIED_VERSION" } ] }, "google-native:compute/beta:ForwardingRuleLoadBalancingScheme": { "description": "Specifies the forwarding rule type. For more information about forwarding rules, refer to Forwarding rule concepts.", "type": "string", "enum": [ { "name": "External", "value": "EXTERNAL" }, { "name": "ExternalManaged", "value": "EXTERNAL_MANAGED" }, { "name": "Internal", "value": "INTERNAL" }, { "name": "InternalManaged", "value": "INTERNAL_MANAGED" }, { "name": "InternalSelfManaged", "value": "INTERNAL_SELF_MANAGED" }, { "name": "Invalid", "value": "INVALID" } ] }, "google-native:compute/beta:ForwardingRuleNetworkTier": { "description": "This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.", "type": "string", "enum": [ { "name": "FixedStandard", "description": "Public internet quality with fixed bandwidth.", "value": "FIXED_STANDARD" }, { "name": "Premium", "description": "High quality, Google-grade network tier, support for all networking products.", "value": "PREMIUM" }, { "name": "Standard", "description": "Public internet quality, only limited support for other networking products.", "value": "STANDARD" }, { "name": "StandardOverridesFixedStandard", "description": "(Output only) Temporary tier for FIXED_STANDARD when fixed standard tier is expired or not configured.", "value": "STANDARD_OVERRIDES_FIXED_STANDARD" } ] }, "google-native:compute/beta:ForwardingRulePscConnectionStatus": { "type": "string", "enum": [ { "name": "Accepted", "description": "The connection has been accepted by the producer.", "value": "ACCEPTED" }, { "name": "Closed", "description": "The connection has been closed by the producer and will not serve traffic going forward.", "value": "CLOSED" }, { "name": "NeedsAttention", "description": "The connection has been accepted by the producer, but the producer needs to take further action before the forwarding rule can serve traffic.", "value": "NEEDS_ATTENTION" }, { "name": "Pending", "description": "The connection is pending acceptance by the producer.", "value": "PENDING" }, { "name": "Rejected", "description": "The connection has been rejected by the producer.", "value": "REJECTED" }, { "name": "StatusUnspecified", "value": "STATUS_UNSPECIFIED" } ] }, "google-native:compute/beta:ForwardingRuleServiceDirectoryRegistration": { "description": "Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.", "properties": { "namespace": { "type": "string", "description": "Service Directory namespace to register the forwarding rule under." }, "service": { "type": "string", "description": "Service Directory service to register the forwarding rule under." }, "serviceDirectoryRegion": { "type": "string", "description": "[Optional] Service Directory region to register this global forwarding rule under. Default to \"us-central1\". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region." } }, "type": "object" }, "google-native:compute/beta:ForwardingRuleServiceDirectoryRegistrationResponse": { "description": "Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.", "properties": { "namespace": { "type": "string", "description": "Service Directory namespace to register the forwarding rule under." }, "service": { "type": "string", "description": "Service Directory service to register the forwarding rule under." }, "serviceDirectoryRegion": { "type": "string", "description": "[Optional] Service Directory region to register this global forwarding rule under. Default to \"us-central1\". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region." } }, "type": "object", "required": [ "namespace", "service", "serviceDirectoryRegion" ] }, "google-native:compute/beta:FutureReservationPlanningStatus": { "description": "Planning state before being submitted for evaluation", "type": "string", "enum": [ { "name": "Draft", "description": "Future Reservation is being drafted.", "value": "DRAFT" }, { "name": "PlanningStatusUnspecified", "value": "PLANNING_STATUS_UNSPECIFIED" }, { "name": "Submitted", "description": "Future Reservation has been submitted for evaluation by GCP.", "value": "SUBMITTED" } ] }, "google-native:compute/beta:FutureReservationSpecificSKUProperties": { "properties": { "instanceProperties": { "$ref": "#/types/google-native:compute%2Fbeta:AllocationSpecificSKUAllocationReservedInstanceProperties", "description": "Properties of the SKU instances being reserved." }, "sourceInstanceTemplate": { "type": "string", "description": "The instance template that will be used to populate the ReservedInstanceProperties of the future reservation" }, "totalCount": { "type": "string", "description": "Total number of instances for which capacity assurance is requested at a future time period." } }, "type": "object" }, "google-native:compute/beta:FutureReservationSpecificSKUPropertiesResponse": { "properties": { "instanceProperties": { "$ref": "#/types/google-native:compute%2Fbeta:AllocationSpecificSKUAllocationReservedInstancePropertiesResponse", "description": "Properties of the SKU instances being reserved." }, "sourceInstanceTemplate": { "type": "string", "description": "The instance template that will be used to populate the ReservedInstanceProperties of the future reservation" }, "totalCount": { "type": "string", "description": "Total number of instances for which capacity assurance is requested at a future time period." } }, "type": "object", "required": [ "instanceProperties", "sourceInstanceTemplate", "totalCount" ] }, "google-native:compute/beta:FutureReservationStatusLastKnownGoodStateFutureReservationSpecsResponse": { "description": "The properties of the last known good state for the Future Reservation.", "properties": { "shareSettings": { "$ref": "#/types/google-native:compute%2Fbeta:ShareSettingsResponse", "description": "The previous share settings of the Future Reservation." }, "specificSkuProperties": { "$ref": "#/types/google-native:compute%2Fbeta:FutureReservationSpecificSKUPropertiesResponse", "description": "The previous instance related properties of the Future Reservation." }, "timeWindow": { "$ref": "#/types/google-native:compute%2Fbeta:FutureReservationTimeWindowResponse", "description": "The previous time window of the Future Reservation." } }, "type": "object", "required": [ "shareSettings", "specificSkuProperties", "timeWindow" ] }, "google-native:compute/beta:FutureReservationStatusLastKnownGoodStateResponse": { "description": "The state that the future reservation will be reverted to should the amendment be declined.", "properties": { "description": { "type": "string", "description": "The description of the FutureReservation before an amendment was requested." }, "futureReservationSpecs": { "$ref": "#/types/google-native:compute%2Fbeta:FutureReservationStatusLastKnownGoodStateFutureReservationSpecsResponse" }, "lockTime": { "type": "string", "description": "The lock time of the FutureReservation before an amendment was requested." }, "namePrefix": { "type": "string", "description": "The name prefix of the Future Reservation before an amendment was requested." }, "procurementStatus": { "type": "string", "description": "The status of the last known good state for the Future Reservation." } }, "type": "object", "required": [ "description", "futureReservationSpecs", "lockTime", "namePrefix", "procurementStatus" ] }, "google-native:compute/beta:FutureReservationStatusResponse": { "description": "[Output only] Represents status related to the future reservation.", "properties": { "amendmentStatus": { "type": "string", "description": "The current status of the requested amendment." }, "autoCreatedReservations": { "type": "array", "items": { "type": "string" }, "description": "Fully qualified urls of the automatically created reservations at start_time." }, "fulfilledCount": { "type": "string", "description": "This count indicates the fulfilled capacity so far. This is set during \"PROVISIONING\" state. This count also includes capacity delivered as part of existing matching reservations." }, "lastKnownGoodState": { "$ref": "#/types/google-native:compute%2Fbeta:FutureReservationStatusLastKnownGoodStateResponse", "description": "This field represents the future reservation before an amendment was requested. If the amendment is declined, the Future Reservation will be reverted to the last known good state. The last known good state is not set when updating a future reservation whose Procurement Status is DRAFTING." }, "lockTime": { "type": "string", "description": "Time when Future Reservation would become LOCKED, after which no modifications to Future Reservation will be allowed. Applicable only after the Future Reservation is in the APPROVED state. The lock_time is an RFC3339 string. The procurement_status will transition to PROCURING state at this time." }, "procurementStatus": { "type": "string", "description": "Current state of this Future Reservation" }, "specificSkuProperties": { "$ref": "#/types/google-native:compute%2Fbeta:FutureReservationStatusSpecificSKUPropertiesResponse" } }, "type": "object", "required": [ "amendmentStatus", "autoCreatedReservations", "fulfilledCount", "lastKnownGoodState", "lockTime", "procurementStatus", "specificSkuProperties" ] }, "google-native:compute/beta:FutureReservationStatusSpecificSKUPropertiesResponse": { "description": "Properties to be set for the Future Reservation.", "properties": { "sourceInstanceTemplateId": { "type": "string", "description": "ID of the instance template used to populate the Future Reservation properties." } }, "type": "object", "required": [ "sourceInstanceTemplateId" ] }, "google-native:compute/beta:FutureReservationTimeWindow": { "properties": { "duration": { "$ref": "#/types/google-native:compute%2Fbeta:Duration" }, "endTime": { "type": "string" }, "startTime": { "type": "string", "description": "Start time of the Future Reservation. The start_time is an RFC3339 string." } }, "type": "object" }, "google-native:compute/beta:FutureReservationTimeWindowResponse": { "properties": { "duration": { "$ref": "#/types/google-native:compute%2Fbeta:DurationResponse" }, "endTime": { "type": "string" }, "startTime": { "type": "string", "description": "Start time of the Future Reservation. The start_time is an RFC3339 string." } }, "type": "object", "required": [ "duration", "endTime", "startTime" ] }, "google-native:compute/beta:GRPCHealthCheck": { "properties": { "grpcServiceName": { "type": "string", "description": "The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII." }, "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "$ref": "#/types/google-native:compute%2Fbeta:GRPCHealthCheckPortSpecification", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." } }, "type": "object" }, "google-native:compute/beta:GRPCHealthCheckPortSpecification": { "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports.", "type": "string", "enum": [ { "name": "UseFixedPort", "description": "The port number in the health check's port is used for health checking. Applies to network endpoint group and instance group backends.", "value": "USE_FIXED_PORT" }, { "name": "UseNamedPort", "description": "Not supported.", "value": "USE_NAMED_PORT" }, { "name": "UseServingPort", "description": "For network endpoint group backends, the health check uses the port number specified on each endpoint in the network endpoint group. For instance group backends, the health check uses the port number specified for the backend service's named port defined in the instance group's named ports.", "value": "USE_SERVING_PORT" } ] }, "google-native:compute/beta:GRPCHealthCheckResponse": { "properties": { "grpcServiceName": { "type": "string", "description": "The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII." }, "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "type": "string", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." } }, "type": "object", "required": [ "grpcServiceName", "port", "portName", "portSpecification" ] }, "google-native:compute/beta:GlobalAddressAddressType": { "description": "The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.", "type": "string", "enum": [ { "name": "External", "description": "A publicly visible external IP address.", "value": "EXTERNAL" }, { "name": "Internal", "description": "A private network IP address, for use with an Instance or Internal Load Balancer forwarding rule.", "value": "INTERNAL" }, { "name": "UnspecifiedType", "value": "UNSPECIFIED_TYPE" } ] }, "google-native:compute/beta:GlobalAddressIpVersion": { "description": "The IP version that will be used by this address. Valid options are IPV4 or IPV6.", "type": "string", "enum": [ { "name": "Ipv4", "value": "IPV4" }, { "name": "Ipv6", "value": "IPV6" }, { "name": "UnspecifiedVersion", "value": "UNSPECIFIED_VERSION" } ] }, "google-native:compute/beta:GlobalAddressIpv6EndpointType": { "description": "The endpoint type of this address, which should be VM or NETLB. This is used for deciding which type of endpoint this address can be used after the external IPv6 address reservation.", "type": "string", "enum": [ { "name": "Netlb", "description": "Reserved IPv6 address can be used on network load balancer.", "value": "NETLB" }, { "name": "Vm", "description": "Reserved IPv6 address can be used on VM.", "value": "VM" } ] }, "google-native:compute/beta:GlobalAddressNetworkTier": { "description": "This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Internal IP addresses are always Premium Tier; global external IP addresses are always Premium Tier; regional external IP addresses can be either Standard or Premium Tier. If this field is not specified, it is assumed to be PREMIUM.", "type": "string", "enum": [ { "name": "FixedStandard", "description": "Public internet quality with fixed bandwidth.", "value": "FIXED_STANDARD" }, { "name": "Premium", "description": "High quality, Google-grade network tier, support for all networking products.", "value": "PREMIUM" }, { "name": "Standard", "description": "Public internet quality, only limited support for other networking products.", "value": "STANDARD" }, { "name": "StandardOverridesFixedStandard", "description": "(Output only) Temporary tier for FIXED_STANDARD when fixed standard tier is expired or not configured.", "value": "STANDARD_OVERRIDES_FIXED_STANDARD" } ] }, "google-native:compute/beta:GlobalAddressPurpose": { "description": "The purpose of this resource, which can be one of the following values: - GCE_ENDPOINT for addresses that are used by VM instances, alias IP ranges, load balancers, and similar resources. - DNS_RESOLVER for a DNS resolver address in a subnetwork for a Cloud DNS inbound forwarder IP addresses (regional internal IP address in a subnet of a VPC network) - VPC_PEERING for global internal IP addresses used for private services access allocated ranges. - NAT_AUTO for the regional external IP addresses used by Cloud NAT when allocating addresses using automatic NAT IP address allocation. - IPSEC_INTERCONNECT for addresses created from a private IP range that are reserved for a VLAN attachment in an *HA VPN over Cloud Interconnect* configuration. These addresses are regional resources. - `SHARED_LOADBALANCER_VIP` for an internal IP address that is assigned to multiple internal forwarding rules. - `PRIVATE_SERVICE_CONNECT` for a private network address that is used to configure Private Service Connect. Only global internal addresses can use this purpose. ", "type": "string", "enum": [ { "name": "DnsResolver", "description": "DNS resolver address in the subnetwork.", "value": "DNS_RESOLVER" }, { "name": "GceEndpoint", "description": "VM internal/alias IP, Internal LB service IP, etc.", "value": "GCE_ENDPOINT" }, { "name": "IpsecInterconnect", "description": "A regional internal IP address range reserved for the VLAN attachment that is used in HA VPN over Cloud Interconnect. This regional internal IP address range must not overlap with any IP address range of subnet/route in the VPC network and its peering networks. After the VLAN attachment is created with the reserved IP address range, when creating a new VPN gateway, its interface IP address is allocated from the associated VLAN attachment’s IP address range.", "value": "IPSEC_INTERCONNECT" }, { "name": "NatAuto", "description": "External IP automatically reserved for Cloud NAT.", "value": "NAT_AUTO" }, { "name": "PrivateServiceConnect", "description": "A private network IP address that can be used to configure Private Service Connect. This purpose can be specified only for GLOBAL addresses of Type INTERNAL", "value": "PRIVATE_SERVICE_CONNECT" }, { "name": "Serverless", "description": "A regional internal IP address range reserved for Serverless.", "value": "SERVERLESS" }, { "name": "SharedLoadbalancerVip", "description": "A private network IP address that can be shared by multiple Internal Load Balancer forwarding rules.", "value": "SHARED_LOADBALANCER_VIP" }, { "name": "VpcPeering", "description": "IP range for peer networks.", "value": "VPC_PEERING" } ] }, "google-native:compute/beta:GlobalForwardingRuleIpProtocol": { "description": "The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products as described in [Load balancing features](https://cloud.google.com/load-balancing/docs/features#protocols_from_the_load_balancer_to_the_backends).", "type": "string", "enum": [ { "name": "Ah", "value": "AH" }, { "name": "Esp", "value": "ESP" }, { "name": "Icmp", "value": "ICMP" }, { "name": "L3Default", "value": "L3_DEFAULT" }, { "name": "Sctp", "value": "SCTP" }, { "name": "Tcp", "value": "TCP" }, { "name": "Udp", "value": "UDP" } ] }, "google-native:compute/beta:GlobalForwardingRuleIpVersion": { "description": "The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6.", "type": "string", "enum": [ { "name": "Ipv4", "value": "IPV4" }, { "name": "Ipv6", "value": "IPV6" }, { "name": "UnspecifiedVersion", "value": "UNSPECIFIED_VERSION" } ] }, "google-native:compute/beta:GlobalForwardingRuleLoadBalancingScheme": { "description": "Specifies the forwarding rule type. For more information about forwarding rules, refer to Forwarding rule concepts.", "type": "string", "enum": [ { "name": "External", "value": "EXTERNAL" }, { "name": "ExternalManaged", "value": "EXTERNAL_MANAGED" }, { "name": "Internal", "value": "INTERNAL" }, { "name": "InternalManaged", "value": "INTERNAL_MANAGED" }, { "name": "InternalSelfManaged", "value": "INTERNAL_SELF_MANAGED" }, { "name": "Invalid", "value": "INVALID" } ] }, "google-native:compute/beta:GlobalForwardingRuleNetworkTier": { "description": "This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.", "type": "string", "enum": [ { "name": "FixedStandard", "description": "Public internet quality with fixed bandwidth.", "value": "FIXED_STANDARD" }, { "name": "Premium", "description": "High quality, Google-grade network tier, support for all networking products.", "value": "PREMIUM" }, { "name": "Standard", "description": "Public internet quality, only limited support for other networking products.", "value": "STANDARD" }, { "name": "StandardOverridesFixedStandard", "description": "(Output only) Temporary tier for FIXED_STANDARD when fixed standard tier is expired or not configured.", "value": "STANDARD_OVERRIDES_FIXED_STANDARD" } ] }, "google-native:compute/beta:GlobalForwardingRulePscConnectionStatus": { "type": "string", "enum": [ { "name": "Accepted", "description": "The connection has been accepted by the producer.", "value": "ACCEPTED" }, { "name": "Closed", "description": "The connection has been closed by the producer and will not serve traffic going forward.", "value": "CLOSED" }, { "name": "NeedsAttention", "description": "The connection has been accepted by the producer, but the producer needs to take further action before the forwarding rule can serve traffic.", "value": "NEEDS_ATTENTION" }, { "name": "Pending", "description": "The connection is pending acceptance by the producer.", "value": "PENDING" }, { "name": "Rejected", "description": "The connection has been rejected by the producer.", "value": "REJECTED" }, { "name": "StatusUnspecified", "value": "STATUS_UNSPECIFIED" } ] }, "google-native:compute/beta:GlobalNetworkEndpointGroupNetworkEndpointType": { "description": "Type of network endpoints in this network endpoint group. Can be one of GCE_VM_IP, GCE_VM_IP_PORT, NON_GCP_PRIVATE_IP_PORT, INTERNET_FQDN_PORT, INTERNET_IP_PORT, SERVERLESS, PRIVATE_SERVICE_CONNECT.", "type": "string", "enum": [ { "name": "GceVmIp", "description": "The network endpoint is represented by an IP address.", "value": "GCE_VM_IP" }, { "name": "GceVmIpPort", "description": "The network endpoint is represented by IP address and port pair.", "value": "GCE_VM_IP_PORT" }, { "name": "InternetFqdnPort", "description": "The network endpoint is represented by fully qualified domain name and port.", "value": "INTERNET_FQDN_PORT" }, { "name": "InternetIpPort", "description": "The network endpoint is represented by an internet IP address and port.", "value": "INTERNET_IP_PORT" }, { "name": "NonGcpPrivateIpPort", "description": "The network endpoint is represented by an IP address and port. The endpoint belongs to a VM or pod running in a customer's on-premises.", "value": "NON_GCP_PRIVATE_IP_PORT" }, { "name": "PrivateServiceConnect", "description": "The network endpoint is either public Google APIs or services exposed by other GCP Project with a Service Attachment. The connection is set up by private service connect", "value": "PRIVATE_SERVICE_CONNECT" }, { "name": "Serverless", "description": "The network endpoint is handled by specified serverless infrastructure.", "value": "SERVERLESS" } ] }, "google-native:compute/beta:GuestOsFeature": { "description": "Guest OS features.", "properties": { "type": { "$ref": "#/types/google-native:compute%2Fbeta:GuestOsFeatureType", "description": "The ID of a supported feature. To add multiple values, use commas to separate values. Set to one or more of the following values: - VIRTIO_SCSI_MULTIQUEUE - WINDOWS - MULTI_IP_SUBNET - UEFI_COMPATIBLE - GVNIC - SEV_CAPABLE - SUSPEND_RESUME_COMPATIBLE - SEV_LIVE_MIGRATABLE - SEV_SNP_CAPABLE For more information, see Enabling guest operating system features." } }, "type": "object" }, "google-native:compute/beta:GuestOsFeatureResponse": { "description": "Guest OS features.", "properties": { "type": { "type": "string", "description": "The ID of a supported feature. To add multiple values, use commas to separate values. Set to one or more of the following values: - VIRTIO_SCSI_MULTIQUEUE - WINDOWS - MULTI_IP_SUBNET - UEFI_COMPATIBLE - GVNIC - SEV_CAPABLE - SUSPEND_RESUME_COMPATIBLE - SEV_LIVE_MIGRATABLE - SEV_SNP_CAPABLE For more information, see Enabling guest operating system features." } }, "type": "object", "required": [ "type" ] }, "google-native:compute/beta:GuestOsFeatureType": { "description": "The ID of a supported feature. To add multiple values, use commas to separate values. Set to one or more of the following values: - VIRTIO_SCSI_MULTIQUEUE - WINDOWS - MULTI_IP_SUBNET - UEFI_COMPATIBLE - GVNIC - SEV_CAPABLE - SUSPEND_RESUME_COMPATIBLE - SEV_LIVE_MIGRATABLE - SEV_SNP_CAPABLE For more information, see Enabling guest operating system features.", "type": "string", "enum": [ { "name": "FeatureTypeUnspecified", "value": "FEATURE_TYPE_UNSPECIFIED" }, { "name": "Gvnic", "value": "GVNIC" }, { "name": "MultiIpSubnet", "value": "MULTI_IP_SUBNET" }, { "name": "SecureBoot", "value": "SECURE_BOOT" }, { "name": "SevCapable", "value": "SEV_CAPABLE" }, { "name": "SevLiveMigratable", "value": "SEV_LIVE_MIGRATABLE" }, { "name": "SevLiveMigratableV2", "value": "SEV_LIVE_MIGRATABLE_V2" }, { "name": "SevSnpCapable", "value": "SEV_SNP_CAPABLE" }, { "name": "UefiCompatible", "value": "UEFI_COMPATIBLE" }, { "name": "VirtioScsiMultiqueue", "value": "VIRTIO_SCSI_MULTIQUEUE" }, { "name": "Windows", "value": "WINDOWS" } ] }, "google-native:compute/beta:HTTP2HealthCheck": { "properties": { "host": { "type": "string", "description": "The value of the host header in the HTTP/2 health check request. If left empty (default value), the host header is set to the destination IP address to which health check packets are sent. The destination IP address depends on the type of load balancer. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#hc-packet-dest" }, "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. The default value is 443. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "$ref": "#/types/google-native:compute%2Fbeta:HTTP2HealthCheckPortSpecification", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." }, "proxyHeader": { "$ref": "#/types/google-native:compute%2Fbeta:HTTP2HealthCheckProxyHeader", "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE." }, "requestPath": { "type": "string", "description": "The request path of the HTTP/2 health check request. The default value is /." }, "response": { "type": "string", "description": "Creates a content-based HTTP/2 health check. In addition to the required HTTP 200 (OK) status code, you can configure the health check to pass only when the backend sends this specific ASCII response string within the first 1024 bytes of the HTTP response body. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#criteria-protocol-http" } }, "type": "object" }, "google-native:compute/beta:HTTP2HealthCheckPortSpecification": { "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports.", "type": "string", "enum": [ { "name": "UseFixedPort", "description": "The port number in the health check's port is used for health checking. Applies to network endpoint group and instance group backends.", "value": "USE_FIXED_PORT" }, { "name": "UseNamedPort", "description": "Not supported.", "value": "USE_NAMED_PORT" }, { "name": "UseServingPort", "description": "For network endpoint group backends, the health check uses the port number specified on each endpoint in the network endpoint group. For instance group backends, the health check uses the port number specified for the backend service's named port defined in the instance group's named ports.", "value": "USE_SERVING_PORT" } ] }, "google-native:compute/beta:HTTP2HealthCheckProxyHeader": { "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.", "type": "string", "enum": [ { "name": "None", "value": "NONE" }, { "name": "ProxyV1", "value": "PROXY_V1" } ] }, "google-native:compute/beta:HTTP2HealthCheckResponse": { "properties": { "host": { "type": "string", "description": "The value of the host header in the HTTP/2 health check request. If left empty (default value), the host header is set to the destination IP address to which health check packets are sent. The destination IP address depends on the type of load balancer. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#hc-packet-dest" }, "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. The default value is 443. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "type": "string", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." }, "proxyHeader": { "type": "string", "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE." }, "requestPath": { "type": "string", "description": "The request path of the HTTP/2 health check request. The default value is /." }, "response": { "type": "string", "description": "Creates a content-based HTTP/2 health check. In addition to the required HTTP 200 (OK) status code, you can configure the health check to pass only when the backend sends this specific ASCII response string within the first 1024 bytes of the HTTP response body. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#criteria-protocol-http" } }, "type": "object", "required": [ "host", "port", "portName", "portSpecification", "proxyHeader", "requestPath", "response" ] }, "google-native:compute/beta:HTTPHealthCheck": { "properties": { "host": { "type": "string", "description": "The value of the host header in the HTTP health check request. If left empty (default value), the host header is set to the destination IP address to which health check packets are sent. The destination IP address depends on the type of load balancer. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#hc-packet-dest" }, "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. The default value is 80. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "$ref": "#/types/google-native:compute%2Fbeta:HTTPHealthCheckPortSpecification", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Also supported in legacy HTTP health checks for target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." }, "proxyHeader": { "$ref": "#/types/google-native:compute%2Fbeta:HTTPHealthCheckProxyHeader", "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE." }, "requestPath": { "type": "string", "description": "The request path of the HTTP health check request. The default value is /." }, "response": { "type": "string", "description": "Creates a content-based HTTP health check. In addition to the required HTTP 200 (OK) status code, you can configure the health check to pass only when the backend sends this specific ASCII response string within the first 1024 bytes of the HTTP response body. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#criteria-protocol-http" } }, "type": "object" }, "google-native:compute/beta:HTTPHealthCheckPortSpecification": { "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Also supported in legacy HTTP health checks for target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports.", "type": "string", "enum": [ { "name": "UseFixedPort", "description": "The port number in the health check's port is used for health checking. Applies to network endpoint group and instance group backends.", "value": "USE_FIXED_PORT" }, { "name": "UseNamedPort", "description": "Not supported.", "value": "USE_NAMED_PORT" }, { "name": "UseServingPort", "description": "For network endpoint group backends, the health check uses the port number specified on each endpoint in the network endpoint group. For instance group backends, the health check uses the port number specified for the backend service's named port defined in the instance group's named ports.", "value": "USE_SERVING_PORT" } ] }, "google-native:compute/beta:HTTPHealthCheckProxyHeader": { "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.", "type": "string", "enum": [ { "name": "None", "value": "NONE" }, { "name": "ProxyV1", "value": "PROXY_V1" } ] }, "google-native:compute/beta:HTTPHealthCheckResponse": { "properties": { "host": { "type": "string", "description": "The value of the host header in the HTTP health check request. If left empty (default value), the host header is set to the destination IP address to which health check packets are sent. The destination IP address depends on the type of load balancer. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#hc-packet-dest" }, "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. The default value is 80. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "type": "string", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Also supported in legacy HTTP health checks for target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." }, "proxyHeader": { "type": "string", "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE." }, "requestPath": { "type": "string", "description": "The request path of the HTTP health check request. The default value is /." }, "response": { "type": "string", "description": "Creates a content-based HTTP health check. In addition to the required HTTP 200 (OK) status code, you can configure the health check to pass only when the backend sends this specific ASCII response string within the first 1024 bytes of the HTTP response body. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#criteria-protocol-http" } }, "type": "object", "required": [ "host", "port", "portName", "portSpecification", "proxyHeader", "requestPath", "response" ] }, "google-native:compute/beta:HTTPSHealthCheck": { "properties": { "host": { "type": "string", "description": "The value of the host header in the HTTPS health check request. If left empty (default value), the host header is set to the destination IP address to which health check packets are sent. The destination IP address depends on the type of load balancer. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#hc-packet-dest" }, "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. The default value is 443. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "$ref": "#/types/google-native:compute%2Fbeta:HTTPSHealthCheckPortSpecification", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." }, "proxyHeader": { "$ref": "#/types/google-native:compute%2Fbeta:HTTPSHealthCheckProxyHeader", "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE." }, "requestPath": { "type": "string", "description": "The request path of the HTTPS health check request. The default value is /." }, "response": { "type": "string", "description": "Creates a content-based HTTPS health check. In addition to the required HTTP 200 (OK) status code, you can configure the health check to pass only when the backend sends this specific ASCII response string within the first 1024 bytes of the HTTP response body. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#criteria-protocol-http" } }, "type": "object" }, "google-native:compute/beta:HTTPSHealthCheckPortSpecification": { "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports.", "type": "string", "enum": [ { "name": "UseFixedPort", "description": "The port number in the health check's port is used for health checking. Applies to network endpoint group and instance group backends.", "value": "USE_FIXED_PORT" }, { "name": "UseNamedPort", "description": "Not supported.", "value": "USE_NAMED_PORT" }, { "name": "UseServingPort", "description": "For network endpoint group backends, the health check uses the port number specified on each endpoint in the network endpoint group. For instance group backends, the health check uses the port number specified for the backend service's named port defined in the instance group's named ports.", "value": "USE_SERVING_PORT" } ] }, "google-native:compute/beta:HTTPSHealthCheckProxyHeader": { "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.", "type": "string", "enum": [ { "name": "None", "value": "NONE" }, { "name": "ProxyV1", "value": "PROXY_V1" } ] }, "google-native:compute/beta:HTTPSHealthCheckResponse": { "properties": { "host": { "type": "string", "description": "The value of the host header in the HTTPS health check request. If left empty (default value), the host header is set to the destination IP address to which health check packets are sent. The destination IP address depends on the type of load balancer. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#hc-packet-dest" }, "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. The default value is 443. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "type": "string", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." }, "proxyHeader": { "type": "string", "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE." }, "requestPath": { "type": "string", "description": "The request path of the HTTPS health check request. The default value is /." }, "response": { "type": "string", "description": "Creates a content-based HTTPS health check. In addition to the required HTTP 200 (OK) status code, you can configure the health check to pass only when the backend sends this specific ASCII response string within the first 1024 bytes of the HTTP response body. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#criteria-protocol-http" } }, "type": "object", "required": [ "host", "port", "portName", "portSpecification", "proxyHeader", "requestPath", "response" ] }, "google-native:compute/beta:HealthCheckLogConfig": { "description": "Configuration of logging on a health check. If logging is enabled, logs will be exported to Stackdriver.", "properties": { "enable": { "type": "boolean", "description": "Indicates whether or not to export logs. This is false by default, which means no health check logging will be done." } }, "type": "object" }, "google-native:compute/beta:HealthCheckLogConfigResponse": { "description": "Configuration of logging on a health check. If logging is enabled, logs will be exported to Stackdriver.", "properties": { "enable": { "type": "boolean", "description": "Indicates whether or not to export logs. This is false by default, which means no health check logging will be done." } }, "type": "object", "required": [ "enable" ] }, "google-native:compute/beta:HealthCheckType": { "description": "Specifies the type of the healthCheck, either TCP, SSL, HTTP, HTTPS, HTTP2 or GRPC. Exactly one of the protocol-specific health check fields must be specified, which must match type field.", "type": "string", "enum": [ { "name": "Grpc", "value": "GRPC" }, { "name": "Http", "value": "HTTP" }, { "name": "Http2", "value": "HTTP2" }, { "name": "Https", "value": "HTTPS" }, { "name": "Invalid", "value": "INVALID" }, { "name": "Ssl", "value": "SSL" }, { "name": "Tcp", "value": "TCP" } ] }, "google-native:compute/beta:HelpLinkResponse": { "description": "Describes a URL link.", "properties": { "description": { "type": "string", "description": "Describes what the link offers." }, "url": { "type": "string", "description": "The URL of the link." } }, "type": "object", "required": [ "description", "url" ] }, "google-native:compute/beta:HelpResponse": { "description": "Provides links to documentation or for performing an out of band action. For example, if a quota check failed with an error indicating the calling project hasn't enabled the accessed service, this can contain a URL pointing directly to the right place in the developer console to flip the bit.", "properties": { "links": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:HelpLinkResponse" }, "description": "URL(s) pointing to additional information on handling the current error." } }, "type": "object", "required": [ "links" ] }, "google-native:compute/beta:HostRule": { "description": "UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.", "properties": { "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "hosts": { "type": "array", "items": { "type": "string" }, "description": "The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character, and if followed by anything, the immediate following character must be either - or .. * based matching is not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true." }, "pathMatcher": { "type": "string", "description": "The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion." } }, "type": "object" }, "google-native:compute/beta:HostRuleResponse": { "description": "UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.", "properties": { "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "hosts": { "type": "array", "items": { "type": "string" }, "description": "The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character, and if followed by anything, the immediate following character must be either - or .. * based matching is not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true." }, "pathMatcher": { "type": "string", "description": "The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion." } }, "type": "object", "required": [ "description", "hosts", "pathMatcher" ] }, "google-native:compute/beta:HttpFaultAbort": { "description": "Specification for how requests are aborted as part of fault injection.", "properties": { "httpStatus": { "type": "integer", "description": "The HTTP status code used to abort the request. The value must be from 200 to 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director." }, "percentage": { "type": "number", "description": "The percentage of traffic for connections, operations, or requests that is aborted as part of fault injection. The value must be from 0.0 to 100.0 inclusive." } }, "type": "object" }, "google-native:compute/beta:HttpFaultAbortResponse": { "description": "Specification for how requests are aborted as part of fault injection.", "properties": { "httpStatus": { "type": "integer", "description": "The HTTP status code used to abort the request. The value must be from 200 to 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director." }, "percentage": { "type": "number", "description": "The percentage of traffic for connections, operations, or requests that is aborted as part of fault injection. The value must be from 0.0 to 100.0 inclusive." } }, "type": "object", "required": [ "httpStatus", "percentage" ] }, "google-native:compute/beta:HttpFaultDelay": { "description": "Specifies the delay introduced by the load balancer before forwarding the request to the backend service as part of fault injection.", "properties": { "fixedDelay": { "$ref": "#/types/google-native:compute%2Fbeta:Duration", "description": "Specifies the value of the fixed delay interval." }, "percentage": { "type": "number", "description": "The percentage of traffic for connections, operations, or requests for which a delay is introduced as part of fault injection. The value must be from 0.0 to 100.0 inclusive." } }, "type": "object" }, "google-native:compute/beta:HttpFaultDelayResponse": { "description": "Specifies the delay introduced by the load balancer before forwarding the request to the backend service as part of fault injection.", "properties": { "fixedDelay": { "$ref": "#/types/google-native:compute%2Fbeta:DurationResponse", "description": "Specifies the value of the fixed delay interval." }, "percentage": { "type": "number", "description": "The percentage of traffic for connections, operations, or requests for which a delay is introduced as part of fault injection. The value must be from 0.0 to 100.0 inclusive." } }, "type": "object", "required": [ "fixedDelay", "percentage" ] }, "google-native:compute/beta:HttpFaultInjection": { "description": "The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by the load balancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the load balancer for a percentage of requests.", "properties": { "abort": { "$ref": "#/types/google-native:compute%2Fbeta:HttpFaultAbort", "description": "The specification for how client requests are aborted as part of fault injection." }, "delay": { "$ref": "#/types/google-native:compute%2Fbeta:HttpFaultDelay", "description": "The specification for how client requests are delayed as part of fault injection, before being sent to a backend service." } }, "type": "object" }, "google-native:compute/beta:HttpFaultInjectionResponse": { "description": "The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by the load balancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the load balancer for a percentage of requests.", "properties": { "abort": { "$ref": "#/types/google-native:compute%2Fbeta:HttpFaultAbortResponse", "description": "The specification for how client requests are aborted as part of fault injection." }, "delay": { "$ref": "#/types/google-native:compute%2Fbeta:HttpFaultDelayResponse", "description": "The specification for how client requests are delayed as part of fault injection, before being sent to a backend service." } }, "type": "object", "required": [ "abort", "delay" ] }, "google-native:compute/beta:HttpFilterConfig": { "description": "HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.", "properties": { "config": { "type": "string", "description": "The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl" }, "configTypeUrl": { "type": "string", "description": "The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct" }, "filterName": { "type": "string", "description": "Name of the networkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example: envoy.wasm" } }, "type": "object" }, "google-native:compute/beta:HttpFilterConfigResponse": { "description": "HttpFilterConfiguration supplies additional contextual settings for networkservices.HttpFilter resources enabled by Traffic Director.", "properties": { "config": { "type": "string", "description": "The configuration needed to enable the networkservices.HttpFilter resource. The configuration must be YAML formatted and only contain fields defined in the protobuf identified in configTypeUrl" }, "configTypeUrl": { "type": "string", "description": "The fully qualified versioned proto3 type url of the protobuf that the filter expects for its contextual settings, for example: type.googleapis.com/google.protobuf.Struct" }, "filterName": { "type": "string", "description": "Name of the networkservices.HttpFilter resource this configuration belongs to. This name must be known to the xDS client. Example: envoy.wasm" } }, "type": "object", "required": [ "config", "configTypeUrl", "filterName" ] }, "google-native:compute/beta:HttpHeaderAction": { "description": "The request and response header transformations that take effect before the request is passed along to the selected backendService.", "properties": { "requestHeadersToAdd": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:HttpHeaderOption" }, "description": "Headers to add to a matching request before forwarding the request to the backendService." }, "requestHeadersToRemove": { "type": "array", "items": { "type": "string" }, "description": "A list of header names for headers that need to be removed from the request before forwarding the request to the backendService." }, "responseHeadersToAdd": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:HttpHeaderOption" }, "description": "Headers to add the response before sending the response back to the client." }, "responseHeadersToRemove": { "type": "array", "items": { "type": "string" }, "description": "A list of header names for headers that need to be removed from the response before sending the response back to the client." } }, "type": "object" }, "google-native:compute/beta:HttpHeaderActionResponse": { "description": "The request and response header transformations that take effect before the request is passed along to the selected backendService.", "properties": { "requestHeadersToAdd": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:HttpHeaderOptionResponse" }, "description": "Headers to add to a matching request before forwarding the request to the backendService." }, "requestHeadersToRemove": { "type": "array", "items": { "type": "string" }, "description": "A list of header names for headers that need to be removed from the request before forwarding the request to the backendService." }, "responseHeadersToAdd": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:HttpHeaderOptionResponse" }, "description": "Headers to add the response before sending the response back to the client." }, "responseHeadersToRemove": { "type": "array", "items": { "type": "string" }, "description": "A list of header names for headers that need to be removed from the response before sending the response back to the client." } }, "type": "object", "required": [ "requestHeadersToAdd", "requestHeadersToRemove", "responseHeadersToAdd", "responseHeadersToRemove" ] }, "google-native:compute/beta:HttpHeaderMatch": { "description": "matchRule criteria for request header matches.", "properties": { "exactMatch": { "type": "string", "description": "The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set." }, "headerName": { "type": "string", "description": "The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name \":authority\". For matching a request's method, use the headerName \":method\". When the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin`." }, "invertMatch": { "type": "boolean", "description": "If set to false, the headerMatch is considered a match if the preceding match criteria are met. If set to true, the headerMatch is considered a match if the preceding match criteria are NOT met. The default setting is false. " }, "prefixMatch": { "type": "string", "description": "The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set." }, "presentMatch": { "type": "boolean", "description": "A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set." }, "rangeMatch": { "$ref": "#/types/google-native:compute%2Fbeta:Int64RangeMatch", "description": "The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. rangeMatch is not supported for load balancers that have loadBalancingScheme set to EXTERNAL." }, "regexMatch": { "type": "string", "description": "The value of the header must match the regular expression specified in regexMatch. For more information about regular expression syntax, see Syntax. For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Regular expressions can only be used when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED." }, "suffixMatch": { "type": "string", "description": "The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set." } }, "type": "object" }, "google-native:compute/beta:HttpHeaderMatchResponse": { "description": "matchRule criteria for request header matches.", "properties": { "exactMatch": { "type": "string", "description": "The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set." }, "headerName": { "type": "string", "description": "The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name \":authority\". For matching a request's method, use the headerName \":method\". When the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin`." }, "invertMatch": { "type": "boolean", "description": "If set to false, the headerMatch is considered a match if the preceding match criteria are met. If set to true, the headerMatch is considered a match if the preceding match criteria are NOT met. The default setting is false. " }, "prefixMatch": { "type": "string", "description": "The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set." }, "presentMatch": { "type": "boolean", "description": "A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set." }, "rangeMatch": { "$ref": "#/types/google-native:compute%2Fbeta:Int64RangeMatchResponse", "description": "The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. rangeMatch is not supported for load balancers that have loadBalancingScheme set to EXTERNAL." }, "regexMatch": { "type": "string", "description": "The value of the header must match the regular expression specified in regexMatch. For more information about regular expression syntax, see Syntax. For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Regular expressions can only be used when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED." }, "suffixMatch": { "type": "string", "description": "The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set." } }, "type": "object", "required": [ "exactMatch", "headerName", "invertMatch", "prefixMatch", "presentMatch", "rangeMatch", "regexMatch", "suffixMatch" ] }, "google-native:compute/beta:HttpHeaderOption": { "description": "Specification determining how headers are added to requests or responses.", "properties": { "headerName": { "type": "string", "description": "The name of the header." }, "headerValue": { "type": "string", "description": "The value of the header to add." }, "replace": { "type": "boolean", "description": "If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false. " } }, "type": "object" }, "google-native:compute/beta:HttpHeaderOptionResponse": { "description": "Specification determining how headers are added to requests or responses.", "properties": { "headerName": { "type": "string", "description": "The name of the header." }, "headerValue": { "type": "string", "description": "The value of the header to add." }, "replace": { "type": "boolean", "description": "If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false. " } }, "type": "object", "required": [ "headerName", "headerValue", "replace" ] }, "google-native:compute/beta:HttpQueryParameterMatch": { "description": "HttpRouteRuleMatch criteria for a request's query parameter.", "properties": { "exactMatch": { "type": "string", "description": "The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch, or regexMatch must be set. " }, "name": { "type": "string", "description": "The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails." }, "presentMatch": { "type": "boolean", "description": "Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch, or regexMatch must be set. " }, "regexMatch": { "type": "string", "description": "The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For more information about regular expression syntax, see Syntax. Only one of presentMatch, exactMatch, or regexMatch must be set. Regular expressions can only be used when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED. " } }, "type": "object" }, "google-native:compute/beta:HttpQueryParameterMatchResponse": { "description": "HttpRouteRuleMatch criteria for a request's query parameter.", "properties": { "exactMatch": { "type": "string", "description": "The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch, or regexMatch must be set. " }, "name": { "type": "string", "description": "The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails." }, "presentMatch": { "type": "boolean", "description": "Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch, or regexMatch must be set. " }, "regexMatch": { "type": "string", "description": "The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For more information about regular expression syntax, see Syntax. Only one of presentMatch, exactMatch, or regexMatch must be set. Regular expressions can only be used when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED. " } }, "type": "object", "required": [ "exactMatch", "name", "presentMatch", "regexMatch" ] }, "google-native:compute/beta:HttpRedirectAction": { "description": "Specifies settings for an HTTP redirect.", "properties": { "hostRedirect": { "type": "string", "description": "The host that is used in the redirect response instead of the one that was supplied in the request. The value must be from 1 to 255 characters." }, "httpsRedirect": { "type": "boolean", "description": "If set to true, the URL scheme in the redirected request is set to HTTPS. If set to false, the URL scheme of the redirected request remains the same as that of the request. This must only be set for URL maps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false." }, "pathRedirect": { "type": "string", "description": "The path that is used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request is used for the redirect. The value must be from 1 to 1024 characters." }, "prefixRedirect": { "type": "string", "description": "The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request is used for the redirect. The value must be from 1 to 1024 characters." }, "redirectResponseCode": { "$ref": "#/types/google-native:compute%2Fbeta:HttpRedirectActionRedirectResponseCode", "description": "The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method is retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method is retained. " }, "stripQuery": { "type": "boolean", "description": "If set to true, any accompanying query portion of the original URL is removed before redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false. " } }, "type": "object" }, "google-native:compute/beta:HttpRedirectActionRedirectResponseCode": { "description": "The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method is retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method is retained. ", "type": "string", "enum": [ { "name": "Found", "description": "Http Status Code 302 - Found.", "value": "FOUND" }, { "name": "MovedPermanentlyDefault", "description": "Http Status Code 301 - Moved Permanently.", "value": "MOVED_PERMANENTLY_DEFAULT" }, { "name": "PermanentRedirect", "description": "Http Status Code 308 - Permanent Redirect maintaining HTTP method.", "value": "PERMANENT_REDIRECT" }, { "name": "SeeOther", "description": "Http Status Code 303 - See Other.", "value": "SEE_OTHER" }, { "name": "TemporaryRedirect", "description": "Http Status Code 307 - Temporary Redirect maintaining HTTP method.", "value": "TEMPORARY_REDIRECT" } ] }, "google-native:compute/beta:HttpRedirectActionResponse": { "description": "Specifies settings for an HTTP redirect.", "properties": { "hostRedirect": { "type": "string", "description": "The host that is used in the redirect response instead of the one that was supplied in the request. The value must be from 1 to 255 characters." }, "httpsRedirect": { "type": "boolean", "description": "If set to true, the URL scheme in the redirected request is set to HTTPS. If set to false, the URL scheme of the redirected request remains the same as that of the request. This must only be set for URL maps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false." }, "pathRedirect": { "type": "string", "description": "The path that is used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request is used for the redirect. The value must be from 1 to 1024 characters." }, "prefixRedirect": { "type": "string", "description": "The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request is used for the redirect. The value must be from 1 to 1024 characters." }, "redirectResponseCode": { "type": "string", "description": "The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method is retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method is retained. " }, "stripQuery": { "type": "boolean", "description": "If set to true, any accompanying query portion of the original URL is removed before redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false. " } }, "type": "object", "required": [ "hostRedirect", "httpsRedirect", "pathRedirect", "prefixRedirect", "redirectResponseCode", "stripQuery" ] }, "google-native:compute/beta:HttpRetryPolicy": { "description": "The retry policy associates with HttpRouteRule", "properties": { "numRetries": { "type": "integer", "description": "Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1." }, "perTryTimeout": { "$ref": "#/types/google-native:compute%2Fbeta:Duration", "description": "Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in the HttpRouteAction field. If timeout in the HttpRouteAction field is not set, this field uses the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true." }, "retryConditions": { "type": "array", "items": { "type": "string" }, "description": "Specifies one or more conditions when this retry policy applies. Valid values are: - 5xx: retry is attempted if the instance or endpoint responds with any 5xx response code, or if the instance or endpoint does not respond at all. For example, disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - connect-failure: a retry is attempted on failures connecting to the instance or endpoint. For example, connection timeouts. - retriable-4xx: a retry is attempted if the instance or endpoint responds with a 4xx response code. The only error that you can retry is error code 409. - refused-stream: a retry is attempted if the instance or endpoint resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelled: a retry is attempted if the gRPC status code in the response header is set to cancelled. - deadline-exceeded: a retry is attempted if the gRPC status code in the response header is set to deadline-exceeded. - internal: a retry is attempted if the gRPC status code in the response header is set to internal. - resource-exhausted: a retry is attempted if the gRPC status code in the response header is set to resource-exhausted. - unavailable: a retry is attempted if the gRPC status code in the response header is set to unavailable. Only the following codes are supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true. - cancelled - deadline-exceeded - internal - resource-exhausted - unavailable " } }, "type": "object" }, "google-native:compute/beta:HttpRetryPolicyResponse": { "description": "The retry policy associates with HttpRouteRule", "properties": { "numRetries": { "type": "integer", "description": "Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1." }, "perTryTimeout": { "$ref": "#/types/google-native:compute%2Fbeta:DurationResponse", "description": "Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in the HttpRouteAction field. If timeout in the HttpRouteAction field is not set, this field uses the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true." }, "retryConditions": { "type": "array", "items": { "type": "string" }, "description": "Specifies one or more conditions when this retry policy applies. Valid values are: - 5xx: retry is attempted if the instance or endpoint responds with any 5xx response code, or if the instance or endpoint does not respond at all. For example, disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - connect-failure: a retry is attempted on failures connecting to the instance or endpoint. For example, connection timeouts. - retriable-4xx: a retry is attempted if the instance or endpoint responds with a 4xx response code. The only error that you can retry is error code 409. - refused-stream: a retry is attempted if the instance or endpoint resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelled: a retry is attempted if the gRPC status code in the response header is set to cancelled. - deadline-exceeded: a retry is attempted if the gRPC status code in the response header is set to deadline-exceeded. - internal: a retry is attempted if the gRPC status code in the response header is set to internal. - resource-exhausted: a retry is attempted if the gRPC status code in the response header is set to resource-exhausted. - unavailable: a retry is attempted if the gRPC status code in the response header is set to unavailable. Only the following codes are supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true. - cancelled - deadline-exceeded - internal - resource-exhausted - unavailable " } }, "type": "object", "required": [ "numRetries", "perTryTimeout", "retryConditions" ] }, "google-native:compute/beta:HttpRouteAction": { "properties": { "corsPolicy": { "$ref": "#/types/google-native:compute%2Fbeta:CorsPolicy", "description": "The specification for allowing client-side cross-origin requests. For more information about the W3C recommendation for cross-origin resource sharing (CORS), see Fetch API Living Standard. Not supported when the URL map is bound to a target gRPC proxy." }, "faultInjectionPolicy": { "$ref": "#/types/google-native:compute%2Fbeta:HttpFaultInjection", "description": "The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by a load balancer on a percentage of requests before sending those requests to the backend service. Similarly requests from clients can be aborted by the load balancer for a percentage of requests. timeout and retry_policy is ignored by clients that are configured with a fault_injection_policy if: 1. The traffic is generated by fault injection AND 2. The fault injection is not a delay fault injection. Fault injection is not supported with the classic Application Load Balancer . To see which load balancers support fault injection, see Load balancing: Routing and traffic management features." }, "maxStreamDuration": { "$ref": "#/types/google-native:compute%2Fbeta:Duration", "description": "Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (known as *end-of-stream*), the duration in this field is computed from the beginning of the stream until the response has been processed, including all retries. A stream that does not complete in this duration is closed. If not specified, this field uses the maximum maxStreamDuration value among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED." }, "requestMirrorPolicy": { "$ref": "#/types/google-native:compute%2Fbeta:RequestMirrorPolicy", "description": "Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. The load balancer does not wait for responses from the shadow service. Before sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true." }, "retryPolicy": { "$ref": "#/types/google-native:compute%2Fbeta:HttpRetryPolicy", "description": "Specifies the retry policy associated with this route." }, "timeout": { "$ref": "#/types/google-native:compute%2Fbeta:Duration", "description": "Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (known as *end-of-stream*) up until the response has been processed. Timeout includes all retries. If not specified, this field uses the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "urlRewrite": { "$ref": "#/types/google-native:compute%2Fbeta:UrlRewrite", "description": "The spec to modify the URL of the request, before forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for classic Application Load Balancers. Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true." }, "weightedBackendServices": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:WeightedBackendService" }, "description": "A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. After a backend service is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction." } }, "type": "object" }, "google-native:compute/beta:HttpRouteActionResponse": { "properties": { "corsPolicy": { "$ref": "#/types/google-native:compute%2Fbeta:CorsPolicyResponse", "description": "The specification for allowing client-side cross-origin requests. For more information about the W3C recommendation for cross-origin resource sharing (CORS), see Fetch API Living Standard. Not supported when the URL map is bound to a target gRPC proxy." }, "faultInjectionPolicy": { "$ref": "#/types/google-native:compute%2Fbeta:HttpFaultInjectionResponse", "description": "The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by a load balancer on a percentage of requests before sending those requests to the backend service. Similarly requests from clients can be aborted by the load balancer for a percentage of requests. timeout and retry_policy is ignored by clients that are configured with a fault_injection_policy if: 1. The traffic is generated by fault injection AND 2. The fault injection is not a delay fault injection. Fault injection is not supported with the classic Application Load Balancer . To see which load balancers support fault injection, see Load balancing: Routing and traffic management features." }, "maxStreamDuration": { "$ref": "#/types/google-native:compute%2Fbeta:DurationResponse", "description": "Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (known as *end-of-stream*), the duration in this field is computed from the beginning of the stream until the response has been processed, including all retries. A stream that does not complete in this duration is closed. If not specified, this field uses the maximum maxStreamDuration value among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED." }, "requestMirrorPolicy": { "$ref": "#/types/google-native:compute%2Fbeta:RequestMirrorPolicyResponse", "description": "Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. The load balancer does not wait for responses from the shadow service. Before sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true." }, "retryPolicy": { "$ref": "#/types/google-native:compute%2Fbeta:HttpRetryPolicyResponse", "description": "Specifies the retry policy associated with this route." }, "timeout": { "$ref": "#/types/google-native:compute%2Fbeta:DurationResponse", "description": "Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (known as *end-of-stream*) up until the response has been processed. Timeout includes all retries. If not specified, this field uses the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "urlRewrite": { "$ref": "#/types/google-native:compute%2Fbeta:UrlRewriteResponse", "description": "The spec to modify the URL of the request, before forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for classic Application Load Balancers. Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true." }, "weightedBackendServices": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:WeightedBackendServiceResponse" }, "description": "A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. After a backend service is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction." } }, "type": "object", "required": [ "corsPolicy", "faultInjectionPolicy", "maxStreamDuration", "requestMirrorPolicy", "retryPolicy", "timeout", "urlRewrite", "weightedBackendServices" ] }, "google-native:compute/beta:HttpRouteRule": { "description": "The HttpRouteRule setting specifies how to match an HTTP request and the corresponding routing action that load balancing proxies perform.", "properties": { "customErrorResponsePolicy": { "$ref": "#/types/google-native:compute%2Fbeta:CustomErrorResponsePolicy", "description": "customErrorResponsePolicy specifies how the Load Balancer returns error responses when BackendServiceor BackendBucket responds with an error. If a policy for an error code is not configured for the RouteRule, a policy for the error code configured in pathMatcher.defaultCustomErrorResponsePolicy is applied. If one is not specified in pathMatcher.defaultCustomErrorResponsePolicy, the policy configured in UrlMap.defaultCustomErrorResponsePolicy takes effect. For example, consider a UrlMap with the following configuration: - UrlMap.defaultCustomErrorResponsePolicy are configured with policies for 5xx and 4xx errors - A RouteRule for /coming_soon/ is configured for the error code 404. If the request is for www.myotherdomain.com and a 404 is encountered, the policy under UrlMap.defaultCustomErrorResponsePolicy takes effect. If a 404 response is encountered for the request www.example.com/current_events/, the pathMatcher's policy takes effect. If however, the request for www.example.com/coming_soon/ encounters a 404, the policy in RouteRule.customErrorResponsePolicy takes effect. If any of the requests in this example encounter a 500 error code, the policy at UrlMap.defaultCustomErrorResponsePolicy takes effect. When used in conjunction with routeRules.routeAction.retryPolicy, retries take precedence. Only once all retries are exhausted, the customErrorResponsePolicy is applied. While attempting a retry, if load balancer is successful in reaching the service, the customErrorResponsePolicy is ignored and the response from the service is returned to the client. customErrorResponsePolicy is supported only for global external Application Load Balancers." }, "description": { "type": "string", "description": "The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters." }, "headerAction": { "$ref": "#/types/google-native:compute%2Fbeta:HttpHeaderAction", "description": "Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction value specified here is applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction HeaderAction is not supported for load balancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "httpFilterConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:HttpFilterConfig" }, "description": "Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for load balancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "httpFilterMetadata": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:HttpFilterConfig" }, "description": "Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for load balancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "matchRules": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:HttpRouteRuleMatch" }, "description": "The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule." }, "priority": { "type": "integer", "description": "For routeRules within a given pathMatcher, priority determines the order in which a load balancer interprets routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number from 0 to 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules." }, "routeAction": { "$ref": "#/types/google-native:compute%2Fbeta:HttpRouteAction", "description": "In response to a matching matchRule, the load balancer performs advanced routing actions, such as URL rewrites and header transformations, before forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. URL maps for classic Application Load Balancers only support the urlRewrite action within a route rule's routeAction." }, "service": { "type": "string", "description": "The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is also specified, advanced routing actions, such as URL rewrites, take effect before sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set." }, "urlRedirect": { "$ref": "#/types/google-native:compute%2Fbeta:HttpRedirectAction", "description": "When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to a target gRPC proxy." } }, "type": "object" }, "google-native:compute/beta:HttpRouteRuleMatch": { "description": "HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.", "properties": { "fullPathMatch": { "type": "string", "description": "For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be from 1 to 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified." }, "headerMatches": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:HttpHeaderMatch" }, "description": "Specifies a list of header match criteria, all of which must match corresponding headers in the request." }, "ignoreCase": { "type": "boolean", "description": "Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to a target gRPC proxy." }, "metadataFilters": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:MetadataFilter" }, "description": "Opaque filter criteria used by the load balancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to the load balancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadata filters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here is applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to load balancers that have loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "pathTemplateMatch": { "type": "string", "description": "If specified, the route is a pattern match expression that must match the :path header once the query string is removed. A pattern match allows you to match - The value must be between 1 and 1024 characters - The pattern must start with a leading slash (\"/\") - There may be no more than 5 operators in pattern Precisely one of prefix_match, full_path_match, regex_match or path_template_match must be set." }, "prefixMatch": { "type": "string", "description": "For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be from 1 to 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified." }, "queryParameterMatches": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:HttpQueryParameterMatch" }, "description": "Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to a target gRPC proxy." }, "regexMatch": { "type": "string", "description": "For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For more information about regular expression syntax, see Syntax. Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Regular expressions can only be used when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED." } }, "type": "object" }, "google-native:compute/beta:HttpRouteRuleMatchResponse": { "description": "HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.", "properties": { "fullPathMatch": { "type": "string", "description": "For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be from 1 to 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified." }, "headerMatches": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:HttpHeaderMatchResponse" }, "description": "Specifies a list of header match criteria, all of which must match corresponding headers in the request." }, "ignoreCase": { "type": "boolean", "description": "Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to a target gRPC proxy." }, "metadataFilters": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:MetadataFilterResponse" }, "description": "Opaque filter criteria used by the load balancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to the load balancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadata filters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here is applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to load balancers that have loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "pathTemplateMatch": { "type": "string", "description": "If specified, the route is a pattern match expression that must match the :path header once the query string is removed. A pattern match allows you to match - The value must be between 1 and 1024 characters - The pattern must start with a leading slash (\"/\") - There may be no more than 5 operators in pattern Precisely one of prefix_match, full_path_match, regex_match or path_template_match must be set." }, "prefixMatch": { "type": "string", "description": "For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be from 1 to 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified." }, "queryParameterMatches": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:HttpQueryParameterMatchResponse" }, "description": "Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to a target gRPC proxy." }, "regexMatch": { "type": "string", "description": "For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For more information about regular expression syntax, see Syntax. Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Regular expressions can only be used when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED." } }, "type": "object", "required": [ "fullPathMatch", "headerMatches", "ignoreCase", "metadataFilters", "pathTemplateMatch", "prefixMatch", "queryParameterMatches", "regexMatch" ] }, "google-native:compute/beta:HttpRouteRuleResponse": { "description": "The HttpRouteRule setting specifies how to match an HTTP request and the corresponding routing action that load balancing proxies perform.", "properties": { "customErrorResponsePolicy": { "$ref": "#/types/google-native:compute%2Fbeta:CustomErrorResponsePolicyResponse", "description": "customErrorResponsePolicy specifies how the Load Balancer returns error responses when BackendServiceor BackendBucket responds with an error. If a policy for an error code is not configured for the RouteRule, a policy for the error code configured in pathMatcher.defaultCustomErrorResponsePolicy is applied. If one is not specified in pathMatcher.defaultCustomErrorResponsePolicy, the policy configured in UrlMap.defaultCustomErrorResponsePolicy takes effect. For example, consider a UrlMap with the following configuration: - UrlMap.defaultCustomErrorResponsePolicy are configured with policies for 5xx and 4xx errors - A RouteRule for /coming_soon/ is configured for the error code 404. If the request is for www.myotherdomain.com and a 404 is encountered, the policy under UrlMap.defaultCustomErrorResponsePolicy takes effect. If a 404 response is encountered for the request www.example.com/current_events/, the pathMatcher's policy takes effect. If however, the request for www.example.com/coming_soon/ encounters a 404, the policy in RouteRule.customErrorResponsePolicy takes effect. If any of the requests in this example encounter a 500 error code, the policy at UrlMap.defaultCustomErrorResponsePolicy takes effect. When used in conjunction with routeRules.routeAction.retryPolicy, retries take precedence. Only once all retries are exhausted, the customErrorResponsePolicy is applied. While attempting a retry, if load balancer is successful in reaching the service, the customErrorResponsePolicy is ignored and the response from the service is returned to the client. customErrorResponsePolicy is supported only for global external Application Load Balancers." }, "description": { "type": "string", "description": "The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters." }, "headerAction": { "$ref": "#/types/google-native:compute%2Fbeta:HttpHeaderActionResponse", "description": "Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction value specified here is applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction HeaderAction is not supported for load balancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "httpFilterConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:HttpFilterConfigResponse" }, "description": "Outbound route specific configuration for networkservices.HttpFilter resources enabled by Traffic Director. httpFilterConfigs only applies for load balancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "httpFilterMetadata": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:HttpFilterConfigResponse" }, "description": "Outbound route specific metadata supplied to networkservices.HttpFilter resources enabled by Traffic Director. httpFilterMetadata only applies for load balancers with loadBalancingScheme set to INTERNAL_SELF_MANAGED. See ForwardingRule for more details. The only configTypeUrl supported is type.googleapis.com/google.protobuf.Struct Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "matchRules": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:HttpRouteRuleMatchResponse" }, "description": "The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule." }, "priority": { "type": "integer", "description": "For routeRules within a given pathMatcher, priority determines the order in which a load balancer interprets routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number from 0 to 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules." }, "routeAction": { "$ref": "#/types/google-native:compute%2Fbeta:HttpRouteActionResponse", "description": "In response to a matching matchRule, the load balancer performs advanced routing actions, such as URL rewrites and header transformations, before forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. URL maps for classic Application Load Balancers only support the urlRewrite action within a route rule's routeAction." }, "service": { "type": "string", "description": "The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is also specified, advanced routing actions, such as URL rewrites, take effect before sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set." }, "urlRedirect": { "$ref": "#/types/google-native:compute%2Fbeta:HttpRedirectActionResponse", "description": "When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to a target gRPC proxy." } }, "type": "object", "required": [ "customErrorResponsePolicy", "description", "headerAction", "httpFilterConfigs", "httpFilterMetadata", "matchRules", "priority", "routeAction", "service", "urlRedirect" ] }, "google-native:compute/beta:ImageArchitecture": { "description": "The architecture of the image. Valid values are ARM64 or X86_64.", "type": "string", "enum": [ { "name": "ArchitectureUnspecified", "description": "Default value indicating Architecture is not set.", "value": "ARCHITECTURE_UNSPECIFIED" }, { "name": "Arm64", "description": "Machines with architecture ARM64", "value": "ARM64" }, { "name": "X8664", "description": "Machines with architecture X86_64", "value": "X86_64" } ] }, "google-native:compute/beta:ImageRawDisk": { "description": "The parameters of the raw disk image.", "properties": { "containerType": { "$ref": "#/types/google-native:compute%2Fbeta:ImageRawDiskContainerType", "description": "The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created." }, "sha1Checksum": { "type": "string", "description": "[Deprecated] This field is deprecated. An optional SHA1 checksum of the disk image before unpackaging provided by the client when the disk image is created.", "deprecationMessage": "[Deprecated] This field is deprecated. An optional SHA1 checksum of the disk image before unpackaging provided by the client when the disk image is created." }, "source": { "type": "string", "description": "The full Google Cloud Storage URL where the raw disk image archive is stored. The following are valid formats for the URL: - https://storage.googleapis.com/bucket_name/image_archive_name - https://storage.googleapis.com/bucket_name/folder_name/ image_archive_name In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL " } }, "type": "object" }, "google-native:compute/beta:ImageRawDiskContainerType": { "description": "The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created.", "type": "string", "enum": [ { "name": "Tar", "value": "TAR" } ] }, "google-native:compute/beta:ImageRawDiskResponse": { "description": "The parameters of the raw disk image.", "properties": { "containerType": { "type": "string", "description": "The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created." }, "sha1Checksum": { "type": "string", "description": "[Deprecated] This field is deprecated. An optional SHA1 checksum of the disk image before unpackaging provided by the client when the disk image is created.", "deprecationMessage": "[Deprecated] This field is deprecated. An optional SHA1 checksum of the disk image before unpackaging provided by the client when the disk image is created." }, "source": { "type": "string", "description": "The full Google Cloud Storage URL where the raw disk image archive is stored. The following are valid formats for the URL: - https://storage.googleapis.com/bucket_name/image_archive_name - https://storage.googleapis.com/bucket_name/folder_name/ image_archive_name In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL " } }, "type": "object", "required": [ "containerType", "sha1Checksum", "source" ] }, "google-native:compute/beta:ImageSourceType": { "description": "The type of the image used to create this disk. The default and only valid value is RAW.", "type": "string", "enum": [ { "name": "Raw", "value": "RAW" } ] }, "google-native:compute/beta:InitialStateConfig": { "description": "Initial State for shielded instance, these are public keys which are safe to store in public", "properties": { "dbs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:FileContentBuffer" }, "description": "The Key Database (db)." }, "dbxs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:FileContentBuffer" }, "description": "The forbidden key database (dbx)." }, "keks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:FileContentBuffer" }, "description": "The Key Exchange Key (KEK)." }, "pk": { "$ref": "#/types/google-native:compute%2Fbeta:FileContentBuffer", "description": "The Platform Key (PK)." } }, "type": "object" }, "google-native:compute/beta:InitialStateConfigResponse": { "description": "Initial State for shielded instance, these are public keys which are safe to store in public", "properties": { "dbs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:FileContentBufferResponse" }, "description": "The Key Database (db)." }, "dbxs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:FileContentBufferResponse" }, "description": "The forbidden key database (dbx)." }, "keks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:FileContentBufferResponse" }, "description": "The Key Exchange Key (KEK)." }, "pk": { "$ref": "#/types/google-native:compute%2Fbeta:FileContentBufferResponse", "description": "The Platform Key (PK)." } }, "type": "object", "required": [ "dbs", "dbxs", "keks", "pk" ] }, "google-native:compute/beta:InstanceGroupManagerActionsSummaryResponse": { "properties": { "abandoning": { "type": "integer", "description": "The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it." }, "creating": { "type": "integer", "description": "The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated." }, "creatingWithoutRetries": { "type": "integer", "description": "The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly." }, "deleting": { "type": "integer", "description": "The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted." }, "none": { "type": "integer", "description": "The number of instances in the managed instance group that are running and have no scheduled actions." }, "recreating": { "type": "integer", "description": "The number of instances in the managed instance group that are scheduled to be recreated or are currently being being recreated. Recreating an instance deletes the existing root persistent disk and creates a new disk from the image that is defined in the instance template." }, "refreshing": { "type": "integer", "description": "The number of instances in the managed instance group that are being reconfigured with properties that do not require a restart or a recreate action. For example, setting or removing target pools for the instance." }, "restarting": { "type": "integer", "description": "The number of instances in the managed instance group that are scheduled to be restarted or are currently being restarted." }, "resuming": { "type": "integer", "description": "The number of instances in the managed instance group that are scheduled to be resumed or are currently being resumed." }, "starting": { "type": "integer", "description": "The number of instances in the managed instance group that are scheduled to be started or are currently being started." }, "stopping": { "type": "integer", "description": "The number of instances in the managed instance group that are scheduled to be stopped or are currently being stopped." }, "suspending": { "type": "integer", "description": "The number of instances in the managed instance group that are scheduled to be suspended or are currently being suspended." }, "verifying": { "type": "integer", "description": "The number of instances in the managed instance group that are being verified. See the managedInstances[].currentAction property in the listManagedInstances method documentation." } }, "type": "object", "required": [ "abandoning", "creating", "creatingWithoutRetries", "deleting", "none", "recreating", "refreshing", "restarting", "resuming", "starting", "stopping", "suspending", "verifying" ] }, "google-native:compute/beta:InstanceGroupManagerAllInstancesConfig": { "properties": { "properties": { "$ref": "#/types/google-native:compute%2Fbeta:InstancePropertiesPatch", "description": "Properties to set on all instances in the group. You can add or modify properties using the instanceGroupManagers.patch or regionInstanceGroupManagers.patch. After setting allInstancesConfig on the group, you must update the group's instances to apply the configuration. To apply the configuration, set the group's updatePolicy.type field to use proactive updates or use the applyUpdatesToInstances method." } }, "type": "object" }, "google-native:compute/beta:InstanceGroupManagerAllInstancesConfigResponse": { "properties": { "properties": { "$ref": "#/types/google-native:compute%2Fbeta:InstancePropertiesPatchResponse", "description": "Properties to set on all instances in the group. You can add or modify properties using the instanceGroupManagers.patch or regionInstanceGroupManagers.patch. After setting allInstancesConfig on the group, you must update the group's instances to apply the configuration. To apply the configuration, set the group's updatePolicy.type field to use proactive updates or use the applyUpdatesToInstances method." } }, "type": "object", "required": [ "properties" ] }, "google-native:compute/beta:InstanceGroupManagerAutoHealingPolicy": { "properties": { "healthCheck": { "type": "string", "description": "The URL for the health check that signals autohealing." }, "initialDelaySec": { "type": "integer", "description": "The initial delay is the number of seconds that a new VM takes to initialize and run its startup script. During a VM's initial delay period, the MIG ignores unsuccessful health checks because the VM might be in the startup process. This prevents the MIG from prematurely recreating a VM. If the health check receives a healthy response during the initial delay, it indicates that the startup process is complete and the VM is ready. The value of initial delay must be between 0 and 3600 seconds. The default value is 0." } }, "type": "object" }, "google-native:compute/beta:InstanceGroupManagerAutoHealingPolicyResponse": { "properties": { "healthCheck": { "type": "string", "description": "The URL for the health check that signals autohealing." }, "initialDelaySec": { "type": "integer", "description": "The initial delay is the number of seconds that a new VM takes to initialize and run its startup script. During a VM's initial delay period, the MIG ignores unsuccessful health checks because the VM might be in the startup process. This prevents the MIG from prematurely recreating a VM. If the health check receives a healthy response during the initial delay, it indicates that the startup process is complete and the VM is ready. The value of initial delay must be between 0 and 3600 seconds. The default value is 0." } }, "type": "object", "required": [ "healthCheck", "initialDelaySec" ] }, "google-native:compute/beta:InstanceGroupManagerFailoverAction": { "description": "The action to perform in case of zone failure. Only one value is supported, NO_FAILOVER. The default is NO_FAILOVER.", "type": "string", "enum": [ { "name": "NoFailover", "value": "NO_FAILOVER" }, { "name": "Unknown", "value": "UNKNOWN" } ] }, "google-native:compute/beta:InstanceGroupManagerInstanceFlexibilityPolicy": { "properties": { "instanceSelectionLists": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Named instance selections configuring properties that the group will use when creating new VMs." } }, "type": "object" }, "google-native:compute/beta:InstanceGroupManagerInstanceFlexibilityPolicyResponse": { "properties": { "instanceSelectionLists": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Named instance selections configuring properties that the group will use when creating new VMs." } }, "type": "object", "required": [ "instanceSelectionLists" ] }, "google-native:compute/beta:InstanceGroupManagerInstanceLifecyclePolicy": { "properties": { "defaultActionOnFailure": { "$ref": "#/types/google-native:compute%2Fbeta:InstanceGroupManagerInstanceLifecyclePolicyDefaultActionOnFailure", "description": "The action that a MIG performs on a failed or an unhealthy VM. A VM is marked as unhealthy when the application running on that VM fails a health check. Valid values are - REPAIR (default): MIG automatically repairs a failed or an unhealthy VM by recreating it. For more information, see About repairing VMs in a MIG. - DO_NOTHING: MIG does not repair a failed or an unhealthy VM. " }, "forceUpdateOnRepair": { "$ref": "#/types/google-native:compute%2Fbeta:InstanceGroupManagerInstanceLifecyclePolicyForceUpdateOnRepair", "description": "A bit indicating whether to forcefully apply the group's latest configuration when repairing a VM. Valid options are: - NO (default): If configuration updates are available, they are not forcefully applied during repair. Instead, configuration updates are applied according to the group's update policy. - YES: If configuration updates are available, they are applied during repair. " } }, "type": "object" }, "google-native:compute/beta:InstanceGroupManagerInstanceLifecyclePolicyDefaultActionOnFailure": { "description": "The action that a MIG performs on a failed or an unhealthy VM. A VM is marked as unhealthy when the application running on that VM fails a health check. Valid values are - REPAIR (default): MIG automatically repairs a failed or an unhealthy VM by recreating it. For more information, see About repairing VMs in a MIG. - DO_NOTHING: MIG does not repair a failed or an unhealthy VM. ", "type": "string", "enum": [ { "name": "Delete", "description": "MIG deletes a failed or an unhealthy VM. Deleting the VM decreases the target size of the MIG.", "value": "DELETE" }, { "name": "DoNothing", "description": "MIG does not repair a failed or an unhealthy VM.", "value": "DO_NOTHING" }, { "name": "Repair", "description": "(Default) MIG automatically repairs a failed or an unhealthy VM by recreating it. For more information, see About repairing VMs in a MIG.", "value": "REPAIR" } ] }, "google-native:compute/beta:InstanceGroupManagerInstanceLifecyclePolicyForceUpdateOnRepair": { "description": "A bit indicating whether to forcefully apply the group's latest configuration when repairing a VM. Valid options are: - NO (default): If configuration updates are available, they are not forcefully applied during repair. Instead, configuration updates are applied according to the group's update policy. - YES: If configuration updates are available, they are applied during repair. ", "type": "string", "enum": [ { "name": "No", "value": "NO" }, { "name": "Yes", "value": "YES" } ] }, "google-native:compute/beta:InstanceGroupManagerInstanceLifecyclePolicyResponse": { "properties": { "defaultActionOnFailure": { "type": "string", "description": "The action that a MIG performs on a failed or an unhealthy VM. A VM is marked as unhealthy when the application running on that VM fails a health check. Valid values are - REPAIR (default): MIG automatically repairs a failed or an unhealthy VM by recreating it. For more information, see About repairing VMs in a MIG. - DO_NOTHING: MIG does not repair a failed or an unhealthy VM. " }, "forceUpdateOnRepair": { "type": "string", "description": "A bit indicating whether to forcefully apply the group's latest configuration when repairing a VM. Valid options are: - NO (default): If configuration updates are available, they are not forcefully applied during repair. Instead, configuration updates are applied according to the group's update policy. - YES: If configuration updates are available, they are applied during repair. " } }, "type": "object", "required": [ "defaultActionOnFailure", "forceUpdateOnRepair" ] }, "google-native:compute/beta:InstanceGroupManagerListManagedInstancesResults": { "description": "Pagination behavior of the listManagedInstances API method for this managed instance group.", "type": "string", "enum": [ { "name": "Pageless", "description": "(Default) Pagination is disabled for the group's listManagedInstances API method. maxResults and pageToken query parameters are ignored and all instances are returned in a single response.", "value": "PAGELESS" }, { "name": "Paginated", "description": "Pagination is enabled for the group's listManagedInstances API method. maxResults and pageToken query parameters are respected.", "value": "PAGINATED" } ] }, "google-native:compute/beta:InstanceGroupManagerResizeRequestStatusErrorErrorsItemErrorDetailsItemResponse": { "properties": { "errorInfo": { "$ref": "#/types/google-native:compute%2Fbeta:ErrorInfoResponse" }, "help": { "$ref": "#/types/google-native:compute%2Fbeta:HelpResponse" }, "localizedMessage": { "$ref": "#/types/google-native:compute%2Fbeta:LocalizedMessageResponse" }, "quotaInfo": { "$ref": "#/types/google-native:compute%2Fbeta:QuotaExceededInfoResponse" } }, "type": "object", "required": [ "errorInfo", "help", "localizedMessage", "quotaInfo" ] }, "google-native:compute/beta:InstanceGroupManagerResizeRequestStatusErrorErrorsItemResponse": { "properties": { "code": { "type": "string", "description": "The error type identifier for this error." }, "errorDetails": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:InstanceGroupManagerResizeRequestStatusErrorErrorsItemErrorDetailsItemResponse" }, "description": "An optional list of messages that contain the error details. There is a set of defined message types to use for providing details.The syntax depends on the error code. For example, QuotaExceededInfo will have details when the error code is QUOTA_EXCEEDED." }, "location": { "type": "string", "description": "Indicates the field in the request that caused the error. This property is optional." }, "message": { "type": "string", "description": "An optional, human-readable error message." } }, "type": "object", "required": [ "code", "errorDetails", "location", "message" ] }, "google-native:compute/beta:InstanceGroupManagerResizeRequestStatusErrorResponse": { "description": "Errors encountered during the queueing or provisioning phases of the ResizeRequest.", "properties": { "errors": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:InstanceGroupManagerResizeRequestStatusErrorErrorsItemResponse" }, "description": "The array of errors encountered while processing this operation." } }, "type": "object", "required": [ "errors" ] }, "google-native:compute/beta:InstanceGroupManagerResizeRequestStatusResponse": { "properties": { "error": { "$ref": "#/types/google-native:compute%2Fbeta:InstanceGroupManagerResizeRequestStatusErrorResponse", "description": "Errors encountered during the queueing or provisioning phases of the ResizeRequest." } }, "type": "object", "required": [ "error" ] }, "google-native:compute/beta:InstanceGroupManagerStandbyPolicy": { "properties": { "initialDelaySec": { "type": "integer" }, "mode": { "$ref": "#/types/google-native:compute%2Fbeta:InstanceGroupManagerStandbyPolicyMode", "description": "Defines behaviour of using instances from standby pool to resize MIG." } }, "type": "object" }, "google-native:compute/beta:InstanceGroupManagerStandbyPolicyMode": { "description": "Defines behaviour of using instances from standby pool to resize MIG.", "type": "string", "enum": [ { "name": "Manual", "description": "MIG does not automatically stop/start or suspend/resume VMs.", "value": "MANUAL" }, { "name": "ScaleOutPool", "description": "MIG automatically resumes and starts VMs when it scales out, and replenishes the standby pool afterwards.", "value": "SCALE_OUT_POOL" } ] }, "google-native:compute/beta:InstanceGroupManagerStandbyPolicyResponse": { "properties": { "initialDelaySec": { "type": "integer" }, "mode": { "type": "string", "description": "Defines behaviour of using instances from standby pool to resize MIG." } }, "type": "object", "required": [ "initialDelaySec", "mode" ] }, "google-native:compute/beta:InstanceGroupManagerStatusAllInstancesConfigResponse": { "properties": { "currentRevision": { "type": "string", "description": "Current all-instances configuration revision. This value is in RFC3339 text format." }, "effective": { "type": "boolean", "description": "A bit indicating whether this configuration has been applied to all managed instances in the group." } }, "type": "object", "required": [ "currentRevision", "effective" ] }, "google-native:compute/beta:InstanceGroupManagerStatusResponse": { "properties": { "allInstancesConfig": { "$ref": "#/types/google-native:compute%2Fbeta:InstanceGroupManagerStatusAllInstancesConfigResponse", "description": "[Output only] Status of all-instances configuration on the group." }, "autoscaler": { "type": "string", "description": "The URL of the Autoscaler that targets this instance group manager." }, "isStable": { "type": "boolean", "description": "A bit indicating whether the managed instance group is in a stable state. A stable state means that: none of the instances in the managed instance group is currently undergoing any type of change (for example, creation, restart, or deletion); no future changes are scheduled for instances in the managed instance group; and the managed instance group itself is not being modified." }, "stateful": { "$ref": "#/types/google-native:compute%2Fbeta:InstanceGroupManagerStatusStatefulResponse", "description": "Stateful status of the given Instance Group Manager." }, "versionTarget": { "$ref": "#/types/google-native:compute%2Fbeta:InstanceGroupManagerStatusVersionTargetResponse", "description": "A status of consistency of Instances' versions with their target version specified by version field on Instance Group Manager." } }, "type": "object", "required": [ "allInstancesConfig", "autoscaler", "isStable", "stateful", "versionTarget" ] }, "google-native:compute/beta:InstanceGroupManagerStatusStatefulPerInstanceConfigsResponse": { "properties": { "allEffective": { "type": "boolean", "description": "A bit indicating if all of the group's per-instance configurations (listed in the output of a listPerInstanceConfigs API call) have status EFFECTIVE or there are no per-instance-configs." } }, "type": "object", "required": [ "allEffective" ] }, "google-native:compute/beta:InstanceGroupManagerStatusStatefulResponse": { "properties": { "hasStatefulConfig": { "type": "boolean", "description": "A bit indicating whether the managed instance group has stateful configuration, that is, if you have configured any items in a stateful policy or in per-instance configs. The group might report that it has no stateful configuration even when there is still some preserved state on a managed instance, for example, if you have deleted all PICs but not yet applied those deletions." }, "isStateful": { "type": "boolean", "description": "A bit indicating whether the managed instance group has stateful configuration, that is, if you have configured any items in a stateful policy or in per-instance configs. The group might report that it has no stateful configuration even when there is still some preserved state on a managed instance, for example, if you have deleted all PICs but not yet applied those deletions. This field is deprecated in favor of has_stateful_config.", "deprecationMessage": "[Output Only] A bit indicating whether the managed instance group has stateful configuration, that is, if you have configured any items in a stateful policy or in per-instance configs. The group might report that it has no stateful configuration even when there is still some preserved state on a managed instance, for example, if you have deleted all PICs but not yet applied those deletions. This field is deprecated in favor of has_stateful_config." }, "perInstanceConfigs": { "$ref": "#/types/google-native:compute%2Fbeta:InstanceGroupManagerStatusStatefulPerInstanceConfigsResponse", "description": "Status of per-instance configurations on the instance." } }, "type": "object", "required": [ "hasStatefulConfig", "isStateful", "perInstanceConfigs" ] }, "google-native:compute/beta:InstanceGroupManagerStatusVersionTargetResponse": { "properties": { "isReached": { "type": "boolean", "description": "A bit indicating whether version target has been reached in this managed instance group, i.e. all instances are in their target version. Instances' target version are specified by version field on Instance Group Manager." } }, "type": "object", "required": [ "isReached" ] }, "google-native:compute/beta:InstanceGroupManagerUpdatePolicy": { "properties": { "instanceRedistributionType": { "$ref": "#/types/google-native:compute%2Fbeta:InstanceGroupManagerUpdatePolicyInstanceRedistributionType", "description": "The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled. " }, "maxSurge": { "$ref": "#/types/google-native:compute%2Fbeta:FixedOrPercent", "description": "The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge." }, "maxUnavailable": { "$ref": "#/types/google-native:compute%2Fbeta:FixedOrPercent", "description": "The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable." }, "minReadySec": { "type": "integer", "description": "Minimum number of seconds to wait for after a newly created instance becomes available. This value must be from range [0, 3600]." }, "minimalAction": { "$ref": "#/types/google-native:compute%2Fbeta:InstanceGroupManagerUpdatePolicyMinimalAction", "description": "Minimal action to be taken on an instance. Use this option to minimize disruption as much as possible or to apply a more disruptive action than is necessary. - To limit disruption as much as possible, set the minimal action to REFRESH. If your update requires a more disruptive action, Compute Engine performs the necessary action to execute the update. - To apply a more disruptive action than is strictly necessary, set the minimal action to RESTART or REPLACE. For example, Compute Engine does not need to restart a VM to change its metadata. But if your application reads instance metadata only when a VM is restarted, you can set the minimal action to RESTART in order to pick up metadata changes. " }, "mostDisruptiveAllowedAction": { "$ref": "#/types/google-native:compute%2Fbeta:InstanceGroupManagerUpdatePolicyMostDisruptiveAllowedAction", "description": "Most disruptive action that is allowed to be taken on an instance. You can specify either NONE to forbid any actions, REFRESH to avoid restarting the VM and to limit disruption as much as possible. RESTART to allow actions that can be applied without instance replacing or REPLACE to allow all possible actions. If the Updater determines that the minimal update action needed is more disruptive than most disruptive allowed action you specify it will not perform the update at all." }, "replacementMethod": { "$ref": "#/types/google-native:compute%2Fbeta:InstanceGroupManagerUpdatePolicyReplacementMethod", "description": "What action should be used to replace instances. See minimal_action.REPLACE" }, "type": { "$ref": "#/types/google-native:compute%2Fbeta:InstanceGroupManagerUpdatePolicyType", "description": "The type of update process. You can specify either PROACTIVE so that the MIG automatically updates VMs to the latest configurations or OPPORTUNISTIC so that you can select the VMs that you want to update." } }, "type": "object" }, "google-native:compute/beta:InstanceGroupManagerUpdatePolicyInstanceRedistributionType": { "description": "The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled. ", "type": "string", "enum": [ { "name": "None", "description": "No action is being proactively performed in order to bring this IGM to its target instance distribution.", "value": "NONE" }, { "name": "Proactive", "description": "This IGM will actively converge to its target instance distribution.", "value": "PROACTIVE" } ] }, "google-native:compute/beta:InstanceGroupManagerUpdatePolicyMinimalAction": { "description": "Minimal action to be taken on an instance. Use this option to minimize disruption as much as possible or to apply a more disruptive action than is necessary. - To limit disruption as much as possible, set the minimal action to REFRESH. If your update requires a more disruptive action, Compute Engine performs the necessary action to execute the update. - To apply a more disruptive action than is strictly necessary, set the minimal action to RESTART or REPLACE. For example, Compute Engine does not need to restart a VM to change its metadata. But if your application reads instance metadata only when a VM is restarted, you can set the minimal action to RESTART in order to pick up metadata changes. ", "type": "string", "enum": [ { "name": "None", "description": "Do not perform any action.", "value": "NONE" }, { "name": "Refresh", "description": "Do not stop the instance.", "value": "REFRESH" }, { "name": "Replace", "description": "(Default.) Replace the instance according to the replacement method option.", "value": "REPLACE" }, { "name": "Restart", "description": "Stop the instance and start it again.", "value": "RESTART" } ] }, "google-native:compute/beta:InstanceGroupManagerUpdatePolicyMostDisruptiveAllowedAction": { "description": "Most disruptive action that is allowed to be taken on an instance. You can specify either NONE to forbid any actions, REFRESH to avoid restarting the VM and to limit disruption as much as possible. RESTART to allow actions that can be applied without instance replacing or REPLACE to allow all possible actions. If the Updater determines that the minimal update action needed is more disruptive than most disruptive allowed action you specify it will not perform the update at all.", "type": "string", "enum": [ { "name": "None", "description": "Do not perform any action.", "value": "NONE" }, { "name": "Refresh", "description": "Do not stop the instance.", "value": "REFRESH" }, { "name": "Replace", "description": "(Default.) Replace the instance according to the replacement method option.", "value": "REPLACE" }, { "name": "Restart", "description": "Stop the instance and start it again.", "value": "RESTART" } ] }, "google-native:compute/beta:InstanceGroupManagerUpdatePolicyReplacementMethod": { "description": "What action should be used to replace instances. See minimal_action.REPLACE", "type": "string", "enum": [ { "name": "Recreate", "description": "Instances will be recreated (with the same name)", "value": "RECREATE" }, { "name": "Substitute", "description": "Default option: instances will be deleted and created (with a new name)", "value": "SUBSTITUTE" } ] }, "google-native:compute/beta:InstanceGroupManagerUpdatePolicyResponse": { "properties": { "instanceRedistributionType": { "type": "string", "description": "The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled. " }, "maxSurge": { "$ref": "#/types/google-native:compute%2Fbeta:FixedOrPercentResponse", "description": "The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge." }, "maxUnavailable": { "$ref": "#/types/google-native:compute%2Fbeta:FixedOrPercentResponse", "description": "The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable." }, "minReadySec": { "type": "integer", "description": "Minimum number of seconds to wait for after a newly created instance becomes available. This value must be from range [0, 3600]." }, "minimalAction": { "type": "string", "description": "Minimal action to be taken on an instance. Use this option to minimize disruption as much as possible or to apply a more disruptive action than is necessary. - To limit disruption as much as possible, set the minimal action to REFRESH. If your update requires a more disruptive action, Compute Engine performs the necessary action to execute the update. - To apply a more disruptive action than is strictly necessary, set the minimal action to RESTART or REPLACE. For example, Compute Engine does not need to restart a VM to change its metadata. But if your application reads instance metadata only when a VM is restarted, you can set the minimal action to RESTART in order to pick up metadata changes. " }, "mostDisruptiveAllowedAction": { "type": "string", "description": "Most disruptive action that is allowed to be taken on an instance. You can specify either NONE to forbid any actions, REFRESH to avoid restarting the VM and to limit disruption as much as possible. RESTART to allow actions that can be applied without instance replacing or REPLACE to allow all possible actions. If the Updater determines that the minimal update action needed is more disruptive than most disruptive allowed action you specify it will not perform the update at all." }, "replacementMethod": { "type": "string", "description": "What action should be used to replace instances. See minimal_action.REPLACE" }, "type": { "type": "string", "description": "The type of update process. You can specify either PROACTIVE so that the MIG automatically updates VMs to the latest configurations or OPPORTUNISTIC so that you can select the VMs that you want to update." } }, "type": "object", "required": [ "instanceRedistributionType", "maxSurge", "maxUnavailable", "minReadySec", "minimalAction", "mostDisruptiveAllowedAction", "replacementMethod", "type" ] }, "google-native:compute/beta:InstanceGroupManagerUpdatePolicyType": { "description": "The type of update process. You can specify either PROACTIVE so that the MIG automatically updates VMs to the latest configurations or OPPORTUNISTIC so that you can select the VMs that you want to update.", "type": "string", "enum": [ { "name": "Opportunistic", "description": "MIG will apply new configurations to existing VMs only when you selectively target specific or all VMs to be updated.", "value": "OPPORTUNISTIC" }, { "name": "Proactive", "description": "MIG will automatically apply new configurations to all or a subset of existing VMs and also to new VMs that are added to the group.", "value": "PROACTIVE" } ] }, "google-native:compute/beta:InstanceGroupManagerVersion": { "properties": { "instanceTemplate": { "type": "string", "description": "The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached." }, "name": { "type": "string", "description": "Name of the version. Unique among all versions in the scope of this managed instance group." }, "targetSize": { "$ref": "#/types/google-native:compute%2Fbeta:FixedOrPercent", "description": "Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information." } }, "type": "object" }, "google-native:compute/beta:InstanceGroupManagerVersionResponse": { "properties": { "instanceTemplate": { "type": "string", "description": "The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached." }, "name": { "type": "string", "description": "Name of the version. Unique among all versions in the scope of this managed instance group." }, "targetSize": { "$ref": "#/types/google-native:compute%2Fbeta:FixedOrPercentResponse", "description": "Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information." } }, "type": "object", "required": [ "instanceTemplate", "name", "targetSize" ] }, "google-native:compute/beta:InstanceKeyRevocationActionType": { "description": "KeyRevocationActionType of the instance. Supported options are \"STOP\" and \"NONE\". The default value is \"NONE\" if it is not specified.", "type": "string", "enum": [ { "name": "KeyRevocationActionTypeUnspecified", "description": "Default value. This value is unused.", "value": "KEY_REVOCATION_ACTION_TYPE_UNSPECIFIED" }, { "name": "None", "description": "Indicates user chose no operation.", "value": "NONE" }, { "name": "Stop", "description": "Indicates user chose to opt for VM shutdown on key revocation.", "value": "STOP" } ] }, "google-native:compute/beta:InstanceParams": { "description": "Additional instance params.", "properties": { "resourceManagerTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource manager tags to be bound to the instance. Tag keys and values have the same definition as resource manager tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values are in the format `tagValues/456`. The field is ignored (both PUT & PATCH) when empty." } }, "type": "object" }, "google-native:compute/beta:InstanceParamsResponse": { "description": "Additional instance params.", "properties": { "resourceManagerTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource manager tags to be bound to the instance. Tag keys and values have the same definition as resource manager tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values are in the format `tagValues/456`. The field is ignored (both PUT & PATCH) when empty." } }, "type": "object", "required": [ "resourceManagerTags" ] }, "google-native:compute/beta:InstancePostKeyRevocationActionType": { "description": "PostKeyRevocationActionType of the instance.", "type": "string", "enum": [ { "name": "Noop", "description": "Indicates user chose no operation.", "value": "NOOP" }, { "name": "PostKeyRevocationActionTypeUnspecified", "description": "Default value. This value is unused.", "value": "POST_KEY_REVOCATION_ACTION_TYPE_UNSPECIFIED" }, { "name": "Shutdown", "description": "Indicates user chose to opt for VM shutdown on key revocation.", "value": "SHUTDOWN" } ] }, "google-native:compute/beta:InstancePrivateIpv6GoogleAccess": { "description": "The private IPv6 google access type for the VM. If not specified, use INHERIT_FROM_SUBNETWORK as default.", "type": "string", "enum": [ { "name": "EnableBidirectionalAccessToGoogle", "description": "Bidirectional private IPv6 access to/from Google services. If specified, the subnetwork who is attached to the instance's default network interface will be assigned an internal IPv6 prefix if it doesn't have before.", "value": "ENABLE_BIDIRECTIONAL_ACCESS_TO_GOOGLE" }, { "name": "EnableOutboundVmAccessToGoogle", "description": "Outbound private IPv6 access from VMs in this subnet to Google services. If specified, the subnetwork who is attached to the instance's default network interface will be assigned an internal IPv6 prefix if it doesn't have before.", "value": "ENABLE_OUTBOUND_VM_ACCESS_TO_GOOGLE" }, { "name": "InheritFromSubnetwork", "description": "Each network interface inherits PrivateIpv6GoogleAccess from its subnetwork.", "value": "INHERIT_FROM_SUBNETWORK" } ] }, "google-native:compute/beta:InstanceProperties": { "properties": { "advancedMachineFeatures": { "$ref": "#/types/google-native:compute%2Fbeta:AdvancedMachineFeatures", "description": "Controls for advanced machine-related behavior features. Note that for MachineImage, this is not supported yet." }, "canIpForward": { "type": "boolean", "description": "Enables instances created based on these properties to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information." }, "confidentialInstanceConfig": { "$ref": "#/types/google-native:compute%2Fbeta:ConfidentialInstanceConfig", "description": "Specifies the Confidential Instance options. Note that for MachineImage, this is not supported yet." }, "description": { "type": "string", "description": "An optional text description for the instances that are created from these properties." }, "disks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:AttachedDisk" }, "description": "An array of disks that are associated with the instances that are created from these properties." }, "displayDevice": { "$ref": "#/types/google-native:compute%2Fbeta:DisplayDevice", "description": "Display Device properties to enable support for remote display products like: Teradici, VNC and TeamViewer Note that for MachineImage, this is not supported yet." }, "guestAccelerators": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:AcceleratorConfig" }, "description": "A list of guest accelerator cards' type and count to use for instances created from these properties." }, "keyRevocationActionType": { "$ref": "#/types/google-native:compute%2Fbeta:InstancePropertiesKeyRevocationActionType", "description": "KeyRevocationActionType of the instance. Supported options are \"STOP\" and \"NONE\". The default value is \"NONE\" if it is not specified." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels to apply to instances that are created from these properties." }, "machineType": { "type": "string", "description": "The machine type to use for instances that are created from these properties." }, "metadata": { "$ref": "#/types/google-native:compute%2Fbeta:Metadata", "description": "The metadata key/value pairs to assign to instances that are created from these properties. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information." }, "minCpuPlatform": { "type": "string", "description": "Minimum cpu/platform to be used by instances. The instance may be scheduled on the specified or newer cpu/platform. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: \"Intel Haswell\" or minCpuPlatform: \"Intel Sandy Bridge\". For more information, read Specifying a Minimum CPU Platform." }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:NetworkInterface" }, "description": "An array of network access configurations for this interface." }, "networkPerformanceConfig": { "$ref": "#/types/google-native:compute%2Fbeta:NetworkPerformanceConfig", "description": "Note that for MachineImage, this is not supported yet." }, "postKeyRevocationActionType": { "$ref": "#/types/google-native:compute%2Fbeta:InstancePropertiesPostKeyRevocationActionType", "description": "PostKeyRevocationActionType of the instance." }, "privateIpv6GoogleAccess": { "$ref": "#/types/google-native:compute%2Fbeta:InstancePropertiesPrivateIpv6GoogleAccess", "description": "The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default. Note that for MachineImage, this is not supported yet." }, "reservationAffinity": { "$ref": "#/types/google-native:compute%2Fbeta:ReservationAffinity", "description": "Specifies the reservations that instances can consume from. Note that for MachineImage, this is not supported yet." }, "resourceManagerTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource manager tags to be bound to the instance. Tag keys and values have the same definition as resource manager tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values are in the format `tagValues/456`. The field is ignored (both PUT & PATCH) when empty." }, "resourcePolicies": { "type": "array", "items": { "type": "string" }, "description": "Resource policies (names, not URLs) applied to instances created from these properties. Note that for MachineImage, this is not supported yet." }, "scheduling": { "$ref": "#/types/google-native:compute%2Fbeta:Scheduling", "description": "Specifies the scheduling options for the instances that are created from these properties." }, "serviceAccounts": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:ServiceAccount" }, "description": "A list of service accounts with specified scopes. Access tokens for these service accounts are available to the instances that are created from these properties. Use metadata queries to obtain the access tokens for these instances." }, "shieldedInstanceConfig": { "$ref": "#/types/google-native:compute%2Fbeta:ShieldedInstanceConfig", "description": "Note that for MachineImage, this is not supported yet." }, "shieldedVmConfig": { "$ref": "#/types/google-native:compute%2Fbeta:ShieldedVmConfig", "description": "Specifies the Shielded VM options for the instances that are created from these properties." }, "tags": { "$ref": "#/types/google-native:compute%2Fbeta:Tags", "description": "A list of tags to apply to the instances that are created from these properties. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035." } }, "type": "object" }, "google-native:compute/beta:InstancePropertiesKeyRevocationActionType": { "description": "KeyRevocationActionType of the instance. Supported options are \"STOP\" and \"NONE\". The default value is \"NONE\" if it is not specified.", "type": "string", "enum": [ { "name": "KeyRevocationActionTypeUnspecified", "description": "Default value. This value is unused.", "value": "KEY_REVOCATION_ACTION_TYPE_UNSPECIFIED" }, { "name": "None", "description": "Indicates user chose no operation.", "value": "NONE" }, { "name": "Stop", "description": "Indicates user chose to opt for VM shutdown on key revocation.", "value": "STOP" } ] }, "google-native:compute/beta:InstancePropertiesPatch": { "description": "Represents the change that you want to make to the instance properties.", "properties": { "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The label key-value pairs that you want to patch onto the instance." }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The metadata key-value pairs that you want to patch onto the instance. For more information, see Project and instance metadata." } }, "type": "object" }, "google-native:compute/beta:InstancePropertiesPatchResponse": { "description": "Represents the change that you want to make to the instance properties.", "properties": { "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The label key-value pairs that you want to patch onto the instance." }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The metadata key-value pairs that you want to patch onto the instance. For more information, see Project and instance metadata." } }, "type": "object", "required": [ "labels", "metadata" ] }, "google-native:compute/beta:InstancePropertiesPostKeyRevocationActionType": { "description": "PostKeyRevocationActionType of the instance.", "type": "string", "enum": [ { "name": "Noop", "description": "Indicates user chose no operation.", "value": "NOOP" }, { "name": "PostKeyRevocationActionTypeUnspecified", "description": "Default value. This value is unused.", "value": "POST_KEY_REVOCATION_ACTION_TYPE_UNSPECIFIED" }, { "name": "Shutdown", "description": "Indicates user chose to opt for VM shutdown on key revocation.", "value": "SHUTDOWN" } ] }, "google-native:compute/beta:InstancePropertiesPrivateIpv6GoogleAccess": { "description": "The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default. Note that for MachineImage, this is not supported yet.", "type": "string", "enum": [ { "name": "EnableBidirectionalAccessToGoogle", "description": "Bidirectional private IPv6 access to/from Google services. If specified, the subnetwork who is attached to the instance's default network interface will be assigned an internal IPv6 prefix if it doesn't have before.", "value": "ENABLE_BIDIRECTIONAL_ACCESS_TO_GOOGLE" }, { "name": "EnableOutboundVmAccessToGoogle", "description": "Outbound private IPv6 access from VMs in this subnet to Google services. If specified, the subnetwork who is attached to the instance's default network interface will be assigned an internal IPv6 prefix if it doesn't have before.", "value": "ENABLE_OUTBOUND_VM_ACCESS_TO_GOOGLE" }, { "name": "InheritFromSubnetwork", "description": "Each network interface inherits PrivateIpv6GoogleAccess from its subnetwork.", "value": "INHERIT_FROM_SUBNETWORK" } ] }, "google-native:compute/beta:InstancePropertiesResponse": { "properties": { "advancedMachineFeatures": { "$ref": "#/types/google-native:compute%2Fbeta:AdvancedMachineFeaturesResponse", "description": "Controls for advanced machine-related behavior features. Note that for MachineImage, this is not supported yet." }, "canIpForward": { "type": "boolean", "description": "Enables instances created based on these properties to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information." }, "confidentialInstanceConfig": { "$ref": "#/types/google-native:compute%2Fbeta:ConfidentialInstanceConfigResponse", "description": "Specifies the Confidential Instance options. Note that for MachineImage, this is not supported yet." }, "description": { "type": "string", "description": "An optional text description for the instances that are created from these properties." }, "disks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:AttachedDiskResponse" }, "description": "An array of disks that are associated with the instances that are created from these properties." }, "displayDevice": { "$ref": "#/types/google-native:compute%2Fbeta:DisplayDeviceResponse", "description": "Display Device properties to enable support for remote display products like: Teradici, VNC and TeamViewer Note that for MachineImage, this is not supported yet." }, "guestAccelerators": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:AcceleratorConfigResponse" }, "description": "A list of guest accelerator cards' type and count to use for instances created from these properties." }, "keyRevocationActionType": { "type": "string", "description": "KeyRevocationActionType of the instance. Supported options are \"STOP\" and \"NONE\". The default value is \"NONE\" if it is not specified." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels to apply to instances that are created from these properties." }, "machineType": { "type": "string", "description": "The machine type to use for instances that are created from these properties." }, "metadata": { "$ref": "#/types/google-native:compute%2Fbeta:MetadataResponse", "description": "The metadata key/value pairs to assign to instances that are created from these properties. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information." }, "minCpuPlatform": { "type": "string", "description": "Minimum cpu/platform to be used by instances. The instance may be scheduled on the specified or newer cpu/platform. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: \"Intel Haswell\" or minCpuPlatform: \"Intel Sandy Bridge\". For more information, read Specifying a Minimum CPU Platform." }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:NetworkInterfaceResponse" }, "description": "An array of network access configurations for this interface." }, "networkPerformanceConfig": { "$ref": "#/types/google-native:compute%2Fbeta:NetworkPerformanceConfigResponse", "description": "Note that for MachineImage, this is not supported yet." }, "postKeyRevocationActionType": { "type": "string", "description": "PostKeyRevocationActionType of the instance." }, "privateIpv6GoogleAccess": { "type": "string", "description": "The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default. Note that for MachineImage, this is not supported yet." }, "reservationAffinity": { "$ref": "#/types/google-native:compute%2Fbeta:ReservationAffinityResponse", "description": "Specifies the reservations that instances can consume from. Note that for MachineImage, this is not supported yet." }, "resourceManagerTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource manager tags to be bound to the instance. Tag keys and values have the same definition as resource manager tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values are in the format `tagValues/456`. The field is ignored (both PUT & PATCH) when empty." }, "resourcePolicies": { "type": "array", "items": { "type": "string" }, "description": "Resource policies (names, not URLs) applied to instances created from these properties. Note that for MachineImage, this is not supported yet." }, "scheduling": { "$ref": "#/types/google-native:compute%2Fbeta:SchedulingResponse", "description": "Specifies the scheduling options for the instances that are created from these properties." }, "serviceAccounts": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:ServiceAccountResponse" }, "description": "A list of service accounts with specified scopes. Access tokens for these service accounts are available to the instances that are created from these properties. Use metadata queries to obtain the access tokens for these instances." }, "shieldedInstanceConfig": { "$ref": "#/types/google-native:compute%2Fbeta:ShieldedInstanceConfigResponse", "description": "Note that for MachineImage, this is not supported yet." }, "shieldedVmConfig": { "$ref": "#/types/google-native:compute%2Fbeta:ShieldedVmConfigResponse", "description": "Specifies the Shielded VM options for the instances that are created from these properties." }, "tags": { "$ref": "#/types/google-native:compute%2Fbeta:TagsResponse", "description": "A list of tags to apply to the instances that are created from these properties. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035." } }, "type": "object", "required": [ "advancedMachineFeatures", "canIpForward", "confidentialInstanceConfig", "description", "disks", "displayDevice", "guestAccelerators", "keyRevocationActionType", "labels", "machineType", "metadata", "minCpuPlatform", "networkInterfaces", "networkPerformanceConfig", "postKeyRevocationActionType", "privateIpv6GoogleAccess", "reservationAffinity", "resourceManagerTags", "resourcePolicies", "scheduling", "serviceAccounts", "shieldedInstanceConfig", "shieldedVmConfig", "tags" ] }, "google-native:compute/beta:InstantSnapshotResourceStatusResponse": { "properties": { "storageSizeBytes": { "type": "string", "description": "The storage size of this instant snapshot." } }, "type": "object", "required": [ "storageSizeBytes" ] }, "google-native:compute/beta:Int64RangeMatch": { "description": "HttpRouteRuleMatch criteria for field values that must stay within the specified integer range.", "properties": { "rangeEnd": { "type": "string", "description": "The end of the range (exclusive) in signed long integer format." }, "rangeStart": { "type": "string", "description": "The start of the range (inclusive) in signed long integer format." } }, "type": "object" }, "google-native:compute/beta:Int64RangeMatchResponse": { "description": "HttpRouteRuleMatch criteria for field values that must stay within the specified integer range.", "properties": { "rangeEnd": { "type": "string", "description": "The end of the range (exclusive) in signed long integer format." }, "rangeStart": { "type": "string", "description": "The start of the range (inclusive) in signed long integer format." } }, "type": "object", "required": [ "rangeEnd", "rangeStart" ] }, "google-native:compute/beta:InterconnectAttachmentBandwidth": { "description": "Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values: - BPS_50M: 50 Mbit/s - BPS_100M: 100 Mbit/s - BPS_200M: 200 Mbit/s - BPS_300M: 300 Mbit/s - BPS_400M: 400 Mbit/s - BPS_500M: 500 Mbit/s - BPS_1G: 1 Gbit/s - BPS_2G: 2 Gbit/s - BPS_5G: 5 Gbit/s - BPS_10G: 10 Gbit/s - BPS_20G: 20 Gbit/s - BPS_50G: 50 Gbit/s ", "type": "string", "enum": [ { "name": "Bps100m", "description": "100 Mbit/s", "value": "BPS_100M" }, { "name": "Bps10g", "description": "10 Gbit/s", "value": "BPS_10G" }, { "name": "Bps1g", "description": "1 Gbit/s", "value": "BPS_1G" }, { "name": "Bps200m", "description": "200 Mbit/s", "value": "BPS_200M" }, { "name": "Bps20g", "description": "20 Gbit/s", "value": "BPS_20G" }, { "name": "Bps2g", "description": "2 Gbit/s", "value": "BPS_2G" }, { "name": "Bps300m", "description": "300 Mbit/s", "value": "BPS_300M" }, { "name": "Bps400m", "description": "400 Mbit/s", "value": "BPS_400M" }, { "name": "Bps500m", "description": "500 Mbit/s", "value": "BPS_500M" }, { "name": "Bps50g", "description": "50 Gbit/s", "value": "BPS_50G" }, { "name": "Bps50m", "description": "50 Mbit/s", "value": "BPS_50M" }, { "name": "Bps5g", "description": "5 Gbit/s", "value": "BPS_5G" } ] }, "google-native:compute/beta:InterconnectAttachmentConfigurationConstraintsBgpPeerASNRangeResponse": { "properties": { "max": { "type": "integer" }, "min": { "type": "integer" } }, "type": "object", "required": [ "max", "min" ] }, "google-native:compute/beta:InterconnectAttachmentConfigurationConstraintsResponse": { "properties": { "bgpMd5": { "type": "string", "description": "Whether the attachment's BGP session requires/allows/disallows BGP MD5 authentication. This can take one of the following values: MD5_OPTIONAL, MD5_REQUIRED, MD5_UNSUPPORTED. For example, a Cross-Cloud Interconnect connection to a remote cloud provider that requires BGP MD5 authentication has the interconnectRemoteLocation attachment_configuration_constraints.bgp_md5 field set to MD5_REQUIRED, and that property is propagated to the attachment. Similarly, if BGP MD5 is MD5_UNSUPPORTED, an error is returned if MD5 is requested." }, "bgpPeerAsnRanges": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:InterconnectAttachmentConfigurationConstraintsBgpPeerASNRangeResponse" }, "description": "List of ASN ranges that the remote location is known to support. Formatted as an array of inclusive ranges {min: min-value, max: max-value}. For example, [{min: 123, max: 123}, {min: 64512, max: 65534}] allows the peer ASN to be 123 or anything in the range 64512-65534. This field is only advisory. Although the API accepts other ranges, these are the ranges that we recommend." } }, "type": "object", "required": [ "bgpMd5", "bgpPeerAsnRanges" ] }, "google-native:compute/beta:InterconnectAttachmentEdgeAvailabilityDomain": { "description": "Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values: - AVAILABILITY_DOMAIN_ANY - AVAILABILITY_DOMAIN_1 - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.", "type": "string", "enum": [ { "name": "AvailabilityDomain1", "value": "AVAILABILITY_DOMAIN_1" }, { "name": "AvailabilityDomain2", "value": "AVAILABILITY_DOMAIN_2" }, { "name": "AvailabilityDomainAny", "value": "AVAILABILITY_DOMAIN_ANY" } ] }, "google-native:compute/beta:InterconnectAttachmentEncryption": { "description": "Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are: - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment. - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use *HA VPN over Cloud Interconnect*, the VLAN attachment must be created with this option. ", "type": "string", "enum": [ { "name": "Ipsec", "description": "The interconnect attachment will carry only encrypted traffic that is encrypted by an IPsec device such as HA VPN gateway; VMs cannot directly send traffic to or receive traffic from such an interconnect attachment. To use HA VPN over Cloud Interconnect, the interconnect attachment must be created with this option.", "value": "IPSEC" }, { "name": "None", "description": "This is the default value, which means the Interconnect Attachment will carry unencrypted traffic. VMs will be able to send traffic to or receive traffic from such interconnect attachment.", "value": "NONE" } ] }, "google-native:compute/beta:InterconnectAttachmentPartnerMetadata": { "description": "Informational metadata about Partner attachments from Partners to display to customers. These fields are propagated from PARTNER_PROVIDER attachments to their corresponding PARTNER attachments.", "properties": { "interconnectName": { "type": "string", "description": "Plain text name of the Interconnect this attachment is connected to, as displayed in the Partner's portal. For instance \"Chicago 1\". This value may be validated to match approved Partner values." }, "partnerName": { "type": "string", "description": "Plain text name of the Partner providing this attachment. This value may be validated to match approved Partner values." }, "portalUrl": { "type": "string", "description": "URL of the Partner's portal for this Attachment. Partners may customise this to be a deep link to the specific resource on the Partner portal. This value may be validated to match approved Partner values." } }, "type": "object" }, "google-native:compute/beta:InterconnectAttachmentPartnerMetadataResponse": { "description": "Informational metadata about Partner attachments from Partners to display to customers. These fields are propagated from PARTNER_PROVIDER attachments to their corresponding PARTNER attachments.", "properties": { "interconnectName": { "type": "string", "description": "Plain text name of the Interconnect this attachment is connected to, as displayed in the Partner's portal. For instance \"Chicago 1\". This value may be validated to match approved Partner values." }, "partnerName": { "type": "string", "description": "Plain text name of the Partner providing this attachment. This value may be validated to match approved Partner values." }, "portalUrl": { "type": "string", "description": "URL of the Partner's portal for this Attachment. Partners may customise this to be a deep link to the specific resource on the Partner portal. This value may be validated to match approved Partner values." } }, "type": "object", "required": [ "interconnectName", "partnerName", "portalUrl" ] }, "google-native:compute/beta:InterconnectAttachmentPrivateInfoResponse": { "description": "Information for an interconnect attachment when this belongs to an interconnect of type DEDICATED.", "properties": { "tag8021q": { "type": "integer", "description": "802.1q encapsulation tag to be used for traffic between Google and the customer, going to and from this network and region." } }, "type": "object", "required": [ "tag8021q" ] }, "google-native:compute/beta:InterconnectAttachmentStackType": { "description": "The stack type for this interconnect attachment to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at interconnect attachments creation and update interconnect attachment operations.", "type": "string", "enum": [ { "name": "Ipv4Ipv6", "description": "The interconnect attachment can have both IPv4 and IPv6 addresses.", "value": "IPV4_IPV6" }, { "name": "Ipv4Only", "description": "The interconnect attachment will only be assigned IPv4 addresses.", "value": "IPV4_ONLY" } ] }, "google-native:compute/beta:InterconnectAttachmentType": { "description": "The type of interconnect attachment this is, which can take one of the following values: - DEDICATED: an attachment to a Dedicated Interconnect. - PARTNER: an attachment to a Partner Interconnect, created by the customer. - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner. ", "type": "string", "enum": [ { "name": "Dedicated", "description": "Attachment to a dedicated interconnect.", "value": "DEDICATED" }, { "name": "Partner", "description": "Attachment to a partner interconnect, created by the customer.", "value": "PARTNER" }, { "name": "PartnerProvider", "description": "Attachment to a partner interconnect, created by the partner.", "value": "PARTNER_PROVIDER" } ] }, "google-native:compute/beta:InterconnectCircuitInfoResponse": { "description": "Describes a single physical circuit between the Customer and Google. CircuitInfo objects are created by Google, so all fields are output only.", "properties": { "customerDemarcId": { "type": "string", "description": "Customer-side demarc ID for this circuit." }, "googleCircuitId": { "type": "string", "description": "Google-assigned unique ID for this circuit. Assigned at circuit turn-up." }, "googleDemarcId": { "type": "string", "description": "Google-side demarc ID for this circuit. Assigned at circuit turn-up and provided by Google to the customer in the LOA." } }, "type": "object", "required": [ "customerDemarcId", "googleCircuitId", "googleDemarcId" ] }, "google-native:compute/beta:InterconnectInterconnectType": { "description": "Type of interconnect, which can take one of the following values: - PARTNER: A partner-managed interconnection shared between customers though a partner. - DEDICATED: A dedicated physical interconnection with the customer. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED.", "type": "string", "enum": [ { "name": "Dedicated", "description": "A dedicated physical interconnection with the customer.", "value": "DEDICATED" }, { "name": "ItPrivate", "description": "[Deprecated] A private, physical interconnection with the customer.", "value": "IT_PRIVATE" }, { "name": "Partner", "description": "A partner-managed interconnection shared between customers via partner.", "value": "PARTNER" } ] }, "google-native:compute/beta:InterconnectLinkType": { "description": "Type of link requested, which can take one of the following values: - LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics - LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. Note that this field indicates the speed of each of the links in the bundle, not the speed of the entire bundle.", "type": "string", "enum": [ { "name": "LinkTypeEthernet100gLr", "description": "100G Ethernet, LR Optics.", "value": "LINK_TYPE_ETHERNET_100G_LR" }, { "name": "LinkTypeEthernet10gLr", "description": "10G Ethernet, LR Optics. [(rate_bps) = 10000000000];", "value": "LINK_TYPE_ETHERNET_10G_LR" } ] }, "google-native:compute/beta:InterconnectMacsec": { "description": "Configuration information for enabling Media Access Control security (MACsec) on this Cloud Interconnect connection between Google and your on-premises router.", "properties": { "failOpen": { "type": "boolean", "description": "If set to true, the Interconnect connection is configured with a should-secure MACsec security policy, that allows the Google router to fallback to cleartext traffic if the MKA session cannot be established. By default, the Interconnect connection is configured with a must-secure security policy that drops all traffic if the MKA session cannot be established with your router." }, "preSharedKeys": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:InterconnectMacsecPreSharedKey" }, "description": "A keychain placeholder describing a set of named key objects along with their start times. A MACsec CKN/CAK is generated for each key in the key chain. Google router automatically picks the key with the most recent startTime when establishing or re-establishing a MACsec secure link." } }, "type": "object", "required": [ "preSharedKeys" ] }, "google-native:compute/beta:InterconnectMacsecPreSharedKey": { "description": "Describes a pre-shared key used to setup MACsec in static connectivity association key (CAK) mode.", "properties": { "name": { "type": "string", "description": "A name for this pre-shared key. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "startTime": { "type": "string", "description": "A RFC3339 timestamp on or after which the key is valid. startTime can be in the future. If the keychain has a single key, startTime can be omitted. If the keychain has multiple keys, startTime is mandatory for each key. The start times of keys must be in increasing order. The start times of two consecutive keys must be at least 6 hours apart." } }, "type": "object", "required": [ "name" ] }, "google-native:compute/beta:InterconnectMacsecPreSharedKeyResponse": { "description": "Describes a pre-shared key used to setup MACsec in static connectivity association key (CAK) mode.", "properties": { "name": { "type": "string", "description": "A name for this pre-shared key. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "startTime": { "type": "string", "description": "A RFC3339 timestamp on or after which the key is valid. startTime can be in the future. If the keychain has a single key, startTime can be omitted. If the keychain has multiple keys, startTime is mandatory for each key. The start times of keys must be in increasing order. The start times of two consecutive keys must be at least 6 hours apart." } }, "type": "object", "required": [ "name", "startTime" ] }, "google-native:compute/beta:InterconnectMacsecResponse": { "description": "Configuration information for enabling Media Access Control security (MACsec) on this Cloud Interconnect connection between Google and your on-premises router.", "properties": { "failOpen": { "type": "boolean", "description": "If set to true, the Interconnect connection is configured with a should-secure MACsec security policy, that allows the Google router to fallback to cleartext traffic if the MKA session cannot be established. By default, the Interconnect connection is configured with a must-secure security policy that drops all traffic if the MKA session cannot be established with your router." }, "preSharedKeys": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:InterconnectMacsecPreSharedKeyResponse" }, "description": "A keychain placeholder describing a set of named key objects along with their start times. A MACsec CKN/CAK is generated for each key in the key chain. Google router automatically picks the key with the most recent startTime when establishing or re-establishing a MACsec secure link." } }, "type": "object", "required": [ "failOpen", "preSharedKeys" ] }, "google-native:compute/beta:InterconnectOutageNotificationResponse": { "description": "Description of a planned outage on this Interconnect.", "properties": { "affectedCircuits": { "type": "array", "items": { "type": "string" }, "description": "If issue_type is IT_PARTIAL_OUTAGE, a list of the Google-side circuit IDs that will be affected." }, "description": { "type": "string", "description": "A description about the purpose of the outage." }, "endTime": { "type": "string", "description": "Scheduled end time for the outage (milliseconds since Unix epoch)." }, "issueType": { "type": "string", "description": "Form this outage is expected to take, which can take one of the following values: - OUTAGE: The Interconnect may be completely out of service for some or all of the specified window. - PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain up, but with reduced bandwidth. Note that the versions of this enum prefixed with \"IT_\" have been deprecated in favor of the unprefixed values." }, "name": { "type": "string", "description": "Unique identifier for this outage notification." }, "source": { "type": "string", "description": "The party that generated this notification, which can take the following value: - GOOGLE: this notification as generated by Google. Note that the value of NSRC_GOOGLE has been deprecated in favor of GOOGLE." }, "startTime": { "type": "string", "description": "Scheduled start time for the outage (milliseconds since Unix epoch)." }, "state": { "type": "string", "description": "State of this notification, which can take one of the following values: - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. - COMPLETED: The outage associated with this notification is complete. Note that the versions of this enum prefixed with \"NS_\" have been deprecated in favor of the unprefixed values." } }, "type": "object", "required": [ "affectedCircuits", "description", "endTime", "issueType", "name", "source", "startTime", "state" ] }, "google-native:compute/beta:InterconnectRequestedFeaturesItem": { "type": "string", "enum": [ { "name": "IfMacsec", "description": "Media Access Control security (MACsec)", "value": "IF_MACSEC" } ] }, "google-native:compute/beta:LicenseResourceCommitment": { "description": "Commitment for a particular license resource.", "properties": { "amount": { "type": "string", "description": "The number of licenses purchased." }, "coresPerLicense": { "type": "string", "description": "Specifies the core range of the instance for which this license applies." }, "license": { "type": "string", "description": "Any applicable license URI." } }, "type": "object" }, "google-native:compute/beta:LicenseResourceCommitmentResponse": { "description": "Commitment for a particular license resource.", "properties": { "amount": { "type": "string", "description": "The number of licenses purchased." }, "coresPerLicense": { "type": "string", "description": "Specifies the core range of the instance for which this license applies." }, "license": { "type": "string", "description": "Any applicable license URI." } }, "type": "object", "required": [ "amount", "coresPerLicense", "license" ] }, "google-native:compute/beta:LicenseResourceRequirements": { "properties": { "minGuestCpuCount": { "type": "integer", "description": "Minimum number of guest cpus required to use the Instance. Enforced at Instance creation and Instance start." }, "minMemoryMb": { "type": "integer", "description": "Minimum memory required to use the Instance. Enforced at Instance creation and Instance start." } }, "type": "object" }, "google-native:compute/beta:LicenseResourceRequirementsResponse": { "properties": { "minGuestCpuCount": { "type": "integer", "description": "Minimum number of guest cpus required to use the Instance. Enforced at Instance creation and Instance start." }, "minMemoryMb": { "type": "integer", "description": "Minimum memory required to use the Instance. Enforced at Instance creation and Instance start." } }, "type": "object", "required": [ "minGuestCpuCount", "minMemoryMb" ] }, "google-native:compute/beta:LocalDisk": { "properties": { "diskCount": { "type": "integer", "description": "Specifies the number of such disks." }, "diskSizeGb": { "type": "integer", "description": "Specifies the size of the disk in base-2 GB." }, "diskType": { "type": "string", "description": "Specifies the desired disk type on the node. This disk type must be a local storage type (e.g.: local-ssd). Note that for nodeTemplates, this should be the name of the disk type and not its URL." } }, "type": "object" }, "google-native:compute/beta:LocalDiskResponse": { "properties": { "diskCount": { "type": "integer", "description": "Specifies the number of such disks." }, "diskSizeGb": { "type": "integer", "description": "Specifies the size of the disk in base-2 GB." }, "diskType": { "type": "string", "description": "Specifies the desired disk type on the node. This disk type must be a local storage type (e.g.: local-ssd). Note that for nodeTemplates, this should be the name of the disk type and not its URL." } }, "type": "object", "required": [ "diskCount", "diskSizeGb", "diskType" ] }, "google-native:compute/beta:LocalizedMessageResponse": { "description": "Provides a localized error message that is safe to return to the user which can be attached to an RPC error.", "properties": { "locale": { "type": "string", "description": "The locale used following the specification defined at https://www.rfc-editor.org/rfc/bcp/bcp47.txt. Examples are: \"en-US\", \"fr-CH\", \"es-MX\"" }, "message": { "type": "string", "description": "The localized error message in the above locale." } }, "type": "object", "required": [ "locale", "message" ] }, "google-native:compute/beta:LogConfig": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "cloudAudit": { "$ref": "#/types/google-native:compute%2Fbeta:LogConfigCloudAuditOptions", "description": "This is deprecated and has no effect. Do not use." }, "counter": { "$ref": "#/types/google-native:compute%2Fbeta:LogConfigCounterOptions", "description": "This is deprecated and has no effect. Do not use." }, "dataAccess": { "$ref": "#/types/google-native:compute%2Fbeta:LogConfigDataAccessOptions", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object" }, "google-native:compute/beta:LogConfigCloudAuditOptions": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "authorizationLoggingOptions": { "$ref": "#/types/google-native:compute%2Fbeta:AuthorizationLoggingOptions", "description": "This is deprecated and has no effect. Do not use." }, "logName": { "$ref": "#/types/google-native:compute%2Fbeta:LogConfigCloudAuditOptionsLogName", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object" }, "google-native:compute/beta:LogConfigCloudAuditOptionsLogName": { "description": "This is deprecated and has no effect. Do not use.", "type": "string", "enum": [ { "name": "AdminActivity", "description": "This is deprecated and has no effect. Do not use.", "value": "ADMIN_ACTIVITY" }, { "name": "DataAccess", "description": "This is deprecated and has no effect. Do not use.", "value": "DATA_ACCESS" }, { "name": "UnspecifiedLogName", "description": "This is deprecated and has no effect. Do not use.", "value": "UNSPECIFIED_LOG_NAME" } ] }, "google-native:compute/beta:LogConfigCloudAuditOptionsResponse": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "authorizationLoggingOptions": { "$ref": "#/types/google-native:compute%2Fbeta:AuthorizationLoggingOptionsResponse", "description": "This is deprecated and has no effect. Do not use." }, "logName": { "type": "string", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object", "required": [ "authorizationLoggingOptions", "logName" ] }, "google-native:compute/beta:LogConfigCounterOptions": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "customFields": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:LogConfigCounterOptionsCustomField" }, "description": "This is deprecated and has no effect. Do not use." }, "field": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "metric": { "type": "string", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object" }, "google-native:compute/beta:LogConfigCounterOptionsCustomField": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "name": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "value": { "type": "string", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object" }, "google-native:compute/beta:LogConfigCounterOptionsCustomFieldResponse": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "name": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "value": { "type": "string", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object", "required": [ "name", "value" ] }, "google-native:compute/beta:LogConfigCounterOptionsResponse": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "customFields": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:LogConfigCounterOptionsCustomFieldResponse" }, "description": "This is deprecated and has no effect. Do not use." }, "field": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "metric": { "type": "string", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object", "required": [ "customFields", "field", "metric" ] }, "google-native:compute/beta:LogConfigDataAccessOptions": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "logMode": { "$ref": "#/types/google-native:compute%2Fbeta:LogConfigDataAccessOptionsLogMode", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object" }, "google-native:compute/beta:LogConfigDataAccessOptionsLogMode": { "description": "This is deprecated and has no effect. Do not use.", "type": "string", "enum": [ { "name": "LogFailClosed", "description": "This is deprecated and has no effect. Do not use.", "value": "LOG_FAIL_CLOSED" }, { "name": "LogModeUnspecified", "description": "This is deprecated and has no effect. Do not use.", "value": "LOG_MODE_UNSPECIFIED" } ] }, "google-native:compute/beta:LogConfigDataAccessOptionsResponse": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "logMode": { "type": "string", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object", "required": [ "logMode" ] }, "google-native:compute/beta:LogConfigResponse": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "cloudAudit": { "$ref": "#/types/google-native:compute%2Fbeta:LogConfigCloudAuditOptionsResponse", "description": "This is deprecated and has no effect. Do not use." }, "counter": { "$ref": "#/types/google-native:compute%2Fbeta:LogConfigCounterOptionsResponse", "description": "This is deprecated and has no effect. Do not use." }, "dataAccess": { "$ref": "#/types/google-native:compute%2Fbeta:LogConfigDataAccessOptionsResponse", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object", "required": [ "cloudAudit", "counter", "dataAccess" ] }, "google-native:compute/beta:Metadata": { "description": "A metadata key/value entry.", "properties": { "items": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:MetadataItemsItem" }, "description": "Array of key/value pairs. The total size of all keys and values must be less than 512 KB." } }, "type": "object" }, "google-native:compute/beta:MetadataFilter": { "description": "Opaque filter criteria used by load balancers to restrict routing configuration to a limited set of load balancing proxies. Proxies and sidecars involved in load balancing would typically present metadata to the load balancers that need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if load balancing involves Envoys, they receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.", "properties": { "filterLabels": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:MetadataFilterLabelMatch" }, "description": "The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries." }, "filterMatchCriteria": { "$ref": "#/types/google-native:compute%2Fbeta:MetadataFilterFilterMatchCriteria", "description": "Specifies how individual filter label matches within the list of filterLabels and contributes toward the overall metadataFilter match. Supported values are: - MATCH_ANY: at least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: all filterLabels must have matching labels in the provided metadata. " } }, "type": "object" }, "google-native:compute/beta:MetadataFilterFilterMatchCriteria": { "description": "Specifies how individual filter label matches within the list of filterLabels and contributes toward the overall metadataFilter match. Supported values are: - MATCH_ANY: at least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: all filterLabels must have matching labels in the provided metadata. ", "type": "string", "enum": [ { "name": "MatchAll", "description": "Specifies that all filterLabels must match for the metadataFilter to be considered a match.", "value": "MATCH_ALL" }, { "name": "MatchAny", "description": "Specifies that any filterLabel must match for the metadataFilter to be considered a match.", "value": "MATCH_ANY" }, { "name": "NotSet", "description": "Indicates that the match criteria was not set. A metadataFilter must never be created with this value.", "value": "NOT_SET" } ] }, "google-native:compute/beta:MetadataFilterLabelMatch": { "description": "MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the load balancer.", "properties": { "name": { "type": "string", "description": "Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long." }, "value": { "type": "string", "description": "The value of the label must match the specified value. value can have a maximum length of 1024 characters." } }, "type": "object" }, "google-native:compute/beta:MetadataFilterLabelMatchResponse": { "description": "MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the load balancer.", "properties": { "name": { "type": "string", "description": "Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long." }, "value": { "type": "string", "description": "The value of the label must match the specified value. value can have a maximum length of 1024 characters." } }, "type": "object", "required": [ "name", "value" ] }, "google-native:compute/beta:MetadataFilterResponse": { "description": "Opaque filter criteria used by load balancers to restrict routing configuration to a limited set of load balancing proxies. Proxies and sidecars involved in load balancing would typically present metadata to the load balancers that need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if load balancing involves Envoys, they receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.", "properties": { "filterLabels": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:MetadataFilterLabelMatchResponse" }, "description": "The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries." }, "filterMatchCriteria": { "type": "string", "description": "Specifies how individual filter label matches within the list of filterLabels and contributes toward the overall metadataFilter match. Supported values are: - MATCH_ANY: at least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: all filterLabels must have matching labels in the provided metadata. " } }, "type": "object", "required": [ "filterLabels", "filterMatchCriteria" ] }, "google-native:compute/beta:MetadataItemsItem": { "description": "Metadata", "properties": { "key": { "type": "string", "description": "Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project." }, "value": { "type": "string", "description": "Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB)." } }, "type": "object" }, "google-native:compute/beta:MetadataItemsItemResponse": { "description": "Metadata", "properties": { "key": { "type": "string", "description": "Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project." }, "value": { "type": "string", "description": "Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB)." } }, "type": "object", "required": [ "key", "value" ] }, "google-native:compute/beta:MetadataResponse": { "description": "A metadata key/value entry.", "properties": { "fingerprint": { "type": "string", "description": "Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource." }, "items": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:MetadataItemsItemResponse" }, "description": "Array of key/value pairs. The total size of all keys and values must be less than 512 KB." }, "kind": { "type": "string", "description": "Type of the resource. Always compute#metadata for metadata." } }, "type": "object", "required": [ "fingerprint", "items", "kind" ] }, "google-native:compute/beta:NamedPort": { "description": "The named port. For example: <\"http\", 80>.", "properties": { "name": { "type": "string", "description": "The name for this named port. The name must be 1-63 characters long, and comply with RFC1035." }, "port": { "type": "integer", "description": "The port number, which can be a value between 1 and 65535." } }, "type": "object" }, "google-native:compute/beta:NamedPortResponse": { "description": "The named port. For example: <\"http\", 80>.", "properties": { "name": { "type": "string", "description": "The name for this named port. The name must be 1-63 characters long, and comply with RFC1035." }, "port": { "type": "integer", "description": "The port number, which can be a value between 1 and 65535." } }, "type": "object", "required": [ "name", "port" ] }, "google-native:compute/beta:NetworkAttachmentConnectedEndpointResponse": { "description": "[Output Only] A connection connected to this network attachment.", "properties": { "ipAddress": { "type": "string", "description": "The IPv4 address assigned to the producer instance network interface. This value will be a range in case of Serverless." }, "ipv6Address": { "type": "string", "description": "The IPv6 address assigned to the producer instance network interface. This is only assigned when the stack types of both the instance network interface and the consumer subnet are IPv4_IPv6." }, "projectIdOrNum": { "type": "string", "description": "The project id or number of the interface to which the IP was assigned." }, "secondaryIpCidrRanges": { "type": "array", "items": { "type": "string" }, "description": "Alias IP ranges from the same subnetwork." }, "status": { "type": "string", "description": "The status of a connected endpoint to this network attachment." }, "subnetwork": { "type": "string", "description": "The subnetwork used to assign the IP to the producer instance network interface." }, "subnetworkCidrRange": { "type": "string", "description": "The CIDR range of the subnet from which the IPv4 internal IP was allocated from." } }, "type": "object", "required": [ "ipAddress", "ipv6Address", "projectIdOrNum", "secondaryIpCidrRanges", "status", "subnetwork", "subnetworkCidrRange" ] }, "google-native:compute/beta:NetworkAttachmentConnectionPreference": { "type": "string", "enum": [ { "name": "AcceptAutomatic", "value": "ACCEPT_AUTOMATIC" }, { "name": "AcceptManual", "value": "ACCEPT_MANUAL" }, { "name": "Invalid", "value": "INVALID" } ] }, "google-native:compute/beta:NetworkEndpointGroupAppEngine": { "description": "Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.", "properties": { "service": { "type": "string", "description": "Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: \"default\", \"my-service\"." }, "urlMask": { "type": "string", "description": "A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs \"foo1-dot-appname.appspot.com/v1\" and \"foo1-dot-appname.appspot.com/v2\" can be backed by the same Serverless NEG with URL mask \"-dot-appname.appspot.com/\". The URL mask will parse them to { service = \"foo1\", version = \"v1\" } and { service = \"foo1\", version = \"v2\" } respectively." }, "version": { "type": "string", "description": "Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: \"v1\", \"v2\"." } }, "type": "object" }, "google-native:compute/beta:NetworkEndpointGroupAppEngineResponse": { "description": "Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.", "properties": { "service": { "type": "string", "description": "Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: \"default\", \"my-service\"." }, "urlMask": { "type": "string", "description": "A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs \"foo1-dot-appname.appspot.com/v1\" and \"foo1-dot-appname.appspot.com/v2\" can be backed by the same Serverless NEG with URL mask \"-dot-appname.appspot.com/\". The URL mask will parse them to { service = \"foo1\", version = \"v1\" } and { service = \"foo1\", version = \"v2\" } respectively." }, "version": { "type": "string", "description": "Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: \"v1\", \"v2\"." } }, "type": "object", "required": [ "service", "urlMask", "version" ] }, "google-native:compute/beta:NetworkEndpointGroupCloudFunction": { "description": "Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.", "properties": { "function": { "type": "string", "description": "A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: \"func1\"." }, "urlMask": { "type": "string", "description": "A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs \" mydomain.com/function1\" and \"mydomain.com/function2\" can be backed by the same Serverless NEG with URL mask \"/\". The URL mask will parse them to { function = \"function1\" } and { function = \"function2\" } respectively." } }, "type": "object" }, "google-native:compute/beta:NetworkEndpointGroupCloudFunctionResponse": { "description": "Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.", "properties": { "function": { "type": "string", "description": "A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: \"func1\"." }, "urlMask": { "type": "string", "description": "A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs \" mydomain.com/function1\" and \"mydomain.com/function2\" can be backed by the same Serverless NEG with URL mask \"/\". The URL mask will parse them to { function = \"function1\" } and { function = \"function2\" } respectively." } }, "type": "object", "required": [ "function", "urlMask" ] }, "google-native:compute/beta:NetworkEndpointGroupCloudRun": { "description": "Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.", "properties": { "service": { "type": "string", "description": "Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: \"run-service\"." }, "tag": { "type": "string", "description": "Optional Cloud Run tag represents the \"named-revision\" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: \"revision-0010\"." }, "urlMask": { "type": "string", "description": "A template to parse and fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs \"foo1.domain.com/bar1\" and \"foo1.domain.com/bar2\" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask \".domain.com/\". The URL mask will parse them to { service=\"bar1\", tag=\"foo1\" } and { service=\"bar2\", tag=\"foo2\" } respectively." } }, "type": "object" }, "google-native:compute/beta:NetworkEndpointGroupCloudRunResponse": { "description": "Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.", "properties": { "service": { "type": "string", "description": "Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: \"run-service\"." }, "tag": { "type": "string", "description": "Optional Cloud Run tag represents the \"named-revision\" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: \"revision-0010\"." }, "urlMask": { "type": "string", "description": "A template to parse and fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs \"foo1.domain.com/bar1\" and \"foo1.domain.com/bar2\" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask \".domain.com/\". The URL mask will parse them to { service=\"bar1\", tag=\"foo1\" } and { service=\"bar2\", tag=\"foo2\" } respectively." } }, "type": "object", "required": [ "service", "tag", "urlMask" ] }, "google-native:compute/beta:NetworkEndpointGroupLbNetworkEndpointGroup": { "description": "Load balancing specific fields for network endpoint group.", "properties": { "defaultPort": { "type": "integer", "description": "The default port used if the port number is not specified in the network endpoint. [Deprecated] This field is deprecated.", "deprecationMessage": "The default port used if the port number is not specified in the network endpoint. [Deprecated] This field is deprecated." }, "network": { "type": "string", "description": "The URL of the network to which all network endpoints in the NEG belong. Uses \"default\" project network if unspecified. [Deprecated] This field is deprecated.", "deprecationMessage": "The URL of the network to which all network endpoints in the NEG belong. Uses \"default\" project network if unspecified. [Deprecated] This field is deprecated." }, "subnetwork": { "type": "string", "description": "Optional URL of the subnetwork to which all network endpoints in the NEG belong. [Deprecated] This field is deprecated.", "deprecationMessage": "Optional URL of the subnetwork to which all network endpoints in the NEG belong. [Deprecated] This field is deprecated." } }, "type": "object" }, "google-native:compute/beta:NetworkEndpointGroupLbNetworkEndpointGroupResponse": { "description": "Load balancing specific fields for network endpoint group.", "properties": { "defaultPort": { "type": "integer", "description": "The default port used if the port number is not specified in the network endpoint. [Deprecated] This field is deprecated.", "deprecationMessage": "The default port used if the port number is not specified in the network endpoint. [Deprecated] This field is deprecated." }, "network": { "type": "string", "description": "The URL of the network to which all network endpoints in the NEG belong. Uses \"default\" project network if unspecified. [Deprecated] This field is deprecated.", "deprecationMessage": "The URL of the network to which all network endpoints in the NEG belong. Uses \"default\" project network if unspecified. [Deprecated] This field is deprecated." }, "subnetwork": { "type": "string", "description": "Optional URL of the subnetwork to which all network endpoints in the NEG belong. [Deprecated] This field is deprecated.", "deprecationMessage": "Optional URL of the subnetwork to which all network endpoints in the NEG belong. [Deprecated] This field is deprecated." }, "zone": { "type": "string", "description": "The URL of the zone where the network endpoint group is located. [Deprecated] This field is deprecated.", "deprecationMessage": "[Output Only] The URL of the zone where the network endpoint group is located. [Deprecated] This field is deprecated." } }, "type": "object", "required": [ "defaultPort", "network", "subnetwork", "zone" ] }, "google-native:compute/beta:NetworkEndpointGroupNetworkEndpointType": { "description": "Type of network endpoints in this network endpoint group. Can be one of GCE_VM_IP, GCE_VM_IP_PORT, NON_GCP_PRIVATE_IP_PORT, INTERNET_FQDN_PORT, INTERNET_IP_PORT, SERVERLESS, PRIVATE_SERVICE_CONNECT.", "type": "string", "enum": [ { "name": "GceVmIp", "description": "The network endpoint is represented by an IP address.", "value": "GCE_VM_IP" }, { "name": "GceVmIpPort", "description": "The network endpoint is represented by IP address and port pair.", "value": "GCE_VM_IP_PORT" }, { "name": "InternetFqdnPort", "description": "The network endpoint is represented by fully qualified domain name and port.", "value": "INTERNET_FQDN_PORT" }, { "name": "InternetIpPort", "description": "The network endpoint is represented by an internet IP address and port.", "value": "INTERNET_IP_PORT" }, { "name": "NonGcpPrivateIpPort", "description": "The network endpoint is represented by an IP address and port. The endpoint belongs to a VM or pod running in a customer's on-premises.", "value": "NON_GCP_PRIVATE_IP_PORT" }, { "name": "PrivateServiceConnect", "description": "The network endpoint is either public Google APIs or services exposed by other GCP Project with a Service Attachment. The connection is set up by private service connect", "value": "PRIVATE_SERVICE_CONNECT" }, { "name": "Serverless", "description": "The network endpoint is handled by specified serverless infrastructure.", "value": "SERVERLESS" } ] }, "google-native:compute/beta:NetworkEndpointGroupPscData": { "description": "All data that is specifically relevant to only network endpoint groups of type PRIVATE_SERVICE_CONNECT.", "type": "object" }, "google-native:compute/beta:NetworkEndpointGroupPscDataResponse": { "description": "All data that is specifically relevant to only network endpoint groups of type PRIVATE_SERVICE_CONNECT.", "properties": { "consumerPscAddress": { "type": "string", "description": "Address allocated from given subnetwork for PSC. This IP address acts as a VIP for a PSC NEG, allowing it to act as an endpoint in L7 PSC-XLB." }, "pscConnectionId": { "type": "string", "description": "The PSC connection id of the PSC Network Endpoint Group Consumer." }, "pscConnectionStatus": { "type": "string", "description": "The connection status of the PSC Forwarding Rule." } }, "type": "object", "required": [ "consumerPscAddress", "pscConnectionId", "pscConnectionStatus" ] }, "google-native:compute/beta:NetworkEndpointGroupServerlessDeployment": { "description": "Configuration for a serverless network endpoint group (NEG). The platform must be provided. Note: The target backend service must be in the same project and located in the same region as the Serverless NEG.", "properties": { "platform": { "type": "string", "description": "The platform of the backend target(s) of this NEG. The only supported value is API Gateway: apigateway.googleapis.com." }, "resource": { "type": "string", "description": "The user-defined name of the workload/instance. This value must be provided explicitly or in the urlMask. The resource identified by this value is platform-specific and is as follows: 1. API Gateway: The gateway ID 2. App Engine: The service name 3. Cloud Functions: The function name 4. Cloud Run: The service name " }, "urlMask": { "type": "string", "description": "A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources. The fields parsed by this template are platform-specific and are as follows: 1. API Gateway: The gateway ID 2. App Engine: The service and version 3. Cloud Functions: The function name 4. Cloud Run: The service and tag " }, "version": { "type": "string", "description": "The optional resource version. The version identified by this value is platform-specific and is follows: 1. API Gateway: Unused 2. App Engine: The service version 3. Cloud Functions: Unused 4. Cloud Run: The service tag " } }, "type": "object" }, "google-native:compute/beta:NetworkEndpointGroupServerlessDeploymentResponse": { "description": "Configuration for a serverless network endpoint group (NEG). The platform must be provided. Note: The target backend service must be in the same project and located in the same region as the Serverless NEG.", "properties": { "platform": { "type": "string", "description": "The platform of the backend target(s) of this NEG. The only supported value is API Gateway: apigateway.googleapis.com." }, "resource": { "type": "string", "description": "The user-defined name of the workload/instance. This value must be provided explicitly or in the urlMask. The resource identified by this value is platform-specific and is as follows: 1. API Gateway: The gateway ID 2. App Engine: The service name 3. Cloud Functions: The function name 4. Cloud Run: The service name " }, "urlMask": { "type": "string", "description": "A template to parse platform-specific fields from a request URL. URL mask allows for routing to multiple resources on the same serverless platform without having to create multiple Network Endpoint Groups and backend resources. The fields parsed by this template are platform-specific and are as follows: 1. API Gateway: The gateway ID 2. App Engine: The service and version 3. Cloud Functions: The function name 4. Cloud Run: The service and tag " }, "version": { "type": "string", "description": "The optional resource version. The version identified by this value is platform-specific and is follows: 1. API Gateway: Unused 2. App Engine: The service version 3. Cloud Functions: Unused 4. Cloud Run: The service tag " } }, "type": "object", "required": [ "platform", "resource", "urlMask", "version" ] }, "google-native:compute/beta:NetworkInterface": { "description": "A network interface resource attached to an instance.", "properties": { "accessConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:AccessConfig" }, "description": "An array of configurations for this interface. Currently, only one access config, ONE_TO_ONE_NAT, is supported. If there are no accessConfigs specified, then this instance will have no external internet access." }, "aliasIpRanges": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:AliasIpRange" }, "description": "An array of alias IP ranges for this network interface. You can only specify this field for network interfaces in VPC networks." }, "internalIpv6PrefixLength": { "type": "integer", "description": "The prefix length of the primary internal IPv6 range." }, "ipv6AccessConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:AccessConfig" }, "description": "An array of IPv6 access configurations for this interface. Currently, only one IPv6 access config, DIRECT_IPV6, is supported. If there is no ipv6AccessConfig specified, then this instance will have no external IPv6 Internet access." }, "ipv6Address": { "type": "string", "description": "An IPv6 internal network address for this network interface. To use a static internal IP address, it must be unused and in the same region as the instance's zone. If not specified, Google Cloud will automatically assign an internal IPv6 address from the instance's subnetwork." }, "network": { "type": "string", "description": "URL of the VPC network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used. If the selected project doesn't have the default network, you must specify a network or subnet. If the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default " }, "networkAttachment": { "type": "string", "description": "The URL of the network attachment that this interface should connect to in the following format: projects/{project_number}/regions/{region_name}/networkAttachments/{network_attachment_name}." }, "networkIP": { "type": "string", "description": "An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system." }, "nicType": { "$ref": "#/types/google-native:compute%2Fbeta:NetworkInterfaceNicType", "description": "The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet." }, "queueCount": { "type": "integer", "description": "The networking queue count that's specified by users for the network interface. Both Rx and Tx queues will be set to this number. It'll be empty if not specified by the users." }, "stackType": { "$ref": "#/types/google-native:compute%2Fbeta:NetworkInterfaceStackType", "description": "The stack type for this network interface. To assign only IPv4 addresses, use IPV4_ONLY. To assign both IPv4 and IPv6 addresses, use IPV4_IPV6. If not specified, IPV4_ONLY is used. This field can be both set at instance creation and update network interface operations." }, "subnetwork": { "type": "string", "description": "The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork " } }, "type": "object" }, "google-native:compute/beta:NetworkInterfaceNicType": { "description": "The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.", "type": "string", "enum": [ { "name": "Gvnic", "description": "GVNIC", "value": "GVNIC" }, { "name": "UnspecifiedNicType", "description": "No type specified.", "value": "UNSPECIFIED_NIC_TYPE" }, { "name": "VirtioNet", "description": "VIRTIO", "value": "VIRTIO_NET" } ] }, "google-native:compute/beta:NetworkInterfaceResponse": { "description": "A network interface resource attached to an instance.", "properties": { "accessConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:AccessConfigResponse" }, "description": "An array of configurations for this interface. Currently, only one access config, ONE_TO_ONE_NAT, is supported. If there are no accessConfigs specified, then this instance will have no external internet access." }, "aliasIpRanges": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:AliasIpRangeResponse" }, "description": "An array of alias IP ranges for this network interface. You can only specify this field for network interfaces in VPC networks." }, "fingerprint": { "type": "string", "description": "Fingerprint hash of contents stored in this network interface. This field will be ignored when inserting an Instance or adding a NetworkInterface. An up-to-date fingerprint must be provided in order to update the NetworkInterface. The request will fail with error 400 Bad Request if the fingerprint is not provided, or 412 Precondition Failed if the fingerprint is out of date." }, "internalIpv6PrefixLength": { "type": "integer", "description": "The prefix length of the primary internal IPv6 range." }, "ipv6AccessConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:AccessConfigResponse" }, "description": "An array of IPv6 access configurations for this interface. Currently, only one IPv6 access config, DIRECT_IPV6, is supported. If there is no ipv6AccessConfig specified, then this instance will have no external IPv6 Internet access." }, "ipv6AccessType": { "type": "string", "description": "One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6." }, "ipv6Address": { "type": "string", "description": "An IPv6 internal network address for this network interface. To use a static internal IP address, it must be unused and in the same region as the instance's zone. If not specified, Google Cloud will automatically assign an internal IPv6 address from the instance's subnetwork." }, "kind": { "type": "string", "description": "Type of the resource. Always compute#networkInterface for network interfaces." }, "name": { "type": "string", "description": "The name of the network interface, which is generated by the server. For a VM, the network interface uses the nicN naming format. Where N is a value between 0 and 7. The default interface value is nic0." }, "network": { "type": "string", "description": "URL of the VPC network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used. If the selected project doesn't have the default network, you must specify a network or subnet. If the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default " }, "networkAttachment": { "type": "string", "description": "The URL of the network attachment that this interface should connect to in the following format: projects/{project_number}/regions/{region_name}/networkAttachments/{network_attachment_name}." }, "networkIP": { "type": "string", "description": "An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system." }, "nicType": { "type": "string", "description": "The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet." }, "queueCount": { "type": "integer", "description": "The networking queue count that's specified by users for the network interface. Both Rx and Tx queues will be set to this number. It'll be empty if not specified by the users." }, "stackType": { "type": "string", "description": "The stack type for this network interface. To assign only IPv4 addresses, use IPV4_ONLY. To assign both IPv4 and IPv6 addresses, use IPV4_IPV6. If not specified, IPV4_ONLY is used. This field can be both set at instance creation and update network interface operations." }, "subnetwork": { "type": "string", "description": "The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork " } }, "type": "object", "required": [ "accessConfigs", "aliasIpRanges", "fingerprint", "internalIpv6PrefixLength", "ipv6AccessConfigs", "ipv6AccessType", "ipv6Address", "kind", "name", "network", "networkAttachment", "networkIP", "nicType", "queueCount", "stackType", "subnetwork" ] }, "google-native:compute/beta:NetworkInterfaceStackType": { "description": "The stack type for this network interface. To assign only IPv4 addresses, use IPV4_ONLY. To assign both IPv4 and IPv6 addresses, use IPV4_IPV6. If not specified, IPV4_ONLY is used. This field can be both set at instance creation and update network interface operations.", "type": "string", "enum": [ { "name": "Ipv4Ipv6", "description": "The network interface can have both IPv4 and IPv6 addresses.", "value": "IPV4_IPV6" }, { "name": "Ipv4Only", "description": "The network interface will be assigned IPv4 address.", "value": "IPV4_ONLY" } ] }, "google-native:compute/beta:NetworkNetworkFirewallPolicyEnforcementOrder": { "description": "The network firewall policy enforcement order. Can be either AFTER_CLASSIC_FIREWALL or BEFORE_CLASSIC_FIREWALL. Defaults to AFTER_CLASSIC_FIREWALL if the field is not specified.", "type": "string", "enum": [ { "name": "AfterClassicFirewall", "value": "AFTER_CLASSIC_FIREWALL" }, { "name": "BeforeClassicFirewall", "value": "BEFORE_CLASSIC_FIREWALL" } ] }, "google-native:compute/beta:NetworkPeeringResponse": { "description": "A network peering attached to a network resource. The message includes the peering name, peer network, peering state, and a flag indicating whether Google Compute Engine should automatically create routes for the peering.", "properties": { "autoCreateRoutes": { "type": "boolean", "description": "This field will be deprecated soon. Use the exchange_subnet_routes field instead. Indicates whether full mesh connectivity is created and managed automatically between peered networks. Currently this field should always be true since Google Compute Engine will automatically create and manage subnetwork routes between two networks when peering state is ACTIVE." }, "exchangeSubnetRoutes": { "type": "boolean", "description": "Indicates whether full mesh connectivity is created and managed automatically between peered networks. Currently this field should always be true since Google Compute Engine will automatically create and manage subnetwork routes between two networks when peering state is ACTIVE." }, "exportCustomRoutes": { "type": "boolean", "description": "Whether to export the custom routes to peer network. The default value is false." }, "exportSubnetRoutesWithPublicIp": { "type": "boolean", "description": "Whether subnet routes with public IP range are exported. The default value is true, all subnet routes are exported. IPv4 special-use ranges are always exported to peers and are not controlled by this field." }, "importCustomRoutes": { "type": "boolean", "description": "Whether to import the custom routes from peer network. The default value is false." }, "importSubnetRoutesWithPublicIp": { "type": "boolean", "description": "Whether subnet routes with public IP range are imported. The default value is false. IPv4 special-use ranges are always imported from peers and are not controlled by this field." }, "name": { "type": "string", "description": "Name of this peering. Provided by the client when the peering is created. The name must comply with RFC1035. Specifically, the name must be 1-63 characters long and match regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all the following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "network": { "type": "string", "description": "The URL of the peer network. It can be either full URL or partial URL. The peer network may belong to a different project. If the partial URL does not contain project, it is assumed that the peer network is in the same project as the current network." }, "peerMtu": { "type": "integer", "description": "Maximum Transmission Unit in bytes." }, "stackType": { "type": "string", "description": "Which IP version(s) of traffic and routes are allowed to be imported or exported between peer networks. The default value is IPV4_ONLY." }, "state": { "type": "string", "description": "State for the peering, either `ACTIVE` or `INACTIVE`. The peering is `ACTIVE` when there's a matching configuration in the peer network." }, "stateDetails": { "type": "string", "description": "Details about the current state of the peering." } }, "type": "object", "required": [ "autoCreateRoutes", "exchangeSubnetRoutes", "exportCustomRoutes", "exportSubnetRoutesWithPublicIp", "importCustomRoutes", "importSubnetRoutesWithPublicIp", "name", "network", "peerMtu", "stackType", "state", "stateDetails" ] }, "google-native:compute/beta:NetworkPerformanceConfig": { "properties": { "totalEgressBandwidthTier": { "$ref": "#/types/google-native:compute%2Fbeta:NetworkPerformanceConfigTotalEgressBandwidthTier" } }, "type": "object" }, "google-native:compute/beta:NetworkPerformanceConfigResponse": { "properties": { "totalEgressBandwidthTier": { "type": "string" } }, "type": "object", "required": [ "totalEgressBandwidthTier" ] }, "google-native:compute/beta:NetworkPerformanceConfigTotalEgressBandwidthTier": { "type": "string", "enum": [ { "name": "Default", "value": "DEFAULT" }, { "name": "Tier1", "value": "TIER_1" } ] }, "google-native:compute/beta:NetworkRoutingConfig": { "description": "A routing configuration attached to a network resource. The message includes the list of routers associated with the network, and a flag indicating the type of routing behavior to enforce network-wide.", "properties": { "routingMode": { "$ref": "#/types/google-native:compute%2Fbeta:NetworkRoutingConfigRoutingMode", "description": "The network-wide routing mode to use. If set to REGIONAL, this network's Cloud Routers will only advertise routes with subnets of this network in the same region as the router. If set to GLOBAL, this network's Cloud Routers will advertise routes with all subnets of this network, across regions." } }, "type": "object" }, "google-native:compute/beta:NetworkRoutingConfigResponse": { "description": "A routing configuration attached to a network resource. The message includes the list of routers associated with the network, and a flag indicating the type of routing behavior to enforce network-wide.", "properties": { "routingMode": { "type": "string", "description": "The network-wide routing mode to use. If set to REGIONAL, this network's Cloud Routers will only advertise routes with subnets of this network in the same region as the router. If set to GLOBAL, this network's Cloud Routers will advertise routes with all subnets of this network, across regions." } }, "type": "object", "required": [ "routingMode" ] }, "google-native:compute/beta:NetworkRoutingConfigRoutingMode": { "description": "The network-wide routing mode to use. If set to REGIONAL, this network's Cloud Routers will only advertise routes with subnets of this network in the same region as the router. If set to GLOBAL, this network's Cloud Routers will advertise routes with all subnets of this network, across regions.", "type": "string", "enum": [ { "name": "Global", "value": "GLOBAL" }, { "name": "Regional", "value": "REGIONAL" } ] }, "google-native:compute/beta:NodeGroupAutoscalingPolicy": { "properties": { "maxNodes": { "type": "integer", "description": "The maximum number of nodes that the group should have. Must be set if autoscaling is enabled. Maximum value allowed is 100." }, "minNodes": { "type": "integer", "description": "The minimum number of nodes that the group should have." }, "mode": { "$ref": "#/types/google-native:compute%2Fbeta:NodeGroupAutoscalingPolicyMode", "description": "The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see Autoscaler modes." } }, "type": "object" }, "google-native:compute/beta:NodeGroupAutoscalingPolicyMode": { "description": "The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see Autoscaler modes.", "type": "string", "enum": [ { "name": "ModeUnspecified", "value": "MODE_UNSPECIFIED" }, { "name": "Off", "description": "Autoscaling is disabled.", "value": "OFF" }, { "name": "On", "description": "Autocaling is fully enabled.", "value": "ON" }, { "name": "OnlyScaleOut", "description": "Autoscaling will only scale out and will not remove nodes.", "value": "ONLY_SCALE_OUT" } ] }, "google-native:compute/beta:NodeGroupAutoscalingPolicyResponse": { "properties": { "maxNodes": { "type": "integer", "description": "The maximum number of nodes that the group should have. Must be set if autoscaling is enabled. Maximum value allowed is 100." }, "minNodes": { "type": "integer", "description": "The minimum number of nodes that the group should have." }, "mode": { "type": "string", "description": "The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see Autoscaler modes." } }, "type": "object", "required": [ "maxNodes", "minNodes", "mode" ] }, "google-native:compute/beta:NodeGroupMaintenanceInterval": { "description": "Specifies the frequency of planned maintenance events. The accepted values are: `AS_NEEDED` and `RECURRENT`.", "type": "string", "enum": [ { "name": "AsNeeded", "description": "VMs are eligible to receive infrastructure and hypervisor updates as they become available. This may result in more maintenance operations (live migrations or terminations) for the VM than the PERIODIC and RECURRENT options.", "value": "AS_NEEDED" }, { "name": "Periodic", "description": "VMs receive infrastructure and hypervisor updates on a periodic basis, minimizing the number of maintenance operations (live migrations or terminations) on an individual VM. This may mean a VM will take longer to receive an update than if it was configured for AS_NEEDED. Security updates will still be applied as soon as they are available.", "value": "PERIODIC" }, { "name": "Recurrent", "description": "VMs receive infrastructure and hypervisor updates on a periodic basis, minimizing the number of maintenance operations (live migrations or terminations) on an individual VM. This may mean a VM will take longer to receive an update than if it was configured for AS_NEEDED. Security updates will still be applied as soon as they are available. RECURRENT is used for GEN3 and Slice of Hardware VMs.", "value": "RECURRENT" } ] }, "google-native:compute/beta:NodeGroupMaintenancePolicy": { "description": "Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see Maintenance policies.", "type": "string", "enum": [ { "name": "Default", "description": "Allow the node and corresponding instances to retain default maintenance behavior.", "value": "DEFAULT" }, { "name": "MaintenancePolicyUnspecified", "value": "MAINTENANCE_POLICY_UNSPECIFIED" }, { "name": "MigrateWithinNodeGroup", "description": "When maintenance must be done on a node, the instances on that node will be moved to other nodes in the group. Instances with onHostMaintenance = MIGRATE will live migrate to their destinations while instances with onHostMaintenance = TERMINATE will terminate and then restart on their destination nodes if automaticRestart = true.", "value": "MIGRATE_WITHIN_NODE_GROUP" }, { "name": "RestartInPlace", "description": "Instances in this group will restart on the same node when maintenance has completed. Instances must have onHostMaintenance = TERMINATE, and they will only restart if automaticRestart = true.", "value": "RESTART_IN_PLACE" } ] }, "google-native:compute/beta:NodeGroupMaintenanceWindow": { "description": "Time window specified for daily maintenance operations. GCE's internal maintenance will be performed within this window.", "properties": { "startTime": { "type": "string", "description": "Start time of the window. This must be in UTC format that resolves to one of 00:00, 04:00, 08:00, 12:00, 16:00, or 20:00. For example, both 13:00-5 and 08:00 are valid." } }, "type": "object" }, "google-native:compute/beta:NodeGroupMaintenanceWindowResponse": { "description": "Time window specified for daily maintenance operations. GCE's internal maintenance will be performed within this window.", "properties": { "maintenanceDuration": { "$ref": "#/types/google-native:compute%2Fbeta:DurationResponse", "description": "[Output only] A predetermined duration for the window, automatically chosen to be the smallest possible in the given scenario." }, "startTime": { "type": "string", "description": "Start time of the window. This must be in UTC format that resolves to one of 00:00, 04:00, 08:00, 12:00, 16:00, or 20:00. For example, both 13:00-5 and 08:00 are valid." } }, "type": "object", "required": [ "maintenanceDuration", "startTime" ] }, "google-native:compute/beta:NodeGroupStatus": { "type": "string", "enum": [ { "name": "Creating", "value": "CREATING" }, { "name": "Deleting", "value": "DELETING" }, { "name": "Invalid", "value": "INVALID" }, { "name": "Ready", "value": "READY" } ] }, "google-native:compute/beta:NodeTemplateCpuOvercommitType": { "description": "CPU overcommit.", "type": "string", "enum": [ { "name": "CpuOvercommitTypeUnspecified", "value": "CPU_OVERCOMMIT_TYPE_UNSPECIFIED" }, { "name": "Enabled", "value": "ENABLED" }, { "name": "None", "value": "NONE" } ] }, "google-native:compute/beta:NodeTemplateNodeTypeFlexibility": { "properties": { "cpus": { "type": "string" }, "localSsd": { "type": "string" }, "memory": { "type": "string" } }, "type": "object" }, "google-native:compute/beta:NodeTemplateNodeTypeFlexibilityResponse": { "properties": { "cpus": { "type": "string" }, "localSsd": { "type": "string" }, "memory": { "type": "string" } }, "type": "object", "required": [ "cpus", "localSsd", "memory" ] }, "google-native:compute/beta:NotificationEndpointGrpcSettings": { "description": "Represents a gRPC setting that describes one gRPC notification endpoint and the retry duration attempting to send notification to this endpoint.", "properties": { "authority": { "type": "string", "description": "Optional. If specified, this field is used to set the authority header by the sender of notifications. See https://tools.ietf.org/html/rfc7540#section-8.1.2.3" }, "endpoint": { "type": "string", "description": "Endpoint to which gRPC notifications are sent. This must be a valid gRPCLB DNS name." }, "payloadName": { "type": "string", "description": "Optional. If specified, this field is used to populate the \"name\" field in gRPC requests." }, "resendInterval": { "$ref": "#/types/google-native:compute%2Fbeta:Duration", "description": "Optional. This field is used to configure how often to send a full update of all non-healthy backends. If unspecified, full updates are not sent. If specified, must be in the range between 600 seconds to 3600 seconds. Nanos are disallowed. Can only be set for regional notification endpoints." }, "retryDurationSec": { "type": "integer", "description": "How much time (in seconds) is spent attempting notification retries until a successful response is received. Default is 30s. Limit is 20m (1200s). Must be a positive number." } }, "type": "object" }, "google-native:compute/beta:NotificationEndpointGrpcSettingsResponse": { "description": "Represents a gRPC setting that describes one gRPC notification endpoint and the retry duration attempting to send notification to this endpoint.", "properties": { "authority": { "type": "string", "description": "Optional. If specified, this field is used to set the authority header by the sender of notifications. See https://tools.ietf.org/html/rfc7540#section-8.1.2.3" }, "endpoint": { "type": "string", "description": "Endpoint to which gRPC notifications are sent. This must be a valid gRPCLB DNS name." }, "payloadName": { "type": "string", "description": "Optional. If specified, this field is used to populate the \"name\" field in gRPC requests." }, "resendInterval": { "$ref": "#/types/google-native:compute%2Fbeta:DurationResponse", "description": "Optional. This field is used to configure how often to send a full update of all non-healthy backends. If unspecified, full updates are not sent. If specified, must be in the range between 600 seconds to 3600 seconds. Nanos are disallowed. Can only be set for regional notification endpoints." }, "retryDurationSec": { "type": "integer", "description": "How much time (in seconds) is spent attempting notification retries until a successful response is received. Default is 30s. Limit is 20m (1200s). Must be a positive number." } }, "type": "object", "required": [ "authority", "endpoint", "payloadName", "resendInterval", "retryDurationSec" ] }, "google-native:compute/beta:OrganizationSecurityPolicyType": { "description": "The type indicates the intended use of the security policy. - CLOUD_ARMOR: Cloud Armor backend security policies can be configured to filter incoming HTTP requests targeting backend services. They filter requests before they hit the origin servers. - CLOUD_ARMOR_EDGE: Cloud Armor edge security policies can be configured to filter incoming HTTP requests targeting backend services (including Cloud CDN-enabled) as well as backend buckets (Cloud Storage). They filter requests before the request is served from Google's cache. - CLOUD_ARMOR_INTERNAL_SERVICE: Cloud Armor internal service policies can be configured to filter HTTP requests targeting services managed by Traffic Director in a service mesh. They filter requests before the request is served from the application. - CLOUD_ARMOR_NETWORK: Cloud Armor network policies can be configured to filter packets targeting network load balancing resources such as backend services, target pools, target instances, and instances with external IPs. They filter requests before the request is served from the application. This field can be set only at resource creation time.", "type": "string", "enum": [ { "name": "CloudArmor", "value": "CLOUD_ARMOR" }, { "name": "CloudArmorEdge", "value": "CLOUD_ARMOR_EDGE" }, { "name": "CloudArmorNetwork", "value": "CLOUD_ARMOR_NETWORK" }, { "name": "Firewall", "value": "FIREWALL" } ] }, "google-native:compute/beta:OutlierDetection": { "description": "Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service.", "properties": { "baseEjectionTime": { "$ref": "#/types/google-native:compute%2Fbeta:Duration", "description": "The base time that a backend endpoint is ejected for. Defaults to 30000ms or 30s. After a backend endpoint is returned back to the load balancing pool, it can be ejected again in another ejection analysis. Thus, the total ejection time is equal to the base ejection time multiplied by the number of times the backend endpoint has been ejected. Defaults to 30000ms or 30s." }, "consecutiveErrors": { "type": "integer", "description": "Number of consecutive errors before a backend endpoint is ejected from the load balancing pool. When the backend endpoint is accessed over HTTP, a 5xx return code qualifies as an error. Defaults to 5." }, "consecutiveGatewayFailure": { "type": "integer", "description": "The number of consecutive gateway failures (502, 503, 504 status or connection errors that are mapped to one of those status codes) before a consecutive gateway failure ejection occurs. Defaults to 3." }, "enforcingConsecutiveErrors": { "type": "integer", "description": "The percentage chance that a backend endpoint will be ejected when an outlier status is detected through consecutive 5xx. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 0." }, "enforcingConsecutiveGatewayFailure": { "type": "integer", "description": "The percentage chance that a backend endpoint will be ejected when an outlier status is detected through consecutive gateway failures. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100." }, "enforcingSuccessRate": { "type": "integer", "description": "The percentage chance that a backend endpoint will be ejected when an outlier status is detected through success rate statistics. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100. Not supported when the backend service uses Serverless NEG." }, "interval": { "$ref": "#/types/google-native:compute%2Fbeta:Duration", "description": "Time interval between ejection analysis sweeps. This can result in both new ejections and backend endpoints being returned to service. The interval is equal to the number of seconds as defined in outlierDetection.interval.seconds plus the number of nanoseconds as defined in outlierDetection.interval.nanos. Defaults to 1 second." }, "maxEjectionPercent": { "type": "integer", "description": "Maximum percentage of backend endpoints in the load balancing pool for the backend service that can be ejected if the ejection conditions are met. Defaults to 50%." }, "successRateMinimumHosts": { "type": "integer", "description": "The number of backend endpoints in the load balancing pool that must have enough request volume to detect success rate outliers. If the number of backend endpoints is fewer than this setting, outlier detection via success rate statistics is not performed for any backend endpoint in the load balancing pool. Defaults to 5. Not supported when the backend service uses Serverless NEG." }, "successRateRequestVolume": { "type": "integer", "description": "The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this backend endpoint in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that backend endpoint. Defaults to 100. Not supported when the backend service uses Serverless NEG." }, "successRateStdevFactor": { "type": "integer", "description": "This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * successRateStdevFactor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900. Not supported when the backend service uses Serverless NEG." } }, "type": "object" }, "google-native:compute/beta:OutlierDetectionResponse": { "description": "Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service.", "properties": { "baseEjectionTime": { "$ref": "#/types/google-native:compute%2Fbeta:DurationResponse", "description": "The base time that a backend endpoint is ejected for. Defaults to 30000ms or 30s. After a backend endpoint is returned back to the load balancing pool, it can be ejected again in another ejection analysis. Thus, the total ejection time is equal to the base ejection time multiplied by the number of times the backend endpoint has been ejected. Defaults to 30000ms or 30s." }, "consecutiveErrors": { "type": "integer", "description": "Number of consecutive errors before a backend endpoint is ejected from the load balancing pool. When the backend endpoint is accessed over HTTP, a 5xx return code qualifies as an error. Defaults to 5." }, "consecutiveGatewayFailure": { "type": "integer", "description": "The number of consecutive gateway failures (502, 503, 504 status or connection errors that are mapped to one of those status codes) before a consecutive gateway failure ejection occurs. Defaults to 3." }, "enforcingConsecutiveErrors": { "type": "integer", "description": "The percentage chance that a backend endpoint will be ejected when an outlier status is detected through consecutive 5xx. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 0." }, "enforcingConsecutiveGatewayFailure": { "type": "integer", "description": "The percentage chance that a backend endpoint will be ejected when an outlier status is detected through consecutive gateway failures. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100." }, "enforcingSuccessRate": { "type": "integer", "description": "The percentage chance that a backend endpoint will be ejected when an outlier status is detected through success rate statistics. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100. Not supported when the backend service uses Serverless NEG." }, "interval": { "$ref": "#/types/google-native:compute%2Fbeta:DurationResponse", "description": "Time interval between ejection analysis sweeps. This can result in both new ejections and backend endpoints being returned to service. The interval is equal to the number of seconds as defined in outlierDetection.interval.seconds plus the number of nanoseconds as defined in outlierDetection.interval.nanos. Defaults to 1 second." }, "maxEjectionPercent": { "type": "integer", "description": "Maximum percentage of backend endpoints in the load balancing pool for the backend service that can be ejected if the ejection conditions are met. Defaults to 50%." }, "successRateMinimumHosts": { "type": "integer", "description": "The number of backend endpoints in the load balancing pool that must have enough request volume to detect success rate outliers. If the number of backend endpoints is fewer than this setting, outlier detection via success rate statistics is not performed for any backend endpoint in the load balancing pool. Defaults to 5. Not supported when the backend service uses Serverless NEG." }, "successRateRequestVolume": { "type": "integer", "description": "The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this backend endpoint in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that backend endpoint. Defaults to 100. Not supported when the backend service uses Serverless NEG." }, "successRateStdevFactor": { "type": "integer", "description": "This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * successRateStdevFactor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900. Not supported when the backend service uses Serverless NEG." } }, "type": "object", "required": [ "baseEjectionTime", "consecutiveErrors", "consecutiveGatewayFailure", "enforcingConsecutiveErrors", "enforcingConsecutiveGatewayFailure", "enforcingSuccessRate", "interval", "maxEjectionPercent", "successRateMinimumHosts", "successRateRequestVolume", "successRateStdevFactor" ] }, "google-native:compute/beta:PacketMirroringEnable": { "description": "Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network. The default is TRUE.", "type": "string", "enum": [ { "name": "False", "value": "FALSE" }, { "name": "True", "value": "TRUE" } ] }, "google-native:compute/beta:PacketMirroringFilter": { "properties": { "cidrRanges": { "type": "array", "items": { "type": "string" }, "description": "IP CIDR ranges that apply as filter on the source (ingress) or destination (egress) IP in the IP header. Only IPv4 is supported. If no ranges are specified, all traffic that matches the specified IPProtocols is mirrored. If neither cidrRanges nor IPProtocols is specified, all traffic is mirrored." }, "direction": { "$ref": "#/types/google-native:compute%2Fbeta:PacketMirroringFilterDirection", "description": "Direction of traffic to mirror, either INGRESS, EGRESS, or BOTH. The default is BOTH." }, "ipProtocols": { "type": "array", "items": { "type": "string" }, "description": "Protocols that apply as filter on mirrored traffic. If no protocols are specified, all traffic that matches the specified CIDR ranges is mirrored. If neither cidrRanges nor IPProtocols is specified, all traffic is mirrored." } }, "type": "object" }, "google-native:compute/beta:PacketMirroringFilterDirection": { "description": "Direction of traffic to mirror, either INGRESS, EGRESS, or BOTH. The default is BOTH.", "type": "string", "enum": [ { "name": "Both", "description": "Default, both directions are mirrored.", "value": "BOTH" }, { "name": "Egress", "description": "Only egress traffic is mirrored.", "value": "EGRESS" }, { "name": "Ingress", "description": "Only ingress traffic is mirrored.", "value": "INGRESS" } ] }, "google-native:compute/beta:PacketMirroringFilterResponse": { "properties": { "cidrRanges": { "type": "array", "items": { "type": "string" }, "description": "IP CIDR ranges that apply as filter on the source (ingress) or destination (egress) IP in the IP header. Only IPv4 is supported. If no ranges are specified, all traffic that matches the specified IPProtocols is mirrored. If neither cidrRanges nor IPProtocols is specified, all traffic is mirrored." }, "direction": { "type": "string", "description": "Direction of traffic to mirror, either INGRESS, EGRESS, or BOTH. The default is BOTH." }, "ipProtocols": { "type": "array", "items": { "type": "string" }, "description": "Protocols that apply as filter on mirrored traffic. If no protocols are specified, all traffic that matches the specified CIDR ranges is mirrored. If neither cidrRanges nor IPProtocols is specified, all traffic is mirrored." } }, "type": "object", "required": [ "cidrRanges", "direction", "ipProtocols" ] }, "google-native:compute/beta:PacketMirroringForwardingRuleInfo": { "properties": { "url": { "type": "string", "description": "Resource URL to the forwarding rule representing the ILB configured as destination of the mirrored traffic." } }, "type": "object" }, "google-native:compute/beta:PacketMirroringForwardingRuleInfoResponse": { "properties": { "canonicalUrl": { "type": "string", "description": "Unique identifier for the forwarding rule; defined by the server." }, "url": { "type": "string", "description": "Resource URL to the forwarding rule representing the ILB configured as destination of the mirrored traffic." } }, "type": "object", "required": [ "canonicalUrl", "url" ] }, "google-native:compute/beta:PacketMirroringMirroredResourceInfo": { "properties": { "instances": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:PacketMirroringMirroredResourceInfoInstanceInfo" }, "description": "A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring. Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring. You may specify a maximum of 50 Instances." }, "subnetworks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:PacketMirroringMirroredResourceInfoSubnetInfo" }, "description": "A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring. You may specify a maximum of 5 subnetworks." }, "tags": { "type": "array", "items": { "type": "string" }, "description": "A set of mirrored tags. Traffic from/to all VM instances that have one or more of these tags will be mirrored." } }, "type": "object" }, "google-native:compute/beta:PacketMirroringMirroredResourceInfoInstanceInfo": { "properties": { "url": { "type": "string", "description": "Resource URL to the virtual machine instance which is being mirrored." } }, "type": "object" }, "google-native:compute/beta:PacketMirroringMirroredResourceInfoInstanceInfoResponse": { "properties": { "canonicalUrl": { "type": "string", "description": "Unique identifier for the instance; defined by the server." }, "url": { "type": "string", "description": "Resource URL to the virtual machine instance which is being mirrored." } }, "type": "object", "required": [ "canonicalUrl", "url" ] }, "google-native:compute/beta:PacketMirroringMirroredResourceInfoResponse": { "properties": { "instances": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:PacketMirroringMirroredResourceInfoInstanceInfoResponse" }, "description": "A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring. Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring. You may specify a maximum of 50 Instances." }, "subnetworks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:PacketMirroringMirroredResourceInfoSubnetInfoResponse" }, "description": "A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring. You may specify a maximum of 5 subnetworks." }, "tags": { "type": "array", "items": { "type": "string" }, "description": "A set of mirrored tags. Traffic from/to all VM instances that have one or more of these tags will be mirrored." } }, "type": "object", "required": [ "instances", "subnetworks", "tags" ] }, "google-native:compute/beta:PacketMirroringMirroredResourceInfoSubnetInfo": { "properties": { "url": { "type": "string", "description": "Resource URL to the subnetwork for which traffic from/to all VM instances will be mirrored." } }, "type": "object" }, "google-native:compute/beta:PacketMirroringMirroredResourceInfoSubnetInfoResponse": { "properties": { "canonicalUrl": { "type": "string", "description": "Unique identifier for the subnetwork; defined by the server." }, "url": { "type": "string", "description": "Resource URL to the subnetwork for which traffic from/to all VM instances will be mirrored." } }, "type": "object", "required": [ "canonicalUrl", "url" ] }, "google-native:compute/beta:PacketMirroringNetworkInfo": { "properties": { "url": { "type": "string", "description": "URL of the network resource." } }, "type": "object" }, "google-native:compute/beta:PacketMirroringNetworkInfoResponse": { "properties": { "canonicalUrl": { "type": "string", "description": "Unique identifier for the network; defined by the server." }, "url": { "type": "string", "description": "URL of the network resource." } }, "type": "object", "required": [ "canonicalUrl", "url" ] }, "google-native:compute/beta:PathMatcher": { "description": "A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service is used.", "properties": { "defaultCustomErrorResponsePolicy": { "$ref": "#/types/google-native:compute%2Fbeta:CustomErrorResponsePolicy", "description": "defaultCustomErrorResponsePolicy specifies how the Load Balancer returns error responses when BackendServiceor BackendBucket responds with an error. This policy takes effect at the PathMatcher level and applies only when no policy has been defined for the error code at lower levels like RouteRule and PathRule within this PathMatcher. If an error code does not have a policy defined in defaultCustomErrorResponsePolicy, then a policy defined for the error code in UrlMap.defaultCustomErrorResponsePolicy takes effect. For example, consider a UrlMap with the following configuration: - UrlMap.defaultCustomErrorResponsePolicy is configured with policies for 5xx and 4xx errors - A RouteRule for /coming_soon/ is configured for the error code 404. If the request is for www.myotherdomain.com and a 404 is encountered, the policy under UrlMap.defaultCustomErrorResponsePolicy takes effect. If a 404 response is encountered for the request www.example.com/current_events/, the pathMatcher's policy takes effect. If however, the request for www.example.com/coming_soon/ encounters a 404, the policy in RouteRule.customErrorResponsePolicy takes effect. If any of the requests in this example encounter a 500 error code, the policy at UrlMap.defaultCustomErrorResponsePolicy takes effect. When used in conjunction with pathMatcher.defaultRouteAction.retryPolicy, retries take precedence. Only once all retries are exhausted, the defaultCustomErrorResponsePolicy is applied. While attempting a retry, if load balancer is successful in reaching the service, the defaultCustomErrorResponsePolicy is ignored and the response from the service is returned to the client. defaultCustomErrorResponsePolicy is supported only for global external Application Load Balancers." }, "defaultRouteAction": { "$ref": "#/types/google-native:compute%2Fbeta:HttpRouteAction", "description": "defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions, such as URL rewrites and header transformations, before forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. URL maps for classic Application Load Balancers only support the urlRewrite action within a path matcher's defaultRouteAction." }, "defaultService": { "type": "string", "description": "The full or partial URL to the BackendService resource. This URL is used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is also specified, advanced routing actions, such as URL rewrites, take effect before sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect , or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use " }, "defaultUrlRedirect": { "$ref": "#/types/google-native:compute%2Fbeta:HttpRedirectAction", "description": "When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to a target gRPC proxy." }, "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "headerAction": { "$ref": "#/types/google-native:compute%2Fbeta:HttpHeaderAction", "description": "Specifies changes to request and response headers that need to take effect for the selected backend service. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap HeaderAction is not supported for load balancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "name": { "type": "string", "description": "The name to which this PathMatcher is referred by the HostRule." }, "pathRules": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:PathRule" }, "description": "The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set." }, "routeRules": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:HttpRouteRule" }, "description": "The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules." } }, "type": "object" }, "google-native:compute/beta:PathMatcherResponse": { "description": "A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service is used.", "properties": { "defaultCustomErrorResponsePolicy": { "$ref": "#/types/google-native:compute%2Fbeta:CustomErrorResponsePolicyResponse", "description": "defaultCustomErrorResponsePolicy specifies how the Load Balancer returns error responses when BackendServiceor BackendBucket responds with an error. This policy takes effect at the PathMatcher level and applies only when no policy has been defined for the error code at lower levels like RouteRule and PathRule within this PathMatcher. If an error code does not have a policy defined in defaultCustomErrorResponsePolicy, then a policy defined for the error code in UrlMap.defaultCustomErrorResponsePolicy takes effect. For example, consider a UrlMap with the following configuration: - UrlMap.defaultCustomErrorResponsePolicy is configured with policies for 5xx and 4xx errors - A RouteRule for /coming_soon/ is configured for the error code 404. If the request is for www.myotherdomain.com and a 404 is encountered, the policy under UrlMap.defaultCustomErrorResponsePolicy takes effect. If a 404 response is encountered for the request www.example.com/current_events/, the pathMatcher's policy takes effect. If however, the request for www.example.com/coming_soon/ encounters a 404, the policy in RouteRule.customErrorResponsePolicy takes effect. If any of the requests in this example encounter a 500 error code, the policy at UrlMap.defaultCustomErrorResponsePolicy takes effect. When used in conjunction with pathMatcher.defaultRouteAction.retryPolicy, retries take precedence. Only once all retries are exhausted, the defaultCustomErrorResponsePolicy is applied. While attempting a retry, if load balancer is successful in reaching the service, the defaultCustomErrorResponsePolicy is ignored and the response from the service is returned to the client. defaultCustomErrorResponsePolicy is supported only for global external Application Load Balancers." }, "defaultRouteAction": { "$ref": "#/types/google-native:compute%2Fbeta:HttpRouteActionResponse", "description": "defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions, such as URL rewrites and header transformations, before forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. URL maps for classic Application Load Balancers only support the urlRewrite action within a path matcher's defaultRouteAction." }, "defaultService": { "type": "string", "description": "The full or partial URL to the BackendService resource. This URL is used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is also specified, advanced routing actions, such as URL rewrites, take effect before sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect , or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use " }, "defaultUrlRedirect": { "$ref": "#/types/google-native:compute%2Fbeta:HttpRedirectActionResponse", "description": "When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to a target gRPC proxy." }, "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "headerAction": { "$ref": "#/types/google-native:compute%2Fbeta:HttpHeaderActionResponse", "description": "Specifies changes to request and response headers that need to take effect for the selected backend service. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap HeaderAction is not supported for load balancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "name": { "type": "string", "description": "The name to which this PathMatcher is referred by the HostRule." }, "pathRules": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:PathRuleResponse" }, "description": "The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set." }, "routeRules": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:HttpRouteRuleResponse" }, "description": "The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules." } }, "type": "object", "required": [ "defaultCustomErrorResponsePolicy", "defaultRouteAction", "defaultService", "defaultUrlRedirect", "description", "headerAction", "name", "pathRules", "routeRules" ] }, "google-native:compute/beta:PathRule": { "description": "A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.", "properties": { "customErrorResponsePolicy": { "$ref": "#/types/google-native:compute%2Fbeta:CustomErrorResponsePolicy", "description": "customErrorResponsePolicy specifies how the Load Balancer returns error responses when BackendServiceor BackendBucket responds with an error. If a policy for an error code is not configured for the PathRule, a policy for the error code configured in pathMatcher.defaultCustomErrorResponsePolicy is applied. If one is not specified in pathMatcher.defaultCustomErrorResponsePolicy, the policy configured in UrlMap.defaultCustomErrorResponsePolicy takes effect. For example, consider a UrlMap with the following configuration: - UrlMap.defaultCustomErrorResponsePolicy are configured with policies for 5xx and 4xx errors - A PathRule for /coming_soon/ is configured for the error code 404. If the request is for www.myotherdomain.com and a 404 is encountered, the policy under UrlMap.defaultCustomErrorResponsePolicy takes effect. If a 404 response is encountered for the request www.example.com/current_events/, the pathMatcher's policy takes effect. If however, the request for www.example.com/coming_soon/ encounters a 404, the policy in PathRule.customErrorResponsePolicy takes effect. If any of the requests in this example encounter a 500 error code, the policy at UrlMap.defaultCustomErrorResponsePolicy takes effect. customErrorResponsePolicy is supported only for global external Application Load Balancers." }, "paths": { "type": "array", "items": { "type": "string" }, "description": "The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here." }, "routeAction": { "$ref": "#/types/google-native:compute%2Fbeta:HttpRouteAction", "description": "In response to a matching path, the load balancer performs advanced routing actions, such as URL rewrites and header transformations, before forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. URL maps for classic Application Load Balancers only support the urlRewrite action within a path rule's routeAction." }, "service": { "type": "string", "description": "The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is also specified, advanced routing actions, such as URL rewrites, take effect before sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set." }, "urlRedirect": { "$ref": "#/types/google-native:compute%2Fbeta:HttpRedirectAction", "description": "When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to a target gRPC proxy." } }, "type": "object" }, "google-native:compute/beta:PathRuleResponse": { "description": "A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.", "properties": { "customErrorResponsePolicy": { "$ref": "#/types/google-native:compute%2Fbeta:CustomErrorResponsePolicyResponse", "description": "customErrorResponsePolicy specifies how the Load Balancer returns error responses when BackendServiceor BackendBucket responds with an error. If a policy for an error code is not configured for the PathRule, a policy for the error code configured in pathMatcher.defaultCustomErrorResponsePolicy is applied. If one is not specified in pathMatcher.defaultCustomErrorResponsePolicy, the policy configured in UrlMap.defaultCustomErrorResponsePolicy takes effect. For example, consider a UrlMap with the following configuration: - UrlMap.defaultCustomErrorResponsePolicy are configured with policies for 5xx and 4xx errors - A PathRule for /coming_soon/ is configured for the error code 404. If the request is for www.myotherdomain.com and a 404 is encountered, the policy under UrlMap.defaultCustomErrorResponsePolicy takes effect. If a 404 response is encountered for the request www.example.com/current_events/, the pathMatcher's policy takes effect. If however, the request for www.example.com/coming_soon/ encounters a 404, the policy in PathRule.customErrorResponsePolicy takes effect. If any of the requests in this example encounter a 500 error code, the policy at UrlMap.defaultCustomErrorResponsePolicy takes effect. customErrorResponsePolicy is supported only for global external Application Load Balancers." }, "paths": { "type": "array", "items": { "type": "string" }, "description": "The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here." }, "routeAction": { "$ref": "#/types/google-native:compute%2Fbeta:HttpRouteActionResponse", "description": "In response to a matching path, the load balancer performs advanced routing actions, such as URL rewrites and header transformations, before forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. URL maps for classic Application Load Balancers only support the urlRewrite action within a path rule's routeAction." }, "service": { "type": "string", "description": "The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is also specified, advanced routing actions, such as URL rewrites, take effect before sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set." }, "urlRedirect": { "$ref": "#/types/google-native:compute%2Fbeta:HttpRedirectActionResponse", "description": "When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to a target gRPC proxy." } }, "type": "object", "required": [ "customErrorResponsePolicy", "paths", "routeAction", "service", "urlRedirect" ] }, "google-native:compute/beta:PublicAdvertisedPrefixPdpScope": { "description": "Specifies how child public delegated prefix will be scoped. It could be one of following values: - `REGIONAL`: The public delegated prefix is regional only. The provisioning will take a few minutes. - `GLOBAL`: The public delegated prefix is global only. The provisioning will take ~4 weeks. - `GLOBAL_AND_REGIONAL` [output only]: The public delegated prefixes is BYOIP V1 legacy prefix. This is output only value and no longer supported in BYOIP V2. ", "type": "string", "enum": [ { "name": "Global", "description": "The public delegated prefix is global only. The provisioning will take ~4 weeks.", "value": "GLOBAL" }, { "name": "GlobalAndRegional", "description": "The public delegated prefixes is BYOIP V1 legacy prefix. This is output only value and no longer supported in BYOIP V2.", "value": "GLOBAL_AND_REGIONAL" }, { "name": "Regional", "description": "The public delegated prefix is regional only. The provisioning will take a few minutes.", "value": "REGIONAL" } ] }, "google-native:compute/beta:PublicAdvertisedPrefixPublicDelegatedPrefixResponse": { "description": "Represents a CIDR range which can be used to assign addresses.", "properties": { "ipRange": { "type": "string", "description": "The IP address range of the public delegated prefix" }, "name": { "type": "string", "description": "The name of the public delegated prefix" }, "project": { "type": "string", "description": "The project number of the public delegated prefix" }, "region": { "type": "string", "description": "The region of the public delegated prefix if it is regional. If absent, the prefix is global." }, "status": { "type": "string", "description": "The status of the public delegated prefix. Possible values are: INITIALIZING: The public delegated prefix is being initialized and addresses cannot be created yet. ANNOUNCED: The public delegated prefix is active." } }, "type": "object", "required": [ "ipRange", "name", "project", "region", "status" ] }, "google-native:compute/beta:PublicAdvertisedPrefixStatus": { "description": "The status of the public advertised prefix. Possible values include: - `INITIAL`: RPKI validation is complete. - `PTR_CONFIGURED`: User has configured the PTR. - `VALIDATED`: Reverse DNS lookup is successful. - `REVERSE_DNS_LOOKUP_FAILED`: Reverse DNS lookup failed. - `PREFIX_CONFIGURATION_IN_PROGRESS`: The prefix is being configured. - `PREFIX_CONFIGURATION_COMPLETE`: The prefix is fully configured. - `PREFIX_REMOVAL_IN_PROGRESS`: The prefix is being removed. ", "type": "string", "enum": [ { "name": "AnnouncedToInternet", "description": "The prefix is announced to Internet.", "value": "ANNOUNCED_TO_INTERNET" }, { "name": "Initial", "description": "RPKI validation is complete.", "value": "INITIAL" }, { "name": "PrefixConfigurationComplete", "description": "The prefix is fully configured.", "value": "PREFIX_CONFIGURATION_COMPLETE" }, { "name": "PrefixConfigurationInProgress", "description": "The prefix is being configured.", "value": "PREFIX_CONFIGURATION_IN_PROGRESS" }, { "name": "PrefixRemovalInProgress", "description": "The prefix is being removed.", "value": "PREFIX_REMOVAL_IN_PROGRESS" }, { "name": "PtrConfigured", "description": "User has configured the PTR.", "value": "PTR_CONFIGURED" }, { "name": "ReadyToAnnounce", "description": "The prefix is currently withdrawn but ready to be announced.", "value": "READY_TO_ANNOUNCE" }, { "name": "ReverseDnsLookupFailed", "description": "Reverse DNS lookup failed.", "value": "REVERSE_DNS_LOOKUP_FAILED" }, { "name": "Validated", "description": "Reverse DNS lookup is successful.", "value": "VALIDATED" } ] }, "google-native:compute/beta:PublicDelegatedPrefixPublicDelegatedSubPrefix": { "description": "Represents a sub PublicDelegatedPrefix.", "properties": { "delegateeProject": { "type": "string", "description": "Name of the project scoping this PublicDelegatedSubPrefix." }, "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "ipCidrRange": { "type": "string", "description": "The IP address range, in CIDR format, represented by this sub public delegated prefix." }, "isAddress": { "type": "boolean", "description": "Whether the sub prefix is delegated to create Address resources in the delegatee project." }, "name": { "type": "string", "description": "The name of the sub public delegated prefix." } }, "type": "object" }, "google-native:compute/beta:PublicDelegatedPrefixPublicDelegatedSubPrefixResponse": { "description": "Represents a sub PublicDelegatedPrefix.", "properties": { "delegateeProject": { "type": "string", "description": "Name of the project scoping this PublicDelegatedSubPrefix." }, "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "ipCidrRange": { "type": "string", "description": "The IP address range, in CIDR format, represented by this sub public delegated prefix." }, "isAddress": { "type": "boolean", "description": "Whether the sub prefix is delegated to create Address resources in the delegatee project." }, "name": { "type": "string", "description": "The name of the sub public delegated prefix." }, "region": { "type": "string", "description": "The region of the sub public delegated prefix if it is regional. If absent, the sub prefix is global." }, "status": { "type": "string", "description": "The status of the sub public delegated prefix." } }, "type": "object", "required": [ "delegateeProject", "description", "ipCidrRange", "isAddress", "name", "region", "status" ] }, "google-native:compute/beta:QuotaExceededInfoResponse": { "description": "Additional details for quota exceeded error for resource quota.", "properties": { "dimensions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map holding related quota dimensions." }, "futureLimit": { "type": "number", "description": "Future quota limit being rolled out. The limit's unit depends on the quota type or metric." }, "limit": { "type": "number", "description": "Current effective quota limit. The limit's unit depends on the quota type or metric." }, "limitName": { "type": "string", "description": "The name of the quota limit." }, "metricName": { "type": "string", "description": "The Compute Engine quota metric name." }, "rolloutStatus": { "type": "string", "description": "Rollout status of the future quota limit." } }, "type": "object", "required": [ "dimensions", "futureLimit", "limit", "limitName", "metricName", "rolloutStatus" ] }, "google-native:compute/beta:RegionBackendServiceCompressionMode": { "description": "Compress text responses using Brotli or gzip compression, based on the client's Accept-Encoding header.", "type": "string", "enum": [ { "name": "Automatic", "description": "Automatically uses the best compression based on the Accept-Encoding header sent by the client.", "value": "AUTOMATIC" }, { "name": "Disabled", "description": "Disables compression. Existing compressed responses cached by Cloud CDN will not be served to clients.", "value": "DISABLED" } ] }, "google-native:compute/beta:RegionBackendServiceIpAddressSelectionPolicy": { "description": "Specifies a preference for traffic sent from the proxy to the backend (or from the client to the backend for proxyless gRPC). The possible values are: - IPV4_ONLY: Only send IPv4 traffic to the backends of the backend service (Instance Group, Managed Instance Group, Network Endpoint Group), regardless of traffic from the client to the proxy. Only IPv4 health checks are used to check the health of the backends. This is the default setting. - PREFER_IPV6: Prioritize the connection to the endpoint's IPv6 address over its IPv4 address (provided there is a healthy IPv6 address). - IPV6_ONLY: Only send IPv6 traffic to the backends of the backend service (Instance Group, Managed Instance Group, Network Endpoint Group), regardless of traffic from the client to the proxy. Only IPv6 health checks are used to check the health of the backends. This field is applicable to either: - Advanced Global External HTTPS Load Balancing (load balancing scheme EXTERNAL_MANAGED), - Regional External HTTPS Load Balancing, - Internal TCP Proxy (load balancing scheme INTERNAL_MANAGED), - Regional Internal HTTPS Load Balancing (load balancing scheme INTERNAL_MANAGED), - Traffic Director with Envoy proxies and proxyless gRPC (load balancing scheme INTERNAL_SELF_MANAGED). ", "type": "string", "enum": [ { "name": "Ipv4Only", "description": "Only send IPv4 traffic to the backends of the Backend Service (Instance Group, Managed Instance Group, Network Endpoint Group) regardless of traffic from the client to the proxy. Only IPv4 health-checks are used to check the health of the backends. This is the default setting.", "value": "IPV4_ONLY" }, { "name": "Ipv6Only", "description": "Only send IPv6 traffic to the backends of the Backend Service (Instance Group, Managed Instance Group, Network Endpoint Group) regardless of traffic from the client to the proxy. Only IPv6 health-checks are used to check the health of the backends.", "value": "IPV6_ONLY" }, { "name": "IpAddressSelectionPolicyUnspecified", "description": "Unspecified IP address selection policy.", "value": "IP_ADDRESS_SELECTION_POLICY_UNSPECIFIED" }, { "name": "PreferIpv6", "description": "Prioritize the connection to the endpoints IPv6 address over its IPv4 address (provided there is a healthy IPv6 address).", "value": "PREFER_IPV6" } ] }, "google-native:compute/beta:RegionBackendServiceLoadBalancingScheme": { "description": "Specifies the load balancer type. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.", "type": "string", "enum": [ { "name": "External", "description": "Signifies that this will be used for external HTTP(S), SSL Proxy, TCP Proxy, or Network Load Balancing", "value": "EXTERNAL" }, { "name": "ExternalManaged", "description": "Signifies that this will be used for External Managed HTTP(S) Load Balancing.", "value": "EXTERNAL_MANAGED" }, { "name": "Internal", "description": "Signifies that this will be used for Internal TCP/UDP Load Balancing.", "value": "INTERNAL" }, { "name": "InternalManaged", "description": "Signifies that this will be used for Internal HTTP(S) Load Balancing.", "value": "INTERNAL_MANAGED" }, { "name": "InternalSelfManaged", "description": "Signifies that this will be used by Traffic Director.", "value": "INTERNAL_SELF_MANAGED" }, { "name": "InvalidLoadBalancingScheme", "value": "INVALID_LOAD_BALANCING_SCHEME" } ] }, "google-native:compute/beta:RegionBackendServiceLocalityLbPolicy": { "description": "The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED, INTERNAL_MANAGED, or EXTERNAL_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only ROUND_ROBIN and RING_HASH are supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.", "type": "string", "enum": [ { "name": "InvalidLbPolicy", "value": "INVALID_LB_POLICY" }, { "name": "LeastRequest", "description": "An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.", "value": "LEAST_REQUEST" }, { "name": "Maglev", "description": "This algorithm implements consistent hashing to backends. Maglev can be used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824", "value": "MAGLEV" }, { "name": "OriginalDestination", "description": "Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.", "value": "ORIGINAL_DESTINATION" }, { "name": "Random", "description": "The load balancer selects a random healthy host.", "value": "RANDOM" }, { "name": "RingHash", "description": "The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.", "value": "RING_HASH" }, { "name": "RoundRobin", "description": "This is a simple policy in which each healthy backend is selected in round robin order. This is the default.", "value": "ROUND_ROBIN" }, { "name": "WeightedMaglev", "description": "Per-instance weighted Load Balancing via health check reported weights. If set, the Backend Service must configure a non legacy HTTP-based Health Check, and health check replies are expected to contain non-standard HTTP response header field X-Load-Balancing-Endpoint-Weight to specify the per-instance weights. If set, Load Balancing is weighted based on the per-instance weights reported in the last processed health check replies, as long as every instance either reported a valid weight or had UNAVAILABLE_WEIGHT. Otherwise, Load Balancing remains equal-weight. This option is only supported in Network Load Balancing.", "value": "WEIGHTED_MAGLEV" } ] }, "google-native:compute/beta:RegionBackendServiceProtocol": { "description": "The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancers or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.", "type": "string", "enum": [ { "name": "Grpc", "description": "gRPC (available for Traffic Director).", "value": "GRPC" }, { "name": "Http", "value": "HTTP" }, { "name": "Http2", "description": "HTTP/2 with SSL.", "value": "HTTP2" }, { "name": "Https", "value": "HTTPS" }, { "name": "Ssl", "description": "TCP proxying with SSL.", "value": "SSL" }, { "name": "Tcp", "description": "TCP proxying or TCP pass-through.", "value": "TCP" }, { "name": "Udp", "description": "UDP.", "value": "UDP" }, { "name": "Unspecified", "description": "If a Backend Service has UNSPECIFIED as its protocol, it can be used with any L3/L4 Forwarding Rules.", "value": "UNSPECIFIED" } ] }, "google-native:compute/beta:RegionBackendServiceSessionAffinity": { "description": "Type of session affinity to use. The default is NONE. Only NONE and HEADER_FIELD are supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. For more details, see: [Session Affinity](https://cloud.google.com/load-balancing/docs/backend-service#session_affinity).", "type": "string", "enum": [ { "name": "ClientIp", "description": "2-tuple hash on packet's source and destination IP addresses. Connections from the same source IP address to the same destination IP address will be served by the same backend VM while that VM remains healthy.", "value": "CLIENT_IP" }, { "name": "ClientIpNoDestination", "description": "1-tuple hash only on packet's source IP address. Connections from the same source IP address will be served by the same backend VM while that VM remains healthy. This option can only be used for Internal TCP/UDP Load Balancing.", "value": "CLIENT_IP_NO_DESTINATION" }, { "name": "ClientIpPortProto", "description": "5-tuple hash on packet's source and destination IP addresses, IP protocol, and source and destination ports. Connections for the same IP protocol from the same source IP address and port to the same destination IP address and port will be served by the same backend VM while that VM remains healthy. This option cannot be used for HTTP(S) load balancing.", "value": "CLIENT_IP_PORT_PROTO" }, { "name": "ClientIpProto", "description": "3-tuple hash on packet's source and destination IP addresses, and IP protocol. Connections for the same IP protocol from the same source IP address to the same destination IP address will be served by the same backend VM while that VM remains healthy. This option cannot be used for HTTP(S) load balancing.", "value": "CLIENT_IP_PROTO" }, { "name": "GeneratedCookie", "description": "Hash based on a cookie generated by the L7 loadbalancer. Only valid for HTTP(S) load balancing.", "value": "GENERATED_COOKIE" }, { "name": "HeaderField", "description": "The hash is based on a user specified header field.", "value": "HEADER_FIELD" }, { "name": "HttpCookie", "description": "The hash is based on a user provided cookie.", "value": "HTTP_COOKIE" }, { "name": "None", "description": "No session affinity. Connections from the same client IP may go to any instance in the pool.", "value": "NONE" } ] }, "google-native:compute/beta:RegionCommitmentCategory": { "description": "The category of the commitment. Category MACHINE specifies commitments composed of machine resources such as VCPU or MEMORY, listed in resources. Category LICENSE specifies commitments composed of software licenses, listed in licenseResources. Note that only MACHINE commitments should have a Type specified.", "type": "string", "enum": [ { "name": "CategoryUnspecified", "value": "CATEGORY_UNSPECIFIED" }, { "name": "License", "value": "LICENSE" }, { "name": "Machine", "value": "MACHINE" } ] }, "google-native:compute/beta:RegionCommitmentPlan": { "description": "The plan for this commitment, which determines duration and discount rate. The currently supported plans are TWELVE_MONTH (1 year), and THIRTY_SIX_MONTH (3 years).", "type": "string", "enum": [ { "name": "Invalid", "value": "INVALID" }, { "name": "ThirtySixMonth", "value": "THIRTY_SIX_MONTH" }, { "name": "TwelveMonth", "value": "TWELVE_MONTH" } ] }, "google-native:compute/beta:RegionCommitmentType": { "description": "The type of commitment, which affects the discount rate and the eligible resources. Type MEMORY_OPTIMIZED specifies a commitment that will only apply to memory optimized machines. Type ACCELERATOR_OPTIMIZED specifies a commitment that will only apply to accelerator optimized machines.", "type": "string", "enum": [ { "name": "AcceleratorOptimized", "value": "ACCELERATOR_OPTIMIZED" }, { "name": "AcceleratorOptimizedA3", "value": "ACCELERATOR_OPTIMIZED_A3" }, { "name": "ComputeOptimized", "value": "COMPUTE_OPTIMIZED" }, { "name": "ComputeOptimizedC2d", "value": "COMPUTE_OPTIMIZED_C2D" }, { "name": "ComputeOptimizedC3", "value": "COMPUTE_OPTIMIZED_C3" }, { "name": "ComputeOptimizedC3d", "value": "COMPUTE_OPTIMIZED_C3D" }, { "name": "ComputeOptimizedH3", "value": "COMPUTE_OPTIMIZED_H3" }, { "name": "GeneralPurpose", "value": "GENERAL_PURPOSE" }, { "name": "GeneralPurposeE2", "value": "GENERAL_PURPOSE_E2" }, { "name": "GeneralPurposeN2", "value": "GENERAL_PURPOSE_N2" }, { "name": "GeneralPurposeN2d", "value": "GENERAL_PURPOSE_N2D" }, { "name": "GeneralPurposeT2d", "value": "GENERAL_PURPOSE_T2D" }, { "name": "GraphicsOptimized", "value": "GRAPHICS_OPTIMIZED" }, { "name": "MemoryOptimized", "value": "MEMORY_OPTIMIZED" }, { "name": "MemoryOptimizedM3", "value": "MEMORY_OPTIMIZED_M3" }, { "name": "TypeUnspecified", "value": "TYPE_UNSPECIFIED" } ] }, "google-native:compute/beta:RegionDiskArchitecture": { "description": "The architecture of the disk. Valid values are ARM64 or X86_64.", "type": "string", "enum": [ { "name": "ArchitectureUnspecified", "description": "Default value indicating Architecture is not set.", "value": "ARCHITECTURE_UNSPECIFIED" }, { "name": "Arm64", "description": "Machines with architecture ARM64", "value": "ARM64" }, { "name": "X8664", "description": "Machines with architecture X86_64", "value": "X86_64" } ] }, "google-native:compute/beta:RegionDiskInterface": { "description": "[Deprecated] Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI.", "type": "string", "enum": [ { "name": "Nvme", "value": "NVME" }, { "name": "Scsi", "value": "SCSI" }, { "name": "Unspecified", "value": "UNSPECIFIED" } ] }, "google-native:compute/beta:RegionDiskStorageType": { "description": "[Deprecated] Storage type of the persistent disk.", "type": "string", "enum": [ { "name": "Hdd", "value": "HDD" }, { "name": "Ssd", "value": "SSD" } ] }, "google-native:compute/beta:RegionHealthCheckServiceHealthStatusAggregationPolicy": { "description": "Optional. Policy for how the results from multiple health checks for the same endpoint are aggregated. Defaults to NO_AGGREGATION if unspecified. - NO_AGGREGATION. An EndpointHealth message is returned for each pair in the health check service. - AND. If any health check of an endpoint reports UNHEALTHY, then UNHEALTHY is the HealthState of the endpoint. If all health checks report HEALTHY, the HealthState of the endpoint is HEALTHY. . This is only allowed with regional HealthCheckService.", "type": "string", "enum": [ { "name": "And", "description": "If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY.", "value": "AND" }, { "name": "NoAggregation", "description": "An EndpointHealth message is returned for each backend in the health check service.", "value": "NO_AGGREGATION" } ] }, "google-native:compute/beta:RegionHealthCheckServiceHealthStatusAggregationStrategy": { "description": "This field is deprecated. Use health_status_aggregation_policy instead. Policy for how the results from multiple health checks for the same endpoint are aggregated. - NO_AGGREGATION. An EndpointHealth message is returned for each backend in the health check service. - AND. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY. .", "type": "string", "enum": [ { "name": "And", "description": "This is deprecated. Use health_status_aggregation_policy instead. If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY.", "value": "AND" }, { "name": "NoAggregation", "description": "This is deprecated. Use health_status_aggregation_policy instead. An EndpointHealth message is returned for each backend in the health check service.", "value": "NO_AGGREGATION" } ] }, "google-native:compute/beta:RegionHealthCheckType": { "description": "Specifies the type of the healthCheck, either TCP, SSL, HTTP, HTTPS, HTTP2 or GRPC. Exactly one of the protocol-specific health check fields must be specified, which must match type field.", "type": "string", "enum": [ { "name": "Grpc", "value": "GRPC" }, { "name": "Http", "value": "HTTP" }, { "name": "Http2", "value": "HTTP2" }, { "name": "Https", "value": "HTTPS" }, { "name": "Invalid", "value": "INVALID" }, { "name": "Ssl", "value": "SSL" }, { "name": "Tcp", "value": "TCP" } ] }, "google-native:compute/beta:RegionInstanceGroupManagerFailoverAction": { "description": "The action to perform in case of zone failure. Only one value is supported, NO_FAILOVER. The default is NO_FAILOVER.", "type": "string", "enum": [ { "name": "NoFailover", "value": "NO_FAILOVER" }, { "name": "Unknown", "value": "UNKNOWN" } ] }, "google-native:compute/beta:RegionInstanceGroupManagerListManagedInstancesResults": { "description": "Pagination behavior of the listManagedInstances API method for this managed instance group.", "type": "string", "enum": [ { "name": "Pageless", "description": "(Default) Pagination is disabled for the group's listManagedInstances API method. maxResults and pageToken query parameters are ignored and all instances are returned in a single response.", "value": "PAGELESS" }, { "name": "Paginated", "description": "Pagination is enabled for the group's listManagedInstances API method. maxResults and pageToken query parameters are respected.", "value": "PAGINATED" } ] }, "google-native:compute/beta:RegionNetworkEndpointGroupNetworkEndpointType": { "description": "Type of network endpoints in this network endpoint group. Can be one of GCE_VM_IP, GCE_VM_IP_PORT, NON_GCP_PRIVATE_IP_PORT, INTERNET_FQDN_PORT, INTERNET_IP_PORT, SERVERLESS, PRIVATE_SERVICE_CONNECT.", "type": "string", "enum": [ { "name": "GceVmIp", "description": "The network endpoint is represented by an IP address.", "value": "GCE_VM_IP" }, { "name": "GceVmIpPort", "description": "The network endpoint is represented by IP address and port pair.", "value": "GCE_VM_IP_PORT" }, { "name": "InternetFqdnPort", "description": "The network endpoint is represented by fully qualified domain name and port.", "value": "INTERNET_FQDN_PORT" }, { "name": "InternetIpPort", "description": "The network endpoint is represented by an internet IP address and port.", "value": "INTERNET_IP_PORT" }, { "name": "NonGcpPrivateIpPort", "description": "The network endpoint is represented by an IP address and port. The endpoint belongs to a VM or pod running in a customer's on-premises.", "value": "NON_GCP_PRIVATE_IP_PORT" }, { "name": "PrivateServiceConnect", "description": "The network endpoint is either public Google APIs or services exposed by other GCP Project with a Service Attachment. The connection is set up by private service connect", "value": "PRIVATE_SERVICE_CONNECT" }, { "name": "Serverless", "description": "The network endpoint is handled by specified serverless infrastructure.", "value": "SERVERLESS" } ] }, "google-native:compute/beta:RegionSecurityPolicyType": { "description": "The type indicates the intended use of the security policy. - CLOUD_ARMOR: Cloud Armor backend security policies can be configured to filter incoming HTTP requests targeting backend services. They filter requests before they hit the origin servers. - CLOUD_ARMOR_EDGE: Cloud Armor edge security policies can be configured to filter incoming HTTP requests targeting backend services (including Cloud CDN-enabled) as well as backend buckets (Cloud Storage). They filter requests before the request is served from Google's cache. - CLOUD_ARMOR_INTERNAL_SERVICE: Cloud Armor internal service policies can be configured to filter HTTP requests targeting services managed by Traffic Director in a service mesh. They filter requests before the request is served from the application. - CLOUD_ARMOR_NETWORK: Cloud Armor network policies can be configured to filter packets targeting network load balancing resources such as backend services, target pools, target instances, and instances with external IPs. They filter requests before the request is served from the application. This field can be set only at resource creation time.", "type": "string", "enum": [ { "name": "CloudArmor", "value": "CLOUD_ARMOR" }, { "name": "CloudArmorEdge", "value": "CLOUD_ARMOR_EDGE" }, { "name": "CloudArmorNetwork", "value": "CLOUD_ARMOR_NETWORK" }, { "name": "Firewall", "value": "FIREWALL" } ] }, "google-native:compute/beta:RegionSslCertificateType": { "description": "(Optional) Specifies the type of SSL certificate, either \"SELF_MANAGED\" or \"MANAGED\". If not specified, the certificate is self-managed and the fields certificate and private_key are used.", "type": "string", "enum": [ { "name": "Managed", "description": "Google-managed SSLCertificate.", "value": "MANAGED" }, { "name": "SelfManaged", "description": "Certificate uploaded by user.", "value": "SELF_MANAGED" }, { "name": "TypeUnspecified", "value": "TYPE_UNSPECIFIED" } ] }, "google-native:compute/beta:RegionSslPolicyMinTlsVersion": { "description": "The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. This can be one of TLS_1_0, TLS_1_1, TLS_1_2.", "type": "string", "enum": [ { "name": "Tls10", "description": "TLS 1.0", "value": "TLS_1_0" }, { "name": "Tls11", "description": "TLS 1.1", "value": "TLS_1_1" }, { "name": "Tls12", "description": "TLS 1.2", "value": "TLS_1_2" } ] }, "google-native:compute/beta:RegionSslPolicyProfile": { "description": "Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one of COMPATIBLE, MODERN, RESTRICTED, or CUSTOM. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field.", "type": "string", "enum": [ { "name": "Compatible", "description": "Compatible profile. Allows the broadset set of clients, even those which support only out-of-date SSL features to negotiate with the load balancer.", "value": "COMPATIBLE" }, { "name": "Custom", "description": "Custom profile. Allow only the set of allowed SSL features specified in the customFeatures field.", "value": "CUSTOM" }, { "name": "Modern", "description": "Modern profile. Supports a wide set of SSL features, allowing modern clients to negotiate SSL with the load balancer.", "value": "MODERN" }, { "name": "Restricted", "description": "Restricted profile. Supports a reduced set of SSL features, intended to meet stricter compliance requirements.", "value": "RESTRICTED" } ] }, "google-native:compute/beta:RegionSslPolicyWarningsItemDataItemResponse": { "properties": { "key": { "type": "string", "description": "A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)." }, "value": { "type": "string", "description": "A warning data value corresponding to the key." } }, "type": "object", "required": [ "key", "value" ] }, "google-native:compute/beta:RegionSslPolicyWarningsItemResponse": { "properties": { "code": { "type": "string", "description": "A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response." }, "data": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:RegionSslPolicyWarningsItemDataItemResponse" }, "description": "Metadata about this warning in key: value format. For example: \"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" } " }, "message": { "type": "string", "description": "A human-readable description of the warning code." } }, "type": "object", "required": [ "code", "data", "message" ] }, "google-native:compute/beta:RegionTargetHttpsProxyQuicOverride": { "description": "Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE. - When quic-override is set to NONE, Google manages whether QUIC is used. - When quic-override is set to ENABLE, the load balancer uses QUIC when possible. - When quic-override is set to DISABLE, the load balancer doesn't use QUIC. - If the quic-override flag is not specified, NONE is implied. ", "type": "string", "enum": [ { "name": "Disable", "description": "The load balancer will not attempt to negotiate QUIC with clients.", "value": "DISABLE" }, { "name": "Enable", "description": "The load balancer will attempt to negotiate QUIC with clients.", "value": "ENABLE" }, { "name": "None", "description": "No overrides to the default QUIC policy. This option is implicit if no QUIC override has been specified in the request.", "value": "NONE" } ] }, "google-native:compute/beta:RegionTargetTcpProxyProxyHeader": { "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.", "type": "string", "enum": [ { "name": "None", "value": "NONE" }, { "name": "ProxyV1", "value": "PROXY_V1" } ] }, "google-native:compute/beta:RequestMirrorPolicy": { "description": "A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. The load balancer doesn't wait for responses from the shadow service. Before sending traffic to the shadow service, the host or authority header is suffixed with -shadow.", "properties": { "backendService": { "type": "string", "description": "The full or partial URL to the BackendService resource being mirrored to. The backend service configured for a mirroring policy must reference backends that are of the same type as the original backend service matched in the URL map. Serverless NEG backends are not currently supported as a mirrored backend service. " } }, "type": "object" }, "google-native:compute/beta:RequestMirrorPolicyResponse": { "description": "A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. The load balancer doesn't wait for responses from the shadow service. Before sending traffic to the shadow service, the host or authority header is suffixed with -shadow.", "properties": { "backendService": { "type": "string", "description": "The full or partial URL to the BackendService resource being mirrored to. The backend service configured for a mirroring policy must reference backends that are of the same type as the original backend service matched in the URL map. Serverless NEG backends are not currently supported as a mirrored backend service. " } }, "type": "object", "required": [ "backendService" ] }, "google-native:compute/beta:Reservation": { "description": "Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.", "properties": { "aggregateReservation": { "$ref": "#/types/google-native:compute%2Fbeta:AllocationAggregateReservation", "description": "Reservation for aggregated resources, providing shape flexibility." }, "deleteAfterDuration": { "$ref": "#/types/google-native:compute%2Fbeta:Duration", "description": "Duration time relative to reservation creation when GCE will automatically delete this resource." }, "deleteAtTime": { "type": "string", "description": "Absolute time in future when the reservation will be auto-deleted by GCE. Timestamp is represented in RFC3339 text format." }, "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "name": { "type": "string", "description": "The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "resourcePolicies": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource policies to be added to this reservation. The key is defined by user, and the value is resource policy url. This is to define placement policy with reservation." }, "shareSettings": { "$ref": "#/types/google-native:compute%2Fbeta:ShareSettings", "description": "Specify share-settings to create a shared reservation. This property is optional. For more information about the syntax and options for this field and its subfields, see the guide for creating a shared reservation." }, "specificReservation": { "$ref": "#/types/google-native:compute%2Fbeta:AllocationSpecificSKUReservation", "description": "Reservation for instances with specific machine shapes." }, "specificReservationRequired": { "type": "boolean", "description": "Indicates whether the reservation can be consumed by VMs with affinity for \"any\" reservation. If the field is set, then only VMs that target the reservation by name can consume from this reservation." }, "zone": { "type": "string", "description": "Zone in which the reservation resides. A zone must be provided if the reservation is created within a commitment." } }, "type": "object" }, "google-native:compute/beta:ReservationAffinity": { "description": "Specifies the reservations that this instance can consume from.", "properties": { "consumeReservationType": { "$ref": "#/types/google-native:compute%2Fbeta:ReservationAffinityConsumeReservationType", "description": "Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples." }, "key": { "type": "string", "description": "Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value." }, "values": { "type": "array", "items": { "type": "string" }, "description": "Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or \"projects/different-project/reservations/some-reservation-name\" to target a shared reservation in the same zone but in a different project." } }, "type": "object" }, "google-native:compute/beta:ReservationAffinityConsumeReservationType": { "description": "Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.", "type": "string", "enum": [ { "name": "AnyReservation", "description": "Consume any allocation available.", "value": "ANY_RESERVATION" }, { "name": "NoReservation", "description": "Do not consume from any allocated capacity.", "value": "NO_RESERVATION" }, { "name": "SpecificReservation", "description": "Must consume from a specific reservation. Must specify key value fields for specifying the reservations.", "value": "SPECIFIC_RESERVATION" }, { "name": "SpecificThenAnyReservation", "description": "Prefer to consume from a specific reservation, but still consume any reservation available if the specified reservation is not available or exhausted. Must specify key value fields for specifying the reservations.", "value": "SPECIFIC_THEN_ANY_RESERVATION" }, { "name": "SpecificThenNoReservation", "description": "Prefer to consume from a specific reservation, but still consume from the on-demand pool if the specified reservation is exhausted. Must specify key value fields for specifying the reservations.", "value": "SPECIFIC_THEN_NO_RESERVATION" }, { "name": "Unspecified", "value": "UNSPECIFIED" } ] }, "google-native:compute/beta:ReservationAffinityResponse": { "description": "Specifies the reservations that this instance can consume from.", "properties": { "consumeReservationType": { "type": "string", "description": "Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples." }, "key": { "type": "string", "description": "Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value." }, "values": { "type": "array", "items": { "type": "string" }, "description": "Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or \"projects/different-project/reservations/some-reservation-name\" to target a shared reservation in the same zone but in a different project." } }, "type": "object", "required": [ "consumeReservationType", "key", "values" ] }, "google-native:compute/beta:ReservationResponse": { "description": "Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.", "properties": { "aggregateReservation": { "$ref": "#/types/google-native:compute%2Fbeta:AllocationAggregateReservationResponse", "description": "Reservation for aggregated resources, providing shape flexibility." }, "commitment": { "type": "string", "description": "Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment." }, "creationTimestamp": { "type": "string", "description": "Creation timestamp in RFC3339 text format." }, "deleteAfterDuration": { "$ref": "#/types/google-native:compute%2Fbeta:DurationResponse", "description": "Duration time relative to reservation creation when GCE will automatically delete this resource." }, "deleteAtTime": { "type": "string", "description": "Absolute time in future when the reservation will be auto-deleted by GCE. Timestamp is represented in RFC3339 text format." }, "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "kind": { "type": "string", "description": "Type of the resource. Always compute#reservations for reservations." }, "name": { "type": "string", "description": "The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "resourcePolicies": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource policies to be added to this reservation. The key is defined by user, and the value is resource policy url. This is to define placement policy with reservation." }, "resourceStatus": { "$ref": "#/types/google-native:compute%2Fbeta:AllocationResourceStatusResponse", "description": "Status information for Reservation resource." }, "satisfiesPzs": { "type": "boolean", "description": "Reserved for future use." }, "selfLink": { "type": "string", "description": "Server-defined fully-qualified URL for this resource." }, "shareSettings": { "$ref": "#/types/google-native:compute%2Fbeta:ShareSettingsResponse", "description": "Specify share-settings to create a shared reservation. This property is optional. For more information about the syntax and options for this field and its subfields, see the guide for creating a shared reservation." }, "specificReservation": { "$ref": "#/types/google-native:compute%2Fbeta:AllocationSpecificSKUReservationResponse", "description": "Reservation for instances with specific machine shapes." }, "specificReservationRequired": { "type": "boolean", "description": "Indicates whether the reservation can be consumed by VMs with affinity for \"any\" reservation. If the field is set, then only VMs that target the reservation by name can consume from this reservation." }, "status": { "type": "string", "description": "The status of the reservation." }, "zone": { "type": "string", "description": "Zone in which the reservation resides. A zone must be provided if the reservation is created within a commitment." } }, "type": "object", "required": [ "aggregateReservation", "commitment", "creationTimestamp", "deleteAfterDuration", "deleteAtTime", "description", "kind", "name", "resourcePolicies", "resourceStatus", "satisfiesPzs", "selfLink", "shareSettings", "specificReservation", "specificReservationRequired", "status", "zone" ] }, "google-native:compute/beta:ResourceCommitment": { "description": "Commitment for a particular resource (a Commitment is composed of one or more of these).", "properties": { "acceleratorType": { "type": "string", "description": "Name of the accelerator type resource. Applicable only when the type is ACCELERATOR." }, "amount": { "type": "string", "description": "The amount of the resource purchased (in a type-dependent unit, such as bytes). For vCPUs, this can just be an integer. For memory, this must be provided in MB. Memory must be a multiple of 256 MB, with up to 6.5GB of memory per every vCPU." }, "type": { "$ref": "#/types/google-native:compute%2Fbeta:ResourceCommitmentType", "description": "Type of resource for which this commitment applies. Possible values are VCPU, MEMORY, LOCAL_SSD, and ACCELERATOR." } }, "type": "object" }, "google-native:compute/beta:ResourceCommitmentResponse": { "description": "Commitment for a particular resource (a Commitment is composed of one or more of these).", "properties": { "acceleratorType": { "type": "string", "description": "Name of the accelerator type resource. Applicable only when the type is ACCELERATOR." }, "amount": { "type": "string", "description": "The amount of the resource purchased (in a type-dependent unit, such as bytes). For vCPUs, this can just be an integer. For memory, this must be provided in MB. Memory must be a multiple of 256 MB, with up to 6.5GB of memory per every vCPU." }, "type": { "type": "string", "description": "Type of resource for which this commitment applies. Possible values are VCPU, MEMORY, LOCAL_SSD, and ACCELERATOR." } }, "type": "object", "required": [ "acceleratorType", "amount", "type" ] }, "google-native:compute/beta:ResourceCommitmentType": { "description": "Type of resource for which this commitment applies. Possible values are VCPU, MEMORY, LOCAL_SSD, and ACCELERATOR.", "type": "string", "enum": [ { "name": "Accelerator", "value": "ACCELERATOR" }, { "name": "LocalSsd", "value": "LOCAL_SSD" }, { "name": "Memory", "value": "MEMORY" }, { "name": "Unspecified", "value": "UNSPECIFIED" }, { "name": "Vcpu", "value": "VCPU" } ] }, "google-native:compute/beta:ResourcePolicyDailyCycle": { "description": "Time window specified for daily operations.", "properties": { "daysInCycle": { "type": "integer", "description": "Defines a schedule with units measured in days. The value determines how many days pass between the start of each cycle." }, "startTime": { "type": "string", "description": "Start time of the window. This must be in UTC format that resolves to one of 00:00, 04:00, 08:00, 12:00, 16:00, or 20:00. For example, both 13:00-5 and 08:00 are valid." } }, "type": "object" }, "google-native:compute/beta:ResourcePolicyDailyCycleResponse": { "description": "Time window specified for daily operations.", "properties": { "daysInCycle": { "type": "integer", "description": "Defines a schedule with units measured in days. The value determines how many days pass between the start of each cycle." }, "duration": { "type": "string", "description": "[Output only] A predetermined duration for the window, automatically chosen to be the smallest possible in the given scenario." }, "startTime": { "type": "string", "description": "Start time of the window. This must be in UTC format that resolves to one of 00:00, 04:00, 08:00, 12:00, 16:00, or 20:00. For example, both 13:00-5 and 08:00 are valid." } }, "type": "object", "required": [ "daysInCycle", "duration", "startTime" ] }, "google-native:compute/beta:ResourcePolicyDiskConsistencyGroupPolicy": { "description": "Resource policy for disk consistency groups.", "type": "object" }, "google-native:compute/beta:ResourcePolicyDiskConsistencyGroupPolicyResponse": { "description": "Resource policy for disk consistency groups.", "type": "object" }, "google-native:compute/beta:ResourcePolicyGroupPlacementPolicy": { "description": "A GroupPlacementPolicy specifies resource placement configuration. It specifies the failure bucket separation as well as network locality", "properties": { "availabilityDomainCount": { "type": "integer", "description": "The number of availability domains to spread instances across. If two instances are in different availability domain, they are not in the same low latency network." }, "collocation": { "$ref": "#/types/google-native:compute%2Fbeta:ResourcePolicyGroupPlacementPolicyCollocation", "description": "Specifies network collocation" }, "maxDistance": { "type": "integer", "description": "Specifies the number of max logical switches." }, "sliceCount": { "type": "integer", "description": "Specifies the number of slices in a multislice workload." }, "tpuTopology": { "type": "string", "description": "Specifies the shape of the TPU slice" }, "vmCount": { "type": "integer", "description": "Number of VMs in this placement group. Google does not recommend that you use this field unless you use a compact policy and you want your policy to work only if it contains this exact number of VMs." } }, "type": "object" }, "google-native:compute/beta:ResourcePolicyGroupPlacementPolicyCollocation": { "description": "Specifies network collocation", "type": "string", "enum": [ { "name": "Collocated", "value": "COLLOCATED" }, { "name": "UnspecifiedCollocation", "value": "UNSPECIFIED_COLLOCATION" } ] }, "google-native:compute/beta:ResourcePolicyGroupPlacementPolicyResponse": { "description": "A GroupPlacementPolicy specifies resource placement configuration. It specifies the failure bucket separation as well as network locality", "properties": { "availabilityDomainCount": { "type": "integer", "description": "The number of availability domains to spread instances across. If two instances are in different availability domain, they are not in the same low latency network." }, "collocation": { "type": "string", "description": "Specifies network collocation" }, "maxDistance": { "type": "integer", "description": "Specifies the number of max logical switches." }, "sliceCount": { "type": "integer", "description": "Specifies the number of slices in a multislice workload." }, "tpuTopology": { "type": "string", "description": "Specifies the shape of the TPU slice" }, "vmCount": { "type": "integer", "description": "Number of VMs in this placement group. Google does not recommend that you use this field unless you use a compact policy and you want your policy to work only if it contains this exact number of VMs." } }, "type": "object", "required": [ "availabilityDomainCount", "collocation", "maxDistance", "sliceCount", "tpuTopology", "vmCount" ] }, "google-native:compute/beta:ResourcePolicyHourlyCycle": { "description": "Time window specified for hourly operations.", "properties": { "hoursInCycle": { "type": "integer", "description": "Defines a schedule with units measured in hours. The value determines how many hours pass between the start of each cycle." }, "startTime": { "type": "string", "description": "Time within the window to start the operations. It must be in format \"HH:MM\", where HH : [00-23] and MM : [00-00] GMT." } }, "type": "object" }, "google-native:compute/beta:ResourcePolicyHourlyCycleResponse": { "description": "Time window specified for hourly operations.", "properties": { "duration": { "type": "string", "description": "[Output only] Duration of the time window, automatically chosen to be smallest possible in the given scenario." }, "hoursInCycle": { "type": "integer", "description": "Defines a schedule with units measured in hours. The value determines how many hours pass between the start of each cycle." }, "startTime": { "type": "string", "description": "Time within the window to start the operations. It must be in format \"HH:MM\", where HH : [00-23] and MM : [00-00] GMT." } }, "type": "object", "required": [ "duration", "hoursInCycle", "startTime" ] }, "google-native:compute/beta:ResourcePolicyInstanceSchedulePolicy": { "description": "An InstanceSchedulePolicy specifies when and how frequent certain operations are performed on the instance.", "properties": { "expirationTime": { "type": "string", "description": "The expiration time of the schedule. The timestamp is an RFC3339 string." }, "startTime": { "type": "string", "description": "The start time of the schedule. The timestamp is an RFC3339 string." }, "timeZone": { "type": "string", "description": "Specifies the time zone to be used in interpreting Schedule.schedule. The value of this field must be a time zone name from the tz database: https://wikipedia.org/wiki/Tz_database." }, "vmStartSchedule": { "$ref": "#/types/google-native:compute%2Fbeta:ResourcePolicyInstanceSchedulePolicySchedule", "description": "Specifies the schedule for starting instances." }, "vmStopSchedule": { "$ref": "#/types/google-native:compute%2Fbeta:ResourcePolicyInstanceSchedulePolicySchedule", "description": "Specifies the schedule for stopping instances." } }, "type": "object" }, "google-native:compute/beta:ResourcePolicyInstanceSchedulePolicyResponse": { "description": "An InstanceSchedulePolicy specifies when and how frequent certain operations are performed on the instance.", "properties": { "expirationTime": { "type": "string", "description": "The expiration time of the schedule. The timestamp is an RFC3339 string." }, "startTime": { "type": "string", "description": "The start time of the schedule. The timestamp is an RFC3339 string." }, "timeZone": { "type": "string", "description": "Specifies the time zone to be used in interpreting Schedule.schedule. The value of this field must be a time zone name from the tz database: https://wikipedia.org/wiki/Tz_database." }, "vmStartSchedule": { "$ref": "#/types/google-native:compute%2Fbeta:ResourcePolicyInstanceSchedulePolicyScheduleResponse", "description": "Specifies the schedule for starting instances." }, "vmStopSchedule": { "$ref": "#/types/google-native:compute%2Fbeta:ResourcePolicyInstanceSchedulePolicyScheduleResponse", "description": "Specifies the schedule for stopping instances." } }, "type": "object", "required": [ "expirationTime", "startTime", "timeZone", "vmStartSchedule", "vmStopSchedule" ] }, "google-native:compute/beta:ResourcePolicyInstanceSchedulePolicySchedule": { "description": "Schedule for an instance operation.", "properties": { "schedule": { "type": "string", "description": "Specifies the frequency for the operation, using the unix-cron format." } }, "type": "object" }, "google-native:compute/beta:ResourcePolicyInstanceSchedulePolicyScheduleResponse": { "description": "Schedule for an instance operation.", "properties": { "schedule": { "type": "string", "description": "Specifies the frequency for the operation, using the unix-cron format." } }, "type": "object", "required": [ "schedule" ] }, "google-native:compute/beta:ResourcePolicyResourceStatusInstanceSchedulePolicyStatusResponse": { "properties": { "lastRunStartTime": { "type": "string", "description": "The last time the schedule successfully ran. The timestamp is an RFC3339 string." }, "nextRunStartTime": { "type": "string", "description": "The next time the schedule is planned to run. The actual time might be slightly different. The timestamp is an RFC3339 string." } }, "type": "object", "required": [ "lastRunStartTime", "nextRunStartTime" ] }, "google-native:compute/beta:ResourcePolicyResourceStatusResponse": { "description": "Contains output only fields. Use this sub-message for all output fields set on ResourcePolicy. The internal structure of this \"status\" field should mimic the structure of ResourcePolicy proto specification.", "properties": { "instanceSchedulePolicy": { "$ref": "#/types/google-native:compute%2Fbeta:ResourcePolicyResourceStatusInstanceSchedulePolicyStatusResponse", "description": "Specifies a set of output values reffering to the instance_schedule_policy system status. This field should have the same name as corresponding policy field." } }, "type": "object", "required": [ "instanceSchedulePolicy" ] }, "google-native:compute/beta:ResourcePolicySnapshotSchedulePolicy": { "description": "A snapshot schedule policy specifies when and how frequently snapshots are to be created for the target disk. Also specifies how many and how long these scheduled snapshots should be retained.", "properties": { "retentionPolicy": { "$ref": "#/types/google-native:compute%2Fbeta:ResourcePolicySnapshotSchedulePolicyRetentionPolicy", "description": "Retention policy applied to snapshots created by this resource policy." }, "schedule": { "$ref": "#/types/google-native:compute%2Fbeta:ResourcePolicySnapshotSchedulePolicySchedule", "description": "A Vm Maintenance Policy specifies what kind of infrastructure maintenance we are allowed to perform on this VM and when. Schedule that is applied to disks covered by this policy." }, "snapshotProperties": { "$ref": "#/types/google-native:compute%2Fbeta:ResourcePolicySnapshotSchedulePolicySnapshotProperties", "description": "Properties with which snapshots are created such as labels, encryption keys." } }, "type": "object" }, "google-native:compute/beta:ResourcePolicySnapshotSchedulePolicyResponse": { "description": "A snapshot schedule policy specifies when and how frequently snapshots are to be created for the target disk. Also specifies how many and how long these scheduled snapshots should be retained.", "properties": { "retentionPolicy": { "$ref": "#/types/google-native:compute%2Fbeta:ResourcePolicySnapshotSchedulePolicyRetentionPolicyResponse", "description": "Retention policy applied to snapshots created by this resource policy." }, "schedule": { "$ref": "#/types/google-native:compute%2Fbeta:ResourcePolicySnapshotSchedulePolicyScheduleResponse", "description": "A Vm Maintenance Policy specifies what kind of infrastructure maintenance we are allowed to perform on this VM and when. Schedule that is applied to disks covered by this policy." }, "snapshotProperties": { "$ref": "#/types/google-native:compute%2Fbeta:ResourcePolicySnapshotSchedulePolicySnapshotPropertiesResponse", "description": "Properties with which snapshots are created such as labels, encryption keys." } }, "type": "object", "required": [ "retentionPolicy", "schedule", "snapshotProperties" ] }, "google-native:compute/beta:ResourcePolicySnapshotSchedulePolicyRetentionPolicy": { "description": "Policy for retention of scheduled snapshots.", "properties": { "maxRetentionDays": { "type": "integer", "description": "Maximum age of the snapshot that is allowed to be kept." }, "onSourceDiskDelete": { "$ref": "#/types/google-native:compute%2Fbeta:ResourcePolicySnapshotSchedulePolicyRetentionPolicyOnSourceDiskDelete", "description": "Specifies the behavior to apply to scheduled snapshots when the source disk is deleted." } }, "type": "object" }, "google-native:compute/beta:ResourcePolicySnapshotSchedulePolicyRetentionPolicyOnSourceDiskDelete": { "description": "Specifies the behavior to apply to scheduled snapshots when the source disk is deleted.", "type": "string", "enum": [ { "name": "ApplyRetentionPolicy", "value": "APPLY_RETENTION_POLICY" }, { "name": "KeepAutoSnapshots", "value": "KEEP_AUTO_SNAPSHOTS" }, { "name": "UnspecifiedOnSourceDiskDelete", "value": "UNSPECIFIED_ON_SOURCE_DISK_DELETE" } ] }, "google-native:compute/beta:ResourcePolicySnapshotSchedulePolicyRetentionPolicyResponse": { "description": "Policy for retention of scheduled snapshots.", "properties": { "maxRetentionDays": { "type": "integer", "description": "Maximum age of the snapshot that is allowed to be kept." }, "onSourceDiskDelete": { "type": "string", "description": "Specifies the behavior to apply to scheduled snapshots when the source disk is deleted." } }, "type": "object", "required": [ "maxRetentionDays", "onSourceDiskDelete" ] }, "google-native:compute/beta:ResourcePolicySnapshotSchedulePolicySchedule": { "description": "A schedule for disks where the schedueled operations are performed.", "properties": { "dailySchedule": { "$ref": "#/types/google-native:compute%2Fbeta:ResourcePolicyDailyCycle" }, "hourlySchedule": { "$ref": "#/types/google-native:compute%2Fbeta:ResourcePolicyHourlyCycle" }, "weeklySchedule": { "$ref": "#/types/google-native:compute%2Fbeta:ResourcePolicyWeeklyCycle" } }, "type": "object" }, "google-native:compute/beta:ResourcePolicySnapshotSchedulePolicyScheduleResponse": { "description": "A schedule for disks where the schedueled operations are performed.", "properties": { "dailySchedule": { "$ref": "#/types/google-native:compute%2Fbeta:ResourcePolicyDailyCycleResponse" }, "hourlySchedule": { "$ref": "#/types/google-native:compute%2Fbeta:ResourcePolicyHourlyCycleResponse" }, "weeklySchedule": { "$ref": "#/types/google-native:compute%2Fbeta:ResourcePolicyWeeklyCycleResponse" } }, "type": "object", "required": [ "dailySchedule", "hourlySchedule", "weeklySchedule" ] }, "google-native:compute/beta:ResourcePolicySnapshotSchedulePolicySnapshotProperties": { "description": "Specified snapshot properties for scheduled snapshots created by this policy.", "properties": { "chainName": { "type": "string", "description": "Chain name that the snapshot is created in." }, "guestFlush": { "type": "boolean", "description": "Indication to perform a 'guest aware' snapshot." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels to apply to scheduled snapshots. These can be later modified by the setLabels method. Label values may be empty." }, "storageLocations": { "type": "array", "items": { "type": "string" }, "description": "Cloud Storage bucket storage location of the auto snapshot (regional or multi-regional)." } }, "type": "object" }, "google-native:compute/beta:ResourcePolicySnapshotSchedulePolicySnapshotPropertiesResponse": { "description": "Specified snapshot properties for scheduled snapshots created by this policy.", "properties": { "chainName": { "type": "string", "description": "Chain name that the snapshot is created in." }, "guestFlush": { "type": "boolean", "description": "Indication to perform a 'guest aware' snapshot." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels to apply to scheduled snapshots. These can be later modified by the setLabels method. Label values may be empty." }, "storageLocations": { "type": "array", "items": { "type": "string" }, "description": "Cloud Storage bucket storage location of the auto snapshot (regional or multi-regional)." } }, "type": "object", "required": [ "chainName", "guestFlush", "labels", "storageLocations" ] }, "google-native:compute/beta:ResourcePolicyWeeklyCycle": { "description": "Time window specified for weekly operations.", "properties": { "dayOfWeeks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:ResourcePolicyWeeklyCycleDayOfWeek" }, "description": "Up to 7 intervals/windows, one for each day of the week." } }, "type": "object" }, "google-native:compute/beta:ResourcePolicyWeeklyCycleDayOfWeek": { "properties": { "day": { "$ref": "#/types/google-native:compute%2Fbeta:ResourcePolicyWeeklyCycleDayOfWeekDay", "description": "Defines a schedule that runs on specific days of the week. Specify one or more days. The following options are available: MONDAY, TUESDAY, WEDNESDAY, THURSDAY, FRIDAY, SATURDAY, SUNDAY." }, "startTime": { "type": "string", "description": "Time within the window to start the operations. It must be in format \"HH:MM\", where HH : [00-23] and MM : [00-00] GMT." } }, "type": "object" }, "google-native:compute/beta:ResourcePolicyWeeklyCycleDayOfWeekDay": { "description": "Defines a schedule that runs on specific days of the week. Specify one or more days. The following options are available: MONDAY, TUESDAY, WEDNESDAY, THURSDAY, FRIDAY, SATURDAY, SUNDAY.", "type": "string", "enum": [ { "name": "Friday", "value": "FRIDAY" }, { "name": "Invalid", "value": "INVALID" }, { "name": "Monday", "value": "MONDAY" }, { "name": "Saturday", "value": "SATURDAY" }, { "name": "Sunday", "value": "SUNDAY" }, { "name": "Thursday", "value": "THURSDAY" }, { "name": "Tuesday", "value": "TUESDAY" }, { "name": "Wednesday", "value": "WEDNESDAY" } ] }, "google-native:compute/beta:ResourcePolicyWeeklyCycleDayOfWeekResponse": { "properties": { "day": { "type": "string", "description": "Defines a schedule that runs on specific days of the week. Specify one or more days. The following options are available: MONDAY, TUESDAY, WEDNESDAY, THURSDAY, FRIDAY, SATURDAY, SUNDAY." }, "duration": { "type": "string", "description": "[Output only] Duration of the time window, automatically chosen to be smallest possible in the given scenario." }, "startTime": { "type": "string", "description": "Time within the window to start the operations. It must be in format \"HH:MM\", where HH : [00-23] and MM : [00-00] GMT." } }, "type": "object", "required": [ "day", "duration", "startTime" ] }, "google-native:compute/beta:ResourcePolicyWeeklyCycleResponse": { "description": "Time window specified for weekly operations.", "properties": { "dayOfWeeks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:ResourcePolicyWeeklyCycleDayOfWeekResponse" }, "description": "Up to 7 intervals/windows, one for each day of the week." } }, "type": "object", "required": [ "dayOfWeeks" ] }, "google-native:compute/beta:ResourceStatusResponse": { "description": "Contains output only fields. Use this sub-message for actual values set on Instance attributes as compared to the value requested by the user (intent) in their instance CRUD calls.", "properties": { "physicalHost": { "type": "string", "description": "An opaque ID of the host on which the VM is running." }, "scheduling": { "$ref": "#/types/google-native:compute%2Fbeta:ResourceStatusSchedulingResponse" }, "upcomingMaintenance": { "$ref": "#/types/google-native:compute%2Fbeta:UpcomingMaintenanceResponse" } }, "type": "object", "required": [ "physicalHost", "scheduling", "upcomingMaintenance" ] }, "google-native:compute/beta:ResourceStatusSchedulingResponse": { "properties": { "terminationTimestamp": { "type": "string", "description": "Time in future when the instance will be terminated in RFC3339 text format." } }, "type": "object", "required": [ "terminationTimestamp" ] }, "google-native:compute/beta:RolloutPolicy": { "description": "A rollout policy configuration.", "properties": { "defaultRolloutTime": { "type": "string", "description": "An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated." }, "locationRolloutPolicies": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location." } }, "type": "object" }, "google-native:compute/beta:RolloutPolicyResponse": { "description": "A rollout policy configuration.", "properties": { "defaultRolloutTime": { "type": "string", "description": "An optional RFC3339 timestamp on or after which the update is considered rolled out to any zone that is not explicitly stated." }, "locationRolloutPolicies": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Location based rollout policies to apply to the resource. Currently only zone names are supported and must be represented as valid URLs, like: zones/us-central1-a. The value expects an RFC3339 timestamp on or after which the update is considered rolled out to the specified location." } }, "type": "object", "required": [ "defaultRolloutTime", "locationRolloutPolicies" ] }, "google-native:compute/beta:RouteAsPathResponse": { "properties": { "asLists": { "type": "array", "items": { "type": "integer" }, "description": "The AS numbers of the AS Path." }, "pathSegmentType": { "type": "string", "description": "The type of the AS Path, which can be one of the following values: - 'AS_SET': unordered set of autonomous systems that the route in has traversed - 'AS_SEQUENCE': ordered set of autonomous systems that the route has traversed - 'AS_CONFED_SEQUENCE': ordered set of Member Autonomous Systems in the local confederation that the route has traversed - 'AS_CONFED_SET': unordered set of Member Autonomous Systems in the local confederation that the route has traversed " } }, "type": "object", "required": [ "asLists", "pathSegmentType" ] }, "google-native:compute/beta:RouteWarningsItemDataItemResponse": { "properties": { "key": { "type": "string", "description": "A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)." }, "value": { "type": "string", "description": "A warning data value corresponding to the key." } }, "type": "object", "required": [ "key", "value" ] }, "google-native:compute/beta:RouteWarningsItemResponse": { "properties": { "code": { "type": "string", "description": "A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response." }, "data": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:RouteWarningsItemDataItemResponse" }, "description": "Metadata about this warning in key: value format. For example: \"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" } " }, "message": { "type": "string", "description": "A human-readable description of the warning code." } }, "type": "object", "required": [ "code", "data", "message" ] }, "google-native:compute/beta:RouterAdvertisedIpRange": { "description": "Description-tagged IP ranges for the router to advertise.", "properties": { "description": { "type": "string", "description": "User-specified description for the IP range." }, "range": { "type": "string", "description": "The IP range to advertise. The value must be a CIDR-formatted string." } }, "type": "object" }, "google-native:compute/beta:RouterAdvertisedIpRangeResponse": { "description": "Description-tagged IP ranges for the router to advertise.", "properties": { "description": { "type": "string", "description": "User-specified description for the IP range." }, "range": { "type": "string", "description": "The IP range to advertise. The value must be a CIDR-formatted string." } }, "type": "object", "required": [ "description", "range" ] }, "google-native:compute/beta:RouterBgp": { "properties": { "advertiseMode": { "$ref": "#/types/google-native:compute%2Fbeta:RouterBgpAdvertiseMode", "description": "User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM." }, "advertisedGroups": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:RouterBgpAdvertisedGroupsItem" }, "description": "User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups." }, "advertisedIpRanges": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:RouterAdvertisedIpRange" }, "description": "User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These IP ranges will be advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges." }, "asn": { "type": "integer", "description": "Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN." }, "identifierRange": { "type": "string", "description": "Explicitly specifies a range of valid BGP Identifiers for this Router. It is provided as a link-local IPv4 range (from 169.254.0.0/16), of size at least /30, even if the BGP sessions are over IPv6. It must not overlap with any IPv4 BGP session ranges. Other vendors commonly call this \"router ID\"." }, "keepaliveInterval": { "type": "integer", "description": "The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20." } }, "type": "object" }, "google-native:compute/beta:RouterBgpAdvertiseMode": { "description": "User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM.", "type": "string", "enum": [ { "name": "Custom", "value": "CUSTOM" }, { "name": "Default", "value": "DEFAULT" } ] }, "google-native:compute/beta:RouterBgpAdvertisedGroupsItem": { "type": "string", "enum": [ { "name": "AllSubnets", "description": "Advertise all available subnets (including peer VPC subnets).", "value": "ALL_SUBNETS" } ] }, "google-native:compute/beta:RouterBgpPeer": { "properties": { "advertiseMode": { "$ref": "#/types/google-native:compute%2Fbeta:RouterBgpPeerAdvertiseMode", "description": "User-specified flag to indicate which mode to use for advertisement." }, "advertisedGroups": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:RouterBgpPeerAdvertisedGroupsItem" }, "description": "User-specified list of prefix groups to advertise in custom mode, which currently supports the following option: - ALL_SUBNETS: Advertises all of the router's own VPC subnets. This excludes any routes learned for subnets that use VPC Network Peering. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the \"bgp\" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups." }, "advertisedIpRanges": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:RouterAdvertisedIpRange" }, "description": "User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the \"bgp\" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges." }, "advertisedRoutePriority": { "type": "integer", "description": "The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win." }, "bfd": { "$ref": "#/types/google-native:compute%2Fbeta:RouterBgpPeerBfd", "description": "BFD configuration for the BGP peering." }, "customLearnedIpRanges": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:RouterBgpPeerCustomLearnedIpRange" }, "description": "A list of user-defined custom learned route IP address ranges for a BGP session." }, "customLearnedRoutePriority": { "type": "integer", "description": "The user-defined custom learned route priority for a BGP session. This value is applied to all custom learned route ranges for the session. You can choose a value from `0` to `65335`. If you don't provide a value, Google Cloud assigns a priority of `100` to the ranges." }, "enable": { "$ref": "#/types/google-native:compute%2Fbeta:RouterBgpPeerEnable", "description": "The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE." }, "enableIpv4": { "type": "boolean", "description": "Enable IPv4 traffic over BGP Peer. It is enabled by default if the peerIpAddress is version 4." }, "enableIpv6": { "type": "boolean", "description": "Enable IPv6 traffic over BGP Peer. If not specified, it is disabled by default." }, "interfaceName": { "type": "string", "description": "Name of the interface the BGP peer is associated with." }, "ipAddress": { "type": "string", "description": "IP address of the interface inside Google Cloud Platform. Only IPv4 is supported." }, "ipv4NexthopAddress": { "type": "string", "description": "IPv4 address of the interface inside Google Cloud Platform." }, "ipv6NexthopAddress": { "type": "string", "description": "IPv6 address of the interface inside Google Cloud Platform." }, "md5AuthenticationKeyName": { "type": "string", "description": "Present if MD5 authentication is enabled for the peering. Must be the name of one of the entries in the Router.md5_authentication_keys. The field must comply with RFC1035." }, "name": { "type": "string", "description": "Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "peerAsn": { "type": "integer", "description": "Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value." }, "peerIpAddress": { "type": "string", "description": "IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported." }, "peerIpv4NexthopAddress": { "type": "string", "description": "IPv4 address of the BGP interface outside Google Cloud Platform." }, "peerIpv6NexthopAddress": { "type": "string", "description": "IPv6 address of the BGP interface outside Google Cloud Platform." }, "routerApplianceInstance": { "type": "string", "description": "URI of the VM instance that is used as third-party router appliances such as Next Gen Firewalls, Virtual Routers, or Router Appliances. The VM instance must be located in zones contained in the same region as this Cloud Router. The VM instance is the peer side of the BGP session." } }, "type": "object" }, "google-native:compute/beta:RouterBgpPeerAdvertiseMode": { "description": "User-specified flag to indicate which mode to use for advertisement.", "type": "string", "enum": [ { "name": "Custom", "value": "CUSTOM" }, { "name": "Default", "value": "DEFAULT" } ] }, "google-native:compute/beta:RouterBgpPeerAdvertisedGroupsItem": { "type": "string", "enum": [ { "name": "AllSubnets", "description": "Advertise all available subnets (including peer VPC subnets).", "value": "ALL_SUBNETS" } ] }, "google-native:compute/beta:RouterBgpPeerBfd": { "properties": { "minReceiveInterval": { "type": "integer", "description": "The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router. If set, this value must be between 1000 and 30000. The default is 1000." }, "minTransmitInterval": { "type": "integer", "description": "The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router. If set, this value must be between 1000 and 30000. The default is 1000." }, "multiplier": { "type": "integer", "description": "The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable. If set, the value must be a value between 5 and 16. The default is 5." }, "sessionInitializationMode": { "$ref": "#/types/google-native:compute%2Fbeta:RouterBgpPeerBfdSessionInitializationMode", "description": "The BFD session initialization mode for this BGP peer. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is DISABLED." } }, "type": "object" }, "google-native:compute/beta:RouterBgpPeerBfdResponse": { "properties": { "minReceiveInterval": { "type": "integer", "description": "The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router. If set, this value must be between 1000 and 30000. The default is 1000." }, "minTransmitInterval": { "type": "integer", "description": "The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router. If set, this value must be between 1000 and 30000. The default is 1000." }, "multiplier": { "type": "integer", "description": "The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable. If set, the value must be a value between 5 and 16. The default is 5." }, "sessionInitializationMode": { "type": "string", "description": "The BFD session initialization mode for this BGP peer. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is DISABLED." } }, "type": "object", "required": [ "minReceiveInterval", "minTransmitInterval", "multiplier", "sessionInitializationMode" ] }, "google-native:compute/beta:RouterBgpPeerBfdSessionInitializationMode": { "description": "The BFD session initialization mode for this BGP peer. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is DISABLED.", "type": "string", "enum": [ { "name": "Active", "value": "ACTIVE" }, { "name": "Disabled", "value": "DISABLED" }, { "name": "Passive", "value": "PASSIVE" } ] }, "google-native:compute/beta:RouterBgpPeerCustomLearnedIpRange": { "properties": { "range": { "type": "string", "description": "The custom learned route IP address range. Must be a valid CIDR-formatted prefix. If an IP address is provided without a subnet mask, it is interpreted as, for IPv4, a `/32` singular IP address range, and, for IPv6, `/128`." } }, "type": "object" }, "google-native:compute/beta:RouterBgpPeerCustomLearnedIpRangeResponse": { "properties": { "range": { "type": "string", "description": "The custom learned route IP address range. Must be a valid CIDR-formatted prefix. If an IP address is provided without a subnet mask, it is interpreted as, for IPv4, a `/32` singular IP address range, and, for IPv6, `/128`." } }, "type": "object", "required": [ "range" ] }, "google-native:compute/beta:RouterBgpPeerEnable": { "description": "The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.", "type": "string", "enum": [ { "name": "False", "value": "FALSE" }, { "name": "True", "value": "TRUE" } ] }, "google-native:compute/beta:RouterBgpPeerResponse": { "properties": { "advertiseMode": { "type": "string", "description": "User-specified flag to indicate which mode to use for advertisement." }, "advertisedGroups": { "type": "array", "items": { "type": "string" }, "description": "User-specified list of prefix groups to advertise in custom mode, which currently supports the following option: - ALL_SUBNETS: Advertises all of the router's own VPC subnets. This excludes any routes learned for subnets that use VPC Network Peering. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the \"bgp\" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups." }, "advertisedIpRanges": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:RouterAdvertisedIpRangeResponse" }, "description": "User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the \"bgp\" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges." }, "advertisedRoutePriority": { "type": "integer", "description": "The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win." }, "bfd": { "$ref": "#/types/google-native:compute%2Fbeta:RouterBgpPeerBfdResponse", "description": "BFD configuration for the BGP peering." }, "customLearnedIpRanges": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:RouterBgpPeerCustomLearnedIpRangeResponse" }, "description": "A list of user-defined custom learned route IP address ranges for a BGP session." }, "customLearnedRoutePriority": { "type": "integer", "description": "The user-defined custom learned route priority for a BGP session. This value is applied to all custom learned route ranges for the session. You can choose a value from `0` to `65335`. If you don't provide a value, Google Cloud assigns a priority of `100` to the ranges." }, "enable": { "type": "string", "description": "The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE." }, "enableIpv4": { "type": "boolean", "description": "Enable IPv4 traffic over BGP Peer. It is enabled by default if the peerIpAddress is version 4." }, "enableIpv6": { "type": "boolean", "description": "Enable IPv6 traffic over BGP Peer. If not specified, it is disabled by default." }, "interfaceName": { "type": "string", "description": "Name of the interface the BGP peer is associated with." }, "ipAddress": { "type": "string", "description": "IP address of the interface inside Google Cloud Platform. Only IPv4 is supported." }, "ipv4NexthopAddress": { "type": "string", "description": "IPv4 address of the interface inside Google Cloud Platform." }, "ipv6NexthopAddress": { "type": "string", "description": "IPv6 address of the interface inside Google Cloud Platform." }, "managementType": { "type": "string", "description": "The resource that configures and manages this BGP peer. - MANAGED_BY_USER is the default value and can be managed by you or other users - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted. " }, "md5AuthenticationKeyName": { "type": "string", "description": "Present if MD5 authentication is enabled for the peering. Must be the name of one of the entries in the Router.md5_authentication_keys. The field must comply with RFC1035." }, "name": { "type": "string", "description": "Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "peerAsn": { "type": "integer", "description": "Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value." }, "peerIpAddress": { "type": "string", "description": "IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported." }, "peerIpv4NexthopAddress": { "type": "string", "description": "IPv4 address of the BGP interface outside Google Cloud Platform." }, "peerIpv6NexthopAddress": { "type": "string", "description": "IPv6 address of the BGP interface outside Google Cloud Platform." }, "routerApplianceInstance": { "type": "string", "description": "URI of the VM instance that is used as third-party router appliances such as Next Gen Firewalls, Virtual Routers, or Router Appliances. The VM instance must be located in zones contained in the same region as this Cloud Router. The VM instance is the peer side of the BGP session." } }, "type": "object", "required": [ "advertiseMode", "advertisedGroups", "advertisedIpRanges", "advertisedRoutePriority", "bfd", "customLearnedIpRanges", "customLearnedRoutePriority", "enable", "enableIpv4", "enableIpv6", "interfaceName", "ipAddress", "ipv4NexthopAddress", "ipv6NexthopAddress", "managementType", "md5AuthenticationKeyName", "name", "peerAsn", "peerIpAddress", "peerIpv4NexthopAddress", "peerIpv6NexthopAddress", "routerApplianceInstance" ] }, "google-native:compute/beta:RouterBgpResponse": { "properties": { "advertiseMode": { "type": "string", "description": "User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM." }, "advertisedGroups": { "type": "array", "items": { "type": "string" }, "description": "User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups." }, "advertisedIpRanges": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:RouterAdvertisedIpRangeResponse" }, "description": "User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These IP ranges will be advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges." }, "asn": { "type": "integer", "description": "Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN." }, "identifierRange": { "type": "string", "description": "Explicitly specifies a range of valid BGP Identifiers for this Router. It is provided as a link-local IPv4 range (from 169.254.0.0/16), of size at least /30, even if the BGP sessions are over IPv6. It must not overlap with any IPv4 BGP session ranges. Other vendors commonly call this \"router ID\"." }, "keepaliveInterval": { "type": "integer", "description": "The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20." } }, "type": "object", "required": [ "advertiseMode", "advertisedGroups", "advertisedIpRanges", "asn", "identifierRange", "keepaliveInterval" ] }, "google-native:compute/beta:RouterInterface": { "properties": { "ipRange": { "type": "string", "description": "IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface." }, "ipVersion": { "$ref": "#/types/google-native:compute%2Fbeta:RouterInterfaceIpVersion", "description": "IP version of this interface." }, "linkedInterconnectAttachment": { "type": "string", "description": "URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a subnetwork." }, "linkedVpnTunnel": { "type": "string", "description": "URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a subnetwork." }, "name": { "type": "string", "description": "Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "privateIpAddress": { "type": "string", "description": "The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM." }, "redundantInterface": { "type": "string", "description": "Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "subnetwork": { "type": "string", "description": "The URI of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here." } }, "type": "object" }, "google-native:compute/beta:RouterInterfaceIpVersion": { "description": "IP version of this interface.", "type": "string", "enum": [ { "name": "Ipv4", "value": "IPV4" }, { "name": "Ipv6", "value": "IPV6" } ] }, "google-native:compute/beta:RouterInterfaceResponse": { "properties": { "ipRange": { "type": "string", "description": "IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface." }, "ipVersion": { "type": "string", "description": "IP version of this interface." }, "linkedInterconnectAttachment": { "type": "string", "description": "URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a subnetwork." }, "linkedVpnTunnel": { "type": "string", "description": "URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a subnetwork." }, "managementType": { "type": "string", "description": "The resource that configures and manages this interface. - MANAGED_BY_USER is the default value and can be managed directly by users. - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted. " }, "name": { "type": "string", "description": "Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "privateIpAddress": { "type": "string", "description": "The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM." }, "redundantInterface": { "type": "string", "description": "Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "subnetwork": { "type": "string", "description": "The URI of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here." } }, "type": "object", "required": [ "ipRange", "ipVersion", "linkedInterconnectAttachment", "linkedVpnTunnel", "managementType", "name", "privateIpAddress", "redundantInterface", "subnetwork" ] }, "google-native:compute/beta:RouterMd5AuthenticationKey": { "properties": { "key": { "type": "string", "description": "[Input only] Value of the key. For patch and update calls, it can be skipped to copy the value from the previous configuration. This is allowed if the key with the same name existed before the operation. Maximum length is 80 characters. Can only contain printable ASCII characters." }, "name": { "type": "string", "description": "Name used to identify the key. Must be unique within a router. Must be referenced by exactly one bgpPeer. Must comply with RFC1035." } }, "type": "object" }, "google-native:compute/beta:RouterMd5AuthenticationKeyResponse": { "properties": { "key": { "type": "string", "description": "[Input only] Value of the key. For patch and update calls, it can be skipped to copy the value from the previous configuration. This is allowed if the key with the same name existed before the operation. Maximum length is 80 characters. Can only contain printable ASCII characters." }, "name": { "type": "string", "description": "Name used to identify the key. Must be unique within a router. Must be referenced by exactly one bgpPeer. Must comply with RFC1035." } }, "type": "object", "required": [ "key", "name" ] }, "google-native:compute/beta:RouterNat": { "description": "Represents a Nat resource. It enables the VMs within the specified subnetworks to access Internet without external IP addresses. It specifies a list of subnetworks (and the ranges within) that want to use NAT. Customers can also provide the external IPs that would be used for NAT. GCP would auto-allocate ephemeral IPs if no external IPs are provided.", "properties": { "autoNetworkTier": { "$ref": "#/types/google-native:compute%2Fbeta:RouterNatAutoNetworkTier", "description": "The network tier to use when automatically reserving NAT IP addresses. Must be one of: PREMIUM, STANDARD. If not specified, then the current project-level default tier is used." }, "drainNatIps": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT only." }, "enableDynamicPortAllocation": { "type": "boolean", "description": "Enable Dynamic Port Allocation. If not specified, it is disabled by default. If set to true, - Dynamic Port Allocation will be enabled on this NAT config. - enableEndpointIndependentMapping cannot be set to true. - If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config. " }, "enableEndpointIndependentMapping": { "type": "boolean" }, "endpointTypes": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:RouterNatEndpointTypesItem" }, "description": "List of NAT-ted endpoint types supported by the Nat Gateway. If the list is empty, then it will be equivalent to include ENDPOINT_TYPE_VM" }, "icmpIdleTimeoutSec": { "type": "integer", "description": "Timeout (in seconds) for ICMP connections. Defaults to 30s if not set." }, "logConfig": { "$ref": "#/types/google-native:compute%2Fbeta:RouterNatLogConfig", "description": "Configure logging on this NAT." }, "maxPortsPerVm": { "type": "integer", "description": "Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled. If Dynamic Port Allocation is not enabled, this field has no effect. If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set. If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config." }, "minPortsPerVm": { "type": "integer", "description": "Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM." }, "name": { "type": "string", "description": "Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035." }, "natIpAllocateOption": { "$ref": "#/types/google-native:compute%2Fbeta:RouterNatNatIpAllocateOption", "description": "Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty. " }, "natIps": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project." }, "rules": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:RouterNatRule" }, "description": "A list of rules associated with this NAT." }, "sourceSubnetworkIpRangesToNat": { "$ref": "#/types/google-native:compute%2Fbeta:RouterNatSourceSubnetworkIpRangesToNat", "description": "Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES then there should not be any other Router.Nat section in any Router for this network in this region." }, "subnetworks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:RouterNatSubnetworkToNat" }, "description": "A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above." }, "tcpEstablishedIdleTimeoutSec": { "type": "integer", "description": "Timeout (in seconds) for TCP established connections. Defaults to 1200s if not set." }, "tcpTimeWaitTimeoutSec": { "type": "integer", "description": "Timeout (in seconds) for TCP connections that are in TIME_WAIT state. Defaults to 120s if not set." }, "tcpTransitoryIdleTimeoutSec": { "type": "integer", "description": "Timeout (in seconds) for TCP transitory connections. Defaults to 30s if not set." }, "type": { "$ref": "#/types/google-native:compute%2Fbeta:RouterNatType", "description": "Indicates whether this NAT is used for public or private IP translation. If unspecified, it defaults to PUBLIC." }, "udpIdleTimeoutSec": { "type": "integer", "description": "Timeout (in seconds) for UDP connections. Defaults to 30s if not set." } }, "type": "object" }, "google-native:compute/beta:RouterNatAutoNetworkTier": { "description": "The network tier to use when automatically reserving NAT IP addresses. Must be one of: PREMIUM, STANDARD. If not specified, then the current project-level default tier is used.", "type": "string", "enum": [ { "name": "FixedStandard", "description": "Public internet quality with fixed bandwidth.", "value": "FIXED_STANDARD" }, { "name": "Premium", "description": "High quality, Google-grade network tier, support for all networking products.", "value": "PREMIUM" }, { "name": "Standard", "description": "Public internet quality, only limited support for other networking products.", "value": "STANDARD" }, { "name": "StandardOverridesFixedStandard", "description": "(Output only) Temporary tier for FIXED_STANDARD when fixed standard tier is expired or not configured.", "value": "STANDARD_OVERRIDES_FIXED_STANDARD" } ] }, "google-native:compute/beta:RouterNatEndpointTypesItem": { "type": "string", "enum": [ { "name": "EndpointTypeManagedProxyLb", "description": "This is used for regional Application Load Balancers (internal and external) and regional proxy Network Load Balancers (internal and external) endpoints.", "value": "ENDPOINT_TYPE_MANAGED_PROXY_LB" }, { "name": "EndpointTypeSwg", "description": "This is used for Secure Web Gateway endpoints.", "value": "ENDPOINT_TYPE_SWG" }, { "name": "EndpointTypeVm", "description": "This is the default.", "value": "ENDPOINT_TYPE_VM" } ] }, "google-native:compute/beta:RouterNatLogConfig": { "description": "Configuration of logging on a NAT.", "properties": { "enable": { "type": "boolean", "description": "Indicates whether or not to export logs. This is false by default." }, "filter": { "$ref": "#/types/google-native:compute%2Fbeta:RouterNatLogConfigFilter", "description": "Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful. " } }, "type": "object" }, "google-native:compute/beta:RouterNatLogConfigFilter": { "description": "Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful. ", "type": "string", "enum": [ { "name": "All", "description": "Export logs for all (successful and unsuccessful) connections.", "value": "ALL" }, { "name": "ErrorsOnly", "description": "Export logs for connection failures only.", "value": "ERRORS_ONLY" }, { "name": "TranslationsOnly", "description": "Export logs for successful connections only.", "value": "TRANSLATIONS_ONLY" } ] }, "google-native:compute/beta:RouterNatLogConfigResponse": { "description": "Configuration of logging on a NAT.", "properties": { "enable": { "type": "boolean", "description": "Indicates whether or not to export logs. This is false by default." }, "filter": { "type": "string", "description": "Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful. " } }, "type": "object", "required": [ "enable", "filter" ] }, "google-native:compute/beta:RouterNatNatIpAllocateOption": { "description": "Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty. ", "type": "string", "enum": [ { "name": "AutoOnly", "description": "Nat IPs are allocated by GCP; customers can not specify any Nat IPs.", "value": "AUTO_ONLY" }, { "name": "ManualOnly", "description": "Only use Nat IPs provided by customers. When specified Nat IPs are not enough then the Nat service fails for new VMs.", "value": "MANUAL_ONLY" } ] }, "google-native:compute/beta:RouterNatResponse": { "description": "Represents a Nat resource. It enables the VMs within the specified subnetworks to access Internet without external IP addresses. It specifies a list of subnetworks (and the ranges within) that want to use NAT. Customers can also provide the external IPs that would be used for NAT. GCP would auto-allocate ephemeral IPs if no external IPs are provided.", "properties": { "autoNetworkTier": { "type": "string", "description": "The network tier to use when automatically reserving NAT IP addresses. Must be one of: PREMIUM, STANDARD. If not specified, then the current project-level default tier is used." }, "drainNatIps": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT only." }, "enableDynamicPortAllocation": { "type": "boolean", "description": "Enable Dynamic Port Allocation. If not specified, it is disabled by default. If set to true, - Dynamic Port Allocation will be enabled on this NAT config. - enableEndpointIndependentMapping cannot be set to true. - If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config. " }, "enableEndpointIndependentMapping": { "type": "boolean" }, "endpointTypes": { "type": "array", "items": { "type": "string" }, "description": "List of NAT-ted endpoint types supported by the Nat Gateway. If the list is empty, then it will be equivalent to include ENDPOINT_TYPE_VM" }, "icmpIdleTimeoutSec": { "type": "integer", "description": "Timeout (in seconds) for ICMP connections. Defaults to 30s if not set." }, "logConfig": { "$ref": "#/types/google-native:compute%2Fbeta:RouterNatLogConfigResponse", "description": "Configure logging on this NAT." }, "maxPortsPerVm": { "type": "integer", "description": "Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled. If Dynamic Port Allocation is not enabled, this field has no effect. If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set. If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config." }, "minPortsPerVm": { "type": "integer", "description": "Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM." }, "name": { "type": "string", "description": "Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035." }, "natIpAllocateOption": { "type": "string", "description": "Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty. " }, "natIps": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project." }, "rules": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:RouterNatRuleResponse" }, "description": "A list of rules associated with this NAT." }, "sourceSubnetworkIpRangesToNat": { "type": "string", "description": "Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES then there should not be any other Router.Nat section in any Router for this network in this region." }, "subnetworks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:RouterNatSubnetworkToNatResponse" }, "description": "A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above." }, "tcpEstablishedIdleTimeoutSec": { "type": "integer", "description": "Timeout (in seconds) for TCP established connections. Defaults to 1200s if not set." }, "tcpTimeWaitTimeoutSec": { "type": "integer", "description": "Timeout (in seconds) for TCP connections that are in TIME_WAIT state. Defaults to 120s if not set." }, "tcpTransitoryIdleTimeoutSec": { "type": "integer", "description": "Timeout (in seconds) for TCP transitory connections. Defaults to 30s if not set." }, "type": { "type": "string", "description": "Indicates whether this NAT is used for public or private IP translation. If unspecified, it defaults to PUBLIC." }, "udpIdleTimeoutSec": { "type": "integer", "description": "Timeout (in seconds) for UDP connections. Defaults to 30s if not set." } }, "type": "object", "required": [ "autoNetworkTier", "drainNatIps", "enableDynamicPortAllocation", "enableEndpointIndependentMapping", "endpointTypes", "icmpIdleTimeoutSec", "logConfig", "maxPortsPerVm", "minPortsPerVm", "name", "natIpAllocateOption", "natIps", "rules", "sourceSubnetworkIpRangesToNat", "subnetworks", "tcpEstablishedIdleTimeoutSec", "tcpTimeWaitTimeoutSec", "tcpTransitoryIdleTimeoutSec", "type", "udpIdleTimeoutSec" ] }, "google-native:compute/beta:RouterNatRule": { "properties": { "action": { "$ref": "#/types/google-native:compute%2Fbeta:RouterNatRuleAction", "description": "The action to be enforced for traffic that matches this rule." }, "description": { "type": "string", "description": "An optional description of this rule." }, "match": { "type": "string", "description": "CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding `action` is enforced. The following examples are valid match expressions for public NAT: \"inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')\" \"destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'\" The following example is a valid match expression for private NAT: \"nexthop.hub == '//networkconnectivity.googleapis.com/projects/my-project/locations/global/hubs/hub-1'\"" }, "ruleNumber": { "type": "integer", "description": "An integer uniquely identifying a rule in the list. The rule number must be a positive value between 0 and 65000, and must be unique among rules within a NAT." } }, "type": "object" }, "google-native:compute/beta:RouterNatRuleAction": { "properties": { "sourceNatActiveIps": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of the IP resources used for this NAT rule. These IP addresses must be valid static external IP addresses assigned to the project. This field is used for public NAT." }, "sourceNatActiveRanges": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of the subnetworks used as source ranges for this NAT Rule. These subnetworks must have purpose set to PRIVATE_NAT. This field is used for private NAT." }, "sourceNatDrainIps": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT rule only. This field is used for public NAT." }, "sourceNatDrainRanges": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of subnetworks representing source ranges to be drained. This is only supported on patch/update, and these subnetworks must have previously been used as active ranges in this NAT Rule. This field is used for private NAT." } }, "type": "object" }, "google-native:compute/beta:RouterNatRuleActionResponse": { "properties": { "sourceNatActiveIps": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of the IP resources used for this NAT rule. These IP addresses must be valid static external IP addresses assigned to the project. This field is used for public NAT." }, "sourceNatActiveRanges": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of the subnetworks used as source ranges for this NAT Rule. These subnetworks must have purpose set to PRIVATE_NAT. This field is used for private NAT." }, "sourceNatDrainIps": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT rule only. This field is used for public NAT." }, "sourceNatDrainRanges": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of subnetworks representing source ranges to be drained. This is only supported on patch/update, and these subnetworks must have previously been used as active ranges in this NAT Rule. This field is used for private NAT." } }, "type": "object", "required": [ "sourceNatActiveIps", "sourceNatActiveRanges", "sourceNatDrainIps", "sourceNatDrainRanges" ] }, "google-native:compute/beta:RouterNatRuleResponse": { "properties": { "action": { "$ref": "#/types/google-native:compute%2Fbeta:RouterNatRuleActionResponse", "description": "The action to be enforced for traffic that matches this rule." }, "description": { "type": "string", "description": "An optional description of this rule." }, "match": { "type": "string", "description": "CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding `action` is enforced. The following examples are valid match expressions for public NAT: \"inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')\" \"destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'\" The following example is a valid match expression for private NAT: \"nexthop.hub == '//networkconnectivity.googleapis.com/projects/my-project/locations/global/hubs/hub-1'\"" }, "ruleNumber": { "type": "integer", "description": "An integer uniquely identifying a rule in the list. The rule number must be a positive value between 0 and 65000, and must be unique among rules within a NAT." } }, "type": "object", "required": [ "action", "description", "match", "ruleNumber" ] }, "google-native:compute/beta:RouterNatSourceSubnetworkIpRangesToNat": { "description": "Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES then there should not be any other Router.Nat section in any Router for this network in this region.", "type": "string", "enum": [ { "name": "AllSubnetworksAllIpRanges", "description": "All the IP ranges in every Subnetwork are allowed to Nat.", "value": "ALL_SUBNETWORKS_ALL_IP_RANGES" }, { "name": "AllSubnetworksAllPrimaryIpRanges", "description": "All the primary IP ranges in every Subnetwork are allowed to Nat.", "value": "ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES" }, { "name": "ListOfSubnetworks", "description": "A list of Subnetworks are allowed to Nat (specified in the field subnetwork below)", "value": "LIST_OF_SUBNETWORKS" } ] }, "google-native:compute/beta:RouterNatSubnetworkToNat": { "description": "Defines the IP ranges that want to use NAT for a subnetwork.", "properties": { "name": { "type": "string", "description": "URL for the subnetwork resource that will use NAT." }, "secondaryIpRangeNames": { "type": "array", "items": { "type": "string" }, "description": "A list of the secondary ranges of the Subnetwork that are allowed to use NAT. This can be populated only if \"LIST_OF_SECONDARY_IP_RANGES\" is one of the values in source_ip_ranges_to_nat." }, "sourceIpRangesToNat": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:RouterNatSubnetworkToNatSourceIpRangesToNatItem" }, "description": "Specify the options for NAT ranges in the Subnetwork. All options of a single value are valid except NAT_IP_RANGE_OPTION_UNSPECIFIED. The only valid option with multiple values is: [\"PRIMARY_IP_RANGE\", \"LIST_OF_SECONDARY_IP_RANGES\"] Default: [ALL_IP_RANGES]" } }, "type": "object" }, "google-native:compute/beta:RouterNatSubnetworkToNatResponse": { "description": "Defines the IP ranges that want to use NAT for a subnetwork.", "properties": { "name": { "type": "string", "description": "URL for the subnetwork resource that will use NAT." }, "secondaryIpRangeNames": { "type": "array", "items": { "type": "string" }, "description": "A list of the secondary ranges of the Subnetwork that are allowed to use NAT. This can be populated only if \"LIST_OF_SECONDARY_IP_RANGES\" is one of the values in source_ip_ranges_to_nat." }, "sourceIpRangesToNat": { "type": "array", "items": { "type": "string" }, "description": "Specify the options for NAT ranges in the Subnetwork. All options of a single value are valid except NAT_IP_RANGE_OPTION_UNSPECIFIED. The only valid option with multiple values is: [\"PRIMARY_IP_RANGE\", \"LIST_OF_SECONDARY_IP_RANGES\"] Default: [ALL_IP_RANGES]" } }, "type": "object", "required": [ "name", "secondaryIpRangeNames", "sourceIpRangesToNat" ] }, "google-native:compute/beta:RouterNatSubnetworkToNatSourceIpRangesToNatItem": { "type": "string", "enum": [ { "name": "AllIpRanges", "description": "The primary and all the secondary ranges are allowed to Nat.", "value": "ALL_IP_RANGES" }, { "name": "ListOfSecondaryIpRanges", "description": "A list of secondary ranges are allowed to Nat.", "value": "LIST_OF_SECONDARY_IP_RANGES" }, { "name": "PrimaryIpRange", "description": "The primary range is allowed to Nat.", "value": "PRIMARY_IP_RANGE" } ] }, "google-native:compute/beta:RouterNatType": { "description": "Indicates whether this NAT is used for public or private IP translation. If unspecified, it defaults to PUBLIC.", "type": "string", "enum": [ { "name": "Private", "description": "NAT used for private IP translation.", "value": "PRIVATE" }, { "name": "Public", "description": "NAT used for public IP translation. This is the default.", "value": "PUBLIC" } ] }, "google-native:compute/beta:Rule": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "action": { "$ref": "#/types/google-native:compute%2Fbeta:RuleAction", "description": "This is deprecated and has no effect. Do not use." }, "conditions": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:Condition" }, "description": "This is deprecated and has no effect. Do not use." }, "description": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "ins": { "type": "array", "items": { "type": "string" }, "description": "This is deprecated and has no effect. Do not use." }, "logConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:LogConfig" }, "description": "This is deprecated and has no effect. Do not use." }, "notIns": { "type": "array", "items": { "type": "string" }, "description": "This is deprecated and has no effect. Do not use." }, "permissions": { "type": "array", "items": { "type": "string" }, "description": "This is deprecated and has no effect. Do not use." } }, "type": "object" }, "google-native:compute/beta:RuleAction": { "description": "This is deprecated and has no effect. Do not use.", "type": "string", "enum": [ { "name": "Allow", "description": "This is deprecated and has no effect. Do not use.", "value": "ALLOW" }, { "name": "AllowWithLog", "description": "This is deprecated and has no effect. Do not use.", "value": "ALLOW_WITH_LOG" }, { "name": "Deny", "description": "This is deprecated and has no effect. Do not use.", "value": "DENY" }, { "name": "DenyWithLog", "description": "This is deprecated and has no effect. Do not use.", "value": "DENY_WITH_LOG" }, { "name": "Log", "description": "This is deprecated and has no effect. Do not use.", "value": "LOG" }, { "name": "NoAction", "description": "This is deprecated and has no effect. Do not use.", "value": "NO_ACTION" } ] }, "google-native:compute/beta:RuleResponse": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "action": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "conditions": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:ConditionResponse" }, "description": "This is deprecated and has no effect. Do not use." }, "description": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "ins": { "type": "array", "items": { "type": "string" }, "description": "This is deprecated and has no effect. Do not use." }, "logConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:LogConfigResponse" }, "description": "This is deprecated and has no effect. Do not use." }, "notIns": { "type": "array", "items": { "type": "string" }, "description": "This is deprecated and has no effect. Do not use." }, "permissions": { "type": "array", "items": { "type": "string" }, "description": "This is deprecated and has no effect. Do not use." } }, "type": "object", "required": [ "action", "conditions", "description", "ins", "logConfigs", "notIns", "permissions" ] }, "google-native:compute/beta:SSLHealthCheck": { "properties": { "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. The default value is 443. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "$ref": "#/types/google-native:compute%2Fbeta:SSLHealthCheckPortSpecification", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." }, "proxyHeader": { "$ref": "#/types/google-native:compute%2Fbeta:SSLHealthCheckProxyHeader", "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE." }, "request": { "type": "string", "description": "Instructs the health check prober to send this exact ASCII string, up to 1024 bytes in length, after establishing the TCP connection and SSL handshake." }, "response": { "type": "string", "description": "Creates a content-based SSL health check. In addition to establishing a TCP connection and the TLS handshake, you can configure the health check to pass only when the backend sends this exact response ASCII string, up to 1024 bytes in length. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#criteria-protocol-ssl-tcp" } }, "type": "object" }, "google-native:compute/beta:SSLHealthCheckPortSpecification": { "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports.", "type": "string", "enum": [ { "name": "UseFixedPort", "description": "The port number in the health check's port is used for health checking. Applies to network endpoint group and instance group backends.", "value": "USE_FIXED_PORT" }, { "name": "UseNamedPort", "description": "Not supported.", "value": "USE_NAMED_PORT" }, { "name": "UseServingPort", "description": "For network endpoint group backends, the health check uses the port number specified on each endpoint in the network endpoint group. For instance group backends, the health check uses the port number specified for the backend service's named port defined in the instance group's named ports.", "value": "USE_SERVING_PORT" } ] }, "google-native:compute/beta:SSLHealthCheckProxyHeader": { "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.", "type": "string", "enum": [ { "name": "None", "value": "NONE" }, { "name": "ProxyV1", "value": "PROXY_V1" } ] }, "google-native:compute/beta:SSLHealthCheckResponse": { "properties": { "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. The default value is 443. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "type": "string", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." }, "proxyHeader": { "type": "string", "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE." }, "request": { "type": "string", "description": "Instructs the health check prober to send this exact ASCII string, up to 1024 bytes in length, after establishing the TCP connection and SSL handshake." }, "response": { "type": "string", "description": "Creates a content-based SSL health check. In addition to establishing a TCP connection and the TLS handshake, you can configure the health check to pass only when the backend sends this exact response ASCII string, up to 1024 bytes in length. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#criteria-protocol-ssl-tcp" } }, "type": "object", "required": [ "port", "portName", "portSpecification", "proxyHeader", "request", "response" ] }, "google-native:compute/beta:SavedAttachedDiskResponse": { "description": "DEPRECATED: Please use compute#savedDisk instead. An instance-attached disk resource.", "properties": { "autoDelete": { "type": "boolean", "description": "Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance)." }, "boot": { "type": "boolean", "description": "Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem." }, "deviceName": { "type": "string", "description": "Specifies the name of the disk attached to the source instance." }, "diskEncryptionKey": { "$ref": "#/types/google-native:compute%2Fbeta:CustomerEncryptionKeyResponse", "description": "The encryption key for the disk." }, "diskSizeGb": { "type": "string", "description": "The size of the disk in base-2 GB." }, "diskType": { "type": "string", "description": "URL of the disk type resource. For example: projects/project /zones/zone/diskTypes/pd-standard or pd-ssd" }, "guestOsFeatures": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:GuestOsFeatureResponse" }, "description": "A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options." }, "index": { "type": "integer", "description": "Specifies zero-based index of the disk that is attached to the source instance." }, "interface": { "type": "string", "description": "Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME." }, "kind": { "type": "string", "description": "Type of the resource. Always compute#attachedDisk for attached disks." }, "licenses": { "type": "array", "items": { "type": "string" }, "description": "Any valid publicly visible licenses." }, "mode": { "type": "string", "description": "The mode in which this disk is attached to the source instance, either READ_WRITE or READ_ONLY." }, "source": { "type": "string", "description": "Specifies a URL of the disk attached to the source instance." }, "storageBytes": { "type": "string", "description": "A size of the storage used by the disk's snapshot by this machine image." }, "storageBytesStatus": { "type": "string", "description": "An indicator whether storageBytes is in a stable state or it is being adjusted as a result of shared storage reallocation. This status can either be UPDATING, meaning the size of the snapshot is being updated, or UP_TO_DATE, meaning the size of the snapshot is up-to-date." }, "type": { "type": "string", "description": "Specifies the type of the attached disk, either SCRATCH or PERSISTENT." } }, "type": "object", "required": [ "autoDelete", "boot", "deviceName", "diskEncryptionKey", "diskSizeGb", "diskType", "guestOsFeatures", "index", "interface", "kind", "licenses", "mode", "source", "storageBytes", "storageBytesStatus", "type" ] }, "google-native:compute/beta:SavedDisk": { "description": "An instance-attached disk resource.", "properties": { "sourceDisk": { "type": "string", "description": "Specifies a URL of the disk attached to the source instance." } }, "type": "object" }, "google-native:compute/beta:SavedDiskResponse": { "description": "An instance-attached disk resource.", "properties": { "architecture": { "type": "string", "description": "The architecture of the attached disk." }, "kind": { "type": "string", "description": "Type of the resource. Always compute#savedDisk for attached disks." }, "sourceDisk": { "type": "string", "description": "Specifies a URL of the disk attached to the source instance." }, "storageBytes": { "type": "string", "description": "Size of the individual disk snapshot used by this machine image." }, "storageBytesStatus": { "type": "string", "description": "An indicator whether storageBytes is in a stable state or it is being adjusted as a result of shared storage reallocation. This status can either be UPDATING, meaning the size of the snapshot is being updated, or UP_TO_DATE, meaning the size of the snapshot is up-to-date." } }, "type": "object", "required": [ "architecture", "kind", "sourceDisk", "storageBytes", "storageBytesStatus" ] }, "google-native:compute/beta:Scheduling": { "description": "Sets the scheduling options for an Instance.", "properties": { "automaticRestart": { "type": "boolean", "description": "Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine." }, "hostErrorTimeoutSeconds": { "type": "integer", "description": "Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used." }, "instanceTerminationAction": { "$ref": "#/types/google-native:compute%2Fbeta:SchedulingInstanceTerminationAction", "description": "Specifies the termination action for the instance." }, "localSsdRecoveryTimeout": { "$ref": "#/types/google-native:compute%2Fbeta:Duration", "description": "Specifies the maximum amount of time a Local Ssd Vm should wait while recovery of the Local Ssd state is attempted. Its value should be in between 0 and 168 hours with hour granularity and the default value being 1 hour." }, "locationHint": { "type": "string", "description": "An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API." }, "maintenanceFreezeDurationHours": { "type": "integer", "description": "Specifies the number of hours after VM instance creation where the VM won't be scheduled for maintenance." }, "maintenanceInterval": { "$ref": "#/types/google-native:compute%2Fbeta:SchedulingMaintenanceInterval", "description": "Specifies the frequency of planned maintenance events. The accepted values are: `PERIODIC`." }, "maxRunDuration": { "$ref": "#/types/google-native:compute%2Fbeta:Duration", "description": "Specifies the max run duration for the given instance. If specified, the instance termination action will be performed at the end of the run duration." }, "minNodeCpus": { "type": "integer", "description": "The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node." }, "nodeAffinities": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:SchedulingNodeAffinity" }, "description": "A set of node affinity and anti-affinity configurations. Refer to Configuring node affinity for more information. Overrides reservationAffinity." }, "onHostMaintenance": { "$ref": "#/types/google-native:compute%2Fbeta:SchedulingOnHostMaintenance", "description": "Defines the maintenance behavior for this instance. For standard instances, the default behavior is MIGRATE. For preemptible instances, the default and only possible behavior is TERMINATE. For more information, see Set VM host maintenance policy." }, "preemptible": { "type": "boolean", "description": "Defines whether the instance is preemptible. This can only be set during instance creation or while the instance is stopped and therefore, in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states." }, "provisioningModel": { "$ref": "#/types/google-native:compute%2Fbeta:SchedulingProvisioningModel", "description": "Specifies the provisioning model of the instance." }, "terminationTime": { "type": "string", "description": "Specifies the timestamp, when the instance will be terminated, in RFC3339 text format. If specified, the instance termination action will be performed at the termination time." } }, "type": "object" }, "google-native:compute/beta:SchedulingInstanceTerminationAction": { "description": "Specifies the termination action for the instance.", "type": "string", "enum": [ { "name": "Delete", "description": "Delete the VM.", "value": "DELETE" }, { "name": "InstanceTerminationActionUnspecified", "description": "Default value. This value is unused.", "value": "INSTANCE_TERMINATION_ACTION_UNSPECIFIED" }, { "name": "Stop", "description": "Stop the VM without storing in-memory content. default action.", "value": "STOP" } ] }, "google-native:compute/beta:SchedulingMaintenanceInterval": { "description": "Specifies the frequency of planned maintenance events. The accepted values are: `PERIODIC`.", "type": "string", "enum": [ { "name": "AsNeeded", "description": "VMs are eligible to receive infrastructure and hypervisor updates as they become available. This may result in more maintenance operations (live migrations or terminations) for the VM than the PERIODIC and RECURRENT options.", "value": "AS_NEEDED" }, { "name": "Periodic", "description": "VMs receive infrastructure and hypervisor updates on a periodic basis, minimizing the number of maintenance operations (live migrations or terminations) on an individual VM. This may mean a VM will take longer to receive an update than if it was configured for AS_NEEDED. Security updates will still be applied as soon as they are available.", "value": "PERIODIC" }, { "name": "Recurrent", "description": "VMs receive infrastructure and hypervisor updates on a periodic basis, minimizing the number of maintenance operations (live migrations or terminations) on an individual VM. This may mean a VM will take longer to receive an update than if it was configured for AS_NEEDED. Security updates will still be applied as soon as they are available. RECURRENT is used for GEN3 and Slice of Hardware VMs.", "value": "RECURRENT" } ] }, "google-native:compute/beta:SchedulingNodeAffinity": { "description": "Node Affinity: the configuration of desired nodes onto which this Instance could be scheduled.", "properties": { "key": { "type": "string", "description": "Corresponds to the label key of Node resource." }, "operator": { "$ref": "#/types/google-native:compute%2Fbeta:SchedulingNodeAffinityOperator", "description": "Defines the operation of node selection. Valid operators are IN for affinity and NOT_IN for anti-affinity." }, "values": { "type": "array", "items": { "type": "string" }, "description": "Corresponds to the label values of Node resource." } }, "type": "object" }, "google-native:compute/beta:SchedulingNodeAffinityOperator": { "description": "Defines the operation of node selection. Valid operators are IN for affinity and NOT_IN for anti-affinity.", "type": "string", "enum": [ { "name": "In", "description": "Requires Compute Engine to seek for matched nodes.", "value": "IN" }, { "name": "NotIn", "description": "Requires Compute Engine to avoid certain nodes.", "value": "NOT_IN" }, { "name": "OperatorUnspecified", "value": "OPERATOR_UNSPECIFIED" } ] }, "google-native:compute/beta:SchedulingNodeAffinityResponse": { "description": "Node Affinity: the configuration of desired nodes onto which this Instance could be scheduled.", "properties": { "key": { "type": "string", "description": "Corresponds to the label key of Node resource." }, "operator": { "type": "string", "description": "Defines the operation of node selection. Valid operators are IN for affinity and NOT_IN for anti-affinity." }, "values": { "type": "array", "items": { "type": "string" }, "description": "Corresponds to the label values of Node resource." } }, "type": "object", "required": [ "key", "operator", "values" ] }, "google-native:compute/beta:SchedulingOnHostMaintenance": { "description": "Defines the maintenance behavior for this instance. For standard instances, the default behavior is MIGRATE. For preemptible instances, the default and only possible behavior is TERMINATE. For more information, see Set VM host maintenance policy.", "type": "string", "enum": [ { "name": "Migrate", "description": "*[Default]* Allows Compute Engine to automatically migrate instances out of the way of maintenance events.", "value": "MIGRATE" }, { "name": "Terminate", "description": "Tells Compute Engine to terminate and (optionally) restart the instance away from the maintenance activity. If you would like your instance to be restarted, set the automaticRestart flag to true. Your instance may be restarted more than once, and it may be restarted outside the window of maintenance events.", "value": "TERMINATE" } ] }, "google-native:compute/beta:SchedulingProvisioningModel": { "description": "Specifies the provisioning model of the instance.", "type": "string", "enum": [ { "name": "Spot", "description": "Heavily discounted, no guaranteed runtime.", "value": "SPOT" }, { "name": "Standard", "description": "Standard provisioning with user controlled runtime, no discounts.", "value": "STANDARD" } ] }, "google-native:compute/beta:SchedulingResponse": { "description": "Sets the scheduling options for an Instance.", "properties": { "automaticRestart": { "type": "boolean", "description": "Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine." }, "hostErrorTimeoutSeconds": { "type": "integer", "description": "Specify the time in seconds for host error detection, the value must be within the range of [90, 330] with the increment of 30, if unset, the default behavior of host error recovery will be used." }, "instanceTerminationAction": { "type": "string", "description": "Specifies the termination action for the instance." }, "localSsdRecoveryTimeout": { "$ref": "#/types/google-native:compute%2Fbeta:DurationResponse", "description": "Specifies the maximum amount of time a Local Ssd Vm should wait while recovery of the Local Ssd state is attempted. Its value should be in between 0 and 168 hours with hour granularity and the default value being 1 hour." }, "locationHint": { "type": "string", "description": "An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API." }, "maintenanceFreezeDurationHours": { "type": "integer", "description": "Specifies the number of hours after VM instance creation where the VM won't be scheduled for maintenance." }, "maintenanceInterval": { "type": "string", "description": "Specifies the frequency of planned maintenance events. The accepted values are: `PERIODIC`." }, "maxRunDuration": { "$ref": "#/types/google-native:compute%2Fbeta:DurationResponse", "description": "Specifies the max run duration for the given instance. If specified, the instance termination action will be performed at the end of the run duration." }, "minNodeCpus": { "type": "integer", "description": "The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node." }, "nodeAffinities": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:SchedulingNodeAffinityResponse" }, "description": "A set of node affinity and anti-affinity configurations. Refer to Configuring node affinity for more information. Overrides reservationAffinity." }, "onHostMaintenance": { "type": "string", "description": "Defines the maintenance behavior for this instance. For standard instances, the default behavior is MIGRATE. For preemptible instances, the default and only possible behavior is TERMINATE. For more information, see Set VM host maintenance policy." }, "preemptible": { "type": "boolean", "description": "Defines whether the instance is preemptible. This can only be set during instance creation or while the instance is stopped and therefore, in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states." }, "provisioningModel": { "type": "string", "description": "Specifies the provisioning model of the instance." }, "terminationTime": { "type": "string", "description": "Specifies the timestamp, when the instance will be terminated, in RFC3339 text format. If specified, the instance termination action will be performed at the termination time." } }, "type": "object", "required": [ "automaticRestart", "hostErrorTimeoutSeconds", "instanceTerminationAction", "localSsdRecoveryTimeout", "locationHint", "maintenanceFreezeDurationHours", "maintenanceInterval", "maxRunDuration", "minNodeCpus", "nodeAffinities", "onHostMaintenance", "preemptible", "provisioningModel", "terminationTime" ] }, "google-native:compute/beta:SecurityPolicyAdaptiveProtectionConfig": { "description": "Configuration options for Cloud Armor Adaptive Protection (CAAP).", "properties": { "autoDeployConfig": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyAdaptiveProtectionConfigAutoDeployConfig" }, "layer7DdosDefenseConfig": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig", "description": "If set to true, enables Cloud Armor Machine Learning." } }, "type": "object" }, "google-native:compute/beta:SecurityPolicyAdaptiveProtectionConfigAutoDeployConfig": { "description": "Configuration options for Adaptive Protection auto-deploy feature.", "properties": { "confidenceThreshold": { "type": "number" }, "expirationSec": { "type": "integer" }, "impactedBaselineThreshold": { "type": "number" }, "loadThreshold": { "type": "number" } }, "type": "object" }, "google-native:compute/beta:SecurityPolicyAdaptiveProtectionConfigAutoDeployConfigResponse": { "description": "Configuration options for Adaptive Protection auto-deploy feature.", "properties": { "confidenceThreshold": { "type": "number" }, "expirationSec": { "type": "integer" }, "impactedBaselineThreshold": { "type": "number" }, "loadThreshold": { "type": "number" } }, "type": "object", "required": [ "confidenceThreshold", "expirationSec", "impactedBaselineThreshold", "loadThreshold" ] }, "google-native:compute/beta:SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig": { "description": "Configuration options for L7 DDoS detection. This field is only supported in Global Security Policies of type CLOUD_ARMOR.", "properties": { "enable": { "type": "boolean", "description": "If set to true, enables CAAP for L7 DDoS detection. This field is only supported in Global Security Policies of type CLOUD_ARMOR." }, "ruleVisibility": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigRuleVisibility", "description": "Rule visibility can be one of the following: STANDARD - opaque rules. (default) PREMIUM - transparent rules. This field is only supported in Global Security Policies of type CLOUD_ARMOR." }, "thresholdConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig" }, "description": "Configuration options for layer7 adaptive protection for various customizable thresholds." } }, "type": "object" }, "google-native:compute/beta:SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigResponse": { "description": "Configuration options for L7 DDoS detection. This field is only supported in Global Security Policies of type CLOUD_ARMOR.", "properties": { "enable": { "type": "boolean", "description": "If set to true, enables CAAP for L7 DDoS detection. This field is only supported in Global Security Policies of type CLOUD_ARMOR." }, "ruleVisibility": { "type": "string", "description": "Rule visibility can be one of the following: STANDARD - opaque rules. (default) PREMIUM - transparent rules. This field is only supported in Global Security Policies of type CLOUD_ARMOR." }, "thresholdConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigResponse" }, "description": "Configuration options for layer7 adaptive protection for various customizable thresholds." } }, "type": "object", "required": [ "enable", "ruleVisibility", "thresholdConfigs" ] }, "google-native:compute/beta:SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigRuleVisibility": { "description": "Rule visibility can be one of the following: STANDARD - opaque rules. (default) PREMIUM - transparent rules. This field is only supported in Global Security Policies of type CLOUD_ARMOR.", "type": "string", "enum": [ { "name": "Premium", "value": "PREMIUM" }, { "name": "Standard", "value": "STANDARD" } ] }, "google-native:compute/beta:SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig": { "properties": { "autoDeployConfidenceThreshold": { "type": "number" }, "autoDeployExpirationSec": { "type": "integer" }, "autoDeployImpactedBaselineThreshold": { "type": "number" }, "autoDeployLoadThreshold": { "type": "number" }, "name": { "type": "string", "description": "The name must be 1-63 characters long, and comply with RFC1035. The name must be unique within the security policy." } }, "type": "object" }, "google-native:compute/beta:SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigResponse": { "properties": { "autoDeployConfidenceThreshold": { "type": "number" }, "autoDeployExpirationSec": { "type": "integer" }, "autoDeployImpactedBaselineThreshold": { "type": "number" }, "autoDeployLoadThreshold": { "type": "number" }, "name": { "type": "string", "description": "The name must be 1-63 characters long, and comply with RFC1035. The name must be unique within the security policy." } }, "type": "object", "required": [ "autoDeployConfidenceThreshold", "autoDeployExpirationSec", "autoDeployImpactedBaselineThreshold", "autoDeployLoadThreshold", "name" ] }, "google-native:compute/beta:SecurityPolicyAdaptiveProtectionConfigResponse": { "description": "Configuration options for Cloud Armor Adaptive Protection (CAAP).", "properties": { "autoDeployConfig": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyAdaptiveProtectionConfigAutoDeployConfigResponse" }, "layer7DdosDefenseConfig": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigResponse", "description": "If set to true, enables Cloud Armor Machine Learning." } }, "type": "object", "required": [ "autoDeployConfig", "layer7DdosDefenseConfig" ] }, "google-native:compute/beta:SecurityPolicyAdvancedOptionsConfig": { "properties": { "jsonCustomConfig": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyAdvancedOptionsConfigJsonCustomConfig", "description": "Custom configuration to apply the JSON parsing. Only applicable when json_parsing is set to STANDARD." }, "jsonParsing": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyAdvancedOptionsConfigJsonParsing" }, "logLevel": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyAdvancedOptionsConfigLogLevel" }, "userIpRequestHeaders": { "type": "array", "items": { "type": "string" }, "description": "An optional list of case-insensitive request header names to use for resolving the callers client IP address." } }, "type": "object" }, "google-native:compute/beta:SecurityPolicyAdvancedOptionsConfigJsonCustomConfig": { "properties": { "contentTypes": { "type": "array", "items": { "type": "string" }, "description": "A list of custom Content-Type header values to apply the JSON parsing. As per RFC 1341, a Content-Type header value has the following format: Content-Type := type \"/\" subtype *[\";\" parameter] When configuring a custom Content-Type header value, only the type/subtype needs to be specified, and the parameters should be excluded." } }, "type": "object" }, "google-native:compute/beta:SecurityPolicyAdvancedOptionsConfigJsonCustomConfigResponse": { "properties": { "contentTypes": { "type": "array", "items": { "type": "string" }, "description": "A list of custom Content-Type header values to apply the JSON parsing. As per RFC 1341, a Content-Type header value has the following format: Content-Type := type \"/\" subtype *[\";\" parameter] When configuring a custom Content-Type header value, only the type/subtype needs to be specified, and the parameters should be excluded." } }, "type": "object", "required": [ "contentTypes" ] }, "google-native:compute/beta:SecurityPolicyAdvancedOptionsConfigJsonParsing": { "type": "string", "enum": [ { "name": "Disabled", "value": "DISABLED" }, { "name": "Standard", "value": "STANDARD" }, { "name": "StandardWithGraphql", "value": "STANDARD_WITH_GRAPHQL" } ] }, "google-native:compute/beta:SecurityPolicyAdvancedOptionsConfigLogLevel": { "type": "string", "enum": [ { "name": "Normal", "value": "NORMAL" }, { "name": "Verbose", "value": "VERBOSE" } ] }, "google-native:compute/beta:SecurityPolicyAdvancedOptionsConfigResponse": { "properties": { "jsonCustomConfig": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyAdvancedOptionsConfigJsonCustomConfigResponse", "description": "Custom configuration to apply the JSON parsing. Only applicable when json_parsing is set to STANDARD." }, "jsonParsing": { "type": "string" }, "logLevel": { "type": "string" }, "userIpRequestHeaders": { "type": "array", "items": { "type": "string" }, "description": "An optional list of case-insensitive request header names to use for resolving the callers client IP address." } }, "type": "object", "required": [ "jsonCustomConfig", "jsonParsing", "logLevel", "userIpRequestHeaders" ] }, "google-native:compute/beta:SecurityPolicyAssociation": { "properties": { "attachmentId": { "type": "string", "description": "The resource that the security policy is attached to." }, "name": { "type": "string", "description": "The name for an association." } }, "type": "object" }, "google-native:compute/beta:SecurityPolicyAssociationResponse": { "properties": { "attachmentId": { "type": "string", "description": "The resource that the security policy is attached to." }, "displayName": { "type": "string", "description": "The display name of the security policy of the association." }, "name": { "type": "string", "description": "The name for an association." }, "securityPolicyId": { "type": "string", "description": "The security policy ID of the association." } }, "type": "object", "required": [ "attachmentId", "displayName", "name", "securityPolicyId" ] }, "google-native:compute/beta:SecurityPolicyDdosProtectionConfig": { "properties": { "ddosProtection": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyDdosProtectionConfigDdosProtection" } }, "type": "object" }, "google-native:compute/beta:SecurityPolicyDdosProtectionConfigDdosProtection": { "type": "string", "enum": [ { "name": "Advanced", "value": "ADVANCED" }, { "name": "AdvancedPreview", "value": "ADVANCED_PREVIEW" }, { "name": "Standard", "value": "STANDARD" } ] }, "google-native:compute/beta:SecurityPolicyDdosProtectionConfigResponse": { "properties": { "ddosProtection": { "type": "string" } }, "type": "object", "required": [ "ddosProtection" ] }, "google-native:compute/beta:SecurityPolicyRecaptchaOptionsConfig": { "properties": { "redirectSiteKey": { "type": "string", "description": "An optional field to supply a reCAPTCHA site key to be used for all the rules using the redirect action with the type of GOOGLE_RECAPTCHA under the security policy. The specified site key needs to be created from the reCAPTCHA API. The user is responsible for the validity of the specified site key. If not specified, a Google-managed site key is used. This field is only supported in Global Security Policies of type CLOUD_ARMOR." } }, "type": "object" }, "google-native:compute/beta:SecurityPolicyRecaptchaOptionsConfigResponse": { "properties": { "redirectSiteKey": { "type": "string", "description": "An optional field to supply a reCAPTCHA site key to be used for all the rules using the redirect action with the type of GOOGLE_RECAPTCHA under the security policy. The specified site key needs to be created from the reCAPTCHA API. The user is responsible for the validity of the specified site key. If not specified, a Google-managed site key is used. This field is only supported in Global Security Policies of type CLOUD_ARMOR." } }, "type": "object", "required": [ "redirectSiteKey" ] }, "google-native:compute/beta:SecurityPolicyRule": { "description": "Represents a rule that describes one or more match conditions along with the action to be taken when traffic matches this condition (allow or deny).", "properties": { "action": { "type": "string", "description": "The Action to perform when the rule is matched. The following are the valid actions: - allow: allow access to target. - deny(STATUS): deny access to target, returns the HTTP response code specified. Valid values for `STATUS` are 403, 404, and 502. - rate_based_ban: limit client traffic to the configured threshold and ban the client if the traffic exceeds the threshold. Configure parameters for this action in RateLimitOptions. Requires rate_limit_options to be set. - redirect: redirect to a different target. This can either be an internal reCAPTCHA redirect, or an external URL-based redirect via a 302 response. Parameters for this action can be configured via redirectOptions. This action is only supported in Global Security Policies of type CLOUD_ARMOR. - throttle: limit client traffic to the configured threshold. Configure parameters for this action in rateLimitOptions. Requires rate_limit_options to be set for this. " }, "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "direction": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleDirection", "description": "The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL." }, "enableLogging": { "type": "boolean", "description": "Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on \"goto_next\" rules. This field may only be specified when the versioned_expr is set to FIREWALL." }, "headerAction": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleHttpHeaderAction", "description": "Optional, additional actions that are performed on headers. This field is only supported in Global Security Policies of type CLOUD_ARMOR." }, "match": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleMatcher", "description": "A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced." }, "networkMatch": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleNetworkMatcher", "description": "A match condition that incoming packets are evaluated against for CLOUD_ARMOR_NETWORK security policies. If it matches, the corresponding 'action' is enforced. The match criteria for a rule consists of built-in match fields (like 'srcIpRanges') and potentially multiple user-defined match fields ('userDefinedFields'). Field values may be extracted directly from the packet or derived from it (e.g. 'srcRegionCodes'). Some fields may not be present in every packet (e.g. 'srcPorts'). A user-defined field is only present if the base header is found in the packet and the entire field is in bounds. Each match field may specify which values can match it, listing one or more ranges, prefixes, or exact values that are considered a match for the field. A field value must be present in order to match a specified match field. If no match values are specified for a match field, then any field value is considered to match it, and it's not required to be present. For strings specifying '*' is also equivalent to match all. For a packet to match a rule, all specified match fields must match the corresponding field values derived from the packet. Example: networkMatch: srcIpRanges: - \"192.0.2.0/24\" - \"198.51.100.0/24\" userDefinedFields: - name: \"ipv4_fragment_offset\" values: - \"1-0x1fff\" The above match condition matches packets with a source IP in 192.0.2.0/24 or 198.51.100.0/24 and a user-defined field named \"ipv4_fragment_offset\" with a value between 1 and 0x1fff inclusive." }, "preconfiguredWafConfig": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRulePreconfiguredWafConfig", "description": "Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect." }, "preview": { "type": "boolean", "description": "If set to true, the specified action is not enforced." }, "priority": { "type": "integer", "description": "An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority." }, "rateLimitOptions": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleRateLimitOptions", "description": "Must be specified if the action is \"rate_based_ban\" or \"throttle\". Cannot be specified for any other actions." }, "redirectOptions": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleRedirectOptions", "description": "Parameters defining the redirect action. Cannot be specified for any other actions. This field is only supported in Global Security Policies of type CLOUD_ARMOR." }, "ruleNumber": { "type": "string", "description": "Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server." }, "targetResources": { "type": "array", "items": { "type": "string" }, "description": "A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL." }, "targetServiceAccounts": { "type": "array", "items": { "type": "string" }, "description": "A list of service accounts indicating the sets of instances that are applied with this rule." } }, "type": "object" }, "google-native:compute/beta:SecurityPolicyRuleDirection": { "description": "The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL.", "type": "string", "enum": [ { "name": "Egress", "value": "EGRESS" }, { "name": "Ingress", "value": "INGRESS" } ] }, "google-native:compute/beta:SecurityPolicyRuleHttpHeaderAction": { "properties": { "requestHeadersToAdds": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleHttpHeaderActionHttpHeaderOption" }, "description": "The list of request headers to add or overwrite if they're already present." } }, "type": "object" }, "google-native:compute/beta:SecurityPolicyRuleHttpHeaderActionHttpHeaderOption": { "properties": { "headerName": { "type": "string", "description": "The name of the header to set." }, "headerValue": { "type": "string", "description": "The value to set the named header to." } }, "type": "object" }, "google-native:compute/beta:SecurityPolicyRuleHttpHeaderActionHttpHeaderOptionResponse": { "properties": { "headerName": { "type": "string", "description": "The name of the header to set." }, "headerValue": { "type": "string", "description": "The value to set the named header to." } }, "type": "object", "required": [ "headerName", "headerValue" ] }, "google-native:compute/beta:SecurityPolicyRuleHttpHeaderActionResponse": { "properties": { "requestHeadersToAdds": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleHttpHeaderActionHttpHeaderOptionResponse" }, "description": "The list of request headers to add or overwrite if they're already present." } }, "type": "object", "required": [ "requestHeadersToAdds" ] }, "google-native:compute/beta:SecurityPolicyRuleMatcher": { "description": "Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified.", "properties": { "config": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleMatcherConfig", "description": "The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified." }, "expr": { "$ref": "#/types/google-native:compute%2Fbeta:Expr", "description": "User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header. Expressions containing `evaluateThreatIntelligence` require Cloud Armor Managed Protection Plus tier and are not supported in Edge Policies nor in Regional Policies. Expressions containing `evaluatePreconfiguredExpr('sourceiplist-*')` require Cloud Armor Managed Protection Plus tier and are only supported in Global Security Policies." }, "exprOptions": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleMatcherExprOptions", "description": "The configuration options available when specifying a user defined CEVAL expression (i.e., 'expr')." }, "versionedExpr": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleMatcherVersionedExpr", "description": "Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config." } }, "type": "object" }, "google-native:compute/beta:SecurityPolicyRuleMatcherConfig": { "properties": { "destIpRanges": { "type": "array", "items": { "type": "string" }, "description": "CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL." }, "layer4Configs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleMatcherConfigLayer4Config" }, "description": "Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL." }, "srcIpRanges": { "type": "array", "items": { "type": "string" }, "description": "CIDR IP address range. Maximum number of src_ip_ranges allowed is 10." } }, "type": "object" }, "google-native:compute/beta:SecurityPolicyRuleMatcherConfigLayer4Config": { "properties": { "ipProtocol": { "type": "string", "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number." }, "ports": { "type": "array", "items": { "type": "string" }, "description": "An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"]. This field may only be specified when versioned_expr is set to FIREWALL." } }, "type": "object" }, "google-native:compute/beta:SecurityPolicyRuleMatcherConfigLayer4ConfigResponse": { "properties": { "ipProtocol": { "type": "string", "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number." }, "ports": { "type": "array", "items": { "type": "string" }, "description": "An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"]. This field may only be specified when versioned_expr is set to FIREWALL." } }, "type": "object", "required": [ "ipProtocol", "ports" ] }, "google-native:compute/beta:SecurityPolicyRuleMatcherConfigResponse": { "properties": { "destIpRanges": { "type": "array", "items": { "type": "string" }, "description": "CIDR IP address range. This field may only be specified when versioned_expr is set to FIREWALL." }, "layer4Configs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleMatcherConfigLayer4ConfigResponse" }, "description": "Pairs of IP protocols and ports that the rule should match. This field may only be specified when versioned_expr is set to FIREWALL." }, "srcIpRanges": { "type": "array", "items": { "type": "string" }, "description": "CIDR IP address range. Maximum number of src_ip_ranges allowed is 10." } }, "type": "object", "required": [ "destIpRanges", "layer4Configs", "srcIpRanges" ] }, "google-native:compute/beta:SecurityPolicyRuleMatcherExprOptions": { "properties": { "recaptchaOptions": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleMatcherExprOptionsRecaptchaOptions", "description": "reCAPTCHA configuration options to be applied for the rule. If the rule does not evaluate reCAPTCHA tokens, this field will have no effect." } }, "type": "object" }, "google-native:compute/beta:SecurityPolicyRuleMatcherExprOptionsRecaptchaOptions": { "properties": { "actionTokenSiteKeys": { "type": "array", "items": { "type": "string" }, "description": "A list of site keys to be used during the validation of reCAPTCHA action-tokens. The provided site keys need to be created from reCAPTCHA API under the same project where the security policy is created." }, "sessionTokenSiteKeys": { "type": "array", "items": { "type": "string" }, "description": "A list of site keys to be used during the validation of reCAPTCHA session-tokens. The provided site keys need to be created from reCAPTCHA API under the same project where the security policy is created." } }, "type": "object" }, "google-native:compute/beta:SecurityPolicyRuleMatcherExprOptionsRecaptchaOptionsResponse": { "properties": { "actionTokenSiteKeys": { "type": "array", "items": { "type": "string" }, "description": "A list of site keys to be used during the validation of reCAPTCHA action-tokens. The provided site keys need to be created from reCAPTCHA API under the same project where the security policy is created." }, "sessionTokenSiteKeys": { "type": "array", "items": { "type": "string" }, "description": "A list of site keys to be used during the validation of reCAPTCHA session-tokens. The provided site keys need to be created from reCAPTCHA API under the same project where the security policy is created." } }, "type": "object", "required": [ "actionTokenSiteKeys", "sessionTokenSiteKeys" ] }, "google-native:compute/beta:SecurityPolicyRuleMatcherExprOptionsResponse": { "properties": { "recaptchaOptions": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleMatcherExprOptionsRecaptchaOptionsResponse", "description": "reCAPTCHA configuration options to be applied for the rule. If the rule does not evaluate reCAPTCHA tokens, this field will have no effect." } }, "type": "object", "required": [ "recaptchaOptions" ] }, "google-native:compute/beta:SecurityPolicyRuleMatcherResponse": { "description": "Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified.", "properties": { "config": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleMatcherConfigResponse", "description": "The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified." }, "expr": { "$ref": "#/types/google-native:compute%2Fbeta:ExprResponse", "description": "User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header. Expressions containing `evaluateThreatIntelligence` require Cloud Armor Managed Protection Plus tier and are not supported in Edge Policies nor in Regional Policies. Expressions containing `evaluatePreconfiguredExpr('sourceiplist-*')` require Cloud Armor Managed Protection Plus tier and are only supported in Global Security Policies." }, "exprOptions": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleMatcherExprOptionsResponse", "description": "The configuration options available when specifying a user defined CEVAL expression (i.e., 'expr')." }, "versionedExpr": { "type": "string", "description": "Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config." } }, "type": "object", "required": [ "config", "expr", "exprOptions", "versionedExpr" ] }, "google-native:compute/beta:SecurityPolicyRuleMatcherVersionedExpr": { "description": "Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config.", "type": "string", "enum": [ { "name": "Firewall", "value": "FIREWALL" }, { "name": "SrcIpsV1", "description": "Matches the source IP address of a request to the IP ranges supplied in config.", "value": "SRC_IPS_V1" } ] }, "google-native:compute/beta:SecurityPolicyRuleNetworkMatcher": { "description": "Represents a match condition that incoming network traffic is evaluated against.", "properties": { "destIpRanges": { "type": "array", "items": { "type": "string" }, "description": "Destination IPv4/IPv6 addresses or CIDR prefixes, in standard text format." }, "destPorts": { "type": "array", "items": { "type": "string" }, "description": "Destination port numbers for TCP/UDP/SCTP. Each element can be a 16-bit unsigned decimal number (e.g. \"80\") or range (e.g. \"0-1023\")." }, "ipProtocols": { "type": "array", "items": { "type": "string" }, "description": "IPv4 protocol / IPv6 next header (after extension headers). Each element can be an 8-bit unsigned decimal number (e.g. \"6\"), range (e.g. \"253-254\"), or one of the following protocol names: \"tcp\", \"udp\", \"icmp\", \"esp\", \"ah\", \"ipip\", or \"sctp\"." }, "srcAsns": { "type": "array", "items": { "type": "integer" }, "description": "BGP Autonomous System Number associated with the source IP address." }, "srcIpRanges": { "type": "array", "items": { "type": "string" }, "description": "Source IPv4/IPv6 addresses or CIDR prefixes, in standard text format." }, "srcPorts": { "type": "array", "items": { "type": "string" }, "description": "Source port numbers for TCP/UDP/SCTP. Each element can be a 16-bit unsigned decimal number (e.g. \"80\") or range (e.g. \"0-1023\")." }, "srcRegionCodes": { "type": "array", "items": { "type": "string" }, "description": "Two-letter ISO 3166-1 alpha-2 country code associated with the source IP address." }, "userDefinedFields": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleNetworkMatcherUserDefinedFieldMatch" }, "description": "User-defined fields. Each element names a defined field and lists the matching values for that field." } }, "type": "object" }, "google-native:compute/beta:SecurityPolicyRuleNetworkMatcherResponse": { "description": "Represents a match condition that incoming network traffic is evaluated against.", "properties": { "destIpRanges": { "type": "array", "items": { "type": "string" }, "description": "Destination IPv4/IPv6 addresses or CIDR prefixes, in standard text format." }, "destPorts": { "type": "array", "items": { "type": "string" }, "description": "Destination port numbers for TCP/UDP/SCTP. Each element can be a 16-bit unsigned decimal number (e.g. \"80\") or range (e.g. \"0-1023\")." }, "ipProtocols": { "type": "array", "items": { "type": "string" }, "description": "IPv4 protocol / IPv6 next header (after extension headers). Each element can be an 8-bit unsigned decimal number (e.g. \"6\"), range (e.g. \"253-254\"), or one of the following protocol names: \"tcp\", \"udp\", \"icmp\", \"esp\", \"ah\", \"ipip\", or \"sctp\"." }, "srcAsns": { "type": "array", "items": { "type": "integer" }, "description": "BGP Autonomous System Number associated with the source IP address." }, "srcIpRanges": { "type": "array", "items": { "type": "string" }, "description": "Source IPv4/IPv6 addresses or CIDR prefixes, in standard text format." }, "srcPorts": { "type": "array", "items": { "type": "string" }, "description": "Source port numbers for TCP/UDP/SCTP. Each element can be a 16-bit unsigned decimal number (e.g. \"80\") or range (e.g. \"0-1023\")." }, "srcRegionCodes": { "type": "array", "items": { "type": "string" }, "description": "Two-letter ISO 3166-1 alpha-2 country code associated with the source IP address." }, "userDefinedFields": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleNetworkMatcherUserDefinedFieldMatchResponse" }, "description": "User-defined fields. Each element names a defined field and lists the matching values for that field." } }, "type": "object", "required": [ "destIpRanges", "destPorts", "ipProtocols", "srcAsns", "srcIpRanges", "srcPorts", "srcRegionCodes", "userDefinedFields" ] }, "google-native:compute/beta:SecurityPolicyRuleNetworkMatcherUserDefinedFieldMatch": { "properties": { "name": { "type": "string", "description": "Name of the user-defined field, as given in the definition." }, "values": { "type": "array", "items": { "type": "string" }, "description": "Matching values of the field. Each element can be a 32-bit unsigned decimal or hexadecimal (starting with \"0x\") number (e.g. \"64\") or range (e.g. \"0x400-0x7ff\")." } }, "type": "object" }, "google-native:compute/beta:SecurityPolicyRuleNetworkMatcherUserDefinedFieldMatchResponse": { "properties": { "name": { "type": "string", "description": "Name of the user-defined field, as given in the definition." }, "values": { "type": "array", "items": { "type": "string" }, "description": "Matching values of the field. Each element can be a 32-bit unsigned decimal or hexadecimal (starting with \"0x\") number (e.g. \"64\") or range (e.g. \"0x400-0x7ff\")." } }, "type": "object", "required": [ "name", "values" ] }, "google-native:compute/beta:SecurityPolicyRulePreconfiguredWafConfig": { "properties": { "exclusions": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRulePreconfiguredWafConfigExclusion" }, "description": "A list of exclusions to apply during preconfigured WAF evaluation." } }, "type": "object" }, "google-native:compute/beta:SecurityPolicyRulePreconfiguredWafConfigExclusion": { "properties": { "requestCookiesToExclude": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParams" }, "description": "A list of request cookie names whose value will be excluded from inspection during preconfigured WAF evaluation." }, "requestHeadersToExclude": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParams" }, "description": "A list of request header names whose value will be excluded from inspection during preconfigured WAF evaluation." }, "requestQueryParamsToExclude": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParams" }, "description": "A list of request query parameter names whose value will be excluded from inspection during preconfigured WAF evaluation. Note that the parameter can be in the query string or in the POST body." }, "requestUrisToExclude": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParams" }, "description": "A list of request URIs from the request line to be excluded from inspection during preconfigured WAF evaluation. When specifying this field, the query or fragment part should be excluded." }, "targetRuleIds": { "type": "array", "items": { "type": "string" }, "description": "A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. If omitted, it refers to all the rule IDs under the WAF rule set." }, "targetRuleSet": { "type": "string", "description": "Target WAF rule set to apply the preconfigured WAF exclusion." } }, "type": "object" }, "google-native:compute/beta:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParams": { "properties": { "op": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParamsOp", "description": "The match operator for the field." }, "val": { "type": "string", "description": "The value of the field." } }, "type": "object" }, "google-native:compute/beta:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParamsOp": { "description": "The match operator for the field.", "type": "string", "enum": [ { "name": "Contains", "description": "The operator matches if the field value contains the specified value.", "value": "CONTAINS" }, { "name": "EndsWith", "description": "The operator matches if the field value ends with the specified value.", "value": "ENDS_WITH" }, { "name": "Equals", "description": "The operator matches if the field value equals the specified value.", "value": "EQUALS" }, { "name": "EqualsAny", "description": "The operator matches if the field value is any value.", "value": "EQUALS_ANY" }, { "name": "StartsWith", "description": "The operator matches if the field value starts with the specified value.", "value": "STARTS_WITH" } ] }, "google-native:compute/beta:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParamsResponse": { "properties": { "op": { "type": "string", "description": "The match operator for the field." }, "val": { "type": "string", "description": "The value of the field." } }, "type": "object", "required": [ "op", "val" ] }, "google-native:compute/beta:SecurityPolicyRulePreconfiguredWafConfigExclusionResponse": { "properties": { "requestCookiesToExclude": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParamsResponse" }, "description": "A list of request cookie names whose value will be excluded from inspection during preconfigured WAF evaluation." }, "requestHeadersToExclude": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParamsResponse" }, "description": "A list of request header names whose value will be excluded from inspection during preconfigured WAF evaluation." }, "requestQueryParamsToExclude": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParamsResponse" }, "description": "A list of request query parameter names whose value will be excluded from inspection during preconfigured WAF evaluation. Note that the parameter can be in the query string or in the POST body." }, "requestUrisToExclude": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParamsResponse" }, "description": "A list of request URIs from the request line to be excluded from inspection during preconfigured WAF evaluation. When specifying this field, the query or fragment part should be excluded." }, "targetRuleIds": { "type": "array", "items": { "type": "string" }, "description": "A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. If omitted, it refers to all the rule IDs under the WAF rule set." }, "targetRuleSet": { "type": "string", "description": "Target WAF rule set to apply the preconfigured WAF exclusion." } }, "type": "object", "required": [ "requestCookiesToExclude", "requestHeadersToExclude", "requestQueryParamsToExclude", "requestUrisToExclude", "targetRuleIds", "targetRuleSet" ] }, "google-native:compute/beta:SecurityPolicyRulePreconfiguredWafConfigResponse": { "properties": { "exclusions": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRulePreconfiguredWafConfigExclusionResponse" }, "description": "A list of exclusions to apply during preconfigured WAF evaluation." } }, "type": "object", "required": [ "exclusions" ] }, "google-native:compute/beta:SecurityPolicyRuleRateLimitOptions": { "properties": { "banDurationSec": { "type": "integer", "description": "Can only be specified if the action for the rule is \"rate_based_ban\". If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold." }, "banThreshold": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleRateLimitOptionsThreshold", "description": "Can only be specified if the action for the rule is \"rate_based_ban\". If specified, the key will be banned for the configured 'ban_duration_sec' when the number of requests that exceed the 'rate_limit_threshold' also exceed this 'ban_threshold'." }, "conformAction": { "type": "string", "description": "Action to take for requests that are under the configured rate limit threshold. Valid option is \"allow\" only." }, "enforceOnKey": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleRateLimitOptionsEnforceOnKey", "description": "Determines the key to enforce the rate_limit_threshold on. Possible values are: - ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if \"enforceOnKey\" is not configured. - IP: The source IP address of the request is the key. Each IP has this limit enforced separately. - HTTP_HEADER: The value of the HTTP header whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. - XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. - HTTP_COOKIE: The value of the HTTP cookie whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. - HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. - SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. - REGION_CODE: The country/region from which the request originates. " }, "enforceOnKeyConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig" }, "description": "If specified, any combination of values of enforce_on_key_type/enforce_on_key_name is treated as the key on which ratelimit threshold/action is enforced. You can specify up to 3 enforce_on_key_configs. If enforce_on_key_configs is specified, enforce_on_key must not be specified." }, "enforceOnKeyName": { "type": "string", "description": "Rate limit key name applicable only for the following key types: HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value." }, "exceedAction": { "type": "string", "description": "Action to take for requests that are above the configured rate limit threshold, to either deny with a specified HTTP response code, or redirect to a different endpoint. Valid options are `deny(STATUS)`, where valid values for `STATUS` are 403, 404, 429, and 502, and `redirect`, where the redirect parameters come from `exceedRedirectOptions` below. The `redirect` action is only supported in Global Security Policies of type CLOUD_ARMOR." }, "exceedRedirectOptions": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleRedirectOptions", "description": "Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. This field is only supported in Global Security Policies of type CLOUD_ARMOR." }, "rateLimitThreshold": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleRateLimitOptionsThreshold", "description": "Threshold at which to begin ratelimiting." } }, "type": "object" }, "google-native:compute/beta:SecurityPolicyRuleRateLimitOptionsEnforceOnKey": { "description": "Determines the key to enforce the rate_limit_threshold on. Possible values are: - ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if \"enforceOnKey\" is not configured. - IP: The source IP address of the request is the key. Each IP has this limit enforced separately. - HTTP_HEADER: The value of the HTTP header whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. - XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. - HTTP_COOKIE: The value of the HTTP cookie whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. - HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. - SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. - REGION_CODE: The country/region from which the request originates. ", "type": "string", "enum": [ { "name": "All", "value": "ALL" }, { "name": "AllIps", "value": "ALL_IPS" }, { "name": "HttpCookie", "value": "HTTP_COOKIE" }, { "name": "HttpHeader", "value": "HTTP_HEADER" }, { "name": "HttpPath", "value": "HTTP_PATH" }, { "name": "Ip", "value": "IP" }, { "name": "RegionCode", "value": "REGION_CODE" }, { "name": "Sni", "value": "SNI" }, { "name": "XffIp", "value": "XFF_IP" } ] }, "google-native:compute/beta:SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig": { "properties": { "enforceOnKeyName": { "type": "string", "description": "Rate limit key name applicable only for the following key types: HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value." }, "enforceOnKeyType": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigEnforceOnKeyType", "description": "Determines the key to enforce the rate_limit_threshold on. Possible values are: - ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if \"enforceOnKeyConfigs\" is not configured. - IP: The source IP address of the request is the key. Each IP has this limit enforced separately. - HTTP_HEADER: The value of the HTTP header whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. - XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. - HTTP_COOKIE: The value of the HTTP cookie whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. - HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. - SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. - REGION_CODE: The country/region from which the request originates. " } }, "type": "object" }, "google-native:compute/beta:SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigEnforceOnKeyType": { "description": "Determines the key to enforce the rate_limit_threshold on. Possible values are: - ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if \"enforceOnKeyConfigs\" is not configured. - IP: The source IP address of the request is the key. Each IP has this limit enforced separately. - HTTP_HEADER: The value of the HTTP header whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. - XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. - HTTP_COOKIE: The value of the HTTP cookie whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. - HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. - SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. - REGION_CODE: The country/region from which the request originates. ", "type": "string", "enum": [ { "name": "All", "value": "ALL" }, { "name": "AllIps", "value": "ALL_IPS" }, { "name": "HttpCookie", "value": "HTTP_COOKIE" }, { "name": "HttpHeader", "value": "HTTP_HEADER" }, { "name": "HttpPath", "value": "HTTP_PATH" }, { "name": "Ip", "value": "IP" }, { "name": "RegionCode", "value": "REGION_CODE" }, { "name": "Sni", "value": "SNI" }, { "name": "XffIp", "value": "XFF_IP" } ] }, "google-native:compute/beta:SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigResponse": { "properties": { "enforceOnKeyName": { "type": "string", "description": "Rate limit key name applicable only for the following key types: HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value." }, "enforceOnKeyType": { "type": "string", "description": "Determines the key to enforce the rate_limit_threshold on. Possible values are: - ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if \"enforceOnKeyConfigs\" is not configured. - IP: The source IP address of the request is the key. Each IP has this limit enforced separately. - HTTP_HEADER: The value of the HTTP header whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. - XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. - HTTP_COOKIE: The value of the HTTP cookie whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. - HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. - SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. - REGION_CODE: The country/region from which the request originates. " } }, "type": "object", "required": [ "enforceOnKeyName", "enforceOnKeyType" ] }, "google-native:compute/beta:SecurityPolicyRuleRateLimitOptionsResponse": { "properties": { "banDurationSec": { "type": "integer", "description": "Can only be specified if the action for the rule is \"rate_based_ban\". If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold." }, "banThreshold": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleRateLimitOptionsThresholdResponse", "description": "Can only be specified if the action for the rule is \"rate_based_ban\". If specified, the key will be banned for the configured 'ban_duration_sec' when the number of requests that exceed the 'rate_limit_threshold' also exceed this 'ban_threshold'." }, "conformAction": { "type": "string", "description": "Action to take for requests that are under the configured rate limit threshold. Valid option is \"allow\" only." }, "enforceOnKey": { "type": "string", "description": "Determines the key to enforce the rate_limit_threshold on. Possible values are: - ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if \"enforceOnKey\" is not configured. - IP: The source IP address of the request is the key. Each IP has this limit enforced separately. - HTTP_HEADER: The value of the HTTP header whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. - XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. - HTTP_COOKIE: The value of the HTTP cookie whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. - HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. - SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. - REGION_CODE: The country/region from which the request originates. " }, "enforceOnKeyConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigResponse" }, "description": "If specified, any combination of values of enforce_on_key_type/enforce_on_key_name is treated as the key on which ratelimit threshold/action is enforced. You can specify up to 3 enforce_on_key_configs. If enforce_on_key_configs is specified, enforce_on_key must not be specified." }, "enforceOnKeyName": { "type": "string", "description": "Rate limit key name applicable only for the following key types: HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value." }, "exceedAction": { "type": "string", "description": "Action to take for requests that are above the configured rate limit threshold, to either deny with a specified HTTP response code, or redirect to a different endpoint. Valid options are `deny(STATUS)`, where valid values for `STATUS` are 403, 404, 429, and 502, and `redirect`, where the redirect parameters come from `exceedRedirectOptions` below. The `redirect` action is only supported in Global Security Policies of type CLOUD_ARMOR." }, "exceedRedirectOptions": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleRedirectOptionsResponse", "description": "Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. This field is only supported in Global Security Policies of type CLOUD_ARMOR." }, "rateLimitThreshold": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleRateLimitOptionsThresholdResponse", "description": "Threshold at which to begin ratelimiting." } }, "type": "object", "required": [ "banDurationSec", "banThreshold", "conformAction", "enforceOnKey", "enforceOnKeyConfigs", "enforceOnKeyName", "exceedAction", "exceedRedirectOptions", "rateLimitThreshold" ] }, "google-native:compute/beta:SecurityPolicyRuleRateLimitOptionsThreshold": { "properties": { "count": { "type": "integer", "description": "Number of HTTP(S) requests for calculating the threshold." }, "intervalSec": { "type": "integer", "description": "Interval over which the threshold is computed." } }, "type": "object" }, "google-native:compute/beta:SecurityPolicyRuleRateLimitOptionsThresholdResponse": { "properties": { "count": { "type": "integer", "description": "Number of HTTP(S) requests for calculating the threshold." }, "intervalSec": { "type": "integer", "description": "Interval over which the threshold is computed." } }, "type": "object", "required": [ "count", "intervalSec" ] }, "google-native:compute/beta:SecurityPolicyRuleRedirectOptions": { "properties": { "target": { "type": "string", "description": "Target for the redirect action. This is required if the type is EXTERNAL_302 and cannot be specified for GOOGLE_RECAPTCHA." }, "type": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleRedirectOptionsType", "description": "Type of the redirect action." } }, "type": "object" }, "google-native:compute/beta:SecurityPolicyRuleRedirectOptionsResponse": { "properties": { "target": { "type": "string", "description": "Target for the redirect action. This is required if the type is EXTERNAL_302 and cannot be specified for GOOGLE_RECAPTCHA." }, "type": { "type": "string", "description": "Type of the redirect action." } }, "type": "object", "required": [ "target", "type" ] }, "google-native:compute/beta:SecurityPolicyRuleRedirectOptionsType": { "description": "Type of the redirect action.", "type": "string", "enum": [ { "name": "External302", "value": "EXTERNAL_302" }, { "name": "GoogleRecaptcha", "value": "GOOGLE_RECAPTCHA" } ] }, "google-native:compute/beta:SecurityPolicyRuleResponse": { "description": "Represents a rule that describes one or more match conditions along with the action to be taken when traffic matches this condition (allow or deny).", "properties": { "action": { "type": "string", "description": "The Action to perform when the rule is matched. The following are the valid actions: - allow: allow access to target. - deny(STATUS): deny access to target, returns the HTTP response code specified. Valid values for `STATUS` are 403, 404, and 502. - rate_based_ban: limit client traffic to the configured threshold and ban the client if the traffic exceeds the threshold. Configure parameters for this action in RateLimitOptions. Requires rate_limit_options to be set. - redirect: redirect to a different target. This can either be an internal reCAPTCHA redirect, or an external URL-based redirect via a 302 response. Parameters for this action can be configured via redirectOptions. This action is only supported in Global Security Policies of type CLOUD_ARMOR. - throttle: limit client traffic to the configured threshold. Configure parameters for this action in rateLimitOptions. Requires rate_limit_options to be set for this. " }, "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "direction": { "type": "string", "description": "The direction in which this rule applies. This field may only be specified when versioned_expr is set to FIREWALL." }, "enableLogging": { "type": "boolean", "description": "Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on \"goto_next\" rules. This field may only be specified when the versioned_expr is set to FIREWALL." }, "headerAction": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleHttpHeaderActionResponse", "description": "Optional, additional actions that are performed on headers. This field is only supported in Global Security Policies of type CLOUD_ARMOR." }, "kind": { "type": "string", "description": "[Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules" }, "match": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleMatcherResponse", "description": "A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced." }, "networkMatch": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleNetworkMatcherResponse", "description": "A match condition that incoming packets are evaluated against for CLOUD_ARMOR_NETWORK security policies. If it matches, the corresponding 'action' is enforced. The match criteria for a rule consists of built-in match fields (like 'srcIpRanges') and potentially multiple user-defined match fields ('userDefinedFields'). Field values may be extracted directly from the packet or derived from it (e.g. 'srcRegionCodes'). Some fields may not be present in every packet (e.g. 'srcPorts'). A user-defined field is only present if the base header is found in the packet and the entire field is in bounds. Each match field may specify which values can match it, listing one or more ranges, prefixes, or exact values that are considered a match for the field. A field value must be present in order to match a specified match field. If no match values are specified for a match field, then any field value is considered to match it, and it's not required to be present. For strings specifying '*' is also equivalent to match all. For a packet to match a rule, all specified match fields must match the corresponding field values derived from the packet. Example: networkMatch: srcIpRanges: - \"192.0.2.0/24\" - \"198.51.100.0/24\" userDefinedFields: - name: \"ipv4_fragment_offset\" values: - \"1-0x1fff\" The above match condition matches packets with a source IP in 192.0.2.0/24 or 198.51.100.0/24 and a user-defined field named \"ipv4_fragment_offset\" with a value between 1 and 0x1fff inclusive." }, "preconfiguredWafConfig": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRulePreconfiguredWafConfigResponse", "description": "Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect." }, "preview": { "type": "boolean", "description": "If set to true, the specified action is not enforced." }, "priority": { "type": "integer", "description": "An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority." }, "rateLimitOptions": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleRateLimitOptionsResponse", "description": "Must be specified if the action is \"rate_based_ban\" or \"throttle\". Cannot be specified for any other actions." }, "redirectOptions": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyRuleRedirectOptionsResponse", "description": "Parameters defining the redirect action. Cannot be specified for any other actions. This field is only supported in Global Security Policies of type CLOUD_ARMOR." }, "ruleNumber": { "type": "string", "description": "Identifier for the rule. This is only unique within the given security policy. This can only be set during rule creation, if rule number is not specified it will be generated by the server." }, "ruleTupleCount": { "type": "integer", "description": "Calculation of the complexity of a single firewall security policy rule." }, "targetResources": { "type": "array", "items": { "type": "string" }, "description": "A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule. This field may only be specified when versioned_expr is set to FIREWALL." }, "targetServiceAccounts": { "type": "array", "items": { "type": "string" }, "description": "A list of service accounts indicating the sets of instances that are applied with this rule." } }, "type": "object", "required": [ "action", "description", "direction", "enableLogging", "headerAction", "kind", "match", "networkMatch", "preconfiguredWafConfig", "preview", "priority", "rateLimitOptions", "redirectOptions", "ruleNumber", "ruleTupleCount", "targetResources", "targetServiceAccounts" ] }, "google-native:compute/beta:SecurityPolicyType": { "description": "The type indicates the intended use of the security policy. - CLOUD_ARMOR: Cloud Armor backend security policies can be configured to filter incoming HTTP requests targeting backend services. They filter requests before they hit the origin servers. - CLOUD_ARMOR_EDGE: Cloud Armor edge security policies can be configured to filter incoming HTTP requests targeting backend services (including Cloud CDN-enabled) as well as backend buckets (Cloud Storage). They filter requests before the request is served from Google's cache. - CLOUD_ARMOR_INTERNAL_SERVICE: Cloud Armor internal service policies can be configured to filter HTTP requests targeting services managed by Traffic Director in a service mesh. They filter requests before the request is served from the application. - CLOUD_ARMOR_NETWORK: Cloud Armor network policies can be configured to filter packets targeting network load balancing resources such as backend services, target pools, target instances, and instances with external IPs. They filter requests before the request is served from the application. This field can be set only at resource creation time.", "type": "string", "enum": [ { "name": "CloudArmor", "value": "CLOUD_ARMOR" }, { "name": "CloudArmorEdge", "value": "CLOUD_ARMOR_EDGE" }, { "name": "CloudArmorNetwork", "value": "CLOUD_ARMOR_NETWORK" }, { "name": "Firewall", "value": "FIREWALL" } ] }, "google-native:compute/beta:SecurityPolicyUserDefinedField": { "properties": { "base": { "$ref": "#/types/google-native:compute%2Fbeta:SecurityPolicyUserDefinedFieldBase", "description": "The base relative to which 'offset' is measured. Possible values are: - IPV4: Points to the beginning of the IPv4 header. - IPV6: Points to the beginning of the IPv6 header. - TCP: Points to the beginning of the TCP header, skipping over any IPv4 options or IPv6 extension headers. Not present for non-first fragments. - UDP: Points to the beginning of the UDP header, skipping over any IPv4 options or IPv6 extension headers. Not present for non-first fragments. required" }, "mask": { "type": "string", "description": "If specified, apply this mask (bitwise AND) to the field to ignore bits before matching. Encoded as a hexadecimal number (starting with \"0x\"). The last byte of the field (in network byte order) corresponds to the least significant byte of the mask." }, "name": { "type": "string", "description": "The name of this field. Must be unique within the policy." }, "offset": { "type": "integer", "description": "Offset of the first byte of the field (in network byte order) relative to 'base'." }, "size": { "type": "integer", "description": "Size of the field in bytes. Valid values: 1-4." } }, "type": "object" }, "google-native:compute/beta:SecurityPolicyUserDefinedFieldBase": { "description": "The base relative to which 'offset' is measured. Possible values are: - IPV4: Points to the beginning of the IPv4 header. - IPV6: Points to the beginning of the IPv6 header. - TCP: Points to the beginning of the TCP header, skipping over any IPv4 options or IPv6 extension headers. Not present for non-first fragments. - UDP: Points to the beginning of the UDP header, skipping over any IPv4 options or IPv6 extension headers. Not present for non-first fragments. required", "type": "string", "enum": [ { "name": "Ipv4", "value": "IPV4" }, { "name": "Ipv6", "value": "IPV6" }, { "name": "Tcp", "value": "TCP" }, { "name": "Udp", "value": "UDP" } ] }, "google-native:compute/beta:SecurityPolicyUserDefinedFieldResponse": { "properties": { "base": { "type": "string", "description": "The base relative to which 'offset' is measured. Possible values are: - IPV4: Points to the beginning of the IPv4 header. - IPV6: Points to the beginning of the IPv6 header. - TCP: Points to the beginning of the TCP header, skipping over any IPv4 options or IPv6 extension headers. Not present for non-first fragments. - UDP: Points to the beginning of the UDP header, skipping over any IPv4 options or IPv6 extension headers. Not present for non-first fragments. required" }, "mask": { "type": "string", "description": "If specified, apply this mask (bitwise AND) to the field to ignore bits before matching. Encoded as a hexadecimal number (starting with \"0x\"). The last byte of the field (in network byte order) corresponds to the least significant byte of the mask." }, "name": { "type": "string", "description": "The name of this field. Must be unique within the policy." }, "offset": { "type": "integer", "description": "Offset of the first byte of the field (in network byte order) relative to 'base'." }, "size": { "type": "integer", "description": "Size of the field in bytes. Valid values: 1-4." } }, "type": "object", "required": [ "base", "mask", "name", "offset", "size" ] }, "google-native:compute/beta:SecuritySettings": { "description": "The authentication and authorization settings for a BackendService.", "properties": { "authentication": { "type": "string", "description": "[Deprecated] Use clientTlsPolicy instead.", "deprecationMessage": "[Deprecated] Use clientTlsPolicy instead." }, "awsV4Authentication": { "$ref": "#/types/google-native:compute%2Fbeta:AWSV4Signature", "description": "The configuration needed to generate a signature for access to private storage buckets that support AWS's Signature Version 4 for authentication. Allowed only for INTERNET_IP_PORT and INTERNET_FQDN_PORT NEG backends." }, "clientTlsPolicy": { "type": "string", "description": "Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted." }, "subjectAltNames": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode)." } }, "type": "object" }, "google-native:compute/beta:SecuritySettingsResponse": { "description": "The authentication and authorization settings for a BackendService.", "properties": { "authentication": { "type": "string", "description": "[Deprecated] Use clientTlsPolicy instead.", "deprecationMessage": "[Deprecated] Use clientTlsPolicy instead." }, "awsV4Authentication": { "$ref": "#/types/google-native:compute%2Fbeta:AWSV4SignatureResponse", "description": "The configuration needed to generate a signature for access to private storage buckets that support AWS's Signature Version 4 for authentication. Allowed only for INTERNET_IP_PORT and INTERNET_FQDN_PORT NEG backends." }, "clientTlsPolicy": { "type": "string", "description": "Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted." }, "subjectAltNames": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode)." } }, "type": "object", "required": [ "authentication", "awsV4Authentication", "clientTlsPolicy", "subjectAltNames" ] }, "google-native:compute/beta:ServerBinding": { "properties": { "type": { "$ref": "#/types/google-native:compute%2Fbeta:ServerBindingType" } }, "type": "object" }, "google-native:compute/beta:ServerBindingResponse": { "properties": { "type": { "type": "string" } }, "type": "object", "required": [ "type" ] }, "google-native:compute/beta:ServerBindingType": { "type": "string", "enum": [ { "name": "RestartNodeOnAnyServer", "description": "Node may associate with any physical server over its lifetime.", "value": "RESTART_NODE_ON_ANY_SERVER" }, { "name": "RestartNodeOnMinimalServers", "description": "Node may associate with minimal physical servers over its lifetime.", "value": "RESTART_NODE_ON_MINIMAL_SERVERS" }, { "name": "ServerBindingTypeUnspecified", "value": "SERVER_BINDING_TYPE_UNSPECIFIED" } ] }, "google-native:compute/beta:ServiceAccount": { "description": "A service account.", "properties": { "email": { "type": "string", "description": "Email address of the service account." }, "scopes": { "type": "array", "items": { "type": "string" }, "description": "The list of scopes to be made available for this service account." } }, "type": "object" }, "google-native:compute/beta:ServiceAccountResponse": { "description": "A service account.", "properties": { "email": { "type": "string", "description": "Email address of the service account." }, "scopes": { "type": "array", "items": { "type": "string" }, "description": "The list of scopes to be made available for this service account." } }, "type": "object", "required": [ "email", "scopes" ] }, "google-native:compute/beta:ServiceAttachmentConnectedEndpointResponse": { "description": "[Output Only] A connection connected to this service attachment.", "properties": { "consumerNetwork": { "type": "string", "description": "The url of the consumer network." }, "endpoint": { "type": "string", "description": "The url of a connected endpoint." }, "pscConnectionId": { "type": "string", "description": "The PSC connection id of the connected endpoint." }, "status": { "type": "string", "description": "The status of a connected endpoint to this service attachment." } }, "type": "object", "required": [ "consumerNetwork", "endpoint", "pscConnectionId", "status" ] }, "google-native:compute/beta:ServiceAttachmentConnectionPreference": { "description": "The connection preference of service attachment. The value can be set to ACCEPT_AUTOMATIC. An ACCEPT_AUTOMATIC service attachment is one that always accepts the connection from consumer forwarding rules.", "type": "string", "enum": [ { "name": "AcceptAutomatic", "value": "ACCEPT_AUTOMATIC" }, { "name": "AcceptManual", "value": "ACCEPT_MANUAL" }, { "name": "ConnectionPreferenceUnspecified", "value": "CONNECTION_PREFERENCE_UNSPECIFIED" } ] }, "google-native:compute/beta:ServiceAttachmentConsumerProjectLimit": { "properties": { "connectionLimit": { "type": "integer", "description": "The value of the limit to set." }, "networkUrl": { "type": "string", "description": "The network URL for the network to set the limit for." }, "projectIdOrNum": { "type": "string", "description": "The project id or number for the project to set the limit for." } }, "type": "object" }, "google-native:compute/beta:ServiceAttachmentConsumerProjectLimitResponse": { "properties": { "connectionLimit": { "type": "integer", "description": "The value of the limit to set." }, "networkUrl": { "type": "string", "description": "The network URL for the network to set the limit for." }, "projectIdOrNum": { "type": "string", "description": "The project id or number for the project to set the limit for." } }, "type": "object", "required": [ "connectionLimit", "networkUrl", "projectIdOrNum" ] }, "google-native:compute/beta:ServiceAttachmentTunnelingConfig": { "description": "Use to configure this PSC connection in tunneling mode. In tunneling mode traffic from consumer to producer will be encapsulated as it crosses the VPC boundary and traffic from producer to consumer will be decapsulated in the same manner.", "properties": { "encapsulationProfile": { "$ref": "#/types/google-native:compute%2Fbeta:ServiceAttachmentTunnelingConfigEncapsulationProfile", "description": "Specify the encapsulation protocol and what metadata to include in incoming encapsulated packet headers." }, "routingMode": { "$ref": "#/types/google-native:compute%2Fbeta:ServiceAttachmentTunnelingConfigRoutingMode", "description": "How this Service Attachment will treat traffic sent to the tunnel_ip, destined for the consumer network." } }, "type": "object" }, "google-native:compute/beta:ServiceAttachmentTunnelingConfigEncapsulationProfile": { "description": "Specify the encapsulation protocol and what metadata to include in incoming encapsulated packet headers.", "type": "string", "enum": [ { "name": "GeneveSecurityV1", "description": "Use GENEVE encapsulation protocol and include the SECURITY_V1 set of GENEVE headers.", "value": "GENEVE_SECURITY_V1" }, { "name": "UnspecifiedEncapsulationProfile", "value": "UNSPECIFIED_ENCAPSULATION_PROFILE" } ] }, "google-native:compute/beta:ServiceAttachmentTunnelingConfigResponse": { "description": "Use to configure this PSC connection in tunneling mode. In tunneling mode traffic from consumer to producer will be encapsulated as it crosses the VPC boundary and traffic from producer to consumer will be decapsulated in the same manner.", "properties": { "encapsulationProfile": { "type": "string", "description": "Specify the encapsulation protocol and what metadata to include in incoming encapsulated packet headers." }, "routingMode": { "type": "string", "description": "How this Service Attachment will treat traffic sent to the tunnel_ip, destined for the consumer network." } }, "type": "object", "required": [ "encapsulationProfile", "routingMode" ] }, "google-native:compute/beta:ServiceAttachmentTunnelingConfigRoutingMode": { "description": "How this Service Attachment will treat traffic sent to the tunnel_ip, destined for the consumer network.", "type": "string", "enum": [ { "name": "PacketInjection", "description": "Traffic sent to this service attachment will be reinjected into the consumer network.", "value": "PACKET_INJECTION" }, { "name": "StandardRouting", "description": "Response traffic, after de-encapsulation, will be returned to the client.", "value": "STANDARD_ROUTING" }, { "name": "UnspecifiedRoutingMode", "value": "UNSPECIFIED_ROUTING_MODE" } ] }, "google-native:compute/beta:ShareSettings": { "description": "The share setting for reservations and sole tenancy node groups.", "properties": { "projectMap": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of project id and project config. This is only valid when share_type's value is SPECIFIC_PROJECTS." }, "projects": { "type": "array", "items": { "type": "string" }, "description": "A List of Project names to specify consumer projects for this shared-reservation. This is only valid when share_type's value is SPECIFIC_PROJECTS." }, "shareType": { "$ref": "#/types/google-native:compute%2Fbeta:ShareSettingsShareType", "description": "Type of sharing for this shared-reservation" } }, "type": "object" }, "google-native:compute/beta:ShareSettingsResponse": { "description": "The share setting for reservations and sole tenancy node groups.", "properties": { "projectMap": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of project id and project config. This is only valid when share_type's value is SPECIFIC_PROJECTS." }, "projects": { "type": "array", "items": { "type": "string" }, "description": "A List of Project names to specify consumer projects for this shared-reservation. This is only valid when share_type's value is SPECIFIC_PROJECTS." }, "shareType": { "type": "string", "description": "Type of sharing for this shared-reservation" } }, "type": "object", "required": [ "projectMap", "projects", "shareType" ] }, "google-native:compute/beta:ShareSettingsShareType": { "description": "Type of sharing for this shared-reservation", "type": "string", "enum": [ { "name": "Local", "description": "Default value.", "value": "LOCAL" }, { "name": "Organization", "description": "Shared-reservation is open to entire Organization", "value": "ORGANIZATION" }, { "name": "ShareTypeUnspecified", "description": "Default value. This value is unused.", "value": "SHARE_TYPE_UNSPECIFIED" }, { "name": "SpecificProjects", "description": "Shared-reservation is open to specific projects", "value": "SPECIFIC_PROJECTS" } ] }, "google-native:compute/beta:ShieldedInstanceConfig": { "description": "A set of Shielded Instance options.", "properties": { "enableIntegrityMonitoring": { "type": "boolean", "description": "Defines whether the instance has integrity monitoring enabled. Enabled by default." }, "enableSecureBoot": { "type": "boolean", "description": "Defines whether the instance has Secure Boot enabled. Disabled by default." }, "enableVtpm": { "type": "boolean", "description": "Defines whether the instance has the vTPM enabled. Enabled by default." } }, "type": "object" }, "google-native:compute/beta:ShieldedInstanceConfigResponse": { "description": "A set of Shielded Instance options.", "properties": { "enableIntegrityMonitoring": { "type": "boolean", "description": "Defines whether the instance has integrity monitoring enabled. Enabled by default." }, "enableSecureBoot": { "type": "boolean", "description": "Defines whether the instance has Secure Boot enabled. Disabled by default." }, "enableVtpm": { "type": "boolean", "description": "Defines whether the instance has the vTPM enabled. Enabled by default." } }, "type": "object", "required": [ "enableIntegrityMonitoring", "enableSecureBoot", "enableVtpm" ] }, "google-native:compute/beta:ShieldedInstanceIntegrityPolicy": { "description": "The policy describes the baseline against which Instance boot integrity is measured.", "properties": { "updateAutoLearnPolicy": { "type": "boolean", "description": "Updates the integrity policy baseline using the measurements from the VM instance's most recent boot." } }, "type": "object" }, "google-native:compute/beta:ShieldedInstanceIntegrityPolicyResponse": { "description": "The policy describes the baseline against which Instance boot integrity is measured.", "properties": { "updateAutoLearnPolicy": { "type": "boolean", "description": "Updates the integrity policy baseline using the measurements from the VM instance's most recent boot." } }, "type": "object", "required": [ "updateAutoLearnPolicy" ] }, "google-native:compute/beta:ShieldedVmConfig": { "description": "A set of Shielded VM options.", "properties": { "enableIntegrityMonitoring": { "type": "boolean", "description": "Defines whether the instance has integrity monitoring enabled." }, "enableSecureBoot": { "type": "boolean", "description": "Defines whether the instance has Secure Boot enabled." }, "enableVtpm": { "type": "boolean", "description": "Defines whether the instance has the vTPM enabled." } }, "type": "object" }, "google-native:compute/beta:ShieldedVmConfigResponse": { "description": "A set of Shielded VM options.", "properties": { "enableIntegrityMonitoring": { "type": "boolean", "description": "Defines whether the instance has integrity monitoring enabled." }, "enableSecureBoot": { "type": "boolean", "description": "Defines whether the instance has Secure Boot enabled." }, "enableVtpm": { "type": "boolean", "description": "Defines whether the instance has the vTPM enabled." } }, "type": "object", "required": [ "enableIntegrityMonitoring", "enableSecureBoot", "enableVtpm" ] }, "google-native:compute/beta:ShieldedVmIntegrityPolicy": { "description": "The policy describes the baseline against which VM instance boot integrity is measured.", "properties": { "updateAutoLearnPolicy": { "type": "boolean", "description": "Updates the integrity policy baseline using the measurements from the VM instance's most recent boot." } }, "type": "object" }, "google-native:compute/beta:ShieldedVmIntegrityPolicyResponse": { "description": "The policy describes the baseline against which VM instance boot integrity is measured.", "properties": { "updateAutoLearnPolicy": { "type": "boolean", "description": "Updates the integrity policy baseline using the measurements from the VM instance's most recent boot." } }, "type": "object", "required": [ "updateAutoLearnPolicy" ] }, "google-native:compute/beta:SnapshotSnapshotType": { "description": "Indicates the type of the snapshot.", "type": "string", "enum": [ { "name": "Archive", "value": "ARCHIVE" }, { "name": "Standard", "value": "STANDARD" } ] }, "google-native:compute/beta:SourceDiskEncryptionKey": { "properties": { "diskEncryptionKey": { "$ref": "#/types/google-native:compute%2Fbeta:CustomerEncryptionKey", "description": "The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key." }, "sourceDisk": { "type": "string", "description": "URL of the disk attached to the source instance. This can be a full or valid partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk " } }, "type": "object" }, "google-native:compute/beta:SourceDiskEncryptionKeyResponse": { "properties": { "diskEncryptionKey": { "$ref": "#/types/google-native:compute%2Fbeta:CustomerEncryptionKeyResponse", "description": "The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key." }, "sourceDisk": { "type": "string", "description": "URL of the disk attached to the source instance. This can be a full or valid partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk " } }, "type": "object", "required": [ "diskEncryptionKey", "sourceDisk" ] }, "google-native:compute/beta:SourceInstanceParams": { "description": "A specification of the parameters to use when creating the instance template from a source instance.", "properties": { "diskConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:DiskInstantiationConfig" }, "description": "Attached disks configuration. If not provided, defaults are applied: For boot disk and any other R/W disks, the source images for each disk will be used. For read-only disks, they will be attached in read-only mode. Local SSD disks will be created as blank volumes." } }, "type": "object" }, "google-native:compute/beta:SourceInstanceParamsResponse": { "description": "A specification of the parameters to use when creating the instance template from a source instance.", "properties": { "diskConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:DiskInstantiationConfigResponse" }, "description": "Attached disks configuration. If not provided, defaults are applied: For boot disk and any other R/W disks, the source images for each disk will be used. For read-only disks, they will be attached in read-only mode. Local SSD disks will be created as blank volumes." } }, "type": "object", "required": [ "diskConfigs" ] }, "google-native:compute/beta:SourceInstancePropertiesResponse": { "description": "DEPRECATED: Please use compute#instanceProperties instead. New properties will not be added to this field.", "properties": { "canIpForward": { "type": "boolean", "description": "Enables instances created based on this machine image to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information." }, "deletionProtection": { "type": "boolean", "description": "Whether the instance created from this machine image should be protected against deletion." }, "description": { "type": "string", "description": "An optional text description for the instances that are created from this machine image." }, "disks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:SavedAttachedDiskResponse" }, "description": "An array of disks that are associated with the instances that are created from this machine image." }, "guestAccelerators": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:AcceleratorConfigResponse" }, "description": "A list of guest accelerator cards' type and count to use for instances created from this machine image." }, "keyRevocationActionType": { "type": "string", "description": "KeyRevocationActionType of the instance. Supported options are \"STOP\" and \"NONE\". The default value is \"NONE\" if it is not specified." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels to apply to instances that are created from this machine image." }, "machineType": { "type": "string", "description": "The machine type to use for instances that are created from this machine image." }, "metadata": { "$ref": "#/types/google-native:compute%2Fbeta:MetadataResponse", "description": "The metadata key/value pairs to assign to instances that are created from this machine image. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information." }, "minCpuPlatform": { "type": "string", "description": "Minimum cpu/platform to be used by instances created from this machine image. The instance may be scheduled on the specified or newer cpu/platform. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: \"Intel Haswell\" or minCpuPlatform: \"Intel Sandy Bridge\". For more information, read Specifying a Minimum CPU Platform." }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:NetworkInterfaceResponse" }, "description": "An array of network access configurations for this interface." }, "postKeyRevocationActionType": { "type": "string", "description": "PostKeyRevocationActionType of the instance." }, "scheduling": { "$ref": "#/types/google-native:compute%2Fbeta:SchedulingResponse", "description": "Specifies the scheduling options for the instances that are created from this machine image." }, "serviceAccounts": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:ServiceAccountResponse" }, "description": "A list of service accounts with specified scopes. Access tokens for these service accounts are available to the instances that are created from this machine image. Use metadata queries to obtain the access tokens for these instances." }, "tags": { "$ref": "#/types/google-native:compute%2Fbeta:TagsResponse", "description": "A list of tags to apply to the instances that are created from this machine image. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035." } }, "type": "object", "required": [ "canIpForward", "deletionProtection", "description", "disks", "guestAccelerators", "keyRevocationActionType", "labels", "machineType", "metadata", "minCpuPlatform", "networkInterfaces", "postKeyRevocationActionType", "scheduling", "serviceAccounts", "tags" ] }, "google-native:compute/beta:SslCertificateManagedSslCertificate": { "description": "Configuration and status of a managed SSL certificate.", "properties": { "domains": { "type": "array", "items": { "type": "string" }, "description": "The domains for which a managed SSL certificate will be generated. Each Google-managed SSL certificate supports up to the [maximum number of domains per Google-managed SSL certificate](/load-balancing/docs/quotas#ssl_certificates)." } }, "type": "object" }, "google-native:compute/beta:SslCertificateManagedSslCertificateResponse": { "description": "Configuration and status of a managed SSL certificate.", "properties": { "domainStatus": { "type": "object", "additionalProperties": { "type": "string" }, "description": "[Output only] Detailed statuses of the domains specified for managed certificate resource." }, "domains": { "type": "array", "items": { "type": "string" }, "description": "The domains for which a managed SSL certificate will be generated. Each Google-managed SSL certificate supports up to the [maximum number of domains per Google-managed SSL certificate](/load-balancing/docs/quotas#ssl_certificates)." }, "status": { "type": "string", "description": "[Output only] Status of the managed certificate resource." } }, "type": "object", "required": [ "domainStatus", "domains", "status" ] }, "google-native:compute/beta:SslCertificateSelfManagedSslCertificate": { "description": "Configuration and status of a self-managed SSL certificate.", "properties": { "certificate": { "type": "string", "description": "A local certificate file. The certificate must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert." }, "privateKey": { "type": "string", "description": "A write-only private key in PEM format. Only insert requests will include this field." } }, "type": "object" }, "google-native:compute/beta:SslCertificateSelfManagedSslCertificateResponse": { "description": "Configuration and status of a self-managed SSL certificate.", "properties": { "certificate": { "type": "string", "description": "A local certificate file. The certificate must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert." }, "privateKey": { "type": "string", "description": "A write-only private key in PEM format. Only insert requests will include this field." } }, "type": "object", "required": [ "certificate", "privateKey" ] }, "google-native:compute/beta:SslCertificateType": { "description": "(Optional) Specifies the type of SSL certificate, either \"SELF_MANAGED\" or \"MANAGED\". If not specified, the certificate is self-managed and the fields certificate and private_key are used.", "type": "string", "enum": [ { "name": "Managed", "description": "Google-managed SSLCertificate.", "value": "MANAGED" }, { "name": "SelfManaged", "description": "Certificate uploaded by user.", "value": "SELF_MANAGED" }, { "name": "TypeUnspecified", "value": "TYPE_UNSPECIFIED" } ] }, "google-native:compute/beta:SslPolicyMinTlsVersion": { "description": "The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. This can be one of TLS_1_0, TLS_1_1, TLS_1_2.", "type": "string", "enum": [ { "name": "Tls10", "description": "TLS 1.0", "value": "TLS_1_0" }, { "name": "Tls11", "description": "TLS 1.1", "value": "TLS_1_1" }, { "name": "Tls12", "description": "TLS 1.2", "value": "TLS_1_2" } ] }, "google-native:compute/beta:SslPolicyProfile": { "description": "Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one of COMPATIBLE, MODERN, RESTRICTED, or CUSTOM. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field.", "type": "string", "enum": [ { "name": "Compatible", "description": "Compatible profile. Allows the broadset set of clients, even those which support only out-of-date SSL features to negotiate with the load balancer.", "value": "COMPATIBLE" }, { "name": "Custom", "description": "Custom profile. Allow only the set of allowed SSL features specified in the customFeatures field.", "value": "CUSTOM" }, { "name": "Modern", "description": "Modern profile. Supports a wide set of SSL features, allowing modern clients to negotiate SSL with the load balancer.", "value": "MODERN" }, { "name": "Restricted", "description": "Restricted profile. Supports a reduced set of SSL features, intended to meet stricter compliance requirements.", "value": "RESTRICTED" } ] }, "google-native:compute/beta:SslPolicyWarningsItemDataItemResponse": { "properties": { "key": { "type": "string", "description": "A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)." }, "value": { "type": "string", "description": "A warning data value corresponding to the key." } }, "type": "object", "required": [ "key", "value" ] }, "google-native:compute/beta:SslPolicyWarningsItemResponse": { "properties": { "code": { "type": "string", "description": "A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response." }, "data": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:SslPolicyWarningsItemDataItemResponse" }, "description": "Metadata about this warning in key: value format. For example: \"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" } " }, "message": { "type": "string", "description": "A human-readable description of the warning code." } }, "type": "object", "required": [ "code", "data", "message" ] }, "google-native:compute/beta:StatefulPolicy": { "properties": { "preservedState": { "$ref": "#/types/google-native:compute%2Fbeta:StatefulPolicyPreservedState" } }, "type": "object" }, "google-native:compute/beta:StatefulPolicyPreservedState": { "description": "Configuration of preserved resources.", "properties": { "disks": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Disks created on the instances that will be preserved on instance delete, update, etc. This map is keyed with the device names of the disks." }, "externalIPs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "External network IPs assigned to the instances that will be preserved on instance delete, update, etc. This map is keyed with the network interface name." }, "internalIPs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Internal network IPs assigned to the instances that will be preserved on instance delete, update, etc. This map is keyed with the network interface name." } }, "type": "object" }, "google-native:compute/beta:StatefulPolicyPreservedStateResponse": { "description": "Configuration of preserved resources.", "properties": { "disks": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Disks created on the instances that will be preserved on instance delete, update, etc. This map is keyed with the device names of the disks." }, "externalIPs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "External network IPs assigned to the instances that will be preserved on instance delete, update, etc. This map is keyed with the network interface name." }, "internalIPs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Internal network IPs assigned to the instances that will be preserved on instance delete, update, etc. This map is keyed with the network interface name." } }, "type": "object", "required": [ "disks", "externalIPs", "internalIPs" ] }, "google-native:compute/beta:StatefulPolicyResponse": { "properties": { "preservedState": { "$ref": "#/types/google-native:compute%2Fbeta:StatefulPolicyPreservedStateResponse" } }, "type": "object", "required": [ "preservedState" ] }, "google-native:compute/beta:SubnetworkIpv6AccessType": { "description": "The access type of IPv6 address this subnet holds. It's immutable and can only be specified during creation or the first time the subnet is updated into IPV4_IPV6 dual stack.", "type": "string", "enum": [ { "name": "External", "description": "VMs on this subnet will be assigned IPv6 addresses that are accessible via the Internet, as well as the VPC network.", "value": "EXTERNAL" }, { "name": "Internal", "description": "VMs on this subnet will be assigned IPv6 addresses that are only accessible over the VPC network.", "value": "INTERNAL" } ] }, "google-native:compute/beta:SubnetworkLogConfig": { "description": "The available logging options for this subnetwork.", "properties": { "aggregationInterval": { "$ref": "#/types/google-native:compute%2Fbeta:SubnetworkLogConfigAggregationInterval", "description": "Can only be specified if VPC flow logging for this subnetwork is enabled. Toggles the aggregation interval for collecting flow logs. Increasing the interval time will reduce the amount of generated flow logs for long lasting connections. Default is an interval of 5 seconds per connection." }, "enable": { "type": "boolean", "description": "Whether to enable flow logging for this subnetwork. If this field is not explicitly set, it will not appear in get listings. If not set the default behavior is determined by the org policy, if there is no org policy specified, then it will default to disabled. Flow logging isn't supported if the subnet purpose field is set to REGIONAL_MANAGED_PROXY." }, "filterExpr": { "type": "string", "description": "Can only be specified if VPC flow logs for this subnetwork is enabled. The filter expression is used to define which VPC flow logs should be exported to Cloud Logging." }, "flowSampling": { "type": "number", "description": "Can only be specified if VPC flow logging for this subnetwork is enabled. The value of the field must be in [0, 1]. Set the sampling rate of VPC flow logs within the subnetwork where 1.0 means all collected logs are reported and 0.0 means no logs are reported. Default is 0.5 unless otherwise specified by the org policy, which means half of all collected logs are reported." }, "metadata": { "$ref": "#/types/google-native:compute%2Fbeta:SubnetworkLogConfigMetadata", "description": "Can only be specified if VPC flow logs for this subnetwork is enabled. Configures whether all, none or a subset of metadata fields should be added to the reported VPC flow logs. Default is EXCLUDE_ALL_METADATA." }, "metadataFields": { "type": "array", "items": { "type": "string" }, "description": "Can only be specified if VPC flow logs for this subnetwork is enabled and \"metadata\" was set to CUSTOM_METADATA." } }, "type": "object" }, "google-native:compute/beta:SubnetworkLogConfigAggregationInterval": { "description": "Can only be specified if VPC flow logging for this subnetwork is enabled. Toggles the aggregation interval for collecting flow logs. Increasing the interval time will reduce the amount of generated flow logs for long lasting connections. Default is an interval of 5 seconds per connection.", "type": "string", "enum": [ { "name": "Interval10Min", "value": "INTERVAL_10_MIN" }, { "name": "Interval15Min", "value": "INTERVAL_15_MIN" }, { "name": "Interval1Min", "value": "INTERVAL_1_MIN" }, { "name": "Interval30Sec", "value": "INTERVAL_30_SEC" }, { "name": "Interval5Min", "value": "INTERVAL_5_MIN" }, { "name": "Interval5Sec", "value": "INTERVAL_5_SEC" } ] }, "google-native:compute/beta:SubnetworkLogConfigMetadata": { "description": "Can only be specified if VPC flow logs for this subnetwork is enabled. Configures whether all, none or a subset of metadata fields should be added to the reported VPC flow logs. Default is EXCLUDE_ALL_METADATA.", "type": "string", "enum": [ { "name": "CustomMetadata", "value": "CUSTOM_METADATA" }, { "name": "ExcludeAllMetadata", "value": "EXCLUDE_ALL_METADATA" }, { "name": "IncludeAllMetadata", "value": "INCLUDE_ALL_METADATA" } ] }, "google-native:compute/beta:SubnetworkLogConfigResponse": { "description": "The available logging options for this subnetwork.", "properties": { "aggregationInterval": { "type": "string", "description": "Can only be specified if VPC flow logging for this subnetwork is enabled. Toggles the aggregation interval for collecting flow logs. Increasing the interval time will reduce the amount of generated flow logs for long lasting connections. Default is an interval of 5 seconds per connection." }, "enable": { "type": "boolean", "description": "Whether to enable flow logging for this subnetwork. If this field is not explicitly set, it will not appear in get listings. If not set the default behavior is determined by the org policy, if there is no org policy specified, then it will default to disabled. Flow logging isn't supported if the subnet purpose field is set to REGIONAL_MANAGED_PROXY." }, "filterExpr": { "type": "string", "description": "Can only be specified if VPC flow logs for this subnetwork is enabled. The filter expression is used to define which VPC flow logs should be exported to Cloud Logging." }, "flowSampling": { "type": "number", "description": "Can only be specified if VPC flow logging for this subnetwork is enabled. The value of the field must be in [0, 1]. Set the sampling rate of VPC flow logs within the subnetwork where 1.0 means all collected logs are reported and 0.0 means no logs are reported. Default is 0.5 unless otherwise specified by the org policy, which means half of all collected logs are reported." }, "metadata": { "type": "string", "description": "Can only be specified if VPC flow logs for this subnetwork is enabled. Configures whether all, none or a subset of metadata fields should be added to the reported VPC flow logs. Default is EXCLUDE_ALL_METADATA." }, "metadataFields": { "type": "array", "items": { "type": "string" }, "description": "Can only be specified if VPC flow logs for this subnetwork is enabled and \"metadata\" was set to CUSTOM_METADATA." } }, "type": "object", "required": [ "aggregationInterval", "enable", "filterExpr", "flowSampling", "metadata", "metadataFields" ] }, "google-native:compute/beta:SubnetworkPrivateIpv6GoogleAccess": { "description": "This field is for internal use. This field can be both set at resource creation time and updated using patch.", "type": "string", "enum": [ { "name": "DisableGoogleAccess", "description": "Disable private IPv6 access to/from Google services.", "value": "DISABLE_GOOGLE_ACCESS" }, { "name": "EnableBidirectionalAccessToGoogle", "description": "Bidirectional private IPv6 access to/from Google services.", "value": "ENABLE_BIDIRECTIONAL_ACCESS_TO_GOOGLE" }, { "name": "EnableOutboundVmAccessToGoogle", "description": "Outbound private IPv6 access from VMs in this subnet to Google services.", "value": "ENABLE_OUTBOUND_VM_ACCESS_TO_GOOGLE" } ] }, "google-native:compute/beta:SubnetworkPurpose": { "description": "The purpose of the resource. This field can be either PRIVATE, REGIONAL_MANAGED_PROXY, PRIVATE_SERVICE_CONNECT, or INTERNAL_HTTPS_LOAD_BALANCER. PRIVATE is the default purpose for user-created subnets or subnets that are automatically created in auto mode networks. A subnet with purpose set to REGIONAL_MANAGED_PROXY is a user-created subnetwork that is reserved for regional Envoy-based load balancers. A subnet with purpose set to PRIVATE_SERVICE_CONNECT is used to publish services using Private Service Connect. A subnet with purpose set to INTERNAL_HTTPS_LOAD_BALANCER is a proxy-only subnet that can be used only by regional internal HTTP(S) load balancers. Note that REGIONAL_MANAGED_PROXY is the preferred setting for all regional Envoy load balancers. If unspecified, the subnet purpose defaults to PRIVATE. The enableFlowLogs field isn't supported if the subnet purpose field is set to REGIONAL_MANAGED_PROXY.", "type": "string", "enum": [ { "name": "GlobalManagedProxy", "description": "Subnet reserved for Global Envoy-based Load Balancing.", "value": "GLOBAL_MANAGED_PROXY" }, { "name": "InternalHttpsLoadBalancer", "description": "Subnet reserved for Internal HTTP(S) Load Balancing.", "value": "INTERNAL_HTTPS_LOAD_BALANCER" }, { "name": "Private", "description": "Regular user created or automatically created subnet.", "value": "PRIVATE" }, { "name": "PrivateNat", "description": "Subnetwork used as source range for Private NAT Gateways.", "value": "PRIVATE_NAT" }, { "name": "PrivateRfc1918", "description": "Regular user created or automatically created subnet.", "value": "PRIVATE_RFC_1918" }, { "name": "PrivateServiceConnect", "description": "Subnetworks created for Private Service Connect in the producer network.", "value": "PRIVATE_SERVICE_CONNECT" }, { "name": "RegionalManagedProxy", "description": "Subnetwork used for Regional Envoy-based Load Balancing.", "value": "REGIONAL_MANAGED_PROXY" } ] }, "google-native:compute/beta:SubnetworkRole": { "description": "The role of subnetwork. Currently, this field is only used when purpose = REGIONAL_MANAGED_PROXY. The value can be set to ACTIVE or BACKUP. An ACTIVE subnetwork is one that is currently being used for Envoy-based load balancers in a region. A BACKUP subnetwork is one that is ready to be promoted to ACTIVE or is currently draining. This field can be updated with a patch request.", "type": "string", "enum": [ { "name": "Active", "description": "The ACTIVE subnet that is currently used.", "value": "ACTIVE" }, { "name": "Backup", "description": "The BACKUP subnet that could be promoted to ACTIVE.", "value": "BACKUP" } ] }, "google-native:compute/beta:SubnetworkSecondaryRange": { "description": "Represents a secondary IP range of a subnetwork.", "properties": { "ipCidrRange": { "type": "string", "description": "The range of IP addresses belonging to this subnetwork secondary range. Provide this property when you create the subnetwork. Ranges must be unique and non-overlapping with all primary and secondary IP ranges within a network. Only IPv4 is supported. The range can be any range listed in the Valid ranges list." }, "rangeName": { "type": "string", "description": "The name associated with this subnetwork secondary range, used when adding an alias IP range to a VM instance. The name must be 1-63 characters long, and comply with RFC1035. The name must be unique within the subnetwork." }, "reservedInternalRange": { "type": "string", "description": "The URL of the reserved internal range." } }, "type": "object" }, "google-native:compute/beta:SubnetworkSecondaryRangeResponse": { "description": "Represents a secondary IP range of a subnetwork.", "properties": { "ipCidrRange": { "type": "string", "description": "The range of IP addresses belonging to this subnetwork secondary range. Provide this property when you create the subnetwork. Ranges must be unique and non-overlapping with all primary and secondary IP ranges within a network. Only IPv4 is supported. The range can be any range listed in the Valid ranges list." }, "rangeName": { "type": "string", "description": "The name associated with this subnetwork secondary range, used when adding an alias IP range to a VM instance. The name must be 1-63 characters long, and comply with RFC1035. The name must be unique within the subnetwork." }, "reservedInternalRange": { "type": "string", "description": "The URL of the reserved internal range." } }, "type": "object", "required": [ "ipCidrRange", "rangeName", "reservedInternalRange" ] }, "google-native:compute/beta:SubnetworkStackType": { "description": "The stack type for the subnet. If set to IPV4_ONLY, new VMs in the subnet are assigned IPv4 addresses only. If set to IPV4_IPV6, new VMs in the subnet can be assigned both IPv4 and IPv6 addresses. If not specified, IPV4_ONLY is used. This field can be both set at resource creation time and updated using patch.", "type": "string", "enum": [ { "name": "Ipv4Ipv6", "description": "New VMs in this subnet can have both IPv4 and IPv6 addresses.", "value": "IPV4_IPV6" }, { "name": "Ipv4Only", "description": "New VMs in this subnet will only be assigned IPv4 addresses.", "value": "IPV4_ONLY" } ] }, "google-native:compute/beta:Subsetting": { "description": "Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.", "properties": { "policy": { "$ref": "#/types/google-native:compute%2Fbeta:SubsettingPolicy" }, "subsetSize": { "type": "integer", "description": "The number of backends per backend group assigned to each proxy instance or each service mesh client. An input parameter to the `CONSISTENT_HASH_SUBSETTING` algorithm. Can only be set if `policy` is set to `CONSISTENT_HASH_SUBSETTING`. Can only be set if load balancing scheme is `INTERNAL_MANAGED` or `INTERNAL_SELF_MANAGED`. `subset_size` is optional for Internal HTTP(S) load balancing and required for Traffic Director. If you do not provide this value, Cloud Load Balancing will calculate it dynamically to optimize the number of proxies/clients visible to each backend and vice versa. Must be greater than 0. If `subset_size` is larger than the number of backends/endpoints, then subsetting is disabled." } }, "type": "object" }, "google-native:compute/beta:SubsettingPolicy": { "type": "string", "enum": [ { "name": "ConsistentHashSubsetting", "description": "Subsetting based on consistent hashing. For Traffic Director, the number of backends per backend group (the subset size) is based on the `subset_size` parameter. For Internal HTTP(S) load balancing, the number of backends per backend group (the subset size) is dynamically adjusted in two cases: - As the number of proxy instances participating in Internal HTTP(S) load balancing increases, the subset size decreases. - When the total number of backends in a network exceeds the capacity of a single proxy instance, subset sizes are reduced automatically for each service that has backend subsetting enabled.", "value": "CONSISTENT_HASH_SUBSETTING" }, { "name": "None", "description": "No Subsetting. Clients may open connections and send traffic to all backends of this backend service. This can lead to performance issues if there is substantial imbalance in the count of clients and backends.", "value": "NONE" } ] }, "google-native:compute/beta:SubsettingResponse": { "description": "Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.", "properties": { "policy": { "type": "string" }, "subsetSize": { "type": "integer", "description": "The number of backends per backend group assigned to each proxy instance or each service mesh client. An input parameter to the `CONSISTENT_HASH_SUBSETTING` algorithm. Can only be set if `policy` is set to `CONSISTENT_HASH_SUBSETTING`. Can only be set if load balancing scheme is `INTERNAL_MANAGED` or `INTERNAL_SELF_MANAGED`. `subset_size` is optional for Internal HTTP(S) load balancing and required for Traffic Director. If you do not provide this value, Cloud Load Balancing will calculate it dynamically to optimize the number of proxies/clients visible to each backend and vice versa. Must be greater than 0. If `subset_size` is larger than the number of backends/endpoints, then subsetting is disabled." } }, "type": "object", "required": [ "policy", "subsetSize" ] }, "google-native:compute/beta:TCPHealthCheck": { "properties": { "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. The default value is 80. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "$ref": "#/types/google-native:compute%2Fbeta:TCPHealthCheckPortSpecification", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." }, "proxyHeader": { "$ref": "#/types/google-native:compute%2Fbeta:TCPHealthCheckProxyHeader", "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE." }, "request": { "type": "string", "description": "Instructs the health check prober to send this exact ASCII string, up to 1024 bytes in length, after establishing the TCP connection." }, "response": { "type": "string", "description": "Creates a content-based TCP health check. In addition to establishing a TCP connection, you can configure the health check to pass only when the backend sends this exact response ASCII string, up to 1024 bytes in length. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#criteria-protocol-ssl-tcp" } }, "type": "object" }, "google-native:compute/beta:TCPHealthCheckPortSpecification": { "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports.", "type": "string", "enum": [ { "name": "UseFixedPort", "description": "The port number in the health check's port is used for health checking. Applies to network endpoint group and instance group backends.", "value": "USE_FIXED_PORT" }, { "name": "UseNamedPort", "description": "Not supported.", "value": "USE_NAMED_PORT" }, { "name": "UseServingPort", "description": "For network endpoint group backends, the health check uses the port number specified on each endpoint in the network endpoint group. For instance group backends, the health check uses the port number specified for the backend service's named port defined in the instance group's named ports.", "value": "USE_SERVING_PORT" } ] }, "google-native:compute/beta:TCPHealthCheckProxyHeader": { "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.", "type": "string", "enum": [ { "name": "None", "value": "NONE" }, { "name": "ProxyV1", "value": "PROXY_V1" } ] }, "google-native:compute/beta:TCPHealthCheckResponse": { "properties": { "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. The default value is 80. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "type": "string", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." }, "proxyHeader": { "type": "string", "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE." }, "request": { "type": "string", "description": "Instructs the health check prober to send this exact ASCII string, up to 1024 bytes in length, after establishing the TCP connection." }, "response": { "type": "string", "description": "Creates a content-based TCP health check. In addition to establishing a TCP connection, you can configure the health check to pass only when the backend sends this exact response ASCII string, up to 1024 bytes in length. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#criteria-protocol-ssl-tcp" } }, "type": "object", "required": [ "port", "portName", "portSpecification", "proxyHeader", "request", "response" ] }, "google-native:compute/beta:Tags": { "description": "A set of instance tags.", "properties": { "items": { "type": "array", "items": { "type": "string" }, "description": "An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035." } }, "type": "object" }, "google-native:compute/beta:TagsResponse": { "description": "A set of instance tags.", "properties": { "fingerprint": { "type": "string", "description": "Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance." }, "items": { "type": "array", "items": { "type": "string" }, "description": "An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035." } }, "type": "object", "required": [ "fingerprint", "items" ] }, "google-native:compute/beta:TargetHttpsProxyQuicOverride": { "description": "Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE. - When quic-override is set to NONE, Google manages whether QUIC is used. - When quic-override is set to ENABLE, the load balancer uses QUIC when possible. - When quic-override is set to DISABLE, the load balancer doesn't use QUIC. - If the quic-override flag is not specified, NONE is implied. ", "type": "string", "enum": [ { "name": "Disable", "description": "The load balancer will not attempt to negotiate QUIC with clients.", "value": "DISABLE" }, { "name": "Enable", "description": "The load balancer will attempt to negotiate QUIC with clients.", "value": "ENABLE" }, { "name": "None", "description": "No overrides to the default QUIC policy. This option is implicit if no QUIC override has been specified in the request.", "value": "NONE" } ] }, "google-native:compute/beta:TargetInstanceNatPolicy": { "description": "Must have a value of NO_NAT. Protocol forwarding delivers packets while preserving the destination IP address of the forwarding rule referencing the target instance.", "type": "string", "enum": [ { "name": "NoNat", "description": "No NAT performed.", "value": "NO_NAT" } ] }, "google-native:compute/beta:TargetPoolSessionAffinity": { "description": "Session affinity option, must be one of the following values: NONE: Connections from the same client IP may go to any instance in the pool. CLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy. CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.", "type": "string", "enum": [ { "name": "ClientIp", "description": "2-tuple hash on packet's source and destination IP addresses. Connections from the same source IP address to the same destination IP address will be served by the same backend VM while that VM remains healthy.", "value": "CLIENT_IP" }, { "name": "ClientIpNoDestination", "description": "1-tuple hash only on packet's source IP address. Connections from the same source IP address will be served by the same backend VM while that VM remains healthy. This option can only be used for Internal TCP/UDP Load Balancing.", "value": "CLIENT_IP_NO_DESTINATION" }, { "name": "ClientIpPortProto", "description": "5-tuple hash on packet's source and destination IP addresses, IP protocol, and source and destination ports. Connections for the same IP protocol from the same source IP address and port to the same destination IP address and port will be served by the same backend VM while that VM remains healthy. This option cannot be used for HTTP(S) load balancing.", "value": "CLIENT_IP_PORT_PROTO" }, { "name": "ClientIpProto", "description": "3-tuple hash on packet's source and destination IP addresses, and IP protocol. Connections for the same IP protocol from the same source IP address to the same destination IP address will be served by the same backend VM while that VM remains healthy. This option cannot be used for HTTP(S) load balancing.", "value": "CLIENT_IP_PROTO" }, { "name": "GeneratedCookie", "description": "Hash based on a cookie generated by the L7 loadbalancer. Only valid for HTTP(S) load balancing.", "value": "GENERATED_COOKIE" }, { "name": "HeaderField", "description": "The hash is based on a user specified header field.", "value": "HEADER_FIELD" }, { "name": "HttpCookie", "description": "The hash is based on a user provided cookie.", "value": "HTTP_COOKIE" }, { "name": "None", "description": "No session affinity. Connections from the same client IP may go to any instance in the pool.", "value": "NONE" } ] }, "google-native:compute/beta:TargetSslProxyProxyHeader": { "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.", "type": "string", "enum": [ { "name": "None", "value": "NONE" }, { "name": "ProxyV1", "value": "PROXY_V1" } ] }, "google-native:compute/beta:TargetTcpProxyProxyHeader": { "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.", "type": "string", "enum": [ { "name": "None", "value": "NONE" }, { "name": "ProxyV1", "value": "PROXY_V1" } ] }, "google-native:compute/beta:Uint128Response": { "properties": { "high": { "type": "string" }, "low": { "type": "string" } }, "type": "object", "required": [ "high", "low" ] }, "google-native:compute/beta:UpcomingMaintenanceResponse": { "description": "Upcoming Maintenance notification information.", "properties": { "canReschedule": { "type": "boolean", "description": "Indicates if the maintenance can be customer triggered." }, "latestWindowStartTime": { "type": "string", "description": "The latest time for the planned maintenance window to start. This timestamp value is in RFC3339 text format." }, "maintenanceStatus": { "type": "string" }, "type": { "type": "string", "description": "Defines the type of maintenance." }, "windowEndTime": { "type": "string", "description": "The time by which the maintenance disruption will be completed. This timestamp value is in RFC3339 text format." }, "windowStartTime": { "type": "string", "description": "The current start time of the maintenance window. This timestamp value is in RFC3339 text format." } }, "type": "object", "required": [ "canReschedule", "latestWindowStartTime", "maintenanceStatus", "type", "windowEndTime", "windowStartTime" ] }, "google-native:compute/beta:UrlMapTest": { "description": "Message for the expected URL mappings.", "properties": { "description": { "type": "string", "description": "Description of this test case." }, "expectedOutputUrl": { "type": "string", "description": "The expected output URL evaluated by the load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by the load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to HTTPS. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified." }, "expectedRedirectResponseCode": { "type": "integer", "description": "For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set." }, "headers": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:UrlMapTestHeader" }, "description": "HTTP headers for this request. If headers contains a host header, then host must also match the header value." }, "host": { "type": "string", "description": "Host portion of the URL. If headers contains a host header, then host must also match the header value." }, "path": { "type": "string", "description": "Path portion of the URL." }, "service": { "type": "string", "description": "Expected BackendService or BackendBucket resource the given URL should be mapped to. The service field cannot be set if expectedRedirectResponseCode is set." } }, "type": "object" }, "google-native:compute/beta:UrlMapTestHeader": { "description": "HTTP headers used in UrlMapTests.", "properties": { "name": { "type": "string", "description": "Header name." }, "value": { "type": "string", "description": "Header value." } }, "type": "object" }, "google-native:compute/beta:UrlMapTestHeaderResponse": { "description": "HTTP headers used in UrlMapTests.", "properties": { "name": { "type": "string", "description": "Header name." }, "value": { "type": "string", "description": "Header value." } }, "type": "object", "required": [ "name", "value" ] }, "google-native:compute/beta:UrlMapTestResponse": { "description": "Message for the expected URL mappings.", "properties": { "description": { "type": "string", "description": "Description of this test case." }, "expectedOutputUrl": { "type": "string", "description": "The expected output URL evaluated by the load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by the load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to HTTPS. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified." }, "expectedRedirectResponseCode": { "type": "integer", "description": "For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set." }, "headers": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fbeta:UrlMapTestHeaderResponse" }, "description": "HTTP headers for this request. If headers contains a host header, then host must also match the header value." }, "host": { "type": "string", "description": "Host portion of the URL. If headers contains a host header, then host must also match the header value." }, "path": { "type": "string", "description": "Path portion of the URL." }, "service": { "type": "string", "description": "Expected BackendService or BackendBucket resource the given URL should be mapped to. The service field cannot be set if expectedRedirectResponseCode is set." } }, "type": "object", "required": [ "description", "expectedOutputUrl", "expectedRedirectResponseCode", "headers", "host", "path", "service" ] }, "google-native:compute/beta:UrlRewrite": { "description": "The spec for modifying the path before sending the request to the matched backend service.", "properties": { "hostRewrite": { "type": "string", "description": "Before forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be from 1 to 255 characters." }, "pathPrefixRewrite": { "type": "string", "description": "Before forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be from 1 to 1024 characters." }, "pathTemplateRewrite": { "type": "string", "description": " If specified, the pattern rewrites the URL path (based on the :path header) using the HTTP template syntax. A corresponding path_template_match must be specified. Any template variables must exist in the path_template_match field. - -At least one variable must be specified in the path_template_match field - You can omit variables from the rewritten URL - The * and ** operators cannot be matched unless they have a corresponding variable name - e.g. {format=*} or {var=**}. For example, a path_template_match of /static/{format=**} could be rewritten as /static/content/{format} to prefix /content to the URL. Variables can also be re-ordered in a rewrite, so that /{country}/{format}/{suffix=**} can be rewritten as /content/{format}/{country}/{suffix}. At least one non-empty routeRules[].matchRules[].path_template_match is required. Only one of path_prefix_rewrite or path_template_rewrite may be specified." } }, "type": "object" }, "google-native:compute/beta:UrlRewriteResponse": { "description": "The spec for modifying the path before sending the request to the matched backend service.", "properties": { "hostRewrite": { "type": "string", "description": "Before forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be from 1 to 255 characters." }, "pathPrefixRewrite": { "type": "string", "description": "Before forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be from 1 to 1024 characters." }, "pathTemplateRewrite": { "type": "string", "description": " If specified, the pattern rewrites the URL path (based on the :path header) using the HTTP template syntax. A corresponding path_template_match must be specified. Any template variables must exist in the path_template_match field. - -At least one variable must be specified in the path_template_match field - You can omit variables from the rewritten URL - The * and ** operators cannot be matched unless they have a corresponding variable name - e.g. {format=*} or {var=**}. For example, a path_template_match of /static/{format=**} could be rewritten as /static/content/{format} to prefix /content to the URL. Variables can also be re-ordered in a rewrite, so that /{country}/{format}/{suffix=**} can be rewritten as /content/{format}/{country}/{suffix}. At least one non-empty routeRules[].matchRules[].path_template_match is required. Only one of path_prefix_rewrite or path_template_rewrite may be specified." } }, "type": "object", "required": [ "hostRewrite", "pathPrefixRewrite", "pathTemplateRewrite" ] }, "google-native:compute/beta:VpnGatewayGatewayIpVersion": { "description": "The IP family of the gateway IPs for the HA-VPN gateway interfaces. If not specified, IPV4 will be used.", "type": "string", "enum": [ { "name": "Ipv4", "description": "Every HA-VPN gateway interface is configured with an IPv4 address.", "value": "IPV4" }, { "name": "Ipv6", "description": "Every HA-VPN gateway interface is configured with an IPv6 address.", "value": "IPV6" } ] }, "google-native:compute/beta:VpnGatewayStackType": { "description": "The stack type for this VPN gateway to identify the IP protocols that are enabled. Possible values are: IPV4_ONLY, IPV4_IPV6. If not specified, IPV4_ONLY will be used.", "type": "string", "enum": [ { "name": "Ipv4Ipv6", "description": "Enable VPN gateway with both IPv4 and IPv6 protocols.", "value": "IPV4_IPV6" }, { "name": "Ipv4Only", "description": "Enable VPN gateway with only IPv4 protocol.", "value": "IPV4_ONLY" } ] }, "google-native:compute/beta:VpnGatewayVpnGatewayInterface": { "description": "A VPN gateway interface.", "properties": { "interconnectAttachment": { "type": "string", "description": "URL of the VLAN attachment (interconnectAttachment) resource for this VPN gateway interface. When the value of this field is present, the VPN gateway is used for HA VPN over Cloud Interconnect; all egress or ingress traffic for this VPN gateway interface goes through the specified VLAN attachment resource." } }, "type": "object" }, "google-native:compute/beta:VpnGatewayVpnGatewayInterfaceResponse": { "description": "A VPN gateway interface.", "properties": { "interconnectAttachment": { "type": "string", "description": "URL of the VLAN attachment (interconnectAttachment) resource for this VPN gateway interface. When the value of this field is present, the VPN gateway is used for HA VPN over Cloud Interconnect; all egress or ingress traffic for this VPN gateway interface goes through the specified VLAN attachment resource." }, "ipAddress": { "type": "string", "description": "IP address for this VPN interface associated with the VPN gateway. The IP address could be either a regional external IP address or a regional internal IP address. The two IP addresses for a VPN gateway must be all regional external or regional internal IP addresses. There cannot be a mix of regional external IP addresses and regional internal IP addresses. For HA VPN over Cloud Interconnect, the IP addresses for both interfaces could either be regional internal IP addresses or regional external IP addresses. For regular (non HA VPN over Cloud Interconnect) HA VPN tunnels, the IP address must be a regional external IP address." }, "ipv6Address": { "type": "string", "description": "IPv6 address for this VPN interface associated with the VPN gateway. The IPv6 address must be a regional external IPv6 address. The format is RFC 5952 format (e.g. 2001:db8::2d9:51:0:0)." } }, "type": "object", "required": [ "interconnectAttachment", "ipAddress", "ipv6Address" ] }, "google-native:compute/beta:WeightedBackendService": { "description": "In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple backend services. The volume of traffic for each backend service is proportional to the weight specified in each WeightedBackendService", "properties": { "backendService": { "type": "string", "description": "The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the load balancer applies any relevant headerActions specified as part of this backendServiceWeight." }, "headerAction": { "$ref": "#/types/google-native:compute%2Fbeta:HttpHeaderAction", "description": "Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. headerAction is not supported for load balancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "weight": { "type": "integer", "description": "Specifies the fraction of traffic sent to a backend service, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backend service, subsequent requests are sent to the same backend service as determined by the backend service's session affinity policy. The value must be from 0 to 1000." } }, "type": "object" }, "google-native:compute/beta:WeightedBackendServiceResponse": { "description": "In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple backend services. The volume of traffic for each backend service is proportional to the weight specified in each WeightedBackendService", "properties": { "backendService": { "type": "string", "description": "The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the load balancer applies any relevant headerActions specified as part of this backendServiceWeight." }, "headerAction": { "$ref": "#/types/google-native:compute%2Fbeta:HttpHeaderActionResponse", "description": "Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. headerAction is not supported for load balancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "weight": { "type": "integer", "description": "Specifies the fraction of traffic sent to a backend service, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backend service, subsequent requests are sent to the same backend service as determined by the backend service's session affinity policy. The value must be from 0 to 1000." } }, "type": "object", "required": [ "backendService", "headerAction", "weight" ] }, "google-native:compute/v1:AWSV4Signature": { "description": "Contains the configurations necessary to generate a signature for access to private storage buckets that support Signature Version 4 for authentication. The service name for generating the authentication header will always default to 's3'.", "properties": { "accessKey": { "type": "string", "description": "The access key used for s3 bucket authentication. Required for updating or creating a backend that uses AWS v4 signature authentication, but will not be returned as part of the configuration when queried with a REST API GET request. @InputOnly" }, "accessKeyId": { "type": "string", "description": "The identifier of an access key used for s3 bucket authentication." }, "accessKeyVersion": { "type": "string", "description": "The optional version identifier for the access key. You can use this to keep track of different iterations of your access key." }, "originRegion": { "type": "string", "description": "The name of the cloud region of your origin. This is a free-form field with the name of the region your cloud uses to host your origin. For example, \"us-east-1\" for AWS or \"us-ashburn-1\" for OCI." } }, "type": "object" }, "google-native:compute/v1:AWSV4SignatureResponse": { "description": "Contains the configurations necessary to generate a signature for access to private storage buckets that support Signature Version 4 for authentication. The service name for generating the authentication header will always default to 's3'.", "properties": { "accessKey": { "type": "string", "description": "The access key used for s3 bucket authentication. Required for updating or creating a backend that uses AWS v4 signature authentication, but will not be returned as part of the configuration when queried with a REST API GET request. @InputOnly" }, "accessKeyId": { "type": "string", "description": "The identifier of an access key used for s3 bucket authentication." }, "accessKeyVersion": { "type": "string", "description": "The optional version identifier for the access key. You can use this to keep track of different iterations of your access key." }, "originRegion": { "type": "string", "description": "The name of the cloud region of your origin. This is a free-form field with the name of the region your cloud uses to host your origin. For example, \"us-east-1\" for AWS or \"us-ashburn-1\" for OCI." } }, "type": "object", "required": [ "accessKey", "accessKeyId", "accessKeyVersion", "originRegion" ] }, "google-native:compute/v1:AcceleratorConfig": { "description": "A specification of the type and number of accelerator cards attached to the instance.", "properties": { "acceleratorCount": { "type": "integer", "description": "The number of the guest accelerator cards exposed to this instance." }, "acceleratorType": { "type": "string", "description": "Full or partial URL of the accelerator type resource to attach to this instance. For example: projects/my-project/zones/us-central1-c/acceleratorTypes/nvidia-tesla-p100 If you are creating an instance template, specify only the accelerator name. See GPUs on Compute Engine for a full list of accelerator types." } }, "type": "object" }, "google-native:compute/v1:AcceleratorConfigResponse": { "description": "A specification of the type and number of accelerator cards attached to the instance.", "properties": { "acceleratorCount": { "type": "integer", "description": "The number of the guest accelerator cards exposed to this instance." }, "acceleratorType": { "type": "string", "description": "Full or partial URL of the accelerator type resource to attach to this instance. For example: projects/my-project/zones/us-central1-c/acceleratorTypes/nvidia-tesla-p100 If you are creating an instance template, specify only the accelerator name. See GPUs on Compute Engine for a full list of accelerator types." } }, "type": "object", "required": [ "acceleratorCount", "acceleratorType" ] }, "google-native:compute/v1:AccessConfig": { "description": "An access configuration attached to an instance's network interface. Only one access config per instance is supported.", "properties": { "externalIpv6": { "type": "string", "description": "Applies to ipv6AccessConfigs only. The first IPv6 address of the external IPv6 range associated with this instance, prefix length is stored in externalIpv6PrefixLength in ipv6AccessConfig. To use a static external IP address, it must be unused and in the same region as the instance's zone. If not specified, Google Cloud will automatically assign an external IPv6 address from the instance's subnetwork." }, "externalIpv6PrefixLength": { "type": "integer", "description": "Applies to ipv6AccessConfigs only. The prefix length of the external IPv6 range." }, "name": { "type": "string", "description": "The name of this access configuration. In accessConfigs (IPv4), the default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access. In ipv6AccessConfigs, the recommend name is External IPv6." }, "natIP": { "type": "string", "description": "Applies to accessConfigs (IPv4) only. An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance." }, "networkTier": { "$ref": "#/types/google-native:compute%2Fv1:AccessConfigNetworkTier", "description": "This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP." }, "publicPtrDomainName": { "type": "string", "description": "The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range." }, "setPublicPtr": { "type": "boolean", "description": "Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated." }, "type": { "$ref": "#/types/google-native:compute%2Fv1:AccessConfigType", "description": "The type of configuration. In accessConfigs (IPv4), the default and only option is ONE_TO_ONE_NAT. In ipv6AccessConfigs, the default and only option is DIRECT_IPV6." } }, "type": "object" }, "google-native:compute/v1:AccessConfigNetworkTier": { "description": "This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP.", "type": "string", "enum": [ { "name": "FixedStandard", "description": "Public internet quality with fixed bandwidth.", "value": "FIXED_STANDARD" }, { "name": "Premium", "description": "High quality, Google-grade network tier, support for all networking products.", "value": "PREMIUM" }, { "name": "Standard", "description": "Public internet quality, only limited support for other networking products.", "value": "STANDARD" }, { "name": "StandardOverridesFixedStandard", "description": "(Output only) Temporary tier for FIXED_STANDARD when fixed standard tier is expired or not configured.", "value": "STANDARD_OVERRIDES_FIXED_STANDARD" } ] }, "google-native:compute/v1:AccessConfigResponse": { "description": "An access configuration attached to an instance's network interface. Only one access config per instance is supported.", "properties": { "externalIpv6": { "type": "string", "description": "Applies to ipv6AccessConfigs only. The first IPv6 address of the external IPv6 range associated with this instance, prefix length is stored in externalIpv6PrefixLength in ipv6AccessConfig. To use a static external IP address, it must be unused and in the same region as the instance's zone. If not specified, Google Cloud will automatically assign an external IPv6 address from the instance's subnetwork." }, "externalIpv6PrefixLength": { "type": "integer", "description": "Applies to ipv6AccessConfigs only. The prefix length of the external IPv6 range." }, "kind": { "type": "string", "description": "Type of the resource. Always compute#accessConfig for access configs." }, "name": { "type": "string", "description": "The name of this access configuration. In accessConfigs (IPv4), the default and recommended name is External NAT, but you can use any arbitrary string, such as My external IP or Network Access. In ipv6AccessConfigs, the recommend name is External IPv6." }, "natIP": { "type": "string", "description": "Applies to accessConfigs (IPv4) only. An external IP address associated with this instance. Specify an unused static external IP address available to the project or leave this field undefined to use an IP from a shared ephemeral IP address pool. If you specify a static external IP address, it must live in the same region as the zone of the instance." }, "networkTier": { "type": "string", "description": "This signifies the networking tier used for configuring this access configuration and can only take the following values: PREMIUM, STANDARD. If an AccessConfig is specified without a valid external IP address, an ephemeral IP will be created with this networkTier. If an AccessConfig with a valid external IP address is specified, it must match that of the networkTier associated with the Address resource owning that IP." }, "publicPtrDomainName": { "type": "string", "description": "The DNS domain name for the public PTR record. You can set this field only if the `setPublicPtr` field is enabled in accessConfig. If this field is unspecified in ipv6AccessConfig, a default PTR record will be createc for first IP in associated external IPv6 range." }, "securityPolicy": { "type": "string", "description": "The resource URL for the security policy associated with this access config." }, "setPublicPtr": { "type": "boolean", "description": "Specifies whether a public DNS 'PTR' record should be created to map the external IP address of the instance to a DNS domain name. This field is not used in ipv6AccessConfig. A default PTR record will be created if the VM has external IPv6 range associated." }, "type": { "type": "string", "description": "The type of configuration. In accessConfigs (IPv4), the default and only option is ONE_TO_ONE_NAT. In ipv6AccessConfigs, the default and only option is DIRECT_IPV6." } }, "type": "object", "required": [ "externalIpv6", "externalIpv6PrefixLength", "kind", "name", "natIP", "networkTier", "publicPtrDomainName", "securityPolicy", "setPublicPtr", "type" ] }, "google-native:compute/v1:AccessConfigType": { "description": "The type of configuration. In accessConfigs (IPv4), the default and only option is ONE_TO_ONE_NAT. In ipv6AccessConfigs, the default and only option is DIRECT_IPV6.", "type": "string", "enum": [ { "name": "DirectIpv6", "value": "DIRECT_IPV6" }, { "name": "OneToOneNat", "value": "ONE_TO_ONE_NAT" } ] }, "google-native:compute/v1:AddressAddressType": { "description": "The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.", "type": "string", "enum": [ { "name": "External", "description": "A publicly visible external IP address.", "value": "EXTERNAL" }, { "name": "Internal", "description": "A private network IP address, for use with an Instance or Internal Load Balancer forwarding rule.", "value": "INTERNAL" }, { "name": "UnspecifiedType", "value": "UNSPECIFIED_TYPE" } ] }, "google-native:compute/v1:AddressIpVersion": { "description": "The IP version that will be used by this address. Valid options are IPV4 or IPV6.", "type": "string", "enum": [ { "name": "Ipv4", "value": "IPV4" }, { "name": "Ipv6", "value": "IPV6" }, { "name": "UnspecifiedVersion", "value": "UNSPECIFIED_VERSION" } ] }, "google-native:compute/v1:AddressIpv6EndpointType": { "description": "The endpoint type of this address, which should be VM or NETLB. This is used for deciding which type of endpoint this address can be used after the external IPv6 address reservation.", "type": "string", "enum": [ { "name": "Netlb", "description": "Reserved IPv6 address can be used on network load balancer.", "value": "NETLB" }, { "name": "Vm", "description": "Reserved IPv6 address can be used on VM.", "value": "VM" } ] }, "google-native:compute/v1:AddressNetworkTier": { "description": "This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Internal IP addresses are always Premium Tier; global external IP addresses are always Premium Tier; regional external IP addresses can be either Standard or Premium Tier. If this field is not specified, it is assumed to be PREMIUM.", "type": "string", "enum": [ { "name": "FixedStandard", "description": "Public internet quality with fixed bandwidth.", "value": "FIXED_STANDARD" }, { "name": "Premium", "description": "High quality, Google-grade network tier, support for all networking products.", "value": "PREMIUM" }, { "name": "Standard", "description": "Public internet quality, only limited support for other networking products.", "value": "STANDARD" }, { "name": "StandardOverridesFixedStandard", "description": "(Output only) Temporary tier for FIXED_STANDARD when fixed standard tier is expired or not configured.", "value": "STANDARD_OVERRIDES_FIXED_STANDARD" } ] }, "google-native:compute/v1:AddressPurpose": { "description": "The purpose of this resource, which can be one of the following values: - GCE_ENDPOINT for addresses that are used by VM instances, alias IP ranges, load balancers, and similar resources. - DNS_RESOLVER for a DNS resolver address in a subnetwork for a Cloud DNS inbound forwarder IP addresses (regional internal IP address in a subnet of a VPC network) - VPC_PEERING for global internal IP addresses used for private services access allocated ranges. - NAT_AUTO for the regional external IP addresses used by Cloud NAT when allocating addresses using automatic NAT IP address allocation. - IPSEC_INTERCONNECT for addresses created from a private IP range that are reserved for a VLAN attachment in an *HA VPN over Cloud Interconnect* configuration. These addresses are regional resources. - `SHARED_LOADBALANCER_VIP` for an internal IP address that is assigned to multiple internal forwarding rules. - `PRIVATE_SERVICE_CONNECT` for a private network address that is used to configure Private Service Connect. Only global internal addresses can use this purpose. ", "type": "string", "enum": [ { "name": "DnsResolver", "description": "DNS resolver address in the subnetwork.", "value": "DNS_RESOLVER" }, { "name": "GceEndpoint", "description": "VM internal/alias IP, Internal LB service IP, etc.", "value": "GCE_ENDPOINT" }, { "name": "IpsecInterconnect", "description": "A regional internal IP address range reserved for the VLAN attachment that is used in HA VPN over Cloud Interconnect. This regional internal IP address range must not overlap with any IP address range of subnet/route in the VPC network and its peering networks. After the VLAN attachment is created with the reserved IP address range, when creating a new VPN gateway, its interface IP address is allocated from the associated VLAN attachment’s IP address range.", "value": "IPSEC_INTERCONNECT" }, { "name": "NatAuto", "description": "External IP automatically reserved for Cloud NAT.", "value": "NAT_AUTO" }, { "name": "PrivateServiceConnect", "description": "A private network IP address that can be used to configure Private Service Connect. This purpose can be specified only for GLOBAL addresses of Type INTERNAL", "value": "PRIVATE_SERVICE_CONNECT" }, { "name": "Serverless", "description": "A regional internal IP address range reserved for Serverless.", "value": "SERVERLESS" }, { "name": "SharedLoadbalancerVip", "description": "A private network IP address that can be shared by multiple Internal Load Balancer forwarding rules.", "value": "SHARED_LOADBALANCER_VIP" }, { "name": "VpcPeering", "description": "IP range for peer networks.", "value": "VPC_PEERING" } ] }, "google-native:compute/v1:AdvancedMachineFeatures": { "description": "Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled).", "properties": { "enableNestedVirtualization": { "type": "boolean", "description": "Whether to enable nested virtualization or not (default is false)." }, "enableUefiNetworking": { "type": "boolean", "description": "Whether to enable UEFI networking for instance creation." }, "threadsPerCore": { "type": "integer", "description": "The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed." }, "visibleCoreCount": { "type": "integer", "description": "The number of physical cores to expose to an instance. Multiply by the number of threads per core to compute the total number of virtual CPUs to expose to the instance. If unset, the number of cores is inferred from the instance's nominal CPU count and the underlying platform's SMT width." } }, "type": "object" }, "google-native:compute/v1:AdvancedMachineFeaturesResponse": { "description": "Specifies options for controlling advanced machine features. Options that would traditionally be configured in a BIOS belong here. Features that require operating system support may have corresponding entries in the GuestOsFeatures of an Image (e.g., whether or not the OS in the Image supports nested virtualization being enabled or disabled).", "properties": { "enableNestedVirtualization": { "type": "boolean", "description": "Whether to enable nested virtualization or not (default is false)." }, "enableUefiNetworking": { "type": "boolean", "description": "Whether to enable UEFI networking for instance creation." }, "threadsPerCore": { "type": "integer", "description": "The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed." }, "visibleCoreCount": { "type": "integer", "description": "The number of physical cores to expose to an instance. Multiply by the number of threads per core to compute the total number of virtual CPUs to expose to the instance. If unset, the number of cores is inferred from the instance's nominal CPU count and the underlying platform's SMT width." } }, "type": "object", "required": [ "enableNestedVirtualization", "enableUefiNetworking", "threadsPerCore", "visibleCoreCount" ] }, "google-native:compute/v1:AliasIpRange": { "description": "An alias IP range attached to an instance's network interface.", "properties": { "ipCidrRange": { "type": "string", "description": "The IP alias ranges to allocate for this interface. This IP CIDR range must belong to the specified subnetwork and cannot contain IP addresses reserved by system or used by other network interfaces. This range may be a single IP address (such as 10.2.3.4), a netmask (such as /24) or a CIDR-formatted string (such as 10.1.2.0/24)." }, "subnetworkRangeName": { "type": "string", "description": "The name of a subnetwork secondary IP range from which to allocate an IP alias range. If not specified, the primary range of the subnetwork is used." } }, "type": "object" }, "google-native:compute/v1:AliasIpRangeResponse": { "description": "An alias IP range attached to an instance's network interface.", "properties": { "ipCidrRange": { "type": "string", "description": "The IP alias ranges to allocate for this interface. This IP CIDR range must belong to the specified subnetwork and cannot contain IP addresses reserved by system or used by other network interfaces. This range may be a single IP address (such as 10.2.3.4), a netmask (such as /24) or a CIDR-formatted string (such as 10.1.2.0/24)." }, "subnetworkRangeName": { "type": "string", "description": "The name of a subnetwork secondary IP range from which to allocate an IP alias range. If not specified, the primary range of the subnetwork is used." } }, "type": "object", "required": [ "ipCidrRange", "subnetworkRangeName" ] }, "google-native:compute/v1:AllocationResourceStatusResponse": { "description": "[Output Only] Contains output only fields.", "properties": { "specificSkuAllocation": { "$ref": "#/types/google-native:compute%2Fv1:AllocationResourceStatusSpecificSKUAllocationResponse", "description": "Allocation Properties of this reservation." } }, "type": "object", "required": [ "specificSkuAllocation" ] }, "google-native:compute/v1:AllocationResourceStatusSpecificSKUAllocationResponse": { "description": "Contains Properties set for the reservation.", "properties": { "sourceInstanceTemplateId": { "type": "string", "description": "ID of the instance template used to populate reservation properties." } }, "type": "object", "required": [ "sourceInstanceTemplateId" ] }, "google-native:compute/v1:AllocationSpecificSKUAllocationAllocatedInstancePropertiesReservedDisk": { "properties": { "diskSizeGb": { "type": "string", "description": "Specifies the size of the disk in base-2 GB." }, "interface": { "$ref": "#/types/google-native:compute%2Fv1:AllocationSpecificSKUAllocationAllocatedInstancePropertiesReservedDiskInterface", "description": "Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. For performance characteristics of SCSI over NVMe, see Local SSD performance." } }, "type": "object" }, "google-native:compute/v1:AllocationSpecificSKUAllocationAllocatedInstancePropertiesReservedDiskInterface": { "description": "Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. For performance characteristics of SCSI over NVMe, see Local SSD performance.", "type": "string", "enum": [ { "name": "Nvme", "value": "NVME" }, { "name": "Scsi", "value": "SCSI" } ] }, "google-native:compute/v1:AllocationSpecificSKUAllocationAllocatedInstancePropertiesReservedDiskResponse": { "properties": { "diskSizeGb": { "type": "string", "description": "Specifies the size of the disk in base-2 GB." }, "interface": { "type": "string", "description": "Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. The default is SCSI. For performance characteristics of SCSI over NVMe, see Local SSD performance." } }, "type": "object", "required": [ "diskSizeGb", "interface" ] }, "google-native:compute/v1:AllocationSpecificSKUAllocationReservedInstanceProperties": { "description": "Properties of the SKU instances being reserved. Next ID: 9", "properties": { "guestAccelerators": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:AcceleratorConfig" }, "description": "Specifies accelerator type and count." }, "localSsds": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:AllocationSpecificSKUAllocationAllocatedInstancePropertiesReservedDisk" }, "description": "Specifies amount of local ssd to reserve with each instance. The type of disk is local-ssd." }, "locationHint": { "type": "string", "description": "An opaque location hint used to place the allocation close to other resources. This field is for use by internal tools that use the public API." }, "machineType": { "type": "string", "description": "Specifies type of machine (name only) which has fixed number of vCPUs and fixed amount of memory. This also includes specifying custom machine type following custom-NUMBER_OF_CPUS-AMOUNT_OF_MEMORY pattern." }, "minCpuPlatform": { "type": "string", "description": "Minimum cpu platform the reservation." } }, "type": "object" }, "google-native:compute/v1:AllocationSpecificSKUAllocationReservedInstancePropertiesResponse": { "description": "Properties of the SKU instances being reserved. Next ID: 9", "properties": { "guestAccelerators": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:AcceleratorConfigResponse" }, "description": "Specifies accelerator type and count." }, "localSsds": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:AllocationSpecificSKUAllocationAllocatedInstancePropertiesReservedDiskResponse" }, "description": "Specifies amount of local ssd to reserve with each instance. The type of disk is local-ssd." }, "locationHint": { "type": "string", "description": "An opaque location hint used to place the allocation close to other resources. This field is for use by internal tools that use the public API." }, "machineType": { "type": "string", "description": "Specifies type of machine (name only) which has fixed number of vCPUs and fixed amount of memory. This also includes specifying custom machine type following custom-NUMBER_OF_CPUS-AMOUNT_OF_MEMORY pattern." }, "minCpuPlatform": { "type": "string", "description": "Minimum cpu platform the reservation." } }, "type": "object", "required": [ "guestAccelerators", "localSsds", "locationHint", "machineType", "minCpuPlatform" ] }, "google-native:compute/v1:AllocationSpecificSKUReservation": { "description": "This reservation type allows to pre allocate specific instance configuration. Next ID: 6", "properties": { "count": { "type": "string", "description": "Specifies the number of resources that are allocated." }, "instanceProperties": { "$ref": "#/types/google-native:compute%2Fv1:AllocationSpecificSKUAllocationReservedInstanceProperties", "description": "The instance properties for the reservation." }, "sourceInstanceTemplate": { "type": "string", "description": "Specifies the instance template to create the reservation. If you use this field, you must exclude the instanceProperties field. This field is optional, and it can be a full or partial URL. For example, the following are all valid URLs to an instance template: - https://www.googleapis.com/compute/v1/projects/project /global/instanceTemplates/instanceTemplate - projects/project/global/instanceTemplates/instanceTemplate - global/instanceTemplates/instanceTemplate " } }, "type": "object" }, "google-native:compute/v1:AllocationSpecificSKUReservationResponse": { "description": "This reservation type allows to pre allocate specific instance configuration. Next ID: 6", "properties": { "assuredCount": { "type": "string", "description": "Indicates how many instances are actually usable currently." }, "count": { "type": "string", "description": "Specifies the number of resources that are allocated." }, "inUseCount": { "type": "string", "description": "Indicates how many instances are in use." }, "instanceProperties": { "$ref": "#/types/google-native:compute%2Fv1:AllocationSpecificSKUAllocationReservedInstancePropertiesResponse", "description": "The instance properties for the reservation." }, "sourceInstanceTemplate": { "type": "string", "description": "Specifies the instance template to create the reservation. If you use this field, you must exclude the instanceProperties field. This field is optional, and it can be a full or partial URL. For example, the following are all valid URLs to an instance template: - https://www.googleapis.com/compute/v1/projects/project /global/instanceTemplates/instanceTemplate - projects/project/global/instanceTemplates/instanceTemplate - global/instanceTemplates/instanceTemplate " } }, "type": "object", "required": [ "assuredCount", "count", "inUseCount", "instanceProperties", "sourceInstanceTemplate" ] }, "google-native:compute/v1:AttachedDisk": { "description": "An instance-attached disk resource.", "properties": { "autoDelete": { "type": "boolean", "description": "Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance)." }, "boot": { "type": "boolean", "description": "Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem." }, "deviceName": { "type": "string", "description": "Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks." }, "diskEncryptionKey": { "$ref": "#/types/google-native:compute%2Fv1:CustomerEncryptionKey", "description": "Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group." }, "diskSizeGb": { "type": "string", "description": "The size of the disk in GB." }, "forceAttach": { "type": "boolean", "description": "[Input Only] Whether to force attach the regional disk even if it's currently attached to another instance. If you try to force attach a zonal disk to an instance, you will receive an error." }, "guestOsFeatures": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:GuestOsFeature" }, "description": "A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options." }, "initializeParams": { "$ref": "#/types/google-native:compute%2Fv1:AttachedDiskInitializeParams", "description": "[Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both." }, "interface": { "$ref": "#/types/google-native:compute%2Fv1:AttachedDiskInterface", "description": "Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. For most machine types, the default is SCSI. Local SSDs can use either NVME or SCSI. In certain configurations, persistent disks can use NVMe. For more information, see About persistent disks." }, "mode": { "$ref": "#/types/google-native:compute%2Fv1:AttachedDiskMode", "description": "The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not specified, the default is to attach the disk in READ_WRITE mode." }, "savedState": { "$ref": "#/types/google-native:compute%2Fv1:AttachedDiskSavedState", "description": "For LocalSSD disks on VM Instances in STOPPED or SUSPENDED state, this field is set to PRESERVED if the LocalSSD data has been saved to a persistent location by customer request. (see the discard_local_ssd option on Stop/Suspend). Read-only in the api." }, "source": { "type": "string", "description": "Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name for zonal disk, and the URL for regional disk." }, "type": { "$ref": "#/types/google-native:compute%2Fv1:AttachedDiskType", "description": "Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT." } }, "type": "object" }, "google-native:compute/v1:AttachedDiskInitializeParams": { "description": "[Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This field is persisted and returned for instanceTemplate and not returned in the context of instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.", "properties": { "architecture": { "$ref": "#/types/google-native:compute%2Fv1:AttachedDiskInitializeParamsArchitecture", "description": "The architecture of the attached disk. Valid values are arm64 or x86_64." }, "description": { "type": "string", "description": "An optional description. Provide this property when creating the disk." }, "diskName": { "type": "string", "description": "Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created." }, "diskSizeGb": { "type": "string", "description": "Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB." }, "diskType": { "type": "string", "description": "Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard For a full list of acceptable values, see Persistent disk types. If you specify this field when creating a VM, you can provide either the full or partial URL. For example, the following values are valid: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType If you specify this field when creating or updating an instance template or all-instances configuration, specify the type of the disk, not the URL. For example: pd-standard." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks." }, "licenses": { "type": "array", "items": { "type": "string" }, "description": "A list of publicly visible licenses. Reserved for Google's use." }, "onUpdateAction": { "$ref": "#/types/google-native:compute%2Fv1:AttachedDiskInitializeParamsOnUpdateAction", "description": "Specifies which action to take on instance update with this disk. Default is to use the existing disk." }, "provisionedIops": { "type": "string", "description": "Indicates how many IOPS to provision for the disk. This sets the number of I/O operations per second that the disk can handle. Values must be between 10,000 and 120,000. For more details, see the Extreme persistent disk documentation." }, "provisionedThroughput": { "type": "string", "description": "Indicates how much throughput to provision for the disk. This sets the number of throughput mb per second that the disk can handle. Values must be between 1 and 7,124." }, "replicaZones": { "type": "array", "items": { "type": "string" }, "description": "Required for each regional disk associated with the instance. Specify the URLs of the zones where the disk should be replicated to. You must provide exactly two replica zones, and one zone must be the same as the instance zone." }, "resourceManagerTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource manager tags to be bound to the disk. Tag keys and values have the same definition as resource manager tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values are in the format `tagValues/456`. The field is ignored (both PUT & PATCH) when empty." }, "resourcePolicies": { "type": "array", "items": { "type": "string" }, "description": "Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name." }, "sourceImage": { "type": "string", "description": "The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set." }, "sourceImageEncryptionKey": { "$ref": "#/types/google-native:compute%2Fv1:CustomerEncryptionKey", "description": "The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. InstanceTemplate and InstancePropertiesPatch do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys." }, "sourceSnapshot": { "type": "string", "description": "The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set." }, "sourceSnapshotEncryptionKey": { "$ref": "#/types/google-native:compute%2Fv1:CustomerEncryptionKey", "description": "The customer-supplied encryption key of the source snapshot." } }, "type": "object" }, "google-native:compute/v1:AttachedDiskInitializeParamsArchitecture": { "description": "The architecture of the attached disk. Valid values are arm64 or x86_64.", "type": "string", "enum": [ { "name": "ArchitectureUnspecified", "description": "Default value indicating Architecture is not set.", "value": "ARCHITECTURE_UNSPECIFIED" }, { "name": "Arm64", "description": "Machines with architecture ARM64", "value": "ARM64" }, { "name": "X8664", "description": "Machines with architecture X86_64", "value": "X86_64" } ] }, "google-native:compute/v1:AttachedDiskInitializeParamsOnUpdateAction": { "description": "Specifies which action to take on instance update with this disk. Default is to use the existing disk.", "type": "string", "enum": [ { "name": "RecreateDisk", "description": "Always recreate the disk.", "value": "RECREATE_DISK" }, { "name": "RecreateDiskIfSourceChanged", "description": "Recreate the disk if source (image, snapshot) of this disk is different from source of existing disk.", "value": "RECREATE_DISK_IF_SOURCE_CHANGED" }, { "name": "UseExistingDisk", "description": "Use the existing disk, this is the default behaviour.", "value": "USE_EXISTING_DISK" } ] }, "google-native:compute/v1:AttachedDiskInitializeParamsResponse": { "description": "[Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This field is persisted and returned for instanceTemplate and not returned in the context of instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both.", "properties": { "architecture": { "type": "string", "description": "The architecture of the attached disk. Valid values are arm64 or x86_64." }, "description": { "type": "string", "description": "An optional description. Provide this property when creating the disk." }, "diskName": { "type": "string", "description": "Specifies the disk name. If not specified, the default is to use the name of the instance. If a disk with the same name already exists in the given region, the existing disk is attached to the new instance and the new disk is not created." }, "diskSizeGb": { "type": "string", "description": "Specifies the size of the disk in base-2 GB. The size must be at least 10 GB. If you specify a sourceImage, which is required for boot disks, the default size is the size of the sourceImage. If you do not specify a sourceImage, the default disk size is 500 GB." }, "diskType": { "type": "string", "description": "Specifies the disk type to use to create the instance. If not specified, the default is pd-standard, specified using the full URL. For example: https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/pd-standard For a full list of acceptable values, see Persistent disk types. If you specify this field when creating a VM, you can provide either the full or partial URL. For example, the following values are valid: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /diskTypes/diskType - projects/project/zones/zone/diskTypes/diskType - zones/zone/diskTypes/diskType If you specify this field when creating or updating an instance template or all-instances configuration, specify the type of the disk, not the URL. For example: pd-standard." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels to apply to this disk. These can be later modified by the disks.setLabels method. This field is only applicable for persistent disks." }, "licenses": { "type": "array", "items": { "type": "string" }, "description": "A list of publicly visible licenses. Reserved for Google's use." }, "onUpdateAction": { "type": "string", "description": "Specifies which action to take on instance update with this disk. Default is to use the existing disk." }, "provisionedIops": { "type": "string", "description": "Indicates how many IOPS to provision for the disk. This sets the number of I/O operations per second that the disk can handle. Values must be between 10,000 and 120,000. For more details, see the Extreme persistent disk documentation." }, "provisionedThroughput": { "type": "string", "description": "Indicates how much throughput to provision for the disk. This sets the number of throughput mb per second that the disk can handle. Values must be between 1 and 7,124." }, "replicaZones": { "type": "array", "items": { "type": "string" }, "description": "Required for each regional disk associated with the instance. Specify the URLs of the zones where the disk should be replicated to. You must provide exactly two replica zones, and one zone must be the same as the instance zone." }, "resourceManagerTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource manager tags to be bound to the disk. Tag keys and values have the same definition as resource manager tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values are in the format `tagValues/456`. The field is ignored (both PUT & PATCH) when empty." }, "resourcePolicies": { "type": "array", "items": { "type": "string" }, "description": "Resource policies applied to this disk for automatic snapshot creations. Specified using the full or partial URL. For instance template, specify only the resource policy name." }, "sourceImage": { "type": "string", "description": "The source image to create this disk. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a custom image that you created, specify the image name in the following format: global/images/my-custom-image You can also specify a custom image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-image-family If the source image is deleted later, this field will not be set." }, "sourceImageEncryptionKey": { "$ref": "#/types/google-native:compute%2Fv1:CustomerEncryptionKeyResponse", "description": "The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. InstanceTemplate and InstancePropertiesPatch do not store customer-supplied encryption keys, so you cannot create disks for instances in a managed instance group if the source images are encrypted with your own keys." }, "sourceSnapshot": { "type": "string", "description": "The source snapshot to create this disk. When creating a new instance, one of initializeParams.sourceSnapshot or initializeParams.sourceImage or disks.source is required except for local SSD. To create a disk with a snapshot that you created, specify the snapshot name in the following format: global/snapshots/my-backup If the source snapshot is deleted later, this field will not be set." }, "sourceSnapshotEncryptionKey": { "$ref": "#/types/google-native:compute%2Fv1:CustomerEncryptionKeyResponse", "description": "The customer-supplied encryption key of the source snapshot." } }, "type": "object", "required": [ "architecture", "description", "diskName", "diskSizeGb", "diskType", "labels", "licenses", "onUpdateAction", "provisionedIops", "provisionedThroughput", "replicaZones", "resourceManagerTags", "resourcePolicies", "sourceImage", "sourceImageEncryptionKey", "sourceSnapshot", "sourceSnapshotEncryptionKey" ] }, "google-native:compute/v1:AttachedDiskInterface": { "description": "Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. For most machine types, the default is SCSI. Local SSDs can use either NVME or SCSI. In certain configurations, persistent disks can use NVMe. For more information, see About persistent disks.", "type": "string", "enum": [ { "name": "Nvme", "value": "NVME" }, { "name": "Scsi", "value": "SCSI" } ] }, "google-native:compute/v1:AttachedDiskMode": { "description": "The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not specified, the default is to attach the disk in READ_WRITE mode.", "type": "string", "enum": [ { "name": "ReadOnly", "description": "Attaches this disk in read-only mode. Multiple virtual machines can use a disk in read-only mode at a time.", "value": "READ_ONLY" }, { "name": "ReadWrite", "description": "*[Default]* Attaches this disk in read-write mode. Only one virtual machine at a time can be attached to a disk in read-write mode.", "value": "READ_WRITE" } ] }, "google-native:compute/v1:AttachedDiskResponse": { "description": "An instance-attached disk resource.", "properties": { "architecture": { "type": "string", "description": "The architecture of the attached disk. Valid values are ARM64 or X86_64." }, "autoDelete": { "type": "boolean", "description": "Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance)." }, "boot": { "type": "boolean", "description": "Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem." }, "deviceName": { "type": "string", "description": "Specifies a unique device name of your choice that is reflected into the /dev/disk/by-id/google-* tree of a Linux operating system running within the instance. This name can be used to reference the device for mounting, resizing, and so on, from within the instance. If not specified, the server chooses a default device name to apply to this disk, in the form persistent-disk-x, where x is a number assigned by Google Compute Engine. This field is only applicable for persistent disks." }, "diskEncryptionKey": { "$ref": "#/types/google-native:compute%2Fv1:CustomerEncryptionKeyResponse", "description": "Encrypts or decrypts a disk using a customer-supplied encryption key. If you are creating a new disk, this field encrypts the new disk using an encryption key that you provide. If you are attaching an existing disk that is already encrypted, this field decrypts the disk using the customer-supplied encryption key. If you encrypt a disk using a customer-supplied key, you must provide the same key again when you attempt to use this resource at a later time. For example, you must provide the key when you create a snapshot or an image from the disk or when you attach the disk to a virtual machine instance. If you do not provide an encryption key, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later. Instance templates do not store customer-supplied encryption keys, so you cannot use your own keys to encrypt disks in a managed instance group." }, "diskSizeGb": { "type": "string", "description": "The size of the disk in GB." }, "forceAttach": { "type": "boolean", "description": "[Input Only] Whether to force attach the regional disk even if it's currently attached to another instance. If you try to force attach a zonal disk to an instance, you will receive an error." }, "guestOsFeatures": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:GuestOsFeatureResponse" }, "description": "A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options." }, "index": { "type": "integer", "description": "A zero-based index to this disk, where 0 is reserved for the boot disk. If you have many disks attached to an instance, each disk would have a unique index number." }, "initializeParams": { "$ref": "#/types/google-native:compute%2Fv1:AttachedDiskInitializeParamsResponse", "description": "[Input Only] Specifies the parameters for a new disk that will be created alongside the new instance. Use initialization parameters to create boot disks or local SSDs attached to the new instance. This property is mutually exclusive with the source property; you can only define one or the other, but not both." }, "interface": { "type": "string", "description": "Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME. For most machine types, the default is SCSI. Local SSDs can use either NVME or SCSI. In certain configurations, persistent disks can use NVMe. For more information, see About persistent disks." }, "kind": { "type": "string", "description": "Type of the resource. Always compute#attachedDisk for attached disks." }, "licenses": { "type": "array", "items": { "type": "string" }, "description": "Any valid publicly visible licenses." }, "mode": { "type": "string", "description": "The mode in which to attach this disk, either READ_WRITE or READ_ONLY. If not specified, the default is to attach the disk in READ_WRITE mode." }, "savedState": { "type": "string", "description": "For LocalSSD disks on VM Instances in STOPPED or SUSPENDED state, this field is set to PRESERVED if the LocalSSD data has been saved to a persistent location by customer request. (see the discard_local_ssd option on Stop/Suspend). Read-only in the api." }, "shieldedInstanceInitialState": { "$ref": "#/types/google-native:compute%2Fv1:InitialStateConfigResponse", "description": "shielded vm initial state stored on disk" }, "source": { "type": "string", "description": "Specifies a valid partial or full URL to an existing Persistent Disk resource. When creating a new instance, one of initializeParams.sourceImage or initializeParams.sourceSnapshot or disks.source is required except for local SSD. If desired, you can also attach existing non-root persistent disks using this property. This field is only applicable for persistent disks. Note that for InstanceTemplate, specify the disk name for zonal disk, and the URL for regional disk." }, "type": { "type": "string", "description": "Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT." } }, "type": "object", "required": [ "architecture", "autoDelete", "boot", "deviceName", "diskEncryptionKey", "diskSizeGb", "forceAttach", "guestOsFeatures", "index", "initializeParams", "interface", "kind", "licenses", "mode", "savedState", "shieldedInstanceInitialState", "source", "type" ] }, "google-native:compute/v1:AttachedDiskSavedState": { "description": "For LocalSSD disks on VM Instances in STOPPED or SUSPENDED state, this field is set to PRESERVED if the LocalSSD data has been saved to a persistent location by customer request. (see the discard_local_ssd option on Stop/Suspend). Read-only in the api.", "type": "string", "enum": [ { "name": "DiskSavedStateUnspecified", "description": "*[Default]* Disk state has not been preserved.", "value": "DISK_SAVED_STATE_UNSPECIFIED" }, { "name": "Preserved", "description": "Disk state has been preserved.", "value": "PRESERVED" } ] }, "google-native:compute/v1:AttachedDiskType": { "description": "Specifies the type of the disk, either SCRATCH or PERSISTENT. If not specified, the default is PERSISTENT.", "type": "string", "enum": [ { "name": "Persistent", "value": "PERSISTENT" }, { "name": "Scratch", "value": "SCRATCH" } ] }, "google-native:compute/v1:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "This is deprecated and has no effect. Do not use." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:compute/v1:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "This is deprecated and has no effect. Do not use." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "exemptedMembers", "service" ] }, "google-native:compute/v1:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "ignoreChildExemptions": { "type": "boolean", "description": "This is deprecated and has no effect. Do not use." }, "logType": { "$ref": "#/types/google-native:compute%2Fv1:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:compute/v1:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" } ] }, "google-native:compute/v1:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "ignoreChildExemptions": { "type": "boolean", "description": "This is deprecated and has no effect. Do not use." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "ignoreChildExemptions", "logType" ] }, "google-native:compute/v1:AuthorizationLoggingOptions": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "permissionType": { "$ref": "#/types/google-native:compute%2Fv1:AuthorizationLoggingOptionsPermissionType", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object" }, "google-native:compute/v1:AuthorizationLoggingOptionsPermissionType": { "description": "This is deprecated and has no effect. Do not use.", "type": "string", "enum": [ { "name": "AdminRead", "description": "This is deprecated and has no effect. Do not use.", "value": "ADMIN_READ" }, { "name": "AdminWrite", "description": "This is deprecated and has no effect. Do not use.", "value": "ADMIN_WRITE" }, { "name": "DataRead", "description": "This is deprecated and has no effect. Do not use.", "value": "DATA_READ" }, { "name": "DataWrite", "description": "This is deprecated and has no effect. Do not use.", "value": "DATA_WRITE" }, { "name": "PermissionTypeUnspecified", "description": "This is deprecated and has no effect. Do not use.", "value": "PERMISSION_TYPE_UNSPECIFIED" } ] }, "google-native:compute/v1:AuthorizationLoggingOptionsResponse": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "permissionType": { "type": "string", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object", "required": [ "permissionType" ] }, "google-native:compute/v1:AutoscalerStatusDetailsResponse": { "properties": { "message": { "type": "string", "description": "The status message." }, "type": { "type": "string", "description": "The type of error, warning, or notice returned. Current set of possible values: - ALL_INSTANCES_UNHEALTHY (WARNING): All instances in the instance group are unhealthy (not in RUNNING state). - BACKEND_SERVICE_DOES_NOT_EXIST (ERROR): There is no backend service attached to the instance group. - CAPPED_AT_MAX_NUM_REPLICAS (WARNING): Autoscaler recommends a size greater than maxNumReplicas. - CUSTOM_METRIC_DATA_POINTS_TOO_SPARSE (WARNING): The custom metric samples are not exported often enough to be a credible base for autoscaling. - CUSTOM_METRIC_INVALID (ERROR): The custom metric that was specified does not exist or does not have the necessary labels. - MIN_EQUALS_MAX (WARNING): The minNumReplicas is equal to maxNumReplicas. This means the autoscaler cannot add or remove instances from the instance group. - MISSING_CUSTOM_METRIC_DATA_POINTS (WARNING): The autoscaler did not receive any data from the custom metric configured for autoscaling. - MISSING_LOAD_BALANCING_DATA_POINTS (WARNING): The autoscaler is configured to scale based on a load balancing signal but the instance group has not received any requests from the load balancer. - MODE_OFF (WARNING): Autoscaling is turned off. The number of instances in the group won't change automatically. The autoscaling configuration is preserved. - MODE_ONLY_UP (WARNING): Autoscaling is in the \"Autoscale only out\" mode. The autoscaler can add instances but not remove any. - MORE_THAN_ONE_BACKEND_SERVICE (ERROR): The instance group cannot be autoscaled because it has more than one backend service attached to it. - NOT_ENOUGH_QUOTA_AVAILABLE (ERROR): There is insufficient quota for the necessary resources, such as CPU or number of instances. - REGION_RESOURCE_STOCKOUT (ERROR): Shown only for regional autoscalers: there is a resource stockout in the chosen region. - SCALING_TARGET_DOES_NOT_EXIST (ERROR): The target to be scaled does not exist. - UNSUPPORTED_MAX_RATE_LOAD_BALANCING_CONFIGURATION (ERROR): Autoscaling does not work with an HTTP/S load balancer that has been configured for maxRate. - ZONE_RESOURCE_STOCKOUT (ERROR): For zonal autoscalers: there is a resource stockout in the chosen zone. For regional autoscalers: in at least one of the zones you're using there is a resource stockout. New values might be added in the future. Some of the values might not be available in all API versions." } }, "type": "object", "required": [ "message", "type" ] }, "google-native:compute/v1:AutoscalingPolicy": { "description": "Cloud Autoscaler policy.", "properties": { "coolDownPeriodSec": { "type": "integer", "description": "The number of seconds that your application takes to initialize on a VM instance. This is referred to as the [initialization period](/compute/docs/autoscaler#cool_down_period). Specifying an accurate initialization period improves autoscaler decisions. For example, when scaling out, the autoscaler ignores data from VMs that are still initializing because those VMs might not yet represent normal usage of your application. The default initialization period is 60 seconds. Initialization periods might vary because of numerous factors. We recommend that you test how long your application takes to initialize. To do this, create a VM and time your application's startup process." }, "cpuUtilization": { "$ref": "#/types/google-native:compute%2Fv1:AutoscalingPolicyCpuUtilization", "description": "Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group." }, "customMetricUtilizations": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:AutoscalingPolicyCustomMetricUtilization" }, "description": "Configuration parameters of autoscaling based on a custom metric." }, "loadBalancingUtilization": { "$ref": "#/types/google-native:compute%2Fv1:AutoscalingPolicyLoadBalancingUtilization", "description": "Configuration parameters of autoscaling based on load balancer." }, "maxNumReplicas": { "type": "integer", "description": "The maximum number of instances that the autoscaler can scale out to. This is required when creating or updating an autoscaler. The maximum number of replicas must not be lower than minimal number of replicas." }, "minNumReplicas": { "type": "integer", "description": "The minimum number of replicas that the autoscaler can scale in to. This cannot be less than 0. If not provided, autoscaler chooses a default value depending on maximum number of instances allowed." }, "mode": { "$ref": "#/types/google-native:compute%2Fv1:AutoscalingPolicyMode", "description": "Defines the operating mode for this policy. The following modes are available: - OFF: Disables the autoscaler but maintains its configuration. - ONLY_SCALE_OUT: Restricts the autoscaler to add VM instances only. - ON: Enables all autoscaler activities according to its policy. For more information, see \"Turning off or restricting an autoscaler\"" }, "scaleInControl": { "$ref": "#/types/google-native:compute%2Fv1:AutoscalingPolicyScaleInControl" }, "scalingSchedules": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Scaling schedules defined for an autoscaler. Multiple schedules can be set on an autoscaler, and they can overlap. During overlapping periods the greatest min_required_replicas of all scaling schedules is applied. Up to 128 scaling schedules are allowed." } }, "type": "object" }, "google-native:compute/v1:AutoscalingPolicyCpuUtilization": { "description": "CPU utilization policy.", "properties": { "predictiveMethod": { "$ref": "#/types/google-native:compute%2Fv1:AutoscalingPolicyCpuUtilizationPredictiveMethod", "description": "Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand." }, "utilizationTarget": { "type": "number", "description": "The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization." } }, "type": "object" }, "google-native:compute/v1:AutoscalingPolicyCpuUtilizationPredictiveMethod": { "description": "Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.", "type": "string", "enum": [ { "name": "None", "description": "No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics", "value": "NONE" }, { "name": "OptimizeAvailability", "description": "Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand.", "value": "OPTIMIZE_AVAILABILITY" } ] }, "google-native:compute/v1:AutoscalingPolicyCpuUtilizationResponse": { "description": "CPU utilization policy.", "properties": { "predictiveMethod": { "type": "string", "description": "Indicates whether predictive autoscaling based on CPU metric is enabled. Valid values are: * NONE (default). No predictive method is used. The autoscaler scales the group to meet current demand based on real-time metrics. * OPTIMIZE_AVAILABILITY. Predictive autoscaling improves availability by monitoring daily and weekly load patterns and scaling out ahead of anticipated demand." }, "utilizationTarget": { "type": "number", "description": "The target CPU utilization that the autoscaler maintains. Must be a float value in the range (0, 1]. If not specified, the default is 0.6. If the CPU level is below the target utilization, the autoscaler scales in the number of instances until it reaches the minimum number of instances you specified or until the average CPU of your instances reaches the target utilization. If the average CPU is above the target utilization, the autoscaler scales out until it reaches the maximum number of instances you specified or until the average utilization reaches the target utilization." } }, "type": "object", "required": [ "predictiveMethod", "utilizationTarget" ] }, "google-native:compute/v1:AutoscalingPolicyCustomMetricUtilization": { "description": "Custom utilization metric policy.", "properties": { "filter": { "type": "string", "description": "A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value." }, "metric": { "type": "string", "description": "The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE." }, "singleInstanceAssignment": { "type": "number", "description": "If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead." }, "utilizationTarget": { "type": "number", "description": "The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances." }, "utilizationTargetType": { "$ref": "#/types/google-native:compute%2Fv1:AutoscalingPolicyCustomMetricUtilizationUtilizationTargetType", "description": "Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE." } }, "type": "object" }, "google-native:compute/v1:AutoscalingPolicyCustomMetricUtilizationResponse": { "description": "Custom utilization metric policy.", "properties": { "filter": { "type": "string", "description": "A filter string, compatible with a Stackdriver Monitoring filter string for TimeSeries.list API call. This filter is used to select a specific TimeSeries for the purpose of autoscaling and to determine whether the metric is exporting per-instance or per-group data. For the filter to be valid for autoscaling purposes, the following rules apply: - You can only use the AND operator for joining selectors. - You can only use direct equality comparison operator (=) without any functions for each selector. - You can specify the metric in both the filter string and in the metric field. However, if specified in both places, the metric must be identical. - The monitored resource type determines what kind of values are expected for the metric. If it is a gce_instance, the autoscaler expects the metric to include a separate TimeSeries for each instance in a group. In such a case, you cannot filter on resource labels. If the resource type is any other value, the autoscaler expects this metric to contain values that apply to the entire autoscaled instance group and resource label filtering can be performed to point autoscaler at the correct TimeSeries to scale upon. This is called a *per-group metric* for the purpose of autoscaling. If not specified, the type defaults to gce_instance. Try to provide a filter that is selective enough to pick just one TimeSeries for the autoscaled group or for each of the instances (if you are using gce_instance resource type). If multiple TimeSeries are returned upon the query execution, the autoscaler will sum their respective values to obtain its scaling value." }, "metric": { "type": "string", "description": "The identifier (type) of the Stackdriver Monitoring metric. The metric cannot have negative values. The metric must have a value type of INT64 or DOUBLE." }, "singleInstanceAssignment": { "type": "number", "description": "If scaling is based on a per-group metric value that represents the total amount of work to be done or resource usage, set this value to an amount assigned for a single instance of the scaled group. Autoscaler keeps the number of instances proportional to the value of this metric. The metric itself does not change value due to group resizing. A good metric to use with the target is for example pubsub.googleapis.com/subscription/num_undelivered_messages or a custom metric exporting the total number of requests coming to your instances. A bad example would be a metric exporting an average or median latency, since this value can't include a chunk assignable to a single instance, it could be better used with utilization_target instead." }, "utilizationTarget": { "type": "number", "description": "The target value of the metric that autoscaler maintains. This must be a positive value. A utilization metric scales number of virtual machines handling requests to increase or decrease proportionally to the metric. For example, a good metric to use as a utilization_target is https://www.googleapis.com/compute/v1/instance/network/received_bytes_count. The autoscaler works to keep this value constant for each of the instances." }, "utilizationTargetType": { "type": "string", "description": "Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE." } }, "type": "object", "required": [ "filter", "metric", "singleInstanceAssignment", "utilizationTarget", "utilizationTargetType" ] }, "google-native:compute/v1:AutoscalingPolicyCustomMetricUtilizationUtilizationTargetType": { "description": "Defines how target utilization value is expressed for a Stackdriver Monitoring metric. Either GAUGE, DELTA_PER_SECOND, or DELTA_PER_MINUTE.", "type": "string", "enum": [ { "name": "DeltaPerMinute", "description": "Sets the utilization target value for a cumulative or delta metric, expressed as the rate of growth per minute.", "value": "DELTA_PER_MINUTE" }, { "name": "DeltaPerSecond", "description": "Sets the utilization target value for a cumulative or delta metric, expressed as the rate of growth per second.", "value": "DELTA_PER_SECOND" }, { "name": "Gauge", "description": "Sets the utilization target value for a gauge metric. The autoscaler will collect the average utilization of the virtual machines from the last couple of minutes, and compare the value to the utilization target value to perform autoscaling.", "value": "GAUGE" } ] }, "google-native:compute/v1:AutoscalingPolicyLoadBalancingUtilization": { "description": "Configuration parameters of autoscaling based on load balancing.", "properties": { "utilizationTarget": { "type": "number", "description": "Fraction of backend capacity utilization (set in HTTP(S) load balancing configuration) that the autoscaler maintains. Must be a positive float value. If not defined, the default is 0.8." } }, "type": "object" }, "google-native:compute/v1:AutoscalingPolicyLoadBalancingUtilizationResponse": { "description": "Configuration parameters of autoscaling based on load balancing.", "properties": { "utilizationTarget": { "type": "number", "description": "Fraction of backend capacity utilization (set in HTTP(S) load balancing configuration) that the autoscaler maintains. Must be a positive float value. If not defined, the default is 0.8." } }, "type": "object", "required": [ "utilizationTarget" ] }, "google-native:compute/v1:AutoscalingPolicyMode": { "description": "Defines the operating mode for this policy. The following modes are available: - OFF: Disables the autoscaler but maintains its configuration. - ONLY_SCALE_OUT: Restricts the autoscaler to add VM instances only. - ON: Enables all autoscaler activities according to its policy. For more information, see \"Turning off or restricting an autoscaler\"", "type": "string", "enum": [ { "name": "Off", "description": "Do not automatically scale the MIG in or out. The recommended_size field contains the size of MIG that would be set if the actuation mode was enabled.", "value": "OFF" }, { "name": "On", "description": "Automatically scale the MIG in and out according to the policy.", "value": "ON" }, { "name": "OnlyScaleOut", "description": "Automatically create VMs according to the policy, but do not scale the MIG in.", "value": "ONLY_SCALE_OUT" }, { "name": "OnlyUp", "description": "Automatically create VMs according to the policy, but do not scale the MIG in.", "value": "ONLY_UP" } ] }, "google-native:compute/v1:AutoscalingPolicyResponse": { "description": "Cloud Autoscaler policy.", "properties": { "coolDownPeriodSec": { "type": "integer", "description": "The number of seconds that your application takes to initialize on a VM instance. This is referred to as the [initialization period](/compute/docs/autoscaler#cool_down_period). Specifying an accurate initialization period improves autoscaler decisions. For example, when scaling out, the autoscaler ignores data from VMs that are still initializing because those VMs might not yet represent normal usage of your application. The default initialization period is 60 seconds. Initialization periods might vary because of numerous factors. We recommend that you test how long your application takes to initialize. To do this, create a VM and time your application's startup process." }, "cpuUtilization": { "$ref": "#/types/google-native:compute%2Fv1:AutoscalingPolicyCpuUtilizationResponse", "description": "Defines the CPU utilization policy that allows the autoscaler to scale based on the average CPU utilization of a managed instance group." }, "customMetricUtilizations": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:AutoscalingPolicyCustomMetricUtilizationResponse" }, "description": "Configuration parameters of autoscaling based on a custom metric." }, "loadBalancingUtilization": { "$ref": "#/types/google-native:compute%2Fv1:AutoscalingPolicyLoadBalancingUtilizationResponse", "description": "Configuration parameters of autoscaling based on load balancer." }, "maxNumReplicas": { "type": "integer", "description": "The maximum number of instances that the autoscaler can scale out to. This is required when creating or updating an autoscaler. The maximum number of replicas must not be lower than minimal number of replicas." }, "minNumReplicas": { "type": "integer", "description": "The minimum number of replicas that the autoscaler can scale in to. This cannot be less than 0. If not provided, autoscaler chooses a default value depending on maximum number of instances allowed." }, "mode": { "type": "string", "description": "Defines the operating mode for this policy. The following modes are available: - OFF: Disables the autoscaler but maintains its configuration. - ONLY_SCALE_OUT: Restricts the autoscaler to add VM instances only. - ON: Enables all autoscaler activities according to its policy. For more information, see \"Turning off or restricting an autoscaler\"" }, "scaleInControl": { "$ref": "#/types/google-native:compute%2Fv1:AutoscalingPolicyScaleInControlResponse" }, "scalingSchedules": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Scaling schedules defined for an autoscaler. Multiple schedules can be set on an autoscaler, and they can overlap. During overlapping periods the greatest min_required_replicas of all scaling schedules is applied. Up to 128 scaling schedules are allowed." } }, "type": "object", "required": [ "coolDownPeriodSec", "cpuUtilization", "customMetricUtilizations", "loadBalancingUtilization", "maxNumReplicas", "minNumReplicas", "mode", "scaleInControl", "scalingSchedules" ] }, "google-native:compute/v1:AutoscalingPolicyScaleInControl": { "description": "Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.", "properties": { "maxScaledInReplicas": { "$ref": "#/types/google-native:compute%2Fv1:FixedOrPercent", "description": "Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step." }, "timeWindowSec": { "type": "integer", "description": "How far back autoscaling looks when computing recommendations to include directives regarding slower scale in, as described above." } }, "type": "object" }, "google-native:compute/v1:AutoscalingPolicyScaleInControlResponse": { "description": "Configuration that allows for slower scale in so that even if Autoscaler recommends an abrupt scale in of a MIG, it will be throttled as specified by the parameters below.", "properties": { "maxScaledInReplicas": { "$ref": "#/types/google-native:compute%2Fv1:FixedOrPercentResponse", "description": "Maximum allowed number (or %) of VMs that can be deducted from the peak recommendation during the window autoscaler looks at when computing recommendations. Possibly all these VMs can be deleted at once so user service needs to be prepared to lose that many VMs in one step." }, "timeWindowSec": { "type": "integer", "description": "How far back autoscaling looks when computing recommendations to include directives regarding slower scale in, as described above." } }, "type": "object", "required": [ "maxScaledInReplicas", "timeWindowSec" ] }, "google-native:compute/v1:Backend": { "description": "Message containing information of one individual backend.", "properties": { "balancingMode": { "$ref": "#/types/google-native:compute%2Fv1:BackendBalancingMode", "description": "Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode. Backends must use compatible balancing modes. For more information, see Supported balancing modes and target capacity settings and Restrictions and guidance for instance groups. Note: Currently, if you use the API to configure incompatible balancing modes, the configuration might be accepted even though it has no impact and is ignored. Specifically, Backend.maxUtilization is ignored when Backend.balancingMode is RATE. In the future, this incompatible combination will be rejected." }, "capacityScaler": { "type": "number", "description": "A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not available with backends that don't support using a balancingMode. This includes backends such as global internet NEGs, regional serverless NEGs, and PSC NEGs." }, "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "failover": { "type": "boolean", "description": "This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService." }, "group": { "type": "string", "description": "The fully-qualified URL of an instance group or network endpoint group (NEG) resource. To determine what types of backends a load balancer supports, see the [Backend services overview](https://cloud.google.com/load-balancing/docs/backend-service#backends). You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported." }, "maxConnections": { "type": "integer", "description": "Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE." }, "maxConnectionsPerEndpoint": { "type": "integer", "description": "Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE." }, "maxConnectionsPerInstance": { "type": "integer", "description": "Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE." }, "maxRate": { "type": "integer", "description": "Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION." }, "maxRatePerEndpoint": { "type": "number", "description": "Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION." }, "maxRatePerInstance": { "type": "number", "description": "Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION." }, "maxUtilization": { "type": "number", "description": "Optional parameter to define a target capacity for the UTILIZATION balancing mode. The valid range is [0.0, 1.0]. For usage guidelines, see Utilization balancing mode." } }, "type": "object" }, "google-native:compute/v1:BackendBalancingMode": { "description": "Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode. Backends must use compatible balancing modes. For more information, see Supported balancing modes and target capacity settings and Restrictions and guidance for instance groups. Note: Currently, if you use the API to configure incompatible balancing modes, the configuration might be accepted even though it has no impact and is ignored. Specifically, Backend.maxUtilization is ignored when Backend.balancingMode is RATE. In the future, this incompatible combination will be rejected.", "type": "string", "enum": [ { "name": "Connection", "description": "Balance based on the number of simultaneous connections.", "value": "CONNECTION" }, { "name": "Rate", "description": "Balance based on requests per second (RPS).", "value": "RATE" }, { "name": "Utilization", "description": "Balance based on the backend utilization.", "value": "UTILIZATION" } ] }, "google-native:compute/v1:BackendBucketCdnPolicy": { "description": "Message containing Cloud CDN configuration for a backend bucket.", "properties": { "bypassCacheOnRequestHeaders": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:BackendBucketCdnPolicyBypassCacheOnRequestHeader" }, "description": "Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings." }, "cacheKeyPolicy": { "$ref": "#/types/google-native:compute%2Fv1:BackendBucketCdnPolicyCacheKeyPolicy", "description": "The CacheKeyPolicy for this CdnPolicy." }, "cacheMode": { "$ref": "#/types/google-native:compute%2Fv1:BackendBucketCdnPolicyCacheMode", "description": "Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any \"private\", \"no-store\" or \"no-cache\" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached." }, "clientTtl": { "type": "integer", "description": "Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a \"public\" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a \"public\" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year)." }, "defaultTtl": { "type": "integer", "description": "Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of \"0\" means \"always revalidate\". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." }, "maxTtl": { "type": "integer", "description": "Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of \"0\" means \"always revalidate\". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." }, "negativeCaching": { "type": "boolean", "description": "Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy." }, "negativeCachingPolicy": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:BackendBucketCdnPolicyNegativeCachingPolicy" }, "description": "Sets a cache TTL for the specified HTTP status code. negative_caching must be enabled to configure negative_caching_policy. Omitting the policy and leaving negative_caching enabled will use Cloud CDN's default cache TTLs. Note that when specifying an explicit negative_caching_policy, you should take care to specify a cache TTL for all response codes that you wish to cache. Cloud CDN will not apply any default negative caching when a policy exists." }, "requestCoalescing": { "type": "boolean", "description": "If true then Cloud CDN will combine multiple concurrent cache fill requests into a small number of requests to the origin." }, "serveWhileStale": { "type": "integer", "description": "Serve existing content from the cache (if available) when revalidating content with the origin, or when an error is encountered when refreshing the cache. This setting defines the default \"max-stale\" duration for any cached responses that do not specify a max-stale directive. Stale responses that exceed the TTL configured here will not be served. The default limit (max-stale) is 86400s (1 day), which will allow stale content to be served up to this limit beyond the max-age (or s-max-age) of a cached response. The maximum allowed value is 604800 (1 week). Set this to zero (0) to disable serve-while-stale." }, "signedUrlCacheMaxAgeSec": { "type": "string", "description": "Maximum number of seconds the response to a signed URL request will be considered fresh. After this time period, the response will be revalidated before being served. Defaults to 1hr (3600s). When serving responses to signed URL requests, Cloud CDN will internally behave as though all responses from this backend had a \"Cache-Control: public, max-age=[TTL]\" header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered." } }, "type": "object" }, "google-native:compute/v1:BackendBucketCdnPolicyBypassCacheOnRequestHeader": { "description": "Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.", "properties": { "headerName": { "type": "string", "description": "The header field name to match on when bypassing cache. Values are case-insensitive." } }, "type": "object" }, "google-native:compute/v1:BackendBucketCdnPolicyBypassCacheOnRequestHeaderResponse": { "description": "Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.", "properties": { "headerName": { "type": "string", "description": "The header field name to match on when bypassing cache. Values are case-insensitive." } }, "type": "object", "required": [ "headerName" ] }, "google-native:compute/v1:BackendBucketCdnPolicyCacheKeyPolicy": { "description": "Message containing what to include in the cache key for a request for Cloud CDN.", "properties": { "includeHttpHeaders": { "type": "array", "items": { "type": "string" }, "description": "Allows HTTP request headers (by name) to be used in the cache key." }, "queryStringWhitelist": { "type": "array", "items": { "type": "string" }, "description": "Names of query string parameters to include in cache keys. Default parameters are always included. '&' and '=' will be percent encoded and not treated as delimiters." } }, "type": "object" }, "google-native:compute/v1:BackendBucketCdnPolicyCacheKeyPolicyResponse": { "description": "Message containing what to include in the cache key for a request for Cloud CDN.", "properties": { "includeHttpHeaders": { "type": "array", "items": { "type": "string" }, "description": "Allows HTTP request headers (by name) to be used in the cache key." }, "queryStringWhitelist": { "type": "array", "items": { "type": "string" }, "description": "Names of query string parameters to include in cache keys. Default parameters are always included. '&' and '=' will be percent encoded and not treated as delimiters." } }, "type": "object", "required": [ "includeHttpHeaders", "queryStringWhitelist" ] }, "google-native:compute/v1:BackendBucketCdnPolicyCacheMode": { "description": "Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any \"private\", \"no-store\" or \"no-cache\" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.", "type": "string", "enum": [ { "name": "CacheAllStatic", "description": "Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.", "value": "CACHE_ALL_STATIC" }, { "name": "ForceCacheAll", "description": "Cache all content, ignoring any \"private\", \"no-store\" or \"no-cache\" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.", "value": "FORCE_CACHE_ALL" }, { "name": "InvalidCacheMode", "value": "INVALID_CACHE_MODE" }, { "name": "UseOriginHeaders", "description": "Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.", "value": "USE_ORIGIN_HEADERS" } ] }, "google-native:compute/v1:BackendBucketCdnPolicyNegativeCachingPolicy": { "description": "Specify CDN TTLs for response error codes.", "properties": { "code": { "type": "integer", "description": "The HTTP status code to define a TTL against. Only HTTP status codes 300, 301, 302, 307, 308, 404, 405, 410, 421, 451 and 501 are can be specified as values, and you cannot specify a status code more than once." }, "ttl": { "type": "integer", "description": "The TTL (in seconds) for which to cache responses with the corresponding status code. The maximum allowed value is 1800s (30 minutes), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." } }, "type": "object" }, "google-native:compute/v1:BackendBucketCdnPolicyNegativeCachingPolicyResponse": { "description": "Specify CDN TTLs for response error codes.", "properties": { "code": { "type": "integer", "description": "The HTTP status code to define a TTL against. Only HTTP status codes 300, 301, 302, 307, 308, 404, 405, 410, 421, 451 and 501 are can be specified as values, and you cannot specify a status code more than once." }, "ttl": { "type": "integer", "description": "The TTL (in seconds) for which to cache responses with the corresponding status code. The maximum allowed value is 1800s (30 minutes), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." } }, "type": "object", "required": [ "code", "ttl" ] }, "google-native:compute/v1:BackendBucketCdnPolicyResponse": { "description": "Message containing Cloud CDN configuration for a backend bucket.", "properties": { "bypassCacheOnRequestHeaders": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:BackendBucketCdnPolicyBypassCacheOnRequestHeaderResponse" }, "description": "Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings." }, "cacheKeyPolicy": { "$ref": "#/types/google-native:compute%2Fv1:BackendBucketCdnPolicyCacheKeyPolicyResponse", "description": "The CacheKeyPolicy for this CdnPolicy." }, "cacheMode": { "type": "string", "description": "Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any \"private\", \"no-store\" or \"no-cache\" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached." }, "clientTtl": { "type": "integer", "description": "Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a \"public\" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a \"public\" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year)." }, "defaultTtl": { "type": "integer", "description": "Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of \"0\" means \"always revalidate\". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." }, "maxTtl": { "type": "integer", "description": "Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of \"0\" means \"always revalidate\". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." }, "negativeCaching": { "type": "boolean", "description": "Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy." }, "negativeCachingPolicy": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:BackendBucketCdnPolicyNegativeCachingPolicyResponse" }, "description": "Sets a cache TTL for the specified HTTP status code. negative_caching must be enabled to configure negative_caching_policy. Omitting the policy and leaving negative_caching enabled will use Cloud CDN's default cache TTLs. Note that when specifying an explicit negative_caching_policy, you should take care to specify a cache TTL for all response codes that you wish to cache. Cloud CDN will not apply any default negative caching when a policy exists." }, "requestCoalescing": { "type": "boolean", "description": "If true then Cloud CDN will combine multiple concurrent cache fill requests into a small number of requests to the origin." }, "serveWhileStale": { "type": "integer", "description": "Serve existing content from the cache (if available) when revalidating content with the origin, or when an error is encountered when refreshing the cache. This setting defines the default \"max-stale\" duration for any cached responses that do not specify a max-stale directive. Stale responses that exceed the TTL configured here will not be served. The default limit (max-stale) is 86400s (1 day), which will allow stale content to be served up to this limit beyond the max-age (or s-max-age) of a cached response. The maximum allowed value is 604800 (1 week). Set this to zero (0) to disable serve-while-stale." }, "signedUrlCacheMaxAgeSec": { "type": "string", "description": "Maximum number of seconds the response to a signed URL request will be considered fresh. After this time period, the response will be revalidated before being served. Defaults to 1hr (3600s). When serving responses to signed URL requests, Cloud CDN will internally behave as though all responses from this backend had a \"Cache-Control: public, max-age=[TTL]\" header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered." }, "signedUrlKeyNames": { "type": "array", "items": { "type": "string" }, "description": "Names of the keys for signing request URLs." } }, "type": "object", "required": [ "bypassCacheOnRequestHeaders", "cacheKeyPolicy", "cacheMode", "clientTtl", "defaultTtl", "maxTtl", "negativeCaching", "negativeCachingPolicy", "requestCoalescing", "serveWhileStale", "signedUrlCacheMaxAgeSec", "signedUrlKeyNames" ] }, "google-native:compute/v1:BackendBucketCompressionMode": { "description": "Compress text responses using Brotli or gzip compression, based on the client's Accept-Encoding header.", "type": "string", "enum": [ { "name": "Automatic", "description": "Automatically uses the best compression based on the Accept-Encoding header sent by the client.", "value": "AUTOMATIC" }, { "name": "Disabled", "description": "Disables compression. Existing compressed responses cached by Cloud CDN will not be served to clients.", "value": "DISABLED" } ] }, "google-native:compute/v1:BackendResponse": { "description": "Message containing information of one individual backend.", "properties": { "balancingMode": { "type": "string", "description": "Specifies how to determine whether the backend of a load balancer can handle additional traffic or is fully loaded. For usage guidelines, see Connection balancing mode. Backends must use compatible balancing modes. For more information, see Supported balancing modes and target capacity settings and Restrictions and guidance for instance groups. Note: Currently, if you use the API to configure incompatible balancing modes, the configuration might be accepted even though it has no impact and is ignored. Specifically, Backend.maxUtilization is ignored when Backend.balancingMode is RATE. In the future, this incompatible combination will be rejected." }, "capacityScaler": { "type": "number", "description": "A multiplier applied to the backend's target capacity of its balancing mode. The default value is 1, which means the group serves up to 100% of its configured capacity (depending on balancingMode). A setting of 0 means the group is completely drained, offering 0% of its available capacity. The valid ranges are 0.0 and [0.1,1.0]. You cannot configure a setting larger than 0 and smaller than 0.1. You cannot configure a setting of 0 when there is only one backend attached to the backend service. Not available with backends that don't support using a balancingMode. This includes backends such as global internet NEGs, regional serverless NEGs, and PSC NEGs." }, "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "failover": { "type": "boolean", "description": "This field designates whether this is a failover backend. More than one failover backend can be configured for a given BackendService." }, "group": { "type": "string", "description": "The fully-qualified URL of an instance group or network endpoint group (NEG) resource. To determine what types of backends a load balancer supports, see the [Backend services overview](https://cloud.google.com/load-balancing/docs/backend-service#backends). You must use the *fully-qualified* URL (starting with https://www.googleapis.com/) to specify the instance group or NEG. Partial URLs are not supported." }, "maxConnections": { "type": "integer", "description": "Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE." }, "maxConnectionsPerEndpoint": { "type": "integer", "description": "Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE." }, "maxConnectionsPerInstance": { "type": "integer", "description": "Defines a target maximum number of simultaneous connections. For usage guidelines, see Connection balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is RATE." }, "maxRate": { "type": "integer", "description": "Defines a maximum number of HTTP requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION." }, "maxRatePerEndpoint": { "type": "number", "description": "Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION." }, "maxRatePerInstance": { "type": "number", "description": "Defines a maximum target for requests per second (RPS). For usage guidelines, see Rate balancing mode and Utilization balancing mode. Not available if the backend's balancingMode is CONNECTION." }, "maxUtilization": { "type": "number", "description": "Optional parameter to define a target capacity for the UTILIZATION balancing mode. The valid range is [0.0, 1.0]. For usage guidelines, see Utilization balancing mode." } }, "type": "object", "required": [ "balancingMode", "capacityScaler", "description", "failover", "group", "maxConnections", "maxConnectionsPerEndpoint", "maxConnectionsPerInstance", "maxRate", "maxRatePerEndpoint", "maxRatePerInstance", "maxUtilization" ] }, "google-native:compute/v1:BackendServiceCdnPolicy": { "description": "Message containing Cloud CDN configuration for a backend service.", "properties": { "bypassCacheOnRequestHeaders": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:BackendServiceCdnPolicyBypassCacheOnRequestHeader" }, "description": "Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings." }, "cacheKeyPolicy": { "$ref": "#/types/google-native:compute%2Fv1:CacheKeyPolicy", "description": "The CacheKeyPolicy for this CdnPolicy." }, "cacheMode": { "$ref": "#/types/google-native:compute%2Fv1:BackendServiceCdnPolicyCacheMode", "description": "Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any \"private\", \"no-store\" or \"no-cache\" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached." }, "clientTtl": { "type": "integer", "description": "Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a \"public\" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a \"public\" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year)." }, "defaultTtl": { "type": "integer", "description": "Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of \"0\" means \"always revalidate\". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." }, "maxTtl": { "type": "integer", "description": "Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of \"0\" means \"always revalidate\". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." }, "negativeCaching": { "type": "boolean", "description": "Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy." }, "negativeCachingPolicy": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:BackendServiceCdnPolicyNegativeCachingPolicy" }, "description": "Sets a cache TTL for the specified HTTP status code. negative_caching must be enabled to configure negative_caching_policy. Omitting the policy and leaving negative_caching enabled will use Cloud CDN's default cache TTLs. Note that when specifying an explicit negative_caching_policy, you should take care to specify a cache TTL for all response codes that you wish to cache. Cloud CDN will not apply any default negative caching when a policy exists." }, "requestCoalescing": { "type": "boolean", "description": "If true then Cloud CDN will combine multiple concurrent cache fill requests into a small number of requests to the origin." }, "serveWhileStale": { "type": "integer", "description": "Serve existing content from the cache (if available) when revalidating content with the origin, or when an error is encountered when refreshing the cache. This setting defines the default \"max-stale\" duration for any cached responses that do not specify a max-stale directive. Stale responses that exceed the TTL configured here will not be served. The default limit (max-stale) is 86400s (1 day), which will allow stale content to be served up to this limit beyond the max-age (or s-max-age) of a cached response. The maximum allowed value is 604800 (1 week). Set this to zero (0) to disable serve-while-stale." }, "signedUrlCacheMaxAgeSec": { "type": "string", "description": "Maximum number of seconds the response to a signed URL request will be considered fresh. After this time period, the response will be revalidated before being served. Defaults to 1hr (3600s). When serving responses to signed URL requests, Cloud CDN will internally behave as though all responses from this backend had a \"Cache-Control: public, max-age=[TTL]\" header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered." } }, "type": "object" }, "google-native:compute/v1:BackendServiceCdnPolicyBypassCacheOnRequestHeader": { "description": "Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.", "properties": { "headerName": { "type": "string", "description": "The header field name to match on when bypassing cache. Values are case-insensitive." } }, "type": "object" }, "google-native:compute/v1:BackendServiceCdnPolicyBypassCacheOnRequestHeaderResponse": { "description": "Bypass the cache when the specified request headers are present, e.g. Pragma or Authorization headers. Values are case insensitive. The presence of such a header overrides the cache_mode setting.", "properties": { "headerName": { "type": "string", "description": "The header field name to match on when bypassing cache. Values are case-insensitive." } }, "type": "object", "required": [ "headerName" ] }, "google-native:compute/v1:BackendServiceCdnPolicyCacheMode": { "description": "Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any \"private\", \"no-store\" or \"no-cache\" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.", "type": "string", "enum": [ { "name": "CacheAllStatic", "description": "Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached.", "value": "CACHE_ALL_STATIC" }, { "name": "ForceCacheAll", "description": "Cache all content, ignoring any \"private\", \"no-store\" or \"no-cache\" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content.", "value": "FORCE_CACHE_ALL" }, { "name": "InvalidCacheMode", "value": "INVALID_CACHE_MODE" }, { "name": "UseOriginHeaders", "description": "Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server.", "value": "USE_ORIGIN_HEADERS" } ] }, "google-native:compute/v1:BackendServiceCdnPolicyNegativeCachingPolicy": { "description": "Specify CDN TTLs for response error codes.", "properties": { "code": { "type": "integer", "description": "The HTTP status code to define a TTL against. Only HTTP status codes 300, 301, 302, 307, 308, 404, 405, 410, 421, 451 and 501 are can be specified as values, and you cannot specify a status code more than once." }, "ttl": { "type": "integer", "description": "The TTL (in seconds) for which to cache responses with the corresponding status code. The maximum allowed value is 1800s (30 minutes), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." } }, "type": "object" }, "google-native:compute/v1:BackendServiceCdnPolicyNegativeCachingPolicyResponse": { "description": "Specify CDN TTLs for response error codes.", "properties": { "code": { "type": "integer", "description": "The HTTP status code to define a TTL against. Only HTTP status codes 300, 301, 302, 307, 308, 404, 405, 410, 421, 451 and 501 are can be specified as values, and you cannot specify a status code more than once." }, "ttl": { "type": "integer", "description": "The TTL (in seconds) for which to cache responses with the corresponding status code. The maximum allowed value is 1800s (30 minutes), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." } }, "type": "object", "required": [ "code", "ttl" ] }, "google-native:compute/v1:BackendServiceCdnPolicyResponse": { "description": "Message containing Cloud CDN configuration for a backend service.", "properties": { "bypassCacheOnRequestHeaders": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:BackendServiceCdnPolicyBypassCacheOnRequestHeaderResponse" }, "description": "Bypass the cache when the specified request headers are matched - e.g. Pragma or Authorization headers. Up to 5 headers can be specified. The cache is bypassed for all cdnPolicy.cacheMode settings." }, "cacheKeyPolicy": { "$ref": "#/types/google-native:compute%2Fv1:CacheKeyPolicyResponse", "description": "The CacheKeyPolicy for this CdnPolicy." }, "cacheMode": { "type": "string", "description": "Specifies the cache setting for all responses from this backend. The possible values are: USE_ORIGIN_HEADERS Requires the origin to set valid caching headers to cache content. Responses without these headers will not be cached at Google's edge, and will require a full trip to the origin on every request, potentially impacting performance and increasing load on the origin server. FORCE_CACHE_ALL Cache all content, ignoring any \"private\", \"no-store\" or \"no-cache\" directives in Cache-Control response headers. Warning: this may result in Cloud CDN caching private, per-user (user identifiable) content. CACHE_ALL_STATIC Automatically cache static content, including common image formats, media (video and audio), and web assets (JavaScript and CSS). Requests and responses that are marked as uncacheable, as well as dynamic content (including HTML), will not be cached." }, "clientTtl": { "type": "integer", "description": "Specifies a separate client (e.g. browser client) maximum TTL. This is used to clamp the max-age (or Expires) value sent to the client. With FORCE_CACHE_ALL, the lesser of client_ttl and default_ttl is used for the response max-age directive, along with a \"public\" directive. For cacheable content in CACHE_ALL_STATIC mode, client_ttl clamps the max-age from the origin (if specified), or else sets the response max-age directive to the lesser of the client_ttl and default_ttl, and also ensures a \"public\" cache-control directive is present. If a client TTL is not specified, a default value (1 hour) will be used. The maximum allowed value is 31,622,400s (1 year)." }, "defaultTtl": { "type": "integer", "description": "Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Setting a TTL of \"0\" means \"always revalidate\". The value of defaultTTL cannot be set to a value greater than that of maxTTL, but can be equal. When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." }, "maxTtl": { "type": "integer", "description": "Specifies the maximum allowed TTL for cached content served by this origin. Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTTL seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive. Headers sent to the client will not be modified. Setting a TTL of \"0\" means \"always revalidate\". The maximum allowed value is 31,622,400s (1 year), noting that infrequently accessed objects may be evicted from the cache before the defined TTL." }, "negativeCaching": { "type": "boolean", "description": "Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. When the cache mode is set to CACHE_ALL_STATIC or USE_ORIGIN_HEADERS, negative caching applies to responses with the specified response code that lack any Cache-Control, Expires, or Pragma: no-cache directives. When the cache mode is set to FORCE_CACHE_ALL, negative caching applies to all responses with the specified response code, and override any caching headers. By default, Cloud CDN will apply the following default TTLs to these status codes: HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s HTTP 405 (Method Not Found), 421 (Misdirected Request), 501 (Not Implemented): 60s. These defaults can be overridden in negative_caching_policy." }, "negativeCachingPolicy": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:BackendServiceCdnPolicyNegativeCachingPolicyResponse" }, "description": "Sets a cache TTL for the specified HTTP status code. negative_caching must be enabled to configure negative_caching_policy. Omitting the policy and leaving negative_caching enabled will use Cloud CDN's default cache TTLs. Note that when specifying an explicit negative_caching_policy, you should take care to specify a cache TTL for all response codes that you wish to cache. Cloud CDN will not apply any default negative caching when a policy exists." }, "requestCoalescing": { "type": "boolean", "description": "If true then Cloud CDN will combine multiple concurrent cache fill requests into a small number of requests to the origin." }, "serveWhileStale": { "type": "integer", "description": "Serve existing content from the cache (if available) when revalidating content with the origin, or when an error is encountered when refreshing the cache. This setting defines the default \"max-stale\" duration for any cached responses that do not specify a max-stale directive. Stale responses that exceed the TTL configured here will not be served. The default limit (max-stale) is 86400s (1 day), which will allow stale content to be served up to this limit beyond the max-age (or s-max-age) of a cached response. The maximum allowed value is 604800 (1 week). Set this to zero (0) to disable serve-while-stale." }, "signedUrlCacheMaxAgeSec": { "type": "string", "description": "Maximum number of seconds the response to a signed URL request will be considered fresh. After this time period, the response will be revalidated before being served. Defaults to 1hr (3600s). When serving responses to signed URL requests, Cloud CDN will internally behave as though all responses from this backend had a \"Cache-Control: public, max-age=[TTL]\" header, regardless of any existing Cache-Control header. The actual headers served in responses will not be altered." }, "signedUrlKeyNames": { "type": "array", "items": { "type": "string" }, "description": "Names of the keys for signing request URLs." } }, "type": "object", "required": [ "bypassCacheOnRequestHeaders", "cacheKeyPolicy", "cacheMode", "clientTtl", "defaultTtl", "maxTtl", "negativeCaching", "negativeCachingPolicy", "requestCoalescing", "serveWhileStale", "signedUrlCacheMaxAgeSec", "signedUrlKeyNames" ] }, "google-native:compute/v1:BackendServiceCompressionMode": { "description": "Compress text responses using Brotli or gzip compression, based on the client's Accept-Encoding header.", "type": "string", "enum": [ { "name": "Automatic", "description": "Automatically uses the best compression based on the Accept-Encoding header sent by the client.", "value": "AUTOMATIC" }, { "name": "Disabled", "description": "Disables compression. Existing compressed responses cached by Cloud CDN will not be served to clients.", "value": "DISABLED" } ] }, "google-native:compute/v1:BackendServiceConnectionTrackingPolicy": { "description": "Connection Tracking configuration for this BackendService.", "properties": { "connectionPersistenceOnUnhealthyBackends": { "$ref": "#/types/google-native:compute%2Fv1:BackendServiceConnectionTrackingPolicyConnectionPersistenceOnUnhealthyBackends", "description": "Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default. For more details, see [Connection Persistence for Network Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-backend-service#connection-persistence) and [Connection Persistence for Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal#connection-persistence)." }, "enableStrongAffinity": { "type": "boolean", "description": "Enable Strong Session Affinity for Network Load Balancing. This option is not available publicly." }, "idleTimeoutSec": { "type": "integer", "description": "Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds). For Internal TCP/UDP Load Balancing: - The minimum (default) is 10 minutes and the maximum is 16 hours. - It can be set only if Connection Tracking is less than 5-tuple (i.e. Session Affinity is CLIENT_IP_NO_DESTINATION, CLIENT_IP or CLIENT_IP_PROTO, and Tracking Mode is PER_SESSION). For Network Load Balancer the default is 60 seconds. This option is not available publicly." }, "trackingMode": { "$ref": "#/types/google-native:compute%2Fv1:BackendServiceConnectionTrackingPolicyTrackingMode", "description": "Specifies the key used for connection tracking. There are two options: - PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. - PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity. For more details, see [Tracking Mode for Network Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-backend-service#tracking-mode) and [Tracking Mode for Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal#tracking-mode)." } }, "type": "object" }, "google-native:compute/v1:BackendServiceConnectionTrackingPolicyConnectionPersistenceOnUnhealthyBackends": { "description": "Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default. For more details, see [Connection Persistence for Network Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-backend-service#connection-persistence) and [Connection Persistence for Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal#connection-persistence).", "type": "string", "enum": [ { "name": "AlwaysPersist", "value": "ALWAYS_PERSIST" }, { "name": "DefaultForProtocol", "value": "DEFAULT_FOR_PROTOCOL" }, { "name": "NeverPersist", "value": "NEVER_PERSIST" } ] }, "google-native:compute/v1:BackendServiceConnectionTrackingPolicyResponse": { "description": "Connection Tracking configuration for this BackendService.", "properties": { "connectionPersistenceOnUnhealthyBackends": { "type": "string", "description": "Specifies connection persistence when backends are unhealthy. The default value is DEFAULT_FOR_PROTOCOL. If set to DEFAULT_FOR_PROTOCOL, the existing connections persist on unhealthy backends only for connection-oriented protocols (TCP and SCTP) and only if the Tracking Mode is PER_CONNECTION (default tracking mode) or the Session Affinity is configured for 5-tuple. They do not persist for UDP. If set to NEVER_PERSIST, after a backend becomes unhealthy, the existing connections on the unhealthy backend are never persisted on the unhealthy backend. They are always diverted to newly selected healthy backends (unless all backends are unhealthy). If set to ALWAYS_PERSIST, existing connections always persist on unhealthy backends regardless of protocol and session affinity. It is generally not recommended to use this mode overriding the default. For more details, see [Connection Persistence for Network Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-backend-service#connection-persistence) and [Connection Persistence for Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal#connection-persistence)." }, "enableStrongAffinity": { "type": "boolean", "description": "Enable Strong Session Affinity for Network Load Balancing. This option is not available publicly." }, "idleTimeoutSec": { "type": "integer", "description": "Specifies how long to keep a Connection Tracking entry while there is no matching traffic (in seconds). For Internal TCP/UDP Load Balancing: - The minimum (default) is 10 minutes and the maximum is 16 hours. - It can be set only if Connection Tracking is less than 5-tuple (i.e. Session Affinity is CLIENT_IP_NO_DESTINATION, CLIENT_IP or CLIENT_IP_PROTO, and Tracking Mode is PER_SESSION). For Network Load Balancer the default is 60 seconds. This option is not available publicly." }, "trackingMode": { "type": "string", "description": "Specifies the key used for connection tracking. There are two options: - PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. - PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity. For more details, see [Tracking Mode for Network Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-backend-service#tracking-mode) and [Tracking Mode for Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal#tracking-mode)." } }, "type": "object", "required": [ "connectionPersistenceOnUnhealthyBackends", "enableStrongAffinity", "idleTimeoutSec", "trackingMode" ] }, "google-native:compute/v1:BackendServiceConnectionTrackingPolicyTrackingMode": { "description": "Specifies the key used for connection tracking. There are two options: - PER_CONNECTION: This is the default mode. The Connection Tracking is performed as per the Connection Key (default Hash Method) for the specific protocol. - PER_SESSION: The Connection Tracking is performed as per the configured Session Affinity. It matches the configured Session Affinity. For more details, see [Tracking Mode for Network Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-backend-service#tracking-mode) and [Tracking Mode for Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal#tracking-mode).", "type": "string", "enum": [ { "name": "InvalidTrackingMode", "value": "INVALID_TRACKING_MODE" }, { "name": "PerConnection", "value": "PER_CONNECTION" }, { "name": "PerSession", "value": "PER_SESSION" } ] }, "google-native:compute/v1:BackendServiceFailoverPolicy": { "description": "For load balancers that have configurable failover: [Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal/failover-overview) and [external TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-failover-overview). On failover or failback, this field indicates whether connection draining will be honored. Google Cloud has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes).", "properties": { "disableConnectionDrainOnFailover": { "type": "boolean", "description": "This can be set to true only if the protocol is TCP. The default is false." }, "dropTrafficIfUnhealthy": { "type": "boolean", "description": "If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. For load balancers that have configurable failover: [Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal/failover-overview) and [external TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-failover-overview). The default is false." }, "failoverRatio": { "type": "number", "description": "The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio. For load balancers that have configurable failover: [Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal/failover-overview) and [external TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-failover-overview)." } }, "type": "object" }, "google-native:compute/v1:BackendServiceFailoverPolicyResponse": { "description": "For load balancers that have configurable failover: [Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal/failover-overview) and [external TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-failover-overview). On failover or failback, this field indicates whether connection draining will be honored. Google Cloud has a fixed connection draining timeout of 10 minutes. A setting of true terminates existing TCP connections to the active pool during failover and failback, immediately draining traffic. A setting of false allows existing TCP connections to persist, even on VMs no longer in the active pool, for up to the duration of the connection draining timeout (10 minutes).", "properties": { "disableConnectionDrainOnFailover": { "type": "boolean", "description": "This can be set to true only if the protocol is TCP. The default is false." }, "dropTrafficIfUnhealthy": { "type": "boolean", "description": "If set to true, connections to the load balancer are dropped when all primary and all backup backend VMs are unhealthy.If set to false, connections are distributed among all primary VMs when all primary and all backup backend VMs are unhealthy. For load balancers that have configurable failover: [Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal/failover-overview) and [external TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-failover-overview). The default is false." }, "failoverRatio": { "type": "number", "description": "The value of the field must be in the range [0, 1]. If the value is 0, the load balancer performs a failover when the number of healthy primary VMs equals zero. For all other values, the load balancer performs a failover when the total number of healthy primary VMs is less than this ratio. For load balancers that have configurable failover: [Internal TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/internal/failover-overview) and [external TCP/UDP Load Balancing](https://cloud.google.com/load-balancing/docs/network/networklb-failover-overview)." } }, "type": "object", "required": [ "disableConnectionDrainOnFailover", "dropTrafficIfUnhealthy", "failoverRatio" ] }, "google-native:compute/v1:BackendServiceIAP": { "description": "Identity-Aware Proxy", "properties": { "enabled": { "type": "boolean", "description": "Whether the serving infrastructure will authenticate and authorize all incoming requests." }, "oauth2ClientId": { "type": "string", "description": "OAuth2 client ID to use for the authentication flow." }, "oauth2ClientSecret": { "type": "string", "description": "OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly" } }, "type": "object" }, "google-native:compute/v1:BackendServiceIAPResponse": { "description": "Identity-Aware Proxy", "properties": { "enabled": { "type": "boolean", "description": "Whether the serving infrastructure will authenticate and authorize all incoming requests." }, "oauth2ClientId": { "type": "string", "description": "OAuth2 client ID to use for the authentication flow." }, "oauth2ClientSecret": { "type": "string", "description": "OAuth2 client secret to use for the authentication flow. For security reasons, this value cannot be retrieved via the API. Instead, the SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field. @InputOnly" }, "oauth2ClientSecretSha256": { "type": "string", "description": "SHA256 hash value for the field oauth2_client_secret above." } }, "type": "object", "required": [ "enabled", "oauth2ClientId", "oauth2ClientSecret", "oauth2ClientSecretSha256" ] }, "google-native:compute/v1:BackendServiceLoadBalancingScheme": { "description": "Specifies the load balancer type. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.", "type": "string", "enum": [ { "name": "External", "description": "Signifies that this will be used for external HTTP(S), SSL Proxy, TCP Proxy, or Network Load Balancing", "value": "EXTERNAL" }, { "name": "ExternalManaged", "description": "Signifies that this will be used for External Managed HTTP(S) Load Balancing.", "value": "EXTERNAL_MANAGED" }, { "name": "Internal", "description": "Signifies that this will be used for Internal TCP/UDP Load Balancing.", "value": "INTERNAL" }, { "name": "InternalManaged", "description": "Signifies that this will be used for Internal HTTP(S) Load Balancing.", "value": "INTERNAL_MANAGED" }, { "name": "InternalSelfManaged", "description": "Signifies that this will be used by Traffic Director.", "value": "INTERNAL_SELF_MANAGED" }, { "name": "InvalidLoadBalancingScheme", "value": "INVALID_LOAD_BALANCING_SCHEME" } ] }, "google-native:compute/v1:BackendServiceLocalityLbPolicy": { "description": "The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED, INTERNAL_MANAGED, or EXTERNAL_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only ROUND_ROBIN and RING_HASH are supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.", "type": "string", "enum": [ { "name": "InvalidLbPolicy", "value": "INVALID_LB_POLICY" }, { "name": "LeastRequest", "description": "An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.", "value": "LEAST_REQUEST" }, { "name": "Maglev", "description": "This algorithm implements consistent hashing to backends. Maglev can be used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824", "value": "MAGLEV" }, { "name": "OriginalDestination", "description": "Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.", "value": "ORIGINAL_DESTINATION" }, { "name": "Random", "description": "The load balancer selects a random healthy host.", "value": "RANDOM" }, { "name": "RingHash", "description": "The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.", "value": "RING_HASH" }, { "name": "RoundRobin", "description": "This is a simple policy in which each healthy backend is selected in round robin order. This is the default.", "value": "ROUND_ROBIN" }, { "name": "WeightedMaglev", "description": "Per-instance weighted Load Balancing via health check reported weights. If set, the Backend Service must configure a non legacy HTTP-based Health Check, and health check replies are expected to contain non-standard HTTP response header field X-Load-Balancing-Endpoint-Weight to specify the per-instance weights. If set, Load Balancing is weighted based on the per-instance weights reported in the last processed health check replies, as long as every instance either reported a valid weight or had UNAVAILABLE_WEIGHT. Otherwise, Load Balancing remains equal-weight. This option is only supported in Network Load Balancing.", "value": "WEIGHTED_MAGLEV" } ] }, "google-native:compute/v1:BackendServiceLocalityLoadBalancingPolicyConfig": { "description": "Container for either a built-in LB policy supported by gRPC or Envoy or a custom one implemented by the end user.", "properties": { "customPolicy": { "$ref": "#/types/google-native:compute%2Fv1:BackendServiceLocalityLoadBalancingPolicyConfigCustomPolicy" }, "policy": { "$ref": "#/types/google-native:compute%2Fv1:BackendServiceLocalityLoadBalancingPolicyConfigPolicy" } }, "type": "object" }, "google-native:compute/v1:BackendServiceLocalityLoadBalancingPolicyConfigCustomPolicy": { "description": "The configuration for a custom policy implemented by the user and deployed with the client.", "properties": { "data": { "type": "string", "description": "An optional, arbitrary JSON object with configuration data, understood by a locally installed custom policy implementation." }, "name": { "type": "string", "description": "Identifies the custom policy. The value should match the name of a custom implementation registered on the gRPC clients. It should follow protocol buffer message naming conventions and include the full path (for example, myorg.CustomLbPolicy). The maximum length is 256 characters. Do not specify the same custom policy more than once for a backend. If you do, the configuration is rejected. For an example of how to use this field, see Use a custom policy." } }, "type": "object" }, "google-native:compute/v1:BackendServiceLocalityLoadBalancingPolicyConfigCustomPolicyResponse": { "description": "The configuration for a custom policy implemented by the user and deployed with the client.", "properties": { "data": { "type": "string", "description": "An optional, arbitrary JSON object with configuration data, understood by a locally installed custom policy implementation." }, "name": { "type": "string", "description": "Identifies the custom policy. The value should match the name of a custom implementation registered on the gRPC clients. It should follow protocol buffer message naming conventions and include the full path (for example, myorg.CustomLbPolicy). The maximum length is 256 characters. Do not specify the same custom policy more than once for a backend. If you do, the configuration is rejected. For an example of how to use this field, see Use a custom policy." } }, "type": "object", "required": [ "data", "name" ] }, "google-native:compute/v1:BackendServiceLocalityLoadBalancingPolicyConfigPolicy": { "description": "The configuration for a built-in load balancing policy.", "properties": { "name": { "$ref": "#/types/google-native:compute%2Fv1:BackendServiceLocalityLoadBalancingPolicyConfigPolicyName", "description": "The name of a locality load-balancing policy. Valid values include ROUND_ROBIN and, for Java clients, LEAST_REQUEST. For information about these values, see the description of localityLbPolicy. Do not specify the same policy more than once for a backend. If you do, the configuration is rejected." } }, "type": "object" }, "google-native:compute/v1:BackendServiceLocalityLoadBalancingPolicyConfigPolicyName": { "description": "The name of a locality load-balancing policy. Valid values include ROUND_ROBIN and, for Java clients, LEAST_REQUEST. For information about these values, see the description of localityLbPolicy. Do not specify the same policy more than once for a backend. If you do, the configuration is rejected.", "type": "string", "enum": [ { "name": "InvalidLbPolicy", "value": "INVALID_LB_POLICY" }, { "name": "LeastRequest", "description": "An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.", "value": "LEAST_REQUEST" }, { "name": "Maglev", "description": "This algorithm implements consistent hashing to backends. Maglev can be used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824", "value": "MAGLEV" }, { "name": "OriginalDestination", "description": "Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.", "value": "ORIGINAL_DESTINATION" }, { "name": "Random", "description": "The load balancer selects a random healthy host.", "value": "RANDOM" }, { "name": "RingHash", "description": "The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.", "value": "RING_HASH" }, { "name": "RoundRobin", "description": "This is a simple policy in which each healthy backend is selected in round robin order. This is the default.", "value": "ROUND_ROBIN" }, { "name": "WeightedMaglev", "description": "Per-instance weighted Load Balancing via health check reported weights. If set, the Backend Service must configure a non legacy HTTP-based Health Check, and health check replies are expected to contain non-standard HTTP response header field X-Load-Balancing-Endpoint-Weight to specify the per-instance weights. If set, Load Balancing is weighted based on the per-instance weights reported in the last processed health check replies, as long as every instance either reported a valid weight or had UNAVAILABLE_WEIGHT. Otherwise, Load Balancing remains equal-weight. This option is only supported in Network Load Balancing.", "value": "WEIGHTED_MAGLEV" } ] }, "google-native:compute/v1:BackendServiceLocalityLoadBalancingPolicyConfigPolicyResponse": { "description": "The configuration for a built-in load balancing policy.", "properties": { "name": { "type": "string", "description": "The name of a locality load-balancing policy. Valid values include ROUND_ROBIN and, for Java clients, LEAST_REQUEST. For information about these values, see the description of localityLbPolicy. Do not specify the same policy more than once for a backend. If you do, the configuration is rejected." } }, "type": "object", "required": [ "name" ] }, "google-native:compute/v1:BackendServiceLocalityLoadBalancingPolicyConfigResponse": { "description": "Container for either a built-in LB policy supported by gRPC or Envoy or a custom one implemented by the end user.", "properties": { "customPolicy": { "$ref": "#/types/google-native:compute%2Fv1:BackendServiceLocalityLoadBalancingPolicyConfigCustomPolicyResponse" }, "policy": { "$ref": "#/types/google-native:compute%2Fv1:BackendServiceLocalityLoadBalancingPolicyConfigPolicyResponse" } }, "type": "object", "required": [ "customPolicy", "policy" ] }, "google-native:compute/v1:BackendServiceLogConfig": { "description": "The available logging options for the load balancer traffic served by this backend service.", "properties": { "enable": { "type": "boolean", "description": "Denotes whether to enable logging for the load balancer traffic served by this backend service. The default value is false." }, "optionalFields": { "type": "array", "items": { "type": "string" }, "description": "This field can only be specified if logging is enabled for this backend service and \"logConfig.optionalMode\" was set to CUSTOM. Contains a list of optional fields you want to include in the logs. For example: serverInstance, serverGkeDetails.cluster, serverGkeDetails.pod.podNamespace" }, "optionalMode": { "$ref": "#/types/google-native:compute%2Fv1:BackendServiceLogConfigOptionalMode", "description": "This field can only be specified if logging is enabled for this backend service. Configures whether all, none or a subset of optional fields should be added to the reported logs. One of [INCLUDE_ALL_OPTIONAL, EXCLUDE_ALL_OPTIONAL, CUSTOM]. Default is EXCLUDE_ALL_OPTIONAL." }, "sampleRate": { "type": "number", "description": "This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0." } }, "type": "object" }, "google-native:compute/v1:BackendServiceLogConfigOptionalMode": { "description": "This field can only be specified if logging is enabled for this backend service. Configures whether all, none or a subset of optional fields should be added to the reported logs. One of [INCLUDE_ALL_OPTIONAL, EXCLUDE_ALL_OPTIONAL, CUSTOM]. Default is EXCLUDE_ALL_OPTIONAL.", "type": "string", "enum": [ { "name": "Custom", "description": "A subset of optional fields.", "value": "CUSTOM" }, { "name": "ExcludeAllOptional", "description": "None optional fields.", "value": "EXCLUDE_ALL_OPTIONAL" }, { "name": "IncludeAllOptional", "description": "All optional fields.", "value": "INCLUDE_ALL_OPTIONAL" } ] }, "google-native:compute/v1:BackendServiceLogConfigResponse": { "description": "The available logging options for the load balancer traffic served by this backend service.", "properties": { "enable": { "type": "boolean", "description": "Denotes whether to enable logging for the load balancer traffic served by this backend service. The default value is false." }, "optionalFields": { "type": "array", "items": { "type": "string" }, "description": "This field can only be specified if logging is enabled for this backend service and \"logConfig.optionalMode\" was set to CUSTOM. Contains a list of optional fields you want to include in the logs. For example: serverInstance, serverGkeDetails.cluster, serverGkeDetails.pod.podNamespace" }, "optionalMode": { "type": "string", "description": "This field can only be specified if logging is enabled for this backend service. Configures whether all, none or a subset of optional fields should be added to the reported logs. One of [INCLUDE_ALL_OPTIONAL, EXCLUDE_ALL_OPTIONAL, CUSTOM]. Default is EXCLUDE_ALL_OPTIONAL." }, "sampleRate": { "type": "number", "description": "This field can only be specified if logging is enabled for this backend service. The value of the field must be in [0, 1]. This configures the sampling rate of requests to the load balancer where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0." } }, "type": "object", "required": [ "enable", "optionalFields", "optionalMode", "sampleRate" ] }, "google-native:compute/v1:BackendServiceProtocol": { "description": "The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancers or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.", "type": "string", "enum": [ { "name": "Grpc", "description": "gRPC (available for Traffic Director).", "value": "GRPC" }, { "name": "Http", "value": "HTTP" }, { "name": "Http2", "description": "HTTP/2 with SSL.", "value": "HTTP2" }, { "name": "Https", "value": "HTTPS" }, { "name": "Ssl", "description": "TCP proxying with SSL.", "value": "SSL" }, { "name": "Tcp", "description": "TCP proxying or TCP pass-through.", "value": "TCP" }, { "name": "Udp", "description": "UDP.", "value": "UDP" }, { "name": "Unspecified", "description": "If a Backend Service has UNSPECIFIED as its protocol, it can be used with any L3/L4 Forwarding Rules.", "value": "UNSPECIFIED" } ] }, "google-native:compute/v1:BackendServiceSessionAffinity": { "description": "Type of session affinity to use. The default is NONE. Only NONE and HEADER_FIELD are supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. For more details, see: [Session Affinity](https://cloud.google.com/load-balancing/docs/backend-service#session_affinity).", "type": "string", "enum": [ { "name": "ClientIp", "description": "2-tuple hash on packet's source and destination IP addresses. Connections from the same source IP address to the same destination IP address will be served by the same backend VM while that VM remains healthy.", "value": "CLIENT_IP" }, { "name": "ClientIpNoDestination", "description": "1-tuple hash only on packet's source IP address. Connections from the same source IP address will be served by the same backend VM while that VM remains healthy. This option can only be used for Internal TCP/UDP Load Balancing.", "value": "CLIENT_IP_NO_DESTINATION" }, { "name": "ClientIpPortProto", "description": "5-tuple hash on packet's source and destination IP addresses, IP protocol, and source and destination ports. Connections for the same IP protocol from the same source IP address and port to the same destination IP address and port will be served by the same backend VM while that VM remains healthy. This option cannot be used for HTTP(S) load balancing.", "value": "CLIENT_IP_PORT_PROTO" }, { "name": "ClientIpProto", "description": "3-tuple hash on packet's source and destination IP addresses, and IP protocol. Connections for the same IP protocol from the same source IP address to the same destination IP address will be served by the same backend VM while that VM remains healthy. This option cannot be used for HTTP(S) load balancing.", "value": "CLIENT_IP_PROTO" }, { "name": "GeneratedCookie", "description": "Hash based on a cookie generated by the L7 loadbalancer. Only valid for HTTP(S) load balancing.", "value": "GENERATED_COOKIE" }, { "name": "HeaderField", "description": "The hash is based on a user specified header field.", "value": "HEADER_FIELD" }, { "name": "HttpCookie", "description": "The hash is based on a user provided cookie.", "value": "HTTP_COOKIE" }, { "name": "None", "description": "No session affinity. Connections from the same client IP may go to any instance in the pool.", "value": "NONE" } ] }, "google-native:compute/v1:BackendServiceUsedBy": { "properties": { "reference": { "type": "string" } }, "type": "object" }, "google-native:compute/v1:BackendServiceUsedByResponse": { "properties": { "reference": { "type": "string" } }, "type": "object", "required": [ "reference" ] }, "google-native:compute/v1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "bindingId": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "condition": { "$ref": "#/types/google-native:compute%2Fv1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:compute/v1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "bindingId": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "condition": { "$ref": "#/types/google-native:compute%2Fv1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "bindingId", "condition", "members", "role" ] }, "google-native:compute/v1:CacheKeyPolicy": { "description": "Message containing what to include in the cache key for a request for Cloud CDN.", "properties": { "includeHost": { "type": "boolean", "description": "If true, requests to different hosts will be cached separately." }, "includeHttpHeaders": { "type": "array", "items": { "type": "string" }, "description": "Allows HTTP request headers (by name) to be used in the cache key." }, "includeNamedCookies": { "type": "array", "items": { "type": "string" }, "description": "Allows HTTP cookies (by name) to be used in the cache key. The name=value pair will be used in the cache key Cloud CDN generates." }, "includeProtocol": { "type": "boolean", "description": "If true, http and https requests will be cached separately." }, "includeQueryString": { "type": "boolean", "description": "If true, include query string parameters in the cache key according to query_string_whitelist and query_string_blacklist. If neither is set, the entire query string will be included. If false, the query string will be excluded from the cache key entirely." }, "queryStringBlacklist": { "type": "array", "items": { "type": "string" }, "description": "Names of query string parameters to exclude in cache keys. All other parameters will be included. Either specify query_string_whitelist or query_string_blacklist, not both. '&' and '=' will be percent encoded and not treated as delimiters." }, "queryStringWhitelist": { "type": "array", "items": { "type": "string" }, "description": "Names of query string parameters to include in cache keys. All other parameters will be excluded. Either specify query_string_whitelist or query_string_blacklist, not both. '&' and '=' will be percent encoded and not treated as delimiters." } }, "type": "object" }, "google-native:compute/v1:CacheKeyPolicyResponse": { "description": "Message containing what to include in the cache key for a request for Cloud CDN.", "properties": { "includeHost": { "type": "boolean", "description": "If true, requests to different hosts will be cached separately." }, "includeHttpHeaders": { "type": "array", "items": { "type": "string" }, "description": "Allows HTTP request headers (by name) to be used in the cache key." }, "includeNamedCookies": { "type": "array", "items": { "type": "string" }, "description": "Allows HTTP cookies (by name) to be used in the cache key. The name=value pair will be used in the cache key Cloud CDN generates." }, "includeProtocol": { "type": "boolean", "description": "If true, http and https requests will be cached separately." }, "includeQueryString": { "type": "boolean", "description": "If true, include query string parameters in the cache key according to query_string_whitelist and query_string_blacklist. If neither is set, the entire query string will be included. If false, the query string will be excluded from the cache key entirely." }, "queryStringBlacklist": { "type": "array", "items": { "type": "string" }, "description": "Names of query string parameters to exclude in cache keys. All other parameters will be included. Either specify query_string_whitelist or query_string_blacklist, not both. '&' and '=' will be percent encoded and not treated as delimiters." }, "queryStringWhitelist": { "type": "array", "items": { "type": "string" }, "description": "Names of query string parameters to include in cache keys. All other parameters will be excluded. Either specify query_string_whitelist or query_string_blacklist, not both. '&' and '=' will be percent encoded and not treated as delimiters." } }, "type": "object", "required": [ "includeHost", "includeHttpHeaders", "includeNamedCookies", "includeProtocol", "includeQueryString", "queryStringBlacklist", "queryStringWhitelist" ] }, "google-native:compute/v1:CircuitBreakers": { "description": "Settings controlling the volume of requests, connections and retries to this backend service.", "properties": { "maxConnections": { "type": "integer", "description": "The maximum number of connections to the backend service. If not specified, there is no limit. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true." }, "maxPendingRequests": { "type": "integer", "description": "The maximum number of pending requests allowed to the backend service. If not specified, there is no limit. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true." }, "maxRequests": { "type": "integer", "description": "The maximum number of parallel requests that allowed to the backend service. If not specified, there is no limit." }, "maxRequestsPerConnection": { "type": "integer", "description": "Maximum requests for a single connection to the backend service. This parameter is respected by both the HTTP/1.1 and HTTP/2 implementations. If not specified, there is no limit. Setting this parameter to 1 will effectively disable keep alive. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true." }, "maxRetries": { "type": "integer", "description": "The maximum number of parallel retries allowed to the backend cluster. If not specified, the default is 1. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true." } }, "type": "object" }, "google-native:compute/v1:CircuitBreakersResponse": { "description": "Settings controlling the volume of requests, connections and retries to this backend service.", "properties": { "maxConnections": { "type": "integer", "description": "The maximum number of connections to the backend service. If not specified, there is no limit. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true." }, "maxPendingRequests": { "type": "integer", "description": "The maximum number of pending requests allowed to the backend service. If not specified, there is no limit. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true." }, "maxRequests": { "type": "integer", "description": "The maximum number of parallel requests that allowed to the backend service. If not specified, there is no limit." }, "maxRequestsPerConnection": { "type": "integer", "description": "Maximum requests for a single connection to the backend service. This parameter is respected by both the HTTP/1.1 and HTTP/2 implementations. If not specified, there is no limit. Setting this parameter to 1 will effectively disable keep alive. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true." }, "maxRetries": { "type": "integer", "description": "The maximum number of parallel retries allowed to the backend cluster. If not specified, the default is 1. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true." } }, "type": "object", "required": [ "maxConnections", "maxPendingRequests", "maxRequests", "maxRequestsPerConnection", "maxRetries" ] }, "google-native:compute/v1:Condition": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "iam": { "$ref": "#/types/google-native:compute%2Fv1:ConditionIam", "description": "This is deprecated and has no effect. Do not use." }, "op": { "$ref": "#/types/google-native:compute%2Fv1:ConditionOp", "description": "This is deprecated and has no effect. Do not use." }, "svc": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "sys": { "$ref": "#/types/google-native:compute%2Fv1:ConditionSys", "description": "This is deprecated and has no effect. Do not use." }, "values": { "type": "array", "items": { "type": "string" }, "description": "This is deprecated and has no effect. Do not use." } }, "type": "object" }, "google-native:compute/v1:ConditionIam": { "description": "This is deprecated and has no effect. Do not use.", "type": "string", "enum": [ { "name": "Approver", "description": "This is deprecated and has no effect. Do not use.", "value": "APPROVER" }, { "name": "Attribution", "description": "This is deprecated and has no effect. Do not use.", "value": "ATTRIBUTION" }, { "name": "Authority", "description": "This is deprecated and has no effect. Do not use.", "value": "AUTHORITY" }, { "name": "CredentialsType", "description": "This is deprecated and has no effect. Do not use.", "value": "CREDENTIALS_TYPE" }, { "name": "CredsAssertion", "description": "This is deprecated and has no effect. Do not use.", "value": "CREDS_ASSERTION" }, { "name": "JustificationType", "description": "This is deprecated and has no effect. Do not use.", "value": "JUSTIFICATION_TYPE" }, { "name": "NoAttr", "description": "This is deprecated and has no effect. Do not use.", "value": "NO_ATTR" }, { "name": "SecurityRealm", "description": "This is deprecated and has no effect. Do not use.", "value": "SECURITY_REALM" } ] }, "google-native:compute/v1:ConditionOp": { "description": "This is deprecated and has no effect. Do not use.", "type": "string", "enum": [ { "name": "Discharged", "description": "This is deprecated and has no effect. Do not use.", "value": "DISCHARGED" }, { "name": "Equals", "description": "This is deprecated and has no effect. Do not use.", "value": "EQUALS" }, { "name": "In", "description": "This is deprecated and has no effect. Do not use.", "value": "IN" }, { "name": "NotEquals", "description": "This is deprecated and has no effect. Do not use.", "value": "NOT_EQUALS" }, { "name": "NotIn", "description": "This is deprecated and has no effect. Do not use.", "value": "NOT_IN" }, { "name": "NoOp", "description": "This is deprecated and has no effect. Do not use.", "value": "NO_OP" } ] }, "google-native:compute/v1:ConditionResponse": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "iam": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "op": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "svc": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "sys": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "values": { "type": "array", "items": { "type": "string" }, "description": "This is deprecated and has no effect. Do not use." } }, "type": "object", "required": [ "iam", "op", "svc", "sys", "values" ] }, "google-native:compute/v1:ConditionSys": { "description": "This is deprecated and has no effect. Do not use.", "type": "string", "enum": [ { "name": "Ip", "description": "This is deprecated and has no effect. Do not use.", "value": "IP" }, { "name": "Name", "description": "This is deprecated and has no effect. Do not use.", "value": "NAME" }, { "name": "NoAttr", "description": "This is deprecated and has no effect. Do not use.", "value": "NO_ATTR" }, { "name": "Region", "description": "This is deprecated and has no effect. Do not use.", "value": "REGION" }, { "name": "Service", "description": "This is deprecated and has no effect. Do not use.", "value": "SERVICE" } ] }, "google-native:compute/v1:ConfidentialInstanceConfig": { "description": "A set of Confidential Instance options.", "properties": { "enableConfidentialCompute": { "type": "boolean", "description": "Defines whether the instance should have confidential compute enabled." } }, "type": "object" }, "google-native:compute/v1:ConfidentialInstanceConfigResponse": { "description": "A set of Confidential Instance options.", "properties": { "enableConfidentialCompute": { "type": "boolean", "description": "Defines whether the instance should have confidential compute enabled." } }, "type": "object", "required": [ "enableConfidentialCompute" ] }, "google-native:compute/v1:ConnectionDraining": { "description": "Message containing connection draining configuration.", "properties": { "drainingTimeoutSec": { "type": "integer", "description": "Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining." } }, "type": "object" }, "google-native:compute/v1:ConnectionDrainingResponse": { "description": "Message containing connection draining configuration.", "properties": { "drainingTimeoutSec": { "type": "integer", "description": "Configures a duration timeout for existing requests on a removed backend instance. For supported load balancers and protocols, as described in Enabling connection draining." } }, "type": "object", "required": [ "drainingTimeoutSec" ] }, "google-native:compute/v1:ConsistentHashLoadBalancerSettings": { "description": "This message defines settings for a consistent hash style load balancer.", "properties": { "httpCookie": { "$ref": "#/types/google-native:compute%2Fv1:ConsistentHashLoadBalancerSettingsHttpCookie", "description": "Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true." }, "httpHeaderName": { "type": "string", "description": "The hash based on the value of the specified header field. This field is applicable if the sessionAffinity is set to HEADER_FIELD." }, "minimumRingSize": { "type": "string", "description": "The minimum number of virtual nodes to use for the hash ring. Defaults to 1024. Larger ring sizes result in more granular load distributions. If the number of hosts in the load balancing pool is larger than the ring size, each host will be assigned a single virtual node." } }, "type": "object" }, "google-native:compute/v1:ConsistentHashLoadBalancerSettingsHttpCookie": { "description": "The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash.", "properties": { "name": { "type": "string", "description": "Name of the cookie." }, "path": { "type": "string", "description": "Path to set for the cookie." }, "ttl": { "$ref": "#/types/google-native:compute%2Fv1:Duration", "description": "Lifetime of the cookie." } }, "type": "object" }, "google-native:compute/v1:ConsistentHashLoadBalancerSettingsHttpCookieResponse": { "description": "The information about the HTTP Cookie on which the hash function is based for load balancing policies that use a consistent hash.", "properties": { "name": { "type": "string", "description": "Name of the cookie." }, "path": { "type": "string", "description": "Path to set for the cookie." }, "ttl": { "$ref": "#/types/google-native:compute%2Fv1:DurationResponse", "description": "Lifetime of the cookie." } }, "type": "object", "required": [ "name", "path", "ttl" ] }, "google-native:compute/v1:ConsistentHashLoadBalancerSettingsResponse": { "description": "This message defines settings for a consistent hash style load balancer.", "properties": { "httpCookie": { "$ref": "#/types/google-native:compute%2Fv1:ConsistentHashLoadBalancerSettingsHttpCookieResponse", "description": "Hash is based on HTTP Cookie. This field describes a HTTP cookie that will be used as the hash key for the consistent hash load balancer. If the cookie is not present, it will be generated. This field is applicable if the sessionAffinity is set to HTTP_COOKIE. Not supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true." }, "httpHeaderName": { "type": "string", "description": "The hash based on the value of the specified header field. This field is applicable if the sessionAffinity is set to HEADER_FIELD." }, "minimumRingSize": { "type": "string", "description": "The minimum number of virtual nodes to use for the hash ring. Defaults to 1024. Larger ring sizes result in more granular load distributions. If the number of hosts in the load balancing pool is larger than the ring size, each host will be assigned a single virtual node." } }, "type": "object", "required": [ "httpCookie", "httpHeaderName", "minimumRingSize" ] }, "google-native:compute/v1:CorsPolicy": { "description": "The specification for allowing client-side cross-origin requests. For more information about the W3C recommendation for cross-origin resource sharing (CORS), see Fetch API Living Standard.", "properties": { "allowCredentials": { "type": "boolean", "description": "In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This field translates to the Access-Control-Allow-Credentials header. Default is false." }, "allowHeaders": { "type": "array", "items": { "type": "string" }, "description": "Specifies the content for the Access-Control-Allow-Headers header." }, "allowMethods": { "type": "array", "items": { "type": "string" }, "description": "Specifies the content for the Access-Control-Allow-Methods header." }, "allowOriginRegexes": { "type": "array", "items": { "type": "string" }, "description": "Specifies a regular expression that matches allowed origins. For more information about the regular expression syntax, see Syntax. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. Regular expressions can only be used when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED." }, "allowOrigins": { "type": "array", "items": { "type": "string" }, "description": "Specifies the list of origins that is allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes." }, "disabled": { "type": "boolean", "description": "If true, the setting specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect." }, "exposeHeaders": { "type": "array", "items": { "type": "string" }, "description": "Specifies the content for the Access-Control-Expose-Headers header." }, "maxAge": { "type": "integer", "description": "Specifies how long results of a preflight request can be cached in seconds. This field translates to the Access-Control-Max-Age header." } }, "type": "object" }, "google-native:compute/v1:CorsPolicyResponse": { "description": "The specification for allowing client-side cross-origin requests. For more information about the W3C recommendation for cross-origin resource sharing (CORS), see Fetch API Living Standard.", "properties": { "allowCredentials": { "type": "boolean", "description": "In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This field translates to the Access-Control-Allow-Credentials header. Default is false." }, "allowHeaders": { "type": "array", "items": { "type": "string" }, "description": "Specifies the content for the Access-Control-Allow-Headers header." }, "allowMethods": { "type": "array", "items": { "type": "string" }, "description": "Specifies the content for the Access-Control-Allow-Methods header." }, "allowOriginRegexes": { "type": "array", "items": { "type": "string" }, "description": "Specifies a regular expression that matches allowed origins. For more information about the regular expression syntax, see Syntax. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. Regular expressions can only be used when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED." }, "allowOrigins": { "type": "array", "items": { "type": "string" }, "description": "Specifies the list of origins that is allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes." }, "disabled": { "type": "boolean", "description": "If true, the setting specifies the CORS policy is disabled. The default value of false, which indicates that the CORS policy is in effect." }, "exposeHeaders": { "type": "array", "items": { "type": "string" }, "description": "Specifies the content for the Access-Control-Expose-Headers header." }, "maxAge": { "type": "integer", "description": "Specifies how long results of a preflight request can be cached in seconds. This field translates to the Access-Control-Max-Age header." } }, "type": "object", "required": [ "allowCredentials", "allowHeaders", "allowMethods", "allowOriginRegexes", "allowOrigins", "disabled", "exposeHeaders", "maxAge" ] }, "google-native:compute/v1:CustomerEncryptionKey": { "properties": { "kmsKeyName": { "type": "string", "description": "The name of the encryption key that is stored in Google Cloud KMS. For example: \"kmsKeyName\": \"projects/kms_project_id/locations/region/keyRings/ key_region/cryptoKeys/key The fully-qualifed key name may be returned for resource GET requests. For example: \"kmsKeyName\": \"projects/kms_project_id/locations/region/keyRings/ key_region/cryptoKeys/key /cryptoKeyVersions/1 " }, "kmsKeyServiceAccount": { "type": "string", "description": "The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used. For example: \"kmsKeyServiceAccount\": \"name@project_id.iam.gserviceaccount.com/ " }, "rawKey": { "type": "string", "description": "Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: \"rawKey\": \"SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0=\" " }, "rsaEncryptedKey": { "type": "string", "description": "Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: \"rsaEncryptedKey\": \"ieCx/NcW06PcT7Ep1X6LUTc/hLvUDYyzSZPPVCVPTVEohpeHASqC8uw5TzyO9U+Fka9JFH z0mBibXUInrC/jEk014kCK/NPjYgEMOyssZ4ZINPKxlUh2zn1bV+MCaTICrdmuSBTWlUUiFoD D6PYznLwh8ZNdaheCeZ8ewEXgFQ8V+sDroLaN3Xs3MDTXQEMMoNUXMCZEIpg9Vtp9x2oe==\" The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem " } }, "type": "object" }, "google-native:compute/v1:CustomerEncryptionKeyResponse": { "properties": { "kmsKeyName": { "type": "string", "description": "The name of the encryption key that is stored in Google Cloud KMS. For example: \"kmsKeyName\": \"projects/kms_project_id/locations/region/keyRings/ key_region/cryptoKeys/key The fully-qualifed key name may be returned for resource GET requests. For example: \"kmsKeyName\": \"projects/kms_project_id/locations/region/keyRings/ key_region/cryptoKeys/key /cryptoKeyVersions/1 " }, "kmsKeyServiceAccount": { "type": "string", "description": "The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used. For example: \"kmsKeyServiceAccount\": \"name@project_id.iam.gserviceaccount.com/ " }, "rawKey": { "type": "string", "description": "Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: \"rawKey\": \"SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0=\" " }, "rsaEncryptedKey": { "type": "string", "description": "Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: \"rsaEncryptedKey\": \"ieCx/NcW06PcT7Ep1X6LUTc/hLvUDYyzSZPPVCVPTVEohpeHASqC8uw5TzyO9U+Fka9JFH z0mBibXUInrC/jEk014kCK/NPjYgEMOyssZ4ZINPKxlUh2zn1bV+MCaTICrdmuSBTWlUUiFoD D6PYznLwh8ZNdaheCeZ8ewEXgFQ8V+sDroLaN3Xs3MDTXQEMMoNUXMCZEIpg9Vtp9x2oe==\" The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem " }, "sha256": { "type": "string", "description": "[Output only] The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource." } }, "type": "object", "required": [ "kmsKeyName", "kmsKeyServiceAccount", "rawKey", "rsaEncryptedKey", "sha256" ] }, "google-native:compute/v1:DeprecationStatus": { "description": "Deprecation status for a public resource.", "properties": { "deleted": { "type": "string", "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DELETED. This is only informational and the status will not change unless the client explicitly changes it." }, "deprecated": { "type": "string", "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DEPRECATED. This is only informational and the status will not change unless the client explicitly changes it." }, "obsolete": { "type": "string", "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to OBSOLETE. This is only informational and the status will not change unless the client explicitly changes it." }, "replacement": { "type": "string", "description": "The URL of the suggested replacement for a deprecated resource. The suggested replacement resource must be the same kind of resource as the deprecated resource." }, "state": { "$ref": "#/types/google-native:compute%2Fv1:DeprecationStatusState", "description": "The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error." } }, "type": "object" }, "google-native:compute/v1:DeprecationStatusResponse": { "description": "Deprecation status for a public resource.", "properties": { "deleted": { "type": "string", "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DELETED. This is only informational and the status will not change unless the client explicitly changes it." }, "deprecated": { "type": "string", "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to DEPRECATED. This is only informational and the status will not change unless the client explicitly changes it." }, "obsolete": { "type": "string", "description": "An optional RFC3339 timestamp on or after which the state of this resource is intended to change to OBSOLETE. This is only informational and the status will not change unless the client explicitly changes it." }, "replacement": { "type": "string", "description": "The URL of the suggested replacement for a deprecated resource. The suggested replacement resource must be the same kind of resource as the deprecated resource." }, "state": { "type": "string", "description": "The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error." } }, "type": "object", "required": [ "deleted", "deprecated", "obsolete", "replacement", "state" ] }, "google-native:compute/v1:DeprecationStatusState": { "description": "The deprecation state of this resource. This can be ACTIVE, DEPRECATED, OBSOLETE, or DELETED. Operations which communicate the end of life date for an image, can use ACTIVE. Operations which create a new resource using a DEPRECATED resource will return successfully, but with a warning indicating the deprecated resource and recommending its replacement. Operations which use OBSOLETE or DELETED resources will be rejected and result in an error.", "type": "string", "enum": [ { "name": "Active", "value": "ACTIVE" }, { "name": "Deleted", "value": "DELETED" }, { "name": "Deprecated", "value": "DEPRECATED" }, { "name": "Obsolete", "value": "OBSOLETE" } ] }, "google-native:compute/v1:DiskArchitecture": { "description": "The architecture of the disk. Valid values are ARM64 or X86_64.", "type": "string", "enum": [ { "name": "ArchitectureUnspecified", "description": "Default value indicating Architecture is not set.", "value": "ARCHITECTURE_UNSPECIFIED" }, { "name": "Arm64", "description": "Machines with architecture ARM64", "value": "ARM64" }, { "name": "X8664", "description": "Machines with architecture X86_64", "value": "X86_64" } ] }, "google-native:compute/v1:DiskAsyncReplication": { "properties": { "disk": { "type": "string", "description": "The other disk asynchronously replicated to or from the current disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk " } }, "type": "object" }, "google-native:compute/v1:DiskAsyncReplicationResponse": { "properties": { "consistencyGroupPolicy": { "type": "string", "description": "URL of the DiskConsistencyGroupPolicy if replication was started on the disk as a member of a group." }, "consistencyGroupPolicyId": { "type": "string", "description": "ID of the DiskConsistencyGroupPolicy if replication was started on the disk as a member of a group." }, "disk": { "type": "string", "description": "The other disk asynchronously replicated to or from the current disk. You can provide this as a partial or full URL to the resource. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk " }, "diskId": { "type": "string", "description": "The unique ID of the other disk asynchronously replicated to or from the current disk. This value identifies the exact disk that was used to create this replication. For example, if you started replicating the persistent disk from a disk that was later deleted and recreated under the same name, the disk ID would identify the exact version of the disk that was used." } }, "type": "object", "required": [ "consistencyGroupPolicy", "consistencyGroupPolicyId", "disk", "diskId" ] }, "google-native:compute/v1:DiskInstantiationConfig": { "description": "A specification of the desired way to instantiate a disk in the instance template when its created from a source instance.", "properties": { "autoDelete": { "type": "boolean", "description": "Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance)." }, "customImage": { "type": "string", "description": "The custom source image to be used to restore this disk when instantiating this instance template." }, "deviceName": { "type": "string", "description": "Specifies the device name of the disk to which the configurations apply to." }, "instantiateFrom": { "$ref": "#/types/google-native:compute%2Fv1:DiskInstantiationConfigInstantiateFrom", "description": "Specifies whether to include the disk and what image to use. Possible values are: - source-image: to use the same image that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - source-image-family: to use the same image family that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - custom-image: to use a user-provided image url for disk creation. Applicable to the boot disk and additional read-write disks. - attach-read-only: to attach a read-only disk. Applicable to read-only disks. - do-not-include: to exclude a disk from the template. Applicable to additional read-write disks, local SSDs, and read-only disks. " } }, "type": "object" }, "google-native:compute/v1:DiskInstantiationConfigInstantiateFrom": { "description": "Specifies whether to include the disk and what image to use. Possible values are: - source-image: to use the same image that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - source-image-family: to use the same image family that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - custom-image: to use a user-provided image url for disk creation. Applicable to the boot disk and additional read-write disks. - attach-read-only: to attach a read-only disk. Applicable to read-only disks. - do-not-include: to exclude a disk from the template. Applicable to additional read-write disks, local SSDs, and read-only disks. ", "type": "string", "enum": [ { "name": "AttachReadOnly", "description": "Attach the existing disk in read-only mode. The request will fail if the disk was attached in read-write mode on the source instance. Applicable to: read-only disks.", "value": "ATTACH_READ_ONLY" }, { "name": "Blank", "description": "Create a blank disk. The disk will be created unformatted. Applicable to: additional read-write disks, local SSDs.", "value": "BLANK" }, { "name": "CustomImage", "description": "Use the custom image specified in the custom_image field. Applicable to: boot disk, additional read-write disks.", "value": "CUSTOM_IMAGE" }, { "name": "Default", "description": "Use the default instantiation option for the corresponding type of disk. For boot disk and any other R/W disks, new custom images will be created from each disk. For read-only disks, they will be attached in read-only mode. Local SSD disks will be created as blank volumes.", "value": "DEFAULT" }, { "name": "DoNotInclude", "description": "Do not include the disk in the instance template. Applicable to: additional read-write disks, local SSDs, read-only disks.", "value": "DO_NOT_INCLUDE" }, { "name": "SourceImage", "description": "Use the same source image used for creation of the source instance's corresponding disk. The request will fail if the source VM's disk was created from a snapshot. Applicable to: boot disk, additional read-write disks.", "value": "SOURCE_IMAGE" }, { "name": "SourceImageFamily", "description": "Use the same source image family used for creation of the source instance's corresponding disk. The request will fail if the source image of the source disk does not belong to any image family. Applicable to: boot disk, additional read-write disks.", "value": "SOURCE_IMAGE_FAMILY" } ] }, "google-native:compute/v1:DiskInstantiationConfigResponse": { "description": "A specification of the desired way to instantiate a disk in the instance template when its created from a source instance.", "properties": { "autoDelete": { "type": "boolean", "description": "Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance)." }, "customImage": { "type": "string", "description": "The custom source image to be used to restore this disk when instantiating this instance template." }, "deviceName": { "type": "string", "description": "Specifies the device name of the disk to which the configurations apply to." }, "instantiateFrom": { "type": "string", "description": "Specifies whether to include the disk and what image to use. Possible values are: - source-image: to use the same image that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - source-image-family: to use the same image family that was used to create the source instance's corresponding disk. Applicable to the boot disk and additional read-write disks. - custom-image: to use a user-provided image url for disk creation. Applicable to the boot disk and additional read-write disks. - attach-read-only: to attach a read-only disk. Applicable to read-only disks. - do-not-include: to exclude a disk from the template. Applicable to additional read-write disks, local SSDs, and read-only disks. " } }, "type": "object", "required": [ "autoDelete", "customImage", "deviceName", "instantiateFrom" ] }, "google-native:compute/v1:DiskParams": { "description": "Additional disk params.", "properties": { "resourceManagerTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource manager tags to be bound to the disk. Tag keys and values have the same definition as resource manager tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values are in the format `tagValues/456`. The field is ignored (both PUT & PATCH) when empty." } }, "type": "object" }, "google-native:compute/v1:DiskParamsResponse": { "description": "Additional disk params.", "properties": { "resourceManagerTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource manager tags to be bound to the disk. Tag keys and values have the same definition as resource manager tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values are in the format `tagValues/456`. The field is ignored (both PUT & PATCH) when empty." } }, "type": "object", "required": [ "resourceManagerTags" ] }, "google-native:compute/v1:DiskResourceStatusAsyncReplicationStatusResponse": { "properties": { "state": { "type": "string" } }, "type": "object", "required": [ "state" ] }, "google-native:compute/v1:DiskResourceStatusResponse": { "properties": { "asyncPrimaryDisk": { "$ref": "#/types/google-native:compute%2Fv1:DiskResourceStatusAsyncReplicationStatusResponse" }, "asyncSecondaryDisks": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Key: disk, value: AsyncReplicationStatus message" } }, "type": "object", "required": [ "asyncPrimaryDisk", "asyncSecondaryDisks" ] }, "google-native:compute/v1:DisplayDevice": { "description": "A set of Display Device options", "properties": { "enableDisplay": { "type": "boolean", "description": "Defines whether the instance has Display enabled." } }, "type": "object" }, "google-native:compute/v1:DisplayDeviceResponse": { "description": "A set of Display Device options", "properties": { "enableDisplay": { "type": "boolean", "description": "Defines whether the instance has Display enabled." } }, "type": "object", "required": [ "enableDisplay" ] }, "google-native:compute/v1:DistributionPolicy": { "properties": { "targetShape": { "$ref": "#/types/google-native:compute%2Fv1:DistributionPolicyTargetShape", "description": "The distribution shape to which the group converges either proactively or on resize events (depending on the value set in updatePolicy.instanceRedistributionType)." }, "zones": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:DistributionPolicyZoneConfiguration" }, "description": "Zones where the regional managed instance group will create and manage its instances." } }, "type": "object" }, "google-native:compute/v1:DistributionPolicyResponse": { "properties": { "targetShape": { "type": "string", "description": "The distribution shape to which the group converges either proactively or on resize events (depending on the value set in updatePolicy.instanceRedistributionType)." }, "zones": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:DistributionPolicyZoneConfigurationResponse" }, "description": "Zones where the regional managed instance group will create and manage its instances." } }, "type": "object", "required": [ "targetShape", "zones" ] }, "google-native:compute/v1:DistributionPolicyTargetShape": { "description": "The distribution shape to which the group converges either proactively or on resize events (depending on the value set in updatePolicy.instanceRedistributionType).", "type": "string", "enum": [ { "name": "Any", "description": "The group picks zones for creating VM instances to fulfill the requested number of VMs within present resource constraints and to maximize utilization of unused zonal reservations. Recommended for batch workloads that do not require high availability.", "value": "ANY" }, { "name": "AnySingleZone", "description": "The group creates all VM instances within a single zone. The zone is selected based on the present resource constraints and to maximize utilization of unused zonal reservations. Recommended for batch workloads with heavy interprocess communication.", "value": "ANY_SINGLE_ZONE" }, { "name": "Balanced", "description": "The group prioritizes acquisition of resources, scheduling VMs in zones where resources are available while distributing VMs as evenly as possible across selected zones to minimize the impact of zonal failure. Recommended for highly available serving workloads.", "value": "BALANCED" }, { "name": "Even", "description": "The group schedules VM instance creation and deletion to achieve and maintain an even number of managed instances across the selected zones. The distribution is even when the number of managed instances does not differ by more than 1 between any two zones. Recommended for highly available serving workloads.", "value": "EVEN" } ] }, "google-native:compute/v1:DistributionPolicyZoneConfiguration": { "properties": { "zone": { "type": "string", "description": "The URL of the zone. The zone must exist in the region where the managed instance group is located." } }, "type": "object" }, "google-native:compute/v1:DistributionPolicyZoneConfigurationResponse": { "properties": { "zone": { "type": "string", "description": "The URL of the zone. The zone must exist in the region where the managed instance group is located." } }, "type": "object", "required": [ "zone" ] }, "google-native:compute/v1:Duration": { "description": "A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like \"day\" or \"month\". Range is approximately 10,000 years.", "properties": { "nanos": { "type": "integer", "description": "Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive." }, "seconds": { "type": "string", "description": "Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years" } }, "type": "object" }, "google-native:compute/v1:DurationResponse": { "description": "A Duration represents a fixed-length span of time represented as a count of seconds and fractions of seconds at nanosecond resolution. It is independent of any calendar and concepts like \"day\" or \"month\". Range is approximately 10,000 years.", "properties": { "nanos": { "type": "integer", "description": "Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive." }, "seconds": { "type": "string", "description": "Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years" } }, "type": "object", "required": [ "nanos", "seconds" ] }, "google-native:compute/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:compute/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:compute/v1:ExternalVpnGatewayInterface": { "description": "The interface for the external VPN gateway.", "properties": { "id": { "type": "integer", "description": "The numeric ID of this interface. The allowed input values for this id for different redundancy types of external VPN gateway: - SINGLE_IP_INTERNALLY_REDUNDANT - 0 - TWO_IPS_REDUNDANCY - 0, 1 - FOUR_IPS_REDUNDANCY - 0, 1, 2, 3 " }, "ipAddress": { "type": "string", "description": "IP address of the interface in the external VPN gateway. Only IPv4 is supported. This IP address can be either from your on-premise gateway or another Cloud provider's VPN gateway, it cannot be an IP address from Google Compute Engine." } }, "type": "object" }, "google-native:compute/v1:ExternalVpnGatewayInterfaceResponse": { "description": "The interface for the external VPN gateway.", "properties": { "ipAddress": { "type": "string", "description": "IP address of the interface in the external VPN gateway. Only IPv4 is supported. This IP address can be either from your on-premise gateway or another Cloud provider's VPN gateway, it cannot be an IP address from Google Compute Engine." } }, "type": "object", "required": [ "ipAddress" ] }, "google-native:compute/v1:ExternalVpnGatewayRedundancyType": { "description": "Indicates the user-supplied redundancy type of this external VPN gateway.", "type": "string", "enum": [ { "name": "FourIpsRedundancy", "description": "The external VPN gateway has four public IP addresses; at the time of writing this API, the AWS virtual private gateway is an example which has four public IP addresses for high availability connections; there should be two VPN connections in the AWS virtual private gateway , each AWS VPN connection has two public IP addresses; please make sure to put two public IP addresses from one AWS VPN connection into interfaces 0 and 1 of this external VPN gateway, and put the other two public IP addresses from another AWS VPN connection into interfaces 2 and 3 of this external VPN gateway. When displaying highly available configuration status for the VPN tunnels connected to FOUR_IPS_REDUNDANCY external VPN gateway, Google will always detect whether interfaces 0 and 1 are connected on one interface of HA Cloud VPN gateway, and detect whether interfaces 2 and 3 are connected to another interface of the HA Cloud VPN gateway.", "value": "FOUR_IPS_REDUNDANCY" }, { "name": "SingleIpInternallyRedundant", "description": "The external VPN gateway has only one public IP address which internally provide redundancy or failover.", "value": "SINGLE_IP_INTERNALLY_REDUNDANT" }, { "name": "TwoIpsRedundancy", "description": "The external VPN gateway has two public IP addresses which are redundant with each other, the following two types of setup on your on-premises side would have this type of redundancy: (1) Two separate on-premises gateways, each with one public IP address, the two on-premises gateways are redundant with each other. (2) A single on-premise gateway with two public IP addresses that are redundant with eatch other.", "value": "TWO_IPS_REDUNDANCY" } ] }, "google-native:compute/v1:FileContentBuffer": { "properties": { "content": { "type": "string", "description": "The raw content in the secure keys file." }, "fileType": { "$ref": "#/types/google-native:compute%2Fv1:FileContentBufferFileType", "description": "The file type of source file." } }, "type": "object" }, "google-native:compute/v1:FileContentBufferFileType": { "description": "The file type of source file.", "type": "string", "enum": [ { "name": "Bin", "value": "BIN" }, { "name": "Undefined", "value": "UNDEFINED" }, { "name": "X509", "value": "X509" } ] }, "google-native:compute/v1:FileContentBufferResponse": { "properties": { "content": { "type": "string", "description": "The raw content in the secure keys file." }, "fileType": { "type": "string", "description": "The file type of source file." } }, "type": "object", "required": [ "content", "fileType" ] }, "google-native:compute/v1:FirewallAllowedItem": { "properties": { "ipProtocol": { "type": "string", "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number." }, "ports": { "type": "array", "items": { "type": "string" }, "description": "An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"]." } }, "type": "object" }, "google-native:compute/v1:FirewallAllowedItemResponse": { "properties": { "ipProtocol": { "type": "string", "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number." }, "ports": { "type": "array", "items": { "type": "string" }, "description": "An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"]." } }, "type": "object", "required": [ "ipProtocol", "ports" ] }, "google-native:compute/v1:FirewallDeniedItem": { "properties": { "ipProtocol": { "type": "string", "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number." }, "ports": { "type": "array", "items": { "type": "string" }, "description": "An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"]." } }, "type": "object" }, "google-native:compute/v1:FirewallDeniedItemResponse": { "properties": { "ipProtocol": { "type": "string", "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp) or the IP protocol number." }, "ports": { "type": "array", "items": { "type": "string" }, "description": "An optional list of ports to which this rule applies. This field is only applicable for the UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"]." } }, "type": "object", "required": [ "ipProtocol", "ports" ] }, "google-native:compute/v1:FirewallDirection": { "description": "Direction of traffic to which this firewall applies, either `INGRESS` or `EGRESS`. The default is `INGRESS`. For `EGRESS` traffic, you cannot specify the sourceTags fields.", "type": "string", "enum": [ { "name": "Egress", "description": "Indicates that firewall should apply to outgoing traffic.", "value": "EGRESS" }, { "name": "Ingress", "description": "Indicates that firewall should apply to incoming traffic.", "value": "INGRESS" } ] }, "google-native:compute/v1:FirewallLogConfig": { "description": "The available logging options for a firewall rule.", "properties": { "enable": { "type": "boolean", "description": "This field denotes whether to enable logging for a particular firewall rule." }, "metadata": { "$ref": "#/types/google-native:compute%2Fv1:FirewallLogConfigMetadata", "description": "This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs." } }, "type": "object" }, "google-native:compute/v1:FirewallLogConfigMetadata": { "description": "This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs.", "type": "string", "enum": [ { "name": "ExcludeAllMetadata", "value": "EXCLUDE_ALL_METADATA" }, { "name": "IncludeAllMetadata", "value": "INCLUDE_ALL_METADATA" } ] }, "google-native:compute/v1:FirewallLogConfigResponse": { "description": "The available logging options for a firewall rule.", "properties": { "enable": { "type": "boolean", "description": "This field denotes whether to enable logging for a particular firewall rule." }, "metadata": { "type": "string", "description": "This field can only be specified for a particular firewall rule if logging is enabled for that rule. This field denotes whether to include or exclude metadata for firewall logs." } }, "type": "object", "required": [ "enable", "metadata" ] }, "google-native:compute/v1:FirewallPolicyAssociation": { "properties": { "attachmentTarget": { "type": "string", "description": "The target that the firewall policy is attached to." }, "name": { "type": "string", "description": "The name for an association." } }, "type": "object" }, "google-native:compute/v1:FirewallPolicyAssociationResponse": { "properties": { "attachmentTarget": { "type": "string", "description": "The target that the firewall policy is attached to." }, "displayName": { "type": "string", "description": "Deprecated, please use short name instead. The display name of the firewall policy of the association." }, "firewallPolicyId": { "type": "string", "description": "The firewall policy ID of the association." }, "name": { "type": "string", "description": "The name for an association." }, "shortName": { "type": "string", "description": "The short name of the firewall policy of the association." } }, "type": "object", "required": [ "attachmentTarget", "displayName", "firewallPolicyId", "name", "shortName" ] }, "google-native:compute/v1:FirewallPolicyRule": { "description": "Represents a rule that describes one or more match conditions along with the action to be taken when traffic matches this condition (allow or deny).", "properties": { "action": { "type": "string", "description": "The Action to perform when the client connection triggers the rule. Valid actions are \"allow\", \"deny\" and \"goto_next\"." }, "description": { "type": "string", "description": "An optional description for this resource." }, "direction": { "$ref": "#/types/google-native:compute%2Fv1:FirewallPolicyRuleDirection", "description": "The direction in which this rule applies." }, "disabled": { "type": "boolean", "description": "Denotes whether the firewall policy rule is disabled. When set to true, the firewall policy rule is not enforced and traffic behaves as if it did not exist. If this is unspecified, the firewall policy rule will be enabled." }, "enableLogging": { "type": "boolean", "description": "Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on \"goto_next\" rules." }, "match": { "$ref": "#/types/google-native:compute%2Fv1:FirewallPolicyRuleMatcher", "description": "A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced." }, "priority": { "type": "integer", "description": "An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest prority." }, "ruleName": { "type": "string", "description": "An optional name for the rule. This field is not a unique identifier and can be updated." }, "targetResources": { "type": "array", "items": { "type": "string" }, "description": "A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule." }, "targetSecureTags": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:FirewallPolicyRuleSecureTag" }, "description": "A list of secure tags that controls which instances the firewall rule applies to. If targetSecureTag are specified, then the firewall rule applies only to instances in the VPC network that have one of those EFFECTIVE secure tags, if all the target_secure_tag are in INEFFECTIVE state, then this rule will be ignored. targetSecureTag may not be set at the same time as targetServiceAccounts. If neither targetServiceAccounts nor targetSecureTag are specified, the firewall rule applies to all instances on the specified network. Maximum number of target label tags allowed is 256." }, "targetServiceAccounts": { "type": "array", "items": { "type": "string" }, "description": "A list of service accounts indicating the sets of instances that are applied with this rule." } }, "type": "object" }, "google-native:compute/v1:FirewallPolicyRuleDirection": { "description": "The direction in which this rule applies.", "type": "string", "enum": [ { "name": "Egress", "value": "EGRESS" }, { "name": "Ingress", "value": "INGRESS" } ] }, "google-native:compute/v1:FirewallPolicyRuleMatcher": { "description": "Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified.", "properties": { "destAddressGroups": { "type": "array", "items": { "type": "string" }, "description": "Address groups which should be matched against the traffic destination. Maximum number of destination address groups is 10." }, "destFqdns": { "type": "array", "items": { "type": "string" }, "description": "Fully Qualified Domain Name (FQDN) which should be matched against traffic destination. Maximum number of destination fqdn allowed is 100." }, "destIpRanges": { "type": "array", "items": { "type": "string" }, "description": "CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000." }, "destRegionCodes": { "type": "array", "items": { "type": "string" }, "description": "Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex.\"US\" Maximum number of dest region codes allowed is 5000." }, "destThreatIntelligences": { "type": "array", "items": { "type": "string" }, "description": "Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic destination." }, "layer4Configs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:FirewallPolicyRuleMatcherLayer4Config" }, "description": "Pairs of IP protocols and ports that the rule should match." }, "srcAddressGroups": { "type": "array", "items": { "type": "string" }, "description": "Address groups which should be matched against the traffic source. Maximum number of source address groups is 10." }, "srcFqdns": { "type": "array", "items": { "type": "string" }, "description": "Fully Qualified Domain Name (FQDN) which should be matched against traffic source. Maximum number of source fqdn allowed is 100." }, "srcIpRanges": { "type": "array", "items": { "type": "string" }, "description": "CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000." }, "srcRegionCodes": { "type": "array", "items": { "type": "string" }, "description": "Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex.\"US\" Maximum number of source region codes allowed is 5000." }, "srcSecureTags": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:FirewallPolicyRuleSecureTag" }, "description": "List of secure tag values, which should be matched at the source of the traffic. For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, and there is no srcIpRange, this rule will be ignored. Maximum number of source tag values allowed is 256." }, "srcThreatIntelligences": { "type": "array", "items": { "type": "string" }, "description": "Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic source." } }, "type": "object" }, "google-native:compute/v1:FirewallPolicyRuleMatcherLayer4Config": { "properties": { "ipProtocol": { "type": "string", "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number." }, "ports": { "type": "array", "items": { "type": "string" }, "description": "An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"]." } }, "type": "object" }, "google-native:compute/v1:FirewallPolicyRuleMatcherLayer4ConfigResponse": { "properties": { "ipProtocol": { "type": "string", "description": "The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number." }, "ports": { "type": "array", "items": { "type": "string" }, "description": "An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port. Example inputs include: [\"22\"], [\"80\",\"443\"], and [\"12345-12349\"]." } }, "type": "object", "required": [ "ipProtocol", "ports" ] }, "google-native:compute/v1:FirewallPolicyRuleMatcherResponse": { "description": "Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified.", "properties": { "destAddressGroups": { "type": "array", "items": { "type": "string" }, "description": "Address groups which should be matched against the traffic destination. Maximum number of destination address groups is 10." }, "destFqdns": { "type": "array", "items": { "type": "string" }, "description": "Fully Qualified Domain Name (FQDN) which should be matched against traffic destination. Maximum number of destination fqdn allowed is 100." }, "destIpRanges": { "type": "array", "items": { "type": "string" }, "description": "CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000." }, "destRegionCodes": { "type": "array", "items": { "type": "string" }, "description": "Region codes whose IP addresses will be used to match for destination of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex.\"US\" Maximum number of dest region codes allowed is 5000." }, "destThreatIntelligences": { "type": "array", "items": { "type": "string" }, "description": "Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic destination." }, "layer4Configs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:FirewallPolicyRuleMatcherLayer4ConfigResponse" }, "description": "Pairs of IP protocols and ports that the rule should match." }, "srcAddressGroups": { "type": "array", "items": { "type": "string" }, "description": "Address groups which should be matched against the traffic source. Maximum number of source address groups is 10." }, "srcFqdns": { "type": "array", "items": { "type": "string" }, "description": "Fully Qualified Domain Name (FQDN) which should be matched against traffic source. Maximum number of source fqdn allowed is 100." }, "srcIpRanges": { "type": "array", "items": { "type": "string" }, "description": "CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000." }, "srcRegionCodes": { "type": "array", "items": { "type": "string" }, "description": "Region codes whose IP addresses will be used to match for source of traffic. Should be specified as 2 letter country code defined as per ISO 3166 alpha-2 country codes. ex.\"US\" Maximum number of source region codes allowed is 5000." }, "srcSecureTags": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:FirewallPolicyRuleSecureTagResponse" }, "description": "List of secure tag values, which should be matched at the source of the traffic. For INGRESS rule, if all the srcSecureTag are INEFFECTIVE, and there is no srcIpRange, this rule will be ignored. Maximum number of source tag values allowed is 256." }, "srcThreatIntelligences": { "type": "array", "items": { "type": "string" }, "description": "Names of Network Threat Intelligence lists. The IPs in these lists will be matched against traffic source." } }, "type": "object", "required": [ "destAddressGroups", "destFqdns", "destIpRanges", "destRegionCodes", "destThreatIntelligences", "layer4Configs", "srcAddressGroups", "srcFqdns", "srcIpRanges", "srcRegionCodes", "srcSecureTags", "srcThreatIntelligences" ] }, "google-native:compute/v1:FirewallPolicyRuleResponse": { "description": "Represents a rule that describes one or more match conditions along with the action to be taken when traffic matches this condition (allow or deny).", "properties": { "action": { "type": "string", "description": "The Action to perform when the client connection triggers the rule. Valid actions are \"allow\", \"deny\" and \"goto_next\"." }, "description": { "type": "string", "description": "An optional description for this resource." }, "direction": { "type": "string", "description": "The direction in which this rule applies." }, "disabled": { "type": "boolean", "description": "Denotes whether the firewall policy rule is disabled. When set to true, the firewall policy rule is not enforced and traffic behaves as if it did not exist. If this is unspecified, the firewall policy rule will be enabled." }, "enableLogging": { "type": "boolean", "description": "Denotes whether to enable logging for a particular rule. If logging is enabled, logs will be exported to the configured export destination in Stackdriver. Logs may be exported to BigQuery or Pub/Sub. Note: you cannot enable logging on \"goto_next\" rules." }, "kind": { "type": "string", "description": "[Output only] Type of the resource. Always compute#firewallPolicyRule for firewall policy rules" }, "match": { "$ref": "#/types/google-native:compute%2Fv1:FirewallPolicyRuleMatcherResponse", "description": "A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced." }, "priority": { "type": "integer", "description": "An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest prority." }, "ruleName": { "type": "string", "description": "An optional name for the rule. This field is not a unique identifier and can be updated." }, "ruleTupleCount": { "type": "integer", "description": "Calculation of the complexity of a single firewall policy rule." }, "targetResources": { "type": "array", "items": { "type": "string" }, "description": "A list of network resource URLs to which this rule applies. This field allows you to control which network's VMs get this rule. If this field is left blank, all VMs within the organization will receive the rule." }, "targetSecureTags": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:FirewallPolicyRuleSecureTagResponse" }, "description": "A list of secure tags that controls which instances the firewall rule applies to. If targetSecureTag are specified, then the firewall rule applies only to instances in the VPC network that have one of those EFFECTIVE secure tags, if all the target_secure_tag are in INEFFECTIVE state, then this rule will be ignored. targetSecureTag may not be set at the same time as targetServiceAccounts. If neither targetServiceAccounts nor targetSecureTag are specified, the firewall rule applies to all instances on the specified network. Maximum number of target label tags allowed is 256." }, "targetServiceAccounts": { "type": "array", "items": { "type": "string" }, "description": "A list of service accounts indicating the sets of instances that are applied with this rule." } }, "type": "object", "required": [ "action", "description", "direction", "disabled", "enableLogging", "kind", "match", "priority", "ruleName", "ruleTupleCount", "targetResources", "targetSecureTags", "targetServiceAccounts" ] }, "google-native:compute/v1:FirewallPolicyRuleSecureTag": { "properties": { "name": { "type": "string", "description": "Name of the secure tag, created with TagManager's TagValue API." } }, "type": "object" }, "google-native:compute/v1:FirewallPolicyRuleSecureTagResponse": { "properties": { "name": { "type": "string", "description": "Name of the secure tag, created with TagManager's TagValue API." }, "state": { "type": "string", "description": "State of the secure tag, either `EFFECTIVE` or `INEFFECTIVE`. A secure tag is `INEFFECTIVE` when it is deleted or its network is deleted." } }, "type": "object", "required": [ "name", "state" ] }, "google-native:compute/v1:FixedOrPercent": { "description": "Encapsulates numeric value that can be either absolute or relative.", "properties": { "fixed": { "type": "integer", "description": "Specifies a fixed number of VM instances. This must be a positive integer." }, "percent": { "type": "integer", "description": "Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%." } }, "type": "object" }, "google-native:compute/v1:FixedOrPercentResponse": { "description": "Encapsulates numeric value that can be either absolute or relative.", "properties": { "calculated": { "type": "integer", "description": "Absolute value of VM instances calculated based on the specific mode. - If the value is fixed, then the calculated value is equal to the fixed value. - If the value is a percent, then the calculated value is percent/100 * targetSize. For example, the calculated value of a 80% of a managed instance group with 150 instances would be (80/100 * 150) = 120 VM instances. If there is a remainder, the number is rounded. " }, "fixed": { "type": "integer", "description": "Specifies a fixed number of VM instances. This must be a positive integer." }, "percent": { "type": "integer", "description": "Specifies a percentage of instances between 0 to 100%, inclusive. For example, specify 80 for 80%." } }, "type": "object", "required": [ "calculated", "fixed", "percent" ] }, "google-native:compute/v1:ForwardingRuleIpProtocol": { "description": "The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products as described in [Load balancing features](https://cloud.google.com/load-balancing/docs/features#protocols_from_the_load_balancer_to_the_backends).", "type": "string", "enum": [ { "name": "Ah", "value": "AH" }, { "name": "Esp", "value": "ESP" }, { "name": "Icmp", "value": "ICMP" }, { "name": "L3Default", "value": "L3_DEFAULT" }, { "name": "Sctp", "value": "SCTP" }, { "name": "Tcp", "value": "TCP" }, { "name": "Udp", "value": "UDP" } ] }, "google-native:compute/v1:ForwardingRuleIpVersion": { "description": "The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6.", "type": "string", "enum": [ { "name": "Ipv4", "value": "IPV4" }, { "name": "Ipv6", "value": "IPV6" }, { "name": "UnspecifiedVersion", "value": "UNSPECIFIED_VERSION" } ] }, "google-native:compute/v1:ForwardingRuleLoadBalancingScheme": { "description": "Specifies the forwarding rule type. For more information about forwarding rules, refer to Forwarding rule concepts.", "type": "string", "enum": [ { "name": "External", "value": "EXTERNAL" }, { "name": "ExternalManaged", "value": "EXTERNAL_MANAGED" }, { "name": "Internal", "value": "INTERNAL" }, { "name": "InternalManaged", "value": "INTERNAL_MANAGED" }, { "name": "InternalSelfManaged", "value": "INTERNAL_SELF_MANAGED" }, { "name": "Invalid", "value": "INVALID" } ] }, "google-native:compute/v1:ForwardingRuleNetworkTier": { "description": "This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.", "type": "string", "enum": [ { "name": "FixedStandard", "description": "Public internet quality with fixed bandwidth.", "value": "FIXED_STANDARD" }, { "name": "Premium", "description": "High quality, Google-grade network tier, support for all networking products.", "value": "PREMIUM" }, { "name": "Standard", "description": "Public internet quality, only limited support for other networking products.", "value": "STANDARD" }, { "name": "StandardOverridesFixedStandard", "description": "(Output only) Temporary tier for FIXED_STANDARD when fixed standard tier is expired or not configured.", "value": "STANDARD_OVERRIDES_FIXED_STANDARD" } ] }, "google-native:compute/v1:ForwardingRulePscConnectionStatus": { "type": "string", "enum": [ { "name": "Accepted", "description": "The connection has been accepted by the producer.", "value": "ACCEPTED" }, { "name": "Closed", "description": "The connection has been closed by the producer and will not serve traffic going forward.", "value": "CLOSED" }, { "name": "NeedsAttention", "description": "The connection has been accepted by the producer, but the producer needs to take further action before the forwarding rule can serve traffic.", "value": "NEEDS_ATTENTION" }, { "name": "Pending", "description": "The connection is pending acceptance by the producer.", "value": "PENDING" }, { "name": "Rejected", "description": "The connection has been rejected by the producer.", "value": "REJECTED" }, { "name": "StatusUnspecified", "value": "STATUS_UNSPECIFIED" } ] }, "google-native:compute/v1:ForwardingRuleServiceDirectoryRegistration": { "description": "Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.", "properties": { "namespace": { "type": "string", "description": "Service Directory namespace to register the forwarding rule under." }, "service": { "type": "string", "description": "Service Directory service to register the forwarding rule under." }, "serviceDirectoryRegion": { "type": "string", "description": "[Optional] Service Directory region to register this global forwarding rule under. Default to \"us-central1\". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region." } }, "type": "object" }, "google-native:compute/v1:ForwardingRuleServiceDirectoryRegistrationResponse": { "description": "Describes the auto-registration of the Forwarding Rule to Service Directory. The region and project of the Service Directory resource generated from this registration will be the same as this Forwarding Rule.", "properties": { "namespace": { "type": "string", "description": "Service Directory namespace to register the forwarding rule under." }, "service": { "type": "string", "description": "Service Directory service to register the forwarding rule under." }, "serviceDirectoryRegion": { "type": "string", "description": "[Optional] Service Directory region to register this global forwarding rule under. Default to \"us-central1\". Only used for PSC for Google APIs. All PSC for Google APIs Forwarding Rules on the same network should use the same Service Directory region." } }, "type": "object", "required": [ "namespace", "service", "serviceDirectoryRegion" ] }, "google-native:compute/v1:GRPCHealthCheck": { "properties": { "grpcServiceName": { "type": "string", "description": "The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII." }, "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "$ref": "#/types/google-native:compute%2Fv1:GRPCHealthCheckPortSpecification", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." } }, "type": "object" }, "google-native:compute/v1:GRPCHealthCheckPortSpecification": { "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports.", "type": "string", "enum": [ { "name": "UseFixedPort", "description": "The port number in the health check's port is used for health checking. Applies to network endpoint group and instance group backends.", "value": "USE_FIXED_PORT" }, { "name": "UseNamedPort", "description": "Not supported.", "value": "USE_NAMED_PORT" }, { "name": "UseServingPort", "description": "For network endpoint group backends, the health check uses the port number specified on each endpoint in the network endpoint group. For instance group backends, the health check uses the port number specified for the backend service's named port defined in the instance group's named ports.", "value": "USE_SERVING_PORT" } ] }, "google-native:compute/v1:GRPCHealthCheckResponse": { "properties": { "grpcServiceName": { "type": "string", "description": "The gRPC service name for the health check. This field is optional. The value of grpc_service_name has the following meanings by convention: - Empty service_name means the overall status of all services at the backend. - Non-empty service_name means the health of that gRPC service, as defined by the owner of the service. The grpc_service_name can only be ASCII." }, "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "type": "string", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." } }, "type": "object", "required": [ "grpcServiceName", "port", "portName", "portSpecification" ] }, "google-native:compute/v1:GlobalAddressAddressType": { "description": "The type of address to reserve, either INTERNAL or EXTERNAL. If unspecified, defaults to EXTERNAL.", "type": "string", "enum": [ { "name": "External", "description": "A publicly visible external IP address.", "value": "EXTERNAL" }, { "name": "Internal", "description": "A private network IP address, for use with an Instance or Internal Load Balancer forwarding rule.", "value": "INTERNAL" }, { "name": "UnspecifiedType", "value": "UNSPECIFIED_TYPE" } ] }, "google-native:compute/v1:GlobalAddressIpVersion": { "description": "The IP version that will be used by this address. Valid options are IPV4 or IPV6.", "type": "string", "enum": [ { "name": "Ipv4", "value": "IPV4" }, { "name": "Ipv6", "value": "IPV6" }, { "name": "UnspecifiedVersion", "value": "UNSPECIFIED_VERSION" } ] }, "google-native:compute/v1:GlobalAddressIpv6EndpointType": { "description": "The endpoint type of this address, which should be VM or NETLB. This is used for deciding which type of endpoint this address can be used after the external IPv6 address reservation.", "type": "string", "enum": [ { "name": "Netlb", "description": "Reserved IPv6 address can be used on network load balancer.", "value": "NETLB" }, { "name": "Vm", "description": "Reserved IPv6 address can be used on VM.", "value": "VM" } ] }, "google-native:compute/v1:GlobalAddressNetworkTier": { "description": "This signifies the networking tier used for configuring this address and can only take the following values: PREMIUM or STANDARD. Internal IP addresses are always Premium Tier; global external IP addresses are always Premium Tier; regional external IP addresses can be either Standard or Premium Tier. If this field is not specified, it is assumed to be PREMIUM.", "type": "string", "enum": [ { "name": "FixedStandard", "description": "Public internet quality with fixed bandwidth.", "value": "FIXED_STANDARD" }, { "name": "Premium", "description": "High quality, Google-grade network tier, support for all networking products.", "value": "PREMIUM" }, { "name": "Standard", "description": "Public internet quality, only limited support for other networking products.", "value": "STANDARD" }, { "name": "StandardOverridesFixedStandard", "description": "(Output only) Temporary tier for FIXED_STANDARD when fixed standard tier is expired or not configured.", "value": "STANDARD_OVERRIDES_FIXED_STANDARD" } ] }, "google-native:compute/v1:GlobalAddressPurpose": { "description": "The purpose of this resource, which can be one of the following values: - GCE_ENDPOINT for addresses that are used by VM instances, alias IP ranges, load balancers, and similar resources. - DNS_RESOLVER for a DNS resolver address in a subnetwork for a Cloud DNS inbound forwarder IP addresses (regional internal IP address in a subnet of a VPC network) - VPC_PEERING for global internal IP addresses used for private services access allocated ranges. - NAT_AUTO for the regional external IP addresses used by Cloud NAT when allocating addresses using automatic NAT IP address allocation. - IPSEC_INTERCONNECT for addresses created from a private IP range that are reserved for a VLAN attachment in an *HA VPN over Cloud Interconnect* configuration. These addresses are regional resources. - `SHARED_LOADBALANCER_VIP` for an internal IP address that is assigned to multiple internal forwarding rules. - `PRIVATE_SERVICE_CONNECT` for a private network address that is used to configure Private Service Connect. Only global internal addresses can use this purpose. ", "type": "string", "enum": [ { "name": "DnsResolver", "description": "DNS resolver address in the subnetwork.", "value": "DNS_RESOLVER" }, { "name": "GceEndpoint", "description": "VM internal/alias IP, Internal LB service IP, etc.", "value": "GCE_ENDPOINT" }, { "name": "IpsecInterconnect", "description": "A regional internal IP address range reserved for the VLAN attachment that is used in HA VPN over Cloud Interconnect. This regional internal IP address range must not overlap with any IP address range of subnet/route in the VPC network and its peering networks. After the VLAN attachment is created with the reserved IP address range, when creating a new VPN gateway, its interface IP address is allocated from the associated VLAN attachment’s IP address range.", "value": "IPSEC_INTERCONNECT" }, { "name": "NatAuto", "description": "External IP automatically reserved for Cloud NAT.", "value": "NAT_AUTO" }, { "name": "PrivateServiceConnect", "description": "A private network IP address that can be used to configure Private Service Connect. This purpose can be specified only for GLOBAL addresses of Type INTERNAL", "value": "PRIVATE_SERVICE_CONNECT" }, { "name": "Serverless", "description": "A regional internal IP address range reserved for Serverless.", "value": "SERVERLESS" }, { "name": "SharedLoadbalancerVip", "description": "A private network IP address that can be shared by multiple Internal Load Balancer forwarding rules.", "value": "SHARED_LOADBALANCER_VIP" }, { "name": "VpcPeering", "description": "IP range for peer networks.", "value": "VPC_PEERING" } ] }, "google-native:compute/v1:GlobalForwardingRuleIpProtocol": { "description": "The IP protocol to which this rule applies. For protocol forwarding, valid options are TCP, UDP, ESP, AH, SCTP, ICMP and L3_DEFAULT. The valid IP protocols are different for different load balancing products as described in [Load balancing features](https://cloud.google.com/load-balancing/docs/features#protocols_from_the_load_balancer_to_the_backends).", "type": "string", "enum": [ { "name": "Ah", "value": "AH" }, { "name": "Esp", "value": "ESP" }, { "name": "Icmp", "value": "ICMP" }, { "name": "L3Default", "value": "L3_DEFAULT" }, { "name": "Sctp", "value": "SCTP" }, { "name": "Tcp", "value": "TCP" }, { "name": "Udp", "value": "UDP" } ] }, "google-native:compute/v1:GlobalForwardingRuleIpVersion": { "description": "The IP Version that will be used by this forwarding rule. Valid options are IPV4 or IPV6.", "type": "string", "enum": [ { "name": "Ipv4", "value": "IPV4" }, { "name": "Ipv6", "value": "IPV6" }, { "name": "UnspecifiedVersion", "value": "UNSPECIFIED_VERSION" } ] }, "google-native:compute/v1:GlobalForwardingRuleLoadBalancingScheme": { "description": "Specifies the forwarding rule type. For more information about forwarding rules, refer to Forwarding rule concepts.", "type": "string", "enum": [ { "name": "External", "value": "EXTERNAL" }, { "name": "ExternalManaged", "value": "EXTERNAL_MANAGED" }, { "name": "Internal", "value": "INTERNAL" }, { "name": "InternalManaged", "value": "INTERNAL_MANAGED" }, { "name": "InternalSelfManaged", "value": "INTERNAL_SELF_MANAGED" }, { "name": "Invalid", "value": "INVALID" } ] }, "google-native:compute/v1:GlobalForwardingRuleNetworkTier": { "description": "This signifies the networking tier used for configuring this load balancer and can only take the following values: PREMIUM, STANDARD. For regional ForwardingRule, the valid values are PREMIUM and STANDARD. For GlobalForwardingRule, the valid value is PREMIUM. If this field is not specified, it is assumed to be PREMIUM. If IPAddress is specified, this value must be equal to the networkTier of the Address.", "type": "string", "enum": [ { "name": "FixedStandard", "description": "Public internet quality with fixed bandwidth.", "value": "FIXED_STANDARD" }, { "name": "Premium", "description": "High quality, Google-grade network tier, support for all networking products.", "value": "PREMIUM" }, { "name": "Standard", "description": "Public internet quality, only limited support for other networking products.", "value": "STANDARD" }, { "name": "StandardOverridesFixedStandard", "description": "(Output only) Temporary tier for FIXED_STANDARD when fixed standard tier is expired or not configured.", "value": "STANDARD_OVERRIDES_FIXED_STANDARD" } ] }, "google-native:compute/v1:GlobalForwardingRulePscConnectionStatus": { "type": "string", "enum": [ { "name": "Accepted", "description": "The connection has been accepted by the producer.", "value": "ACCEPTED" }, { "name": "Closed", "description": "The connection has been closed by the producer and will not serve traffic going forward.", "value": "CLOSED" }, { "name": "NeedsAttention", "description": "The connection has been accepted by the producer, but the producer needs to take further action before the forwarding rule can serve traffic.", "value": "NEEDS_ATTENTION" }, { "name": "Pending", "description": "The connection is pending acceptance by the producer.", "value": "PENDING" }, { "name": "Rejected", "description": "The connection has been rejected by the producer.", "value": "REJECTED" }, { "name": "StatusUnspecified", "value": "STATUS_UNSPECIFIED" } ] }, "google-native:compute/v1:GlobalNetworkEndpointGroupNetworkEndpointType": { "description": "Type of network endpoints in this network endpoint group. Can be one of GCE_VM_IP, GCE_VM_IP_PORT, NON_GCP_PRIVATE_IP_PORT, INTERNET_FQDN_PORT, INTERNET_IP_PORT, SERVERLESS, PRIVATE_SERVICE_CONNECT.", "type": "string", "enum": [ { "name": "GceVmIp", "description": "The network endpoint is represented by an IP address.", "value": "GCE_VM_IP" }, { "name": "GceVmIpPort", "description": "The network endpoint is represented by IP address and port pair.", "value": "GCE_VM_IP_PORT" }, { "name": "InternetFqdnPort", "description": "The network endpoint is represented by fully qualified domain name and port.", "value": "INTERNET_FQDN_PORT" }, { "name": "InternetIpPort", "description": "The network endpoint is represented by an internet IP address and port.", "value": "INTERNET_IP_PORT" }, { "name": "NonGcpPrivateIpPort", "description": "The network endpoint is represented by an IP address and port. The endpoint belongs to a VM or pod running in a customer's on-premises.", "value": "NON_GCP_PRIVATE_IP_PORT" }, { "name": "PrivateServiceConnect", "description": "The network endpoint is either public Google APIs or services exposed by other GCP Project with a Service Attachment. The connection is set up by private service connect", "value": "PRIVATE_SERVICE_CONNECT" }, { "name": "Serverless", "description": "The network endpoint is handled by specified serverless infrastructure.", "value": "SERVERLESS" } ] }, "google-native:compute/v1:GuestOsFeature": { "description": "Guest OS features.", "properties": { "type": { "$ref": "#/types/google-native:compute%2Fv1:GuestOsFeatureType", "description": "The ID of a supported feature. To add multiple values, use commas to separate values. Set to one or more of the following values: - VIRTIO_SCSI_MULTIQUEUE - WINDOWS - MULTI_IP_SUBNET - UEFI_COMPATIBLE - GVNIC - SEV_CAPABLE - SUSPEND_RESUME_COMPATIBLE - SEV_LIVE_MIGRATABLE - SEV_SNP_CAPABLE For more information, see Enabling guest operating system features." } }, "type": "object" }, "google-native:compute/v1:GuestOsFeatureResponse": { "description": "Guest OS features.", "properties": { "type": { "type": "string", "description": "The ID of a supported feature. To add multiple values, use commas to separate values. Set to one or more of the following values: - VIRTIO_SCSI_MULTIQUEUE - WINDOWS - MULTI_IP_SUBNET - UEFI_COMPATIBLE - GVNIC - SEV_CAPABLE - SUSPEND_RESUME_COMPATIBLE - SEV_LIVE_MIGRATABLE - SEV_SNP_CAPABLE For more information, see Enabling guest operating system features." } }, "type": "object", "required": [ "type" ] }, "google-native:compute/v1:GuestOsFeatureType": { "description": "The ID of a supported feature. To add multiple values, use commas to separate values. Set to one or more of the following values: - VIRTIO_SCSI_MULTIQUEUE - WINDOWS - MULTI_IP_SUBNET - UEFI_COMPATIBLE - GVNIC - SEV_CAPABLE - SUSPEND_RESUME_COMPATIBLE - SEV_LIVE_MIGRATABLE - SEV_SNP_CAPABLE For more information, see Enabling guest operating system features.", "type": "string", "enum": [ { "name": "FeatureTypeUnspecified", "value": "FEATURE_TYPE_UNSPECIFIED" }, { "name": "Gvnic", "value": "GVNIC" }, { "name": "MultiIpSubnet", "value": "MULTI_IP_SUBNET" }, { "name": "SecureBoot", "value": "SECURE_BOOT" }, { "name": "SevCapable", "value": "SEV_CAPABLE" }, { "name": "SevLiveMigratable", "value": "SEV_LIVE_MIGRATABLE" }, { "name": "SevLiveMigratableV2", "value": "SEV_LIVE_MIGRATABLE_V2" }, { "name": "SevSnpCapable", "value": "SEV_SNP_CAPABLE" }, { "name": "UefiCompatible", "value": "UEFI_COMPATIBLE" }, { "name": "VirtioScsiMultiqueue", "value": "VIRTIO_SCSI_MULTIQUEUE" }, { "name": "Windows", "value": "WINDOWS" } ] }, "google-native:compute/v1:HTTP2HealthCheck": { "properties": { "host": { "type": "string", "description": "The value of the host header in the HTTP/2 health check request. If left empty (default value), the host header is set to the destination IP address to which health check packets are sent. The destination IP address depends on the type of load balancer. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#hc-packet-dest" }, "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. The default value is 443. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "$ref": "#/types/google-native:compute%2Fv1:HTTP2HealthCheckPortSpecification", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." }, "proxyHeader": { "$ref": "#/types/google-native:compute%2Fv1:HTTP2HealthCheckProxyHeader", "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE." }, "requestPath": { "type": "string", "description": "The request path of the HTTP/2 health check request. The default value is /." }, "response": { "type": "string", "description": "Creates a content-based HTTP/2 health check. In addition to the required HTTP 200 (OK) status code, you can configure the health check to pass only when the backend sends this specific ASCII response string within the first 1024 bytes of the HTTP response body. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#criteria-protocol-http" } }, "type": "object" }, "google-native:compute/v1:HTTP2HealthCheckPortSpecification": { "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports.", "type": "string", "enum": [ { "name": "UseFixedPort", "description": "The port number in the health check's port is used for health checking. Applies to network endpoint group and instance group backends.", "value": "USE_FIXED_PORT" }, { "name": "UseNamedPort", "description": "Not supported.", "value": "USE_NAMED_PORT" }, { "name": "UseServingPort", "description": "For network endpoint group backends, the health check uses the port number specified on each endpoint in the network endpoint group. For instance group backends, the health check uses the port number specified for the backend service's named port defined in the instance group's named ports.", "value": "USE_SERVING_PORT" } ] }, "google-native:compute/v1:HTTP2HealthCheckProxyHeader": { "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.", "type": "string", "enum": [ { "name": "None", "value": "NONE" }, { "name": "ProxyV1", "value": "PROXY_V1" } ] }, "google-native:compute/v1:HTTP2HealthCheckResponse": { "properties": { "host": { "type": "string", "description": "The value of the host header in the HTTP/2 health check request. If left empty (default value), the host header is set to the destination IP address to which health check packets are sent. The destination IP address depends on the type of load balancer. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#hc-packet-dest" }, "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. The default value is 443. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "type": "string", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." }, "proxyHeader": { "type": "string", "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE." }, "requestPath": { "type": "string", "description": "The request path of the HTTP/2 health check request. The default value is /." }, "response": { "type": "string", "description": "Creates a content-based HTTP/2 health check. In addition to the required HTTP 200 (OK) status code, you can configure the health check to pass only when the backend sends this specific ASCII response string within the first 1024 bytes of the HTTP response body. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#criteria-protocol-http" } }, "type": "object", "required": [ "host", "port", "portName", "portSpecification", "proxyHeader", "requestPath", "response" ] }, "google-native:compute/v1:HTTPHealthCheck": { "properties": { "host": { "type": "string", "description": "The value of the host header in the HTTP health check request. If left empty (default value), the host header is set to the destination IP address to which health check packets are sent. The destination IP address depends on the type of load balancer. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#hc-packet-dest" }, "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. The default value is 80. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "$ref": "#/types/google-native:compute%2Fv1:HTTPHealthCheckPortSpecification", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Also supported in legacy HTTP health checks for target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." }, "proxyHeader": { "$ref": "#/types/google-native:compute%2Fv1:HTTPHealthCheckProxyHeader", "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE." }, "requestPath": { "type": "string", "description": "The request path of the HTTP health check request. The default value is /." }, "response": { "type": "string", "description": "Creates a content-based HTTP health check. In addition to the required HTTP 200 (OK) status code, you can configure the health check to pass only when the backend sends this specific ASCII response string within the first 1024 bytes of the HTTP response body. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#criteria-protocol-http" } }, "type": "object" }, "google-native:compute/v1:HTTPHealthCheckPortSpecification": { "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Also supported in legacy HTTP health checks for target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports.", "type": "string", "enum": [ { "name": "UseFixedPort", "description": "The port number in the health check's port is used for health checking. Applies to network endpoint group and instance group backends.", "value": "USE_FIXED_PORT" }, { "name": "UseNamedPort", "description": "Not supported.", "value": "USE_NAMED_PORT" }, { "name": "UseServingPort", "description": "For network endpoint group backends, the health check uses the port number specified on each endpoint in the network endpoint group. For instance group backends, the health check uses the port number specified for the backend service's named port defined in the instance group's named ports.", "value": "USE_SERVING_PORT" } ] }, "google-native:compute/v1:HTTPHealthCheckProxyHeader": { "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.", "type": "string", "enum": [ { "name": "None", "value": "NONE" }, { "name": "ProxyV1", "value": "PROXY_V1" } ] }, "google-native:compute/v1:HTTPHealthCheckResponse": { "properties": { "host": { "type": "string", "description": "The value of the host header in the HTTP health check request. If left empty (default value), the host header is set to the destination IP address to which health check packets are sent. The destination IP address depends on the type of load balancer. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#hc-packet-dest" }, "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. The default value is 80. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "type": "string", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Also supported in legacy HTTP health checks for target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." }, "proxyHeader": { "type": "string", "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE." }, "requestPath": { "type": "string", "description": "The request path of the HTTP health check request. The default value is /." }, "response": { "type": "string", "description": "Creates a content-based HTTP health check. In addition to the required HTTP 200 (OK) status code, you can configure the health check to pass only when the backend sends this specific ASCII response string within the first 1024 bytes of the HTTP response body. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#criteria-protocol-http" } }, "type": "object", "required": [ "host", "port", "portName", "portSpecification", "proxyHeader", "requestPath", "response" ] }, "google-native:compute/v1:HTTPSHealthCheck": { "properties": { "host": { "type": "string", "description": "The value of the host header in the HTTPS health check request. If left empty (default value), the host header is set to the destination IP address to which health check packets are sent. The destination IP address depends on the type of load balancer. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#hc-packet-dest" }, "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. The default value is 443. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "$ref": "#/types/google-native:compute%2Fv1:HTTPSHealthCheckPortSpecification", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." }, "proxyHeader": { "$ref": "#/types/google-native:compute%2Fv1:HTTPSHealthCheckProxyHeader", "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE." }, "requestPath": { "type": "string", "description": "The request path of the HTTPS health check request. The default value is /." }, "response": { "type": "string", "description": "Creates a content-based HTTPS health check. In addition to the required HTTP 200 (OK) status code, you can configure the health check to pass only when the backend sends this specific ASCII response string within the first 1024 bytes of the HTTP response body. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#criteria-protocol-http" } }, "type": "object" }, "google-native:compute/v1:HTTPSHealthCheckPortSpecification": { "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports.", "type": "string", "enum": [ { "name": "UseFixedPort", "description": "The port number in the health check's port is used for health checking. Applies to network endpoint group and instance group backends.", "value": "USE_FIXED_PORT" }, { "name": "UseNamedPort", "description": "Not supported.", "value": "USE_NAMED_PORT" }, { "name": "UseServingPort", "description": "For network endpoint group backends, the health check uses the port number specified on each endpoint in the network endpoint group. For instance group backends, the health check uses the port number specified for the backend service's named port defined in the instance group's named ports.", "value": "USE_SERVING_PORT" } ] }, "google-native:compute/v1:HTTPSHealthCheckProxyHeader": { "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.", "type": "string", "enum": [ { "name": "None", "value": "NONE" }, { "name": "ProxyV1", "value": "PROXY_V1" } ] }, "google-native:compute/v1:HTTPSHealthCheckResponse": { "properties": { "host": { "type": "string", "description": "The value of the host header in the HTTPS health check request. If left empty (default value), the host header is set to the destination IP address to which health check packets are sent. The destination IP address depends on the type of load balancer. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#hc-packet-dest" }, "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. The default value is 443. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "type": "string", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." }, "proxyHeader": { "type": "string", "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE." }, "requestPath": { "type": "string", "description": "The request path of the HTTPS health check request. The default value is /." }, "response": { "type": "string", "description": "Creates a content-based HTTPS health check. In addition to the required HTTP 200 (OK) status code, you can configure the health check to pass only when the backend sends this specific ASCII response string within the first 1024 bytes of the HTTP response body. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#criteria-protocol-http" } }, "type": "object", "required": [ "host", "port", "portName", "portSpecification", "proxyHeader", "requestPath", "response" ] }, "google-native:compute/v1:HealthCheckLogConfig": { "description": "Configuration of logging on a health check. If logging is enabled, logs will be exported to Stackdriver.", "properties": { "enable": { "type": "boolean", "description": "Indicates whether or not to export logs. This is false by default, which means no health check logging will be done." } }, "type": "object" }, "google-native:compute/v1:HealthCheckLogConfigResponse": { "description": "Configuration of logging on a health check. If logging is enabled, logs will be exported to Stackdriver.", "properties": { "enable": { "type": "boolean", "description": "Indicates whether or not to export logs. This is false by default, which means no health check logging will be done." } }, "type": "object", "required": [ "enable" ] }, "google-native:compute/v1:HealthCheckType": { "description": "Specifies the type of the healthCheck, either TCP, SSL, HTTP, HTTPS, HTTP2 or GRPC. Exactly one of the protocol-specific health check fields must be specified, which must match type field.", "type": "string", "enum": [ { "name": "Grpc", "value": "GRPC" }, { "name": "Http", "value": "HTTP" }, { "name": "Http2", "value": "HTTP2" }, { "name": "Https", "value": "HTTPS" }, { "name": "Invalid", "value": "INVALID" }, { "name": "Ssl", "value": "SSL" }, { "name": "Tcp", "value": "TCP" } ] }, "google-native:compute/v1:HostRule": { "description": "UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.", "properties": { "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "hosts": { "type": "array", "items": { "type": "string" }, "description": "The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character, and if followed by anything, the immediate following character must be either - or .. * based matching is not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true." }, "pathMatcher": { "type": "string", "description": "The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion." } }, "type": "object" }, "google-native:compute/v1:HostRuleResponse": { "description": "UrlMaps A host-matching rule for a URL. If matched, will use the named PathMatcher to select the BackendService.", "properties": { "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "hosts": { "type": "array", "items": { "type": "string" }, "description": "The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character, and if followed by anything, the immediate following character must be either - or .. * based matching is not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true." }, "pathMatcher": { "type": "string", "description": "The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion." } }, "type": "object", "required": [ "description", "hosts", "pathMatcher" ] }, "google-native:compute/v1:HttpFaultAbort": { "description": "Specification for how requests are aborted as part of fault injection.", "properties": { "httpStatus": { "type": "integer", "description": "The HTTP status code used to abort the request. The value must be from 200 to 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director." }, "percentage": { "type": "number", "description": "The percentage of traffic for connections, operations, or requests that is aborted as part of fault injection. The value must be from 0.0 to 100.0 inclusive." } }, "type": "object" }, "google-native:compute/v1:HttpFaultAbortResponse": { "description": "Specification for how requests are aborted as part of fault injection.", "properties": { "httpStatus": { "type": "integer", "description": "The HTTP status code used to abort the request. The value must be from 200 to 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director." }, "percentage": { "type": "number", "description": "The percentage of traffic for connections, operations, or requests that is aborted as part of fault injection. The value must be from 0.0 to 100.0 inclusive." } }, "type": "object", "required": [ "httpStatus", "percentage" ] }, "google-native:compute/v1:HttpFaultDelay": { "description": "Specifies the delay introduced by the load balancer before forwarding the request to the backend service as part of fault injection.", "properties": { "fixedDelay": { "$ref": "#/types/google-native:compute%2Fv1:Duration", "description": "Specifies the value of the fixed delay interval." }, "percentage": { "type": "number", "description": "The percentage of traffic for connections, operations, or requests for which a delay is introduced as part of fault injection. The value must be from 0.0 to 100.0 inclusive." } }, "type": "object" }, "google-native:compute/v1:HttpFaultDelayResponse": { "description": "Specifies the delay introduced by the load balancer before forwarding the request to the backend service as part of fault injection.", "properties": { "fixedDelay": { "$ref": "#/types/google-native:compute%2Fv1:DurationResponse", "description": "Specifies the value of the fixed delay interval." }, "percentage": { "type": "number", "description": "The percentage of traffic for connections, operations, or requests for which a delay is introduced as part of fault injection. The value must be from 0.0 to 100.0 inclusive." } }, "type": "object", "required": [ "fixedDelay", "percentage" ] }, "google-native:compute/v1:HttpFaultInjection": { "description": "The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by the load balancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the load balancer for a percentage of requests.", "properties": { "abort": { "$ref": "#/types/google-native:compute%2Fv1:HttpFaultAbort", "description": "The specification for how client requests are aborted as part of fault injection." }, "delay": { "$ref": "#/types/google-native:compute%2Fv1:HttpFaultDelay", "description": "The specification for how client requests are delayed as part of fault injection, before being sent to a backend service." } }, "type": "object" }, "google-native:compute/v1:HttpFaultInjectionResponse": { "description": "The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by the load balancer on a percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted by the load balancer for a percentage of requests.", "properties": { "abort": { "$ref": "#/types/google-native:compute%2Fv1:HttpFaultAbortResponse", "description": "The specification for how client requests are aborted as part of fault injection." }, "delay": { "$ref": "#/types/google-native:compute%2Fv1:HttpFaultDelayResponse", "description": "The specification for how client requests are delayed as part of fault injection, before being sent to a backend service." } }, "type": "object", "required": [ "abort", "delay" ] }, "google-native:compute/v1:HttpHeaderAction": { "description": "The request and response header transformations that take effect before the request is passed along to the selected backendService.", "properties": { "requestHeadersToAdd": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:HttpHeaderOption" }, "description": "Headers to add to a matching request before forwarding the request to the backendService." }, "requestHeadersToRemove": { "type": "array", "items": { "type": "string" }, "description": "A list of header names for headers that need to be removed from the request before forwarding the request to the backendService." }, "responseHeadersToAdd": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:HttpHeaderOption" }, "description": "Headers to add the response before sending the response back to the client." }, "responseHeadersToRemove": { "type": "array", "items": { "type": "string" }, "description": "A list of header names for headers that need to be removed from the response before sending the response back to the client." } }, "type": "object" }, "google-native:compute/v1:HttpHeaderActionResponse": { "description": "The request and response header transformations that take effect before the request is passed along to the selected backendService.", "properties": { "requestHeadersToAdd": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:HttpHeaderOptionResponse" }, "description": "Headers to add to a matching request before forwarding the request to the backendService." }, "requestHeadersToRemove": { "type": "array", "items": { "type": "string" }, "description": "A list of header names for headers that need to be removed from the request before forwarding the request to the backendService." }, "responseHeadersToAdd": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:HttpHeaderOptionResponse" }, "description": "Headers to add the response before sending the response back to the client." }, "responseHeadersToRemove": { "type": "array", "items": { "type": "string" }, "description": "A list of header names for headers that need to be removed from the response before sending the response back to the client." } }, "type": "object", "required": [ "requestHeadersToAdd", "requestHeadersToRemove", "responseHeadersToAdd", "responseHeadersToRemove" ] }, "google-native:compute/v1:HttpHeaderMatch": { "description": "matchRule criteria for request header matches.", "properties": { "exactMatch": { "type": "string", "description": "The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set." }, "headerName": { "type": "string", "description": "The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name \":authority\". For matching a request's method, use the headerName \":method\". When the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin`." }, "invertMatch": { "type": "boolean", "description": "If set to false, the headerMatch is considered a match if the preceding match criteria are met. If set to true, the headerMatch is considered a match if the preceding match criteria are NOT met. The default setting is false. " }, "prefixMatch": { "type": "string", "description": "The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set." }, "presentMatch": { "type": "boolean", "description": "A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set." }, "rangeMatch": { "$ref": "#/types/google-native:compute%2Fv1:Int64RangeMatch", "description": "The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. rangeMatch is not supported for load balancers that have loadBalancingScheme set to EXTERNAL." }, "regexMatch": { "type": "string", "description": "The value of the header must match the regular expression specified in regexMatch. For more information about regular expression syntax, see Syntax. For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Regular expressions can only be used when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED." }, "suffixMatch": { "type": "string", "description": "The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set." } }, "type": "object" }, "google-native:compute/v1:HttpHeaderMatchResponse": { "description": "matchRule criteria for request header matches.", "properties": { "exactMatch": { "type": "string", "description": "The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set." }, "headerName": { "type": "string", "description": "The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name \":authority\". For matching a request's method, use the headerName \":method\". When the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin`." }, "invertMatch": { "type": "boolean", "description": "If set to false, the headerMatch is considered a match if the preceding match criteria are met. If set to true, the headerMatch is considered a match if the preceding match criteria are NOT met. The default setting is false. " }, "prefixMatch": { "type": "string", "description": "The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set." }, "presentMatch": { "type": "boolean", "description": "A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set." }, "rangeMatch": { "$ref": "#/types/google-native:compute%2Fv1:Int64RangeMatchResponse", "description": "The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. rangeMatch is not supported for load balancers that have loadBalancingScheme set to EXTERNAL." }, "regexMatch": { "type": "string", "description": "The value of the header must match the regular expression specified in regexMatch. For more information about regular expression syntax, see Syntax. For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Regular expressions can only be used when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED." }, "suffixMatch": { "type": "string", "description": "The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set." } }, "type": "object", "required": [ "exactMatch", "headerName", "invertMatch", "prefixMatch", "presentMatch", "rangeMatch", "regexMatch", "suffixMatch" ] }, "google-native:compute/v1:HttpHeaderOption": { "description": "Specification determining how headers are added to requests or responses.", "properties": { "headerName": { "type": "string", "description": "The name of the header." }, "headerValue": { "type": "string", "description": "The value of the header to add." }, "replace": { "type": "boolean", "description": "If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false. " } }, "type": "object" }, "google-native:compute/v1:HttpHeaderOptionResponse": { "description": "Specification determining how headers are added to requests or responses.", "properties": { "headerName": { "type": "string", "description": "The name of the header." }, "headerValue": { "type": "string", "description": "The value of the header to add." }, "replace": { "type": "boolean", "description": "If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is false. " } }, "type": "object", "required": [ "headerName", "headerValue", "replace" ] }, "google-native:compute/v1:HttpQueryParameterMatch": { "description": "HttpRouteRuleMatch criteria for a request's query parameter.", "properties": { "exactMatch": { "type": "string", "description": "The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch, or regexMatch must be set. " }, "name": { "type": "string", "description": "The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails." }, "presentMatch": { "type": "boolean", "description": "Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch, or regexMatch must be set. " }, "regexMatch": { "type": "string", "description": "The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For more information about regular expression syntax, see Syntax. Only one of presentMatch, exactMatch, or regexMatch must be set. Regular expressions can only be used when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED. " } }, "type": "object" }, "google-native:compute/v1:HttpQueryParameterMatchResponse": { "description": "HttpRouteRuleMatch criteria for a request's query parameter.", "properties": { "exactMatch": { "type": "string", "description": "The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch, or regexMatch must be set. " }, "name": { "type": "string", "description": "The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails." }, "presentMatch": { "type": "boolean", "description": "Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch, or regexMatch must be set. " }, "regexMatch": { "type": "string", "description": "The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For more information about regular expression syntax, see Syntax. Only one of presentMatch, exactMatch, or regexMatch must be set. Regular expressions can only be used when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED. " } }, "type": "object", "required": [ "exactMatch", "name", "presentMatch", "regexMatch" ] }, "google-native:compute/v1:HttpRedirectAction": { "description": "Specifies settings for an HTTP redirect.", "properties": { "hostRedirect": { "type": "string", "description": "The host that is used in the redirect response instead of the one that was supplied in the request. The value must be from 1 to 255 characters." }, "httpsRedirect": { "type": "boolean", "description": "If set to true, the URL scheme in the redirected request is set to HTTPS. If set to false, the URL scheme of the redirected request remains the same as that of the request. This must only be set for URL maps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false." }, "pathRedirect": { "type": "string", "description": "The path that is used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request is used for the redirect. The value must be from 1 to 1024 characters." }, "prefixRedirect": { "type": "string", "description": "The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request is used for the redirect. The value must be from 1 to 1024 characters." }, "redirectResponseCode": { "$ref": "#/types/google-native:compute%2Fv1:HttpRedirectActionRedirectResponseCode", "description": "The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method is retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method is retained. " }, "stripQuery": { "type": "boolean", "description": "If set to true, any accompanying query portion of the original URL is removed before redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false. " } }, "type": "object" }, "google-native:compute/v1:HttpRedirectActionRedirectResponseCode": { "description": "The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method is retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method is retained. ", "type": "string", "enum": [ { "name": "Found", "description": "Http Status Code 302 - Found.", "value": "FOUND" }, { "name": "MovedPermanentlyDefault", "description": "Http Status Code 301 - Moved Permanently.", "value": "MOVED_PERMANENTLY_DEFAULT" }, { "name": "PermanentRedirect", "description": "Http Status Code 308 - Permanent Redirect maintaining HTTP method.", "value": "PERMANENT_REDIRECT" }, { "name": "SeeOther", "description": "Http Status Code 303 - See Other.", "value": "SEE_OTHER" }, { "name": "TemporaryRedirect", "description": "Http Status Code 307 - Temporary Redirect maintaining HTTP method.", "value": "TEMPORARY_REDIRECT" } ] }, "google-native:compute/v1:HttpRedirectActionResponse": { "description": "Specifies settings for an HTTP redirect.", "properties": { "hostRedirect": { "type": "string", "description": "The host that is used in the redirect response instead of the one that was supplied in the request. The value must be from 1 to 255 characters." }, "httpsRedirect": { "type": "boolean", "description": "If set to true, the URL scheme in the redirected request is set to HTTPS. If set to false, the URL scheme of the redirected request remains the same as that of the request. This must only be set for URL maps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false." }, "pathRedirect": { "type": "string", "description": "The path that is used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request is used for the redirect. The value must be from 1 to 1024 characters." }, "prefixRedirect": { "type": "string", "description": "The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request is used for the redirect. The value must be from 1 to 1024 characters." }, "redirectResponseCode": { "type": "string", "description": "The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method is retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method is retained. " }, "stripQuery": { "type": "boolean", "description": "If set to true, any accompanying query portion of the original URL is removed before redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false. " } }, "type": "object", "required": [ "hostRedirect", "httpsRedirect", "pathRedirect", "prefixRedirect", "redirectResponseCode", "stripQuery" ] }, "google-native:compute/v1:HttpRetryPolicy": { "description": "The retry policy associates with HttpRouteRule", "properties": { "numRetries": { "type": "integer", "description": "Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1." }, "perTryTimeout": { "$ref": "#/types/google-native:compute%2Fv1:Duration", "description": "Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in the HttpRouteAction field. If timeout in the HttpRouteAction field is not set, this field uses the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true." }, "retryConditions": { "type": "array", "items": { "type": "string" }, "description": "Specifies one or more conditions when this retry policy applies. Valid values are: - 5xx: retry is attempted if the instance or endpoint responds with any 5xx response code, or if the instance or endpoint does not respond at all. For example, disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - connect-failure: a retry is attempted on failures connecting to the instance or endpoint. For example, connection timeouts. - retriable-4xx: a retry is attempted if the instance or endpoint responds with a 4xx response code. The only error that you can retry is error code 409. - refused-stream: a retry is attempted if the instance or endpoint resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelled: a retry is attempted if the gRPC status code in the response header is set to cancelled. - deadline-exceeded: a retry is attempted if the gRPC status code in the response header is set to deadline-exceeded. - internal: a retry is attempted if the gRPC status code in the response header is set to internal. - resource-exhausted: a retry is attempted if the gRPC status code in the response header is set to resource-exhausted. - unavailable: a retry is attempted if the gRPC status code in the response header is set to unavailable. Only the following codes are supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true. - cancelled - deadline-exceeded - internal - resource-exhausted - unavailable " } }, "type": "object" }, "google-native:compute/v1:HttpRetryPolicyResponse": { "description": "The retry policy associates with HttpRouteRule", "properties": { "numRetries": { "type": "integer", "description": "Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1." }, "perTryTimeout": { "$ref": "#/types/google-native:compute%2Fv1:DurationResponse", "description": "Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in the HttpRouteAction field. If timeout in the HttpRouteAction field is not set, this field uses the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true." }, "retryConditions": { "type": "array", "items": { "type": "string" }, "description": "Specifies one or more conditions when this retry policy applies. Valid values are: - 5xx: retry is attempted if the instance or endpoint responds with any 5xx response code, or if the instance or endpoint does not respond at all. For example, disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - connect-failure: a retry is attempted on failures connecting to the instance or endpoint. For example, connection timeouts. - retriable-4xx: a retry is attempted if the instance or endpoint responds with a 4xx response code. The only error that you can retry is error code 409. - refused-stream: a retry is attempted if the instance or endpoint resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelled: a retry is attempted if the gRPC status code in the response header is set to cancelled. - deadline-exceeded: a retry is attempted if the gRPC status code in the response header is set to deadline-exceeded. - internal: a retry is attempted if the gRPC status code in the response header is set to internal. - resource-exhausted: a retry is attempted if the gRPC status code in the response header is set to resource-exhausted. - unavailable: a retry is attempted if the gRPC status code in the response header is set to unavailable. Only the following codes are supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true. - cancelled - deadline-exceeded - internal - resource-exhausted - unavailable " } }, "type": "object", "required": [ "numRetries", "perTryTimeout", "retryConditions" ] }, "google-native:compute/v1:HttpRouteAction": { "properties": { "corsPolicy": { "$ref": "#/types/google-native:compute%2Fv1:CorsPolicy", "description": "The specification for allowing client-side cross-origin requests. For more information about the W3C recommendation for cross-origin resource sharing (CORS), see Fetch API Living Standard. Not supported when the URL map is bound to a target gRPC proxy." }, "faultInjectionPolicy": { "$ref": "#/types/google-native:compute%2Fv1:HttpFaultInjection", "description": "The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by a load balancer on a percentage of requests before sending those requests to the backend service. Similarly requests from clients can be aborted by the load balancer for a percentage of requests. timeout and retry_policy is ignored by clients that are configured with a fault_injection_policy if: 1. The traffic is generated by fault injection AND 2. The fault injection is not a delay fault injection. Fault injection is not supported with the classic Application Load Balancer . To see which load balancers support fault injection, see Load balancing: Routing and traffic management features." }, "maxStreamDuration": { "$ref": "#/types/google-native:compute%2Fv1:Duration", "description": "Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (known as *end-of-stream*), the duration in this field is computed from the beginning of the stream until the response has been processed, including all retries. A stream that does not complete in this duration is closed. If not specified, this field uses the maximum maxStreamDuration value among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED." }, "requestMirrorPolicy": { "$ref": "#/types/google-native:compute%2Fv1:RequestMirrorPolicy", "description": "Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. The load balancer does not wait for responses from the shadow service. Before sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true." }, "retryPolicy": { "$ref": "#/types/google-native:compute%2Fv1:HttpRetryPolicy", "description": "Specifies the retry policy associated with this route." }, "timeout": { "$ref": "#/types/google-native:compute%2Fv1:Duration", "description": "Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (known as *end-of-stream*) up until the response has been processed. Timeout includes all retries. If not specified, this field uses the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "urlRewrite": { "$ref": "#/types/google-native:compute%2Fv1:UrlRewrite", "description": "The spec to modify the URL of the request, before forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for classic Application Load Balancers. Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true." }, "weightedBackendServices": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:WeightedBackendService" }, "description": "A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. After a backend service is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction." } }, "type": "object" }, "google-native:compute/v1:HttpRouteActionResponse": { "properties": { "corsPolicy": { "$ref": "#/types/google-native:compute%2Fv1:CorsPolicyResponse", "description": "The specification for allowing client-side cross-origin requests. For more information about the W3C recommendation for cross-origin resource sharing (CORS), see Fetch API Living Standard. Not supported when the URL map is bound to a target gRPC proxy." }, "faultInjectionPolicy": { "$ref": "#/types/google-native:compute%2Fv1:HttpFaultInjectionResponse", "description": "The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by a load balancer on a percentage of requests before sending those requests to the backend service. Similarly requests from clients can be aborted by the load balancer for a percentage of requests. timeout and retry_policy is ignored by clients that are configured with a fault_injection_policy if: 1. The traffic is generated by fault injection AND 2. The fault injection is not a delay fault injection. Fault injection is not supported with the classic Application Load Balancer . To see which load balancers support fault injection, see Load balancing: Routing and traffic management features." }, "maxStreamDuration": { "$ref": "#/types/google-native:compute%2Fv1:DurationResponse", "description": "Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (known as *end-of-stream*), the duration in this field is computed from the beginning of the stream until the response has been processed, including all retries. A stream that does not complete in this duration is closed. If not specified, this field uses the maximum maxStreamDuration value among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED." }, "requestMirrorPolicy": { "$ref": "#/types/google-native:compute%2Fv1:RequestMirrorPolicyResponse", "description": "Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. The load balancer does not wait for responses from the shadow service. Before sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true." }, "retryPolicy": { "$ref": "#/types/google-native:compute%2Fv1:HttpRetryPolicyResponse", "description": "Specifies the retry policy associated with this route." }, "timeout": { "$ref": "#/types/google-native:compute%2Fv1:DurationResponse", "description": "Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (known as *end-of-stream*) up until the response has been processed. Timeout includes all retries. If not specified, this field uses the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "urlRewrite": { "$ref": "#/types/google-native:compute%2Fv1:UrlRewriteResponse", "description": "The spec to modify the URL of the request, before forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for classic Application Load Balancers. Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true." }, "weightedBackendServices": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:WeightedBackendServiceResponse" }, "description": "A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. After a backend service is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction." } }, "type": "object", "required": [ "corsPolicy", "faultInjectionPolicy", "maxStreamDuration", "requestMirrorPolicy", "retryPolicy", "timeout", "urlRewrite", "weightedBackendServices" ] }, "google-native:compute/v1:HttpRouteRule": { "description": "The HttpRouteRule setting specifies how to match an HTTP request and the corresponding routing action that load balancing proxies perform.", "properties": { "description": { "type": "string", "description": "The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters." }, "headerAction": { "$ref": "#/types/google-native:compute%2Fv1:HttpHeaderAction", "description": "Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction value specified here is applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction HeaderAction is not supported for load balancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "matchRules": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:HttpRouteRuleMatch" }, "description": "The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule." }, "priority": { "type": "integer", "description": "For routeRules within a given pathMatcher, priority determines the order in which a load balancer interprets routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number from 0 to 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules." }, "routeAction": { "$ref": "#/types/google-native:compute%2Fv1:HttpRouteAction", "description": "In response to a matching matchRule, the load balancer performs advanced routing actions, such as URL rewrites and header transformations, before forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. URL maps for classic Application Load Balancers only support the urlRewrite action within a route rule's routeAction." }, "service": { "type": "string", "description": "The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is also specified, advanced routing actions, such as URL rewrites, take effect before sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set." }, "urlRedirect": { "$ref": "#/types/google-native:compute%2Fv1:HttpRedirectAction", "description": "When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to a target gRPC proxy." } }, "type": "object" }, "google-native:compute/v1:HttpRouteRuleMatch": { "description": "HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.", "properties": { "fullPathMatch": { "type": "string", "description": "For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be from 1 to 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified." }, "headerMatches": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:HttpHeaderMatch" }, "description": "Specifies a list of header match criteria, all of which must match corresponding headers in the request." }, "ignoreCase": { "type": "boolean", "description": "Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to a target gRPC proxy." }, "metadataFilters": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:MetadataFilter" }, "description": "Opaque filter criteria used by the load balancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to the load balancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadata filters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here is applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to load balancers that have loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "pathTemplateMatch": { "type": "string", "description": "If specified, the route is a pattern match expression that must match the :path header once the query string is removed. A pattern match allows you to match - The value must be between 1 and 1024 characters - The pattern must start with a leading slash (\"/\") - There may be no more than 5 operators in pattern Precisely one of prefix_match, full_path_match, regex_match or path_template_match must be set." }, "prefixMatch": { "type": "string", "description": "For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be from 1 to 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified." }, "queryParameterMatches": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:HttpQueryParameterMatch" }, "description": "Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to a target gRPC proxy." }, "regexMatch": { "type": "string", "description": "For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For more information about regular expression syntax, see Syntax. Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Regular expressions can only be used when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED." } }, "type": "object" }, "google-native:compute/v1:HttpRouteRuleMatchResponse": { "description": "HttpRouteRuleMatch specifies a set of criteria for matching requests to an HttpRouteRule. All specified criteria must be satisfied for a match to occur.", "properties": { "fullPathMatch": { "type": "string", "description": "For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be from 1 to 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified." }, "headerMatches": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:HttpHeaderMatchResponse" }, "description": "Specifies a list of header match criteria, all of which must match corresponding headers in the request." }, "ignoreCase": { "type": "boolean", "description": "Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to a target gRPC proxy." }, "metadataFilters": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:MetadataFilterResponse" }, "description": "Opaque filter criteria used by the load balancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to the load balancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadata filters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here is applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to load balancers that have loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "pathTemplateMatch": { "type": "string", "description": "If specified, the route is a pattern match expression that must match the :path header once the query string is removed. A pattern match allows you to match - The value must be between 1 and 1024 characters - The pattern must start with a leading slash (\"/\") - There may be no more than 5 operators in pattern Precisely one of prefix_match, full_path_match, regex_match or path_template_match must be set." }, "prefixMatch": { "type": "string", "description": "For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be from 1 to 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified." }, "queryParameterMatches": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:HttpQueryParameterMatchResponse" }, "description": "Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to a target gRPC proxy." }, "regexMatch": { "type": "string", "description": "For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For more information about regular expression syntax, see Syntax. Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Regular expressions can only be used when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED." } }, "type": "object", "required": [ "fullPathMatch", "headerMatches", "ignoreCase", "metadataFilters", "pathTemplateMatch", "prefixMatch", "queryParameterMatches", "regexMatch" ] }, "google-native:compute/v1:HttpRouteRuleResponse": { "description": "The HttpRouteRule setting specifies how to match an HTTP request and the corresponding routing action that load balancing proxies perform.", "properties": { "description": { "type": "string", "description": "The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters." }, "headerAction": { "$ref": "#/types/google-native:compute%2Fv1:HttpHeaderActionResponse", "description": "Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction value specified here is applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction HeaderAction is not supported for load balancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "matchRules": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:HttpRouteRuleMatchResponse" }, "description": "The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule." }, "priority": { "type": "integer", "description": "For routeRules within a given pathMatcher, priority determines the order in which a load balancer interprets routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number from 0 to 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules." }, "routeAction": { "$ref": "#/types/google-native:compute%2Fv1:HttpRouteActionResponse", "description": "In response to a matching matchRule, the load balancer performs advanced routing actions, such as URL rewrites and header transformations, before forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of urlRedirect, service or routeAction.weightedBackendService must be set. URL maps for classic Application Load Balancers only support the urlRewrite action within a route rule's routeAction." }, "service": { "type": "string", "description": "The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is also specified, advanced routing actions, such as URL rewrites, take effect before sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set." }, "urlRedirect": { "$ref": "#/types/google-native:compute%2Fv1:HttpRedirectActionResponse", "description": "When this rule is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to a target gRPC proxy." } }, "type": "object", "required": [ "description", "headerAction", "matchRules", "priority", "routeAction", "service", "urlRedirect" ] }, "google-native:compute/v1:ImageArchitecture": { "description": "The architecture of the image. Valid values are ARM64 or X86_64.", "type": "string", "enum": [ { "name": "ArchitectureUnspecified", "description": "Default value indicating Architecture is not set.", "value": "ARCHITECTURE_UNSPECIFIED" }, { "name": "Arm64", "description": "Machines with architecture ARM64", "value": "ARM64" }, { "name": "X8664", "description": "Machines with architecture X86_64", "value": "X86_64" } ] }, "google-native:compute/v1:ImageRawDisk": { "description": "The parameters of the raw disk image.", "properties": { "containerType": { "$ref": "#/types/google-native:compute%2Fv1:ImageRawDiskContainerType", "description": "The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created." }, "sha1Checksum": { "type": "string", "description": "[Deprecated] This field is deprecated. An optional SHA1 checksum of the disk image before unpackaging provided by the client when the disk image is created.", "deprecationMessage": "[Deprecated] This field is deprecated. An optional SHA1 checksum of the disk image before unpackaging provided by the client when the disk image is created." }, "source": { "type": "string", "description": "The full Google Cloud Storage URL where the raw disk image archive is stored. The following are valid formats for the URL: - https://storage.googleapis.com/bucket_name/image_archive_name - https://storage.googleapis.com/bucket_name/folder_name/ image_archive_name In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL " } }, "type": "object" }, "google-native:compute/v1:ImageRawDiskContainerType": { "description": "The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created.", "type": "string", "enum": [ { "name": "Tar", "value": "TAR" } ] }, "google-native:compute/v1:ImageRawDiskResponse": { "description": "The parameters of the raw disk image.", "properties": { "containerType": { "type": "string", "description": "The format used to encode and transmit the block device, which should be TAR. This is just a container and transmission format and not a runtime format. Provided by the client when the disk image is created." }, "sha1Checksum": { "type": "string", "description": "[Deprecated] This field is deprecated. An optional SHA1 checksum of the disk image before unpackaging provided by the client when the disk image is created.", "deprecationMessage": "[Deprecated] This field is deprecated. An optional SHA1 checksum of the disk image before unpackaging provided by the client when the disk image is created." }, "source": { "type": "string", "description": "The full Google Cloud Storage URL where the raw disk image archive is stored. The following are valid formats for the URL: - https://storage.googleapis.com/bucket_name/image_archive_name - https://storage.googleapis.com/bucket_name/folder_name/ image_archive_name In order to create an image, you must provide the full or partial URL of one of the following: - The rawDisk.source URL - The sourceDisk URL - The sourceImage URL - The sourceSnapshot URL " } }, "type": "object", "required": [ "containerType", "sha1Checksum", "source" ] }, "google-native:compute/v1:ImageSourceType": { "description": "The type of the image used to create this disk. The default and only valid value is RAW.", "type": "string", "enum": [ { "name": "Raw", "value": "RAW" } ] }, "google-native:compute/v1:InitialStateConfig": { "description": "Initial State for shielded instance, these are public keys which are safe to store in public", "properties": { "dbs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:FileContentBuffer" }, "description": "The Key Database (db)." }, "dbxs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:FileContentBuffer" }, "description": "The forbidden key database (dbx)." }, "keks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:FileContentBuffer" }, "description": "The Key Exchange Key (KEK)." }, "pk": { "$ref": "#/types/google-native:compute%2Fv1:FileContentBuffer", "description": "The Platform Key (PK)." } }, "type": "object" }, "google-native:compute/v1:InitialStateConfigResponse": { "description": "Initial State for shielded instance, these are public keys which are safe to store in public", "properties": { "dbs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:FileContentBufferResponse" }, "description": "The Key Database (db)." }, "dbxs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:FileContentBufferResponse" }, "description": "The forbidden key database (dbx)." }, "keks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:FileContentBufferResponse" }, "description": "The Key Exchange Key (KEK)." }, "pk": { "$ref": "#/types/google-native:compute%2Fv1:FileContentBufferResponse", "description": "The Platform Key (PK)." } }, "type": "object", "required": [ "dbs", "dbxs", "keks", "pk" ] }, "google-native:compute/v1:InstanceGroupManagerActionsSummaryResponse": { "properties": { "abandoning": { "type": "integer", "description": "The total number of instances in the managed instance group that are scheduled to be abandoned. Abandoning an instance removes it from the managed instance group without deleting it." }, "creating": { "type": "integer", "description": "The number of instances in the managed instance group that are scheduled to be created or are currently being created. If the group fails to create any of these instances, it tries again until it creates the instance successfully. If you have disabled creation retries, this field will not be populated; instead, the creatingWithoutRetries field will be populated." }, "creatingWithoutRetries": { "type": "integer", "description": "The number of instances that the managed instance group will attempt to create. The group attempts to create each instance only once. If the group fails to create any of these instances, it decreases the group's targetSize value accordingly." }, "deleting": { "type": "integer", "description": "The number of instances in the managed instance group that are scheduled to be deleted or are currently being deleted." }, "none": { "type": "integer", "description": "The number of instances in the managed instance group that are running and have no scheduled actions." }, "recreating": { "type": "integer", "description": "The number of instances in the managed instance group that are scheduled to be recreated or are currently being being recreated. Recreating an instance deletes the existing root persistent disk and creates a new disk from the image that is defined in the instance template." }, "refreshing": { "type": "integer", "description": "The number of instances in the managed instance group that are being reconfigured with properties that do not require a restart or a recreate action. For example, setting or removing target pools for the instance." }, "restarting": { "type": "integer", "description": "The number of instances in the managed instance group that are scheduled to be restarted or are currently being restarted." }, "resuming": { "type": "integer", "description": "The number of instances in the managed instance group that are scheduled to be resumed or are currently being resumed." }, "starting": { "type": "integer", "description": "The number of instances in the managed instance group that are scheduled to be started or are currently being started." }, "stopping": { "type": "integer", "description": "The number of instances in the managed instance group that are scheduled to be stopped or are currently being stopped." }, "suspending": { "type": "integer", "description": "The number of instances in the managed instance group that are scheduled to be suspended or are currently being suspended." }, "verifying": { "type": "integer", "description": "The number of instances in the managed instance group that are being verified. See the managedInstances[].currentAction property in the listManagedInstances method documentation." } }, "type": "object", "required": [ "abandoning", "creating", "creatingWithoutRetries", "deleting", "none", "recreating", "refreshing", "restarting", "resuming", "starting", "stopping", "suspending", "verifying" ] }, "google-native:compute/v1:InstanceGroupManagerAutoHealingPolicy": { "properties": { "healthCheck": { "type": "string", "description": "The URL for the health check that signals autohealing." }, "initialDelaySec": { "type": "integer", "description": "The initial delay is the number of seconds that a new VM takes to initialize and run its startup script. During a VM's initial delay period, the MIG ignores unsuccessful health checks because the VM might be in the startup process. This prevents the MIG from prematurely recreating a VM. If the health check receives a healthy response during the initial delay, it indicates that the startup process is complete and the VM is ready. The value of initial delay must be between 0 and 3600 seconds. The default value is 0." } }, "type": "object" }, "google-native:compute/v1:InstanceGroupManagerAutoHealingPolicyResponse": { "properties": { "healthCheck": { "type": "string", "description": "The URL for the health check that signals autohealing." }, "initialDelaySec": { "type": "integer", "description": "The initial delay is the number of seconds that a new VM takes to initialize and run its startup script. During a VM's initial delay period, the MIG ignores unsuccessful health checks because the VM might be in the startup process. This prevents the MIG from prematurely recreating a VM. If the health check receives a healthy response during the initial delay, it indicates that the startup process is complete and the VM is ready. The value of initial delay must be between 0 and 3600 seconds. The default value is 0." } }, "type": "object", "required": [ "healthCheck", "initialDelaySec" ] }, "google-native:compute/v1:InstanceGroupManagerInstanceLifecyclePolicy": { "properties": { "forceUpdateOnRepair": { "$ref": "#/types/google-native:compute%2Fv1:InstanceGroupManagerInstanceLifecyclePolicyForceUpdateOnRepair", "description": "A bit indicating whether to forcefully apply the group's latest configuration when repairing a VM. Valid options are: - NO (default): If configuration updates are available, they are not forcefully applied during repair. Instead, configuration updates are applied according to the group's update policy. - YES: If configuration updates are available, they are applied during repair. " } }, "type": "object" }, "google-native:compute/v1:InstanceGroupManagerInstanceLifecyclePolicyForceUpdateOnRepair": { "description": "A bit indicating whether to forcefully apply the group's latest configuration when repairing a VM. Valid options are: - NO (default): If configuration updates are available, they are not forcefully applied during repair. Instead, configuration updates are applied according to the group's update policy. - YES: If configuration updates are available, they are applied during repair. ", "type": "string", "enum": [ { "name": "No", "value": "NO" }, { "name": "Yes", "value": "YES" } ] }, "google-native:compute/v1:InstanceGroupManagerInstanceLifecyclePolicyResponse": { "properties": { "forceUpdateOnRepair": { "type": "string", "description": "A bit indicating whether to forcefully apply the group's latest configuration when repairing a VM. Valid options are: - NO (default): If configuration updates are available, they are not forcefully applied during repair. Instead, configuration updates are applied according to the group's update policy. - YES: If configuration updates are available, they are applied during repair. " } }, "type": "object", "required": [ "forceUpdateOnRepair" ] }, "google-native:compute/v1:InstanceGroupManagerListManagedInstancesResults": { "description": "Pagination behavior of the listManagedInstances API method for this managed instance group.", "type": "string", "enum": [ { "name": "Pageless", "description": "(Default) Pagination is disabled for the group's listManagedInstances API method. maxResults and pageToken query parameters are ignored and all instances are returned in a single response.", "value": "PAGELESS" }, { "name": "Paginated", "description": "Pagination is enabled for the group's listManagedInstances API method. maxResults and pageToken query parameters are respected.", "value": "PAGINATED" } ] }, "google-native:compute/v1:InstanceGroupManagerStatusResponse": { "properties": { "autoscaler": { "type": "string", "description": "The URL of the Autoscaler that targets this instance group manager." }, "isStable": { "type": "boolean", "description": "A bit indicating whether the managed instance group is in a stable state. A stable state means that: none of the instances in the managed instance group is currently undergoing any type of change (for example, creation, restart, or deletion); no future changes are scheduled for instances in the managed instance group; and the managed instance group itself is not being modified." }, "stateful": { "$ref": "#/types/google-native:compute%2Fv1:InstanceGroupManagerStatusStatefulResponse", "description": "Stateful status of the given Instance Group Manager." }, "versionTarget": { "$ref": "#/types/google-native:compute%2Fv1:InstanceGroupManagerStatusVersionTargetResponse", "description": "A status of consistency of Instances' versions with their target version specified by version field on Instance Group Manager." } }, "type": "object", "required": [ "autoscaler", "isStable", "stateful", "versionTarget" ] }, "google-native:compute/v1:InstanceGroupManagerStatusStatefulPerInstanceConfigsResponse": { "properties": { "allEffective": { "type": "boolean", "description": "A bit indicating if all of the group's per-instance configurations (listed in the output of a listPerInstanceConfigs API call) have status EFFECTIVE or there are no per-instance-configs." } }, "type": "object", "required": [ "allEffective" ] }, "google-native:compute/v1:InstanceGroupManagerStatusStatefulResponse": { "properties": { "hasStatefulConfig": { "type": "boolean", "description": "A bit indicating whether the managed instance group has stateful configuration, that is, if you have configured any items in a stateful policy or in per-instance configs. The group might report that it has no stateful configuration even when there is still some preserved state on a managed instance, for example, if you have deleted all PICs but not yet applied those deletions." }, "perInstanceConfigs": { "$ref": "#/types/google-native:compute%2Fv1:InstanceGroupManagerStatusStatefulPerInstanceConfigsResponse", "description": "Status of per-instance configurations on the instance." } }, "type": "object", "required": [ "hasStatefulConfig", "perInstanceConfigs" ] }, "google-native:compute/v1:InstanceGroupManagerStatusVersionTargetResponse": { "properties": { "isReached": { "type": "boolean", "description": "A bit indicating whether version target has been reached in this managed instance group, i.e. all instances are in their target version. Instances' target version are specified by version field on Instance Group Manager." } }, "type": "object", "required": [ "isReached" ] }, "google-native:compute/v1:InstanceGroupManagerUpdatePolicy": { "properties": { "instanceRedistributionType": { "$ref": "#/types/google-native:compute%2Fv1:InstanceGroupManagerUpdatePolicyInstanceRedistributionType", "description": "The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled. " }, "maxSurge": { "$ref": "#/types/google-native:compute%2Fv1:FixedOrPercent", "description": "The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge." }, "maxUnavailable": { "$ref": "#/types/google-native:compute%2Fv1:FixedOrPercent", "description": "The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable." }, "minimalAction": { "$ref": "#/types/google-native:compute%2Fv1:InstanceGroupManagerUpdatePolicyMinimalAction", "description": "Minimal action to be taken on an instance. Use this option to minimize disruption as much as possible or to apply a more disruptive action than is necessary. - To limit disruption as much as possible, set the minimal action to REFRESH. If your update requires a more disruptive action, Compute Engine performs the necessary action to execute the update. - To apply a more disruptive action than is strictly necessary, set the minimal action to RESTART or REPLACE. For example, Compute Engine does not need to restart a VM to change its metadata. But if your application reads instance metadata only when a VM is restarted, you can set the minimal action to RESTART in order to pick up metadata changes. " }, "mostDisruptiveAllowedAction": { "$ref": "#/types/google-native:compute%2Fv1:InstanceGroupManagerUpdatePolicyMostDisruptiveAllowedAction", "description": "Most disruptive action that is allowed to be taken on an instance. You can specify either NONE to forbid any actions, REFRESH to avoid restarting the VM and to limit disruption as much as possible. RESTART to allow actions that can be applied without instance replacing or REPLACE to allow all possible actions. If the Updater determines that the minimal update action needed is more disruptive than most disruptive allowed action you specify it will not perform the update at all." }, "replacementMethod": { "$ref": "#/types/google-native:compute%2Fv1:InstanceGroupManagerUpdatePolicyReplacementMethod", "description": "What action should be used to replace instances. See minimal_action.REPLACE" }, "type": { "$ref": "#/types/google-native:compute%2Fv1:InstanceGroupManagerUpdatePolicyType", "description": "The type of update process. You can specify either PROACTIVE so that the MIG automatically updates VMs to the latest configurations or OPPORTUNISTIC so that you can select the VMs that you want to update." } }, "type": "object" }, "google-native:compute/v1:InstanceGroupManagerUpdatePolicyInstanceRedistributionType": { "description": "The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled. ", "type": "string", "enum": [ { "name": "None", "description": "No action is being proactively performed in order to bring this IGM to its target instance distribution.", "value": "NONE" }, { "name": "Proactive", "description": "This IGM will actively converge to its target instance distribution.", "value": "PROACTIVE" } ] }, "google-native:compute/v1:InstanceGroupManagerUpdatePolicyMinimalAction": { "description": "Minimal action to be taken on an instance. Use this option to minimize disruption as much as possible or to apply a more disruptive action than is necessary. - To limit disruption as much as possible, set the minimal action to REFRESH. If your update requires a more disruptive action, Compute Engine performs the necessary action to execute the update. - To apply a more disruptive action than is strictly necessary, set the minimal action to RESTART or REPLACE. For example, Compute Engine does not need to restart a VM to change its metadata. But if your application reads instance metadata only when a VM is restarted, you can set the minimal action to RESTART in order to pick up metadata changes. ", "type": "string", "enum": [ { "name": "None", "description": "Do not perform any action.", "value": "NONE" }, { "name": "Refresh", "description": "Do not stop the instance.", "value": "REFRESH" }, { "name": "Replace", "description": "(Default.) Replace the instance according to the replacement method option.", "value": "REPLACE" }, { "name": "Restart", "description": "Stop the instance and start it again.", "value": "RESTART" } ] }, "google-native:compute/v1:InstanceGroupManagerUpdatePolicyMostDisruptiveAllowedAction": { "description": "Most disruptive action that is allowed to be taken on an instance. You can specify either NONE to forbid any actions, REFRESH to avoid restarting the VM and to limit disruption as much as possible. RESTART to allow actions that can be applied without instance replacing or REPLACE to allow all possible actions. If the Updater determines that the minimal update action needed is more disruptive than most disruptive allowed action you specify it will not perform the update at all.", "type": "string", "enum": [ { "name": "None", "description": "Do not perform any action.", "value": "NONE" }, { "name": "Refresh", "description": "Do not stop the instance.", "value": "REFRESH" }, { "name": "Replace", "description": "(Default.) Replace the instance according to the replacement method option.", "value": "REPLACE" }, { "name": "Restart", "description": "Stop the instance and start it again.", "value": "RESTART" } ] }, "google-native:compute/v1:InstanceGroupManagerUpdatePolicyReplacementMethod": { "description": "What action should be used to replace instances. See minimal_action.REPLACE", "type": "string", "enum": [ { "name": "Recreate", "description": "Instances will be recreated (with the same name)", "value": "RECREATE" }, { "name": "Substitute", "description": "Default option: instances will be deleted and created (with a new name)", "value": "SUBSTITUTE" } ] }, "google-native:compute/v1:InstanceGroupManagerUpdatePolicyResponse": { "properties": { "instanceRedistributionType": { "type": "string", "description": "The instance redistribution policy for regional managed instance groups. Valid values are: - PROACTIVE (default): The group attempts to maintain an even distribution of VM instances across zones in the region. - NONE: For non-autoscaled groups, proactive redistribution is disabled. " }, "maxSurge": { "$ref": "#/types/google-native:compute%2Fv1:FixedOrPercentResponse", "description": "The maximum number of instances that can be created above the specified targetSize during the update process. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxSurge is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxSurge." }, "maxUnavailable": { "$ref": "#/types/google-native:compute%2Fv1:FixedOrPercentResponse", "description": "The maximum number of instances that can be unavailable during the update process. An instance is considered available if all of the following conditions are satisfied: - The instance's status is RUNNING. - If there is a health check on the instance group, the instance's health check status must be HEALTHY at least once. If there is no health check on the group, then the instance only needs to have a status of RUNNING to be considered available. This value can be either a fixed number or, if the group has 10 or more instances, a percentage. If you set a percentage, the number of instances is rounded if necessary. The default value for maxUnavailable is a fixed value equal to the number of zones in which the managed instance group operates. At least one of either maxSurge or maxUnavailable must be greater than 0. Learn more about maxUnavailable." }, "minimalAction": { "type": "string", "description": "Minimal action to be taken on an instance. Use this option to minimize disruption as much as possible or to apply a more disruptive action than is necessary. - To limit disruption as much as possible, set the minimal action to REFRESH. If your update requires a more disruptive action, Compute Engine performs the necessary action to execute the update. - To apply a more disruptive action than is strictly necessary, set the minimal action to RESTART or REPLACE. For example, Compute Engine does not need to restart a VM to change its metadata. But if your application reads instance metadata only when a VM is restarted, you can set the minimal action to RESTART in order to pick up metadata changes. " }, "mostDisruptiveAllowedAction": { "type": "string", "description": "Most disruptive action that is allowed to be taken on an instance. You can specify either NONE to forbid any actions, REFRESH to avoid restarting the VM and to limit disruption as much as possible. RESTART to allow actions that can be applied without instance replacing or REPLACE to allow all possible actions. If the Updater determines that the minimal update action needed is more disruptive than most disruptive allowed action you specify it will not perform the update at all." }, "replacementMethod": { "type": "string", "description": "What action should be used to replace instances. See minimal_action.REPLACE" }, "type": { "type": "string", "description": "The type of update process. You can specify either PROACTIVE so that the MIG automatically updates VMs to the latest configurations or OPPORTUNISTIC so that you can select the VMs that you want to update." } }, "type": "object", "required": [ "instanceRedistributionType", "maxSurge", "maxUnavailable", "minimalAction", "mostDisruptiveAllowedAction", "replacementMethod", "type" ] }, "google-native:compute/v1:InstanceGroupManagerUpdatePolicyType": { "description": "The type of update process. You can specify either PROACTIVE so that the MIG automatically updates VMs to the latest configurations or OPPORTUNISTIC so that you can select the VMs that you want to update.", "type": "string", "enum": [ { "name": "Opportunistic", "description": "MIG will apply new configurations to existing VMs only when you selectively target specific or all VMs to be updated.", "value": "OPPORTUNISTIC" }, { "name": "Proactive", "description": "MIG will automatically apply new configurations to all or a subset of existing VMs and also to new VMs that are added to the group.", "value": "PROACTIVE" } ] }, "google-native:compute/v1:InstanceGroupManagerVersion": { "properties": { "instanceTemplate": { "type": "string", "description": "The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached." }, "name": { "type": "string", "description": "Name of the version. Unique among all versions in the scope of this managed instance group." }, "targetSize": { "$ref": "#/types/google-native:compute%2Fv1:FixedOrPercent", "description": "Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information." } }, "type": "object" }, "google-native:compute/v1:InstanceGroupManagerVersionResponse": { "properties": { "instanceTemplate": { "type": "string", "description": "The URL of the instance template that is specified for this managed instance group. The group uses this template to create new instances in the managed instance group until the `targetSize` for this version is reached. The templates for existing instances in the group do not change unless you run recreateInstances, run applyUpdatesToInstances, or set the group's updatePolicy.type to PROACTIVE; in those cases, existing instances are updated until the `targetSize` for this version is reached." }, "name": { "type": "string", "description": "Name of the version. Unique among all versions in the scope of this managed instance group." }, "targetSize": { "$ref": "#/types/google-native:compute%2Fv1:FixedOrPercentResponse", "description": "Specifies the intended number of instances to be created from the instanceTemplate. The final number of instances created from the template will be equal to: - If expressed as a fixed number, the minimum of either targetSize.fixed or instanceGroupManager.targetSize is used. - if expressed as a percent, the targetSize would be (targetSize.percent/100 * InstanceGroupManager.targetSize) If there is a remainder, the number is rounded. If unset, this version will update any remaining instances not updated by another version. Read Starting a canary update for more information." } }, "type": "object", "required": [ "instanceTemplate", "name", "targetSize" ] }, "google-native:compute/v1:InstanceKeyRevocationActionType": { "description": "KeyRevocationActionType of the instance. Supported options are \"STOP\" and \"NONE\". The default value is \"NONE\" if it is not specified.", "type": "string", "enum": [ { "name": "KeyRevocationActionTypeUnspecified", "description": "Default value. This value is unused.", "value": "KEY_REVOCATION_ACTION_TYPE_UNSPECIFIED" }, { "name": "None", "description": "Indicates user chose no operation.", "value": "NONE" }, { "name": "Stop", "description": "Indicates user chose to opt for VM shutdown on key revocation.", "value": "STOP" } ] }, "google-native:compute/v1:InstanceParams": { "description": "Additional instance params.", "properties": { "resourceManagerTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource manager tags to be bound to the instance. Tag keys and values have the same definition as resource manager tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values are in the format `tagValues/456`. The field is ignored (both PUT & PATCH) when empty." } }, "type": "object" }, "google-native:compute/v1:InstanceParamsResponse": { "description": "Additional instance params.", "properties": { "resourceManagerTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource manager tags to be bound to the instance. Tag keys and values have the same definition as resource manager tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values are in the format `tagValues/456`. The field is ignored (both PUT & PATCH) when empty." } }, "type": "object", "required": [ "resourceManagerTags" ] }, "google-native:compute/v1:InstancePrivateIpv6GoogleAccess": { "description": "The private IPv6 google access type for the VM. If not specified, use INHERIT_FROM_SUBNETWORK as default.", "type": "string", "enum": [ { "name": "EnableBidirectionalAccessToGoogle", "description": "Bidirectional private IPv6 access to/from Google services. If specified, the subnetwork who is attached to the instance's default network interface will be assigned an internal IPv6 prefix if it doesn't have before.", "value": "ENABLE_BIDIRECTIONAL_ACCESS_TO_GOOGLE" }, { "name": "EnableOutboundVmAccessToGoogle", "description": "Outbound private IPv6 access from VMs in this subnet to Google services. If specified, the subnetwork who is attached to the instance's default network interface will be assigned an internal IPv6 prefix if it doesn't have before.", "value": "ENABLE_OUTBOUND_VM_ACCESS_TO_GOOGLE" }, { "name": "InheritFromSubnetwork", "description": "Each network interface inherits PrivateIpv6GoogleAccess from its subnetwork.", "value": "INHERIT_FROM_SUBNETWORK" } ] }, "google-native:compute/v1:InstanceProperties": { "properties": { "advancedMachineFeatures": { "$ref": "#/types/google-native:compute%2Fv1:AdvancedMachineFeatures", "description": "Controls for advanced machine-related behavior features. Note that for MachineImage, this is not supported yet." }, "canIpForward": { "type": "boolean", "description": "Enables instances created based on these properties to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information." }, "confidentialInstanceConfig": { "$ref": "#/types/google-native:compute%2Fv1:ConfidentialInstanceConfig", "description": "Specifies the Confidential Instance options. Note that for MachineImage, this is not supported yet." }, "description": { "type": "string", "description": "An optional text description for the instances that are created from these properties." }, "disks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:AttachedDisk" }, "description": "An array of disks that are associated with the instances that are created from these properties." }, "guestAccelerators": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:AcceleratorConfig" }, "description": "A list of guest accelerator cards' type and count to use for instances created from these properties." }, "keyRevocationActionType": { "$ref": "#/types/google-native:compute%2Fv1:InstancePropertiesKeyRevocationActionType", "description": "KeyRevocationActionType of the instance. Supported options are \"STOP\" and \"NONE\". The default value is \"NONE\" if it is not specified." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels to apply to instances that are created from these properties." }, "machineType": { "type": "string", "description": "The machine type to use for instances that are created from these properties." }, "metadata": { "$ref": "#/types/google-native:compute%2Fv1:Metadata", "description": "The metadata key/value pairs to assign to instances that are created from these properties. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information." }, "minCpuPlatform": { "type": "string", "description": "Minimum cpu/platform to be used by instances. The instance may be scheduled on the specified or newer cpu/platform. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: \"Intel Haswell\" or minCpuPlatform: \"Intel Sandy Bridge\". For more information, read Specifying a Minimum CPU Platform." }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:NetworkInterface" }, "description": "An array of network access configurations for this interface." }, "networkPerformanceConfig": { "$ref": "#/types/google-native:compute%2Fv1:NetworkPerformanceConfig", "description": "Note that for MachineImage, this is not supported yet." }, "privateIpv6GoogleAccess": { "$ref": "#/types/google-native:compute%2Fv1:InstancePropertiesPrivateIpv6GoogleAccess", "description": "The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default. Note that for MachineImage, this is not supported yet." }, "reservationAffinity": { "$ref": "#/types/google-native:compute%2Fv1:ReservationAffinity", "description": "Specifies the reservations that instances can consume from. Note that for MachineImage, this is not supported yet." }, "resourceManagerTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource manager tags to be bound to the instance. Tag keys and values have the same definition as resource manager tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values are in the format `tagValues/456`. The field is ignored (both PUT & PATCH) when empty." }, "resourcePolicies": { "type": "array", "items": { "type": "string" }, "description": "Resource policies (names, not URLs) applied to instances created from these properties. Note that for MachineImage, this is not supported yet." }, "scheduling": { "$ref": "#/types/google-native:compute%2Fv1:Scheduling", "description": "Specifies the scheduling options for the instances that are created from these properties." }, "serviceAccounts": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:ServiceAccount" }, "description": "A list of service accounts with specified scopes. Access tokens for these service accounts are available to the instances that are created from these properties. Use metadata queries to obtain the access tokens for these instances." }, "shieldedInstanceConfig": { "$ref": "#/types/google-native:compute%2Fv1:ShieldedInstanceConfig", "description": "Note that for MachineImage, this is not supported yet." }, "tags": { "$ref": "#/types/google-native:compute%2Fv1:Tags", "description": "A list of tags to apply to the instances that are created from these properties. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035." } }, "type": "object" }, "google-native:compute/v1:InstancePropertiesKeyRevocationActionType": { "description": "KeyRevocationActionType of the instance. Supported options are \"STOP\" and \"NONE\". The default value is \"NONE\" if it is not specified.", "type": "string", "enum": [ { "name": "KeyRevocationActionTypeUnspecified", "description": "Default value. This value is unused.", "value": "KEY_REVOCATION_ACTION_TYPE_UNSPECIFIED" }, { "name": "None", "description": "Indicates user chose no operation.", "value": "NONE" }, { "name": "Stop", "description": "Indicates user chose to opt for VM shutdown on key revocation.", "value": "STOP" } ] }, "google-native:compute/v1:InstancePropertiesPrivateIpv6GoogleAccess": { "description": "The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default. Note that for MachineImage, this is not supported yet.", "type": "string", "enum": [ { "name": "EnableBidirectionalAccessToGoogle", "description": "Bidirectional private IPv6 access to/from Google services. If specified, the subnetwork who is attached to the instance's default network interface will be assigned an internal IPv6 prefix if it doesn't have before.", "value": "ENABLE_BIDIRECTIONAL_ACCESS_TO_GOOGLE" }, { "name": "EnableOutboundVmAccessToGoogle", "description": "Outbound private IPv6 access from VMs in this subnet to Google services. If specified, the subnetwork who is attached to the instance's default network interface will be assigned an internal IPv6 prefix if it doesn't have before.", "value": "ENABLE_OUTBOUND_VM_ACCESS_TO_GOOGLE" }, { "name": "InheritFromSubnetwork", "description": "Each network interface inherits PrivateIpv6GoogleAccess from its subnetwork.", "value": "INHERIT_FROM_SUBNETWORK" } ] }, "google-native:compute/v1:InstancePropertiesResponse": { "properties": { "advancedMachineFeatures": { "$ref": "#/types/google-native:compute%2Fv1:AdvancedMachineFeaturesResponse", "description": "Controls for advanced machine-related behavior features. Note that for MachineImage, this is not supported yet." }, "canIpForward": { "type": "boolean", "description": "Enables instances created based on these properties to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information." }, "confidentialInstanceConfig": { "$ref": "#/types/google-native:compute%2Fv1:ConfidentialInstanceConfigResponse", "description": "Specifies the Confidential Instance options. Note that for MachineImage, this is not supported yet." }, "description": { "type": "string", "description": "An optional text description for the instances that are created from these properties." }, "disks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:AttachedDiskResponse" }, "description": "An array of disks that are associated with the instances that are created from these properties." }, "guestAccelerators": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:AcceleratorConfigResponse" }, "description": "A list of guest accelerator cards' type and count to use for instances created from these properties." }, "keyRevocationActionType": { "type": "string", "description": "KeyRevocationActionType of the instance. Supported options are \"STOP\" and \"NONE\". The default value is \"NONE\" if it is not specified." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels to apply to instances that are created from these properties." }, "machineType": { "type": "string", "description": "The machine type to use for instances that are created from these properties." }, "metadata": { "$ref": "#/types/google-native:compute%2Fv1:MetadataResponse", "description": "The metadata key/value pairs to assign to instances that are created from these properties. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information." }, "minCpuPlatform": { "type": "string", "description": "Minimum cpu/platform to be used by instances. The instance may be scheduled on the specified or newer cpu/platform. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: \"Intel Haswell\" or minCpuPlatform: \"Intel Sandy Bridge\". For more information, read Specifying a Minimum CPU Platform." }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:NetworkInterfaceResponse" }, "description": "An array of network access configurations for this interface." }, "networkPerformanceConfig": { "$ref": "#/types/google-native:compute%2Fv1:NetworkPerformanceConfigResponse", "description": "Note that for MachineImage, this is not supported yet." }, "privateIpv6GoogleAccess": { "type": "string", "description": "The private IPv6 google access type for VMs. If not specified, use INHERIT_FROM_SUBNETWORK as default. Note that for MachineImage, this is not supported yet." }, "reservationAffinity": { "$ref": "#/types/google-native:compute%2Fv1:ReservationAffinityResponse", "description": "Specifies the reservations that instances can consume from. Note that for MachineImage, this is not supported yet." }, "resourceManagerTags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource manager tags to be bound to the instance. Tag keys and values have the same definition as resource manager tags. Keys must be in the format `tagKeys/{tag_key_id}`, and values are in the format `tagValues/456`. The field is ignored (both PUT & PATCH) when empty." }, "resourcePolicies": { "type": "array", "items": { "type": "string" }, "description": "Resource policies (names, not URLs) applied to instances created from these properties. Note that for MachineImage, this is not supported yet." }, "scheduling": { "$ref": "#/types/google-native:compute%2Fv1:SchedulingResponse", "description": "Specifies the scheduling options for the instances that are created from these properties." }, "serviceAccounts": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:ServiceAccountResponse" }, "description": "A list of service accounts with specified scopes. Access tokens for these service accounts are available to the instances that are created from these properties. Use metadata queries to obtain the access tokens for these instances." }, "shieldedInstanceConfig": { "$ref": "#/types/google-native:compute%2Fv1:ShieldedInstanceConfigResponse", "description": "Note that for MachineImage, this is not supported yet." }, "tags": { "$ref": "#/types/google-native:compute%2Fv1:TagsResponse", "description": "A list of tags to apply to the instances that are created from these properties. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035." } }, "type": "object", "required": [ "advancedMachineFeatures", "canIpForward", "confidentialInstanceConfig", "description", "disks", "guestAccelerators", "keyRevocationActionType", "labels", "machineType", "metadata", "minCpuPlatform", "networkInterfaces", "networkPerformanceConfig", "privateIpv6GoogleAccess", "reservationAffinity", "resourceManagerTags", "resourcePolicies", "scheduling", "serviceAccounts", "shieldedInstanceConfig", "tags" ] }, "google-native:compute/v1:Int64RangeMatch": { "description": "HttpRouteRuleMatch criteria for field values that must stay within the specified integer range.", "properties": { "rangeEnd": { "type": "string", "description": "The end of the range (exclusive) in signed long integer format." }, "rangeStart": { "type": "string", "description": "The start of the range (inclusive) in signed long integer format." } }, "type": "object" }, "google-native:compute/v1:Int64RangeMatchResponse": { "description": "HttpRouteRuleMatch criteria for field values that must stay within the specified integer range.", "properties": { "rangeEnd": { "type": "string", "description": "The end of the range (exclusive) in signed long integer format." }, "rangeStart": { "type": "string", "description": "The start of the range (inclusive) in signed long integer format." } }, "type": "object", "required": [ "rangeEnd", "rangeStart" ] }, "google-native:compute/v1:InterconnectAttachmentBandwidth": { "description": "Provisioned bandwidth capacity for the interconnect attachment. For attachments of type DEDICATED, the user can set the bandwidth. For attachments of type PARTNER, the Google Partner that is operating the interconnect must set the bandwidth. Output only for PARTNER type, mutable for PARTNER_PROVIDER and DEDICATED, and can take one of the following values: - BPS_50M: 50 Mbit/s - BPS_100M: 100 Mbit/s - BPS_200M: 200 Mbit/s - BPS_300M: 300 Mbit/s - BPS_400M: 400 Mbit/s - BPS_500M: 500 Mbit/s - BPS_1G: 1 Gbit/s - BPS_2G: 2 Gbit/s - BPS_5G: 5 Gbit/s - BPS_10G: 10 Gbit/s - BPS_20G: 20 Gbit/s - BPS_50G: 50 Gbit/s ", "type": "string", "enum": [ { "name": "Bps100m", "description": "100 Mbit/s", "value": "BPS_100M" }, { "name": "Bps10g", "description": "10 Gbit/s", "value": "BPS_10G" }, { "name": "Bps1g", "description": "1 Gbit/s", "value": "BPS_1G" }, { "name": "Bps200m", "description": "200 Mbit/s", "value": "BPS_200M" }, { "name": "Bps20g", "description": "20 Gbit/s", "value": "BPS_20G" }, { "name": "Bps2g", "description": "2 Gbit/s", "value": "BPS_2G" }, { "name": "Bps300m", "description": "300 Mbit/s", "value": "BPS_300M" }, { "name": "Bps400m", "description": "400 Mbit/s", "value": "BPS_400M" }, { "name": "Bps500m", "description": "500 Mbit/s", "value": "BPS_500M" }, { "name": "Bps50g", "description": "50 Gbit/s", "value": "BPS_50G" }, { "name": "Bps50m", "description": "50 Mbit/s", "value": "BPS_50M" }, { "name": "Bps5g", "description": "5 Gbit/s", "value": "BPS_5G" } ] }, "google-native:compute/v1:InterconnectAttachmentConfigurationConstraintsBgpPeerASNRangeResponse": { "properties": { "max": { "type": "integer" }, "min": { "type": "integer" } }, "type": "object", "required": [ "max", "min" ] }, "google-native:compute/v1:InterconnectAttachmentConfigurationConstraintsResponse": { "properties": { "bgpMd5": { "type": "string", "description": "Whether the attachment's BGP session requires/allows/disallows BGP MD5 authentication. This can take one of the following values: MD5_OPTIONAL, MD5_REQUIRED, MD5_UNSUPPORTED. For example, a Cross-Cloud Interconnect connection to a remote cloud provider that requires BGP MD5 authentication has the interconnectRemoteLocation attachment_configuration_constraints.bgp_md5 field set to MD5_REQUIRED, and that property is propagated to the attachment. Similarly, if BGP MD5 is MD5_UNSUPPORTED, an error is returned if MD5 is requested." }, "bgpPeerAsnRanges": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:InterconnectAttachmentConfigurationConstraintsBgpPeerASNRangeResponse" }, "description": "List of ASN ranges that the remote location is known to support. Formatted as an array of inclusive ranges {min: min-value, max: max-value}. For example, [{min: 123, max: 123}, {min: 64512, max: 65534}] allows the peer ASN to be 123 or anything in the range 64512-65534. This field is only advisory. Although the API accepts other ranges, these are the ranges that we recommend." } }, "type": "object", "required": [ "bgpMd5", "bgpPeerAsnRanges" ] }, "google-native:compute/v1:InterconnectAttachmentEdgeAvailabilityDomain": { "description": "Desired availability domain for the attachment. Only available for type PARTNER, at creation time, and can take one of the following values: - AVAILABILITY_DOMAIN_ANY - AVAILABILITY_DOMAIN_1 - AVAILABILITY_DOMAIN_2 For improved reliability, customers should configure a pair of attachments, one per availability domain. The selected availability domain will be provided to the Partner via the pairing key, so that the provisioned circuit will lie in the specified domain. If not specified, the value will default to AVAILABILITY_DOMAIN_ANY.", "type": "string", "enum": [ { "name": "AvailabilityDomain1", "value": "AVAILABILITY_DOMAIN_1" }, { "name": "AvailabilityDomain2", "value": "AVAILABILITY_DOMAIN_2" }, { "name": "AvailabilityDomainAny", "value": "AVAILABILITY_DOMAIN_ANY" } ] }, "google-native:compute/v1:InterconnectAttachmentEncryption": { "description": "Indicates the user-supplied encryption option of this VLAN attachment (interconnectAttachment). Can only be specified at attachment creation for PARTNER or DEDICATED attachments. Possible values are: - NONE - This is the default value, which means that the VLAN attachment carries unencrypted traffic. VMs are able to send traffic to, or receive traffic from, such a VLAN attachment. - IPSEC - The VLAN attachment carries only encrypted traffic that is encrypted by an IPsec device, such as an HA VPN gateway or third-party IPsec VPN. VMs cannot directly send traffic to, or receive traffic from, such a VLAN attachment. To use *HA VPN over Cloud Interconnect*, the VLAN attachment must be created with this option. ", "type": "string", "enum": [ { "name": "Ipsec", "description": "The interconnect attachment will carry only encrypted traffic that is encrypted by an IPsec device such as HA VPN gateway; VMs cannot directly send traffic to or receive traffic from such an interconnect attachment. To use HA VPN over Cloud Interconnect, the interconnect attachment must be created with this option.", "value": "IPSEC" }, { "name": "None", "description": "This is the default value, which means the Interconnect Attachment will carry unencrypted traffic. VMs will be able to send traffic to or receive traffic from such interconnect attachment.", "value": "NONE" } ] }, "google-native:compute/v1:InterconnectAttachmentPartnerMetadata": { "description": "Informational metadata about Partner attachments from Partners to display to customers. These fields are propagated from PARTNER_PROVIDER attachments to their corresponding PARTNER attachments.", "properties": { "interconnectName": { "type": "string", "description": "Plain text name of the Interconnect this attachment is connected to, as displayed in the Partner's portal. For instance \"Chicago 1\". This value may be validated to match approved Partner values." }, "partnerName": { "type": "string", "description": "Plain text name of the Partner providing this attachment. This value may be validated to match approved Partner values." }, "portalUrl": { "type": "string", "description": "URL of the Partner's portal for this Attachment. Partners may customise this to be a deep link to the specific resource on the Partner portal. This value may be validated to match approved Partner values." } }, "type": "object" }, "google-native:compute/v1:InterconnectAttachmentPartnerMetadataResponse": { "description": "Informational metadata about Partner attachments from Partners to display to customers. These fields are propagated from PARTNER_PROVIDER attachments to their corresponding PARTNER attachments.", "properties": { "interconnectName": { "type": "string", "description": "Plain text name of the Interconnect this attachment is connected to, as displayed in the Partner's portal. For instance \"Chicago 1\". This value may be validated to match approved Partner values." }, "partnerName": { "type": "string", "description": "Plain text name of the Partner providing this attachment. This value may be validated to match approved Partner values." }, "portalUrl": { "type": "string", "description": "URL of the Partner's portal for this Attachment. Partners may customise this to be a deep link to the specific resource on the Partner portal. This value may be validated to match approved Partner values." } }, "type": "object", "required": [ "interconnectName", "partnerName", "portalUrl" ] }, "google-native:compute/v1:InterconnectAttachmentPrivateInfoResponse": { "description": "Information for an interconnect attachment when this belongs to an interconnect of type DEDICATED.", "properties": { "tag8021q": { "type": "integer", "description": "802.1q encapsulation tag to be used for traffic between Google and the customer, going to and from this network and region." } }, "type": "object", "required": [ "tag8021q" ] }, "google-native:compute/v1:InterconnectAttachmentStackType": { "description": "The stack type for this interconnect attachment to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. This field can be both set at interconnect attachments creation and update interconnect attachment operations.", "type": "string", "enum": [ { "name": "Ipv4Ipv6", "description": "The interconnect attachment can have both IPv4 and IPv6 addresses.", "value": "IPV4_IPV6" }, { "name": "Ipv4Only", "description": "The interconnect attachment will only be assigned IPv4 addresses.", "value": "IPV4_ONLY" } ] }, "google-native:compute/v1:InterconnectAttachmentType": { "description": "The type of interconnect attachment this is, which can take one of the following values: - DEDICATED: an attachment to a Dedicated Interconnect. - PARTNER: an attachment to a Partner Interconnect, created by the customer. - PARTNER_PROVIDER: an attachment to a Partner Interconnect, created by the partner. ", "type": "string", "enum": [ { "name": "Dedicated", "description": "Attachment to a dedicated interconnect.", "value": "DEDICATED" }, { "name": "Partner", "description": "Attachment to a partner interconnect, created by the customer.", "value": "PARTNER" }, { "name": "PartnerProvider", "description": "Attachment to a partner interconnect, created by the partner.", "value": "PARTNER_PROVIDER" } ] }, "google-native:compute/v1:InterconnectCircuitInfoResponse": { "description": "Describes a single physical circuit between the Customer and Google. CircuitInfo objects are created by Google, so all fields are output only.", "properties": { "customerDemarcId": { "type": "string", "description": "Customer-side demarc ID for this circuit." }, "googleCircuitId": { "type": "string", "description": "Google-assigned unique ID for this circuit. Assigned at circuit turn-up." }, "googleDemarcId": { "type": "string", "description": "Google-side demarc ID for this circuit. Assigned at circuit turn-up and provided by Google to the customer in the LOA." } }, "type": "object", "required": [ "customerDemarcId", "googleCircuitId", "googleDemarcId" ] }, "google-native:compute/v1:InterconnectInterconnectType": { "description": "Type of interconnect, which can take one of the following values: - PARTNER: A partner-managed interconnection shared between customers though a partner. - DEDICATED: A dedicated physical interconnection with the customer. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED.", "type": "string", "enum": [ { "name": "Dedicated", "description": "A dedicated physical interconnection with the customer.", "value": "DEDICATED" }, { "name": "ItPrivate", "description": "[Deprecated] A private, physical interconnection with the customer.", "value": "IT_PRIVATE" }, { "name": "Partner", "description": "A partner-managed interconnection shared between customers via partner.", "value": "PARTNER" } ] }, "google-native:compute/v1:InterconnectLinkType": { "description": "Type of link requested, which can take one of the following values: - LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics - LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. Note that this field indicates the speed of each of the links in the bundle, not the speed of the entire bundle.", "type": "string", "enum": [ { "name": "LinkTypeEthernet100gLr", "description": "100G Ethernet, LR Optics.", "value": "LINK_TYPE_ETHERNET_100G_LR" }, { "name": "LinkTypeEthernet10gLr", "description": "10G Ethernet, LR Optics. [(rate_bps) = 10000000000];", "value": "LINK_TYPE_ETHERNET_10G_LR" } ] }, "google-native:compute/v1:InterconnectMacsec": { "description": "Configuration information for enabling Media Access Control security (MACsec) on this Cloud Interconnect connection between Google and your on-premises router.", "properties": { "failOpen": { "type": "boolean", "description": "If set to true, the Interconnect connection is configured with a should-secure MACsec security policy, that allows the Google router to fallback to cleartext traffic if the MKA session cannot be established. By default, the Interconnect connection is configured with a must-secure security policy that drops all traffic if the MKA session cannot be established with your router." }, "preSharedKeys": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:InterconnectMacsecPreSharedKey" }, "description": "A keychain placeholder describing a set of named key objects along with their start times. A MACsec CKN/CAK is generated for each key in the key chain. Google router automatically picks the key with the most recent startTime when establishing or re-establishing a MACsec secure link." } }, "type": "object", "required": [ "preSharedKeys" ] }, "google-native:compute/v1:InterconnectMacsecPreSharedKey": { "description": "Describes a pre-shared key used to setup MACsec in static connectivity association key (CAK) mode.", "properties": { "name": { "type": "string", "description": "A name for this pre-shared key. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "startTime": { "type": "string", "description": "A RFC3339 timestamp on or after which the key is valid. startTime can be in the future. If the keychain has a single key, startTime can be omitted. If the keychain has multiple keys, startTime is mandatory for each key. The start times of keys must be in increasing order. The start times of two consecutive keys must be at least 6 hours apart." } }, "type": "object", "required": [ "name" ] }, "google-native:compute/v1:InterconnectMacsecPreSharedKeyResponse": { "description": "Describes a pre-shared key used to setup MACsec in static connectivity association key (CAK) mode.", "properties": { "name": { "type": "string", "description": "A name for this pre-shared key. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "startTime": { "type": "string", "description": "A RFC3339 timestamp on or after which the key is valid. startTime can be in the future. If the keychain has a single key, startTime can be omitted. If the keychain has multiple keys, startTime is mandatory for each key. The start times of keys must be in increasing order. The start times of two consecutive keys must be at least 6 hours apart." } }, "type": "object", "required": [ "name", "startTime" ] }, "google-native:compute/v1:InterconnectMacsecResponse": { "description": "Configuration information for enabling Media Access Control security (MACsec) on this Cloud Interconnect connection between Google and your on-premises router.", "properties": { "failOpen": { "type": "boolean", "description": "If set to true, the Interconnect connection is configured with a should-secure MACsec security policy, that allows the Google router to fallback to cleartext traffic if the MKA session cannot be established. By default, the Interconnect connection is configured with a must-secure security policy that drops all traffic if the MKA session cannot be established with your router." }, "preSharedKeys": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:InterconnectMacsecPreSharedKeyResponse" }, "description": "A keychain placeholder describing a set of named key objects along with their start times. A MACsec CKN/CAK is generated for each key in the key chain. Google router automatically picks the key with the most recent startTime when establishing or re-establishing a MACsec secure link." } }, "type": "object", "required": [ "failOpen", "preSharedKeys" ] }, "google-native:compute/v1:InterconnectOutageNotificationResponse": { "description": "Description of a planned outage on this Interconnect.", "properties": { "affectedCircuits": { "type": "array", "items": { "type": "string" }, "description": "If issue_type is IT_PARTIAL_OUTAGE, a list of the Google-side circuit IDs that will be affected." }, "description": { "type": "string", "description": "A description about the purpose of the outage." }, "endTime": { "type": "string", "description": "Scheduled end time for the outage (milliseconds since Unix epoch)." }, "issueType": { "type": "string", "description": "Form this outage is expected to take, which can take one of the following values: - OUTAGE: The Interconnect may be completely out of service for some or all of the specified window. - PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain up, but with reduced bandwidth. Note that the versions of this enum prefixed with \"IT_\" have been deprecated in favor of the unprefixed values." }, "name": { "type": "string", "description": "Unique identifier for this outage notification." }, "source": { "type": "string", "description": "The party that generated this notification, which can take the following value: - GOOGLE: this notification as generated by Google. Note that the value of NSRC_GOOGLE has been deprecated in favor of GOOGLE." }, "startTime": { "type": "string", "description": "Scheduled start time for the outage (milliseconds since Unix epoch)." }, "state": { "type": "string", "description": "State of this notification, which can take one of the following values: - ACTIVE: This outage notification is active. The event could be in the past, present, or future. See start_time and end_time for scheduling. - CANCELLED: The outage associated with this notification was cancelled before the outage was due to start. - COMPLETED: The outage associated with this notification is complete. Note that the versions of this enum prefixed with \"NS_\" have been deprecated in favor of the unprefixed values." } }, "type": "object", "required": [ "affectedCircuits", "description", "endTime", "issueType", "name", "source", "startTime", "state" ] }, "google-native:compute/v1:InterconnectRequestedFeaturesItem": { "type": "string", "enum": [ { "name": "IfMacsec", "description": "Media Access Control security (MACsec)", "value": "IF_MACSEC" } ] }, "google-native:compute/v1:LicenseResourceCommitment": { "description": "Commitment for a particular license resource.", "properties": { "amount": { "type": "string", "description": "The number of licenses purchased." }, "coresPerLicense": { "type": "string", "description": "Specifies the core range of the instance for which this license applies." }, "license": { "type": "string", "description": "Any applicable license URI." } }, "type": "object" }, "google-native:compute/v1:LicenseResourceCommitmentResponse": { "description": "Commitment for a particular license resource.", "properties": { "amount": { "type": "string", "description": "The number of licenses purchased." }, "coresPerLicense": { "type": "string", "description": "Specifies the core range of the instance for which this license applies." }, "license": { "type": "string", "description": "Any applicable license URI." } }, "type": "object", "required": [ "amount", "coresPerLicense", "license" ] }, "google-native:compute/v1:LicenseResourceRequirements": { "properties": { "minGuestCpuCount": { "type": "integer", "description": "Minimum number of guest cpus required to use the Instance. Enforced at Instance creation and Instance start." }, "minMemoryMb": { "type": "integer", "description": "Minimum memory required to use the Instance. Enforced at Instance creation and Instance start." } }, "type": "object" }, "google-native:compute/v1:LicenseResourceRequirementsResponse": { "properties": { "minGuestCpuCount": { "type": "integer", "description": "Minimum number of guest cpus required to use the Instance. Enforced at Instance creation and Instance start." }, "minMemoryMb": { "type": "integer", "description": "Minimum memory required to use the Instance. Enforced at Instance creation and Instance start." } }, "type": "object", "required": [ "minGuestCpuCount", "minMemoryMb" ] }, "google-native:compute/v1:LocalDisk": { "properties": { "diskCount": { "type": "integer", "description": "Specifies the number of such disks." }, "diskSizeGb": { "type": "integer", "description": "Specifies the size of the disk in base-2 GB." }, "diskType": { "type": "string", "description": "Specifies the desired disk type on the node. This disk type must be a local storage type (e.g.: local-ssd). Note that for nodeTemplates, this should be the name of the disk type and not its URL." } }, "type": "object" }, "google-native:compute/v1:LocalDiskResponse": { "properties": { "diskCount": { "type": "integer", "description": "Specifies the number of such disks." }, "diskSizeGb": { "type": "integer", "description": "Specifies the size of the disk in base-2 GB." }, "diskType": { "type": "string", "description": "Specifies the desired disk type on the node. This disk type must be a local storage type (e.g.: local-ssd). Note that for nodeTemplates, this should be the name of the disk type and not its URL." } }, "type": "object", "required": [ "diskCount", "diskSizeGb", "diskType" ] }, "google-native:compute/v1:LogConfig": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "cloudAudit": { "$ref": "#/types/google-native:compute%2Fv1:LogConfigCloudAuditOptions", "description": "This is deprecated and has no effect. Do not use." }, "counter": { "$ref": "#/types/google-native:compute%2Fv1:LogConfigCounterOptions", "description": "This is deprecated and has no effect. Do not use." }, "dataAccess": { "$ref": "#/types/google-native:compute%2Fv1:LogConfigDataAccessOptions", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object" }, "google-native:compute/v1:LogConfigCloudAuditOptions": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "authorizationLoggingOptions": { "$ref": "#/types/google-native:compute%2Fv1:AuthorizationLoggingOptions", "description": "This is deprecated and has no effect. Do not use." }, "logName": { "$ref": "#/types/google-native:compute%2Fv1:LogConfigCloudAuditOptionsLogName", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object" }, "google-native:compute/v1:LogConfigCloudAuditOptionsLogName": { "description": "This is deprecated and has no effect. Do not use.", "type": "string", "enum": [ { "name": "AdminActivity", "description": "This is deprecated and has no effect. Do not use.", "value": "ADMIN_ACTIVITY" }, { "name": "DataAccess", "description": "This is deprecated and has no effect. Do not use.", "value": "DATA_ACCESS" }, { "name": "UnspecifiedLogName", "description": "This is deprecated and has no effect. Do not use.", "value": "UNSPECIFIED_LOG_NAME" } ] }, "google-native:compute/v1:LogConfigCloudAuditOptionsResponse": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "authorizationLoggingOptions": { "$ref": "#/types/google-native:compute%2Fv1:AuthorizationLoggingOptionsResponse", "description": "This is deprecated and has no effect. Do not use." }, "logName": { "type": "string", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object", "required": [ "authorizationLoggingOptions", "logName" ] }, "google-native:compute/v1:LogConfigCounterOptions": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "customFields": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:LogConfigCounterOptionsCustomField" }, "description": "This is deprecated and has no effect. Do not use." }, "field": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "metric": { "type": "string", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object" }, "google-native:compute/v1:LogConfigCounterOptionsCustomField": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "name": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "value": { "type": "string", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object" }, "google-native:compute/v1:LogConfigCounterOptionsCustomFieldResponse": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "name": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "value": { "type": "string", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object", "required": [ "name", "value" ] }, "google-native:compute/v1:LogConfigCounterOptionsResponse": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "customFields": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:LogConfigCounterOptionsCustomFieldResponse" }, "description": "This is deprecated and has no effect. Do not use." }, "field": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "metric": { "type": "string", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object", "required": [ "customFields", "field", "metric" ] }, "google-native:compute/v1:LogConfigDataAccessOptions": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "logMode": { "$ref": "#/types/google-native:compute%2Fv1:LogConfigDataAccessOptionsLogMode", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object" }, "google-native:compute/v1:LogConfigDataAccessOptionsLogMode": { "description": "This is deprecated and has no effect. Do not use.", "type": "string", "enum": [ { "name": "LogFailClosed", "description": "This is deprecated and has no effect. Do not use.", "value": "LOG_FAIL_CLOSED" }, { "name": "LogModeUnspecified", "description": "This is deprecated and has no effect. Do not use.", "value": "LOG_MODE_UNSPECIFIED" } ] }, "google-native:compute/v1:LogConfigDataAccessOptionsResponse": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "logMode": { "type": "string", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object", "required": [ "logMode" ] }, "google-native:compute/v1:LogConfigResponse": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "cloudAudit": { "$ref": "#/types/google-native:compute%2Fv1:LogConfigCloudAuditOptionsResponse", "description": "This is deprecated and has no effect. Do not use." }, "counter": { "$ref": "#/types/google-native:compute%2Fv1:LogConfigCounterOptionsResponse", "description": "This is deprecated and has no effect. Do not use." }, "dataAccess": { "$ref": "#/types/google-native:compute%2Fv1:LogConfigDataAccessOptionsResponse", "description": "This is deprecated and has no effect. Do not use." } }, "type": "object", "required": [ "cloudAudit", "counter", "dataAccess" ] }, "google-native:compute/v1:Metadata": { "description": "A metadata key/value entry.", "properties": { "items": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:MetadataItemsItem" }, "description": "Array of key/value pairs. The total size of all keys and values must be less than 512 KB." } }, "type": "object" }, "google-native:compute/v1:MetadataFilter": { "description": "Opaque filter criteria used by load balancers to restrict routing configuration to a limited set of load balancing proxies. Proxies and sidecars involved in load balancing would typically present metadata to the load balancers that need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if load balancing involves Envoys, they receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.", "properties": { "filterLabels": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:MetadataFilterLabelMatch" }, "description": "The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries." }, "filterMatchCriteria": { "$ref": "#/types/google-native:compute%2Fv1:MetadataFilterFilterMatchCriteria", "description": "Specifies how individual filter label matches within the list of filterLabels and contributes toward the overall metadataFilter match. Supported values are: - MATCH_ANY: at least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: all filterLabels must have matching labels in the provided metadata. " } }, "type": "object" }, "google-native:compute/v1:MetadataFilterFilterMatchCriteria": { "description": "Specifies how individual filter label matches within the list of filterLabels and contributes toward the overall metadataFilter match. Supported values are: - MATCH_ANY: at least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: all filterLabels must have matching labels in the provided metadata. ", "type": "string", "enum": [ { "name": "MatchAll", "description": "Specifies that all filterLabels must match for the metadataFilter to be considered a match.", "value": "MATCH_ALL" }, { "name": "MatchAny", "description": "Specifies that any filterLabel must match for the metadataFilter to be considered a match.", "value": "MATCH_ANY" }, { "name": "NotSet", "description": "Indicates that the match criteria was not set. A metadataFilter must never be created with this value.", "value": "NOT_SET" } ] }, "google-native:compute/v1:MetadataFilterLabelMatch": { "description": "MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the load balancer.", "properties": { "name": { "type": "string", "description": "Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long." }, "value": { "type": "string", "description": "The value of the label must match the specified value. value can have a maximum length of 1024 characters." } }, "type": "object" }, "google-native:compute/v1:MetadataFilterLabelMatchResponse": { "description": "MetadataFilter label name value pairs that are expected to match corresponding labels presented as metadata to the load balancer.", "properties": { "name": { "type": "string", "description": "Name of metadata label. The name can have a maximum length of 1024 characters and must be at least 1 character long." }, "value": { "type": "string", "description": "The value of the label must match the specified value. value can have a maximum length of 1024 characters." } }, "type": "object", "required": [ "name", "value" ] }, "google-native:compute/v1:MetadataFilterResponse": { "description": "Opaque filter criteria used by load balancers to restrict routing configuration to a limited set of load balancing proxies. Proxies and sidecars involved in load balancing would typically present metadata to the load balancers that need to match criteria specified here. If a match takes place, the relevant configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. An example for using metadataFilters would be: if load balancing involves Envoys, they receive routing configuration when values in metadataFilters match values supplied in of their XDS requests to loadbalancers.", "properties": { "filterLabels": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:MetadataFilterLabelMatchResponse" }, "description": "The list of label value pairs that must match labels in the provided metadata based on filterMatchCriteria This list must not be empty and can have at the most 64 entries." }, "filterMatchCriteria": { "type": "string", "description": "Specifies how individual filter label matches within the list of filterLabels and contributes toward the overall metadataFilter match. Supported values are: - MATCH_ANY: at least one of the filterLabels must have a matching label in the provided metadata. - MATCH_ALL: all filterLabels must have matching labels in the provided metadata. " } }, "type": "object", "required": [ "filterLabels", "filterMatchCriteria" ] }, "google-native:compute/v1:MetadataItemsItem": { "description": "Metadata", "properties": { "key": { "type": "string", "description": "Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project." }, "value": { "type": "string", "description": "Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB)." } }, "type": "object" }, "google-native:compute/v1:MetadataItemsItemResponse": { "description": "Metadata", "properties": { "key": { "type": "string", "description": "Key for the metadata entry. Keys must conform to the following regexp: [a-zA-Z0-9-_]+, and be less than 128 bytes in length. This is reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project." }, "value": { "type": "string", "description": "Value for the metadata entry. These are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on values is that their size must be less than or equal to 262144 bytes (256 KiB)." } }, "type": "object", "required": [ "key", "value" ] }, "google-native:compute/v1:MetadataResponse": { "description": "A metadata key/value entry.", "properties": { "fingerprint": { "type": "string", "description": "Specifies a fingerprint for this request, which is essentially a hash of the metadata's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update metadata. You must always provide an up-to-date fingerprint hash in order to update or change metadata, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve the resource." }, "items": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:MetadataItemsItemResponse" }, "description": "Array of key/value pairs. The total size of all keys and values must be less than 512 KB." }, "kind": { "type": "string", "description": "Type of the resource. Always compute#metadata for metadata." } }, "type": "object", "required": [ "fingerprint", "items", "kind" ] }, "google-native:compute/v1:NamedPort": { "description": "The named port. For example: <\"http\", 80>.", "properties": { "name": { "type": "string", "description": "The name for this named port. The name must be 1-63 characters long, and comply with RFC1035." }, "port": { "type": "integer", "description": "The port number, which can be a value between 1 and 65535." } }, "type": "object" }, "google-native:compute/v1:NamedPortResponse": { "description": "The named port. For example: <\"http\", 80>.", "properties": { "name": { "type": "string", "description": "The name for this named port. The name must be 1-63 characters long, and comply with RFC1035." }, "port": { "type": "integer", "description": "The port number, which can be a value between 1 and 65535." } }, "type": "object", "required": [ "name", "port" ] }, "google-native:compute/v1:NetworkAttachmentConnectedEndpointResponse": { "description": "[Output Only] A connection connected to this network attachment.", "properties": { "ipAddress": { "type": "string", "description": "The IPv4 address assigned to the producer instance network interface. This value will be a range in case of Serverless." }, "ipv6Address": { "type": "string", "description": "The IPv6 address assigned to the producer instance network interface. This is only assigned when the stack types of both the instance network interface and the consumer subnet are IPv4_IPv6." }, "projectIdOrNum": { "type": "string", "description": "The project id or number of the interface to which the IP was assigned." }, "secondaryIpCidrRanges": { "type": "array", "items": { "type": "string" }, "description": "Alias IP ranges from the same subnetwork." }, "status": { "type": "string", "description": "The status of a connected endpoint to this network attachment." }, "subnetwork": { "type": "string", "description": "The subnetwork used to assign the IP to the producer instance network interface." }, "subnetworkCidrRange": { "type": "string", "description": "The CIDR range of the subnet from which the IPv4 internal IP was allocated from." } }, "type": "object", "required": [ "ipAddress", "ipv6Address", "projectIdOrNum", "secondaryIpCidrRanges", "status", "subnetwork", "subnetworkCidrRange" ] }, "google-native:compute/v1:NetworkAttachmentConnectionPreference": { "type": "string", "enum": [ { "name": "AcceptAutomatic", "value": "ACCEPT_AUTOMATIC" }, { "name": "AcceptManual", "value": "ACCEPT_MANUAL" }, { "name": "Invalid", "value": "INVALID" } ] }, "google-native:compute/v1:NetworkEndpointGroupAppEngine": { "description": "Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.", "properties": { "service": { "type": "string", "description": "Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: \"default\", \"my-service\"." }, "urlMask": { "type": "string", "description": "A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs \"foo1-dot-appname.appspot.com/v1\" and \"foo1-dot-appname.appspot.com/v2\" can be backed by the same Serverless NEG with URL mask \"-dot-appname.appspot.com/\". The URL mask will parse them to { service = \"foo1\", version = \"v1\" } and { service = \"foo1\", version = \"v2\" } respectively." }, "version": { "type": "string", "description": "Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: \"v1\", \"v2\"." } }, "type": "object" }, "google-native:compute/v1:NetworkEndpointGroupAppEngineResponse": { "description": "Configuration for an App Engine network endpoint group (NEG). The service is optional, may be provided explicitly or in the URL mask. The version is optional and can only be provided explicitly or in the URL mask when service is present. Note: App Engine service must be in the same project and located in the same region as the Serverless NEG.", "properties": { "service": { "type": "string", "description": "Optional serving service. The service name is case-sensitive and must be 1-63 characters long. Example value: \"default\", \"my-service\"." }, "urlMask": { "type": "string", "description": "A template to parse service and version fields from a request URL. URL mask allows for routing to multiple App Engine services without having to create multiple Network Endpoint Groups and backend services. For example, the request URLs \"foo1-dot-appname.appspot.com/v1\" and \"foo1-dot-appname.appspot.com/v2\" can be backed by the same Serverless NEG with URL mask \"-dot-appname.appspot.com/\". The URL mask will parse them to { service = \"foo1\", version = \"v1\" } and { service = \"foo1\", version = \"v2\" } respectively." }, "version": { "type": "string", "description": "Optional serving version. The version name is case-sensitive and must be 1-100 characters long. Example value: \"v1\", \"v2\"." } }, "type": "object", "required": [ "service", "urlMask", "version" ] }, "google-native:compute/v1:NetworkEndpointGroupCloudFunction": { "description": "Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.", "properties": { "function": { "type": "string", "description": "A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: \"func1\"." }, "urlMask": { "type": "string", "description": "A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs \" mydomain.com/function1\" and \"mydomain.com/function2\" can be backed by the same Serverless NEG with URL mask \"/\". The URL mask will parse them to { function = \"function1\" } and { function = \"function2\" } respectively." } }, "type": "object" }, "google-native:compute/v1:NetworkEndpointGroupCloudFunctionResponse": { "description": "Configuration for a Cloud Function network endpoint group (NEG). The function must be provided explicitly or in the URL mask. Note: Cloud Function must be in the same project and located in the same region as the Serverless NEG.", "properties": { "function": { "type": "string", "description": "A user-defined name of the Cloud Function. The function name is case-sensitive and must be 1-63 characters long. Example value: \"func1\"." }, "urlMask": { "type": "string", "description": "A template to parse function field from a request URL. URL mask allows for routing to multiple Cloud Functions without having to create multiple Network Endpoint Groups and backend services. For example, request URLs \" mydomain.com/function1\" and \"mydomain.com/function2\" can be backed by the same Serverless NEG with URL mask \"/\". The URL mask will parse them to { function = \"function1\" } and { function = \"function2\" } respectively." } }, "type": "object", "required": [ "function", "urlMask" ] }, "google-native:compute/v1:NetworkEndpointGroupCloudRun": { "description": "Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.", "properties": { "service": { "type": "string", "description": "Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: \"run-service\"." }, "tag": { "type": "string", "description": "Optional Cloud Run tag represents the \"named-revision\" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: \"revision-0010\"." }, "urlMask": { "type": "string", "description": "A template to parse and fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs \"foo1.domain.com/bar1\" and \"foo1.domain.com/bar2\" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask \".domain.com/\". The URL mask will parse them to { service=\"bar1\", tag=\"foo1\" } and { service=\"bar2\", tag=\"foo2\" } respectively." } }, "type": "object" }, "google-native:compute/v1:NetworkEndpointGroupCloudRunResponse": { "description": "Configuration for a Cloud Run network endpoint group (NEG). The service must be provided explicitly or in the URL mask. The tag is optional, may be provided explicitly or in the URL mask. Note: Cloud Run service must be in the same project and located in the same region as the Serverless NEG.", "properties": { "service": { "type": "string", "description": "Cloud Run service is the main resource of Cloud Run. The service must be 1-63 characters long, and comply with RFC1035. Example value: \"run-service\"." }, "tag": { "type": "string", "description": "Optional Cloud Run tag represents the \"named-revision\" to provide additional fine-grained traffic routing information. The tag must be 1-63 characters long, and comply with RFC1035. Example value: \"revision-0010\"." }, "urlMask": { "type": "string", "description": "A template to parse and fields from a request URL. URL mask allows for routing to multiple Run services without having to create multiple network endpoint groups and backend services. For example, request URLs \"foo1.domain.com/bar1\" and \"foo1.domain.com/bar2\" can be backed by the same Serverless Network Endpoint Group (NEG) with URL mask \".domain.com/\". The URL mask will parse them to { service=\"bar1\", tag=\"foo1\" } and { service=\"bar2\", tag=\"foo2\" } respectively." } }, "type": "object", "required": [ "service", "tag", "urlMask" ] }, "google-native:compute/v1:NetworkEndpointGroupNetworkEndpointType": { "description": "Type of network endpoints in this network endpoint group. Can be one of GCE_VM_IP, GCE_VM_IP_PORT, NON_GCP_PRIVATE_IP_PORT, INTERNET_FQDN_PORT, INTERNET_IP_PORT, SERVERLESS, PRIVATE_SERVICE_CONNECT.", "type": "string", "enum": [ { "name": "GceVmIp", "description": "The network endpoint is represented by an IP address.", "value": "GCE_VM_IP" }, { "name": "GceVmIpPort", "description": "The network endpoint is represented by IP address and port pair.", "value": "GCE_VM_IP_PORT" }, { "name": "InternetFqdnPort", "description": "The network endpoint is represented by fully qualified domain name and port.", "value": "INTERNET_FQDN_PORT" }, { "name": "InternetIpPort", "description": "The network endpoint is represented by an internet IP address and port.", "value": "INTERNET_IP_PORT" }, { "name": "NonGcpPrivateIpPort", "description": "The network endpoint is represented by an IP address and port. The endpoint belongs to a VM or pod running in a customer's on-premises.", "value": "NON_GCP_PRIVATE_IP_PORT" }, { "name": "PrivateServiceConnect", "description": "The network endpoint is either public Google APIs or services exposed by other GCP Project with a Service Attachment. The connection is set up by private service connect", "value": "PRIVATE_SERVICE_CONNECT" }, { "name": "Serverless", "description": "The network endpoint is handled by specified serverless infrastructure.", "value": "SERVERLESS" } ] }, "google-native:compute/v1:NetworkEndpointGroupPscData": { "description": "All data that is specifically relevant to only network endpoint groups of type PRIVATE_SERVICE_CONNECT.", "type": "object" }, "google-native:compute/v1:NetworkEndpointGroupPscDataResponse": { "description": "All data that is specifically relevant to only network endpoint groups of type PRIVATE_SERVICE_CONNECT.", "properties": { "consumerPscAddress": { "type": "string", "description": "Address allocated from given subnetwork for PSC. This IP address acts as a VIP for a PSC NEG, allowing it to act as an endpoint in L7 PSC-XLB." }, "pscConnectionId": { "type": "string", "description": "The PSC connection id of the PSC Network Endpoint Group Consumer." }, "pscConnectionStatus": { "type": "string", "description": "The connection status of the PSC Forwarding Rule." } }, "type": "object", "required": [ "consumerPscAddress", "pscConnectionId", "pscConnectionStatus" ] }, "google-native:compute/v1:NetworkInterface": { "description": "A network interface resource attached to an instance.", "properties": { "accessConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:AccessConfig" }, "description": "An array of configurations for this interface. Currently, only one access config, ONE_TO_ONE_NAT, is supported. If there are no accessConfigs specified, then this instance will have no external internet access." }, "aliasIpRanges": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:AliasIpRange" }, "description": "An array of alias IP ranges for this network interface. You can only specify this field for network interfaces in VPC networks." }, "internalIpv6PrefixLength": { "type": "integer", "description": "The prefix length of the primary internal IPv6 range." }, "ipv6AccessConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:AccessConfig" }, "description": "An array of IPv6 access configurations for this interface. Currently, only one IPv6 access config, DIRECT_IPV6, is supported. If there is no ipv6AccessConfig specified, then this instance will have no external IPv6 Internet access." }, "ipv6Address": { "type": "string", "description": "An IPv6 internal network address for this network interface. To use a static internal IP address, it must be unused and in the same region as the instance's zone. If not specified, Google Cloud will automatically assign an internal IPv6 address from the instance's subnetwork." }, "network": { "type": "string", "description": "URL of the VPC network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used. If the selected project doesn't have the default network, you must specify a network or subnet. If the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default " }, "networkAttachment": { "type": "string", "description": "The URL of the network attachment that this interface should connect to in the following format: projects/{project_number}/regions/{region_name}/networkAttachments/{network_attachment_name}." }, "networkIP": { "type": "string", "description": "An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system." }, "nicType": { "$ref": "#/types/google-native:compute%2Fv1:NetworkInterfaceNicType", "description": "The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet." }, "queueCount": { "type": "integer", "description": "The networking queue count that's specified by users for the network interface. Both Rx and Tx queues will be set to this number. It'll be empty if not specified by the users." }, "stackType": { "$ref": "#/types/google-native:compute%2Fv1:NetworkInterfaceStackType", "description": "The stack type for this network interface. To assign only IPv4 addresses, use IPV4_ONLY. To assign both IPv4 and IPv6 addresses, use IPV4_IPV6. If not specified, IPV4_ONLY is used. This field can be both set at instance creation and update network interface operations." }, "subnetwork": { "type": "string", "description": "The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork " } }, "type": "object" }, "google-native:compute/v1:NetworkInterfaceNicType": { "description": "The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet.", "type": "string", "enum": [ { "name": "Gvnic", "description": "GVNIC", "value": "GVNIC" }, { "name": "UnspecifiedNicType", "description": "No type specified.", "value": "UNSPECIFIED_NIC_TYPE" }, { "name": "VirtioNet", "description": "VIRTIO", "value": "VIRTIO_NET" } ] }, "google-native:compute/v1:NetworkInterfaceResponse": { "description": "A network interface resource attached to an instance.", "properties": { "accessConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:AccessConfigResponse" }, "description": "An array of configurations for this interface. Currently, only one access config, ONE_TO_ONE_NAT, is supported. If there are no accessConfigs specified, then this instance will have no external internet access." }, "aliasIpRanges": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:AliasIpRangeResponse" }, "description": "An array of alias IP ranges for this network interface. You can only specify this field for network interfaces in VPC networks." }, "fingerprint": { "type": "string", "description": "Fingerprint hash of contents stored in this network interface. This field will be ignored when inserting an Instance or adding a NetworkInterface. An up-to-date fingerprint must be provided in order to update the NetworkInterface. The request will fail with error 400 Bad Request if the fingerprint is not provided, or 412 Precondition Failed if the fingerprint is out of date." }, "internalIpv6PrefixLength": { "type": "integer", "description": "The prefix length of the primary internal IPv6 range." }, "ipv6AccessConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:AccessConfigResponse" }, "description": "An array of IPv6 access configurations for this interface. Currently, only one IPv6 access config, DIRECT_IPV6, is supported. If there is no ipv6AccessConfig specified, then this instance will have no external IPv6 Internet access." }, "ipv6AccessType": { "type": "string", "description": "One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. Valid only if stackType is IPV4_IPV6." }, "ipv6Address": { "type": "string", "description": "An IPv6 internal network address for this network interface. To use a static internal IP address, it must be unused and in the same region as the instance's zone. If not specified, Google Cloud will automatically assign an internal IPv6 address from the instance's subnetwork." }, "kind": { "type": "string", "description": "Type of the resource. Always compute#networkInterface for network interfaces." }, "name": { "type": "string", "description": "The name of the network interface, which is generated by the server. For a VM, the network interface uses the nicN naming format. Where N is a value between 0 and 7. The default interface value is nic0." }, "network": { "type": "string", "description": "URL of the VPC network resource for this instance. When creating an instance, if neither the network nor the subnetwork is specified, the default network global/networks/default is used. If the selected project doesn't have the default network, you must specify a network or subnet. If the network is not specified but the subnetwork is specified, the network is inferred. If you specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/global/networks/ network - projects/project/global/networks/network - global/networks/default " }, "networkAttachment": { "type": "string", "description": "The URL of the network attachment that this interface should connect to in the following format: projects/{project_number}/regions/{region_name}/networkAttachments/{network_attachment_name}." }, "networkIP": { "type": "string", "description": "An IPv4 internal IP address to assign to the instance for this network interface. If not specified by the user, an unused internal IP is assigned by the system." }, "nicType": { "type": "string", "description": "The type of vNIC to be used on this interface. This may be gVNIC or VirtioNet." }, "queueCount": { "type": "integer", "description": "The networking queue count that's specified by users for the network interface. Both Rx and Tx queues will be set to this number. It'll be empty if not specified by the users." }, "stackType": { "type": "string", "description": "The stack type for this network interface. To assign only IPv4 addresses, use IPV4_ONLY. To assign both IPv4 and IPv6 addresses, use IPV4_IPV6. If not specified, IPV4_ONLY is used. This field can be both set at instance creation and update network interface operations." }, "subnetwork": { "type": "string", "description": "The URL of the Subnetwork resource for this instance. If the network resource is in legacy mode, do not specify this field. If the network is in auto subnet mode, specifying the subnetwork is optional. If the network is in custom subnet mode, specifying the subnetwork is required. If you specify this field, you can specify the subnetwork as a full or partial URL. For example, the following are all valid URLs: - https://www.googleapis.com/compute/v1/projects/project/regions/region /subnetworks/subnetwork - regions/region/subnetworks/subnetwork " } }, "type": "object", "required": [ "accessConfigs", "aliasIpRanges", "fingerprint", "internalIpv6PrefixLength", "ipv6AccessConfigs", "ipv6AccessType", "ipv6Address", "kind", "name", "network", "networkAttachment", "networkIP", "nicType", "queueCount", "stackType", "subnetwork" ] }, "google-native:compute/v1:NetworkInterfaceStackType": { "description": "The stack type for this network interface. To assign only IPv4 addresses, use IPV4_ONLY. To assign both IPv4 and IPv6 addresses, use IPV4_IPV6. If not specified, IPV4_ONLY is used. This field can be both set at instance creation and update network interface operations.", "type": "string", "enum": [ { "name": "Ipv4Ipv6", "description": "The network interface can have both IPv4 and IPv6 addresses.", "value": "IPV4_IPV6" }, { "name": "Ipv4Only", "description": "The network interface will be assigned IPv4 address.", "value": "IPV4_ONLY" } ] }, "google-native:compute/v1:NetworkNetworkFirewallPolicyEnforcementOrder": { "description": "The network firewall policy enforcement order. Can be either AFTER_CLASSIC_FIREWALL or BEFORE_CLASSIC_FIREWALL. Defaults to AFTER_CLASSIC_FIREWALL if the field is not specified.", "type": "string", "enum": [ { "name": "AfterClassicFirewall", "value": "AFTER_CLASSIC_FIREWALL" }, { "name": "BeforeClassicFirewall", "value": "BEFORE_CLASSIC_FIREWALL" } ] }, "google-native:compute/v1:NetworkPeeringResponse": { "description": "A network peering attached to a network resource. The message includes the peering name, peer network, peering state, and a flag indicating whether Google Compute Engine should automatically create routes for the peering.", "properties": { "autoCreateRoutes": { "type": "boolean", "description": "This field will be deprecated soon. Use the exchange_subnet_routes field instead. Indicates whether full mesh connectivity is created and managed automatically between peered networks. Currently this field should always be true since Google Compute Engine will automatically create and manage subnetwork routes between two networks when peering state is ACTIVE." }, "exchangeSubnetRoutes": { "type": "boolean", "description": "Indicates whether full mesh connectivity is created and managed automatically between peered networks. Currently this field should always be true since Google Compute Engine will automatically create and manage subnetwork routes between two networks when peering state is ACTIVE." }, "exportCustomRoutes": { "type": "boolean", "description": "Whether to export the custom routes to peer network. The default value is false." }, "exportSubnetRoutesWithPublicIp": { "type": "boolean", "description": "Whether subnet routes with public IP range are exported. The default value is true, all subnet routes are exported. IPv4 special-use ranges are always exported to peers and are not controlled by this field." }, "importCustomRoutes": { "type": "boolean", "description": "Whether to import the custom routes from peer network. The default value is false." }, "importSubnetRoutesWithPublicIp": { "type": "boolean", "description": "Whether subnet routes with public IP range are imported. The default value is false. IPv4 special-use ranges are always imported from peers and are not controlled by this field." }, "name": { "type": "string", "description": "Name of this peering. Provided by the client when the peering is created. The name must comply with RFC1035. Specifically, the name must be 1-63 characters long and match regular expression `[a-z]([-a-z0-9]*[a-z0-9])?`. The first character must be a lowercase letter, and all the following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "network": { "type": "string", "description": "The URL of the peer network. It can be either full URL or partial URL. The peer network may belong to a different project. If the partial URL does not contain project, it is assumed that the peer network is in the same project as the current network." }, "peerMtu": { "type": "integer", "description": "Maximum Transmission Unit in bytes." }, "stackType": { "type": "string", "description": "Which IP version(s) of traffic and routes are allowed to be imported or exported between peer networks. The default value is IPV4_ONLY." }, "state": { "type": "string", "description": "State for the peering, either `ACTIVE` or `INACTIVE`. The peering is `ACTIVE` when there's a matching configuration in the peer network." }, "stateDetails": { "type": "string", "description": "Details about the current state of the peering." } }, "type": "object", "required": [ "autoCreateRoutes", "exchangeSubnetRoutes", "exportCustomRoutes", "exportSubnetRoutesWithPublicIp", "importCustomRoutes", "importSubnetRoutesWithPublicIp", "name", "network", "peerMtu", "stackType", "state", "stateDetails" ] }, "google-native:compute/v1:NetworkPerformanceConfig": { "properties": { "totalEgressBandwidthTier": { "$ref": "#/types/google-native:compute%2Fv1:NetworkPerformanceConfigTotalEgressBandwidthTier" } }, "type": "object" }, "google-native:compute/v1:NetworkPerformanceConfigResponse": { "properties": { "totalEgressBandwidthTier": { "type": "string" } }, "type": "object", "required": [ "totalEgressBandwidthTier" ] }, "google-native:compute/v1:NetworkPerformanceConfigTotalEgressBandwidthTier": { "type": "string", "enum": [ { "name": "Default", "value": "DEFAULT" }, { "name": "Tier1", "value": "TIER_1" } ] }, "google-native:compute/v1:NetworkRoutingConfig": { "description": "A routing configuration attached to a network resource. The message includes the list of routers associated with the network, and a flag indicating the type of routing behavior to enforce network-wide.", "properties": { "routingMode": { "$ref": "#/types/google-native:compute%2Fv1:NetworkRoutingConfigRoutingMode", "description": "The network-wide routing mode to use. If set to REGIONAL, this network's Cloud Routers will only advertise routes with subnets of this network in the same region as the router. If set to GLOBAL, this network's Cloud Routers will advertise routes with all subnets of this network, across regions." } }, "type": "object" }, "google-native:compute/v1:NetworkRoutingConfigResponse": { "description": "A routing configuration attached to a network resource. The message includes the list of routers associated with the network, and a flag indicating the type of routing behavior to enforce network-wide.", "properties": { "routingMode": { "type": "string", "description": "The network-wide routing mode to use. If set to REGIONAL, this network's Cloud Routers will only advertise routes with subnets of this network in the same region as the router. If set to GLOBAL, this network's Cloud Routers will advertise routes with all subnets of this network, across regions." } }, "type": "object", "required": [ "routingMode" ] }, "google-native:compute/v1:NetworkRoutingConfigRoutingMode": { "description": "The network-wide routing mode to use. If set to REGIONAL, this network's Cloud Routers will only advertise routes with subnets of this network in the same region as the router. If set to GLOBAL, this network's Cloud Routers will advertise routes with all subnets of this network, across regions.", "type": "string", "enum": [ { "name": "Global", "value": "GLOBAL" }, { "name": "Regional", "value": "REGIONAL" } ] }, "google-native:compute/v1:NodeGroupAutoscalingPolicy": { "properties": { "maxNodes": { "type": "integer", "description": "The maximum number of nodes that the group should have. Must be set if autoscaling is enabled. Maximum value allowed is 100." }, "minNodes": { "type": "integer", "description": "The minimum number of nodes that the group should have." }, "mode": { "$ref": "#/types/google-native:compute%2Fv1:NodeGroupAutoscalingPolicyMode", "description": "The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see Autoscaler modes." } }, "type": "object" }, "google-native:compute/v1:NodeGroupAutoscalingPolicyMode": { "description": "The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see Autoscaler modes.", "type": "string", "enum": [ { "name": "ModeUnspecified", "value": "MODE_UNSPECIFIED" }, { "name": "Off", "description": "Autoscaling is disabled.", "value": "OFF" }, { "name": "On", "description": "Autocaling is fully enabled.", "value": "ON" }, { "name": "OnlyScaleOut", "description": "Autoscaling will only scale out and will not remove nodes.", "value": "ONLY_SCALE_OUT" } ] }, "google-native:compute/v1:NodeGroupAutoscalingPolicyResponse": { "properties": { "maxNodes": { "type": "integer", "description": "The maximum number of nodes that the group should have. Must be set if autoscaling is enabled. Maximum value allowed is 100." }, "minNodes": { "type": "integer", "description": "The minimum number of nodes that the group should have." }, "mode": { "type": "string", "description": "The autoscaling mode. Set to one of: ON, OFF, or ONLY_SCALE_OUT. For more information, see Autoscaler modes." } }, "type": "object", "required": [ "maxNodes", "minNodes", "mode" ] }, "google-native:compute/v1:NodeGroupMaintenancePolicy": { "description": "Specifies how to handle instances when a node in the group undergoes maintenance. Set to one of: DEFAULT, RESTART_IN_PLACE, or MIGRATE_WITHIN_NODE_GROUP. The default value is DEFAULT. For more information, see Maintenance policies.", "type": "string", "enum": [ { "name": "Default", "description": "Allow the node and corresponding instances to retain default maintenance behavior.", "value": "DEFAULT" }, { "name": "MaintenancePolicyUnspecified", "value": "MAINTENANCE_POLICY_UNSPECIFIED" }, { "name": "MigrateWithinNodeGroup", "description": "When maintenance must be done on a node, the instances on that node will be moved to other nodes in the group. Instances with onHostMaintenance = MIGRATE will live migrate to their destinations while instances with onHostMaintenance = TERMINATE will terminate and then restart on their destination nodes if automaticRestart = true.", "value": "MIGRATE_WITHIN_NODE_GROUP" }, { "name": "RestartInPlace", "description": "Instances in this group will restart on the same node when maintenance has completed. Instances must have onHostMaintenance = TERMINATE, and they will only restart if automaticRestart = true.", "value": "RESTART_IN_PLACE" } ] }, "google-native:compute/v1:NodeGroupMaintenanceWindow": { "description": "Time window specified for daily maintenance operations. GCE's internal maintenance will be performed within this window.", "properties": { "startTime": { "type": "string", "description": "Start time of the window. This must be in UTC format that resolves to one of 00:00, 04:00, 08:00, 12:00, 16:00, or 20:00. For example, both 13:00-5 and 08:00 are valid." } }, "type": "object" }, "google-native:compute/v1:NodeGroupMaintenanceWindowResponse": { "description": "Time window specified for daily maintenance operations. GCE's internal maintenance will be performed within this window.", "properties": { "maintenanceDuration": { "$ref": "#/types/google-native:compute%2Fv1:DurationResponse", "description": "[Output only] A predetermined duration for the window, automatically chosen to be the smallest possible in the given scenario." }, "startTime": { "type": "string", "description": "Start time of the window. This must be in UTC format that resolves to one of 00:00, 04:00, 08:00, 12:00, 16:00, or 20:00. For example, both 13:00-5 and 08:00 are valid." } }, "type": "object", "required": [ "maintenanceDuration", "startTime" ] }, "google-native:compute/v1:NodeGroupStatus": { "type": "string", "enum": [ { "name": "Creating", "value": "CREATING" }, { "name": "Deleting", "value": "DELETING" }, { "name": "Invalid", "value": "INVALID" }, { "name": "Ready", "value": "READY" } ] }, "google-native:compute/v1:NodeTemplateCpuOvercommitType": { "description": "CPU overcommit.", "type": "string", "enum": [ { "name": "CpuOvercommitTypeUnspecified", "value": "CPU_OVERCOMMIT_TYPE_UNSPECIFIED" }, { "name": "Enabled", "value": "ENABLED" }, { "name": "None", "value": "NONE" } ] }, "google-native:compute/v1:NodeTemplateNodeTypeFlexibility": { "properties": { "cpus": { "type": "string" }, "localSsd": { "type": "string" }, "memory": { "type": "string" } }, "type": "object" }, "google-native:compute/v1:NodeTemplateNodeTypeFlexibilityResponse": { "properties": { "cpus": { "type": "string" }, "localSsd": { "type": "string" }, "memory": { "type": "string" } }, "type": "object", "required": [ "cpus", "localSsd", "memory" ] }, "google-native:compute/v1:NotificationEndpointGrpcSettings": { "description": "Represents a gRPC setting that describes one gRPC notification endpoint and the retry duration attempting to send notification to this endpoint.", "properties": { "authority": { "type": "string", "description": "Optional. If specified, this field is used to set the authority header by the sender of notifications. See https://tools.ietf.org/html/rfc7540#section-8.1.2.3" }, "endpoint": { "type": "string", "description": "Endpoint to which gRPC notifications are sent. This must be a valid gRPCLB DNS name." }, "payloadName": { "type": "string", "description": "Optional. If specified, this field is used to populate the \"name\" field in gRPC requests." }, "resendInterval": { "$ref": "#/types/google-native:compute%2Fv1:Duration", "description": "Optional. This field is used to configure how often to send a full update of all non-healthy backends. If unspecified, full updates are not sent. If specified, must be in the range between 600 seconds to 3600 seconds. Nanos are disallowed. Can only be set for regional notification endpoints." }, "retryDurationSec": { "type": "integer", "description": "How much time (in seconds) is spent attempting notification retries until a successful response is received. Default is 30s. Limit is 20m (1200s). Must be a positive number." } }, "type": "object" }, "google-native:compute/v1:NotificationEndpointGrpcSettingsResponse": { "description": "Represents a gRPC setting that describes one gRPC notification endpoint and the retry duration attempting to send notification to this endpoint.", "properties": { "authority": { "type": "string", "description": "Optional. If specified, this field is used to set the authority header by the sender of notifications. See https://tools.ietf.org/html/rfc7540#section-8.1.2.3" }, "endpoint": { "type": "string", "description": "Endpoint to which gRPC notifications are sent. This must be a valid gRPCLB DNS name." }, "payloadName": { "type": "string", "description": "Optional. If specified, this field is used to populate the \"name\" field in gRPC requests." }, "resendInterval": { "$ref": "#/types/google-native:compute%2Fv1:DurationResponse", "description": "Optional. This field is used to configure how often to send a full update of all non-healthy backends. If unspecified, full updates are not sent. If specified, must be in the range between 600 seconds to 3600 seconds. Nanos are disallowed. Can only be set for regional notification endpoints." }, "retryDurationSec": { "type": "integer", "description": "How much time (in seconds) is spent attempting notification retries until a successful response is received. Default is 30s. Limit is 20m (1200s). Must be a positive number." } }, "type": "object", "required": [ "authority", "endpoint", "payloadName", "resendInterval", "retryDurationSec" ] }, "google-native:compute/v1:OutlierDetection": { "description": "Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service.", "properties": { "baseEjectionTime": { "$ref": "#/types/google-native:compute%2Fv1:Duration", "description": "The base time that a backend endpoint is ejected for. Defaults to 30000ms or 30s. After a backend endpoint is returned back to the load balancing pool, it can be ejected again in another ejection analysis. Thus, the total ejection time is equal to the base ejection time multiplied by the number of times the backend endpoint has been ejected. Defaults to 30000ms or 30s." }, "consecutiveErrors": { "type": "integer", "description": "Number of consecutive errors before a backend endpoint is ejected from the load balancing pool. When the backend endpoint is accessed over HTTP, a 5xx return code qualifies as an error. Defaults to 5." }, "consecutiveGatewayFailure": { "type": "integer", "description": "The number of consecutive gateway failures (502, 503, 504 status or connection errors that are mapped to one of those status codes) before a consecutive gateway failure ejection occurs. Defaults to 3." }, "enforcingConsecutiveErrors": { "type": "integer", "description": "The percentage chance that a backend endpoint will be ejected when an outlier status is detected through consecutive 5xx. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 0." }, "enforcingConsecutiveGatewayFailure": { "type": "integer", "description": "The percentage chance that a backend endpoint will be ejected when an outlier status is detected through consecutive gateway failures. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100." }, "enforcingSuccessRate": { "type": "integer", "description": "The percentage chance that a backend endpoint will be ejected when an outlier status is detected through success rate statistics. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100. Not supported when the backend service uses Serverless NEG." }, "interval": { "$ref": "#/types/google-native:compute%2Fv1:Duration", "description": "Time interval between ejection analysis sweeps. This can result in both new ejections and backend endpoints being returned to service. The interval is equal to the number of seconds as defined in outlierDetection.interval.seconds plus the number of nanoseconds as defined in outlierDetection.interval.nanos. Defaults to 1 second." }, "maxEjectionPercent": { "type": "integer", "description": "Maximum percentage of backend endpoints in the load balancing pool for the backend service that can be ejected if the ejection conditions are met. Defaults to 50%." }, "successRateMinimumHosts": { "type": "integer", "description": "The number of backend endpoints in the load balancing pool that must have enough request volume to detect success rate outliers. If the number of backend endpoints is fewer than this setting, outlier detection via success rate statistics is not performed for any backend endpoint in the load balancing pool. Defaults to 5. Not supported when the backend service uses Serverless NEG." }, "successRateRequestVolume": { "type": "integer", "description": "The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this backend endpoint in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that backend endpoint. Defaults to 100. Not supported when the backend service uses Serverless NEG." }, "successRateStdevFactor": { "type": "integer", "description": "This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * successRateStdevFactor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900. Not supported when the backend service uses Serverless NEG." } }, "type": "object" }, "google-native:compute/v1:OutlierDetectionResponse": { "description": "Settings controlling the eviction of unhealthy hosts from the load balancing pool for the backend service.", "properties": { "baseEjectionTime": { "$ref": "#/types/google-native:compute%2Fv1:DurationResponse", "description": "The base time that a backend endpoint is ejected for. Defaults to 30000ms or 30s. After a backend endpoint is returned back to the load balancing pool, it can be ejected again in another ejection analysis. Thus, the total ejection time is equal to the base ejection time multiplied by the number of times the backend endpoint has been ejected. Defaults to 30000ms or 30s." }, "consecutiveErrors": { "type": "integer", "description": "Number of consecutive errors before a backend endpoint is ejected from the load balancing pool. When the backend endpoint is accessed over HTTP, a 5xx return code qualifies as an error. Defaults to 5." }, "consecutiveGatewayFailure": { "type": "integer", "description": "The number of consecutive gateway failures (502, 503, 504 status or connection errors that are mapped to one of those status codes) before a consecutive gateway failure ejection occurs. Defaults to 3." }, "enforcingConsecutiveErrors": { "type": "integer", "description": "The percentage chance that a backend endpoint will be ejected when an outlier status is detected through consecutive 5xx. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 0." }, "enforcingConsecutiveGatewayFailure": { "type": "integer", "description": "The percentage chance that a backend endpoint will be ejected when an outlier status is detected through consecutive gateway failures. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100." }, "enforcingSuccessRate": { "type": "integer", "description": "The percentage chance that a backend endpoint will be ejected when an outlier status is detected through success rate statistics. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100. Not supported when the backend service uses Serverless NEG." }, "interval": { "$ref": "#/types/google-native:compute%2Fv1:DurationResponse", "description": "Time interval between ejection analysis sweeps. This can result in both new ejections and backend endpoints being returned to service. The interval is equal to the number of seconds as defined in outlierDetection.interval.seconds plus the number of nanoseconds as defined in outlierDetection.interval.nanos. Defaults to 1 second." }, "maxEjectionPercent": { "type": "integer", "description": "Maximum percentage of backend endpoints in the load balancing pool for the backend service that can be ejected if the ejection conditions are met. Defaults to 50%." }, "successRateMinimumHosts": { "type": "integer", "description": "The number of backend endpoints in the load balancing pool that must have enough request volume to detect success rate outliers. If the number of backend endpoints is fewer than this setting, outlier detection via success rate statistics is not performed for any backend endpoint in the load balancing pool. Defaults to 5. Not supported when the backend service uses Serverless NEG." }, "successRateRequestVolume": { "type": "integer", "description": "The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this backend endpoint in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that backend endpoint. Defaults to 100. Not supported when the backend service uses Serverless NEG." }, "successRateStdevFactor": { "type": "integer", "description": "This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * successRateStdevFactor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900. Not supported when the backend service uses Serverless NEG." } }, "type": "object", "required": [ "baseEjectionTime", "consecutiveErrors", "consecutiveGatewayFailure", "enforcingConsecutiveErrors", "enforcingConsecutiveGatewayFailure", "enforcingSuccessRate", "interval", "maxEjectionPercent", "successRateMinimumHosts", "successRateRequestVolume", "successRateStdevFactor" ] }, "google-native:compute/v1:PacketMirroringEnable": { "description": "Indicates whether or not this packet mirroring takes effect. If set to FALSE, this packet mirroring policy will not be enforced on the network. The default is TRUE.", "type": "string", "enum": [ { "name": "False", "value": "FALSE" }, { "name": "True", "value": "TRUE" } ] }, "google-native:compute/v1:PacketMirroringFilter": { "properties": { "cidrRanges": { "type": "array", "items": { "type": "string" }, "description": "IP CIDR ranges that apply as filter on the source (ingress) or destination (egress) IP in the IP header. Only IPv4 is supported. If no ranges are specified, all traffic that matches the specified IPProtocols is mirrored. If neither cidrRanges nor IPProtocols is specified, all traffic is mirrored." }, "direction": { "$ref": "#/types/google-native:compute%2Fv1:PacketMirroringFilterDirection", "description": "Direction of traffic to mirror, either INGRESS, EGRESS, or BOTH. The default is BOTH." }, "ipProtocols": { "type": "array", "items": { "type": "string" }, "description": "Protocols that apply as filter on mirrored traffic. If no protocols are specified, all traffic that matches the specified CIDR ranges is mirrored. If neither cidrRanges nor IPProtocols is specified, all traffic is mirrored." } }, "type": "object" }, "google-native:compute/v1:PacketMirroringFilterDirection": { "description": "Direction of traffic to mirror, either INGRESS, EGRESS, or BOTH. The default is BOTH.", "type": "string", "enum": [ { "name": "Both", "description": "Default, both directions are mirrored.", "value": "BOTH" }, { "name": "Egress", "description": "Only egress traffic is mirrored.", "value": "EGRESS" }, { "name": "Ingress", "description": "Only ingress traffic is mirrored.", "value": "INGRESS" } ] }, "google-native:compute/v1:PacketMirroringFilterResponse": { "properties": { "cidrRanges": { "type": "array", "items": { "type": "string" }, "description": "IP CIDR ranges that apply as filter on the source (ingress) or destination (egress) IP in the IP header. Only IPv4 is supported. If no ranges are specified, all traffic that matches the specified IPProtocols is mirrored. If neither cidrRanges nor IPProtocols is specified, all traffic is mirrored." }, "direction": { "type": "string", "description": "Direction of traffic to mirror, either INGRESS, EGRESS, or BOTH. The default is BOTH." }, "ipProtocols": { "type": "array", "items": { "type": "string" }, "description": "Protocols that apply as filter on mirrored traffic. If no protocols are specified, all traffic that matches the specified CIDR ranges is mirrored. If neither cidrRanges nor IPProtocols is specified, all traffic is mirrored." } }, "type": "object", "required": [ "cidrRanges", "direction", "ipProtocols" ] }, "google-native:compute/v1:PacketMirroringForwardingRuleInfo": { "properties": { "url": { "type": "string", "description": "Resource URL to the forwarding rule representing the ILB configured as destination of the mirrored traffic." } }, "type": "object" }, "google-native:compute/v1:PacketMirroringForwardingRuleInfoResponse": { "properties": { "canonicalUrl": { "type": "string", "description": "Unique identifier for the forwarding rule; defined by the server." }, "url": { "type": "string", "description": "Resource URL to the forwarding rule representing the ILB configured as destination of the mirrored traffic." } }, "type": "object", "required": [ "canonicalUrl", "url" ] }, "google-native:compute/v1:PacketMirroringMirroredResourceInfo": { "properties": { "instances": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:PacketMirroringMirroredResourceInfoInstanceInfo" }, "description": "A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring. Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring. You may specify a maximum of 50 Instances." }, "subnetworks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:PacketMirroringMirroredResourceInfoSubnetInfo" }, "description": "A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring. You may specify a maximum of 5 subnetworks." }, "tags": { "type": "array", "items": { "type": "string" }, "description": "A set of mirrored tags. Traffic from/to all VM instances that have one or more of these tags will be mirrored." } }, "type": "object" }, "google-native:compute/v1:PacketMirroringMirroredResourceInfoInstanceInfo": { "properties": { "url": { "type": "string", "description": "Resource URL to the virtual machine instance which is being mirrored." } }, "type": "object" }, "google-native:compute/v1:PacketMirroringMirroredResourceInfoInstanceInfoResponse": { "properties": { "canonicalUrl": { "type": "string", "description": "Unique identifier for the instance; defined by the server." }, "url": { "type": "string", "description": "Resource URL to the virtual machine instance which is being mirrored." } }, "type": "object", "required": [ "canonicalUrl", "url" ] }, "google-native:compute/v1:PacketMirroringMirroredResourceInfoResponse": { "properties": { "instances": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:PacketMirroringMirroredResourceInfoInstanceInfoResponse" }, "description": "A set of virtual machine instances that are being mirrored. They must live in zones contained in the same region as this packetMirroring. Note that this config will apply only to those network interfaces of the Instances that belong to the network specified in this packetMirroring. You may specify a maximum of 50 Instances." }, "subnetworks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:PacketMirroringMirroredResourceInfoSubnetInfoResponse" }, "description": "A set of subnetworks for which traffic from/to all VM instances will be mirrored. They must live in the same region as this packetMirroring. You may specify a maximum of 5 subnetworks." }, "tags": { "type": "array", "items": { "type": "string" }, "description": "A set of mirrored tags. Traffic from/to all VM instances that have one or more of these tags will be mirrored." } }, "type": "object", "required": [ "instances", "subnetworks", "tags" ] }, "google-native:compute/v1:PacketMirroringMirroredResourceInfoSubnetInfo": { "properties": { "url": { "type": "string", "description": "Resource URL to the subnetwork for which traffic from/to all VM instances will be mirrored." } }, "type": "object" }, "google-native:compute/v1:PacketMirroringMirroredResourceInfoSubnetInfoResponse": { "properties": { "canonicalUrl": { "type": "string", "description": "Unique identifier for the subnetwork; defined by the server." }, "url": { "type": "string", "description": "Resource URL to the subnetwork for which traffic from/to all VM instances will be mirrored." } }, "type": "object", "required": [ "canonicalUrl", "url" ] }, "google-native:compute/v1:PacketMirroringNetworkInfo": { "properties": { "url": { "type": "string", "description": "URL of the network resource." } }, "type": "object" }, "google-native:compute/v1:PacketMirroringNetworkInfoResponse": { "properties": { "canonicalUrl": { "type": "string", "description": "Unique identifier for the network; defined by the server." }, "url": { "type": "string", "description": "URL of the network resource." } }, "type": "object", "required": [ "canonicalUrl", "url" ] }, "google-native:compute/v1:PathMatcher": { "description": "A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service is used.", "properties": { "defaultRouteAction": { "$ref": "#/types/google-native:compute%2Fv1:HttpRouteAction", "description": "defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions, such as URL rewrites and header transformations, before forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. URL maps for classic Application Load Balancers only support the urlRewrite action within a path matcher's defaultRouteAction." }, "defaultService": { "type": "string", "description": "The full or partial URL to the BackendService resource. This URL is used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is also specified, advanced routing actions, such as URL rewrites, take effect before sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect , or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use " }, "defaultUrlRedirect": { "$ref": "#/types/google-native:compute%2Fv1:HttpRedirectAction", "description": "When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to a target gRPC proxy." }, "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "headerAction": { "$ref": "#/types/google-native:compute%2Fv1:HttpHeaderAction", "description": "Specifies changes to request and response headers that need to take effect for the selected backend service. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap HeaderAction is not supported for load balancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "name": { "type": "string", "description": "The name to which this PathMatcher is referred by the HostRule." }, "pathRules": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:PathRule" }, "description": "The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set." }, "routeRules": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:HttpRouteRule" }, "description": "The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules." } }, "type": "object" }, "google-native:compute/v1:PathMatcherResponse": { "description": "A matcher for the path portion of the URL. The BackendService from the longest-matched rule will serve the URL. If no rule was matched, the default service is used.", "properties": { "defaultRouteAction": { "$ref": "#/types/google-native:compute%2Fv1:HttpRouteActionResponse", "description": "defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions, such as URL rewrites and header transformations, before forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. Only one of defaultRouteAction or defaultUrlRedirect must be set. URL maps for classic Application Load Balancers only support the urlRewrite action within a path matcher's defaultRouteAction." }, "defaultService": { "type": "string", "description": "The full or partial URL to the BackendService resource. This URL is used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is also specified, advanced routing actions, such as URL rewrites, take effect before sending the request to the backend. However, if defaultService is specified, defaultRouteAction cannot contain any weightedBackendServices. Conversely, if defaultRouteAction specifies any weightedBackendServices, defaultService must not be specified. Only one of defaultService, defaultUrlRedirect , or defaultRouteAction.weightedBackendService must be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use " }, "defaultUrlRedirect": { "$ref": "#/types/google-native:compute%2Fv1:HttpRedirectActionResponse", "description": "When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or defaultRouteAction must not be set. Not supported when the URL map is bound to a target gRPC proxy." }, "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "headerAction": { "$ref": "#/types/google-native:compute%2Fv1:HttpHeaderActionResponse", "description": "Specifies changes to request and response headers that need to take effect for the selected backend service. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap HeaderAction is not supported for load balancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "name": { "type": "string", "description": "The name to which this PathMatcher is referred by the HostRule." }, "pathRules": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:PathRuleResponse" }, "description": "The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set." }, "routeRules": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:HttpRouteRuleResponse" }, "description": "The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules." } }, "type": "object", "required": [ "defaultRouteAction", "defaultService", "defaultUrlRedirect", "description", "headerAction", "name", "pathRules", "routeRules" ] }, "google-native:compute/v1:PathRule": { "description": "A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.", "properties": { "paths": { "type": "array", "items": { "type": "string" }, "description": "The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here." }, "routeAction": { "$ref": "#/types/google-native:compute%2Fv1:HttpRouteAction", "description": "In response to a matching path, the load balancer performs advanced routing actions, such as URL rewrites and header transformations, before forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. URL maps for classic Application Load Balancers only support the urlRewrite action within a path rule's routeAction." }, "service": { "type": "string", "description": "The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is also specified, advanced routing actions, such as URL rewrites, take effect before sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set." }, "urlRedirect": { "$ref": "#/types/google-native:compute%2Fv1:HttpRedirectAction", "description": "When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to a target gRPC proxy." } }, "type": "object" }, "google-native:compute/v1:PathRuleResponse": { "description": "A path-matching rule for a URL. If matched, will use the specified BackendService to handle the traffic arriving at this URL.", "properties": { "paths": { "type": "array", "items": { "type": "string" }, "description": "The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here." }, "routeAction": { "$ref": "#/types/google-native:compute%2Fv1:HttpRouteActionResponse", "description": "In response to a matching path, the load balancer performs advanced routing actions, such as URL rewrites and header transformations, before forwarding the request to the selected backend. If routeAction specifies any weightedBackendServices, service must not be set. Conversely if service is set, routeAction cannot contain any weightedBackendServices. Only one of routeAction or urlRedirect must be set. URL maps for classic Application Load Balancers only support the urlRewrite action within a path rule's routeAction." }, "service": { "type": "string", "description": "The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is also specified, advanced routing actions, such as URL rewrites, take effect before sending the request to the backend. However, if service is specified, routeAction cannot contain any weightedBackendServices. Conversely, if routeAction specifies any weightedBackendServices, service must not be specified. Only one of urlRedirect, service or routeAction.weightedBackendService must be set." }, "urlRedirect": { "$ref": "#/types/google-native:compute%2Fv1:HttpRedirectActionResponse", "description": "When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. If urlRedirect is specified, service or routeAction must not be set. Not supported when the URL map is bound to a target gRPC proxy." } }, "type": "object", "required": [ "paths", "routeAction", "service", "urlRedirect" ] }, "google-native:compute/v1:PublicAdvertisedPrefixPdpScope": { "description": "Specifies how child public delegated prefix will be scoped. It could be one of following values: - `REGIONAL`: The public delegated prefix is regional only. The provisioning will take a few minutes. - `GLOBAL`: The public delegated prefix is global only. The provisioning will take ~4 weeks. - `GLOBAL_AND_REGIONAL` [output only]: The public delegated prefixes is BYOIP V1 legacy prefix. This is output only value and no longer supported in BYOIP V2. ", "type": "string", "enum": [ { "name": "Global", "description": "The public delegated prefix is global only. The provisioning will take ~4 weeks.", "value": "GLOBAL" }, { "name": "GlobalAndRegional", "description": "The public delegated prefixes is BYOIP V1 legacy prefix. This is output only value and no longer supported in BYOIP V2.", "value": "GLOBAL_AND_REGIONAL" }, { "name": "Regional", "description": "The public delegated prefix is regional only. The provisioning will take a few minutes.", "value": "REGIONAL" } ] }, "google-native:compute/v1:PublicAdvertisedPrefixPublicDelegatedPrefixResponse": { "description": "Represents a CIDR range which can be used to assign addresses.", "properties": { "ipRange": { "type": "string", "description": "The IP address range of the public delegated prefix" }, "name": { "type": "string", "description": "The name of the public delegated prefix" }, "project": { "type": "string", "description": "The project number of the public delegated prefix" }, "region": { "type": "string", "description": "The region of the public delegated prefix if it is regional. If absent, the prefix is global." }, "status": { "type": "string", "description": "The status of the public delegated prefix. Possible values are: INITIALIZING: The public delegated prefix is being initialized and addresses cannot be created yet. ANNOUNCED: The public delegated prefix is active." } }, "type": "object", "required": [ "ipRange", "name", "project", "region", "status" ] }, "google-native:compute/v1:PublicAdvertisedPrefixStatus": { "description": "The status of the public advertised prefix. Possible values include: - `INITIAL`: RPKI validation is complete. - `PTR_CONFIGURED`: User has configured the PTR. - `VALIDATED`: Reverse DNS lookup is successful. - `REVERSE_DNS_LOOKUP_FAILED`: Reverse DNS lookup failed. - `PREFIX_CONFIGURATION_IN_PROGRESS`: The prefix is being configured. - `PREFIX_CONFIGURATION_COMPLETE`: The prefix is fully configured. - `PREFIX_REMOVAL_IN_PROGRESS`: The prefix is being removed. ", "type": "string", "enum": [ { "name": "AnnouncedToInternet", "description": "The prefix is announced to Internet.", "value": "ANNOUNCED_TO_INTERNET" }, { "name": "Initial", "description": "RPKI validation is complete.", "value": "INITIAL" }, { "name": "PrefixConfigurationComplete", "description": "The prefix is fully configured.", "value": "PREFIX_CONFIGURATION_COMPLETE" }, { "name": "PrefixConfigurationInProgress", "description": "The prefix is being configured.", "value": "PREFIX_CONFIGURATION_IN_PROGRESS" }, { "name": "PrefixRemovalInProgress", "description": "The prefix is being removed.", "value": "PREFIX_REMOVAL_IN_PROGRESS" }, { "name": "PtrConfigured", "description": "User has configured the PTR.", "value": "PTR_CONFIGURED" }, { "name": "ReadyToAnnounce", "description": "The prefix is currently withdrawn but ready to be announced.", "value": "READY_TO_ANNOUNCE" }, { "name": "ReverseDnsLookupFailed", "description": "Reverse DNS lookup failed.", "value": "REVERSE_DNS_LOOKUP_FAILED" }, { "name": "Validated", "description": "Reverse DNS lookup is successful.", "value": "VALIDATED" } ] }, "google-native:compute/v1:PublicDelegatedPrefixPublicDelegatedSubPrefix": { "description": "Represents a sub PublicDelegatedPrefix.", "properties": { "delegateeProject": { "type": "string", "description": "Name of the project scoping this PublicDelegatedSubPrefix." }, "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "ipCidrRange": { "type": "string", "description": "The IP address range, in CIDR format, represented by this sub public delegated prefix." }, "isAddress": { "type": "boolean", "description": "Whether the sub prefix is delegated to create Address resources in the delegatee project." }, "name": { "type": "string", "description": "The name of the sub public delegated prefix." } }, "type": "object" }, "google-native:compute/v1:PublicDelegatedPrefixPublicDelegatedSubPrefixResponse": { "description": "Represents a sub PublicDelegatedPrefix.", "properties": { "delegateeProject": { "type": "string", "description": "Name of the project scoping this PublicDelegatedSubPrefix." }, "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "ipCidrRange": { "type": "string", "description": "The IP address range, in CIDR format, represented by this sub public delegated prefix." }, "isAddress": { "type": "boolean", "description": "Whether the sub prefix is delegated to create Address resources in the delegatee project." }, "name": { "type": "string", "description": "The name of the sub public delegated prefix." }, "region": { "type": "string", "description": "The region of the sub public delegated prefix if it is regional. If absent, the sub prefix is global." }, "status": { "type": "string", "description": "The status of the sub public delegated prefix." } }, "type": "object", "required": [ "delegateeProject", "description", "ipCidrRange", "isAddress", "name", "region", "status" ] }, "google-native:compute/v1:RegionBackendServiceCompressionMode": { "description": "Compress text responses using Brotli or gzip compression, based on the client's Accept-Encoding header.", "type": "string", "enum": [ { "name": "Automatic", "description": "Automatically uses the best compression based on the Accept-Encoding header sent by the client.", "value": "AUTOMATIC" }, { "name": "Disabled", "description": "Disables compression. Existing compressed responses cached by Cloud CDN will not be served to clients.", "value": "DISABLED" } ] }, "google-native:compute/v1:RegionBackendServiceLoadBalancingScheme": { "description": "Specifies the load balancer type. A backend service created for one type of load balancer cannot be used with another. For more information, refer to Choosing a load balancer.", "type": "string", "enum": [ { "name": "External", "description": "Signifies that this will be used for external HTTP(S), SSL Proxy, TCP Proxy, or Network Load Balancing", "value": "EXTERNAL" }, { "name": "ExternalManaged", "description": "Signifies that this will be used for External Managed HTTP(S) Load Balancing.", "value": "EXTERNAL_MANAGED" }, { "name": "Internal", "description": "Signifies that this will be used for Internal TCP/UDP Load Balancing.", "value": "INTERNAL" }, { "name": "InternalManaged", "description": "Signifies that this will be used for Internal HTTP(S) Load Balancing.", "value": "INTERNAL_MANAGED" }, { "name": "InternalSelfManaged", "description": "Signifies that this will be used by Traffic Director.", "value": "INTERNAL_SELF_MANAGED" }, { "name": "InvalidLoadBalancingScheme", "value": "INVALID_LOAD_BALANCING_SCHEME" } ] }, "google-native:compute/v1:RegionBackendServiceLocalityLbPolicy": { "description": "The load balancing algorithm used within the scope of the locality. The possible values are: - ROUND_ROBIN: This is a simple policy in which each healthy backend is selected in round robin order. This is the default. - LEAST_REQUEST: An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests. - RING_HASH: The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests. - RANDOM: The load balancer selects a random healthy host. - ORIGINAL_DESTINATION: Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer. - MAGLEV: used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824 This field is applicable to either: - A regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and load_balancing_scheme set to INTERNAL_MANAGED. - A global backend service with the load_balancing_scheme set to INTERNAL_SELF_MANAGED, INTERNAL_MANAGED, or EXTERNAL_MANAGED. If sessionAffinity is not NONE, and this field is not set to MAGLEV or RING_HASH, session affinity settings will not take effect. Only ROUND_ROBIN and RING_HASH are supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true.", "type": "string", "enum": [ { "name": "InvalidLbPolicy", "value": "INVALID_LB_POLICY" }, { "name": "LeastRequest", "description": "An O(1) algorithm which selects two random healthy hosts and picks the host which has fewer active requests.", "value": "LEAST_REQUEST" }, { "name": "Maglev", "description": "This algorithm implements consistent hashing to backends. Maglev can be used as a drop in replacement for the ring hash load balancer. Maglev is not as stable as ring hash but has faster table lookup build times and host selection times. For more information about Maglev, see https://ai.google/research/pubs/pub44824", "value": "MAGLEV" }, { "name": "OriginalDestination", "description": "Backend host is selected based on the client connection metadata, i.e., connections are opened to the same address as the destination address of the incoming connection before the connection was redirected to the load balancer.", "value": "ORIGINAL_DESTINATION" }, { "name": "Random", "description": "The load balancer selects a random healthy host.", "value": "RANDOM" }, { "name": "RingHash", "description": "The ring/modulo hash load balancer implements consistent hashing to backends. The algorithm has the property that the addition/removal of a host from a set of N hosts only affects 1/N of the requests.", "value": "RING_HASH" }, { "name": "RoundRobin", "description": "This is a simple policy in which each healthy backend is selected in round robin order. This is the default.", "value": "ROUND_ROBIN" }, { "name": "WeightedMaglev", "description": "Per-instance weighted Load Balancing via health check reported weights. If set, the Backend Service must configure a non legacy HTTP-based Health Check, and health check replies are expected to contain non-standard HTTP response header field X-Load-Balancing-Endpoint-Weight to specify the per-instance weights. If set, Load Balancing is weighted based on the per-instance weights reported in the last processed health check replies, as long as every instance either reported a valid weight or had UNAVAILABLE_WEIGHT. Otherwise, Load Balancing remains equal-weight. This option is only supported in Network Load Balancing.", "value": "WEIGHTED_MAGLEV" } ] }, "google-native:compute/v1:RegionBackendServiceProtocol": { "description": "The protocol this BackendService uses to communicate with backends. Possible values are HTTP, HTTPS, HTTP2, TCP, SSL, UDP or GRPC. depending on the chosen load balancer or Traffic Director configuration. Refer to the documentation for the load balancers or for Traffic Director for more information. Must be set to GRPC when the backend service is referenced by a URL map that is bound to target gRPC proxy.", "type": "string", "enum": [ { "name": "Grpc", "description": "gRPC (available for Traffic Director).", "value": "GRPC" }, { "name": "Http", "value": "HTTP" }, { "name": "Http2", "description": "HTTP/2 with SSL.", "value": "HTTP2" }, { "name": "Https", "value": "HTTPS" }, { "name": "Ssl", "description": "TCP proxying with SSL.", "value": "SSL" }, { "name": "Tcp", "description": "TCP proxying or TCP pass-through.", "value": "TCP" }, { "name": "Udp", "description": "UDP.", "value": "UDP" }, { "name": "Unspecified", "description": "If a Backend Service has UNSPECIFIED as its protocol, it can be used with any L3/L4 Forwarding Rules.", "value": "UNSPECIFIED" } ] }, "google-native:compute/v1:RegionBackendServiceSessionAffinity": { "description": "Type of session affinity to use. The default is NONE. Only NONE and HEADER_FIELD are supported when the backend service is referenced by a URL map that is bound to target gRPC proxy that has validateForProxyless field set to true. For more details, see: [Session Affinity](https://cloud.google.com/load-balancing/docs/backend-service#session_affinity).", "type": "string", "enum": [ { "name": "ClientIp", "description": "2-tuple hash on packet's source and destination IP addresses. Connections from the same source IP address to the same destination IP address will be served by the same backend VM while that VM remains healthy.", "value": "CLIENT_IP" }, { "name": "ClientIpNoDestination", "description": "1-tuple hash only on packet's source IP address. Connections from the same source IP address will be served by the same backend VM while that VM remains healthy. This option can only be used for Internal TCP/UDP Load Balancing.", "value": "CLIENT_IP_NO_DESTINATION" }, { "name": "ClientIpPortProto", "description": "5-tuple hash on packet's source and destination IP addresses, IP protocol, and source and destination ports. Connections for the same IP protocol from the same source IP address and port to the same destination IP address and port will be served by the same backend VM while that VM remains healthy. This option cannot be used for HTTP(S) load balancing.", "value": "CLIENT_IP_PORT_PROTO" }, { "name": "ClientIpProto", "description": "3-tuple hash on packet's source and destination IP addresses, and IP protocol. Connections for the same IP protocol from the same source IP address to the same destination IP address will be served by the same backend VM while that VM remains healthy. This option cannot be used for HTTP(S) load balancing.", "value": "CLIENT_IP_PROTO" }, { "name": "GeneratedCookie", "description": "Hash based on a cookie generated by the L7 loadbalancer. Only valid for HTTP(S) load balancing.", "value": "GENERATED_COOKIE" }, { "name": "HeaderField", "description": "The hash is based on a user specified header field.", "value": "HEADER_FIELD" }, { "name": "HttpCookie", "description": "The hash is based on a user provided cookie.", "value": "HTTP_COOKIE" }, { "name": "None", "description": "No session affinity. Connections from the same client IP may go to any instance in the pool.", "value": "NONE" } ] }, "google-native:compute/v1:RegionCommitmentCategory": { "description": "The category of the commitment. Category MACHINE specifies commitments composed of machine resources such as VCPU or MEMORY, listed in resources. Category LICENSE specifies commitments composed of software licenses, listed in licenseResources. Note that only MACHINE commitments should have a Type specified.", "type": "string", "enum": [ { "name": "CategoryUnspecified", "value": "CATEGORY_UNSPECIFIED" }, { "name": "License", "value": "LICENSE" }, { "name": "Machine", "value": "MACHINE" } ] }, "google-native:compute/v1:RegionCommitmentPlan": { "description": "The plan for this commitment, which determines duration and discount rate. The currently supported plans are TWELVE_MONTH (1 year), and THIRTY_SIX_MONTH (3 years).", "type": "string", "enum": [ { "name": "Invalid", "value": "INVALID" }, { "name": "ThirtySixMonth", "value": "THIRTY_SIX_MONTH" }, { "name": "TwelveMonth", "value": "TWELVE_MONTH" } ] }, "google-native:compute/v1:RegionCommitmentType": { "description": "The type of commitment, which affects the discount rate and the eligible resources. Type MEMORY_OPTIMIZED specifies a commitment that will only apply to memory optimized machines. Type ACCELERATOR_OPTIMIZED specifies a commitment that will only apply to accelerator optimized machines.", "type": "string", "enum": [ { "name": "AcceleratorOptimized", "value": "ACCELERATOR_OPTIMIZED" }, { "name": "AcceleratorOptimizedA3", "value": "ACCELERATOR_OPTIMIZED_A3" }, { "name": "ComputeOptimized", "value": "COMPUTE_OPTIMIZED" }, { "name": "ComputeOptimizedC2d", "value": "COMPUTE_OPTIMIZED_C2D" }, { "name": "ComputeOptimizedC3", "value": "COMPUTE_OPTIMIZED_C3" }, { "name": "ComputeOptimizedC3d", "value": "COMPUTE_OPTIMIZED_C3D" }, { "name": "ComputeOptimizedH3", "value": "COMPUTE_OPTIMIZED_H3" }, { "name": "GeneralPurpose", "value": "GENERAL_PURPOSE" }, { "name": "GeneralPurposeE2", "value": "GENERAL_PURPOSE_E2" }, { "name": "GeneralPurposeN2", "value": "GENERAL_PURPOSE_N2" }, { "name": "GeneralPurposeN2d", "value": "GENERAL_PURPOSE_N2D" }, { "name": "GeneralPurposeT2d", "value": "GENERAL_PURPOSE_T2D" }, { "name": "GraphicsOptimized", "value": "GRAPHICS_OPTIMIZED" }, { "name": "MemoryOptimized", "value": "MEMORY_OPTIMIZED" }, { "name": "MemoryOptimizedM3", "value": "MEMORY_OPTIMIZED_M3" }, { "name": "TypeUnspecified", "value": "TYPE_UNSPECIFIED" } ] }, "google-native:compute/v1:RegionDiskArchitecture": { "description": "The architecture of the disk. Valid values are ARM64 or X86_64.", "type": "string", "enum": [ { "name": "ArchitectureUnspecified", "description": "Default value indicating Architecture is not set.", "value": "ARCHITECTURE_UNSPECIFIED" }, { "name": "Arm64", "description": "Machines with architecture ARM64", "value": "ARM64" }, { "name": "X8664", "description": "Machines with architecture X86_64", "value": "X86_64" } ] }, "google-native:compute/v1:RegionHealthCheckServiceHealthStatusAggregationPolicy": { "description": "Optional. Policy for how the results from multiple health checks for the same endpoint are aggregated. Defaults to NO_AGGREGATION if unspecified. - NO_AGGREGATION. An EndpointHealth message is returned for each pair in the health check service. - AND. If any health check of an endpoint reports UNHEALTHY, then UNHEALTHY is the HealthState of the endpoint. If all health checks report HEALTHY, the HealthState of the endpoint is HEALTHY. . This is only allowed with regional HealthCheckService.", "type": "string", "enum": [ { "name": "And", "description": "If any backend's health check reports UNHEALTHY, then UNHEALTHY is the HealthState of the entire health check service. If all backend's are healthy, the HealthState of the health check service is HEALTHY.", "value": "AND" }, { "name": "NoAggregation", "description": "An EndpointHealth message is returned for each backend in the health check service.", "value": "NO_AGGREGATION" } ] }, "google-native:compute/v1:RegionHealthCheckType": { "description": "Specifies the type of the healthCheck, either TCP, SSL, HTTP, HTTPS, HTTP2 or GRPC. Exactly one of the protocol-specific health check fields must be specified, which must match type field.", "type": "string", "enum": [ { "name": "Grpc", "value": "GRPC" }, { "name": "Http", "value": "HTTP" }, { "name": "Http2", "value": "HTTP2" }, { "name": "Https", "value": "HTTPS" }, { "name": "Invalid", "value": "INVALID" }, { "name": "Ssl", "value": "SSL" }, { "name": "Tcp", "value": "TCP" } ] }, "google-native:compute/v1:RegionInstanceGroupManagerListManagedInstancesResults": { "description": "Pagination behavior of the listManagedInstances API method for this managed instance group.", "type": "string", "enum": [ { "name": "Pageless", "description": "(Default) Pagination is disabled for the group's listManagedInstances API method. maxResults and pageToken query parameters are ignored and all instances are returned in a single response.", "value": "PAGELESS" }, { "name": "Paginated", "description": "Pagination is enabled for the group's listManagedInstances API method. maxResults and pageToken query parameters are respected.", "value": "PAGINATED" } ] }, "google-native:compute/v1:RegionNetworkEndpointGroupNetworkEndpointType": { "description": "Type of network endpoints in this network endpoint group. Can be one of GCE_VM_IP, GCE_VM_IP_PORT, NON_GCP_PRIVATE_IP_PORT, INTERNET_FQDN_PORT, INTERNET_IP_PORT, SERVERLESS, PRIVATE_SERVICE_CONNECT.", "type": "string", "enum": [ { "name": "GceVmIp", "description": "The network endpoint is represented by an IP address.", "value": "GCE_VM_IP" }, { "name": "GceVmIpPort", "description": "The network endpoint is represented by IP address and port pair.", "value": "GCE_VM_IP_PORT" }, { "name": "InternetFqdnPort", "description": "The network endpoint is represented by fully qualified domain name and port.", "value": "INTERNET_FQDN_PORT" }, { "name": "InternetIpPort", "description": "The network endpoint is represented by an internet IP address and port.", "value": "INTERNET_IP_PORT" }, { "name": "NonGcpPrivateIpPort", "description": "The network endpoint is represented by an IP address and port. The endpoint belongs to a VM or pod running in a customer's on-premises.", "value": "NON_GCP_PRIVATE_IP_PORT" }, { "name": "PrivateServiceConnect", "description": "The network endpoint is either public Google APIs or services exposed by other GCP Project with a Service Attachment. The connection is set up by private service connect", "value": "PRIVATE_SERVICE_CONNECT" }, { "name": "Serverless", "description": "The network endpoint is handled by specified serverless infrastructure.", "value": "SERVERLESS" } ] }, "google-native:compute/v1:RegionSecurityPolicyType": { "description": "The type indicates the intended use of the security policy. - CLOUD_ARMOR: Cloud Armor backend security policies can be configured to filter incoming HTTP requests targeting backend services. They filter requests before they hit the origin servers. - CLOUD_ARMOR_EDGE: Cloud Armor edge security policies can be configured to filter incoming HTTP requests targeting backend services (including Cloud CDN-enabled) as well as backend buckets (Cloud Storage). They filter requests before the request is served from Google's cache. - CLOUD_ARMOR_INTERNAL_SERVICE: Cloud Armor internal service policies can be configured to filter HTTP requests targeting services managed by Traffic Director in a service mesh. They filter requests before the request is served from the application. - CLOUD_ARMOR_NETWORK: Cloud Armor network policies can be configured to filter packets targeting network load balancing resources such as backend services, target pools, target instances, and instances with external IPs. They filter requests before the request is served from the application. This field can be set only at resource creation time.", "type": "string", "enum": [ { "name": "CloudArmor", "value": "CLOUD_ARMOR" }, { "name": "CloudArmorEdge", "value": "CLOUD_ARMOR_EDGE" }, { "name": "CloudArmorNetwork", "value": "CLOUD_ARMOR_NETWORK" } ] }, "google-native:compute/v1:RegionSslCertificateType": { "description": "(Optional) Specifies the type of SSL certificate, either \"SELF_MANAGED\" or \"MANAGED\". If not specified, the certificate is self-managed and the fields certificate and private_key are used.", "type": "string", "enum": [ { "name": "Managed", "description": "Google-managed SSLCertificate.", "value": "MANAGED" }, { "name": "SelfManaged", "description": "Certificate uploaded by user.", "value": "SELF_MANAGED" }, { "name": "TypeUnspecified", "value": "TYPE_UNSPECIFIED" } ] }, "google-native:compute/v1:RegionSslPolicyMinTlsVersion": { "description": "The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. This can be one of TLS_1_0, TLS_1_1, TLS_1_2.", "type": "string", "enum": [ { "name": "Tls10", "description": "TLS 1.0", "value": "TLS_1_0" }, { "name": "Tls11", "description": "TLS 1.1", "value": "TLS_1_1" }, { "name": "Tls12", "description": "TLS 1.2", "value": "TLS_1_2" } ] }, "google-native:compute/v1:RegionSslPolicyProfile": { "description": "Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one of COMPATIBLE, MODERN, RESTRICTED, or CUSTOM. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field.", "type": "string", "enum": [ { "name": "Compatible", "description": "Compatible profile. Allows the broadset set of clients, even those which support only out-of-date SSL features to negotiate with the load balancer.", "value": "COMPATIBLE" }, { "name": "Custom", "description": "Custom profile. Allow only the set of allowed SSL features specified in the customFeatures field.", "value": "CUSTOM" }, { "name": "Modern", "description": "Modern profile. Supports a wide set of SSL features, allowing modern clients to negotiate SSL with the load balancer.", "value": "MODERN" }, { "name": "Restricted", "description": "Restricted profile. Supports a reduced set of SSL features, intended to meet stricter compliance requirements.", "value": "RESTRICTED" } ] }, "google-native:compute/v1:RegionSslPolicyWarningsItemDataItemResponse": { "properties": { "key": { "type": "string", "description": "A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)." }, "value": { "type": "string", "description": "A warning data value corresponding to the key." } }, "type": "object", "required": [ "key", "value" ] }, "google-native:compute/v1:RegionSslPolicyWarningsItemResponse": { "properties": { "code": { "type": "string", "description": "A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response." }, "data": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:RegionSslPolicyWarningsItemDataItemResponse" }, "description": "Metadata about this warning in key: value format. For example: \"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" } " }, "message": { "type": "string", "description": "A human-readable description of the warning code." } }, "type": "object", "required": [ "code", "data", "message" ] }, "google-native:compute/v1:RegionTargetHttpsProxyQuicOverride": { "description": "Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE. - When quic-override is set to NONE, Google manages whether QUIC is used. - When quic-override is set to ENABLE, the load balancer uses QUIC when possible. - When quic-override is set to DISABLE, the load balancer doesn't use QUIC. - If the quic-override flag is not specified, NONE is implied. ", "type": "string", "enum": [ { "name": "Disable", "description": "The load balancer will not attempt to negotiate QUIC with clients.", "value": "DISABLE" }, { "name": "Enable", "description": "The load balancer will attempt to negotiate QUIC with clients.", "value": "ENABLE" }, { "name": "None", "description": "No overrides to the default QUIC policy. This option is implicit if no QUIC override has been specified in the request.", "value": "NONE" } ] }, "google-native:compute/v1:RegionTargetTcpProxyProxyHeader": { "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.", "type": "string", "enum": [ { "name": "None", "value": "NONE" }, { "name": "ProxyV1", "value": "PROXY_V1" } ] }, "google-native:compute/v1:RequestMirrorPolicy": { "description": "A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. The load balancer doesn't wait for responses from the shadow service. Before sending traffic to the shadow service, the host or authority header is suffixed with -shadow.", "properties": { "backendService": { "type": "string", "description": "The full or partial URL to the BackendService resource being mirrored to. The backend service configured for a mirroring policy must reference backends that are of the same type as the original backend service matched in the URL map. Serverless NEG backends are not currently supported as a mirrored backend service. " } }, "type": "object" }, "google-native:compute/v1:RequestMirrorPolicyResponse": { "description": "A policy that specifies how requests intended for the route's backends are shadowed to a separate mirrored backend service. The load balancer doesn't wait for responses from the shadow service. Before sending traffic to the shadow service, the host or authority header is suffixed with -shadow.", "properties": { "backendService": { "type": "string", "description": "The full or partial URL to the BackendService resource being mirrored to. The backend service configured for a mirroring policy must reference backends that are of the same type as the original backend service matched in the URL map. Serverless NEG backends are not currently supported as a mirrored backend service. " } }, "type": "object", "required": [ "backendService" ] }, "google-native:compute/v1:Reservation": { "description": "Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.", "properties": { "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "name": { "type": "string", "description": "The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "resourcePolicies": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource policies to be added to this reservation. The key is defined by user, and the value is resource policy url. This is to define placement policy with reservation." }, "shareSettings": { "$ref": "#/types/google-native:compute%2Fv1:ShareSettings", "description": "Specify share-settings to create a shared reservation. This property is optional. For more information about the syntax and options for this field and its subfields, see the guide for creating a shared reservation." }, "specificReservation": { "$ref": "#/types/google-native:compute%2Fv1:AllocationSpecificSKUReservation", "description": "Reservation for instances with specific machine shapes." }, "specificReservationRequired": { "type": "boolean", "description": "Indicates whether the reservation can be consumed by VMs with affinity for \"any\" reservation. If the field is set, then only VMs that target the reservation by name can consume from this reservation." }, "zone": { "type": "string", "description": "Zone in which the reservation resides. A zone must be provided if the reservation is created within a commitment." } }, "type": "object" }, "google-native:compute/v1:ReservationAffinity": { "description": "Specifies the reservations that this instance can consume from.", "properties": { "consumeReservationType": { "$ref": "#/types/google-native:compute%2Fv1:ReservationAffinityConsumeReservationType", "description": "Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples." }, "key": { "type": "string", "description": "Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value." }, "values": { "type": "array", "items": { "type": "string" }, "description": "Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or \"projects/different-project/reservations/some-reservation-name\" to target a shared reservation in the same zone but in a different project." } }, "type": "object" }, "google-native:compute/v1:ReservationAffinityConsumeReservationType": { "description": "Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples.", "type": "string", "enum": [ { "name": "AnyReservation", "description": "Consume any allocation available.", "value": "ANY_RESERVATION" }, { "name": "NoReservation", "description": "Do not consume from any allocated capacity.", "value": "NO_RESERVATION" }, { "name": "SpecificReservation", "description": "Must consume from a specific reservation. Must specify key value fields for specifying the reservations.", "value": "SPECIFIC_RESERVATION" }, { "name": "Unspecified", "value": "UNSPECIFIED" } ] }, "google-native:compute/v1:ReservationAffinityResponse": { "description": "Specifies the reservations that this instance can consume from.", "properties": { "consumeReservationType": { "type": "string", "description": "Specifies the type of reservation from which this instance can consume resources: ANY_RESERVATION (default), SPECIFIC_RESERVATION, or NO_RESERVATION. See Consuming reserved instances for examples." }, "key": { "type": "string", "description": "Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify googleapis.com/reservation-name as the key and specify the name of your reservation as its value." }, "values": { "type": "array", "items": { "type": "string" }, "description": "Corresponds to the label values of a reservation resource. This can be either a name to a reservation in the same project or \"projects/different-project/reservations/some-reservation-name\" to target a shared reservation in the same zone but in a different project." } }, "type": "object", "required": [ "consumeReservationType", "key", "values" ] }, "google-native:compute/v1:ReservationResponse": { "description": "Represents a reservation resource. A reservation ensures that capacity is held in a specific zone even if the reserved VMs are not running. For more information, read Reserving zonal resources.", "properties": { "commitment": { "type": "string", "description": "Full or partial URL to a parent commitment. This field displays for reservations that are tied to a commitment." }, "creationTimestamp": { "type": "string", "description": "Creation timestamp in RFC3339 text format." }, "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "kind": { "type": "string", "description": "Type of the resource. Always compute#reservations for reservations." }, "name": { "type": "string", "description": "The name of the resource, provided by the client when initially creating the resource. The resource name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "resourcePolicies": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Resource policies to be added to this reservation. The key is defined by user, and the value is resource policy url. This is to define placement policy with reservation." }, "resourceStatus": { "$ref": "#/types/google-native:compute%2Fv1:AllocationResourceStatusResponse", "description": "Status information for Reservation resource." }, "satisfiesPzs": { "type": "boolean", "description": "Reserved for future use." }, "selfLink": { "type": "string", "description": "Server-defined fully-qualified URL for this resource." }, "shareSettings": { "$ref": "#/types/google-native:compute%2Fv1:ShareSettingsResponse", "description": "Specify share-settings to create a shared reservation. This property is optional. For more information about the syntax and options for this field and its subfields, see the guide for creating a shared reservation." }, "specificReservation": { "$ref": "#/types/google-native:compute%2Fv1:AllocationSpecificSKUReservationResponse", "description": "Reservation for instances with specific machine shapes." }, "specificReservationRequired": { "type": "boolean", "description": "Indicates whether the reservation can be consumed by VMs with affinity for \"any\" reservation. If the field is set, then only VMs that target the reservation by name can consume from this reservation." }, "status": { "type": "string", "description": "The status of the reservation." }, "zone": { "type": "string", "description": "Zone in which the reservation resides. A zone must be provided if the reservation is created within a commitment." } }, "type": "object", "required": [ "commitment", "creationTimestamp", "description", "kind", "name", "resourcePolicies", "resourceStatus", "satisfiesPzs", "selfLink", "shareSettings", "specificReservation", "specificReservationRequired", "status", "zone" ] }, "google-native:compute/v1:ResourceCommitment": { "description": "Commitment for a particular resource (a Commitment is composed of one or more of these).", "properties": { "acceleratorType": { "type": "string", "description": "Name of the accelerator type resource. Applicable only when the type is ACCELERATOR." }, "amount": { "type": "string", "description": "The amount of the resource purchased (in a type-dependent unit, such as bytes). For vCPUs, this can just be an integer. For memory, this must be provided in MB. Memory must be a multiple of 256 MB, with up to 6.5GB of memory per every vCPU." }, "type": { "$ref": "#/types/google-native:compute%2Fv1:ResourceCommitmentType", "description": "Type of resource for which this commitment applies. Possible values are VCPU, MEMORY, LOCAL_SSD, and ACCELERATOR." } }, "type": "object" }, "google-native:compute/v1:ResourceCommitmentResponse": { "description": "Commitment for a particular resource (a Commitment is composed of one or more of these).", "properties": { "acceleratorType": { "type": "string", "description": "Name of the accelerator type resource. Applicable only when the type is ACCELERATOR." }, "amount": { "type": "string", "description": "The amount of the resource purchased (in a type-dependent unit, such as bytes). For vCPUs, this can just be an integer. For memory, this must be provided in MB. Memory must be a multiple of 256 MB, with up to 6.5GB of memory per every vCPU." }, "type": { "type": "string", "description": "Type of resource for which this commitment applies. Possible values are VCPU, MEMORY, LOCAL_SSD, and ACCELERATOR." } }, "type": "object", "required": [ "acceleratorType", "amount", "type" ] }, "google-native:compute/v1:ResourceCommitmentType": { "description": "Type of resource for which this commitment applies. Possible values are VCPU, MEMORY, LOCAL_SSD, and ACCELERATOR.", "type": "string", "enum": [ { "name": "Accelerator", "value": "ACCELERATOR" }, { "name": "LocalSsd", "value": "LOCAL_SSD" }, { "name": "Memory", "value": "MEMORY" }, { "name": "Unspecified", "value": "UNSPECIFIED" }, { "name": "Vcpu", "value": "VCPU" } ] }, "google-native:compute/v1:ResourcePolicyDailyCycle": { "description": "Time window specified for daily operations.", "properties": { "daysInCycle": { "type": "integer", "description": "Defines a schedule with units measured in days. The value determines how many days pass between the start of each cycle." }, "startTime": { "type": "string", "description": "Start time of the window. This must be in UTC format that resolves to one of 00:00, 04:00, 08:00, 12:00, 16:00, or 20:00. For example, both 13:00-5 and 08:00 are valid." } }, "type": "object" }, "google-native:compute/v1:ResourcePolicyDailyCycleResponse": { "description": "Time window specified for daily operations.", "properties": { "daysInCycle": { "type": "integer", "description": "Defines a schedule with units measured in days. The value determines how many days pass between the start of each cycle." }, "duration": { "type": "string", "description": "[Output only] A predetermined duration for the window, automatically chosen to be the smallest possible in the given scenario." }, "startTime": { "type": "string", "description": "Start time of the window. This must be in UTC format that resolves to one of 00:00, 04:00, 08:00, 12:00, 16:00, or 20:00. For example, both 13:00-5 and 08:00 are valid." } }, "type": "object", "required": [ "daysInCycle", "duration", "startTime" ] }, "google-native:compute/v1:ResourcePolicyDiskConsistencyGroupPolicy": { "description": "Resource policy for disk consistency groups.", "type": "object" }, "google-native:compute/v1:ResourcePolicyDiskConsistencyGroupPolicyResponse": { "description": "Resource policy for disk consistency groups.", "type": "object" }, "google-native:compute/v1:ResourcePolicyGroupPlacementPolicy": { "description": "A GroupPlacementPolicy specifies resource placement configuration. It specifies the failure bucket separation as well as network locality", "properties": { "availabilityDomainCount": { "type": "integer", "description": "The number of availability domains to spread instances across. If two instances are in different availability domain, they are not in the same low latency network." }, "collocation": { "$ref": "#/types/google-native:compute%2Fv1:ResourcePolicyGroupPlacementPolicyCollocation", "description": "Specifies network collocation" }, "vmCount": { "type": "integer", "description": "Number of VMs in this placement group. Google does not recommend that you use this field unless you use a compact policy and you want your policy to work only if it contains this exact number of VMs." } }, "type": "object" }, "google-native:compute/v1:ResourcePolicyGroupPlacementPolicyCollocation": { "description": "Specifies network collocation", "type": "string", "enum": [ { "name": "Collocated", "value": "COLLOCATED" }, { "name": "UnspecifiedCollocation", "value": "UNSPECIFIED_COLLOCATION" } ] }, "google-native:compute/v1:ResourcePolicyGroupPlacementPolicyResponse": { "description": "A GroupPlacementPolicy specifies resource placement configuration. It specifies the failure bucket separation as well as network locality", "properties": { "availabilityDomainCount": { "type": "integer", "description": "The number of availability domains to spread instances across. If two instances are in different availability domain, they are not in the same low latency network." }, "collocation": { "type": "string", "description": "Specifies network collocation" }, "vmCount": { "type": "integer", "description": "Number of VMs in this placement group. Google does not recommend that you use this field unless you use a compact policy and you want your policy to work only if it contains this exact number of VMs." } }, "type": "object", "required": [ "availabilityDomainCount", "collocation", "vmCount" ] }, "google-native:compute/v1:ResourcePolicyHourlyCycle": { "description": "Time window specified for hourly operations.", "properties": { "hoursInCycle": { "type": "integer", "description": "Defines a schedule with units measured in hours. The value determines how many hours pass between the start of each cycle." }, "startTime": { "type": "string", "description": "Time within the window to start the operations. It must be in format \"HH:MM\", where HH : [00-23] and MM : [00-00] GMT." } }, "type": "object" }, "google-native:compute/v1:ResourcePolicyHourlyCycleResponse": { "description": "Time window specified for hourly operations.", "properties": { "duration": { "type": "string", "description": "[Output only] Duration of the time window, automatically chosen to be smallest possible in the given scenario." }, "hoursInCycle": { "type": "integer", "description": "Defines a schedule with units measured in hours. The value determines how many hours pass between the start of each cycle." }, "startTime": { "type": "string", "description": "Time within the window to start the operations. It must be in format \"HH:MM\", where HH : [00-23] and MM : [00-00] GMT." } }, "type": "object", "required": [ "duration", "hoursInCycle", "startTime" ] }, "google-native:compute/v1:ResourcePolicyInstanceSchedulePolicy": { "description": "An InstanceSchedulePolicy specifies when and how frequent certain operations are performed on the instance.", "properties": { "expirationTime": { "type": "string", "description": "The expiration time of the schedule. The timestamp is an RFC3339 string." }, "startTime": { "type": "string", "description": "The start time of the schedule. The timestamp is an RFC3339 string." }, "timeZone": { "type": "string", "description": "Specifies the time zone to be used in interpreting Schedule.schedule. The value of this field must be a time zone name from the tz database: https://wikipedia.org/wiki/Tz_database." }, "vmStartSchedule": { "$ref": "#/types/google-native:compute%2Fv1:ResourcePolicyInstanceSchedulePolicySchedule", "description": "Specifies the schedule for starting instances." }, "vmStopSchedule": { "$ref": "#/types/google-native:compute%2Fv1:ResourcePolicyInstanceSchedulePolicySchedule", "description": "Specifies the schedule for stopping instances." } }, "type": "object" }, "google-native:compute/v1:ResourcePolicyInstanceSchedulePolicyResponse": { "description": "An InstanceSchedulePolicy specifies when and how frequent certain operations are performed on the instance.", "properties": { "expirationTime": { "type": "string", "description": "The expiration time of the schedule. The timestamp is an RFC3339 string." }, "startTime": { "type": "string", "description": "The start time of the schedule. The timestamp is an RFC3339 string." }, "timeZone": { "type": "string", "description": "Specifies the time zone to be used in interpreting Schedule.schedule. The value of this field must be a time zone name from the tz database: https://wikipedia.org/wiki/Tz_database." }, "vmStartSchedule": { "$ref": "#/types/google-native:compute%2Fv1:ResourcePolicyInstanceSchedulePolicyScheduleResponse", "description": "Specifies the schedule for starting instances." }, "vmStopSchedule": { "$ref": "#/types/google-native:compute%2Fv1:ResourcePolicyInstanceSchedulePolicyScheduleResponse", "description": "Specifies the schedule for stopping instances." } }, "type": "object", "required": [ "expirationTime", "startTime", "timeZone", "vmStartSchedule", "vmStopSchedule" ] }, "google-native:compute/v1:ResourcePolicyInstanceSchedulePolicySchedule": { "description": "Schedule for an instance operation.", "properties": { "schedule": { "type": "string", "description": "Specifies the frequency for the operation, using the unix-cron format." } }, "type": "object" }, "google-native:compute/v1:ResourcePolicyInstanceSchedulePolicyScheduleResponse": { "description": "Schedule for an instance operation.", "properties": { "schedule": { "type": "string", "description": "Specifies the frequency for the operation, using the unix-cron format." } }, "type": "object", "required": [ "schedule" ] }, "google-native:compute/v1:ResourcePolicyResourceStatusInstanceSchedulePolicyStatusResponse": { "properties": { "lastRunStartTime": { "type": "string", "description": "The last time the schedule successfully ran. The timestamp is an RFC3339 string." }, "nextRunStartTime": { "type": "string", "description": "The next time the schedule is planned to run. The actual time might be slightly different. The timestamp is an RFC3339 string." } }, "type": "object", "required": [ "lastRunStartTime", "nextRunStartTime" ] }, "google-native:compute/v1:ResourcePolicyResourceStatusResponse": { "description": "Contains output only fields. Use this sub-message for all output fields set on ResourcePolicy. The internal structure of this \"status\" field should mimic the structure of ResourcePolicy proto specification.", "properties": { "instanceSchedulePolicy": { "$ref": "#/types/google-native:compute%2Fv1:ResourcePolicyResourceStatusInstanceSchedulePolicyStatusResponse", "description": "Specifies a set of output values reffering to the instance_schedule_policy system status. This field should have the same name as corresponding policy field." } }, "type": "object", "required": [ "instanceSchedulePolicy" ] }, "google-native:compute/v1:ResourcePolicySnapshotSchedulePolicy": { "description": "A snapshot schedule policy specifies when and how frequently snapshots are to be created for the target disk. Also specifies how many and how long these scheduled snapshots should be retained.", "properties": { "retentionPolicy": { "$ref": "#/types/google-native:compute%2Fv1:ResourcePolicySnapshotSchedulePolicyRetentionPolicy", "description": "Retention policy applied to snapshots created by this resource policy." }, "schedule": { "$ref": "#/types/google-native:compute%2Fv1:ResourcePolicySnapshotSchedulePolicySchedule", "description": "A Vm Maintenance Policy specifies what kind of infrastructure maintenance we are allowed to perform on this VM and when. Schedule that is applied to disks covered by this policy." }, "snapshotProperties": { "$ref": "#/types/google-native:compute%2Fv1:ResourcePolicySnapshotSchedulePolicySnapshotProperties", "description": "Properties with which snapshots are created such as labels, encryption keys." } }, "type": "object" }, "google-native:compute/v1:ResourcePolicySnapshotSchedulePolicyResponse": { "description": "A snapshot schedule policy specifies when and how frequently snapshots are to be created for the target disk. Also specifies how many and how long these scheduled snapshots should be retained.", "properties": { "retentionPolicy": { "$ref": "#/types/google-native:compute%2Fv1:ResourcePolicySnapshotSchedulePolicyRetentionPolicyResponse", "description": "Retention policy applied to snapshots created by this resource policy." }, "schedule": { "$ref": "#/types/google-native:compute%2Fv1:ResourcePolicySnapshotSchedulePolicyScheduleResponse", "description": "A Vm Maintenance Policy specifies what kind of infrastructure maintenance we are allowed to perform on this VM and when. Schedule that is applied to disks covered by this policy." }, "snapshotProperties": { "$ref": "#/types/google-native:compute%2Fv1:ResourcePolicySnapshotSchedulePolicySnapshotPropertiesResponse", "description": "Properties with which snapshots are created such as labels, encryption keys." } }, "type": "object", "required": [ "retentionPolicy", "schedule", "snapshotProperties" ] }, "google-native:compute/v1:ResourcePolicySnapshotSchedulePolicyRetentionPolicy": { "description": "Policy for retention of scheduled snapshots.", "properties": { "maxRetentionDays": { "type": "integer", "description": "Maximum age of the snapshot that is allowed to be kept." }, "onSourceDiskDelete": { "$ref": "#/types/google-native:compute%2Fv1:ResourcePolicySnapshotSchedulePolicyRetentionPolicyOnSourceDiskDelete", "description": "Specifies the behavior to apply to scheduled snapshots when the source disk is deleted." } }, "type": "object" }, "google-native:compute/v1:ResourcePolicySnapshotSchedulePolicyRetentionPolicyOnSourceDiskDelete": { "description": "Specifies the behavior to apply to scheduled snapshots when the source disk is deleted.", "type": "string", "enum": [ { "name": "ApplyRetentionPolicy", "value": "APPLY_RETENTION_POLICY" }, { "name": "KeepAutoSnapshots", "value": "KEEP_AUTO_SNAPSHOTS" }, { "name": "UnspecifiedOnSourceDiskDelete", "value": "UNSPECIFIED_ON_SOURCE_DISK_DELETE" } ] }, "google-native:compute/v1:ResourcePolicySnapshotSchedulePolicyRetentionPolicyResponse": { "description": "Policy for retention of scheduled snapshots.", "properties": { "maxRetentionDays": { "type": "integer", "description": "Maximum age of the snapshot that is allowed to be kept." }, "onSourceDiskDelete": { "type": "string", "description": "Specifies the behavior to apply to scheduled snapshots when the source disk is deleted." } }, "type": "object", "required": [ "maxRetentionDays", "onSourceDiskDelete" ] }, "google-native:compute/v1:ResourcePolicySnapshotSchedulePolicySchedule": { "description": "A schedule for disks where the schedueled operations are performed.", "properties": { "dailySchedule": { "$ref": "#/types/google-native:compute%2Fv1:ResourcePolicyDailyCycle" }, "hourlySchedule": { "$ref": "#/types/google-native:compute%2Fv1:ResourcePolicyHourlyCycle" }, "weeklySchedule": { "$ref": "#/types/google-native:compute%2Fv1:ResourcePolicyWeeklyCycle" } }, "type": "object" }, "google-native:compute/v1:ResourcePolicySnapshotSchedulePolicyScheduleResponse": { "description": "A schedule for disks where the schedueled operations are performed.", "properties": { "dailySchedule": { "$ref": "#/types/google-native:compute%2Fv1:ResourcePolicyDailyCycleResponse" }, "hourlySchedule": { "$ref": "#/types/google-native:compute%2Fv1:ResourcePolicyHourlyCycleResponse" }, "weeklySchedule": { "$ref": "#/types/google-native:compute%2Fv1:ResourcePolicyWeeklyCycleResponse" } }, "type": "object", "required": [ "dailySchedule", "hourlySchedule", "weeklySchedule" ] }, "google-native:compute/v1:ResourcePolicySnapshotSchedulePolicySnapshotProperties": { "description": "Specified snapshot properties for scheduled snapshots created by this policy.", "properties": { "chainName": { "type": "string", "description": "Chain name that the snapshot is created in." }, "guestFlush": { "type": "boolean", "description": "Indication to perform a 'guest aware' snapshot." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels to apply to scheduled snapshots. These can be later modified by the setLabels method. Label values may be empty." }, "storageLocations": { "type": "array", "items": { "type": "string" }, "description": "Cloud Storage bucket storage location of the auto snapshot (regional or multi-regional)." } }, "type": "object" }, "google-native:compute/v1:ResourcePolicySnapshotSchedulePolicySnapshotPropertiesResponse": { "description": "Specified snapshot properties for scheduled snapshots created by this policy.", "properties": { "chainName": { "type": "string", "description": "Chain name that the snapshot is created in." }, "guestFlush": { "type": "boolean", "description": "Indication to perform a 'guest aware' snapshot." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels to apply to scheduled snapshots. These can be later modified by the setLabels method. Label values may be empty." }, "storageLocations": { "type": "array", "items": { "type": "string" }, "description": "Cloud Storage bucket storage location of the auto snapshot (regional or multi-regional)." } }, "type": "object", "required": [ "chainName", "guestFlush", "labels", "storageLocations" ] }, "google-native:compute/v1:ResourcePolicyWeeklyCycle": { "description": "Time window specified for weekly operations.", "properties": { "dayOfWeeks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:ResourcePolicyWeeklyCycleDayOfWeek" }, "description": "Up to 7 intervals/windows, one for each day of the week." } }, "type": "object" }, "google-native:compute/v1:ResourcePolicyWeeklyCycleDayOfWeek": { "properties": { "day": { "$ref": "#/types/google-native:compute%2Fv1:ResourcePolicyWeeklyCycleDayOfWeekDay", "description": "Defines a schedule that runs on specific days of the week. Specify one or more days. The following options are available: MONDAY, TUESDAY, WEDNESDAY, THURSDAY, FRIDAY, SATURDAY, SUNDAY." }, "startTime": { "type": "string", "description": "Time within the window to start the operations. It must be in format \"HH:MM\", where HH : [00-23] and MM : [00-00] GMT." } }, "type": "object" }, "google-native:compute/v1:ResourcePolicyWeeklyCycleDayOfWeekDay": { "description": "Defines a schedule that runs on specific days of the week. Specify one or more days. The following options are available: MONDAY, TUESDAY, WEDNESDAY, THURSDAY, FRIDAY, SATURDAY, SUNDAY.", "type": "string", "enum": [ { "name": "Friday", "value": "FRIDAY" }, { "name": "Invalid", "value": "INVALID" }, { "name": "Monday", "value": "MONDAY" }, { "name": "Saturday", "value": "SATURDAY" }, { "name": "Sunday", "value": "SUNDAY" }, { "name": "Thursday", "value": "THURSDAY" }, { "name": "Tuesday", "value": "TUESDAY" }, { "name": "Wednesday", "value": "WEDNESDAY" } ] }, "google-native:compute/v1:ResourcePolicyWeeklyCycleDayOfWeekResponse": { "properties": { "day": { "type": "string", "description": "Defines a schedule that runs on specific days of the week. Specify one or more days. The following options are available: MONDAY, TUESDAY, WEDNESDAY, THURSDAY, FRIDAY, SATURDAY, SUNDAY." }, "duration": { "type": "string", "description": "[Output only] Duration of the time window, automatically chosen to be smallest possible in the given scenario." }, "startTime": { "type": "string", "description": "Time within the window to start the operations. It must be in format \"HH:MM\", where HH : [00-23] and MM : [00-00] GMT." } }, "type": "object", "required": [ "day", "duration", "startTime" ] }, "google-native:compute/v1:ResourcePolicyWeeklyCycleResponse": { "description": "Time window specified for weekly operations.", "properties": { "dayOfWeeks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:ResourcePolicyWeeklyCycleDayOfWeekResponse" }, "description": "Up to 7 intervals/windows, one for each day of the week." } }, "type": "object", "required": [ "dayOfWeeks" ] }, "google-native:compute/v1:ResourceStatusResponse": { "description": "Contains output only fields. Use this sub-message for actual values set on Instance attributes as compared to the value requested by the user (intent) in their instance CRUD calls.", "properties": { "physicalHost": { "type": "string", "description": "An opaque ID of the host on which the VM is running." }, "upcomingMaintenance": { "$ref": "#/types/google-native:compute%2Fv1:UpcomingMaintenanceResponse" } }, "type": "object", "required": [ "physicalHost", "upcomingMaintenance" ] }, "google-native:compute/v1:RouteAsPathResponse": { "properties": { "asLists": { "type": "array", "items": { "type": "integer" }, "description": "The AS numbers of the AS Path." }, "pathSegmentType": { "type": "string", "description": "The type of the AS Path, which can be one of the following values: - 'AS_SET': unordered set of autonomous systems that the route in has traversed - 'AS_SEQUENCE': ordered set of autonomous systems that the route has traversed - 'AS_CONFED_SEQUENCE': ordered set of Member Autonomous Systems in the local confederation that the route has traversed - 'AS_CONFED_SET': unordered set of Member Autonomous Systems in the local confederation that the route has traversed " } }, "type": "object", "required": [ "asLists", "pathSegmentType" ] }, "google-native:compute/v1:RouteWarningsItemDataItemResponse": { "properties": { "key": { "type": "string", "description": "A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)." }, "value": { "type": "string", "description": "A warning data value corresponding to the key." } }, "type": "object", "required": [ "key", "value" ] }, "google-native:compute/v1:RouteWarningsItemResponse": { "properties": { "code": { "type": "string", "description": "A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response." }, "data": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:RouteWarningsItemDataItemResponse" }, "description": "Metadata about this warning in key: value format. For example: \"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" } " }, "message": { "type": "string", "description": "A human-readable description of the warning code." } }, "type": "object", "required": [ "code", "data", "message" ] }, "google-native:compute/v1:RouterAdvertisedIpRange": { "description": "Description-tagged IP ranges for the router to advertise.", "properties": { "description": { "type": "string", "description": "User-specified description for the IP range." }, "range": { "type": "string", "description": "The IP range to advertise. The value must be a CIDR-formatted string." } }, "type": "object" }, "google-native:compute/v1:RouterAdvertisedIpRangeResponse": { "description": "Description-tagged IP ranges for the router to advertise.", "properties": { "description": { "type": "string", "description": "User-specified description for the IP range." }, "range": { "type": "string", "description": "The IP range to advertise. The value must be a CIDR-formatted string." } }, "type": "object", "required": [ "description", "range" ] }, "google-native:compute/v1:RouterBgp": { "properties": { "advertiseMode": { "$ref": "#/types/google-native:compute%2Fv1:RouterBgpAdvertiseMode", "description": "User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM." }, "advertisedGroups": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:RouterBgpAdvertisedGroupsItem" }, "description": "User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups." }, "advertisedIpRanges": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:RouterAdvertisedIpRange" }, "description": "User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These IP ranges will be advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges." }, "asn": { "type": "integer", "description": "Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN." }, "keepaliveInterval": { "type": "integer", "description": "The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20." } }, "type": "object" }, "google-native:compute/v1:RouterBgpAdvertiseMode": { "description": "User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM.", "type": "string", "enum": [ { "name": "Custom", "value": "CUSTOM" }, { "name": "Default", "value": "DEFAULT" } ] }, "google-native:compute/v1:RouterBgpAdvertisedGroupsItem": { "type": "string", "enum": [ { "name": "AllSubnets", "description": "Advertise all available subnets (including peer VPC subnets).", "value": "ALL_SUBNETS" } ] }, "google-native:compute/v1:RouterBgpPeer": { "properties": { "advertiseMode": { "$ref": "#/types/google-native:compute%2Fv1:RouterBgpPeerAdvertiseMode", "description": "User-specified flag to indicate which mode to use for advertisement." }, "advertisedGroups": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:RouterBgpPeerAdvertisedGroupsItem" }, "description": "User-specified list of prefix groups to advertise in custom mode, which currently supports the following option: - ALL_SUBNETS: Advertises all of the router's own VPC subnets. This excludes any routes learned for subnets that use VPC Network Peering. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the \"bgp\" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups." }, "advertisedIpRanges": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:RouterAdvertisedIpRange" }, "description": "User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the \"bgp\" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges." }, "advertisedRoutePriority": { "type": "integer", "description": "The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win." }, "bfd": { "$ref": "#/types/google-native:compute%2Fv1:RouterBgpPeerBfd", "description": "BFD configuration for the BGP peering." }, "customLearnedIpRanges": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:RouterBgpPeerCustomLearnedIpRange" }, "description": "A list of user-defined custom learned route IP address ranges for a BGP session." }, "customLearnedRoutePriority": { "type": "integer", "description": "The user-defined custom learned route priority for a BGP session. This value is applied to all custom learned route ranges for the session. You can choose a value from `0` to `65335`. If you don't provide a value, Google Cloud assigns a priority of `100` to the ranges." }, "enable": { "$ref": "#/types/google-native:compute%2Fv1:RouterBgpPeerEnable", "description": "The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE." }, "enableIpv6": { "type": "boolean", "description": "Enable IPv6 traffic over BGP Peer. If not specified, it is disabled by default." }, "interfaceName": { "type": "string", "description": "Name of the interface the BGP peer is associated with." }, "ipAddress": { "type": "string", "description": "IP address of the interface inside Google Cloud Platform. Only IPv4 is supported." }, "ipv6NexthopAddress": { "type": "string", "description": "IPv6 address of the interface inside Google Cloud Platform." }, "md5AuthenticationKeyName": { "type": "string", "description": "Present if MD5 authentication is enabled for the peering. Must be the name of one of the entries in the Router.md5_authentication_keys. The field must comply with RFC1035." }, "name": { "type": "string", "description": "Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "peerAsn": { "type": "integer", "description": "Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value." }, "peerIpAddress": { "type": "string", "description": "IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported." }, "peerIpv6NexthopAddress": { "type": "string", "description": "IPv6 address of the BGP interface outside Google Cloud Platform." }, "routerApplianceInstance": { "type": "string", "description": "URI of the VM instance that is used as third-party router appliances such as Next Gen Firewalls, Virtual Routers, or Router Appliances. The VM instance must be located in zones contained in the same region as this Cloud Router. The VM instance is the peer side of the BGP session." } }, "type": "object" }, "google-native:compute/v1:RouterBgpPeerAdvertiseMode": { "description": "User-specified flag to indicate which mode to use for advertisement.", "type": "string", "enum": [ { "name": "Custom", "value": "CUSTOM" }, { "name": "Default", "value": "DEFAULT" } ] }, "google-native:compute/v1:RouterBgpPeerAdvertisedGroupsItem": { "type": "string", "enum": [ { "name": "AllSubnets", "description": "Advertise all available subnets (including peer VPC subnets).", "value": "ALL_SUBNETS" } ] }, "google-native:compute/v1:RouterBgpPeerBfd": { "properties": { "minReceiveInterval": { "type": "integer", "description": "The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router. If set, this value must be between 1000 and 30000. The default is 1000." }, "minTransmitInterval": { "type": "integer", "description": "The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router. If set, this value must be between 1000 and 30000. The default is 1000." }, "multiplier": { "type": "integer", "description": "The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable. If set, the value must be a value between 5 and 16. The default is 5." }, "sessionInitializationMode": { "$ref": "#/types/google-native:compute%2Fv1:RouterBgpPeerBfdSessionInitializationMode", "description": "The BFD session initialization mode for this BGP peer. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is DISABLED." } }, "type": "object" }, "google-native:compute/v1:RouterBgpPeerBfdResponse": { "properties": { "minReceiveInterval": { "type": "integer", "description": "The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router. If set, this value must be between 1000 and 30000. The default is 1000." }, "minTransmitInterval": { "type": "integer", "description": "The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router. If set, this value must be between 1000 and 30000. The default is 1000." }, "multiplier": { "type": "integer", "description": "The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable. If set, the value must be a value between 5 and 16. The default is 5." }, "sessionInitializationMode": { "type": "string", "description": "The BFD session initialization mode for this BGP peer. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is DISABLED." } }, "type": "object", "required": [ "minReceiveInterval", "minTransmitInterval", "multiplier", "sessionInitializationMode" ] }, "google-native:compute/v1:RouterBgpPeerBfdSessionInitializationMode": { "description": "The BFD session initialization mode for this BGP peer. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is DISABLED.", "type": "string", "enum": [ { "name": "Active", "value": "ACTIVE" }, { "name": "Disabled", "value": "DISABLED" }, { "name": "Passive", "value": "PASSIVE" } ] }, "google-native:compute/v1:RouterBgpPeerCustomLearnedIpRange": { "properties": { "range": { "type": "string", "description": "The custom learned route IP address range. Must be a valid CIDR-formatted prefix. If an IP address is provided without a subnet mask, it is interpreted as, for IPv4, a `/32` singular IP address range, and, for IPv6, `/128`." } }, "type": "object" }, "google-native:compute/v1:RouterBgpPeerCustomLearnedIpRangeResponse": { "properties": { "range": { "type": "string", "description": "The custom learned route IP address range. Must be a valid CIDR-formatted prefix. If an IP address is provided without a subnet mask, it is interpreted as, for IPv4, a `/32` singular IP address range, and, for IPv6, `/128`." } }, "type": "object", "required": [ "range" ] }, "google-native:compute/v1:RouterBgpPeerEnable": { "description": "The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.", "type": "string", "enum": [ { "name": "False", "value": "FALSE" }, { "name": "True", "value": "TRUE" } ] }, "google-native:compute/v1:RouterBgpPeerResponse": { "properties": { "advertiseMode": { "type": "string", "description": "User-specified flag to indicate which mode to use for advertisement." }, "advertisedGroups": { "type": "array", "items": { "type": "string" }, "description": "User-specified list of prefix groups to advertise in custom mode, which currently supports the following option: - ALL_SUBNETS: Advertises all of the router's own VPC subnets. This excludes any routes learned for subnets that use VPC Network Peering. Note that this field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the \"bgp\" message). These groups are advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups." }, "advertisedIpRanges": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:RouterAdvertisedIpRangeResponse" }, "description": "User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and overrides the list defined for the router (in the \"bgp\" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges." }, "advertisedRoutePriority": { "type": "integer", "description": "The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win." }, "bfd": { "$ref": "#/types/google-native:compute%2Fv1:RouterBgpPeerBfdResponse", "description": "BFD configuration for the BGP peering." }, "customLearnedIpRanges": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:RouterBgpPeerCustomLearnedIpRangeResponse" }, "description": "A list of user-defined custom learned route IP address ranges for a BGP session." }, "customLearnedRoutePriority": { "type": "integer", "description": "The user-defined custom learned route priority for a BGP session. This value is applied to all custom learned route ranges for the session. You can choose a value from `0` to `65335`. If you don't provide a value, Google Cloud assigns a priority of `100` to the ranges." }, "enable": { "type": "string", "description": "The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE." }, "enableIpv6": { "type": "boolean", "description": "Enable IPv6 traffic over BGP Peer. If not specified, it is disabled by default." }, "interfaceName": { "type": "string", "description": "Name of the interface the BGP peer is associated with." }, "ipAddress": { "type": "string", "description": "IP address of the interface inside Google Cloud Platform. Only IPv4 is supported." }, "ipv6NexthopAddress": { "type": "string", "description": "IPv6 address of the interface inside Google Cloud Platform." }, "managementType": { "type": "string", "description": "The resource that configures and manages this BGP peer. - MANAGED_BY_USER is the default value and can be managed by you or other users - MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted. " }, "md5AuthenticationKeyName": { "type": "string", "description": "Present if MD5 authentication is enabled for the peering. Must be the name of one of the entries in the Router.md5_authentication_keys. The field must comply with RFC1035." }, "name": { "type": "string", "description": "Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "peerAsn": { "type": "integer", "description": "Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value." }, "peerIpAddress": { "type": "string", "description": "IP address of the BGP interface outside Google Cloud Platform. Only IPv4 is supported." }, "peerIpv6NexthopAddress": { "type": "string", "description": "IPv6 address of the BGP interface outside Google Cloud Platform." }, "routerApplianceInstance": { "type": "string", "description": "URI of the VM instance that is used as third-party router appliances such as Next Gen Firewalls, Virtual Routers, or Router Appliances. The VM instance must be located in zones contained in the same region as this Cloud Router. The VM instance is the peer side of the BGP session." } }, "type": "object", "required": [ "advertiseMode", "advertisedGroups", "advertisedIpRanges", "advertisedRoutePriority", "bfd", "customLearnedIpRanges", "customLearnedRoutePriority", "enable", "enableIpv6", "interfaceName", "ipAddress", "ipv6NexthopAddress", "managementType", "md5AuthenticationKeyName", "name", "peerAsn", "peerIpAddress", "peerIpv6NexthopAddress", "routerApplianceInstance" ] }, "google-native:compute/v1:RouterBgpResponse": { "properties": { "advertiseMode": { "type": "string", "description": "User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM." }, "advertisedGroups": { "type": "array", "items": { "type": "string" }, "description": "User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups." }, "advertisedIpRanges": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:RouterAdvertisedIpRangeResponse" }, "description": "User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertise_mode is CUSTOM and is advertised to all peers of the router. These IP ranges will be advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges." }, "asn": { "type": "integer", "description": "Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN." }, "keepaliveInterval": { "type": "integer", "description": "The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20." } }, "type": "object", "required": [ "advertiseMode", "advertisedGroups", "advertisedIpRanges", "asn", "keepaliveInterval" ] }, "google-native:compute/v1:RouterInterface": { "properties": { "ipRange": { "type": "string", "description": "IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface." }, "linkedInterconnectAttachment": { "type": "string", "description": "URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a subnetwork." }, "linkedVpnTunnel": { "type": "string", "description": "URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a subnetwork." }, "name": { "type": "string", "description": "Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "privateIpAddress": { "type": "string", "description": "The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM." }, "redundantInterface": { "type": "string", "description": "Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "subnetwork": { "type": "string", "description": "The URI of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here." } }, "type": "object" }, "google-native:compute/v1:RouterInterfaceResponse": { "properties": { "ipRange": { "type": "string", "description": "IP address and range of the interface. The IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example: 169.254.0.1/30. NOTE: Do not truncate the address as it represents the IP address of the interface." }, "linkedInterconnectAttachment": { "type": "string", "description": "URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a subnetwork." }, "linkedVpnTunnel": { "type": "string", "description": "URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a subnetwork." }, "managementType": { "type": "string", "description": "The resource that configures and manages this interface. - MANAGED_BY_USER is the default value and can be managed directly by users. - MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted. " }, "name": { "type": "string", "description": "Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "privateIpAddress": { "type": "string", "description": "The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM." }, "redundantInterface": { "type": "string", "description": "Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundant_interface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundant_interface must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash." }, "subnetwork": { "type": "string", "description": "The URI of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here." } }, "type": "object", "required": [ "ipRange", "linkedInterconnectAttachment", "linkedVpnTunnel", "managementType", "name", "privateIpAddress", "redundantInterface", "subnetwork" ] }, "google-native:compute/v1:RouterMd5AuthenticationKey": { "properties": { "key": { "type": "string", "description": "[Input only] Value of the key. For patch and update calls, it can be skipped to copy the value from the previous configuration. This is allowed if the key with the same name existed before the operation. Maximum length is 80 characters. Can only contain printable ASCII characters." }, "name": { "type": "string", "description": "Name used to identify the key. Must be unique within a router. Must be referenced by exactly one bgpPeer. Must comply with RFC1035." } }, "type": "object" }, "google-native:compute/v1:RouterMd5AuthenticationKeyResponse": { "properties": { "key": { "type": "string", "description": "[Input only] Value of the key. For patch and update calls, it can be skipped to copy the value from the previous configuration. This is allowed if the key with the same name existed before the operation. Maximum length is 80 characters. Can only contain printable ASCII characters." }, "name": { "type": "string", "description": "Name used to identify the key. Must be unique within a router. Must be referenced by exactly one bgpPeer. Must comply with RFC1035." } }, "type": "object", "required": [ "key", "name" ] }, "google-native:compute/v1:RouterNat": { "description": "Represents a Nat resource. It enables the VMs within the specified subnetworks to access Internet without external IP addresses. It specifies a list of subnetworks (and the ranges within) that want to use NAT. Customers can also provide the external IPs that would be used for NAT. GCP would auto-allocate ephemeral IPs if no external IPs are provided.", "properties": { "autoNetworkTier": { "$ref": "#/types/google-native:compute%2Fv1:RouterNatAutoNetworkTier", "description": "The network tier to use when automatically reserving NAT IP addresses. Must be one of: PREMIUM, STANDARD. If not specified, then the current project-level default tier is used." }, "drainNatIps": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT only." }, "enableDynamicPortAllocation": { "type": "boolean", "description": "Enable Dynamic Port Allocation. If not specified, it is disabled by default. If set to true, - Dynamic Port Allocation will be enabled on this NAT config. - enableEndpointIndependentMapping cannot be set to true. - If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config. " }, "enableEndpointIndependentMapping": { "type": "boolean" }, "endpointTypes": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:RouterNatEndpointTypesItem" }, "description": "List of NAT-ted endpoint types supported by the Nat Gateway. If the list is empty, then it will be equivalent to include ENDPOINT_TYPE_VM" }, "icmpIdleTimeoutSec": { "type": "integer", "description": "Timeout (in seconds) for ICMP connections. Defaults to 30s if not set." }, "logConfig": { "$ref": "#/types/google-native:compute%2Fv1:RouterNatLogConfig", "description": "Configure logging on this NAT." }, "maxPortsPerVm": { "type": "integer", "description": "Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled. If Dynamic Port Allocation is not enabled, this field has no effect. If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set. If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config." }, "minPortsPerVm": { "type": "integer", "description": "Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM." }, "name": { "type": "string", "description": "Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035." }, "natIpAllocateOption": { "$ref": "#/types/google-native:compute%2Fv1:RouterNatNatIpAllocateOption", "description": "Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty. " }, "natIps": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project." }, "rules": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:RouterNatRule" }, "description": "A list of rules associated with this NAT." }, "sourceSubnetworkIpRangesToNat": { "$ref": "#/types/google-native:compute%2Fv1:RouterNatSourceSubnetworkIpRangesToNat", "description": "Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES then there should not be any other Router.Nat section in any Router for this network in this region." }, "subnetworks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:RouterNatSubnetworkToNat" }, "description": "A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above." }, "tcpEstablishedIdleTimeoutSec": { "type": "integer", "description": "Timeout (in seconds) for TCP established connections. Defaults to 1200s if not set." }, "tcpTimeWaitTimeoutSec": { "type": "integer", "description": "Timeout (in seconds) for TCP connections that are in TIME_WAIT state. Defaults to 120s if not set." }, "tcpTransitoryIdleTimeoutSec": { "type": "integer", "description": "Timeout (in seconds) for TCP transitory connections. Defaults to 30s if not set." }, "type": { "$ref": "#/types/google-native:compute%2Fv1:RouterNatType", "description": "Indicates whether this NAT is used for public or private IP translation. If unspecified, it defaults to PUBLIC." }, "udpIdleTimeoutSec": { "type": "integer", "description": "Timeout (in seconds) for UDP connections. Defaults to 30s if not set." } }, "type": "object" }, "google-native:compute/v1:RouterNatAutoNetworkTier": { "description": "The network tier to use when automatically reserving NAT IP addresses. Must be one of: PREMIUM, STANDARD. If not specified, then the current project-level default tier is used.", "type": "string", "enum": [ { "name": "FixedStandard", "description": "Public internet quality with fixed bandwidth.", "value": "FIXED_STANDARD" }, { "name": "Premium", "description": "High quality, Google-grade network tier, support for all networking products.", "value": "PREMIUM" }, { "name": "Standard", "description": "Public internet quality, only limited support for other networking products.", "value": "STANDARD" }, { "name": "StandardOverridesFixedStandard", "description": "(Output only) Temporary tier for FIXED_STANDARD when fixed standard tier is expired or not configured.", "value": "STANDARD_OVERRIDES_FIXED_STANDARD" } ] }, "google-native:compute/v1:RouterNatEndpointTypesItem": { "type": "string", "enum": [ { "name": "EndpointTypeManagedProxyLb", "description": "This is used for regional Application Load Balancers (internal and external) and regional proxy Network Load Balancers (internal and external) endpoints.", "value": "ENDPOINT_TYPE_MANAGED_PROXY_LB" }, { "name": "EndpointTypeSwg", "description": "This is used for Secure Web Gateway endpoints.", "value": "ENDPOINT_TYPE_SWG" }, { "name": "EndpointTypeVm", "description": "This is the default.", "value": "ENDPOINT_TYPE_VM" } ] }, "google-native:compute/v1:RouterNatLogConfig": { "description": "Configuration of logging on a NAT.", "properties": { "enable": { "type": "boolean", "description": "Indicates whether or not to export logs. This is false by default." }, "filter": { "$ref": "#/types/google-native:compute%2Fv1:RouterNatLogConfigFilter", "description": "Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful. " } }, "type": "object" }, "google-native:compute/v1:RouterNatLogConfigFilter": { "description": "Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful. ", "type": "string", "enum": [ { "name": "All", "description": "Export logs for all (successful and unsuccessful) connections.", "value": "ALL" }, { "name": "ErrorsOnly", "description": "Export logs for connection failures only.", "value": "ERRORS_ONLY" }, { "name": "TranslationsOnly", "description": "Export logs for successful connections only.", "value": "TRANSLATIONS_ONLY" } ] }, "google-native:compute/v1:RouterNatLogConfigResponse": { "description": "Configuration of logging on a NAT.", "properties": { "enable": { "type": "boolean", "description": "Indicates whether or not to export logs. This is false by default." }, "filter": { "type": "string", "description": "Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values: - ERRORS_ONLY: Export logs only for connection failures. - TRANSLATIONS_ONLY: Export logs only for successful connections. - ALL: Export logs for all connections, successful and unsuccessful. " } }, "type": "object", "required": [ "enable", "filter" ] }, "google-native:compute/v1:RouterNatNatIpAllocateOption": { "description": "Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty. ", "type": "string", "enum": [ { "name": "AutoOnly", "description": "Nat IPs are allocated by GCP; customers can not specify any Nat IPs.", "value": "AUTO_ONLY" }, { "name": "ManualOnly", "description": "Only use Nat IPs provided by customers. When specified Nat IPs are not enough then the Nat service fails for new VMs.", "value": "MANUAL_ONLY" } ] }, "google-native:compute/v1:RouterNatResponse": { "description": "Represents a Nat resource. It enables the VMs within the specified subnetworks to access Internet without external IP addresses. It specifies a list of subnetworks (and the ranges within) that want to use NAT. Customers can also provide the external IPs that would be used for NAT. GCP would auto-allocate ephemeral IPs if no external IPs are provided.", "properties": { "autoNetworkTier": { "type": "string", "description": "The network tier to use when automatically reserving NAT IP addresses. Must be one of: PREMIUM, STANDARD. If not specified, then the current project-level default tier is used." }, "drainNatIps": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT only." }, "enableDynamicPortAllocation": { "type": "boolean", "description": "Enable Dynamic Port Allocation. If not specified, it is disabled by default. If set to true, - Dynamic Port Allocation will be enabled on this NAT config. - enableEndpointIndependentMapping cannot be set to true. - If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config. " }, "enableEndpointIndependentMapping": { "type": "boolean" }, "endpointTypes": { "type": "array", "items": { "type": "string" }, "description": "List of NAT-ted endpoint types supported by the Nat Gateway. If the list is empty, then it will be equivalent to include ENDPOINT_TYPE_VM" }, "icmpIdleTimeoutSec": { "type": "integer", "description": "Timeout (in seconds) for ICMP connections. Defaults to 30s if not set." }, "logConfig": { "$ref": "#/types/google-native:compute%2Fv1:RouterNatLogConfigResponse", "description": "Configure logging on this NAT." }, "maxPortsPerVm": { "type": "integer", "description": "Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled. If Dynamic Port Allocation is not enabled, this field has no effect. If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set. If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config." }, "minPortsPerVm": { "type": "integer", "description": "Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM." }, "name": { "type": "string", "description": "Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035." }, "natIpAllocateOption": { "type": "string", "description": "Specify the NatIpAllocateOption, which can take one of the following values: - MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs. - AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then nat_ip should be empty. " }, "natIps": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project." }, "rules": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:RouterNatRuleResponse" }, "description": "A list of rules associated with this NAT." }, "sourceSubnetworkIpRangesToNat": { "type": "string", "description": "Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES then there should not be any other Router.Nat section in any Router for this network in this region." }, "subnetworks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:RouterNatSubnetworkToNatResponse" }, "description": "A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above." }, "tcpEstablishedIdleTimeoutSec": { "type": "integer", "description": "Timeout (in seconds) for TCP established connections. Defaults to 1200s if not set." }, "tcpTimeWaitTimeoutSec": { "type": "integer", "description": "Timeout (in seconds) for TCP connections that are in TIME_WAIT state. Defaults to 120s if not set." }, "tcpTransitoryIdleTimeoutSec": { "type": "integer", "description": "Timeout (in seconds) for TCP transitory connections. Defaults to 30s if not set." }, "type": { "type": "string", "description": "Indicates whether this NAT is used for public or private IP translation. If unspecified, it defaults to PUBLIC." }, "udpIdleTimeoutSec": { "type": "integer", "description": "Timeout (in seconds) for UDP connections. Defaults to 30s if not set." } }, "type": "object", "required": [ "autoNetworkTier", "drainNatIps", "enableDynamicPortAllocation", "enableEndpointIndependentMapping", "endpointTypes", "icmpIdleTimeoutSec", "logConfig", "maxPortsPerVm", "minPortsPerVm", "name", "natIpAllocateOption", "natIps", "rules", "sourceSubnetworkIpRangesToNat", "subnetworks", "tcpEstablishedIdleTimeoutSec", "tcpTimeWaitTimeoutSec", "tcpTransitoryIdleTimeoutSec", "type", "udpIdleTimeoutSec" ] }, "google-native:compute/v1:RouterNatRule": { "properties": { "action": { "$ref": "#/types/google-native:compute%2Fv1:RouterNatRuleAction", "description": "The action to be enforced for traffic that matches this rule." }, "description": { "type": "string", "description": "An optional description of this rule." }, "match": { "type": "string", "description": "CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding `action` is enforced. The following examples are valid match expressions for public NAT: \"inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')\" \"destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'\" The following example is a valid match expression for private NAT: \"nexthop.hub == '//networkconnectivity.googleapis.com/projects/my-project/locations/global/hubs/hub-1'\"" }, "ruleNumber": { "type": "integer", "description": "An integer uniquely identifying a rule in the list. The rule number must be a positive value between 0 and 65000, and must be unique among rules within a NAT." } }, "type": "object" }, "google-native:compute/v1:RouterNatRuleAction": { "properties": { "sourceNatActiveIps": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of the IP resources used for this NAT rule. These IP addresses must be valid static external IP addresses assigned to the project. This field is used for public NAT." }, "sourceNatActiveRanges": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of the subnetworks used as source ranges for this NAT Rule. These subnetworks must have purpose set to PRIVATE_NAT. This field is used for private NAT." }, "sourceNatDrainIps": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT rule only. This field is used for public NAT." }, "sourceNatDrainRanges": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of subnetworks representing source ranges to be drained. This is only supported on patch/update, and these subnetworks must have previously been used as active ranges in this NAT Rule. This field is used for private NAT." } }, "type": "object" }, "google-native:compute/v1:RouterNatRuleActionResponse": { "properties": { "sourceNatActiveIps": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of the IP resources used for this NAT rule. These IP addresses must be valid static external IP addresses assigned to the project. This field is used for public NAT." }, "sourceNatActiveRanges": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of the subnetworks used as source ranges for this NAT Rule. These subnetworks must have purpose set to PRIVATE_NAT. This field is used for private NAT." }, "sourceNatDrainIps": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT rule only. This field is used for public NAT." }, "sourceNatDrainRanges": { "type": "array", "items": { "type": "string" }, "description": "A list of URLs of subnetworks representing source ranges to be drained. This is only supported on patch/update, and these subnetworks must have previously been used as active ranges in this NAT Rule. This field is used for private NAT." } }, "type": "object", "required": [ "sourceNatActiveIps", "sourceNatActiveRanges", "sourceNatDrainIps", "sourceNatDrainRanges" ] }, "google-native:compute/v1:RouterNatRuleResponse": { "properties": { "action": { "$ref": "#/types/google-native:compute%2Fv1:RouterNatRuleActionResponse", "description": "The action to be enforced for traffic that matches this rule." }, "description": { "type": "string", "description": "An optional description of this rule." }, "match": { "type": "string", "description": "CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding `action` is enforced. The following examples are valid match expressions for public NAT: \"inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')\" \"destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'\" The following example is a valid match expression for private NAT: \"nexthop.hub == '//networkconnectivity.googleapis.com/projects/my-project/locations/global/hubs/hub-1'\"" }, "ruleNumber": { "type": "integer", "description": "An integer uniquely identifying a rule in the list. The rule number must be a positive value between 0 and 65000, and must be unique among rules within a NAT." } }, "type": "object", "required": [ "action", "description", "match", "ruleNumber" ] }, "google-native:compute/v1:RouterNatSourceSubnetworkIpRangesToNat": { "description": "Specify the Nat option, which can take one of the following values: - ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat. - ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat. - LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below) The default is SUBNETWORK_IP_RANGE_TO_NAT_OPTION_UNSPECIFIED. Note that if this field contains ALL_SUBNETWORKS_ALL_IP_RANGES then there should not be any other Router.Nat section in any Router for this network in this region.", "type": "string", "enum": [ { "name": "AllSubnetworksAllIpRanges", "description": "All the IP ranges in every Subnetwork are allowed to Nat.", "value": "ALL_SUBNETWORKS_ALL_IP_RANGES" }, { "name": "AllSubnetworksAllPrimaryIpRanges", "description": "All the primary IP ranges in every Subnetwork are allowed to Nat.", "value": "ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES" }, { "name": "ListOfSubnetworks", "description": "A list of Subnetworks are allowed to Nat (specified in the field subnetwork below)", "value": "LIST_OF_SUBNETWORKS" } ] }, "google-native:compute/v1:RouterNatSubnetworkToNat": { "description": "Defines the IP ranges that want to use NAT for a subnetwork.", "properties": { "name": { "type": "string", "description": "URL for the subnetwork resource that will use NAT." }, "secondaryIpRangeNames": { "type": "array", "items": { "type": "string" }, "description": "A list of the secondary ranges of the Subnetwork that are allowed to use NAT. This can be populated only if \"LIST_OF_SECONDARY_IP_RANGES\" is one of the values in source_ip_ranges_to_nat." }, "sourceIpRangesToNat": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:RouterNatSubnetworkToNatSourceIpRangesToNatItem" }, "description": "Specify the options for NAT ranges in the Subnetwork. All options of a single value are valid except NAT_IP_RANGE_OPTION_UNSPECIFIED. The only valid option with multiple values is: [\"PRIMARY_IP_RANGE\", \"LIST_OF_SECONDARY_IP_RANGES\"] Default: [ALL_IP_RANGES]" } }, "type": "object" }, "google-native:compute/v1:RouterNatSubnetworkToNatResponse": { "description": "Defines the IP ranges that want to use NAT for a subnetwork.", "properties": { "name": { "type": "string", "description": "URL for the subnetwork resource that will use NAT." }, "secondaryIpRangeNames": { "type": "array", "items": { "type": "string" }, "description": "A list of the secondary ranges of the Subnetwork that are allowed to use NAT. This can be populated only if \"LIST_OF_SECONDARY_IP_RANGES\" is one of the values in source_ip_ranges_to_nat." }, "sourceIpRangesToNat": { "type": "array", "items": { "type": "string" }, "description": "Specify the options for NAT ranges in the Subnetwork. All options of a single value are valid except NAT_IP_RANGE_OPTION_UNSPECIFIED. The only valid option with multiple values is: [\"PRIMARY_IP_RANGE\", \"LIST_OF_SECONDARY_IP_RANGES\"] Default: [ALL_IP_RANGES]" } }, "type": "object", "required": [ "name", "secondaryIpRangeNames", "sourceIpRangesToNat" ] }, "google-native:compute/v1:RouterNatSubnetworkToNatSourceIpRangesToNatItem": { "type": "string", "enum": [ { "name": "AllIpRanges", "description": "The primary and all the secondary ranges are allowed to Nat.", "value": "ALL_IP_RANGES" }, { "name": "ListOfSecondaryIpRanges", "description": "A list of secondary ranges are allowed to Nat.", "value": "LIST_OF_SECONDARY_IP_RANGES" }, { "name": "PrimaryIpRange", "description": "The primary range is allowed to Nat.", "value": "PRIMARY_IP_RANGE" } ] }, "google-native:compute/v1:RouterNatType": { "description": "Indicates whether this NAT is used for public or private IP translation. If unspecified, it defaults to PUBLIC.", "type": "string", "enum": [ { "name": "Private", "description": "NAT used for private IP translation.", "value": "PRIVATE" }, { "name": "Public", "description": "NAT used for public IP translation. This is the default.", "value": "PUBLIC" } ] }, "google-native:compute/v1:Rule": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "action": { "$ref": "#/types/google-native:compute%2Fv1:RuleAction", "description": "This is deprecated and has no effect. Do not use." }, "conditions": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:Condition" }, "description": "This is deprecated and has no effect. Do not use." }, "description": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "ins": { "type": "array", "items": { "type": "string" }, "description": "This is deprecated and has no effect. Do not use." }, "logConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:LogConfig" }, "description": "This is deprecated and has no effect. Do not use." }, "notIns": { "type": "array", "items": { "type": "string" }, "description": "This is deprecated and has no effect. Do not use." }, "permissions": { "type": "array", "items": { "type": "string" }, "description": "This is deprecated and has no effect. Do not use." } }, "type": "object" }, "google-native:compute/v1:RuleAction": { "description": "This is deprecated and has no effect. Do not use.", "type": "string", "enum": [ { "name": "Allow", "description": "This is deprecated and has no effect. Do not use.", "value": "ALLOW" }, { "name": "AllowWithLog", "description": "This is deprecated and has no effect. Do not use.", "value": "ALLOW_WITH_LOG" }, { "name": "Deny", "description": "This is deprecated and has no effect. Do not use.", "value": "DENY" }, { "name": "DenyWithLog", "description": "This is deprecated and has no effect. Do not use.", "value": "DENY_WITH_LOG" }, { "name": "Log", "description": "This is deprecated and has no effect. Do not use.", "value": "LOG" }, { "name": "NoAction", "description": "This is deprecated and has no effect. Do not use.", "value": "NO_ACTION" } ] }, "google-native:compute/v1:RuleResponse": { "description": "This is deprecated and has no effect. Do not use.", "properties": { "action": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "conditions": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:ConditionResponse" }, "description": "This is deprecated and has no effect. Do not use." }, "description": { "type": "string", "description": "This is deprecated and has no effect. Do not use." }, "ins": { "type": "array", "items": { "type": "string" }, "description": "This is deprecated and has no effect. Do not use." }, "logConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:LogConfigResponse" }, "description": "This is deprecated and has no effect. Do not use." }, "notIns": { "type": "array", "items": { "type": "string" }, "description": "This is deprecated and has no effect. Do not use." }, "permissions": { "type": "array", "items": { "type": "string" }, "description": "This is deprecated and has no effect. Do not use." } }, "type": "object", "required": [ "action", "conditions", "description", "ins", "logConfigs", "notIns", "permissions" ] }, "google-native:compute/v1:SSLHealthCheck": { "properties": { "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. The default value is 443. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "$ref": "#/types/google-native:compute%2Fv1:SSLHealthCheckPortSpecification", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." }, "proxyHeader": { "$ref": "#/types/google-native:compute%2Fv1:SSLHealthCheckProxyHeader", "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE." }, "request": { "type": "string", "description": "Instructs the health check prober to send this exact ASCII string, up to 1024 bytes in length, after establishing the TCP connection and SSL handshake." }, "response": { "type": "string", "description": "Creates a content-based SSL health check. In addition to establishing a TCP connection and the TLS handshake, you can configure the health check to pass only when the backend sends this exact response ASCII string, up to 1024 bytes in length. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#criteria-protocol-ssl-tcp" } }, "type": "object" }, "google-native:compute/v1:SSLHealthCheckPortSpecification": { "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports.", "type": "string", "enum": [ { "name": "UseFixedPort", "description": "The port number in the health check's port is used for health checking. Applies to network endpoint group and instance group backends.", "value": "USE_FIXED_PORT" }, { "name": "UseNamedPort", "description": "Not supported.", "value": "USE_NAMED_PORT" }, { "name": "UseServingPort", "description": "For network endpoint group backends, the health check uses the port number specified on each endpoint in the network endpoint group. For instance group backends, the health check uses the port number specified for the backend service's named port defined in the instance group's named ports.", "value": "USE_SERVING_PORT" } ] }, "google-native:compute/v1:SSLHealthCheckProxyHeader": { "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.", "type": "string", "enum": [ { "name": "None", "value": "NONE" }, { "name": "ProxyV1", "value": "PROXY_V1" } ] }, "google-native:compute/v1:SSLHealthCheckResponse": { "properties": { "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. The default value is 443. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "type": "string", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." }, "proxyHeader": { "type": "string", "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE." }, "request": { "type": "string", "description": "Instructs the health check prober to send this exact ASCII string, up to 1024 bytes in length, after establishing the TCP connection and SSL handshake." }, "response": { "type": "string", "description": "Creates a content-based SSL health check. In addition to establishing a TCP connection and the TLS handshake, you can configure the health check to pass only when the backend sends this exact response ASCII string, up to 1024 bytes in length. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#criteria-protocol-ssl-tcp" } }, "type": "object", "required": [ "port", "portName", "portSpecification", "proxyHeader", "request", "response" ] }, "google-native:compute/v1:SavedAttachedDiskResponse": { "description": "DEPRECATED: Please use compute#savedDisk instead. An instance-attached disk resource.", "properties": { "autoDelete": { "type": "boolean", "description": "Specifies whether the disk will be auto-deleted when the instance is deleted (but not when the disk is detached from the instance)." }, "boot": { "type": "boolean", "description": "Indicates that this is a boot disk. The virtual machine will use the first partition of the disk for its root filesystem." }, "deviceName": { "type": "string", "description": "Specifies the name of the disk attached to the source instance." }, "diskEncryptionKey": { "$ref": "#/types/google-native:compute%2Fv1:CustomerEncryptionKeyResponse", "description": "The encryption key for the disk." }, "diskSizeGb": { "type": "string", "description": "The size of the disk in base-2 GB." }, "diskType": { "type": "string", "description": "URL of the disk type resource. For example: projects/project /zones/zone/diskTypes/pd-standard or pd-ssd" }, "guestOsFeatures": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:GuestOsFeatureResponse" }, "description": "A list of features to enable on the guest operating system. Applicable only for bootable images. Read Enabling guest operating system features to see a list of available options." }, "index": { "type": "integer", "description": "Specifies zero-based index of the disk that is attached to the source instance." }, "interface": { "type": "string", "description": "Specifies the disk interface to use for attaching this disk, which is either SCSI or NVME." }, "kind": { "type": "string", "description": "Type of the resource. Always compute#attachedDisk for attached disks." }, "licenses": { "type": "array", "items": { "type": "string" }, "description": "Any valid publicly visible licenses." }, "mode": { "type": "string", "description": "The mode in which this disk is attached to the source instance, either READ_WRITE or READ_ONLY." }, "source": { "type": "string", "description": "Specifies a URL of the disk attached to the source instance." }, "storageBytes": { "type": "string", "description": "A size of the storage used by the disk's snapshot by this machine image." }, "storageBytesStatus": { "type": "string", "description": "An indicator whether storageBytes is in a stable state or it is being adjusted as a result of shared storage reallocation. This status can either be UPDATING, meaning the size of the snapshot is being updated, or UP_TO_DATE, meaning the size of the snapshot is up-to-date." }, "type": { "type": "string", "description": "Specifies the type of the attached disk, either SCRATCH or PERSISTENT." } }, "type": "object", "required": [ "autoDelete", "boot", "deviceName", "diskEncryptionKey", "diskSizeGb", "diskType", "guestOsFeatures", "index", "interface", "kind", "licenses", "mode", "source", "storageBytes", "storageBytesStatus", "type" ] }, "google-native:compute/v1:SavedDisk": { "description": "An instance-attached disk resource.", "properties": { "sourceDisk": { "type": "string", "description": "Specifies a URL of the disk attached to the source instance." } }, "type": "object" }, "google-native:compute/v1:SavedDiskResponse": { "description": "An instance-attached disk resource.", "properties": { "architecture": { "type": "string", "description": "The architecture of the attached disk." }, "kind": { "type": "string", "description": "Type of the resource. Always compute#savedDisk for attached disks." }, "sourceDisk": { "type": "string", "description": "Specifies a URL of the disk attached to the source instance." }, "storageBytes": { "type": "string", "description": "Size of the individual disk snapshot used by this machine image." }, "storageBytesStatus": { "type": "string", "description": "An indicator whether storageBytes is in a stable state or it is being adjusted as a result of shared storage reallocation. This status can either be UPDATING, meaning the size of the snapshot is being updated, or UP_TO_DATE, meaning the size of the snapshot is up-to-date." } }, "type": "object", "required": [ "architecture", "kind", "sourceDisk", "storageBytes", "storageBytesStatus" ] }, "google-native:compute/v1:Scheduling": { "description": "Sets the scheduling options for an Instance.", "properties": { "automaticRestart": { "type": "boolean", "description": "Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine." }, "instanceTerminationAction": { "$ref": "#/types/google-native:compute%2Fv1:SchedulingInstanceTerminationAction", "description": "Specifies the termination action for the instance." }, "localSsdRecoveryTimeout": { "$ref": "#/types/google-native:compute%2Fv1:Duration", "description": "Specifies the maximum amount of time a Local Ssd Vm should wait while recovery of the Local Ssd state is attempted. Its value should be in between 0 and 168 hours with hour granularity and the default value being 1 hour." }, "locationHint": { "type": "string", "description": "An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API." }, "minNodeCpus": { "type": "integer", "description": "The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node." }, "nodeAffinities": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:SchedulingNodeAffinity" }, "description": "A set of node affinity and anti-affinity configurations. Refer to Configuring node affinity for more information. Overrides reservationAffinity." }, "onHostMaintenance": { "$ref": "#/types/google-native:compute%2Fv1:SchedulingOnHostMaintenance", "description": "Defines the maintenance behavior for this instance. For standard instances, the default behavior is MIGRATE. For preemptible instances, the default and only possible behavior is TERMINATE. For more information, see Set VM host maintenance policy." }, "preemptible": { "type": "boolean", "description": "Defines whether the instance is preemptible. This can only be set during instance creation or while the instance is stopped and therefore, in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states." }, "provisioningModel": { "$ref": "#/types/google-native:compute%2Fv1:SchedulingProvisioningModel", "description": "Specifies the provisioning model of the instance." } }, "type": "object" }, "google-native:compute/v1:SchedulingInstanceTerminationAction": { "description": "Specifies the termination action for the instance.", "type": "string", "enum": [ { "name": "Delete", "description": "Delete the VM.", "value": "DELETE" }, { "name": "InstanceTerminationActionUnspecified", "description": "Default value. This value is unused.", "value": "INSTANCE_TERMINATION_ACTION_UNSPECIFIED" }, { "name": "Stop", "description": "Stop the VM without storing in-memory content. default action.", "value": "STOP" } ] }, "google-native:compute/v1:SchedulingNodeAffinity": { "description": "Node Affinity: the configuration of desired nodes onto which this Instance could be scheduled.", "properties": { "key": { "type": "string", "description": "Corresponds to the label key of Node resource." }, "operator": { "$ref": "#/types/google-native:compute%2Fv1:SchedulingNodeAffinityOperator", "description": "Defines the operation of node selection. Valid operators are IN for affinity and NOT_IN for anti-affinity." }, "values": { "type": "array", "items": { "type": "string" }, "description": "Corresponds to the label values of Node resource." } }, "type": "object" }, "google-native:compute/v1:SchedulingNodeAffinityOperator": { "description": "Defines the operation of node selection. Valid operators are IN for affinity and NOT_IN for anti-affinity.", "type": "string", "enum": [ { "name": "In", "description": "Requires Compute Engine to seek for matched nodes.", "value": "IN" }, { "name": "NotIn", "description": "Requires Compute Engine to avoid certain nodes.", "value": "NOT_IN" }, { "name": "OperatorUnspecified", "value": "OPERATOR_UNSPECIFIED" } ] }, "google-native:compute/v1:SchedulingNodeAffinityResponse": { "description": "Node Affinity: the configuration of desired nodes onto which this Instance could be scheduled.", "properties": { "key": { "type": "string", "description": "Corresponds to the label key of Node resource." }, "operator": { "type": "string", "description": "Defines the operation of node selection. Valid operators are IN for affinity and NOT_IN for anti-affinity." }, "values": { "type": "array", "items": { "type": "string" }, "description": "Corresponds to the label values of Node resource." } }, "type": "object", "required": [ "key", "operator", "values" ] }, "google-native:compute/v1:SchedulingOnHostMaintenance": { "description": "Defines the maintenance behavior for this instance. For standard instances, the default behavior is MIGRATE. For preemptible instances, the default and only possible behavior is TERMINATE. For more information, see Set VM host maintenance policy.", "type": "string", "enum": [ { "name": "Migrate", "description": "*[Default]* Allows Compute Engine to automatically migrate instances out of the way of maintenance events.", "value": "MIGRATE" }, { "name": "Terminate", "description": "Tells Compute Engine to terminate and (optionally) restart the instance away from the maintenance activity. If you would like your instance to be restarted, set the automaticRestart flag to true. Your instance may be restarted more than once, and it may be restarted outside the window of maintenance events.", "value": "TERMINATE" } ] }, "google-native:compute/v1:SchedulingProvisioningModel": { "description": "Specifies the provisioning model of the instance.", "type": "string", "enum": [ { "name": "Spot", "description": "Heavily discounted, no guaranteed runtime.", "value": "SPOT" }, { "name": "Standard", "description": "Standard provisioning with user controlled runtime, no discounts.", "value": "STANDARD" } ] }, "google-native:compute/v1:SchedulingResponse": { "description": "Sets the scheduling options for an Instance.", "properties": { "automaticRestart": { "type": "boolean", "description": "Specifies whether the instance should be automatically restarted if it is terminated by Compute Engine (not terminated by a user). You can only set the automatic restart option for standard instances. Preemptible instances cannot be automatically restarted. By default, this is set to true so an instance is automatically restarted if it is terminated by Compute Engine." }, "instanceTerminationAction": { "type": "string", "description": "Specifies the termination action for the instance." }, "localSsdRecoveryTimeout": { "$ref": "#/types/google-native:compute%2Fv1:DurationResponse", "description": "Specifies the maximum amount of time a Local Ssd Vm should wait while recovery of the Local Ssd state is attempted. Its value should be in between 0 and 168 hours with hour granularity and the default value being 1 hour." }, "locationHint": { "type": "string", "description": "An opaque location hint used to place the instance close to other resources. This field is for use by internal tools that use the public API." }, "minNodeCpus": { "type": "integer", "description": "The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node." }, "nodeAffinities": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:SchedulingNodeAffinityResponse" }, "description": "A set of node affinity and anti-affinity configurations. Refer to Configuring node affinity for more information. Overrides reservationAffinity." }, "onHostMaintenance": { "type": "string", "description": "Defines the maintenance behavior for this instance. For standard instances, the default behavior is MIGRATE. For preemptible instances, the default and only possible behavior is TERMINATE. For more information, see Set VM host maintenance policy." }, "preemptible": { "type": "boolean", "description": "Defines whether the instance is preemptible. This can only be set during instance creation or while the instance is stopped and therefore, in a `TERMINATED` state. See Instance Life Cycle for more information on the possible instance states." }, "provisioningModel": { "type": "string", "description": "Specifies the provisioning model of the instance." } }, "type": "object", "required": [ "automaticRestart", "instanceTerminationAction", "localSsdRecoveryTimeout", "locationHint", "minNodeCpus", "nodeAffinities", "onHostMaintenance", "preemptible", "provisioningModel" ] }, "google-native:compute/v1:SecurityPolicyAdaptiveProtectionConfig": { "description": "Configuration options for Cloud Armor Adaptive Protection (CAAP).", "properties": { "layer7DdosDefenseConfig": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig", "description": "If set to true, enables Cloud Armor Machine Learning." } }, "type": "object" }, "google-native:compute/v1:SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfig": { "description": "Configuration options for L7 DDoS detection. This field is only supported in Global Security Policies of type CLOUD_ARMOR.", "properties": { "enable": { "type": "boolean", "description": "If set to true, enables CAAP for L7 DDoS detection. This field is only supported in Global Security Policies of type CLOUD_ARMOR." }, "ruleVisibility": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigRuleVisibility", "description": "Rule visibility can be one of the following: STANDARD - opaque rules. (default) PREMIUM - transparent rules. This field is only supported in Global Security Policies of type CLOUD_ARMOR." }, "thresholdConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig" }, "description": "Configuration options for layer7 adaptive protection for various customizable thresholds." } }, "type": "object" }, "google-native:compute/v1:SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigResponse": { "description": "Configuration options for L7 DDoS detection. This field is only supported in Global Security Policies of type CLOUD_ARMOR.", "properties": { "enable": { "type": "boolean", "description": "If set to true, enables CAAP for L7 DDoS detection. This field is only supported in Global Security Policies of type CLOUD_ARMOR." }, "ruleVisibility": { "type": "string", "description": "Rule visibility can be one of the following: STANDARD - opaque rules. (default) PREMIUM - transparent rules. This field is only supported in Global Security Policies of type CLOUD_ARMOR." }, "thresholdConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigResponse" }, "description": "Configuration options for layer7 adaptive protection for various customizable thresholds." } }, "type": "object", "required": [ "enable", "ruleVisibility", "thresholdConfigs" ] }, "google-native:compute/v1:SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigRuleVisibility": { "description": "Rule visibility can be one of the following: STANDARD - opaque rules. (default) PREMIUM - transparent rules. This field is only supported in Global Security Policies of type CLOUD_ARMOR.", "type": "string", "enum": [ { "name": "Premium", "value": "PREMIUM" }, { "name": "Standard", "value": "STANDARD" } ] }, "google-native:compute/v1:SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig": { "properties": { "autoDeployConfidenceThreshold": { "type": "number" }, "autoDeployExpirationSec": { "type": "integer" }, "autoDeployImpactedBaselineThreshold": { "type": "number" }, "autoDeployLoadThreshold": { "type": "number" }, "name": { "type": "string", "description": "The name must be 1-63 characters long, and comply with RFC1035. The name must be unique within the security policy." } }, "type": "object" }, "google-native:compute/v1:SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfigResponse": { "properties": { "autoDeployConfidenceThreshold": { "type": "number" }, "autoDeployExpirationSec": { "type": "integer" }, "autoDeployImpactedBaselineThreshold": { "type": "number" }, "autoDeployLoadThreshold": { "type": "number" }, "name": { "type": "string", "description": "The name must be 1-63 characters long, and comply with RFC1035. The name must be unique within the security policy." } }, "type": "object", "required": [ "autoDeployConfidenceThreshold", "autoDeployExpirationSec", "autoDeployImpactedBaselineThreshold", "autoDeployLoadThreshold", "name" ] }, "google-native:compute/v1:SecurityPolicyAdaptiveProtectionConfigResponse": { "description": "Configuration options for Cloud Armor Adaptive Protection (CAAP).", "properties": { "layer7DdosDefenseConfig": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigResponse", "description": "If set to true, enables Cloud Armor Machine Learning." } }, "type": "object", "required": [ "layer7DdosDefenseConfig" ] }, "google-native:compute/v1:SecurityPolicyAdvancedOptionsConfig": { "properties": { "jsonCustomConfig": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyAdvancedOptionsConfigJsonCustomConfig", "description": "Custom configuration to apply the JSON parsing. Only applicable when json_parsing is set to STANDARD." }, "jsonParsing": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyAdvancedOptionsConfigJsonParsing" }, "logLevel": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyAdvancedOptionsConfigLogLevel" }, "userIpRequestHeaders": { "type": "array", "items": { "type": "string" }, "description": "An optional list of case-insensitive request header names to use for resolving the callers client IP address." } }, "type": "object" }, "google-native:compute/v1:SecurityPolicyAdvancedOptionsConfigJsonCustomConfig": { "properties": { "contentTypes": { "type": "array", "items": { "type": "string" }, "description": "A list of custom Content-Type header values to apply the JSON parsing. As per RFC 1341, a Content-Type header value has the following format: Content-Type := type \"/\" subtype *[\";\" parameter] When configuring a custom Content-Type header value, only the type/subtype needs to be specified, and the parameters should be excluded." } }, "type": "object" }, "google-native:compute/v1:SecurityPolicyAdvancedOptionsConfigJsonCustomConfigResponse": { "properties": { "contentTypes": { "type": "array", "items": { "type": "string" }, "description": "A list of custom Content-Type header values to apply the JSON parsing. As per RFC 1341, a Content-Type header value has the following format: Content-Type := type \"/\" subtype *[\";\" parameter] When configuring a custom Content-Type header value, only the type/subtype needs to be specified, and the parameters should be excluded." } }, "type": "object", "required": [ "contentTypes" ] }, "google-native:compute/v1:SecurityPolicyAdvancedOptionsConfigJsonParsing": { "type": "string", "enum": [ { "name": "Disabled", "value": "DISABLED" }, { "name": "Standard", "value": "STANDARD" }, { "name": "StandardWithGraphql", "value": "STANDARD_WITH_GRAPHQL" } ] }, "google-native:compute/v1:SecurityPolicyAdvancedOptionsConfigLogLevel": { "type": "string", "enum": [ { "name": "Normal", "value": "NORMAL" }, { "name": "Verbose", "value": "VERBOSE" } ] }, "google-native:compute/v1:SecurityPolicyAdvancedOptionsConfigResponse": { "properties": { "jsonCustomConfig": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyAdvancedOptionsConfigJsonCustomConfigResponse", "description": "Custom configuration to apply the JSON parsing. Only applicable when json_parsing is set to STANDARD." }, "jsonParsing": { "type": "string" }, "logLevel": { "type": "string" }, "userIpRequestHeaders": { "type": "array", "items": { "type": "string" }, "description": "An optional list of case-insensitive request header names to use for resolving the callers client IP address." } }, "type": "object", "required": [ "jsonCustomConfig", "jsonParsing", "logLevel", "userIpRequestHeaders" ] }, "google-native:compute/v1:SecurityPolicyDdosProtectionConfig": { "properties": { "ddosProtection": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyDdosProtectionConfigDdosProtection" } }, "type": "object" }, "google-native:compute/v1:SecurityPolicyDdosProtectionConfigDdosProtection": { "type": "string", "enum": [ { "name": "Advanced", "value": "ADVANCED" }, { "name": "Standard", "value": "STANDARD" } ] }, "google-native:compute/v1:SecurityPolicyDdosProtectionConfigResponse": { "properties": { "ddosProtection": { "type": "string" } }, "type": "object", "required": [ "ddosProtection" ] }, "google-native:compute/v1:SecurityPolicyRecaptchaOptionsConfig": { "properties": { "redirectSiteKey": { "type": "string", "description": "An optional field to supply a reCAPTCHA site key to be used for all the rules using the redirect action with the type of GOOGLE_RECAPTCHA under the security policy. The specified site key needs to be created from the reCAPTCHA API. The user is responsible for the validity of the specified site key. If not specified, a Google-managed site key is used. This field is only supported in Global Security Policies of type CLOUD_ARMOR." } }, "type": "object" }, "google-native:compute/v1:SecurityPolicyRecaptchaOptionsConfigResponse": { "properties": { "redirectSiteKey": { "type": "string", "description": "An optional field to supply a reCAPTCHA site key to be used for all the rules using the redirect action with the type of GOOGLE_RECAPTCHA under the security policy. The specified site key needs to be created from the reCAPTCHA API. The user is responsible for the validity of the specified site key. If not specified, a Google-managed site key is used. This field is only supported in Global Security Policies of type CLOUD_ARMOR." } }, "type": "object", "required": [ "redirectSiteKey" ] }, "google-native:compute/v1:SecurityPolicyRule": { "description": "Represents a rule that describes one or more match conditions along with the action to be taken when traffic matches this condition (allow or deny).", "properties": { "action": { "type": "string", "description": "The Action to perform when the rule is matched. The following are the valid actions: - allow: allow access to target. - deny(STATUS): deny access to target, returns the HTTP response code specified. Valid values for `STATUS` are 403, 404, and 502. - rate_based_ban: limit client traffic to the configured threshold and ban the client if the traffic exceeds the threshold. Configure parameters for this action in RateLimitOptions. Requires rate_limit_options to be set. - redirect: redirect to a different target. This can either be an internal reCAPTCHA redirect, or an external URL-based redirect via a 302 response. Parameters for this action can be configured via redirectOptions. This action is only supported in Global Security Policies of type CLOUD_ARMOR. - throttle: limit client traffic to the configured threshold. Configure parameters for this action in rateLimitOptions. Requires rate_limit_options to be set for this. " }, "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "headerAction": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRuleHttpHeaderAction", "description": "Optional, additional actions that are performed on headers. This field is only supported in Global Security Policies of type CLOUD_ARMOR." }, "match": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRuleMatcher", "description": "A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced." }, "networkMatch": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRuleNetworkMatcher", "description": "A match condition that incoming packets are evaluated against for CLOUD_ARMOR_NETWORK security policies. If it matches, the corresponding 'action' is enforced. The match criteria for a rule consists of built-in match fields (like 'srcIpRanges') and potentially multiple user-defined match fields ('userDefinedFields'). Field values may be extracted directly from the packet or derived from it (e.g. 'srcRegionCodes'). Some fields may not be present in every packet (e.g. 'srcPorts'). A user-defined field is only present if the base header is found in the packet and the entire field is in bounds. Each match field may specify which values can match it, listing one or more ranges, prefixes, or exact values that are considered a match for the field. A field value must be present in order to match a specified match field. If no match values are specified for a match field, then any field value is considered to match it, and it's not required to be present. For strings specifying '*' is also equivalent to match all. For a packet to match a rule, all specified match fields must match the corresponding field values derived from the packet. Example: networkMatch: srcIpRanges: - \"192.0.2.0/24\" - \"198.51.100.0/24\" userDefinedFields: - name: \"ipv4_fragment_offset\" values: - \"1-0x1fff\" The above match condition matches packets with a source IP in 192.0.2.0/24 or 198.51.100.0/24 and a user-defined field named \"ipv4_fragment_offset\" with a value between 1 and 0x1fff inclusive." }, "preconfiguredWafConfig": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRulePreconfiguredWafConfig", "description": "Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect." }, "preview": { "type": "boolean", "description": "If set to true, the specified action is not enforced." }, "priority": { "type": "integer", "description": "An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority." }, "rateLimitOptions": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRuleRateLimitOptions", "description": "Must be specified if the action is \"rate_based_ban\" or \"throttle\". Cannot be specified for any other actions." }, "redirectOptions": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRuleRedirectOptions", "description": "Parameters defining the redirect action. Cannot be specified for any other actions. This field is only supported in Global Security Policies of type CLOUD_ARMOR." } }, "type": "object" }, "google-native:compute/v1:SecurityPolicyRuleHttpHeaderAction": { "properties": { "requestHeadersToAdds": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRuleHttpHeaderActionHttpHeaderOption" }, "description": "The list of request headers to add or overwrite if they're already present." } }, "type": "object" }, "google-native:compute/v1:SecurityPolicyRuleHttpHeaderActionHttpHeaderOption": { "properties": { "headerName": { "type": "string", "description": "The name of the header to set." }, "headerValue": { "type": "string", "description": "The value to set the named header to." } }, "type": "object" }, "google-native:compute/v1:SecurityPolicyRuleHttpHeaderActionHttpHeaderOptionResponse": { "properties": { "headerName": { "type": "string", "description": "The name of the header to set." }, "headerValue": { "type": "string", "description": "The value to set the named header to." } }, "type": "object", "required": [ "headerName", "headerValue" ] }, "google-native:compute/v1:SecurityPolicyRuleHttpHeaderActionResponse": { "properties": { "requestHeadersToAdds": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRuleHttpHeaderActionHttpHeaderOptionResponse" }, "description": "The list of request headers to add or overwrite if they're already present." } }, "type": "object", "required": [ "requestHeadersToAdds" ] }, "google-native:compute/v1:SecurityPolicyRuleMatcher": { "description": "Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified.", "properties": { "config": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRuleMatcherConfig", "description": "The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified." }, "expr": { "$ref": "#/types/google-native:compute%2Fv1:Expr", "description": "User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header. Expressions containing `evaluateThreatIntelligence` require Cloud Armor Managed Protection Plus tier and are not supported in Edge Policies nor in Regional Policies. Expressions containing `evaluatePreconfiguredExpr('sourceiplist-*')` require Cloud Armor Managed Protection Plus tier and are only supported in Global Security Policies." }, "versionedExpr": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRuleMatcherVersionedExpr", "description": "Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config." } }, "type": "object" }, "google-native:compute/v1:SecurityPolicyRuleMatcherConfig": { "properties": { "srcIpRanges": { "type": "array", "items": { "type": "string" }, "description": "CIDR IP address range. Maximum number of src_ip_ranges allowed is 10." } }, "type": "object" }, "google-native:compute/v1:SecurityPolicyRuleMatcherConfigResponse": { "properties": { "srcIpRanges": { "type": "array", "items": { "type": "string" }, "description": "CIDR IP address range. Maximum number of src_ip_ranges allowed is 10." } }, "type": "object", "required": [ "srcIpRanges" ] }, "google-native:compute/v1:SecurityPolicyRuleMatcherResponse": { "description": "Represents a match condition that incoming traffic is evaluated against. Exactly one field must be specified.", "properties": { "config": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRuleMatcherConfigResponse", "description": "The configuration options available when specifying versioned_expr. This field must be specified if versioned_expr is specified and cannot be specified if versioned_expr is not specified." }, "expr": { "$ref": "#/types/google-native:compute%2Fv1:ExprResponse", "description": "User defined CEVAL expression. A CEVAL expression is used to specify match criteria such as origin.ip, source.region_code and contents in the request header. Expressions containing `evaluateThreatIntelligence` require Cloud Armor Managed Protection Plus tier and are not supported in Edge Policies nor in Regional Policies. Expressions containing `evaluatePreconfiguredExpr('sourceiplist-*')` require Cloud Armor Managed Protection Plus tier and are only supported in Global Security Policies." }, "versionedExpr": { "type": "string", "description": "Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config." } }, "type": "object", "required": [ "config", "expr", "versionedExpr" ] }, "google-native:compute/v1:SecurityPolicyRuleMatcherVersionedExpr": { "description": "Preconfigured versioned expression. If this field is specified, config must also be specified. Available preconfigured expressions along with their requirements are: SRC_IPS_V1 - must specify the corresponding src_ip_range field in config.", "type": "string", "enum": [ { "name": "SrcIpsV1", "description": "Matches the source IP address of a request to the IP ranges supplied in config.", "value": "SRC_IPS_V1" } ] }, "google-native:compute/v1:SecurityPolicyRuleNetworkMatcher": { "description": "Represents a match condition that incoming network traffic is evaluated against.", "properties": { "destIpRanges": { "type": "array", "items": { "type": "string" }, "description": "Destination IPv4/IPv6 addresses or CIDR prefixes, in standard text format." }, "destPorts": { "type": "array", "items": { "type": "string" }, "description": "Destination port numbers for TCP/UDP/SCTP. Each element can be a 16-bit unsigned decimal number (e.g. \"80\") or range (e.g. \"0-1023\")." }, "ipProtocols": { "type": "array", "items": { "type": "string" }, "description": "IPv4 protocol / IPv6 next header (after extension headers). Each element can be an 8-bit unsigned decimal number (e.g. \"6\"), range (e.g. \"253-254\"), or one of the following protocol names: \"tcp\", \"udp\", \"icmp\", \"esp\", \"ah\", \"ipip\", or \"sctp\"." }, "srcAsns": { "type": "array", "items": { "type": "integer" }, "description": "BGP Autonomous System Number associated with the source IP address." }, "srcIpRanges": { "type": "array", "items": { "type": "string" }, "description": "Source IPv4/IPv6 addresses or CIDR prefixes, in standard text format." }, "srcPorts": { "type": "array", "items": { "type": "string" }, "description": "Source port numbers for TCP/UDP/SCTP. Each element can be a 16-bit unsigned decimal number (e.g. \"80\") or range (e.g. \"0-1023\")." }, "srcRegionCodes": { "type": "array", "items": { "type": "string" }, "description": "Two-letter ISO 3166-1 alpha-2 country code associated with the source IP address." }, "userDefinedFields": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRuleNetworkMatcherUserDefinedFieldMatch" }, "description": "User-defined fields. Each element names a defined field and lists the matching values for that field." } }, "type": "object" }, "google-native:compute/v1:SecurityPolicyRuleNetworkMatcherResponse": { "description": "Represents a match condition that incoming network traffic is evaluated against.", "properties": { "destIpRanges": { "type": "array", "items": { "type": "string" }, "description": "Destination IPv4/IPv6 addresses or CIDR prefixes, in standard text format." }, "destPorts": { "type": "array", "items": { "type": "string" }, "description": "Destination port numbers for TCP/UDP/SCTP. Each element can be a 16-bit unsigned decimal number (e.g. \"80\") or range (e.g. \"0-1023\")." }, "ipProtocols": { "type": "array", "items": { "type": "string" }, "description": "IPv4 protocol / IPv6 next header (after extension headers). Each element can be an 8-bit unsigned decimal number (e.g. \"6\"), range (e.g. \"253-254\"), or one of the following protocol names: \"tcp\", \"udp\", \"icmp\", \"esp\", \"ah\", \"ipip\", or \"sctp\"." }, "srcAsns": { "type": "array", "items": { "type": "integer" }, "description": "BGP Autonomous System Number associated with the source IP address." }, "srcIpRanges": { "type": "array", "items": { "type": "string" }, "description": "Source IPv4/IPv6 addresses or CIDR prefixes, in standard text format." }, "srcPorts": { "type": "array", "items": { "type": "string" }, "description": "Source port numbers for TCP/UDP/SCTP. Each element can be a 16-bit unsigned decimal number (e.g. \"80\") or range (e.g. \"0-1023\")." }, "srcRegionCodes": { "type": "array", "items": { "type": "string" }, "description": "Two-letter ISO 3166-1 alpha-2 country code associated with the source IP address." }, "userDefinedFields": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRuleNetworkMatcherUserDefinedFieldMatchResponse" }, "description": "User-defined fields. Each element names a defined field and lists the matching values for that field." } }, "type": "object", "required": [ "destIpRanges", "destPorts", "ipProtocols", "srcAsns", "srcIpRanges", "srcPorts", "srcRegionCodes", "userDefinedFields" ] }, "google-native:compute/v1:SecurityPolicyRuleNetworkMatcherUserDefinedFieldMatch": { "properties": { "name": { "type": "string", "description": "Name of the user-defined field, as given in the definition." }, "values": { "type": "array", "items": { "type": "string" }, "description": "Matching values of the field. Each element can be a 32-bit unsigned decimal or hexadecimal (starting with \"0x\") number (e.g. \"64\") or range (e.g. \"0x400-0x7ff\")." } }, "type": "object" }, "google-native:compute/v1:SecurityPolicyRuleNetworkMatcherUserDefinedFieldMatchResponse": { "properties": { "name": { "type": "string", "description": "Name of the user-defined field, as given in the definition." }, "values": { "type": "array", "items": { "type": "string" }, "description": "Matching values of the field. Each element can be a 32-bit unsigned decimal or hexadecimal (starting with \"0x\") number (e.g. \"64\") or range (e.g. \"0x400-0x7ff\")." } }, "type": "object", "required": [ "name", "values" ] }, "google-native:compute/v1:SecurityPolicyRulePreconfiguredWafConfig": { "properties": { "exclusions": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRulePreconfiguredWafConfigExclusion" }, "description": "A list of exclusions to apply during preconfigured WAF evaluation." } }, "type": "object" }, "google-native:compute/v1:SecurityPolicyRulePreconfiguredWafConfigExclusion": { "properties": { "requestCookiesToExclude": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParams" }, "description": "A list of request cookie names whose value will be excluded from inspection during preconfigured WAF evaluation." }, "requestHeadersToExclude": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParams" }, "description": "A list of request header names whose value will be excluded from inspection during preconfigured WAF evaluation." }, "requestQueryParamsToExclude": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParams" }, "description": "A list of request query parameter names whose value will be excluded from inspection during preconfigured WAF evaluation. Note that the parameter can be in the query string or in the POST body." }, "requestUrisToExclude": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParams" }, "description": "A list of request URIs from the request line to be excluded from inspection during preconfigured WAF evaluation. When specifying this field, the query or fragment part should be excluded." }, "targetRuleIds": { "type": "array", "items": { "type": "string" }, "description": "A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. If omitted, it refers to all the rule IDs under the WAF rule set." }, "targetRuleSet": { "type": "string", "description": "Target WAF rule set to apply the preconfigured WAF exclusion." } }, "type": "object" }, "google-native:compute/v1:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParams": { "properties": { "op": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParamsOp", "description": "The match operator for the field." }, "val": { "type": "string", "description": "The value of the field." } }, "type": "object" }, "google-native:compute/v1:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParamsOp": { "description": "The match operator for the field.", "type": "string", "enum": [ { "name": "Contains", "description": "The operator matches if the field value contains the specified value.", "value": "CONTAINS" }, { "name": "EndsWith", "description": "The operator matches if the field value ends with the specified value.", "value": "ENDS_WITH" }, { "name": "Equals", "description": "The operator matches if the field value equals the specified value.", "value": "EQUALS" }, { "name": "EqualsAny", "description": "The operator matches if the field value is any value.", "value": "EQUALS_ANY" }, { "name": "StartsWith", "description": "The operator matches if the field value starts with the specified value.", "value": "STARTS_WITH" } ] }, "google-native:compute/v1:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParamsResponse": { "properties": { "op": { "type": "string", "description": "The match operator for the field." }, "val": { "type": "string", "description": "The value of the field." } }, "type": "object", "required": [ "op", "val" ] }, "google-native:compute/v1:SecurityPolicyRulePreconfiguredWafConfigExclusionResponse": { "properties": { "requestCookiesToExclude": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParamsResponse" }, "description": "A list of request cookie names whose value will be excluded from inspection during preconfigured WAF evaluation." }, "requestHeadersToExclude": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParamsResponse" }, "description": "A list of request header names whose value will be excluded from inspection during preconfigured WAF evaluation." }, "requestQueryParamsToExclude": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParamsResponse" }, "description": "A list of request query parameter names whose value will be excluded from inspection during preconfigured WAF evaluation. Note that the parameter can be in the query string or in the POST body." }, "requestUrisToExclude": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRulePreconfiguredWafConfigExclusionFieldParamsResponse" }, "description": "A list of request URIs from the request line to be excluded from inspection during preconfigured WAF evaluation. When specifying this field, the query or fragment part should be excluded." }, "targetRuleIds": { "type": "array", "items": { "type": "string" }, "description": "A list of target rule IDs under the WAF rule set to apply the preconfigured WAF exclusion. If omitted, it refers to all the rule IDs under the WAF rule set." }, "targetRuleSet": { "type": "string", "description": "Target WAF rule set to apply the preconfigured WAF exclusion." } }, "type": "object", "required": [ "requestCookiesToExclude", "requestHeadersToExclude", "requestQueryParamsToExclude", "requestUrisToExclude", "targetRuleIds", "targetRuleSet" ] }, "google-native:compute/v1:SecurityPolicyRulePreconfiguredWafConfigResponse": { "properties": { "exclusions": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRulePreconfiguredWafConfigExclusionResponse" }, "description": "A list of exclusions to apply during preconfigured WAF evaluation." } }, "type": "object", "required": [ "exclusions" ] }, "google-native:compute/v1:SecurityPolicyRuleRateLimitOptions": { "properties": { "banDurationSec": { "type": "integer", "description": "Can only be specified if the action for the rule is \"rate_based_ban\". If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold." }, "banThreshold": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRuleRateLimitOptionsThreshold", "description": "Can only be specified if the action for the rule is \"rate_based_ban\". If specified, the key will be banned for the configured 'ban_duration_sec' when the number of requests that exceed the 'rate_limit_threshold' also exceed this 'ban_threshold'." }, "conformAction": { "type": "string", "description": "Action to take for requests that are under the configured rate limit threshold. Valid option is \"allow\" only." }, "enforceOnKey": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRuleRateLimitOptionsEnforceOnKey", "description": "Determines the key to enforce the rate_limit_threshold on. Possible values are: - ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if \"enforceOnKey\" is not configured. - IP: The source IP address of the request is the key. Each IP has this limit enforced separately. - HTTP_HEADER: The value of the HTTP header whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. - XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. - HTTP_COOKIE: The value of the HTTP cookie whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. - HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. - SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. - REGION_CODE: The country/region from which the request originates. " }, "enforceOnKeyConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig" }, "description": "If specified, any combination of values of enforce_on_key_type/enforce_on_key_name is treated as the key on which ratelimit threshold/action is enforced. You can specify up to 3 enforce_on_key_configs. If enforce_on_key_configs is specified, enforce_on_key must not be specified." }, "enforceOnKeyName": { "type": "string", "description": "Rate limit key name applicable only for the following key types: HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value." }, "exceedAction": { "type": "string", "description": "Action to take for requests that are above the configured rate limit threshold, to either deny with a specified HTTP response code, or redirect to a different endpoint. Valid options are `deny(STATUS)`, where valid values for `STATUS` are 403, 404, 429, and 502, and `redirect`, where the redirect parameters come from `exceedRedirectOptions` below. The `redirect` action is only supported in Global Security Policies of type CLOUD_ARMOR." }, "exceedRedirectOptions": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRuleRedirectOptions", "description": "Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. This field is only supported in Global Security Policies of type CLOUD_ARMOR." }, "rateLimitThreshold": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRuleRateLimitOptionsThreshold", "description": "Threshold at which to begin ratelimiting." } }, "type": "object" }, "google-native:compute/v1:SecurityPolicyRuleRateLimitOptionsEnforceOnKey": { "description": "Determines the key to enforce the rate_limit_threshold on. Possible values are: - ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if \"enforceOnKey\" is not configured. - IP: The source IP address of the request is the key. Each IP has this limit enforced separately. - HTTP_HEADER: The value of the HTTP header whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. - XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. - HTTP_COOKIE: The value of the HTTP cookie whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. - HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. - SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. - REGION_CODE: The country/region from which the request originates. ", "type": "string", "enum": [ { "name": "All", "value": "ALL" }, { "name": "HttpCookie", "value": "HTTP_COOKIE" }, { "name": "HttpHeader", "value": "HTTP_HEADER" }, { "name": "HttpPath", "value": "HTTP_PATH" }, { "name": "Ip", "value": "IP" }, { "name": "RegionCode", "value": "REGION_CODE" }, { "name": "Sni", "value": "SNI" }, { "name": "XffIp", "value": "XFF_IP" } ] }, "google-native:compute/v1:SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig": { "properties": { "enforceOnKeyName": { "type": "string", "description": "Rate limit key name applicable only for the following key types: HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value." }, "enforceOnKeyType": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigEnforceOnKeyType", "description": "Determines the key to enforce the rate_limit_threshold on. Possible values are: - ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if \"enforceOnKeyConfigs\" is not configured. - IP: The source IP address of the request is the key. Each IP has this limit enforced separately. - HTTP_HEADER: The value of the HTTP header whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. - XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. - HTTP_COOKIE: The value of the HTTP cookie whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. - HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. - SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. - REGION_CODE: The country/region from which the request originates. " } }, "type": "object" }, "google-native:compute/v1:SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigEnforceOnKeyType": { "description": "Determines the key to enforce the rate_limit_threshold on. Possible values are: - ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if \"enforceOnKeyConfigs\" is not configured. - IP: The source IP address of the request is the key. Each IP has this limit enforced separately. - HTTP_HEADER: The value of the HTTP header whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. - XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. - HTTP_COOKIE: The value of the HTTP cookie whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. - HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. - SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. - REGION_CODE: The country/region from which the request originates. ", "type": "string", "enum": [ { "name": "All", "value": "ALL" }, { "name": "HttpCookie", "value": "HTTP_COOKIE" }, { "name": "HttpHeader", "value": "HTTP_HEADER" }, { "name": "HttpPath", "value": "HTTP_PATH" }, { "name": "Ip", "value": "IP" }, { "name": "RegionCode", "value": "REGION_CODE" }, { "name": "Sni", "value": "SNI" }, { "name": "XffIp", "value": "XFF_IP" } ] }, "google-native:compute/v1:SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigResponse": { "properties": { "enforceOnKeyName": { "type": "string", "description": "Rate limit key name applicable only for the following key types: HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value." }, "enforceOnKeyType": { "type": "string", "description": "Determines the key to enforce the rate_limit_threshold on. Possible values are: - ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if \"enforceOnKeyConfigs\" is not configured. - IP: The source IP address of the request is the key. Each IP has this limit enforced separately. - HTTP_HEADER: The value of the HTTP header whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. - XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. - HTTP_COOKIE: The value of the HTTP cookie whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. - HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. - SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. - REGION_CODE: The country/region from which the request originates. " } }, "type": "object", "required": [ "enforceOnKeyName", "enforceOnKeyType" ] }, "google-native:compute/v1:SecurityPolicyRuleRateLimitOptionsResponse": { "properties": { "banDurationSec": { "type": "integer", "description": "Can only be specified if the action for the rule is \"rate_based_ban\". If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold." }, "banThreshold": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRuleRateLimitOptionsThresholdResponse", "description": "Can only be specified if the action for the rule is \"rate_based_ban\". If specified, the key will be banned for the configured 'ban_duration_sec' when the number of requests that exceed the 'rate_limit_threshold' also exceed this 'ban_threshold'." }, "conformAction": { "type": "string", "description": "Action to take for requests that are under the configured rate limit threshold. Valid option is \"allow\" only." }, "enforceOnKey": { "type": "string", "description": "Determines the key to enforce the rate_limit_threshold on. Possible values are: - ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if \"enforceOnKey\" is not configured. - IP: The source IP address of the request is the key. Each IP has this limit enforced separately. - HTTP_HEADER: The value of the HTTP header whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. - XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. - HTTP_COOKIE: The value of the HTTP cookie whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. - HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. - SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. - REGION_CODE: The country/region from which the request originates. " }, "enforceOnKeyConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigResponse" }, "description": "If specified, any combination of values of enforce_on_key_type/enforce_on_key_name is treated as the key on which ratelimit threshold/action is enforced. You can specify up to 3 enforce_on_key_configs. If enforce_on_key_configs is specified, enforce_on_key must not be specified." }, "enforceOnKeyName": { "type": "string", "description": "Rate limit key name applicable only for the following key types: HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value." }, "exceedAction": { "type": "string", "description": "Action to take for requests that are above the configured rate limit threshold, to either deny with a specified HTTP response code, or redirect to a different endpoint. Valid options are `deny(STATUS)`, where valid values for `STATUS` are 403, 404, 429, and 502, and `redirect`, where the redirect parameters come from `exceedRedirectOptions` below. The `redirect` action is only supported in Global Security Policies of type CLOUD_ARMOR." }, "exceedRedirectOptions": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRuleRedirectOptionsResponse", "description": "Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. This field is only supported in Global Security Policies of type CLOUD_ARMOR." }, "rateLimitThreshold": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRuleRateLimitOptionsThresholdResponse", "description": "Threshold at which to begin ratelimiting." } }, "type": "object", "required": [ "banDurationSec", "banThreshold", "conformAction", "enforceOnKey", "enforceOnKeyConfigs", "enforceOnKeyName", "exceedAction", "exceedRedirectOptions", "rateLimitThreshold" ] }, "google-native:compute/v1:SecurityPolicyRuleRateLimitOptionsThreshold": { "properties": { "count": { "type": "integer", "description": "Number of HTTP(S) requests for calculating the threshold." }, "intervalSec": { "type": "integer", "description": "Interval over which the threshold is computed." } }, "type": "object" }, "google-native:compute/v1:SecurityPolicyRuleRateLimitOptionsThresholdResponse": { "properties": { "count": { "type": "integer", "description": "Number of HTTP(S) requests for calculating the threshold." }, "intervalSec": { "type": "integer", "description": "Interval over which the threshold is computed." } }, "type": "object", "required": [ "count", "intervalSec" ] }, "google-native:compute/v1:SecurityPolicyRuleRedirectOptions": { "properties": { "target": { "type": "string", "description": "Target for the redirect action. This is required if the type is EXTERNAL_302 and cannot be specified for GOOGLE_RECAPTCHA." }, "type": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRuleRedirectOptionsType", "description": "Type of the redirect action." } }, "type": "object" }, "google-native:compute/v1:SecurityPolicyRuleRedirectOptionsResponse": { "properties": { "target": { "type": "string", "description": "Target for the redirect action. This is required if the type is EXTERNAL_302 and cannot be specified for GOOGLE_RECAPTCHA." }, "type": { "type": "string", "description": "Type of the redirect action." } }, "type": "object", "required": [ "target", "type" ] }, "google-native:compute/v1:SecurityPolicyRuleRedirectOptionsType": { "description": "Type of the redirect action.", "type": "string", "enum": [ { "name": "External302", "value": "EXTERNAL_302" }, { "name": "GoogleRecaptcha", "value": "GOOGLE_RECAPTCHA" } ] }, "google-native:compute/v1:SecurityPolicyRuleResponse": { "description": "Represents a rule that describes one or more match conditions along with the action to be taken when traffic matches this condition (allow or deny).", "properties": { "action": { "type": "string", "description": "The Action to perform when the rule is matched. The following are the valid actions: - allow: allow access to target. - deny(STATUS): deny access to target, returns the HTTP response code specified. Valid values for `STATUS` are 403, 404, and 502. - rate_based_ban: limit client traffic to the configured threshold and ban the client if the traffic exceeds the threshold. Configure parameters for this action in RateLimitOptions. Requires rate_limit_options to be set. - redirect: redirect to a different target. This can either be an internal reCAPTCHA redirect, or an external URL-based redirect via a 302 response. Parameters for this action can be configured via redirectOptions. This action is only supported in Global Security Policies of type CLOUD_ARMOR. - throttle: limit client traffic to the configured threshold. Configure parameters for this action in rateLimitOptions. Requires rate_limit_options to be set for this. " }, "description": { "type": "string", "description": "An optional description of this resource. Provide this property when you create the resource." }, "headerAction": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRuleHttpHeaderActionResponse", "description": "Optional, additional actions that are performed on headers. This field is only supported in Global Security Policies of type CLOUD_ARMOR." }, "kind": { "type": "string", "description": "[Output only] Type of the resource. Always compute#securityPolicyRule for security policy rules" }, "match": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRuleMatcherResponse", "description": "A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced." }, "networkMatch": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRuleNetworkMatcherResponse", "description": "A match condition that incoming packets are evaluated against for CLOUD_ARMOR_NETWORK security policies. If it matches, the corresponding 'action' is enforced. The match criteria for a rule consists of built-in match fields (like 'srcIpRanges') and potentially multiple user-defined match fields ('userDefinedFields'). Field values may be extracted directly from the packet or derived from it (e.g. 'srcRegionCodes'). Some fields may not be present in every packet (e.g. 'srcPorts'). A user-defined field is only present if the base header is found in the packet and the entire field is in bounds. Each match field may specify which values can match it, listing one or more ranges, prefixes, or exact values that are considered a match for the field. A field value must be present in order to match a specified match field. If no match values are specified for a match field, then any field value is considered to match it, and it's not required to be present. For strings specifying '*' is also equivalent to match all. For a packet to match a rule, all specified match fields must match the corresponding field values derived from the packet. Example: networkMatch: srcIpRanges: - \"192.0.2.0/24\" - \"198.51.100.0/24\" userDefinedFields: - name: \"ipv4_fragment_offset\" values: - \"1-0x1fff\" The above match condition matches packets with a source IP in 192.0.2.0/24 or 198.51.100.0/24 and a user-defined field named \"ipv4_fragment_offset\" with a value between 1 and 0x1fff inclusive." }, "preconfiguredWafConfig": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRulePreconfiguredWafConfigResponse", "description": "Preconfigured WAF configuration to be applied for the rule. If the rule does not evaluate preconfigured WAF rules, i.e., if evaluatePreconfiguredWaf() is not used, this field will have no effect." }, "preview": { "type": "boolean", "description": "If set to true, the specified action is not enforced." }, "priority": { "type": "integer", "description": "An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority." }, "rateLimitOptions": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRuleRateLimitOptionsResponse", "description": "Must be specified if the action is \"rate_based_ban\" or \"throttle\". Cannot be specified for any other actions." }, "redirectOptions": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyRuleRedirectOptionsResponse", "description": "Parameters defining the redirect action. Cannot be specified for any other actions. This field is only supported in Global Security Policies of type CLOUD_ARMOR." } }, "type": "object", "required": [ "action", "description", "headerAction", "kind", "match", "networkMatch", "preconfiguredWafConfig", "preview", "priority", "rateLimitOptions", "redirectOptions" ] }, "google-native:compute/v1:SecurityPolicyType": { "description": "The type indicates the intended use of the security policy. - CLOUD_ARMOR: Cloud Armor backend security policies can be configured to filter incoming HTTP requests targeting backend services. They filter requests before they hit the origin servers. - CLOUD_ARMOR_EDGE: Cloud Armor edge security policies can be configured to filter incoming HTTP requests targeting backend services (including Cloud CDN-enabled) as well as backend buckets (Cloud Storage). They filter requests before the request is served from Google's cache. - CLOUD_ARMOR_INTERNAL_SERVICE: Cloud Armor internal service policies can be configured to filter HTTP requests targeting services managed by Traffic Director in a service mesh. They filter requests before the request is served from the application. - CLOUD_ARMOR_NETWORK: Cloud Armor network policies can be configured to filter packets targeting network load balancing resources such as backend services, target pools, target instances, and instances with external IPs. They filter requests before the request is served from the application. This field can be set only at resource creation time.", "type": "string", "enum": [ { "name": "CloudArmor", "value": "CLOUD_ARMOR" }, { "name": "CloudArmorEdge", "value": "CLOUD_ARMOR_EDGE" }, { "name": "CloudArmorNetwork", "value": "CLOUD_ARMOR_NETWORK" } ] }, "google-native:compute/v1:SecurityPolicyUserDefinedField": { "properties": { "base": { "$ref": "#/types/google-native:compute%2Fv1:SecurityPolicyUserDefinedFieldBase", "description": "The base relative to which 'offset' is measured. Possible values are: - IPV4: Points to the beginning of the IPv4 header. - IPV6: Points to the beginning of the IPv6 header. - TCP: Points to the beginning of the TCP header, skipping over any IPv4 options or IPv6 extension headers. Not present for non-first fragments. - UDP: Points to the beginning of the UDP header, skipping over any IPv4 options or IPv6 extension headers. Not present for non-first fragments. required" }, "mask": { "type": "string", "description": "If specified, apply this mask (bitwise AND) to the field to ignore bits before matching. Encoded as a hexadecimal number (starting with \"0x\"). The last byte of the field (in network byte order) corresponds to the least significant byte of the mask." }, "name": { "type": "string", "description": "The name of this field. Must be unique within the policy." }, "offset": { "type": "integer", "description": "Offset of the first byte of the field (in network byte order) relative to 'base'." }, "size": { "type": "integer", "description": "Size of the field in bytes. Valid values: 1-4." } }, "type": "object" }, "google-native:compute/v1:SecurityPolicyUserDefinedFieldBase": { "description": "The base relative to which 'offset' is measured. Possible values are: - IPV4: Points to the beginning of the IPv4 header. - IPV6: Points to the beginning of the IPv6 header. - TCP: Points to the beginning of the TCP header, skipping over any IPv4 options or IPv6 extension headers. Not present for non-first fragments. - UDP: Points to the beginning of the UDP header, skipping over any IPv4 options or IPv6 extension headers. Not present for non-first fragments. required", "type": "string", "enum": [ { "name": "Ipv4", "value": "IPV4" }, { "name": "Ipv6", "value": "IPV6" }, { "name": "Tcp", "value": "TCP" }, { "name": "Udp", "value": "UDP" } ] }, "google-native:compute/v1:SecurityPolicyUserDefinedFieldResponse": { "properties": { "base": { "type": "string", "description": "The base relative to which 'offset' is measured. Possible values are: - IPV4: Points to the beginning of the IPv4 header. - IPV6: Points to the beginning of the IPv6 header. - TCP: Points to the beginning of the TCP header, skipping over any IPv4 options or IPv6 extension headers. Not present for non-first fragments. - UDP: Points to the beginning of the UDP header, skipping over any IPv4 options or IPv6 extension headers. Not present for non-first fragments. required" }, "mask": { "type": "string", "description": "If specified, apply this mask (bitwise AND) to the field to ignore bits before matching. Encoded as a hexadecimal number (starting with \"0x\"). The last byte of the field (in network byte order) corresponds to the least significant byte of the mask." }, "name": { "type": "string", "description": "The name of this field. Must be unique within the policy." }, "offset": { "type": "integer", "description": "Offset of the first byte of the field (in network byte order) relative to 'base'." }, "size": { "type": "integer", "description": "Size of the field in bytes. Valid values: 1-4." } }, "type": "object", "required": [ "base", "mask", "name", "offset", "size" ] }, "google-native:compute/v1:SecuritySettings": { "description": "The authentication and authorization settings for a BackendService.", "properties": { "awsV4Authentication": { "$ref": "#/types/google-native:compute%2Fv1:AWSV4Signature", "description": "The configuration needed to generate a signature for access to private storage buckets that support AWS's Signature Version 4 for authentication. Allowed only for INTERNET_IP_PORT and INTERNET_FQDN_PORT NEG backends." }, "clientTlsPolicy": { "type": "string", "description": "Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted." }, "subjectAltNames": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode)." } }, "type": "object" }, "google-native:compute/v1:SecuritySettingsResponse": { "description": "The authentication and authorization settings for a BackendService.", "properties": { "awsV4Authentication": { "$ref": "#/types/google-native:compute%2Fv1:AWSV4SignatureResponse", "description": "The configuration needed to generate a signature for access to private storage buckets that support AWS's Signature Version 4 for authentication. Allowed only for INTERNET_IP_PORT and INTERNET_FQDN_PORT NEG backends." }, "clientTlsPolicy": { "type": "string", "description": "Optional. A URL referring to a networksecurity.ClientTlsPolicy resource that describes how clients should authenticate with this service's backends. clientTlsPolicy only applies to a global BackendService with the loadBalancingScheme set to INTERNAL_SELF_MANAGED. If left blank, communications are not encrypted." }, "subjectAltNames": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of Subject Alternative Names (SANs) that the client verifies during a mutual TLS handshake with an server/endpoint for this BackendService. When the server presents its X.509 certificate to the client, the client inspects the certificate's subjectAltName field. If the field contains one of the specified values, the communication continues. Otherwise, it fails. This additional check enables the client to verify that the server is authorized to run the requested service. Note that the contents of the server certificate's subjectAltName field are configured by the Public Key Infrastructure which provisions server identities. Only applies to a global BackendService with loadBalancingScheme set to INTERNAL_SELF_MANAGED. Only applies when BackendService has an attached clientTlsPolicy with clientCertificate (mTLS mode)." } }, "type": "object", "required": [ "awsV4Authentication", "clientTlsPolicy", "subjectAltNames" ] }, "google-native:compute/v1:ServerBinding": { "properties": { "type": { "$ref": "#/types/google-native:compute%2Fv1:ServerBindingType" } }, "type": "object" }, "google-native:compute/v1:ServerBindingResponse": { "properties": { "type": { "type": "string" } }, "type": "object", "required": [ "type" ] }, "google-native:compute/v1:ServerBindingType": { "type": "string", "enum": [ { "name": "RestartNodeOnAnyServer", "description": "Node may associate with any physical server over its lifetime.", "value": "RESTART_NODE_ON_ANY_SERVER" }, { "name": "RestartNodeOnMinimalServers", "description": "Node may associate with minimal physical servers over its lifetime.", "value": "RESTART_NODE_ON_MINIMAL_SERVERS" }, { "name": "ServerBindingTypeUnspecified", "value": "SERVER_BINDING_TYPE_UNSPECIFIED" } ] }, "google-native:compute/v1:ServiceAccount": { "description": "A service account.", "properties": { "email": { "type": "string", "description": "Email address of the service account." }, "scopes": { "type": "array", "items": { "type": "string" }, "description": "The list of scopes to be made available for this service account." } }, "type": "object" }, "google-native:compute/v1:ServiceAccountResponse": { "description": "A service account.", "properties": { "email": { "type": "string", "description": "Email address of the service account." }, "scopes": { "type": "array", "items": { "type": "string" }, "description": "The list of scopes to be made available for this service account." } }, "type": "object", "required": [ "email", "scopes" ] }, "google-native:compute/v1:ServiceAttachmentConnectedEndpointResponse": { "description": "[Output Only] A connection connected to this service attachment.", "properties": { "consumerNetwork": { "type": "string", "description": "The url of the consumer network." }, "endpoint": { "type": "string", "description": "The url of a connected endpoint." }, "pscConnectionId": { "type": "string", "description": "The PSC connection id of the connected endpoint." }, "status": { "type": "string", "description": "The status of a connected endpoint to this service attachment." } }, "type": "object", "required": [ "consumerNetwork", "endpoint", "pscConnectionId", "status" ] }, "google-native:compute/v1:ServiceAttachmentConnectionPreference": { "description": "The connection preference of service attachment. The value can be set to ACCEPT_AUTOMATIC. An ACCEPT_AUTOMATIC service attachment is one that always accepts the connection from consumer forwarding rules.", "type": "string", "enum": [ { "name": "AcceptAutomatic", "value": "ACCEPT_AUTOMATIC" }, { "name": "AcceptManual", "value": "ACCEPT_MANUAL" }, { "name": "ConnectionPreferenceUnspecified", "value": "CONNECTION_PREFERENCE_UNSPECIFIED" } ] }, "google-native:compute/v1:ServiceAttachmentConsumerProjectLimit": { "properties": { "connectionLimit": { "type": "integer", "description": "The value of the limit to set." }, "networkUrl": { "type": "string", "description": "The network URL for the network to set the limit for." }, "projectIdOrNum": { "type": "string", "description": "The project id or number for the project to set the limit for." } }, "type": "object" }, "google-native:compute/v1:ServiceAttachmentConsumerProjectLimitResponse": { "properties": { "connectionLimit": { "type": "integer", "description": "The value of the limit to set." }, "networkUrl": { "type": "string", "description": "The network URL for the network to set the limit for." }, "projectIdOrNum": { "type": "string", "description": "The project id or number for the project to set the limit for." } }, "type": "object", "required": [ "connectionLimit", "networkUrl", "projectIdOrNum" ] }, "google-native:compute/v1:ShareSettings": { "description": "The share setting for reservations and sole tenancy node groups.", "properties": { "projectMap": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of project id and project config. This is only valid when share_type's value is SPECIFIC_PROJECTS." }, "shareType": { "$ref": "#/types/google-native:compute%2Fv1:ShareSettingsShareType", "description": "Type of sharing for this shared-reservation" } }, "type": "object" }, "google-native:compute/v1:ShareSettingsResponse": { "description": "The share setting for reservations and sole tenancy node groups.", "properties": { "projectMap": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of project id and project config. This is only valid when share_type's value is SPECIFIC_PROJECTS." }, "shareType": { "type": "string", "description": "Type of sharing for this shared-reservation" } }, "type": "object", "required": [ "projectMap", "shareType" ] }, "google-native:compute/v1:ShareSettingsShareType": { "description": "Type of sharing for this shared-reservation", "type": "string", "enum": [ { "name": "Local", "description": "Default value.", "value": "LOCAL" }, { "name": "Organization", "description": "Shared-reservation is open to entire Organization", "value": "ORGANIZATION" }, { "name": "ShareTypeUnspecified", "description": "Default value. This value is unused.", "value": "SHARE_TYPE_UNSPECIFIED" }, { "name": "SpecificProjects", "description": "Shared-reservation is open to specific projects", "value": "SPECIFIC_PROJECTS" } ] }, "google-native:compute/v1:ShieldedInstanceConfig": { "description": "A set of Shielded Instance options.", "properties": { "enableIntegrityMonitoring": { "type": "boolean", "description": "Defines whether the instance has integrity monitoring enabled. Enabled by default." }, "enableSecureBoot": { "type": "boolean", "description": "Defines whether the instance has Secure Boot enabled. Disabled by default." }, "enableVtpm": { "type": "boolean", "description": "Defines whether the instance has the vTPM enabled. Enabled by default." } }, "type": "object" }, "google-native:compute/v1:ShieldedInstanceConfigResponse": { "description": "A set of Shielded Instance options.", "properties": { "enableIntegrityMonitoring": { "type": "boolean", "description": "Defines whether the instance has integrity monitoring enabled. Enabled by default." }, "enableSecureBoot": { "type": "boolean", "description": "Defines whether the instance has Secure Boot enabled. Disabled by default." }, "enableVtpm": { "type": "boolean", "description": "Defines whether the instance has the vTPM enabled. Enabled by default." } }, "type": "object", "required": [ "enableIntegrityMonitoring", "enableSecureBoot", "enableVtpm" ] }, "google-native:compute/v1:ShieldedInstanceIntegrityPolicy": { "description": "The policy describes the baseline against which Instance boot integrity is measured.", "properties": { "updateAutoLearnPolicy": { "type": "boolean", "description": "Updates the integrity policy baseline using the measurements from the VM instance's most recent boot." } }, "type": "object" }, "google-native:compute/v1:ShieldedInstanceIntegrityPolicyResponse": { "description": "The policy describes the baseline against which Instance boot integrity is measured.", "properties": { "updateAutoLearnPolicy": { "type": "boolean", "description": "Updates the integrity policy baseline using the measurements from the VM instance's most recent boot." } }, "type": "object", "required": [ "updateAutoLearnPolicy" ] }, "google-native:compute/v1:SnapshotSnapshotType": { "description": "Indicates the type of the snapshot.", "type": "string", "enum": [ { "name": "Archive", "value": "ARCHIVE" }, { "name": "Standard", "value": "STANDARD" } ] }, "google-native:compute/v1:SourceDiskEncryptionKey": { "properties": { "diskEncryptionKey": { "$ref": "#/types/google-native:compute%2Fv1:CustomerEncryptionKey", "description": "The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key." }, "sourceDisk": { "type": "string", "description": "URL of the disk attached to the source instance. This can be a full or valid partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk " } }, "type": "object" }, "google-native:compute/v1:SourceDiskEncryptionKeyResponse": { "properties": { "diskEncryptionKey": { "$ref": "#/types/google-native:compute%2Fv1:CustomerEncryptionKeyResponse", "description": "The customer-supplied encryption key of the source disk. Required if the source disk is protected by a customer-supplied encryption key." }, "sourceDisk": { "type": "string", "description": "URL of the disk attached to the source instance. This can be a full or valid partial URL. For example, the following are valid values: - https://www.googleapis.com/compute/v1/projects/project/zones/zone /disks/disk - projects/project/zones/zone/disks/disk - zones/zone/disks/disk " } }, "type": "object", "required": [ "diskEncryptionKey", "sourceDisk" ] }, "google-native:compute/v1:SourceInstanceParams": { "description": "A specification of the parameters to use when creating the instance template from a source instance.", "properties": { "diskConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:DiskInstantiationConfig" }, "description": "Attached disks configuration. If not provided, defaults are applied: For boot disk and any other R/W disks, the source images for each disk will be used. For read-only disks, they will be attached in read-only mode. Local SSD disks will be created as blank volumes." } }, "type": "object" }, "google-native:compute/v1:SourceInstanceParamsResponse": { "description": "A specification of the parameters to use when creating the instance template from a source instance.", "properties": { "diskConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:DiskInstantiationConfigResponse" }, "description": "Attached disks configuration. If not provided, defaults are applied: For boot disk and any other R/W disks, the source images for each disk will be used. For read-only disks, they will be attached in read-only mode. Local SSD disks will be created as blank volumes." } }, "type": "object", "required": [ "diskConfigs" ] }, "google-native:compute/v1:SourceInstancePropertiesResponse": { "description": "DEPRECATED: Please use compute#instanceProperties instead. New properties will not be added to this field.", "properties": { "canIpForward": { "type": "boolean", "description": "Enables instances created based on this machine image to send packets with source IP addresses other than their own and receive packets with destination IP addresses other than their own. If these instances will be used as an IP gateway or it will be set as the next-hop in a Route resource, specify true. If unsure, leave this set to false. See the Enable IP forwarding documentation for more information." }, "deletionProtection": { "type": "boolean", "description": "Whether the instance created from this machine image should be protected against deletion." }, "description": { "type": "string", "description": "An optional text description for the instances that are created from this machine image." }, "disks": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:SavedAttachedDiskResponse" }, "description": "An array of disks that are associated with the instances that are created from this machine image." }, "guestAccelerators": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:AcceleratorConfigResponse" }, "description": "A list of guest accelerator cards' type and count to use for instances created from this machine image." }, "keyRevocationActionType": { "type": "string", "description": "KeyRevocationActionType of the instance. Supported options are \"STOP\" and \"NONE\". The default value is \"NONE\" if it is not specified." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels to apply to instances that are created from this machine image." }, "machineType": { "type": "string", "description": "The machine type to use for instances that are created from this machine image." }, "metadata": { "$ref": "#/types/google-native:compute%2Fv1:MetadataResponse", "description": "The metadata key/value pairs to assign to instances that are created from this machine image. These pairs can consist of custom metadata or predefined keys. See Project and instance metadata for more information." }, "minCpuPlatform": { "type": "string", "description": "Minimum cpu/platform to be used by instances created from this machine image. The instance may be scheduled on the specified or newer cpu/platform. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: \"Intel Haswell\" or minCpuPlatform: \"Intel Sandy Bridge\". For more information, read Specifying a Minimum CPU Platform." }, "networkInterfaces": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:NetworkInterfaceResponse" }, "description": "An array of network access configurations for this interface." }, "scheduling": { "$ref": "#/types/google-native:compute%2Fv1:SchedulingResponse", "description": "Specifies the scheduling options for the instances that are created from this machine image." }, "serviceAccounts": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:ServiceAccountResponse" }, "description": "A list of service accounts with specified scopes. Access tokens for these service accounts are available to the instances that are created from this machine image. Use metadata queries to obtain the access tokens for these instances." }, "tags": { "$ref": "#/types/google-native:compute%2Fv1:TagsResponse", "description": "A list of tags to apply to the instances that are created from this machine image. The tags identify valid sources or targets for network firewalls. The setTags method can modify this list of tags. Each tag within the list must comply with RFC1035." } }, "type": "object", "required": [ "canIpForward", "deletionProtection", "description", "disks", "guestAccelerators", "keyRevocationActionType", "labels", "machineType", "metadata", "minCpuPlatform", "networkInterfaces", "scheduling", "serviceAccounts", "tags" ] }, "google-native:compute/v1:SslCertificateManagedSslCertificate": { "description": "Configuration and status of a managed SSL certificate.", "properties": { "domains": { "type": "array", "items": { "type": "string" }, "description": "The domains for which a managed SSL certificate will be generated. Each Google-managed SSL certificate supports up to the [maximum number of domains per Google-managed SSL certificate](/load-balancing/docs/quotas#ssl_certificates)." } }, "type": "object" }, "google-native:compute/v1:SslCertificateManagedSslCertificateResponse": { "description": "Configuration and status of a managed SSL certificate.", "properties": { "domainStatus": { "type": "object", "additionalProperties": { "type": "string" }, "description": "[Output only] Detailed statuses of the domains specified for managed certificate resource." }, "domains": { "type": "array", "items": { "type": "string" }, "description": "The domains for which a managed SSL certificate will be generated. Each Google-managed SSL certificate supports up to the [maximum number of domains per Google-managed SSL certificate](/load-balancing/docs/quotas#ssl_certificates)." }, "status": { "type": "string", "description": "[Output only] Status of the managed certificate resource." } }, "type": "object", "required": [ "domainStatus", "domains", "status" ] }, "google-native:compute/v1:SslCertificateSelfManagedSslCertificate": { "description": "Configuration and status of a self-managed SSL certificate.", "properties": { "certificate": { "type": "string", "description": "A local certificate file. The certificate must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert." }, "privateKey": { "type": "string", "description": "A write-only private key in PEM format. Only insert requests will include this field." } }, "type": "object" }, "google-native:compute/v1:SslCertificateSelfManagedSslCertificateResponse": { "description": "Configuration and status of a self-managed SSL certificate.", "properties": { "certificate": { "type": "string", "description": "A local certificate file. The certificate must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert." }, "privateKey": { "type": "string", "description": "A write-only private key in PEM format. Only insert requests will include this field." } }, "type": "object", "required": [ "certificate", "privateKey" ] }, "google-native:compute/v1:SslCertificateType": { "description": "(Optional) Specifies the type of SSL certificate, either \"SELF_MANAGED\" or \"MANAGED\". If not specified, the certificate is self-managed and the fields certificate and private_key are used.", "type": "string", "enum": [ { "name": "Managed", "description": "Google-managed SSLCertificate.", "value": "MANAGED" }, { "name": "SelfManaged", "description": "Certificate uploaded by user.", "value": "SELF_MANAGED" }, { "name": "TypeUnspecified", "value": "TYPE_UNSPECIFIED" } ] }, "google-native:compute/v1:SslPolicyMinTlsVersion": { "description": "The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. This can be one of TLS_1_0, TLS_1_1, TLS_1_2.", "type": "string", "enum": [ { "name": "Tls10", "description": "TLS 1.0", "value": "TLS_1_0" }, { "name": "Tls11", "description": "TLS 1.1", "value": "TLS_1_1" }, { "name": "Tls12", "description": "TLS 1.2", "value": "TLS_1_2" } ] }, "google-native:compute/v1:SslPolicyProfile": { "description": "Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one of COMPATIBLE, MODERN, RESTRICTED, or CUSTOM. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field.", "type": "string", "enum": [ { "name": "Compatible", "description": "Compatible profile. Allows the broadset set of clients, even those which support only out-of-date SSL features to negotiate with the load balancer.", "value": "COMPATIBLE" }, { "name": "Custom", "description": "Custom profile. Allow only the set of allowed SSL features specified in the customFeatures field.", "value": "CUSTOM" }, { "name": "Modern", "description": "Modern profile. Supports a wide set of SSL features, allowing modern clients to negotiate SSL with the load balancer.", "value": "MODERN" }, { "name": "Restricted", "description": "Restricted profile. Supports a reduced set of SSL features, intended to meet stricter compliance requirements.", "value": "RESTRICTED" } ] }, "google-native:compute/v1:SslPolicyWarningsItemDataItemResponse": { "properties": { "key": { "type": "string", "description": "A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)." }, "value": { "type": "string", "description": "A warning data value corresponding to the key." } }, "type": "object", "required": [ "key", "value" ] }, "google-native:compute/v1:SslPolicyWarningsItemResponse": { "properties": { "code": { "type": "string", "description": "A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response." }, "data": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:SslPolicyWarningsItemDataItemResponse" }, "description": "Metadata about this warning in key: value format. For example: \"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" } " }, "message": { "type": "string", "description": "A human-readable description of the warning code." } }, "type": "object", "required": [ "code", "data", "message" ] }, "google-native:compute/v1:StatefulPolicy": { "properties": { "preservedState": { "$ref": "#/types/google-native:compute%2Fv1:StatefulPolicyPreservedState" } }, "type": "object" }, "google-native:compute/v1:StatefulPolicyPreservedState": { "description": "Configuration of preserved resources.", "properties": { "disks": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Disks created on the instances that will be preserved on instance delete, update, etc. This map is keyed with the device names of the disks." }, "externalIPs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "External network IPs assigned to the instances that will be preserved on instance delete, update, etc. This map is keyed with the network interface name." }, "internalIPs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Internal network IPs assigned to the instances that will be preserved on instance delete, update, etc. This map is keyed with the network interface name." } }, "type": "object" }, "google-native:compute/v1:StatefulPolicyPreservedStateResponse": { "description": "Configuration of preserved resources.", "properties": { "disks": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Disks created on the instances that will be preserved on instance delete, update, etc. This map is keyed with the device names of the disks." }, "externalIPs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "External network IPs assigned to the instances that will be preserved on instance delete, update, etc. This map is keyed with the network interface name." }, "internalIPs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Internal network IPs assigned to the instances that will be preserved on instance delete, update, etc. This map is keyed with the network interface name." } }, "type": "object", "required": [ "disks", "externalIPs", "internalIPs" ] }, "google-native:compute/v1:StatefulPolicyResponse": { "properties": { "preservedState": { "$ref": "#/types/google-native:compute%2Fv1:StatefulPolicyPreservedStateResponse" } }, "type": "object", "required": [ "preservedState" ] }, "google-native:compute/v1:SubnetworkIpv6AccessType": { "description": "The access type of IPv6 address this subnet holds. It's immutable and can only be specified during creation or the first time the subnet is updated into IPV4_IPV6 dual stack.", "type": "string", "enum": [ { "name": "External", "description": "VMs on this subnet will be assigned IPv6 addresses that are accessible via the Internet, as well as the VPC network.", "value": "EXTERNAL" }, { "name": "Internal", "description": "VMs on this subnet will be assigned IPv6 addresses that are only accessible over the VPC network.", "value": "INTERNAL" } ] }, "google-native:compute/v1:SubnetworkLogConfig": { "description": "The available logging options for this subnetwork.", "properties": { "aggregationInterval": { "$ref": "#/types/google-native:compute%2Fv1:SubnetworkLogConfigAggregationInterval", "description": "Can only be specified if VPC flow logging for this subnetwork is enabled. Toggles the aggregation interval for collecting flow logs. Increasing the interval time will reduce the amount of generated flow logs for long lasting connections. Default is an interval of 5 seconds per connection." }, "enable": { "type": "boolean", "description": "Whether to enable flow logging for this subnetwork. If this field is not explicitly set, it will not appear in get listings. If not set the default behavior is determined by the org policy, if there is no org policy specified, then it will default to disabled. Flow logging isn't supported if the subnet purpose field is set to REGIONAL_MANAGED_PROXY." }, "filterExpr": { "type": "string", "description": "Can only be specified if VPC flow logs for this subnetwork is enabled. The filter expression is used to define which VPC flow logs should be exported to Cloud Logging." }, "flowSampling": { "type": "number", "description": "Can only be specified if VPC flow logging for this subnetwork is enabled. The value of the field must be in [0, 1]. Set the sampling rate of VPC flow logs within the subnetwork where 1.0 means all collected logs are reported and 0.0 means no logs are reported. Default is 0.5 unless otherwise specified by the org policy, which means half of all collected logs are reported." }, "metadata": { "$ref": "#/types/google-native:compute%2Fv1:SubnetworkLogConfigMetadata", "description": "Can only be specified if VPC flow logs for this subnetwork is enabled. Configures whether all, none or a subset of metadata fields should be added to the reported VPC flow logs. Default is EXCLUDE_ALL_METADATA." }, "metadataFields": { "type": "array", "items": { "type": "string" }, "description": "Can only be specified if VPC flow logs for this subnetwork is enabled and \"metadata\" was set to CUSTOM_METADATA." } }, "type": "object" }, "google-native:compute/v1:SubnetworkLogConfigAggregationInterval": { "description": "Can only be specified if VPC flow logging for this subnetwork is enabled. Toggles the aggregation interval for collecting flow logs. Increasing the interval time will reduce the amount of generated flow logs for long lasting connections. Default is an interval of 5 seconds per connection.", "type": "string", "enum": [ { "name": "Interval10Min", "value": "INTERVAL_10_MIN" }, { "name": "Interval15Min", "value": "INTERVAL_15_MIN" }, { "name": "Interval1Min", "value": "INTERVAL_1_MIN" }, { "name": "Interval30Sec", "value": "INTERVAL_30_SEC" }, { "name": "Interval5Min", "value": "INTERVAL_5_MIN" }, { "name": "Interval5Sec", "value": "INTERVAL_5_SEC" } ] }, "google-native:compute/v1:SubnetworkLogConfigMetadata": { "description": "Can only be specified if VPC flow logs for this subnetwork is enabled. Configures whether all, none or a subset of metadata fields should be added to the reported VPC flow logs. Default is EXCLUDE_ALL_METADATA.", "type": "string", "enum": [ { "name": "CustomMetadata", "value": "CUSTOM_METADATA" }, { "name": "ExcludeAllMetadata", "value": "EXCLUDE_ALL_METADATA" }, { "name": "IncludeAllMetadata", "value": "INCLUDE_ALL_METADATA" } ] }, "google-native:compute/v1:SubnetworkLogConfigResponse": { "description": "The available logging options for this subnetwork.", "properties": { "aggregationInterval": { "type": "string", "description": "Can only be specified if VPC flow logging for this subnetwork is enabled. Toggles the aggregation interval for collecting flow logs. Increasing the interval time will reduce the amount of generated flow logs for long lasting connections. Default is an interval of 5 seconds per connection." }, "enable": { "type": "boolean", "description": "Whether to enable flow logging for this subnetwork. If this field is not explicitly set, it will not appear in get listings. If not set the default behavior is determined by the org policy, if there is no org policy specified, then it will default to disabled. Flow logging isn't supported if the subnet purpose field is set to REGIONAL_MANAGED_PROXY." }, "filterExpr": { "type": "string", "description": "Can only be specified if VPC flow logs for this subnetwork is enabled. The filter expression is used to define which VPC flow logs should be exported to Cloud Logging." }, "flowSampling": { "type": "number", "description": "Can only be specified if VPC flow logging for this subnetwork is enabled. The value of the field must be in [0, 1]. Set the sampling rate of VPC flow logs within the subnetwork where 1.0 means all collected logs are reported and 0.0 means no logs are reported. Default is 0.5 unless otherwise specified by the org policy, which means half of all collected logs are reported." }, "metadata": { "type": "string", "description": "Can only be specified if VPC flow logs for this subnetwork is enabled. Configures whether all, none or a subset of metadata fields should be added to the reported VPC flow logs. Default is EXCLUDE_ALL_METADATA." }, "metadataFields": { "type": "array", "items": { "type": "string" }, "description": "Can only be specified if VPC flow logs for this subnetwork is enabled and \"metadata\" was set to CUSTOM_METADATA." } }, "type": "object", "required": [ "aggregationInterval", "enable", "filterExpr", "flowSampling", "metadata", "metadataFields" ] }, "google-native:compute/v1:SubnetworkPrivateIpv6GoogleAccess": { "description": "This field is for internal use. This field can be both set at resource creation time and updated using patch.", "type": "string", "enum": [ { "name": "DisableGoogleAccess", "description": "Disable private IPv6 access to/from Google services.", "value": "DISABLE_GOOGLE_ACCESS" }, { "name": "EnableBidirectionalAccessToGoogle", "description": "Bidirectional private IPv6 access to/from Google services.", "value": "ENABLE_BIDIRECTIONAL_ACCESS_TO_GOOGLE" }, { "name": "EnableOutboundVmAccessToGoogle", "description": "Outbound private IPv6 access from VMs in this subnet to Google services.", "value": "ENABLE_OUTBOUND_VM_ACCESS_TO_GOOGLE" } ] }, "google-native:compute/v1:SubnetworkPurpose": { "description": "The purpose of the resource. This field can be either PRIVATE, REGIONAL_MANAGED_PROXY, PRIVATE_SERVICE_CONNECT, or INTERNAL_HTTPS_LOAD_BALANCER. PRIVATE is the default purpose for user-created subnets or subnets that are automatically created in auto mode networks. A subnet with purpose set to REGIONAL_MANAGED_PROXY is a user-created subnetwork that is reserved for regional Envoy-based load balancers. A subnet with purpose set to PRIVATE_SERVICE_CONNECT is used to publish services using Private Service Connect. A subnet with purpose set to INTERNAL_HTTPS_LOAD_BALANCER is a proxy-only subnet that can be used only by regional internal HTTP(S) load balancers. Note that REGIONAL_MANAGED_PROXY is the preferred setting for all regional Envoy load balancers. If unspecified, the subnet purpose defaults to PRIVATE. The enableFlowLogs field isn't supported if the subnet purpose field is set to REGIONAL_MANAGED_PROXY.", "type": "string", "enum": [ { "name": "GlobalManagedProxy", "description": "Subnet reserved for Global Envoy-based Load Balancing.", "value": "GLOBAL_MANAGED_PROXY" }, { "name": "InternalHttpsLoadBalancer", "description": "Subnet reserved for Internal HTTP(S) Load Balancing.", "value": "INTERNAL_HTTPS_LOAD_BALANCER" }, { "name": "Private", "description": "Regular user created or automatically created subnet.", "value": "PRIVATE" }, { "name": "PrivateNat", "description": "Subnetwork used as source range for Private NAT Gateways.", "value": "PRIVATE_NAT" }, { "name": "PrivateRfc1918", "description": "Regular user created or automatically created subnet.", "value": "PRIVATE_RFC_1918" }, { "name": "PrivateServiceConnect", "description": "Subnetworks created for Private Service Connect in the producer network.", "value": "PRIVATE_SERVICE_CONNECT" }, { "name": "RegionalManagedProxy", "description": "Subnetwork used for Regional Envoy-based Load Balancing.", "value": "REGIONAL_MANAGED_PROXY" } ] }, "google-native:compute/v1:SubnetworkRole": { "description": "The role of subnetwork. Currently, this field is only used when purpose = REGIONAL_MANAGED_PROXY. The value can be set to ACTIVE or BACKUP. An ACTIVE subnetwork is one that is currently being used for Envoy-based load balancers in a region. A BACKUP subnetwork is one that is ready to be promoted to ACTIVE or is currently draining. This field can be updated with a patch request.", "type": "string", "enum": [ { "name": "Active", "description": "The ACTIVE subnet that is currently used.", "value": "ACTIVE" }, { "name": "Backup", "description": "The BACKUP subnet that could be promoted to ACTIVE.", "value": "BACKUP" } ] }, "google-native:compute/v1:SubnetworkSecondaryRange": { "description": "Represents a secondary IP range of a subnetwork.", "properties": { "ipCidrRange": { "type": "string", "description": "The range of IP addresses belonging to this subnetwork secondary range. Provide this property when you create the subnetwork. Ranges must be unique and non-overlapping with all primary and secondary IP ranges within a network. Only IPv4 is supported. The range can be any range listed in the Valid ranges list." }, "rangeName": { "type": "string", "description": "The name associated with this subnetwork secondary range, used when adding an alias IP range to a VM instance. The name must be 1-63 characters long, and comply with RFC1035. The name must be unique within the subnetwork." } }, "type": "object" }, "google-native:compute/v1:SubnetworkSecondaryRangeResponse": { "description": "Represents a secondary IP range of a subnetwork.", "properties": { "ipCidrRange": { "type": "string", "description": "The range of IP addresses belonging to this subnetwork secondary range. Provide this property when you create the subnetwork. Ranges must be unique and non-overlapping with all primary and secondary IP ranges within a network. Only IPv4 is supported. The range can be any range listed in the Valid ranges list." }, "rangeName": { "type": "string", "description": "The name associated with this subnetwork secondary range, used when adding an alias IP range to a VM instance. The name must be 1-63 characters long, and comply with RFC1035. The name must be unique within the subnetwork." } }, "type": "object", "required": [ "ipCidrRange", "rangeName" ] }, "google-native:compute/v1:SubnetworkStackType": { "description": "The stack type for the subnet. If set to IPV4_ONLY, new VMs in the subnet are assigned IPv4 addresses only. If set to IPV4_IPV6, new VMs in the subnet can be assigned both IPv4 and IPv6 addresses. If not specified, IPV4_ONLY is used. This field can be both set at resource creation time and updated using patch.", "type": "string", "enum": [ { "name": "Ipv4Ipv6", "description": "New VMs in this subnet can have both IPv4 and IPv6 addresses.", "value": "IPV4_IPV6" }, { "name": "Ipv4Only", "description": "New VMs in this subnet will only be assigned IPv4 addresses.", "value": "IPV4_ONLY" } ] }, "google-native:compute/v1:Subsetting": { "description": "Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.", "properties": { "policy": { "$ref": "#/types/google-native:compute%2Fv1:SubsettingPolicy" } }, "type": "object" }, "google-native:compute/v1:SubsettingPolicy": { "type": "string", "enum": [ { "name": "ConsistentHashSubsetting", "description": "Subsetting based on consistent hashing. For Traffic Director, the number of backends per backend group (the subset size) is based on the `subset_size` parameter. For Internal HTTP(S) load balancing, the number of backends per backend group (the subset size) is dynamically adjusted in two cases: - As the number of proxy instances participating in Internal HTTP(S) load balancing increases, the subset size decreases. - When the total number of backends in a network exceeds the capacity of a single proxy instance, subset sizes are reduced automatically for each service that has backend subsetting enabled.", "value": "CONSISTENT_HASH_SUBSETTING" }, { "name": "None", "description": "No Subsetting. Clients may open connections and send traffic to all backends of this backend service. This can lead to performance issues if there is substantial imbalance in the count of clients and backends.", "value": "NONE" } ] }, "google-native:compute/v1:SubsettingResponse": { "description": "Subsetting configuration for this BackendService. Currently this is applicable only for Internal TCP/UDP load balancing, Internal HTTP(S) load balancing and Traffic Director.", "properties": { "policy": { "type": "string" } }, "type": "object", "required": [ "policy" ] }, "google-native:compute/v1:TCPHealthCheck": { "properties": { "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. The default value is 80. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "$ref": "#/types/google-native:compute%2Fv1:TCPHealthCheckPortSpecification", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." }, "proxyHeader": { "$ref": "#/types/google-native:compute%2Fv1:TCPHealthCheckProxyHeader", "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE." }, "request": { "type": "string", "description": "Instructs the health check prober to send this exact ASCII string, up to 1024 bytes in length, after establishing the TCP connection." }, "response": { "type": "string", "description": "Creates a content-based TCP health check. In addition to establishing a TCP connection, you can configure the health check to pass only when the backend sends this exact response ASCII string, up to 1024 bytes in length. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#criteria-protocol-ssl-tcp" } }, "type": "object" }, "google-native:compute/v1:TCPHealthCheckPortSpecification": { "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports.", "type": "string", "enum": [ { "name": "UseFixedPort", "description": "The port number in the health check's port is used for health checking. Applies to network endpoint group and instance group backends.", "value": "USE_FIXED_PORT" }, { "name": "UseNamedPort", "description": "Not supported.", "value": "USE_NAMED_PORT" }, { "name": "UseServingPort", "description": "For network endpoint group backends, the health check uses the port number specified on each endpoint in the network endpoint group. For instance group backends, the health check uses the port number specified for the backend service's named port defined in the instance group's named ports.", "value": "USE_SERVING_PORT" } ] }, "google-native:compute/v1:TCPHealthCheckProxyHeader": { "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.", "type": "string", "enum": [ { "name": "None", "value": "NONE" }, { "name": "ProxyV1", "value": "PROXY_V1" } ] }, "google-native:compute/v1:TCPHealthCheckResponse": { "properties": { "port": { "type": "integer", "description": "The TCP port number to which the health check prober sends packets. The default value is 80. Valid values are 1 through 65535." }, "portName": { "type": "string", "description": "Not supported." }, "portSpecification": { "type": "string", "description": "Specifies how a port is selected for health checking. Can be one of the following values: USE_FIXED_PORT: Specifies a port number explicitly using the port field in the health check. Supported by backend services for pass-through load balancers and backend services for proxy load balancers. Not supported by target pools. The health check supports all backends supported by the backend service provided the backend can be health checked. For example, GCE_VM_IP network endpoint groups, GCE_VM_IP_PORT network endpoint groups, and instance group backends. USE_NAMED_PORT: Not supported. USE_SERVING_PORT: Provides an indirect method of specifying the health check port by referring to the backend service. Only supported by backend services for proxy load balancers. Not supported by target pools. Not supported by backend services for pass-through load balancers. Supports all backends that can be health checked; for example, GCE_VM_IP_PORT network endpoint groups and instance group backends. For GCE_VM_IP_PORT network endpoint group backends, the health check uses the port number specified for each endpoint in the network endpoint group. For instance group backends, the health check uses the port number determined by looking up the backend service's named port in the instance group's list of named ports." }, "proxyHeader": { "type": "string", "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE." }, "request": { "type": "string", "description": "Instructs the health check prober to send this exact ASCII string, up to 1024 bytes in length, after establishing the TCP connection." }, "response": { "type": "string", "description": "Creates a content-based TCP health check. In addition to establishing a TCP connection, you can configure the health check to pass only when the backend sends this exact response ASCII string, up to 1024 bytes in length. For details, see: https://cloud.google.com/load-balancing/docs/health-check-concepts#criteria-protocol-ssl-tcp" } }, "type": "object", "required": [ "port", "portName", "portSpecification", "proxyHeader", "request", "response" ] }, "google-native:compute/v1:Tags": { "description": "A set of instance tags.", "properties": { "items": { "type": "array", "items": { "type": "string" }, "description": "An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035." } }, "type": "object" }, "google-native:compute/v1:TagsResponse": { "description": "A set of instance tags.", "properties": { "fingerprint": { "type": "string", "description": "Specifies a fingerprint for this request, which is essentially a hash of the tags' contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update tags. You must always provide an up-to-date fingerprint hash in order to update or change tags. To see the latest fingerprint, make get() request to the instance." }, "items": { "type": "array", "items": { "type": "string" }, "description": "An array of tags. Each tag must be 1-63 characters long, and comply with RFC1035." } }, "type": "object", "required": [ "fingerprint", "items" ] }, "google-native:compute/v1:TargetHttpsProxyQuicOverride": { "description": "Specifies the QUIC override policy for this TargetHttpsProxy resource. This setting determines whether the load balancer attempts to negotiate QUIC with clients. You can specify NONE, ENABLE, or DISABLE. - When quic-override is set to NONE, Google manages whether QUIC is used. - When quic-override is set to ENABLE, the load balancer uses QUIC when possible. - When quic-override is set to DISABLE, the load balancer doesn't use QUIC. - If the quic-override flag is not specified, NONE is implied. ", "type": "string", "enum": [ { "name": "Disable", "description": "The load balancer will not attempt to negotiate QUIC with clients.", "value": "DISABLE" }, { "name": "Enable", "description": "The load balancer will attempt to negotiate QUIC with clients.", "value": "ENABLE" }, { "name": "None", "description": "No overrides to the default QUIC policy. This option is implicit if no QUIC override has been specified in the request.", "value": "NONE" } ] }, "google-native:compute/v1:TargetInstanceNatPolicy": { "description": "Must have a value of NO_NAT. Protocol forwarding delivers packets while preserving the destination IP address of the forwarding rule referencing the target instance.", "type": "string", "enum": [ { "name": "NoNat", "description": "No NAT performed.", "value": "NO_NAT" } ] }, "google-native:compute/v1:TargetPoolSessionAffinity": { "description": "Session affinity option, must be one of the following values: NONE: Connections from the same client IP may go to any instance in the pool. CLIENT_IP: Connections from the same client IP will go to the same instance in the pool while that instance remains healthy. CLIENT_IP_PROTO: Connections from the same client IP with the same IP protocol will go to the same instance in the pool while that instance remains healthy.", "type": "string", "enum": [ { "name": "ClientIp", "description": "2-tuple hash on packet's source and destination IP addresses. Connections from the same source IP address to the same destination IP address will be served by the same backend VM while that VM remains healthy.", "value": "CLIENT_IP" }, { "name": "ClientIpNoDestination", "description": "1-tuple hash only on packet's source IP address. Connections from the same source IP address will be served by the same backend VM while that VM remains healthy. This option can only be used for Internal TCP/UDP Load Balancing.", "value": "CLIENT_IP_NO_DESTINATION" }, { "name": "ClientIpPortProto", "description": "5-tuple hash on packet's source and destination IP addresses, IP protocol, and source and destination ports. Connections for the same IP protocol from the same source IP address and port to the same destination IP address and port will be served by the same backend VM while that VM remains healthy. This option cannot be used for HTTP(S) load balancing.", "value": "CLIENT_IP_PORT_PROTO" }, { "name": "ClientIpProto", "description": "3-tuple hash on packet's source and destination IP addresses, and IP protocol. Connections for the same IP protocol from the same source IP address to the same destination IP address will be served by the same backend VM while that VM remains healthy. This option cannot be used for HTTP(S) load balancing.", "value": "CLIENT_IP_PROTO" }, { "name": "GeneratedCookie", "description": "Hash based on a cookie generated by the L7 loadbalancer. Only valid for HTTP(S) load balancing.", "value": "GENERATED_COOKIE" }, { "name": "HeaderField", "description": "The hash is based on a user specified header field.", "value": "HEADER_FIELD" }, { "name": "HttpCookie", "description": "The hash is based on a user provided cookie.", "value": "HTTP_COOKIE" }, { "name": "None", "description": "No session affinity. Connections from the same client IP may go to any instance in the pool.", "value": "NONE" } ] }, "google-native:compute/v1:TargetSslProxyProxyHeader": { "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.", "type": "string", "enum": [ { "name": "None", "value": "NONE" }, { "name": "ProxyV1", "value": "PROXY_V1" } ] }, "google-native:compute/v1:TargetTcpProxyProxyHeader": { "description": "Specifies the type of proxy header to append before sending data to the backend, either NONE or PROXY_V1. The default is NONE.", "type": "string", "enum": [ { "name": "None", "value": "NONE" }, { "name": "ProxyV1", "value": "PROXY_V1" } ] }, "google-native:compute/v1:Uint128Response": { "properties": { "high": { "type": "string" }, "low": { "type": "string" } }, "type": "object", "required": [ "high", "low" ] }, "google-native:compute/v1:UpcomingMaintenanceResponse": { "description": "Upcoming Maintenance notification information.", "properties": { "canReschedule": { "type": "boolean", "description": "Indicates if the maintenance can be customer triggered." }, "latestWindowStartTime": { "type": "string", "description": "The latest time for the planned maintenance window to start. This timestamp value is in RFC3339 text format." }, "maintenanceStatus": { "type": "string" }, "type": { "type": "string", "description": "Defines the type of maintenance." }, "windowEndTime": { "type": "string", "description": "The time by which the maintenance disruption will be completed. This timestamp value is in RFC3339 text format." }, "windowStartTime": { "type": "string", "description": "The current start time of the maintenance window. This timestamp value is in RFC3339 text format." } }, "type": "object", "required": [ "canReschedule", "latestWindowStartTime", "maintenanceStatus", "type", "windowEndTime", "windowStartTime" ] }, "google-native:compute/v1:UrlMapTest": { "description": "Message for the expected URL mappings.", "properties": { "description": { "type": "string", "description": "Description of this test case." }, "expectedOutputUrl": { "type": "string", "description": "The expected output URL evaluated by the load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by the load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to HTTPS. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified." }, "expectedRedirectResponseCode": { "type": "integer", "description": "For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set." }, "headers": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:UrlMapTestHeader" }, "description": "HTTP headers for this request. If headers contains a host header, then host must also match the header value." }, "host": { "type": "string", "description": "Host portion of the URL. If headers contains a host header, then host must also match the header value." }, "path": { "type": "string", "description": "Path portion of the URL." }, "service": { "type": "string", "description": "Expected BackendService or BackendBucket resource the given URL should be mapped to. The service field cannot be set if expectedRedirectResponseCode is set." } }, "type": "object" }, "google-native:compute/v1:UrlMapTestHeader": { "description": "HTTP headers used in UrlMapTests.", "properties": { "name": { "type": "string", "description": "Header name." }, "value": { "type": "string", "description": "Header value." } }, "type": "object" }, "google-native:compute/v1:UrlMapTestHeaderResponse": { "description": "HTTP headers used in UrlMapTests.", "properties": { "name": { "type": "string", "description": "Header name." }, "value": { "type": "string", "description": "Header value." } }, "type": "object", "required": [ "name", "value" ] }, "google-native:compute/v1:UrlMapTestResponse": { "description": "Message for the expected URL mappings.", "properties": { "description": { "type": "string", "description": "Description of this test case." }, "expectedOutputUrl": { "type": "string", "description": "The expected output URL evaluated by the load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by the load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to HTTPS. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified." }, "expectedRedirectResponseCode": { "type": "integer", "description": "For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set." }, "headers": { "type": "array", "items": { "$ref": "#/types/google-native:compute%2Fv1:UrlMapTestHeaderResponse" }, "description": "HTTP headers for this request. If headers contains a host header, then host must also match the header value." }, "host": { "type": "string", "description": "Host portion of the URL. If headers contains a host header, then host must also match the header value." }, "path": { "type": "string", "description": "Path portion of the URL." }, "service": { "type": "string", "description": "Expected BackendService or BackendBucket resource the given URL should be mapped to. The service field cannot be set if expectedRedirectResponseCode is set." } }, "type": "object", "required": [ "description", "expectedOutputUrl", "expectedRedirectResponseCode", "headers", "host", "path", "service" ] }, "google-native:compute/v1:UrlRewrite": { "description": "The spec for modifying the path before sending the request to the matched backend service.", "properties": { "hostRewrite": { "type": "string", "description": "Before forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be from 1 to 255 characters." }, "pathPrefixRewrite": { "type": "string", "description": "Before forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be from 1 to 1024 characters." }, "pathTemplateRewrite": { "type": "string", "description": " If specified, the pattern rewrites the URL path (based on the :path header) using the HTTP template syntax. A corresponding path_template_match must be specified. Any template variables must exist in the path_template_match field. - -At least one variable must be specified in the path_template_match field - You can omit variables from the rewritten URL - The * and ** operators cannot be matched unless they have a corresponding variable name - e.g. {format=*} or {var=**}. For example, a path_template_match of /static/{format=**} could be rewritten as /static/content/{format} to prefix /content to the URL. Variables can also be re-ordered in a rewrite, so that /{country}/{format}/{suffix=**} can be rewritten as /content/{format}/{country}/{suffix}. At least one non-empty routeRules[].matchRules[].path_template_match is required. Only one of path_prefix_rewrite or path_template_rewrite may be specified." } }, "type": "object" }, "google-native:compute/v1:UrlRewriteResponse": { "description": "The spec for modifying the path before sending the request to the matched backend service.", "properties": { "hostRewrite": { "type": "string", "description": "Before forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be from 1 to 255 characters." }, "pathPrefixRewrite": { "type": "string", "description": "Before forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be from 1 to 1024 characters." }, "pathTemplateRewrite": { "type": "string", "description": " If specified, the pattern rewrites the URL path (based on the :path header) using the HTTP template syntax. A corresponding path_template_match must be specified. Any template variables must exist in the path_template_match field. - -At least one variable must be specified in the path_template_match field - You can omit variables from the rewritten URL - The * and ** operators cannot be matched unless they have a corresponding variable name - e.g. {format=*} or {var=**}. For example, a path_template_match of /static/{format=**} could be rewritten as /static/content/{format} to prefix /content to the URL. Variables can also be re-ordered in a rewrite, so that /{country}/{format}/{suffix=**} can be rewritten as /content/{format}/{country}/{suffix}. At least one non-empty routeRules[].matchRules[].path_template_match is required. Only one of path_prefix_rewrite or path_template_rewrite may be specified." } }, "type": "object", "required": [ "hostRewrite", "pathPrefixRewrite", "pathTemplateRewrite" ] }, "google-native:compute/v1:VpnGatewayStackType": { "description": "The stack type for this VPN gateway to identify the IP protocols that are enabled. Possible values are: IPV4_ONLY, IPV4_IPV6. If not specified, IPV4_ONLY will be used.", "type": "string", "enum": [ { "name": "Ipv4Ipv6", "description": "Enable VPN gateway with both IPv4 and IPv6 protocols.", "value": "IPV4_IPV6" }, { "name": "Ipv4Only", "description": "Enable VPN gateway with only IPv4 protocol.", "value": "IPV4_ONLY" } ] }, "google-native:compute/v1:VpnGatewayVpnGatewayInterface": { "description": "A VPN gateway interface.", "properties": { "interconnectAttachment": { "type": "string", "description": "URL of the VLAN attachment (interconnectAttachment) resource for this VPN gateway interface. When the value of this field is present, the VPN gateway is used for HA VPN over Cloud Interconnect; all egress or ingress traffic for this VPN gateway interface goes through the specified VLAN attachment resource." } }, "type": "object" }, "google-native:compute/v1:VpnGatewayVpnGatewayInterfaceResponse": { "description": "A VPN gateway interface.", "properties": { "interconnectAttachment": { "type": "string", "description": "URL of the VLAN attachment (interconnectAttachment) resource for this VPN gateway interface. When the value of this field is present, the VPN gateway is used for HA VPN over Cloud Interconnect; all egress or ingress traffic for this VPN gateway interface goes through the specified VLAN attachment resource." }, "ipAddress": { "type": "string", "description": "IP address for this VPN interface associated with the VPN gateway. The IP address could be either a regional external IP address or a regional internal IP address. The two IP addresses for a VPN gateway must be all regional external or regional internal IP addresses. There cannot be a mix of regional external IP addresses and regional internal IP addresses. For HA VPN over Cloud Interconnect, the IP addresses for both interfaces could either be regional internal IP addresses or regional external IP addresses. For regular (non HA VPN over Cloud Interconnect) HA VPN tunnels, the IP address must be a regional external IP address." } }, "type": "object", "required": [ "interconnectAttachment", "ipAddress" ] }, "google-native:compute/v1:WeightedBackendService": { "description": "In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple backend services. The volume of traffic for each backend service is proportional to the weight specified in each WeightedBackendService", "properties": { "backendService": { "type": "string", "description": "The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the load balancer applies any relevant headerActions specified as part of this backendServiceWeight." }, "headerAction": { "$ref": "#/types/google-native:compute%2Fv1:HttpHeaderAction", "description": "Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. headerAction is not supported for load balancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "weight": { "type": "integer", "description": "Specifies the fraction of traffic sent to a backend service, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backend service, subsequent requests are sent to the same backend service as determined by the backend service's session affinity policy. The value must be from 0 to 1000." } }, "type": "object" }, "google-native:compute/v1:WeightedBackendServiceResponse": { "description": "In contrast to a single BackendService in HttpRouteAction to which all matching traffic is directed to, WeightedBackendService allows traffic to be split across multiple backend services. The volume of traffic for each backend service is proportional to the weight specified in each WeightedBackendService", "properties": { "backendService": { "type": "string", "description": "The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the load balancer applies any relevant headerActions specified as part of this backendServiceWeight." }, "headerAction": { "$ref": "#/types/google-native:compute%2Fv1:HttpHeaderActionResponse", "description": "Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. headerAction is not supported for load balancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true." }, "weight": { "type": "integer", "description": "Specifies the fraction of traffic sent to a backend service, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backend service, subsequent requests are sent to the same backend service as determined by the backend service's session affinity policy. The value must be from 0 to 1000." } }, "type": "object", "required": [ "backendService", "headerAction", "weight" ] }, "google-native:connectors/v1:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:connectors%2Fv1:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:connectors/v1:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:connectors%2Fv1:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:connectors/v1:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:connectors%2Fv1:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:connectors/v1:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:connectors/v1:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:connectors/v1:AuthConfig": { "description": "AuthConfig defines details of a authentication type.", "properties": { "additionalVariables": { "type": "array", "items": { "$ref": "#/types/google-native:connectors%2Fv1:ConfigVariable" }, "description": "List containing additional auth configs." }, "authKey": { "type": "string", "description": "Identifier key for auth config" }, "authType": { "$ref": "#/types/google-native:connectors%2Fv1:AuthConfigAuthType", "description": "The type of authentication configured." }, "oauth2AuthCodeFlow": { "$ref": "#/types/google-native:connectors%2Fv1:Oauth2AuthCodeFlow", "description": "Oauth2AuthCodeFlow." }, "oauth2ClientCredentials": { "$ref": "#/types/google-native:connectors%2Fv1:Oauth2ClientCredentials", "description": "Oauth2ClientCredentials." }, "oauth2JwtBearer": { "$ref": "#/types/google-native:connectors%2Fv1:Oauth2JwtBearer", "description": "Oauth2JwtBearer." }, "sshPublicKey": { "$ref": "#/types/google-native:connectors%2Fv1:SshPublicKey", "description": "SSH Public Key." }, "userPassword": { "$ref": "#/types/google-native:connectors%2Fv1:UserPassword", "description": "UserPassword." } }, "type": "object" }, "google-native:connectors/v1:AuthConfigAuthType": { "description": "The type of authentication configured.", "type": "string", "enum": [ { "name": "AuthTypeUnspecified", "description": "Authentication type not specified.", "value": "AUTH_TYPE_UNSPECIFIED" }, { "name": "UserPassword", "description": "Username and Password Authentication.", "value": "USER_PASSWORD" }, { "name": "Oauth2JwtBearer", "description": "JSON Web Token (JWT) Profile for Oauth 2.0 Authorization Grant based authentication", "value": "OAUTH2_JWT_BEARER" }, { "name": "Oauth2ClientCredentials", "description": "Oauth 2.0 Client Credentials Grant Authentication", "value": "OAUTH2_CLIENT_CREDENTIALS" }, { "name": "SshPublicKey", "description": "SSH Public Key Authentication", "value": "SSH_PUBLIC_KEY" }, { "name": "Oauth2AuthCodeFlow", "description": "Oauth 2.0 Authorization Code Flow", "value": "OAUTH2_AUTH_CODE_FLOW" } ] }, "google-native:connectors/v1:AuthConfigResponse": { "description": "AuthConfig defines details of a authentication type.", "properties": { "additionalVariables": { "type": "array", "items": { "$ref": "#/types/google-native:connectors%2Fv1:ConfigVariableResponse" }, "description": "List containing additional auth configs." }, "authKey": { "type": "string", "description": "Identifier key for auth config" }, "authType": { "type": "string", "description": "The type of authentication configured." }, "oauth2AuthCodeFlow": { "$ref": "#/types/google-native:connectors%2Fv1:Oauth2AuthCodeFlowResponse", "description": "Oauth2AuthCodeFlow." }, "oauth2ClientCredentials": { "$ref": "#/types/google-native:connectors%2Fv1:Oauth2ClientCredentialsResponse", "description": "Oauth2ClientCredentials." }, "oauth2JwtBearer": { "$ref": "#/types/google-native:connectors%2Fv1:Oauth2JwtBearerResponse", "description": "Oauth2JwtBearer." }, "sshPublicKey": { "$ref": "#/types/google-native:connectors%2Fv1:SshPublicKeyResponse", "description": "SSH Public Key." }, "userPassword": { "$ref": "#/types/google-native:connectors%2Fv1:UserPasswordResponse", "description": "UserPassword." } }, "type": "object", "required": [ "additionalVariables", "authKey", "authType", "oauth2AuthCodeFlow", "oauth2ClientCredentials", "oauth2JwtBearer", "sshPublicKey", "userPassword" ] }, "google-native:connectors/v1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:connectors%2Fv1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:connectors/v1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:connectors%2Fv1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:connectors/v1:ConfigVariable": { "description": "ConfigVariable represents a configuration variable present in a Connection. or AuthConfig.", "properties": { "boolValue": { "type": "boolean", "description": "Value is a bool." }, "encryptionKeyValue": { "$ref": "#/types/google-native:connectors%2Fv1:EncryptionKey", "description": "Value is a Encryption Key." }, "intValue": { "type": "string", "description": "Value is an integer" }, "key": { "type": "string", "description": "Key of the config variable." }, "secretValue": { "$ref": "#/types/google-native:connectors%2Fv1:Secret", "description": "Value is a secret." }, "stringValue": { "type": "string", "description": "Value is a string." } }, "type": "object" }, "google-native:connectors/v1:ConfigVariableResponse": { "description": "ConfigVariable represents a configuration variable present in a Connection. or AuthConfig.", "properties": { "boolValue": { "type": "boolean", "description": "Value is a bool." }, "encryptionKeyValue": { "$ref": "#/types/google-native:connectors%2Fv1:EncryptionKeyResponse", "description": "Value is a Encryption Key." }, "intValue": { "type": "string", "description": "Value is an integer" }, "key": { "type": "string", "description": "Key of the config variable." }, "secretValue": { "$ref": "#/types/google-native:connectors%2Fv1:SecretResponse", "description": "Value is a secret." }, "stringValue": { "type": "string", "description": "Value is a string." } }, "type": "object", "required": [ "boolValue", "encryptionKeyValue", "intValue", "key", "secretValue", "stringValue" ] }, "google-native:connectors/v1:ConnectionEventingEnablementType": { "description": "Optional. Eventing enablement type. Will be nil if eventing is not enabled.", "type": "string", "enum": [ { "name": "EventingEnablementTypeUnspecified", "description": "Eventing Enablement Type Unspecifeied.", "value": "EVENTING_ENABLEMENT_TYPE_UNSPECIFIED" }, { "name": "EventingAndConnection", "description": "Both connection and eventing.", "value": "EVENTING_AND_CONNECTION" }, { "name": "OnlyEventing", "description": "Only Eventing.", "value": "ONLY_EVENTING" } ] }, "google-native:connectors/v1:ConnectionStatusResponse": { "description": "ConnectionStatus indicates the state of the connection.", "properties": { "description": { "type": "string", "description": "Description." }, "state": { "type": "string", "description": "State." }, "status": { "type": "string", "description": "Status provides detailed information for the state." } }, "type": "object", "required": [ "description", "state", "status" ] }, "google-native:connectors/v1:ConnectorVersionInfraConfigResponse": { "description": "This cofiguration provides infra configs like rate limit threshold which need to be configurable for every connector version", "properties": { "connectionRatelimitWindowSeconds": { "type": "string", "description": "The window used for ratelimiting runtime requests to connections." }, "hpaConfig": { "$ref": "#/types/google-native:connectors%2Fv1:HPAConfigResponse", "description": "HPA autoscaling config." }, "internalclientRatelimitThreshold": { "type": "string", "description": "Max QPS supported for internal requests originating from Connd." }, "ratelimitThreshold": { "type": "string", "description": "Max QPS supported by the connector version before throttling of requests." }, "resourceLimits": { "$ref": "#/types/google-native:connectors%2Fv1:ResourceLimitsResponse", "description": "System resource limits." }, "resourceRequests": { "$ref": "#/types/google-native:connectors%2Fv1:ResourceRequestsResponse", "description": "System resource requests." }, "sharedDeployment": { "type": "string", "description": "The name of shared connector deployment." } }, "type": "object", "required": [ "connectionRatelimitWindowSeconds", "hpaConfig", "internalclientRatelimitThreshold", "ratelimitThreshold", "resourceLimits", "resourceRequests", "sharedDeployment" ] }, "google-native:connectors/v1:ConnectorsLogConfig": { "description": "Log configuration for the connection.", "properties": { "enabled": { "type": "boolean", "description": "Enabled represents whether logging is enabled or not for a connection." } }, "type": "object" }, "google-native:connectors/v1:ConnectorsLogConfigResponse": { "description": "Log configuration for the connection.", "properties": { "enabled": { "type": "boolean", "description": "Enabled represents whether logging is enabled or not for a connection." } }, "type": "object", "required": [ "enabled" ] }, "google-native:connectors/v1:CustomConnectorCustomConnectorType": { "description": "Required. Type of the custom connector.", "type": "string", "enum": [ { "name": "CustomConnectorTypeUnspecified", "description": "Connector type is not specified.", "value": "CUSTOM_CONNECTOR_TYPE_UNSPECIFIED" }, { "name": "OpenApi", "description": "OpenAPI connector.", "value": "OPEN_API" }, { "name": "Proto", "description": "Proto connector.", "value": "PROTO" } ] }, "google-native:connectors/v1:CustomConnectorVersionType": { "description": "Required. Type of the customConnector.", "type": "string", "enum": [ { "name": "CustomConnectorTypeUnspecified", "description": "Connector type is not specified.", "value": "CUSTOM_CONNECTOR_TYPE_UNSPECIFIED" }, { "name": "OpenApi", "description": "OpenAPI connector.", "value": "OPEN_API" }, { "name": "Proto", "description": "Proto connector.", "value": "PROTO" } ] }, "google-native:connectors/v1:Destination": { "properties": { "host": { "type": "string", "description": "For publicly routable host." }, "port": { "type": "integer", "description": "The port is the target port number that is accepted by the destination." }, "serviceAttachment": { "type": "string", "description": "PSC service attachments. Format: projects/*/regions/*/serviceAttachments/*" } }, "type": "object" }, "google-native:connectors/v1:DestinationConfig": { "description": "Define the Connectors target endpoint.", "properties": { "destinations": { "type": "array", "items": { "$ref": "#/types/google-native:connectors%2Fv1:Destination" }, "description": "The destinations for the key." }, "key": { "type": "string", "description": "The key is the destination identifier that is supported by the Connector." } }, "type": "object" }, "google-native:connectors/v1:DestinationConfigResponse": { "description": "Define the Connectors target endpoint.", "properties": { "destinations": { "type": "array", "items": { "$ref": "#/types/google-native:connectors%2Fv1:DestinationResponse" }, "description": "The destinations for the key." }, "key": { "type": "string", "description": "The key is the destination identifier that is supported by the Connector." } }, "type": "object", "required": [ "destinations", "key" ] }, "google-native:connectors/v1:DestinationResponse": { "properties": { "host": { "type": "string", "description": "For publicly routable host." }, "port": { "type": "integer", "description": "The port is the target port number that is accepted by the destination." }, "serviceAttachment": { "type": "string", "description": "PSC service attachments. Format: projects/*/regions/*/serviceAttachments/*" } }, "type": "object", "required": [ "host", "port", "serviceAttachment" ] }, "google-native:connectors/v1:EncryptionKey": { "description": "Encryption Key value.", "properties": { "kmsKeyName": { "type": "string", "description": "The [KMS key name] with which the content of the Operation is encrypted. The expected format: `projects/*/locations/*/keyRings/*/cryptoKeys/*`. Will be empty string if google managed." }, "type": { "$ref": "#/types/google-native:connectors%2Fv1:EncryptionKeyType", "description": "Type." } }, "type": "object" }, "google-native:connectors/v1:EncryptionKeyResponse": { "description": "Encryption Key value.", "properties": { "kmsKeyName": { "type": "string", "description": "The [KMS key name] with which the content of the Operation is encrypted. The expected format: `projects/*/locations/*/keyRings/*/cryptoKeys/*`. Will be empty string if google managed." }, "type": { "type": "string", "description": "Type." } }, "type": "object", "required": [ "kmsKeyName", "type" ] }, "google-native:connectors/v1:EncryptionKeyType": { "description": "Type.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Value type is not specified.", "value": "TYPE_UNSPECIFIED" }, { "name": "GoogleManaged", "description": "Google Managed.", "value": "GOOGLE_MANAGED" }, { "name": "CustomerManaged", "description": "Customer Managed.", "value": "CUSTOMER_MANAGED" } ] }, "google-native:connectors/v1:EndPoint": { "description": "Endpoint message includes details of the Destination endpoint.", "properties": { "endpointUri": { "type": "string", "description": "The URI of the Endpoint." }, "headers": { "type": "array", "items": { "$ref": "#/types/google-native:connectors%2Fv1:Header" }, "description": "List of Header to be added to the Endpoint." } }, "type": "object" }, "google-native:connectors/v1:EndPointResponse": { "description": "Endpoint message includes details of the Destination endpoint.", "properties": { "endpointUri": { "type": "string", "description": "The URI of the Endpoint." }, "headers": { "type": "array", "items": { "$ref": "#/types/google-native:connectors%2Fv1:HeaderResponse" }, "description": "List of Header to be added to the Endpoint." } }, "type": "object", "required": [ "endpointUri", "headers" ] }, "google-native:connectors/v1:EventSubscriptionDestination": { "description": "Message for EventSubscription Destination to act on receiving an event", "properties": { "endpoint": { "$ref": "#/types/google-native:connectors%2Fv1:EndPoint", "description": "OPTION 1: Hit an endpoint when we receive an event." }, "serviceAccount": { "type": "string", "description": "Service account needed for runtime plane to trigger IP workflow." }, "type": { "$ref": "#/types/google-native:connectors%2Fv1:EventSubscriptionDestinationType", "description": "type of the destination" } }, "type": "object" }, "google-native:connectors/v1:EventSubscriptionDestinationResponse": { "description": "Message for EventSubscription Destination to act on receiving an event", "properties": { "endpoint": { "$ref": "#/types/google-native:connectors%2Fv1:EndPointResponse", "description": "OPTION 1: Hit an endpoint when we receive an event." }, "serviceAccount": { "type": "string", "description": "Service account needed for runtime plane to trigger IP workflow." }, "type": { "type": "string", "description": "type of the destination" } }, "type": "object", "required": [ "endpoint", "serviceAccount", "type" ] }, "google-native:connectors/v1:EventSubscriptionDestinationType": { "description": "type of the destination", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Default state.", "value": "TYPE_UNSPECIFIED" }, { "name": "Endpoint", "description": "Endpoint - Hit the value of endpoint when event is received", "value": "ENDPOINT" } ] }, "google-native:connectors/v1:EventSubscriptionStatus": { "description": "EventSubscription Status denotes the status of the EventSubscription resource.", "type": "object" }, "google-native:connectors/v1:EventSubscriptionStatusResponse": { "description": "EventSubscription Status denotes the status of the EventSubscription resource.", "properties": { "description": { "type": "string", "description": "Description of the state." }, "state": { "type": "string", "description": "State of Event Subscription resource." } }, "type": "object", "required": [ "description", "state" ] }, "google-native:connectors/v1:EventingConfig": { "description": "Eventing Configuration of a connection", "properties": { "additionalVariables": { "type": "array", "items": { "$ref": "#/types/google-native:connectors%2Fv1:ConfigVariable" }, "description": "Additional eventing related field values" }, "authConfig": { "$ref": "#/types/google-native:connectors%2Fv1:AuthConfig", "description": "Auth details for the webhook adapter." }, "encryptionKey": { "$ref": "#/types/google-native:connectors%2Fv1:ConfigVariable", "description": "Encryption key (can be either Google managed or CMEK)." }, "enrichmentEnabled": { "type": "boolean", "description": "Enrichment Enabled." }, "eventsListenerIngressEndpoint": { "type": "string", "description": "Optional. Ingress endpoint of the event listener. This is used only when private connectivity is enabled." }, "privateConnectivityEnabled": { "type": "boolean", "description": "Optional. Private Connectivity Enabled." }, "registrationDestinationConfig": { "$ref": "#/types/google-native:connectors%2Fv1:DestinationConfig", "description": "Registration endpoint for auto registration." } }, "type": "object" }, "google-native:connectors/v1:EventingConfigResponse": { "description": "Eventing Configuration of a connection", "properties": { "additionalVariables": { "type": "array", "items": { "$ref": "#/types/google-native:connectors%2Fv1:ConfigVariableResponse" }, "description": "Additional eventing related field values" }, "authConfig": { "$ref": "#/types/google-native:connectors%2Fv1:AuthConfigResponse", "description": "Auth details for the webhook adapter." }, "encryptionKey": { "$ref": "#/types/google-native:connectors%2Fv1:ConfigVariableResponse", "description": "Encryption key (can be either Google managed or CMEK)." }, "enrichmentEnabled": { "type": "boolean", "description": "Enrichment Enabled." }, "eventsListenerIngressEndpoint": { "type": "string", "description": "Optional. Ingress endpoint of the event listener. This is used only when private connectivity is enabled." }, "privateConnectivityEnabled": { "type": "boolean", "description": "Optional. Private Connectivity Enabled." }, "registrationDestinationConfig": { "$ref": "#/types/google-native:connectors%2Fv1:DestinationConfigResponse", "description": "Registration endpoint for auto registration." } }, "type": "object", "required": [ "additionalVariables", "authConfig", "encryptionKey", "enrichmentEnabled", "eventsListenerIngressEndpoint", "privateConnectivityEnabled", "registrationDestinationConfig" ] }, "google-native:connectors/v1:EventingRuntimeDataResponse": { "description": "Eventing runtime data has the details related to eventing managed by the system.", "properties": { "eventsListenerEndpoint": { "type": "string", "description": "Events listener endpoint. The value will populated after provisioning the events listener." }, "eventsListenerPscSa": { "type": "string", "description": "Events listener PSC Service attachment. The value will be populated after provisioning the events listener with private connectivity enabled." }, "status": { "$ref": "#/types/google-native:connectors%2Fv1:EventingStatusResponse", "description": "Current status of eventing." } }, "type": "object", "required": [ "eventsListenerEndpoint", "eventsListenerPscSa", "status" ] }, "google-native:connectors/v1:EventingStatusResponse": { "description": "EventingStatus indicates the state of eventing.", "properties": { "description": { "type": "string", "description": "Description of error if State is set to \"ERROR\"." }, "state": { "type": "string", "description": "State." } }, "type": "object", "required": [ "description", "state" ] }, "google-native:connectors/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:connectors/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:connectors/v1:HPAConfigResponse": { "description": "Autoscaling config for connector deployment system metrics.", "properties": { "cpuUtilizationThreshold": { "type": "string", "description": "Percent CPU utilization where HPA triggers autoscaling." }, "memoryUtilizationThreshold": { "type": "string", "description": "Percent Memory utilization where HPA triggers autoscaling." } }, "type": "object", "required": [ "cpuUtilizationThreshold", "memoryUtilizationThreshold" ] }, "google-native:connectors/v1:Header": { "description": "Header details for a given header to be added to Endpoint.", "properties": { "key": { "type": "string", "description": "Key of Header." }, "value": { "type": "string", "description": "Value of Header." } }, "type": "object" }, "google-native:connectors/v1:HeaderResponse": { "description": "Header details for a given header to be added to Endpoint.", "properties": { "key": { "type": "string", "description": "Key of Header." }, "value": { "type": "string", "description": "Value of Header." } }, "type": "object", "required": [ "key", "value" ] }, "google-native:connectors/v1:JMS": { "description": "JMS message denotes the source of the event", "properties": { "name": { "type": "string", "description": "Optional. Name of the JMS source. i.e. queueName or topicName" }, "type": { "$ref": "#/types/google-native:connectors%2Fv1:JMSType", "description": "Optional. Type of the JMS Source. i.e. Queue or Topic" } }, "type": "object" }, "google-native:connectors/v1:JMSResponse": { "description": "JMS message denotes the source of the event", "properties": { "name": { "type": "string", "description": "Optional. Name of the JMS source. i.e. queueName or topicName" }, "type": { "type": "string", "description": "Optional. Type of the JMS Source. i.e. Queue or Topic" } }, "type": "object", "required": [ "name", "type" ] }, "google-native:connectors/v1:JMSType": { "description": "Optional. Type of the JMS Source. i.e. Queue or Topic", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Default state.", "value": "TYPE_UNSPECIFIED" }, { "name": "Queue", "description": "JMS Queue.", "value": "QUEUE" }, { "name": "Topic", "description": "JMS Topic.", "value": "TOPIC" } ] }, "google-native:connectors/v1:JwtClaims": { "description": "JWT claims used for the jwt-bearer authorization grant.", "properties": { "audience": { "type": "string", "description": "Value for the \"aud\" claim." }, "issuer": { "type": "string", "description": "Value for the \"iss\" claim." }, "subject": { "type": "string", "description": "Value for the \"sub\" claim." } }, "type": "object" }, "google-native:connectors/v1:JwtClaimsResponse": { "description": "JWT claims used for the jwt-bearer authorization grant.", "properties": { "audience": { "type": "string", "description": "Value for the \"aud\" claim." }, "issuer": { "type": "string", "description": "Value for the \"iss\" claim." }, "subject": { "type": "string", "description": "Value for the \"sub\" claim." } }, "type": "object", "required": [ "audience", "issuer", "subject" ] }, "google-native:connectors/v1:LockConfig": { "description": "Determines whether or no a connection is locked. If locked, a reason must be specified.", "properties": { "locked": { "type": "boolean", "description": "Indicates whether or not the connection is locked." }, "reason": { "type": "string", "description": "Describes why a connection is locked." } }, "type": "object" }, "google-native:connectors/v1:LockConfigResponse": { "description": "Determines whether or no a connection is locked. If locked, a reason must be specified.", "properties": { "locked": { "type": "boolean", "description": "Indicates whether or not the connection is locked." }, "reason": { "type": "string", "description": "Describes why a connection is locked." } }, "type": "object", "required": [ "locked", "reason" ] }, "google-native:connectors/v1:NodeConfig": { "description": "Node configuration for the connection.", "properties": { "maxNodeCount": { "type": "integer", "description": "Maximum number of nodes in the runtime nodes." }, "minNodeCount": { "type": "integer", "description": "Minimum number of nodes in the runtime nodes." } }, "type": "object" }, "google-native:connectors/v1:NodeConfigResponse": { "description": "Node configuration for the connection.", "properties": { "maxNodeCount": { "type": "integer", "description": "Maximum number of nodes in the runtime nodes." }, "minNodeCount": { "type": "integer", "description": "Minimum number of nodes in the runtime nodes." } }, "type": "object", "required": [ "maxNodeCount", "minNodeCount" ] }, "google-native:connectors/v1:Oauth2AuthCodeFlow": { "description": "Parameters to support Oauth 2.0 Auth Code Grant Authentication. See https://www.rfc-editor.org/rfc/rfc6749#section-1.3.1 for more details.", "properties": { "authCode": { "type": "string", "description": "Authorization code to be exchanged for access and refresh tokens." }, "authUri": { "type": "string", "description": "Auth URL for Authorization Code Flow" }, "clientId": { "type": "string", "description": "Client ID for user-provided OAuth app." }, "clientSecret": { "$ref": "#/types/google-native:connectors%2Fv1:Secret", "description": "Client secret for user-provided OAuth app." }, "enablePkce": { "type": "boolean", "description": "Whether to enable PKCE when the user performs the auth code flow." }, "pkceVerifier": { "type": "string", "description": "PKCE verifier to be used during the auth code exchange." }, "redirectUri": { "type": "string", "description": "Redirect URI to be provided during the auth code exchange." }, "scopes": { "type": "array", "items": { "type": "string" }, "description": "Scopes the connection will request when the user performs the auth code flow." } }, "type": "object" }, "google-native:connectors/v1:Oauth2AuthCodeFlowResponse": { "description": "Parameters to support Oauth 2.0 Auth Code Grant Authentication. See https://www.rfc-editor.org/rfc/rfc6749#section-1.3.1 for more details.", "properties": { "authCode": { "type": "string", "description": "Authorization code to be exchanged for access and refresh tokens." }, "authUri": { "type": "string", "description": "Auth URL for Authorization Code Flow" }, "clientId": { "type": "string", "description": "Client ID for user-provided OAuth app." }, "clientSecret": { "$ref": "#/types/google-native:connectors%2Fv1:SecretResponse", "description": "Client secret for user-provided OAuth app." }, "enablePkce": { "type": "boolean", "description": "Whether to enable PKCE when the user performs the auth code flow." }, "pkceVerifier": { "type": "string", "description": "PKCE verifier to be used during the auth code exchange." }, "redirectUri": { "type": "string", "description": "Redirect URI to be provided during the auth code exchange." }, "scopes": { "type": "array", "items": { "type": "string" }, "description": "Scopes the connection will request when the user performs the auth code flow." } }, "type": "object", "required": [ "authCode", "authUri", "clientId", "clientSecret", "enablePkce", "pkceVerifier", "redirectUri", "scopes" ] }, "google-native:connectors/v1:Oauth2ClientCredentials": { "description": "Parameters to support Oauth 2.0 Client Credentials Grant Authentication. See https://tools.ietf.org/html/rfc6749#section-1.3.4 for more details.", "properties": { "clientId": { "type": "string", "description": "The client identifier." }, "clientSecret": { "$ref": "#/types/google-native:connectors%2Fv1:Secret", "description": "Secret version reference containing the client secret." } }, "type": "object" }, "google-native:connectors/v1:Oauth2ClientCredentialsResponse": { "description": "Parameters to support Oauth 2.0 Client Credentials Grant Authentication. See https://tools.ietf.org/html/rfc6749#section-1.3.4 for more details.", "properties": { "clientId": { "type": "string", "description": "The client identifier." }, "clientSecret": { "$ref": "#/types/google-native:connectors%2Fv1:SecretResponse", "description": "Secret version reference containing the client secret." } }, "type": "object", "required": [ "clientId", "clientSecret" ] }, "google-native:connectors/v1:Oauth2JwtBearer": { "description": "Parameters to support JSON Web Token (JWT) Profile for Oauth 2.0 Authorization Grant based authentication. See https://tools.ietf.org/html/rfc7523 for more details.", "properties": { "clientKey": { "$ref": "#/types/google-native:connectors%2Fv1:Secret", "description": "Secret version reference containing a PKCS#8 PEM-encoded private key associated with the Client Certificate. This private key will be used to sign JWTs used for the jwt-bearer authorization grant. Specified in the form as: `projects/*/secrets/*/versions/*`." }, "jwtClaims": { "$ref": "#/types/google-native:connectors%2Fv1:JwtClaims", "description": "JwtClaims providers fields to generate the token." } }, "type": "object" }, "google-native:connectors/v1:Oauth2JwtBearerResponse": { "description": "Parameters to support JSON Web Token (JWT) Profile for Oauth 2.0 Authorization Grant based authentication. See https://tools.ietf.org/html/rfc7523 for more details.", "properties": { "clientKey": { "$ref": "#/types/google-native:connectors%2Fv1:SecretResponse", "description": "Secret version reference containing a PKCS#8 PEM-encoded private key associated with the Client Certificate. This private key will be used to sign JWTs used for the jwt-bearer authorization grant. Specified in the form as: `projects/*/secrets/*/versions/*`." }, "jwtClaims": { "$ref": "#/types/google-native:connectors%2Fv1:JwtClaimsResponse", "description": "JwtClaims providers fields to generate the token." } }, "type": "object", "required": [ "clientKey", "jwtClaims" ] }, "google-native:connectors/v1:ResourceLimitsResponse": { "description": "Resource limits defined for connection pods of a given connector type.", "properties": { "cpu": { "type": "string", "description": "CPU limit." }, "memory": { "type": "string", "description": "Memory limit." } }, "type": "object", "required": [ "cpu", "memory" ] }, "google-native:connectors/v1:ResourceRequestsResponse": { "description": "Resource requests defined for connection pods of a given connector type.", "properties": { "cpu": { "type": "string", "description": "CPU request." }, "memory": { "type": "string", "description": "Memory request." } }, "type": "object", "required": [ "cpu", "memory" ] }, "google-native:connectors/v1:Secret": { "description": "Secret provides a reference to entries in Secret Manager.", "properties": { "secretVersion": { "type": "string", "description": "The resource name of the secret version in the format, format as: `projects/*/secrets/*/versions/*`." } }, "type": "object" }, "google-native:connectors/v1:SecretResponse": { "description": "Secret provides a reference to entries in Secret Manager.", "properties": { "secretVersion": { "type": "string", "description": "The resource name of the secret version in the format, format as: `projects/*/secrets/*/versions/*`." } }, "type": "object", "required": [ "secretVersion" ] }, "google-native:connectors/v1:SshPublicKey": { "description": "Parameters to support Ssh public key Authentication.", "properties": { "certType": { "type": "string", "description": "Format of SSH Client cert." }, "sshClientCert": { "$ref": "#/types/google-native:connectors%2Fv1:Secret", "description": "SSH Client Cert. It should contain both public and private key." }, "sshClientCertPass": { "$ref": "#/types/google-native:connectors%2Fv1:Secret", "description": "Password (passphrase) for ssh client certificate if it has one." }, "username": { "type": "string", "description": "The user account used to authenticate." } }, "type": "object" }, "google-native:connectors/v1:SshPublicKeyResponse": { "description": "Parameters to support Ssh public key Authentication.", "properties": { "certType": { "type": "string", "description": "Format of SSH Client cert." }, "sshClientCert": { "$ref": "#/types/google-native:connectors%2Fv1:SecretResponse", "description": "SSH Client Cert. It should contain both public and private key." }, "sshClientCertPass": { "$ref": "#/types/google-native:connectors%2Fv1:SecretResponse", "description": "Password (passphrase) for ssh client certificate if it has one." }, "username": { "type": "string", "description": "The user account used to authenticate." } }, "type": "object", "required": [ "certType", "sshClientCert", "sshClientCertPass", "username" ] }, "google-native:connectors/v1:SslConfig": { "description": "SSL Configuration of a connection", "properties": { "additionalVariables": { "type": "array", "items": { "$ref": "#/types/google-native:connectors%2Fv1:ConfigVariable" }, "description": "Additional SSL related field values" }, "clientCertType": { "$ref": "#/types/google-native:connectors%2Fv1:SslConfigClientCertType", "description": "Type of Client Cert (PEM/JKS/.. etc.)" }, "clientCertificate": { "$ref": "#/types/google-native:connectors%2Fv1:Secret", "description": "Client Certificate" }, "clientPrivateKey": { "$ref": "#/types/google-native:connectors%2Fv1:Secret", "description": "Client Private Key" }, "clientPrivateKeyPass": { "$ref": "#/types/google-native:connectors%2Fv1:Secret", "description": "Secret containing the passphrase protecting the Client Private Key" }, "privateServerCertificate": { "$ref": "#/types/google-native:connectors%2Fv1:Secret", "description": "Private Server Certificate. Needs to be specified if trust model is `PRIVATE`." }, "serverCertType": { "$ref": "#/types/google-native:connectors%2Fv1:SslConfigServerCertType", "description": "Type of Server Cert (PEM/JKS/.. etc.)" }, "trustModel": { "$ref": "#/types/google-native:connectors%2Fv1:SslConfigTrustModel", "description": "Trust Model of the SSL connection" }, "type": { "$ref": "#/types/google-native:connectors%2Fv1:SslConfigType", "description": "Controls the ssl type for the given connector version." }, "useSsl": { "type": "boolean", "description": "Bool for enabling SSL" } }, "type": "object" }, "google-native:connectors/v1:SslConfigClientCertType": { "description": "Type of Client Cert (PEM/JKS/.. etc.)", "type": "string", "enum": [ { "name": "CertTypeUnspecified", "description": "Cert type unspecified.", "value": "CERT_TYPE_UNSPECIFIED" }, { "name": "Pem", "description": "Privacy Enhanced Mail (PEM) Type", "value": "PEM" } ] }, "google-native:connectors/v1:SslConfigResponse": { "description": "SSL Configuration of a connection", "properties": { "additionalVariables": { "type": "array", "items": { "$ref": "#/types/google-native:connectors%2Fv1:ConfigVariableResponse" }, "description": "Additional SSL related field values" }, "clientCertType": { "type": "string", "description": "Type of Client Cert (PEM/JKS/.. etc.)" }, "clientCertificate": { "$ref": "#/types/google-native:connectors%2Fv1:SecretResponse", "description": "Client Certificate" }, "clientPrivateKey": { "$ref": "#/types/google-native:connectors%2Fv1:SecretResponse", "description": "Client Private Key" }, "clientPrivateKeyPass": { "$ref": "#/types/google-native:connectors%2Fv1:SecretResponse", "description": "Secret containing the passphrase protecting the Client Private Key" }, "privateServerCertificate": { "$ref": "#/types/google-native:connectors%2Fv1:SecretResponse", "description": "Private Server Certificate. Needs to be specified if trust model is `PRIVATE`." }, "serverCertType": { "type": "string", "description": "Type of Server Cert (PEM/JKS/.. etc.)" }, "trustModel": { "type": "string", "description": "Trust Model of the SSL connection" }, "type": { "type": "string", "description": "Controls the ssl type for the given connector version." }, "useSsl": { "type": "boolean", "description": "Bool for enabling SSL" } }, "type": "object", "required": [ "additionalVariables", "clientCertType", "clientCertificate", "clientPrivateKey", "clientPrivateKeyPass", "privateServerCertificate", "serverCertType", "trustModel", "type", "useSsl" ] }, "google-native:connectors/v1:SslConfigServerCertType": { "description": "Type of Server Cert (PEM/JKS/.. etc.)", "type": "string", "enum": [ { "name": "CertTypeUnspecified", "description": "Cert type unspecified.", "value": "CERT_TYPE_UNSPECIFIED" }, { "name": "Pem", "description": "Privacy Enhanced Mail (PEM) Type", "value": "PEM" } ] }, "google-native:connectors/v1:SslConfigTrustModel": { "description": "Trust Model of the SSL connection", "type": "string", "enum": [ { "name": "Public", "description": "Public Trust Model. Takes the Default Java trust store.", "value": "PUBLIC" }, { "name": "Private", "description": "Private Trust Model. Takes custom/private trust store.", "value": "PRIVATE" }, { "name": "Insecure", "description": "Insecure Trust Model. Accept all certificates.", "value": "INSECURE" } ] }, "google-native:connectors/v1:SslConfigType": { "description": "Controls the ssl type for the given connector version.", "type": "string", "enum": [ { "name": "SslTypeUnspecified", "description": "No SSL configuration required.", "value": "SSL_TYPE_UNSPECIFIED" }, { "name": "Tls", "description": "TLS Handshake", "value": "TLS" }, { "name": "Mtls", "description": "mutual TLS (MTLS) Handshake", "value": "MTLS" } ] }, "google-native:connectors/v1:UserPassword": { "description": "Parameters to support Username and Password Authentication.", "properties": { "password": { "$ref": "#/types/google-native:connectors%2Fv1:Secret", "description": "Secret version reference containing the password." }, "username": { "type": "string", "description": "Username." } }, "type": "object" }, "google-native:connectors/v1:UserPasswordResponse": { "description": "Parameters to support Username and Password Authentication.", "properties": { "password": { "$ref": "#/types/google-native:connectors%2Fv1:SecretResponse", "description": "Secret version reference containing the password." }, "username": { "type": "string", "description": "Username." } }, "type": "object", "required": [ "password", "username" ] }, "google-native:contactcenteraiplatform/v1alpha1:AdminUser": { "description": "Message storing info about the first admin user. Next ID: 3", "properties": { "familyName": { "type": "string", "description": "Optional. Last/family name of the first admin user." }, "givenName": { "type": "string", "description": "Optional. First/given name of the first admin user." } }, "type": "object" }, "google-native:contactcenteraiplatform/v1alpha1:AdminUserResponse": { "description": "Message storing info about the first admin user. Next ID: 3", "properties": { "familyName": { "type": "string", "description": "Optional. Last/family name of the first admin user." }, "givenName": { "type": "string", "description": "Optional. First/given name of the first admin user." } }, "type": "object", "required": [ "familyName", "givenName" ] }, "google-native:contactcenteraiplatform/v1alpha1:InstanceConfig": { "description": "Message storing the instance configuration.", "properties": { "instanceSize": { "$ref": "#/types/google-native:contactcenteraiplatform%2Fv1alpha1:InstanceConfigInstanceSize", "description": "The instance size of this the instance configuration." } }, "type": "object" }, "google-native:contactcenteraiplatform/v1alpha1:InstanceConfigInstanceSize": { "description": "The instance size of this the instance configuration.", "type": "string", "enum": [ { "name": "InstanceSizeUnspecified", "description": "The default value. This value is used if the state is omitted.", "value": "INSTANCE_SIZE_UNSPECIFIED" }, { "name": "StandardSmall", "description": "Instance Size STANDARD_SMALL.", "value": "STANDARD_SMALL" }, { "name": "StandardMedium", "description": "Instance Size STANDARD_MEDIUM.", "value": "STANDARD_MEDIUM" }, { "name": "StandardLarge", "description": "Instance Size STANDARD_LARGE.", "value": "STANDARD_LARGE" }, { "name": "StandardXlarge", "description": "Instance Size STANDARD_XLARGE.", "value": "STANDARD_XLARGE" }, { "name": "Standard2xlarge", "description": "Instance Size STANDARD_2XLARGE.", "value": "STANDARD_2XLARGE" }, { "name": "Standard3xlarge", "description": "Instance Size STANDARD_3XLARGE.", "value": "STANDARD_3XLARGE" }, { "name": "DevXsmall", "description": "Instance Size DEV_EXTRA_SMALL.", "value": "DEV_XSMALL" } ] }, "google-native:contactcenteraiplatform/v1alpha1:InstanceConfigResponse": { "description": "Message storing the instance configuration.", "properties": { "instanceSize": { "type": "string", "description": "The instance size of this the instance configuration." } }, "type": "object", "required": [ "instanceSize" ] }, "google-native:contactcenteraiplatform/v1alpha1:SAMLParams": { "description": "Message storing SAML params to enable Google as IDP.", "properties": { "certificate": { "type": "string", "description": "SAML certificate" }, "emailMapping": { "type": "string", "description": "IdP field that maps to the user’s email address" }, "entityId": { "type": "string", "description": "Entity id URL" }, "ssoUri": { "type": "string", "description": "Single sign-on URL" }, "userEmail": { "type": "string", "description": "Email address of the first admin users." } }, "type": "object" }, "google-native:contactcenteraiplatform/v1alpha1:SAMLParamsResponse": { "description": "Message storing SAML params to enable Google as IDP.", "properties": { "certificate": { "type": "string", "description": "SAML certificate" }, "emailMapping": { "type": "string", "description": "IdP field that maps to the user’s email address" }, "entityId": { "type": "string", "description": "Entity id URL" }, "ssoUri": { "type": "string", "description": "Single sign-on URL" }, "userEmail": { "type": "string", "description": "Email address of the first admin users." } }, "type": "object", "required": [ "certificate", "emailMapping", "entityId", "ssoUri", "userEmail" ] }, "google-native:contactcenteraiplatform/v1alpha1:URIsResponse": { "description": "Message storing the URIs of the ContactCenter.", "properties": { "chatBotUri": { "type": "string", "description": "Chat Bot Uri of the ContactCenter" }, "mediaUri": { "type": "string", "description": "Media Uri of the ContactCenter." }, "rootUri": { "type": "string", "description": "Root Uri of the ContactCenter." }, "virtualAgentStreamingServiceUri": { "type": "string", "description": "Virtual Agent Streaming Service Uri of the ContactCenter." } }, "type": "object", "required": [ "chatBotUri", "mediaUri", "rootUri", "virtualAgentStreamingServiceUri" ] }, "google-native:contactcenterinsights/v1:ConversationMedium": { "description": "Immutable. The conversation medium, if unspecified will default to PHONE_CALL.", "type": "string", "enum": [ { "name": "MediumUnspecified", "description": "Default value, if unspecified will default to PHONE_CALL.", "value": "MEDIUM_UNSPECIFIED" }, { "name": "PhoneCall", "description": "The format for conversations that took place over the phone.", "value": "PHONE_CALL" }, { "name": "Chat", "description": "The format for conversations that took place over chat.", "value": "CHAT" } ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1AnalysisResponse": { "description": "The analysis resource.", "properties": { "analysisResult": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1AnalysisResultResponse", "description": "The result of the analysis, which is populated when the analysis finishes." }, "annotatorSelector": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1AnnotatorSelectorResponse", "description": "To select the annotators to run and the phrase matchers to use (if any). If not specified, all annotators will be run." }, "createTime": { "type": "string", "description": "The time at which the analysis was created, which occurs when the long-running operation completes." }, "name": { "type": "string", "description": "Immutable. The resource name of the analysis. Format: projects/{project}/locations/{location}/conversations/{conversation}/analyses/{analysis}" }, "requestTime": { "type": "string", "description": "The time at which the analysis was requested." } }, "type": "object", "required": [ "analysisResult", "annotatorSelector", "createTime", "name", "requestTime" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1AnalysisResultCallAnalysisMetadataResponse": { "description": "Call-specific metadata created during analysis.", "properties": { "annotations": { "type": "array", "items": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1CallAnnotationResponse" }, "description": "A list of call annotations that apply to this call." }, "entities": { "type": "object", "additionalProperties": { "type": "string" }, "description": "All the entities in the call." }, "intents": { "type": "object", "additionalProperties": { "type": "string" }, "description": "All the matched intents in the call." }, "issueModelResult": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1IssueModelResultResponse", "description": "Overall conversation-level issue modeling result." }, "phraseMatchers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "All the matched phrase matchers in the call." }, "sentiments": { "type": "array", "items": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1ConversationLevelSentimentResponse" }, "description": "Overall conversation-level sentiment for each channel of the call." } }, "type": "object", "required": [ "annotations", "entities", "intents", "issueModelResult", "phraseMatchers", "sentiments" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1AnalysisResultResponse": { "description": "The result of an analysis.", "properties": { "callAnalysisMetadata": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1AnalysisResultCallAnalysisMetadataResponse", "description": "Call-specific metadata created by the analysis." }, "endTime": { "type": "string", "description": "The time at which the analysis ended." } }, "type": "object", "required": [ "callAnalysisMetadata", "endTime" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1AnnotationBoundaryResponse": { "description": "A point in a conversation that marks the start or the end of an annotation.", "properties": { "transcriptIndex": { "type": "integer", "description": "The index in the sequence of transcribed pieces of the conversation where the boundary is located. This index starts at zero." }, "wordIndex": { "type": "integer", "description": "The word index of this boundary with respect to the first word in the transcript piece. This index starts at zero." } }, "type": "object", "required": [ "transcriptIndex", "wordIndex" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1AnnotatorSelector": { "description": "Selector of all available annotators and phrase matchers to run.", "properties": { "issueModels": { "type": "array", "items": { "type": "string" }, "description": "The issue model to run. If not provided, the most recently deployed topic model will be used. The provided issue model will only be used for inference if the issue model is deployed and if run_issue_model_annotator is set to true. If more than one issue model is provided, only the first provided issue model will be used for inference." }, "phraseMatchers": { "type": "array", "items": { "type": "string" }, "description": "The list of phrase matchers to run. If not provided, all active phrase matchers will be used. If inactive phrase matchers are provided, they will not be used. Phrase matchers will be run only if run_phrase_matcher_annotator is set to true. Format: projects/{project}/locations/{location}/phraseMatchers/{phrase_matcher}" }, "runEntityAnnotator": { "type": "boolean", "description": "Whether to run the entity annotator." }, "runIntentAnnotator": { "type": "boolean", "description": "Whether to run the intent annotator." }, "runInterruptionAnnotator": { "type": "boolean", "description": "Whether to run the interruption annotator." }, "runIssueModelAnnotator": { "type": "boolean", "description": "Whether to run the issue model annotator. A model should have already been deployed for this to take effect." }, "runPhraseMatcherAnnotator": { "type": "boolean", "description": "Whether to run the active phrase matcher annotator(s)." }, "runSentimentAnnotator": { "type": "boolean", "description": "Whether to run the sentiment annotator." }, "runSilenceAnnotator": { "type": "boolean", "description": "Whether to run the silence annotator." }, "runSummarizationAnnotator": { "type": "boolean", "description": "Whether to run the summarization annotator." }, "summarizationConfig": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1AnnotatorSelectorSummarizationConfig", "description": "Configuration for the summarization annotator." } }, "type": "object" }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1AnnotatorSelectorResponse": { "description": "Selector of all available annotators and phrase matchers to run.", "properties": { "issueModels": { "type": "array", "items": { "type": "string" }, "description": "The issue model to run. If not provided, the most recently deployed topic model will be used. The provided issue model will only be used for inference if the issue model is deployed and if run_issue_model_annotator is set to true. If more than one issue model is provided, only the first provided issue model will be used for inference." }, "phraseMatchers": { "type": "array", "items": { "type": "string" }, "description": "The list of phrase matchers to run. If not provided, all active phrase matchers will be used. If inactive phrase matchers are provided, they will not be used. Phrase matchers will be run only if run_phrase_matcher_annotator is set to true. Format: projects/{project}/locations/{location}/phraseMatchers/{phrase_matcher}" }, "runEntityAnnotator": { "type": "boolean", "description": "Whether to run the entity annotator." }, "runIntentAnnotator": { "type": "boolean", "description": "Whether to run the intent annotator." }, "runInterruptionAnnotator": { "type": "boolean", "description": "Whether to run the interruption annotator." }, "runIssueModelAnnotator": { "type": "boolean", "description": "Whether to run the issue model annotator. A model should have already been deployed for this to take effect." }, "runPhraseMatcherAnnotator": { "type": "boolean", "description": "Whether to run the active phrase matcher annotator(s)." }, "runSentimentAnnotator": { "type": "boolean", "description": "Whether to run the sentiment annotator." }, "runSilenceAnnotator": { "type": "boolean", "description": "Whether to run the silence annotator." }, "runSummarizationAnnotator": { "type": "boolean", "description": "Whether to run the summarization annotator." }, "summarizationConfig": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1AnnotatorSelectorSummarizationConfigResponse", "description": "Configuration for the summarization annotator." } }, "type": "object", "required": [ "issueModels", "phraseMatchers", "runEntityAnnotator", "runIntentAnnotator", "runInterruptionAnnotator", "runIssueModelAnnotator", "runPhraseMatcherAnnotator", "runSentimentAnnotator", "runSilenceAnnotator", "runSummarizationAnnotator", "summarizationConfig" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1AnnotatorSelectorSummarizationConfig": { "description": "Configuration for summarization.", "properties": { "conversationProfile": { "type": "string", "description": "Resource name of the Dialogflow conversation profile. Format: projects/{project}/locations/{location}/conversationProfiles/{conversation_profile}" }, "summarizationModel": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1AnnotatorSelectorSummarizationConfigSummarizationModel", "description": "Default summarization model to be used." } }, "type": "object" }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1AnnotatorSelectorSummarizationConfigResponse": { "description": "Configuration for summarization.", "properties": { "conversationProfile": { "type": "string", "description": "Resource name of the Dialogflow conversation profile. Format: projects/{project}/locations/{location}/conversationProfiles/{conversation_profile}" }, "summarizationModel": { "type": "string", "description": "Default summarization model to be used." } }, "type": "object", "required": [ "conversationProfile", "summarizationModel" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1AnnotatorSelectorSummarizationConfigSummarizationModel": { "description": "Default summarization model to be used.", "type": "string", "enum": [ { "name": "SummarizationModelUnspecified", "description": "Unspecified summarization model.", "value": "SUMMARIZATION_MODEL_UNSPECIFIED" }, { "name": "BaselineModel", "description": "The CCAI baseline model.", "value": "BASELINE_MODEL" } ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1AnswerFeedbackResponse": { "description": "The feedback that the customer has about a certain answer in the conversation.", "properties": { "clicked": { "type": "boolean", "description": "Indicates whether an answer or item was clicked by the human agent." }, "correctnessLevel": { "type": "string", "description": "The correctness level of an answer." }, "displayed": { "type": "boolean", "description": "Indicates whether an answer or item was displayed to the human agent in the agent desktop UI." } }, "type": "object", "required": [ "clicked", "correctnessLevel", "displayed" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1ArticleSuggestionDataResponse": { "description": "Agent Assist Article Suggestion data.", "properties": { "confidenceScore": { "type": "number", "description": "The system's confidence score that this article is a good match for this conversation, ranging from 0.0 (completely uncertain) to 1.0 (completely certain)." }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map that contains metadata about the Article Suggestion and the document that it originates from." }, "queryRecord": { "type": "string", "description": "The name of the answer record. Format: projects/{project}/locations/{location}/answerRecords/{answer_record}" }, "source": { "type": "string", "description": "The knowledge document that this answer was extracted from. Format: projects/{project}/knowledgeBases/{knowledge_base}/documents/{document}" }, "title": { "type": "string", "description": "Article title." }, "uri": { "type": "string", "description": "Article URI." } }, "type": "object", "required": [ "confidenceScore", "metadata", "queryRecord", "source", "title", "uri" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1CallAnnotationResponse": { "description": "A piece of metadata that applies to a window of a call.", "properties": { "annotationEndBoundary": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1AnnotationBoundaryResponse", "description": "The boundary in the conversation where the annotation ends, inclusive." }, "annotationStartBoundary": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1AnnotationBoundaryResponse", "description": "The boundary in the conversation where the annotation starts, inclusive." }, "channelTag": { "type": "integer", "description": "The channel of the audio where the annotation occurs. For single-channel audio, this field is not populated." }, "entityMentionData": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1EntityMentionDataResponse", "description": "Data specifying an entity mention." }, "holdData": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1HoldDataResponse", "description": "Data specifying a hold." }, "intentMatchData": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1IntentMatchDataResponse", "description": "Data specifying an intent match." }, "interruptionData": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1InterruptionDataResponse", "description": "Data specifying an interruption." }, "issueMatchData": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1IssueMatchDataResponse", "description": "Data specifying an issue match." }, "phraseMatchData": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1PhraseMatchDataResponse", "description": "Data specifying a phrase match." }, "sentimentData": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1SentimentDataResponse", "description": "Data specifying sentiment." }, "silenceData": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1SilenceDataResponse", "description": "Data specifying silence." } }, "type": "object", "required": [ "annotationEndBoundary", "annotationStartBoundary", "channelTag", "entityMentionData", "holdData", "intentMatchData", "interruptionData", "issueMatchData", "phraseMatchData", "sentimentData", "silenceData" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1ConversationCallMetadata": { "description": "Call-specific metadata.", "properties": { "agentChannel": { "type": "integer", "description": "The audio channel that contains the agent." }, "customerChannel": { "type": "integer", "description": "The audio channel that contains the customer." } }, "type": "object" }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1ConversationCallMetadataResponse": { "description": "Call-specific metadata.", "properties": { "agentChannel": { "type": "integer", "description": "The audio channel that contains the agent." }, "customerChannel": { "type": "integer", "description": "The audio channel that contains the customer." } }, "type": "object", "required": [ "agentChannel", "customerChannel" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1ConversationDataSource": { "description": "The conversation source, which is a combination of transcript, audio, and metadata.", "properties": { "dialogflowSource": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1DialogflowSource", "description": "The source when the conversation comes from Dialogflow." }, "gcsSource": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1GcsSource", "description": "A Cloud Storage location specification for the audio and transcript." } }, "type": "object" }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1ConversationDataSourceResponse": { "description": "The conversation source, which is a combination of transcript, audio, and metadata.", "properties": { "dialogflowSource": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1DialogflowSourceResponse", "description": "The source when the conversation comes from Dialogflow." }, "gcsSource": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1GcsSourceResponse", "description": "A Cloud Storage location specification for the audio and transcript." } }, "type": "object", "required": [ "dialogflowSource", "gcsSource" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1ConversationLevelSentimentResponse": { "description": "One channel of conversation-level sentiment data.", "properties": { "channelTag": { "type": "integer", "description": "The channel of the audio that the data applies to." }, "sentimentData": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1SentimentDataResponse", "description": "Data specifying sentiment." } }, "type": "object", "required": [ "channelTag", "sentimentData" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1ConversationParticipantResponse": { "description": "The call participant speaking for a given utterance.", "properties": { "dialogflowParticipant": { "type": "string", "description": "Deprecated. Use `dialogflow_participant_name` instead. The name of the Dialogflow participant. Format: projects/{project}/locations/{location}/conversations/{conversation}/participants/{participant}", "deprecationMessage": "Deprecated. Use `dialogflow_participant_name` instead. The name of the Dialogflow participant. Format: projects/{project}/locations/{location}/conversations/{conversation}/participants/{participant}" }, "dialogflowParticipantName": { "type": "string", "description": "The name of the participant provided by Dialogflow. Format: projects/{project}/locations/{location}/conversations/{conversation}/participants/{participant}" }, "obfuscatedExternalUserId": { "type": "string", "description": "Obfuscated user ID from Dialogflow." }, "role": { "type": "string", "description": "The role of the participant." }, "userId": { "type": "string", "description": "A user-specified ID representing the participant." } }, "type": "object", "required": [ "dialogflowParticipant", "dialogflowParticipantName", "obfuscatedExternalUserId", "role", "userId" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1ConversationSummarizationSuggestionDataResponse": { "description": "Conversation summarization suggestion data.", "properties": { "answerRecord": { "type": "string", "description": "The name of the answer record. Format: projects/{project}/locations/{location}/answerRecords/{answer_record}" }, "confidence": { "type": "number", "description": "The confidence score of the summarization." }, "conversationModel": { "type": "string", "description": "The name of the model that generates this summary. Format: projects/{project}/locations/{location}/conversationModels/{conversation_model}" }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map that contains metadata about the summarization and the document from which it originates." }, "text": { "type": "string", "description": "The summarization content that is concatenated into one string." }, "textSections": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The summarization content that is divided into sections. The key is the section's name and the value is the section's content. There is no specific format for the key or value." } }, "type": "object", "required": [ "answerRecord", "confidence", "conversationModel", "metadata", "text", "textSections" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1ConversationTranscriptResponse": { "description": "A message representing the transcript of a conversation.", "properties": { "transcriptSegments": { "type": "array", "items": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1ConversationTranscriptTranscriptSegmentResponse" }, "description": "A list of sequential transcript segments that comprise the conversation." } }, "type": "object", "required": [ "transcriptSegments" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1ConversationTranscriptTranscriptSegmentDialogflowSegmentMetadataResponse": { "description": "Metadata from Dialogflow relating to the current transcript segment.", "properties": { "smartReplyAllowlistCovered": { "type": "boolean", "description": "Whether the transcript segment was covered under the configured smart reply allowlist in Agent Assist." } }, "type": "object", "required": [ "smartReplyAllowlistCovered" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1ConversationTranscriptTranscriptSegmentResponse": { "description": "A segment of a full transcript.", "properties": { "channelTag": { "type": "integer", "description": "For conversations derived from multi-channel audio, this is the channel number corresponding to the audio from that channel. For audioChannelCount = N, its output values can range from '1' to 'N'. A channel tag of 0 indicates that the audio is mono." }, "confidence": { "type": "number", "description": "A confidence estimate between 0.0 and 1.0 of the fidelity of this segment. A default value of 0.0 indicates that the value is unset." }, "dialogflowSegmentMetadata": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1ConversationTranscriptTranscriptSegmentDialogflowSegmentMetadataResponse", "description": "CCAI metadata relating to the current transcript segment." }, "languageCode": { "type": "string", "description": "The language code of this segment as a [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt) language tag. Example: \"en-US\"." }, "messageTime": { "type": "string", "description": "The time that the message occurred, if provided." }, "segmentParticipant": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1ConversationParticipantResponse", "description": "The participant of this segment." }, "sentiment": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1SentimentDataResponse", "description": "The sentiment for this transcript segment." }, "text": { "type": "string", "description": "The text of this segment." }, "words": { "type": "array", "items": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1ConversationTranscriptTranscriptSegmentWordInfoResponse" }, "description": "A list of the word-specific information for each word in the segment." } }, "type": "object", "required": [ "channelTag", "confidence", "dialogflowSegmentMetadata", "languageCode", "messageTime", "segmentParticipant", "sentiment", "text", "words" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1ConversationTranscriptTranscriptSegmentWordInfoResponse": { "description": "Word-level info for words in a transcript.", "properties": { "confidence": { "type": "number", "description": "A confidence estimate between 0.0 and 1.0 of the fidelity of this word. A default value of 0.0 indicates that the value is unset." }, "endOffset": { "type": "string", "description": "Time offset of the end of this word relative to the beginning of the total conversation." }, "startOffset": { "type": "string", "description": "Time offset of the start of this word relative to the beginning of the total conversation." }, "word": { "type": "string", "description": "The word itself. Includes punctuation marks that surround the word." } }, "type": "object", "required": [ "confidence", "endOffset", "startOffset", "word" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1DialogflowInteractionDataResponse": { "description": "Dialogflow interaction data.", "properties": { "confidence": { "type": "number", "description": "The confidence of the match ranging from 0.0 (completely uncertain) to 1.0 (completely certain)." }, "dialogflowIntentId": { "type": "string", "description": "The Dialogflow intent resource path. Format: projects/{project}/agent/{agent}/intents/{intent}" } }, "type": "object", "required": [ "confidence", "dialogflowIntentId" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1DialogflowSource": { "description": "A Dialogflow source of conversation data.", "properties": { "audioUri": { "type": "string", "description": "Cloud Storage URI that points to a file that contains the conversation audio." } }, "type": "object" }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1DialogflowSourceResponse": { "description": "A Dialogflow source of conversation data.", "properties": { "audioUri": { "type": "string", "description": "Cloud Storage URI that points to a file that contains the conversation audio." }, "dialogflowConversation": { "type": "string", "description": "The name of the Dialogflow conversation that this conversation resource is derived from. Format: projects/{project}/locations/{location}/conversations/{conversation}" } }, "type": "object", "required": [ "audioUri", "dialogflowConversation" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1EntityMentionDataResponse": { "description": "The data for an entity mention annotation. This represents a mention of an `Entity` in the conversation.", "properties": { "entityUniqueId": { "type": "string", "description": "The key of this entity in conversation entities. Can be used to retrieve the exact `Entity` this mention is attached to." }, "sentiment": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1SentimentDataResponse", "description": "Sentiment expressed for this mention of the entity." }, "type": { "type": "string", "description": "The type of the entity mention." } }, "type": "object", "required": [ "entityUniqueId", "sentiment", "type" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1ExactMatchConfig": { "description": "Exact match configuration.", "properties": { "caseSensitive": { "type": "boolean", "description": "Whether to consider case sensitivity when performing an exact match." } }, "type": "object" }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1ExactMatchConfigResponse": { "description": "Exact match configuration.", "properties": { "caseSensitive": { "type": "boolean", "description": "Whether to consider case sensitivity when performing an exact match." } }, "type": "object", "required": [ "caseSensitive" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1FaqAnswerDataResponse": { "description": "Agent Assist frequently-asked-question answer data.", "properties": { "answer": { "type": "string", "description": "The piece of text from the `source` knowledge base document." }, "confidenceScore": { "type": "number", "description": "The system's confidence score that this answer is a good match for this conversation, ranging from 0.0 (completely uncertain) to 1.0 (completely certain)." }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map that contains metadata about the FAQ answer and the document that it originates from." }, "queryRecord": { "type": "string", "description": "The name of the answer record. Format: projects/{project}/locations/{location}/answerRecords/{answer_record}" }, "question": { "type": "string", "description": "The corresponding FAQ question." }, "source": { "type": "string", "description": "The knowledge document that this answer was extracted from. Format: projects/{project}/knowledgeBases/{knowledge_base}/documents/{document}." } }, "type": "object", "required": [ "answer", "confidenceScore", "metadata", "queryRecord", "question", "source" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1GcsSource": { "description": "A Cloud Storage source of conversation data.", "properties": { "audioUri": { "type": "string", "description": "Cloud Storage URI that points to a file that contains the conversation audio." }, "transcriptUri": { "type": "string", "description": "Immutable. Cloud Storage URI that points to a file that contains the conversation transcript." } }, "type": "object" }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1GcsSourceResponse": { "description": "A Cloud Storage source of conversation data.", "properties": { "audioUri": { "type": "string", "description": "Cloud Storage URI that points to a file that contains the conversation audio." }, "transcriptUri": { "type": "string", "description": "Immutable. Cloud Storage URI that points to a file that contains the conversation transcript." } }, "type": "object", "required": [ "audioUri", "transcriptUri" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1HoldDataResponse": { "description": "The data for a hold annotation.", "type": "object" }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1IntentMatchDataResponse": { "description": "The data for an intent match. Represents an intent match for a text segment in the conversation. A text segment can be part of a sentence, a complete sentence, or an utterance with multiple sentences.", "properties": { "intentUniqueId": { "type": "string", "description": "The id of the matched intent. Can be used to retrieve the corresponding intent information." } }, "type": "object", "required": [ "intentUniqueId" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1InterruptionDataResponse": { "description": "The data for an interruption annotation.", "type": "object" }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1IssueAssignmentResponse": { "description": "Information about the issue.", "properties": { "displayName": { "type": "string", "description": "Immutable. Display name of the assigned issue. This field is set at time of analyis and immutable since then." }, "issue": { "type": "string", "description": "Resource name of the assigned issue." }, "score": { "type": "number", "description": "Score indicating the likelihood of the issue assignment. currently bounded on [0,1]." } }, "type": "object", "required": [ "displayName", "issue", "score" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1IssueMatchDataResponse": { "description": "The data for an issue match annotation.", "properties": { "issueAssignment": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1IssueAssignmentResponse", "description": "Information about the issue's assignment." } }, "type": "object", "required": [ "issueAssignment" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1IssueModelInputDataConfig": { "description": "Configs for the input data used to create the issue model.", "properties": { "filter": { "type": "string", "description": "A filter to reduce the conversations used for training the model to a specific subset." }, "medium": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1IssueModelInputDataConfigMedium", "description": "Medium of conversations used in training data. This field is being deprecated. To specify the medium to be used in training a new issue model, set the `medium` field on `filter`." } }, "type": "object" }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1IssueModelInputDataConfigMedium": { "description": "Medium of conversations used in training data. This field is being deprecated. To specify the medium to be used in training a new issue model, set the `medium` field on `filter`.", "type": "string", "enum": [ { "name": "MediumUnspecified", "description": "Default value, if unspecified will default to PHONE_CALL.", "value": "MEDIUM_UNSPECIFIED" }, { "name": "PhoneCall", "description": "The format for conversations that took place over the phone.", "value": "PHONE_CALL" }, { "name": "Chat", "description": "The format for conversations that took place over chat.", "value": "CHAT" } ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1IssueModelInputDataConfigResponse": { "description": "Configs for the input data used to create the issue model.", "properties": { "filter": { "type": "string", "description": "A filter to reduce the conversations used for training the model to a specific subset." }, "medium": { "type": "string", "description": "Medium of conversations used in training data. This field is being deprecated. To specify the medium to be used in training a new issue model, set the `medium` field on `filter`." }, "trainingConversationsCount": { "type": "string", "description": "Number of conversations used in training. Output only." } }, "type": "object", "required": [ "filter", "medium", "trainingConversationsCount" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1IssueModelLabelStatsResponse": { "description": "Aggregated statistics about an issue model.", "properties": { "analyzedConversationsCount": { "type": "string", "description": "Number of conversations the issue model has analyzed at this point in time." }, "issueStats": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Statistics on each issue. Key is the issue's resource name." }, "unclassifiedConversationsCount": { "type": "string", "description": "Number of analyzed conversations for which no issue was applicable at this point in time." } }, "type": "object", "required": [ "analyzedConversationsCount", "issueStats", "unclassifiedConversationsCount" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1IssueModelResultResponse": { "description": "Issue Modeling result on a conversation.", "properties": { "issueModel": { "type": "string", "description": "Issue model that generates the result. Format: projects/{project}/locations/{location}/issueModels/{issue_model}" }, "issues": { "type": "array", "items": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1IssueAssignmentResponse" }, "description": "All the matched issues." } }, "type": "object", "required": [ "issueModel", "issues" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1PhraseMatchDataResponse": { "description": "The data for a matched phrase matcher. Represents information identifying a phrase matcher for a given match.", "properties": { "displayName": { "type": "string", "description": "The human-readable name of the phrase matcher." }, "phraseMatcher": { "type": "string", "description": "The unique identifier (the resource name) of the phrase matcher." } }, "type": "object", "required": [ "displayName", "phraseMatcher" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1PhraseMatchRule": { "description": "The data for a phrase match rule.", "properties": { "config": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1PhraseMatchRuleConfig", "description": "Provides additional information about the rule that specifies how to apply the rule." }, "negated": { "type": "boolean", "description": "Specifies whether the phrase must be missing from the transcript segment or present in the transcript segment." }, "query": { "type": "string", "description": "The phrase to be matched." } }, "type": "object", "required": [ "query" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1PhraseMatchRuleConfig": { "description": "Configuration information of a phrase match rule.", "properties": { "exactMatchConfig": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1ExactMatchConfig", "description": "The configuration for the exact match rule." } }, "type": "object" }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1PhraseMatchRuleConfigResponse": { "description": "Configuration information of a phrase match rule.", "properties": { "exactMatchConfig": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1ExactMatchConfigResponse", "description": "The configuration for the exact match rule." } }, "type": "object", "required": [ "exactMatchConfig" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1PhraseMatchRuleGroup": { "description": "A message representing a rule in the phrase matcher.", "properties": { "phraseMatchRules": { "type": "array", "items": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1PhraseMatchRule" }, "description": "A list of phrase match rules that are included in this group." }, "type": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1PhraseMatchRuleGroupType", "description": "The type of this phrase match rule group." } }, "type": "object", "required": [ "type" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1PhraseMatchRuleGroupResponse": { "description": "A message representing a rule in the phrase matcher.", "properties": { "phraseMatchRules": { "type": "array", "items": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1PhraseMatchRuleResponse" }, "description": "A list of phrase match rules that are included in this group." }, "type": { "type": "string", "description": "The type of this phrase match rule group." } }, "type": "object", "required": [ "phraseMatchRules", "type" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1PhraseMatchRuleGroupType": { "description": "Required. The type of this phrase match rule group.", "type": "string", "enum": [ { "name": "PhraseMatchRuleGroupTypeUnspecified", "description": "Unspecified.", "value": "PHRASE_MATCH_RULE_GROUP_TYPE_UNSPECIFIED" }, { "name": "AllOf", "description": "Must meet all phrase match rules or there is no match.", "value": "ALL_OF" }, { "name": "AnyOf", "description": "If any of the phrase match rules are met, there is a match.", "value": "ANY_OF" } ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1PhraseMatchRuleResponse": { "description": "The data for a phrase match rule.", "properties": { "config": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1PhraseMatchRuleConfigResponse", "description": "Provides additional information about the rule that specifies how to apply the rule." }, "negated": { "type": "boolean", "description": "Specifies whether the phrase must be missing from the transcript segment or present in the transcript segment." }, "query": { "type": "string", "description": "The phrase to be matched." } }, "type": "object", "required": [ "config", "negated", "query" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1RuntimeAnnotationResponse": { "description": "An annotation that was generated during the customer and agent interaction.", "properties": { "annotationId": { "type": "string", "description": "The unique identifier of the annotation. Format: projects/{project}/locations/{location}/conversationDatasets/{dataset}/conversationDataItems/{data_item}/conversationAnnotations/{annotation}" }, "answerFeedback": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1AnswerFeedbackResponse", "description": "The feedback that the customer has about the answer in `data`." }, "articleSuggestion": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1ArticleSuggestionDataResponse", "description": "Agent Assist Article Suggestion data." }, "conversationSummarizationSuggestion": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1ConversationSummarizationSuggestionDataResponse", "description": "Conversation summarization suggestion data." }, "createTime": { "type": "string", "description": "The time at which this annotation was created." }, "dialogflowInteraction": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1DialogflowInteractionDataResponse", "description": "Dialogflow interaction data." }, "endBoundary": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1AnnotationBoundaryResponse", "description": "The boundary in the conversation where the annotation ends, inclusive." }, "faqAnswer": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1FaqAnswerDataResponse", "description": "Agent Assist FAQ answer data." }, "smartComposeSuggestion": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1SmartComposeSuggestionDataResponse", "description": "Agent Assist Smart Compose suggestion data." }, "smartReply": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1SmartReplyDataResponse", "description": "Agent Assist Smart Reply data." }, "startBoundary": { "$ref": "#/types/google-native:contactcenterinsights%2Fv1:GoogleCloudContactcenterinsightsV1AnnotationBoundaryResponse", "description": "The boundary in the conversation where the annotation starts, inclusive." } }, "type": "object", "required": [ "annotationId", "answerFeedback", "articleSuggestion", "conversationSummarizationSuggestion", "createTime", "dialogflowInteraction", "endBoundary", "faqAnswer", "smartComposeSuggestion", "smartReply", "startBoundary" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1SentimentDataResponse": { "description": "The data for a sentiment annotation.", "properties": { "magnitude": { "type": "number", "description": "A non-negative number from 0 to infinity which represents the abolute magnitude of sentiment regardless of score." }, "score": { "type": "number", "description": "The sentiment score between -1.0 (negative) and 1.0 (positive)." } }, "type": "object", "required": [ "magnitude", "score" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1SilenceDataResponse": { "description": "The data for a silence annotation.", "type": "object" }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1SmartComposeSuggestionDataResponse": { "description": "Agent Assist Smart Compose suggestion data.", "properties": { "confidenceScore": { "type": "number", "description": "The system's confidence score that this suggestion is a good match for this conversation, ranging from 0.0 (completely uncertain) to 1.0 (completely certain)." }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map that contains metadata about the Smart Compose suggestion and the document from which it originates." }, "queryRecord": { "type": "string", "description": "The name of the answer record. Format: projects/{project}/locations/{location}/answerRecords/{answer_record}" }, "suggestion": { "type": "string", "description": "The content of the suggestion." } }, "type": "object", "required": [ "confidenceScore", "metadata", "queryRecord", "suggestion" ] }, "google-native:contactcenterinsights/v1:GoogleCloudContactcenterinsightsV1SmartReplyDataResponse": { "description": "Agent Assist Smart Reply data.", "properties": { "confidenceScore": { "type": "number", "description": "The system's confidence score that this reply is a good match for this conversation, ranging from 0.0 (completely uncertain) to 1.0 (completely certain)." }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map that contains metadata about the Smart Reply and the document from which it originates." }, "queryRecord": { "type": "string", "description": "The name of the answer record. Format: projects/{project}/locations/{location}/answerRecords/{answer_record}" }, "reply": { "type": "string", "description": "The content of the reply." } }, "type": "object", "required": [ "confidenceScore", "metadata", "queryRecord", "reply" ] }, "google-native:contactcenterinsights/v1:IssueModelModelType": { "description": "Type of the model.", "type": "string", "enum": [ { "name": "ModelTypeUnspecified", "description": "Unspecified model type.", "value": "MODEL_TYPE_UNSPECIFIED" }, { "name": "TypeV1", "description": "Type V1.", "value": "TYPE_V1" }, { "name": "TypeV2", "description": "Type V2.", "value": "TYPE_V2" } ] }, "google-native:contactcenterinsights/v1:PhraseMatcherRoleMatch": { "description": "The role whose utterances the phrase matcher should be matched against. If the role is ROLE_UNSPECIFIED it will be matched against any utterances in the transcript.", "type": "string", "enum": [ { "name": "RoleUnspecified", "description": "Participant's role is not set.", "value": "ROLE_UNSPECIFIED" }, { "name": "HumanAgent", "description": "Participant is a human agent.", "value": "HUMAN_AGENT" }, { "name": "AutomatedAgent", "description": "Participant is an automated agent.", "value": "AUTOMATED_AGENT" }, { "name": "EndUser", "description": "Participant is an end user who conversed with the contact center.", "value": "END_USER" }, { "name": "AnyAgent", "description": "Participant is either a human or automated agent.", "value": "ANY_AGENT" } ] }, "google-native:contactcenterinsights/v1:PhraseMatcherType": { "description": "Required. The type of this phrase matcher.", "type": "string", "enum": [ { "name": "PhraseMatcherTypeUnspecified", "description": "Unspecified.", "value": "PHRASE_MATCHER_TYPE_UNSPECIFIED" }, { "name": "AllOf", "description": "Must meet all phrase match rule groups or there is no match.", "value": "ALL_OF" }, { "name": "AnyOf", "description": "If any of the phrase match rule groups are met, there is a match.", "value": "ANY_OF" } ] }, "google-native:container/v1:AcceleratorConfig": { "description": "AcceleratorConfig represents a Hardware Accelerator request.", "properties": { "acceleratorCount": { "type": "string", "description": "The number of the accelerator cards exposed to an instance." }, "acceleratorType": { "type": "string", "description": "The accelerator type resource name. List of supported accelerators [here](https://cloud.google.com/compute/docs/gpus)" }, "gpuDriverInstallationConfig": { "$ref": "#/types/google-native:container%2Fv1:GPUDriverInstallationConfig", "description": "The configuration for auto installation of GPU driver." }, "gpuPartitionSize": { "type": "string", "description": "Size of partitions to create on the GPU. Valid values are described in the NVIDIA [mig user guide](https://docs.nvidia.com/datacenter/tesla/mig-user-guide/#partitioning)." }, "gpuSharingConfig": { "$ref": "#/types/google-native:container%2Fv1:GPUSharingConfig", "description": "The configuration for GPU sharing options." } }, "type": "object" }, "google-native:container/v1:AcceleratorConfigResponse": { "description": "AcceleratorConfig represents a Hardware Accelerator request.", "properties": { "acceleratorCount": { "type": "string", "description": "The number of the accelerator cards exposed to an instance." }, "acceleratorType": { "type": "string", "description": "The accelerator type resource name. List of supported accelerators [here](https://cloud.google.com/compute/docs/gpus)" }, "gpuDriverInstallationConfig": { "$ref": "#/types/google-native:container%2Fv1:GPUDriverInstallationConfigResponse", "description": "The configuration for auto installation of GPU driver." }, "gpuPartitionSize": { "type": "string", "description": "Size of partitions to create on the GPU. Valid values are described in the NVIDIA [mig user guide](https://docs.nvidia.com/datacenter/tesla/mig-user-guide/#partitioning)." }, "gpuSharingConfig": { "$ref": "#/types/google-native:container%2Fv1:GPUSharingConfigResponse", "description": "The configuration for GPU sharing options." } }, "type": "object", "required": [ "acceleratorCount", "acceleratorType", "gpuDriverInstallationConfig", "gpuPartitionSize", "gpuSharingConfig" ] }, "google-native:container/v1:AdditionalNodeNetworkConfig": { "description": "AdditionalNodeNetworkConfig is the configuration for additional node networks within the NodeNetworkConfig message", "properties": { "network": { "type": "string", "description": "Name of the VPC where the additional interface belongs" }, "subnetwork": { "type": "string", "description": "Name of the subnetwork where the additional interface belongs" } }, "type": "object" }, "google-native:container/v1:AdditionalNodeNetworkConfigResponse": { "description": "AdditionalNodeNetworkConfig is the configuration for additional node networks within the NodeNetworkConfig message", "properties": { "network": { "type": "string", "description": "Name of the VPC where the additional interface belongs" }, "subnetwork": { "type": "string", "description": "Name of the subnetwork where the additional interface belongs" } }, "type": "object", "required": [ "network", "subnetwork" ] }, "google-native:container/v1:AdditionalPodNetworkConfig": { "description": "AdditionalPodNetworkConfig is the configuration for additional pod networks within the NodeNetworkConfig message", "properties": { "maxPodsPerNode": { "$ref": "#/types/google-native:container%2Fv1:MaxPodsConstraint", "description": "The maximum number of pods per node which use this pod network" }, "secondaryPodRange": { "type": "string", "description": "The name of the secondary range on the subnet which provides IP address for this pod range" }, "subnetwork": { "type": "string", "description": "Name of the subnetwork where the additional pod network belongs" } }, "type": "object" }, "google-native:container/v1:AdditionalPodNetworkConfigResponse": { "description": "AdditionalPodNetworkConfig is the configuration for additional pod networks within the NodeNetworkConfig message", "properties": { "maxPodsPerNode": { "$ref": "#/types/google-native:container%2Fv1:MaxPodsConstraintResponse", "description": "The maximum number of pods per node which use this pod network" }, "secondaryPodRange": { "type": "string", "description": "The name of the secondary range on the subnet which provides IP address for this pod range" }, "subnetwork": { "type": "string", "description": "Name of the subnetwork where the additional pod network belongs" } }, "type": "object", "required": [ "maxPodsPerNode", "secondaryPodRange", "subnetwork" ] }, "google-native:container/v1:AdditionalPodRangesConfig": { "description": "AdditionalPodRangesConfig is the configuration for additional pod secondary ranges supporting the ClusterUpdate message.", "properties": { "podRangeNames": { "type": "array", "items": { "type": "string" }, "description": "Name for pod secondary ipv4 range which has the actual range defined ahead." } }, "type": "object" }, "google-native:container/v1:AdditionalPodRangesConfigResponse": { "description": "AdditionalPodRangesConfig is the configuration for additional pod secondary ranges supporting the ClusterUpdate message.", "properties": { "podRangeInfo": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1:RangeInfoResponse" }, "description": "[Output only] Information for additional pod range." }, "podRangeNames": { "type": "array", "items": { "type": "string" }, "description": "Name for pod secondary ipv4 range which has the actual range defined ahead." } }, "type": "object", "required": [ "podRangeInfo", "podRangeNames" ] }, "google-native:container/v1:AddonsConfig": { "description": "Configuration for the addons that can be automatically spun up in the cluster, enabling additional functionality.", "properties": { "cloudRunConfig": { "$ref": "#/types/google-native:container%2Fv1:CloudRunConfig", "description": "Configuration for the Cloud Run addon, which allows the user to use a managed Knative service." }, "configConnectorConfig": { "$ref": "#/types/google-native:container%2Fv1:ConfigConnectorConfig", "description": "Configuration for the ConfigConnector add-on, a Kubernetes extension to manage hosted GCP services through the Kubernetes API" }, "dnsCacheConfig": { "$ref": "#/types/google-native:container%2Fv1:DnsCacheConfig", "description": "Configuration for NodeLocalDNS, a dns cache running on cluster nodes" }, "gcePersistentDiskCsiDriverConfig": { "$ref": "#/types/google-native:container%2Fv1:GcePersistentDiskCsiDriverConfig", "description": "Configuration for the Compute Engine Persistent Disk CSI driver." }, "gcpFilestoreCsiDriverConfig": { "$ref": "#/types/google-native:container%2Fv1:GcpFilestoreCsiDriverConfig", "description": "Configuration for the GCP Filestore CSI driver." }, "gcsFuseCsiDriverConfig": { "$ref": "#/types/google-native:container%2Fv1:GcsFuseCsiDriverConfig", "description": "Configuration for the Cloud Storage Fuse CSI driver." }, "gkeBackupAgentConfig": { "$ref": "#/types/google-native:container%2Fv1:GkeBackupAgentConfig", "description": "Configuration for the Backup for GKE agent addon." }, "horizontalPodAutoscaling": { "$ref": "#/types/google-native:container%2Fv1:HorizontalPodAutoscaling", "description": "Configuration for the horizontal pod autoscaling feature, which increases or decreases the number of replica pods a replication controller has based on the resource usage of the existing pods." }, "httpLoadBalancing": { "$ref": "#/types/google-native:container%2Fv1:HttpLoadBalancing", "description": "Configuration for the HTTP (L7) load balancing controller addon, which makes it easy to set up HTTP load balancers for services in a cluster." }, "kubernetesDashboard": { "$ref": "#/types/google-native:container%2Fv1:KubernetesDashboard", "description": "Configuration for the Kubernetes Dashboard. This addon is deprecated, and will be disabled in 1.15. It is recommended to use the Cloud Console to manage and monitor your Kubernetes clusters, workloads and applications. For more information, see: https://cloud.google.com/kubernetes-engine/docs/concepts/dashboards" }, "networkPolicyConfig": { "$ref": "#/types/google-native:container%2Fv1:NetworkPolicyConfig", "description": "Configuration for NetworkPolicy. This only tracks whether the addon is enabled or not on the Master, it does not track whether network policy is enabled for the nodes." } }, "type": "object" }, "google-native:container/v1:AddonsConfigResponse": { "description": "Configuration for the addons that can be automatically spun up in the cluster, enabling additional functionality.", "properties": { "cloudRunConfig": { "$ref": "#/types/google-native:container%2Fv1:CloudRunConfigResponse", "description": "Configuration for the Cloud Run addon, which allows the user to use a managed Knative service." }, "configConnectorConfig": { "$ref": "#/types/google-native:container%2Fv1:ConfigConnectorConfigResponse", "description": "Configuration for the ConfigConnector add-on, a Kubernetes extension to manage hosted GCP services through the Kubernetes API" }, "dnsCacheConfig": { "$ref": "#/types/google-native:container%2Fv1:DnsCacheConfigResponse", "description": "Configuration for NodeLocalDNS, a dns cache running on cluster nodes" }, "gcePersistentDiskCsiDriverConfig": { "$ref": "#/types/google-native:container%2Fv1:GcePersistentDiskCsiDriverConfigResponse", "description": "Configuration for the Compute Engine Persistent Disk CSI driver." }, "gcpFilestoreCsiDriverConfig": { "$ref": "#/types/google-native:container%2Fv1:GcpFilestoreCsiDriverConfigResponse", "description": "Configuration for the GCP Filestore CSI driver." }, "gcsFuseCsiDriverConfig": { "$ref": "#/types/google-native:container%2Fv1:GcsFuseCsiDriverConfigResponse", "description": "Configuration for the Cloud Storage Fuse CSI driver." }, "gkeBackupAgentConfig": { "$ref": "#/types/google-native:container%2Fv1:GkeBackupAgentConfigResponse", "description": "Configuration for the Backup for GKE agent addon." }, "horizontalPodAutoscaling": { "$ref": "#/types/google-native:container%2Fv1:HorizontalPodAutoscalingResponse", "description": "Configuration for the horizontal pod autoscaling feature, which increases or decreases the number of replica pods a replication controller has based on the resource usage of the existing pods." }, "httpLoadBalancing": { "$ref": "#/types/google-native:container%2Fv1:HttpLoadBalancingResponse", "description": "Configuration for the HTTP (L7) load balancing controller addon, which makes it easy to set up HTTP load balancers for services in a cluster." }, "kubernetesDashboard": { "$ref": "#/types/google-native:container%2Fv1:KubernetesDashboardResponse", "description": "Configuration for the Kubernetes Dashboard. This addon is deprecated, and will be disabled in 1.15. It is recommended to use the Cloud Console to manage and monitor your Kubernetes clusters, workloads and applications. For more information, see: https://cloud.google.com/kubernetes-engine/docs/concepts/dashboards" }, "networkPolicyConfig": { "$ref": "#/types/google-native:container%2Fv1:NetworkPolicyConfigResponse", "description": "Configuration for NetworkPolicy. This only tracks whether the addon is enabled or not on the Master, it does not track whether network policy is enabled for the nodes." } }, "type": "object", "required": [ "cloudRunConfig", "configConnectorConfig", "dnsCacheConfig", "gcePersistentDiskCsiDriverConfig", "gcpFilestoreCsiDriverConfig", "gcsFuseCsiDriverConfig", "gkeBackupAgentConfig", "horizontalPodAutoscaling", "httpLoadBalancing", "kubernetesDashboard", "networkPolicyConfig" ] }, "google-native:container/v1:AdvancedDatapathObservabilityConfig": { "description": "AdvancedDatapathObservabilityConfig specifies configuration of observability features of advanced datapath.", "properties": { "enableMetrics": { "type": "boolean", "description": "Expose flow metrics on nodes" }, "relayMode": { "$ref": "#/types/google-native:container%2Fv1:AdvancedDatapathObservabilityConfigRelayMode", "description": "Method used to make Relay available" } }, "type": "object" }, "google-native:container/v1:AdvancedDatapathObservabilityConfigRelayMode": { "description": "Method used to make Relay available", "type": "string", "enum": [ { "name": "RelayModeUnspecified", "description": "Default value. This shouldn't be used.", "value": "RELAY_MODE_UNSPECIFIED" }, { "name": "Disabled", "description": "disabled", "value": "DISABLED" }, { "name": "InternalVpcLb", "description": "exposed via internal load balancer", "value": "INTERNAL_VPC_LB" }, { "name": "ExternalLb", "description": "exposed via external load balancer", "value": "EXTERNAL_LB" } ] }, "google-native:container/v1:AdvancedDatapathObservabilityConfigResponse": { "description": "AdvancedDatapathObservabilityConfig specifies configuration of observability features of advanced datapath.", "properties": { "enableMetrics": { "type": "boolean", "description": "Expose flow metrics on nodes" }, "relayMode": { "type": "string", "description": "Method used to make Relay available" } }, "type": "object", "required": [ "enableMetrics", "relayMode" ] }, "google-native:container/v1:AdvancedMachineFeatures": { "description": "Specifies options for controlling advanced machine features.", "properties": { "threadsPerCore": { "type": "string", "description": "The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed." } }, "type": "object" }, "google-native:container/v1:AdvancedMachineFeaturesResponse": { "description": "Specifies options for controlling advanced machine features.", "properties": { "threadsPerCore": { "type": "string", "description": "The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed." } }, "type": "object", "required": [ "threadsPerCore" ] }, "google-native:container/v1:AuthenticatorGroupsConfig": { "description": "Configuration for returning group information from authenticators.", "properties": { "enabled": { "type": "boolean", "description": "Whether this cluster should return group membership lookups during authentication using a group of security groups." }, "securityGroup": { "type": "string", "description": "The name of the security group-of-groups to be used. Only relevant if enabled = true." } }, "type": "object" }, "google-native:container/v1:AuthenticatorGroupsConfigResponse": { "description": "Configuration for returning group information from authenticators.", "properties": { "enabled": { "type": "boolean", "description": "Whether this cluster should return group membership lookups during authentication using a group of security groups." }, "securityGroup": { "type": "string", "description": "The name of the security group-of-groups to be used. Only relevant if enabled = true." } }, "type": "object", "required": [ "enabled", "securityGroup" ] }, "google-native:container/v1:AutoUpgradeOptions": { "description": "AutoUpgradeOptions defines the set of options for the user to control how the Auto Upgrades will proceed.", "type": "object" }, "google-native:container/v1:AutoUpgradeOptionsResponse": { "description": "AutoUpgradeOptions defines the set of options for the user to control how the Auto Upgrades will proceed.", "properties": { "autoUpgradeStartTime": { "type": "string", "description": "[Output only] This field is set when upgrades are about to commence with the approximate start time for the upgrades, in [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format." }, "description": { "type": "string", "description": "[Output only] This field is set when upgrades are about to commence with the description of the upgrade." } }, "type": "object", "required": [ "autoUpgradeStartTime", "description" ] }, "google-native:container/v1:Autopilot": { "description": "Autopilot is the configuration for Autopilot settings on the cluster.", "properties": { "enabled": { "type": "boolean", "description": "Enable Autopilot" }, "workloadPolicyConfig": { "$ref": "#/types/google-native:container%2Fv1:WorkloadPolicyConfig", "description": "Workload policy configuration for Autopilot." } }, "type": "object" }, "google-native:container/v1:AutopilotResponse": { "description": "Autopilot is the configuration for Autopilot settings on the cluster.", "properties": { "enabled": { "type": "boolean", "description": "Enable Autopilot" }, "workloadPolicyConfig": { "$ref": "#/types/google-native:container%2Fv1:WorkloadPolicyConfigResponse", "description": "Workload policy configuration for Autopilot." } }, "type": "object", "required": [ "enabled", "workloadPolicyConfig" ] }, "google-native:container/v1:AutoprovisioningNodePoolDefaults": { "description": "AutoprovisioningNodePoolDefaults contains defaults for a node pool created by NAP.", "properties": { "bootDiskKmsKey": { "type": "string", "description": "The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption" }, "diskSizeGb": { "type": "integer", "description": "Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. If unspecified, the default disk size is 100GB." }, "diskType": { "type": "string", "description": "Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced') If unspecified, the default disk type is 'pd-standard'" }, "imageType": { "type": "string", "description": "The image type to use for NAP created node. Please see https://cloud.google.com/kubernetes-engine/docs/concepts/node-images for available image types." }, "insecureKubeletReadonlyPortEnabled": { "type": "boolean", "description": "Enable or disable Kubelet read only port." }, "management": { "$ref": "#/types/google-native:container%2Fv1:NodeManagement", "description": "Specifies the node management options for NAP created node-pools." }, "minCpuPlatform": { "type": "string", "description": "Deprecated. Minimum CPU platform to be used for NAP created node pools. The instance may be scheduled on the specified or newer CPU platform. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: Intel Haswell or minCpuPlatform: Intel Sandy Bridge. For more information, read [how to specify min CPU platform](https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform). This field is deprecated, min_cpu_platform should be specified using `cloud.google.com/requested-min-cpu-platform` label selector on the pod. To unset the min cpu platform field pass \"automatic\" as field value.", "deprecationMessage": "Deprecated. Minimum CPU platform to be used for NAP created node pools. The instance may be scheduled on the specified or newer CPU platform. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: Intel Haswell or minCpuPlatform: Intel Sandy Bridge. For more information, read [how to specify min CPU platform](https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform). This field is deprecated, min_cpu_platform should be specified using `cloud.google.com/requested-min-cpu-platform` label selector on the pod. To unset the min cpu platform field pass \"automatic\" as field value." }, "oauthScopes": { "type": "array", "items": { "type": "string" }, "description": "Scopes that are used by NAP when creating node pools." }, "serviceAccount": { "type": "string", "description": "The Google Cloud Platform Service Account to be used by the node VMs." }, "shieldedInstanceConfig": { "$ref": "#/types/google-native:container%2Fv1:ShieldedInstanceConfig", "description": "Shielded Instance options." }, "upgradeSettings": { "$ref": "#/types/google-native:container%2Fv1:UpgradeSettings", "description": "Specifies the upgrade settings for NAP created node pools" } }, "type": "object" }, "google-native:container/v1:AutoprovisioningNodePoolDefaultsResponse": { "description": "AutoprovisioningNodePoolDefaults contains defaults for a node pool created by NAP.", "properties": { "bootDiskKmsKey": { "type": "string", "description": "The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption" }, "diskSizeGb": { "type": "integer", "description": "Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. If unspecified, the default disk size is 100GB." }, "diskType": { "type": "string", "description": "Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced') If unspecified, the default disk type is 'pd-standard'" }, "imageType": { "type": "string", "description": "The image type to use for NAP created node. Please see https://cloud.google.com/kubernetes-engine/docs/concepts/node-images for available image types." }, "insecureKubeletReadonlyPortEnabled": { "type": "boolean", "description": "Enable or disable Kubelet read only port." }, "management": { "$ref": "#/types/google-native:container%2Fv1:NodeManagementResponse", "description": "Specifies the node management options for NAP created node-pools." }, "minCpuPlatform": { "type": "string", "description": "Deprecated. Minimum CPU platform to be used for NAP created node pools. The instance may be scheduled on the specified or newer CPU platform. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: Intel Haswell or minCpuPlatform: Intel Sandy Bridge. For more information, read [how to specify min CPU platform](https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform). This field is deprecated, min_cpu_platform should be specified using `cloud.google.com/requested-min-cpu-platform` label selector on the pod. To unset the min cpu platform field pass \"automatic\" as field value.", "deprecationMessage": "Deprecated. Minimum CPU platform to be used for NAP created node pools. The instance may be scheduled on the specified or newer CPU platform. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: Intel Haswell or minCpuPlatform: Intel Sandy Bridge. For more information, read [how to specify min CPU platform](https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform). This field is deprecated, min_cpu_platform should be specified using `cloud.google.com/requested-min-cpu-platform` label selector on the pod. To unset the min cpu platform field pass \"automatic\" as field value." }, "oauthScopes": { "type": "array", "items": { "type": "string" }, "description": "Scopes that are used by NAP when creating node pools." }, "serviceAccount": { "type": "string", "description": "The Google Cloud Platform Service Account to be used by the node VMs." }, "shieldedInstanceConfig": { "$ref": "#/types/google-native:container%2Fv1:ShieldedInstanceConfigResponse", "description": "Shielded Instance options." }, "upgradeSettings": { "$ref": "#/types/google-native:container%2Fv1:UpgradeSettingsResponse", "description": "Specifies the upgrade settings for NAP created node pools" } }, "type": "object", "required": [ "bootDiskKmsKey", "diskSizeGb", "diskType", "imageType", "insecureKubeletReadonlyPortEnabled", "management", "minCpuPlatform", "oauthScopes", "serviceAccount", "shieldedInstanceConfig", "upgradeSettings" ] }, "google-native:container/v1:BestEffortProvisioning": { "description": "Best effort provisioning.", "properties": { "enabled": { "type": "boolean", "description": "When this is enabled, cluster/node pool creations will ignore non-fatal errors like stockout to best provision as many nodes as possible right now and eventually bring up all target number of nodes" }, "minProvisionNodes": { "type": "integer", "description": "Minimum number of nodes to be provisioned to be considered as succeeded, and the rest of nodes will be provisioned gradually and eventually when stockout issue has been resolved." } }, "type": "object" }, "google-native:container/v1:BestEffortProvisioningResponse": { "description": "Best effort provisioning.", "properties": { "enabled": { "type": "boolean", "description": "When this is enabled, cluster/node pool creations will ignore non-fatal errors like stockout to best provision as many nodes as possible right now and eventually bring up all target number of nodes" }, "minProvisionNodes": { "type": "integer", "description": "Minimum number of nodes to be provisioned to be considered as succeeded, and the rest of nodes will be provisioned gradually and eventually when stockout issue has been resolved." } }, "type": "object", "required": [ "enabled", "minProvisionNodes" ] }, "google-native:container/v1:BigQueryDestination": { "description": "Parameters for using BigQuery as the destination of resource usage export.", "properties": { "datasetId": { "type": "string", "description": "The ID of a BigQuery Dataset." } }, "type": "object" }, "google-native:container/v1:BigQueryDestinationResponse": { "description": "Parameters for using BigQuery as the destination of resource usage export.", "properties": { "datasetId": { "type": "string", "description": "The ID of a BigQuery Dataset." } }, "type": "object", "required": [ "datasetId" ] }, "google-native:container/v1:BinaryAuthorization": { "description": "Configuration for Binary Authorization.", "properties": { "enabled": { "type": "boolean", "description": "This field is deprecated. Leave this unset and instead configure BinaryAuthorization using evaluation_mode. If evaluation_mode is set to anything other than EVALUATION_MODE_UNSPECIFIED, this field is ignored.", "deprecationMessage": "This field is deprecated. Leave this unset and instead configure BinaryAuthorization using evaluation_mode. If evaluation_mode is set to anything other than EVALUATION_MODE_UNSPECIFIED, this field is ignored." }, "evaluationMode": { "$ref": "#/types/google-native:container%2Fv1:BinaryAuthorizationEvaluationMode", "description": "Mode of operation for binauthz policy evaluation. If unspecified, defaults to DISABLED." } }, "type": "object" }, "google-native:container/v1:BinaryAuthorizationEvaluationMode": { "description": "Mode of operation for binauthz policy evaluation. If unspecified, defaults to DISABLED.", "type": "string", "enum": [ { "name": "EvaluationModeUnspecified", "description": "Default value", "value": "EVALUATION_MODE_UNSPECIFIED" }, { "name": "Disabled", "description": "Disable BinaryAuthorization", "value": "DISABLED" }, { "name": "ProjectSingletonPolicyEnforce", "description": "Enforce Kubernetes admission requests with BinaryAuthorization using the project's singleton policy. This is equivalent to setting the enabled boolean to true.", "value": "PROJECT_SINGLETON_POLICY_ENFORCE" } ] }, "google-native:container/v1:BinaryAuthorizationResponse": { "description": "Configuration for Binary Authorization.", "properties": { "enabled": { "type": "boolean", "description": "This field is deprecated. Leave this unset and instead configure BinaryAuthorization using evaluation_mode. If evaluation_mode is set to anything other than EVALUATION_MODE_UNSPECIFIED, this field is ignored.", "deprecationMessage": "This field is deprecated. Leave this unset and instead configure BinaryAuthorization using evaluation_mode. If evaluation_mode is set to anything other than EVALUATION_MODE_UNSPECIFIED, this field is ignored." }, "evaluationMode": { "type": "string", "description": "Mode of operation for binauthz policy evaluation. If unspecified, defaults to DISABLED." } }, "type": "object", "required": [ "enabled", "evaluationMode" ] }, "google-native:container/v1:BlueGreenInfoResponse": { "description": "Information relevant to blue-green upgrade.", "properties": { "blueInstanceGroupUrls": { "type": "array", "items": { "type": "string" }, "description": "The resource URLs of the [managed instance groups] (/compute/docs/instance-groups/creating-groups-of-managed-instances) associated with blue pool." }, "bluePoolDeletionStartTime": { "type": "string", "description": "Time to start deleting blue pool to complete blue-green upgrade, in [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format." }, "greenInstanceGroupUrls": { "type": "array", "items": { "type": "string" }, "description": "The resource URLs of the [managed instance groups] (/compute/docs/instance-groups/creating-groups-of-managed-instances) associated with green pool." }, "greenPoolVersion": { "type": "string", "description": "Version of green pool." }, "phase": { "type": "string", "description": "Current blue-green upgrade phase." } }, "type": "object", "required": [ "blueInstanceGroupUrls", "bluePoolDeletionStartTime", "greenInstanceGroupUrls", "greenPoolVersion", "phase" ] }, "google-native:container/v1:BlueGreenSettings": { "description": "Settings for blue-green upgrade.", "properties": { "nodePoolSoakDuration": { "type": "string", "description": "Time needed after draining entire blue pool. After this period, blue pool will be cleaned up." }, "standardRolloutPolicy": { "$ref": "#/types/google-native:container%2Fv1:StandardRolloutPolicy", "description": "Standard policy for the blue-green upgrade." } }, "type": "object" }, "google-native:container/v1:BlueGreenSettingsResponse": { "description": "Settings for blue-green upgrade.", "properties": { "nodePoolSoakDuration": { "type": "string", "description": "Time needed after draining entire blue pool. After this period, blue pool will be cleaned up." }, "standardRolloutPolicy": { "$ref": "#/types/google-native:container%2Fv1:StandardRolloutPolicyResponse", "description": "Standard policy for the blue-green upgrade." } }, "type": "object", "required": [ "nodePoolSoakDuration", "standardRolloutPolicy" ] }, "google-native:container/v1:CidrBlock": { "description": "CidrBlock contains an optional name and one CIDR block.", "properties": { "cidrBlock": { "type": "string", "description": "cidr_block must be specified in CIDR notation." }, "displayName": { "type": "string", "description": "display_name is an optional field for users to identify CIDR blocks." } }, "type": "object" }, "google-native:container/v1:CidrBlockResponse": { "description": "CidrBlock contains an optional name and one CIDR block.", "properties": { "cidrBlock": { "type": "string", "description": "cidr_block must be specified in CIDR notation." }, "displayName": { "type": "string", "description": "display_name is an optional field for users to identify CIDR blocks." } }, "type": "object", "required": [ "cidrBlock", "displayName" ] }, "google-native:container/v1:ClientCertificateConfig": { "description": "Configuration for client certificates on the cluster.", "properties": { "issueClientCertificate": { "type": "boolean", "description": "Issue a client certificate." } }, "type": "object" }, "google-native:container/v1:ClientCertificateConfigResponse": { "description": "Configuration for client certificates on the cluster.", "properties": { "issueClientCertificate": { "type": "boolean", "description": "Issue a client certificate." } }, "type": "object", "required": [ "issueClientCertificate" ] }, "google-native:container/v1:CloudRunConfig": { "description": "Configuration options for the Cloud Run feature.", "properties": { "disabled": { "type": "boolean", "description": "Whether Cloud Run addon is enabled for this cluster." }, "loadBalancerType": { "$ref": "#/types/google-native:container%2Fv1:CloudRunConfigLoadBalancerType", "description": "Which load balancer type is installed for Cloud Run." } }, "type": "object" }, "google-native:container/v1:CloudRunConfigLoadBalancerType": { "description": "Which load balancer type is installed for Cloud Run.", "type": "string", "enum": [ { "name": "LoadBalancerTypeUnspecified", "description": "Load balancer type for Cloud Run is unspecified.", "value": "LOAD_BALANCER_TYPE_UNSPECIFIED" }, { "name": "LoadBalancerTypeExternal", "description": "Install external load balancer for Cloud Run.", "value": "LOAD_BALANCER_TYPE_EXTERNAL" }, { "name": "LoadBalancerTypeInternal", "description": "Install internal load balancer for Cloud Run.", "value": "LOAD_BALANCER_TYPE_INTERNAL" } ] }, "google-native:container/v1:CloudRunConfigResponse": { "description": "Configuration options for the Cloud Run feature.", "properties": { "disabled": { "type": "boolean", "description": "Whether Cloud Run addon is enabled for this cluster." }, "loadBalancerType": { "type": "string", "description": "Which load balancer type is installed for Cloud Run." } }, "type": "object", "required": [ "disabled", "loadBalancerType" ] }, "google-native:container/v1:ClusterAutoscaling": { "description": "ClusterAutoscaling contains global, per-cluster information required by Cluster Autoscaler to automatically adjust the size of the cluster and create/delete node pools based on the current needs.", "properties": { "autoprovisioningLocations": { "type": "array", "items": { "type": "string" }, "description": "The list of Google Compute Engine [zones](https://cloud.google.com/compute/docs/zones#available) in which the NodePool's nodes can be created by NAP." }, "autoprovisioningNodePoolDefaults": { "$ref": "#/types/google-native:container%2Fv1:AutoprovisioningNodePoolDefaults", "description": "AutoprovisioningNodePoolDefaults contains defaults for a node pool created by NAP." }, "autoscalingProfile": { "$ref": "#/types/google-native:container%2Fv1:ClusterAutoscalingAutoscalingProfile", "description": "Defines autoscaling behaviour." }, "enableNodeAutoprovisioning": { "type": "boolean", "description": "Enables automatic node pool creation and deletion." }, "resourceLimits": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1:ResourceLimit" }, "description": "Contains global constraints regarding minimum and maximum amount of resources in the cluster." } }, "type": "object" }, "google-native:container/v1:ClusterAutoscalingAutoscalingProfile": { "description": "Defines autoscaling behaviour.", "type": "string", "enum": [ { "name": "ProfileUnspecified", "description": "No change to autoscaling configuration.", "value": "PROFILE_UNSPECIFIED" }, { "name": "OptimizeUtilization", "description": "Prioritize optimizing utilization of resources.", "value": "OPTIMIZE_UTILIZATION" }, { "name": "Balanced", "description": "Use default (balanced) autoscaling configuration.", "value": "BALANCED" } ] }, "google-native:container/v1:ClusterAutoscalingResponse": { "description": "ClusterAutoscaling contains global, per-cluster information required by Cluster Autoscaler to automatically adjust the size of the cluster and create/delete node pools based on the current needs.", "properties": { "autoprovisioningLocations": { "type": "array", "items": { "type": "string" }, "description": "The list of Google Compute Engine [zones](https://cloud.google.com/compute/docs/zones#available) in which the NodePool's nodes can be created by NAP." }, "autoprovisioningNodePoolDefaults": { "$ref": "#/types/google-native:container%2Fv1:AutoprovisioningNodePoolDefaultsResponse", "description": "AutoprovisioningNodePoolDefaults contains defaults for a node pool created by NAP." }, "autoscalingProfile": { "type": "string", "description": "Defines autoscaling behaviour." }, "enableNodeAutoprovisioning": { "type": "boolean", "description": "Enables automatic node pool creation and deletion." }, "resourceLimits": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1:ResourceLimitResponse" }, "description": "Contains global constraints regarding minimum and maximum amount of resources in the cluster." } }, "type": "object", "required": [ "autoprovisioningLocations", "autoprovisioningNodePoolDefaults", "autoscalingProfile", "enableNodeAutoprovisioning", "resourceLimits" ] }, "google-native:container/v1:ClusterNetworkPerformanceConfig": { "description": "Configuration of network bandwidth tiers", "properties": { "totalEgressBandwidthTier": { "$ref": "#/types/google-native:container%2Fv1:ClusterNetworkPerformanceConfigTotalEgressBandwidthTier", "description": "Specifies the total network bandwidth tier for NodePools in the cluster." } }, "type": "object" }, "google-native:container/v1:ClusterNetworkPerformanceConfigResponse": { "description": "Configuration of network bandwidth tiers", "properties": { "totalEgressBandwidthTier": { "type": "string", "description": "Specifies the total network bandwidth tier for NodePools in the cluster." } }, "type": "object", "required": [ "totalEgressBandwidthTier" ] }, "google-native:container/v1:ClusterNetworkPerformanceConfigTotalEgressBandwidthTier": { "description": "Specifies the total network bandwidth tier for NodePools in the cluster.", "type": "string", "enum": [ { "name": "TierUnspecified", "description": "Default value", "value": "TIER_UNSPECIFIED" }, { "name": "Tier1", "description": "Higher bandwidth, actual values based on VM size.", "value": "TIER_1" } ] }, "google-native:container/v1:ClusterUpdate": { "description": "ClusterUpdate describes an update to the cluster. Exactly one update can be applied to a cluster with each request, so at most one field can be provided.", "properties": { "additionalPodRangesConfig": { "$ref": "#/types/google-native:container%2Fv1:AdditionalPodRangesConfig", "description": "The additional pod ranges to be added to the cluster. These pod ranges can be used by node pools to allocate pod IPs." }, "desiredAddonsConfig": { "$ref": "#/types/google-native:container%2Fv1:AddonsConfig", "description": "Configurations for the various addons available to run in the cluster." }, "desiredAuthenticatorGroupsConfig": { "$ref": "#/types/google-native:container%2Fv1:AuthenticatorGroupsConfig", "description": "The desired authenticator groups config for the cluster." }, "desiredAutopilotWorkloadPolicyConfig": { "$ref": "#/types/google-native:container%2Fv1:WorkloadPolicyConfig", "description": "The desired workload policy configuration for the autopilot cluster." }, "desiredBinaryAuthorization": { "$ref": "#/types/google-native:container%2Fv1:BinaryAuthorization", "description": "The desired configuration options for the Binary Authorization feature." }, "desiredClusterAutoscaling": { "$ref": "#/types/google-native:container%2Fv1:ClusterAutoscaling", "description": "Cluster-level autoscaling configuration." }, "desiredCostManagementConfig": { "$ref": "#/types/google-native:container%2Fv1:CostManagementConfig", "description": "The desired configuration for the fine-grained cost management feature." }, "desiredDatabaseEncryption": { "$ref": "#/types/google-native:container%2Fv1:DatabaseEncryption", "description": "Configuration of etcd encryption." }, "desiredDatapathProvider": { "$ref": "#/types/google-native:container%2Fv1:ClusterUpdateDesiredDatapathProvider", "description": "The desired datapath provider for the cluster." }, "desiredDefaultSnatStatus": { "$ref": "#/types/google-native:container%2Fv1:DefaultSnatStatus", "description": "The desired status of whether to disable default sNAT for this cluster." }, "desiredDnsConfig": { "$ref": "#/types/google-native:container%2Fv1:DNSConfig", "description": "DNSConfig contains clusterDNS config for this cluster." }, "desiredEnableFqdnNetworkPolicy": { "type": "boolean", "description": "Enable/Disable FQDN Network Policy for the cluster." }, "desiredEnablePrivateEndpoint": { "type": "boolean", "description": "Enable/Disable private endpoint for the cluster's master." }, "desiredFleet": { "$ref": "#/types/google-native:container%2Fv1:Fleet", "description": "The desired fleet configuration for the cluster." }, "desiredGatewayApiConfig": { "$ref": "#/types/google-native:container%2Fv1:GatewayAPIConfig", "description": "The desired config of Gateway API on this cluster." }, "desiredGcfsConfig": { "$ref": "#/types/google-native:container%2Fv1:GcfsConfig", "description": "The desired GCFS config for the cluster" }, "desiredIdentityServiceConfig": { "$ref": "#/types/google-native:container%2Fv1:IdentityServiceConfig", "description": "The desired Identity Service component configuration." }, "desiredImageType": { "type": "string", "description": "The desired image type for the node pool. NOTE: Set the \"desired_node_pool\" field as well." }, "desiredIntraNodeVisibilityConfig": { "$ref": "#/types/google-native:container%2Fv1:IntraNodeVisibilityConfig", "description": "The desired config of Intra-node visibility." }, "desiredK8sBetaApis": { "$ref": "#/types/google-native:container%2Fv1:K8sBetaAPIConfig", "description": "Desired Beta APIs to be enabled for cluster." }, "desiredL4ilbSubsettingConfig": { "$ref": "#/types/google-native:container%2Fv1:ILBSubsettingConfig", "description": "The desired L4 Internal Load Balancer Subsetting configuration." }, "desiredLocations": { "type": "array", "items": { "type": "string" }, "description": "The desired list of Google Compute Engine [zones](https://cloud.google.com/compute/docs/zones#available) in which the cluster's nodes should be located. This list must always include the cluster's primary zone. Warning: changing cluster locations will update the locations of all node pools and will result in nodes being added and/or removed." }, "desiredLoggingConfig": { "$ref": "#/types/google-native:container%2Fv1:LoggingConfig", "description": "The desired logging configuration." }, "desiredLoggingService": { "type": "string", "description": "The logging service the cluster should use to write logs. Currently available options: * `logging.googleapis.com/kubernetes` - The Cloud Logging service with a Kubernetes-native resource model * `logging.googleapis.com` - The legacy Cloud Logging service (no longer available as of GKE 1.15). * `none` - no logs will be exported from the cluster. If left as an empty string,`logging.googleapis.com/kubernetes` will be used for GKE 1.14+ or `logging.googleapis.com` for earlier versions." }, "desiredMasterAuthorizedNetworksConfig": { "$ref": "#/types/google-native:container%2Fv1:MasterAuthorizedNetworksConfig", "description": "The desired configuration options for master authorized networks feature." }, "desiredMasterVersion": { "type": "string", "description": "The Kubernetes version to change the master to. Users may specify either explicit versions offered by Kubernetes Engine or version aliases, which have the following behavior: - \"latest\": picks the highest valid Kubernetes version - \"1.X\": picks the highest valid patch+gke.N patch in the 1.X version - \"1.X.Y\": picks the highest valid gke.N patch in the 1.X.Y version - \"1.X.Y-gke.N\": picks an explicit Kubernetes version - \"-\": picks the default Kubernetes version" }, "desiredMeshCertificates": { "$ref": "#/types/google-native:container%2Fv1:MeshCertificates", "description": "Configuration for issuance of mTLS keys and certificates to Kubernetes pods." }, "desiredMonitoringConfig": { "$ref": "#/types/google-native:container%2Fv1:MonitoringConfig", "description": "The desired monitoring configuration." }, "desiredMonitoringService": { "type": "string", "description": "The monitoring service the cluster should use to write metrics. Currently available options: * \"monitoring.googleapis.com/kubernetes\" - The Cloud Monitoring service with a Kubernetes-native resource model * `monitoring.googleapis.com` - The legacy Cloud Monitoring service (no longer available as of GKE 1.15). * `none` - No metrics will be exported from the cluster. If left as an empty string,`monitoring.googleapis.com/kubernetes` will be used for GKE 1.14+ or `monitoring.googleapis.com` for earlier versions." }, "desiredNetworkPerformanceConfig": { "$ref": "#/types/google-native:container%2Fv1:ClusterNetworkPerformanceConfig", "description": "The desired network performance config." }, "desiredNodePoolAutoConfigNetworkTags": { "$ref": "#/types/google-native:container%2Fv1:NetworkTags", "description": "The desired network tags that apply to all auto-provisioned node pools in autopilot clusters and node auto-provisioning enabled clusters." }, "desiredNodePoolAutoConfigResourceManagerTags": { "$ref": "#/types/google-native:container%2Fv1:ResourceManagerTags", "description": "The desired resource manager tags that apply to all auto-provisioned node pools in autopilot clusters and node auto-provisioning enabled clusters." }, "desiredNodePoolAutoscaling": { "$ref": "#/types/google-native:container%2Fv1:NodePoolAutoscaling", "description": "Autoscaler configuration for the node pool specified in desired_node_pool_id. If there is only one pool in the cluster and desired_node_pool_id is not provided then the change applies to that single node pool." }, "desiredNodePoolId": { "type": "string", "description": "The node pool to be upgraded. This field is mandatory if \"desired_node_version\", \"desired_image_family\" or \"desired_node_pool_autoscaling\" is specified and there is more than one node pool on the cluster." }, "desiredNodePoolLoggingConfig": { "$ref": "#/types/google-native:container%2Fv1:NodePoolLoggingConfig", "description": "The desired node pool logging configuration defaults for the cluster." }, "desiredNodeVersion": { "type": "string", "description": "The Kubernetes version to change the nodes to (typically an upgrade). Users may specify either explicit versions offered by Kubernetes Engine or version aliases, which have the following behavior: - \"latest\": picks the highest valid Kubernetes version - \"1.X\": picks the highest valid patch+gke.N patch in the 1.X version - \"1.X.Y\": picks the highest valid gke.N patch in the 1.X.Y version - \"1.X.Y-gke.N\": picks an explicit Kubernetes version - \"-\": picks the Kubernetes master version" }, "desiredNotificationConfig": { "$ref": "#/types/google-native:container%2Fv1:NotificationConfig", "description": "The desired notification configuration." }, "desiredParentProductConfig": { "$ref": "#/types/google-native:container%2Fv1:ParentProductConfig", "description": "The desired parent product config for the cluster." }, "desiredPrivateClusterConfig": { "$ref": "#/types/google-native:container%2Fv1:PrivateClusterConfig", "description": "The desired private cluster configuration." }, "desiredPrivateIpv6GoogleAccess": { "$ref": "#/types/google-native:container%2Fv1:ClusterUpdateDesiredPrivateIpv6GoogleAccess", "description": "The desired state of IPv6 connectivity to Google Services." }, "desiredReleaseChannel": { "$ref": "#/types/google-native:container%2Fv1:ReleaseChannel", "description": "The desired release channel configuration." }, "desiredResourceUsageExportConfig": { "$ref": "#/types/google-native:container%2Fv1:ResourceUsageExportConfig", "description": "The desired configuration for exporting resource usage." }, "desiredSecurityPostureConfig": { "$ref": "#/types/google-native:container%2Fv1:SecurityPostureConfig", "description": "Enable/Disable Security Posture API features for the cluster." }, "desiredServiceExternalIpsConfig": { "$ref": "#/types/google-native:container%2Fv1:ServiceExternalIPsConfig", "description": "ServiceExternalIPsConfig specifies the config for the use of Services with ExternalIPs field." }, "desiredShieldedNodes": { "$ref": "#/types/google-native:container%2Fv1:ShieldedNodes", "description": "Configuration for Shielded Nodes." }, "desiredStackType": { "$ref": "#/types/google-native:container%2Fv1:ClusterUpdateDesiredStackType", "description": "The desired stack type of the cluster. If a stack type is provided and does not match the current stack type of the cluster, update will attempt to change the stack type to the new type." }, "desiredVerticalPodAutoscaling": { "$ref": "#/types/google-native:container%2Fv1:VerticalPodAutoscaling", "description": "Cluster-level Vertical Pod Autoscaling configuration." }, "desiredWorkloadIdentityConfig": { "$ref": "#/types/google-native:container%2Fv1:WorkloadIdentityConfig", "description": "Configuration for Workload Identity." }, "enableK8sBetaApis": { "$ref": "#/types/google-native:container%2Fv1:K8sBetaAPIConfig", "description": "Kubernetes open source beta apis enabled on the cluster. Only beta apis" }, "etag": { "type": "string", "description": "The current etag of the cluster. If an etag is provided and does not match the current etag of the cluster, update will be blocked and an ABORTED error will be returned." }, "removedAdditionalPodRangesConfig": { "$ref": "#/types/google-native:container%2Fv1:AdditionalPodRangesConfig", "description": "The additional pod ranges that are to be removed from the cluster. The pod ranges specified here must have been specified earlier in the 'additional_pod_ranges_config' argument." } }, "type": "object" }, "google-native:container/v1:ClusterUpdateDesiredDatapathProvider": { "description": "The desired datapath provider for the cluster.", "type": "string", "enum": [ { "name": "DatapathProviderUnspecified", "description": "Default value.", "value": "DATAPATH_PROVIDER_UNSPECIFIED" }, { "name": "LegacyDatapath", "description": "Use the IPTables implementation based on kube-proxy.", "value": "LEGACY_DATAPATH" }, { "name": "AdvancedDatapath", "description": "Use the eBPF based GKE Dataplane V2 with additional features. See the [GKE Dataplane V2 documentation](https://cloud.google.com/kubernetes-engine/docs/how-to/dataplane-v2) for more.", "value": "ADVANCED_DATAPATH" } ] }, "google-native:container/v1:ClusterUpdateDesiredPrivateIpv6GoogleAccess": { "description": "The desired state of IPv6 connectivity to Google Services.", "type": "string", "enum": [ { "name": "PrivateIpv6GoogleAccessUnspecified", "description": "Default value. Same as DISABLED", "value": "PRIVATE_IPV6_GOOGLE_ACCESS_UNSPECIFIED" }, { "name": "PrivateIpv6GoogleAccessDisabled", "description": "No private access to or from Google Services", "value": "PRIVATE_IPV6_GOOGLE_ACCESS_DISABLED" }, { "name": "PrivateIpv6GoogleAccessToGoogle", "description": "Enables private IPv6 access to Google Services from GKE", "value": "PRIVATE_IPV6_GOOGLE_ACCESS_TO_GOOGLE" }, { "name": "PrivateIpv6GoogleAccessBidirectional", "description": "Enables private IPv6 access to and from Google Services", "value": "PRIVATE_IPV6_GOOGLE_ACCESS_BIDIRECTIONAL" } ] }, "google-native:container/v1:ClusterUpdateDesiredStackType": { "description": "The desired stack type of the cluster. If a stack type is provided and does not match the current stack type of the cluster, update will attempt to change the stack type to the new type.", "type": "string", "enum": [ { "name": "StackTypeUnspecified", "description": "Default value, will be defaulted as IPV4 only", "value": "STACK_TYPE_UNSPECIFIED" }, { "name": "Ipv4", "description": "Cluster is IPV4 only", "value": "IPV4" }, { "name": "Ipv4Ipv6", "description": "Cluster can use both IPv4 and IPv6", "value": "IPV4_IPV6" } ] }, "google-native:container/v1:ConfidentialNodes": { "description": "ConfidentialNodes is configuration for the confidential nodes feature, which makes nodes run on confidential VMs.", "properties": { "enabled": { "type": "boolean", "description": "Whether Confidential Nodes feature is enabled." } }, "type": "object" }, "google-native:container/v1:ConfidentialNodesResponse": { "description": "ConfidentialNodes is configuration for the confidential nodes feature, which makes nodes run on confidential VMs.", "properties": { "enabled": { "type": "boolean", "description": "Whether Confidential Nodes feature is enabled." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1:ConfigConnectorConfig": { "description": "Configuration options for the Config Connector add-on.", "properties": { "enabled": { "type": "boolean", "description": "Whether Cloud Connector is enabled for this cluster." } }, "type": "object" }, "google-native:container/v1:ConfigConnectorConfigResponse": { "description": "Configuration options for the Config Connector add-on.", "properties": { "enabled": { "type": "boolean", "description": "Whether Cloud Connector is enabled for this cluster." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1:ConsumptionMeteringConfig": { "description": "Parameters for controlling consumption metering.", "properties": { "enabled": { "type": "boolean", "description": "Whether to enable consumption metering for this cluster. If enabled, a second BigQuery table will be created to hold resource consumption records." } }, "type": "object" }, "google-native:container/v1:ConsumptionMeteringConfigResponse": { "description": "Parameters for controlling consumption metering.", "properties": { "enabled": { "type": "boolean", "description": "Whether to enable consumption metering for this cluster. If enabled, a second BigQuery table will be created to hold resource consumption records." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1:CostManagementConfig": { "description": "Configuration for fine-grained cost management feature.", "properties": { "enabled": { "type": "boolean", "description": "Whether the feature is enabled or not." } }, "type": "object" }, "google-native:container/v1:CostManagementConfigResponse": { "description": "Configuration for fine-grained cost management feature.", "properties": { "enabled": { "type": "boolean", "description": "Whether the feature is enabled or not." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1:DNSConfig": { "description": "DNSConfig contains the desired set of options for configuring clusterDNS.", "properties": { "clusterDns": { "$ref": "#/types/google-native:container%2Fv1:DNSConfigClusterDns", "description": "cluster_dns indicates which in-cluster DNS provider should be used." }, "clusterDnsDomain": { "type": "string", "description": "cluster_dns_domain is the suffix used for all cluster service records." }, "clusterDnsScope": { "$ref": "#/types/google-native:container%2Fv1:DNSConfigClusterDnsScope", "description": "cluster_dns_scope indicates the scope of access to cluster DNS records." } }, "type": "object" }, "google-native:container/v1:DNSConfigClusterDns": { "description": "cluster_dns indicates which in-cluster DNS provider should be used.", "type": "string", "enum": [ { "name": "ProviderUnspecified", "description": "Default value", "value": "PROVIDER_UNSPECIFIED" }, { "name": "PlatformDefault", "description": "Use GKE default DNS provider(kube-dns) for DNS resolution.", "value": "PLATFORM_DEFAULT" }, { "name": "CloudDns", "description": "Use CloudDNS for DNS resolution.", "value": "CLOUD_DNS" }, { "name": "KubeDns", "description": "Use KubeDNS for DNS resolution.", "value": "KUBE_DNS" } ] }, "google-native:container/v1:DNSConfigClusterDnsScope": { "description": "cluster_dns_scope indicates the scope of access to cluster DNS records.", "type": "string", "enum": [ { "name": "DnsScopeUnspecified", "description": "Default value, will be inferred as cluster scope.", "value": "DNS_SCOPE_UNSPECIFIED" }, { "name": "ClusterScope", "description": "DNS records are accessible from within the cluster.", "value": "CLUSTER_SCOPE" }, { "name": "VpcScope", "description": "DNS records are accessible from within the VPC.", "value": "VPC_SCOPE" } ] }, "google-native:container/v1:DNSConfigResponse": { "description": "DNSConfig contains the desired set of options for configuring clusterDNS.", "properties": { "clusterDns": { "type": "string", "description": "cluster_dns indicates which in-cluster DNS provider should be used." }, "clusterDnsDomain": { "type": "string", "description": "cluster_dns_domain is the suffix used for all cluster service records." }, "clusterDnsScope": { "type": "string", "description": "cluster_dns_scope indicates the scope of access to cluster DNS records." } }, "type": "object", "required": [ "clusterDns", "clusterDnsDomain", "clusterDnsScope" ] }, "google-native:container/v1:DailyMaintenanceWindow": { "description": "Time window specified for daily maintenance operations.", "properties": { "startTime": { "type": "string", "description": "Time within the maintenance window to start the maintenance operations. Time format should be in [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) format \"HH:MM\", where HH : [00-23] and MM : [00-59] GMT." } }, "type": "object" }, "google-native:container/v1:DailyMaintenanceWindowResponse": { "description": "Time window specified for daily maintenance operations.", "properties": { "duration": { "type": "string", "description": "[Output only] Duration of the time window, automatically chosen to be smallest possible in the given scenario. Duration will be in [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) format \"PTnHnMnS\"." }, "startTime": { "type": "string", "description": "Time within the maintenance window to start the maintenance operations. Time format should be in [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) format \"HH:MM\", where HH : [00-23] and MM : [00-59] GMT." } }, "type": "object", "required": [ "duration", "startTime" ] }, "google-native:container/v1:DatabaseEncryption": { "description": "Configuration of etcd encryption.", "properties": { "keyName": { "type": "string", "description": "Name of CloudKMS key to use for the encryption of secrets in etcd. Ex. projects/my-project/locations/global/keyRings/my-ring/cryptoKeys/my-key" }, "state": { "$ref": "#/types/google-native:container%2Fv1:DatabaseEncryptionState", "description": "The desired state of etcd encryption." } }, "type": "object" }, "google-native:container/v1:DatabaseEncryptionResponse": { "description": "Configuration of etcd encryption.", "properties": { "keyName": { "type": "string", "description": "Name of CloudKMS key to use for the encryption of secrets in etcd. Ex. projects/my-project/locations/global/keyRings/my-ring/cryptoKeys/my-key" }, "state": { "type": "string", "description": "The desired state of etcd encryption." } }, "type": "object", "required": [ "keyName", "state" ] }, "google-native:container/v1:DatabaseEncryptionState": { "description": "The desired state of etcd encryption.", "type": "string", "enum": [ { "name": "Unknown", "description": "Should never be set", "value": "UNKNOWN" }, { "name": "Encrypted", "description": "Secrets in etcd are encrypted.", "value": "ENCRYPTED" }, { "name": "Decrypted", "description": "Secrets in etcd are stored in plain text (at etcd level) - this is unrelated to Compute Engine level full disk encryption.", "value": "DECRYPTED" } ] }, "google-native:container/v1:DefaultSnatStatus": { "description": "DefaultSnatStatus contains the desired state of whether default sNAT should be disabled on the cluster.", "properties": { "disabled": { "type": "boolean", "description": "Disables cluster default sNAT rules." } }, "type": "object" }, "google-native:container/v1:DefaultSnatStatusResponse": { "description": "DefaultSnatStatus contains the desired state of whether default sNAT should be disabled on the cluster.", "properties": { "disabled": { "type": "boolean", "description": "Disables cluster default sNAT rules." } }, "type": "object", "required": [ "disabled" ] }, "google-native:container/v1:DnsCacheConfig": { "description": "Configuration for NodeLocal DNSCache", "properties": { "enabled": { "type": "boolean", "description": "Whether NodeLocal DNSCache is enabled for this cluster." } }, "type": "object" }, "google-native:container/v1:DnsCacheConfigResponse": { "description": "Configuration for NodeLocal DNSCache", "properties": { "enabled": { "type": "boolean", "description": "Whether NodeLocal DNSCache is enabled for this cluster." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1:EnterpriseConfig": { "description": "EnterpriseConfig is the cluster enterprise configuration.", "type": "object" }, "google-native:container/v1:EnterpriseConfigResponse": { "description": "EnterpriseConfig is the cluster enterprise configuration.", "properties": { "clusterTier": { "type": "string", "description": "[Output only] cluster_tier specifies the premium tier of the cluster." } }, "type": "object", "required": [ "clusterTier" ] }, "google-native:container/v1:EphemeralStorageLocalSsdConfig": { "description": "EphemeralStorageLocalSsdConfig contains configuration for the node ephemeral storage using Local SSDs.", "properties": { "localSsdCount": { "type": "integer", "description": "Number of local SSDs to use to back ephemeral storage. Uses NVMe interfaces. A zero (or unset) value has different meanings depending on machine type being used: 1. For pre-Gen3 machines, which support flexible numbers of local ssds, zero (or unset) means to disable using local SSDs as ephemeral storage. The limit for this value is dependent upon the maximum number of disk available on a machine per zone. See: https://cloud.google.com/compute/docs/disks/local-ssd for more information. 2. For Gen3 machines which dictate a specific number of local ssds, zero (or unset) means to use the default number of local ssds that goes with that machine type. For example, for a c3-standard-8-lssd machine, 2 local ssds would be provisioned. For c3-standard-8 (which doesn't support local ssds), 0 will be provisioned. See https://cloud.google.com/compute/docs/disks/local-ssd#choose_number_local_ssds for more info." } }, "type": "object" }, "google-native:container/v1:EphemeralStorageLocalSsdConfigResponse": { "description": "EphemeralStorageLocalSsdConfig contains configuration for the node ephemeral storage using Local SSDs.", "properties": { "localSsdCount": { "type": "integer", "description": "Number of local SSDs to use to back ephemeral storage. Uses NVMe interfaces. A zero (or unset) value has different meanings depending on machine type being used: 1. For pre-Gen3 machines, which support flexible numbers of local ssds, zero (or unset) means to disable using local SSDs as ephemeral storage. The limit for this value is dependent upon the maximum number of disk available on a machine per zone. See: https://cloud.google.com/compute/docs/disks/local-ssd for more information. 2. For Gen3 machines which dictate a specific number of local ssds, zero (or unset) means to use the default number of local ssds that goes with that machine type. For example, for a c3-standard-8-lssd machine, 2 local ssds would be provisioned. For c3-standard-8 (which doesn't support local ssds), 0 will be provisioned. See https://cloud.google.com/compute/docs/disks/local-ssd#choose_number_local_ssds for more info." } }, "type": "object", "required": [ "localSsdCount" ] }, "google-native:container/v1:FastSocket": { "description": "Configuration of Fast Socket feature.", "properties": { "enabled": { "type": "boolean", "description": "Whether Fast Socket features are enabled in the node pool." } }, "type": "object" }, "google-native:container/v1:FastSocketResponse": { "description": "Configuration of Fast Socket feature.", "properties": { "enabled": { "type": "boolean", "description": "Whether Fast Socket features are enabled in the node pool." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1:Filter": { "description": "Allows filtering to one or more specific event types. If event types are present, those and only those event types will be transmitted to the cluster. Other types will be skipped. If no filter is specified, or no event types are present, all event types will be sent", "properties": { "eventType": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1:FilterEventTypeItem" }, "description": "Event types to allowlist." } }, "type": "object" }, "google-native:container/v1:FilterEventTypeItem": { "type": "string", "enum": [ { "name": "EventTypeUnspecified", "description": "Not set, will be ignored.", "value": "EVENT_TYPE_UNSPECIFIED" }, { "name": "UpgradeAvailableEvent", "description": "Corresponds with UpgradeAvailableEvent.", "value": "UPGRADE_AVAILABLE_EVENT" }, { "name": "UpgradeEvent", "description": "Corresponds with UpgradeEvent.", "value": "UPGRADE_EVENT" }, { "name": "SecurityBulletinEvent", "description": "Corresponds with SecurityBulletinEvent.", "value": "SECURITY_BULLETIN_EVENT" } ] }, "google-native:container/v1:FilterResponse": { "description": "Allows filtering to one or more specific event types. If event types are present, those and only those event types will be transmitted to the cluster. Other types will be skipped. If no filter is specified, or no event types are present, all event types will be sent", "properties": { "eventType": { "type": "array", "items": { "type": "string" }, "description": "Event types to allowlist." } }, "type": "object", "required": [ "eventType" ] }, "google-native:container/v1:Fleet": { "description": "Fleet is the fleet configuration for the cluster.", "properties": { "project": { "type": "string", "description": "The Fleet host project(project ID or project number) where this cluster will be registered to. This field cannot be changed after the cluster has been registered." } }, "type": "object" }, "google-native:container/v1:FleetResponse": { "description": "Fleet is the fleet configuration for the cluster.", "properties": { "membership": { "type": "string", "description": "[Output only] The full resource name of the registered fleet membership of the cluster, in the format `//gkehub.googleapis.com/projects/*/locations/*/memberships/*`." }, "preRegistered": { "type": "boolean", "description": "[Output only] Whether the cluster has been registered through the fleet API." }, "project": { "type": "string", "description": "The Fleet host project(project ID or project number) where this cluster will be registered to. This field cannot be changed after the cluster has been registered." } }, "type": "object", "required": [ "membership", "preRegistered", "project" ] }, "google-native:container/v1:GPUDriverInstallationConfig": { "description": "GPUDriverInstallationConfig specifies the version of GPU driver to be auto installed.", "properties": { "gpuDriverVersion": { "$ref": "#/types/google-native:container%2Fv1:GPUDriverInstallationConfigGpuDriverVersion", "description": "Mode for how the GPU driver is installed." } }, "type": "object" }, "google-native:container/v1:GPUDriverInstallationConfigGpuDriverVersion": { "description": "Mode for how the GPU driver is installed.", "type": "string", "enum": [ { "name": "GpuDriverVersionUnspecified", "description": "Default value is to not install any GPU driver.", "value": "GPU_DRIVER_VERSION_UNSPECIFIED" }, { "name": "InstallationDisabled", "description": "Disable GPU driver auto installation and needs manual installation", "value": "INSTALLATION_DISABLED" }, { "name": "Default", "description": "\"Default\" GPU driver in COS and Ubuntu.", "value": "DEFAULT" }, { "name": "Latest", "description": "\"Latest\" GPU driver in COS.", "value": "LATEST" } ] }, "google-native:container/v1:GPUDriverInstallationConfigResponse": { "description": "GPUDriverInstallationConfig specifies the version of GPU driver to be auto installed.", "properties": { "gpuDriverVersion": { "type": "string", "description": "Mode for how the GPU driver is installed." } }, "type": "object", "required": [ "gpuDriverVersion" ] }, "google-native:container/v1:GPUSharingConfig": { "description": "GPUSharingConfig represents the GPU sharing configuration for Hardware Accelerators.", "properties": { "gpuSharingStrategy": { "$ref": "#/types/google-native:container%2Fv1:GPUSharingConfigGpuSharingStrategy", "description": "The type of GPU sharing strategy to enable on the GPU node." }, "maxSharedClientsPerGpu": { "type": "string", "description": "The max number of containers that can share a physical GPU." } }, "type": "object" }, "google-native:container/v1:GPUSharingConfigGpuSharingStrategy": { "description": "The type of GPU sharing strategy to enable on the GPU node.", "type": "string", "enum": [ { "name": "GpuSharingStrategyUnspecified", "description": "Default value.", "value": "GPU_SHARING_STRATEGY_UNSPECIFIED" }, { "name": "TimeSharing", "description": "GPUs are time-shared between containers.", "value": "TIME_SHARING" } ] }, "google-native:container/v1:GPUSharingConfigResponse": { "description": "GPUSharingConfig represents the GPU sharing configuration for Hardware Accelerators.", "properties": { "gpuSharingStrategy": { "type": "string", "description": "The type of GPU sharing strategy to enable on the GPU node." }, "maxSharedClientsPerGpu": { "type": "string", "description": "The max number of containers that can share a physical GPU." } }, "type": "object", "required": [ "gpuSharingStrategy", "maxSharedClientsPerGpu" ] }, "google-native:container/v1:GatewayAPIConfig": { "description": "GatewayAPIConfig contains the desired config of Gateway API on this cluster.", "properties": { "channel": { "$ref": "#/types/google-native:container%2Fv1:GatewayAPIConfigChannel", "description": "The Gateway API release channel to use for Gateway API." } }, "type": "object" }, "google-native:container/v1:GatewayAPIConfigChannel": { "description": "The Gateway API release channel to use for Gateway API.", "type": "string", "enum": [ { "name": "ChannelUnspecified", "description": "Default value.", "value": "CHANNEL_UNSPECIFIED" }, { "name": "ChannelDisabled", "description": "Gateway API support is disabled", "value": "CHANNEL_DISABLED" }, { "name": "ChannelExperimental", "description": "Gateway API support is enabled, experimental CRDs are installed", "value": "CHANNEL_EXPERIMENTAL" }, { "name": "ChannelStandard", "description": "Gateway API support is enabled, standard CRDs are installed", "value": "CHANNEL_STANDARD" } ] }, "google-native:container/v1:GatewayAPIConfigResponse": { "description": "GatewayAPIConfig contains the desired config of Gateway API on this cluster.", "properties": { "channel": { "type": "string", "description": "The Gateway API release channel to use for Gateway API." } }, "type": "object", "required": [ "channel" ] }, "google-native:container/v1:GcePersistentDiskCsiDriverConfig": { "description": "Configuration for the Compute Engine PD CSI driver.", "properties": { "enabled": { "type": "boolean", "description": "Whether the Compute Engine PD CSI driver is enabled for this cluster." } }, "type": "object" }, "google-native:container/v1:GcePersistentDiskCsiDriverConfigResponse": { "description": "Configuration for the Compute Engine PD CSI driver.", "properties": { "enabled": { "type": "boolean", "description": "Whether the Compute Engine PD CSI driver is enabled for this cluster." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1:GcfsConfig": { "description": "GcfsConfig contains configurations of Google Container File System (image streaming).", "properties": { "enabled": { "type": "boolean", "description": "Whether to use GCFS." } }, "type": "object" }, "google-native:container/v1:GcfsConfigResponse": { "description": "GcfsConfig contains configurations of Google Container File System (image streaming).", "properties": { "enabled": { "type": "boolean", "description": "Whether to use GCFS." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1:GcpFilestoreCsiDriverConfig": { "description": "Configuration for the GCP Filestore CSI driver.", "properties": { "enabled": { "type": "boolean", "description": "Whether the GCP Filestore CSI driver is enabled for this cluster." } }, "type": "object" }, "google-native:container/v1:GcpFilestoreCsiDriverConfigResponse": { "description": "Configuration for the GCP Filestore CSI driver.", "properties": { "enabled": { "type": "boolean", "description": "Whether the GCP Filestore CSI driver is enabled for this cluster." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1:GcsFuseCsiDriverConfig": { "description": "Configuration for the Cloud Storage Fuse CSI driver.", "properties": { "enabled": { "type": "boolean", "description": "Whether the Cloud Storage Fuse CSI driver is enabled for this cluster." } }, "type": "object" }, "google-native:container/v1:GcsFuseCsiDriverConfigResponse": { "description": "Configuration for the Cloud Storage Fuse CSI driver.", "properties": { "enabled": { "type": "boolean", "description": "Whether the Cloud Storage Fuse CSI driver is enabled for this cluster." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1:GkeBackupAgentConfig": { "description": "Configuration for the Backup for GKE Agent.", "properties": { "enabled": { "type": "boolean", "description": "Whether the Backup for GKE agent is enabled for this cluster." } }, "type": "object" }, "google-native:container/v1:GkeBackupAgentConfigResponse": { "description": "Configuration for the Backup for GKE Agent.", "properties": { "enabled": { "type": "boolean", "description": "Whether the Backup for GKE agent is enabled for this cluster." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1:HorizontalPodAutoscaling": { "description": "Configuration options for the horizontal pod autoscaling feature, which increases or decreases the number of replica pods a replication controller has based on the resource usage of the existing pods.", "properties": { "disabled": { "type": "boolean", "description": "Whether the Horizontal Pod Autoscaling feature is enabled in the cluster. When enabled, it ensures that metrics are collected into Stackdriver Monitoring." } }, "type": "object" }, "google-native:container/v1:HorizontalPodAutoscalingResponse": { "description": "Configuration options for the horizontal pod autoscaling feature, which increases or decreases the number of replica pods a replication controller has based on the resource usage of the existing pods.", "properties": { "disabled": { "type": "boolean", "description": "Whether the Horizontal Pod Autoscaling feature is enabled in the cluster. When enabled, it ensures that metrics are collected into Stackdriver Monitoring." } }, "type": "object", "required": [ "disabled" ] }, "google-native:container/v1:HttpLoadBalancing": { "description": "Configuration options for the HTTP (L7) load balancing controller addon, which makes it easy to set up HTTP load balancers for services in a cluster.", "properties": { "disabled": { "type": "boolean", "description": "Whether the HTTP Load Balancing controller is enabled in the cluster. When enabled, it runs a small pod in the cluster that manages the load balancers." } }, "type": "object" }, "google-native:container/v1:HttpLoadBalancingResponse": { "description": "Configuration options for the HTTP (L7) load balancing controller addon, which makes it easy to set up HTTP load balancers for services in a cluster.", "properties": { "disabled": { "type": "boolean", "description": "Whether the HTTP Load Balancing controller is enabled in the cluster. When enabled, it runs a small pod in the cluster that manages the load balancers." } }, "type": "object", "required": [ "disabled" ] }, "google-native:container/v1:ILBSubsettingConfig": { "description": "ILBSubsettingConfig contains the desired config of L4 Internal LoadBalancer subsetting on this cluster.", "properties": { "enabled": { "type": "boolean", "description": "Enables l4 ILB subsetting for this cluster." } }, "type": "object" }, "google-native:container/v1:IPAllocationPolicy": { "description": "Configuration for controlling how IPs are allocated in the cluster.", "properties": { "clusterIpv4Cidr": { "type": "string", "description": "This field is deprecated, use cluster_ipv4_cidr_block.", "deprecationMessage": "This field is deprecated, use cluster_ipv4_cidr_block." }, "clusterIpv4CidrBlock": { "type": "string", "description": "The IP address range for the cluster pod IPs. If this field is set, then `cluster.cluster_ipv4_cidr` must be left blank. This field is only applicable when `use_ip_aliases` is true. Set to blank to have a range chosen with the default size. Set to /netmask (e.g. `/14`) to have a range chosen with a specific netmask. Set to a [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range to use." }, "clusterSecondaryRangeName": { "type": "string", "description": "The name of the secondary range to be used for the cluster CIDR block. The secondary range will be used for pod IP addresses. This must be an existing secondary range associated with the cluster subnetwork. This field is only applicable with use_ip_aliases is true and create_subnetwork is false." }, "createSubnetwork": { "type": "boolean", "description": "Whether a new subnetwork will be created automatically for the cluster. This field is only applicable when `use_ip_aliases` is true." }, "ipv6AccessType": { "$ref": "#/types/google-native:container%2Fv1:IPAllocationPolicyIpv6AccessType", "description": "The ipv6 access type (internal or external) when create_subnetwork is true" }, "nodeIpv4Cidr": { "type": "string", "description": "This field is deprecated, use node_ipv4_cidr_block.", "deprecationMessage": "This field is deprecated, use node_ipv4_cidr_block." }, "nodeIpv4CidrBlock": { "type": "string", "description": "The IP address range of the instance IPs in this cluster. This is applicable only if `create_subnetwork` is true. Set to blank to have a range chosen with the default size. Set to /netmask (e.g. `/14`) to have a range chosen with a specific netmask. Set to a [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range to use." }, "podCidrOverprovisionConfig": { "$ref": "#/types/google-native:container%2Fv1:PodCIDROverprovisionConfig", "description": "[PRIVATE FIELD] Pod CIDR size overprovisioning config for the cluster. Pod CIDR size per node depends on max_pods_per_node. By default, the value of max_pods_per_node is doubled and then rounded off to next power of 2 to get the size of pod CIDR block per node. Example: max_pods_per_node of 30 would result in 64 IPs (/26). This config can disable the doubling of IPs (we still round off to next power of 2) Example: max_pods_per_node of 30 will result in 32 IPs (/27) when overprovisioning is disabled." }, "servicesIpv4Cidr": { "type": "string", "description": "This field is deprecated, use services_ipv4_cidr_block.", "deprecationMessage": "This field is deprecated, use services_ipv4_cidr_block." }, "servicesIpv4CidrBlock": { "type": "string", "description": "The IP address range of the services IPs in this cluster. If blank, a range will be automatically chosen with the default size. This field is only applicable when `use_ip_aliases` is true. Set to blank to have a range chosen with the default size. Set to /netmask (e.g. `/14`) to have a range chosen with a specific netmask. Set to a [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range to use." }, "servicesSecondaryRangeName": { "type": "string", "description": "The name of the secondary range to be used as for the services CIDR block. The secondary range will be used for service ClusterIPs. This must be an existing secondary range associated with the cluster subnetwork. This field is only applicable with use_ip_aliases is true and create_subnetwork is false." }, "stackType": { "$ref": "#/types/google-native:container%2Fv1:IPAllocationPolicyStackType", "description": "The IP stack type of the cluster" }, "subnetworkName": { "type": "string", "description": "A custom subnetwork name to be used if `create_subnetwork` is true. If this field is empty, then an automatic name will be chosen for the new subnetwork." }, "tpuIpv4CidrBlock": { "type": "string", "description": "The IP address range of the Cloud TPUs in this cluster. If unspecified, a range will be automatically chosen with the default size. This field is only applicable when `use_ip_aliases` is true. If unspecified, the range will use the default size. Set to /netmask (e.g. `/14`) to have a range chosen with a specific netmask. Set to a [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range to use." }, "useIpAliases": { "type": "boolean", "description": "Whether alias IPs will be used for pod IPs in the cluster. This is used in conjunction with use_routes. It cannot be true if use_routes is true. If both use_ip_aliases and use_routes are false, then the server picks the default IP allocation mode" }, "useRoutes": { "type": "boolean", "description": "Whether routes will be used for pod IPs in the cluster. This is used in conjunction with use_ip_aliases. It cannot be true if use_ip_aliases is true. If both use_ip_aliases and use_routes are false, then the server picks the default IP allocation mode" } }, "type": "object" }, "google-native:container/v1:IPAllocationPolicyIpv6AccessType": { "description": "The ipv6 access type (internal or external) when create_subnetwork is true", "type": "string", "enum": [ { "name": "Ipv6AccessTypeUnspecified", "description": "Default value, will be defaulted as type external.", "value": "IPV6_ACCESS_TYPE_UNSPECIFIED" }, { "name": "Internal", "description": "Access type internal (all v6 addresses are internal IPs)", "value": "INTERNAL" }, { "name": "External", "description": "Access type external (all v6 addresses are external IPs)", "value": "EXTERNAL" } ] }, "google-native:container/v1:IPAllocationPolicyResponse": { "description": "Configuration for controlling how IPs are allocated in the cluster.", "properties": { "additionalPodRangesConfig": { "$ref": "#/types/google-native:container%2Fv1:AdditionalPodRangesConfigResponse", "description": "[Output only] The additional pod ranges that are added to the cluster. These pod ranges can be used by new node pools to allocate pod IPs automatically. Once the range is removed it will not show up in IPAllocationPolicy." }, "clusterIpv4Cidr": { "type": "string", "description": "This field is deprecated, use cluster_ipv4_cidr_block.", "deprecationMessage": "This field is deprecated, use cluster_ipv4_cidr_block." }, "clusterIpv4CidrBlock": { "type": "string", "description": "The IP address range for the cluster pod IPs. If this field is set, then `cluster.cluster_ipv4_cidr` must be left blank. This field is only applicable when `use_ip_aliases` is true. Set to blank to have a range chosen with the default size. Set to /netmask (e.g. `/14`) to have a range chosen with a specific netmask. Set to a [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range to use." }, "clusterSecondaryRangeName": { "type": "string", "description": "The name of the secondary range to be used for the cluster CIDR block. The secondary range will be used for pod IP addresses. This must be an existing secondary range associated with the cluster subnetwork. This field is only applicable with use_ip_aliases is true and create_subnetwork is false." }, "createSubnetwork": { "type": "boolean", "description": "Whether a new subnetwork will be created automatically for the cluster. This field is only applicable when `use_ip_aliases` is true." }, "defaultPodIpv4RangeUtilization": { "type": "number", "description": "[Output only] The utilization of the cluster default IPv4 range for the pod. The ratio is Usage/[Total number of IPs in the secondary range], Usage=numNodes*numZones*podIPsPerNode." }, "ipv6AccessType": { "type": "string", "description": "The ipv6 access type (internal or external) when create_subnetwork is true" }, "nodeIpv4Cidr": { "type": "string", "description": "This field is deprecated, use node_ipv4_cidr_block.", "deprecationMessage": "This field is deprecated, use node_ipv4_cidr_block." }, "nodeIpv4CidrBlock": { "type": "string", "description": "The IP address range of the instance IPs in this cluster. This is applicable only if `create_subnetwork` is true. Set to blank to have a range chosen with the default size. Set to /netmask (e.g. `/14`) to have a range chosen with a specific netmask. Set to a [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range to use." }, "podCidrOverprovisionConfig": { "$ref": "#/types/google-native:container%2Fv1:PodCIDROverprovisionConfigResponse", "description": "[PRIVATE FIELD] Pod CIDR size overprovisioning config for the cluster. Pod CIDR size per node depends on max_pods_per_node. By default, the value of max_pods_per_node is doubled and then rounded off to next power of 2 to get the size of pod CIDR block per node. Example: max_pods_per_node of 30 would result in 64 IPs (/26). This config can disable the doubling of IPs (we still round off to next power of 2) Example: max_pods_per_node of 30 will result in 32 IPs (/27) when overprovisioning is disabled." }, "servicesIpv4Cidr": { "type": "string", "description": "This field is deprecated, use services_ipv4_cidr_block.", "deprecationMessage": "This field is deprecated, use services_ipv4_cidr_block." }, "servicesIpv4CidrBlock": { "type": "string", "description": "The IP address range of the services IPs in this cluster. If blank, a range will be automatically chosen with the default size. This field is only applicable when `use_ip_aliases` is true. Set to blank to have a range chosen with the default size. Set to /netmask (e.g. `/14`) to have a range chosen with a specific netmask. Set to a [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range to use." }, "servicesIpv6CidrBlock": { "type": "string", "description": "[Output only] The services IPv6 CIDR block for the cluster." }, "servicesSecondaryRangeName": { "type": "string", "description": "The name of the secondary range to be used as for the services CIDR block. The secondary range will be used for service ClusterIPs. This must be an existing secondary range associated with the cluster subnetwork. This field is only applicable with use_ip_aliases is true and create_subnetwork is false." }, "stackType": { "type": "string", "description": "The IP stack type of the cluster" }, "subnetIpv6CidrBlock": { "type": "string", "description": "[Output only] The subnet's IPv6 CIDR block used by nodes and pods." }, "subnetworkName": { "type": "string", "description": "A custom subnetwork name to be used if `create_subnetwork` is true. If this field is empty, then an automatic name will be chosen for the new subnetwork." }, "tpuIpv4CidrBlock": { "type": "string", "description": "The IP address range of the Cloud TPUs in this cluster. If unspecified, a range will be automatically chosen with the default size. This field is only applicable when `use_ip_aliases` is true. If unspecified, the range will use the default size. Set to /netmask (e.g. `/14`) to have a range chosen with a specific netmask. Set to a [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range to use." }, "useIpAliases": { "type": "boolean", "description": "Whether alias IPs will be used for pod IPs in the cluster. This is used in conjunction with use_routes. It cannot be true if use_routes is true. If both use_ip_aliases and use_routes are false, then the server picks the default IP allocation mode" }, "useRoutes": { "type": "boolean", "description": "Whether routes will be used for pod IPs in the cluster. This is used in conjunction with use_ip_aliases. It cannot be true if use_ip_aliases is true. If both use_ip_aliases and use_routes are false, then the server picks the default IP allocation mode" } }, "type": "object", "required": [ "additionalPodRangesConfig", "clusterIpv4Cidr", "clusterIpv4CidrBlock", "clusterSecondaryRangeName", "createSubnetwork", "defaultPodIpv4RangeUtilization", "ipv6AccessType", "nodeIpv4Cidr", "nodeIpv4CidrBlock", "podCidrOverprovisionConfig", "servicesIpv4Cidr", "servicesIpv4CidrBlock", "servicesIpv6CidrBlock", "servicesSecondaryRangeName", "stackType", "subnetIpv6CidrBlock", "subnetworkName", "tpuIpv4CidrBlock", "useIpAliases", "useRoutes" ] }, "google-native:container/v1:IPAllocationPolicyStackType": { "description": "The IP stack type of the cluster", "type": "string", "enum": [ { "name": "StackTypeUnspecified", "description": "Default value, will be defaulted as IPV4 only", "value": "STACK_TYPE_UNSPECIFIED" }, { "name": "Ipv4", "description": "Cluster is IPV4 only", "value": "IPV4" }, { "name": "Ipv4Ipv6", "description": "Cluster can use both IPv4 and IPv6", "value": "IPV4_IPV6" } ] }, "google-native:container/v1:IdentityServiceConfig": { "description": "IdentityServiceConfig is configuration for Identity Service which allows customers to use external identity providers with the K8S API", "properties": { "enabled": { "type": "boolean", "description": "Whether to enable the Identity Service component" } }, "type": "object" }, "google-native:container/v1:IdentityServiceConfigResponse": { "description": "IdentityServiceConfig is configuration for Identity Service which allows customers to use external identity providers with the K8S API", "properties": { "enabled": { "type": "boolean", "description": "Whether to enable the Identity Service component" } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1:IntraNodeVisibilityConfig": { "description": "IntraNodeVisibilityConfig contains the desired config of the intra-node visibility on this cluster.", "properties": { "enabled": { "type": "boolean", "description": "Enables intra node visibility for this cluster." } }, "type": "object" }, "google-native:container/v1:K8sBetaAPIConfig": { "description": "K8sBetaAPIConfig , configuration for beta APIs", "properties": { "enabledApis": { "type": "array", "items": { "type": "string" }, "description": "Enabled k8s beta APIs." } }, "type": "object" }, "google-native:container/v1:K8sBetaAPIConfigResponse": { "description": "K8sBetaAPIConfig , configuration for beta APIs", "properties": { "enabledApis": { "type": "array", "items": { "type": "string" }, "description": "Enabled k8s beta APIs." } }, "type": "object", "required": [ "enabledApis" ] }, "google-native:container/v1:KubernetesDashboard": { "description": "Configuration for the Kubernetes Dashboard.", "properties": { "disabled": { "type": "boolean", "description": "Whether the Kubernetes Dashboard is enabled for this cluster." } }, "type": "object" }, "google-native:container/v1:KubernetesDashboardResponse": { "description": "Configuration for the Kubernetes Dashboard.", "properties": { "disabled": { "type": "boolean", "description": "Whether the Kubernetes Dashboard is enabled for this cluster." } }, "type": "object", "required": [ "disabled" ] }, "google-native:container/v1:LegacyAbac": { "description": "Configuration for the legacy Attribute Based Access Control authorization mode.", "properties": { "enabled": { "type": "boolean", "description": "Whether the ABAC authorizer is enabled for this cluster. When enabled, identities in the system, including service accounts, nodes, and controllers, will have statically granted permissions beyond those provided by the RBAC configuration or IAM." } }, "type": "object" }, "google-native:container/v1:LegacyAbacResponse": { "description": "Configuration for the legacy Attribute Based Access Control authorization mode.", "properties": { "enabled": { "type": "boolean", "description": "Whether the ABAC authorizer is enabled for this cluster. When enabled, identities in the system, including service accounts, nodes, and controllers, will have statically granted permissions beyond those provided by the RBAC configuration or IAM." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1:LinuxNodeConfig": { "description": "Parameters that can be configured on Linux nodes.", "properties": { "cgroupMode": { "$ref": "#/types/google-native:container%2Fv1:LinuxNodeConfigCgroupMode", "description": "cgroup_mode specifies the cgroup mode to be used on the node." }, "sysctls": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The Linux kernel parameters to be applied to the nodes and all pods running on the nodes. The following parameters are supported. net.core.busy_poll net.core.busy_read net.core.netdev_max_backlog net.core.rmem_max net.core.wmem_default net.core.wmem_max net.core.optmem_max net.core.somaxconn net.ipv4.tcp_rmem net.ipv4.tcp_wmem net.ipv4.tcp_tw_reuse" } }, "type": "object" }, "google-native:container/v1:LinuxNodeConfigCgroupMode": { "description": "cgroup_mode specifies the cgroup mode to be used on the node.", "type": "string", "enum": [ { "name": "CgroupModeUnspecified", "description": "CGROUP_MODE_UNSPECIFIED is when unspecified cgroup configuration is used. The default for the GKE node OS image will be used.", "value": "CGROUP_MODE_UNSPECIFIED" }, { "name": "CgroupModeV1", "description": "CGROUP_MODE_V1 specifies to use cgroupv1 for the cgroup configuration on the node image.", "value": "CGROUP_MODE_V1" }, { "name": "CgroupModeV2", "description": "CGROUP_MODE_V2 specifies to use cgroupv2 for the cgroup configuration on the node image.", "value": "CGROUP_MODE_V2" } ] }, "google-native:container/v1:LinuxNodeConfigResponse": { "description": "Parameters that can be configured on Linux nodes.", "properties": { "cgroupMode": { "type": "string", "description": "cgroup_mode specifies the cgroup mode to be used on the node." }, "sysctls": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The Linux kernel parameters to be applied to the nodes and all pods running on the nodes. The following parameters are supported. net.core.busy_poll net.core.busy_read net.core.netdev_max_backlog net.core.rmem_max net.core.wmem_default net.core.wmem_max net.core.optmem_max net.core.somaxconn net.ipv4.tcp_rmem net.ipv4.tcp_wmem net.ipv4.tcp_tw_reuse" } }, "type": "object", "required": [ "cgroupMode", "sysctls" ] }, "google-native:container/v1:LocalNvmeSsdBlockConfig": { "description": "LocalNvmeSsdBlockConfig contains configuration for using raw-block local NVMe SSDs", "properties": { "localSsdCount": { "type": "integer", "description": "Number of local NVMe SSDs to use. The limit for this value is dependent upon the maximum number of disk available on a machine per zone. See: https://cloud.google.com/compute/docs/disks/local-ssd for more information. A zero (or unset) value has different meanings depending on machine type being used: 1. For pre-Gen3 machines, which support flexible numbers of local ssds, zero (or unset) means to disable using local SSDs as ephemeral storage. 2. For Gen3 machines which dictate a specific number of local ssds, zero (or unset) means to use the default number of local ssds that goes with that machine type. For example, for a c3-standard-8-lssd machine, 2 local ssds would be provisioned. For c3-standard-8 (which doesn't support local ssds), 0 will be provisioned. See https://cloud.google.com/compute/docs/disks/local-ssd#choose_number_local_ssds for more info." } }, "type": "object" }, "google-native:container/v1:LocalNvmeSsdBlockConfigResponse": { "description": "LocalNvmeSsdBlockConfig contains configuration for using raw-block local NVMe SSDs", "properties": { "localSsdCount": { "type": "integer", "description": "Number of local NVMe SSDs to use. The limit for this value is dependent upon the maximum number of disk available on a machine per zone. See: https://cloud.google.com/compute/docs/disks/local-ssd for more information. A zero (or unset) value has different meanings depending on machine type being used: 1. For pre-Gen3 machines, which support flexible numbers of local ssds, zero (or unset) means to disable using local SSDs as ephemeral storage. 2. For Gen3 machines which dictate a specific number of local ssds, zero (or unset) means to use the default number of local ssds that goes with that machine type. For example, for a c3-standard-8-lssd machine, 2 local ssds would be provisioned. For c3-standard-8 (which doesn't support local ssds), 0 will be provisioned. See https://cloud.google.com/compute/docs/disks/local-ssd#choose_number_local_ssds for more info." } }, "type": "object", "required": [ "localSsdCount" ] }, "google-native:container/v1:LoggingComponentConfig": { "description": "LoggingComponentConfig is cluster logging component configuration.", "properties": { "enableComponents": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1:LoggingComponentConfigEnableComponentsItem" }, "description": "Select components to collect logs. An empty set would disable all logging." } }, "type": "object" }, "google-native:container/v1:LoggingComponentConfigEnableComponentsItem": { "type": "string", "enum": [ { "name": "ComponentUnspecified", "description": "Default value. This shouldn't be used.", "value": "COMPONENT_UNSPECIFIED" }, { "name": "SystemComponents", "description": "system components", "value": "SYSTEM_COMPONENTS" }, { "name": "Workloads", "description": "workloads", "value": "WORKLOADS" }, { "name": "Apiserver", "description": "kube-apiserver", "value": "APISERVER" }, { "name": "Scheduler", "description": "kube-scheduler", "value": "SCHEDULER" }, { "name": "ControllerManager", "description": "kube-controller-manager", "value": "CONTROLLER_MANAGER" } ] }, "google-native:container/v1:LoggingComponentConfigResponse": { "description": "LoggingComponentConfig is cluster logging component configuration.", "properties": { "enableComponents": { "type": "array", "items": { "type": "string" }, "description": "Select components to collect logs. An empty set would disable all logging." } }, "type": "object", "required": [ "enableComponents" ] }, "google-native:container/v1:LoggingConfig": { "description": "LoggingConfig is cluster logging configuration.", "properties": { "componentConfig": { "$ref": "#/types/google-native:container%2Fv1:LoggingComponentConfig", "description": "Logging components configuration" } }, "type": "object" }, "google-native:container/v1:LoggingConfigResponse": { "description": "LoggingConfig is cluster logging configuration.", "properties": { "componentConfig": { "$ref": "#/types/google-native:container%2Fv1:LoggingComponentConfigResponse", "description": "Logging components configuration" } }, "type": "object", "required": [ "componentConfig" ] }, "google-native:container/v1:LoggingVariantConfig": { "description": "LoggingVariantConfig specifies the behaviour of the logging component.", "properties": { "variant": { "$ref": "#/types/google-native:container%2Fv1:LoggingVariantConfigVariant", "description": "Logging variant deployed on nodes." } }, "type": "object" }, "google-native:container/v1:LoggingVariantConfigResponse": { "description": "LoggingVariantConfig specifies the behaviour of the logging component.", "properties": { "variant": { "type": "string", "description": "Logging variant deployed on nodes." } }, "type": "object", "required": [ "variant" ] }, "google-native:container/v1:LoggingVariantConfigVariant": { "description": "Logging variant deployed on nodes.", "type": "string", "enum": [ { "name": "VariantUnspecified", "description": "Default value. This shouldn't be used.", "value": "VARIANT_UNSPECIFIED" }, { "name": "Default", "description": "default logging variant.", "value": "DEFAULT" }, { "name": "MaxThroughput", "description": "maximum logging throughput variant.", "value": "MAX_THROUGHPUT" } ] }, "google-native:container/v1:MaintenanceExclusionOptions": { "description": "Represents the Maintenance exclusion option.", "properties": { "scope": { "$ref": "#/types/google-native:container%2Fv1:MaintenanceExclusionOptionsScope", "description": "Scope specifies the upgrade scope which upgrades are blocked by the exclusion." } }, "type": "object" }, "google-native:container/v1:MaintenanceExclusionOptionsResponse": { "description": "Represents the Maintenance exclusion option.", "properties": { "scope": { "type": "string", "description": "Scope specifies the upgrade scope which upgrades are blocked by the exclusion." } }, "type": "object", "required": [ "scope" ] }, "google-native:container/v1:MaintenanceExclusionOptionsScope": { "description": "Scope specifies the upgrade scope which upgrades are blocked by the exclusion.", "type": "string", "enum": [ { "name": "NoUpgrades", "description": "NO_UPGRADES excludes all upgrades, including patch upgrades and minor upgrades across control planes and nodes. This is the default exclusion behavior.", "value": "NO_UPGRADES" }, { "name": "NoMinorUpgrades", "description": "NO_MINOR_UPGRADES excludes all minor upgrades for the cluster, only patches are allowed.", "value": "NO_MINOR_UPGRADES" }, { "name": "NoMinorOrNodeUpgrades", "description": "NO_MINOR_OR_NODE_UPGRADES excludes all minor upgrades for the cluster, and also exclude all node pool upgrades. Only control plane patches are allowed.", "value": "NO_MINOR_OR_NODE_UPGRADES" } ] }, "google-native:container/v1:MaintenancePolicy": { "description": "MaintenancePolicy defines the maintenance policy to be used for the cluster.", "properties": { "resourceVersion": { "type": "string", "description": "A hash identifying the version of this policy, so that updates to fields of the policy won't accidentally undo intermediate changes (and so that users of the API unaware of some fields won't accidentally remove other fields). Make a `get()` request to the cluster to get the current resource version and include it with requests to set the policy." }, "window": { "$ref": "#/types/google-native:container%2Fv1:MaintenanceWindow", "description": "Specifies the maintenance window in which maintenance may be performed." } }, "type": "object" }, "google-native:container/v1:MaintenancePolicyResponse": { "description": "MaintenancePolicy defines the maintenance policy to be used for the cluster.", "properties": { "resourceVersion": { "type": "string", "description": "A hash identifying the version of this policy, so that updates to fields of the policy won't accidentally undo intermediate changes (and so that users of the API unaware of some fields won't accidentally remove other fields). Make a `get()` request to the cluster to get the current resource version and include it with requests to set the policy." }, "window": { "$ref": "#/types/google-native:container%2Fv1:MaintenanceWindowResponse", "description": "Specifies the maintenance window in which maintenance may be performed." } }, "type": "object", "required": [ "resourceVersion", "window" ] }, "google-native:container/v1:MaintenanceWindow": { "description": "MaintenanceWindow defines the maintenance window to be used for the cluster.", "properties": { "dailyMaintenanceWindow": { "$ref": "#/types/google-native:container%2Fv1:DailyMaintenanceWindow", "description": "DailyMaintenanceWindow specifies a daily maintenance operation window." }, "maintenanceExclusions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Exceptions to maintenance window. Non-emergency maintenance should not occur in these windows." }, "recurringWindow": { "$ref": "#/types/google-native:container%2Fv1:RecurringTimeWindow", "description": "RecurringWindow specifies some number of recurring time periods for maintenance to occur. The time windows may be overlapping. If no maintenance windows are set, maintenance can occur at any time." } }, "type": "object" }, "google-native:container/v1:MaintenanceWindowResponse": { "description": "MaintenanceWindow defines the maintenance window to be used for the cluster.", "properties": { "dailyMaintenanceWindow": { "$ref": "#/types/google-native:container%2Fv1:DailyMaintenanceWindowResponse", "description": "DailyMaintenanceWindow specifies a daily maintenance operation window." }, "maintenanceExclusions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Exceptions to maintenance window. Non-emergency maintenance should not occur in these windows." }, "recurringWindow": { "$ref": "#/types/google-native:container%2Fv1:RecurringTimeWindowResponse", "description": "RecurringWindow specifies some number of recurring time periods for maintenance to occur. The time windows may be overlapping. If no maintenance windows are set, maintenance can occur at any time." } }, "type": "object", "required": [ "dailyMaintenanceWindow", "maintenanceExclusions", "recurringWindow" ] }, "google-native:container/v1:ManagedPrometheusConfig": { "description": "ManagedPrometheusConfig defines the configuration for Google Cloud Managed Service for Prometheus.", "properties": { "enabled": { "type": "boolean", "description": "Enable Managed Collection." } }, "type": "object" }, "google-native:container/v1:ManagedPrometheusConfigResponse": { "description": "ManagedPrometheusConfig defines the configuration for Google Cloud Managed Service for Prometheus.", "properties": { "enabled": { "type": "boolean", "description": "Enable Managed Collection." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1:MasterAuth": { "description": "The authentication information for accessing the master endpoint. Authentication can be done using HTTP basic auth or using client certificates.", "properties": { "clientCertificateConfig": { "$ref": "#/types/google-native:container%2Fv1:ClientCertificateConfig", "description": "Configuration for client certificate authentication on the cluster. For clusters before v1.12, if no configuration is specified, a client certificate is issued." }, "password": { "type": "string", "description": "The password to use for HTTP basic authentication to the master endpoint. Because the master endpoint is open to the Internet, you should create a strong password. If a password is provided for cluster creation, username must be non-empty. Warning: basic authentication is deprecated, and will be removed in GKE control plane versions 1.19 and newer. For a list of recommended authentication methods, see: https://cloud.google.com/kubernetes-engine/docs/how-to/api-server-authentication" }, "username": { "type": "string", "description": "The username to use for HTTP basic authentication to the master endpoint. For clusters v1.6.0 and later, basic authentication can be disabled by leaving username unspecified (or setting it to the empty string). Warning: basic authentication is deprecated, and will be removed in GKE control plane versions 1.19 and newer. For a list of recommended authentication methods, see: https://cloud.google.com/kubernetes-engine/docs/how-to/api-server-authentication" } }, "type": "object" }, "google-native:container/v1:MasterAuthResponse": { "description": "The authentication information for accessing the master endpoint. Authentication can be done using HTTP basic auth or using client certificates.", "properties": { "clientCertificate": { "type": "string", "description": "[Output only] Base64-encoded public certificate used by clients to authenticate to the cluster endpoint." }, "clientCertificateConfig": { "$ref": "#/types/google-native:container%2Fv1:ClientCertificateConfigResponse", "description": "Configuration for client certificate authentication on the cluster. For clusters before v1.12, if no configuration is specified, a client certificate is issued." }, "clientKey": { "type": "string", "description": "[Output only] Base64-encoded private key used by clients to authenticate to the cluster endpoint." }, "clusterCaCertificate": { "type": "string", "description": "[Output only] Base64-encoded public certificate that is the root of trust for the cluster." }, "password": { "type": "string", "description": "The password to use for HTTP basic authentication to the master endpoint. Because the master endpoint is open to the Internet, you should create a strong password. If a password is provided for cluster creation, username must be non-empty. Warning: basic authentication is deprecated, and will be removed in GKE control plane versions 1.19 and newer. For a list of recommended authentication methods, see: https://cloud.google.com/kubernetes-engine/docs/how-to/api-server-authentication" }, "username": { "type": "string", "description": "The username to use for HTTP basic authentication to the master endpoint. For clusters v1.6.0 and later, basic authentication can be disabled by leaving username unspecified (or setting it to the empty string). Warning: basic authentication is deprecated, and will be removed in GKE control plane versions 1.19 and newer. For a list of recommended authentication methods, see: https://cloud.google.com/kubernetes-engine/docs/how-to/api-server-authentication" } }, "type": "object", "required": [ "clientCertificate", "clientCertificateConfig", "clientKey", "clusterCaCertificate", "password", "username" ] }, "google-native:container/v1:MasterAuthorizedNetworksConfig": { "description": "Configuration options for the master authorized networks feature. Enabled master authorized networks will disallow all external traffic to access Kubernetes master through HTTPS except traffic from the given CIDR blocks, Google Compute Engine Public IPs and Google Prod IPs.", "properties": { "cidrBlocks": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1:CidrBlock" }, "description": "cidr_blocks define up to 50 external networks that could access Kubernetes master through HTTPS." }, "enabled": { "type": "boolean", "description": "Whether or not master authorized networks is enabled." }, "gcpPublicCidrsAccessEnabled": { "type": "boolean", "description": "Whether master is accessbile via Google Compute Engine Public IP addresses." } }, "type": "object" }, "google-native:container/v1:MasterAuthorizedNetworksConfigResponse": { "description": "Configuration options for the master authorized networks feature. Enabled master authorized networks will disallow all external traffic to access Kubernetes master through HTTPS except traffic from the given CIDR blocks, Google Compute Engine Public IPs and Google Prod IPs.", "properties": { "cidrBlocks": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1:CidrBlockResponse" }, "description": "cidr_blocks define up to 50 external networks that could access Kubernetes master through HTTPS." }, "enabled": { "type": "boolean", "description": "Whether or not master authorized networks is enabled." }, "gcpPublicCidrsAccessEnabled": { "type": "boolean", "description": "Whether master is accessbile via Google Compute Engine Public IP addresses." } }, "type": "object", "required": [ "cidrBlocks", "enabled", "gcpPublicCidrsAccessEnabled" ] }, "google-native:container/v1:MaxPodsConstraint": { "description": "Constraints applied to pods.", "properties": { "maxPodsPerNode": { "type": "string", "description": "Constraint enforced on the max num of pods per node." } }, "type": "object" }, "google-native:container/v1:MaxPodsConstraintResponse": { "description": "Constraints applied to pods.", "properties": { "maxPodsPerNode": { "type": "string", "description": "Constraint enforced on the max num of pods per node." } }, "type": "object", "required": [ "maxPodsPerNode" ] }, "google-native:container/v1:MeshCertificates": { "description": "Configuration for issuance of mTLS keys and certificates to Kubernetes pods.", "properties": { "enableCertificates": { "type": "boolean", "description": "enable_certificates controls issuance of workload mTLS certificates. If set, the GKE Workload Identity Certificates controller and node agent will be deployed in the cluster, which can then be configured by creating a WorkloadCertificateConfig Custom Resource. Requires Workload Identity (workload_pool must be non-empty)." } }, "type": "object" }, "google-native:container/v1:MeshCertificatesResponse": { "description": "Configuration for issuance of mTLS keys and certificates to Kubernetes pods.", "properties": { "enableCertificates": { "type": "boolean", "description": "enable_certificates controls issuance of workload mTLS certificates. If set, the GKE Workload Identity Certificates controller and node agent will be deployed in the cluster, which can then be configured by creating a WorkloadCertificateConfig Custom Resource. Requires Workload Identity (workload_pool must be non-empty)." } }, "type": "object", "required": [ "enableCertificates" ] }, "google-native:container/v1:MonitoringComponentConfig": { "description": "MonitoringComponentConfig is cluster monitoring component configuration.", "properties": { "enableComponents": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1:MonitoringComponentConfigEnableComponentsItem" }, "description": "Select components to collect metrics. An empty set would disable all monitoring." } }, "type": "object" }, "google-native:container/v1:MonitoringComponentConfigEnableComponentsItem": { "type": "string", "enum": [ { "name": "ComponentUnspecified", "description": "Default value. This shouldn't be used.", "value": "COMPONENT_UNSPECIFIED" }, { "name": "SystemComponents", "description": "system components", "value": "SYSTEM_COMPONENTS" }, { "name": "Apiserver", "description": "kube-apiserver", "value": "APISERVER" }, { "name": "Scheduler", "description": "kube-scheduler", "value": "SCHEDULER" }, { "name": "ControllerManager", "description": "kube-controller-manager", "value": "CONTROLLER_MANAGER" }, { "name": "Storage", "description": "Storage", "value": "STORAGE" }, { "name": "Hpa", "description": "Horizontal Pod Autoscaling", "value": "HPA" }, { "name": "Pod", "description": "Pod", "value": "POD" }, { "name": "Daemonset", "description": "DaemonSet", "value": "DAEMONSET" }, { "name": "Deployment", "description": "Deployment", "value": "DEPLOYMENT" }, { "name": "Statefulset", "description": "Statefulset", "value": "STATEFULSET" } ] }, "google-native:container/v1:MonitoringComponentConfigResponse": { "description": "MonitoringComponentConfig is cluster monitoring component configuration.", "properties": { "enableComponents": { "type": "array", "items": { "type": "string" }, "description": "Select components to collect metrics. An empty set would disable all monitoring." } }, "type": "object", "required": [ "enableComponents" ] }, "google-native:container/v1:MonitoringConfig": { "description": "MonitoringConfig is cluster monitoring configuration.", "properties": { "advancedDatapathObservabilityConfig": { "$ref": "#/types/google-native:container%2Fv1:AdvancedDatapathObservabilityConfig", "description": "Configuration of Advanced Datapath Observability features." }, "componentConfig": { "$ref": "#/types/google-native:container%2Fv1:MonitoringComponentConfig", "description": "Monitoring components configuration" }, "managedPrometheusConfig": { "$ref": "#/types/google-native:container%2Fv1:ManagedPrometheusConfig", "description": "Enable Google Cloud Managed Service for Prometheus in the cluster." } }, "type": "object" }, "google-native:container/v1:MonitoringConfigResponse": { "description": "MonitoringConfig is cluster monitoring configuration.", "properties": { "advancedDatapathObservabilityConfig": { "$ref": "#/types/google-native:container%2Fv1:AdvancedDatapathObservabilityConfigResponse", "description": "Configuration of Advanced Datapath Observability features." }, "componentConfig": { "$ref": "#/types/google-native:container%2Fv1:MonitoringComponentConfigResponse", "description": "Monitoring components configuration" }, "managedPrometheusConfig": { "$ref": "#/types/google-native:container%2Fv1:ManagedPrometheusConfigResponse", "description": "Enable Google Cloud Managed Service for Prometheus in the cluster." } }, "type": "object", "required": [ "advancedDatapathObservabilityConfig", "componentConfig", "managedPrometheusConfig" ] }, "google-native:container/v1:NetworkConfig": { "description": "NetworkConfig reports the relative names of network & subnetwork.", "properties": { "datapathProvider": { "$ref": "#/types/google-native:container%2Fv1:NetworkConfigDatapathProvider", "description": "The desired datapath provider for this cluster. By default, uses the IPTables-based kube-proxy implementation." }, "defaultSnatStatus": { "$ref": "#/types/google-native:container%2Fv1:DefaultSnatStatus", "description": "Whether the cluster disables default in-node sNAT rules. In-node sNAT rules will be disabled when default_snat_status is disabled. When disabled is set to false, default IP masquerade rules will be applied to the nodes to prevent sNAT on cluster internal traffic." }, "dnsConfig": { "$ref": "#/types/google-native:container%2Fv1:DNSConfig", "description": "DNSConfig contains clusterDNS config for this cluster." }, "enableFqdnNetworkPolicy": { "type": "boolean", "description": "Whether FQDN Network Policy is enabled on this cluster." }, "enableIntraNodeVisibility": { "type": "boolean", "description": "Whether Intra-node visibility is enabled for this cluster. This makes same node pod to pod traffic visible for VPC network." }, "enableL4ilbSubsetting": { "type": "boolean", "description": "Whether L4ILB Subsetting is enabled for this cluster." }, "enableMultiNetworking": { "type": "boolean", "description": "Whether multi-networking is enabled for this cluster." }, "gatewayApiConfig": { "$ref": "#/types/google-native:container%2Fv1:GatewayAPIConfig", "description": "GatewayAPIConfig contains the desired config of Gateway API on this cluster." }, "networkPerformanceConfig": { "$ref": "#/types/google-native:container%2Fv1:ClusterNetworkPerformanceConfig", "description": "Network bandwidth tier configuration." }, "privateIpv6GoogleAccess": { "$ref": "#/types/google-native:container%2Fv1:NetworkConfigPrivateIpv6GoogleAccess", "description": "The desired state of IPv6 connectivity to Google Services. By default, no private IPv6 access to or from Google Services (all access will be via IPv4)" }, "serviceExternalIpsConfig": { "$ref": "#/types/google-native:container%2Fv1:ServiceExternalIPsConfig", "description": "ServiceExternalIPsConfig specifies if services with externalIPs field are blocked or not." } }, "type": "object" }, "google-native:container/v1:NetworkConfigDatapathProvider": { "description": "The desired datapath provider for this cluster. By default, uses the IPTables-based kube-proxy implementation.", "type": "string", "enum": [ { "name": "DatapathProviderUnspecified", "description": "Default value.", "value": "DATAPATH_PROVIDER_UNSPECIFIED" }, { "name": "LegacyDatapath", "description": "Use the IPTables implementation based on kube-proxy.", "value": "LEGACY_DATAPATH" }, { "name": "AdvancedDatapath", "description": "Use the eBPF based GKE Dataplane V2 with additional features. See the [GKE Dataplane V2 documentation](https://cloud.google.com/kubernetes-engine/docs/how-to/dataplane-v2) for more.", "value": "ADVANCED_DATAPATH" } ] }, "google-native:container/v1:NetworkConfigPrivateIpv6GoogleAccess": { "description": "The desired state of IPv6 connectivity to Google Services. By default, no private IPv6 access to or from Google Services (all access will be via IPv4)", "type": "string", "enum": [ { "name": "PrivateIpv6GoogleAccessUnspecified", "description": "Default value. Same as DISABLED", "value": "PRIVATE_IPV6_GOOGLE_ACCESS_UNSPECIFIED" }, { "name": "PrivateIpv6GoogleAccessDisabled", "description": "No private access to or from Google Services", "value": "PRIVATE_IPV6_GOOGLE_ACCESS_DISABLED" }, { "name": "PrivateIpv6GoogleAccessToGoogle", "description": "Enables private IPv6 access to Google Services from GKE", "value": "PRIVATE_IPV6_GOOGLE_ACCESS_TO_GOOGLE" }, { "name": "PrivateIpv6GoogleAccessBidirectional", "description": "Enables private IPv6 access to and from Google Services", "value": "PRIVATE_IPV6_GOOGLE_ACCESS_BIDIRECTIONAL" } ] }, "google-native:container/v1:NetworkConfigResponse": { "description": "NetworkConfig reports the relative names of network & subnetwork.", "properties": { "datapathProvider": { "type": "string", "description": "The desired datapath provider for this cluster. By default, uses the IPTables-based kube-proxy implementation." }, "defaultSnatStatus": { "$ref": "#/types/google-native:container%2Fv1:DefaultSnatStatusResponse", "description": "Whether the cluster disables default in-node sNAT rules. In-node sNAT rules will be disabled when default_snat_status is disabled. When disabled is set to false, default IP masquerade rules will be applied to the nodes to prevent sNAT on cluster internal traffic." }, "dnsConfig": { "$ref": "#/types/google-native:container%2Fv1:DNSConfigResponse", "description": "DNSConfig contains clusterDNS config for this cluster." }, "enableFqdnNetworkPolicy": { "type": "boolean", "description": "Whether FQDN Network Policy is enabled on this cluster." }, "enableIntraNodeVisibility": { "type": "boolean", "description": "Whether Intra-node visibility is enabled for this cluster. This makes same node pod to pod traffic visible for VPC network." }, "enableL4ilbSubsetting": { "type": "boolean", "description": "Whether L4ILB Subsetting is enabled for this cluster." }, "enableMultiNetworking": { "type": "boolean", "description": "Whether multi-networking is enabled for this cluster." }, "gatewayApiConfig": { "$ref": "#/types/google-native:container%2Fv1:GatewayAPIConfigResponse", "description": "GatewayAPIConfig contains the desired config of Gateway API on this cluster." }, "network": { "type": "string", "description": "The relative name of the Google Compute Engine network(https://cloud.google.com/compute/docs/networks-and-firewalls#networks) to which the cluster is connected. Example: projects/my-project/global/networks/my-network" }, "networkPerformanceConfig": { "$ref": "#/types/google-native:container%2Fv1:ClusterNetworkPerformanceConfigResponse", "description": "Network bandwidth tier configuration." }, "privateIpv6GoogleAccess": { "type": "string", "description": "The desired state of IPv6 connectivity to Google Services. By default, no private IPv6 access to or from Google Services (all access will be via IPv4)" }, "serviceExternalIpsConfig": { "$ref": "#/types/google-native:container%2Fv1:ServiceExternalIPsConfigResponse", "description": "ServiceExternalIPsConfig specifies if services with externalIPs field are blocked or not." }, "subnetwork": { "type": "string", "description": "The relative name of the Google Compute Engine [subnetwork](https://cloud.google.com/compute/docs/vpc) to which the cluster is connected. Example: projects/my-project/regions/us-central1/subnetworks/my-subnet" } }, "type": "object", "required": [ "datapathProvider", "defaultSnatStatus", "dnsConfig", "enableFqdnNetworkPolicy", "enableIntraNodeVisibility", "enableL4ilbSubsetting", "enableMultiNetworking", "gatewayApiConfig", "network", "networkPerformanceConfig", "privateIpv6GoogleAccess", "serviceExternalIpsConfig", "subnetwork" ] }, "google-native:container/v1:NetworkPerformanceConfig": { "description": "Configuration of all network bandwidth tiers", "properties": { "totalEgressBandwidthTier": { "$ref": "#/types/google-native:container%2Fv1:NetworkPerformanceConfigTotalEgressBandwidthTier", "description": "Specifies the total network bandwidth tier for the NodePool." } }, "type": "object" }, "google-native:container/v1:NetworkPerformanceConfigResponse": { "description": "Configuration of all network bandwidth tiers", "properties": { "totalEgressBandwidthTier": { "type": "string", "description": "Specifies the total network bandwidth tier for the NodePool." } }, "type": "object", "required": [ "totalEgressBandwidthTier" ] }, "google-native:container/v1:NetworkPerformanceConfigTotalEgressBandwidthTier": { "description": "Specifies the total network bandwidth tier for the NodePool.", "type": "string", "enum": [ { "name": "TierUnspecified", "description": "Default value", "value": "TIER_UNSPECIFIED" }, { "name": "Tier1", "description": "Higher bandwidth, actual values based on VM size.", "value": "TIER_1" } ] }, "google-native:container/v1:NetworkPolicy": { "description": "Configuration options for the NetworkPolicy feature. https://kubernetes.io/docs/concepts/services-networking/networkpolicies/", "properties": { "enabled": { "type": "boolean", "description": "Whether network policy is enabled on the cluster." }, "provider": { "$ref": "#/types/google-native:container%2Fv1:NetworkPolicyProvider", "description": "The selected network policy provider." } }, "type": "object" }, "google-native:container/v1:NetworkPolicyConfig": { "description": "Configuration for NetworkPolicy. This only tracks whether the addon is enabled or not on the Master, it does not track whether network policy is enabled for the nodes.", "properties": { "disabled": { "type": "boolean", "description": "Whether NetworkPolicy is enabled for this cluster." } }, "type": "object" }, "google-native:container/v1:NetworkPolicyConfigResponse": { "description": "Configuration for NetworkPolicy. This only tracks whether the addon is enabled or not on the Master, it does not track whether network policy is enabled for the nodes.", "properties": { "disabled": { "type": "boolean", "description": "Whether NetworkPolicy is enabled for this cluster." } }, "type": "object", "required": [ "disabled" ] }, "google-native:container/v1:NetworkPolicyProvider": { "description": "The selected network policy provider.", "type": "string", "enum": [ { "name": "ProviderUnspecified", "description": "Not set", "value": "PROVIDER_UNSPECIFIED" }, { "name": "Calico", "description": "Tigera (Calico Felix).", "value": "CALICO" } ] }, "google-native:container/v1:NetworkPolicyResponse": { "description": "Configuration options for the NetworkPolicy feature. https://kubernetes.io/docs/concepts/services-networking/networkpolicies/", "properties": { "enabled": { "type": "boolean", "description": "Whether network policy is enabled on the cluster." }, "provider": { "type": "string", "description": "The selected network policy provider." } }, "type": "object", "required": [ "enabled", "provider" ] }, "google-native:container/v1:NetworkTags": { "description": "Collection of Compute Engine network tags that can be applied to a node's underlying VM instance.", "properties": { "tags": { "type": "array", "items": { "type": "string" }, "description": "List of network tags." } }, "type": "object" }, "google-native:container/v1:NetworkTagsResponse": { "description": "Collection of Compute Engine network tags that can be applied to a node's underlying VM instance.", "properties": { "tags": { "type": "array", "items": { "type": "string" }, "description": "List of network tags." } }, "type": "object", "required": [ "tags" ] }, "google-native:container/v1:NodeAffinity": { "description": "Specifies the NodeAffinity key, values, and affinity operator according to [shared sole tenant node group affinities](https://cloud.google.com/compute/docs/nodes/sole-tenant-nodes#node_affinity_and_anti-affinity).", "properties": { "key": { "type": "string", "description": "Key for NodeAffinity." }, "operator": { "$ref": "#/types/google-native:container%2Fv1:NodeAffinityOperator", "description": "Operator for NodeAffinity." }, "values": { "type": "array", "items": { "type": "string" }, "description": "Values for NodeAffinity." } }, "type": "object" }, "google-native:container/v1:NodeAffinityOperator": { "description": "Operator for NodeAffinity.", "type": "string", "enum": [ { "name": "OperatorUnspecified", "description": "Invalid or unspecified affinity operator.", "value": "OPERATOR_UNSPECIFIED" }, { "name": "In", "description": "Affinity operator.", "value": "IN" }, { "name": "NotIn", "description": "Anti-affinity operator.", "value": "NOT_IN" } ] }, "google-native:container/v1:NodeAffinityResponse": { "description": "Specifies the NodeAffinity key, values, and affinity operator according to [shared sole tenant node group affinities](https://cloud.google.com/compute/docs/nodes/sole-tenant-nodes#node_affinity_and_anti-affinity).", "properties": { "key": { "type": "string", "description": "Key for NodeAffinity." }, "operator": { "type": "string", "description": "Operator for NodeAffinity." }, "values": { "type": "array", "items": { "type": "string" }, "description": "Values for NodeAffinity." } }, "type": "object", "required": [ "key", "operator", "values" ] }, "google-native:container/v1:NodeConfig": { "description": "Parameters that describe the nodes in a cluster. GKE Autopilot clusters do not recognize parameters in `NodeConfig`. Use AutoprovisioningNodePoolDefaults instead.", "properties": { "accelerators": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1:AcceleratorConfig" }, "description": "A list of hardware accelerators to be attached to each node. See https://cloud.google.com/compute/docs/gpus for more information about support for GPUs." }, "advancedMachineFeatures": { "$ref": "#/types/google-native:container%2Fv1:AdvancedMachineFeatures", "description": "Advanced features for the Compute Engine VM." }, "bootDiskKmsKey": { "type": "string", "description": " The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption" }, "confidentialNodes": { "$ref": "#/types/google-native:container%2Fv1:ConfidentialNodes", "description": "Confidential nodes config. All the nodes in the node pool will be Confidential VM once enabled." }, "diskSizeGb": { "type": "integer", "description": "Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. If unspecified, the default disk size is 100GB." }, "diskType": { "type": "string", "description": "Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced') If unspecified, the default disk type is 'pd-standard'" }, "ephemeralStorageLocalSsdConfig": { "$ref": "#/types/google-native:container%2Fv1:EphemeralStorageLocalSsdConfig", "description": "Parameters for the node ephemeral storage using Local SSDs. If unspecified, ephemeral storage is backed by the boot disk." }, "fastSocket": { "$ref": "#/types/google-native:container%2Fv1:FastSocket", "description": "Enable or disable NCCL fast socket for the node pool." }, "gcfsConfig": { "$ref": "#/types/google-native:container%2Fv1:GcfsConfig", "description": "Google Container File System (image streaming) configs." }, "gvnic": { "$ref": "#/types/google-native:container%2Fv1:VirtualNIC", "description": "Enable or disable gvnic in the node pool." }, "imageType": { "type": "string", "description": "The image type to use for this node. Note that for a given image type, the latest version of it will be used. Please see https://cloud.google.com/kubernetes-engine/docs/concepts/node-images for available image types." }, "kubeletConfig": { "$ref": "#/types/google-native:container%2Fv1:NodeKubeletConfig", "description": "Node kubelet configs." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of Kubernetes labels (key/value pairs) to be applied to each node. These will added in addition to any default label(s) that Kubernetes may apply to the node. In case of conflict in label keys, the applied set may differ depending on the Kubernetes version -- it's best to assume the behavior is undefined and conflicts should be avoided. For more information, including usage and the valid values, see: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/" }, "linuxNodeConfig": { "$ref": "#/types/google-native:container%2Fv1:LinuxNodeConfig", "description": "Parameters that can be configured on Linux nodes." }, "localNvmeSsdBlockConfig": { "$ref": "#/types/google-native:container%2Fv1:LocalNvmeSsdBlockConfig", "description": "Parameters for using raw-block Local NVMe SSDs." }, "localSsdCount": { "type": "integer", "description": "The number of local SSD disks to be attached to the node. The limit for this value is dependent upon the maximum number of disks available on a machine per zone. See: https://cloud.google.com/compute/docs/disks/local-ssd for more information." }, "loggingConfig": { "$ref": "#/types/google-native:container%2Fv1:NodePoolLoggingConfig", "description": "Logging configuration." }, "machineType": { "type": "string", "description": "The name of a Google Compute Engine [machine type](https://cloud.google.com/compute/docs/machine-types) If unspecified, the default machine type is `e2-medium`." }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The metadata key/value pairs assigned to instances in the cluster. Keys must conform to the regexp `[a-zA-Z0-9-_]+` and be less than 128 bytes in length. These are reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project or be one of the reserved keys: - \"cluster-location\" - \"cluster-name\" - \"cluster-uid\" - \"configure-sh\" - \"containerd-configure-sh\" - \"enable-os-login\" - \"gci-ensure-gke-docker\" - \"gci-metrics-enabled\" - \"gci-update-strategy\" - \"instance-template\" - \"kube-env\" - \"startup-script\" - \"user-data\" - \"disable-address-manager\" - \"windows-startup-script-ps1\" - \"common-psm1\" - \"k8s-node-setup-psm1\" - \"install-ssh-psm1\" - \"user-profile-psm1\" Values are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on them is that each value's size must be less than or equal to 32 KB. The total size of all keys and values must be less than 512 KB." }, "minCpuPlatform": { "type": "string", "description": "Minimum CPU platform to be used by this instance. The instance may be scheduled on the specified or newer CPU platform. Applicable values are the friendly names of CPU platforms, such as `minCpuPlatform: \"Intel Haswell\"` or `minCpuPlatform: \"Intel Sandy Bridge\"`. For more information, read [how to specify min CPU platform](https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform)" }, "nodeGroup": { "type": "string", "description": "Setting this field will assign instances of this pool to run on the specified node group. This is useful for running workloads on [sole tenant nodes](https://cloud.google.com/compute/docs/nodes/sole-tenant-nodes)." }, "oauthScopes": { "type": "array", "items": { "type": "string" }, "description": "The set of Google API scopes to be made available on all of the node VMs under the \"default\" service account. The following scopes are recommended, but not required, and by default are not included: * `https://www.googleapis.com/auth/compute` is required for mounting persistent storage on your nodes. * `https://www.googleapis.com/auth/devstorage.read_only` is required for communicating with **gcr.io** (the [Google Container Registry](https://cloud.google.com/container-registry/)). If unspecified, no scopes are added, unless Cloud Logging or Cloud Monitoring are enabled, in which case their required scopes will be added." }, "preemptible": { "type": "boolean", "description": "Whether the nodes are created as preemptible VM instances. See: https://cloud.google.com/compute/docs/instances/preemptible for more information about preemptible VM instances." }, "reservationAffinity": { "$ref": "#/types/google-native:container%2Fv1:ReservationAffinity", "description": "The optional reservation affinity. Setting this field will apply the specified [Zonal Compute Reservation](https://cloud.google.com/compute/docs/instances/reserving-zonal-resources) to this node pool." }, "resourceLabels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The resource labels for the node pool to use to annotate any related Google Compute Engine resources." }, "resourceManagerTags": { "$ref": "#/types/google-native:container%2Fv1:ResourceManagerTags", "description": "A map of resource manager tag keys and values to be attached to the nodes." }, "sandboxConfig": { "$ref": "#/types/google-native:container%2Fv1:SandboxConfig", "description": "Sandbox configuration for this node." }, "serviceAccount": { "type": "string", "description": "The Google Cloud Platform Service Account to be used by the node VMs. Specify the email address of the Service Account; otherwise, if no Service Account is specified, the \"default\" service account is used." }, "shieldedInstanceConfig": { "$ref": "#/types/google-native:container%2Fv1:ShieldedInstanceConfig", "description": "Shielded Instance options." }, "soleTenantConfig": { "$ref": "#/types/google-native:container%2Fv1:SoleTenantConfig", "description": "Parameters for node pools to be backed by shared sole tenant node groups." }, "spot": { "type": "boolean", "description": "Spot flag for enabling Spot VM, which is a rebrand of the existing preemptible flag." }, "tags": { "type": "array", "items": { "type": "string" }, "description": "The list of instance tags applied to all nodes. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during cluster or node pool creation. Each tag within the list must comply with RFC1035." }, "taints": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1:NodeTaint" }, "description": "List of kubernetes taints to be applied to each node. For more information, including usage and the valid values, see: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/" }, "windowsNodeConfig": { "$ref": "#/types/google-native:container%2Fv1:WindowsNodeConfig", "description": "Parameters that can be configured on Windows nodes." }, "workloadMetadataConfig": { "$ref": "#/types/google-native:container%2Fv1:WorkloadMetadataConfig", "description": "The workload metadata configuration for this node." } }, "type": "object" }, "google-native:container/v1:NodeConfigDefaults": { "description": "Subset of NodeConfig message that has defaults.", "properties": { "gcfsConfig": { "$ref": "#/types/google-native:container%2Fv1:GcfsConfig", "description": "GCFS (Google Container File System, also known as Riptide) options." }, "loggingConfig": { "$ref": "#/types/google-native:container%2Fv1:NodePoolLoggingConfig", "description": "Logging configuration for node pools." } }, "type": "object" }, "google-native:container/v1:NodeConfigDefaultsResponse": { "description": "Subset of NodeConfig message that has defaults.", "properties": { "gcfsConfig": { "$ref": "#/types/google-native:container%2Fv1:GcfsConfigResponse", "description": "GCFS (Google Container File System, also known as Riptide) options." }, "loggingConfig": { "$ref": "#/types/google-native:container%2Fv1:NodePoolLoggingConfigResponse", "description": "Logging configuration for node pools." } }, "type": "object", "required": [ "gcfsConfig", "loggingConfig" ] }, "google-native:container/v1:NodeConfigResponse": { "description": "Parameters that describe the nodes in a cluster. GKE Autopilot clusters do not recognize parameters in `NodeConfig`. Use AutoprovisioningNodePoolDefaults instead.", "properties": { "accelerators": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1:AcceleratorConfigResponse" }, "description": "A list of hardware accelerators to be attached to each node. See https://cloud.google.com/compute/docs/gpus for more information about support for GPUs." }, "advancedMachineFeatures": { "$ref": "#/types/google-native:container%2Fv1:AdvancedMachineFeaturesResponse", "description": "Advanced features for the Compute Engine VM." }, "bootDiskKmsKey": { "type": "string", "description": " The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption" }, "confidentialNodes": { "$ref": "#/types/google-native:container%2Fv1:ConfidentialNodesResponse", "description": "Confidential nodes config. All the nodes in the node pool will be Confidential VM once enabled." }, "diskSizeGb": { "type": "integer", "description": "Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. If unspecified, the default disk size is 100GB." }, "diskType": { "type": "string", "description": "Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced') If unspecified, the default disk type is 'pd-standard'" }, "ephemeralStorageLocalSsdConfig": { "$ref": "#/types/google-native:container%2Fv1:EphemeralStorageLocalSsdConfigResponse", "description": "Parameters for the node ephemeral storage using Local SSDs. If unspecified, ephemeral storage is backed by the boot disk." }, "fastSocket": { "$ref": "#/types/google-native:container%2Fv1:FastSocketResponse", "description": "Enable or disable NCCL fast socket for the node pool." }, "gcfsConfig": { "$ref": "#/types/google-native:container%2Fv1:GcfsConfigResponse", "description": "Google Container File System (image streaming) configs." }, "gvnic": { "$ref": "#/types/google-native:container%2Fv1:VirtualNICResponse", "description": "Enable or disable gvnic in the node pool." }, "imageType": { "type": "string", "description": "The image type to use for this node. Note that for a given image type, the latest version of it will be used. Please see https://cloud.google.com/kubernetes-engine/docs/concepts/node-images for available image types." }, "kubeletConfig": { "$ref": "#/types/google-native:container%2Fv1:NodeKubeletConfigResponse", "description": "Node kubelet configs." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of Kubernetes labels (key/value pairs) to be applied to each node. These will added in addition to any default label(s) that Kubernetes may apply to the node. In case of conflict in label keys, the applied set may differ depending on the Kubernetes version -- it's best to assume the behavior is undefined and conflicts should be avoided. For more information, including usage and the valid values, see: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/" }, "linuxNodeConfig": { "$ref": "#/types/google-native:container%2Fv1:LinuxNodeConfigResponse", "description": "Parameters that can be configured on Linux nodes." }, "localNvmeSsdBlockConfig": { "$ref": "#/types/google-native:container%2Fv1:LocalNvmeSsdBlockConfigResponse", "description": "Parameters for using raw-block Local NVMe SSDs." }, "localSsdCount": { "type": "integer", "description": "The number of local SSD disks to be attached to the node. The limit for this value is dependent upon the maximum number of disks available on a machine per zone. See: https://cloud.google.com/compute/docs/disks/local-ssd for more information." }, "loggingConfig": { "$ref": "#/types/google-native:container%2Fv1:NodePoolLoggingConfigResponse", "description": "Logging configuration." }, "machineType": { "type": "string", "description": "The name of a Google Compute Engine [machine type](https://cloud.google.com/compute/docs/machine-types) If unspecified, the default machine type is `e2-medium`." }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The metadata key/value pairs assigned to instances in the cluster. Keys must conform to the regexp `[a-zA-Z0-9-_]+` and be less than 128 bytes in length. These are reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project or be one of the reserved keys: - \"cluster-location\" - \"cluster-name\" - \"cluster-uid\" - \"configure-sh\" - \"containerd-configure-sh\" - \"enable-os-login\" - \"gci-ensure-gke-docker\" - \"gci-metrics-enabled\" - \"gci-update-strategy\" - \"instance-template\" - \"kube-env\" - \"startup-script\" - \"user-data\" - \"disable-address-manager\" - \"windows-startup-script-ps1\" - \"common-psm1\" - \"k8s-node-setup-psm1\" - \"install-ssh-psm1\" - \"user-profile-psm1\" Values are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on them is that each value's size must be less than or equal to 32 KB. The total size of all keys and values must be less than 512 KB." }, "minCpuPlatform": { "type": "string", "description": "Minimum CPU platform to be used by this instance. The instance may be scheduled on the specified or newer CPU platform. Applicable values are the friendly names of CPU platforms, such as `minCpuPlatform: \"Intel Haswell\"` or `minCpuPlatform: \"Intel Sandy Bridge\"`. For more information, read [how to specify min CPU platform](https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform)" }, "nodeGroup": { "type": "string", "description": "Setting this field will assign instances of this pool to run on the specified node group. This is useful for running workloads on [sole tenant nodes](https://cloud.google.com/compute/docs/nodes/sole-tenant-nodes)." }, "oauthScopes": { "type": "array", "items": { "type": "string" }, "description": "The set of Google API scopes to be made available on all of the node VMs under the \"default\" service account. The following scopes are recommended, but not required, and by default are not included: * `https://www.googleapis.com/auth/compute` is required for mounting persistent storage on your nodes. * `https://www.googleapis.com/auth/devstorage.read_only` is required for communicating with **gcr.io** (the [Google Container Registry](https://cloud.google.com/container-registry/)). If unspecified, no scopes are added, unless Cloud Logging or Cloud Monitoring are enabled, in which case their required scopes will be added." }, "preemptible": { "type": "boolean", "description": "Whether the nodes are created as preemptible VM instances. See: https://cloud.google.com/compute/docs/instances/preemptible for more information about preemptible VM instances." }, "reservationAffinity": { "$ref": "#/types/google-native:container%2Fv1:ReservationAffinityResponse", "description": "The optional reservation affinity. Setting this field will apply the specified [Zonal Compute Reservation](https://cloud.google.com/compute/docs/instances/reserving-zonal-resources) to this node pool." }, "resourceLabels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The resource labels for the node pool to use to annotate any related Google Compute Engine resources." }, "resourceManagerTags": { "$ref": "#/types/google-native:container%2Fv1:ResourceManagerTagsResponse", "description": "A map of resource manager tag keys and values to be attached to the nodes." }, "sandboxConfig": { "$ref": "#/types/google-native:container%2Fv1:SandboxConfigResponse", "description": "Sandbox configuration for this node." }, "serviceAccount": { "type": "string", "description": "The Google Cloud Platform Service Account to be used by the node VMs. Specify the email address of the Service Account; otherwise, if no Service Account is specified, the \"default\" service account is used." }, "shieldedInstanceConfig": { "$ref": "#/types/google-native:container%2Fv1:ShieldedInstanceConfigResponse", "description": "Shielded Instance options." }, "soleTenantConfig": { "$ref": "#/types/google-native:container%2Fv1:SoleTenantConfigResponse", "description": "Parameters for node pools to be backed by shared sole tenant node groups." }, "spot": { "type": "boolean", "description": "Spot flag for enabling Spot VM, which is a rebrand of the existing preemptible flag." }, "tags": { "type": "array", "items": { "type": "string" }, "description": "The list of instance tags applied to all nodes. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during cluster or node pool creation. Each tag within the list must comply with RFC1035." }, "taints": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1:NodeTaintResponse" }, "description": "List of kubernetes taints to be applied to each node. For more information, including usage and the valid values, see: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/" }, "windowsNodeConfig": { "$ref": "#/types/google-native:container%2Fv1:WindowsNodeConfigResponse", "description": "Parameters that can be configured on Windows nodes." }, "workloadMetadataConfig": { "$ref": "#/types/google-native:container%2Fv1:WorkloadMetadataConfigResponse", "description": "The workload metadata configuration for this node." } }, "type": "object", "required": [ "accelerators", "advancedMachineFeatures", "bootDiskKmsKey", "confidentialNodes", "diskSizeGb", "diskType", "ephemeralStorageLocalSsdConfig", "fastSocket", "gcfsConfig", "gvnic", "imageType", "kubeletConfig", "labels", "linuxNodeConfig", "localNvmeSsdBlockConfig", "localSsdCount", "loggingConfig", "machineType", "metadata", "minCpuPlatform", "nodeGroup", "oauthScopes", "preemptible", "reservationAffinity", "resourceLabels", "resourceManagerTags", "sandboxConfig", "serviceAccount", "shieldedInstanceConfig", "soleTenantConfig", "spot", "tags", "taints", "windowsNodeConfig", "workloadMetadataConfig" ] }, "google-native:container/v1:NodeKubeletConfig": { "description": "Node kubelet configs.", "properties": { "cpuCfsQuota": { "type": "boolean", "description": "Enable CPU CFS quota enforcement for containers that specify CPU limits. This option is enabled by default which makes kubelet use CFS quota (https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt) to enforce container CPU limits. Otherwise, CPU limits will not be enforced at all. Disable this option to mitigate CPU throttling problems while still having your pods to be in Guaranteed QoS class by specifying the CPU limits. The default value is 'true' if unspecified." }, "cpuCfsQuotaPeriod": { "type": "string", "description": "Set the CPU CFS quota period value 'cpu.cfs_period_us'. The string must be a sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\". The value must be a positive duration." }, "cpuManagerPolicy": { "type": "string", "description": "Control the CPU management policy on the node. See https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/ The following values are allowed. * \"none\": the default, which represents the existing scheduling behavior. * \"static\": allows pods with certain resource characteristics to be granted increased CPU affinity and exclusivity on the node. The default value is 'none' if unspecified." }, "insecureKubeletReadonlyPortEnabled": { "type": "boolean", "description": "Enable or disable Kubelet read only port." }, "podPidsLimit": { "type": "string", "description": "Set the Pod PID limits. See https://kubernetes.io/docs/concepts/policy/pid-limiting/#pod-pid-limits Controls the maximum number of processes allowed to run in a pod. The value must be greater than or equal to 1024 and less than 4194304." } }, "type": "object" }, "google-native:container/v1:NodeKubeletConfigResponse": { "description": "Node kubelet configs.", "properties": { "cpuCfsQuota": { "type": "boolean", "description": "Enable CPU CFS quota enforcement for containers that specify CPU limits. This option is enabled by default which makes kubelet use CFS quota (https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt) to enforce container CPU limits. Otherwise, CPU limits will not be enforced at all. Disable this option to mitigate CPU throttling problems while still having your pods to be in Guaranteed QoS class by specifying the CPU limits. The default value is 'true' if unspecified." }, "cpuCfsQuotaPeriod": { "type": "string", "description": "Set the CPU CFS quota period value 'cpu.cfs_period_us'. The string must be a sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\". The value must be a positive duration." }, "cpuManagerPolicy": { "type": "string", "description": "Control the CPU management policy on the node. See https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/ The following values are allowed. * \"none\": the default, which represents the existing scheduling behavior. * \"static\": allows pods with certain resource characteristics to be granted increased CPU affinity and exclusivity on the node. The default value is 'none' if unspecified." }, "insecureKubeletReadonlyPortEnabled": { "type": "boolean", "description": "Enable or disable Kubelet read only port." }, "podPidsLimit": { "type": "string", "description": "Set the Pod PID limits. See https://kubernetes.io/docs/concepts/policy/pid-limiting/#pod-pid-limits Controls the maximum number of processes allowed to run in a pod. The value must be greater than or equal to 1024 and less than 4194304." } }, "type": "object", "required": [ "cpuCfsQuota", "cpuCfsQuotaPeriod", "cpuManagerPolicy", "insecureKubeletReadonlyPortEnabled", "podPidsLimit" ] }, "google-native:container/v1:NodeLabels": { "description": "Collection of node-level [Kubernetes labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels).", "properties": { "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of node label keys and node label values." } }, "type": "object" }, "google-native:container/v1:NodeManagement": { "description": "NodeManagement defines the set of node management services turned on for the node pool.", "properties": { "autoRepair": { "type": "boolean", "description": "A flag that specifies whether the node auto-repair is enabled for the node pool. If enabled, the nodes in this node pool will be monitored and, if they fail health checks too many times, an automatic repair action will be triggered." }, "autoUpgrade": { "type": "boolean", "description": "A flag that specifies whether node auto-upgrade is enabled for the node pool. If enabled, node auto-upgrade helps keep the nodes in your node pool up to date with the latest release version of Kubernetes." }, "upgradeOptions": { "$ref": "#/types/google-native:container%2Fv1:AutoUpgradeOptions", "description": "Specifies the Auto Upgrade knobs for the node pool." } }, "type": "object" }, "google-native:container/v1:NodeManagementResponse": { "description": "NodeManagement defines the set of node management services turned on for the node pool.", "properties": { "autoRepair": { "type": "boolean", "description": "A flag that specifies whether the node auto-repair is enabled for the node pool. If enabled, the nodes in this node pool will be monitored and, if they fail health checks too many times, an automatic repair action will be triggered." }, "autoUpgrade": { "type": "boolean", "description": "A flag that specifies whether node auto-upgrade is enabled for the node pool. If enabled, node auto-upgrade helps keep the nodes in your node pool up to date with the latest release version of Kubernetes." }, "upgradeOptions": { "$ref": "#/types/google-native:container%2Fv1:AutoUpgradeOptionsResponse", "description": "Specifies the Auto Upgrade knobs for the node pool." } }, "type": "object", "required": [ "autoRepair", "autoUpgrade", "upgradeOptions" ] }, "google-native:container/v1:NodeNetworkConfig": { "description": "Parameters for node pool-level network config.", "properties": { "additionalNodeNetworkConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1:AdditionalNodeNetworkConfig" }, "description": "We specify the additional node networks for this node pool using this list. Each node network corresponds to an additional interface" }, "additionalPodNetworkConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1:AdditionalPodNetworkConfig" }, "description": "We specify the additional pod networks for this node pool using this list. Each pod network corresponds to an additional alias IP range for the node" }, "createPodRange": { "type": "boolean", "description": "Input only. Whether to create a new range for pod IPs in this node pool. Defaults are provided for `pod_range` and `pod_ipv4_cidr_block` if they are not specified. If neither `create_pod_range` or `pod_range` are specified, the cluster-level default (`ip_allocation_policy.cluster_ipv4_cidr_block`) is used. Only applicable if `ip_allocation_policy.use_ip_aliases` is true. This field cannot be changed after the node pool has been created." }, "enablePrivateNodes": { "type": "boolean", "description": "Whether nodes have internal IP addresses only. If enable_private_nodes is not specified, then the value is derived from cluster.privateClusterConfig.enablePrivateNodes" }, "networkPerformanceConfig": { "$ref": "#/types/google-native:container%2Fv1:NetworkPerformanceConfig", "description": "Network bandwidth tier configuration." }, "podCidrOverprovisionConfig": { "$ref": "#/types/google-native:container%2Fv1:PodCIDROverprovisionConfig", "description": "[PRIVATE FIELD] Pod CIDR size overprovisioning config for the nodepool. Pod CIDR size per node depends on max_pods_per_node. By default, the value of max_pods_per_node is rounded off to next power of 2 and we then double that to get the size of pod CIDR block per node. Example: max_pods_per_node of 30 would result in 64 IPs (/26). This config can disable the doubling of IPs (we still round off to next power of 2) Example: max_pods_per_node of 30 will result in 32 IPs (/27) when overprovisioning is disabled." }, "podIpv4CidrBlock": { "type": "string", "description": "The IP address range for pod IPs in this node pool. Only applicable if `create_pod_range` is true. Set to blank to have a range chosen with the default size. Set to /netmask (e.g. `/14`) to have a range chosen with a specific netmask. Set to a [CIDR](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`) to pick a specific range to use. Only applicable if `ip_allocation_policy.use_ip_aliases` is true. This field cannot be changed after the node pool has been created." }, "podRange": { "type": "string", "description": "The ID of the secondary range for pod IPs. If `create_pod_range` is true, this ID is used for the new range. If `create_pod_range` is false, uses an existing secondary range with this ID. Only applicable if `ip_allocation_policy.use_ip_aliases` is true. This field cannot be changed after the node pool has been created." } }, "type": "object" }, "google-native:container/v1:NodeNetworkConfigResponse": { "description": "Parameters for node pool-level network config.", "properties": { "additionalNodeNetworkConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1:AdditionalNodeNetworkConfigResponse" }, "description": "We specify the additional node networks for this node pool using this list. Each node network corresponds to an additional interface" }, "additionalPodNetworkConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1:AdditionalPodNetworkConfigResponse" }, "description": "We specify the additional pod networks for this node pool using this list. Each pod network corresponds to an additional alias IP range for the node" }, "createPodRange": { "type": "boolean", "description": "Input only. Whether to create a new range for pod IPs in this node pool. Defaults are provided for `pod_range` and `pod_ipv4_cidr_block` if they are not specified. If neither `create_pod_range` or `pod_range` are specified, the cluster-level default (`ip_allocation_policy.cluster_ipv4_cidr_block`) is used. Only applicable if `ip_allocation_policy.use_ip_aliases` is true. This field cannot be changed after the node pool has been created." }, "enablePrivateNodes": { "type": "boolean", "description": "Whether nodes have internal IP addresses only. If enable_private_nodes is not specified, then the value is derived from cluster.privateClusterConfig.enablePrivateNodes" }, "networkPerformanceConfig": { "$ref": "#/types/google-native:container%2Fv1:NetworkPerformanceConfigResponse", "description": "Network bandwidth tier configuration." }, "podCidrOverprovisionConfig": { "$ref": "#/types/google-native:container%2Fv1:PodCIDROverprovisionConfigResponse", "description": "[PRIVATE FIELD] Pod CIDR size overprovisioning config for the nodepool. Pod CIDR size per node depends on max_pods_per_node. By default, the value of max_pods_per_node is rounded off to next power of 2 and we then double that to get the size of pod CIDR block per node. Example: max_pods_per_node of 30 would result in 64 IPs (/26). This config can disable the doubling of IPs (we still round off to next power of 2) Example: max_pods_per_node of 30 will result in 32 IPs (/27) when overprovisioning is disabled." }, "podIpv4CidrBlock": { "type": "string", "description": "The IP address range for pod IPs in this node pool. Only applicable if `create_pod_range` is true. Set to blank to have a range chosen with the default size. Set to /netmask (e.g. `/14`) to have a range chosen with a specific netmask. Set to a [CIDR](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`) to pick a specific range to use. Only applicable if `ip_allocation_policy.use_ip_aliases` is true. This field cannot be changed after the node pool has been created." }, "podIpv4RangeUtilization": { "type": "number", "description": "[Output only] The utilization of the IPv4 range for the pod. The ratio is Usage/[Total number of IPs in the secondary range], Usage=numNodes*numZones*podIPsPerNode." }, "podRange": { "type": "string", "description": "The ID of the secondary range for pod IPs. If `create_pod_range` is true, this ID is used for the new range. If `create_pod_range` is false, uses an existing secondary range with this ID. Only applicable if `ip_allocation_policy.use_ip_aliases` is true. This field cannot be changed after the node pool has been created." } }, "type": "object", "required": [ "additionalNodeNetworkConfigs", "additionalPodNetworkConfigs", "createPodRange", "enablePrivateNodes", "networkPerformanceConfig", "podCidrOverprovisionConfig", "podIpv4CidrBlock", "podIpv4RangeUtilization", "podRange" ] }, "google-native:container/v1:NodePool": { "description": "NodePool contains the name and configuration for a cluster's node pool. Node pools are a set of nodes (i.e. VM's), with a common configuration and specification, under the control of the cluster master. They may have a set of Kubernetes labels applied to them, which may be used to reference them during pod scheduling. They may also be resized up or down, to accommodate the workload.", "properties": { "autoscaling": { "$ref": "#/types/google-native:container%2Fv1:NodePoolAutoscaling", "description": "Autoscaler configuration for this NodePool. Autoscaler is enabled only if a valid configuration is present." }, "bestEffortProvisioning": { "$ref": "#/types/google-native:container%2Fv1:BestEffortProvisioning", "description": "Enable best effort provisioning for nodes" }, "conditions": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1:StatusCondition" }, "description": "Which conditions caused the current node pool state." }, "config": { "$ref": "#/types/google-native:container%2Fv1:NodeConfig", "description": "The node configuration of the pool." }, "etag": { "type": "string", "description": "This checksum is computed by the server based on the value of node pool fields, and may be sent on update requests to ensure the client has an up-to-date value before proceeding." }, "initialNodeCount": { "type": "integer", "description": "The initial node count for the pool. You must ensure that your Compute Engine [resource quota](https://cloud.google.com/compute/quotas) is sufficient for this number of instances. You must also have available firewall and routes quota." }, "locations": { "type": "array", "items": { "type": "string" }, "description": "The list of Google Compute Engine [zones](https://cloud.google.com/compute/docs/zones#available) in which the NodePool's nodes should be located. If this value is unspecified during node pool creation, the [Cluster.Locations](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters#Cluster.FIELDS.locations) value will be used, instead. Warning: changing node pool locations will result in nodes being added and/or removed." }, "management": { "$ref": "#/types/google-native:container%2Fv1:NodeManagement", "description": "NodeManagement configuration for this NodePool." }, "maxPodsConstraint": { "$ref": "#/types/google-native:container%2Fv1:MaxPodsConstraint", "description": "The constraint on the maximum number of pods that can be run simultaneously on a node in the node pool." }, "name": { "type": "string", "description": "The name of the node pool." }, "networkConfig": { "$ref": "#/types/google-native:container%2Fv1:NodeNetworkConfig", "description": "Networking configuration for this NodePool. If specified, it overrides the cluster-level defaults." }, "placementPolicy": { "$ref": "#/types/google-native:container%2Fv1:PlacementPolicy", "description": "Specifies the node placement policy." }, "queuedProvisioning": { "$ref": "#/types/google-native:container%2Fv1:QueuedProvisioning", "description": "Specifies the configuration of queued provisioning." }, "upgradeSettings": { "$ref": "#/types/google-native:container%2Fv1:UpgradeSettings", "description": "Upgrade settings control disruption and speed of the upgrade." }, "version": { "type": "string", "description": "The version of Kubernetes running on this NodePool's nodes. If unspecified, it defaults as described [here](https://cloud.google.com/kubernetes-engine/versioning#specifying_node_version)." } }, "type": "object" }, "google-native:container/v1:NodePoolAutoConfig": { "description": "Node pool configs that apply to all auto-provisioned node pools in autopilot clusters and node auto-provisioning enabled clusters.", "properties": { "networkTags": { "$ref": "#/types/google-native:container%2Fv1:NetworkTags", "description": "The list of instance tags applied to all nodes. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during cluster creation. Each tag within the list must comply with RFC1035." }, "resourceManagerTags": { "$ref": "#/types/google-native:container%2Fv1:ResourceManagerTags", "description": "Resource manager tag keys and values to be attached to the nodes for managing Compute Engine firewalls using Network Firewall Policies." } }, "type": "object" }, "google-native:container/v1:NodePoolAutoConfigResponse": { "description": "Node pool configs that apply to all auto-provisioned node pools in autopilot clusters and node auto-provisioning enabled clusters.", "properties": { "networkTags": { "$ref": "#/types/google-native:container%2Fv1:NetworkTagsResponse", "description": "The list of instance tags applied to all nodes. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during cluster creation. Each tag within the list must comply with RFC1035." }, "resourceManagerTags": { "$ref": "#/types/google-native:container%2Fv1:ResourceManagerTagsResponse", "description": "Resource manager tag keys and values to be attached to the nodes for managing Compute Engine firewalls using Network Firewall Policies." } }, "type": "object", "required": [ "networkTags", "resourceManagerTags" ] }, "google-native:container/v1:NodePoolAutoscaling": { "description": "NodePoolAutoscaling contains information required by cluster autoscaler to adjust the size of the node pool to the current cluster usage.", "properties": { "autoprovisioned": { "type": "boolean", "description": "Can this node pool be deleted automatically." }, "enabled": { "type": "boolean", "description": "Is autoscaling enabled for this node pool." }, "locationPolicy": { "$ref": "#/types/google-native:container%2Fv1:NodePoolAutoscalingLocationPolicy", "description": "Location policy used when scaling up a nodepool." }, "maxNodeCount": { "type": "integer", "description": "Maximum number of nodes for one location in the NodePool. Must be >= min_node_count. There has to be enough quota to scale up the cluster." }, "minNodeCount": { "type": "integer", "description": "Minimum number of nodes for one location in the NodePool. Must be >= 1 and <= max_node_count." }, "totalMaxNodeCount": { "type": "integer", "description": "Maximum number of nodes in the node pool. Must be greater than total_min_node_count. There has to be enough quota to scale up the cluster. The total_*_node_count fields are mutually exclusive with the *_node_count fields." }, "totalMinNodeCount": { "type": "integer", "description": "Minimum number of nodes in the node pool. Must be greater than 1 less than total_max_node_count. The total_*_node_count fields are mutually exclusive with the *_node_count fields." } }, "type": "object" }, "google-native:container/v1:NodePoolAutoscalingLocationPolicy": { "description": "Location policy used when scaling up a nodepool.", "type": "string", "enum": [ { "name": "LocationPolicyUnspecified", "description": "Not set.", "value": "LOCATION_POLICY_UNSPECIFIED" }, { "name": "Balanced", "description": "BALANCED is a best effort policy that aims to balance the sizes of different zones.", "value": "BALANCED" }, { "name": "Any", "description": "ANY policy picks zones that have the highest capacity available.", "value": "ANY" } ] }, "google-native:container/v1:NodePoolAutoscalingResponse": { "description": "NodePoolAutoscaling contains information required by cluster autoscaler to adjust the size of the node pool to the current cluster usage.", "properties": { "autoprovisioned": { "type": "boolean", "description": "Can this node pool be deleted automatically." }, "enabled": { "type": "boolean", "description": "Is autoscaling enabled for this node pool." }, "locationPolicy": { "type": "string", "description": "Location policy used when scaling up a nodepool." }, "maxNodeCount": { "type": "integer", "description": "Maximum number of nodes for one location in the NodePool. Must be >= min_node_count. There has to be enough quota to scale up the cluster." }, "minNodeCount": { "type": "integer", "description": "Minimum number of nodes for one location in the NodePool. Must be >= 1 and <= max_node_count." }, "totalMaxNodeCount": { "type": "integer", "description": "Maximum number of nodes in the node pool. Must be greater than total_min_node_count. There has to be enough quota to scale up the cluster. The total_*_node_count fields are mutually exclusive with the *_node_count fields." }, "totalMinNodeCount": { "type": "integer", "description": "Minimum number of nodes in the node pool. Must be greater than 1 less than total_max_node_count. The total_*_node_count fields are mutually exclusive with the *_node_count fields." } }, "type": "object", "required": [ "autoprovisioned", "enabled", "locationPolicy", "maxNodeCount", "minNodeCount", "totalMaxNodeCount", "totalMinNodeCount" ] }, "google-native:container/v1:NodePoolDefaults": { "description": "Subset of Nodepool message that has defaults.", "properties": { "nodeConfigDefaults": { "$ref": "#/types/google-native:container%2Fv1:NodeConfigDefaults", "description": "Subset of NodeConfig message that has defaults." } }, "type": "object" }, "google-native:container/v1:NodePoolDefaultsResponse": { "description": "Subset of Nodepool message that has defaults.", "properties": { "nodeConfigDefaults": { "$ref": "#/types/google-native:container%2Fv1:NodeConfigDefaultsResponse", "description": "Subset of NodeConfig message that has defaults." } }, "type": "object", "required": [ "nodeConfigDefaults" ] }, "google-native:container/v1:NodePoolLoggingConfig": { "description": "NodePoolLoggingConfig specifies logging configuration for nodepools.", "properties": { "variantConfig": { "$ref": "#/types/google-native:container%2Fv1:LoggingVariantConfig", "description": "Logging variant configuration." } }, "type": "object" }, "google-native:container/v1:NodePoolLoggingConfigResponse": { "description": "NodePoolLoggingConfig specifies logging configuration for nodepools.", "properties": { "variantConfig": { "$ref": "#/types/google-native:container%2Fv1:LoggingVariantConfigResponse", "description": "Logging variant configuration." } }, "type": "object", "required": [ "variantConfig" ] }, "google-native:container/v1:NodePoolResponse": { "description": "NodePool contains the name and configuration for a cluster's node pool. Node pools are a set of nodes (i.e. VM's), with a common configuration and specification, under the control of the cluster master. They may have a set of Kubernetes labels applied to them, which may be used to reference them during pod scheduling. They may also be resized up or down, to accommodate the workload.", "properties": { "autoscaling": { "$ref": "#/types/google-native:container%2Fv1:NodePoolAutoscalingResponse", "description": "Autoscaler configuration for this NodePool. Autoscaler is enabled only if a valid configuration is present." }, "bestEffortProvisioning": { "$ref": "#/types/google-native:container%2Fv1:BestEffortProvisioningResponse", "description": "Enable best effort provisioning for nodes" }, "conditions": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1:StatusConditionResponse" }, "description": "Which conditions caused the current node pool state." }, "config": { "$ref": "#/types/google-native:container%2Fv1:NodeConfigResponse", "description": "The node configuration of the pool." }, "etag": { "type": "string", "description": "This checksum is computed by the server based on the value of node pool fields, and may be sent on update requests to ensure the client has an up-to-date value before proceeding." }, "initialNodeCount": { "type": "integer", "description": "The initial node count for the pool. You must ensure that your Compute Engine [resource quota](https://cloud.google.com/compute/quotas) is sufficient for this number of instances. You must also have available firewall and routes quota." }, "instanceGroupUrls": { "type": "array", "items": { "type": "string" }, "description": "[Output only] The resource URLs of the [managed instance groups](https://cloud.google.com/compute/docs/instance-groups/creating-groups-of-managed-instances) associated with this node pool. During the node pool blue-green upgrade operation, the URLs contain both blue and green resources." }, "locations": { "type": "array", "items": { "type": "string" }, "description": "The list of Google Compute Engine [zones](https://cloud.google.com/compute/docs/zones#available) in which the NodePool's nodes should be located. If this value is unspecified during node pool creation, the [Cluster.Locations](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters#Cluster.FIELDS.locations) value will be used, instead. Warning: changing node pool locations will result in nodes being added and/or removed." }, "management": { "$ref": "#/types/google-native:container%2Fv1:NodeManagementResponse", "description": "NodeManagement configuration for this NodePool." }, "maxPodsConstraint": { "$ref": "#/types/google-native:container%2Fv1:MaxPodsConstraintResponse", "description": "The constraint on the maximum number of pods that can be run simultaneously on a node in the node pool." }, "name": { "type": "string", "description": "The name of the node pool." }, "networkConfig": { "$ref": "#/types/google-native:container%2Fv1:NodeNetworkConfigResponse", "description": "Networking configuration for this NodePool. If specified, it overrides the cluster-level defaults." }, "placementPolicy": { "$ref": "#/types/google-native:container%2Fv1:PlacementPolicyResponse", "description": "Specifies the node placement policy." }, "podIpv4CidrSize": { "type": "integer", "description": "[Output only] The pod CIDR block size per node in this node pool." }, "queuedProvisioning": { "$ref": "#/types/google-native:container%2Fv1:QueuedProvisioningResponse", "description": "Specifies the configuration of queued provisioning." }, "selfLink": { "type": "string", "description": "[Output only] Server-defined URL for the resource." }, "status": { "type": "string", "description": "[Output only] The status of the nodes in this pool instance." }, "statusMessage": { "type": "string", "description": "[Output only] Deprecated. Use conditions instead. Additional information about the current status of this node pool instance, if available.", "deprecationMessage": "[Output only] Deprecated. Use conditions instead. Additional information about the current status of this node pool instance, if available." }, "updateInfo": { "$ref": "#/types/google-native:container%2Fv1:UpdateInfoResponse", "description": "[Output only] Update info contains relevant information during a node pool update." }, "upgradeSettings": { "$ref": "#/types/google-native:container%2Fv1:UpgradeSettingsResponse", "description": "Upgrade settings control disruption and speed of the upgrade." }, "version": { "type": "string", "description": "The version of Kubernetes running on this NodePool's nodes. If unspecified, it defaults as described [here](https://cloud.google.com/kubernetes-engine/versioning#specifying_node_version)." } }, "type": "object", "required": [ "autoscaling", "bestEffortProvisioning", "conditions", "config", "etag", "initialNodeCount", "instanceGroupUrls", "locations", "management", "maxPodsConstraint", "name", "networkConfig", "placementPolicy", "podIpv4CidrSize", "queuedProvisioning", "selfLink", "status", "statusMessage", "updateInfo", "upgradeSettings", "version" ] }, "google-native:container/v1:NodeTaint": { "description": "Kubernetes taint is composed of three fields: key, value, and effect. Effect can only be one of three types: NoSchedule, PreferNoSchedule or NoExecute. See [here](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration) for more information, including usage and the valid values.", "properties": { "effect": { "$ref": "#/types/google-native:container%2Fv1:NodeTaintEffect", "description": "Effect for taint." }, "key": { "type": "string", "description": "Key for taint." }, "value": { "type": "string", "description": "Value for taint." } }, "type": "object" }, "google-native:container/v1:NodeTaintEffect": { "description": "Effect for taint.", "type": "string", "enum": [ { "name": "EffectUnspecified", "description": "Not set", "value": "EFFECT_UNSPECIFIED" }, { "name": "NoSchedule", "description": "NoSchedule", "value": "NO_SCHEDULE" }, { "name": "PreferNoSchedule", "description": "PreferNoSchedule", "value": "PREFER_NO_SCHEDULE" }, { "name": "NoExecute", "description": "NoExecute", "value": "NO_EXECUTE" } ] }, "google-native:container/v1:NodeTaintResponse": { "description": "Kubernetes taint is composed of three fields: key, value, and effect. Effect can only be one of three types: NoSchedule, PreferNoSchedule or NoExecute. See [here](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration) for more information, including usage and the valid values.", "properties": { "effect": { "type": "string", "description": "Effect for taint." }, "key": { "type": "string", "description": "Key for taint." }, "value": { "type": "string", "description": "Value for taint." } }, "type": "object", "required": [ "effect", "key", "value" ] }, "google-native:container/v1:NodeTaints": { "description": "Collection of Kubernetes [node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration).", "properties": { "taints": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1:NodeTaint" }, "description": "List of node taints." } }, "type": "object" }, "google-native:container/v1:NotificationConfig": { "description": "NotificationConfig is the configuration of notifications.", "properties": { "pubsub": { "$ref": "#/types/google-native:container%2Fv1:PubSub", "description": "Notification config for Pub/Sub." } }, "type": "object" }, "google-native:container/v1:NotificationConfigResponse": { "description": "NotificationConfig is the configuration of notifications.", "properties": { "pubsub": { "$ref": "#/types/google-native:container%2Fv1:PubSubResponse", "description": "Notification config for Pub/Sub." } }, "type": "object", "required": [ "pubsub" ] }, "google-native:container/v1:ParentProductConfig": { "description": "ParentProductConfig is the configuration of the parent product of the cluster. This field is used by Google internal products that are built on top of a GKE cluster and take the ownership of the cluster.", "properties": { "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels contain the configuration of the parent product." }, "productName": { "type": "string", "description": "Name of the parent product associated with the cluster." } }, "type": "object" }, "google-native:container/v1:ParentProductConfigResponse": { "description": "ParentProductConfig is the configuration of the parent product of the cluster. This field is used by Google internal products that are built on top of a GKE cluster and take the ownership of the cluster.", "properties": { "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels contain the configuration of the parent product." }, "productName": { "type": "string", "description": "Name of the parent product associated with the cluster." } }, "type": "object", "required": [ "labels", "productName" ] }, "google-native:container/v1:PlacementPolicy": { "description": "PlacementPolicy defines the placement policy used by the node pool.", "properties": { "policyName": { "type": "string", "description": "If set, refers to the name of a custom resource policy supplied by the user. The resource policy must be in the same project and region as the node pool. If not found, InvalidArgument error is returned." }, "tpuTopology": { "type": "string", "description": "Optional. TPU placement topology for pod slice node pool. https://cloud.google.com/tpu/docs/types-topologies#tpu_topologies" }, "type": { "$ref": "#/types/google-native:container%2Fv1:PlacementPolicyType", "description": "The type of placement." } }, "type": "object" }, "google-native:container/v1:PlacementPolicyResponse": { "description": "PlacementPolicy defines the placement policy used by the node pool.", "properties": { "policyName": { "type": "string", "description": "If set, refers to the name of a custom resource policy supplied by the user. The resource policy must be in the same project and region as the node pool. If not found, InvalidArgument error is returned." }, "tpuTopology": { "type": "string", "description": "Optional. TPU placement topology for pod slice node pool. https://cloud.google.com/tpu/docs/types-topologies#tpu_topologies" }, "type": { "type": "string", "description": "The type of placement." } }, "type": "object", "required": [ "policyName", "tpuTopology", "type" ] }, "google-native:container/v1:PlacementPolicyType": { "description": "The type of placement.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "TYPE_UNSPECIFIED specifies no requirements on nodes placement.", "value": "TYPE_UNSPECIFIED" }, { "name": "Compact", "description": "COMPACT specifies node placement in the same availability domain to ensure low communication latency.", "value": "COMPACT" } ] }, "google-native:container/v1:PodCIDROverprovisionConfig": { "description": "[PRIVATE FIELD] Config for pod CIDR size overprovisioning.", "properties": { "disable": { "type": "boolean", "description": "Whether Pod CIDR overprovisioning is disabled. Note: Pod CIDR overprovisioning is enabled by default." } }, "type": "object" }, "google-native:container/v1:PodCIDROverprovisionConfigResponse": { "description": "[PRIVATE FIELD] Config for pod CIDR size overprovisioning.", "properties": { "disable": { "type": "boolean", "description": "Whether Pod CIDR overprovisioning is disabled. Note: Pod CIDR overprovisioning is enabled by default." } }, "type": "object", "required": [ "disable" ] }, "google-native:container/v1:PrivateClusterConfig": { "description": "Configuration options for private clusters.", "properties": { "enablePrivateEndpoint": { "type": "boolean", "description": "Whether the master's internal IP address is used as the cluster endpoint." }, "enablePrivateNodes": { "type": "boolean", "description": "Whether nodes have internal IP addresses only. If enabled, all nodes are given only RFC 1918 private addresses and communicate with the master via private networking." }, "masterGlobalAccessConfig": { "$ref": "#/types/google-native:container%2Fv1:PrivateClusterMasterGlobalAccessConfig", "description": "Controls master global access settings." }, "masterIpv4CidrBlock": { "type": "string", "description": "The IP range in CIDR notation to use for the hosted master network. This range will be used for assigning internal IP addresses to the master or set of masters, as well as the ILB VIP. This range must not overlap with any other ranges in use within the cluster's network." }, "privateEndpointSubnetwork": { "type": "string", "description": "Subnet to provision the master's private endpoint during cluster creation. Specified in projects/*/regions/*/subnetworks/* format." } }, "type": "object" }, "google-native:container/v1:PrivateClusterConfigResponse": { "description": "Configuration options for private clusters.", "properties": { "enablePrivateEndpoint": { "type": "boolean", "description": "Whether the master's internal IP address is used as the cluster endpoint." }, "enablePrivateNodes": { "type": "boolean", "description": "Whether nodes have internal IP addresses only. If enabled, all nodes are given only RFC 1918 private addresses and communicate with the master via private networking." }, "masterGlobalAccessConfig": { "$ref": "#/types/google-native:container%2Fv1:PrivateClusterMasterGlobalAccessConfigResponse", "description": "Controls master global access settings." }, "masterIpv4CidrBlock": { "type": "string", "description": "The IP range in CIDR notation to use for the hosted master network. This range will be used for assigning internal IP addresses to the master or set of masters, as well as the ILB VIP. This range must not overlap with any other ranges in use within the cluster's network." }, "peeringName": { "type": "string", "description": "The peering name in the customer VPC used by this cluster." }, "privateEndpoint": { "type": "string", "description": "The internal IP address of this cluster's master endpoint." }, "privateEndpointSubnetwork": { "type": "string", "description": "Subnet to provision the master's private endpoint during cluster creation. Specified in projects/*/regions/*/subnetworks/* format." }, "publicEndpoint": { "type": "string", "description": "The external IP address of this cluster's master endpoint." } }, "type": "object", "required": [ "enablePrivateEndpoint", "enablePrivateNodes", "masterGlobalAccessConfig", "masterIpv4CidrBlock", "peeringName", "privateEndpoint", "privateEndpointSubnetwork", "publicEndpoint" ] }, "google-native:container/v1:PrivateClusterMasterGlobalAccessConfig": { "description": "Configuration for controlling master global access settings.", "properties": { "enabled": { "type": "boolean", "description": "Whenever master is accessible globally or not." } }, "type": "object" }, "google-native:container/v1:PrivateClusterMasterGlobalAccessConfigResponse": { "description": "Configuration for controlling master global access settings.", "properties": { "enabled": { "type": "boolean", "description": "Whenever master is accessible globally or not." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1:PubSub": { "description": "Pub/Sub specific notification config.", "properties": { "enabled": { "type": "boolean", "description": "Enable notifications for Pub/Sub." }, "filter": { "$ref": "#/types/google-native:container%2Fv1:Filter", "description": "Allows filtering to one or more specific event types. If no filter is specified, or if a filter is specified with no event types, all event types will be sent" }, "topic": { "type": "string", "description": "The desired Pub/Sub topic to which notifications will be sent by GKE. Format is `projects/{project}/topics/{topic}`." } }, "type": "object" }, "google-native:container/v1:PubSubResponse": { "description": "Pub/Sub specific notification config.", "properties": { "enabled": { "type": "boolean", "description": "Enable notifications for Pub/Sub." }, "filter": { "$ref": "#/types/google-native:container%2Fv1:FilterResponse", "description": "Allows filtering to one or more specific event types. If no filter is specified, or if a filter is specified with no event types, all event types will be sent" }, "topic": { "type": "string", "description": "The desired Pub/Sub topic to which notifications will be sent by GKE. Format is `projects/{project}/topics/{topic}`." } }, "type": "object", "required": [ "enabled", "filter", "topic" ] }, "google-native:container/v1:QueuedProvisioning": { "description": "QueuedProvisioning defines the queued provisioning used by the node pool.", "properties": { "enabled": { "type": "boolean", "description": "Denotes that this nodepool is QRM specific, meaning nodes can be only obtained through queuing via the Cluster Autoscaler ProvisioningRequest API." } }, "type": "object" }, "google-native:container/v1:QueuedProvisioningResponse": { "description": "QueuedProvisioning defines the queued provisioning used by the node pool.", "properties": { "enabled": { "type": "boolean", "description": "Denotes that this nodepool is QRM specific, meaning nodes can be only obtained through queuing via the Cluster Autoscaler ProvisioningRequest API." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1:RangeInfoResponse": { "description": "RangeInfo contains the range name and the range utilization by this cluster.", "properties": { "rangeName": { "type": "string", "description": "[Output only] Name of a range." }, "utilization": { "type": "number", "description": "[Output only] The utilization of the range." } }, "type": "object", "required": [ "rangeName", "utilization" ] }, "google-native:container/v1:RecurringTimeWindow": { "description": "Represents an arbitrary window of time that recurs.", "properties": { "recurrence": { "type": "string", "description": "An RRULE (https://tools.ietf.org/html/rfc5545#section-3.8.5.3) for how this window reccurs. They go on for the span of time between the start and end time. For example, to have something repeat every weekday, you'd use: `FREQ=WEEKLY;BYDAY=MO,TU,WE,TH,FR` To repeat some window daily (equivalent to the DailyMaintenanceWindow): `FREQ=DAILY` For the first weekend of every month: `FREQ=MONTHLY;BYSETPOS=1;BYDAY=SA,SU` This specifies how frequently the window starts. Eg, if you wanted to have a 9-5 UTC-4 window every weekday, you'd use something like: ``` start time = 2019-01-01T09:00:00-0400 end time = 2019-01-01T17:00:00-0400 recurrence = FREQ=WEEKLY;BYDAY=MO,TU,WE,TH,FR ``` Windows can span multiple days. Eg, to make the window encompass every weekend from midnight Saturday till the last minute of Sunday UTC: ``` start time = 2019-01-05T00:00:00Z end time = 2019-01-07T23:59:00Z recurrence = FREQ=WEEKLY;BYDAY=SA ``` Note the start and end time's specific dates are largely arbitrary except to specify duration of the window and when it first starts. The FREQ values of HOURLY, MINUTELY, and SECONDLY are not supported." }, "window": { "$ref": "#/types/google-native:container%2Fv1:TimeWindow", "description": "The window of the first recurrence." } }, "type": "object" }, "google-native:container/v1:RecurringTimeWindowResponse": { "description": "Represents an arbitrary window of time that recurs.", "properties": { "recurrence": { "type": "string", "description": "An RRULE (https://tools.ietf.org/html/rfc5545#section-3.8.5.3) for how this window reccurs. They go on for the span of time between the start and end time. For example, to have something repeat every weekday, you'd use: `FREQ=WEEKLY;BYDAY=MO,TU,WE,TH,FR` To repeat some window daily (equivalent to the DailyMaintenanceWindow): `FREQ=DAILY` For the first weekend of every month: `FREQ=MONTHLY;BYSETPOS=1;BYDAY=SA,SU` This specifies how frequently the window starts. Eg, if you wanted to have a 9-5 UTC-4 window every weekday, you'd use something like: ``` start time = 2019-01-01T09:00:00-0400 end time = 2019-01-01T17:00:00-0400 recurrence = FREQ=WEEKLY;BYDAY=MO,TU,WE,TH,FR ``` Windows can span multiple days. Eg, to make the window encompass every weekend from midnight Saturday till the last minute of Sunday UTC: ``` start time = 2019-01-05T00:00:00Z end time = 2019-01-07T23:59:00Z recurrence = FREQ=WEEKLY;BYDAY=SA ``` Note the start and end time's specific dates are largely arbitrary except to specify duration of the window and when it first starts. The FREQ values of HOURLY, MINUTELY, and SECONDLY are not supported." }, "window": { "$ref": "#/types/google-native:container%2Fv1:TimeWindowResponse", "description": "The window of the first recurrence." } }, "type": "object", "required": [ "recurrence", "window" ] }, "google-native:container/v1:ReleaseChannel": { "description": "ReleaseChannel indicates which release channel a cluster is subscribed to. Release channels are arranged in order of risk. When a cluster is subscribed to a release channel, Google maintains both the master version and the node version. Node auto-upgrade defaults to true and cannot be disabled.", "properties": { "channel": { "$ref": "#/types/google-native:container%2Fv1:ReleaseChannelChannel", "description": "channel specifies which release channel the cluster is subscribed to." } }, "type": "object" }, "google-native:container/v1:ReleaseChannelChannel": { "description": "channel specifies which release channel the cluster is subscribed to.", "type": "string", "enum": [ { "name": "Unspecified", "description": "No channel specified.", "value": "UNSPECIFIED" }, { "name": "Rapid", "description": "RAPID channel is offered on an early access basis for customers who want to test new releases. WARNING: Versions available in the RAPID Channel may be subject to unresolved issues with no known workaround and are not subject to any SLAs.", "value": "RAPID" }, { "name": "Regular", "description": "Clusters subscribed to REGULAR receive versions that are considered GA quality. REGULAR is intended for production users who want to take advantage of new features.", "value": "REGULAR" }, { "name": "Stable", "description": "Clusters subscribed to STABLE receive versions that are known to be stable and reliable in production.", "value": "STABLE" } ] }, "google-native:container/v1:ReleaseChannelConfigResponse": { "description": "ReleaseChannelConfig exposes configuration for a release channel.", "properties": { "channel": { "type": "string", "description": "The release channel this configuration applies to." }, "defaultVersion": { "type": "string", "description": "The default version for newly created clusters on the channel." }, "validVersions": { "type": "array", "items": { "type": "string" }, "description": "List of valid versions for the channel." } }, "type": "object", "required": [ "channel", "defaultVersion", "validVersions" ] }, "google-native:container/v1:ReleaseChannelResponse": { "description": "ReleaseChannel indicates which release channel a cluster is subscribed to. Release channels are arranged in order of risk. When a cluster is subscribed to a release channel, Google maintains both the master version and the node version. Node auto-upgrade defaults to true and cannot be disabled.", "properties": { "channel": { "type": "string", "description": "channel specifies which release channel the cluster is subscribed to." } }, "type": "object", "required": [ "channel" ] }, "google-native:container/v1:ReservationAffinity": { "description": "[ReservationAffinity](https://cloud.google.com/compute/docs/instances/reserving-zonal-resources) is the configuration of desired reservation which instances could take capacity from.", "properties": { "consumeReservationType": { "$ref": "#/types/google-native:container%2Fv1:ReservationAffinityConsumeReservationType", "description": "Corresponds to the type of reservation consumption." }, "key": { "type": "string", "description": "Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify \"compute.googleapis.com/reservation-name\" as the key and specify the name of your reservation as its value." }, "values": { "type": "array", "items": { "type": "string" }, "description": "Corresponds to the label value(s) of reservation resource(s)." } }, "type": "object" }, "google-native:container/v1:ReservationAffinityConsumeReservationType": { "description": "Corresponds to the type of reservation consumption.", "type": "string", "enum": [ { "name": "Unspecified", "description": "Default value. This should not be used.", "value": "UNSPECIFIED" }, { "name": "NoReservation", "description": "Do not consume from any reserved capacity.", "value": "NO_RESERVATION" }, { "name": "AnyReservation", "description": "Consume any reservation available.", "value": "ANY_RESERVATION" }, { "name": "SpecificReservation", "description": "Must consume from a specific reservation. Must specify key value fields for specifying the reservations.", "value": "SPECIFIC_RESERVATION" } ] }, "google-native:container/v1:ReservationAffinityResponse": { "description": "[ReservationAffinity](https://cloud.google.com/compute/docs/instances/reserving-zonal-resources) is the configuration of desired reservation which instances could take capacity from.", "properties": { "consumeReservationType": { "type": "string", "description": "Corresponds to the type of reservation consumption." }, "key": { "type": "string", "description": "Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify \"compute.googleapis.com/reservation-name\" as the key and specify the name of your reservation as its value." }, "values": { "type": "array", "items": { "type": "string" }, "description": "Corresponds to the label value(s) of reservation resource(s)." } }, "type": "object", "required": [ "consumeReservationType", "key", "values" ] }, "google-native:container/v1:ResourceLabels": { "description": "Collection of [GCP labels](https://cloud.google.com/resource-manager/docs/creating-managing-labels).", "properties": { "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of node label keys and node label values." } }, "type": "object" }, "google-native:container/v1:ResourceLimit": { "description": "Contains information about amount of some resource in the cluster. For memory, value should be in GB.", "properties": { "maximum": { "type": "string", "description": "Maximum amount of the resource in the cluster." }, "minimum": { "type": "string", "description": "Minimum amount of the resource in the cluster." }, "resourceType": { "type": "string", "description": "Resource name \"cpu\", \"memory\" or gpu-specific string." } }, "type": "object" }, "google-native:container/v1:ResourceLimitResponse": { "description": "Contains information about amount of some resource in the cluster. For memory, value should be in GB.", "properties": { "maximum": { "type": "string", "description": "Maximum amount of the resource in the cluster." }, "minimum": { "type": "string", "description": "Minimum amount of the resource in the cluster." }, "resourceType": { "type": "string", "description": "Resource name \"cpu\", \"memory\" or gpu-specific string." } }, "type": "object", "required": [ "maximum", "minimum", "resourceType" ] }, "google-native:container/v1:ResourceManagerTags": { "description": "A map of resource manager tag keys and values to be attached to the nodes for managing Compute Engine firewalls using Network Firewall Policies. Tags must be according to specifications in https://cloud.google.com/vpc/docs/tags-firewalls-overview#specifications. A maximum of 5 tag key-value pairs can be specified. Existing tags will be replaced with new values.", "properties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "TagKeyValue must be in one of the following formats ([KEY]=[VALUE]) 1. `tagKeys/{tag_key_id}=tagValues/{tag_value_id}` 2. `{org_id}/{tag_key_name}={tag_value_name}` 3. `{project_id}/{tag_key_name}={tag_value_name}`" } }, "type": "object" }, "google-native:container/v1:ResourceManagerTagsResponse": { "description": "A map of resource manager tag keys and values to be attached to the nodes for managing Compute Engine firewalls using Network Firewall Policies. Tags must be according to specifications in https://cloud.google.com/vpc/docs/tags-firewalls-overview#specifications. A maximum of 5 tag key-value pairs can be specified. Existing tags will be replaced with new values.", "properties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "TagKeyValue must be in one of the following formats ([KEY]=[VALUE]) 1. `tagKeys/{tag_key_id}=tagValues/{tag_value_id}` 2. `{org_id}/{tag_key_name}={tag_value_name}` 3. `{project_id}/{tag_key_name}={tag_value_name}`" } }, "type": "object", "required": [ "tags" ] }, "google-native:container/v1:ResourceUsageExportConfig": { "description": "Configuration for exporting cluster resource usages.", "properties": { "bigqueryDestination": { "$ref": "#/types/google-native:container%2Fv1:BigQueryDestination", "description": "Configuration to use BigQuery as usage export destination." }, "consumptionMeteringConfig": { "$ref": "#/types/google-native:container%2Fv1:ConsumptionMeteringConfig", "description": "Configuration to enable resource consumption metering." }, "enableNetworkEgressMetering": { "type": "boolean", "description": "Whether to enable network egress metering for this cluster. If enabled, a daemonset will be created in the cluster to meter network egress traffic." } }, "type": "object" }, "google-native:container/v1:ResourceUsageExportConfigResponse": { "description": "Configuration for exporting cluster resource usages.", "properties": { "bigqueryDestination": { "$ref": "#/types/google-native:container%2Fv1:BigQueryDestinationResponse", "description": "Configuration to use BigQuery as usage export destination." }, "consumptionMeteringConfig": { "$ref": "#/types/google-native:container%2Fv1:ConsumptionMeteringConfigResponse", "description": "Configuration to enable resource consumption metering." }, "enableNetworkEgressMetering": { "type": "boolean", "description": "Whether to enable network egress metering for this cluster. If enabled, a daemonset will be created in the cluster to meter network egress traffic." } }, "type": "object", "required": [ "bigqueryDestination", "consumptionMeteringConfig", "enableNetworkEgressMetering" ] }, "google-native:container/v1:SandboxConfig": { "description": "SandboxConfig contains configurations of the sandbox to use for the node.", "properties": { "type": { "$ref": "#/types/google-native:container%2Fv1:SandboxConfigType", "description": "Type of the sandbox to use for the node." } }, "type": "object" }, "google-native:container/v1:SandboxConfigResponse": { "description": "SandboxConfig contains configurations of the sandbox to use for the node.", "properties": { "type": { "type": "string", "description": "Type of the sandbox to use for the node." } }, "type": "object", "required": [ "type" ] }, "google-native:container/v1:SandboxConfigType": { "description": "Type of the sandbox to use for the node.", "type": "string", "enum": [ { "name": "Unspecified", "description": "Default value. This should not be used.", "value": "UNSPECIFIED" }, { "name": "Gvisor", "description": "Run sandbox using gvisor.", "value": "GVISOR" } ] }, "google-native:container/v1:SecurityPostureConfig": { "description": "SecurityPostureConfig defines the flags needed to enable/disable features for the Security Posture API.", "properties": { "mode": { "$ref": "#/types/google-native:container%2Fv1:SecurityPostureConfigMode", "description": "Sets which mode to use for Security Posture features." }, "vulnerabilityMode": { "$ref": "#/types/google-native:container%2Fv1:SecurityPostureConfigVulnerabilityMode", "description": "Sets which mode to use for vulnerability scanning." } }, "type": "object" }, "google-native:container/v1:SecurityPostureConfigMode": { "description": "Sets which mode to use for Security Posture features.", "type": "string", "enum": [ { "name": "ModeUnspecified", "description": "Default value not specified.", "value": "MODE_UNSPECIFIED" }, { "name": "Disabled", "description": "Disables Security Posture features on the cluster.", "value": "DISABLED" }, { "name": "Basic", "description": "Applies Security Posture features on the cluster.", "value": "BASIC" } ] }, "google-native:container/v1:SecurityPostureConfigResponse": { "description": "SecurityPostureConfig defines the flags needed to enable/disable features for the Security Posture API.", "properties": { "mode": { "type": "string", "description": "Sets which mode to use for Security Posture features." }, "vulnerabilityMode": { "type": "string", "description": "Sets which mode to use for vulnerability scanning." } }, "type": "object", "required": [ "mode", "vulnerabilityMode" ] }, "google-native:container/v1:SecurityPostureConfigVulnerabilityMode": { "description": "Sets which mode to use for vulnerability scanning.", "type": "string", "enum": [ { "name": "VulnerabilityModeUnspecified", "description": "Default value not specified.", "value": "VULNERABILITY_MODE_UNSPECIFIED" }, { "name": "VulnerabilityDisabled", "description": "Disables vulnerability scanning on the cluster.", "value": "VULNERABILITY_DISABLED" }, { "name": "VulnerabilityBasic", "description": "Applies basic vulnerability scanning on the cluster.", "value": "VULNERABILITY_BASIC" } ] }, "google-native:container/v1:ServiceExternalIPsConfig": { "description": "Config to block services with externalIPs field.", "properties": { "enabled": { "type": "boolean", "description": "Whether Services with ExternalIPs field are allowed or not." } }, "type": "object" }, "google-native:container/v1:ServiceExternalIPsConfigResponse": { "description": "Config to block services with externalIPs field.", "properties": { "enabled": { "type": "boolean", "description": "Whether Services with ExternalIPs field are allowed or not." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1:ShieldedInstanceConfig": { "description": "A set of Shielded Instance options.", "properties": { "enableIntegrityMonitoring": { "type": "boolean", "description": "Defines whether the instance has integrity monitoring enabled. Enables monitoring and attestation of the boot integrity of the instance. The attestation is performed against the integrity policy baseline. This baseline is initially derived from the implicitly trusted boot image when the instance is created." }, "enableSecureBoot": { "type": "boolean", "description": "Defines whether the instance has Secure Boot enabled. Secure Boot helps ensure that the system only runs authentic software by verifying the digital signature of all boot components, and halting the boot process if signature verification fails." } }, "type": "object" }, "google-native:container/v1:ShieldedInstanceConfigResponse": { "description": "A set of Shielded Instance options.", "properties": { "enableIntegrityMonitoring": { "type": "boolean", "description": "Defines whether the instance has integrity monitoring enabled. Enables monitoring and attestation of the boot integrity of the instance. The attestation is performed against the integrity policy baseline. This baseline is initially derived from the implicitly trusted boot image when the instance is created." }, "enableSecureBoot": { "type": "boolean", "description": "Defines whether the instance has Secure Boot enabled. Secure Boot helps ensure that the system only runs authentic software by verifying the digital signature of all boot components, and halting the boot process if signature verification fails." } }, "type": "object", "required": [ "enableIntegrityMonitoring", "enableSecureBoot" ] }, "google-native:container/v1:ShieldedNodes": { "description": "Configuration of Shielded Nodes feature.", "properties": { "enabled": { "type": "boolean", "description": "Whether Shielded Nodes features are enabled on all nodes in this cluster." } }, "type": "object" }, "google-native:container/v1:ShieldedNodesResponse": { "description": "Configuration of Shielded Nodes feature.", "properties": { "enabled": { "type": "boolean", "description": "Whether Shielded Nodes features are enabled on all nodes in this cluster." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1:SoleTenantConfig": { "description": "SoleTenantConfig contains the NodeAffinities to specify what shared sole tenant node groups should back the node pool.", "properties": { "nodeAffinities": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1:NodeAffinity" }, "description": "NodeAffinities used to match to a shared sole tenant node group." } }, "type": "object" }, "google-native:container/v1:SoleTenantConfigResponse": { "description": "SoleTenantConfig contains the NodeAffinities to specify what shared sole tenant node groups should back the node pool.", "properties": { "nodeAffinities": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1:NodeAffinityResponse" }, "description": "NodeAffinities used to match to a shared sole tenant node group." } }, "type": "object", "required": [ "nodeAffinities" ] }, "google-native:container/v1:StandardRolloutPolicy": { "description": "Standard rollout policy is the default policy for blue-green.", "properties": { "batchNodeCount": { "type": "integer", "description": "Number of blue nodes to drain in a batch." }, "batchPercentage": { "type": "number", "description": "Percentage of the blue pool nodes to drain in a batch. The range of this field should be (0.0, 1.0]." }, "batchSoakDuration": { "type": "string", "description": "Soak time after each batch gets drained. Default to zero." } }, "type": "object" }, "google-native:container/v1:StandardRolloutPolicyResponse": { "description": "Standard rollout policy is the default policy for blue-green.", "properties": { "batchNodeCount": { "type": "integer", "description": "Number of blue nodes to drain in a batch." }, "batchPercentage": { "type": "number", "description": "Percentage of the blue pool nodes to drain in a batch. The range of this field should be (0.0, 1.0]." }, "batchSoakDuration": { "type": "string", "description": "Soak time after each batch gets drained. Default to zero." } }, "type": "object", "required": [ "batchNodeCount", "batchPercentage", "batchSoakDuration" ] }, "google-native:container/v1:StatusCondition": { "description": "StatusCondition describes why a cluster or a node pool has a certain status (e.g., ERROR or DEGRADED).", "properties": { "canonicalCode": { "$ref": "#/types/google-native:container%2Fv1:StatusConditionCanonicalCode", "description": "Canonical code of the condition." }, "code": { "$ref": "#/types/google-native:container%2Fv1:StatusConditionCode", "description": "Machine-friendly representation of the condition Deprecated. Use canonical_code instead.", "deprecationMessage": "Machine-friendly representation of the condition Deprecated. Use canonical_code instead." }, "message": { "type": "string", "description": "Human-friendly representation of the condition" } }, "type": "object" }, "google-native:container/v1:StatusConditionCanonicalCode": { "description": "Canonical code of the condition.", "type": "string", "enum": [ { "name": "Ok", "description": "Not an error; returned on success. HTTP Mapping: 200 OK", "value": "OK" }, { "name": "Cancelled", "description": "The operation was cancelled, typically by the caller. HTTP Mapping: 499 Client Closed Request", "value": "CANCELLED" }, { "name": "Unknown", "description": "Unknown error. For example, this error may be returned when a `Status` value received from another address space belongs to an error space that is not known in this address space. Also errors raised by APIs that do not return enough error information may be converted to this error. HTTP Mapping: 500 Internal Server Error", "value": "UNKNOWN" }, { "name": "InvalidArgument", "description": "The client specified an invalid argument. Note that this differs from `FAILED_PRECONDITION`. `INVALID_ARGUMENT` indicates arguments that are problematic regardless of the state of the system (e.g., a malformed file name). HTTP Mapping: 400 Bad Request", "value": "INVALID_ARGUMENT" }, { "name": "DeadlineExceeded", "description": "The deadline expired before the operation could complete. For operations that change the state of the system, this error may be returned even if the operation has completed successfully. For example, a successful response from a server could have been delayed long enough for the deadline to expire. HTTP Mapping: 504 Gateway Timeout", "value": "DEADLINE_EXCEEDED" }, { "name": "NotFound", "description": "Some requested entity (e.g., file or directory) was not found. Note to server developers: if a request is denied for an entire class of users, such as gradual feature rollout or undocumented allowlist, `NOT_FOUND` may be used. If a request is denied for some users within a class of users, such as user-based access control, `PERMISSION_DENIED` must be used. HTTP Mapping: 404 Not Found", "value": "NOT_FOUND" }, { "name": "AlreadyExists", "description": "The entity that a client attempted to create (e.g., file or directory) already exists. HTTP Mapping: 409 Conflict", "value": "ALREADY_EXISTS" }, { "name": "PermissionDenied", "description": "The caller does not have permission to execute the specified operation. `PERMISSION_DENIED` must not be used for rejections caused by exhausting some resource (use `RESOURCE_EXHAUSTED` instead for those errors). `PERMISSION_DENIED` must not be used if the caller can not be identified (use `UNAUTHENTICATED` instead for those errors). This error code does not imply the request is valid or the requested entity exists or satisfies other pre-conditions. HTTP Mapping: 403 Forbidden", "value": "PERMISSION_DENIED" }, { "name": "Unauthenticated", "description": "The request does not have valid authentication credentials for the operation. HTTP Mapping: 401 Unauthorized", "value": "UNAUTHENTICATED" }, { "name": "ResourceExhausted", "description": "Some resource has been exhausted, perhaps a per-user quota, or perhaps the entire file system is out of space. HTTP Mapping: 429 Too Many Requests", "value": "RESOURCE_EXHAUSTED" }, { "name": "FailedPrecondition", "description": "The operation was rejected because the system is not in a state required for the operation's execution. For example, the directory to be deleted is non-empty, an rmdir operation is applied to a non-directory, etc. Service implementors can use the following guidelines to decide between `FAILED_PRECONDITION`, `ABORTED`, and `UNAVAILABLE`: (a) Use `UNAVAILABLE` if the client can retry just the failing call. (b) Use `ABORTED` if the client should retry at a higher level. For example, when a client-specified test-and-set fails, indicating the client should restart a read-modify-write sequence. (c) Use `FAILED_PRECONDITION` if the client should not retry until the system state has been explicitly fixed. For example, if an \"rmdir\" fails because the directory is non-empty, `FAILED_PRECONDITION` should be returned since the client should not retry unless the files are deleted from the directory. HTTP Mapping: 400 Bad Request", "value": "FAILED_PRECONDITION" }, { "name": "Aborted", "description": "The operation was aborted, typically due to a concurrency issue such as a sequencer check failure or transaction abort. See the guidelines above for deciding between `FAILED_PRECONDITION`, `ABORTED`, and `UNAVAILABLE`. HTTP Mapping: 409 Conflict", "value": "ABORTED" }, { "name": "OutOfRange", "description": "The operation was attempted past the valid range. E.g., seeking or reading past end-of-file. Unlike `INVALID_ARGUMENT`, this error indicates a problem that may be fixed if the system state changes. For example, a 32-bit file system will generate `INVALID_ARGUMENT` if asked to read at an offset that is not in the range [0,2^32-1], but it will generate `OUT_OF_RANGE` if asked to read from an offset past the current file size. There is a fair bit of overlap between `FAILED_PRECONDITION` and `OUT_OF_RANGE`. We recommend using `OUT_OF_RANGE` (the more specific error) when it applies so that callers who are iterating through a space can easily look for an `OUT_OF_RANGE` error to detect when they are done. HTTP Mapping: 400 Bad Request", "value": "OUT_OF_RANGE" }, { "name": "Unimplemented", "description": "The operation is not implemented or is not supported/enabled in this service. HTTP Mapping: 501 Not Implemented", "value": "UNIMPLEMENTED" }, { "name": "Internal", "description": "Internal errors. This means that some invariants expected by the underlying system have been broken. This error code is reserved for serious errors. HTTP Mapping: 500 Internal Server Error", "value": "INTERNAL" }, { "name": "Unavailable", "description": "The service is currently unavailable. This is most likely a transient condition, which can be corrected by retrying with a backoff. Note that it is not always safe to retry non-idempotent operations. See the guidelines above for deciding between `FAILED_PRECONDITION`, `ABORTED`, and `UNAVAILABLE`. HTTP Mapping: 503 Service Unavailable", "value": "UNAVAILABLE" }, { "name": "DataLoss", "description": "Unrecoverable data loss or corruption. HTTP Mapping: 500 Internal Server Error", "value": "DATA_LOSS" } ] }, "google-native:container/v1:StatusConditionCode": { "description": "Machine-friendly representation of the condition Deprecated. Use canonical_code instead.", "type": "string", "enum": [ { "name": "Unknown", "description": "UNKNOWN indicates a generic condition.", "value": "UNKNOWN" }, { "name": "GceStockout", "description": "GCE_STOCKOUT indicates that Google Compute Engine resources are temporarily unavailable.", "value": "GCE_STOCKOUT" }, { "name": "GkeServiceAccountDeleted", "description": "GKE_SERVICE_ACCOUNT_DELETED indicates that the user deleted their robot service account.", "value": "GKE_SERVICE_ACCOUNT_DELETED" }, { "name": "GceQuotaExceeded", "description": "Google Compute Engine quota was exceeded.", "value": "GCE_QUOTA_EXCEEDED" }, { "name": "SetByOperator", "description": "Cluster state was manually changed by an SRE due to a system logic error.", "value": "SET_BY_OPERATOR" }, { "name": "CloudKmsKeyError", "description": "Unable to perform an encrypt operation against the CloudKMS key used for etcd level encryption.", "value": "CLOUD_KMS_KEY_ERROR" }, { "name": "CaExpiring", "description": "Cluster CA is expiring soon.", "value": "CA_EXPIRING" } ] }, "google-native:container/v1:StatusConditionResponse": { "description": "StatusCondition describes why a cluster or a node pool has a certain status (e.g., ERROR or DEGRADED).", "properties": { "canonicalCode": { "type": "string", "description": "Canonical code of the condition." }, "code": { "type": "string", "description": "Machine-friendly representation of the condition Deprecated. Use canonical_code instead.", "deprecationMessage": "Machine-friendly representation of the condition Deprecated. Use canonical_code instead." }, "message": { "type": "string", "description": "Human-friendly representation of the condition" } }, "type": "object", "required": [ "canonicalCode", "code", "message" ] }, "google-native:container/v1:TimeWindow": { "description": "Represents an arbitrary window of time.", "properties": { "endTime": { "type": "string", "description": "The time that the window ends. The end time should take place after the start time." }, "maintenanceExclusionOptions": { "$ref": "#/types/google-native:container%2Fv1:MaintenanceExclusionOptions", "description": "MaintenanceExclusionOptions provides maintenance exclusion related options." }, "startTime": { "type": "string", "description": "The time that the window first starts." } }, "type": "object" }, "google-native:container/v1:TimeWindowResponse": { "description": "Represents an arbitrary window of time.", "properties": { "endTime": { "type": "string", "description": "The time that the window ends. The end time should take place after the start time." }, "maintenanceExclusionOptions": { "$ref": "#/types/google-native:container%2Fv1:MaintenanceExclusionOptionsResponse", "description": "MaintenanceExclusionOptions provides maintenance exclusion related options." }, "startTime": { "type": "string", "description": "The time that the window first starts." } }, "type": "object", "required": [ "endTime", "maintenanceExclusionOptions", "startTime" ] }, "google-native:container/v1:UpdateInfoResponse": { "description": "UpdateInfo contains resource (instance groups, etc), status and other intermediate information relevant to a node pool upgrade.", "properties": { "blueGreenInfo": { "$ref": "#/types/google-native:container%2Fv1:BlueGreenInfoResponse", "description": "Information of a blue-green upgrade." } }, "type": "object", "required": [ "blueGreenInfo" ] }, "google-native:container/v1:UpgradeSettings": { "description": "These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. These upgrade settings configure the upgrade strategy for the node pool. Use strategy to switch between the strategies applied to the node pool. If the strategy is ROLLING, use max_surge and max_unavailable to control the level of parallelism and the level of disruption caused by upgrade. 1. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. 2. maxUnavailable controls the number of nodes that can be simultaneously unavailable. 3. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). If the strategy is BLUE_GREEN, use blue_green_settings to configure the blue-green upgrade related settings. 1. standard_rollout_policy is the default policy. The policy is used to control the way blue pool gets drained. The draining is executed in the batch mode. The batch size could be specified as either percentage of the node pool size or the number of nodes. batch_soak_duration is the soak time after each batch gets drained. 2. node_pool_soak_duration is the soak time after all blue nodes are drained. After this period, the blue pool nodes will be deleted.", "properties": { "blueGreenSettings": { "$ref": "#/types/google-native:container%2Fv1:BlueGreenSettings", "description": "Settings for blue-green upgrade strategy." }, "maxSurge": { "type": "integer", "description": "The maximum number of nodes that can be created beyond the current size of the node pool during the upgrade process." }, "maxUnavailable": { "type": "integer", "description": "The maximum number of nodes that can be simultaneously unavailable during the upgrade process. A node is considered available if its status is Ready." }, "strategy": { "$ref": "#/types/google-native:container%2Fv1:UpgradeSettingsStrategy", "description": "Update strategy of the node pool." } }, "type": "object" }, "google-native:container/v1:UpgradeSettingsResponse": { "description": "These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. These upgrade settings configure the upgrade strategy for the node pool. Use strategy to switch between the strategies applied to the node pool. If the strategy is ROLLING, use max_surge and max_unavailable to control the level of parallelism and the level of disruption caused by upgrade. 1. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. 2. maxUnavailable controls the number of nodes that can be simultaneously unavailable. 3. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). If the strategy is BLUE_GREEN, use blue_green_settings to configure the blue-green upgrade related settings. 1. standard_rollout_policy is the default policy. The policy is used to control the way blue pool gets drained. The draining is executed in the batch mode. The batch size could be specified as either percentage of the node pool size or the number of nodes. batch_soak_duration is the soak time after each batch gets drained. 2. node_pool_soak_duration is the soak time after all blue nodes are drained. After this period, the blue pool nodes will be deleted.", "properties": { "blueGreenSettings": { "$ref": "#/types/google-native:container%2Fv1:BlueGreenSettingsResponse", "description": "Settings for blue-green upgrade strategy." }, "maxSurge": { "type": "integer", "description": "The maximum number of nodes that can be created beyond the current size of the node pool during the upgrade process." }, "maxUnavailable": { "type": "integer", "description": "The maximum number of nodes that can be simultaneously unavailable during the upgrade process. A node is considered available if its status is Ready." }, "strategy": { "type": "string", "description": "Update strategy of the node pool." } }, "type": "object", "required": [ "blueGreenSettings", "maxSurge", "maxUnavailable", "strategy" ] }, "google-native:container/v1:UpgradeSettingsStrategy": { "description": "Update strategy of the node pool.", "type": "string", "enum": [ { "name": "NodePoolUpdateStrategyUnspecified", "description": "Default value if unset. GKE internally defaults the update strategy to SURGE for unspecified strategies.", "value": "NODE_POOL_UPDATE_STRATEGY_UNSPECIFIED" }, { "name": "BlueGreen", "description": "blue-green upgrade.", "value": "BLUE_GREEN" }, { "name": "Surge", "description": "SURGE is the traditional way of upgrade a node pool. max_surge and max_unavailable determines the level of upgrade parallelism.", "value": "SURGE" } ] }, "google-native:container/v1:VerticalPodAutoscaling": { "description": "VerticalPodAutoscaling contains global, per-cluster information required by Vertical Pod Autoscaler to automatically adjust the resources of pods controlled by it.", "properties": { "enabled": { "type": "boolean", "description": "Enables vertical pod autoscaling." } }, "type": "object" }, "google-native:container/v1:VerticalPodAutoscalingResponse": { "description": "VerticalPodAutoscaling contains global, per-cluster information required by Vertical Pod Autoscaler to automatically adjust the resources of pods controlled by it.", "properties": { "enabled": { "type": "boolean", "description": "Enables vertical pod autoscaling." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1:VirtualNIC": { "description": "Configuration of gVNIC feature.", "properties": { "enabled": { "type": "boolean", "description": "Whether gVNIC features are enabled in the node pool." } }, "type": "object" }, "google-native:container/v1:VirtualNICResponse": { "description": "Configuration of gVNIC feature.", "properties": { "enabled": { "type": "boolean", "description": "Whether gVNIC features are enabled in the node pool." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1:WindowsNodeConfig": { "description": "Parameters that can be configured on Windows nodes. Windows Node Config that define the parameters that will be used to configure the Windows node pool settings", "properties": { "osVersion": { "$ref": "#/types/google-native:container%2Fv1:WindowsNodeConfigOsVersion", "description": "OSVersion specifies the Windows node config to be used on the node" } }, "type": "object" }, "google-native:container/v1:WindowsNodeConfigOsVersion": { "description": "OSVersion specifies the Windows node config to be used on the node", "type": "string", "enum": [ { "name": "OsVersionUnspecified", "description": "When OSVersion is not specified", "value": "OS_VERSION_UNSPECIFIED" }, { "name": "OsVersionLtsc2019", "description": "LTSC2019 specifies to use LTSC2019 as the Windows Servercore Base Image", "value": "OS_VERSION_LTSC2019" }, { "name": "OsVersionLtsc2022", "description": "LTSC2022 specifies to use LTSC2022 as the Windows Servercore Base Image", "value": "OS_VERSION_LTSC2022" } ] }, "google-native:container/v1:WindowsNodeConfigResponse": { "description": "Parameters that can be configured on Windows nodes. Windows Node Config that define the parameters that will be used to configure the Windows node pool settings", "properties": { "osVersion": { "type": "string", "description": "OSVersion specifies the Windows node config to be used on the node" } }, "type": "object", "required": [ "osVersion" ] }, "google-native:container/v1:WorkloadIdentityConfig": { "description": "Configuration for the use of Kubernetes Service Accounts in GCP IAM policies.", "properties": { "workloadPool": { "type": "string", "description": "The workload pool to attach all Kubernetes service accounts to." } }, "type": "object" }, "google-native:container/v1:WorkloadIdentityConfigResponse": { "description": "Configuration for the use of Kubernetes Service Accounts in GCP IAM policies.", "properties": { "workloadPool": { "type": "string", "description": "The workload pool to attach all Kubernetes service accounts to." } }, "type": "object", "required": [ "workloadPool" ] }, "google-native:container/v1:WorkloadMetadataConfig": { "description": "WorkloadMetadataConfig defines the metadata configuration to expose to workloads on the node pool.", "properties": { "mode": { "$ref": "#/types/google-native:container%2Fv1:WorkloadMetadataConfigMode", "description": "Mode is the configuration for how to expose metadata to workloads running on the node pool." } }, "type": "object" }, "google-native:container/v1:WorkloadMetadataConfigMode": { "description": "Mode is the configuration for how to expose metadata to workloads running on the node pool.", "type": "string", "enum": [ { "name": "ModeUnspecified", "description": "Not set.", "value": "MODE_UNSPECIFIED" }, { "name": "GceMetadata", "description": "Expose all Compute Engine metadata to pods.", "value": "GCE_METADATA" }, { "name": "GkeMetadata", "description": "Run the GKE Metadata Server on this node. The GKE Metadata Server exposes a metadata API to workloads that is compatible with the V1 Compute Metadata APIs exposed by the Compute Engine and App Engine Metadata Servers. This feature can only be enabled if Workload Identity is enabled at the cluster level.", "value": "GKE_METADATA" } ] }, "google-native:container/v1:WorkloadMetadataConfigResponse": { "description": "WorkloadMetadataConfig defines the metadata configuration to expose to workloads on the node pool.", "properties": { "mode": { "type": "string", "description": "Mode is the configuration for how to expose metadata to workloads running on the node pool." } }, "type": "object", "required": [ "mode" ] }, "google-native:container/v1:WorkloadPolicyConfig": { "description": "WorkloadPolicyConfig is the configuration of workload policy for autopilot clusters.", "properties": { "allowNetAdmin": { "type": "boolean", "description": "If true, workloads can use NET_ADMIN capability." } }, "type": "object" }, "google-native:container/v1:WorkloadPolicyConfigResponse": { "description": "WorkloadPolicyConfig is the configuration of workload policy for autopilot clusters.", "properties": { "allowNetAdmin": { "type": "boolean", "description": "If true, workloads can use NET_ADMIN capability." } }, "type": "object", "required": [ "allowNetAdmin" ] }, "google-native:container/v1beta1:AcceleratorConfig": { "description": "AcceleratorConfig represents a Hardware Accelerator request.", "properties": { "acceleratorCount": { "type": "string", "description": "The number of the accelerator cards exposed to an instance." }, "acceleratorType": { "type": "string", "description": "The accelerator type resource name. List of supported accelerators [here](https://cloud.google.com/compute/docs/gpus)" }, "gpuDriverInstallationConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:GPUDriverInstallationConfig", "description": "The configuration for auto installation of GPU driver." }, "gpuPartitionSize": { "type": "string", "description": "Size of partitions to create on the GPU. Valid values are described in the NVIDIA [mig user guide](https://docs.nvidia.com/datacenter/tesla/mig-user-guide/#partitioning)." }, "gpuSharingConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:GPUSharingConfig", "description": "The configuration for GPU sharing options." }, "maxTimeSharedClientsPerGpu": { "type": "string", "description": "The number of time-shared GPU resources to expose for each physical GPU." } }, "type": "object" }, "google-native:container/v1beta1:AcceleratorConfigResponse": { "description": "AcceleratorConfig represents a Hardware Accelerator request.", "properties": { "acceleratorCount": { "type": "string", "description": "The number of the accelerator cards exposed to an instance." }, "acceleratorType": { "type": "string", "description": "The accelerator type resource name. List of supported accelerators [here](https://cloud.google.com/compute/docs/gpus)" }, "gpuDriverInstallationConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:GPUDriverInstallationConfigResponse", "description": "The configuration for auto installation of GPU driver." }, "gpuPartitionSize": { "type": "string", "description": "Size of partitions to create on the GPU. Valid values are described in the NVIDIA [mig user guide](https://docs.nvidia.com/datacenter/tesla/mig-user-guide/#partitioning)." }, "gpuSharingConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:GPUSharingConfigResponse", "description": "The configuration for GPU sharing options." }, "maxTimeSharedClientsPerGpu": { "type": "string", "description": "The number of time-shared GPU resources to expose for each physical GPU." } }, "type": "object", "required": [ "acceleratorCount", "acceleratorType", "gpuDriverInstallationConfig", "gpuPartitionSize", "gpuSharingConfig", "maxTimeSharedClientsPerGpu" ] }, "google-native:container/v1beta1:AdditionalNodeNetworkConfig": { "description": "AdditionalNodeNetworkConfig is the configuration for additional node networks within the NodeNetworkConfig message", "properties": { "network": { "type": "string", "description": "Name of the VPC where the additional interface belongs" }, "subnetwork": { "type": "string", "description": "Name of the subnetwork where the additional interface belongs" } }, "type": "object" }, "google-native:container/v1beta1:AdditionalNodeNetworkConfigResponse": { "description": "AdditionalNodeNetworkConfig is the configuration for additional node networks within the NodeNetworkConfig message", "properties": { "network": { "type": "string", "description": "Name of the VPC where the additional interface belongs" }, "subnetwork": { "type": "string", "description": "Name of the subnetwork where the additional interface belongs" } }, "type": "object", "required": [ "network", "subnetwork" ] }, "google-native:container/v1beta1:AdditionalPodNetworkConfig": { "description": "AdditionalPodNetworkConfig is the configuration for additional pod networks within the NodeNetworkConfig message", "properties": { "maxPodsPerNode": { "$ref": "#/types/google-native:container%2Fv1beta1:MaxPodsConstraint", "description": "The maximum number of pods per node which use this pod network" }, "secondaryPodRange": { "type": "string", "description": "The name of the secondary range on the subnet which provides IP address for this pod range" }, "subnetwork": { "type": "string", "description": "Name of the subnetwork where the additional pod network belongs" } }, "type": "object" }, "google-native:container/v1beta1:AdditionalPodNetworkConfigResponse": { "description": "AdditionalPodNetworkConfig is the configuration for additional pod networks within the NodeNetworkConfig message", "properties": { "maxPodsPerNode": { "$ref": "#/types/google-native:container%2Fv1beta1:MaxPodsConstraintResponse", "description": "The maximum number of pods per node which use this pod network" }, "secondaryPodRange": { "type": "string", "description": "The name of the secondary range on the subnet which provides IP address for this pod range" }, "subnetwork": { "type": "string", "description": "Name of the subnetwork where the additional pod network belongs" } }, "type": "object", "required": [ "maxPodsPerNode", "secondaryPodRange", "subnetwork" ] }, "google-native:container/v1beta1:AdditionalPodRangesConfig": { "description": "AdditionalPodRangesConfig is the configuration for additional pod secondary ranges supporting the ClusterUpdate message.", "properties": { "podRangeNames": { "type": "array", "items": { "type": "string" }, "description": "Name for pod secondary ipv4 range which has the actual range defined ahead." } }, "type": "object" }, "google-native:container/v1beta1:AdditionalPodRangesConfigResponse": { "description": "AdditionalPodRangesConfig is the configuration for additional pod secondary ranges supporting the ClusterUpdate message.", "properties": { "podRangeInfo": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1beta1:RangeInfoResponse" }, "description": "[Output only] Information for additional pod range." }, "podRangeNames": { "type": "array", "items": { "type": "string" }, "description": "Name for pod secondary ipv4 range which has the actual range defined ahead." } }, "type": "object", "required": [ "podRangeInfo", "podRangeNames" ] }, "google-native:container/v1beta1:AddonsConfig": { "description": "Configuration for the addons that can be automatically spun up in the cluster, enabling additional functionality.", "properties": { "cloudRunConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:CloudRunConfig", "description": "Configuration for the Cloud Run addon. The `IstioConfig` addon must be enabled in order to enable Cloud Run addon. This option can only be enabled at cluster creation time." }, "configConnectorConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:ConfigConnectorConfig", "description": "Configuration for the ConfigConnector add-on, a Kubernetes extension to manage hosted GCP services through the Kubernetes API" }, "dnsCacheConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:DnsCacheConfig", "description": "Configuration for NodeLocalDNS, a dns cache running on cluster nodes" }, "gcePersistentDiskCsiDriverConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:GcePersistentDiskCsiDriverConfig", "description": "Configuration for the Compute Engine Persistent Disk CSI driver." }, "gcpFilestoreCsiDriverConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:GcpFilestoreCsiDriverConfig", "description": "Configuration for the GCP Filestore CSI driver." }, "gcsFuseCsiDriverConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:GcsFuseCsiDriverConfig", "description": "Configuration for the Cloud Storage Fuse CSI driver." }, "gkeBackupAgentConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:GkeBackupAgentConfig", "description": "Configuration for the Backup for GKE agent addon." }, "horizontalPodAutoscaling": { "$ref": "#/types/google-native:container%2Fv1beta1:HorizontalPodAutoscaling", "description": "Configuration for the horizontal pod autoscaling feature, which increases or decreases the number of replica pods a replication controller has based on the resource usage of the existing pods." }, "httpLoadBalancing": { "$ref": "#/types/google-native:container%2Fv1beta1:HttpLoadBalancing", "description": "Configuration for the HTTP (L7) load balancing controller addon, which makes it easy to set up HTTP load balancers for services in a cluster." }, "istioConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:IstioConfig", "description": "Configuration for Istio, an open platform to connect, manage, and secure microservices." }, "kalmConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:KalmConfig", "description": "Configuration for the KALM addon, which manages the lifecycle of k8s applications." }, "kubernetesDashboard": { "$ref": "#/types/google-native:container%2Fv1beta1:KubernetesDashboard", "description": "Configuration for the Kubernetes Dashboard. This addon is deprecated, and will be disabled in 1.15. It is recommended to use the Cloud Console to manage and monitor your Kubernetes clusters, workloads and applications. For more information, see: https://cloud.google.com/kubernetes-engine/docs/concepts/dashboards" }, "networkPolicyConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:NetworkPolicyConfig", "description": "Configuration for NetworkPolicy. This only tracks whether the addon is enabled or not on the Master, it does not track whether network policy is enabled for the nodes." } }, "type": "object" }, "google-native:container/v1beta1:AddonsConfigResponse": { "description": "Configuration for the addons that can be automatically spun up in the cluster, enabling additional functionality.", "properties": { "cloudRunConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:CloudRunConfigResponse", "description": "Configuration for the Cloud Run addon. The `IstioConfig` addon must be enabled in order to enable Cloud Run addon. This option can only be enabled at cluster creation time." }, "configConnectorConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:ConfigConnectorConfigResponse", "description": "Configuration for the ConfigConnector add-on, a Kubernetes extension to manage hosted GCP services through the Kubernetes API" }, "dnsCacheConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:DnsCacheConfigResponse", "description": "Configuration for NodeLocalDNS, a dns cache running on cluster nodes" }, "gcePersistentDiskCsiDriverConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:GcePersistentDiskCsiDriverConfigResponse", "description": "Configuration for the Compute Engine Persistent Disk CSI driver." }, "gcpFilestoreCsiDriverConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:GcpFilestoreCsiDriverConfigResponse", "description": "Configuration for the GCP Filestore CSI driver." }, "gcsFuseCsiDriverConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:GcsFuseCsiDriverConfigResponse", "description": "Configuration for the Cloud Storage Fuse CSI driver." }, "gkeBackupAgentConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:GkeBackupAgentConfigResponse", "description": "Configuration for the Backup for GKE agent addon." }, "horizontalPodAutoscaling": { "$ref": "#/types/google-native:container%2Fv1beta1:HorizontalPodAutoscalingResponse", "description": "Configuration for the horizontal pod autoscaling feature, which increases or decreases the number of replica pods a replication controller has based on the resource usage of the existing pods." }, "httpLoadBalancing": { "$ref": "#/types/google-native:container%2Fv1beta1:HttpLoadBalancingResponse", "description": "Configuration for the HTTP (L7) load balancing controller addon, which makes it easy to set up HTTP load balancers for services in a cluster." }, "istioConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:IstioConfigResponse", "description": "Configuration for Istio, an open platform to connect, manage, and secure microservices." }, "kalmConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:KalmConfigResponse", "description": "Configuration for the KALM addon, which manages the lifecycle of k8s applications." }, "kubernetesDashboard": { "$ref": "#/types/google-native:container%2Fv1beta1:KubernetesDashboardResponse", "description": "Configuration for the Kubernetes Dashboard. This addon is deprecated, and will be disabled in 1.15. It is recommended to use the Cloud Console to manage and monitor your Kubernetes clusters, workloads and applications. For more information, see: https://cloud.google.com/kubernetes-engine/docs/concepts/dashboards" }, "networkPolicyConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:NetworkPolicyConfigResponse", "description": "Configuration for NetworkPolicy. This only tracks whether the addon is enabled or not on the Master, it does not track whether network policy is enabled for the nodes." } }, "type": "object", "required": [ "cloudRunConfig", "configConnectorConfig", "dnsCacheConfig", "gcePersistentDiskCsiDriverConfig", "gcpFilestoreCsiDriverConfig", "gcsFuseCsiDriverConfig", "gkeBackupAgentConfig", "horizontalPodAutoscaling", "httpLoadBalancing", "istioConfig", "kalmConfig", "kubernetesDashboard", "networkPolicyConfig" ] }, "google-native:container/v1beta1:AdvancedDatapathObservabilityConfig": { "description": "AdvancedDatapathObservabilityConfig specifies configuration of observability features of advanced datapath.", "properties": { "enableMetrics": { "type": "boolean", "description": "Expose flow metrics on nodes" }, "relayMode": { "$ref": "#/types/google-native:container%2Fv1beta1:AdvancedDatapathObservabilityConfigRelayMode", "description": "Method used to make Relay available" } }, "type": "object" }, "google-native:container/v1beta1:AdvancedDatapathObservabilityConfigRelayMode": { "description": "Method used to make Relay available", "type": "string", "enum": [ { "name": "RelayModeUnspecified", "description": "Default value. This shouldn't be used.", "value": "RELAY_MODE_UNSPECIFIED" }, { "name": "Disabled", "description": "disabled", "value": "DISABLED" }, { "name": "InternalVpcLb", "description": "exposed via internal load balancer", "value": "INTERNAL_VPC_LB" }, { "name": "ExternalLb", "description": "exposed via external load balancer", "value": "EXTERNAL_LB" } ] }, "google-native:container/v1beta1:AdvancedDatapathObservabilityConfigResponse": { "description": "AdvancedDatapathObservabilityConfig specifies configuration of observability features of advanced datapath.", "properties": { "enableMetrics": { "type": "boolean", "description": "Expose flow metrics on nodes" }, "relayMode": { "type": "string", "description": "Method used to make Relay available" } }, "type": "object", "required": [ "enableMetrics", "relayMode" ] }, "google-native:container/v1beta1:AdvancedMachineFeatures": { "description": "Specifies options for controlling advanced machine features.", "properties": { "threadsPerCore": { "type": "string", "description": "The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed." } }, "type": "object" }, "google-native:container/v1beta1:AdvancedMachineFeaturesResponse": { "description": "Specifies options for controlling advanced machine features.", "properties": { "threadsPerCore": { "type": "string", "description": "The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed." } }, "type": "object", "required": [ "threadsPerCore" ] }, "google-native:container/v1beta1:AuthenticatorGroupsConfig": { "description": "Configuration for returning group information from authenticators.", "properties": { "enabled": { "type": "boolean", "description": "Whether this cluster should return group membership lookups during authentication using a group of security groups." }, "securityGroup": { "type": "string", "description": "The name of the security group-of-groups to be used. Only relevant if enabled = true." } }, "type": "object" }, "google-native:container/v1beta1:AuthenticatorGroupsConfigResponse": { "description": "Configuration for returning group information from authenticators.", "properties": { "enabled": { "type": "boolean", "description": "Whether this cluster should return group membership lookups during authentication using a group of security groups." }, "securityGroup": { "type": "string", "description": "The name of the security group-of-groups to be used. Only relevant if enabled = true." } }, "type": "object", "required": [ "enabled", "securityGroup" ] }, "google-native:container/v1beta1:AutoUpgradeOptions": { "description": "AutoUpgradeOptions defines the set of options for the user to control how the Auto Upgrades will proceed.", "type": "object" }, "google-native:container/v1beta1:AutoUpgradeOptionsResponse": { "description": "AutoUpgradeOptions defines the set of options for the user to control how the Auto Upgrades will proceed.", "properties": { "autoUpgradeStartTime": { "type": "string", "description": "[Output only] This field is set when upgrades are about to commence with the approximate start time for the upgrades, in [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format." }, "description": { "type": "string", "description": "[Output only] This field is set when upgrades are about to commence with the description of the upgrade." } }, "type": "object", "required": [ "autoUpgradeStartTime", "description" ] }, "google-native:container/v1beta1:Autopilot": { "description": "Autopilot is the configuration for Autopilot settings on the cluster.", "properties": { "conversionStatus": { "$ref": "#/types/google-native:container%2Fv1beta1:AutopilotConversionStatus", "description": "ConversionStatus shows conversion status." }, "enabled": { "type": "boolean", "description": "Enable Autopilot" }, "workloadPolicyConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:WorkloadPolicyConfig", "description": "Workload policy configuration for Autopilot." } }, "type": "object" }, "google-native:container/v1beta1:AutopilotConversionStatus": { "description": "AutopilotConversionStatus represents conversion status.", "type": "object" }, "google-native:container/v1beta1:AutopilotConversionStatusResponse": { "description": "AutopilotConversionStatus represents conversion status.", "properties": { "state": { "type": "string", "description": "The current state of the conversion." } }, "type": "object", "required": [ "state" ] }, "google-native:container/v1beta1:AutopilotResponse": { "description": "Autopilot is the configuration for Autopilot settings on the cluster.", "properties": { "conversionStatus": { "$ref": "#/types/google-native:container%2Fv1beta1:AutopilotConversionStatusResponse", "description": "ConversionStatus shows conversion status." }, "enabled": { "type": "boolean", "description": "Enable Autopilot" }, "workloadPolicyConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:WorkloadPolicyConfigResponse", "description": "Workload policy configuration for Autopilot." } }, "type": "object", "required": [ "conversionStatus", "enabled", "workloadPolicyConfig" ] }, "google-native:container/v1beta1:AutoprovisioningNodePoolDefaults": { "description": "AutoprovisioningNodePoolDefaults contains defaults for a node pool created by NAP.", "properties": { "bootDiskKmsKey": { "type": "string", "description": " The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption" }, "diskSizeGb": { "type": "integer", "description": "Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. If unspecified, the default disk size is 100GB." }, "diskType": { "type": "string", "description": "Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced') If unspecified, the default disk type is 'pd-standard'" }, "imageType": { "type": "string", "description": "The image type to use for NAP created node. Please see https://cloud.google.com/kubernetes-engine/docs/concepts/node-images for available image types." }, "insecureKubeletReadonlyPortEnabled": { "type": "boolean", "description": "Enable or disable Kubelet read only port." }, "management": { "$ref": "#/types/google-native:container%2Fv1beta1:NodeManagement", "description": "NodeManagement configuration for this NodePool." }, "minCpuPlatform": { "type": "string", "description": "Deprecated. Minimum CPU platform to be used for NAP created node pools. The instance may be scheduled on the specified or newer CPU platform. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: Intel Haswell or minCpuPlatform: Intel Sandy Bridge. For more information, read [how to specify min CPU platform](https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform). This field is deprecated, min_cpu_platform should be specified using `cloud.google.com/requested-min-cpu-platform` label selector on the pod. To unset the min cpu platform field pass \"automatic\" as field value.", "deprecationMessage": "Deprecated. Minimum CPU platform to be used for NAP created node pools. The instance may be scheduled on the specified or newer CPU platform. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: Intel Haswell or minCpuPlatform: Intel Sandy Bridge. For more information, read [how to specify min CPU platform](https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform). This field is deprecated, min_cpu_platform should be specified using `cloud.google.com/requested-min-cpu-platform` label selector on the pod. To unset the min cpu platform field pass \"automatic\" as field value." }, "oauthScopes": { "type": "array", "items": { "type": "string" }, "description": "The set of Google API scopes to be made available on all of the node VMs under the \"default\" service account. The following scopes are recommended, but not required, and by default are not included: * `https://www.googleapis.com/auth/compute` is required for mounting persistent storage on your nodes. * `https://www.googleapis.com/auth/devstorage.read_only` is required for communicating with **gcr.io** (the [Google Container Registry](https://cloud.google.com/container-registry/)). If unspecified, no scopes are added, unless Cloud Logging or Cloud Monitoring are enabled, in which case their required scopes will be added." }, "serviceAccount": { "type": "string", "description": "The Google Cloud Platform Service Account to be used by the node VMs. Specify the email address of the Service Account; otherwise, if no Service Account is specified, the \"default\" service account is used." }, "shieldedInstanceConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:ShieldedInstanceConfig", "description": "Shielded Instance options." }, "upgradeSettings": { "$ref": "#/types/google-native:container%2Fv1beta1:UpgradeSettings", "description": "Upgrade settings control disruption and speed of the upgrade." } }, "type": "object" }, "google-native:container/v1beta1:AutoprovisioningNodePoolDefaultsResponse": { "description": "AutoprovisioningNodePoolDefaults contains defaults for a node pool created by NAP.", "properties": { "bootDiskKmsKey": { "type": "string", "description": " The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption" }, "diskSizeGb": { "type": "integer", "description": "Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. If unspecified, the default disk size is 100GB." }, "diskType": { "type": "string", "description": "Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced') If unspecified, the default disk type is 'pd-standard'" }, "imageType": { "type": "string", "description": "The image type to use for NAP created node. Please see https://cloud.google.com/kubernetes-engine/docs/concepts/node-images for available image types." }, "insecureKubeletReadonlyPortEnabled": { "type": "boolean", "description": "Enable or disable Kubelet read only port." }, "management": { "$ref": "#/types/google-native:container%2Fv1beta1:NodeManagementResponse", "description": "NodeManagement configuration for this NodePool." }, "minCpuPlatform": { "type": "string", "description": "Deprecated. Minimum CPU platform to be used for NAP created node pools. The instance may be scheduled on the specified or newer CPU platform. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: Intel Haswell or minCpuPlatform: Intel Sandy Bridge. For more information, read [how to specify min CPU platform](https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform). This field is deprecated, min_cpu_platform should be specified using `cloud.google.com/requested-min-cpu-platform` label selector on the pod. To unset the min cpu platform field pass \"automatic\" as field value.", "deprecationMessage": "Deprecated. Minimum CPU platform to be used for NAP created node pools. The instance may be scheduled on the specified or newer CPU platform. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: Intel Haswell or minCpuPlatform: Intel Sandy Bridge. For more information, read [how to specify min CPU platform](https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform). This field is deprecated, min_cpu_platform should be specified using `cloud.google.com/requested-min-cpu-platform` label selector on the pod. To unset the min cpu platform field pass \"automatic\" as field value." }, "oauthScopes": { "type": "array", "items": { "type": "string" }, "description": "The set of Google API scopes to be made available on all of the node VMs under the \"default\" service account. The following scopes are recommended, but not required, and by default are not included: * `https://www.googleapis.com/auth/compute` is required for mounting persistent storage on your nodes. * `https://www.googleapis.com/auth/devstorage.read_only` is required for communicating with **gcr.io** (the [Google Container Registry](https://cloud.google.com/container-registry/)). If unspecified, no scopes are added, unless Cloud Logging or Cloud Monitoring are enabled, in which case their required scopes will be added." }, "serviceAccount": { "type": "string", "description": "The Google Cloud Platform Service Account to be used by the node VMs. Specify the email address of the Service Account; otherwise, if no Service Account is specified, the \"default\" service account is used." }, "shieldedInstanceConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:ShieldedInstanceConfigResponse", "description": "Shielded Instance options." }, "upgradeSettings": { "$ref": "#/types/google-native:container%2Fv1beta1:UpgradeSettingsResponse", "description": "Upgrade settings control disruption and speed of the upgrade." } }, "type": "object", "required": [ "bootDiskKmsKey", "diskSizeGb", "diskType", "imageType", "insecureKubeletReadonlyPortEnabled", "management", "minCpuPlatform", "oauthScopes", "serviceAccount", "shieldedInstanceConfig", "upgradeSettings" ] }, "google-native:container/v1beta1:AvailableVersionResponse": { "description": "Deprecated.", "properties": { "reason": { "type": "string", "description": "Reason for availability." }, "version": { "type": "string", "description": "Kubernetes version." } }, "type": "object", "required": [ "reason", "version" ] }, "google-native:container/v1beta1:BestEffortProvisioning": { "description": "Best effort provisioning.", "properties": { "enabled": { "type": "boolean", "description": "When this is enabled, cluster/node pool creations will ignore non-fatal errors like stockout to best provision as many nodes as possible right now and eventually bring up all target number of nodes" }, "minProvisionNodes": { "type": "integer", "description": "Minimum number of nodes to be provisioned to be considered as succeeded, and the rest of nodes will be provisioned gradually and eventually when stockout issue has been resolved." } }, "type": "object" }, "google-native:container/v1beta1:BestEffortProvisioningResponse": { "description": "Best effort provisioning.", "properties": { "enabled": { "type": "boolean", "description": "When this is enabled, cluster/node pool creations will ignore non-fatal errors like stockout to best provision as many nodes as possible right now and eventually bring up all target number of nodes" }, "minProvisionNodes": { "type": "integer", "description": "Minimum number of nodes to be provisioned to be considered as succeeded, and the rest of nodes will be provisioned gradually and eventually when stockout issue has been resolved." } }, "type": "object", "required": [ "enabled", "minProvisionNodes" ] }, "google-native:container/v1beta1:BigQueryDestination": { "description": "Parameters for using BigQuery as the destination of resource usage export.", "properties": { "datasetId": { "type": "string", "description": "The ID of a BigQuery Dataset." } }, "type": "object" }, "google-native:container/v1beta1:BigQueryDestinationResponse": { "description": "Parameters for using BigQuery as the destination of resource usage export.", "properties": { "datasetId": { "type": "string", "description": "The ID of a BigQuery Dataset." } }, "type": "object", "required": [ "datasetId" ] }, "google-native:container/v1beta1:BinaryAuthorization": { "description": "Configuration for Binary Authorization.", "properties": { "enabled": { "type": "boolean", "description": "This field is deprecated. Leave this unset and instead configure BinaryAuthorization using evaluation_mode. If evaluation_mode is set to anything other than EVALUATION_MODE_UNSPECIFIED, this field is ignored.", "deprecationMessage": "This field is deprecated. Leave this unset and instead configure BinaryAuthorization using evaluation_mode. If evaluation_mode is set to anything other than EVALUATION_MODE_UNSPECIFIED, this field is ignored." }, "evaluationMode": { "$ref": "#/types/google-native:container%2Fv1beta1:BinaryAuthorizationEvaluationMode", "description": "Mode of operation for binauthz policy evaluation. If unspecified, defaults to DISABLED." }, "policyBindings": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1beta1:PolicyBinding" }, "description": "Optional. Binauthz policies that apply to this cluster." } }, "type": "object" }, "google-native:container/v1beta1:BinaryAuthorizationEvaluationMode": { "description": "Mode of operation for binauthz policy evaluation. If unspecified, defaults to DISABLED.", "type": "string", "enum": [ { "name": "EvaluationModeUnspecified", "description": "Default value", "value": "EVALUATION_MODE_UNSPECIFIED" }, { "name": "Disabled", "description": "Disable BinaryAuthorization", "value": "DISABLED" }, { "name": "ProjectSingletonPolicyEnforce", "description": "Enforce Kubernetes admission requests with BinaryAuthorization using the project's singleton policy. This is equivalent to setting the enabled boolean to true.", "value": "PROJECT_SINGLETON_POLICY_ENFORCE" }, { "name": "PolicyBindings", "description": "Use Binary Authorization with the policies specified in policy_bindings.", "value": "POLICY_BINDINGS" }, { "name": "PolicyBindingsAndProjectSingletonPolicyEnforce", "description": "Use Binary Authorization with the policies specified in policy_bindings, and also with the project's singleton policy in enforcement mode.", "value": "POLICY_BINDINGS_AND_PROJECT_SINGLETON_POLICY_ENFORCE" } ] }, "google-native:container/v1beta1:BinaryAuthorizationResponse": { "description": "Configuration for Binary Authorization.", "properties": { "enabled": { "type": "boolean", "description": "This field is deprecated. Leave this unset and instead configure BinaryAuthorization using evaluation_mode. If evaluation_mode is set to anything other than EVALUATION_MODE_UNSPECIFIED, this field is ignored.", "deprecationMessage": "This field is deprecated. Leave this unset and instead configure BinaryAuthorization using evaluation_mode. If evaluation_mode is set to anything other than EVALUATION_MODE_UNSPECIFIED, this field is ignored." }, "evaluationMode": { "type": "string", "description": "Mode of operation for binauthz policy evaluation. If unspecified, defaults to DISABLED." }, "policyBindings": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1beta1:PolicyBindingResponse" }, "description": "Optional. Binauthz policies that apply to this cluster." } }, "type": "object", "required": [ "enabled", "evaluationMode", "policyBindings" ] }, "google-native:container/v1beta1:BlueGreenInfoResponse": { "description": "Information relevant to blue-green upgrade.", "properties": { "blueInstanceGroupUrls": { "type": "array", "items": { "type": "string" }, "description": "The resource URLs of the [managed instance groups] (/compute/docs/instance-groups/creating-groups-of-managed-instances) associated with blue pool." }, "bluePoolDeletionStartTime": { "type": "string", "description": "Time to start deleting blue pool to complete blue-green upgrade, in [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format." }, "greenInstanceGroupUrls": { "type": "array", "items": { "type": "string" }, "description": "The resource URLs of the [managed instance groups] (/compute/docs/instance-groups/creating-groups-of-managed-instances) associated with green pool." }, "greenPoolVersion": { "type": "string", "description": "Version of green pool." }, "phase": { "type": "string", "description": "Current blue-green upgrade phase." } }, "type": "object", "required": [ "blueInstanceGroupUrls", "bluePoolDeletionStartTime", "greenInstanceGroupUrls", "greenPoolVersion", "phase" ] }, "google-native:container/v1beta1:BlueGreenSettings": { "description": "Settings for blue-green upgrade.", "properties": { "nodePoolSoakDuration": { "type": "string", "description": "Time needed after draining entire blue pool. After this period, blue pool will be cleaned up." }, "standardRolloutPolicy": { "$ref": "#/types/google-native:container%2Fv1beta1:StandardRolloutPolicy", "description": "Standard policy for the blue-green upgrade." } }, "type": "object" }, "google-native:container/v1beta1:BlueGreenSettingsResponse": { "description": "Settings for blue-green upgrade.", "properties": { "nodePoolSoakDuration": { "type": "string", "description": "Time needed after draining entire blue pool. After this period, blue pool will be cleaned up." }, "standardRolloutPolicy": { "$ref": "#/types/google-native:container%2Fv1beta1:StandardRolloutPolicyResponse", "description": "Standard policy for the blue-green upgrade." } }, "type": "object", "required": [ "nodePoolSoakDuration", "standardRolloutPolicy" ] }, "google-native:container/v1beta1:CidrBlock": { "description": "CidrBlock contains an optional name and one CIDR block.", "properties": { "cidrBlock": { "type": "string", "description": "cidr_block must be specified in CIDR notation." }, "displayName": { "type": "string", "description": "display_name is an optional field for users to identify CIDR blocks." } }, "type": "object" }, "google-native:container/v1beta1:CidrBlockResponse": { "description": "CidrBlock contains an optional name and one CIDR block.", "properties": { "cidrBlock": { "type": "string", "description": "cidr_block must be specified in CIDR notation." }, "displayName": { "type": "string", "description": "display_name is an optional field for users to identify CIDR blocks." } }, "type": "object", "required": [ "cidrBlock", "displayName" ] }, "google-native:container/v1beta1:ClientCertificateConfig": { "description": "Configuration for client certificates on the cluster.", "properties": { "issueClientCertificate": { "type": "boolean", "description": "Issue a client certificate." } }, "type": "object" }, "google-native:container/v1beta1:ClientCertificateConfigResponse": { "description": "Configuration for client certificates on the cluster.", "properties": { "issueClientCertificate": { "type": "boolean", "description": "Issue a client certificate." } }, "type": "object", "required": [ "issueClientCertificate" ] }, "google-native:container/v1beta1:CloudRunConfig": { "description": "Configuration options for the Cloud Run feature.", "properties": { "disabled": { "type": "boolean", "description": "Whether Cloud Run addon is enabled for this cluster." }, "loadBalancerType": { "$ref": "#/types/google-native:container%2Fv1beta1:CloudRunConfigLoadBalancerType", "description": "Which load balancer type is installed for Cloud Run." } }, "type": "object" }, "google-native:container/v1beta1:CloudRunConfigLoadBalancerType": { "description": "Which load balancer type is installed for Cloud Run.", "type": "string", "enum": [ { "name": "LoadBalancerTypeUnspecified", "description": "Load balancer type for Cloud Run is unspecified.", "value": "LOAD_BALANCER_TYPE_UNSPECIFIED" }, { "name": "LoadBalancerTypeExternal", "description": "Install external load balancer for Cloud Run.", "value": "LOAD_BALANCER_TYPE_EXTERNAL" }, { "name": "LoadBalancerTypeInternal", "description": "Install internal load balancer for Cloud Run.", "value": "LOAD_BALANCER_TYPE_INTERNAL" } ] }, "google-native:container/v1beta1:CloudRunConfigResponse": { "description": "Configuration options for the Cloud Run feature.", "properties": { "disabled": { "type": "boolean", "description": "Whether Cloud Run addon is enabled for this cluster." }, "loadBalancerType": { "type": "string", "description": "Which load balancer type is installed for Cloud Run." } }, "type": "object", "required": [ "disabled", "loadBalancerType" ] }, "google-native:container/v1beta1:ClusterAutoscaling": { "description": "ClusterAutoscaling contains global, per-cluster information required by Cluster Autoscaler to automatically adjust the size of the cluster and create/delete node pools based on the current needs.", "properties": { "autoprovisioningLocations": { "type": "array", "items": { "type": "string" }, "description": "The list of Google Compute Engine [zones](https://cloud.google.com/compute/docs/zones#available) in which the NodePool's nodes can be created by NAP." }, "autoprovisioningNodePoolDefaults": { "$ref": "#/types/google-native:container%2Fv1beta1:AutoprovisioningNodePoolDefaults", "description": "AutoprovisioningNodePoolDefaults contains defaults for a node pool created by NAP." }, "autoscalingProfile": { "$ref": "#/types/google-native:container%2Fv1beta1:ClusterAutoscalingAutoscalingProfile", "description": "Defines autoscaling behaviour." }, "enableNodeAutoprovisioning": { "type": "boolean", "description": "Enables automatic node pool creation and deletion." }, "resourceLimits": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1beta1:ResourceLimit" }, "description": "Contains global constraints regarding minimum and maximum amount of resources in the cluster." } }, "type": "object" }, "google-native:container/v1beta1:ClusterAutoscalingAutoscalingProfile": { "description": "Defines autoscaling behaviour.", "type": "string", "enum": [ { "name": "ProfileUnspecified", "description": "No change to autoscaling configuration.", "value": "PROFILE_UNSPECIFIED" }, { "name": "OptimizeUtilization", "description": "Prioritize optimizing utilization of resources.", "value": "OPTIMIZE_UTILIZATION" }, { "name": "Balanced", "description": "Use default (balanced) autoscaling configuration.", "value": "BALANCED" } ] }, "google-native:container/v1beta1:ClusterAutoscalingResponse": { "description": "ClusterAutoscaling contains global, per-cluster information required by Cluster Autoscaler to automatically adjust the size of the cluster and create/delete node pools based on the current needs.", "properties": { "autoprovisioningLocations": { "type": "array", "items": { "type": "string" }, "description": "The list of Google Compute Engine [zones](https://cloud.google.com/compute/docs/zones#available) in which the NodePool's nodes can be created by NAP." }, "autoprovisioningNodePoolDefaults": { "$ref": "#/types/google-native:container%2Fv1beta1:AutoprovisioningNodePoolDefaultsResponse", "description": "AutoprovisioningNodePoolDefaults contains defaults for a node pool created by NAP." }, "autoscalingProfile": { "type": "string", "description": "Defines autoscaling behaviour." }, "enableNodeAutoprovisioning": { "type": "boolean", "description": "Enables automatic node pool creation and deletion." }, "resourceLimits": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1beta1:ResourceLimitResponse" }, "description": "Contains global constraints regarding minimum and maximum amount of resources in the cluster." } }, "type": "object", "required": [ "autoprovisioningLocations", "autoprovisioningNodePoolDefaults", "autoscalingProfile", "enableNodeAutoprovisioning", "resourceLimits" ] }, "google-native:container/v1beta1:ClusterNetworkPerformanceConfig": { "description": "Configuration of all network bandwidth tiers", "properties": { "totalEgressBandwidthTier": { "$ref": "#/types/google-native:container%2Fv1beta1:ClusterNetworkPerformanceConfigTotalEgressBandwidthTier", "description": "Specifies the total network bandwidth tier for the NodePool." } }, "type": "object" }, "google-native:container/v1beta1:ClusterNetworkPerformanceConfigResponse": { "description": "Configuration of all network bandwidth tiers", "properties": { "totalEgressBandwidthTier": { "type": "string", "description": "Specifies the total network bandwidth tier for the NodePool." } }, "type": "object", "required": [ "totalEgressBandwidthTier" ] }, "google-native:container/v1beta1:ClusterNetworkPerformanceConfigTotalEgressBandwidthTier": { "description": "Specifies the total network bandwidth tier for the NodePool.", "type": "string", "enum": [ { "name": "TierUnspecified", "description": "Default value", "value": "TIER_UNSPECIFIED" }, { "name": "Tier1", "description": "Higher bandwidth, actual values based on VM size.", "value": "TIER_1" } ] }, "google-native:container/v1beta1:ClusterTelemetry": { "description": "Telemetry integration for the cluster.", "properties": { "type": { "$ref": "#/types/google-native:container%2Fv1beta1:ClusterTelemetryType", "description": "Type of the integration." } }, "type": "object" }, "google-native:container/v1beta1:ClusterTelemetryResponse": { "description": "Telemetry integration for the cluster.", "properties": { "type": { "type": "string", "description": "Type of the integration." } }, "type": "object", "required": [ "type" ] }, "google-native:container/v1beta1:ClusterTelemetryType": { "description": "Type of the integration.", "type": "string", "enum": [ { "name": "Unspecified", "description": "Not set.", "value": "UNSPECIFIED" }, { "name": "Disabled", "description": "Monitoring integration is disabled.", "value": "DISABLED" }, { "name": "Enabled", "description": "Monitoring integration is enabled.", "value": "ENABLED" }, { "name": "SystemOnly", "description": "Only system components are monitored and logged.", "value": "SYSTEM_ONLY" } ] }, "google-native:container/v1beta1:ClusterUpdate": { "description": "ClusterUpdate describes an update to the cluster. Exactly one update can be applied to a cluster with each request, so at most one field can be provided.", "properties": { "additionalPodRangesConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:AdditionalPodRangesConfig", "description": "The additional pod ranges to be added to the cluster. These pod ranges can be used by node pools to allocate pod IPs." }, "desiredAddonsConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:AddonsConfig", "description": "Configurations for the various addons available to run in the cluster." }, "desiredAuthenticatorGroupsConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:AuthenticatorGroupsConfig", "description": "AuthenticatorGroupsConfig specifies the config for the cluster security groups settings." }, "desiredAutopilotWorkloadPolicyConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:WorkloadPolicyConfig", "description": "The desired workload policy configuration for the autopilot cluster." }, "desiredBinaryAuthorization": { "$ref": "#/types/google-native:container%2Fv1beta1:BinaryAuthorization", "description": "The desired configuration options for the Binary Authorization feature." }, "desiredClusterAutoscaling": { "$ref": "#/types/google-native:container%2Fv1beta1:ClusterAutoscaling", "description": "Cluster-level autoscaling configuration." }, "desiredClusterTelemetry": { "$ref": "#/types/google-native:container%2Fv1beta1:ClusterTelemetry", "description": "The desired telemetry integration for the cluster." }, "desiredCostManagementConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:CostManagementConfig", "description": "The desired configuration for the fine-grained cost management feature." }, "desiredDatabaseEncryption": { "$ref": "#/types/google-native:container%2Fv1beta1:DatabaseEncryption", "description": "Configuration of etcd encryption." }, "desiredDatapathProvider": { "$ref": "#/types/google-native:container%2Fv1beta1:ClusterUpdateDesiredDatapathProvider", "description": "The desired datapath provider for the cluster." }, "desiredDefaultSnatStatus": { "$ref": "#/types/google-native:container%2Fv1beta1:DefaultSnatStatus", "description": "The desired status of whether to disable default sNAT for this cluster." }, "desiredDnsConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:DNSConfig", "description": "DNSConfig contains clusterDNS config for this cluster." }, "desiredEnableFqdnNetworkPolicy": { "type": "boolean", "description": "Enable/Disable FQDN Network Policy for the cluster." }, "desiredEnablePrivateEndpoint": { "type": "boolean", "description": "Enable/Disable private endpoint for the cluster's master." }, "desiredFleet": { "$ref": "#/types/google-native:container%2Fv1beta1:Fleet", "description": "The desired fleet configuration for the cluster." }, "desiredGatewayApiConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:GatewayAPIConfig", "description": "The desired config of Gateway API on this cluster." }, "desiredGcfsConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:GcfsConfig", "description": "The desired GCFS config for the cluster." }, "desiredHostMaintenancePolicy": { "$ref": "#/types/google-native:container%2Fv1beta1:HostMaintenancePolicy", "description": "HostMaintenancePolicy contains the desired maintenance policy for the Google Compute Engine hosts." }, "desiredIdentityServiceConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:IdentityServiceConfig", "description": "The desired Identity Service component configuration." }, "desiredImageType": { "type": "string", "description": "The desired image type for the node pool. NOTE: Set the \"desired_node_pool\" field as well." }, "desiredInTransitEncryptionConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:ClusterUpdateDesiredInTransitEncryptionConfig", "description": "Specify the details of in-transit encryption." }, "desiredIntraNodeVisibilityConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:IntraNodeVisibilityConfig", "description": "The desired config of Intra-node visibility." }, "desiredK8sBetaApis": { "$ref": "#/types/google-native:container%2Fv1beta1:K8sBetaAPIConfig", "description": "Beta APIs enabled for cluster." }, "desiredL4ilbSubsettingConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:ILBSubsettingConfig", "description": "The desired L4 Internal Load Balancer Subsetting configuration." }, "desiredLocations": { "type": "array", "items": { "type": "string" }, "description": "The desired list of Google Compute Engine [zones](https://cloud.google.com/compute/docs/zones#available) in which the cluster's nodes should be located. This list must always include the cluster's primary zone. Warning: changing cluster locations will update the locations of all node pools and will result in nodes being added and/or removed." }, "desiredLoggingConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:LoggingConfig", "description": "The desired logging configuration." }, "desiredLoggingService": { "type": "string", "description": "The logging service the cluster should use to write logs. Currently available options: * `logging.googleapis.com/kubernetes` - The Cloud Logging service with a Kubernetes-native resource model * `logging.googleapis.com` - The legacy Cloud Logging service (no longer available as of GKE 1.15). * `none` - no logs will be exported from the cluster. If left as an empty string,`logging.googleapis.com/kubernetes` will be used for GKE 1.14+ or `logging.googleapis.com` for earlier versions." }, "desiredMaster": { "$ref": "#/types/google-native:container%2Fv1beta1:Master", "description": "Configuration for master components." }, "desiredMasterAuthorizedNetworksConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:MasterAuthorizedNetworksConfig", "description": "The desired configuration options for master authorized networks feature." }, "desiredMasterVersion": { "type": "string", "description": "The Kubernetes version to change the master to. The only valid value is the latest supported version. Users may specify either explicit versions offered by Kubernetes Engine or version aliases, which have the following behavior: - \"latest\": picks the highest valid Kubernetes version - \"1.X\": picks the highest valid patch+gke.N patch in the 1.X version - \"1.X.Y\": picks the highest valid gke.N patch in the 1.X.Y version - \"1.X.Y-gke.N\": picks an explicit Kubernetes version - \"-\": picks the default Kubernetes version" }, "desiredMeshCertificates": { "$ref": "#/types/google-native:container%2Fv1beta1:MeshCertificates", "description": "Configuration for issuance of mTLS keys and certificates to Kubernetes pods." }, "desiredMonitoringConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:MonitoringConfig", "description": "The desired monitoring configuration." }, "desiredMonitoringService": { "type": "string", "description": "The monitoring service the cluster should use to write metrics. Currently available options: * \"monitoring.googleapis.com/kubernetes\" - The Cloud Monitoring service with a Kubernetes-native resource model * `monitoring.googleapis.com` - The legacy Cloud Monitoring service (no longer available as of GKE 1.15). * `none` - No metrics will be exported from the cluster. If left as an empty string,`monitoring.googleapis.com/kubernetes` will be used for GKE 1.14+ or `monitoring.googleapis.com` for earlier versions." }, "desiredNetworkPerformanceConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:ClusterNetworkPerformanceConfig", "description": "The desired network performance config." }, "desiredNodePoolAutoConfigNetworkTags": { "$ref": "#/types/google-native:container%2Fv1beta1:NetworkTags", "description": "The desired network tags that apply to all auto-provisioned node pools in autopilot clusters and node auto-provisioning enabled clusters." }, "desiredNodePoolAutoConfigResourceManagerTags": { "$ref": "#/types/google-native:container%2Fv1beta1:ResourceManagerTags", "description": "The desired resource manager tags that apply to all auto-provisioned node pools in autopilot clusters and node auto-provisioning enabled clusters." }, "desiredNodePoolAutoscaling": { "$ref": "#/types/google-native:container%2Fv1beta1:NodePoolAutoscaling", "description": "Autoscaler configuration for the node pool specified in desired_node_pool_id. If there is only one pool in the cluster and desired_node_pool_id is not provided then the change applies to that single node pool." }, "desiredNodePoolId": { "type": "string", "description": "The node pool to be upgraded. This field is mandatory if \"desired_node_version\", \"desired_image_family\", \"desired_node_pool_autoscaling\", or \"desired_workload_metadata_config\" is specified and there is more than one node pool on the cluster." }, "desiredNodePoolLoggingConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:NodePoolLoggingConfig", "description": "The desired node pool logging configuration defaults for the cluster." }, "desiredNodeVersion": { "type": "string", "description": "The Kubernetes version to change the nodes to (typically an upgrade). Users may specify either explicit versions offered by Kubernetes Engine or version aliases, which have the following behavior: - \"latest\": picks the highest valid Kubernetes version - \"1.X\": picks the highest valid patch+gke.N patch in the 1.X version - \"1.X.Y\": picks the highest valid gke.N patch in the 1.X.Y version - \"1.X.Y-gke.N\": picks an explicit Kubernetes version - \"-\": picks the Kubernetes master version" }, "desiredNotificationConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:NotificationConfig", "description": "The desired notification configuration." }, "desiredParentProductConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:ParentProductConfig", "description": "The desired parent product config for the cluster." }, "desiredPodSecurityPolicyConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:PodSecurityPolicyConfig", "description": "The desired configuration options for the PodSecurityPolicy feature." }, "desiredPrivateClusterConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:PrivateClusterConfig", "description": "The desired private cluster configuration." }, "desiredPrivateIpv6GoogleAccess": { "$ref": "#/types/google-native:container%2Fv1beta1:ClusterUpdateDesiredPrivateIpv6GoogleAccess", "description": "The desired state of IPv6 connectivity to Google Services." }, "desiredProtectConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:ProtectConfig", "description": "Deprecated: Use DesiredSecurityPostureConfig instead. Enable/Disable Protect API features for the cluster.", "deprecationMessage": "Deprecated: Use DesiredSecurityPostureConfig instead. Enable/Disable Protect API features for the cluster." }, "desiredReleaseChannel": { "$ref": "#/types/google-native:container%2Fv1beta1:ReleaseChannel", "description": "The desired release channel configuration." }, "desiredResourceUsageExportConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:ResourceUsageExportConfig", "description": "The desired configuration for exporting resource usage." }, "desiredSecurityPostureConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:SecurityPostureConfig", "description": "Enable/Disable Security Posture API features for the cluster." }, "desiredServiceExternalIpsConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:ServiceExternalIPsConfig", "description": "ServiceExternalIPsConfig specifies the config for the use of Services with ExternalIPs field." }, "desiredShieldedNodes": { "$ref": "#/types/google-native:container%2Fv1beta1:ShieldedNodes", "description": "Configuration for Shielded Nodes." }, "desiredStackType": { "$ref": "#/types/google-native:container%2Fv1beta1:ClusterUpdateDesiredStackType", "description": "The desired stack type of the cluster. If a stack type is provided and does not match the current stack type of the cluster, update will attempt to change the stack type to the new type." }, "desiredTpuConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:TpuConfig", "description": "The desired Cloud TPU configuration." }, "desiredVerticalPodAutoscaling": { "$ref": "#/types/google-native:container%2Fv1beta1:VerticalPodAutoscaling", "description": "Cluster-level Vertical Pod Autoscaling configuration." }, "desiredWorkloadAltsConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:WorkloadALTSConfig", "description": "Configuration for direct-path (via ALTS) with workload identity." }, "desiredWorkloadCertificates": { "$ref": "#/types/google-native:container%2Fv1beta1:WorkloadCertificates", "description": "Configuration for issuance of mTLS keys and certificates to Kubernetes pods." }, "desiredWorkloadIdentityConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:WorkloadIdentityConfig", "description": "Configuration for Workload Identity." }, "enableK8sBetaApis": { "$ref": "#/types/google-native:container%2Fv1beta1:K8sBetaAPIConfig", "description": "Kubernetes open source beta apis enabled on the cluster. Only beta apis" }, "etag": { "type": "string", "description": "The current etag of the cluster. If an etag is provided and does not match the current etag of the cluster, update will be blocked and an ABORTED error will be returned." }, "removedAdditionalPodRangesConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:AdditionalPodRangesConfig", "description": "The additional pod ranges that are to be removed from the cluster. The pod ranges specified here must have been specified earlier in the 'additional_pod_ranges_config' argument." } }, "type": "object" }, "google-native:container/v1beta1:ClusterUpdateDesiredDatapathProvider": { "description": "The desired datapath provider for the cluster.", "type": "string", "enum": [ { "name": "DatapathProviderUnspecified", "description": "Default value.", "value": "DATAPATH_PROVIDER_UNSPECIFIED" }, { "name": "LegacyDatapath", "description": "Use the IPTables implementation based on kube-proxy.", "value": "LEGACY_DATAPATH" }, { "name": "AdvancedDatapath", "description": "Use the eBPF based GKE Dataplane V2 with additional features. See the [GKE Dataplane V2 documentation](https://cloud.google.com/kubernetes-engine/docs/how-to/dataplane-v2) for more.", "value": "ADVANCED_DATAPATH" } ] }, "google-native:container/v1beta1:ClusterUpdateDesiredInTransitEncryptionConfig": { "description": "Specify the details of in-transit encryption.", "type": "string", "enum": [ { "name": "InTransitEncryptionConfigUnspecified", "description": "Unspecified, will be inferred as default - IN_TRANSIT_ENCRYPTION_UNSPECIFIED.", "value": "IN_TRANSIT_ENCRYPTION_CONFIG_UNSPECIFIED" }, { "name": "InTransitEncryptionDisabled", "description": "In-transit encryption is disabled.", "value": "IN_TRANSIT_ENCRYPTION_DISABLED" }, { "name": "InTransitEncryptionInterNodeTransparent", "description": "Data in-transit is encrypted using inter-node transparent encryption.", "value": "IN_TRANSIT_ENCRYPTION_INTER_NODE_TRANSPARENT" } ] }, "google-native:container/v1beta1:ClusterUpdateDesiredPrivateIpv6GoogleAccess": { "description": "The desired state of IPv6 connectivity to Google Services.", "type": "string", "enum": [ { "name": "PrivateIpv6GoogleAccessUnspecified", "description": "Default value. Same as DISABLED", "value": "PRIVATE_IPV6_GOOGLE_ACCESS_UNSPECIFIED" }, { "name": "PrivateIpv6GoogleAccessDisabled", "description": "No private access to or from Google Services", "value": "PRIVATE_IPV6_GOOGLE_ACCESS_DISABLED" }, { "name": "PrivateIpv6GoogleAccessToGoogle", "description": "Enables private IPv6 access to Google Services from GKE", "value": "PRIVATE_IPV6_GOOGLE_ACCESS_TO_GOOGLE" }, { "name": "PrivateIpv6GoogleAccessBidirectional", "description": "Enables private IPv6 access to and from Google Services", "value": "PRIVATE_IPV6_GOOGLE_ACCESS_BIDIRECTIONAL" } ] }, "google-native:container/v1beta1:ClusterUpdateDesiredStackType": { "description": "The desired stack type of the cluster. If a stack type is provided and does not match the current stack type of the cluster, update will attempt to change the stack type to the new type.", "type": "string", "enum": [ { "name": "StackTypeUnspecified", "description": "By default, the clusters will be IPV4 only", "value": "STACK_TYPE_UNSPECIFIED" }, { "name": "Ipv4", "description": "The value used if the cluster is a IPV4 only", "value": "IPV4" }, { "name": "Ipv4Ipv6", "description": "The value used if the cluster is a dual stack cluster", "value": "IPV4_IPV6" } ] }, "google-native:container/v1beta1:ConfidentialNodes": { "description": "ConfidentialNodes is configuration for the confidential nodes feature, which makes nodes run on confidential VMs.", "properties": { "enabled": { "type": "boolean", "description": "Whether Confidential Nodes feature is enabled." } }, "type": "object" }, "google-native:container/v1beta1:ConfidentialNodesResponse": { "description": "ConfidentialNodes is configuration for the confidential nodes feature, which makes nodes run on confidential VMs.", "properties": { "enabled": { "type": "boolean", "description": "Whether Confidential Nodes feature is enabled." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1beta1:ConfigConnectorConfig": { "description": "Configuration options for the Config Connector add-on.", "properties": { "enabled": { "type": "boolean", "description": "Whether Cloud Connector is enabled for this cluster." } }, "type": "object" }, "google-native:container/v1beta1:ConfigConnectorConfigResponse": { "description": "Configuration options for the Config Connector add-on.", "properties": { "enabled": { "type": "boolean", "description": "Whether Cloud Connector is enabled for this cluster." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1beta1:ConsumptionMeteringConfig": { "description": "Parameters for controlling consumption metering.", "properties": { "enabled": { "type": "boolean", "description": "Whether to enable consumption metering for this cluster. If enabled, a second BigQuery table will be created to hold resource consumption records." } }, "type": "object" }, "google-native:container/v1beta1:ConsumptionMeteringConfigResponse": { "description": "Parameters for controlling consumption metering.", "properties": { "enabled": { "type": "boolean", "description": "Whether to enable consumption metering for this cluster. If enabled, a second BigQuery table will be created to hold resource consumption records." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1beta1:CostManagementConfig": { "description": "Configuration for fine-grained cost management feature.", "properties": { "enabled": { "type": "boolean", "description": "Whether the feature is enabled or not." } }, "type": "object" }, "google-native:container/v1beta1:CostManagementConfigResponse": { "description": "Configuration for fine-grained cost management feature.", "properties": { "enabled": { "type": "boolean", "description": "Whether the feature is enabled or not." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1beta1:DNSConfig": { "description": "DNSConfig contains the desired set of options for configuring clusterDNS.", "properties": { "clusterDns": { "$ref": "#/types/google-native:container%2Fv1beta1:DNSConfigClusterDns", "description": "cluster_dns indicates which in-cluster DNS provider should be used." }, "clusterDnsDomain": { "type": "string", "description": "cluster_dns_domain is the suffix used for all cluster service records." }, "clusterDnsScope": { "$ref": "#/types/google-native:container%2Fv1beta1:DNSConfigClusterDnsScope", "description": "cluster_dns_scope indicates the scope of access to cluster DNS records." } }, "type": "object" }, "google-native:container/v1beta1:DNSConfigClusterDns": { "description": "cluster_dns indicates which in-cluster DNS provider should be used.", "type": "string", "enum": [ { "name": "ProviderUnspecified", "description": "Default value", "value": "PROVIDER_UNSPECIFIED" }, { "name": "PlatformDefault", "description": "Use GKE default DNS provider(kube-dns) for DNS resolution.", "value": "PLATFORM_DEFAULT" }, { "name": "CloudDns", "description": "Use CloudDNS for DNS resolution.", "value": "CLOUD_DNS" }, { "name": "KubeDns", "description": "Use KubeDNS for DNS resolution.", "value": "KUBE_DNS" } ] }, "google-native:container/v1beta1:DNSConfigClusterDnsScope": { "description": "cluster_dns_scope indicates the scope of access to cluster DNS records.", "type": "string", "enum": [ { "name": "DnsScopeUnspecified", "description": "Default value, will be inferred as cluster scope.", "value": "DNS_SCOPE_UNSPECIFIED" }, { "name": "ClusterScope", "description": "DNS records are accessible from within the cluster.", "value": "CLUSTER_SCOPE" }, { "name": "VpcScope", "description": "DNS records are accessible from within the VPC.", "value": "VPC_SCOPE" } ] }, "google-native:container/v1beta1:DNSConfigResponse": { "description": "DNSConfig contains the desired set of options for configuring clusterDNS.", "properties": { "clusterDns": { "type": "string", "description": "cluster_dns indicates which in-cluster DNS provider should be used." }, "clusterDnsDomain": { "type": "string", "description": "cluster_dns_domain is the suffix used for all cluster service records." }, "clusterDnsScope": { "type": "string", "description": "cluster_dns_scope indicates the scope of access to cluster DNS records." } }, "type": "object", "required": [ "clusterDns", "clusterDnsDomain", "clusterDnsScope" ] }, "google-native:container/v1beta1:DailyMaintenanceWindow": { "description": "Time window specified for daily maintenance operations.", "properties": { "startTime": { "type": "string", "description": "Time within the maintenance window to start the maintenance operations. It must be in format \"HH:MM\", where HH : [00-23] and MM : [00-59] GMT." } }, "type": "object" }, "google-native:container/v1beta1:DailyMaintenanceWindowResponse": { "description": "Time window specified for daily maintenance operations.", "properties": { "duration": { "type": "string", "description": "[Output only] Duration of the time window, automatically chosen to be smallest possible in the given scenario." }, "startTime": { "type": "string", "description": "Time within the maintenance window to start the maintenance operations. It must be in format \"HH:MM\", where HH : [00-23] and MM : [00-59] GMT." } }, "type": "object", "required": [ "duration", "startTime" ] }, "google-native:container/v1beta1:DatabaseEncryption": { "description": "Configuration of etcd encryption.", "properties": { "keyName": { "type": "string", "description": "Name of CloudKMS key to use for the encryption of secrets in etcd. Ex. projects/my-project/locations/global/keyRings/my-ring/cryptoKeys/my-key" }, "state": { "$ref": "#/types/google-native:container%2Fv1beta1:DatabaseEncryptionState", "description": "The desired state of etcd encryption." } }, "type": "object" }, "google-native:container/v1beta1:DatabaseEncryptionResponse": { "description": "Configuration of etcd encryption.", "properties": { "keyName": { "type": "string", "description": "Name of CloudKMS key to use for the encryption of secrets in etcd. Ex. projects/my-project/locations/global/keyRings/my-ring/cryptoKeys/my-key" }, "state": { "type": "string", "description": "The desired state of etcd encryption." } }, "type": "object", "required": [ "keyName", "state" ] }, "google-native:container/v1beta1:DatabaseEncryptionState": { "description": "The desired state of etcd encryption.", "type": "string", "enum": [ { "name": "Unknown", "description": "Should never be set", "value": "UNKNOWN" }, { "name": "Encrypted", "description": "Secrets in etcd are encrypted.", "value": "ENCRYPTED" }, { "name": "Decrypted", "description": "Secrets in etcd are stored in plain text (at etcd level) - this is unrelated to Compute Engine level full disk encryption.", "value": "DECRYPTED" } ] }, "google-native:container/v1beta1:DefaultSnatStatus": { "description": "DefaultSnatStatus contains the desired state of whether default sNAT should be disabled on the cluster.", "properties": { "disabled": { "type": "boolean", "description": "Disables cluster default sNAT rules." } }, "type": "object" }, "google-native:container/v1beta1:DefaultSnatStatusResponse": { "description": "DefaultSnatStatus contains the desired state of whether default sNAT should be disabled on the cluster.", "properties": { "disabled": { "type": "boolean", "description": "Disables cluster default sNAT rules." } }, "type": "object", "required": [ "disabled" ] }, "google-native:container/v1beta1:DnsCacheConfig": { "description": "Configuration for NodeLocal DNSCache", "properties": { "enabled": { "type": "boolean", "description": "Whether NodeLocal DNSCache is enabled for this cluster." } }, "type": "object" }, "google-native:container/v1beta1:DnsCacheConfigResponse": { "description": "Configuration for NodeLocal DNSCache", "properties": { "enabled": { "type": "boolean", "description": "Whether NodeLocal DNSCache is enabled for this cluster." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1beta1:EnterpriseConfig": { "description": "EnterpriseConfig is the cluster enterprise configuration.", "type": "object" }, "google-native:container/v1beta1:EnterpriseConfigResponse": { "description": "EnterpriseConfig is the cluster enterprise configuration.", "properties": { "clusterTier": { "type": "string", "description": "[Output only] cluster_tier specifies the premium tier of the cluster." } }, "type": "object", "required": [ "clusterTier" ] }, "google-native:container/v1beta1:EphemeralStorageConfig": { "description": "EphemeralStorageConfig contains configuration for the ephemeral storage filesystem.", "properties": { "localSsdCount": { "type": "integer", "description": "Number of local SSDs to use to back ephemeral storage. Uses NVMe interfaces. The limit for this value is dependent upon the maximum number of disk available on a machine per zone. See: https://cloud.google.com/compute/docs/disks/local-ssd for more information. A zero (or unset) value has different meanings depending on machine type being used: 1. For pre-Gen3 machines, which support flexible numbers of local ssds, zero (or unset) means to disable using local SSDs as ephemeral storage. 2. For Gen3 machines which dictate a specific number of local ssds, zero (or unset) means to use the default number of local ssds that goes with that machine type. For example, for a c3-standard-8-lssd machine, 2 local ssds would be provisioned. For c3-standard-8 (which doesn't support local ssds), 0 will be provisioned. See https://cloud.google.com/compute/docs/disks/local-ssd#choose_number_local_ssds for more info." } }, "type": "object" }, "google-native:container/v1beta1:EphemeralStorageConfigResponse": { "description": "EphemeralStorageConfig contains configuration for the ephemeral storage filesystem.", "properties": { "localSsdCount": { "type": "integer", "description": "Number of local SSDs to use to back ephemeral storage. Uses NVMe interfaces. The limit for this value is dependent upon the maximum number of disk available on a machine per zone. See: https://cloud.google.com/compute/docs/disks/local-ssd for more information. A zero (or unset) value has different meanings depending on machine type being used: 1. For pre-Gen3 machines, which support flexible numbers of local ssds, zero (or unset) means to disable using local SSDs as ephemeral storage. 2. For Gen3 machines which dictate a specific number of local ssds, zero (or unset) means to use the default number of local ssds that goes with that machine type. For example, for a c3-standard-8-lssd machine, 2 local ssds would be provisioned. For c3-standard-8 (which doesn't support local ssds), 0 will be provisioned. See https://cloud.google.com/compute/docs/disks/local-ssd#choose_number_local_ssds for more info." } }, "type": "object", "required": [ "localSsdCount" ] }, "google-native:container/v1beta1:EphemeralStorageLocalSsdConfig": { "description": "EphemeralStorageLocalSsdConfig contains configuration for the node ephemeral storage using Local SSDs.", "properties": { "localSsdCount": { "type": "integer", "description": "Number of local SSDs to use to back ephemeral storage. Uses NVMe interfaces. A zero (or unset) value has different meanings depending on machine type being used: 1. For pre-Gen3 machines, which support flexible numbers of local ssds, zero (or unset) means to disable using local SSDs as ephemeral storage. The limit for this value is dependent upon the maximum number of disk available on a machine per zone. See: https://cloud.google.com/compute/docs/disks/local-ssd for more information. 2. For Gen3 machines which dictate a specific number of local ssds, zero (or unset) means to use the default number of local ssds that goes with that machine type. For example, for a c3-standard-8-lssd machine, 2 local ssds would be provisioned. For c3-standard-8 (which doesn't support local ssds), 0 will be provisioned. See https://cloud.google.com/compute/docs/disks/local-ssd#choose_number_local_ssds for more info." } }, "type": "object" }, "google-native:container/v1beta1:EphemeralStorageLocalSsdConfigResponse": { "description": "EphemeralStorageLocalSsdConfig contains configuration for the node ephemeral storage using Local SSDs.", "properties": { "localSsdCount": { "type": "integer", "description": "Number of local SSDs to use to back ephemeral storage. Uses NVMe interfaces. A zero (or unset) value has different meanings depending on machine type being used: 1. For pre-Gen3 machines, which support flexible numbers of local ssds, zero (or unset) means to disable using local SSDs as ephemeral storage. The limit for this value is dependent upon the maximum number of disk available on a machine per zone. See: https://cloud.google.com/compute/docs/disks/local-ssd for more information. 2. For Gen3 machines which dictate a specific number of local ssds, zero (or unset) means to use the default number of local ssds that goes with that machine type. For example, for a c3-standard-8-lssd machine, 2 local ssds would be provisioned. For c3-standard-8 (which doesn't support local ssds), 0 will be provisioned. See https://cloud.google.com/compute/docs/disks/local-ssd#choose_number_local_ssds for more info." } }, "type": "object", "required": [ "localSsdCount" ] }, "google-native:container/v1beta1:FastSocket": { "description": "Configuration of Fast Socket feature.", "properties": { "enabled": { "type": "boolean", "description": "Whether Fast Socket features are enabled in the node pool." } }, "type": "object" }, "google-native:container/v1beta1:FastSocketResponse": { "description": "Configuration of Fast Socket feature.", "properties": { "enabled": { "type": "boolean", "description": "Whether Fast Socket features are enabled in the node pool." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1beta1:Filter": { "description": "Allows filtering to one or more specific event types. If event types are present, those and only those event types will be transmitted to the cluster. Other types will be skipped. If no filter is specified, or no event types are present, all event types will be sent", "properties": { "eventType": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1beta1:FilterEventTypeItem" }, "description": "Event types to allowlist." } }, "type": "object" }, "google-native:container/v1beta1:FilterEventTypeItem": { "type": "string", "enum": [ { "name": "EventTypeUnspecified", "description": "Not set, will be ignored.", "value": "EVENT_TYPE_UNSPECIFIED" }, { "name": "UpgradeAvailableEvent", "description": "Corresponds with UpgradeAvailableEvent.", "value": "UPGRADE_AVAILABLE_EVENT" }, { "name": "UpgradeEvent", "description": "Corresponds with UpgradeEvent.", "value": "UPGRADE_EVENT" }, { "name": "SecurityBulletinEvent", "description": "Corresponds with SecurityBulletinEvent.", "value": "SECURITY_BULLETIN_EVENT" } ] }, "google-native:container/v1beta1:FilterResponse": { "description": "Allows filtering to one or more specific event types. If event types are present, those and only those event types will be transmitted to the cluster. Other types will be skipped. If no filter is specified, or no event types are present, all event types will be sent", "properties": { "eventType": { "type": "array", "items": { "type": "string" }, "description": "Event types to allowlist." } }, "type": "object", "required": [ "eventType" ] }, "google-native:container/v1beta1:Fleet": { "description": "Fleet is the fleet configuration for the cluster.", "properties": { "project": { "type": "string", "description": "The Fleet host project(project ID or project number) where this cluster will be registered to. This field cannot be changed after the cluster has been registered." } }, "type": "object" }, "google-native:container/v1beta1:FleetResponse": { "description": "Fleet is the fleet configuration for the cluster.", "properties": { "membership": { "type": "string", "description": "[Output only] The full resource name of the registered fleet membership of the cluster, in the format `//gkehub.googleapis.com/projects/*/locations/*/memberships/*`." }, "preRegistered": { "type": "boolean", "description": "[Output only] Whether the cluster has been registered through the fleet API." }, "project": { "type": "string", "description": "The Fleet host project(project ID or project number) where this cluster will be registered to. This field cannot be changed after the cluster has been registered." } }, "type": "object", "required": [ "membership", "preRegistered", "project" ] }, "google-native:container/v1beta1:GPUDriverInstallationConfig": { "description": "GPUDriverInstallationConfig specifies the version of GPU driver to be auto installed.", "properties": { "gpuDriverVersion": { "$ref": "#/types/google-native:container%2Fv1beta1:GPUDriverInstallationConfigGpuDriverVersion", "description": "Mode for how the GPU driver is installed." } }, "type": "object" }, "google-native:container/v1beta1:GPUDriverInstallationConfigGpuDriverVersion": { "description": "Mode for how the GPU driver is installed.", "type": "string", "enum": [ { "name": "GpuDriverVersionUnspecified", "description": "Default value is to not install any GPU driver.", "value": "GPU_DRIVER_VERSION_UNSPECIFIED" }, { "name": "InstallationDisabled", "description": "Disable GPU driver auto installation and needs manual installation", "value": "INSTALLATION_DISABLED" }, { "name": "Default", "description": "\"Default\" GPU driver in COS and Ubuntu.", "value": "DEFAULT" }, { "name": "Latest", "description": "\"Latest\" GPU driver in COS.", "value": "LATEST" } ] }, "google-native:container/v1beta1:GPUDriverInstallationConfigResponse": { "description": "GPUDriverInstallationConfig specifies the version of GPU driver to be auto installed.", "properties": { "gpuDriverVersion": { "type": "string", "description": "Mode for how the GPU driver is installed." } }, "type": "object", "required": [ "gpuDriverVersion" ] }, "google-native:container/v1beta1:GPUSharingConfig": { "description": "GPUSharingConfig represents the GPU sharing configuration for Hardware Accelerators.", "properties": { "gpuSharingStrategy": { "$ref": "#/types/google-native:container%2Fv1beta1:GPUSharingConfigGpuSharingStrategy", "description": "The type of GPU sharing strategy to enable on the GPU node." }, "maxSharedClientsPerGpu": { "type": "string", "description": "The max number of containers that can share a physical GPU." } }, "type": "object" }, "google-native:container/v1beta1:GPUSharingConfigGpuSharingStrategy": { "description": "The type of GPU sharing strategy to enable on the GPU node.", "type": "string", "enum": [ { "name": "GpuSharingStrategyUnspecified", "description": "Default value.", "value": "GPU_SHARING_STRATEGY_UNSPECIFIED" }, { "name": "TimeSharing", "description": "GPUs are time-shared between containers.", "value": "TIME_SHARING" } ] }, "google-native:container/v1beta1:GPUSharingConfigResponse": { "description": "GPUSharingConfig represents the GPU sharing configuration for Hardware Accelerators.", "properties": { "gpuSharingStrategy": { "type": "string", "description": "The type of GPU sharing strategy to enable on the GPU node." }, "maxSharedClientsPerGpu": { "type": "string", "description": "The max number of containers that can share a physical GPU." } }, "type": "object", "required": [ "gpuSharingStrategy", "maxSharedClientsPerGpu" ] }, "google-native:container/v1beta1:GatewayAPIConfig": { "description": "GatewayAPIConfig contains the desired config of Gateway API on this cluster.", "properties": { "channel": { "$ref": "#/types/google-native:container%2Fv1beta1:GatewayAPIConfigChannel", "description": "The Gateway API release channel to use for Gateway API." } }, "type": "object" }, "google-native:container/v1beta1:GatewayAPIConfigChannel": { "description": "The Gateway API release channel to use for Gateway API.", "type": "string", "enum": [ { "name": "ChannelUnspecified", "description": "Default value.", "value": "CHANNEL_UNSPECIFIED" }, { "name": "ChannelDisabled", "description": "Gateway API support is disabled", "value": "CHANNEL_DISABLED" }, { "name": "ChannelExperimental", "description": "Gateway API support is enabled, experimental CRDs are installed", "value": "CHANNEL_EXPERIMENTAL" }, { "name": "ChannelStandard", "description": "Gateway API support is enabled, standard CRDs are installed", "value": "CHANNEL_STANDARD" } ] }, "google-native:container/v1beta1:GatewayAPIConfigResponse": { "description": "GatewayAPIConfig contains the desired config of Gateway API on this cluster.", "properties": { "channel": { "type": "string", "description": "The Gateway API release channel to use for Gateway API." } }, "type": "object", "required": [ "channel" ] }, "google-native:container/v1beta1:GcePersistentDiskCsiDriverConfig": { "description": "Configuration for the Compute Engine PD CSI driver.", "properties": { "enabled": { "type": "boolean", "description": "Whether the Compute Engine PD CSI driver is enabled for this cluster." } }, "type": "object" }, "google-native:container/v1beta1:GcePersistentDiskCsiDriverConfigResponse": { "description": "Configuration for the Compute Engine PD CSI driver.", "properties": { "enabled": { "type": "boolean", "description": "Whether the Compute Engine PD CSI driver is enabled for this cluster." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1beta1:GcfsConfig": { "description": "GcfsConfig contains configurations of Google Container File System.", "properties": { "enabled": { "type": "boolean", "description": "Whether to use GCFS." } }, "type": "object" }, "google-native:container/v1beta1:GcfsConfigResponse": { "description": "GcfsConfig contains configurations of Google Container File System.", "properties": { "enabled": { "type": "boolean", "description": "Whether to use GCFS." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1beta1:GcpFilestoreCsiDriverConfig": { "description": "Configuration for the GCP Filestore CSI driver.", "properties": { "enabled": { "type": "boolean", "description": "Whether the GCP Filestore CSI driver is enabled for this cluster." } }, "type": "object" }, "google-native:container/v1beta1:GcpFilestoreCsiDriverConfigResponse": { "description": "Configuration for the GCP Filestore CSI driver.", "properties": { "enabled": { "type": "boolean", "description": "Whether the GCP Filestore CSI driver is enabled for this cluster." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1beta1:GcsFuseCsiDriverConfig": { "description": "Configuration for the Cloud Storage Fuse CSI driver.", "properties": { "enabled": { "type": "boolean", "description": "Whether the Cloud Storage Fuse CSI driver is enabled for this cluster." } }, "type": "object" }, "google-native:container/v1beta1:GcsFuseCsiDriverConfigResponse": { "description": "Configuration for the Cloud Storage Fuse CSI driver.", "properties": { "enabled": { "type": "boolean", "description": "Whether the Cloud Storage Fuse CSI driver is enabled for this cluster." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1beta1:GkeBackupAgentConfig": { "description": "Configuration for the Backup for GKE Agent.", "properties": { "enabled": { "type": "boolean", "description": "Whether the Backup for GKE agent is enabled for this cluster." } }, "type": "object" }, "google-native:container/v1beta1:GkeBackupAgentConfigResponse": { "description": "Configuration for the Backup for GKE Agent.", "properties": { "enabled": { "type": "boolean", "description": "Whether the Backup for GKE agent is enabled for this cluster." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1beta1:HorizontalPodAutoscaling": { "description": "Configuration options for the horizontal pod autoscaling feature, which increases or decreases the number of replica pods a replication controller has based on the resource usage of the existing pods.", "properties": { "disabled": { "type": "boolean", "description": "Whether the Horizontal Pod Autoscaling feature is enabled in the cluster. When enabled, it ensures that metrics are collected into Stackdriver Monitoring." } }, "type": "object" }, "google-native:container/v1beta1:HorizontalPodAutoscalingResponse": { "description": "Configuration options for the horizontal pod autoscaling feature, which increases or decreases the number of replica pods a replication controller has based on the resource usage of the existing pods.", "properties": { "disabled": { "type": "boolean", "description": "Whether the Horizontal Pod Autoscaling feature is enabled in the cluster. When enabled, it ensures that metrics are collected into Stackdriver Monitoring." } }, "type": "object", "required": [ "disabled" ] }, "google-native:container/v1beta1:HostMaintenancePolicy": { "description": "HostMaintenancePolicy contains the maintenance policy for the hosts on which the GKE VMs run on.", "properties": { "maintenanceInterval": { "$ref": "#/types/google-native:container%2Fv1beta1:HostMaintenancePolicyMaintenanceInterval", "description": "Specifies the frequency of planned maintenance events." }, "opportunisticMaintenanceStrategy": { "$ref": "#/types/google-native:container%2Fv1beta1:OpportunisticMaintenanceStrategy", "description": "Strategy that will trigger maintenance on behalf of the customer." } }, "type": "object" }, "google-native:container/v1beta1:HostMaintenancePolicyMaintenanceInterval": { "description": "Specifies the frequency of planned maintenance events.", "type": "string", "enum": [ { "name": "MaintenanceIntervalUnspecified", "description": "The maintenance interval is not explicitly specified.", "value": "MAINTENANCE_INTERVAL_UNSPECIFIED" }, { "name": "AsNeeded", "description": "Nodes are eligible to receive infrastructure and hypervisor updates as they become available. This may result in more maintenance operations (live migrations or terminations) for the node than the PERIODIC option.", "value": "AS_NEEDED" }, { "name": "Periodic", "description": "Nodes receive infrastructure and hypervisor updates on a periodic basis, minimizing the number of maintenance operations (live migrations or terminations) on an individual VM. This may mean underlying VMs will take longer to receive an update than if it was configured for AS_NEEDED. Security updates will still be applied as soon as they are available.", "value": "PERIODIC" } ] }, "google-native:container/v1beta1:HostMaintenancePolicyResponse": { "description": "HostMaintenancePolicy contains the maintenance policy for the hosts on which the GKE VMs run on.", "properties": { "maintenanceInterval": { "type": "string", "description": "Specifies the frequency of planned maintenance events." }, "opportunisticMaintenanceStrategy": { "$ref": "#/types/google-native:container%2Fv1beta1:OpportunisticMaintenanceStrategyResponse", "description": "Strategy that will trigger maintenance on behalf of the customer." } }, "type": "object", "required": [ "maintenanceInterval", "opportunisticMaintenanceStrategy" ] }, "google-native:container/v1beta1:HttpLoadBalancing": { "description": "Configuration options for the HTTP (L7) load balancing controller addon, which makes it easy to set up HTTP load balancers for services in a cluster.", "properties": { "disabled": { "type": "boolean", "description": "Whether the HTTP Load Balancing controller is enabled in the cluster. When enabled, it runs a small pod in the cluster that manages the load balancers." } }, "type": "object" }, "google-native:container/v1beta1:HttpLoadBalancingResponse": { "description": "Configuration options for the HTTP (L7) load balancing controller addon, which makes it easy to set up HTTP load balancers for services in a cluster.", "properties": { "disabled": { "type": "boolean", "description": "Whether the HTTP Load Balancing controller is enabled in the cluster. When enabled, it runs a small pod in the cluster that manages the load balancers." } }, "type": "object", "required": [ "disabled" ] }, "google-native:container/v1beta1:ILBSubsettingConfig": { "description": "ILBSubsettingConfig contains the desired config of L4 Internal LoadBalancer subsetting on this cluster.", "properties": { "enabled": { "type": "boolean", "description": "Enables l4 ILB subsetting for this cluster" } }, "type": "object" }, "google-native:container/v1beta1:IPAllocationPolicy": { "description": "Configuration for controlling how IPs are allocated in the cluster.", "properties": { "allowRouteOverlap": { "type": "boolean", "description": "If true, allow allocation of cluster CIDR ranges that overlap with certain kinds of network routes. By default we do not allow cluster CIDR ranges to intersect with any user declared routes. With allow_route_overlap == true, we allow overlapping with CIDR ranges that are larger than the cluster CIDR range. If this field is set to true, then cluster and services CIDRs must be fully-specified (e.g. `10.96.0.0/14`, but not `/14`), which means: 1) When `use_ip_aliases` is true, `cluster_ipv4_cidr_block` and `services_ipv4_cidr_block` must be fully-specified. 2) When `use_ip_aliases` is false, `cluster.cluster_ipv4_cidr` muse be fully-specified." }, "clusterIpv4Cidr": { "type": "string", "description": "This field is deprecated, use cluster_ipv4_cidr_block.", "deprecationMessage": "This field is deprecated, use cluster_ipv4_cidr_block." }, "clusterIpv4CidrBlock": { "type": "string", "description": "The IP address range for the cluster pod IPs. If this field is set, then `cluster.cluster_ipv4_cidr` must be left blank. This field is only applicable when `use_ip_aliases` is true. Set to blank to have a range chosen with the default size. Set to /netmask (e.g. `/14`) to have a range chosen with a specific netmask. Set to a [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range to use." }, "clusterSecondaryRangeName": { "type": "string", "description": "The name of the secondary range to be used for the cluster CIDR block. The secondary range will be used for pod IP addresses. This must be an existing secondary range associated with the cluster subnetwork. This field is only applicable with use_ip_aliases and create_subnetwork is false." }, "createSubnetwork": { "type": "boolean", "description": "Whether a new subnetwork will be created automatically for the cluster. This field is only applicable when `use_ip_aliases` is true." }, "ipv6AccessType": { "$ref": "#/types/google-native:container%2Fv1beta1:IPAllocationPolicyIpv6AccessType", "description": "The ipv6 access type (internal or external) when create_subnetwork is true" }, "nodeIpv4Cidr": { "type": "string", "description": "This field is deprecated, use node_ipv4_cidr_block.", "deprecationMessage": "This field is deprecated, use node_ipv4_cidr_block." }, "nodeIpv4CidrBlock": { "type": "string", "description": "The IP address range of the instance IPs in this cluster. This is applicable only if `create_subnetwork` is true. Set to blank to have a range chosen with the default size. Set to /netmask (e.g. `/14`) to have a range chosen with a specific netmask. Set to a [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range to use." }, "podCidrOverprovisionConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:PodCIDROverprovisionConfig", "description": "[PRIVATE FIELD] Pod CIDR size overprovisioning config for the cluster. Pod CIDR size per node depends on max_pods_per_node. By default, the value of max_pods_per_node is doubled and then rounded off to next power of 2 to get the size of pod CIDR block per node. Example: max_pods_per_node of 30 would result in 64 IPs (/26). This config can disable the doubling of IPs (we still round off to next power of 2) Example: max_pods_per_node of 30 will result in 32 IPs (/27) when overprovisioning is disabled." }, "servicesIpv4Cidr": { "type": "string", "description": "This field is deprecated, use services_ipv4_cidr_block.", "deprecationMessage": "This field is deprecated, use services_ipv4_cidr_block." }, "servicesIpv4CidrBlock": { "type": "string", "description": "The IP address range of the services IPs in this cluster. If blank, a range will be automatically chosen with the default size. This field is only applicable when `use_ip_aliases` is true. Set to blank to have a range chosen with the default size. Set to /netmask (e.g. `/14`) to have a range chosen with a specific netmask. Set to a [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range to use." }, "servicesSecondaryRangeName": { "type": "string", "description": "The name of the secondary range to be used as for the services CIDR block. The secondary range will be used for service ClusterIPs. This must be an existing secondary range associated with the cluster subnetwork. This field is only applicable with use_ip_aliases and create_subnetwork is false." }, "stackType": { "$ref": "#/types/google-native:container%2Fv1beta1:IPAllocationPolicyStackType", "description": "IP stack type" }, "subnetworkName": { "type": "string", "description": "A custom subnetwork name to be used if `create_subnetwork` is true. If this field is empty, then an automatic name will be chosen for the new subnetwork." }, "tpuIpv4CidrBlock": { "type": "string", "description": "The IP address range of the Cloud TPUs in this cluster. If unspecified, a range will be automatically chosen with the default size. This field is only applicable when `use_ip_aliases` is true. If unspecified, the range will use the default size. Set to /netmask (e.g. `/14`) to have a range chosen with a specific netmask. Set to a [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range to use. This field is deprecated, use cluster.tpu_config.ipv4_cidr_block instead.", "deprecationMessage": "The IP address range of the Cloud TPUs in this cluster. If unspecified, a range will be automatically chosen with the default size. This field is only applicable when `use_ip_aliases` is true. If unspecified, the range will use the default size. Set to /netmask (e.g. `/14`) to have a range chosen with a specific netmask. Set to a [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range to use. This field is deprecated, use cluster.tpu_config.ipv4_cidr_block instead." }, "useIpAliases": { "type": "boolean", "description": "Whether alias IPs will be used for pod IPs in the cluster. This is used in conjunction with use_routes. It cannot be true if use_routes is true. If both use_ip_aliases and use_routes are false, then the server picks the default IP allocation mode" }, "useRoutes": { "type": "boolean", "description": "Whether routes will be used for pod IPs in the cluster. This is used in conjunction with use_ip_aliases. It cannot be true if use_ip_aliases is true. If both use_ip_aliases and use_routes are false, then the server picks the default IP allocation mode" } }, "type": "object" }, "google-native:container/v1beta1:IPAllocationPolicyIpv6AccessType": { "description": "The ipv6 access type (internal or external) when create_subnetwork is true", "type": "string", "enum": [ { "name": "Ipv6AccessTypeUnspecified", "description": "Default value, will be defaulted as type external.", "value": "IPV6_ACCESS_TYPE_UNSPECIFIED" }, { "name": "Internal", "description": "Access type internal (all v6 addresses are internal IPs)", "value": "INTERNAL" }, { "name": "External", "description": "Access type external (all v6 addresses are external IPs)", "value": "EXTERNAL" } ] }, "google-native:container/v1beta1:IPAllocationPolicyResponse": { "description": "Configuration for controlling how IPs are allocated in the cluster.", "properties": { "additionalPodRangesConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:AdditionalPodRangesConfigResponse", "description": "[Output only] The additional pod ranges that are added to the cluster. These pod ranges can be used by new node pools to allocate pod IPs automatically. Once the range is removed it will not show up in IPAllocationPolicy." }, "allowRouteOverlap": { "type": "boolean", "description": "If true, allow allocation of cluster CIDR ranges that overlap with certain kinds of network routes. By default we do not allow cluster CIDR ranges to intersect with any user declared routes. With allow_route_overlap == true, we allow overlapping with CIDR ranges that are larger than the cluster CIDR range. If this field is set to true, then cluster and services CIDRs must be fully-specified (e.g. `10.96.0.0/14`, but not `/14`), which means: 1) When `use_ip_aliases` is true, `cluster_ipv4_cidr_block` and `services_ipv4_cidr_block` must be fully-specified. 2) When `use_ip_aliases` is false, `cluster.cluster_ipv4_cidr` muse be fully-specified." }, "clusterIpv4Cidr": { "type": "string", "description": "This field is deprecated, use cluster_ipv4_cidr_block.", "deprecationMessage": "This field is deprecated, use cluster_ipv4_cidr_block." }, "clusterIpv4CidrBlock": { "type": "string", "description": "The IP address range for the cluster pod IPs. If this field is set, then `cluster.cluster_ipv4_cidr` must be left blank. This field is only applicable when `use_ip_aliases` is true. Set to blank to have a range chosen with the default size. Set to /netmask (e.g. `/14`) to have a range chosen with a specific netmask. Set to a [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range to use." }, "clusterSecondaryRangeName": { "type": "string", "description": "The name of the secondary range to be used for the cluster CIDR block. The secondary range will be used for pod IP addresses. This must be an existing secondary range associated with the cluster subnetwork. This field is only applicable with use_ip_aliases and create_subnetwork is false." }, "createSubnetwork": { "type": "boolean", "description": "Whether a new subnetwork will be created automatically for the cluster. This field is only applicable when `use_ip_aliases` is true." }, "defaultPodIpv4RangeUtilization": { "type": "number", "description": "[Output only] The utilization of the cluster default IPv4 range for the pod. The ratio is Usage/[Total number of IPs in the secondary range], Usage=numNodes*numZones*podIPsPerNode." }, "ipv6AccessType": { "type": "string", "description": "The ipv6 access type (internal or external) when create_subnetwork is true" }, "nodeIpv4Cidr": { "type": "string", "description": "This field is deprecated, use node_ipv4_cidr_block.", "deprecationMessage": "This field is deprecated, use node_ipv4_cidr_block." }, "nodeIpv4CidrBlock": { "type": "string", "description": "The IP address range of the instance IPs in this cluster. This is applicable only if `create_subnetwork` is true. Set to blank to have a range chosen with the default size. Set to /netmask (e.g. `/14`) to have a range chosen with a specific netmask. Set to a [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range to use." }, "podCidrOverprovisionConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:PodCIDROverprovisionConfigResponse", "description": "[PRIVATE FIELD] Pod CIDR size overprovisioning config for the cluster. Pod CIDR size per node depends on max_pods_per_node. By default, the value of max_pods_per_node is doubled and then rounded off to next power of 2 to get the size of pod CIDR block per node. Example: max_pods_per_node of 30 would result in 64 IPs (/26). This config can disable the doubling of IPs (we still round off to next power of 2) Example: max_pods_per_node of 30 will result in 32 IPs (/27) when overprovisioning is disabled." }, "servicesIpv4Cidr": { "type": "string", "description": "This field is deprecated, use services_ipv4_cidr_block.", "deprecationMessage": "This field is deprecated, use services_ipv4_cidr_block." }, "servicesIpv4CidrBlock": { "type": "string", "description": "The IP address range of the services IPs in this cluster. If blank, a range will be automatically chosen with the default size. This field is only applicable when `use_ip_aliases` is true. Set to blank to have a range chosen with the default size. Set to /netmask (e.g. `/14`) to have a range chosen with a specific netmask. Set to a [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range to use." }, "servicesIpv6CidrBlock": { "type": "string", "description": "[Output only] The services IPv6 CIDR block for the cluster." }, "servicesSecondaryRangeName": { "type": "string", "description": "The name of the secondary range to be used as for the services CIDR block. The secondary range will be used for service ClusterIPs. This must be an existing secondary range associated with the cluster subnetwork. This field is only applicable with use_ip_aliases and create_subnetwork is false." }, "stackType": { "type": "string", "description": "IP stack type" }, "subnetIpv6CidrBlock": { "type": "string", "description": "[Output only] The subnet's IPv6 CIDR block used by nodes and pods." }, "subnetworkName": { "type": "string", "description": "A custom subnetwork name to be used if `create_subnetwork` is true. If this field is empty, then an automatic name will be chosen for the new subnetwork." }, "tpuIpv4CidrBlock": { "type": "string", "description": "The IP address range of the Cloud TPUs in this cluster. If unspecified, a range will be automatically chosen with the default size. This field is only applicable when `use_ip_aliases` is true. If unspecified, the range will use the default size. Set to /netmask (e.g. `/14`) to have a range chosen with a specific netmask. Set to a [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range to use. This field is deprecated, use cluster.tpu_config.ipv4_cidr_block instead.", "deprecationMessage": "The IP address range of the Cloud TPUs in this cluster. If unspecified, a range will be automatically chosen with the default size. This field is only applicable when `use_ip_aliases` is true. If unspecified, the range will use the default size. Set to /netmask (e.g. `/14`) to have a range chosen with a specific netmask. Set to a [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`) from the RFC-1918 private networks (e.g. `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`) to pick a specific range to use. This field is deprecated, use cluster.tpu_config.ipv4_cidr_block instead." }, "useIpAliases": { "type": "boolean", "description": "Whether alias IPs will be used for pod IPs in the cluster. This is used in conjunction with use_routes. It cannot be true if use_routes is true. If both use_ip_aliases and use_routes are false, then the server picks the default IP allocation mode" }, "useRoutes": { "type": "boolean", "description": "Whether routes will be used for pod IPs in the cluster. This is used in conjunction with use_ip_aliases. It cannot be true if use_ip_aliases is true. If both use_ip_aliases and use_routes are false, then the server picks the default IP allocation mode" } }, "type": "object", "required": [ "additionalPodRangesConfig", "allowRouteOverlap", "clusterIpv4Cidr", "clusterIpv4CidrBlock", "clusterSecondaryRangeName", "createSubnetwork", "defaultPodIpv4RangeUtilization", "ipv6AccessType", "nodeIpv4Cidr", "nodeIpv4CidrBlock", "podCidrOverprovisionConfig", "servicesIpv4Cidr", "servicesIpv4CidrBlock", "servicesIpv6CidrBlock", "servicesSecondaryRangeName", "stackType", "subnetIpv6CidrBlock", "subnetworkName", "tpuIpv4CidrBlock", "useIpAliases", "useRoutes" ] }, "google-native:container/v1beta1:IPAllocationPolicyStackType": { "description": "IP stack type", "type": "string", "enum": [ { "name": "StackTypeUnspecified", "description": "By default, the clusters will be IPV4 only", "value": "STACK_TYPE_UNSPECIFIED" }, { "name": "Ipv4", "description": "The value used if the cluster is a IPV4 only", "value": "IPV4" }, { "name": "Ipv4Ipv6", "description": "The value used if the cluster is a dual stack cluster", "value": "IPV4_IPV6" } ] }, "google-native:container/v1beta1:IdentityServiceConfig": { "description": "IdentityServiceConfig is configuration for Identity Service which allows customers to use external identity providers with the K8S API", "properties": { "enabled": { "type": "boolean", "description": "Whether to enable the Identity Service component" } }, "type": "object" }, "google-native:container/v1beta1:IdentityServiceConfigResponse": { "description": "IdentityServiceConfig is configuration for Identity Service which allows customers to use external identity providers with the K8S API", "properties": { "enabled": { "type": "boolean", "description": "Whether to enable the Identity Service component" } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1beta1:IntraNodeVisibilityConfig": { "description": "IntraNodeVisibilityConfig contains the desired config of the intra-node visibility on this cluster.", "properties": { "enabled": { "type": "boolean", "description": "Enables intra node visibility for this cluster." } }, "type": "object" }, "google-native:container/v1beta1:IstioConfig": { "description": "Configuration options for Istio addon.", "properties": { "auth": { "$ref": "#/types/google-native:container%2Fv1beta1:IstioConfigAuth", "description": "The specified Istio auth mode, either none, or mutual TLS." }, "disabled": { "type": "boolean", "description": "Whether Istio is enabled for this cluster." } }, "type": "object" }, "google-native:container/v1beta1:IstioConfigAuth": { "description": "The specified Istio auth mode, either none, or mutual TLS.", "type": "string", "enum": [ { "name": "AuthNone", "description": "auth not enabled", "value": "AUTH_NONE" }, { "name": "AuthMutualTls", "description": "auth mutual TLS enabled", "value": "AUTH_MUTUAL_TLS" } ] }, "google-native:container/v1beta1:IstioConfigResponse": { "description": "Configuration options for Istio addon.", "properties": { "auth": { "type": "string", "description": "The specified Istio auth mode, either none, or mutual TLS." }, "disabled": { "type": "boolean", "description": "Whether Istio is enabled for this cluster." } }, "type": "object", "required": [ "auth", "disabled" ] }, "google-native:container/v1beta1:K8sBetaAPIConfig": { "description": "Kubernetes open source beta apis enabled on the cluster.", "properties": { "enabledApis": { "type": "array", "items": { "type": "string" }, "description": "api name, e.g. storage.k8s.io/v1beta1/csistoragecapacities." } }, "type": "object" }, "google-native:container/v1beta1:K8sBetaAPIConfigResponse": { "description": "Kubernetes open source beta apis enabled on the cluster.", "properties": { "enabledApis": { "type": "array", "items": { "type": "string" }, "description": "api name, e.g. storage.k8s.io/v1beta1/csistoragecapacities." } }, "type": "object", "required": [ "enabledApis" ] }, "google-native:container/v1beta1:KalmConfig": { "description": "Configuration options for the KALM addon.", "properties": { "enabled": { "type": "boolean", "description": "Whether KALM is enabled for this cluster." } }, "type": "object" }, "google-native:container/v1beta1:KalmConfigResponse": { "description": "Configuration options for the KALM addon.", "properties": { "enabled": { "type": "boolean", "description": "Whether KALM is enabled for this cluster." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1beta1:KubernetesDashboard": { "description": "Configuration for the Kubernetes Dashboard.", "properties": { "disabled": { "type": "boolean", "description": "Whether the Kubernetes Dashboard is enabled for this cluster." } }, "type": "object" }, "google-native:container/v1beta1:KubernetesDashboardResponse": { "description": "Configuration for the Kubernetes Dashboard.", "properties": { "disabled": { "type": "boolean", "description": "Whether the Kubernetes Dashboard is enabled for this cluster." } }, "type": "object", "required": [ "disabled" ] }, "google-native:container/v1beta1:LegacyAbac": { "description": "Configuration for the legacy Attribute Based Access Control authorization mode.", "properties": { "enabled": { "type": "boolean", "description": "Whether the ABAC authorizer is enabled for this cluster. When enabled, identities in the system, including service accounts, nodes, and controllers, will have statically granted permissions beyond those provided by the RBAC configuration or IAM." } }, "type": "object" }, "google-native:container/v1beta1:LegacyAbacResponse": { "description": "Configuration for the legacy Attribute Based Access Control authorization mode.", "properties": { "enabled": { "type": "boolean", "description": "Whether the ABAC authorizer is enabled for this cluster. When enabled, identities in the system, including service accounts, nodes, and controllers, will have statically granted permissions beyond those provided by the RBAC configuration or IAM." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1beta1:LinuxNodeConfig": { "description": "Parameters that can be configured on Linux nodes.", "properties": { "cgroupMode": { "$ref": "#/types/google-native:container%2Fv1beta1:LinuxNodeConfigCgroupMode", "description": "cgroup_mode specifies the cgroup mode to be used on the node." }, "sysctls": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The Linux kernel parameters to be applied to the nodes and all pods running on the nodes. The following parameters are supported. net.core.busy_poll net.core.busy_read net.core.netdev_max_backlog net.core.rmem_max net.core.wmem_default net.core.wmem_max net.core.optmem_max net.core.somaxconn net.ipv4.tcp_rmem net.ipv4.tcp_wmem net.ipv4.tcp_tw_reuse" } }, "type": "object" }, "google-native:container/v1beta1:LinuxNodeConfigCgroupMode": { "description": "cgroup_mode specifies the cgroup mode to be used on the node.", "type": "string", "enum": [ { "name": "CgroupModeUnspecified", "description": "CGROUP_MODE_UNSPECIFIED is when unspecified cgroup configuration is used. The default for the GKE node OS image will be used.", "value": "CGROUP_MODE_UNSPECIFIED" }, { "name": "CgroupModeV1", "description": "CGROUP_MODE_V1 specifies to use cgroupv1 for the cgroup configuration on the node image.", "value": "CGROUP_MODE_V1" }, { "name": "CgroupModeV2", "description": "CGROUP_MODE_V2 specifies to use cgroupv2 for the cgroup configuration on the node image.", "value": "CGROUP_MODE_V2" } ] }, "google-native:container/v1beta1:LinuxNodeConfigResponse": { "description": "Parameters that can be configured on Linux nodes.", "properties": { "cgroupMode": { "type": "string", "description": "cgroup_mode specifies the cgroup mode to be used on the node." }, "sysctls": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The Linux kernel parameters to be applied to the nodes and all pods running on the nodes. The following parameters are supported. net.core.busy_poll net.core.busy_read net.core.netdev_max_backlog net.core.rmem_max net.core.wmem_default net.core.wmem_max net.core.optmem_max net.core.somaxconn net.ipv4.tcp_rmem net.ipv4.tcp_wmem net.ipv4.tcp_tw_reuse" } }, "type": "object", "required": [ "cgroupMode", "sysctls" ] }, "google-native:container/v1beta1:LocalNvmeSsdBlockConfig": { "description": "LocalNvmeSsdBlockConfig contains configuration for using raw-block local NVMe SSDs", "properties": { "localSsdCount": { "type": "integer", "description": "Number of local NVMe SSDs to use. The limit for this value is dependent upon the maximum number of disk available on a machine per zone. See: https://cloud.google.com/compute/docs/disks/local-ssd for more information. A zero (or unset) value has different meanings depending on machine type being used: 1. For pre-Gen3 machines, which support flexible numbers of local ssds, zero (or unset) means to disable using local SSDs as ephemeral storage. 2. For Gen3 machines which dictate a specific number of local ssds, zero (or unset) means to use the default number of local ssds that goes with that machine type. For example, for a c3-standard-8-lssd machine, 2 local ssds would be provisioned. For c3-standard-8 (which doesn't support local ssds), 0 will be provisioned. See https://cloud.google.com/compute/docs/disks/local-ssd#choose_number_local_ssds for more info." } }, "type": "object" }, "google-native:container/v1beta1:LocalNvmeSsdBlockConfigResponse": { "description": "LocalNvmeSsdBlockConfig contains configuration for using raw-block local NVMe SSDs", "properties": { "localSsdCount": { "type": "integer", "description": "Number of local NVMe SSDs to use. The limit for this value is dependent upon the maximum number of disk available on a machine per zone. See: https://cloud.google.com/compute/docs/disks/local-ssd for more information. A zero (or unset) value has different meanings depending on machine type being used: 1. For pre-Gen3 machines, which support flexible numbers of local ssds, zero (or unset) means to disable using local SSDs as ephemeral storage. 2. For Gen3 machines which dictate a specific number of local ssds, zero (or unset) means to use the default number of local ssds that goes with that machine type. For example, for a c3-standard-8-lssd machine, 2 local ssds would be provisioned. For c3-standard-8 (which doesn't support local ssds), 0 will be provisioned. See https://cloud.google.com/compute/docs/disks/local-ssd#choose_number_local_ssds for more info." } }, "type": "object", "required": [ "localSsdCount" ] }, "google-native:container/v1beta1:LoggingComponentConfig": { "description": "LoggingComponentConfig is cluster logging component configuration.", "properties": { "enableComponents": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1beta1:LoggingComponentConfigEnableComponentsItem" }, "description": "Select components to collect logs. An empty set would disable all logging." } }, "type": "object" }, "google-native:container/v1beta1:LoggingComponentConfigEnableComponentsItem": { "type": "string", "enum": [ { "name": "ComponentUnspecified", "description": "Default value. This shouldn't be used.", "value": "COMPONENT_UNSPECIFIED" }, { "name": "SystemComponents", "description": "system components", "value": "SYSTEM_COMPONENTS" }, { "name": "Workloads", "description": "workloads", "value": "WORKLOADS" }, { "name": "Apiserver", "description": "kube-apiserver", "value": "APISERVER" }, { "name": "Scheduler", "description": "kube-scheduler", "value": "SCHEDULER" }, { "name": "ControllerManager", "description": "kube-controller-manager", "value": "CONTROLLER_MANAGER" } ] }, "google-native:container/v1beta1:LoggingComponentConfigResponse": { "description": "LoggingComponentConfig is cluster logging component configuration.", "properties": { "enableComponents": { "type": "array", "items": { "type": "string" }, "description": "Select components to collect logs. An empty set would disable all logging." } }, "type": "object", "required": [ "enableComponents" ] }, "google-native:container/v1beta1:LoggingConfig": { "description": "LoggingConfig is cluster logging configuration.", "properties": { "componentConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:LoggingComponentConfig", "description": "Logging components configuration" } }, "type": "object" }, "google-native:container/v1beta1:LoggingConfigResponse": { "description": "LoggingConfig is cluster logging configuration.", "properties": { "componentConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:LoggingComponentConfigResponse", "description": "Logging components configuration" } }, "type": "object", "required": [ "componentConfig" ] }, "google-native:container/v1beta1:LoggingVariantConfig": { "description": "LoggingVariantConfig specifies the behaviour of the logging component.", "properties": { "variant": { "$ref": "#/types/google-native:container%2Fv1beta1:LoggingVariantConfigVariant", "description": "Logging variant deployed on nodes." } }, "type": "object" }, "google-native:container/v1beta1:LoggingVariantConfigResponse": { "description": "LoggingVariantConfig specifies the behaviour of the logging component.", "properties": { "variant": { "type": "string", "description": "Logging variant deployed on nodes." } }, "type": "object", "required": [ "variant" ] }, "google-native:container/v1beta1:LoggingVariantConfigVariant": { "description": "Logging variant deployed on nodes.", "type": "string", "enum": [ { "name": "VariantUnspecified", "description": "Default value. This shouldn't be used.", "value": "VARIANT_UNSPECIFIED" }, { "name": "Default", "description": "default logging variant.", "value": "DEFAULT" }, { "name": "MaxThroughput", "description": "maximum logging throughput variant.", "value": "MAX_THROUGHPUT" } ] }, "google-native:container/v1beta1:MaintenanceExclusionOptions": { "description": "Represents the Maintenance exclusion option.", "properties": { "scope": { "$ref": "#/types/google-native:container%2Fv1beta1:MaintenanceExclusionOptionsScope", "description": "Scope specifies the upgrade scope which upgrades are blocked by the exclusion." } }, "type": "object" }, "google-native:container/v1beta1:MaintenanceExclusionOptionsResponse": { "description": "Represents the Maintenance exclusion option.", "properties": { "scope": { "type": "string", "description": "Scope specifies the upgrade scope which upgrades are blocked by the exclusion." } }, "type": "object", "required": [ "scope" ] }, "google-native:container/v1beta1:MaintenanceExclusionOptionsScope": { "description": "Scope specifies the upgrade scope which upgrades are blocked by the exclusion.", "type": "string", "enum": [ { "name": "NoUpgrades", "description": "NO_UPGRADES excludes all upgrades, including patch upgrades and minor upgrades across control planes and nodes. This is the default exclusion behavior.", "value": "NO_UPGRADES" }, { "name": "NoMinorUpgrades", "description": "NO_MINOR_UPGRADES excludes all minor upgrades for the cluster, only patches are allowed.", "value": "NO_MINOR_UPGRADES" }, { "name": "NoMinorOrNodeUpgrades", "description": "NO_MINOR_OR_NODE_UPGRADES excludes all minor upgrades for the cluster, and also exclude all node pool upgrades. Only control plane patches are allowed.", "value": "NO_MINOR_OR_NODE_UPGRADES" } ] }, "google-native:container/v1beta1:MaintenancePolicy": { "description": "MaintenancePolicy defines the maintenance policy to be used for the cluster.", "properties": { "resourceVersion": { "type": "string", "description": "A hash identifying the version of this policy, so that updates to fields of the policy won't accidentally undo intermediate changes (and so that users of the API unaware of some fields won't accidentally remove other fields). Make a `get()` request to the cluster to get the current resource version and include it with requests to set the policy." }, "window": { "$ref": "#/types/google-native:container%2Fv1beta1:MaintenanceWindow", "description": "Specifies the maintenance window in which maintenance may be performed." } }, "type": "object" }, "google-native:container/v1beta1:MaintenancePolicyResponse": { "description": "MaintenancePolicy defines the maintenance policy to be used for the cluster.", "properties": { "resourceVersion": { "type": "string", "description": "A hash identifying the version of this policy, so that updates to fields of the policy won't accidentally undo intermediate changes (and so that users of the API unaware of some fields won't accidentally remove other fields). Make a `get()` request to the cluster to get the current resource version and include it with requests to set the policy." }, "window": { "$ref": "#/types/google-native:container%2Fv1beta1:MaintenanceWindowResponse", "description": "Specifies the maintenance window in which maintenance may be performed." } }, "type": "object", "required": [ "resourceVersion", "window" ] }, "google-native:container/v1beta1:MaintenanceWindow": { "description": "MaintenanceWindow defines the maintenance window to be used for the cluster.", "properties": { "dailyMaintenanceWindow": { "$ref": "#/types/google-native:container%2Fv1beta1:DailyMaintenanceWindow", "description": "DailyMaintenanceWindow specifies a daily maintenance operation window." }, "maintenanceExclusions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Exceptions to maintenance window. Non-emergency maintenance should not occur in these windows." }, "recurringWindow": { "$ref": "#/types/google-native:container%2Fv1beta1:RecurringTimeWindow", "description": "RecurringWindow specifies some number of recurring time periods for maintenance to occur. The time windows may be overlapping. If no maintenance windows are set, maintenance can occur at any time." } }, "type": "object" }, "google-native:container/v1beta1:MaintenanceWindowResponse": { "description": "MaintenanceWindow defines the maintenance window to be used for the cluster.", "properties": { "dailyMaintenanceWindow": { "$ref": "#/types/google-native:container%2Fv1beta1:DailyMaintenanceWindowResponse", "description": "DailyMaintenanceWindow specifies a daily maintenance operation window." }, "maintenanceExclusions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Exceptions to maintenance window. Non-emergency maintenance should not occur in these windows." }, "recurringWindow": { "$ref": "#/types/google-native:container%2Fv1beta1:RecurringTimeWindowResponse", "description": "RecurringWindow specifies some number of recurring time periods for maintenance to occur. The time windows may be overlapping. If no maintenance windows are set, maintenance can occur at any time." } }, "type": "object", "required": [ "dailyMaintenanceWindow", "maintenanceExclusions", "recurringWindow" ] }, "google-native:container/v1beta1:ManagedPrometheusConfig": { "description": "ManagedPrometheusConfig defines the configuration for Google Cloud Managed Service for Prometheus.", "properties": { "enabled": { "type": "boolean", "description": "Enable Managed Collection." } }, "type": "object" }, "google-native:container/v1beta1:ManagedPrometheusConfigResponse": { "description": "ManagedPrometheusConfig defines the configuration for Google Cloud Managed Service for Prometheus.", "properties": { "enabled": { "type": "boolean", "description": "Enable Managed Collection." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1beta1:Master": { "description": "Master is the configuration for components on master.", "type": "object" }, "google-native:container/v1beta1:MasterAuth": { "description": "The authentication information for accessing the master endpoint. Authentication can be done using HTTP basic auth or using client certificates.", "properties": { "clientCertificateConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:ClientCertificateConfig", "description": "Configuration for client certificate authentication on the cluster. For clusters before v1.12, if no configuration is specified, a client certificate is issued." }, "clusterCaCertificate": { "type": "string" }, "password": { "type": "string", "description": "The password to use for HTTP basic authentication to the master endpoint. Because the master endpoint is open to the Internet, you should create a strong password. If a password is provided for cluster creation, username must be non-empty. Warning: basic authentication is deprecated, and will be removed in GKE control plane versions 1.19 and newer. For a list of recommended authentication methods, see: https://cloud.google.com/kubernetes-engine/docs/how-to/api-server-authentication" }, "username": { "type": "string", "description": "The username to use for HTTP basic authentication to the master endpoint. For clusters v1.6.0 and later, basic authentication can be disabled by leaving username unspecified (or setting it to the empty string). Warning: basic authentication is deprecated, and will be removed in GKE control plane versions 1.19 and newer. For a list of recommended authentication methods, see: https://cloud.google.com/kubernetes-engine/docs/how-to/api-server-authentication" } }, "type": "object" }, "google-native:container/v1beta1:MasterAuthResponse": { "description": "The authentication information for accessing the master endpoint. Authentication can be done using HTTP basic auth or using client certificates.", "properties": { "clientCertificate": { "type": "string", "description": "[Output only] Base64-encoded public certificate used by clients to authenticate to the cluster endpoint." }, "clientCertificateConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:ClientCertificateConfigResponse", "description": "Configuration for client certificate authentication on the cluster. For clusters before v1.12, if no configuration is specified, a client certificate is issued." }, "clientKey": { "type": "string", "description": "[Output only] Base64-encoded private key used by clients to authenticate to the cluster endpoint." }, "clusterCaCertificate": { "type": "string" }, "password": { "type": "string", "description": "The password to use for HTTP basic authentication to the master endpoint. Because the master endpoint is open to the Internet, you should create a strong password. If a password is provided for cluster creation, username must be non-empty. Warning: basic authentication is deprecated, and will be removed in GKE control plane versions 1.19 and newer. For a list of recommended authentication methods, see: https://cloud.google.com/kubernetes-engine/docs/how-to/api-server-authentication" }, "username": { "type": "string", "description": "The username to use for HTTP basic authentication to the master endpoint. For clusters v1.6.0 and later, basic authentication can be disabled by leaving username unspecified (or setting it to the empty string). Warning: basic authentication is deprecated, and will be removed in GKE control plane versions 1.19 and newer. For a list of recommended authentication methods, see: https://cloud.google.com/kubernetes-engine/docs/how-to/api-server-authentication" } }, "type": "object", "required": [ "clientCertificate", "clientCertificateConfig", "clientKey", "clusterCaCertificate", "password", "username" ] }, "google-native:container/v1beta1:MasterAuthorizedNetworksConfig": { "description": "Configuration options for the master authorized networks feature. Enabled master authorized networks will disallow all external traffic to access Kubernetes master through HTTPS except traffic from the given CIDR blocks, Google Compute Engine Public IPs and Google Prod IPs.", "properties": { "cidrBlocks": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1beta1:CidrBlock" }, "description": "cidr_blocks define up to 10 external networks that could access Kubernetes master through HTTPS." }, "enabled": { "type": "boolean", "description": "Whether or not master authorized networks is enabled." }, "gcpPublicCidrsAccessEnabled": { "type": "boolean", "description": "Whether master is accessbile via Google Compute Engine Public IP addresses." } }, "type": "object" }, "google-native:container/v1beta1:MasterAuthorizedNetworksConfigResponse": { "description": "Configuration options for the master authorized networks feature. Enabled master authorized networks will disallow all external traffic to access Kubernetes master through HTTPS except traffic from the given CIDR blocks, Google Compute Engine Public IPs and Google Prod IPs.", "properties": { "cidrBlocks": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1beta1:CidrBlockResponse" }, "description": "cidr_blocks define up to 10 external networks that could access Kubernetes master through HTTPS." }, "enabled": { "type": "boolean", "description": "Whether or not master authorized networks is enabled." }, "gcpPublicCidrsAccessEnabled": { "type": "boolean", "description": "Whether master is accessbile via Google Compute Engine Public IP addresses." } }, "type": "object", "required": [ "cidrBlocks", "enabled", "gcpPublicCidrsAccessEnabled" ] }, "google-native:container/v1beta1:MasterResponse": { "description": "Master is the configuration for components on master.", "type": "object" }, "google-native:container/v1beta1:MaxPodsConstraint": { "description": "Constraints applied to pods.", "properties": { "maxPodsPerNode": { "type": "string", "description": "Constraint enforced on the max num of pods per node." } }, "type": "object" }, "google-native:container/v1beta1:MaxPodsConstraintResponse": { "description": "Constraints applied to pods.", "properties": { "maxPodsPerNode": { "type": "string", "description": "Constraint enforced on the max num of pods per node." } }, "type": "object", "required": [ "maxPodsPerNode" ] }, "google-native:container/v1beta1:MeshCertificates": { "description": "Configuration for issuance of mTLS keys and certificates to Kubernetes pods.", "properties": { "enableCertificates": { "type": "boolean", "description": "enable_certificates controls issuance of workload mTLS certificates. If set, the GKE Workload Identity Certificates controller and node agent will be deployed in the cluster, which can then be configured by creating a WorkloadCertificateConfig Custom Resource. Requires Workload Identity (workload_pool must be non-empty)." } }, "type": "object" }, "google-native:container/v1beta1:MeshCertificatesResponse": { "description": "Configuration for issuance of mTLS keys and certificates to Kubernetes pods.", "properties": { "enableCertificates": { "type": "boolean", "description": "enable_certificates controls issuance of workload mTLS certificates. If set, the GKE Workload Identity Certificates controller and node agent will be deployed in the cluster, which can then be configured by creating a WorkloadCertificateConfig Custom Resource. Requires Workload Identity (workload_pool must be non-empty)." } }, "type": "object", "required": [ "enableCertificates" ] }, "google-native:container/v1beta1:MonitoringComponentConfig": { "description": "MonitoringComponentConfig is cluster monitoring component configuration.", "properties": { "enableComponents": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1beta1:MonitoringComponentConfigEnableComponentsItem" }, "description": "Select components to collect metrics. An empty set would disable all monitoring." } }, "type": "object" }, "google-native:container/v1beta1:MonitoringComponentConfigEnableComponentsItem": { "type": "string", "enum": [ { "name": "ComponentUnspecified", "description": "Default value. This shouldn't be used.", "value": "COMPONENT_UNSPECIFIED" }, { "name": "SystemComponents", "description": "system components", "value": "SYSTEM_COMPONENTS" }, { "name": "Workloads", "description": "Deprecated: Use Google Cloud Managed Service for Prometheus.", "value": "WORKLOADS" }, { "name": "Apiserver", "description": "kube-apiserver", "value": "APISERVER" }, { "name": "Scheduler", "description": "kube-scheduler", "value": "SCHEDULER" }, { "name": "ControllerManager", "description": "kube-controller-manager", "value": "CONTROLLER_MANAGER" }, { "name": "Storage", "description": "Storage", "value": "STORAGE" }, { "name": "Hpa", "description": "Horizontal Pod Autoscaling", "value": "HPA" }, { "name": "Pod", "description": "Pod", "value": "POD" }, { "name": "Daemonset", "description": "DaemonSet", "value": "DAEMONSET" }, { "name": "Deployment", "description": "Deployment", "value": "DEPLOYMENT" }, { "name": "Statefulset", "description": "Statefulset", "value": "STATEFULSET" } ] }, "google-native:container/v1beta1:MonitoringComponentConfigResponse": { "description": "MonitoringComponentConfig is cluster monitoring component configuration.", "properties": { "enableComponents": { "type": "array", "items": { "type": "string" }, "description": "Select components to collect metrics. An empty set would disable all monitoring." } }, "type": "object", "required": [ "enableComponents" ] }, "google-native:container/v1beta1:MonitoringConfig": { "description": "MonitoringConfig is cluster monitoring configuration.", "properties": { "advancedDatapathObservabilityConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:AdvancedDatapathObservabilityConfig", "description": "Configuration of Advanced Datapath Observability features." }, "componentConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:MonitoringComponentConfig", "description": "Monitoring components configuration" }, "managedPrometheusConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:ManagedPrometheusConfig", "description": "Enable Google Cloud Managed Service for Prometheus in the cluster." } }, "type": "object" }, "google-native:container/v1beta1:MonitoringConfigResponse": { "description": "MonitoringConfig is cluster monitoring configuration.", "properties": { "advancedDatapathObservabilityConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:AdvancedDatapathObservabilityConfigResponse", "description": "Configuration of Advanced Datapath Observability features." }, "componentConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:MonitoringComponentConfigResponse", "description": "Monitoring components configuration" }, "managedPrometheusConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:ManagedPrometheusConfigResponse", "description": "Enable Google Cloud Managed Service for Prometheus in the cluster." } }, "type": "object", "required": [ "advancedDatapathObservabilityConfig", "componentConfig", "managedPrometheusConfig" ] }, "google-native:container/v1beta1:NetworkConfig": { "description": "NetworkConfig reports the relative names of network & subnetwork.", "properties": { "datapathProvider": { "$ref": "#/types/google-native:container%2Fv1beta1:NetworkConfigDatapathProvider", "description": "The desired datapath provider for this cluster. By default, uses the IPTables-based kube-proxy implementation." }, "defaultSnatStatus": { "$ref": "#/types/google-native:container%2Fv1beta1:DefaultSnatStatus", "description": "Whether the cluster disables default in-node sNAT rules. In-node sNAT rules will be disabled when default_snat_status is disabled. When disabled is set to false, default IP masquerade rules will be applied to the nodes to prevent sNAT on cluster internal traffic." }, "dnsConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:DNSConfig", "description": "DNSConfig contains clusterDNS config for this cluster." }, "enableFqdnNetworkPolicy": { "type": "boolean", "description": "Whether FQDN Network Policy is enabled on this cluster." }, "enableIntraNodeVisibility": { "type": "boolean", "description": "Whether Intra-node visibility is enabled for this cluster. This makes same node pod to pod traffic visible for VPC network." }, "enableL4ilbSubsetting": { "type": "boolean", "description": "Whether L4ILB Subsetting is enabled for this cluster." }, "enableMultiNetworking": { "type": "boolean", "description": "Whether multi-networking is enabled for this cluster." }, "gatewayApiConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:GatewayAPIConfig", "description": "GatewayAPIConfig contains the desired config of Gateway API on this cluster." }, "inTransitEncryptionConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:NetworkConfigInTransitEncryptionConfig", "description": "Specify the details of in-transit encryption." }, "networkPerformanceConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:ClusterNetworkPerformanceConfig", "description": "Network bandwidth tier configuration." }, "privateIpv6GoogleAccess": { "$ref": "#/types/google-native:container%2Fv1beta1:NetworkConfigPrivateIpv6GoogleAccess", "description": "The desired state of IPv6 connectivity to Google Services. By default, no private IPv6 access to or from Google Services (all access will be via IPv4)" }, "serviceExternalIpsConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:ServiceExternalIPsConfig", "description": "ServiceExternalIPsConfig specifies if services with externalIPs field are blocked or not." } }, "type": "object" }, "google-native:container/v1beta1:NetworkConfigDatapathProvider": { "description": "The desired datapath provider for this cluster. By default, uses the IPTables-based kube-proxy implementation.", "type": "string", "enum": [ { "name": "DatapathProviderUnspecified", "description": "Default value.", "value": "DATAPATH_PROVIDER_UNSPECIFIED" }, { "name": "LegacyDatapath", "description": "Use the IPTables implementation based on kube-proxy.", "value": "LEGACY_DATAPATH" }, { "name": "AdvancedDatapath", "description": "Use the eBPF based GKE Dataplane V2 with additional features. See the [GKE Dataplane V2 documentation](https://cloud.google.com/kubernetes-engine/docs/how-to/dataplane-v2) for more.", "value": "ADVANCED_DATAPATH" } ] }, "google-native:container/v1beta1:NetworkConfigInTransitEncryptionConfig": { "description": "Specify the details of in-transit encryption.", "type": "string", "enum": [ { "name": "InTransitEncryptionConfigUnspecified", "description": "Unspecified, will be inferred as default - IN_TRANSIT_ENCRYPTION_UNSPECIFIED.", "value": "IN_TRANSIT_ENCRYPTION_CONFIG_UNSPECIFIED" }, { "name": "InTransitEncryptionDisabled", "description": "In-transit encryption is disabled.", "value": "IN_TRANSIT_ENCRYPTION_DISABLED" }, { "name": "InTransitEncryptionInterNodeTransparent", "description": "Data in-transit is encrypted using inter-node transparent encryption.", "value": "IN_TRANSIT_ENCRYPTION_INTER_NODE_TRANSPARENT" } ] }, "google-native:container/v1beta1:NetworkConfigPrivateIpv6GoogleAccess": { "description": "The desired state of IPv6 connectivity to Google Services. By default, no private IPv6 access to or from Google Services (all access will be via IPv4)", "type": "string", "enum": [ { "name": "PrivateIpv6GoogleAccessUnspecified", "description": "Default value. Same as DISABLED", "value": "PRIVATE_IPV6_GOOGLE_ACCESS_UNSPECIFIED" }, { "name": "PrivateIpv6GoogleAccessDisabled", "description": "No private access to or from Google Services", "value": "PRIVATE_IPV6_GOOGLE_ACCESS_DISABLED" }, { "name": "PrivateIpv6GoogleAccessToGoogle", "description": "Enables private IPv6 access to Google Services from GKE", "value": "PRIVATE_IPV6_GOOGLE_ACCESS_TO_GOOGLE" }, { "name": "PrivateIpv6GoogleAccessBidirectional", "description": "Enables private IPv6 access to and from Google Services", "value": "PRIVATE_IPV6_GOOGLE_ACCESS_BIDIRECTIONAL" } ] }, "google-native:container/v1beta1:NetworkConfigResponse": { "description": "NetworkConfig reports the relative names of network & subnetwork.", "properties": { "datapathProvider": { "type": "string", "description": "The desired datapath provider for this cluster. By default, uses the IPTables-based kube-proxy implementation." }, "defaultSnatStatus": { "$ref": "#/types/google-native:container%2Fv1beta1:DefaultSnatStatusResponse", "description": "Whether the cluster disables default in-node sNAT rules. In-node sNAT rules will be disabled when default_snat_status is disabled. When disabled is set to false, default IP masquerade rules will be applied to the nodes to prevent sNAT on cluster internal traffic." }, "dnsConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:DNSConfigResponse", "description": "DNSConfig contains clusterDNS config for this cluster." }, "enableFqdnNetworkPolicy": { "type": "boolean", "description": "Whether FQDN Network Policy is enabled on this cluster." }, "enableIntraNodeVisibility": { "type": "boolean", "description": "Whether Intra-node visibility is enabled for this cluster. This makes same node pod to pod traffic visible for VPC network." }, "enableL4ilbSubsetting": { "type": "boolean", "description": "Whether L4ILB Subsetting is enabled for this cluster." }, "enableMultiNetworking": { "type": "boolean", "description": "Whether multi-networking is enabled for this cluster." }, "gatewayApiConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:GatewayAPIConfigResponse", "description": "GatewayAPIConfig contains the desired config of Gateway API on this cluster." }, "inTransitEncryptionConfig": { "type": "string", "description": "Specify the details of in-transit encryption." }, "network": { "type": "string", "description": "The relative name of the Google Compute Engine network(https://cloud.google.com/compute/docs/networks-and-firewalls#networks) to which the cluster is connected. Example: projects/my-project/global/networks/my-network" }, "networkPerformanceConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:ClusterNetworkPerformanceConfigResponse", "description": "Network bandwidth tier configuration." }, "privateIpv6GoogleAccess": { "type": "string", "description": "The desired state of IPv6 connectivity to Google Services. By default, no private IPv6 access to or from Google Services (all access will be via IPv4)" }, "serviceExternalIpsConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:ServiceExternalIPsConfigResponse", "description": "ServiceExternalIPsConfig specifies if services with externalIPs field are blocked or not." }, "subnetwork": { "type": "string", "description": "The relative name of the Google Compute Engine [subnetwork](https://cloud.google.com/compute/docs/vpc) to which the cluster is connected. Example: projects/my-project/regions/us-central1/subnetworks/my-subnet" } }, "type": "object", "required": [ "datapathProvider", "defaultSnatStatus", "dnsConfig", "enableFqdnNetworkPolicy", "enableIntraNodeVisibility", "enableL4ilbSubsetting", "enableMultiNetworking", "gatewayApiConfig", "inTransitEncryptionConfig", "network", "networkPerformanceConfig", "privateIpv6GoogleAccess", "serviceExternalIpsConfig", "subnetwork" ] }, "google-native:container/v1beta1:NetworkPerformanceConfig": { "description": "Configuration of all network bandwidth tiers", "properties": { "externalIpEgressBandwidthTier": { "$ref": "#/types/google-native:container%2Fv1beta1:NetworkPerformanceConfigExternalIpEgressBandwidthTier", "description": "Specifies the network bandwidth tier for the NodePool for traffic to external/public IP addresses." }, "totalEgressBandwidthTier": { "$ref": "#/types/google-native:container%2Fv1beta1:NetworkPerformanceConfigTotalEgressBandwidthTier", "description": "Specifies the total network bandwidth tier for the NodePool." } }, "type": "object" }, "google-native:container/v1beta1:NetworkPerformanceConfigExternalIpEgressBandwidthTier": { "description": "Specifies the network bandwidth tier for the NodePool for traffic to external/public IP addresses.", "type": "string", "enum": [ { "name": "TierUnspecified", "description": "Default value", "value": "TIER_UNSPECIFIED" }, { "name": "Tier1", "description": "Higher bandwidth, actual values based on VM size.", "value": "TIER_1" } ] }, "google-native:container/v1beta1:NetworkPerformanceConfigResponse": { "description": "Configuration of all network bandwidth tiers", "properties": { "externalIpEgressBandwidthTier": { "type": "string", "description": "Specifies the network bandwidth tier for the NodePool for traffic to external/public IP addresses." }, "totalEgressBandwidthTier": { "type": "string", "description": "Specifies the total network bandwidth tier for the NodePool." } }, "type": "object", "required": [ "externalIpEgressBandwidthTier", "totalEgressBandwidthTier" ] }, "google-native:container/v1beta1:NetworkPerformanceConfigTotalEgressBandwidthTier": { "description": "Specifies the total network bandwidth tier for the NodePool.", "type": "string", "enum": [ { "name": "TierUnspecified", "description": "Default value", "value": "TIER_UNSPECIFIED" }, { "name": "Tier1", "description": "Higher bandwidth, actual values based on VM size.", "value": "TIER_1" } ] }, "google-native:container/v1beta1:NetworkPolicy": { "description": "Configuration options for the NetworkPolicy feature. https://kubernetes.io/docs/concepts/services-networking/networkpolicies/", "properties": { "enabled": { "type": "boolean", "description": "Whether network policy is enabled on the cluster." }, "provider": { "$ref": "#/types/google-native:container%2Fv1beta1:NetworkPolicyProvider", "description": "The selected network policy provider." } }, "type": "object" }, "google-native:container/v1beta1:NetworkPolicyConfig": { "description": "Configuration for NetworkPolicy. This only tracks whether the addon is enabled or not on the Master, it does not track whether network policy is enabled for the nodes.", "properties": { "disabled": { "type": "boolean", "description": "Whether NetworkPolicy is enabled for this cluster." } }, "type": "object" }, "google-native:container/v1beta1:NetworkPolicyConfigResponse": { "description": "Configuration for NetworkPolicy. This only tracks whether the addon is enabled or not on the Master, it does not track whether network policy is enabled for the nodes.", "properties": { "disabled": { "type": "boolean", "description": "Whether NetworkPolicy is enabled for this cluster." } }, "type": "object", "required": [ "disabled" ] }, "google-native:container/v1beta1:NetworkPolicyProvider": { "description": "The selected network policy provider.", "type": "string", "enum": [ { "name": "ProviderUnspecified", "description": "Not set", "value": "PROVIDER_UNSPECIFIED" }, { "name": "Calico", "description": "Tigera (Calico Felix).", "value": "CALICO" } ] }, "google-native:container/v1beta1:NetworkPolicyResponse": { "description": "Configuration options for the NetworkPolicy feature. https://kubernetes.io/docs/concepts/services-networking/networkpolicies/", "properties": { "enabled": { "type": "boolean", "description": "Whether network policy is enabled on the cluster." }, "provider": { "type": "string", "description": "The selected network policy provider." } }, "type": "object", "required": [ "enabled", "provider" ] }, "google-native:container/v1beta1:NetworkTags": { "description": "Collection of Compute Engine network tags that can be applied to a node's underlying VM instance. (See `tags` field in [`NodeConfig`](/kubernetes-engine/docs/reference/rest/v1/NodeConfig)).", "properties": { "tags": { "type": "array", "items": { "type": "string" }, "description": "List of network tags." } }, "type": "object" }, "google-native:container/v1beta1:NetworkTagsResponse": { "description": "Collection of Compute Engine network tags that can be applied to a node's underlying VM instance. (See `tags` field in [`NodeConfig`](/kubernetes-engine/docs/reference/rest/v1/NodeConfig)).", "properties": { "tags": { "type": "array", "items": { "type": "string" }, "description": "List of network tags." } }, "type": "object", "required": [ "tags" ] }, "google-native:container/v1beta1:NodeAffinity": { "description": "Specifies the NodeAffinity key, values, and affinity operator according to [shared sole tenant node group affinities](https://cloud.google.com/compute/docs/nodes/sole-tenant-nodes#node_affinity_and_anti-affinity).", "properties": { "key": { "type": "string", "description": "Key for NodeAffinity." }, "operator": { "$ref": "#/types/google-native:container%2Fv1beta1:NodeAffinityOperator", "description": "Operator for NodeAffinity." }, "values": { "type": "array", "items": { "type": "string" }, "description": "Values for NodeAffinity." } }, "type": "object" }, "google-native:container/v1beta1:NodeAffinityOperator": { "description": "Operator for NodeAffinity.", "type": "string", "enum": [ { "name": "OperatorUnspecified", "description": "Invalid or unspecified affinity operator.", "value": "OPERATOR_UNSPECIFIED" }, { "name": "In", "description": "Affinity operator.", "value": "IN" }, { "name": "NotIn", "description": "Anti-affinity operator.", "value": "NOT_IN" } ] }, "google-native:container/v1beta1:NodeAffinityResponse": { "description": "Specifies the NodeAffinity key, values, and affinity operator according to [shared sole tenant node group affinities](https://cloud.google.com/compute/docs/nodes/sole-tenant-nodes#node_affinity_and_anti-affinity).", "properties": { "key": { "type": "string", "description": "Key for NodeAffinity." }, "operator": { "type": "string", "description": "Operator for NodeAffinity." }, "values": { "type": "array", "items": { "type": "string" }, "description": "Values for NodeAffinity." } }, "type": "object", "required": [ "key", "operator", "values" ] }, "google-native:container/v1beta1:NodeConfig": { "description": "Parameters that describe the nodes in a cluster. GKE Autopilot clusters do not recognize parameters in `NodeConfig`. Use AutoprovisioningNodePoolDefaults instead.", "properties": { "accelerators": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1beta1:AcceleratorConfig" }, "description": "A list of hardware accelerators to be attached to each node. See https://cloud.google.com/compute/docs/gpus for more information about support for GPUs." }, "advancedMachineFeatures": { "$ref": "#/types/google-native:container%2Fv1beta1:AdvancedMachineFeatures", "description": "Advanced features for the Compute Engine VM." }, "bootDiskKmsKey": { "type": "string", "description": " The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption" }, "confidentialNodes": { "$ref": "#/types/google-native:container%2Fv1beta1:ConfidentialNodes", "description": "Confidential nodes config. All the nodes in the node pool will be Confidential VM once enabled." }, "diskSizeGb": { "type": "integer", "description": "Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. If unspecified, the default disk size is 100GB." }, "diskType": { "type": "string", "description": "Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced') If unspecified, the default disk type is 'pd-standard'" }, "enableConfidentialStorage": { "type": "boolean", "description": "Optional. Enable confidential storage on Hyperdisk. boot_disk_kms_key is required when enable_confidential_storage is true. This is only available for private preview." }, "ephemeralStorageConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:EphemeralStorageConfig", "description": "Parameters for the ephemeral storage filesystem. If unspecified, ephemeral storage is backed by the boot disk." }, "ephemeralStorageLocalSsdConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:EphemeralStorageLocalSsdConfig", "description": "Parameters for the node ephemeral storage using Local SSDs. If unspecified, ephemeral storage is backed by the boot disk. This field is functionally equivalent to the ephemeral_storage_config" }, "fastSocket": { "$ref": "#/types/google-native:container%2Fv1beta1:FastSocket", "description": "Enable or disable NCCL fast socket for the node pool." }, "gcfsConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:GcfsConfig", "description": "GCFS (Google Container File System) configs." }, "gvnic": { "$ref": "#/types/google-native:container%2Fv1beta1:VirtualNIC", "description": "Enable or disable gvnic on the node pool." }, "hostMaintenancePolicy": { "$ref": "#/types/google-native:container%2Fv1beta1:HostMaintenancePolicy", "description": "HostMaintenancePolicy contains the desired maintenance policy for the Google Compute Engine hosts." }, "imageType": { "type": "string", "description": "The image type to use for this node. Note that for a given image type, the latest version of it will be used. Please see https://cloud.google.com/kubernetes-engine/docs/concepts/node-images for available image types." }, "kubeletConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:NodeKubeletConfig", "description": "Node kubelet configs." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of Kubernetes labels (key/value pairs) to be applied to each node. These will added in addition to any default label(s) that Kubernetes may apply to the node. In case of conflict in label keys, the applied set may differ depending on the Kubernetes version -- it's best to assume the behavior is undefined and conflicts should be avoided. For more information, including usage and the valid values, see: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/" }, "linuxNodeConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:LinuxNodeConfig", "description": "Parameters that can be configured on Linux nodes." }, "localNvmeSsdBlockConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:LocalNvmeSsdBlockConfig", "description": "Parameters for using raw-block Local NVMe SSDs." }, "localSsdCount": { "type": "integer", "description": "The number of local SSD disks to be attached to the node. The limit for this value is dependent upon the maximum number of disks available on a machine per zone. See: https://cloud.google.com/compute/docs/disks/local-ssd for more information." }, "loggingConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:NodePoolLoggingConfig", "description": "Logging configuration." }, "machineType": { "type": "string", "description": "The name of a Google Compute Engine [machine type](https://cloud.google.com/compute/docs/machine-types). If unspecified, the default machine type is `e2-medium`." }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The metadata key/value pairs assigned to instances in the cluster. Keys must conform to the regexp `[a-zA-Z0-9-_]+` and be less than 128 bytes in length. These are reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project or be one of the reserved keys: - \"cluster-location\" - \"cluster-name\" - \"cluster-uid\" - \"configure-sh\" - \"containerd-configure-sh\" - \"enable-oslogin\" - \"gci-ensure-gke-docker\" - \"gci-metrics-enabled\" - \"gci-update-strategy\" - \"instance-template\" - \"kube-env\" - \"startup-script\" - \"user-data\" - \"disable-address-manager\" - \"windows-startup-script-ps1\" - \"common-psm1\" - \"k8s-node-setup-psm1\" - \"install-ssh-psm1\" - \"user-profile-psm1\" Values are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on them is that each value's size must be less than or equal to 32 KB. The total size of all keys and values must be less than 512 KB." }, "minCpuPlatform": { "type": "string", "description": "Minimum CPU platform to be used by this instance. The instance may be scheduled on the specified or newer CPU platform. Applicable values are the friendly names of CPU platforms, such as `minCpuPlatform: \"Intel Haswell\"` or `minCpuPlatform: \"Intel Sandy Bridge\"`. For more information, read [how to specify min CPU platform](https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform)." }, "nodeGroup": { "type": "string", "description": "Setting this field will assign instances of this pool to run on the specified node group. This is useful for running workloads on [sole tenant nodes](https://cloud.google.com/compute/docs/nodes/sole-tenant-nodes)." }, "oauthScopes": { "type": "array", "items": { "type": "string" }, "description": "The set of Google API scopes to be made available on all of the node VMs under the \"default\" service account. The following scopes are recommended, but not required, and by default are not included: * `https://www.googleapis.com/auth/compute` is required for mounting persistent storage on your nodes. * `https://www.googleapis.com/auth/devstorage.read_only` is required for communicating with **gcr.io** (the [Google Container Registry](https://cloud.google.com/container-registry/)). If unspecified, no scopes are added, unless Cloud Logging or Cloud Monitoring are enabled, in which case their required scopes will be added." }, "preemptible": { "type": "boolean", "description": "Whether the nodes are created as preemptible VM instances. See: https://cloud.google.com/compute/docs/instances/preemptible for more information about preemptible VM instances." }, "reservationAffinity": { "$ref": "#/types/google-native:container%2Fv1beta1:ReservationAffinity", "description": "The optional reservation affinity. Setting this field will apply the specified [Zonal Compute Reservation](https://cloud.google.com/compute/docs/instances/reserving-zonal-resources) to this node pool." }, "resourceLabels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The resource labels for the node pool to use to annotate any related Google Compute Engine resources." }, "resourceManagerTags": { "$ref": "#/types/google-native:container%2Fv1beta1:ResourceManagerTags", "description": "A map of resource manager tag keys and values to be attached to the nodes." }, "sandboxConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:SandboxConfig", "description": "Sandbox configuration for this node." }, "serviceAccount": { "type": "string", "description": "The Google Cloud Platform Service Account to be used by the node VMs. Specify the email address of the Service Account; otherwise, if no Service Account is specified, the \"default\" service account is used." }, "shieldedInstanceConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:ShieldedInstanceConfig", "description": "Shielded Instance options." }, "soleTenantConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:SoleTenantConfig", "description": "Parameters for node pools to be backed by shared sole tenant node groups." }, "spot": { "type": "boolean", "description": "Spot flag for enabling Spot VM, which is a rebrand of the existing preemptible flag." }, "tags": { "type": "array", "items": { "type": "string" }, "description": "The list of instance tags applied to all nodes. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during cluster or node pool creation. Each tag within the list must comply with RFC1035." }, "taints": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1beta1:NodeTaint" }, "description": "List of kubernetes taints to be applied to each node. For more information, including usage and the valid values, see: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/" }, "windowsNodeConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:WindowsNodeConfig", "description": "Parameters that can be configured on Windows nodes." }, "workloadMetadataConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:WorkloadMetadataConfig", "description": "The workload metadata configuration for this node." } }, "type": "object" }, "google-native:container/v1beta1:NodeConfigDefaults": { "description": "Subset of NodeConfig message that has defaults.", "properties": { "gcfsConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:GcfsConfig", "description": "GCFS (Google Container File System, also known as Riptide) options." }, "hostMaintenancePolicy": { "$ref": "#/types/google-native:container%2Fv1beta1:HostMaintenancePolicy", "description": "HostMaintenancePolicy contains the desired maintenance policy for the Google Compute Engine hosts." }, "loggingConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:NodePoolLoggingConfig", "description": "Logging configuration for node pools." } }, "type": "object" }, "google-native:container/v1beta1:NodeConfigDefaultsResponse": { "description": "Subset of NodeConfig message that has defaults.", "properties": { "gcfsConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:GcfsConfigResponse", "description": "GCFS (Google Container File System, also known as Riptide) options." }, "hostMaintenancePolicy": { "$ref": "#/types/google-native:container%2Fv1beta1:HostMaintenancePolicyResponse", "description": "HostMaintenancePolicy contains the desired maintenance policy for the Google Compute Engine hosts." }, "loggingConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:NodePoolLoggingConfigResponse", "description": "Logging configuration for node pools." } }, "type": "object", "required": [ "gcfsConfig", "hostMaintenancePolicy", "loggingConfig" ] }, "google-native:container/v1beta1:NodeConfigResponse": { "description": "Parameters that describe the nodes in a cluster. GKE Autopilot clusters do not recognize parameters in `NodeConfig`. Use AutoprovisioningNodePoolDefaults instead.", "properties": { "accelerators": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1beta1:AcceleratorConfigResponse" }, "description": "A list of hardware accelerators to be attached to each node. See https://cloud.google.com/compute/docs/gpus for more information about support for GPUs." }, "advancedMachineFeatures": { "$ref": "#/types/google-native:container%2Fv1beta1:AdvancedMachineFeaturesResponse", "description": "Advanced features for the Compute Engine VM." }, "bootDiskKmsKey": { "type": "string", "description": " The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption" }, "confidentialNodes": { "$ref": "#/types/google-native:container%2Fv1beta1:ConfidentialNodesResponse", "description": "Confidential nodes config. All the nodes in the node pool will be Confidential VM once enabled." }, "diskSizeGb": { "type": "integer", "description": "Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. If unspecified, the default disk size is 100GB." }, "diskType": { "type": "string", "description": "Type of the disk attached to each node (e.g. 'pd-standard', 'pd-ssd' or 'pd-balanced') If unspecified, the default disk type is 'pd-standard'" }, "enableConfidentialStorage": { "type": "boolean", "description": "Optional. Enable confidential storage on Hyperdisk. boot_disk_kms_key is required when enable_confidential_storage is true. This is only available for private preview." }, "ephemeralStorageConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:EphemeralStorageConfigResponse", "description": "Parameters for the ephemeral storage filesystem. If unspecified, ephemeral storage is backed by the boot disk." }, "ephemeralStorageLocalSsdConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:EphemeralStorageLocalSsdConfigResponse", "description": "Parameters for the node ephemeral storage using Local SSDs. If unspecified, ephemeral storage is backed by the boot disk. This field is functionally equivalent to the ephemeral_storage_config" }, "fastSocket": { "$ref": "#/types/google-native:container%2Fv1beta1:FastSocketResponse", "description": "Enable or disable NCCL fast socket for the node pool." }, "gcfsConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:GcfsConfigResponse", "description": "GCFS (Google Container File System) configs." }, "gvnic": { "$ref": "#/types/google-native:container%2Fv1beta1:VirtualNICResponse", "description": "Enable or disable gvnic on the node pool." }, "hostMaintenancePolicy": { "$ref": "#/types/google-native:container%2Fv1beta1:HostMaintenancePolicyResponse", "description": "HostMaintenancePolicy contains the desired maintenance policy for the Google Compute Engine hosts." }, "imageType": { "type": "string", "description": "The image type to use for this node. Note that for a given image type, the latest version of it will be used. Please see https://cloud.google.com/kubernetes-engine/docs/concepts/node-images for available image types." }, "kubeletConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:NodeKubeletConfigResponse", "description": "Node kubelet configs." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of Kubernetes labels (key/value pairs) to be applied to each node. These will added in addition to any default label(s) that Kubernetes may apply to the node. In case of conflict in label keys, the applied set may differ depending on the Kubernetes version -- it's best to assume the behavior is undefined and conflicts should be avoided. For more information, including usage and the valid values, see: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/" }, "linuxNodeConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:LinuxNodeConfigResponse", "description": "Parameters that can be configured on Linux nodes." }, "localNvmeSsdBlockConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:LocalNvmeSsdBlockConfigResponse", "description": "Parameters for using raw-block Local NVMe SSDs." }, "localSsdCount": { "type": "integer", "description": "The number of local SSD disks to be attached to the node. The limit for this value is dependent upon the maximum number of disks available on a machine per zone. See: https://cloud.google.com/compute/docs/disks/local-ssd for more information." }, "loggingConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:NodePoolLoggingConfigResponse", "description": "Logging configuration." }, "machineType": { "type": "string", "description": "The name of a Google Compute Engine [machine type](https://cloud.google.com/compute/docs/machine-types). If unspecified, the default machine type is `e2-medium`." }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The metadata key/value pairs assigned to instances in the cluster. Keys must conform to the regexp `[a-zA-Z0-9-_]+` and be less than 128 bytes in length. These are reflected as part of a URL in the metadata server. Additionally, to avoid ambiguity, keys must not conflict with any other metadata keys for the project or be one of the reserved keys: - \"cluster-location\" - \"cluster-name\" - \"cluster-uid\" - \"configure-sh\" - \"containerd-configure-sh\" - \"enable-oslogin\" - \"gci-ensure-gke-docker\" - \"gci-metrics-enabled\" - \"gci-update-strategy\" - \"instance-template\" - \"kube-env\" - \"startup-script\" - \"user-data\" - \"disable-address-manager\" - \"windows-startup-script-ps1\" - \"common-psm1\" - \"k8s-node-setup-psm1\" - \"install-ssh-psm1\" - \"user-profile-psm1\" Values are free-form strings, and only have meaning as interpreted by the image running in the instance. The only restriction placed on them is that each value's size must be less than or equal to 32 KB. The total size of all keys and values must be less than 512 KB." }, "minCpuPlatform": { "type": "string", "description": "Minimum CPU platform to be used by this instance. The instance may be scheduled on the specified or newer CPU platform. Applicable values are the friendly names of CPU platforms, such as `minCpuPlatform: \"Intel Haswell\"` or `minCpuPlatform: \"Intel Sandy Bridge\"`. For more information, read [how to specify min CPU platform](https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform)." }, "nodeGroup": { "type": "string", "description": "Setting this field will assign instances of this pool to run on the specified node group. This is useful for running workloads on [sole tenant nodes](https://cloud.google.com/compute/docs/nodes/sole-tenant-nodes)." }, "oauthScopes": { "type": "array", "items": { "type": "string" }, "description": "The set of Google API scopes to be made available on all of the node VMs under the \"default\" service account. The following scopes are recommended, but not required, and by default are not included: * `https://www.googleapis.com/auth/compute` is required for mounting persistent storage on your nodes. * `https://www.googleapis.com/auth/devstorage.read_only` is required for communicating with **gcr.io** (the [Google Container Registry](https://cloud.google.com/container-registry/)). If unspecified, no scopes are added, unless Cloud Logging or Cloud Monitoring are enabled, in which case their required scopes will be added." }, "preemptible": { "type": "boolean", "description": "Whether the nodes are created as preemptible VM instances. See: https://cloud.google.com/compute/docs/instances/preemptible for more information about preemptible VM instances." }, "reservationAffinity": { "$ref": "#/types/google-native:container%2Fv1beta1:ReservationAffinityResponse", "description": "The optional reservation affinity. Setting this field will apply the specified [Zonal Compute Reservation](https://cloud.google.com/compute/docs/instances/reserving-zonal-resources) to this node pool." }, "resourceLabels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The resource labels for the node pool to use to annotate any related Google Compute Engine resources." }, "resourceManagerTags": { "$ref": "#/types/google-native:container%2Fv1beta1:ResourceManagerTagsResponse", "description": "A map of resource manager tag keys and values to be attached to the nodes." }, "sandboxConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:SandboxConfigResponse", "description": "Sandbox configuration for this node." }, "serviceAccount": { "type": "string", "description": "The Google Cloud Platform Service Account to be used by the node VMs. Specify the email address of the Service Account; otherwise, if no Service Account is specified, the \"default\" service account is used." }, "shieldedInstanceConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:ShieldedInstanceConfigResponse", "description": "Shielded Instance options." }, "soleTenantConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:SoleTenantConfigResponse", "description": "Parameters for node pools to be backed by shared sole tenant node groups." }, "spot": { "type": "boolean", "description": "Spot flag for enabling Spot VM, which is a rebrand of the existing preemptible flag." }, "tags": { "type": "array", "items": { "type": "string" }, "description": "The list of instance tags applied to all nodes. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during cluster or node pool creation. Each tag within the list must comply with RFC1035." }, "taints": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1beta1:NodeTaintResponse" }, "description": "List of kubernetes taints to be applied to each node. For more information, including usage and the valid values, see: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/" }, "windowsNodeConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:WindowsNodeConfigResponse", "description": "Parameters that can be configured on Windows nodes." }, "workloadMetadataConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:WorkloadMetadataConfigResponse", "description": "The workload metadata configuration for this node." } }, "type": "object", "required": [ "accelerators", "advancedMachineFeatures", "bootDiskKmsKey", "confidentialNodes", "diskSizeGb", "diskType", "enableConfidentialStorage", "ephemeralStorageConfig", "ephemeralStorageLocalSsdConfig", "fastSocket", "gcfsConfig", "gvnic", "hostMaintenancePolicy", "imageType", "kubeletConfig", "labels", "linuxNodeConfig", "localNvmeSsdBlockConfig", "localSsdCount", "loggingConfig", "machineType", "metadata", "minCpuPlatform", "nodeGroup", "oauthScopes", "preemptible", "reservationAffinity", "resourceLabels", "resourceManagerTags", "sandboxConfig", "serviceAccount", "shieldedInstanceConfig", "soleTenantConfig", "spot", "tags", "taints", "windowsNodeConfig", "workloadMetadataConfig" ] }, "google-native:container/v1beta1:NodeKubeletConfig": { "description": "Node kubelet configs.", "properties": { "cpuCfsQuota": { "type": "boolean", "description": "Enable CPU CFS quota enforcement for containers that specify CPU limits. This option is enabled by default which makes kubelet use CFS quota (https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt) to enforce container CPU limits. Otherwise, CPU limits will not be enforced at all. Disable this option to mitigate CPU throttling problems while still having your pods to be in Guaranteed QoS class by specifying the CPU limits. The default value is 'true' if unspecified." }, "cpuCfsQuotaPeriod": { "type": "string", "description": "Set the CPU CFS quota period value 'cpu.cfs_period_us'. The string must be a sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\". The value must be a positive duration." }, "cpuManagerPolicy": { "type": "string", "description": "Control the CPU management policy on the node. See https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/ The following values are allowed. * \"none\": the default, which represents the existing scheduling behavior. * \"static\": allows pods with certain resource characteristics to be granted increased CPU affinity and exclusivity on the node. The default value is 'none' if unspecified." }, "insecureKubeletReadonlyPortEnabled": { "type": "boolean", "description": "Enable or disable Kubelet read only port." }, "podPidsLimit": { "type": "string", "description": "Set the Pod PID limits. See https://kubernetes.io/docs/concepts/policy/pid-limiting/#pod-pid-limits Controls the maximum number of processes allowed to run in a pod. The value must be greater than or equal to 1024 and less than 4194304." } }, "type": "object" }, "google-native:container/v1beta1:NodeKubeletConfigResponse": { "description": "Node kubelet configs.", "properties": { "cpuCfsQuota": { "type": "boolean", "description": "Enable CPU CFS quota enforcement for containers that specify CPU limits. This option is enabled by default which makes kubelet use CFS quota (https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt) to enforce container CPU limits. Otherwise, CPU limits will not be enforced at all. Disable this option to mitigate CPU throttling problems while still having your pods to be in Guaranteed QoS class by specifying the CPU limits. The default value is 'true' if unspecified." }, "cpuCfsQuotaPeriod": { "type": "string", "description": "Set the CPU CFS quota period value 'cpu.cfs_period_us'. The string must be a sequence of decimal numbers, each with optional fraction and a unit suffix, such as \"300ms\". Valid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\". The value must be a positive duration." }, "cpuManagerPolicy": { "type": "string", "description": "Control the CPU management policy on the node. See https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/ The following values are allowed. * \"none\": the default, which represents the existing scheduling behavior. * \"static\": allows pods with certain resource characteristics to be granted increased CPU affinity and exclusivity on the node. The default value is 'none' if unspecified." }, "insecureKubeletReadonlyPortEnabled": { "type": "boolean", "description": "Enable or disable Kubelet read only port." }, "podPidsLimit": { "type": "string", "description": "Set the Pod PID limits. See https://kubernetes.io/docs/concepts/policy/pid-limiting/#pod-pid-limits Controls the maximum number of processes allowed to run in a pod. The value must be greater than or equal to 1024 and less than 4194304." } }, "type": "object", "required": [ "cpuCfsQuota", "cpuCfsQuotaPeriod", "cpuManagerPolicy", "insecureKubeletReadonlyPortEnabled", "podPidsLimit" ] }, "google-native:container/v1beta1:NodeLabels": { "description": "Collection of node-level [Kubernetes labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels).", "properties": { "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of node label keys and node label values." } }, "type": "object" }, "google-native:container/v1beta1:NodeManagement": { "description": "NodeManagement defines the set of node management services turned on for the node pool.", "properties": { "autoRepair": { "type": "boolean", "description": "Whether the nodes will be automatically repaired." }, "autoUpgrade": { "type": "boolean", "description": "Whether the nodes will be automatically upgraded." }, "upgradeOptions": { "$ref": "#/types/google-native:container%2Fv1beta1:AutoUpgradeOptions", "description": "Specifies the Auto Upgrade knobs for the node pool." } }, "type": "object" }, "google-native:container/v1beta1:NodeManagementResponse": { "description": "NodeManagement defines the set of node management services turned on for the node pool.", "properties": { "autoRepair": { "type": "boolean", "description": "Whether the nodes will be automatically repaired." }, "autoUpgrade": { "type": "boolean", "description": "Whether the nodes will be automatically upgraded." }, "upgradeOptions": { "$ref": "#/types/google-native:container%2Fv1beta1:AutoUpgradeOptionsResponse", "description": "Specifies the Auto Upgrade knobs for the node pool." } }, "type": "object", "required": [ "autoRepair", "autoUpgrade", "upgradeOptions" ] }, "google-native:container/v1beta1:NodeNetworkConfig": { "description": "Parameters for node pool-level network config.", "properties": { "additionalNodeNetworkConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1beta1:AdditionalNodeNetworkConfig" }, "description": "We specify the additional node networks for this node pool using this list. Each node network corresponds to an additional interface" }, "additionalPodNetworkConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1beta1:AdditionalPodNetworkConfig" }, "description": "We specify the additional pod networks for this node pool using this list. Each pod network corresponds to an additional alias IP range for the node" }, "createPodRange": { "type": "boolean", "description": "Input only. Whether to create a new range for pod IPs in this node pool. Defaults are provided for `pod_range` and `pod_ipv4_cidr_block` if they are not specified. If neither `create_pod_range` or `pod_range` are specified, the cluster-level default (`ip_allocation_policy.cluster_ipv4_cidr_block`) is used. Only applicable if `ip_allocation_policy.use_ip_aliases` is true. This field cannot be changed after the node pool has been created." }, "enablePrivateNodes": { "type": "boolean", "description": "Whether nodes have internal IP addresses only. If enable_private_nodes is not specified, then the value is derived from cluster.privateClusterConfig.enablePrivateNodes" }, "networkPerformanceConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:NetworkPerformanceConfig", "description": "Network bandwidth tier configuration." }, "podCidrOverprovisionConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:PodCIDROverprovisionConfig", "description": "[PRIVATE FIELD] Pod CIDR size overprovisioning config for the nodepool. Pod CIDR size per node depends on max_pods_per_node. By default, the value of max_pods_per_node is rounded off to next power of 2 and we then double that to get the size of pod CIDR block per node. Example: max_pods_per_node of 30 would result in 64 IPs (/26). This config can disable the doubling of IPs (we still round off to next power of 2) Example: max_pods_per_node of 30 will result in 32 IPs (/27) when overprovisioning is disabled." }, "podIpv4CidrBlock": { "type": "string", "description": "The IP address range for pod IPs in this node pool. Only applicable if `create_pod_range` is true. Set to blank to have a range chosen with the default size. Set to /netmask (e.g. `/14`) to have a range chosen with a specific netmask. Set to a [CIDR](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`) to pick a specific range to use. Only applicable if `ip_allocation_policy.use_ip_aliases` is true. This field cannot be changed after the node pool has been created." }, "podRange": { "type": "string", "description": "The ID of the secondary range for pod IPs. If `create_pod_range` is true, this ID is used for the new range. If `create_pod_range` is false, uses an existing secondary range with this ID. Only applicable if `ip_allocation_policy.use_ip_aliases` is true. This field cannot be changed after the node pool has been created." } }, "type": "object" }, "google-native:container/v1beta1:NodeNetworkConfigResponse": { "description": "Parameters for node pool-level network config.", "properties": { "additionalNodeNetworkConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1beta1:AdditionalNodeNetworkConfigResponse" }, "description": "We specify the additional node networks for this node pool using this list. Each node network corresponds to an additional interface" }, "additionalPodNetworkConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1beta1:AdditionalPodNetworkConfigResponse" }, "description": "We specify the additional pod networks for this node pool using this list. Each pod network corresponds to an additional alias IP range for the node" }, "createPodRange": { "type": "boolean", "description": "Input only. Whether to create a new range for pod IPs in this node pool. Defaults are provided for `pod_range` and `pod_ipv4_cidr_block` if they are not specified. If neither `create_pod_range` or `pod_range` are specified, the cluster-level default (`ip_allocation_policy.cluster_ipv4_cidr_block`) is used. Only applicable if `ip_allocation_policy.use_ip_aliases` is true. This field cannot be changed after the node pool has been created." }, "enablePrivateNodes": { "type": "boolean", "description": "Whether nodes have internal IP addresses only. If enable_private_nodes is not specified, then the value is derived from cluster.privateClusterConfig.enablePrivateNodes" }, "networkPerformanceConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:NetworkPerformanceConfigResponse", "description": "Network bandwidth tier configuration." }, "podCidrOverprovisionConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:PodCIDROverprovisionConfigResponse", "description": "[PRIVATE FIELD] Pod CIDR size overprovisioning config for the nodepool. Pod CIDR size per node depends on max_pods_per_node. By default, the value of max_pods_per_node is rounded off to next power of 2 and we then double that to get the size of pod CIDR block per node. Example: max_pods_per_node of 30 would result in 64 IPs (/26). This config can disable the doubling of IPs (we still round off to next power of 2) Example: max_pods_per_node of 30 will result in 32 IPs (/27) when overprovisioning is disabled." }, "podIpv4CidrBlock": { "type": "string", "description": "The IP address range for pod IPs in this node pool. Only applicable if `create_pod_range` is true. Set to blank to have a range chosen with the default size. Set to /netmask (e.g. `/14`) to have a range chosen with a specific netmask. Set to a [CIDR](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`) to pick a specific range to use. Only applicable if `ip_allocation_policy.use_ip_aliases` is true. This field cannot be changed after the node pool has been created." }, "podIpv4RangeUtilization": { "type": "number", "description": "[Output only] The utilization of the IPv4 range for the pod. The ratio is Usage/[Total number of IPs in the secondary range], Usage=numNodes*numZones*podIPsPerNode." }, "podRange": { "type": "string", "description": "The ID of the secondary range for pod IPs. If `create_pod_range` is true, this ID is used for the new range. If `create_pod_range` is false, uses an existing secondary range with this ID. Only applicable if `ip_allocation_policy.use_ip_aliases` is true. This field cannot be changed after the node pool has been created." } }, "type": "object", "required": [ "additionalNodeNetworkConfigs", "additionalPodNetworkConfigs", "createPodRange", "enablePrivateNodes", "networkPerformanceConfig", "podCidrOverprovisionConfig", "podIpv4CidrBlock", "podIpv4RangeUtilization", "podRange" ] }, "google-native:container/v1beta1:NodePool": { "description": "NodePool contains the name and configuration for a cluster's node pool. Node pools are a set of nodes (i.e. VM's), with a common configuration and specification, under the control of the cluster master. They may have a set of Kubernetes labels applied to them, which may be used to reference them during pod scheduling. They may also be resized up or down, to accommodate the workload.", "properties": { "autoscaling": { "$ref": "#/types/google-native:container%2Fv1beta1:NodePoolAutoscaling", "description": "Autoscaler configuration for this NodePool. Autoscaler is enabled only if a valid configuration is present." }, "bestEffortProvisioning": { "$ref": "#/types/google-native:container%2Fv1beta1:BestEffortProvisioning", "description": "Enable best effort provisioning for nodes" }, "conditions": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1beta1:StatusCondition" }, "description": "Which conditions caused the current node pool state." }, "config": { "$ref": "#/types/google-native:container%2Fv1beta1:NodeConfig", "description": "The node configuration of the pool." }, "etag": { "type": "string", "description": "This checksum is computed by the server based on the value of node pool fields, and may be sent on update requests to ensure the client has an up-to-date value before proceeding." }, "initialNodeCount": { "type": "integer", "description": "The initial node count for the pool. You must ensure that your Compute Engine [resource quota](https://cloud.google.com/compute/quotas) is sufficient for this number of instances. You must also have available firewall and routes quota." }, "locations": { "type": "array", "items": { "type": "string" }, "description": "The list of Google Compute Engine [zones](https://cloud.google.com/compute/docs/zones#available) in which the NodePool's nodes should be located. If this value is unspecified during node pool creation, the [Cluster.Locations](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters#Cluster.FIELDS.locations) value will be used, instead. Warning: changing node pool locations will result in nodes being added and/or removed." }, "management": { "$ref": "#/types/google-native:container%2Fv1beta1:NodeManagement", "description": "NodeManagement configuration for this NodePool." }, "maxPodsConstraint": { "$ref": "#/types/google-native:container%2Fv1beta1:MaxPodsConstraint", "description": "The constraint on the maximum number of pods that can be run simultaneously on a node in the node pool." }, "name": { "type": "string", "description": "The name of the node pool." }, "networkConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:NodeNetworkConfig", "description": "Networking configuration for this NodePool. If specified, it overrides the cluster-level defaults." }, "placementPolicy": { "$ref": "#/types/google-native:container%2Fv1beta1:PlacementPolicy", "description": "Specifies the node placement policy." }, "queuedProvisioning": { "$ref": "#/types/google-native:container%2Fv1beta1:QueuedProvisioning", "description": "Specifies the configuration of queued provisioning." }, "upgradeSettings": { "$ref": "#/types/google-native:container%2Fv1beta1:UpgradeSettings", "description": "Upgrade settings control disruption and speed of the upgrade." }, "version": { "type": "string", "description": "The version of Kubernetes running on this NodePool's nodes. If unspecified, it defaults as described [here](https://cloud.google.com/kubernetes-engine/versioning#specifying_node_version)." } }, "type": "object" }, "google-native:container/v1beta1:NodePoolAutoConfig": { "description": "node pool configs that apply to all auto-provisioned node pools in autopilot clusters and node auto-provisioning enabled clusters", "properties": { "networkTags": { "$ref": "#/types/google-native:container%2Fv1beta1:NetworkTags", "description": "The list of instance tags applied to all nodes. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during cluster creation. Each tag within the list must comply with RFC1035." }, "resourceManagerTags": { "$ref": "#/types/google-native:container%2Fv1beta1:ResourceManagerTags", "description": "Resource manager tag keys and values to be attached to the nodes for managing Compute Engine firewalls using Network Firewall Policies." } }, "type": "object" }, "google-native:container/v1beta1:NodePoolAutoConfigResponse": { "description": "node pool configs that apply to all auto-provisioned node pools in autopilot clusters and node auto-provisioning enabled clusters", "properties": { "networkTags": { "$ref": "#/types/google-native:container%2Fv1beta1:NetworkTagsResponse", "description": "The list of instance tags applied to all nodes. Tags are used to identify valid sources or targets for network firewalls and are specified by the client during cluster creation. Each tag within the list must comply with RFC1035." }, "resourceManagerTags": { "$ref": "#/types/google-native:container%2Fv1beta1:ResourceManagerTagsResponse", "description": "Resource manager tag keys and values to be attached to the nodes for managing Compute Engine firewalls using Network Firewall Policies." } }, "type": "object", "required": [ "networkTags", "resourceManagerTags" ] }, "google-native:container/v1beta1:NodePoolAutoscaling": { "description": "NodePoolAutoscaling contains information required by cluster autoscaler to adjust the size of the node pool to the current cluster usage.", "properties": { "autoprovisioned": { "type": "boolean", "description": "Can this node pool be deleted automatically." }, "enabled": { "type": "boolean", "description": "Is autoscaling enabled for this node pool." }, "locationPolicy": { "$ref": "#/types/google-native:container%2Fv1beta1:NodePoolAutoscalingLocationPolicy", "description": "Location policy used when scaling up a nodepool." }, "maxNodeCount": { "type": "integer", "description": "Maximum number of nodes for one location in the NodePool. Must be >= min_node_count. There has to be enough quota to scale up the cluster." }, "minNodeCount": { "type": "integer", "description": "Minimum number of nodes for one location in the NodePool. Must be >= 1 and <= max_node_count." }, "totalMaxNodeCount": { "type": "integer", "description": "Maximum number of nodes in the node pool. Must be greater than total_min_node_count. There has to be enough quota to scale up the cluster. The total_*_node_count fields are mutually exclusive with the *_node_count fields." }, "totalMinNodeCount": { "type": "integer", "description": "Minimum number of nodes in the node pool. Must be greater than 1 less than total_max_node_count. The total_*_node_count fields are mutually exclusive with the *_node_count fields." } }, "type": "object" }, "google-native:container/v1beta1:NodePoolAutoscalingLocationPolicy": { "description": "Location policy used when scaling up a nodepool.", "type": "string", "enum": [ { "name": "LocationPolicyUnspecified", "description": "Not set.", "value": "LOCATION_POLICY_UNSPECIFIED" }, { "name": "Balanced", "description": "BALANCED is a best effort policy that aims to balance the sizes of different zones.", "value": "BALANCED" }, { "name": "Any", "description": "ANY policy picks zones that have the highest capacity available.", "value": "ANY" } ] }, "google-native:container/v1beta1:NodePoolAutoscalingResponse": { "description": "NodePoolAutoscaling contains information required by cluster autoscaler to adjust the size of the node pool to the current cluster usage.", "properties": { "autoprovisioned": { "type": "boolean", "description": "Can this node pool be deleted automatically." }, "enabled": { "type": "boolean", "description": "Is autoscaling enabled for this node pool." }, "locationPolicy": { "type": "string", "description": "Location policy used when scaling up a nodepool." }, "maxNodeCount": { "type": "integer", "description": "Maximum number of nodes for one location in the NodePool. Must be >= min_node_count. There has to be enough quota to scale up the cluster." }, "minNodeCount": { "type": "integer", "description": "Minimum number of nodes for one location in the NodePool. Must be >= 1 and <= max_node_count." }, "totalMaxNodeCount": { "type": "integer", "description": "Maximum number of nodes in the node pool. Must be greater than total_min_node_count. There has to be enough quota to scale up the cluster. The total_*_node_count fields are mutually exclusive with the *_node_count fields." }, "totalMinNodeCount": { "type": "integer", "description": "Minimum number of nodes in the node pool. Must be greater than 1 less than total_max_node_count. The total_*_node_count fields are mutually exclusive with the *_node_count fields." } }, "type": "object", "required": [ "autoprovisioned", "enabled", "locationPolicy", "maxNodeCount", "minNodeCount", "totalMaxNodeCount", "totalMinNodeCount" ] }, "google-native:container/v1beta1:NodePoolDefaults": { "description": "Subset of Nodepool message that has defaults.", "properties": { "nodeConfigDefaults": { "$ref": "#/types/google-native:container%2Fv1beta1:NodeConfigDefaults", "description": "Subset of NodeConfig message that has defaults." } }, "type": "object" }, "google-native:container/v1beta1:NodePoolDefaultsResponse": { "description": "Subset of Nodepool message that has defaults.", "properties": { "nodeConfigDefaults": { "$ref": "#/types/google-native:container%2Fv1beta1:NodeConfigDefaultsResponse", "description": "Subset of NodeConfig message that has defaults." } }, "type": "object", "required": [ "nodeConfigDefaults" ] }, "google-native:container/v1beta1:NodePoolLoggingConfig": { "description": "NodePoolLoggingConfig specifies logging configuration for nodepools.", "properties": { "variantConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:LoggingVariantConfig", "description": "Logging variant configuration." } }, "type": "object" }, "google-native:container/v1beta1:NodePoolLoggingConfigResponse": { "description": "NodePoolLoggingConfig specifies logging configuration for nodepools.", "properties": { "variantConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:LoggingVariantConfigResponse", "description": "Logging variant configuration." } }, "type": "object", "required": [ "variantConfig" ] }, "google-native:container/v1beta1:NodePoolResponse": { "description": "NodePool contains the name and configuration for a cluster's node pool. Node pools are a set of nodes (i.e. VM's), with a common configuration and specification, under the control of the cluster master. They may have a set of Kubernetes labels applied to them, which may be used to reference them during pod scheduling. They may also be resized up or down, to accommodate the workload.", "properties": { "autoscaling": { "$ref": "#/types/google-native:container%2Fv1beta1:NodePoolAutoscalingResponse", "description": "Autoscaler configuration for this NodePool. Autoscaler is enabled only if a valid configuration is present." }, "bestEffortProvisioning": { "$ref": "#/types/google-native:container%2Fv1beta1:BestEffortProvisioningResponse", "description": "Enable best effort provisioning for nodes" }, "conditions": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1beta1:StatusConditionResponse" }, "description": "Which conditions caused the current node pool state." }, "config": { "$ref": "#/types/google-native:container%2Fv1beta1:NodeConfigResponse", "description": "The node configuration of the pool." }, "etag": { "type": "string", "description": "This checksum is computed by the server based on the value of node pool fields, and may be sent on update requests to ensure the client has an up-to-date value before proceeding." }, "initialNodeCount": { "type": "integer", "description": "The initial node count for the pool. You must ensure that your Compute Engine [resource quota](https://cloud.google.com/compute/quotas) is sufficient for this number of instances. You must also have available firewall and routes quota." }, "instanceGroupUrls": { "type": "array", "items": { "type": "string" }, "description": "[Output only] The resource URLs of the [managed instance groups](https://cloud.google.com/compute/docs/instance-groups/creating-groups-of-managed-instances) associated with this node pool. During the node pool blue-green upgrade operation, the URLs contain both blue and green resources." }, "locations": { "type": "array", "items": { "type": "string" }, "description": "The list of Google Compute Engine [zones](https://cloud.google.com/compute/docs/zones#available) in which the NodePool's nodes should be located. If this value is unspecified during node pool creation, the [Cluster.Locations](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters#Cluster.FIELDS.locations) value will be used, instead. Warning: changing node pool locations will result in nodes being added and/or removed." }, "management": { "$ref": "#/types/google-native:container%2Fv1beta1:NodeManagementResponse", "description": "NodeManagement configuration for this NodePool." }, "maxPodsConstraint": { "$ref": "#/types/google-native:container%2Fv1beta1:MaxPodsConstraintResponse", "description": "The constraint on the maximum number of pods that can be run simultaneously on a node in the node pool." }, "name": { "type": "string", "description": "The name of the node pool." }, "networkConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:NodeNetworkConfigResponse", "description": "Networking configuration for this NodePool. If specified, it overrides the cluster-level defaults." }, "placementPolicy": { "$ref": "#/types/google-native:container%2Fv1beta1:PlacementPolicyResponse", "description": "Specifies the node placement policy." }, "podIpv4CidrSize": { "type": "integer", "description": "[Output only] The pod CIDR block size per node in this node pool." }, "queuedProvisioning": { "$ref": "#/types/google-native:container%2Fv1beta1:QueuedProvisioningResponse", "description": "Specifies the configuration of queued provisioning." }, "selfLink": { "type": "string", "description": "[Output only] Server-defined URL for the resource." }, "status": { "type": "string", "description": "[Output only] The status of the nodes in this pool instance." }, "statusMessage": { "type": "string", "description": "[Output only] Deprecated. Use conditions instead. Additional information about the current status of this node pool instance, if available.", "deprecationMessage": "[Output only] Deprecated. Use conditions instead. Additional information about the current status of this node pool instance, if available." }, "updateInfo": { "$ref": "#/types/google-native:container%2Fv1beta1:UpdateInfoResponse", "description": "[Output only] Update info contains relevant information during a node pool update." }, "upgradeSettings": { "$ref": "#/types/google-native:container%2Fv1beta1:UpgradeSettingsResponse", "description": "Upgrade settings control disruption and speed of the upgrade." }, "version": { "type": "string", "description": "The version of Kubernetes running on this NodePool's nodes. If unspecified, it defaults as described [here](https://cloud.google.com/kubernetes-engine/versioning#specifying_node_version)." } }, "type": "object", "required": [ "autoscaling", "bestEffortProvisioning", "conditions", "config", "etag", "initialNodeCount", "instanceGroupUrls", "locations", "management", "maxPodsConstraint", "name", "networkConfig", "placementPolicy", "podIpv4CidrSize", "queuedProvisioning", "selfLink", "status", "statusMessage", "updateInfo", "upgradeSettings", "version" ] }, "google-native:container/v1beta1:NodeTaint": { "description": "Kubernetes taint is composed of three fields: key, value, and effect. Effect can only be one of three types: NoSchedule, PreferNoSchedule or NoExecute. See [here](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration) for more information, including usage and the valid values.", "properties": { "effect": { "$ref": "#/types/google-native:container%2Fv1beta1:NodeTaintEffect", "description": "Effect for taint." }, "key": { "type": "string", "description": "Key for taint." }, "value": { "type": "string", "description": "Value for taint." } }, "type": "object" }, "google-native:container/v1beta1:NodeTaintEffect": { "description": "Effect for taint.", "type": "string", "enum": [ { "name": "EffectUnspecified", "description": "Not set", "value": "EFFECT_UNSPECIFIED" }, { "name": "NoSchedule", "description": "NoSchedule", "value": "NO_SCHEDULE" }, { "name": "PreferNoSchedule", "description": "PreferNoSchedule", "value": "PREFER_NO_SCHEDULE" }, { "name": "NoExecute", "description": "NoExecute", "value": "NO_EXECUTE" } ] }, "google-native:container/v1beta1:NodeTaintResponse": { "description": "Kubernetes taint is composed of three fields: key, value, and effect. Effect can only be one of three types: NoSchedule, PreferNoSchedule or NoExecute. See [here](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration) for more information, including usage and the valid values.", "properties": { "effect": { "type": "string", "description": "Effect for taint." }, "key": { "type": "string", "description": "Key for taint." }, "value": { "type": "string", "description": "Value for taint." } }, "type": "object", "required": [ "effect", "key", "value" ] }, "google-native:container/v1beta1:NodeTaints": { "description": "Collection of Kubernetes [node taints](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration).", "properties": { "taints": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1beta1:NodeTaint" }, "description": "List of node taints." } }, "type": "object" }, "google-native:container/v1beta1:NotificationConfig": { "description": "NotificationConfig is the configuration of notifications.", "properties": { "pubsub": { "$ref": "#/types/google-native:container%2Fv1beta1:PubSub", "description": "Notification config for Pub/Sub." } }, "type": "object" }, "google-native:container/v1beta1:NotificationConfigResponse": { "description": "NotificationConfig is the configuration of notifications.", "properties": { "pubsub": { "$ref": "#/types/google-native:container%2Fv1beta1:PubSubResponse", "description": "Notification config for Pub/Sub." } }, "type": "object", "required": [ "pubsub" ] }, "google-native:container/v1beta1:OpportunisticMaintenanceStrategy": { "description": "Strategy that will trigger maintenance on behalf of the customer.", "properties": { "maintenanceAvailabilityWindow": { "type": "string", "description": "The window of time that opportunistic maintenance can run. Example: A setting of 14 days implies that opportunistic maintenance can only be ran in the 2 weeks leading up to the scheduled maintenance date. Setting 28 days allows opportunistic maintenance to run at any time in the scheduled maintenance window (all `PERIODIC` maintenance is set 28 days in advance)." }, "minNodesPerPool": { "type": "string", "description": "The minimum nodes required to be available in a pool. Blocks maintenance if it would cause the number of running nodes to dip below this value." }, "nodeIdleTimeWindow": { "type": "string", "description": "The amount of time that a node can remain idle (no customer owned workloads running), before triggering maintenance." } }, "type": "object" }, "google-native:container/v1beta1:OpportunisticMaintenanceStrategyResponse": { "description": "Strategy that will trigger maintenance on behalf of the customer.", "properties": { "maintenanceAvailabilityWindow": { "type": "string", "description": "The window of time that opportunistic maintenance can run. Example: A setting of 14 days implies that opportunistic maintenance can only be ran in the 2 weeks leading up to the scheduled maintenance date. Setting 28 days allows opportunistic maintenance to run at any time in the scheduled maintenance window (all `PERIODIC` maintenance is set 28 days in advance)." }, "minNodesPerPool": { "type": "string", "description": "The minimum nodes required to be available in a pool. Blocks maintenance if it would cause the number of running nodes to dip below this value." }, "nodeIdleTimeWindow": { "type": "string", "description": "The amount of time that a node can remain idle (no customer owned workloads running), before triggering maintenance." } }, "type": "object", "required": [ "maintenanceAvailabilityWindow", "minNodesPerPool", "nodeIdleTimeWindow" ] }, "google-native:container/v1beta1:ParentProductConfig": { "description": "ParentProductConfig is the configuration of the parent product of the cluster. This field is used by Google internal products that are built on top of a GKE cluster and take the ownership of the cluster.", "properties": { "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels contain the configuration of the parent product." }, "productName": { "type": "string", "description": "Name of the parent product associated with the cluster." } }, "type": "object" }, "google-native:container/v1beta1:ParentProductConfigResponse": { "description": "ParentProductConfig is the configuration of the parent product of the cluster. This field is used by Google internal products that are built on top of a GKE cluster and take the ownership of the cluster.", "properties": { "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels contain the configuration of the parent product." }, "productName": { "type": "string", "description": "Name of the parent product associated with the cluster." } }, "type": "object", "required": [ "labels", "productName" ] }, "google-native:container/v1beta1:PlacementPolicy": { "description": "PlacementPolicy defines the placement policy used by the node pool.", "properties": { "policyName": { "type": "string", "description": "If set, refers to the name of a custom resource policy supplied by the user. The resource policy must be in the same project and region as the node pool. If not found, InvalidArgument error is returned." }, "tpuTopology": { "type": "string", "description": "TPU placement topology for pod slice node pool. https://cloud.google.com/tpu/docs/types-topologies#tpu_topologies" }, "type": { "$ref": "#/types/google-native:container%2Fv1beta1:PlacementPolicyType", "description": "The type of placement." } }, "type": "object" }, "google-native:container/v1beta1:PlacementPolicyResponse": { "description": "PlacementPolicy defines the placement policy used by the node pool.", "properties": { "policyName": { "type": "string", "description": "If set, refers to the name of a custom resource policy supplied by the user. The resource policy must be in the same project and region as the node pool. If not found, InvalidArgument error is returned." }, "tpuTopology": { "type": "string", "description": "TPU placement topology for pod slice node pool. https://cloud.google.com/tpu/docs/types-topologies#tpu_topologies" }, "type": { "type": "string", "description": "The type of placement." } }, "type": "object", "required": [ "policyName", "tpuTopology", "type" ] }, "google-native:container/v1beta1:PlacementPolicyType": { "description": "The type of placement.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "TYPE_UNSPECIFIED specifies no requirements on nodes placement.", "value": "TYPE_UNSPECIFIED" }, { "name": "Compact", "description": "COMPACT specifies node placement in the same availability domain to ensure low communication latency.", "value": "COMPACT" } ] }, "google-native:container/v1beta1:PodCIDROverprovisionConfig": { "description": "[PRIVATE FIELD] Config for pod CIDR size overprovisioning.", "properties": { "disable": { "type": "boolean", "description": "Whether Pod CIDR overprovisioning is disabled. Note: Pod CIDR overprovisioning is enabled by default." } }, "type": "object" }, "google-native:container/v1beta1:PodCIDROverprovisionConfigResponse": { "description": "[PRIVATE FIELD] Config for pod CIDR size overprovisioning.", "properties": { "disable": { "type": "boolean", "description": "Whether Pod CIDR overprovisioning is disabled. Note: Pod CIDR overprovisioning is enabled by default." } }, "type": "object", "required": [ "disable" ] }, "google-native:container/v1beta1:PodSecurityPolicyConfig": { "description": "Configuration for the PodSecurityPolicy feature.", "properties": { "enabled": { "type": "boolean", "description": "Enable the PodSecurityPolicy controller for this cluster. If enabled, pods must be valid under a PodSecurityPolicy to be created." } }, "type": "object" }, "google-native:container/v1beta1:PodSecurityPolicyConfigResponse": { "description": "Configuration for the PodSecurityPolicy feature.", "properties": { "enabled": { "type": "boolean", "description": "Enable the PodSecurityPolicy controller for this cluster. If enabled, pods must be valid under a PodSecurityPolicy to be created." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1beta1:PolicyBinding": { "description": "Binauthz policy that applies to this cluster.", "properties": { "name": { "type": "string", "description": "The relative resource name of the binauthz platform policy to audit. GKE platform policies have the following format: `projects/{project_number}/platforms/gke/policies/{policy_id}`." } }, "type": "object" }, "google-native:container/v1beta1:PolicyBindingResponse": { "description": "Binauthz policy that applies to this cluster.", "properties": { "name": { "type": "string", "description": "The relative resource name of the binauthz platform policy to audit. GKE platform policies have the following format: `projects/{project_number}/platforms/gke/policies/{policy_id}`." } }, "type": "object", "required": [ "name" ] }, "google-native:container/v1beta1:PrivateClusterConfig": { "description": "Configuration options for private clusters.", "properties": { "enablePrivateEndpoint": { "type": "boolean", "description": "Whether the master's internal IP address is used as the cluster endpoint." }, "enablePrivateNodes": { "type": "boolean", "description": "Whether nodes have internal IP addresses only. If enabled, all nodes are given only RFC 1918 private addresses and communicate with the master via private networking." }, "masterGlobalAccessConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:PrivateClusterMasterGlobalAccessConfig", "description": "Controls master global access settings." }, "masterIpv4CidrBlock": { "type": "string", "description": "The IP range in CIDR notation to use for the hosted master network. This range will be used for assigning internal IP addresses to the master or set of masters, as well as the ILB VIP. This range must not overlap with any other ranges in use within the cluster's network." }, "privateEndpointSubnetwork": { "type": "string", "description": "Subnet to provision the master's private endpoint during cluster creation. Specified in projects/*/regions/*/subnetworks/* format." } }, "type": "object" }, "google-native:container/v1beta1:PrivateClusterConfigResponse": { "description": "Configuration options for private clusters.", "properties": { "enablePrivateEndpoint": { "type": "boolean", "description": "Whether the master's internal IP address is used as the cluster endpoint." }, "enablePrivateNodes": { "type": "boolean", "description": "Whether nodes have internal IP addresses only. If enabled, all nodes are given only RFC 1918 private addresses and communicate with the master via private networking." }, "masterGlobalAccessConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:PrivateClusterMasterGlobalAccessConfigResponse", "description": "Controls master global access settings." }, "masterIpv4CidrBlock": { "type": "string", "description": "The IP range in CIDR notation to use for the hosted master network. This range will be used for assigning internal IP addresses to the master or set of masters, as well as the ILB VIP. This range must not overlap with any other ranges in use within the cluster's network." }, "peeringName": { "type": "string", "description": "The peering name in the customer VPC used by this cluster." }, "privateEndpoint": { "type": "string", "description": "The internal IP address of this cluster's master endpoint." }, "privateEndpointSubnetwork": { "type": "string", "description": "Subnet to provision the master's private endpoint during cluster creation. Specified in projects/*/regions/*/subnetworks/* format." }, "publicEndpoint": { "type": "string", "description": "The external IP address of this cluster's master endpoint." } }, "type": "object", "required": [ "enablePrivateEndpoint", "enablePrivateNodes", "masterGlobalAccessConfig", "masterIpv4CidrBlock", "peeringName", "privateEndpoint", "privateEndpointSubnetwork", "publicEndpoint" ] }, "google-native:container/v1beta1:PrivateClusterMasterGlobalAccessConfig": { "description": "Configuration for controlling master global access settings.", "properties": { "enabled": { "type": "boolean", "description": "Whenever master is accessible globally or not." } }, "type": "object" }, "google-native:container/v1beta1:PrivateClusterMasterGlobalAccessConfigResponse": { "description": "Configuration for controlling master global access settings.", "properties": { "enabled": { "type": "boolean", "description": "Whenever master is accessible globally or not." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1beta1:ProtectConfig": { "description": "ProtectConfig defines the flags needed to enable/disable features for the Protect API.", "properties": { "workloadConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:WorkloadConfig", "description": "WorkloadConfig defines which actions are enabled for a cluster's workload configurations." }, "workloadVulnerabilityMode": { "$ref": "#/types/google-native:container%2Fv1beta1:ProtectConfigWorkloadVulnerabilityMode", "description": "Sets which mode to use for Protect workload vulnerability scanning feature." } }, "type": "object" }, "google-native:container/v1beta1:ProtectConfigResponse": { "description": "ProtectConfig defines the flags needed to enable/disable features for the Protect API.", "properties": { "workloadConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:WorkloadConfigResponse", "description": "WorkloadConfig defines which actions are enabled for a cluster's workload configurations." }, "workloadVulnerabilityMode": { "type": "string", "description": "Sets which mode to use for Protect workload vulnerability scanning feature." } }, "type": "object", "required": [ "workloadConfig", "workloadVulnerabilityMode" ] }, "google-native:container/v1beta1:ProtectConfigWorkloadVulnerabilityMode": { "description": "Sets which mode to use for Protect workload vulnerability scanning feature.", "type": "string", "enum": [ { "name": "WorkloadVulnerabilityModeUnspecified", "description": "Default value not specified.", "value": "WORKLOAD_VULNERABILITY_MODE_UNSPECIFIED" }, { "name": "Disabled", "description": "Disables Workload Vulnerability Scanning feature on the cluster.", "value": "DISABLED" }, { "name": "Basic", "description": "Applies basic vulnerability scanning settings for cluster workloads.", "value": "BASIC" } ] }, "google-native:container/v1beta1:PubSub": { "description": "Pub/Sub specific notification config.", "properties": { "enabled": { "type": "boolean", "description": "Enable notifications for Pub/Sub." }, "filter": { "$ref": "#/types/google-native:container%2Fv1beta1:Filter", "description": "Allows filtering to one or more specific event types. If no filter is specified, or if a filter is specified with no event types, all event types will be sent" }, "topic": { "type": "string", "description": "The desired Pub/Sub topic to which notifications will be sent by GKE. Format is `projects/{project}/topics/{topic}`." } }, "type": "object" }, "google-native:container/v1beta1:PubSubResponse": { "description": "Pub/Sub specific notification config.", "properties": { "enabled": { "type": "boolean", "description": "Enable notifications for Pub/Sub." }, "filter": { "$ref": "#/types/google-native:container%2Fv1beta1:FilterResponse", "description": "Allows filtering to one or more specific event types. If no filter is specified, or if a filter is specified with no event types, all event types will be sent" }, "topic": { "type": "string", "description": "The desired Pub/Sub topic to which notifications will be sent by GKE. Format is `projects/{project}/topics/{topic}`." } }, "type": "object", "required": [ "enabled", "filter", "topic" ] }, "google-native:container/v1beta1:QueuedProvisioning": { "description": "QueuedProvisioning defines the queued provisioning used by the node pool.", "properties": { "enabled": { "type": "boolean", "description": "Denotes that this nodepool is QRM specific, meaning nodes can be only obtained through queuing via the Cluster Autoscaler ProvisioningRequest API." } }, "type": "object" }, "google-native:container/v1beta1:QueuedProvisioningResponse": { "description": "QueuedProvisioning defines the queued provisioning used by the node pool.", "properties": { "enabled": { "type": "boolean", "description": "Denotes that this nodepool is QRM specific, meaning nodes can be only obtained through queuing via the Cluster Autoscaler ProvisioningRequest API." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1beta1:RangeInfoResponse": { "description": "RangeInfo contains the range name and the range utilization by this cluster.", "properties": { "rangeName": { "type": "string", "description": "[Output only] Name of a range." }, "utilization": { "type": "number", "description": "[Output only] The utilization of the range." } }, "type": "object", "required": [ "rangeName", "utilization" ] }, "google-native:container/v1beta1:RecurringTimeWindow": { "description": "Represents an arbitrary window of time that recurs.", "properties": { "recurrence": { "type": "string", "description": "An RRULE (https://tools.ietf.org/html/rfc5545#section-3.8.5.3) for how this window reccurs. They go on for the span of time between the start and end time. For example, to have something repeat every weekday, you'd use: `FREQ=WEEKLY;BYDAY=MO,TU,WE,TH,FR` To repeat some window daily (equivalent to the DailyMaintenanceWindow): `FREQ=DAILY` For the first weekend of every month: `FREQ=MONTHLY;BYSETPOS=1;BYDAY=SA,SU` This specifies how frequently the window starts. Eg, if you wanted to have a 9-5 UTC-4 window every weekday, you'd use something like: ``` start time = 2019-01-01T09:00:00-0400 end time = 2019-01-01T17:00:00-0400 recurrence = FREQ=WEEKLY;BYDAY=MO,TU,WE,TH,FR ``` Windows can span multiple days. Eg, to make the window encompass every weekend from midnight Saturday till the last minute of Sunday UTC: ``` start time = 2019-01-05T00:00:00Z end time = 2019-01-07T23:59:00Z recurrence = FREQ=WEEKLY;BYDAY=SA ``` Note the start and end time's specific dates are largely arbitrary except to specify duration of the window and when it first starts. The FREQ values of HOURLY, MINUTELY, and SECONDLY are not supported." }, "window": { "$ref": "#/types/google-native:container%2Fv1beta1:TimeWindow", "description": "The window of the first recurrence." } }, "type": "object" }, "google-native:container/v1beta1:RecurringTimeWindowResponse": { "description": "Represents an arbitrary window of time that recurs.", "properties": { "recurrence": { "type": "string", "description": "An RRULE (https://tools.ietf.org/html/rfc5545#section-3.8.5.3) for how this window reccurs. They go on for the span of time between the start and end time. For example, to have something repeat every weekday, you'd use: `FREQ=WEEKLY;BYDAY=MO,TU,WE,TH,FR` To repeat some window daily (equivalent to the DailyMaintenanceWindow): `FREQ=DAILY` For the first weekend of every month: `FREQ=MONTHLY;BYSETPOS=1;BYDAY=SA,SU` This specifies how frequently the window starts. Eg, if you wanted to have a 9-5 UTC-4 window every weekday, you'd use something like: ``` start time = 2019-01-01T09:00:00-0400 end time = 2019-01-01T17:00:00-0400 recurrence = FREQ=WEEKLY;BYDAY=MO,TU,WE,TH,FR ``` Windows can span multiple days. Eg, to make the window encompass every weekend from midnight Saturday till the last minute of Sunday UTC: ``` start time = 2019-01-05T00:00:00Z end time = 2019-01-07T23:59:00Z recurrence = FREQ=WEEKLY;BYDAY=SA ``` Note the start and end time's specific dates are largely arbitrary except to specify duration of the window and when it first starts. The FREQ values of HOURLY, MINUTELY, and SECONDLY are not supported." }, "window": { "$ref": "#/types/google-native:container%2Fv1beta1:TimeWindowResponse", "description": "The window of the first recurrence." } }, "type": "object", "required": [ "recurrence", "window" ] }, "google-native:container/v1beta1:ReleaseChannel": { "description": "ReleaseChannel indicates which release channel a cluster is subscribed to. Release channels are arranged in order of risk. When a cluster is subscribed to a release channel, Google maintains both the master version and the node version. Node auto-upgrade defaults to true and cannot be disabled.", "properties": { "channel": { "$ref": "#/types/google-native:container%2Fv1beta1:ReleaseChannelChannel", "description": "channel specifies which release channel the cluster is subscribed to." } }, "type": "object" }, "google-native:container/v1beta1:ReleaseChannelChannel": { "description": "channel specifies which release channel the cluster is subscribed to.", "type": "string", "enum": [ { "name": "Unspecified", "description": "No channel specified.", "value": "UNSPECIFIED" }, { "name": "Rapid", "description": "RAPID channel is offered on an early access basis for customers who want to test new releases. WARNING: Versions available in the RAPID Channel may be subject to unresolved issues with no known workaround and are not subject to any SLAs.", "value": "RAPID" }, { "name": "Regular", "description": "Clusters subscribed to REGULAR receive versions that are considered GA quality. REGULAR is intended for production users who want to take advantage of new features.", "value": "REGULAR" }, { "name": "Stable", "description": "Clusters subscribed to STABLE receive versions that are known to be stable and reliable in production.", "value": "STABLE" } ] }, "google-native:container/v1beta1:ReleaseChannelConfigResponse": { "description": "ReleaseChannelConfig exposes configuration for a release channel.", "properties": { "availableVersions": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1beta1:AvailableVersionResponse" }, "description": "Deprecated. This field has been deprecated and replaced with the valid_versions field.", "deprecationMessage": "Deprecated. This field has been deprecated and replaced with the valid_versions field." }, "channel": { "type": "string", "description": "The release channel this configuration applies to." }, "defaultVersion": { "type": "string", "description": "The default version for newly created clusters on the channel." }, "validVersions": { "type": "array", "items": { "type": "string" }, "description": "List of valid versions for the channel." } }, "type": "object", "required": [ "availableVersions", "channel", "defaultVersion", "validVersions" ] }, "google-native:container/v1beta1:ReleaseChannelResponse": { "description": "ReleaseChannel indicates which release channel a cluster is subscribed to. Release channels are arranged in order of risk. When a cluster is subscribed to a release channel, Google maintains both the master version and the node version. Node auto-upgrade defaults to true and cannot be disabled.", "properties": { "channel": { "type": "string", "description": "channel specifies which release channel the cluster is subscribed to." } }, "type": "object", "required": [ "channel" ] }, "google-native:container/v1beta1:ReservationAffinity": { "description": "[ReservationAffinity](https://cloud.google.com/compute/docs/instances/reserving-zonal-resources) is the configuration of desired reservation which instances could take capacity from.", "properties": { "consumeReservationType": { "$ref": "#/types/google-native:container%2Fv1beta1:ReservationAffinityConsumeReservationType", "description": "Corresponds to the type of reservation consumption." }, "key": { "type": "string", "description": "Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify \"compute.googleapis.com/reservation-name\" as the key and specify the name of your reservation as its value." }, "values": { "type": "array", "items": { "type": "string" }, "description": "Corresponds to the label value(s) of reservation resource(s)." } }, "type": "object" }, "google-native:container/v1beta1:ReservationAffinityConsumeReservationType": { "description": "Corresponds to the type of reservation consumption.", "type": "string", "enum": [ { "name": "Unspecified", "description": "Default value. This should not be used.", "value": "UNSPECIFIED" }, { "name": "NoReservation", "description": "Do not consume from any reserved capacity.", "value": "NO_RESERVATION" }, { "name": "AnyReservation", "description": "Consume any reservation available.", "value": "ANY_RESERVATION" }, { "name": "SpecificReservation", "description": "Must consume from a specific reservation. Must specify key value fields for specifying the reservations.", "value": "SPECIFIC_RESERVATION" } ] }, "google-native:container/v1beta1:ReservationAffinityResponse": { "description": "[ReservationAffinity](https://cloud.google.com/compute/docs/instances/reserving-zonal-resources) is the configuration of desired reservation which instances could take capacity from.", "properties": { "consumeReservationType": { "type": "string", "description": "Corresponds to the type of reservation consumption." }, "key": { "type": "string", "description": "Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify \"compute.googleapis.com/reservation-name\" as the key and specify the name of your reservation as its value." }, "values": { "type": "array", "items": { "type": "string" }, "description": "Corresponds to the label value(s) of reservation resource(s)." } }, "type": "object", "required": [ "consumeReservationType", "key", "values" ] }, "google-native:container/v1beta1:ResourceLabels": { "description": "Collection of [GCP labels](https://cloud.google.com/resource-manager/docs/creating-managing-labels).", "properties": { "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of node label keys and node label values." } }, "type": "object" }, "google-native:container/v1beta1:ResourceLimit": { "description": "Contains information about amount of some resource in the cluster. For memory, value should be in GB.", "properties": { "maximum": { "type": "string", "description": "Maximum amount of the resource in the cluster." }, "minimum": { "type": "string", "description": "Minimum amount of the resource in the cluster." }, "resourceType": { "type": "string", "description": "Resource name \"cpu\", \"memory\" or gpu-specific string." } }, "type": "object" }, "google-native:container/v1beta1:ResourceLimitResponse": { "description": "Contains information about amount of some resource in the cluster. For memory, value should be in GB.", "properties": { "maximum": { "type": "string", "description": "Maximum amount of the resource in the cluster." }, "minimum": { "type": "string", "description": "Minimum amount of the resource in the cluster." }, "resourceType": { "type": "string", "description": "Resource name \"cpu\", \"memory\" or gpu-specific string." } }, "type": "object", "required": [ "maximum", "minimum", "resourceType" ] }, "google-native:container/v1beta1:ResourceManagerTags": { "description": "A map of resource manager tag keys and values to be attached to the nodes for managing Compute Engine firewalls using Network Firewall Policies. Tags must be according to specifications in https://cloud.google.com/vpc/docs/tags-firewalls-overview#specifications. A maximum of 5 tag key-value pairs can be specified. Existing tags will be replaced with new values.", "properties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags must be in one of the following formats ([KEY]=[VALUE]) 1. `tagKeys/{tag_key_id}=tagValues/{tag_value_id}` 2. `{org_id}/{tag_key_name}={tag_value_name}` 3. `{project_id}/{tag_key_name}={tag_value_name}`" } }, "type": "object" }, "google-native:container/v1beta1:ResourceManagerTagsResponse": { "description": "A map of resource manager tag keys and values to be attached to the nodes for managing Compute Engine firewalls using Network Firewall Policies. Tags must be according to specifications in https://cloud.google.com/vpc/docs/tags-firewalls-overview#specifications. A maximum of 5 tag key-value pairs can be specified. Existing tags will be replaced with new values.", "properties": { "tags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Tags must be in one of the following formats ([KEY]=[VALUE]) 1. `tagKeys/{tag_key_id}=tagValues/{tag_value_id}` 2. `{org_id}/{tag_key_name}={tag_value_name}` 3. `{project_id}/{tag_key_name}={tag_value_name}`" } }, "type": "object", "required": [ "tags" ] }, "google-native:container/v1beta1:ResourceUsageExportConfig": { "description": "Configuration for exporting cluster resource usages.", "properties": { "bigqueryDestination": { "$ref": "#/types/google-native:container%2Fv1beta1:BigQueryDestination", "description": "Configuration to use BigQuery as usage export destination." }, "consumptionMeteringConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:ConsumptionMeteringConfig", "description": "Configuration to enable resource consumption metering." }, "enableNetworkEgressMetering": { "type": "boolean", "description": "Whether to enable network egress metering for this cluster. If enabled, a daemonset will be created in the cluster to meter network egress traffic." } }, "type": "object" }, "google-native:container/v1beta1:ResourceUsageExportConfigResponse": { "description": "Configuration for exporting cluster resource usages.", "properties": { "bigqueryDestination": { "$ref": "#/types/google-native:container%2Fv1beta1:BigQueryDestinationResponse", "description": "Configuration to use BigQuery as usage export destination." }, "consumptionMeteringConfig": { "$ref": "#/types/google-native:container%2Fv1beta1:ConsumptionMeteringConfigResponse", "description": "Configuration to enable resource consumption metering." }, "enableNetworkEgressMetering": { "type": "boolean", "description": "Whether to enable network egress metering for this cluster. If enabled, a daemonset will be created in the cluster to meter network egress traffic." } }, "type": "object", "required": [ "bigqueryDestination", "consumptionMeteringConfig", "enableNetworkEgressMetering" ] }, "google-native:container/v1beta1:SandboxConfig": { "description": "SandboxConfig contains configurations of the sandbox to use for the node.", "properties": { "sandboxType": { "type": "string", "description": "Type of the sandbox to use for the node (e.g. 'gvisor')" }, "type": { "$ref": "#/types/google-native:container%2Fv1beta1:SandboxConfigType", "description": "Type of the sandbox to use for the node." } }, "type": "object" }, "google-native:container/v1beta1:SandboxConfigResponse": { "description": "SandboxConfig contains configurations of the sandbox to use for the node.", "properties": { "sandboxType": { "type": "string", "description": "Type of the sandbox to use for the node (e.g. 'gvisor')" }, "type": { "type": "string", "description": "Type of the sandbox to use for the node." } }, "type": "object", "required": [ "sandboxType", "type" ] }, "google-native:container/v1beta1:SandboxConfigType": { "description": "Type of the sandbox to use for the node.", "type": "string", "enum": [ { "name": "Unspecified", "description": "Default value. This should not be used.", "value": "UNSPECIFIED" }, { "name": "Gvisor", "description": "Run sandbox using gvisor.", "value": "GVISOR" } ] }, "google-native:container/v1beta1:SecurityPostureConfig": { "description": "SecurityPostureConfig defines the flags needed to enable/disable features for the Security Posture API.", "properties": { "mode": { "$ref": "#/types/google-native:container%2Fv1beta1:SecurityPostureConfigMode", "description": "Sets which mode to use for Security Posture features." }, "vulnerabilityMode": { "$ref": "#/types/google-native:container%2Fv1beta1:SecurityPostureConfigVulnerabilityMode", "description": "Sets which mode to use for vulnerability scanning." } }, "type": "object" }, "google-native:container/v1beta1:SecurityPostureConfigMode": { "description": "Sets which mode to use for Security Posture features.", "type": "string", "enum": [ { "name": "ModeUnspecified", "description": "Default value not specified.", "value": "MODE_UNSPECIFIED" }, { "name": "Disabled", "description": "Disables Security Posture features on the cluster.", "value": "DISABLED" }, { "name": "Basic", "description": "Applies Security Posture features on the cluster.", "value": "BASIC" } ] }, "google-native:container/v1beta1:SecurityPostureConfigResponse": { "description": "SecurityPostureConfig defines the flags needed to enable/disable features for the Security Posture API.", "properties": { "mode": { "type": "string", "description": "Sets which mode to use for Security Posture features." }, "vulnerabilityMode": { "type": "string", "description": "Sets which mode to use for vulnerability scanning." } }, "type": "object", "required": [ "mode", "vulnerabilityMode" ] }, "google-native:container/v1beta1:SecurityPostureConfigVulnerabilityMode": { "description": "Sets which mode to use for vulnerability scanning.", "type": "string", "enum": [ { "name": "VulnerabilityModeUnspecified", "description": "Default value not specified.", "value": "VULNERABILITY_MODE_UNSPECIFIED" }, { "name": "VulnerabilityDisabled", "description": "Disables vulnerability scanning on the cluster.", "value": "VULNERABILITY_DISABLED" }, { "name": "VulnerabilityBasic", "description": "Applies basic vulnerability scanning on the cluster.", "value": "VULNERABILITY_BASIC" }, { "name": "VulnerabilityEnterprise", "description": "Applies the Security Posture's vulnerability on cluster Enterprise level features.", "value": "VULNERABILITY_ENTERPRISE" } ] }, "google-native:container/v1beta1:ServiceExternalIPsConfig": { "description": "Config to block services with externalIPs field.", "properties": { "enabled": { "type": "boolean", "description": "Whether Services with ExternalIPs field are allowed or not." } }, "type": "object" }, "google-native:container/v1beta1:ServiceExternalIPsConfigResponse": { "description": "Config to block services with externalIPs field.", "properties": { "enabled": { "type": "boolean", "description": "Whether Services with ExternalIPs field are allowed or not." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1beta1:ShieldedInstanceConfig": { "description": "A set of Shielded Instance options.", "properties": { "enableIntegrityMonitoring": { "type": "boolean", "description": "Defines whether the instance has integrity monitoring enabled. Enables monitoring and attestation of the boot integrity of the instance. The attestation is performed against the integrity policy baseline. This baseline is initially derived from the implicitly trusted boot image when the instance is created." }, "enableSecureBoot": { "type": "boolean", "description": "Defines whether the instance has Secure Boot enabled. Secure Boot helps ensure that the system only runs authentic software by verifying the digital signature of all boot components, and halting the boot process if signature verification fails." } }, "type": "object" }, "google-native:container/v1beta1:ShieldedInstanceConfigResponse": { "description": "A set of Shielded Instance options.", "properties": { "enableIntegrityMonitoring": { "type": "boolean", "description": "Defines whether the instance has integrity monitoring enabled. Enables monitoring and attestation of the boot integrity of the instance. The attestation is performed against the integrity policy baseline. This baseline is initially derived from the implicitly trusted boot image when the instance is created." }, "enableSecureBoot": { "type": "boolean", "description": "Defines whether the instance has Secure Boot enabled. Secure Boot helps ensure that the system only runs authentic software by verifying the digital signature of all boot components, and halting the boot process if signature verification fails." } }, "type": "object", "required": [ "enableIntegrityMonitoring", "enableSecureBoot" ] }, "google-native:container/v1beta1:ShieldedNodes": { "description": "Configuration of Shielded Nodes feature.", "properties": { "enabled": { "type": "boolean", "description": "Whether Shielded Nodes features are enabled on all nodes in this cluster." } }, "type": "object" }, "google-native:container/v1beta1:ShieldedNodesResponse": { "description": "Configuration of Shielded Nodes feature.", "properties": { "enabled": { "type": "boolean", "description": "Whether Shielded Nodes features are enabled on all nodes in this cluster." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1beta1:SoleTenantConfig": { "description": "SoleTenantConfig contains the NodeAffinities to specify what shared sole tenant node groups should back the node pool.", "properties": { "nodeAffinities": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1beta1:NodeAffinity" }, "description": "NodeAffinities used to match to a shared sole tenant node group." } }, "type": "object" }, "google-native:container/v1beta1:SoleTenantConfigResponse": { "description": "SoleTenantConfig contains the NodeAffinities to specify what shared sole tenant node groups should back the node pool.", "properties": { "nodeAffinities": { "type": "array", "items": { "$ref": "#/types/google-native:container%2Fv1beta1:NodeAffinityResponse" }, "description": "NodeAffinities used to match to a shared sole tenant node group." } }, "type": "object", "required": [ "nodeAffinities" ] }, "google-native:container/v1beta1:StandardRolloutPolicy": { "description": "Standard rollout policy is the default policy for blue-green.", "properties": { "batchNodeCount": { "type": "integer", "description": "Number of blue nodes to drain in a batch." }, "batchPercentage": { "type": "number", "description": "Percentage of the blue pool nodes to drain in a batch. The range of this field should be (0.0, 1.0]." }, "batchSoakDuration": { "type": "string", "description": "Soak time after each batch gets drained. Default to zero." } }, "type": "object" }, "google-native:container/v1beta1:StandardRolloutPolicyResponse": { "description": "Standard rollout policy is the default policy for blue-green.", "properties": { "batchNodeCount": { "type": "integer", "description": "Number of blue nodes to drain in a batch." }, "batchPercentage": { "type": "number", "description": "Percentage of the blue pool nodes to drain in a batch. The range of this field should be (0.0, 1.0]." }, "batchSoakDuration": { "type": "string", "description": "Soak time after each batch gets drained. Default to zero." } }, "type": "object", "required": [ "batchNodeCount", "batchPercentage", "batchSoakDuration" ] }, "google-native:container/v1beta1:StatusCondition": { "description": "StatusCondition describes why a cluster or a node pool has a certain status (e.g., ERROR or DEGRADED).", "properties": { "canonicalCode": { "$ref": "#/types/google-native:container%2Fv1beta1:StatusConditionCanonicalCode", "description": "Canonical code of the condition." }, "code": { "$ref": "#/types/google-native:container%2Fv1beta1:StatusConditionCode", "description": "Machine-friendly representation of the condition Deprecated. Use canonical_code instead.", "deprecationMessage": "Machine-friendly representation of the condition Deprecated. Use canonical_code instead." }, "message": { "type": "string", "description": "Human-friendly representation of the condition" } }, "type": "object" }, "google-native:container/v1beta1:StatusConditionCanonicalCode": { "description": "Canonical code of the condition.", "type": "string", "enum": [ { "name": "Ok", "description": "Not an error; returned on success. HTTP Mapping: 200 OK", "value": "OK" }, { "name": "Cancelled", "description": "The operation was cancelled, typically by the caller. HTTP Mapping: 499 Client Closed Request", "value": "CANCELLED" }, { "name": "Unknown", "description": "Unknown error. For example, this error may be returned when a `Status` value received from another address space belongs to an error space that is not known in this address space. Also errors raised by APIs that do not return enough error information may be converted to this error. HTTP Mapping: 500 Internal Server Error", "value": "UNKNOWN" }, { "name": "InvalidArgument", "description": "The client specified an invalid argument. Note that this differs from `FAILED_PRECONDITION`. `INVALID_ARGUMENT` indicates arguments that are problematic regardless of the state of the system (e.g., a malformed file name). HTTP Mapping: 400 Bad Request", "value": "INVALID_ARGUMENT" }, { "name": "DeadlineExceeded", "description": "The deadline expired before the operation could complete. For operations that change the state of the system, this error may be returned even if the operation has completed successfully. For example, a successful response from a server could have been delayed long enough for the deadline to expire. HTTP Mapping: 504 Gateway Timeout", "value": "DEADLINE_EXCEEDED" }, { "name": "NotFound", "description": "Some requested entity (e.g., file or directory) was not found. Note to server developers: if a request is denied for an entire class of users, such as gradual feature rollout or undocumented allowlist, `NOT_FOUND` may be used. If a request is denied for some users within a class of users, such as user-based access control, `PERMISSION_DENIED` must be used. HTTP Mapping: 404 Not Found", "value": "NOT_FOUND" }, { "name": "AlreadyExists", "description": "The entity that a client attempted to create (e.g., file or directory) already exists. HTTP Mapping: 409 Conflict", "value": "ALREADY_EXISTS" }, { "name": "PermissionDenied", "description": "The caller does not have permission to execute the specified operation. `PERMISSION_DENIED` must not be used for rejections caused by exhausting some resource (use `RESOURCE_EXHAUSTED` instead for those errors). `PERMISSION_DENIED` must not be used if the caller can not be identified (use `UNAUTHENTICATED` instead for those errors). This error code does not imply the request is valid or the requested entity exists or satisfies other pre-conditions. HTTP Mapping: 403 Forbidden", "value": "PERMISSION_DENIED" }, { "name": "Unauthenticated", "description": "The request does not have valid authentication credentials for the operation. HTTP Mapping: 401 Unauthorized", "value": "UNAUTHENTICATED" }, { "name": "ResourceExhausted", "description": "Some resource has been exhausted, perhaps a per-user quota, or perhaps the entire file system is out of space. HTTP Mapping: 429 Too Many Requests", "value": "RESOURCE_EXHAUSTED" }, { "name": "FailedPrecondition", "description": "The operation was rejected because the system is not in a state required for the operation's execution. For example, the directory to be deleted is non-empty, an rmdir operation is applied to a non-directory, etc. Service implementors can use the following guidelines to decide between `FAILED_PRECONDITION`, `ABORTED`, and `UNAVAILABLE`: (a) Use `UNAVAILABLE` if the client can retry just the failing call. (b) Use `ABORTED` if the client should retry at a higher level. For example, when a client-specified test-and-set fails, indicating the client should restart a read-modify-write sequence. (c) Use `FAILED_PRECONDITION` if the client should not retry until the system state has been explicitly fixed. For example, if an \"rmdir\" fails because the directory is non-empty, `FAILED_PRECONDITION` should be returned since the client should not retry unless the files are deleted from the directory. HTTP Mapping: 400 Bad Request", "value": "FAILED_PRECONDITION" }, { "name": "Aborted", "description": "The operation was aborted, typically due to a concurrency issue such as a sequencer check failure or transaction abort. See the guidelines above for deciding between `FAILED_PRECONDITION`, `ABORTED`, and `UNAVAILABLE`. HTTP Mapping: 409 Conflict", "value": "ABORTED" }, { "name": "OutOfRange", "description": "The operation was attempted past the valid range. E.g., seeking or reading past end-of-file. Unlike `INVALID_ARGUMENT`, this error indicates a problem that may be fixed if the system state changes. For example, a 32-bit file system will generate `INVALID_ARGUMENT` if asked to read at an offset that is not in the range [0,2^32-1], but it will generate `OUT_OF_RANGE` if asked to read from an offset past the current file size. There is a fair bit of overlap between `FAILED_PRECONDITION` and `OUT_OF_RANGE`. We recommend using `OUT_OF_RANGE` (the more specific error) when it applies so that callers who are iterating through a space can easily look for an `OUT_OF_RANGE` error to detect when they are done. HTTP Mapping: 400 Bad Request", "value": "OUT_OF_RANGE" }, { "name": "Unimplemented", "description": "The operation is not implemented or is not supported/enabled in this service. HTTP Mapping: 501 Not Implemented", "value": "UNIMPLEMENTED" }, { "name": "Internal", "description": "Internal errors. This means that some invariants expected by the underlying system have been broken. This error code is reserved for serious errors. HTTP Mapping: 500 Internal Server Error", "value": "INTERNAL" }, { "name": "Unavailable", "description": "The service is currently unavailable. This is most likely a transient condition, which can be corrected by retrying with a backoff. Note that it is not always safe to retry non-idempotent operations. See the guidelines above for deciding between `FAILED_PRECONDITION`, `ABORTED`, and `UNAVAILABLE`. HTTP Mapping: 503 Service Unavailable", "value": "UNAVAILABLE" }, { "name": "DataLoss", "description": "Unrecoverable data loss or corruption. HTTP Mapping: 500 Internal Server Error", "value": "DATA_LOSS" } ] }, "google-native:container/v1beta1:StatusConditionCode": { "description": "Machine-friendly representation of the condition Deprecated. Use canonical_code instead.", "type": "string", "enum": [ { "name": "Unknown", "description": "UNKNOWN indicates a generic condition.", "value": "UNKNOWN" }, { "name": "GceStockout", "description": "GCE_STOCKOUT indicates that Google Compute Engine resources are temporarily unavailable.", "value": "GCE_STOCKOUT" }, { "name": "GkeServiceAccountDeleted", "description": "GKE_SERVICE_ACCOUNT_DELETED indicates that the user deleted their robot service account.", "value": "GKE_SERVICE_ACCOUNT_DELETED" }, { "name": "GceQuotaExceeded", "description": "Google Compute Engine quota was exceeded.", "value": "GCE_QUOTA_EXCEEDED" }, { "name": "SetByOperator", "description": "Cluster state was manually changed by an SRE due to a system logic error.", "value": "SET_BY_OPERATOR" }, { "name": "CloudKmsKeyError", "description": "Unable to perform an encrypt operation against the CloudKMS key used for etcd level encryption.", "value": "CLOUD_KMS_KEY_ERROR" }, { "name": "CaExpiring", "description": "Cluster CA is expiring soon. More codes TBA", "value": "CA_EXPIRING" } ] }, "google-native:container/v1beta1:StatusConditionResponse": { "description": "StatusCondition describes why a cluster or a node pool has a certain status (e.g., ERROR or DEGRADED).", "properties": { "canonicalCode": { "type": "string", "description": "Canonical code of the condition." }, "code": { "type": "string", "description": "Machine-friendly representation of the condition Deprecated. Use canonical_code instead.", "deprecationMessage": "Machine-friendly representation of the condition Deprecated. Use canonical_code instead." }, "message": { "type": "string", "description": "Human-friendly representation of the condition" } }, "type": "object", "required": [ "canonicalCode", "code", "message" ] }, "google-native:container/v1beta1:TimeWindow": { "description": "Represents an arbitrary window of time.", "properties": { "endTime": { "type": "string", "description": "The time that the window ends. The end time should take place after the start time." }, "maintenanceExclusionOptions": { "$ref": "#/types/google-native:container%2Fv1beta1:MaintenanceExclusionOptions", "description": "MaintenanceExclusionOptions provides maintenance exclusion related options." }, "startTime": { "type": "string", "description": "The time that the window first starts." } }, "type": "object" }, "google-native:container/v1beta1:TimeWindowResponse": { "description": "Represents an arbitrary window of time.", "properties": { "endTime": { "type": "string", "description": "The time that the window ends. The end time should take place after the start time." }, "maintenanceExclusionOptions": { "$ref": "#/types/google-native:container%2Fv1beta1:MaintenanceExclusionOptionsResponse", "description": "MaintenanceExclusionOptions provides maintenance exclusion related options." }, "startTime": { "type": "string", "description": "The time that the window first starts." } }, "type": "object", "required": [ "endTime", "maintenanceExclusionOptions", "startTime" ] }, "google-native:container/v1beta1:TpuConfig": { "description": "Configuration for Cloud TPU.", "properties": { "enabled": { "type": "boolean", "description": "Whether Cloud TPU integration is enabled or not." }, "ipv4CidrBlock": { "type": "string", "description": "IPv4 CIDR block reserved for Cloud TPU in the VPC." }, "useServiceNetworking": { "type": "boolean", "description": "Whether to use service networking for Cloud TPU or not." } }, "type": "object" }, "google-native:container/v1beta1:TpuConfigResponse": { "description": "Configuration for Cloud TPU.", "properties": { "enabled": { "type": "boolean", "description": "Whether Cloud TPU integration is enabled or not." }, "ipv4CidrBlock": { "type": "string", "description": "IPv4 CIDR block reserved for Cloud TPU in the VPC." }, "useServiceNetworking": { "type": "boolean", "description": "Whether to use service networking for Cloud TPU or not." } }, "type": "object", "required": [ "enabled", "ipv4CidrBlock", "useServiceNetworking" ] }, "google-native:container/v1beta1:UpdateInfoResponse": { "description": "UpdateInfo contains resource (instance groups, etc), status and other intermediate information relevant to a node pool upgrade.", "properties": { "blueGreenInfo": { "$ref": "#/types/google-native:container%2Fv1beta1:BlueGreenInfoResponse", "description": "Information of a blue-green upgrade." } }, "type": "object", "required": [ "blueGreenInfo" ] }, "google-native:container/v1beta1:UpgradeSettings": { "description": "These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. These upgrade settings configure the upgrade strategy for the node pool. Use strategy to switch between the strategies applied to the node pool. If the strategy is SURGE, use max_surge and max_unavailable to control the level of parallelism and the level of disruption caused by upgrade. 1. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. 2. maxUnavailable controls the number of nodes that can be simultaneously unavailable. 3. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). If the strategy is BLUE_GREEN, use blue_green_settings to configure the blue-green upgrade related settings. 1. standard_rollout_policy is the default policy. The policy is used to control the way blue pool gets drained. The draining is executed in the batch mode. The batch size could be specified as either percentage of the node pool size or the number of nodes. batch_soak_duration is the soak time after each batch gets drained. 2. node_pool_soak_duration is the soak time after all blue nodes are drained. After this period, the blue pool nodes will be deleted.", "properties": { "blueGreenSettings": { "$ref": "#/types/google-native:container%2Fv1beta1:BlueGreenSettings", "description": "Settings for blue-green upgrade strategy." }, "maxSurge": { "type": "integer", "description": "The maximum number of nodes that can be created beyond the current size of the node pool during the upgrade process." }, "maxUnavailable": { "type": "integer", "description": "The maximum number of nodes that can be simultaneously unavailable during the upgrade process. A node is considered available if its status is Ready." }, "strategy": { "$ref": "#/types/google-native:container%2Fv1beta1:UpgradeSettingsStrategy", "description": "Update strategy of the node pool." } }, "type": "object" }, "google-native:container/v1beta1:UpgradeSettingsResponse": { "description": "These upgrade settings control the level of parallelism and the level of disruption caused by an upgrade. maxUnavailable controls the number of nodes that can be simultaneously unavailable. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). Note: upgrades inevitably introduce some disruption since workloads need to be moved from old nodes to new, upgraded ones. Even if maxUnavailable=0, this holds true. (Disruption stays within the limits of PodDisruptionBudget, if it is configured.) Consider a hypothetical node pool with 5 nodes having maxSurge=2, maxUnavailable=1. This means the upgrade process upgrades 3 nodes simultaneously. It creates 2 additional (upgraded) nodes, then it brings down 3 old (not yet upgraded) nodes at the same time. This ensures that there are always at least 4 nodes available. These upgrade settings configure the upgrade strategy for the node pool. Use strategy to switch between the strategies applied to the node pool. If the strategy is SURGE, use max_surge and max_unavailable to control the level of parallelism and the level of disruption caused by upgrade. 1. maxSurge controls the number of additional nodes that can be added to the node pool temporarily for the time of the upgrade to increase the number of available nodes. 2. maxUnavailable controls the number of nodes that can be simultaneously unavailable. 3. (maxUnavailable + maxSurge) determines the level of parallelism (how many nodes are being upgraded at the same time). If the strategy is BLUE_GREEN, use blue_green_settings to configure the blue-green upgrade related settings. 1. standard_rollout_policy is the default policy. The policy is used to control the way blue pool gets drained. The draining is executed in the batch mode. The batch size could be specified as either percentage of the node pool size or the number of nodes. batch_soak_duration is the soak time after each batch gets drained. 2. node_pool_soak_duration is the soak time after all blue nodes are drained. After this period, the blue pool nodes will be deleted.", "properties": { "blueGreenSettings": { "$ref": "#/types/google-native:container%2Fv1beta1:BlueGreenSettingsResponse", "description": "Settings for blue-green upgrade strategy." }, "maxSurge": { "type": "integer", "description": "The maximum number of nodes that can be created beyond the current size of the node pool during the upgrade process." }, "maxUnavailable": { "type": "integer", "description": "The maximum number of nodes that can be simultaneously unavailable during the upgrade process. A node is considered available if its status is Ready." }, "strategy": { "type": "string", "description": "Update strategy of the node pool." } }, "type": "object", "required": [ "blueGreenSettings", "maxSurge", "maxUnavailable", "strategy" ] }, "google-native:container/v1beta1:UpgradeSettingsStrategy": { "description": "Update strategy of the node pool.", "type": "string", "enum": [ { "name": "NodePoolUpdateStrategyUnspecified", "description": "Default value if unset. GKE internally defaults the update strategy to SURGE for unspecified strategies.", "value": "NODE_POOL_UPDATE_STRATEGY_UNSPECIFIED" }, { "name": "BlueGreen", "description": "blue-green upgrade.", "value": "BLUE_GREEN" }, { "name": "Surge", "description": "SURGE is the traditional way of upgrading a node pool. max_surge and max_unavailable determines the level of upgrade parallelism.", "value": "SURGE" } ] }, "google-native:container/v1beta1:VerticalPodAutoscaling": { "description": "VerticalPodAutoscaling contains global, per-cluster information required by Vertical Pod Autoscaler to automatically adjust the resources of pods controlled by it.", "properties": { "enabled": { "type": "boolean", "description": "Enables vertical pod autoscaling." } }, "type": "object" }, "google-native:container/v1beta1:VerticalPodAutoscalingResponse": { "description": "VerticalPodAutoscaling contains global, per-cluster information required by Vertical Pod Autoscaler to automatically adjust the resources of pods controlled by it.", "properties": { "enabled": { "type": "boolean", "description": "Enables vertical pod autoscaling." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1beta1:VirtualNIC": { "description": "Configuration of gVNIC feature.", "properties": { "enabled": { "type": "boolean", "description": "Whether gVNIC features are enabled in the node pool." } }, "type": "object" }, "google-native:container/v1beta1:VirtualNICResponse": { "description": "Configuration of gVNIC feature.", "properties": { "enabled": { "type": "boolean", "description": "Whether gVNIC features are enabled in the node pool." } }, "type": "object", "required": [ "enabled" ] }, "google-native:container/v1beta1:WindowsNodeConfig": { "description": "Parameters that can be configured on Windows nodes. Windows Node Config that define the parameters that will be used to configure the Windows node pool settings", "properties": { "osVersion": { "$ref": "#/types/google-native:container%2Fv1beta1:WindowsNodeConfigOsVersion", "description": "OSVersion specifies the Windows node config to be used on the node" } }, "type": "object" }, "google-native:container/v1beta1:WindowsNodeConfigOsVersion": { "description": "OSVersion specifies the Windows node config to be used on the node", "type": "string", "enum": [ { "name": "OsVersionUnspecified", "description": "When OSVersion is not specified", "value": "OS_VERSION_UNSPECIFIED" }, { "name": "OsVersionLtsc2019", "description": "LTSC2019 specifies to use LTSC2019 as the Windows Servercore Base Image", "value": "OS_VERSION_LTSC2019" }, { "name": "OsVersionLtsc2022", "description": "LTSC2022 specifies to use LTSC2022 as the Windows Servercore Base Image", "value": "OS_VERSION_LTSC2022" } ] }, "google-native:container/v1beta1:WindowsNodeConfigResponse": { "description": "Parameters that can be configured on Windows nodes. Windows Node Config that define the parameters that will be used to configure the Windows node pool settings", "properties": { "osVersion": { "type": "string", "description": "OSVersion specifies the Windows node config to be used on the node" } }, "type": "object", "required": [ "osVersion" ] }, "google-native:container/v1beta1:WorkloadALTSConfig": { "description": "Configuration for direct-path (via ALTS) with workload identity.", "properties": { "enableAlts": { "type": "boolean", "description": "enable_alts controls whether the alts handshaker should be enabled or not for direct-path. Requires Workload Identity (workload_pool must be non-empty)." } }, "type": "object" }, "google-native:container/v1beta1:WorkloadALTSConfigResponse": { "description": "Configuration for direct-path (via ALTS) with workload identity.", "properties": { "enableAlts": { "type": "boolean", "description": "enable_alts controls whether the alts handshaker should be enabled or not for direct-path. Requires Workload Identity (workload_pool must be non-empty)." } }, "type": "object", "required": [ "enableAlts" ] }, "google-native:container/v1beta1:WorkloadCertificates": { "description": "Configuration for issuance of mTLS keys and certificates to Kubernetes pods.", "properties": { "enableCertificates": { "type": "boolean", "description": "enable_certificates controls issuance of workload mTLS certificates. If set, the GKE Workload Identity Certificates controller and node agent will be deployed in the cluster, which can then be configured by creating a WorkloadCertificateConfig Custom Resource. Requires Workload Identity (workload_pool must be non-empty)." } }, "type": "object" }, "google-native:container/v1beta1:WorkloadCertificatesResponse": { "description": "Configuration for issuance of mTLS keys and certificates to Kubernetes pods.", "properties": { "enableCertificates": { "type": "boolean", "description": "enable_certificates controls issuance of workload mTLS certificates. If set, the GKE Workload Identity Certificates controller and node agent will be deployed in the cluster, which can then be configured by creating a WorkloadCertificateConfig Custom Resource. Requires Workload Identity (workload_pool must be non-empty)." } }, "type": "object", "required": [ "enableCertificates" ] }, "google-native:container/v1beta1:WorkloadConfig": { "description": "WorkloadConfig defines the flags to enable or disable the workload configurations for the cluster.", "properties": { "auditMode": { "$ref": "#/types/google-native:container%2Fv1beta1:WorkloadConfigAuditMode", "description": "Sets which mode of auditing should be used for the cluster's workloads." } }, "type": "object" }, "google-native:container/v1beta1:WorkloadConfigAuditMode": { "description": "Sets which mode of auditing should be used for the cluster's workloads.", "type": "string", "enum": [ { "name": "ModeUnspecified", "description": "Default value meaning that no mode has been specified.", "value": "MODE_UNSPECIFIED" }, { "name": "Disabled", "description": "This disables Workload Configuration auditing on the cluster, meaning that nothing is surfaced.", "value": "DISABLED" }, { "name": "Basic", "description": "Applies the default set of policy auditing to a cluster's workloads.", "value": "BASIC" }, { "name": "Baseline", "description": "Surfaces configurations that are not in line with the Pod Security Standard Baseline policy.", "value": "BASELINE" }, { "name": "Restricted", "description": "Surfaces configurations that are not in line with the Pod Security Standard Restricted policy.", "value": "RESTRICTED" } ] }, "google-native:container/v1beta1:WorkloadConfigResponse": { "description": "WorkloadConfig defines the flags to enable or disable the workload configurations for the cluster.", "properties": { "auditMode": { "type": "string", "description": "Sets which mode of auditing should be used for the cluster's workloads." } }, "type": "object", "required": [ "auditMode" ] }, "google-native:container/v1beta1:WorkloadIdentityConfig": { "description": "Configuration for the use of Kubernetes Service Accounts in GCP IAM policies.", "properties": { "identityNamespace": { "type": "string", "description": "IAM Identity Namespace to attach all Kubernetes Service Accounts to." }, "identityProvider": { "type": "string", "description": "identity provider is the third party identity provider." }, "workloadPool": { "type": "string", "description": "The workload pool to attach all Kubernetes service accounts to." } }, "type": "object" }, "google-native:container/v1beta1:WorkloadIdentityConfigResponse": { "description": "Configuration for the use of Kubernetes Service Accounts in GCP IAM policies.", "properties": { "identityNamespace": { "type": "string", "description": "IAM Identity Namespace to attach all Kubernetes Service Accounts to." }, "identityProvider": { "type": "string", "description": "identity provider is the third party identity provider." }, "workloadPool": { "type": "string", "description": "The workload pool to attach all Kubernetes service accounts to." } }, "type": "object", "required": [ "identityNamespace", "identityProvider", "workloadPool" ] }, "google-native:container/v1beta1:WorkloadMetadataConfig": { "description": "WorkloadMetadataConfig defines the metadata configuration to expose to workloads on the node pool.", "properties": { "mode": { "$ref": "#/types/google-native:container%2Fv1beta1:WorkloadMetadataConfigMode", "description": "Mode is the configuration for how to expose metadata to workloads running on the node pool." }, "nodeMetadata": { "$ref": "#/types/google-native:container%2Fv1beta1:WorkloadMetadataConfigNodeMetadata", "description": "NodeMetadata is the configuration for how to expose metadata to the workloads running on the node." } }, "type": "object" }, "google-native:container/v1beta1:WorkloadMetadataConfigMode": { "description": "Mode is the configuration for how to expose metadata to workloads running on the node pool.", "type": "string", "enum": [ { "name": "ModeUnspecified", "description": "Not set.", "value": "MODE_UNSPECIFIED" }, { "name": "GceMetadata", "description": "Expose all Compute Engine metadata to pods.", "value": "GCE_METADATA" }, { "name": "GkeMetadata", "description": "Run the GKE Metadata Server on this node. The GKE Metadata Server exposes a metadata API to workloads that is compatible with the V1 Compute Metadata APIs exposed by the Compute Engine and App Engine Metadata Servers. This feature can only be enabled if Workload Identity is enabled at the cluster level.", "value": "GKE_METADATA" } ] }, "google-native:container/v1beta1:WorkloadMetadataConfigNodeMetadata": { "description": "NodeMetadata is the configuration for how to expose metadata to the workloads running on the node.", "type": "string", "enum": [ { "name": "Unspecified", "description": "Not set.", "value": "UNSPECIFIED" }, { "name": "Secure", "description": "Prevent workloads not in hostNetwork from accessing certain VM metadata, specifically kube-env, which contains Kubelet credentials, and the instance identity token. Metadata concealment is a temporary security solution available while the bootstrapping process for cluster nodes is being redesigned with significant security improvements. This feature is scheduled to be deprecated in the future and later removed.", "value": "SECURE" }, { "name": "Expose", "description": "Expose all VM metadata to pods.", "value": "EXPOSE" }, { "name": "GkeMetadataServer", "description": "Run the GKE Metadata Server on this node. The GKE Metadata Server exposes a metadata API to workloads that is compatible with the V1 Compute Metadata APIs exposed by the Compute Engine and App Engine Metadata Servers. This feature can only be enabled if Workload Identity is enabled at the cluster level.", "value": "GKE_METADATA_SERVER" } ] }, "google-native:container/v1beta1:WorkloadMetadataConfigResponse": { "description": "WorkloadMetadataConfig defines the metadata configuration to expose to workloads on the node pool.", "properties": { "mode": { "type": "string", "description": "Mode is the configuration for how to expose metadata to workloads running on the node pool." }, "nodeMetadata": { "type": "string", "description": "NodeMetadata is the configuration for how to expose metadata to the workloads running on the node." } }, "type": "object", "required": [ "mode", "nodeMetadata" ] }, "google-native:container/v1beta1:WorkloadPolicyConfig": { "description": "WorkloadPolicyConfig is the configuration of workload policy for autopilot clusters.", "properties": { "allowNetAdmin": { "type": "boolean", "description": "If true, workloads can use NET_ADMIN capability." } }, "type": "object" }, "google-native:container/v1beta1:WorkloadPolicyConfigResponse": { "description": "WorkloadPolicyConfig is the configuration of workload policy for autopilot clusters.", "properties": { "allowNetAdmin": { "type": "boolean", "description": "If true, workloads can use NET_ADMIN capability." } }, "type": "object", "required": [ "allowNetAdmin" ] }, "google-native:containeranalysis/v1:AliasContext": { "description": "An alias to a repo revision.", "properties": { "kind": { "$ref": "#/types/google-native:containeranalysis%2Fv1:AliasContextKind", "description": "The alias kind." }, "name": { "type": "string", "description": "The alias name." } }, "type": "object" }, "google-native:containeranalysis/v1:AliasContextKind": { "description": "The alias kind.", "type": "string", "enum": [ { "name": "KindUnspecified", "description": "Unknown.", "value": "KIND_UNSPECIFIED" }, { "name": "Fixed", "description": "Git tag.", "value": "FIXED" }, { "name": "Movable", "description": "Git branch.", "value": "MOVABLE" }, { "name": "Other", "description": "Used to specify non-standard aliases. For example, if a Git repo has a ref named \"refs/foo/bar\".", "value": "OTHER" } ] }, "google-native:containeranalysis/v1:AliasContextResponse": { "description": "An alias to a repo revision.", "properties": { "kind": { "type": "string", "description": "The alias kind." }, "name": { "type": "string", "description": "The alias name." } }, "type": "object", "required": [ "kind", "name" ] }, "google-native:containeranalysis/v1:AnalysisCompleted": { "description": "Indicates which analysis completed successfully. Multiple types of analysis can be performed on a single resource.", "properties": { "analysisType": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "google-native:containeranalysis/v1:AnalysisCompletedResponse": { "description": "Indicates which analysis completed successfully. Multiple types of analysis can be performed on a single resource.", "properties": { "analysisType": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "analysisType" ] }, "google-native:containeranalysis/v1:Artifact": { "description": "Artifact describes a build product.", "properties": { "checksum": { "type": "string", "description": "Hash or checksum value of a binary, or Docker Registry 2.0 digest of a container." }, "id": { "type": "string", "description": "Artifact ID, if any; for container images, this will be a URL by digest like `gcr.io/projectID/imagename@sha256:123456`." }, "names": { "type": "array", "items": { "type": "string" }, "description": "Related artifact names. This may be the path to a binary or jar file, or in the case of a container build, the name used to push the container image to Google Container Registry, as presented to `docker push`. Note that a single Artifact ID can have multiple names, for example if two tags are applied to one image." } }, "type": "object" }, "google-native:containeranalysis/v1:ArtifactResponse": { "description": "Artifact describes a build product.", "properties": { "checksum": { "type": "string", "description": "Hash or checksum value of a binary, or Docker Registry 2.0 digest of a container." }, "names": { "type": "array", "items": { "type": "string" }, "description": "Related artifact names. This may be the path to a binary or jar file, or in the case of a container build, the name used to push the container image to Google Container Registry, as presented to `docker push`. Note that a single Artifact ID can have multiple names, for example if two tags are applied to one image." } }, "type": "object", "required": [ "checksum", "names" ] }, "google-native:containeranalysis/v1:Assessment": { "description": "Assessment provides all information that is related to a single vulnerability for this product.", "properties": { "cve": { "type": "string", "description": "Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.", "deprecationMessage": "Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs." }, "impacts": { "type": "array", "items": { "type": "string" }, "description": "Contains information about the impact of this vulnerability, this will change with time." }, "justification": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Justification", "description": "Justification provides the justification when the state of the assessment if NOT_AFFECTED." }, "longDescription": { "type": "string", "description": "A detailed description of this Vex." }, "relatedUris": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:RelatedUrl" }, "description": "Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability." }, "remediations": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Remediation" }, "description": "Specifies details on how to handle (and presumably, fix) a vulnerability." }, "shortDescription": { "type": "string", "description": "A one sentence description of this Vex." }, "state": { "$ref": "#/types/google-native:containeranalysis%2Fv1:AssessmentState", "description": "Provides the state of this Vulnerability assessment." }, "vulnerabilityId": { "type": "string", "description": "The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc." } }, "type": "object" }, "google-native:containeranalysis/v1:AssessmentResponse": { "description": "Assessment provides all information that is related to a single vulnerability for this product.", "properties": { "cve": { "type": "string", "description": "Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.", "deprecationMessage": "Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs." }, "impacts": { "type": "array", "items": { "type": "string" }, "description": "Contains information about the impact of this vulnerability, this will change with time." }, "justification": { "$ref": "#/types/google-native:containeranalysis%2Fv1:JustificationResponse", "description": "Justification provides the justification when the state of the assessment if NOT_AFFECTED." }, "longDescription": { "type": "string", "description": "A detailed description of this Vex." }, "relatedUris": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:RelatedUrlResponse" }, "description": "Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability." }, "remediations": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:RemediationResponse" }, "description": "Specifies details on how to handle (and presumably, fix) a vulnerability." }, "shortDescription": { "type": "string", "description": "A one sentence description of this Vex." }, "state": { "type": "string", "description": "Provides the state of this Vulnerability assessment." }, "vulnerabilityId": { "type": "string", "description": "The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc." } }, "type": "object", "required": [ "cve", "impacts", "justification", "longDescription", "relatedUris", "remediations", "shortDescription", "state", "vulnerabilityId" ] }, "google-native:containeranalysis/v1:AssessmentState": { "description": "Provides the state of this Vulnerability assessment.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "No state is specified.", "value": "STATE_UNSPECIFIED" }, { "name": "Affected", "description": "This product is known to be affected by this vulnerability.", "value": "AFFECTED" }, { "name": "NotAffected", "description": "This product is known to be not affected by this vulnerability.", "value": "NOT_AFFECTED" }, { "name": "Fixed", "description": "This product contains a fix for this vulnerability.", "value": "FIXED" }, { "name": "UnderInvestigation", "description": "It is not known yet whether these versions are or are not affected by the vulnerability. However, it is still under investigation.", "value": "UNDER_INVESTIGATION" } ] }, "google-native:containeranalysis/v1:AttestationNote": { "description": "Note kind that represents a logical attestation \"role\" or \"authority\". For example, an organization might have one `Authority` for \"QA\" and one for \"build\". This note is intended to act strictly as a grouping mechanism for the attached occurrences (Attestations). This grouping mechanism also provides a security boundary, since IAM ACLs gate the ability for a principle to attach an occurrence to a given note. It also provides a single point of lookup to find all attached attestation occurrences, even if they don't all live in the same project.", "properties": { "hint": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Hint", "description": "Hint hints at the purpose of the attestation authority." } }, "type": "object" }, "google-native:containeranalysis/v1:AttestationNoteResponse": { "description": "Note kind that represents a logical attestation \"role\" or \"authority\". For example, an organization might have one `Authority` for \"QA\" and one for \"build\". This note is intended to act strictly as a grouping mechanism for the attached occurrences (Attestations). This grouping mechanism also provides a security boundary, since IAM ACLs gate the ability for a principle to attach an occurrence to a given note. It also provides a single point of lookup to find all attached attestation occurrences, even if they don't all live in the same project.", "properties": { "hint": { "$ref": "#/types/google-native:containeranalysis%2Fv1:HintResponse", "description": "Hint hints at the purpose of the attestation authority." } }, "type": "object", "required": [ "hint" ] }, "google-native:containeranalysis/v1:AttestationOccurrence": { "description": "Occurrence that represents a single \"attestation\". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign.", "properties": { "jwts": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Jwt" }, "description": "One or more JWTs encoding a self-contained attestation. Each JWT encodes the payload that it verifies within the JWT itself. Verifier implementation SHOULD ignore the `serialized_payload` field when verifying these JWTs. If only JWTs are present on this AttestationOccurrence, then the `serialized_payload` SHOULD be left empty. Each JWT SHOULD encode a claim specific to the `resource_uri` of this Occurrence, but this is not validated by Grafeas metadata API implementations. The JWT itself is opaque to Grafeas." }, "serializedPayload": { "type": "string", "description": "The serialized payload that is verified by one or more `signatures`." }, "signatures": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Signature" }, "description": "One or more signatures over `serialized_payload`. Verifier implementations should consider this attestation message verified if at least one `signature` verifies `serialized_payload`. See `Signature` in common.proto for more details on signature structure and verification." } }, "type": "object", "required": [ "serializedPayload" ] }, "google-native:containeranalysis/v1:AttestationOccurrenceResponse": { "description": "Occurrence that represents a single \"attestation\". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign.", "properties": { "jwts": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:JwtResponse" }, "description": "One or more JWTs encoding a self-contained attestation. Each JWT encodes the payload that it verifies within the JWT itself. Verifier implementation SHOULD ignore the `serialized_payload` field when verifying these JWTs. If only JWTs are present on this AttestationOccurrence, then the `serialized_payload` SHOULD be left empty. Each JWT SHOULD encode a claim specific to the `resource_uri` of this Occurrence, but this is not validated by Grafeas metadata API implementations. The JWT itself is opaque to Grafeas." }, "serializedPayload": { "type": "string", "description": "The serialized payload that is verified by one or more `signatures`." }, "signatures": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:SignatureResponse" }, "description": "One or more signatures over `serialized_payload`. Verifier implementations should consider this attestation message verified if at least one `signature` verifies `serialized_payload`. See `Signature` in common.proto for more details on signature structure and verification." } }, "type": "object", "required": [ "jwts", "serializedPayload", "signatures" ] }, "google-native:containeranalysis/v1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:containeranalysis/v1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:containeranalysis%2Fv1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:containeranalysis/v1:BuildDefinition": { "properties": { "buildType": { "type": "string" }, "externalParameters": { "type": "object", "additionalProperties": { "type": "string" } }, "internalParameters": { "type": "object", "additionalProperties": { "type": "string" } }, "resolvedDependencies": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:ResourceDescriptor" } } }, "type": "object" }, "google-native:containeranalysis/v1:BuildDefinitionResponse": { "properties": { "buildType": { "type": "string" }, "externalParameters": { "type": "object", "additionalProperties": { "type": "string" } }, "internalParameters": { "type": "object", "additionalProperties": { "type": "string" } }, "resolvedDependencies": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:ResourceDescriptorResponse" } } }, "type": "object", "required": [ "buildType", "externalParameters", "internalParameters", "resolvedDependencies" ] }, "google-native:containeranalysis/v1:BuildMetadata": { "properties": { "finishedOn": { "type": "string" }, "invocationId": { "type": "string" }, "startedOn": { "type": "string" } }, "type": "object" }, "google-native:containeranalysis/v1:BuildMetadataResponse": { "properties": { "finishedOn": { "type": "string" }, "invocationId": { "type": "string" }, "startedOn": { "type": "string" } }, "type": "object", "required": [ "finishedOn", "invocationId", "startedOn" ] }, "google-native:containeranalysis/v1:BuildNote": { "description": "Note holding the version of the provider's builder and the signature of the provenance message in the build details occurrence.", "properties": { "builderVersion": { "type": "string", "description": "Immutable. Version of the builder which produced this build." } }, "type": "object", "required": [ "builderVersion" ] }, "google-native:containeranalysis/v1:BuildNoteResponse": { "description": "Note holding the version of the provider's builder and the signature of the provenance message in the build details occurrence.", "properties": { "builderVersion": { "type": "string", "description": "Immutable. Version of the builder which produced this build." } }, "type": "object", "required": [ "builderVersion" ] }, "google-native:containeranalysis/v1:BuildOccurrence": { "description": "Details of a build occurrence.", "properties": { "inTotoSlsaProvenanceV1": { "$ref": "#/types/google-native:containeranalysis%2Fv1:InTotoSlsaProvenanceV1", "description": "In-Toto Slsa Provenance V1 represents a slsa provenance meeting the slsa spec, wrapped in an in-toto statement. This allows for direct jsonification of a to-spec in-toto slsa statement with a to-spec slsa provenance." }, "intotoProvenance": { "$ref": "#/types/google-native:containeranalysis%2Fv1:InTotoProvenance", "description": "Deprecated. See InTotoStatement for the replacement. In-toto Provenance representation as defined in spec.", "deprecationMessage": "Deprecated. See InTotoStatement for the replacement. In-toto Provenance representation as defined in spec." }, "intotoStatement": { "$ref": "#/types/google-native:containeranalysis%2Fv1:InTotoStatement", "description": "In-toto Statement representation as defined in spec. The intoto_statement can contain any type of provenance. The serialized payload of the statement can be stored and signed in the Occurrence's envelope." }, "provenance": { "$ref": "#/types/google-native:containeranalysis%2Fv1:BuildProvenance", "description": "The actual provenance for the build." }, "provenanceBytes": { "type": "string", "description": "Serialized JSON representation of the provenance, used in generating the build signature in the corresponding build note. After verifying the signature, `provenance_bytes` can be unmarshalled and compared to the provenance to confirm that it is unchanged. A base64-encoded string representation of the provenance bytes is used for the signature in order to interoperate with openssl which expects this format for signature verification. The serialized form is captured both to avoid ambiguity in how the provenance is marshalled to json as well to prevent incompatibilities with future changes." } }, "type": "object" }, "google-native:containeranalysis/v1:BuildOccurrenceResponse": { "description": "Details of a build occurrence.", "properties": { "inTotoSlsaProvenanceV1": { "$ref": "#/types/google-native:containeranalysis%2Fv1:InTotoSlsaProvenanceV1Response", "description": "In-Toto Slsa Provenance V1 represents a slsa provenance meeting the slsa spec, wrapped in an in-toto statement. This allows for direct jsonification of a to-spec in-toto slsa statement with a to-spec slsa provenance." }, "intotoProvenance": { "$ref": "#/types/google-native:containeranalysis%2Fv1:InTotoProvenanceResponse", "description": "Deprecated. See InTotoStatement for the replacement. In-toto Provenance representation as defined in spec.", "deprecationMessage": "Deprecated. See InTotoStatement for the replacement. In-toto Provenance representation as defined in spec." }, "intotoStatement": { "$ref": "#/types/google-native:containeranalysis%2Fv1:InTotoStatementResponse", "description": "In-toto Statement representation as defined in spec. The intoto_statement can contain any type of provenance. The serialized payload of the statement can be stored and signed in the Occurrence's envelope." }, "provenance": { "$ref": "#/types/google-native:containeranalysis%2Fv1:BuildProvenanceResponse", "description": "The actual provenance for the build." }, "provenanceBytes": { "type": "string", "description": "Serialized JSON representation of the provenance, used in generating the build signature in the corresponding build note. After verifying the signature, `provenance_bytes` can be unmarshalled and compared to the provenance to confirm that it is unchanged. A base64-encoded string representation of the provenance bytes is used for the signature in order to interoperate with openssl which expects this format for signature verification. The serialized form is captured both to avoid ambiguity in how the provenance is marshalled to json as well to prevent incompatibilities with future changes." } }, "type": "object", "required": [ "inTotoSlsaProvenanceV1", "intotoProvenance", "intotoStatement", "provenance", "provenanceBytes" ] }, "google-native:containeranalysis/v1:BuildProvenance": { "description": "Provenance of a build. Contains all information needed to verify the full details about the build from source to completion.", "properties": { "buildOptions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Special options applied to this build. This is a catch-all field where build providers can enter any desired additional details." }, "builderVersion": { "type": "string", "description": "Version string of the builder at the time this build was executed." }, "builtArtifacts": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Artifact" }, "description": "Output of the build." }, "commands": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Command" }, "description": "Commands requested by the build." }, "createTime": { "type": "string", "description": "Time at which the build was created." }, "creator": { "type": "string", "description": "E-mail address of the user who initiated this build. Note that this was the user's e-mail address at the time the build was initiated; this address may not represent the same end-user for all time." }, "endTime": { "type": "string", "description": "Time at which execution of the build was finished." }, "id": { "type": "string", "description": "Unique identifier of the build." }, "logsUri": { "type": "string", "description": "URI where any logs for this provenance were written." }, "project": { "type": "string", "description": "ID of the project." }, "sourceProvenance": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Source", "description": "Details of the Source input to the build." }, "startTime": { "type": "string", "description": "Time at which execution of the build was started." }, "triggerId": { "type": "string", "description": "Trigger identifier if the build was triggered automatically; empty if not." } }, "type": "object", "required": [ "id" ] }, "google-native:containeranalysis/v1:BuildProvenanceResponse": { "description": "Provenance of a build. Contains all information needed to verify the full details about the build from source to completion.", "properties": { "buildOptions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Special options applied to this build. This is a catch-all field where build providers can enter any desired additional details." }, "builderVersion": { "type": "string", "description": "Version string of the builder at the time this build was executed." }, "builtArtifacts": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:ArtifactResponse" }, "description": "Output of the build." }, "commands": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CommandResponse" }, "description": "Commands requested by the build." }, "createTime": { "type": "string", "description": "Time at which the build was created." }, "creator": { "type": "string", "description": "E-mail address of the user who initiated this build. Note that this was the user's e-mail address at the time the build was initiated; this address may not represent the same end-user for all time." }, "endTime": { "type": "string", "description": "Time at which execution of the build was finished." }, "logsUri": { "type": "string", "description": "URI where any logs for this provenance were written." }, "project": { "type": "string", "description": "ID of the project." }, "sourceProvenance": { "$ref": "#/types/google-native:containeranalysis%2Fv1:SourceResponse", "description": "Details of the Source input to the build." }, "startTime": { "type": "string", "description": "Time at which execution of the build was started." }, "triggerId": { "type": "string", "description": "Trigger identifier if the build was triggered automatically; empty if not." } }, "type": "object", "required": [ "buildOptions", "builderVersion", "builtArtifacts", "commands", "createTime", "creator", "endTime", "logsUri", "project", "sourceProvenance", "startTime", "triggerId" ] }, "google-native:containeranalysis/v1:BuilderConfig": { "properties": { "id": { "type": "string" } }, "type": "object" }, "google-native:containeranalysis/v1:BuilderConfigResponse": { "type": "object" }, "google-native:containeranalysis/v1:CVSS": { "description": "Common Vulnerability Scoring System. For details, see https://www.first.org/cvss/specification-document This is a message we will try to use for storing various versions of CVSS rather than making a separate proto for storing a specific version.", "properties": { "attackComplexity": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CVSSAttackComplexity" }, "attackVector": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CVSSAttackVector", "description": "Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments." }, "authentication": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CVSSAuthentication" }, "availabilityImpact": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CVSSAvailabilityImpact" }, "baseScore": { "type": "number", "description": "The base score is a function of the base metric scores." }, "confidentialityImpact": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CVSSConfidentialityImpact" }, "exploitabilityScore": { "type": "number" }, "impactScore": { "type": "number" }, "integrityImpact": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CVSSIntegrityImpact" }, "privilegesRequired": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CVSSPrivilegesRequired" }, "scope": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CVSSScope" }, "userInteraction": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CVSSUserInteraction" } }, "type": "object" }, "google-native:containeranalysis/v1:CVSSAttackComplexity": { "type": "string", "enum": [ { "name": "AttackComplexityUnspecified", "value": "ATTACK_COMPLEXITY_UNSPECIFIED" }, { "name": "AttackComplexityLow", "value": "ATTACK_COMPLEXITY_LOW" }, { "name": "AttackComplexityHigh", "value": "ATTACK_COMPLEXITY_HIGH" }, { "name": "AttackComplexityMedium", "value": "ATTACK_COMPLEXITY_MEDIUM" } ] }, "google-native:containeranalysis/v1:CVSSAttackVector": { "description": "Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.", "type": "string", "enum": [ { "name": "AttackVectorUnspecified", "value": "ATTACK_VECTOR_UNSPECIFIED" }, { "name": "AttackVectorNetwork", "value": "ATTACK_VECTOR_NETWORK" }, { "name": "AttackVectorAdjacent", "value": "ATTACK_VECTOR_ADJACENT" }, { "name": "AttackVectorLocal", "value": "ATTACK_VECTOR_LOCAL" }, { "name": "AttackVectorPhysical", "value": "ATTACK_VECTOR_PHYSICAL" } ] }, "google-native:containeranalysis/v1:CVSSAuthentication": { "type": "string", "enum": [ { "name": "AuthenticationUnspecified", "value": "AUTHENTICATION_UNSPECIFIED" }, { "name": "AuthenticationMultiple", "value": "AUTHENTICATION_MULTIPLE" }, { "name": "AuthenticationSingle", "value": "AUTHENTICATION_SINGLE" }, { "name": "AuthenticationNone", "value": "AUTHENTICATION_NONE" } ] }, "google-native:containeranalysis/v1:CVSSAvailabilityImpact": { "type": "string", "enum": [ { "name": "ImpactUnspecified", "value": "IMPACT_UNSPECIFIED" }, { "name": "ImpactHigh", "value": "IMPACT_HIGH" }, { "name": "ImpactLow", "value": "IMPACT_LOW" }, { "name": "ImpactNone", "value": "IMPACT_NONE" }, { "name": "ImpactPartial", "value": "IMPACT_PARTIAL" }, { "name": "ImpactComplete", "value": "IMPACT_COMPLETE" } ] }, "google-native:containeranalysis/v1:CVSSConfidentialityImpact": { "type": "string", "enum": [ { "name": "ImpactUnspecified", "value": "IMPACT_UNSPECIFIED" }, { "name": "ImpactHigh", "value": "IMPACT_HIGH" }, { "name": "ImpactLow", "value": "IMPACT_LOW" }, { "name": "ImpactNone", "value": "IMPACT_NONE" }, { "name": "ImpactPartial", "value": "IMPACT_PARTIAL" }, { "name": "ImpactComplete", "value": "IMPACT_COMPLETE" } ] }, "google-native:containeranalysis/v1:CVSSIntegrityImpact": { "type": "string", "enum": [ { "name": "ImpactUnspecified", "value": "IMPACT_UNSPECIFIED" }, { "name": "ImpactHigh", "value": "IMPACT_HIGH" }, { "name": "ImpactLow", "value": "IMPACT_LOW" }, { "name": "ImpactNone", "value": "IMPACT_NONE" }, { "name": "ImpactPartial", "value": "IMPACT_PARTIAL" }, { "name": "ImpactComplete", "value": "IMPACT_COMPLETE" } ] }, "google-native:containeranalysis/v1:CVSSPrivilegesRequired": { "type": "string", "enum": [ { "name": "PrivilegesRequiredUnspecified", "value": "PRIVILEGES_REQUIRED_UNSPECIFIED" }, { "name": "PrivilegesRequiredNone", "value": "PRIVILEGES_REQUIRED_NONE" }, { "name": "PrivilegesRequiredLow", "value": "PRIVILEGES_REQUIRED_LOW" }, { "name": "PrivilegesRequiredHigh", "value": "PRIVILEGES_REQUIRED_HIGH" } ] }, "google-native:containeranalysis/v1:CVSSResponse": { "description": "Common Vulnerability Scoring System. For details, see https://www.first.org/cvss/specification-document This is a message we will try to use for storing various versions of CVSS rather than making a separate proto for storing a specific version.", "properties": { "attackComplexity": { "type": "string" }, "attackVector": { "type": "string", "description": "Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments." }, "authentication": { "type": "string" }, "availabilityImpact": { "type": "string" }, "baseScore": { "type": "number", "description": "The base score is a function of the base metric scores." }, "confidentialityImpact": { "type": "string" }, "exploitabilityScore": { "type": "number" }, "impactScore": { "type": "number" }, "integrityImpact": { "type": "string" }, "privilegesRequired": { "type": "string" }, "scope": { "type": "string" }, "userInteraction": { "type": "string" } }, "type": "object", "required": [ "attackComplexity", "attackVector", "authentication", "availabilityImpact", "baseScore", "confidentialityImpact", "exploitabilityScore", "impactScore", "integrityImpact", "privilegesRequired", "scope", "userInteraction" ] }, "google-native:containeranalysis/v1:CVSSScope": { "type": "string", "enum": [ { "name": "ScopeUnspecified", "value": "SCOPE_UNSPECIFIED" }, { "name": "ScopeUnchanged", "value": "SCOPE_UNCHANGED" }, { "name": "ScopeChanged", "value": "SCOPE_CHANGED" } ] }, "google-native:containeranalysis/v1:CVSSUserInteraction": { "type": "string", "enum": [ { "name": "UserInteractionUnspecified", "value": "USER_INTERACTION_UNSPECIFIED" }, { "name": "UserInteractionNone", "value": "USER_INTERACTION_NONE" }, { "name": "UserInteractionRequired", "value": "USER_INTERACTION_REQUIRED" } ] }, "google-native:containeranalysis/v1:CVSSv3": { "description": "Common Vulnerability Scoring System version 3. For details, see https://www.first.org/cvss/specification-document", "properties": { "attackComplexity": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CVSSv3AttackComplexity" }, "attackVector": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CVSSv3AttackVector", "description": "Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments." }, "availabilityImpact": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CVSSv3AvailabilityImpact" }, "baseScore": { "type": "number", "description": "The base score is a function of the base metric scores." }, "confidentialityImpact": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CVSSv3ConfidentialityImpact" }, "exploitabilityScore": { "type": "number" }, "impactScore": { "type": "number" }, "integrityImpact": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CVSSv3IntegrityImpact" }, "privilegesRequired": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CVSSv3PrivilegesRequired" }, "scope": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CVSSv3Scope" }, "userInteraction": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CVSSv3UserInteraction" } }, "type": "object" }, "google-native:containeranalysis/v1:CVSSv3AttackComplexity": { "type": "string", "enum": [ { "name": "AttackComplexityUnspecified", "value": "ATTACK_COMPLEXITY_UNSPECIFIED" }, { "name": "AttackComplexityLow", "value": "ATTACK_COMPLEXITY_LOW" }, { "name": "AttackComplexityHigh", "value": "ATTACK_COMPLEXITY_HIGH" } ] }, "google-native:containeranalysis/v1:CVSSv3AttackVector": { "description": "Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.", "type": "string", "enum": [ { "name": "AttackVectorUnspecified", "value": "ATTACK_VECTOR_UNSPECIFIED" }, { "name": "AttackVectorNetwork", "value": "ATTACK_VECTOR_NETWORK" }, { "name": "AttackVectorAdjacent", "value": "ATTACK_VECTOR_ADJACENT" }, { "name": "AttackVectorLocal", "value": "ATTACK_VECTOR_LOCAL" }, { "name": "AttackVectorPhysical", "value": "ATTACK_VECTOR_PHYSICAL" } ] }, "google-native:containeranalysis/v1:CVSSv3AvailabilityImpact": { "type": "string", "enum": [ { "name": "ImpactUnspecified", "value": "IMPACT_UNSPECIFIED" }, { "name": "ImpactHigh", "value": "IMPACT_HIGH" }, { "name": "ImpactLow", "value": "IMPACT_LOW" }, { "name": "ImpactNone", "value": "IMPACT_NONE" } ] }, "google-native:containeranalysis/v1:CVSSv3ConfidentialityImpact": { "type": "string", "enum": [ { "name": "ImpactUnspecified", "value": "IMPACT_UNSPECIFIED" }, { "name": "ImpactHigh", "value": "IMPACT_HIGH" }, { "name": "ImpactLow", "value": "IMPACT_LOW" }, { "name": "ImpactNone", "value": "IMPACT_NONE" } ] }, "google-native:containeranalysis/v1:CVSSv3IntegrityImpact": { "type": "string", "enum": [ { "name": "ImpactUnspecified", "value": "IMPACT_UNSPECIFIED" }, { "name": "ImpactHigh", "value": "IMPACT_HIGH" }, { "name": "ImpactLow", "value": "IMPACT_LOW" }, { "name": "ImpactNone", "value": "IMPACT_NONE" } ] }, "google-native:containeranalysis/v1:CVSSv3PrivilegesRequired": { "type": "string", "enum": [ { "name": "PrivilegesRequiredUnspecified", "value": "PRIVILEGES_REQUIRED_UNSPECIFIED" }, { "name": "PrivilegesRequiredNone", "value": "PRIVILEGES_REQUIRED_NONE" }, { "name": "PrivilegesRequiredLow", "value": "PRIVILEGES_REQUIRED_LOW" }, { "name": "PrivilegesRequiredHigh", "value": "PRIVILEGES_REQUIRED_HIGH" } ] }, "google-native:containeranalysis/v1:CVSSv3Response": { "description": "Common Vulnerability Scoring System version 3. For details, see https://www.first.org/cvss/specification-document", "properties": { "attackComplexity": { "type": "string" }, "attackVector": { "type": "string", "description": "Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments." }, "availabilityImpact": { "type": "string" }, "baseScore": { "type": "number", "description": "The base score is a function of the base metric scores." }, "confidentialityImpact": { "type": "string" }, "exploitabilityScore": { "type": "number" }, "impactScore": { "type": "number" }, "integrityImpact": { "type": "string" }, "privilegesRequired": { "type": "string" }, "scope": { "type": "string" }, "userInteraction": { "type": "string" } }, "type": "object", "required": [ "attackComplexity", "attackVector", "availabilityImpact", "baseScore", "confidentialityImpact", "exploitabilityScore", "impactScore", "integrityImpact", "privilegesRequired", "scope", "userInteraction" ] }, "google-native:containeranalysis/v1:CVSSv3Scope": { "type": "string", "enum": [ { "name": "ScopeUnspecified", "value": "SCOPE_UNSPECIFIED" }, { "name": "ScopeUnchanged", "value": "SCOPE_UNCHANGED" }, { "name": "ScopeChanged", "value": "SCOPE_CHANGED" } ] }, "google-native:containeranalysis/v1:CVSSv3UserInteraction": { "type": "string", "enum": [ { "name": "UserInteractionUnspecified", "value": "USER_INTERACTION_UNSPECIFIED" }, { "name": "UserInteractionNone", "value": "USER_INTERACTION_NONE" }, { "name": "UserInteractionRequired", "value": "USER_INTERACTION_REQUIRED" } ] }, "google-native:containeranalysis/v1:Category": { "description": "The category to which the update belongs.", "properties": { "categoryId": { "type": "string", "description": "The identifier of the category." }, "name": { "type": "string", "description": "The localized name of the category." } }, "type": "object" }, "google-native:containeranalysis/v1:CategoryResponse": { "description": "The category to which the update belongs.", "properties": { "categoryId": { "type": "string", "description": "The identifier of the category." }, "name": { "type": "string", "description": "The localized name of the category." } }, "type": "object", "required": [ "categoryId", "name" ] }, "google-native:containeranalysis/v1:CisBenchmark": { "description": "A compliance check that is a CIS benchmark.", "properties": { "profileLevel": { "type": "integer" }, "severity": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CisBenchmarkSeverity" } }, "type": "object" }, "google-native:containeranalysis/v1:CisBenchmarkResponse": { "description": "A compliance check that is a CIS benchmark.", "properties": { "profileLevel": { "type": "integer" }, "severity": { "type": "string" } }, "type": "object", "required": [ "profileLevel", "severity" ] }, "google-native:containeranalysis/v1:CisBenchmarkSeverity": { "type": "string", "enum": [ { "name": "SeverityUnspecified", "description": "Unknown.", "value": "SEVERITY_UNSPECIFIED" }, { "name": "Minimal", "description": "Minimal severity.", "value": "MINIMAL" }, { "name": "Low", "description": "Low severity.", "value": "LOW" }, { "name": "Medium", "description": "Medium severity.", "value": "MEDIUM" }, { "name": "High", "description": "High severity.", "value": "HIGH" }, { "name": "Critical", "description": "Critical severity.", "value": "CRITICAL" } ] }, "google-native:containeranalysis/v1:CloudRepoSourceContext": { "description": "A CloudRepoSourceContext denotes a particular revision in a Google Cloud Source Repo.", "properties": { "aliasContext": { "$ref": "#/types/google-native:containeranalysis%2Fv1:AliasContext", "description": "An alias, which may be a branch or tag." }, "repoId": { "$ref": "#/types/google-native:containeranalysis%2Fv1:RepoId", "description": "The ID of the repo." }, "revisionId": { "type": "string", "description": "A revision ID." } }, "type": "object" }, "google-native:containeranalysis/v1:CloudRepoSourceContextResponse": { "description": "A CloudRepoSourceContext denotes a particular revision in a Google Cloud Source Repo.", "properties": { "aliasContext": { "$ref": "#/types/google-native:containeranalysis%2Fv1:AliasContextResponse", "description": "An alias, which may be a branch or tag." }, "repoId": { "$ref": "#/types/google-native:containeranalysis%2Fv1:RepoIdResponse", "description": "The ID of the repo." }, "revisionId": { "type": "string", "description": "A revision ID." } }, "type": "object", "required": [ "aliasContext", "repoId", "revisionId" ] }, "google-native:containeranalysis/v1:Command": { "description": "Command describes a step performed as part of the build pipeline.", "properties": { "args": { "type": "array", "items": { "type": "string" }, "description": "Command-line arguments used when executing this command." }, "dir": { "type": "string", "description": "Working directory (relative to project source root) used when running this command." }, "env": { "type": "array", "items": { "type": "string" }, "description": "Environment variables set before running this command." }, "id": { "type": "string", "description": "Optional unique identifier for this command, used in wait_for to reference this command as a dependency." }, "name": { "type": "string", "description": "Name of the command, as presented on the command line, or if the command is packaged as a Docker container, as presented to `docker pull`." }, "waitFor": { "type": "array", "items": { "type": "string" }, "description": "The ID(s) of the command(s) that this command depends on." } }, "type": "object", "required": [ "name" ] }, "google-native:containeranalysis/v1:CommandResponse": { "description": "Command describes a step performed as part of the build pipeline.", "properties": { "args": { "type": "array", "items": { "type": "string" }, "description": "Command-line arguments used when executing this command." }, "dir": { "type": "string", "description": "Working directory (relative to project source root) used when running this command." }, "env": { "type": "array", "items": { "type": "string" }, "description": "Environment variables set before running this command." }, "name": { "type": "string", "description": "Name of the command, as presented on the command line, or if the command is packaged as a Docker container, as presented to `docker pull`." }, "waitFor": { "type": "array", "items": { "type": "string" }, "description": "The ID(s) of the command(s) that this command depends on." } }, "type": "object", "required": [ "args", "dir", "env", "name", "waitFor" ] }, "google-native:containeranalysis/v1:Completeness": { "description": "Indicates that the builder claims certain fields in this message to be complete.", "properties": { "arguments": { "type": "boolean", "description": "If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe." }, "environment": { "type": "boolean", "description": "If true, the builder claims that recipe.environment is claimed to be complete." }, "materials": { "type": "boolean", "description": "If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called \"hermetic\"." } }, "type": "object" }, "google-native:containeranalysis/v1:CompletenessResponse": { "description": "Indicates that the builder claims certain fields in this message to be complete.", "properties": { "arguments": { "type": "boolean", "description": "If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe." }, "environment": { "type": "boolean", "description": "If true, the builder claims that recipe.environment is claimed to be complete." }, "materials": { "type": "boolean", "description": "If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called \"hermetic\"." } }, "type": "object", "required": [ "arguments", "environment", "materials" ] }, "google-native:containeranalysis/v1:ComplianceNote": { "properties": { "cisBenchmark": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CisBenchmark" }, "description": { "type": "string", "description": "A description about this compliance check." }, "rationale": { "type": "string", "description": "A rationale for the existence of this compliance check." }, "remediation": { "type": "string", "description": "A description of remediation steps if the compliance check fails." }, "scanInstructions": { "type": "string", "description": "Serialized scan instructions with a predefined format." }, "title": { "type": "string", "description": "The title that identifies this compliance check." }, "version": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:ComplianceVersion" }, "description": "The OS and config versions the benchmark applies to." } }, "type": "object" }, "google-native:containeranalysis/v1:ComplianceNoteResponse": { "properties": { "cisBenchmark": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CisBenchmarkResponse" }, "description": { "type": "string", "description": "A description about this compliance check." }, "rationale": { "type": "string", "description": "A rationale for the existence of this compliance check." }, "remediation": { "type": "string", "description": "A description of remediation steps if the compliance check fails." }, "scanInstructions": { "type": "string", "description": "Serialized scan instructions with a predefined format." }, "title": { "type": "string", "description": "The title that identifies this compliance check." }, "version": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:ComplianceVersionResponse" }, "description": "The OS and config versions the benchmark applies to." } }, "type": "object", "required": [ "cisBenchmark", "description", "rationale", "remediation", "scanInstructions", "title", "version" ] }, "google-native:containeranalysis/v1:ComplianceOccurrence": { "description": "An indication that the compliance checks in the associated ComplianceNote were not satisfied for particular resources or a specified reason.", "properties": { "nonComplianceReason": { "type": "string" }, "nonCompliantFiles": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:NonCompliantFile" } } }, "type": "object" }, "google-native:containeranalysis/v1:ComplianceOccurrenceResponse": { "description": "An indication that the compliance checks in the associated ComplianceNote were not satisfied for particular resources or a specified reason.", "properties": { "nonComplianceReason": { "type": "string" }, "nonCompliantFiles": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:NonCompliantFileResponse" } } }, "type": "object", "required": [ "nonComplianceReason", "nonCompliantFiles" ] }, "google-native:containeranalysis/v1:ComplianceVersion": { "description": "Describes the CIS benchmark version that is applicable to a given OS and os version.", "properties": { "benchmarkDocument": { "type": "string", "description": "The name of the document that defines this benchmark, e.g. \"CIS Container-Optimized OS\"." }, "cpeUri": { "type": "string", "description": "The CPE URI (https://cpe.mitre.org/specification/) this benchmark is applicable to." }, "version": { "type": "string", "description": "The version of the benchmark. This is set to the version of the OS-specific CIS document the benchmark is defined in." } }, "type": "object" }, "google-native:containeranalysis/v1:ComplianceVersionResponse": { "description": "Describes the CIS benchmark version that is applicable to a given OS and os version.", "properties": { "benchmarkDocument": { "type": "string", "description": "The name of the document that defines this benchmark, e.g. \"CIS Container-Optimized OS\"." }, "cpeUri": { "type": "string", "description": "The CPE URI (https://cpe.mitre.org/specification/) this benchmark is applicable to." }, "version": { "type": "string", "description": "The version of the benchmark. This is set to the version of the OS-specific CIS document the benchmark is defined in." } }, "type": "object", "required": [ "benchmarkDocument", "cpeUri", "version" ] }, "google-native:containeranalysis/v1:DSSEAttestationNote": { "properties": { "hint": { "$ref": "#/types/google-native:containeranalysis%2Fv1:DSSEHint", "description": "DSSEHint hints at the purpose of the attestation authority." } }, "type": "object" }, "google-native:containeranalysis/v1:DSSEAttestationNoteResponse": { "properties": { "hint": { "$ref": "#/types/google-native:containeranalysis%2Fv1:DSSEHintResponse", "description": "DSSEHint hints at the purpose of the attestation authority." } }, "type": "object", "required": [ "hint" ] }, "google-native:containeranalysis/v1:DSSEAttestationOccurrence": { "description": "Deprecated. Prefer to use a regular Occurrence, and populate the Envelope at the top level of the Occurrence.", "properties": { "envelope": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Envelope", "description": "If doing something security critical, make sure to verify the signatures in this metadata." }, "statement": { "$ref": "#/types/google-native:containeranalysis%2Fv1:InTotoStatement" } }, "type": "object" }, "google-native:containeranalysis/v1:DSSEAttestationOccurrenceResponse": { "description": "Deprecated. Prefer to use a regular Occurrence, and populate the Envelope at the top level of the Occurrence.", "properties": { "envelope": { "$ref": "#/types/google-native:containeranalysis%2Fv1:EnvelopeResponse", "description": "If doing something security critical, make sure to verify the signatures in this metadata." }, "statement": { "$ref": "#/types/google-native:containeranalysis%2Fv1:InTotoStatementResponse" } }, "type": "object", "required": [ "envelope", "statement" ] }, "google-native:containeranalysis/v1:DSSEHint": { "description": "This submessage provides human-readable hints about the purpose of the authority. Because the name of a note acts as its resource reference, it is important to disambiguate the canonical name of the Note (which might be a UUID for security purposes) from \"readable\" names more suitable for debug output. Note that these hints should not be used to look up authorities in security sensitive contexts, such as when looking up attestations to verify.", "properties": { "humanReadableName": { "type": "string", "description": "The human readable name of this attestation authority, for example \"cloudbuild-prod\"." } }, "type": "object", "required": [ "humanReadableName" ] }, "google-native:containeranalysis/v1:DSSEHintResponse": { "description": "This submessage provides human-readable hints about the purpose of the authority. Because the name of a note acts as its resource reference, it is important to disambiguate the canonical name of the Note (which might be a UUID for security purposes) from \"readable\" names more suitable for debug output. Note that these hints should not be used to look up authorities in security sensitive contexts, such as when looking up attestations to verify.", "properties": { "humanReadableName": { "type": "string", "description": "The human readable name of this attestation authority, for example \"cloudbuild-prod\"." } }, "type": "object", "required": [ "humanReadableName" ] }, "google-native:containeranalysis/v1:DeploymentNote": { "description": "An artifact that can be deployed in some runtime.", "properties": { "resourceUri": { "type": "array", "items": { "type": "string" }, "description": "Resource URI for the artifact being deployed." } }, "type": "object", "required": [ "resourceUri" ] }, "google-native:containeranalysis/v1:DeploymentNoteResponse": { "description": "An artifact that can be deployed in some runtime.", "properties": { "resourceUri": { "type": "array", "items": { "type": "string" }, "description": "Resource URI for the artifact being deployed." } }, "type": "object", "required": [ "resourceUri" ] }, "google-native:containeranalysis/v1:DeploymentOccurrence": { "description": "The period during which some deployable was active in a runtime.", "properties": { "address": { "type": "string", "description": "Address of the runtime element hosting this deployment." }, "config": { "type": "string", "description": "Configuration used to create this deployment." }, "deployTime": { "type": "string", "description": "Beginning of the lifetime of this deployment." }, "platform": { "$ref": "#/types/google-native:containeranalysis%2Fv1:DeploymentOccurrencePlatform", "description": "Platform hosting this deployment." }, "undeployTime": { "type": "string", "description": "End of the lifetime of this deployment." }, "userEmail": { "type": "string", "description": "Identity of the user that triggered this deployment." } }, "type": "object", "required": [ "deployTime" ] }, "google-native:containeranalysis/v1:DeploymentOccurrencePlatform": { "description": "Platform hosting this deployment.", "type": "string", "enum": [ { "name": "PlatformUnspecified", "description": "Unknown.", "value": "PLATFORM_UNSPECIFIED" }, { "name": "Gke", "description": "Google Container Engine.", "value": "GKE" }, { "name": "Flex", "description": "Google App Engine: Flexible Environment.", "value": "FLEX" }, { "name": "Custom", "description": "Custom user-defined platform.", "value": "CUSTOM" } ] }, "google-native:containeranalysis/v1:DeploymentOccurrenceResponse": { "description": "The period during which some deployable was active in a runtime.", "properties": { "address": { "type": "string", "description": "Address of the runtime element hosting this deployment." }, "config": { "type": "string", "description": "Configuration used to create this deployment." }, "deployTime": { "type": "string", "description": "Beginning of the lifetime of this deployment." }, "platform": { "type": "string", "description": "Platform hosting this deployment." }, "resourceUri": { "type": "array", "items": { "type": "string" }, "description": "Resource URI for the artifact being deployed taken from the deployable field with the same name." }, "undeployTime": { "type": "string", "description": "End of the lifetime of this deployment." }, "userEmail": { "type": "string", "description": "Identity of the user that triggered this deployment." } }, "type": "object", "required": [ "address", "config", "deployTime", "platform", "resourceUri", "undeployTime", "userEmail" ] }, "google-native:containeranalysis/v1:Detail": { "description": "A detail for a distro and package affected by this vulnerability and its associated fix (if one is available).", "properties": { "affectedCpeUri": { "type": "string", "description": "The [CPE URI](https://cpe.mitre.org/specification/) this vulnerability affects." }, "affectedPackage": { "type": "string", "description": "The package this vulnerability affects." }, "affectedVersionEnd": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Version", "description": "The version number at the end of an interval in which this vulnerability exists. A vulnerability can affect a package between version numbers that are disjoint sets of intervals (example: [1.0.0-1.1.0], [2.4.6-2.4.8] and [4.5.6-4.6.8]) each of which will be represented in its own Detail. If a specific affected version is provided by a vulnerability database, affected_version_start and affected_version_end will be the same in that Detail." }, "affectedVersionStart": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Version", "description": "The version number at the start of an interval in which this vulnerability exists. A vulnerability can affect a package between version numbers that are disjoint sets of intervals (example: [1.0.0-1.1.0], [2.4.6-2.4.8] and [4.5.6-4.6.8]) each of which will be represented in its own Detail. If a specific affected version is provided by a vulnerability database, affected_version_start and affected_version_end will be the same in that Detail." }, "description": { "type": "string", "description": "A vendor-specific description of this vulnerability." }, "fixedCpeUri": { "type": "string", "description": "The distro recommended [CPE URI](https://cpe.mitre.org/specification/) to update to that contains a fix for this vulnerability. It is possible for this to be different from the affected_cpe_uri." }, "fixedPackage": { "type": "string", "description": "The distro recommended package to update to that contains a fix for this vulnerability. It is possible for this to be different from the affected_package." }, "fixedVersion": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Version", "description": "The distro recommended version to update to that contains a fix for this vulnerability. Setting this to VersionKind.MAXIMUM means no such version is yet available." }, "isObsolete": { "type": "boolean", "description": "Whether this detail is obsolete. Occurrences are expected not to point to obsolete details." }, "packageType": { "type": "string", "description": "The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.)." }, "severityName": { "type": "string", "description": "The distro assigned severity of this vulnerability." }, "source": { "type": "string", "description": "The source from which the information in this Detail was obtained." }, "sourceUpdateTime": { "type": "string", "description": "The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker." }, "vendor": { "type": "string", "description": "The name of the vendor of the product." } }, "type": "object", "required": [ "affectedCpeUri", "affectedPackage" ] }, "google-native:containeranalysis/v1:DetailResponse": { "description": "A detail for a distro and package affected by this vulnerability and its associated fix (if one is available).", "properties": { "affectedCpeUri": { "type": "string", "description": "The [CPE URI](https://cpe.mitre.org/specification/) this vulnerability affects." }, "affectedPackage": { "type": "string", "description": "The package this vulnerability affects." }, "affectedVersionEnd": { "$ref": "#/types/google-native:containeranalysis%2Fv1:VersionResponse", "description": "The version number at the end of an interval in which this vulnerability exists. A vulnerability can affect a package between version numbers that are disjoint sets of intervals (example: [1.0.0-1.1.0], [2.4.6-2.4.8] and [4.5.6-4.6.8]) each of which will be represented in its own Detail. If a specific affected version is provided by a vulnerability database, affected_version_start and affected_version_end will be the same in that Detail." }, "affectedVersionStart": { "$ref": "#/types/google-native:containeranalysis%2Fv1:VersionResponse", "description": "The version number at the start of an interval in which this vulnerability exists. A vulnerability can affect a package between version numbers that are disjoint sets of intervals (example: [1.0.0-1.1.0], [2.4.6-2.4.8] and [4.5.6-4.6.8]) each of which will be represented in its own Detail. If a specific affected version is provided by a vulnerability database, affected_version_start and affected_version_end will be the same in that Detail." }, "description": { "type": "string", "description": "A vendor-specific description of this vulnerability." }, "fixedCpeUri": { "type": "string", "description": "The distro recommended [CPE URI](https://cpe.mitre.org/specification/) to update to that contains a fix for this vulnerability. It is possible for this to be different from the affected_cpe_uri." }, "fixedPackage": { "type": "string", "description": "The distro recommended package to update to that contains a fix for this vulnerability. It is possible for this to be different from the affected_package." }, "fixedVersion": { "$ref": "#/types/google-native:containeranalysis%2Fv1:VersionResponse", "description": "The distro recommended version to update to that contains a fix for this vulnerability. Setting this to VersionKind.MAXIMUM means no such version is yet available." }, "isObsolete": { "type": "boolean", "description": "Whether this detail is obsolete. Occurrences are expected not to point to obsolete details." }, "packageType": { "type": "string", "description": "The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.)." }, "severityName": { "type": "string", "description": "The distro assigned severity of this vulnerability." }, "source": { "type": "string", "description": "The source from which the information in this Detail was obtained." }, "sourceUpdateTime": { "type": "string", "description": "The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker." }, "vendor": { "type": "string", "description": "The name of the vendor of the product." } }, "type": "object", "required": [ "affectedCpeUri", "affectedPackage", "affectedVersionEnd", "affectedVersionStart", "description", "fixedCpeUri", "fixedPackage", "fixedVersion", "isObsolete", "packageType", "severityName", "source", "sourceUpdateTime", "vendor" ] }, "google-native:containeranalysis/v1:Digest": { "description": "Digest information.", "properties": { "algo": { "type": "string", "description": "`SHA1`, `SHA512` etc." }, "digestBytes": { "type": "string", "description": "Value of the digest." } }, "type": "object" }, "google-native:containeranalysis/v1:DigestResponse": { "description": "Digest information.", "properties": { "algo": { "type": "string", "description": "`SHA1`, `SHA512` etc." }, "digestBytes": { "type": "string", "description": "Value of the digest." } }, "type": "object", "required": [ "algo", "digestBytes" ] }, "google-native:containeranalysis/v1:DiscoveryNote": { "description": "A note that indicates a type of analysis a provider would perform. This note exists in a provider's project. A `Discovery` occurrence is created in a consumer's project at the start of analysis.", "properties": { "analysisKind": { "$ref": "#/types/google-native:containeranalysis%2Fv1:DiscoveryNoteAnalysisKind", "description": "Immutable. The kind of analysis that is handled by this discovery." } }, "type": "object", "required": [ "analysisKind" ] }, "google-native:containeranalysis/v1:DiscoveryNoteAnalysisKind": { "description": "Required. Immutable. The kind of analysis that is handled by this discovery.", "type": "string", "enum": [ { "name": "NoteKindUnspecified", "description": "Default value. This value is unused.", "value": "NOTE_KIND_UNSPECIFIED" }, { "name": "Vulnerability", "description": "The note and occurrence represent a package vulnerability.", "value": "VULNERABILITY" }, { "name": "Build", "description": "The note and occurrence assert build provenance.", "value": "BUILD" }, { "name": "Image", "description": "This represents an image basis relationship.", "value": "IMAGE" }, { "name": "Package", "description": "This represents a package installed via a package manager.", "value": "PACKAGE" }, { "name": "Deployment", "description": "The note and occurrence track deployment events.", "value": "DEPLOYMENT" }, { "name": "Discovery", "description": "The note and occurrence track the initial discovery status of a resource.", "value": "DISCOVERY" }, { "name": "Attestation", "description": "This represents a logical \"role\" that can attest to artifacts.", "value": "ATTESTATION" }, { "name": "Upgrade", "description": "This represents an available package upgrade.", "value": "UPGRADE" }, { "name": "Compliance", "description": "This represents a Compliance Note", "value": "COMPLIANCE" }, { "name": "DsseAttestation", "description": "This represents a DSSE attestation Note", "value": "DSSE_ATTESTATION" }, { "name": "VulnerabilityAssessment", "description": "This represents a Vulnerability Assessment.", "value": "VULNERABILITY_ASSESSMENT" }, { "name": "SbomReference", "description": "This represents an SBOM Reference.", "value": "SBOM_REFERENCE" } ] }, "google-native:containeranalysis/v1:DiscoveryNoteResponse": { "description": "A note that indicates a type of analysis a provider would perform. This note exists in a provider's project. A `Discovery` occurrence is created in a consumer's project at the start of analysis.", "properties": { "analysisKind": { "type": "string", "description": "Immutable. The kind of analysis that is handled by this discovery." } }, "type": "object", "required": [ "analysisKind" ] }, "google-native:containeranalysis/v1:DiscoveryOccurrence": { "description": "Provides information about the analysis status of a discovered resource.", "properties": { "analysisCompleted": { "$ref": "#/types/google-native:containeranalysis%2Fv1:AnalysisCompleted" }, "analysisError": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Status" }, "description": "Indicates any errors encountered during analysis of a resource. There could be 0 or more of these errors." }, "analysisStatus": { "$ref": "#/types/google-native:containeranalysis%2Fv1:DiscoveryOccurrenceAnalysisStatus", "description": "The status of discovery for the resource." }, "analysisStatusError": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Status", "description": "When an error is encountered this will contain a LocalizedMessage under details to show to the user. The LocalizedMessage is output only and populated by the API." }, "continuousAnalysis": { "$ref": "#/types/google-native:containeranalysis%2Fv1:DiscoveryOccurrenceContinuousAnalysis", "description": "Whether the resource is continuously analyzed." }, "cpe": { "type": "string", "description": "The CPE of the resource being scanned." }, "lastScanTime": { "type": "string", "description": "The last time this resource was scanned." }, "sbomStatus": { "$ref": "#/types/google-native:containeranalysis%2Fv1:SBOMStatus", "description": "The status of an SBOM generation." } }, "type": "object" }, "google-native:containeranalysis/v1:DiscoveryOccurrenceAnalysisStatus": { "description": "The status of discovery for the resource.", "type": "string", "enum": [ { "name": "AnalysisStatusUnspecified", "description": "Unknown.", "value": "ANALYSIS_STATUS_UNSPECIFIED" }, { "name": "Pending", "description": "Resource is known but no action has been taken yet.", "value": "PENDING" }, { "name": "Scanning", "description": "Resource is being analyzed.", "value": "SCANNING" }, { "name": "FinishedSuccess", "description": "Analysis has finished successfully.", "value": "FINISHED_SUCCESS" }, { "name": "Complete", "description": "Analysis has completed.", "value": "COMPLETE" }, { "name": "FinishedFailed", "description": "Analysis has finished unsuccessfully, the analysis itself is in a bad state.", "value": "FINISHED_FAILED" }, { "name": "FinishedUnsupported", "description": "The resource is known not to be supported.", "value": "FINISHED_UNSUPPORTED" } ] }, "google-native:containeranalysis/v1:DiscoveryOccurrenceContinuousAnalysis": { "description": "Whether the resource is continuously analyzed.", "type": "string", "enum": [ { "name": "ContinuousAnalysisUnspecified", "description": "Unknown.", "value": "CONTINUOUS_ANALYSIS_UNSPECIFIED" }, { "name": "Active", "description": "The resource is continuously analyzed.", "value": "ACTIVE" }, { "name": "Inactive", "description": "The resource is ignored for continuous analysis.", "value": "INACTIVE" } ] }, "google-native:containeranalysis/v1:DiscoveryOccurrenceResponse": { "description": "Provides information about the analysis status of a discovered resource.", "properties": { "analysisCompleted": { "$ref": "#/types/google-native:containeranalysis%2Fv1:AnalysisCompletedResponse" }, "analysisError": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:StatusResponse" }, "description": "Indicates any errors encountered during analysis of a resource. There could be 0 or more of these errors." }, "analysisStatus": { "type": "string", "description": "The status of discovery for the resource." }, "analysisStatusError": { "$ref": "#/types/google-native:containeranalysis%2Fv1:StatusResponse", "description": "When an error is encountered this will contain a LocalizedMessage under details to show to the user. The LocalizedMessage is output only and populated by the API." }, "archiveTime": { "type": "string", "description": "The time occurrences related to this discovery occurrence were archived." }, "continuousAnalysis": { "type": "string", "description": "Whether the resource is continuously analyzed." }, "cpe": { "type": "string", "description": "The CPE of the resource being scanned." }, "lastScanTime": { "type": "string", "description": "The last time this resource was scanned." }, "sbomStatus": { "$ref": "#/types/google-native:containeranalysis%2Fv1:SBOMStatusResponse", "description": "The status of an SBOM generation." } }, "type": "object", "required": [ "analysisCompleted", "analysisError", "analysisStatus", "analysisStatusError", "archiveTime", "continuousAnalysis", "cpe", "lastScanTime", "sbomStatus" ] }, "google-native:containeranalysis/v1:Distribution": { "description": "This represents a particular channel of distribution for a given package. E.g., Debian's jessie-backports dpkg mirror.", "properties": { "architecture": { "$ref": "#/types/google-native:containeranalysis%2Fv1:DistributionArchitecture", "description": "The CPU architecture for which packages in this distribution channel were built." }, "cpeUri": { "type": "string", "description": "The cpe_uri in [CPE format](https://cpe.mitre.org/specification/) denoting the package manager version distributing a package." }, "description": { "type": "string", "description": "The distribution channel-specific description of this package." }, "latestVersion": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Version", "description": "The latest available version of this package in this distribution channel." }, "maintainer": { "type": "string", "description": "A freeform string denoting the maintainer of this package." }, "url": { "type": "string", "description": "The distribution channel-specific homepage for this package." } }, "type": "object", "required": [ "cpeUri" ] }, "google-native:containeranalysis/v1:DistributionArchitecture": { "description": "The CPU architecture for which packages in this distribution channel were built.", "type": "string", "enum": [ { "name": "ArchitectureUnspecified", "description": "Unknown architecture.", "value": "ARCHITECTURE_UNSPECIFIED" }, { "name": "X86", "description": "X86 architecture.", "value": "X86" }, { "name": "X64", "description": "X64 architecture.", "value": "X64" } ] }, "google-native:containeranalysis/v1:DistributionResponse": { "description": "This represents a particular channel of distribution for a given package. E.g., Debian's jessie-backports dpkg mirror.", "properties": { "architecture": { "type": "string", "description": "The CPU architecture for which packages in this distribution channel were built." }, "cpeUri": { "type": "string", "description": "The cpe_uri in [CPE format](https://cpe.mitre.org/specification/) denoting the package manager version distributing a package." }, "description": { "type": "string", "description": "The distribution channel-specific description of this package." }, "latestVersion": { "$ref": "#/types/google-native:containeranalysis%2Fv1:VersionResponse", "description": "The latest available version of this package in this distribution channel." }, "maintainer": { "type": "string", "description": "A freeform string denoting the maintainer of this package." }, "url": { "type": "string", "description": "The distribution channel-specific homepage for this package." } }, "type": "object", "required": [ "architecture", "cpeUri", "description", "latestVersion", "maintainer", "url" ] }, "google-native:containeranalysis/v1:Envelope": { "description": "MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type.", "properties": { "payload": { "type": "string" }, "payloadType": { "type": "string" }, "signatures": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:EnvelopeSignature" } } }, "type": "object" }, "google-native:containeranalysis/v1:EnvelopeResponse": { "description": "MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type.", "properties": { "payload": { "type": "string" }, "payloadType": { "type": "string" }, "signatures": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:EnvelopeSignatureResponse" } } }, "type": "object", "required": [ "payload", "payloadType", "signatures" ] }, "google-native:containeranalysis/v1:EnvelopeSignature": { "properties": { "keyid": { "type": "string" }, "sig": { "type": "string" } }, "type": "object" }, "google-native:containeranalysis/v1:EnvelopeSignatureResponse": { "properties": { "keyid": { "type": "string" }, "sig": { "type": "string" } }, "type": "object", "required": [ "keyid", "sig" ] }, "google-native:containeranalysis/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:containeranalysis/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:containeranalysis/v1:Fingerprint": { "description": "A set of properties that uniquely identify a given Docker image.", "properties": { "v1Name": { "type": "string", "description": "The layer ID of the final layer in the Docker image's v1 representation." }, "v2Blob": { "type": "array", "items": { "type": "string" }, "description": "The ordered list of v2 blobs that represent a given image." } }, "type": "object", "required": [ "v1Name", "v2Blob" ] }, "google-native:containeranalysis/v1:FingerprintResponse": { "description": "A set of properties that uniquely identify a given Docker image.", "properties": { "v1Name": { "type": "string", "description": "The layer ID of the final layer in the Docker image's v1 representation." }, "v2Blob": { "type": "array", "items": { "type": "string" }, "description": "The ordered list of v2 blobs that represent a given image." }, "v2Name": { "type": "string", "description": "The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + \" \" + v2_name[N+1]) Only the name of the final blob is kept." } }, "type": "object", "required": [ "v1Name", "v2Blob", "v2Name" ] }, "google-native:containeranalysis/v1:GerritSourceContext": { "description": "A SourceContext referring to a Gerrit project.", "properties": { "aliasContext": { "$ref": "#/types/google-native:containeranalysis%2Fv1:AliasContext", "description": "An alias, which may be a branch or tag." }, "gerritProject": { "type": "string", "description": "The full project name within the host. Projects may be nested, so \"project/subproject\" is a valid project name. The \"repo name\" is the hostURI/project." }, "hostUri": { "type": "string", "description": "The URI of a running Gerrit instance." }, "revisionId": { "type": "string", "description": "A revision (commit) ID." } }, "type": "object" }, "google-native:containeranalysis/v1:GerritSourceContextResponse": { "description": "A SourceContext referring to a Gerrit project.", "properties": { "aliasContext": { "$ref": "#/types/google-native:containeranalysis%2Fv1:AliasContextResponse", "description": "An alias, which may be a branch or tag." }, "gerritProject": { "type": "string", "description": "The full project name within the host. Projects may be nested, so \"project/subproject\" is a valid project name. The \"repo name\" is the hostURI/project." }, "hostUri": { "type": "string", "description": "The URI of a running Gerrit instance." }, "revisionId": { "type": "string", "description": "A revision (commit) ID." } }, "type": "object", "required": [ "aliasContext", "gerritProject", "hostUri", "revisionId" ] }, "google-native:containeranalysis/v1:GitSourceContext": { "description": "A GitSourceContext denotes a particular revision in a third party Git repository (e.g., GitHub).", "properties": { "revisionId": { "type": "string", "description": "Git commit hash." }, "url": { "type": "string", "description": "Git repository URL." } }, "type": "object" }, "google-native:containeranalysis/v1:GitSourceContextResponse": { "description": "A GitSourceContext denotes a particular revision in a third party Git repository (e.g., GitHub).", "properties": { "revisionId": { "type": "string", "description": "Git commit hash." }, "url": { "type": "string", "description": "Git repository URL." } }, "type": "object", "required": [ "revisionId", "url" ] }, "google-native:containeranalysis/v1:GrafeasV1FileLocation": { "description": "Indicates the location at which a package was found.", "properties": { "filePath": { "type": "string", "description": "For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file." } }, "type": "object" }, "google-native:containeranalysis/v1:GrafeasV1FileLocationResponse": { "description": "Indicates the location at which a package was found.", "properties": { "filePath": { "type": "string", "description": "For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file." } }, "type": "object", "required": [ "filePath" ] }, "google-native:containeranalysis/v1:GrafeasV1SlsaProvenanceZeroTwoSlsaBuilder": { "description": "Identifies the entity that executed the recipe, which is trusted to have correctly performed the operation and populated this provenance.", "properties": { "id": { "type": "string" } }, "type": "object" }, "google-native:containeranalysis/v1:GrafeasV1SlsaProvenanceZeroTwoSlsaBuilderResponse": { "description": "Identifies the entity that executed the recipe, which is trusted to have correctly performed the operation and populated this provenance.", "type": "object" }, "google-native:containeranalysis/v1:GrafeasV1SlsaProvenanceZeroTwoSlsaCompleteness": { "description": "Indicates that the builder claims certain fields in this message to be complete.", "properties": { "environment": { "type": "boolean" }, "materials": { "type": "boolean" }, "parameters": { "type": "boolean" } }, "type": "object" }, "google-native:containeranalysis/v1:GrafeasV1SlsaProvenanceZeroTwoSlsaCompletenessResponse": { "description": "Indicates that the builder claims certain fields in this message to be complete.", "properties": { "environment": { "type": "boolean" }, "materials": { "type": "boolean" }, "parameters": { "type": "boolean" } }, "type": "object", "required": [ "environment", "materials", "parameters" ] }, "google-native:containeranalysis/v1:GrafeasV1SlsaProvenanceZeroTwoSlsaConfigSource": { "description": "Describes where the config file that kicked off the build came from. This is effectively a pointer to the source where buildConfig came from.", "properties": { "digest": { "type": "object", "additionalProperties": { "type": "string" } }, "entryPoint": { "type": "string" }, "uri": { "type": "string" } }, "type": "object" }, "google-native:containeranalysis/v1:GrafeasV1SlsaProvenanceZeroTwoSlsaConfigSourceResponse": { "description": "Describes where the config file that kicked off the build came from. This is effectively a pointer to the source where buildConfig came from.", "properties": { "digest": { "type": "object", "additionalProperties": { "type": "string" } }, "entryPoint": { "type": "string" }, "uri": { "type": "string" } }, "type": "object", "required": [ "digest", "entryPoint", "uri" ] }, "google-native:containeranalysis/v1:GrafeasV1SlsaProvenanceZeroTwoSlsaInvocation": { "description": "Identifies the event that kicked off the build.", "properties": { "configSource": { "$ref": "#/types/google-native:containeranalysis%2Fv1:GrafeasV1SlsaProvenanceZeroTwoSlsaConfigSource" }, "environment": { "type": "object", "additionalProperties": { "type": "string" } }, "parameters": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" }, "google-native:containeranalysis/v1:GrafeasV1SlsaProvenanceZeroTwoSlsaInvocationResponse": { "description": "Identifies the event that kicked off the build.", "properties": { "configSource": { "$ref": "#/types/google-native:containeranalysis%2Fv1:GrafeasV1SlsaProvenanceZeroTwoSlsaConfigSourceResponse" }, "environment": { "type": "object", "additionalProperties": { "type": "string" } }, "parameters": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "configSource", "environment", "parameters" ] }, "google-native:containeranalysis/v1:GrafeasV1SlsaProvenanceZeroTwoSlsaMaterial": { "description": "The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on.", "properties": { "digest": { "type": "object", "additionalProperties": { "type": "string" } }, "uri": { "type": "string" } }, "type": "object" }, "google-native:containeranalysis/v1:GrafeasV1SlsaProvenanceZeroTwoSlsaMaterialResponse": { "description": "The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on.", "properties": { "digest": { "type": "object", "additionalProperties": { "type": "string" } }, "uri": { "type": "string" } }, "type": "object", "required": [ "digest", "uri" ] }, "google-native:containeranalysis/v1:GrafeasV1SlsaProvenanceZeroTwoSlsaMetadata": { "description": "Other properties of the build.", "properties": { "buildFinishedOn": { "type": "string" }, "buildInvocationId": { "type": "string" }, "buildStartedOn": { "type": "string" }, "completeness": { "$ref": "#/types/google-native:containeranalysis%2Fv1:GrafeasV1SlsaProvenanceZeroTwoSlsaCompleteness" }, "reproducible": { "type": "boolean" } }, "type": "object" }, "google-native:containeranalysis/v1:GrafeasV1SlsaProvenanceZeroTwoSlsaMetadataResponse": { "description": "Other properties of the build.", "properties": { "buildFinishedOn": { "type": "string" }, "buildInvocationId": { "type": "string" }, "buildStartedOn": { "type": "string" }, "completeness": { "$ref": "#/types/google-native:containeranalysis%2Fv1:GrafeasV1SlsaProvenanceZeroTwoSlsaCompletenessResponse" }, "reproducible": { "type": "boolean" } }, "type": "object", "required": [ "buildFinishedOn", "buildInvocationId", "buildStartedOn", "completeness", "reproducible" ] }, "google-native:containeranalysis/v1:Hint": { "description": "This submessage provides human-readable hints about the purpose of the authority. Because the name of a note acts as its resource reference, it is important to disambiguate the canonical name of the Note (which might be a UUID for security purposes) from \"readable\" names more suitable for debug output. Note that these hints should not be used to look up authorities in security sensitive contexts, such as when looking up attestations to verify.", "properties": { "humanReadableName": { "type": "string", "description": "The human readable name of this attestation authority, for example \"qa\"." } }, "type": "object", "required": [ "humanReadableName" ] }, "google-native:containeranalysis/v1:HintResponse": { "description": "This submessage provides human-readable hints about the purpose of the authority. Because the name of a note acts as its resource reference, it is important to disambiguate the canonical name of the Note (which might be a UUID for security purposes) from \"readable\" names more suitable for debug output. Note that these hints should not be used to look up authorities in security sensitive contexts, such as when looking up attestations to verify.", "properties": { "humanReadableName": { "type": "string", "description": "The human readable name of this attestation authority, for example \"qa\"." } }, "type": "object", "required": [ "humanReadableName" ] }, "google-native:containeranalysis/v1:Identity": { "description": "The unique identifier of the update.", "properties": { "revision": { "type": "integer", "description": "The revision number of the update." }, "updateId": { "type": "string", "description": "The revision independent identifier of the update." } }, "type": "object" }, "google-native:containeranalysis/v1:IdentityResponse": { "description": "The unique identifier of the update.", "properties": { "revision": { "type": "integer", "description": "The revision number of the update." }, "updateId": { "type": "string", "description": "The revision independent identifier of the update." } }, "type": "object", "required": [ "revision", "updateId" ] }, "google-native:containeranalysis/v1:ImageNote": { "description": "Basis describes the base image portion (Note) of the DockerImage relationship. Linked occurrences are derived from this or an equivalent image via: FROM Or an equivalent reference, e.g., a tag of the resource_url.", "properties": { "fingerprint": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Fingerprint", "description": "Immutable. The fingerprint of the base image." }, "resourceUrl": { "type": "string", "description": "Immutable. The resource_url for the resource representing the basis of associated occurrence images." } }, "type": "object", "required": [ "fingerprint", "resourceUrl" ] }, "google-native:containeranalysis/v1:ImageNoteResponse": { "description": "Basis describes the base image portion (Note) of the DockerImage relationship. Linked occurrences are derived from this or an equivalent image via: FROM Or an equivalent reference, e.g., a tag of the resource_url.", "properties": { "fingerprint": { "$ref": "#/types/google-native:containeranalysis%2Fv1:FingerprintResponse", "description": "Immutable. The fingerprint of the base image." }, "resourceUrl": { "type": "string", "description": "Immutable. The resource_url for the resource representing the basis of associated occurrence images." } }, "type": "object", "required": [ "fingerprint", "resourceUrl" ] }, "google-native:containeranalysis/v1:ImageOccurrence": { "description": "Details of the derived image portion of the DockerImage relationship. This image would be produced from a Dockerfile with FROM .", "properties": { "fingerprint": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Fingerprint", "description": "The fingerprint of the derived image." }, "layerInfo": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Layer" }, "description": "This contains layer-specific metadata, if populated it has length \"distance\" and is ordered with [distance] being the layer immediately following the base image and [1] being the final layer." } }, "type": "object", "required": [ "fingerprint" ] }, "google-native:containeranalysis/v1:ImageOccurrenceResponse": { "description": "Details of the derived image portion of the DockerImage relationship. This image would be produced from a Dockerfile with FROM .", "properties": { "baseResourceUrl": { "type": "string", "description": "This contains the base image URL for the derived image occurrence." }, "distance": { "type": "integer", "description": "The number of layers by which this image differs from the associated image basis." }, "fingerprint": { "$ref": "#/types/google-native:containeranalysis%2Fv1:FingerprintResponse", "description": "The fingerprint of the derived image." }, "layerInfo": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:LayerResponse" }, "description": "This contains layer-specific metadata, if populated it has length \"distance\" and is ordered with [distance] being the layer immediately following the base image and [1] being the final layer." } }, "type": "object", "required": [ "baseResourceUrl", "distance", "fingerprint", "layerInfo" ] }, "google-native:containeranalysis/v1:InTotoProvenance": { "properties": { "builderConfig": { "$ref": "#/types/google-native:containeranalysis%2Fv1:BuilderConfig", "description": "required" }, "materials": { "type": "array", "items": { "type": "string" }, "description": "The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty." }, "metadata": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Metadata" }, "recipe": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Recipe", "description": "Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required" } }, "type": "object" }, "google-native:containeranalysis/v1:InTotoProvenanceResponse": { "properties": { "builderConfig": { "$ref": "#/types/google-native:containeranalysis%2Fv1:BuilderConfigResponse", "description": "required" }, "materials": { "type": "array", "items": { "type": "string" }, "description": "The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty." }, "metadata": { "$ref": "#/types/google-native:containeranalysis%2Fv1:MetadataResponse" }, "recipe": { "$ref": "#/types/google-native:containeranalysis%2Fv1:RecipeResponse", "description": "Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required" } }, "type": "object", "required": [ "builderConfig", "materials", "metadata", "recipe" ] }, "google-native:containeranalysis/v1:InTotoSlsaProvenanceV1": { "properties": { "predicate": { "$ref": "#/types/google-native:containeranalysis%2Fv1:SlsaProvenanceV1" }, "predicateType": { "type": "string" }, "subject": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Subject" } }, "type": { "type": "string", "description": "InToto spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement" } }, "type": "object" }, "google-native:containeranalysis/v1:InTotoSlsaProvenanceV1Response": { "properties": { "predicate": { "$ref": "#/types/google-native:containeranalysis%2Fv1:SlsaProvenanceV1Response" }, "predicateType": { "type": "string" }, "subject": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:SubjectResponse" } }, "type": { "type": "string", "description": "InToto spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement" } }, "type": "object", "required": [ "predicate", "predicateType", "subject", "type" ] }, "google-native:containeranalysis/v1:InTotoStatement": { "description": "Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always \"application/vnd.in-toto+json\".", "properties": { "predicateType": { "type": "string", "description": "`https://slsa.dev/provenance/v0.1` for SlsaProvenance." }, "provenance": { "$ref": "#/types/google-native:containeranalysis%2Fv1:InTotoProvenance" }, "slsaProvenance": { "$ref": "#/types/google-native:containeranalysis%2Fv1:SlsaProvenance" }, "slsaProvenanceZeroTwo": { "$ref": "#/types/google-native:containeranalysis%2Fv1:SlsaProvenanceZeroTwo" }, "subject": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Subject" } }, "type": { "type": "string", "description": "Always `https://in-toto.io/Statement/v0.1`." } }, "type": "object" }, "google-native:containeranalysis/v1:InTotoStatementResponse": { "description": "Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always \"application/vnd.in-toto+json\".", "properties": { "predicateType": { "type": "string", "description": "`https://slsa.dev/provenance/v0.1` for SlsaProvenance." }, "provenance": { "$ref": "#/types/google-native:containeranalysis%2Fv1:InTotoProvenanceResponse" }, "slsaProvenance": { "$ref": "#/types/google-native:containeranalysis%2Fv1:SlsaProvenanceResponse" }, "slsaProvenanceZeroTwo": { "$ref": "#/types/google-native:containeranalysis%2Fv1:SlsaProvenanceZeroTwoResponse" }, "subject": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:SubjectResponse" } }, "type": { "type": "string", "description": "Always `https://in-toto.io/Statement/v0.1`." } }, "type": "object", "required": [ "predicateType", "provenance", "slsaProvenance", "slsaProvenanceZeroTwo", "subject", "type" ] }, "google-native:containeranalysis/v1:Justification": { "description": "Justification provides the justification when the state of the assessment if NOT_AFFECTED.", "properties": { "details": { "type": "string", "description": "Additional details on why this justification was chosen." }, "justificationType": { "$ref": "#/types/google-native:containeranalysis%2Fv1:JustificationJustificationType", "description": "The justification type for this vulnerability." } }, "type": "object" }, "google-native:containeranalysis/v1:JustificationJustificationType": { "description": "The justification type for this vulnerability.", "type": "string", "enum": [ { "name": "JustificationTypeUnspecified", "description": "JUSTIFICATION_TYPE_UNSPECIFIED.", "value": "JUSTIFICATION_TYPE_UNSPECIFIED" }, { "name": "ComponentNotPresent", "description": "The vulnerable component is not present in the product.", "value": "COMPONENT_NOT_PRESENT" }, { "name": "VulnerableCodeNotPresent", "description": "The vulnerable code is not present. Typically this case occurs when source code is configured or built in a way that excludes the vulnerable code.", "value": "VULNERABLE_CODE_NOT_PRESENT" }, { "name": "VulnerableCodeNotInExecutePath", "description": "The vulnerable code can not be executed. Typically this case occurs when the product includes the vulnerable code but does not call or use the vulnerable code.", "value": "VULNERABLE_CODE_NOT_IN_EXECUTE_PATH" }, { "name": "VulnerableCodeCannotBeControlledByAdversary", "description": "The vulnerable code cannot be controlled by an attacker to exploit the vulnerability.", "value": "VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARY" }, { "name": "InlineMitigationsAlreadyExist", "description": "The product includes built-in protections or features that prevent exploitation of the vulnerability. These built-in protections cannot be subverted by the attacker and cannot be configured or disabled by the user. These mitigations completely prevent exploitation based on known attack vectors.", "value": "INLINE_MITIGATIONS_ALREADY_EXIST" } ] }, "google-native:containeranalysis/v1:JustificationResponse": { "description": "Justification provides the justification when the state of the assessment if NOT_AFFECTED.", "properties": { "details": { "type": "string", "description": "Additional details on why this justification was chosen." }, "justificationType": { "type": "string", "description": "The justification type for this vulnerability." } }, "type": "object", "required": [ "details", "justificationType" ] }, "google-native:containeranalysis/v1:Jwt": { "properties": { "compactJwt": { "type": "string", "description": "The compact encoding of a JWS, which is always three base64 encoded strings joined by periods. For details, see: https://tools.ietf.org/html/rfc7515.html#section-3.1" } }, "type": "object" }, "google-native:containeranalysis/v1:JwtResponse": { "properties": { "compactJwt": { "type": "string", "description": "The compact encoding of a JWS, which is always three base64 encoded strings joined by periods. For details, see: https://tools.ietf.org/html/rfc7515.html#section-3.1" } }, "type": "object", "required": [ "compactJwt" ] }, "google-native:containeranalysis/v1:KnowledgeBase": { "properties": { "name": { "type": "string", "description": "The KB name (generally of the form KB[0-9]+ (e.g., KB123456))." }, "url": { "type": "string", "description": "A link to the KB in the [Windows update catalog] (https://www.catalog.update.microsoft.com/)." } }, "type": "object" }, "google-native:containeranalysis/v1:KnowledgeBaseResponse": { "properties": { "name": { "type": "string", "description": "The KB name (generally of the form KB[0-9]+ (e.g., KB123456))." }, "url": { "type": "string", "description": "A link to the KB in the [Windows update catalog] (https://www.catalog.update.microsoft.com/)." } }, "type": "object", "required": [ "name", "url" ] }, "google-native:containeranalysis/v1:Layer": { "description": "Layer holds metadata specific to a layer of a Docker image.", "properties": { "arguments": { "type": "string", "description": "The recovered arguments to the Dockerfile directive." }, "directive": { "type": "string", "description": "The recovered Dockerfile directive used to construct this layer. See https://docs.docker.com/engine/reference/builder/ for more information." } }, "type": "object", "required": [ "directive" ] }, "google-native:containeranalysis/v1:LayerResponse": { "description": "Layer holds metadata specific to a layer of a Docker image.", "properties": { "arguments": { "type": "string", "description": "The recovered arguments to the Dockerfile directive." }, "directive": { "type": "string", "description": "The recovered Dockerfile directive used to construct this layer. See https://docs.docker.com/engine/reference/builder/ for more information." } }, "type": "object", "required": [ "arguments", "directive" ] }, "google-native:containeranalysis/v1:License": { "description": "License information.", "properties": { "comments": { "type": "string", "description": "Comments" }, "expression": { "type": "string", "description": "Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: \"LGPL-2.1-only OR MIT\", \"LGPL-2.1-only AND MIT\", \"GPL-2.0-or-later WITH Bison-exception-2.2\"." } }, "type": "object" }, "google-native:containeranalysis/v1:LicenseResponse": { "description": "License information.", "properties": { "comments": { "type": "string", "description": "Comments" }, "expression": { "type": "string", "description": "Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: \"LGPL-2.1-only OR MIT\", \"LGPL-2.1-only AND MIT\", \"GPL-2.0-or-later WITH Bison-exception-2.2\"." } }, "type": "object", "required": [ "comments", "expression" ] }, "google-native:containeranalysis/v1:Location": { "description": "An occurrence of a particular package installation found within a system's filesystem. E.g., glibc was found in `/var/lib/dpkg/status`.", "properties": { "cpeUri": { "type": "string", "description": "Deprecated. The CPE URI in [CPE format](https://cpe.mitre.org/specification/)", "deprecationMessage": "Deprecated. The CPE URI in [CPE format](https://cpe.mitre.org/specification/)" }, "path": { "type": "string", "description": "The path from which we gathered that this package/version is installed." }, "version": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Version", "description": "Deprecated. The version installed at this location.", "deprecationMessage": "Deprecated. The version installed at this location." } }, "type": "object" }, "google-native:containeranalysis/v1:LocationResponse": { "description": "An occurrence of a particular package installation found within a system's filesystem. E.g., glibc was found in `/var/lib/dpkg/status`.", "properties": { "cpeUri": { "type": "string", "description": "Deprecated. The CPE URI in [CPE format](https://cpe.mitre.org/specification/)", "deprecationMessage": "Deprecated. The CPE URI in [CPE format](https://cpe.mitre.org/specification/)" }, "path": { "type": "string", "description": "The path from which we gathered that this package/version is installed." }, "version": { "$ref": "#/types/google-native:containeranalysis%2Fv1:VersionResponse", "description": "Deprecated. The version installed at this location.", "deprecationMessage": "Deprecated. The version installed at this location." } }, "type": "object", "required": [ "cpeUri", "path", "version" ] }, "google-native:containeranalysis/v1:Material": { "properties": { "digest": { "type": "object", "additionalProperties": { "type": "string" } }, "uri": { "type": "string" } }, "type": "object" }, "google-native:containeranalysis/v1:MaterialResponse": { "properties": { "digest": { "type": "object", "additionalProperties": { "type": "string" } }, "uri": { "type": "string" } }, "type": "object", "required": [ "digest", "uri" ] }, "google-native:containeranalysis/v1:Metadata": { "description": "Other properties of the build.", "properties": { "buildFinishedOn": { "type": "string", "description": "The timestamp of when the build completed." }, "buildInvocationId": { "type": "string", "description": "Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec." }, "buildStartedOn": { "type": "string", "description": "The timestamp of when the build started." }, "completeness": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Completeness", "description": "Indicates that the builder claims certain fields in this message to be complete." }, "reproducible": { "type": "boolean", "description": "If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output." } }, "type": "object" }, "google-native:containeranalysis/v1:MetadataResponse": { "description": "Other properties of the build.", "properties": { "buildFinishedOn": { "type": "string", "description": "The timestamp of when the build completed." }, "buildInvocationId": { "type": "string", "description": "Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec." }, "buildStartedOn": { "type": "string", "description": "The timestamp of when the build started." }, "completeness": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CompletenessResponse", "description": "Indicates that the builder claims certain fields in this message to be complete." }, "reproducible": { "type": "boolean", "description": "If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output." } }, "type": "object", "required": [ "buildFinishedOn", "buildInvocationId", "buildStartedOn", "completeness", "reproducible" ] }, "google-native:containeranalysis/v1:NonCompliantFile": { "description": "Details about files that caused a compliance check to fail. display_command is a single command that can be used to display a list of non compliant files. When there is no such command, we can also iterate a list of non compliant file using 'path'.", "properties": { "displayCommand": { "type": "string", "description": "Command to display the non-compliant files." }, "path": { "type": "string", "description": "Empty if `display_command` is set." }, "reason": { "type": "string", "description": "Explains why a file is non compliant for a CIS check." } }, "type": "object" }, "google-native:containeranalysis/v1:NonCompliantFileResponse": { "description": "Details about files that caused a compliance check to fail. display_command is a single command that can be used to display a list of non compliant files. When there is no such command, we can also iterate a list of non compliant file using 'path'.", "properties": { "displayCommand": { "type": "string", "description": "Command to display the non-compliant files." }, "path": { "type": "string", "description": "Empty if `display_command` is set." }, "reason": { "type": "string", "description": "Explains why a file is non compliant for a CIS check." } }, "type": "object", "required": [ "displayCommand", "path", "reason" ] }, "google-native:containeranalysis/v1:PackageIssue": { "description": "A detail for a distro and package this vulnerability occurrence was found in and its associated fix (if one is available).", "properties": { "affectedCpeUri": { "type": "string", "description": "The [CPE URI](https://cpe.mitre.org/specification/) this vulnerability was found in." }, "affectedPackage": { "type": "string", "description": "The package this vulnerability was found in." }, "affectedVersion": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Version", "description": "The version of the package that is installed on the resource affected by this vulnerability." }, "fileLocation": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:GrafeasV1FileLocation" }, "description": "The location at which this package was found." }, "fixedCpeUri": { "type": "string", "description": "The [CPE URI](https://cpe.mitre.org/specification/) this vulnerability was fixed in. It is possible for this to be different from the affected_cpe_uri." }, "fixedPackage": { "type": "string", "description": "The package this vulnerability was fixed in. It is possible for this to be different from the affected_package." }, "fixedVersion": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Version", "description": "The version of the package this vulnerability was fixed in. Setting this to VersionKind.MAXIMUM means no fix is yet available." }, "packageType": { "type": "string", "description": "The type of package (e.g. OS, MAVEN, GO)." } }, "type": "object", "required": [ "affectedCpeUri", "affectedPackage", "affectedVersion", "fixedVersion" ] }, "google-native:containeranalysis/v1:PackageIssueResponse": { "description": "A detail for a distro and package this vulnerability occurrence was found in and its associated fix (if one is available).", "properties": { "affectedCpeUri": { "type": "string", "description": "The [CPE URI](https://cpe.mitre.org/specification/) this vulnerability was found in." }, "affectedPackage": { "type": "string", "description": "The package this vulnerability was found in." }, "affectedVersion": { "$ref": "#/types/google-native:containeranalysis%2Fv1:VersionResponse", "description": "The version of the package that is installed on the resource affected by this vulnerability." }, "effectiveSeverity": { "type": "string", "description": "The distro or language system assigned severity for this vulnerability when that is available and note provider assigned severity when it is not available." }, "fileLocation": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:GrafeasV1FileLocationResponse" }, "description": "The location at which this package was found." }, "fixAvailable": { "type": "boolean", "description": "Whether a fix is available for this package." }, "fixedCpeUri": { "type": "string", "description": "The [CPE URI](https://cpe.mitre.org/specification/) this vulnerability was fixed in. It is possible for this to be different from the affected_cpe_uri." }, "fixedPackage": { "type": "string", "description": "The package this vulnerability was fixed in. It is possible for this to be different from the affected_package." }, "fixedVersion": { "$ref": "#/types/google-native:containeranalysis%2Fv1:VersionResponse", "description": "The version of the package this vulnerability was fixed in. Setting this to VersionKind.MAXIMUM means no fix is yet available." }, "packageType": { "type": "string", "description": "The type of package (e.g. OS, MAVEN, GO)." } }, "type": "object", "required": [ "affectedCpeUri", "affectedPackage", "affectedVersion", "effectiveSeverity", "fileLocation", "fixAvailable", "fixedCpeUri", "fixedPackage", "fixedVersion", "packageType" ] }, "google-native:containeranalysis/v1:PackageNote": { "description": "PackageNote represents a particular package version.", "properties": { "architecture": { "$ref": "#/types/google-native:containeranalysis%2Fv1:PackageNoteArchitecture", "description": "The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages." }, "cpeUri": { "type": "string", "description": "The cpe_uri in [CPE format](https://cpe.mitre.org/specification/) denoting the package manager version distributing a package. The cpe_uri will be blank for language packages." }, "description": { "type": "string", "description": "The description of this package." }, "digest": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Digest" }, "description": "Hash value, typically a file digest, that allows unique identification a specific package." }, "distribution": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Distribution" }, "description": "Deprecated. The various channels by which a package is distributed.", "deprecationMessage": "Deprecated. The various channels by which a package is distributed." }, "license": { "$ref": "#/types/google-native:containeranalysis%2Fv1:License", "description": "Licenses that have been declared by the authors of the package." }, "maintainer": { "type": "string", "description": "A freeform text denoting the maintainer of this package." }, "name": { "type": "string", "description": "Immutable. The name of the package." }, "packageType": { "type": "string", "description": "The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.)." }, "url": { "type": "string", "description": "The homepage for this package." }, "version": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Version", "description": "The version of the package." } }, "type": "object", "required": [ "name" ] }, "google-native:containeranalysis/v1:PackageNoteArchitecture": { "description": "The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.", "type": "string", "enum": [ { "name": "ArchitectureUnspecified", "description": "Unknown architecture.", "value": "ARCHITECTURE_UNSPECIFIED" }, { "name": "X86", "description": "X86 architecture.", "value": "X86" }, { "name": "X64", "description": "X64 architecture.", "value": "X64" } ] }, "google-native:containeranalysis/v1:PackageNoteResponse": { "description": "PackageNote represents a particular package version.", "properties": { "architecture": { "type": "string", "description": "The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages." }, "cpeUri": { "type": "string", "description": "The cpe_uri in [CPE format](https://cpe.mitre.org/specification/) denoting the package manager version distributing a package. The cpe_uri will be blank for language packages." }, "description": { "type": "string", "description": "The description of this package." }, "digest": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:DigestResponse" }, "description": "Hash value, typically a file digest, that allows unique identification a specific package." }, "distribution": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:DistributionResponse" }, "description": "Deprecated. The various channels by which a package is distributed.", "deprecationMessage": "Deprecated. The various channels by which a package is distributed." }, "license": { "$ref": "#/types/google-native:containeranalysis%2Fv1:LicenseResponse", "description": "Licenses that have been declared by the authors of the package." }, "maintainer": { "type": "string", "description": "A freeform text denoting the maintainer of this package." }, "name": { "type": "string", "description": "Immutable. The name of the package." }, "packageType": { "type": "string", "description": "The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.)." }, "url": { "type": "string", "description": "The homepage for this package." }, "version": { "$ref": "#/types/google-native:containeranalysis%2Fv1:VersionResponse", "description": "The version of the package." } }, "type": "object", "required": [ "architecture", "cpeUri", "description", "digest", "distribution", "license", "maintainer", "name", "packageType", "url", "version" ] }, "google-native:containeranalysis/v1:PackageOccurrence": { "description": "Details on how a particular software package was installed on a system.", "properties": { "license": { "$ref": "#/types/google-native:containeranalysis%2Fv1:License", "description": "Licenses that have been declared by the authors of the package." }, "location": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Location" }, "description": "All of the places within the filesystem versions of this package have been found." } }, "type": "object" }, "google-native:containeranalysis/v1:PackageOccurrenceResponse": { "description": "Details on how a particular software package was installed on a system.", "properties": { "architecture": { "type": "string", "description": "The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages." }, "cpeUri": { "type": "string", "description": "The cpe_uri in [CPE format](https://cpe.mitre.org/specification/) denoting the package manager version distributing a package. The cpe_uri will be blank for language packages." }, "license": { "$ref": "#/types/google-native:containeranalysis%2Fv1:LicenseResponse", "description": "Licenses that have been declared by the authors of the package." }, "location": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:LocationResponse" }, "description": "All of the places within the filesystem versions of this package have been found." }, "name": { "type": "string", "description": "The name of the installed package." }, "packageType": { "type": "string", "description": "The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.)." }, "version": { "$ref": "#/types/google-native:containeranalysis%2Fv1:VersionResponse", "description": "The version of the package." } }, "type": "object", "required": [ "architecture", "cpeUri", "license", "location", "name", "packageType", "version" ] }, "google-native:containeranalysis/v1:Product": { "description": "Product contains information about a product and how to uniquely identify it.", "properties": { "genericUri": { "type": "string", "description": "Contains a URI which is vendor-specific. Example: The artifact repository URL of an image." }, "id": { "type": "string", "description": "Token that identifies a product so that it can be referred to from other parts in the document. There is no predefined format as long as it uniquely identifies a group in the context of the current document." }, "name": { "type": "string", "description": "Name of the product." } }, "type": "object" }, "google-native:containeranalysis/v1:ProductResponse": { "description": "Product contains information about a product and how to uniquely identify it.", "properties": { "genericUri": { "type": "string", "description": "Contains a URI which is vendor-specific. Example: The artifact repository URL of an image." }, "name": { "type": "string", "description": "Name of the product." } }, "type": "object", "required": [ "genericUri", "name" ] }, "google-native:containeranalysis/v1:ProjectRepoId": { "description": "Selects a repo using a Google Cloud Platform project ID (e.g., winged-cargo-31) and a repo name within that project.", "properties": { "project": { "type": "string", "description": "The ID of the project." }, "repoName": { "type": "string", "description": "The name of the repo. Leave empty for the default repo." } }, "type": "object" }, "google-native:containeranalysis/v1:ProjectRepoIdResponse": { "description": "Selects a repo using a Google Cloud Platform project ID (e.g., winged-cargo-31) and a repo name within that project.", "properties": { "project": { "type": "string", "description": "The ID of the project." }, "repoName": { "type": "string", "description": "The name of the repo. Leave empty for the default repo." } }, "type": "object", "required": [ "project", "repoName" ] }, "google-native:containeranalysis/v1:ProvenanceBuilder": { "properties": { "builderDependencies": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:ResourceDescriptor" } }, "id": { "type": "string" }, "version": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" }, "google-native:containeranalysis/v1:ProvenanceBuilderResponse": { "properties": { "builderDependencies": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:ResourceDescriptorResponse" } }, "version": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "builderDependencies", "version" ] }, "google-native:containeranalysis/v1:Publisher": { "description": "Publisher contains information about the publisher of this Note.", "properties": { "issuingAuthority": { "type": "string", "description": "Provides information about the authority of the issuing party to release the document, in particular, the party's constituency and responsibilities or other obligations." }, "name": { "type": "string", "description": "Name of the publisher. Examples: 'Google', 'Google Cloud Platform'." }, "publisherNamespace": { "type": "string", "description": "The context or namespace. Contains a URL which is under control of the issuing party and can be used as a globally unique identifier for that issuing party. Example: https://csaf.io" } }, "type": "object" }, "google-native:containeranalysis/v1:PublisherResponse": { "description": "Publisher contains information about the publisher of this Note.", "properties": { "issuingAuthority": { "type": "string", "description": "Provides information about the authority of the issuing party to release the document, in particular, the party's constituency and responsibilities or other obligations." }, "name": { "type": "string", "description": "Name of the publisher. Examples: 'Google', 'Google Cloud Platform'." }, "publisherNamespace": { "type": "string", "description": "The context or namespace. Contains a URL which is under control of the issuing party and can be used as a globally unique identifier for that issuing party. Example: https://csaf.io" } }, "type": "object", "required": [ "issuingAuthority", "name", "publisherNamespace" ] }, "google-native:containeranalysis/v1:Recipe": { "description": "Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe.", "properties": { "arguments": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were \"make\", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Since the arguments field can greatly vary in structure, depending on the builder and recipe type, this is of form \"Any\"." }, "definedInMaterial": { "type": "string", "description": "Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were \"make\", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64." }, "entryPoint": { "type": "string", "description": "String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were \"make\", then this would reference the directory in which to run make as well as which target to use." }, "environment": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Since the environment field can greatly vary in structure, depending on the builder and recipe type, this is of form \"Any\"." }, "type": { "type": "string", "description": "URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials." } }, "type": "object" }, "google-native:containeranalysis/v1:RecipeResponse": { "description": "Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe.", "properties": { "arguments": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were \"make\", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Since the arguments field can greatly vary in structure, depending on the builder and recipe type, this is of form \"Any\"." }, "definedInMaterial": { "type": "string", "description": "Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were \"make\", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64." }, "entryPoint": { "type": "string", "description": "String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were \"make\", then this would reference the directory in which to run make as well as which target to use." }, "environment": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Since the environment field can greatly vary in structure, depending on the builder and recipe type, this is of form \"Any\"." }, "type": { "type": "string", "description": "URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials." } }, "type": "object", "required": [ "arguments", "definedInMaterial", "entryPoint", "environment", "type" ] }, "google-native:containeranalysis/v1:RelatedUrl": { "description": "Metadata for any related URL information.", "properties": { "label": { "type": "string", "description": "Label to describe usage of the URL." }, "url": { "type": "string", "description": "Specific URL associated with the resource." } }, "type": "object" }, "google-native:containeranalysis/v1:RelatedUrlResponse": { "description": "Metadata for any related URL information.", "properties": { "label": { "type": "string", "description": "Label to describe usage of the URL." }, "url": { "type": "string", "description": "Specific URL associated with the resource." } }, "type": "object", "required": [ "label", "url" ] }, "google-native:containeranalysis/v1:Remediation": { "description": "Specifies details on how to handle (and presumably, fix) a vulnerability.", "properties": { "details": { "type": "string", "description": "Contains a comprehensive human-readable discussion of the remediation." }, "remediationType": { "$ref": "#/types/google-native:containeranalysis%2Fv1:RemediationRemediationType", "description": "The type of remediation that can be applied." }, "remediationUri": { "$ref": "#/types/google-native:containeranalysis%2Fv1:RelatedUrl", "description": "Contains the URL where to obtain the remediation." } }, "type": "object" }, "google-native:containeranalysis/v1:RemediationRemediationType": { "description": "The type of remediation that can be applied.", "type": "string", "enum": [ { "name": "RemediationTypeUnspecified", "description": "No remediation type specified.", "value": "REMEDIATION_TYPE_UNSPECIFIED" }, { "name": "Mitigation", "description": "A MITIGATION is available.", "value": "MITIGATION" }, { "name": "NoFixPlanned", "description": "No fix is planned.", "value": "NO_FIX_PLANNED" }, { "name": "NoneAvailable", "description": "Not available.", "value": "NONE_AVAILABLE" }, { "name": "VendorFix", "description": "A vendor fix is available.", "value": "VENDOR_FIX" }, { "name": "Workaround", "description": "A workaround is available.", "value": "WORKAROUND" } ] }, "google-native:containeranalysis/v1:RemediationResponse": { "description": "Specifies details on how to handle (and presumably, fix) a vulnerability.", "properties": { "details": { "type": "string", "description": "Contains a comprehensive human-readable discussion of the remediation." }, "remediationType": { "type": "string", "description": "The type of remediation that can be applied." }, "remediationUri": { "$ref": "#/types/google-native:containeranalysis%2Fv1:RelatedUrlResponse", "description": "Contains the URL where to obtain the remediation." } }, "type": "object", "required": [ "details", "remediationType", "remediationUri" ] }, "google-native:containeranalysis/v1:RepoId": { "description": "A unique identifier for a Cloud Repo.", "properties": { "projectRepoId": { "$ref": "#/types/google-native:containeranalysis%2Fv1:ProjectRepoId", "description": "A combination of a project ID and a repo name." }, "uid": { "type": "string", "description": "A server-assigned, globally unique identifier." } }, "type": "object" }, "google-native:containeranalysis/v1:RepoIdResponse": { "description": "A unique identifier for a Cloud Repo.", "properties": { "projectRepoId": { "$ref": "#/types/google-native:containeranalysis%2Fv1:ProjectRepoIdResponse", "description": "A combination of a project ID and a repo name." }, "uid": { "type": "string", "description": "A server-assigned, globally unique identifier." } }, "type": "object", "required": [ "projectRepoId", "uid" ] }, "google-native:containeranalysis/v1:ResourceDescriptor": { "properties": { "annotations": { "type": "object", "additionalProperties": { "type": "string" } }, "content": { "type": "string" }, "digest": { "type": "object", "additionalProperties": { "type": "string" } }, "downloadLocation": { "type": "string" }, "mediaType": { "type": "string" }, "name": { "type": "string" }, "uri": { "type": "string" } }, "type": "object" }, "google-native:containeranalysis/v1:ResourceDescriptorResponse": { "properties": { "annotations": { "type": "object", "additionalProperties": { "type": "string" } }, "content": { "type": "string" }, "digest": { "type": "object", "additionalProperties": { "type": "string" } }, "downloadLocation": { "type": "string" }, "mediaType": { "type": "string" }, "name": { "type": "string" }, "uri": { "type": "string" } }, "type": "object", "required": [ "annotations", "content", "digest", "downloadLocation", "mediaType", "name", "uri" ] }, "google-native:containeranalysis/v1:RunDetails": { "properties": { "builder": { "$ref": "#/types/google-native:containeranalysis%2Fv1:ProvenanceBuilder" }, "byproducts": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:ResourceDescriptor" } }, "metadata": { "$ref": "#/types/google-native:containeranalysis%2Fv1:BuildMetadata" } }, "type": "object" }, "google-native:containeranalysis/v1:RunDetailsResponse": { "properties": { "builder": { "$ref": "#/types/google-native:containeranalysis%2Fv1:ProvenanceBuilderResponse" }, "byproducts": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:ResourceDescriptorResponse" } }, "metadata": { "$ref": "#/types/google-native:containeranalysis%2Fv1:BuildMetadataResponse" } }, "type": "object", "required": [ "builder", "byproducts", "metadata" ] }, "google-native:containeranalysis/v1:SBOMReferenceNote": { "description": "The note representing an SBOM reference.", "properties": { "format": { "type": "string", "description": "The format that SBOM takes. E.g. may be spdx, cyclonedx, etc..." }, "version": { "type": "string", "description": "The version of the format that the SBOM takes. E.g. if the format is spdx, the version may be 2.3." } }, "type": "object" }, "google-native:containeranalysis/v1:SBOMReferenceNoteResponse": { "description": "The note representing an SBOM reference.", "properties": { "format": { "type": "string", "description": "The format that SBOM takes. E.g. may be spdx, cyclonedx, etc..." }, "version": { "type": "string", "description": "The version of the format that the SBOM takes. E.g. if the format is spdx, the version may be 2.3." } }, "type": "object", "required": [ "format", "version" ] }, "google-native:containeranalysis/v1:SBOMReferenceOccurrence": { "description": "The occurrence representing an SBOM reference as applied to a specific resource. The occurrence follows the DSSE specification. See https://github.com/secure-systems-lab/dsse/blob/master/envelope.md for more details.", "properties": { "payload": { "$ref": "#/types/google-native:containeranalysis%2Fv1:SbomReferenceIntotoPayload", "description": "The actual payload that contains the SBOM reference data." }, "payloadType": { "type": "string", "description": "The kind of payload that SbomReferenceIntotoPayload takes. Since it's in the intoto format, this value is expected to be 'application/vnd.in-toto+json'." }, "signatures": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:EnvelopeSignature" }, "description": "The signatures over the payload." } }, "type": "object" }, "google-native:containeranalysis/v1:SBOMReferenceOccurrenceResponse": { "description": "The occurrence representing an SBOM reference as applied to a specific resource. The occurrence follows the DSSE specification. See https://github.com/secure-systems-lab/dsse/blob/master/envelope.md for more details.", "properties": { "payload": { "$ref": "#/types/google-native:containeranalysis%2Fv1:SbomReferenceIntotoPayloadResponse", "description": "The actual payload that contains the SBOM reference data." }, "payloadType": { "type": "string", "description": "The kind of payload that SbomReferenceIntotoPayload takes. Since it's in the intoto format, this value is expected to be 'application/vnd.in-toto+json'." }, "signatures": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:EnvelopeSignatureResponse" }, "description": "The signatures over the payload." } }, "type": "object", "required": [ "payload", "payloadType", "signatures" ] }, "google-native:containeranalysis/v1:SBOMStatus": { "description": "The status of an SBOM generation.", "properties": { "error": { "type": "string", "description": "If there was an error generating an SBOM, this will indicate what that error was." }, "sbomState": { "$ref": "#/types/google-native:containeranalysis%2Fv1:SBOMStatusSbomState", "description": "The progress of the SBOM generation." } }, "type": "object" }, "google-native:containeranalysis/v1:SBOMStatusResponse": { "description": "The status of an SBOM generation.", "properties": { "error": { "type": "string", "description": "If there was an error generating an SBOM, this will indicate what that error was." }, "sbomState": { "type": "string", "description": "The progress of the SBOM generation." } }, "type": "object", "required": [ "error", "sbomState" ] }, "google-native:containeranalysis/v1:SBOMStatusSbomState": { "description": "The progress of the SBOM generation.", "type": "string", "enum": [ { "name": "SbomStateUnspecified", "description": "Default unknown state.", "value": "SBOM_STATE_UNSPECIFIED" }, { "name": "Pending", "description": "SBOM scanning is pending.", "value": "PENDING" }, { "name": "Complete", "description": "SBOM scanning has completed.", "value": "COMPLETE" } ] }, "google-native:containeranalysis/v1:SbomReferenceIntotoPayload": { "description": "The actual payload that contains the SBOM Reference data. The payload follows the intoto statement specification. See https://github.com/in-toto/attestation/blob/main/spec/v1.0/statement.md for more details.", "properties": { "predicate": { "$ref": "#/types/google-native:containeranalysis%2Fv1:SbomReferenceIntotoPredicate", "description": "Additional parameters of the Predicate. Includes the actual data about the SBOM." }, "predicateType": { "type": "string", "description": "URI identifying the type of the Predicate." }, "subject": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Subject" }, "description": "Set of software artifacts that the attestation applies to. Each element represents a single software artifact." }, "type": { "type": "string", "description": "Identifier for the schema of the Statement." } }, "type": "object" }, "google-native:containeranalysis/v1:SbomReferenceIntotoPayloadResponse": { "description": "The actual payload that contains the SBOM Reference data. The payload follows the intoto statement specification. See https://github.com/in-toto/attestation/blob/main/spec/v1.0/statement.md for more details.", "properties": { "predicate": { "$ref": "#/types/google-native:containeranalysis%2Fv1:SbomReferenceIntotoPredicateResponse", "description": "Additional parameters of the Predicate. Includes the actual data about the SBOM." }, "predicateType": { "type": "string", "description": "URI identifying the type of the Predicate." }, "subject": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:SubjectResponse" }, "description": "Set of software artifacts that the attestation applies to. Each element represents a single software artifact." }, "type": { "type": "string", "description": "Identifier for the schema of the Statement." } }, "type": "object", "required": [ "predicate", "predicateType", "subject", "type" ] }, "google-native:containeranalysis/v1:SbomReferenceIntotoPredicate": { "description": "A predicate which describes the SBOM being referenced.", "properties": { "digest": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of algorithm to digest of the contents of the SBOM." }, "location": { "type": "string", "description": "The location of the SBOM." }, "mimeType": { "type": "string", "description": "The mime type of the SBOM." }, "referrerId": { "type": "string", "description": "The person or system referring this predicate to the consumer." } }, "type": "object" }, "google-native:containeranalysis/v1:SbomReferenceIntotoPredicateResponse": { "description": "A predicate which describes the SBOM being referenced.", "properties": { "digest": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of algorithm to digest of the contents of the SBOM." }, "location": { "type": "string", "description": "The location of the SBOM." }, "mimeType": { "type": "string", "description": "The mime type of the SBOM." }, "referrerId": { "type": "string", "description": "The person or system referring this predicate to the consumer." } }, "type": "object", "required": [ "digest", "location", "mimeType", "referrerId" ] }, "google-native:containeranalysis/v1:Signature": { "description": "Verifiers (e.g. Kritis implementations) MUST verify signatures with respect to the trust anchors defined in policy (e.g. a Kritis policy). Typically this means that the verifier has been configured with a map from `public_key_id` to public key material (and any required parameters, e.g. signing algorithm). In particular, verification implementations MUST NOT treat the signature `public_key_id` as anything more than a key lookup hint. The `public_key_id` DOES NOT validate or authenticate a public key; it only provides a mechanism for quickly selecting a public key ALREADY CONFIGURED on the verifier through a trusted channel. Verification implementations MUST reject signatures in any of the following circumstances: * The `public_key_id` is not recognized by the verifier. * The public key that `public_key_id` refers to does not verify the signature with respect to the payload. The `signature` contents SHOULD NOT be \"attached\" (where the payload is included with the serialized `signature` bytes). Verifiers MUST ignore any \"attached\" payload and only verify signatures with respect to explicitly provided payload (e.g. a `payload` field on the proto message that holds this Signature, or the canonical serialization of the proto message that holds this signature).", "properties": { "publicKeyId": { "type": "string", "description": "The identifier for the public key that verifies this signature. * The `public_key_id` is required. * The `public_key_id` SHOULD be an RFC3986 conformant URI. * When possible, the `public_key_id` SHOULD be an immutable reference, such as a cryptographic digest. Examples of valid `public_key_id`s: OpenPGP V4 public key fingerprint: * \"openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA\" See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme. RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization): * \"ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU\" * \"nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5\"" }, "signature": { "type": "string", "description": "The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be unambiguously provided with the Signature during verification. A wrapper message might provide the payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload." } }, "type": "object" }, "google-native:containeranalysis/v1:SignatureResponse": { "description": "Verifiers (e.g. Kritis implementations) MUST verify signatures with respect to the trust anchors defined in policy (e.g. a Kritis policy). Typically this means that the verifier has been configured with a map from `public_key_id` to public key material (and any required parameters, e.g. signing algorithm). In particular, verification implementations MUST NOT treat the signature `public_key_id` as anything more than a key lookup hint. The `public_key_id` DOES NOT validate or authenticate a public key; it only provides a mechanism for quickly selecting a public key ALREADY CONFIGURED on the verifier through a trusted channel. Verification implementations MUST reject signatures in any of the following circumstances: * The `public_key_id` is not recognized by the verifier. * The public key that `public_key_id` refers to does not verify the signature with respect to the payload. The `signature` contents SHOULD NOT be \"attached\" (where the payload is included with the serialized `signature` bytes). Verifiers MUST ignore any \"attached\" payload and only verify signatures with respect to explicitly provided payload (e.g. a `payload` field on the proto message that holds this Signature, or the canonical serialization of the proto message that holds this signature).", "properties": { "publicKeyId": { "type": "string", "description": "The identifier for the public key that verifies this signature. * The `public_key_id` is required. * The `public_key_id` SHOULD be an RFC3986 conformant URI. * When possible, the `public_key_id` SHOULD be an immutable reference, such as a cryptographic digest. Examples of valid `public_key_id`s: OpenPGP V4 public key fingerprint: * \"openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA\" See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme. RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization): * \"ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU\" * \"nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5\"" }, "signature": { "type": "string", "description": "The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be unambiguously provided with the Signature during verification. A wrapper message might provide the payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload." } }, "type": "object", "required": [ "publicKeyId", "signature" ] }, "google-native:containeranalysis/v1:SlsaBuilder": { "properties": { "id": { "type": "string" } }, "type": "object" }, "google-native:containeranalysis/v1:SlsaBuilderResponse": { "type": "object" }, "google-native:containeranalysis/v1:SlsaCompleteness": { "description": "Indicates that the builder claims certain fields in this message to be complete.", "properties": { "arguments": { "type": "boolean", "description": "If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe." }, "environment": { "type": "boolean", "description": "If true, the builder claims that recipe.environment is claimed to be complete." }, "materials": { "type": "boolean", "description": "If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called \"hermetic\"." } }, "type": "object" }, "google-native:containeranalysis/v1:SlsaCompletenessResponse": { "description": "Indicates that the builder claims certain fields in this message to be complete.", "properties": { "arguments": { "type": "boolean", "description": "If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe." }, "environment": { "type": "boolean", "description": "If true, the builder claims that recipe.environment is claimed to be complete." }, "materials": { "type": "boolean", "description": "If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called \"hermetic\"." } }, "type": "object", "required": [ "arguments", "environment", "materials" ] }, "google-native:containeranalysis/v1:SlsaMetadata": { "description": "Other properties of the build.", "properties": { "buildFinishedOn": { "type": "string", "description": "The timestamp of when the build completed." }, "buildInvocationId": { "type": "string", "description": "Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec." }, "buildStartedOn": { "type": "string", "description": "The timestamp of when the build started." }, "completeness": { "$ref": "#/types/google-native:containeranalysis%2Fv1:SlsaCompleteness", "description": "Indicates that the builder claims certain fields in this message to be complete." }, "reproducible": { "type": "boolean", "description": "If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output." } }, "type": "object" }, "google-native:containeranalysis/v1:SlsaMetadataResponse": { "description": "Other properties of the build.", "properties": { "buildFinishedOn": { "type": "string", "description": "The timestamp of when the build completed." }, "buildInvocationId": { "type": "string", "description": "Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec." }, "buildStartedOn": { "type": "string", "description": "The timestamp of when the build started." }, "completeness": { "$ref": "#/types/google-native:containeranalysis%2Fv1:SlsaCompletenessResponse", "description": "Indicates that the builder claims certain fields in this message to be complete." }, "reproducible": { "type": "boolean", "description": "If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output." } }, "type": "object", "required": [ "buildFinishedOn", "buildInvocationId", "buildStartedOn", "completeness", "reproducible" ] }, "google-native:containeranalysis/v1:SlsaProvenance": { "properties": { "builder": { "$ref": "#/types/google-native:containeranalysis%2Fv1:SlsaBuilder", "description": "required" }, "materials": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Material" }, "description": "The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty." }, "metadata": { "$ref": "#/types/google-native:containeranalysis%2Fv1:SlsaMetadata" }, "recipe": { "$ref": "#/types/google-native:containeranalysis%2Fv1:SlsaRecipe", "description": "Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required" } }, "type": "object" }, "google-native:containeranalysis/v1:SlsaProvenanceResponse": { "properties": { "builder": { "$ref": "#/types/google-native:containeranalysis%2Fv1:SlsaBuilderResponse", "description": "required" }, "materials": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:MaterialResponse" }, "description": "The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty." }, "metadata": { "$ref": "#/types/google-native:containeranalysis%2Fv1:SlsaMetadataResponse" }, "recipe": { "$ref": "#/types/google-native:containeranalysis%2Fv1:SlsaRecipeResponse", "description": "Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required" } }, "type": "object", "required": [ "builder", "materials", "metadata", "recipe" ] }, "google-native:containeranalysis/v1:SlsaProvenanceV1": { "description": "Keep in sync with schema at https://github.com/slsa-framework/slsa/blob/main/docs/provenance/schema/v1/provenance.proto Builder renamed to ProvenanceBuilder because of Java conflicts.", "properties": { "buildDefinition": { "$ref": "#/types/google-native:containeranalysis%2Fv1:BuildDefinition" }, "runDetails": { "$ref": "#/types/google-native:containeranalysis%2Fv1:RunDetails" } }, "type": "object" }, "google-native:containeranalysis/v1:SlsaProvenanceV1Response": { "description": "Keep in sync with schema at https://github.com/slsa-framework/slsa/blob/main/docs/provenance/schema/v1/provenance.proto Builder renamed to ProvenanceBuilder because of Java conflicts.", "properties": { "buildDefinition": { "$ref": "#/types/google-native:containeranalysis%2Fv1:BuildDefinitionResponse" }, "runDetails": { "$ref": "#/types/google-native:containeranalysis%2Fv1:RunDetailsResponse" } }, "type": "object", "required": [ "buildDefinition", "runDetails" ] }, "google-native:containeranalysis/v1:SlsaProvenanceZeroTwo": { "description": "See full explanation of fields at slsa.dev/provenance/v0.2.", "properties": { "buildConfig": { "type": "object", "additionalProperties": { "type": "string" } }, "buildType": { "type": "string" }, "builder": { "$ref": "#/types/google-native:containeranalysis%2Fv1:GrafeasV1SlsaProvenanceZeroTwoSlsaBuilder" }, "invocation": { "$ref": "#/types/google-native:containeranalysis%2Fv1:GrafeasV1SlsaProvenanceZeroTwoSlsaInvocation" }, "materials": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:GrafeasV1SlsaProvenanceZeroTwoSlsaMaterial" } }, "metadata": { "$ref": "#/types/google-native:containeranalysis%2Fv1:GrafeasV1SlsaProvenanceZeroTwoSlsaMetadata" } }, "type": "object" }, "google-native:containeranalysis/v1:SlsaProvenanceZeroTwoResponse": { "description": "See full explanation of fields at slsa.dev/provenance/v0.2.", "properties": { "buildConfig": { "type": "object", "additionalProperties": { "type": "string" } }, "buildType": { "type": "string" }, "builder": { "$ref": "#/types/google-native:containeranalysis%2Fv1:GrafeasV1SlsaProvenanceZeroTwoSlsaBuilderResponse" }, "invocation": { "$ref": "#/types/google-native:containeranalysis%2Fv1:GrafeasV1SlsaProvenanceZeroTwoSlsaInvocationResponse" }, "materials": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:GrafeasV1SlsaProvenanceZeroTwoSlsaMaterialResponse" } }, "metadata": { "$ref": "#/types/google-native:containeranalysis%2Fv1:GrafeasV1SlsaProvenanceZeroTwoSlsaMetadataResponse" } }, "type": "object", "required": [ "buildConfig", "buildType", "builder", "invocation", "materials", "metadata" ] }, "google-native:containeranalysis/v1:SlsaRecipe": { "description": "Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe.", "properties": { "arguments": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were \"make\", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different." }, "definedInMaterial": { "type": "string", "description": "Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were \"make\", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64." }, "entryPoint": { "type": "string", "description": "String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were \"make\", then this would reference the directory in which to run make as well as which target to use." }, "environment": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different." }, "type": { "type": "string", "description": "URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials." } }, "type": "object" }, "google-native:containeranalysis/v1:SlsaRecipeResponse": { "description": "Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe.", "properties": { "arguments": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were \"make\", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different." }, "definedInMaterial": { "type": "string", "description": "Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were \"make\", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64." }, "entryPoint": { "type": "string", "description": "String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were \"make\", then this would reference the directory in which to run make as well as which target to use." }, "environment": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different." }, "type": { "type": "string", "description": "URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials." } }, "type": "object", "required": [ "arguments", "definedInMaterial", "entryPoint", "environment", "type" ] }, "google-native:containeranalysis/v1:Source": { "description": "Source describes the location of the source used for the build.", "properties": { "additionalContexts": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:SourceContext" }, "description": "If provided, some of the source code used for the build may be found in these locations, in the case where the source repository had multiple remotes or submodules. This list will not include the context specified in the context field." }, "artifactStorageSourceUri": { "type": "string", "description": "If provided, the input binary artifacts for the build came from this location." }, "context": { "$ref": "#/types/google-native:containeranalysis%2Fv1:SourceContext", "description": "If provided, the source code used for the build came from this location." }, "fileHashes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Hash(es) of the build source, which can be used to verify that the original source integrity was maintained in the build. The keys to this map are file paths used as build source and the values contain the hash values for those files. If the build source came in a single package such as a gzipped tarfile (.tar.gz), the FileHash will be for the single path to that file." } }, "type": "object" }, "google-native:containeranalysis/v1:SourceContext": { "description": "A SourceContext is a reference to a tree of files. A SourceContext together with a path point to a unique revision of a single file or directory.", "properties": { "cloudRepo": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CloudRepoSourceContext", "description": "A SourceContext referring to a revision in a Google Cloud Source Repo." }, "gerrit": { "$ref": "#/types/google-native:containeranalysis%2Fv1:GerritSourceContext", "description": "A SourceContext referring to a Gerrit project." }, "git": { "$ref": "#/types/google-native:containeranalysis%2Fv1:GitSourceContext", "description": "A SourceContext referring to any third party Git repo (e.g., GitHub)." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels with user defined metadata." } }, "type": "object" }, "google-native:containeranalysis/v1:SourceContextResponse": { "description": "A SourceContext is a reference to a tree of files. A SourceContext together with a path point to a unique revision of a single file or directory.", "properties": { "cloudRepo": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CloudRepoSourceContextResponse", "description": "A SourceContext referring to a revision in a Google Cloud Source Repo." }, "gerrit": { "$ref": "#/types/google-native:containeranalysis%2Fv1:GerritSourceContextResponse", "description": "A SourceContext referring to a Gerrit project." }, "git": { "$ref": "#/types/google-native:containeranalysis%2Fv1:GitSourceContextResponse", "description": "A SourceContext referring to any third party Git repo (e.g., GitHub)." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels with user defined metadata." } }, "type": "object", "required": [ "cloudRepo", "gerrit", "git", "labels" ] }, "google-native:containeranalysis/v1:SourceResponse": { "description": "Source describes the location of the source used for the build.", "properties": { "additionalContexts": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:SourceContextResponse" }, "description": "If provided, some of the source code used for the build may be found in these locations, in the case where the source repository had multiple remotes or submodules. This list will not include the context specified in the context field." }, "artifactStorageSourceUri": { "type": "string", "description": "If provided, the input binary artifacts for the build came from this location." }, "context": { "$ref": "#/types/google-native:containeranalysis%2Fv1:SourceContextResponse", "description": "If provided, the source code used for the build came from this location." }, "fileHashes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Hash(es) of the build source, which can be used to verify that the original source integrity was maintained in the build. The keys to this map are file paths used as build source and the values contain the hash values for those files. If the build source came in a single package such as a gzipped tarfile (.tar.gz), the FileHash will be for the single path to that file." } }, "type": "object", "required": [ "additionalContexts", "artifactStorageSourceUri", "context", "fileHashes" ] }, "google-native:containeranalysis/v1:Status": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object" }, "google-native:containeranalysis/v1:StatusResponse": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object", "required": [ "code", "details", "message" ] }, "google-native:containeranalysis/v1:Subject": { "properties": { "digest": { "type": "object", "additionalProperties": { "type": "string" }, "description": "`\"\": \"\"` Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet" }, "name": { "type": "string" } }, "type": "object" }, "google-native:containeranalysis/v1:SubjectResponse": { "properties": { "digest": { "type": "object", "additionalProperties": { "type": "string" }, "description": "`\"\": \"\"` Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet" }, "name": { "type": "string" } }, "type": "object", "required": [ "digest", "name" ] }, "google-native:containeranalysis/v1:UpgradeDistribution": { "description": "The Upgrade Distribution represents metadata about the Upgrade for each operating system (CPE). Some distributions have additional metadata around updates, classifying them into various categories and severities.", "properties": { "classification": { "type": "string", "description": "The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed. For Windows the classification is one of the category_ids listed at https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ff357803(v=vs.85)" }, "cpeUri": { "type": "string", "description": "Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/." }, "cve": { "type": "array", "items": { "type": "string" }, "description": "The cve tied to this Upgrade." }, "severity": { "type": "string", "description": "The severity as specified by the upstream operating system." } }, "type": "object" }, "google-native:containeranalysis/v1:UpgradeDistributionResponse": { "description": "The Upgrade Distribution represents metadata about the Upgrade for each operating system (CPE). Some distributions have additional metadata around updates, classifying them into various categories and severities.", "properties": { "classification": { "type": "string", "description": "The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed. For Windows the classification is one of the category_ids listed at https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ff357803(v=vs.85)" }, "cpeUri": { "type": "string", "description": "Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/." }, "cve": { "type": "array", "items": { "type": "string" }, "description": "The cve tied to this Upgrade." }, "severity": { "type": "string", "description": "The severity as specified by the upstream operating system." } }, "type": "object", "required": [ "classification", "cpeUri", "cve", "severity" ] }, "google-native:containeranalysis/v1:UpgradeNote": { "description": "An Upgrade Note represents a potential upgrade of a package to a given version. For each package version combination (i.e. bash 4.0, bash 4.1, bash 4.1.2), there will be an Upgrade Note. For Windows, windows_update field represents the information related to the update.", "properties": { "distributions": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:UpgradeDistribution" }, "description": "Metadata about the upgrade for each specific operating system." }, "package": { "type": "string", "description": "Required for non-Windows OS. The package this Upgrade is for." }, "version": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Version", "description": "Required for non-Windows OS. The version of the package in machine + human readable form." }, "windowsUpdate": { "$ref": "#/types/google-native:containeranalysis%2Fv1:WindowsUpdate", "description": "Required for Windows OS. Represents the metadata about the Windows update." } }, "type": "object" }, "google-native:containeranalysis/v1:UpgradeNoteResponse": { "description": "An Upgrade Note represents a potential upgrade of a package to a given version. For each package version combination (i.e. bash 4.0, bash 4.1, bash 4.1.2), there will be an Upgrade Note. For Windows, windows_update field represents the information related to the update.", "properties": { "distributions": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:UpgradeDistributionResponse" }, "description": "Metadata about the upgrade for each specific operating system." }, "package": { "type": "string", "description": "Required for non-Windows OS. The package this Upgrade is for." }, "version": { "$ref": "#/types/google-native:containeranalysis%2Fv1:VersionResponse", "description": "Required for non-Windows OS. The version of the package in machine + human readable form." }, "windowsUpdate": { "$ref": "#/types/google-native:containeranalysis%2Fv1:WindowsUpdateResponse", "description": "Required for Windows OS. Represents the metadata about the Windows update." } }, "type": "object", "required": [ "distributions", "package", "version", "windowsUpdate" ] }, "google-native:containeranalysis/v1:UpgradeOccurrence": { "description": "An Upgrade Occurrence represents that a specific resource_url could install a specific upgrade. This presence is supplied via local sources (i.e. it is present in the mirror and the running system has noticed its availability). For Windows, both distribution and windows_update contain information for the Windows update.", "properties": { "distribution": { "$ref": "#/types/google-native:containeranalysis%2Fv1:UpgradeDistribution", "description": "Metadata about the upgrade for available for the specific operating system for the resource_url. This allows efficient filtering, as well as making it easier to use the occurrence." }, "package": { "type": "string", "description": "Required for non-Windows OS. The package this Upgrade is for." }, "parsedVersion": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Version", "description": "Required for non-Windows OS. The version of the package in a machine + human readable form." }, "windowsUpdate": { "$ref": "#/types/google-native:containeranalysis%2Fv1:WindowsUpdate", "description": "Required for Windows OS. Represents the metadata about the Windows update." } }, "type": "object" }, "google-native:containeranalysis/v1:UpgradeOccurrenceResponse": { "description": "An Upgrade Occurrence represents that a specific resource_url could install a specific upgrade. This presence is supplied via local sources (i.e. it is present in the mirror and the running system has noticed its availability). For Windows, both distribution and windows_update contain information for the Windows update.", "properties": { "distribution": { "$ref": "#/types/google-native:containeranalysis%2Fv1:UpgradeDistributionResponse", "description": "Metadata about the upgrade for available for the specific operating system for the resource_url. This allows efficient filtering, as well as making it easier to use the occurrence." }, "package": { "type": "string", "description": "Required for non-Windows OS. The package this Upgrade is for." }, "parsedVersion": { "$ref": "#/types/google-native:containeranalysis%2Fv1:VersionResponse", "description": "Required for non-Windows OS. The version of the package in a machine + human readable form." }, "windowsUpdate": { "$ref": "#/types/google-native:containeranalysis%2Fv1:WindowsUpdateResponse", "description": "Required for Windows OS. Represents the metadata about the Windows update." } }, "type": "object", "required": [ "distribution", "package", "parsedVersion", "windowsUpdate" ] }, "google-native:containeranalysis/v1:Version": { "description": "Version contains structured information about the version of a package.", "properties": { "epoch": { "type": "integer", "description": "Used to correct mistakes in the version numbering scheme." }, "fullName": { "type": "string", "description": "Human readable version string. This string is of the form :- and is only set when kind is NORMAL." }, "inclusive": { "type": "boolean", "description": "Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range." }, "kind": { "$ref": "#/types/google-native:containeranalysis%2Fv1:VersionKind", "description": "Distinguishes between sentinel MIN/MAX versions and normal versions." }, "name": { "type": "string", "description": "Required only when version kind is NORMAL. The main part of the version name." }, "revision": { "type": "string", "description": "The iteration of the package build from the above version." } }, "type": "object", "required": [ "kind" ] }, "google-native:containeranalysis/v1:VersionKind": { "description": "Required. Distinguishes between sentinel MIN/MAX versions and normal versions.", "type": "string", "enum": [ { "name": "VersionKindUnspecified", "description": "Unknown.", "value": "VERSION_KIND_UNSPECIFIED" }, { "name": "Normal", "description": "A standard package version.", "value": "NORMAL" }, { "name": "Minimum", "description": "A special version representing negative infinity.", "value": "MINIMUM" }, { "name": "Maximum", "description": "A special version representing positive infinity.", "value": "MAXIMUM" } ] }, "google-native:containeranalysis/v1:VersionResponse": { "description": "Version contains structured information about the version of a package.", "properties": { "epoch": { "type": "integer", "description": "Used to correct mistakes in the version numbering scheme." }, "fullName": { "type": "string", "description": "Human readable version string. This string is of the form :- and is only set when kind is NORMAL." }, "inclusive": { "type": "boolean", "description": "Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range." }, "kind": { "type": "string", "description": "Distinguishes between sentinel MIN/MAX versions and normal versions." }, "name": { "type": "string", "description": "Required only when version kind is NORMAL. The main part of the version name." }, "revision": { "type": "string", "description": "The iteration of the package build from the above version." } }, "type": "object", "required": [ "epoch", "fullName", "inclusive", "kind", "name", "revision" ] }, "google-native:containeranalysis/v1:VexAssessment": { "description": "VexAssessment provides all publisher provided Vex information that is related to this vulnerability.", "properties": { "cve": { "type": "string", "description": "Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.", "deprecationMessage": "Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs." }, "impacts": { "type": "array", "items": { "type": "string" }, "description": "Contains information about the impact of this vulnerability, this will change with time." }, "justification": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Justification", "description": "Justification provides the justification when the state of the assessment if NOT_AFFECTED." }, "noteName": { "type": "string", "description": "The VulnerabilityAssessment note from which this VexAssessment was generated. This will be of the form: `projects/[PROJECT_ID]/notes/[NOTE_ID]`." }, "relatedUris": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:RelatedUrl" }, "description": "Holds a list of references associated with this vulnerability item and assessment." }, "remediations": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Remediation" }, "description": "Specifies details on how to handle (and presumably, fix) a vulnerability." }, "state": { "$ref": "#/types/google-native:containeranalysis%2Fv1:VexAssessmentState", "description": "Provides the state of this Vulnerability assessment." }, "vulnerabilityId": { "type": "string", "description": "The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc." } }, "type": "object" }, "google-native:containeranalysis/v1:VexAssessmentResponse": { "description": "VexAssessment provides all publisher provided Vex information that is related to this vulnerability.", "properties": { "cve": { "type": "string", "description": "Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.", "deprecationMessage": "Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs." }, "impacts": { "type": "array", "items": { "type": "string" }, "description": "Contains information about the impact of this vulnerability, this will change with time." }, "justification": { "$ref": "#/types/google-native:containeranalysis%2Fv1:JustificationResponse", "description": "Justification provides the justification when the state of the assessment if NOT_AFFECTED." }, "noteName": { "type": "string", "description": "The VulnerabilityAssessment note from which this VexAssessment was generated. This will be of the form: `projects/[PROJECT_ID]/notes/[NOTE_ID]`." }, "relatedUris": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:RelatedUrlResponse" }, "description": "Holds a list of references associated with this vulnerability item and assessment." }, "remediations": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:RemediationResponse" }, "description": "Specifies details on how to handle (and presumably, fix) a vulnerability." }, "state": { "type": "string", "description": "Provides the state of this Vulnerability assessment." }, "vulnerabilityId": { "type": "string", "description": "The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc." } }, "type": "object", "required": [ "cve", "impacts", "justification", "noteName", "relatedUris", "remediations", "state", "vulnerabilityId" ] }, "google-native:containeranalysis/v1:VexAssessmentState": { "description": "Provides the state of this Vulnerability assessment.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "No state is specified.", "value": "STATE_UNSPECIFIED" }, { "name": "Affected", "description": "This product is known to be affected by this vulnerability.", "value": "AFFECTED" }, { "name": "NotAffected", "description": "This product is known to be not affected by this vulnerability.", "value": "NOT_AFFECTED" }, { "name": "Fixed", "description": "This product contains a fix for this vulnerability.", "value": "FIXED" }, { "name": "UnderInvestigation", "description": "It is not known yet whether these versions are or are not affected by the vulnerability. However, it is still under investigation.", "value": "UNDER_INVESTIGATION" } ] }, "google-native:containeranalysis/v1:VulnerabilityAssessmentNote": { "description": "A single VulnerabilityAssessmentNote represents one particular product's vulnerability assessment for one CVE.", "properties": { "assessment": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Assessment", "description": "Represents a vulnerability assessment for the product." }, "languageCode": { "type": "string", "description": "Identifies the language used by this document, corresponding to IETF BCP 47 / RFC 5646." }, "longDescription": { "type": "string", "description": "A detailed description of this Vex." }, "product": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Product", "description": "The product affected by this vex." }, "publisher": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Publisher", "description": "Publisher details of this Note." }, "shortDescription": { "type": "string", "description": "A one sentence description of this Vex." }, "title": { "type": "string", "description": "The title of the note. E.g. `Vex-Debian-11.4`" } }, "type": "object" }, "google-native:containeranalysis/v1:VulnerabilityAssessmentNoteResponse": { "description": "A single VulnerabilityAssessmentNote represents one particular product's vulnerability assessment for one CVE.", "properties": { "assessment": { "$ref": "#/types/google-native:containeranalysis%2Fv1:AssessmentResponse", "description": "Represents a vulnerability assessment for the product." }, "languageCode": { "type": "string", "description": "Identifies the language used by this document, corresponding to IETF BCP 47 / RFC 5646." }, "longDescription": { "type": "string", "description": "A detailed description of this Vex." }, "product": { "$ref": "#/types/google-native:containeranalysis%2Fv1:ProductResponse", "description": "The product affected by this vex." }, "publisher": { "$ref": "#/types/google-native:containeranalysis%2Fv1:PublisherResponse", "description": "Publisher details of this Note." }, "shortDescription": { "type": "string", "description": "A one sentence description of this Vex." }, "title": { "type": "string", "description": "The title of the note. E.g. `Vex-Debian-11.4`" } }, "type": "object", "required": [ "assessment", "languageCode", "longDescription", "product", "publisher", "shortDescription", "title" ] }, "google-native:containeranalysis/v1:VulnerabilityNote": { "description": "A security vulnerability that can be found in resources.", "properties": { "cvssScore": { "type": "number", "description": "The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10 where 0 indicates low severity and 10 indicates high severity." }, "cvssV2": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CVSS", "description": "The full description of the v2 CVSS for this vulnerability." }, "cvssV3": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CVSSv3", "description": "The full description of the CVSSv3 for this vulnerability." }, "cvssVersion": { "$ref": "#/types/google-native:containeranalysis%2Fv1:VulnerabilityNoteCvssVersion", "description": "CVSS version used to populate cvss_score and severity." }, "details": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Detail" }, "description": "Details of all known distros and packages affected by this vulnerability." }, "severity": { "$ref": "#/types/google-native:containeranalysis%2Fv1:VulnerabilityNoteSeverity", "description": "The note provider assigned severity of this vulnerability." }, "sourceUpdateTime": { "type": "string", "description": "The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker." }, "windowsDetails": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:WindowsDetail" }, "description": "Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version." } }, "type": "object" }, "google-native:containeranalysis/v1:VulnerabilityNoteCvssVersion": { "description": "CVSS version used to populate cvss_score and severity.", "type": "string", "enum": [ { "name": "CvssVersionUnspecified", "value": "CVSS_VERSION_UNSPECIFIED" }, { "name": "CvssVersion2", "value": "CVSS_VERSION_2" }, { "name": "CvssVersion3", "value": "CVSS_VERSION_3" } ] }, "google-native:containeranalysis/v1:VulnerabilityNoteResponse": { "description": "A security vulnerability that can be found in resources.", "properties": { "cvssScore": { "type": "number", "description": "The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10 where 0 indicates low severity and 10 indicates high severity." }, "cvssV2": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CVSSResponse", "description": "The full description of the v2 CVSS for this vulnerability." }, "cvssV3": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CVSSv3Response", "description": "The full description of the CVSSv3 for this vulnerability." }, "cvssVersion": { "type": "string", "description": "CVSS version used to populate cvss_score and severity." }, "details": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:DetailResponse" }, "description": "Details of all known distros and packages affected by this vulnerability." }, "severity": { "type": "string", "description": "The note provider assigned severity of this vulnerability." }, "sourceUpdateTime": { "type": "string", "description": "The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker." }, "windowsDetails": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:WindowsDetailResponse" }, "description": "Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version." } }, "type": "object", "required": [ "cvssScore", "cvssV2", "cvssV3", "cvssVersion", "details", "severity", "sourceUpdateTime", "windowsDetails" ] }, "google-native:containeranalysis/v1:VulnerabilityNoteSeverity": { "description": "The note provider assigned severity of this vulnerability.", "type": "string", "enum": [ { "name": "SeverityUnspecified", "description": "Unknown.", "value": "SEVERITY_UNSPECIFIED" }, { "name": "Minimal", "description": "Minimal severity.", "value": "MINIMAL" }, { "name": "Low", "description": "Low severity.", "value": "LOW" }, { "name": "Medium", "description": "Medium severity.", "value": "MEDIUM" }, { "name": "High", "description": "High severity.", "value": "HIGH" }, { "name": "Critical", "description": "Critical severity.", "value": "CRITICAL" } ] }, "google-native:containeranalysis/v1:VulnerabilityOccurrence": { "description": "An occurrence of a severity vulnerability on a resource.", "properties": { "cvssV2": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CVSS", "description": "The cvss v2 score for the vulnerability." }, "cvssv3": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CVSS", "description": "The cvss v3 score for the vulnerability." }, "effectiveSeverity": { "$ref": "#/types/google-native:containeranalysis%2Fv1:VulnerabilityOccurrenceEffectiveSeverity", "description": "The distro assigned severity for this vulnerability when it is available, otherwise this is the note provider assigned severity. When there are multiple PackageIssues for this vulnerability, they can have different effective severities because some might be provided by the distro while others are provided by the language ecosystem for a language pack. For this reason, it is advised to use the effective severity on the PackageIssue level. In the case where multiple PackageIssues have differing effective severities, this field should be the highest severity for any of the PackageIssues." }, "extraDetails": { "type": "string", "description": "Occurrence-specific extra details about the vulnerability." }, "packageIssue": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:PackageIssue" }, "description": "The set of affected locations and their fixes (if available) within the associated resource." }, "type": { "type": "string", "description": "The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.)." }, "vexAssessment": { "$ref": "#/types/google-native:containeranalysis%2Fv1:VexAssessment" } }, "type": "object", "required": [ "packageIssue" ] }, "google-native:containeranalysis/v1:VulnerabilityOccurrenceEffectiveSeverity": { "description": "The distro assigned severity for this vulnerability when it is available, otherwise this is the note provider assigned severity. When there are multiple PackageIssues for this vulnerability, they can have different effective severities because some might be provided by the distro while others are provided by the language ecosystem for a language pack. For this reason, it is advised to use the effective severity on the PackageIssue level. In the case where multiple PackageIssues have differing effective severities, this field should be the highest severity for any of the PackageIssues.", "type": "string", "enum": [ { "name": "SeverityUnspecified", "description": "Unknown.", "value": "SEVERITY_UNSPECIFIED" }, { "name": "Minimal", "description": "Minimal severity.", "value": "MINIMAL" }, { "name": "Low", "description": "Low severity.", "value": "LOW" }, { "name": "Medium", "description": "Medium severity.", "value": "MEDIUM" }, { "name": "High", "description": "High severity.", "value": "HIGH" }, { "name": "Critical", "description": "Critical severity.", "value": "CRITICAL" } ] }, "google-native:containeranalysis/v1:VulnerabilityOccurrenceResponse": { "description": "An occurrence of a severity vulnerability on a resource.", "properties": { "cvssScore": { "type": "number", "description": "The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10 where 0 indicates low severity and 10 indicates high severity." }, "cvssV2": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CVSSResponse", "description": "The cvss v2 score for the vulnerability." }, "cvssVersion": { "type": "string", "description": "CVSS version used to populate cvss_score and severity." }, "cvssv3": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CVSSResponse", "description": "The cvss v3 score for the vulnerability." }, "effectiveSeverity": { "type": "string", "description": "The distro assigned severity for this vulnerability when it is available, otherwise this is the note provider assigned severity. When there are multiple PackageIssues for this vulnerability, they can have different effective severities because some might be provided by the distro while others are provided by the language ecosystem for a language pack. For this reason, it is advised to use the effective severity on the PackageIssue level. In the case where multiple PackageIssues have differing effective severities, this field should be the highest severity for any of the PackageIssues." }, "extraDetails": { "type": "string", "description": "Occurrence-specific extra details about the vulnerability." }, "fixAvailable": { "type": "boolean", "description": "Whether at least one of the affected packages has a fix available." }, "longDescription": { "type": "string", "description": "A detailed description of this vulnerability." }, "packageIssue": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:PackageIssueResponse" }, "description": "The set of affected locations and their fixes (if available) within the associated resource." }, "relatedUrls": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:RelatedUrlResponse" }, "description": "URLs related to this vulnerability." }, "severity": { "type": "string", "description": "The note provider assigned severity of this vulnerability." }, "shortDescription": { "type": "string", "description": "A one sentence description of this vulnerability." }, "type": { "type": "string", "description": "The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.)." }, "vexAssessment": { "$ref": "#/types/google-native:containeranalysis%2Fv1:VexAssessmentResponse" } }, "type": "object", "required": [ "cvssScore", "cvssV2", "cvssVersion", "cvssv3", "effectiveSeverity", "extraDetails", "fixAvailable", "longDescription", "packageIssue", "relatedUrls", "severity", "shortDescription", "type", "vexAssessment" ] }, "google-native:containeranalysis/v1:WindowsDetail": { "properties": { "cpeUri": { "type": "string", "description": "The [CPE URI](https://cpe.mitre.org/specification/) this vulnerability affects." }, "description": { "type": "string", "description": "The description of this vulnerability." }, "fixingKbs": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:KnowledgeBase" }, "description": "The names of the KBs which have hotfixes to mitigate this vulnerability. Note that there may be multiple hotfixes (and thus multiple KBs) that mitigate a given vulnerability. Currently any listed KBs presence is considered a fix." }, "name": { "type": "string", "description": "The name of this vulnerability." } }, "type": "object", "required": [ "cpeUri", "fixingKbs", "name" ] }, "google-native:containeranalysis/v1:WindowsDetailResponse": { "properties": { "cpeUri": { "type": "string", "description": "The [CPE URI](https://cpe.mitre.org/specification/) this vulnerability affects." }, "description": { "type": "string", "description": "The description of this vulnerability." }, "fixingKbs": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:KnowledgeBaseResponse" }, "description": "The names of the KBs which have hotfixes to mitigate this vulnerability. Note that there may be multiple hotfixes (and thus multiple KBs) that mitigate a given vulnerability. Currently any listed KBs presence is considered a fix." }, "name": { "type": "string", "description": "The name of this vulnerability." } }, "type": "object", "required": [ "cpeUri", "description", "fixingKbs", "name" ] }, "google-native:containeranalysis/v1:WindowsUpdate": { "description": "Windows Update represents the metadata about the update for the Windows operating system. The fields in this message come from the Windows Update API documented at https://docs.microsoft.com/en-us/windows/win32/api/wuapi/nn-wuapi-iupdate.", "properties": { "categories": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Category" }, "description": "The list of categories to which the update belongs." }, "description": { "type": "string", "description": "The localized description of the update." }, "identity": { "$ref": "#/types/google-native:containeranalysis%2Fv1:Identity", "description": "Required - The unique identifier for the update." }, "kbArticleIds": { "type": "array", "items": { "type": "string" }, "description": "The Microsoft Knowledge Base article IDs that are associated with the update." }, "lastPublishedTimestamp": { "type": "string", "description": "The last published timestamp of the update." }, "supportUrl": { "type": "string", "description": "The hyperlink to the support information for the update." }, "title": { "type": "string", "description": "The localized title of the update." } }, "type": "object" }, "google-native:containeranalysis/v1:WindowsUpdateResponse": { "description": "Windows Update represents the metadata about the update for the Windows operating system. The fields in this message come from the Windows Update API documented at https://docs.microsoft.com/en-us/windows/win32/api/wuapi/nn-wuapi-iupdate.", "properties": { "categories": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1:CategoryResponse" }, "description": "The list of categories to which the update belongs." }, "description": { "type": "string", "description": "The localized description of the update." }, "identity": { "$ref": "#/types/google-native:containeranalysis%2Fv1:IdentityResponse", "description": "Required - The unique identifier for the update." }, "kbArticleIds": { "type": "array", "items": { "type": "string" }, "description": "The Microsoft Knowledge Base article IDs that are associated with the update." }, "lastPublishedTimestamp": { "type": "string", "description": "The last published timestamp of the update." }, "supportUrl": { "type": "string", "description": "The hyperlink to the support information for the update." }, "title": { "type": "string", "description": "The localized title of the update." } }, "type": "object", "required": [ "categories", "description", "identity", "kbArticleIds", "lastPublishedTimestamp", "supportUrl", "title" ] }, "google-native:containeranalysis/v1alpha1:AnalysisCompleted": { "description": "Indicates which analysis completed successfully. Multiple types of analysis can be performed on a single resource.", "properties": { "analysisType": { "type": "array", "items": { "type": "string" }, "description": "type of analysis that were completed on a resource." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:AnalysisCompletedResponse": { "description": "Indicates which analysis completed successfully. Multiple types of analysis can be performed on a single resource.", "properties": { "analysisType": { "type": "array", "items": { "type": "string" }, "description": "type of analysis that were completed on a resource." } }, "type": "object", "required": [ "analysisType" ] }, "google-native:containeranalysis/v1alpha1:Artifact": { "description": "Artifact describes a build product.", "properties": { "checksum": { "type": "string", "description": "Hash or checksum value of a binary, or Docker Registry 2.0 digest of a container." }, "id": { "type": "string", "description": "Artifact ID, if any; for container images, this will be a URL by digest like gcr.io/projectID/imagename@sha256:123456" }, "name": { "type": "string", "description": "Name of the artifact. This may be the path to a binary or jar file, or in the case of a container build, the name used to push the container image to Google Container Registry, as presented to `docker push`. This field is deprecated in favor of the plural `names` field; it continues to exist here to allow existing BuildProvenance serialized to json in google.devtools.containeranalysis.v1alpha1.BuildDetails.provenance_bytes to deserialize back into proto.", "deprecationMessage": "Name of the artifact. This may be the path to a binary or jar file, or in the case of a container build, the name used to push the container image to Google Container Registry, as presented to `docker push`. This field is deprecated in favor of the plural `names` field; it continues to exist here to allow existing BuildProvenance serialized to json in google.devtools.containeranalysis.v1alpha1.BuildDetails.provenance_bytes to deserialize back into proto." }, "names": { "type": "array", "items": { "type": "string" }, "description": "Related artifact names. This may be the path to a binary or jar file, or in the case of a container build, the name used to push the container image to Google Container Registry, as presented to `docker push`. Note that a single Artifact ID can have multiple names, for example if two tags are applied to one image." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:ArtifactResponse": { "description": "Artifact describes a build product.", "properties": { "checksum": { "type": "string", "description": "Hash or checksum value of a binary, or Docker Registry 2.0 digest of a container." }, "name": { "type": "string", "description": "Name of the artifact. This may be the path to a binary or jar file, or in the case of a container build, the name used to push the container image to Google Container Registry, as presented to `docker push`. This field is deprecated in favor of the plural `names` field; it continues to exist here to allow existing BuildProvenance serialized to json in google.devtools.containeranalysis.v1alpha1.BuildDetails.provenance_bytes to deserialize back into proto.", "deprecationMessage": "Name of the artifact. This may be the path to a binary or jar file, or in the case of a container build, the name used to push the container image to Google Container Registry, as presented to `docker push`. This field is deprecated in favor of the plural `names` field; it continues to exist here to allow existing BuildProvenance serialized to json in google.devtools.containeranalysis.v1alpha1.BuildDetails.provenance_bytes to deserialize back into proto." }, "names": { "type": "array", "items": { "type": "string" }, "description": "Related artifact names. This may be the path to a binary or jar file, or in the case of a container build, the name used to push the container image to Google Container Registry, as presented to `docker push`. Note that a single Artifact ID can have multiple names, for example if two tags are applied to one image." } }, "type": "object", "required": [ "checksum", "name", "names" ] }, "google-native:containeranalysis/v1alpha1:Assessment": { "description": "Assessment provides all information that is related to a single vulnerability for this product.", "properties": { "cve": { "type": "string", "description": "Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability." }, "impacts": { "type": "array", "items": { "type": "string" }, "description": "Contains information about the impact of this vulnerability, this will change with time." }, "justification": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Justification", "description": "Justification provides the justification when the state of the assessment if NOT_AFFECTED." }, "longDescription": { "type": "string", "description": "A detailed description of this Vex." }, "relatedUris": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:URI" }, "description": "Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability." }, "remediations": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Remediation" }, "description": "Specifies details on how to handle (and presumably, fix) a vulnerability." }, "shortDescription": { "type": "string", "description": "A one sentence description of this Vex." }, "state": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:AssessmentState", "description": "Provides the state of this Vulnerability assessment." }, "vulnerabilityId": { "type": "string", "description": "The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:AssessmentResponse": { "description": "Assessment provides all information that is related to a single vulnerability for this product.", "properties": { "cve": { "type": "string", "description": "Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability." }, "impacts": { "type": "array", "items": { "type": "string" }, "description": "Contains information about the impact of this vulnerability, this will change with time." }, "justification": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:JustificationResponse", "description": "Justification provides the justification when the state of the assessment if NOT_AFFECTED." }, "longDescription": { "type": "string", "description": "A detailed description of this Vex." }, "relatedUris": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:URIResponse" }, "description": "Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability." }, "remediations": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:RemediationResponse" }, "description": "Specifies details on how to handle (and presumably, fix) a vulnerability." }, "shortDescription": { "type": "string", "description": "A one sentence description of this Vex." }, "state": { "type": "string", "description": "Provides the state of this Vulnerability assessment." }, "vulnerabilityId": { "type": "string", "description": "The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc." } }, "type": "object", "required": [ "cve", "impacts", "justification", "longDescription", "relatedUris", "remediations", "shortDescription", "state", "vulnerabilityId" ] }, "google-native:containeranalysis/v1alpha1:AssessmentState": { "description": "Provides the state of this Vulnerability assessment.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "No state is specified.", "value": "STATE_UNSPECIFIED" }, { "name": "Affected", "description": "This product is known to be affected by this vulnerability.", "value": "AFFECTED" }, { "name": "NotAffected", "description": "This product is known to be not affected by this vulnerability.", "value": "NOT_AFFECTED" }, { "name": "Fixed", "description": "This product contains a fix for this vulnerability.", "value": "FIXED" }, { "name": "UnderInvestigation", "description": "It is not known yet whether these versions are or are not affected by the vulnerability. However, it is still under investigation.", "value": "UNDER_INVESTIGATION" } ] }, "google-native:containeranalysis/v1alpha1:Attestation": { "description": "Occurrence that represents a single \"attestation\". The authenticity of an Attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the AttestationAuthority to which this Attestation is attached is primarily useful for look-up (how to find this Attestation if you already know the Authority and artifact to be verified) and intent (which authority was this attestation intended to sign for).", "properties": { "pgpSignedAttestation": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:PgpSignedAttestation" } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:AttestationAuthority": { "description": "Note kind that represents a logical attestation \"role\" or \"authority\". For example, an organization might have one `AttestationAuthority` for \"QA\" and one for \"build\". This Note is intended to act strictly as a grouping mechanism for the attached Occurrences (Attestations). This grouping mechanism also provides a security boundary, since IAM ACLs gate the ability for a principle to attach an Occurrence to a given Note. It also provides a single point of lookup to find all attached Attestation Occurrences, even if they don't all live in the same project.", "properties": { "hint": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:AttestationAuthorityHint" } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:AttestationAuthorityHint": { "description": "This submessage provides human-readable hints about the purpose of the AttestationAuthority. Because the name of a Note acts as its resource reference, it is important to disambiguate the canonical name of the Note (which might be a UUID for security purposes) from \"readable\" names more suitable for debug output. Note that these hints should NOT be used to look up AttestationAuthorities in security sensitive contexts, such as when looking up Attestations to verify.", "properties": { "humanReadableName": { "type": "string", "description": "The human readable name of this Attestation Authority, for example \"qa\"." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:AttestationAuthorityHintResponse": { "description": "This submessage provides human-readable hints about the purpose of the AttestationAuthority. Because the name of a Note acts as its resource reference, it is important to disambiguate the canonical name of the Note (which might be a UUID for security purposes) from \"readable\" names more suitable for debug output. Note that these hints should NOT be used to look up AttestationAuthorities in security sensitive contexts, such as when looking up Attestations to verify.", "properties": { "humanReadableName": { "type": "string", "description": "The human readable name of this Attestation Authority, for example \"qa\"." } }, "type": "object", "required": [ "humanReadableName" ] }, "google-native:containeranalysis/v1alpha1:AttestationAuthorityResponse": { "description": "Note kind that represents a logical attestation \"role\" or \"authority\". For example, an organization might have one `AttestationAuthority` for \"QA\" and one for \"build\". This Note is intended to act strictly as a grouping mechanism for the attached Occurrences (Attestations). This grouping mechanism also provides a security boundary, since IAM ACLs gate the ability for a principle to attach an Occurrence to a given Note. It also provides a single point of lookup to find all attached Attestation Occurrences, even if they don't all live in the same project.", "properties": { "hint": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:AttestationAuthorityHintResponse" } }, "type": "object", "required": [ "hint" ] }, "google-native:containeranalysis/v1alpha1:AttestationResponse": { "description": "Occurrence that represents a single \"attestation\". The authenticity of an Attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the AttestationAuthority to which this Attestation is attached is primarily useful for look-up (how to find this Attestation if you already know the Authority and artifact to be verified) and intent (which authority was this attestation intended to sign for).", "properties": { "pgpSignedAttestation": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:PgpSignedAttestationResponse" } }, "type": "object", "required": [ "pgpSignedAttestation" ] }, "google-native:containeranalysis/v1alpha1:Basis": { "description": "Basis describes the base image portion (Note) of the DockerImage relationship. Linked occurrences are derived from this or an equivalent image via: FROM Or an equivalent reference, e.g. a tag of the resource_url.", "properties": { "fingerprint": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Fingerprint", "description": "The fingerprint of the base image." }, "resourceUrl": { "type": "string", "description": "The resource_url for the resource representing the basis of associated occurrence images." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:BasisResponse": { "description": "Basis describes the base image portion (Note) of the DockerImage relationship. Linked occurrences are derived from this or an equivalent image via: FROM Or an equivalent reference, e.g. a tag of the resource_url.", "properties": { "fingerprint": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:FingerprintResponse", "description": "The fingerprint of the base image." }, "resourceUrl": { "type": "string", "description": "The resource_url for the resource representing the basis of associated occurrence images." } }, "type": "object", "required": [ "fingerprint", "resourceUrl" ] }, "google-native:containeranalysis/v1alpha1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:containeranalysis/v1alpha1:BuildDefinition": { "properties": { "buildType": { "type": "string" }, "externalParameters": { "type": "object", "additionalProperties": { "type": "string" } }, "internalParameters": { "type": "object", "additionalProperties": { "type": "string" } }, "resolvedDependencies": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:ResourceDescriptor" } } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:BuildDefinitionResponse": { "properties": { "buildType": { "type": "string" }, "externalParameters": { "type": "object", "additionalProperties": { "type": "string" } }, "internalParameters": { "type": "object", "additionalProperties": { "type": "string" } }, "resolvedDependencies": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:ResourceDescriptorResponse" } } }, "type": "object", "required": [ "buildType", "externalParameters", "internalParameters", "resolvedDependencies" ] }, "google-native:containeranalysis/v1alpha1:BuildDetails": { "description": "Message encapsulating build provenance details.", "properties": { "inTotoSlsaProvenanceV1": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:InTotoSlsaProvenanceV1", "description": "In-Toto Slsa Provenance V1 represents a slsa provenance meeting the slsa spec, wrapped in an in-toto statement. This allows for direct jsonification of a to-spec in-toto slsa statement with a to-spec slsa provenance." }, "intotoProvenance": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:InTotoProvenance", "description": "Deprecated. See InTotoStatement for the replacement. In-toto Provenance representation as defined in spec.", "deprecationMessage": "Deprecated. See InTotoStatement for the replacement. In-toto Provenance representation as defined in spec." }, "intotoStatement": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:InTotoStatement", "description": "In-toto Statement representation as defined in spec. The intoto_statement can contain any type of provenance. The serialized payload of the statement can be stored and signed in the Occurrence's envelope." }, "provenance": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:BuildProvenance", "description": "The actual provenance" }, "provenanceBytes": { "type": "string", "description": "Serialized JSON representation of the provenance, used in generating the `BuildSignature` in the corresponding Result. After verifying the signature, `provenance_bytes` can be unmarshalled and compared to the provenance to confirm that it is unchanged. A base64-encoded string representation of the provenance bytes is used for the signature in order to interoperate with openssl which expects this format for signature verification. The serialized form is captured both to avoid ambiguity in how the provenance is marshalled to json as well to prevent incompatibilities with future changes." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:BuildDetailsResponse": { "description": "Message encapsulating build provenance details.", "properties": { "inTotoSlsaProvenanceV1": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:InTotoSlsaProvenanceV1Response", "description": "In-Toto Slsa Provenance V1 represents a slsa provenance meeting the slsa spec, wrapped in an in-toto statement. This allows for direct jsonification of a to-spec in-toto slsa statement with a to-spec slsa provenance." }, "intotoProvenance": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:InTotoProvenanceResponse", "description": "Deprecated. See InTotoStatement for the replacement. In-toto Provenance representation as defined in spec.", "deprecationMessage": "Deprecated. See InTotoStatement for the replacement. In-toto Provenance representation as defined in spec." }, "intotoStatement": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:InTotoStatementResponse", "description": "In-toto Statement representation as defined in spec. The intoto_statement can contain any type of provenance. The serialized payload of the statement can be stored and signed in the Occurrence's envelope." }, "provenance": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:BuildProvenanceResponse", "description": "The actual provenance" }, "provenanceBytes": { "type": "string", "description": "Serialized JSON representation of the provenance, used in generating the `BuildSignature` in the corresponding Result. After verifying the signature, `provenance_bytes` can be unmarshalled and compared to the provenance to confirm that it is unchanged. A base64-encoded string representation of the provenance bytes is used for the signature in order to interoperate with openssl which expects this format for signature verification. The serialized form is captured both to avoid ambiguity in how the provenance is marshalled to json as well to prevent incompatibilities with future changes." } }, "type": "object", "required": [ "inTotoSlsaProvenanceV1", "intotoProvenance", "intotoStatement", "provenance", "provenanceBytes" ] }, "google-native:containeranalysis/v1alpha1:BuildMetadata": { "properties": { "finishedOn": { "type": "string" }, "invocationId": { "type": "string" }, "startedOn": { "type": "string" } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:BuildMetadataResponse": { "properties": { "finishedOn": { "type": "string" }, "invocationId": { "type": "string" }, "startedOn": { "type": "string" } }, "type": "object", "required": [ "finishedOn", "invocationId", "startedOn" ] }, "google-native:containeranalysis/v1alpha1:BuildProvenance": { "description": "Provenance of a build. Contains all information needed to verify the full details about the build from source to completion.", "properties": { "buildOptions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Special options applied to this build. This is a catch-all field where build providers can enter any desired additional details." }, "builderVersion": { "type": "string", "description": "Version string of the builder at the time this build was executed." }, "builtArtifacts": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Artifact" }, "description": "Output of the build." }, "commands": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Command" }, "description": "Commands requested by the build." }, "createTime": { "type": "string", "description": "Time at which the build was created." }, "creator": { "type": "string", "description": "E-mail address of the user who initiated this build. Note that this was the user's e-mail address at the time the build was initiated; this address may not represent the same end-user for all time." }, "finishTime": { "type": "string", "description": "Time at which execution of the build was finished." }, "id": { "type": "string", "description": "Unique identifier of the build." }, "logsBucket": { "type": "string", "description": "Google Cloud Storage bucket where logs were written." }, "project": { "type": "string", "description": "ID of the project." }, "sourceProvenance": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Source", "description": "Details of the Source input to the build." }, "startTime": { "type": "string", "description": "Time at which execution of the build was started." }, "triggerId": { "type": "string", "description": "Trigger identifier if the build was triggered automatically; empty if not." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:BuildProvenanceResponse": { "description": "Provenance of a build. Contains all information needed to verify the full details about the build from source to completion.", "properties": { "buildOptions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Special options applied to this build. This is a catch-all field where build providers can enter any desired additional details." }, "builderVersion": { "type": "string", "description": "Version string of the builder at the time this build was executed." }, "builtArtifacts": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:ArtifactResponse" }, "description": "Output of the build." }, "commands": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:CommandResponse" }, "description": "Commands requested by the build." }, "createTime": { "type": "string", "description": "Time at which the build was created." }, "creator": { "type": "string", "description": "E-mail address of the user who initiated this build. Note that this was the user's e-mail address at the time the build was initiated; this address may not represent the same end-user for all time." }, "finishTime": { "type": "string", "description": "Time at which execution of the build was finished." }, "logsBucket": { "type": "string", "description": "Google Cloud Storage bucket where logs were written." }, "project": { "type": "string", "description": "ID of the project." }, "sourceProvenance": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:SourceResponse", "description": "Details of the Source input to the build." }, "startTime": { "type": "string", "description": "Time at which execution of the build was started." }, "triggerId": { "type": "string", "description": "Trigger identifier if the build was triggered automatically; empty if not." } }, "type": "object", "required": [ "buildOptions", "builderVersion", "builtArtifacts", "commands", "createTime", "creator", "finishTime", "logsBucket", "project", "sourceProvenance", "startTime", "triggerId" ] }, "google-native:containeranalysis/v1alpha1:BuildSignature": { "description": "Message encapsulating the signature of the verified build.", "properties": { "keyId": { "type": "string", "description": "An Id for the key used to sign. This could be either an Id for the key stored in `public_key` (such as the Id or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service)." }, "keyType": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:BuildSignatureKeyType", "description": "The type of the key, either stored in `public_key` or referenced in `key_id`" }, "publicKey": { "type": "string", "description": "Public key of the builder which can be used to verify that the related findings are valid and unchanged. If `key_type` is empty, this defaults to PEM encoded public keys. This field may be empty if `key_id` references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from `BuildDetails` are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: `openssl sha256 -verify public.pem -signature signature.bin signed.bin`" }, "signature": { "type": "string", "description": "Signature of the related `BuildProvenance`, encoded in a base64 string." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:BuildSignatureKeyType": { "description": "The type of the key, either stored in `public_key` or referenced in `key_id`", "type": "string", "enum": [ { "name": "KeyTypeUnspecified", "description": "`KeyType` is not set.", "value": "KEY_TYPE_UNSPECIFIED" }, { "name": "PgpAsciiArmored", "description": "`PGP ASCII Armored` public key.", "value": "PGP_ASCII_ARMORED" }, { "name": "PkixPem", "description": "`PKIX PEM` public key.", "value": "PKIX_PEM" } ] }, "google-native:containeranalysis/v1alpha1:BuildSignatureResponse": { "description": "Message encapsulating the signature of the verified build.", "properties": { "keyId": { "type": "string", "description": "An Id for the key used to sign. This could be either an Id for the key stored in `public_key` (such as the Id or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service)." }, "keyType": { "type": "string", "description": "The type of the key, either stored in `public_key` or referenced in `key_id`" }, "publicKey": { "type": "string", "description": "Public key of the builder which can be used to verify that the related findings are valid and unchanged. If `key_type` is empty, this defaults to PEM encoded public keys. This field may be empty if `key_id` references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from `BuildDetails` are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: `openssl sha256 -verify public.pem -signature signature.bin signed.bin`" }, "signature": { "type": "string", "description": "Signature of the related `BuildProvenance`, encoded in a base64 string." } }, "type": "object", "required": [ "keyId", "keyType", "publicKey", "signature" ] }, "google-native:containeranalysis/v1alpha1:BuildType": { "description": "Note holding the version of the provider's builder and the signature of the provenance message in linked BuildDetails.", "properties": { "builderVersion": { "type": "string", "description": "Version of the builder which produced this Note." }, "signature": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:BuildSignature", "description": "Signature of the build in Occurrences pointing to the Note containing this `BuilderDetails`." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:BuildTypeResponse": { "description": "Note holding the version of the provider's builder and the signature of the provenance message in linked BuildDetails.", "properties": { "builderVersion": { "type": "string", "description": "Version of the builder which produced this Note." }, "signature": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:BuildSignatureResponse", "description": "Signature of the build in Occurrences pointing to the Note containing this `BuilderDetails`." } }, "type": "object", "required": [ "builderVersion", "signature" ] }, "google-native:containeranalysis/v1alpha1:BuilderConfig": { "properties": { "id": { "type": "string" } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:BuilderConfigResponse": { "type": "object" }, "google-native:containeranalysis/v1alpha1:CVSS": { "description": "Common Vulnerability Scoring System. This message is compatible with CVSS v2 and v3. For CVSS v2 details, see https://www.first.org/cvss/v2/guide CVSS v2 calculator: https://nvd.nist.gov/vuln-metrics/cvss/v2-calculator For CVSS v3 details, see https://www.first.org/cvss/specification-document CVSS v3 calculator: https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator", "properties": { "attackComplexity": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:CVSSAttackComplexity", "description": "Defined in CVSS v3, CVSS v2" }, "attackVector": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:CVSSAttackVector", "description": "Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2" }, "authentication": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:CVSSAuthentication", "description": "Defined in CVSS v2" }, "availabilityImpact": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:CVSSAvailabilityImpact", "description": "Defined in CVSS v3, CVSS v2" }, "baseScore": { "type": "number", "description": "The base score is a function of the base metric scores." }, "confidentialityImpact": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:CVSSConfidentialityImpact", "description": "Defined in CVSS v3, CVSS v2" }, "exploitabilityScore": { "type": "number" }, "impactScore": { "type": "number" }, "integrityImpact": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:CVSSIntegrityImpact", "description": "Defined in CVSS v3, CVSS v2" }, "privilegesRequired": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:CVSSPrivilegesRequired", "description": "Defined in CVSS v3" }, "scope": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:CVSSScope", "description": "Defined in CVSS v3" }, "userInteraction": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:CVSSUserInteraction", "description": "Defined in CVSS v3" } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:CVSSAttackComplexity": { "description": "Defined in CVSS v3, CVSS v2", "type": "string", "enum": [ { "name": "AttackComplexityUnspecified", "description": "Defined in CVSS v3, CVSS v2", "value": "ATTACK_COMPLEXITY_UNSPECIFIED" }, { "name": "AttackComplexityLow", "description": "Defined in CVSS v3, CVSS v2", "value": "ATTACK_COMPLEXITY_LOW" }, { "name": "AttackComplexityHigh", "description": "Defined in CVSS v3, CVSS v2", "value": "ATTACK_COMPLEXITY_HIGH" }, { "name": "AttackComplexityMedium", "description": "Defined in CVSS v2", "value": "ATTACK_COMPLEXITY_MEDIUM" } ] }, "google-native:containeranalysis/v1alpha1:CVSSAttackVector": { "description": "Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2", "type": "string", "enum": [ { "name": "AttackVectorUnspecified", "description": "Defined in CVSS v3, CVSS v2", "value": "ATTACK_VECTOR_UNSPECIFIED" }, { "name": "AttackVectorNetwork", "description": "Defined in CVSS v3, CVSS v2", "value": "ATTACK_VECTOR_NETWORK" }, { "name": "AttackVectorAdjacent", "description": "Defined in CVSS v3, CVSS v2", "value": "ATTACK_VECTOR_ADJACENT" }, { "name": "AttackVectorLocal", "description": "Defined in CVSS v3, CVSS v2", "value": "ATTACK_VECTOR_LOCAL" }, { "name": "AttackVectorPhysical", "description": "Defined in CVSS v3", "value": "ATTACK_VECTOR_PHYSICAL" } ] }, "google-native:containeranalysis/v1alpha1:CVSSAuthentication": { "description": "Defined in CVSS v2", "type": "string", "enum": [ { "name": "AuthenticationUnspecified", "description": "Defined in CVSS v2", "value": "AUTHENTICATION_UNSPECIFIED" }, { "name": "AuthenticationMultiple", "description": "Defined in CVSS v2", "value": "AUTHENTICATION_MULTIPLE" }, { "name": "AuthenticationSingle", "description": "Defined in CVSS v2", "value": "AUTHENTICATION_SINGLE" }, { "name": "AuthenticationNone", "description": "Defined in CVSS v2", "value": "AUTHENTICATION_NONE" } ] }, "google-native:containeranalysis/v1alpha1:CVSSAvailabilityImpact": { "description": "Defined in CVSS v3, CVSS v2", "type": "string", "enum": [ { "name": "ImpactUnspecified", "description": "Defined in CVSS v3, CVSS v2", "value": "IMPACT_UNSPECIFIED" }, { "name": "ImpactHigh", "description": "Defined in CVSS v3", "value": "IMPACT_HIGH" }, { "name": "ImpactLow", "description": "Defined in CVSS v3", "value": "IMPACT_LOW" }, { "name": "ImpactNone", "description": "Defined in CVSS v3, CVSS v2", "value": "IMPACT_NONE" }, { "name": "ImpactPartial", "description": "Defined in CVSS v2", "value": "IMPACT_PARTIAL" }, { "name": "ImpactComplete", "description": "Defined in CVSS v2", "value": "IMPACT_COMPLETE" } ] }, "google-native:containeranalysis/v1alpha1:CVSSConfidentialityImpact": { "description": "Defined in CVSS v3, CVSS v2", "type": "string", "enum": [ { "name": "ImpactUnspecified", "description": "Defined in CVSS v3, CVSS v2", "value": "IMPACT_UNSPECIFIED" }, { "name": "ImpactHigh", "description": "Defined in CVSS v3", "value": "IMPACT_HIGH" }, { "name": "ImpactLow", "description": "Defined in CVSS v3", "value": "IMPACT_LOW" }, { "name": "ImpactNone", "description": "Defined in CVSS v3, CVSS v2", "value": "IMPACT_NONE" }, { "name": "ImpactPartial", "description": "Defined in CVSS v2", "value": "IMPACT_PARTIAL" }, { "name": "ImpactComplete", "description": "Defined in CVSS v2", "value": "IMPACT_COMPLETE" } ] }, "google-native:containeranalysis/v1alpha1:CVSSIntegrityImpact": { "description": "Defined in CVSS v3, CVSS v2", "type": "string", "enum": [ { "name": "ImpactUnspecified", "description": "Defined in CVSS v3, CVSS v2", "value": "IMPACT_UNSPECIFIED" }, { "name": "ImpactHigh", "description": "Defined in CVSS v3", "value": "IMPACT_HIGH" }, { "name": "ImpactLow", "description": "Defined in CVSS v3", "value": "IMPACT_LOW" }, { "name": "ImpactNone", "description": "Defined in CVSS v3, CVSS v2", "value": "IMPACT_NONE" }, { "name": "ImpactPartial", "description": "Defined in CVSS v2", "value": "IMPACT_PARTIAL" }, { "name": "ImpactComplete", "description": "Defined in CVSS v2", "value": "IMPACT_COMPLETE" } ] }, "google-native:containeranalysis/v1alpha1:CVSSPrivilegesRequired": { "description": "Defined in CVSS v3", "type": "string", "enum": [ { "name": "PrivilegesRequiredUnspecified", "description": "Defined in CVSS v3", "value": "PRIVILEGES_REQUIRED_UNSPECIFIED" }, { "name": "PrivilegesRequiredNone", "description": "Defined in CVSS v3", "value": "PRIVILEGES_REQUIRED_NONE" }, { "name": "PrivilegesRequiredLow", "description": "Defined in CVSS v3", "value": "PRIVILEGES_REQUIRED_LOW" }, { "name": "PrivilegesRequiredHigh", "description": "Defined in CVSS v3", "value": "PRIVILEGES_REQUIRED_HIGH" } ] }, "google-native:containeranalysis/v1alpha1:CVSSResponse": { "description": "Common Vulnerability Scoring System. This message is compatible with CVSS v2 and v3. For CVSS v2 details, see https://www.first.org/cvss/v2/guide CVSS v2 calculator: https://nvd.nist.gov/vuln-metrics/cvss/v2-calculator For CVSS v3 details, see https://www.first.org/cvss/specification-document CVSS v3 calculator: https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator", "properties": { "attackComplexity": { "type": "string", "description": "Defined in CVSS v3, CVSS v2" }, "attackVector": { "type": "string", "description": "Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2" }, "authentication": { "type": "string", "description": "Defined in CVSS v2" }, "availabilityImpact": { "type": "string", "description": "Defined in CVSS v3, CVSS v2" }, "baseScore": { "type": "number", "description": "The base score is a function of the base metric scores." }, "confidentialityImpact": { "type": "string", "description": "Defined in CVSS v3, CVSS v2" }, "exploitabilityScore": { "type": "number" }, "impactScore": { "type": "number" }, "integrityImpact": { "type": "string", "description": "Defined in CVSS v3, CVSS v2" }, "privilegesRequired": { "type": "string", "description": "Defined in CVSS v3" }, "scope": { "type": "string", "description": "Defined in CVSS v3" }, "userInteraction": { "type": "string", "description": "Defined in CVSS v3" } }, "type": "object", "required": [ "attackComplexity", "attackVector", "authentication", "availabilityImpact", "baseScore", "confidentialityImpact", "exploitabilityScore", "impactScore", "integrityImpact", "privilegesRequired", "scope", "userInteraction" ] }, "google-native:containeranalysis/v1alpha1:CVSSScope": { "description": "Defined in CVSS v3", "type": "string", "enum": [ { "name": "ScopeUnspecified", "description": "Defined in CVSS v3", "value": "SCOPE_UNSPECIFIED" }, { "name": "ScopeUnchanged", "description": "Defined in CVSS v3", "value": "SCOPE_UNCHANGED" }, { "name": "ScopeChanged", "description": "Defined in CVSS v3", "value": "SCOPE_CHANGED" } ] }, "google-native:containeranalysis/v1alpha1:CVSSUserInteraction": { "description": "Defined in CVSS v3", "type": "string", "enum": [ { "name": "UserInteractionUnspecified", "description": "Defined in CVSS v3", "value": "USER_INTERACTION_UNSPECIFIED" }, { "name": "UserInteractionNone", "description": "Defined in CVSS v3", "value": "USER_INTERACTION_NONE" }, { "name": "UserInteractionRequired", "description": "Defined in CVSS v3", "value": "USER_INTERACTION_REQUIRED" } ] }, "google-native:containeranalysis/v1alpha1:CisBenchmark": { "description": "A compliance check that is a CIS benchmark.", "properties": { "profileLevel": { "type": "integer", "description": "The profile level of this CIS benchmark check." }, "severity": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:CisBenchmarkSeverity", "description": "The severity level of this CIS benchmark check." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:CisBenchmarkResponse": { "description": "A compliance check that is a CIS benchmark.", "properties": { "profileLevel": { "type": "integer", "description": "The profile level of this CIS benchmark check." }, "severity": { "type": "string", "description": "The severity level of this CIS benchmark check." } }, "type": "object", "required": [ "profileLevel", "severity" ] }, "google-native:containeranalysis/v1alpha1:CisBenchmarkSeverity": { "description": "The severity level of this CIS benchmark check.", "type": "string", "enum": [ { "name": "SeverityUnspecified", "description": "Unknown Impact", "value": "SEVERITY_UNSPECIFIED" }, { "name": "Minimal", "description": "Minimal Impact", "value": "MINIMAL" }, { "name": "Low", "description": "Low Impact", "value": "LOW" }, { "name": "Medium", "description": "Medium Impact", "value": "MEDIUM" }, { "name": "High", "description": "High Impact", "value": "HIGH" }, { "name": "Critical", "description": "Critical Impact", "value": "CRITICAL" } ] }, "google-native:containeranalysis/v1alpha1:Command": { "description": "Command describes a step performed as part of the build pipeline.", "properties": { "args": { "type": "array", "items": { "type": "string" }, "description": "Command-line arguments used when executing this Command." }, "dir": { "type": "string", "description": "Working directory (relative to project source root) used when running this Command." }, "env": { "type": "array", "items": { "type": "string" }, "description": "Environment variables set before running this Command." }, "id": { "type": "string", "description": "Optional unique identifier for this Command, used in wait_for to reference this Command as a dependency." }, "name": { "type": "string", "description": "Name of the command, as presented on the command line, or if the command is packaged as a Docker container, as presented to `docker pull`." }, "waitFor": { "type": "array", "items": { "type": "string" }, "description": "The ID(s) of the Command(s) that this Command depends on." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:CommandResponse": { "description": "Command describes a step performed as part of the build pipeline.", "properties": { "args": { "type": "array", "items": { "type": "string" }, "description": "Command-line arguments used when executing this Command." }, "dir": { "type": "string", "description": "Working directory (relative to project source root) used when running this Command." }, "env": { "type": "array", "items": { "type": "string" }, "description": "Environment variables set before running this Command." }, "name": { "type": "string", "description": "Name of the command, as presented on the command line, or if the command is packaged as a Docker container, as presented to `docker pull`." }, "waitFor": { "type": "array", "items": { "type": "string" }, "description": "The ID(s) of the Command(s) that this Command depends on." } }, "type": "object", "required": [ "args", "dir", "env", "name", "waitFor" ] }, "google-native:containeranalysis/v1alpha1:Completeness": { "description": "Indicates that the builder claims certain fields in this message to be complete.", "properties": { "arguments": { "type": "boolean", "description": "If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe." }, "environment": { "type": "boolean", "description": "If true, the builder claims that recipe.environment is claimed to be complete." }, "materials": { "type": "boolean", "description": "If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called \"hermetic\"." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:CompletenessResponse": { "description": "Indicates that the builder claims certain fields in this message to be complete.", "properties": { "arguments": { "type": "boolean", "description": "If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe." }, "environment": { "type": "boolean", "description": "If true, the builder claims that recipe.environment is claimed to be complete." }, "materials": { "type": "boolean", "description": "If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called \"hermetic\"." } }, "type": "object", "required": [ "arguments", "environment", "materials" ] }, "google-native:containeranalysis/v1alpha1:ComplianceNote": { "description": "ComplianceNote encapsulates all information about a specific compliance check.", "properties": { "cisBenchmark": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:CisBenchmark", "description": "Right now we only have one compliance type, but we may add additional types in the future." }, "description": { "type": "string", "description": "A description about this compliance check." }, "rationale": { "type": "string", "description": "A rationale for the existence of this compliance check." }, "remediation": { "type": "string", "description": "A description of remediation steps if the compliance check fails." }, "scanInstructions": { "type": "string", "description": "Serialized scan instructions with a predefined format." }, "title": { "type": "string", "description": "The title that identifies this compliance check." }, "version": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:ComplianceVersion" }, "description": "The OS and config versions the benchmark applies to." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:ComplianceNoteResponse": { "description": "ComplianceNote encapsulates all information about a specific compliance check.", "properties": { "cisBenchmark": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:CisBenchmarkResponse", "description": "Right now we only have one compliance type, but we may add additional types in the future." }, "description": { "type": "string", "description": "A description about this compliance check." }, "rationale": { "type": "string", "description": "A rationale for the existence of this compliance check." }, "remediation": { "type": "string", "description": "A description of remediation steps if the compliance check fails." }, "scanInstructions": { "type": "string", "description": "Serialized scan instructions with a predefined format." }, "title": { "type": "string", "description": "The title that identifies this compliance check." }, "version": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:ComplianceVersionResponse" }, "description": "The OS and config versions the benchmark applies to." } }, "type": "object", "required": [ "cisBenchmark", "description", "rationale", "remediation", "scanInstructions", "title", "version" ] }, "google-native:containeranalysis/v1alpha1:ComplianceOccurrence": { "description": "An indication that the compliance checks in the associated ComplianceNote were not satisfied for particular resources or a specified reason.", "properties": { "nonComplianceReason": { "type": "string", "description": "The reason for non compliance of these files." }, "nonCompliantFiles": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:NonCompliantFile" }, "description": "A list of files which are violating compliance checks." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:ComplianceOccurrenceResponse": { "description": "An indication that the compliance checks in the associated ComplianceNote were not satisfied for particular resources or a specified reason.", "properties": { "nonComplianceReason": { "type": "string", "description": "The reason for non compliance of these files." }, "nonCompliantFiles": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:NonCompliantFileResponse" }, "description": "A list of files which are violating compliance checks." } }, "type": "object", "required": [ "nonComplianceReason", "nonCompliantFiles" ] }, "google-native:containeranalysis/v1alpha1:ComplianceVersion": { "description": "Describes the CIS benchmark version that is applicable to a given OS and os version.", "properties": { "benchmarkDocument": { "type": "string", "description": "The name of the document that defines this benchmark, e.g. \"CIS Container-Optimized OS\"." }, "cpeUri": { "type": "string", "description": "The CPE URI (https://cpe.mitre.org/specification/) this benchmark is applicable to." }, "version": { "type": "string", "description": "The version of the benchmark. This is set to the version of the OS-specific CIS document the benchmark is defined in." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:ComplianceVersionResponse": { "description": "Describes the CIS benchmark version that is applicable to a given OS and os version.", "properties": { "benchmarkDocument": { "type": "string", "description": "The name of the document that defines this benchmark, e.g. \"CIS Container-Optimized OS\"." }, "cpeUri": { "type": "string", "description": "The CPE URI (https://cpe.mitre.org/specification/) this benchmark is applicable to." }, "version": { "type": "string", "description": "The version of the benchmark. This is set to the version of the OS-specific CIS document the benchmark is defined in." } }, "type": "object", "required": [ "benchmarkDocument", "cpeUri", "version" ] }, "google-native:containeranalysis/v1alpha1:DSSEAttestationNote": { "description": "A note describing an attestation", "properties": { "hint": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:DSSEHint", "description": "DSSEHint hints at the purpose of the attestation authority." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:DSSEAttestationNoteResponse": { "description": "A note describing an attestation", "properties": { "hint": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:DSSEHintResponse", "description": "DSSEHint hints at the purpose of the attestation authority." } }, "type": "object", "required": [ "hint" ] }, "google-native:containeranalysis/v1alpha1:DSSEAttestationOccurrence": { "description": "An occurrence describing an attestation on a resource", "properties": { "envelope": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Envelope", "description": "If doing something security critical, make sure to verify the signatures in this metadata." }, "statement": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:InTotoStatement" } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:DSSEAttestationOccurrenceResponse": { "description": "An occurrence describing an attestation on a resource", "properties": { "envelope": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:EnvelopeResponse", "description": "If doing something security critical, make sure to verify the signatures in this metadata." }, "statement": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:InTotoStatementResponse" } }, "type": "object", "required": [ "envelope", "statement" ] }, "google-native:containeranalysis/v1alpha1:DSSEHint": { "description": "This submessage provides human-readable hints about the purpose of the authority. Because the name of a note acts as its resource reference, it is important to disambiguate the canonical name of the Note (which might be a UUID for security purposes) from \"readable\" names more suitable for debug output. Note that these hints should not be used to look up authorities in security sensitive contexts, such as when looking up attestations to verify.", "properties": { "humanReadableName": { "type": "string", "description": "The human readable name of this attestation authority, for example \"cloudbuild-prod\"." } }, "type": "object", "required": [ "humanReadableName" ] }, "google-native:containeranalysis/v1alpha1:DSSEHintResponse": { "description": "This submessage provides human-readable hints about the purpose of the authority. Because the name of a note acts as its resource reference, it is important to disambiguate the canonical name of the Note (which might be a UUID for security purposes) from \"readable\" names more suitable for debug output. Note that these hints should not be used to look up authorities in security sensitive contexts, such as when looking up attestations to verify.", "properties": { "humanReadableName": { "type": "string", "description": "The human readable name of this attestation authority, for example \"cloudbuild-prod\"." } }, "type": "object", "required": [ "humanReadableName" ] }, "google-native:containeranalysis/v1alpha1:Deployable": { "description": "An artifact that can be deployed in some runtime.", "properties": { "resourceUri": { "type": "array", "items": { "type": "string" }, "description": "Resource URI for the artifact being deployed." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:DeployableResponse": { "description": "An artifact that can be deployed in some runtime.", "properties": { "resourceUri": { "type": "array", "items": { "type": "string" }, "description": "Resource URI for the artifact being deployed." } }, "type": "object", "required": [ "resourceUri" ] }, "google-native:containeranalysis/v1alpha1:Deployment": { "description": "The period during which some deployable was active in a runtime.", "properties": { "address": { "type": "string", "description": "Address of the runtime element hosting this deployment." }, "config": { "type": "string", "description": "Configuration used to create this deployment." }, "deployTime": { "type": "string", "description": "Beginning of the lifetime of this deployment." }, "platform": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:DeploymentPlatform", "description": "Platform hosting this deployment." }, "resourceUri": { "type": "array", "items": { "type": "string" }, "description": "Resource URI for the artifact being deployed taken from the deployable field with the same name." }, "undeployTime": { "type": "string", "description": "End of the lifetime of this deployment." }, "userEmail": { "type": "string", "description": "Identity of the user that triggered this deployment." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:DeploymentPlatform": { "description": "Platform hosting this deployment.", "type": "string", "enum": [ { "name": "PlatformUnspecified", "description": "Unknown", "value": "PLATFORM_UNSPECIFIED" }, { "name": "Gke", "description": "Google Container Engine", "value": "GKE" }, { "name": "Flex", "description": "Google App Engine: Flexible Environment", "value": "FLEX" }, { "name": "Custom", "description": "Custom user-defined platform", "value": "CUSTOM" } ] }, "google-native:containeranalysis/v1alpha1:DeploymentResponse": { "description": "The period during which some deployable was active in a runtime.", "properties": { "address": { "type": "string", "description": "Address of the runtime element hosting this deployment." }, "config": { "type": "string", "description": "Configuration used to create this deployment." }, "deployTime": { "type": "string", "description": "Beginning of the lifetime of this deployment." }, "platform": { "type": "string", "description": "Platform hosting this deployment." }, "resourceUri": { "type": "array", "items": { "type": "string" }, "description": "Resource URI for the artifact being deployed taken from the deployable field with the same name." }, "undeployTime": { "type": "string", "description": "End of the lifetime of this deployment." }, "userEmail": { "type": "string", "description": "Identity of the user that triggered this deployment." } }, "type": "object", "required": [ "address", "config", "deployTime", "platform", "resourceUri", "undeployTime", "userEmail" ] }, "google-native:containeranalysis/v1alpha1:Derived": { "description": "Derived describes the derived image portion (Occurrence) of the DockerImage relationship. This image would be produced from a Dockerfile with FROM .", "properties": { "fingerprint": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Fingerprint", "description": "The fingerprint of the derived image." }, "layerInfo": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Layer" }, "description": "This contains layer-specific metadata, if populated it has length \"distance\" and is ordered with [distance] being the layer immediately following the base image and [1] being the final layer." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:DerivedResponse": { "description": "Derived describes the derived image portion (Occurrence) of the DockerImage relationship. This image would be produced from a Dockerfile with FROM .", "properties": { "baseResourceUrl": { "type": "string", "description": "This contains the base image URL for the derived image occurrence." }, "distance": { "type": "integer", "description": "The number of layers by which this image differs from the associated image basis." }, "fingerprint": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:FingerprintResponse", "description": "The fingerprint of the derived image." }, "layerInfo": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:LayerResponse" }, "description": "This contains layer-specific metadata, if populated it has length \"distance\" and is ordered with [distance] being the layer immediately following the base image and [1] being the final layer." } }, "type": "object", "required": [ "baseResourceUrl", "distance", "fingerprint", "layerInfo" ] }, "google-native:containeranalysis/v1alpha1:Detail": { "description": "Identifies all occurrences of this vulnerability in the package for a specific distro/location For example: glibc in cpe:/o:debian:debian_linux:8 for versions 2.1 - 2.2", "properties": { "cpeUri": { "type": "string", "description": "The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests." }, "description": { "type": "string", "description": "A vendor-specific description of this note." }, "fixedLocation": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:VulnerabilityLocation", "description": "The fix for this specific package version." }, "isObsolete": { "type": "boolean", "description": "Whether this Detail is obsolete. Occurrences are expected not to point to obsolete details." }, "maxAffectedVersion": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Version", "description": "The max version of the package in which the vulnerability exists." }, "minAffectedVersion": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Version", "description": "The min version of the package in which the vulnerability exists." }, "package": { "type": "string", "description": "The name of the package where the vulnerability was found. This field can be used as a filter in list requests." }, "packageType": { "type": "string", "description": "The type of package; whether native or non native(ruby gems, node.js packages etc)" }, "severityName": { "type": "string", "description": "The severity (eg: distro assigned severity) for this vulnerability." }, "source": { "type": "string", "description": "The source from which the information in this Detail was obtained." }, "vendor": { "type": "string", "description": "The vendor of the product. e.g. \"google\"" } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:DetailResponse": { "description": "Identifies all occurrences of this vulnerability in the package for a specific distro/location For example: glibc in cpe:/o:debian:debian_linux:8 for versions 2.1 - 2.2", "properties": { "cpeUri": { "type": "string", "description": "The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests." }, "description": { "type": "string", "description": "A vendor-specific description of this note." }, "fixedLocation": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:VulnerabilityLocationResponse", "description": "The fix for this specific package version." }, "isObsolete": { "type": "boolean", "description": "Whether this Detail is obsolete. Occurrences are expected not to point to obsolete details." }, "maxAffectedVersion": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:VersionResponse", "description": "The max version of the package in which the vulnerability exists." }, "minAffectedVersion": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:VersionResponse", "description": "The min version of the package in which the vulnerability exists." }, "package": { "type": "string", "description": "The name of the package where the vulnerability was found. This field can be used as a filter in list requests." }, "packageType": { "type": "string", "description": "The type of package; whether native or non native(ruby gems, node.js packages etc)" }, "severityName": { "type": "string", "description": "The severity (eg: distro assigned severity) for this vulnerability." }, "source": { "type": "string", "description": "The source from which the information in this Detail was obtained." }, "vendor": { "type": "string", "description": "The vendor of the product. e.g. \"google\"" } }, "type": "object", "required": [ "cpeUri", "description", "fixedLocation", "isObsolete", "maxAffectedVersion", "minAffectedVersion", "package", "packageType", "severityName", "source", "vendor" ] }, "google-native:containeranalysis/v1alpha1:Digest": { "description": "Digest information.", "properties": { "algo": { "type": "string", "description": "`SHA1`, `SHA512` etc." }, "digestBytes": { "type": "string", "description": "Value of the digest." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:DigestResponse": { "description": "Digest information.", "properties": { "algo": { "type": "string", "description": "`SHA1`, `SHA512` etc." }, "digestBytes": { "type": "string", "description": "Value of the digest." } }, "type": "object", "required": [ "algo", "digestBytes" ] }, "google-native:containeranalysis/v1alpha1:Discovered": { "description": "Provides information about the scan status of a discovered resource.", "properties": { "analysisCompleted": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:AnalysisCompleted", "description": "The list of analysis that were completed for a resource." }, "analysisError": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Status" }, "description": "Indicates any errors encountered during analysis of a resource. There could be 0 or more of these errors." }, "analysisStatus": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:DiscoveredAnalysisStatus", "description": "The status of discovery for the resource." }, "analysisStatusError": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Status", "description": "When an error is encountered this will contain a LocalizedMessage under details to show to the user. The LocalizedMessage output only and populated by the API." }, "archiveTime": { "type": "string", "description": "The time occurrences related to this discovery occurrence were archived." }, "continuousAnalysis": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:DiscoveredContinuousAnalysis", "description": "Whether the resource is continuously analyzed." }, "cpe": { "type": "string", "description": "The CPE of the resource being scanned." }, "lastScanTime": { "type": "string", "description": "The last time this resource was scanned." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:DiscoveredAnalysisStatus": { "description": "The status of discovery for the resource.", "type": "string", "enum": [ { "name": "AnalysisStatusUnspecified", "description": "Unknown", "value": "ANALYSIS_STATUS_UNSPECIFIED" }, { "name": "Pending", "description": "Resource is known but no action has been taken yet.", "value": "PENDING" }, { "name": "Scanning", "description": "Resource is being analyzed.", "value": "SCANNING" }, { "name": "Complete", "description": "Analysis has completed", "value": "COMPLETE" }, { "name": "FinishedSuccess", "description": "Analysis has finished successfully.", "value": "FINISHED_SUCCESS" }, { "name": "FinishedFailed", "description": "Analysis has finished unsuccessfully, the analysis itself is in a bad state.", "value": "FINISHED_FAILED" }, { "name": "FinishedUnsupported", "description": "The resource is known not to be supported.", "value": "FINISHED_UNSUPPORTED" } ] }, "google-native:containeranalysis/v1alpha1:DiscoveredContinuousAnalysis": { "description": "Whether the resource is continuously analyzed.", "type": "string", "enum": [ { "name": "ContinuousAnalysisUnspecified", "description": "Unknown", "value": "CONTINUOUS_ANALYSIS_UNSPECIFIED" }, { "name": "Active", "description": "The resource is continuously analyzed.", "value": "ACTIVE" }, { "name": "Inactive", "description": "The resource is ignored for continuous analysis.", "value": "INACTIVE" } ] }, "google-native:containeranalysis/v1alpha1:DiscoveredResponse": { "description": "Provides information about the scan status of a discovered resource.", "properties": { "analysisCompleted": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:AnalysisCompletedResponse", "description": "The list of analysis that were completed for a resource." }, "analysisError": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:StatusResponse" }, "description": "Indicates any errors encountered during analysis of a resource. There could be 0 or more of these errors." }, "analysisStatus": { "type": "string", "description": "The status of discovery for the resource." }, "analysisStatusError": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:StatusResponse", "description": "When an error is encountered this will contain a LocalizedMessage under details to show to the user. The LocalizedMessage output only and populated by the API." }, "archiveTime": { "type": "string", "description": "The time occurrences related to this discovery occurrence were archived." }, "continuousAnalysis": { "type": "string", "description": "Whether the resource is continuously analyzed." }, "cpe": { "type": "string", "description": "The CPE of the resource being scanned." }, "lastScanTime": { "type": "string", "description": "The last time this resource was scanned." }, "operation": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:OperationResponse", "description": "An operation that indicates the status of the current scan. This field is deprecated, do not use.", "deprecationMessage": "Output only. An operation that indicates the status of the current scan. This field is deprecated, do not use." }, "sbomStatus": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:SBOMStatusResponse", "description": "The status of an SBOM generation." } }, "type": "object", "required": [ "analysisCompleted", "analysisError", "analysisStatus", "analysisStatusError", "archiveTime", "continuousAnalysis", "cpe", "lastScanTime", "operation", "sbomStatus" ] }, "google-native:containeranalysis/v1alpha1:Discovery": { "description": "A note that indicates a type of analysis a provider would perform. This note exists in a provider's project. A `Discovery` occurrence is created in a consumer's project at the start of analysis. The occurrence's operation will indicate the status of the analysis. Absence of an occurrence linked to this note for a resource indicates that analysis hasn't started.", "properties": { "analysisKind": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:DiscoveryAnalysisKind", "description": "The kind of analysis that is handled by this discovery." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:DiscoveryAnalysisKind": { "description": "The kind of analysis that is handled by this discovery.", "type": "string", "enum": [ { "name": "KindUnspecified", "description": "Unknown", "value": "KIND_UNSPECIFIED" }, { "name": "PackageVulnerability", "description": "The note and occurrence represent a package vulnerability.", "value": "PACKAGE_VULNERABILITY" }, { "name": "BuildDetails", "description": "The note and occurrence assert build provenance.", "value": "BUILD_DETAILS" }, { "name": "ImageBasis", "description": "This represents an image basis relationship.", "value": "IMAGE_BASIS" }, { "name": "PackageManager", "description": "This represents a package installed via a package manager.", "value": "PACKAGE_MANAGER" }, { "name": "Deployable", "description": "The note and occurrence track deployment events.", "value": "DEPLOYABLE" }, { "name": "Discovery", "description": "The note and occurrence track the initial discovery status of a resource.", "value": "DISCOVERY" }, { "name": "AttestationAuthority", "description": "This represents a logical \"role\" that can attest to artifacts.", "value": "ATTESTATION_AUTHORITY" }, { "name": "Upgrade", "description": "This represents an available software upgrade.", "value": "UPGRADE" }, { "name": "Compliance", "description": "This represents a compliance check that can be applied to a resource.", "value": "COMPLIANCE" }, { "name": "Sbom", "description": "This represents a software bill of materials.", "value": "SBOM" }, { "name": "SpdxPackage", "description": "This represents an SPDX Package.", "value": "SPDX_PACKAGE" }, { "name": "SpdxFile", "description": "This represents an SPDX File.", "value": "SPDX_FILE" }, { "name": "SpdxRelationship", "description": "This represents an SPDX Relationship.", "value": "SPDX_RELATIONSHIP" }, { "name": "DsseAttestation", "description": "This represents a DSSE attestation Note", "value": "DSSE_ATTESTATION" }, { "name": "VulnerabilityAssessment", "description": "This represents a Vulnerability Assessment.", "value": "VULNERABILITY_ASSESSMENT" }, { "name": "SbomReference", "description": "This represents a reference to an SBOM.", "value": "SBOM_REFERENCE" } ] }, "google-native:containeranalysis/v1alpha1:DiscoveryResponse": { "description": "A note that indicates a type of analysis a provider would perform. This note exists in a provider's project. A `Discovery` occurrence is created in a consumer's project at the start of analysis. The occurrence's operation will indicate the status of the analysis. Absence of an occurrence linked to this note for a resource indicates that analysis hasn't started.", "properties": { "analysisKind": { "type": "string", "description": "The kind of analysis that is handled by this discovery." } }, "type": "object", "required": [ "analysisKind" ] }, "google-native:containeranalysis/v1alpha1:Distribution": { "description": "This represents a particular channel of distribution for a given package. e.g. Debian's jessie-backports dpkg mirror", "properties": { "architecture": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:DistributionArchitecture", "description": "The CPU architecture for which packages in this distribution channel were built" }, "cpeUri": { "type": "string", "description": "The cpe_uri in [cpe format](https://cpe.mitre.org/specification/) denoting the package manager version distributing a package." }, "description": { "type": "string", "description": "The distribution channel-specific description of this package." }, "latestVersion": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Version", "description": "The latest available version of this package in this distribution channel." }, "maintainer": { "type": "string", "description": "A freeform string denoting the maintainer of this package." }, "url": { "type": "string", "description": "The distribution channel-specific homepage for this package." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:DistributionArchitecture": { "description": "The CPU architecture for which packages in this distribution channel were built", "type": "string", "enum": [ { "name": "ArchitectureUnspecified", "description": "Unknown architecture", "value": "ARCHITECTURE_UNSPECIFIED" }, { "name": "X86", "description": "X86 architecture", "value": "X86" }, { "name": "X64", "description": "X64 architecture", "value": "X64" } ] }, "google-native:containeranalysis/v1alpha1:DistributionResponse": { "description": "This represents a particular channel of distribution for a given package. e.g. Debian's jessie-backports dpkg mirror", "properties": { "architecture": { "type": "string", "description": "The CPU architecture for which packages in this distribution channel were built" }, "cpeUri": { "type": "string", "description": "The cpe_uri in [cpe format](https://cpe.mitre.org/specification/) denoting the package manager version distributing a package." }, "description": { "type": "string", "description": "The distribution channel-specific description of this package." }, "latestVersion": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:VersionResponse", "description": "The latest available version of this package in this distribution channel." }, "maintainer": { "type": "string", "description": "A freeform string denoting the maintainer of this package." }, "url": { "type": "string", "description": "The distribution channel-specific homepage for this package." } }, "type": "object", "required": [ "architecture", "cpeUri", "description", "latestVersion", "maintainer", "url" ] }, "google-native:containeranalysis/v1alpha1:DocumentNote": { "description": "DocumentNote represents an SPDX Document Creation Infromation section: https://spdx.github.io/spdx-spec/2-document-creation-information/", "properties": { "dataLicence": { "type": "string", "description": "Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields (\"SPDX-Metadata\")" }, "spdxVersion": { "type": "string", "description": "Provide a reference number that can be used to understand how to parse and interpret the rest of the file" } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:DocumentNoteResponse": { "description": "DocumentNote represents an SPDX Document Creation Infromation section: https://spdx.github.io/spdx-spec/2-document-creation-information/", "properties": { "dataLicence": { "type": "string", "description": "Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields (\"SPDX-Metadata\")" }, "spdxVersion": { "type": "string", "description": "Provide a reference number that can be used to understand how to parse and interpret the rest of the file" } }, "type": "object", "required": [ "dataLicence", "spdxVersion" ] }, "google-native:containeranalysis/v1alpha1:DocumentOccurrence": { "description": "DocumentOccurrence represents an SPDX Document Creation Information section: https://spdx.github.io/spdx-spec/2-document-creation-information/", "properties": { "createTime": { "type": "string", "description": "Identify when the SPDX file was originally created. The date is to be specified according to combined date and time in UTC format as specified in ISO 8601 standard" }, "creatorComment": { "type": "string", "description": "A field for creators of the SPDX file to provide general comments about the creation of the SPDX file or any other relevant comment not included in the other fields" }, "creators": { "type": "array", "items": { "type": "string" }, "description": "Identify who (or what, in the case of a tool) created the SPDX file. If the SPDX file was created by an individual, indicate the person's name" }, "documentComment": { "type": "string", "description": "A field for creators of the SPDX file content to provide comments to the consumers of the SPDX document" }, "externalDocumentRefs": { "type": "array", "items": { "type": "string" }, "description": "Identify any external SPDX documents referenced within this SPDX document" }, "id": { "type": "string", "description": "Identify the current SPDX document which may be referenced in relationships by other files, packages internally and documents externally" }, "licenseListVersion": { "type": "string", "description": "A field for creators of the SPDX file to provide the version of the SPDX License List used when the SPDX file was created" }, "namespace": { "type": "string", "description": "Provide an SPDX document specific namespace as a unique absolute Uniform Resource Identifier (URI) as specified in RFC-3986, with the exception of the ‘#’ delimiter" }, "title": { "type": "string", "description": "Identify name of this document as designated by creator" } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:DocumentOccurrenceResponse": { "description": "DocumentOccurrence represents an SPDX Document Creation Information section: https://spdx.github.io/spdx-spec/2-document-creation-information/", "properties": { "createTime": { "type": "string", "description": "Identify when the SPDX file was originally created. The date is to be specified according to combined date and time in UTC format as specified in ISO 8601 standard" }, "creatorComment": { "type": "string", "description": "A field for creators of the SPDX file to provide general comments about the creation of the SPDX file or any other relevant comment not included in the other fields" }, "creators": { "type": "array", "items": { "type": "string" }, "description": "Identify who (or what, in the case of a tool) created the SPDX file. If the SPDX file was created by an individual, indicate the person's name" }, "documentComment": { "type": "string", "description": "A field for creators of the SPDX file content to provide comments to the consumers of the SPDX document" }, "externalDocumentRefs": { "type": "array", "items": { "type": "string" }, "description": "Identify any external SPDX documents referenced within this SPDX document" }, "licenseListVersion": { "type": "string", "description": "A field for creators of the SPDX file to provide the version of the SPDX License List used when the SPDX file was created" }, "namespace": { "type": "string", "description": "Provide an SPDX document specific namespace as a unique absolute Uniform Resource Identifier (URI) as specified in RFC-3986, with the exception of the ‘#’ delimiter" }, "title": { "type": "string", "description": "Identify name of this document as designated by creator" } }, "type": "object", "required": [ "createTime", "creatorComment", "creators", "documentComment", "externalDocumentRefs", "licenseListVersion", "namespace", "title" ] }, "google-native:containeranalysis/v1alpha1:Envelope": { "description": "MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type.", "properties": { "payload": { "type": "string", "description": "The bytes being signed" }, "payloadType": { "type": "string", "description": "The type of payload being signed" }, "signatures": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:EnvelopeSignature" }, "description": "The signatures over the payload" } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:EnvelopeResponse": { "description": "MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type.", "properties": { "payload": { "type": "string", "description": "The bytes being signed" }, "payloadType": { "type": "string", "description": "The type of payload being signed" }, "signatures": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:EnvelopeSignatureResponse" }, "description": "The signatures over the payload" } }, "type": "object", "required": [ "payload", "payloadType", "signatures" ] }, "google-native:containeranalysis/v1alpha1:EnvelopeSignature": { "description": "A DSSE signature", "properties": { "keyid": { "type": "string", "description": "A reference id to the key being used for signing" }, "sig": { "type": "string", "description": "The signature itself" } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:EnvelopeSignatureResponse": { "description": "A DSSE signature", "properties": { "keyid": { "type": "string", "description": "A reference id to the key being used for signing" }, "sig": { "type": "string", "description": "The signature itself" } }, "type": "object", "required": [ "keyid", "sig" ] }, "google-native:containeranalysis/v1alpha1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:containeranalysis/v1alpha1:ExternalRef": { "description": "An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package", "properties": { "category": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:ExternalRefCategory", "description": "An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package" }, "comment": { "type": "string", "description": "Human-readable information about the purpose and target of the reference" }, "locator": { "type": "string", "description": "The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location" }, "type": { "type": "string", "description": "Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)" } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:ExternalRefCategory": { "description": "An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package", "type": "string", "enum": [ { "name": "CategoryUnspecified", "description": "Unspecified", "value": "CATEGORY_UNSPECIFIED" }, { "name": "Security", "description": "Security (e.g. cpe22Type, cpe23Type)", "value": "SECURITY" }, { "name": "PackageManager", "description": "Package Manager (e.g. maven-central, npm, nuget, bower, purl)", "value": "PACKAGE_MANAGER" }, { "name": "PersistentId", "description": "Persistent-Id (e.g. swh)", "value": "PERSISTENT_ID" }, { "name": "Other", "description": "Other", "value": "OTHER" } ] }, "google-native:containeranalysis/v1alpha1:ExternalRefResponse": { "description": "An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package", "properties": { "category": { "type": "string", "description": "An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package" }, "comment": { "type": "string", "description": "Human-readable information about the purpose and target of the reference" }, "locator": { "type": "string", "description": "The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location" }, "type": { "type": "string", "description": "Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)" } }, "type": "object", "required": [ "category", "comment", "locator", "type" ] }, "google-native:containeranalysis/v1alpha1:FileLocation": { "description": "Indicates the location at which a package was found.", "properties": { "filePath": { "type": "string", "description": "For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:FileLocationResponse": { "description": "Indicates the location at which a package was found.", "properties": { "filePath": { "type": "string", "description": "For jars that are contained inside .war files, this filepath can indicate the path to war file combined with the path to jar file." } }, "type": "object", "required": [ "filePath" ] }, "google-native:containeranalysis/v1alpha1:FileNote": { "description": "FileNote represents an SPDX File Information section: https://spdx.github.io/spdx-spec/4-file-information/", "properties": { "checksum": { "type": "array", "items": { "type": "string" }, "description": "Provide a unique identifier to match analysis information on each specific file in a package" }, "fileType": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:FileNoteFileType", "description": "This field provides information about the type of file identified" }, "title": { "type": "string", "description": "Identify the full path and filename that corresponds to the file information in this section" } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:FileNoteFileType": { "description": "This field provides information about the type of file identified", "type": "string", "enum": [ { "name": "FileTypeUnspecified", "description": "Unspecified", "value": "FILE_TYPE_UNSPECIFIED" }, { "name": "Source", "description": "The file is human readable source code (.c, .html, etc.)", "value": "SOURCE" }, { "name": "Binary", "description": "The file is a compiled object, target image or binary executable (.o, .a, etc.)", "value": "BINARY" }, { "name": "Archive", "description": "The file represents an archive (.tar, .jar, etc.)", "value": "ARCHIVE" }, { "name": "Application", "description": "The file is associated with a specific application type (MIME type of application/*)", "value": "APPLICATION" }, { "name": "Audio", "description": "The file is associated with an audio file (MIME type of audio/* , e.g. .mp3)", "value": "AUDIO" }, { "name": "Image", "description": "The file is associated with an picture image file (MIME type of image/*, e.g., .jpg, .gif)", "value": "IMAGE" }, { "name": "Text", "description": "The file is human readable text file (MIME type of text/*)", "value": "TEXT" }, { "name": "Video", "description": "The file is associated with a video file type (MIME type of video/*)", "value": "VIDEO" }, { "name": "Documentation", "description": "The file serves as documentation", "value": "DOCUMENTATION" }, { "name": "Spdx", "description": "The file is an SPDX document", "value": "SPDX" }, { "name": "Other", "description": "The file doesn't fit into the above categories (generated artifacts, data files, etc.)", "value": "OTHER" } ] }, "google-native:containeranalysis/v1alpha1:FileNoteResponse": { "description": "FileNote represents an SPDX File Information section: https://spdx.github.io/spdx-spec/4-file-information/", "properties": { "checksum": { "type": "array", "items": { "type": "string" }, "description": "Provide a unique identifier to match analysis information on each specific file in a package" }, "fileType": { "type": "string", "description": "This field provides information about the type of file identified" }, "title": { "type": "string", "description": "Identify the full path and filename that corresponds to the file information in this section" } }, "type": "object", "required": [ "checksum", "fileType", "title" ] }, "google-native:containeranalysis/v1alpha1:FileOccurrence": { "description": "FileOccurrence represents an SPDX File Information section: https://spdx.github.io/spdx-spec/4-file-information/", "properties": { "attributions": { "type": "array", "items": { "type": "string" }, "description": "This field provides a place for the SPDX data creator to record, at the file level, acknowledgements that may be needed to be communicated in some contexts" }, "comment": { "type": "string", "description": "This field provides a place for the SPDX file creator to record any general comments about the file" }, "contributors": { "type": "array", "items": { "type": "string" }, "description": "This field provides a place for the SPDX file creator to record file contributors" }, "copyright": { "type": "string", "description": "Identify the copyright holder of the file, as well as any dates present" }, "filesLicenseInfo": { "type": "array", "items": { "type": "string" }, "description": "This field contains the license information actually found in the file, if any" }, "id": { "type": "string", "description": "Uniquely identify any element in an SPDX document which may be referenced by other elements" }, "licenseConcluded": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:License", "description": "This field contains the license the SPDX file creator has concluded as governing the file or alternative values if the governing license cannot be determined" }, "notice": { "type": "string", "description": "This field provides a place for the SPDX file creator to record license notices or other such related notices found in the file" } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:FileOccurrenceResponse": { "description": "FileOccurrence represents an SPDX File Information section: https://spdx.github.io/spdx-spec/4-file-information/", "properties": { "attributions": { "type": "array", "items": { "type": "string" }, "description": "This field provides a place for the SPDX data creator to record, at the file level, acknowledgements that may be needed to be communicated in some contexts" }, "comment": { "type": "string", "description": "This field provides a place for the SPDX file creator to record any general comments about the file" }, "contributors": { "type": "array", "items": { "type": "string" }, "description": "This field provides a place for the SPDX file creator to record file contributors" }, "copyright": { "type": "string", "description": "Identify the copyright holder of the file, as well as any dates present" }, "filesLicenseInfo": { "type": "array", "items": { "type": "string" }, "description": "This field contains the license information actually found in the file, if any" }, "licenseConcluded": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:LicenseResponse", "description": "This field contains the license the SPDX file creator has concluded as governing the file or alternative values if the governing license cannot be determined" }, "notice": { "type": "string", "description": "This field provides a place for the SPDX file creator to record license notices or other such related notices found in the file" } }, "type": "object", "required": [ "attributions", "comment", "contributors", "copyright", "filesLicenseInfo", "licenseConcluded", "notice" ] }, "google-native:containeranalysis/v1alpha1:Fingerprint": { "description": "A set of properties that uniquely identify a given Docker image.", "properties": { "v1Name": { "type": "string", "description": "The layer-id of the final layer in the Docker image's v1 representation. This field can be used as a filter in list requests." }, "v2Blob": { "type": "array", "items": { "type": "string" }, "description": "The ordered list of v2 blobs that represent a given image." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:FingerprintResponse": { "description": "A set of properties that uniquely identify a given Docker image.", "properties": { "v1Name": { "type": "string", "description": "The layer-id of the final layer in the Docker image's v1 representation. This field can be used as a filter in list requests." }, "v2Blob": { "type": "array", "items": { "type": "string" }, "description": "The ordered list of v2 blobs that represent a given image." }, "v2Name": { "type": "string", "description": "The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + \" \" + v2_name[N+1]) Only the name of the final blob is kept. This field can be used as a filter in list requests." } }, "type": "object", "required": [ "v1Name", "v2Blob", "v2Name" ] }, "google-native:containeranalysis/v1alpha1:GoogleDevtoolsContaineranalysisV1alpha1AliasContext": { "description": "An alias to a repo revision.", "properties": { "kind": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:GoogleDevtoolsContaineranalysisV1alpha1AliasContextKind", "description": "The alias kind." }, "name": { "type": "string", "description": "The alias name." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:GoogleDevtoolsContaineranalysisV1alpha1AliasContextKind": { "description": "The alias kind.", "type": "string", "enum": [ { "name": "KindUnspecified", "description": "Unknown.", "value": "KIND_UNSPECIFIED" }, { "name": "Fixed", "description": "Git tag.", "value": "FIXED" }, { "name": "Movable", "description": "Git branch.", "value": "MOVABLE" }, { "name": "Other", "description": "Used to specify non-standard aliases. For example, if a Git repo has a ref named \"refs/foo/bar\".", "value": "OTHER" } ] }, "google-native:containeranalysis/v1alpha1:GoogleDevtoolsContaineranalysisV1alpha1AliasContextResponse": { "description": "An alias to a repo revision.", "properties": { "kind": { "type": "string", "description": "The alias kind." }, "name": { "type": "string", "description": "The alias name." } }, "type": "object", "required": [ "kind", "name" ] }, "google-native:containeranalysis/v1alpha1:GoogleDevtoolsContaineranalysisV1alpha1CloudRepoSourceContext": { "description": "A CloudRepoSourceContext denotes a particular revision in a Google Cloud Source Repo.", "properties": { "aliasContext": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:GoogleDevtoolsContaineranalysisV1alpha1AliasContext", "description": "An alias, which may be a branch or tag." }, "repoId": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:GoogleDevtoolsContaineranalysisV1alpha1RepoId", "description": "The ID of the repo." }, "revisionId": { "type": "string", "description": "A revision ID." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:GoogleDevtoolsContaineranalysisV1alpha1CloudRepoSourceContextResponse": { "description": "A CloudRepoSourceContext denotes a particular revision in a Google Cloud Source Repo.", "properties": { "aliasContext": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:GoogleDevtoolsContaineranalysisV1alpha1AliasContextResponse", "description": "An alias, which may be a branch or tag." }, "repoId": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:GoogleDevtoolsContaineranalysisV1alpha1RepoIdResponse", "description": "The ID of the repo." }, "revisionId": { "type": "string", "description": "A revision ID." } }, "type": "object", "required": [ "aliasContext", "repoId", "revisionId" ] }, "google-native:containeranalysis/v1alpha1:GoogleDevtoolsContaineranalysisV1alpha1GerritSourceContext": { "description": "A SourceContext referring to a Gerrit project.", "properties": { "aliasContext": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:GoogleDevtoolsContaineranalysisV1alpha1AliasContext", "description": "An alias, which may be a branch or tag." }, "gerritProject": { "type": "string", "description": "The full project name within the host. Projects may be nested, so \"project/subproject\" is a valid project name. The \"repo name\" is the hostURI/project." }, "hostUri": { "type": "string", "description": "The URI of a running Gerrit instance." }, "revisionId": { "type": "string", "description": "A revision (commit) ID." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:GoogleDevtoolsContaineranalysisV1alpha1GerritSourceContextResponse": { "description": "A SourceContext referring to a Gerrit project.", "properties": { "aliasContext": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:GoogleDevtoolsContaineranalysisV1alpha1AliasContextResponse", "description": "An alias, which may be a branch or tag." }, "gerritProject": { "type": "string", "description": "The full project name within the host. Projects may be nested, so \"project/subproject\" is a valid project name. The \"repo name\" is the hostURI/project." }, "hostUri": { "type": "string", "description": "The URI of a running Gerrit instance." }, "revisionId": { "type": "string", "description": "A revision (commit) ID." } }, "type": "object", "required": [ "aliasContext", "gerritProject", "hostUri", "revisionId" ] }, "google-native:containeranalysis/v1alpha1:GoogleDevtoolsContaineranalysisV1alpha1GitSourceContext": { "description": "A GitSourceContext denotes a particular revision in a third party Git repository (e.g., GitHub).", "properties": { "revisionId": { "type": "string", "description": "Git commit hash." }, "url": { "type": "string", "description": "Git repository URL." } }, "type": "object", "required": [ "revisionId" ] }, "google-native:containeranalysis/v1alpha1:GoogleDevtoolsContaineranalysisV1alpha1GitSourceContextResponse": { "description": "A GitSourceContext denotes a particular revision in a third party Git repository (e.g., GitHub).", "properties": { "revisionId": { "type": "string", "description": "Git commit hash." }, "url": { "type": "string", "description": "Git repository URL." } }, "type": "object", "required": [ "revisionId", "url" ] }, "google-native:containeranalysis/v1alpha1:GoogleDevtoolsContaineranalysisV1alpha1ProjectRepoId": { "description": "Selects a repo using a Google Cloud Platform project ID (e.g., winged-cargo-31) and a repo name within that project.", "properties": { "project": { "type": "string", "description": "The ID of the project." }, "repoName": { "type": "string", "description": "The name of the repo. Leave empty for the default repo." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:GoogleDevtoolsContaineranalysisV1alpha1ProjectRepoIdResponse": { "description": "Selects a repo using a Google Cloud Platform project ID (e.g., winged-cargo-31) and a repo name within that project.", "properties": { "project": { "type": "string", "description": "The ID of the project." }, "repoName": { "type": "string", "description": "The name of the repo. Leave empty for the default repo." } }, "type": "object", "required": [ "project", "repoName" ] }, "google-native:containeranalysis/v1alpha1:GoogleDevtoolsContaineranalysisV1alpha1RepoId": { "description": "A unique identifier for a Cloud Repo.", "properties": { "projectRepoId": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:GoogleDevtoolsContaineranalysisV1alpha1ProjectRepoId", "description": "A combination of a project ID and a repo name." }, "uid": { "type": "string", "description": "A server-assigned, globally unique identifier." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:GoogleDevtoolsContaineranalysisV1alpha1RepoIdResponse": { "description": "A unique identifier for a Cloud Repo.", "properties": { "projectRepoId": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:GoogleDevtoolsContaineranalysisV1alpha1ProjectRepoIdResponse", "description": "A combination of a project ID and a repo name." }, "uid": { "type": "string", "description": "A server-assigned, globally unique identifier." } }, "type": "object", "required": [ "projectRepoId", "uid" ] }, "google-native:containeranalysis/v1alpha1:GoogleDevtoolsContaineranalysisV1alpha1SlsaProvenanceZeroTwoSlsaBuilder": { "description": "Identifies the entity that executed the recipe, which is trusted to have correctly performed the operation and populated this provenance.", "properties": { "id": { "type": "string", "description": "URI indicating the builder’s identity." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:GoogleDevtoolsContaineranalysisV1alpha1SlsaProvenanceZeroTwoSlsaBuilderResponse": { "description": "Identifies the entity that executed the recipe, which is trusted to have correctly performed the operation and populated this provenance.", "type": "object" }, "google-native:containeranalysis/v1alpha1:GoogleDevtoolsContaineranalysisV1alpha1SlsaProvenanceZeroTwoSlsaCompleteness": { "description": "Indicates that the builder claims certain fields in this message to be complete.", "properties": { "environment": { "type": "boolean", "description": "If true, the builder claims that invocation.environment is complete." }, "materials": { "type": "boolean", "description": "If true, the builder claims that materials is complete." }, "parameters": { "type": "boolean", "description": "If true, the builder claims that invocation.parameters is complete." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:GoogleDevtoolsContaineranalysisV1alpha1SlsaProvenanceZeroTwoSlsaCompletenessResponse": { "description": "Indicates that the builder claims certain fields in this message to be complete.", "properties": { "environment": { "type": "boolean", "description": "If true, the builder claims that invocation.environment is complete." }, "materials": { "type": "boolean", "description": "If true, the builder claims that materials is complete." }, "parameters": { "type": "boolean", "description": "If true, the builder claims that invocation.parameters is complete." } }, "type": "object", "required": [ "environment", "materials", "parameters" ] }, "google-native:containeranalysis/v1alpha1:GoogleDevtoolsContaineranalysisV1alpha1SlsaProvenanceZeroTwoSlsaConfigSource": { "description": "Describes where the config file that kicked off the build came from. This is effectively a pointer to the source where buildConfig came from.", "properties": { "digest": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Collection of cryptographic digests for the contents of the artifact specified by invocation.configSource.uri." }, "entryPoint": { "type": "string", "description": "String identifying the entry point into the build." }, "uri": { "type": "string", "description": "URI indicating the identity of the source of the config." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:GoogleDevtoolsContaineranalysisV1alpha1SlsaProvenanceZeroTwoSlsaConfigSourceResponse": { "description": "Describes where the config file that kicked off the build came from. This is effectively a pointer to the source where buildConfig came from.", "properties": { "digest": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Collection of cryptographic digests for the contents of the artifact specified by invocation.configSource.uri." }, "entryPoint": { "type": "string", "description": "String identifying the entry point into the build." }, "uri": { "type": "string", "description": "URI indicating the identity of the source of the config." } }, "type": "object", "required": [ "digest", "entryPoint", "uri" ] }, "google-native:containeranalysis/v1alpha1:GoogleDevtoolsContaineranalysisV1alpha1SlsaProvenanceZeroTwoSlsaInvocation": { "description": "Identifies the event that kicked off the build.", "properties": { "configSource": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:GoogleDevtoolsContaineranalysisV1alpha1SlsaProvenanceZeroTwoSlsaConfigSource", "description": "Describes where the config file that kicked off the build came from." }, "environment": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Any other builder-controlled inputs necessary for correctly evaluating the build." }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Collection of all external inputs that influenced the build on top of invocation.configSource." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:GoogleDevtoolsContaineranalysisV1alpha1SlsaProvenanceZeroTwoSlsaInvocationResponse": { "description": "Identifies the event that kicked off the build.", "properties": { "configSource": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:GoogleDevtoolsContaineranalysisV1alpha1SlsaProvenanceZeroTwoSlsaConfigSourceResponse", "description": "Describes where the config file that kicked off the build came from." }, "environment": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Any other builder-controlled inputs necessary for correctly evaluating the build." }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Collection of all external inputs that influenced the build on top of invocation.configSource." } }, "type": "object", "required": [ "configSource", "environment", "parameters" ] }, "google-native:containeranalysis/v1alpha1:GoogleDevtoolsContaineranalysisV1alpha1SlsaProvenanceZeroTwoSlsaMaterial": { "description": "The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on.", "properties": { "digest": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Collection of cryptographic digests for the contents of this artifact." }, "uri": { "type": "string", "description": "The method by which this artifact was referenced during the build." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:GoogleDevtoolsContaineranalysisV1alpha1SlsaProvenanceZeroTwoSlsaMaterialResponse": { "description": "The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on.", "properties": { "digest": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Collection of cryptographic digests for the contents of this artifact." }, "uri": { "type": "string", "description": "The method by which this artifact was referenced during the build." } }, "type": "object", "required": [ "digest", "uri" ] }, "google-native:containeranalysis/v1alpha1:GoogleDevtoolsContaineranalysisV1alpha1SlsaProvenanceZeroTwoSlsaMetadata": { "description": "Other properties of the build.", "properties": { "buildFinishedOn": { "type": "string", "description": "The timestamp of when the build completed." }, "buildInvocationId": { "type": "string", "description": "Identifies this particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis." }, "buildStartedOn": { "type": "string", "description": "The timestamp of when the build started." }, "completeness": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:GoogleDevtoolsContaineranalysisV1alpha1SlsaProvenanceZeroTwoSlsaCompleteness", "description": "Indicates that the builder claims certain fields in this message to be complete." }, "reproducible": { "type": "boolean", "description": "If true, the builder claims that running invocation on materials will produce bit-for-bit identical output." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:GoogleDevtoolsContaineranalysisV1alpha1SlsaProvenanceZeroTwoSlsaMetadataResponse": { "description": "Other properties of the build.", "properties": { "buildFinishedOn": { "type": "string", "description": "The timestamp of when the build completed." }, "buildInvocationId": { "type": "string", "description": "Identifies this particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis." }, "buildStartedOn": { "type": "string", "description": "The timestamp of when the build started." }, "completeness": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:GoogleDevtoolsContaineranalysisV1alpha1SlsaProvenanceZeroTwoSlsaCompletenessResponse", "description": "Indicates that the builder claims certain fields in this message to be complete." }, "reproducible": { "type": "boolean", "description": "If true, the builder claims that running invocation on materials will produce bit-for-bit identical output." } }, "type": "object", "required": [ "buildFinishedOn", "buildInvocationId", "buildStartedOn", "completeness", "reproducible" ] }, "google-native:containeranalysis/v1alpha1:GoogleDevtoolsContaineranalysisV1alpha1SourceContext": { "description": "A SourceContext is a reference to a tree of files. A SourceContext together with a path point to a unique revision of a single file or directory.", "properties": { "cloudRepo": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:GoogleDevtoolsContaineranalysisV1alpha1CloudRepoSourceContext", "description": "A SourceContext referring to a revision in a Google Cloud Source Repo." }, "gerrit": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:GoogleDevtoolsContaineranalysisV1alpha1GerritSourceContext", "description": "A SourceContext referring to a Gerrit project." }, "git": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:GoogleDevtoolsContaineranalysisV1alpha1GitSourceContext", "description": "A SourceContext referring to any third party Git repo (e.g., GitHub)." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels with user defined metadata." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:GoogleDevtoolsContaineranalysisV1alpha1SourceContextResponse": { "description": "A SourceContext is a reference to a tree of files. A SourceContext together with a path point to a unique revision of a single file or directory.", "properties": { "cloudRepo": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:GoogleDevtoolsContaineranalysisV1alpha1CloudRepoSourceContextResponse", "description": "A SourceContext referring to a revision in a Google Cloud Source Repo." }, "gerrit": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:GoogleDevtoolsContaineranalysisV1alpha1GerritSourceContextResponse", "description": "A SourceContext referring to a Gerrit project." }, "git": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:GoogleDevtoolsContaineranalysisV1alpha1GitSourceContextResponse", "description": "A SourceContext referring to any third party Git repo (e.g., GitHub)." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels with user defined metadata." } }, "type": "object", "required": [ "cloudRepo", "gerrit", "git", "labels" ] }, "google-native:containeranalysis/v1alpha1:Hash": { "description": "Container message for hash values.", "properties": { "type": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:HashType", "description": "The type of hash that was performed." }, "value": { "type": "string", "description": "The hash value." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:HashResponse": { "description": "Container message for hash values.", "properties": { "type": { "type": "string", "description": "The type of hash that was performed." }, "value": { "type": "string", "description": "The hash value." } }, "type": "object", "required": [ "type", "value" ] }, "google-native:containeranalysis/v1alpha1:HashType": { "description": "The type of hash that was performed.", "type": "string", "enum": [ { "name": "None", "description": "No hash requested.", "value": "NONE" }, { "name": "Sha256", "description": "A sha256 hash.", "value": "SHA256" } ] }, "google-native:containeranalysis/v1alpha1:IdentifierHelper": { "description": "Helps in identifying the underlying product. This should be treated like a one-of field. Only one field should be set in this proto. This is a workaround because spanner indexes on one-of fields restrict addition and deletion of fields.", "properties": { "field": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:IdentifierHelperField", "description": "The field that is set in the API proto." }, "genericUri": { "type": "string", "description": "Contains a URI which is vendor-specific. Example: The artifact repository URL of an image." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:IdentifierHelperField": { "description": "The field that is set in the API proto.", "type": "string", "enum": [ { "name": "IdentifierHelperFieldUnspecified", "description": "The helper isn't set.", "value": "IDENTIFIER_HELPER_FIELD_UNSPECIFIED" }, { "name": "GenericUri", "description": "The generic_uri one-of field is set.", "value": "GENERIC_URI" } ] }, "google-native:containeranalysis/v1alpha1:IdentifierHelperResponse": { "description": "Helps in identifying the underlying product. This should be treated like a one-of field. Only one field should be set in this proto. This is a workaround because spanner indexes on one-of fields restrict addition and deletion of fields.", "properties": { "field": { "type": "string", "description": "The field that is set in the API proto." }, "genericUri": { "type": "string", "description": "Contains a URI which is vendor-specific. Example: The artifact repository URL of an image." } }, "type": "object", "required": [ "field", "genericUri" ] }, "google-native:containeranalysis/v1alpha1:InTotoProvenance": { "properties": { "builderConfig": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:BuilderConfig", "description": "required" }, "materials": { "type": "array", "items": { "type": "string" }, "description": "The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty." }, "metadata": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Metadata" }, "recipe": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Recipe", "description": "Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required" } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:InTotoProvenanceResponse": { "properties": { "builderConfig": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:BuilderConfigResponse", "description": "required" }, "materials": { "type": "array", "items": { "type": "string" }, "description": "The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty." }, "metadata": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:MetadataResponse" }, "recipe": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:RecipeResponse", "description": "Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible). required" } }, "type": "object", "required": [ "builderConfig", "materials", "metadata", "recipe" ] }, "google-native:containeranalysis/v1alpha1:InTotoSlsaProvenanceV1": { "properties": { "predicate": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:SlsaProvenanceV1" }, "predicateType": { "type": "string" }, "subject": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Subject" } }, "type": { "type": "string", "description": "InToto spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement" } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:InTotoSlsaProvenanceV1Response": { "properties": { "predicate": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:SlsaProvenanceV1Response" }, "predicateType": { "type": "string" }, "subject": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:SubjectResponse" } }, "type": { "type": "string", "description": "InToto spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement" } }, "type": "object", "required": [ "predicate", "predicateType", "subject", "type" ] }, "google-native:containeranalysis/v1alpha1:InTotoStatement": { "description": "Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always \"application/vnd.in-toto+json\".", "properties": { "predicateType": { "type": "string", "description": "\"https://slsa.dev/provenance/v0.1\" for SlsaProvenance." }, "provenance": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:InTotoProvenance", "description": "Generic Grafeas provenance." }, "slsaProvenance": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:SlsaProvenance", "description": "SLSA 0.1 provenance." }, "slsaProvenanceZeroTwo": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:SlsaProvenanceZeroTwo", "description": "SLSA 0.2 provenance." }, "subject": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Subject" }, "description": "subject is the subjects of the intoto statement" }, "type": { "type": "string", "description": "Always \"https://in-toto.io/Statement/v0.1\"." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:InTotoStatementResponse": { "description": "Spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement The serialized InTotoStatement will be stored as Envelope.payload. Envelope.payloadType is always \"application/vnd.in-toto+json\".", "properties": { "predicateType": { "type": "string", "description": "\"https://slsa.dev/provenance/v0.1\" for SlsaProvenance." }, "provenance": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:InTotoProvenanceResponse", "description": "Generic Grafeas provenance." }, "slsaProvenance": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:SlsaProvenanceResponse", "description": "SLSA 0.1 provenance." }, "slsaProvenanceZeroTwo": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:SlsaProvenanceZeroTwoResponse", "description": "SLSA 0.2 provenance." }, "subject": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:SubjectResponse" }, "description": "subject is the subjects of the intoto statement" }, "type": { "type": "string", "description": "Always \"https://in-toto.io/Statement/v0.1\"." } }, "type": "object", "required": [ "predicateType", "provenance", "slsaProvenance", "slsaProvenanceZeroTwo", "subject", "type" ] }, "google-native:containeranalysis/v1alpha1:Installation": { "description": "This represents how a particular software package may be installed on a system.", "properties": { "license": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:License", "description": "Licenses that have been declared by the authors of the package." }, "location": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Location" }, "description": "All of the places within the filesystem versions of this package have been found." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:InstallationResponse": { "description": "This represents how a particular software package may be installed on a system.", "properties": { "architecture": { "type": "string", "description": "The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages." }, "cpeUri": { "type": "string", "description": "The cpe_uri in [CPE format](https://cpe.mitre.org/specification/) denoting the package manager version distributing a package. The cpe_uri will be blank for language packages." }, "license": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:LicenseResponse", "description": "Licenses that have been declared by the authors of the package." }, "location": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:LocationResponse" }, "description": "All of the places within the filesystem versions of this package have been found." }, "name": { "type": "string", "description": "The name of the installed package." }, "packageType": { "type": "string", "description": "The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.)." }, "version": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:VersionResponse", "description": "The version of the package." } }, "type": "object", "required": [ "architecture", "cpeUri", "license", "location", "name", "packageType", "version" ] }, "google-native:containeranalysis/v1alpha1:Justification": { "description": "Justification provides the justification when the state of the assessment if NOT_AFFECTED.", "properties": { "details": { "type": "string", "description": "Additional details on why this justification was chosen." }, "justificationType": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:JustificationJustificationType", "description": "The justification type for this vulnerability." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:JustificationJustificationType": { "description": "The justification type for this vulnerability.", "type": "string", "enum": [ { "name": "JustificationTypeUnspecified", "description": "JUSTIFICATION_TYPE_UNSPECIFIED.", "value": "JUSTIFICATION_TYPE_UNSPECIFIED" }, { "name": "ComponentNotPresent", "description": "The vulnerable component is not present in the product.", "value": "COMPONENT_NOT_PRESENT" }, { "name": "VulnerableCodeNotPresent", "description": "The vulnerable code is not present. Typically this case occurs when source code is configured or built in a way that excludes the vulnerable code.", "value": "VULNERABLE_CODE_NOT_PRESENT" }, { "name": "VulnerableCodeNotInExecutePath", "description": "The vulnerable code can not be executed. Typically this case occurs when the product includes the vulnerable code but does not call or use the vulnerable code.", "value": "VULNERABLE_CODE_NOT_IN_EXECUTE_PATH" }, { "name": "VulnerableCodeCannotBeControlledByAdversary", "description": "The vulnerable code cannot be controlled by an attacker to exploit the vulnerability.", "value": "VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARY" }, { "name": "InlineMitigationsAlreadyExist", "description": "The product includes built-in protections or features that prevent exploitation of the vulnerability. These built-in protections cannot be subverted by the attacker and cannot be configured or disabled by the user. These mitigations completely prevent exploitation based on known attack vectors.", "value": "INLINE_MITIGATIONS_ALREADY_EXIST" } ] }, "google-native:containeranalysis/v1alpha1:JustificationResponse": { "description": "Justification provides the justification when the state of the assessment if NOT_AFFECTED.", "properties": { "details": { "type": "string", "description": "Additional details on why this justification was chosen." }, "justificationType": { "type": "string", "description": "The justification type for this vulnerability." } }, "type": "object", "required": [ "details", "justificationType" ] }, "google-native:containeranalysis/v1alpha1:Layer": { "description": "Layer holds metadata specific to a layer of a Docker image.", "properties": { "arguments": { "type": "string", "description": "The recovered arguments to the Dockerfile directive." }, "directive": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:LayerDirective", "description": "The recovered Dockerfile directive used to construct this layer." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:LayerDirective": { "description": "The recovered Dockerfile directive used to construct this layer.", "type": "string", "enum": [ { "name": "DirectiveUnspecified", "description": "Default value for unsupported/missing directive", "value": "DIRECTIVE_UNSPECIFIED" }, { "name": "Maintainer", "description": "https://docs.docker.com/engine/reference/builder/", "value": "MAINTAINER" }, { "name": "Run", "description": "https://docs.docker.com/engine/reference/builder/", "value": "RUN" }, { "name": "Cmd", "description": "https://docs.docker.com/engine/reference/builder/", "value": "CMD" }, { "name": "Label", "description": "https://docs.docker.com/engine/reference/builder/", "value": "LABEL" }, { "name": "Expose", "description": "https://docs.docker.com/engine/reference/builder/", "value": "EXPOSE" }, { "name": "Env", "description": "https://docs.docker.com/engine/reference/builder/", "value": "ENV" }, { "name": "Add", "description": "https://docs.docker.com/engine/reference/builder/", "value": "ADD" }, { "name": "Copy", "description": "https://docs.docker.com/reference/builder/#copy", "value": "COPY" }, { "name": "Entrypoint", "description": "https://docs.docker.com/engine/reference/builder/", "value": "ENTRYPOINT" }, { "name": "Volume", "description": "https://docs.docker.com/engine/reference/builder/", "value": "VOLUME" }, { "name": "User", "description": "https://docs.docker.com/engine/reference/builder/", "value": "USER" }, { "name": "Workdir", "description": "https://docs.docker.com/engine/reference/builder/", "value": "WORKDIR" }, { "name": "Arg", "description": "https://docs.docker.com/engine/reference/builder/", "value": "ARG" }, { "name": "Onbuild", "description": "https://docs.docker.com/engine/reference/builder/", "value": "ONBUILD" }, { "name": "Stopsignal", "description": "https://docs.docker.com/engine/reference/builder/", "value": "STOPSIGNAL" }, { "name": "Healthcheck", "description": "https://docs.docker.com/engine/reference/builder/", "value": "HEALTHCHECK" }, { "name": "Shell", "description": "https://docs.docker.com/engine/reference/builder/", "value": "SHELL" } ] }, "google-native:containeranalysis/v1alpha1:LayerResponse": { "description": "Layer holds metadata specific to a layer of a Docker image.", "properties": { "arguments": { "type": "string", "description": "The recovered arguments to the Dockerfile directive." }, "directive": { "type": "string", "description": "The recovered Dockerfile directive used to construct this layer." } }, "type": "object", "required": [ "arguments", "directive" ] }, "google-native:containeranalysis/v1alpha1:License": { "description": "License information.", "properties": { "comments": { "type": "string", "description": "Comments" }, "expression": { "type": "string", "description": "Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: \"LGPL-2.1-only OR MIT\", \"LGPL-2.1-only AND MIT\", \"GPL-2.0-or-later WITH Bison-exception-2.2\"." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:LicenseResponse": { "description": "License information.", "properties": { "comments": { "type": "string", "description": "Comments" }, "expression": { "type": "string", "description": "Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: \"LGPL-2.1-only OR MIT\", \"LGPL-2.1-only AND MIT\", \"GPL-2.0-or-later WITH Bison-exception-2.2\"." } }, "type": "object", "required": [ "comments", "expression" ] }, "google-native:containeranalysis/v1alpha1:Location": { "description": "An occurrence of a particular package installation found within a system's filesystem. e.g. glibc was found in /var/lib/dpkg/status", "properties": { "cpeUri": { "type": "string", "description": "Deprecated. The cpe_uri in [cpe format](https://cpe.mitre.org/specification/) denoting the package manager version distributing a package.", "deprecationMessage": "Deprecated. The cpe_uri in [cpe format](https://cpe.mitre.org/specification/) denoting the package manager version distributing a package." }, "path": { "type": "string", "description": "The path from which we gathered that this package/version is installed." }, "version": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Version", "description": "Deprecated. The version installed at this location.", "deprecationMessage": "Deprecated. The version installed at this location." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:LocationResponse": { "description": "An occurrence of a particular package installation found within a system's filesystem. e.g. glibc was found in /var/lib/dpkg/status", "properties": { "cpeUri": { "type": "string", "description": "Deprecated. The cpe_uri in [cpe format](https://cpe.mitre.org/specification/) denoting the package manager version distributing a package.", "deprecationMessage": "Deprecated. The cpe_uri in [cpe format](https://cpe.mitre.org/specification/) denoting the package manager version distributing a package." }, "path": { "type": "string", "description": "The path from which we gathered that this package/version is installed." }, "version": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:VersionResponse", "description": "Deprecated. The version installed at this location.", "deprecationMessage": "Deprecated. The version installed at this location." } }, "type": "object", "required": [ "cpeUri", "path", "version" ] }, "google-native:containeranalysis/v1alpha1:Material": { "description": "Material is a material used in the generation of the provenance", "properties": { "digest": { "type": "object", "additionalProperties": { "type": "string" }, "description": "digest is a map from a hash algorithm (e.g. sha256) to the value in the material" }, "uri": { "type": "string", "description": "uri is the uri of the material" } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:MaterialResponse": { "description": "Material is a material used in the generation of the provenance", "properties": { "digest": { "type": "object", "additionalProperties": { "type": "string" }, "description": "digest is a map from a hash algorithm (e.g. sha256) to the value in the material" }, "uri": { "type": "string", "description": "uri is the uri of the material" } }, "type": "object", "required": [ "digest", "uri" ] }, "google-native:containeranalysis/v1alpha1:Metadata": { "description": "Other properties of the build.", "properties": { "buildFinishedOn": { "type": "string", "description": "The timestamp of when the build completed." }, "buildInvocationId": { "type": "string", "description": "Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec." }, "buildStartedOn": { "type": "string", "description": "The timestamp of when the build started." }, "completeness": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Completeness", "description": "Indicates that the builder claims certain fields in this message to be complete." }, "reproducible": { "type": "boolean", "description": "If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:MetadataResponse": { "description": "Other properties of the build.", "properties": { "buildFinishedOn": { "type": "string", "description": "The timestamp of when the build completed." }, "buildInvocationId": { "type": "string", "description": "Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec." }, "buildStartedOn": { "type": "string", "description": "The timestamp of when the build started." }, "completeness": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:CompletenessResponse", "description": "Indicates that the builder claims certain fields in this message to be complete." }, "reproducible": { "type": "boolean", "description": "If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output." } }, "type": "object", "required": [ "buildFinishedOn", "buildInvocationId", "buildStartedOn", "completeness", "reproducible" ] }, "google-native:containeranalysis/v1alpha1:NonCompliantFile": { "description": "Details about files that caused a compliance check to fail.", "properties": { "displayCommand": { "type": "string", "description": "Command to display the non-compliant files." }, "path": { "type": "string", "description": "display_command is a single command that can be used to display a list of non compliant files. When there is no such command, we can also iterate a list of non compliant file using 'path'. Empty if `display_command` is set." }, "reason": { "type": "string", "description": "Explains why a file is non compliant for a CIS check." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:NonCompliantFileResponse": { "description": "Details about files that caused a compliance check to fail.", "properties": { "displayCommand": { "type": "string", "description": "Command to display the non-compliant files." }, "path": { "type": "string", "description": "display_command is a single command that can be used to display a list of non compliant files. When there is no such command, we can also iterate a list of non compliant file using 'path'. Empty if `display_command` is set." }, "reason": { "type": "string", "description": "Explains why a file is non compliant for a CIS check." } }, "type": "object", "required": [ "displayCommand", "path", "reason" ] }, "google-native:containeranalysis/v1alpha1:OperationResponse": { "description": "This resource represents a long-running operation that is the result of a network API call.", "properties": { "done": { "type": "boolean", "description": "If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available." }, "error": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:StatusResponse", "description": "The error result of the operation in case of failure or cancellation." }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any." }, "name": { "type": "string", "description": "The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`." }, "response": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The normal, successful response of the operation. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`." } }, "type": "object", "required": [ "done", "error", "metadata", "name", "response" ] }, "google-native:containeranalysis/v1alpha1:Package": { "description": "This represents a particular package that is distributed over various channels. e.g. glibc (aka libc6) is distributed by many, at various versions.", "properties": { "architecture": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:PackageArchitecture", "description": "The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages." }, "cpeUri": { "type": "string", "description": "The cpe_uri in [CPE format](https://cpe.mitre.org/specification/) denoting the package manager version distributing a package. The cpe_uri will be blank for language packages." }, "description": { "type": "string", "description": "The description of this package." }, "digest": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Digest" }, "description": "Hash value, typically a file digest, that allows unique identification a specific package." }, "distribution": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Distribution" }, "description": "The various channels by which a package is distributed." }, "license": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:License", "description": "Licenses that have been declared by the authors of the package." }, "maintainer": { "type": "string", "description": "A freeform text denoting the maintainer of this package." }, "name": { "type": "string", "description": "The name of the package." }, "packageType": { "type": "string", "description": "The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.)." }, "url": { "type": "string", "description": "The homepage for this package." }, "version": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Version", "description": "The version of the package." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:PackageArchitecture": { "description": "The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.", "type": "string", "enum": [ { "name": "ArchitectureUnspecified", "description": "Unknown architecture", "value": "ARCHITECTURE_UNSPECIFIED" }, { "name": "X86", "description": "X86 architecture", "value": "X86" }, { "name": "X64", "description": "X64 architecture", "value": "X64" } ] }, "google-native:containeranalysis/v1alpha1:PackageInfoNote": { "description": "PackageInfoNote represents an SPDX Package Information section: https://spdx.github.io/spdx-spec/3-package-information/", "properties": { "analyzed": { "type": "boolean", "description": "Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document" }, "attribution": { "type": "string", "description": "A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts" }, "checksum": { "type": "string", "description": "Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file" }, "copyright": { "type": "string", "description": "Identify the copyright holders of the package, as well as any dates present" }, "detailedDescription": { "type": "string", "description": "A more detailed description of the package" }, "downloadLocation": { "type": "string", "description": "This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created" }, "externalRefs": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:ExternalRef" }, "description": "ExternalRef" }, "filesLicenseInfo": { "type": "array", "items": { "type": "string" }, "description": "Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found" }, "homePage": { "type": "string", "description": "Provide a place for the SPDX file creator to record a web site that serves as the package's home page" }, "licenseDeclared": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:License", "description": "List the licenses that have been declared by the authors of the package" }, "originator": { "type": "string", "description": "If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came" }, "packageType": { "type": "string", "description": "The type of package: OS, MAVEN, GO, GO_STDLIB, etc." }, "summaryDescription": { "type": "string", "description": "A short description of the package" }, "supplier": { "type": "string", "description": "Identify the actual distribution source for the package/directory identified in the SPDX file" }, "title": { "type": "string", "description": "Identify the full name of the package as given by the Package Originator" }, "verificationCode": { "type": "string", "description": "This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file" }, "version": { "type": "string", "description": "Identify the version of the package" } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:PackageInfoNoteResponse": { "description": "PackageInfoNote represents an SPDX Package Information section: https://spdx.github.io/spdx-spec/3-package-information/", "properties": { "analyzed": { "type": "boolean", "description": "Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document" }, "attribution": { "type": "string", "description": "A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts" }, "checksum": { "type": "string", "description": "Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file" }, "copyright": { "type": "string", "description": "Identify the copyright holders of the package, as well as any dates present" }, "detailedDescription": { "type": "string", "description": "A more detailed description of the package" }, "downloadLocation": { "type": "string", "description": "This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created" }, "externalRefs": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:ExternalRefResponse" }, "description": "ExternalRef" }, "filesLicenseInfo": { "type": "array", "items": { "type": "string" }, "description": "Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found" }, "homePage": { "type": "string", "description": "Provide a place for the SPDX file creator to record a web site that serves as the package's home page" }, "licenseDeclared": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:LicenseResponse", "description": "List the licenses that have been declared by the authors of the package" }, "originator": { "type": "string", "description": "If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came" }, "packageType": { "type": "string", "description": "The type of package: OS, MAVEN, GO, GO_STDLIB, etc." }, "summaryDescription": { "type": "string", "description": "A short description of the package" }, "supplier": { "type": "string", "description": "Identify the actual distribution source for the package/directory identified in the SPDX file" }, "title": { "type": "string", "description": "Identify the full name of the package as given by the Package Originator" }, "verificationCode": { "type": "string", "description": "This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file" }, "version": { "type": "string", "description": "Identify the version of the package" } }, "type": "object", "required": [ "analyzed", "attribution", "checksum", "copyright", "detailedDescription", "downloadLocation", "externalRefs", "filesLicenseInfo", "homePage", "licenseDeclared", "originator", "packageType", "summaryDescription", "supplier", "title", "verificationCode", "version" ] }, "google-native:containeranalysis/v1alpha1:PackageInfoOccurrence": { "description": "PackageInfoOccurrence represents an SPDX Package Information section: https://spdx.github.io/spdx-spec/3-package-information/", "properties": { "comment": { "type": "string", "description": "A place for the SPDX file creator to record any general comments about the package being described" }, "filename": { "type": "string", "description": "Provide the actual file name of the package, or path of the directory being treated as a package" }, "id": { "type": "string", "description": "Uniquely identify any element in an SPDX document which may be referenced by other elements" }, "licenseConcluded": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:License", "description": "package or alternative values, if the governing license cannot be determined" }, "sourceInfo": { "type": "string", "description": "Provide a place for the SPDX file creator to record any relevant background information or additional comments about the origin of the package" } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:PackageInfoOccurrenceResponse": { "description": "PackageInfoOccurrence represents an SPDX Package Information section: https://spdx.github.io/spdx-spec/3-package-information/", "properties": { "comment": { "type": "string", "description": "A place for the SPDX file creator to record any general comments about the package being described" }, "filename": { "type": "string", "description": "Provide the actual file name of the package, or path of the directory being treated as a package" }, "homePage": { "type": "string", "description": "Provide a place for the SPDX file creator to record a web site that serves as the package's home page" }, "licenseConcluded": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:LicenseResponse", "description": "package or alternative values, if the governing license cannot be determined" }, "packageType": { "type": "string", "description": "The type of package: OS, MAVEN, GO, GO_STDLIB, etc." }, "sourceInfo": { "type": "string", "description": "Provide a place for the SPDX file creator to record any relevant background information or additional comments about the origin of the package" }, "summaryDescription": { "type": "string", "description": "A short description of the package" }, "title": { "type": "string", "description": "Identify the full name of the package as given by the Package Originator" }, "version": { "type": "string", "description": "Identify the version of the package" } }, "type": "object", "required": [ "comment", "filename", "homePage", "licenseConcluded", "packageType", "sourceInfo", "summaryDescription", "title", "version" ] }, "google-native:containeranalysis/v1alpha1:PackageIssue": { "description": "This message wraps a location affected by a vulnerability and its associated fix (if one is available).", "properties": { "affectedLocation": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:VulnerabilityLocation", "description": "The location of the vulnerability." }, "fixedLocation": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:VulnerabilityLocation", "description": "The location of the available fix for vulnerability." }, "packageType": { "type": "string", "description": "The type of package (e.g. OS, MAVEN, GO)." }, "severityName": { "type": "string" } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:PackageIssueResponse": { "description": "This message wraps a location affected by a vulnerability and its associated fix (if one is available).", "properties": { "affectedLocation": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:VulnerabilityLocationResponse", "description": "The location of the vulnerability." }, "effectiveSeverity": { "type": "string", "description": "The distro or language system assigned severity for this vulnerability when that is available and note provider assigned severity when distro or language system has not yet assigned a severity for this vulnerability." }, "fixedLocation": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:VulnerabilityLocationResponse", "description": "The location of the available fix for vulnerability." }, "packageType": { "type": "string", "description": "The type of package (e.g. OS, MAVEN, GO)." }, "severityName": { "type": "string" } }, "type": "object", "required": [ "affectedLocation", "effectiveSeverity", "fixedLocation", "packageType", "severityName" ] }, "google-native:containeranalysis/v1alpha1:PackageResponse": { "description": "This represents a particular package that is distributed over various channels. e.g. glibc (aka libc6) is distributed by many, at various versions.", "properties": { "architecture": { "type": "string", "description": "The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages." }, "cpeUri": { "type": "string", "description": "The cpe_uri in [CPE format](https://cpe.mitre.org/specification/) denoting the package manager version distributing a package. The cpe_uri will be blank for language packages." }, "description": { "type": "string", "description": "The description of this package." }, "digest": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:DigestResponse" }, "description": "Hash value, typically a file digest, that allows unique identification a specific package." }, "distribution": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:DistributionResponse" }, "description": "The various channels by which a package is distributed." }, "license": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:LicenseResponse", "description": "Licenses that have been declared by the authors of the package." }, "maintainer": { "type": "string", "description": "A freeform text denoting the maintainer of this package." }, "name": { "type": "string", "description": "The name of the package." }, "packageType": { "type": "string", "description": "The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.)." }, "url": { "type": "string", "description": "The homepage for this package." }, "version": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:VersionResponse", "description": "The version of the package." } }, "type": "object", "required": [ "architecture", "cpeUri", "description", "digest", "distribution", "license", "maintainer", "name", "packageType", "url", "version" ] }, "google-native:containeranalysis/v1alpha1:PgpSignedAttestation": { "description": "An attestation wrapper with a PGP-compatible signature. This message only supports `ATTACHED` signatures, where the payload that is signed is included alongside the signature itself in the same file.", "properties": { "contentType": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:PgpSignedAttestationContentType", "description": "Type (for example schema) of the attestation payload that was signed. The verifier must ensure that the provided type is one that the verifier supports, and that the attestation payload is a valid instantiation of that type (for example by validating a JSON schema)." }, "pgpKeyId": { "type": "string", "description": "The cryptographic fingerprint of the key used to generate the signature, as output by, e.g. `gpg --list-keys`. This should be the version 4, full 160-bit fingerprint, expressed as a 40 character hexadecimal string. See https://tools.ietf.org/html/rfc4880#section-12.2 for details. Implementations may choose to acknowledge \"LONG\", \"SHORT\", or other abbreviated key IDs, but only the full fingerprint is guaranteed to work. In gpg, the full fingerprint can be retrieved from the `fpr` field returned when calling --list-keys with --with-colons. For example: ``` gpg --with-colons --with-fingerprint --force-v4-certs \\ --list-keys attester@example.com tru::1:1513631572:0:3:1:5 pub:...... fpr:::::::::24FF6481B76AC91E66A00AC657A93A81EF3AE6FB: ``` Above, the fingerprint is `24FF6481B76AC91E66A00AC657A93A81EF3AE6FB`." }, "signature": { "type": "string", "description": "The raw content of the signature, as output by GNU Privacy Guard (GPG) or equivalent. Since this message only supports attached signatures, the payload that was signed must be attached. While the signature format supported is dependent on the verification implementation, currently only ASCII-armored (`--armor` to gpg), non-clearsigned (`--sign` rather than `--clearsign` to gpg) are supported. Concretely, `gpg --sign --armor --output=signature.gpg payload.json` will create the signature content expected in this field in `signature.gpg` for the `payload.json` attestation payload." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:PgpSignedAttestationContentType": { "description": "Type (for example schema) of the attestation payload that was signed. The verifier must ensure that the provided type is one that the verifier supports, and that the attestation payload is a valid instantiation of that type (for example by validating a JSON schema).", "type": "string", "enum": [ { "name": "ContentTypeUnspecified", "description": "`ContentType` is not set.", "value": "CONTENT_TYPE_UNSPECIFIED" }, { "name": "SimpleSigningJson", "description": "Atomic format attestation signature. See https://github.com/containers/image/blob/8a5d2f82a6e3263290c8e0276c3e0f64e77723e7/docs/atomic-signature.md The payload extracted from `signature` is a JSON blob conforming to the linked schema.", "value": "SIMPLE_SIGNING_JSON" } ] }, "google-native:containeranalysis/v1alpha1:PgpSignedAttestationResponse": { "description": "An attestation wrapper with a PGP-compatible signature. This message only supports `ATTACHED` signatures, where the payload that is signed is included alongside the signature itself in the same file.", "properties": { "contentType": { "type": "string", "description": "Type (for example schema) of the attestation payload that was signed. The verifier must ensure that the provided type is one that the verifier supports, and that the attestation payload is a valid instantiation of that type (for example by validating a JSON schema)." }, "pgpKeyId": { "type": "string", "description": "The cryptographic fingerprint of the key used to generate the signature, as output by, e.g. `gpg --list-keys`. This should be the version 4, full 160-bit fingerprint, expressed as a 40 character hexadecimal string. See https://tools.ietf.org/html/rfc4880#section-12.2 for details. Implementations may choose to acknowledge \"LONG\", \"SHORT\", or other abbreviated key IDs, but only the full fingerprint is guaranteed to work. In gpg, the full fingerprint can be retrieved from the `fpr` field returned when calling --list-keys with --with-colons. For example: ``` gpg --with-colons --with-fingerprint --force-v4-certs \\ --list-keys attester@example.com tru::1:1513631572:0:3:1:5 pub:...... fpr:::::::::24FF6481B76AC91E66A00AC657A93A81EF3AE6FB: ``` Above, the fingerprint is `24FF6481B76AC91E66A00AC657A93A81EF3AE6FB`." }, "signature": { "type": "string", "description": "The raw content of the signature, as output by GNU Privacy Guard (GPG) or equivalent. Since this message only supports attached signatures, the payload that was signed must be attached. While the signature format supported is dependent on the verification implementation, currently only ASCII-armored (`--armor` to gpg), non-clearsigned (`--sign` rather than `--clearsign` to gpg) are supported. Concretely, `gpg --sign --armor --output=signature.gpg payload.json` will create the signature content expected in this field in `signature.gpg` for the `payload.json` attestation payload." } }, "type": "object", "required": [ "contentType", "pgpKeyId", "signature" ] }, "google-native:containeranalysis/v1alpha1:Product": { "description": "Product contains information about a product and how to uniquely identify it.", "properties": { "id": { "type": "string", "description": "Token that identifies a product so that it can be referred to from other parts in the document. There is no predefined format as long as it uniquely identifies a group in the context of the current document." }, "identifierHelper": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:IdentifierHelper", "description": "Helps in identifying the underlying product." }, "name": { "type": "string", "description": "Name of the product." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:ProductResponse": { "description": "Product contains information about a product and how to uniquely identify it.", "properties": { "identifierHelper": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:IdentifierHelperResponse", "description": "Helps in identifying the underlying product." }, "name": { "type": "string", "description": "Name of the product." } }, "type": "object", "required": [ "identifierHelper", "name" ] }, "google-native:containeranalysis/v1alpha1:ProvenanceBuilder": { "properties": { "builderDependencies": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:ResourceDescriptor" } }, "id": { "type": "string" }, "version": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:ProvenanceBuilderResponse": { "properties": { "builderDependencies": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:ResourceDescriptorResponse" } }, "version": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "builderDependencies", "version" ] }, "google-native:containeranalysis/v1alpha1:Publisher": { "description": "Publisher contains information about the publisher of this Note.", "properties": { "issuingAuthority": { "type": "string", "description": "Provides information about the authority of the issuing party to release the document, in particular, the party's constituency and responsibilities or other obligations." }, "name": { "type": "string", "description": "Name of the publisher. Examples: 'Google', 'Google Cloud Platform'." }, "publisherNamespace": { "type": "string", "description": "The context or namespace. Contains a URL which is under control of the issuing party and can be used as a globally unique identifier for that issuing party. Example: https://csaf.io" } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:PublisherResponse": { "description": "Publisher contains information about the publisher of this Note.", "properties": { "issuingAuthority": { "type": "string", "description": "Provides information about the authority of the issuing party to release the document, in particular, the party's constituency and responsibilities or other obligations." }, "name": { "type": "string", "description": "Name of the publisher. Examples: 'Google', 'Google Cloud Platform'." }, "publisherNamespace": { "type": "string", "description": "The context or namespace. Contains a URL which is under control of the issuing party and can be used as a globally unique identifier for that issuing party. Example: https://csaf.io" } }, "type": "object", "required": [ "issuingAuthority", "name", "publisherNamespace" ] }, "google-native:containeranalysis/v1alpha1:Recipe": { "description": "Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe.", "properties": { "arguments": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were \"make\", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint." }, "definedInMaterial": { "type": "string", "description": "Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were \"make\", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64." }, "entryPoint": { "type": "string", "description": "String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were \"make\", then this would reference the directory in which to run make as well as which target to use." }, "environment": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy." }, "type": { "type": "string", "description": "URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:RecipeResponse": { "description": "Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe.", "properties": { "arguments": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were \"make\", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint." }, "definedInMaterial": { "type": "string", "description": "Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were \"make\", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64." }, "entryPoint": { "type": "string", "description": "String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were \"make\", then this would reference the directory in which to run make as well as which target to use." }, "environment": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy." }, "type": { "type": "string", "description": "URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials." } }, "type": "object", "required": [ "arguments", "definedInMaterial", "entryPoint", "environment", "type" ] }, "google-native:containeranalysis/v1alpha1:RelatedUrl": { "description": "Metadata for any related URL information", "properties": { "label": { "type": "string", "description": "Label to describe usage of the URL" }, "url": { "type": "string", "description": "Specific URL to associate with the note" } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:RelatedUrlResponse": { "description": "Metadata for any related URL information", "properties": { "label": { "type": "string", "description": "Label to describe usage of the URL" }, "url": { "type": "string", "description": "Specific URL to associate with the note" } }, "type": "object", "required": [ "label", "url" ] }, "google-native:containeranalysis/v1alpha1:RelationshipNote": { "description": "RelationshipNote represents an SPDX Relationship section: https://spdx.github.io/spdx-spec/7-relationships-between-SPDX-elements/", "properties": { "type": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:RelationshipNoteType", "description": "The type of relationship between the source and target SPDX elements" } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:RelationshipNoteResponse": { "description": "RelationshipNote represents an SPDX Relationship section: https://spdx.github.io/spdx-spec/7-relationships-between-SPDX-elements/", "properties": { "type": { "type": "string", "description": "The type of relationship between the source and target SPDX elements" } }, "type": "object", "required": [ "type" ] }, "google-native:containeranalysis/v1alpha1:RelationshipNoteType": { "description": "The type of relationship between the source and target SPDX elements", "type": "string", "enum": [ { "name": "RelationshipTypeUnspecified", "description": "Unspecified", "value": "RELATIONSHIP_TYPE_UNSPECIFIED" }, { "name": "Describes", "description": "Is to be used when SPDXRef-DOCUMENT describes SPDXRef-A", "value": "DESCRIBES" }, { "name": "DescribedBy", "description": "Is to be used when SPDXRef-A is described by SPDXREF-Document", "value": "DESCRIBED_BY" }, { "name": "Contains", "description": "Is to be used when SPDXRef-A contains SPDXRef-B", "value": "CONTAINS" }, { "name": "ContainedBy", "description": "Is to be used when SPDXRef-A is contained by SPDXRef-B", "value": "CONTAINED_BY" }, { "name": "DependsOn", "description": "Is to be used when SPDXRef-A depends on SPDXRef-B", "value": "DEPENDS_ON" }, { "name": "DependencyOf", "description": "Is to be used when SPDXRef-A is dependency of SPDXRef-B", "value": "DEPENDENCY_OF" }, { "name": "DependencyManifestOf", "description": "Is to be used when SPDXRef-A is a manifest file that lists a set of dependencies for SPDXRef-B", "value": "DEPENDENCY_MANIFEST_OF" }, { "name": "BuildDependencyOf", "description": "Is to be used when SPDXRef-A is a build dependency of SPDXRef-B", "value": "BUILD_DEPENDENCY_OF" }, { "name": "DevDependencyOf", "description": "Is to be used when SPDXRef-A is a development dependency of SPDXRef-B", "value": "DEV_DEPENDENCY_OF" }, { "name": "OptionalDependencyOf", "description": "Is to be used when SPDXRef-A is an optional dependency of SPDXRef-B", "value": "OPTIONAL_DEPENDENCY_OF" }, { "name": "ProvidedDependencyOf", "description": "Is to be used when SPDXRef-A is a to be provided dependency of SPDXRef-B", "value": "PROVIDED_DEPENDENCY_OF" }, { "name": "TestDependencyOf", "description": "Is to be used when SPDXRef-A is a test dependency of SPDXRef-B", "value": "TEST_DEPENDENCY_OF" }, { "name": "RuntimeDependencyOf", "description": "Is to be used when SPDXRef-A is a dependency required for the execution of SPDXRef-B", "value": "RUNTIME_DEPENDENCY_OF" }, { "name": "ExampleOf", "description": "Is to be used when SPDXRef-A is an example of SPDXRef-B", "value": "EXAMPLE_OF" }, { "name": "Generates", "description": "Is to be used when SPDXRef-A generates SPDXRef-B", "value": "GENERATES" }, { "name": "GeneratedFrom", "description": "Is to be used when SPDXRef-A was generated from SPDXRef-B", "value": "GENERATED_FROM" }, { "name": "AncestorOf", "description": "Is to be used when SPDXRef-A is an ancestor (same lineage but pre-dates) SPDXRef-B", "value": "ANCESTOR_OF" }, { "name": "DescendantOf", "description": "Is to be used when SPDXRef-A is a descendant of (same lineage but postdates) SPDXRef-B", "value": "DESCENDANT_OF" }, { "name": "VariantOf", "description": "Is to be used when SPDXRef-A is a variant of (same lineage but not clear which came first) SPDXRef-B", "value": "VARIANT_OF" }, { "name": "DistributionArtifact", "description": "Is to be used when distributing SPDXRef-A requires that SPDXRef-B also be distributed", "value": "DISTRIBUTION_ARTIFACT" }, { "name": "PatchFor", "description": "Is to be used when SPDXRef-A is a patch file for (to be applied to) SPDXRef-B", "value": "PATCH_FOR" }, { "name": "PatchApplied", "description": "Is to be used when SPDXRef-A is a patch file that has been applied to SPDXRef-B", "value": "PATCH_APPLIED" }, { "name": "CopyOf", "description": "Is to be used when SPDXRef-A is an exact copy of SPDXRef-B", "value": "COPY_OF" }, { "name": "FileAdded", "description": "Is to be used when SPDXRef-A is a file that was added to SPDXRef-B", "value": "FILE_ADDED" }, { "name": "FileDeleted", "description": "Is to be used when SPDXRef-A is a file that was deleted from SPDXRef-B", "value": "FILE_DELETED" }, { "name": "FileModified", "description": "Is to be used when SPDXRef-A is a file that was modified from SPDXRef-B", "value": "FILE_MODIFIED" }, { "name": "ExpandedFromArchive", "description": "Is to be used when SPDXRef-A is expanded from the archive SPDXRef-B", "value": "EXPANDED_FROM_ARCHIVE" }, { "name": "DynamicLink", "description": "Is to be used when SPDXRef-A dynamically links to SPDXRef-B", "value": "DYNAMIC_LINK" }, { "name": "StaticLink", "description": "Is to be used when SPDXRef-A statically links to SPDXRef-B", "value": "STATIC_LINK" }, { "name": "DataFileOf", "description": "Is to be used when SPDXRef-A is a data file used in SPDXRef-B", "value": "DATA_FILE_OF" }, { "name": "TestCaseOf", "description": "Is to be used when SPDXRef-A is a test case used in testing SPDXRef-B", "value": "TEST_CASE_OF" }, { "name": "BuildToolOf", "description": "Is to be used when SPDXRef-A is used to build SPDXRef-B", "value": "BUILD_TOOL_OF" }, { "name": "DevToolOf", "description": "Is to be used when SPDXRef-A is used as a development tool for SPDXRef-B", "value": "DEV_TOOL_OF" }, { "name": "TestOf", "description": "Is to be used when SPDXRef-A is used for testing SPDXRef-B", "value": "TEST_OF" }, { "name": "TestToolOf", "description": "Is to be used when SPDXRef-A is used as a test tool for SPDXRef-B", "value": "TEST_TOOL_OF" }, { "name": "DocumentationOf", "description": "Is to be used when SPDXRef-A provides documentation of SPDXRef-B", "value": "DOCUMENTATION_OF" }, { "name": "OptionalComponentOf", "description": "Is to be used when SPDXRef-A is an optional component of SPDXRef-B", "value": "OPTIONAL_COMPONENT_OF" }, { "name": "MetafileOf", "description": "Is to be used when SPDXRef-A is a metafile of SPDXRef-B", "value": "METAFILE_OF" }, { "name": "PackageOf", "description": "Is to be used when SPDXRef-A is used as a package as part of SPDXRef-B", "value": "PACKAGE_OF" }, { "name": "Amends", "description": "Is to be used when (current) SPDXRef-DOCUMENT amends the SPDX information in SPDXRef-B", "value": "AMENDS" }, { "name": "PrerequisiteFor", "description": "Is to be used when SPDXRef-A is a prerequisite for SPDXRef-B", "value": "PREREQUISITE_FOR" }, { "name": "HasPrerequisite", "description": "Is to be used when SPDXRef-A has as a prerequisite SPDXRef-B", "value": "HAS_PREREQUISITE" }, { "name": "Other", "description": "Is to be used for a relationship which has not been defined in the formal SPDX specification. A description of the relationship should be included in the Relationship comments field", "value": "OTHER" } ] }, "google-native:containeranalysis/v1alpha1:RelationshipOccurrence": { "description": "RelationshipOccurrence represents an SPDX Relationship section: https://spdx.github.io/spdx-spec/7-relationships-between-SPDX-elements/", "properties": { "comment": { "type": "string", "description": "A place for the SPDX file creator to record any general comments about the relationship" }, "source": { "type": "string", "description": "Also referred to as SPDXRef-A The source SPDX element (file, package, etc)" }, "target": { "type": "string", "description": "Also referred to as SPDXRef-B The target SPDC element (file, package, etc) In cases where there are \"known unknowns\", the use of the keyword NOASSERTION can be used The keywords NONE can be used to indicate that an SPDX element (package/file/snippet) has no other elements connected by some relationship to it" } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:RelationshipOccurrenceResponse": { "description": "RelationshipOccurrence represents an SPDX Relationship section: https://spdx.github.io/spdx-spec/7-relationships-between-SPDX-elements/", "properties": { "comment": { "type": "string", "description": "A place for the SPDX file creator to record any general comments about the relationship" }, "source": { "type": "string", "description": "Also referred to as SPDXRef-A The source SPDX element (file, package, etc)" }, "target": { "type": "string", "description": "Also referred to as SPDXRef-B The target SPDC element (file, package, etc) In cases where there are \"known unknowns\", the use of the keyword NOASSERTION can be used The keywords NONE can be used to indicate that an SPDX element (package/file/snippet) has no other elements connected by some relationship to it" }, "type": { "type": "string", "description": "The type of relationship between the source and target SPDX elements" } }, "type": "object", "required": [ "comment", "source", "target", "type" ] }, "google-native:containeranalysis/v1alpha1:Remediation": { "description": "Specifies details on how to handle (and presumably, fix) a vulnerability.", "properties": { "details": { "type": "string", "description": "Contains a comprehensive human-readable discussion of the remediation." }, "remediationType": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:RemediationRemediationType", "description": "The type of remediation that can be applied." }, "remediationUri": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:URI", "description": "Contains the URL where to obtain the remediation." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:RemediationRemediationType": { "description": "The type of remediation that can be applied.", "type": "string", "enum": [ { "name": "RemediationTypeUnspecified", "description": "No remediation type specified.", "value": "REMEDIATION_TYPE_UNSPECIFIED" }, { "name": "Mitigation", "description": "A MITIGATION is available.", "value": "MITIGATION" }, { "name": "NoFixPlanned", "description": "No fix is planned.", "value": "NO_FIX_PLANNED" }, { "name": "NoneAvailable", "description": "Not available.", "value": "NONE_AVAILABLE" }, { "name": "VendorFix", "description": "A vendor fix is available.", "value": "VENDOR_FIX" }, { "name": "Workaround", "description": "A workaround is available.", "value": "WORKAROUND" } ] }, "google-native:containeranalysis/v1alpha1:RemediationResponse": { "description": "Specifies details on how to handle (and presumably, fix) a vulnerability.", "properties": { "details": { "type": "string", "description": "Contains a comprehensive human-readable discussion of the remediation." }, "remediationType": { "type": "string", "description": "The type of remediation that can be applied." }, "remediationUri": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:URIResponse", "description": "Contains the URL where to obtain the remediation." } }, "type": "object", "required": [ "details", "remediationType", "remediationUri" ] }, "google-native:containeranalysis/v1alpha1:RepoSource": { "description": "RepoSource describes the location of the source in a Google Cloud Source Repository.", "properties": { "branchName": { "type": "string", "description": "Name of the branch to build." }, "commitSha": { "type": "string", "description": "Explicit commit SHA to build." }, "project": { "type": "string", "description": "ID of the project that owns the repo." }, "repoName": { "type": "string", "description": "Name of the repo." }, "tagName": { "type": "string", "description": "Name of the tag to build." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:RepoSourceResponse": { "description": "RepoSource describes the location of the source in a Google Cloud Source Repository.", "properties": { "branchName": { "type": "string", "description": "Name of the branch to build." }, "commitSha": { "type": "string", "description": "Explicit commit SHA to build." }, "project": { "type": "string", "description": "ID of the project that owns the repo." }, "repoName": { "type": "string", "description": "Name of the repo." }, "tagName": { "type": "string", "description": "Name of the tag to build." } }, "type": "object", "required": [ "branchName", "commitSha", "project", "repoName", "tagName" ] }, "google-native:containeranalysis/v1alpha1:Resource": { "description": " Resource is an entity that can have metadata. E.g., a Docker image.", "properties": { "contentHash": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Hash", "description": "The hash of the resource content. E.g., the Docker digest." }, "name": { "type": "string", "description": "The name of the resource. E.g., the name of a Docker image - \"Debian\"." }, "uri": { "type": "string", "description": "The unique URI of the resource. E.g., \"https://gcr.io/project/image@sha256:foo\" for a Docker image." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:ResourceDescriptor": { "properties": { "annotations": { "type": "object", "additionalProperties": { "type": "string" } }, "content": { "type": "string" }, "digest": { "type": "object", "additionalProperties": { "type": "string" } }, "downloadLocation": { "type": "string" }, "mediaType": { "type": "string" }, "name": { "type": "string" }, "uri": { "type": "string" } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:ResourceDescriptorResponse": { "properties": { "annotations": { "type": "object", "additionalProperties": { "type": "string" } }, "content": { "type": "string" }, "digest": { "type": "object", "additionalProperties": { "type": "string" } }, "downloadLocation": { "type": "string" }, "mediaType": { "type": "string" }, "name": { "type": "string" }, "uri": { "type": "string" } }, "type": "object", "required": [ "annotations", "content", "digest", "downloadLocation", "mediaType", "name", "uri" ] }, "google-native:containeranalysis/v1alpha1:ResourceResponse": { "description": " Resource is an entity that can have metadata. E.g., a Docker image.", "properties": { "contentHash": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:HashResponse", "description": "The hash of the resource content. E.g., the Docker digest." }, "name": { "type": "string", "description": "The name of the resource. E.g., the name of a Docker image - \"Debian\"." }, "uri": { "type": "string", "description": "The unique URI of the resource. E.g., \"https://gcr.io/project/image@sha256:foo\" for a Docker image." } }, "type": "object", "required": [ "contentHash", "name", "uri" ] }, "google-native:containeranalysis/v1alpha1:RunDetails": { "properties": { "builder": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:ProvenanceBuilder" }, "byproducts": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:ResourceDescriptor" } }, "metadata": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:BuildMetadata" } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:RunDetailsResponse": { "properties": { "builder": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:ProvenanceBuilderResponse" }, "byproducts": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:ResourceDescriptorResponse" } }, "metadata": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:BuildMetadataResponse" } }, "type": "object", "required": [ "builder", "byproducts", "metadata" ] }, "google-native:containeranalysis/v1alpha1:SBOMReferenceNote": { "description": "The note representing an SBOM reference.", "properties": { "format": { "type": "string", "description": "The format that SBOM takes. E.g. may be spdx, cyclonedx, etc..." }, "version": { "type": "string", "description": "The version of the format that the SBOM takes. E.g. if the format is spdx, the version may be 2.3." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:SBOMReferenceNoteResponse": { "description": "The note representing an SBOM reference.", "properties": { "format": { "type": "string", "description": "The format that SBOM takes. E.g. may be spdx, cyclonedx, etc..." }, "version": { "type": "string", "description": "The version of the format that the SBOM takes. E.g. if the format is spdx, the version may be 2.3." } }, "type": "object", "required": [ "format", "version" ] }, "google-native:containeranalysis/v1alpha1:SBOMReferenceOccurrence": { "description": "The occurrence representing an SBOM reference as applied to a specific resource. The occurrence follows the DSSE specification. See https://github.com/secure-systems-lab/dsse/blob/master/envelope.md for more details.", "properties": { "payload": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:SbomReferenceIntotoPayload", "description": "The actual payload that contains the SBOM reference data." }, "payloadType": { "type": "string", "description": "The kind of payload that SbomReferenceIntotoPayload takes. Since it's in the intoto format, this value is expected to be 'application/vnd.in-toto+json'." }, "signatures": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:EnvelopeSignature" }, "description": "The signatures over the payload." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:SBOMReferenceOccurrenceResponse": { "description": "The occurrence representing an SBOM reference as applied to a specific resource. The occurrence follows the DSSE specification. See https://github.com/secure-systems-lab/dsse/blob/master/envelope.md for more details.", "properties": { "payload": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:SbomReferenceIntotoPayloadResponse", "description": "The actual payload that contains the SBOM reference data." }, "payloadType": { "type": "string", "description": "The kind of payload that SbomReferenceIntotoPayload takes. Since it's in the intoto format, this value is expected to be 'application/vnd.in-toto+json'." }, "signatures": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:EnvelopeSignatureResponse" }, "description": "The signatures over the payload." } }, "type": "object", "required": [ "payload", "payloadType", "signatures" ] }, "google-native:containeranalysis/v1alpha1:SBOMStatusResponse": { "description": "The status of an SBOM generation.", "properties": { "error": { "type": "string", "description": "If there was an error generating an SBOM, this will indicate what that error was." }, "sbomState": { "type": "string", "description": "The progress of the SBOM generation." } }, "type": "object", "required": [ "error", "sbomState" ] }, "google-native:containeranalysis/v1alpha1:SbomReferenceIntotoPayload": { "description": "The actual payload that contains the SBOM Reference data. The payload follows the intoto statement specification. See https://github.com/in-toto/attestation/blob/main/spec/v1.0/statement.md for more details.", "properties": { "predicate": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:SbomReferenceIntotoPredicate", "description": "Additional parameters of the Predicate. Includes the actual data about the SBOM." }, "predicateType": { "type": "string", "description": "URI identifying the type of the Predicate." }, "subject": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Subject" }, "description": "Set of software artifacts that the attestation applies to. Each element represents a single software artifact." }, "type": { "type": "string", "description": "Identifier for the schema of the Statement." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:SbomReferenceIntotoPayloadResponse": { "description": "The actual payload that contains the SBOM Reference data. The payload follows the intoto statement specification. See https://github.com/in-toto/attestation/blob/main/spec/v1.0/statement.md for more details.", "properties": { "predicate": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:SbomReferenceIntotoPredicateResponse", "description": "Additional parameters of the Predicate. Includes the actual data about the SBOM." }, "predicateType": { "type": "string", "description": "URI identifying the type of the Predicate." }, "subject": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:SubjectResponse" }, "description": "Set of software artifacts that the attestation applies to. Each element represents a single software artifact." }, "type": { "type": "string", "description": "Identifier for the schema of the Statement." } }, "type": "object", "required": [ "predicate", "predicateType", "subject", "type" ] }, "google-native:containeranalysis/v1alpha1:SbomReferenceIntotoPredicate": { "description": "A predicate which describes the SBOM being referenced.", "properties": { "digest": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of algorithm to digest of the contents of the SBOM." }, "location": { "type": "string", "description": "The location of the SBOM." }, "mimeType": { "type": "string", "description": "The mime type of the SBOM." }, "referrerId": { "type": "string", "description": "The person or system referring this predicate to the consumer." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:SbomReferenceIntotoPredicateResponse": { "description": "A predicate which describes the SBOM being referenced.", "properties": { "digest": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of algorithm to digest of the contents of the SBOM." }, "location": { "type": "string", "description": "The location of the SBOM." }, "mimeType": { "type": "string", "description": "The mime type of the SBOM." }, "referrerId": { "type": "string", "description": "The person or system referring this predicate to the consumer." } }, "type": "object", "required": [ "digest", "location", "mimeType", "referrerId" ] }, "google-native:containeranalysis/v1alpha1:SlsaBuilder": { "description": "SlsaBuilder encapsulates the identity of the builder of this provenance.", "properties": { "id": { "type": "string", "description": "id is the id of the slsa provenance builder" } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:SlsaBuilderResponse": { "description": "SlsaBuilder encapsulates the identity of the builder of this provenance.", "type": "object" }, "google-native:containeranalysis/v1alpha1:SlsaCompleteness": { "description": "Indicates that the builder claims certain fields in this message to be complete.", "properties": { "arguments": { "type": "boolean", "description": "If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe." }, "environment": { "type": "boolean", "description": "If true, the builder claims that recipe.environment is claimed to be complete." }, "materials": { "type": "boolean", "description": "If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called \"hermetic\"." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:SlsaCompletenessResponse": { "description": "Indicates that the builder claims certain fields in this message to be complete.", "properties": { "arguments": { "type": "boolean", "description": "If true, the builder claims that recipe.arguments is complete, meaning that all external inputs are properly captured in the recipe." }, "environment": { "type": "boolean", "description": "If true, the builder claims that recipe.environment is claimed to be complete." }, "materials": { "type": "boolean", "description": "If true, the builder claims that materials are complete, usually through some controls to prevent network access. Sometimes called \"hermetic\"." } }, "type": "object", "required": [ "arguments", "environment", "materials" ] }, "google-native:containeranalysis/v1alpha1:SlsaMetadata": { "description": "Other properties of the build.", "properties": { "buildFinishedOn": { "type": "string", "description": "The timestamp of when the build completed." }, "buildInvocationId": { "type": "string", "description": "Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec." }, "buildStartedOn": { "type": "string", "description": "The timestamp of when the build started." }, "completeness": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:SlsaCompleteness", "description": "Indicates that the builder claims certain fields in this message to be complete." }, "reproducible": { "type": "boolean", "description": "If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:SlsaMetadataResponse": { "description": "Other properties of the build.", "properties": { "buildFinishedOn": { "type": "string", "description": "The timestamp of when the build completed." }, "buildInvocationId": { "type": "string", "description": "Identifies the particular build invocation, which can be useful for finding associated logs or other ad-hoc analysis. The value SHOULD be globally unique, per in-toto Provenance spec." }, "buildStartedOn": { "type": "string", "description": "The timestamp of when the build started." }, "completeness": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:SlsaCompletenessResponse", "description": "Indicates that the builder claims certain fields in this message to be complete." }, "reproducible": { "type": "boolean", "description": "If true, the builder claims that running the recipe on materials will produce bit-for-bit identical output." } }, "type": "object", "required": [ "buildFinishedOn", "buildInvocationId", "buildStartedOn", "completeness", "reproducible" ] }, "google-native:containeranalysis/v1alpha1:SlsaProvenance": { "description": "SlsaProvenance is the slsa provenance as defined by the slsa spec.", "properties": { "builder": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:SlsaBuilder", "description": "builder is the builder of this provenance" }, "materials": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Material" }, "description": "The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty." }, "metadata": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:SlsaMetadata", "description": "metadata is the metadata of the provenance" }, "recipe": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:SlsaRecipe", "description": "Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible)." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:SlsaProvenanceResponse": { "description": "SlsaProvenance is the slsa provenance as defined by the slsa spec.", "properties": { "builder": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:SlsaBuilderResponse", "description": "builder is the builder of this provenance" }, "materials": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:MaterialResponse" }, "description": "The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on. This is considered to be incomplete unless metadata.completeness.materials is true. Unset or null is equivalent to empty." }, "metadata": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:SlsaMetadataResponse", "description": "metadata is the metadata of the provenance" }, "recipe": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:SlsaRecipeResponse", "description": "Identifies the configuration used for the build. When combined with materials, this SHOULD fully describe the build, such that re-running this recipe results in bit-for-bit identical output (if the build is reproducible)." } }, "type": "object", "required": [ "builder", "materials", "metadata", "recipe" ] }, "google-native:containeranalysis/v1alpha1:SlsaProvenanceV1": { "description": "Keep in sync with schema at https://github.com/slsa-framework/slsa/blob/main/docs/provenance/schema/v1/provenance.proto Builder renamed to ProvenanceBuilder because of Java conflicts.", "properties": { "buildDefinition": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:BuildDefinition" }, "runDetails": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:RunDetails" } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:SlsaProvenanceV1Response": { "description": "Keep in sync with schema at https://github.com/slsa-framework/slsa/blob/main/docs/provenance/schema/v1/provenance.proto Builder renamed to ProvenanceBuilder because of Java conflicts.", "properties": { "buildDefinition": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:BuildDefinitionResponse" }, "runDetails": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:RunDetailsResponse" } }, "type": "object", "required": [ "buildDefinition", "runDetails" ] }, "google-native:containeranalysis/v1alpha1:SlsaProvenanceZeroTwo": { "description": "SlsaProvenanceZeroTwo is the slsa provenance as defined by the slsa spec. See full explanation of fields at slsa.dev/provenance/v0.2.", "properties": { "buildConfig": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Lists the steps in the build." }, "buildType": { "type": "string", "description": "URI indicating what type of build was performed." }, "builder": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:GoogleDevtoolsContaineranalysisV1alpha1SlsaProvenanceZeroTwoSlsaBuilder", "description": "Identifies the entity that executed the recipe, which is trusted to have correctly performed the operation and populated this provenance." }, "invocation": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:GoogleDevtoolsContaineranalysisV1alpha1SlsaProvenanceZeroTwoSlsaInvocation", "description": "Identifies the event that kicked off the build." }, "materials": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:GoogleDevtoolsContaineranalysisV1alpha1SlsaProvenanceZeroTwoSlsaMaterial" }, "description": "The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on." }, "metadata": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:GoogleDevtoolsContaineranalysisV1alpha1SlsaProvenanceZeroTwoSlsaMetadata", "description": "Other properties of the build." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:SlsaProvenanceZeroTwoResponse": { "description": "SlsaProvenanceZeroTwo is the slsa provenance as defined by the slsa spec. See full explanation of fields at slsa.dev/provenance/v0.2.", "properties": { "buildConfig": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Lists the steps in the build." }, "buildType": { "type": "string", "description": "URI indicating what type of build was performed." }, "builder": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:GoogleDevtoolsContaineranalysisV1alpha1SlsaProvenanceZeroTwoSlsaBuilderResponse", "description": "Identifies the entity that executed the recipe, which is trusted to have correctly performed the operation and populated this provenance." }, "invocation": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:GoogleDevtoolsContaineranalysisV1alpha1SlsaProvenanceZeroTwoSlsaInvocationResponse", "description": "Identifies the event that kicked off the build." }, "materials": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:GoogleDevtoolsContaineranalysisV1alpha1SlsaProvenanceZeroTwoSlsaMaterialResponse" }, "description": "The collection of artifacts that influenced the build including sources, dependencies, build tools, base images, and so on." }, "metadata": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:GoogleDevtoolsContaineranalysisV1alpha1SlsaProvenanceZeroTwoSlsaMetadataResponse", "description": "Other properties of the build." } }, "type": "object", "required": [ "buildConfig", "buildType", "builder", "invocation", "materials", "metadata" ] }, "google-native:containeranalysis/v1alpha1:SlsaRecipe": { "description": "Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe.", "properties": { "arguments": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were \"make\", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different." }, "definedInMaterial": { "type": "string", "description": "Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were \"make\", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64." }, "entryPoint": { "type": "string", "description": "String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were \"make\", then this would reference the directory in which to run make as well as which target to use." }, "environment": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different." }, "type": { "type": "string", "description": "URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:SlsaRecipeResponse": { "description": "Steps taken to build the artifact. For a TaskRun, typically each container corresponds to one step in the recipe.", "properties": { "arguments": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were \"make\", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. Depending on the recipe Type, the structure may be different." }, "definedInMaterial": { "type": "string", "description": "Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were \"make\", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64." }, "entryPoint": { "type": "string", "description": "String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were \"make\", then this would reference the directory in which to run make as well as which target to use." }, "environment": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. Depending on the recipe Type, the structure may be different." }, "type": { "type": "string", "description": "URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials." } }, "type": "object", "required": [ "arguments", "definedInMaterial", "entryPoint", "environment", "type" ] }, "google-native:containeranalysis/v1alpha1:Source": { "description": "Source describes the location of the source used for the build.", "properties": { "additionalContexts": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:GoogleDevtoolsContaineranalysisV1alpha1SourceContext" }, "description": "If provided, some of the source code used for the build may be found in these locations, in the case where the source repository had multiple remotes or submodules. This list will not include the context specified in the context field." }, "artifactStorageSource": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:StorageSource", "description": "If provided, the input binary artifacts for the build came from this location." }, "context": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:GoogleDevtoolsContaineranalysisV1alpha1SourceContext", "description": "If provided, the source code used for the build came from this location." }, "fileHashes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Hash(es) of the build source, which can be used to verify that the original source integrity was maintained in the build. The keys to this map are file paths used as build source and the values contain the hash values for those files. If the build source came in a single package such as a gzipped tarfile (.tar.gz), the FileHash will be for the single path to that file." }, "repoSource": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:RepoSource", "description": "If provided, get source from this location in a Cloud Repo." }, "storageSource": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:StorageSource", "description": "If provided, get the source from this location in Google Cloud Storage." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:SourceResponse": { "description": "Source describes the location of the source used for the build.", "properties": { "additionalContexts": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:GoogleDevtoolsContaineranalysisV1alpha1SourceContextResponse" }, "description": "If provided, some of the source code used for the build may be found in these locations, in the case where the source repository had multiple remotes or submodules. This list will not include the context specified in the context field." }, "artifactStorageSource": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:StorageSourceResponse", "description": "If provided, the input binary artifacts for the build came from this location." }, "context": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:GoogleDevtoolsContaineranalysisV1alpha1SourceContextResponse", "description": "If provided, the source code used for the build came from this location." }, "fileHashes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Hash(es) of the build source, which can be used to verify that the original source integrity was maintained in the build. The keys to this map are file paths used as build source and the values contain the hash values for those files. If the build source came in a single package such as a gzipped tarfile (.tar.gz), the FileHash will be for the single path to that file." }, "repoSource": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:RepoSourceResponse", "description": "If provided, get source from this location in a Cloud Repo." }, "storageSource": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:StorageSourceResponse", "description": "If provided, get the source from this location in Google Cloud Storage." } }, "type": "object", "required": [ "additionalContexts", "artifactStorageSource", "context", "fileHashes", "repoSource", "storageSource" ] }, "google-native:containeranalysis/v1alpha1:Status": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:StatusResponse": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object", "required": [ "code", "details", "message" ] }, "google-native:containeranalysis/v1alpha1:StorageSource": { "description": "StorageSource describes the location of the source in an archive file in Google Cloud Storage.", "properties": { "bucket": { "type": "string", "description": "Google Cloud Storage bucket containing source (see [Bucket Name Requirements] (https://cloud.google.com/storage/docs/bucket-naming#requirements))." }, "generation": { "type": "string", "description": "Google Cloud Storage generation for the object." }, "object": { "type": "string", "description": "Google Cloud Storage object containing source." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:StorageSourceResponse": { "description": "StorageSource describes the location of the source in an archive file in Google Cloud Storage.", "properties": { "bucket": { "type": "string", "description": "Google Cloud Storage bucket containing source (see [Bucket Name Requirements] (https://cloud.google.com/storage/docs/bucket-naming#requirements))." }, "generation": { "type": "string", "description": "Google Cloud Storage generation for the object." }, "object": { "type": "string", "description": "Google Cloud Storage object containing source." } }, "type": "object", "required": [ "bucket", "generation", "object" ] }, "google-native:containeranalysis/v1alpha1:Subject": { "description": "Subject refers to the subject of the intoto statement", "properties": { "digest": { "type": "object", "additionalProperties": { "type": "string" }, "description": "\"\": \"\" Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet" }, "name": { "type": "string", "description": "name is the name of the Subject used here" } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:SubjectResponse": { "description": "Subject refers to the subject of the intoto statement", "properties": { "digest": { "type": "object", "additionalProperties": { "type": "string" }, "description": "\"\": \"\" Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet" }, "name": { "type": "string", "description": "name is the name of the Subject used here" } }, "type": "object", "required": [ "digest", "name" ] }, "google-native:containeranalysis/v1alpha1:URI": { "description": "An URI message.", "properties": { "label": { "type": "string", "description": "A label for the URI." }, "uri": { "type": "string", "description": "The unique resource identifier." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:URIResponse": { "description": "An URI message.", "properties": { "label": { "type": "string", "description": "A label for the URI." }, "uri": { "type": "string", "description": "The unique resource identifier." } }, "type": "object", "required": [ "label", "uri" ] }, "google-native:containeranalysis/v1alpha1:UpgradeDistribution": { "description": "The Upgrade Distribution represents metadata about the Upgrade for each operating system (CPE). Some distributions have additional metadata around updates, classifying them into various categories and severities.", "properties": { "classification": { "type": "string", "description": "The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed." }, "cpeUri": { "type": "string", "description": "Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/." }, "cve": { "type": "array", "items": { "type": "string" }, "description": "The cve that would be resolved by this upgrade." }, "severity": { "type": "string", "description": "The severity as specified by the upstream operating system." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:UpgradeDistributionResponse": { "description": "The Upgrade Distribution represents metadata about the Upgrade for each operating system (CPE). Some distributions have additional metadata around updates, classifying them into various categories and severities.", "properties": { "classification": { "type": "string", "description": "The operating system classification of this Upgrade, as specified by the upstream operating system upgrade feed." }, "cpeUri": { "type": "string", "description": "Required - The specific operating system this metadata applies to. See https://cpe.mitre.org/specification/." }, "cve": { "type": "array", "items": { "type": "string" }, "description": "The cve that would be resolved by this upgrade." }, "severity": { "type": "string", "description": "The severity as specified by the upstream operating system." } }, "type": "object", "required": [ "classification", "cpeUri", "cve", "severity" ] }, "google-native:containeranalysis/v1alpha1:UpgradeNote": { "description": "An Upgrade Note represents a potential upgrade of a package to a given version. For each package version combination (i.e. bash 4.0, bash 4.1, bash 4.1.2), there will be a Upgrade Note.", "properties": { "distributions": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:UpgradeDistribution" }, "description": "Metadata about the upgrade for each specific operating system." }, "package": { "type": "string", "description": "Required - The package this Upgrade is for." }, "version": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Version", "description": "Required - The version of the package in machine + human readable form." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:UpgradeNoteResponse": { "description": "An Upgrade Note represents a potential upgrade of a package to a given version. For each package version combination (i.e. bash 4.0, bash 4.1, bash 4.1.2), there will be a Upgrade Note.", "properties": { "distributions": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:UpgradeDistributionResponse" }, "description": "Metadata about the upgrade for each specific operating system." }, "package": { "type": "string", "description": "Required - The package this Upgrade is for." }, "version": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:VersionResponse", "description": "Required - The version of the package in machine + human readable form." } }, "type": "object", "required": [ "distributions", "package", "version" ] }, "google-native:containeranalysis/v1alpha1:UpgradeOccurrence": { "description": "An Upgrade Occurrence represents that a specific resource_url could install a specific upgrade. This presence is supplied via local sources (i.e. it is present in the mirror and the running system has noticed its availability).", "properties": { "distribution": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:UpgradeDistribution", "description": "Metadata about the upgrade for available for the specific operating system for the resource_url. This allows efficient filtering, as well as making it easier to use the occurrence." }, "package": { "type": "string", "description": "Required - The package this Upgrade is for." }, "parsedVersion": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Version", "description": "Required - The version of the package in a machine + human readable form." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:UpgradeOccurrenceResponse": { "description": "An Upgrade Occurrence represents that a specific resource_url could install a specific upgrade. This presence is supplied via local sources (i.e. it is present in the mirror and the running system has noticed its availability).", "properties": { "distribution": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:UpgradeDistributionResponse", "description": "Metadata about the upgrade for available for the specific operating system for the resource_url. This allows efficient filtering, as well as making it easier to use the occurrence." }, "package": { "type": "string", "description": "Required - The package this Upgrade is for." }, "parsedVersion": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:VersionResponse", "description": "Required - The version of the package in a machine + human readable form." } }, "type": "object", "required": [ "distribution", "package", "parsedVersion" ] }, "google-native:containeranalysis/v1alpha1:Version": { "description": "Version contains structured information about the version of the package. For a discussion of this in Debian/Ubuntu: http://serverfault.com/questions/604541/debian-packages-version-convention For a discussion of this in Redhat/Fedora/Centos: http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/", "properties": { "epoch": { "type": "integer", "description": "Used to correct mistakes in the version numbering scheme." }, "inclusive": { "type": "boolean", "description": "Whether this version is vulnerable, when defining the version bounds. For example, if the minimum version is 2.0, inclusive=true would say 2.0 is vulnerable, while inclusive=false would say it's not" }, "kind": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:VersionKind", "description": "Distinguish between sentinel MIN/MAX versions and normal versions. If kind is not NORMAL, then the other fields are ignored." }, "name": { "type": "string", "description": "The main part of the version name." }, "revision": { "type": "string", "description": "The iteration of the package build from the above version." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:VersionKind": { "description": "Distinguish between sentinel MIN/MAX versions and normal versions. If kind is not NORMAL, then the other fields are ignored.", "type": "string", "enum": [ { "name": "Normal", "description": "A standard package version, defined by the other fields.", "value": "NORMAL" }, { "name": "Minimum", "description": "A special version representing negative infinity, other fields are ignored.", "value": "MINIMUM" }, { "name": "Maximum", "description": "A special version representing positive infinity, other fields are ignored.", "value": "MAXIMUM" } ] }, "google-native:containeranalysis/v1alpha1:VersionResponse": { "description": "Version contains structured information about the version of the package. For a discussion of this in Debian/Ubuntu: http://serverfault.com/questions/604541/debian-packages-version-convention For a discussion of this in Redhat/Fedora/Centos: http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/", "properties": { "epoch": { "type": "integer", "description": "Used to correct mistakes in the version numbering scheme." }, "inclusive": { "type": "boolean", "description": "Whether this version is vulnerable, when defining the version bounds. For example, if the minimum version is 2.0, inclusive=true would say 2.0 is vulnerable, while inclusive=false would say it's not" }, "kind": { "type": "string", "description": "Distinguish between sentinel MIN/MAX versions and normal versions. If kind is not NORMAL, then the other fields are ignored." }, "name": { "type": "string", "description": "The main part of the version name." }, "revision": { "type": "string", "description": "The iteration of the package build from the above version." } }, "type": "object", "required": [ "epoch", "inclusive", "kind", "name", "revision" ] }, "google-native:containeranalysis/v1alpha1:VexAssessment": { "description": "VexAssessment provides all publisher provided Vex information that is related to this vulnerability.", "properties": { "cve": { "type": "string", "description": "Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability." }, "impacts": { "type": "array", "items": { "type": "string" }, "description": "Contains information about the impact of this vulnerability, this will change with time." }, "justification": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Justification", "description": "Justification provides the justification when the state of the assessment if NOT_AFFECTED." }, "noteName": { "type": "string", "description": "The VulnerabilityAssessment note from which this VexAssessment was generated. This will be of the form: `projects/[PROJECT_ID]/notes/[NOTE_ID]`." }, "relatedUris": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:URI" }, "description": "Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability." }, "remediations": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Remediation" }, "description": "Specifies details on how to handle (and presumably, fix) a vulnerability." }, "state": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:VexAssessmentState", "description": "Provides the state of this Vulnerability assessment." }, "vulnerabilityId": { "type": "string", "description": "The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:VexAssessmentResponse": { "description": "VexAssessment provides all publisher provided Vex information that is related to this vulnerability.", "properties": { "cve": { "type": "string", "description": "Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability." }, "impacts": { "type": "array", "items": { "type": "string" }, "description": "Contains information about the impact of this vulnerability, this will change with time." }, "justification": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:JustificationResponse", "description": "Justification provides the justification when the state of the assessment if NOT_AFFECTED." }, "noteName": { "type": "string", "description": "The VulnerabilityAssessment note from which this VexAssessment was generated. This will be of the form: `projects/[PROJECT_ID]/notes/[NOTE_ID]`." }, "relatedUris": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:URIResponse" }, "description": "Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability." }, "remediations": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:RemediationResponse" }, "description": "Specifies details on how to handle (and presumably, fix) a vulnerability." }, "state": { "type": "string", "description": "Provides the state of this Vulnerability assessment." }, "vulnerabilityId": { "type": "string", "description": "The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc." } }, "type": "object", "required": [ "cve", "impacts", "justification", "noteName", "relatedUris", "remediations", "state", "vulnerabilityId" ] }, "google-native:containeranalysis/v1alpha1:VexAssessmentState": { "description": "Provides the state of this Vulnerability assessment.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "No state is specified.", "value": "STATE_UNSPECIFIED" }, { "name": "Affected", "description": "This product is known to be affected by this vulnerability.", "value": "AFFECTED" }, { "name": "NotAffected", "description": "This product is known to be not affected by this vulnerability.", "value": "NOT_AFFECTED" }, { "name": "Fixed", "description": "This product contains a fix for this vulnerability.", "value": "FIXED" }, { "name": "UnderInvestigation", "description": "It is not known yet whether these versions are or are not affected by the vulnerability. However, it is still under investigation.", "value": "UNDER_INVESTIGATION" } ] }, "google-native:containeranalysis/v1alpha1:VulnerabilityAssessmentNote": { "description": "A single VulnerabilityAssessmentNote represents one particular product's vulnerability assessment for one CVE. Multiple VulnerabilityAssessmentNotes together form a Vex statement. Please go/sds-vex-example for a sample Vex statement in the CSAF format.", "properties": { "assessment": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Assessment", "description": "Represents a vulnerability assessment for the product." }, "languageCode": { "type": "string", "description": "Identifies the language used by this document, corresponding to IETF BCP 47 / RFC 5646." }, "longDescription": { "type": "string", "description": "A detailed description of this Vex." }, "product": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Product", "description": "The product affected by this vex." }, "publisher": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Publisher", "description": "Publisher details of this Note." }, "shortDescription": { "type": "string", "description": "A one sentence description of this Vex." }, "title": { "type": "string", "description": "The title of the note. E.g. `Vex-Debian-11.4`" } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:VulnerabilityAssessmentNoteResponse": { "description": "A single VulnerabilityAssessmentNote represents one particular product's vulnerability assessment for one CVE. Multiple VulnerabilityAssessmentNotes together form a Vex statement. Please go/sds-vex-example for a sample Vex statement in the CSAF format.", "properties": { "assessment": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:AssessmentResponse", "description": "Represents a vulnerability assessment for the product." }, "languageCode": { "type": "string", "description": "Identifies the language used by this document, corresponding to IETF BCP 47 / RFC 5646." }, "longDescription": { "type": "string", "description": "A detailed description of this Vex." }, "product": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:ProductResponse", "description": "The product affected by this vex." }, "publisher": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:PublisherResponse", "description": "Publisher details of this Note." }, "shortDescription": { "type": "string", "description": "A one sentence description of this Vex." }, "title": { "type": "string", "description": "The title of the note. E.g. `Vex-Debian-11.4`" } }, "type": "object", "required": [ "assessment", "languageCode", "longDescription", "product", "publisher", "shortDescription", "title" ] }, "google-native:containeranalysis/v1alpha1:VulnerabilityDetails": { "description": "Used by Occurrence to point to where the vulnerability exists and how to fix it.", "properties": { "cvssV2": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:CVSS", "description": "The CVSS v2 score of this vulnerability." }, "cvssV3": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:CVSS", "description": "The CVSS v3 score of this vulnerability." }, "effectiveSeverity": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:VulnerabilityDetailsEffectiveSeverity", "description": "The distro assigned severity for this vulnerability when that is available and note provider assigned severity when distro has not yet assigned a severity for this vulnerability. When there are multiple package issues for this vulnerability, they can have different effective severities because some might come from the distro and some might come from installed language packs (e.g. Maven JARs or Go binaries). For this reason, it is advised to use the effective severity on the PackageIssue level, as this field may eventually be deprecated. In the case where multiple PackageIssues have different effective severities, the one set here will be the highest severity of any of the PackageIssues." }, "extraDetails": { "type": "string", "description": "Occurrence-specific extra details about the vulnerability." }, "packageIssue": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:PackageIssue" }, "description": "The set of affected locations and their fixes (if available) within the associated resource." }, "type": { "type": "string", "description": "The type of package; whether native or non native(ruby gems, node.js packages etc). This may be deprecated in the future because we can have multiple PackageIssues with different package types." }, "vexAssessment": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:VexAssessment", "description": "VexAssessment provides all publisher provided Vex information that is related to this vulnerability for this resource." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:VulnerabilityDetailsEffectiveSeverity": { "description": "The distro assigned severity for this vulnerability when that is available and note provider assigned severity when distro has not yet assigned a severity for this vulnerability. When there are multiple package issues for this vulnerability, they can have different effective severities because some might come from the distro and some might come from installed language packs (e.g. Maven JARs or Go binaries). For this reason, it is advised to use the effective severity on the PackageIssue level, as this field may eventually be deprecated. In the case where multiple PackageIssues have different effective severities, the one set here will be the highest severity of any of the PackageIssues.", "type": "string", "enum": [ { "name": "SeverityUnspecified", "description": "Unknown Impact", "value": "SEVERITY_UNSPECIFIED" }, { "name": "Minimal", "description": "Minimal Impact", "value": "MINIMAL" }, { "name": "Low", "description": "Low Impact", "value": "LOW" }, { "name": "Medium", "description": "Medium Impact", "value": "MEDIUM" }, { "name": "High", "description": "High Impact", "value": "HIGH" }, { "name": "Critical", "description": "Critical Impact", "value": "CRITICAL" } ] }, "google-native:containeranalysis/v1alpha1:VulnerabilityDetailsResponse": { "description": "Used by Occurrence to point to where the vulnerability exists and how to fix it.", "properties": { "cvssScore": { "type": "number", "description": "The CVSS score of this vulnerability. CVSS score is on a scale of 0-10 where 0 indicates low severity and 10 indicates high severity." }, "cvssV2": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:CVSSResponse", "description": "The CVSS v2 score of this vulnerability." }, "cvssV3": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:CVSSResponse", "description": "The CVSS v3 score of this vulnerability." }, "cvssVersion": { "type": "string", "description": "CVSS version used to populate cvss_score and severity." }, "effectiveSeverity": { "type": "string", "description": "The distro assigned severity for this vulnerability when that is available and note provider assigned severity when distro has not yet assigned a severity for this vulnerability. When there are multiple package issues for this vulnerability, they can have different effective severities because some might come from the distro and some might come from installed language packs (e.g. Maven JARs or Go binaries). For this reason, it is advised to use the effective severity on the PackageIssue level, as this field may eventually be deprecated. In the case where multiple PackageIssues have different effective severities, the one set here will be the highest severity of any of the PackageIssues." }, "extraDetails": { "type": "string", "description": "Occurrence-specific extra details about the vulnerability." }, "packageIssue": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:PackageIssueResponse" }, "description": "The set of affected locations and their fixes (if available) within the associated resource." }, "severity": { "type": "string", "description": "The note provider assigned Severity of the vulnerability." }, "type": { "type": "string", "description": "The type of package; whether native or non native(ruby gems, node.js packages etc). This may be deprecated in the future because we can have multiple PackageIssues with different package types." }, "vexAssessment": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:VexAssessmentResponse", "description": "VexAssessment provides all publisher provided Vex information that is related to this vulnerability for this resource." } }, "type": "object", "required": [ "cvssScore", "cvssV2", "cvssV3", "cvssVersion", "effectiveSeverity", "extraDetails", "packageIssue", "severity", "type", "vexAssessment" ] }, "google-native:containeranalysis/v1alpha1:VulnerabilityLocation": { "description": "The location of the vulnerability", "properties": { "cpeUri": { "type": "string", "description": "The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) format. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests." }, "fileLocation": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:FileLocation" }, "description": "The file location at which this package was found." }, "package": { "type": "string", "description": "The package being described." }, "version": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Version", "description": "The version of the package being described. This field can be used as a filter in list requests." } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:VulnerabilityLocationResponse": { "description": "The location of the vulnerability", "properties": { "cpeUri": { "type": "string", "description": "The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) format. Examples include distro or storage location for vulnerable jar. This field can be used as a filter in list requests." }, "fileLocation": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:FileLocationResponse" }, "description": "The file location at which this package was found." }, "package": { "type": "string", "description": "The package being described." }, "version": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:VersionResponse", "description": "The version of the package being described. This field can be used as a filter in list requests." } }, "type": "object", "required": [ "cpeUri", "fileLocation", "package", "version" ] }, "google-native:containeranalysis/v1alpha1:VulnerabilityType": { "description": "VulnerabilityType provides metadata about a security vulnerability.", "properties": { "cvssScore": { "type": "number", "description": "The CVSS score for this Vulnerability." }, "cvssV2": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:CVSS", "description": "The full description of the CVSS for version 2." }, "cvssVersion": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:VulnerabilityTypeCvssVersion", "description": "CVSS version used to populate cvss_score and severity." }, "cwe": { "type": "array", "items": { "type": "string" }, "description": "A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html" }, "details": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:Detail" }, "description": "All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in." }, "severity": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:VulnerabilityTypeSeverity", "description": "Note provider assigned impact of the vulnerability" } }, "type": "object" }, "google-native:containeranalysis/v1alpha1:VulnerabilityTypeCvssVersion": { "description": "CVSS version used to populate cvss_score and severity.", "type": "string", "enum": [ { "name": "CvssVersionUnspecified", "description": "CVSS Version unspecified.", "value": "CVSS_VERSION_UNSPECIFIED" }, { "name": "CvssVersion2", "description": "CVSS v2.", "value": "CVSS_VERSION_2" }, { "name": "CvssVersion3", "description": "CVSS v3.", "value": "CVSS_VERSION_3" } ] }, "google-native:containeranalysis/v1alpha1:VulnerabilityTypeResponse": { "description": "VulnerabilityType provides metadata about a security vulnerability.", "properties": { "cvssScore": { "type": "number", "description": "The CVSS score for this Vulnerability." }, "cvssV2": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:CVSSResponse", "description": "The full description of the CVSS for version 2." }, "cvssVersion": { "type": "string", "description": "CVSS version used to populate cvss_score and severity." }, "cwe": { "type": "array", "items": { "type": "string" }, "description": "A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html" }, "details": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1alpha1:DetailResponse" }, "description": "All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in." }, "severity": { "type": "string", "description": "Note provider assigned impact of the vulnerability" } }, "type": "object", "required": [ "cvssScore", "cvssV2", "cvssVersion", "cwe", "details", "severity" ] }, "google-native:containeranalysis/v1alpha1:VulnerabilityTypeSeverity": { "description": "Note provider assigned impact of the vulnerability", "type": "string", "enum": [ { "name": "SeverityUnspecified", "description": "Unknown Impact", "value": "SEVERITY_UNSPECIFIED" }, { "name": "Minimal", "description": "Minimal Impact", "value": "MINIMAL" }, { "name": "Low", "description": "Low Impact", "value": "LOW" }, { "name": "Medium", "description": "Medium Impact", "value": "MEDIUM" }, { "name": "High", "description": "High Impact", "value": "HIGH" }, { "name": "Critical", "description": "Critical Impact", "value": "CRITICAL" } ] }, "google-native:containeranalysis/v1beta1:AliasContext": { "description": "An alias to a repo revision.", "properties": { "kind": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:AliasContextKind", "description": "The alias kind." }, "name": { "type": "string", "description": "The alias name." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:AliasContextKind": { "description": "The alias kind.", "type": "string", "enum": [ { "name": "KindUnspecified", "description": "Unknown.", "value": "KIND_UNSPECIFIED" }, { "name": "Fixed", "description": "Git tag.", "value": "FIXED" }, { "name": "Movable", "description": "Git branch.", "value": "MOVABLE" }, { "name": "Other", "description": "Used to specify non-standard aliases. For example, if a Git repo has a ref named \"refs/foo/bar\".", "value": "OTHER" } ] }, "google-native:containeranalysis/v1beta1:AliasContextResponse": { "description": "An alias to a repo revision.", "properties": { "kind": { "type": "string", "description": "The alias kind." }, "name": { "type": "string", "description": "The alias name." } }, "type": "object", "required": [ "kind", "name" ] }, "google-native:containeranalysis/v1beta1:AnalysisCompleted": { "description": "Indicates which analysis completed successfully. Multiple types of analysis can be performed on a single resource.", "properties": { "analysisType": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "google-native:containeranalysis/v1beta1:AnalysisCompletedResponse": { "description": "Indicates which analysis completed successfully. Multiple types of analysis can be performed on a single resource.", "properties": { "analysisType": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "analysisType" ] }, "google-native:containeranalysis/v1beta1:Artifact": { "description": "Artifact describes a build product.", "properties": { "checksum": { "type": "string", "description": "Hash or checksum value of a binary, or Docker Registry 2.0 digest of a container." }, "id": { "type": "string", "description": "Artifact ID, if any; for container images, this will be a URL by digest like `gcr.io/projectID/imagename@sha256:123456`." }, "names": { "type": "array", "items": { "type": "string" }, "description": "Related artifact names. This may be the path to a binary or jar file, or in the case of a container build, the name used to push the container image to Google Container Registry, as presented to `docker push`. Note that a single Artifact ID can have multiple names, for example if two tags are applied to one image." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:ArtifactHashes": { "description": "Defines a hash object for use in Materials and Products.", "properties": { "sha256": { "type": "string" } }, "type": "object" }, "google-native:containeranalysis/v1beta1:ArtifactHashesResponse": { "description": "Defines a hash object for use in Materials and Products.", "properties": { "sha256": { "type": "string" } }, "type": "object", "required": [ "sha256" ] }, "google-native:containeranalysis/v1beta1:ArtifactResponse": { "description": "Artifact describes a build product.", "properties": { "checksum": { "type": "string", "description": "Hash or checksum value of a binary, or Docker Registry 2.0 digest of a container." }, "names": { "type": "array", "items": { "type": "string" }, "description": "Related artifact names. This may be the path to a binary or jar file, or in the case of a container build, the name used to push the container image to Google Container Registry, as presented to `docker push`. Note that a single Artifact ID can have multiple names, for example if two tags are applied to one image." } }, "type": "object", "required": [ "checksum", "names" ] }, "google-native:containeranalysis/v1beta1:ArtifactRule": { "description": "Defines an object to declare an in-toto artifact rule", "properties": { "artifactRule": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "google-native:containeranalysis/v1beta1:ArtifactRuleResponse": { "description": "Defines an object to declare an in-toto artifact rule", "properties": { "artifactRule": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "artifactRule" ] }, "google-native:containeranalysis/v1beta1:Assessment": { "description": "Assessment provides all information that is related to a single vulnerability for this product.", "properties": { "cve": { "type": "string", "description": "Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.", "deprecationMessage": "Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs." }, "impacts": { "type": "array", "items": { "type": "string" }, "description": "Contains information about the impact of this vulnerability, this will change with time." }, "justification": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Justification", "description": "Justification provides the justification when the state of the assessment if NOT_AFFECTED." }, "longDescription": { "type": "string", "description": "A detailed description of this Vex." }, "relatedUris": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:RelatedUrl" }, "description": "Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability." }, "remediations": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Remediation" }, "description": "Specifies details on how to handle (and presumably, fix) a vulnerability." }, "shortDescription": { "type": "string", "description": "A one sentence description of this Vex." }, "state": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:AssessmentState", "description": "Provides the state of this Vulnerability assessment." }, "vulnerabilityId": { "type": "string", "description": "The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:AssessmentResponse": { "description": "Assessment provides all information that is related to a single vulnerability for this product.", "properties": { "cve": { "type": "string", "description": "Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.", "deprecationMessage": "Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs." }, "impacts": { "type": "array", "items": { "type": "string" }, "description": "Contains information about the impact of this vulnerability, this will change with time." }, "justification": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:JustificationResponse", "description": "Justification provides the justification when the state of the assessment if NOT_AFFECTED." }, "longDescription": { "type": "string", "description": "A detailed description of this Vex." }, "relatedUris": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:RelatedUrlResponse" }, "description": "Holds a list of references associated with this vulnerability item and assessment. These uris have additional information about the vulnerability and the assessment itself. E.g. Link to a document which details how this assessment concluded the state of this vulnerability." }, "remediations": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:RemediationResponse" }, "description": "Specifies details on how to handle (and presumably, fix) a vulnerability." }, "shortDescription": { "type": "string", "description": "A one sentence description of this Vex." }, "state": { "type": "string", "description": "Provides the state of this Vulnerability assessment." }, "vulnerabilityId": { "type": "string", "description": "The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc." } }, "type": "object", "required": [ "cve", "impacts", "justification", "longDescription", "relatedUris", "remediations", "shortDescription", "state", "vulnerabilityId" ] }, "google-native:containeranalysis/v1beta1:AssessmentState": { "description": "Provides the state of this Vulnerability assessment.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "No state is specified.", "value": "STATE_UNSPECIFIED" }, { "name": "Affected", "description": "This product is known to be affected by this vulnerability.", "value": "AFFECTED" }, { "name": "NotAffected", "description": "This product is known to be not affected by this vulnerability.", "value": "NOT_AFFECTED" }, { "name": "Fixed", "description": "This product contains a fix for this vulnerability.", "value": "FIXED" }, { "name": "UnderInvestigation", "description": "It is not known yet whether these versions are or are not affected by the vulnerability. However, it is still under investigation.", "value": "UNDER_INVESTIGATION" } ] }, "google-native:containeranalysis/v1beta1:Attestation": { "description": "Occurrence that represents a single \"attestation\". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for look-up (how to find this attestation if you already know the authority and artifact to be verified) and intent (which authority was this attestation intended to sign for).", "properties": { "genericSignedAttestation": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:GenericSignedAttestation" }, "pgpSignedAttestation": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:PgpSignedAttestation", "description": "A PGP signed attestation." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:AttestationResponse": { "description": "Occurrence that represents a single \"attestation\". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for look-up (how to find this attestation if you already know the authority and artifact to be verified) and intent (which authority was this attestation intended to sign for).", "properties": { "genericSignedAttestation": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:GenericSignedAttestationResponse" }, "pgpSignedAttestation": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:PgpSignedAttestationResponse", "description": "A PGP signed attestation." } }, "type": "object", "required": [ "genericSignedAttestation", "pgpSignedAttestation" ] }, "google-native:containeranalysis/v1beta1:Authority": { "description": "Note kind that represents a logical attestation \"role\" or \"authority\". For example, an organization might have one `Authority` for \"QA\" and one for \"build\". This note is intended to act strictly as a grouping mechanism for the attached occurrences (Attestations). This grouping mechanism also provides a security boundary, since IAM ACLs gate the ability for a principle to attach an occurrence to a given note. It also provides a single point of lookup to find all attached attestation occurrences, even if they don't all live in the same project.", "properties": { "hint": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Hint", "description": "Hint hints at the purpose of the attestation authority." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:AuthorityResponse": { "description": "Note kind that represents a logical attestation \"role\" or \"authority\". For example, an organization might have one `Authority` for \"QA\" and one for \"build\". This note is intended to act strictly as a grouping mechanism for the attached occurrences (Attestations). This grouping mechanism also provides a security boundary, since IAM ACLs gate the ability for a principle to attach an occurrence to a given note. It also provides a single point of lookup to find all attached attestation occurrences, even if they don't all live in the same project.", "properties": { "hint": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:HintResponse", "description": "Hint hints at the purpose of the attestation authority." } }, "type": "object", "required": [ "hint" ] }, "google-native:containeranalysis/v1beta1:Basis": { "description": "Basis describes the base image portion (Note) of the DockerImage relationship. Linked occurrences are derived from this or an equivalent image via: FROM Or an equivalent reference, e.g. a tag of the resource_url.", "properties": { "fingerprint": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Fingerprint", "description": "Immutable. The fingerprint of the base image." }, "resourceUrl": { "type": "string", "description": "Immutable. The resource_url for the resource representing the basis of associated occurrence images." } }, "type": "object", "required": [ "fingerprint", "resourceUrl" ] }, "google-native:containeranalysis/v1beta1:BasisResponse": { "description": "Basis describes the base image portion (Note) of the DockerImage relationship. Linked occurrences are derived from this or an equivalent image via: FROM Or an equivalent reference, e.g. a tag of the resource_url.", "properties": { "fingerprint": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:FingerprintResponse", "description": "Immutable. The fingerprint of the base image." }, "resourceUrl": { "type": "string", "description": "Immutable. The resource_url for the resource representing the basis of associated occurrence images." } }, "type": "object", "required": [ "fingerprint", "resourceUrl" ] }, "google-native:containeranalysis/v1beta1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:containeranalysis/v1beta1:Build": { "description": "Note holding the version of the provider's builder and the signature of the provenance message in the build details occurrence.", "properties": { "builderVersion": { "type": "string", "description": "Immutable. Version of the builder which produced this build." }, "signature": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:BuildSignature", "description": "Signature of the build in occurrences pointing to this build note containing build details." } }, "type": "object", "required": [ "builderVersion" ] }, "google-native:containeranalysis/v1beta1:BuildDefinition": { "properties": { "buildType": { "type": "string" }, "externalParameters": { "type": "object", "additionalProperties": { "type": "string" } }, "internalParameters": { "type": "object", "additionalProperties": { "type": "string" } }, "resolvedDependencies": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:ResourceDescriptor" } } }, "type": "object" }, "google-native:containeranalysis/v1beta1:BuildDefinitionResponse": { "properties": { "buildType": { "type": "string" }, "externalParameters": { "type": "object", "additionalProperties": { "type": "string" } }, "internalParameters": { "type": "object", "additionalProperties": { "type": "string" } }, "resolvedDependencies": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:ResourceDescriptorResponse" } } }, "type": "object", "required": [ "buildType", "externalParameters", "internalParameters", "resolvedDependencies" ] }, "google-native:containeranalysis/v1beta1:BuildMetadata": { "properties": { "finishedOn": { "type": "string" }, "invocationId": { "type": "string" }, "startedOn": { "type": "string" } }, "type": "object" }, "google-native:containeranalysis/v1beta1:BuildMetadataResponse": { "properties": { "finishedOn": { "type": "string" }, "invocationId": { "type": "string" }, "startedOn": { "type": "string" } }, "type": "object", "required": [ "finishedOn", "invocationId", "startedOn" ] }, "google-native:containeranalysis/v1beta1:BuildProvenance": { "description": "Provenance of a build. Contains all information needed to verify the full details about the build from source to completion.", "properties": { "buildOptions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Special options applied to this build. This is a catch-all field where build providers can enter any desired additional details." }, "builderVersion": { "type": "string", "description": "Version string of the builder at the time this build was executed." }, "builtArtifacts": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Artifact" }, "description": "Output of the build." }, "commands": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Command" }, "description": "Commands requested by the build." }, "createTime": { "type": "string", "description": "Time at which the build was created." }, "creator": { "type": "string", "description": "E-mail address of the user who initiated this build. Note that this was the user's e-mail address at the time the build was initiated; this address may not represent the same end-user for all time." }, "endTime": { "type": "string", "description": "Time at which execution of the build was finished." }, "id": { "type": "string", "description": "Unique identifier of the build." }, "logsUri": { "type": "string", "description": "URI where any logs for this provenance were written." }, "project": { "type": "string", "description": "ID of the project." }, "sourceProvenance": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Source", "description": "Details of the Source input to the build." }, "startTime": { "type": "string", "description": "Time at which execution of the build was started." }, "triggerId": { "type": "string", "description": "Trigger identifier if the build was triggered automatically; empty if not." } }, "type": "object", "required": [ "id" ] }, "google-native:containeranalysis/v1beta1:BuildProvenanceResponse": { "description": "Provenance of a build. Contains all information needed to verify the full details about the build from source to completion.", "properties": { "buildOptions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Special options applied to this build. This is a catch-all field where build providers can enter any desired additional details." }, "builderVersion": { "type": "string", "description": "Version string of the builder at the time this build was executed." }, "builtArtifacts": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:ArtifactResponse" }, "description": "Output of the build." }, "commands": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:CommandResponse" }, "description": "Commands requested by the build." }, "createTime": { "type": "string", "description": "Time at which the build was created." }, "creator": { "type": "string", "description": "E-mail address of the user who initiated this build. Note that this was the user's e-mail address at the time the build was initiated; this address may not represent the same end-user for all time." }, "endTime": { "type": "string", "description": "Time at which execution of the build was finished." }, "logsUri": { "type": "string", "description": "URI where any logs for this provenance were written." }, "project": { "type": "string", "description": "ID of the project." }, "sourceProvenance": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:SourceResponse", "description": "Details of the Source input to the build." }, "startTime": { "type": "string", "description": "Time at which execution of the build was started." }, "triggerId": { "type": "string", "description": "Trigger identifier if the build was triggered automatically; empty if not." } }, "type": "object", "required": [ "buildOptions", "builderVersion", "builtArtifacts", "commands", "createTime", "creator", "endTime", "logsUri", "project", "sourceProvenance", "startTime", "triggerId" ] }, "google-native:containeranalysis/v1beta1:BuildResponse": { "description": "Note holding the version of the provider's builder and the signature of the provenance message in the build details occurrence.", "properties": { "builderVersion": { "type": "string", "description": "Immutable. Version of the builder which produced this build." }, "signature": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:BuildSignatureResponse", "description": "Signature of the build in occurrences pointing to this build note containing build details." } }, "type": "object", "required": [ "builderVersion", "signature" ] }, "google-native:containeranalysis/v1beta1:BuildSignature": { "description": "Message encapsulating the signature of the verified build.", "properties": { "keyId": { "type": "string", "description": "An ID for the key used to sign. This could be either an ID for the key stored in `public_key` (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service)." }, "keyType": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:BuildSignatureKeyType", "description": "The type of the key, either stored in `public_key` or referenced in `key_id`." }, "publicKey": { "type": "string", "description": "Public key of the builder which can be used to verify that the related findings are valid and unchanged. If `key_type` is empty, this defaults to PEM encoded public keys. This field may be empty if `key_id` references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from `BuildDetails` are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: `openssl sha256 -verify public.pem -signature signature.bin signed.bin`" }, "signature": { "type": "string", "description": "Signature of the related `BuildProvenance`. In JSON, this is base-64 encoded." } }, "type": "object", "required": [ "signature" ] }, "google-native:containeranalysis/v1beta1:BuildSignatureKeyType": { "description": "The type of the key, either stored in `public_key` or referenced in `key_id`.", "type": "string", "enum": [ { "name": "KeyTypeUnspecified", "description": "`KeyType` is not set.", "value": "KEY_TYPE_UNSPECIFIED" }, { "name": "PgpAsciiArmored", "description": "`PGP ASCII Armored` public key.", "value": "PGP_ASCII_ARMORED" }, { "name": "PkixPem", "description": "`PKIX PEM` public key.", "value": "PKIX_PEM" } ] }, "google-native:containeranalysis/v1beta1:BuildSignatureResponse": { "description": "Message encapsulating the signature of the verified build.", "properties": { "keyId": { "type": "string", "description": "An ID for the key used to sign. This could be either an ID for the key stored in `public_key` (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service)." }, "keyType": { "type": "string", "description": "The type of the key, either stored in `public_key` or referenced in `key_id`." }, "publicKey": { "type": "string", "description": "Public key of the builder which can be used to verify that the related findings are valid and unchanged. If `key_type` is empty, this defaults to PEM encoded public keys. This field may be empty if `key_id` references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from `BuildDetails` are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: `openssl sha256 -verify public.pem -signature signature.bin signed.bin`" }, "signature": { "type": "string", "description": "Signature of the related `BuildProvenance`. In JSON, this is base-64 encoded." } }, "type": "object", "required": [ "keyId", "keyType", "publicKey", "signature" ] }, "google-native:containeranalysis/v1beta1:ByProducts": { "description": "Defines an object for the byproducts field in in-toto links. The suggested fields are \"stderr\", \"stdout\", and \"return-value\".", "properties": { "customValues": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" }, "google-native:containeranalysis/v1beta1:ByProductsResponse": { "description": "Defines an object for the byproducts field in in-toto links. The suggested fields are \"stderr\", \"stdout\", and \"return-value\".", "properties": { "customValues": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "customValues" ] }, "google-native:containeranalysis/v1beta1:CVSS": { "description": "Common Vulnerability Scoring System. This message is compatible with CVSS v2 and v3. For CVSS v2 details, see https://www.first.org/cvss/v2/guide CVSS v2 calculator: https://nvd.nist.gov/vuln-metrics/cvss/v2-calculator For CVSS v3 details, see https://www.first.org/cvss/specification-document CVSS v3 calculator: https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator", "properties": { "attackComplexity": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:CVSSAttackComplexity", "description": "Defined in CVSS v3, CVSS v2" }, "attackVector": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:CVSSAttackVector", "description": "Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2" }, "authentication": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:CVSSAuthentication", "description": "Defined in CVSS v2" }, "availabilityImpact": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:CVSSAvailabilityImpact", "description": "Defined in CVSS v3, CVSS v2" }, "baseScore": { "type": "number", "description": "The base score is a function of the base metric scores." }, "confidentialityImpact": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:CVSSConfidentialityImpact", "description": "Defined in CVSS v3, CVSS v2" }, "exploitabilityScore": { "type": "number" }, "impactScore": { "type": "number" }, "integrityImpact": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:CVSSIntegrityImpact", "description": "Defined in CVSS v3, CVSS v2" }, "privilegesRequired": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:CVSSPrivilegesRequired", "description": "Defined in CVSS v3" }, "scope": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:CVSSScope", "description": "Defined in CVSS v3" }, "userInteraction": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:CVSSUserInteraction", "description": "Defined in CVSS v3" } }, "type": "object" }, "google-native:containeranalysis/v1beta1:CVSSAttackComplexity": { "description": "Defined in CVSS v3, CVSS v2", "type": "string", "enum": [ { "name": "AttackComplexityUnspecified", "description": "Defined in CVSS v3, CVSS v2", "value": "ATTACK_COMPLEXITY_UNSPECIFIED" }, { "name": "AttackComplexityLow", "description": "Defined in CVSS v3, CVSS v2", "value": "ATTACK_COMPLEXITY_LOW" }, { "name": "AttackComplexityHigh", "description": "Defined in CVSS v3, CVSS v2", "value": "ATTACK_COMPLEXITY_HIGH" }, { "name": "AttackComplexityMedium", "description": "Defined in CVSS v2", "value": "ATTACK_COMPLEXITY_MEDIUM" } ] }, "google-native:containeranalysis/v1beta1:CVSSAttackVector": { "description": "Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2", "type": "string", "enum": [ { "name": "AttackVectorUnspecified", "description": "Defined in CVSS v3, CVSS v2", "value": "ATTACK_VECTOR_UNSPECIFIED" }, { "name": "AttackVectorNetwork", "description": "Defined in CVSS v3, CVSS v2", "value": "ATTACK_VECTOR_NETWORK" }, { "name": "AttackVectorAdjacent", "description": "Defined in CVSS v3, CVSS v2", "value": "ATTACK_VECTOR_ADJACENT" }, { "name": "AttackVectorLocal", "description": "Defined in CVSS v3, CVSS v2", "value": "ATTACK_VECTOR_LOCAL" }, { "name": "AttackVectorPhysical", "description": "Defined in CVSS v3", "value": "ATTACK_VECTOR_PHYSICAL" } ] }, "google-native:containeranalysis/v1beta1:CVSSAuthentication": { "description": "Defined in CVSS v2", "type": "string", "enum": [ { "name": "AuthenticationUnspecified", "description": "Defined in CVSS v2", "value": "AUTHENTICATION_UNSPECIFIED" }, { "name": "AuthenticationMultiple", "description": "Defined in CVSS v2", "value": "AUTHENTICATION_MULTIPLE" }, { "name": "AuthenticationSingle", "description": "Defined in CVSS v2", "value": "AUTHENTICATION_SINGLE" }, { "name": "AuthenticationNone", "description": "Defined in CVSS v2", "value": "AUTHENTICATION_NONE" } ] }, "google-native:containeranalysis/v1beta1:CVSSAvailabilityImpact": { "description": "Defined in CVSS v3, CVSS v2", "type": "string", "enum": [ { "name": "ImpactUnspecified", "description": "Defined in CVSS v3, CVSS v2", "value": "IMPACT_UNSPECIFIED" }, { "name": "ImpactHigh", "description": "Defined in CVSS v3", "value": "IMPACT_HIGH" }, { "name": "ImpactLow", "description": "Defined in CVSS v3", "value": "IMPACT_LOW" }, { "name": "ImpactNone", "description": "Defined in CVSS v3, CVSS v2", "value": "IMPACT_NONE" }, { "name": "ImpactPartial", "description": "Defined in CVSS v2", "value": "IMPACT_PARTIAL" }, { "name": "ImpactComplete", "description": "Defined in CVSS v2", "value": "IMPACT_COMPLETE" } ] }, "google-native:containeranalysis/v1beta1:CVSSConfidentialityImpact": { "description": "Defined in CVSS v3, CVSS v2", "type": "string", "enum": [ { "name": "ImpactUnspecified", "description": "Defined in CVSS v3, CVSS v2", "value": "IMPACT_UNSPECIFIED" }, { "name": "ImpactHigh", "description": "Defined in CVSS v3", "value": "IMPACT_HIGH" }, { "name": "ImpactLow", "description": "Defined in CVSS v3", "value": "IMPACT_LOW" }, { "name": "ImpactNone", "description": "Defined in CVSS v3, CVSS v2", "value": "IMPACT_NONE" }, { "name": "ImpactPartial", "description": "Defined in CVSS v2", "value": "IMPACT_PARTIAL" }, { "name": "ImpactComplete", "description": "Defined in CVSS v2", "value": "IMPACT_COMPLETE" } ] }, "google-native:containeranalysis/v1beta1:CVSSIntegrityImpact": { "description": "Defined in CVSS v3, CVSS v2", "type": "string", "enum": [ { "name": "ImpactUnspecified", "description": "Defined in CVSS v3, CVSS v2", "value": "IMPACT_UNSPECIFIED" }, { "name": "ImpactHigh", "description": "Defined in CVSS v3", "value": "IMPACT_HIGH" }, { "name": "ImpactLow", "description": "Defined in CVSS v3", "value": "IMPACT_LOW" }, { "name": "ImpactNone", "description": "Defined in CVSS v3, CVSS v2", "value": "IMPACT_NONE" }, { "name": "ImpactPartial", "description": "Defined in CVSS v2", "value": "IMPACT_PARTIAL" }, { "name": "ImpactComplete", "description": "Defined in CVSS v2", "value": "IMPACT_COMPLETE" } ] }, "google-native:containeranalysis/v1beta1:CVSSPrivilegesRequired": { "description": "Defined in CVSS v3", "type": "string", "enum": [ { "name": "PrivilegesRequiredUnspecified", "description": "Defined in CVSS v3", "value": "PRIVILEGES_REQUIRED_UNSPECIFIED" }, { "name": "PrivilegesRequiredNone", "description": "Defined in CVSS v3", "value": "PRIVILEGES_REQUIRED_NONE" }, { "name": "PrivilegesRequiredLow", "description": "Defined in CVSS v3", "value": "PRIVILEGES_REQUIRED_LOW" }, { "name": "PrivilegesRequiredHigh", "description": "Defined in CVSS v3", "value": "PRIVILEGES_REQUIRED_HIGH" } ] }, "google-native:containeranalysis/v1beta1:CVSSResponse": { "description": "Common Vulnerability Scoring System. This message is compatible with CVSS v2 and v3. For CVSS v2 details, see https://www.first.org/cvss/v2/guide CVSS v2 calculator: https://nvd.nist.gov/vuln-metrics/cvss/v2-calculator For CVSS v3 details, see https://www.first.org/cvss/specification-document CVSS v3 calculator: https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator", "properties": { "attackComplexity": { "type": "string", "description": "Defined in CVSS v3, CVSS v2" }, "attackVector": { "type": "string", "description": "Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2" }, "authentication": { "type": "string", "description": "Defined in CVSS v2" }, "availabilityImpact": { "type": "string", "description": "Defined in CVSS v3, CVSS v2" }, "baseScore": { "type": "number", "description": "The base score is a function of the base metric scores." }, "confidentialityImpact": { "type": "string", "description": "Defined in CVSS v3, CVSS v2" }, "exploitabilityScore": { "type": "number" }, "impactScore": { "type": "number" }, "integrityImpact": { "type": "string", "description": "Defined in CVSS v3, CVSS v2" }, "privilegesRequired": { "type": "string", "description": "Defined in CVSS v3" }, "scope": { "type": "string", "description": "Defined in CVSS v3" }, "userInteraction": { "type": "string", "description": "Defined in CVSS v3" } }, "type": "object", "required": [ "attackComplexity", "attackVector", "authentication", "availabilityImpact", "baseScore", "confidentialityImpact", "exploitabilityScore", "impactScore", "integrityImpact", "privilegesRequired", "scope", "userInteraction" ] }, "google-native:containeranalysis/v1beta1:CVSSScope": { "description": "Defined in CVSS v3", "type": "string", "enum": [ { "name": "ScopeUnspecified", "description": "Defined in CVSS v3", "value": "SCOPE_UNSPECIFIED" }, { "name": "ScopeUnchanged", "description": "Defined in CVSS v3", "value": "SCOPE_UNCHANGED" }, { "name": "ScopeChanged", "description": "Defined in CVSS v3", "value": "SCOPE_CHANGED" } ] }, "google-native:containeranalysis/v1beta1:CVSSUserInteraction": { "description": "Defined in CVSS v3", "type": "string", "enum": [ { "name": "UserInteractionUnspecified", "description": "Defined in CVSS v3", "value": "USER_INTERACTION_UNSPECIFIED" }, { "name": "UserInteractionNone", "description": "Defined in CVSS v3", "value": "USER_INTERACTION_NONE" }, { "name": "UserInteractionRequired", "description": "Defined in CVSS v3", "value": "USER_INTERACTION_REQUIRED" } ] }, "google-native:containeranalysis/v1beta1:CVSSv3": { "description": "Deprecated. Common Vulnerability Scoring System version 3. For details, see https://www.first.org/cvss/specification-document", "properties": { "attackComplexity": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:CVSSv3AttackComplexity" }, "attackVector": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:CVSSv3AttackVector", "description": "Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments." }, "availabilityImpact": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:CVSSv3AvailabilityImpact" }, "baseScore": { "type": "number", "description": "The base score is a function of the base metric scores." }, "confidentialityImpact": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:CVSSv3ConfidentialityImpact" }, "exploitabilityScore": { "type": "number" }, "impactScore": { "type": "number" }, "integrityImpact": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:CVSSv3IntegrityImpact" }, "privilegesRequired": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:CVSSv3PrivilegesRequired" }, "scope": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:CVSSv3Scope" }, "userInteraction": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:CVSSv3UserInteraction" } }, "type": "object" }, "google-native:containeranalysis/v1beta1:CVSSv3AttackComplexity": { "type": "string", "enum": [ { "name": "AttackComplexityUnspecified", "value": "ATTACK_COMPLEXITY_UNSPECIFIED" }, { "name": "AttackComplexityLow", "value": "ATTACK_COMPLEXITY_LOW" }, { "name": "AttackComplexityHigh", "value": "ATTACK_COMPLEXITY_HIGH" } ] }, "google-native:containeranalysis/v1beta1:CVSSv3AttackVector": { "description": "Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.", "type": "string", "enum": [ { "name": "AttackVectorUnspecified", "value": "ATTACK_VECTOR_UNSPECIFIED" }, { "name": "AttackVectorNetwork", "value": "ATTACK_VECTOR_NETWORK" }, { "name": "AttackVectorAdjacent", "value": "ATTACK_VECTOR_ADJACENT" }, { "name": "AttackVectorLocal", "value": "ATTACK_VECTOR_LOCAL" }, { "name": "AttackVectorPhysical", "value": "ATTACK_VECTOR_PHYSICAL" } ] }, "google-native:containeranalysis/v1beta1:CVSSv3AvailabilityImpact": { "type": "string", "enum": [ { "name": "ImpactUnspecified", "value": "IMPACT_UNSPECIFIED" }, { "name": "ImpactHigh", "value": "IMPACT_HIGH" }, { "name": "ImpactLow", "value": "IMPACT_LOW" }, { "name": "ImpactNone", "value": "IMPACT_NONE" } ] }, "google-native:containeranalysis/v1beta1:CVSSv3ConfidentialityImpact": { "type": "string", "enum": [ { "name": "ImpactUnspecified", "value": "IMPACT_UNSPECIFIED" }, { "name": "ImpactHigh", "value": "IMPACT_HIGH" }, { "name": "ImpactLow", "value": "IMPACT_LOW" }, { "name": "ImpactNone", "value": "IMPACT_NONE" } ] }, "google-native:containeranalysis/v1beta1:CVSSv3IntegrityImpact": { "type": "string", "enum": [ { "name": "ImpactUnspecified", "value": "IMPACT_UNSPECIFIED" }, { "name": "ImpactHigh", "value": "IMPACT_HIGH" }, { "name": "ImpactLow", "value": "IMPACT_LOW" }, { "name": "ImpactNone", "value": "IMPACT_NONE" } ] }, "google-native:containeranalysis/v1beta1:CVSSv3PrivilegesRequired": { "type": "string", "enum": [ { "name": "PrivilegesRequiredUnspecified", "value": "PRIVILEGES_REQUIRED_UNSPECIFIED" }, { "name": "PrivilegesRequiredNone", "value": "PRIVILEGES_REQUIRED_NONE" }, { "name": "PrivilegesRequiredLow", "value": "PRIVILEGES_REQUIRED_LOW" }, { "name": "PrivilegesRequiredHigh", "value": "PRIVILEGES_REQUIRED_HIGH" } ] }, "google-native:containeranalysis/v1beta1:CVSSv3Response": { "description": "Deprecated. Common Vulnerability Scoring System version 3. For details, see https://www.first.org/cvss/specification-document", "properties": { "attackComplexity": { "type": "string" }, "attackVector": { "type": "string", "description": "Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments." }, "availabilityImpact": { "type": "string" }, "baseScore": { "type": "number", "description": "The base score is a function of the base metric scores." }, "confidentialityImpact": { "type": "string" }, "exploitabilityScore": { "type": "number" }, "impactScore": { "type": "number" }, "integrityImpact": { "type": "string" }, "privilegesRequired": { "type": "string" }, "scope": { "type": "string" }, "userInteraction": { "type": "string" } }, "type": "object", "required": [ "attackComplexity", "attackVector", "availabilityImpact", "baseScore", "confidentialityImpact", "exploitabilityScore", "impactScore", "integrityImpact", "privilegesRequired", "scope", "userInteraction" ] }, "google-native:containeranalysis/v1beta1:CVSSv3Scope": { "type": "string", "enum": [ { "name": "ScopeUnspecified", "value": "SCOPE_UNSPECIFIED" }, { "name": "ScopeUnchanged", "value": "SCOPE_UNCHANGED" }, { "name": "ScopeChanged", "value": "SCOPE_CHANGED" } ] }, "google-native:containeranalysis/v1beta1:CVSSv3UserInteraction": { "type": "string", "enum": [ { "name": "UserInteractionUnspecified", "value": "USER_INTERACTION_UNSPECIFIED" }, { "name": "UserInteractionNone", "value": "USER_INTERACTION_NONE" }, { "name": "UserInteractionRequired", "value": "USER_INTERACTION_REQUIRED" } ] }, "google-native:containeranalysis/v1beta1:CloudRepoSourceContext": { "description": "A CloudRepoSourceContext denotes a particular revision in a Google Cloud Source Repo.", "properties": { "aliasContext": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:AliasContext", "description": "An alias, which may be a branch or tag." }, "repoId": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:RepoId", "description": "The ID of the repo." }, "revisionId": { "type": "string", "description": "A revision ID." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:CloudRepoSourceContextResponse": { "description": "A CloudRepoSourceContext denotes a particular revision in a Google Cloud Source Repo.", "properties": { "aliasContext": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:AliasContextResponse", "description": "An alias, which may be a branch or tag." }, "repoId": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:RepoIdResponse", "description": "The ID of the repo." }, "revisionId": { "type": "string", "description": "A revision ID." } }, "type": "object", "required": [ "aliasContext", "repoId", "revisionId" ] }, "google-native:containeranalysis/v1beta1:Command": { "description": "Command describes a step performed as part of the build pipeline.", "properties": { "args": { "type": "array", "items": { "type": "string" }, "description": "Command-line arguments used when executing this command." }, "dir": { "type": "string", "description": "Working directory (relative to project source root) used when running this command." }, "env": { "type": "array", "items": { "type": "string" }, "description": "Environment variables set before running this command." }, "id": { "type": "string", "description": "Optional unique identifier for this command, used in wait_for to reference this command as a dependency." }, "name": { "type": "string", "description": "Name of the command, as presented on the command line, or if the command is packaged as a Docker container, as presented to `docker pull`." }, "waitFor": { "type": "array", "items": { "type": "string" }, "description": "The ID(s) of the command(s) that this command depends on." } }, "type": "object", "required": [ "name" ] }, "google-native:containeranalysis/v1beta1:CommandResponse": { "description": "Command describes a step performed as part of the build pipeline.", "properties": { "args": { "type": "array", "items": { "type": "string" }, "description": "Command-line arguments used when executing this command." }, "dir": { "type": "string", "description": "Working directory (relative to project source root) used when running this command." }, "env": { "type": "array", "items": { "type": "string" }, "description": "Environment variables set before running this command." }, "name": { "type": "string", "description": "Name of the command, as presented on the command line, or if the command is packaged as a Docker container, as presented to `docker pull`." }, "waitFor": { "type": "array", "items": { "type": "string" }, "description": "The ID(s) of the command(s) that this command depends on." } }, "type": "object", "required": [ "args", "dir", "env", "name", "waitFor" ] }, "google-native:containeranalysis/v1beta1:Deployable": { "description": "An artifact that can be deployed in some runtime.", "properties": { "resourceUri": { "type": "array", "items": { "type": "string" }, "description": "Resource URI for the artifact being deployed." } }, "type": "object", "required": [ "resourceUri" ] }, "google-native:containeranalysis/v1beta1:DeployableResponse": { "description": "An artifact that can be deployed in some runtime.", "properties": { "resourceUri": { "type": "array", "items": { "type": "string" }, "description": "Resource URI for the artifact being deployed." } }, "type": "object", "required": [ "resourceUri" ] }, "google-native:containeranalysis/v1beta1:Deployment": { "description": "The period during which some deployable was active in a runtime.", "properties": { "address": { "type": "string", "description": "Address of the runtime element hosting this deployment." }, "config": { "type": "string", "description": "Configuration used to create this deployment." }, "deployTime": { "type": "string", "description": "Beginning of the lifetime of this deployment." }, "platform": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:DeploymentPlatform", "description": "Platform hosting this deployment." }, "undeployTime": { "type": "string", "description": "End of the lifetime of this deployment." }, "userEmail": { "type": "string", "description": "Identity of the user that triggered this deployment." } }, "type": "object", "required": [ "deployTime" ] }, "google-native:containeranalysis/v1beta1:DeploymentPlatform": { "description": "Platform hosting this deployment.", "type": "string", "enum": [ { "name": "PlatformUnspecified", "description": "Unknown.", "value": "PLATFORM_UNSPECIFIED" }, { "name": "Gke", "description": "Google Container Engine.", "value": "GKE" }, { "name": "Flex", "description": "Google App Engine: Flexible Environment.", "value": "FLEX" }, { "name": "Custom", "description": "Custom user-defined platform.", "value": "CUSTOM" } ] }, "google-native:containeranalysis/v1beta1:DeploymentResponse": { "description": "The period during which some deployable was active in a runtime.", "properties": { "address": { "type": "string", "description": "Address of the runtime element hosting this deployment." }, "config": { "type": "string", "description": "Configuration used to create this deployment." }, "deployTime": { "type": "string", "description": "Beginning of the lifetime of this deployment." }, "platform": { "type": "string", "description": "Platform hosting this deployment." }, "resourceUri": { "type": "array", "items": { "type": "string" }, "description": "Resource URI for the artifact being deployed taken from the deployable field with the same name." }, "undeployTime": { "type": "string", "description": "End of the lifetime of this deployment." }, "userEmail": { "type": "string", "description": "Identity of the user that triggered this deployment." } }, "type": "object", "required": [ "address", "config", "deployTime", "platform", "resourceUri", "undeployTime", "userEmail" ] }, "google-native:containeranalysis/v1beta1:Derived": { "description": "Derived describes the derived image portion (Occurrence) of the DockerImage relationship. This image would be produced from a Dockerfile with FROM .", "properties": { "fingerprint": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Fingerprint", "description": "The fingerprint of the derived image." }, "layerInfo": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Layer" }, "description": "This contains layer-specific metadata, if populated it has length \"distance\" and is ordered with [distance] being the layer immediately following the base image and [1] being the final layer." } }, "type": "object", "required": [ "fingerprint" ] }, "google-native:containeranalysis/v1beta1:DerivedResponse": { "description": "Derived describes the derived image portion (Occurrence) of the DockerImage relationship. This image would be produced from a Dockerfile with FROM .", "properties": { "baseResourceUrl": { "type": "string", "description": "This contains the base image URL for the derived image occurrence." }, "distance": { "type": "integer", "description": "The number of layers by which this image differs from the associated image basis." }, "fingerprint": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:FingerprintResponse", "description": "The fingerprint of the derived image." }, "layerInfo": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:LayerResponse" }, "description": "This contains layer-specific metadata, if populated it has length \"distance\" and is ordered with [distance] being the layer immediately following the base image and [1] being the final layer." } }, "type": "object", "required": [ "baseResourceUrl", "distance", "fingerprint", "layerInfo" ] }, "google-native:containeranalysis/v1beta1:Detail": { "description": "Identifies all appearances of this vulnerability in the package for a specific distro/location. For example: glibc in cpe:/o:debian:debian_linux:8 for versions 2.1 - 2.2", "properties": { "cpeUri": { "type": "string", "description": "The CPE URI in [cpe format](https://cpe.mitre.org/specification/) in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar." }, "description": { "type": "string", "description": "A vendor-specific description of this note." }, "fixedLocation": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:VulnerabilityLocation", "description": "The fix for this specific package version." }, "isObsolete": { "type": "boolean", "description": "Whether this detail is obsolete. Occurrences are expected not to point to obsolete details." }, "maxAffectedVersion": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Version", "description": "The max version of the package in which the vulnerability exists." }, "minAffectedVersion": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Version", "description": "The min version of the package in which the vulnerability exists." }, "package": { "type": "string", "description": "The name of the package where the vulnerability was found." }, "packageType": { "type": "string", "description": "The type of package; whether native or non native(ruby gems, node.js packages etc)." }, "severityName": { "type": "string", "description": "The severity (eg: distro assigned severity) for this vulnerability." }, "source": { "type": "string", "description": "The source from which the information in this Detail was obtained." }, "sourceUpdateTime": { "type": "string", "description": "The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker." }, "vendor": { "type": "string", "description": "The name of the vendor of the product." } }, "type": "object", "required": [ "cpeUri", "package" ] }, "google-native:containeranalysis/v1beta1:DetailResponse": { "description": "Identifies all appearances of this vulnerability in the package for a specific distro/location. For example: glibc in cpe:/o:debian:debian_linux:8 for versions 2.1 - 2.2", "properties": { "cpeUri": { "type": "string", "description": "The CPE URI in [cpe format](https://cpe.mitre.org/specification/) in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar." }, "description": { "type": "string", "description": "A vendor-specific description of this note." }, "fixedLocation": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:VulnerabilityLocationResponse", "description": "The fix for this specific package version." }, "isObsolete": { "type": "boolean", "description": "Whether this detail is obsolete. Occurrences are expected not to point to obsolete details." }, "maxAffectedVersion": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:VersionResponse", "description": "The max version of the package in which the vulnerability exists." }, "minAffectedVersion": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:VersionResponse", "description": "The min version of the package in which the vulnerability exists." }, "package": { "type": "string", "description": "The name of the package where the vulnerability was found." }, "packageType": { "type": "string", "description": "The type of package; whether native or non native(ruby gems, node.js packages etc)." }, "severityName": { "type": "string", "description": "The severity (eg: distro assigned severity) for this vulnerability." }, "source": { "type": "string", "description": "The source from which the information in this Detail was obtained." }, "sourceUpdateTime": { "type": "string", "description": "The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker." }, "vendor": { "type": "string", "description": "The name of the vendor of the product." } }, "type": "object", "required": [ "cpeUri", "description", "fixedLocation", "isObsolete", "maxAffectedVersion", "minAffectedVersion", "package", "packageType", "severityName", "source", "sourceUpdateTime", "vendor" ] }, "google-native:containeranalysis/v1beta1:Details": { "description": "Details of an attestation occurrence.", "properties": { "attestation": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Attestation", "description": "Attestation for the resource." } }, "type": "object", "required": [ "attestation" ] }, "google-native:containeranalysis/v1beta1:DetailsResponse": { "description": "Details of an attestation occurrence.", "properties": { "attestation": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:AttestationResponse", "description": "Attestation for the resource." } }, "type": "object", "required": [ "attestation" ] }, "google-native:containeranalysis/v1beta1:Digest": { "description": "Digest information.", "properties": { "algo": { "type": "string", "description": "`SHA1`, `SHA512` etc." }, "digestBytes": { "type": "string", "description": "Value of the digest." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:DigestResponse": { "description": "Digest information.", "properties": { "algo": { "type": "string", "description": "`SHA1`, `SHA512` etc." }, "digestBytes": { "type": "string", "description": "Value of the digest." } }, "type": "object", "required": [ "algo", "digestBytes" ] }, "google-native:containeranalysis/v1beta1:Discovered": { "description": "Provides information about the analysis status of a discovered resource.", "properties": { "analysisCompleted": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:AnalysisCompleted" }, "analysisError": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Status" }, "description": "Indicates any errors encountered during analysis of a resource. There could be 0 or more of these errors." }, "analysisStatus": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:DiscoveredAnalysisStatus", "description": "The status of discovery for the resource." }, "analysisStatusError": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Status", "description": "When an error is encountered this will contain a LocalizedMessage under details to show to the user. The LocalizedMessage is output only and populated by the API." }, "continuousAnalysis": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:DiscoveredContinuousAnalysis", "description": "Whether the resource is continuously analyzed." }, "lastAnalysisTime": { "type": "string", "description": "The last time continuous analysis was done for this resource. Deprecated, do not use.", "deprecationMessage": "The last time continuous analysis was done for this resource. Deprecated, do not use." }, "lastScanTime": { "type": "string", "description": "The last time this resource was scanned." }, "sbomStatus": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:SBOMStatus", "description": "The status of an SBOM generation." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:DiscoveredAnalysisStatus": { "description": "The status of discovery for the resource.", "type": "string", "enum": [ { "name": "AnalysisStatusUnspecified", "description": "Unknown.", "value": "ANALYSIS_STATUS_UNSPECIFIED" }, { "name": "Pending", "description": "Resource is known but no action has been taken yet.", "value": "PENDING" }, { "name": "Scanning", "description": "Resource is being analyzed.", "value": "SCANNING" }, { "name": "FinishedSuccess", "description": "Analysis has finished successfully.", "value": "FINISHED_SUCCESS" }, { "name": "Complete", "description": "Analysis has completed.", "value": "COMPLETE" }, { "name": "FinishedFailed", "description": "Analysis has finished unsuccessfully, the analysis itself is in a bad state.", "value": "FINISHED_FAILED" }, { "name": "FinishedUnsupported", "description": "The resource is known not to be supported", "value": "FINISHED_UNSUPPORTED" } ] }, "google-native:containeranalysis/v1beta1:DiscoveredContinuousAnalysis": { "description": "Whether the resource is continuously analyzed.", "type": "string", "enum": [ { "name": "ContinuousAnalysisUnspecified", "description": "Unknown.", "value": "CONTINUOUS_ANALYSIS_UNSPECIFIED" }, { "name": "Active", "description": "The resource is continuously analyzed.", "value": "ACTIVE" }, { "name": "Inactive", "description": "The resource is ignored for continuous analysis.", "value": "INACTIVE" } ] }, "google-native:containeranalysis/v1beta1:DiscoveredResponse": { "description": "Provides information about the analysis status of a discovered resource.", "properties": { "analysisCompleted": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:AnalysisCompletedResponse" }, "analysisError": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:StatusResponse" }, "description": "Indicates any errors encountered during analysis of a resource. There could be 0 or more of these errors." }, "analysisStatus": { "type": "string", "description": "The status of discovery for the resource." }, "analysisStatusError": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:StatusResponse", "description": "When an error is encountered this will contain a LocalizedMessage under details to show to the user. The LocalizedMessage is output only and populated by the API." }, "continuousAnalysis": { "type": "string", "description": "Whether the resource is continuously analyzed." }, "lastAnalysisTime": { "type": "string", "description": "The last time continuous analysis was done for this resource. Deprecated, do not use.", "deprecationMessage": "The last time continuous analysis was done for this resource. Deprecated, do not use." }, "lastScanTime": { "type": "string", "description": "The last time this resource was scanned." }, "sbomStatus": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:SBOMStatusResponse", "description": "The status of an SBOM generation." } }, "type": "object", "required": [ "analysisCompleted", "analysisError", "analysisStatus", "analysisStatusError", "continuousAnalysis", "lastAnalysisTime", "lastScanTime", "sbomStatus" ] }, "google-native:containeranalysis/v1beta1:Discovery": { "description": "A note that indicates a type of analysis a provider would perform. This note exists in a provider's project. A `Discovery` occurrence is created in a consumer's project at the start of analysis.", "properties": { "analysisKind": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:DiscoveryAnalysisKind", "description": "Immutable. The kind of analysis that is handled by this discovery." } }, "type": "object", "required": [ "analysisKind" ] }, "google-native:containeranalysis/v1beta1:DiscoveryAnalysisKind": { "description": "Required. Immutable. The kind of analysis that is handled by this discovery.", "type": "string", "enum": [ { "name": "NoteKindUnspecified", "description": "Default value. This value is unused.", "value": "NOTE_KIND_UNSPECIFIED" }, { "name": "Vulnerability", "description": "The note and occurrence represent a package vulnerability.", "value": "VULNERABILITY" }, { "name": "Build", "description": "The note and occurrence assert build provenance.", "value": "BUILD" }, { "name": "Image", "description": "This represents an image basis relationship.", "value": "IMAGE" }, { "name": "Package", "description": "This represents a package installed via a package manager.", "value": "PACKAGE" }, { "name": "Deployment", "description": "The note and occurrence track deployment events.", "value": "DEPLOYMENT" }, { "name": "Discovery", "description": "The note and occurrence track the initial discovery status of a resource.", "value": "DISCOVERY" }, { "name": "Attestation", "description": "This represents a logical \"role\" that can attest to artifacts.", "value": "ATTESTATION" }, { "name": "Intoto", "description": "This represents an in-toto link.", "value": "INTOTO" }, { "name": "Sbom", "description": "This represents a software bill of materials.", "value": "SBOM" }, { "name": "SpdxPackage", "description": "This represents an SPDX Package.", "value": "SPDX_PACKAGE" }, { "name": "SpdxFile", "description": "This represents an SPDX File.", "value": "SPDX_FILE" }, { "name": "SpdxRelationship", "description": "This represents an SPDX Relationship.", "value": "SPDX_RELATIONSHIP" }, { "name": "VulnerabilityAssessment", "description": "This represents a Vulnerability Assessment.", "value": "VULNERABILITY_ASSESSMENT" }, { "name": "SbomReference", "description": "This represents an SBOM Reference.", "value": "SBOM_REFERENCE" } ] }, "google-native:containeranalysis/v1beta1:DiscoveryResponse": { "description": "A note that indicates a type of analysis a provider would perform. This note exists in a provider's project. A `Discovery` occurrence is created in a consumer's project at the start of analysis.", "properties": { "analysisKind": { "type": "string", "description": "Immutable. The kind of analysis that is handled by this discovery." } }, "type": "object", "required": [ "analysisKind" ] }, "google-native:containeranalysis/v1beta1:Distribution": { "description": "This represents a particular channel of distribution for a given package. E.g., Debian's jessie-backports dpkg mirror.", "properties": { "architecture": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:DistributionArchitecture", "description": "The CPU architecture for which packages in this distribution channel were built." }, "cpeUri": { "type": "string", "description": "The cpe_uri in [CPE format](https://cpe.mitre.org/specification/) denoting the package manager version distributing a package." }, "description": { "type": "string", "description": "The distribution channel-specific description of this package." }, "latestVersion": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Version", "description": "The latest available version of this package in this distribution channel." }, "maintainer": { "type": "string", "description": "A freeform string denoting the maintainer of this package." }, "url": { "type": "string", "description": "The distribution channel-specific homepage for this package." } }, "type": "object", "required": [ "cpeUri" ] }, "google-native:containeranalysis/v1beta1:DistributionArchitecture": { "description": "The CPU architecture for which packages in this distribution channel were built.", "type": "string", "enum": [ { "name": "ArchitectureUnspecified", "description": "Unknown architecture.", "value": "ARCHITECTURE_UNSPECIFIED" }, { "name": "X86", "description": "X86 architecture.", "value": "X86" }, { "name": "X64", "description": "X64 architecture.", "value": "X64" } ] }, "google-native:containeranalysis/v1beta1:DistributionResponse": { "description": "This represents a particular channel of distribution for a given package. E.g., Debian's jessie-backports dpkg mirror.", "properties": { "architecture": { "type": "string", "description": "The CPU architecture for which packages in this distribution channel were built." }, "cpeUri": { "type": "string", "description": "The cpe_uri in [CPE format](https://cpe.mitre.org/specification/) denoting the package manager version distributing a package." }, "description": { "type": "string", "description": "The distribution channel-specific description of this package." }, "latestVersion": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:VersionResponse", "description": "The latest available version of this package in this distribution channel." }, "maintainer": { "type": "string", "description": "A freeform string denoting the maintainer of this package." }, "url": { "type": "string", "description": "The distribution channel-specific homepage for this package." } }, "type": "object", "required": [ "architecture", "cpeUri", "description", "latestVersion", "maintainer", "url" ] }, "google-native:containeranalysis/v1beta1:DocumentNote": { "description": "DocumentNote represents an SPDX Document Creation Information section: https://spdx.github.io/spdx-spec/2-document-creation-information/", "properties": { "dataLicence": { "type": "string", "description": "Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields (\"SPDX-Metadata\")" }, "spdxVersion": { "type": "string", "description": "Provide a reference number that can be used to understand how to parse and interpret the rest of the file" } }, "type": "object" }, "google-native:containeranalysis/v1beta1:DocumentNoteResponse": { "description": "DocumentNote represents an SPDX Document Creation Information section: https://spdx.github.io/spdx-spec/2-document-creation-information/", "properties": { "dataLicence": { "type": "string", "description": "Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields (\"SPDX-Metadata\")" }, "spdxVersion": { "type": "string", "description": "Provide a reference number that can be used to understand how to parse and interpret the rest of the file" } }, "type": "object", "required": [ "dataLicence", "spdxVersion" ] }, "google-native:containeranalysis/v1beta1:DocumentOccurrence": { "description": "DocumentOccurrence represents an SPDX Document Creation Information section: https://spdx.github.io/spdx-spec/2-document-creation-information/", "properties": { "createTime": { "type": "string", "description": "Identify when the SPDX file was originally created. The date is to be specified according to combined date and time in UTC format as specified in ISO 8601 standard" }, "creatorComment": { "type": "string", "description": "A field for creators of the SPDX file to provide general comments about the creation of the SPDX file or any other relevant comment not included in the other fields" }, "creators": { "type": "array", "items": { "type": "string" }, "description": "Identify who (or what, in the case of a tool) created the SPDX file. If the SPDX file was created by an individual, indicate the person's name" }, "documentComment": { "type": "string", "description": "A field for creators of the SPDX file content to provide comments to the consumers of the SPDX document" }, "externalDocumentRefs": { "type": "array", "items": { "type": "string" }, "description": "Identify any external SPDX documents referenced within this SPDX document" }, "id": { "type": "string", "description": "Identify the current SPDX document which may be referenced in relationships by other files, packages internally and documents externally" }, "licenseListVersion": { "type": "string", "description": "A field for creators of the SPDX file to provide the version of the SPDX License List used when the SPDX file was created" }, "namespace": { "type": "string", "description": "Provide an SPDX document specific namespace as a unique absolute Uniform Resource Identifier (URI) as specified in RFC-3986, with the exception of the ‘#’ delimiter" }, "title": { "type": "string", "description": "Identify name of this document as designated by creator" } }, "type": "object" }, "google-native:containeranalysis/v1beta1:DocumentOccurrenceResponse": { "description": "DocumentOccurrence represents an SPDX Document Creation Information section: https://spdx.github.io/spdx-spec/2-document-creation-information/", "properties": { "createTime": { "type": "string", "description": "Identify when the SPDX file was originally created. The date is to be specified according to combined date and time in UTC format as specified in ISO 8601 standard" }, "creatorComment": { "type": "string", "description": "A field for creators of the SPDX file to provide general comments about the creation of the SPDX file or any other relevant comment not included in the other fields" }, "creators": { "type": "array", "items": { "type": "string" }, "description": "Identify who (or what, in the case of a tool) created the SPDX file. If the SPDX file was created by an individual, indicate the person's name" }, "documentComment": { "type": "string", "description": "A field for creators of the SPDX file content to provide comments to the consumers of the SPDX document" }, "externalDocumentRefs": { "type": "array", "items": { "type": "string" }, "description": "Identify any external SPDX documents referenced within this SPDX document" }, "licenseListVersion": { "type": "string", "description": "A field for creators of the SPDX file to provide the version of the SPDX License List used when the SPDX file was created" }, "namespace": { "type": "string", "description": "Provide an SPDX document specific namespace as a unique absolute Uniform Resource Identifier (URI) as specified in RFC-3986, with the exception of the ‘#’ delimiter" }, "title": { "type": "string", "description": "Identify name of this document as designated by creator" } }, "type": "object", "required": [ "createTime", "creatorComment", "creators", "documentComment", "externalDocumentRefs", "licenseListVersion", "namespace", "title" ] }, "google-native:containeranalysis/v1beta1:Envelope": { "description": "MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type.", "properties": { "payload": { "type": "string" }, "payloadType": { "type": "string" }, "signatures": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:EnvelopeSignature" } } }, "type": "object" }, "google-native:containeranalysis/v1beta1:EnvelopeResponse": { "description": "MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto. An authenticated message of arbitrary type.", "properties": { "payload": { "type": "string" }, "payloadType": { "type": "string" }, "signatures": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:EnvelopeSignatureResponse" } } }, "type": "object", "required": [ "payload", "payloadType", "signatures" ] }, "google-native:containeranalysis/v1beta1:EnvelopeSignature": { "properties": { "keyid": { "type": "string" }, "sig": { "type": "string" } }, "type": "object" }, "google-native:containeranalysis/v1beta1:EnvelopeSignatureResponse": { "properties": { "keyid": { "type": "string" }, "sig": { "type": "string" } }, "type": "object", "required": [ "keyid", "sig" ] }, "google-native:containeranalysis/v1beta1:Environment": { "description": "Defines an object for the environment field in in-toto links. The suggested fields are \"variables\", \"filesystem\", and \"workdir\".", "properties": { "customValues": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" }, "google-native:containeranalysis/v1beta1:EnvironmentResponse": { "description": "Defines an object for the environment field in in-toto links. The suggested fields are \"variables\", \"filesystem\", and \"workdir\".", "properties": { "customValues": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "customValues" ] }, "google-native:containeranalysis/v1beta1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:containeranalysis/v1beta1:ExternalRef": { "description": "An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package", "properties": { "category": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:ExternalRefCategory", "description": "An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package" }, "comment": { "type": "string", "description": "Human-readable information about the purpose and target of the reference" }, "locator": { "type": "string", "description": "The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location" }, "type": { "type": "string", "description": "Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)" } }, "type": "object" }, "google-native:containeranalysis/v1beta1:ExternalRefCategory": { "description": "An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package", "type": "string", "enum": [ { "name": "CategoryUnspecified", "description": "Unspecified", "value": "CATEGORY_UNSPECIFIED" }, { "name": "Security", "description": "Security (e.g. cpe22Type, cpe23Type)", "value": "SECURITY" }, { "name": "PackageManager", "description": "Package Manager (e.g. maven-central, npm, nuget, bower, purl)", "value": "PACKAGE_MANAGER" }, { "name": "PersistentId", "description": "Persistent-Id (e.g. swh)", "value": "PERSISTENT_ID" }, { "name": "Other", "description": "Other", "value": "OTHER" } ] }, "google-native:containeranalysis/v1beta1:ExternalRefResponse": { "description": "An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package", "properties": { "category": { "type": "string", "description": "An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package" }, "comment": { "type": "string", "description": "Human-readable information about the purpose and target of the reference" }, "locator": { "type": "string", "description": "The unique string with no spaces necessary to access the package-specific information, metadata, or content within the target location" }, "type": { "type": "string", "description": "Type of category (e.g. 'npm' for the PACKAGE_MANAGER category)" } }, "type": "object", "required": [ "category", "comment", "locator", "type" ] }, "google-native:containeranalysis/v1beta1:FileNote": { "description": "FileNote represents an SPDX File Information section: https://spdx.github.io/spdx-spec/4-file-information/", "properties": { "checksum": { "type": "array", "items": { "type": "string" }, "description": "Provide a unique identifier to match analysis information on each specific file in a package" }, "fileType": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:FileNoteFileType", "description": "This field provides information about the type of file identified" }, "title": { "type": "string", "description": "Identify the full path and filename that corresponds to the file information in this section" } }, "type": "object" }, "google-native:containeranalysis/v1beta1:FileNoteFileType": { "description": "This field provides information about the type of file identified", "type": "string", "enum": [ { "name": "FileTypeUnspecified", "description": "Unspecified", "value": "FILE_TYPE_UNSPECIFIED" }, { "name": "Source", "description": "The file is human readable source code (.c, .html, etc.)", "value": "SOURCE" }, { "name": "Binary", "description": "The file is a compiled object, target image or binary executable (.o, .a, etc.)", "value": "BINARY" }, { "name": "Archive", "description": "The file represents an archive (.tar, .jar, etc.)", "value": "ARCHIVE" }, { "name": "Application", "description": "The file is associated with a specific application type (MIME type of application/*)", "value": "APPLICATION" }, { "name": "Audio", "description": "The file is associated with an audio file (MIME type of audio/* , e.g. .mp3)", "value": "AUDIO" }, { "name": "Image", "description": "The file is associated with an picture image file (MIME type of image/*, e.g., .jpg, .gif)", "value": "IMAGE" }, { "name": "Text", "description": "The file is human readable text file (MIME type of text/*)", "value": "TEXT" }, { "name": "Video", "description": "The file is associated with a video file type (MIME type of video/*)", "value": "VIDEO" }, { "name": "Documentation", "description": "The file serves as documentation", "value": "DOCUMENTATION" }, { "name": "Spdx", "description": "The file is an SPDX document", "value": "SPDX" }, { "name": "Other", "description": "The file doesn't fit into the above categories (generated artifacts, data files, etc.)", "value": "OTHER" } ] }, "google-native:containeranalysis/v1beta1:FileNoteResponse": { "description": "FileNote represents an SPDX File Information section: https://spdx.github.io/spdx-spec/4-file-information/", "properties": { "checksum": { "type": "array", "items": { "type": "string" }, "description": "Provide a unique identifier to match analysis information on each specific file in a package" }, "fileType": { "type": "string", "description": "This field provides information about the type of file identified" }, "title": { "type": "string", "description": "Identify the full path and filename that corresponds to the file information in this section" } }, "type": "object", "required": [ "checksum", "fileType", "title" ] }, "google-native:containeranalysis/v1beta1:FileOccurrence": { "description": "FileOccurrence represents an SPDX File Information section: https://spdx.github.io/spdx-spec/4-file-information/", "properties": { "attributions": { "type": "array", "items": { "type": "string" }, "description": "This field provides a place for the SPDX data creator to record, at the file level, acknowledgements that may be needed to be communicated in some contexts" }, "comment": { "type": "string", "description": "This field provides a place for the SPDX file creator to record any general comments about the file" }, "contributors": { "type": "array", "items": { "type": "string" }, "description": "This field provides a place for the SPDX file creator to record file contributors" }, "copyright": { "type": "string", "description": "Identify the copyright holder of the file, as well as any dates present" }, "filesLicenseInfo": { "type": "array", "items": { "type": "string" }, "description": "This field contains the license information actually found in the file, if any" }, "id": { "type": "string", "description": "Uniquely identify any element in an SPDX document which may be referenced by other elements" }, "licenseConcluded": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:License", "description": "This field contains the license the SPDX file creator has concluded as governing the file or alternative values if the governing license cannot be determined" }, "notice": { "type": "string", "description": "This field provides a place for the SPDX file creator to record license notices or other such related notices found in the file" } }, "type": "object" }, "google-native:containeranalysis/v1beta1:FileOccurrenceResponse": { "description": "FileOccurrence represents an SPDX File Information section: https://spdx.github.io/spdx-spec/4-file-information/", "properties": { "attributions": { "type": "array", "items": { "type": "string" }, "description": "This field provides a place for the SPDX data creator to record, at the file level, acknowledgements that may be needed to be communicated in some contexts" }, "comment": { "type": "string", "description": "This field provides a place for the SPDX file creator to record any general comments about the file" }, "contributors": { "type": "array", "items": { "type": "string" }, "description": "This field provides a place for the SPDX file creator to record file contributors" }, "copyright": { "type": "string", "description": "Identify the copyright holder of the file, as well as any dates present" }, "filesLicenseInfo": { "type": "array", "items": { "type": "string" }, "description": "This field contains the license information actually found in the file, if any" }, "licenseConcluded": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:LicenseResponse", "description": "This field contains the license the SPDX file creator has concluded as governing the file or alternative values if the governing license cannot be determined" }, "notice": { "type": "string", "description": "This field provides a place for the SPDX file creator to record license notices or other such related notices found in the file" } }, "type": "object", "required": [ "attributions", "comment", "contributors", "copyright", "filesLicenseInfo", "licenseConcluded", "notice" ] }, "google-native:containeranalysis/v1beta1:Fingerprint": { "description": "A set of properties that uniquely identify a given Docker image.", "properties": { "v1Name": { "type": "string", "description": "The layer ID of the final layer in the Docker image's v1 representation." }, "v2Blob": { "type": "array", "items": { "type": "string" }, "description": "The ordered list of v2 blobs that represent a given image." } }, "type": "object", "required": [ "v1Name", "v2Blob" ] }, "google-native:containeranalysis/v1beta1:FingerprintResponse": { "description": "A set of properties that uniquely identify a given Docker image.", "properties": { "v1Name": { "type": "string", "description": "The layer ID of the final layer in the Docker image's v1 representation." }, "v2Blob": { "type": "array", "items": { "type": "string" }, "description": "The ordered list of v2 blobs that represent a given image." }, "v2Name": { "type": "string", "description": "The name of the image's v2 blobs computed via: [bottom] := v2_blobbottom := sha256(v2_blob[N] + \" \" + v2_name[N+1]) Only the name of the final blob is kept." } }, "type": "object", "required": [ "v1Name", "v2Blob", "v2Name" ] }, "google-native:containeranalysis/v1beta1:GenericSignedAttestation": { "description": "An attestation wrapper that uses the Grafeas `Signature` message. This attestation must define the `serialized_payload` that the `signatures` verify and any metadata necessary to interpret that plaintext. The signatures should always be over the `serialized_payload` bytestring.", "properties": { "contentType": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:GenericSignedAttestationContentType", "description": "Type (for example schema) of the attestation payload that was signed. The verifier must ensure that the provided type is one that the verifier supports, and that the attestation payload is a valid instantiation of that type (for example by validating a JSON schema)." }, "serializedPayload": { "type": "string", "description": "The serialized payload that is verified by one or more `signatures`. The encoding and semantic meaning of this payload must match what is set in `content_type`." }, "signatures": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Signature" }, "description": "One or more signatures over `serialized_payload`. Verifier implementations should consider this attestation message verified if at least one `signature` verifies `serialized_payload`. See `Signature` in common.proto for more details on signature structure and verification." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:GenericSignedAttestationContentType": { "description": "Type (for example schema) of the attestation payload that was signed. The verifier must ensure that the provided type is one that the verifier supports, and that the attestation payload is a valid instantiation of that type (for example by validating a JSON schema).", "type": "string", "enum": [ { "name": "ContentTypeUnspecified", "description": "`ContentType` is not set.", "value": "CONTENT_TYPE_UNSPECIFIED" }, { "name": "SimpleSigningJson", "description": "Atomic format attestation signature. See https://github.com/containers/image/blob/8a5d2f82a6e3263290c8e0276c3e0f64e77723e7/docs/atomic-signature.md The payload extracted in `plaintext` is a JSON blob conforming to the linked schema.", "value": "SIMPLE_SIGNING_JSON" } ] }, "google-native:containeranalysis/v1beta1:GenericSignedAttestationResponse": { "description": "An attestation wrapper that uses the Grafeas `Signature` message. This attestation must define the `serialized_payload` that the `signatures` verify and any metadata necessary to interpret that plaintext. The signatures should always be over the `serialized_payload` bytestring.", "properties": { "contentType": { "type": "string", "description": "Type (for example schema) of the attestation payload that was signed. The verifier must ensure that the provided type is one that the verifier supports, and that the attestation payload is a valid instantiation of that type (for example by validating a JSON schema)." }, "serializedPayload": { "type": "string", "description": "The serialized payload that is verified by one or more `signatures`. The encoding and semantic meaning of this payload must match what is set in `content_type`." }, "signatures": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:SignatureResponse" }, "description": "One or more signatures over `serialized_payload`. Verifier implementations should consider this attestation message verified if at least one `signature` verifies `serialized_payload`. See `Signature` in common.proto for more details on signature structure and verification." } }, "type": "object", "required": [ "contentType", "serializedPayload", "signatures" ] }, "google-native:containeranalysis/v1beta1:GerritSourceContext": { "description": "A SourceContext referring to a Gerrit project.", "properties": { "aliasContext": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:AliasContext", "description": "An alias, which may be a branch or tag." }, "gerritProject": { "type": "string", "description": "The full project name within the host. Projects may be nested, so \"project/subproject\" is a valid project name. The \"repo name\" is the hostURI/project." }, "hostUri": { "type": "string", "description": "The URI of a running Gerrit instance." }, "revisionId": { "type": "string", "description": "A revision (commit) ID." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:GerritSourceContextResponse": { "description": "A SourceContext referring to a Gerrit project.", "properties": { "aliasContext": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:AliasContextResponse", "description": "An alias, which may be a branch or tag." }, "gerritProject": { "type": "string", "description": "The full project name within the host. Projects may be nested, so \"project/subproject\" is a valid project name. The \"repo name\" is the hostURI/project." }, "hostUri": { "type": "string", "description": "The URI of a running Gerrit instance." }, "revisionId": { "type": "string", "description": "A revision (commit) ID." } }, "type": "object", "required": [ "aliasContext", "gerritProject", "hostUri", "revisionId" ] }, "google-native:containeranalysis/v1beta1:GitSourceContext": { "description": "A GitSourceContext denotes a particular revision in a third party Git repository (e.g., GitHub).", "properties": { "revisionId": { "type": "string", "description": "Git commit hash." }, "url": { "type": "string", "description": "Git repository URL." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:GitSourceContextResponse": { "description": "A GitSourceContext denotes a particular revision in a third party Git repository (e.g., GitHub).", "properties": { "revisionId": { "type": "string", "description": "Git commit hash." }, "url": { "type": "string", "description": "Git repository URL." } }, "type": "object", "required": [ "revisionId", "url" ] }, "google-native:containeranalysis/v1beta1:GrafeasV1beta1BuildDetails": { "description": "Details of a build occurrence.", "properties": { "inTotoSlsaProvenanceV1": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:InTotoSlsaProvenanceV1" }, "provenance": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:BuildProvenance", "description": "The actual provenance for the build." }, "provenanceBytes": { "type": "string", "description": "Serialized JSON representation of the provenance, used in generating the build signature in the corresponding build note. After verifying the signature, `provenance_bytes` can be unmarshalled and compared to the provenance to confirm that it is unchanged. A base64-encoded string representation of the provenance bytes is used for the signature in order to interoperate with openssl which expects this format for signature verification. The serialized form is captured both to avoid ambiguity in how the provenance is marshalled to json as well to prevent incompatibilities with future changes." } }, "type": "object", "required": [ "provenance" ] }, "google-native:containeranalysis/v1beta1:GrafeasV1beta1BuildDetailsResponse": { "description": "Details of a build occurrence.", "properties": { "inTotoSlsaProvenanceV1": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:InTotoSlsaProvenanceV1Response" }, "provenance": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:BuildProvenanceResponse", "description": "The actual provenance for the build." }, "provenanceBytes": { "type": "string", "description": "Serialized JSON representation of the provenance, used in generating the build signature in the corresponding build note. After verifying the signature, `provenance_bytes` can be unmarshalled and compared to the provenance to confirm that it is unchanged. A base64-encoded string representation of the provenance bytes is used for the signature in order to interoperate with openssl which expects this format for signature verification. The serialized form is captured both to avoid ambiguity in how the provenance is marshalled to json as well to prevent incompatibilities with future changes." } }, "type": "object", "required": [ "inTotoSlsaProvenanceV1", "provenance", "provenanceBytes" ] }, "google-native:containeranalysis/v1beta1:GrafeasV1beta1DeploymentDetails": { "description": "Details of a deployment occurrence.", "properties": { "deployment": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Deployment", "description": "Deployment history for the resource." } }, "type": "object", "required": [ "deployment" ] }, "google-native:containeranalysis/v1beta1:GrafeasV1beta1DeploymentDetailsResponse": { "description": "Details of a deployment occurrence.", "properties": { "deployment": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:DeploymentResponse", "description": "Deployment history for the resource." } }, "type": "object", "required": [ "deployment" ] }, "google-native:containeranalysis/v1beta1:GrafeasV1beta1DiscoveryDetails": { "description": "Details of a discovery occurrence.", "properties": { "discovered": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Discovered", "description": "Analysis status for the discovered resource." } }, "type": "object", "required": [ "discovered" ] }, "google-native:containeranalysis/v1beta1:GrafeasV1beta1DiscoveryDetailsResponse": { "description": "Details of a discovery occurrence.", "properties": { "discovered": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:DiscoveredResponse", "description": "Analysis status for the discovered resource." } }, "type": "object", "required": [ "discovered" ] }, "google-native:containeranalysis/v1beta1:GrafeasV1beta1ImageDetails": { "description": "Details of an image occurrence.", "properties": { "derivedImage": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Derived", "description": "Immutable. The child image derived from the base image." } }, "type": "object", "required": [ "derivedImage" ] }, "google-native:containeranalysis/v1beta1:GrafeasV1beta1ImageDetailsResponse": { "description": "Details of an image occurrence.", "properties": { "derivedImage": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:DerivedResponse", "description": "Immutable. The child image derived from the base image." } }, "type": "object", "required": [ "derivedImage" ] }, "google-native:containeranalysis/v1beta1:GrafeasV1beta1IntotoArtifact": { "properties": { "hashes": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:ArtifactHashes" }, "resourceUri": { "type": "string" } }, "type": "object" }, "google-native:containeranalysis/v1beta1:GrafeasV1beta1IntotoArtifactResponse": { "properties": { "hashes": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:ArtifactHashesResponse" }, "resourceUri": { "type": "string" } }, "type": "object", "required": [ "hashes", "resourceUri" ] }, "google-native:containeranalysis/v1beta1:GrafeasV1beta1IntotoDetails": { "description": "This corresponds to a signed in-toto link - it is made up of one or more signatures and the in-toto link itself. This is used for occurrences of a Grafeas in-toto note.", "properties": { "signatures": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:GrafeasV1beta1IntotoSignature" } }, "signed": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Link" } }, "type": "object" }, "google-native:containeranalysis/v1beta1:GrafeasV1beta1IntotoDetailsResponse": { "description": "This corresponds to a signed in-toto link - it is made up of one or more signatures and the in-toto link itself. This is used for occurrences of a Grafeas in-toto note.", "properties": { "signatures": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:GrafeasV1beta1IntotoSignatureResponse" } }, "signed": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:LinkResponse" } }, "type": "object", "required": [ "signatures", "signed" ] }, "google-native:containeranalysis/v1beta1:GrafeasV1beta1IntotoSignature": { "description": "A signature object consists of the KeyID used and the signature itself.", "properties": { "keyid": { "type": "string" }, "sig": { "type": "string" } }, "type": "object" }, "google-native:containeranalysis/v1beta1:GrafeasV1beta1IntotoSignatureResponse": { "description": "A signature object consists of the KeyID used and the signature itself.", "properties": { "keyid": { "type": "string" }, "sig": { "type": "string" } }, "type": "object", "required": [ "keyid", "sig" ] }, "google-native:containeranalysis/v1beta1:GrafeasV1beta1PackageDetails": { "description": "Details of a package occurrence.", "properties": { "installation": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Installation", "description": "Where the package was installed." } }, "type": "object", "required": [ "installation" ] }, "google-native:containeranalysis/v1beta1:GrafeasV1beta1PackageDetailsResponse": { "description": "Details of a package occurrence.", "properties": { "installation": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:InstallationResponse", "description": "Where the package was installed." } }, "type": "object", "required": [ "installation" ] }, "google-native:containeranalysis/v1beta1:GrafeasV1beta1VulnerabilityDetails": { "description": "Details of a vulnerability Occurrence.", "properties": { "cvssV2": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:CVSS", "description": "The cvss v2 score for the vulnerability." }, "cvssV3": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:CVSS", "description": "The cvss v3 score for the vulnerability." }, "effectiveSeverity": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:GrafeasV1beta1VulnerabilityDetailsEffectiveSeverity", "description": "The distro assigned severity for this vulnerability when it is available, and note provider assigned severity when distro has not yet assigned a severity for this vulnerability. When there are multiple PackageIssues for this vulnerability, they can have different effective severities because some might be provided by the distro while others are provided by the language ecosystem for a language pack. For this reason, it is advised to use the effective severity on the PackageIssue level. In the case where multiple PackageIssues have differing effective severities, this field should be the highest severity for any of the PackageIssues." }, "extraDetails": { "type": "string", "description": "Occurrence-specific extra details about the vulnerability." }, "packageIssue": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:PackageIssue" }, "description": "The set of affected locations and their fixes (if available) within the associated resource." }, "type": { "type": "string", "description": "The type of package; whether native or non native(ruby gems, node.js packages etc)" }, "vexAssessment": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:VexAssessment" } }, "type": "object", "required": [ "packageIssue" ] }, "google-native:containeranalysis/v1beta1:GrafeasV1beta1VulnerabilityDetailsEffectiveSeverity": { "description": "The distro assigned severity for this vulnerability when it is available, and note provider assigned severity when distro has not yet assigned a severity for this vulnerability. When there are multiple PackageIssues for this vulnerability, they can have different effective severities because some might be provided by the distro while others are provided by the language ecosystem for a language pack. For this reason, it is advised to use the effective severity on the PackageIssue level. In the case where multiple PackageIssues have differing effective severities, this field should be the highest severity for any of the PackageIssues.", "type": "string", "enum": [ { "name": "SeverityUnspecified", "description": "Unknown.", "value": "SEVERITY_UNSPECIFIED" }, { "name": "Minimal", "description": "Minimal severity.", "value": "MINIMAL" }, { "name": "Low", "description": "Low severity.", "value": "LOW" }, { "name": "Medium", "description": "Medium severity.", "value": "MEDIUM" }, { "name": "High", "description": "High severity.", "value": "HIGH" }, { "name": "Critical", "description": "Critical severity.", "value": "CRITICAL" } ] }, "google-native:containeranalysis/v1beta1:GrafeasV1beta1VulnerabilityDetailsResponse": { "description": "Details of a vulnerability Occurrence.", "properties": { "cvssScore": { "type": "number", "description": "The CVSS score of this vulnerability. CVSS score is on a scale of 0-10 where 0 indicates low severity and 10 indicates high severity." }, "cvssV2": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:CVSSResponse", "description": "The cvss v2 score for the vulnerability." }, "cvssV3": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:CVSSResponse", "description": "The cvss v3 score for the vulnerability." }, "cvssVersion": { "type": "string", "description": "CVSS version used to populate cvss_score and severity." }, "effectiveSeverity": { "type": "string", "description": "The distro assigned severity for this vulnerability when it is available, and note provider assigned severity when distro has not yet assigned a severity for this vulnerability. When there are multiple PackageIssues for this vulnerability, they can have different effective severities because some might be provided by the distro while others are provided by the language ecosystem for a language pack. For this reason, it is advised to use the effective severity on the PackageIssue level. In the case where multiple PackageIssues have differing effective severities, this field should be the highest severity for any of the PackageIssues." }, "extraDetails": { "type": "string", "description": "Occurrence-specific extra details about the vulnerability." }, "longDescription": { "type": "string", "description": "A detailed description of this vulnerability." }, "packageIssue": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:PackageIssueResponse" }, "description": "The set of affected locations and their fixes (if available) within the associated resource." }, "relatedUrls": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:RelatedUrlResponse" }, "description": "URLs related to this vulnerability." }, "severity": { "type": "string", "description": "The note provider assigned Severity of the vulnerability." }, "shortDescription": { "type": "string", "description": "A one sentence description of this vulnerability." }, "type": { "type": "string", "description": "The type of package; whether native or non native(ruby gems, node.js packages etc)" }, "vexAssessment": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:VexAssessmentResponse" } }, "type": "object", "required": [ "cvssScore", "cvssV2", "cvssV3", "cvssVersion", "effectiveSeverity", "extraDetails", "longDescription", "packageIssue", "relatedUrls", "severity", "shortDescription", "type", "vexAssessment" ] }, "google-native:containeranalysis/v1beta1:Hash": { "description": "Container message for hash values.", "properties": { "type": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:HashType", "description": "The type of hash that was performed." }, "value": { "type": "string", "description": "The hash value." } }, "type": "object", "required": [ "type", "value" ] }, "google-native:containeranalysis/v1beta1:HashResponse": { "description": "Container message for hash values.", "properties": { "type": { "type": "string", "description": "The type of hash that was performed." }, "value": { "type": "string", "description": "The hash value." } }, "type": "object", "required": [ "type", "value" ] }, "google-native:containeranalysis/v1beta1:HashType": { "description": "Required. The type of hash that was performed.", "type": "string", "enum": [ { "name": "HashTypeUnspecified", "description": "Unknown.", "value": "HASH_TYPE_UNSPECIFIED" }, { "name": "Sha256", "description": "A SHA-256 hash.", "value": "SHA256" }, { "name": "GoModuleH1", "description": "Dirhash of a Go module's source code which is then hex-encoded. See b/244466565 and https://github.com/in-toto/attestation/pull/108.", "value": "GO_MODULE_H1" }, { "name": "Sha512", "description": "A SHA-512 hash.", "value": "SHA512" } ] }, "google-native:containeranalysis/v1beta1:Hint": { "description": "This submessage provides human-readable hints about the purpose of the authority. Because the name of a note acts as its resource reference, it is important to disambiguate the canonical name of the Note (which might be a UUID for security purposes) from \"readable\" names more suitable for debug output. Note that these hints should not be used to look up authorities in security sensitive contexts, such as when looking up attestations to verify.", "properties": { "humanReadableName": { "type": "string", "description": "The human readable name of this attestation authority, for example \"qa\"." } }, "type": "object", "required": [ "humanReadableName" ] }, "google-native:containeranalysis/v1beta1:HintResponse": { "description": "This submessage provides human-readable hints about the purpose of the authority. Because the name of a note acts as its resource reference, it is important to disambiguate the canonical name of the Note (which might be a UUID for security purposes) from \"readable\" names more suitable for debug output. Note that these hints should not be used to look up authorities in security sensitive contexts, such as when looking up attestations to verify.", "properties": { "humanReadableName": { "type": "string", "description": "The human readable name of this attestation authority, for example \"qa\"." } }, "type": "object", "required": [ "humanReadableName" ] }, "google-native:containeranalysis/v1beta1:InToto": { "description": "This contains the fields corresponding to the definition of a software supply chain step in an in-toto layout. This information goes into a Grafeas note.", "properties": { "expectedCommand": { "type": "array", "items": { "type": "string" }, "description": "This field contains the expected command used to perform the step." }, "expectedMaterials": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:ArtifactRule" }, "description": "The following fields contain in-toto artifact rules identifying the artifacts that enter this supply chain step, and exit the supply chain step, i.e. materials and products of the step." }, "expectedProducts": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:ArtifactRule" } }, "signingKeys": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:SigningKey" }, "description": "This field contains the public keys that can be used to verify the signatures on the step metadata." }, "stepName": { "type": "string", "description": "This field identifies the name of the step in the supply chain." }, "threshold": { "type": "string", "description": "This field contains a value that indicates the minimum number of keys that need to be used to sign the step's in-toto link." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:InTotoResponse": { "description": "This contains the fields corresponding to the definition of a software supply chain step in an in-toto layout. This information goes into a Grafeas note.", "properties": { "expectedCommand": { "type": "array", "items": { "type": "string" }, "description": "This field contains the expected command used to perform the step." }, "expectedMaterials": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:ArtifactRuleResponse" }, "description": "The following fields contain in-toto artifact rules identifying the artifacts that enter this supply chain step, and exit the supply chain step, i.e. materials and products of the step." }, "expectedProducts": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:ArtifactRuleResponse" } }, "signingKeys": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:SigningKeyResponse" }, "description": "This field contains the public keys that can be used to verify the signatures on the step metadata." }, "stepName": { "type": "string", "description": "This field identifies the name of the step in the supply chain." }, "threshold": { "type": "string", "description": "This field contains a value that indicates the minimum number of keys that need to be used to sign the step's in-toto link." } }, "type": "object", "required": [ "expectedCommand", "expectedMaterials", "expectedProducts", "signingKeys", "stepName", "threshold" ] }, "google-native:containeranalysis/v1beta1:InTotoSlsaProvenanceV1": { "properties": { "predicate": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:SlsaProvenanceV1" }, "predicateType": { "type": "string" }, "subject": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Subject" } }, "type": { "type": "string", "description": "InToto spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement" } }, "type": "object" }, "google-native:containeranalysis/v1beta1:InTotoSlsaProvenanceV1Response": { "properties": { "predicate": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:SlsaProvenanceV1Response" }, "predicateType": { "type": "string" }, "subject": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:SubjectResponse" } }, "type": { "type": "string", "description": "InToto spec defined at https://github.com/in-toto/attestation/tree/main/spec#statement" } }, "type": "object", "required": [ "predicate", "predicateType", "subject", "type" ] }, "google-native:containeranalysis/v1beta1:Installation": { "description": "This represents how a particular software package may be installed on a system.", "properties": { "license": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:License", "description": "Licenses that have been declared by the authors of the package." }, "location": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Location" }, "description": "All of the places within the filesystem versions of this package have been found." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:InstallationResponse": { "description": "This represents how a particular software package may be installed on a system.", "properties": { "architecture": { "type": "string", "description": "The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages." }, "cpeUri": { "type": "string", "description": "The cpe_uri in [CPE format](https://cpe.mitre.org/specification/) denoting the package manager version distributing a package. The cpe_uri will be blank for language packages." }, "license": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:LicenseResponse", "description": "Licenses that have been declared by the authors of the package." }, "location": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:LocationResponse" }, "description": "All of the places within the filesystem versions of this package have been found." }, "name": { "type": "string", "description": "The name of the installed package." }, "packageType": { "type": "string", "description": "The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.)." }, "version": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:VersionResponse", "description": "The version of the package." } }, "type": "object", "required": [ "architecture", "cpeUri", "license", "location", "name", "packageType", "version" ] }, "google-native:containeranalysis/v1beta1:Justification": { "description": "Justification provides the justification when the state of the assessment if NOT_AFFECTED.", "properties": { "details": { "type": "string", "description": "Additional details on why this justification was chosen." }, "justificationType": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:JustificationJustificationType", "description": "The justification type for this vulnerability." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:JustificationJustificationType": { "description": "The justification type for this vulnerability.", "type": "string", "enum": [ { "name": "JustificationTypeUnspecified", "description": "JUSTIFICATION_TYPE_UNSPECIFIED.", "value": "JUSTIFICATION_TYPE_UNSPECIFIED" }, { "name": "ComponentNotPresent", "description": "The vulnerable component is not present in the product.", "value": "COMPONENT_NOT_PRESENT" }, { "name": "VulnerableCodeNotPresent", "description": "The vulnerable code is not present. Typically this case occurs when source code is configured or built in a way that excludes the vulnerable code.", "value": "VULNERABLE_CODE_NOT_PRESENT" }, { "name": "VulnerableCodeNotInExecutePath", "description": "The vulnerable code can not be executed. Typically this case occurs when the product includes the vulnerable code but does not call or use the vulnerable code.", "value": "VULNERABLE_CODE_NOT_IN_EXECUTE_PATH" }, { "name": "VulnerableCodeCannotBeControlledByAdversary", "description": "The vulnerable code cannot be controlled by an attacker to exploit the vulnerability.", "value": "VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARY" }, { "name": "InlineMitigationsAlreadyExist", "description": "The product includes built-in protections or features that prevent exploitation of the vulnerability. These built-in protections cannot be subverted by the attacker and cannot be configured or disabled by the user. These mitigations completely prevent exploitation based on known attack vectors.", "value": "INLINE_MITIGATIONS_ALREADY_EXIST" } ] }, "google-native:containeranalysis/v1beta1:JustificationResponse": { "description": "Justification provides the justification when the state of the assessment if NOT_AFFECTED.", "properties": { "details": { "type": "string", "description": "Additional details on why this justification was chosen." }, "justificationType": { "type": "string", "description": "The justification type for this vulnerability." } }, "type": "object", "required": [ "details", "justificationType" ] }, "google-native:containeranalysis/v1beta1:KnowledgeBase": { "properties": { "name": { "type": "string", "description": "The KB name (generally of the form KB[0-9]+ i.e. KB123456)." }, "url": { "type": "string", "description": "A link to the KB in the Windows update catalog - https://www.catalog.update.microsoft.com/" } }, "type": "object" }, "google-native:containeranalysis/v1beta1:KnowledgeBaseResponse": { "properties": { "name": { "type": "string", "description": "The KB name (generally of the form KB[0-9]+ i.e. KB123456)." }, "url": { "type": "string", "description": "A link to the KB in the Windows update catalog - https://www.catalog.update.microsoft.com/" } }, "type": "object", "required": [ "name", "url" ] }, "google-native:containeranalysis/v1beta1:Layer": { "description": "Layer holds metadata specific to a layer of a Docker image.", "properties": { "arguments": { "type": "string", "description": "The recovered arguments to the Dockerfile directive." }, "directive": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:LayerDirective", "description": "The recovered Dockerfile directive used to construct this layer." } }, "type": "object", "required": [ "directive" ] }, "google-native:containeranalysis/v1beta1:LayerDirective": { "description": "Required. The recovered Dockerfile directive used to construct this layer.", "type": "string", "enum": [ { "name": "DirectiveUnspecified", "description": "Default value for unsupported/missing directive.", "value": "DIRECTIVE_UNSPECIFIED" }, { "name": "Maintainer", "description": "https://docs.docker.com/engine/reference/builder/", "value": "MAINTAINER" }, { "name": "Run", "description": "https://docs.docker.com/engine/reference/builder/", "value": "RUN" }, { "name": "Cmd", "description": "https://docs.docker.com/engine/reference/builder/", "value": "CMD" }, { "name": "Label", "description": "https://docs.docker.com/engine/reference/builder/", "value": "LABEL" }, { "name": "Expose", "description": "https://docs.docker.com/engine/reference/builder/", "value": "EXPOSE" }, { "name": "Env", "description": "https://docs.docker.com/engine/reference/builder/", "value": "ENV" }, { "name": "Add", "description": "https://docs.docker.com/engine/reference/builder/", "value": "ADD" }, { "name": "Copy", "description": "https://docs.docker.com/engine/reference/builder/", "value": "COPY" }, { "name": "Entrypoint", "description": "https://docs.docker.com/engine/reference/builder/", "value": "ENTRYPOINT" }, { "name": "Volume", "description": "https://docs.docker.com/engine/reference/builder/", "value": "VOLUME" }, { "name": "User", "description": "https://docs.docker.com/engine/reference/builder/", "value": "USER" }, { "name": "Workdir", "description": "https://docs.docker.com/engine/reference/builder/", "value": "WORKDIR" }, { "name": "Arg", "description": "https://docs.docker.com/engine/reference/builder/", "value": "ARG" }, { "name": "Onbuild", "description": "https://docs.docker.com/engine/reference/builder/", "value": "ONBUILD" }, { "name": "Stopsignal", "description": "https://docs.docker.com/engine/reference/builder/", "value": "STOPSIGNAL" }, { "name": "Healthcheck", "description": "https://docs.docker.com/engine/reference/builder/", "value": "HEALTHCHECK" }, { "name": "Shell", "description": "https://docs.docker.com/engine/reference/builder/", "value": "SHELL" } ] }, "google-native:containeranalysis/v1beta1:LayerResponse": { "description": "Layer holds metadata specific to a layer of a Docker image.", "properties": { "arguments": { "type": "string", "description": "The recovered arguments to the Dockerfile directive." }, "directive": { "type": "string", "description": "The recovered Dockerfile directive used to construct this layer." } }, "type": "object", "required": [ "arguments", "directive" ] }, "google-native:containeranalysis/v1beta1:License": { "description": "License information.", "properties": { "comments": { "type": "string", "description": "Comments" }, "expression": { "type": "string", "description": "Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: \"LGPL-2.1-only OR MIT\", \"LGPL-2.1-only AND MIT\", \"GPL-2.0-or-later WITH Bison-exception-2.2\"." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:LicenseResponse": { "description": "License information.", "properties": { "comments": { "type": "string", "description": "Comments" }, "expression": { "type": "string", "description": "Often a single license can be used to represent the licensing terms. Sometimes it is necessary to include a choice of one or more licenses or some combination of license identifiers. Examples: \"LGPL-2.1-only OR MIT\", \"LGPL-2.1-only AND MIT\", \"GPL-2.0-or-later WITH Bison-exception-2.2\"." } }, "type": "object", "required": [ "comments", "expression" ] }, "google-native:containeranalysis/v1beta1:Link": { "description": "This corresponds to an in-toto link.", "properties": { "byproducts": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:ByProducts", "description": "ByProducts are data generated as part of a software supply chain step, but are not the actual result of the step." }, "command": { "type": "array", "items": { "type": "string" }, "description": "This field contains the full command executed for the step. This can also be empty if links are generated for operations that aren't directly mapped to a specific command. Each term in the command is an independent string in the list. An example of a command in the in-toto metadata field is: \"command\": [\"git\", \"clone\", \"https://github.com/in-toto/demo-project.git\"]" }, "environment": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Environment", "description": "This is a field that can be used to capture information about the environment. It is suggested for this field to contain information that details environment variables, filesystem information, and the present working directory. The recommended structure of this field is: \"environment\": { \"custom_values\": { \"variables\": \"\", \"filesystem\": \"\", \"workdir\": \"\", \"\": \"...\" } }" }, "materials": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:GrafeasV1beta1IntotoArtifact" }, "description": "Materials are the supply chain artifacts that go into the step and are used for the operation performed. The key of the map is the path of the artifact and the structure contains the recorded hash information. An example is: \"materials\": [ { \"resource_uri\": \"foo/bar\", \"hashes\": { \"sha256\": \"ebebf...\", : } } ]" }, "products": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:GrafeasV1beta1IntotoArtifact" }, "description": "Products are the supply chain artifacts generated as a result of the step. The structure is identical to that of materials." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:LinkResponse": { "description": "This corresponds to an in-toto link.", "properties": { "byproducts": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:ByProductsResponse", "description": "ByProducts are data generated as part of a software supply chain step, but are not the actual result of the step." }, "command": { "type": "array", "items": { "type": "string" }, "description": "This field contains the full command executed for the step. This can also be empty if links are generated for operations that aren't directly mapped to a specific command. Each term in the command is an independent string in the list. An example of a command in the in-toto metadata field is: \"command\": [\"git\", \"clone\", \"https://github.com/in-toto/demo-project.git\"]" }, "environment": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:EnvironmentResponse", "description": "This is a field that can be used to capture information about the environment. It is suggested for this field to contain information that details environment variables, filesystem information, and the present working directory. The recommended structure of this field is: \"environment\": { \"custom_values\": { \"variables\": \"\", \"filesystem\": \"\", \"workdir\": \"\", \"\": \"...\" } }" }, "materials": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:GrafeasV1beta1IntotoArtifactResponse" }, "description": "Materials are the supply chain artifacts that go into the step and are used for the operation performed. The key of the map is the path of the artifact and the structure contains the recorded hash information. An example is: \"materials\": [ { \"resource_uri\": \"foo/bar\", \"hashes\": { \"sha256\": \"ebebf...\", : } } ]" }, "products": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:GrafeasV1beta1IntotoArtifactResponse" }, "description": "Products are the supply chain artifacts generated as a result of the step. The structure is identical to that of materials." } }, "type": "object", "required": [ "byproducts", "command", "environment", "materials", "products" ] }, "google-native:containeranalysis/v1beta1:Location": { "description": "An occurrence of a particular package installation found within a system's filesystem. E.g., glibc was found in `/var/lib/dpkg/status`.", "properties": { "cpeUri": { "type": "string", "description": "Deprecated. The CPE URI in [CPE format](https://cpe.mitre.org/specification/) denoting the package manager version distributing a package.", "deprecationMessage": "Deprecated. The CPE URI in [CPE format](https://cpe.mitre.org/specification/) denoting the package manager version distributing a package." }, "path": { "type": "string", "description": "The path from which we gathered that this package/version is installed." }, "version": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Version", "description": "Deprecated. The version installed at this location.", "deprecationMessage": "Deprecated. The version installed at this location." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:LocationResponse": { "description": "An occurrence of a particular package installation found within a system's filesystem. E.g., glibc was found in `/var/lib/dpkg/status`.", "properties": { "cpeUri": { "type": "string", "description": "Deprecated. The CPE URI in [CPE format](https://cpe.mitre.org/specification/) denoting the package manager version distributing a package.", "deprecationMessage": "Deprecated. The CPE URI in [CPE format](https://cpe.mitre.org/specification/) denoting the package manager version distributing a package." }, "path": { "type": "string", "description": "The path from which we gathered that this package/version is installed." }, "version": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:VersionResponse", "description": "Deprecated. The version installed at this location.", "deprecationMessage": "Deprecated. The version installed at this location." } }, "type": "object", "required": [ "cpeUri", "path", "version" ] }, "google-native:containeranalysis/v1beta1:Package": { "description": "Package represents a particular package version.", "properties": { "architecture": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:PackageArchitecture", "description": "The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages." }, "cpeUri": { "type": "string", "description": "The cpe_uri in [CPE format](https://cpe.mitre.org/specification/) denoting the package manager version distributing a package. The cpe_uri will be blank for language packages." }, "description": { "type": "string", "description": "The description of this package." }, "digest": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Digest" }, "description": "Hash value, typically a file digest, that allows unique identification a specific package." }, "distribution": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Distribution" }, "description": "The various channels by which a package is distributed." }, "license": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:License", "description": "Licenses that have been declared by the authors of the package." }, "maintainer": { "type": "string", "description": "A freeform text denoting the maintainer of this package." }, "name": { "type": "string", "description": "Immutable. The name of the package." }, "packageType": { "type": "string", "description": "The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.)." }, "url": { "type": "string", "description": "The homepage for this package." }, "version": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Version", "description": "The version of the package." } }, "type": "object", "required": [ "name" ] }, "google-native:containeranalysis/v1beta1:PackageArchitecture": { "description": "The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.", "type": "string", "enum": [ { "name": "ArchitectureUnspecified", "description": "Unknown architecture.", "value": "ARCHITECTURE_UNSPECIFIED" }, { "name": "X86", "description": "X86 architecture.", "value": "X86" }, { "name": "X64", "description": "X64 architecture.", "value": "X64" } ] }, "google-native:containeranalysis/v1beta1:PackageInfoNote": { "description": "PackageInfoNote represents an SPDX Package Information section: https://spdx.github.io/spdx-spec/3-package-information/", "properties": { "analyzed": { "type": "boolean", "description": "Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document" }, "attribution": { "type": "string", "description": "A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts" }, "checksum": { "type": "string", "description": "Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file" }, "copyright": { "type": "string", "description": "Identify the copyright holders of the package, as well as any dates present" }, "detailedDescription": { "type": "string", "description": "A more detailed description of the package" }, "downloadLocation": { "type": "string", "description": "This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created" }, "externalRefs": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:ExternalRef" }, "description": "ExternalRef" }, "filesLicenseInfo": { "type": "array", "items": { "type": "string" }, "description": "Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found" }, "homePage": { "type": "string", "description": "Provide a place for the SPDX file creator to record a web site that serves as the package's home page" }, "licenseDeclared": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:License", "description": "List the licenses that have been declared by the authors of the package" }, "originator": { "type": "string", "description": "If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came" }, "packageType": { "type": "string", "description": "The type of package: OS, MAVEN, GO, GO_STDLIB, etc." }, "summaryDescription": { "type": "string", "description": "A short description of the package" }, "supplier": { "type": "string", "description": "Identify the actual distribution source for the package/directory identified in the SPDX file" }, "title": { "type": "string", "description": "Identify the full name of the package as given by the Package Originator" }, "verificationCode": { "type": "string", "description": "This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file" }, "version": { "type": "string", "description": "Identify the version of the package" } }, "type": "object" }, "google-native:containeranalysis/v1beta1:PackageInfoNoteResponse": { "description": "PackageInfoNote represents an SPDX Package Information section: https://spdx.github.io/spdx-spec/3-package-information/", "properties": { "analyzed": { "type": "boolean", "description": "Indicates whether the file content of this package has been available for or subjected to analysis when creating the SPDX document" }, "attribution": { "type": "string", "description": "A place for the SPDX data creator to record, at the package level, acknowledgements that may be needed to be communicated in some contexts" }, "checksum": { "type": "string", "description": "Provide an independently reproducible mechanism that permits unique identification of a specific package that correlates to the data in this SPDX file" }, "copyright": { "type": "string", "description": "Identify the copyright holders of the package, as well as any dates present" }, "detailedDescription": { "type": "string", "description": "A more detailed description of the package" }, "downloadLocation": { "type": "string", "description": "This section identifies the download Universal Resource Locator (URL), or a specific location within a version control system (VCS) for the package at the time that the SPDX file was created" }, "externalRefs": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:ExternalRefResponse" }, "description": "ExternalRef" }, "filesLicenseInfo": { "type": "array", "items": { "type": "string" }, "description": "Contain the license the SPDX file creator has concluded as governing the This field is to contain a list of all licenses found in the package. The relationship between licenses (i.e., conjunctive, disjunctive) is not specified in this field – it is simply a listing of all licenses found" }, "homePage": { "type": "string", "description": "Provide a place for the SPDX file creator to record a web site that serves as the package's home page" }, "licenseDeclared": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:LicenseResponse", "description": "List the licenses that have been declared by the authors of the package" }, "originator": { "type": "string", "description": "If the package identified in the SPDX file originated from a different person or organization than identified as Package Supplier, this field identifies from where or whom the package originally came" }, "packageType": { "type": "string", "description": "The type of package: OS, MAVEN, GO, GO_STDLIB, etc." }, "summaryDescription": { "type": "string", "description": "A short description of the package" }, "supplier": { "type": "string", "description": "Identify the actual distribution source for the package/directory identified in the SPDX file" }, "title": { "type": "string", "description": "Identify the full name of the package as given by the Package Originator" }, "verificationCode": { "type": "string", "description": "This field provides an independently reproducible mechanism identifying specific contents of a package based on the actual files (except the SPDX file itself, if it is included in the package) that make up each package and that correlates to the data in this SPDX file" }, "version": { "type": "string", "description": "Identify the version of the package" } }, "type": "object", "required": [ "analyzed", "attribution", "checksum", "copyright", "detailedDescription", "downloadLocation", "externalRefs", "filesLicenseInfo", "homePage", "licenseDeclared", "originator", "packageType", "summaryDescription", "supplier", "title", "verificationCode", "version" ] }, "google-native:containeranalysis/v1beta1:PackageInfoOccurrence": { "description": "PackageInfoOccurrence represents an SPDX Package Information section: https://spdx.github.io/spdx-spec/3-package-information/", "properties": { "comment": { "type": "string", "description": "A place for the SPDX file creator to record any general comments about the package being described" }, "filename": { "type": "string", "description": "Provide the actual file name of the package, or path of the directory being treated as a package" }, "id": { "type": "string", "description": "Uniquely identify any element in an SPDX document which may be referenced by other elements" }, "licenseConcluded": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:License", "description": "package or alternative values, if the governing license cannot be determined" }, "sourceInfo": { "type": "string", "description": "Provide a place for the SPDX file creator to record any relevant background information or additional comments about the origin of the package" } }, "type": "object" }, "google-native:containeranalysis/v1beta1:PackageInfoOccurrenceResponse": { "description": "PackageInfoOccurrence represents an SPDX Package Information section: https://spdx.github.io/spdx-spec/3-package-information/", "properties": { "comment": { "type": "string", "description": "A place for the SPDX file creator to record any general comments about the package being described" }, "filename": { "type": "string", "description": "Provide the actual file name of the package, or path of the directory being treated as a package" }, "homePage": { "type": "string", "description": "Provide a place for the SPDX file creator to record a web site that serves as the package's home page" }, "licenseConcluded": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:LicenseResponse", "description": "package or alternative values, if the governing license cannot be determined" }, "packageType": { "type": "string", "description": "The type of package: OS, MAVEN, GO, GO_STDLIB, etc." }, "sourceInfo": { "type": "string", "description": "Provide a place for the SPDX file creator to record any relevant background information or additional comments about the origin of the package" }, "summaryDescription": { "type": "string", "description": "A short description of the package" }, "title": { "type": "string", "description": "Identify the full name of the package as given by the Package Originator" }, "version": { "type": "string", "description": "Identify the version of the package" } }, "type": "object", "required": [ "comment", "filename", "homePage", "licenseConcluded", "packageType", "sourceInfo", "summaryDescription", "title", "version" ] }, "google-native:containeranalysis/v1beta1:PackageIssue": { "description": "This message wraps a location affected by a vulnerability and its associated fix (if one is available).", "properties": { "affectedLocation": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:VulnerabilityLocation", "description": "The location of the vulnerability." }, "fixedLocation": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:VulnerabilityLocation", "description": "The location of the available fix for vulnerability." }, "packageType": { "type": "string", "description": "The type of package (e.g. OS, MAVEN, GO)." }, "severityName": { "type": "string", "description": "Deprecated, use Details.effective_severity instead The severity (e.g., distro assigned severity) for this vulnerability.", "deprecationMessage": "Deprecated, use Details.effective_severity instead The severity (e.g., distro assigned severity) for this vulnerability." } }, "type": "object", "required": [ "affectedLocation" ] }, "google-native:containeranalysis/v1beta1:PackageIssueResponse": { "description": "This message wraps a location affected by a vulnerability and its associated fix (if one is available).", "properties": { "affectedLocation": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:VulnerabilityLocationResponse", "description": "The location of the vulnerability." }, "effectiveSeverity": { "type": "string", "description": "The distro or language system assigned severity for this vulnerability when that is available and note provider assigned severity when it is not available." }, "fixedLocation": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:VulnerabilityLocationResponse", "description": "The location of the available fix for vulnerability." }, "packageType": { "type": "string", "description": "The type of package (e.g. OS, MAVEN, GO)." }, "severityName": { "type": "string", "description": "Deprecated, use Details.effective_severity instead The severity (e.g., distro assigned severity) for this vulnerability.", "deprecationMessage": "Deprecated, use Details.effective_severity instead The severity (e.g., distro assigned severity) for this vulnerability." } }, "type": "object", "required": [ "affectedLocation", "effectiveSeverity", "fixedLocation", "packageType", "severityName" ] }, "google-native:containeranalysis/v1beta1:PackageResponse": { "description": "Package represents a particular package version.", "properties": { "architecture": { "type": "string", "description": "The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages." }, "cpeUri": { "type": "string", "description": "The cpe_uri in [CPE format](https://cpe.mitre.org/specification/) denoting the package manager version distributing a package. The cpe_uri will be blank for language packages." }, "description": { "type": "string", "description": "The description of this package." }, "digest": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:DigestResponse" }, "description": "Hash value, typically a file digest, that allows unique identification a specific package." }, "distribution": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:DistributionResponse" }, "description": "The various channels by which a package is distributed." }, "license": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:LicenseResponse", "description": "Licenses that have been declared by the authors of the package." }, "maintainer": { "type": "string", "description": "A freeform text denoting the maintainer of this package." }, "name": { "type": "string", "description": "Immutable. The name of the package." }, "packageType": { "type": "string", "description": "The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.)." }, "url": { "type": "string", "description": "The homepage for this package." }, "version": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:VersionResponse", "description": "The version of the package." } }, "type": "object", "required": [ "architecture", "cpeUri", "description", "digest", "distribution", "license", "maintainer", "name", "packageType", "url", "version" ] }, "google-native:containeranalysis/v1beta1:PgpSignedAttestation": { "description": "An attestation wrapper with a PGP-compatible signature. This message only supports `ATTACHED` signatures, where the payload that is signed is included alongside the signature itself in the same file.", "properties": { "contentType": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:PgpSignedAttestationContentType", "description": "Type (for example schema) of the attestation payload that was signed. The verifier must ensure that the provided type is one that the verifier supports, and that the attestation payload is a valid instantiation of that type (for example by validating a JSON schema)." }, "pgpKeyId": { "type": "string", "description": "The cryptographic fingerprint of the key used to generate the signature, as output by, e.g. `gpg --list-keys`. This should be the version 4, full 160-bit fingerprint, expressed as a 40 character hexadecimal string. See https://tools.ietf.org/html/rfc4880#section-12.2 for details. Implementations may choose to acknowledge \"LONG\", \"SHORT\", or other abbreviated key IDs, but only the full fingerprint is guaranteed to work. In gpg, the full fingerprint can be retrieved from the `fpr` field returned when calling --list-keys with --with-colons. For example: ``` gpg --with-colons --with-fingerprint --force-v4-certs \\ --list-keys attester@example.com tru::1:1513631572:0:3:1:5 pub:...... fpr:::::::::24FF6481B76AC91E66A00AC657A93A81EF3AE6FB: ``` Above, the fingerprint is `24FF6481B76AC91E66A00AC657A93A81EF3AE6FB`." }, "signature": { "type": "string", "description": "The raw content of the signature, as output by GNU Privacy Guard (GPG) or equivalent. Since this message only supports attached signatures, the payload that was signed must be attached. While the signature format supported is dependent on the verification implementation, currently only ASCII-armored (`--armor` to gpg), non-clearsigned (`--sign` rather than `--clearsign` to gpg) are supported. Concretely, `gpg --sign --armor --output=signature.gpg payload.json` will create the signature content expected in this field in `signature.gpg` for the `payload.json` attestation payload." } }, "type": "object", "required": [ "signature" ] }, "google-native:containeranalysis/v1beta1:PgpSignedAttestationContentType": { "description": "Type (for example schema) of the attestation payload that was signed. The verifier must ensure that the provided type is one that the verifier supports, and that the attestation payload is a valid instantiation of that type (for example by validating a JSON schema).", "type": "string", "enum": [ { "name": "ContentTypeUnspecified", "description": "`ContentType` is not set.", "value": "CONTENT_TYPE_UNSPECIFIED" }, { "name": "SimpleSigningJson", "description": "Atomic format attestation signature. See https://github.com/containers/image/blob/8a5d2f82a6e3263290c8e0276c3e0f64e77723e7/docs/atomic-signature.md The payload extracted from `signature` is a JSON blob conforming to the linked schema.", "value": "SIMPLE_SIGNING_JSON" } ] }, "google-native:containeranalysis/v1beta1:PgpSignedAttestationResponse": { "description": "An attestation wrapper with a PGP-compatible signature. This message only supports `ATTACHED` signatures, where the payload that is signed is included alongside the signature itself in the same file.", "properties": { "contentType": { "type": "string", "description": "Type (for example schema) of the attestation payload that was signed. The verifier must ensure that the provided type is one that the verifier supports, and that the attestation payload is a valid instantiation of that type (for example by validating a JSON schema)." }, "pgpKeyId": { "type": "string", "description": "The cryptographic fingerprint of the key used to generate the signature, as output by, e.g. `gpg --list-keys`. This should be the version 4, full 160-bit fingerprint, expressed as a 40 character hexadecimal string. See https://tools.ietf.org/html/rfc4880#section-12.2 for details. Implementations may choose to acknowledge \"LONG\", \"SHORT\", or other abbreviated key IDs, but only the full fingerprint is guaranteed to work. In gpg, the full fingerprint can be retrieved from the `fpr` field returned when calling --list-keys with --with-colons. For example: ``` gpg --with-colons --with-fingerprint --force-v4-certs \\ --list-keys attester@example.com tru::1:1513631572:0:3:1:5 pub:...... fpr:::::::::24FF6481B76AC91E66A00AC657A93A81EF3AE6FB: ``` Above, the fingerprint is `24FF6481B76AC91E66A00AC657A93A81EF3AE6FB`." }, "signature": { "type": "string", "description": "The raw content of the signature, as output by GNU Privacy Guard (GPG) or equivalent. Since this message only supports attached signatures, the payload that was signed must be attached. While the signature format supported is dependent on the verification implementation, currently only ASCII-armored (`--armor` to gpg), non-clearsigned (`--sign` rather than `--clearsign` to gpg) are supported. Concretely, `gpg --sign --armor --output=signature.gpg payload.json` will create the signature content expected in this field in `signature.gpg` for the `payload.json` attestation payload." } }, "type": "object", "required": [ "contentType", "pgpKeyId", "signature" ] }, "google-native:containeranalysis/v1beta1:Product": { "description": "Product contains information about a product and how to uniquely identify it.", "properties": { "genericUri": { "type": "string", "description": "Contains a URI which is vendor-specific. Example: The artifact repository URL of an image." }, "id": { "type": "string", "description": "Token that identifies a product so that it can be referred to from other parts in the document. There is no predefined format as long as it uniquely identifies a group in the context of the current document." }, "name": { "type": "string", "description": "Name of the product." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:ProductResponse": { "description": "Product contains information about a product and how to uniquely identify it.", "properties": { "genericUri": { "type": "string", "description": "Contains a URI which is vendor-specific. Example: The artifact repository URL of an image." }, "name": { "type": "string", "description": "Name of the product." } }, "type": "object", "required": [ "genericUri", "name" ] }, "google-native:containeranalysis/v1beta1:ProjectRepoId": { "description": "Selects a repo using a Google Cloud Platform project ID (e.g., winged-cargo-31) and a repo name within that project.", "properties": { "project": { "type": "string", "description": "The ID of the project." }, "repoName": { "type": "string", "description": "The name of the repo. Leave empty for the default repo." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:ProjectRepoIdResponse": { "description": "Selects a repo using a Google Cloud Platform project ID (e.g., winged-cargo-31) and a repo name within that project.", "properties": { "project": { "type": "string", "description": "The ID of the project." }, "repoName": { "type": "string", "description": "The name of the repo. Leave empty for the default repo." } }, "type": "object", "required": [ "project", "repoName" ] }, "google-native:containeranalysis/v1beta1:ProvenanceBuilder": { "properties": { "builderDependencies": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:ResourceDescriptor" } }, "id": { "type": "string" }, "version": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object" }, "google-native:containeranalysis/v1beta1:ProvenanceBuilderResponse": { "properties": { "builderDependencies": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:ResourceDescriptorResponse" } }, "version": { "type": "object", "additionalProperties": { "type": "string" } } }, "type": "object", "required": [ "builderDependencies", "version" ] }, "google-native:containeranalysis/v1beta1:Publisher": { "description": "Publisher contains information about the publisher of this Note.", "properties": { "issuingAuthority": { "type": "string", "description": "Provides information about the authority of the issuing party to release the document, in particular, the party's constituency and responsibilities or other obligations." }, "name": { "type": "string", "description": "Name of the publisher. Examples: 'Google', 'Google Cloud Platform'." }, "publisherNamespace": { "type": "string", "description": "The context or namespace. Contains a URL which is under control of the issuing party and can be used as a globally unique identifier for that issuing party. Example: https://csaf.io" } }, "type": "object" }, "google-native:containeranalysis/v1beta1:PublisherResponse": { "description": "Publisher contains information about the publisher of this Note.", "properties": { "issuingAuthority": { "type": "string", "description": "Provides information about the authority of the issuing party to release the document, in particular, the party's constituency and responsibilities or other obligations." }, "name": { "type": "string", "description": "Name of the publisher. Examples: 'Google', 'Google Cloud Platform'." }, "publisherNamespace": { "type": "string", "description": "The context or namespace. Contains a URL which is under control of the issuing party and can be used as a globally unique identifier for that issuing party. Example: https://csaf.io" } }, "type": "object", "required": [ "issuingAuthority", "name", "publisherNamespace" ] }, "google-native:containeranalysis/v1beta1:RelatedUrl": { "description": "Metadata for any related URL information.", "properties": { "label": { "type": "string", "description": "Label to describe usage of the URL." }, "url": { "type": "string", "description": "Specific URL associated with the resource." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:RelatedUrlResponse": { "description": "Metadata for any related URL information.", "properties": { "label": { "type": "string", "description": "Label to describe usage of the URL." }, "url": { "type": "string", "description": "Specific URL associated with the resource." } }, "type": "object", "required": [ "label", "url" ] }, "google-native:containeranalysis/v1beta1:RelationshipNote": { "description": "RelationshipNote represents an SPDX Relationship section: https://spdx.github.io/spdx-spec/7-relationships-between-SPDX-elements/", "properties": { "type": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:RelationshipNoteType", "description": "The type of relationship between the source and target SPDX elements" } }, "type": "object" }, "google-native:containeranalysis/v1beta1:RelationshipNoteResponse": { "description": "RelationshipNote represents an SPDX Relationship section: https://spdx.github.io/spdx-spec/7-relationships-between-SPDX-elements/", "properties": { "type": { "type": "string", "description": "The type of relationship between the source and target SPDX elements" } }, "type": "object", "required": [ "type" ] }, "google-native:containeranalysis/v1beta1:RelationshipNoteType": { "description": "The type of relationship between the source and target SPDX elements", "type": "string", "enum": [ { "name": "RelationshipTypeUnspecified", "description": "Unspecified", "value": "RELATIONSHIP_TYPE_UNSPECIFIED" }, { "name": "Describes", "description": "Is to be used when SPDXRef-DOCUMENT describes SPDXRef-A", "value": "DESCRIBES" }, { "name": "DescribedBy", "description": "Is to be used when SPDXRef-A is described by SPDXREF-Document", "value": "DESCRIBED_BY" }, { "name": "Contains", "description": "Is to be used when SPDXRef-A contains SPDXRef-B", "value": "CONTAINS" }, { "name": "ContainedBy", "description": "Is to be used when SPDXRef-A is contained by SPDXRef-B", "value": "CONTAINED_BY" }, { "name": "DependsOn", "description": "Is to be used when SPDXRef-A depends on SPDXRef-B", "value": "DEPENDS_ON" }, { "name": "DependencyOf", "description": "Is to be used when SPDXRef-A is dependency of SPDXRef-B", "value": "DEPENDENCY_OF" }, { "name": "DependencyManifestOf", "description": "Is to be used when SPDXRef-A is a manifest file that lists a set of dependencies for SPDXRef-B", "value": "DEPENDENCY_MANIFEST_OF" }, { "name": "BuildDependencyOf", "description": "Is to be used when SPDXRef-A is a build dependency of SPDXRef-B", "value": "BUILD_DEPENDENCY_OF" }, { "name": "DevDependencyOf", "description": "Is to be used when SPDXRef-A is a development dependency of SPDXRef-B", "value": "DEV_DEPENDENCY_OF" }, { "name": "OptionalDependencyOf", "description": "Is to be used when SPDXRef-A is an optional dependency of SPDXRef-B", "value": "OPTIONAL_DEPENDENCY_OF" }, { "name": "ProvidedDependencyOf", "description": "Is to be used when SPDXRef-A is a to be provided dependency of SPDXRef-B", "value": "PROVIDED_DEPENDENCY_OF" }, { "name": "TestDependencyOf", "description": "Is to be used when SPDXRef-A is a test dependency of SPDXRef-B", "value": "TEST_DEPENDENCY_OF" }, { "name": "RuntimeDependencyOf", "description": "Is to be used when SPDXRef-A is a dependency required for the execution of SPDXRef-B", "value": "RUNTIME_DEPENDENCY_OF" }, { "name": "ExampleOf", "description": "Is to be used when SPDXRef-A is an example of SPDXRef-B", "value": "EXAMPLE_OF" }, { "name": "Generates", "description": "Is to be used when SPDXRef-A generates SPDXRef-B", "value": "GENERATES" }, { "name": "GeneratedFrom", "description": "Is to be used when SPDXRef-A was generated from SPDXRef-B", "value": "GENERATED_FROM" }, { "name": "AncestorOf", "description": "Is to be used when SPDXRef-A is an ancestor (same lineage but pre-dates) SPDXRef-B", "value": "ANCESTOR_OF" }, { "name": "DescendantOf", "description": "Is to be used when SPDXRef-A is a descendant of (same lineage but postdates) SPDXRef-B", "value": "DESCENDANT_OF" }, { "name": "VariantOf", "description": "Is to be used when SPDXRef-A is a variant of (same lineage but not clear which came first) SPDXRef-B", "value": "VARIANT_OF" }, { "name": "DistributionArtifact", "description": "Is to be used when distributing SPDXRef-A requires that SPDXRef-B also be distributed", "value": "DISTRIBUTION_ARTIFACT" }, { "name": "PatchFor", "description": "Is to be used when SPDXRef-A is a patch file for (to be applied to) SPDXRef-B", "value": "PATCH_FOR" }, { "name": "PatchApplied", "description": "Is to be used when SPDXRef-A is a patch file that has been applied to SPDXRef-B", "value": "PATCH_APPLIED" }, { "name": "CopyOf", "description": "Is to be used when SPDXRef-A is an exact copy of SPDXRef-B", "value": "COPY_OF" }, { "name": "FileAdded", "description": "Is to be used when SPDXRef-A is a file that was added to SPDXRef-B", "value": "FILE_ADDED" }, { "name": "FileDeleted", "description": "Is to be used when SPDXRef-A is a file that was deleted from SPDXRef-B", "value": "FILE_DELETED" }, { "name": "FileModified", "description": "Is to be used when SPDXRef-A is a file that was modified from SPDXRef-B", "value": "FILE_MODIFIED" }, { "name": "ExpandedFromArchive", "description": "Is to be used when SPDXRef-A is expanded from the archive SPDXRef-B", "value": "EXPANDED_FROM_ARCHIVE" }, { "name": "DynamicLink", "description": "Is to be used when SPDXRef-A dynamically links to SPDXRef-B", "value": "DYNAMIC_LINK" }, { "name": "StaticLink", "description": "Is to be used when SPDXRef-A statically links to SPDXRef-B", "value": "STATIC_LINK" }, { "name": "DataFileOf", "description": "Is to be used when SPDXRef-A is a data file used in SPDXRef-B", "value": "DATA_FILE_OF" }, { "name": "TestCaseOf", "description": "Is to be used when SPDXRef-A is a test case used in testing SPDXRef-B", "value": "TEST_CASE_OF" }, { "name": "BuildToolOf", "description": "Is to be used when SPDXRef-A is used to build SPDXRef-B", "value": "BUILD_TOOL_OF" }, { "name": "DevToolOf", "description": "Is to be used when SPDXRef-A is used as a development tool for SPDXRef-B", "value": "DEV_TOOL_OF" }, { "name": "TestOf", "description": "Is to be used when SPDXRef-A is used for testing SPDXRef-B", "value": "TEST_OF" }, { "name": "TestToolOf", "description": "Is to be used when SPDXRef-A is used as a test tool for SPDXRef-B", "value": "TEST_TOOL_OF" }, { "name": "DocumentationOf", "description": "Is to be used when SPDXRef-A provides documentation of SPDXRef-B", "value": "DOCUMENTATION_OF" }, { "name": "OptionalComponentOf", "description": "Is to be used when SPDXRef-A is an optional component of SPDXRef-B", "value": "OPTIONAL_COMPONENT_OF" }, { "name": "MetafileOf", "description": "Is to be used when SPDXRef-A is a metafile of SPDXRef-B", "value": "METAFILE_OF" }, { "name": "PackageOf", "description": "Is to be used when SPDXRef-A is used as a package as part of SPDXRef-B", "value": "PACKAGE_OF" }, { "name": "Amends", "description": "Is to be used when (current) SPDXRef-DOCUMENT amends the SPDX information in SPDXRef-B", "value": "AMENDS" }, { "name": "PrerequisiteFor", "description": "Is to be used when SPDXRef-A is a prerequisite for SPDXRef-B", "value": "PREREQUISITE_FOR" }, { "name": "HasPrerequisite", "description": "Is to be used when SPDXRef-A has as a prerequisite SPDXRef-B", "value": "HAS_PREREQUISITE" }, { "name": "Other", "description": "Is to be used for a relationship which has not been defined in the formal SPDX specification. A description of the relationship should be included in the Relationship comments field", "value": "OTHER" } ] }, "google-native:containeranalysis/v1beta1:RelationshipOccurrence": { "description": "RelationshipOccurrence represents an SPDX Relationship section: https://spdx.github.io/spdx-spec/7-relationships-between-SPDX-elements/", "properties": { "comment": { "type": "string", "description": "A place for the SPDX file creator to record any general comments about the relationship" }, "source": { "type": "string", "description": "Also referred to as SPDXRef-A The source SPDX element (file, package, etc)" }, "target": { "type": "string", "description": "Also referred to as SPDXRef-B The target SPDC element (file, package, etc) In cases where there are \"known unknowns\", the use of the keyword NOASSERTION can be used The keywords NONE can be used to indicate that an SPDX element (package/file/snippet) has no other elements connected by some relationship to it" } }, "type": "object" }, "google-native:containeranalysis/v1beta1:RelationshipOccurrenceResponse": { "description": "RelationshipOccurrence represents an SPDX Relationship section: https://spdx.github.io/spdx-spec/7-relationships-between-SPDX-elements/", "properties": { "comment": { "type": "string", "description": "A place for the SPDX file creator to record any general comments about the relationship" }, "source": { "type": "string", "description": "Also referred to as SPDXRef-A The source SPDX element (file, package, etc)" }, "target": { "type": "string", "description": "Also referred to as SPDXRef-B The target SPDC element (file, package, etc) In cases where there are \"known unknowns\", the use of the keyword NOASSERTION can be used The keywords NONE can be used to indicate that an SPDX element (package/file/snippet) has no other elements connected by some relationship to it" }, "type": { "type": "string", "description": "The type of relationship between the source and target SPDX elements" } }, "type": "object", "required": [ "comment", "source", "target", "type" ] }, "google-native:containeranalysis/v1beta1:Remediation": { "description": "Specifies details on how to handle (and presumably, fix) a vulnerability.", "properties": { "details": { "type": "string", "description": "Contains a comprehensive human-readable discussion of the remediation." }, "remediationType": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:RemediationRemediationType", "description": "The type of remediation that can be applied." }, "remediationUri": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:RelatedUrl", "description": "Contains the URL where to obtain the remediation." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:RemediationRemediationType": { "description": "The type of remediation that can be applied.", "type": "string", "enum": [ { "name": "RemediationTypeUnspecified", "description": "No remediation type specified.", "value": "REMEDIATION_TYPE_UNSPECIFIED" }, { "name": "Mitigation", "description": "A MITIGATION is available.", "value": "MITIGATION" }, { "name": "NoFixPlanned", "description": "No fix is planned.", "value": "NO_FIX_PLANNED" }, { "name": "NoneAvailable", "description": "Not available.", "value": "NONE_AVAILABLE" }, { "name": "VendorFix", "description": "A vendor fix is available.", "value": "VENDOR_FIX" }, { "name": "Workaround", "description": "A workaround is available.", "value": "WORKAROUND" } ] }, "google-native:containeranalysis/v1beta1:RemediationResponse": { "description": "Specifies details on how to handle (and presumably, fix) a vulnerability.", "properties": { "details": { "type": "string", "description": "Contains a comprehensive human-readable discussion of the remediation." }, "remediationType": { "type": "string", "description": "The type of remediation that can be applied." }, "remediationUri": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:RelatedUrlResponse", "description": "Contains the URL where to obtain the remediation." } }, "type": "object", "required": [ "details", "remediationType", "remediationUri" ] }, "google-native:containeranalysis/v1beta1:RepoId": { "description": "A unique identifier for a Cloud Repo.", "properties": { "projectRepoId": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:ProjectRepoId", "description": "A combination of a project ID and a repo name." }, "uid": { "type": "string", "description": "A server-assigned, globally unique identifier." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:RepoIdResponse": { "description": "A unique identifier for a Cloud Repo.", "properties": { "projectRepoId": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:ProjectRepoIdResponse", "description": "A combination of a project ID and a repo name." }, "uid": { "type": "string", "description": "A server-assigned, globally unique identifier." } }, "type": "object", "required": [ "projectRepoId", "uid" ] }, "google-native:containeranalysis/v1beta1:Resource": { "description": "An entity that can have metadata. For example, a Docker image.", "properties": { "contentHash": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Hash", "description": "Deprecated, do not use. Use uri instead. The hash of the resource content. For example, the Docker digest.", "deprecationMessage": "Deprecated, do not use. Use uri instead. The hash of the resource content. For example, the Docker digest." }, "name": { "type": "string", "description": "Deprecated, do not use. Use uri instead. The name of the resource. For example, the name of a Docker image - \"Debian\".", "deprecationMessage": "Deprecated, do not use. Use uri instead. The name of the resource. For example, the name of a Docker image - \"Debian\"." }, "uri": { "type": "string", "description": "The unique URI of the resource. For example, `https://gcr.io/project/image@sha256:foo` for a Docker image." } }, "type": "object", "required": [ "uri" ] }, "google-native:containeranalysis/v1beta1:ResourceDescriptor": { "properties": { "annotations": { "type": "object", "additionalProperties": { "type": "string" } }, "content": { "type": "string" }, "digest": { "type": "object", "additionalProperties": { "type": "string" } }, "downloadLocation": { "type": "string" }, "mediaType": { "type": "string" }, "name": { "type": "string" }, "uri": { "type": "string" } }, "type": "object" }, "google-native:containeranalysis/v1beta1:ResourceDescriptorResponse": { "properties": { "annotations": { "type": "object", "additionalProperties": { "type": "string" } }, "content": { "type": "string" }, "digest": { "type": "object", "additionalProperties": { "type": "string" } }, "downloadLocation": { "type": "string" }, "mediaType": { "type": "string" }, "name": { "type": "string" }, "uri": { "type": "string" } }, "type": "object", "required": [ "annotations", "content", "digest", "downloadLocation", "mediaType", "name", "uri" ] }, "google-native:containeranalysis/v1beta1:ResourceResponse": { "description": "An entity that can have metadata. For example, a Docker image.", "properties": { "contentHash": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:HashResponse", "description": "Deprecated, do not use. Use uri instead. The hash of the resource content. For example, the Docker digest.", "deprecationMessage": "Deprecated, do not use. Use uri instead. The hash of the resource content. For example, the Docker digest." }, "name": { "type": "string", "description": "Deprecated, do not use. Use uri instead. The name of the resource. For example, the name of a Docker image - \"Debian\".", "deprecationMessage": "Deprecated, do not use. Use uri instead. The name of the resource. For example, the name of a Docker image - \"Debian\"." }, "uri": { "type": "string", "description": "The unique URI of the resource. For example, `https://gcr.io/project/image@sha256:foo` for a Docker image." } }, "type": "object", "required": [ "contentHash", "name", "uri" ] }, "google-native:containeranalysis/v1beta1:RunDetails": { "properties": { "builder": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:ProvenanceBuilder" }, "byproducts": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:ResourceDescriptor" } }, "metadata": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:BuildMetadata" } }, "type": "object" }, "google-native:containeranalysis/v1beta1:RunDetailsResponse": { "properties": { "builder": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:ProvenanceBuilderResponse" }, "byproducts": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:ResourceDescriptorResponse" } }, "metadata": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:BuildMetadataResponse" } }, "type": "object", "required": [ "builder", "byproducts", "metadata" ] }, "google-native:containeranalysis/v1beta1:SBOMReferenceNote": { "description": "The note representing an SBOM reference.", "properties": { "format": { "type": "string", "description": "The format that SBOM takes. E.g. may be spdx, cyclonedx, etc..." }, "version": { "type": "string", "description": "The version of the format that the SBOM takes. E.g. if the format is spdx, the version may be 2.3." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:SBOMReferenceNoteResponse": { "description": "The note representing an SBOM reference.", "properties": { "format": { "type": "string", "description": "The format that SBOM takes. E.g. may be spdx, cyclonedx, etc..." }, "version": { "type": "string", "description": "The version of the format that the SBOM takes. E.g. if the format is spdx, the version may be 2.3." } }, "type": "object", "required": [ "format", "version" ] }, "google-native:containeranalysis/v1beta1:SBOMReferenceOccurrence": { "description": "The occurrence representing an SBOM reference as applied to a specific resource. The occurrence follows the DSSE specification. See https://github.com/secure-systems-lab/dsse/blob/master/envelope.md for more details.", "properties": { "payload": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:SbomReferenceIntotoPayload", "description": "The actual payload that contains the SBOM reference data." }, "payloadType": { "type": "string", "description": "The kind of payload that SbomReferenceIntotoPayload takes. Since it's in the intoto format, this value is expected to be 'application/vnd.in-toto+json'." }, "signatures": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:EnvelopeSignature" }, "description": "The signatures over the payload." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:SBOMReferenceOccurrenceResponse": { "description": "The occurrence representing an SBOM reference as applied to a specific resource. The occurrence follows the DSSE specification. See https://github.com/secure-systems-lab/dsse/blob/master/envelope.md for more details.", "properties": { "payload": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:SbomReferenceIntotoPayloadResponse", "description": "The actual payload that contains the SBOM reference data." }, "payloadType": { "type": "string", "description": "The kind of payload that SbomReferenceIntotoPayload takes. Since it's in the intoto format, this value is expected to be 'application/vnd.in-toto+json'." }, "signatures": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:EnvelopeSignatureResponse" }, "description": "The signatures over the payload." } }, "type": "object", "required": [ "payload", "payloadType", "signatures" ] }, "google-native:containeranalysis/v1beta1:SBOMStatus": { "description": "The status of an SBOM generation.", "properties": { "error": { "type": "string", "description": "If there was an error generating an SBOM, this will indicate what that error was." }, "sbomState": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:SBOMStatusSbomState", "description": "The progress of the SBOM generation." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:SBOMStatusResponse": { "description": "The status of an SBOM generation.", "properties": { "error": { "type": "string", "description": "If there was an error generating an SBOM, this will indicate what that error was." }, "sbomState": { "type": "string", "description": "The progress of the SBOM generation." } }, "type": "object", "required": [ "error", "sbomState" ] }, "google-native:containeranalysis/v1beta1:SBOMStatusSbomState": { "description": "The progress of the SBOM generation.", "type": "string", "enum": [ { "name": "SbomStateUnspecified", "description": "Default unknown state.", "value": "SBOM_STATE_UNSPECIFIED" }, { "name": "Pending", "description": "SBOM scanning is pending.", "value": "PENDING" }, { "name": "Complete", "description": "SBOM scanning has completed.", "value": "COMPLETE" } ] }, "google-native:containeranalysis/v1beta1:SbomReferenceIntotoPayload": { "description": "The actual payload that contains the SBOM Reference data. The payload follows the intoto statement specification. See https://github.com/in-toto/attestation/blob/main/spec/v1.0/statement.md for more details.", "properties": { "predicate": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:SbomReferenceIntotoPredicate", "description": "Additional parameters of the Predicate. Includes the actual data about the SBOM." }, "predicateType": { "type": "string", "description": "URI identifying the type of the Predicate." }, "subject": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Subject" }, "description": "Set of software artifacts that the attestation applies to. Each element represents a single software artifact." }, "type": { "type": "string", "description": "Identifier for the schema of the Statement." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:SbomReferenceIntotoPayloadResponse": { "description": "The actual payload that contains the SBOM Reference data. The payload follows the intoto statement specification. See https://github.com/in-toto/attestation/blob/main/spec/v1.0/statement.md for more details.", "properties": { "predicate": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:SbomReferenceIntotoPredicateResponse", "description": "Additional parameters of the Predicate. Includes the actual data about the SBOM." }, "predicateType": { "type": "string", "description": "URI identifying the type of the Predicate." }, "subject": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:SubjectResponse" }, "description": "Set of software artifacts that the attestation applies to. Each element represents a single software artifact." }, "type": { "type": "string", "description": "Identifier for the schema of the Statement." } }, "type": "object", "required": [ "predicate", "predicateType", "subject", "type" ] }, "google-native:containeranalysis/v1beta1:SbomReferenceIntotoPredicate": { "description": "A predicate which describes the SBOM being referenced.", "properties": { "digest": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of algorithm to digest of the contents of the SBOM." }, "location": { "type": "string", "description": "The location of the SBOM." }, "mimeType": { "type": "string", "description": "The mime type of the SBOM." }, "referrerId": { "type": "string", "description": "The person or system referring this predicate to the consumer." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:SbomReferenceIntotoPredicateResponse": { "description": "A predicate which describes the SBOM being referenced.", "properties": { "digest": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A map of algorithm to digest of the contents of the SBOM." }, "location": { "type": "string", "description": "The location of the SBOM." }, "mimeType": { "type": "string", "description": "The mime type of the SBOM." }, "referrerId": { "type": "string", "description": "The person or system referring this predicate to the consumer." } }, "type": "object", "required": [ "digest", "location", "mimeType", "referrerId" ] }, "google-native:containeranalysis/v1beta1:Signature": { "description": "Verifiers (e.g. Kritis implementations) MUST verify signatures with respect to the trust anchors defined in policy (e.g. a Kritis policy). Typically this means that the verifier has been configured with a map from `public_key_id` to public key material (and any required parameters, e.g. signing algorithm). In particular, verification implementations MUST NOT treat the signature `public_key_id` as anything more than a key lookup hint. The `public_key_id` DOES NOT validate or authenticate a public key; it only provides a mechanism for quickly selecting a public key ALREADY CONFIGURED on the verifier through a trusted channel. Verification implementations MUST reject signatures in any of the following circumstances: * The `public_key_id` is not recognized by the verifier. * The public key that `public_key_id` refers to does not verify the signature with respect to the payload. The `signature` contents SHOULD NOT be \"attached\" (where the payload is included with the serialized `signature` bytes). Verifiers MUST ignore any \"attached\" payload and only verify signatures with respect to explicitly provided payload (e.g. a `payload` field on the proto message that holds this Signature, or the canonical serialization of the proto message that holds this signature).", "properties": { "publicKeyId": { "type": "string", "description": "The identifier for the public key that verifies this signature. * The `public_key_id` is required. * The `public_key_id` SHOULD be an RFC3986 conformant URI. * When possible, the `public_key_id` SHOULD be an immutable reference, such as a cryptographic digest. Examples of valid `public_key_id`s: OpenPGP V4 public key fingerprint: * \"openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA\" See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme. RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization): * \"ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU\" * \"nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5\"" }, "signature": { "type": "string", "description": "The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be unambiguously provided with the Signature during verification. A wrapper message might provide the payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:SignatureResponse": { "description": "Verifiers (e.g. Kritis implementations) MUST verify signatures with respect to the trust anchors defined in policy (e.g. a Kritis policy). Typically this means that the verifier has been configured with a map from `public_key_id` to public key material (and any required parameters, e.g. signing algorithm). In particular, verification implementations MUST NOT treat the signature `public_key_id` as anything more than a key lookup hint. The `public_key_id` DOES NOT validate or authenticate a public key; it only provides a mechanism for quickly selecting a public key ALREADY CONFIGURED on the verifier through a trusted channel. Verification implementations MUST reject signatures in any of the following circumstances: * The `public_key_id` is not recognized by the verifier. * The public key that `public_key_id` refers to does not verify the signature with respect to the payload. The `signature` contents SHOULD NOT be \"attached\" (where the payload is included with the serialized `signature` bytes). Verifiers MUST ignore any \"attached\" payload and only verify signatures with respect to explicitly provided payload (e.g. a `payload` field on the proto message that holds this Signature, or the canonical serialization of the proto message that holds this signature).", "properties": { "publicKeyId": { "type": "string", "description": "The identifier for the public key that verifies this signature. * The `public_key_id` is required. * The `public_key_id` SHOULD be an RFC3986 conformant URI. * When possible, the `public_key_id` SHOULD be an immutable reference, such as a cryptographic digest. Examples of valid `public_key_id`s: OpenPGP V4 public key fingerprint: * \"openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA\" See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme. RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization): * \"ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU\" * \"nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5\"" }, "signature": { "type": "string", "description": "The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be unambiguously provided with the Signature during verification. A wrapper message might provide the payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload." } }, "type": "object", "required": [ "publicKeyId", "signature" ] }, "google-native:containeranalysis/v1beta1:SigningKey": { "description": "This defines the format used to record keys used in the software supply chain. An in-toto link is attested using one or more keys defined in the in-toto layout. An example of this is: { \"key_id\": \"776a00e29f3559e0141b3b096f696abc6cfb0c657ab40f441132b345b0...\", \"key_type\": \"rsa\", \"public_key_value\": \"-----BEGIN PUBLIC KEY-----\\nMIIBojANBgkqhkiG9w0B...\", \"key_scheme\": \"rsassa-pss-sha256\" } The format for in-toto's key definition can be found in section 4.2 of the in-toto specification.", "properties": { "keyId": { "type": "string", "description": "key_id is an identifier for the signing key." }, "keyScheme": { "type": "string", "description": "This field contains the corresponding signature scheme. Eg: \"rsassa-pss-sha256\"." }, "keyType": { "type": "string", "description": "This field identifies the specific signing method. Eg: \"rsa\", \"ed25519\", and \"ecdsa\"." }, "publicKeyValue": { "type": "string", "description": "This field contains the actual public key." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:SigningKeyResponse": { "description": "This defines the format used to record keys used in the software supply chain. An in-toto link is attested using one or more keys defined in the in-toto layout. An example of this is: { \"key_id\": \"776a00e29f3559e0141b3b096f696abc6cfb0c657ab40f441132b345b0...\", \"key_type\": \"rsa\", \"public_key_value\": \"-----BEGIN PUBLIC KEY-----\\nMIIBojANBgkqhkiG9w0B...\", \"key_scheme\": \"rsassa-pss-sha256\" } The format for in-toto's key definition can be found in section 4.2 of the in-toto specification.", "properties": { "keyId": { "type": "string", "description": "key_id is an identifier for the signing key." }, "keyScheme": { "type": "string", "description": "This field contains the corresponding signature scheme. Eg: \"rsassa-pss-sha256\"." }, "keyType": { "type": "string", "description": "This field identifies the specific signing method. Eg: \"rsa\", \"ed25519\", and \"ecdsa\"." }, "publicKeyValue": { "type": "string", "description": "This field contains the actual public key." } }, "type": "object", "required": [ "keyId", "keyScheme", "keyType", "publicKeyValue" ] }, "google-native:containeranalysis/v1beta1:SlsaProvenanceV1": { "description": "Keep in sync with schema at https://github.com/slsa-framework/slsa/blob/main/docs/provenance/schema/v1/provenance.proto Builder renamed to ProvenanceBuilder because of Java conflicts.", "properties": { "buildDefinition": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:BuildDefinition" }, "runDetails": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:RunDetails" } }, "type": "object" }, "google-native:containeranalysis/v1beta1:SlsaProvenanceV1Response": { "description": "Keep in sync with schema at https://github.com/slsa-framework/slsa/blob/main/docs/provenance/schema/v1/provenance.proto Builder renamed to ProvenanceBuilder because of Java conflicts.", "properties": { "buildDefinition": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:BuildDefinitionResponse" }, "runDetails": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:RunDetailsResponse" } }, "type": "object", "required": [ "buildDefinition", "runDetails" ] }, "google-native:containeranalysis/v1beta1:Source": { "description": "Source describes the location of the source used for the build.", "properties": { "additionalContexts": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:SourceContext" }, "description": "If provided, some of the source code used for the build may be found in these locations, in the case where the source repository had multiple remotes or submodules. This list will not include the context specified in the context field." }, "artifactStorageSourceUri": { "type": "string", "description": "If provided, the input binary artifacts for the build came from this location." }, "context": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:SourceContext", "description": "If provided, the source code used for the build came from this location." }, "fileHashes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Hash(es) of the build source, which can be used to verify that the original source integrity was maintained in the build. The keys to this map are file paths used as build source and the values contain the hash values for those files. If the build source came in a single package such as a gzipped tarfile (.tar.gz), the FileHash will be for the single path to that file." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:SourceContext": { "description": "A SourceContext is a reference to a tree of files. A SourceContext together with a path point to a unique revision of a single file or directory.", "properties": { "cloudRepo": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:CloudRepoSourceContext", "description": "A SourceContext referring to a revision in a Google Cloud Source Repo." }, "gerrit": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:GerritSourceContext", "description": "A SourceContext referring to a Gerrit project." }, "git": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:GitSourceContext", "description": "A SourceContext referring to any third party Git repo (e.g., GitHub)." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels with user defined metadata." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:SourceContextResponse": { "description": "A SourceContext is a reference to a tree of files. A SourceContext together with a path point to a unique revision of a single file or directory.", "properties": { "cloudRepo": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:CloudRepoSourceContextResponse", "description": "A SourceContext referring to a revision in a Google Cloud Source Repo." }, "gerrit": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:GerritSourceContextResponse", "description": "A SourceContext referring to a Gerrit project." }, "git": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:GitSourceContextResponse", "description": "A SourceContext referring to any third party Git repo (e.g., GitHub)." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels with user defined metadata." } }, "type": "object", "required": [ "cloudRepo", "gerrit", "git", "labels" ] }, "google-native:containeranalysis/v1beta1:SourceResponse": { "description": "Source describes the location of the source used for the build.", "properties": { "additionalContexts": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:SourceContextResponse" }, "description": "If provided, some of the source code used for the build may be found in these locations, in the case where the source repository had multiple remotes or submodules. This list will not include the context specified in the context field." }, "artifactStorageSourceUri": { "type": "string", "description": "If provided, the input binary artifacts for the build came from this location." }, "context": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:SourceContextResponse", "description": "If provided, the source code used for the build came from this location." }, "fileHashes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Hash(es) of the build source, which can be used to verify that the original source integrity was maintained in the build. The keys to this map are file paths used as build source and the values contain the hash values for those files. If the build source came in a single package such as a gzipped tarfile (.tar.gz), the FileHash will be for the single path to that file." } }, "type": "object", "required": [ "additionalContexts", "artifactStorageSourceUri", "context", "fileHashes" ] }, "google-native:containeranalysis/v1beta1:Status": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:StatusResponse": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object", "required": [ "code", "details", "message" ] }, "google-native:containeranalysis/v1beta1:Subject": { "description": "Set of software artifacts that the attestation applies to. Each element represents a single software artifact.", "properties": { "digest": { "type": "object", "additionalProperties": { "type": "string" }, "description": "`\"\": \"\"` Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet" }, "name": { "type": "string", "description": "Identifier to distinguish this artifact from others within the subject." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:SubjectResponse": { "description": "Set of software artifacts that the attestation applies to. Each element represents a single software artifact.", "properties": { "digest": { "type": "object", "additionalProperties": { "type": "string" }, "description": "`\"\": \"\"` Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet" }, "name": { "type": "string", "description": "Identifier to distinguish this artifact from others within the subject." } }, "type": "object", "required": [ "digest", "name" ] }, "google-native:containeranalysis/v1beta1:Version": { "description": "Version contains structured information about the version of a package.", "properties": { "epoch": { "type": "integer", "description": "Used to correct mistakes in the version numbering scheme." }, "inclusive": { "type": "boolean", "description": "Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range." }, "kind": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:VersionKind", "description": "Distinguishes between sentinel MIN/MAX versions and normal versions." }, "name": { "type": "string", "description": "Required only when version kind is NORMAL. The main part of the version name." }, "revision": { "type": "string", "description": "The iteration of the package build from the above version." } }, "type": "object", "required": [ "kind" ] }, "google-native:containeranalysis/v1beta1:VersionKind": { "description": "Required. Distinguishes between sentinel MIN/MAX versions and normal versions.", "type": "string", "enum": [ { "name": "VersionKindUnspecified", "description": "Unknown.", "value": "VERSION_KIND_UNSPECIFIED" }, { "name": "Normal", "description": "A standard package version.", "value": "NORMAL" }, { "name": "Minimum", "description": "A special version representing negative infinity.", "value": "MINIMUM" }, { "name": "Maximum", "description": "A special version representing positive infinity.", "value": "MAXIMUM" } ] }, "google-native:containeranalysis/v1beta1:VersionResponse": { "description": "Version contains structured information about the version of a package.", "properties": { "epoch": { "type": "integer", "description": "Used to correct mistakes in the version numbering scheme." }, "inclusive": { "type": "boolean", "description": "Whether this version is specifying part of an inclusive range. Grafeas does not have the capability to specify version ranges; instead we have fields that specify start version and end versions. At times this is insufficient - we also need to specify whether the version is included in the range or is excluded from the range. This boolean is expected to be set to true when the version is included in a range." }, "kind": { "type": "string", "description": "Distinguishes between sentinel MIN/MAX versions and normal versions." }, "name": { "type": "string", "description": "Required only when version kind is NORMAL. The main part of the version name." }, "revision": { "type": "string", "description": "The iteration of the package build from the above version." } }, "type": "object", "required": [ "epoch", "inclusive", "kind", "name", "revision" ] }, "google-native:containeranalysis/v1beta1:VexAssessment": { "description": "VexAssessment provides all publisher provided Vex information that is related to this vulnerability.", "properties": { "cve": { "type": "string", "description": "Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.", "deprecationMessage": "Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs." }, "impacts": { "type": "array", "items": { "type": "string" }, "description": "Contains information about the impact of this vulnerability, this will change with time." }, "justification": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Justification", "description": "Justification provides the justification when the state of the assessment if NOT_AFFECTED." }, "noteName": { "type": "string", "description": "The VulnerabilityAssessment note from which this VexAssessment was generated. This will be of the form: `projects/[PROJECT_ID]/notes/[NOTE_ID]`." }, "relatedUris": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:RelatedUrl" }, "description": "Holds a list of references associated with this vulnerability item and assessment." }, "remediations": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Remediation" }, "description": "Specifies details on how to handle (and presumably, fix) a vulnerability." }, "state": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:VexAssessmentState", "description": "Provides the state of this Vulnerability assessment." }, "vulnerabilityId": { "type": "string", "description": "The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:VexAssessmentResponse": { "description": "VexAssessment provides all publisher provided Vex information that is related to this vulnerability.", "properties": { "cve": { "type": "string", "description": "Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs.", "deprecationMessage": "Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability. Deprecated: Use vulnerability_id instead to denote CVEs." }, "impacts": { "type": "array", "items": { "type": "string" }, "description": "Contains information about the impact of this vulnerability, this will change with time." }, "justification": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:JustificationResponse", "description": "Justification provides the justification when the state of the assessment if NOT_AFFECTED." }, "noteName": { "type": "string", "description": "The VulnerabilityAssessment note from which this VexAssessment was generated. This will be of the form: `projects/[PROJECT_ID]/notes/[NOTE_ID]`." }, "relatedUris": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:RelatedUrlResponse" }, "description": "Holds a list of references associated with this vulnerability item and assessment." }, "remediations": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:RemediationResponse" }, "description": "Specifies details on how to handle (and presumably, fix) a vulnerability." }, "state": { "type": "string", "description": "Provides the state of this Vulnerability assessment." }, "vulnerabilityId": { "type": "string", "description": "The vulnerability identifier for this Assessment. Will hold one of common identifiers e.g. CVE, GHSA etc." } }, "type": "object", "required": [ "cve", "impacts", "justification", "noteName", "relatedUris", "remediations", "state", "vulnerabilityId" ] }, "google-native:containeranalysis/v1beta1:VexAssessmentState": { "description": "Provides the state of this Vulnerability assessment.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "No state is specified.", "value": "STATE_UNSPECIFIED" }, { "name": "Affected", "description": "This product is known to be affected by this vulnerability.", "value": "AFFECTED" }, { "name": "NotAffected", "description": "This product is known to be not affected by this vulnerability.", "value": "NOT_AFFECTED" }, { "name": "Fixed", "description": "This product contains a fix for this vulnerability.", "value": "FIXED" }, { "name": "UnderInvestigation", "description": "It is not known yet whether these versions are or are not affected by the vulnerability. However, it is still under investigation.", "value": "UNDER_INVESTIGATION" } ] }, "google-native:containeranalysis/v1beta1:Vulnerability": { "description": "Vulnerability provides metadata about a security vulnerability in a Note.", "properties": { "cvssScore": { "type": "number", "description": "The CVSS score for this vulnerability." }, "cvssV2": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:CVSS", "description": "The full description of the CVSS for version 2." }, "cvssV3": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:CVSSv3", "description": "The full description of the CVSS for version 3." }, "cvssVersion": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:VulnerabilityCvssVersion", "description": "CVSS version used to populate cvss_score and severity." }, "cwe": { "type": "array", "items": { "type": "string" }, "description": "A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html" }, "details": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Detail" }, "description": "All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in." }, "severity": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:VulnerabilitySeverity", "description": "Note provider assigned impact of the vulnerability." }, "sourceUpdateTime": { "type": "string", "description": "The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker." }, "windowsDetails": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:WindowsDetail" }, "description": "Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version." } }, "type": "object" }, "google-native:containeranalysis/v1beta1:VulnerabilityAssessmentNote": { "description": "A single VulnerabilityAssessmentNote represents one particular product's vulnerability assessment for one CVE.", "properties": { "assessment": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Assessment", "description": "Represents a vulnerability assessment for the product." }, "languageCode": { "type": "string", "description": "Identifies the language used by this document, corresponding to IETF BCP 47 / RFC 5646." }, "longDescription": { "type": "string", "description": "A detailed description of this Vex." }, "product": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Product", "description": "The product affected by this vex." }, "publisher": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Publisher", "description": "Publisher details of this Note." }, "shortDescription": { "type": "string", "description": "A one sentence description of this Vex." }, "title": { "type": "string", "description": "The title of the note. E.g. `Vex-Debian-11.4`" } }, "type": "object" }, "google-native:containeranalysis/v1beta1:VulnerabilityAssessmentNoteResponse": { "description": "A single VulnerabilityAssessmentNote represents one particular product's vulnerability assessment for one CVE.", "properties": { "assessment": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:AssessmentResponse", "description": "Represents a vulnerability assessment for the product." }, "languageCode": { "type": "string", "description": "Identifies the language used by this document, corresponding to IETF BCP 47 / RFC 5646." }, "longDescription": { "type": "string", "description": "A detailed description of this Vex." }, "product": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:ProductResponse", "description": "The product affected by this vex." }, "publisher": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:PublisherResponse", "description": "Publisher details of this Note." }, "shortDescription": { "type": "string", "description": "A one sentence description of this Vex." }, "title": { "type": "string", "description": "The title of the note. E.g. `Vex-Debian-11.4`" } }, "type": "object", "required": [ "assessment", "languageCode", "longDescription", "product", "publisher", "shortDescription", "title" ] }, "google-native:containeranalysis/v1beta1:VulnerabilityCvssVersion": { "description": "CVSS version used to populate cvss_score and severity.", "type": "string", "enum": [ { "name": "CvssVersionUnspecified", "value": "CVSS_VERSION_UNSPECIFIED" }, { "name": "CvssVersion2", "value": "CVSS_VERSION_2" }, { "name": "CvssVersion3", "value": "CVSS_VERSION_3" } ] }, "google-native:containeranalysis/v1beta1:VulnerabilityLocation": { "description": "The location of the vulnerability.", "properties": { "cpeUri": { "type": "string", "description": "The CPE URI in [cpe format](https://cpe.mitre.org/specification/) format. Examples include distro or storage location for vulnerable jar." }, "package": { "type": "string", "description": "The package being described." }, "version": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:Version", "description": "The version of the package being described." } }, "type": "object", "required": [ "cpeUri", "package", "version" ] }, "google-native:containeranalysis/v1beta1:VulnerabilityLocationResponse": { "description": "The location of the vulnerability.", "properties": { "cpeUri": { "type": "string", "description": "The CPE URI in [cpe format](https://cpe.mitre.org/specification/) format. Examples include distro or storage location for vulnerable jar." }, "package": { "type": "string", "description": "The package being described." }, "version": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:VersionResponse", "description": "The version of the package being described." } }, "type": "object", "required": [ "cpeUri", "package", "version" ] }, "google-native:containeranalysis/v1beta1:VulnerabilityResponse": { "description": "Vulnerability provides metadata about a security vulnerability in a Note.", "properties": { "cvssScore": { "type": "number", "description": "The CVSS score for this vulnerability." }, "cvssV2": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:CVSSResponse", "description": "The full description of the CVSS for version 2." }, "cvssV3": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:CVSSv3Response", "description": "The full description of the CVSS for version 3." }, "cvssVersion": { "type": "string", "description": "CVSS version used to populate cvss_score and severity." }, "cwe": { "type": "array", "items": { "type": "string" }, "description": "A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html" }, "details": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:DetailResponse" }, "description": "All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in." }, "severity": { "type": "string", "description": "Note provider assigned impact of the vulnerability." }, "sourceUpdateTime": { "type": "string", "description": "The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker." }, "windowsDetails": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:WindowsDetailResponse" }, "description": "Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version." } }, "type": "object", "required": [ "cvssScore", "cvssV2", "cvssV3", "cvssVersion", "cwe", "details", "severity", "sourceUpdateTime", "windowsDetails" ] }, "google-native:containeranalysis/v1beta1:VulnerabilitySeverity": { "description": "Note provider assigned impact of the vulnerability.", "type": "string", "enum": [ { "name": "SeverityUnspecified", "description": "Unknown.", "value": "SEVERITY_UNSPECIFIED" }, { "name": "Minimal", "description": "Minimal severity.", "value": "MINIMAL" }, { "name": "Low", "description": "Low severity.", "value": "LOW" }, { "name": "Medium", "description": "Medium severity.", "value": "MEDIUM" }, { "name": "High", "description": "High severity.", "value": "HIGH" }, { "name": "Critical", "description": "Critical severity.", "value": "CRITICAL" } ] }, "google-native:containeranalysis/v1beta1:WindowsDetail": { "properties": { "cpeUri": { "type": "string", "description": "The CPE URI in [cpe format](https://cpe.mitre.org/specification/) in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar." }, "description": { "type": "string", "description": "The description of the vulnerability." }, "fixingKbs": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:KnowledgeBase" }, "description": "The names of the KBs which have hotfixes to mitigate this vulnerability. Note that there may be multiple hotfixes (and thus multiple KBs) that mitigate a given vulnerability. Currently any listed kb's presence is considered a fix." }, "name": { "type": "string", "description": "The name of the vulnerability." } }, "type": "object", "required": [ "cpeUri", "fixingKbs", "name" ] }, "google-native:containeranalysis/v1beta1:WindowsDetailResponse": { "properties": { "cpeUri": { "type": "string", "description": "The CPE URI in [cpe format](https://cpe.mitre.org/specification/) in which the vulnerability manifests. Examples include distro or storage location for vulnerable jar." }, "description": { "type": "string", "description": "The description of the vulnerability." }, "fixingKbs": { "type": "array", "items": { "$ref": "#/types/google-native:containeranalysis%2Fv1beta1:KnowledgeBaseResponse" }, "description": "The names of the KBs which have hotfixes to mitigate this vulnerability. Note that there may be multiple hotfixes (and thus multiple KBs) that mitigate a given vulnerability. Currently any listed kb's presence is considered a fix." }, "name": { "type": "string", "description": "The name of the vulnerability." } }, "type": "object", "required": [ "cpeUri", "description", "fixingKbs", "name" ] }, "google-native:contentwarehouse/v1:DocumentContentCategory": { "description": "Indicates the category (image, audio, video etc.) of the original content.", "type": "string", "enum": [ { "name": "ContentCategoryUnspecified", "description": "No category is specified.", "value": "CONTENT_CATEGORY_UNSPECIFIED" }, { "name": "ContentCategoryImage", "description": "Content is of image type.", "value": "CONTENT_CATEGORY_IMAGE" }, { "name": "ContentCategoryAudio", "description": "Content is of audio type.", "value": "CONTENT_CATEGORY_AUDIO" }, { "name": "ContentCategoryVideo", "description": "Content is of video type.", "value": "CONTENT_CATEGORY_VIDEO" } ] }, "google-native:contentwarehouse/v1:DocumentRawDocumentFileType": { "description": "This is used when DocAI was not used to load the document and parsing/ extracting is needed for the inline_raw_document. For example, if inline_raw_document is the byte representation of a PDF file, then this should be set to: RAW_DOCUMENT_FILE_TYPE_PDF.", "type": "string", "enum": [ { "name": "RawDocumentFileTypeUnspecified", "description": "No raw document specified or it is non-parsable", "value": "RAW_DOCUMENT_FILE_TYPE_UNSPECIFIED" }, { "name": "RawDocumentFileTypePdf", "description": "Adobe PDF format", "value": "RAW_DOCUMENT_FILE_TYPE_PDF" }, { "name": "RawDocumentFileTypeDocx", "description": "Microsoft Word format", "value": "RAW_DOCUMENT_FILE_TYPE_DOCX" }, { "name": "RawDocumentFileTypeXlsx", "description": "Microsoft Excel format", "value": "RAW_DOCUMENT_FILE_TYPE_XLSX" }, { "name": "RawDocumentFileTypePptx", "description": "Microsoft Powerpoint format", "value": "RAW_DOCUMENT_FILE_TYPE_PPTX" }, { "name": "RawDocumentFileTypeText", "description": "UTF-8 encoded text format", "value": "RAW_DOCUMENT_FILE_TYPE_TEXT" }, { "name": "RawDocumentFileTypeTiff", "description": "TIFF or TIF image file format", "value": "RAW_DOCUMENT_FILE_TYPE_TIFF" } ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1AccessControlAction": { "description": "Represents the action responsible for access control list management operations.", "properties": { "operationType": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1AccessControlActionOperationType", "description": "Identifies the type of operation." }, "policy": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleIamV1Policy", "description": "Represents the new policy from which bindings are added, removed or replaced based on the type of the operation. the policy is limited to a few 10s of KB." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1AccessControlActionOperationType": { "description": "Identifies the type of operation.", "type": "string", "enum": [ { "name": "Unknown", "description": "The unknown operation type.", "value": "UNKNOWN" }, { "name": "AddPolicyBinding", "description": "Adds newly given policy bindings in the existing bindings list.", "value": "ADD_POLICY_BINDING" }, { "name": "RemovePolicyBinding", "description": "Removes newly given policy bindings from the existing bindings list.", "value": "REMOVE_POLICY_BINDING" }, { "name": "ReplacePolicyBinding", "description": "Replaces existing policy bindings with the given policy binding list", "value": "REPLACE_POLICY_BINDING" } ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1AccessControlActionResponse": { "description": "Represents the action responsible for access control list management operations.", "properties": { "operationType": { "type": "string", "description": "Identifies the type of operation." }, "policy": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleIamV1PolicyResponse", "description": "Represents the new policy from which bindings are added, removed or replaced based on the type of the operation. the policy is limited to a few 10s of KB." } }, "type": "object", "required": [ "operationType", "policy" ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1Action": { "description": "Represents the action triggered by Rule Engine when the rule is true.", "properties": { "accessControl": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1AccessControlAction", "description": "Action triggering access control operations." }, "actionId": { "type": "string", "description": "ID of the action. Managed internally." }, "addToFolder": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1AddToFolderAction", "description": "Action triggering create document link operation." }, "dataUpdate": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1DataUpdateAction", "description": "Action triggering data update operations." }, "dataValidation": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1DataValidationAction", "description": "Action triggering data validation operations." }, "deleteDocumentAction": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1DeleteDocumentAction", "description": "Action deleting the document." }, "publishToPubSub": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1PublishAction", "description": "Action publish to Pub/Sub operation." }, "removeFromFolderAction": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1RemoveFromFolderAction", "description": "Action removing a document from a folder." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1ActionResponse": { "description": "Represents the action triggered by Rule Engine when the rule is true.", "properties": { "accessControl": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1AccessControlActionResponse", "description": "Action triggering access control operations." }, "actionId": { "type": "string", "description": "ID of the action. Managed internally." }, "addToFolder": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1AddToFolderActionResponse", "description": "Action triggering create document link operation." }, "dataUpdate": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1DataUpdateActionResponse", "description": "Action triggering data update operations." }, "dataValidation": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1DataValidationActionResponse", "description": "Action triggering data validation operations." }, "deleteDocumentAction": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1DeleteDocumentActionResponse", "description": "Action deleting the document." }, "publishToPubSub": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1PublishActionResponse", "description": "Action publish to Pub/Sub operation." }, "removeFromFolderAction": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1RemoveFromFolderActionResponse", "description": "Action removing a document from a folder." } }, "type": "object", "required": [ "accessControl", "actionId", "addToFolder", "dataUpdate", "dataValidation", "deleteDocumentAction", "publishToPubSub", "removeFromFolderAction" ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1AddToFolderAction": { "description": "Represents the action responsible for adding document under a folder.", "properties": { "folders": { "type": "array", "items": { "type": "string" }, "description": "Names of the folder under which new document is to be added. Format: projects/{project_number}/locations/{location}/documents/{document_id}." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1AddToFolderActionResponse": { "description": "Represents the action responsible for adding document under a folder.", "properties": { "folders": { "type": "array", "items": { "type": "string" }, "description": "Names of the folder under which new document is to be added. Format: projects/{project_number}/locations/{location}/documents/{document_id}." } }, "type": "object", "required": [ "folders" ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1CloudAIDocumentOption": { "description": "Request Option for processing Cloud AI Document in CW Document.", "properties": { "customizedEntitiesPropertiesConversions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "If set, only selected entities will be converted to properties." }, "enableEntitiesConversions": { "type": "boolean", "description": "Whether to convert all the entities to properties." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1DataUpdateAction": { "description": "Represents the action responsible for properties update operations.", "properties": { "entries": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of (K, V) -> (valid name of the field, new value of the field) E.g., (\"age\", \"60\") entry triggers update of field age with a value of 60. If the field is not present then new entry is added. During update action execution, value strings will be casted to appropriate types." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1DataUpdateActionResponse": { "description": "Represents the action responsible for properties update operations.", "properties": { "entries": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of (K, V) -> (valid name of the field, new value of the field) E.g., (\"age\", \"60\") entry triggers update of field age with a value of 60. If the field is not present then new entry is added. During update action execution, value strings will be casted to appropriate types." } }, "type": "object", "required": [ "entries" ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1DataValidationAction": { "description": "Represents the action responsible for data validation operations.", "properties": { "conditions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of (K, V) -> (field, string condition to be evaluated on the field) E.g., (\"age\", \"age > 18 && age < 60\") entry triggers validation of field age with the given condition. Map entries will be ANDed during validation." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1DataValidationActionResponse": { "description": "Represents the action responsible for data validation operations.", "properties": { "conditions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of (K, V) -> (field, string condition to be evaluated on the field) E.g., (\"age\", \"age > 18 && age < 60\") entry triggers validation of field age with the given condition. Map entries will be ANDed during validation." } }, "type": "object", "required": [ "conditions" ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1DateTimeArray": { "description": "DateTime values.", "properties": { "values": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleTypeDateTime" }, "description": "List of datetime values. Both OffsetDateTime and ZonedDateTime are supported." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1DateTimeArrayResponse": { "description": "DateTime values.", "properties": { "values": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleTypeDateTimeResponse" }, "description": "List of datetime values. Both OffsetDateTime and ZonedDateTime are supported." } }, "type": "object", "required": [ "values" ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1DateTimeTypeOptions": { "description": "Configurations for a date time property.", "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1DateTimeTypeOptionsResponse": { "description": "Configurations for a date time property.", "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1DeleteDocumentAction": { "description": "Represents the action responsible for deleting the document.", "properties": { "enableHardDelete": { "type": "boolean", "description": "Boolean field to select between hard vs soft delete options. Set 'true' for 'hard delete' and 'false' for 'soft delete'." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1DeleteDocumentActionResponse": { "description": "Represents the action responsible for deleting the document.", "properties": { "enableHardDelete": { "type": "boolean", "description": "Boolean field to select between hard vs soft delete options. Set 'true' for 'hard delete' and 'false' for 'soft delete'." } }, "type": "object", "required": [ "enableHardDelete" ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1EnumArray": { "description": "Enum values.", "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "List of enum values." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1EnumArrayResponse": { "description": "Enum values.", "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "List of enum values." } }, "type": "object", "required": [ "values" ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1EnumTypeOptions": { "description": "Configurations for an enum/categorical property.", "properties": { "possibleValues": { "type": "array", "items": { "type": "string" }, "description": "List of possible enum values." }, "validationCheckDisabled": { "type": "boolean", "description": "Make sure the Enum property value provided in the document is in the possile value list during document creation. The validation check runs by default." } }, "type": "object", "required": [ "possibleValues" ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1EnumTypeOptionsResponse": { "description": "Configurations for an enum/categorical property.", "properties": { "possibleValues": { "type": "array", "items": { "type": "string" }, "description": "List of possible enum values." }, "validationCheckDisabled": { "type": "boolean", "description": "Make sure the Enum property value provided in the document is in the possile value list during document creation. The validation check runs by default." } }, "type": "object", "required": [ "possibleValues", "validationCheckDisabled" ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1FloatArray": { "description": "Float values.", "properties": { "values": { "type": "array", "items": { "type": "number" }, "description": "List of float values." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1FloatArrayResponse": { "description": "Float values.", "properties": { "values": { "type": "array", "items": { "type": "number" }, "description": "List of float values." } }, "type": "object", "required": [ "values" ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1FloatTypeOptions": { "description": "Configurations for a float property.", "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1FloatTypeOptionsResponse": { "description": "Configurations for a float property.", "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1IntegerArray": { "description": "Integer values.", "properties": { "values": { "type": "array", "items": { "type": "integer" }, "description": "List of integer values." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1IntegerArrayResponse": { "description": "Integer values.", "properties": { "values": { "type": "array", "items": { "type": "integer" }, "description": "List of integer values." } }, "type": "object", "required": [ "values" ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1IntegerTypeOptions": { "description": "Configurations for an integer property.", "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1IntegerTypeOptionsResponse": { "description": "Configurations for an integer property.", "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1MapProperty": { "description": "Map property value. Represents a structured entries of key value pairs, consisting of field names which map to dynamically typed values.", "properties": { "fields": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Unordered map of dynamically typed values." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1MapPropertyResponse": { "description": "Map property value. Represents a structured entries of key value pairs, consisting of field names which map to dynamically typed values.", "properties": { "fields": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Unordered map of dynamically typed values." } }, "type": "object", "required": [ "fields" ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1MapTypeOptions": { "description": "Configurations for a Map property.", "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1MapTypeOptionsResponse": { "description": "Configurations for a Map property.", "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1MergeFieldsOptions": { "description": "Options for merging updated fields.", "properties": { "replaceMessageFields": { "type": "boolean", "description": "When merging message fields, the default behavior is to merge the content of two message fields together. If you instead want to use the field from the source message to replace the corresponding field in the destination message, set this flag to true. When this flag is set, specified submessage fields that are missing in source will be cleared in destination." }, "replaceRepeatedFields": { "type": "boolean", "description": "When merging repeated fields, the default behavior is to append entries from the source repeated field to the destination repeated field. If you instead want to keep only the entries from the source repeated field, set this flag to true. If you want to replace a repeated field within a message field on the destination message, you must set both replace_repeated_fields and replace_message_fields to true, otherwise the repeated fields will be appended." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1Property": { "description": "Property of a document.", "properties": { "dateTimeValues": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1DateTimeArray", "description": "Date time property values. It is not supported by CMEK compliant deployment." }, "enumValues": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1EnumArray", "description": "Enum property values." }, "floatValues": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1FloatArray", "description": "Float property values." }, "integerValues": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1IntegerArray", "description": "Integer property values." }, "mapProperty": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1MapProperty", "description": "Map property values." }, "name": { "type": "string", "description": "Must match the name of a PropertyDefinition in the DocumentSchema." }, "propertyValues": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1PropertyArray", "description": "Nested structured data property values." }, "textValues": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1TextArray", "description": "String/text property values." }, "timestampValues": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1TimestampArray", "description": "Timestamp property values. It is not supported by CMEK compliant deployment." } }, "type": "object", "required": [ "name" ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1PropertyArray": { "description": "Property values.", "properties": { "properties": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1Property" }, "description": "List of property values." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1PropertyArrayResponse": { "description": "Property values.", "properties": { "properties": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1PropertyResponse" }, "description": "List of property values." } }, "type": "object", "required": [ "properties" ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1PropertyDefinition": { "description": "Defines the metadata for a schema property.", "properties": { "dateTimeTypeOptions": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1DateTimeTypeOptions", "description": "Date time property. It is not supported by CMEK compliant deployment." }, "displayName": { "type": "string", "description": "The display-name for the property, used for front-end." }, "enumTypeOptions": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1EnumTypeOptions", "description": "Enum/categorical property." }, "floatTypeOptions": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1FloatTypeOptions", "description": "Float property." }, "integerTypeOptions": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1IntegerTypeOptions", "description": "Integer property." }, "isFilterable": { "type": "boolean", "description": "Whether the property can be filtered. If this is a sub-property, all the parent properties must be marked filterable." }, "isMetadata": { "type": "boolean", "description": "Whether the property is user supplied metadata. This out-of-the box placeholder setting can be used to tag derived properties. Its value and interpretation logic should be implemented by API user." }, "isRepeatable": { "type": "boolean", "description": "Whether the property can have multiple values." }, "isRequired": { "type": "boolean", "description": "Whether the property is mandatory. Default is 'false', i.e. populating property value can be skipped. If 'true' then user must populate the value for this property." }, "isSearchable": { "type": "boolean", "description": "Indicates that the property should be included in a global search." }, "mapTypeOptions": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1MapTypeOptions", "description": "Map property." }, "name": { "type": "string", "description": "The name of the metadata property. Must be unique within a document schema and is case insensitive. Names must be non-blank, start with a letter, and can contain alphanumeric characters and: /, :, -, _, and ." }, "propertyTypeOptions": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1PropertyTypeOptions", "description": "Nested structured data property." }, "retrievalImportance": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1PropertyDefinitionRetrievalImportance", "description": "The retrieval importance of the property during search." }, "schemaSources": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1PropertyDefinitionSchemaSource" }, "description": "The mapping information between this property to another schema source." }, "textTypeOptions": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1TextTypeOptions", "description": "Text/string property." }, "timestampTypeOptions": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1TimestampTypeOptions", "description": "Timestamp property. It is not supported by CMEK compliant deployment." } }, "type": "object", "required": [ "name" ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1PropertyDefinitionResponse": { "description": "Defines the metadata for a schema property.", "properties": { "dateTimeTypeOptions": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1DateTimeTypeOptionsResponse", "description": "Date time property. It is not supported by CMEK compliant deployment." }, "displayName": { "type": "string", "description": "The display-name for the property, used for front-end." }, "enumTypeOptions": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1EnumTypeOptionsResponse", "description": "Enum/categorical property." }, "floatTypeOptions": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1FloatTypeOptionsResponse", "description": "Float property." }, "integerTypeOptions": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1IntegerTypeOptionsResponse", "description": "Integer property." }, "isFilterable": { "type": "boolean", "description": "Whether the property can be filtered. If this is a sub-property, all the parent properties must be marked filterable." }, "isMetadata": { "type": "boolean", "description": "Whether the property is user supplied metadata. This out-of-the box placeholder setting can be used to tag derived properties. Its value and interpretation logic should be implemented by API user." }, "isRepeatable": { "type": "boolean", "description": "Whether the property can have multiple values." }, "isRequired": { "type": "boolean", "description": "Whether the property is mandatory. Default is 'false', i.e. populating property value can be skipped. If 'true' then user must populate the value for this property." }, "isSearchable": { "type": "boolean", "description": "Indicates that the property should be included in a global search." }, "mapTypeOptions": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1MapTypeOptionsResponse", "description": "Map property." }, "name": { "type": "string", "description": "The name of the metadata property. Must be unique within a document schema and is case insensitive. Names must be non-blank, start with a letter, and can contain alphanumeric characters and: /, :, -, _, and ." }, "propertyTypeOptions": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1PropertyTypeOptionsResponse", "description": "Nested structured data property." }, "retrievalImportance": { "type": "string", "description": "The retrieval importance of the property during search." }, "schemaSources": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1PropertyDefinitionSchemaSourceResponse" }, "description": "The mapping information between this property to another schema source." }, "textTypeOptions": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1TextTypeOptionsResponse", "description": "Text/string property." }, "timestampTypeOptions": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1TimestampTypeOptionsResponse", "description": "Timestamp property. It is not supported by CMEK compliant deployment." } }, "type": "object", "required": [ "dateTimeTypeOptions", "displayName", "enumTypeOptions", "floatTypeOptions", "integerTypeOptions", "isFilterable", "isMetadata", "isRepeatable", "isRequired", "isSearchable", "mapTypeOptions", "name", "propertyTypeOptions", "retrievalImportance", "schemaSources", "textTypeOptions", "timestampTypeOptions" ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1PropertyDefinitionRetrievalImportance": { "description": "The retrieval importance of the property during search.", "type": "string", "enum": [ { "name": "RetrievalImportanceUnspecified", "description": "No importance specified. Default medium importance.", "value": "RETRIEVAL_IMPORTANCE_UNSPECIFIED" }, { "name": "Highest", "description": "Highest importance.", "value": "HIGHEST" }, { "name": "Higher", "description": "Higher importance.", "value": "HIGHER" }, { "name": "High", "description": "High importance.", "value": "HIGH" }, { "name": "Medium", "description": "Medium importance.", "value": "MEDIUM" }, { "name": "Low", "description": "Low importance (negative).", "value": "LOW" }, { "name": "Lowest", "description": "Lowest importance (negative).", "value": "LOWEST" } ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1PropertyDefinitionSchemaSource": { "description": "The schema source information.", "properties": { "name": { "type": "string", "description": "The schema name in the source." }, "processorType": { "type": "string", "description": "The Doc AI processor type name." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1PropertyDefinitionSchemaSourceResponse": { "description": "The schema source information.", "properties": { "name": { "type": "string", "description": "The schema name in the source." }, "processorType": { "type": "string", "description": "The Doc AI processor type name." } }, "type": "object", "required": [ "name", "processorType" ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1PropertyResponse": { "description": "Property of a document.", "properties": { "dateTimeValues": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1DateTimeArrayResponse", "description": "Date time property values. It is not supported by CMEK compliant deployment." }, "enumValues": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1EnumArrayResponse", "description": "Enum property values." }, "floatValues": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1FloatArrayResponse", "description": "Float property values." }, "integerValues": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1IntegerArrayResponse", "description": "Integer property values." }, "mapProperty": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1MapPropertyResponse", "description": "Map property values." }, "name": { "type": "string", "description": "Must match the name of a PropertyDefinition in the DocumentSchema." }, "propertyValues": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1PropertyArrayResponse", "description": "Nested structured data property values." }, "textValues": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1TextArrayResponse", "description": "String/text property values." }, "timestampValues": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1TimestampArrayResponse", "description": "Timestamp property values. It is not supported by CMEK compliant deployment." } }, "type": "object", "required": [ "dateTimeValues", "enumValues", "floatValues", "integerValues", "mapProperty", "name", "propertyValues", "textValues", "timestampValues" ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1PropertyTypeOptions": { "description": "Configurations for a nested structured data property.", "properties": { "propertyDefinitions": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1PropertyDefinition" }, "description": "List of property definitions." } }, "type": "object", "required": [ "propertyDefinitions" ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1PropertyTypeOptionsResponse": { "description": "Configurations for a nested structured data property.", "properties": { "propertyDefinitions": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1PropertyDefinitionResponse" }, "description": "List of property definitions." } }, "type": "object", "required": [ "propertyDefinitions" ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1PublishAction": { "description": "Represents the action responsible for publishing messages to a Pub/Sub topic.", "properties": { "messages": { "type": "array", "items": { "type": "string" }, "description": "Messages to be published." }, "topicId": { "type": "string", "description": "The topic id in the Pub/Sub service for which messages will be published to." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1PublishActionResponse": { "description": "Represents the action responsible for publishing messages to a Pub/Sub topic.", "properties": { "messages": { "type": "array", "items": { "type": "string" }, "description": "Messages to be published." }, "topicId": { "type": "string", "description": "The topic id in the Pub/Sub service for which messages will be published to." } }, "type": "object", "required": [ "messages", "topicId" ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1RemoveFromFolderAction": { "description": "Represents the action responsible for remove a document from a specific folder.", "properties": { "condition": { "type": "string", "description": "Condition of the action to be executed." }, "folder": { "type": "string", "description": "Name of the folder under which new document is to be added. Format: projects/{project_number}/locations/{location}/documents/{document_id}." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1RemoveFromFolderActionResponse": { "description": "Represents the action responsible for remove a document from a specific folder.", "properties": { "condition": { "type": "string", "description": "Condition of the action to be executed." }, "folder": { "type": "string", "description": "Name of the folder under which new document is to be added. Format: projects/{project_number}/locations/{location}/documents/{document_id}." } }, "type": "object", "required": [ "condition", "folder" ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1RequestMetadata": { "description": "Meta information is used to improve the performance of the service.", "properties": { "userInfo": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1UserInfo", "description": "Provides user unique identification and groups information." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1Rule": { "description": "Represents the rule for a content warehouse trigger.", "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1Action" }, "description": "List of actions that are executed when the rule is satisfied." }, "condition": { "type": "string", "description": "Represents the conditional expression to be evaluated. Expression should evaluate to a boolean result. When the condition is true actions are executed. Example: user_role = \"hsbc_role_1\" AND doc.salary > 20000" }, "description": { "type": "string", "description": "Short description of the rule and its context." }, "ruleId": { "type": "string", "description": "ID of the rule. It has to be unique across all the examples. This is managed internally." }, "triggerType": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1RuleTriggerType", "description": "Identifies the trigger type for running the policy." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1RuleResponse": { "description": "Represents the rule for a content warehouse trigger.", "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1ActionResponse" }, "description": "List of actions that are executed when the rule is satisfied." }, "condition": { "type": "string", "description": "Represents the conditional expression to be evaluated. Expression should evaluate to a boolean result. When the condition is true actions are executed. Example: user_role = \"hsbc_role_1\" AND doc.salary > 20000" }, "description": { "type": "string", "description": "Short description of the rule and its context." }, "ruleId": { "type": "string", "description": "ID of the rule. It has to be unique across all the examples. This is managed internally." }, "triggerType": { "type": "string", "description": "Identifies the trigger type for running the policy." } }, "type": "object", "required": [ "actions", "condition", "description", "ruleId", "triggerType" ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1RuleTriggerType": { "description": "Identifies the trigger type for running the policy.", "type": "string", "enum": [ { "name": "Unknown", "description": "Trigger for unknown action.", "value": "UNKNOWN" }, { "name": "OnCreate", "description": "Trigger for create document action.", "value": "ON_CREATE" }, { "name": "OnUpdate", "description": "Trigger for update document action.", "value": "ON_UPDATE" }, { "name": "OnCreateLink", "description": "Trigger for create link action.", "value": "ON_CREATE_LINK" }, { "name": "OnDeleteLink", "description": "Trigger for delete link action.", "value": "ON_DELETE_LINK" } ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1SynonymSetSynonym": { "description": "Represents a list of words given by the customer All these words are synonyms of each other.", "properties": { "words": { "type": "array", "items": { "type": "string" }, "description": "For example: sale, invoice, bill, order" } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1SynonymSetSynonymResponse": { "description": "Represents a list of words given by the customer All these words are synonyms of each other.", "properties": { "words": { "type": "array", "items": { "type": "string" }, "description": "For example: sale, invoice, bill, order" } }, "type": "object", "required": [ "words" ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1TextArray": { "description": "String/text values.", "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "List of text values." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1TextArrayResponse": { "description": "String/text values.", "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "List of text values." } }, "type": "object", "required": [ "values" ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1TextTypeOptions": { "description": "Configurations for a text property.", "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1TextTypeOptionsResponse": { "description": "Configurations for a text property.", "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1TimestampArray": { "description": "Timestamp values.", "properties": { "values": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1TimestampValue" }, "description": "List of timestamp values." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1TimestampArrayResponse": { "description": "Timestamp values.", "properties": { "values": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1TimestampValueResponse" }, "description": "List of timestamp values." } }, "type": "object", "required": [ "values" ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1TimestampTypeOptions": { "description": "Configurations for a timestamp property.", "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1TimestampTypeOptionsResponse": { "description": "Configurations for a timestamp property.", "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1TimestampValue": { "description": "Timestamp value type.", "properties": { "textValue": { "type": "string", "description": "The string must represent a valid instant in UTC and is parsed using java.time.format.DateTimeFormatter.ISO_INSTANT. e.g. \"2013-09-29T18:46:19Z\"" }, "timestampValue": { "type": "string", "description": "Timestamp value" } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1TimestampValueResponse": { "description": "Timestamp value type.", "properties": { "textValue": { "type": "string", "description": "The string must represent a valid instant in UTC and is parsed using java.time.format.DateTimeFormatter.ISO_INSTANT. e.g. \"2013-09-29T18:46:19Z\"" }, "timestampValue": { "type": "string", "description": "Timestamp value" } }, "type": "object", "required": [ "textValue", "timestampValue" ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1UpdateOptions": { "description": "Options for Update operations.", "properties": { "mergeFieldsOptions": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1MergeFieldsOptions", "description": "Options for merging." }, "updateMask": { "type": "string", "description": "Field mask for merging Document fields. For the `FieldMask` definition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask" }, "updateType": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudContentwarehouseV1UpdateOptionsUpdateType", "description": "Type for update." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1UpdateOptionsUpdateType": { "description": "Type for update.", "type": "string", "enum": [ { "name": "UpdateTypeUnspecified", "description": "Defaults to full replace behavior, ie. FULL_REPLACE.", "value": "UPDATE_TYPE_UNSPECIFIED" }, { "name": "UpdateTypeReplace", "description": "Fully replace all the fields (including previously linked raw document). Any field masks will be ignored.", "value": "UPDATE_TYPE_REPLACE" }, { "name": "UpdateTypeMerge", "description": "Merge the fields into the existing entities.", "value": "UPDATE_TYPE_MERGE" }, { "name": "UpdateTypeInsertPropertiesByNames", "description": "Inserts the properties by names.", "value": "UPDATE_TYPE_INSERT_PROPERTIES_BY_NAMES" }, { "name": "UpdateTypeReplacePropertiesByNames", "description": "Replace the properties by names.", "value": "UPDATE_TYPE_REPLACE_PROPERTIES_BY_NAMES" }, { "name": "UpdateTypeDeletePropertiesByNames", "description": "Delete the properties by names.", "value": "UPDATE_TYPE_DELETE_PROPERTIES_BY_NAMES" }, { "name": "UpdateTypeMergeAndReplaceOrInsertPropertiesByNames", "description": "For each of the property, replaces the property if the it exists, otherwise inserts a new property. And for the rest of the fields, merge them based on update mask and merge fields options.", "value": "UPDATE_TYPE_MERGE_AND_REPLACE_OR_INSERT_PROPERTIES_BY_NAMES" } ] }, "google-native:contentwarehouse/v1:GoogleCloudContentwarehouseV1UserInfo": { "description": "The user information.", "properties": { "groupIds": { "type": "array", "items": { "type": "string" }, "description": "The unique group identifications which the user is belong to. The format is \"group:yyyy@example.com\";" }, "id": { "type": "string", "description": "A unique user identification string, as determined by the client. The maximum number of allowed characters is 255. Allowed characters include numbers 0 to 9, uppercase and lowercase letters, and restricted special symbols (:, @, +, -, _, ~) The format is \"user:xxxx@example.com\";" } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1Barcode": { "description": "Encodes the detailed information of a barcode.", "properties": { "format": { "type": "string", "description": "Format of a barcode. The supported formats are: - `CODE_128`: Code 128 type. - `CODE_39`: Code 39 type. - `CODE_93`: Code 93 type. - `CODABAR`: Codabar type. - `DATA_MATRIX`: 2D Data Matrix type. - `ITF`: ITF type. - `EAN_13`: EAN-13 type. - `EAN_8`: EAN-8 type. - `QR_CODE`: 2D QR code type. - `UPC_A`: UPC-A type. - `UPC_E`: UPC-E type. - `PDF417`: PDF417 type. - `AZTEC`: 2D Aztec code type. - `DATABAR`: GS1 DataBar code type." }, "rawValue": { "type": "string", "description": "Raw value encoded in the barcode. For example: `'MEBKM:TITLE:Google;URL:https://www.google.com;;'`." }, "valueFormat": { "type": "string", "description": "Value format describes the format of the value that a barcode encodes. The supported formats are: - `CONTACT_INFO`: Contact information. - `EMAIL`: Email address. - `ISBN`: ISBN identifier. - `PHONE`: Phone number. - `PRODUCT`: Product. - `SMS`: SMS message. - `TEXT`: Text string. - `URL`: URL address. - `WIFI`: Wifi information. - `GEO`: Geo-localization. - `CALENDAR_EVENT`: Calendar event. - `DRIVER_LICENSE`: Driver's license." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1BarcodeResponse": { "description": "Encodes the detailed information of a barcode.", "properties": { "format": { "type": "string", "description": "Format of a barcode. The supported formats are: - `CODE_128`: Code 128 type. - `CODE_39`: Code 39 type. - `CODE_93`: Code 93 type. - `CODABAR`: Codabar type. - `DATA_MATRIX`: 2D Data Matrix type. - `ITF`: ITF type. - `EAN_13`: EAN-13 type. - `EAN_8`: EAN-8 type. - `QR_CODE`: 2D QR code type. - `UPC_A`: UPC-A type. - `UPC_E`: UPC-E type. - `PDF417`: PDF417 type. - `AZTEC`: 2D Aztec code type. - `DATABAR`: GS1 DataBar code type." }, "rawValue": { "type": "string", "description": "Raw value encoded in the barcode. For example: `'MEBKM:TITLE:Google;URL:https://www.google.com;;'`." }, "valueFormat": { "type": "string", "description": "Value format describes the format of the value that a barcode encodes. The supported formats are: - `CONTACT_INFO`: Contact information. - `EMAIL`: Email address. - `ISBN`: ISBN identifier. - `PHONE`: Phone number. - `PRODUCT`: Product. - `SMS`: SMS message. - `TEXT`: Text string. - `URL`: URL address. - `WIFI`: Wifi information. - `GEO`: Geo-localization. - `CALENDAR_EVENT`: Calendar event. - `DRIVER_LICENSE`: Driver's license." } }, "type": "object", "required": [ "format", "rawValue", "valueFormat" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1BoundingPoly": { "description": "A bounding polygon for the detected image annotation.", "properties": { "normalizedVertices": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1NormalizedVertex" }, "description": "The bounding polygon normalized vertices." }, "vertices": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1Vertex" }, "description": "The bounding polygon vertices." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1BoundingPolyResponse": { "description": "A bounding polygon for the detected image annotation.", "properties": { "normalizedVertices": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1NormalizedVertexResponse" }, "description": "The bounding polygon normalized vertices." }, "vertices": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1VertexResponse" }, "description": "The bounding polygon vertices." } }, "type": "object", "required": [ "normalizedVertices", "vertices" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1Document": { "description": "Document represents the canonical document resource in Document AI. It is an interchange format that provides insights into documents and allows for collaboration between users and Document AI to iterate and optimize for quality.", "properties": { "content": { "type": "string", "description": "Optional. Inline document content, represented as a stream of bytes. Note: As with all `bytes` fields, protobuffers use a pure binary representation, whereas JSON representations use base64." }, "entities": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentEntity" }, "description": "A list of entities detected on Document.text. For document shards, entities in this list may cross shard boundaries." }, "entityRelations": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentEntityRelation" }, "description": "Placeholder. Relationship among Document.entities." }, "error": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleRpcStatus", "description": "Any error that occurred while processing this document." }, "mimeType": { "type": "string", "description": "An IANA published [media type (MIME type)](https://www.iana.org/assignments/media-types/media-types.xhtml)." }, "pages": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPage" }, "description": "Visual page layout for the Document." }, "revisions": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentRevision" }, "description": "Placeholder. Revision history of this document." }, "shardInfo": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentShardInfo", "description": "Information about the sharding if this document is sharded part of a larger document. If the document is not sharded, this message is not specified." }, "text": { "type": "string", "description": "Optional. UTF-8 encoded text in reading order from the document." }, "textChanges": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentTextChange" }, "description": "Placeholder. A list of text corrections made to Document.text. This is usually used for annotating corrections to OCR mistakes. Text changes for a given revision may not overlap with each other." }, "textStyles": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentStyle" }, "description": "Styles for the Document.text." }, "uri": { "type": "string", "description": "Optional. Currently supports Google Cloud Storage URI of the form `gs://bucket_name/object_name`. Object versioning is not supported. For more information, refer to [Google Cloud Storage Request URIs](https://cloud.google.com/storage/docs/reference-uris)." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentEntity": { "description": "An entity that could be a phrase in the text or a property that belongs to the document. It is a known entity type, such as a person, an organization, or location.", "properties": { "confidence": { "type": "number", "description": "Optional. Confidence of detected Schema entity. Range `[0, 1]`." }, "id": { "type": "string", "description": "Optional. Canonical id. This will be a unique value in the entity list for this document." }, "mentionId": { "type": "string", "description": "Optional. Deprecated. Use `id` field instead.", "deprecationMessage": "Optional. Deprecated. Use `id` field instead." }, "mentionText": { "type": "string", "description": "Optional. Text value of the entity e.g. `1600 Amphitheatre Pkwy`." }, "normalizedValue": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentEntityNormalizedValue", "description": "Optional. Normalized entity value. Absent if the extracted value could not be converted or the type (e.g. address) is not supported for certain parsers. This field is also only populated for certain supported document types." }, "pageAnchor": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageAnchor", "description": "Optional. Represents the provenance of this entity wrt. the location on the page where it was found." }, "properties": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentEntity" }, "description": "Optional. Entities can be nested to form a hierarchical data structure representing the content in the document." }, "provenance": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentProvenance", "description": "Optional. The history of this annotation." }, "redacted": { "type": "boolean", "description": "Optional. Whether the entity will be redacted for de-identification purposes." }, "textAnchor": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentTextAnchor", "description": "Optional. Provenance of the entity. Text anchor indexing into the Document.text." }, "type": { "type": "string", "description": "Entity type from a schema e.g. `Address`." } }, "type": "object", "required": [ "type" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentEntityNormalizedValue": { "description": "Parsed and normalized entity value.", "properties": { "addressValue": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleTypePostalAddress", "description": "Postal address. See also: https://github.com/googleapis/googleapis/blob/master/google/type/postal_address.proto" }, "booleanValue": { "type": "boolean", "description": "Boolean value. Can be used for entities with binary values, or for checkboxes." }, "dateValue": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleTypeDate", "description": "Date value. Includes year, month, day. See also: https://github.com/googleapis/googleapis/blob/master/google/type/date.proto" }, "datetimeValue": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleTypeDateTime", "description": "DateTime value. Includes date, time, and timezone. See also: https://github.com/googleapis/googleapis/blob/master/google/type/datetime.proto" }, "floatValue": { "type": "number", "description": "Float value." }, "integerValue": { "type": "integer", "description": "Integer value." }, "moneyValue": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleTypeMoney", "description": "Money value. See also: https://github.com/googleapis/googleapis/blob/master/google/type/money.proto" }, "text": { "type": "string", "description": "Optional. An optional field to store a normalized string. For some entity types, one of respective `structured_value` fields may also be populated. Also not all the types of `structured_value` will be normalized. For example, some processors may not generate `float` or `integer` normalized text by default. Below are sample formats mapped to structured values. - Money/Currency type (`money_value`) is in the ISO 4217 text format. - Date type (`date_value`) is in the ISO 8601 text format. - Datetime type (`datetime_value`) is in the ISO 8601 text format." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentEntityNormalizedValueResponse": { "description": "Parsed and normalized entity value.", "properties": { "addressValue": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleTypePostalAddressResponse", "description": "Postal address. See also: https://github.com/googleapis/googleapis/blob/master/google/type/postal_address.proto" }, "booleanValue": { "type": "boolean", "description": "Boolean value. Can be used for entities with binary values, or for checkboxes." }, "dateValue": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleTypeDateResponse", "description": "Date value. Includes year, month, day. See also: https://github.com/googleapis/googleapis/blob/master/google/type/date.proto" }, "datetimeValue": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleTypeDateTimeResponse", "description": "DateTime value. Includes date, time, and timezone. See also: https://github.com/googleapis/googleapis/blob/master/google/type/datetime.proto" }, "floatValue": { "type": "number", "description": "Float value." }, "integerValue": { "type": "integer", "description": "Integer value." }, "moneyValue": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleTypeMoneyResponse", "description": "Money value. See also: https://github.com/googleapis/googleapis/blob/master/google/type/money.proto" }, "text": { "type": "string", "description": "Optional. An optional field to store a normalized string. For some entity types, one of respective `structured_value` fields may also be populated. Also not all the types of `structured_value` will be normalized. For example, some processors may not generate `float` or `integer` normalized text by default. Below are sample formats mapped to structured values. - Money/Currency type (`money_value`) is in the ISO 4217 text format. - Date type (`date_value`) is in the ISO 8601 text format. - Datetime type (`datetime_value`) is in the ISO 8601 text format." } }, "type": "object", "required": [ "addressValue", "booleanValue", "dateValue", "datetimeValue", "floatValue", "integerValue", "moneyValue", "text" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentEntityRelation": { "description": "Relationship between Entities.", "properties": { "objectId": { "type": "string", "description": "Object entity id." }, "relation": { "type": "string", "description": "Relationship description." }, "subjectId": { "type": "string", "description": "Subject entity id." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentEntityRelationResponse": { "description": "Relationship between Entities.", "properties": { "objectId": { "type": "string", "description": "Object entity id." }, "relation": { "type": "string", "description": "Relationship description." }, "subjectId": { "type": "string", "description": "Subject entity id." } }, "type": "object", "required": [ "objectId", "relation", "subjectId" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentEntityResponse": { "description": "An entity that could be a phrase in the text or a property that belongs to the document. It is a known entity type, such as a person, an organization, or location.", "properties": { "confidence": { "type": "number", "description": "Optional. Confidence of detected Schema entity. Range `[0, 1]`." }, "mentionId": { "type": "string", "description": "Optional. Deprecated. Use `id` field instead.", "deprecationMessage": "Optional. Deprecated. Use `id` field instead." }, "mentionText": { "type": "string", "description": "Optional. Text value of the entity e.g. `1600 Amphitheatre Pkwy`." }, "normalizedValue": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentEntityNormalizedValueResponse", "description": "Optional. Normalized entity value. Absent if the extracted value could not be converted or the type (e.g. address) is not supported for certain parsers. This field is also only populated for certain supported document types." }, "pageAnchor": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageAnchorResponse", "description": "Optional. Represents the provenance of this entity wrt. the location on the page where it was found." }, "properties": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentEntityResponse" }, "description": "Optional. Entities can be nested to form a hierarchical data structure representing the content in the document." }, "provenance": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentProvenanceResponse", "description": "Optional. The history of this annotation." }, "redacted": { "type": "boolean", "description": "Optional. Whether the entity will be redacted for de-identification purposes." }, "textAnchor": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentTextAnchorResponse", "description": "Optional. Provenance of the entity. Text anchor indexing into the Document.text." }, "type": { "type": "string", "description": "Entity type from a schema e.g. `Address`." } }, "type": "object", "required": [ "confidence", "mentionId", "mentionText", "normalizedValue", "pageAnchor", "properties", "provenance", "redacted", "textAnchor", "type" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPage": { "description": "A page in a Document.", "properties": { "blocks": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageBlock" }, "description": "A list of visually detected text blocks on the page. A block has a set of lines (collected into paragraphs) that have a common line-spacing and orientation." }, "detectedBarcodes": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageDetectedBarcode" }, "description": "A list of detected barcodes." }, "detectedLanguages": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageDetectedLanguage" }, "description": "A list of detected languages together with confidence." }, "dimension": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageDimension", "description": "Physical dimension of the page." }, "formFields": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageFormField" }, "description": "A list of visually detected form fields on the page." }, "image": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageImage", "description": "Rendered image for this page. This image is preprocessed to remove any skew, rotation, and distortions such that the annotation bounding boxes can be upright and axis-aligned." }, "imageQualityScores": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageImageQualityScores", "description": "Image quality scores." }, "layout": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageLayout", "description": "Layout for the page." }, "lines": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageLine" }, "description": "A list of visually detected text lines on the page. A collection of tokens that a human would perceive as a line." }, "pageNumber": { "type": "integer", "description": "1-based index for current Page in a parent Document. Useful when a page is taken out of a Document for individual processing." }, "paragraphs": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageParagraph" }, "description": "A list of visually detected text paragraphs on the page. A collection of lines that a human would perceive as a paragraph." }, "provenance": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentProvenance", "description": "The history of this page." }, "symbols": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageSymbol" }, "description": "A list of visually detected symbols on the page." }, "tables": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageTable" }, "description": "A list of visually detected tables on the page." }, "tokens": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageToken" }, "description": "A list of visually detected tokens on the page." }, "transforms": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageMatrix" }, "description": "Transformation matrices that were applied to the original document image to produce Page.image." }, "visualElements": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageVisualElement" }, "description": "A list of detected non-text visual elements e.g. checkbox, signature etc. on the page." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageAnchor": { "description": "Referencing the visual context of the entity in the Document.pages. Page anchors can be cross-page, consist of multiple bounding polygons and optionally reference specific layout element types.", "properties": { "pageRefs": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageAnchorPageRef" }, "description": "One or more references to visual page elements" } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageAnchorPageRef": { "description": "Represents a weak reference to a page element within a document.", "properties": { "boundingPoly": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1BoundingPoly", "description": "Optional. Identifies the bounding polygon of a layout element on the page." }, "confidence": { "type": "number", "description": "Optional. Confidence of detected page element, if applicable. Range `[0, 1]`." }, "layoutId": { "type": "string", "description": "Optional. Deprecated. Use PageRef.bounding_poly instead.", "deprecationMessage": "Optional. Deprecated. Use PageRef.bounding_poly instead." }, "layoutType": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageAnchorPageRefLayoutType", "description": "Optional. The type of the layout element that is being referenced if any." }, "page": { "type": "string", "description": "Index into the Document.pages element, for example using `Document.pages` to locate the related page element. This field is skipped when its value is the default `0`. See https://developers.google.com/protocol-buffers/docs/proto3#json." } }, "type": "object", "required": [ "page" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageAnchorPageRefLayoutType": { "description": "Optional. The type of the layout element that is being referenced if any.", "type": "string", "enum": [ { "name": "LayoutTypeUnspecified", "description": "Layout Unspecified.", "value": "LAYOUT_TYPE_UNSPECIFIED" }, { "name": "Block", "description": "References a Page.blocks element.", "value": "BLOCK" }, { "name": "Paragraph", "description": "References a Page.paragraphs element.", "value": "PARAGRAPH" }, { "name": "Line", "description": "References a Page.lines element.", "value": "LINE" }, { "name": "Token", "description": "References a Page.tokens element.", "value": "TOKEN" }, { "name": "VisualElement", "description": "References a Page.visual_elements element.", "value": "VISUAL_ELEMENT" }, { "name": "Table", "description": "Refrrences a Page.tables element.", "value": "TABLE" }, { "name": "FormField", "description": "References a Page.form_fields element.", "value": "FORM_FIELD" } ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageAnchorPageRefResponse": { "description": "Represents a weak reference to a page element within a document.", "properties": { "boundingPoly": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1BoundingPolyResponse", "description": "Optional. Identifies the bounding polygon of a layout element on the page." }, "confidence": { "type": "number", "description": "Optional. Confidence of detected page element, if applicable. Range `[0, 1]`." }, "layoutId": { "type": "string", "description": "Optional. Deprecated. Use PageRef.bounding_poly instead.", "deprecationMessage": "Optional. Deprecated. Use PageRef.bounding_poly instead." }, "layoutType": { "type": "string", "description": "Optional. The type of the layout element that is being referenced if any." }, "page": { "type": "string", "description": "Index into the Document.pages element, for example using `Document.pages` to locate the related page element. This field is skipped when its value is the default `0`. See https://developers.google.com/protocol-buffers/docs/proto3#json." } }, "type": "object", "required": [ "boundingPoly", "confidence", "layoutId", "layoutType", "page" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageAnchorResponse": { "description": "Referencing the visual context of the entity in the Document.pages. Page anchors can be cross-page, consist of multiple bounding polygons and optionally reference specific layout element types.", "properties": { "pageRefs": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageAnchorPageRefResponse" }, "description": "One or more references to visual page elements" } }, "type": "object", "required": [ "pageRefs" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageBlock": { "description": "A block has a set of lines (collected into paragraphs) that have a common line-spacing and orientation.", "properties": { "detectedLanguages": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageDetectedLanguage" }, "description": "A list of detected languages together with confidence." }, "layout": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageLayout", "description": "Layout for Block." }, "provenance": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentProvenance", "description": "The history of this annotation." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageBlockResponse": { "description": "A block has a set of lines (collected into paragraphs) that have a common line-spacing and orientation.", "properties": { "detectedLanguages": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageDetectedLanguageResponse" }, "description": "A list of detected languages together with confidence." }, "layout": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageLayoutResponse", "description": "Layout for Block." }, "provenance": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentProvenanceResponse", "description": "The history of this annotation." } }, "type": "object", "required": [ "detectedLanguages", "layout", "provenance" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageDetectedBarcode": { "description": "A detected barcode.", "properties": { "barcode": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1Barcode", "description": "Detailed barcode information of the DetectedBarcode." }, "layout": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageLayout", "description": "Layout for DetectedBarcode." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageDetectedBarcodeResponse": { "description": "A detected barcode.", "properties": { "barcode": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1BarcodeResponse", "description": "Detailed barcode information of the DetectedBarcode." }, "layout": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageLayoutResponse", "description": "Layout for DetectedBarcode." } }, "type": "object", "required": [ "barcode", "layout" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageDetectedLanguage": { "description": "Detected language for a structural component.", "properties": { "confidence": { "type": "number", "description": "Confidence of detected language. Range `[0, 1]`." }, "languageCode": { "type": "string", "description": "The [BCP-47 language code](https://www.unicode.org/reports/tr35/#Unicode_locale_identifier), such as `en-US` or `sr-Latn`." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageDetectedLanguageResponse": { "description": "Detected language for a structural component.", "properties": { "confidence": { "type": "number", "description": "Confidence of detected language. Range `[0, 1]`." }, "languageCode": { "type": "string", "description": "The [BCP-47 language code](https://www.unicode.org/reports/tr35/#Unicode_locale_identifier), such as `en-US` or `sr-Latn`." } }, "type": "object", "required": [ "confidence", "languageCode" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageDimension": { "description": "Dimension for the page.", "properties": { "height": { "type": "number", "description": "Page height." }, "unit": { "type": "string", "description": "Dimension unit." }, "width": { "type": "number", "description": "Page width." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageDimensionResponse": { "description": "Dimension for the page.", "properties": { "height": { "type": "number", "description": "Page height." }, "unit": { "type": "string", "description": "Dimension unit." }, "width": { "type": "number", "description": "Page width." } }, "type": "object", "required": [ "height", "unit", "width" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageFormField": { "description": "A form field detected on the page.", "properties": { "correctedKeyText": { "type": "string", "description": "Created for Labeling UI to export key text. If corrections were made to the text identified by the `field_name.text_anchor`, this field will contain the correction." }, "correctedValueText": { "type": "string", "description": "Created for Labeling UI to export value text. If corrections were made to the text identified by the `field_value.text_anchor`, this field will contain the correction." }, "fieldName": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageLayout", "description": "Layout for the FormField name. e.g. `Address`, `Email`, `Grand total`, `Phone number`, etc." }, "fieldValue": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageLayout", "description": "Layout for the FormField value." }, "nameDetectedLanguages": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageDetectedLanguage" }, "description": "A list of detected languages for name together with confidence." }, "provenance": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentProvenance", "description": "The history of this annotation." }, "valueDetectedLanguages": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageDetectedLanguage" }, "description": "A list of detected languages for value together with confidence." }, "valueType": { "type": "string", "description": "If the value is non-textual, this field represents the type. Current valid values are: - blank (this indicates the `field_value` is normal text) - `unfilled_checkbox` - `filled_checkbox`" } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageFormFieldResponse": { "description": "A form field detected on the page.", "properties": { "correctedKeyText": { "type": "string", "description": "Created for Labeling UI to export key text. If corrections were made to the text identified by the `field_name.text_anchor`, this field will contain the correction." }, "correctedValueText": { "type": "string", "description": "Created for Labeling UI to export value text. If corrections were made to the text identified by the `field_value.text_anchor`, this field will contain the correction." }, "fieldName": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageLayoutResponse", "description": "Layout for the FormField name. e.g. `Address`, `Email`, `Grand total`, `Phone number`, etc." }, "fieldValue": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageLayoutResponse", "description": "Layout for the FormField value." }, "nameDetectedLanguages": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageDetectedLanguageResponse" }, "description": "A list of detected languages for name together with confidence." }, "provenance": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentProvenanceResponse", "description": "The history of this annotation." }, "valueDetectedLanguages": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageDetectedLanguageResponse" }, "description": "A list of detected languages for value together with confidence." }, "valueType": { "type": "string", "description": "If the value is non-textual, this field represents the type. Current valid values are: - blank (this indicates the `field_value` is normal text) - `unfilled_checkbox` - `filled_checkbox`" } }, "type": "object", "required": [ "correctedKeyText", "correctedValueText", "fieldName", "fieldValue", "nameDetectedLanguages", "provenance", "valueDetectedLanguages", "valueType" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageImage": { "description": "Rendered image contents for this page.", "properties": { "content": { "type": "string", "description": "Raw byte content of the image." }, "height": { "type": "integer", "description": "Height of the image in pixels." }, "mimeType": { "type": "string", "description": "Encoding [media type (MIME type)](https://www.iana.org/assignments/media-types/media-types.xhtml) for the image." }, "width": { "type": "integer", "description": "Width of the image in pixels." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageImageQualityScores": { "description": "Image quality scores for the page image.", "properties": { "detectedDefects": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageImageQualityScoresDetectedDefect" }, "description": "A list of detected defects." }, "qualityScore": { "type": "number", "description": "The overall quality score. Range `[0, 1]` where `1` is perfect quality." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageImageQualityScoresDetectedDefect": { "description": "Image Quality Defects", "properties": { "confidence": { "type": "number", "description": "Confidence of detected defect. Range `[0, 1]` where `1` indicates strong confidence that the defect exists." }, "type": { "type": "string", "description": "Name of the defect type. Supported values are: - `quality/defect_blurry` - `quality/defect_noisy` - `quality/defect_dark` - `quality/defect_faint` - `quality/defect_text_too_small` - `quality/defect_document_cutoff` - `quality/defect_text_cutoff` - `quality/defect_glare`" } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageImageQualityScoresDetectedDefectResponse": { "description": "Image Quality Defects", "properties": { "confidence": { "type": "number", "description": "Confidence of detected defect. Range `[0, 1]` where `1` indicates strong confidence that the defect exists." }, "type": { "type": "string", "description": "Name of the defect type. Supported values are: - `quality/defect_blurry` - `quality/defect_noisy` - `quality/defect_dark` - `quality/defect_faint` - `quality/defect_text_too_small` - `quality/defect_document_cutoff` - `quality/defect_text_cutoff` - `quality/defect_glare`" } }, "type": "object", "required": [ "confidence", "type" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageImageQualityScoresResponse": { "description": "Image quality scores for the page image.", "properties": { "detectedDefects": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageImageQualityScoresDetectedDefectResponse" }, "description": "A list of detected defects." }, "qualityScore": { "type": "number", "description": "The overall quality score. Range `[0, 1]` where `1` is perfect quality." } }, "type": "object", "required": [ "detectedDefects", "qualityScore" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageImageResponse": { "description": "Rendered image contents for this page.", "properties": { "content": { "type": "string", "description": "Raw byte content of the image." }, "height": { "type": "integer", "description": "Height of the image in pixels." }, "mimeType": { "type": "string", "description": "Encoding [media type (MIME type)](https://www.iana.org/assignments/media-types/media-types.xhtml) for the image." }, "width": { "type": "integer", "description": "Width of the image in pixels." } }, "type": "object", "required": [ "content", "height", "mimeType", "width" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageLayout": { "description": "Visual element describing a layout unit on a page.", "properties": { "boundingPoly": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1BoundingPoly", "description": "The bounding polygon for the Layout." }, "confidence": { "type": "number", "description": "Confidence of the current Layout within context of the object this layout is for. e.g. confidence can be for a single token, a table, a visual element, etc. depending on context. Range `[0, 1]`." }, "orientation": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageLayoutOrientation", "description": "Detected orientation for the Layout." }, "textAnchor": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentTextAnchor", "description": "Text anchor indexing into the Document.text." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageLayoutOrientation": { "description": "Detected orientation for the Layout.", "type": "string", "enum": [ { "name": "OrientationUnspecified", "description": "Unspecified orientation.", "value": "ORIENTATION_UNSPECIFIED" }, { "name": "PageUp", "description": "Orientation is aligned with page up.", "value": "PAGE_UP" }, { "name": "PageRight", "description": "Orientation is aligned with page right. Turn the head 90 degrees clockwise from upright to read.", "value": "PAGE_RIGHT" }, { "name": "PageDown", "description": "Orientation is aligned with page down. Turn the head 180 degrees from upright to read.", "value": "PAGE_DOWN" }, { "name": "PageLeft", "description": "Orientation is aligned with page left. Turn the head 90 degrees counterclockwise from upright to read.", "value": "PAGE_LEFT" } ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageLayoutResponse": { "description": "Visual element describing a layout unit on a page.", "properties": { "boundingPoly": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1BoundingPolyResponse", "description": "The bounding polygon for the Layout." }, "confidence": { "type": "number", "description": "Confidence of the current Layout within context of the object this layout is for. e.g. confidence can be for a single token, a table, a visual element, etc. depending on context. Range `[0, 1]`." }, "orientation": { "type": "string", "description": "Detected orientation for the Layout." }, "textAnchor": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentTextAnchorResponse", "description": "Text anchor indexing into the Document.text." } }, "type": "object", "required": [ "boundingPoly", "confidence", "orientation", "textAnchor" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageLine": { "description": "A collection of tokens that a human would perceive as a line. Does not cross column boundaries, can be horizontal, vertical, etc.", "properties": { "detectedLanguages": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageDetectedLanguage" }, "description": "A list of detected languages together with confidence." }, "layout": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageLayout", "description": "Layout for Line." }, "provenance": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentProvenance", "description": "The history of this annotation." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageLineResponse": { "description": "A collection of tokens that a human would perceive as a line. Does not cross column boundaries, can be horizontal, vertical, etc.", "properties": { "detectedLanguages": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageDetectedLanguageResponse" }, "description": "A list of detected languages together with confidence." }, "layout": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageLayoutResponse", "description": "Layout for Line." }, "provenance": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentProvenanceResponse", "description": "The history of this annotation." } }, "type": "object", "required": [ "detectedLanguages", "layout", "provenance" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageMatrix": { "description": "Representation for transformation matrix, intended to be compatible and used with OpenCV format for image manipulation.", "properties": { "cols": { "type": "integer", "description": "Number of columns in the matrix." }, "data": { "type": "string", "description": "The matrix data." }, "rows": { "type": "integer", "description": "Number of rows in the matrix." }, "type": { "type": "integer", "description": "This encodes information about what data type the matrix uses. For example, 0 (CV_8U) is an unsigned 8-bit image. For the full list of OpenCV primitive data types, please refer to https://docs.opencv.org/4.3.0/d1/d1b/group__core__hal__interface.html" } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageMatrixResponse": { "description": "Representation for transformation matrix, intended to be compatible and used with OpenCV format for image manipulation.", "properties": { "cols": { "type": "integer", "description": "Number of columns in the matrix." }, "data": { "type": "string", "description": "The matrix data." }, "rows": { "type": "integer", "description": "Number of rows in the matrix." }, "type": { "type": "integer", "description": "This encodes information about what data type the matrix uses. For example, 0 (CV_8U) is an unsigned 8-bit image. For the full list of OpenCV primitive data types, please refer to https://docs.opencv.org/4.3.0/d1/d1b/group__core__hal__interface.html" } }, "type": "object", "required": [ "cols", "data", "rows", "type" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageParagraph": { "description": "A collection of lines that a human would perceive as a paragraph.", "properties": { "detectedLanguages": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageDetectedLanguage" }, "description": "A list of detected languages together with confidence." }, "layout": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageLayout", "description": "Layout for Paragraph." }, "provenance": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentProvenance", "description": "The history of this annotation." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageParagraphResponse": { "description": "A collection of lines that a human would perceive as a paragraph.", "properties": { "detectedLanguages": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageDetectedLanguageResponse" }, "description": "A list of detected languages together with confidence." }, "layout": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageLayoutResponse", "description": "Layout for Paragraph." }, "provenance": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentProvenanceResponse", "description": "The history of this annotation." } }, "type": "object", "required": [ "detectedLanguages", "layout", "provenance" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageResponse": { "description": "A page in a Document.", "properties": { "blocks": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageBlockResponse" }, "description": "A list of visually detected text blocks on the page. A block has a set of lines (collected into paragraphs) that have a common line-spacing and orientation." }, "detectedBarcodes": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageDetectedBarcodeResponse" }, "description": "A list of detected barcodes." }, "detectedLanguages": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageDetectedLanguageResponse" }, "description": "A list of detected languages together with confidence." }, "dimension": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageDimensionResponse", "description": "Physical dimension of the page." }, "formFields": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageFormFieldResponse" }, "description": "A list of visually detected form fields on the page." }, "image": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageImageResponse", "description": "Rendered image for this page. This image is preprocessed to remove any skew, rotation, and distortions such that the annotation bounding boxes can be upright and axis-aligned." }, "imageQualityScores": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageImageQualityScoresResponse", "description": "Image quality scores." }, "layout": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageLayoutResponse", "description": "Layout for the page." }, "lines": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageLineResponse" }, "description": "A list of visually detected text lines on the page. A collection of tokens that a human would perceive as a line." }, "pageNumber": { "type": "integer", "description": "1-based index for current Page in a parent Document. Useful when a page is taken out of a Document for individual processing." }, "paragraphs": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageParagraphResponse" }, "description": "A list of visually detected text paragraphs on the page. A collection of lines that a human would perceive as a paragraph." }, "provenance": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentProvenanceResponse", "description": "The history of this page." }, "symbols": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageSymbolResponse" }, "description": "A list of visually detected symbols on the page." }, "tables": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageTableResponse" }, "description": "A list of visually detected tables on the page." }, "tokens": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageTokenResponse" }, "description": "A list of visually detected tokens on the page." }, "transforms": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageMatrixResponse" }, "description": "Transformation matrices that were applied to the original document image to produce Page.image." }, "visualElements": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageVisualElementResponse" }, "description": "A list of detected non-text visual elements e.g. checkbox, signature etc. on the page." } }, "type": "object", "required": [ "blocks", "detectedBarcodes", "detectedLanguages", "dimension", "formFields", "image", "imageQualityScores", "layout", "lines", "pageNumber", "paragraphs", "provenance", "symbols", "tables", "tokens", "transforms", "visualElements" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageSymbol": { "description": "A detected symbol.", "properties": { "detectedLanguages": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageDetectedLanguage" }, "description": "A list of detected languages together with confidence." }, "layout": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageLayout", "description": "Layout for Symbol." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageSymbolResponse": { "description": "A detected symbol.", "properties": { "detectedLanguages": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageDetectedLanguageResponse" }, "description": "A list of detected languages together with confidence." }, "layout": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageLayoutResponse", "description": "Layout for Symbol." } }, "type": "object", "required": [ "detectedLanguages", "layout" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageTable": { "description": "A table representation similar to HTML table structure.", "properties": { "bodyRows": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageTableTableRow" }, "description": "Body rows of the table." }, "detectedLanguages": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageDetectedLanguage" }, "description": "A list of detected languages together with confidence." }, "headerRows": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageTableTableRow" }, "description": "Header rows of the table." }, "layout": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageLayout", "description": "Layout for Table." }, "provenance": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentProvenance", "description": "The history of this table." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageTableResponse": { "description": "A table representation similar to HTML table structure.", "properties": { "bodyRows": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageTableTableRowResponse" }, "description": "Body rows of the table." }, "detectedLanguages": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageDetectedLanguageResponse" }, "description": "A list of detected languages together with confidence." }, "headerRows": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageTableTableRowResponse" }, "description": "Header rows of the table." }, "layout": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageLayoutResponse", "description": "Layout for Table." }, "provenance": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentProvenanceResponse", "description": "The history of this table." } }, "type": "object", "required": [ "bodyRows", "detectedLanguages", "headerRows", "layout", "provenance" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageTableTableCell": { "description": "A cell representation inside the table.", "properties": { "colSpan": { "type": "integer", "description": "How many columns this cell spans." }, "detectedLanguages": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageDetectedLanguage" }, "description": "A list of detected languages together with confidence." }, "layout": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageLayout", "description": "Layout for TableCell." }, "rowSpan": { "type": "integer", "description": "How many rows this cell spans." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageTableTableCellResponse": { "description": "A cell representation inside the table.", "properties": { "colSpan": { "type": "integer", "description": "How many columns this cell spans." }, "detectedLanguages": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageDetectedLanguageResponse" }, "description": "A list of detected languages together with confidence." }, "layout": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageLayoutResponse", "description": "Layout for TableCell." }, "rowSpan": { "type": "integer", "description": "How many rows this cell spans." } }, "type": "object", "required": [ "colSpan", "detectedLanguages", "layout", "rowSpan" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageTableTableRow": { "description": "A row of table cells.", "properties": { "cells": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageTableTableCell" }, "description": "Cells that make up this row." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageTableTableRowResponse": { "description": "A row of table cells.", "properties": { "cells": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageTableTableCellResponse" }, "description": "Cells that make up this row." } }, "type": "object", "required": [ "cells" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageToken": { "description": "A detected token.", "properties": { "detectedBreak": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageTokenDetectedBreak", "description": "Detected break at the end of a Token." }, "detectedLanguages": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageDetectedLanguage" }, "description": "A list of detected languages together with confidence." }, "layout": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageLayout", "description": "Layout for Token." }, "provenance": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentProvenance", "description": "The history of this annotation." }, "styleInfo": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageTokenStyleInfo", "description": "Text style attributes." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageTokenDetectedBreak": { "description": "Detected break at the end of a Token.", "properties": { "type": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageTokenDetectedBreakType", "description": "Detected break type." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageTokenDetectedBreakResponse": { "description": "Detected break at the end of a Token.", "properties": { "type": { "type": "string", "description": "Detected break type." } }, "type": "object", "required": [ "type" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageTokenDetectedBreakType": { "description": "Detected break type.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Unspecified break type.", "value": "TYPE_UNSPECIFIED" }, { "name": "Space", "description": "A single whitespace.", "value": "SPACE" }, { "name": "WideSpace", "description": "A wider whitespace.", "value": "WIDE_SPACE" }, { "name": "Hyphen", "description": "A hyphen that indicates that a token has been split across lines.", "value": "HYPHEN" } ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageTokenResponse": { "description": "A detected token.", "properties": { "detectedBreak": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageTokenDetectedBreakResponse", "description": "Detected break at the end of a Token." }, "detectedLanguages": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageDetectedLanguageResponse" }, "description": "A list of detected languages together with confidence." }, "layout": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageLayoutResponse", "description": "Layout for Token." }, "provenance": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentProvenanceResponse", "description": "The history of this annotation." }, "styleInfo": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageTokenStyleInfoResponse", "description": "Text style attributes." } }, "type": "object", "required": [ "detectedBreak", "detectedLanguages", "layout", "provenance", "styleInfo" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageTokenStyleInfo": { "description": "Font and other text style attributes.", "properties": { "backgroundColor": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleTypeColor", "description": "Color of the background." }, "bold": { "type": "boolean", "description": "Whether the text is bold (equivalent to font_weight is at least `700`)." }, "fontSize": { "type": "integer", "description": "Font size in points (`1` point is `¹⁄₇₂` inches)." }, "fontType": { "type": "string", "description": "Name or style of the font." }, "fontWeight": { "type": "integer", "description": "TrueType weight on a scale `100` (thin) to `1000` (ultra-heavy). Normal is `400`, bold is `700`." }, "handwritten": { "type": "boolean", "description": "Whether the text is handwritten." }, "italic": { "type": "boolean", "description": "Whether the text is italic." }, "letterSpacing": { "type": "number", "description": "Letter spacing in points." }, "pixelFontSize": { "type": "number", "description": "Font size in pixels, equal to _unrounded font_size_ * _resolution_ ÷ `72.0`." }, "smallcaps": { "type": "boolean", "description": "Whether the text is in small caps." }, "strikeout": { "type": "boolean", "description": "Whether the text is strikethrough." }, "subscript": { "type": "boolean", "description": "Whether the text is a subscript." }, "superscript": { "type": "boolean", "description": "Whether the text is a superscript." }, "textColor": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleTypeColor", "description": "Color of the text." }, "underlined": { "type": "boolean", "description": "Whether the text is underlined." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageTokenStyleInfoResponse": { "description": "Font and other text style attributes.", "properties": { "backgroundColor": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleTypeColorResponse", "description": "Color of the background." }, "bold": { "type": "boolean", "description": "Whether the text is bold (equivalent to font_weight is at least `700`)." }, "fontSize": { "type": "integer", "description": "Font size in points (`1` point is `¹⁄₇₂` inches)." }, "fontType": { "type": "string", "description": "Name or style of the font." }, "fontWeight": { "type": "integer", "description": "TrueType weight on a scale `100` (thin) to `1000` (ultra-heavy). Normal is `400`, bold is `700`." }, "handwritten": { "type": "boolean", "description": "Whether the text is handwritten." }, "italic": { "type": "boolean", "description": "Whether the text is italic." }, "letterSpacing": { "type": "number", "description": "Letter spacing in points." }, "pixelFontSize": { "type": "number", "description": "Font size in pixels, equal to _unrounded font_size_ * _resolution_ ÷ `72.0`." }, "smallcaps": { "type": "boolean", "description": "Whether the text is in small caps." }, "strikeout": { "type": "boolean", "description": "Whether the text is strikethrough." }, "subscript": { "type": "boolean", "description": "Whether the text is a subscript." }, "superscript": { "type": "boolean", "description": "Whether the text is a superscript." }, "textColor": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleTypeColorResponse", "description": "Color of the text." }, "underlined": { "type": "boolean", "description": "Whether the text is underlined." } }, "type": "object", "required": [ "backgroundColor", "bold", "fontSize", "fontType", "fontWeight", "handwritten", "italic", "letterSpacing", "pixelFontSize", "smallcaps", "strikeout", "subscript", "superscript", "textColor", "underlined" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageVisualElement": { "description": "Detected non-text visual elements e.g. checkbox, signature etc. on the page.", "properties": { "detectedLanguages": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageDetectedLanguage" }, "description": "A list of detected languages together with confidence." }, "layout": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageLayout", "description": "Layout for VisualElement." }, "type": { "type": "string", "description": "Type of the VisualElement." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentPageVisualElementResponse": { "description": "Detected non-text visual elements e.g. checkbox, signature etc. on the page.", "properties": { "detectedLanguages": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageDetectedLanguageResponse" }, "description": "A list of detected languages together with confidence." }, "layout": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageLayoutResponse", "description": "Layout for VisualElement." }, "type": { "type": "string", "description": "Type of the VisualElement." } }, "type": "object", "required": [ "detectedLanguages", "layout", "type" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentProvenance": { "description": "Structure to identify provenance relationships between annotations in different revisions.", "properties": { "id": { "type": "integer", "description": "The Id of this operation. Needs to be unique within the scope of the revision." }, "parents": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentProvenanceParent" }, "description": "References to the original elements that are replaced." }, "revision": { "type": "integer", "description": "The index of the revision that produced this element." }, "type": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentProvenanceType", "description": "The type of provenance operation." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentProvenanceParent": { "description": "The parent element the current element is based on. Used for referencing/aligning, removal and replacement operations.", "properties": { "id": { "type": "integer", "description": "The id of the parent provenance." }, "index": { "type": "integer", "description": "The index of the parent item in the corresponding item list (eg. list of entities, properties within entities, etc.) in the parent revision." }, "revision": { "type": "integer", "description": "The index of the index into current revision's parent_ids list." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentProvenanceParentResponse": { "description": "The parent element the current element is based on. Used for referencing/aligning, removal and replacement operations.", "properties": { "index": { "type": "integer", "description": "The index of the parent item in the corresponding item list (eg. list of entities, properties within entities, etc.) in the parent revision." }, "revision": { "type": "integer", "description": "The index of the index into current revision's parent_ids list." } }, "type": "object", "required": [ "index", "revision" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentProvenanceResponse": { "description": "Structure to identify provenance relationships between annotations in different revisions.", "properties": { "parents": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentProvenanceParentResponse" }, "description": "References to the original elements that are replaced." }, "revision": { "type": "integer", "description": "The index of the revision that produced this element." }, "type": { "type": "string", "description": "The type of provenance operation." } }, "type": "object", "required": [ "parents", "revision", "type" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentProvenanceType": { "description": "The type of provenance operation.", "type": "string", "enum": [ { "name": "OperationTypeUnspecified", "description": "Operation type unspecified. If no operation is specified a provenance entry is simply used to match against a `parent`.", "value": "OPERATION_TYPE_UNSPECIFIED" }, { "name": "Add", "description": "Add an element.", "value": "ADD" }, { "name": "Remove", "description": "Remove an element identified by `parent`.", "value": "REMOVE" }, { "name": "Update", "description": "Updates any fields within the given provenance scope of the message. It overwrites the fields rather than replacing them. Use this when you want to update a field value of an entity without also updating all the child properties.", "value": "UPDATE" }, { "name": "Replace", "description": "Currently unused. Replace an element identified by `parent`.", "value": "REPLACE" }, { "name": "EvalRequested", "description": "Deprecated. Request human review for the element identified by `parent`.", "value": "EVAL_REQUESTED" }, { "name": "EvalApproved", "description": "Deprecated. Element is reviewed and approved at human review, confidence will be set to 1.0.", "value": "EVAL_APPROVED" }, { "name": "EvalSkipped", "description": "Deprecated. Element is skipped in the validation process.", "value": "EVAL_SKIPPED" } ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentResponse": { "description": "Document represents the canonical document resource in Document AI. It is an interchange format that provides insights into documents and allows for collaboration between users and Document AI to iterate and optimize for quality.", "properties": { "content": { "type": "string", "description": "Optional. Inline document content, represented as a stream of bytes. Note: As with all `bytes` fields, protobuffers use a pure binary representation, whereas JSON representations use base64." }, "entities": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentEntityResponse" }, "description": "A list of entities detected on Document.text. For document shards, entities in this list may cross shard boundaries." }, "entityRelations": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentEntityRelationResponse" }, "description": "Placeholder. Relationship among Document.entities." }, "error": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleRpcStatusResponse", "description": "Any error that occurred while processing this document." }, "mimeType": { "type": "string", "description": "An IANA published [media type (MIME type)](https://www.iana.org/assignments/media-types/media-types.xhtml)." }, "pages": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentPageResponse" }, "description": "Visual page layout for the Document." }, "revisions": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentRevisionResponse" }, "description": "Placeholder. Revision history of this document." }, "shardInfo": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentShardInfoResponse", "description": "Information about the sharding if this document is sharded part of a larger document. If the document is not sharded, this message is not specified." }, "text": { "type": "string", "description": "Optional. UTF-8 encoded text in reading order from the document." }, "textChanges": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentTextChangeResponse" }, "description": "Placeholder. A list of text corrections made to Document.text. This is usually used for annotating corrections to OCR mistakes. Text changes for a given revision may not overlap with each other." }, "textStyles": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentStyleResponse" }, "description": "Styles for the Document.text." }, "uri": { "type": "string", "description": "Optional. Currently supports Google Cloud Storage URI of the form `gs://bucket_name/object_name`. Object versioning is not supported. For more information, refer to [Google Cloud Storage Request URIs](https://cloud.google.com/storage/docs/reference-uris)." } }, "type": "object", "required": [ "content", "entities", "entityRelations", "error", "mimeType", "pages", "revisions", "shardInfo", "text", "textChanges", "textStyles", "uri" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentRevision": { "description": "Contains past or forward revisions of this document.", "properties": { "agent": { "type": "string", "description": "If the change was made by a person specify the name or id of that person." }, "createTime": { "type": "string", "description": "The time that the revision was created, internally generated by doc proto storage at the time of create." }, "humanReview": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentRevisionHumanReview", "description": "Human Review information of this revision." }, "id": { "type": "string", "description": "Id of the revision, internally generated by doc proto storage. Unique within the context of the document." }, "parent": { "type": "array", "items": { "type": "integer" }, "description": "The revisions that this revision is based on. This can include one or more parent (when documents are merged.) This field represents the index into the `revisions` field." }, "parentIds": { "type": "array", "items": { "type": "string" }, "description": "The revisions that this revision is based on. Must include all the ids that have anything to do with this revision - eg. there are `provenance.parent.revision` fields that index into this field." }, "processor": { "type": "string", "description": "If the annotation was made by processor identify the processor by its resource name." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentRevisionHumanReview": { "description": "Human Review information of the document.", "properties": { "state": { "type": "string", "description": "Human review state. e.g. `requested`, `succeeded`, `rejected`." }, "stateMessage": { "type": "string", "description": "A message providing more details about the current state of processing. For example, the rejection reason when the state is `rejected`." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentRevisionHumanReviewResponse": { "description": "Human Review information of the document.", "properties": { "state": { "type": "string", "description": "Human review state. e.g. `requested`, `succeeded`, `rejected`." }, "stateMessage": { "type": "string", "description": "A message providing more details about the current state of processing. For example, the rejection reason when the state is `rejected`." } }, "type": "object", "required": [ "state", "stateMessage" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentRevisionResponse": { "description": "Contains past or forward revisions of this document.", "properties": { "agent": { "type": "string", "description": "If the change was made by a person specify the name or id of that person." }, "createTime": { "type": "string", "description": "The time that the revision was created, internally generated by doc proto storage at the time of create." }, "humanReview": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentRevisionHumanReviewResponse", "description": "Human Review information of this revision." }, "parent": { "type": "array", "items": { "type": "integer" }, "description": "The revisions that this revision is based on. This can include one or more parent (when documents are merged.) This field represents the index into the `revisions` field." }, "parentIds": { "type": "array", "items": { "type": "string" }, "description": "The revisions that this revision is based on. Must include all the ids that have anything to do with this revision - eg. there are `provenance.parent.revision` fields that index into this field." }, "processor": { "type": "string", "description": "If the annotation was made by processor identify the processor by its resource name." } }, "type": "object", "required": [ "agent", "createTime", "humanReview", "parent", "parentIds", "processor" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentShardInfo": { "description": "For a large document, sharding may be performed to produce several document shards. Each document shard contains this field to detail which shard it is.", "properties": { "shardCount": { "type": "string", "description": "Total number of shards." }, "shardIndex": { "type": "string", "description": "The 0-based index of this shard." }, "textOffset": { "type": "string", "description": "The index of the first character in Document.text in the overall document global text." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentShardInfoResponse": { "description": "For a large document, sharding may be performed to produce several document shards. Each document shard contains this field to detail which shard it is.", "properties": { "shardCount": { "type": "string", "description": "Total number of shards." }, "shardIndex": { "type": "string", "description": "The 0-based index of this shard." }, "textOffset": { "type": "string", "description": "The index of the first character in Document.text in the overall document global text." } }, "type": "object", "required": [ "shardCount", "shardIndex", "textOffset" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentStyle": { "description": "Annotation for common text style attributes. This adheres to CSS conventions as much as possible.", "properties": { "backgroundColor": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleTypeColor", "description": "Text background color." }, "color": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleTypeColor", "description": "Text color." }, "fontFamily": { "type": "string", "description": "Font family such as `Arial`, `Times New Roman`. https://www.w3schools.com/cssref/pr_font_font-family.asp" }, "fontSize": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentStyleFontSize", "description": "Font size." }, "fontWeight": { "type": "string", "description": "[Font weight](https://www.w3schools.com/cssref/pr_font_weight.asp). Possible values are `normal`, `bold`, `bolder`, and `lighter`." }, "textAnchor": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentTextAnchor", "description": "Text anchor indexing into the Document.text." }, "textDecoration": { "type": "string", "description": "[Text decoration](https://www.w3schools.com/cssref/pr_text_text-decoration.asp). Follows CSS standard. " }, "textStyle": { "type": "string", "description": "[Text style](https://www.w3schools.com/cssref/pr_font_font-style.asp). Possible values are `normal`, `italic`, and `oblique`." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentStyleFontSize": { "description": "Font size with unit.", "properties": { "size": { "type": "number", "description": "Font size for the text." }, "unit": { "type": "string", "description": "Unit for the font size. Follows CSS naming (such as `in`, `px`, and `pt`)." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentStyleFontSizeResponse": { "description": "Font size with unit.", "properties": { "size": { "type": "number", "description": "Font size for the text." }, "unit": { "type": "string", "description": "Unit for the font size. Follows CSS naming (such as `in`, `px`, and `pt`)." } }, "type": "object", "required": [ "size", "unit" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentStyleResponse": { "description": "Annotation for common text style attributes. This adheres to CSS conventions as much as possible.", "properties": { "backgroundColor": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleTypeColorResponse", "description": "Text background color." }, "color": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleTypeColorResponse", "description": "Text color." }, "fontFamily": { "type": "string", "description": "Font family such as `Arial`, `Times New Roman`. https://www.w3schools.com/cssref/pr_font_font-family.asp" }, "fontSize": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentStyleFontSizeResponse", "description": "Font size." }, "fontWeight": { "type": "string", "description": "[Font weight](https://www.w3schools.com/cssref/pr_font_weight.asp). Possible values are `normal`, `bold`, `bolder`, and `lighter`." }, "textAnchor": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentTextAnchorResponse", "description": "Text anchor indexing into the Document.text." }, "textDecoration": { "type": "string", "description": "[Text decoration](https://www.w3schools.com/cssref/pr_text_text-decoration.asp). Follows CSS standard. " }, "textStyle": { "type": "string", "description": "[Text style](https://www.w3schools.com/cssref/pr_font_font-style.asp). Possible values are `normal`, `italic`, and `oblique`." } }, "type": "object", "required": [ "backgroundColor", "color", "fontFamily", "fontSize", "fontWeight", "textAnchor", "textDecoration", "textStyle" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentTextAnchor": { "description": "Text reference indexing into the Document.text.", "properties": { "content": { "type": "string", "description": "Contains the content of the text span so that users do not have to look it up in the text_segments. It is always populated for formFields." }, "textSegments": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentTextAnchorTextSegment" }, "description": "The text segments from the Document.text." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentTextAnchorResponse": { "description": "Text reference indexing into the Document.text.", "properties": { "content": { "type": "string", "description": "Contains the content of the text span so that users do not have to look it up in the text_segments. It is always populated for formFields." }, "textSegments": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentTextAnchorTextSegmentResponse" }, "description": "The text segments from the Document.text." } }, "type": "object", "required": [ "content", "textSegments" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentTextAnchorTextSegment": { "description": "A text segment in the Document.text. The indices may be out of bounds which indicate that the text extends into another document shard for large sharded documents. See ShardInfo.text_offset", "properties": { "endIndex": { "type": "string", "description": "TextSegment half open end UTF-8 char index in the Document.text." }, "startIndex": { "type": "string", "description": "TextSegment start UTF-8 char index in the Document.text." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentTextAnchorTextSegmentResponse": { "description": "A text segment in the Document.text. The indices may be out of bounds which indicate that the text extends into another document shard for large sharded documents. See ShardInfo.text_offset", "properties": { "endIndex": { "type": "string", "description": "TextSegment half open end UTF-8 char index in the Document.text." }, "startIndex": { "type": "string", "description": "TextSegment start UTF-8 char index in the Document.text." } }, "type": "object", "required": [ "endIndex", "startIndex" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentTextChange": { "description": "This message is used for text changes aka. OCR corrections.", "properties": { "changedText": { "type": "string", "description": "The text that replaces the text identified in the `text_anchor`." }, "provenance": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentProvenance" }, "description": "The history of this annotation." }, "textAnchor": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentTextAnchor", "description": "Provenance of the correction. Text anchor indexing into the Document.text. There can only be a single `TextAnchor.text_segments` element. If the start and end index of the text segment are the same, the text change is inserted before that index." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1DocumentTextChangeResponse": { "description": "This message is used for text changes aka. OCR corrections.", "properties": { "changedText": { "type": "string", "description": "The text that replaces the text identified in the `text_anchor`." }, "provenance": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentProvenanceResponse" }, "description": "The history of this annotation." }, "textAnchor": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleCloudDocumentaiV1DocumentTextAnchorResponse", "description": "Provenance of the correction. Text anchor indexing into the Document.text. There can only be a single `TextAnchor.text_segments` element. If the start and end index of the text segment are the same, the text change is inserted before that index." } }, "type": "object", "required": [ "changedText", "provenance", "textAnchor" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1NormalizedVertex": { "description": "A vertex represents a 2D point in the image. NOTE: the normalized vertex coordinates are relative to the original image and range from 0 to 1.", "properties": { "x": { "type": "number", "description": "X coordinate." }, "y": { "type": "number", "description": "Y coordinate (starts from the top of the image)." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1NormalizedVertexResponse": { "description": "A vertex represents a 2D point in the image. NOTE: the normalized vertex coordinates are relative to the original image and range from 0 to 1.", "properties": { "x": { "type": "number", "description": "X coordinate." }, "y": { "type": "number", "description": "Y coordinate (starts from the top of the image)." } }, "type": "object", "required": [ "x", "y" ] }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1Vertex": { "description": "A vertex represents a 2D point in the image. NOTE: the vertex coordinates are in the same scale as the original image.", "properties": { "x": { "type": "integer", "description": "X coordinate." }, "y": { "type": "integer", "description": "Y coordinate (starts from the top of the image)." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleCloudDocumentaiV1VertexResponse": { "description": "A vertex represents a 2D point in the image. NOTE: the vertex coordinates are in the same scale as the original image.", "properties": { "x": { "type": "integer", "description": "X coordinate." }, "y": { "type": "integer", "description": "Y coordinate (starts from the top of the image)." } }, "type": "object", "required": [ "x", "y" ] }, "google-native:contentwarehouse/v1:GoogleIamV1AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleIamV1AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleIamV1AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleIamV1AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:contentwarehouse/v1:GoogleIamV1AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleIamV1AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleIamV1AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:contentwarehouse/v1:GoogleIamV1AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:contentwarehouse/v1:GoogleIamV1Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleTypeExpr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleIamV1BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleTypeExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:contentwarehouse/v1:GoogleIamV1Policy": { "description": "An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** ``` { \"bindings\": [ { \"role\": \"roles/resourcemanager.organizationAdmin\", \"members\": [ \"user:mike@example.com\", \"group:admins@example.com\", \"domain:google.com\", \"serviceAccount:my-project-id@appspot.gserviceaccount.com\" ] }, { \"role\": \"roles/resourcemanager.organizationViewer\", \"members\": [ \"user:eve@example.com\" ], \"condition\": { \"title\": \"expirable access\", \"description\": \"Does not grant access after Sep 2020\", \"expression\": \"request.time < timestamp('2020-10-01T00:00:00.000Z')\", } } ], \"etag\": \"BwWWja0YfJA=\", \"version\": 3 } ``` **YAML example:** ``` bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).", "properties": { "auditConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleIamV1AuditConfig" }, "description": "Specifies cloud audit logging configuration for this policy." }, "bindings": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleIamV1Binding" }, "description": "Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`." }, "etag": { "type": "string", "description": "`etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost." }, "version": { "type": "integer", "description": "Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleIamV1PolicyResponse": { "description": "An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** ``` { \"bindings\": [ { \"role\": \"roles/resourcemanager.organizationAdmin\", \"members\": [ \"user:mike@example.com\", \"group:admins@example.com\", \"domain:google.com\", \"serviceAccount:my-project-id@appspot.gserviceaccount.com\" ] }, { \"role\": \"roles/resourcemanager.organizationViewer\", \"members\": [ \"user:eve@example.com\" ], \"condition\": { \"title\": \"expirable access\", \"description\": \"Does not grant access after Sep 2020\", \"expression\": \"request.time < timestamp('2020-10-01T00:00:00.000Z')\", } } ], \"etag\": \"BwWWja0YfJA=\", \"version\": 3 } ``` **YAML example:** ``` bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 ``` For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).", "properties": { "auditConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleIamV1AuditConfigResponse" }, "description": "Specifies cloud audit logging configuration for this policy." }, "bindings": { "type": "array", "items": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleIamV1BindingResponse" }, "description": "Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`." }, "etag": { "type": "string", "description": "`etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost." }, "version": { "type": "integer", "description": "Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." } }, "type": "object", "required": [ "auditConfigs", "bindings", "etag", "version" ] }, "google-native:contentwarehouse/v1:GoogleRpcStatus": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleRpcStatusResponse": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object", "required": [ "code", "details", "message" ] }, "google-native:contentwarehouse/v1:GoogleTypeColor": { "description": "Represents a color in the RGBA color space. This representation is designed for simplicity of conversion to and from color representations in various languages over compactness. For example, the fields of this representation can be trivially provided to the constructor of `java.awt.Color` in Java; it can also be trivially provided to UIColor's `+colorWithRed:green:blue:alpha` method in iOS; and, with just a little work, it can be easily formatted into a CSS `rgba()` string in JavaScript. This reference page doesn't have information about the absolute color space that should be used to interpret the RGB value—for example, sRGB, Adobe RGB, DCI-P3, and BT.2020. By default, applications should assume the sRGB color space. When color equality needs to be decided, implementations, unless documented otherwise, treat two colors as equal if all their red, green, blue, and alpha values each differ by at most `1e-5`. Example (Java): import com.google.type.Color; // ... public static java.awt.Color fromProto(Color protocolor) { float alpha = protocolor.hasAlpha() ? protocolor.getAlpha().getValue() : 1.0; return new java.awt.Color( protocolor.getRed(), protocolor.getGreen(), protocolor.getBlue(), alpha); } public static Color toProto(java.awt.Color color) { float red = (float) color.getRed(); float green = (float) color.getGreen(); float blue = (float) color.getBlue(); float denominator = 255.0; Color.Builder resultBuilder = Color .newBuilder() .setRed(red / denominator) .setGreen(green / denominator) .setBlue(blue / denominator); int alpha = color.getAlpha(); if (alpha != 255) { result.setAlpha( FloatValue .newBuilder() .setValue(((float) alpha) / denominator) .build()); } return resultBuilder.build(); } // ... Example (iOS / Obj-C): // ... static UIColor* fromProto(Color* protocolor) { float red = [protocolor red]; float green = [protocolor green]; float blue = [protocolor blue]; FloatValue* alpha_wrapper = [protocolor alpha]; float alpha = 1.0; if (alpha_wrapper != nil) { alpha = [alpha_wrapper value]; } return [UIColor colorWithRed:red green:green blue:blue alpha:alpha]; } static Color* toProto(UIColor* color) { CGFloat red, green, blue, alpha; if (![color getRed:&red green:&green blue:&blue alpha:&alpha]) { return nil; } Color* result = [[Color alloc] init]; [result setRed:red]; [result setGreen:green]; [result setBlue:blue]; if (alpha <= 0.9999) { [result setAlpha:floatWrapperWithValue(alpha)]; } [result autorelease]; return result; } // ... Example (JavaScript): // ... var protoToCssColor = function(rgb_color) { var redFrac = rgb_color.red || 0.0; var greenFrac = rgb_color.green || 0.0; var blueFrac = rgb_color.blue || 0.0; var red = Math.floor(redFrac * 255); var green = Math.floor(greenFrac * 255); var blue = Math.floor(blueFrac * 255); if (!('alpha' in rgb_color)) { return rgbToCssColor(red, green, blue); } var alphaFrac = rgb_color.alpha.value || 0.0; var rgbParams = [red, green, blue].join(','); return ['rgba(', rgbParams, ',', alphaFrac, ')'].join(''); }; var rgbToCssColor = function(red, green, blue) { var rgbNumber = new Number((red << 16) | (green << 8) | blue); var hexString = rgbNumber.toString(16); var missingZeros = 6 - hexString.length; var resultBuilder = ['#']; for (var i = 0; i < missingZeros; i++) { resultBuilder.push('0'); } resultBuilder.push(hexString); return resultBuilder.join(''); }; // ...", "properties": { "alpha": { "type": "number", "description": "The fraction of this color that should be applied to the pixel. That is, the final pixel color is defined by the equation: `pixel color = alpha * (this color) + (1.0 - alpha) * (background color)` This means that a value of 1.0 corresponds to a solid color, whereas a value of 0.0 corresponds to a completely transparent color. This uses a wrapper message rather than a simple float scalar so that it is possible to distinguish between a default value and the value being unset. If omitted, this color object is rendered as a solid color (as if the alpha value had been explicitly given a value of 1.0)." }, "blue": { "type": "number", "description": "The amount of blue in the color as a value in the interval [0, 1]." }, "green": { "type": "number", "description": "The amount of green in the color as a value in the interval [0, 1]." }, "red": { "type": "number", "description": "The amount of red in the color as a value in the interval [0, 1]." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleTypeColorResponse": { "description": "Represents a color in the RGBA color space. This representation is designed for simplicity of conversion to and from color representations in various languages over compactness. For example, the fields of this representation can be trivially provided to the constructor of `java.awt.Color` in Java; it can also be trivially provided to UIColor's `+colorWithRed:green:blue:alpha` method in iOS; and, with just a little work, it can be easily formatted into a CSS `rgba()` string in JavaScript. This reference page doesn't have information about the absolute color space that should be used to interpret the RGB value—for example, sRGB, Adobe RGB, DCI-P3, and BT.2020. By default, applications should assume the sRGB color space. When color equality needs to be decided, implementations, unless documented otherwise, treat two colors as equal if all their red, green, blue, and alpha values each differ by at most `1e-5`. Example (Java): import com.google.type.Color; // ... public static java.awt.Color fromProto(Color protocolor) { float alpha = protocolor.hasAlpha() ? protocolor.getAlpha().getValue() : 1.0; return new java.awt.Color( protocolor.getRed(), protocolor.getGreen(), protocolor.getBlue(), alpha); } public static Color toProto(java.awt.Color color) { float red = (float) color.getRed(); float green = (float) color.getGreen(); float blue = (float) color.getBlue(); float denominator = 255.0; Color.Builder resultBuilder = Color .newBuilder() .setRed(red / denominator) .setGreen(green / denominator) .setBlue(blue / denominator); int alpha = color.getAlpha(); if (alpha != 255) { result.setAlpha( FloatValue .newBuilder() .setValue(((float) alpha) / denominator) .build()); } return resultBuilder.build(); } // ... Example (iOS / Obj-C): // ... static UIColor* fromProto(Color* protocolor) { float red = [protocolor red]; float green = [protocolor green]; float blue = [protocolor blue]; FloatValue* alpha_wrapper = [protocolor alpha]; float alpha = 1.0; if (alpha_wrapper != nil) { alpha = [alpha_wrapper value]; } return [UIColor colorWithRed:red green:green blue:blue alpha:alpha]; } static Color* toProto(UIColor* color) { CGFloat red, green, blue, alpha; if (![color getRed:&red green:&green blue:&blue alpha:&alpha]) { return nil; } Color* result = [[Color alloc] init]; [result setRed:red]; [result setGreen:green]; [result setBlue:blue]; if (alpha <= 0.9999) { [result setAlpha:floatWrapperWithValue(alpha)]; } [result autorelease]; return result; } // ... Example (JavaScript): // ... var protoToCssColor = function(rgb_color) { var redFrac = rgb_color.red || 0.0; var greenFrac = rgb_color.green || 0.0; var blueFrac = rgb_color.blue || 0.0; var red = Math.floor(redFrac * 255); var green = Math.floor(greenFrac * 255); var blue = Math.floor(blueFrac * 255); if (!('alpha' in rgb_color)) { return rgbToCssColor(red, green, blue); } var alphaFrac = rgb_color.alpha.value || 0.0; var rgbParams = [red, green, blue].join(','); return ['rgba(', rgbParams, ',', alphaFrac, ')'].join(''); }; var rgbToCssColor = function(red, green, blue) { var rgbNumber = new Number((red << 16) | (green << 8) | blue); var hexString = rgbNumber.toString(16); var missingZeros = 6 - hexString.length; var resultBuilder = ['#']; for (var i = 0; i < missingZeros; i++) { resultBuilder.push('0'); } resultBuilder.push(hexString); return resultBuilder.join(''); }; // ...", "properties": { "alpha": { "type": "number", "description": "The fraction of this color that should be applied to the pixel. That is, the final pixel color is defined by the equation: `pixel color = alpha * (this color) + (1.0 - alpha) * (background color)` This means that a value of 1.0 corresponds to a solid color, whereas a value of 0.0 corresponds to a completely transparent color. This uses a wrapper message rather than a simple float scalar so that it is possible to distinguish between a default value and the value being unset. If omitted, this color object is rendered as a solid color (as if the alpha value had been explicitly given a value of 1.0)." }, "blue": { "type": "number", "description": "The amount of blue in the color as a value in the interval [0, 1]." }, "green": { "type": "number", "description": "The amount of green in the color as a value in the interval [0, 1]." }, "red": { "type": "number", "description": "The amount of red in the color as a value in the interval [0, 1]." } }, "type": "object", "required": [ "alpha", "blue", "green", "red" ] }, "google-native:contentwarehouse/v1:GoogleTypeDate": { "description": "Represents a whole or partial calendar date, such as a birthday. The time of day and time zone are either specified elsewhere or are insignificant. The date is relative to the Gregorian Calendar. This can represent one of the following: * A full date, with non-zero year, month, and day values. * A month and day, with a zero year (for example, an anniversary). * A year on its own, with a zero month and a zero day. * A year and month, with a zero day (for example, a credit card expiration date). Related types: * google.type.TimeOfDay * google.type.DateTime * google.protobuf.Timestamp", "properties": { "day": { "type": "integer", "description": "Day of a month. Must be from 1 to 31 and valid for the year and month, or 0 to specify a year by itself or a year and month where the day isn't significant." }, "month": { "type": "integer", "description": "Month of a year. Must be from 1 to 12, or 0 to specify a year without a month and day." }, "year": { "type": "integer", "description": "Year of the date. Must be from 1 to 9999, or 0 to specify a date without a year." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleTypeDateResponse": { "description": "Represents a whole or partial calendar date, such as a birthday. The time of day and time zone are either specified elsewhere or are insignificant. The date is relative to the Gregorian Calendar. This can represent one of the following: * A full date, with non-zero year, month, and day values. * A month and day, with a zero year (for example, an anniversary). * A year on its own, with a zero month and a zero day. * A year and month, with a zero day (for example, a credit card expiration date). Related types: * google.type.TimeOfDay * google.type.DateTime * google.protobuf.Timestamp", "properties": { "day": { "type": "integer", "description": "Day of a month. Must be from 1 to 31 and valid for the year and month, or 0 to specify a year by itself or a year and month where the day isn't significant." }, "month": { "type": "integer", "description": "Month of a year. Must be from 1 to 12, or 0 to specify a year without a month and day." }, "year": { "type": "integer", "description": "Year of the date. Must be from 1 to 9999, or 0 to specify a date without a year." } }, "type": "object", "required": [ "day", "month", "year" ] }, "google-native:contentwarehouse/v1:GoogleTypeDateTime": { "description": "Represents civil time (or occasionally physical time). This type can represent a civil time in one of a few possible ways: * When utc_offset is set and time_zone is unset: a civil time on a calendar day with a particular offset from UTC. * When time_zone is set and utc_offset is unset: a civil time on a calendar day in a particular time zone. * When neither time_zone nor utc_offset is set: a civil time on a calendar day in local time. The date is relative to the Proleptic Gregorian Calendar. If year, month, or day are 0, the DateTime is considered not to have a specific year, month, or day respectively. This type may also be used to represent a physical time if all the date and time fields are set and either case of the `time_offset` oneof is set. Consider using `Timestamp` message for physical time instead. If your use case also would like to store the user's timezone, that can be done in another field. This type is more flexible than some applications may want. Make sure to document and validate your application's limitations.", "properties": { "day": { "type": "integer", "description": "Optional. Day of month. Must be from 1 to 31 and valid for the year and month, or 0 if specifying a datetime without a day." }, "hours": { "type": "integer", "description": "Optional. Hours of day in 24 hour format. Should be from 0 to 23, defaults to 0 (midnight). An API may choose to allow the value \"24:00:00\" for scenarios like business closing time." }, "minutes": { "type": "integer", "description": "Optional. Minutes of hour of day. Must be from 0 to 59, defaults to 0." }, "month": { "type": "integer", "description": "Optional. Month of year. Must be from 1 to 12, or 0 if specifying a datetime without a month." }, "nanos": { "type": "integer", "description": "Optional. Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999, defaults to 0." }, "seconds": { "type": "integer", "description": "Optional. Seconds of minutes of the time. Must normally be from 0 to 59, defaults to 0. An API may allow the value 60 if it allows leap-seconds." }, "timeZone": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleTypeTimeZone", "description": "Time zone." }, "utcOffset": { "type": "string", "description": "UTC offset. Must be whole seconds, between -18 hours and +18 hours. For example, a UTC offset of -4:00 would be represented as { seconds: -14400 }." }, "year": { "type": "integer", "description": "Optional. Year of date. Must be from 1 to 9999, or 0 if specifying a datetime without a year." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleTypeDateTimeResponse": { "description": "Represents civil time (or occasionally physical time). This type can represent a civil time in one of a few possible ways: * When utc_offset is set and time_zone is unset: a civil time on a calendar day with a particular offset from UTC. * When time_zone is set and utc_offset is unset: a civil time on a calendar day in a particular time zone. * When neither time_zone nor utc_offset is set: a civil time on a calendar day in local time. The date is relative to the Proleptic Gregorian Calendar. If year, month, or day are 0, the DateTime is considered not to have a specific year, month, or day respectively. This type may also be used to represent a physical time if all the date and time fields are set and either case of the `time_offset` oneof is set. Consider using `Timestamp` message for physical time instead. If your use case also would like to store the user's timezone, that can be done in another field. This type is more flexible than some applications may want. Make sure to document and validate your application's limitations.", "properties": { "day": { "type": "integer", "description": "Optional. Day of month. Must be from 1 to 31 and valid for the year and month, or 0 if specifying a datetime without a day." }, "hours": { "type": "integer", "description": "Optional. Hours of day in 24 hour format. Should be from 0 to 23, defaults to 0 (midnight). An API may choose to allow the value \"24:00:00\" for scenarios like business closing time." }, "minutes": { "type": "integer", "description": "Optional. Minutes of hour of day. Must be from 0 to 59, defaults to 0." }, "month": { "type": "integer", "description": "Optional. Month of year. Must be from 1 to 12, or 0 if specifying a datetime without a month." }, "nanos": { "type": "integer", "description": "Optional. Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999, defaults to 0." }, "seconds": { "type": "integer", "description": "Optional. Seconds of minutes of the time. Must normally be from 0 to 59, defaults to 0. An API may allow the value 60 if it allows leap-seconds." }, "timeZone": { "$ref": "#/types/google-native:contentwarehouse%2Fv1:GoogleTypeTimeZoneResponse", "description": "Time zone." }, "utcOffset": { "type": "string", "description": "UTC offset. Must be whole seconds, between -18 hours and +18 hours. For example, a UTC offset of -4:00 would be represented as { seconds: -14400 }." }, "year": { "type": "integer", "description": "Optional. Year of date. Must be from 1 to 9999, or 0 if specifying a datetime without a year." } }, "type": "object", "required": [ "day", "hours", "minutes", "month", "nanos", "seconds", "timeZone", "utcOffset", "year" ] }, "google-native:contentwarehouse/v1:GoogleTypeExpr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleTypeExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:contentwarehouse/v1:GoogleTypeMoney": { "description": "Represents an amount of money with its currency type.", "properties": { "currencyCode": { "type": "string", "description": "The three-letter currency code defined in ISO 4217." }, "nanos": { "type": "integer", "description": "Number of nano (10^-9) units of the amount. The value must be between -999,999,999 and +999,999,999 inclusive. If `units` is positive, `nanos` must be positive or zero. If `units` is zero, `nanos` can be positive, zero, or negative. If `units` is negative, `nanos` must be negative or zero. For example $-1.75 is represented as `units`=-1 and `nanos`=-750,000,000." }, "units": { "type": "string", "description": "The whole units of the amount. For example if `currencyCode` is `\"USD\"`, then 1 unit is one US dollar." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleTypeMoneyResponse": { "description": "Represents an amount of money with its currency type.", "properties": { "currencyCode": { "type": "string", "description": "The three-letter currency code defined in ISO 4217." }, "nanos": { "type": "integer", "description": "Number of nano (10^-9) units of the amount. The value must be between -999,999,999 and +999,999,999 inclusive. If `units` is positive, `nanos` must be positive or zero. If `units` is zero, `nanos` can be positive, zero, or negative. If `units` is negative, `nanos` must be negative or zero. For example $-1.75 is represented as `units`=-1 and `nanos`=-750,000,000." }, "units": { "type": "string", "description": "The whole units of the amount. For example if `currencyCode` is `\"USD\"`, then 1 unit is one US dollar." } }, "type": "object", "required": [ "currencyCode", "nanos", "units" ] }, "google-native:contentwarehouse/v1:GoogleTypePostalAddress": { "description": "Represents a postal address, e.g. for postal delivery or payments addresses. Given a postal address, a postal service can deliver items to a premise, P.O. Box or similar. It is not intended to model geographical locations (roads, towns, mountains). In typical usage an address would be created via user input or from importing existing data, depending on the type of process. Advice on address input / editing: - Use an internationalization-ready address widget such as https://github.com/google/libaddressinput) - Users should not be presented with UI elements for input or editing of fields outside countries where that field is used. For more guidance on how to use this schema, please see: https://support.google.com/business/answer/6397478", "properties": { "addressLines": { "type": "array", "items": { "type": "string" }, "description": "Unstructured address lines describing the lower levels of an address. Because values in address_lines do not have type information and may sometimes contain multiple values in a single field (e.g. \"Austin, TX\"), it is important that the line order is clear. The order of address lines should be \"envelope order\" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. \"ja\" for large-to-small ordering and \"ja-Latn\" or \"en\" for small-to-large). This way, the most specific line of an address can be selected based on the language. The minimum permitted structural representation of an address consists of a region_code with all remaining information placed in the address_lines. It would be possible to format such an address very approximately without geocoding, but no semantic reasoning could be made about any of the address components until it was at least partially resolved. Creating an address only containing a region_code and address_lines, and then geocoding is the recommended way to handle completely unstructured addresses (as opposed to guessing which parts of the address should be localities or administrative areas)." }, "administrativeArea": { "type": "string", "description": "Optional. Highest administrative subdivision which is used for postal addresses of a country or region. For example, this can be a state, a province, an oblast, or a prefecture. Specifically, for Spain this is the province and not the autonomous community (e.g. \"Barcelona\" and not \"Catalonia\"). Many countries don't use an administrative area in postal addresses. E.g. in Switzerland this should be left unpopulated." }, "languageCode": { "type": "string", "description": "Optional. BCP-47 language code of the contents of this address (if known). This is often the UI language of the input form or is expected to match one of the languages used in the address' country/region, or their transliterated equivalents. This can affect formatting in certain countries, but is not critical to the correctness of the data and will never affect any validation or other non-formatting related operations. If this value is not known, it should be omitted (rather than specifying a possibly incorrect default). Examples: \"zh-Hant\", \"ja\", \"ja-Latn\", \"en\"." }, "locality": { "type": "string", "description": "Optional. Generally refers to the city/town portion of the address. Examples: US city, IT comune, UK post town. In regions of the world where localities are not well defined or do not fit into this structure well, leave locality empty and use address_lines." }, "organization": { "type": "string", "description": "Optional. The name of the organization at the address." }, "postalCode": { "type": "string", "description": "Optional. Postal code of the address. Not all countries use or require postal codes to be present, but where they are used, they may trigger additional validation with other parts of the address (e.g. state/zip validation in the U.S.A.)." }, "recipients": { "type": "array", "items": { "type": "string" }, "description": "Optional. The recipient at the address. This field may, under certain circumstances, contain multiline information. For example, it might contain \"care of\" information." }, "regionCode": { "type": "string", "description": "CLDR region code of the country/region of the address. This is never inferred and it is up to the user to ensure the value is correct. See https://cldr.unicode.org/ and https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html for details. Example: \"CH\" for Switzerland." }, "revision": { "type": "integer", "description": "The schema revision of the `PostalAddress`. This must be set to 0, which is the latest revision. All new revisions **must** be backward compatible with old revisions." }, "sortingCode": { "type": "string", "description": "Optional. Additional, country-specific, sorting code. This is not used in most regions. Where it is used, the value is either a string like \"CEDEX\", optionally followed by a number (e.g. \"CEDEX 7\"), or just a number alone, representing the \"sector code\" (Jamaica), \"delivery area indicator\" (Malawi) or \"post office indicator\" (e.g. Côte d'Ivoire)." }, "sublocality": { "type": "string", "description": "Optional. Sublocality of the address. For example, this can be neighborhoods, boroughs, districts." } }, "type": "object", "required": [ "regionCode" ] }, "google-native:contentwarehouse/v1:GoogleTypePostalAddressResponse": { "description": "Represents a postal address, e.g. for postal delivery or payments addresses. Given a postal address, a postal service can deliver items to a premise, P.O. Box or similar. It is not intended to model geographical locations (roads, towns, mountains). In typical usage an address would be created via user input or from importing existing data, depending on the type of process. Advice on address input / editing: - Use an internationalization-ready address widget such as https://github.com/google/libaddressinput) - Users should not be presented with UI elements for input or editing of fields outside countries where that field is used. For more guidance on how to use this schema, please see: https://support.google.com/business/answer/6397478", "properties": { "addressLines": { "type": "array", "items": { "type": "string" }, "description": "Unstructured address lines describing the lower levels of an address. Because values in address_lines do not have type information and may sometimes contain multiple values in a single field (e.g. \"Austin, TX\"), it is important that the line order is clear. The order of address lines should be \"envelope order\" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. \"ja\" for large-to-small ordering and \"ja-Latn\" or \"en\" for small-to-large). This way, the most specific line of an address can be selected based on the language. The minimum permitted structural representation of an address consists of a region_code with all remaining information placed in the address_lines. It would be possible to format such an address very approximately without geocoding, but no semantic reasoning could be made about any of the address components until it was at least partially resolved. Creating an address only containing a region_code and address_lines, and then geocoding is the recommended way to handle completely unstructured addresses (as opposed to guessing which parts of the address should be localities or administrative areas)." }, "administrativeArea": { "type": "string", "description": "Optional. Highest administrative subdivision which is used for postal addresses of a country or region. For example, this can be a state, a province, an oblast, or a prefecture. Specifically, for Spain this is the province and not the autonomous community (e.g. \"Barcelona\" and not \"Catalonia\"). Many countries don't use an administrative area in postal addresses. E.g. in Switzerland this should be left unpopulated." }, "languageCode": { "type": "string", "description": "Optional. BCP-47 language code of the contents of this address (if known). This is often the UI language of the input form or is expected to match one of the languages used in the address' country/region, or their transliterated equivalents. This can affect formatting in certain countries, but is not critical to the correctness of the data and will never affect any validation or other non-formatting related operations. If this value is not known, it should be omitted (rather than specifying a possibly incorrect default). Examples: \"zh-Hant\", \"ja\", \"ja-Latn\", \"en\"." }, "locality": { "type": "string", "description": "Optional. Generally refers to the city/town portion of the address. Examples: US city, IT comune, UK post town. In regions of the world where localities are not well defined or do not fit into this structure well, leave locality empty and use address_lines." }, "organization": { "type": "string", "description": "Optional. The name of the organization at the address." }, "postalCode": { "type": "string", "description": "Optional. Postal code of the address. Not all countries use or require postal codes to be present, but where they are used, they may trigger additional validation with other parts of the address (e.g. state/zip validation in the U.S.A.)." }, "recipients": { "type": "array", "items": { "type": "string" }, "description": "Optional. The recipient at the address. This field may, under certain circumstances, contain multiline information. For example, it might contain \"care of\" information." }, "regionCode": { "type": "string", "description": "CLDR region code of the country/region of the address. This is never inferred and it is up to the user to ensure the value is correct. See https://cldr.unicode.org/ and https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html for details. Example: \"CH\" for Switzerland." }, "revision": { "type": "integer", "description": "The schema revision of the `PostalAddress`. This must be set to 0, which is the latest revision. All new revisions **must** be backward compatible with old revisions." }, "sortingCode": { "type": "string", "description": "Optional. Additional, country-specific, sorting code. This is not used in most regions. Where it is used, the value is either a string like \"CEDEX\", optionally followed by a number (e.g. \"CEDEX 7\"), or just a number alone, representing the \"sector code\" (Jamaica), \"delivery area indicator\" (Malawi) or \"post office indicator\" (e.g. Côte d'Ivoire)." }, "sublocality": { "type": "string", "description": "Optional. Sublocality of the address. For example, this can be neighborhoods, boroughs, districts." } }, "type": "object", "required": [ "addressLines", "administrativeArea", "languageCode", "locality", "organization", "postalCode", "recipients", "regionCode", "revision", "sortingCode", "sublocality" ] }, "google-native:contentwarehouse/v1:GoogleTypeTimeZone": { "description": "Represents a time zone from the [IANA Time Zone Database](https://www.iana.org/time-zones).", "properties": { "id": { "type": "string", "description": "IANA Time Zone Database time zone, e.g. \"America/New_York\"." }, "version": { "type": "string", "description": "Optional. IANA Time Zone Database version number, e.g. \"2019a\"." } }, "type": "object" }, "google-native:contentwarehouse/v1:GoogleTypeTimeZoneResponse": { "description": "Represents a time zone from the [IANA Time Zone Database](https://www.iana.org/time-zones).", "properties": { "version": { "type": "string", "description": "Optional. IANA Time Zone Database version number, e.g. \"2019a\"." } }, "type": "object", "required": [ "version" ] }, "google-native:datacatalog/v1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:datacatalog%2Fv1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:datacatalog/v1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:datacatalog%2Fv1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:datacatalog/v1:EntryType": { "description": "The type of the entry. For details, see [`EntryType`](#entrytype).", "type": "string", "enum": [ { "name": "EntryTypeUnspecified", "description": "Default unknown type.", "value": "ENTRY_TYPE_UNSPECIFIED" }, { "name": "Table", "description": "The entry type that has a GoogleSQL schema, including logical views.", "value": "TABLE" }, { "name": "Model", "description": "The type of models. For more information, see [Supported models in BigQuery ML](/bigquery/docs/bqml-introduction#supported_models).", "value": "MODEL" }, { "name": "DataStream", "description": "An entry type for streaming entries. For example, a Pub/Sub topic.", "value": "DATA_STREAM" }, { "name": "Fileset", "description": "An entry type for a set of files or objects. For example, a Cloud Storage fileset.", "value": "FILESET" }, { "name": "Cluster", "description": "A group of servers that work together. For example, a Kafka cluster.", "value": "CLUSTER" }, { "name": "Database", "description": "A database.", "value": "DATABASE" }, { "name": "DataSourceConnection", "description": "Connection to a data source. For example, a BigQuery connection.", "value": "DATA_SOURCE_CONNECTION" }, { "name": "Routine", "description": "Routine, for example, a BigQuery routine.", "value": "ROUTINE" }, { "name": "Lake", "description": "A Dataplex lake.", "value": "LAKE" }, { "name": "Zone", "description": "A Dataplex zone.", "value": "ZONE" }, { "name": "Service", "description": "A service, for example, a Dataproc Metastore service.", "value": "SERVICE" }, { "name": "DatabaseSchema", "description": "Schema within a relational database.", "value": "DATABASE_SCHEMA" }, { "name": "Dashboard", "description": "A Dashboard, for example from Looker.", "value": "DASHBOARD" }, { "name": "Explore", "description": "A Looker Explore. For more information, see [Looker Explore API] (https://developers.looker.com/api/explorer/4.0/methods/LookmlModel/lookml_model_explore).", "value": "EXPLORE" }, { "name": "Look", "description": "A Looker Look. For more information, see [Looker Look API] (https://developers.looker.com/api/explorer/4.0/methods/Look).", "value": "LOOK" } ] }, "google-native:datacatalog/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:datacatalog/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1BigQueryConnectionSpecResponse": { "description": "Specification for the BigQuery connection.", "properties": { "cloudSql": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1CloudSqlBigQueryConnectionSpecResponse", "description": "Specification for the BigQuery connection to a Cloud SQL instance." }, "connectionType": { "type": "string", "description": "The type of the BigQuery connection." }, "hasCredential": { "type": "boolean", "description": "True if there are credentials attached to the BigQuery connection; false otherwise." } }, "type": "object", "required": [ "cloudSql", "connectionType", "hasCredential" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1BigQueryDateShardedSpecResponse": { "description": "Specification for a group of BigQuery tables with the `[prefix]YYYYMMDD` name pattern. For more information, see [Introduction to partitioned tables] (https://cloud.google.com/bigquery/docs/partitioned-tables#partitioning_versus_sharding).", "properties": { "dataset": { "type": "string", "description": "The Data Catalog resource name of the dataset entry the current table belongs to. For example: `projects/{PROJECT_ID}/locations/{LOCATION}/entrygroups/{ENTRY_GROUP_ID}/entries/{ENTRY_ID}`." }, "latestShardResource": { "type": "string", "description": "BigQuery resource name of the latest shard." }, "shardCount": { "type": "string", "description": "Total number of shards." }, "tablePrefix": { "type": "string", "description": "The table name prefix of the shards. The name of any given shard is `[table_prefix]YYYYMMDD`. For example, for the `MyTable20180101` shard, the `table_prefix` is `MyTable`." } }, "type": "object", "required": [ "dataset", "latestShardResource", "shardCount", "tablePrefix" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1BigQueryRoutineSpec": { "description": "Fields specific for BigQuery routines.", "properties": { "importedLibraries": { "type": "array", "items": { "type": "string" }, "description": "Paths of the imported libraries." } }, "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1BigQueryRoutineSpecResponse": { "description": "Fields specific for BigQuery routines.", "properties": { "importedLibraries": { "type": "array", "items": { "type": "string" }, "description": "Paths of the imported libraries." } }, "type": "object", "required": [ "importedLibraries" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1BigQueryTableSpecResponse": { "description": "Describes a BigQuery table.", "properties": { "tableSourceType": { "type": "string", "description": "The table source type." }, "tableSpec": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1TableSpecResponse", "description": "Specification of a BigQuery table. Populated only if the `table_source_type` is `BIGQUERY_TABLE`." }, "viewSpec": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1ViewSpecResponse", "description": "Table view specification. Populated only if the `table_source_type` is `BIGQUERY_VIEW`." } }, "type": "object", "required": [ "tableSourceType", "tableSpec", "viewSpec" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1BusinessContext": { "description": "Business Context of the entry.", "properties": { "contacts": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1Contacts", "description": "Contact people for the entry." }, "entryOverview": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1EntryOverview", "description": "Entry overview fields for rich text descriptions of entries." } }, "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1BusinessContextResponse": { "description": "Business Context of the entry.", "properties": { "contacts": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1ContactsResponse", "description": "Contact people for the entry." }, "entryOverview": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1EntryOverviewResponse", "description": "Entry overview fields for rich text descriptions of entries." } }, "type": "object", "required": [ "contacts", "entryOverview" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1CloudBigtableInstanceSpec": { "description": "Specification that applies to Instance entries that are part of `CLOUD_BIGTABLE` system. (user_specified_type)", "properties": { "cloudBigtableClusterSpecs": { "type": "array", "items": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1CloudBigtableInstanceSpecCloudBigtableClusterSpec" }, "description": "The list of clusters for the Instance." } }, "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1CloudBigtableInstanceSpecCloudBigtableClusterSpec": { "description": "Spec that applies to clusters of an Instance of Cloud Bigtable.", "properties": { "displayName": { "type": "string", "description": "Name of the cluster." }, "linkedResource": { "type": "string", "description": "A link back to the parent resource, in this case Instance." }, "location": { "type": "string", "description": "Location of the cluster, typically a Cloud zone." }, "type": { "type": "string", "description": "Type of the resource. For a cluster this would be \"CLUSTER\"." } }, "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1CloudBigtableInstanceSpecCloudBigtableClusterSpecResponse": { "description": "Spec that applies to clusters of an Instance of Cloud Bigtable.", "properties": { "displayName": { "type": "string", "description": "Name of the cluster." }, "linkedResource": { "type": "string", "description": "A link back to the parent resource, in this case Instance." }, "location": { "type": "string", "description": "Location of the cluster, typically a Cloud zone." }, "type": { "type": "string", "description": "Type of the resource. For a cluster this would be \"CLUSTER\"." } }, "type": "object", "required": [ "displayName", "linkedResource", "location", "type" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1CloudBigtableInstanceSpecResponse": { "description": "Specification that applies to Instance entries that are part of `CLOUD_BIGTABLE` system. (user_specified_type)", "properties": { "cloudBigtableClusterSpecs": { "type": "array", "items": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1CloudBigtableInstanceSpecCloudBigtableClusterSpecResponse" }, "description": "The list of clusters for the Instance." } }, "type": "object", "required": [ "cloudBigtableClusterSpecs" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1CloudBigtableSystemSpec": { "description": "Specification that applies to all entries that are part of `CLOUD_BIGTABLE` system (user_specified_type)", "properties": { "instanceDisplayName": { "type": "string", "description": "Display name of the Instance. This is user specified and different from the resource name." } }, "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1CloudBigtableSystemSpecResponse": { "description": "Specification that applies to all entries that are part of `CLOUD_BIGTABLE` system (user_specified_type)", "properties": { "instanceDisplayName": { "type": "string", "description": "Display name of the Instance. This is user specified and different from the resource name." } }, "type": "object", "required": [ "instanceDisplayName" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1CloudSqlBigQueryConnectionSpecResponse": { "description": "Specification for the BigQuery connection to a Cloud SQL instance.", "properties": { "database": { "type": "string", "description": "Database name." }, "instanceId": { "type": "string", "description": "Cloud SQL instance ID in the format of `project:location:instance`." }, "type": { "type": "string", "description": "Type of the Cloud SQL database." } }, "type": "object", "required": [ "database", "instanceId", "type" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1ColumnSchema": { "description": "A column within a schema. Columns can be nested inside other columns.", "properties": { "column": { "type": "string", "description": "Name of the column. Must be a UTF-8 string without dots (.). The maximum size is 64 bytes." }, "defaultValue": { "type": "string", "description": "Optional. Default value for the column." }, "description": { "type": "string", "description": "Optional. Description of the column. Default value is an empty string. The description must be a UTF-8 string with the maximum size of 2000 bytes." }, "gcRule": { "type": "string", "description": "Optional. Garbage collection policy for the column or column family. Applies to systems like Cloud Bigtable." }, "highestIndexingType": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1ColumnSchemaHighestIndexingType", "description": "Optional. Most important inclusion of this column." }, "lookerColumnSpec": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1ColumnSchemaLookerColumnSpec", "description": "Looker specific column info of this column." }, "mode": { "type": "string", "description": "Optional. A column's mode indicates whether values in this column are required, nullable, or repeated. Only `NULLABLE`, `REQUIRED`, and `REPEATED` values are supported. Default mode is `NULLABLE`." }, "ordinalPosition": { "type": "integer", "description": "Optional. Ordinal position" }, "subcolumns": { "type": "array", "items": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1ColumnSchema" }, "description": "Optional. Schema of sub-columns. A column can have zero or more sub-columns." }, "type": { "type": "string", "description": "Type of the column. Must be a UTF-8 string with the maximum size of 128 bytes." } }, "type": "object", "required": [ "column", "type" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1ColumnSchemaHighestIndexingType": { "description": "Optional. Most important inclusion of this column.", "type": "string", "enum": [ { "name": "IndexingTypeUnspecified", "description": "Unspecified.", "value": "INDEXING_TYPE_UNSPECIFIED" }, { "name": "IndexingTypeNone", "description": "Column not a part of an index.", "value": "INDEXING_TYPE_NONE" }, { "name": "IndexingTypeNonUnique", "description": "Column Part of non unique index.", "value": "INDEXING_TYPE_NON_UNIQUE" }, { "name": "IndexingTypeUnique", "description": "Column part of unique index.", "value": "INDEXING_TYPE_UNIQUE" }, { "name": "IndexingTypePrimaryKey", "description": "Column part of the primary key.", "value": "INDEXING_TYPE_PRIMARY_KEY" } ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1ColumnSchemaLookerColumnSpec": { "description": "Column info specific to Looker System.", "properties": { "type": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1ColumnSchemaLookerColumnSpecType", "description": "Looker specific column type of this column." } }, "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1ColumnSchemaLookerColumnSpecResponse": { "description": "Column info specific to Looker System.", "properties": { "type": { "type": "string", "description": "Looker specific column type of this column." } }, "type": "object", "required": [ "type" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1ColumnSchemaLookerColumnSpecType": { "description": "Looker specific column type of this column.", "type": "string", "enum": [ { "name": "LookerColumnTypeUnspecified", "description": "Unspecified.", "value": "LOOKER_COLUMN_TYPE_UNSPECIFIED" }, { "name": "Dimension", "description": "Dimension.", "value": "DIMENSION" }, { "name": "DimensionGroup", "description": "Dimension group - parent for Dimension.", "value": "DIMENSION_GROUP" }, { "name": "Filter", "description": "Filter.", "value": "FILTER" }, { "name": "Measure", "description": "Measure.", "value": "MEASURE" }, { "name": "Parameter", "description": "Parameter.", "value": "PARAMETER" } ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1ColumnSchemaResponse": { "description": "A column within a schema. Columns can be nested inside other columns.", "properties": { "column": { "type": "string", "description": "Name of the column. Must be a UTF-8 string without dots (.). The maximum size is 64 bytes." }, "defaultValue": { "type": "string", "description": "Optional. Default value for the column." }, "description": { "type": "string", "description": "Optional. Description of the column. Default value is an empty string. The description must be a UTF-8 string with the maximum size of 2000 bytes." }, "gcRule": { "type": "string", "description": "Optional. Garbage collection policy for the column or column family. Applies to systems like Cloud Bigtable." }, "highestIndexingType": { "type": "string", "description": "Optional. Most important inclusion of this column." }, "lookerColumnSpec": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1ColumnSchemaLookerColumnSpecResponse", "description": "Looker specific column info of this column." }, "mode": { "type": "string", "description": "Optional. A column's mode indicates whether values in this column are required, nullable, or repeated. Only `NULLABLE`, `REQUIRED`, and `REPEATED` values are supported. Default mode is `NULLABLE`." }, "ordinalPosition": { "type": "integer", "description": "Optional. Ordinal position" }, "subcolumns": { "type": "array", "items": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1ColumnSchemaResponse" }, "description": "Optional. Schema of sub-columns. A column can have zero or more sub-columns." }, "type": { "type": "string", "description": "Type of the column. Must be a UTF-8 string with the maximum size of 128 bytes." } }, "type": "object", "required": [ "column", "defaultValue", "description", "gcRule", "highestIndexingType", "lookerColumnSpec", "mode", "ordinalPosition", "subcolumns", "type" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1Contacts": { "description": "Contact people for the entry.", "properties": { "people": { "type": "array", "items": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1ContactsPerson" }, "description": "The list of contact people for the entry." } }, "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1ContactsPerson": { "description": "A contact person for the entry.", "properties": { "designation": { "type": "string", "description": "Designation of the person, for example, Data Steward." }, "email": { "type": "string", "description": "Email of the person in the format of `john.doe@xyz`, ``, or `John Doe`." } }, "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1ContactsPersonResponse": { "description": "A contact person for the entry.", "properties": { "designation": { "type": "string", "description": "Designation of the person, for example, Data Steward." }, "email": { "type": "string", "description": "Email of the person in the format of `john.doe@xyz`, ``, or `John Doe`." } }, "type": "object", "required": [ "designation", "email" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1ContactsResponse": { "description": "Contact people for the entry.", "properties": { "people": { "type": "array", "items": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1ContactsPersonResponse" }, "description": "The list of contact people for the entry." } }, "type": "object", "required": [ "people" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1DataSourceConnectionSpec": { "description": "Specification that applies to a data source connection. Valid only for entries with the `DATA_SOURCE_CONNECTION` type. Only one of internal specs can be set at the time, and cannot be changed later.", "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1DataSourceConnectionSpecResponse": { "description": "Specification that applies to a data source connection. Valid only for entries with the `DATA_SOURCE_CONNECTION` type. Only one of internal specs can be set at the time, and cannot be changed later.", "properties": { "bigqueryConnectionSpec": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1BigQueryConnectionSpecResponse", "description": "Fields specific to BigQuery connections." } }, "type": "object", "required": [ "bigqueryConnectionSpec" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1DataSourceResponse": { "description": "Physical location of an entry.", "properties": { "resource": { "type": "string", "description": "Full name of a resource as defined by the service. For example: `//bigquery.googleapis.com/projects/{PROJECT_ID}/locations/{LOCATION}/datasets/{DATASET_ID}/tables/{TABLE_ID}`" }, "service": { "type": "string", "description": "Service that physically stores the data." }, "sourceEntry": { "type": "string", "description": "Data Catalog entry name, if applicable." }, "storageProperties": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1StoragePropertiesResponse", "description": "Detailed properties of the underlying storage." } }, "type": "object", "required": [ "resource", "service", "sourceEntry", "storageProperties" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1DatabaseTableSpec": { "description": "Specification that applies to a table resource. Valid only for entries with the `TABLE` type.", "properties": { "databaseViewSpec": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1DatabaseTableSpecDatabaseViewSpec", "description": "Spec what aplies to tables that are actually views. Not set for \"real\" tables." }, "type": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1DatabaseTableSpecType", "description": "Type of this table." } }, "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1DatabaseTableSpecDatabaseViewSpec": { "description": "Specification that applies to database view.", "properties": { "baseTable": { "type": "string", "description": "Name of a singular table this view reflects one to one." }, "sqlQuery": { "type": "string", "description": "SQL query used to generate this view." }, "viewType": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1DatabaseTableSpecDatabaseViewSpecViewType", "description": "Type of this view." } }, "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1DatabaseTableSpecDatabaseViewSpecResponse": { "description": "Specification that applies to database view.", "properties": { "baseTable": { "type": "string", "description": "Name of a singular table this view reflects one to one." }, "sqlQuery": { "type": "string", "description": "SQL query used to generate this view." }, "viewType": { "type": "string", "description": "Type of this view." } }, "type": "object", "required": [ "baseTable", "sqlQuery", "viewType" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1DatabaseTableSpecDatabaseViewSpecViewType": { "description": "Type of this view.", "type": "string", "enum": [ { "name": "ViewTypeUnspecified", "description": "Default unknown view type.", "value": "VIEW_TYPE_UNSPECIFIED" }, { "name": "StandardView", "description": "Standard view.", "value": "STANDARD_VIEW" }, { "name": "MaterializedView", "description": "Materialized view.", "value": "MATERIALIZED_VIEW" } ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1DatabaseTableSpecResponse": { "description": "Specification that applies to a table resource. Valid only for entries with the `TABLE` type.", "properties": { "databaseViewSpec": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1DatabaseTableSpecDatabaseViewSpecResponse", "description": "Spec what aplies to tables that are actually views. Not set for \"real\" tables." }, "dataplexTable": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1DataplexTableSpecResponse", "description": "Fields specific to a Dataplex table and present only in the Dataplex table entries." }, "type": { "type": "string", "description": "Type of this table." } }, "type": "object", "required": [ "databaseViewSpec", "dataplexTable", "type" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1DatabaseTableSpecType": { "description": "Type of this table.", "type": "string", "enum": [ { "name": "TableTypeUnspecified", "description": "Default unknown table type.", "value": "TABLE_TYPE_UNSPECIFIED" }, { "name": "Native", "description": "Native table.", "value": "NATIVE" }, { "name": "External", "description": "External table.", "value": "EXTERNAL" } ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1DataplexExternalTableResponse": { "description": "External table registered by Dataplex. Dataplex publishes data discovered from an asset into multiple other systems (BigQuery, DPMS) in form of tables. We call them \"external tables\". External tables are also synced into the Data Catalog. This message contains pointers to those external tables (fully qualified name, resource name et cetera) within the Data Catalog.", "properties": { "dataCatalogEntry": { "type": "string", "description": "Name of the Data Catalog entry representing the external table." }, "fullyQualifiedName": { "type": "string", "description": "Fully qualified name (FQN) of the external table." }, "googleCloudResource": { "type": "string", "description": "Google Cloud resource name of the external table." }, "system": { "type": "string", "description": "Service in which the external table is registered." } }, "type": "object", "required": [ "dataCatalogEntry", "fullyQualifiedName", "googleCloudResource", "system" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1DataplexFilesetSpec": { "description": "Entry specyfication for a Dataplex fileset.", "properties": { "dataplexSpec": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1DataplexSpec", "description": "Common Dataplex fields." } }, "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1DataplexFilesetSpecResponse": { "description": "Entry specyfication for a Dataplex fileset.", "properties": { "dataplexSpec": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1DataplexSpecResponse", "description": "Common Dataplex fields." } }, "type": "object", "required": [ "dataplexSpec" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1DataplexSpec": { "description": "Common Dataplex fields.", "properties": { "asset": { "type": "string", "description": "Fully qualified resource name of an asset in Dataplex, to which the underlying data source (Cloud Storage bucket or BigQuery dataset) of the entity is attached." }, "compressionFormat": { "type": "string", "description": "Compression format of the data, e.g., zip, gzip etc." }, "dataFormat": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1PhysicalSchema", "description": "Format of the data." }, "project": { "type": "string", "description": "Project ID of the underlying Cloud Storage or BigQuery data. Note that this may not be the same project as the correspondingly Dataplex lake / zone / asset." } }, "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1DataplexSpecResponse": { "description": "Common Dataplex fields.", "properties": { "asset": { "type": "string", "description": "Fully qualified resource name of an asset in Dataplex, to which the underlying data source (Cloud Storage bucket or BigQuery dataset) of the entity is attached." }, "compressionFormat": { "type": "string", "description": "Compression format of the data, e.g., zip, gzip etc." }, "dataFormat": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1PhysicalSchemaResponse", "description": "Format of the data." }, "project": { "type": "string", "description": "Project ID of the underlying Cloud Storage or BigQuery data. Note that this may not be the same project as the correspondingly Dataplex lake / zone / asset." } }, "type": "object", "required": [ "asset", "compressionFormat", "dataFormat", "project" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1DataplexTableSpecResponse": { "description": "Entry specification for a Dataplex table.", "properties": { "dataplexSpec": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1DataplexSpecResponse", "description": "Common Dataplex fields." }, "externalTables": { "type": "array", "items": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1DataplexExternalTableResponse" }, "description": "List of external tables registered by Dataplex in other systems based on the same underlying data. External tables allow to query this data in those systems." }, "userManaged": { "type": "boolean", "description": "Indicates if the table schema is managed by the user or not." } }, "type": "object", "required": [ "dataplexSpec", "externalTables", "userManaged" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1DatasetSpec": { "description": "Specification that applies to a dataset. Valid only for entries with the `DATASET` type.", "properties": { "vertexDatasetSpec": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1VertexDatasetSpec", "description": "Vertex AI Dataset specific fields" } }, "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1DatasetSpecResponse": { "description": "Specification that applies to a dataset. Valid only for entries with the `DATASET` type.", "properties": { "vertexDatasetSpec": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1VertexDatasetSpecResponse", "description": "Vertex AI Dataset specific fields" } }, "type": "object", "required": [ "vertexDatasetSpec" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1EntryOverview": { "description": "Entry overview fields for rich text descriptions of entries.", "properties": { "overview": { "type": "string", "description": "Entry overview with support for rich text. The overview must only contain Unicode characters, and should be formatted using HTML. The maximum length is 10 MiB as this value holds HTML descriptions including encoded images. The maximum length of the text without images is 100 KiB." } }, "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1EntryOverviewResponse": { "description": "Entry overview fields for rich text descriptions of entries.", "properties": { "overview": { "type": "string", "description": "Entry overview with support for rich text. The overview must only contain Unicode characters, and should be formatted using HTML. The maximum length is 10 MiB as this value holds HTML descriptions including encoded images. The maximum length of the text without images is 100 KiB." } }, "type": "object", "required": [ "overview" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1FilesetSpec": { "description": "Specification that applies to a fileset. Valid only for entries with the 'FILESET' type.", "properties": { "dataplexFileset": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1DataplexFilesetSpec", "description": "Fields specific to a Dataplex fileset and present only in the Dataplex fileset entries." } }, "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1FilesetSpecResponse": { "description": "Specification that applies to a fileset. Valid only for entries with the 'FILESET' type.", "properties": { "dataplexFileset": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1DataplexFilesetSpecResponse", "description": "Fields specific to a Dataplex fileset and present only in the Dataplex fileset entries." } }, "type": "object", "required": [ "dataplexFileset" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1GcsFileSpecResponse": { "description": "Specification of a single file in Cloud Storage.", "properties": { "filePath": { "type": "string", "description": "Full file path. Example: `gs://bucket_name/a/b.txt`." }, "gcsTimestamps": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1SystemTimestampsResponse", "description": "Creation, modification, and expiration timestamps of a Cloud Storage file." }, "sizeBytes": { "type": "string", "description": "File size in bytes." } }, "type": "object", "required": [ "filePath", "gcsTimestamps", "sizeBytes" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1GcsFilesetSpec": { "description": "Describes a Cloud Storage fileset entry.", "properties": { "filePatterns": { "type": "array", "items": { "type": "string" }, "description": "Patterns to identify a set of files in Google Cloud Storage. For more information, see [Wildcard Names] (https://cloud.google.com/storage/docs/gsutil/addlhelp/WildcardNames). Note: Currently, bucket wildcards are not supported. Examples of valid `file_patterns`: * `gs://bucket_name/dir/*`: matches all files in `bucket_name/dir` directory * `gs://bucket_name/dir/**`: matches all files in `bucket_name/dir` and all subdirectories * `gs://bucket_name/file*`: matches files prefixed by `file` in `bucket_name` * `gs://bucket_name/??.txt`: matches files with two characters followed by `.txt` in `bucket_name` * `gs://bucket_name/[aeiou].txt`: matches files that contain a single vowel character followed by `.txt` in `bucket_name` * `gs://bucket_name/[a-m].txt`: matches files that contain `a`, `b`, ... or `m` followed by `.txt` in `bucket_name` * `gs://bucket_name/a/*/b`: matches all files in `bucket_name` that match the `a/*/b` pattern, such as `a/c/b`, `a/d/b` * `gs://another_bucket/a.txt`: matches `gs://another_bucket/a.txt` You can combine wildcards to match complex sets of files, for example: `gs://bucket_name/[a-m]??.j*g`" } }, "type": "object", "required": [ "filePatterns" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1GcsFilesetSpecResponse": { "description": "Describes a Cloud Storage fileset entry.", "properties": { "filePatterns": { "type": "array", "items": { "type": "string" }, "description": "Patterns to identify a set of files in Google Cloud Storage. For more information, see [Wildcard Names] (https://cloud.google.com/storage/docs/gsutil/addlhelp/WildcardNames). Note: Currently, bucket wildcards are not supported. Examples of valid `file_patterns`: * `gs://bucket_name/dir/*`: matches all files in `bucket_name/dir` directory * `gs://bucket_name/dir/**`: matches all files in `bucket_name/dir` and all subdirectories * `gs://bucket_name/file*`: matches files prefixed by `file` in `bucket_name` * `gs://bucket_name/??.txt`: matches files with two characters followed by `.txt` in `bucket_name` * `gs://bucket_name/[aeiou].txt`: matches files that contain a single vowel character followed by `.txt` in `bucket_name` * `gs://bucket_name/[a-m].txt`: matches files that contain `a`, `b`, ... or `m` followed by `.txt` in `bucket_name` * `gs://bucket_name/a/*/b`: matches all files in `bucket_name` that match the `a/*/b` pattern, such as `a/c/b`, `a/d/b` * `gs://another_bucket/a.txt`: matches `gs://another_bucket/a.txt` You can combine wildcards to match complex sets of files, for example: `gs://bucket_name/[a-m]??.j*g`" }, "sampleGcsFileSpecs": { "type": "array", "items": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1GcsFileSpecResponse" }, "description": "Sample files contained in this fileset, not all files contained in this fileset are represented here." } }, "type": "object", "required": [ "filePatterns", "sampleGcsFileSpecs" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1LookerSystemSpec": { "description": "Specification that applies to entries that are part `LOOKER` system (user_specified_type)", "properties": { "parentInstanceDisplayName": { "type": "string", "description": "Name of the parent Looker Instance. Empty if it does not exist." }, "parentInstanceId": { "type": "string", "description": "ID of the parent Looker Instance. Empty if it does not exist. Example value: `someinstance.looker.com`" }, "parentModelDisplayName": { "type": "string", "description": "Name of the parent Model. Empty if it does not exist." }, "parentModelId": { "type": "string", "description": "ID of the parent Model. Empty if it does not exist." }, "parentViewDisplayName": { "type": "string", "description": "Name of the parent View. Empty if it does not exist." }, "parentViewId": { "type": "string", "description": "ID of the parent View. Empty if it does not exist." } }, "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1LookerSystemSpecResponse": { "description": "Specification that applies to entries that are part `LOOKER` system (user_specified_type)", "properties": { "parentInstanceDisplayName": { "type": "string", "description": "Name of the parent Looker Instance. Empty if it does not exist." }, "parentInstanceId": { "type": "string", "description": "ID of the parent Looker Instance. Empty if it does not exist. Example value: `someinstance.looker.com`" }, "parentModelDisplayName": { "type": "string", "description": "Name of the parent Model. Empty if it does not exist." }, "parentModelId": { "type": "string", "description": "ID of the parent Model. Empty if it does not exist." }, "parentViewDisplayName": { "type": "string", "description": "Name of the parent View. Empty if it does not exist." }, "parentViewId": { "type": "string", "description": "ID of the parent View. Empty if it does not exist." } }, "type": "object", "required": [ "parentInstanceDisplayName", "parentInstanceId", "parentModelDisplayName", "parentModelId", "parentViewDisplayName", "parentViewId" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1ModelSpec": { "description": "Specification that applies to a model. Valid only for entries with the `MODEL` type.", "properties": { "vertexModelSpec": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1VertexModelSpec", "description": "Specification for vertex model resources." } }, "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1ModelSpecResponse": { "description": "Specification that applies to a model. Valid only for entries with the `MODEL` type.", "properties": { "vertexModelSpec": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1VertexModelSpecResponse", "description": "Specification for vertex model resources." } }, "type": "object", "required": [ "vertexModelSpec" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1PersonalDetailsResponse": { "description": "Entry metadata relevant only to the user and private to them.", "properties": { "starTime": { "type": "string", "description": "Set if the entry is starred; unset otherwise." }, "starred": { "type": "boolean", "description": "True if the entry is starred by the user; false otherwise." } }, "type": "object", "required": [ "starTime", "starred" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1PhysicalSchema": { "description": "Native schema used by a resource represented as an entry. Used by query engines for deserializing and parsing source data.", "properties": { "avro": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1PhysicalSchemaAvroSchema", "description": "Schema in Avro JSON format." }, "csv": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1PhysicalSchemaCsvSchema", "description": "Marks a CSV-encoded data source." }, "orc": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1PhysicalSchemaOrcSchema", "description": "Marks an ORC-encoded data source." }, "parquet": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1PhysicalSchemaParquetSchema", "description": "Marks a Parquet-encoded data source." }, "protobuf": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1PhysicalSchemaProtobufSchema", "description": "Schema in protocol buffer format." }, "thrift": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1PhysicalSchemaThriftSchema", "description": "Schema in Thrift format." } }, "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1PhysicalSchemaAvroSchema": { "description": "Schema in Avro JSON format.", "properties": { "text": { "type": "string", "description": "JSON source of the Avro schema." } }, "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1PhysicalSchemaAvroSchemaResponse": { "description": "Schema in Avro JSON format.", "properties": { "text": { "type": "string", "description": "JSON source of the Avro schema." } }, "type": "object", "required": [ "text" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1PhysicalSchemaCsvSchema": { "description": "Marks a CSV-encoded data source.", "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1PhysicalSchemaCsvSchemaResponse": { "description": "Marks a CSV-encoded data source.", "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1PhysicalSchemaOrcSchema": { "description": "Marks an ORC-encoded data source.", "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1PhysicalSchemaOrcSchemaResponse": { "description": "Marks an ORC-encoded data source.", "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1PhysicalSchemaParquetSchema": { "description": "Marks a Parquet-encoded data source.", "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1PhysicalSchemaParquetSchemaResponse": { "description": "Marks a Parquet-encoded data source.", "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1PhysicalSchemaProtobufSchema": { "description": "Schema in protocol buffer format.", "properties": { "text": { "type": "string", "description": "Protocol buffer source of the schema." } }, "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1PhysicalSchemaProtobufSchemaResponse": { "description": "Schema in protocol buffer format.", "properties": { "text": { "type": "string", "description": "Protocol buffer source of the schema." } }, "type": "object", "required": [ "text" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1PhysicalSchemaResponse": { "description": "Native schema used by a resource represented as an entry. Used by query engines for deserializing and parsing source data.", "properties": { "avro": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1PhysicalSchemaAvroSchemaResponse", "description": "Schema in Avro JSON format." }, "csv": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1PhysicalSchemaCsvSchemaResponse", "description": "Marks a CSV-encoded data source." }, "orc": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1PhysicalSchemaOrcSchemaResponse", "description": "Marks an ORC-encoded data source." }, "parquet": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1PhysicalSchemaParquetSchemaResponse", "description": "Marks a Parquet-encoded data source." }, "protobuf": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1PhysicalSchemaProtobufSchemaResponse", "description": "Schema in protocol buffer format." }, "thrift": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1PhysicalSchemaThriftSchemaResponse", "description": "Schema in Thrift format." } }, "type": "object", "required": [ "avro", "csv", "orc", "parquet", "protobuf", "thrift" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1PhysicalSchemaThriftSchema": { "description": "Schema in Thrift format.", "properties": { "text": { "type": "string", "description": "Thrift IDL source of the schema." } }, "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1PhysicalSchemaThriftSchemaResponse": { "description": "Schema in Thrift format.", "properties": { "text": { "type": "string", "description": "Thrift IDL source of the schema." } }, "type": "object", "required": [ "text" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1RoutineSpec": { "description": "Specification that applies to a routine. Valid only for entries with the `ROUTINE` type.", "properties": { "bigqueryRoutineSpec": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1BigQueryRoutineSpec", "description": "Fields specific for BigQuery routines." }, "definitionBody": { "type": "string", "description": "The body of the routine." }, "language": { "type": "string", "description": "The language the routine is written in. The exact value depends on the source system. For BigQuery routines, possible values are: * `SQL` * `JAVASCRIPT`" }, "returnType": { "type": "string", "description": "Return type of the argument. The exact value depends on the source system and the language." }, "routineArguments": { "type": "array", "items": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1RoutineSpecArgument" }, "description": "Arguments of the routine." }, "routineType": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1RoutineSpecRoutineType", "description": "The type of the routine." } }, "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1RoutineSpecArgument": { "description": "Input or output argument of a function or stored procedure.", "properties": { "mode": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1RoutineSpecArgumentMode", "description": "Specifies whether the argument is input or output." }, "name": { "type": "string", "description": "The name of the argument. A return argument of a function might not have a name." }, "type": { "type": "string", "description": "Type of the argument. The exact value depends on the source system and the language." } }, "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1RoutineSpecArgumentMode": { "description": "Specifies whether the argument is input or output.", "type": "string", "enum": [ { "name": "ModeUnspecified", "description": "Unspecified mode.", "value": "MODE_UNSPECIFIED" }, { "name": "In", "description": "The argument is input-only.", "value": "IN" }, { "name": "Out", "description": "The argument is output-only.", "value": "OUT" }, { "name": "Inout", "description": "The argument is both an input and an output.", "value": "INOUT" } ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1RoutineSpecArgumentResponse": { "description": "Input or output argument of a function or stored procedure.", "properties": { "mode": { "type": "string", "description": "Specifies whether the argument is input or output." }, "name": { "type": "string", "description": "The name of the argument. A return argument of a function might not have a name." }, "type": { "type": "string", "description": "Type of the argument. The exact value depends on the source system and the language." } }, "type": "object", "required": [ "mode", "name", "type" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1RoutineSpecResponse": { "description": "Specification that applies to a routine. Valid only for entries with the `ROUTINE` type.", "properties": { "bigqueryRoutineSpec": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1BigQueryRoutineSpecResponse", "description": "Fields specific for BigQuery routines." }, "definitionBody": { "type": "string", "description": "The body of the routine." }, "language": { "type": "string", "description": "The language the routine is written in. The exact value depends on the source system. For BigQuery routines, possible values are: * `SQL` * `JAVASCRIPT`" }, "returnType": { "type": "string", "description": "Return type of the argument. The exact value depends on the source system and the language." }, "routineArguments": { "type": "array", "items": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1RoutineSpecArgumentResponse" }, "description": "Arguments of the routine." }, "routineType": { "type": "string", "description": "The type of the routine." } }, "type": "object", "required": [ "bigqueryRoutineSpec", "definitionBody", "language", "returnType", "routineArguments", "routineType" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1RoutineSpecRoutineType": { "description": "The type of the routine.", "type": "string", "enum": [ { "name": "RoutineTypeUnspecified", "description": "Unspecified type.", "value": "ROUTINE_TYPE_UNSPECIFIED" }, { "name": "ScalarFunction", "description": "Non-builtin permanent scalar function.", "value": "SCALAR_FUNCTION" }, { "name": "Procedure", "description": "Stored procedure.", "value": "PROCEDURE" } ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1Schema": { "description": "Represents a schema, for example, a BigQuery, GoogleSQL, or Avro schema.", "properties": { "columns": { "type": "array", "items": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1ColumnSchema" }, "description": "The unified GoogleSQL-like schema of columns. The overall maximum number of columns and nested columns is 10,000. The maximum nested depth is 15 levels." } }, "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1SchemaResponse": { "description": "Represents a schema, for example, a BigQuery, GoogleSQL, or Avro schema.", "properties": { "columns": { "type": "array", "items": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1ColumnSchemaResponse" }, "description": "The unified GoogleSQL-like schema of columns. The overall maximum number of columns and nested columns is 10,000. The maximum nested depth is 15 levels." } }, "type": "object", "required": [ "columns" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1ServiceSpec": { "description": "Specification that applies to a Service resource. Valid only for entries with the `SERVICE` type.", "properties": { "cloudBigtableInstanceSpec": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1CloudBigtableInstanceSpec", "description": "Specification that applies to Instance entries of `CLOUD_BIGTABLE` system." } }, "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1ServiceSpecResponse": { "description": "Specification that applies to a Service resource. Valid only for entries with the `SERVICE` type.", "properties": { "cloudBigtableInstanceSpec": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1CloudBigtableInstanceSpecResponse", "description": "Specification that applies to Instance entries of `CLOUD_BIGTABLE` system." } }, "type": "object", "required": [ "cloudBigtableInstanceSpec" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1SqlDatabaseSystemSpec": { "description": "Specification that applies to entries that are part `SQL_DATABASE` system (user_specified_type)", "properties": { "databaseVersion": { "type": "string", "description": "Version of the database engine." }, "instanceHost": { "type": "string", "description": "Host of the SQL database enum InstanceHost { UNDEFINED = 0; SELF_HOSTED = 1; CLOUD_SQL = 2; AMAZON_RDS = 3; AZURE_SQL = 4; } Host of the enclousing database instance." }, "sqlEngine": { "type": "string", "description": "SQL Database Engine. enum SqlEngine { UNDEFINED = 0; MY_SQL = 1; POSTGRE_SQL = 2; SQL_SERVER = 3; } Engine of the enclosing database instance." } }, "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1SqlDatabaseSystemSpecResponse": { "description": "Specification that applies to entries that are part `SQL_DATABASE` system (user_specified_type)", "properties": { "databaseVersion": { "type": "string", "description": "Version of the database engine." }, "instanceHost": { "type": "string", "description": "Host of the SQL database enum InstanceHost { UNDEFINED = 0; SELF_HOSTED = 1; CLOUD_SQL = 2; AMAZON_RDS = 3; AZURE_SQL = 4; } Host of the enclousing database instance." }, "sqlEngine": { "type": "string", "description": "SQL Database Engine. enum SqlEngine { UNDEFINED = 0; MY_SQL = 1; POSTGRE_SQL = 2; SQL_SERVER = 3; } Engine of the enclosing database instance." } }, "type": "object", "required": [ "databaseVersion", "instanceHost", "sqlEngine" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1StoragePropertiesResponse": { "description": "Details the properties of the underlying storage.", "properties": { "filePattern": { "type": "array", "items": { "type": "string" }, "description": "Patterns to identify a set of files for this fileset. Examples of a valid `file_pattern`: * `gs://bucket_name/dir/*`: matches all files in the `bucket_name/dir` directory * `gs://bucket_name/dir/**`: matches all files in the `bucket_name/dir` and all subdirectories recursively * `gs://bucket_name/file*`: matches files prefixed by `file` in `bucket_name` * `gs://bucket_name/??.txt`: matches files with two characters followed by `.txt` in `bucket_name` * `gs://bucket_name/[aeiou].txt`: matches files that contain a single vowel character followed by `.txt` in `bucket_name` * `gs://bucket_name/[a-m].txt`: matches files that contain `a`, `b`, ... or `m` followed by `.txt` in `bucket_name` * `gs://bucket_name/a/*/b`: matches all files in `bucket_name` that match the `a/*/b` pattern, such as `a/c/b`, `a/d/b` * `gs://another_bucket/a.txt`: matches `gs://another_bucket/a.txt`" }, "fileType": { "type": "string", "description": "File type in MIME format, for example, `text/plain`." } }, "type": "object", "required": [ "filePattern", "fileType" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1SystemTimestamps": { "description": "Timestamps associated with this resource in a particular system.", "properties": { "createTime": { "type": "string", "description": "Creation timestamp of the resource within the given system." }, "updateTime": { "type": "string", "description": "Timestamp of the last modification of the resource or its metadata within a given system. Note: Depending on the source system, not every modification updates this timestamp. For example, BigQuery timestamps every metadata modification but not data or permission changes." } }, "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1SystemTimestampsResponse": { "description": "Timestamps associated with this resource in a particular system.", "properties": { "createTime": { "type": "string", "description": "Creation timestamp of the resource within the given system." }, "expireTime": { "type": "string", "description": "Expiration timestamp of the resource within the given system. Currently only applicable to BigQuery resources." }, "updateTime": { "type": "string", "description": "Timestamp of the last modification of the resource or its metadata within a given system. Note: Depending on the source system, not every modification updates this timestamp. For example, BigQuery timestamps every metadata modification but not data or permission changes." } }, "type": "object", "required": [ "createTime", "expireTime", "updateTime" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1TableSpecResponse": { "description": "Normal BigQuery table specification.", "properties": { "groupedEntry": { "type": "string", "description": "If the table is date-sharded, that is, it matches the `[prefix]YYYYMMDD` name pattern, this field is the Data Catalog resource name of the date-sharded grouped entry. For example: `projects/{PROJECT_ID}/locations/{LOCATION}/entrygroups/{ENTRY_GROUP_ID}/entries/{ENTRY_ID}`. Otherwise, `grouped_entry` is empty." } }, "type": "object", "required": [ "groupedEntry" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1TaxonomyServiceResponse": { "description": "The source system of the Taxonomy.", "properties": { "identity": { "type": "string", "description": "The service agent for the service." }, "name": { "type": "string", "description": "The Google Cloud service name." } }, "type": "object", "required": [ "identity", "name" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1UsageSignal": { "description": "The set of all usage signals that Data Catalog stores. Note: Usually, these signals are updated daily. In rare cases, an update may fail but will be performed again on the next day.", "properties": { "commonUsageWithinTimeRange": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Common usage statistics over each of the predefined time ranges. Supported time ranges are `{\"24H\", \"7D\", \"30D\", \"Lifetime\"}`." }, "favoriteCount": { "type": "string", "description": "Favorite count in the source system." }, "updateTime": { "type": "string", "description": "The end timestamp of the duration of usage statistics." } }, "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1UsageSignalResponse": { "description": "The set of all usage signals that Data Catalog stores. Note: Usually, these signals are updated daily. In rare cases, an update may fail but will be performed again on the next day.", "properties": { "commonUsageWithinTimeRange": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Common usage statistics over each of the predefined time ranges. Supported time ranges are `{\"24H\", \"7D\", \"30D\", \"Lifetime\"}`." }, "favoriteCount": { "type": "string", "description": "Favorite count in the source system." }, "updateTime": { "type": "string", "description": "The end timestamp of the duration of usage statistics." }, "usageWithinTimeRange": { "type": "object", "additionalProperties": { "type": "string" }, "description": "BigQuery usage statistics over each of the predefined time ranges. Supported time ranges are `{\"24H\", \"7D\", \"30D\"}`." } }, "type": "object", "required": [ "commonUsageWithinTimeRange", "favoriteCount", "updateTime", "usageWithinTimeRange" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1VertexDatasetSpec": { "description": "Specification for vertex dataset resources.", "properties": { "dataItemCount": { "type": "string", "description": "The number of DataItems in this Dataset. Only apply for non-structured Dataset." }, "dataType": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1VertexDatasetSpecDataType", "description": "Type of the dataset." } }, "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1VertexDatasetSpecDataType": { "description": "Type of the dataset.", "type": "string", "enum": [ { "name": "DataTypeUnspecified", "description": "Should not be used.", "value": "DATA_TYPE_UNSPECIFIED" }, { "name": "Table", "description": "Structured data dataset.", "value": "TABLE" }, { "name": "Image", "description": "Image dataset which supports ImageClassification, ImageObjectDetection and ImageSegmentation problems.", "value": "IMAGE" }, { "name": "Text", "description": "Document dataset which supports TextClassification, TextExtraction and TextSentiment problems.", "value": "TEXT" }, { "name": "Video", "description": "Video dataset which supports VideoClassification, VideoObjectTracking and VideoActionRecognition problems.", "value": "VIDEO" }, { "name": "Conversation", "description": "Conversation dataset which supports conversation problems.", "value": "CONVERSATION" }, { "name": "TimeSeries", "description": "TimeSeries dataset.", "value": "TIME_SERIES" }, { "name": "Document", "description": "Document dataset which supports DocumentAnnotation problems.", "value": "DOCUMENT" }, { "name": "TextToSpeech", "description": "TextToSpeech dataset which supports TextToSpeech problems.", "value": "TEXT_TO_SPEECH" }, { "name": "Translation", "description": "Translation dataset which supports Translation problems.", "value": "TRANSLATION" }, { "name": "StoreVision", "description": "Store Vision dataset which is used for HITL integration.", "value": "STORE_VISION" }, { "name": "EnterpriseKnowledgeGraph", "description": "Enterprise Knowledge Graph dataset which is used for HITL labeling integration.", "value": "ENTERPRISE_KNOWLEDGE_GRAPH" }, { "name": "TextPrompt", "description": "Text prompt dataset which supports Large Language Models.", "value": "TEXT_PROMPT" } ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1VertexDatasetSpecResponse": { "description": "Specification for vertex dataset resources.", "properties": { "dataItemCount": { "type": "string", "description": "The number of DataItems in this Dataset. Only apply for non-structured Dataset." }, "dataType": { "type": "string", "description": "Type of the dataset." } }, "type": "object", "required": [ "dataItemCount", "dataType" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1VertexModelSourceInfo": { "description": "Detail description of the source information of a Vertex model.", "properties": { "copy": { "type": "boolean", "description": "If this Model is copy of another Model. If true then source_type pertains to the original." }, "sourceType": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1VertexModelSourceInfoSourceType", "description": "Type of the model source." } }, "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1VertexModelSourceInfoResponse": { "description": "Detail description of the source information of a Vertex model.", "properties": { "copy": { "type": "boolean", "description": "If this Model is copy of another Model. If true then source_type pertains to the original." }, "sourceType": { "type": "string", "description": "Type of the model source." } }, "type": "object", "required": [ "copy", "sourceType" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1VertexModelSourceInfoSourceType": { "description": "Type of the model source.", "type": "string", "enum": [ { "name": "ModelSourceTypeUnspecified", "description": "Should not be used.", "value": "MODEL_SOURCE_TYPE_UNSPECIFIED" }, { "name": "Automl", "description": "The Model is uploaded by automl training pipeline.", "value": "AUTOML" }, { "name": "Custom", "description": "The Model is uploaded by user or custom training pipeline.", "value": "CUSTOM" }, { "name": "Bqml", "description": "The Model is registered and sync'ed from BigQuery ML.", "value": "BQML" }, { "name": "ModelGarden", "description": "The Model is saved or tuned from Model Garden.", "value": "MODEL_GARDEN" } ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1VertexModelSpec": { "description": "Specification for vertex model resources.", "properties": { "containerImageUri": { "type": "string", "description": "URI of the Docker image to be used as the custom container for serving predictions." }, "versionAliases": { "type": "array", "items": { "type": "string" }, "description": "User provided version aliases so that a model version can be referenced via alias" }, "versionDescription": { "type": "string", "description": "The description of this version." }, "versionId": { "type": "string", "description": "The version ID of the model." }, "vertexModelSourceInfo": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1VertexModelSourceInfo", "description": "Source of a Vertex model." } }, "type": "object" }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1VertexModelSpecResponse": { "description": "Specification for vertex model resources.", "properties": { "containerImageUri": { "type": "string", "description": "URI of the Docker image to be used as the custom container for serving predictions." }, "versionAliases": { "type": "array", "items": { "type": "string" }, "description": "User provided version aliases so that a model version can be referenced via alias" }, "versionDescription": { "type": "string", "description": "The description of this version." }, "versionId": { "type": "string", "description": "The version ID of the model." }, "vertexModelSourceInfo": { "$ref": "#/types/google-native:datacatalog%2Fv1:GoogleCloudDatacatalogV1VertexModelSourceInfoResponse", "description": "Source of a Vertex model." } }, "type": "object", "required": [ "containerImageUri", "versionAliases", "versionDescription", "versionId", "vertexModelSourceInfo" ] }, "google-native:datacatalog/v1:GoogleCloudDatacatalogV1ViewSpecResponse": { "description": "Table view specification.", "properties": { "viewQuery": { "type": "string", "description": "The query that defines the table view." } }, "type": "object", "required": [ "viewQuery" ] }, "google-native:datacatalog/v1:TaxonomyActivatedPolicyTypesItem": { "type": "string", "enum": [ { "name": "PolicyTypeUnspecified", "description": "Unspecified policy type.", "value": "POLICY_TYPE_UNSPECIFIED" }, { "name": "FineGrainedAccessControl", "description": "Fine-grained access control policy that enables access control on tagged sub-resources.", "value": "FINE_GRAINED_ACCESS_CONTROL" } ] }, "google-native:datacatalog/v1beta1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:datacatalog%2Fv1beta1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:datacatalog/v1beta1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:datacatalog%2Fv1beta1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:datacatalog/v1beta1:EntryType": { "description": "The type of the entry. Only used for Entries with types in the EntryType enum.", "type": "string", "enum": [ { "name": "EntryTypeUnspecified", "description": "Default unknown type.", "value": "ENTRY_TYPE_UNSPECIFIED" }, { "name": "Table", "description": "Output only. The type of entry that has a GoogleSQL schema, including logical views.", "value": "TABLE" }, { "name": "Model", "description": "Output only. The type of models. https://cloud.google.com/bigquery-ml/docs/bigqueryml-intro", "value": "MODEL" }, { "name": "DataStream", "description": "Output only. An entry type which is used for streaming entries. Example: Pub/Sub topic.", "value": "DATA_STREAM" }, { "name": "Fileset", "description": "An entry type which is a set of files or objects. Example: Cloud Storage fileset.", "value": "FILESET" } ] }, "google-native:datacatalog/v1beta1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:datacatalog/v1beta1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:datacatalog/v1beta1:GoogleCloudDatacatalogV1beta1BigQueryDateShardedSpec": { "description": "Spec for a group of BigQuery tables with name pattern `[prefix]YYYYMMDD`. Context: https://cloud.google.com/bigquery/docs/partitioned-tables#partitioning_versus_sharding", "type": "object" }, "google-native:datacatalog/v1beta1:GoogleCloudDatacatalogV1beta1BigQueryDateShardedSpecResponse": { "description": "Spec for a group of BigQuery tables with name pattern `[prefix]YYYYMMDD`. Context: https://cloud.google.com/bigquery/docs/partitioned-tables#partitioning_versus_sharding", "properties": { "dataset": { "type": "string", "description": "The Data Catalog resource name of the dataset entry the current table belongs to, for example, `projects/{project_id}/locations/{location}/entrygroups/{entry_group_id}/entries/{entry_id}`." }, "shardCount": { "type": "string", "description": "Total number of shards." }, "tablePrefix": { "type": "string", "description": "The table name prefix of the shards. The name of any given shard is `[table_prefix]YYYYMMDD`, for example, for shard `MyTable20180101`, the `table_prefix` is `MyTable`." } }, "type": "object", "required": [ "dataset", "shardCount", "tablePrefix" ] }, "google-native:datacatalog/v1beta1:GoogleCloudDatacatalogV1beta1BigQueryTableSpec": { "description": "Describes a BigQuery table.", "properties": { "tableSpec": { "$ref": "#/types/google-native:datacatalog%2Fv1beta1:GoogleCloudDatacatalogV1beta1TableSpec", "description": "Spec of a BigQuery table. This field should only be populated if `table_source_type` is `BIGQUERY_TABLE`." }, "viewSpec": { "$ref": "#/types/google-native:datacatalog%2Fv1beta1:GoogleCloudDatacatalogV1beta1ViewSpec", "description": "Table view specification. This field should only be populated if `table_source_type` is `BIGQUERY_VIEW`." } }, "type": "object" }, "google-native:datacatalog/v1beta1:GoogleCloudDatacatalogV1beta1BigQueryTableSpecResponse": { "description": "Describes a BigQuery table.", "properties": { "tableSourceType": { "type": "string", "description": "The table source type." }, "tableSpec": { "$ref": "#/types/google-native:datacatalog%2Fv1beta1:GoogleCloudDatacatalogV1beta1TableSpecResponse", "description": "Spec of a BigQuery table. This field should only be populated if `table_source_type` is `BIGQUERY_TABLE`." }, "viewSpec": { "$ref": "#/types/google-native:datacatalog%2Fv1beta1:GoogleCloudDatacatalogV1beta1ViewSpecResponse", "description": "Table view specification. This field should only be populated if `table_source_type` is `BIGQUERY_VIEW`." } }, "type": "object", "required": [ "tableSourceType", "tableSpec", "viewSpec" ] }, "google-native:datacatalog/v1beta1:GoogleCloudDatacatalogV1beta1ColumnSchema": { "description": "Representation of a column within a schema. Columns could be nested inside other columns.", "properties": { "column": { "type": "string", "description": "Name of the column." }, "description": { "type": "string", "description": "Optional. Description of the column. Default value is an empty string." }, "mode": { "type": "string", "description": "Optional. A column's mode indicates whether the values in this column are required, nullable, etc. Only `NULLABLE`, `REQUIRED` and `REPEATED` are supported. Default mode is `NULLABLE`." }, "subcolumns": { "type": "array", "items": { "$ref": "#/types/google-native:datacatalog%2Fv1beta1:GoogleCloudDatacatalogV1beta1ColumnSchema" }, "description": "Optional. Schema of sub-columns. A column can have zero or more sub-columns." }, "type": { "type": "string", "description": "Type of the column." } }, "type": "object", "required": [ "column", "type" ] }, "google-native:datacatalog/v1beta1:GoogleCloudDatacatalogV1beta1ColumnSchemaResponse": { "description": "Representation of a column within a schema. Columns could be nested inside other columns.", "properties": { "column": { "type": "string", "description": "Name of the column." }, "description": { "type": "string", "description": "Optional. Description of the column. Default value is an empty string." }, "mode": { "type": "string", "description": "Optional. A column's mode indicates whether the values in this column are required, nullable, etc. Only `NULLABLE`, `REQUIRED` and `REPEATED` are supported. Default mode is `NULLABLE`." }, "subcolumns": { "type": "array", "items": { "$ref": "#/types/google-native:datacatalog%2Fv1beta1:GoogleCloudDatacatalogV1beta1ColumnSchemaResponse" }, "description": "Optional. Schema of sub-columns. A column can have zero or more sub-columns." }, "type": { "type": "string", "description": "Type of the column." } }, "type": "object", "required": [ "column", "description", "mode", "subcolumns", "type" ] }, "google-native:datacatalog/v1beta1:GoogleCloudDatacatalogV1beta1GcsFileSpecResponse": { "description": "Specifications of a single file in Cloud Storage.", "properties": { "filePath": { "type": "string", "description": "The full file path. Example: `gs://bucket_name/a/b.txt`." }, "gcsTimestamps": { "$ref": "#/types/google-native:datacatalog%2Fv1beta1:GoogleCloudDatacatalogV1beta1SystemTimestampsResponse", "description": "Timestamps about the Cloud Storage file." }, "sizeBytes": { "type": "string", "description": "The size of the file, in bytes." } }, "type": "object", "required": [ "filePath", "gcsTimestamps", "sizeBytes" ] }, "google-native:datacatalog/v1beta1:GoogleCloudDatacatalogV1beta1GcsFilesetSpec": { "description": "Describes a Cloud Storage fileset entry.", "properties": { "filePatterns": { "type": "array", "items": { "type": "string" }, "description": "Patterns to identify a set of files in Google Cloud Storage. See [Cloud Storage documentation](https://cloud.google.com/storage/docs/gsutil/addlhelp/WildcardNames) for more information. Note that bucket wildcards are currently not supported. Examples of valid file_patterns: * `gs://bucket_name/dir/*`: matches all files within `bucket_name/dir` directory. * `gs://bucket_name/dir/**`: matches all files in `bucket_name/dir` spanning all subdirectories. * `gs://bucket_name/file*`: matches files prefixed by `file` in `bucket_name` * `gs://bucket_name/??.txt`: matches files with two characters followed by `.txt` in `bucket_name` * `gs://bucket_name/[aeiou].txt`: matches files that contain a single vowel character followed by `.txt` in `bucket_name` * `gs://bucket_name/[a-m].txt`: matches files that contain `a`, `b`, ... or `m` followed by `.txt` in `bucket_name` * `gs://bucket_name/a/*/b`: matches all files in `bucket_name` that match `a/*/b` pattern, such as `a/c/b`, `a/d/b` * `gs://another_bucket/a.txt`: matches `gs://another_bucket/a.txt` You can combine wildcards to provide more powerful matches, for example: * `gs://bucket_name/[a-m]??.j*g`" } }, "type": "object", "required": [ "filePatterns" ] }, "google-native:datacatalog/v1beta1:GoogleCloudDatacatalogV1beta1GcsFilesetSpecResponse": { "description": "Describes a Cloud Storage fileset entry.", "properties": { "filePatterns": { "type": "array", "items": { "type": "string" }, "description": "Patterns to identify a set of files in Google Cloud Storage. See [Cloud Storage documentation](https://cloud.google.com/storage/docs/gsutil/addlhelp/WildcardNames) for more information. Note that bucket wildcards are currently not supported. Examples of valid file_patterns: * `gs://bucket_name/dir/*`: matches all files within `bucket_name/dir` directory. * `gs://bucket_name/dir/**`: matches all files in `bucket_name/dir` spanning all subdirectories. * `gs://bucket_name/file*`: matches files prefixed by `file` in `bucket_name` * `gs://bucket_name/??.txt`: matches files with two characters followed by `.txt` in `bucket_name` * `gs://bucket_name/[aeiou].txt`: matches files that contain a single vowel character followed by `.txt` in `bucket_name` * `gs://bucket_name/[a-m].txt`: matches files that contain `a`, `b`, ... or `m` followed by `.txt` in `bucket_name` * `gs://bucket_name/a/*/b`: matches all files in `bucket_name` that match `a/*/b` pattern, such as `a/c/b`, `a/d/b` * `gs://another_bucket/a.txt`: matches `gs://another_bucket/a.txt` You can combine wildcards to provide more powerful matches, for example: * `gs://bucket_name/[a-m]??.j*g`" }, "sampleGcsFileSpecs": { "type": "array", "items": { "$ref": "#/types/google-native:datacatalog%2Fv1beta1:GoogleCloudDatacatalogV1beta1GcsFileSpecResponse" }, "description": "Sample files contained in this fileset, not all files contained in this fileset are represented here." } }, "type": "object", "required": [ "filePatterns", "sampleGcsFileSpecs" ] }, "google-native:datacatalog/v1beta1:GoogleCloudDatacatalogV1beta1Schema": { "description": "Represents a schema (e.g. BigQuery, GoogleSQL, Avro schema).", "properties": { "columns": { "type": "array", "items": { "$ref": "#/types/google-native:datacatalog%2Fv1beta1:GoogleCloudDatacatalogV1beta1ColumnSchema" }, "description": "Schema of columns. A maximum of 10,000 columns and sub-columns can be specified." } }, "type": "object", "required": [ "columns" ] }, "google-native:datacatalog/v1beta1:GoogleCloudDatacatalogV1beta1SchemaResponse": { "description": "Represents a schema (e.g. BigQuery, GoogleSQL, Avro schema).", "properties": { "columns": { "type": "array", "items": { "$ref": "#/types/google-native:datacatalog%2Fv1beta1:GoogleCloudDatacatalogV1beta1ColumnSchemaResponse" }, "description": "Schema of columns. A maximum of 10,000 columns and sub-columns can be specified." } }, "type": "object", "required": [ "columns" ] }, "google-native:datacatalog/v1beta1:GoogleCloudDatacatalogV1beta1SystemTimestampsResponse": { "description": "Timestamps about this resource according to a particular system.", "properties": { "createTime": { "type": "string", "description": "The creation time of the resource within the given system." }, "expireTime": { "type": "string", "description": "The expiration time of the resource within the given system. Currently only apllicable to BigQuery resources." }, "updateTime": { "type": "string", "description": "The last-modified time of the resource within the given system." } }, "type": "object", "required": [ "createTime", "expireTime", "updateTime" ] }, "google-native:datacatalog/v1beta1:GoogleCloudDatacatalogV1beta1TableSpec": { "description": "Normal BigQuery table spec.", "type": "object" }, "google-native:datacatalog/v1beta1:GoogleCloudDatacatalogV1beta1TableSpecResponse": { "description": "Normal BigQuery table spec.", "properties": { "groupedEntry": { "type": "string", "description": "If the table is a dated shard, i.e., with name pattern `[prefix]YYYYMMDD`, `grouped_entry` is the Data Catalog resource name of the date sharded grouped entry, for example, `projects/{project_id}/locations/{location}/entrygroups/{entry_group_id}/entries/{entry_id}`. Otherwise, `grouped_entry` is empty." } }, "type": "object", "required": [ "groupedEntry" ] }, "google-native:datacatalog/v1beta1:GoogleCloudDatacatalogV1beta1TaxonomyServiceResponse": { "description": "The source system of the Taxonomy.", "properties": { "identity": { "type": "string", "description": "The service agent for the service." }, "name": { "type": "string", "description": "The Google Cloud service name." } }, "type": "object", "required": [ "identity", "name" ] }, "google-native:datacatalog/v1beta1:GoogleCloudDatacatalogV1beta1UsageSignalResponse": { "description": "The set of all usage signals that we store in Data Catalog.", "properties": { "updateTime": { "type": "string", "description": "The timestamp of the end of the usage statistics duration." }, "usageWithinTimeRange": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Usage statistics over each of the pre-defined time ranges, supported strings for time ranges are {\"24H\", \"7D\", \"30D\"}." } }, "type": "object", "required": [ "updateTime", "usageWithinTimeRange" ] }, "google-native:datacatalog/v1beta1:GoogleCloudDatacatalogV1beta1ViewSpec": { "description": "Table view specification.", "type": "object" }, "google-native:datacatalog/v1beta1:GoogleCloudDatacatalogV1beta1ViewSpecResponse": { "description": "Table view specification.", "properties": { "viewQuery": { "type": "string", "description": "The query that defines the table view." } }, "type": "object", "required": [ "viewQuery" ] }, "google-native:datacatalog/v1beta1:TaxonomyActivatedPolicyTypesItem": { "type": "string", "enum": [ { "name": "PolicyTypeUnspecified", "description": "Unspecified policy type.", "value": "POLICY_TYPE_UNSPECIFIED" }, { "name": "FineGrainedAccessControl", "description": "Fine grained access control policy, which enables access control on tagged resources.", "value": "FINE_GRAINED_ACCESS_CONTROL" } ] }, "google-native:dataflow/v1b3:AutoscalingSettings": { "description": "Settings for WorkerPool autoscaling.", "properties": { "algorithm": { "$ref": "#/types/google-native:dataflow%2Fv1b3:AutoscalingSettingsAlgorithm", "description": "The algorithm to use for autoscaling." }, "maxNumWorkers": { "type": "integer", "description": "The maximum number of workers to cap scaling at." } }, "type": "object" }, "google-native:dataflow/v1b3:AutoscalingSettingsAlgorithm": { "description": "The algorithm to use for autoscaling.", "type": "string", "enum": [ { "name": "AutoscalingAlgorithmUnknown", "description": "The algorithm is unknown, or unspecified.", "value": "AUTOSCALING_ALGORITHM_UNKNOWN" }, { "name": "AutoscalingAlgorithmNone", "description": "Disable autoscaling.", "value": "AUTOSCALING_ALGORITHM_NONE" }, { "name": "AutoscalingAlgorithmBasic", "description": "Increase worker count over time to reduce job execution time.", "value": "AUTOSCALING_ALGORITHM_BASIC" } ] }, "google-native:dataflow/v1b3:AutoscalingSettingsResponse": { "description": "Settings for WorkerPool autoscaling.", "properties": { "algorithm": { "type": "string", "description": "The algorithm to use for autoscaling." }, "maxNumWorkers": { "type": "integer", "description": "The maximum number of workers to cap scaling at." } }, "type": "object", "required": [ "algorithm", "maxNumWorkers" ] }, "google-native:dataflow/v1b3:BigQueryIODetails": { "description": "Metadata for a BigQuery connector used by the job.", "properties": { "dataset": { "type": "string", "description": "Dataset accessed in the connection." }, "project": { "type": "string", "description": "Project accessed in the connection." }, "query": { "type": "string", "description": "Query used to access data in the connection." }, "table": { "type": "string", "description": "Table accessed in the connection." } }, "type": "object" }, "google-native:dataflow/v1b3:BigQueryIODetailsResponse": { "description": "Metadata for a BigQuery connector used by the job.", "properties": { "dataset": { "type": "string", "description": "Dataset accessed in the connection." }, "project": { "type": "string", "description": "Project accessed in the connection." }, "query": { "type": "string", "description": "Query used to access data in the connection." }, "table": { "type": "string", "description": "Table accessed in the connection." } }, "type": "object", "required": [ "dataset", "project", "query", "table" ] }, "google-native:dataflow/v1b3:BigTableIODetails": { "description": "Metadata for a Cloud Bigtable connector used by the job.", "properties": { "instanceId": { "type": "string", "description": "InstanceId accessed in the connection." }, "project": { "type": "string", "description": "ProjectId accessed in the connection." }, "tableId": { "type": "string", "description": "TableId accessed in the connection." } }, "type": "object" }, "google-native:dataflow/v1b3:BigTableIODetailsResponse": { "description": "Metadata for a Cloud Bigtable connector used by the job.", "properties": { "instanceId": { "type": "string", "description": "InstanceId accessed in the connection." }, "project": { "type": "string", "description": "ProjectId accessed in the connection." }, "tableId": { "type": "string", "description": "TableId accessed in the connection." } }, "type": "object", "required": [ "instanceId", "project", "tableId" ] }, "google-native:dataflow/v1b3:ComponentSource": { "description": "Description of an interstitial value between transforms in an execution stage.", "properties": { "name": { "type": "string", "description": "Dataflow service generated name for this source." }, "originalTransformOrCollection": { "type": "string", "description": "User name for the original user transform or collection with which this source is most closely associated." }, "userName": { "type": "string", "description": "Human-readable name for this transform; may be user or system generated." } }, "type": "object" }, "google-native:dataflow/v1b3:ComponentSourceResponse": { "description": "Description of an interstitial value between transforms in an execution stage.", "properties": { "name": { "type": "string", "description": "Dataflow service generated name for this source." }, "originalTransformOrCollection": { "type": "string", "description": "User name for the original user transform or collection with which this source is most closely associated." }, "userName": { "type": "string", "description": "Human-readable name for this transform; may be user or system generated." } }, "type": "object", "required": [ "name", "originalTransformOrCollection", "userName" ] }, "google-native:dataflow/v1b3:ComponentTransform": { "description": "Description of a transform executed as part of an execution stage.", "properties": { "name": { "type": "string", "description": "Dataflow service generated name for this source." }, "originalTransform": { "type": "string", "description": "User name for the original user transform with which this transform is most closely associated." }, "userName": { "type": "string", "description": "Human-readable name for this transform; may be user or system generated." } }, "type": "object" }, "google-native:dataflow/v1b3:ComponentTransformResponse": { "description": "Description of a transform executed as part of an execution stage.", "properties": { "name": { "type": "string", "description": "Dataflow service generated name for this source." }, "originalTransform": { "type": "string", "description": "User name for the original user transform with which this transform is most closely associated." }, "userName": { "type": "string", "description": "Human-readable name for this transform; may be user or system generated." } }, "type": "object", "required": [ "name", "originalTransform", "userName" ] }, "google-native:dataflow/v1b3:DataSamplingConfig": { "description": "Configuration options for sampling elements.", "properties": { "behaviors": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:DataSamplingConfigBehaviorsItem" }, "description": "List of given sampling behaviors to enable. For example, specifying behaviors = [ALWAYS_ON] samples in-flight elements but does not sample exceptions. Can be used to specify multiple behaviors like, behaviors = [ALWAYS_ON, EXCEPTIONS] for specifying periodic sampling and exception sampling. If DISABLED is in the list, then sampling will be disabled and ignore the other given behaviors. Ordering does not matter." } }, "type": "object" }, "google-native:dataflow/v1b3:DataSamplingConfigBehaviorsItem": { "type": "string", "enum": [ { "name": "DataSamplingBehaviorUnspecified", "description": "If given, has no effect on sampling behavior. Used as an unknown or unset sentinel value.", "value": "DATA_SAMPLING_BEHAVIOR_UNSPECIFIED" }, { "name": "Disabled", "description": "When given, disables element sampling. Has same behavior as not setting the behavior.", "value": "DISABLED" }, { "name": "AlwaysOn", "description": "When given, enables sampling in-flight from all PCollections.", "value": "ALWAYS_ON" }, { "name": "Exceptions", "description": "When given, enables sampling input elements when a user-defined DoFn causes an exception.", "value": "EXCEPTIONS" } ] }, "google-native:dataflow/v1b3:DataSamplingConfigResponse": { "description": "Configuration options for sampling elements.", "properties": { "behaviors": { "type": "array", "items": { "type": "string" }, "description": "List of given sampling behaviors to enable. For example, specifying behaviors = [ALWAYS_ON] samples in-flight elements but does not sample exceptions. Can be used to specify multiple behaviors like, behaviors = [ALWAYS_ON, EXCEPTIONS] for specifying periodic sampling and exception sampling. If DISABLED is in the list, then sampling will be disabled and ignore the other given behaviors. Ordering does not matter." } }, "type": "object", "required": [ "behaviors" ] }, "google-native:dataflow/v1b3:DatastoreIODetails": { "description": "Metadata for a Datastore connector used by the job.", "properties": { "namespace": { "type": "string", "description": "Namespace used in the connection." }, "project": { "type": "string", "description": "ProjectId accessed in the connection." } }, "type": "object" }, "google-native:dataflow/v1b3:DatastoreIODetailsResponse": { "description": "Metadata for a Datastore connector used by the job.", "properties": { "namespace": { "type": "string", "description": "Namespace used in the connection." }, "project": { "type": "string", "description": "ProjectId accessed in the connection." } }, "type": "object", "required": [ "namespace", "project" ] }, "google-native:dataflow/v1b3:DebugOptions": { "description": "Describes any options that have an effect on the debugging of pipelines.", "properties": { "dataSampling": { "$ref": "#/types/google-native:dataflow%2Fv1b3:DataSamplingConfig", "description": "Configuration options for sampling elements from a running pipeline." }, "enableHotKeyLogging": { "type": "boolean", "description": "When true, enables the logging of the literal hot key to the user's Cloud Logging." } }, "type": "object" }, "google-native:dataflow/v1b3:DebugOptionsResponse": { "description": "Describes any options that have an effect on the debugging of pipelines.", "properties": { "dataSampling": { "$ref": "#/types/google-native:dataflow%2Fv1b3:DataSamplingConfigResponse", "description": "Configuration options for sampling elements from a running pipeline." }, "enableHotKeyLogging": { "type": "boolean", "description": "When true, enables the logging of the literal hot key to the user's Cloud Logging." } }, "type": "object", "required": [ "dataSampling", "enableHotKeyLogging" ] }, "google-native:dataflow/v1b3:Disk": { "description": "Describes the data disk used by a workflow job.", "properties": { "diskType": { "type": "string", "description": "Disk storage type, as defined by Google Compute Engine. This must be a disk type appropriate to the project and zone in which the workers will run. If unknown or unspecified, the service will attempt to choose a reasonable default. For example, the standard persistent disk type is a resource name typically ending in \"pd-standard\". If SSD persistent disks are available, the resource name typically ends with \"pd-ssd\". The actual valid values are defined the Google Compute Engine API, not by the Cloud Dataflow API; consult the Google Compute Engine documentation for more information about determining the set of available disk types for a particular project and zone. Google Compute Engine Disk types are local to a particular project in a particular zone, and so the resource name will typically look something like this: compute.googleapis.com/projects/project-id/zones/zone/diskTypes/pd-standard" }, "mountPoint": { "type": "string", "description": "Directory in a VM where disk is mounted." }, "sizeGb": { "type": "integer", "description": "Size of disk in GB. If zero or unspecified, the service will attempt to choose a reasonable default." } }, "type": "object" }, "google-native:dataflow/v1b3:DiskResponse": { "description": "Describes the data disk used by a workflow job.", "properties": { "diskType": { "type": "string", "description": "Disk storage type, as defined by Google Compute Engine. This must be a disk type appropriate to the project and zone in which the workers will run. If unknown or unspecified, the service will attempt to choose a reasonable default. For example, the standard persistent disk type is a resource name typically ending in \"pd-standard\". If SSD persistent disks are available, the resource name typically ends with \"pd-ssd\". The actual valid values are defined the Google Compute Engine API, not by the Cloud Dataflow API; consult the Google Compute Engine documentation for more information about determining the set of available disk types for a particular project and zone. Google Compute Engine Disk types are local to a particular project in a particular zone, and so the resource name will typically look something like this: compute.googleapis.com/projects/project-id/zones/zone/diskTypes/pd-standard" }, "mountPoint": { "type": "string", "description": "Directory in a VM where disk is mounted." }, "sizeGb": { "type": "integer", "description": "Size of disk in GB. If zero or unspecified, the service will attempt to choose a reasonable default." } }, "type": "object", "required": [ "diskType", "mountPoint", "sizeGb" ] }, "google-native:dataflow/v1b3:DisplayData": { "description": "Data provided with a pipeline or transform to provide descriptive info.", "properties": { "boolValue": { "type": "boolean", "description": "Contains value if the data is of a boolean type." }, "durationValue": { "type": "string", "description": "Contains value if the data is of duration type." }, "floatValue": { "type": "number", "description": "Contains value if the data is of float type." }, "int64Value": { "type": "string", "description": "Contains value if the data is of int64 type." }, "javaClassValue": { "type": "string", "description": "Contains value if the data is of java class type." }, "key": { "type": "string", "description": "The key identifying the display data. This is intended to be used as a label for the display data when viewed in a dax monitoring system." }, "label": { "type": "string", "description": "An optional label to display in a dax UI for the element." }, "namespace": { "type": "string", "description": "The namespace for the key. This is usually a class name or programming language namespace (i.e. python module) which defines the display data. This allows a dax monitoring system to specially handle the data and perform custom rendering." }, "shortStrValue": { "type": "string", "description": "A possible additional shorter value to display. For example a java_class_name_value of com.mypackage.MyDoFn will be stored with MyDoFn as the short_str_value and com.mypackage.MyDoFn as the java_class_name value. short_str_value can be displayed and java_class_name_value will be displayed as a tooltip." }, "strValue": { "type": "string", "description": "Contains value if the data is of string type." }, "timestampValue": { "type": "string", "description": "Contains value if the data is of timestamp type." }, "url": { "type": "string", "description": "An optional full URL." } }, "type": "object" }, "google-native:dataflow/v1b3:DisplayDataResponse": { "description": "Data provided with a pipeline or transform to provide descriptive info.", "properties": { "boolValue": { "type": "boolean", "description": "Contains value if the data is of a boolean type." }, "durationValue": { "type": "string", "description": "Contains value if the data is of duration type." }, "floatValue": { "type": "number", "description": "Contains value if the data is of float type." }, "int64Value": { "type": "string", "description": "Contains value if the data is of int64 type." }, "javaClassValue": { "type": "string", "description": "Contains value if the data is of java class type." }, "key": { "type": "string", "description": "The key identifying the display data. This is intended to be used as a label for the display data when viewed in a dax monitoring system." }, "label": { "type": "string", "description": "An optional label to display in a dax UI for the element." }, "namespace": { "type": "string", "description": "The namespace for the key. This is usually a class name or programming language namespace (i.e. python module) which defines the display data. This allows a dax monitoring system to specially handle the data and perform custom rendering." }, "shortStrValue": { "type": "string", "description": "A possible additional shorter value to display. For example a java_class_name_value of com.mypackage.MyDoFn will be stored with MyDoFn as the short_str_value and com.mypackage.MyDoFn as the java_class_name value. short_str_value can be displayed and java_class_name_value will be displayed as a tooltip." }, "strValue": { "type": "string", "description": "Contains value if the data is of string type." }, "timestampValue": { "type": "string", "description": "Contains value if the data is of timestamp type." }, "url": { "type": "string", "description": "An optional full URL." } }, "type": "object", "required": [ "boolValue", "durationValue", "floatValue", "int64Value", "javaClassValue", "key", "label", "namespace", "shortStrValue", "strValue", "timestampValue", "url" ] }, "google-native:dataflow/v1b3:Environment": { "description": "Describes the environment in which a Dataflow Job runs.", "properties": { "clusterManagerApiService": { "type": "string", "description": "The type of cluster manager API to use. If unknown or unspecified, the service will attempt to choose a reasonable default. This should be in the form of the API service name, e.g. \"compute.googleapis.com\"." }, "dataset": { "type": "string", "description": "The dataset for the current project where various workflow related tables are stored. The supported resource type is: Google BigQuery: bigquery.googleapis.com/{dataset}" }, "debugOptions": { "$ref": "#/types/google-native:dataflow%2Fv1b3:DebugOptions", "description": "Any debugging options to be supplied to the job." }, "experiments": { "type": "array", "items": { "type": "string" }, "description": "The list of experiments to enable. This field should be used for SDK related experiments and not for service related experiments. The proper field for service related experiments is service_options." }, "flexResourceSchedulingGoal": { "$ref": "#/types/google-native:dataflow%2Fv1b3:EnvironmentFlexResourceSchedulingGoal", "description": "Which Flexible Resource Scheduling mode to run in." }, "internalExperiments": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Experimental settings." }, "sdkPipelineOptions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The Cloud Dataflow SDK pipeline options specified by the user. These options are passed through the service and are used to recreate the SDK pipeline options on the worker in a language agnostic and platform independent way." }, "serviceAccountEmail": { "type": "string", "description": "Identity to run virtual machines as. Defaults to the default account." }, "serviceKmsKeyName": { "type": "string", "description": "If set, contains the Cloud KMS key identifier used to encrypt data at rest, AKA a Customer Managed Encryption Key (CMEK). Format: projects/PROJECT_ID/locations/LOCATION/keyRings/KEY_RING/cryptoKeys/KEY" }, "serviceOptions": { "type": "array", "items": { "type": "string" }, "description": "The list of service options to enable. This field should be used for service related experiments only. These experiments, when graduating to GA, should be replaced by dedicated fields or become default (i.e. always on)." }, "tempStoragePrefix": { "type": "string", "description": "The prefix of the resources the system should use for temporary storage. The system will append the suffix \"/temp-{JOBNAME} to this resource prefix, where {JOBNAME} is the value of the job_name field. The resulting bucket and object prefix is used as the prefix of the resources used to store temporary data needed during the job execution. NOTE: This will override the value in taskrunner_settings. The supported resource type is: Google Cloud Storage: storage.googleapis.com/{bucket}/{object} bucket.storage.googleapis.com/{object}" }, "userAgent": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A description of the process that generated the request." }, "version": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A structure describing which components and their versions of the service are required in order to run the job." }, "workerPools": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:WorkerPool" }, "description": "The worker pools. At least one \"harness\" worker pool must be specified in order for the job to have workers." }, "workerRegion": { "type": "string", "description": "The Compute Engine region (https://cloud.google.com/compute/docs/regions-zones/regions-zones) in which worker processing should occur, e.g. \"us-west1\". Mutually exclusive with worker_zone. If neither worker_region nor worker_zone is specified, default to the control plane's region." }, "workerZone": { "type": "string", "description": "The Compute Engine zone (https://cloud.google.com/compute/docs/regions-zones/regions-zones) in which worker processing should occur, e.g. \"us-west1-a\". Mutually exclusive with worker_region. If neither worker_region nor worker_zone is specified, a zone in the control plane's region is chosen based on available capacity." } }, "type": "object" }, "google-native:dataflow/v1b3:EnvironmentFlexResourceSchedulingGoal": { "description": "Which Flexible Resource Scheduling mode to run in.", "type": "string", "enum": [ { "name": "FlexrsUnspecified", "description": "Run in the default mode.", "value": "FLEXRS_UNSPECIFIED" }, { "name": "FlexrsSpeedOptimized", "description": "Optimize for lower execution time.", "value": "FLEXRS_SPEED_OPTIMIZED" }, { "name": "FlexrsCostOptimized", "description": "Optimize for lower cost.", "value": "FLEXRS_COST_OPTIMIZED" } ] }, "google-native:dataflow/v1b3:EnvironmentResponse": { "description": "Describes the environment in which a Dataflow Job runs.", "properties": { "clusterManagerApiService": { "type": "string", "description": "The type of cluster manager API to use. If unknown or unspecified, the service will attempt to choose a reasonable default. This should be in the form of the API service name, e.g. \"compute.googleapis.com\"." }, "dataset": { "type": "string", "description": "The dataset for the current project where various workflow related tables are stored. The supported resource type is: Google BigQuery: bigquery.googleapis.com/{dataset}" }, "debugOptions": { "$ref": "#/types/google-native:dataflow%2Fv1b3:DebugOptionsResponse", "description": "Any debugging options to be supplied to the job." }, "experiments": { "type": "array", "items": { "type": "string" }, "description": "The list of experiments to enable. This field should be used for SDK related experiments and not for service related experiments. The proper field for service related experiments is service_options." }, "flexResourceSchedulingGoal": { "type": "string", "description": "Which Flexible Resource Scheduling mode to run in." }, "internalExperiments": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Experimental settings." }, "sdkPipelineOptions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The Cloud Dataflow SDK pipeline options specified by the user. These options are passed through the service and are used to recreate the SDK pipeline options on the worker in a language agnostic and platform independent way." }, "serviceAccountEmail": { "type": "string", "description": "Identity to run virtual machines as. Defaults to the default account." }, "serviceKmsKeyName": { "type": "string", "description": "If set, contains the Cloud KMS key identifier used to encrypt data at rest, AKA a Customer Managed Encryption Key (CMEK). Format: projects/PROJECT_ID/locations/LOCATION/keyRings/KEY_RING/cryptoKeys/KEY" }, "serviceOptions": { "type": "array", "items": { "type": "string" }, "description": "The list of service options to enable. This field should be used for service related experiments only. These experiments, when graduating to GA, should be replaced by dedicated fields or become default (i.e. always on)." }, "shuffleMode": { "type": "string", "description": "The shuffle mode used for the job." }, "tempStoragePrefix": { "type": "string", "description": "The prefix of the resources the system should use for temporary storage. The system will append the suffix \"/temp-{JOBNAME} to this resource prefix, where {JOBNAME} is the value of the job_name field. The resulting bucket and object prefix is used as the prefix of the resources used to store temporary data needed during the job execution. NOTE: This will override the value in taskrunner_settings. The supported resource type is: Google Cloud Storage: storage.googleapis.com/{bucket}/{object} bucket.storage.googleapis.com/{object}" }, "useStreamingEngineResourceBasedBilling": { "type": "boolean", "description": "Whether the job uses the new streaming engine billing model based on resource usage." }, "userAgent": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A description of the process that generated the request." }, "version": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A structure describing which components and their versions of the service are required in order to run the job." }, "workerPools": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:WorkerPoolResponse" }, "description": "The worker pools. At least one \"harness\" worker pool must be specified in order for the job to have workers." }, "workerRegion": { "type": "string", "description": "The Compute Engine region (https://cloud.google.com/compute/docs/regions-zones/regions-zones) in which worker processing should occur, e.g. \"us-west1\". Mutually exclusive with worker_zone. If neither worker_region nor worker_zone is specified, default to the control plane's region." }, "workerZone": { "type": "string", "description": "The Compute Engine zone (https://cloud.google.com/compute/docs/regions-zones/regions-zones) in which worker processing should occur, e.g. \"us-west1-a\". Mutually exclusive with worker_region. If neither worker_region nor worker_zone is specified, a zone in the control plane's region is chosen based on available capacity." } }, "type": "object", "required": [ "clusterManagerApiService", "dataset", "debugOptions", "experiments", "flexResourceSchedulingGoal", "internalExperiments", "sdkPipelineOptions", "serviceAccountEmail", "serviceKmsKeyName", "serviceOptions", "shuffleMode", "tempStoragePrefix", "useStreamingEngineResourceBasedBilling", "userAgent", "version", "workerPools", "workerRegion", "workerZone" ] }, "google-native:dataflow/v1b3:ExecutionStageState": { "description": "A message describing the state of a particular execution stage.", "properties": { "currentStateTime": { "type": "string", "description": "The time at which the stage transitioned to this state." }, "executionStageName": { "type": "string", "description": "The name of the execution stage." }, "executionStageState": { "$ref": "#/types/google-native:dataflow%2Fv1b3:ExecutionStageStateExecutionStageState", "description": "Executions stage states allow the same set of values as JobState." } }, "type": "object" }, "google-native:dataflow/v1b3:ExecutionStageStateExecutionStageState": { "description": "Executions stage states allow the same set of values as JobState.", "type": "string", "enum": [ { "name": "JobStateUnknown", "description": "The job's run state isn't specified.", "value": "JOB_STATE_UNKNOWN" }, { "name": "JobStateStopped", "description": "`JOB_STATE_STOPPED` indicates that the job has not yet started to run.", "value": "JOB_STATE_STOPPED" }, { "name": "JobStateRunning", "description": "`JOB_STATE_RUNNING` indicates that the job is currently running.", "value": "JOB_STATE_RUNNING" }, { "name": "JobStateDone", "description": "`JOB_STATE_DONE` indicates that the job has successfully completed. This is a terminal job state. This state may be set by the Cloud Dataflow service, as a transition from `JOB_STATE_RUNNING`. It may also be set via a Cloud Dataflow `UpdateJob` call, if the job has not yet reached a terminal state.", "value": "JOB_STATE_DONE" }, { "name": "JobStateFailed", "description": "`JOB_STATE_FAILED` indicates that the job has failed. This is a terminal job state. This state may only be set by the Cloud Dataflow service, and only as a transition from `JOB_STATE_RUNNING`.", "value": "JOB_STATE_FAILED" }, { "name": "JobStateCancelled", "description": "`JOB_STATE_CANCELLED` indicates that the job has been explicitly cancelled. This is a terminal job state. This state may only be set via a Cloud Dataflow `UpdateJob` call, and only if the job has not yet reached another terminal state.", "value": "JOB_STATE_CANCELLED" }, { "name": "JobStateUpdated", "description": "`JOB_STATE_UPDATED` indicates that the job was successfully updated, meaning that this job was stopped and another job was started, inheriting state from this one. This is a terminal job state. This state may only be set by the Cloud Dataflow service, and only as a transition from `JOB_STATE_RUNNING`.", "value": "JOB_STATE_UPDATED" }, { "name": "JobStateDraining", "description": "`JOB_STATE_DRAINING` indicates that the job is in the process of draining. A draining job has stopped pulling from its input sources and is processing any data that remains in-flight. This state may be set via a Cloud Dataflow `UpdateJob` call, but only as a transition from `JOB_STATE_RUNNING`. Jobs that are draining may only transition to `JOB_STATE_DRAINED`, `JOB_STATE_CANCELLED`, or `JOB_STATE_FAILED`.", "value": "JOB_STATE_DRAINING" }, { "name": "JobStateDrained", "description": "`JOB_STATE_DRAINED` indicates that the job has been drained. A drained job terminated by stopping pulling from its input sources and processing any data that remained in-flight when draining was requested. This state is a terminal state, may only be set by the Cloud Dataflow service, and only as a transition from `JOB_STATE_DRAINING`.", "value": "JOB_STATE_DRAINED" }, { "name": "JobStatePending", "description": "`JOB_STATE_PENDING` indicates that the job has been created but is not yet running. Jobs that are pending may only transition to `JOB_STATE_RUNNING`, or `JOB_STATE_FAILED`.", "value": "JOB_STATE_PENDING" }, { "name": "JobStateCancelling", "description": "`JOB_STATE_CANCELLING` indicates that the job has been explicitly cancelled and is in the process of stopping. Jobs that are cancelling may only transition to `JOB_STATE_CANCELLED` or `JOB_STATE_FAILED`.", "value": "JOB_STATE_CANCELLING" }, { "name": "JobStateQueued", "description": "`JOB_STATE_QUEUED` indicates that the job has been created but is being delayed until launch. Jobs that are queued may only transition to `JOB_STATE_PENDING` or `JOB_STATE_CANCELLED`.", "value": "JOB_STATE_QUEUED" }, { "name": "JobStateResourceCleaningUp", "description": "`JOB_STATE_RESOURCE_CLEANING_UP` indicates that the batch job's associated resources are currently being cleaned up after a successful run. Currently, this is an opt-in feature, please reach out to Cloud support team if you are interested.", "value": "JOB_STATE_RESOURCE_CLEANING_UP" } ] }, "google-native:dataflow/v1b3:ExecutionStageStateResponse": { "description": "A message describing the state of a particular execution stage.", "properties": { "currentStateTime": { "type": "string", "description": "The time at which the stage transitioned to this state." }, "executionStageName": { "type": "string", "description": "The name of the execution stage." }, "executionStageState": { "type": "string", "description": "Executions stage states allow the same set of values as JobState." } }, "type": "object", "required": [ "currentStateTime", "executionStageName", "executionStageState" ] }, "google-native:dataflow/v1b3:ExecutionStageSummary": { "description": "Description of the composing transforms, names/ids, and input/outputs of a stage of execution. Some composing transforms and sources may have been generated by the Dataflow service during execution planning.", "properties": { "componentSource": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:ComponentSource" }, "description": "Collections produced and consumed by component transforms of this stage." }, "componentTransform": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:ComponentTransform" }, "description": "Transforms that comprise this execution stage." }, "id": { "type": "string", "description": "Dataflow service generated id for this stage." }, "inputSource": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:StageSource" }, "description": "Input sources for this stage." }, "kind": { "$ref": "#/types/google-native:dataflow%2Fv1b3:ExecutionStageSummaryKind", "description": "Type of transform this stage is executing." }, "name": { "type": "string", "description": "Dataflow service generated name for this stage." }, "outputSource": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:StageSource" }, "description": "Output sources for this stage." }, "prerequisiteStage": { "type": "array", "items": { "type": "string" }, "description": "Other stages that must complete before this stage can run." } }, "type": "object" }, "google-native:dataflow/v1b3:ExecutionStageSummaryKind": { "description": "Type of transform this stage is executing.", "type": "string", "enum": [ { "name": "UnknownKind", "description": "Unrecognized transform type.", "value": "UNKNOWN_KIND" }, { "name": "ParDoKind", "description": "ParDo transform.", "value": "PAR_DO_KIND" }, { "name": "GroupByKeyKind", "description": "Group By Key transform.", "value": "GROUP_BY_KEY_KIND" }, { "name": "FlattenKind", "description": "Flatten transform.", "value": "FLATTEN_KIND" }, { "name": "ReadKind", "description": "Read transform.", "value": "READ_KIND" }, { "name": "WriteKind", "description": "Write transform.", "value": "WRITE_KIND" }, { "name": "ConstantKind", "description": "Constructs from a constant value, such as with Create.of.", "value": "CONSTANT_KIND" }, { "name": "SingletonKind", "description": "Creates a Singleton view of a collection.", "value": "SINGLETON_KIND" }, { "name": "ShuffleKind", "description": "Opening or closing a shuffle session, often as part of a GroupByKey.", "value": "SHUFFLE_KIND" } ] }, "google-native:dataflow/v1b3:ExecutionStageSummaryResponse": { "description": "Description of the composing transforms, names/ids, and input/outputs of a stage of execution. Some composing transforms and sources may have been generated by the Dataflow service during execution planning.", "properties": { "componentSource": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:ComponentSourceResponse" }, "description": "Collections produced and consumed by component transforms of this stage." }, "componentTransform": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:ComponentTransformResponse" }, "description": "Transforms that comprise this execution stage." }, "inputSource": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:StageSourceResponse" }, "description": "Input sources for this stage." }, "kind": { "type": "string", "description": "Type of transform this stage is executing." }, "name": { "type": "string", "description": "Dataflow service generated name for this stage." }, "outputSource": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:StageSourceResponse" }, "description": "Output sources for this stage." }, "prerequisiteStage": { "type": "array", "items": { "type": "string" }, "description": "Other stages that must complete before this stage can run." } }, "type": "object", "required": [ "componentSource", "componentTransform", "inputSource", "kind", "name", "outputSource", "prerequisiteStage" ] }, "google-native:dataflow/v1b3:FileIODetails": { "description": "Metadata for a File connector used by the job.", "properties": { "filePattern": { "type": "string", "description": "File Pattern used to access files by the connector." } }, "type": "object" }, "google-native:dataflow/v1b3:FileIODetailsResponse": { "description": "Metadata for a File connector used by the job.", "properties": { "filePattern": { "type": "string", "description": "File Pattern used to access files by the connector." } }, "type": "object", "required": [ "filePattern" ] }, "google-native:dataflow/v1b3:JobCurrentState": { "description": "The current state of the job. Jobs are created in the `JOB_STATE_STOPPED` state unless otherwise specified. A job in the `JOB_STATE_RUNNING` state may asynchronously enter a terminal state. After a job has reached a terminal state, no further state updates may be made. This field may be mutated by the Cloud Dataflow service; callers cannot mutate it.", "type": "string", "enum": [ { "name": "JobStateUnknown", "description": "The job's run state isn't specified.", "value": "JOB_STATE_UNKNOWN" }, { "name": "JobStateStopped", "description": "`JOB_STATE_STOPPED` indicates that the job has not yet started to run.", "value": "JOB_STATE_STOPPED" }, { "name": "JobStateRunning", "description": "`JOB_STATE_RUNNING` indicates that the job is currently running.", "value": "JOB_STATE_RUNNING" }, { "name": "JobStateDone", "description": "`JOB_STATE_DONE` indicates that the job has successfully completed. This is a terminal job state. This state may be set by the Cloud Dataflow service, as a transition from `JOB_STATE_RUNNING`. It may also be set via a Cloud Dataflow `UpdateJob` call, if the job has not yet reached a terminal state.", "value": "JOB_STATE_DONE" }, { "name": "JobStateFailed", "description": "`JOB_STATE_FAILED` indicates that the job has failed. This is a terminal job state. This state may only be set by the Cloud Dataflow service, and only as a transition from `JOB_STATE_RUNNING`.", "value": "JOB_STATE_FAILED" }, { "name": "JobStateCancelled", "description": "`JOB_STATE_CANCELLED` indicates that the job has been explicitly cancelled. This is a terminal job state. This state may only be set via a Cloud Dataflow `UpdateJob` call, and only if the job has not yet reached another terminal state.", "value": "JOB_STATE_CANCELLED" }, { "name": "JobStateUpdated", "description": "`JOB_STATE_UPDATED` indicates that the job was successfully updated, meaning that this job was stopped and another job was started, inheriting state from this one. This is a terminal job state. This state may only be set by the Cloud Dataflow service, and only as a transition from `JOB_STATE_RUNNING`.", "value": "JOB_STATE_UPDATED" }, { "name": "JobStateDraining", "description": "`JOB_STATE_DRAINING` indicates that the job is in the process of draining. A draining job has stopped pulling from its input sources and is processing any data that remains in-flight. This state may be set via a Cloud Dataflow `UpdateJob` call, but only as a transition from `JOB_STATE_RUNNING`. Jobs that are draining may only transition to `JOB_STATE_DRAINED`, `JOB_STATE_CANCELLED`, or `JOB_STATE_FAILED`.", "value": "JOB_STATE_DRAINING" }, { "name": "JobStateDrained", "description": "`JOB_STATE_DRAINED` indicates that the job has been drained. A drained job terminated by stopping pulling from its input sources and processing any data that remained in-flight when draining was requested. This state is a terminal state, may only be set by the Cloud Dataflow service, and only as a transition from `JOB_STATE_DRAINING`.", "value": "JOB_STATE_DRAINED" }, { "name": "JobStatePending", "description": "`JOB_STATE_PENDING` indicates that the job has been created but is not yet running. Jobs that are pending may only transition to `JOB_STATE_RUNNING`, or `JOB_STATE_FAILED`.", "value": "JOB_STATE_PENDING" }, { "name": "JobStateCancelling", "description": "`JOB_STATE_CANCELLING` indicates that the job has been explicitly cancelled and is in the process of stopping. Jobs that are cancelling may only transition to `JOB_STATE_CANCELLED` or `JOB_STATE_FAILED`.", "value": "JOB_STATE_CANCELLING" }, { "name": "JobStateQueued", "description": "`JOB_STATE_QUEUED` indicates that the job has been created but is being delayed until launch. Jobs that are queued may only transition to `JOB_STATE_PENDING` or `JOB_STATE_CANCELLED`.", "value": "JOB_STATE_QUEUED" }, { "name": "JobStateResourceCleaningUp", "description": "`JOB_STATE_RESOURCE_CLEANING_UP` indicates that the batch job's associated resources are currently being cleaned up after a successful run. Currently, this is an opt-in feature, please reach out to Cloud support team if you are interested.", "value": "JOB_STATE_RESOURCE_CLEANING_UP" } ] }, "google-native:dataflow/v1b3:JobExecutionInfo": { "description": "Additional information about how a Cloud Dataflow job will be executed that isn't contained in the submitted job.", "properties": { "stages": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping from each stage to the information about that stage." } }, "type": "object" }, "google-native:dataflow/v1b3:JobExecutionInfoResponse": { "description": "Additional information about how a Cloud Dataflow job will be executed that isn't contained in the submitted job.", "properties": { "stages": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping from each stage to the information about that stage." } }, "type": "object", "required": [ "stages" ] }, "google-native:dataflow/v1b3:JobMetadata": { "description": "Metadata available primarily for filtering jobs. Will be included in the ListJob response and Job SUMMARY view.", "properties": { "bigTableDetails": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:BigTableIODetails" }, "description": "Identification of a Cloud Bigtable source used in the Dataflow job." }, "bigqueryDetails": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:BigQueryIODetails" }, "description": "Identification of a BigQuery source used in the Dataflow job." }, "datastoreDetails": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:DatastoreIODetails" }, "description": "Identification of a Datastore source used in the Dataflow job." }, "fileDetails": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:FileIODetails" }, "description": "Identification of a File source used in the Dataflow job." }, "pubsubDetails": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:PubSubIODetails" }, "description": "Identification of a Pub/Sub source used in the Dataflow job." }, "sdkVersion": { "$ref": "#/types/google-native:dataflow%2Fv1b3:SdkVersion", "description": "The SDK version used to run the job." }, "spannerDetails": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:SpannerIODetails" }, "description": "Identification of a Spanner source used in the Dataflow job." }, "userDisplayProperties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "List of display properties to help UI filter jobs." } }, "type": "object" }, "google-native:dataflow/v1b3:JobMetadataResponse": { "description": "Metadata available primarily for filtering jobs. Will be included in the ListJob response and Job SUMMARY view.", "properties": { "bigTableDetails": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:BigTableIODetailsResponse" }, "description": "Identification of a Cloud Bigtable source used in the Dataflow job." }, "bigqueryDetails": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:BigQueryIODetailsResponse" }, "description": "Identification of a BigQuery source used in the Dataflow job." }, "datastoreDetails": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:DatastoreIODetailsResponse" }, "description": "Identification of a Datastore source used in the Dataflow job." }, "fileDetails": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:FileIODetailsResponse" }, "description": "Identification of a File source used in the Dataflow job." }, "pubsubDetails": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:PubSubIODetailsResponse" }, "description": "Identification of a Pub/Sub source used in the Dataflow job." }, "sdkVersion": { "$ref": "#/types/google-native:dataflow%2Fv1b3:SdkVersionResponse", "description": "The SDK version used to run the job." }, "spannerDetails": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:SpannerIODetailsResponse" }, "description": "Identification of a Spanner source used in the Dataflow job." }, "userDisplayProperties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "List of display properties to help UI filter jobs." } }, "type": "object", "required": [ "bigTableDetails", "bigqueryDetails", "datastoreDetails", "fileDetails", "pubsubDetails", "sdkVersion", "spannerDetails", "userDisplayProperties" ] }, "google-native:dataflow/v1b3:JobRequestedState": { "description": "The job's requested state. Applies to `UpdateJob` requests. Set `requested_state` with `UpdateJob` requests to switch between the states `JOB_STATE_STOPPED` and `JOB_STATE_RUNNING`. You can also use `UpdateJob` requests to change a job's state from `JOB_STATE_RUNNING` to `JOB_STATE_CANCELLED`, `JOB_STATE_DONE`, or `JOB_STATE_DRAINED`. These states irrevocably terminate the job if it hasn't already reached a terminal state. This field has no effect on `CreateJob` requests.", "type": "string", "enum": [ { "name": "JobStateUnknown", "description": "The job's run state isn't specified.", "value": "JOB_STATE_UNKNOWN" }, { "name": "JobStateStopped", "description": "`JOB_STATE_STOPPED` indicates that the job has not yet started to run.", "value": "JOB_STATE_STOPPED" }, { "name": "JobStateRunning", "description": "`JOB_STATE_RUNNING` indicates that the job is currently running.", "value": "JOB_STATE_RUNNING" }, { "name": "JobStateDone", "description": "`JOB_STATE_DONE` indicates that the job has successfully completed. This is a terminal job state. This state may be set by the Cloud Dataflow service, as a transition from `JOB_STATE_RUNNING`. It may also be set via a Cloud Dataflow `UpdateJob` call, if the job has not yet reached a terminal state.", "value": "JOB_STATE_DONE" }, { "name": "JobStateFailed", "description": "`JOB_STATE_FAILED` indicates that the job has failed. This is a terminal job state. This state may only be set by the Cloud Dataflow service, and only as a transition from `JOB_STATE_RUNNING`.", "value": "JOB_STATE_FAILED" }, { "name": "JobStateCancelled", "description": "`JOB_STATE_CANCELLED` indicates that the job has been explicitly cancelled. This is a terminal job state. This state may only be set via a Cloud Dataflow `UpdateJob` call, and only if the job has not yet reached another terminal state.", "value": "JOB_STATE_CANCELLED" }, { "name": "JobStateUpdated", "description": "`JOB_STATE_UPDATED` indicates that the job was successfully updated, meaning that this job was stopped and another job was started, inheriting state from this one. This is a terminal job state. This state may only be set by the Cloud Dataflow service, and only as a transition from `JOB_STATE_RUNNING`.", "value": "JOB_STATE_UPDATED" }, { "name": "JobStateDraining", "description": "`JOB_STATE_DRAINING` indicates that the job is in the process of draining. A draining job has stopped pulling from its input sources and is processing any data that remains in-flight. This state may be set via a Cloud Dataflow `UpdateJob` call, but only as a transition from `JOB_STATE_RUNNING`. Jobs that are draining may only transition to `JOB_STATE_DRAINED`, `JOB_STATE_CANCELLED`, or `JOB_STATE_FAILED`.", "value": "JOB_STATE_DRAINING" }, { "name": "JobStateDrained", "description": "`JOB_STATE_DRAINED` indicates that the job has been drained. A drained job terminated by stopping pulling from its input sources and processing any data that remained in-flight when draining was requested. This state is a terminal state, may only be set by the Cloud Dataflow service, and only as a transition from `JOB_STATE_DRAINING`.", "value": "JOB_STATE_DRAINED" }, { "name": "JobStatePending", "description": "`JOB_STATE_PENDING` indicates that the job has been created but is not yet running. Jobs that are pending may only transition to `JOB_STATE_RUNNING`, or `JOB_STATE_FAILED`.", "value": "JOB_STATE_PENDING" }, { "name": "JobStateCancelling", "description": "`JOB_STATE_CANCELLING` indicates that the job has been explicitly cancelled and is in the process of stopping. Jobs that are cancelling may only transition to `JOB_STATE_CANCELLED` or `JOB_STATE_FAILED`.", "value": "JOB_STATE_CANCELLING" }, { "name": "JobStateQueued", "description": "`JOB_STATE_QUEUED` indicates that the job has been created but is being delayed until launch. Jobs that are queued may only transition to `JOB_STATE_PENDING` or `JOB_STATE_CANCELLED`.", "value": "JOB_STATE_QUEUED" }, { "name": "JobStateResourceCleaningUp", "description": "`JOB_STATE_RESOURCE_CLEANING_UP` indicates that the batch job's associated resources are currently being cleaned up after a successful run. Currently, this is an opt-in feature, please reach out to Cloud support team if you are interested.", "value": "JOB_STATE_RESOURCE_CLEANING_UP" } ] }, "google-native:dataflow/v1b3:JobType": { "description": "The type of Cloud Dataflow job.", "type": "string", "enum": [ { "name": "JobTypeUnknown", "description": "The type of the job is unspecified, or unknown.", "value": "JOB_TYPE_UNKNOWN" }, { "name": "JobTypeBatch", "description": "A batch job with a well-defined end point: data is read, data is processed, data is written, and the job is done.", "value": "JOB_TYPE_BATCH" }, { "name": "JobTypeStreaming", "description": "A continuously streaming job with no end: data is read, processed, and written continuously.", "value": "JOB_TYPE_STREAMING" } ] }, "google-native:dataflow/v1b3:Package": { "description": "The packages that must be installed in order for a worker to run the steps of the Cloud Dataflow job that will be assigned to its worker pool. This is the mechanism by which the Cloud Dataflow SDK causes code to be loaded onto the workers. For example, the Cloud Dataflow Java SDK might use this to install jars containing the user's code and all of the various dependencies (libraries, data files, etc.) required in order for that code to run.", "properties": { "location": { "type": "string", "description": "The resource to read the package from. The supported resource type is: Google Cloud Storage: storage.googleapis.com/{bucket} bucket.storage.googleapis.com/" }, "name": { "type": "string", "description": "The name of the package." } }, "type": "object" }, "google-native:dataflow/v1b3:PackageResponse": { "description": "The packages that must be installed in order for a worker to run the steps of the Cloud Dataflow job that will be assigned to its worker pool. This is the mechanism by which the Cloud Dataflow SDK causes code to be loaded onto the workers. For example, the Cloud Dataflow Java SDK might use this to install jars containing the user's code and all of the various dependencies (libraries, data files, etc.) required in order for that code to run.", "properties": { "location": { "type": "string", "description": "The resource to read the package from. The supported resource type is: Google Cloud Storage: storage.googleapis.com/{bucket} bucket.storage.googleapis.com/" }, "name": { "type": "string", "description": "The name of the package." } }, "type": "object", "required": [ "location", "name" ] }, "google-native:dataflow/v1b3:ParameterMetadataEnumOptionResponse": { "description": "ParameterMetadataEnumOption specifies the option shown in the enum form.", "properties": { "description": { "type": "string", "description": "Optional. The description to display for the enum option." }, "label": { "type": "string", "description": "Optional. The label to display for the enum option." }, "value": { "type": "string", "description": "The value of the enum option." } }, "type": "object", "required": [ "description", "label", "value" ] }, "google-native:dataflow/v1b3:ParameterMetadataResponse": { "description": "Metadata for a specific parameter.", "properties": { "customMetadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Additional metadata for describing this parameter." }, "defaultValue": { "type": "string", "description": "Optional. The default values will pre-populate the parameter with the given value from the proto. If default_value is left empty, the parameter will be populated with a default of the relevant type, e.g. false for a boolean." }, "enumOptions": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:ParameterMetadataEnumOptionResponse" }, "description": "Optional. The options shown when ENUM ParameterType is specified." }, "groupName": { "type": "string", "description": "Optional. Specifies a group name for this parameter to be rendered under. Group header text will be rendered exactly as specified in this field. Only considered when parent_name is NOT provided." }, "helpText": { "type": "string", "description": "The help text to display for the parameter." }, "isOptional": { "type": "boolean", "description": "Optional. Whether the parameter is optional. Defaults to false." }, "label": { "type": "string", "description": "The label to display for the parameter." }, "name": { "type": "string", "description": "The name of the parameter." }, "paramType": { "type": "string", "description": "Optional. The type of the parameter. Used for selecting input picker." }, "parentName": { "type": "string", "description": "Optional. Specifies the name of the parent parameter. Used in conjunction with 'parent_trigger_values' to make this parameter conditional (will only be rendered conditionally). Should be mappable to a ParameterMetadata.name field." }, "parentTriggerValues": { "type": "array", "items": { "type": "string" }, "description": "Optional. The value(s) of the 'parent_name' parameter which will trigger this parameter to be shown. If left empty, ANY non-empty value in parent_name will trigger this parameter to be shown. Only considered when this parameter is conditional (when 'parent_name' has been provided)." }, "regexes": { "type": "array", "items": { "type": "string" }, "description": "Optional. Regexes that the parameter must match." } }, "type": "object", "required": [ "customMetadata", "defaultValue", "enumOptions", "groupName", "helpText", "isOptional", "label", "name", "paramType", "parentName", "parentTriggerValues", "regexes" ] }, "google-native:dataflow/v1b3:PipelineDescription": { "description": "A descriptive representation of submitted pipeline as well as the executed form. This data is provided by the Dataflow service for ease of visualizing the pipeline and interpreting Dataflow provided metrics.", "properties": { "displayData": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:DisplayData" }, "description": "Pipeline level display data." }, "executionPipelineStage": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:ExecutionStageSummary" }, "description": "Description of each stage of execution of the pipeline." }, "originalPipelineTransform": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:TransformSummary" }, "description": "Description of each transform in the pipeline and collections between them." }, "stepNamesHash": { "type": "string", "description": "A hash value of the submitted pipeline portable graph step names if exists." } }, "type": "object" }, "google-native:dataflow/v1b3:PipelineDescriptionResponse": { "description": "A descriptive representation of submitted pipeline as well as the executed form. This data is provided by the Dataflow service for ease of visualizing the pipeline and interpreting Dataflow provided metrics.", "properties": { "displayData": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:DisplayDataResponse" }, "description": "Pipeline level display data." }, "executionPipelineStage": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:ExecutionStageSummaryResponse" }, "description": "Description of each stage of execution of the pipeline." }, "originalPipelineTransform": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:TransformSummaryResponse" }, "description": "Description of each transform in the pipeline and collections between them." }, "stepNamesHash": { "type": "string", "description": "A hash value of the submitted pipeline portable graph step names if exists." } }, "type": "object", "required": [ "displayData", "executionPipelineStage", "originalPipelineTransform", "stepNamesHash" ] }, "google-native:dataflow/v1b3:PubSubIODetails": { "description": "Metadata for a Pub/Sub connector used by the job.", "properties": { "subscription": { "type": "string", "description": "Subscription used in the connection." }, "topic": { "type": "string", "description": "Topic accessed in the connection." } }, "type": "object" }, "google-native:dataflow/v1b3:PubSubIODetailsResponse": { "description": "Metadata for a Pub/Sub connector used by the job.", "properties": { "subscription": { "type": "string", "description": "Subscription used in the connection." }, "topic": { "type": "string", "description": "Topic accessed in the connection." } }, "type": "object", "required": [ "subscription", "topic" ] }, "google-native:dataflow/v1b3:RuntimeEnvironment": { "description": "The environment values to set at runtime.", "properties": { "additionalExperiments": { "type": "array", "items": { "type": "string" }, "description": "Optional. Additional experiment flags for the job, specified with the `--experiments` option." }, "additionalUserLabels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Additional user labels to be specified for the job. Keys and values should follow the restrictions specified in the [labeling restrictions](https://cloud.google.com/compute/docs/labeling-resources#restrictions) page. An object containing a list of \"key\": value pairs. Example: { \"name\": \"wrench\", \"mass\": \"1kg\", \"count\": \"3\" }." }, "bypassTempDirValidation": { "type": "boolean", "description": "Optional. Whether to bypass the safety checks for the job's temporary directory. Use with caution." }, "diskSizeGb": { "type": "integer", "description": "Optional. The disk size, in gigabytes, to use on each remote Compute Engine worker instance." }, "enableStreamingEngine": { "type": "boolean", "description": "Optional. Whether to enable Streaming Engine for the job." }, "ipConfiguration": { "$ref": "#/types/google-native:dataflow%2Fv1b3:RuntimeEnvironmentIpConfiguration", "description": "Optional. Configuration for VM IPs." }, "kmsKeyName": { "type": "string", "description": "Optional. Name for the Cloud KMS key for the job. Key format is: projects//locations//keyRings//cryptoKeys/" }, "machineType": { "type": "string", "description": "Optional. The machine type to use for the job. Defaults to the value from the template if not specified." }, "maxWorkers": { "type": "integer", "description": "Optional. The maximum number of Google Compute Engine instances to be made available to your pipeline during execution, from 1 to 1000. The default value is 1." }, "network": { "type": "string", "description": "Optional. Network to which VMs will be assigned. If empty or unspecified, the service will use the network \"default\"." }, "numWorkers": { "type": "integer", "description": "Optional. The initial number of Google Compute Engine instances for the job. The default value is 11." }, "serviceAccountEmail": { "type": "string", "description": "Optional. The email address of the service account to run the job as." }, "subnetwork": { "type": "string", "description": "Optional. Subnetwork to which VMs will be assigned, if desired. You can specify a subnetwork using either a complete URL or an abbreviated path. Expected to be of the form \"https://www.googleapis.com/compute/v1/projects/HOST_PROJECT_ID/regions/REGION/subnetworks/SUBNETWORK\" or \"regions/REGION/subnetworks/SUBNETWORK\". If the subnetwork is located in a Shared VPC network, you must use the complete URL." }, "tempLocation": { "type": "string", "description": "The Cloud Storage path to use for temporary files. Must be a valid Cloud Storage URL, beginning with `gs://`." }, "workerRegion": { "type": "string", "description": "The Compute Engine region (https://cloud.google.com/compute/docs/regions-zones/regions-zones) in which worker processing should occur, e.g. \"us-west1\". Mutually exclusive with worker_zone. If neither worker_region nor worker_zone is specified, default to the control plane's region." }, "workerZone": { "type": "string", "description": "Optional. The Compute Engine zone (https://cloud.google.com/compute/docs/regions-zones/regions-zones) in which worker processing should occur, e.g. \"us-west1-a\". Mutually exclusive with worker_region. If neither worker_region nor worker_zone is specified, a zone in the control plane's region is chosen based on available capacity. If both `worker_zone` and `zone` are set, `worker_zone` takes precedence." }, "zone": { "type": "string", "description": "Optional. The Compute Engine [availability zone](https://cloud.google.com/compute/docs/regions-zones/regions-zones) for launching worker instances to run your pipeline. In the future, worker_zone will take precedence." } }, "type": "object", "required": [ "tempLocation", "workerRegion" ] }, "google-native:dataflow/v1b3:RuntimeEnvironmentIpConfiguration": { "description": "Optional. Configuration for VM IPs.", "type": "string", "enum": [ { "name": "WorkerIpUnspecified", "description": "The configuration is unknown, or unspecified.", "value": "WORKER_IP_UNSPECIFIED" }, { "name": "WorkerIpPublic", "description": "Workers should have public IP addresses.", "value": "WORKER_IP_PUBLIC" }, { "name": "WorkerIpPrivate", "description": "Workers should have private IP addresses.", "value": "WORKER_IP_PRIVATE" } ] }, "google-native:dataflow/v1b3:RuntimeMetadataResponse": { "description": "RuntimeMetadata describing a runtime environment.", "properties": { "parameters": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:ParameterMetadataResponse" }, "description": "The parameters for the template." }, "sdkInfo": { "$ref": "#/types/google-native:dataflow%2Fv1b3:SDKInfoResponse", "description": "SDK Info for the template." } }, "type": "object", "required": [ "parameters", "sdkInfo" ] }, "google-native:dataflow/v1b3:RuntimeUpdatableParams": { "description": "Additional job parameters that can only be updated during runtime using the projects.jobs.update method. These fields have no effect when specified during job creation.", "properties": { "maxNumWorkers": { "type": "integer", "description": "The maximum number of workers to cap autoscaling at. This field is currently only supported for Streaming Engine jobs." }, "minNumWorkers": { "type": "integer", "description": "The minimum number of workers to scale down to. This field is currently only supported for Streaming Engine jobs." } }, "type": "object" }, "google-native:dataflow/v1b3:RuntimeUpdatableParamsResponse": { "description": "Additional job parameters that can only be updated during runtime using the projects.jobs.update method. These fields have no effect when specified during job creation.", "properties": { "maxNumWorkers": { "type": "integer", "description": "The maximum number of workers to cap autoscaling at. This field is currently only supported for Streaming Engine jobs." }, "minNumWorkers": { "type": "integer", "description": "The minimum number of workers to scale down to. This field is currently only supported for Streaming Engine jobs." } }, "type": "object", "required": [ "maxNumWorkers", "minNumWorkers" ] }, "google-native:dataflow/v1b3:SDKInfoResponse": { "description": "SDK Information.", "properties": { "language": { "type": "string", "description": "The SDK Language." }, "version": { "type": "string", "description": "Optional. The SDK version." } }, "type": "object", "required": [ "language", "version" ] }, "google-native:dataflow/v1b3:SdkBugResponse": { "description": "A bug found in the Dataflow SDK.", "properties": { "severity": { "type": "string", "description": "How severe the SDK bug is." }, "type": { "type": "string", "description": "Describes the impact of this SDK bug." }, "uri": { "type": "string", "description": "Link to more information on the bug." } }, "type": "object", "required": [ "severity", "type", "uri" ] }, "google-native:dataflow/v1b3:SdkHarnessContainerImage": { "description": "Defines an SDK harness container for executing Dataflow pipelines.", "properties": { "capabilities": { "type": "array", "items": { "type": "string" }, "description": "The set of capabilities enumerated in the above Environment proto. See also [beam_runner_api.proto](https://github.com/apache/beam/blob/master/model/pipeline/src/main/proto/org/apache/beam/model/pipeline/v1/beam_runner_api.proto)" }, "containerImage": { "type": "string", "description": "A docker container image that resides in Google Container Registry." }, "environmentId": { "type": "string", "description": "Environment ID for the Beam runner API proto Environment that corresponds to the current SDK Harness." }, "useSingleCorePerContainer": { "type": "boolean", "description": "If true, recommends the Dataflow service to use only one core per SDK container instance with this image. If false (or unset) recommends using more than one core per SDK container instance with this image for efficiency. Note that Dataflow service may choose to override this property if needed." } }, "type": "object" }, "google-native:dataflow/v1b3:SdkHarnessContainerImageResponse": { "description": "Defines an SDK harness container for executing Dataflow pipelines.", "properties": { "capabilities": { "type": "array", "items": { "type": "string" }, "description": "The set of capabilities enumerated in the above Environment proto. See also [beam_runner_api.proto](https://github.com/apache/beam/blob/master/model/pipeline/src/main/proto/org/apache/beam/model/pipeline/v1/beam_runner_api.proto)" }, "containerImage": { "type": "string", "description": "A docker container image that resides in Google Container Registry." }, "environmentId": { "type": "string", "description": "Environment ID for the Beam runner API proto Environment that corresponds to the current SDK Harness." }, "useSingleCorePerContainer": { "type": "boolean", "description": "If true, recommends the Dataflow service to use only one core per SDK container instance with this image. If false (or unset) recommends using more than one core per SDK container instance with this image for efficiency. Note that Dataflow service may choose to override this property if needed." } }, "type": "object", "required": [ "capabilities", "containerImage", "environmentId", "useSingleCorePerContainer" ] }, "google-native:dataflow/v1b3:SdkVersion": { "description": "The version of the SDK used to run the job.", "properties": { "sdkSupportStatus": { "$ref": "#/types/google-native:dataflow%2Fv1b3:SdkVersionSdkSupportStatus", "description": "The support status for this SDK version." }, "version": { "type": "string", "description": "The version of the SDK used to run the job." }, "versionDisplayName": { "type": "string", "description": "A readable string describing the version of the SDK." } }, "type": "object" }, "google-native:dataflow/v1b3:SdkVersionResponse": { "description": "The version of the SDK used to run the job.", "properties": { "bugs": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:SdkBugResponse" }, "description": "Known bugs found in this SDK version." }, "sdkSupportStatus": { "type": "string", "description": "The support status for this SDK version." }, "version": { "type": "string", "description": "The version of the SDK used to run the job." }, "versionDisplayName": { "type": "string", "description": "A readable string describing the version of the SDK." } }, "type": "object", "required": [ "bugs", "sdkSupportStatus", "version", "versionDisplayName" ] }, "google-native:dataflow/v1b3:SdkVersionSdkSupportStatus": { "description": "The support status for this SDK version.", "type": "string", "enum": [ { "name": "Unknown", "description": "Cloud Dataflow is unaware of this version.", "value": "UNKNOWN" }, { "name": "Supported", "description": "This is a known version of an SDK, and is supported.", "value": "SUPPORTED" }, { "name": "Stale", "description": "A newer version of the SDK family exists, and an update is recommended.", "value": "STALE" }, { "name": "Deprecated", "description": "This version of the SDK is deprecated and will eventually be unsupported.", "value": "DEPRECATED" }, { "name": "Unsupported", "description": "Support for this SDK version has ended and it should no longer be used.", "value": "UNSUPPORTED" } ] }, "google-native:dataflow/v1b3:SpannerIODetails": { "description": "Metadata for a Spanner connector used by the job.", "properties": { "databaseId": { "type": "string", "description": "DatabaseId accessed in the connection." }, "instanceId": { "type": "string", "description": "InstanceId accessed in the connection." }, "project": { "type": "string", "description": "ProjectId accessed in the connection." } }, "type": "object" }, "google-native:dataflow/v1b3:SpannerIODetailsResponse": { "description": "Metadata for a Spanner connector used by the job.", "properties": { "databaseId": { "type": "string", "description": "DatabaseId accessed in the connection." }, "instanceId": { "type": "string", "description": "InstanceId accessed in the connection." }, "project": { "type": "string", "description": "ProjectId accessed in the connection." } }, "type": "object", "required": [ "databaseId", "instanceId", "project" ] }, "google-native:dataflow/v1b3:StageSource": { "description": "Description of an input or output of an execution stage.", "properties": { "name": { "type": "string", "description": "Dataflow service generated name for this source." }, "originalTransformOrCollection": { "type": "string", "description": "User name for the original user transform or collection with which this source is most closely associated." }, "sizeBytes": { "type": "string", "description": "Size of the source, if measurable." }, "userName": { "type": "string", "description": "Human-readable name for this source; may be user or system generated." } }, "type": "object" }, "google-native:dataflow/v1b3:StageSourceResponse": { "description": "Description of an input or output of an execution stage.", "properties": { "name": { "type": "string", "description": "Dataflow service generated name for this source." }, "originalTransformOrCollection": { "type": "string", "description": "User name for the original user transform or collection with which this source is most closely associated." }, "sizeBytes": { "type": "string", "description": "Size of the source, if measurable." }, "userName": { "type": "string", "description": "Human-readable name for this source; may be user or system generated." } }, "type": "object", "required": [ "name", "originalTransformOrCollection", "sizeBytes", "userName" ] }, "google-native:dataflow/v1b3:StatusResponse": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object", "required": [ "code", "details", "message" ] }, "google-native:dataflow/v1b3:Step": { "description": "Defines a particular step within a Cloud Dataflow job. A job consists of multiple steps, each of which performs some specific operation as part of the overall job. Data is typically passed from one step to another as part of the job. **Note:** The properties of this object are not stable and might change. Here's an example of a sequence of steps which together implement a Map-Reduce job: * Read a collection of data from some source, parsing the collection's elements. * Validate the elements. * Apply a user-defined function to map each element to some value and extract an element-specific key value. * Group elements with the same key into a single element with that key, transforming a multiply-keyed collection into a uniquely-keyed collection. * Write the elements out to some data sink. Note that the Cloud Dataflow service may be used to run many different types of jobs, not just Map-Reduce.", "properties": { "kind": { "type": "string", "description": "The kind of step in the Cloud Dataflow job." }, "name": { "type": "string", "description": "The name that identifies the step. This must be unique for each step with respect to all other steps in the Cloud Dataflow job." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Named properties associated with the step. Each kind of predefined step has its own required set of properties. Must be provided on Create. Only retrieved with JOB_VIEW_ALL." } }, "type": "object" }, "google-native:dataflow/v1b3:StepResponse": { "description": "Defines a particular step within a Cloud Dataflow job. A job consists of multiple steps, each of which performs some specific operation as part of the overall job. Data is typically passed from one step to another as part of the job. **Note:** The properties of this object are not stable and might change. Here's an example of a sequence of steps which together implement a Map-Reduce job: * Read a collection of data from some source, parsing the collection's elements. * Validate the elements. * Apply a user-defined function to map each element to some value and extract an element-specific key value. * Group elements with the same key into a single element with that key, transforming a multiply-keyed collection into a uniquely-keyed collection. * Write the elements out to some data sink. Note that the Cloud Dataflow service may be used to run many different types of jobs, not just Map-Reduce.", "properties": { "kind": { "type": "string", "description": "The kind of step in the Cloud Dataflow job." }, "name": { "type": "string", "description": "The name that identifies the step. This must be unique for each step with respect to all other steps in the Cloud Dataflow job." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Named properties associated with the step. Each kind of predefined step has its own required set of properties. Must be provided on Create. Only retrieved with JOB_VIEW_ALL." } }, "type": "object", "required": [ "kind", "name", "properties" ] }, "google-native:dataflow/v1b3:TaskRunnerSettings": { "description": "Taskrunner configuration settings.", "properties": { "alsologtostderr": { "type": "boolean", "description": "Whether to also send taskrunner log info to stderr." }, "baseTaskDir": { "type": "string", "description": "The location on the worker for task-specific subdirectories." }, "baseUrl": { "type": "string", "description": "The base URL for the taskrunner to use when accessing Google Cloud APIs. When workers access Google Cloud APIs, they logically do so via relative URLs. If this field is specified, it supplies the base URL to use for resolving these relative URLs. The normative algorithm used is defined by RFC 1808, \"Relative Uniform Resource Locators\". If not specified, the default value is \"http://www.googleapis.com/\"" }, "commandlinesFileName": { "type": "string", "description": "The file to store preprocessing commands in." }, "continueOnException": { "type": "boolean", "description": "Whether to continue taskrunner if an exception is hit." }, "dataflowApiVersion": { "type": "string", "description": "The API version of endpoint, e.g. \"v1b3\"" }, "harnessCommand": { "type": "string", "description": "The command to launch the worker harness." }, "languageHint": { "type": "string", "description": "The suggested backend language." }, "logDir": { "type": "string", "description": "The directory on the VM to store logs." }, "logToSerialconsole": { "type": "boolean", "description": "Whether to send taskrunner log info to Google Compute Engine VM serial console." }, "logUploadLocation": { "type": "string", "description": "Indicates where to put logs. If this is not specified, the logs will not be uploaded. The supported resource type is: Google Cloud Storage: storage.googleapis.com/{bucket}/{object} bucket.storage.googleapis.com/{object}" }, "oauthScopes": { "type": "array", "items": { "type": "string" }, "description": "The OAuth2 scopes to be requested by the taskrunner in order to access the Cloud Dataflow API." }, "parallelWorkerSettings": { "$ref": "#/types/google-native:dataflow%2Fv1b3:WorkerSettings", "description": "The settings to pass to the parallel worker harness." }, "streamingWorkerMainClass": { "type": "string", "description": "The streaming worker main class name." }, "taskGroup": { "type": "string", "description": "The UNIX group ID on the worker VM to use for tasks launched by taskrunner; e.g. \"wheel\"." }, "taskUser": { "type": "string", "description": "The UNIX user ID on the worker VM to use for tasks launched by taskrunner; e.g. \"root\"." }, "tempStoragePrefix": { "type": "string", "description": "The prefix of the resources the taskrunner should use for temporary storage. The supported resource type is: Google Cloud Storage: storage.googleapis.com/{bucket}/{object} bucket.storage.googleapis.com/{object}" }, "vmId": { "type": "string", "description": "The ID string of the VM." }, "workflowFileName": { "type": "string", "description": "The file to store the workflow in." } }, "type": "object" }, "google-native:dataflow/v1b3:TaskRunnerSettingsResponse": { "description": "Taskrunner configuration settings.", "properties": { "alsologtostderr": { "type": "boolean", "description": "Whether to also send taskrunner log info to stderr." }, "baseTaskDir": { "type": "string", "description": "The location on the worker for task-specific subdirectories." }, "baseUrl": { "type": "string", "description": "The base URL for the taskrunner to use when accessing Google Cloud APIs. When workers access Google Cloud APIs, they logically do so via relative URLs. If this field is specified, it supplies the base URL to use for resolving these relative URLs. The normative algorithm used is defined by RFC 1808, \"Relative Uniform Resource Locators\". If not specified, the default value is \"http://www.googleapis.com/\"" }, "commandlinesFileName": { "type": "string", "description": "The file to store preprocessing commands in." }, "continueOnException": { "type": "boolean", "description": "Whether to continue taskrunner if an exception is hit." }, "dataflowApiVersion": { "type": "string", "description": "The API version of endpoint, e.g. \"v1b3\"" }, "harnessCommand": { "type": "string", "description": "The command to launch the worker harness." }, "languageHint": { "type": "string", "description": "The suggested backend language." }, "logDir": { "type": "string", "description": "The directory on the VM to store logs." }, "logToSerialconsole": { "type": "boolean", "description": "Whether to send taskrunner log info to Google Compute Engine VM serial console." }, "logUploadLocation": { "type": "string", "description": "Indicates where to put logs. If this is not specified, the logs will not be uploaded. The supported resource type is: Google Cloud Storage: storage.googleapis.com/{bucket}/{object} bucket.storage.googleapis.com/{object}" }, "oauthScopes": { "type": "array", "items": { "type": "string" }, "description": "The OAuth2 scopes to be requested by the taskrunner in order to access the Cloud Dataflow API." }, "parallelWorkerSettings": { "$ref": "#/types/google-native:dataflow%2Fv1b3:WorkerSettingsResponse", "description": "The settings to pass to the parallel worker harness." }, "streamingWorkerMainClass": { "type": "string", "description": "The streaming worker main class name." }, "taskGroup": { "type": "string", "description": "The UNIX group ID on the worker VM to use for tasks launched by taskrunner; e.g. \"wheel\"." }, "taskUser": { "type": "string", "description": "The UNIX user ID on the worker VM to use for tasks launched by taskrunner; e.g. \"root\"." }, "tempStoragePrefix": { "type": "string", "description": "The prefix of the resources the taskrunner should use for temporary storage. The supported resource type is: Google Cloud Storage: storage.googleapis.com/{bucket}/{object} bucket.storage.googleapis.com/{object}" }, "vmId": { "type": "string", "description": "The ID string of the VM." }, "workflowFileName": { "type": "string", "description": "The file to store the workflow in." } }, "type": "object", "required": [ "alsologtostderr", "baseTaskDir", "baseUrl", "commandlinesFileName", "continueOnException", "dataflowApiVersion", "harnessCommand", "languageHint", "logDir", "logToSerialconsole", "logUploadLocation", "oauthScopes", "parallelWorkerSettings", "streamingWorkerMainClass", "taskGroup", "taskUser", "tempStoragePrefix", "vmId", "workflowFileName" ] }, "google-native:dataflow/v1b3:TemplateMetadataResponse": { "description": "Metadata describing a template.", "properties": { "description": { "type": "string", "description": "Optional. A description of the template." }, "name": { "type": "string", "description": "The name of the template." }, "parameters": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:ParameterMetadataResponse" }, "description": "The parameters for the template." } }, "type": "object", "required": [ "description", "name", "parameters" ] }, "google-native:dataflow/v1b3:TransformSummary": { "description": "Description of the type, names/ids, and input/outputs for a transform.", "properties": { "displayData": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:DisplayData" }, "description": "Transform-specific display data." }, "id": { "type": "string", "description": "SDK generated id of this transform instance." }, "inputCollectionName": { "type": "array", "items": { "type": "string" }, "description": "User names for all collection inputs to this transform." }, "kind": { "$ref": "#/types/google-native:dataflow%2Fv1b3:TransformSummaryKind", "description": "Type of transform." }, "name": { "type": "string", "description": "User provided name for this transform instance." }, "outputCollectionName": { "type": "array", "items": { "type": "string" }, "description": "User names for all collection outputs to this transform." } }, "type": "object" }, "google-native:dataflow/v1b3:TransformSummaryKind": { "description": "Type of transform.", "type": "string", "enum": [ { "name": "UnknownKind", "description": "Unrecognized transform type.", "value": "UNKNOWN_KIND" }, { "name": "ParDoKind", "description": "ParDo transform.", "value": "PAR_DO_KIND" }, { "name": "GroupByKeyKind", "description": "Group By Key transform.", "value": "GROUP_BY_KEY_KIND" }, { "name": "FlattenKind", "description": "Flatten transform.", "value": "FLATTEN_KIND" }, { "name": "ReadKind", "description": "Read transform.", "value": "READ_KIND" }, { "name": "WriteKind", "description": "Write transform.", "value": "WRITE_KIND" }, { "name": "ConstantKind", "description": "Constructs from a constant value, such as with Create.of.", "value": "CONSTANT_KIND" }, { "name": "SingletonKind", "description": "Creates a Singleton view of a collection.", "value": "SINGLETON_KIND" }, { "name": "ShuffleKind", "description": "Opening or closing a shuffle session, often as part of a GroupByKey.", "value": "SHUFFLE_KIND" } ] }, "google-native:dataflow/v1b3:TransformSummaryResponse": { "description": "Description of the type, names/ids, and input/outputs for a transform.", "properties": { "displayData": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:DisplayDataResponse" }, "description": "Transform-specific display data." }, "inputCollectionName": { "type": "array", "items": { "type": "string" }, "description": "User names for all collection inputs to this transform." }, "kind": { "type": "string", "description": "Type of transform." }, "name": { "type": "string", "description": "User provided name for this transform instance." }, "outputCollectionName": { "type": "array", "items": { "type": "string" }, "description": "User names for all collection outputs to this transform." } }, "type": "object", "required": [ "displayData", "inputCollectionName", "kind", "name", "outputCollectionName" ] }, "google-native:dataflow/v1b3:WorkerPool": { "description": "Describes one particular pool of Cloud Dataflow workers to be instantiated by the Cloud Dataflow service in order to perform the computations required by a job. Note that a workflow job may use multiple pools, in order to match the various computational requirements of the various stages of the job.", "properties": { "autoscalingSettings": { "$ref": "#/types/google-native:dataflow%2Fv1b3:AutoscalingSettings", "description": "Settings for autoscaling of this WorkerPool." }, "dataDisks": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:Disk" }, "description": "Data disks that are used by a VM in this workflow." }, "defaultPackageSet": { "$ref": "#/types/google-native:dataflow%2Fv1b3:WorkerPoolDefaultPackageSet", "description": "The default package set to install. This allows the service to select a default set of packages which are useful to worker harnesses written in a particular language." }, "diskSizeGb": { "type": "integer", "description": "Size of root disk for VMs, in GB. If zero or unspecified, the service will attempt to choose a reasonable default." }, "diskSourceImage": { "type": "string", "description": "Fully qualified source image for disks." }, "diskType": { "type": "string", "description": "Type of root disk for VMs. If empty or unspecified, the service will attempt to choose a reasonable default." }, "ipConfiguration": { "$ref": "#/types/google-native:dataflow%2Fv1b3:WorkerPoolIpConfiguration", "description": "Configuration for VM IPs." }, "kind": { "type": "string", "description": "The kind of the worker pool; currently only `harness` and `shuffle` are supported." }, "machineType": { "type": "string", "description": "Machine type (e.g. \"n1-standard-1\"). If empty or unspecified, the service will attempt to choose a reasonable default." }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata to set on the Google Compute Engine VMs." }, "network": { "type": "string", "description": "Network to which VMs will be assigned. If empty or unspecified, the service will use the network \"default\"." }, "numThreadsPerWorker": { "type": "integer", "description": "The number of threads per worker harness. If empty or unspecified, the service will choose a number of threads (according to the number of cores on the selected machine type for batch, or 1 by convention for streaming)." }, "numWorkers": { "type": "integer", "description": "Number of Google Compute Engine workers in this pool needed to execute the job. If zero or unspecified, the service will attempt to choose a reasonable default." }, "onHostMaintenance": { "type": "string", "description": "The action to take on host maintenance, as defined by the Google Compute Engine API." }, "packages": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:Package" }, "description": "Packages to be installed on workers." }, "poolArgs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Extra arguments for this worker pool." }, "sdkHarnessContainerImages": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:SdkHarnessContainerImage" }, "description": "Set of SDK harness containers needed to execute this pipeline. This will only be set in the Fn API path. For non-cross-language pipelines this should have only one entry. Cross-language pipelines will have two or more entries." }, "subnetwork": { "type": "string", "description": "Subnetwork to which VMs will be assigned, if desired. Expected to be of the form \"regions/REGION/subnetworks/SUBNETWORK\"." }, "taskrunnerSettings": { "$ref": "#/types/google-native:dataflow%2Fv1b3:TaskRunnerSettings", "description": "Settings passed through to Google Compute Engine workers when using the standard Dataflow task runner. Users should ignore this field." }, "teardownPolicy": { "$ref": "#/types/google-native:dataflow%2Fv1b3:WorkerPoolTeardownPolicy", "description": "Sets the policy for determining when to turndown worker pool. Allowed values are: `TEARDOWN_ALWAYS`, `TEARDOWN_ON_SUCCESS`, and `TEARDOWN_NEVER`. `TEARDOWN_ALWAYS` means workers are always torn down regardless of whether the job succeeds. `TEARDOWN_ON_SUCCESS` means workers are torn down if the job succeeds. `TEARDOWN_NEVER` means the workers are never torn down. If the workers are not torn down by the service, they will continue to run and use Google Compute Engine VM resources in the user's project until they are explicitly terminated by the user. Because of this, Google recommends using the `TEARDOWN_ALWAYS` policy except for small, manually supervised test jobs. If unknown or unspecified, the service will attempt to choose a reasonable default." }, "workerHarnessContainerImage": { "type": "string", "description": "Docker container image that executes the Cloud Dataflow worker harness, residing in Google Container Registry. Deprecated for the Fn API path. Use sdk_harness_container_images instead.", "deprecationMessage": "Required. Docker container image that executes the Cloud Dataflow worker harness, residing in Google Container Registry. Deprecated for the Fn API path. Use sdk_harness_container_images instead." }, "zone": { "type": "string", "description": "Zone to run the worker pools in. If empty or unspecified, the service will attempt to choose a reasonable default." } }, "type": "object", "required": [ "workerHarnessContainerImage" ] }, "google-native:dataflow/v1b3:WorkerPoolDefaultPackageSet": { "description": "The default package set to install. This allows the service to select a default set of packages which are useful to worker harnesses written in a particular language.", "type": "string", "enum": [ { "name": "DefaultPackageSetUnknown", "description": "The default set of packages to stage is unknown, or unspecified.", "value": "DEFAULT_PACKAGE_SET_UNKNOWN" }, { "name": "DefaultPackageSetNone", "description": "Indicates that no packages should be staged at the worker unless explicitly specified by the job.", "value": "DEFAULT_PACKAGE_SET_NONE" }, { "name": "DefaultPackageSetJava", "description": "Stage packages typically useful to workers written in Java.", "value": "DEFAULT_PACKAGE_SET_JAVA" }, { "name": "DefaultPackageSetPython", "description": "Stage packages typically useful to workers written in Python.", "value": "DEFAULT_PACKAGE_SET_PYTHON" } ] }, "google-native:dataflow/v1b3:WorkerPoolIpConfiguration": { "description": "Configuration for VM IPs.", "type": "string", "enum": [ { "name": "WorkerIpUnspecified", "description": "The configuration is unknown, or unspecified.", "value": "WORKER_IP_UNSPECIFIED" }, { "name": "WorkerIpPublic", "description": "Workers should have public IP addresses.", "value": "WORKER_IP_PUBLIC" }, { "name": "WorkerIpPrivate", "description": "Workers should have private IP addresses.", "value": "WORKER_IP_PRIVATE" } ] }, "google-native:dataflow/v1b3:WorkerPoolResponse": { "description": "Describes one particular pool of Cloud Dataflow workers to be instantiated by the Cloud Dataflow service in order to perform the computations required by a job. Note that a workflow job may use multiple pools, in order to match the various computational requirements of the various stages of the job.", "properties": { "autoscalingSettings": { "$ref": "#/types/google-native:dataflow%2Fv1b3:AutoscalingSettingsResponse", "description": "Settings for autoscaling of this WorkerPool." }, "dataDisks": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:DiskResponse" }, "description": "Data disks that are used by a VM in this workflow." }, "defaultPackageSet": { "type": "string", "description": "The default package set to install. This allows the service to select a default set of packages which are useful to worker harnesses written in a particular language." }, "diskSizeGb": { "type": "integer", "description": "Size of root disk for VMs, in GB. If zero or unspecified, the service will attempt to choose a reasonable default." }, "diskSourceImage": { "type": "string", "description": "Fully qualified source image for disks." }, "diskType": { "type": "string", "description": "Type of root disk for VMs. If empty or unspecified, the service will attempt to choose a reasonable default." }, "ipConfiguration": { "type": "string", "description": "Configuration for VM IPs." }, "kind": { "type": "string", "description": "The kind of the worker pool; currently only `harness` and `shuffle` are supported." }, "machineType": { "type": "string", "description": "Machine type (e.g. \"n1-standard-1\"). If empty or unspecified, the service will attempt to choose a reasonable default." }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Metadata to set on the Google Compute Engine VMs." }, "network": { "type": "string", "description": "Network to which VMs will be assigned. If empty or unspecified, the service will use the network \"default\"." }, "numThreadsPerWorker": { "type": "integer", "description": "The number of threads per worker harness. If empty or unspecified, the service will choose a number of threads (according to the number of cores on the selected machine type for batch, or 1 by convention for streaming)." }, "numWorkers": { "type": "integer", "description": "Number of Google Compute Engine workers in this pool needed to execute the job. If zero or unspecified, the service will attempt to choose a reasonable default." }, "onHostMaintenance": { "type": "string", "description": "The action to take on host maintenance, as defined by the Google Compute Engine API." }, "packages": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:PackageResponse" }, "description": "Packages to be installed on workers." }, "poolArgs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Extra arguments for this worker pool." }, "sdkHarnessContainerImages": { "type": "array", "items": { "$ref": "#/types/google-native:dataflow%2Fv1b3:SdkHarnessContainerImageResponse" }, "description": "Set of SDK harness containers needed to execute this pipeline. This will only be set in the Fn API path. For non-cross-language pipelines this should have only one entry. Cross-language pipelines will have two or more entries." }, "subnetwork": { "type": "string", "description": "Subnetwork to which VMs will be assigned, if desired. Expected to be of the form \"regions/REGION/subnetworks/SUBNETWORK\"." }, "taskrunnerSettings": { "$ref": "#/types/google-native:dataflow%2Fv1b3:TaskRunnerSettingsResponse", "description": "Settings passed through to Google Compute Engine workers when using the standard Dataflow task runner. Users should ignore this field." }, "teardownPolicy": { "type": "string", "description": "Sets the policy for determining when to turndown worker pool. Allowed values are: `TEARDOWN_ALWAYS`, `TEARDOWN_ON_SUCCESS`, and `TEARDOWN_NEVER`. `TEARDOWN_ALWAYS` means workers are always torn down regardless of whether the job succeeds. `TEARDOWN_ON_SUCCESS` means workers are torn down if the job succeeds. `TEARDOWN_NEVER` means the workers are never torn down. If the workers are not torn down by the service, they will continue to run and use Google Compute Engine VM resources in the user's project until they are explicitly terminated by the user. Because of this, Google recommends using the `TEARDOWN_ALWAYS` policy except for small, manually supervised test jobs. If unknown or unspecified, the service will attempt to choose a reasonable default." }, "workerHarnessContainerImage": { "type": "string", "description": "Docker container image that executes the Cloud Dataflow worker harness, residing in Google Container Registry. Deprecated for the Fn API path. Use sdk_harness_container_images instead.", "deprecationMessage": "Required. Docker container image that executes the Cloud Dataflow worker harness, residing in Google Container Registry. Deprecated for the Fn API path. Use sdk_harness_container_images instead." }, "zone": { "type": "string", "description": "Zone to run the worker pools in. If empty or unspecified, the service will attempt to choose a reasonable default." } }, "type": "object", "required": [ "autoscalingSettings", "dataDisks", "defaultPackageSet", "diskSizeGb", "diskSourceImage", "diskType", "ipConfiguration", "kind", "machineType", "metadata", "network", "numThreadsPerWorker", "numWorkers", "onHostMaintenance", "packages", "poolArgs", "sdkHarnessContainerImages", "subnetwork", "taskrunnerSettings", "teardownPolicy", "workerHarnessContainerImage", "zone" ] }, "google-native:dataflow/v1b3:WorkerPoolTeardownPolicy": { "description": "Sets the policy for determining when to turndown worker pool. Allowed values are: `TEARDOWN_ALWAYS`, `TEARDOWN_ON_SUCCESS`, and `TEARDOWN_NEVER`. `TEARDOWN_ALWAYS` means workers are always torn down regardless of whether the job succeeds. `TEARDOWN_ON_SUCCESS` means workers are torn down if the job succeeds. `TEARDOWN_NEVER` means the workers are never torn down. If the workers are not torn down by the service, they will continue to run and use Google Compute Engine VM resources in the user's project until they are explicitly terminated by the user. Because of this, Google recommends using the `TEARDOWN_ALWAYS` policy except for small, manually supervised test jobs. If unknown or unspecified, the service will attempt to choose a reasonable default.", "type": "string", "enum": [ { "name": "TeardownPolicyUnknown", "description": "The teardown policy isn't specified, or is unknown.", "value": "TEARDOWN_POLICY_UNKNOWN" }, { "name": "TeardownAlways", "description": "Always teardown the resource.", "value": "TEARDOWN_ALWAYS" }, { "name": "TeardownOnSuccess", "description": "Teardown the resource on success. This is useful for debugging failures.", "value": "TEARDOWN_ON_SUCCESS" }, { "name": "TeardownNever", "description": "Never teardown the resource. This is useful for debugging and development.", "value": "TEARDOWN_NEVER" } ] }, "google-native:dataflow/v1b3:WorkerSettings": { "description": "Provides data to pass through to the worker harness.", "properties": { "baseUrl": { "type": "string", "description": "The base URL for accessing Google Cloud APIs. When workers access Google Cloud APIs, they logically do so via relative URLs. If this field is specified, it supplies the base URL to use for resolving these relative URLs. The normative algorithm used is defined by RFC 1808, \"Relative Uniform Resource Locators\". If not specified, the default value is \"http://www.googleapis.com/\"" }, "reportingEnabled": { "type": "boolean", "description": "Whether to send work progress updates to the service." }, "servicePath": { "type": "string", "description": "The Cloud Dataflow service path relative to the root URL, for example, \"dataflow/v1b3/projects\"." }, "shuffleServicePath": { "type": "string", "description": "The Shuffle service path relative to the root URL, for example, \"shuffle/v1beta1\"." }, "tempStoragePrefix": { "type": "string", "description": "The prefix of the resources the system should use for temporary storage. The supported resource type is: Google Cloud Storage: storage.googleapis.com/{bucket}/{object} bucket.storage.googleapis.com/{object}" }, "workerId": { "type": "string", "description": "The ID of the worker running this pipeline." } }, "type": "object" }, "google-native:dataflow/v1b3:WorkerSettingsResponse": { "description": "Provides data to pass through to the worker harness.", "properties": { "baseUrl": { "type": "string", "description": "The base URL for accessing Google Cloud APIs. When workers access Google Cloud APIs, they logically do so via relative URLs. If this field is specified, it supplies the base URL to use for resolving these relative URLs. The normative algorithm used is defined by RFC 1808, \"Relative Uniform Resource Locators\". If not specified, the default value is \"http://www.googleapis.com/\"" }, "reportingEnabled": { "type": "boolean", "description": "Whether to send work progress updates to the service." }, "servicePath": { "type": "string", "description": "The Cloud Dataflow service path relative to the root URL, for example, \"dataflow/v1b3/projects\"." }, "shuffleServicePath": { "type": "string", "description": "The Shuffle service path relative to the root URL, for example, \"shuffle/v1beta1\"." }, "tempStoragePrefix": { "type": "string", "description": "The prefix of the resources the system should use for temporary storage. The supported resource type is: Google Cloud Storage: storage.googleapis.com/{bucket}/{object} bucket.storage.googleapis.com/{object}" }, "workerId": { "type": "string", "description": "The ID of the worker running this pipeline." } }, "type": "object", "required": [ "baseUrl", "reportingEnabled", "servicePath", "shuffleServicePath", "tempStoragePrefix", "workerId" ] }, "google-native:dataform/v1beta1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:dataform%2Fv1beta1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:dataform/v1beta1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:dataform%2Fv1beta1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:dataform/v1beta1:CodeCompilationConfig": { "description": "Configures various aspects of Dataform code compilation.", "properties": { "assertionSchema": { "type": "string", "description": "Optional. The default schema (BigQuery dataset ID) for assertions." }, "databaseSuffix": { "type": "string", "description": "Optional. The suffix that should be appended to all database (Google Cloud project ID) names." }, "defaultDatabase": { "type": "string", "description": "Optional. The default database (Google Cloud project ID)." }, "defaultLocation": { "type": "string", "description": "Optional. The default BigQuery location to use. Defaults to \"US\". See the BigQuery docs for a full list of locations: https://cloud.google.com/bigquery/docs/locations." }, "defaultSchema": { "type": "string", "description": "Optional. The default schema (BigQuery dataset ID)." }, "schemaSuffix": { "type": "string", "description": "Optional. The suffix that should be appended to all schema (BigQuery dataset ID) names." }, "tablePrefix": { "type": "string", "description": "Optional. The prefix that should be prepended to all table names." }, "vars": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. User-defined variables that are made available to project code during compilation." } }, "type": "object" }, "google-native:dataform/v1beta1:CodeCompilationConfigResponse": { "description": "Configures various aspects of Dataform code compilation.", "properties": { "assertionSchema": { "type": "string", "description": "Optional. The default schema (BigQuery dataset ID) for assertions." }, "databaseSuffix": { "type": "string", "description": "Optional. The suffix that should be appended to all database (Google Cloud project ID) names." }, "defaultDatabase": { "type": "string", "description": "Optional. The default database (Google Cloud project ID)." }, "defaultLocation": { "type": "string", "description": "Optional. The default BigQuery location to use. Defaults to \"US\". See the BigQuery docs for a full list of locations: https://cloud.google.com/bigquery/docs/locations." }, "defaultSchema": { "type": "string", "description": "Optional. The default schema (BigQuery dataset ID)." }, "schemaSuffix": { "type": "string", "description": "Optional. The suffix that should be appended to all schema (BigQuery dataset ID) names." }, "tablePrefix": { "type": "string", "description": "Optional. The prefix that should be prepended to all table names." }, "vars": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. User-defined variables that are made available to project code during compilation." } }, "type": "object", "required": [ "assertionSchema", "databaseSuffix", "defaultDatabase", "defaultLocation", "defaultSchema", "schemaSuffix", "tablePrefix", "vars" ] }, "google-native:dataform/v1beta1:CompilationErrorResponse": { "description": "An error encountered when attempting to compile a Dataform project.", "properties": { "actionTarget": { "$ref": "#/types/google-native:dataform%2Fv1beta1:TargetResponse", "description": "The identifier of the action where this error occurred, if available." }, "message": { "type": "string", "description": "The error's top level message." }, "path": { "type": "string", "description": "The path of the file where this error occurred, if available, relative to the project root." }, "stack": { "type": "string", "description": "The error's full stack trace." } }, "type": "object", "required": [ "actionTarget", "message", "path", "stack" ] }, "google-native:dataform/v1beta1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:dataform/v1beta1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:dataform/v1beta1:GitRemoteSettings": { "description": "Controls Git remote configuration for a repository.", "properties": { "authenticationTokenSecretVersion": { "type": "string", "description": "Optional. The name of the Secret Manager secret version to use as an authentication token for Git operations. Must be in the format `projects/*/secrets/*/versions/*`." }, "defaultBranch": { "type": "string", "description": "The Git remote's default branch name." }, "sshAuthenticationConfig": { "$ref": "#/types/google-native:dataform%2Fv1beta1:SshAuthenticationConfig", "description": "Optional. Authentication fields for remote uris using SSH protocol." }, "url": { "type": "string", "description": "The Git remote's URL." } }, "type": "object", "required": [ "defaultBranch", "url" ] }, "google-native:dataform/v1beta1:GitRemoteSettingsResponse": { "description": "Controls Git remote configuration for a repository.", "properties": { "authenticationTokenSecretVersion": { "type": "string", "description": "Optional. The name of the Secret Manager secret version to use as an authentication token for Git operations. Must be in the format `projects/*/secrets/*/versions/*`." }, "defaultBranch": { "type": "string", "description": "The Git remote's default branch name." }, "sshAuthenticationConfig": { "$ref": "#/types/google-native:dataform%2Fv1beta1:SshAuthenticationConfigResponse", "description": "Optional. Authentication fields for remote uris using SSH protocol." }, "tokenStatus": { "type": "string", "description": "Deprecated: The field does not contain any token status information. Instead use https://cloud.google.com/dataform/reference/rest/v1beta1/projects.locations.repositories/computeAccessTokenStatus", "deprecationMessage": "Output only. Deprecated: The field does not contain any token status information. Instead use https://cloud.google.com/dataform/reference/rest/v1beta1/projects.locations.repositories/computeAccessTokenStatus" }, "url": { "type": "string", "description": "The Git remote's URL." } }, "type": "object", "required": [ "authenticationTokenSecretVersion", "defaultBranch", "sshAuthenticationConfig", "tokenStatus", "url" ] }, "google-native:dataform/v1beta1:IntervalResponse": { "description": "Represents a time interval, encoded as a Timestamp start (inclusive) and a Timestamp end (exclusive). The start must be less than or equal to the end. When the start equals the end, the interval is empty (matches no time). When both start and end are unspecified, the interval matches any time.", "properties": { "endTime": { "type": "string", "description": "Optional. Exclusive end of the interval. If specified, a Timestamp matching this interval will have to be before the end." }, "startTime": { "type": "string", "description": "Optional. Inclusive start of the interval. If specified, a Timestamp matching this interval will have to be the same or after the start." } }, "type": "object", "required": [ "endTime", "startTime" ] }, "google-native:dataform/v1beta1:InvocationConfig": { "description": "Includes various configuration options for a workflow invocation. If both `included_targets` and `included_tags` are unset, all actions will be included.", "properties": { "fullyRefreshIncrementalTablesEnabled": { "type": "boolean", "description": "Optional. When set to true, any incremental tables will be fully refreshed." }, "includedTags": { "type": "array", "items": { "type": "string" }, "description": "Optional. The set of tags to include." }, "includedTargets": { "type": "array", "items": { "$ref": "#/types/google-native:dataform%2Fv1beta1:Target" }, "description": "Optional. The set of action identifiers to include." }, "serviceAccount": { "type": "string", "description": "Optional. The service account to run workflow invocations under." }, "transitiveDependenciesIncluded": { "type": "boolean", "description": "Optional. When set to true, transitive dependencies of included actions will be executed." }, "transitiveDependentsIncluded": { "type": "boolean", "description": "Optional. When set to true, transitive dependents of included actions will be executed." } }, "type": "object" }, "google-native:dataform/v1beta1:InvocationConfigResponse": { "description": "Includes various configuration options for a workflow invocation. If both `included_targets` and `included_tags` are unset, all actions will be included.", "properties": { "fullyRefreshIncrementalTablesEnabled": { "type": "boolean", "description": "Optional. When set to true, any incremental tables will be fully refreshed." }, "includedTags": { "type": "array", "items": { "type": "string" }, "description": "Optional. The set of tags to include." }, "includedTargets": { "type": "array", "items": { "$ref": "#/types/google-native:dataform%2Fv1beta1:TargetResponse" }, "description": "Optional. The set of action identifiers to include." }, "serviceAccount": { "type": "string", "description": "Optional. The service account to run workflow invocations under." }, "transitiveDependenciesIncluded": { "type": "boolean", "description": "Optional. When set to true, transitive dependencies of included actions will be executed." }, "transitiveDependentsIncluded": { "type": "boolean", "description": "Optional. When set to true, transitive dependents of included actions will be executed." } }, "type": "object", "required": [ "fullyRefreshIncrementalTablesEnabled", "includedTags", "includedTargets", "serviceAccount", "transitiveDependenciesIncluded", "transitiveDependentsIncluded" ] }, "google-native:dataform/v1beta1:ScheduledExecutionRecordResponse": { "description": "A record of an attempt to create a workflow invocation for this workflow config.", "properties": { "errorStatus": { "$ref": "#/types/google-native:dataform%2Fv1beta1:StatusResponse", "description": "The error status encountered upon this attempt to create the workflow invocation, if the attempt was unsuccessful." }, "executionTime": { "type": "string", "description": "The timestamp of this execution attempt." }, "workflowInvocation": { "type": "string", "description": "The name of the created workflow invocation, if one was successfully created. Must be in the format `projects/*/locations/*/repositories/*/workflowInvocations/*`." } }, "type": "object", "required": [ "errorStatus", "executionTime", "workflowInvocation" ] }, "google-native:dataform/v1beta1:ScheduledReleaseRecordResponse": { "description": "A record of an attempt to create a compilation result for this release config.", "properties": { "compilationResult": { "type": "string", "description": "The name of the created compilation result, if one was successfully created. Must be in the format `projects/*/locations/*/repositories/*/compilationResults/*`." }, "errorStatus": { "$ref": "#/types/google-native:dataform%2Fv1beta1:StatusResponse", "description": "The error status encountered upon this attempt to create the compilation result, if the attempt was unsuccessful." }, "releaseTime": { "type": "string", "description": "The timestamp of this release attempt." } }, "type": "object", "required": [ "compilationResult", "errorStatus", "releaseTime" ] }, "google-native:dataform/v1beta1:SshAuthenticationConfig": { "description": "Configures fields for performing SSH authentication.", "properties": { "hostPublicKey": { "type": "string", "description": "Content of a public SSH key to verify an identity of a remote Git host." }, "userPrivateKeySecretVersion": { "type": "string", "description": "The name of the Secret Manager secret version to use as a ssh private key for Git operations. Must be in the format `projects/*/secrets/*/versions/*`." } }, "type": "object", "required": [ "hostPublicKey", "userPrivateKeySecretVersion" ] }, "google-native:dataform/v1beta1:SshAuthenticationConfigResponse": { "description": "Configures fields for performing SSH authentication.", "properties": { "hostPublicKey": { "type": "string", "description": "Content of a public SSH key to verify an identity of a remote Git host." }, "userPrivateKeySecretVersion": { "type": "string", "description": "The name of the Secret Manager secret version to use as a ssh private key for Git operations. Must be in the format `projects/*/secrets/*/versions/*`." } }, "type": "object", "required": [ "hostPublicKey", "userPrivateKeySecretVersion" ] }, "google-native:dataform/v1beta1:StatusResponse": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object", "required": [ "code", "details", "message" ] }, "google-native:dataform/v1beta1:Target": { "description": "Represents an action identifier. If the action writes output, the output will be written to the referenced database object.", "properties": { "database": { "type": "string", "description": "The action's database (Google Cloud project ID) ." }, "name": { "type": "string", "description": "The action's name, within `database` and `schema`." }, "schema": { "type": "string", "description": "The action's schema (BigQuery dataset ID), within `database`." } }, "type": "object" }, "google-native:dataform/v1beta1:TargetResponse": { "description": "Represents an action identifier. If the action writes output, the output will be written to the referenced database object.", "properties": { "database": { "type": "string", "description": "The action's database (Google Cloud project ID) ." }, "name": { "type": "string", "description": "The action's name, within `database` and `schema`." }, "schema": { "type": "string", "description": "The action's schema (BigQuery dataset ID), within `database`." } }, "type": "object", "required": [ "database", "name", "schema" ] }, "google-native:dataform/v1beta1:WorkspaceCompilationOverrides": { "description": "Configures workspace compilation overrides for a repository. Primarily used by the UI (`console.cloud.google.com`). `schema_suffix` and `table_prefix` can have a special expression - `${workspaceName}`, which refers to the workspace name from which the compilation results will be created. API callers are expected to resolve the expression in these overrides and provide them explicitly in `code_compilation_config` (https://cloud.google.com/dataform/reference/rest/v1beta1/projects.locations.repositories.compilationResults#codecompilationconfig) when creating workspace-scoped compilation results.", "properties": { "defaultDatabase": { "type": "string", "description": "Optional. The default database (Google Cloud project ID)." }, "schemaSuffix": { "type": "string", "description": "Optional. The suffix that should be appended to all schema (BigQuery dataset ID) names." }, "tablePrefix": { "type": "string", "description": "Optional. The prefix that should be prepended to all table names." } }, "type": "object" }, "google-native:dataform/v1beta1:WorkspaceCompilationOverridesResponse": { "description": "Configures workspace compilation overrides for a repository. Primarily used by the UI (`console.cloud.google.com`). `schema_suffix` and `table_prefix` can have a special expression - `${workspaceName}`, which refers to the workspace name from which the compilation results will be created. API callers are expected to resolve the expression in these overrides and provide them explicitly in `code_compilation_config` (https://cloud.google.com/dataform/reference/rest/v1beta1/projects.locations.repositories.compilationResults#codecompilationconfig) when creating workspace-scoped compilation results.", "properties": { "defaultDatabase": { "type": "string", "description": "Optional. The default database (Google Cloud project ID)." }, "schemaSuffix": { "type": "string", "description": "Optional. The suffix that should be appended to all schema (BigQuery dataset ID) names." }, "tablePrefix": { "type": "string", "description": "Optional. The prefix that should be prepended to all table names." } }, "type": "object", "required": [ "defaultDatabase", "schemaSuffix", "tablePrefix" ] }, "google-native:datafusion/v1:AcceleratorResponse": { "description": "Identifies Data Fusion accelerators for an instance.", "properties": { "acceleratorType": { "type": "string", "description": "The type of an accelator for a CDF instance." }, "state": { "type": "string", "description": "The state of the accelerator." } }, "type": "object", "required": [ "acceleratorType", "state" ] }, "google-native:datafusion/v1:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:datafusion%2Fv1:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:datafusion/v1:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:datafusion%2Fv1:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:datafusion/v1:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:datafusion%2Fv1:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:datafusion/v1:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:datafusion/v1:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:datafusion/v1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:datafusion%2Fv1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:datafusion/v1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:datafusion%2Fv1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:datafusion/v1:CryptoKeyConfig": { "description": "The crypto key configuration. This field is used by the Customer-managed encryption keys (CMEK) feature.", "properties": { "keyReference": { "type": "string", "description": "The name of the key which is used to encrypt/decrypt customer data. For key in Cloud KMS, the key should be in the format of `projects/*/locations/*/keyRings/*/cryptoKeys/*`." } }, "type": "object" }, "google-native:datafusion/v1:CryptoKeyConfigResponse": { "description": "The crypto key configuration. This field is used by the Customer-managed encryption keys (CMEK) feature.", "properties": { "keyReference": { "type": "string", "description": "The name of the key which is used to encrypt/decrypt customer data. For key in Cloud KMS, the key should be in the format of `projects/*/locations/*/keyRings/*/cryptoKeys/*`." } }, "type": "object", "required": [ "keyReference" ] }, "google-native:datafusion/v1:EventPublishConfig": { "description": "Confirguration of PubSubEventWriter.", "properties": { "enabled": { "type": "boolean", "description": "Option to enable Event Publishing." }, "topic": { "type": "string", "description": "The resource name of the Pub/Sub topic. Format: projects/{project_id}/topics/{topic_id}" } }, "type": "object", "required": [ "enabled", "topic" ] }, "google-native:datafusion/v1:EventPublishConfigResponse": { "description": "Confirguration of PubSubEventWriter.", "properties": { "enabled": { "type": "boolean", "description": "Option to enable Event Publishing." }, "topic": { "type": "string", "description": "The resource name of the Pub/Sub topic. Format: projects/{project_id}/topics/{topic_id}" } }, "type": "object", "required": [ "enabled", "topic" ] }, "google-native:datafusion/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:datafusion/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:datafusion/v1:InstanceType": { "description": "Required. Instance type.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "No type specified. The instance creation will fail.", "value": "TYPE_UNSPECIFIED" }, { "name": "Basic", "description": "Basic Data Fusion instance. In Basic type, the user will be able to create data pipelines using point and click UI. However, there are certain limitations, such as fewer number of concurrent pipelines, no support for streaming pipelines, etc.", "value": "BASIC" }, { "name": "Enterprise", "description": "Enterprise Data Fusion instance. In Enterprise type, the user will have all features available, such as support for streaming pipelines, higher number of concurrent pipelines, etc.", "value": "ENTERPRISE" }, { "name": "Developer", "description": "Developer Data Fusion instance. In Developer type, the user will have all features available but with restrictive capabilities. This is to help enterprises design and develop their data ingestion and integration pipelines at low cost.", "value": "DEVELOPER" } ] }, "google-native:datafusion/v1:NetworkConfig": { "description": "Network configuration for a Data Fusion instance. These configurations are used for peering with the customer network. Configurations are optional when a public Data Fusion instance is to be created. However, providing these configurations allows several benefits, such as reduced network latency while accessing the customer resources from managed Data Fusion instance nodes, as well as access to the customer on-prem resources.", "properties": { "ipAllocation": { "type": "string", "description": "The IP range in CIDR notation to use for the managed Data Fusion instance nodes. This range must not overlap with any other ranges used in the customer network." }, "network": { "type": "string", "description": "Name of the network in the customer project with which the Tenant Project will be peered for executing pipelines. In case of shared VPC where the network resides in another host project the network should specified in the form of projects/{host-project-id}/global/networks/{network}" } }, "type": "object" }, "google-native:datafusion/v1:NetworkConfigResponse": { "description": "Network configuration for a Data Fusion instance. These configurations are used for peering with the customer network. Configurations are optional when a public Data Fusion instance is to be created. However, providing these configurations allows several benefits, such as reduced network latency while accessing the customer resources from managed Data Fusion instance nodes, as well as access to the customer on-prem resources.", "properties": { "ipAllocation": { "type": "string", "description": "The IP range in CIDR notation to use for the managed Data Fusion instance nodes. This range must not overlap with any other ranges used in the customer network." }, "network": { "type": "string", "description": "Name of the network in the customer project with which the Tenant Project will be peered for executing pipelines. In case of shared VPC where the network resides in another host project the network should specified in the form of projects/{host-project-id}/global/networks/{network}" } }, "type": "object", "required": [ "ipAllocation", "network" ] }, "google-native:datafusion/v1:VersionResponse": { "description": "The Data Fusion version. This proto message stores information about certain Data Fusion version, which is used for Data Fusion version upgrade.", "properties": { "availableFeatures": { "type": "array", "items": { "type": "string" }, "description": "Represents a list of available feature names for a given version." }, "defaultVersion": { "type": "boolean", "description": "Whether this is currently the default version for Cloud Data Fusion" }, "type": { "type": "string", "description": "Type represents the release availability of the version" }, "versionNumber": { "type": "string", "description": "The version number of the Data Fusion instance, such as '6.0.1.0'." } }, "type": "object", "required": [ "availableFeatures", "defaultVersion", "type", "versionNumber" ] }, "google-native:datafusion/v1beta1:AcceleratorResponse": { "description": "Identifies Data Fusion accelerators for an instance.", "properties": { "acceleratorType": { "type": "string", "description": "The type of an accelator for a CDF instance." }, "state": { "type": "string", "description": "The state of the accelerator." } }, "type": "object", "required": [ "acceleratorType", "state" ] }, "google-native:datafusion/v1beta1:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:datafusion%2Fv1beta1:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:datafusion/v1beta1:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:datafusion%2Fv1beta1:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:datafusion/v1beta1:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:datafusion%2Fv1beta1:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:datafusion/v1beta1:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:datafusion/v1beta1:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:datafusion/v1beta1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:datafusion%2Fv1beta1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:datafusion/v1beta1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:datafusion%2Fv1beta1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:datafusion/v1beta1:CryptoKeyConfig": { "description": "The crypto key configuration. This field is used by the Customer-managed encryption keys (CMEK) feature.", "properties": { "keyReference": { "type": "string", "description": "The name of the key which is used to encrypt/decrypt customer data. For key in Cloud KMS, the key should be in the format of `projects/*/locations/*/keyRings/*/cryptoKeys/*`." } }, "type": "object" }, "google-native:datafusion/v1beta1:CryptoKeyConfigResponse": { "description": "The crypto key configuration. This field is used by the Customer-managed encryption keys (CMEK) feature.", "properties": { "keyReference": { "type": "string", "description": "The name of the key which is used to encrypt/decrypt customer data. For key in Cloud KMS, the key should be in the format of `projects/*/locations/*/keyRings/*/cryptoKeys/*`." } }, "type": "object", "required": [ "keyReference" ] }, "google-native:datafusion/v1beta1:EventPublishConfig": { "description": "Confirguration of PubSubEventWriter.", "properties": { "enabled": { "type": "boolean", "description": "Option to enable Event Publishing." }, "topic": { "type": "string", "description": "The resource name of the Pub/Sub topic. Format: projects/{project_id}/topics/{topic_id}" } }, "type": "object", "required": [ "enabled", "topic" ] }, "google-native:datafusion/v1beta1:EventPublishConfigResponse": { "description": "Confirguration of PubSubEventWriter.", "properties": { "enabled": { "type": "boolean", "description": "Option to enable Event Publishing." }, "topic": { "type": "string", "description": "The resource name of the Pub/Sub topic. Format: projects/{project_id}/topics/{topic_id}" } }, "type": "object", "required": [ "enabled", "topic" ] }, "google-native:datafusion/v1beta1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:datafusion/v1beta1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:datafusion/v1beta1:InstanceType": { "description": "Required. Instance type.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "No type specified. The instance creation will fail.", "value": "TYPE_UNSPECIFIED" }, { "name": "Basic", "description": "Basic Data Fusion instance. In Basic type, the user will be able to create data pipelines using point and click UI. However, there are certain limitations, such as fewer number of concurrent pipelines, no support for streaming pipelines, etc.", "value": "BASIC" }, { "name": "Enterprise", "description": "Enterprise Data Fusion instance. In Enterprise type, the user will have all features available, such as support for streaming pipelines, unlimited number of concurrent pipelines, etc.", "value": "ENTERPRISE" }, { "name": "Developer", "description": "Developer Data Fusion instance. In Developer type, the user will have all features available but with restrictive capabilities. This is to help enterprises design and develop their data ingestion and integration pipelines at low cost.", "value": "DEVELOPER" } ] }, "google-native:datafusion/v1beta1:NetworkConfig": { "description": "Network configuration for a Data Fusion instance. These configurations are used for peering with the customer network. Configurations are optional when a public Data Fusion instance is to be created. However, providing these configurations allows several benefits, such as reduced network latency while accessing the customer resources from managed Data Fusion instance nodes, as well as access to the customer on-prem resources.", "properties": { "connectionType": { "$ref": "#/types/google-native:datafusion%2Fv1beta1:NetworkConfigConnectionType", "description": "Optional. Type of connection for establishing private IP connectivity between the Data Fusion customer project VPC and the corresponding tenant project from a predefined list of available connection modes. If this field is unspecified for a private instance, VPC peering is used." }, "ipAllocation": { "type": "string", "description": "Optional. The IP range in CIDR notation to use for the managed Data Fusion instance nodes. This range must not overlap with any other ranges used in the Data Fusion instance network. This is required only when using connection type VPC_PEERING. Format: a.b.c.d/22 Example: 192.168.0.0/22" }, "network": { "type": "string", "description": "Optional. Name of the network in the customer project with which the Tenant Project will be peered for executing pipelines. This is required only when using connection type VPC peering. In case of shared VPC where the network resides in another host project the network should specified in the form of projects/{project-id}/global/networks/{network}. This is only required for connectivity type VPC_PEERING." }, "privateServiceConnectConfig": { "$ref": "#/types/google-native:datafusion%2Fv1beta1:PrivateServiceConnectConfig", "description": "Optional. Configuration for Private Service Connect. This is required only when using connection type PRIVATE_SERVICE_CONNECT_INTERFACES." } }, "type": "object" }, "google-native:datafusion/v1beta1:NetworkConfigConnectionType": { "description": "Optional. Type of connection for establishing private IP connectivity between the Data Fusion customer project VPC and the corresponding tenant project from a predefined list of available connection modes. If this field is unspecified for a private instance, VPC peering is used.", "type": "string", "enum": [ { "name": "ConnectionTypeUnspecified", "description": "No specific connection type was requested, the default value of VPC_PEERING is chosen.", "value": "CONNECTION_TYPE_UNSPECIFIED" }, { "name": "VpcPeering", "description": "Requests the use of VPC peerings for connecting the consumer and tenant projects.", "value": "VPC_PEERING" }, { "name": "PrivateServiceConnectInterfaces", "description": "Requests the use of Private Service Connect Interfaces for connecting the consumer and tenant projects.", "value": "PRIVATE_SERVICE_CONNECT_INTERFACES" } ] }, "google-native:datafusion/v1beta1:NetworkConfigResponse": { "description": "Network configuration for a Data Fusion instance. These configurations are used for peering with the customer network. Configurations are optional when a public Data Fusion instance is to be created. However, providing these configurations allows several benefits, such as reduced network latency while accessing the customer resources from managed Data Fusion instance nodes, as well as access to the customer on-prem resources.", "properties": { "connectionType": { "type": "string", "description": "Optional. Type of connection for establishing private IP connectivity between the Data Fusion customer project VPC and the corresponding tenant project from a predefined list of available connection modes. If this field is unspecified for a private instance, VPC peering is used." }, "ipAllocation": { "type": "string", "description": "Optional. The IP range in CIDR notation to use for the managed Data Fusion instance nodes. This range must not overlap with any other ranges used in the Data Fusion instance network. This is required only when using connection type VPC_PEERING. Format: a.b.c.d/22 Example: 192.168.0.0/22" }, "network": { "type": "string", "description": "Optional. Name of the network in the customer project with which the Tenant Project will be peered for executing pipelines. This is required only when using connection type VPC peering. In case of shared VPC where the network resides in another host project the network should specified in the form of projects/{project-id}/global/networks/{network}. This is only required for connectivity type VPC_PEERING." }, "privateServiceConnectConfig": { "$ref": "#/types/google-native:datafusion%2Fv1beta1:PrivateServiceConnectConfigResponse", "description": "Optional. Configuration for Private Service Connect. This is required only when using connection type PRIVATE_SERVICE_CONNECT_INTERFACES." } }, "type": "object", "required": [ "connectionType", "ipAllocation", "network", "privateServiceConnectConfig" ] }, "google-native:datafusion/v1beta1:PrivateServiceConnectConfig": { "description": "Configuration for using Private Service Connect to establish connectivity between the Data Fusion consumer project and the corresponding tenant project.", "properties": { "networkAttachment": { "type": "string", "description": "The reference to the network attachment used to establish private connectivity. It will be of the form projects/{project-id}/regions/{region}/networkAttachments/{network-attachment-id}." }, "unreachableCidrBlock": { "type": "string", "description": "Optional. Input only. The CIDR block to which the CDF instance can't route traffic to in the consumer project VPC. The size of this block should be at least /25. This range should not overlap with the primary address range of any subnetwork used by the network attachment. This range can be used for other purposes in the consumer VPC as long as there is no requirement for CDF to reach destinations using these addresses. If this value is not provided, the server chooses a non RFC 1918 address range. The format of this field is governed by RFC 4632. Example: 192.168.0.0/25" } }, "type": "object", "required": [ "networkAttachment" ] }, "google-native:datafusion/v1beta1:PrivateServiceConnectConfigResponse": { "description": "Configuration for using Private Service Connect to establish connectivity between the Data Fusion consumer project and the corresponding tenant project.", "properties": { "effectiveUnreachableCidrBlock": { "type": "string", "description": "The CIDR block to which the CDF instance can't route traffic to in the consumer project VPC. The size of this block is /25. The format of this field is governed by RFC 4632. Example: 240.0.0.0/25" }, "networkAttachment": { "type": "string", "description": "The reference to the network attachment used to establish private connectivity. It will be of the form projects/{project-id}/regions/{region}/networkAttachments/{network-attachment-id}." }, "unreachableCidrBlock": { "type": "string", "description": "Optional. Input only. The CIDR block to which the CDF instance can't route traffic to in the consumer project VPC. The size of this block should be at least /25. This range should not overlap with the primary address range of any subnetwork used by the network attachment. This range can be used for other purposes in the consumer VPC as long as there is no requirement for CDF to reach destinations using these addresses. If this value is not provided, the server chooses a non RFC 1918 address range. The format of this field is governed by RFC 4632. Example: 192.168.0.0/25" } }, "type": "object", "required": [ "effectiveUnreachableCidrBlock", "networkAttachment", "unreachableCidrBlock" ] }, "google-native:datafusion/v1beta1:VersionResponse": { "description": "The Data Fusion version.", "properties": { "availableFeatures": { "type": "array", "items": { "type": "string" }, "description": "Represents a list of available feature names for a given version." }, "defaultVersion": { "type": "boolean", "description": "Whether this is currently the default version for Cloud Data Fusion" }, "type": { "type": "string", "description": "Type represents the release availability of the version" }, "versionNumber": { "type": "string", "description": "The version number of the Data Fusion instance, such as '6.0.1.0'." } }, "type": "object", "required": [ "availableFeatures", "defaultVersion", "type", "versionNumber" ] }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1AnnotationSpec": { "description": "Container of information related to one possible annotation that can be used in a labeling task. For example, an image classification task where images are labeled as `dog` or `cat` must reference an AnnotationSpec for `dog` and an AnnotationSpec for `cat`.", "properties": { "description": { "type": "string", "description": "Optional. User-provided description of the annotation specification. The description can be up to 10,000 characters long." }, "displayName": { "type": "string", "description": "The display name of the AnnotationSpec. Maximum of 64 characters." } }, "type": "object", "required": [ "displayName" ] }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1AnnotationSpecResponse": { "description": "Container of information related to one possible annotation that can be used in a labeling task. For example, an image classification task where images are labeled as `dog` or `cat` must reference an AnnotationSpec for `dog` and an AnnotationSpec for `cat`.", "properties": { "description": { "type": "string", "description": "Optional. User-provided description of the annotation specification. The description can be up to 10,000 characters long." }, "displayName": { "type": "string", "description": "The display name of the AnnotationSpec. Maximum of 64 characters." }, "index": { "type": "integer", "description": "This is the integer index of the AnnotationSpec. The index for the whole AnnotationSpecSet is sequential starting from 0. For example, an AnnotationSpecSet with classes `dog` and `cat`, might contain one AnnotationSpec with `{ display_name: \"dog\", index: 0 }` and one AnnotationSpec with `{ display_name: \"cat\", index: 1 }`. This is especially useful for model training as it encodes the string labels into numeric values." } }, "type": "object", "required": [ "description", "displayName", "index" ] }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1AttemptResponse": { "description": "Records a failed evaluation job run.", "properties": { "attemptTime": { "type": "string" }, "partialFailures": { "type": "array", "items": { "$ref": "#/types/google-native:datalabeling%2Fv1beta1:GoogleRpcStatusResponse" }, "description": "Details of errors that occurred." } }, "type": "object", "required": [ "attemptTime", "partialFailures" ] }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1BigQuerySource": { "description": "The BigQuery location for input data. If used in an EvaluationJob, this is where the service saves the prediction input and output sampled from the model version.", "properties": { "inputUri": { "type": "string", "description": "BigQuery URI to a table, up to 2,000 characters long. If you specify the URI of a table that does not exist, Data Labeling Service creates a table at the URI with the correct schema when you create your EvaluationJob. If you specify the URI of a table that already exists, it must have the [correct schema](/ml-engine/docs/continuous-evaluation/create-job#table-schema). Provide the table URI in the following format: \"bq://{your_project_id}/ {your_dataset_name}/{your_table_name}\" [Learn more](/ml-engine/docs/continuous-evaluation/create-job#table-schema)." } }, "type": "object", "required": [ "inputUri" ] }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1BigQuerySourceResponse": { "description": "The BigQuery location for input data. If used in an EvaluationJob, this is where the service saves the prediction input and output sampled from the model version.", "properties": { "inputUri": { "type": "string", "description": "BigQuery URI to a table, up to 2,000 characters long. If you specify the URI of a table that does not exist, Data Labeling Service creates a table at the URI with the correct schema when you create your EvaluationJob. If you specify the URI of a table that already exists, it must have the [correct schema](/ml-engine/docs/continuous-evaluation/create-job#table-schema). Provide the table URI in the following format: \"bq://{your_project_id}/ {your_dataset_name}/{your_table_name}\" [Learn more](/ml-engine/docs/continuous-evaluation/create-job#table-schema)." } }, "type": "object", "required": [ "inputUri" ] }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1BoundingBoxEvaluationOptions": { "description": "Options regarding evaluation between bounding boxes.", "properties": { "iouThreshold": { "type": "number", "description": "Minimum [intersection-over-union (IOU)](/vision/automl/object-detection/docs/evaluate#intersection-over-union) required for 2 bounding boxes to be considered a match. This must be a number between 0 and 1." } }, "type": "object" }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1BoundingBoxEvaluationOptionsResponse": { "description": "Options regarding evaluation between bounding boxes.", "properties": { "iouThreshold": { "type": "number", "description": "Minimum [intersection-over-union (IOU)](/vision/automl/object-detection/docs/evaluate#intersection-over-union) required for 2 bounding boxes to be considered a match. This must be a number between 0 and 1." } }, "type": "object", "required": [ "iouThreshold" ] }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1BoundingPolyConfig": { "description": "Config for image bounding poly (and bounding box) human labeling task.", "properties": { "annotationSpecSet": { "type": "string", "description": "Annotation spec set resource name." }, "instructionMessage": { "type": "string", "description": "Optional. Instruction message showed on contributors UI." } }, "type": "object", "required": [ "annotationSpecSet" ] }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1BoundingPolyConfigResponse": { "description": "Config for image bounding poly (and bounding box) human labeling task.", "properties": { "annotationSpecSet": { "type": "string", "description": "Annotation spec set resource name." }, "instructionMessage": { "type": "string", "description": "Optional. Instruction message showed on contributors UI." } }, "type": "object", "required": [ "annotationSpecSet", "instructionMessage" ] }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1ClassificationMetadata": { "description": "Metadata for classification annotations.", "properties": { "isMultiLabel": { "type": "boolean", "description": "Whether the classification task is multi-label or not." } }, "type": "object" }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1ClassificationMetadataResponse": { "description": "Metadata for classification annotations.", "properties": { "isMultiLabel": { "type": "boolean", "description": "Whether the classification task is multi-label or not." } }, "type": "object", "required": [ "isMultiLabel" ] }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1CsvInstruction": { "description": "Deprecated: this instruction format is not supported any more. Instruction from a CSV file.", "properties": { "gcsFileUri": { "type": "string", "description": "CSV file for the instruction. Only gcs path is allowed." } }, "type": "object" }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1CsvInstructionResponse": { "description": "Deprecated: this instruction format is not supported any more. Instruction from a CSV file.", "properties": { "gcsFileUri": { "type": "string", "description": "CSV file for the instruction. Only gcs path is allowed." } }, "type": "object", "required": [ "gcsFileUri" ] }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1EvaluationConfig": { "description": "Configuration details used for calculating evaluation metrics and creating an Evaluation.", "properties": { "boundingBoxEvaluationOptions": { "$ref": "#/types/google-native:datalabeling%2Fv1beta1:GoogleCloudDatalabelingV1beta1BoundingBoxEvaluationOptions", "description": "Only specify this field if the related model performs image object detection (`IMAGE_BOUNDING_BOX_ANNOTATION`). Describes how to evaluate bounding boxes." } }, "type": "object" }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1EvaluationConfigResponse": { "description": "Configuration details used for calculating evaluation metrics and creating an Evaluation.", "properties": { "boundingBoxEvaluationOptions": { "$ref": "#/types/google-native:datalabeling%2Fv1beta1:GoogleCloudDatalabelingV1beta1BoundingBoxEvaluationOptionsResponse", "description": "Only specify this field if the related model performs image object detection (`IMAGE_BOUNDING_BOX_ANNOTATION`). Describes how to evaluate bounding boxes." } }, "type": "object", "required": [ "boundingBoxEvaluationOptions" ] }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1EvaluationJobAlertConfig": { "description": "Provides details for how an evaluation job sends email alerts based on the results of a run.", "properties": { "email": { "type": "string", "description": "An email address to send alerts to." }, "minAcceptableMeanAveragePrecision": { "type": "number", "description": "A number between 0 and 1 that describes a minimum mean average precision threshold. When the evaluation job runs, if it calculates that your model version's predictions from the recent interval have meanAveragePrecision below this threshold, then it sends an alert to your specified email." } }, "type": "object", "required": [ "email", "minAcceptableMeanAveragePrecision" ] }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1EvaluationJobAlertConfigResponse": { "description": "Provides details for how an evaluation job sends email alerts based on the results of a run.", "properties": { "email": { "type": "string", "description": "An email address to send alerts to." }, "minAcceptableMeanAveragePrecision": { "type": "number", "description": "A number between 0 and 1 that describes a minimum mean average precision threshold. When the evaluation job runs, if it calculates that your model version's predictions from the recent interval have meanAveragePrecision below this threshold, then it sends an alert to your specified email." } }, "type": "object", "required": [ "email", "minAcceptableMeanAveragePrecision" ] }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1EvaluationJobConfig": { "description": "Configures specific details of how a continuous evaluation job works. Provide this configuration when you create an EvaluationJob.", "properties": { "bigqueryImportKeys": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Prediction keys that tell Data Labeling Service where to find the data for evaluation in your BigQuery table. When the service samples prediction input and output from your model version and saves it to BigQuery, the data gets stored as JSON strings in the BigQuery table. These keys tell Data Labeling Service how to parse the JSON. You can provide the following entries in this field: * `data_json_key`: the data key for prediction input. You must provide either this key or `reference_json_key`. * `reference_json_key`: the data reference key for prediction input. You must provide either this key or `data_json_key`. * `label_json_key`: the label key for prediction output. Required. * `label_score_json_key`: the score key for prediction output. Required. * `bounding_box_json_key`: the bounding box key for prediction output. Required if your model version perform image object detection. Learn [how to configure prediction keys](/ml-engine/docs/continuous-evaluation/create-job#prediction-keys)." }, "boundingPolyConfig": { "$ref": "#/types/google-native:datalabeling%2Fv1beta1:GoogleCloudDatalabelingV1beta1BoundingPolyConfig", "description": "Specify this field if your model version performs image object detection (bounding box detection). `annotationSpecSet` in this configuration must match EvaluationJob.annotationSpecSet." }, "evaluationConfig": { "$ref": "#/types/google-native:datalabeling%2Fv1beta1:GoogleCloudDatalabelingV1beta1EvaluationConfig", "description": "Details for calculating evaluation metrics and creating Evaulations. If your model version performs image object detection, you must specify the `boundingBoxEvaluationOptions` field within this configuration. Otherwise, provide an empty object for this configuration." }, "evaluationJobAlertConfig": { "$ref": "#/types/google-native:datalabeling%2Fv1beta1:GoogleCloudDatalabelingV1beta1EvaluationJobAlertConfig", "description": "Optional. Configuration details for evaluation job alerts. Specify this field if you want to receive email alerts if the evaluation job finds that your predictions have low mean average precision during a run." }, "exampleCount": { "type": "integer", "description": "The maximum number of predictions to sample and save to BigQuery during each evaluation interval. This limit overrides `example_sample_percentage`: even if the service has not sampled enough predictions to fulfill `example_sample_perecentage` during an interval, it stops sampling predictions when it meets this limit." }, "exampleSamplePercentage": { "type": "number", "description": "Fraction of predictions to sample and save to BigQuery during each evaluation interval. For example, 0.1 means 10% of predictions served by your model version get saved to BigQuery." }, "humanAnnotationConfig": { "$ref": "#/types/google-native:datalabeling%2Fv1beta1:GoogleCloudDatalabelingV1beta1HumanAnnotationConfig", "description": "Optional. Details for human annotation of your data. If you set labelMissingGroundTruth to `true` for this evaluation job, then you must specify this field. If you plan to provide your own ground truth labels, then omit this field. Note that you must create an Instruction resource before you can specify this field. Provide the name of the instruction resource in the `instruction` field within this configuration." }, "imageClassificationConfig": { "$ref": "#/types/google-native:datalabeling%2Fv1beta1:GoogleCloudDatalabelingV1beta1ImageClassificationConfig", "description": "Specify this field if your model version performs image classification or general classification. `annotationSpecSet` in this configuration must match EvaluationJob.annotationSpecSet. `allowMultiLabel` in this configuration must match `classificationMetadata.isMultiLabel` in input_config." }, "inputConfig": { "$ref": "#/types/google-native:datalabeling%2Fv1beta1:GoogleCloudDatalabelingV1beta1InputConfig", "description": "Rquired. Details for the sampled prediction input. Within this configuration, there are requirements for several fields: * `dataType` must be one of `IMAGE`, `TEXT`, or `GENERAL_DATA`. * `annotationType` must be one of `IMAGE_CLASSIFICATION_ANNOTATION`, `TEXT_CLASSIFICATION_ANNOTATION`, `GENERAL_CLASSIFICATION_ANNOTATION`, or `IMAGE_BOUNDING_BOX_ANNOTATION` (image object detection). * If your machine learning model performs classification, you must specify `classificationMetadata.isMultiLabel`. * You must specify `bigquerySource` (not `gcsSource`)." }, "textClassificationConfig": { "$ref": "#/types/google-native:datalabeling%2Fv1beta1:GoogleCloudDatalabelingV1beta1TextClassificationConfig", "description": "Specify this field if your model version performs text classification. `annotationSpecSet` in this configuration must match EvaluationJob.annotationSpecSet. `allowMultiLabel` in this configuration must match `classificationMetadata.isMultiLabel` in input_config." } }, "type": "object", "required": [ "bigqueryImportKeys", "evaluationConfig", "exampleCount", "exampleSamplePercentage" ] }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1EvaluationJobConfigResponse": { "description": "Configures specific details of how a continuous evaluation job works. Provide this configuration when you create an EvaluationJob.", "properties": { "bigqueryImportKeys": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Prediction keys that tell Data Labeling Service where to find the data for evaluation in your BigQuery table. When the service samples prediction input and output from your model version and saves it to BigQuery, the data gets stored as JSON strings in the BigQuery table. These keys tell Data Labeling Service how to parse the JSON. You can provide the following entries in this field: * `data_json_key`: the data key for prediction input. You must provide either this key or `reference_json_key`. * `reference_json_key`: the data reference key for prediction input. You must provide either this key or `data_json_key`. * `label_json_key`: the label key for prediction output. Required. * `label_score_json_key`: the score key for prediction output. Required. * `bounding_box_json_key`: the bounding box key for prediction output. Required if your model version perform image object detection. Learn [how to configure prediction keys](/ml-engine/docs/continuous-evaluation/create-job#prediction-keys)." }, "boundingPolyConfig": { "$ref": "#/types/google-native:datalabeling%2Fv1beta1:GoogleCloudDatalabelingV1beta1BoundingPolyConfigResponse", "description": "Specify this field if your model version performs image object detection (bounding box detection). `annotationSpecSet` in this configuration must match EvaluationJob.annotationSpecSet." }, "evaluationConfig": { "$ref": "#/types/google-native:datalabeling%2Fv1beta1:GoogleCloudDatalabelingV1beta1EvaluationConfigResponse", "description": "Details for calculating evaluation metrics and creating Evaulations. If your model version performs image object detection, you must specify the `boundingBoxEvaluationOptions` field within this configuration. Otherwise, provide an empty object for this configuration." }, "evaluationJobAlertConfig": { "$ref": "#/types/google-native:datalabeling%2Fv1beta1:GoogleCloudDatalabelingV1beta1EvaluationJobAlertConfigResponse", "description": "Optional. Configuration details for evaluation job alerts. Specify this field if you want to receive email alerts if the evaluation job finds that your predictions have low mean average precision during a run." }, "exampleCount": { "type": "integer", "description": "The maximum number of predictions to sample and save to BigQuery during each evaluation interval. This limit overrides `example_sample_percentage`: even if the service has not sampled enough predictions to fulfill `example_sample_perecentage` during an interval, it stops sampling predictions when it meets this limit." }, "exampleSamplePercentage": { "type": "number", "description": "Fraction of predictions to sample and save to BigQuery during each evaluation interval. For example, 0.1 means 10% of predictions served by your model version get saved to BigQuery." }, "humanAnnotationConfig": { "$ref": "#/types/google-native:datalabeling%2Fv1beta1:GoogleCloudDatalabelingV1beta1HumanAnnotationConfigResponse", "description": "Optional. Details for human annotation of your data. If you set labelMissingGroundTruth to `true` for this evaluation job, then you must specify this field. If you plan to provide your own ground truth labels, then omit this field. Note that you must create an Instruction resource before you can specify this field. Provide the name of the instruction resource in the `instruction` field within this configuration." }, "imageClassificationConfig": { "$ref": "#/types/google-native:datalabeling%2Fv1beta1:GoogleCloudDatalabelingV1beta1ImageClassificationConfigResponse", "description": "Specify this field if your model version performs image classification or general classification. `annotationSpecSet` in this configuration must match EvaluationJob.annotationSpecSet. `allowMultiLabel` in this configuration must match `classificationMetadata.isMultiLabel` in input_config." }, "inputConfig": { "$ref": "#/types/google-native:datalabeling%2Fv1beta1:GoogleCloudDatalabelingV1beta1InputConfigResponse", "description": "Rquired. Details for the sampled prediction input. Within this configuration, there are requirements for several fields: * `dataType` must be one of `IMAGE`, `TEXT`, or `GENERAL_DATA`. * `annotationType` must be one of `IMAGE_CLASSIFICATION_ANNOTATION`, `TEXT_CLASSIFICATION_ANNOTATION`, `GENERAL_CLASSIFICATION_ANNOTATION`, or `IMAGE_BOUNDING_BOX_ANNOTATION` (image object detection). * If your machine learning model performs classification, you must specify `classificationMetadata.isMultiLabel`. * You must specify `bigquerySource` (not `gcsSource`)." }, "textClassificationConfig": { "$ref": "#/types/google-native:datalabeling%2Fv1beta1:GoogleCloudDatalabelingV1beta1TextClassificationConfigResponse", "description": "Specify this field if your model version performs text classification. `annotationSpecSet` in this configuration must match EvaluationJob.annotationSpecSet. `allowMultiLabel` in this configuration must match `classificationMetadata.isMultiLabel` in input_config." } }, "type": "object", "required": [ "bigqueryImportKeys", "boundingPolyConfig", "evaluationConfig", "evaluationJobAlertConfig", "exampleCount", "exampleSamplePercentage", "humanAnnotationConfig", "imageClassificationConfig", "inputConfig", "textClassificationConfig" ] }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1GcsSource": { "description": "Source of the Cloud Storage file to be imported.", "properties": { "inputUri": { "type": "string", "description": "The input URI of source file. This must be a Cloud Storage path (`gs://...`)." }, "mimeType": { "type": "string", "description": "The format of the source file. Only \"text/csv\" is supported." } }, "type": "object", "required": [ "inputUri", "mimeType" ] }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1GcsSourceResponse": { "description": "Source of the Cloud Storage file to be imported.", "properties": { "inputUri": { "type": "string", "description": "The input URI of source file. This must be a Cloud Storage path (`gs://...`)." }, "mimeType": { "type": "string", "description": "The format of the source file. Only \"text/csv\" is supported." } }, "type": "object", "required": [ "inputUri", "mimeType" ] }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1HumanAnnotationConfig": { "description": "Configuration for how human labeling task should be done.", "properties": { "annotatedDatasetDescription": { "type": "string", "description": "Optional. A human-readable description for AnnotatedDataset. The description can be up to 10000 characters long." }, "annotatedDatasetDisplayName": { "type": "string", "description": "A human-readable name for AnnotatedDataset defined by users. Maximum of 64 characters ." }, "contributorEmails": { "type": "array", "items": { "type": "string" }, "description": "Optional. If you want your own labeling contributors to manage and work on this labeling request, you can set these contributors here. We will give them access to the question types in crowdcompute. Note that these emails must be registered in crowdcompute worker UI: https://crowd-compute.appspot.com/" }, "instruction": { "type": "string", "description": "Instruction resource name." }, "labelGroup": { "type": "string", "description": "Optional. A human-readable label used to logically group labeling tasks. This string must match the regular expression `[a-zA-Z\\\\d_-]{0,128}`." }, "languageCode": { "type": "string", "description": "Optional. The Language of this question, as a [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). Default value is en-US. Only need to set this when task is language related. For example, French text classification." }, "questionDuration": { "type": "string", "description": "Optional. Maximum duration for contributors to answer a question. Maximum is 3600 seconds. Default is 3600 seconds." }, "replicaCount": { "type": "integer", "description": "Optional. Replication of questions. Each question will be sent to up to this number of contributors to label. Aggregated answers will be returned. Default is set to 1. For image related labeling, valid values are 1, 3, 5." }, "userEmailAddress": { "type": "string", "description": "Email of the user who started the labeling task and should be notified by email. If empty no notification will be sent." } }, "type": "object", "required": [ "annotatedDatasetDisplayName", "instruction" ] }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1HumanAnnotationConfigResponse": { "description": "Configuration for how human labeling task should be done.", "properties": { "annotatedDatasetDescription": { "type": "string", "description": "Optional. A human-readable description for AnnotatedDataset. The description can be up to 10000 characters long." }, "annotatedDatasetDisplayName": { "type": "string", "description": "A human-readable name for AnnotatedDataset defined by users. Maximum of 64 characters ." }, "contributorEmails": { "type": "array", "items": { "type": "string" }, "description": "Optional. If you want your own labeling contributors to manage and work on this labeling request, you can set these contributors here. We will give them access to the question types in crowdcompute. Note that these emails must be registered in crowdcompute worker UI: https://crowd-compute.appspot.com/" }, "instruction": { "type": "string", "description": "Instruction resource name." }, "labelGroup": { "type": "string", "description": "Optional. A human-readable label used to logically group labeling tasks. This string must match the regular expression `[a-zA-Z\\\\d_-]{0,128}`." }, "languageCode": { "type": "string", "description": "Optional. The Language of this question, as a [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). Default value is en-US. Only need to set this when task is language related. For example, French text classification." }, "questionDuration": { "type": "string", "description": "Optional. Maximum duration for contributors to answer a question. Maximum is 3600 seconds. Default is 3600 seconds." }, "replicaCount": { "type": "integer", "description": "Optional. Replication of questions. Each question will be sent to up to this number of contributors to label. Aggregated answers will be returned. Default is set to 1. For image related labeling, valid values are 1, 3, 5." }, "userEmailAddress": { "type": "string", "description": "Email of the user who started the labeling task and should be notified by email. If empty no notification will be sent." } }, "type": "object", "required": [ "annotatedDatasetDescription", "annotatedDatasetDisplayName", "contributorEmails", "instruction", "labelGroup", "languageCode", "questionDuration", "replicaCount", "userEmailAddress" ] }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1ImageClassificationConfig": { "description": "Config for image classification human labeling task.", "properties": { "allowMultiLabel": { "type": "boolean", "description": "Optional. If allow_multi_label is true, contributors are able to choose multiple labels for one image." }, "annotationSpecSet": { "type": "string", "description": "Annotation spec set resource name." }, "answerAggregationType": { "$ref": "#/types/google-native:datalabeling%2Fv1beta1:GoogleCloudDatalabelingV1beta1ImageClassificationConfigAnswerAggregationType", "description": "Optional. The type of how to aggregate answers." } }, "type": "object", "required": [ "annotationSpecSet" ] }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1ImageClassificationConfigAnswerAggregationType": { "description": "Optional. The type of how to aggregate answers.", "type": "string", "enum": [ { "name": "StringAggregationTypeUnspecified", "value": "STRING_AGGREGATION_TYPE_UNSPECIFIED" }, { "name": "MajorityVote", "description": "Majority vote to aggregate answers.", "value": "MAJORITY_VOTE" }, { "name": "UnanimousVote", "description": "Unanimous answers will be adopted.", "value": "UNANIMOUS_VOTE" }, { "name": "NoAggregation", "description": "Preserve all answers by crowd compute.", "value": "NO_AGGREGATION" } ] }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1ImageClassificationConfigResponse": { "description": "Config for image classification human labeling task.", "properties": { "allowMultiLabel": { "type": "boolean", "description": "Optional. If allow_multi_label is true, contributors are able to choose multiple labels for one image." }, "annotationSpecSet": { "type": "string", "description": "Annotation spec set resource name." }, "answerAggregationType": { "type": "string", "description": "Optional. The type of how to aggregate answers." } }, "type": "object", "required": [ "allowMultiLabel", "annotationSpecSet", "answerAggregationType" ] }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1InputConfig": { "description": "The configuration of input data, including data type, location, etc.", "properties": { "annotationType": { "$ref": "#/types/google-native:datalabeling%2Fv1beta1:GoogleCloudDatalabelingV1beta1InputConfigAnnotationType", "description": "Optional. The type of annotation to be performed on this data. You must specify this field if you are using this InputConfig in an EvaluationJob." }, "bigquerySource": { "$ref": "#/types/google-native:datalabeling%2Fv1beta1:GoogleCloudDatalabelingV1beta1BigQuerySource", "description": "Source located in BigQuery. You must specify this field if you are using this InputConfig in an EvaluationJob." }, "classificationMetadata": { "$ref": "#/types/google-native:datalabeling%2Fv1beta1:GoogleCloudDatalabelingV1beta1ClassificationMetadata", "description": "Optional. Metadata about annotations for the input. You must specify this field if you are using this InputConfig in an EvaluationJob for a model version that performs classification." }, "dataType": { "$ref": "#/types/google-native:datalabeling%2Fv1beta1:GoogleCloudDatalabelingV1beta1InputConfigDataType", "description": "Data type must be specifed when user tries to import data." }, "gcsSource": { "$ref": "#/types/google-native:datalabeling%2Fv1beta1:GoogleCloudDatalabelingV1beta1GcsSource", "description": "Source located in Cloud Storage." }, "textMetadata": { "$ref": "#/types/google-native:datalabeling%2Fv1beta1:GoogleCloudDatalabelingV1beta1TextMetadata", "description": "Required for text import, as language code must be specified." } }, "type": "object", "required": [ "dataType" ] }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1InputConfigAnnotationType": { "description": "Optional. The type of annotation to be performed on this data. You must specify this field if you are using this InputConfig in an EvaluationJob.", "type": "string", "enum": [ { "name": "AnnotationTypeUnspecified", "value": "ANNOTATION_TYPE_UNSPECIFIED" }, { "name": "ImageClassificationAnnotation", "description": "Classification annotations in an image. Allowed for continuous evaluation.", "value": "IMAGE_CLASSIFICATION_ANNOTATION" }, { "name": "ImageBoundingBoxAnnotation", "description": "Bounding box annotations in an image. A form of image object detection. Allowed for continuous evaluation.", "value": "IMAGE_BOUNDING_BOX_ANNOTATION" }, { "name": "ImageOrientedBoundingBoxAnnotation", "description": "Oriented bounding box. The box does not have to be parallel to horizontal line.", "value": "IMAGE_ORIENTED_BOUNDING_BOX_ANNOTATION" }, { "name": "ImageBoundingPolyAnnotation", "description": "Bounding poly annotations in an image.", "value": "IMAGE_BOUNDING_POLY_ANNOTATION" }, { "name": "ImagePolylineAnnotation", "description": "Polyline annotations in an image.", "value": "IMAGE_POLYLINE_ANNOTATION" }, { "name": "ImageSegmentationAnnotation", "description": "Segmentation annotations in an image.", "value": "IMAGE_SEGMENTATION_ANNOTATION" }, { "name": "VideoShotsClassificationAnnotation", "description": "Classification annotations in video shots.", "value": "VIDEO_SHOTS_CLASSIFICATION_ANNOTATION" }, { "name": "VideoObjectTrackingAnnotation", "description": "Video object tracking annotation.", "value": "VIDEO_OBJECT_TRACKING_ANNOTATION" }, { "name": "VideoObjectDetectionAnnotation", "description": "Video object detection annotation.", "value": "VIDEO_OBJECT_DETECTION_ANNOTATION" }, { "name": "VideoEventAnnotation", "description": "Video event annotation.", "value": "VIDEO_EVENT_ANNOTATION" }, { "name": "TextClassificationAnnotation", "description": "Classification for text. Allowed for continuous evaluation.", "value": "TEXT_CLASSIFICATION_ANNOTATION" }, { "name": "TextEntityExtractionAnnotation", "description": "Entity extraction for text.", "value": "TEXT_ENTITY_EXTRACTION_ANNOTATION" }, { "name": "GeneralClassificationAnnotation", "description": "General classification. Allowed for continuous evaluation.", "value": "GENERAL_CLASSIFICATION_ANNOTATION" } ] }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1InputConfigDataType": { "description": "Required. Data type must be specifed when user tries to import data.", "type": "string", "enum": [ { "name": "DataTypeUnspecified", "description": "Data type is unspecified.", "value": "DATA_TYPE_UNSPECIFIED" }, { "name": "Image", "description": "Allowed for continuous evaluation.", "value": "IMAGE" }, { "name": "Video", "description": "Video data type.", "value": "VIDEO" }, { "name": "Text", "description": "Allowed for continuous evaluation.", "value": "TEXT" }, { "name": "GeneralData", "description": "Allowed for continuous evaluation.", "value": "GENERAL_DATA" } ] }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1InputConfigResponse": { "description": "The configuration of input data, including data type, location, etc.", "properties": { "annotationType": { "type": "string", "description": "Optional. The type of annotation to be performed on this data. You must specify this field if you are using this InputConfig in an EvaluationJob." }, "bigquerySource": { "$ref": "#/types/google-native:datalabeling%2Fv1beta1:GoogleCloudDatalabelingV1beta1BigQuerySourceResponse", "description": "Source located in BigQuery. You must specify this field if you are using this InputConfig in an EvaluationJob." }, "classificationMetadata": { "$ref": "#/types/google-native:datalabeling%2Fv1beta1:GoogleCloudDatalabelingV1beta1ClassificationMetadataResponse", "description": "Optional. Metadata about annotations for the input. You must specify this field if you are using this InputConfig in an EvaluationJob for a model version that performs classification." }, "dataType": { "type": "string", "description": "Data type must be specifed when user tries to import data." }, "gcsSource": { "$ref": "#/types/google-native:datalabeling%2Fv1beta1:GoogleCloudDatalabelingV1beta1GcsSourceResponse", "description": "Source located in Cloud Storage." }, "textMetadata": { "$ref": "#/types/google-native:datalabeling%2Fv1beta1:GoogleCloudDatalabelingV1beta1TextMetadataResponse", "description": "Required for text import, as language code must be specified." } }, "type": "object", "required": [ "annotationType", "bigquerySource", "classificationMetadata", "dataType", "gcsSource", "textMetadata" ] }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1OperatorFeedbackMetadata": { "description": "Metadata describing the feedback from the operator.", "type": "object" }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1OperatorFeedbackMetadataResponse": { "description": "Metadata describing the feedback from the operator.", "type": "object" }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1PdfInstruction": { "description": "Instruction from a PDF file.", "properties": { "gcsFileUri": { "type": "string", "description": "PDF file for the instruction. Only gcs path is allowed." } }, "type": "object" }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1PdfInstructionResponse": { "description": "Instruction from a PDF file.", "properties": { "gcsFileUri": { "type": "string", "description": "PDF file for the instruction. Only gcs path is allowed." } }, "type": "object", "required": [ "gcsFileUri" ] }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1RequesterFeedbackMetadata": { "description": "Metadata describing the feedback from the labeling task requester.", "type": "object" }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1RequesterFeedbackMetadataResponse": { "description": "Metadata describing the feedback from the labeling task requester.", "type": "object" }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1SentimentConfig": { "description": "Config for setting up sentiments.", "properties": { "enableLabelSentimentSelection": { "type": "boolean", "description": "If set to true, contributors will have the option to select sentiment of the label they selected, to mark it as negative or positive label. Default is false." } }, "type": "object" }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1SentimentConfigResponse": { "description": "Config for setting up sentiments.", "properties": { "enableLabelSentimentSelection": { "type": "boolean", "description": "If set to true, contributors will have the option to select sentiment of the label they selected, to mark it as negative or positive label. Default is false." } }, "type": "object", "required": [ "enableLabelSentimentSelection" ] }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1TextClassificationConfig": { "description": "Config for text classification human labeling task.", "properties": { "allowMultiLabel": { "type": "boolean", "description": "Optional. If allow_multi_label is true, contributors are able to choose multiple labels for one text segment." }, "annotationSpecSet": { "type": "string", "description": "Annotation spec set resource name." }, "sentimentConfig": { "$ref": "#/types/google-native:datalabeling%2Fv1beta1:GoogleCloudDatalabelingV1beta1SentimentConfig", "description": "Optional. Configs for sentiment selection. We deprecate sentiment analysis in data labeling side as it is incompatible with uCAIP." } }, "type": "object", "required": [ "annotationSpecSet" ] }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1TextClassificationConfigResponse": { "description": "Config for text classification human labeling task.", "properties": { "allowMultiLabel": { "type": "boolean", "description": "Optional. If allow_multi_label is true, contributors are able to choose multiple labels for one text segment." }, "annotationSpecSet": { "type": "string", "description": "Annotation spec set resource name." }, "sentimentConfig": { "$ref": "#/types/google-native:datalabeling%2Fv1beta1:GoogleCloudDatalabelingV1beta1SentimentConfigResponse", "description": "Optional. Configs for sentiment selection. We deprecate sentiment analysis in data labeling side as it is incompatible with uCAIP." } }, "type": "object", "required": [ "allowMultiLabel", "annotationSpecSet", "sentimentConfig" ] }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1TextMetadata": { "description": "Metadata for the text.", "properties": { "languageCode": { "type": "string", "description": "The language of this text, as a [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). Default value is en-US." } }, "type": "object" }, "google-native:datalabeling/v1beta1:GoogleCloudDatalabelingV1beta1TextMetadataResponse": { "description": "Metadata for the text.", "properties": { "languageCode": { "type": "string", "description": "The language of this text, as a [BCP-47](https://www.rfc-editor.org/rfc/bcp/bcp47.txt). Default value is en-US." } }, "type": "object", "required": [ "languageCode" ] }, "google-native:datalabeling/v1beta1:GoogleRpcStatusResponse": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object", "required": [ "code", "details", "message" ] }, "google-native:datalabeling/v1beta1:InstructionDataType": { "description": "Required. The data type of this instruction.", "type": "string", "enum": [ { "name": "DataTypeUnspecified", "description": "Data type is unspecified.", "value": "DATA_TYPE_UNSPECIFIED" }, { "name": "Image", "description": "Allowed for continuous evaluation.", "value": "IMAGE" }, { "name": "Video", "description": "Video data type.", "value": "VIDEO" }, { "name": "Text", "description": "Allowed for continuous evaluation.", "value": "TEXT" }, { "name": "GeneralData", "description": "Allowed for continuous evaluation.", "value": "GENERAL_DATA" } ] }, "google-native:datalineage/v1:GoogleCloudDatacatalogLineageV1EntityReference": { "description": "The soft reference to everything you can attach a lineage event to.", "properties": { "fullyQualifiedName": { "type": "string", "description": "[Fully Qualified Name (FQN)](https://cloud.google.com/data-catalog/docs/fully-qualified-names) of the entity." } }, "type": "object", "required": [ "fullyQualifiedName" ] }, "google-native:datalineage/v1:GoogleCloudDatacatalogLineageV1EntityReferenceResponse": { "description": "The soft reference to everything you can attach a lineage event to.", "properties": { "fullyQualifiedName": { "type": "string", "description": "[Fully Qualified Name (FQN)](https://cloud.google.com/data-catalog/docs/fully-qualified-names) of the entity." } }, "type": "object", "required": [ "fullyQualifiedName" ] }, "google-native:datalineage/v1:GoogleCloudDatacatalogLineageV1EventLink": { "description": "A lineage between source and target entities.", "properties": { "source": { "$ref": "#/types/google-native:datalineage%2Fv1:GoogleCloudDatacatalogLineageV1EntityReference", "description": "Reference to the source entity" }, "target": { "$ref": "#/types/google-native:datalineage%2Fv1:GoogleCloudDatacatalogLineageV1EntityReference", "description": "Reference to the target entity" } }, "type": "object", "required": [ "source", "target" ] }, "google-native:datalineage/v1:GoogleCloudDatacatalogLineageV1EventLinkResponse": { "description": "A lineage between source and target entities.", "properties": { "source": { "$ref": "#/types/google-native:datalineage%2Fv1:GoogleCloudDatacatalogLineageV1EntityReferenceResponse", "description": "Reference to the source entity" }, "target": { "$ref": "#/types/google-native:datalineage%2Fv1:GoogleCloudDatacatalogLineageV1EntityReferenceResponse", "description": "Reference to the target entity" } }, "type": "object", "required": [ "source", "target" ] }, "google-native:datalineage/v1:GoogleCloudDatacatalogLineageV1Origin": { "description": "Origin of a process.", "properties": { "name": { "type": "string", "description": "If the source_type isn't CUSTOM, the value of this field should be a GCP resource name of the system, which reports lineage. The project and location parts of the resource name must match the project and location of the lineage resource being created. Examples: - `{source_type: COMPOSER, name: \"projects/foo/locations/us/environments/bar\"}` - `{source_type: BIGQUERY, name: \"projects/foo/locations/eu\"}` - `{source_type: CUSTOM, name: \"myCustomIntegration\"}`" }, "sourceType": { "$ref": "#/types/google-native:datalineage%2Fv1:GoogleCloudDatacatalogLineageV1OriginSourceType", "description": "Type of the source. Use of a source_type other than `CUSTOM` for process creation or updating is highly discouraged, and may be restricted in the future without notice." } }, "type": "object" }, "google-native:datalineage/v1:GoogleCloudDatacatalogLineageV1OriginResponse": { "description": "Origin of a process.", "properties": { "name": { "type": "string", "description": "If the source_type isn't CUSTOM, the value of this field should be a GCP resource name of the system, which reports lineage. The project and location parts of the resource name must match the project and location of the lineage resource being created. Examples: - `{source_type: COMPOSER, name: \"projects/foo/locations/us/environments/bar\"}` - `{source_type: BIGQUERY, name: \"projects/foo/locations/eu\"}` - `{source_type: CUSTOM, name: \"myCustomIntegration\"}`" }, "sourceType": { "type": "string", "description": "Type of the source. Use of a source_type other than `CUSTOM` for process creation or updating is highly discouraged, and may be restricted in the future without notice." } }, "type": "object", "required": [ "name", "sourceType" ] }, "google-native:datalineage/v1:GoogleCloudDatacatalogLineageV1OriginSourceType": { "description": "Type of the source. Use of a source_type other than `CUSTOM` for process creation or updating is highly discouraged, and may be restricted in the future without notice.", "type": "string", "enum": [ { "name": "SourceTypeUnspecified", "description": "Source is Unspecified", "value": "SOURCE_TYPE_UNSPECIFIED" }, { "name": "Custom", "description": "A custom source", "value": "CUSTOM" }, { "name": "Bigquery", "description": "BigQuery", "value": "BIGQUERY" }, { "name": "DataFusion", "description": "Data Fusion", "value": "DATA_FUSION" }, { "name": "Composer", "description": "Composer", "value": "COMPOSER" }, { "name": "LookerStudio", "description": "Looker Studio", "value": "LOOKER_STUDIO" }, { "name": "Dataproc", "description": "Dataproc", "value": "DATAPROC" } ] }, "google-native:datalineage/v1:RunState": { "description": "Required. The state of the run.", "type": "string", "enum": [ { "name": "Unknown", "description": "The state is unknown. The true state may be any of the below or a different state that is not supported here explicitly.", "value": "UNKNOWN" }, { "name": "Started", "description": "The run is still executing.", "value": "STARTED" }, { "name": "Completed", "description": "The run completed.", "value": "COMPLETED" }, { "name": "Failed", "description": "The run failed.", "value": "FAILED" }, { "name": "Aborted", "description": "The run aborted.", "value": "ABORTED" } ] }, "google-native:datamigration/v1:AlloyDbConnectionProfile": { "description": "Specifies required connection parameters, and the parameters required to create an AlloyDB destination cluster.", "properties": { "clusterId": { "type": "string", "description": "The AlloyDB cluster ID that this connection profile is associated with." }, "settings": { "$ref": "#/types/google-native:datamigration%2Fv1:AlloyDbSettings", "description": "Immutable. Metadata used to create the destination AlloyDB cluster." } }, "type": "object", "required": [ "clusterId" ] }, "google-native:datamigration/v1:AlloyDbConnectionProfileResponse": { "description": "Specifies required connection parameters, and the parameters required to create an AlloyDB destination cluster.", "properties": { "clusterId": { "type": "string", "description": "The AlloyDB cluster ID that this connection profile is associated with." }, "settings": { "$ref": "#/types/google-native:datamigration%2Fv1:AlloyDbSettingsResponse", "description": "Immutable. Metadata used to create the destination AlloyDB cluster." } }, "type": "object", "required": [ "clusterId", "settings" ] }, "google-native:datamigration/v1:AlloyDbSettings": { "description": "Settings for creating an AlloyDB cluster.", "properties": { "databaseVersion": { "$ref": "#/types/google-native:datamigration%2Fv1:AlloyDbSettingsDatabaseVersion", "description": "Optional. The database engine major version. This is an optional field. If a database version is not supplied at cluster creation time, then a default database version will be used." }, "encryptionConfig": { "$ref": "#/types/google-native:datamigration%2Fv1:EncryptionConfig", "description": "Optional. The encryption config can be specified to encrypt the data disks and other persistent data resources of a cluster with a customer-managed encryption key (CMEK). When this field is not specified, the cluster will then use default encryption scheme to protect the user data." }, "initialUser": { "$ref": "#/types/google-native:datamigration%2Fv1:UserPassword", "description": "Input only. Initial user to setup during cluster creation. Required." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels for the AlloyDB cluster created by DMS. An object containing a list of 'key', 'value' pairs." }, "primaryInstanceSettings": { "$ref": "#/types/google-native:datamigration%2Fv1:PrimaryInstanceSettings" }, "vpcNetwork": { "type": "string", "description": "The resource link for the VPC network in which cluster resources are created and from which they are accessible via Private IP. The network must belong to the same project as the cluster. It is specified in the form: \"projects/{project_number}/global/networks/{network_id}\". This is required to create a cluster." } }, "type": "object", "required": [ "initialUser", "vpcNetwork" ] }, "google-native:datamigration/v1:AlloyDbSettingsDatabaseVersion": { "description": "Optional. The database engine major version. This is an optional field. If a database version is not supplied at cluster creation time, then a default database version will be used.", "type": "string", "enum": [ { "name": "DatabaseVersionUnspecified", "description": "This is an unknown database version.", "value": "DATABASE_VERSION_UNSPECIFIED" }, { "name": "Postgres14", "description": "The database version is Postgres 14.", "value": "POSTGRES_14" }, { "name": "Postgres15", "description": "The database version is Postgres 15.", "value": "POSTGRES_15" } ] }, "google-native:datamigration/v1:AlloyDbSettingsResponse": { "description": "Settings for creating an AlloyDB cluster.", "properties": { "databaseVersion": { "type": "string", "description": "Optional. The database engine major version. This is an optional field. If a database version is not supplied at cluster creation time, then a default database version will be used." }, "encryptionConfig": { "$ref": "#/types/google-native:datamigration%2Fv1:EncryptionConfigResponse", "description": "Optional. The encryption config can be specified to encrypt the data disks and other persistent data resources of a cluster with a customer-managed encryption key (CMEK). When this field is not specified, the cluster will then use default encryption scheme to protect the user data." }, "initialUser": { "$ref": "#/types/google-native:datamigration%2Fv1:UserPasswordResponse", "description": "Input only. Initial user to setup during cluster creation. Required." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels for the AlloyDB cluster created by DMS. An object containing a list of 'key', 'value' pairs." }, "primaryInstanceSettings": { "$ref": "#/types/google-native:datamigration%2Fv1:PrimaryInstanceSettingsResponse" }, "vpcNetwork": { "type": "string", "description": "The resource link for the VPC network in which cluster resources are created and from which they are accessible via Private IP. The network must belong to the same project as the cluster. It is specified in the form: \"projects/{project_number}/global/networks/{network_id}\". This is required to create a cluster." } }, "type": "object", "required": [ "databaseVersion", "encryptionConfig", "initialUser", "labels", "primaryInstanceSettings", "vpcNetwork" ] }, "google-native:datamigration/v1:ApplyHash": { "description": "Apply a hash function on the value.", "properties": { "uuidFromBytes": { "$ref": "#/types/google-native:datamigration%2Fv1:Empty", "description": "Optional. Generate UUID from the data's byte array" } }, "type": "object" }, "google-native:datamigration/v1:ApplyHashResponse": { "description": "Apply a hash function on the value.", "properties": { "uuidFromBytes": { "$ref": "#/types/google-native:datamigration%2Fv1:EmptyResponse", "description": "Optional. Generate UUID from the data's byte array" } }, "type": "object", "required": [ "uuidFromBytes" ] }, "google-native:datamigration/v1:AssignSpecificValue": { "description": "Set to a specific value (value is converted to fit the target data type)", "properties": { "value": { "type": "string", "description": "Specific value to be assigned" } }, "type": "object", "required": [ "value" ] }, "google-native:datamigration/v1:AssignSpecificValueResponse": { "description": "Set to a specific value (value is converted to fit the target data type)", "properties": { "value": { "type": "string", "description": "Specific value to be assigned" } }, "type": "object", "required": [ "value" ] }, "google-native:datamigration/v1:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:datamigration%2Fv1:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:datamigration/v1:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:datamigration%2Fv1:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:datamigration/v1:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:datamigration%2Fv1:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:datamigration/v1:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:datamigration/v1:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:datamigration/v1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:datamigration%2Fv1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:datamigration/v1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:datamigration%2Fv1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:datamigration/v1:CloudSqlConnectionProfile": { "description": "Specifies required connection parameters, and, optionally, the parameters required to create a Cloud SQL destination database instance.", "properties": { "settings": { "$ref": "#/types/google-native:datamigration%2Fv1:CloudSqlSettings", "description": "Immutable. Metadata used to create the destination Cloud SQL database." } }, "type": "object" }, "google-native:datamigration/v1:CloudSqlConnectionProfileResponse": { "description": "Specifies required connection parameters, and, optionally, the parameters required to create a Cloud SQL destination database instance.", "properties": { "additionalPublicIp": { "type": "string", "description": "The Cloud SQL database instance's additional (outgoing) public IP. Used when the Cloud SQL database availability type is REGIONAL (i.e. multiple zones / highly available)." }, "cloudSqlId": { "type": "string", "description": "The Cloud SQL instance ID that this connection profile is associated with." }, "privateIp": { "type": "string", "description": "The Cloud SQL database instance's private IP." }, "publicIp": { "type": "string", "description": "The Cloud SQL database instance's public IP." }, "settings": { "$ref": "#/types/google-native:datamigration%2Fv1:CloudSqlSettingsResponse", "description": "Immutable. Metadata used to create the destination Cloud SQL database." } }, "type": "object", "required": [ "additionalPublicIp", "cloudSqlId", "privateIp", "publicIp", "settings" ] }, "google-native:datamigration/v1:CloudSqlSettings": { "description": "Settings for creating a Cloud SQL database instance.", "properties": { "activationPolicy": { "$ref": "#/types/google-native:datamigration%2Fv1:CloudSqlSettingsActivationPolicy", "description": "The activation policy specifies when the instance is activated; it is applicable only when the instance state is 'RUNNABLE'. Valid values: 'ALWAYS': The instance is on, and remains so even in the absence of connection requests. `NEVER`: The instance is off; it is not activated, even if a connection request arrives." }, "autoStorageIncrease": { "type": "boolean", "description": "[default: ON] If you enable this setting, Cloud SQL checks your available storage every 30 seconds. If the available storage falls below a threshold size, Cloud SQL automatically adds additional storage capacity. If the available storage repeatedly falls below the threshold size, Cloud SQL continues to add storage until it reaches the maximum of 30 TB." }, "availabilityType": { "$ref": "#/types/google-native:datamigration%2Fv1:CloudSqlSettingsAvailabilityType", "description": "Optional. Availability type. Potential values: * `ZONAL`: The instance serves data from only one zone. Outages in that zone affect data availability. * `REGIONAL`: The instance can serve data from more than one zone in a region (it is highly available)." }, "cmekKeyName": { "type": "string", "description": "The KMS key name used for the csql instance." }, "collation": { "type": "string", "description": "The Cloud SQL default instance level collation." }, "dataCacheConfig": { "$ref": "#/types/google-native:datamigration%2Fv1:DataCacheConfig", "description": "Optional. Data cache is an optional feature available for Cloud SQL for MySQL Enterprise Plus edition only. For more information on data cache, see [Data cache overview](https://cloud.google.com/sql/help/mysql-data-cache) in Cloud SQL documentation." }, "dataDiskSizeGb": { "type": "string", "description": "The storage capacity available to the database, in GB. The minimum (and default) size is 10GB." }, "dataDiskType": { "$ref": "#/types/google-native:datamigration%2Fv1:CloudSqlSettingsDataDiskType", "description": "The type of storage: `PD_SSD` (default) or `PD_HDD`." }, "databaseFlags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The database flags passed to the Cloud SQL instance at startup. An object containing a list of \"key\": value pairs. Example: { \"name\": \"wrench\", \"mass\": \"1.3kg\", \"count\": \"3\" }." }, "databaseVersion": { "$ref": "#/types/google-native:datamigration%2Fv1:CloudSqlSettingsDatabaseVersion", "description": "The database engine type and version." }, "edition": { "$ref": "#/types/google-native:datamigration%2Fv1:CloudSqlSettingsEdition", "description": "Optional. The edition of the given Cloud SQL instance." }, "ipConfig": { "$ref": "#/types/google-native:datamigration%2Fv1:SqlIpConfig", "description": "The settings for IP Management. This allows to enable or disable the instance IP and manage which external networks can connect to the instance. The IPv4 address cannot be disabled." }, "rootPassword": { "type": "string", "description": "Input only. Initial root password." }, "secondaryZone": { "type": "string", "description": "Optional. The Google Cloud Platform zone where the failover Cloud SQL database instance is located. Used when the Cloud SQL database availability type is REGIONAL (i.e. multiple zones / highly available)." }, "sourceId": { "type": "string", "description": "The Database Migration Service source connection profile ID, in the format: `projects/my_project_name/locations/us-central1/connectionProfiles/connection_profile_ID`" }, "storageAutoResizeLimit": { "type": "string", "description": "The maximum size to which storage capacity can be automatically increased. The default value is 0, which specifies that there is no limit." }, "tier": { "type": "string", "description": "The tier (or machine type) for this instance, for example: `db-n1-standard-1` (MySQL instances) or `db-custom-1-3840` (PostgreSQL instances). For more information, see [Cloud SQL Instance Settings](https://cloud.google.com/sql/docs/mysql/instance-settings)." }, "userLabels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The resource labels for a Cloud SQL instance to use to annotate any related underlying resources such as Compute Engine VMs. An object containing a list of \"key\": \"value\" pairs. Example: `{ \"name\": \"wrench\", \"mass\": \"18kg\", \"count\": \"3\" }`." }, "zone": { "type": "string", "description": "The Google Cloud Platform zone where your Cloud SQL database instance is located." } }, "type": "object" }, "google-native:datamigration/v1:CloudSqlSettingsActivationPolicy": { "description": "The activation policy specifies when the instance is activated; it is applicable only when the instance state is 'RUNNABLE'. Valid values: 'ALWAYS': The instance is on, and remains so even in the absence of connection requests. `NEVER`: The instance is off; it is not activated, even if a connection request arrives.", "type": "string", "enum": [ { "name": "SqlActivationPolicyUnspecified", "description": "unspecified policy.", "value": "SQL_ACTIVATION_POLICY_UNSPECIFIED" }, { "name": "Always", "description": "The instance is always up and running.", "value": "ALWAYS" }, { "name": "Never", "description": "The instance should never spin up.", "value": "NEVER" } ] }, "google-native:datamigration/v1:CloudSqlSettingsAvailabilityType": { "description": "Optional. Availability type. Potential values: * `ZONAL`: The instance serves data from only one zone. Outages in that zone affect data availability. * `REGIONAL`: The instance can serve data from more than one zone in a region (it is highly available).", "type": "string", "enum": [ { "name": "SqlAvailabilityTypeUnspecified", "description": "This is an unknown Availability type.", "value": "SQL_AVAILABILITY_TYPE_UNSPECIFIED" }, { "name": "Zonal", "description": "Zonal availablility instance.", "value": "ZONAL" }, { "name": "Regional", "description": "Regional availability instance.", "value": "REGIONAL" } ] }, "google-native:datamigration/v1:CloudSqlSettingsDataDiskType": { "description": "The type of storage: `PD_SSD` (default) or `PD_HDD`.", "type": "string", "enum": [ { "name": "SqlDataDiskTypeUnspecified", "description": "Unspecified.", "value": "SQL_DATA_DISK_TYPE_UNSPECIFIED" }, { "name": "PdSsd", "description": "SSD disk.", "value": "PD_SSD" }, { "name": "PdHdd", "description": "HDD disk.", "value": "PD_HDD" } ] }, "google-native:datamigration/v1:CloudSqlSettingsDatabaseVersion": { "description": "The database engine type and version.", "type": "string", "enum": [ { "name": "SqlDatabaseVersionUnspecified", "description": "Unspecified version.", "value": "SQL_DATABASE_VERSION_UNSPECIFIED" }, { "name": "Mysql56", "description": "MySQL 5.6.", "value": "MYSQL_5_6" }, { "name": "Mysql57", "description": "MySQL 5.7.", "value": "MYSQL_5_7" }, { "name": "Mysql80", "description": "MySQL 8.0.", "value": "MYSQL_8_0" }, { "name": "Mysql8018", "description": "The database major version is MySQL 8.0 and the minor version is 18.", "value": "MYSQL_8_0_18" }, { "name": "Mysql8026", "description": "The database major version is MySQL 8.0 and the minor version is 26.", "value": "MYSQL_8_0_26" }, { "name": "Mysql8027", "description": "The database major version is MySQL 8.0 and the minor version is 27.", "value": "MYSQL_8_0_27" }, { "name": "Mysql8028", "description": "The database major version is MySQL 8.0 and the minor version is 28.", "value": "MYSQL_8_0_28" }, { "name": "Mysql8030", "description": "The database major version is MySQL 8.0 and the minor version is 30.", "value": "MYSQL_8_0_30" }, { "name": "Mysql8031", "description": "The database major version is MySQL 8.0 and the minor version is 31.", "value": "MYSQL_8_0_31" }, { "name": "Mysql8032", "description": "The database major version is MySQL 8.0 and the minor version is 32.", "value": "MYSQL_8_0_32" }, { "name": "Mysql8033", "description": "The database major version is MySQL 8.0 and the minor version is 33.", "value": "MYSQL_8_0_33" }, { "name": "Mysql8034", "description": "The database major version is MySQL 8.0 and the minor version is 34.", "value": "MYSQL_8_0_34" }, { "name": "Postgres96", "description": "PostgreSQL 9.6.", "value": "POSTGRES_9_6" }, { "name": "Postgres11", "description": "PostgreSQL 11.", "value": "POSTGRES_11" }, { "name": "Postgres10", "description": "PostgreSQL 10.", "value": "POSTGRES_10" }, { "name": "Postgres12", "description": "PostgreSQL 12.", "value": "POSTGRES_12" }, { "name": "Postgres13", "description": "PostgreSQL 13.", "value": "POSTGRES_13" }, { "name": "Postgres14", "description": "PostgreSQL 14.", "value": "POSTGRES_14" }, { "name": "Postgres15", "description": "PostgreSQL 15.", "value": "POSTGRES_15" } ] }, "google-native:datamigration/v1:CloudSqlSettingsEdition": { "description": "Optional. The edition of the given Cloud SQL instance.", "type": "string", "enum": [ { "name": "EditionUnspecified", "description": "The instance did not specify the edition.", "value": "EDITION_UNSPECIFIED" }, { "name": "Enterprise", "description": "The instance is an enterprise edition.", "value": "ENTERPRISE" }, { "name": "EnterprisePlus", "description": "The instance is an enterprise plus edition.", "value": "ENTERPRISE_PLUS" } ] }, "google-native:datamigration/v1:CloudSqlSettingsResponse": { "description": "Settings for creating a Cloud SQL database instance.", "properties": { "activationPolicy": { "type": "string", "description": "The activation policy specifies when the instance is activated; it is applicable only when the instance state is 'RUNNABLE'. Valid values: 'ALWAYS': The instance is on, and remains so even in the absence of connection requests. `NEVER`: The instance is off; it is not activated, even if a connection request arrives." }, "autoStorageIncrease": { "type": "boolean", "description": "[default: ON] If you enable this setting, Cloud SQL checks your available storage every 30 seconds. If the available storage falls below a threshold size, Cloud SQL automatically adds additional storage capacity. If the available storage repeatedly falls below the threshold size, Cloud SQL continues to add storage until it reaches the maximum of 30 TB." }, "availabilityType": { "type": "string", "description": "Optional. Availability type. Potential values: * `ZONAL`: The instance serves data from only one zone. Outages in that zone affect data availability. * `REGIONAL`: The instance can serve data from more than one zone in a region (it is highly available)." }, "cmekKeyName": { "type": "string", "description": "The KMS key name used for the csql instance." }, "collation": { "type": "string", "description": "The Cloud SQL default instance level collation." }, "dataCacheConfig": { "$ref": "#/types/google-native:datamigration%2Fv1:DataCacheConfigResponse", "description": "Optional. Data cache is an optional feature available for Cloud SQL for MySQL Enterprise Plus edition only. For more information on data cache, see [Data cache overview](https://cloud.google.com/sql/help/mysql-data-cache) in Cloud SQL documentation." }, "dataDiskSizeGb": { "type": "string", "description": "The storage capacity available to the database, in GB. The minimum (and default) size is 10GB." }, "dataDiskType": { "type": "string", "description": "The type of storage: `PD_SSD` (default) or `PD_HDD`." }, "databaseFlags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The database flags passed to the Cloud SQL instance at startup. An object containing a list of \"key\": value pairs. Example: { \"name\": \"wrench\", \"mass\": \"1.3kg\", \"count\": \"3\" }." }, "databaseVersion": { "type": "string", "description": "The database engine type and version." }, "edition": { "type": "string", "description": "Optional. The edition of the given Cloud SQL instance." }, "ipConfig": { "$ref": "#/types/google-native:datamigration%2Fv1:SqlIpConfigResponse", "description": "The settings for IP Management. This allows to enable or disable the instance IP and manage which external networks can connect to the instance. The IPv4 address cannot be disabled." }, "rootPassword": { "type": "string", "description": "Input only. Initial root password." }, "rootPasswordSet": { "type": "boolean", "description": "Indicates If this connection profile root password is stored." }, "secondaryZone": { "type": "string", "description": "Optional. The Google Cloud Platform zone where the failover Cloud SQL database instance is located. Used when the Cloud SQL database availability type is REGIONAL (i.e. multiple zones / highly available)." }, "sourceId": { "type": "string", "description": "The Database Migration Service source connection profile ID, in the format: `projects/my_project_name/locations/us-central1/connectionProfiles/connection_profile_ID`" }, "storageAutoResizeLimit": { "type": "string", "description": "The maximum size to which storage capacity can be automatically increased. The default value is 0, which specifies that there is no limit." }, "tier": { "type": "string", "description": "The tier (or machine type) for this instance, for example: `db-n1-standard-1` (MySQL instances) or `db-custom-1-3840` (PostgreSQL instances). For more information, see [Cloud SQL Instance Settings](https://cloud.google.com/sql/docs/mysql/instance-settings)." }, "userLabels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The resource labels for a Cloud SQL instance to use to annotate any related underlying resources such as Compute Engine VMs. An object containing a list of \"key\": \"value\" pairs. Example: `{ \"name\": \"wrench\", \"mass\": \"18kg\", \"count\": \"3\" }`." }, "zone": { "type": "string", "description": "The Google Cloud Platform zone where your Cloud SQL database instance is located." } }, "type": "object", "required": [ "activationPolicy", "autoStorageIncrease", "availabilityType", "cmekKeyName", "collation", "dataCacheConfig", "dataDiskSizeGb", "dataDiskType", "databaseFlags", "databaseVersion", "edition", "ipConfig", "rootPassword", "rootPasswordSet", "secondaryZone", "sourceId", "storageAutoResizeLimit", "tier", "userLabels", "zone" ] }, "google-native:datamigration/v1:ConditionalColumnSetValue": { "description": "Options to configure rule type ConditionalColumnSetValue. The rule is used to transform the data which is being replicated/migrated. The rule filter field can refer to one or more entities. The rule scope can be one of: Column.", "properties": { "customFeatures": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Custom engine specific features." }, "sourceNumericFilter": { "$ref": "#/types/google-native:datamigration%2Fv1:SourceNumericFilter", "description": "Optional. Optional filter on source column precision and scale. Used for fixed point numbers such as NUMERIC/NUMBER data types." }, "sourceTextFilter": { "$ref": "#/types/google-native:datamigration%2Fv1:SourceTextFilter", "description": "Optional. Optional filter on source column length. Used for text based data types like varchar." }, "valueTransformation": { "$ref": "#/types/google-native:datamigration%2Fv1:ValueTransformation", "description": "Description of data transformation during migration." } }, "type": "object", "required": [ "valueTransformation" ] }, "google-native:datamigration/v1:ConditionalColumnSetValueResponse": { "description": "Options to configure rule type ConditionalColumnSetValue. The rule is used to transform the data which is being replicated/migrated. The rule filter field can refer to one or more entities. The rule scope can be one of: Column.", "properties": { "customFeatures": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Custom engine specific features." }, "sourceNumericFilter": { "$ref": "#/types/google-native:datamigration%2Fv1:SourceNumericFilterResponse", "description": "Optional. Optional filter on source column precision and scale. Used for fixed point numbers such as NUMERIC/NUMBER data types." }, "sourceTextFilter": { "$ref": "#/types/google-native:datamigration%2Fv1:SourceTextFilterResponse", "description": "Optional. Optional filter on source column length. Used for text based data types like varchar." }, "valueTransformation": { "$ref": "#/types/google-native:datamigration%2Fv1:ValueTransformationResponse", "description": "Description of data transformation during migration." } }, "type": "object", "required": [ "customFeatures", "sourceNumericFilter", "sourceTextFilter", "valueTransformation" ] }, "google-native:datamigration/v1:ConnectionProfileProvider": { "description": "The database provider.", "type": "string", "enum": [ { "name": "DatabaseProviderUnspecified", "description": "The database provider is unknown.", "value": "DATABASE_PROVIDER_UNSPECIFIED" }, { "name": "Cloudsql", "description": "CloudSQL runs the database.", "value": "CLOUDSQL" }, { "name": "Rds", "description": "RDS runs the database.", "value": "RDS" }, { "name": "Aurora", "description": "Amazon Aurora.", "value": "AURORA" }, { "name": "Alloydb", "description": "AlloyDB.", "value": "ALLOYDB" } ] }, "google-native:datamigration/v1:ConnectionProfileState": { "description": "The current connection profile state (e.g. DRAFT, READY, or FAILED).", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "The state of the connection profile is unknown.", "value": "STATE_UNSPECIFIED" }, { "name": "Draft", "description": "The connection profile is in draft mode and fully editable.", "value": "DRAFT" }, { "name": "Creating", "description": "The connection profile is being created.", "value": "CREATING" }, { "name": "Ready", "description": "The connection profile is ready.", "value": "READY" }, { "name": "Updating", "description": "The connection profile is being updated.", "value": "UPDATING" }, { "name": "Deleting", "description": "The connection profile is being deleted.", "value": "DELETING" }, { "name": "Deleted", "description": "The connection profile has been deleted.", "value": "DELETED" }, { "name": "Failed", "description": "The last action on the connection profile failed.", "value": "FAILED" } ] }, "google-native:datamigration/v1:ConversionWorkspaceInfo": { "description": "A conversion workspace's version.", "properties": { "commitId": { "type": "string", "description": "The commit ID of the conversion workspace." }, "name": { "type": "string", "description": "The resource name (URI) of the conversion workspace." } }, "type": "object" }, "google-native:datamigration/v1:ConversionWorkspaceInfoResponse": { "description": "A conversion workspace's version.", "properties": { "commitId": { "type": "string", "description": "The commit ID of the conversion workspace." }, "name": { "type": "string", "description": "The resource name (URI) of the conversion workspace." } }, "type": "object", "required": [ "commitId", "name" ] }, "google-native:datamigration/v1:ConvertRowIdToColumn": { "description": "Options to configure rule type ConvertROWIDToColumn. The rule is used to add column rowid to destination tables based on an Oracle rowid function/property. The rule filter field can refer to one or more entities. The rule scope can be one of: Table. This rule requires additional filter to be specified beyond the basic rule filter field, which is whether or not to work on tables which already have a primary key defined.", "properties": { "onlyIfNoPrimaryKey": { "type": "boolean", "description": "Only work on tables without primary key defined" } }, "type": "object", "required": [ "onlyIfNoPrimaryKey" ] }, "google-native:datamigration/v1:ConvertRowIdToColumnResponse": { "description": "Options to configure rule type ConvertROWIDToColumn. The rule is used to add column rowid to destination tables based on an Oracle rowid function/property. The rule filter field can refer to one or more entities. The rule scope can be one of: Table. This rule requires additional filter to be specified beyond the basic rule filter field, which is whether or not to work on tables which already have a primary key defined.", "properties": { "onlyIfNoPrimaryKey": { "type": "boolean", "description": "Only work on tables without primary key defined" } }, "type": "object", "required": [ "onlyIfNoPrimaryKey" ] }, "google-native:datamigration/v1:DataCacheConfig": { "description": "Data cache is an optional feature available for Cloud SQL for MySQL Enterprise Plus edition only. For more information on data cache, see [Data cache overview](https://cloud.google.com/sql/help/mysql-data-cache) in Cloud SQL documentation.", "properties": { "dataCacheEnabled": { "type": "boolean", "description": "Optional. Whether data cache is enabled for the instance." } }, "type": "object" }, "google-native:datamigration/v1:DataCacheConfigResponse": { "description": "Data cache is an optional feature available for Cloud SQL for MySQL Enterprise Plus edition only. For more information on data cache, see [Data cache overview](https://cloud.google.com/sql/help/mysql-data-cache) in Cloud SQL documentation.", "properties": { "dataCacheEnabled": { "type": "boolean", "description": "Optional. Whether data cache is enabled for the instance." } }, "type": "object", "required": [ "dataCacheEnabled" ] }, "google-native:datamigration/v1:DatabaseEngineInfo": { "description": "The type and version of a source or destination database.", "properties": { "engine": { "$ref": "#/types/google-native:datamigration%2Fv1:DatabaseEngineInfoEngine", "description": "Engine type." }, "version": { "type": "string", "description": "Engine version, for example \"12.c.1\"." } }, "type": "object", "required": [ "engine", "version" ] }, "google-native:datamigration/v1:DatabaseEngineInfoEngine": { "description": "Required. Engine type.", "type": "string", "enum": [ { "name": "DatabaseEngineUnspecified", "description": "The source database engine of the migration job is unknown.", "value": "DATABASE_ENGINE_UNSPECIFIED" }, { "name": "Mysql", "description": "The source engine is MySQL.", "value": "MYSQL" }, { "name": "Postgresql", "description": "The source engine is PostgreSQL.", "value": "POSTGRESQL" }, { "name": "Oracle", "description": "The source engine is Oracle.", "value": "ORACLE" } ] }, "google-native:datamigration/v1:DatabaseEngineInfoResponse": { "description": "The type and version of a source or destination database.", "properties": { "engine": { "type": "string", "description": "Engine type." }, "version": { "type": "string", "description": "Engine version, for example \"12.c.1\"." } }, "type": "object", "required": [ "engine", "version" ] }, "google-native:datamigration/v1:DatabaseType": { "description": "A message defining the database engine and provider.", "properties": { "engine": { "$ref": "#/types/google-native:datamigration%2Fv1:DatabaseTypeEngine", "description": "The database engine." }, "provider": { "$ref": "#/types/google-native:datamigration%2Fv1:DatabaseTypeProvider", "description": "The database provider." } }, "type": "object" }, "google-native:datamigration/v1:DatabaseTypeEngine": { "description": "The database engine.", "type": "string", "enum": [ { "name": "DatabaseEngineUnspecified", "description": "The source database engine of the migration job is unknown.", "value": "DATABASE_ENGINE_UNSPECIFIED" }, { "name": "Mysql", "description": "The source engine is MySQL.", "value": "MYSQL" }, { "name": "Postgresql", "description": "The source engine is PostgreSQL.", "value": "POSTGRESQL" }, { "name": "Oracle", "description": "The source engine is Oracle.", "value": "ORACLE" } ] }, "google-native:datamigration/v1:DatabaseTypeProvider": { "description": "The database provider.", "type": "string", "enum": [ { "name": "DatabaseProviderUnspecified", "description": "The database provider is unknown.", "value": "DATABASE_PROVIDER_UNSPECIFIED" }, { "name": "Cloudsql", "description": "CloudSQL runs the database.", "value": "CLOUDSQL" }, { "name": "Rds", "description": "RDS runs the database.", "value": "RDS" }, { "name": "Aurora", "description": "Amazon Aurora.", "value": "AURORA" }, { "name": "Alloydb", "description": "AlloyDB.", "value": "ALLOYDB" } ] }, "google-native:datamigration/v1:DatabaseTypeResponse": { "description": "A message defining the database engine and provider.", "properties": { "engine": { "type": "string", "description": "The database engine." }, "provider": { "type": "string", "description": "The database provider." } }, "type": "object", "required": [ "engine", "provider" ] }, "google-native:datamigration/v1:DoubleComparisonFilter": { "description": "Filter based on relation between source value and compare value of type double in ConditionalColumnSetValue", "properties": { "value": { "type": "number", "description": "Double compare value to be used" }, "valueComparison": { "$ref": "#/types/google-native:datamigration%2Fv1:DoubleComparisonFilterValueComparison", "description": "Relation between source value and compare value" } }, "type": "object", "required": [ "value", "valueComparison" ] }, "google-native:datamigration/v1:DoubleComparisonFilterResponse": { "description": "Filter based on relation between source value and compare value of type double in ConditionalColumnSetValue", "properties": { "value": { "type": "number", "description": "Double compare value to be used" }, "valueComparison": { "type": "string", "description": "Relation between source value and compare value" } }, "type": "object", "required": [ "value", "valueComparison" ] }, "google-native:datamigration/v1:DoubleComparisonFilterValueComparison": { "description": "Required. Relation between source value and compare value", "type": "string", "enum": [ { "name": "ValueComparisonUnspecified", "description": "Value comparison unspecified.", "value": "VALUE_COMPARISON_UNSPECIFIED" }, { "name": "ValueComparisonIfValueSmallerThan", "description": "Value is smaller than the Compare value.", "value": "VALUE_COMPARISON_IF_VALUE_SMALLER_THAN" }, { "name": "ValueComparisonIfValueSmallerEqualThan", "description": "Value is smaller or equal than the Compare value.", "value": "VALUE_COMPARISON_IF_VALUE_SMALLER_EQUAL_THAN" }, { "name": "ValueComparisonIfValueLargerThan", "description": "Value is larger than the Compare value.", "value": "VALUE_COMPARISON_IF_VALUE_LARGER_THAN" }, { "name": "ValueComparisonIfValueLargerEqualThan", "description": "Value is larger or equal than the Compare value.", "value": "VALUE_COMPARISON_IF_VALUE_LARGER_EQUAL_THAN" } ] }, "google-native:datamigration/v1:DumpFlag": { "description": "Dump flag definition.", "properties": { "name": { "type": "string", "description": "The name of the flag" }, "value": { "type": "string", "description": "The value of the flag." } }, "type": "object" }, "google-native:datamigration/v1:DumpFlagResponse": { "description": "Dump flag definition.", "properties": { "name": { "type": "string", "description": "The name of the flag" }, "value": { "type": "string", "description": "The value of the flag." } }, "type": "object", "required": [ "name", "value" ] }, "google-native:datamigration/v1:DumpFlags": { "description": "Dump flags definition.", "properties": { "dumpFlags": { "type": "array", "items": { "$ref": "#/types/google-native:datamigration%2Fv1:DumpFlag" }, "description": "The flags for the initial dump." } }, "type": "object" }, "google-native:datamigration/v1:DumpFlagsResponse": { "description": "Dump flags definition.", "properties": { "dumpFlags": { "type": "array", "items": { "$ref": "#/types/google-native:datamigration%2Fv1:DumpFlagResponse" }, "description": "The flags for the initial dump." } }, "type": "object", "required": [ "dumpFlags" ] }, "google-native:datamigration/v1:Empty": { "description": "A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }", "type": "object" }, "google-native:datamigration/v1:EmptyResponse": { "description": "A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }", "type": "object" }, "google-native:datamigration/v1:EncryptionConfig": { "description": "EncryptionConfig describes the encryption config of a cluster that is encrypted with a CMEK (customer-managed encryption key).", "properties": { "kmsKeyName": { "type": "string", "description": "The fully-qualified resource name of the KMS key. Each Cloud KMS key is regionalized and has the following format: projects/[PROJECT]/locations/[REGION]/keyRings/[RING]/cryptoKeys/[KEY_NAME]" } }, "type": "object" }, "google-native:datamigration/v1:EncryptionConfigResponse": { "description": "EncryptionConfig describes the encryption config of a cluster that is encrypted with a CMEK (customer-managed encryption key).", "properties": { "kmsKeyName": { "type": "string", "description": "The fully-qualified resource name of the KMS key. Each Cloud KMS key is regionalized and has the following format: projects/[PROJECT]/locations/[REGION]/keyRings/[RING]/cryptoKeys/[KEY_NAME]" } }, "type": "object", "required": [ "kmsKeyName" ] }, "google-native:datamigration/v1:EntityMove": { "description": "Options to configure rule type EntityMove. The rule is used to move an entity to a new schema. The rule filter field can refer to one or more entities. The rule scope can be one of: Table, Column, Constraint, Index, View, Function, Stored Procedure, Materialized View, Sequence, UDT", "properties": { "newSchema": { "type": "string", "description": "The new schema" } }, "type": "object", "required": [ "newSchema" ] }, "google-native:datamigration/v1:EntityMoveResponse": { "description": "Options to configure rule type EntityMove. The rule is used to move an entity to a new schema. The rule filter field can refer to one or more entities. The rule scope can be one of: Table, Column, Constraint, Index, View, Function, Stored Procedure, Materialized View, Sequence, UDT", "properties": { "newSchema": { "type": "string", "description": "The new schema" } }, "type": "object", "required": [ "newSchema" ] }, "google-native:datamigration/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:datamigration/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:datamigration/v1:FilterTableColumns": { "description": "Options to configure rule type FilterTableColumns. The rule is used to filter the list of columns to include or exclude from a table. The rule filter field can refer to one entity. The rule scope can be: Table Only one of the two lists can be specified for the rule.", "properties": { "excludeColumns": { "type": "array", "items": { "type": "string" }, "description": "Optional. List of columns to be excluded for a particular table." }, "includeColumns": { "type": "array", "items": { "type": "string" }, "description": "Optional. List of columns to be included for a particular table." } }, "type": "object" }, "google-native:datamigration/v1:FilterTableColumnsResponse": { "description": "Options to configure rule type FilterTableColumns. The rule is used to filter the list of columns to include or exclude from a table. The rule filter field can refer to one entity. The rule scope can be: Table Only one of the two lists can be specified for the rule.", "properties": { "excludeColumns": { "type": "array", "items": { "type": "string" }, "description": "Optional. List of columns to be excluded for a particular table." }, "includeColumns": { "type": "array", "items": { "type": "string" }, "description": "Optional. List of columns to be included for a particular table." } }, "type": "object", "required": [ "excludeColumns", "includeColumns" ] }, "google-native:datamigration/v1:ForwardSshTunnelConnectivity": { "description": "Forward SSH Tunnel connectivity.", "properties": { "hostname": { "type": "string", "description": "Hostname for the SSH tunnel." }, "password": { "type": "string", "description": "Input only. SSH password." }, "port": { "type": "integer", "description": "Port for the SSH tunnel, default value is 22." }, "privateKey": { "type": "string", "description": "Input only. SSH private key." }, "username": { "type": "string", "description": "Username for the SSH tunnel." } }, "type": "object", "required": [ "hostname", "username" ] }, "google-native:datamigration/v1:ForwardSshTunnelConnectivityResponse": { "description": "Forward SSH Tunnel connectivity.", "properties": { "hostname": { "type": "string", "description": "Hostname for the SSH tunnel." }, "password": { "type": "string", "description": "Input only. SSH password." }, "port": { "type": "integer", "description": "Port for the SSH tunnel, default value is 22." }, "privateKey": { "type": "string", "description": "Input only. SSH private key." }, "username": { "type": "string", "description": "Username for the SSH tunnel." } }, "type": "object", "required": [ "hostname", "password", "port", "privateKey", "username" ] }, "google-native:datamigration/v1:IntComparisonFilter": { "description": "Filter based on relation between source value and compare value of type integer in ConditionalColumnSetValue", "properties": { "value": { "type": "string", "description": "Integer compare value to be used" }, "valueComparison": { "$ref": "#/types/google-native:datamigration%2Fv1:IntComparisonFilterValueComparison", "description": "Relation between source value and compare value" } }, "type": "object", "required": [ "value", "valueComparison" ] }, "google-native:datamigration/v1:IntComparisonFilterResponse": { "description": "Filter based on relation between source value and compare value of type integer in ConditionalColumnSetValue", "properties": { "value": { "type": "string", "description": "Integer compare value to be used" }, "valueComparison": { "type": "string", "description": "Relation between source value and compare value" } }, "type": "object", "required": [ "value", "valueComparison" ] }, "google-native:datamigration/v1:IntComparisonFilterValueComparison": { "description": "Required. Relation between source value and compare value", "type": "string", "enum": [ { "name": "ValueComparisonUnspecified", "description": "Value comparison unspecified.", "value": "VALUE_COMPARISON_UNSPECIFIED" }, { "name": "ValueComparisonIfValueSmallerThan", "description": "Value is smaller than the Compare value.", "value": "VALUE_COMPARISON_IF_VALUE_SMALLER_THAN" }, { "name": "ValueComparisonIfValueSmallerEqualThan", "description": "Value is smaller or equal than the Compare value.", "value": "VALUE_COMPARISON_IF_VALUE_SMALLER_EQUAL_THAN" }, { "name": "ValueComparisonIfValueLargerThan", "description": "Value is larger than the Compare value.", "value": "VALUE_COMPARISON_IF_VALUE_LARGER_THAN" }, { "name": "ValueComparisonIfValueLargerEqualThan", "description": "Value is larger or equal than the Compare value.", "value": "VALUE_COMPARISON_IF_VALUE_LARGER_EQUAL_THAN" } ] }, "google-native:datamigration/v1:MachineConfig": { "description": "MachineConfig describes the configuration of a machine.", "properties": { "cpuCount": { "type": "integer", "description": "The number of CPU's in the VM instance." } }, "type": "object" }, "google-native:datamigration/v1:MachineConfigResponse": { "description": "MachineConfig describes the configuration of a machine.", "properties": { "cpuCount": { "type": "integer", "description": "The number of CPU's in the VM instance." } }, "type": "object", "required": [ "cpuCount" ] }, "google-native:datamigration/v1:MappingRuleFilter": { "description": "A filter defining the entities that a mapping rule should be applied to. When more than one field is specified, the rule is applied only to entities which match all the fields.", "properties": { "entities": { "type": "array", "items": { "type": "string" }, "description": "Optional. The rule should be applied to specific entities defined by their fully qualified names." }, "entityNameContains": { "type": "string", "description": "Optional. The rule should be applied to entities whose non-qualified name contains the given string." }, "entityNamePrefix": { "type": "string", "description": "Optional. The rule should be applied to entities whose non-qualified name starts with the given prefix." }, "entityNameSuffix": { "type": "string", "description": "Optional. The rule should be applied to entities whose non-qualified name ends with the given suffix." }, "parentEntity": { "type": "string", "description": "Optional. The rule should be applied to entities whose parent entity (fully qualified name) matches the given value. For example, if the rule applies to a table entity, the expected value should be a schema (schema). If the rule applies to a column or index entity, the expected value can be either a schema (schema) or a table (schema.table)" } }, "type": "object" }, "google-native:datamigration/v1:MappingRuleFilterResponse": { "description": "A filter defining the entities that a mapping rule should be applied to. When more than one field is specified, the rule is applied only to entities which match all the fields.", "properties": { "entities": { "type": "array", "items": { "type": "string" }, "description": "Optional. The rule should be applied to specific entities defined by their fully qualified names." }, "entityNameContains": { "type": "string", "description": "Optional. The rule should be applied to entities whose non-qualified name contains the given string." }, "entityNamePrefix": { "type": "string", "description": "Optional. The rule should be applied to entities whose non-qualified name starts with the given prefix." }, "entityNameSuffix": { "type": "string", "description": "Optional. The rule should be applied to entities whose non-qualified name ends with the given suffix." }, "parentEntity": { "type": "string", "description": "Optional. The rule should be applied to entities whose parent entity (fully qualified name) matches the given value. For example, if the rule applies to a table entity, the expected value should be a schema (schema). If the rule applies to a column or index entity, the expected value can be either a schema (schema) or a table (schema.table)" } }, "type": "object", "required": [ "entities", "entityNameContains", "entityNamePrefix", "entityNameSuffix", "parentEntity" ] }, "google-native:datamigration/v1:MappingRuleRuleScope": { "description": "Required. The rule scope", "type": "string", "enum": [ { "name": "DatabaseEntityTypeUnspecified", "description": "Unspecified database entity type.", "value": "DATABASE_ENTITY_TYPE_UNSPECIFIED" }, { "name": "DatabaseEntityTypeSchema", "description": "Schema.", "value": "DATABASE_ENTITY_TYPE_SCHEMA" }, { "name": "DatabaseEntityTypeTable", "description": "Table.", "value": "DATABASE_ENTITY_TYPE_TABLE" }, { "name": "DatabaseEntityTypeColumn", "description": "Column.", "value": "DATABASE_ENTITY_TYPE_COLUMN" }, { "name": "DatabaseEntityTypeConstraint", "description": "Constraint.", "value": "DATABASE_ENTITY_TYPE_CONSTRAINT" }, { "name": "DatabaseEntityTypeIndex", "description": "Index.", "value": "DATABASE_ENTITY_TYPE_INDEX" }, { "name": "DatabaseEntityTypeTrigger", "description": "Trigger.", "value": "DATABASE_ENTITY_TYPE_TRIGGER" }, { "name": "DatabaseEntityTypeView", "description": "View.", "value": "DATABASE_ENTITY_TYPE_VIEW" }, { "name": "DatabaseEntityTypeSequence", "description": "Sequence.", "value": "DATABASE_ENTITY_TYPE_SEQUENCE" }, { "name": "DatabaseEntityTypeStoredProcedure", "description": "Stored Procedure.", "value": "DATABASE_ENTITY_TYPE_STORED_PROCEDURE" }, { "name": "DatabaseEntityTypeFunction", "description": "Function.", "value": "DATABASE_ENTITY_TYPE_FUNCTION" }, { "name": "DatabaseEntityTypeSynonym", "description": "Synonym.", "value": "DATABASE_ENTITY_TYPE_SYNONYM" }, { "name": "DatabaseEntityTypeDatabasePackage", "description": "Package.", "value": "DATABASE_ENTITY_TYPE_DATABASE_PACKAGE" }, { "name": "DatabaseEntityTypeUdt", "description": "UDT.", "value": "DATABASE_ENTITY_TYPE_UDT" }, { "name": "DatabaseEntityTypeMaterializedView", "description": "Materialized View.", "value": "DATABASE_ENTITY_TYPE_MATERIALIZED_VIEW" }, { "name": "DatabaseEntityTypeDatabase", "description": "Database.", "value": "DATABASE_ENTITY_TYPE_DATABASE" } ] }, "google-native:datamigration/v1:MappingRuleState": { "description": "Optional. The mapping rule state", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "The state of the mapping rule is unknown.", "value": "STATE_UNSPECIFIED" }, { "name": "Enabled", "description": "The rule is enabled.", "value": "ENABLED" }, { "name": "Disabled", "description": "The rule is disabled.", "value": "DISABLED" }, { "name": "Deleted", "description": "The rule is logically deleted.", "value": "DELETED" } ] }, "google-native:datamigration/v1:MigrationJobState": { "description": "The current migration job state.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "The state of the migration job is unknown.", "value": "STATE_UNSPECIFIED" }, { "name": "Maintenance", "description": "The migration job is down for maintenance.", "value": "MAINTENANCE" }, { "name": "Draft", "description": "The migration job is in draft mode and no resources are created.", "value": "DRAFT" }, { "name": "Creating", "description": "The migration job is being created.", "value": "CREATING" }, { "name": "NotStarted", "description": "The migration job is created and not started.", "value": "NOT_STARTED" }, { "name": "Running", "description": "The migration job is running.", "value": "RUNNING" }, { "name": "Failed", "description": "The migration job failed.", "value": "FAILED" }, { "name": "Completed", "description": "The migration job has been completed.", "value": "COMPLETED" }, { "name": "Deleting", "description": "The migration job is being deleted.", "value": "DELETING" }, { "name": "Stopping", "description": "The migration job is being stopped.", "value": "STOPPING" }, { "name": "Stopped", "description": "The migration job is currently stopped.", "value": "STOPPED" }, { "name": "Deleted", "description": "The migration job has been deleted.", "value": "DELETED" }, { "name": "Updating", "description": "The migration job is being updated.", "value": "UPDATING" }, { "name": "Starting", "description": "The migration job is starting.", "value": "STARTING" }, { "name": "Restarting", "description": "The migration job is restarting.", "value": "RESTARTING" }, { "name": "Resuming", "description": "The migration job is resuming.", "value": "RESUMING" } ] }, "google-native:datamigration/v1:MigrationJobType": { "description": "Required. The migration job type.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "The type of the migration job is unknown.", "value": "TYPE_UNSPECIFIED" }, { "name": "OneTime", "description": "The migration job is a one time migration.", "value": "ONE_TIME" }, { "name": "Continuous", "description": "The migration job is a continuous migration.", "value": "CONTINUOUS" } ] }, "google-native:datamigration/v1:MultiColumnDatatypeChange": { "description": "Options to configure rule type MultiColumnDatatypeChange. The rule is used to change the data type and associated properties of multiple columns at once. The rule filter field can refer to one or more entities. The rule scope can be one of:Column. This rule requires additional filters to be specified beyond the basic rule filter field, which is the source data type, but the rule supports additional filtering capabilities such as the minimum and maximum field length. All additional filters which are specified are required to be met in order for the rule to be applied (logical AND between the fields).", "properties": { "customFeatures": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Custom engine specific features." }, "newDataType": { "type": "string", "description": "New data type." }, "overrideFractionalSecondsPrecision": { "type": "integer", "description": "Optional. Column fractional seconds precision - used only for timestamp based datatypes - if not specified and relevant uses the source column fractional seconds precision." }, "overrideLength": { "type": "string", "description": "Optional. Column length - e.g. varchar (50) - if not specified and relevant uses the source column length." }, "overridePrecision": { "type": "integer", "description": "Optional. Column precision - when relevant - if not specified and relevant uses the source column precision." }, "overrideScale": { "type": "integer", "description": "Optional. Column scale - when relevant - if not specified and relevant uses the source column scale." }, "sourceDataTypeFilter": { "type": "string", "description": "Filter on source data type." }, "sourceNumericFilter": { "$ref": "#/types/google-native:datamigration%2Fv1:SourceNumericFilter", "description": "Optional. Filter for fixed point number data types such as NUMERIC/NUMBER." }, "sourceTextFilter": { "$ref": "#/types/google-native:datamigration%2Fv1:SourceTextFilter", "description": "Optional. Filter for text-based data types like varchar." } }, "type": "object", "required": [ "newDataType", "sourceDataTypeFilter" ] }, "google-native:datamigration/v1:MultiColumnDatatypeChangeResponse": { "description": "Options to configure rule type MultiColumnDatatypeChange. The rule is used to change the data type and associated properties of multiple columns at once. The rule filter field can refer to one or more entities. The rule scope can be one of:Column. This rule requires additional filters to be specified beyond the basic rule filter field, which is the source data type, but the rule supports additional filtering capabilities such as the minimum and maximum field length. All additional filters which are specified are required to be met in order for the rule to be applied (logical AND between the fields).", "properties": { "customFeatures": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Custom engine specific features." }, "newDataType": { "type": "string", "description": "New data type." }, "overrideFractionalSecondsPrecision": { "type": "integer", "description": "Optional. Column fractional seconds precision - used only for timestamp based datatypes - if not specified and relevant uses the source column fractional seconds precision." }, "overrideLength": { "type": "string", "description": "Optional. Column length - e.g. varchar (50) - if not specified and relevant uses the source column length." }, "overridePrecision": { "type": "integer", "description": "Optional. Column precision - when relevant - if not specified and relevant uses the source column precision." }, "overrideScale": { "type": "integer", "description": "Optional. Column scale - when relevant - if not specified and relevant uses the source column scale." }, "sourceDataTypeFilter": { "type": "string", "description": "Filter on source data type." }, "sourceNumericFilter": { "$ref": "#/types/google-native:datamigration%2Fv1:SourceNumericFilterResponse", "description": "Optional. Filter for fixed point number data types such as NUMERIC/NUMBER." }, "sourceTextFilter": { "$ref": "#/types/google-native:datamigration%2Fv1:SourceTextFilterResponse", "description": "Optional. Filter for text-based data types like varchar." } }, "type": "object", "required": [ "customFeatures", "newDataType", "overrideFractionalSecondsPrecision", "overrideLength", "overridePrecision", "overrideScale", "sourceDataTypeFilter", "sourceNumericFilter", "sourceTextFilter" ] }, "google-native:datamigration/v1:MultiEntityRename": { "description": "Options to configure rule type MultiEntityRename. The rule is used to rename multiple entities. The rule filter field can refer to one or more entities. The rule scope can be one of: Database, Schema, Table, Column, Constraint, Index, View, Function, Stored Procedure, Materialized View, Sequence, UDT", "properties": { "newNamePattern": { "type": "string", "description": "Optional. The pattern used to generate the new entity's name. This pattern must include the characters '{name}', which will be replaced with the name of the original entity. For example, the pattern 't_{name}' for an entity name jobs would be converted to 't_jobs'. If unspecified, the default value for this field is '{name}'" }, "sourceNameTransformation": { "$ref": "#/types/google-native:datamigration%2Fv1:MultiEntityRenameSourceNameTransformation", "description": "Optional. Additional transformation that can be done on the source entity name before it is being used by the new_name_pattern, for example lower case. If no transformation is desired, use NO_TRANSFORMATION" } }, "type": "object" }, "google-native:datamigration/v1:MultiEntityRenameResponse": { "description": "Options to configure rule type MultiEntityRename. The rule is used to rename multiple entities. The rule filter field can refer to one or more entities. The rule scope can be one of: Database, Schema, Table, Column, Constraint, Index, View, Function, Stored Procedure, Materialized View, Sequence, UDT", "properties": { "newNamePattern": { "type": "string", "description": "Optional. The pattern used to generate the new entity's name. This pattern must include the characters '{name}', which will be replaced with the name of the original entity. For example, the pattern 't_{name}' for an entity name jobs would be converted to 't_jobs'. If unspecified, the default value for this field is '{name}'" }, "sourceNameTransformation": { "type": "string", "description": "Optional. Additional transformation that can be done on the source entity name before it is being used by the new_name_pattern, for example lower case. If no transformation is desired, use NO_TRANSFORMATION" } }, "type": "object", "required": [ "newNamePattern", "sourceNameTransformation" ] }, "google-native:datamigration/v1:MultiEntityRenameSourceNameTransformation": { "description": "Optional. Additional transformation that can be done on the source entity name before it is being used by the new_name_pattern, for example lower case. If no transformation is desired, use NO_TRANSFORMATION", "type": "string", "enum": [ { "name": "EntityNameTransformationUnspecified", "description": "Entity name transformation unspecified.", "value": "ENTITY_NAME_TRANSFORMATION_UNSPECIFIED" }, { "name": "EntityNameTransformationNoTransformation", "description": "No transformation.", "value": "ENTITY_NAME_TRANSFORMATION_NO_TRANSFORMATION" }, { "name": "EntityNameTransformationLowerCase", "description": "Transform to lower case.", "value": "ENTITY_NAME_TRANSFORMATION_LOWER_CASE" }, { "name": "EntityNameTransformationUpperCase", "description": "Transform to upper case.", "value": "ENTITY_NAME_TRANSFORMATION_UPPER_CASE" }, { "name": "EntityNameTransformationCapitalizedCase", "description": "Transform to capitalized case.", "value": "ENTITY_NAME_TRANSFORMATION_CAPITALIZED_CASE" } ] }, "google-native:datamigration/v1:MySqlConnectionProfile": { "description": "Specifies connection parameters required specifically for MySQL databases.", "properties": { "cloudSqlId": { "type": "string", "description": "If the source is a Cloud SQL database, use this field to provide the Cloud SQL instance ID of the source." }, "host": { "type": "string", "description": "The IP or hostname of the source MySQL database." }, "password": { "type": "string", "description": "Input only. The password for the user that Database Migration Service will be using to connect to the database. This field is not returned on request, and the value is encrypted when stored in Database Migration Service." }, "port": { "type": "integer", "description": "The network port of the source MySQL database." }, "ssl": { "$ref": "#/types/google-native:datamigration%2Fv1:SslConfig", "description": "SSL configuration for the destination to connect to the source database." }, "username": { "type": "string", "description": "The username that Database Migration Service will use to connect to the database. The value is encrypted when stored in Database Migration Service." } }, "type": "object", "required": [ "host", "password", "port", "username" ] }, "google-native:datamigration/v1:MySqlConnectionProfileResponse": { "description": "Specifies connection parameters required specifically for MySQL databases.", "properties": { "cloudSqlId": { "type": "string", "description": "If the source is a Cloud SQL database, use this field to provide the Cloud SQL instance ID of the source." }, "host": { "type": "string", "description": "The IP or hostname of the source MySQL database." }, "password": { "type": "string", "description": "Input only. The password for the user that Database Migration Service will be using to connect to the database. This field is not returned on request, and the value is encrypted when stored in Database Migration Service." }, "passwordSet": { "type": "boolean", "description": "Indicates If this connection profile password is stored." }, "port": { "type": "integer", "description": "The network port of the source MySQL database." }, "ssl": { "$ref": "#/types/google-native:datamigration%2Fv1:SslConfigResponse", "description": "SSL configuration for the destination to connect to the source database." }, "username": { "type": "string", "description": "The username that Database Migration Service will use to connect to the database. The value is encrypted when stored in Database Migration Service." } }, "type": "object", "required": [ "cloudSqlId", "host", "password", "passwordSet", "port", "ssl", "username" ] }, "google-native:datamigration/v1:OracleConnectionProfile": { "description": "Specifies connection parameters required specifically for Oracle databases.", "properties": { "databaseService": { "type": "string", "description": "Database service for the Oracle connection." }, "forwardSshConnectivity": { "$ref": "#/types/google-native:datamigration%2Fv1:ForwardSshTunnelConnectivity", "description": "Forward SSH tunnel connectivity." }, "host": { "type": "string", "description": "The IP or hostname of the source Oracle database." }, "password": { "type": "string", "description": "Input only. The password for the user that Database Migration Service will be using to connect to the database. This field is not returned on request, and the value is encrypted when stored in Database Migration Service." }, "port": { "type": "integer", "description": "The network port of the source Oracle database." }, "privateConnectivity": { "$ref": "#/types/google-native:datamigration%2Fv1:PrivateConnectivity", "description": "Private connectivity." }, "ssl": { "$ref": "#/types/google-native:datamigration%2Fv1:SslConfig", "description": "SSL configuration for the connection to the source Oracle database. * Only `SERVER_ONLY` configuration is supported for Oracle SSL. * SSL is supported for Oracle versions 12 and above." }, "staticServiceIpConnectivity": { "$ref": "#/types/google-native:datamigration%2Fv1:StaticServiceIpConnectivity", "description": "Static Service IP connectivity." }, "username": { "type": "string", "description": "The username that Database Migration Service will use to connect to the database. The value is encrypted when stored in Database Migration Service." } }, "type": "object", "required": [ "databaseService", "host", "password", "port", "username" ] }, "google-native:datamigration/v1:OracleConnectionProfileResponse": { "description": "Specifies connection parameters required specifically for Oracle databases.", "properties": { "databaseService": { "type": "string", "description": "Database service for the Oracle connection." }, "forwardSshConnectivity": { "$ref": "#/types/google-native:datamigration%2Fv1:ForwardSshTunnelConnectivityResponse", "description": "Forward SSH tunnel connectivity." }, "host": { "type": "string", "description": "The IP or hostname of the source Oracle database." }, "password": { "type": "string", "description": "Input only. The password for the user that Database Migration Service will be using to connect to the database. This field is not returned on request, and the value is encrypted when stored in Database Migration Service." }, "passwordSet": { "type": "boolean", "description": "Indicates whether a new password is included in the request." }, "port": { "type": "integer", "description": "The network port of the source Oracle database." }, "privateConnectivity": { "$ref": "#/types/google-native:datamigration%2Fv1:PrivateConnectivityResponse", "description": "Private connectivity." }, "ssl": { "$ref": "#/types/google-native:datamigration%2Fv1:SslConfigResponse", "description": "SSL configuration for the connection to the source Oracle database. * Only `SERVER_ONLY` configuration is supported for Oracle SSL. * SSL is supported for Oracle versions 12 and above." }, "staticServiceIpConnectivity": { "$ref": "#/types/google-native:datamigration%2Fv1:StaticServiceIpConnectivityResponse", "description": "Static Service IP connectivity." }, "username": { "type": "string", "description": "The username that Database Migration Service will use to connect to the database. The value is encrypted when stored in Database Migration Service." } }, "type": "object", "required": [ "databaseService", "forwardSshConnectivity", "host", "password", "passwordSet", "port", "privateConnectivity", "ssl", "staticServiceIpConnectivity", "username" ] }, "google-native:datamigration/v1:PerformanceConfig": { "description": "Performance configuration definition.", "properties": { "dumpParallelLevel": { "$ref": "#/types/google-native:datamigration%2Fv1:PerformanceConfigDumpParallelLevel", "description": "Initial dump parallelism level." } }, "type": "object" }, "google-native:datamigration/v1:PerformanceConfigDumpParallelLevel": { "description": "Initial dump parallelism level.", "type": "string", "enum": [ { "name": "DumpParallelLevelUnspecified", "description": "Unknown dump parallel level. Will be defaulted to OPTIMAL.", "value": "DUMP_PARALLEL_LEVEL_UNSPECIFIED" }, { "name": "Min", "description": "Minimal parallel level.", "value": "MIN" }, { "name": "Optimal", "description": "Optimal parallel level.", "value": "OPTIMAL" }, { "name": "Max", "description": "Maximum parallel level.", "value": "MAX" } ] }, "google-native:datamigration/v1:PerformanceConfigResponse": { "description": "Performance configuration definition.", "properties": { "dumpParallelLevel": { "type": "string", "description": "Initial dump parallelism level." } }, "type": "object", "required": [ "dumpParallelLevel" ] }, "google-native:datamigration/v1:PostgreSqlConnectionProfile": { "description": "Specifies connection parameters required specifically for PostgreSQL databases.", "properties": { "alloydbClusterId": { "type": "string", "description": "Optional. If the destination is an AlloyDB database, use this field to provide the AlloyDB cluster ID." }, "cloudSqlId": { "type": "string", "description": "If the source is a Cloud SQL database, use this field to provide the Cloud SQL instance ID of the source." }, "host": { "type": "string", "description": "The IP or hostname of the source PostgreSQL database." }, "password": { "type": "string", "description": "Input only. The password for the user that Database Migration Service will be using to connect to the database. This field is not returned on request, and the value is encrypted when stored in Database Migration Service." }, "port": { "type": "integer", "description": "The network port of the source PostgreSQL database." }, "privateServiceConnectConnectivity": { "$ref": "#/types/google-native:datamigration%2Fv1:PrivateServiceConnectConnectivity", "description": "Private service connect connectivity." }, "ssl": { "$ref": "#/types/google-native:datamigration%2Fv1:SslConfig", "description": "SSL configuration for the destination to connect to the source database." }, "staticIpConnectivity": { "$ref": "#/types/google-native:datamigration%2Fv1:StaticIpConnectivity", "description": "Static ip connectivity data (default, no additional details needed)." }, "username": { "type": "string", "description": "The username that Database Migration Service will use to connect to the database. The value is encrypted when stored in Database Migration Service." } }, "type": "object", "required": [ "host", "password", "port", "username" ] }, "google-native:datamigration/v1:PostgreSqlConnectionProfileResponse": { "description": "Specifies connection parameters required specifically for PostgreSQL databases.", "properties": { "alloydbClusterId": { "type": "string", "description": "Optional. If the destination is an AlloyDB database, use this field to provide the AlloyDB cluster ID." }, "cloudSqlId": { "type": "string", "description": "If the source is a Cloud SQL database, use this field to provide the Cloud SQL instance ID of the source." }, "host": { "type": "string", "description": "The IP or hostname of the source PostgreSQL database." }, "networkArchitecture": { "type": "string", "description": "If the source is a Cloud SQL database, this field indicates the network architecture it's associated with." }, "password": { "type": "string", "description": "Input only. The password for the user that Database Migration Service will be using to connect to the database. This field is not returned on request, and the value is encrypted when stored in Database Migration Service." }, "passwordSet": { "type": "boolean", "description": "Indicates If this connection profile password is stored." }, "port": { "type": "integer", "description": "The network port of the source PostgreSQL database." }, "privateServiceConnectConnectivity": { "$ref": "#/types/google-native:datamigration%2Fv1:PrivateServiceConnectConnectivityResponse", "description": "Private service connect connectivity." }, "ssl": { "$ref": "#/types/google-native:datamigration%2Fv1:SslConfigResponse", "description": "SSL configuration for the destination to connect to the source database." }, "staticIpConnectivity": { "$ref": "#/types/google-native:datamigration%2Fv1:StaticIpConnectivityResponse", "description": "Static ip connectivity data (default, no additional details needed)." }, "username": { "type": "string", "description": "The username that Database Migration Service will use to connect to the database. The value is encrypted when stored in Database Migration Service." } }, "type": "object", "required": [ "alloydbClusterId", "cloudSqlId", "host", "networkArchitecture", "password", "passwordSet", "port", "privateServiceConnectConnectivity", "ssl", "staticIpConnectivity", "username" ] }, "google-native:datamigration/v1:PrimaryInstanceSettings": { "description": "Settings for the cluster's primary instance", "properties": { "databaseFlags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Database flags to pass to AlloyDB when DMS is creating the AlloyDB cluster and instances. See the AlloyDB documentation for how these can be used." }, "id": { "type": "string", "description": "The ID of the AlloyDB primary instance. The ID must satisfy the regex expression \"[a-z0-9-]+\"." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels for the AlloyDB primary instance created by DMS. An object containing a list of 'key', 'value' pairs." }, "machineConfig": { "$ref": "#/types/google-native:datamigration%2Fv1:MachineConfig", "description": "Configuration for the machines that host the underlying database engine." } }, "type": "object", "required": [ "id" ] }, "google-native:datamigration/v1:PrimaryInstanceSettingsResponse": { "description": "Settings for the cluster's primary instance", "properties": { "databaseFlags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Database flags to pass to AlloyDB when DMS is creating the AlloyDB cluster and instances. See the AlloyDB documentation for how these can be used." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Labels for the AlloyDB primary instance created by DMS. An object containing a list of 'key', 'value' pairs." }, "machineConfig": { "$ref": "#/types/google-native:datamigration%2Fv1:MachineConfigResponse", "description": "Configuration for the machines that host the underlying database engine." }, "privateIp": { "type": "string", "description": "The private IP address for the Instance. This is the connection endpoint for an end-user application." } }, "type": "object", "required": [ "databaseFlags", "labels", "machineConfig", "privateIp" ] }, "google-native:datamigration/v1:PrivateConnectivity": { "description": "Private Connectivity.", "properties": { "privateConnection": { "type": "string", "description": "The resource name (URI) of the private connection." } }, "type": "object", "required": [ "privateConnection" ] }, "google-native:datamigration/v1:PrivateConnectivityResponse": { "description": "Private Connectivity.", "properties": { "privateConnection": { "type": "string", "description": "The resource name (URI) of the private connection." } }, "type": "object", "required": [ "privateConnection" ] }, "google-native:datamigration/v1:PrivateServiceConnectConnectivity": { "description": "[Private Service Connect connectivity](https://cloud.google.com/vpc/docs/private-service-connect#service-attachments)", "properties": { "serviceAttachment": { "type": "string", "description": "A service attachment that exposes a database, and has the following format: projects/{project}/regions/{region}/serviceAttachments/{service_attachment_name}" } }, "type": "object", "required": [ "serviceAttachment" ] }, "google-native:datamigration/v1:PrivateServiceConnectConnectivityResponse": { "description": "[Private Service Connect connectivity](https://cloud.google.com/vpc/docs/private-service-connect#service-attachments)", "properties": { "serviceAttachment": { "type": "string", "description": "A service attachment that exposes a database, and has the following format: projects/{project}/regions/{region}/serviceAttachments/{service_attachment_name}" } }, "type": "object", "required": [ "serviceAttachment" ] }, "google-native:datamigration/v1:ReverseSshConnectivity": { "description": "The details needed to configure a reverse SSH tunnel between the source and destination databases. These details will be used when calling the generateSshScript method (see https://cloud.google.com/database-migration/docs/reference/rest/v1/projects.locations.migrationJobs/generateSshScript) to produce the script that will help set up the reverse SSH tunnel, and to set up the VPC peering between the Cloud SQL private network and the VPC.", "properties": { "vm": { "type": "string", "description": "The name of the virtual machine (Compute Engine) used as the bastion server for the SSH tunnel." }, "vmIp": { "type": "string", "description": "The IP of the virtual machine (Compute Engine) used as the bastion server for the SSH tunnel." }, "vmPort": { "type": "integer", "description": "The forwarding port of the virtual machine (Compute Engine) used as the bastion server for the SSH tunnel." }, "vpc": { "type": "string", "description": "The name of the VPC to peer with the Cloud SQL private network." } }, "type": "object", "required": [ "vmIp", "vmPort" ] }, "google-native:datamigration/v1:ReverseSshConnectivityResponse": { "description": "The details needed to configure a reverse SSH tunnel between the source and destination databases. These details will be used when calling the generateSshScript method (see https://cloud.google.com/database-migration/docs/reference/rest/v1/projects.locations.migrationJobs/generateSshScript) to produce the script that will help set up the reverse SSH tunnel, and to set up the VPC peering between the Cloud SQL private network and the VPC.", "properties": { "vm": { "type": "string", "description": "The name of the virtual machine (Compute Engine) used as the bastion server for the SSH tunnel." }, "vmIp": { "type": "string", "description": "The IP of the virtual machine (Compute Engine) used as the bastion server for the SSH tunnel." }, "vmPort": { "type": "integer", "description": "The forwarding port of the virtual machine (Compute Engine) used as the bastion server for the SSH tunnel." }, "vpc": { "type": "string", "description": "The name of the VPC to peer with the Cloud SQL private network." } }, "type": "object", "required": [ "vm", "vmIp", "vmPort", "vpc" ] }, "google-native:datamigration/v1:RoundToScale": { "description": "This allows the data to change scale, for example if the source is 2 digits after the decimal point, specify round to scale value = 2. If for example the value needs to be converted to an integer, use round to scale value = 0.", "properties": { "scale": { "type": "integer", "description": "Scale value to be used" } }, "type": "object", "required": [ "scale" ] }, "google-native:datamigration/v1:RoundToScaleResponse": { "description": "This allows the data to change scale, for example if the source is 2 digits after the decimal point, specify round to scale value = 2. If for example the value needs to be converted to an integer, use round to scale value = 0.", "properties": { "scale": { "type": "integer", "description": "Scale value to be used" } }, "type": "object", "required": [ "scale" ] }, "google-native:datamigration/v1:SetTablePrimaryKey": { "description": "Options to configure rule type SetTablePrimaryKey. The rule is used to specify the columns and name to configure/alter the primary key of a table. The rule filter field can refer to one entity. The rule scope can be one of: Table.", "properties": { "primaryKey": { "type": "string", "description": "Optional. Name for the primary key" }, "primaryKeyColumns": { "type": "array", "items": { "type": "string" }, "description": "List of column names for the primary key" } }, "type": "object", "required": [ "primaryKeyColumns" ] }, "google-native:datamigration/v1:SetTablePrimaryKeyResponse": { "description": "Options to configure rule type SetTablePrimaryKey. The rule is used to specify the columns and name to configure/alter the primary key of a table. The rule filter field can refer to one entity. The rule scope can be one of: Table.", "properties": { "primaryKey": { "type": "string", "description": "Optional. Name for the primary key" }, "primaryKeyColumns": { "type": "array", "items": { "type": "string" }, "description": "List of column names for the primary key" } }, "type": "object", "required": [ "primaryKey", "primaryKeyColumns" ] }, "google-native:datamigration/v1:SingleColumnChange": { "description": "Options to configure rule type SingleColumnChange. The rule is used to change the properties of a column. The rule filter field can refer to one entity. The rule scope can be one of: Column. When using this rule, if a field is not specified than the destination column's configuration will be the same as the one in the source column..", "properties": { "array": { "type": "boolean", "description": "Optional. Is the column of array type." }, "arrayLength": { "type": "integer", "description": "Optional. The length of the array, only relevant if the column type is an array." }, "autoGenerated": { "type": "boolean", "description": "Optional. Is the column auto-generated/identity." }, "charset": { "type": "string", "description": "Optional. Charset override - instead of table level charset." }, "collation": { "type": "string", "description": "Optional. Collation override - instead of table level collation." }, "comment": { "type": "string", "description": "Optional. Comment associated with the column." }, "customFeatures": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Custom engine specific features." }, "dataType": { "type": "string", "description": "Optional. Column data type name." }, "fractionalSecondsPrecision": { "type": "integer", "description": "Optional. Column fractional seconds precision - e.g. 2 as in timestamp (2) - when relevant." }, "length": { "type": "string", "description": "Optional. Column length - e.g. 50 as in varchar (50) - when relevant." }, "nullable": { "type": "boolean", "description": "Optional. Is the column nullable." }, "precision": { "type": "integer", "description": "Optional. Column precision - e.g. 8 as in double (8,2) - when relevant." }, "scale": { "type": "integer", "description": "Optional. Column scale - e.g. 2 as in double (8,2) - when relevant." }, "setValues": { "type": "array", "items": { "type": "string" }, "description": "Optional. Specifies the list of values allowed in the column." }, "udt": { "type": "boolean", "description": "Optional. Is the column a UDT (User-defined Type)." } }, "type": "object" }, "google-native:datamigration/v1:SingleColumnChangeResponse": { "description": "Options to configure rule type SingleColumnChange. The rule is used to change the properties of a column. The rule filter field can refer to one entity. The rule scope can be one of: Column. When using this rule, if a field is not specified than the destination column's configuration will be the same as the one in the source column..", "properties": { "array": { "type": "boolean", "description": "Optional. Is the column of array type." }, "arrayLength": { "type": "integer", "description": "Optional. The length of the array, only relevant if the column type is an array." }, "autoGenerated": { "type": "boolean", "description": "Optional. Is the column auto-generated/identity." }, "charset": { "type": "string", "description": "Optional. Charset override - instead of table level charset." }, "collation": { "type": "string", "description": "Optional. Collation override - instead of table level collation." }, "comment": { "type": "string", "description": "Optional. Comment associated with the column." }, "customFeatures": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Custom engine specific features." }, "dataType": { "type": "string", "description": "Optional. Column data type name." }, "fractionalSecondsPrecision": { "type": "integer", "description": "Optional. Column fractional seconds precision - e.g. 2 as in timestamp (2) - when relevant." }, "length": { "type": "string", "description": "Optional. Column length - e.g. 50 as in varchar (50) - when relevant." }, "nullable": { "type": "boolean", "description": "Optional. Is the column nullable." }, "precision": { "type": "integer", "description": "Optional. Column precision - e.g. 8 as in double (8,2) - when relevant." }, "scale": { "type": "integer", "description": "Optional. Column scale - e.g. 2 as in double (8,2) - when relevant." }, "setValues": { "type": "array", "items": { "type": "string" }, "description": "Optional. Specifies the list of values allowed in the column." }, "udt": { "type": "boolean", "description": "Optional. Is the column a UDT (User-defined Type)." } }, "type": "object", "required": [ "array", "arrayLength", "autoGenerated", "charset", "collation", "comment", "customFeatures", "dataType", "fractionalSecondsPrecision", "length", "nullable", "precision", "scale", "setValues", "udt" ] }, "google-native:datamigration/v1:SingleEntityRename": { "description": "Options to configure rule type SingleEntityRename. The rule is used to rename an entity. The rule filter field can refer to only one entity. The rule scope can be one of: Database, Schema, Table, Column, Constraint, Index, View, Function, Stored Procedure, Materialized View, Sequence, UDT, Synonym", "properties": { "newName": { "type": "string", "description": "The new name of the destination entity" } }, "type": "object", "required": [ "newName" ] }, "google-native:datamigration/v1:SingleEntityRenameResponse": { "description": "Options to configure rule type SingleEntityRename. The rule is used to rename an entity. The rule filter field can refer to only one entity. The rule scope can be one of: Database, Schema, Table, Column, Constraint, Index, View, Function, Stored Procedure, Materialized View, Sequence, UDT, Synonym", "properties": { "newName": { "type": "string", "description": "The new name of the destination entity" } }, "type": "object", "required": [ "newName" ] }, "google-native:datamigration/v1:SinglePackageChange": { "description": "Options to configure rule type SinglePackageChange. The rule is used to alter the sql code for a package entities. The rule filter field can refer to one entity. The rule scope can be: Package", "properties": { "packageBody": { "type": "string", "description": "Optional. Sql code for package body" }, "packageDescription": { "type": "string", "description": "Optional. Sql code for package description" } }, "type": "object" }, "google-native:datamigration/v1:SinglePackageChangeResponse": { "description": "Options to configure rule type SinglePackageChange. The rule is used to alter the sql code for a package entities. The rule filter field can refer to one entity. The rule scope can be: Package", "properties": { "packageBody": { "type": "string", "description": "Optional. Sql code for package body" }, "packageDescription": { "type": "string", "description": "Optional. Sql code for package description" } }, "type": "object", "required": [ "packageBody", "packageDescription" ] }, "google-native:datamigration/v1:SourceNumericFilter": { "description": "Filter for fixed point number data types such as NUMERIC/NUMBER", "properties": { "numericFilterOption": { "$ref": "#/types/google-native:datamigration%2Fv1:SourceNumericFilterNumericFilterOption", "description": "Enum to set the option defining the datatypes numeric filter has to be applied to" }, "sourceMaxPrecisionFilter": { "type": "integer", "description": "Optional. The filter will match columns with precision smaller than or equal to this number." }, "sourceMaxScaleFilter": { "type": "integer", "description": "Optional. The filter will match columns with scale smaller than or equal to this number." }, "sourceMinPrecisionFilter": { "type": "integer", "description": "Optional. The filter will match columns with precision greater than or equal to this number." }, "sourceMinScaleFilter": { "type": "integer", "description": "Optional. The filter will match columns with scale greater than or equal to this number." } }, "type": "object", "required": [ "numericFilterOption" ] }, "google-native:datamigration/v1:SourceNumericFilterNumericFilterOption": { "description": "Required. Enum to set the option defining the datatypes numeric filter has to be applied to", "type": "string", "enum": [ { "name": "NumericFilterOptionUnspecified", "description": "Numeric filter option unspecified", "value": "NUMERIC_FILTER_OPTION_UNSPECIFIED" }, { "name": "NumericFilterOptionAll", "description": "Numeric filter option that matches all numeric columns.", "value": "NUMERIC_FILTER_OPTION_ALL" }, { "name": "NumericFilterOptionLimit", "description": "Numeric filter option that matches columns having numeric datatypes with specified precision and scale within the limited range of filter.", "value": "NUMERIC_FILTER_OPTION_LIMIT" }, { "name": "NumericFilterOptionLimitless", "description": "Numeric filter option that matches only the numeric columns with no precision and scale specified.", "value": "NUMERIC_FILTER_OPTION_LIMITLESS" } ] }, "google-native:datamigration/v1:SourceNumericFilterResponse": { "description": "Filter for fixed point number data types such as NUMERIC/NUMBER", "properties": { "numericFilterOption": { "type": "string", "description": "Enum to set the option defining the datatypes numeric filter has to be applied to" }, "sourceMaxPrecisionFilter": { "type": "integer", "description": "Optional. The filter will match columns with precision smaller than or equal to this number." }, "sourceMaxScaleFilter": { "type": "integer", "description": "Optional. The filter will match columns with scale smaller than or equal to this number." }, "sourceMinPrecisionFilter": { "type": "integer", "description": "Optional. The filter will match columns with precision greater than or equal to this number." }, "sourceMinScaleFilter": { "type": "integer", "description": "Optional. The filter will match columns with scale greater than or equal to this number." } }, "type": "object", "required": [ "numericFilterOption", "sourceMaxPrecisionFilter", "sourceMaxScaleFilter", "sourceMinPrecisionFilter", "sourceMinScaleFilter" ] }, "google-native:datamigration/v1:SourceSqlChange": { "description": "Options to configure rule type SourceSqlChange. The rule is used to alter the sql code for database entities. The rule filter field can refer to one entity. The rule scope can be: StoredProcedure, Function, Trigger, View", "properties": { "sqlCode": { "type": "string", "description": "Sql code for source (stored procedure, function, trigger or view)" } }, "type": "object", "required": [ "sqlCode" ] }, "google-native:datamigration/v1:SourceSqlChangeResponse": { "description": "Options to configure rule type SourceSqlChange. The rule is used to alter the sql code for database entities. The rule filter field can refer to one entity. The rule scope can be: StoredProcedure, Function, Trigger, View", "properties": { "sqlCode": { "type": "string", "description": "Sql code for source (stored procedure, function, trigger or view)" } }, "type": "object", "required": [ "sqlCode" ] }, "google-native:datamigration/v1:SourceTextFilter": { "description": "Filter for text-based data types like varchar.", "properties": { "sourceMaxLengthFilter": { "type": "string", "description": "Optional. The filter will match columns with length smaller than or equal to this number." }, "sourceMinLengthFilter": { "type": "string", "description": "Optional. The filter will match columns with length greater than or equal to this number." } }, "type": "object" }, "google-native:datamigration/v1:SourceTextFilterResponse": { "description": "Filter for text-based data types like varchar.", "properties": { "sourceMaxLengthFilter": { "type": "string", "description": "Optional. The filter will match columns with length smaller than or equal to this number." }, "sourceMinLengthFilter": { "type": "string", "description": "Optional. The filter will match columns with length greater than or equal to this number." } }, "type": "object", "required": [ "sourceMaxLengthFilter", "sourceMinLengthFilter" ] }, "google-native:datamigration/v1:SqlAclEntry": { "description": "An entry for an Access Control list.", "properties": { "expireTime": { "type": "string", "description": "The time when this access control entry expires in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example: `2012-11-15T16:19:00.094Z`." }, "label": { "type": "string", "description": "A label to identify this entry." }, "ttl": { "type": "string", "description": "Input only. The time-to-leave of this access control entry." }, "value": { "type": "string", "description": "The allowlisted value for the access control list." } }, "type": "object" }, "google-native:datamigration/v1:SqlAclEntryResponse": { "description": "An entry for an Access Control list.", "properties": { "expireTime": { "type": "string", "description": "The time when this access control entry expires in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example: `2012-11-15T16:19:00.094Z`." }, "label": { "type": "string", "description": "A label to identify this entry." }, "ttl": { "type": "string", "description": "Input only. The time-to-leave of this access control entry." }, "value": { "type": "string", "description": "The allowlisted value for the access control list." } }, "type": "object", "required": [ "expireTime", "label", "ttl", "value" ] }, "google-native:datamigration/v1:SqlIpConfig": { "description": "IP Management configuration.", "properties": { "allocatedIpRange": { "type": "string", "description": "Optional. The name of the allocated IP address range for the private IP Cloud SQL instance. This name refers to an already allocated IP range address. If set, the instance IP address will be created in the allocated range. Note that this IP address range can't be modified after the instance is created. If you change the VPC when configuring connectivity settings for the migration job, this field is not relevant." }, "authorizedNetworks": { "type": "array", "items": { "$ref": "#/types/google-native:datamigration%2Fv1:SqlAclEntry" }, "description": "The list of external networks that are allowed to connect to the instance using the IP. See https://en.wikipedia.org/wiki/CIDR_notation#CIDR_notation, also known as 'slash' notation (e.g. `192.168.100.0/24`)." }, "enableIpv4": { "type": "boolean", "description": "Whether the instance should be assigned an IPv4 address or not." }, "privateNetwork": { "type": "string", "description": "The resource link for the VPC network from which the Cloud SQL instance is accessible for private IP. For example, `projects/myProject/global/networks/default`. This setting can be updated, but it cannot be removed after it is set." }, "requireSsl": { "type": "boolean", "description": "Whether SSL connections over IP should be enforced or not." } }, "type": "object" }, "google-native:datamigration/v1:SqlIpConfigResponse": { "description": "IP Management configuration.", "properties": { "allocatedIpRange": { "type": "string", "description": "Optional. The name of the allocated IP address range for the private IP Cloud SQL instance. This name refers to an already allocated IP range address. If set, the instance IP address will be created in the allocated range. Note that this IP address range can't be modified after the instance is created. If you change the VPC when configuring connectivity settings for the migration job, this field is not relevant." }, "authorizedNetworks": { "type": "array", "items": { "$ref": "#/types/google-native:datamigration%2Fv1:SqlAclEntryResponse" }, "description": "The list of external networks that are allowed to connect to the instance using the IP. See https://en.wikipedia.org/wiki/CIDR_notation#CIDR_notation, also known as 'slash' notation (e.g. `192.168.100.0/24`)." }, "enableIpv4": { "type": "boolean", "description": "Whether the instance should be assigned an IPv4 address or not." }, "privateNetwork": { "type": "string", "description": "The resource link for the VPC network from which the Cloud SQL instance is accessible for private IP. For example, `projects/myProject/global/networks/default`. This setting can be updated, but it cannot be removed after it is set." }, "requireSsl": { "type": "boolean", "description": "Whether SSL connections over IP should be enforced or not." } }, "type": "object", "required": [ "allocatedIpRange", "authorizedNetworks", "enableIpv4", "privateNetwork", "requireSsl" ] }, "google-native:datamigration/v1:SslConfig": { "description": "SSL configuration information.", "properties": { "caCertificate": { "type": "string", "description": "Input only. The x509 PEM-encoded certificate of the CA that signed the source database server's certificate. The replica will use this certificate to verify it's connecting to the right host." }, "clientCertificate": { "type": "string", "description": "Input only. The x509 PEM-encoded certificate that will be used by the replica to authenticate against the source database server.If this field is used then the 'client_key' field is mandatory." }, "clientKey": { "type": "string", "description": "Input only. The unencrypted PKCS#1 or PKCS#8 PEM-encoded private key associated with the Client Certificate. If this field is used then the 'client_certificate' field is mandatory." } }, "type": "object", "required": [ "caCertificate" ] }, "google-native:datamigration/v1:SslConfigResponse": { "description": "SSL configuration information.", "properties": { "caCertificate": { "type": "string", "description": "Input only. The x509 PEM-encoded certificate of the CA that signed the source database server's certificate. The replica will use this certificate to verify it's connecting to the right host." }, "clientCertificate": { "type": "string", "description": "Input only. The x509 PEM-encoded certificate that will be used by the replica to authenticate against the source database server.If this field is used then the 'client_key' field is mandatory." }, "clientKey": { "type": "string", "description": "Input only. The unencrypted PKCS#1 or PKCS#8 PEM-encoded private key associated with the Client Certificate. If this field is used then the 'client_certificate' field is mandatory." }, "type": { "type": "string", "description": "The ssl config type according to 'client_key', 'client_certificate' and 'ca_certificate'." } }, "type": "object", "required": [ "caCertificate", "clientCertificate", "clientKey", "type" ] }, "google-native:datamigration/v1:StaticIpConnectivity": { "description": "The source database will allow incoming connections from the public IP of the destination database. You can retrieve the public IP of the Cloud SQL instance from the Cloud SQL console or using Cloud SQL APIs. No additional configuration is required.", "type": "object" }, "google-native:datamigration/v1:StaticIpConnectivityResponse": { "description": "The source database will allow incoming connections from the public IP of the destination database. You can retrieve the public IP of the Cloud SQL instance from the Cloud SQL console or using Cloud SQL APIs. No additional configuration is required.", "type": "object" }, "google-native:datamigration/v1:StaticServiceIpConnectivity": { "description": "Static IP address connectivity configured on service project.", "type": "object" }, "google-native:datamigration/v1:StaticServiceIpConnectivityResponse": { "description": "Static IP address connectivity configured on service project.", "type": "object" }, "google-native:datamigration/v1:StatusResponse": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object", "required": [ "code", "details", "message" ] }, "google-native:datamigration/v1:UserPassword": { "description": "The username/password for a database user. Used for specifying initial users at cluster creation time.", "properties": { "password": { "type": "string", "description": "The initial password for the user." }, "user": { "type": "string", "description": "The database username." } }, "type": "object" }, "google-native:datamigration/v1:UserPasswordResponse": { "description": "The username/password for a database user. Used for specifying initial users at cluster creation time.", "properties": { "password": { "type": "string", "description": "The initial password for the user." }, "passwordSet": { "type": "boolean", "description": "Indicates if the initial_user.password field has been set." }, "user": { "type": "string", "description": "The database username." } }, "type": "object", "required": [ "password", "passwordSet", "user" ] }, "google-native:datamigration/v1:ValueListFilter": { "description": "A list of values to filter by in ConditionalColumnSetValue", "properties": { "ignoreCase": { "type": "boolean", "description": "Whether to ignore case when filtering by values. Defaults to false" }, "valuePresentList": { "$ref": "#/types/google-native:datamigration%2Fv1:ValueListFilterValuePresentList", "description": "Indicates whether the filter matches rows with values that are present in the list or those with values not present in it." }, "values": { "type": "array", "items": { "type": "string" }, "description": "The list to be used to filter by" } }, "type": "object", "required": [ "ignoreCase", "valuePresentList", "values" ] }, "google-native:datamigration/v1:ValueListFilterResponse": { "description": "A list of values to filter by in ConditionalColumnSetValue", "properties": { "ignoreCase": { "type": "boolean", "description": "Whether to ignore case when filtering by values. Defaults to false" }, "valuePresentList": { "type": "string", "description": "Indicates whether the filter matches rows with values that are present in the list or those with values not present in it." }, "values": { "type": "array", "items": { "type": "string" }, "description": "The list to be used to filter by" } }, "type": "object", "required": [ "ignoreCase", "valuePresentList", "values" ] }, "google-native:datamigration/v1:ValueListFilterValuePresentList": { "description": "Required. Indicates whether the filter matches rows with values that are present in the list or those with values not present in it.", "type": "string", "enum": [ { "name": "ValuePresentInListUnspecified", "description": "Value present in list unspecified", "value": "VALUE_PRESENT_IN_LIST_UNSPECIFIED" }, { "name": "ValuePresentInListIfValueList", "description": "If the source value is in the supplied list at value_list", "value": "VALUE_PRESENT_IN_LIST_IF_VALUE_LIST" }, { "name": "ValuePresentInListIfValueNotList", "description": "If the source value is not in the supplied list at value_list", "value": "VALUE_PRESENT_IN_LIST_IF_VALUE_NOT_LIST" } ] }, "google-native:datamigration/v1:ValueTransformation": { "description": "Description of data transformation during migration as part of the ConditionalColumnSetValue.", "properties": { "applyHash": { "$ref": "#/types/google-native:datamigration%2Fv1:ApplyHash", "description": "Optional. Applies a hash function on the data" }, "assignMaxValue": { "$ref": "#/types/google-native:datamigration%2Fv1:Empty", "description": "Optional. Set to max_value - if integer or numeric, will use int.maxvalue, etc" }, "assignMinValue": { "$ref": "#/types/google-native:datamigration%2Fv1:Empty", "description": "Optional. Set to min_value - if integer or numeric, will use int.minvalue, etc" }, "assignNull": { "$ref": "#/types/google-native:datamigration%2Fv1:Empty", "description": "Optional. Set to null" }, "assignSpecificValue": { "$ref": "#/types/google-native:datamigration%2Fv1:AssignSpecificValue", "description": "Optional. Set to a specific value (value is converted to fit the target data type)" }, "doubleComparison": { "$ref": "#/types/google-native:datamigration%2Fv1:DoubleComparisonFilter", "description": "Optional. Filter on relation between source value and compare value of type double." }, "intComparison": { "$ref": "#/types/google-native:datamigration%2Fv1:IntComparisonFilter", "description": "Optional. Filter on relation between source value and compare value of type integer." }, "isNull": { "$ref": "#/types/google-native:datamigration%2Fv1:Empty", "description": "Optional. Value is null" }, "roundScale": { "$ref": "#/types/google-native:datamigration%2Fv1:RoundToScale", "description": "Optional. Allows the data to change scale" }, "valueList": { "$ref": "#/types/google-native:datamigration%2Fv1:ValueListFilter", "description": "Optional. Value is found in the specified list." } }, "type": "object" }, "google-native:datamigration/v1:ValueTransformationResponse": { "description": "Description of data transformation during migration as part of the ConditionalColumnSetValue.", "properties": { "applyHash": { "$ref": "#/types/google-native:datamigration%2Fv1:ApplyHashResponse", "description": "Optional. Applies a hash function on the data" }, "assignMaxValue": { "$ref": "#/types/google-native:datamigration%2Fv1:EmptyResponse", "description": "Optional. Set to max_value - if integer or numeric, will use int.maxvalue, etc" }, "assignMinValue": { "$ref": "#/types/google-native:datamigration%2Fv1:EmptyResponse", "description": "Optional. Set to min_value - if integer or numeric, will use int.minvalue, etc" }, "assignNull": { "$ref": "#/types/google-native:datamigration%2Fv1:EmptyResponse", "description": "Optional. Set to null" }, "assignSpecificValue": { "$ref": "#/types/google-native:datamigration%2Fv1:AssignSpecificValueResponse", "description": "Optional. Set to a specific value (value is converted to fit the target data type)" }, "doubleComparison": { "$ref": "#/types/google-native:datamigration%2Fv1:DoubleComparisonFilterResponse", "description": "Optional. Filter on relation between source value and compare value of type double." }, "intComparison": { "$ref": "#/types/google-native:datamigration%2Fv1:IntComparisonFilterResponse", "description": "Optional. Filter on relation between source value and compare value of type integer." }, "isNull": { "$ref": "#/types/google-native:datamigration%2Fv1:EmptyResponse", "description": "Optional. Value is null" }, "roundScale": { "$ref": "#/types/google-native:datamigration%2Fv1:RoundToScaleResponse", "description": "Optional. Allows the data to change scale" }, "valueList": { "$ref": "#/types/google-native:datamigration%2Fv1:ValueListFilterResponse", "description": "Optional. Value is found in the specified list." } }, "type": "object", "required": [ "applyHash", "assignMaxValue", "assignMinValue", "assignNull", "assignSpecificValue", "doubleComparison", "intComparison", "isNull", "roundScale", "valueList" ] }, "google-native:datamigration/v1:VpcPeeringConfig": { "description": "The VPC peering configuration is used to create VPC peering with the consumer's VPC.", "properties": { "subnet": { "type": "string", "description": "A free subnet for peering. (CIDR of /29)" }, "vpcName": { "type": "string", "description": "Fully qualified name of the VPC that Database Migration Service will peer to." } }, "type": "object", "required": [ "subnet", "vpcName" ] }, "google-native:datamigration/v1:VpcPeeringConfigResponse": { "description": "The VPC peering configuration is used to create VPC peering with the consumer's VPC.", "properties": { "subnet": { "type": "string", "description": "A free subnet for peering. (CIDR of /29)" }, "vpcName": { "type": "string", "description": "Fully qualified name of the VPC that Database Migration Service will peer to." } }, "type": "object", "required": [ "subnet", "vpcName" ] }, "google-native:datamigration/v1:VpcPeeringConnectivity": { "description": "The details of the VPC where the source database is located in Google Cloud. We will use this information to set up the VPC peering connection between Cloud SQL and this VPC.", "properties": { "vpc": { "type": "string", "description": "The name of the VPC network to peer with the Cloud SQL private network." } }, "type": "object" }, "google-native:datamigration/v1:VpcPeeringConnectivityResponse": { "description": "The details of the VPC where the source database is located in Google Cloud. We will use this information to set up the VPC peering connection between Cloud SQL and this VPC.", "properties": { "vpc": { "type": "string", "description": "The name of the VPC network to peer with the Cloud SQL private network." } }, "type": "object", "required": [ "vpc" ] }, "google-native:datamigration/v1beta1:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:datamigration%2Fv1beta1:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:datamigration/v1beta1:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:datamigration%2Fv1beta1:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:datamigration/v1beta1:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:datamigration%2Fv1beta1:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:datamigration/v1beta1:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:datamigration/v1beta1:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:datamigration/v1beta1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:datamigration%2Fv1beta1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:datamigration/v1beta1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:datamigration%2Fv1beta1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:datamigration/v1beta1:CloudSqlConnectionProfile": { "description": "Specifies required connection parameters, and, optionally, the parameters required to create a Cloud SQL destination database instance.", "properties": { "settings": { "$ref": "#/types/google-native:datamigration%2Fv1beta1:CloudSqlSettings", "description": "Immutable. Metadata used to create the destination Cloud SQL database." } }, "type": "object" }, "google-native:datamigration/v1beta1:CloudSqlConnectionProfileResponse": { "description": "Specifies required connection parameters, and, optionally, the parameters required to create a Cloud SQL destination database instance.", "properties": { "cloudSqlId": { "type": "string", "description": "The Cloud SQL instance ID that this connection profile is associated with." }, "privateIp": { "type": "string", "description": "The Cloud SQL database instance's private IP." }, "publicIp": { "type": "string", "description": "The Cloud SQL database instance's public IP." }, "settings": { "$ref": "#/types/google-native:datamigration%2Fv1beta1:CloudSqlSettingsResponse", "description": "Immutable. Metadata used to create the destination Cloud SQL database." } }, "type": "object", "required": [ "cloudSqlId", "privateIp", "publicIp", "settings" ] }, "google-native:datamigration/v1beta1:CloudSqlSettings": { "description": "Settings for creating a Cloud SQL database instance.", "properties": { "activationPolicy": { "$ref": "#/types/google-native:datamigration%2Fv1beta1:CloudSqlSettingsActivationPolicy", "description": "The activation policy specifies when the instance is activated; it is applicable only when the instance state is 'RUNNABLE'. Valid values: 'ALWAYS': The instance is on, and remains so even in the absence of connection requests. `NEVER`: The instance is off; it is not activated, even if a connection request arrives." }, "autoStorageIncrease": { "type": "boolean", "description": "[default: ON] If you enable this setting, Cloud SQL checks your available storage every 30 seconds. If the available storage falls below a threshold size, Cloud SQL automatically adds additional storage capacity. If the available storage repeatedly falls below the threshold size, Cloud SQL continues to add storage until it reaches the maximum of 30 TB." }, "dataDiskSizeGb": { "type": "string", "description": "The storage capacity available to the database, in GB. The minimum (and default) size is 10GB." }, "dataDiskType": { "$ref": "#/types/google-native:datamigration%2Fv1beta1:CloudSqlSettingsDataDiskType", "description": "The type of storage: `PD_SSD` (default) or `PD_HDD`." }, "databaseFlags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The database flags passed to the Cloud SQL instance at startup. An object containing a list of \"key\": value pairs. Example: { \"name\": \"wrench\", \"mass\": \"1.3kg\", \"count\": \"3\" }." }, "databaseVersion": { "$ref": "#/types/google-native:datamigration%2Fv1beta1:CloudSqlSettingsDatabaseVersion", "description": "The database engine type and version." }, "ipConfig": { "$ref": "#/types/google-native:datamigration%2Fv1beta1:SqlIpConfig", "description": "The settings for IP Management. This allows to enable or disable the instance IP and manage which external networks can connect to the instance. The IPv4 address cannot be disabled." }, "rootPassword": { "type": "string", "description": "Input only. Initial root password." }, "sourceId": { "type": "string", "description": "The Database Migration Service source connection profile ID, in the format: `projects/my_project_name/locations/us-central1/connectionProfiles/connection_profile_ID`" }, "storageAutoResizeLimit": { "type": "string", "description": "The maximum size to which storage capacity can be automatically increased. The default value is 0, which specifies that there is no limit." }, "tier": { "type": "string", "description": "The tier (or machine type) for this instance, for example: `db-n1-standard-1` (MySQL instances). For more information, see [Cloud SQL Instance Settings](https://cloud.google.com/sql/docs/mysql/instance-settings)." }, "userLabels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The resource labels for a Cloud SQL instance to use to annotate any related underlying resources such as Compute Engine VMs. An object containing a list of \"key\": \"value\" pairs. Example: `{ \"name\": \"wrench\", \"mass\": \"18kg\", \"count\": \"3\" }`." }, "zone": { "type": "string", "description": "The Google Cloud Platform zone where your Cloud SQL database instance is located." } }, "type": "object" }, "google-native:datamigration/v1beta1:CloudSqlSettingsActivationPolicy": { "description": "The activation policy specifies when the instance is activated; it is applicable only when the instance state is 'RUNNABLE'. Valid values: 'ALWAYS': The instance is on, and remains so even in the absence of connection requests. `NEVER`: The instance is off; it is not activated, even if a connection request arrives.", "type": "string", "enum": [ { "name": "SqlActivationPolicyUnspecified", "description": "unspecified policy.", "value": "SQL_ACTIVATION_POLICY_UNSPECIFIED" }, { "name": "Always", "description": "The instance is always up and running.", "value": "ALWAYS" }, { "name": "Never", "description": "The instance should never spin up.", "value": "NEVER" } ] }, "google-native:datamigration/v1beta1:CloudSqlSettingsDataDiskType": { "description": "The type of storage: `PD_SSD` (default) or `PD_HDD`.", "type": "string", "enum": [ { "name": "SqlDataDiskTypeUnspecified", "description": "Unspecified.", "value": "SQL_DATA_DISK_TYPE_UNSPECIFIED" }, { "name": "PdSsd", "description": "SSD disk.", "value": "PD_SSD" }, { "name": "PdHdd", "description": "HDD disk.", "value": "PD_HDD" } ] }, "google-native:datamigration/v1beta1:CloudSqlSettingsDatabaseVersion": { "description": "The database engine type and version.", "type": "string", "enum": [ { "name": "SqlDatabaseVersionUnspecified", "description": "Unspecified version.", "value": "SQL_DATABASE_VERSION_UNSPECIFIED" }, { "name": "Mysql56", "description": "MySQL 5.6.", "value": "MYSQL_5_6" }, { "name": "Mysql57", "description": "MySQL 5.7.", "value": "MYSQL_5_7" }, { "name": "Mysql80", "description": "MySQL 8.0.", "value": "MYSQL_8_0" } ] }, "google-native:datamigration/v1beta1:CloudSqlSettingsResponse": { "description": "Settings for creating a Cloud SQL database instance.", "properties": { "activationPolicy": { "type": "string", "description": "The activation policy specifies when the instance is activated; it is applicable only when the instance state is 'RUNNABLE'. Valid values: 'ALWAYS': The instance is on, and remains so even in the absence of connection requests. `NEVER`: The instance is off; it is not activated, even if a connection request arrives." }, "autoStorageIncrease": { "type": "boolean", "description": "[default: ON] If you enable this setting, Cloud SQL checks your available storage every 30 seconds. If the available storage falls below a threshold size, Cloud SQL automatically adds additional storage capacity. If the available storage repeatedly falls below the threshold size, Cloud SQL continues to add storage until it reaches the maximum of 30 TB." }, "dataDiskSizeGb": { "type": "string", "description": "The storage capacity available to the database, in GB. The minimum (and default) size is 10GB." }, "dataDiskType": { "type": "string", "description": "The type of storage: `PD_SSD` (default) or `PD_HDD`." }, "databaseFlags": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The database flags passed to the Cloud SQL instance at startup. An object containing a list of \"key\": value pairs. Example: { \"name\": \"wrench\", \"mass\": \"1.3kg\", \"count\": \"3\" }." }, "databaseVersion": { "type": "string", "description": "The database engine type and version." }, "ipConfig": { "$ref": "#/types/google-native:datamigration%2Fv1beta1:SqlIpConfigResponse", "description": "The settings for IP Management. This allows to enable or disable the instance IP and manage which external networks can connect to the instance. The IPv4 address cannot be disabled." }, "rootPassword": { "type": "string", "description": "Input only. Initial root password." }, "rootPasswordSet": { "type": "boolean", "description": "Indicates If this connection profile root password is stored." }, "sourceId": { "type": "string", "description": "The Database Migration Service source connection profile ID, in the format: `projects/my_project_name/locations/us-central1/connectionProfiles/connection_profile_ID`" }, "storageAutoResizeLimit": { "type": "string", "description": "The maximum size to which storage capacity can be automatically increased. The default value is 0, which specifies that there is no limit." }, "tier": { "type": "string", "description": "The tier (or machine type) for this instance, for example: `db-n1-standard-1` (MySQL instances). For more information, see [Cloud SQL Instance Settings](https://cloud.google.com/sql/docs/mysql/instance-settings)." }, "userLabels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The resource labels for a Cloud SQL instance to use to annotate any related underlying resources such as Compute Engine VMs. An object containing a list of \"key\": \"value\" pairs. Example: `{ \"name\": \"wrench\", \"mass\": \"18kg\", \"count\": \"3\" }`." }, "zone": { "type": "string", "description": "The Google Cloud Platform zone where your Cloud SQL database instance is located." } }, "type": "object", "required": [ "activationPolicy", "autoStorageIncrease", "dataDiskSizeGb", "dataDiskType", "databaseFlags", "databaseVersion", "ipConfig", "rootPassword", "rootPasswordSet", "sourceId", "storageAutoResizeLimit", "tier", "userLabels", "zone" ] }, "google-native:datamigration/v1beta1:ConnectionProfileProvider": { "description": "The database provider.", "type": "string", "enum": [ { "name": "DatabaseProviderUnspecified", "description": "The database provider is unknown.", "value": "DATABASE_PROVIDER_UNSPECIFIED" }, { "name": "Cloudsql", "description": "CloudSQL runs the database.", "value": "CLOUDSQL" }, { "name": "Rds", "description": "RDS runs the database.", "value": "RDS" } ] }, "google-native:datamigration/v1beta1:ConnectionProfileState": { "description": "The current connection profile state (e.g. DRAFT, READY, or FAILED).", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "The state of the connection profile is unknown.", "value": "STATE_UNSPECIFIED" }, { "name": "Draft", "description": "The connection profile is in draft mode and fully editable.", "value": "DRAFT" }, { "name": "Creating", "description": "The connection profile is being created.", "value": "CREATING" }, { "name": "Ready", "description": "The connection profile is ready.", "value": "READY" }, { "name": "Updating", "description": "The connection profile is being updated.", "value": "UPDATING" }, { "name": "Deleting", "description": "The connection profile is being deleted.", "value": "DELETING" }, { "name": "Deleted", "description": "The connection profile has been deleted.", "value": "DELETED" }, { "name": "Failed", "description": "The last action on the connection profile failed.", "value": "FAILED" } ] }, "google-native:datamigration/v1beta1:DatabaseType": { "description": "A message defining the database engine and provider.", "properties": { "engine": { "$ref": "#/types/google-native:datamigration%2Fv1beta1:DatabaseTypeEngine", "description": "The database engine." }, "provider": { "$ref": "#/types/google-native:datamigration%2Fv1beta1:DatabaseTypeProvider", "description": "The database provider." } }, "type": "object" }, "google-native:datamigration/v1beta1:DatabaseTypeEngine": { "description": "The database engine.", "type": "string", "enum": [ { "name": "DatabaseEngineUnspecified", "description": "The source database engine of the migration job is unknown.", "value": "DATABASE_ENGINE_UNSPECIFIED" }, { "name": "Mysql", "description": "The source engine is MySQL.", "value": "MYSQL" } ] }, "google-native:datamigration/v1beta1:DatabaseTypeProvider": { "description": "The database provider.", "type": "string", "enum": [ { "name": "DatabaseProviderUnspecified", "description": "The database provider is unknown.", "value": "DATABASE_PROVIDER_UNSPECIFIED" }, { "name": "Cloudsql", "description": "CloudSQL runs the database.", "value": "CLOUDSQL" }, { "name": "Rds", "description": "RDS runs the database.", "value": "RDS" } ] }, "google-native:datamigration/v1beta1:DatabaseTypeResponse": { "description": "A message defining the database engine and provider.", "properties": { "engine": { "type": "string", "description": "The database engine." }, "provider": { "type": "string", "description": "The database provider." } }, "type": "object", "required": [ "engine", "provider" ] }, "google-native:datamigration/v1beta1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:datamigration/v1beta1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:datamigration/v1beta1:MigrationJobState": { "description": "The current migration job state.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "The state of the migration job is unknown.", "value": "STATE_UNSPECIFIED" }, { "name": "Maintenance", "description": "The migration job is down for maintenance.", "value": "MAINTENANCE" }, { "name": "Draft", "description": "The migration job is in draft mode and no resources are created.", "value": "DRAFT" }, { "name": "Creating", "description": "The migration job is being created.", "value": "CREATING" }, { "name": "NotStarted", "description": "The migration job is created and not started.", "value": "NOT_STARTED" }, { "name": "Running", "description": "The migration job is running.", "value": "RUNNING" }, { "name": "Failed", "description": "The migration job failed.", "value": "FAILED" }, { "name": "Completed", "description": "The migration job has been completed.", "value": "COMPLETED" }, { "name": "Deleting", "description": "The migration job is being deleted.", "value": "DELETING" }, { "name": "Stopping", "description": "The migration job is being stopped.", "value": "STOPPING" }, { "name": "Stopped", "description": "The migration job is currently stopped.", "value": "STOPPED" }, { "name": "Deleted", "description": "The migration job has been deleted.", "value": "DELETED" }, { "name": "Updating", "description": "The migration job is being updated.", "value": "UPDATING" }, { "name": "Starting", "description": "The migration job is starting.", "value": "STARTING" }, { "name": "Restarting", "description": "The migration job is restarting.", "value": "RESTARTING" }, { "name": "Resuming", "description": "The migration job is resuming.", "value": "RESUMING" } ] }, "google-native:datamigration/v1beta1:MigrationJobType": { "description": "Required. The migration job type.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "The type of the migration job is unknown.", "value": "TYPE_UNSPECIFIED" }, { "name": "OneTime", "description": "The migration job is a one time migration.", "value": "ONE_TIME" }, { "name": "Continuous", "description": "The migration job is a continuous migration.", "value": "CONTINUOUS" } ] }, "google-native:datamigration/v1beta1:MySqlConnectionProfile": { "description": "Specifies connection parameters required specifically for MySQL databases.", "properties": { "cloudSqlId": { "type": "string", "description": "If the source is a Cloud SQL database, use this field to provide the Cloud SQL instance ID of the source." }, "host": { "type": "string", "description": "The IP or hostname of the source MySQL database." }, "password": { "type": "string", "description": "Input only. The password for the user that Database Migration Service will be using to connect to the database. This field is not returned on request, and the value is encrypted when stored in Database Migration Service." }, "port": { "type": "integer", "description": "The network port of the source MySQL database." }, "ssl": { "$ref": "#/types/google-native:datamigration%2Fv1beta1:SslConfig", "description": "SSL configuration for the destination to connect to the source database." }, "username": { "type": "string", "description": "The username that Database Migration Service will use to connect to the database. The value is encrypted when stored in Database Migration Service." } }, "type": "object", "required": [ "host", "password", "port", "username" ] }, "google-native:datamigration/v1beta1:MySqlConnectionProfileResponse": { "description": "Specifies connection parameters required specifically for MySQL databases.", "properties": { "cloudSqlId": { "type": "string", "description": "If the source is a Cloud SQL database, use this field to provide the Cloud SQL instance ID of the source." }, "host": { "type": "string", "description": "The IP or hostname of the source MySQL database." }, "password": { "type": "string", "description": "Input only. The password for the user that Database Migration Service will be using to connect to the database. This field is not returned on request, and the value is encrypted when stored in Database Migration Service." }, "passwordSet": { "type": "boolean", "description": "Indicates If this connection profile password is stored." }, "port": { "type": "integer", "description": "The network port of the source MySQL database." }, "ssl": { "$ref": "#/types/google-native:datamigration%2Fv1beta1:SslConfigResponse", "description": "SSL configuration for the destination to connect to the source database." }, "username": { "type": "string", "description": "The username that Database Migration Service will use to connect to the database. The value is encrypted when stored in Database Migration Service." } }, "type": "object", "required": [ "cloudSqlId", "host", "password", "passwordSet", "port", "ssl", "username" ] }, "google-native:datamigration/v1beta1:ReverseSshConnectivity": { "description": "The details needed to configure a reverse SSH tunnel between the source and destination databases. These details will be used when calling the generateSshScript method (see https://cloud.google.com/database-migration/docs/reference/rest/v1beta1/projects.locations.migrationJobs/generateSshScript) to produce the script that will help set up the reverse SSH tunnel, and to set up the VPC peering between the Cloud SQL private network and the VPC.", "properties": { "vm": { "type": "string", "description": "The name of the virtual machine (Compute Engine) used as the bastion server for the SSH tunnel." }, "vmIp": { "type": "string", "description": "The IP of the virtual machine (Compute Engine) used as the bastion server for the SSH tunnel." }, "vmPort": { "type": "integer", "description": "The forwarding port of the virtual machine (Compute Engine) used as the bastion server for the SSH tunnel." }, "vpc": { "type": "string", "description": "The name of the VPC to peer with the Cloud SQL private network." } }, "type": "object", "required": [ "vmIp", "vmPort" ] }, "google-native:datamigration/v1beta1:ReverseSshConnectivityResponse": { "description": "The details needed to configure a reverse SSH tunnel between the source and destination databases. These details will be used when calling the generateSshScript method (see https://cloud.google.com/database-migration/docs/reference/rest/v1beta1/projects.locations.migrationJobs/generateSshScript) to produce the script that will help set up the reverse SSH tunnel, and to set up the VPC peering between the Cloud SQL private network and the VPC.", "properties": { "vm": { "type": "string", "description": "The name of the virtual machine (Compute Engine) used as the bastion server for the SSH tunnel." }, "vmIp": { "type": "string", "description": "The IP of the virtual machine (Compute Engine) used as the bastion server for the SSH tunnel." }, "vmPort": { "type": "integer", "description": "The forwarding port of the virtual machine (Compute Engine) used as the bastion server for the SSH tunnel." }, "vpc": { "type": "string", "description": "The name of the VPC to peer with the Cloud SQL private network." } }, "type": "object", "required": [ "vm", "vmIp", "vmPort", "vpc" ] }, "google-native:datamigration/v1beta1:SqlAclEntry": { "description": "An entry for an Access Control list.", "properties": { "expireTime": { "type": "string", "description": "The time when this access control entry expires in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example: `2012-11-15T16:19:00.094Z`." }, "label": { "type": "string", "description": "A label to identify this entry." }, "ttl": { "type": "string", "description": "Input only. The time-to-leave of this access control entry." }, "value": { "type": "string", "description": "The allowlisted value for the access control list." } }, "type": "object" }, "google-native:datamigration/v1beta1:SqlAclEntryResponse": { "description": "An entry for an Access Control list.", "properties": { "expireTime": { "type": "string", "description": "The time when this access control entry expires in [RFC 3339](https://tools.ietf.org/html/rfc3339) format, for example: `2012-11-15T16:19:00.094Z`." }, "label": { "type": "string", "description": "A label to identify this entry." }, "ttl": { "type": "string", "description": "Input only. The time-to-leave of this access control entry." }, "value": { "type": "string", "description": "The allowlisted value for the access control list." } }, "type": "object", "required": [ "expireTime", "label", "ttl", "value" ] }, "google-native:datamigration/v1beta1:SqlIpConfig": { "description": "IP Management configuration.", "properties": { "authorizedNetworks": { "type": "array", "items": { "$ref": "#/types/google-native:datamigration%2Fv1beta1:SqlAclEntry" }, "description": "The list of external networks that are allowed to connect to the instance using the IP. See https://en.wikipedia.org/wiki/CIDR_notation#CIDR_notation, also known as 'slash' notation (e.g. `192.168.100.0/24`)." }, "enableIpv4": { "type": "boolean", "description": "Whether the instance is assigned a public IP address or not." }, "privateNetwork": { "type": "string", "description": "The resource link for the VPC network from which the Cloud SQL instance is accessible for private IP. For example, `/projects/myProject/global/networks/default`. This setting can be updated, but it cannot be removed after it is set." }, "requireSsl": { "type": "boolean", "description": "Whether SSL connections over IP should be enforced or not." } }, "type": "object" }, "google-native:datamigration/v1beta1:SqlIpConfigResponse": { "description": "IP Management configuration.", "properties": { "authorizedNetworks": { "type": "array", "items": { "$ref": "#/types/google-native:datamigration%2Fv1beta1:SqlAclEntryResponse" }, "description": "The list of external networks that are allowed to connect to the instance using the IP. See https://en.wikipedia.org/wiki/CIDR_notation#CIDR_notation, also known as 'slash' notation (e.g. `192.168.100.0/24`)." }, "enableIpv4": { "type": "boolean", "description": "Whether the instance is assigned a public IP address or not." }, "privateNetwork": { "type": "string", "description": "The resource link for the VPC network from which the Cloud SQL instance is accessible for private IP. For example, `/projects/myProject/global/networks/default`. This setting can be updated, but it cannot be removed after it is set." }, "requireSsl": { "type": "boolean", "description": "Whether SSL connections over IP should be enforced or not." } }, "type": "object", "required": [ "authorizedNetworks", "enableIpv4", "privateNetwork", "requireSsl" ] }, "google-native:datamigration/v1beta1:SslConfig": { "description": "SSL configuration information.", "properties": { "caCertificate": { "type": "string", "description": "Input only. The x509 PEM-encoded certificate of the CA that signed the source database server's certificate. The replica will use this certificate to verify it's connecting to the right host." }, "clientCertificate": { "type": "string", "description": "Input only. The x509 PEM-encoded certificate that will be used by the replica to authenticate against the source database server.If this field is used then the 'client_key' field is mandatory." }, "clientKey": { "type": "string", "description": "Input only. The unencrypted PKCS#1 or PKCS#8 PEM-encoded private key associated with the Client Certificate. If this field is used then the 'client_certificate' field is mandatory." } }, "type": "object", "required": [ "caCertificate" ] }, "google-native:datamigration/v1beta1:SslConfigResponse": { "description": "SSL configuration information.", "properties": { "caCertificate": { "type": "string", "description": "Input only. The x509 PEM-encoded certificate of the CA that signed the source database server's certificate. The replica will use this certificate to verify it's connecting to the right host." }, "clientCertificate": { "type": "string", "description": "Input only. The x509 PEM-encoded certificate that will be used by the replica to authenticate against the source database server.If this field is used then the 'client_key' field is mandatory." }, "clientKey": { "type": "string", "description": "Input only. The unencrypted PKCS#1 or PKCS#8 PEM-encoded private key associated with the Client Certificate. If this field is used then the 'client_certificate' field is mandatory." }, "type": { "type": "string", "description": "The ssl config type according to 'client_key', 'client_certificate' and 'ca_certificate'." } }, "type": "object", "required": [ "caCertificate", "clientCertificate", "clientKey", "type" ] }, "google-native:datamigration/v1beta1:StaticIpConnectivity": { "description": "The source database will allow incoming connections from the destination database's public IP. You can retrieve the Cloud SQL instance's public IP from the Cloud SQL console or using Cloud SQL APIs. No additional configuration is required.", "type": "object" }, "google-native:datamigration/v1beta1:StaticIpConnectivityResponse": { "description": "The source database will allow incoming connections from the destination database's public IP. You can retrieve the Cloud SQL instance's public IP from the Cloud SQL console or using Cloud SQL APIs. No additional configuration is required.", "type": "object" }, "google-native:datamigration/v1beta1:StatusResponse": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object", "required": [ "code", "details", "message" ] }, "google-native:datamigration/v1beta1:VpcPeeringConnectivity": { "description": "The details of the VPC where the source database is located in Google Cloud. We will use this information to set up the VPC peering connection between Cloud SQL and this VPC.", "properties": { "vpc": { "type": "string", "description": "The name of the VPC network to peer with the Cloud SQL private network." } }, "type": "object" }, "google-native:datamigration/v1beta1:VpcPeeringConnectivityResponse": { "description": "The details of the VPC where the source database is located in Google Cloud. We will use this information to set up the VPC peering connection between Cloud SQL and this VPC.", "properties": { "vpc": { "type": "string", "description": "The name of the VPC network to peer with the Cloud SQL private network." } }, "type": "object", "required": [ "vpc" ] }, "google-native:datapipelines/v1:GoogleCloudDatapipelinesV1FlexTemplateRuntimeEnvironment": { "description": "The environment values to be set at runtime for a Flex Template.", "properties": { "additionalExperiments": { "type": "array", "items": { "type": "string" }, "description": "Additional experiment flags for the job." }, "additionalUserLabels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional user labels to be specified for the job. Keys and values must follow the restrictions specified in the [labeling restrictions](https://cloud.google.com/compute/docs/labeling-resources#restrictions). An object containing a list of key/value pairs. Example: `{ \"name\": \"wrench\", \"mass\": \"1kg\", \"count\": \"3\" }`." }, "enableStreamingEngine": { "type": "boolean", "description": "Whether to enable Streaming Engine for the job." }, "flexrsGoal": { "$ref": "#/types/google-native:datapipelines%2Fv1:GoogleCloudDatapipelinesV1FlexTemplateRuntimeEnvironmentFlexrsGoal", "description": "Set FlexRS goal for the job. https://cloud.google.com/dataflow/docs/guides/flexrs" }, "ipConfiguration": { "$ref": "#/types/google-native:datapipelines%2Fv1:GoogleCloudDatapipelinesV1FlexTemplateRuntimeEnvironmentIpConfiguration", "description": "Configuration for VM IPs." }, "kmsKeyName": { "type": "string", "description": "Name for the Cloud KMS key for the job. Key format is: projects//locations//keyRings//cryptoKeys/" }, "machineType": { "type": "string", "description": "The machine type to use for the job. Defaults to the value from the template if not specified." }, "maxWorkers": { "type": "integer", "description": "The maximum number of Compute Engine instances to be made available to your pipeline during execution, from 1 to 1000." }, "network": { "type": "string", "description": "Network to which VMs will be assigned. If empty or unspecified, the service will use the network \"default\"." }, "numWorkers": { "type": "integer", "description": "The initial number of Compute Engine instances for the job." }, "serviceAccountEmail": { "type": "string", "description": "The email address of the service account to run the job as." }, "subnetwork": { "type": "string", "description": "Subnetwork to which VMs will be assigned, if desired. You can specify a subnetwork using either a complete URL or an abbreviated path. Expected to be of the form \"https://www.googleapis.com/compute/v1/projects/HOST_PROJECT_ID/regions/REGION/subnetworks/SUBNETWORK\" or \"regions/REGION/subnetworks/SUBNETWORK\". If the subnetwork is located in a Shared VPC network, you must use the complete URL." }, "tempLocation": { "type": "string", "description": "The Cloud Storage path to use for temporary files. Must be a valid Cloud Storage URL, beginning with `gs://`." }, "workerRegion": { "type": "string", "description": "The Compute Engine region (https://cloud.google.com/compute/docs/regions-zones/regions-zones) in which worker processing should occur, e.g. \"us-west1\". Mutually exclusive with worker_zone. If neither worker_region nor worker_zone is specified, defaults to the control plane region." }, "workerZone": { "type": "string", "description": "The Compute Engine zone (https://cloud.google.com/compute/docs/regions-zones/regions-zones) in which worker processing should occur, e.g. \"us-west1-a\". Mutually exclusive with worker_region. If neither worker_region nor worker_zone is specified, a zone in the control plane region is chosen based on available capacity. If both `worker_zone` and `zone` are set, `worker_zone` takes precedence." }, "zone": { "type": "string", "description": "The Compute Engine [availability zone](https://cloud.google.com/compute/docs/regions-zones/regions-zones) for launching worker instances to run your pipeline. In the future, worker_zone will take precedence." } }, "type": "object" }, "google-native:datapipelines/v1:GoogleCloudDatapipelinesV1FlexTemplateRuntimeEnvironmentFlexrsGoal": { "description": "Set FlexRS goal for the job. https://cloud.google.com/dataflow/docs/guides/flexrs", "type": "string", "enum": [ { "name": "FlexrsUnspecified", "description": "Run in the default mode.", "value": "FLEXRS_UNSPECIFIED" }, { "name": "FlexrsSpeedOptimized", "description": "Optimize for lower execution time.", "value": "FLEXRS_SPEED_OPTIMIZED" }, { "name": "FlexrsCostOptimized", "description": "Optimize for lower cost.", "value": "FLEXRS_COST_OPTIMIZED" } ] }, "google-native:datapipelines/v1:GoogleCloudDatapipelinesV1FlexTemplateRuntimeEnvironmentIpConfiguration": { "description": "Configuration for VM IPs.", "type": "string", "enum": [ { "name": "WorkerIpUnspecified", "description": "The configuration is unknown, or unspecified.", "value": "WORKER_IP_UNSPECIFIED" }, { "name": "WorkerIpPublic", "description": "Workers should have public IP addresses.", "value": "WORKER_IP_PUBLIC" }, { "name": "WorkerIpPrivate", "description": "Workers should have private IP addresses.", "value": "WORKER_IP_PRIVATE" } ] }, "google-native:datapipelines/v1:GoogleCloudDatapipelinesV1FlexTemplateRuntimeEnvironmentResponse": { "description": "The environment values to be set at runtime for a Flex Template.", "properties": { "additionalExperiments": { "type": "array", "items": { "type": "string" }, "description": "Additional experiment flags for the job." }, "additionalUserLabels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional user labels to be specified for the job. Keys and values must follow the restrictions specified in the [labeling restrictions](https://cloud.google.com/compute/docs/labeling-resources#restrictions). An object containing a list of key/value pairs. Example: `{ \"name\": \"wrench\", \"mass\": \"1kg\", \"count\": \"3\" }`." }, "enableStreamingEngine": { "type": "boolean", "description": "Whether to enable Streaming Engine for the job." }, "flexrsGoal": { "type": "string", "description": "Set FlexRS goal for the job. https://cloud.google.com/dataflow/docs/guides/flexrs" }, "ipConfiguration": { "type": "string", "description": "Configuration for VM IPs." }, "kmsKeyName": { "type": "string", "description": "Name for the Cloud KMS key for the job. Key format is: projects//locations//keyRings//cryptoKeys/" }, "machineType": { "type": "string", "description": "The machine type to use for the job. Defaults to the value from the template if not specified." }, "maxWorkers": { "type": "integer", "description": "The maximum number of Compute Engine instances to be made available to your pipeline during execution, from 1 to 1000." }, "network": { "type": "string", "description": "Network to which VMs will be assigned. If empty or unspecified, the service will use the network \"default\"." }, "numWorkers": { "type": "integer", "description": "The initial number of Compute Engine instances for the job." }, "serviceAccountEmail": { "type": "string", "description": "The email address of the service account to run the job as." }, "subnetwork": { "type": "string", "description": "Subnetwork to which VMs will be assigned, if desired. You can specify a subnetwork using either a complete URL or an abbreviated path. Expected to be of the form \"https://www.googleapis.com/compute/v1/projects/HOST_PROJECT_ID/regions/REGION/subnetworks/SUBNETWORK\" or \"regions/REGION/subnetworks/SUBNETWORK\". If the subnetwork is located in a Shared VPC network, you must use the complete URL." }, "tempLocation": { "type": "string", "description": "The Cloud Storage path to use for temporary files. Must be a valid Cloud Storage URL, beginning with `gs://`." }, "workerRegion": { "type": "string", "description": "The Compute Engine region (https://cloud.google.com/compute/docs/regions-zones/regions-zones) in which worker processing should occur, e.g. \"us-west1\". Mutually exclusive with worker_zone. If neither worker_region nor worker_zone is specified, defaults to the control plane region." }, "workerZone": { "type": "string", "description": "The Compute Engine zone (https://cloud.google.com/compute/docs/regions-zones/regions-zones) in which worker processing should occur, e.g. \"us-west1-a\". Mutually exclusive with worker_region. If neither worker_region nor worker_zone is specified, a zone in the control plane region is chosen based on available capacity. If both `worker_zone` and `zone` are set, `worker_zone` takes precedence." }, "zone": { "type": "string", "description": "The Compute Engine [availability zone](https://cloud.google.com/compute/docs/regions-zones/regions-zones) for launching worker instances to run your pipeline. In the future, worker_zone will take precedence." } }, "type": "object", "required": [ "additionalExperiments", "additionalUserLabels", "enableStreamingEngine", "flexrsGoal", "ipConfiguration", "kmsKeyName", "machineType", "maxWorkers", "network", "numWorkers", "serviceAccountEmail", "subnetwork", "tempLocation", "workerRegion", "workerZone", "zone" ] }, "google-native:datapipelines/v1:GoogleCloudDatapipelinesV1LaunchFlexTemplateParameter": { "description": "Launch Flex Template parameter.", "properties": { "containerSpecGcsPath": { "type": "string", "description": "Cloud Storage path to a file with a JSON-serialized ContainerSpec as content." }, "environment": { "$ref": "#/types/google-native:datapipelines%2Fv1:GoogleCloudDatapipelinesV1FlexTemplateRuntimeEnvironment", "description": "The runtime environment for the Flex Template job." }, "jobName": { "type": "string", "description": "The job name to use for the created job. For an update job request, the job name should be the same as the existing running job." }, "launchOptions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Launch options for this Flex Template job. This is a common set of options across languages and templates. This should not be used to pass job parameters." }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The parameters for the Flex Template. Example: `{\"num_workers\":\"5\"}`" }, "transformNameMappings": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Use this to pass transform name mappings for streaming update jobs. Example: `{\"oldTransformName\":\"newTransformName\",...}`" }, "update": { "type": "boolean", "description": "Set this to true if you are sending a request to update a running streaming job. When set, the job name should be the same as the running job." } }, "type": "object", "required": [ "jobName" ] }, "google-native:datapipelines/v1:GoogleCloudDatapipelinesV1LaunchFlexTemplateParameterResponse": { "description": "Launch Flex Template parameter.", "properties": { "containerSpecGcsPath": { "type": "string", "description": "Cloud Storage path to a file with a JSON-serialized ContainerSpec as content." }, "environment": { "$ref": "#/types/google-native:datapipelines%2Fv1:GoogleCloudDatapipelinesV1FlexTemplateRuntimeEnvironmentResponse", "description": "The runtime environment for the Flex Template job." }, "jobName": { "type": "string", "description": "The job name to use for the created job. For an update job request, the job name should be the same as the existing running job." }, "launchOptions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Launch options for this Flex Template job. This is a common set of options across languages and templates. This should not be used to pass job parameters." }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The parameters for the Flex Template. Example: `{\"num_workers\":\"5\"}`" }, "transformNameMappings": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Use this to pass transform name mappings for streaming update jobs. Example: `{\"oldTransformName\":\"newTransformName\",...}`" }, "update": { "type": "boolean", "description": "Set this to true if you are sending a request to update a running streaming job. When set, the job name should be the same as the running job." } }, "type": "object", "required": [ "containerSpecGcsPath", "environment", "jobName", "launchOptions", "parameters", "transformNameMappings", "update" ] }, "google-native:datapipelines/v1:GoogleCloudDatapipelinesV1LaunchFlexTemplateRequest": { "description": "A request to launch a Dataflow job from a Flex Template.", "properties": { "launchParameter": { "$ref": "#/types/google-native:datapipelines%2Fv1:GoogleCloudDatapipelinesV1LaunchFlexTemplateParameter", "description": "Parameter to launch a job from a Flex Template." }, "location": { "type": "string", "description": "The [regional endpoint] (https://cloud.google.com/dataflow/docs/concepts/regional-endpoints) to which to direct the request. For example, `us-central1`, `us-west1`." }, "project": { "type": "string", "description": "The ID of the Cloud Platform project that the job belongs to." }, "validateOnly": { "type": "boolean", "description": "If true, the request is validated but not actually executed. Defaults to false." } }, "type": "object", "required": [ "launchParameter", "location", "project" ] }, "google-native:datapipelines/v1:GoogleCloudDatapipelinesV1LaunchFlexTemplateRequestResponse": { "description": "A request to launch a Dataflow job from a Flex Template.", "properties": { "launchParameter": { "$ref": "#/types/google-native:datapipelines%2Fv1:GoogleCloudDatapipelinesV1LaunchFlexTemplateParameterResponse", "description": "Parameter to launch a job from a Flex Template." }, "location": { "type": "string", "description": "The [regional endpoint] (https://cloud.google.com/dataflow/docs/concepts/regional-endpoints) to which to direct the request. For example, `us-central1`, `us-west1`." }, "project": { "type": "string", "description": "The ID of the Cloud Platform project that the job belongs to." }, "validateOnly": { "type": "boolean", "description": "If true, the request is validated but not actually executed. Defaults to false." } }, "type": "object", "required": [ "launchParameter", "location", "project", "validateOnly" ] }, "google-native:datapipelines/v1:GoogleCloudDatapipelinesV1LaunchTemplateParameters": { "description": "Parameters to provide to the template being launched.", "properties": { "environment": { "$ref": "#/types/google-native:datapipelines%2Fv1:GoogleCloudDatapipelinesV1RuntimeEnvironment", "description": "The runtime environment for the job." }, "jobName": { "type": "string", "description": "The job name to use for the created job." }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The runtime parameters to pass to the job." }, "transformNameMapping": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of transform name prefixes of the job to be replaced to the corresponding name prefixes of the new job. Only applicable when updating a pipeline." }, "update": { "type": "boolean", "description": "If set, replace the existing pipeline with the name specified by jobName with this pipeline, preserving state." } }, "type": "object", "required": [ "jobName" ] }, "google-native:datapipelines/v1:GoogleCloudDatapipelinesV1LaunchTemplateParametersResponse": { "description": "Parameters to provide to the template being launched.", "properties": { "environment": { "$ref": "#/types/google-native:datapipelines%2Fv1:GoogleCloudDatapipelinesV1RuntimeEnvironmentResponse", "description": "The runtime environment for the job." }, "jobName": { "type": "string", "description": "The job name to use for the created job." }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The runtime parameters to pass to the job." }, "transformNameMapping": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of transform name prefixes of the job to be replaced to the corresponding name prefixes of the new job. Only applicable when updating a pipeline." }, "update": { "type": "boolean", "description": "If set, replace the existing pipeline with the name specified by jobName with this pipeline, preserving state." } }, "type": "object", "required": [ "environment", "jobName", "parameters", "transformNameMapping", "update" ] }, "google-native:datapipelines/v1:GoogleCloudDatapipelinesV1LaunchTemplateRequest": { "description": "A request to launch a template.", "properties": { "gcsPath": { "type": "string", "description": "A Cloud Storage path to the template from which to create the job. Must be a valid Cloud Storage URL, beginning with 'gs://'." }, "launchParameters": { "$ref": "#/types/google-native:datapipelines%2Fv1:GoogleCloudDatapipelinesV1LaunchTemplateParameters", "description": "The parameters of the template to launch. This should be part of the body of the POST request." }, "location": { "type": "string", "description": "The [regional endpoint] (https://cloud.google.com/dataflow/docs/concepts/regional-endpoints) to which to direct the request." }, "project": { "type": "string", "description": "The ID of the Cloud Platform project that the job belongs to." }, "validateOnly": { "type": "boolean", "description": "If true, the request is validated but not actually executed. Defaults to false." } }, "type": "object", "required": [ "project" ] }, "google-native:datapipelines/v1:GoogleCloudDatapipelinesV1LaunchTemplateRequestResponse": { "description": "A request to launch a template.", "properties": { "gcsPath": { "type": "string", "description": "A Cloud Storage path to the template from which to create the job. Must be a valid Cloud Storage URL, beginning with 'gs://'." }, "launchParameters": { "$ref": "#/types/google-native:datapipelines%2Fv1:GoogleCloudDatapipelinesV1LaunchTemplateParametersResponse", "description": "The parameters of the template to launch. This should be part of the body of the POST request." }, "location": { "type": "string", "description": "The [regional endpoint] (https://cloud.google.com/dataflow/docs/concepts/regional-endpoints) to which to direct the request." }, "project": { "type": "string", "description": "The ID of the Cloud Platform project that the job belongs to." }, "validateOnly": { "type": "boolean", "description": "If true, the request is validated but not actually executed. Defaults to false." } }, "type": "object", "required": [ "gcsPath", "launchParameters", "location", "project", "validateOnly" ] }, "google-native:datapipelines/v1:GoogleCloudDatapipelinesV1RuntimeEnvironment": { "description": "The environment values to set at runtime.", "properties": { "additionalExperiments": { "type": "array", "items": { "type": "string" }, "description": "Additional experiment flags for the job." }, "additionalUserLabels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional user labels to be specified for the job. Keys and values should follow the restrictions specified in the [labeling restrictions](https://cloud.google.com/compute/docs/labeling-resources#restrictions) page. An object containing a list of key/value pairs. Example: { \"name\": \"wrench\", \"mass\": \"1kg\", \"count\": \"3\" }." }, "bypassTempDirValidation": { "type": "boolean", "description": "Whether to bypass the safety checks for the job's temporary directory. Use with caution." }, "enableStreamingEngine": { "type": "boolean", "description": "Whether to enable Streaming Engine for the job." }, "ipConfiguration": { "$ref": "#/types/google-native:datapipelines%2Fv1:GoogleCloudDatapipelinesV1RuntimeEnvironmentIpConfiguration", "description": "Configuration for VM IPs." }, "kmsKeyName": { "type": "string", "description": "Name for the Cloud KMS key for the job. The key format is: projects//locations//keyRings//cryptoKeys/" }, "machineType": { "type": "string", "description": "The machine type to use for the job. Defaults to the value from the template if not specified." }, "maxWorkers": { "type": "integer", "description": "The maximum number of Compute Engine instances to be made available to your pipeline during execution, from 1 to 1000." }, "network": { "type": "string", "description": "Network to which VMs will be assigned. If empty or unspecified, the service will use the network \"default\"." }, "numWorkers": { "type": "integer", "description": "The initial number of Compute Engine instances for the job." }, "serviceAccountEmail": { "type": "string", "description": "The email address of the service account to run the job as." }, "subnetwork": { "type": "string", "description": "Subnetwork to which VMs will be assigned, if desired. You can specify a subnetwork using either a complete URL or an abbreviated path. Expected to be of the form \"https://www.googleapis.com/compute/v1/projects/HOST_PROJECT_ID/regions/REGION/subnetworks/SUBNETWORK\" or \"regions/REGION/subnetworks/SUBNETWORK\". If the subnetwork is located in a Shared VPC network, you must use the complete URL." }, "tempLocation": { "type": "string", "description": "The Cloud Storage path to use for temporary files. Must be a valid Cloud Storage URL, beginning with `gs://`." }, "workerRegion": { "type": "string", "description": "The Compute Engine region (https://cloud.google.com/compute/docs/regions-zones/regions-zones) in which worker processing should occur, e.g. \"us-west1\". Mutually exclusive with worker_zone. If neither worker_region nor worker_zone is specified, default to the control plane's region." }, "workerZone": { "type": "string", "description": "The Compute Engine zone (https://cloud.google.com/compute/docs/regions-zones/regions-zones) in which worker processing should occur, e.g. \"us-west1-a\". Mutually exclusive with worker_region. If neither worker_region nor worker_zone is specified, a zone in the control plane's region is chosen based on available capacity. If both `worker_zone` and `zone` are set, `worker_zone` takes precedence." }, "zone": { "type": "string", "description": "The Compute Engine [availability zone](https://cloud.google.com/compute/docs/regions-zones/regions-zones) for launching worker instances to run your pipeline. In the future, worker_zone will take precedence." } }, "type": "object" }, "google-native:datapipelines/v1:GoogleCloudDatapipelinesV1RuntimeEnvironmentIpConfiguration": { "description": "Configuration for VM IPs.", "type": "string", "enum": [ { "name": "WorkerIpUnspecified", "description": "The configuration is unknown, or unspecified.", "value": "WORKER_IP_UNSPECIFIED" }, { "name": "WorkerIpPublic", "description": "Workers should have public IP addresses.", "value": "WORKER_IP_PUBLIC" }, { "name": "WorkerIpPrivate", "description": "Workers should have private IP addresses.", "value": "WORKER_IP_PRIVATE" } ] }, "google-native:datapipelines/v1:GoogleCloudDatapipelinesV1RuntimeEnvironmentResponse": { "description": "The environment values to set at runtime.", "properties": { "additionalExperiments": { "type": "array", "items": { "type": "string" }, "description": "Additional experiment flags for the job." }, "additionalUserLabels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional user labels to be specified for the job. Keys and values should follow the restrictions specified in the [labeling restrictions](https://cloud.google.com/compute/docs/labeling-resources#restrictions) page. An object containing a list of key/value pairs. Example: { \"name\": \"wrench\", \"mass\": \"1kg\", \"count\": \"3\" }." }, "bypassTempDirValidation": { "type": "boolean", "description": "Whether to bypass the safety checks for the job's temporary directory. Use with caution." }, "enableStreamingEngine": { "type": "boolean", "description": "Whether to enable Streaming Engine for the job." }, "ipConfiguration": { "type": "string", "description": "Configuration for VM IPs." }, "kmsKeyName": { "type": "string", "description": "Name for the Cloud KMS key for the job. The key format is: projects//locations//keyRings//cryptoKeys/" }, "machineType": { "type": "string", "description": "The machine type to use for the job. Defaults to the value from the template if not specified." }, "maxWorkers": { "type": "integer", "description": "The maximum number of Compute Engine instances to be made available to your pipeline during execution, from 1 to 1000." }, "network": { "type": "string", "description": "Network to which VMs will be assigned. If empty or unspecified, the service will use the network \"default\"." }, "numWorkers": { "type": "integer", "description": "The initial number of Compute Engine instances for the job." }, "serviceAccountEmail": { "type": "string", "description": "The email address of the service account to run the job as." }, "subnetwork": { "type": "string", "description": "Subnetwork to which VMs will be assigned, if desired. You can specify a subnetwork using either a complete URL or an abbreviated path. Expected to be of the form \"https://www.googleapis.com/compute/v1/projects/HOST_PROJECT_ID/regions/REGION/subnetworks/SUBNETWORK\" or \"regions/REGION/subnetworks/SUBNETWORK\". If the subnetwork is located in a Shared VPC network, you must use the complete URL." }, "tempLocation": { "type": "string", "description": "The Cloud Storage path to use for temporary files. Must be a valid Cloud Storage URL, beginning with `gs://`." }, "workerRegion": { "type": "string", "description": "The Compute Engine region (https://cloud.google.com/compute/docs/regions-zones/regions-zones) in which worker processing should occur, e.g. \"us-west1\". Mutually exclusive with worker_zone. If neither worker_region nor worker_zone is specified, default to the control plane's region." }, "workerZone": { "type": "string", "description": "The Compute Engine zone (https://cloud.google.com/compute/docs/regions-zones/regions-zones) in which worker processing should occur, e.g. \"us-west1-a\". Mutually exclusive with worker_region. If neither worker_region nor worker_zone is specified, a zone in the control plane's region is chosen based on available capacity. If both `worker_zone` and `zone` are set, `worker_zone` takes precedence." }, "zone": { "type": "string", "description": "The Compute Engine [availability zone](https://cloud.google.com/compute/docs/regions-zones/regions-zones) for launching worker instances to run your pipeline. In the future, worker_zone will take precedence." } }, "type": "object", "required": [ "additionalExperiments", "additionalUserLabels", "bypassTempDirValidation", "enableStreamingEngine", "ipConfiguration", "kmsKeyName", "machineType", "maxWorkers", "network", "numWorkers", "serviceAccountEmail", "subnetwork", "tempLocation", "workerRegion", "workerZone", "zone" ] }, "google-native:datapipelines/v1:GoogleCloudDatapipelinesV1ScheduleSpec": { "description": "Details of the schedule the pipeline runs on.", "properties": { "schedule": { "type": "string", "description": "Unix-cron format of the schedule. This information is retrieved from the linked Cloud Scheduler." }, "timeZone": { "type": "string", "description": "Timezone ID. This matches the timezone IDs used by the Cloud Scheduler API. If empty, UTC time is assumed." } }, "type": "object" }, "google-native:datapipelines/v1:GoogleCloudDatapipelinesV1ScheduleSpecResponse": { "description": "Details of the schedule the pipeline runs on.", "properties": { "nextJobTime": { "type": "string", "description": "When the next Scheduler job is going to run." }, "schedule": { "type": "string", "description": "Unix-cron format of the schedule. This information is retrieved from the linked Cloud Scheduler." }, "timeZone": { "type": "string", "description": "Timezone ID. This matches the timezone IDs used by the Cloud Scheduler API. If empty, UTC time is assumed." } }, "type": "object", "required": [ "nextJobTime", "schedule", "timeZone" ] }, "google-native:datapipelines/v1:GoogleCloudDatapipelinesV1Workload": { "description": "Workload details for creating the pipeline jobs.", "properties": { "dataflowFlexTemplateRequest": { "$ref": "#/types/google-native:datapipelines%2Fv1:GoogleCloudDatapipelinesV1LaunchFlexTemplateRequest", "description": "Template information and additional parameters needed to launch a Dataflow job using the flex launch API." }, "dataflowLaunchTemplateRequest": { "$ref": "#/types/google-native:datapipelines%2Fv1:GoogleCloudDatapipelinesV1LaunchTemplateRequest", "description": "Template information and additional parameters needed to launch a Dataflow job using the standard launch API." } }, "type": "object" }, "google-native:datapipelines/v1:GoogleCloudDatapipelinesV1WorkloadResponse": { "description": "Workload details for creating the pipeline jobs.", "properties": { "dataflowFlexTemplateRequest": { "$ref": "#/types/google-native:datapipelines%2Fv1:GoogleCloudDatapipelinesV1LaunchFlexTemplateRequestResponse", "description": "Template information and additional parameters needed to launch a Dataflow job using the flex launch API." }, "dataflowLaunchTemplateRequest": { "$ref": "#/types/google-native:datapipelines%2Fv1:GoogleCloudDatapipelinesV1LaunchTemplateRequestResponse", "description": "Template information and additional parameters needed to launch a Dataflow job using the standard launch API." } }, "type": "object", "required": [ "dataflowFlexTemplateRequest", "dataflowLaunchTemplateRequest" ] }, "google-native:datapipelines/v1:PipelineState": { "description": "Required. The state of the pipeline. When the pipeline is created, the state is set to 'PIPELINE_STATE_ACTIVE' by default. State changes can be requested by setting the state to stopping, paused, or resuming. State cannot be changed through UpdatePipeline requests.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "The pipeline state isn't specified.", "value": "STATE_UNSPECIFIED" }, { "name": "StateResuming", "description": "The pipeline is getting started or resumed. When finished, the pipeline state will be 'PIPELINE_STATE_ACTIVE'.", "value": "STATE_RESUMING" }, { "name": "StateActive", "description": "The pipeline is actively running.", "value": "STATE_ACTIVE" }, { "name": "StateStopping", "description": "The pipeline is in the process of stopping. When finished, the pipeline state will be 'PIPELINE_STATE_ARCHIVED'.", "value": "STATE_STOPPING" }, { "name": "StateArchived", "description": "The pipeline has been stopped. This is a terminal state and cannot be undone.", "value": "STATE_ARCHIVED" }, { "name": "StatePaused", "description": "The pipeline is paused. This is a non-terminal state. When the pipeline is paused, it will hold processing jobs, but can be resumed later. For a batch pipeline, this means pausing the scheduler job. For a streaming pipeline, creating a job snapshot to resume from will give the same effect.", "value": "STATE_PAUSED" } ] }, "google-native:datapipelines/v1:PipelineType": { "description": "Required. The type of the pipeline. This field affects the scheduling of the pipeline and the type of metrics to show for the pipeline.", "type": "string", "enum": [ { "name": "PipelineTypeUnspecified", "description": "The pipeline type isn't specified.", "value": "PIPELINE_TYPE_UNSPECIFIED" }, { "name": "PipelineTypeBatch", "description": "A batch pipeline. It runs jobs on a specific schedule, and each job will automatically terminate once execution is finished.", "value": "PIPELINE_TYPE_BATCH" }, { "name": "PipelineTypeStreaming", "description": "A streaming pipeline. The underlying job is continuously running until it is manually terminated by the user. This type of pipeline doesn't have a schedule to run on, and the linked job gets created when the pipeline is created.", "value": "PIPELINE_TYPE_STREAMING" } ] }, "google-native:dataplex/v1:EntitySystem": { "description": "Required. Immutable. Identifies the storage system of the entity data.", "type": "string", "enum": [ { "name": "StorageSystemUnspecified", "description": "Storage system unspecified.", "value": "STORAGE_SYSTEM_UNSPECIFIED" }, { "name": "CloudStorage", "description": "The entity data is contained within a Cloud Storage bucket.", "value": "CLOUD_STORAGE" }, { "name": "Bigquery", "description": "The entity data is contained within a BigQuery dataset.", "value": "BIGQUERY" } ] }, "google-native:dataplex/v1:EntityType": { "description": "Required. Immutable. The type of entity.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Type unspecified.", "value": "TYPE_UNSPECIFIED" }, { "name": "Table", "description": "Structured and semi-structured data.", "value": "TABLE" }, { "name": "Fileset", "description": "Unstructured data.", "value": "FILESET" } ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1AssetDiscoverySpec": { "description": "Settings to manage the metadata discovery and publishing for an asset.", "properties": { "csvOptions": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1AssetDiscoverySpecCsvOptions", "description": "Optional. Configuration for CSV data." }, "enabled": { "type": "boolean", "description": "Optional. Whether discovery is enabled." }, "excludePatterns": { "type": "array", "items": { "type": "string" }, "description": "Optional. The list of patterns to apply for selecting data to exclude during discovery. For Cloud Storage bucket assets, these are interpreted as glob patterns used to match object names. For BigQuery dataset assets, these are interpreted as patterns to match table names." }, "includePatterns": { "type": "array", "items": { "type": "string" }, "description": "Optional. The list of patterns to apply for selecting data to include during discovery if only a subset of the data should considered. For Cloud Storage bucket assets, these are interpreted as glob patterns used to match object names. For BigQuery dataset assets, these are interpreted as patterns to match table names." }, "jsonOptions": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1AssetDiscoverySpecJsonOptions", "description": "Optional. Configuration for Json data." }, "schedule": { "type": "string", "description": "Optional. Cron schedule (https://en.wikipedia.org/wiki/Cron) for running discovery periodically. Successive discovery runs must be scheduled at least 60 minutes apart. The default value is to run discovery every 60 minutes. To explicitly set a timezone to the cron tab, apply a prefix in the cron tab: \"CRON_TZ=${IANA_TIME_ZONE}\" or TZ=${IANA_TIME_ZONE}\". The ${IANA_TIME_ZONE} may only be a valid string from IANA time zone database. For example, CRON_TZ=America/New_York 1 * * * *, or TZ=America/New_York 1 * * * *." } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1AssetDiscoverySpecCsvOptions": { "description": "Describe CSV and similar semi-structured data formats.", "properties": { "delimiter": { "type": "string", "description": "Optional. The delimiter being used to separate values. This defaults to ','." }, "disableTypeInference": { "type": "boolean", "description": "Optional. Whether to disable the inference of data type for CSV data. If true, all columns will be registered as strings." }, "encoding": { "type": "string", "description": "Optional. The character encoding of the data. The default is UTF-8." }, "headerRows": { "type": "integer", "description": "Optional. The number of rows to interpret as header rows that should be skipped when reading data rows." } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1AssetDiscoverySpecCsvOptionsResponse": { "description": "Describe CSV and similar semi-structured data formats.", "properties": { "delimiter": { "type": "string", "description": "Optional. The delimiter being used to separate values. This defaults to ','." }, "disableTypeInference": { "type": "boolean", "description": "Optional. Whether to disable the inference of data type for CSV data. If true, all columns will be registered as strings." }, "encoding": { "type": "string", "description": "Optional. The character encoding of the data. The default is UTF-8." }, "headerRows": { "type": "integer", "description": "Optional. The number of rows to interpret as header rows that should be skipped when reading data rows." } }, "type": "object", "required": [ "delimiter", "disableTypeInference", "encoding", "headerRows" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1AssetDiscoverySpecJsonOptions": { "description": "Describe JSON data format.", "properties": { "disableTypeInference": { "type": "boolean", "description": "Optional. Whether to disable the inference of data type for Json data. If true, all columns will be registered as their primitive types (strings, number or boolean)." }, "encoding": { "type": "string", "description": "Optional. The character encoding of the data. The default is UTF-8." } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1AssetDiscoverySpecJsonOptionsResponse": { "description": "Describe JSON data format.", "properties": { "disableTypeInference": { "type": "boolean", "description": "Optional. Whether to disable the inference of data type for Json data. If true, all columns will be registered as their primitive types (strings, number or boolean)." }, "encoding": { "type": "string", "description": "Optional. The character encoding of the data. The default is UTF-8." } }, "type": "object", "required": [ "disableTypeInference", "encoding" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1AssetDiscoverySpecResponse": { "description": "Settings to manage the metadata discovery and publishing for an asset.", "properties": { "csvOptions": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1AssetDiscoverySpecCsvOptionsResponse", "description": "Optional. Configuration for CSV data." }, "enabled": { "type": "boolean", "description": "Optional. Whether discovery is enabled." }, "excludePatterns": { "type": "array", "items": { "type": "string" }, "description": "Optional. The list of patterns to apply for selecting data to exclude during discovery. For Cloud Storage bucket assets, these are interpreted as glob patterns used to match object names. For BigQuery dataset assets, these are interpreted as patterns to match table names." }, "includePatterns": { "type": "array", "items": { "type": "string" }, "description": "Optional. The list of patterns to apply for selecting data to include during discovery if only a subset of the data should considered. For Cloud Storage bucket assets, these are interpreted as glob patterns used to match object names. For BigQuery dataset assets, these are interpreted as patterns to match table names." }, "jsonOptions": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1AssetDiscoverySpecJsonOptionsResponse", "description": "Optional. Configuration for Json data." }, "schedule": { "type": "string", "description": "Optional. Cron schedule (https://en.wikipedia.org/wiki/Cron) for running discovery periodically. Successive discovery runs must be scheduled at least 60 minutes apart. The default value is to run discovery every 60 minutes. To explicitly set a timezone to the cron tab, apply a prefix in the cron tab: \"CRON_TZ=${IANA_TIME_ZONE}\" or TZ=${IANA_TIME_ZONE}\". The ${IANA_TIME_ZONE} may only be a valid string from IANA time zone database. For example, CRON_TZ=America/New_York 1 * * * *, or TZ=America/New_York 1 * * * *." } }, "type": "object", "required": [ "csvOptions", "enabled", "excludePatterns", "includePatterns", "jsonOptions", "schedule" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1AssetDiscoveryStatusResponse": { "description": "Status of discovery for an asset.", "properties": { "lastRunDuration": { "type": "string", "description": "The duration of the last discovery run." }, "lastRunTime": { "type": "string", "description": "The start time of the last discovery run." }, "message": { "type": "string", "description": "Additional information about the current state." }, "state": { "type": "string", "description": "The current status of the discovery feature." }, "stats": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1AssetDiscoveryStatusStatsResponse", "description": "Data Stats of the asset reported by discovery." }, "updateTime": { "type": "string", "description": "Last update time of the status." } }, "type": "object", "required": [ "lastRunDuration", "lastRunTime", "message", "state", "stats", "updateTime" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1AssetDiscoveryStatusStatsResponse": { "description": "The aggregated data statistics for the asset reported by discovery.", "properties": { "dataItems": { "type": "string", "description": "The count of data items within the referenced resource." }, "dataSize": { "type": "string", "description": "The number of stored data bytes within the referenced resource." }, "filesets": { "type": "string", "description": "The count of fileset entities within the referenced resource." }, "tables": { "type": "string", "description": "The count of table entities within the referenced resource." } }, "type": "object", "required": [ "dataItems", "dataSize", "filesets", "tables" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1AssetResourceSpec": { "description": "Identifies the cloud resource that is referenced by this asset.", "properties": { "name": { "type": "string", "description": "Immutable. Relative name of the cloud resource that contains the data that is being managed within a lake. For example: projects/{project_number}/buckets/{bucket_id} projects/{project_number}/datasets/{dataset_id}" }, "readAccessMode": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1AssetResourceSpecReadAccessMode", "description": "Optional. Determines how read permissions are handled for each asset and their associated tables. Only available to storage buckets assets." }, "type": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1AssetResourceSpecType", "description": "Immutable. Type of resource." } }, "type": "object", "required": [ "type" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1AssetResourceSpecReadAccessMode": { "description": "Optional. Determines how read permissions are handled for each asset and their associated tables. Only available to storage buckets assets.", "type": "string", "enum": [ { "name": "AccessModeUnspecified", "description": "Access mode unspecified.", "value": "ACCESS_MODE_UNSPECIFIED" }, { "name": "Direct", "description": "Default. Data is accessed directly using storage APIs.", "value": "DIRECT" }, { "name": "Managed", "description": "Data is accessed through a managed interface using BigQuery APIs.", "value": "MANAGED" } ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1AssetResourceSpecResponse": { "description": "Identifies the cloud resource that is referenced by this asset.", "properties": { "name": { "type": "string", "description": "Immutable. Relative name of the cloud resource that contains the data that is being managed within a lake. For example: projects/{project_number}/buckets/{bucket_id} projects/{project_number}/datasets/{dataset_id}" }, "readAccessMode": { "type": "string", "description": "Optional. Determines how read permissions are handled for each asset and their associated tables. Only available to storage buckets assets." }, "type": { "type": "string", "description": "Immutable. Type of resource." } }, "type": "object", "required": [ "name", "readAccessMode", "type" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1AssetResourceSpecType": { "description": "Required. Immutable. Type of resource.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Type not specified.", "value": "TYPE_UNSPECIFIED" }, { "name": "StorageBucket", "description": "Cloud Storage bucket.", "value": "STORAGE_BUCKET" }, { "name": "BigqueryDataset", "description": "BigQuery dataset.", "value": "BIGQUERY_DATASET" } ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1AssetResourceStatusResponse": { "description": "Status of the resource referenced by an asset.", "properties": { "managedAccessIdentity": { "type": "string", "description": "Service account associated with the BigQuery Connection." }, "message": { "type": "string", "description": "Additional information about the current state." }, "state": { "type": "string", "description": "The current state of the managed resource." }, "updateTime": { "type": "string", "description": "Last update time of the status." } }, "type": "object", "required": [ "managedAccessIdentity", "message", "state", "updateTime" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1AssetSecurityStatusResponse": { "description": "Security policy status of the asset. Data security policy, i.e., readers, writers & owners, should be specified in the lake/zone/asset IAM policy.", "properties": { "message": { "type": "string", "description": "Additional information about the current state." }, "state": { "type": "string", "description": "The current state of the security policy applied to the attached resource." }, "updateTime": { "type": "string", "description": "Last update time of the status." } }, "type": "object", "required": [ "message", "state", "updateTime" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1AssetStatusResponse": { "description": "Aggregated status of the underlying assets of a lake or zone.", "properties": { "activeAssets": { "type": "integer", "description": "Number of active assets." }, "securityPolicyApplyingAssets": { "type": "integer", "description": "Number of assets that are in process of updating the security policy on attached resources." }, "updateTime": { "type": "string", "description": "Last update time of the status." } }, "type": "object", "required": [ "activeAssets", "securityPolicyApplyingAssets", "updateTime" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1ContentNotebook": { "description": "Configuration for Notebook content.", "properties": { "kernelType": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1ContentNotebookKernelType", "description": "Kernel Type of the notebook." } }, "type": "object", "required": [ "kernelType" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1ContentNotebookKernelType": { "description": "Required. Kernel Type of the notebook.", "type": "string", "enum": [ { "name": "KernelTypeUnspecified", "description": "Kernel Type unspecified.", "value": "KERNEL_TYPE_UNSPECIFIED" }, { "name": "Python3", "description": "Python 3 Kernel.", "value": "PYTHON3" } ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1ContentNotebookResponse": { "description": "Configuration for Notebook content.", "properties": { "kernelType": { "type": "string", "description": "Kernel Type of the notebook." } }, "type": "object", "required": [ "kernelType" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1ContentSqlScript": { "description": "Configuration for the Sql Script content.", "properties": { "engine": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1ContentSqlScriptEngine", "description": "Query Engine to be used for the Sql Query." } }, "type": "object", "required": [ "engine" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1ContentSqlScriptEngine": { "description": "Required. Query Engine to be used for the Sql Query.", "type": "string", "enum": [ { "name": "QueryEngineUnspecified", "description": "Value was unspecified.", "value": "QUERY_ENGINE_UNSPECIFIED" }, { "name": "Spark", "description": "Spark SQL Query.", "value": "SPARK" } ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1ContentSqlScriptResponse": { "description": "Configuration for the Sql Script content.", "properties": { "engine": { "type": "string", "description": "Query Engine to be used for the Sql Query." } }, "type": "object", "required": [ "engine" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataAccessSpec": { "description": "DataAccessSpec holds the access control configuration to be enforced on data stored within resources (eg: rows, columns in BigQuery Tables). When associated with data, the data is only accessible to principals explicitly granted access through the DataAccessSpec. Principals with access to the containing resource are not implicitly granted access.", "properties": { "readers": { "type": "array", "items": { "type": "string" }, "description": "Optional. The format of strings follows the pattern followed by IAM in the bindings. user:{email}, serviceAccount:{email} group:{email}. The set of principals to be granted reader role on data stored within resources." } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataAccessSpecResponse": { "description": "DataAccessSpec holds the access control configuration to be enforced on data stored within resources (eg: rows, columns in BigQuery Tables). When associated with data, the data is only accessible to principals explicitly granted access through the DataAccessSpec. Principals with access to the containing resource are not implicitly granted access.", "properties": { "readers": { "type": "array", "items": { "type": "string" }, "description": "Optional. The format of strings follows the pattern followed by IAM in the bindings. user:{email}, serviceAccount:{email} group:{email}. The set of principals to be granted reader role on data stored within resources." } }, "type": "object", "required": [ "readers" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataAttributeBindingPath": { "description": "Represents a subresource of the given resource, and associated bindings with it. Currently supported subresources are column and partition schema fields within a table.", "properties": { "attributes": { "type": "array", "items": { "type": "string" }, "description": "Optional. List of attributes to be associated with the path of the resource, provided in the form: projects/{project}/locations/{location}/dataTaxonomies/{dataTaxonomy}/attributes/{data_attribute_id}" }, "name": { "type": "string", "description": "The name identifier of the path. Nested columns should be of the form: 'address.city'." } }, "type": "object", "required": [ "name" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataAttributeBindingPathResponse": { "description": "Represents a subresource of the given resource, and associated bindings with it. Currently supported subresources are column and partition schema fields within a table.", "properties": { "attributes": { "type": "array", "items": { "type": "string" }, "description": "Optional. List of attributes to be associated with the path of the resource, provided in the form: projects/{project}/locations/{location}/dataTaxonomies/{dataTaxonomy}/attributes/{data_attribute_id}" }, "name": { "type": "string", "description": "The name identifier of the path. Nested columns should be of the form: 'address.city'." } }, "type": "object", "required": [ "attributes", "name" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataProfileResultPostScanActionsResultBigQueryExportResultResponse": { "description": "The result of BigQuery export post scan action.", "properties": { "message": { "type": "string", "description": "Additional information about the BigQuery exporting." }, "state": { "type": "string", "description": "Execution state for the BigQuery exporting." } }, "type": "object", "required": [ "message", "state" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataProfileResultPostScanActionsResultResponse": { "description": "The result of post scan actions of DataProfileScan job.", "properties": { "bigqueryExportResult": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataProfileResultPostScanActionsResultBigQueryExportResultResponse", "description": "The result of BigQuery export post scan action." } }, "type": "object", "required": [ "bigqueryExportResult" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataProfileResultProfileFieldProfileInfoDoubleFieldInfoResponse": { "description": "The profile information for a double type field.", "properties": { "average": { "type": "number", "description": "Average of non-null values in the scanned data. NaN, if the field has a NaN." }, "max": { "type": "number", "description": "Maximum of non-null values in the scanned data. NaN, if the field has a NaN." }, "min": { "type": "number", "description": "Minimum of non-null values in the scanned data. NaN, if the field has a NaN." }, "quartiles": { "type": "array", "items": { "type": "number" }, "description": "A quartile divides the number of data points into four parts, or quarters, of more-or-less equal size. Three main quartiles used are: The first quartile (Q1) splits off the lowest 25% of data from the highest 75%. It is also known as the lower or 25th empirical quartile, as 25% of the data is below this point. The second quartile (Q2) is the median of a data set. So, 50% of the data lies below this point. The third quartile (Q3) splits off the highest 25% of data from the lowest 75%. It is known as the upper or 75th empirical quartile, as 75% of the data lies below this point. Here, the quartiles is provided as an ordered list of quartile values for the scanned data, occurring in order Q1, median, Q3." }, "standardDeviation": { "type": "number", "description": "Standard deviation of non-null values in the scanned data. NaN, if the field has a NaN." } }, "type": "object", "required": [ "average", "max", "min", "quartiles", "standardDeviation" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataProfileResultProfileFieldProfileInfoIntegerFieldInfoResponse": { "description": "The profile information for an integer type field.", "properties": { "average": { "type": "number", "description": "Average of non-null values in the scanned data. NaN, if the field has a NaN." }, "max": { "type": "string", "description": "Maximum of non-null values in the scanned data. NaN, if the field has a NaN." }, "min": { "type": "string", "description": "Minimum of non-null values in the scanned data. NaN, if the field has a NaN." }, "quartiles": { "type": "array", "items": { "type": "string" }, "description": "A quartile divides the number of data points into four parts, or quarters, of more-or-less equal size. Three main quartiles used are: The first quartile (Q1) splits off the lowest 25% of data from the highest 75%. It is also known as the lower or 25th empirical quartile, as 25% of the data is below this point. The second quartile (Q2) is the median of a data set. So, 50% of the data lies below this point. The third quartile (Q3) splits off the highest 25% of data from the lowest 75%. It is known as the upper or 75th empirical quartile, as 75% of the data lies below this point. Here, the quartiles is provided as an ordered list of approximate quartile values for the scanned data, occurring in order Q1, median, Q3." }, "standardDeviation": { "type": "number", "description": "Standard deviation of non-null values in the scanned data. NaN, if the field has a NaN." } }, "type": "object", "required": [ "average", "max", "min", "quartiles", "standardDeviation" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataProfileResultProfileFieldProfileInfoResponse": { "description": "The profile information for each field type.", "properties": { "distinctRatio": { "type": "number", "description": "Ratio of rows with distinct values against total scanned rows. Not available for complex non-groupable field type RECORD and fields with REPEATABLE mode." }, "doubleProfile": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataProfileResultProfileFieldProfileInfoDoubleFieldInfoResponse", "description": "Double type field information." }, "integerProfile": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataProfileResultProfileFieldProfileInfoIntegerFieldInfoResponse", "description": "Integer type field information." }, "nullRatio": { "type": "number", "description": "Ratio of rows with null value against total scanned rows." }, "stringProfile": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataProfileResultProfileFieldProfileInfoStringFieldInfoResponse", "description": "String type field information." }, "topNValues": { "type": "array", "items": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataProfileResultProfileFieldProfileInfoTopNValueResponse" }, "description": "The list of top N non-null values, frequency and ratio with which they occur in the scanned data. N is 10 or equal to the number of distinct values in the field, whichever is smaller. Not available for complex non-groupable field type RECORD and fields with REPEATABLE mode." } }, "type": "object", "required": [ "distinctRatio", "doubleProfile", "integerProfile", "nullRatio", "stringProfile", "topNValues" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataProfileResultProfileFieldProfileInfoStringFieldInfoResponse": { "description": "The profile information for a string type field.", "properties": { "averageLength": { "type": "number", "description": "Average length of non-null values in the scanned data." }, "maxLength": { "type": "string", "description": "Maximum length of non-null values in the scanned data." }, "minLength": { "type": "string", "description": "Minimum length of non-null values in the scanned data." } }, "type": "object", "required": [ "averageLength", "maxLength", "minLength" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataProfileResultProfileFieldProfileInfoTopNValueResponse": { "description": "Top N non-null values in the scanned data.", "properties": { "count": { "type": "string", "description": "Count of the corresponding value in the scanned data." }, "ratio": { "type": "number", "description": "Ratio of the corresponding value in the field against the total number of rows in the scanned data." }, "value": { "type": "string", "description": "String value of a top N non-null value." } }, "type": "object", "required": [ "count", "ratio", "value" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataProfileResultProfileFieldResponse": { "description": "A field within a table.", "properties": { "mode": { "type": "string", "description": "The mode of the field. Possible values include: REQUIRED, if it is a required field. NULLABLE, if it is an optional field. REPEATED, if it is a repeated field." }, "name": { "type": "string", "description": "The name of the field." }, "profile": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataProfileResultProfileFieldProfileInfoResponse", "description": "Profile information for the corresponding field." }, "type": { "type": "string", "description": "The data type retrieved from the schema of the data source. For instance, for a BigQuery native table, it is the BigQuery Table Schema (https://cloud.google.com/bigquery/docs/reference/rest/v2/tables#tablefieldschema). For a Dataplex Entity, it is the Entity Schema (https://cloud.google.com/dataplex/docs/reference/rpc/google.cloud.dataplex.v1#type_3)." } }, "type": "object", "required": [ "mode", "name", "profile", "type" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataProfileResultProfileResponse": { "description": "Contains name, type, mode and field type specific profile information.", "properties": { "fields": { "type": "array", "items": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataProfileResultProfileFieldResponse" }, "description": "List of fields with structural and profile information for each field." } }, "type": "object", "required": [ "fields" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataProfileResultResponse": { "description": "DataProfileResult defines the output of DataProfileScan. Each field of the table will have field type specific profile result.", "properties": { "postScanActionsResult": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataProfileResultPostScanActionsResultResponse", "description": "The result of post scan actions." }, "profile": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataProfileResultProfileResponse", "description": "The profile information per field." }, "rowCount": { "type": "string", "description": "The count of rows scanned." }, "scannedData": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1ScannedDataResponse", "description": "The data scanned for this result." } }, "type": "object", "required": [ "postScanActionsResult", "profile", "rowCount", "scannedData" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataProfileSpec": { "description": "DataProfileScan related setting.", "properties": { "excludeFields": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataProfileSpecSelectedFields", "description": "Optional. The fields to exclude from data profile.If specified, the fields will be excluded from data profile, regardless of include_fields value." }, "includeFields": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataProfileSpecSelectedFields", "description": "Optional. The fields to include in data profile.If not specified, all fields at the time of profile scan job execution are included, except for ones listed in exclude_fields." }, "postScanActions": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataProfileSpecPostScanActions", "description": "Optional. Actions to take upon job completion.." }, "rowFilter": { "type": "string", "description": "Optional. A filter applied to all rows in a single DataScan job. The filter needs to be a valid SQL expression for a WHERE clause in BigQuery standard SQL syntax. Example: col1 >= 0 AND col2 < 10" }, "samplingPercent": { "type": "number", "description": "Optional. The percentage of the records to be selected from the dataset for DataScan. Value can range between 0.0 and 100.0 with up to 3 significant decimal digits. Sampling is not applied if sampling_percent is not specified, 0 or 100." } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataProfileSpecPostScanActions": { "description": "The configuration of post scan actions of DataProfileScan job.", "properties": { "bigqueryExport": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataProfileSpecPostScanActionsBigQueryExport", "description": "Optional. If set, results will be exported to the provided BigQuery table." } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataProfileSpecPostScanActionsBigQueryExport": { "description": "The configuration of BigQuery export post scan action.", "properties": { "resultsTable": { "type": "string", "description": "Optional. The BigQuery table to export DataProfileScan results to. Format: //bigquery.googleapis.com/projects/PROJECT_ID/datasets/DATASET_ID/tables/TABLE_ID" } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataProfileSpecPostScanActionsBigQueryExportResponse": { "description": "The configuration of BigQuery export post scan action.", "properties": { "resultsTable": { "type": "string", "description": "Optional. The BigQuery table to export DataProfileScan results to. Format: //bigquery.googleapis.com/projects/PROJECT_ID/datasets/DATASET_ID/tables/TABLE_ID" } }, "type": "object", "required": [ "resultsTable" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataProfileSpecPostScanActionsResponse": { "description": "The configuration of post scan actions of DataProfileScan job.", "properties": { "bigqueryExport": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataProfileSpecPostScanActionsBigQueryExportResponse", "description": "Optional. If set, results will be exported to the provided BigQuery table." } }, "type": "object", "required": [ "bigqueryExport" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataProfileSpecResponse": { "description": "DataProfileScan related setting.", "properties": { "excludeFields": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataProfileSpecSelectedFieldsResponse", "description": "Optional. The fields to exclude from data profile.If specified, the fields will be excluded from data profile, regardless of include_fields value." }, "includeFields": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataProfileSpecSelectedFieldsResponse", "description": "Optional. The fields to include in data profile.If not specified, all fields at the time of profile scan job execution are included, except for ones listed in exclude_fields." }, "postScanActions": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataProfileSpecPostScanActionsResponse", "description": "Optional. Actions to take upon job completion.." }, "rowFilter": { "type": "string", "description": "Optional. A filter applied to all rows in a single DataScan job. The filter needs to be a valid SQL expression for a WHERE clause in BigQuery standard SQL syntax. Example: col1 >= 0 AND col2 < 10" }, "samplingPercent": { "type": "number", "description": "Optional. The percentage of the records to be selected from the dataset for DataScan. Value can range between 0.0 and 100.0 with up to 3 significant decimal digits. Sampling is not applied if sampling_percent is not specified, 0 or 100." } }, "type": "object", "required": [ "excludeFields", "includeFields", "postScanActions", "rowFilter", "samplingPercent" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataProfileSpecSelectedFields": { "description": "The specification for fields to include or exclude in data profile scan.", "properties": { "fieldNames": { "type": "array", "items": { "type": "string" }, "description": "Optional. Expected input is a list of fully qualified names of fields as in the schema.Only top-level field names for nested fields are supported. For instance, if 'x' is of nested field type, listing 'x' is supported but 'x.y.z' is not supported. Here 'y' and 'y.z' are nested fields of 'x'." } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataProfileSpecSelectedFieldsResponse": { "description": "The specification for fields to include or exclude in data profile scan.", "properties": { "fieldNames": { "type": "array", "items": { "type": "string" }, "description": "Optional. Expected input is a list of fully qualified names of fields as in the schema.Only top-level field names for nested fields are supported. For instance, if 'x' is of nested field type, listing 'x' is supported but 'x.y.z' is not supported. Here 'y' and 'y.z' are nested fields of 'x'." } }, "type": "object", "required": [ "fieldNames" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualityColumnResultResponse": { "description": "DataQualityColumnResult provides a more detailed, per-column view of the results.", "properties": { "column": { "type": "string", "description": "The column specified in the DataQualityRule." }, "score": { "type": "number", "description": "The column-level data quality score for this data scan job if and only if the 'column' field is set.The score ranges between between 0, 100 (up to two decimal points)." } }, "type": "object", "required": [ "column", "score" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualityDimensionResponse": { "description": "A dimension captures data quality intent about a defined subset of the rules specified.", "properties": { "name": { "type": "string", "description": "The dimension name a rule belongs to. Supported dimensions are \"COMPLETENESS\", \"ACCURACY\", \"CONSISTENCY\", \"VALIDITY\", \"UNIQUENESS\", \"INTEGRITY\"" } }, "type": "object", "required": [ "name" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualityDimensionResultResponse": { "description": "DataQualityDimensionResult provides a more detailed, per-dimension view of the results.", "properties": { "dimension": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataQualityDimensionResponse", "description": "The dimension config specified in the DataQualitySpec, as is." }, "passed": { "type": "boolean", "description": "Whether the dimension passed or failed." }, "score": { "type": "number", "description": "The dimension-level data quality score for this data scan job if and only if the 'dimension' field is set.The score ranges between 0, 100 (up to two decimal points)." } }, "type": "object", "required": [ "dimension", "passed", "score" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualityResultPostScanActionsResultBigQueryExportResultResponse": { "description": "The result of BigQuery export post scan action.", "properties": { "message": { "type": "string", "description": "Additional information about the BigQuery exporting." }, "state": { "type": "string", "description": "Execution state for the BigQuery exporting." } }, "type": "object", "required": [ "message", "state" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualityResultPostScanActionsResultResponse": { "description": "The result of post scan actions of DataQualityScan job.", "properties": { "bigqueryExportResult": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataQualityResultPostScanActionsResultBigQueryExportResultResponse", "description": "The result of BigQuery export post scan action." } }, "type": "object", "required": [ "bigqueryExportResult" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualityResultResponse": { "description": "The output of a DataQualityScan.", "properties": { "columns": { "type": "array", "items": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataQualityColumnResultResponse" }, "description": "A list of results at the column level.A column will have a corresponding DataQualityColumnResult if and only if there is at least one rule with the 'column' field set to it." }, "dimensions": { "type": "array", "items": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataQualityDimensionResultResponse" }, "description": "A list of results at the dimension level.A dimension will have a corresponding DataQualityDimensionResult if and only if there is at least one rule with the 'dimension' field set to it." }, "passed": { "type": "boolean", "description": "Overall data quality result -- true if all rules passed." }, "postScanActionsResult": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataQualityResultPostScanActionsResultResponse", "description": "The result of post scan actions." }, "rowCount": { "type": "string", "description": "The count of rows processed." }, "rules": { "type": "array", "items": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataQualityRuleResultResponse" }, "description": "A list of all the rules in a job, and their results." }, "scannedData": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1ScannedDataResponse", "description": "The data scanned for this result." }, "score": { "type": "number", "description": "The overall data quality score.The score ranges between 0, 100 (up to two decimal points)." } }, "type": "object", "required": [ "columns", "dimensions", "passed", "postScanActionsResult", "rowCount", "rules", "scannedData", "score" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualityRule": { "description": "A rule captures data quality intent about a data source.", "properties": { "column": { "type": "string", "description": "Optional. The unnested column which this rule is evaluated against." }, "description": { "type": "string", "description": "Optional. Description of the rule. The maximum length is 1,024 characters." }, "dimension": { "type": "string", "description": "The dimension a rule belongs to. Results are also aggregated at the dimension level. Supported dimensions are \"COMPLETENESS\", \"ACCURACY\", \"CONSISTENCY\", \"VALIDITY\", \"UNIQUENESS\", \"INTEGRITY\"" }, "ignoreNull": { "type": "boolean", "description": "Optional. Rows with null values will automatically fail a rule, unless ignore_null is true. In that case, such null rows are trivially considered passing.This field is only valid for row-level type rules." }, "name": { "type": "string", "description": "Optional. A mutable name for the rule. The name must contain only letters (a-z, A-Z), numbers (0-9), or hyphens (-). The maximum length is 63 characters. Must start with a letter. Must end with a number or a letter." }, "nonNullExpectation": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataQualityRuleNonNullExpectation", "description": "Row-level rule which evaluates whether each column value is null." }, "rangeExpectation": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataQualityRuleRangeExpectation", "description": "Row-level rule which evaluates whether each column value lies between a specified range." }, "regexExpectation": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataQualityRuleRegexExpectation", "description": "Row-level rule which evaluates whether each column value matches a specified regex." }, "rowConditionExpectation": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataQualityRuleRowConditionExpectation", "description": "Row-level rule which evaluates whether each row in a table passes the specified condition." }, "setExpectation": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataQualityRuleSetExpectation", "description": "Row-level rule which evaluates whether each column value is contained by a specified set." }, "statisticRangeExpectation": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataQualityRuleStatisticRangeExpectation", "description": "Aggregate rule which evaluates whether the column aggregate statistic lies between a specified range." }, "tableConditionExpectation": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataQualityRuleTableConditionExpectation", "description": "Aggregate rule which evaluates whether the provided expression is true for a table." }, "threshold": { "type": "number", "description": "Optional. The minimum ratio of passing_rows / total_rows required to pass this rule, with a range of 0.0, 1.0.0 indicates default value (i.e. 1.0).This field is only valid for row-level type rules." }, "uniquenessExpectation": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataQualityRuleUniquenessExpectation", "description": "Row-level rule which evaluates whether each column value is unique." } }, "type": "object", "required": [ "dimension" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualityRuleNonNullExpectation": { "description": "Evaluates whether each column value is null.", "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualityRuleNonNullExpectationResponse": { "description": "Evaluates whether each column value is null.", "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualityRuleRangeExpectation": { "description": "Evaluates whether each column value lies between a specified range.", "properties": { "maxValue": { "type": "string", "description": "Optional. The maximum column value allowed for a row to pass this validation. At least one of min_value and max_value need to be provided." }, "minValue": { "type": "string", "description": "Optional. The minimum column value allowed for a row to pass this validation. At least one of min_value and max_value need to be provided." }, "strictMaxEnabled": { "type": "boolean", "description": "Optional. Whether each value needs to be strictly lesser than ('<') the maximum, or if equality is allowed.Only relevant if a max_value has been defined. Default = false." }, "strictMinEnabled": { "type": "boolean", "description": "Optional. Whether each value needs to be strictly greater than ('>') the minimum, or if equality is allowed.Only relevant if a min_value has been defined. Default = false." } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualityRuleRangeExpectationResponse": { "description": "Evaluates whether each column value lies between a specified range.", "properties": { "maxValue": { "type": "string", "description": "Optional. The maximum column value allowed for a row to pass this validation. At least one of min_value and max_value need to be provided." }, "minValue": { "type": "string", "description": "Optional. The minimum column value allowed for a row to pass this validation. At least one of min_value and max_value need to be provided." }, "strictMaxEnabled": { "type": "boolean", "description": "Optional. Whether each value needs to be strictly lesser than ('<') the maximum, or if equality is allowed.Only relevant if a max_value has been defined. Default = false." }, "strictMinEnabled": { "type": "boolean", "description": "Optional. Whether each value needs to be strictly greater than ('>') the minimum, or if equality is allowed.Only relevant if a min_value has been defined. Default = false." } }, "type": "object", "required": [ "maxValue", "minValue", "strictMaxEnabled", "strictMinEnabled" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualityRuleRegexExpectation": { "description": "Evaluates whether each column value matches a specified regex.", "properties": { "regex": { "type": "string", "description": "Optional. A regular expression the column value is expected to match." } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualityRuleRegexExpectationResponse": { "description": "Evaluates whether each column value matches a specified regex.", "properties": { "regex": { "type": "string", "description": "Optional. A regular expression the column value is expected to match." } }, "type": "object", "required": [ "regex" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualityRuleResponse": { "description": "A rule captures data quality intent about a data source.", "properties": { "column": { "type": "string", "description": "Optional. The unnested column which this rule is evaluated against." }, "description": { "type": "string", "description": "Optional. Description of the rule. The maximum length is 1,024 characters." }, "dimension": { "type": "string", "description": "The dimension a rule belongs to. Results are also aggregated at the dimension level. Supported dimensions are \"COMPLETENESS\", \"ACCURACY\", \"CONSISTENCY\", \"VALIDITY\", \"UNIQUENESS\", \"INTEGRITY\"" }, "ignoreNull": { "type": "boolean", "description": "Optional. Rows with null values will automatically fail a rule, unless ignore_null is true. In that case, such null rows are trivially considered passing.This field is only valid for row-level type rules." }, "name": { "type": "string", "description": "Optional. A mutable name for the rule. The name must contain only letters (a-z, A-Z), numbers (0-9), or hyphens (-). The maximum length is 63 characters. Must start with a letter. Must end with a number or a letter." }, "nonNullExpectation": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataQualityRuleNonNullExpectationResponse", "description": "Row-level rule which evaluates whether each column value is null." }, "rangeExpectation": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataQualityRuleRangeExpectationResponse", "description": "Row-level rule which evaluates whether each column value lies between a specified range." }, "regexExpectation": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataQualityRuleRegexExpectationResponse", "description": "Row-level rule which evaluates whether each column value matches a specified regex." }, "rowConditionExpectation": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataQualityRuleRowConditionExpectationResponse", "description": "Row-level rule which evaluates whether each row in a table passes the specified condition." }, "setExpectation": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataQualityRuleSetExpectationResponse", "description": "Row-level rule which evaluates whether each column value is contained by a specified set." }, "statisticRangeExpectation": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataQualityRuleStatisticRangeExpectationResponse", "description": "Aggregate rule which evaluates whether the column aggregate statistic lies between a specified range." }, "tableConditionExpectation": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataQualityRuleTableConditionExpectationResponse", "description": "Aggregate rule which evaluates whether the provided expression is true for a table." }, "threshold": { "type": "number", "description": "Optional. The minimum ratio of passing_rows / total_rows required to pass this rule, with a range of 0.0, 1.0.0 indicates default value (i.e. 1.0).This field is only valid for row-level type rules." }, "uniquenessExpectation": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataQualityRuleUniquenessExpectationResponse", "description": "Row-level rule which evaluates whether each column value is unique." } }, "type": "object", "required": [ "column", "description", "dimension", "ignoreNull", "name", "nonNullExpectation", "rangeExpectation", "regexExpectation", "rowConditionExpectation", "setExpectation", "statisticRangeExpectation", "tableConditionExpectation", "threshold", "uniquenessExpectation" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualityRuleResultResponse": { "description": "DataQualityRuleResult provides a more detailed, per-rule view of the results.", "properties": { "evaluatedCount": { "type": "string", "description": "The number of rows a rule was evaluated against.This field is only valid for row-level type rules.Evaluated count can be configured to either include all rows (default) - with null rows automatically failing rule evaluation, or exclude null rows from the evaluated_count, by setting ignore_nulls = true." }, "failingRowsQuery": { "type": "string", "description": "The query to find rows that did not pass this rule.This field is only valid for row-level type rules." }, "nullCount": { "type": "string", "description": "The number of rows with null values in the specified column." }, "passRatio": { "type": "number", "description": "The ratio of passed_count / evaluated_count.This field is only valid for row-level type rules." }, "passed": { "type": "boolean", "description": "Whether the rule passed or failed." }, "passedCount": { "type": "string", "description": "The number of rows which passed a rule evaluation.This field is only valid for row-level type rules." }, "rule": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataQualityRuleResponse", "description": "The rule specified in the DataQualitySpec, as is." } }, "type": "object", "required": [ "evaluatedCount", "failingRowsQuery", "nullCount", "passRatio", "passed", "passedCount", "rule" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualityRuleRowConditionExpectation": { "description": "Evaluates whether each row passes the specified condition.The SQL expression needs to use BigQuery standard SQL syntax and should produce a boolean value per row as the result.Example: col1 >= 0 AND col2 < 10", "properties": { "sqlExpression": { "type": "string", "description": "Optional. The SQL expression." } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualityRuleRowConditionExpectationResponse": { "description": "Evaluates whether each row passes the specified condition.The SQL expression needs to use BigQuery standard SQL syntax and should produce a boolean value per row as the result.Example: col1 >= 0 AND col2 < 10", "properties": { "sqlExpression": { "type": "string", "description": "Optional. The SQL expression." } }, "type": "object", "required": [ "sqlExpression" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualityRuleSetExpectation": { "description": "Evaluates whether each column value is contained by a specified set.", "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "Optional. Expected values for the column value." } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualityRuleSetExpectationResponse": { "description": "Evaluates whether each column value is contained by a specified set.", "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "Optional. Expected values for the column value." } }, "type": "object", "required": [ "values" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualityRuleStatisticRangeExpectation": { "description": "Evaluates whether the column aggregate statistic lies between a specified range.", "properties": { "maxValue": { "type": "string", "description": "Optional. The maximum column statistic value allowed for a row to pass this validation.At least one of min_value and max_value need to be provided." }, "minValue": { "type": "string", "description": "Optional. The minimum column statistic value allowed for a row to pass this validation.At least one of min_value and max_value need to be provided." }, "statistic": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataQualityRuleStatisticRangeExpectationStatistic", "description": "Optional. The aggregate metric to evaluate." }, "strictMaxEnabled": { "type": "boolean", "description": "Optional. Whether column statistic needs to be strictly lesser than ('<') the maximum, or if equality is allowed.Only relevant if a max_value has been defined. Default = false." }, "strictMinEnabled": { "type": "boolean", "description": "Optional. Whether column statistic needs to be strictly greater than ('>') the minimum, or if equality is allowed.Only relevant if a min_value has been defined. Default = false." } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualityRuleStatisticRangeExpectationResponse": { "description": "Evaluates whether the column aggregate statistic lies between a specified range.", "properties": { "maxValue": { "type": "string", "description": "Optional. The maximum column statistic value allowed for a row to pass this validation.At least one of min_value and max_value need to be provided." }, "minValue": { "type": "string", "description": "Optional. The minimum column statistic value allowed for a row to pass this validation.At least one of min_value and max_value need to be provided." }, "statistic": { "type": "string", "description": "Optional. The aggregate metric to evaluate." }, "strictMaxEnabled": { "type": "boolean", "description": "Optional. Whether column statistic needs to be strictly lesser than ('<') the maximum, or if equality is allowed.Only relevant if a max_value has been defined. Default = false." }, "strictMinEnabled": { "type": "boolean", "description": "Optional. Whether column statistic needs to be strictly greater than ('>') the minimum, or if equality is allowed.Only relevant if a min_value has been defined. Default = false." } }, "type": "object", "required": [ "maxValue", "minValue", "statistic", "strictMaxEnabled", "strictMinEnabled" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualityRuleStatisticRangeExpectationStatistic": { "description": "Optional. The aggregate metric to evaluate.", "type": "string", "enum": [ { "name": "StatisticUndefined", "description": "Unspecified statistic type", "value": "STATISTIC_UNDEFINED" }, { "name": "Mean", "description": "Evaluate the column mean", "value": "MEAN" }, { "name": "Min", "description": "Evaluate the column min", "value": "MIN" }, { "name": "Max", "description": "Evaluate the column max", "value": "MAX" } ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualityRuleTableConditionExpectation": { "description": "Evaluates whether the provided expression is true.The SQL expression needs to use BigQuery standard SQL syntax and should produce a scalar boolean result.Example: MIN(col1) >= 0", "properties": { "sqlExpression": { "type": "string", "description": "Optional. The SQL expression." } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualityRuleTableConditionExpectationResponse": { "description": "Evaluates whether the provided expression is true.The SQL expression needs to use BigQuery standard SQL syntax and should produce a scalar boolean result.Example: MIN(col1) >= 0", "properties": { "sqlExpression": { "type": "string", "description": "Optional. The SQL expression." } }, "type": "object", "required": [ "sqlExpression" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualityRuleUniquenessExpectation": { "description": "Evaluates whether the column has duplicates.", "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualityRuleUniquenessExpectationResponse": { "description": "Evaluates whether the column has duplicates.", "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualitySpec": { "description": "DataQualityScan related setting.", "properties": { "postScanActions": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataQualitySpecPostScanActions", "description": "Optional. Actions to take upon job completion." }, "rowFilter": { "type": "string", "description": "Optional. A filter applied to all rows in a single DataScan job. The filter needs to be a valid SQL expression for a WHERE clause in BigQuery standard SQL syntax. Example: col1 >= 0 AND col2 < 10" }, "rules": { "type": "array", "items": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataQualityRule" }, "description": "The list of rules to evaluate against a data source. At least one rule is required." }, "samplingPercent": { "type": "number", "description": "Optional. The percentage of the records to be selected from the dataset for DataScan. Value can range between 0.0 and 100.0 with up to 3 significant decimal digits. Sampling is not applied if sampling_percent is not specified, 0 or 100." } }, "type": "object", "required": [ "rules" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualitySpecPostScanActions": { "description": "The configuration of post scan actions of DataQualityScan.", "properties": { "bigqueryExport": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataQualitySpecPostScanActionsBigQueryExport", "description": "Optional. If set, results will be exported to the provided BigQuery table." } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualitySpecPostScanActionsBigQueryExport": { "description": "The configuration of BigQuery export post scan action.", "properties": { "resultsTable": { "type": "string", "description": "Optional. The BigQuery table to export DataQualityScan results to. Format: //bigquery.googleapis.com/projects/PROJECT_ID/datasets/DATASET_ID/tables/TABLE_ID" } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualitySpecPostScanActionsBigQueryExportResponse": { "description": "The configuration of BigQuery export post scan action.", "properties": { "resultsTable": { "type": "string", "description": "Optional. The BigQuery table to export DataQualityScan results to. Format: //bigquery.googleapis.com/projects/PROJECT_ID/datasets/DATASET_ID/tables/TABLE_ID" } }, "type": "object", "required": [ "resultsTable" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualitySpecPostScanActionsResponse": { "description": "The configuration of post scan actions of DataQualityScan.", "properties": { "bigqueryExport": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataQualitySpecPostScanActionsBigQueryExportResponse", "description": "Optional. If set, results will be exported to the provided BigQuery table." } }, "type": "object", "required": [ "bigqueryExport" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataQualitySpecResponse": { "description": "DataQualityScan related setting.", "properties": { "postScanActions": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataQualitySpecPostScanActionsResponse", "description": "Optional. Actions to take upon job completion." }, "rowFilter": { "type": "string", "description": "Optional. A filter applied to all rows in a single DataScan job. The filter needs to be a valid SQL expression for a WHERE clause in BigQuery standard SQL syntax. Example: col1 >= 0 AND col2 < 10" }, "rules": { "type": "array", "items": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1DataQualityRuleResponse" }, "description": "The list of rules to evaluate against a data source. At least one rule is required." }, "samplingPercent": { "type": "number", "description": "Optional. The percentage of the records to be selected from the dataset for DataScan. Value can range between 0.0 and 100.0 with up to 3 significant decimal digits. Sampling is not applied if sampling_percent is not specified, 0 or 100." } }, "type": "object", "required": [ "postScanActions", "rowFilter", "rules", "samplingPercent" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataScanExecutionSpec": { "description": "DataScan execution settings.", "properties": { "field": { "type": "string", "description": "Immutable. The unnested field (of type Date or Timestamp) that contains values which monotonically increase over time.If not specified, a data scan will run for all data in the table." }, "trigger": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1Trigger", "description": "Optional. Spec related to how often and when a scan should be triggered.If not specified, the default is OnDemand, which means the scan will not run until the user calls RunDataScan API." } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataScanExecutionSpecResponse": { "description": "DataScan execution settings.", "properties": { "field": { "type": "string", "description": "Immutable. The unnested field (of type Date or Timestamp) that contains values which monotonically increase over time.If not specified, a data scan will run for all data in the table." }, "trigger": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1TriggerResponse", "description": "Optional. Spec related to how often and when a scan should be triggered.If not specified, the default is OnDemand, which means the scan will not run until the user calls RunDataScan API." } }, "type": "object", "required": [ "field", "trigger" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataScanExecutionStatusResponse": { "description": "Status of the data scan execution.", "properties": { "latestJobEndTime": { "type": "string", "description": "The time when the latest DataScanJob ended." }, "latestJobStartTime": { "type": "string", "description": "The time when the latest DataScanJob started." } }, "type": "object", "required": [ "latestJobEndTime", "latestJobStartTime" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataSource": { "description": "The data source for DataScan.", "properties": { "entity": { "type": "string", "description": "Immutable. The Dataplex entity that represents the data source (e.g. BigQuery table) for DataScan, of the form: projects/{project_number}/locations/{location_id}/lakes/{lake_id}/zones/{zone_id}/entities/{entity_id}." }, "resource": { "type": "string", "description": "Immutable. The service-qualified full resource name of the cloud resource for a DataScan job to scan against. The field could be: BigQuery table of type \"TABLE\" for DataProfileScan/DataQualityScan Format: //bigquery.googleapis.com/projects/PROJECT_ID/datasets/DATASET_ID/tables/TABLE_ID" } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1DataSourceResponse": { "description": "The data source for DataScan.", "properties": { "entity": { "type": "string", "description": "Immutable. The Dataplex entity that represents the data source (e.g. BigQuery table) for DataScan, of the form: projects/{project_number}/locations/{location_id}/lakes/{lake_id}/zones/{zone_id}/entities/{entity_id}." }, "resource": { "type": "string", "description": "Immutable. The service-qualified full resource name of the cloud resource for a DataScan job to scan against. The field could be: BigQuery table of type \"TABLE\" for DataProfileScan/DataQualityScan Format: //bigquery.googleapis.com/projects/PROJECT_ID/datasets/DATASET_ID/tables/TABLE_ID" } }, "type": "object", "required": [ "entity", "resource" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1EntityCompatibilityStatusCompatibilityResponse": { "description": "Provides compatibility information for a specific metadata store.", "properties": { "compatible": { "type": "boolean", "description": "Whether the entity is compatible and can be represented in the metadata store." }, "reason": { "type": "string", "description": "Provides additional detail if the entity is incompatible with the metadata store." } }, "type": "object", "required": [ "compatible", "reason" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1EntityCompatibilityStatusResponse": { "description": "Provides compatibility information for various metadata stores.", "properties": { "bigquery": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1EntityCompatibilityStatusCompatibilityResponse", "description": "Whether this entity is compatible with BigQuery." }, "hiveMetastore": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1EntityCompatibilityStatusCompatibilityResponse", "description": "Whether this entity is compatible with Hive Metastore." } }, "type": "object", "required": [ "bigquery", "hiveMetastore" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1EnvironmentEndpointsResponse": { "description": "URI Endpoints to access sessions associated with the Environment.", "properties": { "notebooks": { "type": "string", "description": "URI to serve notebook APIs" }, "sql": { "type": "string", "description": "URI to serve SQL APIs" } }, "type": "object", "required": [ "notebooks", "sql" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1EnvironmentInfrastructureSpec": { "description": "Configuration for the underlying infrastructure used to run workloads.", "properties": { "compute": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1EnvironmentInfrastructureSpecComputeResources", "description": "Optional. Compute resources needed for analyze interactive workloads." }, "osImage": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1EnvironmentInfrastructureSpecOsImageRuntime", "description": "Software Runtime Configuration for analyze interactive workloads." } }, "type": "object", "required": [ "osImage" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1EnvironmentInfrastructureSpecComputeResources": { "description": "Compute resources associated with the analyze interactive workloads.", "properties": { "diskSizeGb": { "type": "integer", "description": "Optional. Size in GB of the disk. Default is 100 GB." }, "maxNodeCount": { "type": "integer", "description": "Optional. Max configurable nodes. If max_node_count > node_count, then auto-scaling is enabled." }, "nodeCount": { "type": "integer", "description": "Optional. Total number of nodes in the sessions created for this environment." } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1EnvironmentInfrastructureSpecComputeResourcesResponse": { "description": "Compute resources associated with the analyze interactive workloads.", "properties": { "diskSizeGb": { "type": "integer", "description": "Optional. Size in GB of the disk. Default is 100 GB." }, "maxNodeCount": { "type": "integer", "description": "Optional. Max configurable nodes. If max_node_count > node_count, then auto-scaling is enabled." }, "nodeCount": { "type": "integer", "description": "Optional. Total number of nodes in the sessions created for this environment." } }, "type": "object", "required": [ "diskSizeGb", "maxNodeCount", "nodeCount" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1EnvironmentInfrastructureSpecOsImageRuntime": { "description": "Software Runtime Configuration to run Analyze.", "properties": { "imageVersion": { "type": "string", "description": "Dataplex Image version." }, "javaLibraries": { "type": "array", "items": { "type": "string" }, "description": "Optional. List of Java jars to be included in the runtime environment. Valid input includes Cloud Storage URIs to Jar binaries. For example, gs://bucket-name/my/path/to/file.jar" }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Spark properties to provide configuration for use in sessions created for this environment. The properties to set on daemon config files. Property keys are specified in prefix:property format. The prefix must be \"spark\"." }, "pythonPackages": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of python packages to be installed. Valid formats include Cloud Storage URI to a PIP installable library. For example, gs://bucket-name/my/path/to/lib.tar.gz" } }, "type": "object", "required": [ "imageVersion" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1EnvironmentInfrastructureSpecOsImageRuntimeResponse": { "description": "Software Runtime Configuration to run Analyze.", "properties": { "imageVersion": { "type": "string", "description": "Dataplex Image version." }, "javaLibraries": { "type": "array", "items": { "type": "string" }, "description": "Optional. List of Java jars to be included in the runtime environment. Valid input includes Cloud Storage URIs to Jar binaries. For example, gs://bucket-name/my/path/to/file.jar" }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Spark properties to provide configuration for use in sessions created for this environment. The properties to set on daemon config files. Property keys are specified in prefix:property format. The prefix must be \"spark\"." }, "pythonPackages": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of python packages to be installed. Valid formats include Cloud Storage URI to a PIP installable library. For example, gs://bucket-name/my/path/to/lib.tar.gz" } }, "type": "object", "required": [ "imageVersion", "javaLibraries", "properties", "pythonPackages" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1EnvironmentInfrastructureSpecResponse": { "description": "Configuration for the underlying infrastructure used to run workloads.", "properties": { "compute": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1EnvironmentInfrastructureSpecComputeResourcesResponse", "description": "Optional. Compute resources needed for analyze interactive workloads." }, "osImage": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1EnvironmentInfrastructureSpecOsImageRuntimeResponse", "description": "Software Runtime Configuration for analyze interactive workloads." } }, "type": "object", "required": [ "compute", "osImage" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1EnvironmentSessionSpec": { "description": "Configuration for sessions created for this environment.", "properties": { "enableFastStartup": { "type": "boolean", "description": "Optional. If True, this causes sessions to be pre-created and available for faster startup to enable interactive exploration use-cases. This defaults to False to avoid additional billed charges. These can only be set to True for the environment with name set to \"default\", and with default configuration." }, "maxIdleDuration": { "type": "string", "description": "Optional. The idle time configuration of the session. The session will be auto-terminated at the end of this period." } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1EnvironmentSessionSpecResponse": { "description": "Configuration for sessions created for this environment.", "properties": { "enableFastStartup": { "type": "boolean", "description": "Optional. If True, this causes sessions to be pre-created and available for faster startup to enable interactive exploration use-cases. This defaults to False to avoid additional billed charges. These can only be set to True for the environment with name set to \"default\", and with default configuration." }, "maxIdleDuration": { "type": "string", "description": "Optional. The idle time configuration of the session. The session will be auto-terminated at the end of this period." } }, "type": "object", "required": [ "enableFastStartup", "maxIdleDuration" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1EnvironmentSessionStatusResponse": { "description": "Status of sessions created for this environment.", "properties": { "active": { "type": "boolean", "description": "Queries over sessions to mark whether the environment is currently active or not" } }, "type": "object", "required": [ "active" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1JobResponse": { "description": "A job represents an instance of a task.", "properties": { "endTime": { "type": "string", "description": "The time when the job ended." }, "executionSpec": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1TaskExecutionSpecResponse", "description": "Spec related to how a task is executed." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "User-defined labels for the task." }, "message": { "type": "string", "description": "Additional information about the current state." }, "name": { "type": "string", "description": "The relative resource name of the job, of the form: projects/{project_number}/locations/{location_id}/lakes/{lake_id}/tasks/{task_id}/jobs/{job_id}." }, "retryCount": { "type": "integer", "description": "The number of times the job has been retried (excluding the initial attempt)." }, "service": { "type": "string", "description": "The underlying service running a job." }, "serviceJob": { "type": "string", "description": "The full resource name for the job run under a particular service." }, "startTime": { "type": "string", "description": "The time when the job was started." }, "state": { "type": "string", "description": "Execution state for the job." }, "trigger": { "type": "string", "description": "Job execution trigger." }, "uid": { "type": "string", "description": "System generated globally unique ID for the job." } }, "type": "object", "required": [ "endTime", "executionSpec", "labels", "message", "name", "retryCount", "service", "serviceJob", "startTime", "state", "trigger", "uid" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1LakeMetastore": { "description": "Settings to manage association of Dataproc Metastore with a lake.", "properties": { "service": { "type": "string", "description": "Optional. A relative reference to the Dataproc Metastore (https://cloud.google.com/dataproc-metastore/docs) service associated with the lake: projects/{project_id}/locations/{location_id}/services/{service_id}" } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1LakeMetastoreResponse": { "description": "Settings to manage association of Dataproc Metastore with a lake.", "properties": { "service": { "type": "string", "description": "Optional. A relative reference to the Dataproc Metastore (https://cloud.google.com/dataproc-metastore/docs) service associated with the lake: projects/{project_id}/locations/{location_id}/services/{service_id}" } }, "type": "object", "required": [ "service" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1LakeMetastoreStatusResponse": { "description": "Status of Lake and Dataproc Metastore service instance association.", "properties": { "endpoint": { "type": "string", "description": "The URI of the endpoint used to access the Metastore service." }, "message": { "type": "string", "description": "Additional information about the current status." }, "state": { "type": "string", "description": "Current state of association." }, "updateTime": { "type": "string", "description": "Last update time of the metastore status of the lake." } }, "type": "object", "required": [ "endpoint", "message", "state", "updateTime" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1ResourceAccessSpec": { "description": "ResourceAccessSpec holds the access control configuration to be enforced on the resources, for example, Cloud Storage bucket, BigQuery dataset, BigQuery table.", "properties": { "owners": { "type": "array", "items": { "type": "string" }, "description": "Optional. The set of principals to be granted owner role on the resource." }, "readers": { "type": "array", "items": { "type": "string" }, "description": "Optional. The format of strings follows the pattern followed by IAM in the bindings. user:{email}, serviceAccount:{email} group:{email}. The set of principals to be granted reader role on the resource." }, "writers": { "type": "array", "items": { "type": "string" }, "description": "Optional. The set of principals to be granted writer role on the resource." } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1ResourceAccessSpecResponse": { "description": "ResourceAccessSpec holds the access control configuration to be enforced on the resources, for example, Cloud Storage bucket, BigQuery dataset, BigQuery table.", "properties": { "owners": { "type": "array", "items": { "type": "string" }, "description": "Optional. The set of principals to be granted owner role on the resource." }, "readers": { "type": "array", "items": { "type": "string" }, "description": "Optional. The format of strings follows the pattern followed by IAM in the bindings. user:{email}, serviceAccount:{email} group:{email}. The set of principals to be granted reader role on the resource." }, "writers": { "type": "array", "items": { "type": "string" }, "description": "Optional. The set of principals to be granted writer role on the resource." } }, "type": "object", "required": [ "owners", "readers", "writers" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1ScannedDataIncrementalFieldResponse": { "description": "A data range denoted by a pair of start/end values of a field.", "properties": { "end": { "type": "string", "description": "Value that marks the end of the range." }, "field": { "type": "string", "description": "The field that contains values which monotonically increases over time (e.g. a timestamp column)." }, "start": { "type": "string", "description": "Value that marks the start of the range." } }, "type": "object", "required": [ "end", "field", "start" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1ScannedDataResponse": { "description": "The data scanned during processing (e.g. in incremental DataScan)", "properties": { "incrementalField": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1ScannedDataIncrementalFieldResponse", "description": "The range denoted by values of an incremental field" } }, "type": "object", "required": [ "incrementalField" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1Schema": { "description": "Schema information describing the structure and layout of the data.", "properties": { "fields": { "type": "array", "items": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1SchemaSchemaField" }, "description": "Optional. The sequence of fields describing data in table entities. Note: BigQuery SchemaFields are immutable." }, "partitionFields": { "type": "array", "items": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1SchemaPartitionField" }, "description": "Optional. The sequence of fields describing the partition structure in entities. If this field is empty, there are no partitions within the data." }, "partitionStyle": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1SchemaPartitionStyle", "description": "Optional. The structure of paths containing partition data within the entity." }, "userManaged": { "type": "boolean", "description": "Set to true if user-managed or false if managed by Dataplex. The default is false (managed by Dataplex). Set to falseto enable Dataplex discovery to update the schema. including new data discovery, schema inference, and schema evolution. Users retain the ability to input and edit the schema. Dataplex treats schema input by the user as though produced by a previous Dataplex discovery operation, and it will evolve the schema and take action based on that treatment. Set to true to fully manage the entity schema. This setting guarantees that Dataplex will not change schema fields." } }, "type": "object", "required": [ "userManaged" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1SchemaPartitionField": { "description": "Represents a key field within the entity's partition structure. You could have up to 20 partition fields, but only the first 10 partitions have the filtering ability due to performance consideration. Note: Partition fields are immutable.", "properties": { "name": { "type": "string", "description": "Partition field name must consist of letters, numbers, and underscores only, with a maximum of length of 256 characters, and must begin with a letter or underscore.." }, "type": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1SchemaPartitionFieldType", "description": "Immutable. The type of field." } }, "type": "object", "required": [ "name", "type" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1SchemaPartitionFieldResponse": { "description": "Represents a key field within the entity's partition structure. You could have up to 20 partition fields, but only the first 10 partitions have the filtering ability due to performance consideration. Note: Partition fields are immutable.", "properties": { "name": { "type": "string", "description": "Partition field name must consist of letters, numbers, and underscores only, with a maximum of length of 256 characters, and must begin with a letter or underscore.." }, "type": { "type": "string", "description": "Immutable. The type of field." } }, "type": "object", "required": [ "name", "type" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1SchemaPartitionFieldType": { "description": "Required. Immutable. The type of field.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "SchemaType unspecified.", "value": "TYPE_UNSPECIFIED" }, { "name": "Boolean", "description": "Boolean field.", "value": "BOOLEAN" }, { "name": "Byte", "description": "Single byte numeric field.", "value": "BYTE" }, { "name": "Int16", "description": "16-bit numeric field.", "value": "INT16" }, { "name": "Int32", "description": "32-bit numeric field.", "value": "INT32" }, { "name": "Int64", "description": "64-bit numeric field.", "value": "INT64" }, { "name": "Float", "description": "Floating point numeric field.", "value": "FLOAT" }, { "name": "Double", "description": "Double precision numeric field.", "value": "DOUBLE" }, { "name": "Decimal", "description": "Real value numeric field.", "value": "DECIMAL" }, { "name": "String", "description": "Sequence of characters field.", "value": "STRING" }, { "name": "Binary", "description": "Sequence of bytes field.", "value": "BINARY" }, { "name": "Timestamp", "description": "Date and time field.", "value": "TIMESTAMP" }, { "name": "Date", "description": "Date field.", "value": "DATE" }, { "name": "Time", "description": "Time field.", "value": "TIME" }, { "name": "Record", "description": "Structured field. Nested fields that define the structure of the map. If all nested fields are nullable, this field represents a union.", "value": "RECORD" }, { "name": "Null", "description": "Null field that does not have values.", "value": "NULL" } ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1SchemaPartitionStyle": { "description": "Optional. The structure of paths containing partition data within the entity.", "type": "string", "enum": [ { "name": "PartitionStyleUnspecified", "description": "PartitionStyle unspecified", "value": "PARTITION_STYLE_UNSPECIFIED" }, { "name": "HiveCompatible", "description": "Partitions are hive-compatible. Examples: gs://bucket/path/to/table/dt=2019-10-31/lang=en, gs://bucket/path/to/table/dt=2019-10-31/lang=en/late.", "value": "HIVE_COMPATIBLE" } ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1SchemaResponse": { "description": "Schema information describing the structure and layout of the data.", "properties": { "fields": { "type": "array", "items": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1SchemaSchemaFieldResponse" }, "description": "Optional. The sequence of fields describing data in table entities. Note: BigQuery SchemaFields are immutable." }, "partitionFields": { "type": "array", "items": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1SchemaPartitionFieldResponse" }, "description": "Optional. The sequence of fields describing the partition structure in entities. If this field is empty, there are no partitions within the data." }, "partitionStyle": { "type": "string", "description": "Optional. The structure of paths containing partition data within the entity." }, "userManaged": { "type": "boolean", "description": "Set to true if user-managed or false if managed by Dataplex. The default is false (managed by Dataplex). Set to falseto enable Dataplex discovery to update the schema. including new data discovery, schema inference, and schema evolution. Users retain the ability to input and edit the schema. Dataplex treats schema input by the user as though produced by a previous Dataplex discovery operation, and it will evolve the schema and take action based on that treatment. Set to true to fully manage the entity schema. This setting guarantees that Dataplex will not change schema fields." } }, "type": "object", "required": [ "fields", "partitionFields", "partitionStyle", "userManaged" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1SchemaSchemaField": { "description": "Represents a column field within a table schema.", "properties": { "description": { "type": "string", "description": "Optional. User friendly field description. Must be less than or equal to 1024 characters." }, "fields": { "type": "array", "items": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1SchemaSchemaField" }, "description": "Optional. Any nested field for complex types." }, "mode": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1SchemaSchemaFieldMode", "description": "Additional field semantics." }, "name": { "type": "string", "description": "The name of the field. Must contain only letters, numbers and underscores, with a maximum length of 767 characters, and must begin with a letter or underscore." }, "type": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1SchemaSchemaFieldType", "description": "The type of field." } }, "type": "object", "required": [ "mode", "name", "type" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1SchemaSchemaFieldMode": { "description": "Required. Additional field semantics.", "type": "string", "enum": [ { "name": "ModeUnspecified", "description": "Mode unspecified.", "value": "MODE_UNSPECIFIED" }, { "name": "Required", "description": "The field has required semantics.", "value": "REQUIRED" }, { "name": "Nullable", "description": "The field has optional semantics, and may be null.", "value": "NULLABLE" }, { "name": "Repeated", "description": "The field has repeated (0 or more) semantics, and is a list of values.", "value": "REPEATED" } ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1SchemaSchemaFieldResponse": { "description": "Represents a column field within a table schema.", "properties": { "description": { "type": "string", "description": "Optional. User friendly field description. Must be less than or equal to 1024 characters." }, "fields": { "type": "array", "items": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1SchemaSchemaFieldResponse" }, "description": "Optional. Any nested field for complex types." }, "mode": { "type": "string", "description": "Additional field semantics." }, "name": { "type": "string", "description": "The name of the field. Must contain only letters, numbers and underscores, with a maximum length of 767 characters, and must begin with a letter or underscore." }, "type": { "type": "string", "description": "The type of field." } }, "type": "object", "required": [ "description", "fields", "mode", "name", "type" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1SchemaSchemaFieldType": { "description": "Required. The type of field.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "SchemaType unspecified.", "value": "TYPE_UNSPECIFIED" }, { "name": "Boolean", "description": "Boolean field.", "value": "BOOLEAN" }, { "name": "Byte", "description": "Single byte numeric field.", "value": "BYTE" }, { "name": "Int16", "description": "16-bit numeric field.", "value": "INT16" }, { "name": "Int32", "description": "32-bit numeric field.", "value": "INT32" }, { "name": "Int64", "description": "64-bit numeric field.", "value": "INT64" }, { "name": "Float", "description": "Floating point numeric field.", "value": "FLOAT" }, { "name": "Double", "description": "Double precision numeric field.", "value": "DOUBLE" }, { "name": "Decimal", "description": "Real value numeric field.", "value": "DECIMAL" }, { "name": "String", "description": "Sequence of characters field.", "value": "STRING" }, { "name": "Binary", "description": "Sequence of bytes field.", "value": "BINARY" }, { "name": "Timestamp", "description": "Date and time field.", "value": "TIMESTAMP" }, { "name": "Date", "description": "Date field.", "value": "DATE" }, { "name": "Time", "description": "Time field.", "value": "TIME" }, { "name": "Record", "description": "Structured field. Nested fields that define the structure of the map. If all nested fields are nullable, this field represents a union.", "value": "RECORD" }, { "name": "Null", "description": "Null field that does not have values.", "value": "NULL" } ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1StorageAccessResponse": { "description": "Describes the access mechanism of the data within its storage location.", "properties": { "read": { "type": "string", "description": "Describes the read access mechanism of the data. Not user settable." } }, "type": "object", "required": [ "read" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1StorageFormat": { "description": "Describes the format of the data within its storage location.", "properties": { "compressionFormat": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1StorageFormatCompressionFormat", "description": "Optional. The compression type associated with the stored data. If unspecified, the data is uncompressed." }, "csv": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1StorageFormatCsvOptions", "description": "Optional. Additional information about CSV formatted data." }, "iceberg": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1StorageFormatIcebergOptions", "description": "Optional. Additional information about iceberg tables." }, "json": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1StorageFormatJsonOptions", "description": "Optional. Additional information about CSV formatted data." }, "mimeType": { "type": "string", "description": "The mime type descriptor for the data. Must match the pattern {type}/{subtype}. Supported values: application/x-parquet application/x-avro application/x-orc application/x-tfrecord application/x-parquet+iceberg application/x-avro+iceberg application/x-orc+iceberg application/json application/{subtypes} text/csv text/ image/{image subtype} video/{video subtype} audio/{audio subtype}" } }, "type": "object", "required": [ "mimeType" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1StorageFormatCompressionFormat": { "description": "Optional. The compression type associated with the stored data. If unspecified, the data is uncompressed.", "type": "string", "enum": [ { "name": "CompressionFormatUnspecified", "description": "CompressionFormat unspecified. Implies uncompressed data.", "value": "COMPRESSION_FORMAT_UNSPECIFIED" }, { "name": "Gzip", "description": "GZip compressed set of files.", "value": "GZIP" }, { "name": "Bzip2", "description": "BZip2 compressed set of files.", "value": "BZIP2" } ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1StorageFormatCsvOptions": { "description": "Describes CSV and similar semi-structured data formats.", "properties": { "delimiter": { "type": "string", "description": "Optional. The delimiter used to separate values. Defaults to ','." }, "encoding": { "type": "string", "description": "Optional. The character encoding of the data. Accepts \"US-ASCII\", \"UTF-8\", and \"ISO-8859-1\". Defaults to UTF-8 if unspecified." }, "headerRows": { "type": "integer", "description": "Optional. The number of rows to interpret as header rows that should be skipped when reading data rows. Defaults to 0." }, "quote": { "type": "string", "description": "Optional. The character used to quote column values. Accepts '\"' (double quotation mark) or ''' (single quotation mark). Defaults to '\"' (double quotation mark) if unspecified." } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1StorageFormatCsvOptionsResponse": { "description": "Describes CSV and similar semi-structured data formats.", "properties": { "delimiter": { "type": "string", "description": "Optional. The delimiter used to separate values. Defaults to ','." }, "encoding": { "type": "string", "description": "Optional. The character encoding of the data. Accepts \"US-ASCII\", \"UTF-8\", and \"ISO-8859-1\". Defaults to UTF-8 if unspecified." }, "headerRows": { "type": "integer", "description": "Optional. The number of rows to interpret as header rows that should be skipped when reading data rows. Defaults to 0." }, "quote": { "type": "string", "description": "Optional. The character used to quote column values. Accepts '\"' (double quotation mark) or ''' (single quotation mark). Defaults to '\"' (double quotation mark) if unspecified." } }, "type": "object", "required": [ "delimiter", "encoding", "headerRows", "quote" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1StorageFormatIcebergOptions": { "description": "Describes Iceberg data format.", "properties": { "metadataLocation": { "type": "string", "description": "Optional. The location of where the iceberg metadata is present, must be within the table path" } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1StorageFormatIcebergOptionsResponse": { "description": "Describes Iceberg data format.", "properties": { "metadataLocation": { "type": "string", "description": "Optional. The location of where the iceberg metadata is present, must be within the table path" } }, "type": "object", "required": [ "metadataLocation" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1StorageFormatJsonOptions": { "description": "Describes JSON data format.", "properties": { "encoding": { "type": "string", "description": "Optional. The character encoding of the data. Accepts \"US-ASCII\", \"UTF-8\" and \"ISO-8859-1\". Defaults to UTF-8 if not specified." } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1StorageFormatJsonOptionsResponse": { "description": "Describes JSON data format.", "properties": { "encoding": { "type": "string", "description": "Optional. The character encoding of the data. Accepts \"US-ASCII\", \"UTF-8\" and \"ISO-8859-1\". Defaults to UTF-8 if not specified." } }, "type": "object", "required": [ "encoding" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1StorageFormatResponse": { "description": "Describes the format of the data within its storage location.", "properties": { "compressionFormat": { "type": "string", "description": "Optional. The compression type associated with the stored data. If unspecified, the data is uncompressed." }, "csv": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1StorageFormatCsvOptionsResponse", "description": "Optional. Additional information about CSV formatted data." }, "format": { "type": "string", "description": "The data format associated with the stored data, which represents content type values. The value is inferred from mime type." }, "iceberg": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1StorageFormatIcebergOptionsResponse", "description": "Optional. Additional information about iceberg tables." }, "json": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1StorageFormatJsonOptionsResponse", "description": "Optional. Additional information about CSV formatted data." }, "mimeType": { "type": "string", "description": "The mime type descriptor for the data. Must match the pattern {type}/{subtype}. Supported values: application/x-parquet application/x-avro application/x-orc application/x-tfrecord application/x-parquet+iceberg application/x-avro+iceberg application/x-orc+iceberg application/json application/{subtypes} text/csv text/ image/{image subtype} video/{video subtype} audio/{audio subtype}" } }, "type": "object", "required": [ "compressionFormat", "csv", "format", "iceberg", "json", "mimeType" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1TaskExecutionSpec": { "description": "Execution related settings, like retry and service_account.", "properties": { "args": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. The arguments to pass to the task. The args can use placeholders of the format ${placeholder} as part of key/value string. These will be interpolated before passing the args to the driver. Currently supported placeholders: - ${task_id} - ${job_time} To pass positional args, set the key as TASK_ARGS. The value should be a comma-separated string of all the positional arguments. To use a delimiter other than comma, refer to https://cloud.google.com/sdk/gcloud/reference/topic/escaping. In case of other keys being present in the args, then TASK_ARGS will be passed as the last argument." }, "kmsKey": { "type": "string", "description": "Optional. The Cloud KMS key to use for encryption, of the form: projects/{project_number}/locations/{location_id}/keyRings/{key-ring-name}/cryptoKeys/{key-name}." }, "maxJobExecutionLifetime": { "type": "string", "description": "Optional. The maximum duration after which the job execution is expired." }, "project": { "type": "string", "description": "Optional. The project in which jobs are run. By default, the project containing the Lake is used. If a project is provided, the ExecutionSpec.service_account must belong to this project." }, "serviceAccount": { "type": "string", "description": "Service account to use to execute a task. If not provided, the default Compute service account for the project is used." } }, "type": "object", "required": [ "serviceAccount" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1TaskExecutionSpecResponse": { "description": "Execution related settings, like retry and service_account.", "properties": { "args": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. The arguments to pass to the task. The args can use placeholders of the format ${placeholder} as part of key/value string. These will be interpolated before passing the args to the driver. Currently supported placeholders: - ${task_id} - ${job_time} To pass positional args, set the key as TASK_ARGS. The value should be a comma-separated string of all the positional arguments. To use a delimiter other than comma, refer to https://cloud.google.com/sdk/gcloud/reference/topic/escaping. In case of other keys being present in the args, then TASK_ARGS will be passed as the last argument." }, "kmsKey": { "type": "string", "description": "Optional. The Cloud KMS key to use for encryption, of the form: projects/{project_number}/locations/{location_id}/keyRings/{key-ring-name}/cryptoKeys/{key-name}." }, "maxJobExecutionLifetime": { "type": "string", "description": "Optional. The maximum duration after which the job execution is expired." }, "project": { "type": "string", "description": "Optional. The project in which jobs are run. By default, the project containing the Lake is used. If a project is provided, the ExecutionSpec.service_account must belong to this project." }, "serviceAccount": { "type": "string", "description": "Service account to use to execute a task. If not provided, the default Compute service account for the project is used." } }, "type": "object", "required": [ "args", "kmsKey", "maxJobExecutionLifetime", "project", "serviceAccount" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1TaskExecutionStatusResponse": { "description": "Status of the task execution (e.g. Jobs).", "properties": { "latestJob": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1JobResponse", "description": "latest job execution" }, "updateTime": { "type": "string", "description": "Last update time of the status." } }, "type": "object", "required": [ "latestJob", "updateTime" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1TaskInfrastructureSpec": { "description": "Configuration for the underlying infrastructure used to run workloads.", "properties": { "batch": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1TaskInfrastructureSpecBatchComputeResources", "description": "Compute resources needed for a Task when using Dataproc Serverless." }, "containerImage": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1TaskInfrastructureSpecContainerImageRuntime", "description": "Container Image Runtime Configuration." }, "vpcNetwork": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1TaskInfrastructureSpecVpcNetwork", "description": "Vpc network." } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1TaskInfrastructureSpecBatchComputeResources": { "description": "Batch compute resources associated with the task.", "properties": { "executorsCount": { "type": "integer", "description": "Optional. Total number of job executors. Executor Count should be between 2 and 100. Default=2" }, "maxExecutorsCount": { "type": "integer", "description": "Optional. Max configurable executors. If max_executors_count > executors_count, then auto-scaling is enabled. Max Executor Count should be between 2 and 1000. Default=1000" } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1TaskInfrastructureSpecBatchComputeResourcesResponse": { "description": "Batch compute resources associated with the task.", "properties": { "executorsCount": { "type": "integer", "description": "Optional. Total number of job executors. Executor Count should be between 2 and 100. Default=2" }, "maxExecutorsCount": { "type": "integer", "description": "Optional. Max configurable executors. If max_executors_count > executors_count, then auto-scaling is enabled. Max Executor Count should be between 2 and 1000. Default=1000" } }, "type": "object", "required": [ "executorsCount", "maxExecutorsCount" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1TaskInfrastructureSpecContainerImageRuntime": { "description": "Container Image Runtime Configuration used with Batch execution.", "properties": { "image": { "type": "string", "description": "Optional. Container image to use." }, "javaJars": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of Java JARS to add to the classpath. Valid input includes Cloud Storage URIs to Jar binaries. For example, gs://bucket-name/my/path/to/file.jar" }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Override to common configuration of open source components installed on the Dataproc cluster. The properties to set on daemon config files. Property keys are specified in prefix:property format, for example core:hadoop.tmp.dir. For more information, see Cluster properties (https://cloud.google.com/dataproc/docs/concepts/cluster-properties)." }, "pythonPackages": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of python packages to be installed. Valid formats include Cloud Storage URI to a PIP installable library. For example, gs://bucket-name/my/path/to/lib.tar.gz" } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1TaskInfrastructureSpecContainerImageRuntimeResponse": { "description": "Container Image Runtime Configuration used with Batch execution.", "properties": { "image": { "type": "string", "description": "Optional. Container image to use." }, "javaJars": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of Java JARS to add to the classpath. Valid input includes Cloud Storage URIs to Jar binaries. For example, gs://bucket-name/my/path/to/file.jar" }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Override to common configuration of open source components installed on the Dataproc cluster. The properties to set on daemon config files. Property keys are specified in prefix:property format, for example core:hadoop.tmp.dir. For more information, see Cluster properties (https://cloud.google.com/dataproc/docs/concepts/cluster-properties)." }, "pythonPackages": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of python packages to be installed. Valid formats include Cloud Storage URI to a PIP installable library. For example, gs://bucket-name/my/path/to/lib.tar.gz" } }, "type": "object", "required": [ "image", "javaJars", "properties", "pythonPackages" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1TaskInfrastructureSpecResponse": { "description": "Configuration for the underlying infrastructure used to run workloads.", "properties": { "batch": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1TaskInfrastructureSpecBatchComputeResourcesResponse", "description": "Compute resources needed for a Task when using Dataproc Serverless." }, "containerImage": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1TaskInfrastructureSpecContainerImageRuntimeResponse", "description": "Container Image Runtime Configuration." }, "vpcNetwork": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1TaskInfrastructureSpecVpcNetworkResponse", "description": "Vpc network." } }, "type": "object", "required": [ "batch", "containerImage", "vpcNetwork" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1TaskInfrastructureSpecVpcNetwork": { "description": "Cloud VPC Network used to run the infrastructure.", "properties": { "network": { "type": "string", "description": "Optional. The Cloud VPC network in which the job is run. By default, the Cloud VPC network named Default within the project is used." }, "networkTags": { "type": "array", "items": { "type": "string" }, "description": "Optional. List of network tags to apply to the job." }, "subNetwork": { "type": "string", "description": "Optional. The Cloud VPC sub-network in which the job is run." } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1TaskInfrastructureSpecVpcNetworkResponse": { "description": "Cloud VPC Network used to run the infrastructure.", "properties": { "network": { "type": "string", "description": "Optional. The Cloud VPC network in which the job is run. By default, the Cloud VPC network named Default within the project is used." }, "networkTags": { "type": "array", "items": { "type": "string" }, "description": "Optional. List of network tags to apply to the job." }, "subNetwork": { "type": "string", "description": "Optional. The Cloud VPC sub-network in which the job is run." } }, "type": "object", "required": [ "network", "networkTags", "subNetwork" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1TaskNotebookTaskConfig": { "description": "Config for running scheduled notebooks.", "properties": { "archiveUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. Cloud Storage URIs of archives to be extracted into the working directory of each executor. Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip." }, "fileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. Cloud Storage URIs of files to be placed in the working directory of each executor." }, "infrastructureSpec": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1TaskInfrastructureSpec", "description": "Optional. Infrastructure specification for the execution." }, "notebook": { "type": "string", "description": "Path to input notebook. This can be the Cloud Storage URI of the notebook file or the path to a Notebook Content. The execution args are accessible as environment variables (TASK_key=value)." } }, "type": "object", "required": [ "notebook" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1TaskNotebookTaskConfigResponse": { "description": "Config for running scheduled notebooks.", "properties": { "archiveUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. Cloud Storage URIs of archives to be extracted into the working directory of each executor. Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip." }, "fileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. Cloud Storage URIs of files to be placed in the working directory of each executor." }, "infrastructureSpec": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1TaskInfrastructureSpecResponse", "description": "Optional. Infrastructure specification for the execution." }, "notebook": { "type": "string", "description": "Path to input notebook. This can be the Cloud Storage URI of the notebook file or the path to a Notebook Content. The execution args are accessible as environment variables (TASK_key=value)." } }, "type": "object", "required": [ "archiveUris", "fileUris", "infrastructureSpec", "notebook" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1TaskSparkTaskConfig": { "description": "User-specified config for running a Spark task.", "properties": { "archiveUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. Cloud Storage URIs of archives to be extracted into the working directory of each executor. Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip." }, "fileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. Cloud Storage URIs of files to be placed in the working directory of each executor." }, "infrastructureSpec": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1TaskInfrastructureSpec", "description": "Optional. Infrastructure specification for the execution." }, "mainClass": { "type": "string", "description": "The name of the driver's main class. The jar file that contains the class must be in the default CLASSPATH or specified in jar_file_uris. The execution args are passed in as a sequence of named process arguments (--key=value)." }, "mainJarFileUri": { "type": "string", "description": "The Cloud Storage URI of the jar file that contains the main class. The execution args are passed in as a sequence of named process arguments (--key=value)." }, "pythonScriptFile": { "type": "string", "description": "The Gcloud Storage URI of the main Python file to use as the driver. Must be a .py file. The execution args are passed in as a sequence of named process arguments (--key=value)." }, "sqlScript": { "type": "string", "description": "The query text. The execution args are used to declare a set of script variables (set key=\"value\";)." }, "sqlScriptFile": { "type": "string", "description": "A reference to a query file. This can be the Cloud Storage URI of the query file or it can the path to a SqlScript Content. The execution args are used to declare a set of script variables (set key=\"value\";)." } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1TaskSparkTaskConfigResponse": { "description": "User-specified config for running a Spark task.", "properties": { "archiveUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. Cloud Storage URIs of archives to be extracted into the working directory of each executor. Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip." }, "fileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. Cloud Storage URIs of files to be placed in the working directory of each executor." }, "infrastructureSpec": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1TaskInfrastructureSpecResponse", "description": "Optional. Infrastructure specification for the execution." }, "mainClass": { "type": "string", "description": "The name of the driver's main class. The jar file that contains the class must be in the default CLASSPATH or specified in jar_file_uris. The execution args are passed in as a sequence of named process arguments (--key=value)." }, "mainJarFileUri": { "type": "string", "description": "The Cloud Storage URI of the jar file that contains the main class. The execution args are passed in as a sequence of named process arguments (--key=value)." }, "pythonScriptFile": { "type": "string", "description": "The Gcloud Storage URI of the main Python file to use as the driver. Must be a .py file. The execution args are passed in as a sequence of named process arguments (--key=value)." }, "sqlScript": { "type": "string", "description": "The query text. The execution args are used to declare a set of script variables (set key=\"value\";)." }, "sqlScriptFile": { "type": "string", "description": "A reference to a query file. This can be the Cloud Storage URI of the query file or it can the path to a SqlScript Content. The execution args are used to declare a set of script variables (set key=\"value\";)." } }, "type": "object", "required": [ "archiveUris", "fileUris", "infrastructureSpec", "mainClass", "mainJarFileUri", "pythonScriptFile", "sqlScript", "sqlScriptFile" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1TaskTriggerSpec": { "description": "Task scheduling and trigger settings.", "properties": { "disabled": { "type": "boolean", "description": "Optional. Prevent the task from executing. This does not cancel already running tasks. It is intended to temporarily disable RECURRING tasks." }, "maxRetries": { "type": "integer", "description": "Optional. Number of retry attempts before aborting. Set to zero to never attempt to retry a failed task." }, "schedule": { "type": "string", "description": "Optional. Cron schedule (https://en.wikipedia.org/wiki/Cron) for running tasks periodically. To explicitly set a timezone to the cron tab, apply a prefix in the cron tab: \"CRON_TZ=${IANA_TIME_ZONE}\" or \"TZ=${IANA_TIME_ZONE}\". The ${IANA_TIME_ZONE} may only be a valid string from IANA time zone database. For example, CRON_TZ=America/New_York 1 * * * *, or TZ=America/New_York 1 * * * *. This field is required for RECURRING tasks." }, "startTime": { "type": "string", "description": "Optional. The first run of the task will be after this time. If not specified, the task will run shortly after being submitted if ON_DEMAND and based on the schedule if RECURRING." }, "type": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1TaskTriggerSpecType", "description": "Immutable. Trigger type of the user-specified Task." } }, "type": "object", "required": [ "type" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1TaskTriggerSpecResponse": { "description": "Task scheduling and trigger settings.", "properties": { "disabled": { "type": "boolean", "description": "Optional. Prevent the task from executing. This does not cancel already running tasks. It is intended to temporarily disable RECURRING tasks." }, "maxRetries": { "type": "integer", "description": "Optional. Number of retry attempts before aborting. Set to zero to never attempt to retry a failed task." }, "schedule": { "type": "string", "description": "Optional. Cron schedule (https://en.wikipedia.org/wiki/Cron) for running tasks periodically. To explicitly set a timezone to the cron tab, apply a prefix in the cron tab: \"CRON_TZ=${IANA_TIME_ZONE}\" or \"TZ=${IANA_TIME_ZONE}\". The ${IANA_TIME_ZONE} may only be a valid string from IANA time zone database. For example, CRON_TZ=America/New_York 1 * * * *, or TZ=America/New_York 1 * * * *. This field is required for RECURRING tasks." }, "startTime": { "type": "string", "description": "Optional. The first run of the task will be after this time. If not specified, the task will run shortly after being submitted if ON_DEMAND and based on the schedule if RECURRING." }, "type": { "type": "string", "description": "Immutable. Trigger type of the user-specified Task." } }, "type": "object", "required": [ "disabled", "maxRetries", "schedule", "startTime", "type" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1TaskTriggerSpecType": { "description": "Required. Immutable. Trigger type of the user-specified Task.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Unspecified trigger type.", "value": "TYPE_UNSPECIFIED" }, { "name": "OnDemand", "description": "The task runs one-time shortly after Task Creation.", "value": "ON_DEMAND" }, { "name": "Recurring", "description": "The task is scheduled to run periodically.", "value": "RECURRING" } ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1Trigger": { "description": "DataScan scheduling and trigger settings.", "properties": { "onDemand": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1TriggerOnDemand", "description": "The scan runs once via RunDataScan API." }, "schedule": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1TriggerSchedule", "description": "The scan is scheduled to run periodically." } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1TriggerOnDemand": { "description": "The scan runs once via RunDataScan API.", "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1TriggerOnDemandResponse": { "description": "The scan runs once via RunDataScan API.", "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1TriggerResponse": { "description": "DataScan scheduling and trigger settings.", "properties": { "onDemand": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1TriggerOnDemandResponse", "description": "The scan runs once via RunDataScan API." }, "schedule": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1TriggerScheduleResponse", "description": "The scan is scheduled to run periodically." } }, "type": "object", "required": [ "onDemand", "schedule" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1TriggerSchedule": { "description": "The scan is scheduled to run periodically.", "properties": { "cron": { "type": "string", "description": "Cron (https://en.wikipedia.org/wiki/Cron) schedule for running scans periodically.To explicitly set a timezone in the cron tab, apply a prefix in the cron tab: \"CRON_TZ=${IANA_TIME_ZONE}\" or \"TZ=${IANA_TIME_ZONE}\". The ${IANA_TIME_ZONE} may only be a valid string from IANA time zone database (wikipedia (https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List)). For example, CRON_TZ=America/New_York 1 * * * *, or TZ=America/New_York 1 * * * *.This field is required for Schedule scans." } }, "type": "object", "required": [ "cron" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1TriggerScheduleResponse": { "description": "The scan is scheduled to run periodically.", "properties": { "cron": { "type": "string", "description": "Cron (https://en.wikipedia.org/wiki/Cron) schedule for running scans periodically.To explicitly set a timezone in the cron tab, apply a prefix in the cron tab: \"CRON_TZ=${IANA_TIME_ZONE}\" or \"TZ=${IANA_TIME_ZONE}\". The ${IANA_TIME_ZONE} may only be a valid string from IANA time zone database (wikipedia (https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List)). For example, CRON_TZ=America/New_York 1 * * * *, or TZ=America/New_York 1 * * * *.This field is required for Schedule scans." } }, "type": "object", "required": [ "cron" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1ZoneDiscoverySpec": { "description": "Settings to manage the metadata discovery and publishing in a zone.", "properties": { "csvOptions": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1ZoneDiscoverySpecCsvOptions", "description": "Optional. Configuration for CSV data." }, "enabled": { "type": "boolean", "description": "Whether discovery is enabled." }, "excludePatterns": { "type": "array", "items": { "type": "string" }, "description": "Optional. The list of patterns to apply for selecting data to exclude during discovery. For Cloud Storage bucket assets, these are interpreted as glob patterns used to match object names. For BigQuery dataset assets, these are interpreted as patterns to match table names." }, "includePatterns": { "type": "array", "items": { "type": "string" }, "description": "Optional. The list of patterns to apply for selecting data to include during discovery if only a subset of the data should considered. For Cloud Storage bucket assets, these are interpreted as glob patterns used to match object names. For BigQuery dataset assets, these are interpreted as patterns to match table names." }, "jsonOptions": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1ZoneDiscoverySpecJsonOptions", "description": "Optional. Configuration for Json data." }, "schedule": { "type": "string", "description": "Optional. Cron schedule (https://en.wikipedia.org/wiki/Cron) for running discovery periodically. Successive discovery runs must be scheduled at least 60 minutes apart. The default value is to run discovery every 60 minutes. To explicitly set a timezone to the cron tab, apply a prefix in the cron tab: \"CRON_TZ=${IANA_TIME_ZONE}\" or TZ=${IANA_TIME_ZONE}\". The ${IANA_TIME_ZONE} may only be a valid string from IANA time zone database. For example, CRON_TZ=America/New_York 1 * * * *, or TZ=America/New_York 1 * * * *." } }, "type": "object", "required": [ "enabled" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1ZoneDiscoverySpecCsvOptions": { "description": "Describe CSV and similar semi-structured data formats.", "properties": { "delimiter": { "type": "string", "description": "Optional. The delimiter being used to separate values. This defaults to ','." }, "disableTypeInference": { "type": "boolean", "description": "Optional. Whether to disable the inference of data type for CSV data. If true, all columns will be registered as strings." }, "encoding": { "type": "string", "description": "Optional. The character encoding of the data. The default is UTF-8." }, "headerRows": { "type": "integer", "description": "Optional. The number of rows to interpret as header rows that should be skipped when reading data rows." } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1ZoneDiscoverySpecCsvOptionsResponse": { "description": "Describe CSV and similar semi-structured data formats.", "properties": { "delimiter": { "type": "string", "description": "Optional. The delimiter being used to separate values. This defaults to ','." }, "disableTypeInference": { "type": "boolean", "description": "Optional. Whether to disable the inference of data type for CSV data. If true, all columns will be registered as strings." }, "encoding": { "type": "string", "description": "Optional. The character encoding of the data. The default is UTF-8." }, "headerRows": { "type": "integer", "description": "Optional. The number of rows to interpret as header rows that should be skipped when reading data rows." } }, "type": "object", "required": [ "delimiter", "disableTypeInference", "encoding", "headerRows" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1ZoneDiscoverySpecJsonOptions": { "description": "Describe JSON data format.", "properties": { "disableTypeInference": { "type": "boolean", "description": "Optional. Whether to disable the inference of data type for Json data. If true, all columns will be registered as their primitive types (strings, number or boolean)." }, "encoding": { "type": "string", "description": "Optional. The character encoding of the data. The default is UTF-8." } }, "type": "object" }, "google-native:dataplex/v1:GoogleCloudDataplexV1ZoneDiscoverySpecJsonOptionsResponse": { "description": "Describe JSON data format.", "properties": { "disableTypeInference": { "type": "boolean", "description": "Optional. Whether to disable the inference of data type for Json data. If true, all columns will be registered as their primitive types (strings, number or boolean)." }, "encoding": { "type": "string", "description": "Optional. The character encoding of the data. The default is UTF-8." } }, "type": "object", "required": [ "disableTypeInference", "encoding" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1ZoneDiscoverySpecResponse": { "description": "Settings to manage the metadata discovery and publishing in a zone.", "properties": { "csvOptions": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1ZoneDiscoverySpecCsvOptionsResponse", "description": "Optional. Configuration for CSV data." }, "enabled": { "type": "boolean", "description": "Whether discovery is enabled." }, "excludePatterns": { "type": "array", "items": { "type": "string" }, "description": "Optional. The list of patterns to apply for selecting data to exclude during discovery. For Cloud Storage bucket assets, these are interpreted as glob patterns used to match object names. For BigQuery dataset assets, these are interpreted as patterns to match table names." }, "includePatterns": { "type": "array", "items": { "type": "string" }, "description": "Optional. The list of patterns to apply for selecting data to include during discovery if only a subset of the data should considered. For Cloud Storage bucket assets, these are interpreted as glob patterns used to match object names. For BigQuery dataset assets, these are interpreted as patterns to match table names." }, "jsonOptions": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1ZoneDiscoverySpecJsonOptionsResponse", "description": "Optional. Configuration for Json data." }, "schedule": { "type": "string", "description": "Optional. Cron schedule (https://en.wikipedia.org/wiki/Cron) for running discovery periodically. Successive discovery runs must be scheduled at least 60 minutes apart. The default value is to run discovery every 60 minutes. To explicitly set a timezone to the cron tab, apply a prefix in the cron tab: \"CRON_TZ=${IANA_TIME_ZONE}\" or TZ=${IANA_TIME_ZONE}\". The ${IANA_TIME_ZONE} may only be a valid string from IANA time zone database. For example, CRON_TZ=America/New_York 1 * * * *, or TZ=America/New_York 1 * * * *." } }, "type": "object", "required": [ "csvOptions", "enabled", "excludePatterns", "includePatterns", "jsonOptions", "schedule" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1ZoneResourceSpec": { "description": "Settings for resources attached as assets within a zone.", "properties": { "locationType": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleCloudDataplexV1ZoneResourceSpecLocationType", "description": "Immutable. The location type of the resources that are allowed to be attached to the assets within this zone." } }, "type": "object", "required": [ "locationType" ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1ZoneResourceSpecLocationType": { "description": "Required. Immutable. The location type of the resources that are allowed to be attached to the assets within this zone.", "type": "string", "enum": [ { "name": "LocationTypeUnspecified", "description": "Unspecified location type.", "value": "LOCATION_TYPE_UNSPECIFIED" }, { "name": "SingleRegion", "description": "Resources that are associated with a single region.", "value": "SINGLE_REGION" }, { "name": "MultiRegion", "description": "Resources that are associated with a multi-region location.", "value": "MULTI_REGION" } ] }, "google-native:dataplex/v1:GoogleCloudDataplexV1ZoneResourceSpecResponse": { "description": "Settings for resources attached as assets within a zone.", "properties": { "locationType": { "type": "string", "description": "Immutable. The location type of the resources that are allowed to be attached to the assets within this zone." } }, "type": "object", "required": [ "locationType" ] }, "google-native:dataplex/v1:GoogleIamV1AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.If there are AuditConfigs for both allServices and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleIamV1AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, storage.googleapis.com, cloudsql.googleapis.com. allServices is a special value that covers all services." } }, "type": "object" }, "google-native:dataplex/v1:GoogleIamV1AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.If there are AuditConfigs for both allServices and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted.Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleIamV1AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, storage.googleapis.com, cloudsql.googleapis.com. allServices is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:dataplex/v1:GoogleIamV1AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleIamV1AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:dataplex/v1:GoogleIamV1AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:dataplex/v1:GoogleIamV1AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:dataplex/v1:GoogleIamV1Binding": { "description": "Associates members, or principals, with a role.", "properties": { "condition": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleTypeExpr", "description": "The condition that is associated with this binding.If the condition evaluates to true, then this binding applies to the current request.If the condition evaluates to false, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding.To learn which resources support conditions in their IAM policies, see the IAM documentation (https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a Google service account. For example, my-other-app@appspot.gserviceaccount.com. serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]: An identifier for a Kubernetes service account (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, my-project.svc.id.goog[my-namespace/my-kubernetes-sa]. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of members, or principals. For example, roles/viewer, roles/editor, or roles/owner." } }, "type": "object" }, "google-native:dataplex/v1:GoogleIamV1BindingResponse": { "description": "Associates members, or principals, with a role.", "properties": { "condition": { "$ref": "#/types/google-native:dataplex%2Fv1:GoogleTypeExprResponse", "description": "The condition that is associated with this binding.If the condition evaluates to true, then this binding applies to the current request.If the condition evaluates to false, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding.To learn which resources support conditions in their IAM policies, see the IAM documentation (https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a Google service account. For example, my-other-app@appspot.gserviceaccount.com. serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]: An identifier for a Kubernetes service account (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, my-project.svc.id.goog[my-namespace/my-kubernetes-sa]. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of members, or principals. For example, roles/viewer, roles/editor, or roles/owner." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:dataplex/v1:GoogleTypeExpr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec.Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:dataplex/v1:GoogleTypeExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec.Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:dataplex/v1:ZoneType": { "description": "Required. Immutable. The type of the zone.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Zone type not specified.", "value": "TYPE_UNSPECIFIED" }, { "name": "Raw", "description": "A zone that contains data that needs further processing before it is considered generally ready for consumption and analytics workloads.", "value": "RAW" }, { "name": "Curated", "description": "A zone that contains data that is considered to be ready for broader consumption and analytics workloads. Curated structured data stored in Cloud Storage must conform to certain file formats (parquet, avro and orc) and organized in a hive-compatible directory layout.", "value": "CURATED" } ] }, "google-native:dataproc/v1:AcceleratorConfig": { "description": "Specifies the type and number of accelerator cards attached to the instances of an instance. See GPUs on Compute Engine (https://cloud.google.com/compute/docs/gpus/).", "properties": { "acceleratorCount": { "type": "integer", "description": "The number of the accelerator cards of this type exposed to this instance." }, "acceleratorTypeUri": { "type": "string", "description": "Full URL, partial URI, or short name of the accelerator type resource to expose to this instance. See Compute Engine AcceleratorTypes (https://cloud.google.com/compute/docs/reference/v1/acceleratorTypes).Examples: https://www.googleapis.com/compute/v1/projects/[project_id]/zones/[zone]/acceleratorTypes/nvidia-tesla-k80 projects/[project_id]/zones/[zone]/acceleratorTypes/nvidia-tesla-k80 nvidia-tesla-k80Auto Zone Exception: If you are using the Dataproc Auto Zone Placement (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/auto-zone#using_auto_zone_placement) feature, you must use the short name of the accelerator type resource, for example, nvidia-tesla-k80." } }, "type": "object" }, "google-native:dataproc/v1:AcceleratorConfigResponse": { "description": "Specifies the type and number of accelerator cards attached to the instances of an instance. See GPUs on Compute Engine (https://cloud.google.com/compute/docs/gpus/).", "properties": { "acceleratorCount": { "type": "integer", "description": "The number of the accelerator cards of this type exposed to this instance." }, "acceleratorTypeUri": { "type": "string", "description": "Full URL, partial URI, or short name of the accelerator type resource to expose to this instance. See Compute Engine AcceleratorTypes (https://cloud.google.com/compute/docs/reference/v1/acceleratorTypes).Examples: https://www.googleapis.com/compute/v1/projects/[project_id]/zones/[zone]/acceleratorTypes/nvidia-tesla-k80 projects/[project_id]/zones/[zone]/acceleratorTypes/nvidia-tesla-k80 nvidia-tesla-k80Auto Zone Exception: If you are using the Dataproc Auto Zone Placement (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/auto-zone#using_auto_zone_placement) feature, you must use the short name of the accelerator type resource, for example, nvidia-tesla-k80." } }, "type": "object", "required": [ "acceleratorCount", "acceleratorTypeUri" ] }, "google-native:dataproc/v1:AutoscalingConfig": { "description": "Autoscaling Policy config associated with the cluster.", "properties": { "policyUri": { "type": "string", "description": "Optional. The autoscaling policy used by the cluster.Only resource names including projectid and location (region) are valid. Examples: https://www.googleapis.com/compute/v1/projects/[project_id]/locations/[dataproc_region]/autoscalingPolicies/[policy_id] projects/[project_id]/locations/[dataproc_region]/autoscalingPolicies/[policy_id]Note that the policy must be in the same project and Dataproc region." } }, "type": "object" }, "google-native:dataproc/v1:AutoscalingConfigResponse": { "description": "Autoscaling Policy config associated with the cluster.", "properties": { "policyUri": { "type": "string", "description": "Optional. The autoscaling policy used by the cluster.Only resource names including projectid and location (region) are valid. Examples: https://www.googleapis.com/compute/v1/projects/[project_id]/locations/[dataproc_region]/autoscalingPolicies/[policy_id] projects/[project_id]/locations/[dataproc_region]/autoscalingPolicies/[policy_id]Note that the policy must be in the same project and Dataproc region." } }, "type": "object", "required": [ "policyUri" ] }, "google-native:dataproc/v1:AuxiliaryNodeGroup": { "description": "Node group identification and configuration information.", "properties": { "nodeGroup": { "$ref": "#/types/google-native:dataproc%2Fv1:NodeGroup", "description": "Node group configuration." }, "nodeGroupId": { "type": "string", "description": "Optional. A node group ID. Generated if not specified.The ID must contain only letters (a-z, A-Z), numbers (0-9), underscores (_), and hyphens (-). Cannot begin or end with underscore or hyphen. Must consist of from 3 to 33 characters." } }, "type": "object", "required": [ "nodeGroup" ] }, "google-native:dataproc/v1:AuxiliaryNodeGroupResponse": { "description": "Node group identification and configuration information.", "properties": { "nodeGroup": { "$ref": "#/types/google-native:dataproc%2Fv1:NodeGroupResponse", "description": "Node group configuration." }, "nodeGroupId": { "type": "string", "description": "Optional. A node group ID. Generated if not specified.The ID must contain only letters (a-z, A-Z), numbers (0-9), underscores (_), and hyphens (-). Cannot begin or end with underscore or hyphen. Must consist of from 3 to 33 characters." } }, "type": "object", "required": [ "nodeGroup", "nodeGroupId" ] }, "google-native:dataproc/v1:AuxiliaryServicesConfig": { "description": "Auxiliary services configuration for a Cluster.", "properties": { "metastoreConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:MetastoreConfig", "description": "Optional. The Hive Metastore configuration for this workload." }, "sparkHistoryServerConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:SparkHistoryServerConfig", "description": "Optional. The Spark History Server configuration for the workload." } }, "type": "object" }, "google-native:dataproc/v1:AuxiliaryServicesConfigResponse": { "description": "Auxiliary services configuration for a Cluster.", "properties": { "metastoreConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:MetastoreConfigResponse", "description": "Optional. The Hive Metastore configuration for this workload." }, "sparkHistoryServerConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:SparkHistoryServerConfigResponse", "description": "Optional. The Spark History Server configuration for the workload." } }, "type": "object", "required": [ "metastoreConfig", "sparkHistoryServerConfig" ] }, "google-native:dataproc/v1:BasicAutoscalingAlgorithm": { "description": "Basic algorithm for autoscaling.", "properties": { "cooldownPeriod": { "type": "string", "description": "Optional. Duration between scaling events. A scaling period starts after the update operation from the previous event has completed.Bounds: 2m, 1d. Default: 2m." }, "sparkStandaloneConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:SparkStandaloneAutoscalingConfig", "description": "Optional. Spark Standalone autoscaling configuration" }, "yarnConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:BasicYarnAutoscalingConfig", "description": "Optional. YARN autoscaling configuration." } }, "type": "object" }, "google-native:dataproc/v1:BasicAutoscalingAlgorithmResponse": { "description": "Basic algorithm for autoscaling.", "properties": { "cooldownPeriod": { "type": "string", "description": "Optional. Duration between scaling events. A scaling period starts after the update operation from the previous event has completed.Bounds: 2m, 1d. Default: 2m." }, "sparkStandaloneConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:SparkStandaloneAutoscalingConfigResponse", "description": "Optional. Spark Standalone autoscaling configuration" }, "yarnConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:BasicYarnAutoscalingConfigResponse", "description": "Optional. YARN autoscaling configuration." } }, "type": "object", "required": [ "cooldownPeriod", "sparkStandaloneConfig", "yarnConfig" ] }, "google-native:dataproc/v1:BasicYarnAutoscalingConfig": { "description": "Basic autoscaling configurations for YARN.", "properties": { "gracefulDecommissionTimeout": { "type": "string", "description": "Timeout for YARN graceful decommissioning of Node Managers. Specifies the duration to wait for jobs to complete before forcefully removing workers (and potentially interrupting jobs). Only applicable to downscaling operations.Bounds: 0s, 1d." }, "scaleDownFactor": { "type": "number", "description": "Fraction of average YARN pending memory in the last cooldown period for which to remove workers. A scale-down factor of 1 will result in scaling down so that there is no available memory remaining after the update (more aggressive scaling). A scale-down factor of 0 disables removing workers, which can be beneficial for autoscaling a single job. See How autoscaling works (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/autoscaling#how_autoscaling_works) for more information.Bounds: 0.0, 1.0." }, "scaleDownMinWorkerFraction": { "type": "number", "description": "Optional. Minimum scale-down threshold as a fraction of total cluster size before scaling occurs. For example, in a 20-worker cluster, a threshold of 0.1 means the autoscaler must recommend at least a 2 worker scale-down for the cluster to scale. A threshold of 0 means the autoscaler will scale down on any recommended change.Bounds: 0.0, 1.0. Default: 0.0." }, "scaleUpFactor": { "type": "number", "description": "Fraction of average YARN pending memory in the last cooldown period for which to add workers. A scale-up factor of 1.0 will result in scaling up so that there is no pending memory remaining after the update (more aggressive scaling). A scale-up factor closer to 0 will result in a smaller magnitude of scaling up (less aggressive scaling). See How autoscaling works (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/autoscaling#how_autoscaling_works) for more information.Bounds: 0.0, 1.0." }, "scaleUpMinWorkerFraction": { "type": "number", "description": "Optional. Minimum scale-up threshold as a fraction of total cluster size before scaling occurs. For example, in a 20-worker cluster, a threshold of 0.1 means the autoscaler must recommend at least a 2-worker scale-up for the cluster to scale. A threshold of 0 means the autoscaler will scale up on any recommended change.Bounds: 0.0, 1.0. Default: 0.0." } }, "type": "object", "required": [ "gracefulDecommissionTimeout", "scaleDownFactor", "scaleUpFactor" ] }, "google-native:dataproc/v1:BasicYarnAutoscalingConfigResponse": { "description": "Basic autoscaling configurations for YARN.", "properties": { "gracefulDecommissionTimeout": { "type": "string", "description": "Timeout for YARN graceful decommissioning of Node Managers. Specifies the duration to wait for jobs to complete before forcefully removing workers (and potentially interrupting jobs). Only applicable to downscaling operations.Bounds: 0s, 1d." }, "scaleDownFactor": { "type": "number", "description": "Fraction of average YARN pending memory in the last cooldown period for which to remove workers. A scale-down factor of 1 will result in scaling down so that there is no available memory remaining after the update (more aggressive scaling). A scale-down factor of 0 disables removing workers, which can be beneficial for autoscaling a single job. See How autoscaling works (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/autoscaling#how_autoscaling_works) for more information.Bounds: 0.0, 1.0." }, "scaleDownMinWorkerFraction": { "type": "number", "description": "Optional. Minimum scale-down threshold as a fraction of total cluster size before scaling occurs. For example, in a 20-worker cluster, a threshold of 0.1 means the autoscaler must recommend at least a 2 worker scale-down for the cluster to scale. A threshold of 0 means the autoscaler will scale down on any recommended change.Bounds: 0.0, 1.0. Default: 0.0." }, "scaleUpFactor": { "type": "number", "description": "Fraction of average YARN pending memory in the last cooldown period for which to add workers. A scale-up factor of 1.0 will result in scaling up so that there is no pending memory remaining after the update (more aggressive scaling). A scale-up factor closer to 0 will result in a smaller magnitude of scaling up (less aggressive scaling). See How autoscaling works (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/autoscaling#how_autoscaling_works) for more information.Bounds: 0.0, 1.0." }, "scaleUpMinWorkerFraction": { "type": "number", "description": "Optional. Minimum scale-up threshold as a fraction of total cluster size before scaling occurs. For example, in a 20-worker cluster, a threshold of 0.1 means the autoscaler must recommend at least a 2-worker scale-up for the cluster to scale. A threshold of 0 means the autoscaler will scale up on any recommended change.Bounds: 0.0, 1.0. Default: 0.0." } }, "type": "object", "required": [ "gracefulDecommissionTimeout", "scaleDownFactor", "scaleDownMinWorkerFraction", "scaleUpFactor", "scaleUpMinWorkerFraction" ] }, "google-native:dataproc/v1:Binding": { "description": "Associates members, or principals, with a role.", "properties": { "condition": { "$ref": "#/types/google-native:dataproc%2Fv1:Expr", "description": "The condition that is associated with this binding.If the condition evaluates to true, then this binding applies to the current request.If the condition evaluates to false, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding.To learn which resources support conditions in their IAM policies, see the IAM documentation (https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a Google service account. For example, my-other-app@appspot.gserviceaccount.com. serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]: An identifier for a Kubernetes service account (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, my-project.svc.id.goog[my-namespace/my-kubernetes-sa]. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of members, or principals. For example, roles/viewer, roles/editor, or roles/owner." } }, "type": "object" }, "google-native:dataproc/v1:BindingResponse": { "description": "Associates members, or principals, with a role.", "properties": { "condition": { "$ref": "#/types/google-native:dataproc%2Fv1:ExprResponse", "description": "The condition that is associated with this binding.If the condition evaluates to true, then this binding applies to the current request.If the condition evaluates to false, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding.To learn which resources support conditions in their IAM policies, see the IAM documentation (https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a Google service account. For example, my-other-app@appspot.gserviceaccount.com. serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]: An identifier for a Kubernetes service account (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, my-project.svc.id.goog[my-namespace/my-kubernetes-sa]. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of members, or principals. For example, roles/viewer, roles/editor, or roles/owner." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:dataproc/v1:ClusterConfig": { "description": "The cluster config.", "properties": { "autoscalingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:AutoscalingConfig", "description": "Optional. Autoscaling config for the policy associated with the cluster. Cluster does not autoscale if this field is unset." }, "auxiliaryNodeGroups": { "type": "array", "items": { "$ref": "#/types/google-native:dataproc%2Fv1:AuxiliaryNodeGroup" }, "description": "Optional. The node group settings." }, "configBucket": { "type": "string", "description": "Optional. A Cloud Storage bucket used to stage job dependencies, config files, and job driver console output. If you do not specify a staging bucket, Cloud Dataproc will determine a Cloud Storage location (US, ASIA, or EU) for your cluster's staging bucket according to the Compute Engine zone where your cluster is deployed, and then create and manage this project-level, per-location bucket (see Dataproc staging and temp buckets (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/staging-bucket)). This field requires a Cloud Storage bucket name, not a gs://... URI to a Cloud Storage bucket." }, "dataprocMetricConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:DataprocMetricConfig", "description": "Optional. The config for Dataproc metrics." }, "encryptionConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:EncryptionConfig", "description": "Optional. Encryption settings for the cluster." }, "endpointConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:EndpointConfig", "description": "Optional. Port/endpoint configuration for this cluster" }, "gceClusterConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:GceClusterConfig", "description": "Optional. The shared Compute Engine config settings for all instances in a cluster." }, "gkeClusterConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:GkeClusterConfig", "description": "Optional. BETA. The Kubernetes Engine config for Dataproc clusters deployed to The Kubernetes Engine config for Dataproc clusters deployed to Kubernetes. These config settings are mutually exclusive with Compute Engine-based options, such as gce_cluster_config, master_config, worker_config, secondary_worker_config, and autoscaling_config." }, "initializationActions": { "type": "array", "items": { "$ref": "#/types/google-native:dataproc%2Fv1:NodeInitializationAction" }, "description": "Optional. Commands to execute on each node after config is completed. By default, executables are run on master and all worker nodes. You can test a node's role metadata to run an executable on a master or worker node, as shown below using curl (you can also use wget): ROLE=$(curl -H Metadata-Flavor:Google http://metadata/computeMetadata/v1/instance/attributes/dataproc-role) if [[ \"${ROLE}\" == 'Master' ]]; then ... master specific actions ... else ... worker specific actions ... fi " }, "lifecycleConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:LifecycleConfig", "description": "Optional. Lifecycle setting for the cluster." }, "masterConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:InstanceGroupConfig", "description": "Optional. The Compute Engine config settings for the cluster's master instance." }, "metastoreConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:MetastoreConfig", "description": "Optional. Metastore configuration." }, "secondaryWorkerConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:InstanceGroupConfig", "description": "Optional. The Compute Engine config settings for a cluster's secondary worker instances" }, "securityConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:SecurityConfig", "description": "Optional. Security settings for the cluster." }, "softwareConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:SoftwareConfig", "description": "Optional. The config settings for cluster software." }, "tempBucket": { "type": "string", "description": "Optional. A Cloud Storage bucket used to store ephemeral cluster and jobs data, such as Spark and MapReduce history files. If you do not specify a temp bucket, Dataproc will determine a Cloud Storage location (US, ASIA, or EU) for your cluster's temp bucket according to the Compute Engine zone where your cluster is deployed, and then create and manage this project-level, per-location bucket. The default bucket has a TTL of 90 days, but you can use any TTL (or none) if you specify a bucket (see Dataproc staging and temp buckets (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/staging-bucket)). This field requires a Cloud Storage bucket name, not a gs://... URI to a Cloud Storage bucket." }, "workerConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:InstanceGroupConfig", "description": "Optional. The Compute Engine config settings for the cluster's worker instances." } }, "type": "object" }, "google-native:dataproc/v1:ClusterConfigResponse": { "description": "The cluster config.", "properties": { "autoscalingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:AutoscalingConfigResponse", "description": "Optional. Autoscaling config for the policy associated with the cluster. Cluster does not autoscale if this field is unset." }, "auxiliaryNodeGroups": { "type": "array", "items": { "$ref": "#/types/google-native:dataproc%2Fv1:AuxiliaryNodeGroupResponse" }, "description": "Optional. The node group settings." }, "configBucket": { "type": "string", "description": "Optional. A Cloud Storage bucket used to stage job dependencies, config files, and job driver console output. If you do not specify a staging bucket, Cloud Dataproc will determine a Cloud Storage location (US, ASIA, or EU) for your cluster's staging bucket according to the Compute Engine zone where your cluster is deployed, and then create and manage this project-level, per-location bucket (see Dataproc staging and temp buckets (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/staging-bucket)). This field requires a Cloud Storage bucket name, not a gs://... URI to a Cloud Storage bucket." }, "dataprocMetricConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:DataprocMetricConfigResponse", "description": "Optional. The config for Dataproc metrics." }, "encryptionConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:EncryptionConfigResponse", "description": "Optional. Encryption settings for the cluster." }, "endpointConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:EndpointConfigResponse", "description": "Optional. Port/endpoint configuration for this cluster" }, "gceClusterConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:GceClusterConfigResponse", "description": "Optional. The shared Compute Engine config settings for all instances in a cluster." }, "gkeClusterConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:GkeClusterConfigResponse", "description": "Optional. BETA. The Kubernetes Engine config for Dataproc clusters deployed to The Kubernetes Engine config for Dataproc clusters deployed to Kubernetes. These config settings are mutually exclusive with Compute Engine-based options, such as gce_cluster_config, master_config, worker_config, secondary_worker_config, and autoscaling_config." }, "initializationActions": { "type": "array", "items": { "$ref": "#/types/google-native:dataproc%2Fv1:NodeInitializationActionResponse" }, "description": "Optional. Commands to execute on each node after config is completed. By default, executables are run on master and all worker nodes. You can test a node's role metadata to run an executable on a master or worker node, as shown below using curl (you can also use wget): ROLE=$(curl -H Metadata-Flavor:Google http://metadata/computeMetadata/v1/instance/attributes/dataproc-role) if [[ \"${ROLE}\" == 'Master' ]]; then ... master specific actions ... else ... worker specific actions ... fi " }, "lifecycleConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:LifecycleConfigResponse", "description": "Optional. Lifecycle setting for the cluster." }, "masterConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:InstanceGroupConfigResponse", "description": "Optional. The Compute Engine config settings for the cluster's master instance." }, "metastoreConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:MetastoreConfigResponse", "description": "Optional. Metastore configuration." }, "secondaryWorkerConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:InstanceGroupConfigResponse", "description": "Optional. The Compute Engine config settings for a cluster's secondary worker instances" }, "securityConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:SecurityConfigResponse", "description": "Optional. Security settings for the cluster." }, "softwareConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:SoftwareConfigResponse", "description": "Optional. The config settings for cluster software." }, "tempBucket": { "type": "string", "description": "Optional. A Cloud Storage bucket used to store ephemeral cluster and jobs data, such as Spark and MapReduce history files. If you do not specify a temp bucket, Dataproc will determine a Cloud Storage location (US, ASIA, or EU) for your cluster's temp bucket according to the Compute Engine zone where your cluster is deployed, and then create and manage this project-level, per-location bucket. The default bucket has a TTL of 90 days, but you can use any TTL (or none) if you specify a bucket (see Dataproc staging and temp buckets (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/staging-bucket)). This field requires a Cloud Storage bucket name, not a gs://... URI to a Cloud Storage bucket." }, "workerConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:InstanceGroupConfigResponse", "description": "Optional. The Compute Engine config settings for the cluster's worker instances." } }, "type": "object", "required": [ "autoscalingConfig", "auxiliaryNodeGroups", "configBucket", "dataprocMetricConfig", "encryptionConfig", "endpointConfig", "gceClusterConfig", "gkeClusterConfig", "initializationActions", "lifecycleConfig", "masterConfig", "metastoreConfig", "secondaryWorkerConfig", "securityConfig", "softwareConfig", "tempBucket", "workerConfig" ] }, "google-native:dataproc/v1:ClusterMetricsResponse": { "description": "Contains cluster daemon metrics, such as HDFS and YARN stats.Beta Feature: This report is available for testing purposes only. It may be changed before final release.", "properties": { "hdfsMetrics": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The HDFS metrics." }, "yarnMetrics": { "type": "object", "additionalProperties": { "type": "string" }, "description": "YARN metrics." } }, "type": "object", "required": [ "hdfsMetrics", "yarnMetrics" ] }, "google-native:dataproc/v1:ClusterSelector": { "description": "A selector that chooses target cluster for jobs based on metadata.", "properties": { "clusterLabels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The cluster labels. Cluster must have all labels to match." }, "zone": { "type": "string", "description": "Optional. The zone where workflow process executes. This parameter does not affect the selection of the cluster.If unspecified, the zone of the first cluster matching the selector is used." } }, "type": "object", "required": [ "clusterLabels" ] }, "google-native:dataproc/v1:ClusterSelectorResponse": { "description": "A selector that chooses target cluster for jobs based on metadata.", "properties": { "clusterLabels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The cluster labels. Cluster must have all labels to match." }, "zone": { "type": "string", "description": "Optional. The zone where workflow process executes. This parameter does not affect the selection of the cluster.If unspecified, the zone of the first cluster matching the selector is used." } }, "type": "object", "required": [ "clusterLabels", "zone" ] }, "google-native:dataproc/v1:ClusterStatusResponse": { "description": "The status of a cluster and its instances.", "properties": { "detail": { "type": "string", "description": "Optional. Output only. Details of cluster's state." }, "state": { "type": "string", "description": "The cluster's state." }, "stateStartTime": { "type": "string", "description": "Time when this state was entered (see JSON representation of Timestamp (https://developers.google.com/protocol-buffers/docs/proto3#json))." }, "substate": { "type": "string", "description": "Additional state information that includes status reported by the agent." } }, "type": "object", "required": [ "detail", "state", "stateStartTime", "substate" ] }, "google-native:dataproc/v1:ConfidentialInstanceConfig": { "description": "Confidential Instance Config for clusters using Confidential VMs (https://cloud.google.com/compute/confidential-vm/docs)", "properties": { "enableConfidentialCompute": { "type": "boolean", "description": "Optional. Defines whether the instance should have confidential compute enabled." } }, "type": "object" }, "google-native:dataproc/v1:ConfidentialInstanceConfigResponse": { "description": "Confidential Instance Config for clusters using Confidential VMs (https://cloud.google.com/compute/confidential-vm/docs)", "properties": { "enableConfidentialCompute": { "type": "boolean", "description": "Optional. Defines whether the instance should have confidential compute enabled." } }, "type": "object", "required": [ "enableConfidentialCompute" ] }, "google-native:dataproc/v1:DataprocMetricConfig": { "description": "Dataproc metric config.", "properties": { "metrics": { "type": "array", "items": { "$ref": "#/types/google-native:dataproc%2Fv1:Metric" }, "description": "Metrics sources to enable." } }, "type": "object", "required": [ "metrics" ] }, "google-native:dataproc/v1:DataprocMetricConfigResponse": { "description": "Dataproc metric config.", "properties": { "metrics": { "type": "array", "items": { "$ref": "#/types/google-native:dataproc%2Fv1:MetricResponse" }, "description": "Metrics sources to enable." } }, "type": "object", "required": [ "metrics" ] }, "google-native:dataproc/v1:DiskConfig": { "description": "Specifies the config of disk options for a group of VM instances.", "properties": { "bootDiskSizeGb": { "type": "integer", "description": "Optional. Size in GB of the boot disk (default is 500GB)." }, "bootDiskType": { "type": "string", "description": "Optional. Type of the boot disk (default is \"pd-standard\"). Valid values: \"pd-balanced\" (Persistent Disk Balanced Solid State Drive), \"pd-ssd\" (Persistent Disk Solid State Drive), or \"pd-standard\" (Persistent Disk Hard Disk Drive). See Disk types (https://cloud.google.com/compute/docs/disks#disk-types)." }, "localSsdInterface": { "type": "string", "description": "Optional. Interface type of local SSDs (default is \"scsi\"). Valid values: \"scsi\" (Small Computer System Interface), \"nvme\" (Non-Volatile Memory Express). See local SSD performance (https://cloud.google.com/compute/docs/disks/local-ssd#performance)." }, "numLocalSsds": { "type": "integer", "description": "Optional. Number of attached SSDs, from 0 to 8 (default is 0). If SSDs are not attached, the boot disk is used to store runtime logs and HDFS (https://hadoop.apache.org/docs/r1.2.1/hdfs_user_guide.html) data. If one or more SSDs are attached, this runtime bulk data is spread across them, and the boot disk contains only basic config and installed binaries.Note: Local SSD options may vary by machine type and number of vCPUs selected." } }, "type": "object" }, "google-native:dataproc/v1:DiskConfigResponse": { "description": "Specifies the config of disk options for a group of VM instances.", "properties": { "bootDiskSizeGb": { "type": "integer", "description": "Optional. Size in GB of the boot disk (default is 500GB)." }, "bootDiskType": { "type": "string", "description": "Optional. Type of the boot disk (default is \"pd-standard\"). Valid values: \"pd-balanced\" (Persistent Disk Balanced Solid State Drive), \"pd-ssd\" (Persistent Disk Solid State Drive), or \"pd-standard\" (Persistent Disk Hard Disk Drive). See Disk types (https://cloud.google.com/compute/docs/disks#disk-types)." }, "localSsdInterface": { "type": "string", "description": "Optional. Interface type of local SSDs (default is \"scsi\"). Valid values: \"scsi\" (Small Computer System Interface), \"nvme\" (Non-Volatile Memory Express). See local SSD performance (https://cloud.google.com/compute/docs/disks/local-ssd#performance)." }, "numLocalSsds": { "type": "integer", "description": "Optional. Number of attached SSDs, from 0 to 8 (default is 0). If SSDs are not attached, the boot disk is used to store runtime logs and HDFS (https://hadoop.apache.org/docs/r1.2.1/hdfs_user_guide.html) data. If one or more SSDs are attached, this runtime bulk data is spread across them, and the boot disk contains only basic config and installed binaries.Note: Local SSD options may vary by machine type and number of vCPUs selected." } }, "type": "object", "required": [ "bootDiskSizeGb", "bootDiskType", "localSsdInterface", "numLocalSsds" ] }, "google-native:dataproc/v1:DriverSchedulingConfig": { "description": "Driver scheduling configuration.", "properties": { "memoryMb": { "type": "integer", "description": "The amount of memory in MB the driver is requesting." }, "vcores": { "type": "integer", "description": "The number of vCPUs the driver is requesting." } }, "type": "object", "required": [ "memoryMb", "vcores" ] }, "google-native:dataproc/v1:DriverSchedulingConfigResponse": { "description": "Driver scheduling configuration.", "properties": { "memoryMb": { "type": "integer", "description": "The amount of memory in MB the driver is requesting." }, "vcores": { "type": "integer", "description": "The number of vCPUs the driver is requesting." } }, "type": "object", "required": [ "memoryMb", "vcores" ] }, "google-native:dataproc/v1:EncryptionConfig": { "description": "Encryption settings for the cluster.", "properties": { "gcePdKmsKeyName": { "type": "string", "description": "Optional. The Cloud KMS key name to use for PD disk encryption for all instances in the cluster." }, "kmsKey": { "type": "string", "description": "Optional. The Cloud KMS key name to use for encrypting customer core content in spanner and cluster PD disk for all instances in the cluster." } }, "type": "object" }, "google-native:dataproc/v1:EncryptionConfigResponse": { "description": "Encryption settings for the cluster.", "properties": { "gcePdKmsKeyName": { "type": "string", "description": "Optional. The Cloud KMS key name to use for PD disk encryption for all instances in the cluster." }, "kmsKey": { "type": "string", "description": "Optional. The Cloud KMS key name to use for encrypting customer core content in spanner and cluster PD disk for all instances in the cluster." } }, "type": "object", "required": [ "gcePdKmsKeyName", "kmsKey" ] }, "google-native:dataproc/v1:EndpointConfig": { "description": "Endpoint config for this cluster", "properties": { "enableHttpPortAccess": { "type": "boolean", "description": "Optional. If true, enable http access to specific ports on the cluster from external sources. Defaults to false." } }, "type": "object" }, "google-native:dataproc/v1:EndpointConfigResponse": { "description": "Endpoint config for this cluster", "properties": { "enableHttpPortAccess": { "type": "boolean", "description": "Optional. If true, enable http access to specific ports on the cluster from external sources. Defaults to false." }, "httpPorts": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of port descriptions to URLs. Will only be populated if enable_http_port_access is true." } }, "type": "object", "required": [ "enableHttpPortAccess", "httpPorts" ] }, "google-native:dataproc/v1:EnvironmentConfig": { "description": "Environment configuration for a workload.", "properties": { "executionConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:ExecutionConfig", "description": "Optional. Execution configuration for a workload." }, "peripheralsConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:PeripheralsConfig", "description": "Optional. Peripherals configuration that workload has access to." } }, "type": "object" }, "google-native:dataproc/v1:EnvironmentConfigResponse": { "description": "Environment configuration for a workload.", "properties": { "executionConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:ExecutionConfigResponse", "description": "Optional. Execution configuration for a workload." }, "peripheralsConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:PeripheralsConfigResponse", "description": "Optional. Peripherals configuration that workload has access to." } }, "type": "object", "required": [ "executionConfig", "peripheralsConfig" ] }, "google-native:dataproc/v1:ExecutionConfig": { "description": "Execution configuration for a workload.", "properties": { "idleTtl": { "type": "string", "description": "Optional. Applies to sessions only. The duration to keep the session alive while it's idling. Exceeding this threshold causes the session to terminate. This field cannot be set on a batch workload. Minimum value is 10 minutes; maximum value is 14 days (see JSON representation of Duration (https://developers.google.com/protocol-buffers/docs/proto3#json)). Defaults to 1 hour if not set. If both ttl and idle_ttl are specified for an interactive session, the conditions are treated as OR conditions: the workload will be terminated when it has been idle for idle_ttl or when ttl has been exceeded, whichever occurs first." }, "kmsKey": { "type": "string", "description": "Optional. The Cloud KMS key to use for encryption." }, "networkTags": { "type": "array", "items": { "type": "string" }, "description": "Optional. Tags used for network traffic control." }, "networkUri": { "type": "string", "description": "Optional. Network URI to connect workload to." }, "serviceAccount": { "type": "string", "description": "Optional. Service account that used to execute workload." }, "stagingBucket": { "type": "string", "description": "Optional. A Cloud Storage bucket used to stage workload dependencies, config files, and store workload output and other ephemeral data, such as Spark history files. If you do not specify a staging bucket, Cloud Dataproc will determine a Cloud Storage location according to the region where your workload is running, and then create and manage project-level, per-location staging and temporary buckets. This field requires a Cloud Storage bucket name, not a gs://... URI to a Cloud Storage bucket." }, "subnetworkUri": { "type": "string", "description": "Optional. Subnetwork URI to connect workload to." }, "ttl": { "type": "string", "description": "Optional. The duration after which the workload will be terminated, specified as the JSON representation for Duration (https://protobuf.dev/programming-guides/proto3/#json). When the workload exceeds this duration, it will be unconditionally terminated without waiting for ongoing work to finish. If ttl is not specified for a batch workload, the workload will be allowed to run until it exits naturally (or run forever without exiting). If ttl is not specified for an interactive session, it defaults to 24 hours. If ttl is not specified for a batch that uses 2.1+ runtime version, it defaults to 4 hours. Minimum value is 10 minutes; maximum value is 14 days. If both ttl and idle_ttl are specified (for an interactive session), the conditions are treated as OR conditions: the workload will be terminated when it has been idle for idle_ttl or when ttl has been exceeded, whichever occurs first." } }, "type": "object" }, "google-native:dataproc/v1:ExecutionConfigResponse": { "description": "Execution configuration for a workload.", "properties": { "idleTtl": { "type": "string", "description": "Optional. Applies to sessions only. The duration to keep the session alive while it's idling. Exceeding this threshold causes the session to terminate. This field cannot be set on a batch workload. Minimum value is 10 minutes; maximum value is 14 days (see JSON representation of Duration (https://developers.google.com/protocol-buffers/docs/proto3#json)). Defaults to 1 hour if not set. If both ttl and idle_ttl are specified for an interactive session, the conditions are treated as OR conditions: the workload will be terminated when it has been idle for idle_ttl or when ttl has been exceeded, whichever occurs first." }, "kmsKey": { "type": "string", "description": "Optional. The Cloud KMS key to use for encryption." }, "networkTags": { "type": "array", "items": { "type": "string" }, "description": "Optional. Tags used for network traffic control." }, "networkUri": { "type": "string", "description": "Optional. Network URI to connect workload to." }, "serviceAccount": { "type": "string", "description": "Optional. Service account that used to execute workload." }, "stagingBucket": { "type": "string", "description": "Optional. A Cloud Storage bucket used to stage workload dependencies, config files, and store workload output and other ephemeral data, such as Spark history files. If you do not specify a staging bucket, Cloud Dataproc will determine a Cloud Storage location according to the region where your workload is running, and then create and manage project-level, per-location staging and temporary buckets. This field requires a Cloud Storage bucket name, not a gs://... URI to a Cloud Storage bucket." }, "subnetworkUri": { "type": "string", "description": "Optional. Subnetwork URI to connect workload to." }, "ttl": { "type": "string", "description": "Optional. The duration after which the workload will be terminated, specified as the JSON representation for Duration (https://protobuf.dev/programming-guides/proto3/#json). When the workload exceeds this duration, it will be unconditionally terminated without waiting for ongoing work to finish. If ttl is not specified for a batch workload, the workload will be allowed to run until it exits naturally (or run forever without exiting). If ttl is not specified for an interactive session, it defaults to 24 hours. If ttl is not specified for a batch that uses 2.1+ runtime version, it defaults to 4 hours. Minimum value is 10 minutes; maximum value is 14 days. If both ttl and idle_ttl are specified (for an interactive session), the conditions are treated as OR conditions: the workload will be terminated when it has been idle for idle_ttl or when ttl has been exceeded, whichever occurs first." } }, "type": "object", "required": [ "idleTtl", "kmsKey", "networkTags", "networkUri", "serviceAccount", "stagingBucket", "subnetworkUri", "ttl" ] }, "google-native:dataproc/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec.Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:dataproc/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec.Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:dataproc/v1:FlinkJob": { "description": "A Dataproc job for running Apache Flink applications on YARN.", "properties": { "args": { "type": "array", "items": { "type": "string" }, "description": "Optional. The arguments to pass to the driver. Do not include arguments, such as --conf, that can be set as job properties, since a collision might occur that causes an incorrect job submission." }, "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of jar files to add to the CLASSPATHs of the Flink driver and tasks." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:LoggingConfig", "description": "Optional. The runtime log config for job execution." }, "mainClass": { "type": "string", "description": "The name of the driver's main class. The jar file that contains the class must be in the default CLASSPATH or specified in jarFileUris." }, "mainJarFileUri": { "type": "string", "description": "The HCFS URI of the jar file that contains the main class." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values, used to configure Flink. Properties that conflict with values set by the Dataproc API might beoverwritten. Can include properties set in/etc/flink/conf/flink-defaults.conf and classes in user code." }, "savepointUri": { "type": "string", "description": "Optional. HCFS URI of the savepoint, which contains the last saved progress for starting the current job." } }, "type": "object" }, "google-native:dataproc/v1:FlinkJobResponse": { "description": "A Dataproc job for running Apache Flink applications on YARN.", "properties": { "args": { "type": "array", "items": { "type": "string" }, "description": "Optional. The arguments to pass to the driver. Do not include arguments, such as --conf, that can be set as job properties, since a collision might occur that causes an incorrect job submission." }, "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of jar files to add to the CLASSPATHs of the Flink driver and tasks." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:LoggingConfigResponse", "description": "Optional. The runtime log config for job execution." }, "mainClass": { "type": "string", "description": "The name of the driver's main class. The jar file that contains the class must be in the default CLASSPATH or specified in jarFileUris." }, "mainJarFileUri": { "type": "string", "description": "The HCFS URI of the jar file that contains the main class." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values, used to configure Flink. Properties that conflict with values set by the Dataproc API might beoverwritten. Can include properties set in/etc/flink/conf/flink-defaults.conf and classes in user code." }, "savepointUri": { "type": "string", "description": "Optional. HCFS URI of the savepoint, which contains the last saved progress for starting the current job." } }, "type": "object", "required": [ "args", "jarFileUris", "loggingConfig", "mainClass", "mainJarFileUri", "properties", "savepointUri" ] }, "google-native:dataproc/v1:GceClusterConfig": { "description": "Common config settings for resources of Compute Engine cluster instances, applicable to all instances in the cluster.", "properties": { "confidentialInstanceConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:ConfidentialInstanceConfig", "description": "Optional. Confidential Instance Config for clusters using Confidential VMs (https://cloud.google.com/compute/confidential-vm/docs)." }, "internalIpOnly": { "type": "boolean", "description": "Optional. If true, all instances in the cluster will only have internal IP addresses. By default, clusters are not restricted to internal IP addresses, and will have ephemeral external IP addresses assigned to each instance. This internal_ip_only restriction can only be enabled for subnetwork enabled networks, and all off-cluster dependencies must be configured to be accessible without external IP addresses." }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. The Compute Engine metadata entries to add to all instances (see Project and instance metadata (https://cloud.google.com/compute/docs/storing-retrieving-metadata#project_and_instance_metadata))." }, "networkUri": { "type": "string", "description": "Optional. The Compute Engine network to be used for machine communications. Cannot be specified with subnetwork_uri. If neither network_uri nor subnetwork_uri is specified, the \"default\" network of the project is used, if it exists. Cannot be a \"Custom Subnet Network\" (see Using Subnetworks (https://cloud.google.com/compute/docs/subnetworks) for more information).A full URL, partial URI, or short name are valid. Examples: https://www.googleapis.com/compute/v1/projects/[project_id]/global/networks/default projects/[project_id]/global/networks/default default" }, "nodeGroupAffinity": { "$ref": "#/types/google-native:dataproc%2Fv1:NodeGroupAffinity", "description": "Optional. Node Group Affinity for sole-tenant clusters." }, "privateIpv6GoogleAccess": { "$ref": "#/types/google-native:dataproc%2Fv1:GceClusterConfigPrivateIpv6GoogleAccess", "description": "Optional. The type of IPv6 access for a cluster." }, "reservationAffinity": { "$ref": "#/types/google-native:dataproc%2Fv1:ReservationAffinity", "description": "Optional. Reservation Affinity for consuming Zonal reservation." }, "serviceAccount": { "type": "string", "description": "Optional. The Dataproc service account (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/service-accounts#service_accounts_in_dataproc) (also see VM Data Plane identity (https://cloud.google.com/dataproc/docs/concepts/iam/dataproc-principals#vm_service_account_data_plane_identity)) used by Dataproc cluster VM instances to access Google Cloud Platform services.If not specified, the Compute Engine default service account (https://cloud.google.com/compute/docs/access/service-accounts#default_service_account) is used." }, "serviceAccountScopes": { "type": "array", "items": { "type": "string" }, "description": "Optional. The URIs of service account scopes to be included in Compute Engine instances. The following base set of scopes is always included: https://www.googleapis.com/auth/cloud.useraccounts.readonly https://www.googleapis.com/auth/devstorage.read_write https://www.googleapis.com/auth/logging.writeIf no scopes are specified, the following defaults are also provided: https://www.googleapis.com/auth/bigquery https://www.googleapis.com/auth/bigtable.admin.table https://www.googleapis.com/auth/bigtable.data https://www.googleapis.com/auth/devstorage.full_control" }, "shieldedInstanceConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:ShieldedInstanceConfig", "description": "Optional. Shielded Instance Config for clusters using Compute Engine Shielded VMs (https://cloud.google.com/security/shielded-cloud/shielded-vm)." }, "subnetworkUri": { "type": "string", "description": "Optional. The Compute Engine subnetwork to be used for machine communications. Cannot be specified with network_uri.A full URL, partial URI, or short name are valid. Examples: https://www.googleapis.com/compute/v1/projects/[project_id]/regions/[region]/subnetworks/sub0 projects/[project_id]/regions/[region]/subnetworks/sub0 sub0" }, "tags": { "type": "array", "items": { "type": "string" }, "description": "The Compute Engine tags to add to all instances (see Tagging instances (https://cloud.google.com/compute/docs/label-or-tag-resources#tags))." }, "zoneUri": { "type": "string", "description": "Optional. The Compute Engine zone where the Dataproc cluster will be located. If omitted, the service will pick a zone in the cluster's Compute Engine region. On a get request, zone will always be present.A full URL, partial URI, or short name are valid. Examples: https://www.googleapis.com/compute/v1/projects/[project_id]/zones/[zone] projects/[project_id]/zones/[zone] [zone]" } }, "type": "object" }, "google-native:dataproc/v1:GceClusterConfigPrivateIpv6GoogleAccess": { "description": "Optional. The type of IPv6 access for a cluster.", "type": "string", "enum": [ { "name": "PrivateIpv6GoogleAccessUnspecified", "description": "If unspecified, Compute Engine default behavior will apply, which is the same as INHERIT_FROM_SUBNETWORK.", "value": "PRIVATE_IPV6_GOOGLE_ACCESS_UNSPECIFIED" }, { "name": "InheritFromSubnetwork", "description": "Private access to and from Google Services configuration inherited from the subnetwork configuration. This is the default Compute Engine behavior.", "value": "INHERIT_FROM_SUBNETWORK" }, { "name": "Outbound", "description": "Enables outbound private IPv6 access to Google Services from the Dataproc cluster.", "value": "OUTBOUND" }, { "name": "Bidirectional", "description": "Enables bidirectional private IPv6 access between Google Services and the Dataproc cluster.", "value": "BIDIRECTIONAL" } ] }, "google-native:dataproc/v1:GceClusterConfigResponse": { "description": "Common config settings for resources of Compute Engine cluster instances, applicable to all instances in the cluster.", "properties": { "confidentialInstanceConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:ConfidentialInstanceConfigResponse", "description": "Optional. Confidential Instance Config for clusters using Confidential VMs (https://cloud.google.com/compute/confidential-vm/docs)." }, "internalIpOnly": { "type": "boolean", "description": "Optional. If true, all instances in the cluster will only have internal IP addresses. By default, clusters are not restricted to internal IP addresses, and will have ephemeral external IP addresses assigned to each instance. This internal_ip_only restriction can only be enabled for subnetwork enabled networks, and all off-cluster dependencies must be configured to be accessible without external IP addresses." }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. The Compute Engine metadata entries to add to all instances (see Project and instance metadata (https://cloud.google.com/compute/docs/storing-retrieving-metadata#project_and_instance_metadata))." }, "networkUri": { "type": "string", "description": "Optional. The Compute Engine network to be used for machine communications. Cannot be specified with subnetwork_uri. If neither network_uri nor subnetwork_uri is specified, the \"default\" network of the project is used, if it exists. Cannot be a \"Custom Subnet Network\" (see Using Subnetworks (https://cloud.google.com/compute/docs/subnetworks) for more information).A full URL, partial URI, or short name are valid. Examples: https://www.googleapis.com/compute/v1/projects/[project_id]/global/networks/default projects/[project_id]/global/networks/default default" }, "nodeGroupAffinity": { "$ref": "#/types/google-native:dataproc%2Fv1:NodeGroupAffinityResponse", "description": "Optional. Node Group Affinity for sole-tenant clusters." }, "privateIpv6GoogleAccess": { "type": "string", "description": "Optional. The type of IPv6 access for a cluster." }, "reservationAffinity": { "$ref": "#/types/google-native:dataproc%2Fv1:ReservationAffinityResponse", "description": "Optional. Reservation Affinity for consuming Zonal reservation." }, "serviceAccount": { "type": "string", "description": "Optional. The Dataproc service account (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/service-accounts#service_accounts_in_dataproc) (also see VM Data Plane identity (https://cloud.google.com/dataproc/docs/concepts/iam/dataproc-principals#vm_service_account_data_plane_identity)) used by Dataproc cluster VM instances to access Google Cloud Platform services.If not specified, the Compute Engine default service account (https://cloud.google.com/compute/docs/access/service-accounts#default_service_account) is used." }, "serviceAccountScopes": { "type": "array", "items": { "type": "string" }, "description": "Optional. The URIs of service account scopes to be included in Compute Engine instances. The following base set of scopes is always included: https://www.googleapis.com/auth/cloud.useraccounts.readonly https://www.googleapis.com/auth/devstorage.read_write https://www.googleapis.com/auth/logging.writeIf no scopes are specified, the following defaults are also provided: https://www.googleapis.com/auth/bigquery https://www.googleapis.com/auth/bigtable.admin.table https://www.googleapis.com/auth/bigtable.data https://www.googleapis.com/auth/devstorage.full_control" }, "shieldedInstanceConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:ShieldedInstanceConfigResponse", "description": "Optional. Shielded Instance Config for clusters using Compute Engine Shielded VMs (https://cloud.google.com/security/shielded-cloud/shielded-vm)." }, "subnetworkUri": { "type": "string", "description": "Optional. The Compute Engine subnetwork to be used for machine communications. Cannot be specified with network_uri.A full URL, partial URI, or short name are valid. Examples: https://www.googleapis.com/compute/v1/projects/[project_id]/regions/[region]/subnetworks/sub0 projects/[project_id]/regions/[region]/subnetworks/sub0 sub0" }, "tags": { "type": "array", "items": { "type": "string" }, "description": "The Compute Engine tags to add to all instances (see Tagging instances (https://cloud.google.com/compute/docs/label-or-tag-resources#tags))." }, "zoneUri": { "type": "string", "description": "Optional. The Compute Engine zone where the Dataproc cluster will be located. If omitted, the service will pick a zone in the cluster's Compute Engine region. On a get request, zone will always be present.A full URL, partial URI, or short name are valid. Examples: https://www.googleapis.com/compute/v1/projects/[project_id]/zones/[zone] projects/[project_id]/zones/[zone] [zone]" } }, "type": "object", "required": [ "confidentialInstanceConfig", "internalIpOnly", "metadata", "networkUri", "nodeGroupAffinity", "privateIpv6GoogleAccess", "reservationAffinity", "serviceAccount", "serviceAccountScopes", "shieldedInstanceConfig", "subnetworkUri", "tags", "zoneUri" ] }, "google-native:dataproc/v1:GkeClusterConfig": { "description": "The cluster's GKE config.", "properties": { "gkeClusterTarget": { "type": "string", "description": "Optional. A target GKE cluster to deploy to. It must be in the same project and region as the Dataproc cluster (the GKE cluster can be zonal or regional). Format: 'projects/{project}/locations/{location}/clusters/{cluster_id}'" }, "namespacedGkeDeploymentTarget": { "$ref": "#/types/google-native:dataproc%2Fv1:NamespacedGkeDeploymentTarget", "description": "Optional. Deprecated. Use gkeClusterTarget. Used only for the deprecated beta. A target for the deployment.", "deprecationMessage": "Optional. Deprecated. Use gkeClusterTarget. Used only for the deprecated beta. A target for the deployment." }, "nodePoolTarget": { "type": "array", "items": { "$ref": "#/types/google-native:dataproc%2Fv1:GkeNodePoolTarget" }, "description": "Optional. GKE node pools where workloads will be scheduled. At least one node pool must be assigned the DEFAULT GkeNodePoolTarget.Role. If a GkeNodePoolTarget is not specified, Dataproc constructs a DEFAULT GkeNodePoolTarget. Each role can be given to only one GkeNodePoolTarget. All node pools must have the same location settings." } }, "type": "object" }, "google-native:dataproc/v1:GkeClusterConfigResponse": { "description": "The cluster's GKE config.", "properties": { "gkeClusterTarget": { "type": "string", "description": "Optional. A target GKE cluster to deploy to. It must be in the same project and region as the Dataproc cluster (the GKE cluster can be zonal or regional). Format: 'projects/{project}/locations/{location}/clusters/{cluster_id}'" }, "namespacedGkeDeploymentTarget": { "$ref": "#/types/google-native:dataproc%2Fv1:NamespacedGkeDeploymentTargetResponse", "description": "Optional. Deprecated. Use gkeClusterTarget. Used only for the deprecated beta. A target for the deployment.", "deprecationMessage": "Optional. Deprecated. Use gkeClusterTarget. Used only for the deprecated beta. A target for the deployment." }, "nodePoolTarget": { "type": "array", "items": { "$ref": "#/types/google-native:dataproc%2Fv1:GkeNodePoolTargetResponse" }, "description": "Optional. GKE node pools where workloads will be scheduled. At least one node pool must be assigned the DEFAULT GkeNodePoolTarget.Role. If a GkeNodePoolTarget is not specified, Dataproc constructs a DEFAULT GkeNodePoolTarget. Each role can be given to only one GkeNodePoolTarget. All node pools must have the same location settings." } }, "type": "object", "required": [ "gkeClusterTarget", "namespacedGkeDeploymentTarget", "nodePoolTarget" ] }, "google-native:dataproc/v1:GkeNodeConfig": { "description": "Parameters that describe cluster nodes.", "properties": { "accelerators": { "type": "array", "items": { "$ref": "#/types/google-native:dataproc%2Fv1:GkeNodePoolAcceleratorConfig" }, "description": "Optional. A list of hardware accelerators (https://cloud.google.com/compute/docs/gpus) to attach to each node." }, "bootDiskKmsKey": { "type": "string", "description": "Optional. The Customer Managed Encryption Key (CMEK) (https://cloud.google.com/kubernetes-engine/docs/how-to/using-cmek) used to encrypt the boot disk attached to each node in the node pool. Specify the key using the following format: projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}" }, "localSsdCount": { "type": "integer", "description": "Optional. The number of local SSD disks to attach to the node, which is limited by the maximum number of disks allowable per zone (see Adding Local SSDs (https://cloud.google.com/compute/docs/disks/local-ssd))." }, "machineType": { "type": "string", "description": "Optional. The name of a Compute Engine machine type (https://cloud.google.com/compute/docs/machine-types)." }, "minCpuPlatform": { "type": "string", "description": "Optional. Minimum CPU platform (https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform) to be used by this instance. The instance may be scheduled on the specified or a newer CPU platform. Specify the friendly names of CPU platforms, such as \"Intel Haswell\"` or Intel Sandy Bridge\"." }, "preemptible": { "type": "boolean", "description": "Optional. Whether the nodes are created as legacy preemptible VM instances (https://cloud.google.com/compute/docs/instances/preemptible). Also see Spot VMs, preemptible VM instances without a maximum lifetime. Legacy and Spot preemptible nodes cannot be used in a node pool with the CONTROLLER role or in the DEFAULT node pool if the CONTROLLER role is not assigned (the DEFAULT node pool will assume the CONTROLLER role)." }, "spot": { "type": "boolean", "description": "Optional. Whether the nodes are created as Spot VM instances (https://cloud.google.com/compute/docs/instances/spot). Spot VMs are the latest update to legacy preemptible VMs. Spot VMs do not have a maximum lifetime. Legacy and Spot preemptible nodes cannot be used in a node pool with the CONTROLLER role or in the DEFAULT node pool if the CONTROLLER role is not assigned (the DEFAULT node pool will assume the CONTROLLER role)." } }, "type": "object" }, "google-native:dataproc/v1:GkeNodeConfigResponse": { "description": "Parameters that describe cluster nodes.", "properties": { "accelerators": { "type": "array", "items": { "$ref": "#/types/google-native:dataproc%2Fv1:GkeNodePoolAcceleratorConfigResponse" }, "description": "Optional. A list of hardware accelerators (https://cloud.google.com/compute/docs/gpus) to attach to each node." }, "bootDiskKmsKey": { "type": "string", "description": "Optional. The Customer Managed Encryption Key (CMEK) (https://cloud.google.com/kubernetes-engine/docs/how-to/using-cmek) used to encrypt the boot disk attached to each node in the node pool. Specify the key using the following format: projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}" }, "localSsdCount": { "type": "integer", "description": "Optional. The number of local SSD disks to attach to the node, which is limited by the maximum number of disks allowable per zone (see Adding Local SSDs (https://cloud.google.com/compute/docs/disks/local-ssd))." }, "machineType": { "type": "string", "description": "Optional. The name of a Compute Engine machine type (https://cloud.google.com/compute/docs/machine-types)." }, "minCpuPlatform": { "type": "string", "description": "Optional. Minimum CPU platform (https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform) to be used by this instance. The instance may be scheduled on the specified or a newer CPU platform. Specify the friendly names of CPU platforms, such as \"Intel Haswell\"` or Intel Sandy Bridge\"." }, "preemptible": { "type": "boolean", "description": "Optional. Whether the nodes are created as legacy preemptible VM instances (https://cloud.google.com/compute/docs/instances/preemptible). Also see Spot VMs, preemptible VM instances without a maximum lifetime. Legacy and Spot preemptible nodes cannot be used in a node pool with the CONTROLLER role or in the DEFAULT node pool if the CONTROLLER role is not assigned (the DEFAULT node pool will assume the CONTROLLER role)." }, "spot": { "type": "boolean", "description": "Optional. Whether the nodes are created as Spot VM instances (https://cloud.google.com/compute/docs/instances/spot). Spot VMs are the latest update to legacy preemptible VMs. Spot VMs do not have a maximum lifetime. Legacy and Spot preemptible nodes cannot be used in a node pool with the CONTROLLER role or in the DEFAULT node pool if the CONTROLLER role is not assigned (the DEFAULT node pool will assume the CONTROLLER role)." } }, "type": "object", "required": [ "accelerators", "bootDiskKmsKey", "localSsdCount", "machineType", "minCpuPlatform", "preemptible", "spot" ] }, "google-native:dataproc/v1:GkeNodePoolAcceleratorConfig": { "description": "A GkeNodeConfigAcceleratorConfig represents a Hardware Accelerator request for a node pool.", "properties": { "acceleratorCount": { "type": "string", "description": "The number of accelerator cards exposed to an instance." }, "acceleratorType": { "type": "string", "description": "The accelerator type resource namename (see GPUs on Compute Engine)." }, "gpuPartitionSize": { "type": "string", "description": "Size of partitions to create on the GPU. Valid values are described in the NVIDIA mig user guide (https://docs.nvidia.com/datacenter/tesla/mig-user-guide/#partitioning)." } }, "type": "object" }, "google-native:dataproc/v1:GkeNodePoolAcceleratorConfigResponse": { "description": "A GkeNodeConfigAcceleratorConfig represents a Hardware Accelerator request for a node pool.", "properties": { "acceleratorCount": { "type": "string", "description": "The number of accelerator cards exposed to an instance." }, "acceleratorType": { "type": "string", "description": "The accelerator type resource namename (see GPUs on Compute Engine)." }, "gpuPartitionSize": { "type": "string", "description": "Size of partitions to create on the GPU. Valid values are described in the NVIDIA mig user guide (https://docs.nvidia.com/datacenter/tesla/mig-user-guide/#partitioning)." } }, "type": "object", "required": [ "acceleratorCount", "acceleratorType", "gpuPartitionSize" ] }, "google-native:dataproc/v1:GkeNodePoolAutoscalingConfig": { "description": "GkeNodePoolAutoscaling contains information the cluster autoscaler needs to adjust the size of the node pool to the current cluster usage.", "properties": { "maxNodeCount": { "type": "integer", "description": "The maximum number of nodes in the node pool. Must be >= min_node_count, and must be > 0. Note: Quota must be sufficient to scale up the cluster." }, "minNodeCount": { "type": "integer", "description": "The minimum number of nodes in the node pool. Must be >= 0 and <= max_node_count." } }, "type": "object" }, "google-native:dataproc/v1:GkeNodePoolAutoscalingConfigResponse": { "description": "GkeNodePoolAutoscaling contains information the cluster autoscaler needs to adjust the size of the node pool to the current cluster usage.", "properties": { "maxNodeCount": { "type": "integer", "description": "The maximum number of nodes in the node pool. Must be >= min_node_count, and must be > 0. Note: Quota must be sufficient to scale up the cluster." }, "minNodeCount": { "type": "integer", "description": "The minimum number of nodes in the node pool. Must be >= 0 and <= max_node_count." } }, "type": "object", "required": [ "maxNodeCount", "minNodeCount" ] }, "google-native:dataproc/v1:GkeNodePoolConfig": { "description": "The configuration of a GKE node pool used by a Dataproc-on-GKE cluster (https://cloud.google.com/dataproc/docs/concepts/jobs/dataproc-gke#create-a-dataproc-on-gke-cluster).", "properties": { "autoscaling": { "$ref": "#/types/google-native:dataproc%2Fv1:GkeNodePoolAutoscalingConfig", "description": "Optional. The autoscaler configuration for this node pool. The autoscaler is enabled only when a valid configuration is present." }, "config": { "$ref": "#/types/google-native:dataproc%2Fv1:GkeNodeConfig", "description": "Optional. The node pool configuration." }, "locations": { "type": "array", "items": { "type": "string" }, "description": "Optional. The list of Compute Engine zones (https://cloud.google.com/compute/docs/zones#available) where node pool nodes associated with a Dataproc on GKE virtual cluster will be located.Note: All node pools associated with a virtual cluster must be located in the same region as the virtual cluster, and they must be located in the same zone within that region.If a location is not specified during node pool creation, Dataproc on GKE will choose the zone." } }, "type": "object" }, "google-native:dataproc/v1:GkeNodePoolConfigResponse": { "description": "The configuration of a GKE node pool used by a Dataproc-on-GKE cluster (https://cloud.google.com/dataproc/docs/concepts/jobs/dataproc-gke#create-a-dataproc-on-gke-cluster).", "properties": { "autoscaling": { "$ref": "#/types/google-native:dataproc%2Fv1:GkeNodePoolAutoscalingConfigResponse", "description": "Optional. The autoscaler configuration for this node pool. The autoscaler is enabled only when a valid configuration is present." }, "config": { "$ref": "#/types/google-native:dataproc%2Fv1:GkeNodeConfigResponse", "description": "Optional. The node pool configuration." }, "locations": { "type": "array", "items": { "type": "string" }, "description": "Optional. The list of Compute Engine zones (https://cloud.google.com/compute/docs/zones#available) where node pool nodes associated with a Dataproc on GKE virtual cluster will be located.Note: All node pools associated with a virtual cluster must be located in the same region as the virtual cluster, and they must be located in the same zone within that region.If a location is not specified during node pool creation, Dataproc on GKE will choose the zone." } }, "type": "object", "required": [ "autoscaling", "config", "locations" ] }, "google-native:dataproc/v1:GkeNodePoolTarget": { "description": "GKE node pools that Dataproc workloads run on.", "properties": { "nodePool": { "type": "string", "description": "The target GKE node pool. Format: 'projects/{project}/locations/{location}/clusters/{cluster}/nodePools/{node_pool}'" }, "nodePoolConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:GkeNodePoolConfig", "description": "Input only. The configuration for the GKE node pool.If specified, Dataproc attempts to create a node pool with the specified shape. If one with the same name already exists, it is verified against all specified fields. If a field differs, the virtual cluster creation will fail.If omitted, any node pool with the specified name is used. If a node pool with the specified name does not exist, Dataproc create a node pool with default values.This is an input only field. It will not be returned by the API." }, "roles": { "type": "array", "items": { "$ref": "#/types/google-native:dataproc%2Fv1:GkeNodePoolTargetRolesItem" }, "description": "The roles associated with the GKE node pool." } }, "type": "object", "required": [ "nodePool", "roles" ] }, "google-native:dataproc/v1:GkeNodePoolTargetResponse": { "description": "GKE node pools that Dataproc workloads run on.", "properties": { "nodePool": { "type": "string", "description": "The target GKE node pool. Format: 'projects/{project}/locations/{location}/clusters/{cluster}/nodePools/{node_pool}'" }, "nodePoolConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:GkeNodePoolConfigResponse", "description": "Input only. The configuration for the GKE node pool.If specified, Dataproc attempts to create a node pool with the specified shape. If one with the same name already exists, it is verified against all specified fields. If a field differs, the virtual cluster creation will fail.If omitted, any node pool with the specified name is used. If a node pool with the specified name does not exist, Dataproc create a node pool with default values.This is an input only field. It will not be returned by the API." }, "roles": { "type": "array", "items": { "type": "string" }, "description": "The roles associated with the GKE node pool." } }, "type": "object", "required": [ "nodePool", "nodePoolConfig", "roles" ] }, "google-native:dataproc/v1:GkeNodePoolTargetRolesItem": { "type": "string", "enum": [ { "name": "RoleUnspecified", "description": "Role is unspecified.", "value": "ROLE_UNSPECIFIED" }, { "name": "Default", "description": "At least one node pool must have the DEFAULT role. Work assigned to a role that is not associated with a node pool is assigned to the node pool with the DEFAULT role. For example, work assigned to the CONTROLLER role will be assigned to the node pool with the DEFAULT role if no node pool has the CONTROLLER role.", "value": "DEFAULT" }, { "name": "Controller", "description": "Run work associated with the Dataproc control plane (for example, controllers and webhooks). Very low resource requirements.", "value": "CONTROLLER" }, { "name": "SparkDriver", "description": "Run work associated with a Spark driver of a job.", "value": "SPARK_DRIVER" }, { "name": "SparkExecutor", "description": "Run work associated with a Spark executor of a job.", "value": "SPARK_EXECUTOR" } ] }, "google-native:dataproc/v1:GoogleCloudDataprocV1WorkflowTemplateEncryptionConfig": { "description": "Encryption settings for the encrypting customer core content. NEXT ID: 2", "properties": { "kmsKey": { "type": "string", "description": "Optional. The Cloud KMS key name to use for encrypting customer core content." } }, "type": "object" }, "google-native:dataproc/v1:GoogleCloudDataprocV1WorkflowTemplateEncryptionConfigResponse": { "description": "Encryption settings for the encrypting customer core content. NEXT ID: 2", "properties": { "kmsKey": { "type": "string", "description": "Optional. The Cloud KMS key name to use for encrypting customer core content." } }, "type": "object", "required": [ "kmsKey" ] }, "google-native:dataproc/v1:HadoopJob": { "description": "A Dataproc job for running Apache Hadoop MapReduce (https://hadoop.apache.org/docs/current/hadoop-mapreduce-client/hadoop-mapreduce-client-core/MapReduceTutorial.html) jobs on Apache Hadoop YARN (https://hadoop.apache.org/docs/r2.7.1/hadoop-yarn/hadoop-yarn-site/YARN.html).", "properties": { "archiveUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of archives to be extracted in the working directory of Hadoop drivers and tasks. Supported file types: .jar, .tar, .tar.gz, .tgz, or .zip." }, "args": { "type": "array", "items": { "type": "string" }, "description": "Optional. The arguments to pass to the driver. Do not include arguments, such as -libjars or -Dfoo=bar, that can be set as job properties, since a collision might occur that causes an incorrect job submission." }, "fileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS (Hadoop Compatible Filesystem) URIs of files to be copied to the working directory of Hadoop drivers and distributed tasks. Useful for naively parallel tasks." }, "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. Jar file URIs to add to the CLASSPATHs of the Hadoop driver and tasks." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:LoggingConfig", "description": "Optional. The runtime log config for job execution." }, "mainClass": { "type": "string", "description": "The name of the driver's main class. The jar file containing the class must be in the default CLASSPATH or specified in jar_file_uris." }, "mainJarFileUri": { "type": "string", "description": "The HCFS URI of the jar file containing the main class. Examples: 'gs://foo-bucket/analytics-binaries/extract-useful-metrics-mr.jar' 'hdfs:/tmp/test-samples/custom-wordcount.jar' 'file:///home/usr/lib/hadoop-mapreduce/hadoop-mapreduce-examples.jar'" }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values, used to configure Hadoop. Properties that conflict with values set by the Dataproc API might be overwritten. Can include properties set in /etc/hadoop/conf/*-site and classes in user code." } }, "type": "object" }, "google-native:dataproc/v1:HadoopJobResponse": { "description": "A Dataproc job for running Apache Hadoop MapReduce (https://hadoop.apache.org/docs/current/hadoop-mapreduce-client/hadoop-mapreduce-client-core/MapReduceTutorial.html) jobs on Apache Hadoop YARN (https://hadoop.apache.org/docs/r2.7.1/hadoop-yarn/hadoop-yarn-site/YARN.html).", "properties": { "archiveUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of archives to be extracted in the working directory of Hadoop drivers and tasks. Supported file types: .jar, .tar, .tar.gz, .tgz, or .zip." }, "args": { "type": "array", "items": { "type": "string" }, "description": "Optional. The arguments to pass to the driver. Do not include arguments, such as -libjars or -Dfoo=bar, that can be set as job properties, since a collision might occur that causes an incorrect job submission." }, "fileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS (Hadoop Compatible Filesystem) URIs of files to be copied to the working directory of Hadoop drivers and distributed tasks. Useful for naively parallel tasks." }, "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. Jar file URIs to add to the CLASSPATHs of the Hadoop driver and tasks." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:LoggingConfigResponse", "description": "Optional. The runtime log config for job execution." }, "mainClass": { "type": "string", "description": "The name of the driver's main class. The jar file containing the class must be in the default CLASSPATH or specified in jar_file_uris." }, "mainJarFileUri": { "type": "string", "description": "The HCFS URI of the jar file containing the main class. Examples: 'gs://foo-bucket/analytics-binaries/extract-useful-metrics-mr.jar' 'hdfs:/tmp/test-samples/custom-wordcount.jar' 'file:///home/usr/lib/hadoop-mapreduce/hadoop-mapreduce-examples.jar'" }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values, used to configure Hadoop. Properties that conflict with values set by the Dataproc API might be overwritten. Can include properties set in /etc/hadoop/conf/*-site and classes in user code." } }, "type": "object", "required": [ "archiveUris", "args", "fileUris", "jarFileUris", "loggingConfig", "mainClass", "mainJarFileUri", "properties" ] }, "google-native:dataproc/v1:HiveJob": { "description": "A Dataproc job for running Apache Hive (https://hive.apache.org/) queries on YARN.", "properties": { "continueOnFailure": { "type": "boolean", "description": "Optional. Whether to continue executing queries if a query fails. The default value is false. Setting to true can be useful when executing independent parallel queries." }, "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of jar files to add to the CLASSPATH of the Hive server and Hadoop MapReduce (MR) tasks. Can contain Hive SerDes and UDFs." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names and values, used to configure Hive. Properties that conflict with values set by the Dataproc API might be overwritten. Can include properties set in /etc/hadoop/conf/*-site.xml, /etc/hive/conf/hive-site.xml, and classes in user code." }, "queryFileUri": { "type": "string", "description": "The HCFS URI of the script that contains Hive queries." }, "queryList": { "$ref": "#/types/google-native:dataproc%2Fv1:QueryList", "description": "A list of queries." }, "scriptVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Mapping of query variable names to values (equivalent to the Hive command: SET name=\"value\";)." } }, "type": "object" }, "google-native:dataproc/v1:HiveJobResponse": { "description": "A Dataproc job for running Apache Hive (https://hive.apache.org/) queries on YARN.", "properties": { "continueOnFailure": { "type": "boolean", "description": "Optional. Whether to continue executing queries if a query fails. The default value is false. Setting to true can be useful when executing independent parallel queries." }, "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of jar files to add to the CLASSPATH of the Hive server and Hadoop MapReduce (MR) tasks. Can contain Hive SerDes and UDFs." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names and values, used to configure Hive. Properties that conflict with values set by the Dataproc API might be overwritten. Can include properties set in /etc/hadoop/conf/*-site.xml, /etc/hive/conf/hive-site.xml, and classes in user code." }, "queryFileUri": { "type": "string", "description": "The HCFS URI of the script that contains Hive queries." }, "queryList": { "$ref": "#/types/google-native:dataproc%2Fv1:QueryListResponse", "description": "A list of queries." }, "scriptVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Mapping of query variable names to values (equivalent to the Hive command: SET name=\"value\";)." } }, "type": "object", "required": [ "continueOnFailure", "jarFileUris", "properties", "queryFileUri", "queryList", "scriptVariables" ] }, "google-native:dataproc/v1:IdentityConfig": { "description": "Identity related configuration, including service account based secure multi-tenancy user mappings.", "properties": { "userServiceAccountMapping": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of user to service account." } }, "type": "object", "required": [ "userServiceAccountMapping" ] }, "google-native:dataproc/v1:IdentityConfigResponse": { "description": "Identity related configuration, including service account based secure multi-tenancy user mappings.", "properties": { "userServiceAccountMapping": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of user to service account." } }, "type": "object", "required": [ "userServiceAccountMapping" ] }, "google-native:dataproc/v1:InstanceFlexibilityPolicy": { "description": "Instance flexibility Policy allowing a mixture of VM shapes and provisioning models.", "properties": { "instanceSelectionList": { "type": "array", "items": { "$ref": "#/types/google-native:dataproc%2Fv1:InstanceSelection" }, "description": "Optional. List of instance selection options that the group will use when creating new VMs." } }, "type": "object" }, "google-native:dataproc/v1:InstanceFlexibilityPolicyResponse": { "description": "Instance flexibility Policy allowing a mixture of VM shapes and provisioning models.", "properties": { "instanceSelectionList": { "type": "array", "items": { "$ref": "#/types/google-native:dataproc%2Fv1:InstanceSelectionResponse" }, "description": "Optional. List of instance selection options that the group will use when creating new VMs." }, "instanceSelectionResults": { "type": "array", "items": { "$ref": "#/types/google-native:dataproc%2Fv1:InstanceSelectionResultResponse" }, "description": "A list of instance selection results in the group." } }, "type": "object", "required": [ "instanceSelectionList", "instanceSelectionResults" ] }, "google-native:dataproc/v1:InstanceGroupAutoscalingPolicyConfig": { "description": "Configuration for the size bounds of an instance group, including its proportional size to other groups.", "properties": { "maxInstances": { "type": "integer", "description": "Maximum number of instances for this group. Required for primary workers. Note that by default, clusters will not use secondary workers. Required for secondary workers if the minimum secondary instances is set.Primary workers - Bounds: [min_instances, ). Secondary workers - Bounds: [min_instances, ). Default: 0." }, "minInstances": { "type": "integer", "description": "Optional. Minimum number of instances for this group.Primary workers - Bounds: 2, max_instances. Default: 2. Secondary workers - Bounds: 0, max_instances. Default: 0." }, "weight": { "type": "integer", "description": "Optional. Weight for the instance group, which is used to determine the fraction of total workers in the cluster from this instance group. For example, if primary workers have weight 2, and secondary workers have weight 1, the cluster will have approximately 2 primary workers for each secondary worker.The cluster may not reach the specified balance if constrained by min/max bounds or other autoscaling settings. For example, if max_instances for secondary workers is 0, then only primary workers will be added. The cluster can also be out of balance when created.If weight is not set on any instance group, the cluster will default to equal weight for all groups: the cluster will attempt to maintain an equal number of workers in each group within the configured size bounds for each group. If weight is set for one group only, the cluster will default to zero weight on the unset group. For example if weight is set only on primary workers, the cluster will use primary workers only and no secondary workers." } }, "type": "object", "required": [ "maxInstances" ] }, "google-native:dataproc/v1:InstanceGroupAutoscalingPolicyConfigResponse": { "description": "Configuration for the size bounds of an instance group, including its proportional size to other groups.", "properties": { "maxInstances": { "type": "integer", "description": "Maximum number of instances for this group. Required for primary workers. Note that by default, clusters will not use secondary workers. Required for secondary workers if the minimum secondary instances is set.Primary workers - Bounds: [min_instances, ). Secondary workers - Bounds: [min_instances, ). Default: 0." }, "minInstances": { "type": "integer", "description": "Optional. Minimum number of instances for this group.Primary workers - Bounds: 2, max_instances. Default: 2. Secondary workers - Bounds: 0, max_instances. Default: 0." }, "weight": { "type": "integer", "description": "Optional. Weight for the instance group, which is used to determine the fraction of total workers in the cluster from this instance group. For example, if primary workers have weight 2, and secondary workers have weight 1, the cluster will have approximately 2 primary workers for each secondary worker.The cluster may not reach the specified balance if constrained by min/max bounds or other autoscaling settings. For example, if max_instances for secondary workers is 0, then only primary workers will be added. The cluster can also be out of balance when created.If weight is not set on any instance group, the cluster will default to equal weight for all groups: the cluster will attempt to maintain an equal number of workers in each group within the configured size bounds for each group. If weight is set for one group only, the cluster will default to zero weight on the unset group. For example if weight is set only on primary workers, the cluster will use primary workers only and no secondary workers." } }, "type": "object", "required": [ "maxInstances", "minInstances", "weight" ] }, "google-native:dataproc/v1:InstanceGroupConfig": { "description": "The config settings for Compute Engine resources in an instance group, such as a master or worker group.", "properties": { "accelerators": { "type": "array", "items": { "$ref": "#/types/google-native:dataproc%2Fv1:AcceleratorConfig" }, "description": "Optional. The Compute Engine accelerator configuration for these instances." }, "diskConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:DiskConfig", "description": "Optional. Disk option config settings." }, "imageUri": { "type": "string", "description": "Optional. The Compute Engine image resource used for cluster instances.The URI can represent an image or image family.Image examples: https://www.googleapis.com/compute/v1/projects/[project_id]/global/images/[image-id] projects/[project_id]/global/images/[image-id] image-idImage family examples. Dataproc will use the most recent image from the family: https://www.googleapis.com/compute/v1/projects/[project_id]/global/images/family/[custom-image-family-name] projects/[project_id]/global/images/family/[custom-image-family-name]If the URI is unspecified, it will be inferred from SoftwareConfig.image_version or the system default." }, "instanceFlexibilityPolicy": { "$ref": "#/types/google-native:dataproc%2Fv1:InstanceFlexibilityPolicy", "description": "Optional. Instance flexibility Policy allowing a mixture of VM shapes and provisioning models." }, "machineTypeUri": { "type": "string", "description": "Optional. The Compute Engine machine type used for cluster instances.A full URL, partial URI, or short name are valid. Examples: https://www.googleapis.com/compute/v1/projects/[project_id]/zones/[zone]/machineTypes/n1-standard-2 projects/[project_id]/zones/[zone]/machineTypes/n1-standard-2 n1-standard-2Auto Zone Exception: If you are using the Dataproc Auto Zone Placement (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/auto-zone#using_auto_zone_placement) feature, you must use the short name of the machine type resource, for example, n1-standard-2." }, "minCpuPlatform": { "type": "string", "description": "Optional. Specifies the minimum cpu platform for the Instance Group. See Dataproc -> Minimum CPU Platform (https://cloud.google.com/dataproc/docs/concepts/compute/dataproc-min-cpu)." }, "minNumInstances": { "type": "integer", "description": "Optional. The minimum number of primary worker instances to create. If min_num_instances is set, cluster creation will succeed if the number of primary workers created is at least equal to the min_num_instances number.Example: Cluster creation request with num_instances = 5 and min_num_instances = 3: If 4 VMs are created and 1 instance fails, the failed VM is deleted. The cluster is resized to 4 instances and placed in a RUNNING state. If 2 instances are created and 3 instances fail, the cluster in placed in an ERROR state. The failed VMs are not deleted." }, "numInstances": { "type": "integer", "description": "Optional. The number of VM instances in the instance group. For HA cluster master_config groups, must be set to 3. For standard cluster master_config groups, must be set to 1." }, "preemptibility": { "$ref": "#/types/google-native:dataproc%2Fv1:InstanceGroupConfigPreemptibility", "description": "Optional. Specifies the preemptibility of the instance group.The default value for master and worker groups is NON_PREEMPTIBLE. This default cannot be changed.The default value for secondary instances is PREEMPTIBLE." }, "startupConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:StartupConfig", "description": "Optional. Configuration to handle the startup of instances during cluster create and update process." } }, "type": "object" }, "google-native:dataproc/v1:InstanceGroupConfigPreemptibility": { "description": "Optional. Specifies the preemptibility of the instance group.The default value for master and worker groups is NON_PREEMPTIBLE. This default cannot be changed.The default value for secondary instances is PREEMPTIBLE.", "type": "string", "enum": [ { "name": "PreemptibilityUnspecified", "description": "Preemptibility is unspecified, the system will choose the appropriate setting for each instance group.", "value": "PREEMPTIBILITY_UNSPECIFIED" }, { "name": "NonPreemptible", "description": "Instances are non-preemptible.This option is allowed for all instance groups and is the only valid value for Master and Worker instance groups.", "value": "NON_PREEMPTIBLE" }, { "name": "Preemptible", "description": "Instances are preemptible (https://cloud.google.com/compute/docs/instances/preemptible).This option is allowed only for secondary worker (https://cloud.google.com/dataproc/docs/concepts/compute/secondary-vms) groups.", "value": "PREEMPTIBLE" }, { "name": "Spot", "description": "Instances are Spot VMs (https://cloud.google.com/compute/docs/instances/spot).This option is allowed only for secondary worker (https://cloud.google.com/dataproc/docs/concepts/compute/secondary-vms) groups. Spot VMs are the latest version of preemptible VMs (https://cloud.google.com/compute/docs/instances/preemptible), and provide additional features.", "value": "SPOT" } ] }, "google-native:dataproc/v1:InstanceGroupConfigResponse": { "description": "The config settings for Compute Engine resources in an instance group, such as a master or worker group.", "properties": { "accelerators": { "type": "array", "items": { "$ref": "#/types/google-native:dataproc%2Fv1:AcceleratorConfigResponse" }, "description": "Optional. The Compute Engine accelerator configuration for these instances." }, "diskConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:DiskConfigResponse", "description": "Optional. Disk option config settings." }, "imageUri": { "type": "string", "description": "Optional. The Compute Engine image resource used for cluster instances.The URI can represent an image or image family.Image examples: https://www.googleapis.com/compute/v1/projects/[project_id]/global/images/[image-id] projects/[project_id]/global/images/[image-id] image-idImage family examples. Dataproc will use the most recent image from the family: https://www.googleapis.com/compute/v1/projects/[project_id]/global/images/family/[custom-image-family-name] projects/[project_id]/global/images/family/[custom-image-family-name]If the URI is unspecified, it will be inferred from SoftwareConfig.image_version or the system default." }, "instanceFlexibilityPolicy": { "$ref": "#/types/google-native:dataproc%2Fv1:InstanceFlexibilityPolicyResponse", "description": "Optional. Instance flexibility Policy allowing a mixture of VM shapes and provisioning models." }, "instanceNames": { "type": "array", "items": { "type": "string" }, "description": "The list of instance names. Dataproc derives the names from cluster_name, num_instances, and the instance group." }, "instanceReferences": { "type": "array", "items": { "$ref": "#/types/google-native:dataproc%2Fv1:InstanceReferenceResponse" }, "description": "List of references to Compute Engine instances." }, "isPreemptible": { "type": "boolean", "description": "Specifies that this instance group contains preemptible instances." }, "machineTypeUri": { "type": "string", "description": "Optional. The Compute Engine machine type used for cluster instances.A full URL, partial URI, or short name are valid. Examples: https://www.googleapis.com/compute/v1/projects/[project_id]/zones/[zone]/machineTypes/n1-standard-2 projects/[project_id]/zones/[zone]/machineTypes/n1-standard-2 n1-standard-2Auto Zone Exception: If you are using the Dataproc Auto Zone Placement (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/auto-zone#using_auto_zone_placement) feature, you must use the short name of the machine type resource, for example, n1-standard-2." }, "managedGroupConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:ManagedGroupConfigResponse", "description": "The config for Compute Engine Instance Group Manager that manages this group. This is only used for preemptible instance groups." }, "minCpuPlatform": { "type": "string", "description": "Optional. Specifies the minimum cpu platform for the Instance Group. See Dataproc -> Minimum CPU Platform (https://cloud.google.com/dataproc/docs/concepts/compute/dataproc-min-cpu)." }, "minNumInstances": { "type": "integer", "description": "Optional. The minimum number of primary worker instances to create. If min_num_instances is set, cluster creation will succeed if the number of primary workers created is at least equal to the min_num_instances number.Example: Cluster creation request with num_instances = 5 and min_num_instances = 3: If 4 VMs are created and 1 instance fails, the failed VM is deleted. The cluster is resized to 4 instances and placed in a RUNNING state. If 2 instances are created and 3 instances fail, the cluster in placed in an ERROR state. The failed VMs are not deleted." }, "numInstances": { "type": "integer", "description": "Optional. The number of VM instances in the instance group. For HA cluster master_config groups, must be set to 3. For standard cluster master_config groups, must be set to 1." }, "preemptibility": { "type": "string", "description": "Optional. Specifies the preemptibility of the instance group.The default value for master and worker groups is NON_PREEMPTIBLE. This default cannot be changed.The default value for secondary instances is PREEMPTIBLE." }, "startupConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:StartupConfigResponse", "description": "Optional. Configuration to handle the startup of instances during cluster create and update process." } }, "type": "object", "required": [ "accelerators", "diskConfig", "imageUri", "instanceFlexibilityPolicy", "instanceNames", "instanceReferences", "isPreemptible", "machineTypeUri", "managedGroupConfig", "minCpuPlatform", "minNumInstances", "numInstances", "preemptibility", "startupConfig" ] }, "google-native:dataproc/v1:InstanceReferenceResponse": { "description": "A reference to a Compute Engine instance.", "properties": { "instanceId": { "type": "string", "description": "The unique identifier of the Compute Engine instance." }, "instanceName": { "type": "string", "description": "The user-friendly name of the Compute Engine instance." }, "publicEciesKey": { "type": "string", "description": "The public ECIES key used for sharing data with this instance." }, "publicKey": { "type": "string", "description": "The public RSA key used for sharing data with this instance." } }, "type": "object", "required": [ "instanceId", "instanceName", "publicEciesKey", "publicKey" ] }, "google-native:dataproc/v1:InstanceSelection": { "description": "Defines machines types and a rank to which the machines types belong.", "properties": { "machineTypes": { "type": "array", "items": { "type": "string" }, "description": "Optional. Full machine-type names, e.g. \"n1-standard-16\"." }, "rank": { "type": "integer", "description": "Optional. Preference of this instance selection. Lower number means higher preference. Dataproc will first try to create a VM based on the machine-type with priority rank and fallback to next rank based on availability. Machine types and instance selections with the same priority have the same preference." } }, "type": "object" }, "google-native:dataproc/v1:InstanceSelectionResponse": { "description": "Defines machines types and a rank to which the machines types belong.", "properties": { "machineTypes": { "type": "array", "items": { "type": "string" }, "description": "Optional. Full machine-type names, e.g. \"n1-standard-16\"." }, "rank": { "type": "integer", "description": "Optional. Preference of this instance selection. Lower number means higher preference. Dataproc will first try to create a VM based on the machine-type with priority rank and fallback to next rank based on availability. Machine types and instance selections with the same priority have the same preference." } }, "type": "object", "required": [ "machineTypes", "rank" ] }, "google-native:dataproc/v1:InstanceSelectionResultResponse": { "description": "Defines a mapping from machine types to the number of VMs that are created with each machine type.", "properties": { "machineType": { "type": "string", "description": "Full machine-type names, e.g. \"n1-standard-16\"." }, "vmCount": { "type": "integer", "description": "Number of VM provisioned with the machine_type." } }, "type": "object", "required": [ "machineType", "vmCount" ] }, "google-native:dataproc/v1:JobPlacement": { "description": "Dataproc job config.", "properties": { "clusterLabels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Cluster labels to identify a cluster where the job will be submitted." }, "clusterName": { "type": "string", "description": "The name of the cluster where the job will be submitted." } }, "type": "object", "required": [ "clusterName" ] }, "google-native:dataproc/v1:JobPlacementResponse": { "description": "Dataproc job config.", "properties": { "clusterLabels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Cluster labels to identify a cluster where the job will be submitted." }, "clusterName": { "type": "string", "description": "The name of the cluster where the job will be submitted." }, "clusterUuid": { "type": "string", "description": "A cluster UUID generated by the Dataproc service when the job is submitted." } }, "type": "object", "required": [ "clusterLabels", "clusterName", "clusterUuid" ] }, "google-native:dataproc/v1:JobReference": { "description": "Encapsulates the full scoping used to reference a job.", "properties": { "jobId": { "type": "string", "description": "Optional. The job ID, which must be unique within the project.The ID must contain only letters (a-z, A-Z), numbers (0-9), underscores (_), or hyphens (-). The maximum length is 100 characters.If not specified by the caller, the job ID will be provided by the server." }, "project": { "type": "string", "description": "Optional. The ID of the Google Cloud Platform project that the job belongs to. If specified, must match the request project ID." } }, "type": "object" }, "google-native:dataproc/v1:JobReferenceResponse": { "description": "Encapsulates the full scoping used to reference a job.", "properties": { "jobId": { "type": "string", "description": "Optional. The job ID, which must be unique within the project.The ID must contain only letters (a-z, A-Z), numbers (0-9), underscores (_), or hyphens (-). The maximum length is 100 characters.If not specified by the caller, the job ID will be provided by the server." }, "project": { "type": "string", "description": "Optional. The ID of the Google Cloud Platform project that the job belongs to. If specified, must match the request project ID." } }, "type": "object", "required": [ "jobId", "project" ] }, "google-native:dataproc/v1:JobScheduling": { "description": "Job scheduling options.", "properties": { "maxFailuresPerHour": { "type": "integer", "description": "Optional. Maximum number of times per hour a driver can be restarted as a result of driver exiting with non-zero code before job is reported failed.A job might be reported as thrashing if the driver exits with a non-zero code four times within a 10-minute window.Maximum value is 10.Note: This restartable job option is not supported in Dataproc workflow templates (https://cloud.google.com/dataproc/docs/concepts/workflows/using-workflows#adding_jobs_to_a_template)." }, "maxFailuresTotal": { "type": "integer", "description": "Optional. Maximum total number of times a driver can be restarted as a result of the driver exiting with a non-zero code. After the maximum number is reached, the job will be reported as failed.Maximum value is 240.Note: Currently, this restartable job option is not supported in Dataproc workflow templates (https://cloud.google.com/dataproc/docs/concepts/workflows/using-workflows#adding_jobs_to_a_template)." } }, "type": "object" }, "google-native:dataproc/v1:JobSchedulingResponse": { "description": "Job scheduling options.", "properties": { "maxFailuresPerHour": { "type": "integer", "description": "Optional. Maximum number of times per hour a driver can be restarted as a result of driver exiting with non-zero code before job is reported failed.A job might be reported as thrashing if the driver exits with a non-zero code four times within a 10-minute window.Maximum value is 10.Note: This restartable job option is not supported in Dataproc workflow templates (https://cloud.google.com/dataproc/docs/concepts/workflows/using-workflows#adding_jobs_to_a_template)." }, "maxFailuresTotal": { "type": "integer", "description": "Optional. Maximum total number of times a driver can be restarted as a result of the driver exiting with a non-zero code. After the maximum number is reached, the job will be reported as failed.Maximum value is 240.Note: Currently, this restartable job option is not supported in Dataproc workflow templates (https://cloud.google.com/dataproc/docs/concepts/workflows/using-workflows#adding_jobs_to_a_template)." } }, "type": "object", "required": [ "maxFailuresPerHour", "maxFailuresTotal" ] }, "google-native:dataproc/v1:JobStatusResponse": { "description": "Dataproc job status.", "properties": { "details": { "type": "string", "description": "Optional. Output only. Job state details, such as an error description if the state is ERROR." }, "state": { "type": "string", "description": "A state message specifying the overall job state." }, "stateStartTime": { "type": "string", "description": "The time when this state was entered." }, "substate": { "type": "string", "description": "Additional state information, which includes status reported by the agent." } }, "type": "object", "required": [ "details", "state", "stateStartTime", "substate" ] }, "google-native:dataproc/v1:JupyterConfig": { "description": "Jupyter configuration for an interactive session.", "properties": { "displayName": { "type": "string", "description": "Optional. Display name, shown in the Jupyter kernelspec card." }, "kernel": { "$ref": "#/types/google-native:dataproc%2Fv1:JupyterConfigKernel", "description": "Optional. Kernel" } }, "type": "object" }, "google-native:dataproc/v1:JupyterConfigKernel": { "description": "Optional. Kernel", "type": "string", "enum": [ { "name": "KernelUnspecified", "description": "The kernel is unknown.", "value": "KERNEL_UNSPECIFIED" }, { "name": "Python", "description": "Python kernel.", "value": "PYTHON" }, { "name": "Scala", "description": "Scala kernel.", "value": "SCALA" } ] }, "google-native:dataproc/v1:JupyterConfigResponse": { "description": "Jupyter configuration for an interactive session.", "properties": { "displayName": { "type": "string", "description": "Optional. Display name, shown in the Jupyter kernelspec card." }, "kernel": { "type": "string", "description": "Optional. Kernel" } }, "type": "object", "required": [ "displayName", "kernel" ] }, "google-native:dataproc/v1:KerberosConfig": { "description": "Specifies Kerberos related configuration.", "properties": { "crossRealmTrustAdminServer": { "type": "string", "description": "Optional. The admin server (IP or hostname) for the remote trusted realm in a cross realm trust relationship." }, "crossRealmTrustKdc": { "type": "string", "description": "Optional. The KDC (IP or hostname) for the remote trusted realm in a cross realm trust relationship." }, "crossRealmTrustRealm": { "type": "string", "description": "Optional. The remote realm the Dataproc on-cluster KDC will trust, should the user enable cross realm trust." }, "crossRealmTrustSharedPasswordUri": { "type": "string", "description": "Optional. The Cloud Storage URI of a KMS encrypted file containing the shared password between the on-cluster Kerberos realm and the remote trusted realm, in a cross realm trust relationship." }, "enableKerberos": { "type": "boolean", "description": "Optional. Flag to indicate whether to Kerberize the cluster (default: false). Set this field to true to enable Kerberos on a cluster." }, "kdcDbKeyUri": { "type": "string", "description": "Optional. The Cloud Storage URI of a KMS encrypted file containing the master key of the KDC database." }, "keyPasswordUri": { "type": "string", "description": "Optional. The Cloud Storage URI of a KMS encrypted file containing the password to the user provided key. For the self-signed certificate, this password is generated by Dataproc." }, "keystorePasswordUri": { "type": "string", "description": "Optional. The Cloud Storage URI of a KMS encrypted file containing the password to the user provided keystore. For the self-signed certificate, this password is generated by Dataproc." }, "keystoreUri": { "type": "string", "description": "Optional. The Cloud Storage URI of the keystore file used for SSL encryption. If not provided, Dataproc will provide a self-signed certificate." }, "kmsKeyUri": { "type": "string", "description": "Optional. The uri of the KMS key used to encrypt various sensitive files." }, "realm": { "type": "string", "description": "Optional. The name of the on-cluster Kerberos realm. If not specified, the uppercased domain of hostnames will be the realm." }, "rootPrincipalPasswordUri": { "type": "string", "description": "Optional. The Cloud Storage URI of a KMS encrypted file containing the root principal password." }, "tgtLifetimeHours": { "type": "integer", "description": "Optional. The lifetime of the ticket granting ticket, in hours. If not specified, or user specifies 0, then default value 10 will be used." }, "truststorePasswordUri": { "type": "string", "description": "Optional. The Cloud Storage URI of a KMS encrypted file containing the password to the user provided truststore. For the self-signed certificate, this password is generated by Dataproc." }, "truststoreUri": { "type": "string", "description": "Optional. The Cloud Storage URI of the truststore file used for SSL encryption. If not provided, Dataproc will provide a self-signed certificate." } }, "type": "object" }, "google-native:dataproc/v1:KerberosConfigResponse": { "description": "Specifies Kerberos related configuration.", "properties": { "crossRealmTrustAdminServer": { "type": "string", "description": "Optional. The admin server (IP or hostname) for the remote trusted realm in a cross realm trust relationship." }, "crossRealmTrustKdc": { "type": "string", "description": "Optional. The KDC (IP or hostname) for the remote trusted realm in a cross realm trust relationship." }, "crossRealmTrustRealm": { "type": "string", "description": "Optional. The remote realm the Dataproc on-cluster KDC will trust, should the user enable cross realm trust." }, "crossRealmTrustSharedPasswordUri": { "type": "string", "description": "Optional. The Cloud Storage URI of a KMS encrypted file containing the shared password between the on-cluster Kerberos realm and the remote trusted realm, in a cross realm trust relationship." }, "enableKerberos": { "type": "boolean", "description": "Optional. Flag to indicate whether to Kerberize the cluster (default: false). Set this field to true to enable Kerberos on a cluster." }, "kdcDbKeyUri": { "type": "string", "description": "Optional. The Cloud Storage URI of a KMS encrypted file containing the master key of the KDC database." }, "keyPasswordUri": { "type": "string", "description": "Optional. The Cloud Storage URI of a KMS encrypted file containing the password to the user provided key. For the self-signed certificate, this password is generated by Dataproc." }, "keystorePasswordUri": { "type": "string", "description": "Optional. The Cloud Storage URI of a KMS encrypted file containing the password to the user provided keystore. For the self-signed certificate, this password is generated by Dataproc." }, "keystoreUri": { "type": "string", "description": "Optional. The Cloud Storage URI of the keystore file used for SSL encryption. If not provided, Dataproc will provide a self-signed certificate." }, "kmsKeyUri": { "type": "string", "description": "Optional. The uri of the KMS key used to encrypt various sensitive files." }, "realm": { "type": "string", "description": "Optional. The name of the on-cluster Kerberos realm. If not specified, the uppercased domain of hostnames will be the realm." }, "rootPrincipalPasswordUri": { "type": "string", "description": "Optional. The Cloud Storage URI of a KMS encrypted file containing the root principal password." }, "tgtLifetimeHours": { "type": "integer", "description": "Optional. The lifetime of the ticket granting ticket, in hours. If not specified, or user specifies 0, then default value 10 will be used." }, "truststorePasswordUri": { "type": "string", "description": "Optional. The Cloud Storage URI of a KMS encrypted file containing the password to the user provided truststore. For the self-signed certificate, this password is generated by Dataproc." }, "truststoreUri": { "type": "string", "description": "Optional. The Cloud Storage URI of the truststore file used for SSL encryption. If not provided, Dataproc will provide a self-signed certificate." } }, "type": "object", "required": [ "crossRealmTrustAdminServer", "crossRealmTrustKdc", "crossRealmTrustRealm", "crossRealmTrustSharedPasswordUri", "enableKerberos", "kdcDbKeyUri", "keyPasswordUri", "keystorePasswordUri", "keystoreUri", "kmsKeyUri", "realm", "rootPrincipalPasswordUri", "tgtLifetimeHours", "truststorePasswordUri", "truststoreUri" ] }, "google-native:dataproc/v1:KubernetesClusterConfig": { "description": "The configuration for running the Dataproc cluster on Kubernetes.", "properties": { "gkeClusterConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:GkeClusterConfig", "description": "The configuration for running the Dataproc cluster on GKE." }, "kubernetesNamespace": { "type": "string", "description": "Optional. A namespace within the Kubernetes cluster to deploy into. If this namespace does not exist, it is created. If it exists, Dataproc verifies that another Dataproc VirtualCluster is not installed into it. If not specified, the name of the Dataproc Cluster is used." }, "kubernetesSoftwareConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:KubernetesSoftwareConfig", "description": "Optional. The software configuration for this Dataproc cluster running on Kubernetes." } }, "type": "object", "required": [ "gkeClusterConfig" ] }, "google-native:dataproc/v1:KubernetesClusterConfigResponse": { "description": "The configuration for running the Dataproc cluster on Kubernetes.", "properties": { "gkeClusterConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:GkeClusterConfigResponse", "description": "The configuration for running the Dataproc cluster on GKE." }, "kubernetesNamespace": { "type": "string", "description": "Optional. A namespace within the Kubernetes cluster to deploy into. If this namespace does not exist, it is created. If it exists, Dataproc verifies that another Dataproc VirtualCluster is not installed into it. If not specified, the name of the Dataproc Cluster is used." }, "kubernetesSoftwareConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:KubernetesSoftwareConfigResponse", "description": "Optional. The software configuration for this Dataproc cluster running on Kubernetes." } }, "type": "object", "required": [ "gkeClusterConfig", "kubernetesNamespace", "kubernetesSoftwareConfig" ] }, "google-native:dataproc/v1:KubernetesSoftwareConfig": { "description": "The software configuration for this Dataproc cluster running on Kubernetes.", "properties": { "componentVersion": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The components that should be installed in this Dataproc cluster. The key must be a string from the KubernetesComponent enumeration. The value is the version of the software to be installed. At least one entry must be specified." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The properties to set on daemon config files.Property keys are specified in prefix:property format, for example spark:spark.kubernetes.container.image. The following are supported prefixes and their mappings: spark: spark-defaults.confFor more information, see Cluster properties (https://cloud.google.com/dataproc/docs/concepts/cluster-properties)." } }, "type": "object" }, "google-native:dataproc/v1:KubernetesSoftwareConfigResponse": { "description": "The software configuration for this Dataproc cluster running on Kubernetes.", "properties": { "componentVersion": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The components that should be installed in this Dataproc cluster. The key must be a string from the KubernetesComponent enumeration. The value is the version of the software to be installed. At least one entry must be specified." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The properties to set on daemon config files.Property keys are specified in prefix:property format, for example spark:spark.kubernetes.container.image. The following are supported prefixes and their mappings: spark: spark-defaults.confFor more information, see Cluster properties (https://cloud.google.com/dataproc/docs/concepts/cluster-properties)." } }, "type": "object", "required": [ "componentVersion", "properties" ] }, "google-native:dataproc/v1:LifecycleConfig": { "description": "Specifies the cluster auto-delete schedule configuration.", "properties": { "autoDeleteTime": { "type": "string", "description": "Optional. The time when cluster will be auto-deleted (see JSON representation of Timestamp (https://developers.google.com/protocol-buffers/docs/proto3#json))." }, "autoDeleteTtl": { "type": "string", "description": "Optional. The lifetime duration of cluster. The cluster will be auto-deleted at the end of this period. Minimum value is 10 minutes; maximum value is 14 days (see JSON representation of Duration (https://developers.google.com/protocol-buffers/docs/proto3#json))." }, "idleDeleteTtl": { "type": "string", "description": "Optional. The duration to keep the cluster alive while idling (when no jobs are running). Passing this threshold will cause the cluster to be deleted. Minimum value is 5 minutes; maximum value is 14 days (see JSON representation of Duration (https://developers.google.com/protocol-buffers/docs/proto3#json))." } }, "type": "object" }, "google-native:dataproc/v1:LifecycleConfigResponse": { "description": "Specifies the cluster auto-delete schedule configuration.", "properties": { "autoDeleteTime": { "type": "string", "description": "Optional. The time when cluster will be auto-deleted (see JSON representation of Timestamp (https://developers.google.com/protocol-buffers/docs/proto3#json))." }, "autoDeleteTtl": { "type": "string", "description": "Optional. The lifetime duration of cluster. The cluster will be auto-deleted at the end of this period. Minimum value is 10 minutes; maximum value is 14 days (see JSON representation of Duration (https://developers.google.com/protocol-buffers/docs/proto3#json))." }, "idleDeleteTtl": { "type": "string", "description": "Optional. The duration to keep the cluster alive while idling (when no jobs are running). Passing this threshold will cause the cluster to be deleted. Minimum value is 5 minutes; maximum value is 14 days (see JSON representation of Duration (https://developers.google.com/protocol-buffers/docs/proto3#json))." }, "idleStartTime": { "type": "string", "description": "The time when cluster became idle (most recent job finished) and became eligible for deletion due to idleness (see JSON representation of Timestamp (https://developers.google.com/protocol-buffers/docs/proto3#json))." } }, "type": "object", "required": [ "autoDeleteTime", "autoDeleteTtl", "idleDeleteTtl", "idleStartTime" ] }, "google-native:dataproc/v1:LoggingConfig": { "description": "The runtime logging config of the job.", "properties": { "driverLogLevels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The per-package log levels for the driver. This can include \"root\" package name to configure rootLogger. Examples: - 'com.google = FATAL' - 'root = INFO' - 'org.apache = DEBUG'" } }, "type": "object" }, "google-native:dataproc/v1:LoggingConfigResponse": { "description": "The runtime logging config of the job.", "properties": { "driverLogLevels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The per-package log levels for the driver. This can include \"root\" package name to configure rootLogger. Examples: - 'com.google = FATAL' - 'root = INFO' - 'org.apache = DEBUG'" } }, "type": "object", "required": [ "driverLogLevels" ] }, "google-native:dataproc/v1:ManagedCluster": { "description": "Cluster that is managed by the workflow.", "properties": { "clusterName": { "type": "string", "description": "The cluster name prefix. A unique cluster name will be formed by appending a random suffix.The name must contain only lower-case letters (a-z), numbers (0-9), and hyphens (-). Must begin with a letter. Cannot begin or end with hyphen. Must consist of between 2 and 35 characters." }, "config": { "$ref": "#/types/google-native:dataproc%2Fv1:ClusterConfig", "description": "The cluster configuration." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. The labels to associate with this cluster.Label keys must be between 1 and 63 characters long, and must conform to the following PCRE regular expression: \\p{Ll}\\p{Lo}{0,62}Label values must be between 1 and 63 characters long, and must conform to the following PCRE regular expression: \\p{Ll}\\p{Lo}\\p{N}_-{0,63}No more than 32 labels can be associated with a given cluster." } }, "type": "object", "required": [ "clusterName", "config" ] }, "google-native:dataproc/v1:ManagedClusterResponse": { "description": "Cluster that is managed by the workflow.", "properties": { "clusterName": { "type": "string", "description": "The cluster name prefix. A unique cluster name will be formed by appending a random suffix.The name must contain only lower-case letters (a-z), numbers (0-9), and hyphens (-). Must begin with a letter. Cannot begin or end with hyphen. Must consist of between 2 and 35 characters." }, "config": { "$ref": "#/types/google-native:dataproc%2Fv1:ClusterConfigResponse", "description": "The cluster configuration." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. The labels to associate with this cluster.Label keys must be between 1 and 63 characters long, and must conform to the following PCRE regular expression: \\p{Ll}\\p{Lo}{0,62}Label values must be between 1 and 63 characters long, and must conform to the following PCRE regular expression: \\p{Ll}\\p{Lo}\\p{N}_-{0,63}No more than 32 labels can be associated with a given cluster." } }, "type": "object", "required": [ "clusterName", "config", "labels" ] }, "google-native:dataproc/v1:ManagedGroupConfigResponse": { "description": "Specifies the resources used to actively manage an instance group.", "properties": { "instanceGroupManagerName": { "type": "string", "description": "The name of the Instance Group Manager for this group." }, "instanceGroupManagerUri": { "type": "string", "description": "The partial URI to the instance group manager for this group. E.g. projects/my-project/regions/us-central1/instanceGroupManagers/my-igm." }, "instanceTemplateName": { "type": "string", "description": "The name of the Instance Template used for the Managed Instance Group." } }, "type": "object", "required": [ "instanceGroupManagerName", "instanceGroupManagerUri", "instanceTemplateName" ] }, "google-native:dataproc/v1:MetastoreConfig": { "description": "Specifies a Metastore configuration.", "properties": { "dataprocMetastoreService": { "type": "string", "description": "Resource name of an existing Dataproc Metastore service.Example: projects/[project_id]/locations/[dataproc_region]/services/[service-name]" } }, "type": "object", "required": [ "dataprocMetastoreService" ] }, "google-native:dataproc/v1:MetastoreConfigResponse": { "description": "Specifies a Metastore configuration.", "properties": { "dataprocMetastoreService": { "type": "string", "description": "Resource name of an existing Dataproc Metastore service.Example: projects/[project_id]/locations/[dataproc_region]/services/[service-name]" } }, "type": "object", "required": [ "dataprocMetastoreService" ] }, "google-native:dataproc/v1:Metric": { "description": "A Dataproc custom metric.", "properties": { "metricOverrides": { "type": "array", "items": { "type": "string" }, "description": "Optional. Specify one or more Custom metrics (https://cloud.google.com/dataproc/docs/guides/dataproc-metrics#custom_metrics) to collect for the metric course (for the SPARK metric source (any Spark metric (https://spark.apache.org/docs/latest/monitoring.html#metrics) can be specified).Provide metrics in the following format: METRIC_SOURCE: INSTANCE:GROUP:METRIC Use camelcase as appropriate.Examples: yarn:ResourceManager:QueueMetrics:AppsCompleted spark:driver:DAGScheduler:job.allJobs sparkHistoryServer:JVM:Memory:NonHeapMemoryUsage.committed hiveserver2:JVM:Memory:NonHeapMemoryUsage.used Notes: Only the specified overridden metrics are collected for the metric source. For example, if one or more spark:executive metrics are listed as metric overrides, other SPARK metrics are not collected. The collection of the metrics for other enabled custom metric sources is unaffected. For example, if both SPARK andd YARN metric sources are enabled, and overrides are provided for Spark metrics only, all YARN metrics are collected." }, "metricSource": { "$ref": "#/types/google-native:dataproc%2Fv1:MetricMetricSource", "description": "A standard set of metrics is collected unless metricOverrides are specified for the metric source (see Custom metrics (https://cloud.google.com/dataproc/docs/guides/dataproc-metrics#custom_metrics) for more information)." } }, "type": "object", "required": [ "metricSource" ] }, "google-native:dataproc/v1:MetricMetricSource": { "description": "Required. A standard set of metrics is collected unless metricOverrides are specified for the metric source (see Custom metrics (https://cloud.google.com/dataproc/docs/guides/dataproc-metrics#custom_metrics) for more information).", "type": "string", "enum": [ { "name": "MetricSourceUnspecified", "description": "Required unspecified metric source.", "value": "METRIC_SOURCE_UNSPECIFIED" }, { "name": "MonitoringAgentDefaults", "description": "Monitoring agent metrics. If this source is enabled, Dataproc enables the monitoring agent in Compute Engine, and collects monitoring agent metrics, which are published with an agent.googleapis.com prefix.", "value": "MONITORING_AGENT_DEFAULTS" }, { "name": "Hdfs", "description": "HDFS metric source.", "value": "HDFS" }, { "name": "Spark", "description": "Spark metric source.", "value": "SPARK" }, { "name": "Yarn", "description": "YARN metric source.", "value": "YARN" }, { "name": "SparkHistoryServer", "description": "Spark History Server metric source.", "value": "SPARK_HISTORY_SERVER" }, { "name": "Hiveserver2", "description": "Hiveserver2 metric source.", "value": "HIVESERVER2" }, { "name": "Hivemetastore", "description": "hivemetastore metric source", "value": "HIVEMETASTORE" }, { "name": "Flink", "description": "flink metric source", "value": "FLINK" } ] }, "google-native:dataproc/v1:MetricResponse": { "description": "A Dataproc custom metric.", "properties": { "metricOverrides": { "type": "array", "items": { "type": "string" }, "description": "Optional. Specify one or more Custom metrics (https://cloud.google.com/dataproc/docs/guides/dataproc-metrics#custom_metrics) to collect for the metric course (for the SPARK metric source (any Spark metric (https://spark.apache.org/docs/latest/monitoring.html#metrics) can be specified).Provide metrics in the following format: METRIC_SOURCE: INSTANCE:GROUP:METRIC Use camelcase as appropriate.Examples: yarn:ResourceManager:QueueMetrics:AppsCompleted spark:driver:DAGScheduler:job.allJobs sparkHistoryServer:JVM:Memory:NonHeapMemoryUsage.committed hiveserver2:JVM:Memory:NonHeapMemoryUsage.used Notes: Only the specified overridden metrics are collected for the metric source. For example, if one or more spark:executive metrics are listed as metric overrides, other SPARK metrics are not collected. The collection of the metrics for other enabled custom metric sources is unaffected. For example, if both SPARK andd YARN metric sources are enabled, and overrides are provided for Spark metrics only, all YARN metrics are collected." }, "metricSource": { "type": "string", "description": "A standard set of metrics is collected unless metricOverrides are specified for the metric source (see Custom metrics (https://cloud.google.com/dataproc/docs/guides/dataproc-metrics#custom_metrics) for more information)." } }, "type": "object", "required": [ "metricOverrides", "metricSource" ] }, "google-native:dataproc/v1:NamespacedGkeDeploymentTarget": { "description": "Deprecated. Used only for the deprecated beta. A full, namespace-isolated deployment target for an existing GKE cluster.", "properties": { "clusterNamespace": { "type": "string", "description": "Optional. A namespace within the GKE cluster to deploy into." }, "targetGkeCluster": { "type": "string", "description": "Optional. The target GKE cluster to deploy to. Format: 'projects/{project}/locations/{location}/clusters/{cluster_id}'" } }, "type": "object" }, "google-native:dataproc/v1:NamespacedGkeDeploymentTargetResponse": { "description": "Deprecated. Used only for the deprecated beta. A full, namespace-isolated deployment target for an existing GKE cluster.", "properties": { "clusterNamespace": { "type": "string", "description": "Optional. A namespace within the GKE cluster to deploy into." }, "targetGkeCluster": { "type": "string", "description": "Optional. The target GKE cluster to deploy to. Format: 'projects/{project}/locations/{location}/clusters/{cluster_id}'" } }, "type": "object", "required": [ "clusterNamespace", "targetGkeCluster" ] }, "google-native:dataproc/v1:NodeGroup": { "description": "Dataproc Node Group. The Dataproc NodeGroup resource is not related to the Dataproc NodeGroupAffinity resource.", "properties": { "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Node group labels. Label keys must consist of from 1 to 63 characters and conform to RFC 1035 (https://www.ietf.org/rfc/rfc1035.txt). Label values can be empty. If specified, they must consist of from 1 to 63 characters and conform to RFC 1035 (https://www.ietf.org/rfc/rfc1035.txt). The node group must have no more than 32 labelsn." }, "name": { "type": "string", "description": "The Node group resource name (https://aip.dev/122)." }, "nodeGroupConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:InstanceGroupConfig", "description": "Optional. The node group instance group configuration." }, "roles": { "type": "array", "items": { "$ref": "#/types/google-native:dataproc%2Fv1:NodeGroupRolesItem" }, "description": "Node group roles." } }, "type": "object", "required": [ "roles" ] }, "google-native:dataproc/v1:NodeGroupAffinity": { "description": "Node Group Affinity for clusters using sole-tenant node groups. The Dataproc NodeGroupAffinity resource is not related to the Dataproc NodeGroup resource.", "properties": { "nodeGroupUri": { "type": "string", "description": "The URI of a sole-tenant node group resource (https://cloud.google.com/compute/docs/reference/rest/v1/nodeGroups) that the cluster will be created on.A full URL, partial URI, or node group name are valid. Examples: https://www.googleapis.com/compute/v1/projects/[project_id]/zones/[zone]/nodeGroups/node-group-1 projects/[project_id]/zones/[zone]/nodeGroups/node-group-1 node-group-1" } }, "type": "object", "required": [ "nodeGroupUri" ] }, "google-native:dataproc/v1:NodeGroupAffinityResponse": { "description": "Node Group Affinity for clusters using sole-tenant node groups. The Dataproc NodeGroupAffinity resource is not related to the Dataproc NodeGroup resource.", "properties": { "nodeGroupUri": { "type": "string", "description": "The URI of a sole-tenant node group resource (https://cloud.google.com/compute/docs/reference/rest/v1/nodeGroups) that the cluster will be created on.A full URL, partial URI, or node group name are valid. Examples: https://www.googleapis.com/compute/v1/projects/[project_id]/zones/[zone]/nodeGroups/node-group-1 projects/[project_id]/zones/[zone]/nodeGroups/node-group-1 node-group-1" } }, "type": "object", "required": [ "nodeGroupUri" ] }, "google-native:dataproc/v1:NodeGroupResponse": { "description": "Dataproc Node Group. The Dataproc NodeGroup resource is not related to the Dataproc NodeGroupAffinity resource.", "properties": { "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Node group labels. Label keys must consist of from 1 to 63 characters and conform to RFC 1035 (https://www.ietf.org/rfc/rfc1035.txt). Label values can be empty. If specified, they must consist of from 1 to 63 characters and conform to RFC 1035 (https://www.ietf.org/rfc/rfc1035.txt). The node group must have no more than 32 labelsn." }, "name": { "type": "string", "description": "The Node group resource name (https://aip.dev/122)." }, "nodeGroupConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:InstanceGroupConfigResponse", "description": "Optional. The node group instance group configuration." }, "roles": { "type": "array", "items": { "type": "string" }, "description": "Node group roles." } }, "type": "object", "required": [ "labels", "name", "nodeGroupConfig", "roles" ] }, "google-native:dataproc/v1:NodeGroupRolesItem": { "type": "string", "enum": [ { "name": "RoleUnspecified", "description": "Required unspecified role.", "value": "ROLE_UNSPECIFIED" }, { "name": "Driver", "description": "Job drivers run on the node pool.", "value": "DRIVER" } ] }, "google-native:dataproc/v1:NodeInitializationAction": { "description": "Specifies an executable to run on a fully configured node and a timeout period for executable completion.", "properties": { "executableFile": { "type": "string", "description": "Cloud Storage URI of executable file." }, "executionTimeout": { "type": "string", "description": "Optional. Amount of time executable has to complete. Default is 10 minutes (see JSON representation of Duration (https://developers.google.com/protocol-buffers/docs/proto3#json)).Cluster creation fails with an explanatory error message (the name of the executable that caused the error and the exceeded timeout period) if the executable is not completed at end of the timeout period." } }, "type": "object", "required": [ "executableFile" ] }, "google-native:dataproc/v1:NodeInitializationActionResponse": { "description": "Specifies an executable to run on a fully configured node and a timeout period for executable completion.", "properties": { "executableFile": { "type": "string", "description": "Cloud Storage URI of executable file." }, "executionTimeout": { "type": "string", "description": "Optional. Amount of time executable has to complete. Default is 10 minutes (see JSON representation of Duration (https://developers.google.com/protocol-buffers/docs/proto3#json)).Cluster creation fails with an explanatory error message (the name of the executable that caused the error and the exceeded timeout period) if the executable is not completed at end of the timeout period." } }, "type": "object", "required": [ "executableFile", "executionTimeout" ] }, "google-native:dataproc/v1:OrderedJob": { "description": "A job executed by the workflow.", "properties": { "flinkJob": { "$ref": "#/types/google-native:dataproc%2Fv1:FlinkJob", "description": "Optional. Job is a Flink job." }, "hadoopJob": { "$ref": "#/types/google-native:dataproc%2Fv1:HadoopJob", "description": "Optional. Job is a Hadoop job." }, "hiveJob": { "$ref": "#/types/google-native:dataproc%2Fv1:HiveJob", "description": "Optional. Job is a Hive job." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. The labels to associate with this job.Label keys must be between 1 and 63 characters long, and must conform to the following regular expression: \\p{Ll}\\p{Lo}{0,62}Label values must be between 1 and 63 characters long, and must conform to the following regular expression: \\p{Ll}\\p{Lo}\\p{N}_-{0,63}No more than 32 labels can be associated with a given job." }, "pigJob": { "$ref": "#/types/google-native:dataproc%2Fv1:PigJob", "description": "Optional. Job is a Pig job." }, "prerequisiteStepIds": { "type": "array", "items": { "type": "string" }, "description": "Optional. The optional list of prerequisite job step_ids. If not specified, the job will start at the beginning of workflow." }, "prestoJob": { "$ref": "#/types/google-native:dataproc%2Fv1:PrestoJob", "description": "Optional. Job is a Presto job." }, "pysparkJob": { "$ref": "#/types/google-native:dataproc%2Fv1:PySparkJob", "description": "Optional. Job is a PySpark job." }, "scheduling": { "$ref": "#/types/google-native:dataproc%2Fv1:JobScheduling", "description": "Optional. Job scheduling configuration." }, "sparkJob": { "$ref": "#/types/google-native:dataproc%2Fv1:SparkJob", "description": "Optional. Job is a Spark job." }, "sparkRJob": { "$ref": "#/types/google-native:dataproc%2Fv1:SparkRJob", "description": "Optional. Job is a SparkR job." }, "sparkSqlJob": { "$ref": "#/types/google-native:dataproc%2Fv1:SparkSqlJob", "description": "Optional. Job is a SparkSql job." }, "stepId": { "type": "string", "description": "The step id. The id must be unique among all jobs within the template.The step id is used as prefix for job id, as job goog-dataproc-workflow-step-id label, and in prerequisiteStepIds field from other steps.The id must contain only letters (a-z, A-Z), numbers (0-9), underscores (_), and hyphens (-). Cannot begin or end with underscore or hyphen. Must consist of between 3 and 50 characters." }, "trinoJob": { "$ref": "#/types/google-native:dataproc%2Fv1:TrinoJob", "description": "Optional. Job is a Trino job." } }, "type": "object", "required": [ "stepId" ] }, "google-native:dataproc/v1:OrderedJobResponse": { "description": "A job executed by the workflow.", "properties": { "flinkJob": { "$ref": "#/types/google-native:dataproc%2Fv1:FlinkJobResponse", "description": "Optional. Job is a Flink job." }, "hadoopJob": { "$ref": "#/types/google-native:dataproc%2Fv1:HadoopJobResponse", "description": "Optional. Job is a Hadoop job." }, "hiveJob": { "$ref": "#/types/google-native:dataproc%2Fv1:HiveJobResponse", "description": "Optional. Job is a Hive job." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. The labels to associate with this job.Label keys must be between 1 and 63 characters long, and must conform to the following regular expression: \\p{Ll}\\p{Lo}{0,62}Label values must be between 1 and 63 characters long, and must conform to the following regular expression: \\p{Ll}\\p{Lo}\\p{N}_-{0,63}No more than 32 labels can be associated with a given job." }, "pigJob": { "$ref": "#/types/google-native:dataproc%2Fv1:PigJobResponse", "description": "Optional. Job is a Pig job." }, "prerequisiteStepIds": { "type": "array", "items": { "type": "string" }, "description": "Optional. The optional list of prerequisite job step_ids. If not specified, the job will start at the beginning of workflow." }, "prestoJob": { "$ref": "#/types/google-native:dataproc%2Fv1:PrestoJobResponse", "description": "Optional. Job is a Presto job." }, "pysparkJob": { "$ref": "#/types/google-native:dataproc%2Fv1:PySparkJobResponse", "description": "Optional. Job is a PySpark job." }, "scheduling": { "$ref": "#/types/google-native:dataproc%2Fv1:JobSchedulingResponse", "description": "Optional. Job scheduling configuration." }, "sparkJob": { "$ref": "#/types/google-native:dataproc%2Fv1:SparkJobResponse", "description": "Optional. Job is a Spark job." }, "sparkRJob": { "$ref": "#/types/google-native:dataproc%2Fv1:SparkRJobResponse", "description": "Optional. Job is a SparkR job." }, "sparkSqlJob": { "$ref": "#/types/google-native:dataproc%2Fv1:SparkSqlJobResponse", "description": "Optional. Job is a SparkSql job." }, "stepId": { "type": "string", "description": "The step id. The id must be unique among all jobs within the template.The step id is used as prefix for job id, as job goog-dataproc-workflow-step-id label, and in prerequisiteStepIds field from other steps.The id must contain only letters (a-z, A-Z), numbers (0-9), underscores (_), and hyphens (-). Cannot begin or end with underscore or hyphen. Must consist of between 3 and 50 characters." }, "trinoJob": { "$ref": "#/types/google-native:dataproc%2Fv1:TrinoJobResponse", "description": "Optional. Job is a Trino job." } }, "type": "object", "required": [ "flinkJob", "hadoopJob", "hiveJob", "labels", "pigJob", "prerequisiteStepIds", "prestoJob", "pysparkJob", "scheduling", "sparkJob", "sparkRJob", "sparkSqlJob", "stepId", "trinoJob" ] }, "google-native:dataproc/v1:ParameterValidation": { "description": "Configuration for parameter validation.", "properties": { "regex": { "$ref": "#/types/google-native:dataproc%2Fv1:RegexValidation", "description": "Validation based on regular expressions." }, "values": { "$ref": "#/types/google-native:dataproc%2Fv1:ValueValidation", "description": "Validation based on a list of allowed values." } }, "type": "object" }, "google-native:dataproc/v1:ParameterValidationResponse": { "description": "Configuration for parameter validation.", "properties": { "regex": { "$ref": "#/types/google-native:dataproc%2Fv1:RegexValidationResponse", "description": "Validation based on regular expressions." }, "values": { "$ref": "#/types/google-native:dataproc%2Fv1:ValueValidationResponse", "description": "Validation based on a list of allowed values." } }, "type": "object", "required": [ "regex", "values" ] }, "google-native:dataproc/v1:PeripheralsConfig": { "description": "Auxiliary services configuration for a workload.", "properties": { "metastoreService": { "type": "string", "description": "Optional. Resource name of an existing Dataproc Metastore service.Example: projects/[project_id]/locations/[region]/services/[service_id]" }, "sparkHistoryServerConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:SparkHistoryServerConfig", "description": "Optional. The Spark History Server configuration for the workload." } }, "type": "object" }, "google-native:dataproc/v1:PeripheralsConfigResponse": { "description": "Auxiliary services configuration for a workload.", "properties": { "metastoreService": { "type": "string", "description": "Optional. Resource name of an existing Dataproc Metastore service.Example: projects/[project_id]/locations/[region]/services/[service_id]" }, "sparkHistoryServerConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:SparkHistoryServerConfigResponse", "description": "Optional. The Spark History Server configuration for the workload." } }, "type": "object", "required": [ "metastoreService", "sparkHistoryServerConfig" ] }, "google-native:dataproc/v1:PigJob": { "description": "A Dataproc job for running Apache Pig (https://pig.apache.org/) queries on YARN.", "properties": { "continueOnFailure": { "type": "boolean", "description": "Optional. Whether to continue executing queries if a query fails. The default value is false. Setting to true can be useful when executing independent parallel queries." }, "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of jar files to add to the CLASSPATH of the Pig Client and Hadoop MapReduce (MR) tasks. Can contain Pig UDFs." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:LoggingConfig", "description": "Optional. The runtime log config for job execution." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values, used to configure Pig. Properties that conflict with values set by the Dataproc API might be overwritten. Can include properties set in /etc/hadoop/conf/*-site.xml, /etc/pig/conf/pig.properties, and classes in user code." }, "queryFileUri": { "type": "string", "description": "The HCFS URI of the script that contains the Pig queries." }, "queryList": { "$ref": "#/types/google-native:dataproc%2Fv1:QueryList", "description": "A list of queries." }, "scriptVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Mapping of query variable names to values (equivalent to the Pig command: name=[value])." } }, "type": "object" }, "google-native:dataproc/v1:PigJobResponse": { "description": "A Dataproc job for running Apache Pig (https://pig.apache.org/) queries on YARN.", "properties": { "continueOnFailure": { "type": "boolean", "description": "Optional. Whether to continue executing queries if a query fails. The default value is false. Setting to true can be useful when executing independent parallel queries." }, "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of jar files to add to the CLASSPATH of the Pig Client and Hadoop MapReduce (MR) tasks. Can contain Pig UDFs." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:LoggingConfigResponse", "description": "Optional. The runtime log config for job execution." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values, used to configure Pig. Properties that conflict with values set by the Dataproc API might be overwritten. Can include properties set in /etc/hadoop/conf/*-site.xml, /etc/pig/conf/pig.properties, and classes in user code." }, "queryFileUri": { "type": "string", "description": "The HCFS URI of the script that contains the Pig queries." }, "queryList": { "$ref": "#/types/google-native:dataproc%2Fv1:QueryListResponse", "description": "A list of queries." }, "scriptVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Mapping of query variable names to values (equivalent to the Pig command: name=[value])." } }, "type": "object", "required": [ "continueOnFailure", "jarFileUris", "loggingConfig", "properties", "queryFileUri", "queryList", "scriptVariables" ] }, "google-native:dataproc/v1:PrestoJob": { "description": "A Dataproc job for running Presto (https://prestosql.io/) queries. IMPORTANT: The Dataproc Presto Optional Component (https://cloud.google.com/dataproc/docs/concepts/components/presto) must be enabled when the cluster is created to submit a Presto job to the cluster.", "properties": { "clientTags": { "type": "array", "items": { "type": "string" }, "description": "Optional. Presto client tags to attach to this query" }, "continueOnFailure": { "type": "boolean", "description": "Optional. Whether to continue executing queries if a query fails. The default value is false. Setting to true can be useful when executing independent parallel queries." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:LoggingConfig", "description": "Optional. The runtime log config for job execution." }, "outputFormat": { "type": "string", "description": "Optional. The format in which query output will be displayed. See the Presto documentation for supported output formats" }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values. Used to set Presto session properties (https://prestodb.io/docs/current/sql/set-session.html) Equivalent to using the --session flag in the Presto CLI" }, "queryFileUri": { "type": "string", "description": "The HCFS URI of the script that contains SQL queries." }, "queryList": { "$ref": "#/types/google-native:dataproc%2Fv1:QueryList", "description": "A list of queries." } }, "type": "object" }, "google-native:dataproc/v1:PrestoJobResponse": { "description": "A Dataproc job for running Presto (https://prestosql.io/) queries. IMPORTANT: The Dataproc Presto Optional Component (https://cloud.google.com/dataproc/docs/concepts/components/presto) must be enabled when the cluster is created to submit a Presto job to the cluster.", "properties": { "clientTags": { "type": "array", "items": { "type": "string" }, "description": "Optional. Presto client tags to attach to this query" }, "continueOnFailure": { "type": "boolean", "description": "Optional. Whether to continue executing queries if a query fails. The default value is false. Setting to true can be useful when executing independent parallel queries." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:LoggingConfigResponse", "description": "Optional. The runtime log config for job execution." }, "outputFormat": { "type": "string", "description": "Optional. The format in which query output will be displayed. See the Presto documentation for supported output formats" }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values. Used to set Presto session properties (https://prestodb.io/docs/current/sql/set-session.html) Equivalent to using the --session flag in the Presto CLI" }, "queryFileUri": { "type": "string", "description": "The HCFS URI of the script that contains SQL queries." }, "queryList": { "$ref": "#/types/google-native:dataproc%2Fv1:QueryListResponse", "description": "A list of queries." } }, "type": "object", "required": [ "clientTags", "continueOnFailure", "loggingConfig", "outputFormat", "properties", "queryFileUri", "queryList" ] }, "google-native:dataproc/v1:PyPiRepositoryConfig": { "description": "Configuration for PyPi repository", "properties": { "pypiRepository": { "type": "string", "description": "Optional. PyPi repository address" } }, "type": "object" }, "google-native:dataproc/v1:PyPiRepositoryConfigResponse": { "description": "Configuration for PyPi repository", "properties": { "pypiRepository": { "type": "string", "description": "Optional. PyPi repository address" } }, "type": "object", "required": [ "pypiRepository" ] }, "google-native:dataproc/v1:PySparkBatch": { "description": "A configuration for running an Apache PySpark (https://spark.apache.org/docs/latest/api/python/getting_started/quickstart.html) batch workload.", "properties": { "archiveUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of archives to be extracted into the working directory of each executor. Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip." }, "args": { "type": "array", "items": { "type": "string" }, "description": "Optional. The arguments to pass to the driver. Do not include arguments that can be set as batch properties, such as --conf, since a collision can occur that causes an incorrect batch submission." }, "fileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of files to be placed in the working directory of each executor." }, "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of jar files to add to the classpath of the Spark driver and tasks." }, "mainPythonFileUri": { "type": "string", "description": "The HCFS URI of the main Python file to use as the Spark driver. Must be a .py file." }, "pythonFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS file URIs of Python files to pass to the PySpark framework. Supported file types: .py, .egg, and .zip." } }, "type": "object", "required": [ "mainPythonFileUri" ] }, "google-native:dataproc/v1:PySparkBatchResponse": { "description": "A configuration for running an Apache PySpark (https://spark.apache.org/docs/latest/api/python/getting_started/quickstart.html) batch workload.", "properties": { "archiveUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of archives to be extracted into the working directory of each executor. Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip." }, "args": { "type": "array", "items": { "type": "string" }, "description": "Optional. The arguments to pass to the driver. Do not include arguments that can be set as batch properties, such as --conf, since a collision can occur that causes an incorrect batch submission." }, "fileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of files to be placed in the working directory of each executor." }, "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of jar files to add to the classpath of the Spark driver and tasks." }, "mainPythonFileUri": { "type": "string", "description": "The HCFS URI of the main Python file to use as the Spark driver. Must be a .py file." }, "pythonFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS file URIs of Python files to pass to the PySpark framework. Supported file types: .py, .egg, and .zip." } }, "type": "object", "required": [ "archiveUris", "args", "fileUris", "jarFileUris", "mainPythonFileUri", "pythonFileUris" ] }, "google-native:dataproc/v1:PySparkJob": { "description": "A Dataproc job for running Apache PySpark (https://spark.apache.org/docs/0.9.0/python-programming-guide.html) applications on YARN.", "properties": { "archiveUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of archives to be extracted into the working directory of each executor. Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip." }, "args": { "type": "array", "items": { "type": "string" }, "description": "Optional. The arguments to pass to the driver. Do not include arguments, such as --conf, that can be set as job properties, since a collision may occur that causes an incorrect job submission." }, "fileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of files to be placed in the working directory of each executor. Useful for naively parallel tasks." }, "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of jar files to add to the CLASSPATHs of the Python driver and tasks." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:LoggingConfig", "description": "Optional. The runtime log config for job execution." }, "mainPythonFileUri": { "type": "string", "description": "The HCFS URI of the main Python file to use as the driver. Must be a .py file." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values, used to configure PySpark. Properties that conflict with values set by the Dataproc API might be overwritten. Can include properties set in /etc/spark/conf/spark-defaults.conf and classes in user code." }, "pythonFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS file URIs of Python files to pass to the PySpark framework. Supported file types: .py, .egg, and .zip." } }, "type": "object", "required": [ "mainPythonFileUri" ] }, "google-native:dataproc/v1:PySparkJobResponse": { "description": "A Dataproc job for running Apache PySpark (https://spark.apache.org/docs/0.9.0/python-programming-guide.html) applications on YARN.", "properties": { "archiveUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of archives to be extracted into the working directory of each executor. Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip." }, "args": { "type": "array", "items": { "type": "string" }, "description": "Optional. The arguments to pass to the driver. Do not include arguments, such as --conf, that can be set as job properties, since a collision may occur that causes an incorrect job submission." }, "fileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of files to be placed in the working directory of each executor. Useful for naively parallel tasks." }, "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of jar files to add to the CLASSPATHs of the Python driver and tasks." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:LoggingConfigResponse", "description": "Optional. The runtime log config for job execution." }, "mainPythonFileUri": { "type": "string", "description": "The HCFS URI of the main Python file to use as the driver. Must be a .py file." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values, used to configure PySpark. Properties that conflict with values set by the Dataproc API might be overwritten. Can include properties set in /etc/spark/conf/spark-defaults.conf and classes in user code." }, "pythonFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS file URIs of Python files to pass to the PySpark framework. Supported file types: .py, .egg, and .zip." } }, "type": "object", "required": [ "archiveUris", "args", "fileUris", "jarFileUris", "loggingConfig", "mainPythonFileUri", "properties", "pythonFileUris" ] }, "google-native:dataproc/v1:QueryList": { "description": "A list of queries to run on a cluster.", "properties": { "queries": { "type": "array", "items": { "type": "string" }, "description": "The queries to execute. You do not need to end a query expression with a semicolon. Multiple queries can be specified in one string by separating each with a semicolon. Here is an example of a Dataproc API snippet that uses a QueryList to specify a HiveJob: \"hiveJob\": { \"queryList\": { \"queries\": [ \"query1\", \"query2\", \"query3;query4\", ] } } " } }, "type": "object", "required": [ "queries" ] }, "google-native:dataproc/v1:QueryListResponse": { "description": "A list of queries to run on a cluster.", "properties": { "queries": { "type": "array", "items": { "type": "string" }, "description": "The queries to execute. You do not need to end a query expression with a semicolon. Multiple queries can be specified in one string by separating each with a semicolon. Here is an example of a Dataproc API snippet that uses a QueryList to specify a HiveJob: \"hiveJob\": { \"queryList\": { \"queries\": [ \"query1\", \"query2\", \"query3;query4\", ] } } " } }, "type": "object", "required": [ "queries" ] }, "google-native:dataproc/v1:RegexValidation": { "description": "Validation based on regular expressions.", "properties": { "regexes": { "type": "array", "items": { "type": "string" }, "description": "RE2 regular expressions used to validate the parameter's value. The value must match the regex in its entirety (substring matches are not sufficient)." } }, "type": "object", "required": [ "regexes" ] }, "google-native:dataproc/v1:RegexValidationResponse": { "description": "Validation based on regular expressions.", "properties": { "regexes": { "type": "array", "items": { "type": "string" }, "description": "RE2 regular expressions used to validate the parameter's value. The value must match the regex in its entirety (substring matches are not sufficient)." } }, "type": "object", "required": [ "regexes" ] }, "google-native:dataproc/v1:RepositoryConfig": { "description": "Configuration for dependency repositories", "properties": { "pypiRepositoryConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:PyPiRepositoryConfig", "description": "Optional. Configuration for PyPi repository." } }, "type": "object" }, "google-native:dataproc/v1:RepositoryConfigResponse": { "description": "Configuration for dependency repositories", "properties": { "pypiRepositoryConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:PyPiRepositoryConfigResponse", "description": "Optional. Configuration for PyPi repository." } }, "type": "object", "required": [ "pypiRepositoryConfig" ] }, "google-native:dataproc/v1:ReservationAffinity": { "description": "Reservation Affinity for consuming Zonal reservation.", "properties": { "consumeReservationType": { "$ref": "#/types/google-native:dataproc%2Fv1:ReservationAffinityConsumeReservationType", "description": "Optional. Type of reservation to consume" }, "key": { "type": "string", "description": "Optional. Corresponds to the label key of reservation resource." }, "values": { "type": "array", "items": { "type": "string" }, "description": "Optional. Corresponds to the label values of reservation resource." } }, "type": "object" }, "google-native:dataproc/v1:ReservationAffinityConsumeReservationType": { "description": "Optional. Type of reservation to consume", "type": "string", "enum": [ { "name": "TypeUnspecified", "value": "TYPE_UNSPECIFIED" }, { "name": "NoReservation", "description": "Do not consume from any allocated capacity.", "value": "NO_RESERVATION" }, { "name": "AnyReservation", "description": "Consume any reservation available.", "value": "ANY_RESERVATION" }, { "name": "SpecificReservation", "description": "Must consume from a specific reservation. Must specify key value fields for specifying the reservations.", "value": "SPECIFIC_RESERVATION" } ] }, "google-native:dataproc/v1:ReservationAffinityResponse": { "description": "Reservation Affinity for consuming Zonal reservation.", "properties": { "consumeReservationType": { "type": "string", "description": "Optional. Type of reservation to consume" }, "key": { "type": "string", "description": "Optional. Corresponds to the label key of reservation resource." }, "values": { "type": "array", "items": { "type": "string" }, "description": "Optional. Corresponds to the label values of reservation resource." } }, "type": "object", "required": [ "consumeReservationType", "key", "values" ] }, "google-native:dataproc/v1:RuntimeConfig": { "description": "Runtime configuration for a workload.", "properties": { "containerImage": { "type": "string", "description": "Optional. Optional custom container image for the job runtime environment. If not specified, a default container image will be used." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values, which are used to configure workload execution." }, "repositoryConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:RepositoryConfig", "description": "Optional. Dependency repository configuration." }, "version": { "type": "string", "description": "Optional. Version of the batch runtime." } }, "type": "object" }, "google-native:dataproc/v1:RuntimeConfigResponse": { "description": "Runtime configuration for a workload.", "properties": { "containerImage": { "type": "string", "description": "Optional. Optional custom container image for the job runtime environment. If not specified, a default container image will be used." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values, which are used to configure workload execution." }, "repositoryConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:RepositoryConfigResponse", "description": "Optional. Dependency repository configuration." }, "version": { "type": "string", "description": "Optional. Version of the batch runtime." } }, "type": "object", "required": [ "containerImage", "properties", "repositoryConfig", "version" ] }, "google-native:dataproc/v1:RuntimeInfoResponse": { "description": "Runtime information about workload execution.", "properties": { "approximateUsage": { "$ref": "#/types/google-native:dataproc%2Fv1:UsageMetricsResponse", "description": "Approximate workload resource usage, calculated when the workload completes (see Dataproc Serverless pricing (https://cloud.google.com/dataproc-serverless/pricing)).Note: This metric calculation may change in the future, for example, to capture cumulative workload resource consumption during workload execution (see the Dataproc Serverless release notes (https://cloud.google.com/dataproc-serverless/docs/release-notes) for announcements, changes, fixes and other Dataproc developments)." }, "currentUsage": { "$ref": "#/types/google-native:dataproc%2Fv1:UsageSnapshotResponse", "description": "Snapshot of current workload resource usage." }, "diagnosticOutputUri": { "type": "string", "description": "A URI pointing to the location of the diagnostics tarball." }, "endpoints": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of remote access endpoints (such as web interfaces and APIs) to their URIs." }, "outputUri": { "type": "string", "description": "A URI pointing to the location of the stdout and stderr of the workload." } }, "type": "object", "required": [ "approximateUsage", "currentUsage", "diagnosticOutputUri", "endpoints", "outputUri" ] }, "google-native:dataproc/v1:SecurityConfig": { "description": "Security related configuration, including encryption, Kerberos, etc.", "properties": { "identityConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:IdentityConfig", "description": "Optional. Identity related configuration, including service account based secure multi-tenancy user mappings." }, "kerberosConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:KerberosConfig", "description": "Optional. Kerberos related configuration." } }, "type": "object" }, "google-native:dataproc/v1:SecurityConfigResponse": { "description": "Security related configuration, including encryption, Kerberos, etc.", "properties": { "identityConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:IdentityConfigResponse", "description": "Optional. Identity related configuration, including service account based secure multi-tenancy user mappings." }, "kerberosConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:KerberosConfigResponse", "description": "Optional. Kerberos related configuration." } }, "type": "object", "required": [ "identityConfig", "kerberosConfig" ] }, "google-native:dataproc/v1:SessionStateHistoryResponse": { "description": "Historical state information.", "properties": { "state": { "type": "string", "description": "The state of the session at this point in the session history." }, "stateMessage": { "type": "string", "description": "Details about the state at this point in the session history." }, "stateStartTime": { "type": "string", "description": "The time when the session entered the historical state." } }, "type": "object", "required": [ "state", "stateMessage", "stateStartTime" ] }, "google-native:dataproc/v1:ShieldedInstanceConfig": { "description": "Shielded Instance Config for clusters using Compute Engine Shielded VMs (https://cloud.google.com/security/shielded-cloud/shielded-vm).", "properties": { "enableIntegrityMonitoring": { "type": "boolean", "description": "Optional. Defines whether instances have integrity monitoring enabled." }, "enableSecureBoot": { "type": "boolean", "description": "Optional. Defines whether instances have Secure Boot enabled." }, "enableVtpm": { "type": "boolean", "description": "Optional. Defines whether instances have the vTPM enabled." } }, "type": "object" }, "google-native:dataproc/v1:ShieldedInstanceConfigResponse": { "description": "Shielded Instance Config for clusters using Compute Engine Shielded VMs (https://cloud.google.com/security/shielded-cloud/shielded-vm).", "properties": { "enableIntegrityMonitoring": { "type": "boolean", "description": "Optional. Defines whether instances have integrity monitoring enabled." }, "enableSecureBoot": { "type": "boolean", "description": "Optional. Defines whether instances have Secure Boot enabled." }, "enableVtpm": { "type": "boolean", "description": "Optional. Defines whether instances have the vTPM enabled." } }, "type": "object", "required": [ "enableIntegrityMonitoring", "enableSecureBoot", "enableVtpm" ] }, "google-native:dataproc/v1:SoftwareConfig": { "description": "Specifies the selection and config of software inside the cluster.", "properties": { "imageVersion": { "type": "string", "description": "Optional. The version of software inside the cluster. It must be one of the supported Dataproc Versions (https://cloud.google.com/dataproc/docs/concepts/versioning/dataproc-versions#supported_dataproc_versions), such as \"1.2\" (including a subminor version, such as \"1.2.29\"), or the \"preview\" version (https://cloud.google.com/dataproc/docs/concepts/versioning/dataproc-versions#other_versions). If unspecified, it defaults to the latest Debian version." }, "optionalComponents": { "type": "array", "items": { "$ref": "#/types/google-native:dataproc%2Fv1:SoftwareConfigOptionalComponentsItem" }, "description": "Optional. The set of components to activate on the cluster." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. The properties to set on daemon config files.Property keys are specified in prefix:property format, for example core:hadoop.tmp.dir. The following are supported prefixes and their mappings: capacity-scheduler: capacity-scheduler.xml core: core-site.xml distcp: distcp-default.xml hdfs: hdfs-site.xml hive: hive-site.xml mapred: mapred-site.xml pig: pig.properties spark: spark-defaults.conf yarn: yarn-site.xmlFor more information, see Cluster properties (https://cloud.google.com/dataproc/docs/concepts/cluster-properties)." } }, "type": "object" }, "google-native:dataproc/v1:SoftwareConfigOptionalComponentsItem": { "type": "string", "enum": [ { "name": "ComponentUnspecified", "description": "Unspecified component. Specifying this will cause Cluster creation to fail.", "value": "COMPONENT_UNSPECIFIED" }, { "name": "Anaconda", "description": "The Anaconda python distribution. The Anaconda component is not supported in the Dataproc 2.0 image. The 2.0 image is pre-installed with Miniconda.", "value": "ANACONDA" }, { "name": "Docker", "description": "Docker", "value": "DOCKER" }, { "name": "Druid", "description": "The Druid query engine. (alpha)", "value": "DRUID" }, { "name": "Flink", "description": "Flink", "value": "FLINK" }, { "name": "Hbase", "description": "HBase. (beta)", "value": "HBASE" }, { "name": "HiveWebhcat", "description": "The Hive Web HCatalog (the REST service for accessing HCatalog).", "value": "HIVE_WEBHCAT" }, { "name": "Hudi", "description": "Hudi.", "value": "HUDI" }, { "name": "Jupyter", "description": "The Jupyter Notebook.", "value": "JUPYTER" }, { "name": "Presto", "description": "The Presto query engine.", "value": "PRESTO" }, { "name": "Trino", "description": "The Trino query engine.", "value": "TRINO" }, { "name": "Ranger", "description": "The Ranger service.", "value": "RANGER" }, { "name": "Solr", "description": "The Solr service.", "value": "SOLR" }, { "name": "Zeppelin", "description": "The Zeppelin notebook.", "value": "ZEPPELIN" }, { "name": "Zookeeper", "description": "The Zookeeper service.", "value": "ZOOKEEPER" } ] }, "google-native:dataproc/v1:SoftwareConfigResponse": { "description": "Specifies the selection and config of software inside the cluster.", "properties": { "imageVersion": { "type": "string", "description": "Optional. The version of software inside the cluster. It must be one of the supported Dataproc Versions (https://cloud.google.com/dataproc/docs/concepts/versioning/dataproc-versions#supported_dataproc_versions), such as \"1.2\" (including a subminor version, such as \"1.2.29\"), or the \"preview\" version (https://cloud.google.com/dataproc/docs/concepts/versioning/dataproc-versions#other_versions). If unspecified, it defaults to the latest Debian version." }, "optionalComponents": { "type": "array", "items": { "type": "string" }, "description": "Optional. The set of components to activate on the cluster." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. The properties to set on daemon config files.Property keys are specified in prefix:property format, for example core:hadoop.tmp.dir. The following are supported prefixes and their mappings: capacity-scheduler: capacity-scheduler.xml core: core-site.xml distcp: distcp-default.xml hdfs: hdfs-site.xml hive: hive-site.xml mapred: mapred-site.xml pig: pig.properties spark: spark-defaults.conf yarn: yarn-site.xmlFor more information, see Cluster properties (https://cloud.google.com/dataproc/docs/concepts/cluster-properties)." } }, "type": "object", "required": [ "imageVersion", "optionalComponents", "properties" ] }, "google-native:dataproc/v1:SparkBatch": { "description": "A configuration for running an Apache Spark (https://spark.apache.org/) batch workload.", "properties": { "archiveUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of archives to be extracted into the working directory of each executor. Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip." }, "args": { "type": "array", "items": { "type": "string" }, "description": "Optional. The arguments to pass to the driver. Do not include arguments that can be set as batch properties, such as --conf, since a collision can occur that causes an incorrect batch submission." }, "fileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of files to be placed in the working directory of each executor." }, "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of jar files to add to the classpath of the Spark driver and tasks." }, "mainClass": { "type": "string", "description": "Optional. The name of the driver main class. The jar file that contains the class must be in the classpath or specified in jar_file_uris." }, "mainJarFileUri": { "type": "string", "description": "Optional. The HCFS URI of the jar file that contains the main class." } }, "type": "object" }, "google-native:dataproc/v1:SparkBatchResponse": { "description": "A configuration for running an Apache Spark (https://spark.apache.org/) batch workload.", "properties": { "archiveUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of archives to be extracted into the working directory of each executor. Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip." }, "args": { "type": "array", "items": { "type": "string" }, "description": "Optional. The arguments to pass to the driver. Do not include arguments that can be set as batch properties, such as --conf, since a collision can occur that causes an incorrect batch submission." }, "fileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of files to be placed in the working directory of each executor." }, "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of jar files to add to the classpath of the Spark driver and tasks." }, "mainClass": { "type": "string", "description": "Optional. The name of the driver main class. The jar file that contains the class must be in the classpath or specified in jar_file_uris." }, "mainJarFileUri": { "type": "string", "description": "Optional. The HCFS URI of the jar file that contains the main class." } }, "type": "object", "required": [ "archiveUris", "args", "fileUris", "jarFileUris", "mainClass", "mainJarFileUri" ] }, "google-native:dataproc/v1:SparkHistoryServerConfig": { "description": "Spark History Server configuration for the workload.", "properties": { "dataprocCluster": { "type": "string", "description": "Optional. Resource name of an existing Dataproc Cluster to act as a Spark History Server for the workload.Example: projects/[project_id]/regions/[region]/clusters/[cluster_name]" } }, "type": "object" }, "google-native:dataproc/v1:SparkHistoryServerConfigResponse": { "description": "Spark History Server configuration for the workload.", "properties": { "dataprocCluster": { "type": "string", "description": "Optional. Resource name of an existing Dataproc Cluster to act as a Spark History Server for the workload.Example: projects/[project_id]/regions/[region]/clusters/[cluster_name]" } }, "type": "object", "required": [ "dataprocCluster" ] }, "google-native:dataproc/v1:SparkJob": { "description": "A Dataproc job for running Apache Spark (https://spark.apache.org/) applications on YARN.", "properties": { "archiveUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of archives to be extracted into the working directory of each executor. Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip." }, "args": { "type": "array", "items": { "type": "string" }, "description": "Optional. The arguments to pass to the driver. Do not include arguments, such as --conf, that can be set as job properties, since a collision may occur that causes an incorrect job submission." }, "fileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of files to be placed in the working directory of each executor. Useful for naively parallel tasks." }, "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of jar files to add to the CLASSPATHs of the Spark driver and tasks." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:LoggingConfig", "description": "Optional. The runtime log config for job execution." }, "mainClass": { "type": "string", "description": "The name of the driver's main class. The jar file that contains the class must be in the default CLASSPATH or specified in SparkJob.jar_file_uris." }, "mainJarFileUri": { "type": "string", "description": "The HCFS URI of the jar file that contains the main class." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values, used to configure Spark. Properties that conflict with values set by the Dataproc API might be overwritten. Can include properties set in /etc/spark/conf/spark-defaults.conf and classes in user code." } }, "type": "object" }, "google-native:dataproc/v1:SparkJobResponse": { "description": "A Dataproc job for running Apache Spark (https://spark.apache.org/) applications on YARN.", "properties": { "archiveUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of archives to be extracted into the working directory of each executor. Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip." }, "args": { "type": "array", "items": { "type": "string" }, "description": "Optional. The arguments to pass to the driver. Do not include arguments, such as --conf, that can be set as job properties, since a collision may occur that causes an incorrect job submission." }, "fileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of files to be placed in the working directory of each executor. Useful for naively parallel tasks." }, "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of jar files to add to the CLASSPATHs of the Spark driver and tasks." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:LoggingConfigResponse", "description": "Optional. The runtime log config for job execution." }, "mainClass": { "type": "string", "description": "The name of the driver's main class. The jar file that contains the class must be in the default CLASSPATH or specified in SparkJob.jar_file_uris." }, "mainJarFileUri": { "type": "string", "description": "The HCFS URI of the jar file that contains the main class." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values, used to configure Spark. Properties that conflict with values set by the Dataproc API might be overwritten. Can include properties set in /etc/spark/conf/spark-defaults.conf and classes in user code." } }, "type": "object", "required": [ "archiveUris", "args", "fileUris", "jarFileUris", "loggingConfig", "mainClass", "mainJarFileUri", "properties" ] }, "google-native:dataproc/v1:SparkRBatch": { "description": "A configuration for running an Apache SparkR (https://spark.apache.org/docs/latest/sparkr.html) batch workload.", "properties": { "archiveUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of archives to be extracted into the working directory of each executor. Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip." }, "args": { "type": "array", "items": { "type": "string" }, "description": "Optional. The arguments to pass to the Spark driver. Do not include arguments that can be set as batch properties, such as --conf, since a collision can occur that causes an incorrect batch submission." }, "fileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of files to be placed in the working directory of each executor." }, "mainRFileUri": { "type": "string", "description": "The HCFS URI of the main R file to use as the driver. Must be a .R or .r file." } }, "type": "object", "required": [ "mainRFileUri" ] }, "google-native:dataproc/v1:SparkRBatchResponse": { "description": "A configuration for running an Apache SparkR (https://spark.apache.org/docs/latest/sparkr.html) batch workload.", "properties": { "archiveUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of archives to be extracted into the working directory of each executor. Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip." }, "args": { "type": "array", "items": { "type": "string" }, "description": "Optional. The arguments to pass to the Spark driver. Do not include arguments that can be set as batch properties, such as --conf, since a collision can occur that causes an incorrect batch submission." }, "fileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of files to be placed in the working directory of each executor." }, "mainRFileUri": { "type": "string", "description": "The HCFS URI of the main R file to use as the driver. Must be a .R or .r file." } }, "type": "object", "required": [ "archiveUris", "args", "fileUris", "mainRFileUri" ] }, "google-native:dataproc/v1:SparkRJob": { "description": "A Dataproc job for running Apache SparkR (https://spark.apache.org/docs/latest/sparkr.html) applications on YARN.", "properties": { "archiveUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of archives to be extracted into the working directory of each executor. Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip." }, "args": { "type": "array", "items": { "type": "string" }, "description": "Optional. The arguments to pass to the driver. Do not include arguments, such as --conf, that can be set as job properties, since a collision may occur that causes an incorrect job submission." }, "fileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of files to be placed in the working directory of each executor. Useful for naively parallel tasks." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:LoggingConfig", "description": "Optional. The runtime log config for job execution." }, "mainRFileUri": { "type": "string", "description": "The HCFS URI of the main R file to use as the driver. Must be a .R file." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values, used to configure SparkR. Properties that conflict with values set by the Dataproc API might be overwritten. Can include properties set in /etc/spark/conf/spark-defaults.conf and classes in user code." } }, "type": "object", "required": [ "mainRFileUri" ] }, "google-native:dataproc/v1:SparkRJobResponse": { "description": "A Dataproc job for running Apache SparkR (https://spark.apache.org/docs/latest/sparkr.html) applications on YARN.", "properties": { "archiveUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of archives to be extracted into the working directory of each executor. Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip." }, "args": { "type": "array", "items": { "type": "string" }, "description": "Optional. The arguments to pass to the driver. Do not include arguments, such as --conf, that can be set as job properties, since a collision may occur that causes an incorrect job submission." }, "fileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of files to be placed in the working directory of each executor. Useful for naively parallel tasks." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:LoggingConfigResponse", "description": "Optional. The runtime log config for job execution." }, "mainRFileUri": { "type": "string", "description": "The HCFS URI of the main R file to use as the driver. Must be a .R file." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values, used to configure SparkR. Properties that conflict with values set by the Dataproc API might be overwritten. Can include properties set in /etc/spark/conf/spark-defaults.conf and classes in user code." } }, "type": "object", "required": [ "archiveUris", "args", "fileUris", "loggingConfig", "mainRFileUri", "properties" ] }, "google-native:dataproc/v1:SparkSqlBatch": { "description": "A configuration for running Apache Spark SQL (https://spark.apache.org/sql/) queries as a batch workload.", "properties": { "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of jar files to be added to the Spark CLASSPATH." }, "queryFileUri": { "type": "string", "description": "The HCFS URI of the script that contains Spark SQL queries to execute." }, "queryVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Mapping of query variable names to values (equivalent to the Spark SQL command: SET name=\"value\";)." } }, "type": "object", "required": [ "queryFileUri" ] }, "google-native:dataproc/v1:SparkSqlBatchResponse": { "description": "A configuration for running Apache Spark SQL (https://spark.apache.org/sql/) queries as a batch workload.", "properties": { "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of jar files to be added to the Spark CLASSPATH." }, "queryFileUri": { "type": "string", "description": "The HCFS URI of the script that contains Spark SQL queries to execute." }, "queryVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Mapping of query variable names to values (equivalent to the Spark SQL command: SET name=\"value\";)." } }, "type": "object", "required": [ "jarFileUris", "queryFileUri", "queryVariables" ] }, "google-native:dataproc/v1:SparkSqlJob": { "description": "A Dataproc job for running Apache Spark SQL (https://spark.apache.org/sql/) queries.", "properties": { "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of jar files to be added to the Spark CLASSPATH." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:LoggingConfig", "description": "Optional. The runtime log config for job execution." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values, used to configure Spark SQL's SparkConf. Properties that conflict with values set by the Dataproc API might be overwritten." }, "queryFileUri": { "type": "string", "description": "The HCFS URI of the script that contains SQL queries." }, "queryList": { "$ref": "#/types/google-native:dataproc%2Fv1:QueryList", "description": "A list of queries." }, "scriptVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Mapping of query variable names to values (equivalent to the Spark SQL command: SET name=\"value\";)." } }, "type": "object" }, "google-native:dataproc/v1:SparkSqlJobResponse": { "description": "A Dataproc job for running Apache Spark SQL (https://spark.apache.org/sql/) queries.", "properties": { "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of jar files to be added to the Spark CLASSPATH." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:LoggingConfigResponse", "description": "Optional. The runtime log config for job execution." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values, used to configure Spark SQL's SparkConf. Properties that conflict with values set by the Dataproc API might be overwritten." }, "queryFileUri": { "type": "string", "description": "The HCFS URI of the script that contains SQL queries." }, "queryList": { "$ref": "#/types/google-native:dataproc%2Fv1:QueryListResponse", "description": "A list of queries." }, "scriptVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Mapping of query variable names to values (equivalent to the Spark SQL command: SET name=\"value\";)." } }, "type": "object", "required": [ "jarFileUris", "loggingConfig", "properties", "queryFileUri", "queryList", "scriptVariables" ] }, "google-native:dataproc/v1:SparkStandaloneAutoscalingConfig": { "description": "Basic autoscaling configurations for Spark Standalone.", "properties": { "gracefulDecommissionTimeout": { "type": "string", "description": "Timeout for Spark graceful decommissioning of spark workers. Specifies the duration to wait for spark worker to complete spark decommissioning tasks before forcefully removing workers. Only applicable to downscaling operations.Bounds: 0s, 1d." }, "removeOnlyIdleWorkers": { "type": "boolean", "description": "Optional. Remove only idle workers when scaling down cluster" }, "scaleDownFactor": { "type": "number", "description": "Fraction of required executors to remove from Spark Serverless clusters. A scale-down factor of 1.0 will result in scaling down so that there are no more executors for the Spark Job.(more aggressive scaling). A scale-down factor closer to 0 will result in a smaller magnitude of scaling donw (less aggressive scaling).Bounds: 0.0, 1.0." }, "scaleDownMinWorkerFraction": { "type": "number", "description": "Optional. Minimum scale-down threshold as a fraction of total cluster size before scaling occurs. For example, in a 20-worker cluster, a threshold of 0.1 means the autoscaler must recommend at least a 2 worker scale-down for the cluster to scale. A threshold of 0 means the autoscaler will scale down on any recommended change.Bounds: 0.0, 1.0. Default: 0.0." }, "scaleUpFactor": { "type": "number", "description": "Fraction of required workers to add to Spark Standalone clusters. A scale-up factor of 1.0 will result in scaling up so that there are no more required workers for the Spark Job (more aggressive scaling). A scale-up factor closer to 0 will result in a smaller magnitude of scaling up (less aggressive scaling).Bounds: 0.0, 1.0." }, "scaleUpMinWorkerFraction": { "type": "number", "description": "Optional. Minimum scale-up threshold as a fraction of total cluster size before scaling occurs. For example, in a 20-worker cluster, a threshold of 0.1 means the autoscaler must recommend at least a 2-worker scale-up for the cluster to scale. A threshold of 0 means the autoscaler will scale up on any recommended change.Bounds: 0.0, 1.0. Default: 0.0." } }, "type": "object", "required": [ "gracefulDecommissionTimeout", "scaleDownFactor", "scaleUpFactor" ] }, "google-native:dataproc/v1:SparkStandaloneAutoscalingConfigResponse": { "description": "Basic autoscaling configurations for Spark Standalone.", "properties": { "gracefulDecommissionTimeout": { "type": "string", "description": "Timeout for Spark graceful decommissioning of spark workers. Specifies the duration to wait for spark worker to complete spark decommissioning tasks before forcefully removing workers. Only applicable to downscaling operations.Bounds: 0s, 1d." }, "removeOnlyIdleWorkers": { "type": "boolean", "description": "Optional. Remove only idle workers when scaling down cluster" }, "scaleDownFactor": { "type": "number", "description": "Fraction of required executors to remove from Spark Serverless clusters. A scale-down factor of 1.0 will result in scaling down so that there are no more executors for the Spark Job.(more aggressive scaling). A scale-down factor closer to 0 will result in a smaller magnitude of scaling donw (less aggressive scaling).Bounds: 0.0, 1.0." }, "scaleDownMinWorkerFraction": { "type": "number", "description": "Optional. Minimum scale-down threshold as a fraction of total cluster size before scaling occurs. For example, in a 20-worker cluster, a threshold of 0.1 means the autoscaler must recommend at least a 2 worker scale-down for the cluster to scale. A threshold of 0 means the autoscaler will scale down on any recommended change.Bounds: 0.0, 1.0. Default: 0.0." }, "scaleUpFactor": { "type": "number", "description": "Fraction of required workers to add to Spark Standalone clusters. A scale-up factor of 1.0 will result in scaling up so that there are no more required workers for the Spark Job (more aggressive scaling). A scale-up factor closer to 0 will result in a smaller magnitude of scaling up (less aggressive scaling).Bounds: 0.0, 1.0." }, "scaleUpMinWorkerFraction": { "type": "number", "description": "Optional. Minimum scale-up threshold as a fraction of total cluster size before scaling occurs. For example, in a 20-worker cluster, a threshold of 0.1 means the autoscaler must recommend at least a 2-worker scale-up for the cluster to scale. A threshold of 0 means the autoscaler will scale up on any recommended change.Bounds: 0.0, 1.0. Default: 0.0." } }, "type": "object", "required": [ "gracefulDecommissionTimeout", "removeOnlyIdleWorkers", "scaleDownFactor", "scaleDownMinWorkerFraction", "scaleUpFactor", "scaleUpMinWorkerFraction" ] }, "google-native:dataproc/v1:StartupConfig": { "description": "Configuration to handle the startup of instances during cluster create and update process.", "properties": { "requiredRegistrationFraction": { "type": "number", "description": "Optional. The config setting to enable cluster creation/ updation to be successful only after required_registration_fraction of instances are up and running. This configuration is applicable to only secondary workers for now. The cluster will fail if required_registration_fraction of instances are not available. This will include instance creation, agent registration, and service registration (if enabled)." } }, "type": "object" }, "google-native:dataproc/v1:StartupConfigResponse": { "description": "Configuration to handle the startup of instances during cluster create and update process.", "properties": { "requiredRegistrationFraction": { "type": "number", "description": "Optional. The config setting to enable cluster creation/ updation to be successful only after required_registration_fraction of instances are up and running. This configuration is applicable to only secondary workers for now. The cluster will fail if required_registration_fraction of instances are not available. This will include instance creation, agent registration, and service registration (if enabled)." } }, "type": "object", "required": [ "requiredRegistrationFraction" ] }, "google-native:dataproc/v1:StateHistoryResponse": { "description": "Historical state information.", "properties": { "state": { "type": "string", "description": "The state of the batch at this point in history." }, "stateMessage": { "type": "string", "description": "Details about the state at this point in history." }, "stateStartTime": { "type": "string", "description": "The time when the batch entered the historical state." } }, "type": "object", "required": [ "state", "stateMessage", "stateStartTime" ] }, "google-native:dataproc/v1:TemplateParameter": { "description": "A configurable parameter that replaces one or more fields in the template. Parameterizable fields: - Labels - File uris - Job properties - Job arguments - Script variables - Main class (in HadoopJob and SparkJob) - Zone (in ClusterSelector)", "properties": { "description": { "type": "string", "description": "Optional. Brief description of the parameter. Must not exceed 1024 characters." }, "fields": { "type": "array", "items": { "type": "string" }, "description": "Paths to all fields that the parameter replaces. A field is allowed to appear in at most one parameter's list of field paths.A field path is similar in syntax to a google.protobuf.FieldMask. For example, a field path that references the zone field of a workflow template's cluster selector would be specified as placement.clusterSelector.zone.Also, field paths can reference fields using the following syntax: Values in maps can be referenced by key: labels'key' placement.clusterSelector.clusterLabels'key' placement.managedCluster.labels'key' placement.clusterSelector.clusterLabels'key' jobs'step-id'.labels'key' Jobs in the jobs list can be referenced by step-id: jobs'step-id'.hadoopJob.mainJarFileUri jobs'step-id'.hiveJob.queryFileUri jobs'step-id'.pySparkJob.mainPythonFileUri jobs'step-id'.hadoopJob.jarFileUris0 jobs'step-id'.hadoopJob.archiveUris0 jobs'step-id'.hadoopJob.fileUris0 jobs'step-id'.pySparkJob.pythonFileUris0 Items in repeated fields can be referenced by a zero-based index: jobs'step-id'.sparkJob.args0 Other examples: jobs'step-id'.hadoopJob.properties'key' jobs'step-id'.hadoopJob.args0 jobs'step-id'.hiveJob.scriptVariables'key' jobs'step-id'.hadoopJob.mainJarFileUri placement.clusterSelector.zoneIt may not be possible to parameterize maps and repeated fields in their entirety since only individual map values and individual items in repeated fields can be referenced. For example, the following field paths are invalid: placement.clusterSelector.clusterLabels jobs'step-id'.sparkJob.args" }, "name": { "type": "string", "description": "Parameter name. The parameter name is used as the key, and paired with the parameter value, which are passed to the template when the template is instantiated. The name must contain only capital letters (A-Z), numbers (0-9), and underscores (_), and must not start with a number. The maximum length is 40 characters." }, "validation": { "$ref": "#/types/google-native:dataproc%2Fv1:ParameterValidation", "description": "Optional. Validation rules to be applied to this parameter's value." } }, "type": "object", "required": [ "fields", "name" ] }, "google-native:dataproc/v1:TemplateParameterResponse": { "description": "A configurable parameter that replaces one or more fields in the template. Parameterizable fields: - Labels - File uris - Job properties - Job arguments - Script variables - Main class (in HadoopJob and SparkJob) - Zone (in ClusterSelector)", "properties": { "description": { "type": "string", "description": "Optional. Brief description of the parameter. Must not exceed 1024 characters." }, "fields": { "type": "array", "items": { "type": "string" }, "description": "Paths to all fields that the parameter replaces. A field is allowed to appear in at most one parameter's list of field paths.A field path is similar in syntax to a google.protobuf.FieldMask. For example, a field path that references the zone field of a workflow template's cluster selector would be specified as placement.clusterSelector.zone.Also, field paths can reference fields using the following syntax: Values in maps can be referenced by key: labels'key' placement.clusterSelector.clusterLabels'key' placement.managedCluster.labels'key' placement.clusterSelector.clusterLabels'key' jobs'step-id'.labels'key' Jobs in the jobs list can be referenced by step-id: jobs'step-id'.hadoopJob.mainJarFileUri jobs'step-id'.hiveJob.queryFileUri jobs'step-id'.pySparkJob.mainPythonFileUri jobs'step-id'.hadoopJob.jarFileUris0 jobs'step-id'.hadoopJob.archiveUris0 jobs'step-id'.hadoopJob.fileUris0 jobs'step-id'.pySparkJob.pythonFileUris0 Items in repeated fields can be referenced by a zero-based index: jobs'step-id'.sparkJob.args0 Other examples: jobs'step-id'.hadoopJob.properties'key' jobs'step-id'.hadoopJob.args0 jobs'step-id'.hiveJob.scriptVariables'key' jobs'step-id'.hadoopJob.mainJarFileUri placement.clusterSelector.zoneIt may not be possible to parameterize maps and repeated fields in their entirety since only individual map values and individual items in repeated fields can be referenced. For example, the following field paths are invalid: placement.clusterSelector.clusterLabels jobs'step-id'.sparkJob.args" }, "name": { "type": "string", "description": "Parameter name. The parameter name is used as the key, and paired with the parameter value, which are passed to the template when the template is instantiated. The name must contain only capital letters (A-Z), numbers (0-9), and underscores (_), and must not start with a number. The maximum length is 40 characters." }, "validation": { "$ref": "#/types/google-native:dataproc%2Fv1:ParameterValidationResponse", "description": "Optional. Validation rules to be applied to this parameter's value." } }, "type": "object", "required": [ "description", "fields", "name", "validation" ] }, "google-native:dataproc/v1:TrinoJob": { "description": "A Dataproc job for running Trino (https://trino.io/) queries. IMPORTANT: The Dataproc Trino Optional Component (https://cloud.google.com/dataproc/docs/concepts/components/trino) must be enabled when the cluster is created to submit a Trino job to the cluster.", "properties": { "clientTags": { "type": "array", "items": { "type": "string" }, "description": "Optional. Trino client tags to attach to this query" }, "continueOnFailure": { "type": "boolean", "description": "Optional. Whether to continue executing queries if a query fails. The default value is false. Setting to true can be useful when executing independent parallel queries." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:LoggingConfig", "description": "Optional. The runtime log config for job execution." }, "outputFormat": { "type": "string", "description": "Optional. The format in which query output will be displayed. See the Trino documentation for supported output formats" }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values. Used to set Trino session properties (https://trino.io/docs/current/sql/set-session.html) Equivalent to using the --session flag in the Trino CLI" }, "queryFileUri": { "type": "string", "description": "The HCFS URI of the script that contains SQL queries." }, "queryList": { "$ref": "#/types/google-native:dataproc%2Fv1:QueryList", "description": "A list of queries." } }, "type": "object" }, "google-native:dataproc/v1:TrinoJobResponse": { "description": "A Dataproc job for running Trino (https://trino.io/) queries. IMPORTANT: The Dataproc Trino Optional Component (https://cloud.google.com/dataproc/docs/concepts/components/trino) must be enabled when the cluster is created to submit a Trino job to the cluster.", "properties": { "clientTags": { "type": "array", "items": { "type": "string" }, "description": "Optional. Trino client tags to attach to this query" }, "continueOnFailure": { "type": "boolean", "description": "Optional. Whether to continue executing queries if a query fails. The default value is false. Setting to true can be useful when executing independent parallel queries." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:LoggingConfigResponse", "description": "Optional. The runtime log config for job execution." }, "outputFormat": { "type": "string", "description": "Optional. The format in which query output will be displayed. See the Trino documentation for supported output formats" }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values. Used to set Trino session properties (https://trino.io/docs/current/sql/set-session.html) Equivalent to using the --session flag in the Trino CLI" }, "queryFileUri": { "type": "string", "description": "The HCFS URI of the script that contains SQL queries." }, "queryList": { "$ref": "#/types/google-native:dataproc%2Fv1:QueryListResponse", "description": "A list of queries." } }, "type": "object", "required": [ "clientTags", "continueOnFailure", "loggingConfig", "outputFormat", "properties", "queryFileUri", "queryList" ] }, "google-native:dataproc/v1:UsageMetricsResponse": { "description": "Usage metrics represent approximate total resources consumed by a workload.", "properties": { "acceleratorType": { "type": "string", "description": "Optional. Accelerator type being used, if any" }, "milliAcceleratorSeconds": { "type": "string", "description": "Optional. Accelerator usage in (milliAccelerator x seconds) (see Dataproc Serverless pricing (https://cloud.google.com/dataproc-serverless/pricing))." }, "milliDcuSeconds": { "type": "string", "description": "Optional. DCU (Dataproc Compute Units) usage in (milliDCU x seconds) (see Dataproc Serverless pricing (https://cloud.google.com/dataproc-serverless/pricing))." }, "shuffleStorageGbSeconds": { "type": "string", "description": "Optional. Shuffle storage usage in (GB x seconds) (see Dataproc Serverless pricing (https://cloud.google.com/dataproc-serverless/pricing))." } }, "type": "object", "required": [ "acceleratorType", "milliAcceleratorSeconds", "milliDcuSeconds", "shuffleStorageGbSeconds" ] }, "google-native:dataproc/v1:UsageSnapshotResponse": { "description": "The usage snapshot represents the resources consumed by a workload at a specified time.", "properties": { "acceleratorType": { "type": "string", "description": "Optional. Accelerator type being used, if any" }, "milliAccelerator": { "type": "string", "description": "Optional. Milli (one-thousandth) accelerator. (see Dataproc Serverless pricing (https://cloud.google.com/dataproc-serverless/pricing))" }, "milliDcu": { "type": "string", "description": "Optional. Milli (one-thousandth) Dataproc Compute Units (DCUs) (see Dataproc Serverless pricing (https://cloud.google.com/dataproc-serverless/pricing))." }, "milliDcuPremium": { "type": "string", "description": "Optional. Milli (one-thousandth) Dataproc Compute Units (DCUs) charged at premium tier (see Dataproc Serverless pricing (https://cloud.google.com/dataproc-serverless/pricing))." }, "shuffleStorageGb": { "type": "string", "description": "Optional. Shuffle Storage in gigabytes (GB). (see Dataproc Serverless pricing (https://cloud.google.com/dataproc-serverless/pricing))" }, "shuffleStorageGbPremium": { "type": "string", "description": "Optional. Shuffle Storage in gigabytes (GB) charged at premium tier. (see Dataproc Serverless pricing (https://cloud.google.com/dataproc-serverless/pricing))" }, "snapshotTime": { "type": "string", "description": "Optional. The timestamp of the usage snapshot." } }, "type": "object", "required": [ "acceleratorType", "milliAccelerator", "milliDcu", "milliDcuPremium", "shuffleStorageGb", "shuffleStorageGbPremium", "snapshotTime" ] }, "google-native:dataproc/v1:ValueValidation": { "description": "Validation based on a list of allowed values.", "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "List of allowed values for the parameter." } }, "type": "object", "required": [ "values" ] }, "google-native:dataproc/v1:ValueValidationResponse": { "description": "Validation based on a list of allowed values.", "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "List of allowed values for the parameter." } }, "type": "object", "required": [ "values" ] }, "google-native:dataproc/v1:VirtualClusterConfig": { "description": "The Dataproc cluster config for a cluster that does not directly control the underlying compute resources, such as a Dataproc-on-GKE cluster (https://cloud.google.com/dataproc/docs/guides/dpgke/dataproc-gke-overview).", "properties": { "auxiliaryServicesConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:AuxiliaryServicesConfig", "description": "Optional. Configuration of auxiliary services used by this cluster." }, "kubernetesClusterConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:KubernetesClusterConfig", "description": "The configuration for running the Dataproc cluster on Kubernetes." }, "stagingBucket": { "type": "string", "description": "Optional. A Cloud Storage bucket used to stage job dependencies, config files, and job driver console output. If you do not specify a staging bucket, Cloud Dataproc will determine a Cloud Storage location (US, ASIA, or EU) for your cluster's staging bucket according to the Compute Engine zone where your cluster is deployed, and then create and manage this project-level, per-location bucket (see Dataproc staging and temp buckets (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/staging-bucket)). This field requires a Cloud Storage bucket name, not a gs://... URI to a Cloud Storage bucket." } }, "type": "object", "required": [ "kubernetesClusterConfig" ] }, "google-native:dataproc/v1:VirtualClusterConfigResponse": { "description": "The Dataproc cluster config for a cluster that does not directly control the underlying compute resources, such as a Dataproc-on-GKE cluster (https://cloud.google.com/dataproc/docs/guides/dpgke/dataproc-gke-overview).", "properties": { "auxiliaryServicesConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:AuxiliaryServicesConfigResponse", "description": "Optional. Configuration of auxiliary services used by this cluster." }, "kubernetesClusterConfig": { "$ref": "#/types/google-native:dataproc%2Fv1:KubernetesClusterConfigResponse", "description": "The configuration for running the Dataproc cluster on Kubernetes." }, "stagingBucket": { "type": "string", "description": "Optional. A Cloud Storage bucket used to stage job dependencies, config files, and job driver console output. If you do not specify a staging bucket, Cloud Dataproc will determine a Cloud Storage location (US, ASIA, or EU) for your cluster's staging bucket according to the Compute Engine zone where your cluster is deployed, and then create and manage this project-level, per-location bucket (see Dataproc staging and temp buckets (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/staging-bucket)). This field requires a Cloud Storage bucket name, not a gs://... URI to a Cloud Storage bucket." } }, "type": "object", "required": [ "auxiliaryServicesConfig", "kubernetesClusterConfig", "stagingBucket" ] }, "google-native:dataproc/v1:WorkflowTemplatePlacement": { "description": "Specifies workflow execution target.Either managed_cluster or cluster_selector is required.", "properties": { "clusterSelector": { "$ref": "#/types/google-native:dataproc%2Fv1:ClusterSelector", "description": "Optional. A selector that chooses target cluster for jobs based on metadata.The selector is evaluated at the time each job is submitted." }, "managedCluster": { "$ref": "#/types/google-native:dataproc%2Fv1:ManagedCluster", "description": "A cluster that is managed by the workflow." } }, "type": "object" }, "google-native:dataproc/v1:WorkflowTemplatePlacementResponse": { "description": "Specifies workflow execution target.Either managed_cluster or cluster_selector is required.", "properties": { "clusterSelector": { "$ref": "#/types/google-native:dataproc%2Fv1:ClusterSelectorResponse", "description": "Optional. A selector that chooses target cluster for jobs based on metadata.The selector is evaluated at the time each job is submitted." }, "managedCluster": { "$ref": "#/types/google-native:dataproc%2Fv1:ManagedClusterResponse", "description": "A cluster that is managed by the workflow." } }, "type": "object", "required": [ "clusterSelector", "managedCluster" ] }, "google-native:dataproc/v1:YarnApplicationResponse": { "description": "A YARN application created by a job. Application information is a subset of org.apache.hadoop.yarn.proto.YarnProtos.ApplicationReportProto.Beta Feature: This report is available for testing purposes only. It may be changed before final release.", "properties": { "name": { "type": "string", "description": "The application name." }, "progress": { "type": "number", "description": "The numerical progress of the application, from 1 to 100." }, "state": { "type": "string", "description": "The application state." }, "trackingUrl": { "type": "string", "description": "Optional. The HTTP URL of the ApplicationMaster, HistoryServer, or TimelineServer that provides application-specific information. The URL uses the internal hostname, and requires a proxy server for resolution and, possibly, access." } }, "type": "object", "required": [ "name", "progress", "state", "trackingUrl" ] }, "google-native:dataproc/v1beta2:AcceleratorConfig": { "description": "Specifies the type and number of accelerator cards attached to the instances of an instance group (see GPUs on Compute Engine (https://cloud.google.com/compute/docs/gpus/)).", "properties": { "acceleratorCount": { "type": "integer", "description": "The number of the accelerator cards of this type exposed to this instance." }, "acceleratorTypeUri": { "type": "string", "description": "Full URL, partial URI, or short name of the accelerator type resource to expose to this instance. See Compute Engine AcceleratorTypes (https://cloud.google.com/compute/docs/reference/beta/acceleratorTypes)Examples * https://www.googleapis.com/compute/beta/projects/[project_id]/zones/us-east1-a/acceleratorTypes/nvidia-tesla-k80 * projects/[project_id]/zones/us-east1-a/acceleratorTypes/nvidia-tesla-k80 * nvidia-tesla-k80Auto Zone Exception: If you are using the Dataproc Auto Zone Placement (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/auto-zone#using_auto_zone_placement) feature, you must use the short name of the accelerator type resource, for example, nvidia-tesla-k80." } }, "type": "object" }, "google-native:dataproc/v1beta2:AcceleratorConfigResponse": { "description": "Specifies the type and number of accelerator cards attached to the instances of an instance group (see GPUs on Compute Engine (https://cloud.google.com/compute/docs/gpus/)).", "properties": { "acceleratorCount": { "type": "integer", "description": "The number of the accelerator cards of this type exposed to this instance." }, "acceleratorTypeUri": { "type": "string", "description": "Full URL, partial URI, or short name of the accelerator type resource to expose to this instance. See Compute Engine AcceleratorTypes (https://cloud.google.com/compute/docs/reference/beta/acceleratorTypes)Examples * https://www.googleapis.com/compute/beta/projects/[project_id]/zones/us-east1-a/acceleratorTypes/nvidia-tesla-k80 * projects/[project_id]/zones/us-east1-a/acceleratorTypes/nvidia-tesla-k80 * nvidia-tesla-k80Auto Zone Exception: If you are using the Dataproc Auto Zone Placement (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/auto-zone#using_auto_zone_placement) feature, you must use the short name of the accelerator type resource, for example, nvidia-tesla-k80." } }, "type": "object", "required": [ "acceleratorCount", "acceleratorTypeUri" ] }, "google-native:dataproc/v1beta2:AutoscalingConfig": { "description": "Autoscaling Policy config associated with the cluster.", "properties": { "policyUri": { "type": "string", "description": "Optional. The autoscaling policy used by the cluster.Only resource names including projectid and location (region) are valid. Examples: https://www.googleapis.com/compute/v1/projects/[project_id]/locations/[dataproc_region]/autoscalingPolicies/[policy_id] projects/[project_id]/locations/[dataproc_region]/autoscalingPolicies/[policy_id]Note that the policy must be in the same project and Dataproc region." } }, "type": "object" }, "google-native:dataproc/v1beta2:AutoscalingConfigResponse": { "description": "Autoscaling Policy config associated with the cluster.", "properties": { "policyUri": { "type": "string", "description": "Optional. The autoscaling policy used by the cluster.Only resource names including projectid and location (region) are valid. Examples: https://www.googleapis.com/compute/v1/projects/[project_id]/locations/[dataproc_region]/autoscalingPolicies/[policy_id] projects/[project_id]/locations/[dataproc_region]/autoscalingPolicies/[policy_id]Note that the policy must be in the same project and Dataproc region." } }, "type": "object", "required": [ "policyUri" ] }, "google-native:dataproc/v1beta2:BasicAutoscalingAlgorithm": { "description": "Basic algorithm for autoscaling.", "properties": { "cooldownPeriod": { "type": "string", "description": "Optional. Duration between scaling events. A scaling period starts after the update operation from the previous event has completed.Bounds: 2m, 1d. Default: 2m." }, "yarnConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:BasicYarnAutoscalingConfig", "description": "Optional. YARN autoscaling configuration." } }, "type": "object" }, "google-native:dataproc/v1beta2:BasicAutoscalingAlgorithmResponse": { "description": "Basic algorithm for autoscaling.", "properties": { "cooldownPeriod": { "type": "string", "description": "Optional. Duration between scaling events. A scaling period starts after the update operation from the previous event has completed.Bounds: 2m, 1d. Default: 2m." }, "yarnConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:BasicYarnAutoscalingConfigResponse", "description": "Optional. YARN autoscaling configuration." } }, "type": "object", "required": [ "cooldownPeriod", "yarnConfig" ] }, "google-native:dataproc/v1beta2:BasicYarnAutoscalingConfig": { "description": "Basic autoscaling configurations for YARN.", "properties": { "gracefulDecommissionTimeout": { "type": "string", "description": "Timeout for YARN graceful decommissioning of Node Managers. Specifies the duration to wait for jobs to complete before forcefully removing workers (and potentially interrupting jobs). Only applicable to downscaling operations.Bounds: 0s, 1d." }, "scaleDownFactor": { "type": "number", "description": "Fraction of average YARN pending memory in the last cooldown period for which to remove workers. A scale-down factor of 1 will result in scaling down so that there is no available memory remaining after the update (more aggressive scaling). A scale-down factor of 0 disables removing workers, which can be beneficial for autoscaling a single job. See How autoscaling works for more information.Bounds: 0.0, 1.0." }, "scaleDownMinWorkerFraction": { "type": "number", "description": "Optional. Minimum scale-down threshold as a fraction of total cluster size before scaling occurs. For example, in a 20-worker cluster, a threshold of 0.1 means the autoscaler must recommend at least a 2 worker scale-down for the cluster to scale. A threshold of 0 means the autoscaler will scale down on any recommended change.Bounds: 0.0, 1.0. Default: 0.0." }, "scaleUpFactor": { "type": "number", "description": "Fraction of average YARN pending memory in the last cooldown period for which to add workers. A scale-up factor of 1.0 will result in scaling up so that there is no pending memory remaining after the update (more aggressive scaling). A scale-up factor closer to 0 will result in a smaller magnitude of scaling up (less aggressive scaling). See How autoscaling works for more information.Bounds: 0.0, 1.0." }, "scaleUpMinWorkerFraction": { "type": "number", "description": "Optional. Minimum scale-up threshold as a fraction of total cluster size before scaling occurs. For example, in a 20-worker cluster, a threshold of 0.1 means the autoscaler must recommend at least a 2-worker scale-up for the cluster to scale. A threshold of 0 means the autoscaler will scale up on any recommended change.Bounds: 0.0, 1.0. Default: 0.0." } }, "type": "object", "required": [ "gracefulDecommissionTimeout", "scaleDownFactor", "scaleUpFactor" ] }, "google-native:dataproc/v1beta2:BasicYarnAutoscalingConfigResponse": { "description": "Basic autoscaling configurations for YARN.", "properties": { "gracefulDecommissionTimeout": { "type": "string", "description": "Timeout for YARN graceful decommissioning of Node Managers. Specifies the duration to wait for jobs to complete before forcefully removing workers (and potentially interrupting jobs). Only applicable to downscaling operations.Bounds: 0s, 1d." }, "scaleDownFactor": { "type": "number", "description": "Fraction of average YARN pending memory in the last cooldown period for which to remove workers. A scale-down factor of 1 will result in scaling down so that there is no available memory remaining after the update (more aggressive scaling). A scale-down factor of 0 disables removing workers, which can be beneficial for autoscaling a single job. See How autoscaling works for more information.Bounds: 0.0, 1.0." }, "scaleDownMinWorkerFraction": { "type": "number", "description": "Optional. Minimum scale-down threshold as a fraction of total cluster size before scaling occurs. For example, in a 20-worker cluster, a threshold of 0.1 means the autoscaler must recommend at least a 2 worker scale-down for the cluster to scale. A threshold of 0 means the autoscaler will scale down on any recommended change.Bounds: 0.0, 1.0. Default: 0.0." }, "scaleUpFactor": { "type": "number", "description": "Fraction of average YARN pending memory in the last cooldown period for which to add workers. A scale-up factor of 1.0 will result in scaling up so that there is no pending memory remaining after the update (more aggressive scaling). A scale-up factor closer to 0 will result in a smaller magnitude of scaling up (less aggressive scaling). See How autoscaling works for more information.Bounds: 0.0, 1.0." }, "scaleUpMinWorkerFraction": { "type": "number", "description": "Optional. Minimum scale-up threshold as a fraction of total cluster size before scaling occurs. For example, in a 20-worker cluster, a threshold of 0.1 means the autoscaler must recommend at least a 2-worker scale-up for the cluster to scale. A threshold of 0 means the autoscaler will scale up on any recommended change.Bounds: 0.0, 1.0. Default: 0.0." } }, "type": "object", "required": [ "gracefulDecommissionTimeout", "scaleDownFactor", "scaleDownMinWorkerFraction", "scaleUpFactor", "scaleUpMinWorkerFraction" ] }, "google-native:dataproc/v1beta2:Binding": { "description": "Associates members with a role.", "properties": { "condition": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:Expr", "description": "The condition that is associated with this binding.If the condition evaluates to true, then this binding applies to the current request.If the condition evaluates to false, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.To learn which resources support conditions in their IAM policies, see the IAM documentation (https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities requesting access for a Cloud Platform resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com." }, "role": { "type": "string", "description": "Role that is assigned to members. For example, roles/viewer, roles/editor, or roles/owner." } }, "type": "object" }, "google-native:dataproc/v1beta2:BindingResponse": { "description": "Associates members with a role.", "properties": { "condition": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:ExprResponse", "description": "The condition that is associated with this binding.If the condition evaluates to true, then this binding applies to the current request.If the condition evaluates to false, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding.To learn which resources support conditions in their IAM policies, see the IAM documentation (https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities requesting access for a Cloud Platform resource. members can have the following values: allUsers: A special identifier that represents anyone who is on the internet; with or without a Google account. allAuthenticatedUsers: A special identifier that represents anyone who is authenticated with a Google account or a service account. user:{emailid}: An email address that represents a specific Google account. For example, alice@example.com . serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. group:{emailid}: An email address that represents a Google group. For example, admins@example.com. deleted:user:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a user that has been recently deleted. For example, alice@example.com?uid=123456789012345678901. If the user is recovered, this value reverts to user:{emailid} and the recovered user retains the role in the binding. deleted:serviceAccount:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901. If the service account is undeleted, this value reverts to serviceAccount:{emailid} and the undeleted service account retains the role in the binding. deleted:group:{emailid}?uid={uniqueid}: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, admins@example.com?uid=123456789012345678901. If the group is recovered, this value reverts to group:{emailid} and the recovered group retains the role in the binding. domain:{domain}: The G Suite domain (primary) that represents all the users of that domain. For example, google.com or example.com." }, "role": { "type": "string", "description": "Role that is assigned to members. For example, roles/viewer, roles/editor, or roles/owner." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:dataproc/v1beta2:ClusterConfig": { "description": "The cluster config.", "properties": { "autoscalingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:AutoscalingConfig", "description": "Optional. Autoscaling config for the policy associated with the cluster. Cluster does not autoscale if this field is unset." }, "configBucket": { "type": "string", "description": "Optional. A Cloud Storage bucket used to stage job dependencies, config files, and job driver console output. If you do not specify a staging bucket, Cloud Dataproc will determine a Cloud Storage location (US, ASIA, or EU) for your cluster's staging bucket according to the Compute Engine zone where your cluster is deployed, and then create and manage this project-level, per-location bucket (see Dataproc staging bucket (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/staging-bucket)). This field requires a Cloud Storage bucket name, not a URI to a Cloud Storage bucket." }, "encryptionConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:EncryptionConfig", "description": "Optional. Encryption settings for the cluster." }, "endpointConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:EndpointConfig", "description": "Optional. Port/endpoint configuration for this cluster" }, "gceClusterConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:GceClusterConfig", "description": "Optional. The shared Compute Engine config settings for all instances in a cluster." }, "gkeClusterConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:GkeClusterConfig", "description": "Optional. The Kubernetes Engine config for Dataproc clusters deployed to Kubernetes. Setting this is considered mutually exclusive with Compute Engine-based options such as gce_cluster_config, master_config, worker_config, secondary_worker_config, and autoscaling_config." }, "initializationActions": { "type": "array", "items": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:NodeInitializationAction" }, "description": "Optional. Commands to execute on each node after config is completed. By default, executables are run on master and all worker nodes. You can test a node's role metadata to run an executable on a master or worker node, as shown below using curl (you can also use wget): ROLE=$(curl -H Metadata-Flavor:Google http://metadata/computeMetadata/v1beta2/instance/attributes/dataproc-role) if [[ \"${ROLE}\" == 'Master' ]]; then ... master specific actions ... else ... worker specific actions ... fi " }, "lifecycleConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:LifecycleConfig", "description": "Optional. The config setting for auto delete cluster schedule." }, "masterConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:InstanceGroupConfig", "description": "Optional. The Compute Engine config settings for the master instance in a cluster." }, "metastoreConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:MetastoreConfig", "description": "Optional. Metastore configuration." }, "secondaryWorkerConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:InstanceGroupConfig", "description": "Optional. The Compute Engine config settings for additional worker instances in a cluster." }, "securityConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:SecurityConfig", "description": "Optional. Security related configuration." }, "softwareConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:SoftwareConfig", "description": "Optional. The config settings for software inside the cluster." }, "tempBucket": { "type": "string", "description": "Optional. A Cloud Storage bucket used to store ephemeral cluster and jobs data, such as Spark and MapReduce history files. If you do not specify a temp bucket, Dataproc will determine a Cloud Storage location (US, ASIA, or EU) for your cluster's temp bucket according to the Compute Engine zone where your cluster is deployed, and then create and manage this project-level, per-location bucket. The default bucket has a TTL of 90 days, but you can use any TTL (or none) if you specify a bucket. This field requires a Cloud Storage bucket name, not a URI to a Cloud Storage bucket." }, "workerConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:InstanceGroupConfig", "description": "Optional. The Compute Engine config settings for worker instances in a cluster." } }, "type": "object" }, "google-native:dataproc/v1beta2:ClusterConfigResponse": { "description": "The cluster config.", "properties": { "autoscalingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:AutoscalingConfigResponse", "description": "Optional. Autoscaling config for the policy associated with the cluster. Cluster does not autoscale if this field is unset." }, "configBucket": { "type": "string", "description": "Optional. A Cloud Storage bucket used to stage job dependencies, config files, and job driver console output. If you do not specify a staging bucket, Cloud Dataproc will determine a Cloud Storage location (US, ASIA, or EU) for your cluster's staging bucket according to the Compute Engine zone where your cluster is deployed, and then create and manage this project-level, per-location bucket (see Dataproc staging bucket (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/staging-bucket)). This field requires a Cloud Storage bucket name, not a URI to a Cloud Storage bucket." }, "encryptionConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:EncryptionConfigResponse", "description": "Optional. Encryption settings for the cluster." }, "endpointConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:EndpointConfigResponse", "description": "Optional. Port/endpoint configuration for this cluster" }, "gceClusterConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:GceClusterConfigResponse", "description": "Optional. The shared Compute Engine config settings for all instances in a cluster." }, "gkeClusterConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:GkeClusterConfigResponse", "description": "Optional. The Kubernetes Engine config for Dataproc clusters deployed to Kubernetes. Setting this is considered mutually exclusive with Compute Engine-based options such as gce_cluster_config, master_config, worker_config, secondary_worker_config, and autoscaling_config." }, "initializationActions": { "type": "array", "items": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:NodeInitializationActionResponse" }, "description": "Optional. Commands to execute on each node after config is completed. By default, executables are run on master and all worker nodes. You can test a node's role metadata to run an executable on a master or worker node, as shown below using curl (you can also use wget): ROLE=$(curl -H Metadata-Flavor:Google http://metadata/computeMetadata/v1beta2/instance/attributes/dataproc-role) if [[ \"${ROLE}\" == 'Master' ]]; then ... master specific actions ... else ... worker specific actions ... fi " }, "lifecycleConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:LifecycleConfigResponse", "description": "Optional. The config setting for auto delete cluster schedule." }, "masterConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:InstanceGroupConfigResponse", "description": "Optional. The Compute Engine config settings for the master instance in a cluster." }, "metastoreConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:MetastoreConfigResponse", "description": "Optional. Metastore configuration." }, "secondaryWorkerConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:InstanceGroupConfigResponse", "description": "Optional. The Compute Engine config settings for additional worker instances in a cluster." }, "securityConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:SecurityConfigResponse", "description": "Optional. Security related configuration." }, "softwareConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:SoftwareConfigResponse", "description": "Optional. The config settings for software inside the cluster." }, "tempBucket": { "type": "string", "description": "Optional. A Cloud Storage bucket used to store ephemeral cluster and jobs data, such as Spark and MapReduce history files. If you do not specify a temp bucket, Dataproc will determine a Cloud Storage location (US, ASIA, or EU) for your cluster's temp bucket according to the Compute Engine zone where your cluster is deployed, and then create and manage this project-level, per-location bucket. The default bucket has a TTL of 90 days, but you can use any TTL (or none) if you specify a bucket. This field requires a Cloud Storage bucket name, not a URI to a Cloud Storage bucket." }, "workerConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:InstanceGroupConfigResponse", "description": "Optional. The Compute Engine config settings for worker instances in a cluster." } }, "type": "object", "required": [ "autoscalingConfig", "configBucket", "encryptionConfig", "endpointConfig", "gceClusterConfig", "gkeClusterConfig", "initializationActions", "lifecycleConfig", "masterConfig", "metastoreConfig", "secondaryWorkerConfig", "securityConfig", "softwareConfig", "tempBucket", "workerConfig" ] }, "google-native:dataproc/v1beta2:ClusterMetricsResponse": { "description": "Contains cluster daemon metrics, such as HDFS and YARN stats.Beta Feature: This report is available for testing purposes only. It may be changed before final release.", "properties": { "hdfsMetrics": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The HDFS metrics." }, "yarnMetrics": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The YARN metrics." } }, "type": "object", "required": [ "hdfsMetrics", "yarnMetrics" ] }, "google-native:dataproc/v1beta2:ClusterSelector": { "description": "A selector that chooses target cluster for jobs based on metadata.", "properties": { "clusterLabels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The cluster labels. Cluster must have all labels to match." }, "zone": { "type": "string", "description": "Optional. The zone where workflow process executes. This parameter does not affect the selection of the cluster.If unspecified, the zone of the first cluster matching the selector is used." } }, "type": "object", "required": [ "clusterLabels" ] }, "google-native:dataproc/v1beta2:ClusterSelectorResponse": { "description": "A selector that chooses target cluster for jobs based on metadata.", "properties": { "clusterLabels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The cluster labels. Cluster must have all labels to match." }, "zone": { "type": "string", "description": "Optional. The zone where workflow process executes. This parameter does not affect the selection of the cluster.If unspecified, the zone of the first cluster matching the selector is used." } }, "type": "object", "required": [ "clusterLabels", "zone" ] }, "google-native:dataproc/v1beta2:ClusterStatusResponse": { "description": "The status of a cluster and its instances.", "properties": { "detail": { "type": "string", "description": "Optional details of cluster's state." }, "state": { "type": "string", "description": "The cluster's state." }, "stateStartTime": { "type": "string", "description": "Time when this state was entered (see JSON representation of Timestamp (https://developers.google.com/protocol-buffers/docs/proto3#json))." }, "substate": { "type": "string", "description": "Additional state information that includes status reported by the agent." } }, "type": "object", "required": [ "detail", "state", "stateStartTime", "substate" ] }, "google-native:dataproc/v1beta2:DiskConfig": { "description": "Specifies the config of disk options for a group of VM instances.", "properties": { "bootDiskSizeGb": { "type": "integer", "description": "Optional. Size in GB of the boot disk (default is 500GB)." }, "bootDiskType": { "type": "string", "description": "Optional. Type of the boot disk (default is \"pd-standard\"). Valid values: \"pd-balanced\" (Persistent Disk Balanced Solid State Drive), \"pd-ssd\" (Persistent Disk Solid State Drive), or \"pd-standard\" (Persistent Disk Hard Disk Drive). See Disk types (https://cloud.google.com/compute/docs/disks#disk-types)." }, "numLocalSsds": { "type": "integer", "description": "Number of attached SSDs, from 0 to 4 (default is 0). If SSDs are not attached, the boot disk is used to store runtime logs and HDFS (https://hadoop.apache.org/docs/r1.2.1/hdfs_user_guide.html) data. If one or more SSDs are attached, this runtime bulk data is spread across them, and the boot disk contains only basic config and installed binaries." } }, "type": "object" }, "google-native:dataproc/v1beta2:DiskConfigResponse": { "description": "Specifies the config of disk options for a group of VM instances.", "properties": { "bootDiskSizeGb": { "type": "integer", "description": "Optional. Size in GB of the boot disk (default is 500GB)." }, "bootDiskType": { "type": "string", "description": "Optional. Type of the boot disk (default is \"pd-standard\"). Valid values: \"pd-balanced\" (Persistent Disk Balanced Solid State Drive), \"pd-ssd\" (Persistent Disk Solid State Drive), or \"pd-standard\" (Persistent Disk Hard Disk Drive). See Disk types (https://cloud.google.com/compute/docs/disks#disk-types)." }, "numLocalSsds": { "type": "integer", "description": "Number of attached SSDs, from 0 to 4 (default is 0). If SSDs are not attached, the boot disk is used to store runtime logs and HDFS (https://hadoop.apache.org/docs/r1.2.1/hdfs_user_guide.html) data. If one or more SSDs are attached, this runtime bulk data is spread across them, and the boot disk contains only basic config and installed binaries." } }, "type": "object", "required": [ "bootDiskSizeGb", "bootDiskType", "numLocalSsds" ] }, "google-native:dataproc/v1beta2:EncryptionConfig": { "description": "Encryption settings for the cluster.", "properties": { "gcePdKmsKeyName": { "type": "string", "description": "Optional. The Cloud KMS key name to use for PD disk encryption for all instances in the cluster." } }, "type": "object" }, "google-native:dataproc/v1beta2:EncryptionConfigResponse": { "description": "Encryption settings for the cluster.", "properties": { "gcePdKmsKeyName": { "type": "string", "description": "Optional. The Cloud KMS key name to use for PD disk encryption for all instances in the cluster." } }, "type": "object", "required": [ "gcePdKmsKeyName" ] }, "google-native:dataproc/v1beta2:EndpointConfig": { "description": "Endpoint config for this cluster", "properties": { "enableHttpPortAccess": { "type": "boolean", "description": "Optional. If true, enable http access to specific ports on the cluster from external sources. Defaults to false." } }, "type": "object" }, "google-native:dataproc/v1beta2:EndpointConfigResponse": { "description": "Endpoint config for this cluster", "properties": { "enableHttpPortAccess": { "type": "boolean", "description": "Optional. If true, enable http access to specific ports on the cluster from external sources. Defaults to false." }, "httpPorts": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of port descriptions to URLs. Will only be populated if enable_http_port_access is true." } }, "type": "object", "required": [ "enableHttpPortAccess", "httpPorts" ] }, "google-native:dataproc/v1beta2:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec.Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:dataproc/v1beta2:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec.Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:dataproc/v1beta2:GceClusterConfig": { "description": "Common config settings for resources of Compute Engine cluster instances, applicable to all instances in the cluster.", "properties": { "internalIpOnly": { "type": "boolean", "description": "Optional. If true, all instances in the cluster will only have internal IP addresses. By default, clusters are not restricted to internal IP addresses, and will have ephemeral external IP addresses assigned to each instance. This internal_ip_only restriction can only be enabled for subnetwork enabled networks, and all off-cluster dependencies must be configured to be accessible without external IP addresses." }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The Compute Engine metadata entries to add to all instances (see Project and instance metadata (https://cloud.google.com/compute/docs/storing-retrieving-metadata#project_and_instance_metadata))." }, "networkUri": { "type": "string", "description": "Optional. The Compute Engine network to be used for machine communications. Cannot be specified with subnetwork_uri. If neither network_uri nor subnetwork_uri is specified, the \"default\" network of the project is used, if it exists. Cannot be a \"Custom Subnet Network\" (see Using Subnetworks (https://cloud.google.com/compute/docs/subnetworks) for more information).A full URL, partial URI, or short name are valid. Examples: https://www.googleapis.com/compute/v1/projects/[project_id]/regions/global/default projects/[project_id]/regions/global/default default" }, "nodeGroupAffinity": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:NodeGroupAffinity", "description": "Optional. Node Group Affinity for sole-tenant clusters." }, "privateIpv6GoogleAccess": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:GceClusterConfigPrivateIpv6GoogleAccess", "description": "Optional. The type of IPv6 access for a cluster." }, "reservationAffinity": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:ReservationAffinity", "description": "Optional. Reservation Affinity for consuming Zonal reservation." }, "serviceAccount": { "type": "string", "description": "Optional. The Dataproc service account (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/service-accounts#service_accounts_in_dataproc) (also see VM Data Plane identity (https://cloud.google.com/dataproc/docs/concepts/iam/dataproc-principals#vm_service_account_data_plane_identity)) used by Dataproc cluster VM instances to access Google Cloud Platform services.If not specified, the Compute Engine default service account (https://cloud.google.com/compute/docs/access/service-accounts#default_service_account) is used." }, "serviceAccountScopes": { "type": "array", "items": { "type": "string" }, "description": "Optional. The URIs of service account scopes to be included in Compute Engine instances. The following base set of scopes is always included: https://www.googleapis.com/auth/cloud.useraccounts.readonly https://www.googleapis.com/auth/devstorage.read_write https://www.googleapis.com/auth/logging.writeIf no scopes are specified, the following defaults are also provided: https://www.googleapis.com/auth/bigquery https://www.googleapis.com/auth/bigtable.admin.table https://www.googleapis.com/auth/bigtable.data https://www.googleapis.com/auth/devstorage.full_control" }, "shieldedInstanceConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:ShieldedInstanceConfig", "description": "Optional. Shielded Instance Config for clusters using Compute Engine Shielded VMs (https://cloud.google.com/security/shielded-cloud/shielded-vm)." }, "subnetworkUri": { "type": "string", "description": "Optional. The Compute Engine subnetwork to be used for machine communications. Cannot be specified with network_uri.A full URL, partial URI, or short name are valid. Examples: https://www.googleapis.com/compute/v1/projects/[project_id]/regions/us-east1/subnetworks/sub0 projects/[project_id]/regions/us-east1/subnetworks/sub0 sub0" }, "tags": { "type": "array", "items": { "type": "string" }, "description": "The Compute Engine tags to add to all instances (see Tagging instances (https://cloud.google.com/compute/docs/label-or-tag-resources#tags))." }, "zoneUri": { "type": "string", "description": "Optional. The zone where the Compute Engine cluster will be located. On a create request, it is required in the \"global\" region. If omitted in a non-global Dataproc region, the service will pick a zone in the corresponding Compute Engine region. On a get request, zone will always be present.A full URL, partial URI, or short name are valid. Examples: https://www.googleapis.com/compute/v1/projects/[project_id]/zones/[zone] projects/[project_id]/zones/[zone] us-central1-f" } }, "type": "object" }, "google-native:dataproc/v1beta2:GceClusterConfigPrivateIpv6GoogleAccess": { "description": "Optional. The type of IPv6 access for a cluster.", "type": "string", "enum": [ { "name": "PrivateIpv6GoogleAccessUnspecified", "description": "If unspecified, Compute Engine default behavior will apply, which is the same as INHERIT_FROM_SUBNETWORK.", "value": "PRIVATE_IPV6_GOOGLE_ACCESS_UNSPECIFIED" }, { "name": "InheritFromSubnetwork", "description": "Private access to and from Google Services configuration inherited from the subnetwork configuration. This is the default Compute Engine behavior.", "value": "INHERIT_FROM_SUBNETWORK" }, { "name": "Outbound", "description": "Enables outbound private IPv6 access to Google Services from the Dataproc cluster.", "value": "OUTBOUND" }, { "name": "Bidirectional", "description": "Enables bidirectional private IPv6 access between Google Services and the Dataproc cluster.", "value": "BIDIRECTIONAL" } ] }, "google-native:dataproc/v1beta2:GceClusterConfigResponse": { "description": "Common config settings for resources of Compute Engine cluster instances, applicable to all instances in the cluster.", "properties": { "internalIpOnly": { "type": "boolean", "description": "Optional. If true, all instances in the cluster will only have internal IP addresses. By default, clusters are not restricted to internal IP addresses, and will have ephemeral external IP addresses assigned to each instance. This internal_ip_only restriction can only be enabled for subnetwork enabled networks, and all off-cluster dependencies must be configured to be accessible without external IP addresses." }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The Compute Engine metadata entries to add to all instances (see Project and instance metadata (https://cloud.google.com/compute/docs/storing-retrieving-metadata#project_and_instance_metadata))." }, "networkUri": { "type": "string", "description": "Optional. The Compute Engine network to be used for machine communications. Cannot be specified with subnetwork_uri. If neither network_uri nor subnetwork_uri is specified, the \"default\" network of the project is used, if it exists. Cannot be a \"Custom Subnet Network\" (see Using Subnetworks (https://cloud.google.com/compute/docs/subnetworks) for more information).A full URL, partial URI, or short name are valid. Examples: https://www.googleapis.com/compute/v1/projects/[project_id]/regions/global/default projects/[project_id]/regions/global/default default" }, "nodeGroupAffinity": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:NodeGroupAffinityResponse", "description": "Optional. Node Group Affinity for sole-tenant clusters." }, "privateIpv6GoogleAccess": { "type": "string", "description": "Optional. The type of IPv6 access for a cluster." }, "reservationAffinity": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:ReservationAffinityResponse", "description": "Optional. Reservation Affinity for consuming Zonal reservation." }, "serviceAccount": { "type": "string", "description": "Optional. The Dataproc service account (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/service-accounts#service_accounts_in_dataproc) (also see VM Data Plane identity (https://cloud.google.com/dataproc/docs/concepts/iam/dataproc-principals#vm_service_account_data_plane_identity)) used by Dataproc cluster VM instances to access Google Cloud Platform services.If not specified, the Compute Engine default service account (https://cloud.google.com/compute/docs/access/service-accounts#default_service_account) is used." }, "serviceAccountScopes": { "type": "array", "items": { "type": "string" }, "description": "Optional. The URIs of service account scopes to be included in Compute Engine instances. The following base set of scopes is always included: https://www.googleapis.com/auth/cloud.useraccounts.readonly https://www.googleapis.com/auth/devstorage.read_write https://www.googleapis.com/auth/logging.writeIf no scopes are specified, the following defaults are also provided: https://www.googleapis.com/auth/bigquery https://www.googleapis.com/auth/bigtable.admin.table https://www.googleapis.com/auth/bigtable.data https://www.googleapis.com/auth/devstorage.full_control" }, "shieldedInstanceConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:ShieldedInstanceConfigResponse", "description": "Optional. Shielded Instance Config for clusters using Compute Engine Shielded VMs (https://cloud.google.com/security/shielded-cloud/shielded-vm)." }, "subnetworkUri": { "type": "string", "description": "Optional. The Compute Engine subnetwork to be used for machine communications. Cannot be specified with network_uri.A full URL, partial URI, or short name are valid. Examples: https://www.googleapis.com/compute/v1/projects/[project_id]/regions/us-east1/subnetworks/sub0 projects/[project_id]/regions/us-east1/subnetworks/sub0 sub0" }, "tags": { "type": "array", "items": { "type": "string" }, "description": "The Compute Engine tags to add to all instances (see Tagging instances (https://cloud.google.com/compute/docs/label-or-tag-resources#tags))." }, "zoneUri": { "type": "string", "description": "Optional. The zone where the Compute Engine cluster will be located. On a create request, it is required in the \"global\" region. If omitted in a non-global Dataproc region, the service will pick a zone in the corresponding Compute Engine region. On a get request, zone will always be present.A full URL, partial URI, or short name are valid. Examples: https://www.googleapis.com/compute/v1/projects/[project_id]/zones/[zone] projects/[project_id]/zones/[zone] us-central1-f" } }, "type": "object", "required": [ "internalIpOnly", "metadata", "networkUri", "nodeGroupAffinity", "privateIpv6GoogleAccess", "reservationAffinity", "serviceAccount", "serviceAccountScopes", "shieldedInstanceConfig", "subnetworkUri", "tags", "zoneUri" ] }, "google-native:dataproc/v1beta2:GkeClusterConfig": { "description": "The GKE config for this cluster.", "properties": { "namespacedGkeDeploymentTarget": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:NamespacedGkeDeploymentTarget", "description": "Optional. A target for the deployment." } }, "type": "object" }, "google-native:dataproc/v1beta2:GkeClusterConfigResponse": { "description": "The GKE config for this cluster.", "properties": { "namespacedGkeDeploymentTarget": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:NamespacedGkeDeploymentTargetResponse", "description": "Optional. A target for the deployment." } }, "type": "object", "required": [ "namespacedGkeDeploymentTarget" ] }, "google-native:dataproc/v1beta2:HadoopJob": { "description": "A Dataproc job for running Apache Hadoop MapReduce (https://hadoop.apache.org/docs/current/hadoop-mapreduce-client/hadoop-mapreduce-client-core/MapReduceTutorial.html) jobs on Apache Hadoop YARN (https://hadoop.apache.org/docs/r2.7.1/hadoop-yarn/hadoop-yarn-site/YARN.html).", "properties": { "archiveUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of archives to be extracted in the working directory of Hadoop drivers and tasks. Supported file types: .jar, .tar, .tar.gz, .tgz, or .zip." }, "args": { "type": "array", "items": { "type": "string" }, "description": "Optional. The arguments to pass to the driver. Do not include arguments, such as -libjars or -Dfoo=bar, that can be set as job properties, since a collision may occur that causes an incorrect job submission." }, "fileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS (Hadoop Compatible Filesystem) URIs of files to be copied to the working directory of Hadoop drivers and distributed tasks. Useful for naively parallel tasks." }, "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. Jar file URIs to add to the CLASSPATHs of the Hadoop driver and tasks." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:LoggingConfig", "description": "Optional. The runtime log config for job execution." }, "mainClass": { "type": "string", "description": "The name of the driver's main class. The jar file containing the class must be in the default CLASSPATH or specified in jar_file_uris." }, "mainJarFileUri": { "type": "string", "description": "The HCFS URI of the jar file containing the main class. Examples: 'gs://foo-bucket/analytics-binaries/extract-useful-metrics-mr.jar' 'hdfs:/tmp/test-samples/custom-wordcount.jar' 'file:///home/usr/lib/hadoop-mapreduce/hadoop-mapreduce-examples.jar'" }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values, used to configure Hadoop. Properties that conflict with values set by the Dataproc API may be overwritten. Can include properties set in /etc/hadoop/conf/*-site and classes in user code." } }, "type": "object" }, "google-native:dataproc/v1beta2:HadoopJobResponse": { "description": "A Dataproc job for running Apache Hadoop MapReduce (https://hadoop.apache.org/docs/current/hadoop-mapreduce-client/hadoop-mapreduce-client-core/MapReduceTutorial.html) jobs on Apache Hadoop YARN (https://hadoop.apache.org/docs/r2.7.1/hadoop-yarn/hadoop-yarn-site/YARN.html).", "properties": { "archiveUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of archives to be extracted in the working directory of Hadoop drivers and tasks. Supported file types: .jar, .tar, .tar.gz, .tgz, or .zip." }, "args": { "type": "array", "items": { "type": "string" }, "description": "Optional. The arguments to pass to the driver. Do not include arguments, such as -libjars or -Dfoo=bar, that can be set as job properties, since a collision may occur that causes an incorrect job submission." }, "fileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS (Hadoop Compatible Filesystem) URIs of files to be copied to the working directory of Hadoop drivers and distributed tasks. Useful for naively parallel tasks." }, "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. Jar file URIs to add to the CLASSPATHs of the Hadoop driver and tasks." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:LoggingConfigResponse", "description": "Optional. The runtime log config for job execution." }, "mainClass": { "type": "string", "description": "The name of the driver's main class. The jar file containing the class must be in the default CLASSPATH or specified in jar_file_uris." }, "mainJarFileUri": { "type": "string", "description": "The HCFS URI of the jar file containing the main class. Examples: 'gs://foo-bucket/analytics-binaries/extract-useful-metrics-mr.jar' 'hdfs:/tmp/test-samples/custom-wordcount.jar' 'file:///home/usr/lib/hadoop-mapreduce/hadoop-mapreduce-examples.jar'" }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values, used to configure Hadoop. Properties that conflict with values set by the Dataproc API may be overwritten. Can include properties set in /etc/hadoop/conf/*-site and classes in user code." } }, "type": "object", "required": [ "archiveUris", "args", "fileUris", "jarFileUris", "loggingConfig", "mainClass", "mainJarFileUri", "properties" ] }, "google-native:dataproc/v1beta2:HiveJob": { "description": "A Dataproc job for running Apache Hive (https://hive.apache.org/) queries on YARN.", "properties": { "continueOnFailure": { "type": "boolean", "description": "Optional. Whether to continue executing queries if a query fails. The default value is false. Setting to true can be useful when executing independent parallel queries." }, "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of jar files to add to the CLASSPATH of the Hive server and Hadoop MapReduce (MR) tasks. Can contain Hive SerDes and UDFs." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names and values, used to configure Hive. Properties that conflict with values set by the Dataproc API may be overwritten. Can include properties set in /etc/hadoop/conf/*-site.xml, /etc/hive/conf/hive-site.xml, and classes in user code." }, "queryFileUri": { "type": "string", "description": "The HCFS URI of the script that contains Hive queries." }, "queryList": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:QueryList", "description": "A list of queries." }, "scriptVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Mapping of query variable names to values (equivalent to the Hive command: SET name=\"value\";)." } }, "type": "object" }, "google-native:dataproc/v1beta2:HiveJobResponse": { "description": "A Dataproc job for running Apache Hive (https://hive.apache.org/) queries on YARN.", "properties": { "continueOnFailure": { "type": "boolean", "description": "Optional. Whether to continue executing queries if a query fails. The default value is false. Setting to true can be useful when executing independent parallel queries." }, "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of jar files to add to the CLASSPATH of the Hive server and Hadoop MapReduce (MR) tasks. Can contain Hive SerDes and UDFs." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names and values, used to configure Hive. Properties that conflict with values set by the Dataproc API may be overwritten. Can include properties set in /etc/hadoop/conf/*-site.xml, /etc/hive/conf/hive-site.xml, and classes in user code." }, "queryFileUri": { "type": "string", "description": "The HCFS URI of the script that contains Hive queries." }, "queryList": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:QueryListResponse", "description": "A list of queries." }, "scriptVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Mapping of query variable names to values (equivalent to the Hive command: SET name=\"value\";)." } }, "type": "object", "required": [ "continueOnFailure", "jarFileUris", "properties", "queryFileUri", "queryList", "scriptVariables" ] }, "google-native:dataproc/v1beta2:InstanceGroupAutoscalingPolicyConfig": { "description": "Configuration for the size bounds of an instance group, including its proportional size to other groups.", "properties": { "maxInstances": { "type": "integer", "description": "Optional. Maximum number of instances for this group. Required for primary workers. Note that by default, clusters will not use secondary workers. Required for secondary workers if the minimum secondary instances is set.Primary workers - Bounds: [min_instances, ). Required. Secondary workers - Bounds: [min_instances, ). Default: 0." }, "minInstances": { "type": "integer", "description": "Optional. Minimum number of instances for this group.Primary workers - Bounds: 2, max_instances. Default: 2. Secondary workers - Bounds: 0, max_instances. Default: 0." }, "weight": { "type": "integer", "description": "Optional. Weight for the instance group, which is used to determine the fraction of total workers in the cluster from this instance group. For example, if primary workers have weight 2, and secondary workers have weight 1, the cluster will have approximately 2 primary workers for each secondary worker.The cluster may not reach the specified balance if constrained by min/max bounds or other autoscaling settings. For example, if max_instances for secondary workers is 0, then only primary workers will be added. The cluster can also be out of balance when created.If weight is not set on any instance group, the cluster will default to equal weight for all groups: the cluster will attempt to maintain an equal number of workers in each group within the configured size bounds for each group. If weight is set for one group only, the cluster will default to zero weight on the unset group. For example if weight is set only on primary workers, the cluster will use primary workers only and no secondary workers." } }, "type": "object" }, "google-native:dataproc/v1beta2:InstanceGroupAutoscalingPolicyConfigResponse": { "description": "Configuration for the size bounds of an instance group, including its proportional size to other groups.", "properties": { "maxInstances": { "type": "integer", "description": "Optional. Maximum number of instances for this group. Required for primary workers. Note that by default, clusters will not use secondary workers. Required for secondary workers if the minimum secondary instances is set.Primary workers - Bounds: [min_instances, ). Required. Secondary workers - Bounds: [min_instances, ). Default: 0." }, "minInstances": { "type": "integer", "description": "Optional. Minimum number of instances for this group.Primary workers - Bounds: 2, max_instances. Default: 2. Secondary workers - Bounds: 0, max_instances. Default: 0." }, "weight": { "type": "integer", "description": "Optional. Weight for the instance group, which is used to determine the fraction of total workers in the cluster from this instance group. For example, if primary workers have weight 2, and secondary workers have weight 1, the cluster will have approximately 2 primary workers for each secondary worker.The cluster may not reach the specified balance if constrained by min/max bounds or other autoscaling settings. For example, if max_instances for secondary workers is 0, then only primary workers will be added. The cluster can also be out of balance when created.If weight is not set on any instance group, the cluster will default to equal weight for all groups: the cluster will attempt to maintain an equal number of workers in each group within the configured size bounds for each group. If weight is set for one group only, the cluster will default to zero weight on the unset group. For example if weight is set only on primary workers, the cluster will use primary workers only and no secondary workers." } }, "type": "object", "required": [ "maxInstances", "minInstances", "weight" ] }, "google-native:dataproc/v1beta2:InstanceGroupConfig": { "description": "The config settings for Compute Engine resources in an instance group, such as a master or worker group.", "properties": { "accelerators": { "type": "array", "items": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:AcceleratorConfig" }, "description": "Optional. The Compute Engine accelerator configuration for these instances." }, "diskConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:DiskConfig", "description": "Optional. Disk option config settings." }, "imageUri": { "type": "string", "description": "Optional. The Compute Engine image resource used for cluster instances.The URI can represent an image or image family.Image examples: https://www.googleapis.com/compute/beta/projects/[project_id]/global/images/[image-id] projects/[project_id]/global/images/[image-id] image-idImage family examples. Dataproc will use the most recent image from the family: https://www.googleapis.com/compute/beta/projects/[project_id]/global/images/family/[custom-image-family-name] projects/[project_id]/global/images/family/[custom-image-family-name]If the URI is unspecified, it will be inferred from SoftwareConfig.image_version or the system default." }, "machineTypeUri": { "type": "string", "description": "Optional. The Compute Engine machine type used for cluster instances.A full URL, partial URI, or short name are valid. Examples: https://www.googleapis.com/compute/v1/projects/[project_id]/zones/us-east1-a/machineTypes/n1-standard-2 projects/[project_id]/zones/us-east1-a/machineTypes/n1-standard-2 n1-standard-2Auto Zone Exception: If you are using the Dataproc Auto Zone Placement (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/auto-zone#using_auto_zone_placement) feature, you must use the short name of the machine type resource, for example, n1-standard-2." }, "minCpuPlatform": { "type": "string", "description": "Specifies the minimum cpu platform for the Instance Group. See Dataproc -> Minimum CPU Platform (https://cloud.google.com/dataproc/docs/concepts/compute/dataproc-min-cpu)." }, "numInstances": { "type": "integer", "description": "Optional. The number of VM instances in the instance group. For HA cluster master_config groups, must be set to 3. For standard cluster master_config groups, must be set to 1." }, "preemptibility": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:InstanceGroupConfigPreemptibility", "description": "Optional. Specifies the preemptibility of the instance group.The default value for master and worker groups is NON_PREEMPTIBLE. This default cannot be changed.The default value for secondary instances is PREEMPTIBLE." } }, "type": "object" }, "google-native:dataproc/v1beta2:InstanceGroupConfigPreemptibility": { "description": "Optional. Specifies the preemptibility of the instance group.The default value for master and worker groups is NON_PREEMPTIBLE. This default cannot be changed.The default value for secondary instances is PREEMPTIBLE.", "type": "string", "enum": [ { "name": "PreemptibilityUnspecified", "description": "Preemptibility is unspecified, the system will choose the appropriate setting for each instance group.", "value": "PREEMPTIBILITY_UNSPECIFIED" }, { "name": "NonPreemptible", "description": "Instances are non-preemptible.This option is allowed for all instance groups and is the only valid value for Master and Worker instance groups.", "value": "NON_PREEMPTIBLE" }, { "name": "Preemptible", "description": "Instances are preemptible.This option is allowed only for secondary worker groups.", "value": "PREEMPTIBLE" } ] }, "google-native:dataproc/v1beta2:InstanceGroupConfigResponse": { "description": "The config settings for Compute Engine resources in an instance group, such as a master or worker group.", "properties": { "accelerators": { "type": "array", "items": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:AcceleratorConfigResponse" }, "description": "Optional. The Compute Engine accelerator configuration for these instances." }, "diskConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:DiskConfigResponse", "description": "Optional. Disk option config settings." }, "imageUri": { "type": "string", "description": "Optional. The Compute Engine image resource used for cluster instances.The URI can represent an image or image family.Image examples: https://www.googleapis.com/compute/beta/projects/[project_id]/global/images/[image-id] projects/[project_id]/global/images/[image-id] image-idImage family examples. Dataproc will use the most recent image from the family: https://www.googleapis.com/compute/beta/projects/[project_id]/global/images/family/[custom-image-family-name] projects/[project_id]/global/images/family/[custom-image-family-name]If the URI is unspecified, it will be inferred from SoftwareConfig.image_version or the system default." }, "instanceNames": { "type": "array", "items": { "type": "string" }, "description": "The list of instance names. Dataproc derives the names from cluster_name, num_instances, and the instance group." }, "instanceReferences": { "type": "array", "items": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:InstanceReferenceResponse" }, "description": "List of references to Compute Engine instances." }, "isPreemptible": { "type": "boolean", "description": "Specifies that this instance group contains preemptible instances." }, "machineTypeUri": { "type": "string", "description": "Optional. The Compute Engine machine type used for cluster instances.A full URL, partial URI, or short name are valid. Examples: https://www.googleapis.com/compute/v1/projects/[project_id]/zones/us-east1-a/machineTypes/n1-standard-2 projects/[project_id]/zones/us-east1-a/machineTypes/n1-standard-2 n1-standard-2Auto Zone Exception: If you are using the Dataproc Auto Zone Placement (https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/auto-zone#using_auto_zone_placement) feature, you must use the short name of the machine type resource, for example, n1-standard-2." }, "managedGroupConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:ManagedGroupConfigResponse", "description": "The config for Compute Engine Instance Group Manager that manages this group. This is only used for preemptible instance groups." }, "minCpuPlatform": { "type": "string", "description": "Specifies the minimum cpu platform for the Instance Group. See Dataproc -> Minimum CPU Platform (https://cloud.google.com/dataproc/docs/concepts/compute/dataproc-min-cpu)." }, "numInstances": { "type": "integer", "description": "Optional. The number of VM instances in the instance group. For HA cluster master_config groups, must be set to 3. For standard cluster master_config groups, must be set to 1." }, "preemptibility": { "type": "string", "description": "Optional. Specifies the preemptibility of the instance group.The default value for master and worker groups is NON_PREEMPTIBLE. This default cannot be changed.The default value for secondary instances is PREEMPTIBLE." } }, "type": "object", "required": [ "accelerators", "diskConfig", "imageUri", "instanceNames", "instanceReferences", "isPreemptible", "machineTypeUri", "managedGroupConfig", "minCpuPlatform", "numInstances", "preemptibility" ] }, "google-native:dataproc/v1beta2:InstanceReferenceResponse": { "description": "A reference to a Compute Engine instance.", "properties": { "instanceId": { "type": "string", "description": "The unique identifier of the Compute Engine instance." }, "instanceName": { "type": "string", "description": "The user-friendly name of the Compute Engine instance." }, "publicKey": { "type": "string", "description": "The public key used for sharing data with this instance." } }, "type": "object", "required": [ "instanceId", "instanceName", "publicKey" ] }, "google-native:dataproc/v1beta2:JobPlacement": { "description": "Dataproc job config.", "properties": { "clusterLabels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Cluster labels to identify a cluster where the job will be submitted." }, "clusterName": { "type": "string", "description": "The name of the cluster where the job will be submitted." } }, "type": "object", "required": [ "clusterName" ] }, "google-native:dataproc/v1beta2:JobPlacementResponse": { "description": "Dataproc job config.", "properties": { "clusterLabels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Cluster labels to identify a cluster where the job will be submitted." }, "clusterName": { "type": "string", "description": "The name of the cluster where the job will be submitted." }, "clusterUuid": { "type": "string", "description": "A cluster UUID generated by the Dataproc service when the job is submitted." } }, "type": "object", "required": [ "clusterLabels", "clusterName", "clusterUuid" ] }, "google-native:dataproc/v1beta2:JobReference": { "description": "Encapsulates the full scoping used to reference a job.", "properties": { "jobId": { "type": "string", "description": "Optional. The job ID, which must be unique within the project. The ID must contain only letters (a-z, A-Z), numbers (0-9), underscores (_), or hyphens (-). The maximum length is 100 characters.If not specified by the caller, the job ID will be provided by the server." }, "project": { "type": "string", "description": "Optional. The ID of the Google Cloud Platform project that the job belongs to. If specified, must match the request project ID." } }, "type": "object" }, "google-native:dataproc/v1beta2:JobReferenceResponse": { "description": "Encapsulates the full scoping used to reference a job.", "properties": { "jobId": { "type": "string", "description": "Optional. The job ID, which must be unique within the project. The ID must contain only letters (a-z, A-Z), numbers (0-9), underscores (_), or hyphens (-). The maximum length is 100 characters.If not specified by the caller, the job ID will be provided by the server." }, "project": { "type": "string", "description": "Optional. The ID of the Google Cloud Platform project that the job belongs to. If specified, must match the request project ID." } }, "type": "object", "required": [ "jobId", "project" ] }, "google-native:dataproc/v1beta2:JobScheduling": { "description": "Job scheduling options.", "properties": { "maxFailuresPerHour": { "type": "integer", "description": "Optional. Maximum number of times per hour a driver may be restarted as a result of driver terminating with non-zero code before job is reported failed.A job may be reported as thrashing if driver exits with non-zero code 4 times within 10 minute window.Maximum value is 10." }, "maxFailuresTotal": { "type": "integer", "description": "Optional. Maximum number of times in total a driver may be restarted as a result of driver exiting with non-zero code before job is reported failed. Maximum value is 240." } }, "type": "object" }, "google-native:dataproc/v1beta2:JobSchedulingResponse": { "description": "Job scheduling options.", "properties": { "maxFailuresPerHour": { "type": "integer", "description": "Optional. Maximum number of times per hour a driver may be restarted as a result of driver terminating with non-zero code before job is reported failed.A job may be reported as thrashing if driver exits with non-zero code 4 times within 10 minute window.Maximum value is 10." }, "maxFailuresTotal": { "type": "integer", "description": "Optional. Maximum number of times in total a driver may be restarted as a result of driver exiting with non-zero code before job is reported failed. Maximum value is 240." } }, "type": "object", "required": [ "maxFailuresPerHour", "maxFailuresTotal" ] }, "google-native:dataproc/v1beta2:JobStatusResponse": { "description": "Dataproc job status.", "properties": { "details": { "type": "string", "description": "Optional Job state details, such as an error description if the state is ERROR." }, "state": { "type": "string", "description": "A state message specifying the overall job state." }, "stateStartTime": { "type": "string", "description": "The time when this state was entered." }, "substate": { "type": "string", "description": "Additional state information, which includes status reported by the agent." } }, "type": "object", "required": [ "details", "state", "stateStartTime", "substate" ] }, "google-native:dataproc/v1beta2:KerberosConfig": { "description": "Specifies Kerberos related configuration.", "properties": { "crossRealmTrustAdminServer": { "type": "string", "description": "Optional. The admin server (IP or hostname) for the remote trusted realm in a cross realm trust relationship." }, "crossRealmTrustKdc": { "type": "string", "description": "Optional. The KDC (IP or hostname) for the remote trusted realm in a cross realm trust relationship." }, "crossRealmTrustRealm": { "type": "string", "description": "Optional. The remote realm the Dataproc on-cluster KDC will trust, should the user enable cross realm trust." }, "crossRealmTrustSharedPasswordUri": { "type": "string", "description": "Optional. The Cloud Storage URI of a KMS encrypted file containing the shared password between the on-cluster Kerberos realm and the remote trusted realm, in a cross realm trust relationship." }, "enableKerberos": { "type": "boolean", "description": "Optional. Flag to indicate whether to Kerberize the cluster (default: false). Set this field to true to enable Kerberos on a cluster." }, "kdcDbKeyUri": { "type": "string", "description": "Optional. The Cloud Storage URI of a KMS encrypted file containing the master key of the KDC database." }, "keyPasswordUri": { "type": "string", "description": "Optional. The Cloud Storage URI of a KMS encrypted file containing the password to the user provided key. For the self-signed certificate, this password is generated by Dataproc." }, "keystorePasswordUri": { "type": "string", "description": "Optional. The Cloud Storage URI of a KMS encrypted file containing the password to the user provided keystore. For the self-signed certificate, this password is generated by Dataproc." }, "keystoreUri": { "type": "string", "description": "Optional. The Cloud Storage URI of the keystore file used for SSL encryption. If not provided, Dataproc will provide a self-signed certificate." }, "kmsKeyUri": { "type": "string", "description": "Optional. The uri of the KMS key used to encrypt various sensitive files." }, "realm": { "type": "string", "description": "Optional. The name of the on-cluster Kerberos realm. If not specified, the uppercased domain of hostnames will be the realm." }, "rootPrincipalPasswordUri": { "type": "string", "description": "Optional. The Cloud Storage URI of a KMS encrypted file containing the root principal password." }, "tgtLifetimeHours": { "type": "integer", "description": "Optional. The lifetime of the ticket granting ticket, in hours. If not specified, or user specifies 0, then default value 10 will be used." }, "truststorePasswordUri": { "type": "string", "description": "Optional. The Cloud Storage URI of a KMS encrypted file containing the password to the user provided truststore. For the self-signed certificate, this password is generated by Dataproc." }, "truststoreUri": { "type": "string", "description": "Optional. The Cloud Storage URI of the truststore file used for SSL encryption. If not provided, Dataproc will provide a self-signed certificate." } }, "type": "object" }, "google-native:dataproc/v1beta2:KerberosConfigResponse": { "description": "Specifies Kerberos related configuration.", "properties": { "crossRealmTrustAdminServer": { "type": "string", "description": "Optional. The admin server (IP or hostname) for the remote trusted realm in a cross realm trust relationship." }, "crossRealmTrustKdc": { "type": "string", "description": "Optional. The KDC (IP or hostname) for the remote trusted realm in a cross realm trust relationship." }, "crossRealmTrustRealm": { "type": "string", "description": "Optional. The remote realm the Dataproc on-cluster KDC will trust, should the user enable cross realm trust." }, "crossRealmTrustSharedPasswordUri": { "type": "string", "description": "Optional. The Cloud Storage URI of a KMS encrypted file containing the shared password between the on-cluster Kerberos realm and the remote trusted realm, in a cross realm trust relationship." }, "enableKerberos": { "type": "boolean", "description": "Optional. Flag to indicate whether to Kerberize the cluster (default: false). Set this field to true to enable Kerberos on a cluster." }, "kdcDbKeyUri": { "type": "string", "description": "Optional. The Cloud Storage URI of a KMS encrypted file containing the master key of the KDC database." }, "keyPasswordUri": { "type": "string", "description": "Optional. The Cloud Storage URI of a KMS encrypted file containing the password to the user provided key. For the self-signed certificate, this password is generated by Dataproc." }, "keystorePasswordUri": { "type": "string", "description": "Optional. The Cloud Storage URI of a KMS encrypted file containing the password to the user provided keystore. For the self-signed certificate, this password is generated by Dataproc." }, "keystoreUri": { "type": "string", "description": "Optional. The Cloud Storage URI of the keystore file used for SSL encryption. If not provided, Dataproc will provide a self-signed certificate." }, "kmsKeyUri": { "type": "string", "description": "Optional. The uri of the KMS key used to encrypt various sensitive files." }, "realm": { "type": "string", "description": "Optional. The name of the on-cluster Kerberos realm. If not specified, the uppercased domain of hostnames will be the realm." }, "rootPrincipalPasswordUri": { "type": "string", "description": "Optional. The Cloud Storage URI of a KMS encrypted file containing the root principal password." }, "tgtLifetimeHours": { "type": "integer", "description": "Optional. The lifetime of the ticket granting ticket, in hours. If not specified, or user specifies 0, then default value 10 will be used." }, "truststorePasswordUri": { "type": "string", "description": "Optional. The Cloud Storage URI of a KMS encrypted file containing the password to the user provided truststore. For the self-signed certificate, this password is generated by Dataproc." }, "truststoreUri": { "type": "string", "description": "Optional. The Cloud Storage URI of the truststore file used for SSL encryption. If not provided, Dataproc will provide a self-signed certificate." } }, "type": "object", "required": [ "crossRealmTrustAdminServer", "crossRealmTrustKdc", "crossRealmTrustRealm", "crossRealmTrustSharedPasswordUri", "enableKerberos", "kdcDbKeyUri", "keyPasswordUri", "keystorePasswordUri", "keystoreUri", "kmsKeyUri", "realm", "rootPrincipalPasswordUri", "tgtLifetimeHours", "truststorePasswordUri", "truststoreUri" ] }, "google-native:dataproc/v1beta2:LifecycleConfig": { "description": "Specifies the cluster auto-delete schedule configuration.", "properties": { "autoDeleteTime": { "type": "string", "description": "Optional. The time when cluster will be auto-deleted. (see JSON representation of Timestamp (https://developers.google.com/protocol-buffers/docs/proto3#json))." }, "autoDeleteTtl": { "type": "string", "description": "Optional. The lifetime duration of cluster. The cluster will be auto-deleted at the end of this period. Minimum value is 10 minutes; maximum value is 14 days (see JSON representation of Duration (https://developers.google.com/protocol-buffers/docs/proto3#json))." }, "idleDeleteTtl": { "type": "string", "description": "Optional. The duration to keep the cluster alive while idling (when no jobs are running). Passing this threshold will cause the cluster to be deleted. Minimum value is 5 minutes; maximum value is 14 days (see JSON representation of Duration (https://developers.google.com/protocol-buffers/docs/proto3#json))." } }, "type": "object" }, "google-native:dataproc/v1beta2:LifecycleConfigResponse": { "description": "Specifies the cluster auto-delete schedule configuration.", "properties": { "autoDeleteTime": { "type": "string", "description": "Optional. The time when cluster will be auto-deleted. (see JSON representation of Timestamp (https://developers.google.com/protocol-buffers/docs/proto3#json))." }, "autoDeleteTtl": { "type": "string", "description": "Optional. The lifetime duration of cluster. The cluster will be auto-deleted at the end of this period. Minimum value is 10 minutes; maximum value is 14 days (see JSON representation of Duration (https://developers.google.com/protocol-buffers/docs/proto3#json))." }, "idleDeleteTtl": { "type": "string", "description": "Optional. The duration to keep the cluster alive while idling (when no jobs are running). Passing this threshold will cause the cluster to be deleted. Minimum value is 5 minutes; maximum value is 14 days (see JSON representation of Duration (https://developers.google.com/protocol-buffers/docs/proto3#json))." }, "idleStartTime": { "type": "string", "description": "The time when cluster became idle (most recent job finished) and became eligible for deletion due to idleness (see JSON representation of Timestamp (https://developers.google.com/protocol-buffers/docs/proto3#json))." } }, "type": "object", "required": [ "autoDeleteTime", "autoDeleteTtl", "idleDeleteTtl", "idleStartTime" ] }, "google-native:dataproc/v1beta2:LoggingConfig": { "description": "The runtime logging config of the job.", "properties": { "driverLogLevels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The per-package log levels for the driver. This may include \"root\" package name to configure rootLogger. Examples: 'com.google = FATAL', 'root = INFO', 'org.apache = DEBUG'" } }, "type": "object" }, "google-native:dataproc/v1beta2:LoggingConfigResponse": { "description": "The runtime logging config of the job.", "properties": { "driverLogLevels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The per-package log levels for the driver. This may include \"root\" package name to configure rootLogger. Examples: 'com.google = FATAL', 'root = INFO', 'org.apache = DEBUG'" } }, "type": "object", "required": [ "driverLogLevels" ] }, "google-native:dataproc/v1beta2:ManagedCluster": { "description": "Cluster that is managed by the workflow.", "properties": { "clusterName": { "type": "string", "description": "The cluster name prefix. A unique cluster name will be formed by appending a random suffix.The name must contain only lower-case letters (a-z), numbers (0-9), and hyphens (-). Must begin with a letter. Cannot begin or end with hyphen. Must consist of between 2 and 35 characters." }, "config": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:ClusterConfig", "description": "The cluster configuration." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. The labels to associate with this cluster.Label keys must be between 1 and 63 characters long, and must conform to the following PCRE regular expression: \\p{Ll}\\p{Lo}{0,62}Label values must be between 1 and 63 characters long, and must conform to the following PCRE regular expression: \\p{Ll}\\p{Lo}\\p{N}_-{0,63}No more than 32 labels can be associated with a given cluster." } }, "type": "object", "required": [ "clusterName", "config" ] }, "google-native:dataproc/v1beta2:ManagedClusterResponse": { "description": "Cluster that is managed by the workflow.", "properties": { "clusterName": { "type": "string", "description": "The cluster name prefix. A unique cluster name will be formed by appending a random suffix.The name must contain only lower-case letters (a-z), numbers (0-9), and hyphens (-). Must begin with a letter. Cannot begin or end with hyphen. Must consist of between 2 and 35 characters." }, "config": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:ClusterConfigResponse", "description": "The cluster configuration." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. The labels to associate with this cluster.Label keys must be between 1 and 63 characters long, and must conform to the following PCRE regular expression: \\p{Ll}\\p{Lo}{0,62}Label values must be between 1 and 63 characters long, and must conform to the following PCRE regular expression: \\p{Ll}\\p{Lo}\\p{N}_-{0,63}No more than 32 labels can be associated with a given cluster." } }, "type": "object", "required": [ "clusterName", "config", "labels" ] }, "google-native:dataproc/v1beta2:ManagedGroupConfigResponse": { "description": "Specifies the resources used to actively manage an instance group.", "properties": { "instanceGroupManagerName": { "type": "string", "description": "The name of the Instance Group Manager for this group." }, "instanceTemplateName": { "type": "string", "description": "The name of the Instance Template used for the Managed Instance Group." } }, "type": "object", "required": [ "instanceGroupManagerName", "instanceTemplateName" ] }, "google-native:dataproc/v1beta2:MetastoreConfig": { "description": "Specifies a Metastore configuration.", "properties": { "dataprocMetastoreService": { "type": "string", "description": "Resource name of an existing Dataproc Metastore service.Example: projects/[project_id]/locations/[dataproc_region]/services/[service-name]" } }, "type": "object", "required": [ "dataprocMetastoreService" ] }, "google-native:dataproc/v1beta2:MetastoreConfigResponse": { "description": "Specifies a Metastore configuration.", "properties": { "dataprocMetastoreService": { "type": "string", "description": "Resource name of an existing Dataproc Metastore service.Example: projects/[project_id]/locations/[dataproc_region]/services/[service-name]" } }, "type": "object", "required": [ "dataprocMetastoreService" ] }, "google-native:dataproc/v1beta2:NamespacedGkeDeploymentTarget": { "description": "A full, namespace-isolated deployment target for an existing GKE cluster.", "properties": { "clusterNamespace": { "type": "string", "description": "Optional. A namespace within the GKE cluster to deploy into." }, "targetGkeCluster": { "type": "string", "description": "Optional. The target GKE cluster to deploy to. Format: 'projects/{project}/locations/{location}/clusters/{cluster_id}'" } }, "type": "object" }, "google-native:dataproc/v1beta2:NamespacedGkeDeploymentTargetResponse": { "description": "A full, namespace-isolated deployment target for an existing GKE cluster.", "properties": { "clusterNamespace": { "type": "string", "description": "Optional. A namespace within the GKE cluster to deploy into." }, "targetGkeCluster": { "type": "string", "description": "Optional. The target GKE cluster to deploy to. Format: 'projects/{project}/locations/{location}/clusters/{cluster_id}'" } }, "type": "object", "required": [ "clusterNamespace", "targetGkeCluster" ] }, "google-native:dataproc/v1beta2:NodeGroupAffinity": { "description": "Node Group Affinity for clusters using sole-tenant node groups.", "properties": { "nodeGroupUri": { "type": "string", "description": "The URI of a sole-tenant node group resource (https://cloud.google.com/compute/docs/reference/rest/v1/nodeGroups) that the cluster will be created on.A full URL, partial URI, or node group name are valid. Examples: https://www.googleapis.com/compute/v1/projects/[project_id]/zones/us-central1-a/nodeGroups/node-group-1 projects/[project_id]/zones/us-central1-a/nodeGroups/node-group-1 node-group-1" } }, "type": "object", "required": [ "nodeGroupUri" ] }, "google-native:dataproc/v1beta2:NodeGroupAffinityResponse": { "description": "Node Group Affinity for clusters using sole-tenant node groups.", "properties": { "nodeGroupUri": { "type": "string", "description": "The URI of a sole-tenant node group resource (https://cloud.google.com/compute/docs/reference/rest/v1/nodeGroups) that the cluster will be created on.A full URL, partial URI, or node group name are valid. Examples: https://www.googleapis.com/compute/v1/projects/[project_id]/zones/us-central1-a/nodeGroups/node-group-1 projects/[project_id]/zones/us-central1-a/nodeGroups/node-group-1 node-group-1" } }, "type": "object", "required": [ "nodeGroupUri" ] }, "google-native:dataproc/v1beta2:NodeInitializationAction": { "description": "Specifies an executable to run on a fully configured node and a timeout period for executable completion.", "properties": { "executableFile": { "type": "string", "description": "Cloud Storage URI of executable file." }, "executionTimeout": { "type": "string", "description": "Optional. Amount of time executable has to complete. Default is 10 minutes (see JSON representation of Duration (https://developers.google.com/protocol-buffers/docs/proto3#json)).Cluster creation fails with an explanatory error message (the name of the executable that caused the error and the exceeded timeout period) if the executable is not completed at end of the timeout period." } }, "type": "object", "required": [ "executableFile" ] }, "google-native:dataproc/v1beta2:NodeInitializationActionResponse": { "description": "Specifies an executable to run on a fully configured node and a timeout period for executable completion.", "properties": { "executableFile": { "type": "string", "description": "Cloud Storage URI of executable file." }, "executionTimeout": { "type": "string", "description": "Optional. Amount of time executable has to complete. Default is 10 minutes (see JSON representation of Duration (https://developers.google.com/protocol-buffers/docs/proto3#json)).Cluster creation fails with an explanatory error message (the name of the executable that caused the error and the exceeded timeout period) if the executable is not completed at end of the timeout period." } }, "type": "object", "required": [ "executableFile", "executionTimeout" ] }, "google-native:dataproc/v1beta2:OrderedJob": { "description": "A job executed by the workflow.", "properties": { "hadoopJob": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:HadoopJob", "description": "Optional. Job is a Hadoop job." }, "hiveJob": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:HiveJob", "description": "Optional. Job is a Hive job." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. The labels to associate with this job.Label keys must be between 1 and 63 characters long, and must conform to the following regular expression: \\p{Ll}\\p{Lo}{0,62}Label values must be between 1 and 63 characters long, and must conform to the following regular expression: \\p{Ll}\\p{Lo}\\p{N}_-{0,63}No more than 32 labels can be associated with a given job." }, "pigJob": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:PigJob", "description": "Optional. Job is a Pig job." }, "prerequisiteStepIds": { "type": "array", "items": { "type": "string" }, "description": "Optional. The optional list of prerequisite job step_ids. If not specified, the job will start at the beginning of workflow." }, "prestoJob": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:PrestoJob", "description": "Optional. Job is a Presto job." }, "pysparkJob": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:PySparkJob", "description": "Optional. Job is a PySpark job." }, "scheduling": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:JobScheduling", "description": "Optional. Job scheduling configuration." }, "sparkJob": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:SparkJob", "description": "Optional. Job is a Spark job." }, "sparkRJob": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:SparkRJob", "description": "Optional. Job is a SparkR job." }, "sparkSqlJob": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:SparkSqlJob", "description": "Optional. Job is a SparkSql job." }, "stepId": { "type": "string", "description": "The step id. The id must be unique among all jobs within the template.The step id is used as prefix for job id, as job goog-dataproc-workflow-step-id label, and in prerequisiteStepIds field from other steps.The id must contain only letters (a-z, A-Z), numbers (0-9), underscores (_), and hyphens (-). Cannot begin or end with underscore or hyphen. Must consist of between 3 and 50 characters." } }, "type": "object", "required": [ "stepId" ] }, "google-native:dataproc/v1beta2:OrderedJobResponse": { "description": "A job executed by the workflow.", "properties": { "hadoopJob": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:HadoopJobResponse", "description": "Optional. Job is a Hadoop job." }, "hiveJob": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:HiveJobResponse", "description": "Optional. Job is a Hive job." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. The labels to associate with this job.Label keys must be between 1 and 63 characters long, and must conform to the following regular expression: \\p{Ll}\\p{Lo}{0,62}Label values must be between 1 and 63 characters long, and must conform to the following regular expression: \\p{Ll}\\p{Lo}\\p{N}_-{0,63}No more than 32 labels can be associated with a given job." }, "pigJob": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:PigJobResponse", "description": "Optional. Job is a Pig job." }, "prerequisiteStepIds": { "type": "array", "items": { "type": "string" }, "description": "Optional. The optional list of prerequisite job step_ids. If not specified, the job will start at the beginning of workflow." }, "prestoJob": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:PrestoJobResponse", "description": "Optional. Job is a Presto job." }, "pysparkJob": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:PySparkJobResponse", "description": "Optional. Job is a PySpark job." }, "scheduling": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:JobSchedulingResponse", "description": "Optional. Job scheduling configuration." }, "sparkJob": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:SparkJobResponse", "description": "Optional. Job is a Spark job." }, "sparkRJob": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:SparkRJobResponse", "description": "Optional. Job is a SparkR job." }, "sparkSqlJob": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:SparkSqlJobResponse", "description": "Optional. Job is a SparkSql job." }, "stepId": { "type": "string", "description": "The step id. The id must be unique among all jobs within the template.The step id is used as prefix for job id, as job goog-dataproc-workflow-step-id label, and in prerequisiteStepIds field from other steps.The id must contain only letters (a-z, A-Z), numbers (0-9), underscores (_), and hyphens (-). Cannot begin or end with underscore or hyphen. Must consist of between 3 and 50 characters." } }, "type": "object", "required": [ "hadoopJob", "hiveJob", "labels", "pigJob", "prerequisiteStepIds", "prestoJob", "pysparkJob", "scheduling", "sparkJob", "sparkRJob", "sparkSqlJob", "stepId" ] }, "google-native:dataproc/v1beta2:ParameterValidation": { "description": "Configuration for parameter validation.", "properties": { "regex": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:RegexValidation", "description": "Validation based on regular expressions." }, "values": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:ValueValidation", "description": "Validation based on a list of allowed values." } }, "type": "object" }, "google-native:dataproc/v1beta2:ParameterValidationResponse": { "description": "Configuration for parameter validation.", "properties": { "regex": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:RegexValidationResponse", "description": "Validation based on regular expressions." }, "values": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:ValueValidationResponse", "description": "Validation based on a list of allowed values." } }, "type": "object", "required": [ "regex", "values" ] }, "google-native:dataproc/v1beta2:PigJob": { "description": "A Dataproc job for running Apache Pig (https://pig.apache.org/) queries on YARN.", "properties": { "continueOnFailure": { "type": "boolean", "description": "Optional. Whether to continue executing queries if a query fails. The default value is false. Setting to true can be useful when executing independent parallel queries." }, "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of jar files to add to the CLASSPATH of the Pig Client and Hadoop MapReduce (MR) tasks. Can contain Pig UDFs." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:LoggingConfig", "description": "Optional. The runtime log config for job execution." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values, used to configure Pig. Properties that conflict with values set by the Dataproc API may be overwritten. Can include properties set in /etc/hadoop/conf/*-site.xml, /etc/pig/conf/pig.properties, and classes in user code." }, "queryFileUri": { "type": "string", "description": "The HCFS URI of the script that contains the Pig queries." }, "queryList": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:QueryList", "description": "A list of queries." }, "scriptVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Mapping of query variable names to values (equivalent to the Pig command: name=[value])." } }, "type": "object" }, "google-native:dataproc/v1beta2:PigJobResponse": { "description": "A Dataproc job for running Apache Pig (https://pig.apache.org/) queries on YARN.", "properties": { "continueOnFailure": { "type": "boolean", "description": "Optional. Whether to continue executing queries if a query fails. The default value is false. Setting to true can be useful when executing independent parallel queries." }, "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of jar files to add to the CLASSPATH of the Pig Client and Hadoop MapReduce (MR) tasks. Can contain Pig UDFs." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:LoggingConfigResponse", "description": "Optional. The runtime log config for job execution." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values, used to configure Pig. Properties that conflict with values set by the Dataproc API may be overwritten. Can include properties set in /etc/hadoop/conf/*-site.xml, /etc/pig/conf/pig.properties, and classes in user code." }, "queryFileUri": { "type": "string", "description": "The HCFS URI of the script that contains the Pig queries." }, "queryList": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:QueryListResponse", "description": "A list of queries." }, "scriptVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Mapping of query variable names to values (equivalent to the Pig command: name=[value])." } }, "type": "object", "required": [ "continueOnFailure", "jarFileUris", "loggingConfig", "properties", "queryFileUri", "queryList", "scriptVariables" ] }, "google-native:dataproc/v1beta2:PrestoJob": { "description": "A Dataproc job for running Presto (https://prestosql.io/) queries. IMPORTANT: The Dataproc Presto Optional Component (https://cloud.google.com/dataproc/docs/concepts/components/presto) must be enabled when the cluster is created to submit a Presto job to the cluster.", "properties": { "clientTags": { "type": "array", "items": { "type": "string" }, "description": "Optional. Presto client tags to attach to this query" }, "continueOnFailure": { "type": "boolean", "description": "Optional. Whether to continue executing queries if a query fails. The default value is false. Setting to true can be useful when executing independent parallel queries." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:LoggingConfig", "description": "Optional. The runtime log config for job execution." }, "outputFormat": { "type": "string", "description": "Optional. The format in which query output will be displayed. See the Presto documentation for supported output formats" }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values. Used to set Presto session properties (https://prestodb.io/docs/current/sql/set-session.html) Equivalent to using the --session flag in the Presto CLI" }, "queryFileUri": { "type": "string", "description": "The HCFS URI of the script that contains SQL queries." }, "queryList": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:QueryList", "description": "A list of queries." } }, "type": "object" }, "google-native:dataproc/v1beta2:PrestoJobResponse": { "description": "A Dataproc job for running Presto (https://prestosql.io/) queries. IMPORTANT: The Dataproc Presto Optional Component (https://cloud.google.com/dataproc/docs/concepts/components/presto) must be enabled when the cluster is created to submit a Presto job to the cluster.", "properties": { "clientTags": { "type": "array", "items": { "type": "string" }, "description": "Optional. Presto client tags to attach to this query" }, "continueOnFailure": { "type": "boolean", "description": "Optional. Whether to continue executing queries if a query fails. The default value is false. Setting to true can be useful when executing independent parallel queries." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:LoggingConfigResponse", "description": "Optional. The runtime log config for job execution." }, "outputFormat": { "type": "string", "description": "Optional. The format in which query output will be displayed. See the Presto documentation for supported output formats" }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values. Used to set Presto session properties (https://prestodb.io/docs/current/sql/set-session.html) Equivalent to using the --session flag in the Presto CLI" }, "queryFileUri": { "type": "string", "description": "The HCFS URI of the script that contains SQL queries." }, "queryList": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:QueryListResponse", "description": "A list of queries." } }, "type": "object", "required": [ "clientTags", "continueOnFailure", "loggingConfig", "outputFormat", "properties", "queryFileUri", "queryList" ] }, "google-native:dataproc/v1beta2:PySparkJob": { "description": "A Dataproc job for running Apache PySpark (https://spark.apache.org/docs/0.9.0/python-programming-guide.html) applications on YARN.", "properties": { "archiveUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of archives to be extracted into the working directory of each executor. Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip." }, "args": { "type": "array", "items": { "type": "string" }, "description": "Optional. The arguments to pass to the driver. Do not include arguments, such as --conf, that can be set as job properties, since a collision may occur that causes an incorrect job submission." }, "fileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of files to be placed in the working directory of each executor. Useful for naively parallel tasks." }, "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of jar files to add to the CLASSPATHs of the Python driver and tasks." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:LoggingConfig", "description": "Optional. The runtime log config for job execution." }, "mainPythonFileUri": { "type": "string", "description": "The HCFS URI of the main Python file to use as the driver. Must be a .py file." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values, used to configure PySpark. Properties that conflict with values set by the Dataproc API may be overwritten. Can include properties set in /etc/spark/conf/spark-defaults.conf and classes in user code." }, "pythonFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS file URIs of Python files to pass to the PySpark framework. Supported file types: .py, .egg, and .zip." } }, "type": "object", "required": [ "mainPythonFileUri" ] }, "google-native:dataproc/v1beta2:PySparkJobResponse": { "description": "A Dataproc job for running Apache PySpark (https://spark.apache.org/docs/0.9.0/python-programming-guide.html) applications on YARN.", "properties": { "archiveUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of archives to be extracted into the working directory of each executor. Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip." }, "args": { "type": "array", "items": { "type": "string" }, "description": "Optional. The arguments to pass to the driver. Do not include arguments, such as --conf, that can be set as job properties, since a collision may occur that causes an incorrect job submission." }, "fileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of files to be placed in the working directory of each executor. Useful for naively parallel tasks." }, "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of jar files to add to the CLASSPATHs of the Python driver and tasks." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:LoggingConfigResponse", "description": "Optional. The runtime log config for job execution." }, "mainPythonFileUri": { "type": "string", "description": "The HCFS URI of the main Python file to use as the driver. Must be a .py file." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values, used to configure PySpark. Properties that conflict with values set by the Dataproc API may be overwritten. Can include properties set in /etc/spark/conf/spark-defaults.conf and classes in user code." }, "pythonFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS file URIs of Python files to pass to the PySpark framework. Supported file types: .py, .egg, and .zip." } }, "type": "object", "required": [ "archiveUris", "args", "fileUris", "jarFileUris", "loggingConfig", "mainPythonFileUri", "properties", "pythonFileUris" ] }, "google-native:dataproc/v1beta2:QueryList": { "description": "A list of queries to run on a cluster.", "properties": { "queries": { "type": "array", "items": { "type": "string" }, "description": "The queries to execute. You do not need to end a query expression with a semicolon. Multiple queries can be specified in one string by separating each with a semicolon. Here is an example of a Dataproc API snippet that uses a QueryList to specify a HiveJob: \"hiveJob\": { \"queryList\": { \"queries\": [ \"query1\", \"query2\", \"query3;query4\", ] } } " } }, "type": "object", "required": [ "queries" ] }, "google-native:dataproc/v1beta2:QueryListResponse": { "description": "A list of queries to run on a cluster.", "properties": { "queries": { "type": "array", "items": { "type": "string" }, "description": "The queries to execute. You do not need to end a query expression with a semicolon. Multiple queries can be specified in one string by separating each with a semicolon. Here is an example of a Dataproc API snippet that uses a QueryList to specify a HiveJob: \"hiveJob\": { \"queryList\": { \"queries\": [ \"query1\", \"query2\", \"query3;query4\", ] } } " } }, "type": "object", "required": [ "queries" ] }, "google-native:dataproc/v1beta2:RegexValidation": { "description": "Validation based on regular expressions.", "properties": { "regexes": { "type": "array", "items": { "type": "string" }, "description": "RE2 regular expressions used to validate the parameter's value. The value must match the regex in its entirety (substring matches are not sufficient)." } }, "type": "object", "required": [ "regexes" ] }, "google-native:dataproc/v1beta2:RegexValidationResponse": { "description": "Validation based on regular expressions.", "properties": { "regexes": { "type": "array", "items": { "type": "string" }, "description": "RE2 regular expressions used to validate the parameter's value. The value must match the regex in its entirety (substring matches are not sufficient)." } }, "type": "object", "required": [ "regexes" ] }, "google-native:dataproc/v1beta2:ReservationAffinity": { "description": "Reservation Affinity for consuming Zonal reservation.", "properties": { "consumeReservationType": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:ReservationAffinityConsumeReservationType", "description": "Optional. Type of reservation to consume" }, "key": { "type": "string", "description": "Optional. Corresponds to the label key of reservation resource." }, "values": { "type": "array", "items": { "type": "string" }, "description": "Optional. Corresponds to the label values of reservation resource." } }, "type": "object" }, "google-native:dataproc/v1beta2:ReservationAffinityConsumeReservationType": { "description": "Optional. Type of reservation to consume", "type": "string", "enum": [ { "name": "TypeUnspecified", "value": "TYPE_UNSPECIFIED" }, { "name": "NoReservation", "description": "Do not consume from any allocated capacity.", "value": "NO_RESERVATION" }, { "name": "AnyReservation", "description": "Consume any reservation available.", "value": "ANY_RESERVATION" }, { "name": "SpecificReservation", "description": "Must consume from a specific reservation. Must specify key value fields for specifying the reservations.", "value": "SPECIFIC_RESERVATION" } ] }, "google-native:dataproc/v1beta2:ReservationAffinityResponse": { "description": "Reservation Affinity for consuming Zonal reservation.", "properties": { "consumeReservationType": { "type": "string", "description": "Optional. Type of reservation to consume" }, "key": { "type": "string", "description": "Optional. Corresponds to the label key of reservation resource." }, "values": { "type": "array", "items": { "type": "string" }, "description": "Optional. Corresponds to the label values of reservation resource." } }, "type": "object", "required": [ "consumeReservationType", "key", "values" ] }, "google-native:dataproc/v1beta2:SecurityConfig": { "description": "Security related configuration, including encryption, Kerberos, etc.", "properties": { "kerberosConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:KerberosConfig", "description": "Optional. Kerberos related configuration." } }, "type": "object" }, "google-native:dataproc/v1beta2:SecurityConfigResponse": { "description": "Security related configuration, including encryption, Kerberos, etc.", "properties": { "kerberosConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:KerberosConfigResponse", "description": "Optional. Kerberos related configuration." } }, "type": "object", "required": [ "kerberosConfig" ] }, "google-native:dataproc/v1beta2:ShieldedInstanceConfig": { "description": "Shielded Instance Config for clusters using Compute Engine Shielded VMs (https://cloud.google.com/security/shielded-cloud/shielded-vm).", "properties": { "enableIntegrityMonitoring": { "type": "boolean", "description": "Optional. Defines whether instances have integrity monitoring enabled." }, "enableSecureBoot": { "type": "boolean", "description": "Optional. Defines whether instances have Secure Boot enabled." }, "enableVtpm": { "type": "boolean", "description": "Optional. Defines whether instances have the vTPM enabled." } }, "type": "object" }, "google-native:dataproc/v1beta2:ShieldedInstanceConfigResponse": { "description": "Shielded Instance Config for clusters using Compute Engine Shielded VMs (https://cloud.google.com/security/shielded-cloud/shielded-vm).", "properties": { "enableIntegrityMonitoring": { "type": "boolean", "description": "Optional. Defines whether instances have integrity monitoring enabled." }, "enableSecureBoot": { "type": "boolean", "description": "Optional. Defines whether instances have Secure Boot enabled." }, "enableVtpm": { "type": "boolean", "description": "Optional. Defines whether instances have the vTPM enabled." } }, "type": "object", "required": [ "enableIntegrityMonitoring", "enableSecureBoot", "enableVtpm" ] }, "google-native:dataproc/v1beta2:SoftwareConfig": { "description": "Specifies the selection and config of software inside the cluster.", "properties": { "imageVersion": { "type": "string", "description": "Optional. The version of software inside the cluster. It must be one of the supported Dataproc Versions (https://cloud.google.com/dataproc/docs/concepts/versioning/dataproc-versions#supported_dataproc_versions), such as \"1.2\" (including a subminor version, such as \"1.2.29\"), or the \"preview\" version (https://cloud.google.com/dataproc/docs/concepts/versioning/dataproc-versions#other_versions). If unspecified, it defaults to the latest Debian version." }, "optionalComponents": { "type": "array", "items": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:SoftwareConfigOptionalComponentsItem" }, "description": "The set of optional components to activate on the cluster." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. The properties to set on daemon config files.Property keys are specified in prefix:property format, for example core:hadoop.tmp.dir. The following are supported prefixes and their mappings: capacity-scheduler: capacity-scheduler.xml core: core-site.xml distcp: distcp-default.xml hdfs: hdfs-site.xml hive: hive-site.xml mapred: mapred-site.xml pig: pig.properties spark: spark-defaults.conf yarn: yarn-site.xmlFor more information, see Cluster properties (https://cloud.google.com/dataproc/docs/concepts/cluster-properties)." } }, "type": "object" }, "google-native:dataproc/v1beta2:SoftwareConfigOptionalComponentsItem": { "type": "string", "enum": [ { "name": "ComponentUnspecified", "description": "Unspecified component. Specifying this will cause Cluster creation to fail.", "value": "COMPONENT_UNSPECIFIED" }, { "name": "Anaconda", "description": "The Anaconda python distribution. The Anaconda component is not supported in the Dataproc 2.0 image. The 2.0 image is pre-installed with Miniconda.", "value": "ANACONDA" }, { "name": "Docker", "description": "Docker", "value": "DOCKER" }, { "name": "Druid", "description": "The Druid query engine.", "value": "DRUID" }, { "name": "Flink", "description": "Flink", "value": "FLINK" }, { "name": "Hbase", "description": "HBase.", "value": "HBASE" }, { "name": "HiveWebhcat", "description": "The Hive Web HCatalog (the REST service for accessing HCatalog).", "value": "HIVE_WEBHCAT" }, { "name": "Jupyter", "description": "The Jupyter Notebook.", "value": "JUPYTER" }, { "name": "Kerberos", "description": "The Kerberos security feature.", "value": "KERBEROS" }, { "name": "Presto", "description": "The Presto query engine.", "value": "PRESTO" }, { "name": "Ranger", "description": "The Ranger service.", "value": "RANGER" }, { "name": "Solr", "description": "The Solr service.", "value": "SOLR" }, { "name": "Zeppelin", "description": "The Zeppelin notebook.", "value": "ZEPPELIN" }, { "name": "Zookeeper", "description": "The Zookeeper service.", "value": "ZOOKEEPER" } ] }, "google-native:dataproc/v1beta2:SoftwareConfigResponse": { "description": "Specifies the selection and config of software inside the cluster.", "properties": { "imageVersion": { "type": "string", "description": "Optional. The version of software inside the cluster. It must be one of the supported Dataproc Versions (https://cloud.google.com/dataproc/docs/concepts/versioning/dataproc-versions#supported_dataproc_versions), such as \"1.2\" (including a subminor version, such as \"1.2.29\"), or the \"preview\" version (https://cloud.google.com/dataproc/docs/concepts/versioning/dataproc-versions#other_versions). If unspecified, it defaults to the latest Debian version." }, "optionalComponents": { "type": "array", "items": { "type": "string" }, "description": "The set of optional components to activate on the cluster." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. The properties to set on daemon config files.Property keys are specified in prefix:property format, for example core:hadoop.tmp.dir. The following are supported prefixes and their mappings: capacity-scheduler: capacity-scheduler.xml core: core-site.xml distcp: distcp-default.xml hdfs: hdfs-site.xml hive: hive-site.xml mapred: mapred-site.xml pig: pig.properties spark: spark-defaults.conf yarn: yarn-site.xmlFor more information, see Cluster properties (https://cloud.google.com/dataproc/docs/concepts/cluster-properties)." } }, "type": "object", "required": [ "imageVersion", "optionalComponents", "properties" ] }, "google-native:dataproc/v1beta2:SparkJob": { "description": "A Dataproc job for running Apache Spark (http://spark.apache.org/) applications on YARN. The specification of the main method to call to drive the job. Specify either the jar file that contains the main class or the main class name. To pass both a main jar and a main class in that jar, add the jar to CommonJob.jar_file_uris, and then specify the main class name in main_class.", "properties": { "archiveUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of archives to be extracted into the working directory of each executor. Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip." }, "args": { "type": "array", "items": { "type": "string" }, "description": "Optional. The arguments to pass to the driver. Do not include arguments, such as --conf, that can be set as job properties, since a collision may occur that causes an incorrect job submission." }, "fileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of files to be placed in the working directory of each executor. Useful for naively parallel tasks." }, "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of jar files to add to the CLASSPATHs of the Spark driver and tasks." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:LoggingConfig", "description": "Optional. The runtime log config for job execution." }, "mainClass": { "type": "string", "description": "The name of the driver's main class. The jar file that contains the class must be in the default CLASSPATH or specified in jar_file_uris." }, "mainJarFileUri": { "type": "string", "description": "The HCFS URI of the jar file that contains the main class." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values, used to configure Spark. Properties that conflict with values set by the Dataproc API may be overwritten. Can include properties set in /etc/spark/conf/spark-defaults.conf and classes in user code." } }, "type": "object" }, "google-native:dataproc/v1beta2:SparkJobResponse": { "description": "A Dataproc job for running Apache Spark (http://spark.apache.org/) applications on YARN. The specification of the main method to call to drive the job. Specify either the jar file that contains the main class or the main class name. To pass both a main jar and a main class in that jar, add the jar to CommonJob.jar_file_uris, and then specify the main class name in main_class.", "properties": { "archiveUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of archives to be extracted into the working directory of each executor. Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip." }, "args": { "type": "array", "items": { "type": "string" }, "description": "Optional. The arguments to pass to the driver. Do not include arguments, such as --conf, that can be set as job properties, since a collision may occur that causes an incorrect job submission." }, "fileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of files to be placed in the working directory of each executor. Useful for naively parallel tasks." }, "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of jar files to add to the CLASSPATHs of the Spark driver and tasks." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:LoggingConfigResponse", "description": "Optional. The runtime log config for job execution." }, "mainClass": { "type": "string", "description": "The name of the driver's main class. The jar file that contains the class must be in the default CLASSPATH or specified in jar_file_uris." }, "mainJarFileUri": { "type": "string", "description": "The HCFS URI of the jar file that contains the main class." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values, used to configure Spark. Properties that conflict with values set by the Dataproc API may be overwritten. Can include properties set in /etc/spark/conf/spark-defaults.conf and classes in user code." } }, "type": "object", "required": [ "archiveUris", "args", "fileUris", "jarFileUris", "loggingConfig", "mainClass", "mainJarFileUri", "properties" ] }, "google-native:dataproc/v1beta2:SparkRJob": { "description": "A Dataproc job for running Apache SparkR (https://spark.apache.org/docs/latest/sparkr.html) applications on YARN.", "properties": { "archiveUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of archives to be extracted into the working directory of each executor. Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip." }, "args": { "type": "array", "items": { "type": "string" }, "description": "Optional. The arguments to pass to the driver. Do not include arguments, such as --conf, that can be set as job properties, since a collision may occur that causes an incorrect job submission." }, "fileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of files to be placed in the working directory of each executor. Useful for naively parallel tasks." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:LoggingConfig", "description": "Optional. The runtime log config for job execution." }, "mainRFileUri": { "type": "string", "description": "The HCFS URI of the main R file to use as the driver. Must be a .R file." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values, used to configure SparkR. Properties that conflict with values set by the Dataproc API may be overwritten. Can include properties set in /etc/spark/conf/spark-defaults.conf and classes in user code." } }, "type": "object", "required": [ "mainRFileUri" ] }, "google-native:dataproc/v1beta2:SparkRJobResponse": { "description": "A Dataproc job for running Apache SparkR (https://spark.apache.org/docs/latest/sparkr.html) applications on YARN.", "properties": { "archiveUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of archives to be extracted into the working directory of each executor. Supported file types: .jar, .tar, .tar.gz, .tgz, and .zip." }, "args": { "type": "array", "items": { "type": "string" }, "description": "Optional. The arguments to pass to the driver. Do not include arguments, such as --conf, that can be set as job properties, since a collision may occur that causes an incorrect job submission." }, "fileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of files to be placed in the working directory of each executor. Useful for naively parallel tasks." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:LoggingConfigResponse", "description": "Optional. The runtime log config for job execution." }, "mainRFileUri": { "type": "string", "description": "The HCFS URI of the main R file to use as the driver. Must be a .R file." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values, used to configure SparkR. Properties that conflict with values set by the Dataproc API may be overwritten. Can include properties set in /etc/spark/conf/spark-defaults.conf and classes in user code." } }, "type": "object", "required": [ "archiveUris", "args", "fileUris", "loggingConfig", "mainRFileUri", "properties" ] }, "google-native:dataproc/v1beta2:SparkSqlJob": { "description": "A Dataproc job for running Apache Spark SQL (http://spark.apache.org/sql/) queries.", "properties": { "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of jar files to be added to the Spark CLASSPATH." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:LoggingConfig", "description": "Optional. The runtime log config for job execution." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values, used to configure Spark SQL's SparkConf. Properties that conflict with values set by the Dataproc API may be overwritten." }, "queryFileUri": { "type": "string", "description": "The HCFS URI of the script that contains SQL queries." }, "queryList": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:QueryList", "description": "A list of queries." }, "scriptVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Mapping of query variable names to values (equivalent to the Spark SQL command: SET name=\"value\";)." } }, "type": "object" }, "google-native:dataproc/v1beta2:SparkSqlJobResponse": { "description": "A Dataproc job for running Apache Spark SQL (http://spark.apache.org/sql/) queries.", "properties": { "jarFileUris": { "type": "array", "items": { "type": "string" }, "description": "Optional. HCFS URIs of jar files to be added to the Spark CLASSPATH." }, "loggingConfig": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:LoggingConfigResponse", "description": "Optional. The runtime log config for job execution." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. A mapping of property names to values, used to configure Spark SQL's SparkConf. Properties that conflict with values set by the Dataproc API may be overwritten." }, "queryFileUri": { "type": "string", "description": "The HCFS URI of the script that contains SQL queries." }, "queryList": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:QueryListResponse", "description": "A list of queries." }, "scriptVariables": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Mapping of query variable names to values (equivalent to the Spark SQL command: SET name=\"value\";)." } }, "type": "object", "required": [ "jarFileUris", "loggingConfig", "properties", "queryFileUri", "queryList", "scriptVariables" ] }, "google-native:dataproc/v1beta2:TemplateParameter": { "description": "A configurable parameter that replaces one or more fields in the template. Parameterizable fields: - Labels - File uris - Job properties - Job arguments - Script variables - Main class (in HadoopJob and SparkJob) - Zone (in ClusterSelector)", "properties": { "description": { "type": "string", "description": "Optional. Brief description of the parameter. Must not exceed 1024 characters." }, "fields": { "type": "array", "items": { "type": "string" }, "description": "Paths to all fields that the parameter replaces. A field is allowed to appear in at most one parameter's list of field paths.A field path is similar in syntax to a google.protobuf.FieldMask. For example, a field path that references the zone field of a workflow template's cluster selector would be specified as placement.clusterSelector.zone.Also, field paths can reference fields using the following syntax: Values in maps can be referenced by key: labels'key' placement.clusterSelector.clusterLabels'key' placement.managedCluster.labels'key' placement.clusterSelector.clusterLabels'key' jobs'step-id'.labels'key' Jobs in the jobs list can be referenced by step-id: jobs'step-id'.hadoopJob.mainJarFileUri jobs'step-id'.hiveJob.queryFileUri jobs'step-id'.pySparkJob.mainPythonFileUri jobs'step-id'.hadoopJob.jarFileUris0 jobs'step-id'.hadoopJob.archiveUris0 jobs'step-id'.hadoopJob.fileUris0 jobs'step-id'.pySparkJob.pythonFileUris0 Items in repeated fields can be referenced by a zero-based index: jobs'step-id'.sparkJob.args0 Other examples: jobs'step-id'.hadoopJob.properties'key' jobs'step-id'.hadoopJob.args0 jobs'step-id'.hiveJob.scriptVariables'key' jobs'step-id'.hadoopJob.mainJarFileUri placement.clusterSelector.zoneIt may not be possible to parameterize maps and repeated fields in their entirety since only individual map values and individual items in repeated fields can be referenced. For example, the following field paths are invalid: placement.clusterSelector.clusterLabels jobs'step-id'.sparkJob.args" }, "name": { "type": "string", "description": "Parameter name. The parameter name is used as the key, and paired with the parameter value, which are passed to the template when the template is instantiated. The name must contain only capital letters (A-Z), numbers (0-9), and underscores (_), and must not start with a number. The maximum length is 40 characters." }, "validation": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:ParameterValidation", "description": "Optional. Validation rules to be applied to this parameter's value." } }, "type": "object", "required": [ "fields", "name" ] }, "google-native:dataproc/v1beta2:TemplateParameterResponse": { "description": "A configurable parameter that replaces one or more fields in the template. Parameterizable fields: - Labels - File uris - Job properties - Job arguments - Script variables - Main class (in HadoopJob and SparkJob) - Zone (in ClusterSelector)", "properties": { "description": { "type": "string", "description": "Optional. Brief description of the parameter. Must not exceed 1024 characters." }, "fields": { "type": "array", "items": { "type": "string" }, "description": "Paths to all fields that the parameter replaces. A field is allowed to appear in at most one parameter's list of field paths.A field path is similar in syntax to a google.protobuf.FieldMask. For example, a field path that references the zone field of a workflow template's cluster selector would be specified as placement.clusterSelector.zone.Also, field paths can reference fields using the following syntax: Values in maps can be referenced by key: labels'key' placement.clusterSelector.clusterLabels'key' placement.managedCluster.labels'key' placement.clusterSelector.clusterLabels'key' jobs'step-id'.labels'key' Jobs in the jobs list can be referenced by step-id: jobs'step-id'.hadoopJob.mainJarFileUri jobs'step-id'.hiveJob.queryFileUri jobs'step-id'.pySparkJob.mainPythonFileUri jobs'step-id'.hadoopJob.jarFileUris0 jobs'step-id'.hadoopJob.archiveUris0 jobs'step-id'.hadoopJob.fileUris0 jobs'step-id'.pySparkJob.pythonFileUris0 Items in repeated fields can be referenced by a zero-based index: jobs'step-id'.sparkJob.args0 Other examples: jobs'step-id'.hadoopJob.properties'key' jobs'step-id'.hadoopJob.args0 jobs'step-id'.hiveJob.scriptVariables'key' jobs'step-id'.hadoopJob.mainJarFileUri placement.clusterSelector.zoneIt may not be possible to parameterize maps and repeated fields in their entirety since only individual map values and individual items in repeated fields can be referenced. For example, the following field paths are invalid: placement.clusterSelector.clusterLabels jobs'step-id'.sparkJob.args" }, "name": { "type": "string", "description": "Parameter name. The parameter name is used as the key, and paired with the parameter value, which are passed to the template when the template is instantiated. The name must contain only capital letters (A-Z), numbers (0-9), and underscores (_), and must not start with a number. The maximum length is 40 characters." }, "validation": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:ParameterValidationResponse", "description": "Optional. Validation rules to be applied to this parameter's value." } }, "type": "object", "required": [ "description", "fields", "name", "validation" ] }, "google-native:dataproc/v1beta2:ValueValidation": { "description": "Validation based on a list of allowed values.", "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "List of allowed values for the parameter." } }, "type": "object", "required": [ "values" ] }, "google-native:dataproc/v1beta2:ValueValidationResponse": { "description": "Validation based on a list of allowed values.", "properties": { "values": { "type": "array", "items": { "type": "string" }, "description": "List of allowed values for the parameter." } }, "type": "object", "required": [ "values" ] }, "google-native:dataproc/v1beta2:WorkflowTemplatePlacement": { "description": "Specifies workflow execution target.Either managed_cluster or cluster_selector is required.", "properties": { "clusterSelector": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:ClusterSelector", "description": "Optional. A selector that chooses target cluster for jobs based on metadata.The selector is evaluated at the time each job is submitted." }, "managedCluster": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:ManagedCluster", "description": "Optional. A cluster that is managed by the workflow." } }, "type": "object" }, "google-native:dataproc/v1beta2:WorkflowTemplatePlacementResponse": { "description": "Specifies workflow execution target.Either managed_cluster or cluster_selector is required.", "properties": { "clusterSelector": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:ClusterSelectorResponse", "description": "Optional. A selector that chooses target cluster for jobs based on metadata.The selector is evaluated at the time each job is submitted." }, "managedCluster": { "$ref": "#/types/google-native:dataproc%2Fv1beta2:ManagedClusterResponse", "description": "Optional. A cluster that is managed by the workflow." } }, "type": "object", "required": [ "clusterSelector", "managedCluster" ] }, "google-native:dataproc/v1beta2:YarnApplicationResponse": { "description": "A YARN application created by a job. Application information is a subset of org.apache.hadoop.yarn.proto.YarnProtos.ApplicationReportProto.Beta Feature: This report is available for testing purposes only. It may be changed before final release.", "properties": { "name": { "type": "string", "description": "The application name." }, "progress": { "type": "number", "description": "The numerical progress of the application, from 1 to 100." }, "state": { "type": "string", "description": "The application state." }, "trackingUrl": { "type": "string", "description": "The HTTP URL of the ApplicationMaster, HistoryServer, or TimelineServer that provides application-specific information. The URL uses the internal hostname, and requires a proxy server for resolution and, possibly, access." } }, "type": "object", "required": [ "name", "progress", "state", "trackingUrl" ] }, "google-native:datastore/v1:GoogleDatastoreAdminV1IndexedProperty": { "description": "A property of an index.", "properties": { "direction": { "$ref": "#/types/google-native:datastore%2Fv1:GoogleDatastoreAdminV1IndexedPropertyDirection", "description": "The indexed property's direction. Must not be DIRECTION_UNSPECIFIED." }, "name": { "type": "string", "description": "The property name to index." } }, "type": "object", "required": [ "direction", "name" ] }, "google-native:datastore/v1:GoogleDatastoreAdminV1IndexedPropertyDirection": { "description": "Required. The indexed property's direction. Must not be DIRECTION_UNSPECIFIED.", "type": "string", "enum": [ { "name": "DirectionUnspecified", "description": "The direction is unspecified.", "value": "DIRECTION_UNSPECIFIED" }, { "name": "Ascending", "description": "The property's values are indexed so as to support sequencing in ascending order and also query by <, >, <=, >=, and =.", "value": "ASCENDING" }, { "name": "Descending", "description": "The property's values are indexed so as to support sequencing in descending order and also query by <, >, <=, >=, and =.", "value": "DESCENDING" } ] }, "google-native:datastore/v1:GoogleDatastoreAdminV1IndexedPropertyResponse": { "description": "A property of an index.", "properties": { "direction": { "type": "string", "description": "The indexed property's direction. Must not be DIRECTION_UNSPECIFIED." }, "name": { "type": "string", "description": "The property name to index." } }, "type": "object", "required": [ "direction", "name" ] }, "google-native:datastore/v1:IndexAncestor": { "description": "Required. The index's ancestor mode. Must not be ANCESTOR_MODE_UNSPECIFIED.", "type": "string", "enum": [ { "name": "AncestorModeUnspecified", "description": "The ancestor mode is unspecified.", "value": "ANCESTOR_MODE_UNSPECIFIED" }, { "name": "None", "description": "Do not include the entity's ancestors in the index.", "value": "NONE" }, { "name": "AllAncestors", "description": "Include all the entity's ancestors in the index.", "value": "ALL_ANCESTORS" } ] }, "google-native:datastream/v1:AvroFileFormat": { "description": "AVRO file format configuration.", "type": "object" }, "google-native:datastream/v1:AvroFileFormatResponse": { "description": "AVRO file format configuration.", "type": "object" }, "google-native:datastream/v1:BackfillAllStrategy": { "description": "Backfill strategy to automatically backfill the Stream's objects. Specific objects can be excluded.", "properties": { "mysqlExcludedObjects": { "$ref": "#/types/google-native:datastream%2Fv1:MysqlRdbms", "description": "MySQL data source objects to avoid backfilling." }, "oracleExcludedObjects": { "$ref": "#/types/google-native:datastream%2Fv1:OracleRdbms", "description": "Oracle data source objects to avoid backfilling." }, "postgresqlExcludedObjects": { "$ref": "#/types/google-native:datastream%2Fv1:PostgresqlRdbms", "description": "PostgreSQL data source objects to avoid backfilling." } }, "type": "object" }, "google-native:datastream/v1:BackfillAllStrategyResponse": { "description": "Backfill strategy to automatically backfill the Stream's objects. Specific objects can be excluded.", "properties": { "mysqlExcludedObjects": { "$ref": "#/types/google-native:datastream%2Fv1:MysqlRdbmsResponse", "description": "MySQL data source objects to avoid backfilling." }, "oracleExcludedObjects": { "$ref": "#/types/google-native:datastream%2Fv1:OracleRdbmsResponse", "description": "Oracle data source objects to avoid backfilling." }, "postgresqlExcludedObjects": { "$ref": "#/types/google-native:datastream%2Fv1:PostgresqlRdbmsResponse", "description": "PostgreSQL data source objects to avoid backfilling." } }, "type": "object", "required": [ "mysqlExcludedObjects", "oracleExcludedObjects", "postgresqlExcludedObjects" ] }, "google-native:datastream/v1:BackfillNoneStrategy": { "description": "Backfill strategy to disable automatic backfill for the Stream's objects.", "type": "object" }, "google-native:datastream/v1:BackfillNoneStrategyResponse": { "description": "Backfill strategy to disable automatic backfill for the Stream's objects.", "type": "object" }, "google-native:datastream/v1:BigQueryDestinationConfig": { "description": "BigQuery destination configuration", "properties": { "dataFreshness": { "type": "string", "description": "The guaranteed data freshness (in seconds) when querying tables created by the stream. Editing this field will only affect new tables created in the future, but existing tables will not be impacted. Lower values mean that queries will return fresher data, but may result in higher cost." }, "singleTargetDataset": { "$ref": "#/types/google-native:datastream%2Fv1:SingleTargetDataset", "description": "Single destination dataset." }, "sourceHierarchyDatasets": { "$ref": "#/types/google-native:datastream%2Fv1:SourceHierarchyDatasets", "description": "Source hierarchy datasets." } }, "type": "object" }, "google-native:datastream/v1:BigQueryDestinationConfigResponse": { "description": "BigQuery destination configuration", "properties": { "dataFreshness": { "type": "string", "description": "The guaranteed data freshness (in seconds) when querying tables created by the stream. Editing this field will only affect new tables created in the future, but existing tables will not be impacted. Lower values mean that queries will return fresher data, but may result in higher cost." }, "singleTargetDataset": { "$ref": "#/types/google-native:datastream%2Fv1:SingleTargetDatasetResponse", "description": "Single destination dataset." }, "sourceHierarchyDatasets": { "$ref": "#/types/google-native:datastream%2Fv1:SourceHierarchyDatasetsResponse", "description": "Source hierarchy datasets." } }, "type": "object", "required": [ "dataFreshness", "singleTargetDataset", "sourceHierarchyDatasets" ] }, "google-native:datastream/v1:BigQueryProfile": { "description": "BigQuery warehouse profile.", "type": "object" }, "google-native:datastream/v1:BigQueryProfileResponse": { "description": "BigQuery warehouse profile.", "type": "object" }, "google-native:datastream/v1:DatasetTemplate": { "description": "Dataset template used for dynamic dataset creation.", "properties": { "datasetIdPrefix": { "type": "string", "description": "If supplied, every created dataset will have its name prefixed by the provided value. The prefix and name will be separated by an underscore. i.e. _." }, "kmsKeyName": { "type": "string", "description": "Describes the Cloud KMS encryption key that will be used to protect destination BigQuery table. The BigQuery Service Account associated with your project requires access to this encryption key. i.e. projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{cryptoKey}. See https://cloud.google.com/bigquery/docs/customer-managed-encryption for more information." }, "location": { "type": "string", "description": "The geographic location where the dataset should reside. See https://cloud.google.com/bigquery/docs/locations for supported locations." } }, "type": "object", "required": [ "location" ] }, "google-native:datastream/v1:DatasetTemplateResponse": { "description": "Dataset template used for dynamic dataset creation.", "properties": { "datasetIdPrefix": { "type": "string", "description": "If supplied, every created dataset will have its name prefixed by the provided value. The prefix and name will be separated by an underscore. i.e. _." }, "kmsKeyName": { "type": "string", "description": "Describes the Cloud KMS encryption key that will be used to protect destination BigQuery table. The BigQuery Service Account associated with your project requires access to this encryption key. i.e. projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{cryptoKey}. See https://cloud.google.com/bigquery/docs/customer-managed-encryption for more information." }, "location": { "type": "string", "description": "The geographic location where the dataset should reside. See https://cloud.google.com/bigquery/docs/locations for supported locations." } }, "type": "object", "required": [ "datasetIdPrefix", "kmsKeyName", "location" ] }, "google-native:datastream/v1:DestinationConfig": { "description": "The configuration of the stream destination.", "properties": { "bigqueryDestinationConfig": { "$ref": "#/types/google-native:datastream%2Fv1:BigQueryDestinationConfig", "description": "BigQuery destination configuration." }, "destinationConnectionProfile": { "type": "string", "description": "Destination connection profile resource. Format: `projects/{project}/locations/{location}/connectionProfiles/{name}`" }, "gcsDestinationConfig": { "$ref": "#/types/google-native:datastream%2Fv1:GcsDestinationConfig", "description": "A configuration for how data should be loaded to Cloud Storage." } }, "type": "object", "required": [ "destinationConnectionProfile" ] }, "google-native:datastream/v1:DestinationConfigResponse": { "description": "The configuration of the stream destination.", "properties": { "bigqueryDestinationConfig": { "$ref": "#/types/google-native:datastream%2Fv1:BigQueryDestinationConfigResponse", "description": "BigQuery destination configuration." }, "destinationConnectionProfile": { "type": "string", "description": "Destination connection profile resource. Format: `projects/{project}/locations/{location}/connectionProfiles/{name}`" }, "gcsDestinationConfig": { "$ref": "#/types/google-native:datastream%2Fv1:GcsDestinationConfigResponse", "description": "A configuration for how data should be loaded to Cloud Storage." } }, "type": "object", "required": [ "bigqueryDestinationConfig", "destinationConnectionProfile", "gcsDestinationConfig" ] }, "google-native:datastream/v1:DropLargeObjects": { "description": "Configuration to drop large object values.", "type": "object" }, "google-native:datastream/v1:DropLargeObjectsResponse": { "description": "Configuration to drop large object values.", "type": "object" }, "google-native:datastream/v1:ErrorResponse": { "description": "Represent a user-facing Error.", "properties": { "details": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the error." }, "errorTime": { "type": "string", "description": "The time when the error occurred." }, "errorUuid": { "type": "string", "description": "A unique identifier for this specific error, allowing it to be traced throughout the system in logs and API responses." }, "message": { "type": "string", "description": "A message containing more information about the error that occurred." }, "reason": { "type": "string", "description": "A title that explains the reason for the error." } }, "type": "object", "required": [ "details", "errorTime", "errorUuid", "message", "reason" ] }, "google-native:datastream/v1:ForwardSshTunnelConnectivity": { "description": "Forward SSH Tunnel connectivity.", "properties": { "hostname": { "type": "string", "description": "Hostname for the SSH tunnel." }, "password": { "type": "string", "description": "Input only. SSH password." }, "port": { "type": "integer", "description": "Port for the SSH tunnel, default value is 22." }, "privateKey": { "type": "string", "description": "Input only. SSH private key." }, "username": { "type": "string", "description": "Username for the SSH tunnel." } }, "type": "object", "required": [ "hostname", "username" ] }, "google-native:datastream/v1:ForwardSshTunnelConnectivityResponse": { "description": "Forward SSH Tunnel connectivity.", "properties": { "hostname": { "type": "string", "description": "Hostname for the SSH tunnel." }, "password": { "type": "string", "description": "Input only. SSH password." }, "port": { "type": "integer", "description": "Port for the SSH tunnel, default value is 22." }, "privateKey": { "type": "string", "description": "Input only. SSH private key." }, "username": { "type": "string", "description": "Username for the SSH tunnel." } }, "type": "object", "required": [ "hostname", "password", "port", "privateKey", "username" ] }, "google-native:datastream/v1:GcsDestinationConfig": { "description": "Google Cloud Storage destination configuration", "properties": { "avroFileFormat": { "$ref": "#/types/google-native:datastream%2Fv1:AvroFileFormat", "description": "AVRO file format configuration." }, "fileRotationInterval": { "type": "string", "description": "The maximum duration for which new events are added before a file is closed and a new file is created. Values within the range of 15-60 seconds are allowed." }, "fileRotationMb": { "type": "integer", "description": "The maximum file size to be saved in the bucket." }, "jsonFileFormat": { "$ref": "#/types/google-native:datastream%2Fv1:JsonFileFormat", "description": "JSON file format configuration." }, "path": { "type": "string", "description": "Path inside the Cloud Storage bucket to write data to." } }, "type": "object" }, "google-native:datastream/v1:GcsDestinationConfigResponse": { "description": "Google Cloud Storage destination configuration", "properties": { "avroFileFormat": { "$ref": "#/types/google-native:datastream%2Fv1:AvroFileFormatResponse", "description": "AVRO file format configuration." }, "fileRotationInterval": { "type": "string", "description": "The maximum duration for which new events are added before a file is closed and a new file is created. Values within the range of 15-60 seconds are allowed." }, "fileRotationMb": { "type": "integer", "description": "The maximum file size to be saved in the bucket." }, "jsonFileFormat": { "$ref": "#/types/google-native:datastream%2Fv1:JsonFileFormatResponse", "description": "JSON file format configuration." }, "path": { "type": "string", "description": "Path inside the Cloud Storage bucket to write data to." } }, "type": "object", "required": [ "avroFileFormat", "fileRotationInterval", "fileRotationMb", "jsonFileFormat", "path" ] }, "google-native:datastream/v1:GcsProfile": { "description": "Cloud Storage bucket profile.", "properties": { "bucket": { "type": "string", "description": "The Cloud Storage bucket name." }, "rootPath": { "type": "string", "description": "The root path inside the Cloud Storage bucket." } }, "type": "object", "required": [ "bucket" ] }, "google-native:datastream/v1:GcsProfileResponse": { "description": "Cloud Storage bucket profile.", "properties": { "bucket": { "type": "string", "description": "The Cloud Storage bucket name." }, "rootPath": { "type": "string", "description": "The root path inside the Cloud Storage bucket." } }, "type": "object", "required": [ "bucket", "rootPath" ] }, "google-native:datastream/v1:JsonFileFormat": { "description": "JSON file format configuration.", "properties": { "compression": { "$ref": "#/types/google-native:datastream%2Fv1:JsonFileFormatCompression", "description": "Compression of the loaded JSON file." }, "schemaFileFormat": { "$ref": "#/types/google-native:datastream%2Fv1:JsonFileFormatSchemaFileFormat", "description": "The schema file format along JSON data files." } }, "type": "object" }, "google-native:datastream/v1:JsonFileFormatCompression": { "description": "Compression of the loaded JSON file.", "type": "string", "enum": [ { "name": "JsonCompressionUnspecified", "description": "Unspecified json file compression.", "value": "JSON_COMPRESSION_UNSPECIFIED" }, { "name": "NoCompression", "description": "Do not compress JSON file.", "value": "NO_COMPRESSION" }, { "name": "Gzip", "description": "Gzip compression.", "value": "GZIP" } ] }, "google-native:datastream/v1:JsonFileFormatResponse": { "description": "JSON file format configuration.", "properties": { "compression": { "type": "string", "description": "Compression of the loaded JSON file." }, "schemaFileFormat": { "type": "string", "description": "The schema file format along JSON data files." } }, "type": "object", "required": [ "compression", "schemaFileFormat" ] }, "google-native:datastream/v1:JsonFileFormatSchemaFileFormat": { "description": "The schema file format along JSON data files.", "type": "string", "enum": [ { "name": "SchemaFileFormatUnspecified", "description": "Unspecified schema file format.", "value": "SCHEMA_FILE_FORMAT_UNSPECIFIED" }, { "name": "NoSchemaFile", "description": "Do not attach schema file.", "value": "NO_SCHEMA_FILE" }, { "name": "AvroSchemaFile", "description": "Avro schema format.", "value": "AVRO_SCHEMA_FILE" } ] }, "google-native:datastream/v1:MysqlColumn": { "description": "MySQL Column.", "properties": { "collation": { "type": "string", "description": "Column collation." }, "column": { "type": "string", "description": "Column name." }, "dataType": { "type": "string", "description": "The MySQL data type. Full data types list can be found here: https://dev.mysql.com/doc/refman/8.0/en/data-types.html" }, "length": { "type": "integer", "description": "Column length." }, "nullable": { "type": "boolean", "description": "Whether or not the column can accept a null value." }, "ordinalPosition": { "type": "integer", "description": "The ordinal position of the column in the table." }, "precision": { "type": "integer", "description": "Column precision." }, "primaryKey": { "type": "boolean", "description": "Whether or not the column represents a primary key." }, "scale": { "type": "integer", "description": "Column scale." } }, "type": "object" }, "google-native:datastream/v1:MysqlColumnResponse": { "description": "MySQL Column.", "properties": { "collation": { "type": "string", "description": "Column collation." }, "column": { "type": "string", "description": "Column name." }, "dataType": { "type": "string", "description": "The MySQL data type. Full data types list can be found here: https://dev.mysql.com/doc/refman/8.0/en/data-types.html" }, "length": { "type": "integer", "description": "Column length." }, "nullable": { "type": "boolean", "description": "Whether or not the column can accept a null value." }, "ordinalPosition": { "type": "integer", "description": "The ordinal position of the column in the table." }, "precision": { "type": "integer", "description": "Column precision." }, "primaryKey": { "type": "boolean", "description": "Whether or not the column represents a primary key." }, "scale": { "type": "integer", "description": "Column scale." } }, "type": "object", "required": [ "collation", "column", "dataType", "length", "nullable", "ordinalPosition", "precision", "primaryKey", "scale" ] }, "google-native:datastream/v1:MysqlDatabase": { "description": "MySQL database.", "properties": { "database": { "type": "string", "description": "Database name." }, "mysqlTables": { "type": "array", "items": { "$ref": "#/types/google-native:datastream%2Fv1:MysqlTable" }, "description": "Tables in the database." } }, "type": "object" }, "google-native:datastream/v1:MysqlDatabaseResponse": { "description": "MySQL database.", "properties": { "database": { "type": "string", "description": "Database name." }, "mysqlTables": { "type": "array", "items": { "$ref": "#/types/google-native:datastream%2Fv1:MysqlTableResponse" }, "description": "Tables in the database." } }, "type": "object", "required": [ "database", "mysqlTables" ] }, "google-native:datastream/v1:MysqlProfile": { "description": "MySQL database profile.", "properties": { "hostname": { "type": "string", "description": "Hostname for the MySQL connection." }, "password": { "type": "string", "description": "Input only. Password for the MySQL connection." }, "port": { "type": "integer", "description": "Port for the MySQL connection, default value is 3306." }, "sslConfig": { "$ref": "#/types/google-native:datastream%2Fv1:MysqlSslConfig", "description": "SSL configuration for the MySQL connection." }, "username": { "type": "string", "description": "Username for the MySQL connection." } }, "type": "object", "required": [ "hostname", "password", "username" ] }, "google-native:datastream/v1:MysqlProfileResponse": { "description": "MySQL database profile.", "properties": { "hostname": { "type": "string", "description": "Hostname for the MySQL connection." }, "password": { "type": "string", "description": "Input only. Password for the MySQL connection." }, "port": { "type": "integer", "description": "Port for the MySQL connection, default value is 3306." }, "sslConfig": { "$ref": "#/types/google-native:datastream%2Fv1:MysqlSslConfigResponse", "description": "SSL configuration for the MySQL connection." }, "username": { "type": "string", "description": "Username for the MySQL connection." } }, "type": "object", "required": [ "hostname", "password", "port", "sslConfig", "username" ] }, "google-native:datastream/v1:MysqlRdbms": { "description": "MySQL database structure", "properties": { "mysqlDatabases": { "type": "array", "items": { "$ref": "#/types/google-native:datastream%2Fv1:MysqlDatabase" }, "description": "Mysql databases on the server" } }, "type": "object" }, "google-native:datastream/v1:MysqlRdbmsResponse": { "description": "MySQL database structure", "properties": { "mysqlDatabases": { "type": "array", "items": { "$ref": "#/types/google-native:datastream%2Fv1:MysqlDatabaseResponse" }, "description": "Mysql databases on the server" } }, "type": "object", "required": [ "mysqlDatabases" ] }, "google-native:datastream/v1:MysqlSourceConfig": { "description": "MySQL source configuration", "properties": { "excludeObjects": { "$ref": "#/types/google-native:datastream%2Fv1:MysqlRdbms", "description": "MySQL objects to exclude from the stream." }, "includeObjects": { "$ref": "#/types/google-native:datastream%2Fv1:MysqlRdbms", "description": "MySQL objects to retrieve from the source." }, "maxConcurrentBackfillTasks": { "type": "integer", "description": "Maximum number of concurrent backfill tasks. The number should be non negative. If not set (or set to 0), the system's default value will be used." }, "maxConcurrentCdcTasks": { "type": "integer", "description": "Maximum number of concurrent CDC tasks. The number should be non negative. If not set (or set to 0), the system's default value will be used." } }, "type": "object" }, "google-native:datastream/v1:MysqlSourceConfigResponse": { "description": "MySQL source configuration", "properties": { "excludeObjects": { "$ref": "#/types/google-native:datastream%2Fv1:MysqlRdbmsResponse", "description": "MySQL objects to exclude from the stream." }, "includeObjects": { "$ref": "#/types/google-native:datastream%2Fv1:MysqlRdbmsResponse", "description": "MySQL objects to retrieve from the source." }, "maxConcurrentBackfillTasks": { "type": "integer", "description": "Maximum number of concurrent backfill tasks. The number should be non negative. If not set (or set to 0), the system's default value will be used." }, "maxConcurrentCdcTasks": { "type": "integer", "description": "Maximum number of concurrent CDC tasks. The number should be non negative. If not set (or set to 0), the system's default value will be used." } }, "type": "object", "required": [ "excludeObjects", "includeObjects", "maxConcurrentBackfillTasks", "maxConcurrentCdcTasks" ] }, "google-native:datastream/v1:MysqlSslConfig": { "description": "MySQL SSL configuration information.", "properties": { "caCertificate": { "type": "string", "description": "Input only. PEM-encoded certificate of the CA that signed the source database server's certificate." }, "clientCertificate": { "type": "string", "description": "Input only. PEM-encoded certificate that will be used by the replica to authenticate against the source database server. If this field is used then the 'client_key' and the 'ca_certificate' fields are mandatory." }, "clientKey": { "type": "string", "description": "Input only. PEM-encoded private key associated with the Client Certificate. If this field is used then the 'client_certificate' and the 'ca_certificate' fields are mandatory." } }, "type": "object" }, "google-native:datastream/v1:MysqlSslConfigResponse": { "description": "MySQL SSL configuration information.", "properties": { "caCertificate": { "type": "string", "description": "Input only. PEM-encoded certificate of the CA that signed the source database server's certificate." }, "caCertificateSet": { "type": "boolean", "description": "Indicates whether the ca_certificate field is set." }, "clientCertificate": { "type": "string", "description": "Input only. PEM-encoded certificate that will be used by the replica to authenticate against the source database server. If this field is used then the 'client_key' and the 'ca_certificate' fields are mandatory." }, "clientCertificateSet": { "type": "boolean", "description": "Indicates whether the client_certificate field is set." }, "clientKey": { "type": "string", "description": "Input only. PEM-encoded private key associated with the Client Certificate. If this field is used then the 'client_certificate' and the 'ca_certificate' fields are mandatory." }, "clientKeySet": { "type": "boolean", "description": "Indicates whether the client_key field is set." } }, "type": "object", "required": [ "caCertificate", "caCertificateSet", "clientCertificate", "clientCertificateSet", "clientKey", "clientKeySet" ] }, "google-native:datastream/v1:MysqlTable": { "description": "MySQL table.", "properties": { "mysqlColumns": { "type": "array", "items": { "$ref": "#/types/google-native:datastream%2Fv1:MysqlColumn" }, "description": "MySQL columns in the database. When unspecified as part of include/exclude objects, includes/excludes everything." }, "table": { "type": "string", "description": "Table name." } }, "type": "object" }, "google-native:datastream/v1:MysqlTableResponse": { "description": "MySQL table.", "properties": { "mysqlColumns": { "type": "array", "items": { "$ref": "#/types/google-native:datastream%2Fv1:MysqlColumnResponse" }, "description": "MySQL columns in the database. When unspecified as part of include/exclude objects, includes/excludes everything." }, "table": { "type": "string", "description": "Table name." } }, "type": "object", "required": [ "mysqlColumns", "table" ] }, "google-native:datastream/v1:OracleColumn": { "description": "Oracle Column.", "properties": { "column": { "type": "string", "description": "Column name." }, "dataType": { "type": "string", "description": "The Oracle data type." }, "encoding": { "type": "string", "description": "Column encoding." }, "length": { "type": "integer", "description": "Column length." }, "nullable": { "type": "boolean", "description": "Whether or not the column can accept a null value." }, "ordinalPosition": { "type": "integer", "description": "The ordinal position of the column in the table." }, "precision": { "type": "integer", "description": "Column precision." }, "primaryKey": { "type": "boolean", "description": "Whether or not the column represents a primary key." }, "scale": { "type": "integer", "description": "Column scale." } }, "type": "object" }, "google-native:datastream/v1:OracleColumnResponse": { "description": "Oracle Column.", "properties": { "column": { "type": "string", "description": "Column name." }, "dataType": { "type": "string", "description": "The Oracle data type." }, "encoding": { "type": "string", "description": "Column encoding." }, "length": { "type": "integer", "description": "Column length." }, "nullable": { "type": "boolean", "description": "Whether or not the column can accept a null value." }, "ordinalPosition": { "type": "integer", "description": "The ordinal position of the column in the table." }, "precision": { "type": "integer", "description": "Column precision." }, "primaryKey": { "type": "boolean", "description": "Whether or not the column represents a primary key." }, "scale": { "type": "integer", "description": "Column scale." } }, "type": "object", "required": [ "column", "dataType", "encoding", "length", "nullable", "ordinalPosition", "precision", "primaryKey", "scale" ] }, "google-native:datastream/v1:OracleProfile": { "description": "Oracle database profile.", "properties": { "connectionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Connection string attributes" }, "databaseService": { "type": "string", "description": "Database for the Oracle connection." }, "hostname": { "type": "string", "description": "Hostname for the Oracle connection." }, "oracleSslConfig": { "$ref": "#/types/google-native:datastream%2Fv1:OracleSslConfig", "description": "Optional. SSL configuration for the Oracle connection." }, "password": { "type": "string", "description": "Password for the Oracle connection." }, "port": { "type": "integer", "description": "Port for the Oracle connection, default value is 1521." }, "username": { "type": "string", "description": "Username for the Oracle connection." } }, "type": "object", "required": [ "databaseService", "hostname", "password", "username" ] }, "google-native:datastream/v1:OracleProfileResponse": { "description": "Oracle database profile.", "properties": { "connectionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Connection string attributes" }, "databaseService": { "type": "string", "description": "Database for the Oracle connection." }, "hostname": { "type": "string", "description": "Hostname for the Oracle connection." }, "oracleSslConfig": { "$ref": "#/types/google-native:datastream%2Fv1:OracleSslConfigResponse", "description": "Optional. SSL configuration for the Oracle connection." }, "password": { "type": "string", "description": "Password for the Oracle connection." }, "port": { "type": "integer", "description": "Port for the Oracle connection, default value is 1521." }, "username": { "type": "string", "description": "Username for the Oracle connection." } }, "type": "object", "required": [ "connectionAttributes", "databaseService", "hostname", "oracleSslConfig", "password", "port", "username" ] }, "google-native:datastream/v1:OracleRdbms": { "description": "Oracle database structure.", "properties": { "oracleSchemas": { "type": "array", "items": { "$ref": "#/types/google-native:datastream%2Fv1:OracleSchema" }, "description": "Oracle schemas/databases in the database server." } }, "type": "object" }, "google-native:datastream/v1:OracleRdbmsResponse": { "description": "Oracle database structure.", "properties": { "oracleSchemas": { "type": "array", "items": { "$ref": "#/types/google-native:datastream%2Fv1:OracleSchemaResponse" }, "description": "Oracle schemas/databases in the database server." } }, "type": "object", "required": [ "oracleSchemas" ] }, "google-native:datastream/v1:OracleSchema": { "description": "Oracle schema.", "properties": { "oracleTables": { "type": "array", "items": { "$ref": "#/types/google-native:datastream%2Fv1:OracleTable" }, "description": "Tables in the schema." }, "schema": { "type": "string", "description": "Schema name." } }, "type": "object" }, "google-native:datastream/v1:OracleSchemaResponse": { "description": "Oracle schema.", "properties": { "oracleTables": { "type": "array", "items": { "$ref": "#/types/google-native:datastream%2Fv1:OracleTableResponse" }, "description": "Tables in the schema." }, "schema": { "type": "string", "description": "Schema name." } }, "type": "object", "required": [ "oracleTables", "schema" ] }, "google-native:datastream/v1:OracleSourceConfig": { "description": "Oracle data source configuration", "properties": { "dropLargeObjects": { "$ref": "#/types/google-native:datastream%2Fv1:DropLargeObjects", "description": "Drop large object values." }, "excludeObjects": { "$ref": "#/types/google-native:datastream%2Fv1:OracleRdbms", "description": "Oracle objects to exclude from the stream." }, "includeObjects": { "$ref": "#/types/google-native:datastream%2Fv1:OracleRdbms", "description": "Oracle objects to include in the stream." }, "maxConcurrentBackfillTasks": { "type": "integer", "description": "Maximum number of concurrent backfill tasks. The number should be non-negative. If not set (or set to 0), the system's default value is used." }, "maxConcurrentCdcTasks": { "type": "integer", "description": "Maximum number of concurrent CDC tasks. The number should be non-negative. If not set (or set to 0), the system's default value is used." }, "streamLargeObjects": { "$ref": "#/types/google-native:datastream%2Fv1:StreamLargeObjects", "description": "Stream large object values. NOTE: This feature is currently experimental." } }, "type": "object" }, "google-native:datastream/v1:OracleSourceConfigResponse": { "description": "Oracle data source configuration", "properties": { "dropLargeObjects": { "$ref": "#/types/google-native:datastream%2Fv1:DropLargeObjectsResponse", "description": "Drop large object values." }, "excludeObjects": { "$ref": "#/types/google-native:datastream%2Fv1:OracleRdbmsResponse", "description": "Oracle objects to exclude from the stream." }, "includeObjects": { "$ref": "#/types/google-native:datastream%2Fv1:OracleRdbmsResponse", "description": "Oracle objects to include in the stream." }, "maxConcurrentBackfillTasks": { "type": "integer", "description": "Maximum number of concurrent backfill tasks. The number should be non-negative. If not set (or set to 0), the system's default value is used." }, "maxConcurrentCdcTasks": { "type": "integer", "description": "Maximum number of concurrent CDC tasks. The number should be non-negative. If not set (or set to 0), the system's default value is used." }, "streamLargeObjects": { "$ref": "#/types/google-native:datastream%2Fv1:StreamLargeObjectsResponse", "description": "Stream large object values. NOTE: This feature is currently experimental." } }, "type": "object", "required": [ "dropLargeObjects", "excludeObjects", "includeObjects", "maxConcurrentBackfillTasks", "maxConcurrentCdcTasks", "streamLargeObjects" ] }, "google-native:datastream/v1:OracleSslConfig": { "description": "Oracle SSL configuration information.", "properties": { "caCertificate": { "type": "string", "description": "Input only. PEM-encoded certificate of the CA that signed the source database server's certificate." } }, "type": "object" }, "google-native:datastream/v1:OracleSslConfigResponse": { "description": "Oracle SSL configuration information.", "properties": { "caCertificate": { "type": "string", "description": "Input only. PEM-encoded certificate of the CA that signed the source database server's certificate." }, "caCertificateSet": { "type": "boolean", "description": "Indicates whether the ca_certificate field has been set for this Connection-Profile." } }, "type": "object", "required": [ "caCertificate", "caCertificateSet" ] }, "google-native:datastream/v1:OracleTable": { "description": "Oracle table.", "properties": { "oracleColumns": { "type": "array", "items": { "$ref": "#/types/google-native:datastream%2Fv1:OracleColumn" }, "description": "Oracle columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything." }, "table": { "type": "string", "description": "Table name." } }, "type": "object" }, "google-native:datastream/v1:OracleTableResponse": { "description": "Oracle table.", "properties": { "oracleColumns": { "type": "array", "items": { "$ref": "#/types/google-native:datastream%2Fv1:OracleColumnResponse" }, "description": "Oracle columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything." }, "table": { "type": "string", "description": "Table name." } }, "type": "object", "required": [ "oracleColumns", "table" ] }, "google-native:datastream/v1:PostgresqlColumn": { "description": "PostgreSQL Column.", "properties": { "column": { "type": "string", "description": "Column name." }, "dataType": { "type": "string", "description": "The PostgreSQL data type." }, "length": { "type": "integer", "description": "Column length." }, "nullable": { "type": "boolean", "description": "Whether or not the column can accept a null value." }, "ordinalPosition": { "type": "integer", "description": "The ordinal position of the column in the table." }, "precision": { "type": "integer", "description": "Column precision." }, "primaryKey": { "type": "boolean", "description": "Whether or not the column represents a primary key." }, "scale": { "type": "integer", "description": "Column scale." } }, "type": "object" }, "google-native:datastream/v1:PostgresqlColumnResponse": { "description": "PostgreSQL Column.", "properties": { "column": { "type": "string", "description": "Column name." }, "dataType": { "type": "string", "description": "The PostgreSQL data type." }, "length": { "type": "integer", "description": "Column length." }, "nullable": { "type": "boolean", "description": "Whether or not the column can accept a null value." }, "ordinalPosition": { "type": "integer", "description": "The ordinal position of the column in the table." }, "precision": { "type": "integer", "description": "Column precision." }, "primaryKey": { "type": "boolean", "description": "Whether or not the column represents a primary key." }, "scale": { "type": "integer", "description": "Column scale." } }, "type": "object", "required": [ "column", "dataType", "length", "nullable", "ordinalPosition", "precision", "primaryKey", "scale" ] }, "google-native:datastream/v1:PostgresqlProfile": { "description": "PostgreSQL database profile.", "properties": { "database": { "type": "string", "description": "Database for the PostgreSQL connection." }, "hostname": { "type": "string", "description": "Hostname for the PostgreSQL connection." }, "password": { "type": "string", "description": "Password for the PostgreSQL connection." }, "port": { "type": "integer", "description": "Port for the PostgreSQL connection, default value is 5432." }, "username": { "type": "string", "description": "Username for the PostgreSQL connection." } }, "type": "object", "required": [ "database", "hostname", "password", "username" ] }, "google-native:datastream/v1:PostgresqlProfileResponse": { "description": "PostgreSQL database profile.", "properties": { "database": { "type": "string", "description": "Database for the PostgreSQL connection." }, "hostname": { "type": "string", "description": "Hostname for the PostgreSQL connection." }, "password": { "type": "string", "description": "Password for the PostgreSQL connection." }, "port": { "type": "integer", "description": "Port for the PostgreSQL connection, default value is 5432." }, "username": { "type": "string", "description": "Username for the PostgreSQL connection." } }, "type": "object", "required": [ "database", "hostname", "password", "port", "username" ] }, "google-native:datastream/v1:PostgresqlRdbms": { "description": "PostgreSQL database structure.", "properties": { "postgresqlSchemas": { "type": "array", "items": { "$ref": "#/types/google-native:datastream%2Fv1:PostgresqlSchema" }, "description": "PostgreSQL schemas in the database server." } }, "type": "object" }, "google-native:datastream/v1:PostgresqlRdbmsResponse": { "description": "PostgreSQL database structure.", "properties": { "postgresqlSchemas": { "type": "array", "items": { "$ref": "#/types/google-native:datastream%2Fv1:PostgresqlSchemaResponse" }, "description": "PostgreSQL schemas in the database server." } }, "type": "object", "required": [ "postgresqlSchemas" ] }, "google-native:datastream/v1:PostgresqlSchema": { "description": "PostgreSQL schema.", "properties": { "postgresqlTables": { "type": "array", "items": { "$ref": "#/types/google-native:datastream%2Fv1:PostgresqlTable" }, "description": "Tables in the schema." }, "schema": { "type": "string", "description": "Schema name." } }, "type": "object" }, "google-native:datastream/v1:PostgresqlSchemaResponse": { "description": "PostgreSQL schema.", "properties": { "postgresqlTables": { "type": "array", "items": { "$ref": "#/types/google-native:datastream%2Fv1:PostgresqlTableResponse" }, "description": "Tables in the schema." }, "schema": { "type": "string", "description": "Schema name." } }, "type": "object", "required": [ "postgresqlTables", "schema" ] }, "google-native:datastream/v1:PostgresqlSourceConfig": { "description": "PostgreSQL data source configuration", "properties": { "excludeObjects": { "$ref": "#/types/google-native:datastream%2Fv1:PostgresqlRdbms", "description": "PostgreSQL objects to exclude from the stream." }, "includeObjects": { "$ref": "#/types/google-native:datastream%2Fv1:PostgresqlRdbms", "description": "PostgreSQL objects to include in the stream." }, "maxConcurrentBackfillTasks": { "type": "integer", "description": "Maximum number of concurrent backfill tasks. The number should be non negative. If not set (or set to 0), the system's default value will be used." }, "publication": { "type": "string", "description": "The name of the publication that includes the set of all tables that are defined in the stream's include_objects." }, "replicationSlot": { "type": "string", "description": "Immutable. The name of the logical replication slot that's configured with the pgoutput plugin." } }, "type": "object", "required": [ "publication", "replicationSlot" ] }, "google-native:datastream/v1:PostgresqlSourceConfigResponse": { "description": "PostgreSQL data source configuration", "properties": { "excludeObjects": { "$ref": "#/types/google-native:datastream%2Fv1:PostgresqlRdbmsResponse", "description": "PostgreSQL objects to exclude from the stream." }, "includeObjects": { "$ref": "#/types/google-native:datastream%2Fv1:PostgresqlRdbmsResponse", "description": "PostgreSQL objects to include in the stream." }, "maxConcurrentBackfillTasks": { "type": "integer", "description": "Maximum number of concurrent backfill tasks. The number should be non negative. If not set (or set to 0), the system's default value will be used." }, "publication": { "type": "string", "description": "The name of the publication that includes the set of all tables that are defined in the stream's include_objects." }, "replicationSlot": { "type": "string", "description": "Immutable. The name of the logical replication slot that's configured with the pgoutput plugin." } }, "type": "object", "required": [ "excludeObjects", "includeObjects", "maxConcurrentBackfillTasks", "publication", "replicationSlot" ] }, "google-native:datastream/v1:PostgresqlTable": { "description": "PostgreSQL table.", "properties": { "postgresqlColumns": { "type": "array", "items": { "$ref": "#/types/google-native:datastream%2Fv1:PostgresqlColumn" }, "description": "PostgreSQL columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything." }, "table": { "type": "string", "description": "Table name." } }, "type": "object" }, "google-native:datastream/v1:PostgresqlTableResponse": { "description": "PostgreSQL table.", "properties": { "postgresqlColumns": { "type": "array", "items": { "$ref": "#/types/google-native:datastream%2Fv1:PostgresqlColumnResponse" }, "description": "PostgreSQL columns in the schema. When unspecified as part of include/exclude objects, includes/excludes everything." }, "table": { "type": "string", "description": "Table name." } }, "type": "object", "required": [ "postgresqlColumns", "table" ] }, "google-native:datastream/v1:PrivateConnectivity": { "description": "Private Connectivity", "properties": { "privateConnection": { "type": "string", "description": "A reference to a private connection resource. Format: `projects/{project}/locations/{location}/privateConnections/{name}`" } }, "type": "object", "required": [ "privateConnection" ] }, "google-native:datastream/v1:PrivateConnectivityResponse": { "description": "Private Connectivity", "properties": { "privateConnection": { "type": "string", "description": "A reference to a private connection resource. Format: `projects/{project}/locations/{location}/privateConnections/{name}`" } }, "type": "object", "required": [ "privateConnection" ] }, "google-native:datastream/v1:SingleTargetDataset": { "description": "A single target dataset to which all data will be streamed.", "properties": { "datasetId": { "type": "string", "description": "The dataset ID of the target dataset. DatasetIds allowed characters: https://cloud.google.com/bigquery/docs/reference/rest/v2/datasets#datasetreference." } }, "type": "object" }, "google-native:datastream/v1:SingleTargetDatasetResponse": { "description": "A single target dataset to which all data will be streamed.", "properties": { "datasetId": { "type": "string", "description": "The dataset ID of the target dataset. DatasetIds allowed characters: https://cloud.google.com/bigquery/docs/reference/rest/v2/datasets#datasetreference." } }, "type": "object", "required": [ "datasetId" ] }, "google-native:datastream/v1:SourceConfig": { "description": "The configuration of the stream source.", "properties": { "mysqlSourceConfig": { "$ref": "#/types/google-native:datastream%2Fv1:MysqlSourceConfig", "description": "MySQL data source configuration." }, "oracleSourceConfig": { "$ref": "#/types/google-native:datastream%2Fv1:OracleSourceConfig", "description": "Oracle data source configuration." }, "postgresqlSourceConfig": { "$ref": "#/types/google-native:datastream%2Fv1:PostgresqlSourceConfig", "description": "PostgreSQL data source configuration." }, "sourceConnectionProfile": { "type": "string", "description": "Source connection profile resoource. Format: `projects/{project}/locations/{location}/connectionProfiles/{name}`" } }, "type": "object", "required": [ "sourceConnectionProfile" ] }, "google-native:datastream/v1:SourceConfigResponse": { "description": "The configuration of the stream source.", "properties": { "mysqlSourceConfig": { "$ref": "#/types/google-native:datastream%2Fv1:MysqlSourceConfigResponse", "description": "MySQL data source configuration." }, "oracleSourceConfig": { "$ref": "#/types/google-native:datastream%2Fv1:OracleSourceConfigResponse", "description": "Oracle data source configuration." }, "postgresqlSourceConfig": { "$ref": "#/types/google-native:datastream%2Fv1:PostgresqlSourceConfigResponse", "description": "PostgreSQL data source configuration." }, "sourceConnectionProfile": { "type": "string", "description": "Source connection profile resoource. Format: `projects/{project}/locations/{location}/connectionProfiles/{name}`" } }, "type": "object", "required": [ "mysqlSourceConfig", "oracleSourceConfig", "postgresqlSourceConfig", "sourceConnectionProfile" ] }, "google-native:datastream/v1:SourceHierarchyDatasets": { "description": "Destination datasets are created so that hierarchy of the destination data objects matches the source hierarchy.", "properties": { "datasetTemplate": { "$ref": "#/types/google-native:datastream%2Fv1:DatasetTemplate", "description": "The dataset template to use for dynamic dataset creation." } }, "type": "object" }, "google-native:datastream/v1:SourceHierarchyDatasetsResponse": { "description": "Destination datasets are created so that hierarchy of the destination data objects matches the source hierarchy.", "properties": { "datasetTemplate": { "$ref": "#/types/google-native:datastream%2Fv1:DatasetTemplateResponse", "description": "The dataset template to use for dynamic dataset creation." } }, "type": "object", "required": [ "datasetTemplate" ] }, "google-native:datastream/v1:StaticServiceIpConnectivity": { "description": "Static IP address connectivity. Used when the source database is configured to allow incoming connections from the Datastream public IP addresses for the region specified in the connection profile.", "type": "object" }, "google-native:datastream/v1:StaticServiceIpConnectivityResponse": { "description": "Static IP address connectivity. Used when the source database is configured to allow incoming connections from the Datastream public IP addresses for the region specified in the connection profile.", "type": "object" }, "google-native:datastream/v1:StreamLargeObjects": { "description": "Configuration to stream large object values.", "type": "object" }, "google-native:datastream/v1:StreamLargeObjectsResponse": { "description": "Configuration to stream large object values.", "type": "object" }, "google-native:datastream/v1:StreamState": { "description": "The state of the stream.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "Unspecified stream state.", "value": "STATE_UNSPECIFIED" }, { "name": "NotStarted", "description": "The stream has been created but has not yet started streaming data.", "value": "NOT_STARTED" }, { "name": "Running", "description": "The stream is running.", "value": "RUNNING" }, { "name": "Paused", "description": "The stream is paused.", "value": "PAUSED" }, { "name": "Maintenance", "description": "The stream is in maintenance mode. Updates are rejected on the resource in this state.", "value": "MAINTENANCE" }, { "name": "Failed", "description": "The stream is experiencing an error that is preventing data from being streamed.", "value": "FAILED" }, { "name": "FailedPermanently", "description": "The stream has experienced a terminal failure.", "value": "FAILED_PERMANENTLY" }, { "name": "Starting", "description": "The stream is starting, but not yet running.", "value": "STARTING" }, { "name": "Draining", "description": "The Stream is no longer reading new events, but still writing events in the buffer.", "value": "DRAINING" } ] }, "google-native:datastream/v1:VpcPeeringConfig": { "description": "The VPC Peering configuration is used to create VPC peering between Datastream and the consumer's VPC.", "properties": { "subnet": { "type": "string", "description": "A free subnet for peering. (CIDR of /29)" }, "vpc": { "type": "string", "description": "Fully qualified name of the VPC that Datastream will peer to. Format: `projects/{project}/global/{networks}/{name}`" } }, "type": "object", "required": [ "subnet", "vpc" ] }, "google-native:datastream/v1:VpcPeeringConfigResponse": { "description": "The VPC Peering configuration is used to create VPC peering between Datastream and the consumer's VPC.", "properties": { "subnet": { "type": "string", "description": "A free subnet for peering. (CIDR of /29)" }, "vpc": { "type": "string", "description": "Fully qualified name of the VPC that Datastream will peer to. Format: `projects/{project}/global/{networks}/{name}`" } }, "type": "object", "required": [ "subnet", "vpc" ] }, "google-native:datastream/v1alpha1:AvroFileFormat": { "description": "AVRO file format configuration.", "type": "object" }, "google-native:datastream/v1alpha1:AvroFileFormatResponse": { "description": "AVRO file format configuration.", "type": "object" }, "google-native:datastream/v1alpha1:BackfillAllStrategy": { "description": "Backfill strategy to automatically backfill the Stream's objects. Specific objects can be excluded.", "properties": { "mysqlExcludedObjects": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:MysqlRdbms", "description": "MySQL data source objects to avoid backfilling." }, "oracleExcludedObjects": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:OracleRdbms", "description": "Oracle data source objects to avoid backfilling." } }, "type": "object" }, "google-native:datastream/v1alpha1:BackfillAllStrategyResponse": { "description": "Backfill strategy to automatically backfill the Stream's objects. Specific objects can be excluded.", "properties": { "mysqlExcludedObjects": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:MysqlRdbmsResponse", "description": "MySQL data source objects to avoid backfilling." }, "oracleExcludedObjects": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:OracleRdbmsResponse", "description": "Oracle data source objects to avoid backfilling." } }, "type": "object", "required": [ "mysqlExcludedObjects", "oracleExcludedObjects" ] }, "google-native:datastream/v1alpha1:BackfillNoneStrategy": { "description": "Backfill strategy to disable automatic backfill for the Stream's objects.", "type": "object" }, "google-native:datastream/v1alpha1:BackfillNoneStrategyResponse": { "description": "Backfill strategy to disable automatic backfill for the Stream's objects.", "type": "object" }, "google-native:datastream/v1alpha1:DestinationConfig": { "description": "The configuration of the stream destination.", "properties": { "destinationConnectionProfileName": { "type": "string", "description": "Destination connection profile identifier." }, "gcsDestinationConfig": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:GcsDestinationConfig", "description": "GCS destination configuration." } }, "type": "object", "required": [ "destinationConnectionProfileName" ] }, "google-native:datastream/v1alpha1:DestinationConfigResponse": { "description": "The configuration of the stream destination.", "properties": { "destinationConnectionProfileName": { "type": "string", "description": "Destination connection profile identifier." }, "gcsDestinationConfig": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:GcsDestinationConfigResponse", "description": "GCS destination configuration." } }, "type": "object", "required": [ "destinationConnectionProfileName", "gcsDestinationConfig" ] }, "google-native:datastream/v1alpha1:DropLargeObjects": { "description": "Configuration to drop large object values.", "type": "object" }, "google-native:datastream/v1alpha1:DropLargeObjectsResponse": { "description": "Configuration to drop large object values.", "type": "object" }, "google-native:datastream/v1alpha1:ErrorResponse": { "description": "Represent a user-facing Error.", "properties": { "details": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Additional information about the error." }, "errorTime": { "type": "string", "description": "The time when the error occurred." }, "errorUuid": { "type": "string", "description": "A unique identifier for this specific error, allowing it to be traced throughout the system in logs and API responses." }, "message": { "type": "string", "description": "A message containing more information about the error that occurred." }, "reason": { "type": "string", "description": "A title that explains the reason for the error." } }, "type": "object", "required": [ "details", "errorTime", "errorUuid", "message", "reason" ] }, "google-native:datastream/v1alpha1:ForwardSshTunnelConnectivity": { "description": "Forward SSH Tunnel connectivity.", "properties": { "hostname": { "type": "string", "description": "Hostname for the SSH tunnel." }, "password": { "type": "string", "description": "Input only. SSH password." }, "port": { "type": "integer", "description": "Port for the SSH tunnel, default value is 22." }, "privateKey": { "type": "string", "description": "Input only. SSH private key." }, "username": { "type": "string", "description": "Username for the SSH tunnel." } }, "type": "object", "required": [ "hostname", "username" ] }, "google-native:datastream/v1alpha1:ForwardSshTunnelConnectivityResponse": { "description": "Forward SSH Tunnel connectivity.", "properties": { "hostname": { "type": "string", "description": "Hostname for the SSH tunnel." }, "password": { "type": "string", "description": "Input only. SSH password." }, "port": { "type": "integer", "description": "Port for the SSH tunnel, default value is 22." }, "privateKey": { "type": "string", "description": "Input only. SSH private key." }, "username": { "type": "string", "description": "Username for the SSH tunnel." } }, "type": "object", "required": [ "hostname", "password", "port", "privateKey", "username" ] }, "google-native:datastream/v1alpha1:GcsDestinationConfig": { "description": "Google Cloud Storage destination configuration", "properties": { "avroFileFormat": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:AvroFileFormat", "description": "AVRO file format configuration." }, "fileRotationInterval": { "type": "string", "description": "The maximum duration for which new events are added before a file is closed and a new file is created." }, "fileRotationMb": { "type": "integer", "description": "The maximum file size to be saved in the bucket." }, "gcsFileFormat": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:GcsDestinationConfigGcsFileFormat", "description": "File format that data should be written in. Deprecated field (b/169501737) - use file_format instead.", "deprecationMessage": "File format that data should be written in. Deprecated field (b/169501737) - use file_format instead." }, "jsonFileFormat": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:JsonFileFormat", "description": "JSON file format configuration." }, "path": { "type": "string", "description": "Path inside the Cloud Storage bucket to write data to." } }, "type": "object" }, "google-native:datastream/v1alpha1:GcsDestinationConfigGcsFileFormat": { "description": "File format that data should be written in. Deprecated field (b/169501737) - use file_format instead.", "type": "string", "enum": [ { "name": "GcsFileFormatUnspecified", "description": "Unspecified Cloud Storage file format.", "value": "GCS_FILE_FORMAT_UNSPECIFIED" }, { "name": "Avro", "description": "Avro file format", "value": "AVRO" } ] }, "google-native:datastream/v1alpha1:GcsDestinationConfigResponse": { "description": "Google Cloud Storage destination configuration", "properties": { "avroFileFormat": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:AvroFileFormatResponse", "description": "AVRO file format configuration." }, "fileRotationInterval": { "type": "string", "description": "The maximum duration for which new events are added before a file is closed and a new file is created." }, "fileRotationMb": { "type": "integer", "description": "The maximum file size to be saved in the bucket." }, "gcsFileFormat": { "type": "string", "description": "File format that data should be written in. Deprecated field (b/169501737) - use file_format instead.", "deprecationMessage": "File format that data should be written in. Deprecated field (b/169501737) - use file_format instead." }, "jsonFileFormat": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:JsonFileFormatResponse", "description": "JSON file format configuration." }, "path": { "type": "string", "description": "Path inside the Cloud Storage bucket to write data to." } }, "type": "object", "required": [ "avroFileFormat", "fileRotationInterval", "fileRotationMb", "gcsFileFormat", "jsonFileFormat", "path" ] }, "google-native:datastream/v1alpha1:GcsProfile": { "description": "Cloud Storage bucket profile.", "properties": { "bucketName": { "type": "string", "description": "The full project and resource path for Cloud Storage bucket including the name." }, "rootPath": { "type": "string", "description": "The root path inside the Cloud Storage bucket." } }, "type": "object", "required": [ "bucketName" ] }, "google-native:datastream/v1alpha1:GcsProfileResponse": { "description": "Cloud Storage bucket profile.", "properties": { "bucketName": { "type": "string", "description": "The full project and resource path for Cloud Storage bucket including the name." }, "rootPath": { "type": "string", "description": "The root path inside the Cloud Storage bucket." } }, "type": "object", "required": [ "bucketName", "rootPath" ] }, "google-native:datastream/v1alpha1:JsonFileFormat": { "description": "JSON file format configuration.", "properties": { "compression": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:JsonFileFormatCompression", "description": "Compression of the loaded JSON file." }, "schemaFileFormat": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:JsonFileFormatSchemaFileFormat", "description": "The schema file format along JSON data files." } }, "type": "object" }, "google-native:datastream/v1alpha1:JsonFileFormatCompression": { "description": "Compression of the loaded JSON file.", "type": "string", "enum": [ { "name": "JsonCompressionUnspecified", "description": "Unspecified json file compression.", "value": "JSON_COMPRESSION_UNSPECIFIED" }, { "name": "NoCompression", "description": "Do not compress JSON file.", "value": "NO_COMPRESSION" }, { "name": "Gzip", "description": "Gzip compression.", "value": "GZIP" } ] }, "google-native:datastream/v1alpha1:JsonFileFormatResponse": { "description": "JSON file format configuration.", "properties": { "compression": { "type": "string", "description": "Compression of the loaded JSON file." }, "schemaFileFormat": { "type": "string", "description": "The schema file format along JSON data files." } }, "type": "object", "required": [ "compression", "schemaFileFormat" ] }, "google-native:datastream/v1alpha1:JsonFileFormatSchemaFileFormat": { "description": "The schema file format along JSON data files.", "type": "string", "enum": [ { "name": "SchemaFileFormatUnspecified", "description": "Unspecified schema file format.", "value": "SCHEMA_FILE_FORMAT_UNSPECIFIED" }, { "name": "NoSchemaFile", "description": "Do not attach schema file.", "value": "NO_SCHEMA_FILE" }, { "name": "AvroSchemaFile", "description": "Avro schema format.", "value": "AVRO_SCHEMA_FILE" } ] }, "google-native:datastream/v1alpha1:MysqlColumn": { "description": "MySQL Column.", "properties": { "collation": { "type": "string", "description": "Column collation." }, "columnName": { "type": "string", "description": "Column name." }, "dataType": { "type": "string", "description": "The MySQL data type. Full data types list can be found here: https://dev.mysql.com/doc/refman/8.0/en/data-types.html" }, "length": { "type": "integer", "description": "Column length." }, "nullable": { "type": "boolean", "description": "Whether or not the column can accept a null value." }, "ordinalPosition": { "type": "integer", "description": "The ordinal position of the column in the table." }, "primaryKey": { "type": "boolean", "description": "Whether or not the column represents a primary key." } }, "type": "object" }, "google-native:datastream/v1alpha1:MysqlColumnResponse": { "description": "MySQL Column.", "properties": { "collation": { "type": "string", "description": "Column collation." }, "columnName": { "type": "string", "description": "Column name." }, "dataType": { "type": "string", "description": "The MySQL data type. Full data types list can be found here: https://dev.mysql.com/doc/refman/8.0/en/data-types.html" }, "length": { "type": "integer", "description": "Column length." }, "nullable": { "type": "boolean", "description": "Whether or not the column can accept a null value." }, "ordinalPosition": { "type": "integer", "description": "The ordinal position of the column in the table." }, "primaryKey": { "type": "boolean", "description": "Whether or not the column represents a primary key." } }, "type": "object", "required": [ "collation", "columnName", "dataType", "length", "nullable", "ordinalPosition", "primaryKey" ] }, "google-native:datastream/v1alpha1:MysqlDatabase": { "description": "MySQL database.", "properties": { "databaseName": { "type": "string", "description": "Database name." }, "mysqlTables": { "type": "array", "items": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:MysqlTable" }, "description": "Tables in the database." } }, "type": "object" }, "google-native:datastream/v1alpha1:MysqlDatabaseResponse": { "description": "MySQL database.", "properties": { "databaseName": { "type": "string", "description": "Database name." }, "mysqlTables": { "type": "array", "items": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:MysqlTableResponse" }, "description": "Tables in the database." } }, "type": "object", "required": [ "databaseName", "mysqlTables" ] }, "google-native:datastream/v1alpha1:MysqlProfile": { "description": "MySQL database profile.", "properties": { "hostname": { "type": "string", "description": "Hostname for the MySQL connection." }, "password": { "type": "string", "description": "Input only. Password for the MySQL connection." }, "port": { "type": "integer", "description": "Port for the MySQL connection, default value is 3306." }, "sslConfig": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:MysqlSslConfig", "description": "SSL configuration for the MySQL connection." }, "username": { "type": "string", "description": "Username for the MySQL connection." } }, "type": "object", "required": [ "hostname", "password", "username" ] }, "google-native:datastream/v1alpha1:MysqlProfileResponse": { "description": "MySQL database profile.", "properties": { "hostname": { "type": "string", "description": "Hostname for the MySQL connection." }, "password": { "type": "string", "description": "Input only. Password for the MySQL connection." }, "port": { "type": "integer", "description": "Port for the MySQL connection, default value is 3306." }, "sslConfig": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:MysqlSslConfigResponse", "description": "SSL configuration for the MySQL connection." }, "username": { "type": "string", "description": "Username for the MySQL connection." } }, "type": "object", "required": [ "hostname", "password", "port", "sslConfig", "username" ] }, "google-native:datastream/v1alpha1:MysqlRdbms": { "description": "MySQL database structure", "properties": { "mysqlDatabases": { "type": "array", "items": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:MysqlDatabase" }, "description": "Mysql databases on the server" } }, "type": "object" }, "google-native:datastream/v1alpha1:MysqlRdbmsResponse": { "description": "MySQL database structure", "properties": { "mysqlDatabases": { "type": "array", "items": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:MysqlDatabaseResponse" }, "description": "Mysql databases on the server" } }, "type": "object", "required": [ "mysqlDatabases" ] }, "google-native:datastream/v1alpha1:MysqlSourceConfig": { "description": "MySQL source configuration", "properties": { "allowlist": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:MysqlRdbms", "description": "MySQL objects to retrieve from the source." }, "rejectlist": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:MysqlRdbms", "description": "MySQL objects to exclude from the stream." } }, "type": "object" }, "google-native:datastream/v1alpha1:MysqlSourceConfigResponse": { "description": "MySQL source configuration", "properties": { "allowlist": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:MysqlRdbmsResponse", "description": "MySQL objects to retrieve from the source." }, "rejectlist": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:MysqlRdbmsResponse", "description": "MySQL objects to exclude from the stream." } }, "type": "object", "required": [ "allowlist", "rejectlist" ] }, "google-native:datastream/v1alpha1:MysqlSslConfig": { "description": "MySQL SSL configuration information.", "properties": { "caCertificate": { "type": "string", "description": "Input only. PEM-encoded certificate of the CA that signed the source database server's certificate." }, "clientCertificate": { "type": "string", "description": "Input only. PEM-encoded certificate that will be used by the replica to authenticate against the source database server. If this field is used then the 'client_key' and the 'ca_certificate' fields are mandatory." }, "clientKey": { "type": "string", "description": "Input only. PEM-encoded private key associated with the Client Certificate. If this field is used then the 'client_certificate' and the 'ca_certificate' fields are mandatory." } }, "type": "object" }, "google-native:datastream/v1alpha1:MysqlSslConfigResponse": { "description": "MySQL SSL configuration information.", "properties": { "caCertificate": { "type": "string", "description": "Input only. PEM-encoded certificate of the CA that signed the source database server's certificate." }, "caCertificateSet": { "type": "boolean", "description": "Indicates whether the ca_certificate field is set." }, "clientCertificate": { "type": "string", "description": "Input only. PEM-encoded certificate that will be used by the replica to authenticate against the source database server. If this field is used then the 'client_key' and the 'ca_certificate' fields are mandatory." }, "clientCertificateSet": { "type": "boolean", "description": "Indicates whether the client_certificate field is set." }, "clientKey": { "type": "string", "description": "Input only. PEM-encoded private key associated with the Client Certificate. If this field is used then the 'client_certificate' and the 'ca_certificate' fields are mandatory." }, "clientKeySet": { "type": "boolean", "description": "Indicates whether the client_key field is set." } }, "type": "object", "required": [ "caCertificate", "caCertificateSet", "clientCertificate", "clientCertificateSet", "clientKey", "clientKeySet" ] }, "google-native:datastream/v1alpha1:MysqlTable": { "description": "MySQL table.", "properties": { "mysqlColumns": { "type": "array", "items": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:MysqlColumn" }, "description": "MySQL columns in the database. When unspecified as part of include/exclude lists, includes/excludes everything." }, "tableName": { "type": "string", "description": "Table name." } }, "type": "object" }, "google-native:datastream/v1alpha1:MysqlTableResponse": { "description": "MySQL table.", "properties": { "mysqlColumns": { "type": "array", "items": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:MysqlColumnResponse" }, "description": "MySQL columns in the database. When unspecified as part of include/exclude lists, includes/excludes everything." }, "tableName": { "type": "string", "description": "Table name." } }, "type": "object", "required": [ "mysqlColumns", "tableName" ] }, "google-native:datastream/v1alpha1:NoConnectivitySettings": { "description": "No connectivity settings.", "type": "object" }, "google-native:datastream/v1alpha1:NoConnectivitySettingsResponse": { "description": "No connectivity settings.", "type": "object" }, "google-native:datastream/v1alpha1:OracleColumn": { "description": "Oracle Column.", "properties": { "columnName": { "type": "string", "description": "Column name." }, "dataType": { "type": "string", "description": "The Oracle data type." }, "encoding": { "type": "string", "description": "Column encoding." }, "length": { "type": "integer", "description": "Column length." }, "nullable": { "type": "boolean", "description": "Whether or not the column can accept a null value." }, "ordinalPosition": { "type": "integer", "description": "The ordinal position of the column in the table." }, "precision": { "type": "integer", "description": "Column precision." }, "primaryKey": { "type": "boolean", "description": "Whether or not the column represents a primary key." }, "scale": { "type": "integer", "description": "Column scale." } }, "type": "object" }, "google-native:datastream/v1alpha1:OracleColumnResponse": { "description": "Oracle Column.", "properties": { "columnName": { "type": "string", "description": "Column name." }, "dataType": { "type": "string", "description": "The Oracle data type." }, "encoding": { "type": "string", "description": "Column encoding." }, "length": { "type": "integer", "description": "Column length." }, "nullable": { "type": "boolean", "description": "Whether or not the column can accept a null value." }, "ordinalPosition": { "type": "integer", "description": "The ordinal position of the column in the table." }, "precision": { "type": "integer", "description": "Column precision." }, "primaryKey": { "type": "boolean", "description": "Whether or not the column represents a primary key." }, "scale": { "type": "integer", "description": "Column scale." } }, "type": "object", "required": [ "columnName", "dataType", "encoding", "length", "nullable", "ordinalPosition", "precision", "primaryKey", "scale" ] }, "google-native:datastream/v1alpha1:OracleProfile": { "description": "Oracle database profile.", "properties": { "connectionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Connection string attributes" }, "databaseService": { "type": "string", "description": "Database for the Oracle connection." }, "hostname": { "type": "string", "description": "Hostname for the Oracle connection." }, "password": { "type": "string", "description": "Password for the Oracle connection." }, "port": { "type": "integer", "description": "Port for the Oracle connection, default value is 1521." }, "username": { "type": "string", "description": "Username for the Oracle connection." } }, "type": "object", "required": [ "databaseService", "hostname", "password", "username" ] }, "google-native:datastream/v1alpha1:OracleProfileResponse": { "description": "Oracle database profile.", "properties": { "connectionAttributes": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Connection string attributes" }, "databaseService": { "type": "string", "description": "Database for the Oracle connection." }, "hostname": { "type": "string", "description": "Hostname for the Oracle connection." }, "password": { "type": "string", "description": "Password for the Oracle connection." }, "port": { "type": "integer", "description": "Port for the Oracle connection, default value is 1521." }, "username": { "type": "string", "description": "Username for the Oracle connection." } }, "type": "object", "required": [ "connectionAttributes", "databaseService", "hostname", "password", "port", "username" ] }, "google-native:datastream/v1alpha1:OracleRdbms": { "description": "Oracle database structure.", "properties": { "oracleSchemas": { "type": "array", "items": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:OracleSchema" }, "description": "Oracle schemas/databases in the database server." } }, "type": "object" }, "google-native:datastream/v1alpha1:OracleRdbmsResponse": { "description": "Oracle database structure.", "properties": { "oracleSchemas": { "type": "array", "items": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:OracleSchemaResponse" }, "description": "Oracle schemas/databases in the database server." } }, "type": "object", "required": [ "oracleSchemas" ] }, "google-native:datastream/v1alpha1:OracleSchema": { "description": "Oracle schema.", "properties": { "oracleTables": { "type": "array", "items": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:OracleTable" }, "description": "Tables in the schema." }, "schemaName": { "type": "string", "description": "Schema name." } }, "type": "object" }, "google-native:datastream/v1alpha1:OracleSchemaResponse": { "description": "Oracle schema.", "properties": { "oracleTables": { "type": "array", "items": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:OracleTableResponse" }, "description": "Tables in the schema." }, "schemaName": { "type": "string", "description": "Schema name." } }, "type": "object", "required": [ "oracleTables", "schemaName" ] }, "google-native:datastream/v1alpha1:OracleSourceConfig": { "description": "Oracle data source configuration", "properties": { "allowlist": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:OracleRdbms", "description": "Oracle objects to include in the stream." }, "dropLargeObjects": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:DropLargeObjects", "description": "Drop large object values." }, "rejectlist": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:OracleRdbms", "description": "Oracle objects to exclude from the stream." } }, "type": "object" }, "google-native:datastream/v1alpha1:OracleSourceConfigResponse": { "description": "Oracle data source configuration", "properties": { "allowlist": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:OracleRdbmsResponse", "description": "Oracle objects to include in the stream." }, "dropLargeObjects": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:DropLargeObjectsResponse", "description": "Drop large object values." }, "rejectlist": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:OracleRdbmsResponse", "description": "Oracle objects to exclude from the stream." } }, "type": "object", "required": [ "allowlist", "dropLargeObjects", "rejectlist" ] }, "google-native:datastream/v1alpha1:OracleTable": { "description": "Oracle table.", "properties": { "oracleColumns": { "type": "array", "items": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:OracleColumn" }, "description": "Oracle columns in the schema. When unspecified as part of inclue/exclude lists, includes/excludes everything." }, "tableName": { "type": "string", "description": "Table name." } }, "type": "object" }, "google-native:datastream/v1alpha1:OracleTableResponse": { "description": "Oracle table.", "properties": { "oracleColumns": { "type": "array", "items": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:OracleColumnResponse" }, "description": "Oracle columns in the schema. When unspecified as part of inclue/exclude lists, includes/excludes everything." }, "tableName": { "type": "string", "description": "Table name." } }, "type": "object", "required": [ "oracleColumns", "tableName" ] }, "google-native:datastream/v1alpha1:PrivateConnectivity": { "description": "Private Connectivity", "properties": { "privateConnectionName": { "type": "string" } }, "type": "object" }, "google-native:datastream/v1alpha1:PrivateConnectivityResponse": { "description": "Private Connectivity", "properties": { "privateConnectionName": { "type": "string" } }, "type": "object", "required": [ "privateConnectionName" ] }, "google-native:datastream/v1alpha1:SourceConfig": { "description": "The configuration of the stream source.", "properties": { "mysqlSourceConfig": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:MysqlSourceConfig", "description": "MySQL data source configuration" }, "oracleSourceConfig": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:OracleSourceConfig", "description": "Oracle data source configuration" }, "sourceConnectionProfileName": { "type": "string", "description": "Source connection profile identifier." } }, "type": "object", "required": [ "sourceConnectionProfileName" ] }, "google-native:datastream/v1alpha1:SourceConfigResponse": { "description": "The configuration of the stream source.", "properties": { "mysqlSourceConfig": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:MysqlSourceConfigResponse", "description": "MySQL data source configuration" }, "oracleSourceConfig": { "$ref": "#/types/google-native:datastream%2Fv1alpha1:OracleSourceConfigResponse", "description": "Oracle data source configuration" }, "sourceConnectionProfileName": { "type": "string", "description": "Source connection profile identifier." } }, "type": "object", "required": [ "mysqlSourceConfig", "oracleSourceConfig", "sourceConnectionProfileName" ] }, "google-native:datastream/v1alpha1:StaticServiceIpConnectivity": { "description": "Static IP address connectivity.", "type": "object" }, "google-native:datastream/v1alpha1:StaticServiceIpConnectivityResponse": { "description": "Static IP address connectivity.", "type": "object" }, "google-native:datastream/v1alpha1:StreamState": { "description": "The state of the stream.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "Unspecified stream state.", "value": "STATE_UNSPECIFIED" }, { "name": "Created", "description": "The stream has been created.", "value": "CREATED" }, { "name": "Running", "description": "The stream is running.", "value": "RUNNING" }, { "name": "Paused", "description": "The stream is paused.", "value": "PAUSED" }, { "name": "Maintenance", "description": "The stream is in maintenance mode. Updates are rejected on the resource in this state.", "value": "MAINTENANCE" }, { "name": "Failed", "description": "The stream is experiencing an error that is preventing data from being streamed.", "value": "FAILED" }, { "name": "FailedPermanently", "description": "The stream has experienced a terminal failure.", "value": "FAILED_PERMANENTLY" }, { "name": "Starting", "description": "The stream is starting, but not yet running.", "value": "STARTING" }, { "name": "Draining", "description": "The Stream is no longer reading new events, but still writing events in the buffer.", "value": "DRAINING" } ] }, "google-native:datastream/v1alpha1:VpcPeeringConfig": { "description": "The VPC Peering configuration is used to create VPC peering between Datastream and the consumer's VPC.", "properties": { "subnet": { "type": "string", "description": "A free subnet for peering. (CIDR of /29)" }, "vpcName": { "type": "string", "description": "fully qualified name of the VPC Datastream will peer to." } }, "type": "object", "required": [ "subnet", "vpcName" ] }, "google-native:datastream/v1alpha1:VpcPeeringConfigResponse": { "description": "The VPC Peering configuration is used to create VPC peering between Datastream and the consumer's VPC.", "properties": { "subnet": { "type": "string", "description": "A free subnet for peering. (CIDR of /29)" }, "vpcName": { "type": "string", "description": "fully qualified name of the VPC Datastream will peer to." } }, "type": "object", "required": [ "subnet", "vpcName" ] }, "google-native:deploymentmanager/alpha:AsyncOptions": { "description": "Async options that determine when a resource should finish.", "properties": { "methodMatch": { "type": "string", "description": "Method regex where this policy will apply." }, "pollingOptions": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:PollingOptions", "description": "Deployment manager will poll instances for this API resource setting a RUNNING state, and blocking until polling conditions tell whether the resource is completed or failed." } }, "type": "object" }, "google-native:deploymentmanager/alpha:AsyncOptionsResponse": { "description": "Async options that determine when a resource should finish.", "properties": { "methodMatch": { "type": "string", "description": "Method regex where this policy will apply." }, "pollingOptions": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:PollingOptionsResponse", "description": "Deployment manager will poll instances for this API resource setting a RUNNING state, and blocking until polling conditions tell whether the resource is completed or failed." } }, "type": "object", "required": [ "methodMatch", "pollingOptions" ] }, "google-native:deploymentmanager/alpha:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:deploymentmanager/alpha:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:deploymentmanager/alpha:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:deploymentmanager/alpha:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:deploymentmanager/alpha:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:deploymentmanager/alpha:BasicAuth": { "description": "Basic Auth used as a credential.", "properties": { "password": { "type": "string" }, "user": { "type": "string" } }, "type": "object" }, "google-native:deploymentmanager/alpha:BasicAuthResponse": { "description": "Basic Auth used as a credential.", "properties": { "password": { "type": "string" }, "user": { "type": "string" } }, "type": "object", "required": [ "password", "user" ] }, "google-native:deploymentmanager/alpha:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:deploymentmanager/alpha:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:deploymentmanager/alpha:CollectionOverride": { "description": "CollectionOverride allows resource handling overrides for specific resources within a BaseType", "properties": { "collection": { "type": "string", "description": "The collection that identifies this resource within its service." }, "methodMap": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:MethodMap", "description": "Custom verb method mappings to support unordered list API mappings." }, "options": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:Options", "description": "The options to apply to this resource-level override" } }, "type": "object" }, "google-native:deploymentmanager/alpha:CollectionOverrideResponse": { "description": "CollectionOverride allows resource handling overrides for specific resources within a BaseType", "properties": { "collection": { "type": "string", "description": "The collection that identifies this resource within its service." }, "methodMap": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:MethodMapResponse", "description": "Custom verb method mappings to support unordered list API mappings." }, "options": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:OptionsResponse", "description": "The options to apply to this resource-level override" } }, "type": "object", "required": [ "collection", "methodMap", "options" ] }, "google-native:deploymentmanager/alpha:CompositeTypeLabelEntry": { "description": "Label object for CompositeTypes", "properties": { "key": { "type": "string", "description": "Key of the label" }, "value": { "type": "string", "description": "Value of the label" } }, "type": "object" }, "google-native:deploymentmanager/alpha:CompositeTypeLabelEntryResponse": { "description": "Label object for CompositeTypes", "properties": { "key": { "type": "string", "description": "Key of the label" }, "value": { "type": "string", "description": "Value of the label" } }, "type": "object", "required": [ "key", "value" ] }, "google-native:deploymentmanager/alpha:CompositeTypeStatus": { "type": "string", "enum": [ { "name": "UnknownStatus", "value": "UNKNOWN_STATUS" }, { "name": "Deprecated", "value": "DEPRECATED" }, { "name": "Experimental", "value": "EXPERIMENTAL" }, { "name": "Supported", "value": "SUPPORTED" } ] }, "google-native:deploymentmanager/alpha:ConfigFile": { "properties": { "content": { "type": "string", "description": "The contents of the file." } }, "type": "object" }, "google-native:deploymentmanager/alpha:ConfigFileResponse": { "properties": { "content": { "type": "string", "description": "The contents of the file." } }, "type": "object", "required": [ "content" ] }, "google-native:deploymentmanager/alpha:Credential": { "description": "The credential used by Deployment Manager and TypeProvider. Only one of the options is permitted.", "properties": { "basicAuth": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:BasicAuth", "description": "Basic Auth Credential, only used by TypeProvider." }, "serviceAccount": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:ServiceAccount", "description": "Service Account Credential, only used by Deployment." }, "useProjectDefault": { "type": "boolean", "description": "Specify to use the project default credential, only supported by Deployment." } }, "type": "object" }, "google-native:deploymentmanager/alpha:CredentialResponse": { "description": "The credential used by Deployment Manager and TypeProvider. Only one of the options is permitted.", "properties": { "basicAuth": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:BasicAuthResponse", "description": "Basic Auth Credential, only used by TypeProvider." }, "serviceAccount": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:ServiceAccountResponse", "description": "Service Account Credential, only used by Deployment." }, "useProjectDefault": { "type": "boolean", "description": "Specify to use the project default credential, only supported by Deployment." } }, "type": "object", "required": [ "basicAuth", "serviceAccount", "useProjectDefault" ] }, "google-native:deploymentmanager/alpha:DeploymentLabelEntry": { "description": "Label object for Deployments", "properties": { "key": { "type": "string", "description": "Key of the label" }, "value": { "type": "string", "description": "Value of the label" } }, "type": "object" }, "google-native:deploymentmanager/alpha:DeploymentLabelEntryResponse": { "description": "Label object for Deployments", "properties": { "key": { "type": "string", "description": "Key of the label" }, "value": { "type": "string", "description": "Value of the label" } }, "type": "object", "required": [ "key", "value" ] }, "google-native:deploymentmanager/alpha:DeploymentOutputEntryResponse": { "description": "Output object for Deployments", "properties": { "key": { "type": "string", "description": "Key of the output" }, "value": { "type": "string", "description": "Value of the label" } }, "type": "object", "required": [ "key", "value" ] }, "google-native:deploymentmanager/alpha:DeploymentUpdateLabelEntryResponse": { "description": "Label object for DeploymentUpdate", "properties": { "key": { "type": "string", "description": "Key of the label" }, "value": { "type": "string", "description": "Value of the label" } }, "type": "object", "required": [ "key", "value" ] }, "google-native:deploymentmanager/alpha:DeploymentUpdateResponse": { "properties": { "credential": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:CredentialResponse", "description": "The user-provided default credential to use when deploying this preview." }, "description": { "type": "string", "description": "An optional user-provided description of the deployment after the current update has been applied." }, "labels": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:DeploymentUpdateLabelEntryResponse" }, "description": "Map of One Platform labels; provided by the client when the resource is created or updated. Specifically: Label keys must be between 1 and 63 characters long and must conform to the following regular expression: `[a-z]([-a-z0-9]*[a-z0-9])?` Label values must be between 0 and 63 characters long and must conform to the regular expression `([a-z]([-a-z0-9]*[a-z0-9])?)?`." }, "manifest": { "type": "string", "description": "URL of the manifest representing the update configuration of this deployment." } }, "type": "object", "required": [ "credential", "description", "labels", "manifest" ] }, "google-native:deploymentmanager/alpha:Diagnostic": { "properties": { "field": { "type": "string", "description": "JsonPath expression on the resource that if non empty, indicates that this field needs to be extracted as a diagnostic." }, "level": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:DiagnosticLevel", "description": "Level to record this diagnostic." } }, "type": "object" }, "google-native:deploymentmanager/alpha:DiagnosticLevel": { "description": "Level to record this diagnostic.", "type": "string", "enum": [ { "name": "Unknown", "value": "UNKNOWN" }, { "name": "Information", "description": "If level is informational, it only gets displayed as part of the resource.", "value": "INFORMATION" }, { "name": "Warning", "description": "If level is warning, will end up in the resource as a warning.", "value": "WARNING" }, { "name": "Error", "description": "If level is error, it will indicate an error occurred after finishCondition is set, and this field will populate resource errors and operation errors.", "value": "ERROR" } ] }, "google-native:deploymentmanager/alpha:DiagnosticResponse": { "properties": { "field": { "type": "string", "description": "JsonPath expression on the resource that if non empty, indicates that this field needs to be extracted as a diagnostic." }, "level": { "type": "string", "description": "Level to record this diagnostic." } }, "type": "object", "required": [ "field", "level" ] }, "google-native:deploymentmanager/alpha:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:deploymentmanager/alpha:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:deploymentmanager/alpha:ImportFile": { "properties": { "content": { "type": "string", "description": "The contents of the file." }, "name": { "type": "string", "description": "The name of the file." } }, "type": "object" }, "google-native:deploymentmanager/alpha:ImportFileResponse": { "properties": { "content": { "type": "string", "description": "The contents of the file." }, "name": { "type": "string", "description": "The name of the file." } }, "type": "object", "required": [ "content", "name" ] }, "google-native:deploymentmanager/alpha:InputMapping": { "description": "InputMapping creates a 'virtual' property that will be injected into the properties before sending the request to the underlying API.", "properties": { "fieldName": { "type": "string", "description": "The name of the field that is going to be injected." }, "location": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:InputMappingLocation", "description": "The location where this mapping applies." }, "methodMatch": { "type": "string", "description": "Regex to evaluate on method to decide if input applies." }, "value": { "type": "string", "description": "A jsonPath expression to select an element." } }, "type": "object" }, "google-native:deploymentmanager/alpha:InputMappingLocation": { "description": "The location where this mapping applies.", "type": "string", "enum": [ { "name": "Unknown", "value": "UNKNOWN" }, { "name": "Path", "value": "PATH" }, { "name": "Query", "value": "QUERY" }, { "name": "Body", "value": "BODY" }, { "name": "Header", "value": "HEADER" } ] }, "google-native:deploymentmanager/alpha:InputMappingResponse": { "description": "InputMapping creates a 'virtual' property that will be injected into the properties before sending the request to the underlying API.", "properties": { "fieldName": { "type": "string", "description": "The name of the field that is going to be injected." }, "location": { "type": "string", "description": "The location where this mapping applies." }, "methodMatch": { "type": "string", "description": "Regex to evaluate on method to decide if input applies." }, "value": { "type": "string", "description": "A jsonPath expression to select an element." } }, "type": "object", "required": [ "fieldName", "location", "methodMatch", "value" ] }, "google-native:deploymentmanager/alpha:InstancesBulkInsertOperationMetadataResponse": { "properties": { "perLocationStatus": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Status information per location (location name is key). Example key: zones/us-central1-a" } }, "type": "object", "required": [ "perLocationStatus" ] }, "google-native:deploymentmanager/alpha:MethodMap": { "description": "Deployment Manager will call these methods during the events of creation/deletion/update/get/setIamPolicy", "properties": { "create": { "type": "string", "description": "The action identifier for the create method to be used for this collection" }, "delete": { "type": "string", "description": "The action identifier for the delete method to be used for this collection" }, "get": { "type": "string", "description": "The action identifier for the get method to be used for this collection" }, "setIamPolicy": { "type": "string", "description": "The action identifier for the setIamPolicy method to be used for this collection" }, "update": { "type": "string", "description": "The action identifier for the update method to be used for this collection" } }, "type": "object" }, "google-native:deploymentmanager/alpha:MethodMapResponse": { "description": "Deployment Manager will call these methods during the events of creation/deletion/update/get/setIamPolicy", "properties": { "create": { "type": "string", "description": "The action identifier for the create method to be used for this collection" }, "delete": { "type": "string", "description": "The action identifier for the delete method to be used for this collection" }, "get": { "type": "string", "description": "The action identifier for the get method to be used for this collection" }, "setIamPolicy": { "type": "string", "description": "The action identifier for the setIamPolicy method to be used for this collection" }, "update": { "type": "string", "description": "The action identifier for the update method to be used for this collection" } }, "type": "object", "required": [ "create", "delete", "get", "setIamPolicy", "update" ] }, "google-native:deploymentmanager/alpha:OperationErrorErrorsItemResponse": { "properties": { "code": { "type": "string", "description": "The error type identifier for this error." }, "location": { "type": "string", "description": "Indicates the field in the request that caused the error. This property is optional." }, "message": { "type": "string", "description": "An optional, human-readable error message." } }, "type": "object", "required": [ "code", "location", "message" ] }, "google-native:deploymentmanager/alpha:OperationErrorResponse": { "description": "[Output Only] If errors are generated during processing of the operation, this field will be populated.", "properties": { "errors": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:OperationErrorErrorsItemResponse" }, "description": "The array of errors encountered while processing this operation." } }, "type": "object", "required": [ "errors" ] }, "google-native:deploymentmanager/alpha:OperationResponse": { "description": "Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zoneOperations` resource. For more information, read Global, Regional, and Zonal Resources.", "properties": { "clientOperationId": { "type": "string", "description": "The value of `requestId` if you provided it in the request. Not present otherwise." }, "creationTimestamp": { "type": "string", "description": "[Deprecated] This field is deprecated.", "deprecationMessage": "[Deprecated] This field is deprecated." }, "description": { "type": "string", "description": "A textual description of the operation, which is set when the operation is created." }, "endTime": { "type": "string", "description": "The time that this operation was completed. This value is in RFC3339 text format." }, "error": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:OperationErrorResponse", "description": "If errors are generated during processing of the operation, this field will be populated." }, "httpErrorMessage": { "type": "string", "description": "If the operation fails, this field contains the HTTP error message that was returned, such as `NOT FOUND`." }, "httpErrorStatusCode": { "type": "integer", "description": "If the operation fails, this field contains the HTTP error status code that was returned. For example, a `404` means the resource was not found." }, "insertTime": { "type": "string", "description": "The time that this operation was requested. This value is in RFC3339 text format." }, "instancesBulkInsertOperationMetadata": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:InstancesBulkInsertOperationMetadataResponse" }, "kind": { "type": "string", "description": "Type of the resource. Always `compute#operation` for Operation resources." }, "name": { "type": "string", "description": "Name of the operation." }, "operationGroupId": { "type": "string", "description": "An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request." }, "operationType": { "type": "string", "description": "The type of operation, such as `insert`, `update`, or `delete`, and so on." }, "progress": { "type": "integer", "description": "An optional progress indicator that ranges from 0 to 100. There is no requirement that this be linear or support any granularity of operations. This should not be used to guess when the operation will be complete. This number should monotonically increase as the operation progresses." }, "region": { "type": "string", "description": "The URL of the region where the operation resides. Only applicable when performing regional operations." }, "selfLink": { "type": "string", "description": "Server-defined URL for the resource." }, "setCommonInstanceMetadataOperationMetadata": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:SetCommonInstanceMetadataOperationMetadataResponse", "description": "If the operation is for projects.setCommonInstanceMetadata, this field will contain information on all underlying zonal actions and their state." }, "startTime": { "type": "string", "description": "The time that this operation was started by the server. This value is in RFC3339 text format." }, "status": { "type": "string", "description": "The status of the operation, which can be one of the following: `PENDING`, `RUNNING`, or `DONE`." }, "statusMessage": { "type": "string", "description": "An optional textual description of the current status of the operation." }, "targetId": { "type": "string", "description": "The unique target ID, which identifies a specific incarnation of the target resource." }, "targetLink": { "type": "string", "description": "The URL of the resource that the operation modifies. For operations related to creating a snapshot, this points to the persistent disk that the snapshot was created from." }, "user": { "type": "string", "description": "User who requested the operation, for example: `user@example.com` or `alice_smith_identifier (global/workforcePools/example-com-us-employees)`." }, "warnings": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:OperationWarningsItemResponse" }, "description": "If warning messages are generated during processing of the operation, this field will be populated." }, "zone": { "type": "string", "description": "The URL of the zone where the operation resides. Only applicable when performing per-zone operations." } }, "type": "object", "required": [ "clientOperationId", "creationTimestamp", "description", "endTime", "error", "httpErrorMessage", "httpErrorStatusCode", "insertTime", "instancesBulkInsertOperationMetadata", "kind", "name", "operationGroupId", "operationType", "progress", "region", "selfLink", "setCommonInstanceMetadataOperationMetadata", "startTime", "status", "statusMessage", "targetId", "targetLink", "user", "warnings", "zone" ] }, "google-native:deploymentmanager/alpha:OperationWarningsItemDataItemResponse": { "properties": { "key": { "type": "string", "description": "A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)." }, "value": { "type": "string", "description": "A warning data value corresponding to the key." } }, "type": "object", "required": [ "key", "value" ] }, "google-native:deploymentmanager/alpha:OperationWarningsItemResponse": { "properties": { "code": { "type": "string", "description": "A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response." }, "data": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:OperationWarningsItemDataItemResponse" }, "description": "Metadata about this warning in key: value format. For example: \"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" } " }, "message": { "type": "string", "description": "A human-readable description of the warning code." } }, "type": "object", "required": [ "code", "data", "message" ] }, "google-native:deploymentmanager/alpha:Options": { "description": "Options allows customized resource handling by Deployment Manager.", "properties": { "asyncOptions": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:AsyncOptions" }, "description": "Options regarding how to thread async requests." }, "inputMappings": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:InputMapping" }, "description": "The mappings that apply for requests." }, "nameProperty": { "type": "string", "description": "The json path to the field in the resource JSON body into which the resource name should be mapped. Leaving this empty indicates that there should be no mapping performed." }, "validationOptions": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:ValidationOptions", "description": "Options for how to validate and process properties on a resource." } }, "type": "object" }, "google-native:deploymentmanager/alpha:OptionsResponse": { "description": "Options allows customized resource handling by Deployment Manager.", "properties": { "asyncOptions": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:AsyncOptionsResponse" }, "description": "Options regarding how to thread async requests." }, "inputMappings": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:InputMappingResponse" }, "description": "The mappings that apply for requests." }, "nameProperty": { "type": "string", "description": "The json path to the field in the resource JSON body into which the resource name should be mapped. Leaving this empty indicates that there should be no mapping performed." }, "validationOptions": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:ValidationOptionsResponse", "description": "Options for how to validate and process properties on a resource." } }, "type": "object", "required": [ "asyncOptions", "inputMappings", "nameProperty", "validationOptions" ] }, "google-native:deploymentmanager/alpha:PollingOptions": { "properties": { "diagnostics": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:Diagnostic" }, "description": "An array of diagnostics to be collected by Deployment Manager, these diagnostics will be displayed to the user." }, "failCondition": { "type": "string", "description": "JsonPath expression that determines if the request failed." }, "finishCondition": { "type": "string", "description": "JsonPath expression that determines if the request is completed." }, "pollingLink": { "type": "string", "description": "JsonPath expression that evaluates to string, it indicates where to poll." }, "targetLink": { "type": "string", "description": "JsonPath expression, after polling is completed, indicates where to fetch the resource." } }, "type": "object" }, "google-native:deploymentmanager/alpha:PollingOptionsResponse": { "properties": { "diagnostics": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:DiagnosticResponse" }, "description": "An array of diagnostics to be collected by Deployment Manager, these diagnostics will be displayed to the user." }, "failCondition": { "type": "string", "description": "JsonPath expression that determines if the request failed." }, "finishCondition": { "type": "string", "description": "JsonPath expression that determines if the request is completed." }, "pollingLink": { "type": "string", "description": "JsonPath expression that evaluates to string, it indicates where to poll." }, "targetLink": { "type": "string", "description": "JsonPath expression, after polling is completed, indicates where to fetch the resource." } }, "type": "object", "required": [ "diagnostics", "failCondition", "finishCondition", "pollingLink", "targetLink" ] }, "google-native:deploymentmanager/alpha:ServiceAccount": { "description": "Service Account used as a credential.", "properties": { "email": { "type": "string", "description": "The IAM service account email address like test@myproject.iam.gserviceaccount.com" } }, "type": "object" }, "google-native:deploymentmanager/alpha:ServiceAccountResponse": { "description": "Service Account used as a credential.", "properties": { "email": { "type": "string", "description": "The IAM service account email address like test@myproject.iam.gserviceaccount.com" } }, "type": "object", "required": [ "email" ] }, "google-native:deploymentmanager/alpha:SetCommonInstanceMetadataOperationMetadataResponse": { "properties": { "clientOperationId": { "type": "string", "description": "The client operation id." }, "perLocationOperations": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Status information per location (location name is key). Example key: zones/us-central1-a" } }, "type": "object", "required": [ "clientOperationId", "perLocationOperations" ] }, "google-native:deploymentmanager/alpha:TargetConfiguration": { "properties": { "config": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:ConfigFile", "description": "The configuration to use for this deployment." }, "imports": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:ImportFile" }, "description": "Specifies any files to import for this configuration. This can be used to import templates or other files. For example, you might import a text file in order to use the file in a template." } }, "type": "object" }, "google-native:deploymentmanager/alpha:TargetConfigurationResponse": { "properties": { "config": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:ConfigFileResponse", "description": "The configuration to use for this deployment." }, "imports": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:ImportFileResponse" }, "description": "Specifies any files to import for this configuration. This can be used to import templates or other files. For example, you might import a text file in order to use the file in a template." } }, "type": "object", "required": [ "config", "imports" ] }, "google-native:deploymentmanager/alpha:TemplateContents": { "description": "Files that make up the template contents of a template type.", "properties": { "imports": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:ImportFile" }, "description": "Import files referenced by the main template." }, "interpreter": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:TemplateContentsInterpreter", "description": "Which interpreter (python or jinja) should be used during expansion." }, "mainTemplate": { "type": "string", "description": "The filename of the mainTemplate" }, "schema": { "type": "string", "description": "The contents of the template schema." }, "template": { "type": "string", "description": "The contents of the main template file." } }, "type": "object" }, "google-native:deploymentmanager/alpha:TemplateContentsInterpreter": { "description": "Which interpreter (python or jinja) should be used during expansion.", "type": "string", "enum": [ { "name": "UnknownInterpreter", "value": "UNKNOWN_INTERPRETER" }, { "name": "Python", "value": "PYTHON" }, { "name": "Jinja", "value": "JINJA" } ] }, "google-native:deploymentmanager/alpha:TemplateContentsResponse": { "description": "Files that make up the template contents of a template type.", "properties": { "imports": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:ImportFileResponse" }, "description": "Import files referenced by the main template." }, "interpreter": { "type": "string", "description": "Which interpreter (python or jinja) should be used during expansion." }, "mainTemplate": { "type": "string", "description": "The filename of the mainTemplate" }, "schema": { "type": "string", "description": "The contents of the template schema." }, "template": { "type": "string", "description": "The contents of the main template file." } }, "type": "object", "required": [ "imports", "interpreter", "mainTemplate", "schema", "template" ] }, "google-native:deploymentmanager/alpha:TypeProviderLabelEntry": { "description": "Label object for TypeProviders", "properties": { "key": { "type": "string", "description": "Key of the label" }, "value": { "type": "string", "description": "Value of the label" } }, "type": "object" }, "google-native:deploymentmanager/alpha:TypeProviderLabelEntryResponse": { "description": "Label object for TypeProviders", "properties": { "key": { "type": "string", "description": "Key of the label" }, "value": { "type": "string", "description": "Value of the label" } }, "type": "object", "required": [ "key", "value" ] }, "google-native:deploymentmanager/alpha:ValidationOptions": { "description": "Options for how to validate and process properties on a resource.", "properties": { "schemaValidation": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:ValidationOptionsSchemaValidation", "description": "Customize how deployment manager will validate the resource against schema errors." }, "undeclaredProperties": { "$ref": "#/types/google-native:deploymentmanager%2Falpha:ValidationOptionsUndeclaredProperties", "description": "Specify what to do with extra properties when executing a request." } }, "type": "object" }, "google-native:deploymentmanager/alpha:ValidationOptionsResponse": { "description": "Options for how to validate and process properties on a resource.", "properties": { "schemaValidation": { "type": "string", "description": "Customize how deployment manager will validate the resource against schema errors." }, "undeclaredProperties": { "type": "string", "description": "Specify what to do with extra properties when executing a request." } }, "type": "object", "required": [ "schemaValidation", "undeclaredProperties" ] }, "google-native:deploymentmanager/alpha:ValidationOptionsSchemaValidation": { "description": "Customize how deployment manager will validate the resource against schema errors.", "type": "string", "enum": [ { "name": "Unknown", "value": "UNKNOWN" }, { "name": "Ignore", "description": "Ignore schema failures.", "value": "IGNORE" }, { "name": "IgnoreWithWarnings", "description": "Ignore schema failures but display them as warnings.", "value": "IGNORE_WITH_WARNINGS" }, { "name": "Fail", "description": "Fail the resource if the schema is not valid, this is the default behavior.", "value": "FAIL" } ] }, "google-native:deploymentmanager/alpha:ValidationOptionsUndeclaredProperties": { "description": "Specify what to do with extra properties when executing a request.", "type": "string", "enum": [ { "name": "Unknown", "value": "UNKNOWN" }, { "name": "Include", "description": "Always include even if not present on discovery doc.", "value": "INCLUDE" }, { "name": "Ignore", "description": "Always ignore if not present on discovery doc.", "value": "IGNORE" }, { "name": "IncludeWithWarnings", "description": "Include on request, but emit a warning.", "value": "INCLUDE_WITH_WARNINGS" }, { "name": "IgnoreWithWarnings", "description": "Ignore properties, but emit a warning.", "value": "IGNORE_WITH_WARNINGS" }, { "name": "Fail", "description": "Always fail if undeclared properties are present.", "value": "FAIL" } ] }, "google-native:deploymentmanager/v2:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Fv2:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:deploymentmanager/v2:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Fv2:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:deploymentmanager/v2:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:deploymentmanager%2Fv2:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:deploymentmanager/v2:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:deploymentmanager/v2:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:deploymentmanager/v2:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:deploymentmanager%2Fv2:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:deploymentmanager/v2:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:deploymentmanager%2Fv2:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:deploymentmanager/v2:ConfigFile": { "properties": { "content": { "type": "string", "description": "The contents of the file." } }, "type": "object" }, "google-native:deploymentmanager/v2:ConfigFileResponse": { "properties": { "content": { "type": "string", "description": "The contents of the file." } }, "type": "object", "required": [ "content" ] }, "google-native:deploymentmanager/v2:DeploymentLabelEntry": { "description": "Label object for Deployments", "properties": { "key": { "type": "string", "description": "Key of the label" }, "value": { "type": "string", "description": "Value of the label" } }, "type": "object" }, "google-native:deploymentmanager/v2:DeploymentLabelEntryResponse": { "description": "Label object for Deployments", "properties": { "key": { "type": "string", "description": "Key of the label" }, "value": { "type": "string", "description": "Value of the label" } }, "type": "object", "required": [ "key", "value" ] }, "google-native:deploymentmanager/v2:DeploymentUpdateLabelEntryResponse": { "description": "Label object for DeploymentUpdate", "properties": { "key": { "type": "string", "description": "Key of the label" }, "value": { "type": "string", "description": "Value of the label" } }, "type": "object", "required": [ "key", "value" ] }, "google-native:deploymentmanager/v2:DeploymentUpdateResponse": { "properties": { "description": { "type": "string", "description": "An optional user-provided description of the deployment after the current update has been applied." }, "labels": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Fv2:DeploymentUpdateLabelEntryResponse" }, "description": "Map of One Platform labels; provided by the client when the resource is created or updated. Specifically: Label keys must be between 1 and 63 characters long and must conform to the following regular expression: `[a-z]([-a-z0-9]*[a-z0-9])?` Label values must be between 0 and 63 characters long and must conform to the regular expression `([a-z]([-a-z0-9]*[a-z0-9])?)?`." }, "manifest": { "type": "string", "description": "URL of the manifest representing the update configuration of this deployment." } }, "type": "object", "required": [ "description", "labels", "manifest" ] }, "google-native:deploymentmanager/v2:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:deploymentmanager/v2:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:deploymentmanager/v2:ImportFile": { "properties": { "content": { "type": "string", "description": "The contents of the file." }, "name": { "type": "string", "description": "The name of the file." } }, "type": "object" }, "google-native:deploymentmanager/v2:ImportFileResponse": { "properties": { "content": { "type": "string", "description": "The contents of the file." }, "name": { "type": "string", "description": "The name of the file." } }, "type": "object", "required": [ "content", "name" ] }, "google-native:deploymentmanager/v2:InstancesBulkInsertOperationMetadataResponse": { "properties": { "perLocationStatus": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Status information per location (location name is key). Example key: zones/us-central1-a" } }, "type": "object", "required": [ "perLocationStatus" ] }, "google-native:deploymentmanager/v2:OperationErrorErrorsItemResponse": { "properties": { "code": { "type": "string", "description": "The error type identifier for this error." }, "location": { "type": "string", "description": "Indicates the field in the request that caused the error. This property is optional." }, "message": { "type": "string", "description": "An optional, human-readable error message." } }, "type": "object", "required": [ "code", "location", "message" ] }, "google-native:deploymentmanager/v2:OperationErrorResponse": { "description": "[Output Only] If errors are generated during processing of the operation, this field will be populated.", "properties": { "errors": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Fv2:OperationErrorErrorsItemResponse" }, "description": "The array of errors encountered while processing this operation." } }, "type": "object", "required": [ "errors" ] }, "google-native:deploymentmanager/v2:OperationResponse": { "description": "Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zoneOperations` resource. For more information, read Global, Regional, and Zonal Resources.", "properties": { "clientOperationId": { "type": "string", "description": "The value of `requestId` if you provided it in the request. Not present otherwise." }, "creationTimestamp": { "type": "string", "description": "[Deprecated] This field is deprecated.", "deprecationMessage": "[Deprecated] This field is deprecated." }, "description": { "type": "string", "description": "A textual description of the operation, which is set when the operation is created." }, "endTime": { "type": "string", "description": "The time that this operation was completed. This value is in RFC3339 text format." }, "error": { "$ref": "#/types/google-native:deploymentmanager%2Fv2:OperationErrorResponse", "description": "If errors are generated during processing of the operation, this field will be populated." }, "httpErrorMessage": { "type": "string", "description": "If the operation fails, this field contains the HTTP error message that was returned, such as `NOT FOUND`." }, "httpErrorStatusCode": { "type": "integer", "description": "If the operation fails, this field contains the HTTP error status code that was returned. For example, a `404` means the resource was not found." }, "insertTime": { "type": "string", "description": "The time that this operation was requested. This value is in RFC3339 text format." }, "instancesBulkInsertOperationMetadata": { "$ref": "#/types/google-native:deploymentmanager%2Fv2:InstancesBulkInsertOperationMetadataResponse" }, "kind": { "type": "string", "description": "Type of the resource. Always `compute#operation` for Operation resources." }, "name": { "type": "string", "description": "Name of the operation." }, "operationGroupId": { "type": "string", "description": "An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request." }, "operationType": { "type": "string", "description": "The type of operation, such as `insert`, `update`, or `delete`, and so on." }, "progress": { "type": "integer", "description": "An optional progress indicator that ranges from 0 to 100. There is no requirement that this be linear or support any granularity of operations. This should not be used to guess when the operation will be complete. This number should monotonically increase as the operation progresses." }, "region": { "type": "string", "description": "The URL of the region where the operation resides. Only applicable when performing regional operations." }, "selfLink": { "type": "string", "description": "Server-defined URL for the resource." }, "setCommonInstanceMetadataOperationMetadata": { "$ref": "#/types/google-native:deploymentmanager%2Fv2:SetCommonInstanceMetadataOperationMetadataResponse", "description": "If the operation is for projects.setCommonInstanceMetadata, this field will contain information on all underlying zonal actions and their state." }, "startTime": { "type": "string", "description": "The time that this operation was started by the server. This value is in RFC3339 text format." }, "status": { "type": "string", "description": "The status of the operation, which can be one of the following: `PENDING`, `RUNNING`, or `DONE`." }, "statusMessage": { "type": "string", "description": "An optional textual description of the current status of the operation." }, "targetId": { "type": "string", "description": "The unique target ID, which identifies a specific incarnation of the target resource." }, "targetLink": { "type": "string", "description": "The URL of the resource that the operation modifies. For operations related to creating a snapshot, this points to the persistent disk that the snapshot was created from." }, "user": { "type": "string", "description": "User who requested the operation, for example: `user@example.com` or `alice_smith_identifier (global/workforcePools/example-com-us-employees)`." }, "warnings": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Fv2:OperationWarningsItemResponse" }, "description": "If warning messages are generated during processing of the operation, this field will be populated." }, "zone": { "type": "string", "description": "The URL of the zone where the operation resides. Only applicable when performing per-zone operations." } }, "type": "object", "required": [ "clientOperationId", "creationTimestamp", "description", "endTime", "error", "httpErrorMessage", "httpErrorStatusCode", "insertTime", "instancesBulkInsertOperationMetadata", "kind", "name", "operationGroupId", "operationType", "progress", "region", "selfLink", "setCommonInstanceMetadataOperationMetadata", "startTime", "status", "statusMessage", "targetId", "targetLink", "user", "warnings", "zone" ] }, "google-native:deploymentmanager/v2:OperationWarningsItemDataItemResponse": { "properties": { "key": { "type": "string", "description": "A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)." }, "value": { "type": "string", "description": "A warning data value corresponding to the key." } }, "type": "object", "required": [ "key", "value" ] }, "google-native:deploymentmanager/v2:OperationWarningsItemResponse": { "properties": { "code": { "type": "string", "description": "A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response." }, "data": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Fv2:OperationWarningsItemDataItemResponse" }, "description": "Metadata about this warning in key: value format. For example: \"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" } " }, "message": { "type": "string", "description": "A human-readable description of the warning code." } }, "type": "object", "required": [ "code", "data", "message" ] }, "google-native:deploymentmanager/v2:SetCommonInstanceMetadataOperationMetadataResponse": { "properties": { "clientOperationId": { "type": "string", "description": "The client operation id." }, "perLocationOperations": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Status information per location (location name is key). Example key: zones/us-central1-a" } }, "type": "object", "required": [ "clientOperationId", "perLocationOperations" ] }, "google-native:deploymentmanager/v2:TargetConfiguration": { "properties": { "config": { "$ref": "#/types/google-native:deploymentmanager%2Fv2:ConfigFile", "description": "The configuration to use for this deployment." }, "imports": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Fv2:ImportFile" }, "description": "Specifies any files to import for this configuration. This can be used to import templates or other files. For example, you might import a text file in order to use the file in a template." } }, "type": "object" }, "google-native:deploymentmanager/v2:TargetConfigurationResponse": { "properties": { "config": { "$ref": "#/types/google-native:deploymentmanager%2Fv2:ConfigFileResponse", "description": "The configuration to use for this deployment." }, "imports": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Fv2:ImportFileResponse" }, "description": "Specifies any files to import for this configuration. This can be used to import templates or other files. For example, you might import a text file in order to use the file in a template." } }, "type": "object", "required": [ "config", "imports" ] }, "google-native:deploymentmanager/v2beta:AsyncOptions": { "description": "Async options that determine when a resource should finish.", "properties": { "methodMatch": { "type": "string", "description": "Method regex where this policy will apply." }, "pollingOptions": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:PollingOptions", "description": "Deployment manager will poll instances for this API resource setting a RUNNING state, and blocking until polling conditions tell whether the resource is completed or failed." } }, "type": "object" }, "google-native:deploymentmanager/v2beta:AsyncOptionsResponse": { "description": "Async options that determine when a resource should finish.", "properties": { "methodMatch": { "type": "string", "description": "Method regex where this policy will apply." }, "pollingOptions": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:PollingOptionsResponse", "description": "Deployment manager will poll instances for this API resource setting a RUNNING state, and blocking until polling conditions tell whether the resource is completed or failed." } }, "type": "object", "required": [ "methodMatch", "pollingOptions" ] }, "google-native:deploymentmanager/v2beta:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:deploymentmanager/v2beta:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:deploymentmanager/v2beta:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:deploymentmanager/v2beta:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:deploymentmanager/v2beta:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:deploymentmanager/v2beta:BasicAuth": { "description": "Basic Auth used as a credential.", "properties": { "password": { "type": "string" }, "user": { "type": "string" } }, "type": "object" }, "google-native:deploymentmanager/v2beta:BasicAuthResponse": { "description": "Basic Auth used as a credential.", "properties": { "password": { "type": "string" }, "user": { "type": "string" } }, "type": "object", "required": [ "password", "user" ] }, "google-native:deploymentmanager/v2beta:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:deploymentmanager/v2beta:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:deploymentmanager/v2beta:CollectionOverride": { "description": "CollectionOverride allows resource handling overrides for specific resources within a BaseType", "properties": { "collection": { "type": "string", "description": "The collection that identifies this resource within its service." }, "options": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:Options", "description": "The options to apply to this resource-level override" } }, "type": "object" }, "google-native:deploymentmanager/v2beta:CollectionOverrideResponse": { "description": "CollectionOverride allows resource handling overrides for specific resources within a BaseType", "properties": { "collection": { "type": "string", "description": "The collection that identifies this resource within its service." }, "options": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:OptionsResponse", "description": "The options to apply to this resource-level override" } }, "type": "object", "required": [ "collection", "options" ] }, "google-native:deploymentmanager/v2beta:CompositeTypeLabelEntry": { "description": "Label object for CompositeTypes", "properties": { "key": { "type": "string", "description": "Key of the label" }, "value": { "type": "string", "description": "Value of the label" } }, "type": "object" }, "google-native:deploymentmanager/v2beta:CompositeTypeLabelEntryResponse": { "description": "Label object for CompositeTypes", "properties": { "key": { "type": "string", "description": "Key of the label" }, "value": { "type": "string", "description": "Value of the label" } }, "type": "object", "required": [ "key", "value" ] }, "google-native:deploymentmanager/v2beta:CompositeTypeStatus": { "type": "string", "enum": [ { "name": "UnknownStatus", "value": "UNKNOWN_STATUS" }, { "name": "Deprecated", "value": "DEPRECATED" }, { "name": "Experimental", "value": "EXPERIMENTAL" }, { "name": "Supported", "value": "SUPPORTED" } ] }, "google-native:deploymentmanager/v2beta:ConfigFile": { "properties": { "content": { "type": "string", "description": "The contents of the file." } }, "type": "object" }, "google-native:deploymentmanager/v2beta:ConfigFileResponse": { "properties": { "content": { "type": "string", "description": "The contents of the file." } }, "type": "object", "required": [ "content" ] }, "google-native:deploymentmanager/v2beta:Credential": { "description": "The credential used by Deployment Manager and TypeProvider. Only one of the options is permitted.", "properties": { "basicAuth": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:BasicAuth", "description": "Basic Auth Credential, only used by TypeProvider." }, "serviceAccount": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:ServiceAccount", "description": "Service Account Credential, only used by Deployment." }, "useProjectDefault": { "type": "boolean", "description": "Specify to use the project default credential, only supported by Deployment." } }, "type": "object" }, "google-native:deploymentmanager/v2beta:CredentialResponse": { "description": "The credential used by Deployment Manager and TypeProvider. Only one of the options is permitted.", "properties": { "basicAuth": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:BasicAuthResponse", "description": "Basic Auth Credential, only used by TypeProvider." }, "serviceAccount": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:ServiceAccountResponse", "description": "Service Account Credential, only used by Deployment." }, "useProjectDefault": { "type": "boolean", "description": "Specify to use the project default credential, only supported by Deployment." } }, "type": "object", "required": [ "basicAuth", "serviceAccount", "useProjectDefault" ] }, "google-native:deploymentmanager/v2beta:DeploymentLabelEntry": { "description": "Label object for Deployments", "properties": { "key": { "type": "string", "description": "Key of the label" }, "value": { "type": "string", "description": "Value of the label" } }, "type": "object" }, "google-native:deploymentmanager/v2beta:DeploymentLabelEntryResponse": { "description": "Label object for Deployments", "properties": { "key": { "type": "string", "description": "Key of the label" }, "value": { "type": "string", "description": "Value of the label" } }, "type": "object", "required": [ "key", "value" ] }, "google-native:deploymentmanager/v2beta:DeploymentUpdateLabelEntryResponse": { "description": "Label object for DeploymentUpdate", "properties": { "key": { "type": "string", "description": "Key of the label" }, "value": { "type": "string", "description": "Value of the label" } }, "type": "object", "required": [ "key", "value" ] }, "google-native:deploymentmanager/v2beta:DeploymentUpdateResponse": { "properties": { "description": { "type": "string", "description": "An optional user-provided description of the deployment after the current update has been applied." }, "labels": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:DeploymentUpdateLabelEntryResponse" }, "description": "Map of One Platform labels; provided by the client when the resource is created or updated. Specifically: Label keys must be between 1 and 63 characters long and must conform to the following regular expression: `[a-z]([-a-z0-9]*[a-z0-9])?` Label values must be between 0 and 63 characters long and must conform to the regular expression `([a-z]([-a-z0-9]*[a-z0-9])?)?`." }, "manifest": { "type": "string", "description": "URL of the manifest representing the update configuration of this deployment." } }, "type": "object", "required": [ "description", "labels", "manifest" ] }, "google-native:deploymentmanager/v2beta:Diagnostic": { "properties": { "field": { "type": "string", "description": "JsonPath expression on the resource that if non empty, indicates that this field needs to be extracted as a diagnostic." }, "level": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:DiagnosticLevel", "description": "Level to record this diagnostic." } }, "type": "object" }, "google-native:deploymentmanager/v2beta:DiagnosticLevel": { "description": "Level to record this diagnostic.", "type": "string", "enum": [ { "name": "Unknown", "value": "UNKNOWN" }, { "name": "Information", "description": "If level is informational, it only gets displayed as part of the resource.", "value": "INFORMATION" }, { "name": "Warning", "description": "If level is warning, will end up in the resource as a warning.", "value": "WARNING" }, { "name": "Error", "description": "If level is error, it will indicate an error occurred after finishCondition is set, and this field will populate resource errors and operation errors.", "value": "ERROR" } ] }, "google-native:deploymentmanager/v2beta:DiagnosticResponse": { "properties": { "field": { "type": "string", "description": "JsonPath expression on the resource that if non empty, indicates that this field needs to be extracted as a diagnostic." }, "level": { "type": "string", "description": "Level to record this diagnostic." } }, "type": "object", "required": [ "field", "level" ] }, "google-native:deploymentmanager/v2beta:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:deploymentmanager/v2beta:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:deploymentmanager/v2beta:ImportFile": { "properties": { "content": { "type": "string", "description": "The contents of the file." }, "name": { "type": "string", "description": "The name of the file." } }, "type": "object" }, "google-native:deploymentmanager/v2beta:ImportFileResponse": { "properties": { "content": { "type": "string", "description": "The contents of the file." }, "name": { "type": "string", "description": "The name of the file." } }, "type": "object", "required": [ "content", "name" ] }, "google-native:deploymentmanager/v2beta:InputMapping": { "description": "InputMapping creates a 'virtual' property that will be injected into the properties before sending the request to the underlying API.", "properties": { "fieldName": { "type": "string", "description": "The name of the field that is going to be injected." }, "location": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:InputMappingLocation", "description": "The location where this mapping applies." }, "methodMatch": { "type": "string", "description": "Regex to evaluate on method to decide if input applies." }, "value": { "type": "string", "description": "A jsonPath expression to select an element." } }, "type": "object" }, "google-native:deploymentmanager/v2beta:InputMappingLocation": { "description": "The location where this mapping applies.", "type": "string", "enum": [ { "name": "Unknown", "value": "UNKNOWN" }, { "name": "Path", "value": "PATH" }, { "name": "Query", "value": "QUERY" }, { "name": "Body", "value": "BODY" }, { "name": "Header", "value": "HEADER" } ] }, "google-native:deploymentmanager/v2beta:InputMappingResponse": { "description": "InputMapping creates a 'virtual' property that will be injected into the properties before sending the request to the underlying API.", "properties": { "fieldName": { "type": "string", "description": "The name of the field that is going to be injected." }, "location": { "type": "string", "description": "The location where this mapping applies." }, "methodMatch": { "type": "string", "description": "Regex to evaluate on method to decide if input applies." }, "value": { "type": "string", "description": "A jsonPath expression to select an element." } }, "type": "object", "required": [ "fieldName", "location", "methodMatch", "value" ] }, "google-native:deploymentmanager/v2beta:InstancesBulkInsertOperationMetadataResponse": { "properties": { "perLocationStatus": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Status information per location (location name is key). Example key: zones/us-central1-a" } }, "type": "object", "required": [ "perLocationStatus" ] }, "google-native:deploymentmanager/v2beta:OperationErrorErrorsItemResponse": { "properties": { "code": { "type": "string", "description": "The error type identifier for this error." }, "location": { "type": "string", "description": "Indicates the field in the request that caused the error. This property is optional." }, "message": { "type": "string", "description": "An optional, human-readable error message." } }, "type": "object", "required": [ "code", "location", "message" ] }, "google-native:deploymentmanager/v2beta:OperationErrorResponse": { "description": "[Output Only] If errors are generated during processing of the operation, this field will be populated.", "properties": { "errors": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:OperationErrorErrorsItemResponse" }, "description": "The array of errors encountered while processing this operation." } }, "type": "object", "required": [ "errors" ] }, "google-native:deploymentmanager/v2beta:OperationResponse": { "description": "Represents an Operation resource. Google Compute Engine has three Operation resources: * [Global](/compute/docs/reference/rest/{$api_version}/globalOperations) * [Regional](/compute/docs/reference/rest/{$api_version}/regionOperations) * [Zonal](/compute/docs/reference/rest/{$api_version}/zoneOperations) You can use an operation resource to manage asynchronous API requests. For more information, read Handling API responses. Operations can be global, regional or zonal. - For global operations, use the `globalOperations` resource. - For regional operations, use the `regionOperations` resource. - For zonal operations, use the `zoneOperations` resource. For more information, read Global, Regional, and Zonal Resources.", "properties": { "clientOperationId": { "type": "string", "description": "The value of `requestId` if you provided it in the request. Not present otherwise." }, "creationTimestamp": { "type": "string", "description": "[Deprecated] This field is deprecated.", "deprecationMessage": "[Deprecated] This field is deprecated." }, "description": { "type": "string", "description": "A textual description of the operation, which is set when the operation is created." }, "endTime": { "type": "string", "description": "The time that this operation was completed. This value is in RFC3339 text format." }, "error": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:OperationErrorResponse", "description": "If errors are generated during processing of the operation, this field will be populated." }, "httpErrorMessage": { "type": "string", "description": "If the operation fails, this field contains the HTTP error message that was returned, such as `NOT FOUND`." }, "httpErrorStatusCode": { "type": "integer", "description": "If the operation fails, this field contains the HTTP error status code that was returned. For example, a `404` means the resource was not found." }, "insertTime": { "type": "string", "description": "The time that this operation was requested. This value is in RFC3339 text format." }, "instancesBulkInsertOperationMetadata": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:InstancesBulkInsertOperationMetadataResponse" }, "kind": { "type": "string", "description": "Type of the resource. Always `compute#operation` for Operation resources." }, "name": { "type": "string", "description": "Name of the operation." }, "operationGroupId": { "type": "string", "description": "An ID that represents a group of operations, such as when a group of operations results from a `bulkInsert` API request." }, "operationType": { "type": "string", "description": "The type of operation, such as `insert`, `update`, or `delete`, and so on." }, "progress": { "type": "integer", "description": "An optional progress indicator that ranges from 0 to 100. There is no requirement that this be linear or support any granularity of operations. This should not be used to guess when the operation will be complete. This number should monotonically increase as the operation progresses." }, "region": { "type": "string", "description": "The URL of the region where the operation resides. Only applicable when performing regional operations." }, "selfLink": { "type": "string", "description": "Server-defined URL for the resource." }, "setCommonInstanceMetadataOperationMetadata": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:SetCommonInstanceMetadataOperationMetadataResponse", "description": "If the operation is for projects.setCommonInstanceMetadata, this field will contain information on all underlying zonal actions and their state." }, "startTime": { "type": "string", "description": "The time that this operation was started by the server. This value is in RFC3339 text format." }, "status": { "type": "string", "description": "The status of the operation, which can be one of the following: `PENDING`, `RUNNING`, or `DONE`." }, "statusMessage": { "type": "string", "description": "An optional textual description of the current status of the operation." }, "targetId": { "type": "string", "description": "The unique target ID, which identifies a specific incarnation of the target resource." }, "targetLink": { "type": "string", "description": "The URL of the resource that the operation modifies. For operations related to creating a snapshot, this points to the persistent disk that the snapshot was created from." }, "user": { "type": "string", "description": "User who requested the operation, for example: `user@example.com` or `alice_smith_identifier (global/workforcePools/example-com-us-employees)`." }, "warnings": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:OperationWarningsItemResponse" }, "description": "If warning messages are generated during processing of the operation, this field will be populated." }, "zone": { "type": "string", "description": "The URL of the zone where the operation resides. Only applicable when performing per-zone operations." } }, "type": "object", "required": [ "clientOperationId", "creationTimestamp", "description", "endTime", "error", "httpErrorMessage", "httpErrorStatusCode", "insertTime", "instancesBulkInsertOperationMetadata", "kind", "name", "operationGroupId", "operationType", "progress", "region", "selfLink", "setCommonInstanceMetadataOperationMetadata", "startTime", "status", "statusMessage", "targetId", "targetLink", "user", "warnings", "zone" ] }, "google-native:deploymentmanager/v2beta:OperationWarningsItemDataItemResponse": { "properties": { "key": { "type": "string", "description": "A key that provides more detail on the warning being returned. For example, for warnings where there are no results in a list request for a particular zone, this key might be scope and the key value might be the zone name. Other examples might be a key indicating a deprecated resource and a suggested replacement, or a warning about invalid network settings (for example, if an instance attempts to perform IP forwarding but is not enabled for IP forwarding)." }, "value": { "type": "string", "description": "A warning data value corresponding to the key." } }, "type": "object", "required": [ "key", "value" ] }, "google-native:deploymentmanager/v2beta:OperationWarningsItemResponse": { "properties": { "code": { "type": "string", "description": "A warning code, if applicable. For example, Compute Engine returns NO_RESULTS_ON_PAGE if there are no results in the response." }, "data": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:OperationWarningsItemDataItemResponse" }, "description": "Metadata about this warning in key: value format. For example: \"data\": [ { \"key\": \"scope\", \"value\": \"zones/us-east1-d\" } " }, "message": { "type": "string", "description": "A human-readable description of the warning code." } }, "type": "object", "required": [ "code", "data", "message" ] }, "google-native:deploymentmanager/v2beta:Options": { "description": "Options allows customized resource handling by Deployment Manager.", "properties": { "asyncOptions": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:AsyncOptions" }, "description": "Options regarding how to thread async requests." }, "inputMappings": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:InputMapping" }, "description": "The mappings that apply for requests." }, "validationOptions": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:ValidationOptions", "description": "Options for how to validate and process properties on a resource." }, "virtualProperties": { "type": "string", "description": "Additional properties block described as a jsonSchema, these properties will never be part of the json payload, but they can be consumed by InputMappings, this must be a valid json schema draft-04. The properties specified here will be decouple in a different section. This schema will be merged to the schema validation, and properties here will be extracted From the payload and consumed explicitly by InputMappings. ex: field1: type: string field2: type: number" } }, "type": "object" }, "google-native:deploymentmanager/v2beta:OptionsResponse": { "description": "Options allows customized resource handling by Deployment Manager.", "properties": { "asyncOptions": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:AsyncOptionsResponse" }, "description": "Options regarding how to thread async requests." }, "inputMappings": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:InputMappingResponse" }, "description": "The mappings that apply for requests." }, "validationOptions": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:ValidationOptionsResponse", "description": "Options for how to validate and process properties on a resource." }, "virtualProperties": { "type": "string", "description": "Additional properties block described as a jsonSchema, these properties will never be part of the json payload, but they can be consumed by InputMappings, this must be a valid json schema draft-04. The properties specified here will be decouple in a different section. This schema will be merged to the schema validation, and properties here will be extracted From the payload and consumed explicitly by InputMappings. ex: field1: type: string field2: type: number" } }, "type": "object", "required": [ "asyncOptions", "inputMappings", "validationOptions", "virtualProperties" ] }, "google-native:deploymentmanager/v2beta:PollingOptions": { "properties": { "diagnostics": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:Diagnostic" }, "description": "An array of diagnostics to be collected by Deployment Manager, these diagnostics will be displayed to the user." }, "failCondition": { "type": "string", "description": "JsonPath expression that determines if the request failed." }, "finishCondition": { "type": "string", "description": "JsonPath expression that determines if the request is completed." }, "pollingLink": { "type": "string", "description": "JsonPath expression that evaluates to string, it indicates where to poll." }, "targetLink": { "type": "string", "description": "JsonPath expression, after polling is completed, indicates where to fetch the resource." } }, "type": "object" }, "google-native:deploymentmanager/v2beta:PollingOptionsResponse": { "properties": { "diagnostics": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:DiagnosticResponse" }, "description": "An array of diagnostics to be collected by Deployment Manager, these diagnostics will be displayed to the user." }, "failCondition": { "type": "string", "description": "JsonPath expression that determines if the request failed." }, "finishCondition": { "type": "string", "description": "JsonPath expression that determines if the request is completed." }, "pollingLink": { "type": "string", "description": "JsonPath expression that evaluates to string, it indicates where to poll." }, "targetLink": { "type": "string", "description": "JsonPath expression, after polling is completed, indicates where to fetch the resource." } }, "type": "object", "required": [ "diagnostics", "failCondition", "finishCondition", "pollingLink", "targetLink" ] }, "google-native:deploymentmanager/v2beta:ServiceAccount": { "description": "Service Account used as a credential.", "properties": { "email": { "type": "string", "description": "The IAM service account email address like test@myproject.iam.gserviceaccount.com" } }, "type": "object" }, "google-native:deploymentmanager/v2beta:ServiceAccountResponse": { "description": "Service Account used as a credential.", "properties": { "email": { "type": "string", "description": "The IAM service account email address like test@myproject.iam.gserviceaccount.com" } }, "type": "object", "required": [ "email" ] }, "google-native:deploymentmanager/v2beta:SetCommonInstanceMetadataOperationMetadataResponse": { "properties": { "clientOperationId": { "type": "string", "description": "The client operation id." }, "perLocationOperations": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Status information per location (location name is key). Example key: zones/us-central1-a" } }, "type": "object", "required": [ "clientOperationId", "perLocationOperations" ] }, "google-native:deploymentmanager/v2beta:TargetConfiguration": { "properties": { "config": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:ConfigFile", "description": "The configuration to use for this deployment." }, "imports": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:ImportFile" }, "description": "Specifies any files to import for this configuration. This can be used to import templates or other files. For example, you might import a text file in order to use the file in a template." } }, "type": "object" }, "google-native:deploymentmanager/v2beta:TargetConfigurationResponse": { "properties": { "config": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:ConfigFileResponse", "description": "The configuration to use for this deployment." }, "imports": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:ImportFileResponse" }, "description": "Specifies any files to import for this configuration. This can be used to import templates or other files. For example, you might import a text file in order to use the file in a template." } }, "type": "object", "required": [ "config", "imports" ] }, "google-native:deploymentmanager/v2beta:TemplateContents": { "description": "Files that make up the template contents of a template type.", "properties": { "imports": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:ImportFile" }, "description": "Import files referenced by the main template." }, "interpreter": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:TemplateContentsInterpreter", "description": "Which interpreter (python or jinja) should be used during expansion." }, "mainTemplate": { "type": "string", "description": "The filename of the mainTemplate" }, "schema": { "type": "string", "description": "The contents of the template schema." }, "template": { "type": "string", "description": "The contents of the main template file." } }, "type": "object" }, "google-native:deploymentmanager/v2beta:TemplateContentsInterpreter": { "description": "Which interpreter (python or jinja) should be used during expansion.", "type": "string", "enum": [ { "name": "UnknownInterpreter", "value": "UNKNOWN_INTERPRETER" }, { "name": "Python", "value": "PYTHON" }, { "name": "Jinja", "value": "JINJA" } ] }, "google-native:deploymentmanager/v2beta:TemplateContentsResponse": { "description": "Files that make up the template contents of a template type.", "properties": { "imports": { "type": "array", "items": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:ImportFileResponse" }, "description": "Import files referenced by the main template." }, "interpreter": { "type": "string", "description": "Which interpreter (python or jinja) should be used during expansion." }, "mainTemplate": { "type": "string", "description": "The filename of the mainTemplate" }, "schema": { "type": "string", "description": "The contents of the template schema." }, "template": { "type": "string", "description": "The contents of the main template file." } }, "type": "object", "required": [ "imports", "interpreter", "mainTemplate", "schema", "template" ] }, "google-native:deploymentmanager/v2beta:TypeProviderLabelEntry": { "description": "Label object for TypeProviders", "properties": { "key": { "type": "string", "description": "Key of the label" }, "value": { "type": "string", "description": "Value of the label" } }, "type": "object" }, "google-native:deploymentmanager/v2beta:TypeProviderLabelEntryResponse": { "description": "Label object for TypeProviders", "properties": { "key": { "type": "string", "description": "Key of the label" }, "value": { "type": "string", "description": "Value of the label" } }, "type": "object", "required": [ "key", "value" ] }, "google-native:deploymentmanager/v2beta:ValidationOptions": { "description": "Options for how to validate and process properties on a resource.", "properties": { "schemaValidation": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:ValidationOptionsSchemaValidation", "description": "Customize how deployment manager will validate the resource against schema errors." }, "undeclaredProperties": { "$ref": "#/types/google-native:deploymentmanager%2Fv2beta:ValidationOptionsUndeclaredProperties", "description": "Specify what to do with extra properties when executing a request." } }, "type": "object" }, "google-native:deploymentmanager/v2beta:ValidationOptionsResponse": { "description": "Options for how to validate and process properties on a resource.", "properties": { "schemaValidation": { "type": "string", "description": "Customize how deployment manager will validate the resource against schema errors." }, "undeclaredProperties": { "type": "string", "description": "Specify what to do with extra properties when executing a request." } }, "type": "object", "required": [ "schemaValidation", "undeclaredProperties" ] }, "google-native:deploymentmanager/v2beta:ValidationOptionsSchemaValidation": { "description": "Customize how deployment manager will validate the resource against schema errors.", "type": "string", "enum": [ { "name": "Unknown", "value": "UNKNOWN" }, { "name": "Ignore", "description": "Ignore schema failures.", "value": "IGNORE" }, { "name": "IgnoreWithWarnings", "description": "Ignore schema failures but display them as warnings.", "value": "IGNORE_WITH_WARNINGS" }, { "name": "Fail", "description": "Fail the resource if the schema is not valid, this is the default behavior.", "value": "FAIL" } ] }, "google-native:deploymentmanager/v2beta:ValidationOptionsUndeclaredProperties": { "description": "Specify what to do with extra properties when executing a request.", "type": "string", "enum": [ { "name": "Unknown", "value": "UNKNOWN" }, { "name": "Include", "description": "Always include even if not present on discovery doc.", "value": "INCLUDE" }, { "name": "Ignore", "description": "Always ignore if not present on discovery doc.", "value": "IGNORE" }, { "name": "IncludeWithWarnings", "description": "Include on request, but emit a warning.", "value": "INCLUDE_WITH_WARNINGS" }, { "name": "IgnoreWithWarnings", "description": "Ignore properties, but emit a warning.", "value": "IGNORE_WITH_WARNINGS" }, { "name": "Fail", "description": "Always fail if undeclared properties are present.", "value": "FAIL" } ] }, "google-native:dialogflow/v2:ConversationConversationStage": { "description": "The stage of a conversation. It indicates whether the virtual agent or a human agent is handling the conversation. If the conversation is created with the conversation profile that has Dialogflow config set, defaults to ConversationStage.VIRTUAL_AGENT_STAGE; Otherwise, defaults to ConversationStage.HUMAN_ASSIST_STAGE. If the conversation is created with the conversation profile that has Dialogflow config set but explicitly sets conversation_stage to ConversationStage.HUMAN_ASSIST_STAGE, it skips ConversationStage.VIRTUAL_AGENT_STAGE stage and directly goes to ConversationStage.HUMAN_ASSIST_STAGE.", "type": "string", "enum": [ { "name": "ConversationStageUnspecified", "description": "Unknown. Should never be used after a conversation is successfully created.", "value": "CONVERSATION_STAGE_UNSPECIFIED" }, { "name": "VirtualAgentStage", "description": "The conversation should return virtual agent responses into the conversation.", "value": "VIRTUAL_AGENT_STAGE" }, { "name": "HumanAssistStage", "description": "The conversation should not provide responses, just listen and provide suggestions.", "value": "HUMAN_ASSIST_STAGE" } ] }, "google-native:dialogflow/v2:DocumentKnowledgeTypesItem": { "type": "string", "enum": [ { "name": "KnowledgeTypeUnspecified", "description": "The type is unspecified or arbitrary.", "value": "KNOWLEDGE_TYPE_UNSPECIFIED" }, { "name": "Faq", "description": "The document content contains question and answer pairs as either HTML or CSV. Typical FAQ HTML formats are parsed accurately, but unusual formats may fail to be parsed. CSV must have questions in the first column and answers in the second, with no header. Because of this explicit format, they are always parsed accurately.", "value": "FAQ" }, { "name": "ExtractiveQa", "description": "Documents for which unstructured text is extracted and used for question answering.", "value": "EXTRACTIVE_QA" }, { "name": "ArticleSuggestion", "description": "The entire document content as a whole can be used for query results. Only for Contact Center Solutions on Dialogflow.", "value": "ARTICLE_SUGGESTION" }, { "name": "AgentFacingSmartReply", "description": "The document contains agent-facing Smart Reply entries.", "value": "AGENT_FACING_SMART_REPLY" } ] }, "google-native:dialogflow/v2:EntityTypeAutoExpansionMode": { "description": "Optional. Indicates whether the entity type can be automatically expanded.", "type": "string", "enum": [ { "name": "AutoExpansionModeUnspecified", "description": "Auto expansion disabled for the entity.", "value": "AUTO_EXPANSION_MODE_UNSPECIFIED" }, { "name": "AutoExpansionModeDefault", "description": "Allows an agent to recognize values that have not been explicitly listed in the entity.", "value": "AUTO_EXPANSION_MODE_DEFAULT" } ] }, "google-native:dialogflow/v2:EntityTypeKind": { "description": "Required. Indicates the kind of entity type.", "type": "string", "enum": [ { "name": "KindUnspecified", "description": "Not specified. This value should be never used.", "value": "KIND_UNSPECIFIED" }, { "name": "KindMap", "description": "Map entity types allow mapping of a group of synonyms to a reference value.", "value": "KIND_MAP" }, { "name": "KindList", "description": "List entity types contain a set of entries that do not map to reference values. However, list entity types can contain references to other entity types (with or without aliases).", "value": "KIND_LIST" }, { "name": "KindRegexp", "description": "Regexp entity types allow to specify regular expressions in entries values.", "value": "KIND_REGEXP" } ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2ArticleSuggestionModelMetadata": { "description": "Metadata for article suggestion models.", "properties": { "trainingModelType": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2ArticleSuggestionModelMetadataTrainingModelType", "description": "Optional. Type of the article suggestion model. If not provided, model_type is used." } }, "type": "object" }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2ArticleSuggestionModelMetadataResponse": { "description": "Metadata for article suggestion models.", "properties": { "trainingModelType": { "type": "string", "description": "Optional. Type of the article suggestion model. If not provided, model_type is used." } }, "type": "object", "required": [ "trainingModelType" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2ArticleSuggestionModelMetadataTrainingModelType": { "description": "Optional. Type of the article suggestion model. If not provided, model_type is used.", "type": "string", "enum": [ { "name": "ModelTypeUnspecified", "description": "ModelType unspecified.", "value": "MODEL_TYPE_UNSPECIFIED" }, { "name": "SmartReplyDualEncoderModel", "description": "ModelType smart reply dual encoder model.", "value": "SMART_REPLY_DUAL_ENCODER_MODEL" }, { "name": "SmartReplyBertModel", "description": "ModelType smart reply bert model.", "value": "SMART_REPLY_BERT_MODEL" } ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2AutomatedAgentConfig": { "description": "Defines the Automated Agent to connect to a conversation.", "properties": { "agent": { "type": "string", "description": "ID of the Dialogflow agent environment to use. This project needs to either be the same project as the conversation or you need to grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow API Service Agent` role in this project. - For ES agents, use format: `projects//locations//agent/environments/`. If environment is not specified, the default `draft` environment is used. Refer to [DetectIntentRequest](/dialogflow/docs/reference/rpc/google.cloud.dialogflow.v2#google.cloud.dialogflow.v2.DetectIntentRequest) for more details. - For CX agents, use format `projects//locations//agents//environments/`. If environment is not specified, the default `draft` environment is used." }, "sessionTtl": { "type": "string", "description": "Optional. Sets Dialogflow CX session life time. By default, a Dialogflow CX session remains active and its data is stored for 30 minutes after the last request is sent for the session. This value should be no longer than 1 day." } }, "type": "object", "required": [ "agent" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2AutomatedAgentConfigResponse": { "description": "Defines the Automated Agent to connect to a conversation.", "properties": { "agent": { "type": "string", "description": "ID of the Dialogflow agent environment to use. This project needs to either be the same project as the conversation or you need to grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow API Service Agent` role in this project. - For ES agents, use format: `projects//locations//agent/environments/`. If environment is not specified, the default `draft` environment is used. Refer to [DetectIntentRequest](/dialogflow/docs/reference/rpc/google.cloud.dialogflow.v2#google.cloud.dialogflow.v2.DetectIntentRequest) for more details. - For CX agents, use format `projects//locations//agents//environments/`. If environment is not specified, the default `draft` environment is used." }, "sessionTtl": { "type": "string", "description": "Optional. Sets Dialogflow CX session life time. By default, a Dialogflow CX session remains active and its data is stored for 30 minutes after the last request is sent for the session. This value should be no longer than 1 day." } }, "type": "object", "required": [ "agent", "sessionTtl" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2Context": { "description": "Dialogflow contexts are similar to natural language context. If a person says to you \"they are orange\", you need context in order to understand what \"they\" is referring to. Similarly, for Dialogflow to handle an end-user expression like that, it needs to be provided with context in order to correctly match an intent. Using contexts, you can control the flow of a conversation. You can configure contexts for an intent by setting input and output contexts, which are identified by string names. When an intent is matched, any configured output contexts for that intent become active. While any contexts are active, Dialogflow is more likely to match intents that are configured with input contexts that correspond to the currently active contexts. For more information about context, see the [Contexts guide](https://cloud.google.com/dialogflow/docs/contexts-overview).", "properties": { "lifespanCount": { "type": "integer", "description": "Optional. The number of conversational query requests after which the context expires. The default is `0`. If set to `0`, the context expires immediately. Contexts expire automatically after 20 minutes if there are no matching queries." }, "name": { "type": "string", "description": "The unique identifier of the context. Format: `projects//agent/sessions//contexts/`, or `projects//agent/environments//users//sessions//contexts/`. The `Context ID` is always converted to lowercase, may only contain characters in `a-zA-Z0-9_-%` and may be at most 250 bytes long. If `Environment ID` is not specified, we assume default 'draft' environment. If `User ID` is not specified, we assume default '-' user. The following context names are reserved for internal use by Dialogflow. You should not use these contexts or create contexts with these names: * `__system_counters__` * `*_id_dialog_context` * `*_dialog_params_size`" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. The collection of parameters associated with this context. Depending on your protocol or client library language, this is a map, associative array, symbol table, dictionary, or JSON object composed of a collection of (MapKey, MapValue) pairs: * MapKey type: string * MapKey value: parameter name * MapValue type: If parameter's entity type is a composite entity then use map, otherwise, depending on the parameter value type, it could be one of string, number, boolean, null, list or map. * MapValue value: If parameter's entity type is a composite entity then use map from composite entity property names to property values, otherwise, use parameter value." } }, "type": "object", "required": [ "name" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2ContextResponse": { "description": "Dialogflow contexts are similar to natural language context. If a person says to you \"they are orange\", you need context in order to understand what \"they\" is referring to. Similarly, for Dialogflow to handle an end-user expression like that, it needs to be provided with context in order to correctly match an intent. Using contexts, you can control the flow of a conversation. You can configure contexts for an intent by setting input and output contexts, which are identified by string names. When an intent is matched, any configured output contexts for that intent become active. While any contexts are active, Dialogflow is more likely to match intents that are configured with input contexts that correspond to the currently active contexts. For more information about context, see the [Contexts guide](https://cloud.google.com/dialogflow/docs/contexts-overview).", "properties": { "lifespanCount": { "type": "integer", "description": "Optional. The number of conversational query requests after which the context expires. The default is `0`. If set to `0`, the context expires immediately. Contexts expire automatically after 20 minutes if there are no matching queries." }, "name": { "type": "string", "description": "The unique identifier of the context. Format: `projects//agent/sessions//contexts/`, or `projects//agent/environments//users//sessions//contexts/`. The `Context ID` is always converted to lowercase, may only contain characters in `a-zA-Z0-9_-%` and may be at most 250 bytes long. If `Environment ID` is not specified, we assume default 'draft' environment. If `User ID` is not specified, we assume default '-' user. The following context names are reserved for internal use by Dialogflow. You should not use these contexts or create contexts with these names: * `__system_counters__` * `*_id_dialog_context` * `*_dialog_params_size`" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. The collection of parameters associated with this context. Depending on your protocol or client library language, this is a map, associative array, symbol table, dictionary, or JSON object composed of a collection of (MapKey, MapValue) pairs: * MapKey type: string * MapKey value: parameter name * MapValue type: If parameter's entity type is a composite entity then use map, otherwise, depending on the parameter value type, it could be one of string, number, boolean, null, list or map. * MapValue value: If parameter's entity type is a composite entity then use map from composite entity property names to property values, otherwise, use parameter value." } }, "type": "object", "required": [ "lifespanCount", "name", "parameters" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2ConversationInfoResponse": { "description": "Represents metadata of a conversation.", "properties": { "languageCode": { "type": "string", "description": "Optional. The language code of the conversation data within this dataset. See https://cloud.google.com/apis/design/standard_fields for more information. Supports all UTF-8 languages." } }, "type": "object", "required": [ "languageCode" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2ConversationPhoneNumberResponse": { "description": "Represents a phone number for telephony integration. It allows for connecting a particular conversation over telephony.", "properties": { "phoneNumber": { "type": "string", "description": "The phone number to connect to this conversation." } }, "type": "object", "required": [ "phoneNumber" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2DocumentReloadStatusResponse": { "description": "The status of a reload attempt.", "properties": { "status": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleRpcStatusResponse", "description": "The status of a reload attempt or the initial load." }, "time": { "type": "string", "description": "The time of a reload attempt. This reload may have been triggered automatically or manually and may not have succeeded." } }, "type": "object", "required": [ "status", "time" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2EntityTypeEntity": { "description": "An **entity entry** for an associated entity type.", "properties": { "synonyms": { "type": "array", "items": { "type": "string" }, "description": "A collection of value synonyms. For example, if the entity type is *vegetable*, and `value` is *scallions*, a synonym could be *green onions*. For `KIND_LIST` entity types: * This collection must contain exactly one synonym equal to `value`." }, "value": { "type": "string", "description": "The primary value associated with this entity entry. For example, if the entity type is *vegetable*, the value could be *scallions*. For `KIND_MAP` entity types: * A reference value to be used in place of synonyms. For `KIND_LIST` entity types: * A string that can contain references to other entity types (with or without aliases)." } }, "type": "object", "required": [ "synonyms", "value" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2EntityTypeEntityResponse": { "description": "An **entity entry** for an associated entity type.", "properties": { "synonyms": { "type": "array", "items": { "type": "string" }, "description": "A collection of value synonyms. For example, if the entity type is *vegetable*, and `value` is *scallions*, a synonym could be *green onions*. For `KIND_LIST` entity types: * This collection must contain exactly one synonym equal to `value`." }, "value": { "type": "string", "description": "The primary value associated with this entity entry. For example, if the entity type is *vegetable*, the value could be *scallions*. For `KIND_MAP` entity types: * A reference value to be used in place of synonyms. For `KIND_LIST` entity types: * A string that can contain references to other entity types (with or without aliases)." } }, "type": "object", "required": [ "synonyms", "value" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2EvaluationConfig": { "description": "The configuration for model evaluation.", "properties": { "datasets": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2InputDataset" }, "description": "Datasets used for evaluation." }, "smartComposeConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2EvaluationConfigSmartComposeConfig", "description": "Configuration for smart compose model evalution." }, "smartReplyConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2EvaluationConfigSmartReplyConfig", "description": "Configuration for smart reply model evalution." } }, "type": "object", "required": [ "datasets" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2EvaluationConfigResponse": { "description": "The configuration for model evaluation.", "properties": { "datasets": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2InputDatasetResponse" }, "description": "Datasets used for evaluation." }, "smartComposeConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2EvaluationConfigSmartComposeConfigResponse", "description": "Configuration for smart compose model evalution." }, "smartReplyConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2EvaluationConfigSmartReplyConfigResponse", "description": "Configuration for smart reply model evalution." } }, "type": "object", "required": [ "datasets", "smartComposeConfig", "smartReplyConfig" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2EvaluationConfigSmartComposeConfig": { "description": "Smart compose specific configuration for evaluation job.", "properties": { "allowlistDocument": { "type": "string", "description": "The allowlist document resource name. Format: `projects//knowledgeBases//documents/`. Only used for smart compose model." }, "maxResultCount": { "type": "integer", "description": "The model to be evaluated can return multiple results with confidence score on each query. These results will be sorted by the descending order of the scores and we only keep the first max_result_count results as the final results to evaluate." } }, "type": "object", "required": [ "maxResultCount" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2EvaluationConfigSmartComposeConfigResponse": { "description": "Smart compose specific configuration for evaluation job.", "properties": { "allowlistDocument": { "type": "string", "description": "The allowlist document resource name. Format: `projects//knowledgeBases//documents/`. Only used for smart compose model." }, "maxResultCount": { "type": "integer", "description": "The model to be evaluated can return multiple results with confidence score on each query. These results will be sorted by the descending order of the scores and we only keep the first max_result_count results as the final results to evaluate." } }, "type": "object", "required": [ "allowlistDocument", "maxResultCount" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2EvaluationConfigSmartReplyConfig": { "description": "Smart reply specific configuration for evaluation job.", "properties": { "allowlistDocument": { "type": "string", "description": "The allowlist document resource name. Format: `projects//knowledgeBases//documents/`. Only used for smart reply model." }, "maxResultCount": { "type": "integer", "description": "The model to be evaluated can return multiple results with confidence score on each query. These results will be sorted by the descending order of the scores and we only keep the first max_result_count results as the final results to evaluate." } }, "type": "object", "required": [ "maxResultCount" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2EvaluationConfigSmartReplyConfigResponse": { "description": "Smart reply specific configuration for evaluation job.", "properties": { "allowlistDocument": { "type": "string", "description": "The allowlist document resource name. Format: `projects//knowledgeBases//documents/`. Only used for smart reply model." }, "maxResultCount": { "type": "integer", "description": "The model to be evaluated can return multiple results with confidence score on each query. These results will be sorted by the descending order of the scores and we only keep the first max_result_count results as the final results to evaluate." } }, "type": "object", "required": [ "allowlistDocument", "maxResultCount" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2Fulfillment": { "description": "By default, your agent responds to a matched intent with a static response. As an alternative, you can provide a more dynamic response by using fulfillment. When you enable fulfillment for an intent, Dialogflow responds to that intent by calling a service that you define. For example, if an end-user wants to schedule a haircut on Friday, your service can check your database and respond to the end-user with availability information for Friday. For more information, see the [fulfillment guide](https://cloud.google.com/dialogflow/docs/fulfillment-overview).", "properties": { "displayName": { "type": "string", "description": "Optional. The human-readable name of the fulfillment, unique within the agent. This field is not used for Fulfillment in an Environment." }, "enabled": { "type": "boolean", "description": "Optional. Whether fulfillment is enabled." }, "features": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2FulfillmentFeature" }, "description": "Optional. The field defines whether the fulfillment is enabled for certain features." }, "genericWebService": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2FulfillmentGenericWebService", "description": "Configuration for a generic web service." }, "name": { "type": "string", "description": "The unique identifier of the fulfillment. Supported formats: - `projects//agent/fulfillment` - `projects//locations//agent/fulfillment` This field is not used for Fulfillment in an Environment." } }, "type": "object", "required": [ "name" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2FulfillmentFeature": { "description": "Whether fulfillment is enabled for the specific feature.", "properties": { "type": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2FulfillmentFeatureType", "description": "The type of the feature that enabled for fulfillment." } }, "type": "object" }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2FulfillmentFeatureResponse": { "description": "Whether fulfillment is enabled for the specific feature.", "properties": { "type": { "type": "string", "description": "The type of the feature that enabled for fulfillment." } }, "type": "object", "required": [ "type" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2FulfillmentFeatureType": { "description": "The type of the feature that enabled for fulfillment.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Feature type not specified.", "value": "TYPE_UNSPECIFIED" }, { "name": "Smalltalk", "description": "Fulfillment is enabled for SmallTalk.", "value": "SMALLTALK" } ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2FulfillmentGenericWebService": { "description": "Represents configuration for a generic web service. Dialogflow supports two mechanisms for authentications: - Basic authentication with username and password. - Authentication with additional authentication headers. More information could be found at: https://cloud.google.com/dialogflow/docs/fulfillment-configure.", "properties": { "isCloudFunction": { "type": "boolean", "description": "Optional. Indicates if generic web service is created through Cloud Functions integration. Defaults to false. is_cloud_function is deprecated. Cloud functions can be configured by its uri as a regular web service now." }, "password": { "type": "string", "description": "Optional. The password for HTTP Basic authentication." }, "requestHeaders": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. The HTTP request headers to send together with fulfillment requests." }, "uri": { "type": "string", "description": "The fulfillment URI for receiving POST requests. It must use https protocol." }, "username": { "type": "string", "description": "Optional. The user name for HTTP Basic authentication." } }, "type": "object", "required": [ "uri" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2FulfillmentGenericWebServiceResponse": { "description": "Represents configuration for a generic web service. Dialogflow supports two mechanisms for authentications: - Basic authentication with username and password. - Authentication with additional authentication headers. More information could be found at: https://cloud.google.com/dialogflow/docs/fulfillment-configure.", "properties": { "isCloudFunction": { "type": "boolean", "description": "Optional. Indicates if generic web service is created through Cloud Functions integration. Defaults to false. is_cloud_function is deprecated. Cloud functions can be configured by its uri as a regular web service now." }, "password": { "type": "string", "description": "Optional. The password for HTTP Basic authentication." }, "requestHeaders": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. The HTTP request headers to send together with fulfillment requests." }, "uri": { "type": "string", "description": "The fulfillment URI for receiving POST requests. It must use https protocol." }, "username": { "type": "string", "description": "Optional. The user name for HTTP Basic authentication." } }, "type": "object", "required": [ "isCloudFunction", "password", "requestHeaders", "uri", "username" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2FulfillmentResponse": { "description": "By default, your agent responds to a matched intent with a static response. As an alternative, you can provide a more dynamic response by using fulfillment. When you enable fulfillment for an intent, Dialogflow responds to that intent by calling a service that you define. For example, if an end-user wants to schedule a haircut on Friday, your service can check your database and respond to the end-user with availability information for Friday. For more information, see the [fulfillment guide](https://cloud.google.com/dialogflow/docs/fulfillment-overview).", "properties": { "displayName": { "type": "string", "description": "Optional. The human-readable name of the fulfillment, unique within the agent. This field is not used for Fulfillment in an Environment." }, "enabled": { "type": "boolean", "description": "Optional. Whether fulfillment is enabled." }, "features": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2FulfillmentFeatureResponse" }, "description": "Optional. The field defines whether the fulfillment is enabled for certain features." }, "genericWebService": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2FulfillmentGenericWebServiceResponse", "description": "Configuration for a generic web service." }, "name": { "type": "string", "description": "The unique identifier of the fulfillment. Supported formats: - `projects//agent/fulfillment` - `projects//locations//agent/fulfillment` This field is not used for Fulfillment in an Environment." } }, "type": "object", "required": [ "displayName", "enabled", "features", "genericWebService", "name" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2GcsSourcesResponse": { "description": "Google Cloud Storage location for the inputs.", "properties": { "uris": { "type": "array", "items": { "type": "string" }, "description": "Google Cloud Storage URIs for the inputs. A URI is of the form: `gs://bucket/object-prefix-or-name` Whether a prefix or name is used depends on the use case." } }, "type": "object", "required": [ "uris" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentAssistantConfig": { "description": "Defines the Human Agent Assist to connect to a conversation.", "properties": { "endUserSuggestionConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionConfig", "description": "Configuration for agent assistance of end user participant. Currently, this feature is not general available, please contact Google to get access." }, "humanAgentSuggestionConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionConfig", "description": "Configuration for agent assistance of human agent participant." }, "messageAnalysisConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2HumanAgentAssistantConfigMessageAnalysisConfig", "description": "Configuration for message analysis." }, "notificationConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2NotificationConfig", "description": "Pub/Sub topic on which to publish new agent assistant events." } }, "type": "object" }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentAssistantConfigConversationModelConfig": { "description": "Custom conversation models used in agent assist feature. Supported feature: ARTICLE_SUGGESTION, SMART_COMPOSE, SMART_REPLY, CONVERSATION_SUMMARIZATION.", "properties": { "baselineModelVersion": { "type": "string", "description": "Version of current baseline model. It will be ignored if model is set. Valid versions are: Article Suggestion baseline model: - 0.9 - 1.0 (default) Summarization baseline model: - 1.0" }, "model": { "type": "string", "description": "Conversation model resource name. Format: `projects//conversationModels/`." } }, "type": "object" }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentAssistantConfigConversationModelConfigResponse": { "description": "Custom conversation models used in agent assist feature. Supported feature: ARTICLE_SUGGESTION, SMART_COMPOSE, SMART_REPLY, CONVERSATION_SUMMARIZATION.", "properties": { "baselineModelVersion": { "type": "string", "description": "Version of current baseline model. It will be ignored if model is set. Valid versions are: Article Suggestion baseline model: - 0.9 - 1.0 (default) Summarization baseline model: - 1.0" }, "model": { "type": "string", "description": "Conversation model resource name. Format: `projects//conversationModels/`." } }, "type": "object", "required": [ "baselineModelVersion", "model" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentAssistantConfigConversationProcessConfig": { "description": "Config to process conversation.", "properties": { "recentSentencesCount": { "type": "integer", "description": "Number of recent non-small-talk sentences to use as context for article and FAQ suggestion" } }, "type": "object" }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentAssistantConfigConversationProcessConfigResponse": { "description": "Config to process conversation.", "properties": { "recentSentencesCount": { "type": "integer", "description": "Number of recent non-small-talk sentences to use as context for article and FAQ suggestion" } }, "type": "object", "required": [ "recentSentencesCount" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentAssistantConfigMessageAnalysisConfig": { "description": "Configuration for analyses to run on each conversation message.", "properties": { "enableEntityExtraction": { "type": "boolean", "description": "Enable entity extraction in conversation messages on [agent assist stage](https://cloud.google.com/dialogflow/priv/docs/contact-center/basics#stages). If unspecified, defaults to false. Currently, this feature is not general available, please contact Google to get access." }, "enableSentimentAnalysis": { "type": "boolean", "description": "Enable sentiment analysis in conversation messages on [agent assist stage](https://cloud.google.com/dialogflow/priv/docs/contact-center/basics#stages). If unspecified, defaults to false. Sentiment analysis inspects user input and identifies the prevailing subjective opinion, especially to determine a user's attitude as positive, negative, or neutral: https://cloud.google.com/natural-language/docs/basics#sentiment_analysis For Participants.StreamingAnalyzeContent method, result will be in StreamingAnalyzeContentResponse.message.SentimentAnalysisResult. For Participants.AnalyzeContent method, result will be in AnalyzeContentResponse.message.SentimentAnalysisResult For Conversations.ListMessages method, result will be in ListMessagesResponse.messages.SentimentAnalysisResult If Pub/Sub notification is configured, result will be in ConversationEvent.new_message_payload.SentimentAnalysisResult." } }, "type": "object" }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentAssistantConfigMessageAnalysisConfigResponse": { "description": "Configuration for analyses to run on each conversation message.", "properties": { "enableEntityExtraction": { "type": "boolean", "description": "Enable entity extraction in conversation messages on [agent assist stage](https://cloud.google.com/dialogflow/priv/docs/contact-center/basics#stages). If unspecified, defaults to false. Currently, this feature is not general available, please contact Google to get access." }, "enableSentimentAnalysis": { "type": "boolean", "description": "Enable sentiment analysis in conversation messages on [agent assist stage](https://cloud.google.com/dialogflow/priv/docs/contact-center/basics#stages). If unspecified, defaults to false. Sentiment analysis inspects user input and identifies the prevailing subjective opinion, especially to determine a user's attitude as positive, negative, or neutral: https://cloud.google.com/natural-language/docs/basics#sentiment_analysis For Participants.StreamingAnalyzeContent method, result will be in StreamingAnalyzeContentResponse.message.SentimentAnalysisResult. For Participants.AnalyzeContent method, result will be in AnalyzeContentResponse.message.SentimentAnalysisResult For Conversations.ListMessages method, result will be in ListMessagesResponse.messages.SentimentAnalysisResult If Pub/Sub notification is configured, result will be in ConversationEvent.new_message_payload.SentimentAnalysisResult." } }, "type": "object", "required": [ "enableEntityExtraction", "enableSentimentAnalysis" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentAssistantConfigResponse": { "description": "Defines the Human Agent Assist to connect to a conversation.", "properties": { "endUserSuggestionConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionConfigResponse", "description": "Configuration for agent assistance of end user participant. Currently, this feature is not general available, please contact Google to get access." }, "humanAgentSuggestionConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionConfigResponse", "description": "Configuration for agent assistance of human agent participant." }, "messageAnalysisConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2HumanAgentAssistantConfigMessageAnalysisConfigResponse", "description": "Configuration for message analysis." }, "notificationConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2NotificationConfigResponse", "description": "Pub/Sub topic on which to publish new agent assistant events." } }, "type": "object", "required": [ "endUserSuggestionConfig", "humanAgentSuggestionConfig", "messageAnalysisConfig", "notificationConfig" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionConfig": { "description": "Detail human agent assistant config.", "properties": { "featureConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionFeatureConfig" }, "description": "Configuration of different suggestion features. One feature can have only one config." }, "groupSuggestionResponses": { "type": "boolean", "description": "If `group_suggestion_responses` is false, and there are multiple `feature_configs` in `event based suggestion` or StreamingAnalyzeContent, we will try to deliver suggestions to customers as soon as we get new suggestion. Different type of suggestions based on the same context will be in separate Pub/Sub event or `StreamingAnalyzeContentResponse`. If `group_suggestion_responses` set to true. All the suggestions to the same participant based on the same context will be grouped into a single Pub/Sub event or StreamingAnalyzeContentResponse." } }, "type": "object" }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionConfigResponse": { "description": "Detail human agent assistant config.", "properties": { "featureConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionFeatureConfigResponse" }, "description": "Configuration of different suggestion features. One feature can have only one config." }, "groupSuggestionResponses": { "type": "boolean", "description": "If `group_suggestion_responses` is false, and there are multiple `feature_configs` in `event based suggestion` or StreamingAnalyzeContent, we will try to deliver suggestions to customers as soon as we get new suggestion. Different type of suggestions based on the same context will be in separate Pub/Sub event or `StreamingAnalyzeContentResponse`. If `group_suggestion_responses` set to true. All the suggestions to the same participant based on the same context will be grouped into a single Pub/Sub event or StreamingAnalyzeContentResponse." } }, "type": "object", "required": [ "featureConfigs", "groupSuggestionResponses" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionFeatureConfig": { "description": "Config for suggestion features.", "properties": { "conversationModelConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2HumanAgentAssistantConfigConversationModelConfig", "description": "Configs of custom conversation model." }, "conversationProcessConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2HumanAgentAssistantConfigConversationProcessConfig", "description": "Configs for processing conversation." }, "disableAgentQueryLogging": { "type": "boolean", "description": "Optional. Disable the logging of search queries sent by human agents. It can prevent those queries from being stored at answer records. Supported features: KNOWLEDGE_SEARCH." }, "enableEventBasedSuggestion": { "type": "boolean", "description": "Automatically iterates all participants and tries to compile suggestions. Supported features: ARTICLE_SUGGESTION, FAQ, DIALOGFLOW_ASSIST, KNOWLEDGE_ASSIST." }, "queryConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionQueryConfig", "description": "Configs of query." }, "suggestionFeature": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2SuggestionFeature", "description": "The suggestion feature." }, "suggestionTriggerSettings": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionTriggerSettings", "description": "Settings of suggestion trigger. Currently, only ARTICLE_SUGGESTION and FAQ will use this field." } }, "type": "object" }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionFeatureConfigResponse": { "description": "Config for suggestion features.", "properties": { "conversationModelConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2HumanAgentAssistantConfigConversationModelConfigResponse", "description": "Configs of custom conversation model." }, "conversationProcessConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2HumanAgentAssistantConfigConversationProcessConfigResponse", "description": "Configs for processing conversation." }, "disableAgentQueryLogging": { "type": "boolean", "description": "Optional. Disable the logging of search queries sent by human agents. It can prevent those queries from being stored at answer records. Supported features: KNOWLEDGE_SEARCH." }, "enableEventBasedSuggestion": { "type": "boolean", "description": "Automatically iterates all participants and tries to compile suggestions. Supported features: ARTICLE_SUGGESTION, FAQ, DIALOGFLOW_ASSIST, KNOWLEDGE_ASSIST." }, "queryConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionQueryConfigResponse", "description": "Configs of query." }, "suggestionFeature": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2SuggestionFeatureResponse", "description": "The suggestion feature." }, "suggestionTriggerSettings": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionTriggerSettingsResponse", "description": "Settings of suggestion trigger. Currently, only ARTICLE_SUGGESTION and FAQ will use this field." } }, "type": "object", "required": [ "conversationModelConfig", "conversationProcessConfig", "disableAgentQueryLogging", "enableEventBasedSuggestion", "queryConfig", "suggestionFeature", "suggestionTriggerSettings" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionQueryConfig": { "description": "Config for suggestion query.", "properties": { "confidenceThreshold": { "type": "number", "description": "Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION, FAQ, SMART_REPLY, SMART_COMPOSE, KNOWLEDGE_SEARCH, KNOWLEDGE_ASSIST, ENTITY_EXTRACTION." }, "contextFilterSettings": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionQueryConfigContextFilterSettings", "description": "Determines how recent conversation context is filtered when generating suggestions. If unspecified, no messages will be dropped." }, "dialogflowQuerySource": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionQueryConfigDialogflowQuerySource", "description": "Query from Dialogflow agent. It is used by DIALOGFLOW_ASSIST." }, "documentQuerySource": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionQueryConfigDocumentQuerySource", "description": "Query from knowledge base document. It is used by: SMART_REPLY, SMART_COMPOSE." }, "knowledgeBaseQuerySource": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionQueryConfigKnowledgeBaseQuerySource", "description": "Query from knowledgebase. It is used by: ARTICLE_SUGGESTION, FAQ." }, "maxResults": { "type": "integer", "description": "Maximum number of results to return. Currently, if unset, defaults to 10. And the max number is 20." } }, "type": "object" }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionQueryConfigContextFilterSettings": { "description": "Settings that determine how to filter recent conversation context when generating suggestions.", "properties": { "dropHandoffMessages": { "type": "boolean", "description": "If set to true, the last message from virtual agent (hand off message) and the message before it (trigger message of hand off) are dropped." }, "dropIvrMessages": { "type": "boolean", "description": "If set to true, all messages from ivr stage are dropped." }, "dropVirtualAgentMessages": { "type": "boolean", "description": "If set to true, all messages from virtual agent are dropped." } }, "type": "object" }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionQueryConfigContextFilterSettingsResponse": { "description": "Settings that determine how to filter recent conversation context when generating suggestions.", "properties": { "dropHandoffMessages": { "type": "boolean", "description": "If set to true, the last message from virtual agent (hand off message) and the message before it (trigger message of hand off) are dropped." }, "dropIvrMessages": { "type": "boolean", "description": "If set to true, all messages from ivr stage are dropped." }, "dropVirtualAgentMessages": { "type": "boolean", "description": "If set to true, all messages from virtual agent are dropped." } }, "type": "object", "required": [ "dropHandoffMessages", "dropIvrMessages", "dropVirtualAgentMessages" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionQueryConfigDialogflowQuerySource": { "description": "Dialogflow source setting. Supported feature: DIALOGFLOW_ASSIST.", "properties": { "agent": { "type": "string", "description": "The name of a Dialogflow virtual agent used for end user side intent detection and suggestion. Format: `projects//locations//agent`. When multiple agents are allowed in the same Dialogflow project." }, "humanAgentSideConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionQueryConfigDialogflowQuerySourceHumanAgentSideConfig", "description": "Optional. The Dialogflow assist configuration for human agent." } }, "type": "object", "required": [ "agent" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionQueryConfigDialogflowQuerySourceHumanAgentSideConfig": { "description": "The configuration used for human agent side Dialogflow assist suggestion.", "properties": { "agent": { "type": "string", "description": "Optional. The name of a dialogflow virtual agent used for intent detection and suggestion triggered by human agent. Format: `projects//locations//agent`." } }, "type": "object" }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionQueryConfigDialogflowQuerySourceHumanAgentSideConfigResponse": { "description": "The configuration used for human agent side Dialogflow assist suggestion.", "properties": { "agent": { "type": "string", "description": "Optional. The name of a dialogflow virtual agent used for intent detection and suggestion triggered by human agent. Format: `projects//locations//agent`." } }, "type": "object", "required": [ "agent" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionQueryConfigDialogflowQuerySourceResponse": { "description": "Dialogflow source setting. Supported feature: DIALOGFLOW_ASSIST.", "properties": { "agent": { "type": "string", "description": "The name of a Dialogflow virtual agent used for end user side intent detection and suggestion. Format: `projects//locations//agent`. When multiple agents are allowed in the same Dialogflow project." }, "humanAgentSideConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionQueryConfigDialogflowQuerySourceHumanAgentSideConfigResponse", "description": "Optional. The Dialogflow assist configuration for human agent." } }, "type": "object", "required": [ "agent", "humanAgentSideConfig" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionQueryConfigDocumentQuerySource": { "description": "Document source settings. Supported features: SMART_REPLY, SMART_COMPOSE.", "properties": { "documents": { "type": "array", "items": { "type": "string" }, "description": "Knowledge documents to query from. Format: `projects//locations//knowledgeBases//documents/`. Currently, at most 5 documents are supported." } }, "type": "object", "required": [ "documents" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionQueryConfigDocumentQuerySourceResponse": { "description": "Document source settings. Supported features: SMART_REPLY, SMART_COMPOSE.", "properties": { "documents": { "type": "array", "items": { "type": "string" }, "description": "Knowledge documents to query from. Format: `projects//locations//knowledgeBases//documents/`. Currently, at most 5 documents are supported." } }, "type": "object", "required": [ "documents" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionQueryConfigKnowledgeBaseQuerySource": { "description": "Knowledge base source settings. Supported features: ARTICLE_SUGGESTION, FAQ.", "properties": { "knowledgeBases": { "type": "array", "items": { "type": "string" }, "description": "Knowledge bases to query. Format: `projects//locations//knowledgeBases/`. Currently, at most 5 knowledge bases are supported." } }, "type": "object", "required": [ "knowledgeBases" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionQueryConfigKnowledgeBaseQuerySourceResponse": { "description": "Knowledge base source settings. Supported features: ARTICLE_SUGGESTION, FAQ.", "properties": { "knowledgeBases": { "type": "array", "items": { "type": "string" }, "description": "Knowledge bases to query. Format: `projects//locations//knowledgeBases/`. Currently, at most 5 knowledge bases are supported." } }, "type": "object", "required": [ "knowledgeBases" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionQueryConfigResponse": { "description": "Config for suggestion query.", "properties": { "confidenceThreshold": { "type": "number", "description": "Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it defaults to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION, FAQ, SMART_REPLY, SMART_COMPOSE, KNOWLEDGE_SEARCH, KNOWLEDGE_ASSIST, ENTITY_EXTRACTION." }, "contextFilterSettings": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionQueryConfigContextFilterSettingsResponse", "description": "Determines how recent conversation context is filtered when generating suggestions. If unspecified, no messages will be dropped." }, "dialogflowQuerySource": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionQueryConfigDialogflowQuerySourceResponse", "description": "Query from Dialogflow agent. It is used by DIALOGFLOW_ASSIST." }, "documentQuerySource": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionQueryConfigDocumentQuerySourceResponse", "description": "Query from knowledge base document. It is used by: SMART_REPLY, SMART_COMPOSE." }, "knowledgeBaseQuerySource": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionQueryConfigKnowledgeBaseQuerySourceResponse", "description": "Query from knowledgebase. It is used by: ARTICLE_SUGGESTION, FAQ." }, "maxResults": { "type": "integer", "description": "Maximum number of results to return. Currently, if unset, defaults to 10. And the max number is 20." } }, "type": "object", "required": [ "confidenceThreshold", "contextFilterSettings", "dialogflowQuerySource", "documentQuerySource", "knowledgeBaseQuerySource", "maxResults" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionTriggerSettings": { "description": "Settings of suggestion trigger.", "properties": { "noSmalltalk": { "type": "boolean", "description": "Do not trigger if last utterance is small talk." }, "onlyEndUser": { "type": "boolean", "description": "Only trigger suggestion if participant role of last utterance is END_USER." } }, "type": "object" }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentAssistantConfigSuggestionTriggerSettingsResponse": { "description": "Settings of suggestion trigger.", "properties": { "noSmalltalk": { "type": "boolean", "description": "Do not trigger if last utterance is small talk." }, "onlyEndUser": { "type": "boolean", "description": "Only trigger suggestion if participant role of last utterance is END_USER." } }, "type": "object", "required": [ "noSmalltalk", "onlyEndUser" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentHandoffConfig": { "description": "Defines the hand off to a live agent, typically on which external agent service provider to connect to a conversation. Currently, this feature is not general available, please contact Google to get access.", "properties": { "livePersonConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2HumanAgentHandoffConfigLivePersonConfig", "description": "Uses LivePerson (https://www.liveperson.com)." }, "salesforceLiveAgentConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2HumanAgentHandoffConfigSalesforceLiveAgentConfig", "description": "Uses Salesforce Live Agent." } }, "type": "object" }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentHandoffConfigLivePersonConfig": { "description": "Configuration specific to LivePerson (https://www.liveperson.com).", "properties": { "accountNumber": { "type": "string", "description": "Account number of the LivePerson account to connect. This is the account number you input at the login page." } }, "type": "object", "required": [ "accountNumber" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentHandoffConfigLivePersonConfigResponse": { "description": "Configuration specific to LivePerson (https://www.liveperson.com).", "properties": { "accountNumber": { "type": "string", "description": "Account number of the LivePerson account to connect. This is the account number you input at the login page." } }, "type": "object", "required": [ "accountNumber" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentHandoffConfigResponse": { "description": "Defines the hand off to a live agent, typically on which external agent service provider to connect to a conversation. Currently, this feature is not general available, please contact Google to get access.", "properties": { "livePersonConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2HumanAgentHandoffConfigLivePersonConfigResponse", "description": "Uses LivePerson (https://www.liveperson.com)." }, "salesforceLiveAgentConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2HumanAgentHandoffConfigSalesforceLiveAgentConfigResponse", "description": "Uses Salesforce Live Agent." } }, "type": "object", "required": [ "livePersonConfig", "salesforceLiveAgentConfig" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentHandoffConfigSalesforceLiveAgentConfig": { "description": "Configuration specific to Salesforce Live Agent.", "properties": { "buttonId": { "type": "string", "description": "Live Agent chat button ID." }, "deploymentId": { "type": "string", "description": "Live Agent deployment ID." }, "endpointDomain": { "type": "string", "description": "Domain of the Live Agent endpoint for this agent. You can find the endpoint URL in the `Live Agent settings` page. For example if URL has the form https://d.la4-c2-phx.salesforceliveagent.com/..., you should fill in d.la4-c2-phx.salesforceliveagent.com." }, "organizationId": { "type": "string", "description": "The organization ID of the Salesforce account." } }, "type": "object", "required": [ "buttonId", "deploymentId", "endpointDomain", "organizationId" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2HumanAgentHandoffConfigSalesforceLiveAgentConfigResponse": { "description": "Configuration specific to Salesforce Live Agent.", "properties": { "buttonId": { "type": "string", "description": "Live Agent chat button ID." }, "deploymentId": { "type": "string", "description": "Live Agent deployment ID." }, "endpointDomain": { "type": "string", "description": "Domain of the Live Agent endpoint for this agent. You can find the endpoint URL in the `Live Agent settings` page. For example if URL has the form https://d.la4-c2-phx.salesforceliveagent.com/..., you should fill in d.la4-c2-phx.salesforceliveagent.com." }, "organizationId": { "type": "string", "description": "The organization ID of the Salesforce account." } }, "type": "object", "required": [ "buttonId", "deploymentId", "endpointDomain", "organizationId" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2InputConfigResponse": { "description": "Represents the configuration of importing a set of conversation files in Google Cloud Storage.", "properties": { "gcsSource": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2GcsSourcesResponse", "description": "The Cloud Storage URI has the form gs:////agent*.json. Wildcards are allowed and will be expanded into all matched JSON files, which will be read as one conversation per file." } }, "type": "object", "required": [ "gcsSource" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2InputDataset": { "description": "InputDataset used to create model or do evaluation. NextID:5", "properties": { "dataset": { "type": "string", "description": "ConversationDataset resource name. Format: `projects//locations//conversationDatasets/`" } }, "type": "object", "required": [ "dataset" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2InputDatasetResponse": { "description": "InputDataset used to create model or do evaluation. NextID:5", "properties": { "dataset": { "type": "string", "description": "ConversationDataset resource name. Format: `projects//locations//conversationDatasets/`" } }, "type": "object", "required": [ "dataset" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentFollowupIntentInfoResponse": { "description": "Represents a single followup intent in the chain.", "properties": { "followupIntentName": { "type": "string", "description": "The unique identifier of the followup intent. Format: `projects//agent/intents/`." }, "parentFollowupIntentName": { "type": "string", "description": "The unique identifier of the followup intent's parent. Format: `projects//agent/intents/`." } }, "type": "object", "required": [ "followupIntentName", "parentFollowupIntentName" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessage": { "description": "A rich response message. Corresponds to the intent `Response` field in the Dialogflow console. For more information, see [Rich response messages](https://cloud.google.com/dialogflow/docs/intents-rich-messages).", "properties": { "basicCard": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageBasicCard", "description": "The basic card response for Actions on Google." }, "browseCarouselCard": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageBrowseCarouselCard", "description": "Browse carousel card for Actions on Google." }, "card": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageCard", "description": "The card response." }, "carouselSelect": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageCarouselSelect", "description": "The carousel card response for Actions on Google." }, "image": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageImage", "description": "The image response." }, "linkOutSuggestion": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageLinkOutSuggestion", "description": "The link out suggestion chip for Actions on Google." }, "listSelect": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageListSelect", "description": "The list card response for Actions on Google." }, "mediaContent": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageMediaContent", "description": "The media content card for Actions on Google." }, "payload": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A custom platform-specific response." }, "platform": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessagePlatform", "description": "Optional. The platform that this message is intended for." }, "quickReplies": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageQuickReplies", "description": "The quick replies response." }, "simpleResponses": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageSimpleResponses", "description": "The voice and text-only responses for Actions on Google." }, "suggestions": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageSuggestions", "description": "The suggestion chips for Actions on Google." }, "tableCard": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageTableCard", "description": "Table card for Actions on Google." }, "text": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageText", "description": "The text response." } }, "type": "object" }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageBasicCard": { "description": "The basic card message. Useful for displaying information.", "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageBasicCardButton" }, "description": "Optional. The collection of card buttons." }, "formattedText": { "type": "string", "description": "Required, unless image is present. The body text of the card." }, "image": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageImage", "description": "Optional. The image for the card." }, "subtitle": { "type": "string", "description": "Optional. The subtitle of the card." }, "title": { "type": "string", "description": "Optional. The title of the card." } }, "type": "object" }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageBasicCardButton": { "description": "The button object that appears at the bottom of a card.", "properties": { "openUriAction": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageBasicCardButtonOpenUriAction", "description": "Action to take when a user taps on the button." }, "title": { "type": "string", "description": "The title of the button." } }, "type": "object", "required": [ "openUriAction", "title" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageBasicCardButtonOpenUriAction": { "description": "Opens the given URI.", "properties": { "uri": { "type": "string", "description": "The HTTP or HTTPS scheme URI." } }, "type": "object", "required": [ "uri" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageBasicCardButtonOpenUriActionResponse": { "description": "Opens the given URI.", "properties": { "uri": { "type": "string", "description": "The HTTP or HTTPS scheme URI." } }, "type": "object", "required": [ "uri" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageBasicCardButtonResponse": { "description": "The button object that appears at the bottom of a card.", "properties": { "openUriAction": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageBasicCardButtonOpenUriActionResponse", "description": "Action to take when a user taps on the button." }, "title": { "type": "string", "description": "The title of the button." } }, "type": "object", "required": [ "openUriAction", "title" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageBasicCardResponse": { "description": "The basic card message. Useful for displaying information.", "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageBasicCardButtonResponse" }, "description": "Optional. The collection of card buttons." }, "formattedText": { "type": "string", "description": "Required, unless image is present. The body text of the card." }, "image": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageImageResponse", "description": "Optional. The image for the card." }, "subtitle": { "type": "string", "description": "Optional. The subtitle of the card." }, "title": { "type": "string", "description": "Optional. The title of the card." } }, "type": "object", "required": [ "buttons", "formattedText", "image", "subtitle", "title" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageBrowseCarouselCard": { "description": "Browse Carousel Card for Actions on Google. https://developers.google.com/actions/assistant/responses#browsing_carousel", "properties": { "imageDisplayOptions": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageBrowseCarouselCardImageDisplayOptions", "description": "Optional. Settings for displaying the image. Applies to every image in items." }, "items": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageBrowseCarouselCardBrowseCarouselCardItem" }, "description": "List of items in the Browse Carousel Card. Minimum of two items, maximum of ten." } }, "type": "object", "required": [ "items" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageBrowseCarouselCardBrowseCarouselCardItem": { "description": "Browsing carousel tile", "properties": { "description": { "type": "string", "description": "Optional. Description of the carousel item. Maximum of four lines of text." }, "footer": { "type": "string", "description": "Optional. Text that appears at the bottom of the Browse Carousel Card. Maximum of one line of text." }, "image": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageImage", "description": "Optional. Hero image for the carousel item." }, "openUriAction": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageBrowseCarouselCardBrowseCarouselCardItemOpenUrlAction", "description": "Action to present to the user." }, "title": { "type": "string", "description": "Title of the carousel item. Maximum of two lines of text." } }, "type": "object", "required": [ "openUriAction", "title" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageBrowseCarouselCardBrowseCarouselCardItemOpenUrlAction": { "description": "Actions on Google action to open a given url.", "properties": { "url": { "type": "string", "description": "URL" }, "urlTypeHint": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageBrowseCarouselCardBrowseCarouselCardItemOpenUrlActionUrlTypeHint", "description": "Optional. Specifies the type of viewer that is used when opening the URL. Defaults to opening via web browser." } }, "type": "object", "required": [ "url" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageBrowseCarouselCardBrowseCarouselCardItemOpenUrlActionResponse": { "description": "Actions on Google action to open a given url.", "properties": { "url": { "type": "string", "description": "URL" }, "urlTypeHint": { "type": "string", "description": "Optional. Specifies the type of viewer that is used when opening the URL. Defaults to opening via web browser." } }, "type": "object", "required": [ "url", "urlTypeHint" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageBrowseCarouselCardBrowseCarouselCardItemOpenUrlActionUrlTypeHint": { "description": "Optional. Specifies the type of viewer that is used when opening the URL. Defaults to opening via web browser.", "type": "string", "enum": [ { "name": "UrlTypeHintUnspecified", "description": "Unspecified", "value": "URL_TYPE_HINT_UNSPECIFIED" }, { "name": "AmpAction", "description": "Url would be an amp action", "value": "AMP_ACTION" }, { "name": "AmpContent", "description": "URL that points directly to AMP content, or to a canonical URL which refers to AMP content via .", "value": "AMP_CONTENT" } ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageBrowseCarouselCardBrowseCarouselCardItemResponse": { "description": "Browsing carousel tile", "properties": { "description": { "type": "string", "description": "Optional. Description of the carousel item. Maximum of four lines of text." }, "footer": { "type": "string", "description": "Optional. Text that appears at the bottom of the Browse Carousel Card. Maximum of one line of text." }, "image": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageImageResponse", "description": "Optional. Hero image for the carousel item." }, "openUriAction": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageBrowseCarouselCardBrowseCarouselCardItemOpenUrlActionResponse", "description": "Action to present to the user." }, "title": { "type": "string", "description": "Title of the carousel item. Maximum of two lines of text." } }, "type": "object", "required": [ "description", "footer", "image", "openUriAction", "title" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageBrowseCarouselCardImageDisplayOptions": { "description": "Optional. Settings for displaying the image. Applies to every image in items.", "type": "string", "enum": [ { "name": "ImageDisplayOptionsUnspecified", "description": "Fill the gaps between the image and the image container with gray bars.", "value": "IMAGE_DISPLAY_OPTIONS_UNSPECIFIED" }, { "name": "Gray", "description": "Fill the gaps between the image and the image container with gray bars.", "value": "GRAY" }, { "name": "White", "description": "Fill the gaps between the image and the image container with white bars.", "value": "WHITE" }, { "name": "Cropped", "description": "Image is scaled such that the image width and height match or exceed the container dimensions. This may crop the top and bottom of the image if the scaled image height is greater than the container height, or crop the left and right of the image if the scaled image width is greater than the container width. This is similar to \"Zoom Mode\" on a widescreen TV when playing a 4:3 video.", "value": "CROPPED" }, { "name": "BlurredBackground", "description": "Pad the gaps between image and image frame with a blurred copy of the same image.", "value": "BLURRED_BACKGROUND" } ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageBrowseCarouselCardResponse": { "description": "Browse Carousel Card for Actions on Google. https://developers.google.com/actions/assistant/responses#browsing_carousel", "properties": { "imageDisplayOptions": { "type": "string", "description": "Optional. Settings for displaying the image. Applies to every image in items." }, "items": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageBrowseCarouselCardBrowseCarouselCardItemResponse" }, "description": "List of items in the Browse Carousel Card. Minimum of two items, maximum of ten." } }, "type": "object", "required": [ "imageDisplayOptions", "items" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageCard": { "description": "The card response message.", "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageCardButton" }, "description": "Optional. The collection of card buttons." }, "imageUri": { "type": "string", "description": "Optional. The public URI to an image file for the card." }, "subtitle": { "type": "string", "description": "Optional. The subtitle of the card." }, "title": { "type": "string", "description": "Optional. The title of the card." } }, "type": "object" }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageCardButton": { "description": "Contains information about a button.", "properties": { "postback": { "type": "string", "description": "Optional. The text to send back to the Dialogflow API or a URI to open." }, "text": { "type": "string", "description": "Optional. The text to show on the button." } }, "type": "object" }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageCardButtonResponse": { "description": "Contains information about a button.", "properties": { "postback": { "type": "string", "description": "Optional. The text to send back to the Dialogflow API or a URI to open." }, "text": { "type": "string", "description": "Optional. The text to show on the button." } }, "type": "object", "required": [ "postback", "text" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageCardResponse": { "description": "The card response message.", "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageCardButtonResponse" }, "description": "Optional. The collection of card buttons." }, "imageUri": { "type": "string", "description": "Optional. The public URI to an image file for the card." }, "subtitle": { "type": "string", "description": "Optional. The subtitle of the card." }, "title": { "type": "string", "description": "Optional. The title of the card." } }, "type": "object", "required": [ "buttons", "imageUri", "subtitle", "title" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageCarouselSelect": { "description": "The card for presenting a carousel of options to select from.", "properties": { "items": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageCarouselSelectItem" }, "description": "Carousel items." } }, "type": "object", "required": [ "items" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageCarouselSelectItem": { "description": "An item in the carousel.", "properties": { "description": { "type": "string", "description": "Optional. The body text of the card." }, "image": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageImage", "description": "Optional. The image to display." }, "info": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageSelectItemInfo", "description": "Additional info about the option item." }, "title": { "type": "string", "description": "Title of the carousel item." } }, "type": "object", "required": [ "info", "title" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageCarouselSelectItemResponse": { "description": "An item in the carousel.", "properties": { "description": { "type": "string", "description": "Optional. The body text of the card." }, "image": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageImageResponse", "description": "Optional. The image to display." }, "info": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageSelectItemInfoResponse", "description": "Additional info about the option item." }, "title": { "type": "string", "description": "Title of the carousel item." } }, "type": "object", "required": [ "description", "image", "info", "title" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageCarouselSelectResponse": { "description": "The card for presenting a carousel of options to select from.", "properties": { "items": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageCarouselSelectItemResponse" }, "description": "Carousel items." } }, "type": "object", "required": [ "items" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageColumnProperties": { "description": "Column properties for TableCard.", "properties": { "header": { "type": "string", "description": "Column heading." }, "horizontalAlignment": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageColumnPropertiesHorizontalAlignment", "description": "Optional. Defines text alignment for all cells in this column." } }, "type": "object", "required": [ "header" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageColumnPropertiesHorizontalAlignment": { "description": "Optional. Defines text alignment for all cells in this column.", "type": "string", "enum": [ { "name": "HorizontalAlignmentUnspecified", "description": "Text is aligned to the leading edge of the column.", "value": "HORIZONTAL_ALIGNMENT_UNSPECIFIED" }, { "name": "Leading", "description": "Text is aligned to the leading edge of the column.", "value": "LEADING" }, { "name": "Center", "description": "Text is centered in the column.", "value": "CENTER" }, { "name": "Trailing", "description": "Text is aligned to the trailing edge of the column.", "value": "TRAILING" } ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageColumnPropertiesResponse": { "description": "Column properties for TableCard.", "properties": { "header": { "type": "string", "description": "Column heading." }, "horizontalAlignment": { "type": "string", "description": "Optional. Defines text alignment for all cells in this column." } }, "type": "object", "required": [ "header", "horizontalAlignment" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageImage": { "description": "The image response message.", "properties": { "accessibilityText": { "type": "string", "description": "Optional. A text description of the image to be used for accessibility, e.g., screen readers." }, "imageUri": { "type": "string", "description": "Optional. The public URI to an image file." } }, "type": "object" }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageImageResponse": { "description": "The image response message.", "properties": { "accessibilityText": { "type": "string", "description": "Optional. A text description of the image to be used for accessibility, e.g., screen readers." }, "imageUri": { "type": "string", "description": "Optional. The public URI to an image file." } }, "type": "object", "required": [ "accessibilityText", "imageUri" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageLinkOutSuggestion": { "description": "The suggestion chip message that allows the user to jump out to the app or website associated with this agent.", "properties": { "destinationName": { "type": "string", "description": "The name of the app or site this chip is linking to." }, "uri": { "type": "string", "description": "The URI of the app or site to open when the user taps the suggestion chip." } }, "type": "object", "required": [ "destinationName", "uri" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageLinkOutSuggestionResponse": { "description": "The suggestion chip message that allows the user to jump out to the app or website associated with this agent.", "properties": { "destinationName": { "type": "string", "description": "The name of the app or site this chip is linking to." }, "uri": { "type": "string", "description": "The URI of the app or site to open when the user taps the suggestion chip." } }, "type": "object", "required": [ "destinationName", "uri" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageListSelect": { "description": "The card for presenting a list of options to select from.", "properties": { "items": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageListSelectItem" }, "description": "List items." }, "subtitle": { "type": "string", "description": "Optional. Subtitle of the list." }, "title": { "type": "string", "description": "Optional. The overall title of the list." } }, "type": "object", "required": [ "items" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageListSelectItem": { "description": "An item in the list.", "properties": { "description": { "type": "string", "description": "Optional. The main text describing the item." }, "image": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageImage", "description": "Optional. The image to display." }, "info": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageSelectItemInfo", "description": "Additional information about this option." }, "title": { "type": "string", "description": "The title of the list item." } }, "type": "object", "required": [ "info", "title" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageListSelectItemResponse": { "description": "An item in the list.", "properties": { "description": { "type": "string", "description": "Optional. The main text describing the item." }, "image": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageImageResponse", "description": "Optional. The image to display." }, "info": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageSelectItemInfoResponse", "description": "Additional information about this option." }, "title": { "type": "string", "description": "The title of the list item." } }, "type": "object", "required": [ "description", "image", "info", "title" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageListSelectResponse": { "description": "The card for presenting a list of options to select from.", "properties": { "items": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageListSelectItemResponse" }, "description": "List items." }, "subtitle": { "type": "string", "description": "Optional. Subtitle of the list." }, "title": { "type": "string", "description": "Optional. The overall title of the list." } }, "type": "object", "required": [ "items", "subtitle", "title" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageMediaContent": { "description": "The media content card for Actions on Google.", "properties": { "mediaObjects": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageMediaContentResponseMediaObject" }, "description": "List of media objects." }, "mediaType": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageMediaContentMediaType", "description": "Optional. What type of media is the content (ie \"audio\")." } }, "type": "object", "required": [ "mediaObjects" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageMediaContentMediaType": { "description": "Optional. What type of media is the content (ie \"audio\").", "type": "string", "enum": [ { "name": "ResponseMediaTypeUnspecified", "description": "Unspecified.", "value": "RESPONSE_MEDIA_TYPE_UNSPECIFIED" }, { "name": "Audio", "description": "Response media type is audio.", "value": "AUDIO" } ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageMediaContentResponse": { "description": "The media content card for Actions on Google.", "properties": { "mediaObjects": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageMediaContentResponseMediaObjectResponse" }, "description": "List of media objects." }, "mediaType": { "type": "string", "description": "Optional. What type of media is the content (ie \"audio\")." } }, "type": "object", "required": [ "mediaObjects", "mediaType" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageMediaContentResponseMediaObject": { "description": "Response media object for media content card.", "properties": { "contentUrl": { "type": "string", "description": "Url where the media is stored." }, "description": { "type": "string", "description": "Optional. Description of media card." }, "icon": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageImage", "description": "Optional. Icon to display above media content." }, "largeImage": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageImage", "description": "Optional. Image to display above media content." }, "name": { "type": "string", "description": "Name of media card." } }, "type": "object", "required": [ "contentUrl", "name" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageMediaContentResponseMediaObjectResponse": { "description": "Response media object for media content card.", "properties": { "contentUrl": { "type": "string", "description": "Url where the media is stored." }, "description": { "type": "string", "description": "Optional. Description of media card." }, "icon": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageImageResponse", "description": "Optional. Icon to display above media content." }, "largeImage": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageImageResponse", "description": "Optional. Image to display above media content." }, "name": { "type": "string", "description": "Name of media card." } }, "type": "object", "required": [ "contentUrl", "description", "icon", "largeImage", "name" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessagePlatform": { "description": "Optional. The platform that this message is intended for.", "type": "string", "enum": [ { "name": "PlatformUnspecified", "description": "Default platform.", "value": "PLATFORM_UNSPECIFIED" }, { "name": "Facebook", "description": "Facebook.", "value": "FACEBOOK" }, { "name": "Slack", "description": "Slack.", "value": "SLACK" }, { "name": "Telegram", "description": "Telegram.", "value": "TELEGRAM" }, { "name": "Kik", "description": "Kik.", "value": "KIK" }, { "name": "Skype", "description": "Skype.", "value": "SKYPE" }, { "name": "Line", "description": "Line.", "value": "LINE" }, { "name": "Viber", "description": "Viber.", "value": "VIBER" }, { "name": "ActionsOnGoogle", "description": "Google Assistant See [Dialogflow webhook format](https://developers.google.com/assistant/actions/build/json/dialogflow-webhook-json)", "value": "ACTIONS_ON_GOOGLE" }, { "name": "GoogleHangouts", "description": "Google Hangouts.", "value": "GOOGLE_HANGOUTS" } ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageQuickReplies": { "description": "The quick replies response message.", "properties": { "quickReplies": { "type": "array", "items": { "type": "string" }, "description": "Optional. The collection of quick replies." }, "title": { "type": "string", "description": "Optional. The title of the collection of quick replies." } }, "type": "object" }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageQuickRepliesResponse": { "description": "The quick replies response message.", "properties": { "quickReplies": { "type": "array", "items": { "type": "string" }, "description": "Optional. The collection of quick replies." }, "title": { "type": "string", "description": "Optional. The title of the collection of quick replies." } }, "type": "object", "required": [ "quickReplies", "title" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageResponse": { "description": "A rich response message. Corresponds to the intent `Response` field in the Dialogflow console. For more information, see [Rich response messages](https://cloud.google.com/dialogflow/docs/intents-rich-messages).", "properties": { "basicCard": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageBasicCardResponse", "description": "The basic card response for Actions on Google." }, "browseCarouselCard": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageBrowseCarouselCardResponse", "description": "Browse carousel card for Actions on Google." }, "card": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageCardResponse", "description": "The card response." }, "carouselSelect": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageCarouselSelectResponse", "description": "The carousel card response for Actions on Google." }, "image": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageImageResponse", "description": "The image response." }, "linkOutSuggestion": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageLinkOutSuggestionResponse", "description": "The link out suggestion chip for Actions on Google." }, "listSelect": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageListSelectResponse", "description": "The list card response for Actions on Google." }, "mediaContent": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageMediaContentResponse", "description": "The media content card for Actions on Google." }, "payload": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A custom platform-specific response." }, "platform": { "type": "string", "description": "Optional. The platform that this message is intended for." }, "quickReplies": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageQuickRepliesResponse", "description": "The quick replies response." }, "simpleResponses": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageSimpleResponsesResponse", "description": "The voice and text-only responses for Actions on Google." }, "suggestions": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageSuggestionsResponse", "description": "The suggestion chips for Actions on Google." }, "tableCard": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageTableCardResponse", "description": "Table card for Actions on Google." }, "text": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageTextResponse", "description": "The text response." } }, "type": "object", "required": [ "basicCard", "browseCarouselCard", "card", "carouselSelect", "image", "linkOutSuggestion", "listSelect", "mediaContent", "payload", "platform", "quickReplies", "simpleResponses", "suggestions", "tableCard", "text" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageSelectItemInfo": { "description": "Additional info about the select item for when it is triggered in a dialog.", "properties": { "key": { "type": "string", "description": "A unique key that will be sent back to the agent if this response is given." }, "synonyms": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of synonyms that can also be used to trigger this item in dialog." } }, "type": "object", "required": [ "key" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageSelectItemInfoResponse": { "description": "Additional info about the select item for when it is triggered in a dialog.", "properties": { "key": { "type": "string", "description": "A unique key that will be sent back to the agent if this response is given." }, "synonyms": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of synonyms that can also be used to trigger this item in dialog." } }, "type": "object", "required": [ "key", "synonyms" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageSimpleResponse": { "description": "The simple response message containing speech or text.", "properties": { "displayText": { "type": "string", "description": "Optional. The text to display." }, "ssml": { "type": "string", "description": "One of text_to_speech or ssml must be provided. Structured spoken response to the user in the SSML format. Mutually exclusive with text_to_speech." }, "textToSpeech": { "type": "string", "description": "One of text_to_speech or ssml must be provided. The plain text of the speech output. Mutually exclusive with ssml." } }, "type": "object" }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageSimpleResponseResponse": { "description": "The simple response message containing speech or text.", "properties": { "displayText": { "type": "string", "description": "Optional. The text to display." }, "ssml": { "type": "string", "description": "One of text_to_speech or ssml must be provided. Structured spoken response to the user in the SSML format. Mutually exclusive with text_to_speech." }, "textToSpeech": { "type": "string", "description": "One of text_to_speech or ssml must be provided. The plain text of the speech output. Mutually exclusive with ssml." } }, "type": "object", "required": [ "displayText", "ssml", "textToSpeech" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageSimpleResponses": { "description": "The collection of simple response candidates. This message in `QueryResult.fulfillment_messages` and `WebhookResponse.fulfillment_messages` should contain only one `SimpleResponse`.", "properties": { "simpleResponses": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageSimpleResponse" }, "description": "The list of simple responses." } }, "type": "object", "required": [ "simpleResponses" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageSimpleResponsesResponse": { "description": "The collection of simple response candidates. This message in `QueryResult.fulfillment_messages` and `WebhookResponse.fulfillment_messages` should contain only one `SimpleResponse`.", "properties": { "simpleResponses": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageSimpleResponseResponse" }, "description": "The list of simple responses." } }, "type": "object", "required": [ "simpleResponses" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageSuggestion": { "description": "The suggestion chip message that the user can tap to quickly post a reply to the conversation.", "properties": { "title": { "type": "string", "description": "The text shown the in the suggestion chip." } }, "type": "object", "required": [ "title" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageSuggestionResponse": { "description": "The suggestion chip message that the user can tap to quickly post a reply to the conversation.", "properties": { "title": { "type": "string", "description": "The text shown the in the suggestion chip." } }, "type": "object", "required": [ "title" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageSuggestions": { "description": "The collection of suggestions.", "properties": { "suggestions": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageSuggestion" }, "description": "The list of suggested replies." } }, "type": "object", "required": [ "suggestions" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageSuggestionsResponse": { "description": "The collection of suggestions.", "properties": { "suggestions": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageSuggestionResponse" }, "description": "The list of suggested replies." } }, "type": "object", "required": [ "suggestions" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageTableCard": { "description": "Table card for Actions on Google.", "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageBasicCardButton" }, "description": "Optional. List of buttons for the card." }, "columnProperties": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageColumnProperties" }, "description": "Optional. Display properties for the columns in this table." }, "image": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageImage", "description": "Optional. Image which should be displayed on the card." }, "rows": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageTableCardRow" }, "description": "Optional. Rows in this table of data." }, "subtitle": { "type": "string", "description": "Optional. Subtitle to the title." }, "title": { "type": "string", "description": "Title of the card." } }, "type": "object", "required": [ "title" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageTableCardCell": { "description": "Cell of TableCardRow.", "properties": { "text": { "type": "string", "description": "Text in this cell." } }, "type": "object", "required": [ "text" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageTableCardCellResponse": { "description": "Cell of TableCardRow.", "properties": { "text": { "type": "string", "description": "Text in this cell." } }, "type": "object", "required": [ "text" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageTableCardResponse": { "description": "Table card for Actions on Google.", "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageBasicCardButtonResponse" }, "description": "Optional. List of buttons for the card." }, "columnProperties": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageColumnPropertiesResponse" }, "description": "Optional. Display properties for the columns in this table." }, "image": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageImageResponse", "description": "Optional. Image which should be displayed on the card." }, "rows": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageTableCardRowResponse" }, "description": "Optional. Rows in this table of data." }, "subtitle": { "type": "string", "description": "Optional. Subtitle to the title." }, "title": { "type": "string", "description": "Title of the card." } }, "type": "object", "required": [ "buttons", "columnProperties", "image", "rows", "subtitle", "title" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageTableCardRow": { "description": "Row of TableCard.", "properties": { "cells": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageTableCardCell" }, "description": "Optional. List of cells that make up this row." }, "dividerAfter": { "type": "boolean", "description": "Optional. Whether to add a visual divider after this row." } }, "type": "object" }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageTableCardRowResponse": { "description": "Row of TableCard.", "properties": { "cells": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentMessageTableCardCellResponse" }, "description": "Optional. List of cells that make up this row." }, "dividerAfter": { "type": "boolean", "description": "Optional. Whether to add a visual divider after this row." } }, "type": "object", "required": [ "cells", "dividerAfter" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageText": { "description": "The text response message.", "properties": { "text": { "type": "array", "items": { "type": "string" }, "description": "Optional. The collection of the agent's responses." } }, "type": "object" }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentMessageTextResponse": { "description": "The text response message.", "properties": { "text": { "type": "array", "items": { "type": "string" }, "description": "Optional. The collection of the agent's responses." } }, "type": "object", "required": [ "text" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentParameter": { "description": "Represents intent parameters.", "properties": { "defaultValue": { "type": "string", "description": "Optional. The default value to use when the `value` yields an empty result. Default values can be extracted from contexts by using the following syntax: `#context_name.parameter_name`." }, "displayName": { "type": "string", "description": "The name of the parameter." }, "entityTypeDisplayName": { "type": "string", "description": "Optional. The name of the entity type, prefixed with `@`, that describes values of the parameter. If the parameter is required, this must be provided." }, "isList": { "type": "boolean", "description": "Optional. Indicates whether the parameter represents a list of values." }, "mandatory": { "type": "boolean", "description": "Optional. Indicates whether the parameter is required. That is, whether the intent cannot be completed without collecting the parameter value." }, "name": { "type": "string", "description": "The unique identifier of this parameter." }, "prompts": { "type": "array", "items": { "type": "string" }, "description": "Optional. The collection of prompts that the agent can present to the user in order to collect a value for the parameter." }, "value": { "type": "string", "description": "Optional. The definition of the parameter value. It can be: - a constant string, - a parameter value defined as `$parameter_name`, - an original parameter value defined as `$parameter_name.original`, - a parameter value from some context defined as `#context_name.parameter_name`." } }, "type": "object", "required": [ "displayName" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentParameterResponse": { "description": "Represents intent parameters.", "properties": { "defaultValue": { "type": "string", "description": "Optional. The default value to use when the `value` yields an empty result. Default values can be extracted from contexts by using the following syntax: `#context_name.parameter_name`." }, "displayName": { "type": "string", "description": "The name of the parameter." }, "entityTypeDisplayName": { "type": "string", "description": "Optional. The name of the entity type, prefixed with `@`, that describes values of the parameter. If the parameter is required, this must be provided." }, "isList": { "type": "boolean", "description": "Optional. Indicates whether the parameter represents a list of values." }, "mandatory": { "type": "boolean", "description": "Optional. Indicates whether the parameter is required. That is, whether the intent cannot be completed without collecting the parameter value." }, "name": { "type": "string", "description": "The unique identifier of this parameter." }, "prompts": { "type": "array", "items": { "type": "string" }, "description": "Optional. The collection of prompts that the agent can present to the user in order to collect a value for the parameter." }, "value": { "type": "string", "description": "Optional. The definition of the parameter value. It can be: - a constant string, - a parameter value defined as `$parameter_name`, - an original parameter value defined as `$parameter_name.original`, - a parameter value from some context defined as `#context_name.parameter_name`." } }, "type": "object", "required": [ "defaultValue", "displayName", "entityTypeDisplayName", "isList", "mandatory", "name", "prompts", "value" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentTrainingPhrase": { "description": "Represents an example that the agent is trained on.", "properties": { "parts": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentTrainingPhrasePart" }, "description": "The ordered list of training phrase parts. The parts are concatenated in order to form the training phrase. Note: The API does not automatically annotate training phrases like the Dialogflow Console does. Note: Do not forget to include whitespace at part boundaries, so the training phrase is well formatted when the parts are concatenated. If the training phrase does not need to be annotated with parameters, you just need a single part with only the Part.text field set. If you want to annotate the training phrase, you must create multiple parts, where the fields of each part are populated in one of two ways: - `Part.text` is set to a part of the phrase that has no parameters. - `Part.text` is set to a part of the phrase that you want to annotate, and the `entity_type`, `alias`, and `user_defined` fields are all set." }, "timesAddedCount": { "type": "integer", "description": "Optional. Indicates how many times this example was added to the intent. Each time a developer adds an existing sample by editing an intent or training, this counter is increased." }, "type": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentTrainingPhraseType", "description": "The type of the training phrase." } }, "type": "object", "required": [ "parts", "type" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentTrainingPhrasePart": { "description": "Represents a part of a training phrase.", "properties": { "alias": { "type": "string", "description": "Optional. The parameter name for the value extracted from the annotated part of the example. This field is required for annotated parts of the training phrase." }, "entityType": { "type": "string", "description": "Optional. The entity type name prefixed with `@`. This field is required for annotated parts of the training phrase." }, "text": { "type": "string", "description": "The text for this part." }, "userDefined": { "type": "boolean", "description": "Optional. Indicates whether the text was manually annotated. This field is set to true when the Dialogflow Console is used to manually annotate the part. When creating an annotated part with the API, you must set this to true." } }, "type": "object", "required": [ "text" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentTrainingPhrasePartResponse": { "description": "Represents a part of a training phrase.", "properties": { "alias": { "type": "string", "description": "Optional. The parameter name for the value extracted from the annotated part of the example. This field is required for annotated parts of the training phrase." }, "entityType": { "type": "string", "description": "Optional. The entity type name prefixed with `@`. This field is required for annotated parts of the training phrase." }, "text": { "type": "string", "description": "The text for this part." }, "userDefined": { "type": "boolean", "description": "Optional. Indicates whether the text was manually annotated. This field is set to true when the Dialogflow Console is used to manually annotate the part. When creating an annotated part with the API, you must set this to true." } }, "type": "object", "required": [ "alias", "entityType", "text", "userDefined" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentTrainingPhraseResponse": { "description": "Represents an example that the agent is trained on.", "properties": { "name": { "type": "string", "description": "The unique identifier of this training phrase." }, "parts": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2IntentTrainingPhrasePartResponse" }, "description": "The ordered list of training phrase parts. The parts are concatenated in order to form the training phrase. Note: The API does not automatically annotate training phrases like the Dialogflow Console does. Note: Do not forget to include whitespace at part boundaries, so the training phrase is well formatted when the parts are concatenated. If the training phrase does not need to be annotated with parameters, you just need a single part with only the Part.text field set. If you want to annotate the training phrase, you must create multiple parts, where the fields of each part are populated in one of two ways: - `Part.text` is set to a part of the phrase that has no parameters. - `Part.text` is set to a part of the phrase that you want to annotate, and the `entity_type`, `alias`, and `user_defined` fields are all set." }, "timesAddedCount": { "type": "integer", "description": "Optional. Indicates how many times this example was added to the intent. Each time a developer adds an existing sample by editing an intent or training, this counter is increased." }, "type": { "type": "string", "description": "The type of the training phrase." } }, "type": "object", "required": [ "name", "parts", "timesAddedCount", "type" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2IntentTrainingPhraseType": { "description": "Required. The type of the training phrase.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Not specified. This value should never be used.", "value": "TYPE_UNSPECIFIED" }, { "name": "Example", "description": "Examples do not contain @-prefixed entity type names, but example parts can be annotated with entity types.", "value": "EXAMPLE" }, { "name": "Template", "description": "Templates are not annotated with entity types, but they can contain @-prefixed entity type names as substrings. Template mode has been deprecated. Example mode is the only supported way to create new training phrases. If you have existing training phrases that you've created in template mode, those will continue to work.", "value": "TEMPLATE" } ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2LoggingConfig": { "description": "Defines logging behavior for conversation lifecycle events.", "properties": { "enableStackdriverLogging": { "type": "boolean", "description": "Whether to log conversation events like CONVERSATION_STARTED to Stackdriver in the conversation project as JSON format ConversationEvent protos." } }, "type": "object" }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2LoggingConfigResponse": { "description": "Defines logging behavior for conversation lifecycle events.", "properties": { "enableStackdriverLogging": { "type": "boolean", "description": "Whether to log conversation events like CONVERSATION_STARTED to Stackdriver in the conversation project as JSON format ConversationEvent protos." } }, "type": "object", "required": [ "enableStackdriverLogging" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2NotificationConfig": { "description": "Defines notification behavior.", "properties": { "messageFormat": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2NotificationConfigMessageFormat", "description": "Format of message." }, "topic": { "type": "string", "description": "Name of the Pub/Sub topic to publish conversation events like CONVERSATION_STARTED as serialized ConversationEvent protos. For telephony integration to receive notification, make sure either this topic is in the same project as the conversation or you grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow Service Agent` role in the topic project. For chat integration to receive notification, make sure API caller has been granted the `Dialogflow Service Agent` role for the topic. Format: `projects//locations//topics/`." } }, "type": "object" }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2NotificationConfigMessageFormat": { "description": "Format of message.", "type": "string", "enum": [ { "name": "MessageFormatUnspecified", "description": "If it is unspecified, PROTO will be used.", "value": "MESSAGE_FORMAT_UNSPECIFIED" }, { "name": "Proto", "description": "Pub/Sub message will be serialized proto.", "value": "PROTO" }, { "name": "Json", "description": "Pub/Sub message will be json.", "value": "JSON" } ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2NotificationConfigResponse": { "description": "Defines notification behavior.", "properties": { "messageFormat": { "type": "string", "description": "Format of message." }, "topic": { "type": "string", "description": "Name of the Pub/Sub topic to publish conversation events like CONVERSATION_STARTED as serialized ConversationEvent protos. For telephony integration to receive notification, make sure either this topic is in the same project as the conversation or you grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow Service Agent` role in the topic project. For chat integration to receive notification, make sure API caller has been granted the `Dialogflow Service Agent` role for the topic. Format: `projects//locations//topics/`." } }, "type": "object", "required": [ "messageFormat", "topic" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2SmartReplyMetricsResponse": { "description": "The evaluation metrics for smart reply model.", "properties": { "allowlistCoverage": { "type": "number", "description": "Percentage of target participant messages in the evaluation dataset for which similar messages have appeared at least once in the allowlist. Should be [0, 1]." }, "conversationCount": { "type": "string", "description": "Total number of conversations used to generate this metric." }, "topNMetrics": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2SmartReplyMetricsTopNMetricsResponse" }, "description": "Metrics of top n smart replies, sorted by TopNMetric.n." } }, "type": "object", "required": [ "allowlistCoverage", "conversationCount", "topNMetrics" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2SmartReplyMetricsTopNMetricsResponse": { "description": "Evaluation metrics when retrieving `n` smart replies with the model.", "properties": { "n": { "type": "integer", "description": "Number of retrieved smart replies. For example, when `n` is 3, this evaluation contains metrics for when Dialogflow retrieves 3 smart replies with the model." }, "recall": { "type": "number", "description": "Defined as `number of queries whose top n smart replies have at least one similar (token match similarity above the defined threshold) reply as the real reply` divided by `number of queries with at least one smart reply`. Value ranges from 0.0 to 1.0 inclusive." } }, "type": "object", "required": [ "n", "recall" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2SmartReplyModelMetadata": { "description": "Metadata for smart reply models.", "properties": { "trainingModelType": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2SmartReplyModelMetadataTrainingModelType", "description": "Optional. Type of the smart reply model. If not provided, model_type is used." } }, "type": "object" }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2SmartReplyModelMetadataResponse": { "description": "Metadata for smart reply models.", "properties": { "trainingModelType": { "type": "string", "description": "Optional. Type of the smart reply model. If not provided, model_type is used." } }, "type": "object", "required": [ "trainingModelType" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2SmartReplyModelMetadataTrainingModelType": { "description": "Optional. Type of the smart reply model. If not provided, model_type is used.", "type": "string", "enum": [ { "name": "ModelTypeUnspecified", "description": "ModelType unspecified.", "value": "MODEL_TYPE_UNSPECIFIED" }, { "name": "SmartReplyDualEncoderModel", "description": "ModelType smart reply dual encoder model.", "value": "SMART_REPLY_DUAL_ENCODER_MODEL" }, { "name": "SmartReplyBertModel", "description": "ModelType smart reply bert model.", "value": "SMART_REPLY_BERT_MODEL" } ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2SpeechToTextConfig": { "description": "Configures speech transcription for ConversationProfile.", "properties": { "model": { "type": "string", "description": "Which Speech model to select. Select the model best suited to your domain to get best results. If a model is not explicitly specified, then a default model is used. Refer to [Cloud Speech API documentation](https://cloud.google.com/speech-to-text/docs/basics#select-model) for more details." }, "speechModelVariant": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2SpeechToTextConfigSpeechModelVariant", "description": "The speech model used in speech to text. `SPEECH_MODEL_VARIANT_UNSPECIFIED`, `USE_BEST_AVAILABLE` will be treated as `USE_ENHANCED`. It can be overridden in AnalyzeContentRequest and StreamingAnalyzeContentRequest request. If enhanced model variant is specified and an enhanced version of the specified model for the language does not exist, then it would emit an error." }, "useTimeoutBasedEndpointing": { "type": "boolean", "description": "Use timeout based endpointing, interpreting endpointer sensitivy as seconds of timeout value." } }, "type": "object" }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2SpeechToTextConfigResponse": { "description": "Configures speech transcription for ConversationProfile.", "properties": { "model": { "type": "string", "description": "Which Speech model to select. Select the model best suited to your domain to get best results. If a model is not explicitly specified, then a default model is used. Refer to [Cloud Speech API documentation](https://cloud.google.com/speech-to-text/docs/basics#select-model) for more details." }, "speechModelVariant": { "type": "string", "description": "The speech model used in speech to text. `SPEECH_MODEL_VARIANT_UNSPECIFIED`, `USE_BEST_AVAILABLE` will be treated as `USE_ENHANCED`. It can be overridden in AnalyzeContentRequest and StreamingAnalyzeContentRequest request. If enhanced model variant is specified and an enhanced version of the specified model for the language does not exist, then it would emit an error." }, "useTimeoutBasedEndpointing": { "type": "boolean", "description": "Use timeout based endpointing, interpreting endpointer sensitivy as seconds of timeout value." } }, "type": "object", "required": [ "model", "speechModelVariant", "useTimeoutBasedEndpointing" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2SpeechToTextConfigSpeechModelVariant": { "description": "The speech model used in speech to text. `SPEECH_MODEL_VARIANT_UNSPECIFIED`, `USE_BEST_AVAILABLE` will be treated as `USE_ENHANCED`. It can be overridden in AnalyzeContentRequest and StreamingAnalyzeContentRequest request. If enhanced model variant is specified and an enhanced version of the specified model for the language does not exist, then it would emit an error.", "type": "string", "enum": [ { "name": "SpeechModelVariantUnspecified", "description": "No model variant specified. In this case Dialogflow defaults to USE_BEST_AVAILABLE.", "value": "SPEECH_MODEL_VARIANT_UNSPECIFIED" }, { "name": "UseBestAvailable", "description": "Use the best available variant of the Speech model that the caller is eligible for. Please see the [Dialogflow docs](https://cloud.google.com/dialogflow/docs/data-logging) for how to make your project eligible for enhanced models.", "value": "USE_BEST_AVAILABLE" }, { "name": "UseStandard", "description": "Use standard model variant even if an enhanced model is available. See the [Cloud Speech documentation](https://cloud.google.com/speech-to-text/docs/enhanced-models) for details about enhanced models.", "value": "USE_STANDARD" }, { "name": "UseEnhanced", "description": "Use an enhanced model variant: * If an enhanced variant does not exist for the given model and request language, Dialogflow falls back to the standard variant. The [Cloud Speech documentation](https://cloud.google.com/speech-to-text/docs/enhanced-models) describes which models have enhanced variants. * If the API caller isn't eligible for enhanced models, Dialogflow returns an error. Please see the [Dialogflow docs](https://cloud.google.com/dialogflow/docs/data-logging) for how to make your project eligible.", "value": "USE_ENHANCED" } ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2SuggestionFeature": { "description": "The type of Human Agent Assistant API suggestion to perform, and the maximum number of results to return for that type. Multiple `Feature` objects can be specified in the `features` list.", "properties": { "type": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2SuggestionFeatureType", "description": "Type of Human Agent Assistant API feature to request." } }, "type": "object" }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2SuggestionFeatureResponse": { "description": "The type of Human Agent Assistant API suggestion to perform, and the maximum number of results to return for that type. Multiple `Feature` objects can be specified in the `features` list.", "properties": { "type": { "type": "string", "description": "Type of Human Agent Assistant API feature to request." } }, "type": "object", "required": [ "type" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2SuggestionFeatureType": { "description": "Type of Human Agent Assistant API feature to request.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Unspecified feature type.", "value": "TYPE_UNSPECIFIED" }, { "name": "ArticleSuggestion", "description": "Run article suggestion model for chat.", "value": "ARTICLE_SUGGESTION" }, { "name": "Faq", "description": "Run FAQ model for chat.", "value": "FAQ" }, { "name": "SmartReply", "description": "Run smart reply model for chat.", "value": "SMART_REPLY" }, { "name": "KnowledgeSearch", "description": "Run knowledge search with text input from agent or text generated query.", "value": "KNOWLEDGE_SEARCH" } ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2SynthesizeSpeechConfig": { "description": "Configuration of how speech should be synthesized.", "properties": { "effectsProfileId": { "type": "array", "items": { "type": "string" }, "description": "Optional. An identifier which selects 'audio effects' profiles that are applied on (post synthesized) text to speech. Effects are applied on top of each other in the order they are given." }, "pitch": { "type": "number", "description": "Optional. Speaking pitch, in the range [-20.0, 20.0]. 20 means increase 20 semitones from the original pitch. -20 means decrease 20 semitones from the original pitch." }, "speakingRate": { "type": "number", "description": "Optional. Speaking rate/speed, in the range [0.25, 4.0]. 1.0 is the normal native speed supported by the specific voice. 2.0 is twice as fast, and 0.5 is half as fast. If unset(0.0), defaults to the native 1.0 speed. Any other values < 0.25 or > 4.0 will return an error." }, "voice": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2VoiceSelectionParams", "description": "Optional. The desired voice of the synthesized audio." }, "volumeGainDb": { "type": "number", "description": "Optional. Volume gain (in dB) of the normal native volume supported by the specific voice, in the range [-96.0, 16.0]. If unset, or set to a value of 0.0 (dB), will play at normal native signal amplitude. A value of -6.0 (dB) will play at approximately half the amplitude of the normal native signal amplitude. A value of +6.0 (dB) will play at approximately twice the amplitude of the normal native signal amplitude. We strongly recommend not to exceed +10 (dB) as there's usually no effective increase in loudness for any value greater than that." } }, "type": "object" }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2SynthesizeSpeechConfigResponse": { "description": "Configuration of how speech should be synthesized.", "properties": { "effectsProfileId": { "type": "array", "items": { "type": "string" }, "description": "Optional. An identifier which selects 'audio effects' profiles that are applied on (post synthesized) text to speech. Effects are applied on top of each other in the order they are given." }, "pitch": { "type": "number", "description": "Optional. Speaking pitch, in the range [-20.0, 20.0]. 20 means increase 20 semitones from the original pitch. -20 means decrease 20 semitones from the original pitch." }, "speakingRate": { "type": "number", "description": "Optional. Speaking rate/speed, in the range [0.25, 4.0]. 1.0 is the normal native speed supported by the specific voice. 2.0 is twice as fast, and 0.5 is half as fast. If unset(0.0), defaults to the native 1.0 speed. Any other values < 0.25 or > 4.0 will return an error." }, "voice": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2VoiceSelectionParamsResponse", "description": "Optional. The desired voice of the synthesized audio." }, "volumeGainDb": { "type": "number", "description": "Optional. Volume gain (in dB) of the normal native volume supported by the specific voice, in the range [-96.0, 16.0]. If unset, or set to a value of 0.0 (dB), will play at normal native signal amplitude. A value of -6.0 (dB) will play at approximately half the amplitude of the normal native signal amplitude. A value of +6.0 (dB) will play at approximately twice the amplitude of the normal native signal amplitude. We strongly recommend not to exceed +10 (dB) as there's usually no effective increase in loudness for any value greater than that." } }, "type": "object", "required": [ "effectsProfileId", "pitch", "speakingRate", "voice", "volumeGainDb" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2TextToSpeechSettings": { "description": "Instructs the speech synthesizer on how to generate the output audio content.", "properties": { "enableTextToSpeech": { "type": "boolean", "description": "Optional. Indicates whether text to speech is enabled. Even when this field is false, other settings in this proto are still retained." }, "outputAudioEncoding": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2TextToSpeechSettingsOutputAudioEncoding", "description": "Audio encoding of the synthesized audio content." }, "sampleRateHertz": { "type": "integer", "description": "Optional. The synthesis sample rate (in hertz) for this audio. If not provided, then the synthesizer will use the default sample rate based on the audio encoding. If this is different from the voice's natural sample rate, then the synthesizer will honor this request by converting to the desired sample rate (which might result in worse audio quality)." }, "synthesizeSpeechConfigs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Configuration of how speech should be synthesized, mapping from language (https://cloud.google.com/dialogflow/docs/reference/language) to SynthesizeSpeechConfig." } }, "type": "object", "required": [ "outputAudioEncoding" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2TextToSpeechSettingsOutputAudioEncoding": { "description": "Required. Audio encoding of the synthesized audio content.", "type": "string", "enum": [ { "name": "OutputAudioEncodingUnspecified", "description": "Not specified.", "value": "OUTPUT_AUDIO_ENCODING_UNSPECIFIED" }, { "name": "OutputAudioEncodingLinear16", "description": "Uncompressed 16-bit signed little-endian samples (Linear PCM). Audio content returned as LINEAR16 also contains a WAV header.", "value": "OUTPUT_AUDIO_ENCODING_LINEAR_16" }, { "name": "OutputAudioEncodingMp3", "description": "MP3 audio at 32kbps.", "value": "OUTPUT_AUDIO_ENCODING_MP3" }, { "name": "OutputAudioEncodingMp364Kbps", "description": "MP3 audio at 64kbps.", "value": "OUTPUT_AUDIO_ENCODING_MP3_64_KBPS" }, { "name": "OutputAudioEncodingOggOpus", "description": "Opus encoded audio wrapped in an ogg container. The result will be a file which can be played natively on Android, and in browsers (at least Chrome and Firefox). The quality of the encoding is considerably higher than MP3 while using approximately the same bitrate.", "value": "OUTPUT_AUDIO_ENCODING_OGG_OPUS" }, { "name": "OutputAudioEncodingMulaw", "description": "8-bit samples that compand 14-bit audio samples using G.711 PCMU/mu-law.", "value": "OUTPUT_AUDIO_ENCODING_MULAW" } ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2TextToSpeechSettingsResponse": { "description": "Instructs the speech synthesizer on how to generate the output audio content.", "properties": { "enableTextToSpeech": { "type": "boolean", "description": "Optional. Indicates whether text to speech is enabled. Even when this field is false, other settings in this proto are still retained." }, "outputAudioEncoding": { "type": "string", "description": "Audio encoding of the synthesized audio content." }, "sampleRateHertz": { "type": "integer", "description": "Optional. The synthesis sample rate (in hertz) for this audio. If not provided, then the synthesizer will use the default sample rate based on the audio encoding. If this is different from the voice's natural sample rate, then the synthesizer will honor this request by converting to the desired sample rate (which might result in worse audio quality)." }, "synthesizeSpeechConfigs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Configuration of how speech should be synthesized, mapping from language (https://cloud.google.com/dialogflow/docs/reference/language) to SynthesizeSpeechConfig." } }, "type": "object", "required": [ "enableTextToSpeech", "outputAudioEncoding", "sampleRateHertz", "synthesizeSpeechConfigs" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2VoiceSelectionParams": { "description": "Description of which voice to use for speech synthesis.", "properties": { "name": { "type": "string", "description": "Optional. The name of the voice. If not set, the service will choose a voice based on the other parameters such as language_code and ssml_gender." }, "ssmlGender": { "$ref": "#/types/google-native:dialogflow%2Fv2:GoogleCloudDialogflowV2VoiceSelectionParamsSsmlGender", "description": "Optional. The preferred gender of the voice. If not set, the service will choose a voice based on the other parameters such as language_code and name. Note that this is only a preference, not requirement. If a voice of the appropriate gender is not available, the synthesizer should substitute a voice with a different gender rather than failing the request." } }, "type": "object" }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2VoiceSelectionParamsResponse": { "description": "Description of which voice to use for speech synthesis.", "properties": { "name": { "type": "string", "description": "Optional. The name of the voice. If not set, the service will choose a voice based on the other parameters such as language_code and ssml_gender." }, "ssmlGender": { "type": "string", "description": "Optional. The preferred gender of the voice. If not set, the service will choose a voice based on the other parameters such as language_code and name. Note that this is only a preference, not requirement. If a voice of the appropriate gender is not available, the synthesizer should substitute a voice with a different gender rather than failing the request." } }, "type": "object", "required": [ "name", "ssmlGender" ] }, "google-native:dialogflow/v2:GoogleCloudDialogflowV2VoiceSelectionParamsSsmlGender": { "description": "Optional. The preferred gender of the voice. If not set, the service will choose a voice based on the other parameters such as language_code and name. Note that this is only a preference, not requirement. If a voice of the appropriate gender is not available, the synthesizer should substitute a voice with a different gender rather than failing the request.", "type": "string", "enum": [ { "name": "SsmlVoiceGenderUnspecified", "description": "An unspecified gender, which means that the client doesn't care which gender the selected voice will have.", "value": "SSML_VOICE_GENDER_UNSPECIFIED" }, { "name": "SsmlVoiceGenderMale", "description": "A male voice.", "value": "SSML_VOICE_GENDER_MALE" }, { "name": "SsmlVoiceGenderFemale", "description": "A female voice.", "value": "SSML_VOICE_GENDER_FEMALE" }, { "name": "SsmlVoiceGenderNeutral", "description": "A gender-neutral voice.", "value": "SSML_VOICE_GENDER_NEUTRAL" } ] }, "google-native:dialogflow/v2:GoogleRpcStatusResponse": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object", "required": [ "code", "details", "message" ] }, "google-native:dialogflow/v2:IntentDefaultResponsePlatformsItem": { "type": "string", "enum": [ { "name": "PlatformUnspecified", "description": "Default platform.", "value": "PLATFORM_UNSPECIFIED" }, { "name": "Facebook", "description": "Facebook.", "value": "FACEBOOK" }, { "name": "Slack", "description": "Slack.", "value": "SLACK" }, { "name": "Telegram", "description": "Telegram.", "value": "TELEGRAM" }, { "name": "Kik", "description": "Kik.", "value": "KIK" }, { "name": "Skype", "description": "Skype.", "value": "SKYPE" }, { "name": "Line", "description": "Line.", "value": "LINE" }, { "name": "Viber", "description": "Viber.", "value": "VIBER" }, { "name": "ActionsOnGoogle", "description": "Google Assistant See [Dialogflow webhook format](https://developers.google.com/assistant/actions/build/json/dialogflow-webhook-json)", "value": "ACTIONS_ON_GOOGLE" }, { "name": "GoogleHangouts", "description": "Google Hangouts.", "value": "GOOGLE_HANGOUTS" } ] }, "google-native:dialogflow/v2:IntentWebhookState": { "description": "Optional. Indicates whether webhooks are enabled for the intent.", "type": "string", "enum": [ { "name": "WebhookStateUnspecified", "description": "Webhook is disabled in the agent and in the intent.", "value": "WEBHOOK_STATE_UNSPECIFIED" }, { "name": "WebhookStateEnabled", "description": "Webhook is enabled in the agent and in the intent.", "value": "WEBHOOK_STATE_ENABLED" }, { "name": "WebhookStateEnabledForSlotFilling", "description": "Webhook is enabled in the agent and in the intent. Also, each slot filling prompt is forwarded to the webhook.", "value": "WEBHOOK_STATE_ENABLED_FOR_SLOT_FILLING" } ] }, "google-native:dialogflow/v2:ParticipantRole": { "description": "Immutable. The role this participant plays in the conversation. This field must be set during participant creation and is then immutable.", "type": "string", "enum": [ { "name": "RoleUnspecified", "description": "Participant role not set.", "value": "ROLE_UNSPECIFIED" }, { "name": "HumanAgent", "description": "Participant is a human agent.", "value": "HUMAN_AGENT" }, { "name": "AutomatedAgent", "description": "Participant is an automated agent, such as a Dialogflow agent.", "value": "AUTOMATED_AGENT" }, { "name": "EndUser", "description": "Participant is an end user that has called or chatted with Dialogflow services.", "value": "END_USER" } ] }, "google-native:dialogflow/v2:SessionEntityTypeEntityOverrideMode": { "description": "Required. Indicates whether the additional data should override or supplement the custom entity type definition.", "type": "string", "enum": [ { "name": "EntityOverrideModeUnspecified", "description": "Not specified. This value should be never used.", "value": "ENTITY_OVERRIDE_MODE_UNSPECIFIED" }, { "name": "EntityOverrideModeOverride", "description": "The collection of session entities overrides the collection of entities in the corresponding custom entity type.", "value": "ENTITY_OVERRIDE_MODE_OVERRIDE" }, { "name": "EntityOverrideModeSupplement", "description": "The collection of session entities extends the collection of entities in the corresponding custom entity type. Note: Even in this override mode calls to `ListSessionEntityTypes`, `GetSessionEntityType`, `CreateSessionEntityType` and `UpdateSessionEntityType` only return the additional entities added in this session entity type. If you want to get the supplemented list, please call EntityTypes.GetEntityType on the custom entity type and merge.", "value": "ENTITY_OVERRIDE_MODE_SUPPLEMENT" } ] }, "google-native:dialogflow/v2beta1:ConversationConversationStage": { "description": "The stage of a conversation. It indicates whether the virtual agent or a human agent is handling the conversation. If the conversation is created with the conversation profile that has Dialogflow config set, defaults to ConversationStage.VIRTUAL_AGENT_STAGE; Otherwise, defaults to ConversationStage.HUMAN_ASSIST_STAGE. If the conversation is created with the conversation profile that has Dialogflow config set but explicitly sets conversation_stage to ConversationStage.HUMAN_ASSIST_STAGE, it skips ConversationStage.VIRTUAL_AGENT_STAGE stage and directly goes to ConversationStage.HUMAN_ASSIST_STAGE.", "type": "string", "enum": [ { "name": "ConversationStageUnspecified", "description": "Unknown. Should never be used after a conversation is successfully created.", "value": "CONVERSATION_STAGE_UNSPECIFIED" }, { "name": "VirtualAgentStage", "description": "The conversation should return virtual agent responses into the conversation.", "value": "VIRTUAL_AGENT_STAGE" }, { "name": "HumanAssistStage", "description": "The conversation should not provide responses, just listen and provide suggestions.", "value": "HUMAN_ASSIST_STAGE" } ] }, "google-native:dialogflow/v2beta1:DocumentKnowledgeTypesItem": { "type": "string", "enum": [ { "name": "KnowledgeTypeUnspecified", "description": "The type is unspecified or arbitrary.", "value": "KNOWLEDGE_TYPE_UNSPECIFIED" }, { "name": "Faq", "description": "The document content contains question and answer pairs as either HTML or CSV. Typical FAQ HTML formats are parsed accurately, but unusual formats may fail to be parsed. CSV must have questions in the first column and answers in the second, with no header. Because of this explicit format, they are always parsed accurately.", "value": "FAQ" }, { "name": "ExtractiveQa", "description": "Documents for which unstructured text is extracted and used for question answering.", "value": "EXTRACTIVE_QA" }, { "name": "ArticleSuggestion", "description": "The entire document content as a whole can be used for query results. Only for Contact Center Solutions on Dialogflow.", "value": "ARTICLE_SUGGESTION" }, { "name": "AgentFacingSmartReply", "description": "The document contains agent-facing Smart Reply entries.", "value": "AGENT_FACING_SMART_REPLY" }, { "name": "SmartReply", "description": "The legacy enum for agent-facing smart reply feature.", "value": "SMART_REPLY" } ] }, "google-native:dialogflow/v2beta1:EntityTypeAutoExpansionMode": { "description": "Optional. Indicates whether the entity type can be automatically expanded.", "type": "string", "enum": [ { "name": "AutoExpansionModeUnspecified", "description": "Auto expansion disabled for the entity.", "value": "AUTO_EXPANSION_MODE_UNSPECIFIED" }, { "name": "AutoExpansionModeDefault", "description": "Allows an agent to recognize values that have not been explicitly listed in the entity.", "value": "AUTO_EXPANSION_MODE_DEFAULT" } ] }, "google-native:dialogflow/v2beta1:EntityTypeKind": { "description": "Required. Indicates the kind of entity type.", "type": "string", "enum": [ { "name": "KindUnspecified", "description": "Not specified. This value should be never used.", "value": "KIND_UNSPECIFIED" }, { "name": "KindMap", "description": "Map entity types allow mapping of a group of synonyms to a reference value.", "value": "KIND_MAP" }, { "name": "KindList", "description": "List entity types contain a set of entries that do not map to reference values. However, list entity types can contain references to other entity types (with or without aliases).", "value": "KIND_LIST" }, { "name": "KindRegexp", "description": "Regexp entity types allow to specify regular expressions in entries values.", "value": "KIND_REGEXP" } ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1AutomatedAgentConfig": { "description": "Defines the Automated Agent to connect to a conversation.", "properties": { "agent": { "type": "string", "description": "ID of the Dialogflow agent environment to use. This project needs to either be the same project as the conversation or you need to grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow API Service Agent` role in this project. - For ES agents, use format: `projects//locations//agent/environments/`. If environment is not specified, the default `draft` environment is used. Refer to [DetectIntentRequest](/dialogflow/docs/reference/rpc/google.cloud.dialogflow.v2beta1#google.cloud.dialogflow.v2beta1.DetectIntentRequest) for more details. - For CX agents, use format `projects//locations//agents//environments/`. If environment is not specified, the default `draft` environment is used." }, "sessionTtl": { "type": "string", "description": "Optional. Sets Dialogflow CX session life time. By default, a Dialogflow CX session remains active and its data is stored for 30 minutes after the last request is sent for the session. This value should be no longer than 1 day." } }, "type": "object", "required": [ "agent" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1AutomatedAgentConfigResponse": { "description": "Defines the Automated Agent to connect to a conversation.", "properties": { "agent": { "type": "string", "description": "ID of the Dialogflow agent environment to use. This project needs to either be the same project as the conversation or you need to grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow API Service Agent` role in this project. - For ES agents, use format: `projects//locations//agent/environments/`. If environment is not specified, the default `draft` environment is used. Refer to [DetectIntentRequest](/dialogflow/docs/reference/rpc/google.cloud.dialogflow.v2beta1#google.cloud.dialogflow.v2beta1.DetectIntentRequest) for more details. - For CX agents, use format `projects//locations//agents//environments/`. If environment is not specified, the default `draft` environment is used." }, "sessionTtl": { "type": "string", "description": "Optional. Sets Dialogflow CX session life time. By default, a Dialogflow CX session remains active and its data is stored for 30 minutes after the last request is sent for the session. This value should be no longer than 1 day." } }, "type": "object", "required": [ "agent", "sessionTtl" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1Context": { "description": "Dialogflow contexts are similar to natural language context. If a person says to you \"they are orange\", you need context in order to understand what \"they\" is referring to. Similarly, for Dialogflow to handle an end-user expression like that, it needs to be provided with context in order to correctly match an intent. Using contexts, you can control the flow of a conversation. You can configure contexts for an intent by setting input and output contexts, which are identified by string names. When an intent is matched, any configured output contexts for that intent become active. While any contexts are active, Dialogflow is more likely to match intents that are configured with input contexts that correspond to the currently active contexts. For more information about context, see the [Contexts guide](https://cloud.google.com/dialogflow/docs/contexts-overview).", "properties": { "lifespanCount": { "type": "integer", "description": "Optional. The number of conversational query requests after which the context expires. The default is `0`. If set to `0`, the context expires immediately. Contexts expire automatically after 20 minutes if there are no matching queries." }, "name": { "type": "string", "description": "The unique identifier of the context. Supported formats: - `projects//agent/sessions//contexts/`, - `projects//locations//agent/sessions//contexts/`, - `projects//agent/environments//users//sessions//contexts/`, - `projects//locations//agent/environments//users//sessions//contexts/`, The `Context ID` is always converted to lowercase, may only contain characters in `a-zA-Z0-9_-%` and may be at most 250 bytes long. If `Environment ID` is not specified, we assume default 'draft' environment. If `User ID` is not specified, we assume default '-' user. The following context names are reserved for internal use by Dialogflow. You should not use these contexts or create contexts with these names: * `__system_counters__` * `*_id_dialog_context` * `*_dialog_params_size`" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. The collection of parameters associated with this context. Depending on your protocol or client library language, this is a map, associative array, symbol table, dictionary, or JSON object composed of a collection of (MapKey, MapValue) pairs: * MapKey type: string * MapKey value: parameter name * MapValue type: If parameter's entity type is a composite entity then use map, otherwise, depending on the parameter value type, it could be one of string, number, boolean, null, list or map. * MapValue value: If parameter's entity type is a composite entity then use map from composite entity property names to property values, otherwise, use parameter value." } }, "type": "object", "required": [ "name" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1ContextResponse": { "description": "Dialogflow contexts are similar to natural language context. If a person says to you \"they are orange\", you need context in order to understand what \"they\" is referring to. Similarly, for Dialogflow to handle an end-user expression like that, it needs to be provided with context in order to correctly match an intent. Using contexts, you can control the flow of a conversation. You can configure contexts for an intent by setting input and output contexts, which are identified by string names. When an intent is matched, any configured output contexts for that intent become active. While any contexts are active, Dialogflow is more likely to match intents that are configured with input contexts that correspond to the currently active contexts. For more information about context, see the [Contexts guide](https://cloud.google.com/dialogflow/docs/contexts-overview).", "properties": { "lifespanCount": { "type": "integer", "description": "Optional. The number of conversational query requests after which the context expires. The default is `0`. If set to `0`, the context expires immediately. Contexts expire automatically after 20 minutes if there are no matching queries." }, "name": { "type": "string", "description": "The unique identifier of the context. Supported formats: - `projects//agent/sessions//contexts/`, - `projects//locations//agent/sessions//contexts/`, - `projects//agent/environments//users//sessions//contexts/`, - `projects//locations//agent/environments//users//sessions//contexts/`, The `Context ID` is always converted to lowercase, may only contain characters in `a-zA-Z0-9_-%` and may be at most 250 bytes long. If `Environment ID` is not specified, we assume default 'draft' environment. If `User ID` is not specified, we assume default '-' user. The following context names are reserved for internal use by Dialogflow. You should not use these contexts or create contexts with these names: * `__system_counters__` * `*_id_dialog_context` * `*_dialog_params_size`" }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. The collection of parameters associated with this context. Depending on your protocol or client library language, this is a map, associative array, symbol table, dictionary, or JSON object composed of a collection of (MapKey, MapValue) pairs: * MapKey type: string * MapKey value: parameter name * MapValue type: If parameter's entity type is a composite entity then use map, otherwise, depending on the parameter value type, it could be one of string, number, boolean, null, list or map. * MapValue value: If parameter's entity type is a composite entity then use map from composite entity property names to property values, otherwise, use parameter value." } }, "type": "object", "required": [ "lifespanCount", "name", "parameters" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1ConversationPhoneNumberResponse": { "description": "Represents a phone number for telephony integration. It allows for connecting a particular conversation over telephony.", "properties": { "phoneNumber": { "type": "string", "description": "The phone number to connect to this conversation." } }, "type": "object", "required": [ "phoneNumber" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1DocumentReloadStatusResponse": { "description": "The status of a reload attempt.", "properties": { "status": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleRpcStatusResponse", "description": "The status of a reload attempt or the initial load." }, "time": { "type": "string", "description": "The time of a reload attempt. This reload may have been triggered automatically or manually and may not have succeeded." } }, "type": "object", "required": [ "status", "time" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1EntityTypeEntity": { "description": "An **entity entry** for an associated entity type.", "properties": { "synonyms": { "type": "array", "items": { "type": "string" }, "description": "A collection of value synonyms. For example, if the entity type is *vegetable*, and `value` is *scallions*, a synonym could be *green onions*. For `KIND_LIST` entity types: * This collection must contain exactly one synonym equal to `value`." }, "value": { "type": "string", "description": "The primary value associated with this entity entry. For example, if the entity type is *vegetable*, the value could be *scallions*. For `KIND_MAP` entity types: * A reference value to be used in place of synonyms. For `KIND_LIST` entity types: * A string that can contain references to other entity types (with or without aliases)." } }, "type": "object", "required": [ "synonyms", "value" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1EntityTypeEntityResponse": { "description": "An **entity entry** for an associated entity type.", "properties": { "synonyms": { "type": "array", "items": { "type": "string" }, "description": "A collection of value synonyms. For example, if the entity type is *vegetable*, and `value` is *scallions*, a synonym could be *green onions*. For `KIND_LIST` entity types: * This collection must contain exactly one synonym equal to `value`." }, "value": { "type": "string", "description": "The primary value associated with this entity entry. For example, if the entity type is *vegetable*, the value could be *scallions*. For `KIND_MAP` entity types: * A reference value to be used in place of synonyms. For `KIND_LIST` entity types: * A string that can contain references to other entity types (with or without aliases)." } }, "type": "object", "required": [ "synonyms", "value" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1Fulfillment": { "description": "By default, your agent responds to a matched intent with a static response. As an alternative, you can provide a more dynamic response by using fulfillment. When you enable fulfillment for an intent, Dialogflow responds to that intent by calling a service that you define. For example, if an end-user wants to schedule a haircut on Friday, your service can check your database and respond to the end-user with availability information for Friday. For more information, see the [fulfillment guide](https://cloud.google.com/dialogflow/docs/fulfillment-overview).", "properties": { "displayName": { "type": "string", "description": "The human-readable name of the fulfillment, unique within the agent. This field is not used for Fulfillment in an Environment." }, "enabled": { "type": "boolean", "description": "Whether fulfillment is enabled." }, "features": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1FulfillmentFeature" }, "description": "The field defines whether the fulfillment is enabled for certain features." }, "genericWebService": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1FulfillmentGenericWebService", "description": "Configuration for a generic web service." }, "name": { "type": "string", "description": "The unique identifier of the fulfillment. Supported formats: - `projects//agent/fulfillment` - `projects//locations//agent/fulfillment` This field is not used for Fulfillment in an Environment." } }, "type": "object", "required": [ "name" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1FulfillmentFeature": { "description": "Whether fulfillment is enabled for the specific feature.", "properties": { "type": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1FulfillmentFeatureType", "description": "The type of the feature that enabled for fulfillment." } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1FulfillmentFeatureResponse": { "description": "Whether fulfillment is enabled for the specific feature.", "properties": { "type": { "type": "string", "description": "The type of the feature that enabled for fulfillment." } }, "type": "object", "required": [ "type" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1FulfillmentFeatureType": { "description": "The type of the feature that enabled for fulfillment.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Feature type not specified.", "value": "TYPE_UNSPECIFIED" }, { "name": "Smalltalk", "description": "Fulfillment is enabled for SmallTalk.", "value": "SMALLTALK" } ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1FulfillmentGenericWebService": { "description": "Represents configuration for a generic web service. Dialogflow supports two mechanisms for authentications: - Basic authentication with username and password. - Authentication with additional authentication headers. More information could be found at: https://cloud.google.com/dialogflow/docs/fulfillment-configure.", "properties": { "isCloudFunction": { "type": "boolean", "description": "Optional. Indicates if generic web service is created through Cloud Functions integration. Defaults to false. is_cloud_function is deprecated. Cloud functions can be configured by its uri as a regular web service now." }, "password": { "type": "string", "description": "The password for HTTP Basic authentication." }, "requestHeaders": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The HTTP request headers to send together with fulfillment requests." }, "uri": { "type": "string", "description": "The fulfillment URI for receiving POST requests. It must use https protocol." }, "username": { "type": "string", "description": "The user name for HTTP Basic authentication." } }, "type": "object", "required": [ "uri" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1FulfillmentGenericWebServiceResponse": { "description": "Represents configuration for a generic web service. Dialogflow supports two mechanisms for authentications: - Basic authentication with username and password. - Authentication with additional authentication headers. More information could be found at: https://cloud.google.com/dialogflow/docs/fulfillment-configure.", "properties": { "isCloudFunction": { "type": "boolean", "description": "Optional. Indicates if generic web service is created through Cloud Functions integration. Defaults to false. is_cloud_function is deprecated. Cloud functions can be configured by its uri as a regular web service now." }, "password": { "type": "string", "description": "The password for HTTP Basic authentication." }, "requestHeaders": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The HTTP request headers to send together with fulfillment requests." }, "uri": { "type": "string", "description": "The fulfillment URI for receiving POST requests. It must use https protocol." }, "username": { "type": "string", "description": "The user name for HTTP Basic authentication." } }, "type": "object", "required": [ "isCloudFunction", "password", "requestHeaders", "uri", "username" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1FulfillmentResponse": { "description": "By default, your agent responds to a matched intent with a static response. As an alternative, you can provide a more dynamic response by using fulfillment. When you enable fulfillment for an intent, Dialogflow responds to that intent by calling a service that you define. For example, if an end-user wants to schedule a haircut on Friday, your service can check your database and respond to the end-user with availability information for Friday. For more information, see the [fulfillment guide](https://cloud.google.com/dialogflow/docs/fulfillment-overview).", "properties": { "displayName": { "type": "string", "description": "The human-readable name of the fulfillment, unique within the agent. This field is not used for Fulfillment in an Environment." }, "enabled": { "type": "boolean", "description": "Whether fulfillment is enabled." }, "features": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1FulfillmentFeatureResponse" }, "description": "The field defines whether the fulfillment is enabled for certain features." }, "genericWebService": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1FulfillmentGenericWebServiceResponse", "description": "Configuration for a generic web service." }, "name": { "type": "string", "description": "The unique identifier of the fulfillment. Supported formats: - `projects//agent/fulfillment` - `projects//locations//agent/fulfillment` This field is not used for Fulfillment in an Environment." } }, "type": "object", "required": [ "displayName", "enabled", "features", "genericWebService", "name" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfig": { "description": "Defines the Human Agent Assistant to connect to a conversation.", "properties": { "endUserSuggestionConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionConfig", "description": "Configuration for agent assistance of end user participant. Currently, this feature is not general available, please contact Google to get access." }, "humanAgentSuggestionConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionConfig", "description": "Configuration for agent assistance of human agent participant." }, "messageAnalysisConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigMessageAnalysisConfig", "description": "Configuration for message analysis." }, "notificationConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1NotificationConfig", "description": "Pub/Sub topic on which to publish new agent assistant events." } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigConversationModelConfig": { "description": "Custom conversation models used in agent assist feature. Supported feature: ARTICLE_SUGGESTION, SMART_COMPOSE, SMART_REPLY, CONVERSATION_SUMMARIZATION.", "properties": { "baselineModelVersion": { "type": "string", "description": "Version of current baseline model. It will be ignored if model is set. Valid versions are: Article Suggestion baseline model: - 0.9 - 1.0 (default) Summarization baseline model: - 1.0" }, "model": { "type": "string", "description": "Conversation model resource name. Format: `projects//conversationModels/`." } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigConversationModelConfigResponse": { "description": "Custom conversation models used in agent assist feature. Supported feature: ARTICLE_SUGGESTION, SMART_COMPOSE, SMART_REPLY, CONVERSATION_SUMMARIZATION.", "properties": { "baselineModelVersion": { "type": "string", "description": "Version of current baseline model. It will be ignored if model is set. Valid versions are: Article Suggestion baseline model: - 0.9 - 1.0 (default) Summarization baseline model: - 1.0" }, "model": { "type": "string", "description": "Conversation model resource name. Format: `projects//conversationModels/`." } }, "type": "object", "required": [ "baselineModelVersion", "model" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigConversationProcessConfig": { "description": "Config to process conversation.", "properties": { "recentSentencesCount": { "type": "integer", "description": "Number of recent non-small-talk sentences to use as context for article and FAQ suggestion" } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigConversationProcessConfigResponse": { "description": "Config to process conversation.", "properties": { "recentSentencesCount": { "type": "integer", "description": "Number of recent non-small-talk sentences to use as context for article and FAQ suggestion" } }, "type": "object", "required": [ "recentSentencesCount" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigMessageAnalysisConfig": { "description": "Configuration for analyses to run on each conversation message.", "properties": { "enableEntityExtraction": { "type": "boolean", "description": "Enable entity extraction in conversation messages on [agent assist stage](https://cloud.google.com/dialogflow/priv/docs/contact-center/basics#stages). If unspecified, defaults to false. Currently, this feature is not general available, please contact Google to get access." }, "enableSentimentAnalysis": { "type": "boolean", "description": "Enable sentiment analysis in conversation messages on [agent assist stage](https://cloud.google.com/dialogflow/priv/docs/contact-center/basics#stages). If unspecified, defaults to false. Sentiment analysis inspects user input and identifies the prevailing subjective opinion, especially to determine a user's attitude as positive, negative, or neutral: https://cloud.google.com/natural-language/docs/basics#sentiment_analysis For Participants.StreamingAnalyzeContent method, result will be in StreamingAnalyzeContentResponse.message.SentimentAnalysisResult. For Participants.AnalyzeContent method, result will be in AnalyzeContentResponse.message.SentimentAnalysisResult For Conversations.ListMessages method, result will be in ListMessagesResponse.messages.SentimentAnalysisResult If Pub/Sub notification is configured, result will be in ConversationEvent.new_message_payload.SentimentAnalysisResult." } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigMessageAnalysisConfigResponse": { "description": "Configuration for analyses to run on each conversation message.", "properties": { "enableEntityExtraction": { "type": "boolean", "description": "Enable entity extraction in conversation messages on [agent assist stage](https://cloud.google.com/dialogflow/priv/docs/contact-center/basics#stages). If unspecified, defaults to false. Currently, this feature is not general available, please contact Google to get access." }, "enableSentimentAnalysis": { "type": "boolean", "description": "Enable sentiment analysis in conversation messages on [agent assist stage](https://cloud.google.com/dialogflow/priv/docs/contact-center/basics#stages). If unspecified, defaults to false. Sentiment analysis inspects user input and identifies the prevailing subjective opinion, especially to determine a user's attitude as positive, negative, or neutral: https://cloud.google.com/natural-language/docs/basics#sentiment_analysis For Participants.StreamingAnalyzeContent method, result will be in StreamingAnalyzeContentResponse.message.SentimentAnalysisResult. For Participants.AnalyzeContent method, result will be in AnalyzeContentResponse.message.SentimentAnalysisResult For Conversations.ListMessages method, result will be in ListMessagesResponse.messages.SentimentAnalysisResult If Pub/Sub notification is configured, result will be in ConversationEvent.new_message_payload.SentimentAnalysisResult." } }, "type": "object", "required": [ "enableEntityExtraction", "enableSentimentAnalysis" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigResponse": { "description": "Defines the Human Agent Assistant to connect to a conversation.", "properties": { "endUserSuggestionConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionConfigResponse", "description": "Configuration for agent assistance of end user participant. Currently, this feature is not general available, please contact Google to get access." }, "humanAgentSuggestionConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionConfigResponse", "description": "Configuration for agent assistance of human agent participant." }, "messageAnalysisConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigMessageAnalysisConfigResponse", "description": "Configuration for message analysis." }, "notificationConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1NotificationConfigResponse", "description": "Pub/Sub topic on which to publish new agent assistant events." } }, "type": "object", "required": [ "endUserSuggestionConfig", "humanAgentSuggestionConfig", "messageAnalysisConfig", "notificationConfig" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionConfig": { "description": "Detail human agent assistant config.", "properties": { "featureConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionFeatureConfig" }, "description": "Configuration of different suggestion features. One feature can have only one config." }, "groupSuggestionResponses": { "type": "boolean", "description": "If `group_suggestion_responses` is false, and there are multiple `feature_configs` in `event based suggestion` or StreamingAnalyzeContent, we will try to deliver suggestions to customers as soon as we get new suggestion. Different type of suggestions based on the same context will be in separate Pub/Sub event or `StreamingAnalyzeContentResponse`. If `group_suggestion_responses` set to true. All the suggestions to the same participant based on the same context will be grouped into a single Pub/Sub event or StreamingAnalyzeContentResponse." } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionConfigResponse": { "description": "Detail human agent assistant config.", "properties": { "featureConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionFeatureConfigResponse" }, "description": "Configuration of different suggestion features. One feature can have only one config." }, "groupSuggestionResponses": { "type": "boolean", "description": "If `group_suggestion_responses` is false, and there are multiple `feature_configs` in `event based suggestion` or StreamingAnalyzeContent, we will try to deliver suggestions to customers as soon as we get new suggestion. Different type of suggestions based on the same context will be in separate Pub/Sub event or `StreamingAnalyzeContentResponse`. If `group_suggestion_responses` set to true. All the suggestions to the same participant based on the same context will be grouped into a single Pub/Sub event or StreamingAnalyzeContentResponse." } }, "type": "object", "required": [ "featureConfigs", "groupSuggestionResponses" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionFeatureConfig": { "description": "Config for suggestion features.", "properties": { "conversationModelConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigConversationModelConfig", "description": "Configs of custom conversation model." }, "conversationProcessConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigConversationProcessConfig", "description": "Configs for processing conversation." }, "disableAgentQueryLogging": { "type": "boolean", "description": "Optional. Disable the logging of search queries sent by human agents. It can prevent those queries from being stored at answer records. Supported features: KNOWLEDGE_SEARCH." }, "enableEventBasedSuggestion": { "type": "boolean", "description": "Automatically iterates all participants and tries to compile suggestions. Supported features: ARTICLE_SUGGESTION, FAQ, DIALOGFLOW_ASSIST, ENTITY_EXTRACTION, KNOWLEDGE_ASSIST." }, "queryConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionQueryConfig", "description": "Configs of query." }, "suggestionFeature": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1SuggestionFeature", "description": "The suggestion feature." }, "suggestionTriggerSettings": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionTriggerSettings", "description": "Settings of suggestion trigger. Currently, only ARTICLE_SUGGESTION, FAQ, and DIALOGFLOW_ASSIST will use this field." } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionFeatureConfigResponse": { "description": "Config for suggestion features.", "properties": { "conversationModelConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigConversationModelConfigResponse", "description": "Configs of custom conversation model." }, "conversationProcessConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigConversationProcessConfigResponse", "description": "Configs for processing conversation." }, "disableAgentQueryLogging": { "type": "boolean", "description": "Optional. Disable the logging of search queries sent by human agents. It can prevent those queries from being stored at answer records. Supported features: KNOWLEDGE_SEARCH." }, "enableEventBasedSuggestion": { "type": "boolean", "description": "Automatically iterates all participants and tries to compile suggestions. Supported features: ARTICLE_SUGGESTION, FAQ, DIALOGFLOW_ASSIST, ENTITY_EXTRACTION, KNOWLEDGE_ASSIST." }, "queryConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionQueryConfigResponse", "description": "Configs of query." }, "suggestionFeature": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1SuggestionFeatureResponse", "description": "The suggestion feature." }, "suggestionTriggerSettings": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionTriggerSettingsResponse", "description": "Settings of suggestion trigger. Currently, only ARTICLE_SUGGESTION, FAQ, and DIALOGFLOW_ASSIST will use this field." } }, "type": "object", "required": [ "conversationModelConfig", "conversationProcessConfig", "disableAgentQueryLogging", "enableEventBasedSuggestion", "queryConfig", "suggestionFeature", "suggestionTriggerSettings" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionQueryConfig": { "description": "Config for suggestion query.", "properties": { "confidenceThreshold": { "type": "number", "description": "Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it is default to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION, FAQ, SMART_REPLY, SMART_COMPOSE, KNOWLEDGE_SEARCH, KNOWLEDGE_ASSIST, ENTITY_EXTRACTION." }, "contextFilterSettings": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionQueryConfigContextFilterSettings", "description": "Determines how recent conversation context is filtered when generating suggestions. If unspecified, no messages will be dropped." }, "dialogflowQuerySource": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionQueryConfigDialogflowQuerySource", "description": "Query from Dialogflow agent. It is used by DIALOGFLOW_ASSIST, ENTITY_EXTRACTION." }, "documentQuerySource": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionQueryConfigDocumentQuerySource", "description": "Query from knowledge base document. It is used by: SMART_REPLY, SMART_COMPOSE." }, "knowledgeBaseQuerySource": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionQueryConfigKnowledgeBaseQuerySource", "description": "Query from knowledgebase. It is used by: ARTICLE_SUGGESTION, FAQ." }, "maxResults": { "type": "integer", "description": "Maximum number of results to return. Currently, if unset, defaults to 10. And the max number is 20." } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionQueryConfigContextFilterSettings": { "description": "Settings that determine how to filter recent conversation context when generating suggestions.", "properties": { "dropHandoffMessages": { "type": "boolean", "description": "If set to true, the last message from virtual agent (hand off message) and the message before it (trigger message of hand off) are dropped." }, "dropIvrMessages": { "type": "boolean", "description": "If set to true, all messages from ivr stage are dropped." }, "dropVirtualAgentMessages": { "type": "boolean", "description": "If set to true, all messages from virtual agent are dropped." } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionQueryConfigContextFilterSettingsResponse": { "description": "Settings that determine how to filter recent conversation context when generating suggestions.", "properties": { "dropHandoffMessages": { "type": "boolean", "description": "If set to true, the last message from virtual agent (hand off message) and the message before it (trigger message of hand off) are dropped." }, "dropIvrMessages": { "type": "boolean", "description": "If set to true, all messages from ivr stage are dropped." }, "dropVirtualAgentMessages": { "type": "boolean", "description": "If set to true, all messages from virtual agent are dropped." } }, "type": "object", "required": [ "dropHandoffMessages", "dropIvrMessages", "dropVirtualAgentMessages" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionQueryConfigDialogflowQuerySource": { "description": "Dialogflow source setting. Supported feature: DIALOGFLOW_ASSIST, ENTITY_EXTRACTION.", "properties": { "agent": { "type": "string", "description": "The name of a dialogflow virtual agent used for end user side intent detection and suggestion. Format: `projects//locations//agent`. When multiple agents are allowed in the same Dialogflow project." }, "humanAgentSideConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionQueryConfigDialogflowQuerySourceHumanAgentSideConfig", "description": "The Dialogflow assist configuration for human agent." } }, "type": "object", "required": [ "agent" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionQueryConfigDialogflowQuerySourceHumanAgentSideConfig": { "description": "The configuration used for human agent side Dialogflow assist suggestion.", "properties": { "agent": { "type": "string", "description": "Optional. The name of a dialogflow virtual agent used for intent detection and suggestion triggered by human agent. Format: `projects//locations//agent`." } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionQueryConfigDialogflowQuerySourceHumanAgentSideConfigResponse": { "description": "The configuration used for human agent side Dialogflow assist suggestion.", "properties": { "agent": { "type": "string", "description": "Optional. The name of a dialogflow virtual agent used for intent detection and suggestion triggered by human agent. Format: `projects//locations//agent`." } }, "type": "object", "required": [ "agent" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionQueryConfigDialogflowQuerySourceResponse": { "description": "Dialogflow source setting. Supported feature: DIALOGFLOW_ASSIST, ENTITY_EXTRACTION.", "properties": { "agent": { "type": "string", "description": "The name of a dialogflow virtual agent used for end user side intent detection and suggestion. Format: `projects//locations//agent`. When multiple agents are allowed in the same Dialogflow project." }, "humanAgentSideConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionQueryConfigDialogflowQuerySourceHumanAgentSideConfigResponse", "description": "The Dialogflow assist configuration for human agent." } }, "type": "object", "required": [ "agent", "humanAgentSideConfig" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionQueryConfigDocumentQuerySource": { "description": "Document source settings. Supported features: SMART_REPLY, SMART_COMPOSE.", "properties": { "documents": { "type": "array", "items": { "type": "string" }, "description": "Knowledge documents to query from. Format: `projects//locations//knowledgeBases//documents/`. Currently, only one document is supported." } }, "type": "object", "required": [ "documents" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionQueryConfigDocumentQuerySourceResponse": { "description": "Document source settings. Supported features: SMART_REPLY, SMART_COMPOSE.", "properties": { "documents": { "type": "array", "items": { "type": "string" }, "description": "Knowledge documents to query from. Format: `projects//locations//knowledgeBases//documents/`. Currently, only one document is supported." } }, "type": "object", "required": [ "documents" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionQueryConfigKnowledgeBaseQuerySource": { "description": "Knowledge base source settings. Supported features: ARTICLE_SUGGESTION, FAQ.", "properties": { "knowledgeBases": { "type": "array", "items": { "type": "string" }, "description": "Knowledge bases to query. Format: `projects//locations//knowledgeBases/`. Currently, only one knowledge base is supported." } }, "type": "object", "required": [ "knowledgeBases" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionQueryConfigKnowledgeBaseQuerySourceResponse": { "description": "Knowledge base source settings. Supported features: ARTICLE_SUGGESTION, FAQ.", "properties": { "knowledgeBases": { "type": "array", "items": { "type": "string" }, "description": "Knowledge bases to query. Format: `projects//locations//knowledgeBases/`. Currently, only one knowledge base is supported." } }, "type": "object", "required": [ "knowledgeBases" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionQueryConfigResponse": { "description": "Config for suggestion query.", "properties": { "confidenceThreshold": { "type": "number", "description": "Confidence threshold of query result. Agent Assist gives each suggestion a score in the range [0.0, 1.0], based on the relevance between the suggestion and the current conversation context. A score of 0.0 has no relevance, while a score of 1.0 has high relevance. Only suggestions with a score greater than or equal to the value of this field are included in the results. For a baseline model (the default), the recommended value is in the range [0.05, 0.1]. For a custom model, there is no recommended value. Tune this value by starting from a very low value and slowly increasing until you have desired results. If this field is not set, it is default to 0.0, which means that all suggestions are returned. Supported features: ARTICLE_SUGGESTION, FAQ, SMART_REPLY, SMART_COMPOSE, KNOWLEDGE_SEARCH, KNOWLEDGE_ASSIST, ENTITY_EXTRACTION." }, "contextFilterSettings": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionQueryConfigContextFilterSettingsResponse", "description": "Determines how recent conversation context is filtered when generating suggestions. If unspecified, no messages will be dropped." }, "dialogflowQuerySource": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionQueryConfigDialogflowQuerySourceResponse", "description": "Query from Dialogflow agent. It is used by DIALOGFLOW_ASSIST, ENTITY_EXTRACTION." }, "documentQuerySource": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionQueryConfigDocumentQuerySourceResponse", "description": "Query from knowledge base document. It is used by: SMART_REPLY, SMART_COMPOSE." }, "knowledgeBaseQuerySource": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionQueryConfigKnowledgeBaseQuerySourceResponse", "description": "Query from knowledgebase. It is used by: ARTICLE_SUGGESTION, FAQ." }, "maxResults": { "type": "integer", "description": "Maximum number of results to return. Currently, if unset, defaults to 10. And the max number is 20." } }, "type": "object", "required": [ "confidenceThreshold", "contextFilterSettings", "dialogflowQuerySource", "documentQuerySource", "knowledgeBaseQuerySource", "maxResults" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionTriggerSettings": { "description": "Settings of suggestion trigger.", "properties": { "noSmallTalk": { "type": "boolean", "description": "Do not trigger if last utterance is small talk." }, "onlyEndUser": { "type": "boolean", "description": "Only trigger suggestion if participant role of last utterance is END_USER." } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentAssistantConfigSuggestionTriggerSettingsResponse": { "description": "Settings of suggestion trigger.", "properties": { "noSmallTalk": { "type": "boolean", "description": "Do not trigger if last utterance is small talk." }, "onlyEndUser": { "type": "boolean", "description": "Only trigger suggestion if participant role of last utterance is END_USER." } }, "type": "object", "required": [ "noSmallTalk", "onlyEndUser" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentHandoffConfig": { "description": "Defines the hand off to a live agent, typically on which external agent service provider to connect to a conversation. Currently, this feature is not general available, please contact Google to get access.", "properties": { "livePersonConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1HumanAgentHandoffConfigLivePersonConfig", "description": "Uses LivePerson (https://www.liveperson.com)." }, "salesforceLiveAgentConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1HumanAgentHandoffConfigSalesforceLiveAgentConfig", "description": "Uses Salesforce Live Agent." } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentHandoffConfigLivePersonConfig": { "description": "Configuration specific to LivePerson (https://www.liveperson.com).", "properties": { "accountNumber": { "type": "string", "description": "Account number of the LivePerson account to connect. This is the account number you input at the login page." } }, "type": "object", "required": [ "accountNumber" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentHandoffConfigLivePersonConfigResponse": { "description": "Configuration specific to LivePerson (https://www.liveperson.com).", "properties": { "accountNumber": { "type": "string", "description": "Account number of the LivePerson account to connect. This is the account number you input at the login page." } }, "type": "object", "required": [ "accountNumber" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentHandoffConfigResponse": { "description": "Defines the hand off to a live agent, typically on which external agent service provider to connect to a conversation. Currently, this feature is not general available, please contact Google to get access.", "properties": { "livePersonConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1HumanAgentHandoffConfigLivePersonConfigResponse", "description": "Uses LivePerson (https://www.liveperson.com)." }, "salesforceLiveAgentConfig": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1HumanAgentHandoffConfigSalesforceLiveAgentConfigResponse", "description": "Uses Salesforce Live Agent." } }, "type": "object", "required": [ "livePersonConfig", "salesforceLiveAgentConfig" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentHandoffConfigSalesforceLiveAgentConfig": { "description": "Configuration specific to Salesforce Live Agent.", "properties": { "buttonId": { "type": "string", "description": "Live Agent chat button ID." }, "deploymentId": { "type": "string", "description": "Live Agent deployment ID." }, "endpointDomain": { "type": "string", "description": "Domain of the Live Agent endpoint for this agent. You can find the endpoint URL in the `Live Agent settings` page. For example if URL has the form https://d.la4-c2-phx.salesforceliveagent.com/..., you should fill in d.la4-c2-phx.salesforceliveagent.com." }, "organizationId": { "type": "string", "description": "The organization ID of the Salesforce account." } }, "type": "object", "required": [ "buttonId", "deploymentId", "endpointDomain", "organizationId" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1HumanAgentHandoffConfigSalesforceLiveAgentConfigResponse": { "description": "Configuration specific to Salesforce Live Agent.", "properties": { "buttonId": { "type": "string", "description": "Live Agent chat button ID." }, "deploymentId": { "type": "string", "description": "Live Agent deployment ID." }, "endpointDomain": { "type": "string", "description": "Domain of the Live Agent endpoint for this agent. You can find the endpoint URL in the `Live Agent settings` page. For example if URL has the form https://d.la4-c2-phx.salesforceliveagent.com/..., you should fill in d.la4-c2-phx.salesforceliveagent.com." }, "organizationId": { "type": "string", "description": "The organization ID of the Salesforce account." } }, "type": "object", "required": [ "buttonId", "deploymentId", "endpointDomain", "organizationId" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentFollowupIntentInfoResponse": { "description": "Represents a single followup intent in the chain.", "properties": { "followupIntentName": { "type": "string", "description": "The unique identifier of the followup intent. Format: `projects//agent/intents/`." }, "parentFollowupIntentName": { "type": "string", "description": "The unique identifier of the followup intent's parent. Format: `projects//agent/intents/`." } }, "type": "object", "required": [ "followupIntentName", "parentFollowupIntentName" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessage": { "description": "Corresponds to the `Response` field in the Dialogflow console.", "properties": { "basicCard": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageBasicCard", "description": "Displays a basic card for Actions on Google." }, "browseCarouselCard": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageBrowseCarouselCard", "description": "Browse carousel card for Actions on Google." }, "card": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageCard", "description": "Displays a card." }, "carouselSelect": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageCarouselSelect", "description": "Displays a carousel card for Actions on Google." }, "image": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageImage", "description": "Displays an image." }, "linkOutSuggestion": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageLinkOutSuggestion", "description": "Displays a link out suggestion chip for Actions on Google." }, "listSelect": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageListSelect", "description": "Displays a list card for Actions on Google." }, "mediaContent": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageMediaContent", "description": "The media content card for Actions on Google." }, "payload": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A custom platform-specific response." }, "platform": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessagePlatform", "description": "Optional. The platform that this message is intended for." }, "quickReplies": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageQuickReplies", "description": "Displays quick replies." }, "rbmCarouselRichCard": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmCarouselCard", "description": "Rich Business Messaging (RBM) carousel rich card response." }, "rbmStandaloneRichCard": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmStandaloneCard", "description": "Standalone Rich Business Messaging (RBM) rich card response." }, "rbmText": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmText", "description": "Rich Business Messaging (RBM) text response. RBM allows businesses to send enriched and branded versions of SMS. See https://jibe.google.com/business-messaging." }, "simpleResponses": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageSimpleResponses", "description": "Returns a voice or text-only response for Actions on Google." }, "suggestions": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageSuggestions", "description": "Displays suggestion chips for Actions on Google." }, "tableCard": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageTableCard", "description": "Table card for Actions on Google." }, "telephonyPlayAudio": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageTelephonyPlayAudio", "description": "Plays audio from a file in Telephony Gateway." }, "telephonySynthesizeSpeech": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageTelephonySynthesizeSpeech", "description": "Synthesizes speech in Telephony Gateway." }, "telephonyTransferCall": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageTelephonyTransferCall", "description": "Transfers the call in Telephony Gateway." }, "text": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageText", "description": "Returns a text response." } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageBasicCard": { "description": "The basic card message. Useful for displaying information.", "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageBasicCardButton" }, "description": "Optional. The collection of card buttons." }, "formattedText": { "type": "string", "description": "Required, unless image is present. The body text of the card." }, "image": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageImage", "description": "Optional. The image for the card." }, "subtitle": { "type": "string", "description": "Optional. The subtitle of the card." }, "title": { "type": "string", "description": "Optional. The title of the card." } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageBasicCardButton": { "description": "The button object that appears at the bottom of a card.", "properties": { "openUriAction": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageBasicCardButtonOpenUriAction", "description": "Action to take when a user taps on the button." }, "title": { "type": "string", "description": "The title of the button." } }, "type": "object", "required": [ "openUriAction", "title" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageBasicCardButtonOpenUriAction": { "description": "Opens the given URI.", "properties": { "uri": { "type": "string", "description": "The HTTP or HTTPS scheme URI." } }, "type": "object", "required": [ "uri" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageBasicCardButtonOpenUriActionResponse": { "description": "Opens the given URI.", "properties": { "uri": { "type": "string", "description": "The HTTP or HTTPS scheme URI." } }, "type": "object", "required": [ "uri" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageBasicCardButtonResponse": { "description": "The button object that appears at the bottom of a card.", "properties": { "openUriAction": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageBasicCardButtonOpenUriActionResponse", "description": "Action to take when a user taps on the button." }, "title": { "type": "string", "description": "The title of the button." } }, "type": "object", "required": [ "openUriAction", "title" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageBasicCardResponse": { "description": "The basic card message. Useful for displaying information.", "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageBasicCardButtonResponse" }, "description": "Optional. The collection of card buttons." }, "formattedText": { "type": "string", "description": "Required, unless image is present. The body text of the card." }, "image": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageImageResponse", "description": "Optional. The image for the card." }, "subtitle": { "type": "string", "description": "Optional. The subtitle of the card." }, "title": { "type": "string", "description": "Optional. The title of the card." } }, "type": "object", "required": [ "buttons", "formattedText", "image", "subtitle", "title" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageBrowseCarouselCard": { "description": "Browse Carousel Card for Actions on Google. https://developers.google.com/actions/assistant/responses#browsing_carousel", "properties": { "imageDisplayOptions": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageBrowseCarouselCardImageDisplayOptions", "description": "Optional. Settings for displaying the image. Applies to every image in items." }, "items": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageBrowseCarouselCardBrowseCarouselCardItem" }, "description": "List of items in the Browse Carousel Card. Minimum of two items, maximum of ten." } }, "type": "object", "required": [ "items" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageBrowseCarouselCardBrowseCarouselCardItem": { "description": "Browsing carousel tile", "properties": { "description": { "type": "string", "description": "Optional. Description of the carousel item. Maximum of four lines of text." }, "footer": { "type": "string", "description": "Optional. Text that appears at the bottom of the Browse Carousel Card. Maximum of one line of text." }, "image": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageImage", "description": "Optional. Hero image for the carousel item." }, "openUriAction": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageBrowseCarouselCardBrowseCarouselCardItemOpenUrlAction", "description": "Action to present to the user." }, "title": { "type": "string", "description": "Title of the carousel item. Maximum of two lines of text." } }, "type": "object", "required": [ "openUriAction", "title" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageBrowseCarouselCardBrowseCarouselCardItemOpenUrlAction": { "description": "Actions on Google action to open a given url.", "properties": { "url": { "type": "string", "description": "URL" }, "urlTypeHint": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageBrowseCarouselCardBrowseCarouselCardItemOpenUrlActionUrlTypeHint", "description": "Optional. Specifies the type of viewer that is used when opening the URL. Defaults to opening via web browser." } }, "type": "object", "required": [ "url" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageBrowseCarouselCardBrowseCarouselCardItemOpenUrlActionResponse": { "description": "Actions on Google action to open a given url.", "properties": { "url": { "type": "string", "description": "URL" }, "urlTypeHint": { "type": "string", "description": "Optional. Specifies the type of viewer that is used when opening the URL. Defaults to opening via web browser." } }, "type": "object", "required": [ "url", "urlTypeHint" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageBrowseCarouselCardBrowseCarouselCardItemOpenUrlActionUrlTypeHint": { "description": "Optional. Specifies the type of viewer that is used when opening the URL. Defaults to opening via web browser.", "type": "string", "enum": [ { "name": "UrlTypeHintUnspecified", "description": "Unspecified", "value": "URL_TYPE_HINT_UNSPECIFIED" }, { "name": "AmpAction", "description": "Url would be an amp action", "value": "AMP_ACTION" }, { "name": "AmpContent", "description": "URL that points directly to AMP content, or to a canonical URL which refers to AMP content via .", "value": "AMP_CONTENT" } ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageBrowseCarouselCardBrowseCarouselCardItemResponse": { "description": "Browsing carousel tile", "properties": { "description": { "type": "string", "description": "Optional. Description of the carousel item. Maximum of four lines of text." }, "footer": { "type": "string", "description": "Optional. Text that appears at the bottom of the Browse Carousel Card. Maximum of one line of text." }, "image": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageImageResponse", "description": "Optional. Hero image for the carousel item." }, "openUriAction": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageBrowseCarouselCardBrowseCarouselCardItemOpenUrlActionResponse", "description": "Action to present to the user." }, "title": { "type": "string", "description": "Title of the carousel item. Maximum of two lines of text." } }, "type": "object", "required": [ "description", "footer", "image", "openUriAction", "title" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageBrowseCarouselCardImageDisplayOptions": { "description": "Optional. Settings for displaying the image. Applies to every image in items.", "type": "string", "enum": [ { "name": "ImageDisplayOptionsUnspecified", "description": "Fill the gaps between the image and the image container with gray bars.", "value": "IMAGE_DISPLAY_OPTIONS_UNSPECIFIED" }, { "name": "Gray", "description": "Fill the gaps between the image and the image container with gray bars.", "value": "GRAY" }, { "name": "White", "description": "Fill the gaps between the image and the image container with white bars.", "value": "WHITE" }, { "name": "Cropped", "description": "Image is scaled such that the image width and height match or exceed the container dimensions. This may crop the top and bottom of the image if the scaled image height is greater than the container height, or crop the left and right of the image if the scaled image width is greater than the container width. This is similar to \"Zoom Mode\" on a widescreen TV when playing a 4:3 video.", "value": "CROPPED" }, { "name": "BlurredBackground", "description": "Pad the gaps between image and image frame with a blurred copy of the same image.", "value": "BLURRED_BACKGROUND" } ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageBrowseCarouselCardResponse": { "description": "Browse Carousel Card for Actions on Google. https://developers.google.com/actions/assistant/responses#browsing_carousel", "properties": { "imageDisplayOptions": { "type": "string", "description": "Optional. Settings for displaying the image. Applies to every image in items." }, "items": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageBrowseCarouselCardBrowseCarouselCardItemResponse" }, "description": "List of items in the Browse Carousel Card. Minimum of two items, maximum of ten." } }, "type": "object", "required": [ "imageDisplayOptions", "items" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageCard": { "description": "The card response message.", "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageCardButton" }, "description": "Optional. The collection of card buttons." }, "imageUri": { "type": "string", "description": "Optional. The public URI to an image file for the card." }, "subtitle": { "type": "string", "description": "Optional. The subtitle of the card." }, "title": { "type": "string", "description": "Optional. The title of the card." } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageCardButton": { "description": "Optional. Contains information about a button.", "properties": { "postback": { "type": "string", "description": "Optional. The text to send back to the Dialogflow API or a URI to open." }, "text": { "type": "string", "description": "Optional. The text to show on the button." } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageCardButtonResponse": { "description": "Optional. Contains information about a button.", "properties": { "postback": { "type": "string", "description": "Optional. The text to send back to the Dialogflow API or a URI to open." }, "text": { "type": "string", "description": "Optional. The text to show on the button." } }, "type": "object", "required": [ "postback", "text" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageCardResponse": { "description": "The card response message.", "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageCardButtonResponse" }, "description": "Optional. The collection of card buttons." }, "imageUri": { "type": "string", "description": "Optional. The public URI to an image file for the card." }, "subtitle": { "type": "string", "description": "Optional. The subtitle of the card." }, "title": { "type": "string", "description": "Optional. The title of the card." } }, "type": "object", "required": [ "buttons", "imageUri", "subtitle", "title" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageCarouselSelect": { "description": "The card for presenting a carousel of options to select from.", "properties": { "items": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageCarouselSelectItem" }, "description": "Carousel items." } }, "type": "object", "required": [ "items" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageCarouselSelectItem": { "description": "An item in the carousel.", "properties": { "description": { "type": "string", "description": "Optional. The body text of the card." }, "image": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageImage", "description": "Optional. The image to display." }, "info": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageSelectItemInfo", "description": "Additional info about the option item." }, "title": { "type": "string", "description": "Title of the carousel item." } }, "type": "object", "required": [ "info", "title" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageCarouselSelectItemResponse": { "description": "An item in the carousel.", "properties": { "description": { "type": "string", "description": "Optional. The body text of the card." }, "image": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageImageResponse", "description": "Optional. The image to display." }, "info": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageSelectItemInfoResponse", "description": "Additional info about the option item." }, "title": { "type": "string", "description": "Title of the carousel item." } }, "type": "object", "required": [ "description", "image", "info", "title" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageCarouselSelectResponse": { "description": "The card for presenting a carousel of options to select from.", "properties": { "items": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageCarouselSelectItemResponse" }, "description": "Carousel items." } }, "type": "object", "required": [ "items" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageColumnProperties": { "description": "Column properties for TableCard.", "properties": { "header": { "type": "string", "description": "Column heading." }, "horizontalAlignment": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageColumnPropertiesHorizontalAlignment", "description": "Optional. Defines text alignment for all cells in this column." } }, "type": "object", "required": [ "header" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageColumnPropertiesHorizontalAlignment": { "description": "Optional. Defines text alignment for all cells in this column.", "type": "string", "enum": [ { "name": "HorizontalAlignmentUnspecified", "description": "Text is aligned to the leading edge of the column.", "value": "HORIZONTAL_ALIGNMENT_UNSPECIFIED" }, { "name": "Leading", "description": "Text is aligned to the leading edge of the column.", "value": "LEADING" }, { "name": "Center", "description": "Text is centered in the column.", "value": "CENTER" }, { "name": "Trailing", "description": "Text is aligned to the trailing edge of the column.", "value": "TRAILING" } ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageColumnPropertiesResponse": { "description": "Column properties for TableCard.", "properties": { "header": { "type": "string", "description": "Column heading." }, "horizontalAlignment": { "type": "string", "description": "Optional. Defines text alignment for all cells in this column." } }, "type": "object", "required": [ "header", "horizontalAlignment" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageImage": { "description": "The image response message.", "properties": { "accessibilityText": { "type": "string", "description": "A text description of the image to be used for accessibility, e.g., screen readers. Required if image_uri is set for CarouselSelect." }, "imageUri": { "type": "string", "description": "Optional. The public URI to an image file." } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageImageResponse": { "description": "The image response message.", "properties": { "accessibilityText": { "type": "string", "description": "A text description of the image to be used for accessibility, e.g., screen readers. Required if image_uri is set for CarouselSelect." }, "imageUri": { "type": "string", "description": "Optional. The public URI to an image file." } }, "type": "object", "required": [ "accessibilityText", "imageUri" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageLinkOutSuggestion": { "description": "The suggestion chip message that allows the user to jump out to the app or website associated with this agent.", "properties": { "destinationName": { "type": "string", "description": "The name of the app or site this chip is linking to." }, "uri": { "type": "string", "description": "The URI of the app or site to open when the user taps the suggestion chip." } }, "type": "object", "required": [ "destinationName", "uri" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageLinkOutSuggestionResponse": { "description": "The suggestion chip message that allows the user to jump out to the app or website associated with this agent.", "properties": { "destinationName": { "type": "string", "description": "The name of the app or site this chip is linking to." }, "uri": { "type": "string", "description": "The URI of the app or site to open when the user taps the suggestion chip." } }, "type": "object", "required": [ "destinationName", "uri" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageListSelect": { "description": "The card for presenting a list of options to select from.", "properties": { "items": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageListSelectItem" }, "description": "List items." }, "subtitle": { "type": "string", "description": "Optional. Subtitle of the list." }, "title": { "type": "string", "description": "Optional. The overall title of the list." } }, "type": "object", "required": [ "items" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageListSelectItem": { "description": "An item in the list.", "properties": { "description": { "type": "string", "description": "Optional. The main text describing the item." }, "image": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageImage", "description": "Optional. The image to display." }, "info": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageSelectItemInfo", "description": "Additional information about this option." }, "title": { "type": "string", "description": "The title of the list item." } }, "type": "object", "required": [ "info", "title" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageListSelectItemResponse": { "description": "An item in the list.", "properties": { "description": { "type": "string", "description": "Optional. The main text describing the item." }, "image": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageImageResponse", "description": "Optional. The image to display." }, "info": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageSelectItemInfoResponse", "description": "Additional information about this option." }, "title": { "type": "string", "description": "The title of the list item." } }, "type": "object", "required": [ "description", "image", "info", "title" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageListSelectResponse": { "description": "The card for presenting a list of options to select from.", "properties": { "items": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageListSelectItemResponse" }, "description": "List items." }, "subtitle": { "type": "string", "description": "Optional. Subtitle of the list." }, "title": { "type": "string", "description": "Optional. The overall title of the list." } }, "type": "object", "required": [ "items", "subtitle", "title" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageMediaContent": { "description": "The media content card for Actions on Google.", "properties": { "mediaObjects": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageMediaContentResponseMediaObject" }, "description": "List of media objects." }, "mediaType": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageMediaContentMediaType", "description": "Optional. What type of media is the content (ie \"audio\")." } }, "type": "object", "required": [ "mediaObjects" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageMediaContentMediaType": { "description": "Optional. What type of media is the content (ie \"audio\").", "type": "string", "enum": [ { "name": "ResponseMediaTypeUnspecified", "description": "Unspecified.", "value": "RESPONSE_MEDIA_TYPE_UNSPECIFIED" }, { "name": "Audio", "description": "Response media type is audio.", "value": "AUDIO" } ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageMediaContentResponse": { "description": "The media content card for Actions on Google.", "properties": { "mediaObjects": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageMediaContentResponseMediaObjectResponse" }, "description": "List of media objects." }, "mediaType": { "type": "string", "description": "Optional. What type of media is the content (ie \"audio\")." } }, "type": "object", "required": [ "mediaObjects", "mediaType" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageMediaContentResponseMediaObject": { "description": "Response media object for media content card.", "properties": { "contentUrl": { "type": "string", "description": "Url where the media is stored." }, "description": { "type": "string", "description": "Optional. Description of media card." }, "icon": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageImage", "description": "Optional. Icon to display above media content." }, "largeImage": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageImage", "description": "Optional. Image to display above media content." }, "name": { "type": "string", "description": "Name of media card." } }, "type": "object", "required": [ "contentUrl", "name" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageMediaContentResponseMediaObjectResponse": { "description": "Response media object for media content card.", "properties": { "contentUrl": { "type": "string", "description": "Url where the media is stored." }, "description": { "type": "string", "description": "Optional. Description of media card." }, "icon": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageImageResponse", "description": "Optional. Icon to display above media content." }, "largeImage": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageImageResponse", "description": "Optional. Image to display above media content." }, "name": { "type": "string", "description": "Name of media card." } }, "type": "object", "required": [ "contentUrl", "description", "icon", "largeImage", "name" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessagePlatform": { "description": "Optional. The platform that this message is intended for.", "type": "string", "enum": [ { "name": "PlatformUnspecified", "description": "Not specified.", "value": "PLATFORM_UNSPECIFIED" }, { "name": "Facebook", "description": "Facebook.", "value": "FACEBOOK" }, { "name": "Slack", "description": "Slack.", "value": "SLACK" }, { "name": "Telegram", "description": "Telegram.", "value": "TELEGRAM" }, { "name": "Kik", "description": "Kik.", "value": "KIK" }, { "name": "Skype", "description": "Skype.", "value": "SKYPE" }, { "name": "Line", "description": "Line.", "value": "LINE" }, { "name": "Viber", "description": "Viber.", "value": "VIBER" }, { "name": "ActionsOnGoogle", "description": "Google Assistant See [Dialogflow webhook format](https://developers.google.com/assistant/actions/build/json/dialogflow-webhook-json)", "value": "ACTIONS_ON_GOOGLE" }, { "name": "Telephony", "description": "Telephony Gateway.", "value": "TELEPHONY" }, { "name": "GoogleHangouts", "description": "Google Hangouts.", "value": "GOOGLE_HANGOUTS" } ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageQuickReplies": { "description": "The quick replies response message.", "properties": { "quickReplies": { "type": "array", "items": { "type": "string" }, "description": "Optional. The collection of quick replies." }, "title": { "type": "string", "description": "Optional. The title of the collection of quick replies." } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageQuickRepliesResponse": { "description": "The quick replies response message.", "properties": { "quickReplies": { "type": "array", "items": { "type": "string" }, "description": "Optional. The collection of quick replies." }, "title": { "type": "string", "description": "Optional. The title of the collection of quick replies." } }, "type": "object", "required": [ "quickReplies", "title" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmCardContent": { "description": "Rich Business Messaging (RBM) Card content", "properties": { "description": { "type": "string", "description": "Optional. Description of the card (at most 2000 bytes). At least one of the title, description or media must be set." }, "media": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmCardContentRbmMedia", "description": "Optional. However at least one of the title, description or media must be set. Media (image, GIF or a video) to include in the card." }, "suggestions": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmSuggestion" }, "description": "Optional. List of suggestions to include in the card." }, "title": { "type": "string", "description": "Optional. Title of the card (at most 200 bytes). At least one of the title, description or media must be set." } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmCardContentRbmMedia": { "description": "Rich Business Messaging (RBM) Media displayed in Cards The following media-types are currently supported: Image Types * image/jpeg * image/jpg' * image/gif * image/png Video Types * video/h263 * video/m4v * video/mp4 * video/mpeg * video/mpeg4 * video/webm", "properties": { "fileUri": { "type": "string", "description": "Publicly reachable URI of the file. The RBM platform determines the MIME type of the file from the content-type field in the HTTP headers when the platform fetches the file. The content-type field must be present and accurate in the HTTP response from the URL." }, "height": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmCardContentRbmMediaHeight", "description": "Required for cards with vertical orientation. The height of the media within a rich card with a vertical layout. For a standalone card with horizontal layout, height is not customizable, and this field is ignored." }, "thumbnailUri": { "type": "string", "description": "Optional. Publicly reachable URI of the thumbnail.If you don't provide a thumbnail URI, the RBM platform displays a blank placeholder thumbnail until the user's device downloads the file. Depending on the user's setting, the file may not download automatically and may require the user to tap a download button." } }, "type": "object", "required": [ "fileUri" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmCardContentRbmMediaHeight": { "description": "Required for cards with vertical orientation. The height of the media within a rich card with a vertical layout. For a standalone card with horizontal layout, height is not customizable, and this field is ignored.", "type": "string", "enum": [ { "name": "HeightUnspecified", "description": "Not specified.", "value": "HEIGHT_UNSPECIFIED" }, { "name": "Short", "description": "112 DP.", "value": "SHORT" }, { "name": "Medium", "description": "168 DP.", "value": "MEDIUM" }, { "name": "Tall", "description": "264 DP. Not available for rich card carousels when the card width is set to small.", "value": "TALL" } ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmCardContentRbmMediaResponse": { "description": "Rich Business Messaging (RBM) Media displayed in Cards The following media-types are currently supported: Image Types * image/jpeg * image/jpg' * image/gif * image/png Video Types * video/h263 * video/m4v * video/mp4 * video/mpeg * video/mpeg4 * video/webm", "properties": { "fileUri": { "type": "string", "description": "Publicly reachable URI of the file. The RBM platform determines the MIME type of the file from the content-type field in the HTTP headers when the platform fetches the file. The content-type field must be present and accurate in the HTTP response from the URL." }, "height": { "type": "string", "description": "Required for cards with vertical orientation. The height of the media within a rich card with a vertical layout. For a standalone card with horizontal layout, height is not customizable, and this field is ignored." }, "thumbnailUri": { "type": "string", "description": "Optional. Publicly reachable URI of the thumbnail.If you don't provide a thumbnail URI, the RBM platform displays a blank placeholder thumbnail until the user's device downloads the file. Depending on the user's setting, the file may not download automatically and may require the user to tap a download button." } }, "type": "object", "required": [ "fileUri", "height", "thumbnailUri" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmCardContentResponse": { "description": "Rich Business Messaging (RBM) Card content", "properties": { "description": { "type": "string", "description": "Optional. Description of the card (at most 2000 bytes). At least one of the title, description or media must be set." }, "media": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmCardContentRbmMediaResponse", "description": "Optional. However at least one of the title, description or media must be set. Media (image, GIF or a video) to include in the card." }, "suggestions": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmSuggestionResponse" }, "description": "Optional. List of suggestions to include in the card." }, "title": { "type": "string", "description": "Optional. Title of the card (at most 200 bytes). At least one of the title, description or media must be set." } }, "type": "object", "required": [ "description", "media", "suggestions", "title" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmCarouselCard": { "description": "Carousel Rich Business Messaging (RBM) rich card. Rich cards allow you to respond to users with more vivid content, e.g. with media and suggestions. If you want to show a single card with more control over the layout, please use RbmStandaloneCard instead.", "properties": { "cardContents": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmCardContent" }, "description": "The cards in the carousel. A carousel must have at least 2 cards and at most 10." }, "cardWidth": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmCarouselCardCardWidth", "description": "The width of the cards in the carousel." } }, "type": "object", "required": [ "cardContents", "cardWidth" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmCarouselCardCardWidth": { "description": "Required. The width of the cards in the carousel.", "type": "string", "enum": [ { "name": "CardWidthUnspecified", "description": "Not specified.", "value": "CARD_WIDTH_UNSPECIFIED" }, { "name": "Small", "description": "120 DP. Note that tall media cannot be used.", "value": "SMALL" }, { "name": "Medium", "description": "232 DP.", "value": "MEDIUM" } ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmCarouselCardResponse": { "description": "Carousel Rich Business Messaging (RBM) rich card. Rich cards allow you to respond to users with more vivid content, e.g. with media and suggestions. If you want to show a single card with more control over the layout, please use RbmStandaloneCard instead.", "properties": { "cardContents": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmCardContentResponse" }, "description": "The cards in the carousel. A carousel must have at least 2 cards and at most 10." }, "cardWidth": { "type": "string", "description": "The width of the cards in the carousel." } }, "type": "object", "required": [ "cardContents", "cardWidth" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmStandaloneCard": { "description": "Standalone Rich Business Messaging (RBM) rich card. Rich cards allow you to respond to users with more vivid content, e.g. with media and suggestions. You can group multiple rich cards into one using RbmCarouselCard but carousel cards will give you less control over the card layout.", "properties": { "cardContent": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmCardContent", "description": "Card content." }, "cardOrientation": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmStandaloneCardCardOrientation", "description": "Orientation of the card." }, "thumbnailImageAlignment": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmStandaloneCardThumbnailImageAlignment", "description": "Required if orientation is horizontal. Image preview alignment for standalone cards with horizontal layout." } }, "type": "object", "required": [ "cardContent", "cardOrientation" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmStandaloneCardCardOrientation": { "description": "Required. Orientation of the card.", "type": "string", "enum": [ { "name": "CardOrientationUnspecified", "description": "Not specified.", "value": "CARD_ORIENTATION_UNSPECIFIED" }, { "name": "Horizontal", "description": "Horizontal layout.", "value": "HORIZONTAL" }, { "name": "Vertical", "description": "Vertical layout.", "value": "VERTICAL" } ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmStandaloneCardResponse": { "description": "Standalone Rich Business Messaging (RBM) rich card. Rich cards allow you to respond to users with more vivid content, e.g. with media and suggestions. You can group multiple rich cards into one using RbmCarouselCard but carousel cards will give you less control over the card layout.", "properties": { "cardContent": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmCardContentResponse", "description": "Card content." }, "cardOrientation": { "type": "string", "description": "Orientation of the card." }, "thumbnailImageAlignment": { "type": "string", "description": "Required if orientation is horizontal. Image preview alignment for standalone cards with horizontal layout." } }, "type": "object", "required": [ "cardContent", "cardOrientation", "thumbnailImageAlignment" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmStandaloneCardThumbnailImageAlignment": { "description": "Required if orientation is horizontal. Image preview alignment for standalone cards with horizontal layout.", "type": "string", "enum": [ { "name": "ThumbnailImageAlignmentUnspecified", "description": "Not specified.", "value": "THUMBNAIL_IMAGE_ALIGNMENT_UNSPECIFIED" }, { "name": "Left", "description": "Thumbnail preview is left-aligned.", "value": "LEFT" }, { "name": "Right", "description": "Thumbnail preview is right-aligned.", "value": "RIGHT" } ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmSuggestedAction": { "description": "Rich Business Messaging (RBM) suggested client-side action that the user can choose from the card.", "properties": { "dial": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmSuggestedActionRbmSuggestedActionDial", "description": "Suggested client side action: Dial a phone number" }, "openUrl": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmSuggestedActionRbmSuggestedActionOpenUri", "description": "Suggested client side action: Open a URI on device" }, "postbackData": { "type": "string", "description": "Opaque payload that the Dialogflow receives in a user event when the user taps the suggested action. This data will be also forwarded to webhook to allow performing custom business logic." }, "shareLocation": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmSuggestedActionRbmSuggestedActionShareLocation", "description": "Suggested client side action: Share user location" }, "text": { "type": "string", "description": "Text to display alongside the action." } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmSuggestedActionRbmSuggestedActionDial": { "description": "Opens the user's default dialer app with the specified phone number but does not dial automatically.", "properties": { "phoneNumber": { "type": "string", "description": "The phone number to fill in the default dialer app. This field should be in [E.164](https://en.wikipedia.org/wiki/E.164) format. An example of a correctly formatted phone number: +15556767888." } }, "type": "object", "required": [ "phoneNumber" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmSuggestedActionRbmSuggestedActionDialResponse": { "description": "Opens the user's default dialer app with the specified phone number but does not dial automatically.", "properties": { "phoneNumber": { "type": "string", "description": "The phone number to fill in the default dialer app. This field should be in [E.164](https://en.wikipedia.org/wiki/E.164) format. An example of a correctly formatted phone number: +15556767888." } }, "type": "object", "required": [ "phoneNumber" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmSuggestedActionRbmSuggestedActionOpenUri": { "description": "Opens the user's default web browser app to the specified uri If the user has an app installed that is registered as the default handler for the URL, then this app will be opened instead, and its icon will be used in the suggested action UI.", "properties": { "uri": { "type": "string", "description": "The uri to open on the user device" } }, "type": "object", "required": [ "uri" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmSuggestedActionRbmSuggestedActionOpenUriResponse": { "description": "Opens the user's default web browser app to the specified uri If the user has an app installed that is registered as the default handler for the URL, then this app will be opened instead, and its icon will be used in the suggested action UI.", "properties": { "uri": { "type": "string", "description": "The uri to open on the user device" } }, "type": "object", "required": [ "uri" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmSuggestedActionRbmSuggestedActionShareLocation": { "description": "Opens the device's location chooser so the user can pick a location to send back to the agent.", "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmSuggestedActionRbmSuggestedActionShareLocationResponse": { "description": "Opens the device's location chooser so the user can pick a location to send back to the agent.", "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmSuggestedActionResponse": { "description": "Rich Business Messaging (RBM) suggested client-side action that the user can choose from the card.", "properties": { "dial": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmSuggestedActionRbmSuggestedActionDialResponse", "description": "Suggested client side action: Dial a phone number" }, "openUrl": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmSuggestedActionRbmSuggestedActionOpenUriResponse", "description": "Suggested client side action: Open a URI on device" }, "postbackData": { "type": "string", "description": "Opaque payload that the Dialogflow receives in a user event when the user taps the suggested action. This data will be also forwarded to webhook to allow performing custom business logic." }, "shareLocation": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmSuggestedActionRbmSuggestedActionShareLocationResponse", "description": "Suggested client side action: Share user location" }, "text": { "type": "string", "description": "Text to display alongside the action." } }, "type": "object", "required": [ "dial", "openUrl", "postbackData", "shareLocation", "text" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmSuggestedReply": { "description": "Rich Business Messaging (RBM) suggested reply that the user can click instead of typing in their own response.", "properties": { "postbackData": { "type": "string", "description": "Opaque payload that the Dialogflow receives in a user event when the user taps the suggested reply. This data will be also forwarded to webhook to allow performing custom business logic." }, "text": { "type": "string", "description": "Suggested reply text." } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmSuggestedReplyResponse": { "description": "Rich Business Messaging (RBM) suggested reply that the user can click instead of typing in their own response.", "properties": { "postbackData": { "type": "string", "description": "Opaque payload that the Dialogflow receives in a user event when the user taps the suggested reply. This data will be also forwarded to webhook to allow performing custom business logic." }, "text": { "type": "string", "description": "Suggested reply text." } }, "type": "object", "required": [ "postbackData", "text" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmSuggestion": { "description": "Rich Business Messaging (RBM) suggestion. Suggestions allow user to easily select/click a predefined response or perform an action (like opening a web uri).", "properties": { "action": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmSuggestedAction", "description": "Predefined client side actions that user can choose" }, "reply": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmSuggestedReply", "description": "Predefined replies for user to select instead of typing" } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmSuggestionResponse": { "description": "Rich Business Messaging (RBM) suggestion. Suggestions allow user to easily select/click a predefined response or perform an action (like opening a web uri).", "properties": { "action": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmSuggestedActionResponse", "description": "Predefined client side actions that user can choose" }, "reply": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmSuggestedReplyResponse", "description": "Predefined replies for user to select instead of typing" } }, "type": "object", "required": [ "action", "reply" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmText": { "description": "Rich Business Messaging (RBM) text response with suggestions.", "properties": { "rbmSuggestion": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmSuggestion" }, "description": "Optional. One or more suggestions to show to the user." }, "text": { "type": "string", "description": "Text sent and displayed to the user." } }, "type": "object", "required": [ "text" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmTextResponse": { "description": "Rich Business Messaging (RBM) text response with suggestions.", "properties": { "rbmSuggestion": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmSuggestionResponse" }, "description": "Optional. One or more suggestions to show to the user." }, "text": { "type": "string", "description": "Text sent and displayed to the user." } }, "type": "object", "required": [ "rbmSuggestion", "text" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageResponse": { "description": "Corresponds to the `Response` field in the Dialogflow console.", "properties": { "basicCard": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageBasicCardResponse", "description": "Displays a basic card for Actions on Google." }, "browseCarouselCard": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageBrowseCarouselCardResponse", "description": "Browse carousel card for Actions on Google." }, "card": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageCardResponse", "description": "Displays a card." }, "carouselSelect": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageCarouselSelectResponse", "description": "Displays a carousel card for Actions on Google." }, "image": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageImageResponse", "description": "Displays an image." }, "linkOutSuggestion": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageLinkOutSuggestionResponse", "description": "Displays a link out suggestion chip for Actions on Google." }, "listSelect": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageListSelectResponse", "description": "Displays a list card for Actions on Google." }, "mediaContent": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageMediaContentResponse", "description": "The media content card for Actions on Google." }, "payload": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A custom platform-specific response." }, "platform": { "type": "string", "description": "Optional. The platform that this message is intended for." }, "quickReplies": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageQuickRepliesResponse", "description": "Displays quick replies." }, "rbmCarouselRichCard": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmCarouselCardResponse", "description": "Rich Business Messaging (RBM) carousel rich card response." }, "rbmStandaloneRichCard": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmStandaloneCardResponse", "description": "Standalone Rich Business Messaging (RBM) rich card response." }, "rbmText": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageRbmTextResponse", "description": "Rich Business Messaging (RBM) text response. RBM allows businesses to send enriched and branded versions of SMS. See https://jibe.google.com/business-messaging." }, "simpleResponses": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageSimpleResponsesResponse", "description": "Returns a voice or text-only response for Actions on Google." }, "suggestions": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageSuggestionsResponse", "description": "Displays suggestion chips for Actions on Google." }, "tableCard": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageTableCardResponse", "description": "Table card for Actions on Google." }, "telephonyPlayAudio": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageTelephonyPlayAudioResponse", "description": "Plays audio from a file in Telephony Gateway." }, "telephonySynthesizeSpeech": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageTelephonySynthesizeSpeechResponse", "description": "Synthesizes speech in Telephony Gateway." }, "telephonyTransferCall": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageTelephonyTransferCallResponse", "description": "Transfers the call in Telephony Gateway." }, "text": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageTextResponse", "description": "Returns a text response." } }, "type": "object", "required": [ "basicCard", "browseCarouselCard", "card", "carouselSelect", "image", "linkOutSuggestion", "listSelect", "mediaContent", "payload", "platform", "quickReplies", "rbmCarouselRichCard", "rbmStandaloneRichCard", "rbmText", "simpleResponses", "suggestions", "tableCard", "telephonyPlayAudio", "telephonySynthesizeSpeech", "telephonyTransferCall", "text" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageSelectItemInfo": { "description": "Additional info about the select item for when it is triggered in a dialog.", "properties": { "key": { "type": "string", "description": "A unique key that will be sent back to the agent if this response is given." }, "synonyms": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of synonyms that can also be used to trigger this item in dialog." } }, "type": "object", "required": [ "key" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageSelectItemInfoResponse": { "description": "Additional info about the select item for when it is triggered in a dialog.", "properties": { "key": { "type": "string", "description": "A unique key that will be sent back to the agent if this response is given." }, "synonyms": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of synonyms that can also be used to trigger this item in dialog." } }, "type": "object", "required": [ "key", "synonyms" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageSimpleResponse": { "description": "The simple response message containing speech or text.", "properties": { "displayText": { "type": "string", "description": "Optional. The text to display." }, "ssml": { "type": "string", "description": "One of text_to_speech or ssml must be provided. Structured spoken response to the user in the SSML format. Mutually exclusive with text_to_speech." }, "textToSpeech": { "type": "string", "description": "One of text_to_speech or ssml must be provided. The plain text of the speech output. Mutually exclusive with ssml." } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageSimpleResponseResponse": { "description": "The simple response message containing speech or text.", "properties": { "displayText": { "type": "string", "description": "Optional. The text to display." }, "ssml": { "type": "string", "description": "One of text_to_speech or ssml must be provided. Structured spoken response to the user in the SSML format. Mutually exclusive with text_to_speech." }, "textToSpeech": { "type": "string", "description": "One of text_to_speech or ssml must be provided. The plain text of the speech output. Mutually exclusive with ssml." } }, "type": "object", "required": [ "displayText", "ssml", "textToSpeech" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageSimpleResponses": { "description": "The collection of simple response candidates. This message in `QueryResult.fulfillment_messages` and `WebhookResponse.fulfillment_messages` should contain only one `SimpleResponse`.", "properties": { "simpleResponses": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageSimpleResponse" }, "description": "The list of simple responses." } }, "type": "object", "required": [ "simpleResponses" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageSimpleResponsesResponse": { "description": "The collection of simple response candidates. This message in `QueryResult.fulfillment_messages` and `WebhookResponse.fulfillment_messages` should contain only one `SimpleResponse`.", "properties": { "simpleResponses": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageSimpleResponseResponse" }, "description": "The list of simple responses." } }, "type": "object", "required": [ "simpleResponses" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageSuggestion": { "description": "The suggestion chip message that the user can tap to quickly post a reply to the conversation.", "properties": { "title": { "type": "string", "description": "The text shown the in the suggestion chip." } }, "type": "object", "required": [ "title" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageSuggestionResponse": { "description": "The suggestion chip message that the user can tap to quickly post a reply to the conversation.", "properties": { "title": { "type": "string", "description": "The text shown the in the suggestion chip." } }, "type": "object", "required": [ "title" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageSuggestions": { "description": "The collection of suggestions.", "properties": { "suggestions": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageSuggestion" }, "description": "The list of suggested replies." } }, "type": "object", "required": [ "suggestions" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageSuggestionsResponse": { "description": "The collection of suggestions.", "properties": { "suggestions": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageSuggestionResponse" }, "description": "The list of suggested replies." } }, "type": "object", "required": [ "suggestions" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageTableCard": { "description": "Table card for Actions on Google.", "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageBasicCardButton" }, "description": "Optional. List of buttons for the card." }, "columnProperties": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageColumnProperties" }, "description": "Optional. Display properties for the columns in this table." }, "image": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageImage", "description": "Optional. Image which should be displayed on the card." }, "rows": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageTableCardRow" }, "description": "Optional. Rows in this table of data." }, "subtitle": { "type": "string", "description": "Optional. Subtitle to the title." }, "title": { "type": "string", "description": "Title of the card." } }, "type": "object", "required": [ "title" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageTableCardCell": { "description": "Cell of TableCardRow.", "properties": { "text": { "type": "string", "description": "Text in this cell." } }, "type": "object", "required": [ "text" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageTableCardCellResponse": { "description": "Cell of TableCardRow.", "properties": { "text": { "type": "string", "description": "Text in this cell." } }, "type": "object", "required": [ "text" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageTableCardResponse": { "description": "Table card for Actions on Google.", "properties": { "buttons": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageBasicCardButtonResponse" }, "description": "Optional. List of buttons for the card." }, "columnProperties": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageColumnPropertiesResponse" }, "description": "Optional. Display properties for the columns in this table." }, "image": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageImageResponse", "description": "Optional. Image which should be displayed on the card." }, "rows": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageTableCardRowResponse" }, "description": "Optional. Rows in this table of data." }, "subtitle": { "type": "string", "description": "Optional. Subtitle to the title." }, "title": { "type": "string", "description": "Title of the card." } }, "type": "object", "required": [ "buttons", "columnProperties", "image", "rows", "subtitle", "title" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageTableCardRow": { "description": "Row of TableCard.", "properties": { "cells": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageTableCardCell" }, "description": "Optional. List of cells that make up this row." }, "dividerAfter": { "type": "boolean", "description": "Optional. Whether to add a visual divider after this row." } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageTableCardRowResponse": { "description": "Row of TableCard.", "properties": { "cells": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentMessageTableCardCellResponse" }, "description": "Optional. List of cells that make up this row." }, "dividerAfter": { "type": "boolean", "description": "Optional. Whether to add a visual divider after this row." } }, "type": "object", "required": [ "cells", "dividerAfter" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageTelephonyPlayAudio": { "description": "Plays audio from a file in Telephony Gateway.", "properties": { "audioUri": { "type": "string", "description": "URI to a Google Cloud Storage object containing the audio to play, e.g., \"gs://bucket/object\". The object must contain a single channel (mono) of linear PCM audio (2 bytes / sample) at 8kHz. This object must be readable by the `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` service account where is the number of the Telephony Gateway project (usually the same as the Dialogflow agent project). If the Google Cloud Storage bucket is in the Telephony Gateway project, this permission is added by default when enabling the Dialogflow V2 API. For audio from other sources, consider using the `TelephonySynthesizeSpeech` message with SSML." } }, "type": "object", "required": [ "audioUri" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageTelephonyPlayAudioResponse": { "description": "Plays audio from a file in Telephony Gateway.", "properties": { "audioUri": { "type": "string", "description": "URI to a Google Cloud Storage object containing the audio to play, e.g., \"gs://bucket/object\". The object must contain a single channel (mono) of linear PCM audio (2 bytes / sample) at 8kHz. This object must be readable by the `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` service account where is the number of the Telephony Gateway project (usually the same as the Dialogflow agent project). If the Google Cloud Storage bucket is in the Telephony Gateway project, this permission is added by default when enabling the Dialogflow V2 API. For audio from other sources, consider using the `TelephonySynthesizeSpeech` message with SSML." } }, "type": "object", "required": [ "audioUri" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageTelephonySynthesizeSpeech": { "description": "Synthesizes speech and plays back the synthesized audio to the caller in Telephony Gateway. Telephony Gateway takes the synthesizer settings from `DetectIntentResponse.output_audio_config` which can either be set at request-level or can come from the agent-level synthesizer config.", "properties": { "ssml": { "type": "string", "description": "The SSML to be synthesized. For more information, see [SSML](https://developers.google.com/actions/reference/ssml)." }, "text": { "type": "string", "description": "The raw text to be synthesized." } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageTelephonySynthesizeSpeechResponse": { "description": "Synthesizes speech and plays back the synthesized audio to the caller in Telephony Gateway. Telephony Gateway takes the synthesizer settings from `DetectIntentResponse.output_audio_config` which can either be set at request-level or can come from the agent-level synthesizer config.", "properties": { "ssml": { "type": "string", "description": "The SSML to be synthesized. For more information, see [SSML](https://developers.google.com/actions/reference/ssml)." }, "text": { "type": "string", "description": "The raw text to be synthesized." } }, "type": "object", "required": [ "ssml", "text" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageTelephonyTransferCall": { "description": "Transfers the call in Telephony Gateway.", "properties": { "phoneNumber": { "type": "string", "description": "The phone number to transfer the call to in [E.164 format](https://en.wikipedia.org/wiki/E.164). We currently only allow transferring to US numbers (+1xxxyyyzzzz)." } }, "type": "object", "required": [ "phoneNumber" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageTelephonyTransferCallResponse": { "description": "Transfers the call in Telephony Gateway.", "properties": { "phoneNumber": { "type": "string", "description": "The phone number to transfer the call to in [E.164 format](https://en.wikipedia.org/wiki/E.164). We currently only allow transferring to US numbers (+1xxxyyyzzzz)." } }, "type": "object", "required": [ "phoneNumber" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageText": { "description": "The text response message.", "properties": { "text": { "type": "array", "items": { "type": "string" }, "description": "Optional. The collection of the agent's responses." } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentMessageTextResponse": { "description": "The text response message.", "properties": { "text": { "type": "array", "items": { "type": "string" }, "description": "Optional. The collection of the agent's responses." } }, "type": "object", "required": [ "text" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentParameter": { "description": "Represents intent parameters.", "properties": { "defaultValue": { "type": "string", "description": "Optional. The default value to use when the `value` yields an empty result. Default values can be extracted from contexts by using the following syntax: `#context_name.parameter_name`." }, "displayName": { "type": "string", "description": "The name of the parameter." }, "entityTypeDisplayName": { "type": "string", "description": "Optional. The name of the entity type, prefixed with `@`, that describes values of the parameter. If the parameter is required, this must be provided." }, "isList": { "type": "boolean", "description": "Optional. Indicates whether the parameter represents a list of values." }, "mandatory": { "type": "boolean", "description": "Optional. Indicates whether the parameter is required. That is, whether the intent cannot be completed without collecting the parameter value." }, "name": { "type": "string", "description": "The unique identifier of this parameter." }, "prompts": { "type": "array", "items": { "type": "string" }, "description": "Optional. The collection of prompts that the agent can present to the user in order to collect a value for the parameter." }, "value": { "type": "string", "description": "Optional. The definition of the parameter value. It can be: - a constant string, - a parameter value defined as `$parameter_name`, - an original parameter value defined as `$parameter_name.original`, - a parameter value from some context defined as `#context_name.parameter_name`." } }, "type": "object", "required": [ "displayName" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentParameterResponse": { "description": "Represents intent parameters.", "properties": { "defaultValue": { "type": "string", "description": "Optional. The default value to use when the `value` yields an empty result. Default values can be extracted from contexts by using the following syntax: `#context_name.parameter_name`." }, "displayName": { "type": "string", "description": "The name of the parameter." }, "entityTypeDisplayName": { "type": "string", "description": "Optional. The name of the entity type, prefixed with `@`, that describes values of the parameter. If the parameter is required, this must be provided." }, "isList": { "type": "boolean", "description": "Optional. Indicates whether the parameter represents a list of values." }, "mandatory": { "type": "boolean", "description": "Optional. Indicates whether the parameter is required. That is, whether the intent cannot be completed without collecting the parameter value." }, "name": { "type": "string", "description": "The unique identifier of this parameter." }, "prompts": { "type": "array", "items": { "type": "string" }, "description": "Optional. The collection of prompts that the agent can present to the user in order to collect a value for the parameter." }, "value": { "type": "string", "description": "Optional. The definition of the parameter value. It can be: - a constant string, - a parameter value defined as `$parameter_name`, - an original parameter value defined as `$parameter_name.original`, - a parameter value from some context defined as `#context_name.parameter_name`." } }, "type": "object", "required": [ "defaultValue", "displayName", "entityTypeDisplayName", "isList", "mandatory", "name", "prompts", "value" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentTrainingPhrase": { "description": "Represents an example that the agent is trained on.", "properties": { "parts": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentTrainingPhrasePart" }, "description": "The ordered list of training phrase parts. The parts are concatenated in order to form the training phrase. Note: The API does not automatically annotate training phrases like the Dialogflow Console does. Note: Do not forget to include whitespace at part boundaries, so the training phrase is well formatted when the parts are concatenated. If the training phrase does not need to be annotated with parameters, you just need a single part with only the Part.text field set. If you want to annotate the training phrase, you must create multiple parts, where the fields of each part are populated in one of two ways: - `Part.text` is set to a part of the phrase that has no parameters. - `Part.text` is set to a part of the phrase that you want to annotate, and the `entity_type`, `alias`, and `user_defined` fields are all set." }, "timesAddedCount": { "type": "integer", "description": "Optional. Indicates how many times this example was added to the intent. Each time a developer adds an existing sample by editing an intent or training, this counter is increased." }, "type": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentTrainingPhraseType", "description": "The type of the training phrase." } }, "type": "object", "required": [ "parts", "type" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentTrainingPhrasePart": { "description": "Represents a part of a training phrase.", "properties": { "alias": { "type": "string", "description": "Optional. The parameter name for the value extracted from the annotated part of the example. This field is required for annotated parts of the training phrase." }, "entityType": { "type": "string", "description": "Optional. The entity type name prefixed with `@`. This field is required for annotated parts of the training phrase." }, "text": { "type": "string", "description": "The text for this part." }, "userDefined": { "type": "boolean", "description": "Optional. Indicates whether the text was manually annotated. This field is set to true when the Dialogflow Console is used to manually annotate the part. When creating an annotated part with the API, you must set this to true." } }, "type": "object", "required": [ "text" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentTrainingPhrasePartResponse": { "description": "Represents a part of a training phrase.", "properties": { "alias": { "type": "string", "description": "Optional. The parameter name for the value extracted from the annotated part of the example. This field is required for annotated parts of the training phrase." }, "entityType": { "type": "string", "description": "Optional. The entity type name prefixed with `@`. This field is required for annotated parts of the training phrase." }, "text": { "type": "string", "description": "The text for this part." }, "userDefined": { "type": "boolean", "description": "Optional. Indicates whether the text was manually annotated. This field is set to true when the Dialogflow Console is used to manually annotate the part. When creating an annotated part with the API, you must set this to true." } }, "type": "object", "required": [ "alias", "entityType", "text", "userDefined" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentTrainingPhraseResponse": { "description": "Represents an example that the agent is trained on.", "properties": { "name": { "type": "string", "description": "The unique identifier of this training phrase." }, "parts": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1IntentTrainingPhrasePartResponse" }, "description": "The ordered list of training phrase parts. The parts are concatenated in order to form the training phrase. Note: The API does not automatically annotate training phrases like the Dialogflow Console does. Note: Do not forget to include whitespace at part boundaries, so the training phrase is well formatted when the parts are concatenated. If the training phrase does not need to be annotated with parameters, you just need a single part with only the Part.text field set. If you want to annotate the training phrase, you must create multiple parts, where the fields of each part are populated in one of two ways: - `Part.text` is set to a part of the phrase that has no parameters. - `Part.text` is set to a part of the phrase that you want to annotate, and the `entity_type`, `alias`, and `user_defined` fields are all set." }, "timesAddedCount": { "type": "integer", "description": "Optional. Indicates how many times this example was added to the intent. Each time a developer adds an existing sample by editing an intent or training, this counter is increased." }, "type": { "type": "string", "description": "The type of the training phrase." } }, "type": "object", "required": [ "name", "parts", "timesAddedCount", "type" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1IntentTrainingPhraseType": { "description": "Required. The type of the training phrase.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Not specified. This value should never be used.", "value": "TYPE_UNSPECIFIED" }, { "name": "Example", "description": "Examples do not contain @-prefixed entity type names, but example parts can be annotated with entity types.", "value": "EXAMPLE" }, { "name": "Template", "description": "Templates are not annotated with entity types, but they can contain @-prefixed entity type names as substrings. Note: Template mode has been deprecated. Example mode is the only supported way to create new training phrases. If you have existing training phrases in template mode, they will be removed during training and it can cause a drop in agent performance.", "value": "TEMPLATE" } ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1LoggingConfig": { "description": "Defines logging behavior for conversation lifecycle events.", "properties": { "enableStackdriverLogging": { "type": "boolean", "description": "Whether to log conversation events like CONVERSATION_STARTED to Stackdriver in the conversation project as JSON format ConversationEvent protos." } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1LoggingConfigResponse": { "description": "Defines logging behavior for conversation lifecycle events.", "properties": { "enableStackdriverLogging": { "type": "boolean", "description": "Whether to log conversation events like CONVERSATION_STARTED to Stackdriver in the conversation project as JSON format ConversationEvent protos." } }, "type": "object", "required": [ "enableStackdriverLogging" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1NotificationConfig": { "description": "Defines notification behavior.", "properties": { "messageFormat": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1NotificationConfigMessageFormat", "description": "Format of message." }, "topic": { "type": "string", "description": "Name of the Pub/Sub topic to publish conversation events like CONVERSATION_STARTED as serialized ConversationEvent protos. For telephony integration to receive notification, make sure either this topic is in the same project as the conversation or you grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow Service Agent` role in the topic project. For chat integration to receive notification, make sure API caller has been granted the `Dialogflow Service Agent` role for the topic. Format: `projects//locations//topics/`." } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1NotificationConfigMessageFormat": { "description": "Format of message.", "type": "string", "enum": [ { "name": "MessageFormatUnspecified", "description": "If it is unspecified, PROTO will be used.", "value": "MESSAGE_FORMAT_UNSPECIFIED" }, { "name": "Proto", "description": "Pub/Sub message will be serialized proto.", "value": "PROTO" }, { "name": "Json", "description": "Pub/Sub message will be json.", "value": "JSON" } ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1NotificationConfigResponse": { "description": "Defines notification behavior.", "properties": { "messageFormat": { "type": "string", "description": "Format of message." }, "topic": { "type": "string", "description": "Name of the Pub/Sub topic to publish conversation events like CONVERSATION_STARTED as serialized ConversationEvent protos. For telephony integration to receive notification, make sure either this topic is in the same project as the conversation or you grant `service-@gcp-sa-dialogflow.iam.gserviceaccount.com` the `Dialogflow Service Agent` role in the topic project. For chat integration to receive notification, make sure API caller has been granted the `Dialogflow Service Agent` role for the topic. Format: `projects//locations//topics/`." } }, "type": "object", "required": [ "messageFormat", "topic" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1SpeechToTextConfig": { "description": "Configures speech transcription for ConversationProfile.", "properties": { "model": { "type": "string", "description": "Which Speech model to select. Select the model best suited to your domain to get best results. If a model is not explicitly specified, then a default model is used. Refer to [Cloud Speech API documentation](https://cloud.google.com/speech-to-text/docs/basics#select-model) for more details." }, "speechModelVariant": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1SpeechToTextConfigSpeechModelVariant", "description": "The speech model used in speech to text. `SPEECH_MODEL_VARIANT_UNSPECIFIED`, `USE_BEST_AVAILABLE` will be treated as `USE_ENHANCED`. It can be overridden in AnalyzeContentRequest and StreamingAnalyzeContentRequest request. If enhanced model variant is specified and an enhanced version of the specified model for the language does not exist, then it would emit an error." }, "useTimeoutBasedEndpointing": { "type": "boolean", "description": "Use timeout based endpointing, interpreting endpointer sensitivy as seconds of timeout value." } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1SpeechToTextConfigResponse": { "description": "Configures speech transcription for ConversationProfile.", "properties": { "model": { "type": "string", "description": "Which Speech model to select. Select the model best suited to your domain to get best results. If a model is not explicitly specified, then a default model is used. Refer to [Cloud Speech API documentation](https://cloud.google.com/speech-to-text/docs/basics#select-model) for more details." }, "speechModelVariant": { "type": "string", "description": "The speech model used in speech to text. `SPEECH_MODEL_VARIANT_UNSPECIFIED`, `USE_BEST_AVAILABLE` will be treated as `USE_ENHANCED`. It can be overridden in AnalyzeContentRequest and StreamingAnalyzeContentRequest request. If enhanced model variant is specified and an enhanced version of the specified model for the language does not exist, then it would emit an error." }, "useTimeoutBasedEndpointing": { "type": "boolean", "description": "Use timeout based endpointing, interpreting endpointer sensitivy as seconds of timeout value." } }, "type": "object", "required": [ "model", "speechModelVariant", "useTimeoutBasedEndpointing" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1SpeechToTextConfigSpeechModelVariant": { "description": "The speech model used in speech to text. `SPEECH_MODEL_VARIANT_UNSPECIFIED`, `USE_BEST_AVAILABLE` will be treated as `USE_ENHANCED`. It can be overridden in AnalyzeContentRequest and StreamingAnalyzeContentRequest request. If enhanced model variant is specified and an enhanced version of the specified model for the language does not exist, then it would emit an error.", "type": "string", "enum": [ { "name": "SpeechModelVariantUnspecified", "description": "No model variant specified. In this case Dialogflow defaults to USE_BEST_AVAILABLE.", "value": "SPEECH_MODEL_VARIANT_UNSPECIFIED" }, { "name": "UseBestAvailable", "description": "Use the best available variant of the Speech model that the caller is eligible for. Please see the [Dialogflow docs](https://cloud.google.com/dialogflow/docs/data-logging) for how to make your project eligible for enhanced models.", "value": "USE_BEST_AVAILABLE" }, { "name": "UseStandard", "description": "Use standard model variant even if an enhanced model is available. See the [Cloud Speech documentation](https://cloud.google.com/speech-to-text/docs/enhanced-models) for details about enhanced models.", "value": "USE_STANDARD" }, { "name": "UseEnhanced", "description": "Use an enhanced model variant: * If an enhanced variant does not exist for the given model and request language, Dialogflow falls back to the standard variant. The [Cloud Speech documentation](https://cloud.google.com/speech-to-text/docs/enhanced-models) describes which models have enhanced variants. * If the API caller isn't eligible for enhanced models, Dialogflow returns an error. Please see the [Dialogflow docs](https://cloud.google.com/dialogflow/docs/data-logging) for how to make your project eligible.", "value": "USE_ENHANCED" } ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1SuggestionFeature": { "description": "The type of Human Agent Assistant API suggestion to perform, and the maximum number of results to return for that type. Multiple `Feature` objects can be specified in the `features` list.", "properties": { "type": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1SuggestionFeatureType", "description": "Type of Human Agent Assistant API feature to request." } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1SuggestionFeatureResponse": { "description": "The type of Human Agent Assistant API suggestion to perform, and the maximum number of results to return for that type. Multiple `Feature` objects can be specified in the `features` list.", "properties": { "type": { "type": "string", "description": "Type of Human Agent Assistant API feature to request." } }, "type": "object", "required": [ "type" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1SuggestionFeatureType": { "description": "Type of Human Agent Assistant API feature to request.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Unspecified feature type.", "value": "TYPE_UNSPECIFIED" }, { "name": "ArticleSuggestion", "description": "Run article suggestion model for chat.", "value": "ARTICLE_SUGGESTION" }, { "name": "Faq", "description": "Run FAQ model.", "value": "FAQ" }, { "name": "SmartReply", "description": "Run smart reply model for chat.", "value": "SMART_REPLY" }, { "name": "DialogflowAssist", "description": "Run Dialogflow assist model for chat, which will return automated agent response as suggestion.", "value": "DIALOGFLOW_ASSIST" }, { "name": "ConversationSummarization", "description": "Run conversation summarization model for chat.", "value": "CONVERSATION_SUMMARIZATION" }, { "name": "KnowledgeSearch", "description": "Run knowledge search with text input from agent or text generated query.", "value": "KNOWLEDGE_SEARCH" } ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1SynthesizeSpeechConfig": { "description": "Configuration of how speech should be synthesized.", "properties": { "effectsProfileId": { "type": "array", "items": { "type": "string" }, "description": "Optional. An identifier which selects 'audio effects' profiles that are applied on (post synthesized) text to speech. Effects are applied on top of each other in the order they are given." }, "pitch": { "type": "number", "description": "Optional. Speaking pitch, in the range [-20.0, 20.0]. 20 means increase 20 semitones from the original pitch. -20 means decrease 20 semitones from the original pitch." }, "speakingRate": { "type": "number", "description": "Optional. Speaking rate/speed, in the range [0.25, 4.0]. 1.0 is the normal native speed supported by the specific voice. 2.0 is twice as fast, and 0.5 is half as fast. If unset(0.0), defaults to the native 1.0 speed. Any other values < 0.25 or > 4.0 will return an error." }, "voice": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1VoiceSelectionParams", "description": "Optional. The desired voice of the synthesized audio." }, "volumeGainDb": { "type": "number", "description": "Optional. Volume gain (in dB) of the normal native volume supported by the specific voice, in the range [-96.0, 16.0]. If unset, or set to a value of 0.0 (dB), will play at normal native signal amplitude. A value of -6.0 (dB) will play at approximately half the amplitude of the normal native signal amplitude. A value of +6.0 (dB) will play at approximately twice the amplitude of the normal native signal amplitude. We strongly recommend not to exceed +10 (dB) as there's usually no effective increase in loudness for any value greater than that." } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1SynthesizeSpeechConfigResponse": { "description": "Configuration of how speech should be synthesized.", "properties": { "effectsProfileId": { "type": "array", "items": { "type": "string" }, "description": "Optional. An identifier which selects 'audio effects' profiles that are applied on (post synthesized) text to speech. Effects are applied on top of each other in the order they are given." }, "pitch": { "type": "number", "description": "Optional. Speaking pitch, in the range [-20.0, 20.0]. 20 means increase 20 semitones from the original pitch. -20 means decrease 20 semitones from the original pitch." }, "speakingRate": { "type": "number", "description": "Optional. Speaking rate/speed, in the range [0.25, 4.0]. 1.0 is the normal native speed supported by the specific voice. 2.0 is twice as fast, and 0.5 is half as fast. If unset(0.0), defaults to the native 1.0 speed. Any other values < 0.25 or > 4.0 will return an error." }, "voice": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1VoiceSelectionParamsResponse", "description": "Optional. The desired voice of the synthesized audio." }, "volumeGainDb": { "type": "number", "description": "Optional. Volume gain (in dB) of the normal native volume supported by the specific voice, in the range [-96.0, 16.0]. If unset, or set to a value of 0.0 (dB), will play at normal native signal amplitude. A value of -6.0 (dB) will play at approximately half the amplitude of the normal native signal amplitude. A value of +6.0 (dB) will play at approximately twice the amplitude of the normal native signal amplitude. We strongly recommend not to exceed +10 (dB) as there's usually no effective increase in loudness for any value greater than that." } }, "type": "object", "required": [ "effectsProfileId", "pitch", "speakingRate", "voice", "volumeGainDb" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1TextToSpeechSettings": { "description": "Instructs the speech synthesizer on how to generate the output audio content.", "properties": { "enableTextToSpeech": { "type": "boolean", "description": "Optional. Indicates whether text to speech is enabled. Even when this field is false, other settings in this proto are still retained." }, "outputAudioEncoding": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1TextToSpeechSettingsOutputAudioEncoding", "description": "Audio encoding of the synthesized audio content." }, "sampleRateHertz": { "type": "integer", "description": "Optional. The synthesis sample rate (in hertz) for this audio. If not provided, then the synthesizer will use the default sample rate based on the audio encoding. If this is different from the voice's natural sample rate, then the synthesizer will honor this request by converting to the desired sample rate (which might result in worse audio quality)." }, "synthesizeSpeechConfigs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Configuration of how speech should be synthesized, mapping from language (https://cloud.google.com/dialogflow/docs/reference/language) to SynthesizeSpeechConfig." } }, "type": "object", "required": [ "outputAudioEncoding" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1TextToSpeechSettingsOutputAudioEncoding": { "description": "Required. Audio encoding of the synthesized audio content.", "type": "string", "enum": [ { "name": "OutputAudioEncodingUnspecified", "description": "Not specified.", "value": "OUTPUT_AUDIO_ENCODING_UNSPECIFIED" }, { "name": "OutputAudioEncodingLinear16", "description": "Uncompressed 16-bit signed little-endian samples (Linear PCM). Audio content returned as LINEAR16 also contains a WAV header.", "value": "OUTPUT_AUDIO_ENCODING_LINEAR_16" }, { "name": "OutputAudioEncodingMp3", "description": "MP3 audio at 32kbps.", "value": "OUTPUT_AUDIO_ENCODING_MP3" }, { "name": "OutputAudioEncodingMp364Kbps", "description": "MP3 audio at 64kbps.", "value": "OUTPUT_AUDIO_ENCODING_MP3_64_KBPS" }, { "name": "OutputAudioEncodingOggOpus", "description": "Opus encoded audio wrapped in an ogg container. The result will be a file which can be played natively on Android, and in browsers (at least Chrome and Firefox). The quality of the encoding is considerably higher than MP3 while using approximately the same bitrate.", "value": "OUTPUT_AUDIO_ENCODING_OGG_OPUS" }, { "name": "OutputAudioEncodingMulaw", "description": "8-bit samples that compand 14-bit audio samples using G.711 PCMU/mu-law.", "value": "OUTPUT_AUDIO_ENCODING_MULAW" } ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1TextToSpeechSettingsResponse": { "description": "Instructs the speech synthesizer on how to generate the output audio content.", "properties": { "enableTextToSpeech": { "type": "boolean", "description": "Optional. Indicates whether text to speech is enabled. Even when this field is false, other settings in this proto are still retained." }, "outputAudioEncoding": { "type": "string", "description": "Audio encoding of the synthesized audio content." }, "sampleRateHertz": { "type": "integer", "description": "Optional. The synthesis sample rate (in hertz) for this audio. If not provided, then the synthesizer will use the default sample rate based on the audio encoding. If this is different from the voice's natural sample rate, then the synthesizer will honor this request by converting to the desired sample rate (which might result in worse audio quality)." }, "synthesizeSpeechConfigs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Configuration of how speech should be synthesized, mapping from language (https://cloud.google.com/dialogflow/docs/reference/language) to SynthesizeSpeechConfig." } }, "type": "object", "required": [ "enableTextToSpeech", "outputAudioEncoding", "sampleRateHertz", "synthesizeSpeechConfigs" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1VoiceSelectionParams": { "description": "Description of which voice to use for speech synthesis.", "properties": { "name": { "type": "string", "description": "Optional. The name of the voice. If not set, the service will choose a voice based on the other parameters such as language_code and ssml_gender. For the list of available voices, please refer to [Supported voices and languages](https://cloud.google.com/text-to-speech/docs/voices)." }, "ssmlGender": { "$ref": "#/types/google-native:dialogflow%2Fv2beta1:GoogleCloudDialogflowV2beta1VoiceSelectionParamsSsmlGender", "description": "Optional. The preferred gender of the voice. If not set, the service will choose a voice based on the other parameters such as language_code and name. Note that this is only a preference, not requirement. If a voice of the appropriate gender is not available, the synthesizer should substitute a voice with a different gender rather than failing the request." } }, "type": "object" }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1VoiceSelectionParamsResponse": { "description": "Description of which voice to use for speech synthesis.", "properties": { "name": { "type": "string", "description": "Optional. The name of the voice. If not set, the service will choose a voice based on the other parameters such as language_code and ssml_gender. For the list of available voices, please refer to [Supported voices and languages](https://cloud.google.com/text-to-speech/docs/voices)." }, "ssmlGender": { "type": "string", "description": "Optional. The preferred gender of the voice. If not set, the service will choose a voice based on the other parameters such as language_code and name. Note that this is only a preference, not requirement. If a voice of the appropriate gender is not available, the synthesizer should substitute a voice with a different gender rather than failing the request." } }, "type": "object", "required": [ "name", "ssmlGender" ] }, "google-native:dialogflow/v2beta1:GoogleCloudDialogflowV2beta1VoiceSelectionParamsSsmlGender": { "description": "Optional. The preferred gender of the voice. If not set, the service will choose a voice based on the other parameters such as language_code and name. Note that this is only a preference, not requirement. If a voice of the appropriate gender is not available, the synthesizer should substitute a voice with a different gender rather than failing the request.", "type": "string", "enum": [ { "name": "SsmlVoiceGenderUnspecified", "description": "An unspecified gender, which means that the client doesn't care which gender the selected voice will have.", "value": "SSML_VOICE_GENDER_UNSPECIFIED" }, { "name": "SsmlVoiceGenderMale", "description": "A male voice.", "value": "SSML_VOICE_GENDER_MALE" }, { "name": "SsmlVoiceGenderFemale", "description": "A female voice.", "value": "SSML_VOICE_GENDER_FEMALE" }, { "name": "SsmlVoiceGenderNeutral", "description": "A gender-neutral voice.", "value": "SSML_VOICE_GENDER_NEUTRAL" } ] }, "google-native:dialogflow/v2beta1:GoogleRpcStatusResponse": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object", "required": [ "code", "details", "message" ] }, "google-native:dialogflow/v2beta1:IntentDefaultResponsePlatformsItem": { "type": "string", "enum": [ { "name": "PlatformUnspecified", "description": "Not specified.", "value": "PLATFORM_UNSPECIFIED" }, { "name": "Facebook", "description": "Facebook.", "value": "FACEBOOK" }, { "name": "Slack", "description": "Slack.", "value": "SLACK" }, { "name": "Telegram", "description": "Telegram.", "value": "TELEGRAM" }, { "name": "Kik", "description": "Kik.", "value": "KIK" }, { "name": "Skype", "description": "Skype.", "value": "SKYPE" }, { "name": "Line", "description": "Line.", "value": "LINE" }, { "name": "Viber", "description": "Viber.", "value": "VIBER" }, { "name": "ActionsOnGoogle", "description": "Google Assistant See [Dialogflow webhook format](https://developers.google.com/assistant/actions/build/json/dialogflow-webhook-json)", "value": "ACTIONS_ON_GOOGLE" }, { "name": "Telephony", "description": "Telephony Gateway.", "value": "TELEPHONY" }, { "name": "GoogleHangouts", "description": "Google Hangouts.", "value": "GOOGLE_HANGOUTS" } ] }, "google-native:dialogflow/v2beta1:IntentWebhookState": { "description": "Optional. Indicates whether webhooks are enabled for the intent.", "type": "string", "enum": [ { "name": "WebhookStateUnspecified", "description": "Webhook is disabled in the agent and in the intent.", "value": "WEBHOOK_STATE_UNSPECIFIED" }, { "name": "WebhookStateEnabled", "description": "Webhook is enabled in the agent and in the intent.", "value": "WEBHOOK_STATE_ENABLED" }, { "name": "WebhookStateEnabledForSlotFilling", "description": "Webhook is enabled in the agent and in the intent. Also, each slot filling prompt is forwarded to the webhook.", "value": "WEBHOOK_STATE_ENABLED_FOR_SLOT_FILLING" } ] }, "google-native:dialogflow/v2beta1:ParticipantRole": { "description": "Immutable. The role this participant plays in the conversation. This field must be set during participant creation and is then immutable.", "type": "string", "enum": [ { "name": "RoleUnspecified", "description": "Participant role not set.", "value": "ROLE_UNSPECIFIED" }, { "name": "HumanAgent", "description": "Participant is a human agent.", "value": "HUMAN_AGENT" }, { "name": "AutomatedAgent", "description": "Participant is an automated agent, such as a Dialogflow agent.", "value": "AUTOMATED_AGENT" }, { "name": "EndUser", "description": "Participant is an end user that has called or chatted with Dialogflow services.", "value": "END_USER" } ] }, "google-native:dialogflow/v2beta1:SessionEntityTypeEntityOverrideMode": { "description": "Required. Indicates whether the additional data should override or supplement the custom entity type definition.", "type": "string", "enum": [ { "name": "EntityOverrideModeUnspecified", "description": "Not specified. This value should be never used.", "value": "ENTITY_OVERRIDE_MODE_UNSPECIFIED" }, { "name": "EntityOverrideModeOverride", "description": "The collection of session entities overrides the collection of entities in the corresponding custom entity type.", "value": "ENTITY_OVERRIDE_MODE_OVERRIDE" }, { "name": "EntityOverrideModeSupplement", "description": "The collection of session entities extends the collection of entities in the corresponding custom entity type. Note: Even in this override mode calls to `ListSessionEntityTypes`, `GetSessionEntityType`, `CreateSessionEntityType` and `UpdateSessionEntityType` only return the additional entities added in this session entity type. If you want to get the supplemented list, please call EntityTypes.GetEntityType on the custom entity type and merge.", "value": "ENTITY_OVERRIDE_MODE_SUPPLEMENT" } ] }, "google-native:dialogflow/v3:EntityTypeAutoExpansionMode": { "description": "Indicates whether the entity type can be automatically expanded.", "type": "string", "enum": [ { "name": "AutoExpansionModeUnspecified", "description": "Auto expansion disabled for the entity.", "value": "AUTO_EXPANSION_MODE_UNSPECIFIED" }, { "name": "AutoExpansionModeDefault", "description": "Allows an agent to recognize values that have not been explicitly listed in the entity.", "value": "AUTO_EXPANSION_MODE_DEFAULT" } ] }, "google-native:dialogflow/v3:EntityTypeKind": { "description": "Required. Indicates the kind of entity type.", "type": "string", "enum": [ { "name": "KindUnspecified", "description": "Not specified. This value should be never used.", "value": "KIND_UNSPECIFIED" }, { "name": "KindMap", "description": "Map entity types allow mapping of a group of synonyms to a canonical value.", "value": "KIND_MAP" }, { "name": "KindList", "description": "List entity types contain a set of entries that do not map to canonical values. However, list entity types can contain references to other entity types (with or without aliases).", "value": "KIND_LIST" }, { "name": "KindRegexp", "description": "Regexp entity types allow to specify regular expressions in entries values.", "value": "KIND_REGEXP" } ] }, "google-native:dialogflow/v3:ExperimentState": { "description": "The current state of the experiment. Transition triggered by Experiments.StartExperiment: DRAFT->RUNNING. Transition triggered by Experiments.CancelExperiment: DRAFT->DONE or RUNNING->DONE.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "State unspecified.", "value": "STATE_UNSPECIFIED" }, { "name": "Draft", "description": "The experiment is created but not started yet.", "value": "DRAFT" }, { "name": "Running", "description": "The experiment is running.", "value": "RUNNING" }, { "name": "Done", "description": "The experiment is done.", "value": "DONE" }, { "name": "RolloutFailed", "description": "The experiment with auto-rollout enabled has failed.", "value": "ROLLOUT_FAILED" } ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3AdvancedSettings": { "description": "Hierarchical advanced settings for agent/flow/page/fulfillment/parameter. Settings exposed at lower level overrides the settings exposed at higher level. Overriding occurs at the sub-setting level. For example, the playback_interruption_settings at fulfillment level only overrides the playback_interruption_settings at the agent level, leaving other settings at the agent level unchanged. DTMF settings does not override each other. DTMF settings set at different levels define DTMF detections running in parallel. Hierarchy: Agent->Flow->Page->Fulfillment/Parameter.", "properties": { "audioExportGcsDestination": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3GcsDestination", "description": "If present, incoming audio is exported by Dialogflow to the configured Google Cloud Storage destination. Exposed at the following levels: - Agent level - Flow level" }, "dtmfSettings": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3AdvancedSettingsDtmfSettings", "description": "Settings for DTMF. Exposed at the following levels: - Agent level - Flow level - Page level - Parameter level." }, "loggingSettings": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3AdvancedSettingsLoggingSettings", "description": "Settings for logging. Settings for Dialogflow History, Contact Center messages, StackDriver logs, and speech logging. Exposed at the following levels: - Agent level." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3AdvancedSettingsDtmfSettings": { "description": "Define behaviors for DTMF (dual tone multi frequency).", "properties": { "enabled": { "type": "boolean", "description": "If true, incoming audio is processed for DTMF (dual tone multi frequency) events. For example, if the caller presses a button on their telephone keypad and DTMF processing is enabled, Dialogflow will detect the event (e.g. a \"3\" was pressed) in the incoming audio and pass the event to the bot to drive business logic (e.g. when 3 is pressed, return the account balance)." }, "finishDigit": { "type": "string", "description": "The digit that terminates a DTMF digit sequence." }, "maxDigits": { "type": "integer", "description": "Max length of DTMF digits." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3AdvancedSettingsDtmfSettingsResponse": { "description": "Define behaviors for DTMF (dual tone multi frequency).", "properties": { "enabled": { "type": "boolean", "description": "If true, incoming audio is processed for DTMF (dual tone multi frequency) events. For example, if the caller presses a button on their telephone keypad and DTMF processing is enabled, Dialogflow will detect the event (e.g. a \"3\" was pressed) in the incoming audio and pass the event to the bot to drive business logic (e.g. when 3 is pressed, return the account balance)." }, "finishDigit": { "type": "string", "description": "The digit that terminates a DTMF digit sequence." }, "maxDigits": { "type": "integer", "description": "Max length of DTMF digits." } }, "type": "object", "required": [ "enabled", "finishDigit", "maxDigits" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3AdvancedSettingsLoggingSettings": { "description": "Define behaviors on logging.", "properties": { "enableInteractionLogging": { "type": "boolean", "description": "If true, DF Interaction logging is currently enabled." }, "enableStackdriverLogging": { "type": "boolean", "description": "If true, StackDriver logging is currently enabled." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3AdvancedSettingsLoggingSettingsResponse": { "description": "Define behaviors on logging.", "properties": { "enableInteractionLogging": { "type": "boolean", "description": "If true, DF Interaction logging is currently enabled." }, "enableStackdriverLogging": { "type": "boolean", "description": "If true, StackDriver logging is currently enabled." } }, "type": "object", "required": [ "enableInteractionLogging", "enableStackdriverLogging" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3AdvancedSettingsResponse": { "description": "Hierarchical advanced settings for agent/flow/page/fulfillment/parameter. Settings exposed at lower level overrides the settings exposed at higher level. Overriding occurs at the sub-setting level. For example, the playback_interruption_settings at fulfillment level only overrides the playback_interruption_settings at the agent level, leaving other settings at the agent level unchanged. DTMF settings does not override each other. DTMF settings set at different levels define DTMF detections running in parallel. Hierarchy: Agent->Flow->Page->Fulfillment/Parameter.", "properties": { "audioExportGcsDestination": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3GcsDestinationResponse", "description": "If present, incoming audio is exported by Dialogflow to the configured Google Cloud Storage destination. Exposed at the following levels: - Agent level - Flow level" }, "dtmfSettings": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3AdvancedSettingsDtmfSettingsResponse", "description": "Settings for DTMF. Exposed at the following levels: - Agent level - Flow level - Page level - Parameter level." }, "loggingSettings": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3AdvancedSettingsLoggingSettingsResponse", "description": "Settings for logging. Settings for Dialogflow History, Contact Center messages, StackDriver logs, and speech logging. Exposed at the following levels: - Agent level." } }, "type": "object", "required": [ "audioExportGcsDestination", "dtmfSettings", "loggingSettings" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3AgentAnswerFeedbackSettings": { "description": "Settings for answer feedback collection.", "properties": { "enableAnswerFeedback": { "type": "boolean", "description": "Optional. If enabled, end users will be able to provide answer feedback to Dialogflow responses. Feature works only if interaction logging is enabled in the Dialogflow agent." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3AgentAnswerFeedbackSettingsResponse": { "description": "Settings for answer feedback collection.", "properties": { "enableAnswerFeedback": { "type": "boolean", "description": "Optional. If enabled, end users will be able to provide answer feedback to Dialogflow responses. Feature works only if interaction logging is enabled in the Dialogflow agent." } }, "type": "object", "required": [ "enableAnswerFeedback" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3AgentGenAppBuilderSettings": { "description": "Settings for Gen App Builder.", "properties": { "engine": { "type": "string", "description": "The full name of the Gen App Builder engine related to this agent if there is one. Format: `projects/{Project ID}/locations/{Location ID}/collections/{Collection ID}/engines/{Engine ID}`" } }, "type": "object", "required": [ "engine" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3AgentGenAppBuilderSettingsResponse": { "description": "Settings for Gen App Builder.", "properties": { "engine": { "type": "string", "description": "The full name of the Gen App Builder engine related to this agent if there is one. Format: `projects/{Project ID}/locations/{Location ID}/collections/{Collection ID}/engines/{Engine ID}`" } }, "type": "object", "required": [ "engine" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3AgentGitIntegrationSettings": { "description": "Settings for connecting to Git repository for an agent.", "properties": { "githubSettings": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3AgentGitIntegrationSettingsGithubSettings", "description": "GitHub settings." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3AgentGitIntegrationSettingsGithubSettings": { "description": "Settings of integration with GitHub.", "properties": { "accessToken": { "type": "string", "description": "The access token used to authenticate the access to the GitHub repository." }, "branches": { "type": "array", "items": { "type": "string" }, "description": "A list of branches configured to be used from Dialogflow." }, "displayName": { "type": "string", "description": "The unique repository display name for the GitHub repository." }, "repositoryUri": { "type": "string", "description": "The GitHub repository URI related to the agent." }, "trackingBranch": { "type": "string", "description": "The branch of the GitHub repository tracked for this agent." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3AgentGitIntegrationSettingsGithubSettingsResponse": { "description": "Settings of integration with GitHub.", "properties": { "accessToken": { "type": "string", "description": "The access token used to authenticate the access to the GitHub repository." }, "branches": { "type": "array", "items": { "type": "string" }, "description": "A list of branches configured to be used from Dialogflow." }, "displayName": { "type": "string", "description": "The unique repository display name for the GitHub repository." }, "repositoryUri": { "type": "string", "description": "The GitHub repository URI related to the agent." }, "trackingBranch": { "type": "string", "description": "The branch of the GitHub repository tracked for this agent." } }, "type": "object", "required": [ "accessToken", "branches", "displayName", "repositoryUri", "trackingBranch" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3AgentGitIntegrationSettingsResponse": { "description": "Settings for connecting to Git repository for an agent.", "properties": { "githubSettings": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3AgentGitIntegrationSettingsGithubSettingsResponse", "description": "GitHub settings." } }, "type": "object", "required": [ "githubSettings" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3AudioInput": { "description": "Represents the natural speech audio to be processed.", "properties": { "audio": { "type": "string", "description": "The natural language speech audio to be processed. A single request can contain up to 2 minutes of speech audio data. The transcribed text cannot contain more than 256 bytes. For non-streaming audio detect intent, both `config` and `audio` must be provided. For streaming audio detect intent, `config` must be provided in the first request and `audio` must be provided in all following requests." }, "config": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3InputAudioConfig", "description": "Instructs the speech recognizer how to process the speech audio." } }, "type": "object", "required": [ "config" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3AudioInputResponse": { "description": "Represents the natural speech audio to be processed.", "properties": { "audio": { "type": "string", "description": "The natural language speech audio to be processed. A single request can contain up to 2 minutes of speech audio data. The transcribed text cannot contain more than 256 bytes. For non-streaming audio detect intent, both `config` and `audio` must be provided. For streaming audio detect intent, `config` must be provided in the first request and `audio` must be provided in all following requests." }, "config": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3InputAudioConfigResponse", "description": "Instructs the speech recognizer how to process the speech audio." } }, "type": "object", "required": [ "audio", "config" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3BargeInConfig": { "description": "Configuration of the barge-in behavior. Barge-in instructs the API to return a detected utterance at a proper time while the client is playing back the response audio from a previous request. When the client sees the utterance, it should stop the playback and immediately get ready for receiving the responses for the current request. The barge-in handling requires the client to start streaming audio input as soon as it starts playing back the audio from the previous response. The playback is modeled into two phases: * No barge-in phase: which goes first and during which speech detection should not be carried out. * Barge-in phase: which follows the no barge-in phase and during which the API starts speech detection and may inform the client that an utterance has been detected. Note that no-speech event is not expected in this phase. The client provides this configuration in terms of the durations of those two phases. The durations are measured in terms of the audio length fromt the the start of the input audio. The flow goes like below: --> Time without speech detection | utterance only | utterance or no-speech event | | +-------------+ | +------------+ | +---------------+ ----------+ no barge-in +-|-+ barge-in +-|-+ normal period +----------- +-------------+ | +------------+ | +---------------+ No-speech event is a response with END_OF_UTTERANCE without any transcript following up.", "properties": { "noBargeInDuration": { "type": "string", "description": "Duration that is not eligible for barge-in at the beginning of the input audio." }, "totalDuration": { "type": "string", "description": "Total duration for the playback at the beginning of the input audio." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3BargeInConfigResponse": { "description": "Configuration of the barge-in behavior. Barge-in instructs the API to return a detected utterance at a proper time while the client is playing back the response audio from a previous request. When the client sees the utterance, it should stop the playback and immediately get ready for receiving the responses for the current request. The barge-in handling requires the client to start streaming audio input as soon as it starts playing back the audio from the previous response. The playback is modeled into two phases: * No barge-in phase: which goes first and during which speech detection should not be carried out. * Barge-in phase: which follows the no barge-in phase and during which the API starts speech detection and may inform the client that an utterance has been detected. Note that no-speech event is not expected in this phase. The client provides this configuration in terms of the durations of those two phases. The durations are measured in terms of the audio length fromt the the start of the input audio. The flow goes like below: --> Time without speech detection | utterance only | utterance or no-speech event | | +-------------+ | +------------+ | +---------------+ ----------+ no barge-in +-|-+ barge-in +-|-+ normal period +----------- +-------------+ | +------------+ | +---------------+ No-speech event is a response with END_OF_UTTERANCE without any transcript following up.", "properties": { "noBargeInDuration": { "type": "string", "description": "Duration that is not eligible for barge-in at the beginning of the input audio." }, "totalDuration": { "type": "string", "description": "Total duration for the playback at the beginning of the input audio." } }, "type": "object", "required": [ "noBargeInDuration", "totalDuration" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ConversationTurn": { "description": "One interaction between a human and virtual agent. The human provides some input and the virtual agent provides a response.", "properties": { "userInput": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ConversationTurnUserInput", "description": "The user input." }, "virtualAgentOutput": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ConversationTurnVirtualAgentOutput", "description": "The virtual agent output." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ConversationTurnResponse": { "description": "One interaction between a human and virtual agent. The human provides some input and the virtual agent provides a response.", "properties": { "userInput": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ConversationTurnUserInputResponse", "description": "The user input." }, "virtualAgentOutput": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ConversationTurnVirtualAgentOutputResponse", "description": "The virtual agent output." } }, "type": "object", "required": [ "userInput", "virtualAgentOutput" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ConversationTurnUserInput": { "description": "The input from the human user.", "properties": { "enableSentimentAnalysis": { "type": "boolean", "description": "Whether sentiment analysis is enabled." }, "injectedParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Parameters that need to be injected into the conversation during intent detection." }, "input": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3QueryInput", "description": "Supports text input, event input, dtmf input in the test case." }, "isWebhookEnabled": { "type": "boolean", "description": "If webhooks should be allowed to trigger in response to the user utterance. Often if parameters are injected, webhooks should not be enabled." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ConversationTurnUserInputResponse": { "description": "The input from the human user.", "properties": { "enableSentimentAnalysis": { "type": "boolean", "description": "Whether sentiment analysis is enabled." }, "injectedParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Parameters that need to be injected into the conversation during intent detection." }, "input": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3QueryInputResponse", "description": "Supports text input, event input, dtmf input in the test case." }, "isWebhookEnabled": { "type": "boolean", "description": "If webhooks should be allowed to trigger in response to the user utterance. Often if parameters are injected, webhooks should not be enabled." } }, "type": "object", "required": [ "enableSentimentAnalysis", "injectedParameters", "input", "isWebhookEnabled" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ConversationTurnVirtualAgentOutput": { "description": "The output from the virtual agent.", "properties": { "currentPage": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3Page", "description": "The Page on which the utterance was spoken. Only name and displayName will be set." }, "diagnosticInfo": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Input only. The diagnostic info output for the turn. Required to calculate the testing coverage." }, "sessionParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The session parameters available to the bot at this point." }, "status": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleRpcStatus", "description": "Response error from the agent in the test result. If set, other output is empty." }, "textResponses": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ResponseMessageText" }, "description": "The text responses from the agent for the turn." }, "triggeredIntent": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3Intent", "description": "The Intent that triggered the response. Only name and displayName will be set." } }, "type": "object", "required": [ "diagnosticInfo" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ConversationTurnVirtualAgentOutputResponse": { "description": "The output from the virtual agent.", "properties": { "currentPage": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3PageResponse", "description": "The Page on which the utterance was spoken. Only name and displayName will be set." }, "diagnosticInfo": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Input only. The diagnostic info output for the turn. Required to calculate the testing coverage." }, "differences": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3TestRunDifferenceResponse" }, "description": "If this is part of a result conversation turn, the list of differences between the original run and the replay for this output, if any." }, "sessionParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The session parameters available to the bot at this point." }, "status": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleRpcStatusResponse", "description": "Response error from the agent in the test result. If set, other output is empty." }, "textResponses": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ResponseMessageTextResponse" }, "description": "The text responses from the agent for the turn." }, "triggeredIntent": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3IntentResponse", "description": "The Intent that triggered the response. Only name and displayName will be set." } }, "type": "object", "required": [ "currentPage", "diagnosticInfo", "differences", "sessionParameters", "status", "textResponses", "triggeredIntent" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3DataStoreConnection": { "description": "A data store connection. It represents a data store in Discovery Engine and the type of the contents it contains.", "properties": { "dataStore": { "type": "string", "description": "The full name of the referenced data store. Formats: `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store}` `projects/{project}/locations/{location}/dataStores/{data_store}`" }, "dataStoreType": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3DataStoreConnectionDataStoreType", "description": "The type of the connected data store." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3DataStoreConnectionDataStoreType": { "description": "The type of the connected data store.", "type": "string", "enum": [ { "name": "DataStoreTypeUnspecified", "description": "Not specified. This value indicates that the data store type is not specified, so it will not be used during search.", "value": "DATA_STORE_TYPE_UNSPECIFIED" }, { "name": "PublicWeb", "description": "A data store that contains public web content.", "value": "PUBLIC_WEB" }, { "name": "Unstructured", "description": "A data store that contains unstructured private data.", "value": "UNSTRUCTURED" }, { "name": "Structured", "description": "A data store that contains structured data (for example FAQ).", "value": "STRUCTURED" } ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3DataStoreConnectionResponse": { "description": "A data store connection. It represents a data store in Discovery Engine and the type of the contents it contains.", "properties": { "dataStore": { "type": "string", "description": "The full name of the referenced data store. Formats: `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store}` `projects/{project}/locations/{location}/dataStores/{data_store}`" }, "dataStoreType": { "type": "string", "description": "The type of the connected data store." } }, "type": "object", "required": [ "dataStore", "dataStoreType" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3DtmfInput": { "description": "Represents the input for dtmf event.", "properties": { "digits": { "type": "string", "description": "The dtmf digits." }, "finishDigit": { "type": "string", "description": "The finish digit (if any)." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3DtmfInputResponse": { "description": "Represents the input for dtmf event.", "properties": { "digits": { "type": "string", "description": "The dtmf digits." }, "finishDigit": { "type": "string", "description": "The finish digit (if any)." } }, "type": "object", "required": [ "digits", "finishDigit" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3EntityTypeEntity": { "description": "An **entity entry** for an associated entity type.", "properties": { "synonyms": { "type": "array", "items": { "type": "string" }, "description": "A collection of value synonyms. For example, if the entity type is *vegetable*, and `value` is *scallions*, a synonym could be *green onions*. For `KIND_LIST` entity types: * This collection must contain exactly one synonym equal to `value`." }, "value": { "type": "string", "description": "The primary value associated with this entity entry. For example, if the entity type is *vegetable*, the value could be *scallions*. For `KIND_MAP` entity types: * A canonical value to be used in place of synonyms. For `KIND_LIST` entity types: * A string that can contain references to other entity types (with or without aliases)." } }, "type": "object", "required": [ "synonyms", "value" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3EntityTypeEntityResponse": { "description": "An **entity entry** for an associated entity type.", "properties": { "synonyms": { "type": "array", "items": { "type": "string" }, "description": "A collection of value synonyms. For example, if the entity type is *vegetable*, and `value` is *scallions*, a synonym could be *green onions*. For `KIND_LIST` entity types: * This collection must contain exactly one synonym equal to `value`." }, "value": { "type": "string", "description": "The primary value associated with this entity entry. For example, if the entity type is *vegetable*, the value could be *scallions*. For `KIND_MAP` entity types: * A canonical value to be used in place of synonyms. For `KIND_LIST` entity types: * A string that can contain references to other entity types (with or without aliases)." } }, "type": "object", "required": [ "synonyms", "value" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3EntityTypeExcludedPhrase": { "description": "An excluded entity phrase that should not be matched.", "properties": { "value": { "type": "string", "description": "The word or phrase to be excluded." } }, "type": "object", "required": [ "value" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3EntityTypeExcludedPhraseResponse": { "description": "An excluded entity phrase that should not be matched.", "properties": { "value": { "type": "string", "description": "The word or phrase to be excluded." } }, "type": "object", "required": [ "value" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3EnvironmentTestCasesConfig": { "description": "The configuration for continuous tests.", "properties": { "enableContinuousRun": { "type": "boolean", "description": "Whether to run test cases in TestCasesConfig.test_cases periodically. Default false. If set to true, run once a day." }, "enablePredeploymentRun": { "type": "boolean", "description": "Whether to run test cases in TestCasesConfig.test_cases before deploying a flow version to the environment. Default false." }, "testCases": { "type": "array", "items": { "type": "string" }, "description": "A list of test case names to run. They should be under the same agent. Format of each test case name: `projects//locations/ /agents//testCases/`" } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3EnvironmentTestCasesConfigResponse": { "description": "The configuration for continuous tests.", "properties": { "enableContinuousRun": { "type": "boolean", "description": "Whether to run test cases in TestCasesConfig.test_cases periodically. Default false. If set to true, run once a day." }, "enablePredeploymentRun": { "type": "boolean", "description": "Whether to run test cases in TestCasesConfig.test_cases before deploying a flow version to the environment. Default false." }, "testCases": { "type": "array", "items": { "type": "string" }, "description": "A list of test case names to run. They should be under the same agent. Format of each test case name: `projects//locations/ /agents//testCases/`" } }, "type": "object", "required": [ "enableContinuousRun", "enablePredeploymentRun", "testCases" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3EnvironmentVersionConfig": { "description": "Configuration for the version.", "properties": { "version": { "type": "string", "description": "Format: projects//locations//agents//flows//versions/." } }, "type": "object", "required": [ "version" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3EnvironmentVersionConfigResponse": { "description": "Configuration for the version.", "properties": { "version": { "type": "string", "description": "Format: projects//locations//agents//flows//versions/." } }, "type": "object", "required": [ "version" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3EnvironmentWebhookConfig": { "description": "Configuration for webhooks.", "properties": { "webhookOverrides": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3Webhook" }, "description": "The list of webhooks to override for the agent environment. The webhook must exist in the agent. You can override fields in `generic_web_service` and `service_directory`." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3EnvironmentWebhookConfigResponse": { "description": "Configuration for webhooks.", "properties": { "webhookOverrides": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3WebhookResponse" }, "description": "The list of webhooks to override for the agent environment. The webhook must exist in the agent. You can override fields in `generic_web_service` and `service_directory`." } }, "type": "object", "required": [ "webhookOverrides" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3EventHandler": { "description": "An event handler specifies an event that can be handled during a session. When the specified event happens, the following actions are taken in order: * If there is a `trigger_fulfillment` associated with the event, it will be called. * If there is a `target_page` associated with the event, the session will transition into the specified page. * If there is a `target_flow` associated with the event, the session will transition into the specified flow.", "properties": { "event": { "type": "string", "description": "The name of the event to handle." }, "targetFlow": { "type": "string", "description": "The target flow to transition to. Format: `projects//locations//agents//flows/`." }, "targetPage": { "type": "string", "description": "The target page to transition to. Format: `projects//locations//agents//flows//pages/`." }, "triggerFulfillment": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3Fulfillment", "description": "The fulfillment to call when the event occurs. Handling webhook errors with a fulfillment enabled with webhook could cause infinite loop. It is invalid to specify such fulfillment for a handler handling webhooks." } }, "type": "object", "required": [ "event" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3EventHandlerResponse": { "description": "An event handler specifies an event that can be handled during a session. When the specified event happens, the following actions are taken in order: * If there is a `trigger_fulfillment` associated with the event, it will be called. * If there is a `target_page` associated with the event, the session will transition into the specified page. * If there is a `target_flow` associated with the event, the session will transition into the specified flow.", "properties": { "event": { "type": "string", "description": "The name of the event to handle." }, "name": { "type": "string", "description": "The unique identifier of this event handler." }, "targetFlow": { "type": "string", "description": "The target flow to transition to. Format: `projects//locations//agents//flows/`." }, "targetPage": { "type": "string", "description": "The target page to transition to. Format: `projects//locations//agents//flows//pages/`." }, "triggerFulfillment": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3FulfillmentResponse", "description": "The fulfillment to call when the event occurs. Handling webhook errors with a fulfillment enabled with webhook could cause infinite loop. It is invalid to specify such fulfillment for a handler handling webhooks." } }, "type": "object", "required": [ "event", "name", "targetFlow", "targetPage", "triggerFulfillment" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3EventInput": { "description": "Represents the event to trigger.", "properties": { "event": { "type": "string", "description": "Name of the event." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3EventInputResponse": { "description": "Represents the event to trigger.", "properties": { "event": { "type": "string", "description": "Name of the event." } }, "type": "object", "required": [ "event" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ExperimentDefinition": { "description": "Definition of the experiment.", "properties": { "condition": { "type": "string", "description": "The condition defines which subset of sessions are selected for this experiment. If not specified, all sessions are eligible. E.g. \"query_input.language_code=en\" See the [conditions reference](https://cloud.google.com/dialogflow/cx/docs/reference/condition)." }, "versionVariants": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3VersionVariants", "description": "The flow versions as the variants of this experiment." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ExperimentDefinitionResponse": { "description": "Definition of the experiment.", "properties": { "condition": { "type": "string", "description": "The condition defines which subset of sessions are selected for this experiment. If not specified, all sessions are eligible. E.g. \"query_input.language_code=en\" See the [conditions reference](https://cloud.google.com/dialogflow/cx/docs/reference/condition)." }, "versionVariants": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3VersionVariantsResponse", "description": "The flow versions as the variants of this experiment." } }, "type": "object", "required": [ "condition", "versionVariants" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ExperimentResult": { "description": "The inference result which includes an objective metric to optimize and the confidence interval.", "properties": { "lastUpdateTime": { "type": "string", "description": "The last time the experiment's stats data was updated. Will have default value if stats have never been computed for this experiment." }, "versionMetrics": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ExperimentResultVersionMetrics" }, "description": "Version variants and metrics." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ExperimentResultConfidenceInterval": { "description": "A confidence interval is a range of possible values for the experiment objective you are trying to measure.", "properties": { "confidenceLevel": { "type": "number", "description": "The confidence level used to construct the interval, i.e. there is X% chance that the true value is within this interval." }, "lowerBound": { "type": "number", "description": "Lower bound of the interval." }, "ratio": { "type": "number", "description": "The percent change between an experiment metric's value and the value for its control." }, "upperBound": { "type": "number", "description": "Upper bound of the interval." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ExperimentResultConfidenceIntervalResponse": { "description": "A confidence interval is a range of possible values for the experiment objective you are trying to measure.", "properties": { "confidenceLevel": { "type": "number", "description": "The confidence level used to construct the interval, i.e. there is X% chance that the true value is within this interval." }, "lowerBound": { "type": "number", "description": "Lower bound of the interval." }, "ratio": { "type": "number", "description": "The percent change between an experiment metric's value and the value for its control." }, "upperBound": { "type": "number", "description": "Upper bound of the interval." } }, "type": "object", "required": [ "confidenceLevel", "lowerBound", "ratio", "upperBound" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ExperimentResultMetric": { "description": "Metric and corresponding confidence intervals.", "properties": { "confidenceInterval": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ExperimentResultConfidenceInterval", "description": "The probability that the treatment is better than all other treatments in the experiment" }, "count": { "type": "number", "description": "Count value of a metric." }, "countType": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ExperimentResultMetricCountType", "description": "Count-based metric type. Only one of type or count_type is specified in each Metric." }, "ratio": { "type": "number", "description": "Ratio value of a metric." }, "type": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ExperimentResultMetricType", "description": "Ratio-based metric type. Only one of type or count_type is specified in each Metric." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ExperimentResultMetricCountType": { "description": "Count-based metric type. Only one of type or count_type is specified in each Metric.", "type": "string", "enum": [ { "name": "CountTypeUnspecified", "description": "Count type unspecified.", "value": "COUNT_TYPE_UNSPECIFIED" }, { "name": "TotalNoMatchCount", "description": "Total number of occurrences of a 'NO_MATCH'.", "value": "TOTAL_NO_MATCH_COUNT" }, { "name": "TotalTurnCount", "description": "Total number of turn counts.", "value": "TOTAL_TURN_COUNT" }, { "name": "AverageTurnCount", "description": "Average turn count in a session.", "value": "AVERAGE_TURN_COUNT" } ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ExperimentResultMetricResponse": { "description": "Metric and corresponding confidence intervals.", "properties": { "confidenceInterval": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ExperimentResultConfidenceIntervalResponse", "description": "The probability that the treatment is better than all other treatments in the experiment" }, "count": { "type": "number", "description": "Count value of a metric." }, "countType": { "type": "string", "description": "Count-based metric type. Only one of type or count_type is specified in each Metric." }, "ratio": { "type": "number", "description": "Ratio value of a metric." }, "type": { "type": "string", "description": "Ratio-based metric type. Only one of type or count_type is specified in each Metric." } }, "type": "object", "required": [ "confidenceInterval", "count", "countType", "ratio", "type" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ExperimentResultMetricType": { "description": "Ratio-based metric type. Only one of type or count_type is specified in each Metric.", "type": "string", "enum": [ { "name": "MetricUnspecified", "description": "Metric unspecified.", "value": "METRIC_UNSPECIFIED" }, { "name": "ContainedSessionNoCallbackRate", "description": "Percentage of contained sessions without user calling back in 24 hours.", "value": "CONTAINED_SESSION_NO_CALLBACK_RATE" }, { "name": "LiveAgentHandoffRate", "description": "Percentage of sessions that were handed to a human agent.", "value": "LIVE_AGENT_HANDOFF_RATE" }, { "name": "CallbackSessionRate", "description": "Percentage of sessions with the same user calling back.", "value": "CALLBACK_SESSION_RATE" }, { "name": "AbandonedSessionRate", "description": "Percentage of sessions where user hung up.", "value": "ABANDONED_SESSION_RATE" }, { "name": "SessionEndRate", "description": "Percentage of sessions reached Dialogflow 'END_PAGE' or 'END_SESSION'.", "value": "SESSION_END_RATE" } ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ExperimentResultResponse": { "description": "The inference result which includes an objective metric to optimize and the confidence interval.", "properties": { "lastUpdateTime": { "type": "string", "description": "The last time the experiment's stats data was updated. Will have default value if stats have never been computed for this experiment." }, "versionMetrics": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ExperimentResultVersionMetricsResponse" }, "description": "Version variants and metrics." } }, "type": "object", "required": [ "lastUpdateTime", "versionMetrics" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ExperimentResultVersionMetrics": { "description": "Version variant and associated metrics.", "properties": { "metrics": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ExperimentResultMetric" }, "description": "The metrics and corresponding confidence intervals in the inference result." }, "sessionCount": { "type": "integer", "description": "Number of sessions that were allocated to this version." }, "version": { "type": "string", "description": "The name of the flow Version. Format: `projects//locations//agents//flows//versions/`." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ExperimentResultVersionMetricsResponse": { "description": "Version variant and associated metrics.", "properties": { "metrics": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ExperimentResultMetricResponse" }, "description": "The metrics and corresponding confidence intervals in the inference result." }, "sessionCount": { "type": "integer", "description": "Number of sessions that were allocated to this version." }, "version": { "type": "string", "description": "The name of the flow Version. Format: `projects//locations//agents//flows//versions/`." } }, "type": "object", "required": [ "metrics", "sessionCount", "version" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3Form": { "description": "A form is a data model that groups related parameters that can be collected from the user. The process in which the agent prompts the user and collects parameter values from the user is called form filling. A form can be added to a page. When form filling is done, the filled parameters will be written to the session.", "properties": { "parameters": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3FormParameter" }, "description": "Parameters to collect from the user." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3FormParameter": { "description": "Represents a form parameter.", "properties": { "advancedSettings": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3AdvancedSettings", "description": "Hierarchical advanced settings for this parameter. The settings exposed at the lower level overrides the settings exposed at the higher level." }, "defaultValue": { "$ref": "pulumi.json#/Any", "description": "The default value of an optional parameter. If the parameter is required, the default value will be ignored." }, "displayName": { "type": "string", "description": "The human-readable name of the parameter, unique within the form." }, "entityType": { "type": "string", "description": "The entity type of the parameter. Format: `projects/-/locations/-/agents/-/entityTypes/` for system entity types (for example, `projects/-/locations/-/agents/-/entityTypes/sys.date`), or `projects//locations//agents//entityTypes/` for developer entity types." }, "fillBehavior": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3FormParameterFillBehavior", "description": "Defines fill behavior for the parameter." }, "isList": { "type": "boolean", "description": "Indicates whether the parameter represents a list of values." }, "redact": { "type": "boolean", "description": "Indicates whether the parameter content should be redacted in log. If redaction is enabled, the parameter content will be replaced by parameter name during logging. Note: the parameter content is subject to redaction if either parameter level redaction or entity type level redaction is enabled." }, "required": { "type": "boolean", "description": "Indicates whether the parameter is required. Optional parameters will not trigger prompts; however, they are filled if the user specifies them. Required parameters must be filled before form filling concludes." } }, "type": "object", "required": [ "displayName", "entityType", "fillBehavior" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3FormParameterFillBehavior": { "description": "Configuration for how the filling of a parameter should be handled.", "properties": { "initialPromptFulfillment": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3Fulfillment", "description": "The fulfillment to provide the initial prompt that the agent can present to the user in order to fill the parameter." }, "repromptEventHandlers": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3EventHandler" }, "description": "The handlers for parameter-level events, used to provide reprompt for the parameter or transition to a different page/flow. The supported events are: * `sys.no-match-`, where N can be from 1 to 6 * `sys.no-match-default` * `sys.no-input-`, where N can be from 1 to 6 * `sys.no-input-default` * `sys.invalid-parameter` `initial_prompt_fulfillment` provides the first prompt for the parameter. If the user's response does not fill the parameter, a no-match/no-input event will be triggered, and the fulfillment associated with the `sys.no-match-1`/`sys.no-input-1` handler (if defined) will be called to provide a prompt. The `sys.no-match-2`/`sys.no-input-2` handler (if defined) will respond to the next no-match/no-input event, and so on. A `sys.no-match-default` or `sys.no-input-default` handler will be used to handle all following no-match/no-input events after all numbered no-match/no-input handlers for the parameter are consumed. A `sys.invalid-parameter` handler can be defined to handle the case where the parameter values have been `invalidated` by webhook. For example, if the user's response fill the parameter, however the parameter was invalidated by webhook, the fulfillment associated with the `sys.invalid-parameter` handler (if defined) will be called to provide a prompt. If the event handler for the corresponding event can't be found on the parameter, `initial_prompt_fulfillment` will be re-prompted." } }, "type": "object", "required": [ "initialPromptFulfillment" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3FormParameterFillBehaviorResponse": { "description": "Configuration for how the filling of a parameter should be handled.", "properties": { "initialPromptFulfillment": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3FulfillmentResponse", "description": "The fulfillment to provide the initial prompt that the agent can present to the user in order to fill the parameter." }, "repromptEventHandlers": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3EventHandlerResponse" }, "description": "The handlers for parameter-level events, used to provide reprompt for the parameter or transition to a different page/flow. The supported events are: * `sys.no-match-`, where N can be from 1 to 6 * `sys.no-match-default` * `sys.no-input-`, where N can be from 1 to 6 * `sys.no-input-default` * `sys.invalid-parameter` `initial_prompt_fulfillment` provides the first prompt for the parameter. If the user's response does not fill the parameter, a no-match/no-input event will be triggered, and the fulfillment associated with the `sys.no-match-1`/`sys.no-input-1` handler (if defined) will be called to provide a prompt. The `sys.no-match-2`/`sys.no-input-2` handler (if defined) will respond to the next no-match/no-input event, and so on. A `sys.no-match-default` or `sys.no-input-default` handler will be used to handle all following no-match/no-input events after all numbered no-match/no-input handlers for the parameter are consumed. A `sys.invalid-parameter` handler can be defined to handle the case where the parameter values have been `invalidated` by webhook. For example, if the user's response fill the parameter, however the parameter was invalidated by webhook, the fulfillment associated with the `sys.invalid-parameter` handler (if defined) will be called to provide a prompt. If the event handler for the corresponding event can't be found on the parameter, `initial_prompt_fulfillment` will be re-prompted." } }, "type": "object", "required": [ "initialPromptFulfillment", "repromptEventHandlers" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3FormParameterResponse": { "description": "Represents a form parameter.", "properties": { "advancedSettings": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3AdvancedSettingsResponse", "description": "Hierarchical advanced settings for this parameter. The settings exposed at the lower level overrides the settings exposed at the higher level." }, "defaultValue": { "$ref": "pulumi.json#/Any", "description": "The default value of an optional parameter. If the parameter is required, the default value will be ignored." }, "displayName": { "type": "string", "description": "The human-readable name of the parameter, unique within the form." }, "entityType": { "type": "string", "description": "The entity type of the parameter. Format: `projects/-/locations/-/agents/-/entityTypes/` for system entity types (for example, `projects/-/locations/-/agents/-/entityTypes/sys.date`), or `projects//locations//agents//entityTypes/` for developer entity types." }, "fillBehavior": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3FormParameterFillBehaviorResponse", "description": "Defines fill behavior for the parameter." }, "isList": { "type": "boolean", "description": "Indicates whether the parameter represents a list of values." }, "redact": { "type": "boolean", "description": "Indicates whether the parameter content should be redacted in log. If redaction is enabled, the parameter content will be replaced by parameter name during logging. Note: the parameter content is subject to redaction if either parameter level redaction or entity type level redaction is enabled." }, "required": { "type": "boolean", "description": "Indicates whether the parameter is required. Optional parameters will not trigger prompts; however, they are filled if the user specifies them. Required parameters must be filled before form filling concludes." } }, "type": "object", "required": [ "advancedSettings", "defaultValue", "displayName", "entityType", "fillBehavior", "isList", "redact", "required" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3FormResponse": { "description": "A form is a data model that groups related parameters that can be collected from the user. The process in which the agent prompts the user and collects parameter values from the user is called form filling. A form can be added to a page. When form filling is done, the filled parameters will be written to the session.", "properties": { "parameters": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3FormParameterResponse" }, "description": "Parameters to collect from the user." } }, "type": "object", "required": [ "parameters" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3Fulfillment": { "description": "A fulfillment can do one or more of the following actions at the same time: * Generate rich message responses. * Set parameter values. * Call the webhook. Fulfillments can be called at various stages in the Page or Form lifecycle. For example, when a DetectIntentRequest drives a session to enter a new page, the page's entry fulfillment can add a static response to the QueryResult in the returning DetectIntentResponse, call the webhook (for example, to load user data from a database), or both.", "properties": { "advancedSettings": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3AdvancedSettings", "description": "Hierarchical advanced settings for this fulfillment. The settings exposed at the lower level overrides the settings exposed at the higher level." }, "conditionalCases": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3FulfillmentConditionalCases" }, "description": "Conditional cases for this fulfillment." }, "enableGenerativeFallback": { "type": "boolean", "description": "If the flag is true, the agent will utilize LLM to generate a text response. If LLM generation fails, the defined responses in the fulfillment will be respected. This flag is only useful for fulfillments associated with no-match event handlers." }, "messages": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ResponseMessage" }, "description": "The list of rich message responses to present to the user." }, "returnPartialResponses": { "type": "boolean", "description": "Whether Dialogflow should return currently queued fulfillment response messages in streaming APIs. If a webhook is specified, it happens before Dialogflow invokes webhook. Warning: 1) This flag only affects streaming API. Responses are still queued and returned once in non-streaming API. 2) The flag can be enabled in any fulfillment but only the first 3 partial responses will be returned. You may only want to apply it to fulfillments that have slow webhooks." }, "setParameterActions": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3FulfillmentSetParameterAction" }, "description": "Set parameter values before executing the webhook." }, "tag": { "type": "string", "description": "The value of this field will be populated in the WebhookRequest `fulfillmentInfo.tag` field by Dialogflow when the associated webhook is called. The tag is typically used by the webhook service to identify which fulfillment is being called, but it could be used for other purposes. This field is required if `webhook` is specified." }, "webhook": { "type": "string", "description": "The webhook to call. Format: `projects//locations//agents//webhooks/`." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3FulfillmentConditionalCases": { "description": "A list of cascading if-else conditions. Cases are mutually exclusive. The first one with a matching condition is selected, all the rest ignored.", "properties": { "cases": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3FulfillmentConditionalCasesCase" }, "description": "A list of cascading if-else conditions." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3FulfillmentConditionalCasesCase": { "description": "Each case has a Boolean condition. When it is evaluated to be True, the corresponding messages will be selected and evaluated recursively.", "properties": { "caseContent": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3FulfillmentConditionalCasesCaseCaseContent" }, "description": "A list of case content." }, "condition": { "type": "string", "description": "The condition to activate and select this case. Empty means the condition is always true. The condition is evaluated against form parameters or session parameters. See the [conditions reference](https://cloud.google.com/dialogflow/cx/docs/reference/condition)." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3FulfillmentConditionalCasesCaseCaseContent": { "description": "The list of messages or conditional cases to activate for this case.", "properties": { "additionalCases": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3FulfillmentConditionalCases", "description": "Additional cases to be evaluated." }, "message": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ResponseMessage", "description": "Returned message." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3FulfillmentConditionalCasesCaseCaseContentResponse": { "description": "The list of messages or conditional cases to activate for this case.", "properties": { "additionalCases": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3FulfillmentConditionalCasesResponse", "description": "Additional cases to be evaluated." }, "message": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ResponseMessageResponse", "description": "Returned message." } }, "type": "object", "required": [ "additionalCases", "message" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3FulfillmentConditionalCasesCaseResponse": { "description": "Each case has a Boolean condition. When it is evaluated to be True, the corresponding messages will be selected and evaluated recursively.", "properties": { "caseContent": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3FulfillmentConditionalCasesCaseCaseContentResponse" }, "description": "A list of case content." }, "condition": { "type": "string", "description": "The condition to activate and select this case. Empty means the condition is always true. The condition is evaluated against form parameters or session parameters. See the [conditions reference](https://cloud.google.com/dialogflow/cx/docs/reference/condition)." } }, "type": "object", "required": [ "caseContent", "condition" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3FulfillmentConditionalCasesResponse": { "description": "A list of cascading if-else conditions. Cases are mutually exclusive. The first one with a matching condition is selected, all the rest ignored.", "properties": { "cases": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3FulfillmentConditionalCasesCaseResponse" }, "description": "A list of cascading if-else conditions." } }, "type": "object", "required": [ "cases" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3FulfillmentResponse": { "description": "A fulfillment can do one or more of the following actions at the same time: * Generate rich message responses. * Set parameter values. * Call the webhook. Fulfillments can be called at various stages in the Page or Form lifecycle. For example, when a DetectIntentRequest drives a session to enter a new page, the page's entry fulfillment can add a static response to the QueryResult in the returning DetectIntentResponse, call the webhook (for example, to load user data from a database), or both.", "properties": { "advancedSettings": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3AdvancedSettingsResponse", "description": "Hierarchical advanced settings for this fulfillment. The settings exposed at the lower level overrides the settings exposed at the higher level." }, "conditionalCases": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3FulfillmentConditionalCasesResponse" }, "description": "Conditional cases for this fulfillment." }, "enableGenerativeFallback": { "type": "boolean", "description": "If the flag is true, the agent will utilize LLM to generate a text response. If LLM generation fails, the defined responses in the fulfillment will be respected. This flag is only useful for fulfillments associated with no-match event handlers." }, "messages": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ResponseMessageResponse" }, "description": "The list of rich message responses to present to the user." }, "returnPartialResponses": { "type": "boolean", "description": "Whether Dialogflow should return currently queued fulfillment response messages in streaming APIs. If a webhook is specified, it happens before Dialogflow invokes webhook. Warning: 1) This flag only affects streaming API. Responses are still queued and returned once in non-streaming API. 2) The flag can be enabled in any fulfillment but only the first 3 partial responses will be returned. You may only want to apply it to fulfillments that have slow webhooks." }, "setParameterActions": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3FulfillmentSetParameterActionResponse" }, "description": "Set parameter values before executing the webhook." }, "tag": { "type": "string", "description": "The value of this field will be populated in the WebhookRequest `fulfillmentInfo.tag` field by Dialogflow when the associated webhook is called. The tag is typically used by the webhook service to identify which fulfillment is being called, but it could be used for other purposes. This field is required if `webhook` is specified." }, "webhook": { "type": "string", "description": "The webhook to call. Format: `projects//locations//agents//webhooks/`." } }, "type": "object", "required": [ "advancedSettings", "conditionalCases", "enableGenerativeFallback", "messages", "returnPartialResponses", "setParameterActions", "tag", "webhook" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3FulfillmentSetParameterAction": { "description": "Setting a parameter value.", "properties": { "parameter": { "type": "string", "description": "Display name of the parameter." }, "value": { "$ref": "pulumi.json#/Any", "description": "The new value of the parameter. A null value clears the parameter." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3FulfillmentSetParameterActionResponse": { "description": "Setting a parameter value.", "properties": { "parameter": { "type": "string", "description": "Display name of the parameter." }, "value": { "$ref": "pulumi.json#/Any", "description": "The new value of the parameter. A null value clears the parameter." } }, "type": "object", "required": [ "parameter", "value" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3GcsDestination": { "description": "Google Cloud Storage location for a Dialogflow operation that writes or exports objects (e.g. exported agent or transcripts) outside of Dialogflow.", "properties": { "uri": { "type": "string", "description": "The Google Cloud Storage URI for the exported objects. A URI is of the form: `gs://bucket/object-name-or-prefix` Whether a full object name, or just a prefix, its usage depends on the Dialogflow operation." } }, "type": "object", "required": [ "uri" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3GcsDestinationResponse": { "description": "Google Cloud Storage location for a Dialogflow operation that writes or exports objects (e.g. exported agent or transcripts) outside of Dialogflow.", "properties": { "uri": { "type": "string", "description": "The Google Cloud Storage URI for the exported objects. A URI is of the form: `gs://bucket/object-name-or-prefix` Whether a full object name, or just a prefix, its usage depends on the Dialogflow operation." } }, "type": "object", "required": [ "uri" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3InputAudioConfig": { "description": "Instructs the speech recognizer on how to process the audio content.", "properties": { "audioEncoding": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3InputAudioConfigAudioEncoding", "description": "Audio encoding of the audio content to process." }, "bargeInConfig": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3BargeInConfig", "description": "Configuration of barge-in behavior during the streaming of input audio." }, "enableWordInfo": { "type": "boolean", "description": "Optional. If `true`, Dialogflow returns SpeechWordInfo in StreamingRecognitionResult with information about the recognized speech words, e.g. start and end time offsets. If false or unspecified, Speech doesn't return any word-level information." }, "model": { "type": "string", "description": "Optional. Which Speech model to select for the given request. Select the model best suited to your domain to get best results. If a model is not explicitly specified, then we auto-select a model based on the parameters in the InputAudioConfig. If enhanced speech model is enabled for the agent and an enhanced version of the specified model for the language does not exist, then the speech is recognized using the standard version of the specified model. Refer to [Cloud Speech API documentation](https://cloud.google.com/speech-to-text/docs/basics#select-model) for more details. If you specify a model, the following models typically have the best performance: - phone_call (best for Agent Assist and telephony) - latest_short (best for Dialogflow non-telephony) - command_and_search (best for very short utterances and commands)" }, "modelVariant": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3InputAudioConfigModelVariant", "description": "Optional. Which variant of the Speech model to use." }, "phraseHints": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of strings containing words and phrases that the speech recognizer should recognize with higher likelihood. See [the Cloud Speech documentation](https://cloud.google.com/speech-to-text/docs/basics#phrase-hints) for more details." }, "sampleRateHertz": { "type": "integer", "description": "Sample rate (in Hertz) of the audio content sent in the query. Refer to [Cloud Speech API documentation](https://cloud.google.com/speech-to-text/docs/basics) for more details." }, "singleUtterance": { "type": "boolean", "description": "Optional. If `false` (default), recognition does not cease until the client closes the stream. If `true`, the recognizer will detect a single spoken utterance in input audio. Recognition ceases when it detects the audio's voice has stopped or paused. In this case, once a detected intent is received, the client should close the stream and start a new request with a new stream as needed. Note: This setting is relevant only for streaming methods." } }, "type": "object", "required": [ "audioEncoding" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3InputAudioConfigAudioEncoding": { "description": "Required. Audio encoding of the audio content to process.", "type": "string", "enum": [ { "name": "AudioEncodingUnspecified", "description": "Not specified.", "value": "AUDIO_ENCODING_UNSPECIFIED" }, { "name": "AudioEncodingLinear16", "description": "Uncompressed 16-bit signed little-endian samples (Linear PCM).", "value": "AUDIO_ENCODING_LINEAR_16" }, { "name": "AudioEncodingFlac", "description": "[`FLAC`](https://xiph.org/flac/documentation.html) (Free Lossless Audio Codec) is the recommended encoding because it is lossless (therefore recognition is not compromised) and requires only about half the bandwidth of `LINEAR16`. `FLAC` stream encoding supports 16-bit and 24-bit samples, however, not all fields in `STREAMINFO` are supported.", "value": "AUDIO_ENCODING_FLAC" }, { "name": "AudioEncodingMulaw", "description": "8-bit samples that compand 14-bit audio samples using G.711 PCMU/mu-law.", "value": "AUDIO_ENCODING_MULAW" }, { "name": "AudioEncodingAmr", "description": "Adaptive Multi-Rate Narrowband codec. `sample_rate_hertz` must be 8000.", "value": "AUDIO_ENCODING_AMR" }, { "name": "AudioEncodingAmrWb", "description": "Adaptive Multi-Rate Wideband codec. `sample_rate_hertz` must be 16000.", "value": "AUDIO_ENCODING_AMR_WB" }, { "name": "AudioEncodingOggOpus", "description": "Opus encoded audio frames in Ogg container ([OggOpus](https://wiki.xiph.org/OggOpus)). `sample_rate_hertz` must be 16000.", "value": "AUDIO_ENCODING_OGG_OPUS" }, { "name": "AudioEncodingSpeexWithHeaderByte", "description": "Although the use of lossy encodings is not recommended, if a very low bitrate encoding is required, `OGG_OPUS` is highly preferred over Speex encoding. The [Speex](https://speex.org/) encoding supported by Dialogflow API has a header byte in each block, as in MIME type `audio/x-speex-with-header-byte`. It is a variant of the RTP Speex encoding defined in [RFC 5574](https://tools.ietf.org/html/rfc5574). The stream is a sequence of blocks, one block per RTP packet. Each block starts with a byte containing the length of the block, in bytes, followed by one or more frames of Speex data, padded to an integral number of bytes (octets) as specified in RFC 5574. In other words, each RTP header is replaced with a single byte containing the block length. Only Speex wideband is supported. `sample_rate_hertz` must be 16000.", "value": "AUDIO_ENCODING_SPEEX_WITH_HEADER_BYTE" } ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3InputAudioConfigModelVariant": { "description": "Optional. Which variant of the Speech model to use.", "type": "string", "enum": [ { "name": "SpeechModelVariantUnspecified", "description": "No model variant specified. In this case Dialogflow defaults to USE_BEST_AVAILABLE.", "value": "SPEECH_MODEL_VARIANT_UNSPECIFIED" }, { "name": "UseBestAvailable", "description": "Use the best available variant of the Speech model that the caller is eligible for. Please see the [Dialogflow docs](https://cloud.google.com/dialogflow/docs/data-logging) for how to make your project eligible for enhanced models.", "value": "USE_BEST_AVAILABLE" }, { "name": "UseStandard", "description": "Use standard model variant even if an enhanced model is available. See the [Cloud Speech documentation](https://cloud.google.com/speech-to-text/docs/enhanced-models) for details about enhanced models.", "value": "USE_STANDARD" }, { "name": "UseEnhanced", "description": "Use an enhanced model variant: * If an enhanced variant does not exist for the given model and request language, Dialogflow falls back to the standard variant. The [Cloud Speech documentation](https://cloud.google.com/speech-to-text/docs/enhanced-models) describes which models have enhanced variants. * If the API caller isn't eligible for enhanced models, Dialogflow returns an error. Please see the [Dialogflow docs](https://cloud.google.com/dialogflow/docs/data-logging) for how to make your project eligible.", "value": "USE_ENHANCED" } ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3InputAudioConfigResponse": { "description": "Instructs the speech recognizer on how to process the audio content.", "properties": { "audioEncoding": { "type": "string", "description": "Audio encoding of the audio content to process." }, "bargeInConfig": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3BargeInConfigResponse", "description": "Configuration of barge-in behavior during the streaming of input audio." }, "enableWordInfo": { "type": "boolean", "description": "Optional. If `true`, Dialogflow returns SpeechWordInfo in StreamingRecognitionResult with information about the recognized speech words, e.g. start and end time offsets. If false or unspecified, Speech doesn't return any word-level information." }, "model": { "type": "string", "description": "Optional. Which Speech model to select for the given request. Select the model best suited to your domain to get best results. If a model is not explicitly specified, then we auto-select a model based on the parameters in the InputAudioConfig. If enhanced speech model is enabled for the agent and an enhanced version of the specified model for the language does not exist, then the speech is recognized using the standard version of the specified model. Refer to [Cloud Speech API documentation](https://cloud.google.com/speech-to-text/docs/basics#select-model) for more details. If you specify a model, the following models typically have the best performance: - phone_call (best for Agent Assist and telephony) - latest_short (best for Dialogflow non-telephony) - command_and_search (best for very short utterances and commands)" }, "modelVariant": { "type": "string", "description": "Optional. Which variant of the Speech model to use." }, "phraseHints": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of strings containing words and phrases that the speech recognizer should recognize with higher likelihood. See [the Cloud Speech documentation](https://cloud.google.com/speech-to-text/docs/basics#phrase-hints) for more details." }, "sampleRateHertz": { "type": "integer", "description": "Sample rate (in Hertz) of the audio content sent in the query. Refer to [Cloud Speech API documentation](https://cloud.google.com/speech-to-text/docs/basics) for more details." }, "singleUtterance": { "type": "boolean", "description": "Optional. If `false` (default), recognition does not cease until the client closes the stream. If `true`, the recognizer will detect a single spoken utterance in input audio. Recognition ceases when it detects the audio's voice has stopped or paused. In this case, once a detected intent is received, the client should close the stream and start a new request with a new stream as needed. Note: This setting is relevant only for streaming methods." } }, "type": "object", "required": [ "audioEncoding", "bargeInConfig", "enableWordInfo", "model", "modelVariant", "phraseHints", "sampleRateHertz", "singleUtterance" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3Intent": { "description": "An intent represents a user's intent to interact with a conversational agent. You can provide information for the Dialogflow API to use to match user input to an intent by adding training phrases (i.e., examples of user input) to your intent.", "properties": { "description": { "type": "string", "description": "Human readable description for better understanding an intent like its scope, content, result etc. Maximum character limit: 140 characters." }, "displayName": { "type": "string", "description": "The human-readable name of the intent, unique within the agent." }, "isFallback": { "type": "boolean", "description": "Indicates whether this is a fallback intent. Currently only default fallback intent is allowed in the agent, which is added upon agent creation. Adding training phrases to fallback intent is useful in the case of requests that are mistakenly matched, since training phrases assigned to fallback intents act as negative examples that triggers no-match event." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The key/value metadata to label an intent. Labels can contain lowercase letters, digits and the symbols '-' and '_'. International characters are allowed, including letters from unicase alphabets. Keys must start with a letter. Keys and values can be no longer than 63 characters and no more than 128 bytes. Prefix \"sys-\" is reserved for Dialogflow defined labels. Currently allowed Dialogflow defined labels include: * sys-head * sys-contextual The above labels do not require value. \"sys-head\" means the intent is a head intent. \"sys.contextual\" means the intent is a contextual intent." }, "name": { "type": "string", "description": "The unique identifier of the intent. Required for the Intents.UpdateIntent method. Intents.CreateIntent populates the name automatically. Format: `projects//locations//agents//intents/`." }, "parameters": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3IntentParameter" }, "description": "The collection of parameters associated with the intent." }, "priority": { "type": "integer", "description": "The priority of this intent. Higher numbers represent higher priorities. - If the supplied value is unspecified or 0, the service translates the value to 500,000, which corresponds to the `Normal` priority in the console. - If the supplied value is negative, the intent is ignored in runtime detect intent requests." }, "trainingPhrases": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3IntentTrainingPhrase" }, "description": "The collection of training phrases the agent is trained on to identify the intent." } }, "type": "object", "required": [ "displayName" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3IntentInput": { "description": "Represents the intent to trigger programmatically rather than as a result of natural language processing.", "properties": { "intent": { "type": "string", "description": "The unique identifier of the intent. Format: `projects//locations//agents//intents/`." } }, "type": "object", "required": [ "intent" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3IntentInputResponse": { "description": "Represents the intent to trigger programmatically rather than as a result of natural language processing.", "properties": { "intent": { "type": "string", "description": "The unique identifier of the intent. Format: `projects//locations//agents//intents/`." } }, "type": "object", "required": [ "intent" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3IntentParameter": { "description": "Represents an intent parameter.", "properties": { "entityType": { "type": "string", "description": "The entity type of the parameter. Format: `projects/-/locations/-/agents/-/entityTypes/` for system entity types (for example, `projects/-/locations/-/agents/-/entityTypes/sys.date`), or `projects//locations//agents//entityTypes/` for developer entity types." }, "id": { "type": "string", "description": "The unique identifier of the parameter. This field is used by training phrases to annotate their parts." }, "isList": { "type": "boolean", "description": "Indicates whether the parameter represents a list of values." }, "redact": { "type": "boolean", "description": "Indicates whether the parameter content should be redacted in log. If redaction is enabled, the parameter content will be replaced by parameter name during logging. Note: the parameter content is subject to redaction if either parameter level redaction or entity type level redaction is enabled." } }, "type": "object", "required": [ "entityType", "id" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3IntentParameterResponse": { "description": "Represents an intent parameter.", "properties": { "entityType": { "type": "string", "description": "The entity type of the parameter. Format: `projects/-/locations/-/agents/-/entityTypes/` for system entity types (for example, `projects/-/locations/-/agents/-/entityTypes/sys.date`), or `projects//locations//agents//entityTypes/` for developer entity types." }, "isList": { "type": "boolean", "description": "Indicates whether the parameter represents a list of values." }, "redact": { "type": "boolean", "description": "Indicates whether the parameter content should be redacted in log. If redaction is enabled, the parameter content will be replaced by parameter name during logging. Note: the parameter content is subject to redaction if either parameter level redaction or entity type level redaction is enabled." } }, "type": "object", "required": [ "entityType", "isList", "redact" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3IntentResponse": { "description": "An intent represents a user's intent to interact with a conversational agent. You can provide information for the Dialogflow API to use to match user input to an intent by adding training phrases (i.e., examples of user input) to your intent.", "properties": { "description": { "type": "string", "description": "Human readable description for better understanding an intent like its scope, content, result etc. Maximum character limit: 140 characters." }, "displayName": { "type": "string", "description": "The human-readable name of the intent, unique within the agent." }, "isFallback": { "type": "boolean", "description": "Indicates whether this is a fallback intent. Currently only default fallback intent is allowed in the agent, which is added upon agent creation. Adding training phrases to fallback intent is useful in the case of requests that are mistakenly matched, since training phrases assigned to fallback intents act as negative examples that triggers no-match event." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The key/value metadata to label an intent. Labels can contain lowercase letters, digits and the symbols '-' and '_'. International characters are allowed, including letters from unicase alphabets. Keys must start with a letter. Keys and values can be no longer than 63 characters and no more than 128 bytes. Prefix \"sys-\" is reserved for Dialogflow defined labels. Currently allowed Dialogflow defined labels include: * sys-head * sys-contextual The above labels do not require value. \"sys-head\" means the intent is a head intent. \"sys.contextual\" means the intent is a contextual intent." }, "name": { "type": "string", "description": "The unique identifier of the intent. Required for the Intents.UpdateIntent method. Intents.CreateIntent populates the name automatically. Format: `projects//locations//agents//intents/`." }, "parameters": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3IntentParameterResponse" }, "description": "The collection of parameters associated with the intent." }, "priority": { "type": "integer", "description": "The priority of this intent. Higher numbers represent higher priorities. - If the supplied value is unspecified or 0, the service translates the value to 500,000, which corresponds to the `Normal` priority in the console. - If the supplied value is negative, the intent is ignored in runtime detect intent requests." }, "trainingPhrases": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3IntentTrainingPhraseResponse" }, "description": "The collection of training phrases the agent is trained on to identify the intent." } }, "type": "object", "required": [ "description", "displayName", "isFallback", "labels", "name", "parameters", "priority", "trainingPhrases" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3IntentTrainingPhrase": { "description": "Represents an example that the agent is trained on to identify the intent.", "properties": { "parts": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3IntentTrainingPhrasePart" }, "description": "The ordered list of training phrase parts. The parts are concatenated in order to form the training phrase. Note: The API does not automatically annotate training phrases like the Dialogflow Console does. Note: Do not forget to include whitespace at part boundaries, so the training phrase is well formatted when the parts are concatenated. If the training phrase does not need to be annotated with parameters, you just need a single part with only the Part.text field set. If you want to annotate the training phrase, you must create multiple parts, where the fields of each part are populated in one of two ways: - `Part.text` is set to a part of the phrase that has no parameters. - `Part.text` is set to a part of the phrase that you want to annotate, and the `parameter_id` field is set." }, "repeatCount": { "type": "integer", "description": "Indicates how many times this example was added to the intent." } }, "type": "object", "required": [ "parts" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3IntentTrainingPhrasePart": { "description": "Represents a part of a training phrase.", "properties": { "parameterId": { "type": "string", "description": "The parameter used to annotate this part of the training phrase. This field is required for annotated parts of the training phrase." }, "text": { "type": "string", "description": "The text for this part." } }, "type": "object", "required": [ "text" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3IntentTrainingPhrasePartResponse": { "description": "Represents a part of a training phrase.", "properties": { "parameterId": { "type": "string", "description": "The parameter used to annotate this part of the training phrase. This field is required for annotated parts of the training phrase." }, "text": { "type": "string", "description": "The text for this part." } }, "type": "object", "required": [ "parameterId", "text" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3IntentTrainingPhraseResponse": { "description": "Represents an example that the agent is trained on to identify the intent.", "properties": { "parts": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3IntentTrainingPhrasePartResponse" }, "description": "The ordered list of training phrase parts. The parts are concatenated in order to form the training phrase. Note: The API does not automatically annotate training phrases like the Dialogflow Console does. Note: Do not forget to include whitespace at part boundaries, so the training phrase is well formatted when the parts are concatenated. If the training phrase does not need to be annotated with parameters, you just need a single part with only the Part.text field set. If you want to annotate the training phrase, you must create multiple parts, where the fields of each part are populated in one of two ways: - `Part.text` is set to a part of the phrase that has no parameters. - `Part.text` is set to a part of the phrase that you want to annotate, and the `parameter_id` field is set." }, "repeatCount": { "type": "integer", "description": "Indicates how many times this example was added to the intent." } }, "type": "object", "required": [ "parts", "repeatCount" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3KnowledgeConnectorSettings": { "description": "The Knowledge Connector settings for this page or flow. This includes information such as the attached Knowledge Bases, and the way to execute fulfillment.", "properties": { "dataStoreConnections": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3DataStoreConnection" }, "description": "Optional. List of related data store connections." }, "enabled": { "type": "boolean", "description": "Whether Knowledge Connector is enabled or not." }, "targetFlow": { "type": "string", "description": "The target flow to transition to. Format: `projects//locations//agents//flows/`." }, "targetPage": { "type": "string", "description": "The target page to transition to. Format: `projects//locations//agents//flows//pages/`." }, "triggerFulfillment": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3Fulfillment", "description": "The fulfillment to be triggered. When the answers from the Knowledge Connector are selected by Dialogflow, you can utitlize the request scoped parameter `$request.knowledge.answers` (contains up to the 5 highest confidence answers) and `$request.knowledge.questions` (contains the corresponding questions) to construct the fulfillment." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3KnowledgeConnectorSettingsResponse": { "description": "The Knowledge Connector settings for this page or flow. This includes information such as the attached Knowledge Bases, and the way to execute fulfillment.", "properties": { "dataStoreConnections": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3DataStoreConnectionResponse" }, "description": "Optional. List of related data store connections." }, "enabled": { "type": "boolean", "description": "Whether Knowledge Connector is enabled or not." }, "targetFlow": { "type": "string", "description": "The target flow to transition to. Format: `projects//locations//agents//flows/`." }, "targetPage": { "type": "string", "description": "The target page to transition to. Format: `projects//locations//agents//flows//pages/`." }, "triggerFulfillment": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3FulfillmentResponse", "description": "The fulfillment to be triggered. When the answers from the Knowledge Connector are selected by Dialogflow, you can utitlize the request scoped parameter `$request.knowledge.answers` (contains up to the 5 highest confidence answers) and `$request.knowledge.questions` (contains the corresponding questions) to construct the fulfillment." } }, "type": "object", "required": [ "dataStoreConnections", "enabled", "targetFlow", "targetPage", "triggerFulfillment" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3NluSettings": { "description": "Settings related to NLU.", "properties": { "classificationThreshold": { "type": "number", "description": "To filter out false positive results and still get variety in matched natural language inputs for your agent, you can tune the machine learning classification threshold. If the returned score value is less than the threshold value, then a no-match event will be triggered. The score values range from 0.0 (completely uncertain) to 1.0 (completely certain). If set to 0.0, the default of 0.3 is used." }, "modelTrainingMode": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3NluSettingsModelTrainingMode", "description": "Indicates NLU model training mode." }, "modelType": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3NluSettingsModelType", "description": "Indicates the type of NLU model." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3NluSettingsModelTrainingMode": { "description": "Indicates NLU model training mode.", "type": "string", "enum": [ { "name": "ModelTrainingModeUnspecified", "description": "Not specified. `MODEL_TRAINING_MODE_AUTOMATIC` will be used.", "value": "MODEL_TRAINING_MODE_UNSPECIFIED" }, { "name": "ModelTrainingModeAutomatic", "description": "NLU model training is automatically triggered when a flow gets modified. User can also manually trigger model training in this mode.", "value": "MODEL_TRAINING_MODE_AUTOMATIC" }, { "name": "ModelTrainingModeManual", "description": "User needs to manually trigger NLU model training. Best for large flows whose models take long time to train.", "value": "MODEL_TRAINING_MODE_MANUAL" } ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3NluSettingsModelType": { "description": "Indicates the type of NLU model.", "type": "string", "enum": [ { "name": "ModelTypeUnspecified", "description": "Not specified. `MODEL_TYPE_STANDARD` will be used.", "value": "MODEL_TYPE_UNSPECIFIED" }, { "name": "ModelTypeStandard", "description": "Use standard NLU model.", "value": "MODEL_TYPE_STANDARD" }, { "name": "ModelTypeAdvanced", "description": "Use advanced NLU model.", "value": "MODEL_TYPE_ADVANCED" } ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3NluSettingsResponse": { "description": "Settings related to NLU.", "properties": { "classificationThreshold": { "type": "number", "description": "To filter out false positive results and still get variety in matched natural language inputs for your agent, you can tune the machine learning classification threshold. If the returned score value is less than the threshold value, then a no-match event will be triggered. The score values range from 0.0 (completely uncertain) to 1.0 (completely certain). If set to 0.0, the default of 0.3 is used." }, "modelTrainingMode": { "type": "string", "description": "Indicates NLU model training mode." }, "modelType": { "type": "string", "description": "Indicates the type of NLU model." } }, "type": "object", "required": [ "classificationThreshold", "modelTrainingMode", "modelType" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3Page": { "description": "A Dialogflow CX conversation (session) can be described and visualized as a state machine. The states of a CX session are represented by pages. For each flow, you define many pages, where your combined pages can handle a complete conversation on the topics the flow is designed for. At any given moment, exactly one page is the current page, the current page is considered active, and the flow associated with that page is considered active. Every flow has a special start page. When a flow initially becomes active, the start page page becomes the current page. For each conversational turn, the current page will either stay the same or transition to another page. You configure each page to collect information from the end-user that is relevant for the conversational state represented by the page. For more information, see the [Page guide](https://cloud.google.com/dialogflow/cx/docs/concept/page).", "properties": { "advancedSettings": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3AdvancedSettings", "description": "Hierarchical advanced settings for this page. The settings exposed at the lower level overrides the settings exposed at the higher level." }, "displayName": { "type": "string", "description": "The human-readable name of the page, unique within the flow." }, "entryFulfillment": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3Fulfillment", "description": "The fulfillment to call when the session is entering the page." }, "eventHandlers": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3EventHandler" }, "description": "Handlers associated with the page to handle events such as webhook errors, no match or no input." }, "form": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3Form", "description": "The form associated with the page, used for collecting parameters relevant to the page." }, "knowledgeConnectorSettings": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3KnowledgeConnectorSettings", "description": "Optional. Knowledge connector configuration." }, "name": { "type": "string", "description": "The unique identifier of the page. Required for the Pages.UpdatePage method. Pages.CreatePage populates the name automatically. Format: `projects//locations//agents//flows//pages/`." }, "transitionRouteGroups": { "type": "array", "items": { "type": "string" }, "description": "Ordered list of `TransitionRouteGroups` added to the page. Transition route groups must be unique within a page. If the page links both flow-level transition route groups and agent-level transition route groups, the flow-level ones will have higher priority and will be put before the agent-level ones. * If multiple transition routes within a page scope refer to the same intent, then the precedence order is: page's transition route -> page's transition route group -> flow's transition routes. * If multiple transition route groups within a page contain the same intent, then the first group in the ordered list takes precedence. Format:`projects//locations//agents//flows//transitionRouteGroups/` or `projects//locations//agents//transitionRouteGroups/` for agent-level groups." }, "transitionRoutes": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3TransitionRoute" }, "description": "A list of transitions for the transition rules of this page. They route the conversation to another page in the same flow, or another flow. When we are in a certain page, the TransitionRoutes are evalauted in the following order: * TransitionRoutes defined in the page with intent specified. * TransitionRoutes defined in the transition route groups with intent specified. * TransitionRoutes defined in flow with intent specified. * TransitionRoutes defined in the transition route groups with intent specified. * TransitionRoutes defined in the page with only condition specified. * TransitionRoutes defined in the transition route groups with only condition specified." } }, "type": "object", "required": [ "displayName" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3PageResponse": { "description": "A Dialogflow CX conversation (session) can be described and visualized as a state machine. The states of a CX session are represented by pages. For each flow, you define many pages, where your combined pages can handle a complete conversation on the topics the flow is designed for. At any given moment, exactly one page is the current page, the current page is considered active, and the flow associated with that page is considered active. Every flow has a special start page. When a flow initially becomes active, the start page page becomes the current page. For each conversational turn, the current page will either stay the same or transition to another page. You configure each page to collect information from the end-user that is relevant for the conversational state represented by the page. For more information, see the [Page guide](https://cloud.google.com/dialogflow/cx/docs/concept/page).", "properties": { "advancedSettings": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3AdvancedSettingsResponse", "description": "Hierarchical advanced settings for this page. The settings exposed at the lower level overrides the settings exposed at the higher level." }, "displayName": { "type": "string", "description": "The human-readable name of the page, unique within the flow." }, "entryFulfillment": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3FulfillmentResponse", "description": "The fulfillment to call when the session is entering the page." }, "eventHandlers": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3EventHandlerResponse" }, "description": "Handlers associated with the page to handle events such as webhook errors, no match or no input." }, "form": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3FormResponse", "description": "The form associated with the page, used for collecting parameters relevant to the page." }, "knowledgeConnectorSettings": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3KnowledgeConnectorSettingsResponse", "description": "Optional. Knowledge connector configuration." }, "name": { "type": "string", "description": "The unique identifier of the page. Required for the Pages.UpdatePage method. Pages.CreatePage populates the name automatically. Format: `projects//locations//agents//flows//pages/`." }, "transitionRouteGroups": { "type": "array", "items": { "type": "string" }, "description": "Ordered list of `TransitionRouteGroups` added to the page. Transition route groups must be unique within a page. If the page links both flow-level transition route groups and agent-level transition route groups, the flow-level ones will have higher priority and will be put before the agent-level ones. * If multiple transition routes within a page scope refer to the same intent, then the precedence order is: page's transition route -> page's transition route group -> flow's transition routes. * If multiple transition route groups within a page contain the same intent, then the first group in the ordered list takes precedence. Format:`projects//locations//agents//flows//transitionRouteGroups/` or `projects//locations//agents//transitionRouteGroups/` for agent-level groups." }, "transitionRoutes": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3TransitionRouteResponse" }, "description": "A list of transitions for the transition rules of this page. They route the conversation to another page in the same flow, or another flow. When we are in a certain page, the TransitionRoutes are evalauted in the following order: * TransitionRoutes defined in the page with intent specified. * TransitionRoutes defined in the transition route groups with intent specified. * TransitionRoutes defined in flow with intent specified. * TransitionRoutes defined in the transition route groups with intent specified. * TransitionRoutes defined in the page with only condition specified. * TransitionRoutes defined in the transition route groups with only condition specified." } }, "type": "object", "required": [ "advancedSettings", "displayName", "entryFulfillment", "eventHandlers", "form", "knowledgeConnectorSettings", "name", "transitionRouteGroups", "transitionRoutes" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3QueryInput": { "description": "Represents the query input. It can contain one of: 1. A conversational query in the form of text. 2. An intent query that specifies which intent to trigger. 3. Natural language speech audio to be processed. 4. An event to be triggered. 5. DTMF digits to invoke an intent and fill in parameter value.", "properties": { "audio": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3AudioInput", "description": "The natural language speech audio to be processed." }, "dtmf": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3DtmfInput", "description": "The DTMF event to be handled." }, "event": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3EventInput", "description": "The event to be triggered." }, "intent": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3IntentInput", "description": "The intent to be triggered." }, "languageCode": { "type": "string", "description": "The language of the input. See [Language Support](https://cloud.google.com/dialogflow/cx/docs/reference/language) for a list of the currently supported language codes. Note that queries in the same session do not necessarily need to specify the same language." }, "text": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3TextInput", "description": "The natural language text to be processed." } }, "type": "object", "required": [ "languageCode" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3QueryInputResponse": { "description": "Represents the query input. It can contain one of: 1. A conversational query in the form of text. 2. An intent query that specifies which intent to trigger. 3. Natural language speech audio to be processed. 4. An event to be triggered. 5. DTMF digits to invoke an intent and fill in parameter value.", "properties": { "audio": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3AudioInputResponse", "description": "The natural language speech audio to be processed." }, "dtmf": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3DtmfInputResponse", "description": "The DTMF event to be handled." }, "event": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3EventInputResponse", "description": "The event to be triggered." }, "intent": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3IntentInputResponse", "description": "The intent to be triggered." }, "languageCode": { "type": "string", "description": "The language of the input. See [Language Support](https://cloud.google.com/dialogflow/cx/docs/reference/language) for a list of the currently supported language codes. Note that queries in the same session do not necessarily need to specify the same language." }, "text": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3TextInputResponse", "description": "The natural language text to be processed." } }, "type": "object", "required": [ "audio", "dtmf", "event", "intent", "languageCode", "text" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ResponseMessage": { "description": "Represents a response message that can be returned by a conversational agent. Response messages are also used for output audio synthesis. The approach is as follows: * If at least one OutputAudioText response is present, then all OutputAudioText responses are linearly concatenated, and the result is used for output audio synthesis. * If the OutputAudioText responses are a mixture of text and SSML, then the concatenated result is treated as SSML; otherwise, the result is treated as either text or SSML as appropriate. The agent designer should ideally use either text or SSML consistently throughout the bot design. * Otherwise, all Text responses are linearly concatenated, and the result is used for output audio synthesis. This approach allows for more sophisticated user experience scenarios, where the text displayed to the user may differ from what is heard.", "properties": { "channel": { "type": "string", "description": "The channel which the response is associated with. Clients can specify the channel via QueryParameters.channel, and only associated channel response will be returned." }, "conversationSuccess": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ResponseMessageConversationSuccess", "description": "Indicates that the conversation succeeded." }, "knowledgeInfoCard": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ResponseMessageKnowledgeInfoCard", "description": "Represents info card for knowledge answers, to be better rendered in Dialogflow Messenger." }, "liveAgentHandoff": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ResponseMessageLiveAgentHandoff", "description": "Hands off conversation to a human agent." }, "outputAudioText": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ResponseMessageOutputAudioText", "description": "A text or ssml response that is preferentially used for TTS output audio synthesis, as described in the comment on the ResponseMessage message." }, "payload": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Returns a response containing a custom, platform-specific payload." }, "playAudio": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ResponseMessagePlayAudio", "description": "Signal that the client should play an audio clip hosted at a client-specific URI. Dialogflow uses this to construct mixed_audio. However, Dialogflow itself does not try to read or process the URI in any way." }, "responseType": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ResponseMessageResponseType", "description": "Response type." }, "telephonyTransferCall": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ResponseMessageTelephonyTransferCall", "description": "A signal that the client should transfer the phone call connected to this agent to a third-party endpoint." }, "text": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ResponseMessageText", "description": "Returns a text response." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ResponseMessageConversationSuccess": { "description": "Indicates that the conversation succeeded, i.e., the bot handled the issue that the customer talked to it about. Dialogflow only uses this to determine which conversations should be counted as successful and doesn't process the metadata in this message in any way. Note that Dialogflow also considers conversations that get to the conversation end page as successful even if they don't return ConversationSuccess. You may set this, for example: * In the entry_fulfillment of a Page if entering the page indicates that the conversation succeeded. * In a webhook response when you determine that you handled the customer issue.", "properties": { "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Custom metadata. Dialogflow doesn't impose any structure on this." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ResponseMessageConversationSuccessResponse": { "description": "Indicates that the conversation succeeded, i.e., the bot handled the issue that the customer talked to it about. Dialogflow only uses this to determine which conversations should be counted as successful and doesn't process the metadata in this message in any way. Note that Dialogflow also considers conversations that get to the conversation end page as successful even if they don't return ConversationSuccess. You may set this, for example: * In the entry_fulfillment of a Page if entering the page indicates that the conversation succeeded. * In a webhook response when you determine that you handled the customer issue.", "properties": { "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Custom metadata. Dialogflow doesn't impose any structure on this." } }, "type": "object", "required": [ "metadata" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ResponseMessageEndInteractionResponse": { "description": "Indicates that interaction with the Dialogflow agent has ended. This message is generated by Dialogflow only and not supposed to be defined by the user.", "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ResponseMessageKnowledgeInfoCard": { "description": "Represents info card response. If the response contains generative knowledge prediction, Dialogflow will return a payload with Infobot Messenger compatible info card. Otherwise, the info card response is skipped.", "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ResponseMessageKnowledgeInfoCardResponse": { "description": "Represents info card response. If the response contains generative knowledge prediction, Dialogflow will return a payload with Infobot Messenger compatible info card. Otherwise, the info card response is skipped.", "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ResponseMessageLiveAgentHandoff": { "description": "Indicates that the conversation should be handed off to a live agent. Dialogflow only uses this to determine which conversations were handed off to a human agent for measurement purposes. What else to do with this signal is up to you and your handoff procedures. You may set this, for example: * In the entry_fulfillment of a Page if entering the page indicates something went extremely wrong in the conversation. * In a webhook response when you determine that the customer issue can only be handled by a human.", "properties": { "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Custom metadata for your handoff procedure. Dialogflow doesn't impose any structure on this." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ResponseMessageLiveAgentHandoffResponse": { "description": "Indicates that the conversation should be handed off to a live agent. Dialogflow only uses this to determine which conversations were handed off to a human agent for measurement purposes. What else to do with this signal is up to you and your handoff procedures. You may set this, for example: * In the entry_fulfillment of a Page if entering the page indicates something went extremely wrong in the conversation. * In a webhook response when you determine that the customer issue can only be handled by a human.", "properties": { "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Custom metadata for your handoff procedure. Dialogflow doesn't impose any structure on this." } }, "type": "object", "required": [ "metadata" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ResponseMessageMixedAudioResponse": { "description": "Represents an audio message that is composed of both segments synthesized from the Dialogflow agent prompts and ones hosted externally at the specified URIs. The external URIs are specified via play_audio. This message is generated by Dialogflow only and not supposed to be defined by the user.", "properties": { "segments": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ResponseMessageMixedAudioSegmentResponse" }, "description": "Segments this audio response is composed of." } }, "type": "object", "required": [ "segments" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ResponseMessageMixedAudioSegmentResponse": { "description": "Represents one segment of audio.", "properties": { "allowPlaybackInterruption": { "type": "boolean", "description": "Whether the playback of this segment can be interrupted by the end user's speech and the client should then start the next Dialogflow request." }, "audio": { "type": "string", "description": "Raw audio synthesized from the Dialogflow agent's response using the output config specified in the request." }, "uri": { "type": "string", "description": "Client-specific URI that points to an audio clip accessible to the client. Dialogflow does not impose any validation on it." } }, "type": "object", "required": [ "allowPlaybackInterruption", "audio", "uri" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ResponseMessageOutputAudioText": { "description": "A text or ssml response that is preferentially used for TTS output audio synthesis, as described in the comment on the ResponseMessage message.", "properties": { "ssml": { "type": "string", "description": "The SSML text to be synthesized. For more information, see [SSML](/speech/text-to-speech/docs/ssml)." }, "text": { "type": "string", "description": "The raw text to be synthesized." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ResponseMessageOutputAudioTextResponse": { "description": "A text or ssml response that is preferentially used for TTS output audio synthesis, as described in the comment on the ResponseMessage message.", "properties": { "allowPlaybackInterruption": { "type": "boolean", "description": "Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request." }, "ssml": { "type": "string", "description": "The SSML text to be synthesized. For more information, see [SSML](/speech/text-to-speech/docs/ssml)." }, "text": { "type": "string", "description": "The raw text to be synthesized." } }, "type": "object", "required": [ "allowPlaybackInterruption", "ssml", "text" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ResponseMessagePlayAudio": { "description": "Specifies an audio clip to be played by the client as part of the response.", "properties": { "audioUri": { "type": "string", "description": "URI of the audio clip. Dialogflow does not impose any validation on this value. It is specific to the client that reads it." } }, "type": "object", "required": [ "audioUri" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ResponseMessagePlayAudioResponse": { "description": "Specifies an audio clip to be played by the client as part of the response.", "properties": { "allowPlaybackInterruption": { "type": "boolean", "description": "Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request." }, "audioUri": { "type": "string", "description": "URI of the audio clip. Dialogflow does not impose any validation on this value. It is specific to the client that reads it." } }, "type": "object", "required": [ "allowPlaybackInterruption", "audioUri" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ResponseMessageResponse": { "description": "Represents a response message that can be returned by a conversational agent. Response messages are also used for output audio synthesis. The approach is as follows: * If at least one OutputAudioText response is present, then all OutputAudioText responses are linearly concatenated, and the result is used for output audio synthesis. * If the OutputAudioText responses are a mixture of text and SSML, then the concatenated result is treated as SSML; otherwise, the result is treated as either text or SSML as appropriate. The agent designer should ideally use either text or SSML consistently throughout the bot design. * Otherwise, all Text responses are linearly concatenated, and the result is used for output audio synthesis. This approach allows for more sophisticated user experience scenarios, where the text displayed to the user may differ from what is heard.", "properties": { "channel": { "type": "string", "description": "The channel which the response is associated with. Clients can specify the channel via QueryParameters.channel, and only associated channel response will be returned." }, "conversationSuccess": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ResponseMessageConversationSuccessResponse", "description": "Indicates that the conversation succeeded." }, "endInteraction": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ResponseMessageEndInteractionResponse", "description": "A signal that indicates the interaction with the Dialogflow agent has ended. This message is generated by Dialogflow only when the conversation reaches `END_SESSION` page. It is not supposed to be defined by the user. It's guaranteed that there is at most one such message in each response." }, "knowledgeInfoCard": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ResponseMessageKnowledgeInfoCardResponse", "description": "Represents info card for knowledge answers, to be better rendered in Dialogflow Messenger." }, "liveAgentHandoff": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ResponseMessageLiveAgentHandoffResponse", "description": "Hands off conversation to a human agent." }, "mixedAudio": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ResponseMessageMixedAudioResponse", "description": "An audio response message composed of both the synthesized Dialogflow agent responses and responses defined via play_audio. This message is generated by Dialogflow only and not supposed to be defined by the user." }, "outputAudioText": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ResponseMessageOutputAudioTextResponse", "description": "A text or ssml response that is preferentially used for TTS output audio synthesis, as described in the comment on the ResponseMessage message." }, "payload": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Returns a response containing a custom, platform-specific payload." }, "playAudio": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ResponseMessagePlayAudioResponse", "description": "Signal that the client should play an audio clip hosted at a client-specific URI. Dialogflow uses this to construct mixed_audio. However, Dialogflow itself does not try to read or process the URI in any way." }, "responseType": { "type": "string", "description": "Response type." }, "telephonyTransferCall": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ResponseMessageTelephonyTransferCallResponse", "description": "A signal that the client should transfer the phone call connected to this agent to a third-party endpoint." }, "text": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ResponseMessageTextResponse", "description": "Returns a text response." } }, "type": "object", "required": [ "channel", "conversationSuccess", "endInteraction", "knowledgeInfoCard", "liveAgentHandoff", "mixedAudio", "outputAudioText", "payload", "playAudio", "responseType", "telephonyTransferCall", "text" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ResponseMessageResponseType": { "description": "Response type.", "type": "string", "enum": [ { "name": "ResponseTypeUnspecified", "description": "Not specified.", "value": "RESPONSE_TYPE_UNSPECIFIED" }, { "name": "EntryPrompt", "description": "The response is from an entry prompt in the page.", "value": "ENTRY_PROMPT" }, { "name": "ParameterPrompt", "description": "The response is from form-filling prompt in the page.", "value": "PARAMETER_PROMPT" }, { "name": "HandlerPrompt", "description": "The response is from a transition route or an event handler in the page or flow or transition route group.", "value": "HANDLER_PROMPT" } ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ResponseMessageTelephonyTransferCall": { "description": "Represents the signal that telles the client to transfer the phone call connected to the agent to a third-party endpoint.", "properties": { "phoneNumber": { "type": "string", "description": "Transfer the call to a phone number in [E.164 format](https://en.wikipedia.org/wiki/E.164)." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ResponseMessageTelephonyTransferCallResponse": { "description": "Represents the signal that telles the client to transfer the phone call connected to the agent to a third-party endpoint.", "properties": { "phoneNumber": { "type": "string", "description": "Transfer the call to a phone number in [E.164 format](https://en.wikipedia.org/wiki/E.164)." } }, "type": "object", "required": [ "phoneNumber" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ResponseMessageText": { "description": "The text response message.", "properties": { "text": { "type": "array", "items": { "type": "string" }, "description": "A collection of text responses." } }, "type": "object", "required": [ "text" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3ResponseMessageTextResponse": { "description": "The text response message.", "properties": { "allowPlaybackInterruption": { "type": "boolean", "description": "Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request." }, "text": { "type": "array", "items": { "type": "string" }, "description": "A collection of text responses." } }, "type": "object", "required": [ "allowPlaybackInterruption", "text" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3RolloutConfig": { "description": "The configuration for auto rollout.", "properties": { "failureCondition": { "type": "string", "description": "The conditions that are used to evaluate the failure of a rollout step. If not specified, no rollout steps will fail. E.g. \"containment_rate < 10% OR average_turn_count < 3\". See the [conditions reference](https://cloud.google.com/dialogflow/cx/docs/reference/condition)." }, "rolloutCondition": { "type": "string", "description": "The conditions that are used to evaluate the success of a rollout step. If not specified, all rollout steps will proceed to the next one unless failure conditions are met. E.g. \"containment_rate > 60% AND callback_rate < 20%\". See the [conditions reference](https://cloud.google.com/dialogflow/cx/docs/reference/condition)." }, "rolloutSteps": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3RolloutConfigRolloutStep" }, "description": "Steps to roll out a flow version. Steps should be sorted by percentage in ascending order." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3RolloutConfigResponse": { "description": "The configuration for auto rollout.", "properties": { "failureCondition": { "type": "string", "description": "The conditions that are used to evaluate the failure of a rollout step. If not specified, no rollout steps will fail. E.g. \"containment_rate < 10% OR average_turn_count < 3\". See the [conditions reference](https://cloud.google.com/dialogflow/cx/docs/reference/condition)." }, "rolloutCondition": { "type": "string", "description": "The conditions that are used to evaluate the success of a rollout step. If not specified, all rollout steps will proceed to the next one unless failure conditions are met. E.g. \"containment_rate > 60% AND callback_rate < 20%\". See the [conditions reference](https://cloud.google.com/dialogflow/cx/docs/reference/condition)." }, "rolloutSteps": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3RolloutConfigRolloutStepResponse" }, "description": "Steps to roll out a flow version. Steps should be sorted by percentage in ascending order." } }, "type": "object", "required": [ "failureCondition", "rolloutCondition", "rolloutSteps" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3RolloutConfigRolloutStep": { "description": "A single rollout step with specified traffic allocation.", "properties": { "displayName": { "type": "string", "description": "The name of the rollout step;" }, "minDuration": { "type": "string", "description": "The minimum time that this step should last. Should be longer than 1 hour. If not set, the default minimum duration for each step will be 1 hour." }, "trafficPercent": { "type": "integer", "description": "The percentage of traffic allocated to the flow version of this rollout step. (0%, 100%]." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3RolloutConfigRolloutStepResponse": { "description": "A single rollout step with specified traffic allocation.", "properties": { "displayName": { "type": "string", "description": "The name of the rollout step;" }, "minDuration": { "type": "string", "description": "The minimum time that this step should last. Should be longer than 1 hour. If not set, the default minimum duration for each step will be 1 hour." }, "trafficPercent": { "type": "integer", "description": "The percentage of traffic allocated to the flow version of this rollout step. (0%, 100%]." } }, "type": "object", "required": [ "displayName", "minDuration", "trafficPercent" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3RolloutState": { "description": "State of the auto-rollout process.", "properties": { "startTime": { "type": "string", "description": "Start time of the current step." }, "step": { "type": "string", "description": "Display name of the current auto rollout step." }, "stepIndex": { "type": "integer", "description": "Index of the current step in the auto rollout steps list." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3RolloutStateResponse": { "description": "State of the auto-rollout process.", "properties": { "startTime": { "type": "string", "description": "Start time of the current step." }, "step": { "type": "string", "description": "Display name of the current auto rollout step." }, "stepIndex": { "type": "integer", "description": "Index of the current step in the auto rollout steps list." } }, "type": "object", "required": [ "startTime", "step", "stepIndex" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3SecuritySettingsAudioExportSettings": { "description": "Settings for exporting audio.", "properties": { "audioExportPattern": { "type": "string", "description": "Filename pattern for exported audio." }, "audioFormat": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3SecuritySettingsAudioExportSettingsAudioFormat", "description": "File format for exported audio file. Currently only in telephony recordings." }, "enableAudioRedaction": { "type": "boolean", "description": "Enable audio redaction if it is true." }, "gcsBucket": { "type": "string", "description": "Cloud Storage bucket to export audio record to. Setting this field would grant the Storage Object Creator role to the Dialogflow Service Agent. API caller that tries to modify this field should have the permission of storage.buckets.setIamPolicy." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3SecuritySettingsAudioExportSettingsAudioFormat": { "description": "File format for exported audio file. Currently only in telephony recordings.", "type": "string", "enum": [ { "name": "AudioFormatUnspecified", "description": "Unspecified. Do not use.", "value": "AUDIO_FORMAT_UNSPECIFIED" }, { "name": "Mulaw", "description": "G.711 mu-law PCM with 8kHz sample rate.", "value": "MULAW" }, { "name": "Mp3", "description": "MP3 file format.", "value": "MP3" }, { "name": "Ogg", "description": "OGG Vorbis.", "value": "OGG" } ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3SecuritySettingsAudioExportSettingsResponse": { "description": "Settings for exporting audio.", "properties": { "audioExportPattern": { "type": "string", "description": "Filename pattern for exported audio." }, "audioFormat": { "type": "string", "description": "File format for exported audio file. Currently only in telephony recordings." }, "enableAudioRedaction": { "type": "boolean", "description": "Enable audio redaction if it is true." }, "gcsBucket": { "type": "string", "description": "Cloud Storage bucket to export audio record to. Setting this field would grant the Storage Object Creator role to the Dialogflow Service Agent. API caller that tries to modify this field should have the permission of storage.buckets.setIamPolicy." } }, "type": "object", "required": [ "audioExportPattern", "audioFormat", "enableAudioRedaction", "gcsBucket" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3SecuritySettingsInsightsExportSettings": { "description": "Settings for exporting conversations to [Insights](https://cloud.google.com/contact-center/insights/docs).", "properties": { "enableInsightsExport": { "type": "boolean", "description": "If enabled, we will automatically exports conversations to Insights and Insights runs its analyzers." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3SecuritySettingsInsightsExportSettingsResponse": { "description": "Settings for exporting conversations to [Insights](https://cloud.google.com/contact-center/insights/docs).", "properties": { "enableInsightsExport": { "type": "boolean", "description": "If enabled, we will automatically exports conversations to Insights and Insights runs its analyzers." } }, "type": "object", "required": [ "enableInsightsExport" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3SpeechToTextSettings": { "description": "Settings related to speech recognition.", "properties": { "enableSpeechAdaptation": { "type": "boolean", "description": "Whether to use speech adaptation for speech recognition." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3SpeechToTextSettingsResponse": { "description": "Settings related to speech recognition.", "properties": { "enableSpeechAdaptation": { "type": "boolean", "description": "Whether to use speech adaptation for speech recognition." } }, "type": "object", "required": [ "enableSpeechAdaptation" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3TestCaseResult": { "description": "Represents a result from running a test case in an agent environment.", "properties": { "conversationTurns": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ConversationTurn" }, "description": "The conversation turns uttered during the test case replay in chronological order." }, "environment": { "type": "string", "description": "Environment where the test was run. If not set, it indicates the draft environment." }, "name": { "type": "string", "description": "The resource name for the test case result. Format: `projects//locations//agents//testCases/ /results/`." }, "testResult": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3TestCaseResultTestResult", "description": "Whether the test case passed in the agent environment." }, "testTime": { "type": "string", "description": "The time that the test was run." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3TestCaseResultResponse": { "description": "Represents a result from running a test case in an agent environment.", "properties": { "conversationTurns": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3ConversationTurnResponse" }, "description": "The conversation turns uttered during the test case replay in chronological order." }, "environment": { "type": "string", "description": "Environment where the test was run. If not set, it indicates the draft environment." }, "name": { "type": "string", "description": "The resource name for the test case result. Format: `projects//locations//agents//testCases/ /results/`." }, "testResult": { "type": "string", "description": "Whether the test case passed in the agent environment." }, "testTime": { "type": "string", "description": "The time that the test was run." } }, "type": "object", "required": [ "conversationTurns", "environment", "name", "testResult", "testTime" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3TestCaseResultTestResult": { "description": "Whether the test case passed in the agent environment.", "type": "string", "enum": [ { "name": "TestResultUnspecified", "description": "Not specified. Should never be used.", "value": "TEST_RESULT_UNSPECIFIED" }, { "name": "Passed", "description": "The test passed.", "value": "PASSED" }, { "name": "Failed", "description": "The test did not pass.", "value": "FAILED" } ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3TestConfig": { "description": "Represents configurations for a test case.", "properties": { "flow": { "type": "string", "description": "Flow name to start the test case with. Format: `projects//locations//agents//flows/`. Only one of `flow` and `page` should be set to indicate the starting point of the test case. If both are set, `page` takes precedence over `flow`. If neither is set, the test case will start with start page on the default start flow." }, "page": { "type": "string", "description": "The page to start the test case with. Format: `projects//locations//agents//flows//pages/`. Only one of `flow` and `page` should be set to indicate the starting point of the test case. If both are set, `page` takes precedence over `flow`. If neither is set, the test case will start with start page on the default start flow." }, "trackingParameters": { "type": "array", "items": { "type": "string" }, "description": "Session parameters to be compared when calculating differences." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3TestConfigResponse": { "description": "Represents configurations for a test case.", "properties": { "flow": { "type": "string", "description": "Flow name to start the test case with. Format: `projects//locations//agents//flows/`. Only one of `flow` and `page` should be set to indicate the starting point of the test case. If both are set, `page` takes precedence over `flow`. If neither is set, the test case will start with start page on the default start flow." }, "page": { "type": "string", "description": "The page to start the test case with. Format: `projects//locations//agents//flows//pages/`. Only one of `flow` and `page` should be set to indicate the starting point of the test case. If both are set, `page` takes precedence over `flow`. If neither is set, the test case will start with start page on the default start flow." }, "trackingParameters": { "type": "array", "items": { "type": "string" }, "description": "Session parameters to be compared when calculating differences." } }, "type": "object", "required": [ "flow", "page", "trackingParameters" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3TestRunDifferenceResponse": { "description": "The description of differences between original and replayed agent output.", "properties": { "description": { "type": "string", "description": "A human readable description of the diff, showing the actual output vs expected output." }, "type": { "type": "string", "description": "The type of diff." } }, "type": "object", "required": [ "description", "type" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3TextInput": { "description": "Represents the natural language text to be processed.", "properties": { "text": { "type": "string", "description": "The UTF-8 encoded natural language text to be processed. Text length must not exceed 256 characters." } }, "type": "object", "required": [ "text" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3TextInputResponse": { "description": "Represents the natural language text to be processed.", "properties": { "text": { "type": "string", "description": "The UTF-8 encoded natural language text to be processed. Text length must not exceed 256 characters." } }, "type": "object", "required": [ "text" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3TextToSpeechSettings": { "description": "Settings related to speech synthesizing.", "properties": { "synthesizeSpeechConfigs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Configuration of how speech should be synthesized, mapping from language (https://cloud.google.com/dialogflow/cx/docs/reference/language) to SynthesizeSpeechConfig. These settings affect: - The [phone gateway](https://cloud.google.com/dialogflow/cx/docs/concept/integration/phone-gateway) synthesize configuration set via Agent.text_to_speech_settings. - How speech is synthesized when invoking session APIs. Agent.text_to_speech_settings only applies if OutputAudioConfig.synthesize_speech_config is not specified." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3TextToSpeechSettingsResponse": { "description": "Settings related to speech synthesizing.", "properties": { "synthesizeSpeechConfigs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Configuration of how speech should be synthesized, mapping from language (https://cloud.google.com/dialogflow/cx/docs/reference/language) to SynthesizeSpeechConfig. These settings affect: - The [phone gateway](https://cloud.google.com/dialogflow/cx/docs/concept/integration/phone-gateway) synthesize configuration set via Agent.text_to_speech_settings. - How speech is synthesized when invoking session APIs. Agent.text_to_speech_settings only applies if OutputAudioConfig.synthesize_speech_config is not specified." } }, "type": "object", "required": [ "synthesizeSpeechConfigs" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3TransitionRoute": { "description": "A transition route specifies a intent that can be matched and/or a data condition that can be evaluated during a session. When a specified transition is matched, the following actions are taken in order: * If there is a `trigger_fulfillment` associated with the transition, it will be called. * If there is a `target_page` associated with the transition, the session will transition into the specified page. * If there is a `target_flow` associated with the transition, the session will transition into the specified flow.", "properties": { "condition": { "type": "string", "description": "The condition to evaluate against form parameters or session parameters. See the [conditions reference](https://cloud.google.com/dialogflow/cx/docs/reference/condition). At least one of `intent` or `condition` must be specified. When both `intent` and `condition` are specified, the transition can only happen when both are fulfilled." }, "description": { "type": "string", "description": "Optional. The description of the transition route. The maximum length is 500 characters." }, "intent": { "type": "string", "description": "The unique identifier of an Intent. Format: `projects//locations//agents//intents/`. Indicates that the transition can only happen when the given intent is matched. At least one of `intent` or `condition` must be specified. When both `intent` and `condition` are specified, the transition can only happen when both are fulfilled." }, "targetFlow": { "type": "string", "description": "The target flow to transition to. Format: `projects//locations//agents//flows/`." }, "targetPage": { "type": "string", "description": "The target page to transition to. Format: `projects//locations//agents//flows//pages/`." }, "triggerFulfillment": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3Fulfillment", "description": "The fulfillment to call when the condition is satisfied. At least one of `trigger_fulfillment` and `target` must be specified. When both are defined, `trigger_fulfillment` is executed first." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3TransitionRouteResponse": { "description": "A transition route specifies a intent that can be matched and/or a data condition that can be evaluated during a session. When a specified transition is matched, the following actions are taken in order: * If there is a `trigger_fulfillment` associated with the transition, it will be called. * If there is a `target_page` associated with the transition, the session will transition into the specified page. * If there is a `target_flow` associated with the transition, the session will transition into the specified flow.", "properties": { "condition": { "type": "string", "description": "The condition to evaluate against form parameters or session parameters. See the [conditions reference](https://cloud.google.com/dialogflow/cx/docs/reference/condition). At least one of `intent` or `condition` must be specified. When both `intent` and `condition` are specified, the transition can only happen when both are fulfilled." }, "description": { "type": "string", "description": "Optional. The description of the transition route. The maximum length is 500 characters." }, "intent": { "type": "string", "description": "The unique identifier of an Intent. Format: `projects//locations//agents//intents/`. Indicates that the transition can only happen when the given intent is matched. At least one of `intent` or `condition` must be specified. When both `intent` and `condition` are specified, the transition can only happen when both are fulfilled." }, "name": { "type": "string", "description": "The unique identifier of this transition route." }, "targetFlow": { "type": "string", "description": "The target flow to transition to. Format: `projects//locations//agents//flows/`." }, "targetPage": { "type": "string", "description": "The target page to transition to. Format: `projects//locations//agents//flows//pages/`." }, "triggerFulfillment": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3FulfillmentResponse", "description": "The fulfillment to call when the condition is satisfied. At least one of `trigger_fulfillment` and `target` must be specified. When both are defined, `trigger_fulfillment` is executed first." } }, "type": "object", "required": [ "condition", "description", "intent", "name", "targetFlow", "targetPage", "triggerFulfillment" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3VariantsHistory": { "description": "The history of variants update.", "properties": { "updateTime": { "type": "string", "description": "Update time of the variants." }, "versionVariants": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3VersionVariants", "description": "The flow versions as the variants." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3VariantsHistoryResponse": { "description": "The history of variants update.", "properties": { "updateTime": { "type": "string", "description": "Update time of the variants." }, "versionVariants": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3VersionVariantsResponse", "description": "The flow versions as the variants." } }, "type": "object", "required": [ "updateTime", "versionVariants" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3VersionVariants": { "description": "A list of flow version variants.", "properties": { "variants": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3VersionVariantsVariant" }, "description": "A list of flow version variants." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3VersionVariantsResponse": { "description": "A list of flow version variants.", "properties": { "variants": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3VersionVariantsVariantResponse" }, "description": "A list of flow version variants." } }, "type": "object", "required": [ "variants" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3VersionVariantsVariant": { "description": "A single flow version with specified traffic allocation.", "properties": { "isControlGroup": { "type": "boolean", "description": "Whether the variant is for the control group." }, "trafficAllocation": { "type": "number", "description": "Percentage of the traffic which should be routed to this version of flow. Traffic allocation for a single flow must sum up to 1.0." }, "version": { "type": "string", "description": "The name of the flow version. Format: `projects//locations//agents//flows//versions/`." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3VersionVariantsVariantResponse": { "description": "A single flow version with specified traffic allocation.", "properties": { "isControlGroup": { "type": "boolean", "description": "Whether the variant is for the control group." }, "trafficAllocation": { "type": "number", "description": "Percentage of the traffic which should be routed to this version of flow. Traffic allocation for a single flow must sum up to 1.0." }, "version": { "type": "string", "description": "The name of the flow version. Format: `projects//locations//agents//flows//versions/`." } }, "type": "object", "required": [ "isControlGroup", "trafficAllocation", "version" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3Webhook": { "description": "Webhooks host the developer's business logic. During a session, webhooks allow the developer to use the data extracted by Dialogflow's natural language processing to generate dynamic responses, validate collected data, or trigger actions on the backend.", "properties": { "disabled": { "type": "boolean", "description": "Indicates whether the webhook is disabled." }, "displayName": { "type": "string", "description": "The human-readable name of the webhook, unique within the agent." }, "genericWebService": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3WebhookGenericWebService", "description": "Configuration for a generic web service." }, "name": { "type": "string", "description": "The unique identifier of the webhook. Required for the Webhooks.UpdateWebhook method. Webhooks.CreateWebhook populates the name automatically. Format: `projects//locations//agents//webhooks/`." }, "serviceDirectory": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3WebhookServiceDirectoryConfig", "description": "Configuration for a [Service Directory](https://cloud.google.com/service-directory) service." }, "timeout": { "type": "string", "description": "Webhook execution timeout. Execution is considered failed if Dialogflow doesn't receive a response from webhook at the end of the timeout period. Defaults to 5 seconds, maximum allowed timeout is 30 seconds." } }, "type": "object", "required": [ "displayName" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3WebhookGenericWebService": { "description": "Represents configuration for a generic web service.", "properties": { "allowedCaCerts": { "type": "array", "items": { "type": "string" }, "description": "Optional. Specifies a list of allowed custom CA certificates (in DER format) for HTTPS verification. This overrides the default SSL trust store. If this is empty or unspecified, Dialogflow will use Google's default trust store to verify certificates. N.B. Make sure the HTTPS server certificates are signed with \"subject alt name\". For instance a certificate can be self-signed using the following command, ``` openssl x509 -req -days 200 -in example.com.csr \\ -signkey example.com.key \\ -out example.com.crt \\ -extfile <(printf \"\\nsubjectAltName='DNS:www.example.com'\") ```" }, "httpMethod": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3WebhookGenericWebServiceHttpMethod", "description": "Optional. HTTP method for the flexible webhook calls. Standard webhook always uses POST." }, "parameterMapping": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Maps the values extracted from specific fields of the flexible webhook response into session parameters. - Key: session parameter name - Value: field path in the webhook response" }, "password": { "type": "string", "description": "The password for HTTP Basic authentication." }, "requestBody": { "type": "string", "description": "Optional. Defines a custom JSON object as request body to send to flexible webhook." }, "requestHeaders": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The HTTP request headers to send together with webhook requests." }, "uri": { "type": "string", "description": "The webhook URI for receiving POST requests. It must use https protocol." }, "username": { "type": "string", "description": "The user name for HTTP Basic authentication." }, "webhookType": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3WebhookGenericWebServiceWebhookType", "description": "Optional. Type of the webhook." } }, "type": "object", "required": [ "uri" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3WebhookGenericWebServiceHttpMethod": { "description": "Optional. HTTP method for the flexible webhook calls. Standard webhook always uses POST.", "type": "string", "enum": [ { "name": "HttpMethodUnspecified", "description": "HTTP method not specified.", "value": "HTTP_METHOD_UNSPECIFIED" }, { "name": "Post", "description": "HTTP POST Method.", "value": "POST" }, { "name": "Get", "description": "HTTP GET Method.", "value": "GET" }, { "name": "Head", "description": "HTTP HEAD Method.", "value": "HEAD" }, { "name": "Put", "description": "HTTP PUT Method.", "value": "PUT" }, { "name": "Delete", "description": "HTTP DELETE Method.", "value": "DELETE" }, { "name": "Patch", "description": "HTTP PATCH Method.", "value": "PATCH" }, { "name": "Options", "description": "HTTP OPTIONS Method.", "value": "OPTIONS" } ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3WebhookGenericWebServiceResponse": { "description": "Represents configuration for a generic web service.", "properties": { "allowedCaCerts": { "type": "array", "items": { "type": "string" }, "description": "Optional. Specifies a list of allowed custom CA certificates (in DER format) for HTTPS verification. This overrides the default SSL trust store. If this is empty or unspecified, Dialogflow will use Google's default trust store to verify certificates. N.B. Make sure the HTTPS server certificates are signed with \"subject alt name\". For instance a certificate can be self-signed using the following command, ``` openssl x509 -req -days 200 -in example.com.csr \\ -signkey example.com.key \\ -out example.com.crt \\ -extfile <(printf \"\\nsubjectAltName='DNS:www.example.com'\") ```" }, "httpMethod": { "type": "string", "description": "Optional. HTTP method for the flexible webhook calls. Standard webhook always uses POST." }, "parameterMapping": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Maps the values extracted from specific fields of the flexible webhook response into session parameters. - Key: session parameter name - Value: field path in the webhook response" }, "password": { "type": "string", "description": "The password for HTTP Basic authentication." }, "requestBody": { "type": "string", "description": "Optional. Defines a custom JSON object as request body to send to flexible webhook." }, "requestHeaders": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The HTTP request headers to send together with webhook requests." }, "uri": { "type": "string", "description": "The webhook URI for receiving POST requests. It must use https protocol." }, "username": { "type": "string", "description": "The user name for HTTP Basic authentication." }, "webhookType": { "type": "string", "description": "Optional. Type of the webhook." } }, "type": "object", "required": [ "allowedCaCerts", "httpMethod", "parameterMapping", "password", "requestBody", "requestHeaders", "uri", "username", "webhookType" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3WebhookGenericWebServiceWebhookType": { "description": "Optional. Type of the webhook.", "type": "string", "enum": [ { "name": "WebhookTypeUnspecified", "description": "Default value. This value is unused.", "value": "WEBHOOK_TYPE_UNSPECIFIED" }, { "name": "Standard", "description": "Represents a standard webhook.", "value": "STANDARD" }, { "name": "Flexible", "description": "Represents a flexible webhook.", "value": "FLEXIBLE" } ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3WebhookResponse": { "description": "Webhooks host the developer's business logic. During a session, webhooks allow the developer to use the data extracted by Dialogflow's natural language processing to generate dynamic responses, validate collected data, or trigger actions on the backend.", "properties": { "disabled": { "type": "boolean", "description": "Indicates whether the webhook is disabled." }, "displayName": { "type": "string", "description": "The human-readable name of the webhook, unique within the agent." }, "genericWebService": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3WebhookGenericWebServiceResponse", "description": "Configuration for a generic web service." }, "name": { "type": "string", "description": "The unique identifier of the webhook. Required for the Webhooks.UpdateWebhook method. Webhooks.CreateWebhook populates the name automatically. Format: `projects//locations//agents//webhooks/`." }, "serviceDirectory": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3WebhookServiceDirectoryConfigResponse", "description": "Configuration for a [Service Directory](https://cloud.google.com/service-directory) service." }, "timeout": { "type": "string", "description": "Webhook execution timeout. Execution is considered failed if Dialogflow doesn't receive a response from webhook at the end of the timeout period. Defaults to 5 seconds, maximum allowed timeout is 30 seconds." } }, "type": "object", "required": [ "disabled", "displayName", "genericWebService", "name", "serviceDirectory", "timeout" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3WebhookServiceDirectoryConfig": { "description": "Represents configuration for a [Service Directory](https://cloud.google.com/service-directory) service.", "properties": { "genericWebService": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3WebhookGenericWebService", "description": "Generic Service configuration of this webhook." }, "service": { "type": "string", "description": "The name of [Service Directory](https://cloud.google.com/service-directory) service. Format: `projects//locations//namespaces//services/`. `Location ID` of the service directory must be the same as the location of the agent." } }, "type": "object", "required": [ "service" ] }, "google-native:dialogflow/v3:GoogleCloudDialogflowCxV3WebhookServiceDirectoryConfigResponse": { "description": "Represents configuration for a [Service Directory](https://cloud.google.com/service-directory) service.", "properties": { "genericWebService": { "$ref": "#/types/google-native:dialogflow%2Fv3:GoogleCloudDialogflowCxV3WebhookGenericWebServiceResponse", "description": "Generic Service configuration of this webhook." }, "service": { "type": "string", "description": "The name of [Service Directory](https://cloud.google.com/service-directory) service. Format: `projects//locations//namespaces//services/`. `Location ID` of the service directory must be the same as the location of the agent." } }, "type": "object", "required": [ "genericWebService", "service" ] }, "google-native:dialogflow/v3:GoogleRpcStatus": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object" }, "google-native:dialogflow/v3:GoogleRpcStatusResponse": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object", "required": [ "code", "details", "message" ] }, "google-native:dialogflow/v3:SecuritySettingPurgeDataTypesItem": { "type": "string", "enum": [ { "name": "PurgeDataTypeUnspecified", "description": "Unspecified. Do not use.", "value": "PURGE_DATA_TYPE_UNSPECIFIED" }, { "name": "DialogflowHistory", "description": "Dialogflow history. This does not include Cloud logging, which is owned by the user - not Dialogflow.", "value": "DIALOGFLOW_HISTORY" } ] }, "google-native:dialogflow/v3:SecuritySettingRedactionScope": { "description": "Defines the data for which Dialogflow applies redaction. Dialogflow does not redact data that it does not have access to – for example, Cloud logging.", "type": "string", "enum": [ { "name": "RedactionScopeUnspecified", "description": "Don't redact any kind of data.", "value": "REDACTION_SCOPE_UNSPECIFIED" }, { "name": "RedactDiskStorage", "description": "On data to be written to disk or similar devices that are capable of holding data even if power is disconnected. This includes data that are temporarily saved on disk.", "value": "REDACT_DISK_STORAGE" } ] }, "google-native:dialogflow/v3:SecuritySettingRedactionStrategy": { "description": "Strategy that defines how we do redaction.", "type": "string", "enum": [ { "name": "RedactionStrategyUnspecified", "description": "Do not redact.", "value": "REDACTION_STRATEGY_UNSPECIFIED" }, { "name": "RedactWithService", "description": "Call redaction service to clean up the data to be persisted.", "value": "REDACT_WITH_SERVICE" } ] }, "google-native:dialogflow/v3:SecuritySettingRetentionStrategy": { "description": "Specifies the retention behavior defined by SecuritySettings.RetentionStrategy.", "type": "string", "enum": [ { "name": "RetentionStrategyUnspecified", "description": "Retains the persisted data with Dialogflow's internal default 365d TTLs.", "value": "RETENTION_STRATEGY_UNSPECIFIED" }, { "name": "RemoveAfterConversation", "description": "Removes data when the conversation ends. If there is no Conversation explicitly established, a default conversation ends when the corresponding Dialogflow session ends.", "value": "REMOVE_AFTER_CONVERSATION" } ] }, "google-native:dialogflow/v3:SessionEntityTypeEntityOverrideMode": { "description": "Required. Indicates whether the additional data should override or supplement the custom entity type definition.", "type": "string", "enum": [ { "name": "EntityOverrideModeUnspecified", "description": "Not specified. This value should be never used.", "value": "ENTITY_OVERRIDE_MODE_UNSPECIFIED" }, { "name": "EntityOverrideModeOverride", "description": "The collection of session entities overrides the collection of entities in the corresponding custom entity type.", "value": "ENTITY_OVERRIDE_MODE_OVERRIDE" }, { "name": "EntityOverrideModeSupplement", "description": "The collection of session entities extends the collection of entities in the corresponding custom entity type. Note: Even in this override mode calls to `ListSessionEntityTypes`, `GetSessionEntityType`, `CreateSessionEntityType` and `UpdateSessionEntityType` only return the additional entities added in this session entity type. If you want to get the supplemented list, please call EntityTypes.GetEntityType on the custom entity type and merge.", "value": "ENTITY_OVERRIDE_MODE_SUPPLEMENT" } ] }, "google-native:dialogflow/v3beta1:EntityTypeAutoExpansionMode": { "description": "Indicates whether the entity type can be automatically expanded.", "type": "string", "enum": [ { "name": "AutoExpansionModeUnspecified", "description": "Auto expansion disabled for the entity.", "value": "AUTO_EXPANSION_MODE_UNSPECIFIED" }, { "name": "AutoExpansionModeDefault", "description": "Allows an agent to recognize values that have not been explicitly listed in the entity.", "value": "AUTO_EXPANSION_MODE_DEFAULT" } ] }, "google-native:dialogflow/v3beta1:EntityTypeKind": { "description": "Required. Indicates the kind of entity type.", "type": "string", "enum": [ { "name": "KindUnspecified", "description": "Not specified. This value should be never used.", "value": "KIND_UNSPECIFIED" }, { "name": "KindMap", "description": "Map entity types allow mapping of a group of synonyms to a canonical value.", "value": "KIND_MAP" }, { "name": "KindList", "description": "List entity types contain a set of entries that do not map to canonical values. However, list entity types can contain references to other entity types (with or without aliases).", "value": "KIND_LIST" }, { "name": "KindRegexp", "description": "Regexp entity types allow to specify regular expressions in entries values.", "value": "KIND_REGEXP" } ] }, "google-native:dialogflow/v3beta1:ExperimentState": { "description": "The current state of the experiment. Transition triggered by Experiments.StartExperiment: DRAFT->RUNNING. Transition triggered by Experiments.CancelExperiment: DRAFT->DONE or RUNNING->DONE.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "State unspecified.", "value": "STATE_UNSPECIFIED" }, { "name": "Draft", "description": "The experiment is created but not started yet.", "value": "DRAFT" }, { "name": "Running", "description": "The experiment is running.", "value": "RUNNING" }, { "name": "Done", "description": "The experiment is done.", "value": "DONE" }, { "name": "RolloutFailed", "description": "The experiment with auto-rollout enabled has failed.", "value": "ROLLOUT_FAILED" } ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1AdvancedSettings": { "description": "Hierarchical advanced settings for agent/flow/page/fulfillment/parameter. Settings exposed at lower level overrides the settings exposed at higher level. Overriding occurs at the sub-setting level. For example, the playback_interruption_settings at fulfillment level only overrides the playback_interruption_settings at the agent level, leaving other settings at the agent level unchanged. DTMF settings does not override each other. DTMF settings set at different levels define DTMF detections running in parallel. Hierarchy: Agent->Flow->Page->Fulfillment/Parameter.", "properties": { "audioExportGcsDestination": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1GcsDestination", "description": "If present, incoming audio is exported by Dialogflow to the configured Google Cloud Storage destination. Exposed at the following levels: - Agent level - Flow level" }, "dtmfSettings": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1AdvancedSettingsDtmfSettings", "description": "Settings for DTMF. Exposed at the following levels: - Agent level - Flow level - Page level - Parameter level." }, "loggingSettings": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1AdvancedSettingsLoggingSettings", "description": "Settings for logging. Settings for Dialogflow History, Contact Center messages, StackDriver logs, and speech logging. Exposed at the following levels: - Agent level." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1AdvancedSettingsDtmfSettings": { "description": "Define behaviors for DTMF (dual tone multi frequency).", "properties": { "enabled": { "type": "boolean", "description": "If true, incoming audio is processed for DTMF (dual tone multi frequency) events. For example, if the caller presses a button on their telephone keypad and DTMF processing is enabled, Dialogflow will detect the event (e.g. a \"3\" was pressed) in the incoming audio and pass the event to the bot to drive business logic (e.g. when 3 is pressed, return the account balance)." }, "finishDigit": { "type": "string", "description": "The digit that terminates a DTMF digit sequence." }, "maxDigits": { "type": "integer", "description": "Max length of DTMF digits." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1AdvancedSettingsDtmfSettingsResponse": { "description": "Define behaviors for DTMF (dual tone multi frequency).", "properties": { "enabled": { "type": "boolean", "description": "If true, incoming audio is processed for DTMF (dual tone multi frequency) events. For example, if the caller presses a button on their telephone keypad and DTMF processing is enabled, Dialogflow will detect the event (e.g. a \"3\" was pressed) in the incoming audio and pass the event to the bot to drive business logic (e.g. when 3 is pressed, return the account balance)." }, "finishDigit": { "type": "string", "description": "The digit that terminates a DTMF digit sequence." }, "maxDigits": { "type": "integer", "description": "Max length of DTMF digits." } }, "type": "object", "required": [ "enabled", "finishDigit", "maxDigits" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1AdvancedSettingsLoggingSettings": { "description": "Define behaviors on logging.", "properties": { "enableInteractionLogging": { "type": "boolean", "description": "If true, DF Interaction logging is currently enabled." }, "enableStackdriverLogging": { "type": "boolean", "description": "If true, StackDriver logging is currently enabled." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1AdvancedSettingsLoggingSettingsResponse": { "description": "Define behaviors on logging.", "properties": { "enableInteractionLogging": { "type": "boolean", "description": "If true, DF Interaction logging is currently enabled." }, "enableStackdriverLogging": { "type": "boolean", "description": "If true, StackDriver logging is currently enabled." } }, "type": "object", "required": [ "enableInteractionLogging", "enableStackdriverLogging" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1AdvancedSettingsResponse": { "description": "Hierarchical advanced settings for agent/flow/page/fulfillment/parameter. Settings exposed at lower level overrides the settings exposed at higher level. Overriding occurs at the sub-setting level. For example, the playback_interruption_settings at fulfillment level only overrides the playback_interruption_settings at the agent level, leaving other settings at the agent level unchanged. DTMF settings does not override each other. DTMF settings set at different levels define DTMF detections running in parallel. Hierarchy: Agent->Flow->Page->Fulfillment/Parameter.", "properties": { "audioExportGcsDestination": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1GcsDestinationResponse", "description": "If present, incoming audio is exported by Dialogflow to the configured Google Cloud Storage destination. Exposed at the following levels: - Agent level - Flow level" }, "dtmfSettings": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1AdvancedSettingsDtmfSettingsResponse", "description": "Settings for DTMF. Exposed at the following levels: - Agent level - Flow level - Page level - Parameter level." }, "loggingSettings": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1AdvancedSettingsLoggingSettingsResponse", "description": "Settings for logging. Settings for Dialogflow History, Contact Center messages, StackDriver logs, and speech logging. Exposed at the following levels: - Agent level." } }, "type": "object", "required": [ "audioExportGcsDestination", "dtmfSettings", "loggingSettings" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1AgentAnswerFeedbackSettings": { "description": "Settings for answer feedback collection.", "properties": { "enableAnswerFeedback": { "type": "boolean", "description": "Optional. If enabled, end users will be able to provide answer feedback to Dialogflow responses. Feature works only if interaction logging is enabled in the Dialogflow agent." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1AgentAnswerFeedbackSettingsResponse": { "description": "Settings for answer feedback collection.", "properties": { "enableAnswerFeedback": { "type": "boolean", "description": "Optional. If enabled, end users will be able to provide answer feedback to Dialogflow responses. Feature works only if interaction logging is enabled in the Dialogflow agent." } }, "type": "object", "required": [ "enableAnswerFeedback" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1AgentGenAppBuilderSettings": { "description": "Settings for Gen App Builder.", "properties": { "engine": { "type": "string", "description": "The full name of the Gen App Builder engine related to this agent if there is one. Format: `projects/{Project ID}/locations/{Location ID}/collections/{Collection ID}/engines/{Engine ID}`" } }, "type": "object", "required": [ "engine" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1AgentGenAppBuilderSettingsResponse": { "description": "Settings for Gen App Builder.", "properties": { "engine": { "type": "string", "description": "The full name of the Gen App Builder engine related to this agent if there is one. Format: `projects/{Project ID}/locations/{Location ID}/collections/{Collection ID}/engines/{Engine ID}`" } }, "type": "object", "required": [ "engine" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1AgentGitIntegrationSettings": { "description": "Settings for connecting to Git repository for an agent.", "properties": { "githubSettings": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1AgentGitIntegrationSettingsGithubSettings", "description": "GitHub settings." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1AgentGitIntegrationSettingsGithubSettings": { "description": "Settings of integration with GitHub.", "properties": { "accessToken": { "type": "string", "description": "The access token used to authenticate the access to the GitHub repository." }, "branches": { "type": "array", "items": { "type": "string" }, "description": "A list of branches configured to be used from Dialogflow." }, "displayName": { "type": "string", "description": "The unique repository display name for the GitHub repository." }, "repositoryUri": { "type": "string", "description": "The GitHub repository URI related to the agent." }, "trackingBranch": { "type": "string", "description": "The branch of the GitHub repository tracked for this agent." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1AgentGitIntegrationSettingsGithubSettingsResponse": { "description": "Settings of integration with GitHub.", "properties": { "accessToken": { "type": "string", "description": "The access token used to authenticate the access to the GitHub repository." }, "branches": { "type": "array", "items": { "type": "string" }, "description": "A list of branches configured to be used from Dialogflow." }, "displayName": { "type": "string", "description": "The unique repository display name for the GitHub repository." }, "repositoryUri": { "type": "string", "description": "The GitHub repository URI related to the agent." }, "trackingBranch": { "type": "string", "description": "The branch of the GitHub repository tracked for this agent." } }, "type": "object", "required": [ "accessToken", "branches", "displayName", "repositoryUri", "trackingBranch" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1AgentGitIntegrationSettingsResponse": { "description": "Settings for connecting to Git repository for an agent.", "properties": { "githubSettings": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1AgentGitIntegrationSettingsGithubSettingsResponse", "description": "GitHub settings." } }, "type": "object", "required": [ "githubSettings" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1AudioInput": { "description": "Represents the natural speech audio to be processed.", "properties": { "audio": { "type": "string", "description": "The natural language speech audio to be processed. A single request can contain up to 2 minutes of speech audio data. The transcribed text cannot contain more than 256 bytes. For non-streaming audio detect intent, both `config` and `audio` must be provided. For streaming audio detect intent, `config` must be provided in the first request and `audio` must be provided in all following requests." }, "config": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1InputAudioConfig", "description": "Instructs the speech recognizer how to process the speech audio." } }, "type": "object", "required": [ "config" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1AudioInputResponse": { "description": "Represents the natural speech audio to be processed.", "properties": { "audio": { "type": "string", "description": "The natural language speech audio to be processed. A single request can contain up to 2 minutes of speech audio data. The transcribed text cannot contain more than 256 bytes. For non-streaming audio detect intent, both `config` and `audio` must be provided. For streaming audio detect intent, `config` must be provided in the first request and `audio` must be provided in all following requests." }, "config": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1InputAudioConfigResponse", "description": "Instructs the speech recognizer how to process the speech audio." } }, "type": "object", "required": [ "audio", "config" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1BargeInConfig": { "description": "Configuration of the barge-in behavior. Barge-in instructs the API to return a detected utterance at a proper time while the client is playing back the response audio from a previous request. When the client sees the utterance, it should stop the playback and immediately get ready for receiving the responses for the current request. The barge-in handling requires the client to start streaming audio input as soon as it starts playing back the audio from the previous response. The playback is modeled into two phases: * No barge-in phase: which goes first and during which speech detection should not be carried out. * Barge-in phase: which follows the no barge-in phase and during which the API starts speech detection and may inform the client that an utterance has been detected. Note that no-speech event is not expected in this phase. The client provides this configuration in terms of the durations of those two phases. The durations are measured in terms of the audio length fromt the the start of the input audio. The flow goes like below: --> Time without speech detection | utterance only | utterance or no-speech event | | +-------------+ | +------------+ | +---------------+ ----------+ no barge-in +-|-+ barge-in +-|-+ normal period +----------- +-------------+ | +------------+ | +---------------+ No-speech event is a response with END_OF_UTTERANCE without any transcript following up.", "properties": { "noBargeInDuration": { "type": "string", "description": "Duration that is not eligible for barge-in at the beginning of the input audio." }, "totalDuration": { "type": "string", "description": "Total duration for the playback at the beginning of the input audio." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1BargeInConfigResponse": { "description": "Configuration of the barge-in behavior. Barge-in instructs the API to return a detected utterance at a proper time while the client is playing back the response audio from a previous request. When the client sees the utterance, it should stop the playback and immediately get ready for receiving the responses for the current request. The barge-in handling requires the client to start streaming audio input as soon as it starts playing back the audio from the previous response. The playback is modeled into two phases: * No barge-in phase: which goes first and during which speech detection should not be carried out. * Barge-in phase: which follows the no barge-in phase and during which the API starts speech detection and may inform the client that an utterance has been detected. Note that no-speech event is not expected in this phase. The client provides this configuration in terms of the durations of those two phases. The durations are measured in terms of the audio length fromt the the start of the input audio. The flow goes like below: --> Time without speech detection | utterance only | utterance or no-speech event | | +-------------+ | +------------+ | +---------------+ ----------+ no barge-in +-|-+ barge-in +-|-+ normal period +----------- +-------------+ | +------------+ | +---------------+ No-speech event is a response with END_OF_UTTERANCE without any transcript following up.", "properties": { "noBargeInDuration": { "type": "string", "description": "Duration that is not eligible for barge-in at the beginning of the input audio." }, "totalDuration": { "type": "string", "description": "Total duration for the playback at the beginning of the input audio." } }, "type": "object", "required": [ "noBargeInDuration", "totalDuration" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ConversationTurn": { "description": "One interaction between a human and virtual agent. The human provides some input and the virtual agent provides a response.", "properties": { "userInput": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ConversationTurnUserInput", "description": "The user input." }, "virtualAgentOutput": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ConversationTurnVirtualAgentOutput", "description": "The virtual agent output." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ConversationTurnResponse": { "description": "One interaction between a human and virtual agent. The human provides some input and the virtual agent provides a response.", "properties": { "userInput": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ConversationTurnUserInputResponse", "description": "The user input." }, "virtualAgentOutput": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ConversationTurnVirtualAgentOutputResponse", "description": "The virtual agent output." } }, "type": "object", "required": [ "userInput", "virtualAgentOutput" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ConversationTurnUserInput": { "description": "The input from the human user.", "properties": { "enableSentimentAnalysis": { "type": "boolean", "description": "Whether sentiment analysis is enabled." }, "injectedParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Parameters that need to be injected into the conversation during intent detection." }, "input": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1QueryInput", "description": "Supports text input, event input, dtmf input in the test case." }, "isWebhookEnabled": { "type": "boolean", "description": "If webhooks should be allowed to trigger in response to the user utterance. Often if parameters are injected, webhooks should not be enabled." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ConversationTurnUserInputResponse": { "description": "The input from the human user.", "properties": { "enableSentimentAnalysis": { "type": "boolean", "description": "Whether sentiment analysis is enabled." }, "injectedParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Parameters that need to be injected into the conversation during intent detection." }, "input": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1QueryInputResponse", "description": "Supports text input, event input, dtmf input in the test case." }, "isWebhookEnabled": { "type": "boolean", "description": "If webhooks should be allowed to trigger in response to the user utterance. Often if parameters are injected, webhooks should not be enabled." } }, "type": "object", "required": [ "enableSentimentAnalysis", "injectedParameters", "input", "isWebhookEnabled" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ConversationTurnVirtualAgentOutput": { "description": "The output from the virtual agent.", "properties": { "currentPage": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1Page", "description": "The Page on which the utterance was spoken. Only name and displayName will be set." }, "diagnosticInfo": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Input only. The diagnostic info output for the turn. Required to calculate the testing coverage." }, "sessionParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The session parameters available to the bot at this point." }, "status": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleRpcStatus", "description": "Response error from the agent in the test result. If set, other output is empty." }, "textResponses": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageText" }, "description": "The text responses from the agent for the turn." }, "triggeredIntent": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1Intent", "description": "The Intent that triggered the response. Only name and displayName will be set." } }, "type": "object", "required": [ "diagnosticInfo" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ConversationTurnVirtualAgentOutputResponse": { "description": "The output from the virtual agent.", "properties": { "currentPage": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1PageResponse", "description": "The Page on which the utterance was spoken. Only name and displayName will be set." }, "diagnosticInfo": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Input only. The diagnostic info output for the turn. Required to calculate the testing coverage." }, "differences": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1TestRunDifferenceResponse" }, "description": "If this is part of a result conversation turn, the list of differences between the original run and the replay for this output, if any." }, "sessionParameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The session parameters available to the bot at this point." }, "status": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleRpcStatusResponse", "description": "Response error from the agent in the test result. If set, other output is empty." }, "textResponses": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageTextResponse" }, "description": "The text responses from the agent for the turn." }, "triggeredIntent": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1IntentResponse", "description": "The Intent that triggered the response. Only name and displayName will be set." } }, "type": "object", "required": [ "currentPage", "diagnosticInfo", "differences", "sessionParameters", "status", "textResponses", "triggeredIntent" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1DataStoreConnection": { "description": "A data store connection. It represents a data store in Discovery Engine and the type of the contents it contains.", "properties": { "dataStore": { "type": "string", "description": "The full name of the referenced data store. Formats: `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store}` `projects/{project}/locations/{location}/dataStores/{data_store}`" }, "dataStoreType": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1DataStoreConnectionDataStoreType", "description": "The type of the connected data store." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1DataStoreConnectionDataStoreType": { "description": "The type of the connected data store.", "type": "string", "enum": [ { "name": "DataStoreTypeUnspecified", "description": "Not specified. This value indicates that the data store type is not specified, so it will not be used during search.", "value": "DATA_STORE_TYPE_UNSPECIFIED" }, { "name": "PublicWeb", "description": "A data store that contains public web content.", "value": "PUBLIC_WEB" }, { "name": "Unstructured", "description": "A data store that contains unstructured private data.", "value": "UNSTRUCTURED" }, { "name": "Structured", "description": "A data store that contains structured data (for example FAQ).", "value": "STRUCTURED" } ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1DataStoreConnectionResponse": { "description": "A data store connection. It represents a data store in Discovery Engine and the type of the contents it contains.", "properties": { "dataStore": { "type": "string", "description": "The full name of the referenced data store. Formats: `projects/{project}/locations/{location}/collections/{collection}/dataStores/{data_store}` `projects/{project}/locations/{location}/dataStores/{data_store}`" }, "dataStoreType": { "type": "string", "description": "The type of the connected data store." } }, "type": "object", "required": [ "dataStore", "dataStoreType" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1DtmfInput": { "description": "Represents the input for dtmf event.", "properties": { "digits": { "type": "string", "description": "The dtmf digits." }, "finishDigit": { "type": "string", "description": "The finish digit (if any)." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1DtmfInputResponse": { "description": "Represents the input for dtmf event.", "properties": { "digits": { "type": "string", "description": "The dtmf digits." }, "finishDigit": { "type": "string", "description": "The finish digit (if any)." } }, "type": "object", "required": [ "digits", "finishDigit" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1EntityTypeEntity": { "description": "An **entity entry** for an associated entity type.", "properties": { "synonyms": { "type": "array", "items": { "type": "string" }, "description": "A collection of value synonyms. For example, if the entity type is *vegetable*, and `value` is *scallions*, a synonym could be *green onions*. For `KIND_LIST` entity types: * This collection must contain exactly one synonym equal to `value`." }, "value": { "type": "string", "description": "The primary value associated with this entity entry. For example, if the entity type is *vegetable*, the value could be *scallions*. For `KIND_MAP` entity types: * A canonical value to be used in place of synonyms. For `KIND_LIST` entity types: * A string that can contain references to other entity types (with or without aliases)." } }, "type": "object", "required": [ "synonyms", "value" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1EntityTypeEntityResponse": { "description": "An **entity entry** for an associated entity type.", "properties": { "synonyms": { "type": "array", "items": { "type": "string" }, "description": "A collection of value synonyms. For example, if the entity type is *vegetable*, and `value` is *scallions*, a synonym could be *green onions*. For `KIND_LIST` entity types: * This collection must contain exactly one synonym equal to `value`." }, "value": { "type": "string", "description": "The primary value associated with this entity entry. For example, if the entity type is *vegetable*, the value could be *scallions*. For `KIND_MAP` entity types: * A canonical value to be used in place of synonyms. For `KIND_LIST` entity types: * A string that can contain references to other entity types (with or without aliases)." } }, "type": "object", "required": [ "synonyms", "value" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1EntityTypeExcludedPhrase": { "description": "An excluded entity phrase that should not be matched.", "properties": { "value": { "type": "string", "description": "The word or phrase to be excluded." } }, "type": "object", "required": [ "value" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1EntityTypeExcludedPhraseResponse": { "description": "An excluded entity phrase that should not be matched.", "properties": { "value": { "type": "string", "description": "The word or phrase to be excluded." } }, "type": "object", "required": [ "value" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1EnvironmentTestCasesConfig": { "description": "The configuration for continuous tests.", "properties": { "enableContinuousRun": { "type": "boolean", "description": "Whether to run test cases in TestCasesConfig.test_cases periodically. Default false. If set to true, run once a day." }, "enablePredeploymentRun": { "type": "boolean", "description": "Whether to run test cases in TestCasesConfig.test_cases before deploying a flow version to the environment. Default false." }, "testCases": { "type": "array", "items": { "type": "string" }, "description": "A list of test case names to run. They should be under the same agent. Format of each test case name: `projects//locations/ /agents//testCases/`" } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1EnvironmentTestCasesConfigResponse": { "description": "The configuration for continuous tests.", "properties": { "enableContinuousRun": { "type": "boolean", "description": "Whether to run test cases in TestCasesConfig.test_cases periodically. Default false. If set to true, run once a day." }, "enablePredeploymentRun": { "type": "boolean", "description": "Whether to run test cases in TestCasesConfig.test_cases before deploying a flow version to the environment. Default false." }, "testCases": { "type": "array", "items": { "type": "string" }, "description": "A list of test case names to run. They should be under the same agent. Format of each test case name: `projects//locations/ /agents//testCases/`" } }, "type": "object", "required": [ "enableContinuousRun", "enablePredeploymentRun", "testCases" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1EnvironmentVersionConfig": { "description": "Configuration for the version.", "properties": { "version": { "type": "string", "description": "Format: projects//locations//agents//flows//versions/." } }, "type": "object", "required": [ "version" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1EnvironmentVersionConfigResponse": { "description": "Configuration for the version.", "properties": { "version": { "type": "string", "description": "Format: projects//locations//agents//flows//versions/." } }, "type": "object", "required": [ "version" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1EnvironmentWebhookConfig": { "description": "Configuration for webhooks.", "properties": { "webhookOverrides": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1Webhook" }, "description": "The list of webhooks to override for the agent environment. The webhook must exist in the agent. You can override fields in `generic_web_service` and `service_directory`." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1EnvironmentWebhookConfigResponse": { "description": "Configuration for webhooks.", "properties": { "webhookOverrides": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1WebhookResponse" }, "description": "The list of webhooks to override for the agent environment. The webhook must exist in the agent. You can override fields in `generic_web_service` and `service_directory`." } }, "type": "object", "required": [ "webhookOverrides" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1EventHandler": { "description": "An event handler specifies an event that can be handled during a session. When the specified event happens, the following actions are taken in order: * If there is a `trigger_fulfillment` associated with the event, it will be called. * If there is a `target_page` associated with the event, the session will transition into the specified page. * If there is a `target_flow` associated with the event, the session will transition into the specified flow.", "properties": { "event": { "type": "string", "description": "The name of the event to handle." }, "targetFlow": { "type": "string", "description": "The target flow to transition to. Format: `projects//locations//agents//flows/`." }, "targetPage": { "type": "string", "description": "The target page to transition to. Format: `projects//locations//agents//flows//pages/`." }, "triggerFulfillment": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1Fulfillment", "description": "The fulfillment to call when the event occurs. Handling webhook errors with a fulfillment enabled with webhook could cause infinite loop. It is invalid to specify such fulfillment for a handler handling webhooks." } }, "type": "object", "required": [ "event" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1EventHandlerResponse": { "description": "An event handler specifies an event that can be handled during a session. When the specified event happens, the following actions are taken in order: * If there is a `trigger_fulfillment` associated with the event, it will be called. * If there is a `target_page` associated with the event, the session will transition into the specified page. * If there is a `target_flow` associated with the event, the session will transition into the specified flow.", "properties": { "event": { "type": "string", "description": "The name of the event to handle." }, "name": { "type": "string", "description": "The unique identifier of this event handler." }, "targetFlow": { "type": "string", "description": "The target flow to transition to. Format: `projects//locations//agents//flows/`." }, "targetPage": { "type": "string", "description": "The target page to transition to. Format: `projects//locations//agents//flows//pages/`." }, "triggerFulfillment": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1FulfillmentResponse", "description": "The fulfillment to call when the event occurs. Handling webhook errors with a fulfillment enabled with webhook could cause infinite loop. It is invalid to specify such fulfillment for a handler handling webhooks." } }, "type": "object", "required": [ "event", "name", "targetFlow", "targetPage", "triggerFulfillment" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1EventInput": { "description": "Represents the event to trigger.", "properties": { "event": { "type": "string", "description": "Name of the event." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1EventInputResponse": { "description": "Represents the event to trigger.", "properties": { "event": { "type": "string", "description": "Name of the event." } }, "type": "object", "required": [ "event" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ExperimentDefinition": { "description": "Definition of the experiment.", "properties": { "condition": { "type": "string", "description": "The condition defines which subset of sessions are selected for this experiment. If not specified, all sessions are eligible. E.g. \"query_input.language_code=en\" See the [conditions reference](https://cloud.google.com/dialogflow/cx/docs/reference/condition)." }, "versionVariants": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1VersionVariants", "description": "The flow versions as the variants of this experiment." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ExperimentDefinitionResponse": { "description": "Definition of the experiment.", "properties": { "condition": { "type": "string", "description": "The condition defines which subset of sessions are selected for this experiment. If not specified, all sessions are eligible. E.g. \"query_input.language_code=en\" See the [conditions reference](https://cloud.google.com/dialogflow/cx/docs/reference/condition)." }, "versionVariants": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1VersionVariantsResponse", "description": "The flow versions as the variants of this experiment." } }, "type": "object", "required": [ "condition", "versionVariants" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ExperimentResult": { "description": "The inference result which includes an objective metric to optimize and the confidence interval.", "properties": { "lastUpdateTime": { "type": "string", "description": "The last time the experiment's stats data was updated. Will have default value if stats have never been computed for this experiment." }, "versionMetrics": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ExperimentResultVersionMetrics" }, "description": "Version variants and metrics." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ExperimentResultConfidenceInterval": { "description": "A confidence interval is a range of possible values for the experiment objective you are trying to measure.", "properties": { "confidenceLevel": { "type": "number", "description": "The confidence level used to construct the interval, i.e. there is X% chance that the true value is within this interval." }, "lowerBound": { "type": "number", "description": "Lower bound of the interval." }, "ratio": { "type": "number", "description": "The percent change between an experiment metric's value and the value for its control." }, "upperBound": { "type": "number", "description": "Upper bound of the interval." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ExperimentResultConfidenceIntervalResponse": { "description": "A confidence interval is a range of possible values for the experiment objective you are trying to measure.", "properties": { "confidenceLevel": { "type": "number", "description": "The confidence level used to construct the interval, i.e. there is X% chance that the true value is within this interval." }, "lowerBound": { "type": "number", "description": "Lower bound of the interval." }, "ratio": { "type": "number", "description": "The percent change between an experiment metric's value and the value for its control." }, "upperBound": { "type": "number", "description": "Upper bound of the interval." } }, "type": "object", "required": [ "confidenceLevel", "lowerBound", "ratio", "upperBound" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ExperimentResultMetric": { "description": "Metric and corresponding confidence intervals.", "properties": { "confidenceInterval": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ExperimentResultConfidenceInterval", "description": "The probability that the treatment is better than all other treatments in the experiment" }, "count": { "type": "number", "description": "Count value of a metric." }, "countType": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ExperimentResultMetricCountType", "description": "Count-based metric type. Only one of type or count_type is specified in each Metric." }, "ratio": { "type": "number", "description": "Ratio value of a metric." }, "type": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ExperimentResultMetricType", "description": "Ratio-based metric type. Only one of type or count_type is specified in each Metric." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ExperimentResultMetricCountType": { "description": "Count-based metric type. Only one of type or count_type is specified in each Metric.", "type": "string", "enum": [ { "name": "CountTypeUnspecified", "description": "Count type unspecified.", "value": "COUNT_TYPE_UNSPECIFIED" }, { "name": "TotalNoMatchCount", "description": "Total number of occurrences of a 'NO_MATCH'.", "value": "TOTAL_NO_MATCH_COUNT" }, { "name": "TotalTurnCount", "description": "Total number of turn counts.", "value": "TOTAL_TURN_COUNT" }, { "name": "AverageTurnCount", "description": "Average turn count in a session.", "value": "AVERAGE_TURN_COUNT" } ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ExperimentResultMetricResponse": { "description": "Metric and corresponding confidence intervals.", "properties": { "confidenceInterval": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ExperimentResultConfidenceIntervalResponse", "description": "The probability that the treatment is better than all other treatments in the experiment" }, "count": { "type": "number", "description": "Count value of a metric." }, "countType": { "type": "string", "description": "Count-based metric type. Only one of type or count_type is specified in each Metric." }, "ratio": { "type": "number", "description": "Ratio value of a metric." }, "type": { "type": "string", "description": "Ratio-based metric type. Only one of type or count_type is specified in each Metric." } }, "type": "object", "required": [ "confidenceInterval", "count", "countType", "ratio", "type" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ExperimentResultMetricType": { "description": "Ratio-based metric type. Only one of type or count_type is specified in each Metric.", "type": "string", "enum": [ { "name": "MetricUnspecified", "description": "Metric unspecified.", "value": "METRIC_UNSPECIFIED" }, { "name": "ContainedSessionNoCallbackRate", "description": "Percentage of contained sessions without user calling back in 24 hours.", "value": "CONTAINED_SESSION_NO_CALLBACK_RATE" }, { "name": "LiveAgentHandoffRate", "description": "Percentage of sessions that were handed to a human agent.", "value": "LIVE_AGENT_HANDOFF_RATE" }, { "name": "CallbackSessionRate", "description": "Percentage of sessions with the same user calling back.", "value": "CALLBACK_SESSION_RATE" }, { "name": "AbandonedSessionRate", "description": "Percentage of sessions where user hung up.", "value": "ABANDONED_SESSION_RATE" }, { "name": "SessionEndRate", "description": "Percentage of sessions reached Dialogflow 'END_PAGE' or 'END_SESSION'.", "value": "SESSION_END_RATE" } ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ExperimentResultResponse": { "description": "The inference result which includes an objective metric to optimize and the confidence interval.", "properties": { "lastUpdateTime": { "type": "string", "description": "The last time the experiment's stats data was updated. Will have default value if stats have never been computed for this experiment." }, "versionMetrics": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ExperimentResultVersionMetricsResponse" }, "description": "Version variants and metrics." } }, "type": "object", "required": [ "lastUpdateTime", "versionMetrics" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ExperimentResultVersionMetrics": { "description": "Version variant and associated metrics.", "properties": { "metrics": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ExperimentResultMetric" }, "description": "The metrics and corresponding confidence intervals in the inference result." }, "sessionCount": { "type": "integer", "description": "Number of sessions that were allocated to this version." }, "version": { "type": "string", "description": "The name of the flow Version. Format: `projects//locations//agents//flows//versions/`." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ExperimentResultVersionMetricsResponse": { "description": "Version variant and associated metrics.", "properties": { "metrics": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ExperimentResultMetricResponse" }, "description": "The metrics and corresponding confidence intervals in the inference result." }, "sessionCount": { "type": "integer", "description": "Number of sessions that were allocated to this version." }, "version": { "type": "string", "description": "The name of the flow Version. Format: `projects//locations//agents//flows//versions/`." } }, "type": "object", "required": [ "metrics", "sessionCount", "version" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1Form": { "description": "A form is a data model that groups related parameters that can be collected from the user. The process in which the agent prompts the user and collects parameter values from the user is called form filling. A form can be added to a page. When form filling is done, the filled parameters will be written to the session.", "properties": { "parameters": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1FormParameter" }, "description": "Parameters to collect from the user." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1FormParameter": { "description": "Represents a form parameter.", "properties": { "advancedSettings": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1AdvancedSettings", "description": "Hierarchical advanced settings for this parameter. The settings exposed at the lower level overrides the settings exposed at the higher level." }, "defaultValue": { "$ref": "pulumi.json#/Any", "description": "The default value of an optional parameter. If the parameter is required, the default value will be ignored." }, "displayName": { "type": "string", "description": "The human-readable name of the parameter, unique within the form." }, "entityType": { "type": "string", "description": "The entity type of the parameter. Format: `projects/-/locations/-/agents/-/entityTypes/` for system entity types (for example, `projects/-/locations/-/agents/-/entityTypes/sys.date`), or `projects//locations//agents//entityTypes/` for developer entity types." }, "fillBehavior": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1FormParameterFillBehavior", "description": "Defines fill behavior for the parameter." }, "isList": { "type": "boolean", "description": "Indicates whether the parameter represents a list of values." }, "redact": { "type": "boolean", "description": "Indicates whether the parameter content should be redacted in log. If redaction is enabled, the parameter content will be replaced by parameter name during logging. Note: the parameter content is subject to redaction if either parameter level redaction or entity type level redaction is enabled." }, "required": { "type": "boolean", "description": "Indicates whether the parameter is required. Optional parameters will not trigger prompts; however, they are filled if the user specifies them. Required parameters must be filled before form filling concludes." } }, "type": "object", "required": [ "displayName", "entityType", "fillBehavior" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1FormParameterFillBehavior": { "description": "Configuration for how the filling of a parameter should be handled.", "properties": { "initialPromptFulfillment": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1Fulfillment", "description": "The fulfillment to provide the initial prompt that the agent can present to the user in order to fill the parameter." }, "repromptEventHandlers": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1EventHandler" }, "description": "The handlers for parameter-level events, used to provide reprompt for the parameter or transition to a different page/flow. The supported events are: * `sys.no-match-`, where N can be from 1 to 6 * `sys.no-match-default` * `sys.no-input-`, where N can be from 1 to 6 * `sys.no-input-default` * `sys.invalid-parameter` `initial_prompt_fulfillment` provides the first prompt for the parameter. If the user's response does not fill the parameter, a no-match/no-input event will be triggered, and the fulfillment associated with the `sys.no-match-1`/`sys.no-input-1` handler (if defined) will be called to provide a prompt. The `sys.no-match-2`/`sys.no-input-2` handler (if defined) will respond to the next no-match/no-input event, and so on. A `sys.no-match-default` or `sys.no-input-default` handler will be used to handle all following no-match/no-input events after all numbered no-match/no-input handlers for the parameter are consumed. A `sys.invalid-parameter` handler can be defined to handle the case where the parameter values have been `invalidated` by webhook. For example, if the user's response fill the parameter, however the parameter was invalidated by webhook, the fulfillment associated with the `sys.invalid-parameter` handler (if defined) will be called to provide a prompt. If the event handler for the corresponding event can't be found on the parameter, `initial_prompt_fulfillment` will be re-prompted." } }, "type": "object", "required": [ "initialPromptFulfillment" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1FormParameterFillBehaviorResponse": { "description": "Configuration for how the filling of a parameter should be handled.", "properties": { "initialPromptFulfillment": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1FulfillmentResponse", "description": "The fulfillment to provide the initial prompt that the agent can present to the user in order to fill the parameter." }, "repromptEventHandlers": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1EventHandlerResponse" }, "description": "The handlers for parameter-level events, used to provide reprompt for the parameter or transition to a different page/flow. The supported events are: * `sys.no-match-`, where N can be from 1 to 6 * `sys.no-match-default` * `sys.no-input-`, where N can be from 1 to 6 * `sys.no-input-default` * `sys.invalid-parameter` `initial_prompt_fulfillment` provides the first prompt for the parameter. If the user's response does not fill the parameter, a no-match/no-input event will be triggered, and the fulfillment associated with the `sys.no-match-1`/`sys.no-input-1` handler (if defined) will be called to provide a prompt. The `sys.no-match-2`/`sys.no-input-2` handler (if defined) will respond to the next no-match/no-input event, and so on. A `sys.no-match-default` or `sys.no-input-default` handler will be used to handle all following no-match/no-input events after all numbered no-match/no-input handlers for the parameter are consumed. A `sys.invalid-parameter` handler can be defined to handle the case where the parameter values have been `invalidated` by webhook. For example, if the user's response fill the parameter, however the parameter was invalidated by webhook, the fulfillment associated with the `sys.invalid-parameter` handler (if defined) will be called to provide a prompt. If the event handler for the corresponding event can't be found on the parameter, `initial_prompt_fulfillment` will be re-prompted." } }, "type": "object", "required": [ "initialPromptFulfillment", "repromptEventHandlers" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1FormParameterResponse": { "description": "Represents a form parameter.", "properties": { "advancedSettings": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1AdvancedSettingsResponse", "description": "Hierarchical advanced settings for this parameter. The settings exposed at the lower level overrides the settings exposed at the higher level." }, "defaultValue": { "$ref": "pulumi.json#/Any", "description": "The default value of an optional parameter. If the parameter is required, the default value will be ignored." }, "displayName": { "type": "string", "description": "The human-readable name of the parameter, unique within the form." }, "entityType": { "type": "string", "description": "The entity type of the parameter. Format: `projects/-/locations/-/agents/-/entityTypes/` for system entity types (for example, `projects/-/locations/-/agents/-/entityTypes/sys.date`), or `projects//locations//agents//entityTypes/` for developer entity types." }, "fillBehavior": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1FormParameterFillBehaviorResponse", "description": "Defines fill behavior for the parameter." }, "isList": { "type": "boolean", "description": "Indicates whether the parameter represents a list of values." }, "redact": { "type": "boolean", "description": "Indicates whether the parameter content should be redacted in log. If redaction is enabled, the parameter content will be replaced by parameter name during logging. Note: the parameter content is subject to redaction if either parameter level redaction or entity type level redaction is enabled." }, "required": { "type": "boolean", "description": "Indicates whether the parameter is required. Optional parameters will not trigger prompts; however, they are filled if the user specifies them. Required parameters must be filled before form filling concludes." } }, "type": "object", "required": [ "advancedSettings", "defaultValue", "displayName", "entityType", "fillBehavior", "isList", "redact", "required" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1FormResponse": { "description": "A form is a data model that groups related parameters that can be collected from the user. The process in which the agent prompts the user and collects parameter values from the user is called form filling. A form can be added to a page. When form filling is done, the filled parameters will be written to the session.", "properties": { "parameters": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1FormParameterResponse" }, "description": "Parameters to collect from the user." } }, "type": "object", "required": [ "parameters" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1Fulfillment": { "description": "A fulfillment can do one or more of the following actions at the same time: * Generate rich message responses. * Set parameter values. * Call the webhook. Fulfillments can be called at various stages in the Page or Form lifecycle. For example, when a DetectIntentRequest drives a session to enter a new page, the page's entry fulfillment can add a static response to the QueryResult in the returning DetectIntentResponse, call the webhook (for example, to load user data from a database), or both.", "properties": { "advancedSettings": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1AdvancedSettings", "description": "Hierarchical advanced settings for this fulfillment. The settings exposed at the lower level overrides the settings exposed at the higher level." }, "conditionalCases": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1FulfillmentConditionalCases" }, "description": "Conditional cases for this fulfillment." }, "enableGenerativeFallback": { "type": "boolean", "description": "If the flag is true, the agent will utilize LLM to generate a text response. If LLM generation fails, the defined responses in the fulfillment will be respected. This flag is only useful for fulfillments associated with no-match event handlers." }, "messages": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessage" }, "description": "The list of rich message responses to present to the user." }, "returnPartialResponses": { "type": "boolean", "description": "Whether Dialogflow should return currently queued fulfillment response messages in streaming APIs. If a webhook is specified, it happens before Dialogflow invokes webhook. Warning: 1) This flag only affects streaming API. Responses are still queued and returned once in non-streaming API. 2) The flag can be enabled in any fulfillment but only the first 3 partial responses will be returned. You may only want to apply it to fulfillments that have slow webhooks." }, "setParameterActions": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1FulfillmentSetParameterAction" }, "description": "Set parameter values before executing the webhook." }, "tag": { "type": "string", "description": "The value of this field will be populated in the WebhookRequest `fulfillmentInfo.tag` field by Dialogflow when the associated webhook is called. The tag is typically used by the webhook service to identify which fulfillment is being called, but it could be used for other purposes. This field is required if `webhook` is specified." }, "webhook": { "type": "string", "description": "The webhook to call. Format: `projects//locations//agents//webhooks/`." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1FulfillmentConditionalCases": { "description": "A list of cascading if-else conditions. Cases are mutually exclusive. The first one with a matching condition is selected, all the rest ignored.", "properties": { "cases": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1FulfillmentConditionalCasesCase" }, "description": "A list of cascading if-else conditions." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1FulfillmentConditionalCasesCase": { "description": "Each case has a Boolean condition. When it is evaluated to be True, the corresponding messages will be selected and evaluated recursively.", "properties": { "caseContent": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1FulfillmentConditionalCasesCaseCaseContent" }, "description": "A list of case content." }, "condition": { "type": "string", "description": "The condition to activate and select this case. Empty means the condition is always true. The condition is evaluated against form parameters or session parameters. See the [conditions reference](https://cloud.google.com/dialogflow/cx/docs/reference/condition)." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1FulfillmentConditionalCasesCaseCaseContent": { "description": "The list of messages or conditional cases to activate for this case.", "properties": { "additionalCases": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1FulfillmentConditionalCases", "description": "Additional cases to be evaluated." }, "message": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessage", "description": "Returned message." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1FulfillmentConditionalCasesCaseCaseContentResponse": { "description": "The list of messages or conditional cases to activate for this case.", "properties": { "additionalCases": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1FulfillmentConditionalCasesResponse", "description": "Additional cases to be evaluated." }, "message": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageResponse", "description": "Returned message." } }, "type": "object", "required": [ "additionalCases", "message" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1FulfillmentConditionalCasesCaseResponse": { "description": "Each case has a Boolean condition. When it is evaluated to be True, the corresponding messages will be selected and evaluated recursively.", "properties": { "caseContent": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1FulfillmentConditionalCasesCaseCaseContentResponse" }, "description": "A list of case content." }, "condition": { "type": "string", "description": "The condition to activate and select this case. Empty means the condition is always true. The condition is evaluated against form parameters or session parameters. See the [conditions reference](https://cloud.google.com/dialogflow/cx/docs/reference/condition)." } }, "type": "object", "required": [ "caseContent", "condition" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1FulfillmentConditionalCasesResponse": { "description": "A list of cascading if-else conditions. Cases are mutually exclusive. The first one with a matching condition is selected, all the rest ignored.", "properties": { "cases": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1FulfillmentConditionalCasesCaseResponse" }, "description": "A list of cascading if-else conditions." } }, "type": "object", "required": [ "cases" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1FulfillmentResponse": { "description": "A fulfillment can do one or more of the following actions at the same time: * Generate rich message responses. * Set parameter values. * Call the webhook. Fulfillments can be called at various stages in the Page or Form lifecycle. For example, when a DetectIntentRequest drives a session to enter a new page, the page's entry fulfillment can add a static response to the QueryResult in the returning DetectIntentResponse, call the webhook (for example, to load user data from a database), or both.", "properties": { "advancedSettings": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1AdvancedSettingsResponse", "description": "Hierarchical advanced settings for this fulfillment. The settings exposed at the lower level overrides the settings exposed at the higher level." }, "conditionalCases": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1FulfillmentConditionalCasesResponse" }, "description": "Conditional cases for this fulfillment." }, "enableGenerativeFallback": { "type": "boolean", "description": "If the flag is true, the agent will utilize LLM to generate a text response. If LLM generation fails, the defined responses in the fulfillment will be respected. This flag is only useful for fulfillments associated with no-match event handlers." }, "messages": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageResponse" }, "description": "The list of rich message responses to present to the user." }, "returnPartialResponses": { "type": "boolean", "description": "Whether Dialogflow should return currently queued fulfillment response messages in streaming APIs. If a webhook is specified, it happens before Dialogflow invokes webhook. Warning: 1) This flag only affects streaming API. Responses are still queued and returned once in non-streaming API. 2) The flag can be enabled in any fulfillment but only the first 3 partial responses will be returned. You may only want to apply it to fulfillments that have slow webhooks." }, "setParameterActions": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1FulfillmentSetParameterActionResponse" }, "description": "Set parameter values before executing the webhook." }, "tag": { "type": "string", "description": "The value of this field will be populated in the WebhookRequest `fulfillmentInfo.tag` field by Dialogflow when the associated webhook is called. The tag is typically used by the webhook service to identify which fulfillment is being called, but it could be used for other purposes. This field is required if `webhook` is specified." }, "webhook": { "type": "string", "description": "The webhook to call. Format: `projects//locations//agents//webhooks/`." } }, "type": "object", "required": [ "advancedSettings", "conditionalCases", "enableGenerativeFallback", "messages", "returnPartialResponses", "setParameterActions", "tag", "webhook" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1FulfillmentSetParameterAction": { "description": "Setting a parameter value.", "properties": { "parameter": { "type": "string", "description": "Display name of the parameter." }, "value": { "$ref": "pulumi.json#/Any", "description": "The new value of the parameter. A null value clears the parameter." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1FulfillmentSetParameterActionResponse": { "description": "Setting a parameter value.", "properties": { "parameter": { "type": "string", "description": "Display name of the parameter." }, "value": { "$ref": "pulumi.json#/Any", "description": "The new value of the parameter. A null value clears the parameter." } }, "type": "object", "required": [ "parameter", "value" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1GcsDestination": { "description": "Google Cloud Storage location for a Dialogflow operation that writes or exports objects (e.g. exported agent or transcripts) outside of Dialogflow.", "properties": { "uri": { "type": "string", "description": "The Google Cloud Storage URI for the exported objects. A URI is of the form: `gs://bucket/object-name-or-prefix` Whether a full object name, or just a prefix, its usage depends on the Dialogflow operation." } }, "type": "object", "required": [ "uri" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1GcsDestinationResponse": { "description": "Google Cloud Storage location for a Dialogflow operation that writes or exports objects (e.g. exported agent or transcripts) outside of Dialogflow.", "properties": { "uri": { "type": "string", "description": "The Google Cloud Storage URI for the exported objects. A URI is of the form: `gs://bucket/object-name-or-prefix` Whether a full object name, or just a prefix, its usage depends on the Dialogflow operation." } }, "type": "object", "required": [ "uri" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1InputAudioConfig": { "description": "Instructs the speech recognizer on how to process the audio content.", "properties": { "audioEncoding": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1InputAudioConfigAudioEncoding", "description": "Audio encoding of the audio content to process." }, "bargeInConfig": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1BargeInConfig", "description": "Configuration of barge-in behavior during the streaming of input audio." }, "enableWordInfo": { "type": "boolean", "description": "Optional. If `true`, Dialogflow returns SpeechWordInfo in StreamingRecognitionResult with information about the recognized speech words, e.g. start and end time offsets. If false or unspecified, Speech doesn't return any word-level information." }, "model": { "type": "string", "description": "Optional. Which Speech model to select for the given request. Select the model best suited to your domain to get best results. If a model is not explicitly specified, then we auto-select a model based on the parameters in the InputAudioConfig. If enhanced speech model is enabled for the agent and an enhanced version of the specified model for the language does not exist, then the speech is recognized using the standard version of the specified model. Refer to [Cloud Speech API documentation](https://cloud.google.com/speech-to-text/docs/basics#select-model) for more details. If you specify a model, the following models typically have the best performance: - phone_call (best for Agent Assist and telephony) - latest_short (best for Dialogflow non-telephony) - command_and_search (best for very short utterances and commands)" }, "modelVariant": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1InputAudioConfigModelVariant", "description": "Optional. Which variant of the Speech model to use." }, "phraseHints": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of strings containing words and phrases that the speech recognizer should recognize with higher likelihood. See [the Cloud Speech documentation](https://cloud.google.com/speech-to-text/docs/basics#phrase-hints) for more details." }, "sampleRateHertz": { "type": "integer", "description": "Sample rate (in Hertz) of the audio content sent in the query. Refer to [Cloud Speech API documentation](https://cloud.google.com/speech-to-text/docs/basics) for more details." }, "singleUtterance": { "type": "boolean", "description": "Optional. If `false` (default), recognition does not cease until the client closes the stream. If `true`, the recognizer will detect a single spoken utterance in input audio. Recognition ceases when it detects the audio's voice has stopped or paused. In this case, once a detected intent is received, the client should close the stream and start a new request with a new stream as needed. Note: This setting is relevant only for streaming methods." } }, "type": "object", "required": [ "audioEncoding" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1InputAudioConfigAudioEncoding": { "description": "Required. Audio encoding of the audio content to process.", "type": "string", "enum": [ { "name": "AudioEncodingUnspecified", "description": "Not specified.", "value": "AUDIO_ENCODING_UNSPECIFIED" }, { "name": "AudioEncodingLinear16", "description": "Uncompressed 16-bit signed little-endian samples (Linear PCM).", "value": "AUDIO_ENCODING_LINEAR_16" }, { "name": "AudioEncodingFlac", "description": "[`FLAC`](https://xiph.org/flac/documentation.html) (Free Lossless Audio Codec) is the recommended encoding because it is lossless (therefore recognition is not compromised) and requires only about half the bandwidth of `LINEAR16`. `FLAC` stream encoding supports 16-bit and 24-bit samples, however, not all fields in `STREAMINFO` are supported.", "value": "AUDIO_ENCODING_FLAC" }, { "name": "AudioEncodingMulaw", "description": "8-bit samples that compand 14-bit audio samples using G.711 PCMU/mu-law.", "value": "AUDIO_ENCODING_MULAW" }, { "name": "AudioEncodingAmr", "description": "Adaptive Multi-Rate Narrowband codec. `sample_rate_hertz` must be 8000.", "value": "AUDIO_ENCODING_AMR" }, { "name": "AudioEncodingAmrWb", "description": "Adaptive Multi-Rate Wideband codec. `sample_rate_hertz` must be 16000.", "value": "AUDIO_ENCODING_AMR_WB" }, { "name": "AudioEncodingOggOpus", "description": "Opus encoded audio frames in Ogg container ([OggOpus](https://wiki.xiph.org/OggOpus)). `sample_rate_hertz` must be 16000.", "value": "AUDIO_ENCODING_OGG_OPUS" }, { "name": "AudioEncodingSpeexWithHeaderByte", "description": "Although the use of lossy encodings is not recommended, if a very low bitrate encoding is required, `OGG_OPUS` is highly preferred over Speex encoding. The [Speex](https://speex.org/) encoding supported by Dialogflow API has a header byte in each block, as in MIME type `audio/x-speex-with-header-byte`. It is a variant of the RTP Speex encoding defined in [RFC 5574](https://tools.ietf.org/html/rfc5574). The stream is a sequence of blocks, one block per RTP packet. Each block starts with a byte containing the length of the block, in bytes, followed by one or more frames of Speex data, padded to an integral number of bytes (octets) as specified in RFC 5574. In other words, each RTP header is replaced with a single byte containing the block length. Only Speex wideband is supported. `sample_rate_hertz` must be 16000.", "value": "AUDIO_ENCODING_SPEEX_WITH_HEADER_BYTE" } ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1InputAudioConfigModelVariant": { "description": "Optional. Which variant of the Speech model to use.", "type": "string", "enum": [ { "name": "SpeechModelVariantUnspecified", "description": "No model variant specified. In this case Dialogflow defaults to USE_BEST_AVAILABLE.", "value": "SPEECH_MODEL_VARIANT_UNSPECIFIED" }, { "name": "UseBestAvailable", "description": "Use the best available variant of the Speech model that the caller is eligible for. Please see the [Dialogflow docs](https://cloud.google.com/dialogflow/docs/data-logging) for how to make your project eligible for enhanced models.", "value": "USE_BEST_AVAILABLE" }, { "name": "UseStandard", "description": "Use standard model variant even if an enhanced model is available. See the [Cloud Speech documentation](https://cloud.google.com/speech-to-text/docs/enhanced-models) for details about enhanced models.", "value": "USE_STANDARD" }, { "name": "UseEnhanced", "description": "Use an enhanced model variant: * If an enhanced variant does not exist for the given model and request language, Dialogflow falls back to the standard variant. The [Cloud Speech documentation](https://cloud.google.com/speech-to-text/docs/enhanced-models) describes which models have enhanced variants. * If the API caller isn't eligible for enhanced models, Dialogflow returns an error. Please see the [Dialogflow docs](https://cloud.google.com/dialogflow/docs/data-logging) for how to make your project eligible.", "value": "USE_ENHANCED" } ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1InputAudioConfigResponse": { "description": "Instructs the speech recognizer on how to process the audio content.", "properties": { "audioEncoding": { "type": "string", "description": "Audio encoding of the audio content to process." }, "bargeInConfig": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1BargeInConfigResponse", "description": "Configuration of barge-in behavior during the streaming of input audio." }, "enableWordInfo": { "type": "boolean", "description": "Optional. If `true`, Dialogflow returns SpeechWordInfo in StreamingRecognitionResult with information about the recognized speech words, e.g. start and end time offsets. If false or unspecified, Speech doesn't return any word-level information." }, "model": { "type": "string", "description": "Optional. Which Speech model to select for the given request. Select the model best suited to your domain to get best results. If a model is not explicitly specified, then we auto-select a model based on the parameters in the InputAudioConfig. If enhanced speech model is enabled for the agent and an enhanced version of the specified model for the language does not exist, then the speech is recognized using the standard version of the specified model. Refer to [Cloud Speech API documentation](https://cloud.google.com/speech-to-text/docs/basics#select-model) for more details. If you specify a model, the following models typically have the best performance: - phone_call (best for Agent Assist and telephony) - latest_short (best for Dialogflow non-telephony) - command_and_search (best for very short utterances and commands)" }, "modelVariant": { "type": "string", "description": "Optional. Which variant of the Speech model to use." }, "phraseHints": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of strings containing words and phrases that the speech recognizer should recognize with higher likelihood. See [the Cloud Speech documentation](https://cloud.google.com/speech-to-text/docs/basics#phrase-hints) for more details." }, "sampleRateHertz": { "type": "integer", "description": "Sample rate (in Hertz) of the audio content sent in the query. Refer to [Cloud Speech API documentation](https://cloud.google.com/speech-to-text/docs/basics) for more details." }, "singleUtterance": { "type": "boolean", "description": "Optional. If `false` (default), recognition does not cease until the client closes the stream. If `true`, the recognizer will detect a single spoken utterance in input audio. Recognition ceases when it detects the audio's voice has stopped or paused. In this case, once a detected intent is received, the client should close the stream and start a new request with a new stream as needed. Note: This setting is relevant only for streaming methods." } }, "type": "object", "required": [ "audioEncoding", "bargeInConfig", "enableWordInfo", "model", "modelVariant", "phraseHints", "sampleRateHertz", "singleUtterance" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1Intent": { "description": "An intent represents a user's intent to interact with a conversational agent. You can provide information for the Dialogflow API to use to match user input to an intent by adding training phrases (i.e., examples of user input) to your intent.", "properties": { "description": { "type": "string", "description": "Human readable description for better understanding an intent like its scope, content, result etc. Maximum character limit: 140 characters." }, "displayName": { "type": "string", "description": "The human-readable name of the intent, unique within the agent." }, "isFallback": { "type": "boolean", "description": "Indicates whether this is a fallback intent. Currently only default fallback intent is allowed in the agent, which is added upon agent creation. Adding training phrases to fallback intent is useful in the case of requests that are mistakenly matched, since training phrases assigned to fallback intents act as negative examples that triggers no-match event." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The key/value metadata to label an intent. Labels can contain lowercase letters, digits and the symbols '-' and '_'. International characters are allowed, including letters from unicase alphabets. Keys must start with a letter. Keys and values can be no longer than 63 characters and no more than 128 bytes. Prefix \"sys-\" is reserved for Dialogflow defined labels. Currently allowed Dialogflow defined labels include: * sys-head * sys-contextual The above labels do not require value. \"sys-head\" means the intent is a head intent. \"sys-contextual\" means the intent is a contextual intent." }, "name": { "type": "string", "description": "The unique identifier of the intent. Required for the Intents.UpdateIntent method. Intents.CreateIntent populates the name automatically. Format: `projects//locations//agents//intents/`." }, "parameters": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1IntentParameter" }, "description": "The collection of parameters associated with the intent." }, "priority": { "type": "integer", "description": "The priority of this intent. Higher numbers represent higher priorities. - If the supplied value is unspecified or 0, the service translates the value to 500,000, which corresponds to the `Normal` priority in the console. - If the supplied value is negative, the intent is ignored in runtime detect intent requests." }, "trainingPhrases": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1IntentTrainingPhrase" }, "description": "The collection of training phrases the agent is trained on to identify the intent." } }, "type": "object", "required": [ "displayName" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1IntentInput": { "description": "Represents the intent to trigger programmatically rather than as a result of natural language processing.", "properties": { "intent": { "type": "string", "description": "The unique identifier of the intent. Format: `projects//locations//agents//intents/`." } }, "type": "object", "required": [ "intent" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1IntentInputResponse": { "description": "Represents the intent to trigger programmatically rather than as a result of natural language processing.", "properties": { "intent": { "type": "string", "description": "The unique identifier of the intent. Format: `projects//locations//agents//intents/`." } }, "type": "object", "required": [ "intent" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1IntentParameter": { "description": "Represents an intent parameter.", "properties": { "entityType": { "type": "string", "description": "The entity type of the parameter. Format: `projects/-/locations/-/agents/-/entityTypes/` for system entity types (for example, `projects/-/locations/-/agents/-/entityTypes/sys.date`), or `projects//locations//agents//entityTypes/` for developer entity types." }, "id": { "type": "string", "description": "The unique identifier of the parameter. This field is used by training phrases to annotate their parts." }, "isList": { "type": "boolean", "description": "Indicates whether the parameter represents a list of values." }, "redact": { "type": "boolean", "description": "Indicates whether the parameter content should be redacted in log. If redaction is enabled, the parameter content will be replaced by parameter name during logging. Note: the parameter content is subject to redaction if either parameter level redaction or entity type level redaction is enabled." } }, "type": "object", "required": [ "entityType", "id" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1IntentParameterResponse": { "description": "Represents an intent parameter.", "properties": { "entityType": { "type": "string", "description": "The entity type of the parameter. Format: `projects/-/locations/-/agents/-/entityTypes/` for system entity types (for example, `projects/-/locations/-/agents/-/entityTypes/sys.date`), or `projects//locations//agents//entityTypes/` for developer entity types." }, "isList": { "type": "boolean", "description": "Indicates whether the parameter represents a list of values." }, "redact": { "type": "boolean", "description": "Indicates whether the parameter content should be redacted in log. If redaction is enabled, the parameter content will be replaced by parameter name during logging. Note: the parameter content is subject to redaction if either parameter level redaction or entity type level redaction is enabled." } }, "type": "object", "required": [ "entityType", "isList", "redact" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1IntentResponse": { "description": "An intent represents a user's intent to interact with a conversational agent. You can provide information for the Dialogflow API to use to match user input to an intent by adding training phrases (i.e., examples of user input) to your intent.", "properties": { "description": { "type": "string", "description": "Human readable description for better understanding an intent like its scope, content, result etc. Maximum character limit: 140 characters." }, "displayName": { "type": "string", "description": "The human-readable name of the intent, unique within the agent." }, "isFallback": { "type": "boolean", "description": "Indicates whether this is a fallback intent. Currently only default fallback intent is allowed in the agent, which is added upon agent creation. Adding training phrases to fallback intent is useful in the case of requests that are mistakenly matched, since training phrases assigned to fallback intents act as negative examples that triggers no-match event." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The key/value metadata to label an intent. Labels can contain lowercase letters, digits and the symbols '-' and '_'. International characters are allowed, including letters from unicase alphabets. Keys must start with a letter. Keys and values can be no longer than 63 characters and no more than 128 bytes. Prefix \"sys-\" is reserved for Dialogflow defined labels. Currently allowed Dialogflow defined labels include: * sys-head * sys-contextual The above labels do not require value. \"sys-head\" means the intent is a head intent. \"sys-contextual\" means the intent is a contextual intent." }, "name": { "type": "string", "description": "The unique identifier of the intent. Required for the Intents.UpdateIntent method. Intents.CreateIntent populates the name automatically. Format: `projects//locations//agents//intents/`." }, "parameters": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1IntentParameterResponse" }, "description": "The collection of parameters associated with the intent." }, "priority": { "type": "integer", "description": "The priority of this intent. Higher numbers represent higher priorities. - If the supplied value is unspecified or 0, the service translates the value to 500,000, which corresponds to the `Normal` priority in the console. - If the supplied value is negative, the intent is ignored in runtime detect intent requests." }, "trainingPhrases": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1IntentTrainingPhraseResponse" }, "description": "The collection of training phrases the agent is trained on to identify the intent." } }, "type": "object", "required": [ "description", "displayName", "isFallback", "labels", "name", "parameters", "priority", "trainingPhrases" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1IntentTrainingPhrase": { "description": "Represents an example that the agent is trained on to identify the intent.", "properties": { "parts": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1IntentTrainingPhrasePart" }, "description": "The ordered list of training phrase parts. The parts are concatenated in order to form the training phrase. Note: The API does not automatically annotate training phrases like the Dialogflow Console does. Note: Do not forget to include whitespace at part boundaries, so the training phrase is well formatted when the parts are concatenated. If the training phrase does not need to be annotated with parameters, you just need a single part with only the Part.text field set. If you want to annotate the training phrase, you must create multiple parts, where the fields of each part are populated in one of two ways: - `Part.text` is set to a part of the phrase that has no parameters. - `Part.text` is set to a part of the phrase that you want to annotate, and the `parameter_id` field is set." }, "repeatCount": { "type": "integer", "description": "Indicates how many times this example was added to the intent." } }, "type": "object", "required": [ "parts" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1IntentTrainingPhrasePart": { "description": "Represents a part of a training phrase.", "properties": { "parameterId": { "type": "string", "description": "The parameter used to annotate this part of the training phrase. This field is required for annotated parts of the training phrase." }, "text": { "type": "string", "description": "The text for this part." } }, "type": "object", "required": [ "text" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1IntentTrainingPhrasePartResponse": { "description": "Represents a part of a training phrase.", "properties": { "parameterId": { "type": "string", "description": "The parameter used to annotate this part of the training phrase. This field is required for annotated parts of the training phrase." }, "text": { "type": "string", "description": "The text for this part." } }, "type": "object", "required": [ "parameterId", "text" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1IntentTrainingPhraseResponse": { "description": "Represents an example that the agent is trained on to identify the intent.", "properties": { "parts": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1IntentTrainingPhrasePartResponse" }, "description": "The ordered list of training phrase parts. The parts are concatenated in order to form the training phrase. Note: The API does not automatically annotate training phrases like the Dialogflow Console does. Note: Do not forget to include whitespace at part boundaries, so the training phrase is well formatted when the parts are concatenated. If the training phrase does not need to be annotated with parameters, you just need a single part with only the Part.text field set. If you want to annotate the training phrase, you must create multiple parts, where the fields of each part are populated in one of two ways: - `Part.text` is set to a part of the phrase that has no parameters. - `Part.text` is set to a part of the phrase that you want to annotate, and the `parameter_id` field is set." }, "repeatCount": { "type": "integer", "description": "Indicates how many times this example was added to the intent." } }, "type": "object", "required": [ "parts", "repeatCount" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1KnowledgeConnectorSettings": { "description": "The Knowledge Connector settings for this page or flow. This includes information such as the attached Knowledge Bases, and the way to execute fulfillment.", "properties": { "dataStoreConnections": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1DataStoreConnection" }, "description": "Optional. List of related data store connections." }, "enabled": { "type": "boolean", "description": "Whether Knowledge Connector is enabled or not." }, "targetFlow": { "type": "string", "description": "The target flow to transition to. Format: `projects//locations//agents//flows/`." }, "targetPage": { "type": "string", "description": "The target page to transition to. Format: `projects//locations//agents//flows//pages/`." }, "triggerFulfillment": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1Fulfillment", "description": "The fulfillment to be triggered. When the answers from the Knowledge Connector are selected by Dialogflow, you can utitlize the request scoped parameter `$request.knowledge.answers` (contains up to the 5 highest confidence answers) and `$request.knowledge.questions` (contains the corresponding questions) to construct the fulfillment." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1KnowledgeConnectorSettingsResponse": { "description": "The Knowledge Connector settings for this page or flow. This includes information such as the attached Knowledge Bases, and the way to execute fulfillment.", "properties": { "dataStoreConnections": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1DataStoreConnectionResponse" }, "description": "Optional. List of related data store connections." }, "enabled": { "type": "boolean", "description": "Whether Knowledge Connector is enabled or not." }, "targetFlow": { "type": "string", "description": "The target flow to transition to. Format: `projects//locations//agents//flows/`." }, "targetPage": { "type": "string", "description": "The target page to transition to. Format: `projects//locations//agents//flows//pages/`." }, "triggerFulfillment": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1FulfillmentResponse", "description": "The fulfillment to be triggered. When the answers from the Knowledge Connector are selected by Dialogflow, you can utitlize the request scoped parameter `$request.knowledge.answers` (contains up to the 5 highest confidence answers) and `$request.knowledge.questions` (contains the corresponding questions) to construct the fulfillment." } }, "type": "object", "required": [ "dataStoreConnections", "enabled", "targetFlow", "targetPage", "triggerFulfillment" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1NluSettings": { "description": "Settings related to NLU.", "properties": { "classificationThreshold": { "type": "number", "description": "To filter out false positive results and still get variety in matched natural language inputs for your agent, you can tune the machine learning classification threshold. If the returned score value is less than the threshold value, then a no-match event will be triggered. The score values range from 0.0 (completely uncertain) to 1.0 (completely certain). If set to 0.0, the default of 0.3 is used." }, "modelTrainingMode": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1NluSettingsModelTrainingMode", "description": "Indicates NLU model training mode." }, "modelType": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1NluSettingsModelType", "description": "Indicates the type of NLU model." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1NluSettingsModelTrainingMode": { "description": "Indicates NLU model training mode.", "type": "string", "enum": [ { "name": "ModelTrainingModeUnspecified", "description": "Not specified. `MODEL_TRAINING_MODE_AUTOMATIC` will be used.", "value": "MODEL_TRAINING_MODE_UNSPECIFIED" }, { "name": "ModelTrainingModeAutomatic", "description": "NLU model training is automatically triggered when a flow gets modified. User can also manually trigger model training in this mode.", "value": "MODEL_TRAINING_MODE_AUTOMATIC" }, { "name": "ModelTrainingModeManual", "description": "User needs to manually trigger NLU model training. Best for large flows whose models take long time to train.", "value": "MODEL_TRAINING_MODE_MANUAL" } ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1NluSettingsModelType": { "description": "Indicates the type of NLU model.", "type": "string", "enum": [ { "name": "ModelTypeUnspecified", "description": "Not specified. `MODEL_TYPE_STANDARD` will be used.", "value": "MODEL_TYPE_UNSPECIFIED" }, { "name": "ModelTypeStandard", "description": "Use standard NLU model.", "value": "MODEL_TYPE_STANDARD" }, { "name": "ModelTypeAdvanced", "description": "Use advanced NLU model.", "value": "MODEL_TYPE_ADVANCED" } ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1NluSettingsResponse": { "description": "Settings related to NLU.", "properties": { "classificationThreshold": { "type": "number", "description": "To filter out false positive results and still get variety in matched natural language inputs for your agent, you can tune the machine learning classification threshold. If the returned score value is less than the threshold value, then a no-match event will be triggered. The score values range from 0.0 (completely uncertain) to 1.0 (completely certain). If set to 0.0, the default of 0.3 is used." }, "modelTrainingMode": { "type": "string", "description": "Indicates NLU model training mode." }, "modelType": { "type": "string", "description": "Indicates the type of NLU model." } }, "type": "object", "required": [ "classificationThreshold", "modelTrainingMode", "modelType" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1Page": { "description": "A Dialogflow CX conversation (session) can be described and visualized as a state machine. The states of a CX session are represented by pages. For each flow, you define many pages, where your combined pages can handle a complete conversation on the topics the flow is designed for. At any given moment, exactly one page is the current page, the current page is considered active, and the flow associated with that page is considered active. Every flow has a special start page. When a flow initially becomes active, the start page page becomes the current page. For each conversational turn, the current page will either stay the same or transition to another page. You configure each page to collect information from the end-user that is relevant for the conversational state represented by the page. For more information, see the [Page guide](https://cloud.google.com/dialogflow/cx/docs/concept/page).", "properties": { "advancedSettings": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1AdvancedSettings", "description": "Hierarchical advanced settings for this page. The settings exposed at the lower level overrides the settings exposed at the higher level." }, "displayName": { "type": "string", "description": "The human-readable name of the page, unique within the flow." }, "entryFulfillment": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1Fulfillment", "description": "The fulfillment to call when the session is entering the page." }, "eventHandlers": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1EventHandler" }, "description": "Handlers associated with the page to handle events such as webhook errors, no match or no input." }, "form": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1Form", "description": "The form associated with the page, used for collecting parameters relevant to the page." }, "knowledgeConnectorSettings": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1KnowledgeConnectorSettings", "description": "Optional. Knowledge connector configuration." }, "name": { "type": "string", "description": "The unique identifier of the page. Required for the Pages.UpdatePage method. Pages.CreatePage populates the name automatically. Format: `projects//locations//agents//flows//pages/`." }, "transitionRouteGroups": { "type": "array", "items": { "type": "string" }, "description": "Ordered list of `TransitionRouteGroups` added to the page. Transition route groups must be unique within a page. If the page links both flow-level transition route groups and agent-level transition route groups, the flow-level ones will have higher priority and will be put before the agent-level ones. * If multiple transition routes within a page scope refer to the same intent, then the precedence order is: page's transition route -> page's transition route group -> flow's transition routes. * If multiple transition route groups within a page contain the same intent, then the first group in the ordered list takes precedence. Format:`projects//locations//agents//flows//transitionRouteGroups/` or `projects//locations//agents//transitionRouteGroups/` for agent-level groups." }, "transitionRoutes": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1TransitionRoute" }, "description": "A list of transitions for the transition rules of this page. They route the conversation to another page in the same flow, or another flow. When we are in a certain page, the TransitionRoutes are evalauted in the following order: * TransitionRoutes defined in the page with intent specified. * TransitionRoutes defined in the transition route groups with intent specified. * TransitionRoutes defined in flow with intent specified. * TransitionRoutes defined in the transition route groups with intent specified. * TransitionRoutes defined in the page with only condition specified. * TransitionRoutes defined in the transition route groups with only condition specified." } }, "type": "object", "required": [ "displayName" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1PageResponse": { "description": "A Dialogflow CX conversation (session) can be described and visualized as a state machine. The states of a CX session are represented by pages. For each flow, you define many pages, where your combined pages can handle a complete conversation on the topics the flow is designed for. At any given moment, exactly one page is the current page, the current page is considered active, and the flow associated with that page is considered active. Every flow has a special start page. When a flow initially becomes active, the start page page becomes the current page. For each conversational turn, the current page will either stay the same or transition to another page. You configure each page to collect information from the end-user that is relevant for the conversational state represented by the page. For more information, see the [Page guide](https://cloud.google.com/dialogflow/cx/docs/concept/page).", "properties": { "advancedSettings": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1AdvancedSettingsResponse", "description": "Hierarchical advanced settings for this page. The settings exposed at the lower level overrides the settings exposed at the higher level." }, "displayName": { "type": "string", "description": "The human-readable name of the page, unique within the flow." }, "entryFulfillment": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1FulfillmentResponse", "description": "The fulfillment to call when the session is entering the page." }, "eventHandlers": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1EventHandlerResponse" }, "description": "Handlers associated with the page to handle events such as webhook errors, no match or no input." }, "form": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1FormResponse", "description": "The form associated with the page, used for collecting parameters relevant to the page." }, "knowledgeConnectorSettings": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1KnowledgeConnectorSettingsResponse", "description": "Optional. Knowledge connector configuration." }, "name": { "type": "string", "description": "The unique identifier of the page. Required for the Pages.UpdatePage method. Pages.CreatePage populates the name automatically. Format: `projects//locations//agents//flows//pages/`." }, "transitionRouteGroups": { "type": "array", "items": { "type": "string" }, "description": "Ordered list of `TransitionRouteGroups` added to the page. Transition route groups must be unique within a page. If the page links both flow-level transition route groups and agent-level transition route groups, the flow-level ones will have higher priority and will be put before the agent-level ones. * If multiple transition routes within a page scope refer to the same intent, then the precedence order is: page's transition route -> page's transition route group -> flow's transition routes. * If multiple transition route groups within a page contain the same intent, then the first group in the ordered list takes precedence. Format:`projects//locations//agents//flows//transitionRouteGroups/` or `projects//locations//agents//transitionRouteGroups/` for agent-level groups." }, "transitionRoutes": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1TransitionRouteResponse" }, "description": "A list of transitions for the transition rules of this page. They route the conversation to another page in the same flow, or another flow. When we are in a certain page, the TransitionRoutes are evalauted in the following order: * TransitionRoutes defined in the page with intent specified. * TransitionRoutes defined in the transition route groups with intent specified. * TransitionRoutes defined in flow with intent specified. * TransitionRoutes defined in the transition route groups with intent specified. * TransitionRoutes defined in the page with only condition specified. * TransitionRoutes defined in the transition route groups with only condition specified." } }, "type": "object", "required": [ "advancedSettings", "displayName", "entryFulfillment", "eventHandlers", "form", "knowledgeConnectorSettings", "name", "transitionRouteGroups", "transitionRoutes" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1QueryInput": { "description": "Represents the query input. It can contain one of: 1. A conversational query in the form of text. 2. An intent query that specifies which intent to trigger. 3. Natural language speech audio to be processed. 4. An event to be triggered. 5. DTMF digits to invoke an intent and fill in parameter value.", "properties": { "audio": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1AudioInput", "description": "The natural language speech audio to be processed." }, "dtmf": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1DtmfInput", "description": "The DTMF event to be handled." }, "event": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1EventInput", "description": "The event to be triggered." }, "intent": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1IntentInput", "description": "The intent to be triggered." }, "languageCode": { "type": "string", "description": "The language of the input. See [Language Support](https://cloud.google.com/dialogflow/cx/docs/reference/language) for a list of the currently supported language codes. Note that queries in the same session do not necessarily need to specify the same language." }, "text": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1TextInput", "description": "The natural language text to be processed." } }, "type": "object", "required": [ "languageCode" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1QueryInputResponse": { "description": "Represents the query input. It can contain one of: 1. A conversational query in the form of text. 2. An intent query that specifies which intent to trigger. 3. Natural language speech audio to be processed. 4. An event to be triggered. 5. DTMF digits to invoke an intent and fill in parameter value.", "properties": { "audio": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1AudioInputResponse", "description": "The natural language speech audio to be processed." }, "dtmf": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1DtmfInputResponse", "description": "The DTMF event to be handled." }, "event": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1EventInputResponse", "description": "The event to be triggered." }, "intent": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1IntentInputResponse", "description": "The intent to be triggered." }, "languageCode": { "type": "string", "description": "The language of the input. See [Language Support](https://cloud.google.com/dialogflow/cx/docs/reference/language) for a list of the currently supported language codes. Note that queries in the same session do not necessarily need to specify the same language." }, "text": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1TextInputResponse", "description": "The natural language text to be processed." } }, "type": "object", "required": [ "audio", "dtmf", "event", "intent", "languageCode", "text" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessage": { "description": "Represents a response message that can be returned by a conversational agent. Response messages are also used for output audio synthesis. The approach is as follows: * If at least one OutputAudioText response is present, then all OutputAudioText responses are linearly concatenated, and the result is used for output audio synthesis. * If the OutputAudioText responses are a mixture of text and SSML, then the concatenated result is treated as SSML; otherwise, the result is treated as either text or SSML as appropriate. The agent designer should ideally use either text or SSML consistently throughout the bot design. * Otherwise, all Text responses are linearly concatenated, and the result is used for output audio synthesis. This approach allows for more sophisticated user experience scenarios, where the text displayed to the user may differ from what is heard.", "properties": { "channel": { "type": "string", "description": "The channel which the response is associated with. Clients can specify the channel via QueryParameters.channel, and only associated channel response will be returned." }, "conversationSuccess": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageConversationSuccess", "description": "Indicates that the conversation succeeded." }, "knowledgeInfoCard": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageKnowledgeInfoCard", "description": "Represents info card for knowledge answers, to be better rendered in Dialogflow Messenger." }, "liveAgentHandoff": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageLiveAgentHandoff", "description": "Hands off conversation to a human agent." }, "outputAudioText": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageOutputAudioText", "description": "A text or ssml response that is preferentially used for TTS output audio synthesis, as described in the comment on the ResponseMessage message." }, "payload": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Returns a response containing a custom, platform-specific payload." }, "playAudio": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessagePlayAudio", "description": "Signal that the client should play an audio clip hosted at a client-specific URI. Dialogflow uses this to construct mixed_audio. However, Dialogflow itself does not try to read or process the URI in any way." }, "telephonyTransferCall": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageTelephonyTransferCall", "description": "A signal that the client should transfer the phone call connected to this agent to a third-party endpoint." }, "text": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageText", "description": "Returns a text response." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageConversationSuccess": { "description": "Indicates that the conversation succeeded, i.e., the bot handled the issue that the customer talked to it about. Dialogflow only uses this to determine which conversations should be counted as successful and doesn't process the metadata in this message in any way. Note that Dialogflow also considers conversations that get to the conversation end page as successful even if they don't return ConversationSuccess. You may set this, for example: * In the entry_fulfillment of a Page if entering the page indicates that the conversation succeeded. * In a webhook response when you determine that you handled the customer issue.", "properties": { "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Custom metadata. Dialogflow doesn't impose any structure on this." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageConversationSuccessResponse": { "description": "Indicates that the conversation succeeded, i.e., the bot handled the issue that the customer talked to it about. Dialogflow only uses this to determine which conversations should be counted as successful and doesn't process the metadata in this message in any way. Note that Dialogflow also considers conversations that get to the conversation end page as successful even if they don't return ConversationSuccess. You may set this, for example: * In the entry_fulfillment of a Page if entering the page indicates that the conversation succeeded. * In a webhook response when you determine that you handled the customer issue.", "properties": { "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Custom metadata. Dialogflow doesn't impose any structure on this." } }, "type": "object", "required": [ "metadata" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageEndInteractionResponse": { "description": "Indicates that interaction with the Dialogflow agent has ended. This message is generated by Dialogflow only and not supposed to be defined by the user.", "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageKnowledgeInfoCard": { "description": "Represents info card response. If the response contains generative knowledge prediction, Dialogflow will return a payload with Infobot Messenger compatible info card. Otherwise, the info card response is skipped.", "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageKnowledgeInfoCardResponse": { "description": "Represents info card response. If the response contains generative knowledge prediction, Dialogflow will return a payload with Infobot Messenger compatible info card. Otherwise, the info card response is skipped.", "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageLiveAgentHandoff": { "description": "Indicates that the conversation should be handed off to a live agent. Dialogflow only uses this to determine which conversations were handed off to a human agent for measurement purposes. What else to do with this signal is up to you and your handoff procedures. You may set this, for example: * In the entry_fulfillment of a Page if entering the page indicates something went extremely wrong in the conversation. * In a webhook response when you determine that the customer issue can only be handled by a human.", "properties": { "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Custom metadata for your handoff procedure. Dialogflow doesn't impose any structure on this." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageLiveAgentHandoffResponse": { "description": "Indicates that the conversation should be handed off to a live agent. Dialogflow only uses this to determine which conversations were handed off to a human agent for measurement purposes. What else to do with this signal is up to you and your handoff procedures. You may set this, for example: * In the entry_fulfillment of a Page if entering the page indicates something went extremely wrong in the conversation. * In a webhook response when you determine that the customer issue can only be handled by a human.", "properties": { "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Custom metadata for your handoff procedure. Dialogflow doesn't impose any structure on this." } }, "type": "object", "required": [ "metadata" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageMixedAudioResponse": { "description": "Represents an audio message that is composed of both segments synthesized from the Dialogflow agent prompts and ones hosted externally at the specified URIs. The external URIs are specified via play_audio. This message is generated by Dialogflow only and not supposed to be defined by the user.", "properties": { "segments": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageMixedAudioSegmentResponse" }, "description": "Segments this audio response is composed of." } }, "type": "object", "required": [ "segments" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageMixedAudioSegmentResponse": { "description": "Represents one segment of audio.", "properties": { "allowPlaybackInterruption": { "type": "boolean", "description": "Whether the playback of this segment can be interrupted by the end user's speech and the client should then start the next Dialogflow request." }, "audio": { "type": "string", "description": "Raw audio synthesized from the Dialogflow agent's response using the output config specified in the request." }, "uri": { "type": "string", "description": "Client-specific URI that points to an audio clip accessible to the client. Dialogflow does not impose any validation on it." } }, "type": "object", "required": [ "allowPlaybackInterruption", "audio", "uri" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageOutputAudioText": { "description": "A text or ssml response that is preferentially used for TTS output audio synthesis, as described in the comment on the ResponseMessage message.", "properties": { "ssml": { "type": "string", "description": "The SSML text to be synthesized. For more information, see [SSML](/speech/text-to-speech/docs/ssml)." }, "text": { "type": "string", "description": "The raw text to be synthesized." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageOutputAudioTextResponse": { "description": "A text or ssml response that is preferentially used for TTS output audio synthesis, as described in the comment on the ResponseMessage message.", "properties": { "allowPlaybackInterruption": { "type": "boolean", "description": "Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request." }, "ssml": { "type": "string", "description": "The SSML text to be synthesized. For more information, see [SSML](/speech/text-to-speech/docs/ssml)." }, "text": { "type": "string", "description": "The raw text to be synthesized." } }, "type": "object", "required": [ "allowPlaybackInterruption", "ssml", "text" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessagePlayAudio": { "description": "Specifies an audio clip to be played by the client as part of the response.", "properties": { "audioUri": { "type": "string", "description": "URI of the audio clip. Dialogflow does not impose any validation on this value. It is specific to the client that reads it." } }, "type": "object", "required": [ "audioUri" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessagePlayAudioResponse": { "description": "Specifies an audio clip to be played by the client as part of the response.", "properties": { "allowPlaybackInterruption": { "type": "boolean", "description": "Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request." }, "audioUri": { "type": "string", "description": "URI of the audio clip. Dialogflow does not impose any validation on this value. It is specific to the client that reads it." } }, "type": "object", "required": [ "allowPlaybackInterruption", "audioUri" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageResponse": { "description": "Represents a response message that can be returned by a conversational agent. Response messages are also used for output audio synthesis. The approach is as follows: * If at least one OutputAudioText response is present, then all OutputAudioText responses are linearly concatenated, and the result is used for output audio synthesis. * If the OutputAudioText responses are a mixture of text and SSML, then the concatenated result is treated as SSML; otherwise, the result is treated as either text or SSML as appropriate. The agent designer should ideally use either text or SSML consistently throughout the bot design. * Otherwise, all Text responses are linearly concatenated, and the result is used for output audio synthesis. This approach allows for more sophisticated user experience scenarios, where the text displayed to the user may differ from what is heard.", "properties": { "channel": { "type": "string", "description": "The channel which the response is associated with. Clients can specify the channel via QueryParameters.channel, and only associated channel response will be returned." }, "conversationSuccess": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageConversationSuccessResponse", "description": "Indicates that the conversation succeeded." }, "endInteraction": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageEndInteractionResponse", "description": "A signal that indicates the interaction with the Dialogflow agent has ended. This message is generated by Dialogflow only when the conversation reaches `END_SESSION` page. It is not supposed to be defined by the user. It's guaranteed that there is at most one such message in each response." }, "knowledgeInfoCard": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageKnowledgeInfoCardResponse", "description": "Represents info card for knowledge answers, to be better rendered in Dialogflow Messenger." }, "liveAgentHandoff": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageLiveAgentHandoffResponse", "description": "Hands off conversation to a human agent." }, "mixedAudio": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageMixedAudioResponse", "description": "An audio response message composed of both the synthesized Dialogflow agent responses and responses defined via play_audio. This message is generated by Dialogflow only and not supposed to be defined by the user." }, "outputAudioText": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageOutputAudioTextResponse", "description": "A text or ssml response that is preferentially used for TTS output audio synthesis, as described in the comment on the ResponseMessage message." }, "payload": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Returns a response containing a custom, platform-specific payload." }, "playAudio": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessagePlayAudioResponse", "description": "Signal that the client should play an audio clip hosted at a client-specific URI. Dialogflow uses this to construct mixed_audio. However, Dialogflow itself does not try to read or process the URI in any way." }, "telephonyTransferCall": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageTelephonyTransferCallResponse", "description": "A signal that the client should transfer the phone call connected to this agent to a third-party endpoint." }, "text": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageTextResponse", "description": "Returns a text response." } }, "type": "object", "required": [ "channel", "conversationSuccess", "endInteraction", "knowledgeInfoCard", "liveAgentHandoff", "mixedAudio", "outputAudioText", "payload", "playAudio", "telephonyTransferCall", "text" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageTelephonyTransferCall": { "description": "Represents the signal that telles the client to transfer the phone call connected to the agent to a third-party endpoint.", "properties": { "phoneNumber": { "type": "string", "description": "Transfer the call to a phone number in [E.164 format](https://en.wikipedia.org/wiki/E.164)." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageTelephonyTransferCallResponse": { "description": "Represents the signal that telles the client to transfer the phone call connected to the agent to a third-party endpoint.", "properties": { "phoneNumber": { "type": "string", "description": "Transfer the call to a phone number in [E.164 format](https://en.wikipedia.org/wiki/E.164)." } }, "type": "object", "required": [ "phoneNumber" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageText": { "description": "The text response message.", "properties": { "text": { "type": "array", "items": { "type": "string" }, "description": "A collection of text responses." } }, "type": "object", "required": [ "text" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1ResponseMessageTextResponse": { "description": "The text response message.", "properties": { "allowPlaybackInterruption": { "type": "boolean", "description": "Whether the playback of this message can be interrupted by the end user's speech and the client can then starts the next Dialogflow request." }, "text": { "type": "array", "items": { "type": "string" }, "description": "A collection of text responses." } }, "type": "object", "required": [ "allowPlaybackInterruption", "text" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1RolloutConfig": { "description": "The configuration for auto rollout.", "properties": { "failureCondition": { "type": "string", "description": "The conditions that are used to evaluate the failure of a rollout step. If not specified, no rollout steps will fail. E.g. \"containment_rate < 10% OR average_turn_count < 3\". See the [conditions reference](https://cloud.google.com/dialogflow/cx/docs/reference/condition)." }, "rolloutCondition": { "type": "string", "description": "The conditions that are used to evaluate the success of a rollout step. If not specified, all rollout steps will proceed to the next one unless failure conditions are met. E.g. \"containment_rate > 60% AND callback_rate < 20%\". See the [conditions reference](https://cloud.google.com/dialogflow/cx/docs/reference/condition)." }, "rolloutSteps": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1RolloutConfigRolloutStep" }, "description": "Steps to roll out a flow version. Steps should be sorted by percentage in ascending order." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1RolloutConfigResponse": { "description": "The configuration for auto rollout.", "properties": { "failureCondition": { "type": "string", "description": "The conditions that are used to evaluate the failure of a rollout step. If not specified, no rollout steps will fail. E.g. \"containment_rate < 10% OR average_turn_count < 3\". See the [conditions reference](https://cloud.google.com/dialogflow/cx/docs/reference/condition)." }, "rolloutCondition": { "type": "string", "description": "The conditions that are used to evaluate the success of a rollout step. If not specified, all rollout steps will proceed to the next one unless failure conditions are met. E.g. \"containment_rate > 60% AND callback_rate < 20%\". See the [conditions reference](https://cloud.google.com/dialogflow/cx/docs/reference/condition)." }, "rolloutSteps": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1RolloutConfigRolloutStepResponse" }, "description": "Steps to roll out a flow version. Steps should be sorted by percentage in ascending order." } }, "type": "object", "required": [ "failureCondition", "rolloutCondition", "rolloutSteps" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1RolloutConfigRolloutStep": { "description": "A single rollout step with specified traffic allocation.", "properties": { "displayName": { "type": "string", "description": "The name of the rollout step;" }, "minDuration": { "type": "string", "description": "The minimum time that this step should last. Should be longer than 1 hour. If not set, the default minimum duration for each step will be 1 hour." }, "trafficPercent": { "type": "integer", "description": "The percentage of traffic allocated to the flow version of this rollout step. (0%, 100%]." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1RolloutConfigRolloutStepResponse": { "description": "A single rollout step with specified traffic allocation.", "properties": { "displayName": { "type": "string", "description": "The name of the rollout step;" }, "minDuration": { "type": "string", "description": "The minimum time that this step should last. Should be longer than 1 hour. If not set, the default minimum duration for each step will be 1 hour." }, "trafficPercent": { "type": "integer", "description": "The percentage of traffic allocated to the flow version of this rollout step. (0%, 100%]." } }, "type": "object", "required": [ "displayName", "minDuration", "trafficPercent" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1RolloutState": { "description": "State of the auto-rollout process.", "properties": { "startTime": { "type": "string", "description": "Start time of the current step." }, "step": { "type": "string", "description": "Display name of the current auto rollout step." }, "stepIndex": { "type": "integer", "description": "Index of the current step in the auto rollout steps list." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1RolloutStateResponse": { "description": "State of the auto-rollout process.", "properties": { "startTime": { "type": "string", "description": "Start time of the current step." }, "step": { "type": "string", "description": "Display name of the current auto rollout step." }, "stepIndex": { "type": "integer", "description": "Index of the current step in the auto rollout steps list." } }, "type": "object", "required": [ "startTime", "step", "stepIndex" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1SecuritySettingsAudioExportSettings": { "description": "Settings for exporting audio.", "properties": { "audioExportPattern": { "type": "string", "description": "Filename pattern for exported audio." }, "audioFormat": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1SecuritySettingsAudioExportSettingsAudioFormat", "description": "File format for exported audio file. Currently only in telephony recordings." }, "enableAudioRedaction": { "type": "boolean", "description": "Enable audio redaction if it is true." }, "gcsBucket": { "type": "string", "description": "Cloud Storage bucket to export audio record to. Setting this field would grant the Storage Object Creator role to the Dialogflow Service Agent. API caller that tries to modify this field should have the permission of storage.buckets.setIamPolicy." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1SecuritySettingsAudioExportSettingsAudioFormat": { "description": "File format for exported audio file. Currently only in telephony recordings.", "type": "string", "enum": [ { "name": "AudioFormatUnspecified", "description": "Unspecified. Do not use.", "value": "AUDIO_FORMAT_UNSPECIFIED" }, { "name": "Mulaw", "description": "G.711 mu-law PCM with 8kHz sample rate.", "value": "MULAW" }, { "name": "Mp3", "description": "MP3 file format.", "value": "MP3" }, { "name": "Ogg", "description": "OGG Vorbis.", "value": "OGG" } ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1SecuritySettingsAudioExportSettingsResponse": { "description": "Settings for exporting audio.", "properties": { "audioExportPattern": { "type": "string", "description": "Filename pattern for exported audio." }, "audioFormat": { "type": "string", "description": "File format for exported audio file. Currently only in telephony recordings." }, "enableAudioRedaction": { "type": "boolean", "description": "Enable audio redaction if it is true." }, "gcsBucket": { "type": "string", "description": "Cloud Storage bucket to export audio record to. Setting this field would grant the Storage Object Creator role to the Dialogflow Service Agent. API caller that tries to modify this field should have the permission of storage.buckets.setIamPolicy." } }, "type": "object", "required": [ "audioExportPattern", "audioFormat", "enableAudioRedaction", "gcsBucket" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1SecuritySettingsInsightsExportSettings": { "description": "Settings for exporting conversations to [Insights](https://cloud.google.com/contact-center/insights/docs).", "properties": { "enableInsightsExport": { "type": "boolean", "description": "If enabled, we will automatically exports conversations to Insights and Insights runs its analyzers." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1SecuritySettingsInsightsExportSettingsResponse": { "description": "Settings for exporting conversations to [Insights](https://cloud.google.com/contact-center/insights/docs).", "properties": { "enableInsightsExport": { "type": "boolean", "description": "If enabled, we will automatically exports conversations to Insights and Insights runs its analyzers." } }, "type": "object", "required": [ "enableInsightsExport" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1SpeechToTextSettings": { "description": "Settings related to speech recognition.", "properties": { "enableSpeechAdaptation": { "type": "boolean", "description": "Whether to use speech adaptation for speech recognition." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1SpeechToTextSettingsResponse": { "description": "Settings related to speech recognition.", "properties": { "enableSpeechAdaptation": { "type": "boolean", "description": "Whether to use speech adaptation for speech recognition." } }, "type": "object", "required": [ "enableSpeechAdaptation" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1TestCaseResult": { "description": "Represents a result from running a test case in an agent environment.", "properties": { "conversationTurns": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ConversationTurn" }, "description": "The conversation turns uttered during the test case replay in chronological order." }, "environment": { "type": "string", "description": "Environment where the test was run. If not set, it indicates the draft environment." }, "name": { "type": "string", "description": "The resource name for the test case result. Format: `projects//locations//agents//testCases/ /results/`." }, "testResult": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1TestCaseResultTestResult", "description": "Whether the test case passed in the agent environment." }, "testTime": { "type": "string", "description": "The time that the test was run." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1TestCaseResultResponse": { "description": "Represents a result from running a test case in an agent environment.", "properties": { "conversationTurns": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1ConversationTurnResponse" }, "description": "The conversation turns uttered during the test case replay in chronological order." }, "environment": { "type": "string", "description": "Environment where the test was run. If not set, it indicates the draft environment." }, "name": { "type": "string", "description": "The resource name for the test case result. Format: `projects//locations//agents//testCases/ /results/`." }, "testResult": { "type": "string", "description": "Whether the test case passed in the agent environment." }, "testTime": { "type": "string", "description": "The time that the test was run." } }, "type": "object", "required": [ "conversationTurns", "environment", "name", "testResult", "testTime" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1TestCaseResultTestResult": { "description": "Whether the test case passed in the agent environment.", "type": "string", "enum": [ { "name": "TestResultUnspecified", "description": "Not specified. Should never be used.", "value": "TEST_RESULT_UNSPECIFIED" }, { "name": "Passed", "description": "The test passed.", "value": "PASSED" }, { "name": "Failed", "description": "The test did not pass.", "value": "FAILED" } ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1TestConfig": { "description": "Represents configurations for a test case.", "properties": { "flow": { "type": "string", "description": "Flow name to start the test case with. Format: `projects//locations//agents//flows/`. Only one of `flow` and `page` should be set to indicate the starting point of the test case. If both are set, `page` takes precedence over `flow`. If neither is set, the test case will start with start page on the default start flow." }, "page": { "type": "string", "description": "The page to start the test case with. Format: `projects//locations//agents//flows//pages/`. Only one of `flow` and `page` should be set to indicate the starting point of the test case. If both are set, `page` takes precedence over `flow`. If neither is set, the test case will start with start page on the default start flow." }, "trackingParameters": { "type": "array", "items": { "type": "string" }, "description": "Session parameters to be compared when calculating differences." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1TestConfigResponse": { "description": "Represents configurations for a test case.", "properties": { "flow": { "type": "string", "description": "Flow name to start the test case with. Format: `projects//locations//agents//flows/`. Only one of `flow` and `page` should be set to indicate the starting point of the test case. If both are set, `page` takes precedence over `flow`. If neither is set, the test case will start with start page on the default start flow." }, "page": { "type": "string", "description": "The page to start the test case with. Format: `projects//locations//agents//flows//pages/`. Only one of `flow` and `page` should be set to indicate the starting point of the test case. If both are set, `page` takes precedence over `flow`. If neither is set, the test case will start with start page on the default start flow." }, "trackingParameters": { "type": "array", "items": { "type": "string" }, "description": "Session parameters to be compared when calculating differences." } }, "type": "object", "required": [ "flow", "page", "trackingParameters" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1TestRunDifferenceResponse": { "description": "The description of differences between original and replayed agent output.", "properties": { "description": { "type": "string", "description": "A human readable description of the diff, showing the actual output vs expected output." }, "type": { "type": "string", "description": "The type of diff." } }, "type": "object", "required": [ "description", "type" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1TextInput": { "description": "Represents the natural language text to be processed.", "properties": { "text": { "type": "string", "description": "The UTF-8 encoded natural language text to be processed. Text length must not exceed 256 characters." } }, "type": "object", "required": [ "text" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1TextInputResponse": { "description": "Represents the natural language text to be processed.", "properties": { "text": { "type": "string", "description": "The UTF-8 encoded natural language text to be processed. Text length must not exceed 256 characters." } }, "type": "object", "required": [ "text" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1TextToSpeechSettings": { "description": "Settings related to speech synthesizing.", "properties": { "synthesizeSpeechConfigs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Configuration of how speech should be synthesized, mapping from language (https://cloud.google.com/dialogflow/cx/docs/reference/language) to SynthesizeSpeechConfig. These settings affect: - The [phone gateway](https://cloud.google.com/dialogflow/cx/docs/concept/integration/phone-gateway) synthesize configuration set via Agent.text_to_speech_settings. - How speech is synthesized when invoking session APIs. Agent.text_to_speech_settings only applies if OutputAudioConfig.synthesize_speech_config is not specified." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1TextToSpeechSettingsResponse": { "description": "Settings related to speech synthesizing.", "properties": { "synthesizeSpeechConfigs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Configuration of how speech should be synthesized, mapping from language (https://cloud.google.com/dialogflow/cx/docs/reference/language) to SynthesizeSpeechConfig. These settings affect: - The [phone gateway](https://cloud.google.com/dialogflow/cx/docs/concept/integration/phone-gateway) synthesize configuration set via Agent.text_to_speech_settings. - How speech is synthesized when invoking session APIs. Agent.text_to_speech_settings only applies if OutputAudioConfig.synthesize_speech_config is not specified." } }, "type": "object", "required": [ "synthesizeSpeechConfigs" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1TransitionRoute": { "description": "A transition route specifies a intent that can be matched and/or a data condition that can be evaluated during a session. When a specified transition is matched, the following actions are taken in order: * If there is a `trigger_fulfillment` associated with the transition, it will be called. * If there is a `target_page` associated with the transition, the session will transition into the specified page. * If there is a `target_flow` associated with the transition, the session will transition into the specified flow.", "properties": { "condition": { "type": "string", "description": "The condition to evaluate against form parameters or session parameters. See the [conditions reference](https://cloud.google.com/dialogflow/cx/docs/reference/condition). At least one of `intent` or `condition` must be specified. When both `intent` and `condition` are specified, the transition can only happen when both are fulfilled." }, "description": { "type": "string", "description": "Optional. The description of the transition route. The maximum length is 500 characters." }, "intent": { "type": "string", "description": "The unique identifier of an Intent. Format: `projects//locations//agents//intents/`. Indicates that the transition can only happen when the given intent is matched. At least one of `intent` or `condition` must be specified. When both `intent` and `condition` are specified, the transition can only happen when both are fulfilled." }, "targetFlow": { "type": "string", "description": "The target flow to transition to. Format: `projects//locations//agents//flows/`." }, "targetPage": { "type": "string", "description": "The target page to transition to. Format: `projects//locations//agents//flows//pages/`." }, "triggerFulfillment": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1Fulfillment", "description": "The fulfillment to call when the condition is satisfied. At least one of `trigger_fulfillment` and `target` must be specified. When both are defined, `trigger_fulfillment` is executed first." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1TransitionRouteResponse": { "description": "A transition route specifies a intent that can be matched and/or a data condition that can be evaluated during a session. When a specified transition is matched, the following actions are taken in order: * If there is a `trigger_fulfillment` associated with the transition, it will be called. * If there is a `target_page` associated with the transition, the session will transition into the specified page. * If there is a `target_flow` associated with the transition, the session will transition into the specified flow.", "properties": { "condition": { "type": "string", "description": "The condition to evaluate against form parameters or session parameters. See the [conditions reference](https://cloud.google.com/dialogflow/cx/docs/reference/condition). At least one of `intent` or `condition` must be specified. When both `intent` and `condition` are specified, the transition can only happen when both are fulfilled." }, "description": { "type": "string", "description": "Optional. The description of the transition route. The maximum length is 500 characters." }, "intent": { "type": "string", "description": "The unique identifier of an Intent. Format: `projects//locations//agents//intents/`. Indicates that the transition can only happen when the given intent is matched. At least one of `intent` or `condition` must be specified. When both `intent` and `condition` are specified, the transition can only happen when both are fulfilled." }, "name": { "type": "string", "description": "The unique identifier of this transition route." }, "targetFlow": { "type": "string", "description": "The target flow to transition to. Format: `projects//locations//agents//flows/`." }, "targetPage": { "type": "string", "description": "The target page to transition to. Format: `projects//locations//agents//flows//pages/`." }, "triggerFulfillment": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1FulfillmentResponse", "description": "The fulfillment to call when the condition is satisfied. At least one of `trigger_fulfillment` and `target` must be specified. When both are defined, `trigger_fulfillment` is executed first." } }, "type": "object", "required": [ "condition", "description", "intent", "name", "targetFlow", "targetPage", "triggerFulfillment" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1VariantsHistory": { "description": "The history of variants update.", "properties": { "updateTime": { "type": "string", "description": "Update time of the variants." }, "versionVariants": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1VersionVariants", "description": "The flow versions as the variants." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1VariantsHistoryResponse": { "description": "The history of variants update.", "properties": { "updateTime": { "type": "string", "description": "Update time of the variants." }, "versionVariants": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1VersionVariantsResponse", "description": "The flow versions as the variants." } }, "type": "object", "required": [ "updateTime", "versionVariants" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1VersionVariants": { "description": "A list of flow version variants.", "properties": { "variants": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1VersionVariantsVariant" }, "description": "A list of flow version variants." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1VersionVariantsResponse": { "description": "A list of flow version variants.", "properties": { "variants": { "type": "array", "items": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1VersionVariantsVariantResponse" }, "description": "A list of flow version variants." } }, "type": "object", "required": [ "variants" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1VersionVariantsVariant": { "description": "A single flow version with specified traffic allocation.", "properties": { "isControlGroup": { "type": "boolean", "description": "Whether the variant is for the control group." }, "trafficAllocation": { "type": "number", "description": "Percentage of the traffic which should be routed to this version of flow. Traffic allocation for a single flow must sum up to 1.0." }, "version": { "type": "string", "description": "The name of the flow version. Format: `projects//locations//agents//flows//versions/`." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1VersionVariantsVariantResponse": { "description": "A single flow version with specified traffic allocation.", "properties": { "isControlGroup": { "type": "boolean", "description": "Whether the variant is for the control group." }, "trafficAllocation": { "type": "number", "description": "Percentage of the traffic which should be routed to this version of flow. Traffic allocation for a single flow must sum up to 1.0." }, "version": { "type": "string", "description": "The name of the flow version. Format: `projects//locations//agents//flows//versions/`." } }, "type": "object", "required": [ "isControlGroup", "trafficAllocation", "version" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1Webhook": { "description": "Webhooks host the developer's business logic. During a session, webhooks allow the developer to use the data extracted by Dialogflow's natural language processing to generate dynamic responses, validate collected data, or trigger actions on the backend.", "properties": { "disabled": { "type": "boolean", "description": "Indicates whether the webhook is disabled." }, "displayName": { "type": "string", "description": "The human-readable name of the webhook, unique within the agent." }, "genericWebService": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1WebhookGenericWebService", "description": "Configuration for a generic web service." }, "name": { "type": "string", "description": "The unique identifier of the webhook. Required for the Webhooks.UpdateWebhook method. Webhooks.CreateWebhook populates the name automatically. Format: `projects//locations//agents//webhooks/`." }, "serviceDirectory": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1WebhookServiceDirectoryConfig", "description": "Configuration for a [Service Directory](https://cloud.google.com/service-directory) service." }, "timeout": { "type": "string", "description": "Webhook execution timeout. Execution is considered failed if Dialogflow doesn't receive a response from webhook at the end of the timeout period. Defaults to 5 seconds, maximum allowed timeout is 30 seconds." } }, "type": "object", "required": [ "displayName" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1WebhookGenericWebService": { "description": "Represents configuration for a generic web service.", "properties": { "allowedCaCerts": { "type": "array", "items": { "type": "string" }, "description": "Optional. Specifies a list of allowed custom CA certificates (in DER format) for HTTPS verification. This overrides the default SSL trust store. If this is empty or unspecified, Dialogflow will use Google's default trust store to verify certificates. N.B. Make sure the HTTPS server certificates are signed with \"subject alt name\". For instance a certificate can be self-signed using the following command, ``` openssl x509 -req -days 200 -in example.com.csr \\ -signkey example.com.key \\ -out example.com.crt \\ -extfile <(printf \"\\nsubjectAltName='DNS:www.example.com'\") ```" }, "httpMethod": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1WebhookGenericWebServiceHttpMethod", "description": "Optional. HTTP method for the flexible webhook calls. Standard webhook always uses POST." }, "parameterMapping": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Maps the values extracted from specific fields of the flexible webhook response into session parameters. - Key: session parameter name - Value: field path in the webhook response" }, "password": { "type": "string", "description": "The password for HTTP Basic authentication." }, "requestBody": { "type": "string", "description": "Optional. Defines a custom JSON object as request body to send to flexible webhook." }, "requestHeaders": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The HTTP request headers to send together with webhook requests." }, "uri": { "type": "string", "description": "The webhook URI for receiving POST requests. It must use https protocol." }, "username": { "type": "string", "description": "The user name for HTTP Basic authentication." }, "webhookType": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1WebhookGenericWebServiceWebhookType", "description": "Optional. Type of the webhook." } }, "type": "object", "required": [ "uri" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1WebhookGenericWebServiceHttpMethod": { "description": "Optional. HTTP method for the flexible webhook calls. Standard webhook always uses POST.", "type": "string", "enum": [ { "name": "HttpMethodUnspecified", "description": "HTTP method not specified.", "value": "HTTP_METHOD_UNSPECIFIED" }, { "name": "Post", "description": "HTTP POST Method.", "value": "POST" }, { "name": "Get", "description": "HTTP GET Method.", "value": "GET" }, { "name": "Head", "description": "HTTP HEAD Method.", "value": "HEAD" }, { "name": "Put", "description": "HTTP PUT Method.", "value": "PUT" }, { "name": "Delete", "description": "HTTP DELETE Method.", "value": "DELETE" }, { "name": "Patch", "description": "HTTP PATCH Method.", "value": "PATCH" }, { "name": "Options", "description": "HTTP OPTIONS Method.", "value": "OPTIONS" } ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1WebhookGenericWebServiceResponse": { "description": "Represents configuration for a generic web service.", "properties": { "allowedCaCerts": { "type": "array", "items": { "type": "string" }, "description": "Optional. Specifies a list of allowed custom CA certificates (in DER format) for HTTPS verification. This overrides the default SSL trust store. If this is empty or unspecified, Dialogflow will use Google's default trust store to verify certificates. N.B. Make sure the HTTPS server certificates are signed with \"subject alt name\". For instance a certificate can be self-signed using the following command, ``` openssl x509 -req -days 200 -in example.com.csr \\ -signkey example.com.key \\ -out example.com.crt \\ -extfile <(printf \"\\nsubjectAltName='DNS:www.example.com'\") ```" }, "httpMethod": { "type": "string", "description": "Optional. HTTP method for the flexible webhook calls. Standard webhook always uses POST." }, "parameterMapping": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Maps the values extracted from specific fields of the flexible webhook response into session parameters. - Key: session parameter name - Value: field path in the webhook response" }, "password": { "type": "string", "description": "The password for HTTP Basic authentication." }, "requestBody": { "type": "string", "description": "Optional. Defines a custom JSON object as request body to send to flexible webhook." }, "requestHeaders": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The HTTP request headers to send together with webhook requests." }, "uri": { "type": "string", "description": "The webhook URI for receiving POST requests. It must use https protocol." }, "username": { "type": "string", "description": "The user name for HTTP Basic authentication." }, "webhookType": { "type": "string", "description": "Optional. Type of the webhook." } }, "type": "object", "required": [ "allowedCaCerts", "httpMethod", "parameterMapping", "password", "requestBody", "requestHeaders", "uri", "username", "webhookType" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1WebhookGenericWebServiceWebhookType": { "description": "Optional. Type of the webhook.", "type": "string", "enum": [ { "name": "WebhookTypeUnspecified", "description": "Default value. This value is unused.", "value": "WEBHOOK_TYPE_UNSPECIFIED" }, { "name": "Standard", "description": "Represents a standard webhook.", "value": "STANDARD" }, { "name": "Flexible", "description": "Represents a flexible webhook.", "value": "FLEXIBLE" } ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1WebhookResponse": { "description": "Webhooks host the developer's business logic. During a session, webhooks allow the developer to use the data extracted by Dialogflow's natural language processing to generate dynamic responses, validate collected data, or trigger actions on the backend.", "properties": { "disabled": { "type": "boolean", "description": "Indicates whether the webhook is disabled." }, "displayName": { "type": "string", "description": "The human-readable name of the webhook, unique within the agent." }, "genericWebService": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1WebhookGenericWebServiceResponse", "description": "Configuration for a generic web service." }, "name": { "type": "string", "description": "The unique identifier of the webhook. Required for the Webhooks.UpdateWebhook method. Webhooks.CreateWebhook populates the name automatically. Format: `projects//locations//agents//webhooks/`." }, "serviceDirectory": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1WebhookServiceDirectoryConfigResponse", "description": "Configuration for a [Service Directory](https://cloud.google.com/service-directory) service." }, "timeout": { "type": "string", "description": "Webhook execution timeout. Execution is considered failed if Dialogflow doesn't receive a response from webhook at the end of the timeout period. Defaults to 5 seconds, maximum allowed timeout is 30 seconds." } }, "type": "object", "required": [ "disabled", "displayName", "genericWebService", "name", "serviceDirectory", "timeout" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1WebhookServiceDirectoryConfig": { "description": "Represents configuration for a [Service Directory](https://cloud.google.com/service-directory) service.", "properties": { "genericWebService": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1WebhookGenericWebService", "description": "Generic Service configuration of this webhook." }, "service": { "type": "string", "description": "The name of [Service Directory](https://cloud.google.com/service-directory) service. Format: `projects//locations//namespaces//services/`. `Location ID` of the service directory must be the same as the location of the agent." } }, "type": "object", "required": [ "service" ] }, "google-native:dialogflow/v3beta1:GoogleCloudDialogflowCxV3beta1WebhookServiceDirectoryConfigResponse": { "description": "Represents configuration for a [Service Directory](https://cloud.google.com/service-directory) service.", "properties": { "genericWebService": { "$ref": "#/types/google-native:dialogflow%2Fv3beta1:GoogleCloudDialogflowCxV3beta1WebhookGenericWebServiceResponse", "description": "Generic Service configuration of this webhook." }, "service": { "type": "string", "description": "The name of [Service Directory](https://cloud.google.com/service-directory) service. Format: `projects//locations//namespaces//services/`. `Location ID` of the service directory must be the same as the location of the agent." } }, "type": "object", "required": [ "genericWebService", "service" ] }, "google-native:dialogflow/v3beta1:GoogleRpcStatus": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object" }, "google-native:dialogflow/v3beta1:GoogleRpcStatusResponse": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object", "required": [ "code", "details", "message" ] }, "google-native:dialogflow/v3beta1:SecuritySettingPurgeDataTypesItem": { "type": "string", "enum": [ { "name": "PurgeDataTypeUnspecified", "description": "Unspecified. Do not use.", "value": "PURGE_DATA_TYPE_UNSPECIFIED" }, { "name": "DialogflowHistory", "description": "Dialogflow history. This does not include Cloud logging, which is owned by the user - not Dialogflow.", "value": "DIALOGFLOW_HISTORY" } ] }, "google-native:dialogflow/v3beta1:SecuritySettingRedactionScope": { "description": "Defines the data for which Dialogflow applies redaction. Dialogflow does not redact data that it does not have access to – for example, Cloud logging.", "type": "string", "enum": [ { "name": "RedactionScopeUnspecified", "description": "Don't redact any kind of data.", "value": "REDACTION_SCOPE_UNSPECIFIED" }, { "name": "RedactDiskStorage", "description": "On data to be written to disk or similar devices that are capable of holding data even if power is disconnected. This includes data that are temporarily saved on disk.", "value": "REDACT_DISK_STORAGE" } ] }, "google-native:dialogflow/v3beta1:SecuritySettingRedactionStrategy": { "description": "Strategy that defines how we do redaction.", "type": "string", "enum": [ { "name": "RedactionStrategyUnspecified", "description": "Do not redact.", "value": "REDACTION_STRATEGY_UNSPECIFIED" }, { "name": "RedactWithService", "description": "Call redaction service to clean up the data to be persisted.", "value": "REDACT_WITH_SERVICE" } ] }, "google-native:dialogflow/v3beta1:SecuritySettingRetentionStrategy": { "description": "Specifies the retention behavior defined by SecuritySettings.RetentionStrategy.", "type": "string", "enum": [ { "name": "RetentionStrategyUnspecified", "description": "Retains the persisted data with Dialogflow's internal default 365d TTLs.", "value": "RETENTION_STRATEGY_UNSPECIFIED" }, { "name": "RemoveAfterConversation", "description": "Removes data when the conversation ends. If there is no Conversation explicitly established, a default conversation ends when the corresponding Dialogflow session ends.", "value": "REMOVE_AFTER_CONVERSATION" } ] }, "google-native:dialogflow/v3beta1:SessionEntityTypeEntityOverrideMode": { "description": "Required. Indicates whether the additional data should override or supplement the custom entity type definition.", "type": "string", "enum": [ { "name": "EntityOverrideModeUnspecified", "description": "Not specified. This value should be never used.", "value": "ENTITY_OVERRIDE_MODE_UNSPECIFIED" }, { "name": "EntityOverrideModeOverride", "description": "The collection of session entities overrides the collection of entities in the corresponding custom entity type.", "value": "ENTITY_OVERRIDE_MODE_OVERRIDE" }, { "name": "EntityOverrideModeSupplement", "description": "The collection of session entities extends the collection of entities in the corresponding custom entity type. Note: Even in this override mode calls to `ListSessionEntityTypes`, `GetSessionEntityType`, `CreateSessionEntityType` and `UpdateSessionEntityType` only return the additional entities added in this session entity type. If you want to get the supplemented list, please call EntityTypes.GetEntityType on the custom entity type and merge.", "value": "ENTITY_OVERRIDE_MODE_SUPPLEMENT" } ] }, "google-native:discoveryengine/v1alpha:ConversationState": { "description": "The state of the Conversation.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "Unknown.", "value": "STATE_UNSPECIFIED" }, { "name": "InProgress", "description": "Conversation is currently open.", "value": "IN_PROGRESS" }, { "name": "Completed", "description": "Conversation has been completed.", "value": "COMPLETED" } ] }, "google-native:discoveryengine/v1alpha:DataStoreContentConfig": { "description": "Immutable. The content config of the data store. If this field is unset, the server behavior defaults to ContentConfig.NO_CONTENT.", "type": "string", "enum": [ { "name": "ContentConfigUnspecified", "description": "Default value.", "value": "CONTENT_CONFIG_UNSPECIFIED" }, { "name": "NoContent", "description": "Only contains documents without any Document.content.", "value": "NO_CONTENT" }, { "name": "ContentRequired", "description": "Only contains documents with Document.content.", "value": "CONTENT_REQUIRED" }, { "name": "PublicWebsite", "description": "The data store is used for public website search.", "value": "PUBLIC_WEBSITE" } ] }, "google-native:discoveryengine/v1alpha:DataStoreIndustryVertical": { "description": "Immutable. The industry vertical that the data store registers.", "type": "string", "enum": [ { "name": "IndustryVerticalUnspecified", "description": "Value used when unset.", "value": "INDUSTRY_VERTICAL_UNSPECIFIED" }, { "name": "Generic", "description": "The generic vertical for documents that are not specific to any industry vertical.", "value": "GENERIC" }, { "name": "Media", "description": "The media industry vertical.", "value": "MEDIA" } ] }, "google-native:discoveryengine/v1alpha:DataStoreSolutionTypesItem": { "type": "string", "enum": [ { "name": "SolutionTypeUnspecified", "description": "Default value.", "value": "SOLUTION_TYPE_UNSPECIFIED" }, { "name": "SolutionTypeRecommendation", "description": "Used for Recommendations AI.", "value": "SOLUTION_TYPE_RECOMMENDATION" }, { "name": "SolutionTypeSearch", "description": "Used for Discovery Search.", "value": "SOLUTION_TYPE_SEARCH" }, { "name": "SolutionTypeChat", "description": "Used for use cases related to the Generative AI agent.", "value": "SOLUTION_TYPE_CHAT" } ] }, "google-native:discoveryengine/v1alpha:EngineIndustryVertical": { "description": "The industry vertical that the engine registers. The restriction of the Engine industry vertical is based on DataStore: If unspecified, default to `GENERIC`. Vertical on Engine has to match vertical of the DataStore liniked to the engine.", "type": "string", "enum": [ { "name": "IndustryVerticalUnspecified", "description": "Value used when unset.", "value": "INDUSTRY_VERTICAL_UNSPECIFIED" }, { "name": "Generic", "description": "The generic vertical for documents that are not specific to any industry vertical.", "value": "GENERIC" }, { "name": "Media", "description": "The media industry vertical.", "value": "MEDIA" } ] }, "google-native:discoveryengine/v1alpha:EngineSolutionType": { "description": "Required. The solutions of the engine.", "type": "string", "enum": [ { "name": "SolutionTypeUnspecified", "description": "Default value.", "value": "SOLUTION_TYPE_UNSPECIFIED" }, { "name": "SolutionTypeRecommendation", "description": "Used for Recommendations AI.", "value": "SOLUTION_TYPE_RECOMMENDATION" }, { "name": "SolutionTypeSearch", "description": "Used for Discovery Search.", "value": "SOLUTION_TYPE_SEARCH" }, { "name": "SolutionTypeChat", "description": "Used for use cases related to the Generative AI agent.", "value": "SOLUTION_TYPE_CHAT" } ] }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaConversationContext": { "description": "Defines context of the conversation", "properties": { "activeDocument": { "type": "string", "description": "The current active document the user opened. It contains the document resource reference." }, "contextDocuments": { "type": "array", "items": { "type": "string" }, "description": "The current list of documents the user is seeing. It contains the document resource references." } }, "type": "object" }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaConversationContextResponse": { "description": "Defines context of the conversation", "properties": { "activeDocument": { "type": "string", "description": "The current active document the user opened. It contains the document resource reference." }, "contextDocuments": { "type": "array", "items": { "type": "string" }, "description": "The current list of documents the user is seeing. It contains the document resource references." } }, "type": "object", "required": [ "activeDocument", "contextDocuments" ] }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaConversationMessage": { "description": "Defines a conversation message.", "properties": { "reply": { "$ref": "#/types/google-native:discoveryengine%2Fv1alpha:GoogleCloudDiscoveryengineV1alphaReply", "description": "Search reply." }, "userInput": { "$ref": "#/types/google-native:discoveryengine%2Fv1alpha:GoogleCloudDiscoveryengineV1alphaTextInput", "description": "User text input." } }, "type": "object" }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaConversationMessageResponse": { "description": "Defines a conversation message.", "properties": { "createTime": { "type": "string", "description": "Message creation timestamp." }, "reply": { "$ref": "#/types/google-native:discoveryengine%2Fv1alpha:GoogleCloudDiscoveryengineV1alphaReplyResponse", "description": "Search reply." }, "userInput": { "$ref": "#/types/google-native:discoveryengine%2Fv1alpha:GoogleCloudDiscoveryengineV1alphaTextInputResponse", "description": "User text input." } }, "type": "object", "required": [ "createTime", "reply", "userInput" ] }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaDocumentContent": { "description": "Unstructured data linked to this document.", "properties": { "mimeType": { "type": "string", "description": "The MIME type of the content. Supported types: * `application/pdf` (PDF, only native PDFs are supported for now) * `text/html` (HTML) * `application/vnd.openxmlformats-officedocument.wordprocessingml.document` (DOCX) * `application/vnd.openxmlformats-officedocument.presentationml.presentation` (PPTX) * `text/plain` (TXT) See https://www.iana.org/assignments/media-types/media-types.xhtml." }, "rawBytes": { "type": "string", "description": "The content represented as a stream of bytes. The maximum length is 1,000,000 bytes (1 MB / ~0.95 MiB). Note: As with all `bytes` fields, this field is represented as pure binary in Protocol Buffers and base64-encoded string in JSON. For example, `abc123!?$*&()'-=@~` should be represented as `YWJjMTIzIT8kKiYoKSctPUB+` in JSON. See https://developers.google.com/protocol-buffers/docs/proto3#json." }, "uri": { "type": "string", "description": "The URI of the content. Only Cloud Storage URIs (e.g. `gs://bucket-name/path/to/file`) are supported. The maximum file size is 100 MB." } }, "type": "object" }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaDocumentContentResponse": { "description": "Unstructured data linked to this document.", "properties": { "mimeType": { "type": "string", "description": "The MIME type of the content. Supported types: * `application/pdf` (PDF, only native PDFs are supported for now) * `text/html` (HTML) * `application/vnd.openxmlformats-officedocument.wordprocessingml.document` (DOCX) * `application/vnd.openxmlformats-officedocument.presentationml.presentation` (PPTX) * `text/plain` (TXT) See https://www.iana.org/assignments/media-types/media-types.xhtml." }, "rawBytes": { "type": "string", "description": "The content represented as a stream of bytes. The maximum length is 1,000,000 bytes (1 MB / ~0.95 MiB). Note: As with all `bytes` fields, this field is represented as pure binary in Protocol Buffers and base64-encoded string in JSON. For example, `abc123!?$*&()'-=@~` should be represented as `YWJjMTIzIT8kKiYoKSctPUB+` in JSON. See https://developers.google.com/protocol-buffers/docs/proto3#json." }, "uri": { "type": "string", "description": "The URI of the content. Only Cloud Storage URIs (e.g. `gs://bucket-name/path/to/file`) are supported. The maximum file size is 100 MB." } }, "type": "object", "required": [ "mimeType", "rawBytes", "uri" ] }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaEngineChatEngineConfig": { "description": "Configurations for a Chat Engine.", "properties": { "agentCreationConfig": { "$ref": "#/types/google-native:discoveryengine%2Fv1alpha:GoogleCloudDiscoveryengineV1alphaEngineChatEngineConfigAgentCreationConfig", "description": "The configurationt generate the Dialogflow agent that is associated to this Engine. Note that these configurations are one-time consumed by and passed to Dialogflow service. It means they cannot be retrieved using EngineService.GetEngine or EngineService.ListEngines API after engine creation." }, "dialogflowAgentToLink": { "type": "string", "description": "The resource name of an exist Dialogflow agent to link to this Chat Engine. Customers can either provide `agent_creation_config` to create agent or provide an agent name that links the agent with the Chat engine. Format: `projects//locations//agents/`. Note that the `dialogflow_agent_to_link` are one-time consumed by and passed to Dialogflow service. It means they cannot be retrieved using EngineService.GetEngine or EngineService.ListEngines API after engine creation. Please use chat_engine_metadata.dialogflow_agent for actual agent association after Engine is created." } }, "type": "object" }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaEngineChatEngineConfigAgentCreationConfig": { "description": "Configurations for generating a Dialogflow agent. Note that these configurations are one-time consumed by and passed to Dialogflow service. It means they cannot be retrieved using EngineService.GetEngine or EngineService.ListEngines API after engine creation.", "properties": { "business": { "type": "string", "description": "Name of the company, organization or other entity that the agent represents. Used for knowledge connector LLM prompt and for knowledge search." }, "defaultLanguageCode": { "type": "string", "description": "The default language of the agent as a language tag. See [Language Support](https://cloud.google.com/dialogflow/docs/reference/language) for a list of the currently supported language codes." }, "timeZone": { "type": "string", "description": "The time zone of the agent from the [time zone database](https://www.iana.org/time-zones), e.g., America/New_York, Europe/Paris." } }, "type": "object", "required": [ "defaultLanguageCode", "timeZone" ] }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaEngineChatEngineConfigAgentCreationConfigResponse": { "description": "Configurations for generating a Dialogflow agent. Note that these configurations are one-time consumed by and passed to Dialogflow service. It means they cannot be retrieved using EngineService.GetEngine or EngineService.ListEngines API after engine creation.", "properties": { "business": { "type": "string", "description": "Name of the company, organization or other entity that the agent represents. Used for knowledge connector LLM prompt and for knowledge search." }, "defaultLanguageCode": { "type": "string", "description": "The default language of the agent as a language tag. See [Language Support](https://cloud.google.com/dialogflow/docs/reference/language) for a list of the currently supported language codes." }, "timeZone": { "type": "string", "description": "The time zone of the agent from the [time zone database](https://www.iana.org/time-zones), e.g., America/New_York, Europe/Paris." } }, "type": "object", "required": [ "business", "defaultLanguageCode", "timeZone" ] }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaEngineChatEngineConfigResponse": { "description": "Configurations for a Chat Engine.", "properties": { "agentCreationConfig": { "$ref": "#/types/google-native:discoveryengine%2Fv1alpha:GoogleCloudDiscoveryengineV1alphaEngineChatEngineConfigAgentCreationConfigResponse", "description": "The configurationt generate the Dialogflow agent that is associated to this Engine. Note that these configurations are one-time consumed by and passed to Dialogflow service. It means they cannot be retrieved using EngineService.GetEngine or EngineService.ListEngines API after engine creation." }, "dialogflowAgentToLink": { "type": "string", "description": "The resource name of an exist Dialogflow agent to link to this Chat Engine. Customers can either provide `agent_creation_config` to create agent or provide an agent name that links the agent with the Chat engine. Format: `projects//locations//agents/`. Note that the `dialogflow_agent_to_link` are one-time consumed by and passed to Dialogflow service. It means they cannot be retrieved using EngineService.GetEngine or EngineService.ListEngines API after engine creation. Please use chat_engine_metadata.dialogflow_agent for actual agent association after Engine is created." } }, "type": "object", "required": [ "agentCreationConfig", "dialogflowAgentToLink" ] }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaEngineChatEngineMetadataResponse": { "description": "Additional information of a Chat Engine. Fields in this message are output only.", "properties": { "dialogflowAgent": { "type": "string", "description": "The resource name of a Dialogflow agent, that this Chat Engine refers to. Format: `projects//locations//agents/`." } }, "type": "object", "required": [ "dialogflowAgent" ] }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaEngineCommonConfig": { "description": "Common configurations for an Engine.", "properties": { "companyName": { "type": "string", "description": "The name of the company, business or entity that is associated with the engine. Setting this may help improve LLM related features." } }, "type": "object" }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaEngineCommonConfigResponse": { "description": "Common configurations for an Engine.", "properties": { "companyName": { "type": "string", "description": "The name of the company, business or entity that is associated with the engine. Setting this may help improve LLM related features." } }, "type": "object", "required": [ "companyName" ] }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfig": { "description": "Additional config specs for a Media Recommendation engine.", "properties": { "optimizationObjective": { "type": "string", "description": "The optimization objective e.g. `cvr`. This field together with optimization_objective describe engine metadata to use to control engine training and serving. Currently supported values: `ctr`, `cvr`. If not specified, we choose default based on engine type. Default depends on type of recommendation: `recommended-for-you` => `ctr` `others-you-may-like` => `ctr`" }, "optimizationObjectiveConfig": { "$ref": "#/types/google-native:discoveryengine%2Fv1alpha:GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfigOptimizationObjectiveConfig", "description": "Name and value of the custom threshold for cvr optimization_objective. For target_field `watch-time`, target_field_value must be an integer value indicating the media progress time in seconds between (0, 86400] (excludes 0, includes 86400) (e.g., 90). For target_field `watch-percentage`, the target_field_value must be a valid float value between (0, 1.0] (excludes 0, includes 1.0) (e.g., 0.5)." }, "trainingState": { "$ref": "#/types/google-native:discoveryengine%2Fv1alpha:GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfigTrainingState", "description": "The training state that the engine is in (e.g. `TRAINING` or `PAUSED`). Since part of the cost of running the service is frequency of training - this can be used to determine when to train engine in order to control cost. If not specified: the default value for `CreateEngine` method is `TRAINING`. The default value for `UpdateEngine` method is to keep the state the same as before." }, "type": { "type": "string", "description": "The type of engine e.g. `recommended-for-you`. This field together with optimization_objective describe engine metadata to use to control engine training and serving. Currently supported values: `recommended-for-you`, `others-you-may-like`, `more-like-this`, `most-popular-items`." } }, "type": "object", "required": [ "type" ] }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfigOptimizationObjectiveConfig": { "description": "Custom threshold for `cvr` optimization_objective.", "properties": { "targetField": { "type": "string", "description": "The name of the field to target. Currently supported values: `watch-percentage`, `watch-time`." }, "targetFieldValueFloat": { "type": "number", "description": "The threshold to be applied to the target (e.g., 0.5)." } }, "type": "object", "required": [ "targetField", "targetFieldValueFloat" ] }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfigOptimizationObjectiveConfigResponse": { "description": "Custom threshold for `cvr` optimization_objective.", "properties": { "targetField": { "type": "string", "description": "The name of the field to target. Currently supported values: `watch-percentage`, `watch-time`." }, "targetFieldValueFloat": { "type": "number", "description": "The threshold to be applied to the target (e.g., 0.5)." } }, "type": "object", "required": [ "targetField", "targetFieldValueFloat" ] }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfigResponse": { "description": "Additional config specs for a Media Recommendation engine.", "properties": { "optimizationObjective": { "type": "string", "description": "The optimization objective e.g. `cvr`. This field together with optimization_objective describe engine metadata to use to control engine training and serving. Currently supported values: `ctr`, `cvr`. If not specified, we choose default based on engine type. Default depends on type of recommendation: `recommended-for-you` => `ctr` `others-you-may-like` => `ctr`" }, "optimizationObjectiveConfig": { "$ref": "#/types/google-native:discoveryengine%2Fv1alpha:GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfigOptimizationObjectiveConfigResponse", "description": "Name and value of the custom threshold for cvr optimization_objective. For target_field `watch-time`, target_field_value must be an integer value indicating the media progress time in seconds between (0, 86400] (excludes 0, includes 86400) (e.g., 90). For target_field `watch-percentage`, the target_field_value must be a valid float value between (0, 1.0] (excludes 0, includes 1.0) (e.g., 0.5)." }, "trainingState": { "type": "string", "description": "The training state that the engine is in (e.g. `TRAINING` or `PAUSED`). Since part of the cost of running the service is frequency of training - this can be used to determine when to train engine in order to control cost. If not specified: the default value for `CreateEngine` method is `TRAINING`. The default value for `UpdateEngine` method is to keep the state the same as before." }, "type": { "type": "string", "description": "The type of engine e.g. `recommended-for-you`. This field together with optimization_objective describe engine metadata to use to control engine training and serving. Currently supported values: `recommended-for-you`, `others-you-may-like`, `more-like-this`, `most-popular-items`." } }, "type": "object", "required": [ "optimizationObjective", "optimizationObjectiveConfig", "trainingState", "type" ] }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaEngineMediaRecommendationEngineConfigTrainingState": { "description": "The training state that the engine is in (e.g. `TRAINING` or `PAUSED`). Since part of the cost of running the service is frequency of training - this can be used to determine when to train engine in order to control cost. If not specified: the default value for `CreateEngine` method is `TRAINING`. The default value for `UpdateEngine` method is to keep the state the same as before.", "type": "string", "enum": [ { "name": "TrainingStateUnspecified", "description": "Unspecified training state.", "value": "TRAINING_STATE_UNSPECIFIED" }, { "name": "Paused", "description": "The engine training is paused.", "value": "PAUSED" }, { "name": "Training", "description": "The engine is training.", "value": "TRAINING" } ] }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaEngineRecommendationMetadataResponse": { "description": "Additional information of a recommendation engine.", "properties": { "dataState": { "type": "string", "description": "The state of data requirements for this engine: `DATA_OK` and `DATA_ERROR`. Engine cannot be trained if the data is in `DATA_ERROR` state. Engine can have `DATA_ERROR` state even if serving state is `ACTIVE`: engines were trained successfully before, but cannot be refreshed because the underlying engine no longer has sufficient data for training." }, "lastTuneTime": { "type": "string", "description": "The timestamp when the latest successful tune finished. Only applicable on Media Recommendation engines." }, "servingState": { "type": "string", "description": "The serving state of the engine: `ACTIVE`, `NOT_ACTIVE`." }, "tuningOperation": { "type": "string", "description": "The latest tune operation id associated with the engine. Only applicable on Media Recommendation engines. If present, this operation id can be used to determine if there is an ongoing tune for this engine. To check the operation status, send the GetOperation request with this operation id in the engine resource format. If no tuning has happened for this engine, the string is empty." } }, "type": "object", "required": [ "dataState", "lastTuneTime", "servingState", "tuningOperation" ] }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaEngineSearchEngineConfig": { "description": "Configurations for a Search Engine.", "properties": { "searchAddOns": { "type": "array", "items": { "$ref": "#/types/google-native:discoveryengine%2Fv1alpha:GoogleCloudDiscoveryengineV1alphaEngineSearchEngineConfigSearchAddOnsItem" }, "description": "The add-on that this search engine enables." }, "searchTier": { "$ref": "#/types/google-native:discoveryengine%2Fv1alpha:GoogleCloudDiscoveryengineV1alphaEngineSearchEngineConfigSearchTier", "description": "The search feature tier of this engine. Different tiers might have different pricing. To learn more, please check the pricing documentation. Defaults to SearchTier.SEARCH_TIER_STANDARD if not specified." } }, "type": "object" }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaEngineSearchEngineConfigResponse": { "description": "Configurations for a Search Engine.", "properties": { "searchAddOns": { "type": "array", "items": { "type": "string" }, "description": "The add-on that this search engine enables." }, "searchTier": { "type": "string", "description": "The search feature tier of this engine. Different tiers might have different pricing. To learn more, please check the pricing documentation. Defaults to SearchTier.SEARCH_TIER_STANDARD if not specified." } }, "type": "object", "required": [ "searchAddOns", "searchTier" ] }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaEngineSearchEngineConfigSearchAddOnsItem": { "type": "string", "enum": [ { "name": "SearchAddOnUnspecified", "description": "Default value when the enum is unspecified. This is invalid to use.", "value": "SEARCH_ADD_ON_UNSPECIFIED" }, { "name": "SearchAddOnLlm", "description": "Large language model add-on.", "value": "SEARCH_ADD_ON_LLM" } ] }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaEngineSearchEngineConfigSearchTier": { "description": "The search feature tier of this engine. Different tiers might have different pricing. To learn more, please check the pricing documentation. Defaults to SearchTier.SEARCH_TIER_STANDARD if not specified.", "type": "string", "enum": [ { "name": "SearchTierUnspecified", "description": "Default value when the enum is unspecified. This is invalid to use.", "value": "SEARCH_TIER_UNSPECIFIED" }, { "name": "SearchTierStandard", "description": "Standard tier.", "value": "SEARCH_TIER_STANDARD" }, { "name": "SearchTierEnterprise", "description": "Enterprise tier.", "value": "SEARCH_TIER_ENTERPRISE" } ] }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaEngineSimilarDocumentsEngineConfig": { "description": "Additional config specs for a `similar-items` engine.", "type": "object" }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaEngineSimilarDocumentsEngineConfigResponse": { "description": "Additional config specs for a `similar-items` engine.", "type": "object" }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaFieldConfigResponse": { "description": "Configurations for fields of a schema. For example, configuring a field is indexable, or searchable.", "properties": { "completableOption": { "type": "string", "description": "If completable_option is COMPLETABLE_ENABLED, field values are directly used and returned as suggestions for Autocomplete in CompletionService.CompleteQuery. If completable_option is unset, the server behavior defaults to COMPLETABLE_DISABLED for fields that support setting completable options, which are just `string` fields. For those fields that do not support setting completable options, the server will skip completable option setting, and setting completable_option for those fields will throw `INVALID_ARGUMENT` error." }, "dynamicFacetableOption": { "type": "string", "description": "If dynamic_facetable_option is DYNAMIC_FACETABLE_ENABLED, field values are available for dynamic facet. Could only be DYNAMIC_FACETABLE_DISABLED if FieldConfig.indexable_option is INDEXABLE_DISABLED. Otherwise, an `INVALID_ARGUMENT` error will be returned. If dynamic_facetable_option is unset, the server behavior defaults to DYNAMIC_FACETABLE_DISABLED for fields that support setting dynamic facetable options. For those fields that do not support setting dynamic facetable options, such as `object` and `boolean`, the server will skip dynamic facetable option setting, and setting dynamic_facetable_option for those fields will throw `INVALID_ARGUMENT` error." }, "fieldPath": { "type": "string", "description": "Field path of the schema field. For example: `title`, `description`, `release_info.release_year`." }, "fieldType": { "type": "string", "description": "Raw type of the field." }, "indexableOption": { "type": "string", "description": "If indexable_option is INDEXABLE_ENABLED, field values are indexed so that it can be filtered or faceted in SearchService.Search. If indexable_option is unset, the server behavior defaults to INDEXABLE_DISABLED for fields that support setting indexable options. For those fields that do not support setting indexable options, such as `object` and `boolean` and key properties, the server will skip indexable_option setting, and setting indexable_option for those fields will throw `INVALID_ARGUMENT` error." }, "keyPropertyType": { "type": "string", "description": "Type of the key property that this field is mapped to. Empty string if this is not annotated as mapped to a key property. Example types are `title`, `description`. Full list is defined by `keyPropertyMapping` in the schema field annotation. If the schema field has a `KeyPropertyMapping` annotation, `indexable_option` and `searchable_option` of this field cannot be modified." }, "recsFilterableOption": { "type": "string", "description": "If recs_filterable_option is FILTERABLE_ENABLED, field values are filterable by filter expression in RecommendationService.Recommend. If FILTERABLE_ENABLED but the field type is numerical, field values are not filterable by text queries in RecommendationService.Recommend. Only textual fields are supported. If recs_filterable_option is unset, the default setting is FILTERABLE_DISABLED for fields that support setting filterable options. When a field set to [FILTERABLE_DISABLED] is filtered, a warning is generated and an empty result is returned." }, "retrievableOption": { "type": "string", "description": "If retrievable_option is RETRIEVABLE_ENABLED, field values are included in the search results. If retrievable_option is unset, the server behavior defaults to RETRIEVABLE_DISABLED for fields that support setting retrievable options. For those fields that do not support setting retrievable options, such as `object` and `boolean`, the server will skip retrievable option setting, and setting retrievable_option for those fields will throw `INVALID_ARGUMENT` error." }, "searchableOption": { "type": "string", "description": "If searchable_option is SEARCHABLE_ENABLED, field values are searchable by text queries in SearchService.Search. If SEARCHABLE_ENABLED but field type is numerical, field values will not be searchable by text queries in SearchService.Search, as there are no text values associated to numerical fields. If searchable_option is unset, the server behavior defaults to SEARCHABLE_DISABLED for fields that support setting searchable options. Only `string` fields that have no key property mapping support setting searchable_option. For those fields that do not support setting searchable options, the server will skip searchable option setting, and setting searchable_option for those fields will throw `INVALID_ARGUMENT` error." } }, "type": "object", "required": [ "completableOption", "dynamicFacetableOption", "fieldPath", "fieldType", "indexableOption", "keyPropertyType", "recsFilterableOption", "retrievableOption", "searchableOption" ] }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaReply": { "description": "Defines a reply message to user.", "properties": { "references": { "type": "array", "items": { "$ref": "#/types/google-native:discoveryengine%2Fv1alpha:GoogleCloudDiscoveryengineV1alphaReplyReference" }, "description": "References in the reply." }, "reply": { "type": "string", "description": "DEPRECATED: use `summary` instead. Text reply.", "deprecationMessage": "DEPRECATED: use `summary` instead. Text reply." }, "summary": { "$ref": "#/types/google-native:discoveryengine%2Fv1alpha:GoogleCloudDiscoveryengineV1alphaSearchResponseSummary", "description": "Summary based on search results." } }, "type": "object" }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaReplyReference": { "description": "Defines reference in reply.", "properties": { "anchorText": { "type": "string", "description": "Anchor text." }, "end": { "type": "integer", "description": "Anchor text end index." }, "start": { "type": "integer", "description": "Anchor text start index." }, "uri": { "type": "string", "description": "URI link reference." } }, "type": "object" }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaReplyReferenceResponse": { "description": "Defines reference in reply.", "properties": { "anchorText": { "type": "string", "description": "Anchor text." }, "end": { "type": "integer", "description": "Anchor text end index." }, "start": { "type": "integer", "description": "Anchor text start index." }, "uri": { "type": "string", "description": "URI link reference." } }, "type": "object", "required": [ "anchorText", "end", "start", "uri" ] }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaReplyResponse": { "description": "Defines a reply message to user.", "properties": { "references": { "type": "array", "items": { "$ref": "#/types/google-native:discoveryengine%2Fv1alpha:GoogleCloudDiscoveryengineV1alphaReplyReferenceResponse" }, "description": "References in the reply." }, "reply": { "type": "string", "description": "DEPRECATED: use `summary` instead. Text reply.", "deprecationMessage": "DEPRECATED: use `summary` instead. Text reply." }, "summary": { "$ref": "#/types/google-native:discoveryengine%2Fv1alpha:GoogleCloudDiscoveryengineV1alphaSearchResponseSummaryResponse", "description": "Summary based on search results." } }, "type": "object", "required": [ "references", "reply", "summary" ] }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaSearchResponseSummary": { "description": "Summary of the top N search result specified by the summary spec.", "properties": { "safetyAttributes": { "$ref": "#/types/google-native:discoveryengine%2Fv1alpha:GoogleCloudDiscoveryengineV1alphaSearchResponseSummarySafetyAttributes", "description": "A collection of Safety Attribute categories and their associated confidence scores." }, "summarySkippedReasons": { "type": "array", "items": { "$ref": "#/types/google-native:discoveryengine%2Fv1alpha:GoogleCloudDiscoveryengineV1alphaSearchResponseSummarySummarySkippedReasonsItem" }, "description": "Additional summary-skipped reasons. This provides the reason for ignored cases. If nothing is skipped, this field is not set." }, "summaryText": { "type": "string", "description": "The summary content." } }, "type": "object" }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaSearchResponseSummaryResponse": { "description": "Summary of the top N search result specified by the summary spec.", "properties": { "safetyAttributes": { "$ref": "#/types/google-native:discoveryengine%2Fv1alpha:GoogleCloudDiscoveryengineV1alphaSearchResponseSummarySafetyAttributesResponse", "description": "A collection of Safety Attribute categories and their associated confidence scores." }, "summarySkippedReasons": { "type": "array", "items": { "type": "string" }, "description": "Additional summary-skipped reasons. This provides the reason for ignored cases. If nothing is skipped, this field is not set." }, "summaryText": { "type": "string", "description": "The summary content." } }, "type": "object", "required": [ "safetyAttributes", "summarySkippedReasons", "summaryText" ] }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaSearchResponseSummarySafetyAttributes": { "description": "Safety Attribute categories and their associated confidence scores.", "properties": { "categories": { "type": "array", "items": { "type": "string" }, "description": "The display names of Safety Attribute categories associated with the generated content. Order matches the Scores." }, "scores": { "type": "array", "items": { "type": "number" }, "description": "The confidence scores of the each category, higher value means higher confidence. Order matches the Categories." } }, "type": "object" }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaSearchResponseSummarySafetyAttributesResponse": { "description": "Safety Attribute categories and their associated confidence scores.", "properties": { "categories": { "type": "array", "items": { "type": "string" }, "description": "The display names of Safety Attribute categories associated with the generated content. Order matches the Scores." }, "scores": { "type": "array", "items": { "type": "number" }, "description": "The confidence scores of the each category, higher value means higher confidence. Order matches the Categories." } }, "type": "object", "required": [ "categories", "scores" ] }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaSearchResponseSummarySummarySkippedReasonsItem": { "type": "string", "enum": [ { "name": "SummarySkippedReasonUnspecified", "description": "Default value. The summary skipped reason is not specified.", "value": "SUMMARY_SKIPPED_REASON_UNSPECIFIED" }, { "name": "AdversarialQueryIgnored", "description": "The adversarial query ignored case. Only populated when SummarySpec.ignore_adversarial_query is set to `true`.", "value": "ADVERSARIAL_QUERY_IGNORED" }, { "name": "NonSummarySeekingQueryIgnored", "description": "The non-summary seeking query ignored case. Only populated when SummarySpec.ignore_non_summary_seeking_query is set to `true`.", "value": "NON_SUMMARY_SEEKING_QUERY_IGNORED" }, { "name": "OutOfDomainQueryIgnored", "description": "The out-of-domain query ignored case. Google skips the summary if there are no high-relevance search results. For example, the data store contains facts about company A but the user query is asking questions about company B.", "value": "OUT_OF_DOMAIN_QUERY_IGNORED" }, { "name": "PotentialPolicyViolation", "description": "The potential policy violation case. Google skips the summary if there is a potential policy violation detected. This includes content that may be violent or toxic.", "value": "POTENTIAL_POLICY_VIOLATION" }, { "name": "LlmAddonNotEnabled", "description": "The LLM addon not enabled case. Google skips the summary if the LLM addon is not enabled.", "value": "LLM_ADDON_NOT_ENABLED" } ] }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaTextInput": { "description": "Defines text input.", "properties": { "context": { "$ref": "#/types/google-native:discoveryengine%2Fv1alpha:GoogleCloudDiscoveryengineV1alphaConversationContext", "description": "Conversation context of the input." }, "input": { "type": "string", "description": "Text input." } }, "type": "object" }, "google-native:discoveryengine/v1alpha:GoogleCloudDiscoveryengineV1alphaTextInputResponse": { "description": "Defines text input.", "properties": { "context": { "$ref": "#/types/google-native:discoveryengine%2Fv1alpha:GoogleCloudDiscoveryengineV1alphaConversationContextResponse", "description": "Conversation context of the input." }, "input": { "type": "string", "description": "Text input." } }, "type": "object", "required": [ "context", "input" ] }, "google-native:discoveryengine/v1beta:ConversationState": { "description": "The state of the Conversation.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "Unknown.", "value": "STATE_UNSPECIFIED" }, { "name": "InProgress", "description": "Conversation is currently open.", "value": "IN_PROGRESS" }, { "name": "Completed", "description": "Conversation has been completed.", "value": "COMPLETED" } ] }, "google-native:discoveryengine/v1beta:GoogleCloudDiscoveryengineV1betaConversationContext": { "description": "Defines context of the conversation", "properties": { "activeDocument": { "type": "string", "description": "The current active document the user opened. It contains the document resource reference." }, "contextDocuments": { "type": "array", "items": { "type": "string" }, "description": "The current list of documents the user is seeing. It contains the document resource references." } }, "type": "object" }, "google-native:discoveryengine/v1beta:GoogleCloudDiscoveryengineV1betaConversationContextResponse": { "description": "Defines context of the conversation", "properties": { "activeDocument": { "type": "string", "description": "The current active document the user opened. It contains the document resource reference." }, "contextDocuments": { "type": "array", "items": { "type": "string" }, "description": "The current list of documents the user is seeing. It contains the document resource references." } }, "type": "object", "required": [ "activeDocument", "contextDocuments" ] }, "google-native:discoveryengine/v1beta:GoogleCloudDiscoveryengineV1betaConversationMessage": { "description": "Defines a conversation message.", "properties": { "reply": { "$ref": "#/types/google-native:discoveryengine%2Fv1beta:GoogleCloudDiscoveryengineV1betaReply", "description": "Search reply." }, "userInput": { "$ref": "#/types/google-native:discoveryengine%2Fv1beta:GoogleCloudDiscoveryengineV1betaTextInput", "description": "User text input." } }, "type": "object" }, "google-native:discoveryengine/v1beta:GoogleCloudDiscoveryengineV1betaConversationMessageResponse": { "description": "Defines a conversation message.", "properties": { "createTime": { "type": "string", "description": "Message creation timestamp." }, "reply": { "$ref": "#/types/google-native:discoveryengine%2Fv1beta:GoogleCloudDiscoveryengineV1betaReplyResponse", "description": "Search reply." }, "userInput": { "$ref": "#/types/google-native:discoveryengine%2Fv1beta:GoogleCloudDiscoveryengineV1betaTextInputResponse", "description": "User text input." } }, "type": "object", "required": [ "createTime", "reply", "userInput" ] }, "google-native:discoveryengine/v1beta:GoogleCloudDiscoveryengineV1betaDocumentContent": { "description": "Unstructured data linked to this document.", "properties": { "mimeType": { "type": "string", "description": "The MIME type of the content. Supported types: * `application/pdf` (PDF, only native PDFs are supported for now) * `text/html` (HTML) * `application/vnd.openxmlformats-officedocument.wordprocessingml.document` (DOCX) * `application/vnd.openxmlformats-officedocument.presentationml.presentation` (PPTX) * `text/plain` (TXT) See https://www.iana.org/assignments/media-types/media-types.xhtml." }, "rawBytes": { "type": "string", "description": "The content represented as a stream of bytes. The maximum length is 1,000,000 bytes (1 MB / ~0.95 MiB). Note: As with all `bytes` fields, this field is represented as pure binary in Protocol Buffers and base64-encoded string in JSON. For example, `abc123!?$*&()'-=@~` should be represented as `YWJjMTIzIT8kKiYoKSctPUB+` in JSON. See https://developers.google.com/protocol-buffers/docs/proto3#json." }, "uri": { "type": "string", "description": "The URI of the content. Only Cloud Storage URIs (e.g. `gs://bucket-name/path/to/file`) are supported. The maximum file size is 100 MB." } }, "type": "object" }, "google-native:discoveryengine/v1beta:GoogleCloudDiscoveryengineV1betaDocumentContentResponse": { "description": "Unstructured data linked to this document.", "properties": { "mimeType": { "type": "string", "description": "The MIME type of the content. Supported types: * `application/pdf` (PDF, only native PDFs are supported for now) * `text/html` (HTML) * `application/vnd.openxmlformats-officedocument.wordprocessingml.document` (DOCX) * `application/vnd.openxmlformats-officedocument.presentationml.presentation` (PPTX) * `text/plain` (TXT) See https://www.iana.org/assignments/media-types/media-types.xhtml." }, "rawBytes": { "type": "string", "description": "The content represented as a stream of bytes. The maximum length is 1,000,000 bytes (1 MB / ~0.95 MiB). Note: As with all `bytes` fields, this field is represented as pure binary in Protocol Buffers and base64-encoded string in JSON. For example, `abc123!?$*&()'-=@~` should be represented as `YWJjMTIzIT8kKiYoKSctPUB+` in JSON. See https://developers.google.com/protocol-buffers/docs/proto3#json." }, "uri": { "type": "string", "description": "The URI of the content. Only Cloud Storage URIs (e.g. `gs://bucket-name/path/to/file`) are supported. The maximum file size is 100 MB." } }, "type": "object", "required": [ "mimeType", "rawBytes", "uri" ] }, "google-native:discoveryengine/v1beta:GoogleCloudDiscoveryengineV1betaReply": { "description": "Defines a reply message to user.", "properties": { "references": { "type": "array", "items": { "$ref": "#/types/google-native:discoveryengine%2Fv1beta:GoogleCloudDiscoveryengineV1betaReplyReference" }, "description": "References in the reply." }, "reply": { "type": "string", "description": "DEPRECATED: use `summary` instead. Text reply.", "deprecationMessage": "DEPRECATED: use `summary` instead. Text reply." }, "summary": { "$ref": "#/types/google-native:discoveryengine%2Fv1beta:GoogleCloudDiscoveryengineV1betaSearchResponseSummary", "description": "Summary based on search results." } }, "type": "object" }, "google-native:discoveryengine/v1beta:GoogleCloudDiscoveryengineV1betaReplyReference": { "description": "Defines reference in reply.", "properties": { "anchorText": { "type": "string", "description": "Anchor text." }, "end": { "type": "integer", "description": "Anchor text end index." }, "start": { "type": "integer", "description": "Anchor text start index." }, "uri": { "type": "string", "description": "URI link reference." } }, "type": "object" }, "google-native:discoveryengine/v1beta:GoogleCloudDiscoveryengineV1betaReplyReferenceResponse": { "description": "Defines reference in reply.", "properties": { "anchorText": { "type": "string", "description": "Anchor text." }, "end": { "type": "integer", "description": "Anchor text end index." }, "start": { "type": "integer", "description": "Anchor text start index." }, "uri": { "type": "string", "description": "URI link reference." } }, "type": "object", "required": [ "anchorText", "end", "start", "uri" ] }, "google-native:discoveryengine/v1beta:GoogleCloudDiscoveryengineV1betaReplyResponse": { "description": "Defines a reply message to user.", "properties": { "references": { "type": "array", "items": { "$ref": "#/types/google-native:discoveryengine%2Fv1beta:GoogleCloudDiscoveryengineV1betaReplyReferenceResponse" }, "description": "References in the reply." }, "reply": { "type": "string", "description": "DEPRECATED: use `summary` instead. Text reply.", "deprecationMessage": "DEPRECATED: use `summary` instead. Text reply." }, "summary": { "$ref": "#/types/google-native:discoveryengine%2Fv1beta:GoogleCloudDiscoveryengineV1betaSearchResponseSummaryResponse", "description": "Summary based on search results." } }, "type": "object", "required": [ "references", "reply", "summary" ] }, "google-native:discoveryengine/v1beta:GoogleCloudDiscoveryengineV1betaSearchResponseSummary": { "description": "Summary of the top N search result specified by the summary spec.", "properties": { "safetyAttributes": { "$ref": "#/types/google-native:discoveryengine%2Fv1beta:GoogleCloudDiscoveryengineV1betaSearchResponseSummarySafetyAttributes", "description": "A collection of Safety Attribute categories and their associated confidence scores." }, "summarySkippedReasons": { "type": "array", "items": { "$ref": "#/types/google-native:discoveryengine%2Fv1beta:GoogleCloudDiscoveryengineV1betaSearchResponseSummarySummarySkippedReasonsItem" }, "description": "Additional summary-skipped reasons. This provides the reason for ignored cases. If nothing is skipped, this field is not set." }, "summaryText": { "type": "string", "description": "The summary content." } }, "type": "object" }, "google-native:discoveryengine/v1beta:GoogleCloudDiscoveryengineV1betaSearchResponseSummaryResponse": { "description": "Summary of the top N search result specified by the summary spec.", "properties": { "safetyAttributes": { "$ref": "#/types/google-native:discoveryengine%2Fv1beta:GoogleCloudDiscoveryengineV1betaSearchResponseSummarySafetyAttributesResponse", "description": "A collection of Safety Attribute categories and their associated confidence scores." }, "summarySkippedReasons": { "type": "array", "items": { "type": "string" }, "description": "Additional summary-skipped reasons. This provides the reason for ignored cases. If nothing is skipped, this field is not set." }, "summaryText": { "type": "string", "description": "The summary content." } }, "type": "object", "required": [ "safetyAttributes", "summarySkippedReasons", "summaryText" ] }, "google-native:discoveryengine/v1beta:GoogleCloudDiscoveryengineV1betaSearchResponseSummarySafetyAttributes": { "description": "Safety Attribute categories and their associated confidence scores.", "properties": { "categories": { "type": "array", "items": { "type": "string" }, "description": "The display names of Safety Attribute categories associated with the generated content. Order matches the Scores." }, "scores": { "type": "array", "items": { "type": "number" }, "description": "The confidence scores of the each category, higher value means higher confidence. Order matches the Categories." } }, "type": "object" }, "google-native:discoveryengine/v1beta:GoogleCloudDiscoveryengineV1betaSearchResponseSummarySafetyAttributesResponse": { "description": "Safety Attribute categories and their associated confidence scores.", "properties": { "categories": { "type": "array", "items": { "type": "string" }, "description": "The display names of Safety Attribute categories associated with the generated content. Order matches the Scores." }, "scores": { "type": "array", "items": { "type": "number" }, "description": "The confidence scores of the each category, higher value means higher confidence. Order matches the Categories." } }, "type": "object", "required": [ "categories", "scores" ] }, "google-native:discoveryengine/v1beta:GoogleCloudDiscoveryengineV1betaSearchResponseSummarySummarySkippedReasonsItem": { "type": "string", "enum": [ { "name": "SummarySkippedReasonUnspecified", "description": "Default value. The summary skipped reason is not specified.", "value": "SUMMARY_SKIPPED_REASON_UNSPECIFIED" }, { "name": "AdversarialQueryIgnored", "description": "The adversarial query ignored case. Only populated when SummarySpec.ignore_adversarial_query is set to `true`.", "value": "ADVERSARIAL_QUERY_IGNORED" }, { "name": "NonSummarySeekingQueryIgnored", "description": "The non-summary seeking query ignored case. Only populated when SummarySpec.ignore_non_summary_seeking_query is set to `true`.", "value": "NON_SUMMARY_SEEKING_QUERY_IGNORED" }, { "name": "OutOfDomainQueryIgnored", "description": "The out-of-domain query ignored case. Google skips the summary if there are no high-relevance search results. For example, the data store contains facts about company A but the user query is asking questions about company B.", "value": "OUT_OF_DOMAIN_QUERY_IGNORED" }, { "name": "PotentialPolicyViolation", "description": "The potential policy violation case. Google skips the summary if there is a potential policy violation detected. This includes content that may be violent or toxic.", "value": "POTENTIAL_POLICY_VIOLATION" }, { "name": "LlmAddonNotEnabled", "description": "The LLM addon not enabled case. Google skips the summary if the LLM addon is not enabled.", "value": "LLM_ADDON_NOT_ENABLED" } ] }, "google-native:discoveryengine/v1beta:GoogleCloudDiscoveryengineV1betaTextInput": { "description": "Defines text input.", "properties": { "context": { "$ref": "#/types/google-native:discoveryengine%2Fv1beta:GoogleCloudDiscoveryengineV1betaConversationContext", "description": "Conversation context of the input." }, "input": { "type": "string", "description": "Text input." } }, "type": "object" }, "google-native:discoveryengine/v1beta:GoogleCloudDiscoveryengineV1betaTextInputResponse": { "description": "Defines text input.", "properties": { "context": { "$ref": "#/types/google-native:discoveryengine%2Fv1beta:GoogleCloudDiscoveryengineV1betaConversationContextResponse", "description": "Conversation context of the input." }, "input": { "type": "string", "description": "Text input." } }, "type": "object", "required": [ "context", "input" ] }, "google-native:dlp/v2:DiscoveryConfigStatus": { "description": "Required. A status for this configuration.", "type": "string", "enum": [ { "name": "StatusUnspecified", "description": "Unused", "value": "STATUS_UNSPECIFIED" }, { "name": "Running", "description": "The discovery config is currently active.", "value": "RUNNING" }, { "name": "Paused", "description": "The discovery config is paused temporarily.", "value": "PAUSED" } ] }, "google-native:dlp/v2:GooglePrivacyDlpV2Action": { "description": "A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.", "properties": { "deidentify": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2Deidentify", "description": "Create a de-identified copy of the input data." }, "jobNotificationEmails": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2JobNotificationEmails", "description": "Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts)." }, "pubSub": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2PublishToPubSub", "description": "Publish a notification to a Pub/Sub topic." }, "publishFindingsToCloudDataCatalog": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2PublishFindingsToCloudDataCatalog", "description": "Publish findings to Cloud Datahub." }, "publishSummaryToCscc": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2PublishSummaryToCscc", "description": "Publish summary to Cloud Security Command Center (Alpha)." }, "publishToStackdriver": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2PublishToStackdriver", "description": "Enable Stackdriver metric dlp.googleapis.com/finding_count." }, "saveFindings": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2SaveFindings", "description": "Save resulting findings in a provided location." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2ActionDetailsResponse": { "description": "The results of an Action.", "properties": { "deidentifyDetails": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DeidentifyDataSourceDetailsResponse", "description": "Outcome of a de-identification action." } }, "type": "object", "required": [ "deidentifyDetails" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2ActionResponse": { "description": "A task to execute on the completion of a job. See https://cloud.google.com/dlp/docs/concepts-actions to learn more.", "properties": { "deidentify": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DeidentifyResponse", "description": "Create a de-identified copy of the input data." }, "jobNotificationEmails": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2JobNotificationEmailsResponse", "description": "Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts)." }, "pubSub": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2PublishToPubSubResponse", "description": "Publish a notification to a Pub/Sub topic." }, "publishFindingsToCloudDataCatalog": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2PublishFindingsToCloudDataCatalogResponse", "description": "Publish findings to Cloud Datahub." }, "publishSummaryToCscc": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2PublishSummaryToCsccResponse", "description": "Publish summary to Cloud Security Command Center (Alpha)." }, "publishToStackdriver": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2PublishToStackdriverResponse", "description": "Enable Stackdriver metric dlp.googleapis.com/finding_count." }, "saveFindings": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2SaveFindingsResponse", "description": "Save resulting findings in a provided location." } }, "type": "object", "required": [ "deidentify", "jobNotificationEmails", "pubSub", "publishFindingsToCloudDataCatalog", "publishSummaryToCscc", "publishToStackdriver", "saveFindings" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2AllInfoTypes": { "description": "Apply transformation to all findings.", "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2AllInfoTypesResponse": { "description": "Apply transformation to all findings.", "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2AllOtherBigQueryTables": { "description": "Catch-all for all other tables not specified by other filters. Should always be last, except for single-table configurations, which will only have a TableReference target.", "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2AllOtherBigQueryTablesResponse": { "description": "Catch-all for all other tables not specified by other filters. Should always be last, except for single-table configurations, which will only have a TableReference target.", "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2AllText": { "description": "Apply to all text.", "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2AllTextResponse": { "description": "Apply to all text.", "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2AnalyzeDataSourceRiskDetailsResponse": { "description": "Result of a risk analysis operation request.", "properties": { "categoricalStatsResult": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CategoricalStatsResultResponse", "description": "Categorical stats result" }, "deltaPresenceEstimationResult": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DeltaPresenceEstimationResultResponse", "description": "Delta-presence result" }, "kAnonymityResult": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2KAnonymityResultResponse", "description": "K-anonymity result" }, "kMapEstimationResult": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2KMapEstimationResultResponse", "description": "K-map result" }, "lDiversityResult": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2LDiversityResultResponse", "description": "L-divesity result" }, "numericalStatsResult": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2NumericalStatsResultResponse", "description": "Numerical stats result" }, "requestedOptions": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2RequestedRiskAnalysisOptionsResponse", "description": "The configuration used for this job." }, "requestedPrivacyMetric": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2PrivacyMetricResponse", "description": "Privacy metric to compute." }, "requestedSourceTable": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryTableResponse", "description": "Input dataset to compute metrics over." } }, "type": "object", "required": [ "categoricalStatsResult", "deltaPresenceEstimationResult", "kAnonymityResult", "kMapEstimationResult", "lDiversityResult", "numericalStatsResult", "requestedOptions", "requestedPrivacyMetric", "requestedSourceTable" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2AuxiliaryTable": { "description": "An auxiliary table contains statistical information on the relative frequency of different quasi-identifiers values. It has one or several quasi-identifiers columns, and one column that indicates the relative frequency of each quasi-identifier tuple. If a tuple is present in the data but not in the auxiliary table, the corresponding relative frequency is assumed to be zero (and thus, the tuple is highly reidentifiable).", "properties": { "quasiIds": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2QuasiIdField" }, "description": "Quasi-identifier columns." }, "relativeFrequency": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldId", "description": "The relative frequency column must contain a floating-point number between 0 and 1 (inclusive). Null values are assumed to be zero." }, "table": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryTable", "description": "Auxiliary table location." } }, "type": "object", "required": [ "quasiIds", "relativeFrequency", "table" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2AuxiliaryTableResponse": { "description": "An auxiliary table contains statistical information on the relative frequency of different quasi-identifiers values. It has one or several quasi-identifiers columns, and one column that indicates the relative frequency of each quasi-identifier tuple. If a tuple is present in the data but not in the auxiliary table, the corresponding relative frequency is assumed to be zero (and thus, the tuple is highly reidentifiable).", "properties": { "quasiIds": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2QuasiIdFieldResponse" }, "description": "Quasi-identifier columns." }, "relativeFrequency": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldIdResponse", "description": "The relative frequency column must contain a floating-point number between 0 and 1 (inclusive). Null values are assumed to be zero." }, "table": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryTableResponse", "description": "Auxiliary table location." } }, "type": "object", "required": [ "quasiIds", "relativeFrequency", "table" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2BigQueryDiscoveryTarget": { "description": "Target used to match against for discovery with BigQuery tables", "properties": { "cadence": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DiscoveryGenerationCadence", "description": "How often and when to update profiles. New tables that match both the filter and conditions are scanned as quickly as possible depending on system capacity." }, "conditions": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DiscoveryBigQueryConditions", "description": "In addition to matching the filter, these conditions must be true before a profile is generated." }, "disabled": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2Disabled", "description": "Tables that match this filter will not have profiles created." }, "filter": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DiscoveryBigQueryFilter", "description": "The tables the discovery cadence applies to. The first target with a matching filter will be the one to apply to a table." } }, "type": "object", "required": [ "filter" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2BigQueryDiscoveryTargetResponse": { "description": "Target used to match against for discovery with BigQuery tables", "properties": { "cadence": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DiscoveryGenerationCadenceResponse", "description": "How often and when to update profiles. New tables that match both the filter and conditions are scanned as quickly as possible depending on system capacity." }, "conditions": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DiscoveryBigQueryConditionsResponse", "description": "In addition to matching the filter, these conditions must be true before a profile is generated." }, "disabled": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DisabledResponse", "description": "Tables that match this filter will not have profiles created." }, "filter": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DiscoveryBigQueryFilterResponse", "description": "The tables the discovery cadence applies to. The first target with a matching filter will be the one to apply to a table." } }, "type": "object", "required": [ "cadence", "conditions", "disabled", "filter" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2BigQueryField": { "description": "Message defining a field of a BigQuery table.", "properties": { "field": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldId", "description": "Designated field in the BigQuery table." }, "table": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryTable", "description": "Source table of the field." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2BigQueryFieldResponse": { "description": "Message defining a field of a BigQuery table.", "properties": { "field": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldIdResponse", "description": "Designated field in the BigQuery table." }, "table": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryTableResponse", "description": "Source table of the field." } }, "type": "object", "required": [ "field", "table" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2BigQueryOptions": { "description": "Options defining BigQuery table and row identifiers.", "properties": { "excludedFields": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldId" }, "description": "References to fields excluded from scanning. This allows you to skip inspection of entire columns which you know have no findings. When inspecting a table, we recommend that you inspect all columns. Otherwise, findings might be affected because hints from excluded columns will not be used." }, "identifyingFields": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldId" }, "description": "Table fields that may uniquely identify a row within the table. When `actions.saveFindings.outputConfig.table` is specified, the values of columns specified here are available in the output table under `location.content_locations.record_location.record_key.id_values`. Nested fields such as `person.birthdate.year` are allowed." }, "includedFields": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldId" }, "description": "Limit scanning only to these fields. When inspecting a table, we recommend that you inspect all columns. Otherwise, findings might be affected because hints from excluded columns will not be used." }, "rowsLimit": { "type": "string", "description": "Max number of rows to scan. If the table has more rows than this value, the rest of the rows are omitted. If not set, or if set to 0, all rows will be scanned. Only one of rows_limit and rows_limit_percent can be specified. Cannot be used in conjunction with TimespanConfig." }, "rowsLimitPercent": { "type": "integer", "description": "Max percentage of rows to scan. The rest are omitted. The number of rows scanned is rounded down. Must be between 0 and 100, inclusively. Both 0 and 100 means no limit. Defaults to 0. Only one of rows_limit and rows_limit_percent can be specified. Cannot be used in conjunction with TimespanConfig." }, "sampleMethod": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryOptionsSampleMethod" }, "tableReference": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryTable", "description": "Complete BigQuery table reference." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2BigQueryOptionsResponse": { "description": "Options defining BigQuery table and row identifiers.", "properties": { "excludedFields": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldIdResponse" }, "description": "References to fields excluded from scanning. This allows you to skip inspection of entire columns which you know have no findings. When inspecting a table, we recommend that you inspect all columns. Otherwise, findings might be affected because hints from excluded columns will not be used." }, "identifyingFields": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldIdResponse" }, "description": "Table fields that may uniquely identify a row within the table. When `actions.saveFindings.outputConfig.table` is specified, the values of columns specified here are available in the output table under `location.content_locations.record_location.record_key.id_values`. Nested fields such as `person.birthdate.year` are allowed." }, "includedFields": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldIdResponse" }, "description": "Limit scanning only to these fields. When inspecting a table, we recommend that you inspect all columns. Otherwise, findings might be affected because hints from excluded columns will not be used." }, "rowsLimit": { "type": "string", "description": "Max number of rows to scan. If the table has more rows than this value, the rest of the rows are omitted. If not set, or if set to 0, all rows will be scanned. Only one of rows_limit and rows_limit_percent can be specified. Cannot be used in conjunction with TimespanConfig." }, "rowsLimitPercent": { "type": "integer", "description": "Max percentage of rows to scan. The rest are omitted. The number of rows scanned is rounded down. Must be between 0 and 100, inclusively. Both 0 and 100 means no limit. Defaults to 0. Only one of rows_limit and rows_limit_percent can be specified. Cannot be used in conjunction with TimespanConfig." }, "sampleMethod": { "type": "string" }, "tableReference": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryTableResponse", "description": "Complete BigQuery table reference." } }, "type": "object", "required": [ "excludedFields", "identifyingFields", "includedFields", "rowsLimit", "rowsLimitPercent", "sampleMethod", "tableReference" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2BigQueryOptionsSampleMethod": { "type": "string", "enum": [ { "name": "SampleMethodUnspecified", "value": "SAMPLE_METHOD_UNSPECIFIED" }, { "name": "Top", "description": "Scan groups of rows in the order BigQuery provides (default). Multiple groups of rows may be scanned in parallel, so results may not appear in the same order the rows are read.", "value": "TOP" }, { "name": "RandomStart", "description": "Randomly pick groups of rows to scan.", "value": "RANDOM_START" } ] }, "google-native:dlp/v2:GooglePrivacyDlpV2BigQueryRegex": { "description": "A pattern to match against one or more tables, datasets, or projects that contain BigQuery tables. At least one pattern must be specified. Regular expressions use RE2 [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found under the google/re2 repository on GitHub.", "properties": { "datasetIdRegex": { "type": "string", "description": "If unset, this property matches all datasets." }, "projectIdRegex": { "type": "string", "description": "For organizations, if unset, will match all projects. Has no effect for data profile configurations created within a project." }, "tableIdRegex": { "type": "string", "description": "If unset, this property matches all tables." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2BigQueryRegexResponse": { "description": "A pattern to match against one or more tables, datasets, or projects that contain BigQuery tables. At least one pattern must be specified. Regular expressions use RE2 [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found under the google/re2 repository on GitHub.", "properties": { "datasetIdRegex": { "type": "string", "description": "If unset, this property matches all datasets." }, "projectIdRegex": { "type": "string", "description": "For organizations, if unset, will match all projects. Has no effect for data profile configurations created within a project." }, "tableIdRegex": { "type": "string", "description": "If unset, this property matches all tables." } }, "type": "object", "required": [ "datasetIdRegex", "projectIdRegex", "tableIdRegex" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2BigQueryRegexes": { "description": "A collection of regular expressions to determine what tables to match against.", "properties": { "patterns": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryRegex" }, "description": "A single BigQuery regular expression pattern to match against one or more tables, datasets, or projects that contain BigQuery tables." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2BigQueryRegexesResponse": { "description": "A collection of regular expressions to determine what tables to match against.", "properties": { "patterns": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryRegexResponse" }, "description": "A single BigQuery regular expression pattern to match against one or more tables, datasets, or projects that contain BigQuery tables." } }, "type": "object", "required": [ "patterns" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2BigQueryTable": { "description": "Message defining the location of a BigQuery table. A table is uniquely identified by its project_id, dataset_id, and table_name. Within a query a table is often referenced with a string in the format of: `:.` or `..`.", "properties": { "datasetId": { "type": "string", "description": "Dataset ID of the table." }, "project": { "type": "string", "description": "The Google Cloud Platform project ID of the project containing the table. If omitted, project ID is inferred from the API call." }, "tableId": { "type": "string", "description": "Name of the table." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2BigQueryTableCollection": { "description": "Specifies a collection of BigQuery tables. Used for Discovery.", "properties": { "includeRegexes": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryRegexes", "description": "A collection of regular expressions to match a BigQuery table against." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2BigQueryTableCollectionResponse": { "description": "Specifies a collection of BigQuery tables. Used for Discovery.", "properties": { "includeRegexes": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryRegexesResponse", "description": "A collection of regular expressions to match a BigQuery table against." } }, "type": "object", "required": [ "includeRegexes" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2BigQueryTableResponse": { "description": "Message defining the location of a BigQuery table. A table is uniquely identified by its project_id, dataset_id, and table_name. Within a query a table is often referenced with a string in the format of: `:.` or `..`.", "properties": { "datasetId": { "type": "string", "description": "Dataset ID of the table." }, "project": { "type": "string", "description": "The Google Cloud Platform project ID of the project containing the table. If omitted, project ID is inferred from the API call." }, "tableId": { "type": "string", "description": "Name of the table." } }, "type": "object", "required": [ "datasetId", "project", "tableId" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2BigQueryTableTypes": { "description": "The types of BigQuery tables supported by Cloud DLP.", "properties": { "types": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryTableTypesTypesItem" }, "description": "A set of BigQuery table types." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2BigQueryTableTypesResponse": { "description": "The types of BigQuery tables supported by Cloud DLP.", "properties": { "types": { "type": "array", "items": { "type": "string" }, "description": "A set of BigQuery table types." } }, "type": "object", "required": [ "types" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2BigQueryTableTypesTypesItem": { "type": "string", "enum": [ { "name": "BigQueryTableTypeUnspecified", "description": "Unused.", "value": "BIG_QUERY_TABLE_TYPE_UNSPECIFIED" }, { "name": "BigQueryTableTypeTable", "description": "A normal BigQuery table.", "value": "BIG_QUERY_TABLE_TYPE_TABLE" }, { "name": "BigQueryTableTypeExternalBigLake", "description": "A table that references data stored in Cloud Storage.", "value": "BIG_QUERY_TABLE_TYPE_EXTERNAL_BIG_LAKE" } ] }, "google-native:dlp/v2:GooglePrivacyDlpV2Bucket": { "description": "Bucket is represented as a range, along with replacement values.", "properties": { "max": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2Value", "description": "Upper bound of the range, exclusive; type must match min." }, "min": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2Value", "description": "Lower bound of the range, inclusive. Type should be the same as max if used." }, "replacementValue": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2Value", "description": "Replacement value for this bucket." } }, "type": "object", "required": [ "replacementValue" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2BucketResponse": { "description": "Bucket is represented as a range, along with replacement values.", "properties": { "max": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ValueResponse", "description": "Upper bound of the range, exclusive; type must match min." }, "min": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ValueResponse", "description": "Lower bound of the range, inclusive. Type should be the same as max if used." }, "replacementValue": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ValueResponse", "description": "Replacement value for this bucket." } }, "type": "object", "required": [ "max", "min", "replacementValue" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2BucketingConfig": { "description": "Generalization function that buckets values based on ranges. The ranges and replacement values are dynamically provided by the user for custom behavior, such as 1-30 -> LOW 31-65 -> MEDIUM 66-100 -> HIGH This can be used on data of type: number, long, string, timestamp. If the bound `Value` type differs from the type of data being transformed, we will first attempt converting the type of the data to be transformed to match the type of the bound before comparing. See https://cloud.google.com/dlp/docs/concepts-bucketing to learn more.", "properties": { "buckets": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2Bucket" }, "description": "Set of buckets. Ranges must be non-overlapping." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2BucketingConfigResponse": { "description": "Generalization function that buckets values based on ranges. The ranges and replacement values are dynamically provided by the user for custom behavior, such as 1-30 -> LOW 31-65 -> MEDIUM 66-100 -> HIGH This can be used on data of type: number, long, string, timestamp. If the bound `Value` type differs from the type of data being transformed, we will first attempt converting the type of the data to be transformed to match the type of the bound before comparing. See https://cloud.google.com/dlp/docs/concepts-bucketing to learn more.", "properties": { "buckets": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BucketResponse" }, "description": "Set of buckets. Ranges must be non-overlapping." } }, "type": "object", "required": [ "buckets" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2CategoricalStatsConfig": { "description": "Compute numerical stats over an individual column, including number of distinct values and value count distribution.", "properties": { "field": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldId", "description": "Field to compute categorical stats on. All column types are supported except for arrays and structs. However, it may be more informative to use NumericalStats when the field type is supported, depending on the data." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2CategoricalStatsConfigResponse": { "description": "Compute numerical stats over an individual column, including number of distinct values and value count distribution.", "properties": { "field": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldIdResponse", "description": "Field to compute categorical stats on. All column types are supported except for arrays and structs. However, it may be more informative to use NumericalStats when the field type is supported, depending on the data." } }, "type": "object", "required": [ "field" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2CategoricalStatsHistogramBucketResponse": { "description": "Histogram of value frequencies in the column.", "properties": { "bucketSize": { "type": "string", "description": "Total number of values in this bucket." }, "bucketValueCount": { "type": "string", "description": "Total number of distinct values in this bucket." }, "bucketValues": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ValueFrequencyResponse" }, "description": "Sample of value frequencies in this bucket. The total number of values returned per bucket is capped at 20." }, "valueFrequencyLowerBound": { "type": "string", "description": "Lower bound on the value frequency of the values in this bucket." }, "valueFrequencyUpperBound": { "type": "string", "description": "Upper bound on the value frequency of the values in this bucket." } }, "type": "object", "required": [ "bucketSize", "bucketValueCount", "bucketValues", "valueFrequencyLowerBound", "valueFrequencyUpperBound" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2CategoricalStatsResultResponse": { "description": "Result of the categorical stats computation.", "properties": { "valueFrequencyHistogramBuckets": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CategoricalStatsHistogramBucketResponse" }, "description": "Histogram of value frequencies in the column." } }, "type": "object", "required": [ "valueFrequencyHistogramBuckets" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2CharacterMaskConfig": { "description": "Partially mask a string by replacing a given number of characters with a fixed character. Masking can start from the beginning or end of the string. This can be used on data of any type (numbers, longs, and so on) and when de-identifying structured data we'll attempt to preserve the original data's type. (This allows you to take a long like 123 and modify it to a string like **3.", "properties": { "charactersToIgnore": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CharsToIgnore" }, "description": "When masking a string, items in this list will be skipped when replacing characters. For example, if the input string is `555-555-5555` and you instruct Cloud DLP to skip `-` and mask 5 characters with `*`, Cloud DLP returns `***-**5-5555`." }, "maskingCharacter": { "type": "string", "description": "Character to use to mask the sensitive values—for example, `*` for an alphabetic string such as a name, or `0` for a numeric string such as ZIP code or credit card number. This string must have a length of 1. If not supplied, this value defaults to `*` for strings, and `0` for digits." }, "numberToMask": { "type": "integer", "description": "Number of characters to mask. If not set, all matching chars will be masked. Skipped characters do not count towards this tally. If `number_to_mask` is negative, this denotes inverse masking. Cloud DLP masks all but a number of characters. For example, suppose you have the following values: - `masking_character` is `*` - `number_to_mask` is `-4` - `reverse_order` is `false` - `CharsToIgnore` includes `-` - Input string is `1234-5678-9012-3456` The resulting de-identified string is `****-****-****-3456`. Cloud DLP masks all but the last four characters. If `reverse_order` is `true`, all but the first four characters are masked as `1234-****-****-****`." }, "reverseOrder": { "type": "boolean", "description": "Mask characters in reverse order. For example, if `masking_character` is `0`, `number_to_mask` is `14`, and `reverse_order` is `false`, then the input string `1234-5678-9012-3456` is masked as `00000000000000-3456`. If `masking_character` is `*`, `number_to_mask` is `3`, and `reverse_order` is `true`, then the string `12345` is masked as `12***`." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2CharacterMaskConfigResponse": { "description": "Partially mask a string by replacing a given number of characters with a fixed character. Masking can start from the beginning or end of the string. This can be used on data of any type (numbers, longs, and so on) and when de-identifying structured data we'll attempt to preserve the original data's type. (This allows you to take a long like 123 and modify it to a string like **3.", "properties": { "charactersToIgnore": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CharsToIgnoreResponse" }, "description": "When masking a string, items in this list will be skipped when replacing characters. For example, if the input string is `555-555-5555` and you instruct Cloud DLP to skip `-` and mask 5 characters with `*`, Cloud DLP returns `***-**5-5555`." }, "maskingCharacter": { "type": "string", "description": "Character to use to mask the sensitive values—for example, `*` for an alphabetic string such as a name, or `0` for a numeric string such as ZIP code or credit card number. This string must have a length of 1. If not supplied, this value defaults to `*` for strings, and `0` for digits." }, "numberToMask": { "type": "integer", "description": "Number of characters to mask. If not set, all matching chars will be masked. Skipped characters do not count towards this tally. If `number_to_mask` is negative, this denotes inverse masking. Cloud DLP masks all but a number of characters. For example, suppose you have the following values: - `masking_character` is `*` - `number_to_mask` is `-4` - `reverse_order` is `false` - `CharsToIgnore` includes `-` - Input string is `1234-5678-9012-3456` The resulting de-identified string is `****-****-****-3456`. Cloud DLP masks all but the last four characters. If `reverse_order` is `true`, all but the first four characters are masked as `1234-****-****-****`." }, "reverseOrder": { "type": "boolean", "description": "Mask characters in reverse order. For example, if `masking_character` is `0`, `number_to_mask` is `14`, and `reverse_order` is `false`, then the input string `1234-5678-9012-3456` is masked as `00000000000000-3456`. If `masking_character` is `*`, `number_to_mask` is `3`, and `reverse_order` is `true`, then the string `12345` is masked as `12***`." } }, "type": "object", "required": [ "charactersToIgnore", "maskingCharacter", "numberToMask", "reverseOrder" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2CharsToIgnore": { "description": "Characters to skip when doing deidentification of a value. These will be left alone and skipped.", "properties": { "charactersToSkip": { "type": "string", "description": "Characters to not transform when masking." }, "commonCharactersToIgnore": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CharsToIgnoreCommonCharactersToIgnore", "description": "Common characters to not transform when masking. Useful to avoid removing punctuation." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2CharsToIgnoreCommonCharactersToIgnore": { "description": "Common characters to not transform when masking. Useful to avoid removing punctuation.", "type": "string", "enum": [ { "name": "CommonCharsToIgnoreUnspecified", "description": "Unused.", "value": "COMMON_CHARS_TO_IGNORE_UNSPECIFIED" }, { "name": "Numeric", "description": "0-9", "value": "NUMERIC" }, { "name": "AlphaUpperCase", "description": "A-Z", "value": "ALPHA_UPPER_CASE" }, { "name": "AlphaLowerCase", "description": "a-z", "value": "ALPHA_LOWER_CASE" }, { "name": "Punctuation", "description": "US Punctuation, one of !\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~", "value": "PUNCTUATION" }, { "name": "Whitespace", "description": "Whitespace character, one of [ \\t\\n\\x0B\\f\\r]", "value": "WHITESPACE" } ] }, "google-native:dlp/v2:GooglePrivacyDlpV2CharsToIgnoreResponse": { "description": "Characters to skip when doing deidentification of a value. These will be left alone and skipped.", "properties": { "charactersToSkip": { "type": "string", "description": "Characters to not transform when masking." }, "commonCharactersToIgnore": { "type": "string", "description": "Common characters to not transform when masking. Useful to avoid removing punctuation." } }, "type": "object", "required": [ "charactersToSkip", "commonCharactersToIgnore" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2CloudStorageFileSet": { "description": "Message representing a set of files in Cloud Storage.", "properties": { "url": { "type": "string", "description": "The url, in the format `gs:///`. Trailing wildcard in the path is allowed." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2CloudStorageFileSetResponse": { "description": "Message representing a set of files in Cloud Storage.", "properties": { "url": { "type": "string", "description": "The url, in the format `gs:///`. Trailing wildcard in the path is allowed." } }, "type": "object", "required": [ "url" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2CloudStorageOptions": { "description": "Options defining a file or a set of files within a Cloud Storage bucket.", "properties": { "bytesLimitPerFile": { "type": "string", "description": "Max number of bytes to scan from a file. If a scanned file's size is bigger than this value then the rest of the bytes are omitted. Only one of `bytes_limit_per_file` and `bytes_limit_per_file_percent` can be specified. This field can't be set if de-identification is requested. For certain file types, setting this field has no effect. For more information, see [Limits on bytes scanned per file](https://cloud.google.com/dlp/docs/supported-file-types#max-byte-size-per-file)." }, "bytesLimitPerFilePercent": { "type": "integer", "description": "Max percentage of bytes to scan from a file. The rest are omitted. The number of bytes scanned is rounded down. Must be between 0 and 100, inclusively. Both 0 and 100 means no limit. Defaults to 0. Only one of bytes_limit_per_file and bytes_limit_per_file_percent can be specified. This field can't be set if de-identification is requested. For certain file types, setting this field has no effect. For more information, see [Limits on bytes scanned per file](https://cloud.google.com/dlp/docs/supported-file-types#max-byte-size-per-file)." }, "fileSet": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FileSet", "description": "The set of one or more files to scan." }, "fileTypes": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CloudStorageOptionsFileTypesItem" }, "description": "List of file type groups to include in the scan. If empty, all files are scanned and available data format processors are applied. In addition, the binary content of the selected files is always scanned as well. Images are scanned only as binary if the specified region does not support image inspection and no file_types were specified. Image inspection is restricted to 'global', 'us', 'asia', and 'europe'." }, "filesLimitPercent": { "type": "integer", "description": "Limits the number of files to scan to this percentage of the input FileSet. Number of files scanned is rounded down. Must be between 0 and 100, inclusively. Both 0 and 100 means no limit. Defaults to 0." }, "sampleMethod": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CloudStorageOptionsSampleMethod" } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2CloudStorageOptionsFileTypesItem": { "type": "string", "enum": [ { "name": "FileTypeUnspecified", "description": "Includes all files.", "value": "FILE_TYPE_UNSPECIFIED" }, { "name": "BinaryFile", "description": "Includes all file extensions not covered by another entry. Binary scanning attempts to convert the content of the file to utf_8 to scan the file. If you wish to avoid this fall back, specify one or more of the other file types in your storage scan.", "value": "BINARY_FILE" }, { "name": "TextFile", "description": "Included file extensions: asc,asp, aspx, brf, c, cc,cfm, cgi, cpp, csv, cxx, c++, cs, css, dart, dat, dot, eml,, epbub, ged, go, h, hh, hpp, hxx, h++, hs, html, htm, mkd, markdown, m, ml, mli, perl, pl, plist, pm, php, phtml, pht, properties, py, pyw, rb, rbw, rs, rss, rc, scala, sh, sql, swift, tex, shtml, shtm, xhtml, lhs, ics, ini, java, js, json, kix, kml, ocaml, md, txt, text, tsv, vb, vcard, vcs, wml, xcodeproj, xml, xsl, xsd, yml, yaml.", "value": "TEXT_FILE" }, { "name": "Image", "description": "Included file extensions: bmp, gif, jpg, jpeg, jpe, png. Setting bytes_limit_per_file or bytes_limit_per_file_percent has no effect on image files. Image inspection is restricted to the `global`, `us`, `asia`, and `europe` regions.", "value": "IMAGE" }, { "name": "Word", "description": "Microsoft Word files larger than 30 MB will be scanned as binary files. Included file extensions: docx, dotx, docm, dotm. Setting `bytes_limit_per_file` or `bytes_limit_per_file_percent` has no effect on Word files.", "value": "WORD" }, { "name": "Pdf", "description": "PDF files larger than 30 MB will be scanned as binary files. Included file extensions: pdf. Setting `bytes_limit_per_file` or `bytes_limit_per_file_percent` has no effect on PDF files.", "value": "PDF" }, { "name": "Avro", "description": "Included file extensions: avro", "value": "AVRO" }, { "name": "Csv", "description": "Included file extensions: csv", "value": "CSV" }, { "name": "Tsv", "description": "Included file extensions: tsv", "value": "TSV" }, { "name": "Powerpoint", "description": "Microsoft PowerPoint files larger than 30 MB will be scanned as binary files. Included file extensions: pptx, pptm, potx, potm, pot. Setting `bytes_limit_per_file` or `bytes_limit_per_file_percent` has no effect on PowerPoint files.", "value": "POWERPOINT" }, { "name": "Excel", "description": "Microsoft Excel files larger than 30 MB will be scanned as binary files. Included file extensions: xlsx, xlsm, xltx, xltm. Setting `bytes_limit_per_file` or `bytes_limit_per_file_percent` has no effect on Excel files.", "value": "EXCEL" } ] }, "google-native:dlp/v2:GooglePrivacyDlpV2CloudStorageOptionsResponse": { "description": "Options defining a file or a set of files within a Cloud Storage bucket.", "properties": { "bytesLimitPerFile": { "type": "string", "description": "Max number of bytes to scan from a file. If a scanned file's size is bigger than this value then the rest of the bytes are omitted. Only one of `bytes_limit_per_file` and `bytes_limit_per_file_percent` can be specified. This field can't be set if de-identification is requested. For certain file types, setting this field has no effect. For more information, see [Limits on bytes scanned per file](https://cloud.google.com/dlp/docs/supported-file-types#max-byte-size-per-file)." }, "bytesLimitPerFilePercent": { "type": "integer", "description": "Max percentage of bytes to scan from a file. The rest are omitted. The number of bytes scanned is rounded down. Must be between 0 and 100, inclusively. Both 0 and 100 means no limit. Defaults to 0. Only one of bytes_limit_per_file and bytes_limit_per_file_percent can be specified. This field can't be set if de-identification is requested. For certain file types, setting this field has no effect. For more information, see [Limits on bytes scanned per file](https://cloud.google.com/dlp/docs/supported-file-types#max-byte-size-per-file)." }, "fileSet": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FileSetResponse", "description": "The set of one or more files to scan." }, "fileTypes": { "type": "array", "items": { "type": "string" }, "description": "List of file type groups to include in the scan. If empty, all files are scanned and available data format processors are applied. In addition, the binary content of the selected files is always scanned as well. Images are scanned only as binary if the specified region does not support image inspection and no file_types were specified. Image inspection is restricted to 'global', 'us', 'asia', and 'europe'." }, "filesLimitPercent": { "type": "integer", "description": "Limits the number of files to scan to this percentage of the input FileSet. Number of files scanned is rounded down. Must be between 0 and 100, inclusively. Both 0 and 100 means no limit. Defaults to 0." }, "sampleMethod": { "type": "string" } }, "type": "object", "required": [ "bytesLimitPerFile", "bytesLimitPerFilePercent", "fileSet", "fileTypes", "filesLimitPercent", "sampleMethod" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2CloudStorageOptionsSampleMethod": { "type": "string", "enum": [ { "name": "SampleMethodUnspecified", "value": "SAMPLE_METHOD_UNSPECIFIED" }, { "name": "Top", "description": "Scan from the top (default).", "value": "TOP" }, { "name": "RandomStart", "description": "For each file larger than bytes_limit_per_file, randomly pick the offset to start scanning. The scanned bytes are contiguous.", "value": "RANDOM_START" } ] }, "google-native:dlp/v2:GooglePrivacyDlpV2CloudStoragePath": { "description": "Message representing a single file or path in Cloud Storage.", "properties": { "path": { "type": "string", "description": "A url representing a file or path (no wildcards) in Cloud Storage. Example: gs://[BUCKET_NAME]/dictionary.txt" } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2CloudStoragePathResponse": { "description": "Message representing a single file or path in Cloud Storage.", "properties": { "path": { "type": "string", "description": "A url representing a file or path (no wildcards) in Cloud Storage. Example: gs://[BUCKET_NAME]/dictionary.txt" } }, "type": "object", "required": [ "path" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2CloudStorageRegexFileSet": { "description": "Message representing a set of files in a Cloud Storage bucket. Regular expressions are used to allow fine-grained control over which files in the bucket to include. Included files are those that match at least one item in `include_regex` and do not match any items in `exclude_regex`. Note that a file that matches items from both lists will _not_ be included. For a match to occur, the entire file path (i.e., everything in the url after the bucket name) must match the regular expression. For example, given the input `{bucket_name: \"mybucket\", include_regex: [\"directory1/.*\"], exclude_regex: [\"directory1/excluded.*\"]}`: * `gs://mybucket/directory1/myfile` will be included * `gs://mybucket/directory1/directory2/myfile` will be included (`.*` matches across `/`) * `gs://mybucket/directory0/directory1/myfile` will _not_ be included (the full path doesn't match any items in `include_regex`) * `gs://mybucket/directory1/excludedfile` will _not_ be included (the path matches an item in `exclude_regex`) If `include_regex` is left empty, it will match all files by default (this is equivalent to setting `include_regex: [\".*\"]`). Some other common use cases: * `{bucket_name: \"mybucket\", exclude_regex: [\".*\\.pdf\"]}` will include all files in `mybucket` except for .pdf files * `{bucket_name: \"mybucket\", include_regex: [\"directory/[^/]+\"]}` will include all files directly under `gs://mybucket/directory/`, without matching across `/`", "properties": { "bucketName": { "type": "string", "description": "The name of a Cloud Storage bucket. Required." }, "excludeRegex": { "type": "array", "items": { "type": "string" }, "description": "A list of regular expressions matching file paths to exclude. All files in the bucket that match at least one of these regular expressions will be excluded from the scan. Regular expressions use RE2 [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found under the google/re2 repository on GitHub." }, "includeRegex": { "type": "array", "items": { "type": "string" }, "description": "A list of regular expressions matching file paths to include. All files in the bucket that match at least one of these regular expressions will be included in the set of files, except for those that also match an item in `exclude_regex`. Leaving this field empty will match all files by default (this is equivalent to including `.*` in the list). Regular expressions use RE2 [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found under the google/re2 repository on GitHub." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2CloudStorageRegexFileSetResponse": { "description": "Message representing a set of files in a Cloud Storage bucket. Regular expressions are used to allow fine-grained control over which files in the bucket to include. Included files are those that match at least one item in `include_regex` and do not match any items in `exclude_regex`. Note that a file that matches items from both lists will _not_ be included. For a match to occur, the entire file path (i.e., everything in the url after the bucket name) must match the regular expression. For example, given the input `{bucket_name: \"mybucket\", include_regex: [\"directory1/.*\"], exclude_regex: [\"directory1/excluded.*\"]}`: * `gs://mybucket/directory1/myfile` will be included * `gs://mybucket/directory1/directory2/myfile` will be included (`.*` matches across `/`) * `gs://mybucket/directory0/directory1/myfile` will _not_ be included (the full path doesn't match any items in `include_regex`) * `gs://mybucket/directory1/excludedfile` will _not_ be included (the path matches an item in `exclude_regex`) If `include_regex` is left empty, it will match all files by default (this is equivalent to setting `include_regex: [\".*\"]`). Some other common use cases: * `{bucket_name: \"mybucket\", exclude_regex: [\".*\\.pdf\"]}` will include all files in `mybucket` except for .pdf files * `{bucket_name: \"mybucket\", include_regex: [\"directory/[^/]+\"]}` will include all files directly under `gs://mybucket/directory/`, without matching across `/`", "properties": { "bucketName": { "type": "string", "description": "The name of a Cloud Storage bucket. Required." }, "excludeRegex": { "type": "array", "items": { "type": "string" }, "description": "A list of regular expressions matching file paths to exclude. All files in the bucket that match at least one of these regular expressions will be excluded from the scan. Regular expressions use RE2 [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found under the google/re2 repository on GitHub." }, "includeRegex": { "type": "array", "items": { "type": "string" }, "description": "A list of regular expressions matching file paths to include. All files in the bucket that match at least one of these regular expressions will be included in the set of files, except for those that also match an item in `exclude_regex`. Leaving this field empty will match all files by default (this is equivalent to including `.*` in the list). Regular expressions use RE2 [syntax](https://github.com/google/re2/wiki/Syntax); a guide can be found under the google/re2 repository on GitHub." } }, "type": "object", "required": [ "bucketName", "excludeRegex", "includeRegex" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2Color": { "description": "Represents a color in the RGB color space.", "properties": { "blue": { "type": "number", "description": "The amount of blue in the color as a value in the interval [0, 1]." }, "green": { "type": "number", "description": "The amount of green in the color as a value in the interval [0, 1]." }, "red": { "type": "number", "description": "The amount of red in the color as a value in the interval [0, 1]." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2ColorResponse": { "description": "Represents a color in the RGB color space.", "properties": { "blue": { "type": "number", "description": "The amount of blue in the color as a value in the interval [0, 1]." }, "green": { "type": "number", "description": "The amount of green in the color as a value in the interval [0, 1]." }, "red": { "type": "number", "description": "The amount of red in the color as a value in the interval [0, 1]." } }, "type": "object", "required": [ "blue", "green", "red" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2Condition": { "description": "The field type of `value` and `field` do not need to match to be considered equal, but not all comparisons are possible. EQUAL_TO and NOT_EQUAL_TO attempt to compare even with incompatible types, but all other comparisons are invalid with incompatible types. A `value` of type: - `string` can be compared against all other types - `boolean` can only be compared against other booleans - `integer` can be compared against doubles or a string if the string value can be parsed as an integer. - `double` can be compared against integers or a string if the string can be parsed as a double. - `Timestamp` can be compared against strings in RFC 3339 date string format. - `TimeOfDay` can be compared against timestamps and strings in the format of 'HH:mm:ss'. If we fail to compare do to type mismatch, a warning will be given and the condition will evaluate to false.", "properties": { "field": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldId", "description": "Field within the record this condition is evaluated against." }, "operator": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ConditionOperator", "description": "Operator used to compare the field or infoType to the value." }, "value": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2Value", "description": "Value to compare against. [Mandatory, except for `EXISTS` tests.]" } }, "type": "object", "required": [ "field", "operator" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2ConditionOperator": { "description": "Required. Operator used to compare the field or infoType to the value.", "type": "string", "enum": [ { "name": "RelationalOperatorUnspecified", "description": "Unused", "value": "RELATIONAL_OPERATOR_UNSPECIFIED" }, { "name": "EqualTo", "description": "Equal. Attempts to match even with incompatible types.", "value": "EQUAL_TO" }, { "name": "NotEqualTo", "description": "Not equal to. Attempts to match even with incompatible types.", "value": "NOT_EQUAL_TO" }, { "name": "GreaterThan", "description": "Greater than.", "value": "GREATER_THAN" }, { "name": "LessThan", "description": "Less than.", "value": "LESS_THAN" }, { "name": "GreaterThanOrEquals", "description": "Greater than or equals.", "value": "GREATER_THAN_OR_EQUALS" }, { "name": "LessThanOrEquals", "description": "Less than or equals.", "value": "LESS_THAN_OR_EQUALS" }, { "name": "Exists", "description": "Exists", "value": "EXISTS" } ] }, "google-native:dlp/v2:GooglePrivacyDlpV2ConditionResponse": { "description": "The field type of `value` and `field` do not need to match to be considered equal, but not all comparisons are possible. EQUAL_TO and NOT_EQUAL_TO attempt to compare even with incompatible types, but all other comparisons are invalid with incompatible types. A `value` of type: - `string` can be compared against all other types - `boolean` can only be compared against other booleans - `integer` can be compared against doubles or a string if the string value can be parsed as an integer. - `double` can be compared against integers or a string if the string can be parsed as a double. - `Timestamp` can be compared against strings in RFC 3339 date string format. - `TimeOfDay` can be compared against timestamps and strings in the format of 'HH:mm:ss'. If we fail to compare do to type mismatch, a warning will be given and the condition will evaluate to false.", "properties": { "field": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldIdResponse", "description": "Field within the record this condition is evaluated against." }, "operator": { "type": "string", "description": "Operator used to compare the field or infoType to the value." }, "value": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ValueResponse", "description": "Value to compare against. [Mandatory, except for `EXISTS` tests.]" } }, "type": "object", "required": [ "field", "operator", "value" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2Conditions": { "description": "A collection of conditions.", "properties": { "conditions": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2Condition" }, "description": "A collection of conditions." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2ConditionsResponse": { "description": "A collection of conditions.", "properties": { "conditions": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ConditionResponse" }, "description": "A collection of conditions." } }, "type": "object", "required": [ "conditions" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2CryptoDeterministicConfig": { "description": "Pseudonymization method that generates deterministic encryption for the given input. Outputs a base64 encoded representation of the encrypted output. Uses AES-SIV based on the RFC https://tools.ietf.org/html/rfc5297.", "properties": { "context": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldId", "description": "A context may be used for higher security and maintaining referential integrity such that the same identifier in two different contexts will be given a distinct surrogate. The context is appended to plaintext value being encrypted. On decryption the provided context is validated against the value used during encryption. If a context was provided during encryption, same context must be provided during decryption as well. If the context is not set, plaintext would be used as is for encryption. If the context is set but: 1. there is no record present when transforming a given value or 2. the field is not present when transforming a given value, plaintext would be used as is for encryption. Note that case (1) is expected when an `InfoTypeTransformation` is applied to both structured and unstructured `ContentItem`s." }, "cryptoKey": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CryptoKey", "description": "The key used by the encryption function. For deterministic encryption using AES-SIV, the provided key is internally expanded to 64 bytes prior to use." }, "surrogateInfoType": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoType", "description": "The custom info type to annotate the surrogate with. This annotation will be applied to the surrogate by prefixing it with the name of the custom info type followed by the number of characters comprising the surrogate. The following scheme defines the format: {info type name}({surrogate character count}):{surrogate} For example, if the name of custom info type is 'MY_TOKEN_INFO_TYPE' and the surrogate is 'abc', the full replacement value will be: 'MY_TOKEN_INFO_TYPE(3):abc' This annotation identifies the surrogate when inspecting content using the custom info type 'Surrogate'. This facilitates reversal of the surrogate when it occurs in free text. Note: For record transformations where the entire cell in a table is being transformed, surrogates are not mandatory. Surrogates are used to denote the location of the token and are necessary for re-identification in free form text. In order for inspection to work properly, the name of this info type must not occur naturally anywhere in your data; otherwise, inspection may either - reverse a surrogate that does not correspond to an actual identifier - be unable to parse the surrogate and result in an error Therefore, choose your custom info type name carefully after considering what your data looks like. One way to select a name that has a high chance of yielding reliable detection is to include one or more unicode characters that are highly improbable to exist in your data. For example, assuming your data is entered from a regular ASCII keyboard, the symbol with the hex code point 29DD might be used like so: ⧝MY_TOKEN_TYPE." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2CryptoDeterministicConfigResponse": { "description": "Pseudonymization method that generates deterministic encryption for the given input. Outputs a base64 encoded representation of the encrypted output. Uses AES-SIV based on the RFC https://tools.ietf.org/html/rfc5297.", "properties": { "context": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldIdResponse", "description": "A context may be used for higher security and maintaining referential integrity such that the same identifier in two different contexts will be given a distinct surrogate. The context is appended to plaintext value being encrypted. On decryption the provided context is validated against the value used during encryption. If a context was provided during encryption, same context must be provided during decryption as well. If the context is not set, plaintext would be used as is for encryption. If the context is set but: 1. there is no record present when transforming a given value or 2. the field is not present when transforming a given value, plaintext would be used as is for encryption. Note that case (1) is expected when an `InfoTypeTransformation` is applied to both structured and unstructured `ContentItem`s." }, "cryptoKey": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CryptoKeyResponse", "description": "The key used by the encryption function. For deterministic encryption using AES-SIV, the provided key is internally expanded to 64 bytes prior to use." }, "surrogateInfoType": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoTypeResponse", "description": "The custom info type to annotate the surrogate with. This annotation will be applied to the surrogate by prefixing it with the name of the custom info type followed by the number of characters comprising the surrogate. The following scheme defines the format: {info type name}({surrogate character count}):{surrogate} For example, if the name of custom info type is 'MY_TOKEN_INFO_TYPE' and the surrogate is 'abc', the full replacement value will be: 'MY_TOKEN_INFO_TYPE(3):abc' This annotation identifies the surrogate when inspecting content using the custom info type 'Surrogate'. This facilitates reversal of the surrogate when it occurs in free text. Note: For record transformations where the entire cell in a table is being transformed, surrogates are not mandatory. Surrogates are used to denote the location of the token and are necessary for re-identification in free form text. In order for inspection to work properly, the name of this info type must not occur naturally anywhere in your data; otherwise, inspection may either - reverse a surrogate that does not correspond to an actual identifier - be unable to parse the surrogate and result in an error Therefore, choose your custom info type name carefully after considering what your data looks like. One way to select a name that has a high chance of yielding reliable detection is to include one or more unicode characters that are highly improbable to exist in your data. For example, assuming your data is entered from a regular ASCII keyboard, the symbol with the hex code point 29DD might be used like so: ⧝MY_TOKEN_TYPE." } }, "type": "object", "required": [ "context", "cryptoKey", "surrogateInfoType" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2CryptoHashConfig": { "description": "Pseudonymization method that generates surrogates via cryptographic hashing. Uses SHA-256. The key size must be either 32 or 64 bytes. Outputs a base64 encoded representation of the hashed output (for example, L7k0BHmF1ha5U3NfGykjro4xWi1MPVQPjhMAZbSV9mM=). Currently, only string and integer values can be hashed. See https://cloud.google.com/dlp/docs/pseudonymization to learn more.", "properties": { "cryptoKey": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CryptoKey", "description": "The key used by the hash function." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2CryptoHashConfigResponse": { "description": "Pseudonymization method that generates surrogates via cryptographic hashing. Uses SHA-256. The key size must be either 32 or 64 bytes. Outputs a base64 encoded representation of the hashed output (for example, L7k0BHmF1ha5U3NfGykjro4xWi1MPVQPjhMAZbSV9mM=). Currently, only string and integer values can be hashed. See https://cloud.google.com/dlp/docs/pseudonymization to learn more.", "properties": { "cryptoKey": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CryptoKeyResponse", "description": "The key used by the hash function." } }, "type": "object", "required": [ "cryptoKey" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2CryptoKey": { "description": "This is a data encryption key (DEK) (as opposed to a key encryption key (KEK) stored by Cloud Key Management Service (Cloud KMS). When using Cloud KMS to wrap or unwrap a DEK, be sure to set an appropriate IAM policy on the KEK to ensure an attacker cannot unwrap the DEK.", "properties": { "kmsWrapped": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2KmsWrappedCryptoKey", "description": "Key wrapped using Cloud KMS" }, "transient": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2TransientCryptoKey", "description": "Transient crypto key" }, "unwrapped": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2UnwrappedCryptoKey", "description": "Unwrapped crypto key" } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2CryptoKeyResponse": { "description": "This is a data encryption key (DEK) (as opposed to a key encryption key (KEK) stored by Cloud Key Management Service (Cloud KMS). When using Cloud KMS to wrap or unwrap a DEK, be sure to set an appropriate IAM policy on the KEK to ensure an attacker cannot unwrap the DEK.", "properties": { "kmsWrapped": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2KmsWrappedCryptoKeyResponse", "description": "Key wrapped using Cloud KMS" }, "transient": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2TransientCryptoKeyResponse", "description": "Transient crypto key" }, "unwrapped": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2UnwrappedCryptoKeyResponse", "description": "Unwrapped crypto key" } }, "type": "object", "required": [ "kmsWrapped", "transient", "unwrapped" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2CryptoReplaceFfxFpeConfig": { "description": "Replaces an identifier with a surrogate using Format Preserving Encryption (FPE) with the FFX mode of operation; however when used in the `ReidentifyContent` API method, it serves the opposite function by reversing the surrogate back into the original identifier. The identifier must be encoded as ASCII. For a given crypto key and context, the same identifier will be replaced with the same surrogate. Identifiers must be at least two characters long. In the case that the identifier is the empty string, it will be skipped. See https://cloud.google.com/dlp/docs/pseudonymization to learn more. Note: We recommend using CryptoDeterministicConfig for all use cases which do not require preserving the input alphabet space and size, plus warrant referential integrity.", "properties": { "commonAlphabet": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CryptoReplaceFfxFpeConfigCommonAlphabet", "description": "Common alphabets." }, "context": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldId", "description": "The 'tweak', a context may be used for higher security since the same identifier in two different contexts won't be given the same surrogate. If the context is not set, a default tweak will be used. If the context is set but: 1. there is no record present when transforming a given value or 1. the field is not present when transforming a given value, a default tweak will be used. Note that case (1) is expected when an `InfoTypeTransformation` is applied to both structured and unstructured `ContentItem`s. Currently, the referenced field may be of value type integer or string. The tweak is constructed as a sequence of bytes in big endian byte order such that: - a 64 bit integer is encoded followed by a single byte of value 1 - a string is encoded in UTF-8 format followed by a single byte of value 2" }, "cryptoKey": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CryptoKey", "description": "The key used by the encryption algorithm." }, "customAlphabet": { "type": "string", "description": "This is supported by mapping these to the alphanumeric characters that the FFX mode natively supports. This happens before/after encryption/decryption. Each character listed must appear only once. Number of characters must be in the range [2, 95]. This must be encoded as ASCII. The order of characters does not matter. The full list of allowed characters is: 0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz ~`!@#$%^&*()_-+={[}]|\\:;\"'<,>.?/" }, "radix": { "type": "integer", "description": "The native way to select the alphabet. Must be in the range [2, 95]." }, "surrogateInfoType": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoType", "description": "The custom infoType to annotate the surrogate with. This annotation will be applied to the surrogate by prefixing it with the name of the custom infoType followed by the number of characters comprising the surrogate. The following scheme defines the format: info_type_name(surrogate_character_count):surrogate For example, if the name of custom infoType is 'MY_TOKEN_INFO_TYPE' and the surrogate is 'abc', the full replacement value will be: 'MY_TOKEN_INFO_TYPE(3):abc' This annotation identifies the surrogate when inspecting content using the custom infoType [`SurrogateType`](https://cloud.google.com/dlp/docs/reference/rest/v2/InspectConfig#surrogatetype). This facilitates reversal of the surrogate when it occurs in free text. In order for inspection to work properly, the name of this infoType must not occur naturally anywhere in your data; otherwise, inspection may find a surrogate that does not correspond to an actual identifier. Therefore, choose your custom infoType name carefully after considering what your data looks like. One way to select a name that has a high chance of yielding reliable detection is to include one or more unicode characters that are highly improbable to exist in your data. For example, assuming your data is entered from a regular ASCII keyboard, the symbol with the hex code point 29DD might be used like so: ⧝MY_TOKEN_TYPE" } }, "type": "object", "required": [ "cryptoKey" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2CryptoReplaceFfxFpeConfigCommonAlphabet": { "description": "Common alphabets.", "type": "string", "enum": [ { "name": "FfxCommonNativeAlphabetUnspecified", "description": "Unused.", "value": "FFX_COMMON_NATIVE_ALPHABET_UNSPECIFIED" }, { "name": "Numeric", "description": "`[0-9]` (radix of 10)", "value": "NUMERIC" }, { "name": "Hexadecimal", "description": "`[0-9A-F]` (radix of 16)", "value": "HEXADECIMAL" }, { "name": "UpperCaseAlphaNumeric", "description": "`[0-9A-Z]` (radix of 36)", "value": "UPPER_CASE_ALPHA_NUMERIC" }, { "name": "AlphaNumeric", "description": "`[0-9A-Za-z]` (radix of 62)", "value": "ALPHA_NUMERIC" } ] }, "google-native:dlp/v2:GooglePrivacyDlpV2CryptoReplaceFfxFpeConfigResponse": { "description": "Replaces an identifier with a surrogate using Format Preserving Encryption (FPE) with the FFX mode of operation; however when used in the `ReidentifyContent` API method, it serves the opposite function by reversing the surrogate back into the original identifier. The identifier must be encoded as ASCII. For a given crypto key and context, the same identifier will be replaced with the same surrogate. Identifiers must be at least two characters long. In the case that the identifier is the empty string, it will be skipped. See https://cloud.google.com/dlp/docs/pseudonymization to learn more. Note: We recommend using CryptoDeterministicConfig for all use cases which do not require preserving the input alphabet space and size, plus warrant referential integrity.", "properties": { "commonAlphabet": { "type": "string", "description": "Common alphabets." }, "context": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldIdResponse", "description": "The 'tweak', a context may be used for higher security since the same identifier in two different contexts won't be given the same surrogate. If the context is not set, a default tweak will be used. If the context is set but: 1. there is no record present when transforming a given value or 1. the field is not present when transforming a given value, a default tweak will be used. Note that case (1) is expected when an `InfoTypeTransformation` is applied to both structured and unstructured `ContentItem`s. Currently, the referenced field may be of value type integer or string. The tweak is constructed as a sequence of bytes in big endian byte order such that: - a 64 bit integer is encoded followed by a single byte of value 1 - a string is encoded in UTF-8 format followed by a single byte of value 2" }, "cryptoKey": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CryptoKeyResponse", "description": "The key used by the encryption algorithm." }, "customAlphabet": { "type": "string", "description": "This is supported by mapping these to the alphanumeric characters that the FFX mode natively supports. This happens before/after encryption/decryption. Each character listed must appear only once. Number of characters must be in the range [2, 95]. This must be encoded as ASCII. The order of characters does not matter. The full list of allowed characters is: 0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz ~`!@#$%^&*()_-+={[}]|\\:;\"'<,>.?/" }, "radix": { "type": "integer", "description": "The native way to select the alphabet. Must be in the range [2, 95]." }, "surrogateInfoType": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoTypeResponse", "description": "The custom infoType to annotate the surrogate with. This annotation will be applied to the surrogate by prefixing it with the name of the custom infoType followed by the number of characters comprising the surrogate. The following scheme defines the format: info_type_name(surrogate_character_count):surrogate For example, if the name of custom infoType is 'MY_TOKEN_INFO_TYPE' and the surrogate is 'abc', the full replacement value will be: 'MY_TOKEN_INFO_TYPE(3):abc' This annotation identifies the surrogate when inspecting content using the custom infoType [`SurrogateType`](https://cloud.google.com/dlp/docs/reference/rest/v2/InspectConfig#surrogatetype). This facilitates reversal of the surrogate when it occurs in free text. In order for inspection to work properly, the name of this infoType must not occur naturally anywhere in your data; otherwise, inspection may find a surrogate that does not correspond to an actual identifier. Therefore, choose your custom infoType name carefully after considering what your data looks like. One way to select a name that has a high chance of yielding reliable detection is to include one or more unicode characters that are highly improbable to exist in your data. For example, assuming your data is entered from a regular ASCII keyboard, the symbol with the hex code point 29DD might be used like so: ⧝MY_TOKEN_TYPE" } }, "type": "object", "required": [ "commonAlphabet", "context", "cryptoKey", "customAlphabet", "radix", "surrogateInfoType" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2CustomInfoType": { "description": "Custom information type provided by the user. Used to find domain-specific sensitive information configurable to the data in question.", "properties": { "detectionRules": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DetectionRule" }, "description": "Set of detection rules to apply to all findings of this CustomInfoType. Rules are applied in order that they are specified. Not supported for the `surrogate_type` CustomInfoType." }, "dictionary": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2Dictionary", "description": "A list of phrases to detect as a CustomInfoType." }, "exclusionType": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CustomInfoTypeExclusionType", "description": "If set to EXCLUSION_TYPE_EXCLUDE this infoType will not cause a finding to be returned. It still can be used for rules matching." }, "infoType": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoType", "description": "CustomInfoType can either be a new infoType, or an extension of built-in infoType, when the name matches one of existing infoTypes and that infoType is specified in `InspectContent.info_types` field. Specifying the latter adds findings to the one detected by the system. If built-in info type is not specified in `InspectContent.info_types` list then the name is treated as a custom info type." }, "likelihood": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CustomInfoTypeLikelihood", "description": "Likelihood to return for this CustomInfoType. This base value can be altered by a detection rule if the finding meets the criteria specified by the rule. Defaults to `VERY_LIKELY` if not specified." }, "regex": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2Regex", "description": "Regular expression based CustomInfoType." }, "sensitivityScore": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2SensitivityScore", "description": "Sensitivity for this CustomInfoType. If this CustomInfoType extends an existing InfoType, the sensitivity here will take precedence over that of the original InfoType. If unset for a CustomInfoType, it will default to HIGH. This only applies to data profiling." }, "storedType": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2StoredType", "description": "Load an existing `StoredInfoType` resource for use in `InspectDataSource`. Not currently supported in `InspectContent`." }, "surrogateType": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2SurrogateType", "description": "Message for detecting output from deidentification transformations that support reversing." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2CustomInfoTypeExclusionType": { "description": "If set to EXCLUSION_TYPE_EXCLUDE this infoType will not cause a finding to be returned. It still can be used for rules matching.", "type": "string", "enum": [ { "name": "ExclusionTypeUnspecified", "description": "A finding of this custom info type will not be excluded from results.", "value": "EXCLUSION_TYPE_UNSPECIFIED" }, { "name": "ExclusionTypeExclude", "description": "A finding of this custom info type will be excluded from final results, but can still affect rule execution.", "value": "EXCLUSION_TYPE_EXCLUDE" } ] }, "google-native:dlp/v2:GooglePrivacyDlpV2CustomInfoTypeLikelihood": { "description": "Likelihood to return for this CustomInfoType. This base value can be altered by a detection rule if the finding meets the criteria specified by the rule. Defaults to `VERY_LIKELY` if not specified.", "type": "string", "enum": [ { "name": "LikelihoodUnspecified", "description": "Default value; same as POSSIBLE.", "value": "LIKELIHOOD_UNSPECIFIED" }, { "name": "VeryUnlikely", "description": "Highest chance of a false positive.", "value": "VERY_UNLIKELY" }, { "name": "Unlikely", "description": "High chance of a false positive.", "value": "UNLIKELY" }, { "name": "Possible", "description": "Some matching signals. The default value.", "value": "POSSIBLE" }, { "name": "Likely", "description": "Low chance of a false positive.", "value": "LIKELY" }, { "name": "VeryLikely", "description": "Confidence level is high. Lowest chance of a false positive.", "value": "VERY_LIKELY" } ] }, "google-native:dlp/v2:GooglePrivacyDlpV2CustomInfoTypeResponse": { "description": "Custom information type provided by the user. Used to find domain-specific sensitive information configurable to the data in question.", "properties": { "detectionRules": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DetectionRuleResponse" }, "description": "Set of detection rules to apply to all findings of this CustomInfoType. Rules are applied in order that they are specified. Not supported for the `surrogate_type` CustomInfoType." }, "dictionary": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DictionaryResponse", "description": "A list of phrases to detect as a CustomInfoType." }, "exclusionType": { "type": "string", "description": "If set to EXCLUSION_TYPE_EXCLUDE this infoType will not cause a finding to be returned. It still can be used for rules matching." }, "infoType": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoTypeResponse", "description": "CustomInfoType can either be a new infoType, or an extension of built-in infoType, when the name matches one of existing infoTypes and that infoType is specified in `InspectContent.info_types` field. Specifying the latter adds findings to the one detected by the system. If built-in info type is not specified in `InspectContent.info_types` list then the name is treated as a custom info type." }, "likelihood": { "type": "string", "description": "Likelihood to return for this CustomInfoType. This base value can be altered by a detection rule if the finding meets the criteria specified by the rule. Defaults to `VERY_LIKELY` if not specified." }, "regex": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2RegexResponse", "description": "Regular expression based CustomInfoType." }, "sensitivityScore": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2SensitivityScoreResponse", "description": "Sensitivity for this CustomInfoType. If this CustomInfoType extends an existing InfoType, the sensitivity here will take precedence over that of the original InfoType. If unset for a CustomInfoType, it will default to HIGH. This only applies to data profiling." }, "storedType": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2StoredTypeResponse", "description": "Load an existing `StoredInfoType` resource for use in `InspectDataSource`. Not currently supported in `InspectContent`." }, "surrogateType": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2SurrogateTypeResponse", "description": "Message for detecting output from deidentification transformations that support reversing." } }, "type": "object", "required": [ "detectionRules", "dictionary", "exclusionType", "infoType", "likelihood", "regex", "sensitivityScore", "storedType", "surrogateType" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2DataProfileAction": { "description": "A task to execute when a data profile has been generated.", "properties": { "exportData": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2Export", "description": "Export data profiles into a provided location." }, "pubSubNotification": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2PubSubNotification", "description": "Publish a message into the Pub/Sub topic." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2DataProfileActionResponse": { "description": "A task to execute when a data profile has been generated.", "properties": { "exportData": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ExportResponse", "description": "Export data profiles into a provided location." }, "pubSubNotification": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2PubSubNotificationResponse", "description": "Publish a message into the Pub/Sub topic." } }, "type": "object", "required": [ "exportData", "pubSubNotification" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2DataProfilePubSubCondition": { "description": "A condition for determining whether a Pub/Sub should be triggered.", "properties": { "expressions": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2PubSubExpressions", "description": "An expression." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2DataProfilePubSubConditionResponse": { "description": "A condition for determining whether a Pub/Sub should be triggered.", "properties": { "expressions": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2PubSubExpressionsResponse", "description": "An expression." } }, "type": "object", "required": [ "expressions" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2DatastoreOptions": { "description": "Options defining a data set within Google Cloud Datastore.", "properties": { "kind": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2KindExpression", "description": "The kind to process." }, "partitionId": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2PartitionId", "description": "A partition ID identifies a grouping of entities. The grouping is always by project and namespace, however the namespace ID may be empty." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2DatastoreOptionsResponse": { "description": "Options defining a data set within Google Cloud Datastore.", "properties": { "kind": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2KindExpressionResponse", "description": "The kind to process." }, "partitionId": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2PartitionIdResponse", "description": "A partition ID identifies a grouping of entities. The grouping is always by project and namespace, however the namespace ID may be empty." } }, "type": "object", "required": [ "kind", "partitionId" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2DateShiftConfig": { "description": "Shifts dates by random number of days, with option to be consistent for the same context. See https://cloud.google.com/dlp/docs/concepts-date-shifting to learn more.", "properties": { "context": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldId", "description": "Points to the field that contains the context, for example, an entity id. If set, must also set cryptoKey. If set, shift will be consistent for the given context." }, "cryptoKey": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CryptoKey", "description": "Causes the shift to be computed based on this key and the context. This results in the same shift for the same context and crypto_key. If set, must also set context. Can only be applied to table items." }, "lowerBoundDays": { "type": "integer", "description": "For example, -5 means shift date to at most 5 days back in the past." }, "upperBoundDays": { "type": "integer", "description": "Range of shift in days. Actual shift will be selected at random within this range (inclusive ends). Negative means shift to earlier in time. Must not be more than 365250 days (1000 years) each direction. For example, 3 means shift date to at most 3 days into the future." } }, "type": "object", "required": [ "lowerBoundDays", "upperBoundDays" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2DateShiftConfigResponse": { "description": "Shifts dates by random number of days, with option to be consistent for the same context. See https://cloud.google.com/dlp/docs/concepts-date-shifting to learn more.", "properties": { "context": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldIdResponse", "description": "Points to the field that contains the context, for example, an entity id. If set, must also set cryptoKey. If set, shift will be consistent for the given context." }, "cryptoKey": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CryptoKeyResponse", "description": "Causes the shift to be computed based on this key and the context. This results in the same shift for the same context and crypto_key. If set, must also set context. Can only be applied to table items." }, "lowerBoundDays": { "type": "integer", "description": "For example, -5 means shift date to at most 5 days back in the past." }, "upperBoundDays": { "type": "integer", "description": "Range of shift in days. Actual shift will be selected at random within this range (inclusive ends). Negative means shift to earlier in time. Must not be more than 365250 days (1000 years) each direction. For example, 3 means shift date to at most 3 days into the future." } }, "type": "object", "required": [ "context", "cryptoKey", "lowerBoundDays", "upperBoundDays" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2Deidentify": { "description": "Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect", "properties": { "cloudStorageOutput": { "type": "string", "description": "User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket" }, "fileTypesToTransform": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DeidentifyFileTypesToTransformItem" }, "description": "List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV." }, "transformationConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2TransformationConfig", "description": "User specified deidentify templates and configs for structured, unstructured, and image files." }, "transformationDetailsStorageConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2TransformationDetailsStorageConfig", "description": "Config for storing transformation details. This is separate from the de-identified content, and contains metadata about the successful transformations and/or failures that occurred while de-identifying. This needs to be set in order for users to access information about the status of each transformation (see TransformationDetails message for more information about what is noted)." } }, "type": "object", "required": [ "cloudStorageOutput" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2DeidentifyConfig": { "description": "The configuration that controls how the data will change.", "properties": { "imageTransformations": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ImageTransformations", "description": "Treat the dataset as an image and redact." }, "infoTypeTransformations": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoTypeTransformations", "description": "Treat the dataset as free-form text and apply the same free text transformation everywhere." }, "recordTransformations": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2RecordTransformations", "description": "Treat the dataset as structured. Transformations can be applied to specific locations within structured datasets, such as transforming a column within a table." }, "transformationErrorHandling": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2TransformationErrorHandling", "description": "Mode for handling transformation errors. If left unspecified, the default mode is `TransformationErrorHandling.ThrowError`." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2DeidentifyConfigResponse": { "description": "The configuration that controls how the data will change.", "properties": { "imageTransformations": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ImageTransformationsResponse", "description": "Treat the dataset as an image and redact." }, "infoTypeTransformations": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoTypeTransformationsResponse", "description": "Treat the dataset as free-form text and apply the same free text transformation everywhere." }, "recordTransformations": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2RecordTransformationsResponse", "description": "Treat the dataset as structured. Transformations can be applied to specific locations within structured datasets, such as transforming a column within a table." }, "transformationErrorHandling": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2TransformationErrorHandlingResponse", "description": "Mode for handling transformation errors. If left unspecified, the default mode is `TransformationErrorHandling.ThrowError`." } }, "type": "object", "required": [ "imageTransformations", "infoTypeTransformations", "recordTransformations", "transformationErrorHandling" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2DeidentifyDataSourceDetailsResponse": { "description": "The results of a Deidentify action from an inspect job.", "properties": { "deidentifyStats": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DeidentifyDataSourceStatsResponse", "description": "Stats about the de-identification operation." }, "requestedOptions": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2RequestedDeidentifyOptionsResponse", "description": "De-identification config used for the request." } }, "type": "object", "required": [ "deidentifyStats", "requestedOptions" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2DeidentifyDataSourceStatsResponse": { "description": "Summary of what was modified during a transformation.", "properties": { "transformationCount": { "type": "string", "description": "Number of successfully applied transformations." }, "transformationErrorCount": { "type": "string", "description": "Number of errors encountered while trying to apply transformations." }, "transformedBytes": { "type": "string", "description": "Total size in bytes that were transformed in some way." } }, "type": "object", "required": [ "transformationCount", "transformationErrorCount", "transformedBytes" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2DeidentifyFileTypesToTransformItem": { "type": "string", "enum": [ { "name": "FileTypeUnspecified", "description": "Includes all files.", "value": "FILE_TYPE_UNSPECIFIED" }, { "name": "BinaryFile", "description": "Includes all file extensions not covered by another entry. Binary scanning attempts to convert the content of the file to utf_8 to scan the file. If you wish to avoid this fall back, specify one or more of the other file types in your storage scan.", "value": "BINARY_FILE" }, { "name": "TextFile", "description": "Included file extensions: asc,asp, aspx, brf, c, cc,cfm, cgi, cpp, csv, cxx, c++, cs, css, dart, dat, dot, eml,, epbub, ged, go, h, hh, hpp, hxx, h++, hs, html, htm, mkd, markdown, m, ml, mli, perl, pl, plist, pm, php, phtml, pht, properties, py, pyw, rb, rbw, rs, rss, rc, scala, sh, sql, swift, tex, shtml, shtm, xhtml, lhs, ics, ini, java, js, json, kix, kml, ocaml, md, txt, text, tsv, vb, vcard, vcs, wml, xcodeproj, xml, xsl, xsd, yml, yaml.", "value": "TEXT_FILE" }, { "name": "Image", "description": "Included file extensions: bmp, gif, jpg, jpeg, jpe, png. Setting bytes_limit_per_file or bytes_limit_per_file_percent has no effect on image files. Image inspection is restricted to the `global`, `us`, `asia`, and `europe` regions.", "value": "IMAGE" }, { "name": "Word", "description": "Microsoft Word files larger than 30 MB will be scanned as binary files. Included file extensions: docx, dotx, docm, dotm. Setting `bytes_limit_per_file` or `bytes_limit_per_file_percent` has no effect on Word files.", "value": "WORD" }, { "name": "Pdf", "description": "PDF files larger than 30 MB will be scanned as binary files. Included file extensions: pdf. Setting `bytes_limit_per_file` or `bytes_limit_per_file_percent` has no effect on PDF files.", "value": "PDF" }, { "name": "Avro", "description": "Included file extensions: avro", "value": "AVRO" }, { "name": "Csv", "description": "Included file extensions: csv", "value": "CSV" }, { "name": "Tsv", "description": "Included file extensions: tsv", "value": "TSV" }, { "name": "Powerpoint", "description": "Microsoft PowerPoint files larger than 30 MB will be scanned as binary files. Included file extensions: pptx, pptm, potx, potm, pot. Setting `bytes_limit_per_file` or `bytes_limit_per_file_percent` has no effect on PowerPoint files.", "value": "POWERPOINT" }, { "name": "Excel", "description": "Microsoft Excel files larger than 30 MB will be scanned as binary files. Included file extensions: xlsx, xlsm, xltx, xltm. Setting `bytes_limit_per_file` or `bytes_limit_per_file_percent` has no effect on Excel files.", "value": "EXCEL" } ] }, "google-native:dlp/v2:GooglePrivacyDlpV2DeidentifyResponse": { "description": "Create a de-identified copy of the requested table or files. A TransformationDetail will be created for each transformation. If any rows in BigQuery are skipped during de-identification (transformation errors or row size exceeds BigQuery insert API limits) they are placed in the failure output table. If the original row exceeds the BigQuery insert API limit it will be truncated when written to the failure output table. The failure output table can be set in the action.deidentify.output.big_query_output.deidentified_failure_output_table field, if no table is set, a table will be automatically created in the same project and dataset as the original table. Compatible with: Inspect", "properties": { "cloudStorageOutput": { "type": "string", "description": "User settable Cloud Storage bucket and folders to store de-identified files. This field must be set for cloud storage deidentification. The output Cloud Storage bucket must be different from the input bucket. De-identified files will overwrite files in the output path. Form of: gs://bucket/folder/ or gs://bucket" }, "fileTypesToTransform": { "type": "array", "items": { "type": "string" }, "description": "List of user-specified file type groups to transform. If specified, only the files with these filetypes will be transformed. If empty, all supported files will be transformed. Supported types may be automatically added over time. If a file type is set in this field that isn't supported by the Deidentify action then the job will fail and will not be successfully created/started. Currently the only filetypes supported are: IMAGES, TEXT_FILES, CSV, TSV." }, "transformationConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2TransformationConfigResponse", "description": "User specified deidentify templates and configs for structured, unstructured, and image files." }, "transformationDetailsStorageConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2TransformationDetailsStorageConfigResponse", "description": "Config for storing transformation details. This is separate from the de-identified content, and contains metadata about the successful transformations and/or failures that occurred while de-identifying. This needs to be set in order for users to access information about the status of each transformation (see TransformationDetails message for more information about what is noted)." } }, "type": "object", "required": [ "cloudStorageOutput", "fileTypesToTransform", "transformationConfig", "transformationDetailsStorageConfig" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2DeidentifyTemplateResponse": { "description": "DeidentifyTemplates contains instructions on how to de-identify content. See https://cloud.google.com/dlp/docs/concepts-templates to learn more.", "properties": { "createTime": { "type": "string", "description": "The creation timestamp of an inspectTemplate." }, "deidentifyConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DeidentifyConfigResponse", "description": "The core content of the template." }, "description": { "type": "string", "description": "Short description (max 256 chars)." }, "displayName": { "type": "string", "description": "Display name (max 256 chars)." }, "name": { "type": "string", "description": "The template name. The template will have one of the following formats: `projects/PROJECT_ID/deidentifyTemplates/TEMPLATE_ID` OR `organizations/ORGANIZATION_ID/deidentifyTemplates/TEMPLATE_ID`" }, "updateTime": { "type": "string", "description": "The last update timestamp of an inspectTemplate." } }, "type": "object", "required": [ "createTime", "deidentifyConfig", "description", "displayName", "name", "updateTime" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2DeltaPresenceEstimationConfig": { "description": "δ-presence metric, used to estimate how likely it is for an attacker to figure out that one given individual appears in a de-identified dataset. Similarly to the k-map metric, we cannot compute δ-presence exactly without knowing the attack dataset, so we use a statistical model instead.", "properties": { "auxiliaryTables": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2StatisticalTable" }, "description": "Several auxiliary tables can be used in the analysis. Each custom_tag used to tag a quasi-identifiers field must appear in exactly one field of one auxiliary table." }, "quasiIds": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2QuasiId" }, "description": "Fields considered to be quasi-identifiers. No two fields can have the same tag." }, "regionCode": { "type": "string", "description": "ISO 3166-1 alpha-2 region code to use in the statistical modeling. Set if no column is tagged with a region-specific InfoType (like US_ZIP_5) or a region code." } }, "type": "object", "required": [ "quasiIds" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2DeltaPresenceEstimationConfigResponse": { "description": "δ-presence metric, used to estimate how likely it is for an attacker to figure out that one given individual appears in a de-identified dataset. Similarly to the k-map metric, we cannot compute δ-presence exactly without knowing the attack dataset, so we use a statistical model instead.", "properties": { "auxiliaryTables": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2StatisticalTableResponse" }, "description": "Several auxiliary tables can be used in the analysis. Each custom_tag used to tag a quasi-identifiers field must appear in exactly one field of one auxiliary table." }, "quasiIds": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2QuasiIdResponse" }, "description": "Fields considered to be quasi-identifiers. No two fields can have the same tag." }, "regionCode": { "type": "string", "description": "ISO 3166-1 alpha-2 region code to use in the statistical modeling. Set if no column is tagged with a region-specific InfoType (like US_ZIP_5) or a region code." } }, "type": "object", "required": [ "auxiliaryTables", "quasiIds", "regionCode" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2DeltaPresenceEstimationHistogramBucketResponse": { "description": "A DeltaPresenceEstimationHistogramBucket message with the following values: min_probability: 0.1 max_probability: 0.2 frequency: 42 means that there are 42 records for which δ is in [0.1, 0.2). An important particular case is when min_probability = max_probability = 1: then, every individual who shares this quasi-identifier combination is in the dataset.", "properties": { "bucketSize": { "type": "string", "description": "Number of records within these probability bounds." }, "bucketValueCount": { "type": "string", "description": "Total number of distinct quasi-identifier tuple values in this bucket." }, "bucketValues": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DeltaPresenceEstimationQuasiIdValuesResponse" }, "description": "Sample of quasi-identifier tuple values in this bucket. The total number of classes returned per bucket is capped at 20." }, "maxProbability": { "type": "number", "description": "Always greater than or equal to min_probability." }, "minProbability": { "type": "number", "description": "Between 0 and 1." } }, "type": "object", "required": [ "bucketSize", "bucketValueCount", "bucketValues", "maxProbability", "minProbability" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2DeltaPresenceEstimationQuasiIdValuesResponse": { "description": "A tuple of values for the quasi-identifier columns.", "properties": { "estimatedProbability": { "type": "number", "description": "The estimated probability that a given individual sharing these quasi-identifier values is in the dataset. This value, typically called δ, is the ratio between the number of records in the dataset with these quasi-identifier values, and the total number of individuals (inside *and* outside the dataset) with these quasi-identifier values. For example, if there are 15 individuals in the dataset who share the same quasi-identifier values, and an estimated 100 people in the entire population with these values, then δ is 0.15." }, "quasiIdsValues": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ValueResponse" }, "description": "The quasi-identifier values." } }, "type": "object", "required": [ "estimatedProbability", "quasiIdsValues" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2DeltaPresenceEstimationResultResponse": { "description": "Result of the δ-presence computation. Note that these results are an estimation, not exact values.", "properties": { "deltaPresenceEstimationHistogram": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DeltaPresenceEstimationHistogramBucketResponse" }, "description": "The intervals [min_probability, max_probability) do not overlap. If a value doesn't correspond to any such interval, the associated frequency is zero. For example, the following records: {min_probability: 0, max_probability: 0.1, frequency: 17} {min_probability: 0.2, max_probability: 0.3, frequency: 42} {min_probability: 0.3, max_probability: 0.4, frequency: 99} mean that there are no record with an estimated probability in [0.1, 0.2) nor larger or equal to 0.4." } }, "type": "object", "required": [ "deltaPresenceEstimationHistogram" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2DetectionRule": { "description": "Deprecated; use `InspectionRuleSet` instead. Rule for modifying a `CustomInfoType` to alter behavior under certain circumstances, depending on the specific details of the rule. Not supported for the `surrogate_type` custom infoType.", "properties": { "hotwordRule": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2HotwordRule", "description": "Hotword-based detection rule." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2DetectionRuleResponse": { "description": "Deprecated; use `InspectionRuleSet` instead. Rule for modifying a `CustomInfoType` to alter behavior under certain circumstances, depending on the specific details of the rule. Not supported for the `surrogate_type` custom infoType.", "properties": { "hotwordRule": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2HotwordRuleResponse", "description": "Hotword-based detection rule." } }, "type": "object", "required": [ "hotwordRule" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2Dictionary": { "description": "Custom information type based on a dictionary of words or phrases. This can be used to match sensitive information specific to the data, such as a list of employee IDs or job titles. Dictionary words are case-insensitive and all characters other than letters and digits in the unicode [Basic Multilingual Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane) will be replaced with whitespace when scanning for matches, so the dictionary phrase \"Sam Johnson\" will match all three phrases \"sam johnson\", \"Sam, Johnson\", and \"Sam (Johnson)\". Additionally, the characters surrounding any match must be of a different type than the adjacent characters within the word, so letters must be next to non-letters and digits next to non-digits. For example, the dictionary word \"jen\" will match the first three letters of the text \"jen123\" but will return no matches for \"jennifer\". Dictionary words containing a large number of characters that are not letters or digits may result in unexpected findings because such characters are treated as whitespace. The [limits](https://cloud.google.com/dlp/limits) page contains details about the size limits of dictionaries. For dictionaries that do not fit within these constraints, consider using `LargeCustomDictionaryConfig` in the `StoredInfoType` API.", "properties": { "cloudStoragePath": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CloudStoragePath", "description": "Newline-delimited file of words in Cloud Storage. Only a single file is accepted." }, "wordList": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2WordList", "description": "List of words or phrases to search for." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2DictionaryResponse": { "description": "Custom information type based on a dictionary of words or phrases. This can be used to match sensitive information specific to the data, such as a list of employee IDs or job titles. Dictionary words are case-insensitive and all characters other than letters and digits in the unicode [Basic Multilingual Plane](https://en.wikipedia.org/wiki/Plane_%28Unicode%29#Basic_Multilingual_Plane) will be replaced with whitespace when scanning for matches, so the dictionary phrase \"Sam Johnson\" will match all three phrases \"sam johnson\", \"Sam, Johnson\", and \"Sam (Johnson)\". Additionally, the characters surrounding any match must be of a different type than the adjacent characters within the word, so letters must be next to non-letters and digits next to non-digits. For example, the dictionary word \"jen\" will match the first three letters of the text \"jen123\" but will return no matches for \"jennifer\". Dictionary words containing a large number of characters that are not letters or digits may result in unexpected findings because such characters are treated as whitespace. The [limits](https://cloud.google.com/dlp/limits) page contains details about the size limits of dictionaries. For dictionaries that do not fit within these constraints, consider using `LargeCustomDictionaryConfig` in the `StoredInfoType` API.", "properties": { "cloudStoragePath": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CloudStoragePathResponse", "description": "Newline-delimited file of words in Cloud Storage. Only a single file is accepted." }, "wordList": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2WordListResponse", "description": "List of words or phrases to search for." } }, "type": "object", "required": [ "cloudStoragePath", "wordList" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2Disabled": { "description": "Do not profile the tables.", "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2DisabledResponse": { "description": "Do not profile the tables.", "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2DiscoveryBigQueryConditions": { "description": "Requirements that must be true before a table is scanned in discovery for the first time. There is an AND relationship between the top-level attributes. Additionally, minimum conditions with an OR relationship that must be met before Cloud DLP scans a table can be set (like a minimum row count or a minimum table age).", "properties": { "createdAfter": { "type": "string", "description": "BigQuery table must have been created after this date. Used to avoid backfilling." }, "orConditions": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2OrConditions", "description": "At least one of the conditions must be true for a table to be scanned." }, "typeCollection": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DiscoveryBigQueryConditionsTypeCollection", "description": "Restrict discovery to categories of table types." }, "types": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryTableTypes", "description": "Restrict discovery to specific table types." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2DiscoveryBigQueryConditionsResponse": { "description": "Requirements that must be true before a table is scanned in discovery for the first time. There is an AND relationship between the top-level attributes. Additionally, minimum conditions with an OR relationship that must be met before Cloud DLP scans a table can be set (like a minimum row count or a minimum table age).", "properties": { "createdAfter": { "type": "string", "description": "BigQuery table must have been created after this date. Used to avoid backfilling." }, "orConditions": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2OrConditionsResponse", "description": "At least one of the conditions must be true for a table to be scanned." }, "typeCollection": { "type": "string", "description": "Restrict discovery to categories of table types." }, "types": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryTableTypesResponse", "description": "Restrict discovery to specific table types." } }, "type": "object", "required": [ "createdAfter", "orConditions", "typeCollection", "types" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2DiscoveryBigQueryConditionsTypeCollection": { "description": "Restrict discovery to categories of table types.", "type": "string", "enum": [ { "name": "BigQueryCollectionUnspecified", "description": "Unused.", "value": "BIG_QUERY_COLLECTION_UNSPECIFIED" }, { "name": "BigQueryCollectionAllTypes", "description": "Automatically generate profiles for all tables, even if the table type is not yet fully supported for analysis. Profiles for unsupported tables will be generated with errors to indicate their partial support. When full support is added, the tables will automatically be profiled during the next scheduled run.", "value": "BIG_QUERY_COLLECTION_ALL_TYPES" }, { "name": "BigQueryCollectionOnlySupportedTypes", "description": "Only those types fully supported will be profiled. Will expand automatically as Cloud DLP adds support for new table types. Unsupported table types will not have partial profiles generated.", "value": "BIG_QUERY_COLLECTION_ONLY_SUPPORTED_TYPES" } ] }, "google-native:dlp/v2:GooglePrivacyDlpV2DiscoveryBigQueryFilter": { "description": "Determines what tables will have profiles generated within an organization or project. Includes the ability to filter by regular expression patterns on project ID, dataset ID, and table ID.", "properties": { "otherTables": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2AllOtherBigQueryTables", "description": "Catch-all. This should always be the last filter in the list because anything above it will apply first. Should only appear once in a configuration. If none is specified, a default one will be added automatically." }, "tables": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryTableCollection", "description": "A specific set of tables for this filter to apply to. A table collection must be specified in only one filter per config. If a table id or dataset is empty, Cloud DLP assumes all tables in that collection must be profiled. Must specify a project ID." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2DiscoveryBigQueryFilterResponse": { "description": "Determines what tables will have profiles generated within an organization or project. Includes the ability to filter by regular expression patterns on project ID, dataset ID, and table ID.", "properties": { "otherTables": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2AllOtherBigQueryTablesResponse", "description": "Catch-all. This should always be the last filter in the list because anything above it will apply first. Should only appear once in a configuration. If none is specified, a default one will be added automatically." }, "tables": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryTableCollectionResponse", "description": "A specific set of tables for this filter to apply to. A table collection must be specified in only one filter per config. If a table id or dataset is empty, Cloud DLP assumes all tables in that collection must be profiled. Must specify a project ID." } }, "type": "object", "required": [ "otherTables", "tables" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2DiscoveryGenerationCadence": { "description": "What must take place for a profile to be updated and how frequently it should occur. New tables are scanned as quickly as possible depending on system capacity.", "properties": { "schemaModifiedCadence": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DiscoverySchemaModifiedCadence", "description": "Governs when to update data profiles when a schema is modified." }, "tableModifiedCadence": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DiscoveryTableModifiedCadence", "description": "Governs when to update data profiles when a table is modified." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2DiscoveryGenerationCadenceResponse": { "description": "What must take place for a profile to be updated and how frequently it should occur. New tables are scanned as quickly as possible depending on system capacity.", "properties": { "schemaModifiedCadence": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DiscoverySchemaModifiedCadenceResponse", "description": "Governs when to update data profiles when a schema is modified." }, "tableModifiedCadence": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DiscoveryTableModifiedCadenceResponse", "description": "Governs when to update data profiles when a table is modified." } }, "type": "object", "required": [ "schemaModifiedCadence", "tableModifiedCadence" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2DiscoverySchemaModifiedCadence": { "description": "The cadence at which to update data profiles when a schema is modified.", "properties": { "frequency": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DiscoverySchemaModifiedCadenceFrequency", "description": "How frequently profiles may be updated when schemas are modified. Defaults to monthly." }, "types": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DiscoverySchemaModifiedCadenceTypesItem" }, "description": "The type of events to consider when deciding if the table's schema has been modified and should have the profile updated. Defaults to NEW_COLUMNS." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2DiscoverySchemaModifiedCadenceFrequency": { "description": "How frequently profiles may be updated when schemas are modified. Defaults to monthly.", "type": "string", "enum": [ { "name": "UpdateFrequencyUnspecified", "description": "Unspecified.", "value": "UPDATE_FREQUENCY_UNSPECIFIED" }, { "name": "UpdateFrequencyNever", "description": "After the data profile is created, it will never be updated.", "value": "UPDATE_FREQUENCY_NEVER" }, { "name": "UpdateFrequencyDaily", "description": "The data profile can be updated up to once every 24 hours.", "value": "UPDATE_FREQUENCY_DAILY" }, { "name": "UpdateFrequencyMonthly", "description": "The data profile can be updated up to once every 30 days. Default.", "value": "UPDATE_FREQUENCY_MONTHLY" } ] }, "google-native:dlp/v2:GooglePrivacyDlpV2DiscoverySchemaModifiedCadenceResponse": { "description": "The cadence at which to update data profiles when a schema is modified.", "properties": { "frequency": { "type": "string", "description": "How frequently profiles may be updated when schemas are modified. Defaults to monthly." }, "types": { "type": "array", "items": { "type": "string" }, "description": "The type of events to consider when deciding if the table's schema has been modified and should have the profile updated. Defaults to NEW_COLUMNS." } }, "type": "object", "required": [ "frequency", "types" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2DiscoverySchemaModifiedCadenceTypesItem": { "type": "string", "enum": [ { "name": "SchemaModificationUnspecified", "description": "Unused", "value": "SCHEMA_MODIFICATION_UNSPECIFIED" }, { "name": "SchemaNewColumns", "description": "Profiles should be regenerated when new columns are added to the table. Default.", "value": "SCHEMA_NEW_COLUMNS" }, { "name": "SchemaRemovedColumns", "description": "Profiles should be regenerated when columns are removed from the table.", "value": "SCHEMA_REMOVED_COLUMNS" } ] }, "google-native:dlp/v2:GooglePrivacyDlpV2DiscoveryStartingLocation": { "description": "The location to begin a discovery scan. Denotes an organization ID or folder ID within an organization.", "properties": { "folderId": { "type": "string", "description": "The ID of the Folder within an organization to scan." }, "organizationId": { "type": "string", "description": "The ID of an organization to scan." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2DiscoveryStartingLocationResponse": { "description": "The location to begin a discovery scan. Denotes an organization ID or folder ID within an organization.", "properties": { "folderId": { "type": "string", "description": "The ID of the Folder within an organization to scan." }, "organizationId": { "type": "string", "description": "The ID of an organization to scan." } }, "type": "object", "required": [ "folderId", "organizationId" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2DiscoveryTableModifiedCadence": { "description": "The cadence at which to update data profiles when a table is modified.", "properties": { "frequency": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DiscoveryTableModifiedCadenceFrequency", "description": "How frequently data profiles can be updated when tables are modified. Defaults to never." }, "types": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DiscoveryTableModifiedCadenceTypesItem" }, "description": "The type of events to consider when deciding if the table has been modified and should have the profile updated. Defaults to MODIFIED_TIMESTAMP." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2DiscoveryTableModifiedCadenceFrequency": { "description": "How frequently data profiles can be updated when tables are modified. Defaults to never.", "type": "string", "enum": [ { "name": "UpdateFrequencyUnspecified", "description": "Unspecified.", "value": "UPDATE_FREQUENCY_UNSPECIFIED" }, { "name": "UpdateFrequencyNever", "description": "After the data profile is created, it will never be updated.", "value": "UPDATE_FREQUENCY_NEVER" }, { "name": "UpdateFrequencyDaily", "description": "The data profile can be updated up to once every 24 hours.", "value": "UPDATE_FREQUENCY_DAILY" }, { "name": "UpdateFrequencyMonthly", "description": "The data profile can be updated up to once every 30 days. Default.", "value": "UPDATE_FREQUENCY_MONTHLY" } ] }, "google-native:dlp/v2:GooglePrivacyDlpV2DiscoveryTableModifiedCadenceResponse": { "description": "The cadence at which to update data profiles when a table is modified.", "properties": { "frequency": { "type": "string", "description": "How frequently data profiles can be updated when tables are modified. Defaults to never." }, "types": { "type": "array", "items": { "type": "string" }, "description": "The type of events to consider when deciding if the table has been modified and should have the profile updated. Defaults to MODIFIED_TIMESTAMP." } }, "type": "object", "required": [ "frequency", "types" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2DiscoveryTableModifiedCadenceTypesItem": { "type": "string", "enum": [ { "name": "TableModificationUnspecified", "description": "Unused.", "value": "TABLE_MODIFICATION_UNSPECIFIED" }, { "name": "TableModifiedTimestamp", "description": "A table will be considered modified when the last_modified_time from BigQuery has been updated.", "value": "TABLE_MODIFIED_TIMESTAMP" } ] }, "google-native:dlp/v2:GooglePrivacyDlpV2DiscoveryTarget": { "description": "Target used to match against for Discovery.", "properties": { "bigQueryTarget": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryDiscoveryTarget", "description": "BigQuery target for Discovery. The first target to match a table will be the one applied." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2DiscoveryTargetResponse": { "description": "Target used to match against for Discovery.", "properties": { "bigQueryTarget": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryDiscoveryTargetResponse", "description": "BigQuery target for Discovery. The first target to match a table will be the one applied." } }, "type": "object", "required": [ "bigQueryTarget" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2EntityId": { "description": "An entity in a dataset is a field or set of fields that correspond to a single person. For example, in medical records the `EntityId` might be a patient identifier, or for financial records it might be an account identifier. This message is used when generalizations or analysis must take into account that multiple rows correspond to the same entity.", "properties": { "field": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldId", "description": "Composite key indicating which field contains the entity identifier." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2EntityIdResponse": { "description": "An entity in a dataset is a field or set of fields that correspond to a single person. For example, in medical records the `EntityId` might be a patient identifier, or for financial records it might be an account identifier. This message is used when generalizations or analysis must take into account that multiple rows correspond to the same entity.", "properties": { "field": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldIdResponse", "description": "Composite key indicating which field contains the entity identifier." } }, "type": "object", "required": [ "field" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2ErrorResponse": { "description": "Details information about an error encountered during job execution or the results of an unsuccessful activation of the JobTrigger.", "properties": { "details": { "$ref": "#/types/google-native:dlp%2Fv2:GoogleRpcStatusResponse", "description": "Detailed error codes and messages." }, "timestamps": { "type": "array", "items": { "type": "string" }, "description": "The times the error occurred. List includes the oldest timestamp and the last 9 timestamps." } }, "type": "object", "required": [ "details", "timestamps" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2ExcludeByHotword": { "description": "The rule to exclude findings based on a hotword. For record inspection of tables, column names are considered hotwords. An example of this is to exclude a finding if it belongs to a BigQuery column that matches a specific pattern.", "properties": { "hotwordRegex": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2Regex", "description": "Regular expression pattern defining what qualifies as a hotword." }, "proximity": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2Proximity", "description": "Range of characters within which the entire hotword must reside. The total length of the window cannot exceed 1000 characters. The windowBefore property in proximity should be set to 1 if the hotword needs to be included in a column header." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2ExcludeByHotwordResponse": { "description": "The rule to exclude findings based on a hotword. For record inspection of tables, column names are considered hotwords. An example of this is to exclude a finding if it belongs to a BigQuery column that matches a specific pattern.", "properties": { "hotwordRegex": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2RegexResponse", "description": "Regular expression pattern defining what qualifies as a hotword." }, "proximity": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ProximityResponse", "description": "Range of characters within which the entire hotword must reside. The total length of the window cannot exceed 1000 characters. The windowBefore property in proximity should be set to 1 if the hotword needs to be included in a column header." } }, "type": "object", "required": [ "hotwordRegex", "proximity" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2ExcludeInfoTypes": { "description": "List of excluded infoTypes.", "properties": { "infoTypes": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoType" }, "description": "InfoType list in ExclusionRule rule drops a finding when it overlaps or contained within with a finding of an infoType from this list. For example, for `InspectionRuleSet.info_types` containing \"PHONE_NUMBER\"` and `exclusion_rule` containing `exclude_info_types.info_types` with \"EMAIL_ADDRESS\" the phone number findings are dropped if they overlap with EMAIL_ADDRESS finding. That leads to \"555-222-2222@example.org\" to generate only a single finding, namely email address." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2ExcludeInfoTypesResponse": { "description": "List of excluded infoTypes.", "properties": { "infoTypes": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoTypeResponse" }, "description": "InfoType list in ExclusionRule rule drops a finding when it overlaps or contained within with a finding of an infoType from this list. For example, for `InspectionRuleSet.info_types` containing \"PHONE_NUMBER\"` and `exclusion_rule` containing `exclude_info_types.info_types` with \"EMAIL_ADDRESS\" the phone number findings are dropped if they overlap with EMAIL_ADDRESS finding. That leads to \"555-222-2222@example.org\" to generate only a single finding, namely email address." } }, "type": "object", "required": [ "infoTypes" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2ExclusionRule": { "description": "The rule that specifies conditions when findings of infoTypes specified in `InspectionRuleSet` are removed from results.", "properties": { "dictionary": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2Dictionary", "description": "Dictionary which defines the rule." }, "excludeByHotword": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ExcludeByHotword", "description": "Drop if the hotword rule is contained in the proximate context. For tabular data, the context includes the column name." }, "excludeInfoTypes": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ExcludeInfoTypes", "description": "Set of infoTypes for which findings would affect this rule." }, "matchingType": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ExclusionRuleMatchingType", "description": "How the rule is applied, see MatchingType documentation for details." }, "regex": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2Regex", "description": "Regular expression which defines the rule." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2ExclusionRuleMatchingType": { "description": "How the rule is applied, see MatchingType documentation for details.", "type": "string", "enum": [ { "name": "MatchingTypeUnspecified", "description": "Invalid.", "value": "MATCHING_TYPE_UNSPECIFIED" }, { "name": "MatchingTypeFullMatch", "description": "Full match. - Dictionary: join of Dictionary results matched complete finding quote - Regex: all regex matches fill a finding quote start to end - Exclude info type: completely inside affecting info types findings", "value": "MATCHING_TYPE_FULL_MATCH" }, { "name": "MatchingTypePartialMatch", "description": "Partial match. - Dictionary: at least one of the tokens in the finding matches - Regex: substring of the finding matches - Exclude info type: intersects with affecting info types findings", "value": "MATCHING_TYPE_PARTIAL_MATCH" }, { "name": "MatchingTypeInverseMatch", "description": "Inverse match. - Dictionary: no tokens in the finding match the dictionary - Regex: finding doesn't match the regex - Exclude info type: no intersection with affecting info types findings", "value": "MATCHING_TYPE_INVERSE_MATCH" } ] }, "google-native:dlp/v2:GooglePrivacyDlpV2ExclusionRuleResponse": { "description": "The rule that specifies conditions when findings of infoTypes specified in `InspectionRuleSet` are removed from results.", "properties": { "dictionary": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DictionaryResponse", "description": "Dictionary which defines the rule." }, "excludeByHotword": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ExcludeByHotwordResponse", "description": "Drop if the hotword rule is contained in the proximate context. For tabular data, the context includes the column name." }, "excludeInfoTypes": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ExcludeInfoTypesResponse", "description": "Set of infoTypes for which findings would affect this rule." }, "matchingType": { "type": "string", "description": "How the rule is applied, see MatchingType documentation for details." }, "regex": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2RegexResponse", "description": "Regular expression which defines the rule." } }, "type": "object", "required": [ "dictionary", "excludeByHotword", "excludeInfoTypes", "matchingType", "regex" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2Export": { "description": "If set, the detailed data profiles will be persisted to the location of your choice whenever updated.", "properties": { "profileTable": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryTable", "description": "Store all table and column profiles in an existing table or a new table in an existing dataset. Each re-generation will result in a new row in BigQuery." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2ExportResponse": { "description": "If set, the detailed data profiles will be persisted to the location of your choice whenever updated.", "properties": { "profileTable": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryTableResponse", "description": "Store all table and column profiles in an existing table or a new table in an existing dataset. Each re-generation will result in a new row in BigQuery." } }, "type": "object", "required": [ "profileTable" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2Expressions": { "description": "An expression, consisting of an operator and conditions.", "properties": { "conditions": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2Conditions", "description": "Conditions to apply to the expression." }, "logicalOperator": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ExpressionsLogicalOperator", "description": "The operator to apply to the result of conditions. Default and currently only supported value is `AND`." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2ExpressionsLogicalOperator": { "description": "The operator to apply to the result of conditions. Default and currently only supported value is `AND`.", "type": "string", "enum": [ { "name": "LogicalOperatorUnspecified", "description": "Unused", "value": "LOGICAL_OPERATOR_UNSPECIFIED" }, { "name": "And", "description": "Conditional AND", "value": "AND" } ] }, "google-native:dlp/v2:GooglePrivacyDlpV2ExpressionsResponse": { "description": "An expression, consisting of an operator and conditions.", "properties": { "conditions": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ConditionsResponse", "description": "Conditions to apply to the expression." }, "logicalOperator": { "type": "string", "description": "The operator to apply to the result of conditions. Default and currently only supported value is `AND`." } }, "type": "object", "required": [ "conditions", "logicalOperator" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2FieldId": { "description": "General identifier of a data field in a storage service.", "properties": { "name": { "type": "string", "description": "Name describing the field." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2FieldIdResponse": { "description": "General identifier of a data field in a storage service.", "properties": { "name": { "type": "string", "description": "Name describing the field." } }, "type": "object", "required": [ "name" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2FieldTransformation": { "description": "The transformation to apply to the field.", "properties": { "condition": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2RecordCondition", "description": "Only apply the transformation if the condition evaluates to true for the given `RecordCondition`. The conditions are allowed to reference fields that are not used in the actual transformation. Example Use Cases: - Apply a different bucket transformation to an age column if the zip code column for the same record is within a specific range. - Redact a field if the date of birth field is greater than 85." }, "fields": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldId" }, "description": "Input field(s) to apply the transformation to. When you have columns that reference their position within a list, omit the index from the FieldId. FieldId name matching ignores the index. For example, instead of \"contact.nums[0].type\", use \"contact.nums.type\"." }, "infoTypeTransformations": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoTypeTransformations", "description": "Treat the contents of the field as free text, and selectively transform content that matches an `InfoType`." }, "primitiveTransformation": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2PrimitiveTransformation", "description": "Apply the transformation to the entire field." } }, "type": "object", "required": [ "fields" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2FieldTransformationResponse": { "description": "The transformation to apply to the field.", "properties": { "condition": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2RecordConditionResponse", "description": "Only apply the transformation if the condition evaluates to true for the given `RecordCondition`. The conditions are allowed to reference fields that are not used in the actual transformation. Example Use Cases: - Apply a different bucket transformation to an age column if the zip code column for the same record is within a specific range. - Redact a field if the date of birth field is greater than 85." }, "fields": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldIdResponse" }, "description": "Input field(s) to apply the transformation to. When you have columns that reference their position within a list, omit the index from the FieldId. FieldId name matching ignores the index. For example, instead of \"contact.nums[0].type\", use \"contact.nums.type\"." }, "infoTypeTransformations": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoTypeTransformationsResponse", "description": "Treat the contents of the field as free text, and selectively transform content that matches an `InfoType`." }, "primitiveTransformation": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2PrimitiveTransformationResponse", "description": "Apply the transformation to the entire field." } }, "type": "object", "required": [ "condition", "fields", "infoTypeTransformations", "primitiveTransformation" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2FileSet": { "description": "Set of files to scan.", "properties": { "regexFileSet": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CloudStorageRegexFileSet", "description": "The regex-filtered set of files to scan. Exactly one of `url` or `regex_file_set` must be set." }, "url": { "type": "string", "description": "The Cloud Storage url of the file(s) to scan, in the format `gs:///`. Trailing wildcard in the path is allowed. If the url ends in a trailing slash, the bucket or directory represented by the url will be scanned non-recursively (content in sub-directories will not be scanned). This means that `gs://mybucket/` is equivalent to `gs://mybucket/*`, and `gs://mybucket/directory/` is equivalent to `gs://mybucket/directory/*`. Exactly one of `url` or `regex_file_set` must be set." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2FileSetResponse": { "description": "Set of files to scan.", "properties": { "regexFileSet": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CloudStorageRegexFileSetResponse", "description": "The regex-filtered set of files to scan. Exactly one of `url` or `regex_file_set` must be set." }, "url": { "type": "string", "description": "The Cloud Storage url of the file(s) to scan, in the format `gs:///`. Trailing wildcard in the path is allowed. If the url ends in a trailing slash, the bucket or directory represented by the url will be scanned non-recursively (content in sub-directories will not be scanned). This means that `gs://mybucket/` is equivalent to `gs://mybucket/*`, and `gs://mybucket/directory/` is equivalent to `gs://mybucket/directory/*`. Exactly one of `url` or `regex_file_set` must be set." } }, "type": "object", "required": [ "regexFileSet", "url" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2FindingLimits": { "description": "Configuration to control the number of findings returned for inspection. This is not used for de-identification or data profiling. When redacting sensitive data from images, finding limits don't apply. They can cause unexpected or inconsistent results, where only some data is redacted. Don't include finding limits in RedactImage requests. Otherwise, Cloud DLP returns an error.", "properties": { "maxFindingsPerInfoType": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoTypeLimit" }, "description": "Configuration of findings limit given for specified infoTypes." }, "maxFindingsPerItem": { "type": "integer", "description": "Max number of findings that are returned for each item scanned. When set within an InspectContentRequest, this field is ignored. This value isn't a hard limit. If the number of findings for an item reaches this limit, the inspection of that item ends gradually, not abruptly. Therefore, the actual number of findings that Cloud DLP returns for the item can be multiple times higher than this value." }, "maxFindingsPerRequest": { "type": "integer", "description": "Max number of findings that are returned per request or job. If you set this field in an InspectContentRequest, the resulting maximum value is the value that you set or 3,000, whichever is lower. This value isn't a hard limit. If an inspection reaches this limit, the inspection ends gradually, not abruptly. Therefore, the actual number of findings that Cloud DLP returns can be multiple times higher than this value." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2FindingLimitsResponse": { "description": "Configuration to control the number of findings returned for inspection. This is not used for de-identification or data profiling. When redacting sensitive data from images, finding limits don't apply. They can cause unexpected or inconsistent results, where only some data is redacted. Don't include finding limits in RedactImage requests. Otherwise, Cloud DLP returns an error.", "properties": { "maxFindingsPerInfoType": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoTypeLimitResponse" }, "description": "Configuration of findings limit given for specified infoTypes." }, "maxFindingsPerItem": { "type": "integer", "description": "Max number of findings that are returned for each item scanned. When set within an InspectContentRequest, this field is ignored. This value isn't a hard limit. If the number of findings for an item reaches this limit, the inspection of that item ends gradually, not abruptly. Therefore, the actual number of findings that Cloud DLP returns for the item can be multiple times higher than this value." }, "maxFindingsPerRequest": { "type": "integer", "description": "Max number of findings that are returned per request or job. If you set this field in an InspectContentRequest, the resulting maximum value is the value that you set or 3,000, whichever is lower. This value isn't a hard limit. If an inspection reaches this limit, the inspection ends gradually, not abruptly. Therefore, the actual number of findings that Cloud DLP returns can be multiple times higher than this value." } }, "type": "object", "required": [ "maxFindingsPerInfoType", "maxFindingsPerItem", "maxFindingsPerRequest" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2FixedSizeBucketingConfig": { "description": "Buckets values based on fixed size ranges. The Bucketing transformation can provide all of this functionality, but requires more configuration. This message is provided as a convenience to the user for simple bucketing strategies. The transformed value will be a hyphenated string of {lower_bound}-{upper_bound}. For example, if lower_bound = 10 and upper_bound = 20, all values that are within this bucket will be replaced with \"10-20\". This can be used on data of type: double, long. If the bound Value type differs from the type of data being transformed, we will first attempt converting the type of the data to be transformed to match the type of the bound before comparing. See https://cloud.google.com/dlp/docs/concepts-bucketing to learn more.", "properties": { "bucketSize": { "type": "number", "description": "Size of each bucket (except for minimum and maximum buckets). So if `lower_bound` = 10, `upper_bound` = 89, and `bucket_size` = 10, then the following buckets would be used: -10, 10-20, 20-30, 30-40, 40-50, 50-60, 60-70, 70-80, 80-89, 89+. Precision up to 2 decimals works." }, "lowerBound": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2Value", "description": "Lower bound value of buckets. All values less than `lower_bound` are grouped together into a single bucket; for example if `lower_bound` = 10, then all values less than 10 are replaced with the value \"-10\"." }, "upperBound": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2Value", "description": "Upper bound value of buckets. All values greater than upper_bound are grouped together into a single bucket; for example if `upper_bound` = 89, then all values greater than 89 are replaced with the value \"89+\"." } }, "type": "object", "required": [ "bucketSize", "lowerBound", "upperBound" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2FixedSizeBucketingConfigResponse": { "description": "Buckets values based on fixed size ranges. The Bucketing transformation can provide all of this functionality, but requires more configuration. This message is provided as a convenience to the user for simple bucketing strategies. The transformed value will be a hyphenated string of {lower_bound}-{upper_bound}. For example, if lower_bound = 10 and upper_bound = 20, all values that are within this bucket will be replaced with \"10-20\". This can be used on data of type: double, long. If the bound Value type differs from the type of data being transformed, we will first attempt converting the type of the data to be transformed to match the type of the bound before comparing. See https://cloud.google.com/dlp/docs/concepts-bucketing to learn more.", "properties": { "bucketSize": { "type": "number", "description": "Size of each bucket (except for minimum and maximum buckets). So if `lower_bound` = 10, `upper_bound` = 89, and `bucket_size` = 10, then the following buckets would be used: -10, 10-20, 20-30, 30-40, 40-50, 50-60, 60-70, 70-80, 80-89, 89+. Precision up to 2 decimals works." }, "lowerBound": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ValueResponse", "description": "Lower bound value of buckets. All values less than `lower_bound` are grouped together into a single bucket; for example if `lower_bound` = 10, then all values less than 10 are replaced with the value \"-10\"." }, "upperBound": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ValueResponse", "description": "Upper bound value of buckets. All values greater than upper_bound are grouped together into a single bucket; for example if `upper_bound` = 89, then all values greater than 89 are replaced with the value \"89+\"." } }, "type": "object", "required": [ "bucketSize", "lowerBound", "upperBound" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2HotwordRule": { "description": "The rule that adjusts the likelihood of findings within a certain proximity of hotwords.", "properties": { "hotwordRegex": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2Regex", "description": "Regular expression pattern defining what qualifies as a hotword." }, "likelihoodAdjustment": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2LikelihoodAdjustment", "description": "Likelihood adjustment to apply to all matching findings." }, "proximity": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2Proximity", "description": "Range of characters within which the entire hotword must reside. The total length of the window cannot exceed 1000 characters. The finding itself will be included in the window, so that hotwords can be used to match substrings of the finding itself. Suppose you want Cloud DLP to promote the likelihood of the phone number regex \"\\(\\d{3}\\) \\d{3}-\\d{4}\" if the area code is known to be the area code of a company's office. In this case, use the hotword regex \"\\(xxx\\)\", where \"xxx\" is the area code in question. For tabular data, if you want to modify the likelihood of an entire column of findngs, see [Hotword example: Set the match likelihood of a table column] (https://cloud.google.com/dlp/docs/creating-custom-infotypes-likelihood#match-column-values)." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2HotwordRuleResponse": { "description": "The rule that adjusts the likelihood of findings within a certain proximity of hotwords.", "properties": { "hotwordRegex": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2RegexResponse", "description": "Regular expression pattern defining what qualifies as a hotword." }, "likelihoodAdjustment": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2LikelihoodAdjustmentResponse", "description": "Likelihood adjustment to apply to all matching findings." }, "proximity": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ProximityResponse", "description": "Range of characters within which the entire hotword must reside. The total length of the window cannot exceed 1000 characters. The finding itself will be included in the window, so that hotwords can be used to match substrings of the finding itself. Suppose you want Cloud DLP to promote the likelihood of the phone number regex \"\\(\\d{3}\\) \\d{3}-\\d{4}\" if the area code is known to be the area code of a company's office. In this case, use the hotword regex \"\\(xxx\\)\", where \"xxx\" is the area code in question. For tabular data, if you want to modify the likelihood of an entire column of findngs, see [Hotword example: Set the match likelihood of a table column] (https://cloud.google.com/dlp/docs/creating-custom-infotypes-likelihood#match-column-values)." } }, "type": "object", "required": [ "hotwordRegex", "likelihoodAdjustment", "proximity" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2HybridInspectStatisticsResponse": { "description": "Statistics related to processing hybrid inspect requests.", "properties": { "abortedCount": { "type": "string", "description": "The number of hybrid inspection requests aborted because the job ran out of quota or was ended before they could be processed." }, "pendingCount": { "type": "string", "description": "The number of hybrid requests currently being processed. Only populated when called via method `getDlpJob`. A burst of traffic may cause hybrid inspect requests to be enqueued. Processing will take place as quickly as possible, but resource limitations may impact how long a request is enqueued for." }, "processedCount": { "type": "string", "description": "The number of hybrid inspection requests processed within this job." } }, "type": "object", "required": [ "abortedCount", "pendingCount", "processedCount" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2HybridOptions": { "description": "Configuration to control jobs where the content being inspected is outside of Google Cloud Platform.", "properties": { "description": { "type": "string", "description": "A short description of where the data is coming from. Will be stored once in the job. 256 max length." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "To organize findings, these labels will be added to each finding. Label keys must be between 1 and 63 characters long and must conform to the following regular expression: `[a-z]([-a-z0-9]*[a-z0-9])?`. Label values must be between 0 and 63 characters long and must conform to the regular expression `([a-z]([-a-z0-9]*[a-z0-9])?)?`. No more than 10 labels can be associated with a given finding. Examples: * `\"environment\" : \"production\"` * `\"pipeline\" : \"etl\"`" }, "requiredFindingLabelKeys": { "type": "array", "items": { "type": "string" }, "description": "These are labels that each inspection request must include within their 'finding_labels' map. Request may contain others, but any missing one of these will be rejected. Label keys must be between 1 and 63 characters long and must conform to the following regular expression: `[a-z]([-a-z0-9]*[a-z0-9])?`. No more than 10 keys can be required." }, "tableOptions": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2TableOptions", "description": "If the container is a table, additional information to make findings meaningful such as the columns that are primary keys." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2HybridOptionsResponse": { "description": "Configuration to control jobs where the content being inspected is outside of Google Cloud Platform.", "properties": { "description": { "type": "string", "description": "A short description of where the data is coming from. Will be stored once in the job. 256 max length." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "To organize findings, these labels will be added to each finding. Label keys must be between 1 and 63 characters long and must conform to the following regular expression: `[a-z]([-a-z0-9]*[a-z0-9])?`. Label values must be between 0 and 63 characters long and must conform to the regular expression `([a-z]([-a-z0-9]*[a-z0-9])?)?`. No more than 10 labels can be associated with a given finding. Examples: * `\"environment\" : \"production\"` * `\"pipeline\" : \"etl\"`" }, "requiredFindingLabelKeys": { "type": "array", "items": { "type": "string" }, "description": "These are labels that each inspection request must include within their 'finding_labels' map. Request may contain others, but any missing one of these will be rejected. Label keys must be between 1 and 63 characters long and must conform to the following regular expression: `[a-z]([-a-z0-9]*[a-z0-9])?`. No more than 10 keys can be required." }, "tableOptions": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2TableOptionsResponse", "description": "If the container is a table, additional information to make findings meaningful such as the columns that are primary keys." } }, "type": "object", "required": [ "description", "labels", "requiredFindingLabelKeys", "tableOptions" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2ImageTransformation": { "description": "Configuration for determining how redaction of images should occur.", "properties": { "allInfoTypes": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2AllInfoTypes", "description": "Apply transformation to all findings not specified in other ImageTransformation's selected_info_types. Only one instance is allowed within the ImageTransformations message." }, "allText": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2AllText", "description": "Apply transformation to all text that doesn't match an infoType. Only one instance is allowed within the ImageTransformations message." }, "redactionColor": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2Color", "description": "The color to use when redacting content from an image. If not specified, the default is black." }, "selectedInfoTypes": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2SelectedInfoTypes", "description": "Apply transformation to the selected info_types." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2ImageTransformationResponse": { "description": "Configuration for determining how redaction of images should occur.", "properties": { "allInfoTypes": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2AllInfoTypesResponse", "description": "Apply transformation to all findings not specified in other ImageTransformation's selected_info_types. Only one instance is allowed within the ImageTransformations message." }, "allText": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2AllTextResponse", "description": "Apply transformation to all text that doesn't match an infoType. Only one instance is allowed within the ImageTransformations message." }, "redactionColor": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ColorResponse", "description": "The color to use when redacting content from an image. If not specified, the default is black." }, "selectedInfoTypes": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2SelectedInfoTypesResponse", "description": "Apply transformation to the selected info_types." } }, "type": "object", "required": [ "allInfoTypes", "allText", "redactionColor", "selectedInfoTypes" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2ImageTransformations": { "description": "A type of transformation that is applied over images.", "properties": { "transforms": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ImageTransformation" } } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2ImageTransformationsResponse": { "description": "A type of transformation that is applied over images.", "properties": { "transforms": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ImageTransformationResponse" } } }, "type": "object", "required": [ "transforms" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2InfoType": { "description": "Type of information detected by the API.", "properties": { "name": { "type": "string", "description": "Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at https://cloud.google.com/dlp/docs/infotypes-reference when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$_-]{1,64}`." }, "sensitivityScore": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2SensitivityScore", "description": "Optional custom sensitivity for this InfoType. This only applies to data profiling." }, "version": { "type": "string", "description": "Optional version name for this InfoType." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2InfoTypeLikelihood": { "description": "Configuration for setting a minimum likelihood per infotype. Used to customize the minimum likelihood level for specific infotypes in the request. For example, use this if you want to lower the precision for PERSON_NAME without lowering the precision for the other infotypes in the request.", "properties": { "infoType": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoType", "description": "Type of information the likelihood threshold applies to. Only one likelihood per info_type should be provided. If InfoTypeLikelihood does not have an info_type, the configuration fails." }, "minLikelihood": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoTypeLikelihoodMinLikelihood", "description": "Only returns findings equal to or above this threshold. This field is required or else the configuration fails." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2InfoTypeLikelihoodMinLikelihood": { "description": "Only returns findings equal to or above this threshold. This field is required or else the configuration fails.", "type": "string", "enum": [ { "name": "LikelihoodUnspecified", "description": "Default value; same as POSSIBLE.", "value": "LIKELIHOOD_UNSPECIFIED" }, { "name": "VeryUnlikely", "description": "Highest chance of a false positive.", "value": "VERY_UNLIKELY" }, { "name": "Unlikely", "description": "High chance of a false positive.", "value": "UNLIKELY" }, { "name": "Possible", "description": "Some matching signals. The default value.", "value": "POSSIBLE" }, { "name": "Likely", "description": "Low chance of a false positive.", "value": "LIKELY" }, { "name": "VeryLikely", "description": "Confidence level is high. Lowest chance of a false positive.", "value": "VERY_LIKELY" } ] }, "google-native:dlp/v2:GooglePrivacyDlpV2InfoTypeLikelihoodResponse": { "description": "Configuration for setting a minimum likelihood per infotype. Used to customize the minimum likelihood level for specific infotypes in the request. For example, use this if you want to lower the precision for PERSON_NAME without lowering the precision for the other infotypes in the request.", "properties": { "infoType": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoTypeResponse", "description": "Type of information the likelihood threshold applies to. Only one likelihood per info_type should be provided. If InfoTypeLikelihood does not have an info_type, the configuration fails." }, "minLikelihood": { "type": "string", "description": "Only returns findings equal to or above this threshold. This field is required or else the configuration fails." } }, "type": "object", "required": [ "infoType", "minLikelihood" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2InfoTypeLimit": { "description": "Max findings configuration per infoType, per content item or long running DlpJob.", "properties": { "infoType": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoType", "description": "Type of information the findings limit applies to. Only one limit per info_type should be provided. If InfoTypeLimit does not have an info_type, the DLP API applies the limit against all info_types that are found but not specified in another InfoTypeLimit." }, "maxFindings": { "type": "integer", "description": "Max findings limit for the given infoType." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2InfoTypeLimitResponse": { "description": "Max findings configuration per infoType, per content item or long running DlpJob.", "properties": { "infoType": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoTypeResponse", "description": "Type of information the findings limit applies to. Only one limit per info_type should be provided. If InfoTypeLimit does not have an info_type, the DLP API applies the limit against all info_types that are found but not specified in another InfoTypeLimit." }, "maxFindings": { "type": "integer", "description": "Max findings limit for the given infoType." } }, "type": "object", "required": [ "infoType", "maxFindings" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2InfoTypeResponse": { "description": "Type of information detected by the API.", "properties": { "name": { "type": "string", "description": "Name of the information type. Either a name of your choosing when creating a CustomInfoType, or one of the names listed at https://cloud.google.com/dlp/docs/infotypes-reference when specifying a built-in type. When sending Cloud DLP results to Data Catalog, infoType names should conform to the pattern `[A-Za-z0-9$_-]{1,64}`." }, "sensitivityScore": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2SensitivityScoreResponse", "description": "Optional custom sensitivity for this InfoType. This only applies to data profiling." }, "version": { "type": "string", "description": "Optional version name for this InfoType." } }, "type": "object", "required": [ "name", "sensitivityScore", "version" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2InfoTypeStatsResponse": { "description": "Statistics regarding a specific InfoType.", "properties": { "count": { "type": "string", "description": "Number of findings for this infoType." }, "infoType": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoTypeResponse", "description": "The type of finding this stat is for." } }, "type": "object", "required": [ "count", "infoType" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2InfoTypeTransformation": { "description": "A transformation to apply to text that is identified as a specific info_type.", "properties": { "infoTypes": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoType" }, "description": "InfoTypes to apply the transformation to. An empty list will cause this transformation to apply to all findings that correspond to infoTypes that were requested in `InspectConfig`." }, "primitiveTransformation": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2PrimitiveTransformation", "description": "Primitive transformation to apply to the infoType." } }, "type": "object", "required": [ "primitiveTransformation" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2InfoTypeTransformationResponse": { "description": "A transformation to apply to text that is identified as a specific info_type.", "properties": { "infoTypes": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoTypeResponse" }, "description": "InfoTypes to apply the transformation to. An empty list will cause this transformation to apply to all findings that correspond to infoTypes that were requested in `InspectConfig`." }, "primitiveTransformation": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2PrimitiveTransformationResponse", "description": "Primitive transformation to apply to the infoType." } }, "type": "object", "required": [ "infoTypes", "primitiveTransformation" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2InfoTypeTransformations": { "description": "A type of transformation that will scan unstructured text and apply various `PrimitiveTransformation`s to each finding, where the transformation is applied to only values that were identified as a specific info_type.", "properties": { "transformations": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoTypeTransformation" }, "description": "Transformation for each infoType. Cannot specify more than one for a given infoType." } }, "type": "object", "required": [ "transformations" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2InfoTypeTransformationsResponse": { "description": "A type of transformation that will scan unstructured text and apply various `PrimitiveTransformation`s to each finding, where the transformation is applied to only values that were identified as a specific info_type.", "properties": { "transformations": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoTypeTransformationResponse" }, "description": "Transformation for each infoType. Cannot specify more than one for a given infoType." } }, "type": "object", "required": [ "transformations" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2InspectConfig": { "description": "Configuration description of the scanning process. When used with redactContent only info_types and min_likelihood are currently used.", "properties": { "contentOptions": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InspectConfigContentOptionsItem" }, "description": "Deprecated and unused.", "deprecationMessage": "Deprecated and unused." }, "customInfoTypes": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CustomInfoType" }, "description": "CustomInfoTypes provided by the user. See https://cloud.google.com/dlp/docs/creating-custom-infotypes to learn more." }, "excludeInfoTypes": { "type": "boolean", "description": "When true, excludes type information of the findings. This is not used for data profiling." }, "includeQuote": { "type": "boolean", "description": "When true, a contextual quote from the data that triggered a finding is included in the response; see Finding.quote. This is not used for data profiling." }, "infoTypes": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoType" }, "description": "Restricts what info_types to look for. The values must correspond to InfoType values returned by ListInfoTypes or listed at https://cloud.google.com/dlp/docs/infotypes-reference. When no InfoTypes or CustomInfoTypes are specified in a request, the system may automatically choose a default list of detectors to run, which may change over time. If you need precise control and predictability as to what detectors are run you should specify specific InfoTypes listed in the reference, otherwise a default list will be used, which may change over time." }, "limits": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FindingLimits", "description": "Configuration to control the number of findings returned. This is not used for data profiling. When redacting sensitive data from images, finding limits don't apply. They can cause unexpected or inconsistent results, where only some data is redacted. Don't include finding limits in RedactImage requests. Otherwise, Cloud DLP returns an error. When set within an InspectJobConfig, the specified maximum values aren't hard limits. If an inspection job reaches these limits, the job ends gradually, not abruptly. Therefore, the actual number of findings that Cloud DLP returns can be multiple times higher than these maximum values." }, "minLikelihood": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InspectConfigMinLikelihood", "description": "Only returns findings equal to or above this threshold. The default is POSSIBLE. In general, the highest likelihood setting yields the fewest findings in results and the lowest chance of a false positive. For more information, see [Match likelihood](https://cloud.google.com/dlp/docs/likelihood)." }, "minLikelihoodPerInfoType": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoTypeLikelihood" }, "description": "Minimum likelihood per infotype. For each infotype, a user can specify a minimum likelihood. The system only returns a finding if its likelihood is above this threshold. If this field is not set, the system uses the InspectConfig min_likelihood." }, "ruleSet": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InspectionRuleSet" }, "description": "Set of rules to apply to the findings for this InspectConfig. Exclusion rules, contained in the set are executed in the end, other rules are executed in the order they are specified for each info type." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2InspectConfigContentOptionsItem": { "type": "string", "enum": [ { "name": "ContentUnspecified", "description": "Includes entire content of a file or a data stream.", "value": "CONTENT_UNSPECIFIED" }, { "name": "ContentText", "description": "Text content within the data, excluding any metadata.", "value": "CONTENT_TEXT" }, { "name": "ContentImage", "description": "Images found in the data.", "value": "CONTENT_IMAGE" } ] }, "google-native:dlp/v2:GooglePrivacyDlpV2InspectConfigMinLikelihood": { "description": "Only returns findings equal to or above this threshold. The default is POSSIBLE. In general, the highest likelihood setting yields the fewest findings in results and the lowest chance of a false positive. For more information, see [Match likelihood](https://cloud.google.com/dlp/docs/likelihood).", "type": "string", "enum": [ { "name": "LikelihoodUnspecified", "description": "Default value; same as POSSIBLE.", "value": "LIKELIHOOD_UNSPECIFIED" }, { "name": "VeryUnlikely", "description": "Highest chance of a false positive.", "value": "VERY_UNLIKELY" }, { "name": "Unlikely", "description": "High chance of a false positive.", "value": "UNLIKELY" }, { "name": "Possible", "description": "Some matching signals. The default value.", "value": "POSSIBLE" }, { "name": "Likely", "description": "Low chance of a false positive.", "value": "LIKELY" }, { "name": "VeryLikely", "description": "Confidence level is high. Lowest chance of a false positive.", "value": "VERY_LIKELY" } ] }, "google-native:dlp/v2:GooglePrivacyDlpV2InspectConfigResponse": { "description": "Configuration description of the scanning process. When used with redactContent only info_types and min_likelihood are currently used.", "properties": { "contentOptions": { "type": "array", "items": { "type": "string" }, "description": "Deprecated and unused.", "deprecationMessage": "Deprecated and unused." }, "customInfoTypes": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CustomInfoTypeResponse" }, "description": "CustomInfoTypes provided by the user. See https://cloud.google.com/dlp/docs/creating-custom-infotypes to learn more." }, "excludeInfoTypes": { "type": "boolean", "description": "When true, excludes type information of the findings. This is not used for data profiling." }, "includeQuote": { "type": "boolean", "description": "When true, a contextual quote from the data that triggered a finding is included in the response; see Finding.quote. This is not used for data profiling." }, "infoTypes": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoTypeResponse" }, "description": "Restricts what info_types to look for. The values must correspond to InfoType values returned by ListInfoTypes or listed at https://cloud.google.com/dlp/docs/infotypes-reference. When no InfoTypes or CustomInfoTypes are specified in a request, the system may automatically choose a default list of detectors to run, which may change over time. If you need precise control and predictability as to what detectors are run you should specify specific InfoTypes listed in the reference, otherwise a default list will be used, which may change over time." }, "limits": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FindingLimitsResponse", "description": "Configuration to control the number of findings returned. This is not used for data profiling. When redacting sensitive data from images, finding limits don't apply. They can cause unexpected or inconsistent results, where only some data is redacted. Don't include finding limits in RedactImage requests. Otherwise, Cloud DLP returns an error. When set within an InspectJobConfig, the specified maximum values aren't hard limits. If an inspection job reaches these limits, the job ends gradually, not abruptly. Therefore, the actual number of findings that Cloud DLP returns can be multiple times higher than these maximum values." }, "minLikelihood": { "type": "string", "description": "Only returns findings equal to or above this threshold. The default is POSSIBLE. In general, the highest likelihood setting yields the fewest findings in results and the lowest chance of a false positive. For more information, see [Match likelihood](https://cloud.google.com/dlp/docs/likelihood)." }, "minLikelihoodPerInfoType": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoTypeLikelihoodResponse" }, "description": "Minimum likelihood per infotype. For each infotype, a user can specify a minimum likelihood. The system only returns a finding if its likelihood is above this threshold. If this field is not set, the system uses the InspectConfig min_likelihood." }, "ruleSet": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InspectionRuleSetResponse" }, "description": "Set of rules to apply to the findings for this InspectConfig. Exclusion rules, contained in the set are executed in the end, other rules are executed in the order they are specified for each info type." } }, "type": "object", "required": [ "contentOptions", "customInfoTypes", "excludeInfoTypes", "includeQuote", "infoTypes", "limits", "minLikelihood", "minLikelihoodPerInfoType", "ruleSet" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2InspectDataSourceDetailsResponse": { "description": "The results of an inspect DataSource job.", "properties": { "requestedOptions": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2RequestedOptionsResponse", "description": "The configuration used for this job." }, "result": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ResultResponse", "description": "A summary of the outcome of this inspection job." } }, "type": "object", "required": [ "requestedOptions", "result" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2InspectJobConfig": { "description": "Controls what and how to inspect for findings.", "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2Action" }, "description": "Actions to execute at the completion of the job." }, "inspectConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InspectConfig", "description": "How and what to scan for." }, "inspectTemplateName": { "type": "string", "description": "If provided, will be used as the default for all values in InspectConfig. `inspect_config` will be merged into the values persisted as part of the template." }, "storageConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2StorageConfig", "description": "The data to scan." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2InspectJobConfigResponse": { "description": "Controls what and how to inspect for findings.", "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ActionResponse" }, "description": "Actions to execute at the completion of the job." }, "inspectConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InspectConfigResponse", "description": "How and what to scan for." }, "inspectTemplateName": { "type": "string", "description": "If provided, will be used as the default for all values in InspectConfig. `inspect_config` will be merged into the values persisted as part of the template." }, "storageConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2StorageConfigResponse", "description": "The data to scan." } }, "type": "object", "required": [ "actions", "inspectConfig", "inspectTemplateName", "storageConfig" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2InspectTemplateResponse": { "description": "The inspectTemplate contains a configuration (set of types of sensitive data to be detected) to be used anywhere you otherwise would normally specify InspectConfig. See https://cloud.google.com/dlp/docs/concepts-templates to learn more.", "properties": { "createTime": { "type": "string", "description": "The creation timestamp of an inspectTemplate." }, "description": { "type": "string", "description": "Short description (max 256 chars)." }, "displayName": { "type": "string", "description": "Display name (max 256 chars)." }, "inspectConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InspectConfigResponse", "description": "The core content of the template. Configuration of the scanning process." }, "name": { "type": "string", "description": "The template name. The template will have one of the following formats: `projects/PROJECT_ID/inspectTemplates/TEMPLATE_ID` OR `organizations/ORGANIZATION_ID/inspectTemplates/TEMPLATE_ID`;" }, "updateTime": { "type": "string", "description": "The last update timestamp of an inspectTemplate." } }, "type": "object", "required": [ "createTime", "description", "displayName", "inspectConfig", "name", "updateTime" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2InspectionRule": { "description": "A single inspection rule to be applied to infoTypes, specified in `InspectionRuleSet`.", "properties": { "exclusionRule": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ExclusionRule", "description": "Exclusion rule." }, "hotwordRule": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2HotwordRule", "description": "Hotword-based detection rule." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2InspectionRuleResponse": { "description": "A single inspection rule to be applied to infoTypes, specified in `InspectionRuleSet`.", "properties": { "exclusionRule": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ExclusionRuleResponse", "description": "Exclusion rule." }, "hotwordRule": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2HotwordRuleResponse", "description": "Hotword-based detection rule." } }, "type": "object", "required": [ "exclusionRule", "hotwordRule" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2InspectionRuleSet": { "description": "Rule set for modifying a set of infoTypes to alter behavior under certain circumstances, depending on the specific details of the rules within the set.", "properties": { "infoTypes": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoType" }, "description": "List of infoTypes this rule set is applied to." }, "rules": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InspectionRule" }, "description": "Set of rules to be applied to infoTypes. The rules are applied in order." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2InspectionRuleSetResponse": { "description": "Rule set for modifying a set of infoTypes to alter behavior under certain circumstances, depending on the specific details of the rules within the set.", "properties": { "infoTypes": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoTypeResponse" }, "description": "List of infoTypes this rule set is applied to." }, "rules": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InspectionRuleResponse" }, "description": "Set of rules to be applied to infoTypes. The rules are applied in order." } }, "type": "object", "required": [ "infoTypes", "rules" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2JobNotificationEmails": { "description": "Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts).", "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2JobNotificationEmailsResponse": { "description": "Sends an email when the job completes. The email goes to IAM project owners and technical [Essential Contacts](https://cloud.google.com/resource-manager/docs/managing-notification-contacts).", "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2KAnonymityConfig": { "description": "k-anonymity metric, used for analysis of reidentification risk.", "properties": { "entityId": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2EntityId", "description": "Message indicating that multiple rows might be associated to a single individual. If the same entity_id is associated to multiple quasi-identifier tuples over distinct rows, we consider the entire collection of tuples as the composite quasi-identifier. This collection is a multiset: the order in which the different tuples appear in the dataset is ignored, but their frequency is taken into account. Important note: a maximum of 1000 rows can be associated to a single entity ID. If more rows are associated with the same entity ID, some might be ignored." }, "quasiIds": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldId" }, "description": "Set of fields to compute k-anonymity over. When multiple fields are specified, they are considered a single composite key. Structs and repeated data types are not supported; however, nested fields are supported so long as they are not structs themselves or nested within a repeated field." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2KAnonymityConfigResponse": { "description": "k-anonymity metric, used for analysis of reidentification risk.", "properties": { "entityId": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2EntityIdResponse", "description": "Message indicating that multiple rows might be associated to a single individual. If the same entity_id is associated to multiple quasi-identifier tuples over distinct rows, we consider the entire collection of tuples as the composite quasi-identifier. This collection is a multiset: the order in which the different tuples appear in the dataset is ignored, but their frequency is taken into account. Important note: a maximum of 1000 rows can be associated to a single entity ID. If more rows are associated with the same entity ID, some might be ignored." }, "quasiIds": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldIdResponse" }, "description": "Set of fields to compute k-anonymity over. When multiple fields are specified, they are considered a single composite key. Structs and repeated data types are not supported; however, nested fields are supported so long as they are not structs themselves or nested within a repeated field." } }, "type": "object", "required": [ "entityId", "quasiIds" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2KAnonymityEquivalenceClassResponse": { "description": "The set of columns' values that share the same ldiversity value", "properties": { "equivalenceClassSize": { "type": "string", "description": "Size of the equivalence class, for example number of rows with the above set of values." }, "quasiIdsValues": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ValueResponse" }, "description": "Set of values defining the equivalence class. One value per quasi-identifier column in the original KAnonymity metric message. The order is always the same as the original request." } }, "type": "object", "required": [ "equivalenceClassSize", "quasiIdsValues" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2KAnonymityHistogramBucketResponse": { "description": "Histogram of k-anonymity equivalence classes.", "properties": { "bucketSize": { "type": "string", "description": "Total number of equivalence classes in this bucket." }, "bucketValueCount": { "type": "string", "description": "Total number of distinct equivalence classes in this bucket." }, "bucketValues": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2KAnonymityEquivalenceClassResponse" }, "description": "Sample of equivalence classes in this bucket. The total number of classes returned per bucket is capped at 20." }, "equivalenceClassSizeLowerBound": { "type": "string", "description": "Lower bound on the size of the equivalence classes in this bucket." }, "equivalenceClassSizeUpperBound": { "type": "string", "description": "Upper bound on the size of the equivalence classes in this bucket." } }, "type": "object", "required": [ "bucketSize", "bucketValueCount", "bucketValues", "equivalenceClassSizeLowerBound", "equivalenceClassSizeUpperBound" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2KAnonymityResultResponse": { "description": "Result of the k-anonymity computation.", "properties": { "equivalenceClassHistogramBuckets": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2KAnonymityHistogramBucketResponse" }, "description": "Histogram of k-anonymity equivalence classes." } }, "type": "object", "required": [ "equivalenceClassHistogramBuckets" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2KMapEstimationConfig": { "description": "Reidentifiability metric. This corresponds to a risk model similar to what is called \"journalist risk\" in the literature, except the attack dataset is statistically modeled instead of being perfectly known. This can be done using publicly available data (like the US Census), or using a custom statistical model (indicated as one or several BigQuery tables), or by extrapolating from the distribution of values in the input dataset.", "properties": { "auxiliaryTables": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2AuxiliaryTable" }, "description": "Several auxiliary tables can be used in the analysis. Each custom_tag used to tag a quasi-identifiers column must appear in exactly one column of one auxiliary table." }, "quasiIds": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2TaggedField" }, "description": "Fields considered to be quasi-identifiers. No two columns can have the same tag." }, "regionCode": { "type": "string", "description": "ISO 3166-1 alpha-2 region code to use in the statistical modeling. Set if no column is tagged with a region-specific InfoType (like US_ZIP_5) or a region code." } }, "type": "object", "required": [ "quasiIds" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2KMapEstimationConfigResponse": { "description": "Reidentifiability metric. This corresponds to a risk model similar to what is called \"journalist risk\" in the literature, except the attack dataset is statistically modeled instead of being perfectly known. This can be done using publicly available data (like the US Census), or using a custom statistical model (indicated as one or several BigQuery tables), or by extrapolating from the distribution of values in the input dataset.", "properties": { "auxiliaryTables": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2AuxiliaryTableResponse" }, "description": "Several auxiliary tables can be used in the analysis. Each custom_tag used to tag a quasi-identifiers column must appear in exactly one column of one auxiliary table." }, "quasiIds": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2TaggedFieldResponse" }, "description": "Fields considered to be quasi-identifiers. No two columns can have the same tag." }, "regionCode": { "type": "string", "description": "ISO 3166-1 alpha-2 region code to use in the statistical modeling. Set if no column is tagged with a region-specific InfoType (like US_ZIP_5) or a region code." } }, "type": "object", "required": [ "auxiliaryTables", "quasiIds", "regionCode" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2KMapEstimationHistogramBucketResponse": { "description": "A KMapEstimationHistogramBucket message with the following values: min_anonymity: 3 max_anonymity: 5 frequency: 42 means that there are 42 records whose quasi-identifier values correspond to 3, 4 or 5 people in the overlying population. An important particular case is when min_anonymity = max_anonymity = 1: the frequency field then corresponds to the number of uniquely identifiable records.", "properties": { "bucketSize": { "type": "string", "description": "Number of records within these anonymity bounds." }, "bucketValueCount": { "type": "string", "description": "Total number of distinct quasi-identifier tuple values in this bucket." }, "bucketValues": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2KMapEstimationQuasiIdValuesResponse" }, "description": "Sample of quasi-identifier tuple values in this bucket. The total number of classes returned per bucket is capped at 20." }, "maxAnonymity": { "type": "string", "description": "Always greater than or equal to min_anonymity." }, "minAnonymity": { "type": "string", "description": "Always positive." } }, "type": "object", "required": [ "bucketSize", "bucketValueCount", "bucketValues", "maxAnonymity", "minAnonymity" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2KMapEstimationQuasiIdValuesResponse": { "description": "A tuple of values for the quasi-identifier columns.", "properties": { "estimatedAnonymity": { "type": "string", "description": "The estimated anonymity for these quasi-identifier values." }, "quasiIdsValues": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ValueResponse" }, "description": "The quasi-identifier values." } }, "type": "object", "required": [ "estimatedAnonymity", "quasiIdsValues" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2KMapEstimationResultResponse": { "description": "Result of the reidentifiability analysis. Note that these results are an estimation, not exact values.", "properties": { "kMapEstimationHistogram": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2KMapEstimationHistogramBucketResponse" }, "description": "The intervals [min_anonymity, max_anonymity] do not overlap. If a value doesn't correspond to any such interval, the associated frequency is zero. For example, the following records: {min_anonymity: 1, max_anonymity: 1, frequency: 17} {min_anonymity: 2, max_anonymity: 3, frequency: 42} {min_anonymity: 5, max_anonymity: 10, frequency: 99} mean that there are no record with an estimated anonymity of 4, 5, or larger than 10." } }, "type": "object", "required": [ "kMapEstimationHistogram" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2KindExpression": { "description": "A representation of a Datastore kind.", "properties": { "name": { "type": "string", "description": "The name of the kind." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2KindExpressionResponse": { "description": "A representation of a Datastore kind.", "properties": { "name": { "type": "string", "description": "The name of the kind." } }, "type": "object", "required": [ "name" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2KmsWrappedCryptoKey": { "description": "Include to use an existing data crypto key wrapped by KMS. The wrapped key must be a 128-, 192-, or 256-bit key. Authorization requires the following IAM permissions when sending a request to perform a crypto transformation using a KMS-wrapped crypto key: dlp.kms.encrypt For more information, see [Creating a wrapped key] (https://cloud.google.com/dlp/docs/create-wrapped-key). Note: When you use Cloud KMS for cryptographic operations, [charges apply](https://cloud.google.com/kms/pricing).", "properties": { "cryptoKeyName": { "type": "string", "description": "The resource name of the KMS CryptoKey to use for unwrapping." }, "wrappedKey": { "type": "string", "description": "The wrapped data crypto key." } }, "type": "object", "required": [ "cryptoKeyName", "wrappedKey" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2KmsWrappedCryptoKeyResponse": { "description": "Include to use an existing data crypto key wrapped by KMS. The wrapped key must be a 128-, 192-, or 256-bit key. Authorization requires the following IAM permissions when sending a request to perform a crypto transformation using a KMS-wrapped crypto key: dlp.kms.encrypt For more information, see [Creating a wrapped key] (https://cloud.google.com/dlp/docs/create-wrapped-key). Note: When you use Cloud KMS for cryptographic operations, [charges apply](https://cloud.google.com/kms/pricing).", "properties": { "cryptoKeyName": { "type": "string", "description": "The resource name of the KMS CryptoKey to use for unwrapping." }, "wrappedKey": { "type": "string", "description": "The wrapped data crypto key." } }, "type": "object", "required": [ "cryptoKeyName", "wrappedKey" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2LDiversityConfig": { "description": "l-diversity metric, used for analysis of reidentification risk.", "properties": { "quasiIds": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldId" }, "description": "Set of quasi-identifiers indicating how equivalence classes are defined for the l-diversity computation. When multiple fields are specified, they are considered a single composite key." }, "sensitiveAttribute": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldId", "description": "Sensitive field for computing the l-value." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2LDiversityConfigResponse": { "description": "l-diversity metric, used for analysis of reidentification risk.", "properties": { "quasiIds": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldIdResponse" }, "description": "Set of quasi-identifiers indicating how equivalence classes are defined for the l-diversity computation. When multiple fields are specified, they are considered a single composite key." }, "sensitiveAttribute": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldIdResponse", "description": "Sensitive field for computing the l-value." } }, "type": "object", "required": [ "quasiIds", "sensitiveAttribute" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2LDiversityEquivalenceClassResponse": { "description": "The set of columns' values that share the same ldiversity value.", "properties": { "equivalenceClassSize": { "type": "string", "description": "Size of the k-anonymity equivalence class." }, "numDistinctSensitiveValues": { "type": "string", "description": "Number of distinct sensitive values in this equivalence class." }, "quasiIdsValues": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ValueResponse" }, "description": "Quasi-identifier values defining the k-anonymity equivalence class. The order is always the same as the original request." }, "topSensitiveValues": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ValueFrequencyResponse" }, "description": "Estimated frequencies of top sensitive values." } }, "type": "object", "required": [ "equivalenceClassSize", "numDistinctSensitiveValues", "quasiIdsValues", "topSensitiveValues" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2LDiversityHistogramBucketResponse": { "description": "Histogram of l-diversity equivalence class sensitive value frequencies.", "properties": { "bucketSize": { "type": "string", "description": "Total number of equivalence classes in this bucket." }, "bucketValueCount": { "type": "string", "description": "Total number of distinct equivalence classes in this bucket." }, "bucketValues": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2LDiversityEquivalenceClassResponse" }, "description": "Sample of equivalence classes in this bucket. The total number of classes returned per bucket is capped at 20." }, "sensitiveValueFrequencyLowerBound": { "type": "string", "description": "Lower bound on the sensitive value frequencies of the equivalence classes in this bucket." }, "sensitiveValueFrequencyUpperBound": { "type": "string", "description": "Upper bound on the sensitive value frequencies of the equivalence classes in this bucket." } }, "type": "object", "required": [ "bucketSize", "bucketValueCount", "bucketValues", "sensitiveValueFrequencyLowerBound", "sensitiveValueFrequencyUpperBound" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2LDiversityResultResponse": { "description": "Result of the l-diversity computation.", "properties": { "sensitiveValueFrequencyHistogramBuckets": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2LDiversityHistogramBucketResponse" }, "description": "Histogram of l-diversity equivalence class sensitive value frequencies." } }, "type": "object", "required": [ "sensitiveValueFrequencyHistogramBuckets" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2LargeCustomDictionaryConfig": { "description": "Configuration for a custom dictionary created from a data source of any size up to the maximum size defined in the [limits](https://cloud.google.com/dlp/limits) page. The artifacts of dictionary creation are stored in the specified Cloud Storage location. Consider using `CustomInfoType.Dictionary` for smaller dictionaries that satisfy the size requirements.", "properties": { "bigQueryField": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryField", "description": "Field in a BigQuery table where each cell represents a dictionary phrase." }, "cloudStorageFileSet": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CloudStorageFileSet", "description": "Set of files containing newline-delimited lists of dictionary phrases." }, "outputPath": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CloudStoragePath", "description": "Location to store dictionary artifacts in Cloud Storage. These files will only be accessible by project owners and the DLP API. If any of these artifacts are modified, the dictionary is considered invalid and can no longer be used." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2LargeCustomDictionaryConfigResponse": { "description": "Configuration for a custom dictionary created from a data source of any size up to the maximum size defined in the [limits](https://cloud.google.com/dlp/limits) page. The artifacts of dictionary creation are stored in the specified Cloud Storage location. Consider using `CustomInfoType.Dictionary` for smaller dictionaries that satisfy the size requirements.", "properties": { "bigQueryField": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryFieldResponse", "description": "Field in a BigQuery table where each cell represents a dictionary phrase." }, "cloudStorageFileSet": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CloudStorageFileSetResponse", "description": "Set of files containing newline-delimited lists of dictionary phrases." }, "outputPath": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CloudStoragePathResponse", "description": "Location to store dictionary artifacts in Cloud Storage. These files will only be accessible by project owners and the DLP API. If any of these artifacts are modified, the dictionary is considered invalid and can no longer be used." } }, "type": "object", "required": [ "bigQueryField", "cloudStorageFileSet", "outputPath" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2LargeCustomDictionaryStatsResponse": { "description": "Summary statistics of a custom dictionary.", "properties": { "approxNumPhrases": { "type": "string", "description": "Approximate number of distinct phrases in the dictionary." } }, "type": "object", "required": [ "approxNumPhrases" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2LeaveUntransformed": { "description": "Skips the data without modifying it if the requested transformation would cause an error. For example, if a `DateShift` transformation were applied an an IP address, this mode would leave the IP address unchanged in the response.", "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2LeaveUntransformedResponse": { "description": "Skips the data without modifying it if the requested transformation would cause an error. For example, if a `DateShift` transformation were applied an an IP address, this mode would leave the IP address unchanged in the response.", "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2LikelihoodAdjustment": { "description": "Message for specifying an adjustment to the likelihood of a finding as part of a detection rule.", "properties": { "fixedLikelihood": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2LikelihoodAdjustmentFixedLikelihood", "description": "Set the likelihood of a finding to a fixed value." }, "relativeLikelihood": { "type": "integer", "description": "Increase or decrease the likelihood by the specified number of levels. For example, if a finding would be `POSSIBLE` without the detection rule and `relative_likelihood` is 1, then it is upgraded to `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`. Likelihood may never drop below `VERY_UNLIKELY` or exceed `VERY_LIKELY`, so applying an adjustment of 1 followed by an adjustment of -1 when base likelihood is `VERY_LIKELY` will result in a final likelihood of `LIKELY`." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2LikelihoodAdjustmentFixedLikelihood": { "description": "Set the likelihood of a finding to a fixed value.", "type": "string", "enum": [ { "name": "LikelihoodUnspecified", "description": "Default value; same as POSSIBLE.", "value": "LIKELIHOOD_UNSPECIFIED" }, { "name": "VeryUnlikely", "description": "Highest chance of a false positive.", "value": "VERY_UNLIKELY" }, { "name": "Unlikely", "description": "High chance of a false positive.", "value": "UNLIKELY" }, { "name": "Possible", "description": "Some matching signals. The default value.", "value": "POSSIBLE" }, { "name": "Likely", "description": "Low chance of a false positive.", "value": "LIKELY" }, { "name": "VeryLikely", "description": "Confidence level is high. Lowest chance of a false positive.", "value": "VERY_LIKELY" } ] }, "google-native:dlp/v2:GooglePrivacyDlpV2LikelihoodAdjustmentResponse": { "description": "Message for specifying an adjustment to the likelihood of a finding as part of a detection rule.", "properties": { "fixedLikelihood": { "type": "string", "description": "Set the likelihood of a finding to a fixed value." }, "relativeLikelihood": { "type": "integer", "description": "Increase or decrease the likelihood by the specified number of levels. For example, if a finding would be `POSSIBLE` without the detection rule and `relative_likelihood` is 1, then it is upgraded to `LIKELY`, while a value of -1 would downgrade it to `UNLIKELY`. Likelihood may never drop below `VERY_UNLIKELY` or exceed `VERY_LIKELY`, so applying an adjustment of 1 followed by an adjustment of -1 when base likelihood is `VERY_LIKELY` will result in a final likelihood of `LIKELY`." } }, "type": "object", "required": [ "fixedLikelihood", "relativeLikelihood" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2Manual": { "description": "Job trigger option for hybrid jobs. Jobs must be manually created and finished.", "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2ManualResponse": { "description": "Job trigger option for hybrid jobs. Jobs must be manually created and finished.", "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2NumericalStatsConfig": { "description": "Compute numerical stats over an individual column, including min, max, and quantiles.", "properties": { "field": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldId", "description": "Field to compute numerical stats on. Supported types are integer, float, date, datetime, timestamp, time." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2NumericalStatsConfigResponse": { "description": "Compute numerical stats over an individual column, including min, max, and quantiles.", "properties": { "field": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldIdResponse", "description": "Field to compute numerical stats on. Supported types are integer, float, date, datetime, timestamp, time." } }, "type": "object", "required": [ "field" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2NumericalStatsResultResponse": { "description": "Result of the numerical stats computation.", "properties": { "maxValue": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ValueResponse", "description": "Maximum value appearing in the column." }, "minValue": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ValueResponse", "description": "Minimum value appearing in the column." }, "quantileValues": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ValueResponse" }, "description": "List of 99 values that partition the set of field values into 100 equal sized buckets." } }, "type": "object", "required": [ "maxValue", "minValue", "quantileValues" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2OrConditions": { "description": "There is an OR relationship between these attributes. They are used to determine if a table should be scanned or not in Discovery.", "properties": { "minAge": { "type": "string", "description": "Minimum age a table must have before Cloud DLP can profile it. Value must be 1 hour or greater." }, "minRowCount": { "type": "integer", "description": "Minimum number of rows that should be present before Cloud DLP profiles a table" } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2OrConditionsResponse": { "description": "There is an OR relationship between these attributes. They are used to determine if a table should be scanned or not in Discovery.", "properties": { "minAge": { "type": "string", "description": "Minimum age a table must have before Cloud DLP can profile it. Value must be 1 hour or greater." }, "minRowCount": { "type": "integer", "description": "Minimum number of rows that should be present before Cloud DLP profiles a table" } }, "type": "object", "required": [ "minAge", "minRowCount" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2OrgConfig": { "description": "Project and scan location information. Only set when the parent is an org.", "properties": { "location": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DiscoveryStartingLocation", "description": "The data to scan: folder, org, or project" }, "project": { "type": "string", "description": "The project that will run the scan. The DLP service account that exists within this project must have access to all resources that are profiled, and the Cloud DLP API must be enabled." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2OrgConfigResponse": { "description": "Project and scan location information. Only set when the parent is an org.", "properties": { "location": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DiscoveryStartingLocationResponse", "description": "The data to scan: folder, org, or project" }, "project": { "type": "string", "description": "The project that will run the scan. The DLP service account that exists within this project must have access to all resources that are profiled, and the Cloud DLP API must be enabled." } }, "type": "object", "required": [ "location", "project" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2OutputStorageConfig": { "description": "Cloud repository for storing output.", "properties": { "outputSchema": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2OutputStorageConfigOutputSchema", "description": "Schema used for writing the findings for Inspect jobs. This field is only used for Inspect and must be unspecified for Risk jobs. Columns are derived from the `Finding` object. If appending to an existing table, any columns from the predefined schema that are missing will be added. No columns in the existing table will be deleted. If unspecified, then all available columns will be used for a new table or an (existing) table with no schema, and no changes will be made to an existing table that has a schema. Only for use with external storage." }, "table": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryTable", "description": "Store findings in an existing table or a new table in an existing dataset. If table_id is not set a new one will be generated for you with the following format: dlp_googleapis_yyyy_mm_dd_[dlp_job_id]. Pacific time zone will be used for generating the date details. For Inspect, each column in an existing output table must have the same name, type, and mode of a field in the `Finding` object. For Risk, an existing output table should be the output of a previous Risk analysis job run on the same source table, with the same privacy metric and quasi-identifiers. Risk jobs that analyze the same table but compute a different privacy metric, or use different sets of quasi-identifiers, cannot store their results in the same table." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2OutputStorageConfigOutputSchema": { "description": "Schema used for writing the findings for Inspect jobs. This field is only used for Inspect and must be unspecified for Risk jobs. Columns are derived from the `Finding` object. If appending to an existing table, any columns from the predefined schema that are missing will be added. No columns in the existing table will be deleted. If unspecified, then all available columns will be used for a new table or an (existing) table with no schema, and no changes will be made to an existing table that has a schema. Only for use with external storage.", "type": "string", "enum": [ { "name": "OutputSchemaUnspecified", "description": "Unused.", "value": "OUTPUT_SCHEMA_UNSPECIFIED" }, { "name": "BasicColumns", "description": "Basic schema including only `info_type`, `quote`, `certainty`, and `timestamp`.", "value": "BASIC_COLUMNS" }, { "name": "GcsColumns", "description": "Schema tailored to findings from scanning Cloud Storage.", "value": "GCS_COLUMNS" }, { "name": "DatastoreColumns", "description": "Schema tailored to findings from scanning Google Datastore.", "value": "DATASTORE_COLUMNS" }, { "name": "BigQueryColumns", "description": "Schema tailored to findings from scanning Google BigQuery.", "value": "BIG_QUERY_COLUMNS" }, { "name": "AllColumns", "description": "Schema containing all columns.", "value": "ALL_COLUMNS" } ] }, "google-native:dlp/v2:GooglePrivacyDlpV2OutputStorageConfigResponse": { "description": "Cloud repository for storing output.", "properties": { "outputSchema": { "type": "string", "description": "Schema used for writing the findings for Inspect jobs. This field is only used for Inspect and must be unspecified for Risk jobs. Columns are derived from the `Finding` object. If appending to an existing table, any columns from the predefined schema that are missing will be added. No columns in the existing table will be deleted. If unspecified, then all available columns will be used for a new table or an (existing) table with no schema, and no changes will be made to an existing table that has a schema. Only for use with external storage." }, "table": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryTableResponse", "description": "Store findings in an existing table or a new table in an existing dataset. If table_id is not set a new one will be generated for you with the following format: dlp_googleapis_yyyy_mm_dd_[dlp_job_id]. Pacific time zone will be used for generating the date details. For Inspect, each column in an existing output table must have the same name, type, and mode of a field in the `Finding` object. For Risk, an existing output table should be the output of a previous Risk analysis job run on the same source table, with the same privacy metric and quasi-identifiers. Risk jobs that analyze the same table but compute a different privacy metric, or use different sets of quasi-identifiers, cannot store their results in the same table." } }, "type": "object", "required": [ "outputSchema", "table" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2PartitionId": { "description": "Datastore partition ID. A partition ID identifies a grouping of entities. The grouping is always by project and namespace, however the namespace ID may be empty. A partition ID contains several dimensions: project ID and namespace ID.", "properties": { "namespaceId": { "type": "string", "description": "If not empty, the ID of the namespace to which the entities belong." }, "project": { "type": "string", "description": "The ID of the project to which the entities belong." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2PartitionIdResponse": { "description": "Datastore partition ID. A partition ID identifies a grouping of entities. The grouping is always by project and namespace, however the namespace ID may be empty. A partition ID contains several dimensions: project ID and namespace ID.", "properties": { "namespaceId": { "type": "string", "description": "If not empty, the ID of the namespace to which the entities belong." }, "project": { "type": "string", "description": "The ID of the project to which the entities belong." } }, "type": "object", "required": [ "namespaceId", "project" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2PrimitiveTransformation": { "description": "A rule for transforming a value.", "properties": { "bucketingConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BucketingConfig", "description": "Bucketing" }, "characterMaskConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CharacterMaskConfig", "description": "Mask" }, "cryptoDeterministicConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CryptoDeterministicConfig", "description": "Deterministic Crypto" }, "cryptoHashConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CryptoHashConfig", "description": "Crypto" }, "cryptoReplaceFfxFpeConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CryptoReplaceFfxFpeConfig", "description": "Ffx-Fpe" }, "dateShiftConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DateShiftConfig", "description": "Date Shift" }, "fixedSizeBucketingConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FixedSizeBucketingConfig", "description": "Fixed size bucketing" }, "redactConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2RedactConfig", "description": "Redact" }, "replaceConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ReplaceValueConfig", "description": "Replace with a specified value." }, "replaceDictionaryConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ReplaceDictionaryConfig", "description": "Replace with a value randomly drawn (with replacement) from a dictionary." }, "replaceWithInfoTypeConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ReplaceWithInfoTypeConfig", "description": "Replace with infotype" }, "timePartConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2TimePartConfig", "description": "Time extraction" } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2PrimitiveTransformationResponse": { "description": "A rule for transforming a value.", "properties": { "bucketingConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BucketingConfigResponse", "description": "Bucketing" }, "characterMaskConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CharacterMaskConfigResponse", "description": "Mask" }, "cryptoDeterministicConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CryptoDeterministicConfigResponse", "description": "Deterministic Crypto" }, "cryptoHashConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CryptoHashConfigResponse", "description": "Crypto" }, "cryptoReplaceFfxFpeConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CryptoReplaceFfxFpeConfigResponse", "description": "Ffx-Fpe" }, "dateShiftConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DateShiftConfigResponse", "description": "Date Shift" }, "fixedSizeBucketingConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FixedSizeBucketingConfigResponse", "description": "Fixed size bucketing" }, "redactConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2RedactConfigResponse", "description": "Redact" }, "replaceConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ReplaceValueConfigResponse", "description": "Replace with a specified value." }, "replaceDictionaryConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ReplaceDictionaryConfigResponse", "description": "Replace with a value randomly drawn (with replacement) from a dictionary." }, "replaceWithInfoTypeConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ReplaceWithInfoTypeConfigResponse", "description": "Replace with infotype" }, "timePartConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2TimePartConfigResponse", "description": "Time extraction" } }, "type": "object", "required": [ "bucketingConfig", "characterMaskConfig", "cryptoDeterministicConfig", "cryptoHashConfig", "cryptoReplaceFfxFpeConfig", "dateShiftConfig", "fixedSizeBucketingConfig", "redactConfig", "replaceConfig", "replaceDictionaryConfig", "replaceWithInfoTypeConfig", "timePartConfig" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2PrivacyMetric": { "description": "Privacy metric to compute for reidentification risk analysis.", "properties": { "categoricalStatsConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CategoricalStatsConfig", "description": "Categorical stats" }, "deltaPresenceEstimationConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DeltaPresenceEstimationConfig", "description": "delta-presence" }, "kAnonymityConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2KAnonymityConfig", "description": "K-anonymity" }, "kMapEstimationConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2KMapEstimationConfig", "description": "k-map" }, "lDiversityConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2LDiversityConfig", "description": "l-diversity" }, "numericalStatsConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2NumericalStatsConfig", "description": "Numerical stats" } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2PrivacyMetricResponse": { "description": "Privacy metric to compute for reidentification risk analysis.", "properties": { "categoricalStatsConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CategoricalStatsConfigResponse", "description": "Categorical stats" }, "deltaPresenceEstimationConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DeltaPresenceEstimationConfigResponse", "description": "delta-presence" }, "kAnonymityConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2KAnonymityConfigResponse", "description": "K-anonymity" }, "kMapEstimationConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2KMapEstimationConfigResponse", "description": "k-map" }, "lDiversityConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2LDiversityConfigResponse", "description": "l-diversity" }, "numericalStatsConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2NumericalStatsConfigResponse", "description": "Numerical stats" } }, "type": "object", "required": [ "categoricalStatsConfig", "deltaPresenceEstimationConfig", "kAnonymityConfig", "kMapEstimationConfig", "lDiversityConfig", "numericalStatsConfig" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2Proximity": { "description": "Message for specifying a window around a finding to apply a detection rule.", "properties": { "windowAfter": { "type": "integer", "description": "Number of characters after the finding to consider." }, "windowBefore": { "type": "integer", "description": "Number of characters before the finding to consider. For tabular data, if you want to modify the likelihood of an entire column of findngs, set this to 1. For more information, see [Hotword example: Set the match likelihood of a table column] (https://cloud.google.com/dlp/docs/creating-custom-infotypes-likelihood#match-column-values)." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2ProximityResponse": { "description": "Message for specifying a window around a finding to apply a detection rule.", "properties": { "windowAfter": { "type": "integer", "description": "Number of characters after the finding to consider." }, "windowBefore": { "type": "integer", "description": "Number of characters before the finding to consider. For tabular data, if you want to modify the likelihood of an entire column of findngs, set this to 1. For more information, see [Hotword example: Set the match likelihood of a table column] (https://cloud.google.com/dlp/docs/creating-custom-infotypes-likelihood#match-column-values)." } }, "type": "object", "required": [ "windowAfter", "windowBefore" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2PubSubCondition": { "description": "A condition consisting of a value.", "properties": { "minimumRiskScore": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2PubSubConditionMinimumRiskScore", "description": "The minimum data risk score that triggers the condition." }, "minimumSensitivityScore": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2PubSubConditionMinimumSensitivityScore", "description": "The minimum sensitivity level that triggers the condition." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2PubSubConditionMinimumRiskScore": { "description": "The minimum data risk score that triggers the condition.", "type": "string", "enum": [ { "name": "ProfileScoreBucketUnspecified", "description": "Unused.", "value": "PROFILE_SCORE_BUCKET_UNSPECIFIED" }, { "name": "High", "description": "High risk/sensitivity detected.", "value": "HIGH" }, { "name": "MediumOrHigh", "description": "Medium or high risk/sensitivity detected.", "value": "MEDIUM_OR_HIGH" } ] }, "google-native:dlp/v2:GooglePrivacyDlpV2PubSubConditionMinimumSensitivityScore": { "description": "The minimum sensitivity level that triggers the condition.", "type": "string", "enum": [ { "name": "ProfileScoreBucketUnspecified", "description": "Unused.", "value": "PROFILE_SCORE_BUCKET_UNSPECIFIED" }, { "name": "High", "description": "High risk/sensitivity detected.", "value": "HIGH" }, { "name": "MediumOrHigh", "description": "Medium or high risk/sensitivity detected.", "value": "MEDIUM_OR_HIGH" } ] }, "google-native:dlp/v2:GooglePrivacyDlpV2PubSubConditionResponse": { "description": "A condition consisting of a value.", "properties": { "minimumRiskScore": { "type": "string", "description": "The minimum data risk score that triggers the condition." }, "minimumSensitivityScore": { "type": "string", "description": "The minimum sensitivity level that triggers the condition." } }, "type": "object", "required": [ "minimumRiskScore", "minimumSensitivityScore" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2PubSubExpressions": { "description": "An expression, consisting of an operator and conditions.", "properties": { "conditions": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2PubSubCondition" }, "description": "Conditions to apply to the expression." }, "logicalOperator": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2PubSubExpressionsLogicalOperator", "description": "The operator to apply to the collection of conditions." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2PubSubExpressionsLogicalOperator": { "description": "The operator to apply to the collection of conditions.", "type": "string", "enum": [ { "name": "LogicalOperatorUnspecified", "description": "Unused.", "value": "LOGICAL_OPERATOR_UNSPECIFIED" }, { "name": "Or", "description": "Conditional OR.", "value": "OR" }, { "name": "And", "description": "Conditional AND.", "value": "AND" } ] }, "google-native:dlp/v2:GooglePrivacyDlpV2PubSubExpressionsResponse": { "description": "An expression, consisting of an operator and conditions.", "properties": { "conditions": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2PubSubConditionResponse" }, "description": "Conditions to apply to the expression." }, "logicalOperator": { "type": "string", "description": "The operator to apply to the collection of conditions." } }, "type": "object", "required": [ "conditions", "logicalOperator" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2PubSubNotification": { "description": "Send a Pub/Sub message into the given Pub/Sub topic to connect other systems to data profile generation. The message payload data will be the byte serialization of `DataProfilePubSubMessage`.", "properties": { "detailOfMessage": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2PubSubNotificationDetailOfMessage", "description": "How much data to include in the Pub/Sub message. If the user wishes to limit the size of the message, they can use resource_name and fetch the profile fields they wish to. Per table profile (not per column)." }, "event": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2PubSubNotificationEvent", "description": "The type of event that triggers a Pub/Sub. At most one `PubSubNotification` per EventType is permitted." }, "pubsubCondition": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DataProfilePubSubCondition", "description": "Conditions (e.g., data risk or sensitivity level) for triggering a Pub/Sub." }, "topic": { "type": "string", "description": "Cloud Pub/Sub topic to send notifications to. Format is projects/{project}/topics/{topic}." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2PubSubNotificationDetailOfMessage": { "description": "How much data to include in the Pub/Sub message. If the user wishes to limit the size of the message, they can use resource_name and fetch the profile fields they wish to. Per table profile (not per column).", "type": "string", "enum": [ { "name": "DetailLevelUnspecified", "description": "Unused.", "value": "DETAIL_LEVEL_UNSPECIFIED" }, { "name": "TableProfile", "description": "The full table data profile.", "value": "TABLE_PROFILE" }, { "name": "ResourceName", "description": "The resource name of the table.", "value": "RESOURCE_NAME" } ] }, "google-native:dlp/v2:GooglePrivacyDlpV2PubSubNotificationEvent": { "description": "The type of event that triggers a Pub/Sub. At most one `PubSubNotification` per EventType is permitted.", "type": "string", "enum": [ { "name": "EventTypeUnspecified", "description": "Unused.", "value": "EVENT_TYPE_UNSPECIFIED" }, { "name": "NewProfile", "description": "New profile (not a re-profile).", "value": "NEW_PROFILE" }, { "name": "ChangedProfile", "description": "Changed one of the following profile metrics: * Table data risk score * Table sensitivity score * Table resource visibility * Table encryption type * Table predicted infoTypes * Table other infoTypes", "value": "CHANGED_PROFILE" }, { "name": "ScoreIncreased", "description": "Table data risk score or sensitivity score increased.", "value": "SCORE_INCREASED" }, { "name": "ErrorChanged", "description": "A user (non-internal) error occurred.", "value": "ERROR_CHANGED" } ] }, "google-native:dlp/v2:GooglePrivacyDlpV2PubSubNotificationResponse": { "description": "Send a Pub/Sub message into the given Pub/Sub topic to connect other systems to data profile generation. The message payload data will be the byte serialization of `DataProfilePubSubMessage`.", "properties": { "detailOfMessage": { "type": "string", "description": "How much data to include in the Pub/Sub message. If the user wishes to limit the size of the message, they can use resource_name and fetch the profile fields they wish to. Per table profile (not per column)." }, "event": { "type": "string", "description": "The type of event that triggers a Pub/Sub. At most one `PubSubNotification` per EventType is permitted." }, "pubsubCondition": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DataProfilePubSubConditionResponse", "description": "Conditions (e.g., data risk or sensitivity level) for triggering a Pub/Sub." }, "topic": { "type": "string", "description": "Cloud Pub/Sub topic to send notifications to. Format is projects/{project}/topics/{topic}." } }, "type": "object", "required": [ "detailOfMessage", "event", "pubsubCondition", "topic" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2PublishFindingsToCloudDataCatalog": { "description": "Publish findings of a DlpJob to Data Catalog. In Data Catalog, tag templates are applied to the resource that Cloud DLP scanned. Data Catalog tag templates are stored in the same project and region where the BigQuery table exists. For Cloud DLP to create and apply the tag template, the Cloud DLP service agent must have the `roles/datacatalog.tagTemplateOwner` permission on the project. The tag template contains fields summarizing the results of the DlpJob. Any field values previously written by another DlpJob are deleted. InfoType naming patterns are strictly enforced when using this feature. Findings are persisted in Data Catalog storage and are governed by service-specific policies for Data Catalog. For more information, see [Service Specific Terms](https://cloud.google.com/terms/service-terms). Only a single instance of this action can be specified. This action is allowed only if all resources being scanned are BigQuery tables. Compatible with: Inspect", "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2PublishFindingsToCloudDataCatalogResponse": { "description": "Publish findings of a DlpJob to Data Catalog. In Data Catalog, tag templates are applied to the resource that Cloud DLP scanned. Data Catalog tag templates are stored in the same project and region where the BigQuery table exists. For Cloud DLP to create and apply the tag template, the Cloud DLP service agent must have the `roles/datacatalog.tagTemplateOwner` permission on the project. The tag template contains fields summarizing the results of the DlpJob. Any field values previously written by another DlpJob are deleted. InfoType naming patterns are strictly enforced when using this feature. Findings are persisted in Data Catalog storage and are governed by service-specific policies for Data Catalog. For more information, see [Service Specific Terms](https://cloud.google.com/terms/service-terms). Only a single instance of this action can be specified. This action is allowed only if all resources being scanned are BigQuery tables. Compatible with: Inspect", "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2PublishSummaryToCscc": { "description": "Publish the result summary of a DlpJob to [Security Command Center](https://cloud.google.com/security-command-center). This action is available for only projects that belong to an organization. This action publishes the count of finding instances and their infoTypes. The summary of findings are persisted in Security Command Center and are governed by [service-specific policies for Security Command Center](https://cloud.google.com/terms/service-terms). Only a single instance of this action can be specified. Compatible with: Inspect", "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2PublishSummaryToCsccResponse": { "description": "Publish the result summary of a DlpJob to [Security Command Center](https://cloud.google.com/security-command-center). This action is available for only projects that belong to an organization. This action publishes the count of finding instances and their infoTypes. The summary of findings are persisted in Security Command Center and are governed by [service-specific policies for Security Command Center](https://cloud.google.com/terms/service-terms). Only a single instance of this action can be specified. Compatible with: Inspect", "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2PublishToPubSub": { "description": "Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk", "properties": { "topic": { "type": "string", "description": "Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2PublishToPubSubResponse": { "description": "Publish a message into a given Pub/Sub topic when DlpJob has completed. The message contains a single field, `DlpJobName`, which is equal to the finished job's [`DlpJob.name`](https://cloud.google.com/dlp/docs/reference/rest/v2/projects.dlpJobs#DlpJob). Compatible with: Inspect, Risk", "properties": { "topic": { "type": "string", "description": "Cloud Pub/Sub topic to send notifications to. The topic must have given publishing access rights to the DLP API service account executing the long running DlpJob sending the notifications. Format is projects/{project}/topics/{topic}." } }, "type": "object", "required": [ "topic" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2PublishToStackdriver": { "description": "Enable Stackdriver metric dlp.googleapis.com/finding_count. This will publish a metric to stack driver on each infotype requested and how many findings were found for it. CustomDetectors will be bucketed as 'Custom' under the Stackdriver label 'info_type'.", "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2PublishToStackdriverResponse": { "description": "Enable Stackdriver metric dlp.googleapis.com/finding_count. This will publish a metric to stack driver on each infotype requested and how many findings were found for it. CustomDetectors will be bucketed as 'Custom' under the Stackdriver label 'info_type'.", "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2QuasiId": { "description": "A column with a semantic tag attached.", "properties": { "customTag": { "type": "string", "description": "A column can be tagged with a custom tag. In this case, the user must indicate an auxiliary table that contains statistical information on the possible values of this column (below)." }, "field": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldId", "description": "Identifies the column." }, "inferred": { "$ref": "#/types/google-native:dlp%2Fv2:GoogleProtobufEmpty", "description": "If no semantic tag is indicated, we infer the statistical model from the distribution of values in the input data" }, "infoType": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoType", "description": "A column can be tagged with a InfoType to use the relevant public dataset as a statistical model of population, if available. We currently support US ZIP codes, region codes, ages and genders. To programmatically obtain the list of supported InfoTypes, use ListInfoTypes with the supported_by=RISK_ANALYSIS filter." } }, "type": "object", "required": [ "field" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2QuasiIdField": { "description": "A quasi-identifier column has a custom_tag, used to know which column in the data corresponds to which column in the statistical model.", "properties": { "customTag": { "type": "string", "description": "A auxiliary field." }, "field": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldId", "description": "Identifies the column." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2QuasiIdFieldResponse": { "description": "A quasi-identifier column has a custom_tag, used to know which column in the data corresponds to which column in the statistical model.", "properties": { "customTag": { "type": "string", "description": "A auxiliary field." }, "field": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldIdResponse", "description": "Identifies the column." } }, "type": "object", "required": [ "customTag", "field" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2QuasiIdResponse": { "description": "A column with a semantic tag attached.", "properties": { "customTag": { "type": "string", "description": "A column can be tagged with a custom tag. In this case, the user must indicate an auxiliary table that contains statistical information on the possible values of this column (below)." }, "field": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldIdResponse", "description": "Identifies the column." }, "inferred": { "$ref": "#/types/google-native:dlp%2Fv2:GoogleProtobufEmptyResponse", "description": "If no semantic tag is indicated, we infer the statistical model from the distribution of values in the input data" }, "infoType": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoTypeResponse", "description": "A column can be tagged with a InfoType to use the relevant public dataset as a statistical model of population, if available. We currently support US ZIP codes, region codes, ages and genders. To programmatically obtain the list of supported InfoTypes, use ListInfoTypes with the supported_by=RISK_ANALYSIS filter." } }, "type": "object", "required": [ "customTag", "field", "inferred", "infoType" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2QuasiIdentifierField": { "description": "A quasi-identifier column has a custom_tag, used to know which column in the data corresponds to which column in the statistical model.", "properties": { "customTag": { "type": "string", "description": "A column can be tagged with a custom tag. In this case, the user must indicate an auxiliary table that contains statistical information on the possible values of this column (below)." }, "field": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldId", "description": "Identifies the column." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2QuasiIdentifierFieldResponse": { "description": "A quasi-identifier column has a custom_tag, used to know which column in the data corresponds to which column in the statistical model.", "properties": { "customTag": { "type": "string", "description": "A column can be tagged with a custom tag. In this case, the user must indicate an auxiliary table that contains statistical information on the possible values of this column (below)." }, "field": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldIdResponse", "description": "Identifies the column." } }, "type": "object", "required": [ "customTag", "field" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2RecordCondition": { "description": "A condition for determining whether a transformation should be applied to a field.", "properties": { "expressions": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2Expressions", "description": "An expression." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2RecordConditionResponse": { "description": "A condition for determining whether a transformation should be applied to a field.", "properties": { "expressions": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ExpressionsResponse", "description": "An expression." } }, "type": "object", "required": [ "expressions" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2RecordSuppression": { "description": "Configuration to suppress records whose suppression conditions evaluate to true.", "properties": { "condition": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2RecordCondition", "description": "A condition that when it evaluates to true will result in the record being evaluated to be suppressed from the transformed content." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2RecordSuppressionResponse": { "description": "Configuration to suppress records whose suppression conditions evaluate to true.", "properties": { "condition": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2RecordConditionResponse", "description": "A condition that when it evaluates to true will result in the record being evaluated to be suppressed from the transformed content." } }, "type": "object", "required": [ "condition" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2RecordTransformations": { "description": "A type of transformation that is applied over structured data such as a table.", "properties": { "fieldTransformations": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldTransformation" }, "description": "Transform the record by applying various field transformations." }, "recordSuppressions": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2RecordSuppression" }, "description": "Configuration defining which records get suppressed entirely. Records that match any suppression rule are omitted from the output." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2RecordTransformationsResponse": { "description": "A type of transformation that is applied over structured data such as a table.", "properties": { "fieldTransformations": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldTransformationResponse" }, "description": "Transform the record by applying various field transformations." }, "recordSuppressions": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2RecordSuppressionResponse" }, "description": "Configuration defining which records get suppressed entirely. Records that match any suppression rule are omitted from the output." } }, "type": "object", "required": [ "fieldTransformations", "recordSuppressions" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2RedactConfig": { "description": "Redact a given value. For example, if used with an `InfoTypeTransformation` transforming PHONE_NUMBER, and input 'My phone number is 206-555-0123', the output would be 'My phone number is '.", "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2RedactConfigResponse": { "description": "Redact a given value. For example, if used with an `InfoTypeTransformation` transforming PHONE_NUMBER, and input 'My phone number is 206-555-0123', the output would be 'My phone number is '.", "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2Regex": { "description": "Message defining a custom regular expression.", "properties": { "groupIndexes": { "type": "array", "items": { "type": "integer" }, "description": "The index of the submatch to extract as findings. When not specified, the entire match is returned. No more than 3 may be included." }, "pattern": { "type": "string", "description": "Pattern defining the regular expression. Its syntax (https://github.com/google/re2/wiki/Syntax) can be found under the google/re2 repository on GitHub." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2RegexResponse": { "description": "Message defining a custom regular expression.", "properties": { "groupIndexes": { "type": "array", "items": { "type": "integer" }, "description": "The index of the submatch to extract as findings. When not specified, the entire match is returned. No more than 3 may be included." }, "pattern": { "type": "string", "description": "Pattern defining the regular expression. Its syntax (https://github.com/google/re2/wiki/Syntax) can be found under the google/re2 repository on GitHub." } }, "type": "object", "required": [ "groupIndexes", "pattern" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2ReplaceDictionaryConfig": { "description": "Replace each input value with a value randomly selected from the dictionary.", "properties": { "wordList": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2WordList", "description": "A list of words to select from for random replacement. The [limits](https://cloud.google.com/dlp/limits) page contains details about the size limits of dictionaries." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2ReplaceDictionaryConfigResponse": { "description": "Replace each input value with a value randomly selected from the dictionary.", "properties": { "wordList": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2WordListResponse", "description": "A list of words to select from for random replacement. The [limits](https://cloud.google.com/dlp/limits) page contains details about the size limits of dictionaries." } }, "type": "object", "required": [ "wordList" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2ReplaceValueConfig": { "description": "Replace each input value with a given `Value`.", "properties": { "newValue": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2Value", "description": "Value to replace it with." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2ReplaceValueConfigResponse": { "description": "Replace each input value with a given `Value`.", "properties": { "newValue": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ValueResponse", "description": "Value to replace it with." } }, "type": "object", "required": [ "newValue" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2ReplaceWithInfoTypeConfig": { "description": "Replace each matching finding with the name of the info_type.", "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2ReplaceWithInfoTypeConfigResponse": { "description": "Replace each matching finding with the name of the info_type.", "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2RequestedDeidentifyOptionsResponse": { "description": "De-identification options.", "properties": { "snapshotDeidentifyTemplate": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DeidentifyTemplateResponse", "description": "Snapshot of the state of the `DeidentifyTemplate` from the Deidentify action at the time this job was run." }, "snapshotImageRedactTemplate": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DeidentifyTemplateResponse", "description": "Snapshot of the state of the image transformation `DeidentifyTemplate` from the `Deidentify` action at the time this job was run." }, "snapshotStructuredDeidentifyTemplate": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DeidentifyTemplateResponse", "description": "Snapshot of the state of the structured `DeidentifyTemplate` from the `Deidentify` action at the time this job was run." } }, "type": "object", "required": [ "snapshotDeidentifyTemplate", "snapshotImageRedactTemplate", "snapshotStructuredDeidentifyTemplate" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2RequestedOptionsResponse": { "description": "Snapshot of the inspection configuration.", "properties": { "jobConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InspectJobConfigResponse", "description": "Inspect config." }, "snapshotInspectTemplate": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InspectTemplateResponse", "description": "If run with an InspectTemplate, a snapshot of its state at the time of this run." } }, "type": "object", "required": [ "jobConfig", "snapshotInspectTemplate" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2RequestedRiskAnalysisOptionsResponse": { "description": "Risk analysis options.", "properties": { "jobConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2RiskAnalysisJobConfigResponse", "description": "The job config for the risk job." } }, "type": "object", "required": [ "jobConfig" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2ResultResponse": { "description": "All result fields mentioned below are updated while the job is processing.", "properties": { "hybridStats": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2HybridInspectStatisticsResponse", "description": "Statistics related to the processing of hybrid inspect." }, "infoTypeStats": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoTypeStatsResponse" }, "description": "Statistics of how many instances of each info type were found during inspect job." }, "processedBytes": { "type": "string", "description": "Total size in bytes that were processed." }, "totalEstimatedBytes": { "type": "string", "description": "Estimate of the number of bytes to process." } }, "type": "object", "required": [ "hybridStats", "infoTypeStats", "processedBytes", "totalEstimatedBytes" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2RiskAnalysisJobConfig": { "description": "Configuration for a risk analysis job. See https://cloud.google.com/dlp/docs/concepts-risk-analysis to learn more.", "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2Action" }, "description": "Actions to execute at the completion of the job. Are executed in the order provided." }, "privacyMetric": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2PrivacyMetric", "description": "Privacy metric to compute." }, "sourceTable": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryTable", "description": "Input dataset to compute metrics over." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2RiskAnalysisJobConfigResponse": { "description": "Configuration for a risk analysis job. See https://cloud.google.com/dlp/docs/concepts-risk-analysis to learn more.", "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ActionResponse" }, "description": "Actions to execute at the completion of the job. Are executed in the order provided." }, "privacyMetric": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2PrivacyMetricResponse", "description": "Privacy metric to compute." }, "sourceTable": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryTableResponse", "description": "Input dataset to compute metrics over." } }, "type": "object", "required": [ "actions", "privacyMetric", "sourceTable" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2SaveFindings": { "description": "If set, the detailed findings will be persisted to the specified OutputStorageConfig. Only a single instance of this action can be specified. Compatible with: Inspect, Risk", "properties": { "outputConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2OutputStorageConfig", "description": "Location to store findings outside of DLP." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2SaveFindingsResponse": { "description": "If set, the detailed findings will be persisted to the specified OutputStorageConfig. Only a single instance of this action can be specified. Compatible with: Inspect, Risk", "properties": { "outputConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2OutputStorageConfigResponse", "description": "Location to store findings outside of DLP." } }, "type": "object", "required": [ "outputConfig" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2Schedule": { "description": "Schedule for inspect job triggers.", "properties": { "recurrencePeriodDuration": { "type": "string", "description": "With this option a job is started on a regular periodic basis. For example: every day (86400 seconds). A scheduled start time will be skipped if the previous execution has not ended when its scheduled time occurs. This value must be set to a time duration greater than or equal to 1 day and can be no longer than 60 days." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2ScheduleResponse": { "description": "Schedule for inspect job triggers.", "properties": { "recurrencePeriodDuration": { "type": "string", "description": "With this option a job is started on a regular periodic basis. For example: every day (86400 seconds). A scheduled start time will be skipped if the previous execution has not ended when its scheduled time occurs. This value must be set to a time duration greater than or equal to 1 day and can be no longer than 60 days." } }, "type": "object", "required": [ "recurrencePeriodDuration" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2SelectedInfoTypes": { "description": "Apply transformation to the selected info_types.", "properties": { "infoTypes": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoType" }, "description": "InfoTypes to apply the transformation to. Required. Provided InfoType must be unique within the ImageTransformations message." } }, "type": "object", "required": [ "infoTypes" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2SelectedInfoTypesResponse": { "description": "Apply transformation to the selected info_types.", "properties": { "infoTypes": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoTypeResponse" }, "description": "InfoTypes to apply the transformation to. Required. Provided InfoType must be unique within the ImageTransformations message." } }, "type": "object", "required": [ "infoTypes" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2SensitivityScore": { "description": "Score is calculated from of all elements in the data profile. A higher level means the data is more sensitive.", "properties": { "score": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2SensitivityScoreScore", "description": "The sensitivity score applied to the resource." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2SensitivityScoreResponse": { "description": "Score is calculated from of all elements in the data profile. A higher level means the data is more sensitive.", "properties": { "score": { "type": "string", "description": "The sensitivity score applied to the resource." } }, "type": "object", "required": [ "score" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2SensitivityScoreScore": { "description": "The sensitivity score applied to the resource.", "type": "string", "enum": [ { "name": "SensitivityScoreUnspecified", "description": "Unused.", "value": "SENSITIVITY_SCORE_UNSPECIFIED" }, { "name": "SensitivityLow", "description": "No sensitive information detected. The resource isn't publicly accessible.", "value": "SENSITIVITY_LOW" }, { "name": "SensitivityModerate", "description": "Medium risk. Contains personally identifiable information (PII), potentially sensitive data, or fields with free-text data that are at a higher risk of having intermittent sensitive data. Consider limiting access.", "value": "SENSITIVITY_MODERATE" }, { "name": "SensitivityHigh", "description": "High risk. Sensitive personally identifiable information (SPII) can be present. Exfiltration of data can lead to user data loss. Re-identification of users might be possible. Consider limiting usage and or removing SPII.", "value": "SENSITIVITY_HIGH" } ] }, "google-native:dlp/v2:GooglePrivacyDlpV2StatisticalTable": { "description": "An auxiliary table containing statistical information on the relative frequency of different quasi-identifiers values. It has one or several quasi-identifiers columns, and one column that indicates the relative frequency of each quasi-identifier tuple. If a tuple is present in the data but not in the auxiliary table, the corresponding relative frequency is assumed to be zero (and thus, the tuple is highly reidentifiable).", "properties": { "quasiIds": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2QuasiIdentifierField" }, "description": "Quasi-identifier columns." }, "relativeFrequency": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldId", "description": "The relative frequency column must contain a floating-point number between 0 and 1 (inclusive). Null values are assumed to be zero." }, "table": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryTable", "description": "Auxiliary table location." } }, "type": "object", "required": [ "quasiIds", "relativeFrequency", "table" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2StatisticalTableResponse": { "description": "An auxiliary table containing statistical information on the relative frequency of different quasi-identifiers values. It has one or several quasi-identifiers columns, and one column that indicates the relative frequency of each quasi-identifier tuple. If a tuple is present in the data but not in the auxiliary table, the corresponding relative frequency is assumed to be zero (and thus, the tuple is highly reidentifiable).", "properties": { "quasiIds": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2QuasiIdentifierFieldResponse" }, "description": "Quasi-identifier columns." }, "relativeFrequency": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldIdResponse", "description": "The relative frequency column must contain a floating-point number between 0 and 1 (inclusive). Null values are assumed to be zero." }, "table": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryTableResponse", "description": "Auxiliary table location." } }, "type": "object", "required": [ "quasiIds", "relativeFrequency", "table" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2StorageConfig": { "description": "Shared message indicating Cloud storage type.", "properties": { "bigQueryOptions": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryOptions", "description": "BigQuery options." }, "cloudStorageOptions": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CloudStorageOptions", "description": "Cloud Storage options." }, "datastoreOptions": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DatastoreOptions", "description": "Google Cloud Datastore options." }, "hybridOptions": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2HybridOptions", "description": "Hybrid inspection options." }, "timespanConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2TimespanConfig" } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2StorageConfigResponse": { "description": "Shared message indicating Cloud storage type.", "properties": { "bigQueryOptions": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryOptionsResponse", "description": "BigQuery options." }, "cloudStorageOptions": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2CloudStorageOptionsResponse", "description": "Cloud Storage options." }, "datastoreOptions": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DatastoreOptionsResponse", "description": "Google Cloud Datastore options." }, "hybridOptions": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2HybridOptionsResponse", "description": "Hybrid inspection options." }, "timespanConfig": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2TimespanConfigResponse" } }, "type": "object", "required": [ "bigQueryOptions", "cloudStorageOptions", "datastoreOptions", "hybridOptions", "timespanConfig" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2StoredInfoTypeConfig": { "description": "Configuration for stored infoTypes. All fields and subfield are provided by the user. For more information, see https://cloud.google.com/dlp/docs/creating-custom-infotypes.", "properties": { "description": { "type": "string", "description": "Description of the StoredInfoType (max 256 characters)." }, "dictionary": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2Dictionary", "description": "Store dictionary-based CustomInfoType." }, "displayName": { "type": "string", "description": "Display name of the StoredInfoType (max 256 characters)." }, "largeCustomDictionary": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2LargeCustomDictionaryConfig", "description": "StoredInfoType where findings are defined by a dictionary of phrases." }, "regex": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2Regex", "description": "Store regular expression-based StoredInfoType." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2StoredInfoTypeConfigResponse": { "description": "Configuration for stored infoTypes. All fields and subfield are provided by the user. For more information, see https://cloud.google.com/dlp/docs/creating-custom-infotypes.", "properties": { "description": { "type": "string", "description": "Description of the StoredInfoType (max 256 characters)." }, "dictionary": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2DictionaryResponse", "description": "Store dictionary-based CustomInfoType." }, "displayName": { "type": "string", "description": "Display name of the StoredInfoType (max 256 characters)." }, "largeCustomDictionary": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2LargeCustomDictionaryConfigResponse", "description": "StoredInfoType where findings are defined by a dictionary of phrases." }, "regex": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2RegexResponse", "description": "Store regular expression-based StoredInfoType." } }, "type": "object", "required": [ "description", "dictionary", "displayName", "largeCustomDictionary", "regex" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2StoredInfoTypeStatsResponse": { "description": "Statistics for a StoredInfoType.", "properties": { "largeCustomDictionary": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2LargeCustomDictionaryStatsResponse", "description": "StoredInfoType where findings are defined by a dictionary of phrases." } }, "type": "object", "required": [ "largeCustomDictionary" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2StoredInfoTypeVersionResponse": { "description": "Version of a StoredInfoType, including the configuration used to build it, create timestamp, and current state.", "properties": { "config": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2StoredInfoTypeConfigResponse", "description": "StoredInfoType configuration." }, "createTime": { "type": "string", "description": "Create timestamp of the version. Read-only, determined by the system when the version is created." }, "errors": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ErrorResponse" }, "description": "Errors that occurred when creating this storedInfoType version, or anomalies detected in the storedInfoType data that render it unusable. Only the five most recent errors will be displayed, with the most recent error appearing first. For example, some of the data for stored custom dictionaries is put in the user's Cloud Storage bucket, and if this data is modified or deleted by the user or another system, the dictionary becomes invalid. If any errors occur, fix the problem indicated by the error message and use the UpdateStoredInfoType API method to create another version of the storedInfoType to continue using it, reusing the same `config` if it was not the source of the error." }, "state": { "type": "string", "description": "Stored info type version state. Read-only, updated by the system during dictionary creation." }, "stats": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2StoredInfoTypeStatsResponse", "description": "Statistics about this storedInfoType version." } }, "type": "object", "required": [ "config", "createTime", "errors", "state", "stats" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2StoredType": { "description": "A reference to a StoredInfoType to use with scanning.", "properties": { "createTime": { "type": "string", "description": "Timestamp indicating when the version of the `StoredInfoType` used for inspection was created. Output-only field, populated by the system." }, "name": { "type": "string", "description": "Resource name of the requested `StoredInfoType`, for example `organizations/433245324/storedInfoTypes/432452342` or `projects/project-id/storedInfoTypes/432452342`." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2StoredTypeResponse": { "description": "A reference to a StoredInfoType to use with scanning.", "properties": { "createTime": { "type": "string", "description": "Timestamp indicating when the version of the `StoredInfoType` used for inspection was created. Output-only field, populated by the system." }, "name": { "type": "string", "description": "Resource name of the requested `StoredInfoType`, for example `organizations/433245324/storedInfoTypes/432452342` or `projects/project-id/storedInfoTypes/432452342`." } }, "type": "object", "required": [ "createTime", "name" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2SurrogateType": { "description": "Message for detecting output from deidentification transformations such as [`CryptoReplaceFfxFpeConfig`](https://cloud.google.com/dlp/docs/reference/rest/v2/organizations.deidentifyTemplates#cryptoreplaceffxfpeconfig). These types of transformations are those that perform pseudonymization, thereby producing a \"surrogate\" as output. This should be used in conjunction with a field on the transformation such as `surrogate_info_type`. This CustomInfoType does not support the use of `detection_rules`.", "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2SurrogateTypeResponse": { "description": "Message for detecting output from deidentification transformations such as [`CryptoReplaceFfxFpeConfig`](https://cloud.google.com/dlp/docs/reference/rest/v2/organizations.deidentifyTemplates#cryptoreplaceffxfpeconfig). These types of transformations are those that perform pseudonymization, thereby producing a \"surrogate\" as output. This should be used in conjunction with a field on the transformation such as `surrogate_info_type`. This CustomInfoType does not support the use of `detection_rules`.", "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2TableOptions": { "description": "Instructions regarding the table content being inspected.", "properties": { "identifyingFields": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldId" }, "description": "The columns that are the primary keys for table objects included in ContentItem. A copy of this cell's value will stored alongside alongside each finding so that the finding can be traced to the specific row it came from. No more than 3 may be provided." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2TableOptionsResponse": { "description": "Instructions regarding the table content being inspected.", "properties": { "identifyingFields": { "type": "array", "items": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldIdResponse" }, "description": "The columns that are the primary keys for table objects included in ContentItem. A copy of this cell's value will stored alongside alongside each finding so that the finding can be traced to the specific row it came from. No more than 3 may be provided." } }, "type": "object", "required": [ "identifyingFields" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2TaggedField": { "description": "A column with a semantic tag attached.", "properties": { "customTag": { "type": "string", "description": "A column can be tagged with a custom tag. In this case, the user must indicate an auxiliary table that contains statistical information on the possible values of this column (below)." }, "field": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldId", "description": "Identifies the column." }, "inferred": { "$ref": "#/types/google-native:dlp%2Fv2:GoogleProtobufEmpty", "description": "If no semantic tag is indicated, we infer the statistical model from the distribution of values in the input data" }, "infoType": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoType", "description": "A column can be tagged with a InfoType to use the relevant public dataset as a statistical model of population, if available. We currently support US ZIP codes, region codes, ages and genders. To programmatically obtain the list of supported InfoTypes, use ListInfoTypes with the supported_by=RISK_ANALYSIS filter." } }, "type": "object", "required": [ "field" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2TaggedFieldResponse": { "description": "A column with a semantic tag attached.", "properties": { "customTag": { "type": "string", "description": "A column can be tagged with a custom tag. In this case, the user must indicate an auxiliary table that contains statistical information on the possible values of this column (below)." }, "field": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldIdResponse", "description": "Identifies the column." }, "inferred": { "$ref": "#/types/google-native:dlp%2Fv2:GoogleProtobufEmptyResponse", "description": "If no semantic tag is indicated, we infer the statistical model from the distribution of values in the input data" }, "infoType": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2InfoTypeResponse", "description": "A column can be tagged with a InfoType to use the relevant public dataset as a statistical model of population, if available. We currently support US ZIP codes, region codes, ages and genders. To programmatically obtain the list of supported InfoTypes, use ListInfoTypes with the supported_by=RISK_ANALYSIS filter." } }, "type": "object", "required": [ "customTag", "field", "inferred", "infoType" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2ThrowError": { "description": "Throw an error and fail the request when a transformation error occurs.", "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2ThrowErrorResponse": { "description": "Throw an error and fail the request when a transformation error occurs.", "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2TimePartConfig": { "description": "For use with `Date`, `Timestamp`, and `TimeOfDay`, extract or preserve a portion of the value.", "properties": { "partToExtract": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2TimePartConfigPartToExtract", "description": "The part of the time to keep." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2TimePartConfigPartToExtract": { "description": "The part of the time to keep.", "type": "string", "enum": [ { "name": "TimePartUnspecified", "description": "Unused", "value": "TIME_PART_UNSPECIFIED" }, { "name": "Year", "description": "[0-9999]", "value": "YEAR" }, { "name": "Month", "description": "[1-12]", "value": "MONTH" }, { "name": "DayOfMonth", "description": "[1-31]", "value": "DAY_OF_MONTH" }, { "name": "DayOfWeek", "description": "[1-7]", "value": "DAY_OF_WEEK" }, { "name": "WeekOfYear", "description": "[1-53]", "value": "WEEK_OF_YEAR" }, { "name": "HourOfDay", "description": "[0-23]", "value": "HOUR_OF_DAY" } ] }, "google-native:dlp/v2:GooglePrivacyDlpV2TimePartConfigResponse": { "description": "For use with `Date`, `Timestamp`, and `TimeOfDay`, extract or preserve a portion of the value.", "properties": { "partToExtract": { "type": "string", "description": "The part of the time to keep." } }, "type": "object", "required": [ "partToExtract" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2TimespanConfig": { "description": "Configuration of the timespan of the items to include in scanning. Currently only supported when inspecting Cloud Storage and BigQuery.", "properties": { "enableAutoPopulationOfTimespanConfig": { "type": "boolean", "description": "When the job is started by a JobTrigger we will automatically figure out a valid start_time to avoid scanning files that have not been modified since the last time the JobTrigger executed. This will be based on the time of the execution of the last run of the JobTrigger or the timespan end_time used in the last run of the JobTrigger." }, "endTime": { "type": "string", "description": "Exclude files, tables, or rows newer than this value. If not set, no upper time limit is applied." }, "startTime": { "type": "string", "description": "Exclude files, tables, or rows older than this value. If not set, no lower time limit is applied." }, "timestampField": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldId", "description": "Specification of the field containing the timestamp of scanned items. Used for data sources like Datastore and BigQuery. *For BigQuery* If this value is not specified and the table was modified between the given start and end times, the entire table will be scanned. If this value is specified, then rows are filtered based on the given start and end times. Rows with a `NULL` value in the provided BigQuery column are skipped. Valid data types of the provided BigQuery column are: `INTEGER`, `DATE`, `TIMESTAMP`, and `DATETIME`. If your BigQuery table is [partitioned at ingestion time](https://cloud.google.com/bigquery/docs/partitioned-tables#ingestion_time), you can use any of the following pseudo-columns as your timestamp field. When used with Cloud DLP, these pseudo-column names are case sensitive. - _PARTITIONTIME - _PARTITIONDATE - _PARTITION_LOAD_TIME *For Datastore* If this value is specified, then entities are filtered based on the given start and end times. If an entity does not contain the provided timestamp property or contains empty or invalid values, then it is included. Valid data types of the provided timestamp property are: `TIMESTAMP`. See the [known issue](https://cloud.google.com/dlp/docs/known-issues#bq-timespan) related to this operation." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2TimespanConfigResponse": { "description": "Configuration of the timespan of the items to include in scanning. Currently only supported when inspecting Cloud Storage and BigQuery.", "properties": { "enableAutoPopulationOfTimespanConfig": { "type": "boolean", "description": "When the job is started by a JobTrigger we will automatically figure out a valid start_time to avoid scanning files that have not been modified since the last time the JobTrigger executed. This will be based on the time of the execution of the last run of the JobTrigger or the timespan end_time used in the last run of the JobTrigger." }, "endTime": { "type": "string", "description": "Exclude files, tables, or rows newer than this value. If not set, no upper time limit is applied." }, "startTime": { "type": "string", "description": "Exclude files, tables, or rows older than this value. If not set, no lower time limit is applied." }, "timestampField": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2FieldIdResponse", "description": "Specification of the field containing the timestamp of scanned items. Used for data sources like Datastore and BigQuery. *For BigQuery* If this value is not specified and the table was modified between the given start and end times, the entire table will be scanned. If this value is specified, then rows are filtered based on the given start and end times. Rows with a `NULL` value in the provided BigQuery column are skipped. Valid data types of the provided BigQuery column are: `INTEGER`, `DATE`, `TIMESTAMP`, and `DATETIME`. If your BigQuery table is [partitioned at ingestion time](https://cloud.google.com/bigquery/docs/partitioned-tables#ingestion_time), you can use any of the following pseudo-columns as your timestamp field. When used with Cloud DLP, these pseudo-column names are case sensitive. - _PARTITIONTIME - _PARTITIONDATE - _PARTITION_LOAD_TIME *For Datastore* If this value is specified, then entities are filtered based on the given start and end times. If an entity does not contain the provided timestamp property or contains empty or invalid values, then it is included. Valid data types of the provided timestamp property are: `TIMESTAMP`. See the [known issue](https://cloud.google.com/dlp/docs/known-issues#bq-timespan) related to this operation." } }, "type": "object", "required": [ "enableAutoPopulationOfTimespanConfig", "endTime", "startTime", "timestampField" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2TransformationConfig": { "description": "User specified templates and configs for how to deidentify structured, unstructures, and image files. User must provide either a unstructured deidentify template or at least one redact image config.", "properties": { "deidentifyTemplate": { "type": "string", "description": "De-identify template. If this template is specified, it will serve as the default de-identify template. This template cannot contain `record_transformations` since it can be used for unstructured content such as free-form text files. If this template is not set, a default `ReplaceWithInfoTypeConfig` will be used to de-identify unstructured content." }, "imageRedactTemplate": { "type": "string", "description": "Image redact template. If this template is specified, it will serve as the de-identify template for images. If this template is not set, all findings in the image will be redacted with a black box." }, "structuredDeidentifyTemplate": { "type": "string", "description": "Structured de-identify template. If this template is specified, it will serve as the de-identify template for structured content such as delimited files and tables. If this template is not set but the `deidentify_template` is set, then `deidentify_template` will also apply to the structured content. If neither template is set, a default `ReplaceWithInfoTypeConfig` will be used to de-identify structured content." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2TransformationConfigResponse": { "description": "User specified templates and configs for how to deidentify structured, unstructures, and image files. User must provide either a unstructured deidentify template or at least one redact image config.", "properties": { "deidentifyTemplate": { "type": "string", "description": "De-identify template. If this template is specified, it will serve as the default de-identify template. This template cannot contain `record_transformations` since it can be used for unstructured content such as free-form text files. If this template is not set, a default `ReplaceWithInfoTypeConfig` will be used to de-identify unstructured content." }, "imageRedactTemplate": { "type": "string", "description": "Image redact template. If this template is specified, it will serve as the de-identify template for images. If this template is not set, all findings in the image will be redacted with a black box." }, "structuredDeidentifyTemplate": { "type": "string", "description": "Structured de-identify template. If this template is specified, it will serve as the de-identify template for structured content such as delimited files and tables. If this template is not set but the `deidentify_template` is set, then `deidentify_template` will also apply to the structured content. If neither template is set, a default `ReplaceWithInfoTypeConfig` will be used to de-identify structured content." } }, "type": "object", "required": [ "deidentifyTemplate", "imageRedactTemplate", "structuredDeidentifyTemplate" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2TransformationDetailsStorageConfig": { "description": "Config for storing transformation details.", "properties": { "table": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryTable", "description": "The BigQuery table in which to store the output. This may be an existing table or in a new table in an existing dataset. If table_id is not set a new one will be generated for you with the following format: dlp_googleapis_transformation_details_yyyy_mm_dd_[dlp_job_id]. Pacific time zone will be used for generating the date details." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2TransformationDetailsStorageConfigResponse": { "description": "Config for storing transformation details.", "properties": { "table": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2BigQueryTableResponse", "description": "The BigQuery table in which to store the output. This may be an existing table or in a new table in an existing dataset. If table_id is not set a new one will be generated for you with the following format: dlp_googleapis_transformation_details_yyyy_mm_dd_[dlp_job_id]. Pacific time zone will be used for generating the date details." } }, "type": "object", "required": [ "table" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2TransformationErrorHandling": { "description": "How to handle transformation errors during de-identification. A transformation error occurs when the requested transformation is incompatible with the data. For example, trying to de-identify an IP address using a `DateShift` transformation would result in a transformation error, since date info cannot be extracted from an IP address. Information about any incompatible transformations, and how they were handled, is returned in the response as part of the `TransformationOverviews`.", "properties": { "leaveUntransformed": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2LeaveUntransformed", "description": "Ignore errors" }, "throwError": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ThrowError", "description": "Throw an error" } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2TransformationErrorHandlingResponse": { "description": "How to handle transformation errors during de-identification. A transformation error occurs when the requested transformation is incompatible with the data. For example, trying to de-identify an IP address using a `DateShift` transformation would result in a transformation error, since date info cannot be extracted from an IP address. Information about any incompatible transformations, and how they were handled, is returned in the response as part of the `TransformationOverviews`.", "properties": { "leaveUntransformed": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2LeaveUntransformedResponse", "description": "Ignore errors" }, "throwError": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ThrowErrorResponse", "description": "Throw an error" } }, "type": "object", "required": [ "leaveUntransformed", "throwError" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2TransientCryptoKey": { "description": "Use this to have a random data crypto key generated. It will be discarded after the request finishes.", "properties": { "name": { "type": "string", "description": "Name of the key. This is an arbitrary string used to differentiate different keys. A unique key is generated per name: two separate `TransientCryptoKey` protos share the same generated key if their names are the same. When the data crypto key is generated, this name is not used in any way (repeating the api call will result in a different key being generated)." } }, "type": "object", "required": [ "name" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2TransientCryptoKeyResponse": { "description": "Use this to have a random data crypto key generated. It will be discarded after the request finishes.", "properties": { "name": { "type": "string", "description": "Name of the key. This is an arbitrary string used to differentiate different keys. A unique key is generated per name: two separate `TransientCryptoKey` protos share the same generated key if their names are the same. When the data crypto key is generated, this name is not used in any way (repeating the api call will result in a different key being generated)." } }, "type": "object", "required": [ "name" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2Trigger": { "description": "What event needs to occur for a new job to be started.", "properties": { "manual": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2Manual", "description": "For use with hybrid jobs. Jobs must be manually created and finished." }, "schedule": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2Schedule", "description": "Create a job on a repeating basis based on the elapse of time." } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2TriggerResponse": { "description": "What event needs to occur for a new job to be started.", "properties": { "manual": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ManualResponse", "description": "For use with hybrid jobs. Jobs must be manually created and finished." }, "schedule": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ScheduleResponse", "description": "Create a job on a repeating basis based on the elapse of time." } }, "type": "object", "required": [ "manual", "schedule" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2UnwrappedCryptoKey": { "description": "Using raw keys is prone to security risks due to accidentally leaking the key. Choose another type of key if possible.", "properties": { "key": { "type": "string", "description": "A 128/192/256 bit key." } }, "type": "object", "required": [ "key" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2UnwrappedCryptoKeyResponse": { "description": "Using raw keys is prone to security risks due to accidentally leaking the key. Choose another type of key if possible.", "properties": { "key": { "type": "string", "description": "A 128/192/256 bit key." } }, "type": "object", "required": [ "key" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2Value": { "description": "Set of primitive values supported by the system. Note that for the purposes of inspection or transformation, the number of bytes considered to comprise a 'Value' is based on its representation as a UTF-8 encoded string. For example, if 'integer_value' is set to 123456789, the number of bytes would be counted as 9, even though an int64 only holds up to 8 bytes of data.", "properties": { "booleanValue": { "type": "boolean", "description": "boolean" }, "dateValue": { "$ref": "#/types/google-native:dlp%2Fv2:GoogleTypeDate", "description": "date" }, "dayOfWeekValue": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ValueDayOfWeekValue", "description": "day of week" }, "floatValue": { "type": "number", "description": "float" }, "integerValue": { "type": "string", "description": "integer" }, "stringValue": { "type": "string", "description": "string" }, "timeValue": { "$ref": "#/types/google-native:dlp%2Fv2:GoogleTypeTimeOfDay", "description": "time of day" }, "timestampValue": { "type": "string", "description": "timestamp" } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2ValueDayOfWeekValue": { "description": "day of week", "type": "string", "enum": [ { "name": "DayOfWeekUnspecified", "description": "The day of the week is unspecified.", "value": "DAY_OF_WEEK_UNSPECIFIED" }, { "name": "Monday", "description": "Monday", "value": "MONDAY" }, { "name": "Tuesday", "description": "Tuesday", "value": "TUESDAY" }, { "name": "Wednesday", "description": "Wednesday", "value": "WEDNESDAY" }, { "name": "Thursday", "description": "Thursday", "value": "THURSDAY" }, { "name": "Friday", "description": "Friday", "value": "FRIDAY" }, { "name": "Saturday", "description": "Saturday", "value": "SATURDAY" }, { "name": "Sunday", "description": "Sunday", "value": "SUNDAY" } ] }, "google-native:dlp/v2:GooglePrivacyDlpV2ValueFrequencyResponse": { "description": "A value of a field, including its frequency.", "properties": { "count": { "type": "string", "description": "How many times the value is contained in the field." }, "value": { "$ref": "#/types/google-native:dlp%2Fv2:GooglePrivacyDlpV2ValueResponse", "description": "A value contained in the field in question." } }, "type": "object", "required": [ "count", "value" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2ValueResponse": { "description": "Set of primitive values supported by the system. Note that for the purposes of inspection or transformation, the number of bytes considered to comprise a 'Value' is based on its representation as a UTF-8 encoded string. For example, if 'integer_value' is set to 123456789, the number of bytes would be counted as 9, even though an int64 only holds up to 8 bytes of data.", "properties": { "booleanValue": { "type": "boolean", "description": "boolean" }, "dateValue": { "$ref": "#/types/google-native:dlp%2Fv2:GoogleTypeDateResponse", "description": "date" }, "dayOfWeekValue": { "type": "string", "description": "day of week" }, "floatValue": { "type": "number", "description": "float" }, "integerValue": { "type": "string", "description": "integer" }, "stringValue": { "type": "string", "description": "string" }, "timeValue": { "$ref": "#/types/google-native:dlp%2Fv2:GoogleTypeTimeOfDayResponse", "description": "time of day" }, "timestampValue": { "type": "string", "description": "timestamp" } }, "type": "object", "required": [ "booleanValue", "dateValue", "dayOfWeekValue", "floatValue", "integerValue", "stringValue", "timeValue", "timestampValue" ] }, "google-native:dlp/v2:GooglePrivacyDlpV2WordList": { "description": "Message defining a list of words or phrases to search for in the data.", "properties": { "words": { "type": "array", "items": { "type": "string" }, "description": "Words or phrases defining the dictionary. The dictionary must contain at least one phrase and every phrase must contain at least 2 characters that are letters or digits. [required]" } }, "type": "object" }, "google-native:dlp/v2:GooglePrivacyDlpV2WordListResponse": { "description": "Message defining a list of words or phrases to search for in the data.", "properties": { "words": { "type": "array", "items": { "type": "string" }, "description": "Words or phrases defining the dictionary. The dictionary must contain at least one phrase and every phrase must contain at least 2 characters that are letters or digits. [required]" } }, "type": "object", "required": [ "words" ] }, "google-native:dlp/v2:GoogleProtobufEmpty": { "description": "A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }", "type": "object" }, "google-native:dlp/v2:GoogleProtobufEmptyResponse": { "description": "A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }", "type": "object" }, "google-native:dlp/v2:GoogleRpcStatusResponse": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object", "required": [ "code", "details", "message" ] }, "google-native:dlp/v2:GoogleTypeDate": { "description": "Represents a whole or partial calendar date, such as a birthday. The time of day and time zone are either specified elsewhere or are insignificant. The date is relative to the Gregorian Calendar. This can represent one of the following: * A full date, with non-zero year, month, and day values. * A month and day, with a zero year (for example, an anniversary). * A year on its own, with a zero month and a zero day. * A year and month, with a zero day (for example, a credit card expiration date). Related types: * google.type.TimeOfDay * google.type.DateTime * google.protobuf.Timestamp", "properties": { "day": { "type": "integer", "description": "Day of a month. Must be from 1 to 31 and valid for the year and month, or 0 to specify a year by itself or a year and month where the day isn't significant." }, "month": { "type": "integer", "description": "Month of a year. Must be from 1 to 12, or 0 to specify a year without a month and day." }, "year": { "type": "integer", "description": "Year of the date. Must be from 1 to 9999, or 0 to specify a date without a year." } }, "type": "object" }, "google-native:dlp/v2:GoogleTypeDateResponse": { "description": "Represents a whole or partial calendar date, such as a birthday. The time of day and time zone are either specified elsewhere or are insignificant. The date is relative to the Gregorian Calendar. This can represent one of the following: * A full date, with non-zero year, month, and day values. * A month and day, with a zero year (for example, an anniversary). * A year on its own, with a zero month and a zero day. * A year and month, with a zero day (for example, a credit card expiration date). Related types: * google.type.TimeOfDay * google.type.DateTime * google.protobuf.Timestamp", "properties": { "day": { "type": "integer", "description": "Day of a month. Must be from 1 to 31 and valid for the year and month, or 0 to specify a year by itself or a year and month where the day isn't significant." }, "month": { "type": "integer", "description": "Month of a year. Must be from 1 to 12, or 0 to specify a year without a month and day." }, "year": { "type": "integer", "description": "Year of the date. Must be from 1 to 9999, or 0 to specify a date without a year." } }, "type": "object", "required": [ "day", "month", "year" ] }, "google-native:dlp/v2:GoogleTypeTimeOfDay": { "description": "Represents a time of day. The date and time zone are either not significant or are specified elsewhere. An API may choose to allow leap seconds. Related types are google.type.Date and `google.protobuf.Timestamp`.", "properties": { "hours": { "type": "integer", "description": "Hours of day in 24 hour format. Should be from 0 to 23. An API may choose to allow the value \"24:00:00\" for scenarios like business closing time." }, "minutes": { "type": "integer", "description": "Minutes of hour of day. Must be from 0 to 59." }, "nanos": { "type": "integer", "description": "Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999." }, "seconds": { "type": "integer", "description": "Seconds of minutes of the time. Must normally be from 0 to 59. An API may allow the value 60 if it allows leap-seconds." } }, "type": "object" }, "google-native:dlp/v2:GoogleTypeTimeOfDayResponse": { "description": "Represents a time of day. The date and time zone are either not significant or are specified elsewhere. An API may choose to allow leap seconds. Related types are google.type.Date and `google.protobuf.Timestamp`.", "properties": { "hours": { "type": "integer", "description": "Hours of day in 24 hour format. Should be from 0 to 23. An API may choose to allow the value \"24:00:00\" for scenarios like business closing time." }, "minutes": { "type": "integer", "description": "Minutes of hour of day. Must be from 0 to 59." }, "nanos": { "type": "integer", "description": "Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999." }, "seconds": { "type": "integer", "description": "Seconds of minutes of the time. Must normally be from 0 to 59. An API may allow the value 60 if it allows leap-seconds." } }, "type": "object", "required": [ "hours", "minutes", "nanos", "seconds" ] }, "google-native:dlp/v2:JobTriggerStatus": { "description": "Required. A status for this trigger.", "type": "string", "enum": [ { "name": "StatusUnspecified", "description": "Unused.", "value": "STATUS_UNSPECIFIED" }, { "name": "Healthy", "description": "Trigger is healthy.", "value": "HEALTHY" }, { "name": "Paused", "description": "Trigger is temporarily paused.", "value": "PAUSED" }, { "name": "Cancelled", "description": "Trigger is cancelled and can not be resumed.", "value": "CANCELLED" } ] }, "google-native:dlp/v2:OrganizationDiscoveryConfigStatus": { "description": "Required. A status for this configuration.", "type": "string", "enum": [ { "name": "StatusUnspecified", "description": "Unused", "value": "STATUS_UNSPECIFIED" }, { "name": "Running", "description": "The discovery config is currently active.", "value": "RUNNING" }, { "name": "Paused", "description": "The discovery config is paused temporarily.", "value": "PAUSED" } ] }, "google-native:dlp/v2:OrganizationJobTriggerStatus": { "description": "Required. A status for this trigger.", "type": "string", "enum": [ { "name": "StatusUnspecified", "description": "Unused.", "value": "STATUS_UNSPECIFIED" }, { "name": "Healthy", "description": "Trigger is healthy.", "value": "HEALTHY" }, { "name": "Paused", "description": "Trigger is temporarily paused.", "value": "PAUSED" }, { "name": "Cancelled", "description": "Trigger is cancelled and can not be resumed.", "value": "CANCELLED" } ] }, "google-native:dns/v1:DnsKeySpec": { "description": "Parameters for DnsKey key generation. Used for generating initial keys for a new ManagedZone and as default when adding a new DnsKey.", "properties": { "algorithm": { "$ref": "#/types/google-native:dns%2Fv1:DnsKeySpecAlgorithm", "description": "String mnemonic specifying the DNSSEC algorithm of this key." }, "keyLength": { "type": "integer", "description": "Length of the keys in bits." }, "keyType": { "$ref": "#/types/google-native:dns%2Fv1:DnsKeySpecKeyType", "description": "Specifies whether this is a key signing key (KSK) or a zone signing key (ZSK). Key signing keys have the Secure Entry Point flag set and, when active, are only used to sign resource record sets of type DNSKEY. Zone signing keys do not have the Secure Entry Point flag set and are used to sign all other types of resource record sets." }, "kind": { "type": "string" } }, "type": "object" }, "google-native:dns/v1:DnsKeySpecAlgorithm": { "description": "String mnemonic specifying the DNSSEC algorithm of this key.", "type": "string", "enum": [ { "name": "Rsasha1", "value": "rsasha1" }, { "name": "Rsasha256", "value": "rsasha256" }, { "name": "Rsasha512", "value": "rsasha512" }, { "name": "Ecdsap256sha256", "value": "ecdsap256sha256" }, { "name": "Ecdsap384sha384", "value": "ecdsap384sha384" } ] }, "google-native:dns/v1:DnsKeySpecKeyType": { "description": "Specifies whether this is a key signing key (KSK) or a zone signing key (ZSK). Key signing keys have the Secure Entry Point flag set and, when active, are only used to sign resource record sets of type DNSKEY. Zone signing keys do not have the Secure Entry Point flag set and are used to sign all other types of resource record sets.", "type": "string", "enum": [ { "name": "KeySigning", "value": "keySigning" }, { "name": "ZoneSigning", "value": "zoneSigning" } ] }, "google-native:dns/v1:DnsKeySpecResponse": { "description": "Parameters for DnsKey key generation. Used for generating initial keys for a new ManagedZone and as default when adding a new DnsKey.", "properties": { "algorithm": { "type": "string", "description": "String mnemonic specifying the DNSSEC algorithm of this key." }, "keyLength": { "type": "integer", "description": "Length of the keys in bits." }, "keyType": { "type": "string", "description": "Specifies whether this is a key signing key (KSK) or a zone signing key (ZSK). Key signing keys have the Secure Entry Point flag set and, when active, are only used to sign resource record sets of type DNSKEY. Zone signing keys do not have the Secure Entry Point flag set and are used to sign all other types of resource record sets." }, "kind": { "type": "string" } }, "type": "object", "required": [ "algorithm", "keyLength", "keyType", "kind" ] }, "google-native:dns/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:dns/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:dns/v1:GoogleIamV1AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1:GoogleIamV1AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:dns/v1:GoogleIamV1AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1:GoogleIamV1AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:dns/v1:GoogleIamV1AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:dns%2Fv1:GoogleIamV1AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:dns/v1:GoogleIamV1AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:dns/v1:GoogleIamV1AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:dns/v1:GoogleIamV1Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:dns%2Fv1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:dns/v1:GoogleIamV1BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:dns%2Fv1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:dns/v1:ManagedZoneCloudLoggingConfig": { "description": "Cloud Logging configurations for publicly visible zones.", "properties": { "enableLogging": { "type": "boolean", "description": "If set, enable query logging for this ManagedZone. False by default, making logging opt-in." }, "kind": { "type": "string" } }, "type": "object" }, "google-native:dns/v1:ManagedZoneCloudLoggingConfigResponse": { "description": "Cloud Logging configurations for publicly visible zones.", "properties": { "enableLogging": { "type": "boolean", "description": "If set, enable query logging for this ManagedZone. False by default, making logging opt-in." }, "kind": { "type": "string" } }, "type": "object", "required": [ "enableLogging", "kind" ] }, "google-native:dns/v1:ManagedZoneDnsSecConfig": { "properties": { "defaultKeySpecs": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1:DnsKeySpec" }, "description": "Specifies parameters for generating initial DnsKeys for this ManagedZone. Can only be changed while the state is OFF." }, "kind": { "type": "string" }, "nonExistence": { "$ref": "#/types/google-native:dns%2Fv1:ManagedZoneDnsSecConfigNonExistence", "description": "Specifies the mechanism for authenticated denial-of-existence responses. Can only be changed while the state is OFF." }, "state": { "$ref": "#/types/google-native:dns%2Fv1:ManagedZoneDnsSecConfigState", "description": "Specifies whether DNSSEC is enabled, and what mode it is in." } }, "type": "object" }, "google-native:dns/v1:ManagedZoneDnsSecConfigNonExistence": { "description": "Specifies the mechanism for authenticated denial-of-existence responses. Can only be changed while the state is OFF.", "type": "string", "enum": [ { "name": "Nsec", "value": "nsec" }, { "name": "Nsec3", "value": "nsec3" } ] }, "google-native:dns/v1:ManagedZoneDnsSecConfigResponse": { "properties": { "defaultKeySpecs": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1:DnsKeySpecResponse" }, "description": "Specifies parameters for generating initial DnsKeys for this ManagedZone. Can only be changed while the state is OFF." }, "kind": { "type": "string" }, "nonExistence": { "type": "string", "description": "Specifies the mechanism for authenticated denial-of-existence responses. Can only be changed while the state is OFF." }, "state": { "type": "string", "description": "Specifies whether DNSSEC is enabled, and what mode it is in." } }, "type": "object", "required": [ "defaultKeySpecs", "kind", "nonExistence", "state" ] }, "google-native:dns/v1:ManagedZoneDnsSecConfigState": { "description": "Specifies whether DNSSEC is enabled, and what mode it is in.", "type": "string", "enum": [ { "name": "Off", "description": "DNSSEC is disabled; the zone is not signed.", "value": "off" }, { "name": "On", "description": "DNSSEC is enabled; the zone is signed and fully managed.", "value": "on" }, { "name": "Transfer", "description": "DNSSEC is enabled, but in a \"transfer\" mode.", "value": "transfer" } ] }, "google-native:dns/v1:ManagedZoneForwardingConfig": { "properties": { "kind": { "type": "string" }, "targetNameServers": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1:ManagedZoneForwardingConfigNameServerTarget" }, "description": "List of target name servers to forward to. Cloud DNS selects the best available name server if more than one target is given." } }, "type": "object" }, "google-native:dns/v1:ManagedZoneForwardingConfigNameServerTarget": { "properties": { "forwardingPath": { "$ref": "#/types/google-native:dns%2Fv1:ManagedZoneForwardingConfigNameServerTargetForwardingPath", "description": "Forwarding path for this NameServerTarget. If unset or set to DEFAULT, Cloud DNS makes forwarding decisions based on IP address ranges; that is, RFC1918 addresses go to the VPC network, non-RFC1918 addresses go to the internet. When set to PRIVATE, Cloud DNS always sends queries through the VPC network for this target." }, "ipv4Address": { "type": "string", "description": "IPv4 address of a target name server." }, "ipv6Address": { "type": "string", "description": "IPv6 address of a target name server. Does not accept both fields (ipv4 & ipv6) being populated. Public preview as of November 2022." }, "kind": { "type": "string" } }, "type": "object" }, "google-native:dns/v1:ManagedZoneForwardingConfigNameServerTargetForwardingPath": { "description": "Forwarding path for this NameServerTarget. If unset or set to DEFAULT, Cloud DNS makes forwarding decisions based on IP address ranges; that is, RFC1918 addresses go to the VPC network, non-RFC1918 addresses go to the internet. When set to PRIVATE, Cloud DNS always sends queries through the VPC network for this target.", "type": "string", "enum": [ { "name": "Default", "description": "Cloud DNS makes forwarding decisions based on address ranges; that is, RFC1918 addresses forward to the target through the VPC and non-RFC1918 addresses forward to the target through the internet", "value": "default" }, { "name": "Private", "description": "Cloud DNS always forwards to this target through the VPC.", "value": "private" } ] }, "google-native:dns/v1:ManagedZoneForwardingConfigNameServerTargetResponse": { "properties": { "forwardingPath": { "type": "string", "description": "Forwarding path for this NameServerTarget. If unset or set to DEFAULT, Cloud DNS makes forwarding decisions based on IP address ranges; that is, RFC1918 addresses go to the VPC network, non-RFC1918 addresses go to the internet. When set to PRIVATE, Cloud DNS always sends queries through the VPC network for this target." }, "ipv4Address": { "type": "string", "description": "IPv4 address of a target name server." }, "ipv6Address": { "type": "string", "description": "IPv6 address of a target name server. Does not accept both fields (ipv4 & ipv6) being populated. Public preview as of November 2022." }, "kind": { "type": "string" } }, "type": "object", "required": [ "forwardingPath", "ipv4Address", "ipv6Address", "kind" ] }, "google-native:dns/v1:ManagedZoneForwardingConfigResponse": { "properties": { "kind": { "type": "string" }, "targetNameServers": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1:ManagedZoneForwardingConfigNameServerTargetResponse" }, "description": "List of target name servers to forward to. Cloud DNS selects the best available name server if more than one target is given." } }, "type": "object", "required": [ "kind", "targetNameServers" ] }, "google-native:dns/v1:ManagedZonePeeringConfig": { "properties": { "kind": { "type": "string" }, "targetNetwork": { "$ref": "#/types/google-native:dns%2Fv1:ManagedZonePeeringConfigTargetNetwork", "description": "The network with which to peer." } }, "type": "object" }, "google-native:dns/v1:ManagedZonePeeringConfigResponse": { "properties": { "kind": { "type": "string" }, "targetNetwork": { "$ref": "#/types/google-native:dns%2Fv1:ManagedZonePeeringConfigTargetNetworkResponse", "description": "The network with which to peer." } }, "type": "object", "required": [ "kind", "targetNetwork" ] }, "google-native:dns/v1:ManagedZonePeeringConfigTargetNetwork": { "properties": { "deactivateTime": { "type": "string", "description": "The time at which the zone was deactivated, in RFC 3339 date-time format. An empty string indicates that the peering connection is active. The producer network can deactivate a zone. The zone is automatically deactivated if the producer network that the zone targeted is deleted. Output only." }, "kind": { "type": "string" }, "networkUrl": { "type": "string", "description": "The fully qualified URL of the VPC network to forward queries to. This should be formatted like https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}" } }, "type": "object" }, "google-native:dns/v1:ManagedZonePeeringConfigTargetNetworkResponse": { "properties": { "deactivateTime": { "type": "string", "description": "The time at which the zone was deactivated, in RFC 3339 date-time format. An empty string indicates that the peering connection is active. The producer network can deactivate a zone. The zone is automatically deactivated if the producer network that the zone targeted is deleted. Output only." }, "kind": { "type": "string" }, "networkUrl": { "type": "string", "description": "The fully qualified URL of the VPC network to forward queries to. This should be formatted like https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}" } }, "type": "object", "required": [ "deactivateTime", "kind", "networkUrl" ] }, "google-native:dns/v1:ManagedZonePrivateVisibilityConfig": { "properties": { "gkeClusters": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1:ManagedZonePrivateVisibilityConfigGKECluster" }, "description": "The list of Google Kubernetes Engine clusters that can see this zone." }, "kind": { "type": "string" }, "networks": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1:ManagedZonePrivateVisibilityConfigNetwork" }, "description": "The list of VPC networks that can see this zone." } }, "type": "object" }, "google-native:dns/v1:ManagedZonePrivateVisibilityConfigGKECluster": { "properties": { "gkeClusterName": { "type": "string", "description": "The resource name of the cluster to bind this ManagedZone to. This should be specified in the format like: projects/*/locations/*/clusters/*. This is referenced from GKE projects.locations.clusters.get API: https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters/get" }, "kind": { "type": "string" } }, "type": "object" }, "google-native:dns/v1:ManagedZonePrivateVisibilityConfigGKEClusterResponse": { "properties": { "gkeClusterName": { "type": "string", "description": "The resource name of the cluster to bind this ManagedZone to. This should be specified in the format like: projects/*/locations/*/clusters/*. This is referenced from GKE projects.locations.clusters.get API: https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters/get" }, "kind": { "type": "string" } }, "type": "object", "required": [ "gkeClusterName", "kind" ] }, "google-native:dns/v1:ManagedZonePrivateVisibilityConfigNetwork": { "properties": { "kind": { "type": "string" }, "networkUrl": { "type": "string", "description": "The fully qualified URL of the VPC network to bind to. Format this URL like https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}" } }, "type": "object" }, "google-native:dns/v1:ManagedZonePrivateVisibilityConfigNetworkResponse": { "properties": { "kind": { "type": "string" }, "networkUrl": { "type": "string", "description": "The fully qualified URL of the VPC network to bind to. Format this URL like https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}" } }, "type": "object", "required": [ "kind", "networkUrl" ] }, "google-native:dns/v1:ManagedZonePrivateVisibilityConfigResponse": { "properties": { "gkeClusters": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1:ManagedZonePrivateVisibilityConfigGKEClusterResponse" }, "description": "The list of Google Kubernetes Engine clusters that can see this zone." }, "kind": { "type": "string" }, "networks": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1:ManagedZonePrivateVisibilityConfigNetworkResponse" }, "description": "The list of VPC networks that can see this zone." } }, "type": "object", "required": [ "gkeClusters", "kind", "networks" ] }, "google-native:dns/v1:ManagedZoneReverseLookupConfig": { "properties": { "kind": { "type": "string" } }, "type": "object" }, "google-native:dns/v1:ManagedZoneReverseLookupConfigResponse": { "properties": { "kind": { "type": "string" } }, "type": "object", "required": [ "kind" ] }, "google-native:dns/v1:ManagedZoneServiceDirectoryConfig": { "description": "Contains information about Service Directory-backed zones.", "properties": { "kind": { "type": "string" }, "namespace": { "$ref": "#/types/google-native:dns%2Fv1:ManagedZoneServiceDirectoryConfigNamespace", "description": "Contains information about the namespace associated with the zone." } }, "type": "object" }, "google-native:dns/v1:ManagedZoneServiceDirectoryConfigNamespace": { "properties": { "deletionTime": { "type": "string", "description": "The time that the namespace backing this zone was deleted; an empty string if it still exists. This is in RFC3339 text format. Output only." }, "kind": { "type": "string" }, "namespaceUrl": { "type": "string", "description": "The fully qualified URL of the namespace associated with the zone. Format must be https://servicedirectory.googleapis.com/v1/projects/{project}/locations/{location}/namespaces/{namespace}" } }, "type": "object" }, "google-native:dns/v1:ManagedZoneServiceDirectoryConfigNamespaceResponse": { "properties": { "deletionTime": { "type": "string", "description": "The time that the namespace backing this zone was deleted; an empty string if it still exists. This is in RFC3339 text format. Output only." }, "kind": { "type": "string" }, "namespaceUrl": { "type": "string", "description": "The fully qualified URL of the namespace associated with the zone. Format must be https://servicedirectory.googleapis.com/v1/projects/{project}/locations/{location}/namespaces/{namespace}" } }, "type": "object", "required": [ "deletionTime", "kind", "namespaceUrl" ] }, "google-native:dns/v1:ManagedZoneServiceDirectoryConfigResponse": { "description": "Contains information about Service Directory-backed zones.", "properties": { "kind": { "type": "string" }, "namespace": { "$ref": "#/types/google-native:dns%2Fv1:ManagedZoneServiceDirectoryConfigNamespaceResponse", "description": "Contains information about the namespace associated with the zone." } }, "type": "object", "required": [ "kind", "namespace" ] }, "google-native:dns/v1:ManagedZoneVisibility": { "description": "The zone's visibility: public zones are exposed to the Internet, while private zones are visible only to Virtual Private Cloud resources.", "type": "string", "enum": [ { "name": "Public", "value": "public" }, { "name": "Private", "value": "private" } ] }, "google-native:dns/v1:PolicyAlternativeNameServerConfig": { "properties": { "kind": { "type": "string" }, "targetNameServers": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1:PolicyAlternativeNameServerConfigTargetNameServer" }, "description": "Sets an alternative name server for the associated networks. When specified, all DNS queries are forwarded to a name server that you choose. Names such as .internal are not available when an alternative name server is specified." } }, "type": "object" }, "google-native:dns/v1:PolicyAlternativeNameServerConfigResponse": { "properties": { "kind": { "type": "string" }, "targetNameServers": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1:PolicyAlternativeNameServerConfigTargetNameServerResponse" }, "description": "Sets an alternative name server for the associated networks. When specified, all DNS queries are forwarded to a name server that you choose. Names such as .internal are not available when an alternative name server is specified." } }, "type": "object", "required": [ "kind", "targetNameServers" ] }, "google-native:dns/v1:PolicyAlternativeNameServerConfigTargetNameServer": { "properties": { "forwardingPath": { "$ref": "#/types/google-native:dns%2Fv1:PolicyAlternativeNameServerConfigTargetNameServerForwardingPath", "description": "Forwarding path for this TargetNameServer. If unset or set to DEFAULT, Cloud DNS makes forwarding decisions based on address ranges; that is, RFC1918 addresses go to the VPC network, non-RFC1918 addresses go to the internet. When set to PRIVATE, Cloud DNS always sends queries through the VPC network for this target." }, "ipv4Address": { "type": "string", "description": "IPv4 address to forward queries to." }, "ipv6Address": { "type": "string", "description": "IPv6 address to forward to. Does not accept both fields (ipv4 & ipv6) being populated. Public preview as of November 2022." }, "kind": { "type": "string" } }, "type": "object" }, "google-native:dns/v1:PolicyAlternativeNameServerConfigTargetNameServerForwardingPath": { "description": "Forwarding path for this TargetNameServer. If unset or set to DEFAULT, Cloud DNS makes forwarding decisions based on address ranges; that is, RFC1918 addresses go to the VPC network, non-RFC1918 addresses go to the internet. When set to PRIVATE, Cloud DNS always sends queries through the VPC network for this target.", "type": "string", "enum": [ { "name": "Default", "description": "Cloud DNS makes forwarding decision based on IP address ranges; that is, RFC1918 addresses forward to the target through the VPC and non-RFC1918 addresses forward to the target through the internet", "value": "default" }, { "name": "Private", "description": "Cloud DNS always forwards to this target through the VPC.", "value": "private" } ] }, "google-native:dns/v1:PolicyAlternativeNameServerConfigTargetNameServerResponse": { "properties": { "forwardingPath": { "type": "string", "description": "Forwarding path for this TargetNameServer. If unset or set to DEFAULT, Cloud DNS makes forwarding decisions based on address ranges; that is, RFC1918 addresses go to the VPC network, non-RFC1918 addresses go to the internet. When set to PRIVATE, Cloud DNS always sends queries through the VPC network for this target." }, "ipv4Address": { "type": "string", "description": "IPv4 address to forward queries to." }, "ipv6Address": { "type": "string", "description": "IPv6 address to forward to. Does not accept both fields (ipv4 & ipv6) being populated. Public preview as of November 2022." }, "kind": { "type": "string" } }, "type": "object", "required": [ "forwardingPath", "ipv4Address", "ipv6Address", "kind" ] }, "google-native:dns/v1:PolicyNetwork": { "properties": { "kind": { "type": "string" }, "networkUrl": { "type": "string", "description": "The fully qualified URL of the VPC network to bind to. This should be formatted like https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}" } }, "type": "object" }, "google-native:dns/v1:PolicyNetworkResponse": { "properties": { "kind": { "type": "string" }, "networkUrl": { "type": "string", "description": "The fully qualified URL of the VPC network to bind to. This should be formatted like https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}" } }, "type": "object", "required": [ "kind", "networkUrl" ] }, "google-native:dns/v1:RRSetRoutingPolicy": { "description": "A RRSetRoutingPolicy represents ResourceRecordSet data that is returned dynamically with the response varying based on configured properties such as geolocation or by weighted random selection.", "properties": { "geo": { "$ref": "#/types/google-native:dns%2Fv1:RRSetRoutingPolicyGeoPolicy" }, "kind": { "type": "string" }, "primaryBackup": { "$ref": "#/types/google-native:dns%2Fv1:RRSetRoutingPolicyPrimaryBackupPolicy" }, "wrr": { "$ref": "#/types/google-native:dns%2Fv1:RRSetRoutingPolicyWrrPolicy" } }, "type": "object" }, "google-native:dns/v1:RRSetRoutingPolicyGeoPolicy": { "description": "Configures a RRSetRoutingPolicy that routes based on the geo location of the querying user.", "properties": { "enableFencing": { "type": "boolean", "description": "Without fencing, if health check fails for all configured items in the current geo bucket, we failover to the next nearest geo bucket. With fencing, if health checking is enabled, as long as some targets in the current geo bucket are healthy, we return only the healthy targets. However, if all targets are unhealthy, we don't failover to the next nearest bucket; instead, we return all the items in the current bucket even when all targets are unhealthy." }, "items": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1:RRSetRoutingPolicyGeoPolicyGeoPolicyItem" }, "description": "The primary geo routing configuration. If there are multiple items with the same location, an error is returned instead." }, "kind": { "type": "string" } }, "type": "object" }, "google-native:dns/v1:RRSetRoutingPolicyGeoPolicyGeoPolicyItem": { "description": "ResourceRecordSet data for one geo location.", "properties": { "healthCheckedTargets": { "$ref": "#/types/google-native:dns%2Fv1:RRSetRoutingPolicyHealthCheckTargets", "description": "For A and AAAA types only. Endpoints to return in the query result only if they are healthy. These can be specified along with rrdata within this item." }, "kind": { "type": "string" }, "location": { "type": "string", "description": "The geo-location granularity is a GCP region. This location string should correspond to a GCP region. e.g. \"us-east1\", \"southamerica-east1\", \"asia-east1\", etc." }, "rrdatas": { "type": "array", "items": { "type": "string" } }, "signatureRrdatas": { "type": "array", "items": { "type": "string" }, "description": "DNSSEC generated signatures for all the rrdata within this item. If health checked targets are provided for DNSSEC enabled zones, there's a restriction of 1 IP address per item." } }, "type": "object" }, "google-native:dns/v1:RRSetRoutingPolicyGeoPolicyGeoPolicyItemResponse": { "description": "ResourceRecordSet data for one geo location.", "properties": { "healthCheckedTargets": { "$ref": "#/types/google-native:dns%2Fv1:RRSetRoutingPolicyHealthCheckTargetsResponse", "description": "For A and AAAA types only. Endpoints to return in the query result only if they are healthy. These can be specified along with rrdata within this item." }, "kind": { "type": "string" }, "location": { "type": "string", "description": "The geo-location granularity is a GCP region. This location string should correspond to a GCP region. e.g. \"us-east1\", \"southamerica-east1\", \"asia-east1\", etc." }, "rrdatas": { "type": "array", "items": { "type": "string" } }, "signatureRrdatas": { "type": "array", "items": { "type": "string" }, "description": "DNSSEC generated signatures for all the rrdata within this item. If health checked targets are provided for DNSSEC enabled zones, there's a restriction of 1 IP address per item." } }, "type": "object", "required": [ "healthCheckedTargets", "kind", "location", "rrdatas", "signatureRrdatas" ] }, "google-native:dns/v1:RRSetRoutingPolicyGeoPolicyResponse": { "description": "Configures a RRSetRoutingPolicy that routes based on the geo location of the querying user.", "properties": { "enableFencing": { "type": "boolean", "description": "Without fencing, if health check fails for all configured items in the current geo bucket, we failover to the next nearest geo bucket. With fencing, if health checking is enabled, as long as some targets in the current geo bucket are healthy, we return only the healthy targets. However, if all targets are unhealthy, we don't failover to the next nearest bucket; instead, we return all the items in the current bucket even when all targets are unhealthy." }, "items": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1:RRSetRoutingPolicyGeoPolicyGeoPolicyItemResponse" }, "description": "The primary geo routing configuration. If there are multiple items with the same location, an error is returned instead." }, "kind": { "type": "string" } }, "type": "object", "required": [ "enableFencing", "items", "kind" ] }, "google-native:dns/v1:RRSetRoutingPolicyHealthCheckTargets": { "description": "HealthCheckTargets describes endpoints to health-check when responding to Routing Policy queries. Only the healthy endpoints will be included in the response.", "properties": { "internalLoadBalancers": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1:RRSetRoutingPolicyLoadBalancerTarget" } } }, "type": "object" }, "google-native:dns/v1:RRSetRoutingPolicyHealthCheckTargetsResponse": { "description": "HealthCheckTargets describes endpoints to health-check when responding to Routing Policy queries. Only the healthy endpoints will be included in the response.", "properties": { "internalLoadBalancers": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1:RRSetRoutingPolicyLoadBalancerTargetResponse" } } }, "type": "object", "required": [ "internalLoadBalancers" ] }, "google-native:dns/v1:RRSetRoutingPolicyLoadBalancerTarget": { "description": "The configuration for an individual load balancer to health check.", "properties": { "ipAddress": { "type": "string", "description": "The frontend IP address of the load balancer to health check." }, "ipProtocol": { "$ref": "#/types/google-native:dns%2Fv1:RRSetRoutingPolicyLoadBalancerTargetIpProtocol", "description": "The protocol of the load balancer to health check." }, "kind": { "type": "string" }, "loadBalancerType": { "$ref": "#/types/google-native:dns%2Fv1:RRSetRoutingPolicyLoadBalancerTargetLoadBalancerType", "description": "The type of load balancer specified by this target. This value must match the configuration of the load balancer located at the LoadBalancerTarget's IP address, port, and region. Use the following: - *regionalL4ilb*: for a regional internal passthrough Network Load Balancer. - *regionalL7ilb*: for a regional internal Application Load Balancer. - *globalL7ilb*: for a global internal Application Load Balancer. " }, "networkUrl": { "type": "string", "description": "The fully qualified URL of the network that the load balancer is attached to. This should be formatted like https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network} ." }, "port": { "type": "string", "description": "The configured port of the load balancer." }, "project": { "type": "string", "description": "The project ID in which the load balancer is located." }, "region": { "type": "string", "description": "The region in which the load balancer is located." } }, "type": "object" }, "google-native:dns/v1:RRSetRoutingPolicyLoadBalancerTargetIpProtocol": { "description": "The protocol of the load balancer to health check.", "type": "string", "enum": [ { "name": "Undefined", "value": "undefined" }, { "name": "Tcp", "value": "tcp" }, { "name": "Udp", "value": "udp" } ] }, "google-native:dns/v1:RRSetRoutingPolicyLoadBalancerTargetLoadBalancerType": { "description": "The type of load balancer specified by this target. This value must match the configuration of the load balancer located at the LoadBalancerTarget's IP address, port, and region. Use the following: - *regionalL4ilb*: for a regional internal passthrough Network Load Balancer. - *regionalL7ilb*: for a regional internal Application Load Balancer. - *globalL7ilb*: for a global internal Application Load Balancer. ", "type": "string", "enum": [ { "name": "None", "value": "none" }, { "name": "GlobalL7ilb", "value": "globalL7ilb" }, { "name": "RegionalL4ilb", "value": "regionalL4ilb" }, { "name": "RegionalL7ilb", "value": "regionalL7ilb" } ] }, "google-native:dns/v1:RRSetRoutingPolicyLoadBalancerTargetResponse": { "description": "The configuration for an individual load balancer to health check.", "properties": { "ipAddress": { "type": "string", "description": "The frontend IP address of the load balancer to health check." }, "ipProtocol": { "type": "string", "description": "The protocol of the load balancer to health check." }, "kind": { "type": "string" }, "loadBalancerType": { "type": "string", "description": "The type of load balancer specified by this target. This value must match the configuration of the load balancer located at the LoadBalancerTarget's IP address, port, and region. Use the following: - *regionalL4ilb*: for a regional internal passthrough Network Load Balancer. - *regionalL7ilb*: for a regional internal Application Load Balancer. - *globalL7ilb*: for a global internal Application Load Balancer. " }, "networkUrl": { "type": "string", "description": "The fully qualified URL of the network that the load balancer is attached to. This should be formatted like https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network} ." }, "port": { "type": "string", "description": "The configured port of the load balancer." }, "project": { "type": "string", "description": "The project ID in which the load balancer is located." }, "region": { "type": "string", "description": "The region in which the load balancer is located." } }, "type": "object", "required": [ "ipAddress", "ipProtocol", "kind", "loadBalancerType", "networkUrl", "port", "project", "region" ] }, "google-native:dns/v1:RRSetRoutingPolicyPrimaryBackupPolicy": { "description": "Configures a RRSetRoutingPolicy such that all queries are responded with the primary_targets if they are healthy. And if all of them are unhealthy, then we fallback to a geo localized policy.", "properties": { "backupGeoTargets": { "$ref": "#/types/google-native:dns%2Fv1:RRSetRoutingPolicyGeoPolicy", "description": "Backup targets provide a regional failover policy for the otherwise global primary targets. If serving state is set to BACKUP, this policy essentially becomes a geo routing policy." }, "kind": { "type": "string" }, "primaryTargets": { "$ref": "#/types/google-native:dns%2Fv1:RRSetRoutingPolicyHealthCheckTargets", "description": "Endpoints that are health checked before making the routing decision. Unhealthy endpoints are omitted from the results. If all endpoints are unhealthy, we serve a response based on the backup_geo_targets." }, "trickleTraffic": { "type": "number", "description": "When serving state is PRIMARY, this field provides the option of sending a small percentage of the traffic to the backup targets." } }, "type": "object" }, "google-native:dns/v1:RRSetRoutingPolicyPrimaryBackupPolicyResponse": { "description": "Configures a RRSetRoutingPolicy such that all queries are responded with the primary_targets if they are healthy. And if all of them are unhealthy, then we fallback to a geo localized policy.", "properties": { "backupGeoTargets": { "$ref": "#/types/google-native:dns%2Fv1:RRSetRoutingPolicyGeoPolicyResponse", "description": "Backup targets provide a regional failover policy for the otherwise global primary targets. If serving state is set to BACKUP, this policy essentially becomes a geo routing policy." }, "kind": { "type": "string" }, "primaryTargets": { "$ref": "#/types/google-native:dns%2Fv1:RRSetRoutingPolicyHealthCheckTargetsResponse", "description": "Endpoints that are health checked before making the routing decision. Unhealthy endpoints are omitted from the results. If all endpoints are unhealthy, we serve a response based on the backup_geo_targets." }, "trickleTraffic": { "type": "number", "description": "When serving state is PRIMARY, this field provides the option of sending a small percentage of the traffic to the backup targets." } }, "type": "object", "required": [ "backupGeoTargets", "kind", "primaryTargets", "trickleTraffic" ] }, "google-native:dns/v1:RRSetRoutingPolicyResponse": { "description": "A RRSetRoutingPolicy represents ResourceRecordSet data that is returned dynamically with the response varying based on configured properties such as geolocation or by weighted random selection.", "properties": { "geo": { "$ref": "#/types/google-native:dns%2Fv1:RRSetRoutingPolicyGeoPolicyResponse" }, "kind": { "type": "string" }, "primaryBackup": { "$ref": "#/types/google-native:dns%2Fv1:RRSetRoutingPolicyPrimaryBackupPolicyResponse" }, "wrr": { "$ref": "#/types/google-native:dns%2Fv1:RRSetRoutingPolicyWrrPolicyResponse" } }, "type": "object", "required": [ "geo", "kind", "primaryBackup", "wrr" ] }, "google-native:dns/v1:RRSetRoutingPolicyWrrPolicy": { "description": "Configures a RRSetRoutingPolicy that routes in a weighted round robin fashion.", "properties": { "items": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1:RRSetRoutingPolicyWrrPolicyWrrPolicyItem" } }, "kind": { "type": "string" } }, "type": "object" }, "google-native:dns/v1:RRSetRoutingPolicyWrrPolicyResponse": { "description": "Configures a RRSetRoutingPolicy that routes in a weighted round robin fashion.", "properties": { "items": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1:RRSetRoutingPolicyWrrPolicyWrrPolicyItemResponse" } }, "kind": { "type": "string" } }, "type": "object", "required": [ "items", "kind" ] }, "google-native:dns/v1:RRSetRoutingPolicyWrrPolicyWrrPolicyItem": { "description": "A routing block which contains the routing information for one WRR item.", "properties": { "healthCheckedTargets": { "$ref": "#/types/google-native:dns%2Fv1:RRSetRoutingPolicyHealthCheckTargets", "description": "Endpoints that are health checked before making the routing decision. The unhealthy endpoints are omitted from the result. If all endpoints within a bucket are unhealthy, we choose a different bucket (sampled with respect to its weight) for responding. If DNSSEC is enabled for this zone, only one of rrdata or health_checked_targets can be set." }, "kind": { "type": "string" }, "rrdatas": { "type": "array", "items": { "type": "string" } }, "signatureRrdatas": { "type": "array", "items": { "type": "string" }, "description": "DNSSEC generated signatures for all the rrdata within this item. Note that if health checked targets are provided for DNSSEC enabled zones, there's a restriction of 1 IP address per item." }, "weight": { "type": "number", "description": "The weight corresponding to this WrrPolicyItem object. When multiple WrrPolicyItem objects are configured, the probability of returning an WrrPolicyItem object's data is proportional to its weight relative to the sum of weights configured for all items. This weight must be non-negative." } }, "type": "object" }, "google-native:dns/v1:RRSetRoutingPolicyWrrPolicyWrrPolicyItemResponse": { "description": "A routing block which contains the routing information for one WRR item.", "properties": { "healthCheckedTargets": { "$ref": "#/types/google-native:dns%2Fv1:RRSetRoutingPolicyHealthCheckTargetsResponse", "description": "Endpoints that are health checked before making the routing decision. The unhealthy endpoints are omitted from the result. If all endpoints within a bucket are unhealthy, we choose a different bucket (sampled with respect to its weight) for responding. If DNSSEC is enabled for this zone, only one of rrdata or health_checked_targets can be set." }, "kind": { "type": "string" }, "rrdatas": { "type": "array", "items": { "type": "string" } }, "signatureRrdatas": { "type": "array", "items": { "type": "string" }, "description": "DNSSEC generated signatures for all the rrdata within this item. Note that if health checked targets are provided for DNSSEC enabled zones, there's a restriction of 1 IP address per item." }, "weight": { "type": "number", "description": "The weight corresponding to this WrrPolicyItem object. When multiple WrrPolicyItem objects are configured, the probability of returning an WrrPolicyItem object's data is proportional to its weight relative to the sum of weights configured for all items. This weight must be non-negative." } }, "type": "object", "required": [ "healthCheckedTargets", "kind", "rrdatas", "signatureRrdatas", "weight" ] }, "google-native:dns/v1:ResourceRecordSet": { "description": "A unit of data that is returned by the DNS servers.", "properties": { "kind": { "type": "string" }, "name": { "type": "string", "description": "For example, www.example.com." }, "routingPolicy": { "$ref": "#/types/google-native:dns%2Fv1:RRSetRoutingPolicy", "description": "Configures dynamic query responses based on either the geo location of the querying user or a weighted round robin based routing policy. A valid ResourceRecordSet contains only rrdata (for static resolution) or a routing_policy (for dynamic resolution)." }, "rrdatas": { "type": "array", "items": { "type": "string" }, "description": "As defined in RFC 1035 (section 5) and RFC 1034 (section 3.6.1) -- see examples." }, "signatureRrdatas": { "type": "array", "items": { "type": "string" }, "description": "As defined in RFC 4034 (section 3.2)." }, "ttl": { "type": "integer", "description": "Number of seconds that this ResourceRecordSet can be cached by resolvers." }, "type": { "type": "string", "description": "The identifier of a supported record type. See the list of Supported DNS record types." } }, "type": "object" }, "google-native:dns/v1:ResourceRecordSetResponse": { "description": "A unit of data that is returned by the DNS servers.", "properties": { "kind": { "type": "string" }, "name": { "type": "string", "description": "For example, www.example.com." }, "routingPolicy": { "$ref": "#/types/google-native:dns%2Fv1:RRSetRoutingPolicyResponse", "description": "Configures dynamic query responses based on either the geo location of the querying user or a weighted round robin based routing policy. A valid ResourceRecordSet contains only rrdata (for static resolution) or a routing_policy (for dynamic resolution)." }, "rrdatas": { "type": "array", "items": { "type": "string" }, "description": "As defined in RFC 1035 (section 5) and RFC 1034 (section 3.6.1) -- see examples." }, "signatureRrdatas": { "type": "array", "items": { "type": "string" }, "description": "As defined in RFC 4034 (section 3.2)." }, "ttl": { "type": "integer", "description": "Number of seconds that this ResourceRecordSet can be cached by resolvers." }, "type": { "type": "string", "description": "The identifier of a supported record type. See the list of Supported DNS record types." } }, "type": "object", "required": [ "kind", "name", "routingPolicy", "rrdatas", "signatureRrdatas", "ttl", "type" ] }, "google-native:dns/v1:ResponsePolicyGKECluster": { "properties": { "gkeClusterName": { "type": "string", "description": "The resource name of the cluster to bind this response policy to. This should be specified in the format like: projects/*/locations/*/clusters/*. This is referenced from GKE projects.locations.clusters.get API: https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters/get" }, "kind": { "type": "string" } }, "type": "object" }, "google-native:dns/v1:ResponsePolicyGKEClusterResponse": { "properties": { "gkeClusterName": { "type": "string", "description": "The resource name of the cluster to bind this response policy to. This should be specified in the format like: projects/*/locations/*/clusters/*. This is referenced from GKE projects.locations.clusters.get API: https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters/get" }, "kind": { "type": "string" } }, "type": "object", "required": [ "gkeClusterName", "kind" ] }, "google-native:dns/v1:ResponsePolicyNetwork": { "properties": { "kind": { "type": "string" }, "networkUrl": { "type": "string", "description": "The fully qualified URL of the VPC network to bind to. This should be formatted like https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}" } }, "type": "object" }, "google-native:dns/v1:ResponsePolicyNetworkResponse": { "properties": { "kind": { "type": "string" }, "networkUrl": { "type": "string", "description": "The fully qualified URL of the VPC network to bind to. This should be formatted like https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}" } }, "type": "object", "required": [ "kind", "networkUrl" ] }, "google-native:dns/v1:ResponsePolicyRuleBehavior": { "description": "Answer this query with a behavior rather than DNS data.", "type": "string", "enum": [ { "name": "BehaviorUnspecified", "value": "behaviorUnspecified" }, { "name": "BypassResponsePolicy", "description": "Skip a less-specific ResponsePolicyRule and continue normal query logic. This can be used with a less-specific wildcard selector to exempt a subset of the wildcard ResponsePolicyRule from the ResponsePolicy behavior and query the public Internet instead. For instance, if these rules exist: *.example.com -> LocalData 1.2.3.4 foo.example.com -> Behavior 'bypassResponsePolicy' Then a query for 'foo.example.com' skips the wildcard. This additionally functions to facilitate the allowlist feature. RPZs can be applied to multiple levels in the (eventually org, folder, project, network) hierarchy. If a rule is applied at a higher level of the hierarchy, adding a passthru rule at a lower level will supersede that, and a query from an affected vm to that domain will be exempt from the RPZ and proceed to normal resolution behavior.", "value": "bypassResponsePolicy" } ] }, "google-native:dns/v1:ResponsePolicyRuleLocalData": { "properties": { "localDatas": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1:ResourceRecordSet" }, "description": "All resource record sets for this selector, one per resource record type. The name must match the dns_name." } }, "type": "object" }, "google-native:dns/v1:ResponsePolicyRuleLocalDataResponse": { "properties": { "localDatas": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1:ResourceRecordSetResponse" }, "description": "All resource record sets for this selector, one per resource record type. The name must match the dns_name." } }, "type": "object", "required": [ "localDatas" ] }, "google-native:dns/v1beta2:DnsKeySpec": { "description": "Parameters for DnsKey key generation. Used for generating initial keys for a new ManagedZone and as default when adding a new DnsKey.", "properties": { "algorithm": { "$ref": "#/types/google-native:dns%2Fv1beta2:DnsKeySpecAlgorithm", "description": "String mnemonic specifying the DNSSEC algorithm of this key." }, "keyLength": { "type": "integer", "description": "Length of the keys in bits." }, "keyType": { "$ref": "#/types/google-native:dns%2Fv1beta2:DnsKeySpecKeyType", "description": "Specifies whether this is a key signing key (KSK) or a zone signing key (ZSK). Key signing keys have the Secure Entry Point flag set and, when active, are only used to sign resource record sets of type DNSKEY. Zone signing keys do not have the Secure Entry Point flag set and are used to sign all other types of resource record sets." }, "kind": { "type": "string" } }, "type": "object" }, "google-native:dns/v1beta2:DnsKeySpecAlgorithm": { "description": "String mnemonic specifying the DNSSEC algorithm of this key.", "type": "string", "enum": [ { "name": "Rsasha1", "value": "rsasha1" }, { "name": "Rsasha256", "value": "rsasha256" }, { "name": "Rsasha512", "value": "rsasha512" }, { "name": "Ecdsap256sha256", "value": "ecdsap256sha256" }, { "name": "Ecdsap384sha384", "value": "ecdsap384sha384" } ] }, "google-native:dns/v1beta2:DnsKeySpecKeyType": { "description": "Specifies whether this is a key signing key (KSK) or a zone signing key (ZSK). Key signing keys have the Secure Entry Point flag set and, when active, are only used to sign resource record sets of type DNSKEY. Zone signing keys do not have the Secure Entry Point flag set and are used to sign all other types of resource record sets.", "type": "string", "enum": [ { "name": "KeySigning", "value": "keySigning" }, { "name": "ZoneSigning", "value": "zoneSigning" } ] }, "google-native:dns/v1beta2:DnsKeySpecResponse": { "description": "Parameters for DnsKey key generation. Used for generating initial keys for a new ManagedZone and as default when adding a new DnsKey.", "properties": { "algorithm": { "type": "string", "description": "String mnemonic specifying the DNSSEC algorithm of this key." }, "keyLength": { "type": "integer", "description": "Length of the keys in bits." }, "keyType": { "type": "string", "description": "Specifies whether this is a key signing key (KSK) or a zone signing key (ZSK). Key signing keys have the Secure Entry Point flag set and, when active, are only used to sign resource record sets of type DNSKEY. Zone signing keys do not have the Secure Entry Point flag set and are used to sign all other types of resource record sets." }, "kind": { "type": "string" } }, "type": "object", "required": [ "algorithm", "keyLength", "keyType", "kind" ] }, "google-native:dns/v1beta2:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:dns/v1beta2:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:dns/v1beta2:GoogleIamV1AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1beta2:GoogleIamV1AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:dns/v1beta2:GoogleIamV1AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1beta2:GoogleIamV1AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:dns/v1beta2:GoogleIamV1AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:dns%2Fv1beta2:GoogleIamV1AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:dns/v1beta2:GoogleIamV1AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:dns/v1beta2:GoogleIamV1AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:dns/v1beta2:GoogleIamV1Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:dns%2Fv1beta2:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:dns/v1beta2:GoogleIamV1BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:dns%2Fv1beta2:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:dns/v1beta2:ManagedZoneCloudLoggingConfig": { "description": "Cloud Logging configurations for publicly visible zones.", "properties": { "enableLogging": { "type": "boolean", "description": "If set, enable query logging for this ManagedZone. False by default, making logging opt-in." }, "kind": { "type": "string" } }, "type": "object" }, "google-native:dns/v1beta2:ManagedZoneCloudLoggingConfigResponse": { "description": "Cloud Logging configurations for publicly visible zones.", "properties": { "enableLogging": { "type": "boolean", "description": "If set, enable query logging for this ManagedZone. False by default, making logging opt-in." }, "kind": { "type": "string" } }, "type": "object", "required": [ "enableLogging", "kind" ] }, "google-native:dns/v1beta2:ManagedZoneDnsSecConfig": { "properties": { "defaultKeySpecs": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1beta2:DnsKeySpec" }, "description": "Specifies parameters for generating initial DnsKeys for this ManagedZone. Can only be changed while the state is OFF." }, "kind": { "type": "string" }, "nonExistence": { "$ref": "#/types/google-native:dns%2Fv1beta2:ManagedZoneDnsSecConfigNonExistence", "description": "Specifies the mechanism for authenticated denial-of-existence responses. Can only be changed while the state is OFF." }, "state": { "$ref": "#/types/google-native:dns%2Fv1beta2:ManagedZoneDnsSecConfigState", "description": "Specifies whether DNSSEC is enabled, and what mode it is in." } }, "type": "object" }, "google-native:dns/v1beta2:ManagedZoneDnsSecConfigNonExistence": { "description": "Specifies the mechanism for authenticated denial-of-existence responses. Can only be changed while the state is OFF.", "type": "string", "enum": [ { "name": "Nsec", "value": "nsec" }, { "name": "Nsec3", "value": "nsec3" } ] }, "google-native:dns/v1beta2:ManagedZoneDnsSecConfigResponse": { "properties": { "defaultKeySpecs": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1beta2:DnsKeySpecResponse" }, "description": "Specifies parameters for generating initial DnsKeys for this ManagedZone. Can only be changed while the state is OFF." }, "kind": { "type": "string" }, "nonExistence": { "type": "string", "description": "Specifies the mechanism for authenticated denial-of-existence responses. Can only be changed while the state is OFF." }, "state": { "type": "string", "description": "Specifies whether DNSSEC is enabled, and what mode it is in." } }, "type": "object", "required": [ "defaultKeySpecs", "kind", "nonExistence", "state" ] }, "google-native:dns/v1beta2:ManagedZoneDnsSecConfigState": { "description": "Specifies whether DNSSEC is enabled, and what mode it is in.", "type": "string", "enum": [ { "name": "Off", "description": "DNSSEC is disabled; the zone is not signed.", "value": "off" }, { "name": "On", "description": "DNSSEC is enabled; the zone is signed and fully managed.", "value": "on" }, { "name": "Transfer", "description": "DNSSEC is enabled, but in a \"transfer\" mode.", "value": "transfer" } ] }, "google-native:dns/v1beta2:ManagedZoneForwardingConfig": { "properties": { "kind": { "type": "string" }, "targetNameServers": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1beta2:ManagedZoneForwardingConfigNameServerTarget" }, "description": "List of target name servers to forward to. Cloud DNS selects the best available name server if more than one target is given." } }, "type": "object" }, "google-native:dns/v1beta2:ManagedZoneForwardingConfigNameServerTarget": { "properties": { "forwardingPath": { "$ref": "#/types/google-native:dns%2Fv1beta2:ManagedZoneForwardingConfigNameServerTargetForwardingPath", "description": "Forwarding path for this NameServerTarget. If unset or set to DEFAULT, Cloud DNS makes forwarding decisions based on IP address ranges; that is, RFC1918 addresses go to the VPC network, non-RFC1918 addresses go to the internet. When set to PRIVATE, Cloud DNS always sends queries through the VPC network for this target." }, "ipv4Address": { "type": "string", "description": "IPv4 address of a target name server." }, "ipv6Address": { "type": "string", "description": "IPv6 address of a target name server. Does not accept both fields (ipv4 & ipv6) being populated. Public preview as of November 2022." }, "kind": { "type": "string" } }, "type": "object" }, "google-native:dns/v1beta2:ManagedZoneForwardingConfigNameServerTargetForwardingPath": { "description": "Forwarding path for this NameServerTarget. If unset or set to DEFAULT, Cloud DNS makes forwarding decisions based on IP address ranges; that is, RFC1918 addresses go to the VPC network, non-RFC1918 addresses go to the internet. When set to PRIVATE, Cloud DNS always sends queries through the VPC network for this target.", "type": "string", "enum": [ { "name": "Default", "description": "Cloud DNS makes forwarding decisions based on address ranges; that is, RFC1918 addresses forward to the target through the VPC and non-RFC1918 addresses forward to the target through the internet", "value": "default" }, { "name": "Private", "description": "Cloud DNS always forwards to this target through the VPC.", "value": "private" } ] }, "google-native:dns/v1beta2:ManagedZoneForwardingConfigNameServerTargetResponse": { "properties": { "forwardingPath": { "type": "string", "description": "Forwarding path for this NameServerTarget. If unset or set to DEFAULT, Cloud DNS makes forwarding decisions based on IP address ranges; that is, RFC1918 addresses go to the VPC network, non-RFC1918 addresses go to the internet. When set to PRIVATE, Cloud DNS always sends queries through the VPC network for this target." }, "ipv4Address": { "type": "string", "description": "IPv4 address of a target name server." }, "ipv6Address": { "type": "string", "description": "IPv6 address of a target name server. Does not accept both fields (ipv4 & ipv6) being populated. Public preview as of November 2022." }, "kind": { "type": "string" } }, "type": "object", "required": [ "forwardingPath", "ipv4Address", "ipv6Address", "kind" ] }, "google-native:dns/v1beta2:ManagedZoneForwardingConfigResponse": { "properties": { "kind": { "type": "string" }, "targetNameServers": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1beta2:ManagedZoneForwardingConfigNameServerTargetResponse" }, "description": "List of target name servers to forward to. Cloud DNS selects the best available name server if more than one target is given." } }, "type": "object", "required": [ "kind", "targetNameServers" ] }, "google-native:dns/v1beta2:ManagedZonePeeringConfig": { "properties": { "kind": { "type": "string" }, "targetNetwork": { "$ref": "#/types/google-native:dns%2Fv1beta2:ManagedZonePeeringConfigTargetNetwork", "description": "The network with which to peer." } }, "type": "object" }, "google-native:dns/v1beta2:ManagedZonePeeringConfigResponse": { "properties": { "kind": { "type": "string" }, "targetNetwork": { "$ref": "#/types/google-native:dns%2Fv1beta2:ManagedZonePeeringConfigTargetNetworkResponse", "description": "The network with which to peer." } }, "type": "object", "required": [ "kind", "targetNetwork" ] }, "google-native:dns/v1beta2:ManagedZonePeeringConfigTargetNetwork": { "properties": { "deactivateTime": { "type": "string", "description": "The time at which the zone was deactivated, in RFC 3339 date-time format. An empty string indicates that the peering connection is active. The producer network can deactivate a zone. The zone is automatically deactivated if the producer network that the zone targeted is deleted. Output only." }, "kind": { "type": "string" }, "networkUrl": { "type": "string", "description": "The fully qualified URL of the VPC network to forward queries to. This should be formatted like https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}" } }, "type": "object" }, "google-native:dns/v1beta2:ManagedZonePeeringConfigTargetNetworkResponse": { "properties": { "deactivateTime": { "type": "string", "description": "The time at which the zone was deactivated, in RFC 3339 date-time format. An empty string indicates that the peering connection is active. The producer network can deactivate a zone. The zone is automatically deactivated if the producer network that the zone targeted is deleted. Output only." }, "kind": { "type": "string" }, "networkUrl": { "type": "string", "description": "The fully qualified URL of the VPC network to forward queries to. This should be formatted like https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}" } }, "type": "object", "required": [ "deactivateTime", "kind", "networkUrl" ] }, "google-native:dns/v1beta2:ManagedZonePrivateVisibilityConfig": { "properties": { "gkeClusters": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1beta2:ManagedZonePrivateVisibilityConfigGKECluster" }, "description": "The list of Google Kubernetes Engine clusters that can see this zone." }, "kind": { "type": "string" }, "networks": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1beta2:ManagedZonePrivateVisibilityConfigNetwork" }, "description": "The list of VPC networks that can see this zone." } }, "type": "object" }, "google-native:dns/v1beta2:ManagedZonePrivateVisibilityConfigGKECluster": { "properties": { "gkeClusterName": { "type": "string", "description": "The resource name of the cluster to bind this ManagedZone to. This should be specified in the format like: projects/*/locations/*/clusters/*. This is referenced from GKE projects.locations.clusters.get API: https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters/get" }, "kind": { "type": "string" } }, "type": "object" }, "google-native:dns/v1beta2:ManagedZonePrivateVisibilityConfigGKEClusterResponse": { "properties": { "gkeClusterName": { "type": "string", "description": "The resource name of the cluster to bind this ManagedZone to. This should be specified in the format like: projects/*/locations/*/clusters/*. This is referenced from GKE projects.locations.clusters.get API: https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters/get" }, "kind": { "type": "string" } }, "type": "object", "required": [ "gkeClusterName", "kind" ] }, "google-native:dns/v1beta2:ManagedZonePrivateVisibilityConfigNetwork": { "properties": { "kind": { "type": "string" }, "networkUrl": { "type": "string", "description": "The fully qualified URL of the VPC network to bind to. Format this URL like https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}" } }, "type": "object" }, "google-native:dns/v1beta2:ManagedZonePrivateVisibilityConfigNetworkResponse": { "properties": { "kind": { "type": "string" }, "networkUrl": { "type": "string", "description": "The fully qualified URL of the VPC network to bind to. Format this URL like https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}" } }, "type": "object", "required": [ "kind", "networkUrl" ] }, "google-native:dns/v1beta2:ManagedZonePrivateVisibilityConfigResponse": { "properties": { "gkeClusters": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1beta2:ManagedZonePrivateVisibilityConfigGKEClusterResponse" }, "description": "The list of Google Kubernetes Engine clusters that can see this zone." }, "kind": { "type": "string" }, "networks": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1beta2:ManagedZonePrivateVisibilityConfigNetworkResponse" }, "description": "The list of VPC networks that can see this zone." } }, "type": "object", "required": [ "gkeClusters", "kind", "networks" ] }, "google-native:dns/v1beta2:ManagedZoneReverseLookupConfig": { "properties": { "kind": { "type": "string" } }, "type": "object" }, "google-native:dns/v1beta2:ManagedZoneReverseLookupConfigResponse": { "properties": { "kind": { "type": "string" } }, "type": "object", "required": [ "kind" ] }, "google-native:dns/v1beta2:ManagedZoneServiceDirectoryConfig": { "description": "Contains information about Service Directory-backed zones.", "properties": { "kind": { "type": "string" }, "namespace": { "$ref": "#/types/google-native:dns%2Fv1beta2:ManagedZoneServiceDirectoryConfigNamespace", "description": "Contains information about the namespace associated with the zone." } }, "type": "object" }, "google-native:dns/v1beta2:ManagedZoneServiceDirectoryConfigNamespace": { "properties": { "deletionTime": { "type": "string", "description": "The time that the namespace backing this zone was deleted; an empty string if it still exists. This is in RFC3339 text format. Output only." }, "kind": { "type": "string" }, "namespaceUrl": { "type": "string", "description": "The fully qualified URL of the namespace associated with the zone. Format must be https://servicedirectory.googleapis.com/v1/projects/{project}/locations/{location}/namespaces/{namespace}" } }, "type": "object" }, "google-native:dns/v1beta2:ManagedZoneServiceDirectoryConfigNamespaceResponse": { "properties": { "deletionTime": { "type": "string", "description": "The time that the namespace backing this zone was deleted; an empty string if it still exists. This is in RFC3339 text format. Output only." }, "kind": { "type": "string" }, "namespaceUrl": { "type": "string", "description": "The fully qualified URL of the namespace associated with the zone. Format must be https://servicedirectory.googleapis.com/v1/projects/{project}/locations/{location}/namespaces/{namespace}" } }, "type": "object", "required": [ "deletionTime", "kind", "namespaceUrl" ] }, "google-native:dns/v1beta2:ManagedZoneServiceDirectoryConfigResponse": { "description": "Contains information about Service Directory-backed zones.", "properties": { "kind": { "type": "string" }, "namespace": { "$ref": "#/types/google-native:dns%2Fv1beta2:ManagedZoneServiceDirectoryConfigNamespaceResponse", "description": "Contains information about the namespace associated with the zone." } }, "type": "object", "required": [ "kind", "namespace" ] }, "google-native:dns/v1beta2:ManagedZoneVisibility": { "description": "The zone's visibility: public zones are exposed to the Internet, while private zones are visible only to Virtual Private Cloud resources.", "type": "string", "enum": [ { "name": "Public", "value": "public" }, { "name": "Private", "value": "private" } ] }, "google-native:dns/v1beta2:PolicyAlternativeNameServerConfig": { "properties": { "kind": { "type": "string" }, "targetNameServers": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1beta2:PolicyAlternativeNameServerConfigTargetNameServer" }, "description": "Sets an alternative name server for the associated networks. When specified, all DNS queries are forwarded to a name server that you choose. Names such as .internal are not available when an alternative name server is specified." } }, "type": "object" }, "google-native:dns/v1beta2:PolicyAlternativeNameServerConfigResponse": { "properties": { "kind": { "type": "string" }, "targetNameServers": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1beta2:PolicyAlternativeNameServerConfigTargetNameServerResponse" }, "description": "Sets an alternative name server for the associated networks. When specified, all DNS queries are forwarded to a name server that you choose. Names such as .internal are not available when an alternative name server is specified." } }, "type": "object", "required": [ "kind", "targetNameServers" ] }, "google-native:dns/v1beta2:PolicyAlternativeNameServerConfigTargetNameServer": { "properties": { "forwardingPath": { "$ref": "#/types/google-native:dns%2Fv1beta2:PolicyAlternativeNameServerConfigTargetNameServerForwardingPath", "description": "Forwarding path for this TargetNameServer. If unset or set to DEFAULT, Cloud DNS makes forwarding decisions based on address ranges; that is, RFC1918 addresses go to the VPC network, non-RFC1918 addresses go to the internet. When set to PRIVATE, Cloud DNS always sends queries through the VPC network for this target." }, "ipv4Address": { "type": "string", "description": "IPv4 address to forward queries to." }, "ipv6Address": { "type": "string", "description": "IPv6 address to forward to. Does not accept both fields (ipv4 & ipv6) being populated. Public preview as of November 2022." }, "kind": { "type": "string" } }, "type": "object" }, "google-native:dns/v1beta2:PolicyAlternativeNameServerConfigTargetNameServerForwardingPath": { "description": "Forwarding path for this TargetNameServer. If unset or set to DEFAULT, Cloud DNS makes forwarding decisions based on address ranges; that is, RFC1918 addresses go to the VPC network, non-RFC1918 addresses go to the internet. When set to PRIVATE, Cloud DNS always sends queries through the VPC network for this target.", "type": "string", "enum": [ { "name": "Default", "description": "Cloud DNS makes forwarding decision based on IP address ranges; that is, RFC1918 addresses forward to the target through the VPC and non-RFC1918 addresses forward to the target through the internet", "value": "default" }, { "name": "Private", "description": "Cloud DNS always forwards to this target through the VPC.", "value": "private" } ] }, "google-native:dns/v1beta2:PolicyAlternativeNameServerConfigTargetNameServerResponse": { "properties": { "forwardingPath": { "type": "string", "description": "Forwarding path for this TargetNameServer. If unset or set to DEFAULT, Cloud DNS makes forwarding decisions based on address ranges; that is, RFC1918 addresses go to the VPC network, non-RFC1918 addresses go to the internet. When set to PRIVATE, Cloud DNS always sends queries through the VPC network for this target." }, "ipv4Address": { "type": "string", "description": "IPv4 address to forward queries to." }, "ipv6Address": { "type": "string", "description": "IPv6 address to forward to. Does not accept both fields (ipv4 & ipv6) being populated. Public preview as of November 2022." }, "kind": { "type": "string" } }, "type": "object", "required": [ "forwardingPath", "ipv4Address", "ipv6Address", "kind" ] }, "google-native:dns/v1beta2:PolicyNetwork": { "properties": { "kind": { "type": "string" }, "networkUrl": { "type": "string", "description": "The fully qualified URL of the VPC network to bind to. This should be formatted like https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}" } }, "type": "object" }, "google-native:dns/v1beta2:PolicyNetworkResponse": { "properties": { "kind": { "type": "string" }, "networkUrl": { "type": "string", "description": "The fully qualified URL of the VPC network to bind to. This should be formatted like https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}" } }, "type": "object", "required": [ "kind", "networkUrl" ] }, "google-native:dns/v1beta2:RRSetRoutingPolicy": { "description": "A RRSetRoutingPolicy represents ResourceRecordSet data that is returned dynamically with the response varying based on configured properties such as geolocation or by weighted random selection.", "properties": { "geo": { "$ref": "#/types/google-native:dns%2Fv1beta2:RRSetRoutingPolicyGeoPolicy" }, "geoPolicy": { "$ref": "#/types/google-native:dns%2Fv1beta2:RRSetRoutingPolicyGeoPolicy" }, "kind": { "type": "string" }, "primaryBackup": { "$ref": "#/types/google-native:dns%2Fv1beta2:RRSetRoutingPolicyPrimaryBackupPolicy" }, "wrr": { "$ref": "#/types/google-native:dns%2Fv1beta2:RRSetRoutingPolicyWrrPolicy" }, "wrrPolicy": { "$ref": "#/types/google-native:dns%2Fv1beta2:RRSetRoutingPolicyWrrPolicy" } }, "type": "object" }, "google-native:dns/v1beta2:RRSetRoutingPolicyGeoPolicy": { "description": "Configures a RRSetRoutingPolicy that routes based on the geo location of the querying user.", "properties": { "enableFencing": { "type": "boolean", "description": "Without fencing, if health check fails for all configured items in the current geo bucket, we failover to the next nearest geo bucket. With fencing, if health checking is enabled, as long as some targets in the current geo bucket are healthy, we return only the healthy targets. However, if all targets are unhealthy, we don't failover to the next nearest bucket; instead, we return all the items in the current bucket even when all targets are unhealthy." }, "items": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1beta2:RRSetRoutingPolicyGeoPolicyGeoPolicyItem" }, "description": "The primary geo routing configuration. If there are multiple items with the same location, an error is returned instead." }, "kind": { "type": "string" } }, "type": "object" }, "google-native:dns/v1beta2:RRSetRoutingPolicyGeoPolicyGeoPolicyItem": { "description": "ResourceRecordSet data for one geo location.", "properties": { "healthCheckedTargets": { "$ref": "#/types/google-native:dns%2Fv1beta2:RRSetRoutingPolicyHealthCheckTargets", "description": "For A and AAAA types only. Endpoints to return in the query result only if they are healthy. These can be specified along with rrdata within this item." }, "kind": { "type": "string" }, "location": { "type": "string", "description": "The geo-location granularity is a GCP region. This location string should correspond to a GCP region. e.g. \"us-east1\", \"southamerica-east1\", \"asia-east1\", etc." }, "rrdatas": { "type": "array", "items": { "type": "string" } }, "signatureRrdatas": { "type": "array", "items": { "type": "string" }, "description": "DNSSEC generated signatures for all the rrdata within this item. If health checked targets are provided for DNSSEC enabled zones, there's a restriction of 1 IP address per item." } }, "type": "object" }, "google-native:dns/v1beta2:RRSetRoutingPolicyGeoPolicyGeoPolicyItemResponse": { "description": "ResourceRecordSet data for one geo location.", "properties": { "healthCheckedTargets": { "$ref": "#/types/google-native:dns%2Fv1beta2:RRSetRoutingPolicyHealthCheckTargetsResponse", "description": "For A and AAAA types only. Endpoints to return in the query result only if they are healthy. These can be specified along with rrdata within this item." }, "kind": { "type": "string" }, "location": { "type": "string", "description": "The geo-location granularity is a GCP region. This location string should correspond to a GCP region. e.g. \"us-east1\", \"southamerica-east1\", \"asia-east1\", etc." }, "rrdatas": { "type": "array", "items": { "type": "string" } }, "signatureRrdatas": { "type": "array", "items": { "type": "string" }, "description": "DNSSEC generated signatures for all the rrdata within this item. If health checked targets are provided for DNSSEC enabled zones, there's a restriction of 1 IP address per item." } }, "type": "object", "required": [ "healthCheckedTargets", "kind", "location", "rrdatas", "signatureRrdatas" ] }, "google-native:dns/v1beta2:RRSetRoutingPolicyGeoPolicyResponse": { "description": "Configures a RRSetRoutingPolicy that routes based on the geo location of the querying user.", "properties": { "enableFencing": { "type": "boolean", "description": "Without fencing, if health check fails for all configured items in the current geo bucket, we failover to the next nearest geo bucket. With fencing, if health checking is enabled, as long as some targets in the current geo bucket are healthy, we return only the healthy targets. However, if all targets are unhealthy, we don't failover to the next nearest bucket; instead, we return all the items in the current bucket even when all targets are unhealthy." }, "items": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1beta2:RRSetRoutingPolicyGeoPolicyGeoPolicyItemResponse" }, "description": "The primary geo routing configuration. If there are multiple items with the same location, an error is returned instead." }, "kind": { "type": "string" } }, "type": "object", "required": [ "enableFencing", "items", "kind" ] }, "google-native:dns/v1beta2:RRSetRoutingPolicyHealthCheckTargets": { "description": "HealthCheckTargets describes endpoints to health-check when responding to Routing Policy queries. Only the healthy endpoints will be included in the response.", "properties": { "internalLoadBalancers": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1beta2:RRSetRoutingPolicyLoadBalancerTarget" } } }, "type": "object" }, "google-native:dns/v1beta2:RRSetRoutingPolicyHealthCheckTargetsResponse": { "description": "HealthCheckTargets describes endpoints to health-check when responding to Routing Policy queries. Only the healthy endpoints will be included in the response.", "properties": { "internalLoadBalancers": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1beta2:RRSetRoutingPolicyLoadBalancerTargetResponse" } } }, "type": "object", "required": [ "internalLoadBalancers" ] }, "google-native:dns/v1beta2:RRSetRoutingPolicyLoadBalancerTarget": { "description": "The configuration for an individual load balancer to health check.", "properties": { "ipAddress": { "type": "string", "description": "The frontend IP address of the load balancer to health check." }, "ipProtocol": { "$ref": "#/types/google-native:dns%2Fv1beta2:RRSetRoutingPolicyLoadBalancerTargetIpProtocol", "description": "The protocol of the load balancer to health check." }, "kind": { "type": "string" }, "loadBalancerType": { "$ref": "#/types/google-native:dns%2Fv1beta2:RRSetRoutingPolicyLoadBalancerTargetLoadBalancerType", "description": "The type of load balancer specified by this target. This value must match the configuration of the load balancer located at the LoadBalancerTarget's IP address, port, and region. Use the following: - *regionalL4ilb*: for a regional internal passthrough Network Load Balancer. - *regionalL7ilb*: for a regional internal Application Load Balancer. - *globalL7ilb*: for a global internal Application Load Balancer. " }, "networkUrl": { "type": "string", "description": "The fully qualified URL of the network that the load balancer is attached to. This should be formatted like https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network} ." }, "port": { "type": "string", "description": "The configured port of the load balancer." }, "project": { "type": "string", "description": "The project ID in which the load balancer is located." }, "region": { "type": "string", "description": "The region in which the load balancer is located." } }, "type": "object" }, "google-native:dns/v1beta2:RRSetRoutingPolicyLoadBalancerTargetIpProtocol": { "description": "The protocol of the load balancer to health check.", "type": "string", "enum": [ { "name": "Undefined", "value": "undefined" }, { "name": "Tcp", "value": "tcp" }, { "name": "Udp", "value": "udp" } ] }, "google-native:dns/v1beta2:RRSetRoutingPolicyLoadBalancerTargetLoadBalancerType": { "description": "The type of load balancer specified by this target. This value must match the configuration of the load balancer located at the LoadBalancerTarget's IP address, port, and region. Use the following: - *regionalL4ilb*: for a regional internal passthrough Network Load Balancer. - *regionalL7ilb*: for a regional internal Application Load Balancer. - *globalL7ilb*: for a global internal Application Load Balancer. ", "type": "string", "enum": [ { "name": "None", "value": "none" }, { "name": "GlobalL7ilb", "value": "globalL7ilb" }, { "name": "RegionalL4ilb", "value": "regionalL4ilb" }, { "name": "RegionalL7ilb", "value": "regionalL7ilb" } ] }, "google-native:dns/v1beta2:RRSetRoutingPolicyLoadBalancerTargetResponse": { "description": "The configuration for an individual load balancer to health check.", "properties": { "ipAddress": { "type": "string", "description": "The frontend IP address of the load balancer to health check." }, "ipProtocol": { "type": "string", "description": "The protocol of the load balancer to health check." }, "kind": { "type": "string" }, "loadBalancerType": { "type": "string", "description": "The type of load balancer specified by this target. This value must match the configuration of the load balancer located at the LoadBalancerTarget's IP address, port, and region. Use the following: - *regionalL4ilb*: for a regional internal passthrough Network Load Balancer. - *regionalL7ilb*: for a regional internal Application Load Balancer. - *globalL7ilb*: for a global internal Application Load Balancer. " }, "networkUrl": { "type": "string", "description": "The fully qualified URL of the network that the load balancer is attached to. This should be formatted like https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network} ." }, "port": { "type": "string", "description": "The configured port of the load balancer." }, "project": { "type": "string", "description": "The project ID in which the load balancer is located." }, "region": { "type": "string", "description": "The region in which the load balancer is located." } }, "type": "object", "required": [ "ipAddress", "ipProtocol", "kind", "loadBalancerType", "networkUrl", "port", "project", "region" ] }, "google-native:dns/v1beta2:RRSetRoutingPolicyPrimaryBackupPolicy": { "description": "Configures a RRSetRoutingPolicy such that all queries are responded with the primary_targets if they are healthy. And if all of them are unhealthy, then we fallback to a geo localized policy.", "properties": { "backupGeoTargets": { "$ref": "#/types/google-native:dns%2Fv1beta2:RRSetRoutingPolicyGeoPolicy", "description": "Backup targets provide a regional failover policy for the otherwise global primary targets. If serving state is set to BACKUP, this policy essentially becomes a geo routing policy." }, "kind": { "type": "string" }, "primaryTargets": { "$ref": "#/types/google-native:dns%2Fv1beta2:RRSetRoutingPolicyHealthCheckTargets", "description": "Endpoints that are health checked before making the routing decision. Unhealthy endpoints are omitted from the results. If all endpoints are unhealthy, we serve a response based on the backup_geo_targets." }, "trickleTraffic": { "type": "number", "description": "When serving state is PRIMARY, this field provides the option of sending a small percentage of the traffic to the backup targets." } }, "type": "object" }, "google-native:dns/v1beta2:RRSetRoutingPolicyPrimaryBackupPolicyResponse": { "description": "Configures a RRSetRoutingPolicy such that all queries are responded with the primary_targets if they are healthy. And if all of them are unhealthy, then we fallback to a geo localized policy.", "properties": { "backupGeoTargets": { "$ref": "#/types/google-native:dns%2Fv1beta2:RRSetRoutingPolicyGeoPolicyResponse", "description": "Backup targets provide a regional failover policy for the otherwise global primary targets. If serving state is set to BACKUP, this policy essentially becomes a geo routing policy." }, "kind": { "type": "string" }, "primaryTargets": { "$ref": "#/types/google-native:dns%2Fv1beta2:RRSetRoutingPolicyHealthCheckTargetsResponse", "description": "Endpoints that are health checked before making the routing decision. Unhealthy endpoints are omitted from the results. If all endpoints are unhealthy, we serve a response based on the backup_geo_targets." }, "trickleTraffic": { "type": "number", "description": "When serving state is PRIMARY, this field provides the option of sending a small percentage of the traffic to the backup targets." } }, "type": "object", "required": [ "backupGeoTargets", "kind", "primaryTargets", "trickleTraffic" ] }, "google-native:dns/v1beta2:RRSetRoutingPolicyResponse": { "description": "A RRSetRoutingPolicy represents ResourceRecordSet data that is returned dynamically with the response varying based on configured properties such as geolocation or by weighted random selection.", "properties": { "geo": { "$ref": "#/types/google-native:dns%2Fv1beta2:RRSetRoutingPolicyGeoPolicyResponse" }, "geoPolicy": { "$ref": "#/types/google-native:dns%2Fv1beta2:RRSetRoutingPolicyGeoPolicyResponse" }, "kind": { "type": "string" }, "primaryBackup": { "$ref": "#/types/google-native:dns%2Fv1beta2:RRSetRoutingPolicyPrimaryBackupPolicyResponse" }, "wrr": { "$ref": "#/types/google-native:dns%2Fv1beta2:RRSetRoutingPolicyWrrPolicyResponse" }, "wrrPolicy": { "$ref": "#/types/google-native:dns%2Fv1beta2:RRSetRoutingPolicyWrrPolicyResponse" } }, "type": "object", "required": [ "geo", "geoPolicy", "kind", "primaryBackup", "wrr", "wrrPolicy" ] }, "google-native:dns/v1beta2:RRSetRoutingPolicyWrrPolicy": { "description": "Configures a RRSetRoutingPolicy that routes in a weighted round robin fashion.", "properties": { "items": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1beta2:RRSetRoutingPolicyWrrPolicyWrrPolicyItem" } }, "kind": { "type": "string" } }, "type": "object" }, "google-native:dns/v1beta2:RRSetRoutingPolicyWrrPolicyResponse": { "description": "Configures a RRSetRoutingPolicy that routes in a weighted round robin fashion.", "properties": { "items": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1beta2:RRSetRoutingPolicyWrrPolicyWrrPolicyItemResponse" } }, "kind": { "type": "string" } }, "type": "object", "required": [ "items", "kind" ] }, "google-native:dns/v1beta2:RRSetRoutingPolicyWrrPolicyWrrPolicyItem": { "description": "A routing block which contains the routing information for one WRR item.", "properties": { "healthCheckedTargets": { "$ref": "#/types/google-native:dns%2Fv1beta2:RRSetRoutingPolicyHealthCheckTargets", "description": "Endpoints that are health checked before making the routing decision. The unhealthy endpoints are omitted from the result. If all endpoints within a bucket are unhealthy, we choose a different bucket (sampled with respect to its weight) for responding. If DNSSEC is enabled for this zone, only one of rrdata or health_checked_targets can be set." }, "kind": { "type": "string" }, "rrdatas": { "type": "array", "items": { "type": "string" } }, "signatureRrdatas": { "type": "array", "items": { "type": "string" }, "description": "DNSSEC generated signatures for all the rrdata within this item. Note that if health checked targets are provided for DNSSEC enabled zones, there's a restriction of 1 IP address per item." }, "weight": { "type": "number", "description": "The weight corresponding to this WrrPolicyItem object. When multiple WrrPolicyItem objects are configured, the probability of returning an WrrPolicyItem object's data is proportional to its weight relative to the sum of weights configured for all items. This weight must be non-negative." } }, "type": "object" }, "google-native:dns/v1beta2:RRSetRoutingPolicyWrrPolicyWrrPolicyItemResponse": { "description": "A routing block which contains the routing information for one WRR item.", "properties": { "healthCheckedTargets": { "$ref": "#/types/google-native:dns%2Fv1beta2:RRSetRoutingPolicyHealthCheckTargetsResponse", "description": "Endpoints that are health checked before making the routing decision. The unhealthy endpoints are omitted from the result. If all endpoints within a bucket are unhealthy, we choose a different bucket (sampled with respect to its weight) for responding. If DNSSEC is enabled for this zone, only one of rrdata or health_checked_targets can be set." }, "kind": { "type": "string" }, "rrdatas": { "type": "array", "items": { "type": "string" } }, "signatureRrdatas": { "type": "array", "items": { "type": "string" }, "description": "DNSSEC generated signatures for all the rrdata within this item. Note that if health checked targets are provided for DNSSEC enabled zones, there's a restriction of 1 IP address per item." }, "weight": { "type": "number", "description": "The weight corresponding to this WrrPolicyItem object. When multiple WrrPolicyItem objects are configured, the probability of returning an WrrPolicyItem object's data is proportional to its weight relative to the sum of weights configured for all items. This weight must be non-negative." } }, "type": "object", "required": [ "healthCheckedTargets", "kind", "rrdatas", "signatureRrdatas", "weight" ] }, "google-native:dns/v1beta2:ResourceRecordSet": { "description": "A unit of data that is returned by the DNS servers.", "properties": { "kind": { "type": "string" }, "name": { "type": "string", "description": "For example, www.example.com." }, "routingPolicy": { "$ref": "#/types/google-native:dns%2Fv1beta2:RRSetRoutingPolicy", "description": "Configures dynamic query responses based on either the geo location of the querying user or a weighted round robin based routing policy. A valid ResourceRecordSet contains only rrdata (for static resolution) or a routing_policy (for dynamic resolution)." }, "rrdatas": { "type": "array", "items": { "type": "string" }, "description": "As defined in RFC 1035 (section 5) and RFC 1034 (section 3.6.1) -- see examples." }, "signatureRrdatas": { "type": "array", "items": { "type": "string" }, "description": "As defined in RFC 4034 (section 3.2)." }, "ttl": { "type": "integer", "description": "Number of seconds that this ResourceRecordSet can be cached by resolvers." }, "type": { "type": "string", "description": "The identifier of a supported record type. See the list of Supported DNS record types." } }, "type": "object" }, "google-native:dns/v1beta2:ResourceRecordSetResponse": { "description": "A unit of data that is returned by the DNS servers.", "properties": { "kind": { "type": "string" }, "name": { "type": "string", "description": "For example, www.example.com." }, "routingPolicy": { "$ref": "#/types/google-native:dns%2Fv1beta2:RRSetRoutingPolicyResponse", "description": "Configures dynamic query responses based on either the geo location of the querying user or a weighted round robin based routing policy. A valid ResourceRecordSet contains only rrdata (for static resolution) or a routing_policy (for dynamic resolution)." }, "rrdatas": { "type": "array", "items": { "type": "string" }, "description": "As defined in RFC 1035 (section 5) and RFC 1034 (section 3.6.1) -- see examples." }, "signatureRrdatas": { "type": "array", "items": { "type": "string" }, "description": "As defined in RFC 4034 (section 3.2)." }, "ttl": { "type": "integer", "description": "Number of seconds that this ResourceRecordSet can be cached by resolvers." }, "type": { "type": "string", "description": "The identifier of a supported record type. See the list of Supported DNS record types." } }, "type": "object", "required": [ "kind", "name", "routingPolicy", "rrdatas", "signatureRrdatas", "ttl", "type" ] }, "google-native:dns/v1beta2:ResponsePolicyGKECluster": { "properties": { "gkeClusterName": { "type": "string", "description": "The resource name of the cluster to bind this response policy to. This should be specified in the format like: projects/*/locations/*/clusters/*. This is referenced from GKE projects.locations.clusters.get API: https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters/get" }, "kind": { "type": "string" } }, "type": "object" }, "google-native:dns/v1beta2:ResponsePolicyGKEClusterResponse": { "properties": { "gkeClusterName": { "type": "string", "description": "The resource name of the cluster to bind this response policy to. This should be specified in the format like: projects/*/locations/*/clusters/*. This is referenced from GKE projects.locations.clusters.get API: https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters/get" }, "kind": { "type": "string" } }, "type": "object", "required": [ "gkeClusterName", "kind" ] }, "google-native:dns/v1beta2:ResponsePolicyNetwork": { "properties": { "kind": { "type": "string" }, "networkUrl": { "type": "string", "description": "The fully qualified URL of the VPC network to bind to. This should be formatted like https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}" } }, "type": "object" }, "google-native:dns/v1beta2:ResponsePolicyNetworkResponse": { "properties": { "kind": { "type": "string" }, "networkUrl": { "type": "string", "description": "The fully qualified URL of the VPC network to bind to. This should be formatted like https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}" } }, "type": "object", "required": [ "kind", "networkUrl" ] }, "google-native:dns/v1beta2:ResponsePolicyRuleBehavior": { "description": "Answer this query with a behavior rather than DNS data.", "type": "string", "enum": [ { "name": "BehaviorUnspecified", "value": "behaviorUnspecified" }, { "name": "BypassResponsePolicy", "description": "Skip a less-specific ResponsePolicyRule and continue normal query logic. This can be used with a less-specific wildcard selector to exempt a subset of the wildcard ResponsePolicyRule from the ResponsePolicy behavior and query the public Internet instead. For instance, if these rules exist: *.example.com -> LocalData 1.2.3.4 foo.example.com -> Behavior 'bypassResponsePolicy' Then a query for 'foo.example.com' skips the wildcard. This additionally functions to facilitate the allowlist feature. RPZs can be applied to multiple levels in the (eventually org, folder, project, network) hierarchy. If a rule is applied at a higher level of the hierarchy, adding a passthru rule at a lower level will supersede that, and a query from an affected vm to that domain will be exempt from the RPZ and proceed to normal resolution behavior.", "value": "bypassResponsePolicy" } ] }, "google-native:dns/v1beta2:ResponsePolicyRuleLocalData": { "properties": { "localDatas": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1beta2:ResourceRecordSet" }, "description": "All resource record sets for this selector, one per resource record type. The name must match the dns_name." } }, "type": "object" }, "google-native:dns/v1beta2:ResponsePolicyRuleLocalDataResponse": { "properties": { "localDatas": { "type": "array", "items": { "$ref": "#/types/google-native:dns%2Fv1beta2:ResourceRecordSetResponse" }, "description": "All resource record sets for this selector, one per resource record type. The name must match the dns_name." } }, "type": "object", "required": [ "localDatas" ] }, "google-native:documentai/v1:GoogleCloudDocumentaiV1ProcessorVersionAliasResponse": { "description": "Contains the alias and the aliased resource name of processor version.", "properties": { "alias": { "type": "string", "description": "The alias in the form of `processor_version` resource name." }, "processorVersion": { "type": "string", "description": "The resource name of aliased processor version." } }, "type": "object", "required": [ "alias", "processorVersion" ] }, "google-native:documentai/v1beta3:GoogleCloudDocumentaiV1beta3ProcessorVersionAliasResponse": { "description": "Contains the alias and the aliased resource name of processor version.", "properties": { "alias": { "type": "string", "description": "The alias in the form of `processor_version` resource name." }, "processorVersion": { "type": "string", "description": "The resource name of aliased processor version." } }, "type": "object", "required": [ "alias", "processorVersion" ] }, "google-native:domains/v1:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:domains%2Fv1:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:domains/v1:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:domains%2Fv1:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:domains/v1:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:domains%2Fv1:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:domains/v1:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:domains/v1:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:domains/v1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:domains%2Fv1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:domains/v1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:domains%2Fv1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:domains/v1:Contact": { "description": "Details required for a contact associated with a `Registration`.", "properties": { "email": { "type": "string", "description": "Email address of the contact." }, "faxNumber": { "type": "string", "description": "Fax number of the contact in international format. For example, `\"+1-800-555-0123\"`." }, "phoneNumber": { "type": "string", "description": "Phone number of the contact in international format. For example, `\"+1-800-555-0123\"`." }, "postalAddress": { "$ref": "#/types/google-native:domains%2Fv1:PostalAddress", "description": "Postal address of the contact." } }, "type": "object", "required": [ "email", "phoneNumber", "postalAddress" ] }, "google-native:domains/v1:ContactResponse": { "description": "Details required for a contact associated with a `Registration`.", "properties": { "email": { "type": "string", "description": "Email address of the contact." }, "faxNumber": { "type": "string", "description": "Fax number of the contact in international format. For example, `\"+1-800-555-0123\"`." }, "phoneNumber": { "type": "string", "description": "Phone number of the contact in international format. For example, `\"+1-800-555-0123\"`." }, "postalAddress": { "$ref": "#/types/google-native:domains%2Fv1:PostalAddressResponse", "description": "Postal address of the contact." } }, "type": "object", "required": [ "email", "faxNumber", "phoneNumber", "postalAddress" ] }, "google-native:domains/v1:ContactSettings": { "description": "Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain's legal owner, and often the other contacts are identical.", "properties": { "adminContact": { "$ref": "#/types/google-native:domains%2Fv1:Contact", "description": "The administrative contact for the `Registration`." }, "privacy": { "$ref": "#/types/google-native:domains%2Fv1:ContactSettingsPrivacy", "description": "Privacy setting for the contacts associated with the `Registration`." }, "registrantContact": { "$ref": "#/types/google-native:domains%2Fv1:Contact", "description": "The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*" }, "technicalContact": { "$ref": "#/types/google-native:domains%2Fv1:Contact", "description": "The technical contact for the `Registration`." } }, "type": "object", "required": [ "adminContact", "privacy", "registrantContact", "technicalContact" ] }, "google-native:domains/v1:ContactSettingsPrivacy": { "description": "Required. Privacy setting for the contacts associated with the `Registration`.", "type": "string", "enum": [ { "name": "ContactPrivacyUnspecified", "description": "The contact privacy settings are undefined.", "value": "CONTACT_PRIVACY_UNSPECIFIED" }, { "name": "PublicContactData", "description": "All the data from `ContactSettings` is publicly available. When setting this option, you must also provide a `PUBLIC_CONTACT_DATA_ACKNOWLEDGEMENT` in the `contact_notices` field of the request.", "value": "PUBLIC_CONTACT_DATA" }, { "name": "PrivateContactData", "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) None of the data from `ContactSettings` is publicly available. Instead, proxy contact data is published for your domain. Email sent to the proxy email address is forwarded to the registrant's email address. Cloud Domains provides this privacy proxy service at no additional cost.", "value": "PRIVATE_CONTACT_DATA" }, { "name": "RedactedContactData", "description": "The organization name (if provided) and limited non-identifying data from `ContactSettings` is available to the public (e.g. country and state). The remaining data is marked as `REDACTED FOR PRIVACY` in the WHOIS database. The actual information redacted depends on the domain. For details, see [the registration privacy article](https://support.google.com/domains/answer/3251242).", "value": "REDACTED_CONTACT_DATA" } ] }, "google-native:domains/v1:ContactSettingsResponse": { "description": "Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain's legal owner, and often the other contacts are identical.", "properties": { "adminContact": { "$ref": "#/types/google-native:domains%2Fv1:ContactResponse", "description": "The administrative contact for the `Registration`." }, "privacy": { "type": "string", "description": "Privacy setting for the contacts associated with the `Registration`." }, "registrantContact": { "$ref": "#/types/google-native:domains%2Fv1:ContactResponse", "description": "The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*" }, "technicalContact": { "$ref": "#/types/google-native:domains%2Fv1:ContactResponse", "description": "The technical contact for the `Registration`." } }, "type": "object", "required": [ "adminContact", "privacy", "registrantContact", "technicalContact" ] }, "google-native:domains/v1:CustomDns": { "description": "Configuration for an arbitrary DNS provider.", "properties": { "dsRecords": { "type": "array", "items": { "$ref": "#/types/google-native:domains%2Fv1:DsRecord" }, "description": "The list of DS records for this domain, which are used to enable DNSSEC. The domain's DNS provider can provide the values to set here. If this field is empty, DNSSEC is disabled." }, "nameServers": { "type": "array", "items": { "type": "string" }, "description": "A list of name servers that store the DNS zone for this domain. Each name server is a domain name, with Unicode domain names expressed in Punycode format." } }, "type": "object", "required": [ "nameServers" ] }, "google-native:domains/v1:CustomDnsResponse": { "description": "Configuration for an arbitrary DNS provider.", "properties": { "dsRecords": { "type": "array", "items": { "$ref": "#/types/google-native:domains%2Fv1:DsRecordResponse" }, "description": "The list of DS records for this domain, which are used to enable DNSSEC. The domain's DNS provider can provide the values to set here. If this field is empty, DNSSEC is disabled." }, "nameServers": { "type": "array", "items": { "type": "string" }, "description": "A list of name servers that store the DNS zone for this domain. Each name server is a domain name, with Unicode domain names expressed in Punycode format." } }, "type": "object", "required": [ "dsRecords", "nameServers" ] }, "google-native:domains/v1:DnsSettings": { "description": "Defines the DNS configuration of a `Registration`, including name servers, DNSSEC, and glue records.", "properties": { "customDns": { "$ref": "#/types/google-native:domains%2Fv1:CustomDns", "description": "An arbitrary DNS provider identified by its name servers." }, "glueRecords": { "type": "array", "items": { "$ref": "#/types/google-native:domains%2Fv1:GlueRecord" }, "description": "The list of glue records for this `Registration`. Commonly empty." }, "googleDomainsDns": { "$ref": "#/types/google-native:domains%2Fv1:GoogleDomainsDns", "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) The free DNS zone provided by [Google Domains](https://domains.google/).", "deprecationMessage": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) The free DNS zone provided by [Google Domains](https://domains.google/)." } }, "type": "object" }, "google-native:domains/v1:DnsSettingsResponse": { "description": "Defines the DNS configuration of a `Registration`, including name servers, DNSSEC, and glue records.", "properties": { "customDns": { "$ref": "#/types/google-native:domains%2Fv1:CustomDnsResponse", "description": "An arbitrary DNS provider identified by its name servers." }, "glueRecords": { "type": "array", "items": { "$ref": "#/types/google-native:domains%2Fv1:GlueRecordResponse" }, "description": "The list of glue records for this `Registration`. Commonly empty." }, "googleDomainsDns": { "$ref": "#/types/google-native:domains%2Fv1:GoogleDomainsDnsResponse", "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) The free DNS zone provided by [Google Domains](https://domains.google/).", "deprecationMessage": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) The free DNS zone provided by [Google Domains](https://domains.google/)." } }, "type": "object", "required": [ "customDns", "glueRecords", "googleDomainsDns" ] }, "google-native:domains/v1:DsRecord": { "description": "Defines a Delegation Signer (DS) record, which is needed to enable DNSSEC for a domain. It contains a digest (hash) of a DNSKEY record that must be present in the domain's DNS zone.", "properties": { "algorithm": { "$ref": "#/types/google-native:domains%2Fv1:DsRecordAlgorithm", "description": "The algorithm used to generate the referenced DNSKEY." }, "digest": { "type": "string", "description": "The digest generated from the referenced DNSKEY." }, "digestType": { "$ref": "#/types/google-native:domains%2Fv1:DsRecordDigestType", "description": "The hash function used to generate the digest of the referenced DNSKEY." }, "keyTag": { "type": "integer", "description": "The key tag of the record. Must be set in range 0 -- 65535." } }, "type": "object" }, "google-native:domains/v1:DsRecordAlgorithm": { "description": "The algorithm used to generate the referenced DNSKEY.", "type": "string", "enum": [ { "name": "AlgorithmUnspecified", "description": "The algorithm is unspecified.", "value": "ALGORITHM_UNSPECIFIED" }, { "name": "Rsamd5", "description": "RSA/MD5. Cannot be used for new deployments.", "value": "RSAMD5" }, { "name": "Dh", "description": "Diffie-Hellman. Cannot be used for new deployments.", "value": "DH" }, { "name": "Dsa", "description": "DSA/SHA1. Not recommended for new deployments.", "value": "DSA" }, { "name": "Ecc", "description": "ECC. Not recommended for new deployments.", "value": "ECC" }, { "name": "Rsasha1", "description": "RSA/SHA-1. Not recommended for new deployments.", "value": "RSASHA1" }, { "name": "Dsansec3sha1", "description": "DSA-NSEC3-SHA1. Not recommended for new deployments.", "value": "DSANSEC3SHA1" }, { "name": "Rsasha1nsec3sha1", "description": "RSA/SHA1-NSEC3-SHA1. Not recommended for new deployments.", "value": "RSASHA1NSEC3SHA1" }, { "name": "Rsasha256", "description": "RSA/SHA-256.", "value": "RSASHA256" }, { "name": "Rsasha512", "description": "RSA/SHA-512.", "value": "RSASHA512" }, { "name": "Eccgost", "description": "GOST R 34.10-2001.", "value": "ECCGOST" }, { "name": "Ecdsap256sha256", "description": "ECDSA Curve P-256 with SHA-256.", "value": "ECDSAP256SHA256" }, { "name": "Ecdsap384sha384", "description": "ECDSA Curve P-384 with SHA-384.", "value": "ECDSAP384SHA384" }, { "name": "Ed25519", "description": "Ed25519.", "value": "ED25519" }, { "name": "Ed448", "description": "Ed448.", "value": "ED448" }, { "name": "Indirect", "description": "Reserved for Indirect Keys. Cannot be used for new deployments.", "value": "INDIRECT" }, { "name": "Privatedns", "description": "Private algorithm. Cannot be used for new deployments.", "value": "PRIVATEDNS" }, { "name": "Privateoid", "description": "Private algorithm OID. Cannot be used for new deployments.", "value": "PRIVATEOID" } ] }, "google-native:domains/v1:DsRecordDigestType": { "description": "The hash function used to generate the digest of the referenced DNSKEY.", "type": "string", "enum": [ { "name": "DigestTypeUnspecified", "description": "The DigestType is unspecified.", "value": "DIGEST_TYPE_UNSPECIFIED" }, { "name": "Sha1", "description": "SHA-1. Not recommended for new deployments.", "value": "SHA1" }, { "name": "Sha256", "description": "SHA-256.", "value": "SHA256" }, { "name": "Gost3411", "description": "GOST R 34.11-94.", "value": "GOST3411" }, { "name": "Sha384", "description": "SHA-384.", "value": "SHA384" } ] }, "google-native:domains/v1:DsRecordResponse": { "description": "Defines a Delegation Signer (DS) record, which is needed to enable DNSSEC for a domain. It contains a digest (hash) of a DNSKEY record that must be present in the domain's DNS zone.", "properties": { "algorithm": { "type": "string", "description": "The algorithm used to generate the referenced DNSKEY." }, "digest": { "type": "string", "description": "The digest generated from the referenced DNSKEY." }, "digestType": { "type": "string", "description": "The hash function used to generate the digest of the referenced DNSKEY." }, "keyTag": { "type": "integer", "description": "The key tag of the record. Must be set in range 0 -- 65535." } }, "type": "object", "required": [ "algorithm", "digest", "digestType", "keyTag" ] }, "google-native:domains/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:domains/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:domains/v1:GlueRecord": { "description": "Defines a host on your domain that is a DNS name server for your domain and/or other domains. Glue records are a way of making the IP address of a name server known, even when it serves DNS queries for its parent domain. For example, when `ns.example.com` is a name server for `example.com`, the host `ns.example.com` must have a glue record to break the circular DNS reference.", "properties": { "hostName": { "type": "string", "description": "Domain name of the host in Punycode format." }, "ipv4Addresses": { "type": "array", "items": { "type": "string" }, "description": "List of IPv4 addresses corresponding to this host in the standard decimal format (e.g. `198.51.100.1`). At least one of `ipv4_address` and `ipv6_address` must be set." }, "ipv6Addresses": { "type": "array", "items": { "type": "string" }, "description": "List of IPv6 addresses corresponding to this host in the standard hexadecimal format (e.g. `2001:db8::`). At least one of `ipv4_address` and `ipv6_address` must be set." } }, "type": "object", "required": [ "hostName" ] }, "google-native:domains/v1:GlueRecordResponse": { "description": "Defines a host on your domain that is a DNS name server for your domain and/or other domains. Glue records are a way of making the IP address of a name server known, even when it serves DNS queries for its parent domain. For example, when `ns.example.com` is a name server for `example.com`, the host `ns.example.com` must have a glue record to break the circular DNS reference.", "properties": { "hostName": { "type": "string", "description": "Domain name of the host in Punycode format." }, "ipv4Addresses": { "type": "array", "items": { "type": "string" }, "description": "List of IPv4 addresses corresponding to this host in the standard decimal format (e.g. `198.51.100.1`). At least one of `ipv4_address` and `ipv6_address` must be set." }, "ipv6Addresses": { "type": "array", "items": { "type": "string" }, "description": "List of IPv6 addresses corresponding to this host in the standard hexadecimal format (e.g. `2001:db8::`). At least one of `ipv4_address` and `ipv6_address` must be set." } }, "type": "object", "required": [ "hostName", "ipv4Addresses", "ipv6Addresses" ] }, "google-native:domains/v1:GoogleDomainsDns": { "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) Configuration for using the free DNS zone provided by Google Domains as a `Registration`'s `dns_provider`. You cannot configure the DNS zone itself using the API. To configure the DNS zone, go to [Google Domains](https://domains.google/).", "properties": { "dsState": { "$ref": "#/types/google-native:domains%2Fv1:GoogleDomainsDnsDsState", "description": "The state of DS records for this domain. Used to enable or disable automatic DNSSEC." } }, "type": "object", "required": [ "dsState" ] }, "google-native:domains/v1:GoogleDomainsDnsDsState": { "description": "Required. The state of DS records for this domain. Used to enable or disable automatic DNSSEC.", "type": "string", "enum": [ { "name": "DsStateUnspecified", "description": "DS state is unspecified.", "value": "DS_STATE_UNSPECIFIED" }, { "name": "DsRecordsUnpublished", "description": "DNSSEC is disabled for this domain. No DS records for this domain are published in the parent DNS zone.", "value": "DS_RECORDS_UNPUBLISHED" }, { "name": "DsRecordsPublished", "description": "DNSSEC is enabled for this domain. Appropriate DS records for this domain are published in the parent DNS zone. This option is valid only if the DNS zone referenced in the `Registration`'s `dns_provider` field is already DNSSEC-signed.", "value": "DS_RECORDS_PUBLISHED" } ] }, "google-native:domains/v1:GoogleDomainsDnsResponse": { "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) Configuration for using the free DNS zone provided by Google Domains as a `Registration`'s `dns_provider`. You cannot configure the DNS zone itself using the API. To configure the DNS zone, go to [Google Domains](https://domains.google/).", "properties": { "dsRecords": { "type": "array", "items": { "$ref": "#/types/google-native:domains%2Fv1:DsRecordResponse" }, "description": "The list of DS records published for this domain. The list is automatically populated when `ds_state` is `DS_RECORDS_PUBLISHED`, otherwise it remains empty." }, "dsState": { "type": "string", "description": "The state of DS records for this domain. Used to enable or disable automatic DNSSEC." }, "nameServers": { "type": "array", "items": { "type": "string" }, "description": "A list of name servers that store the DNS zone for this domain. Each name server is a domain name, with Unicode domain names expressed in Punycode format. This field is automatically populated with the name servers assigned to the Google Domains DNS zone." } }, "type": "object", "required": [ "dsRecords", "dsState", "nameServers" ] }, "google-native:domains/v1:ManagementSettings": { "description": "Defines renewal, billing, and transfer settings for a `Registration`.", "properties": { "preferredRenewalMethod": { "$ref": "#/types/google-native:domains%2Fv1:ManagementSettingsPreferredRenewalMethod", "description": "Optional. The desired renewal method for this `Registration`. The actual `renewal_method` is automatically updated to reflect this choice. If unset or equal to `RENEWAL_METHOD_UNSPECIFIED`, it will be treated as if it were set to `AUTOMATIC_RENEWAL`. Can't be set to `RENEWAL_DISABLED` during resource creation and can only be updated when the `Registration` resource has state `ACTIVE` or `SUSPENDED`. When `preferred_renewal_method` is set to `AUTOMATIC_RENEWAL` the actual `renewal_method` can be set to `RENEWAL_DISABLED` in case of e.g. problems with the Billing Account or reported domain abuse. In such cases check the `issues` field on the `Registration`. After the problem is resolved the `renewal_method` will be automatically updated to `preferred_renewal_method` in a few hours." }, "transferLockState": { "$ref": "#/types/google-native:domains%2Fv1:ManagementSettingsTransferLockState", "description": "Controls whether the domain can be transferred to another registrar." } }, "type": "object" }, "google-native:domains/v1:ManagementSettingsPreferredRenewalMethod": { "description": "Optional. The desired renewal method for this `Registration`. The actual `renewal_method` is automatically updated to reflect this choice. If unset or equal to `RENEWAL_METHOD_UNSPECIFIED`, it will be treated as if it were set to `AUTOMATIC_RENEWAL`. Can't be set to `RENEWAL_DISABLED` during resource creation and can only be updated when the `Registration` resource has state `ACTIVE` or `SUSPENDED`. When `preferred_renewal_method` is set to `AUTOMATIC_RENEWAL` the actual `renewal_method` can be set to `RENEWAL_DISABLED` in case of e.g. problems with the Billing Account or reported domain abuse. In such cases check the `issues` field on the `Registration`. After the problem is resolved the `renewal_method` will be automatically updated to `preferred_renewal_method` in a few hours.", "type": "string", "enum": [ { "name": "RenewalMethodUnspecified", "description": "The renewal method is undefined.", "value": "RENEWAL_METHOD_UNSPECIFIED" }, { "name": "AutomaticRenewal", "description": "The domain is automatically renewed each year.", "value": "AUTOMATIC_RENEWAL" }, { "name": "ManualRenewal", "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) This option was never used. Use RENEWAL_DISABLED instead.", "value": "MANUAL_RENEWAL" }, { "name": "RenewalDisabled", "description": "The domain won't be renewed and will expire at its expiration time.", "value": "RENEWAL_DISABLED" } ] }, "google-native:domains/v1:ManagementSettingsResponse": { "description": "Defines renewal, billing, and transfer settings for a `Registration`.", "properties": { "preferredRenewalMethod": { "type": "string", "description": "Optional. The desired renewal method for this `Registration`. The actual `renewal_method` is automatically updated to reflect this choice. If unset or equal to `RENEWAL_METHOD_UNSPECIFIED`, it will be treated as if it were set to `AUTOMATIC_RENEWAL`. Can't be set to `RENEWAL_DISABLED` during resource creation and can only be updated when the `Registration` resource has state `ACTIVE` or `SUSPENDED`. When `preferred_renewal_method` is set to `AUTOMATIC_RENEWAL` the actual `renewal_method` can be set to `RENEWAL_DISABLED` in case of e.g. problems with the Billing Account or reported domain abuse. In such cases check the `issues` field on the `Registration`. After the problem is resolved the `renewal_method` will be automatically updated to `preferred_renewal_method` in a few hours." }, "renewalMethod": { "type": "string", "description": "The actual renewal method for this `Registration`. When `preferred_renewal_method` is set to `AUTOMATIC_RENEWAL` the actual `renewal_method` can be equal to `RENEWAL_DISABLED` in case of e.g. problems with the Billing Account or reported domain abuse. In such cases check the `issues` field on the `Registration`. After the problem is resolved the `renewal_method` will be automatically updated to `preferred_renewal_method` in a few hours." }, "transferLockState": { "type": "string", "description": "Controls whether the domain can be transferred to another registrar." } }, "type": "object", "required": [ "preferredRenewalMethod", "renewalMethod", "transferLockState" ] }, "google-native:domains/v1:ManagementSettingsTransferLockState": { "description": "Controls whether the domain can be transferred to another registrar.", "type": "string", "enum": [ { "name": "TransferLockStateUnspecified", "description": "The state is unspecified.", "value": "TRANSFER_LOCK_STATE_UNSPECIFIED" }, { "name": "Unlocked", "description": "The domain is unlocked and can be transferred to another registrar.", "value": "UNLOCKED" }, { "name": "Locked", "description": "The domain is locked and cannot be transferred to another registrar.", "value": "LOCKED" } ] }, "google-native:domains/v1:Money": { "description": "Represents an amount of money with its currency type.", "properties": { "currencyCode": { "type": "string", "description": "The three-letter currency code defined in ISO 4217." }, "nanos": { "type": "integer", "description": "Number of nano (10^-9) units of the amount. The value must be between -999,999,999 and +999,999,999 inclusive. If `units` is positive, `nanos` must be positive or zero. If `units` is zero, `nanos` can be positive, zero, or negative. If `units` is negative, `nanos` must be negative or zero. For example $-1.75 is represented as `units`=-1 and `nanos`=-750,000,000." }, "units": { "type": "string", "description": "The whole units of the amount. For example if `currencyCode` is `\"USD\"`, then 1 unit is one US dollar." } }, "type": "object" }, "google-native:domains/v1:PostalAddress": { "description": "Represents a postal address, e.g. for postal delivery or payments addresses. Given a postal address, a postal service can deliver items to a premise, P.O. Box or similar. It is not intended to model geographical locations (roads, towns, mountains). In typical usage an address would be created via user input or from importing existing data, depending on the type of process. Advice on address input / editing: - Use an internationalization-ready address widget such as https://github.com/google/libaddressinput) - Users should not be presented with UI elements for input or editing of fields outside countries where that field is used. For more guidance on how to use this schema, please see: https://support.google.com/business/answer/6397478", "properties": { "addressLines": { "type": "array", "items": { "type": "string" }, "description": "Unstructured address lines describing the lower levels of an address. Because values in address_lines do not have type information and may sometimes contain multiple values in a single field (e.g. \"Austin, TX\"), it is important that the line order is clear. The order of address lines should be \"envelope order\" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. \"ja\" for large-to-small ordering and \"ja-Latn\" or \"en\" for small-to-large). This way, the most specific line of an address can be selected based on the language. The minimum permitted structural representation of an address consists of a region_code with all remaining information placed in the address_lines. It would be possible to format such an address very approximately without geocoding, but no semantic reasoning could be made about any of the address components until it was at least partially resolved. Creating an address only containing a region_code and address_lines, and then geocoding is the recommended way to handle completely unstructured addresses (as opposed to guessing which parts of the address should be localities or administrative areas)." }, "administrativeArea": { "type": "string", "description": "Optional. Highest administrative subdivision which is used for postal addresses of a country or region. For example, this can be a state, a province, an oblast, or a prefecture. Specifically, for Spain this is the province and not the autonomous community (e.g. \"Barcelona\" and not \"Catalonia\"). Many countries don't use an administrative area in postal addresses. E.g. in Switzerland this should be left unpopulated." }, "languageCode": { "type": "string", "description": "Optional. BCP-47 language code of the contents of this address (if known). This is often the UI language of the input form or is expected to match one of the languages used in the address' country/region, or their transliterated equivalents. This can affect formatting in certain countries, but is not critical to the correctness of the data and will never affect any validation or other non-formatting related operations. If this value is not known, it should be omitted (rather than specifying a possibly incorrect default). Examples: \"zh-Hant\", \"ja\", \"ja-Latn\", \"en\"." }, "locality": { "type": "string", "description": "Optional. Generally refers to the city/town portion of the address. Examples: US city, IT comune, UK post town. In regions of the world where localities are not well defined or do not fit into this structure well, leave locality empty and use address_lines." }, "organization": { "type": "string", "description": "Optional. The name of the organization at the address." }, "postalCode": { "type": "string", "description": "Optional. Postal code of the address. Not all countries use or require postal codes to be present, but where they are used, they may trigger additional validation with other parts of the address (e.g. state/zip validation in the U.S.A.)." }, "recipients": { "type": "array", "items": { "type": "string" }, "description": "Optional. The recipient at the address. This field may, under certain circumstances, contain multiline information. For example, it might contain \"care of\" information." }, "regionCode": { "type": "string", "description": "CLDR region code of the country/region of the address. This is never inferred and it is up to the user to ensure the value is correct. See https://cldr.unicode.org/ and https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html for details. Example: \"CH\" for Switzerland." }, "revision": { "type": "integer", "description": "The schema revision of the `PostalAddress`. This must be set to 0, which is the latest revision. All new revisions **must** be backward compatible with old revisions." }, "sortingCode": { "type": "string", "description": "Optional. Additional, country-specific, sorting code. This is not used in most regions. Where it is used, the value is either a string like \"CEDEX\", optionally followed by a number (e.g. \"CEDEX 7\"), or just a number alone, representing the \"sector code\" (Jamaica), \"delivery area indicator\" (Malawi) or \"post office indicator\" (e.g. Côte d'Ivoire)." }, "sublocality": { "type": "string", "description": "Optional. Sublocality of the address. For example, this can be neighborhoods, boroughs, districts." } }, "type": "object", "required": [ "regionCode" ] }, "google-native:domains/v1:PostalAddressResponse": { "description": "Represents a postal address, e.g. for postal delivery or payments addresses. Given a postal address, a postal service can deliver items to a premise, P.O. Box or similar. It is not intended to model geographical locations (roads, towns, mountains). In typical usage an address would be created via user input or from importing existing data, depending on the type of process. Advice on address input / editing: - Use an internationalization-ready address widget such as https://github.com/google/libaddressinput) - Users should not be presented with UI elements for input or editing of fields outside countries where that field is used. For more guidance on how to use this schema, please see: https://support.google.com/business/answer/6397478", "properties": { "addressLines": { "type": "array", "items": { "type": "string" }, "description": "Unstructured address lines describing the lower levels of an address. Because values in address_lines do not have type information and may sometimes contain multiple values in a single field (e.g. \"Austin, TX\"), it is important that the line order is clear. The order of address lines should be \"envelope order\" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. \"ja\" for large-to-small ordering and \"ja-Latn\" or \"en\" for small-to-large). This way, the most specific line of an address can be selected based on the language. The minimum permitted structural representation of an address consists of a region_code with all remaining information placed in the address_lines. It would be possible to format such an address very approximately without geocoding, but no semantic reasoning could be made about any of the address components until it was at least partially resolved. Creating an address only containing a region_code and address_lines, and then geocoding is the recommended way to handle completely unstructured addresses (as opposed to guessing which parts of the address should be localities or administrative areas)." }, "administrativeArea": { "type": "string", "description": "Optional. Highest administrative subdivision which is used for postal addresses of a country or region. For example, this can be a state, a province, an oblast, or a prefecture. Specifically, for Spain this is the province and not the autonomous community (e.g. \"Barcelona\" and not \"Catalonia\"). Many countries don't use an administrative area in postal addresses. E.g. in Switzerland this should be left unpopulated." }, "languageCode": { "type": "string", "description": "Optional. BCP-47 language code of the contents of this address (if known). This is often the UI language of the input form or is expected to match one of the languages used in the address' country/region, or their transliterated equivalents. This can affect formatting in certain countries, but is not critical to the correctness of the data and will never affect any validation or other non-formatting related operations. If this value is not known, it should be omitted (rather than specifying a possibly incorrect default). Examples: \"zh-Hant\", \"ja\", \"ja-Latn\", \"en\"." }, "locality": { "type": "string", "description": "Optional. Generally refers to the city/town portion of the address. Examples: US city, IT comune, UK post town. In regions of the world where localities are not well defined or do not fit into this structure well, leave locality empty and use address_lines." }, "organization": { "type": "string", "description": "Optional. The name of the organization at the address." }, "postalCode": { "type": "string", "description": "Optional. Postal code of the address. Not all countries use or require postal codes to be present, but where they are used, they may trigger additional validation with other parts of the address (e.g. state/zip validation in the U.S.A.)." }, "recipients": { "type": "array", "items": { "type": "string" }, "description": "Optional. The recipient at the address. This field may, under certain circumstances, contain multiline information. For example, it might contain \"care of\" information." }, "regionCode": { "type": "string", "description": "CLDR region code of the country/region of the address. This is never inferred and it is up to the user to ensure the value is correct. See https://cldr.unicode.org/ and https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html for details. Example: \"CH\" for Switzerland." }, "revision": { "type": "integer", "description": "The schema revision of the `PostalAddress`. This must be set to 0, which is the latest revision. All new revisions **must** be backward compatible with old revisions." }, "sortingCode": { "type": "string", "description": "Optional. Additional, country-specific, sorting code. This is not used in most regions. Where it is used, the value is either a string like \"CEDEX\", optionally followed by a number (e.g. \"CEDEX 7\"), or just a number alone, representing the \"sector code\" (Jamaica), \"delivery area indicator\" (Malawi) or \"post office indicator\" (e.g. Côte d'Ivoire)." }, "sublocality": { "type": "string", "description": "Optional. Sublocality of the address. For example, this can be neighborhoods, boroughs, districts." } }, "type": "object", "required": [ "addressLines", "administrativeArea", "languageCode", "locality", "organization", "postalCode", "recipients", "regionCode", "revision", "sortingCode", "sublocality" ] }, "google-native:domains/v1:RegistrationContactNoticesItem": { "type": "string", "enum": [ { "name": "ContactNoticeUnspecified", "description": "The notice is undefined.", "value": "CONTACT_NOTICE_UNSPECIFIED" }, { "name": "PublicContactDataAcknowledgement", "description": "Required when setting the `privacy` field of `ContactSettings` to `PUBLIC_CONTACT_DATA`, which exposes contact data publicly.", "value": "PUBLIC_CONTACT_DATA_ACKNOWLEDGEMENT" } ] }, "google-native:domains/v1:RegistrationDomainNoticesItem": { "type": "string", "enum": [ { "name": "DomainNoticeUnspecified", "description": "The notice is undefined.", "value": "DOMAIN_NOTICE_UNSPECIFIED" }, { "name": "HstsPreloaded", "description": "Indicates that the domain is preloaded on the HTTP Strict Transport Security list in browsers. Serving a website on such domain requires an SSL certificate. For details, see [how to get an SSL certificate](https://support.google.com/domains/answer/7638036).", "value": "HSTS_PRELOADED" } ] }, "google-native:domains/v1alpha2:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:domains%2Fv1alpha2:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:domains/v1alpha2:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:domains%2Fv1alpha2:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:domains/v1alpha2:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:domains%2Fv1alpha2:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:domains/v1alpha2:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:domains/v1alpha2:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:domains/v1alpha2:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:domains%2Fv1alpha2:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:domains/v1alpha2:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:domains%2Fv1alpha2:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:domains/v1alpha2:Contact": { "description": "Details required for a contact associated with a `Registration`.", "properties": { "email": { "type": "string", "description": "Email address of the contact." }, "faxNumber": { "type": "string", "description": "Fax number of the contact in international format. For example, `\"+1-800-555-0123\"`." }, "phoneNumber": { "type": "string", "description": "Phone number of the contact in international format. For example, `\"+1-800-555-0123\"`." }, "postalAddress": { "$ref": "#/types/google-native:domains%2Fv1alpha2:PostalAddress", "description": "Postal address of the contact." } }, "type": "object", "required": [ "email", "phoneNumber", "postalAddress" ] }, "google-native:domains/v1alpha2:ContactResponse": { "description": "Details required for a contact associated with a `Registration`.", "properties": { "email": { "type": "string", "description": "Email address of the contact." }, "faxNumber": { "type": "string", "description": "Fax number of the contact in international format. For example, `\"+1-800-555-0123\"`." }, "phoneNumber": { "type": "string", "description": "Phone number of the contact in international format. For example, `\"+1-800-555-0123\"`." }, "postalAddress": { "$ref": "#/types/google-native:domains%2Fv1alpha2:PostalAddressResponse", "description": "Postal address of the contact." } }, "type": "object", "required": [ "email", "faxNumber", "phoneNumber", "postalAddress" ] }, "google-native:domains/v1alpha2:ContactSettings": { "description": "Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain's legal owner, and often the other contacts are identical.", "properties": { "adminContact": { "$ref": "#/types/google-native:domains%2Fv1alpha2:Contact", "description": "The administrative contact for the `Registration`." }, "privacy": { "$ref": "#/types/google-native:domains%2Fv1alpha2:ContactSettingsPrivacy", "description": "Privacy setting for the contacts associated with the `Registration`." }, "registrantContact": { "$ref": "#/types/google-native:domains%2Fv1alpha2:Contact", "description": "The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*" }, "technicalContact": { "$ref": "#/types/google-native:domains%2Fv1alpha2:Contact", "description": "The technical contact for the `Registration`." } }, "type": "object", "required": [ "adminContact", "privacy", "registrantContact", "technicalContact" ] }, "google-native:domains/v1alpha2:ContactSettingsPrivacy": { "description": "Required. Privacy setting for the contacts associated with the `Registration`.", "type": "string", "enum": [ { "name": "ContactPrivacyUnspecified", "description": "The contact privacy settings are undefined.", "value": "CONTACT_PRIVACY_UNSPECIFIED" }, { "name": "PublicContactData", "description": "All the data from `ContactSettings` is publicly available. When setting this option, you must also provide a `PUBLIC_CONTACT_DATA_ACKNOWLEDGEMENT` in the `contact_notices` field of the request.", "value": "PUBLIC_CONTACT_DATA" }, { "name": "PrivateContactData", "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) None of the data from `ContactSettings` is publicly available. Instead, proxy contact data is published for your domain. Email sent to the proxy email address is forwarded to the registrant's email address. Cloud Domains provides this privacy proxy service at no additional cost.", "value": "PRIVATE_CONTACT_DATA" }, { "name": "RedactedContactData", "description": "The organization name (if provided) and limited non-identifying data from `ContactSettings` is available to the public (e.g. country and state). The remaining data is marked as `REDACTED FOR PRIVACY` in the WHOIS database. The actual information redacted depends on the domain. For details, see [the registration privacy article](https://support.google.com/domains/answer/3251242).", "value": "REDACTED_CONTACT_DATA" } ] }, "google-native:domains/v1alpha2:ContactSettingsResponse": { "description": "Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain's legal owner, and often the other contacts are identical.", "properties": { "adminContact": { "$ref": "#/types/google-native:domains%2Fv1alpha2:ContactResponse", "description": "The administrative contact for the `Registration`." }, "privacy": { "type": "string", "description": "Privacy setting for the contacts associated with the `Registration`." }, "registrantContact": { "$ref": "#/types/google-native:domains%2Fv1alpha2:ContactResponse", "description": "The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*" }, "technicalContact": { "$ref": "#/types/google-native:domains%2Fv1alpha2:ContactResponse", "description": "The technical contact for the `Registration`." } }, "type": "object", "required": [ "adminContact", "privacy", "registrantContact", "technicalContact" ] }, "google-native:domains/v1alpha2:CustomDns": { "description": "Configuration for an arbitrary DNS provider.", "properties": { "dsRecords": { "type": "array", "items": { "$ref": "#/types/google-native:domains%2Fv1alpha2:DsRecord" }, "description": "The list of DS records for this domain, which are used to enable DNSSEC. The domain's DNS provider can provide the values to set here. If this field is empty, DNSSEC is disabled." }, "nameServers": { "type": "array", "items": { "type": "string" }, "description": "A list of name servers that store the DNS zone for this domain. Each name server is a domain name, with Unicode domain names expressed in Punycode format." } }, "type": "object", "required": [ "nameServers" ] }, "google-native:domains/v1alpha2:CustomDnsResponse": { "description": "Configuration for an arbitrary DNS provider.", "properties": { "dsRecords": { "type": "array", "items": { "$ref": "#/types/google-native:domains%2Fv1alpha2:DsRecordResponse" }, "description": "The list of DS records for this domain, which are used to enable DNSSEC. The domain's DNS provider can provide the values to set here. If this field is empty, DNSSEC is disabled." }, "nameServers": { "type": "array", "items": { "type": "string" }, "description": "A list of name servers that store the DNS zone for this domain. Each name server is a domain name, with Unicode domain names expressed in Punycode format." } }, "type": "object", "required": [ "dsRecords", "nameServers" ] }, "google-native:domains/v1alpha2:DnsSettings": { "description": "Defines the DNS configuration of a `Registration`, including name servers, DNSSEC, and glue records.", "properties": { "customDns": { "$ref": "#/types/google-native:domains%2Fv1alpha2:CustomDns", "description": "An arbitrary DNS provider identified by its name servers." }, "glueRecords": { "type": "array", "items": { "$ref": "#/types/google-native:domains%2Fv1alpha2:GlueRecord" }, "description": "The list of glue records for this `Registration`. Commonly empty." }, "googleDomainsDns": { "$ref": "#/types/google-native:domains%2Fv1alpha2:GoogleDomainsDns", "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) The free DNS zone provided by [Google Domains](https://domains.google/).", "deprecationMessage": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) The free DNS zone provided by [Google Domains](https://domains.google/)." } }, "type": "object" }, "google-native:domains/v1alpha2:DnsSettingsResponse": { "description": "Defines the DNS configuration of a `Registration`, including name servers, DNSSEC, and glue records.", "properties": { "customDns": { "$ref": "#/types/google-native:domains%2Fv1alpha2:CustomDnsResponse", "description": "An arbitrary DNS provider identified by its name servers." }, "glueRecords": { "type": "array", "items": { "$ref": "#/types/google-native:domains%2Fv1alpha2:GlueRecordResponse" }, "description": "The list of glue records for this `Registration`. Commonly empty." }, "googleDomainsDns": { "$ref": "#/types/google-native:domains%2Fv1alpha2:GoogleDomainsDnsResponse", "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) The free DNS zone provided by [Google Domains](https://domains.google/).", "deprecationMessage": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) The free DNS zone provided by [Google Domains](https://domains.google/)." } }, "type": "object", "required": [ "customDns", "glueRecords", "googleDomainsDns" ] }, "google-native:domains/v1alpha2:DsRecord": { "description": "Defines a Delegation Signer (DS) record, which is needed to enable DNSSEC for a domain. It contains a digest (hash) of a DNSKEY record that must be present in the domain's DNS zone.", "properties": { "algorithm": { "$ref": "#/types/google-native:domains%2Fv1alpha2:DsRecordAlgorithm", "description": "The algorithm used to generate the referenced DNSKEY." }, "digest": { "type": "string", "description": "The digest generated from the referenced DNSKEY." }, "digestType": { "$ref": "#/types/google-native:domains%2Fv1alpha2:DsRecordDigestType", "description": "The hash function used to generate the digest of the referenced DNSKEY." }, "keyTag": { "type": "integer", "description": "The key tag of the record. Must be set in range 0 -- 65535." } }, "type": "object" }, "google-native:domains/v1alpha2:DsRecordAlgorithm": { "description": "The algorithm used to generate the referenced DNSKEY.", "type": "string", "enum": [ { "name": "AlgorithmUnspecified", "description": "The algorithm is unspecified.", "value": "ALGORITHM_UNSPECIFIED" }, { "name": "Rsamd5", "description": "RSA/MD5. Cannot be used for new deployments.", "value": "RSAMD5" }, { "name": "Dh", "description": "Diffie-Hellman. Cannot be used for new deployments.", "value": "DH" }, { "name": "Dsa", "description": "DSA/SHA1. Not recommended for new deployments.", "value": "DSA" }, { "name": "Ecc", "description": "ECC. Not recommended for new deployments.", "value": "ECC" }, { "name": "Rsasha1", "description": "RSA/SHA-1. Not recommended for new deployments.", "value": "RSASHA1" }, { "name": "Dsansec3sha1", "description": "DSA-NSEC3-SHA1. Not recommended for new deployments.", "value": "DSANSEC3SHA1" }, { "name": "Rsasha1nsec3sha1", "description": "RSA/SHA1-NSEC3-SHA1. Not recommended for new deployments.", "value": "RSASHA1NSEC3SHA1" }, { "name": "Rsasha256", "description": "RSA/SHA-256.", "value": "RSASHA256" }, { "name": "Rsasha512", "description": "RSA/SHA-512.", "value": "RSASHA512" }, { "name": "Eccgost", "description": "GOST R 34.10-2001.", "value": "ECCGOST" }, { "name": "Ecdsap256sha256", "description": "ECDSA Curve P-256 with SHA-256.", "value": "ECDSAP256SHA256" }, { "name": "Ecdsap384sha384", "description": "ECDSA Curve P-384 with SHA-384.", "value": "ECDSAP384SHA384" }, { "name": "Ed25519", "description": "Ed25519.", "value": "ED25519" }, { "name": "Ed448", "description": "Ed448.", "value": "ED448" }, { "name": "Indirect", "description": "Reserved for Indirect Keys. Cannot be used for new deployments.", "value": "INDIRECT" }, { "name": "Privatedns", "description": "Private algorithm. Cannot be used for new deployments.", "value": "PRIVATEDNS" }, { "name": "Privateoid", "description": "Private algorithm OID. Cannot be used for new deployments.", "value": "PRIVATEOID" } ] }, "google-native:domains/v1alpha2:DsRecordDigestType": { "description": "The hash function used to generate the digest of the referenced DNSKEY.", "type": "string", "enum": [ { "name": "DigestTypeUnspecified", "description": "The DigestType is unspecified.", "value": "DIGEST_TYPE_UNSPECIFIED" }, { "name": "Sha1", "description": "SHA-1. Not recommended for new deployments.", "value": "SHA1" }, { "name": "Sha256", "description": "SHA-256.", "value": "SHA256" }, { "name": "Gost3411", "description": "GOST R 34.11-94.", "value": "GOST3411" }, { "name": "Sha384", "description": "SHA-384.", "value": "SHA384" } ] }, "google-native:domains/v1alpha2:DsRecordResponse": { "description": "Defines a Delegation Signer (DS) record, which is needed to enable DNSSEC for a domain. It contains a digest (hash) of a DNSKEY record that must be present in the domain's DNS zone.", "properties": { "algorithm": { "type": "string", "description": "The algorithm used to generate the referenced DNSKEY." }, "digest": { "type": "string", "description": "The digest generated from the referenced DNSKEY." }, "digestType": { "type": "string", "description": "The hash function used to generate the digest of the referenced DNSKEY." }, "keyTag": { "type": "integer", "description": "The key tag of the record. Must be set in range 0 -- 65535." } }, "type": "object", "required": [ "algorithm", "digest", "digestType", "keyTag" ] }, "google-native:domains/v1alpha2:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:domains/v1alpha2:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:domains/v1alpha2:GlueRecord": { "description": "Defines a host on your domain that is a DNS name server for your domain and/or other domains. Glue records are a way of making the IP address of a name server known, even when it serves DNS queries for its parent domain. For example, when `ns.example.com` is a name server for `example.com`, the host `ns.example.com` must have a glue record to break the circular DNS reference.", "properties": { "hostName": { "type": "string", "description": "Domain name of the host in Punycode format." }, "ipv4Addresses": { "type": "array", "items": { "type": "string" }, "description": "List of IPv4 addresses corresponding to this host in the standard decimal format (e.g. `198.51.100.1`). At least one of `ipv4_address` and `ipv6_address` must be set." }, "ipv6Addresses": { "type": "array", "items": { "type": "string" }, "description": "List of IPv6 addresses corresponding to this host in the standard hexadecimal format (e.g. `2001:db8::`). At least one of `ipv4_address` and `ipv6_address` must be set." } }, "type": "object", "required": [ "hostName" ] }, "google-native:domains/v1alpha2:GlueRecordResponse": { "description": "Defines a host on your domain that is a DNS name server for your domain and/or other domains. Glue records are a way of making the IP address of a name server known, even when it serves DNS queries for its parent domain. For example, when `ns.example.com` is a name server for `example.com`, the host `ns.example.com` must have a glue record to break the circular DNS reference.", "properties": { "hostName": { "type": "string", "description": "Domain name of the host in Punycode format." }, "ipv4Addresses": { "type": "array", "items": { "type": "string" }, "description": "List of IPv4 addresses corresponding to this host in the standard decimal format (e.g. `198.51.100.1`). At least one of `ipv4_address` and `ipv6_address` must be set." }, "ipv6Addresses": { "type": "array", "items": { "type": "string" }, "description": "List of IPv6 addresses corresponding to this host in the standard hexadecimal format (e.g. `2001:db8::`). At least one of `ipv4_address` and `ipv6_address` must be set." } }, "type": "object", "required": [ "hostName", "ipv4Addresses", "ipv6Addresses" ] }, "google-native:domains/v1alpha2:GoogleDomainsDns": { "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) Configuration for using the free DNS zone provided by Google Domains as a `Registration`'s `dns_provider`. You cannot configure the DNS zone itself using the API. To configure the DNS zone, go to [Google Domains](https://domains.google/).", "properties": { "dsState": { "$ref": "#/types/google-native:domains%2Fv1alpha2:GoogleDomainsDnsDsState", "description": "The state of DS records for this domain. Used to enable or disable automatic DNSSEC." } }, "type": "object", "required": [ "dsState" ] }, "google-native:domains/v1alpha2:GoogleDomainsDnsDsState": { "description": "Required. The state of DS records for this domain. Used to enable or disable automatic DNSSEC.", "type": "string", "enum": [ { "name": "DsStateUnspecified", "description": "DS state is unspecified.", "value": "DS_STATE_UNSPECIFIED" }, { "name": "DsRecordsUnpublished", "description": "DNSSEC is disabled for this domain. No DS records for this domain are published in the parent DNS zone.", "value": "DS_RECORDS_UNPUBLISHED" }, { "name": "DsRecordsPublished", "description": "DNSSEC is enabled for this domain. Appropriate DS records for this domain are published in the parent DNS zone. This option is valid only if the DNS zone referenced in the `Registration`'s `dns_provider` field is already DNSSEC-signed.", "value": "DS_RECORDS_PUBLISHED" } ] }, "google-native:domains/v1alpha2:GoogleDomainsDnsResponse": { "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) Configuration for using the free DNS zone provided by Google Domains as a `Registration`'s `dns_provider`. You cannot configure the DNS zone itself using the API. To configure the DNS zone, go to [Google Domains](https://domains.google/).", "properties": { "dsRecords": { "type": "array", "items": { "$ref": "#/types/google-native:domains%2Fv1alpha2:DsRecordResponse" }, "description": "The list of DS records published for this domain. The list is automatically populated when `ds_state` is `DS_RECORDS_PUBLISHED`, otherwise it remains empty." }, "dsState": { "type": "string", "description": "The state of DS records for this domain. Used to enable or disable automatic DNSSEC." }, "nameServers": { "type": "array", "items": { "type": "string" }, "description": "A list of name servers that store the DNS zone for this domain. Each name server is a domain name, with Unicode domain names expressed in Punycode format. This field is automatically populated with the name servers assigned to the Google Domains DNS zone." } }, "type": "object", "required": [ "dsRecords", "dsState", "nameServers" ] }, "google-native:domains/v1alpha2:ManagementSettings": { "description": "Defines renewal, billing, and transfer settings for a `Registration`.", "properties": { "preferredRenewalMethod": { "$ref": "#/types/google-native:domains%2Fv1alpha2:ManagementSettingsPreferredRenewalMethod", "description": "Optional. The desired renewal method for this `Registration`. The actual `renewal_method` is automatically updated to reflect this choice. If unset or equal to `RENEWAL_METHOD_UNSPECIFIED`, it will be treated as if it were set to `AUTOMATIC_RENEWAL`. Can't be set to `RENEWAL_DISABLED` during resource creation and can only be updated when the `Registration` resource has state `ACTIVE` or `SUSPENDED`. When `preferred_renewal_method` is set to `AUTOMATIC_RENEWAL` the actual `renewal_method` can be set to `RENEWAL_DISABLED` in case of e.g. problems with the Billing Account or reported domain abuse. In such cases check the `issues` field on the `Registration`. After the problem is resolved the `renewal_method` will be automatically updated to `preferred_renewal_method` in a few hours." }, "transferLockState": { "$ref": "#/types/google-native:domains%2Fv1alpha2:ManagementSettingsTransferLockState", "description": "Controls whether the domain can be transferred to another registrar." } }, "type": "object" }, "google-native:domains/v1alpha2:ManagementSettingsPreferredRenewalMethod": { "description": "Optional. The desired renewal method for this `Registration`. The actual `renewal_method` is automatically updated to reflect this choice. If unset or equal to `RENEWAL_METHOD_UNSPECIFIED`, it will be treated as if it were set to `AUTOMATIC_RENEWAL`. Can't be set to `RENEWAL_DISABLED` during resource creation and can only be updated when the `Registration` resource has state `ACTIVE` or `SUSPENDED`. When `preferred_renewal_method` is set to `AUTOMATIC_RENEWAL` the actual `renewal_method` can be set to `RENEWAL_DISABLED` in case of e.g. problems with the Billing Account or reported domain abuse. In such cases check the `issues` field on the `Registration`. After the problem is resolved the `renewal_method` will be automatically updated to `preferred_renewal_method` in a few hours.", "type": "string", "enum": [ { "name": "RenewalMethodUnspecified", "description": "The renewal method is undefined.", "value": "RENEWAL_METHOD_UNSPECIFIED" }, { "name": "AutomaticRenewal", "description": "The domain is automatically renewed each year.", "value": "AUTOMATIC_RENEWAL" }, { "name": "ManualRenewal", "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) This option was never used. Use RENEWAL_DISABLED instead.", "value": "MANUAL_RENEWAL" }, { "name": "RenewalDisabled", "description": "The domain won't be renewed and will expire at its expiration time.", "value": "RENEWAL_DISABLED" } ] }, "google-native:domains/v1alpha2:ManagementSettingsResponse": { "description": "Defines renewal, billing, and transfer settings for a `Registration`.", "properties": { "preferredRenewalMethod": { "type": "string", "description": "Optional. The desired renewal method for this `Registration`. The actual `renewal_method` is automatically updated to reflect this choice. If unset or equal to `RENEWAL_METHOD_UNSPECIFIED`, it will be treated as if it were set to `AUTOMATIC_RENEWAL`. Can't be set to `RENEWAL_DISABLED` during resource creation and can only be updated when the `Registration` resource has state `ACTIVE` or `SUSPENDED`. When `preferred_renewal_method` is set to `AUTOMATIC_RENEWAL` the actual `renewal_method` can be set to `RENEWAL_DISABLED` in case of e.g. problems with the Billing Account or reported domain abuse. In such cases check the `issues` field on the `Registration`. After the problem is resolved the `renewal_method` will be automatically updated to `preferred_renewal_method` in a few hours." }, "renewalMethod": { "type": "string", "description": "The actual renewal method for this `Registration`. When `preferred_renewal_method` is set to `AUTOMATIC_RENEWAL` the actual `renewal_method` can be equal to `RENEWAL_DISABLED` in case of e.g. problems with the Billing Account or reported domain abuse. In such cases check the `issues` field on the `Registration`. After the problem is resolved the `renewal_method` will be automatically updated to `preferred_renewal_method` in a few hours." }, "transferLockState": { "type": "string", "description": "Controls whether the domain can be transferred to another registrar." } }, "type": "object", "required": [ "preferredRenewalMethod", "renewalMethod", "transferLockState" ] }, "google-native:domains/v1alpha2:ManagementSettingsTransferLockState": { "description": "Controls whether the domain can be transferred to another registrar.", "type": "string", "enum": [ { "name": "TransferLockStateUnspecified", "description": "The state is unspecified.", "value": "TRANSFER_LOCK_STATE_UNSPECIFIED" }, { "name": "Unlocked", "description": "The domain is unlocked and can be transferred to another registrar.", "value": "UNLOCKED" }, { "name": "Locked", "description": "The domain is locked and cannot be transferred to another registrar.", "value": "LOCKED" } ] }, "google-native:domains/v1alpha2:Money": { "description": "Represents an amount of money with its currency type.", "properties": { "currencyCode": { "type": "string", "description": "The three-letter currency code defined in ISO 4217." }, "nanos": { "type": "integer", "description": "Number of nano (10^-9) units of the amount. The value must be between -999,999,999 and +999,999,999 inclusive. If `units` is positive, `nanos` must be positive or zero. If `units` is zero, `nanos` can be positive, zero, or negative. If `units` is negative, `nanos` must be negative or zero. For example $-1.75 is represented as `units`=-1 and `nanos`=-750,000,000." }, "units": { "type": "string", "description": "The whole units of the amount. For example if `currencyCode` is `\"USD\"`, then 1 unit is one US dollar." } }, "type": "object" }, "google-native:domains/v1alpha2:PostalAddress": { "description": "Represents a postal address, e.g. for postal delivery or payments addresses. Given a postal address, a postal service can deliver items to a premise, P.O. Box or similar. It is not intended to model geographical locations (roads, towns, mountains). In typical usage an address would be created via user input or from importing existing data, depending on the type of process. Advice on address input / editing: - Use an internationalization-ready address widget such as https://github.com/google/libaddressinput) - Users should not be presented with UI elements for input or editing of fields outside countries where that field is used. For more guidance on how to use this schema, please see: https://support.google.com/business/answer/6397478", "properties": { "addressLines": { "type": "array", "items": { "type": "string" }, "description": "Unstructured address lines describing the lower levels of an address. Because values in address_lines do not have type information and may sometimes contain multiple values in a single field (e.g. \"Austin, TX\"), it is important that the line order is clear. The order of address lines should be \"envelope order\" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. \"ja\" for large-to-small ordering and \"ja-Latn\" or \"en\" for small-to-large). This way, the most specific line of an address can be selected based on the language. The minimum permitted structural representation of an address consists of a region_code with all remaining information placed in the address_lines. It would be possible to format such an address very approximately without geocoding, but no semantic reasoning could be made about any of the address components until it was at least partially resolved. Creating an address only containing a region_code and address_lines, and then geocoding is the recommended way to handle completely unstructured addresses (as opposed to guessing which parts of the address should be localities or administrative areas)." }, "administrativeArea": { "type": "string", "description": "Optional. Highest administrative subdivision which is used for postal addresses of a country or region. For example, this can be a state, a province, an oblast, or a prefecture. Specifically, for Spain this is the province and not the autonomous community (e.g. \"Barcelona\" and not \"Catalonia\"). Many countries don't use an administrative area in postal addresses. E.g. in Switzerland this should be left unpopulated." }, "languageCode": { "type": "string", "description": "Optional. BCP-47 language code of the contents of this address (if known). This is often the UI language of the input form or is expected to match one of the languages used in the address' country/region, or their transliterated equivalents. This can affect formatting in certain countries, but is not critical to the correctness of the data and will never affect any validation or other non-formatting related operations. If this value is not known, it should be omitted (rather than specifying a possibly incorrect default). Examples: \"zh-Hant\", \"ja\", \"ja-Latn\", \"en\"." }, "locality": { "type": "string", "description": "Optional. Generally refers to the city/town portion of the address. Examples: US city, IT comune, UK post town. In regions of the world where localities are not well defined or do not fit into this structure well, leave locality empty and use address_lines." }, "organization": { "type": "string", "description": "Optional. The name of the organization at the address." }, "postalCode": { "type": "string", "description": "Optional. Postal code of the address. Not all countries use or require postal codes to be present, but where they are used, they may trigger additional validation with other parts of the address (e.g. state/zip validation in the U.S.A.)." }, "recipients": { "type": "array", "items": { "type": "string" }, "description": "Optional. The recipient at the address. This field may, under certain circumstances, contain multiline information. For example, it might contain \"care of\" information." }, "regionCode": { "type": "string", "description": "CLDR region code of the country/region of the address. This is never inferred and it is up to the user to ensure the value is correct. See https://cldr.unicode.org/ and https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html for details. Example: \"CH\" for Switzerland." }, "revision": { "type": "integer", "description": "The schema revision of the `PostalAddress`. This must be set to 0, which is the latest revision. All new revisions **must** be backward compatible with old revisions." }, "sortingCode": { "type": "string", "description": "Optional. Additional, country-specific, sorting code. This is not used in most regions. Where it is used, the value is either a string like \"CEDEX\", optionally followed by a number (e.g. \"CEDEX 7\"), or just a number alone, representing the \"sector code\" (Jamaica), \"delivery area indicator\" (Malawi) or \"post office indicator\" (e.g. Côte d'Ivoire)." }, "sublocality": { "type": "string", "description": "Optional. Sublocality of the address. For example, this can be neighborhoods, boroughs, districts." } }, "type": "object", "required": [ "regionCode" ] }, "google-native:domains/v1alpha2:PostalAddressResponse": { "description": "Represents a postal address, e.g. for postal delivery or payments addresses. Given a postal address, a postal service can deliver items to a premise, P.O. Box or similar. It is not intended to model geographical locations (roads, towns, mountains). In typical usage an address would be created via user input or from importing existing data, depending on the type of process. Advice on address input / editing: - Use an internationalization-ready address widget such as https://github.com/google/libaddressinput) - Users should not be presented with UI elements for input or editing of fields outside countries where that field is used. For more guidance on how to use this schema, please see: https://support.google.com/business/answer/6397478", "properties": { "addressLines": { "type": "array", "items": { "type": "string" }, "description": "Unstructured address lines describing the lower levels of an address. Because values in address_lines do not have type information and may sometimes contain multiple values in a single field (e.g. \"Austin, TX\"), it is important that the line order is clear. The order of address lines should be \"envelope order\" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. \"ja\" for large-to-small ordering and \"ja-Latn\" or \"en\" for small-to-large). This way, the most specific line of an address can be selected based on the language. The minimum permitted structural representation of an address consists of a region_code with all remaining information placed in the address_lines. It would be possible to format such an address very approximately without geocoding, but no semantic reasoning could be made about any of the address components until it was at least partially resolved. Creating an address only containing a region_code and address_lines, and then geocoding is the recommended way to handle completely unstructured addresses (as opposed to guessing which parts of the address should be localities or administrative areas)." }, "administrativeArea": { "type": "string", "description": "Optional. Highest administrative subdivision which is used for postal addresses of a country or region. For example, this can be a state, a province, an oblast, or a prefecture. Specifically, for Spain this is the province and not the autonomous community (e.g. \"Barcelona\" and not \"Catalonia\"). Many countries don't use an administrative area in postal addresses. E.g. in Switzerland this should be left unpopulated." }, "languageCode": { "type": "string", "description": "Optional. BCP-47 language code of the contents of this address (if known). This is often the UI language of the input form or is expected to match one of the languages used in the address' country/region, or their transliterated equivalents. This can affect formatting in certain countries, but is not critical to the correctness of the data and will never affect any validation or other non-formatting related operations. If this value is not known, it should be omitted (rather than specifying a possibly incorrect default). Examples: \"zh-Hant\", \"ja\", \"ja-Latn\", \"en\"." }, "locality": { "type": "string", "description": "Optional. Generally refers to the city/town portion of the address. Examples: US city, IT comune, UK post town. In regions of the world where localities are not well defined or do not fit into this structure well, leave locality empty and use address_lines." }, "organization": { "type": "string", "description": "Optional. The name of the organization at the address." }, "postalCode": { "type": "string", "description": "Optional. Postal code of the address. Not all countries use or require postal codes to be present, but where they are used, they may trigger additional validation with other parts of the address (e.g. state/zip validation in the U.S.A.)." }, "recipients": { "type": "array", "items": { "type": "string" }, "description": "Optional. The recipient at the address. This field may, under certain circumstances, contain multiline information. For example, it might contain \"care of\" information." }, "regionCode": { "type": "string", "description": "CLDR region code of the country/region of the address. This is never inferred and it is up to the user to ensure the value is correct. See https://cldr.unicode.org/ and https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html for details. Example: \"CH\" for Switzerland." }, "revision": { "type": "integer", "description": "The schema revision of the `PostalAddress`. This must be set to 0, which is the latest revision. All new revisions **must** be backward compatible with old revisions." }, "sortingCode": { "type": "string", "description": "Optional. Additional, country-specific, sorting code. This is not used in most regions. Where it is used, the value is either a string like \"CEDEX\", optionally followed by a number (e.g. \"CEDEX 7\"), or just a number alone, representing the \"sector code\" (Jamaica), \"delivery area indicator\" (Malawi) or \"post office indicator\" (e.g. Côte d'Ivoire)." }, "sublocality": { "type": "string", "description": "Optional. Sublocality of the address. For example, this can be neighborhoods, boroughs, districts." } }, "type": "object", "required": [ "addressLines", "administrativeArea", "languageCode", "locality", "organization", "postalCode", "recipients", "regionCode", "revision", "sortingCode", "sublocality" ] }, "google-native:domains/v1alpha2:RegistrationContactNoticesItem": { "type": "string", "enum": [ { "name": "ContactNoticeUnspecified", "description": "The notice is undefined.", "value": "CONTACT_NOTICE_UNSPECIFIED" }, { "name": "PublicContactDataAcknowledgement", "description": "Required when setting the `privacy` field of `ContactSettings` to `PUBLIC_CONTACT_DATA`, which exposes contact data publicly.", "value": "PUBLIC_CONTACT_DATA_ACKNOWLEDGEMENT" } ] }, "google-native:domains/v1alpha2:RegistrationDomainNoticesItem": { "type": "string", "enum": [ { "name": "DomainNoticeUnspecified", "description": "The notice is undefined.", "value": "DOMAIN_NOTICE_UNSPECIFIED" }, { "name": "HstsPreloaded", "description": "Indicates that the domain is preloaded on the HTTP Strict Transport Security list in browsers. Serving a website on such domain requires an SSL certificate. For details, see [how to get an SSL certificate](https://support.google.com/domains/answer/7638036).", "value": "HSTS_PRELOADED" } ] }, "google-native:domains/v1beta1:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:domains%2Fv1beta1:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:domains/v1beta1:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:domains%2Fv1beta1:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:domains/v1beta1:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:domains%2Fv1beta1:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:domains/v1beta1:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:domains/v1beta1:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:domains/v1beta1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:domains%2Fv1beta1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:domains/v1beta1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:domains%2Fv1beta1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:domains/v1beta1:Contact": { "description": "Details required for a contact associated with a `Registration`.", "properties": { "email": { "type": "string", "description": "Email address of the contact." }, "faxNumber": { "type": "string", "description": "Fax number of the contact in international format. For example, `\"+1-800-555-0123\"`." }, "phoneNumber": { "type": "string", "description": "Phone number of the contact in international format. For example, `\"+1-800-555-0123\"`." }, "postalAddress": { "$ref": "#/types/google-native:domains%2Fv1beta1:PostalAddress", "description": "Postal address of the contact." } }, "type": "object", "required": [ "email", "phoneNumber", "postalAddress" ] }, "google-native:domains/v1beta1:ContactResponse": { "description": "Details required for a contact associated with a `Registration`.", "properties": { "email": { "type": "string", "description": "Email address of the contact." }, "faxNumber": { "type": "string", "description": "Fax number of the contact in international format. For example, `\"+1-800-555-0123\"`." }, "phoneNumber": { "type": "string", "description": "Phone number of the contact in international format. For example, `\"+1-800-555-0123\"`." }, "postalAddress": { "$ref": "#/types/google-native:domains%2Fv1beta1:PostalAddressResponse", "description": "Postal address of the contact." } }, "type": "object", "required": [ "email", "faxNumber", "phoneNumber", "postalAddress" ] }, "google-native:domains/v1beta1:ContactSettings": { "description": "Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain's legal owner, and often the other contacts are identical.", "properties": { "adminContact": { "$ref": "#/types/google-native:domains%2Fv1beta1:Contact", "description": "The administrative contact for the `Registration`." }, "privacy": { "$ref": "#/types/google-native:domains%2Fv1beta1:ContactSettingsPrivacy", "description": "Privacy setting for the contacts associated with the `Registration`." }, "registrantContact": { "$ref": "#/types/google-native:domains%2Fv1beta1:Contact", "description": "The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*" }, "technicalContact": { "$ref": "#/types/google-native:domains%2Fv1beta1:Contact", "description": "The technical contact for the `Registration`." } }, "type": "object", "required": [ "adminContact", "privacy", "registrantContact", "technicalContact" ] }, "google-native:domains/v1beta1:ContactSettingsPrivacy": { "description": "Required. Privacy setting for the contacts associated with the `Registration`.", "type": "string", "enum": [ { "name": "ContactPrivacyUnspecified", "description": "The contact privacy settings are undefined.", "value": "CONTACT_PRIVACY_UNSPECIFIED" }, { "name": "PublicContactData", "description": "All the data from `ContactSettings` is publicly available. When setting this option, you must also provide a `PUBLIC_CONTACT_DATA_ACKNOWLEDGEMENT` in the `contact_notices` field of the request.", "value": "PUBLIC_CONTACT_DATA" }, { "name": "PrivateContactData", "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) None of the data from `ContactSettings` is publicly available. Instead, proxy contact data is published for your domain. Email sent to the proxy email address is forwarded to the registrant's email address. Cloud Domains provides this privacy proxy service at no additional cost.", "value": "PRIVATE_CONTACT_DATA" }, { "name": "RedactedContactData", "description": "The organization name (if provided) and limited non-identifying data from `ContactSettings` is available to the public (e.g. country and state). The remaining data is marked as `REDACTED FOR PRIVACY` in the WHOIS database. The actual information redacted depends on the domain. For details, see [the registration privacy article](https://support.google.com/domains/answer/3251242).", "value": "REDACTED_CONTACT_DATA" } ] }, "google-native:domains/v1beta1:ContactSettingsResponse": { "description": "Defines the contact information associated with a `Registration`. [ICANN](https://icann.org/) requires all domain names to have associated contact information. The `registrant_contact` is considered the domain's legal owner, and often the other contacts are identical.", "properties": { "adminContact": { "$ref": "#/types/google-native:domains%2Fv1beta1:ContactResponse", "description": "The administrative contact for the `Registration`." }, "privacy": { "type": "string", "description": "Privacy setting for the contacts associated with the `Registration`." }, "registrantContact": { "$ref": "#/types/google-native:domains%2Fv1beta1:ContactResponse", "description": "The registrant contact for the `Registration`. *Caution: Anyone with access to this email address, phone number, and/or postal address can take control of the domain.* *Warning: For new `Registration`s, the registrant receives an email confirmation that they must complete within 15 days to avoid domain suspension.*" }, "technicalContact": { "$ref": "#/types/google-native:domains%2Fv1beta1:ContactResponse", "description": "The technical contact for the `Registration`." } }, "type": "object", "required": [ "adminContact", "privacy", "registrantContact", "technicalContact" ] }, "google-native:domains/v1beta1:CustomDns": { "description": "Configuration for an arbitrary DNS provider.", "properties": { "dsRecords": { "type": "array", "items": { "$ref": "#/types/google-native:domains%2Fv1beta1:DsRecord" }, "description": "The list of DS records for this domain, which are used to enable DNSSEC. The domain's DNS provider can provide the values to set here. If this field is empty, DNSSEC is disabled." }, "nameServers": { "type": "array", "items": { "type": "string" }, "description": "A list of name servers that store the DNS zone for this domain. Each name server is a domain name, with Unicode domain names expressed in Punycode format." } }, "type": "object", "required": [ "nameServers" ] }, "google-native:domains/v1beta1:CustomDnsResponse": { "description": "Configuration for an arbitrary DNS provider.", "properties": { "dsRecords": { "type": "array", "items": { "$ref": "#/types/google-native:domains%2Fv1beta1:DsRecordResponse" }, "description": "The list of DS records for this domain, which are used to enable DNSSEC. The domain's DNS provider can provide the values to set here. If this field is empty, DNSSEC is disabled." }, "nameServers": { "type": "array", "items": { "type": "string" }, "description": "A list of name servers that store the DNS zone for this domain. Each name server is a domain name, with Unicode domain names expressed in Punycode format." } }, "type": "object", "required": [ "dsRecords", "nameServers" ] }, "google-native:domains/v1beta1:DnsSettings": { "description": "Defines the DNS configuration of a `Registration`, including name servers, DNSSEC, and glue records.", "properties": { "customDns": { "$ref": "#/types/google-native:domains%2Fv1beta1:CustomDns", "description": "An arbitrary DNS provider identified by its name servers." }, "glueRecords": { "type": "array", "items": { "$ref": "#/types/google-native:domains%2Fv1beta1:GlueRecord" }, "description": "The list of glue records for this `Registration`. Commonly empty." }, "googleDomainsDns": { "$ref": "#/types/google-native:domains%2Fv1beta1:GoogleDomainsDns", "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) The free DNS zone provided by [Google Domains](https://domains.google/).", "deprecationMessage": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) The free DNS zone provided by [Google Domains](https://domains.google/)." } }, "type": "object" }, "google-native:domains/v1beta1:DnsSettingsResponse": { "description": "Defines the DNS configuration of a `Registration`, including name servers, DNSSEC, and glue records.", "properties": { "customDns": { "$ref": "#/types/google-native:domains%2Fv1beta1:CustomDnsResponse", "description": "An arbitrary DNS provider identified by its name servers." }, "glueRecords": { "type": "array", "items": { "$ref": "#/types/google-native:domains%2Fv1beta1:GlueRecordResponse" }, "description": "The list of glue records for this `Registration`. Commonly empty." }, "googleDomainsDns": { "$ref": "#/types/google-native:domains%2Fv1beta1:GoogleDomainsDnsResponse", "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) The free DNS zone provided by [Google Domains](https://domains.google/).", "deprecationMessage": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) The free DNS zone provided by [Google Domains](https://domains.google/)." } }, "type": "object", "required": [ "customDns", "glueRecords", "googleDomainsDns" ] }, "google-native:domains/v1beta1:DsRecord": { "description": "Defines a Delegation Signer (DS) record, which is needed to enable DNSSEC for a domain. It contains a digest (hash) of a DNSKEY record that must be present in the domain's DNS zone.", "properties": { "algorithm": { "$ref": "#/types/google-native:domains%2Fv1beta1:DsRecordAlgorithm", "description": "The algorithm used to generate the referenced DNSKEY." }, "digest": { "type": "string", "description": "The digest generated from the referenced DNSKEY." }, "digestType": { "$ref": "#/types/google-native:domains%2Fv1beta1:DsRecordDigestType", "description": "The hash function used to generate the digest of the referenced DNSKEY." }, "keyTag": { "type": "integer", "description": "The key tag of the record. Must be set in range 0 -- 65535." } }, "type": "object" }, "google-native:domains/v1beta1:DsRecordAlgorithm": { "description": "The algorithm used to generate the referenced DNSKEY.", "type": "string", "enum": [ { "name": "AlgorithmUnspecified", "description": "The algorithm is unspecified.", "value": "ALGORITHM_UNSPECIFIED" }, { "name": "Rsamd5", "description": "RSA/MD5. Cannot be used for new deployments.", "value": "RSAMD5" }, { "name": "Dh", "description": "Diffie-Hellman. Cannot be used for new deployments.", "value": "DH" }, { "name": "Dsa", "description": "DSA/SHA1. Not recommended for new deployments.", "value": "DSA" }, { "name": "Ecc", "description": "ECC. Not recommended for new deployments.", "value": "ECC" }, { "name": "Rsasha1", "description": "RSA/SHA-1. Not recommended for new deployments.", "value": "RSASHA1" }, { "name": "Dsansec3sha1", "description": "DSA-NSEC3-SHA1. Not recommended for new deployments.", "value": "DSANSEC3SHA1" }, { "name": "Rsasha1nsec3sha1", "description": "RSA/SHA1-NSEC3-SHA1. Not recommended for new deployments.", "value": "RSASHA1NSEC3SHA1" }, { "name": "Rsasha256", "description": "RSA/SHA-256.", "value": "RSASHA256" }, { "name": "Rsasha512", "description": "RSA/SHA-512.", "value": "RSASHA512" }, { "name": "Eccgost", "description": "GOST R 34.10-2001.", "value": "ECCGOST" }, { "name": "Ecdsap256sha256", "description": "ECDSA Curve P-256 with SHA-256.", "value": "ECDSAP256SHA256" }, { "name": "Ecdsap384sha384", "description": "ECDSA Curve P-384 with SHA-384.", "value": "ECDSAP384SHA384" }, { "name": "Ed25519", "description": "Ed25519.", "value": "ED25519" }, { "name": "Ed448", "description": "Ed448.", "value": "ED448" }, { "name": "Indirect", "description": "Reserved for Indirect Keys. Cannot be used for new deployments.", "value": "INDIRECT" }, { "name": "Privatedns", "description": "Private algorithm. Cannot be used for new deployments.", "value": "PRIVATEDNS" }, { "name": "Privateoid", "description": "Private algorithm OID. Cannot be used for new deployments.", "value": "PRIVATEOID" } ] }, "google-native:domains/v1beta1:DsRecordDigestType": { "description": "The hash function used to generate the digest of the referenced DNSKEY.", "type": "string", "enum": [ { "name": "DigestTypeUnspecified", "description": "The DigestType is unspecified.", "value": "DIGEST_TYPE_UNSPECIFIED" }, { "name": "Sha1", "description": "SHA-1. Not recommended for new deployments.", "value": "SHA1" }, { "name": "Sha256", "description": "SHA-256.", "value": "SHA256" }, { "name": "Gost3411", "description": "GOST R 34.11-94.", "value": "GOST3411" }, { "name": "Sha384", "description": "SHA-384.", "value": "SHA384" } ] }, "google-native:domains/v1beta1:DsRecordResponse": { "description": "Defines a Delegation Signer (DS) record, which is needed to enable DNSSEC for a domain. It contains a digest (hash) of a DNSKEY record that must be present in the domain's DNS zone.", "properties": { "algorithm": { "type": "string", "description": "The algorithm used to generate the referenced DNSKEY." }, "digest": { "type": "string", "description": "The digest generated from the referenced DNSKEY." }, "digestType": { "type": "string", "description": "The hash function used to generate the digest of the referenced DNSKEY." }, "keyTag": { "type": "integer", "description": "The key tag of the record. Must be set in range 0 -- 65535." } }, "type": "object", "required": [ "algorithm", "digest", "digestType", "keyTag" ] }, "google-native:domains/v1beta1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:domains/v1beta1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:domains/v1beta1:GlueRecord": { "description": "Defines a host on your domain that is a DNS name server for your domain and/or other domains. Glue records are a way of making the IP address of a name server known, even when it serves DNS queries for its parent domain. For example, when `ns.example.com` is a name server for `example.com`, the host `ns.example.com` must have a glue record to break the circular DNS reference.", "properties": { "hostName": { "type": "string", "description": "Domain name of the host in Punycode format." }, "ipv4Addresses": { "type": "array", "items": { "type": "string" }, "description": "List of IPv4 addresses corresponding to this host in the standard decimal format (e.g. `198.51.100.1`). At least one of `ipv4_address` and `ipv6_address` must be set." }, "ipv6Addresses": { "type": "array", "items": { "type": "string" }, "description": "List of IPv6 addresses corresponding to this host in the standard hexadecimal format (e.g. `2001:db8::`). At least one of `ipv4_address` and `ipv6_address` must be set." } }, "type": "object", "required": [ "hostName" ] }, "google-native:domains/v1beta1:GlueRecordResponse": { "description": "Defines a host on your domain that is a DNS name server for your domain and/or other domains. Glue records are a way of making the IP address of a name server known, even when it serves DNS queries for its parent domain. For example, when `ns.example.com` is a name server for `example.com`, the host `ns.example.com` must have a glue record to break the circular DNS reference.", "properties": { "hostName": { "type": "string", "description": "Domain name of the host in Punycode format." }, "ipv4Addresses": { "type": "array", "items": { "type": "string" }, "description": "List of IPv4 addresses corresponding to this host in the standard decimal format (e.g. `198.51.100.1`). At least one of `ipv4_address` and `ipv6_address` must be set." }, "ipv6Addresses": { "type": "array", "items": { "type": "string" }, "description": "List of IPv6 addresses corresponding to this host in the standard hexadecimal format (e.g. `2001:db8::`). At least one of `ipv4_address` and `ipv6_address` must be set." } }, "type": "object", "required": [ "hostName", "ipv4Addresses", "ipv6Addresses" ] }, "google-native:domains/v1beta1:GoogleDomainsDns": { "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) Configuration for using the free DNS zone provided by Google Domains as a `Registration`'s `dns_provider`. You cannot configure the DNS zone itself using the API. To configure the DNS zone, go to [Google Domains](https://domains.google/).", "properties": { "dsState": { "$ref": "#/types/google-native:domains%2Fv1beta1:GoogleDomainsDnsDsState", "description": "The state of DS records for this domain. Used to enable or disable automatic DNSSEC." } }, "type": "object", "required": [ "dsState" ] }, "google-native:domains/v1beta1:GoogleDomainsDnsDsState": { "description": "Required. The state of DS records for this domain. Used to enable or disable automatic DNSSEC.", "type": "string", "enum": [ { "name": "DsStateUnspecified", "description": "DS state is unspecified.", "value": "DS_STATE_UNSPECIFIED" }, { "name": "DsRecordsUnpublished", "description": "DNSSEC is disabled for this domain. No DS records for this domain are published in the parent DNS zone.", "value": "DS_RECORDS_UNPUBLISHED" }, { "name": "DsRecordsPublished", "description": "DNSSEC is enabled for this domain. Appropriate DS records for this domain are published in the parent DNS zone. This option is valid only if the DNS zone referenced in the `Registration`'s `dns_provider` field is already DNSSEC-signed.", "value": "DS_RECORDS_PUBLISHED" } ] }, "google-native:domains/v1beta1:GoogleDomainsDnsResponse": { "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) Configuration for using the free DNS zone provided by Google Domains as a `Registration`'s `dns_provider`. You cannot configure the DNS zone itself using the API. To configure the DNS zone, go to [Google Domains](https://domains.google/).", "properties": { "dsRecords": { "type": "array", "items": { "$ref": "#/types/google-native:domains%2Fv1beta1:DsRecordResponse" }, "description": "The list of DS records published for this domain. The list is automatically populated when `ds_state` is `DS_RECORDS_PUBLISHED`, otherwise it remains empty." }, "dsState": { "type": "string", "description": "The state of DS records for this domain. Used to enable or disable automatic DNSSEC." }, "nameServers": { "type": "array", "items": { "type": "string" }, "description": "A list of name servers that store the DNS zone for this domain. Each name server is a domain name, with Unicode domain names expressed in Punycode format. This field is automatically populated with the name servers assigned to the Google Domains DNS zone." } }, "type": "object", "required": [ "dsRecords", "dsState", "nameServers" ] }, "google-native:domains/v1beta1:ManagementSettings": { "description": "Defines renewal, billing, and transfer settings for a `Registration`.", "properties": { "preferredRenewalMethod": { "$ref": "#/types/google-native:domains%2Fv1beta1:ManagementSettingsPreferredRenewalMethod", "description": "Optional. The desired renewal method for this `Registration`. The actual `renewal_method` is automatically updated to reflect this choice. If unset or equal to `RENEWAL_METHOD_UNSPECIFIED`, it will be treated as if it were set to `AUTOMATIC_RENEWAL`. Can't be set to `RENEWAL_DISABLED` during resource creation and can only be updated when the `Registration` resource has state `ACTIVE` or `SUSPENDED`. When `preferred_renewal_method` is set to `AUTOMATIC_RENEWAL` the actual `renewal_method` can be set to `RENEWAL_DISABLED` in case of e.g. problems with the Billing Account or reported domain abuse. In such cases check the `issues` field on the `Registration`. After the problem is resolved the `renewal_method` will be automatically updated to `preferred_renewal_method` in a few hours." }, "transferLockState": { "$ref": "#/types/google-native:domains%2Fv1beta1:ManagementSettingsTransferLockState", "description": "Controls whether the domain can be transferred to another registrar." } }, "type": "object" }, "google-native:domains/v1beta1:ManagementSettingsPreferredRenewalMethod": { "description": "Optional. The desired renewal method for this `Registration`. The actual `renewal_method` is automatically updated to reflect this choice. If unset or equal to `RENEWAL_METHOD_UNSPECIFIED`, it will be treated as if it were set to `AUTOMATIC_RENEWAL`. Can't be set to `RENEWAL_DISABLED` during resource creation and can only be updated when the `Registration` resource has state `ACTIVE` or `SUSPENDED`. When `preferred_renewal_method` is set to `AUTOMATIC_RENEWAL` the actual `renewal_method` can be set to `RENEWAL_DISABLED` in case of e.g. problems with the Billing Account or reported domain abuse. In such cases check the `issues` field on the `Registration`. After the problem is resolved the `renewal_method` will be automatically updated to `preferred_renewal_method` in a few hours.", "type": "string", "enum": [ { "name": "RenewalMethodUnspecified", "description": "The renewal method is undefined.", "value": "RENEWAL_METHOD_UNSPECIFIED" }, { "name": "AutomaticRenewal", "description": "The domain is automatically renewed each year.", "value": "AUTOMATIC_RENEWAL" }, { "name": "ManualRenewal", "description": "Deprecated: For more information, see [Cloud Domains feature deprecation](https://cloud.google.com/domains/docs/deprecations/feature-deprecations) This option was never used. Use RENEWAL_DISABLED instead.", "value": "MANUAL_RENEWAL" }, { "name": "RenewalDisabled", "description": "The domain won't be renewed and will expire at its expiration time.", "value": "RENEWAL_DISABLED" } ] }, "google-native:domains/v1beta1:ManagementSettingsResponse": { "description": "Defines renewal, billing, and transfer settings for a `Registration`.", "properties": { "preferredRenewalMethod": { "type": "string", "description": "Optional. The desired renewal method for this `Registration`. The actual `renewal_method` is automatically updated to reflect this choice. If unset or equal to `RENEWAL_METHOD_UNSPECIFIED`, it will be treated as if it were set to `AUTOMATIC_RENEWAL`. Can't be set to `RENEWAL_DISABLED` during resource creation and can only be updated when the `Registration` resource has state `ACTIVE` or `SUSPENDED`. When `preferred_renewal_method` is set to `AUTOMATIC_RENEWAL` the actual `renewal_method` can be set to `RENEWAL_DISABLED` in case of e.g. problems with the Billing Account or reported domain abuse. In such cases check the `issues` field on the `Registration`. After the problem is resolved the `renewal_method` will be automatically updated to `preferred_renewal_method` in a few hours." }, "renewalMethod": { "type": "string", "description": "The actual renewal method for this `Registration`. When `preferred_renewal_method` is set to `AUTOMATIC_RENEWAL` the actual `renewal_method` can be equal to `RENEWAL_DISABLED` in case of e.g. problems with the Billing Account or reported domain abuse. In such cases check the `issues` field on the `Registration`. After the problem is resolved the `renewal_method` will be automatically updated to `preferred_renewal_method` in a few hours." }, "transferLockState": { "type": "string", "description": "Controls whether the domain can be transferred to another registrar." } }, "type": "object", "required": [ "preferredRenewalMethod", "renewalMethod", "transferLockState" ] }, "google-native:domains/v1beta1:ManagementSettingsTransferLockState": { "description": "Controls whether the domain can be transferred to another registrar.", "type": "string", "enum": [ { "name": "TransferLockStateUnspecified", "description": "The state is unspecified.", "value": "TRANSFER_LOCK_STATE_UNSPECIFIED" }, { "name": "Unlocked", "description": "The domain is unlocked and can be transferred to another registrar.", "value": "UNLOCKED" }, { "name": "Locked", "description": "The domain is locked and cannot be transferred to another registrar.", "value": "LOCKED" } ] }, "google-native:domains/v1beta1:Money": { "description": "Represents an amount of money with its currency type.", "properties": { "currencyCode": { "type": "string", "description": "The three-letter currency code defined in ISO 4217." }, "nanos": { "type": "integer", "description": "Number of nano (10^-9) units of the amount. The value must be between -999,999,999 and +999,999,999 inclusive. If `units` is positive, `nanos` must be positive or zero. If `units` is zero, `nanos` can be positive, zero, or negative. If `units` is negative, `nanos` must be negative or zero. For example $-1.75 is represented as `units`=-1 and `nanos`=-750,000,000." }, "units": { "type": "string", "description": "The whole units of the amount. For example if `currencyCode` is `\"USD\"`, then 1 unit is one US dollar." } }, "type": "object" }, "google-native:domains/v1beta1:PostalAddress": { "description": "Represents a postal address, e.g. for postal delivery or payments addresses. Given a postal address, a postal service can deliver items to a premise, P.O. Box or similar. It is not intended to model geographical locations (roads, towns, mountains). In typical usage an address would be created via user input or from importing existing data, depending on the type of process. Advice on address input / editing: - Use an internationalization-ready address widget such as https://github.com/google/libaddressinput) - Users should not be presented with UI elements for input or editing of fields outside countries where that field is used. For more guidance on how to use this schema, please see: https://support.google.com/business/answer/6397478", "properties": { "addressLines": { "type": "array", "items": { "type": "string" }, "description": "Unstructured address lines describing the lower levels of an address. Because values in address_lines do not have type information and may sometimes contain multiple values in a single field (e.g. \"Austin, TX\"), it is important that the line order is clear. The order of address lines should be \"envelope order\" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. \"ja\" for large-to-small ordering and \"ja-Latn\" or \"en\" for small-to-large). This way, the most specific line of an address can be selected based on the language. The minimum permitted structural representation of an address consists of a region_code with all remaining information placed in the address_lines. It would be possible to format such an address very approximately without geocoding, but no semantic reasoning could be made about any of the address components until it was at least partially resolved. Creating an address only containing a region_code and address_lines, and then geocoding is the recommended way to handle completely unstructured addresses (as opposed to guessing which parts of the address should be localities or administrative areas)." }, "administrativeArea": { "type": "string", "description": "Optional. Highest administrative subdivision which is used for postal addresses of a country or region. For example, this can be a state, a province, an oblast, or a prefecture. Specifically, for Spain this is the province and not the autonomous community (e.g. \"Barcelona\" and not \"Catalonia\"). Many countries don't use an administrative area in postal addresses. E.g. in Switzerland this should be left unpopulated." }, "languageCode": { "type": "string", "description": "Optional. BCP-47 language code of the contents of this address (if known). This is often the UI language of the input form or is expected to match one of the languages used in the address' country/region, or their transliterated equivalents. This can affect formatting in certain countries, but is not critical to the correctness of the data and will never affect any validation or other non-formatting related operations. If this value is not known, it should be omitted (rather than specifying a possibly incorrect default). Examples: \"zh-Hant\", \"ja\", \"ja-Latn\", \"en\"." }, "locality": { "type": "string", "description": "Optional. Generally refers to the city/town portion of the address. Examples: US city, IT comune, UK post town. In regions of the world where localities are not well defined or do not fit into this structure well, leave locality empty and use address_lines." }, "organization": { "type": "string", "description": "Optional. The name of the organization at the address." }, "postalCode": { "type": "string", "description": "Optional. Postal code of the address. Not all countries use or require postal codes to be present, but where they are used, they may trigger additional validation with other parts of the address (e.g. state/zip validation in the U.S.A.)." }, "recipients": { "type": "array", "items": { "type": "string" }, "description": "Optional. The recipient at the address. This field may, under certain circumstances, contain multiline information. For example, it might contain \"care of\" information." }, "regionCode": { "type": "string", "description": "CLDR region code of the country/region of the address. This is never inferred and it is up to the user to ensure the value is correct. See https://cldr.unicode.org/ and https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html for details. Example: \"CH\" for Switzerland." }, "revision": { "type": "integer", "description": "The schema revision of the `PostalAddress`. This must be set to 0, which is the latest revision. All new revisions **must** be backward compatible with old revisions." }, "sortingCode": { "type": "string", "description": "Optional. Additional, country-specific, sorting code. This is not used in most regions. Where it is used, the value is either a string like \"CEDEX\", optionally followed by a number (e.g. \"CEDEX 7\"), or just a number alone, representing the \"sector code\" (Jamaica), \"delivery area indicator\" (Malawi) or \"post office indicator\" (e.g. Côte d'Ivoire)." }, "sublocality": { "type": "string", "description": "Optional. Sublocality of the address. For example, this can be neighborhoods, boroughs, districts." } }, "type": "object", "required": [ "regionCode" ] }, "google-native:domains/v1beta1:PostalAddressResponse": { "description": "Represents a postal address, e.g. for postal delivery or payments addresses. Given a postal address, a postal service can deliver items to a premise, P.O. Box or similar. It is not intended to model geographical locations (roads, towns, mountains). In typical usage an address would be created via user input or from importing existing data, depending on the type of process. Advice on address input / editing: - Use an internationalization-ready address widget such as https://github.com/google/libaddressinput) - Users should not be presented with UI elements for input or editing of fields outside countries where that field is used. For more guidance on how to use this schema, please see: https://support.google.com/business/answer/6397478", "properties": { "addressLines": { "type": "array", "items": { "type": "string" }, "description": "Unstructured address lines describing the lower levels of an address. Because values in address_lines do not have type information and may sometimes contain multiple values in a single field (e.g. \"Austin, TX\"), it is important that the line order is clear. The order of address lines should be \"envelope order\" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. \"ja\" for large-to-small ordering and \"ja-Latn\" or \"en\" for small-to-large). This way, the most specific line of an address can be selected based on the language. The minimum permitted structural representation of an address consists of a region_code with all remaining information placed in the address_lines. It would be possible to format such an address very approximately without geocoding, but no semantic reasoning could be made about any of the address components until it was at least partially resolved. Creating an address only containing a region_code and address_lines, and then geocoding is the recommended way to handle completely unstructured addresses (as opposed to guessing which parts of the address should be localities or administrative areas)." }, "administrativeArea": { "type": "string", "description": "Optional. Highest administrative subdivision which is used for postal addresses of a country or region. For example, this can be a state, a province, an oblast, or a prefecture. Specifically, for Spain this is the province and not the autonomous community (e.g. \"Barcelona\" and not \"Catalonia\"). Many countries don't use an administrative area in postal addresses. E.g. in Switzerland this should be left unpopulated." }, "languageCode": { "type": "string", "description": "Optional. BCP-47 language code of the contents of this address (if known). This is often the UI language of the input form or is expected to match one of the languages used in the address' country/region, or their transliterated equivalents. This can affect formatting in certain countries, but is not critical to the correctness of the data and will never affect any validation or other non-formatting related operations. If this value is not known, it should be omitted (rather than specifying a possibly incorrect default). Examples: \"zh-Hant\", \"ja\", \"ja-Latn\", \"en\"." }, "locality": { "type": "string", "description": "Optional. Generally refers to the city/town portion of the address. Examples: US city, IT comune, UK post town. In regions of the world where localities are not well defined or do not fit into this structure well, leave locality empty and use address_lines." }, "organization": { "type": "string", "description": "Optional. The name of the organization at the address." }, "postalCode": { "type": "string", "description": "Optional. Postal code of the address. Not all countries use or require postal codes to be present, but where they are used, they may trigger additional validation with other parts of the address (e.g. state/zip validation in the U.S.A.)." }, "recipients": { "type": "array", "items": { "type": "string" }, "description": "Optional. The recipient at the address. This field may, under certain circumstances, contain multiline information. For example, it might contain \"care of\" information." }, "regionCode": { "type": "string", "description": "CLDR region code of the country/region of the address. This is never inferred and it is up to the user to ensure the value is correct. See https://cldr.unicode.org/ and https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html for details. Example: \"CH\" for Switzerland." }, "revision": { "type": "integer", "description": "The schema revision of the `PostalAddress`. This must be set to 0, which is the latest revision. All new revisions **must** be backward compatible with old revisions." }, "sortingCode": { "type": "string", "description": "Optional. Additional, country-specific, sorting code. This is not used in most regions. Where it is used, the value is either a string like \"CEDEX\", optionally followed by a number (e.g. \"CEDEX 7\"), or just a number alone, representing the \"sector code\" (Jamaica), \"delivery area indicator\" (Malawi) or \"post office indicator\" (e.g. Côte d'Ivoire)." }, "sublocality": { "type": "string", "description": "Optional. Sublocality of the address. For example, this can be neighborhoods, boroughs, districts." } }, "type": "object", "required": [ "addressLines", "administrativeArea", "languageCode", "locality", "organization", "postalCode", "recipients", "regionCode", "revision", "sortingCode", "sublocality" ] }, "google-native:domains/v1beta1:RegistrationContactNoticesItem": { "type": "string", "enum": [ { "name": "ContactNoticeUnspecified", "description": "The notice is undefined.", "value": "CONTACT_NOTICE_UNSPECIFIED" }, { "name": "PublicContactDataAcknowledgement", "description": "Required when setting the `privacy` field of `ContactSettings` to `PUBLIC_CONTACT_DATA`, which exposes contact data publicly.", "value": "PUBLIC_CONTACT_DATA_ACKNOWLEDGEMENT" } ] }, "google-native:domains/v1beta1:RegistrationDomainNoticesItem": { "type": "string", "enum": [ { "name": "DomainNoticeUnspecified", "description": "The notice is undefined.", "value": "DOMAIN_NOTICE_UNSPECIFIED" }, { "name": "HstsPreloaded", "description": "Indicates that the domain is preloaded on the HTTP Strict Transport Security list in browsers. Serving a website on such domain requires an SSL certificate. For details, see [how to get an SSL certificate](https://support.google.com/domains/answer/7638036).", "value": "HSTS_PRELOADED" } ] }, "google-native:essentialcontacts/v1:ContactNotificationCategorySubscriptionsItem": { "type": "string", "enum": [ { "name": "NotificationCategoryUnspecified", "description": "Notification category is unrecognized or unspecified.", "value": "NOTIFICATION_CATEGORY_UNSPECIFIED" }, { "name": "All", "description": "All notifications related to the resource, including notifications pertaining to categories added in the future.", "value": "ALL" }, { "name": "Suspension", "description": "Notifications related to imminent account suspension.", "value": "SUSPENSION" }, { "name": "Security", "description": "Notifications related to security/privacy incidents, notifications, and vulnerabilities.", "value": "SECURITY" }, { "name": "Technical", "description": "Notifications related to technical events and issues such as outages, errors, or bugs.", "value": "TECHNICAL" }, { "name": "Billing", "description": "Notifications related to billing and payments notifications, price updates, errors, or credits.", "value": "BILLING" }, { "name": "Legal", "description": "Notifications related to enforcement actions, regulatory compliance, or government notices.", "value": "LEGAL" }, { "name": "ProductUpdates", "description": "Notifications related to new versions, product terms updates, or deprecations.", "value": "PRODUCT_UPDATES" }, { "name": "TechnicalIncidents", "description": "Child category of TECHNICAL. If assigned, technical incident notifications will go to these contacts instead of TECHNICAL.", "value": "TECHNICAL_INCIDENTS" } ] }, "google-native:essentialcontacts/v1:ContactValidationState": { "description": "The validity of the contact. A contact is considered valid if it is the correct recipient for notifications for a particular resource.", "type": "string", "enum": [ { "name": "ValidationStateUnspecified", "description": "The validation state is unknown or unspecified.", "value": "VALIDATION_STATE_UNSPECIFIED" }, { "name": "Valid", "description": "The contact is marked as valid. This is usually done manually by the contact admin. All new contacts begin in the valid state.", "value": "VALID" }, { "name": "Invalid", "description": "The contact is considered invalid. This may become the state if the contact's email is found to be unreachable.", "value": "INVALID" } ] }, "google-native:essentialcontacts/v1:FolderContactNotificationCategorySubscriptionsItem": { "type": "string", "enum": [ { "name": "NotificationCategoryUnspecified", "description": "Notification category is unrecognized or unspecified.", "value": "NOTIFICATION_CATEGORY_UNSPECIFIED" }, { "name": "All", "description": "All notifications related to the resource, including notifications pertaining to categories added in the future.", "value": "ALL" }, { "name": "Suspension", "description": "Notifications related to imminent account suspension.", "value": "SUSPENSION" }, { "name": "Security", "description": "Notifications related to security/privacy incidents, notifications, and vulnerabilities.", "value": "SECURITY" }, { "name": "Technical", "description": "Notifications related to technical events and issues such as outages, errors, or bugs.", "value": "TECHNICAL" }, { "name": "Billing", "description": "Notifications related to billing and payments notifications, price updates, errors, or credits.", "value": "BILLING" }, { "name": "Legal", "description": "Notifications related to enforcement actions, regulatory compliance, or government notices.", "value": "LEGAL" }, { "name": "ProductUpdates", "description": "Notifications related to new versions, product terms updates, or deprecations.", "value": "PRODUCT_UPDATES" }, { "name": "TechnicalIncidents", "description": "Child category of TECHNICAL. If assigned, technical incident notifications will go to these contacts instead of TECHNICAL.", "value": "TECHNICAL_INCIDENTS" } ] }, "google-native:essentialcontacts/v1:FolderContactValidationState": { "description": "The validity of the contact. A contact is considered valid if it is the correct recipient for notifications for a particular resource.", "type": "string", "enum": [ { "name": "ValidationStateUnspecified", "description": "The validation state is unknown or unspecified.", "value": "VALIDATION_STATE_UNSPECIFIED" }, { "name": "Valid", "description": "The contact is marked as valid. This is usually done manually by the contact admin. All new contacts begin in the valid state.", "value": "VALID" }, { "name": "Invalid", "description": "The contact is considered invalid. This may become the state if the contact's email is found to be unreachable.", "value": "INVALID" } ] }, "google-native:essentialcontacts/v1:OrganizationContactNotificationCategorySubscriptionsItem": { "type": "string", "enum": [ { "name": "NotificationCategoryUnspecified", "description": "Notification category is unrecognized or unspecified.", "value": "NOTIFICATION_CATEGORY_UNSPECIFIED" }, { "name": "All", "description": "All notifications related to the resource, including notifications pertaining to categories added in the future.", "value": "ALL" }, { "name": "Suspension", "description": "Notifications related to imminent account suspension.", "value": "SUSPENSION" }, { "name": "Security", "description": "Notifications related to security/privacy incidents, notifications, and vulnerabilities.", "value": "SECURITY" }, { "name": "Technical", "description": "Notifications related to technical events and issues such as outages, errors, or bugs.", "value": "TECHNICAL" }, { "name": "Billing", "description": "Notifications related to billing and payments notifications, price updates, errors, or credits.", "value": "BILLING" }, { "name": "Legal", "description": "Notifications related to enforcement actions, regulatory compliance, or government notices.", "value": "LEGAL" }, { "name": "ProductUpdates", "description": "Notifications related to new versions, product terms updates, or deprecations.", "value": "PRODUCT_UPDATES" }, { "name": "TechnicalIncidents", "description": "Child category of TECHNICAL. If assigned, technical incident notifications will go to these contacts instead of TECHNICAL.", "value": "TECHNICAL_INCIDENTS" } ] }, "google-native:essentialcontacts/v1:OrganizationContactValidationState": { "description": "The validity of the contact. A contact is considered valid if it is the correct recipient for notifications for a particular resource.", "type": "string", "enum": [ { "name": "ValidationStateUnspecified", "description": "The validation state is unknown or unspecified.", "value": "VALIDATION_STATE_UNSPECIFIED" }, { "name": "Valid", "description": "The contact is marked as valid. This is usually done manually by the contact admin. All new contacts begin in the valid state.", "value": "VALID" }, { "name": "Invalid", "description": "The contact is considered invalid. This may become the state if the contact's email is found to be unreachable.", "value": "INVALID" } ] }, "google-native:eventarc/v1:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:eventarc%2Fv1:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:eventarc/v1:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:eventarc%2Fv1:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:eventarc/v1:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:eventarc%2Fv1:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:eventarc/v1:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:eventarc/v1:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:eventarc/v1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:eventarc%2Fv1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:eventarc/v1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:eventarc%2Fv1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:eventarc/v1:CloudRun": { "description": "Represents a Cloud Run destination.", "properties": { "path": { "type": "string", "description": "Optional. The relative path on the Cloud Run service the events should be sent to. The value must conform to the definition of a URI path segment (section 3.3 of RFC2396). Examples: \"/route\", \"route\", \"route/subroute\"." }, "region": { "type": "string", "description": "The region the Cloud Run service is deployed in." }, "service": { "type": "string", "description": "The name of the Cloud Run service being addressed. See https://cloud.google.com/run/docs/reference/rest/v1/namespaces.services. Only services located in the same project as the trigger object can be addressed." } }, "type": "object", "required": [ "region", "service" ] }, "google-native:eventarc/v1:CloudRunResponse": { "description": "Represents a Cloud Run destination.", "properties": { "path": { "type": "string", "description": "Optional. The relative path on the Cloud Run service the events should be sent to. The value must conform to the definition of a URI path segment (section 3.3 of RFC2396). Examples: \"/route\", \"route\", \"route/subroute\"." }, "region": { "type": "string", "description": "The region the Cloud Run service is deployed in." }, "service": { "type": "string", "description": "The name of the Cloud Run service being addressed. See https://cloud.google.com/run/docs/reference/rest/v1/namespaces.services. Only services located in the same project as the trigger object can be addressed." } }, "type": "object", "required": [ "path", "region", "service" ] }, "google-native:eventarc/v1:Destination": { "description": "Represents a target of an invocation over HTTP.", "properties": { "cloudFunction": { "type": "string", "description": "The Cloud Function resource name. Cloud Functions V1 and V2 are supported. Format: `projects/{project}/locations/{location}/functions/{function}` This is a read-only field. Creating Cloud Functions V1/V2 triggers is only supported via the Cloud Functions product. An error will be returned if the user sets this value." }, "cloudRun": { "$ref": "#/types/google-native:eventarc%2Fv1:CloudRun", "description": "Cloud Run fully-managed resource that receives the events. The resource should be in the same project as the trigger." }, "gke": { "$ref": "#/types/google-native:eventarc%2Fv1:GKE", "description": "A GKE service capable of receiving events. The service should be running in the same project as the trigger." }, "httpEndpoint": { "$ref": "#/types/google-native:eventarc%2Fv1:HttpEndpoint", "description": "An HTTP endpoint destination described by an URI." }, "networkConfig": { "$ref": "#/types/google-native:eventarc%2Fv1:NetworkConfig", "description": "Optional. Network config is used to configure how Eventarc resolves and connect to a destination. This should only be used with HttpEndpoint destination type." }, "workflow": { "type": "string", "description": "The resource name of the Workflow whose Executions are triggered by the events. The Workflow resource should be deployed in the same project as the trigger. Format: `projects/{project}/locations/{location}/workflows/{workflow}`" } }, "type": "object" }, "google-native:eventarc/v1:DestinationResponse": { "description": "Represents a target of an invocation over HTTP.", "properties": { "cloudFunction": { "type": "string", "description": "The Cloud Function resource name. Cloud Functions V1 and V2 are supported. Format: `projects/{project}/locations/{location}/functions/{function}` This is a read-only field. Creating Cloud Functions V1/V2 triggers is only supported via the Cloud Functions product. An error will be returned if the user sets this value." }, "cloudRun": { "$ref": "#/types/google-native:eventarc%2Fv1:CloudRunResponse", "description": "Cloud Run fully-managed resource that receives the events. The resource should be in the same project as the trigger." }, "gke": { "$ref": "#/types/google-native:eventarc%2Fv1:GKEResponse", "description": "A GKE service capable of receiving events. The service should be running in the same project as the trigger." }, "httpEndpoint": { "$ref": "#/types/google-native:eventarc%2Fv1:HttpEndpointResponse", "description": "An HTTP endpoint destination described by an URI." }, "networkConfig": { "$ref": "#/types/google-native:eventarc%2Fv1:NetworkConfigResponse", "description": "Optional. Network config is used to configure how Eventarc resolves and connect to a destination. This should only be used with HttpEndpoint destination type." }, "workflow": { "type": "string", "description": "The resource name of the Workflow whose Executions are triggered by the events. The Workflow resource should be deployed in the same project as the trigger. Format: `projects/{project}/locations/{location}/workflows/{workflow}`" } }, "type": "object", "required": [ "cloudFunction", "cloudRun", "gke", "httpEndpoint", "networkConfig", "workflow" ] }, "google-native:eventarc/v1:EventFilter": { "description": "Filters events based on exact matches on the CloudEvents attributes.", "properties": { "attribute": { "type": "string", "description": "The name of a CloudEvents attribute. Currently, only a subset of attributes are supported for filtering. You can [retrieve a specific provider's supported event types](/eventarc/docs/list-providers#describe-provider). All triggers MUST provide a filter for the 'type' attribute." }, "operator": { "type": "string", "description": "Optional. The operator used for matching the events with the value of the filter. If not specified, only events that have an exact key-value pair specified in the filter are matched. The allowed values are `path_pattern` and `match-path-pattern`. `path_pattern` is only allowed for GCFv1 triggers." }, "value": { "type": "string", "description": "The value for the attribute." } }, "type": "object", "required": [ "attribute", "value" ] }, "google-native:eventarc/v1:EventFilterResponse": { "description": "Filters events based on exact matches on the CloudEvents attributes.", "properties": { "attribute": { "type": "string", "description": "The name of a CloudEvents attribute. Currently, only a subset of attributes are supported for filtering. You can [retrieve a specific provider's supported event types](/eventarc/docs/list-providers#describe-provider). All triggers MUST provide a filter for the 'type' attribute." }, "operator": { "type": "string", "description": "Optional. The operator used for matching the events with the value of the filter. If not specified, only events that have an exact key-value pair specified in the filter are matched. The allowed values are `path_pattern` and `match-path-pattern`. `path_pattern` is only allowed for GCFv1 triggers." }, "value": { "type": "string", "description": "The value for the attribute." } }, "type": "object", "required": [ "attribute", "operator", "value" ] }, "google-native:eventarc/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:eventarc/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:eventarc/v1:GKE": { "description": "Represents a GKE destination.", "properties": { "cluster": { "type": "string", "description": "The name of the cluster the GKE service is running in. The cluster must be running in the same project as the trigger being created." }, "location": { "type": "string", "description": "The name of the Google Compute Engine in which the cluster resides, which can either be compute zone (for example, us-central1-a) for the zonal clusters or region (for example, us-central1) for regional clusters." }, "namespace": { "type": "string", "description": "The namespace the GKE service is running in." }, "path": { "type": "string", "description": "Optional. The relative path on the GKE service the events should be sent to. The value must conform to the definition of a URI path segment (section 3.3 of RFC2396). Examples: \"/route\", \"route\", \"route/subroute\"." }, "service": { "type": "string", "description": "Name of the GKE service." } }, "type": "object", "required": [ "cluster", "location", "namespace", "service" ] }, "google-native:eventarc/v1:GKEResponse": { "description": "Represents a GKE destination.", "properties": { "cluster": { "type": "string", "description": "The name of the cluster the GKE service is running in. The cluster must be running in the same project as the trigger being created." }, "location": { "type": "string", "description": "The name of the Google Compute Engine in which the cluster resides, which can either be compute zone (for example, us-central1-a) for the zonal clusters or region (for example, us-central1) for regional clusters." }, "namespace": { "type": "string", "description": "The namespace the GKE service is running in." }, "path": { "type": "string", "description": "Optional. The relative path on the GKE service the events should be sent to. The value must conform to the definition of a URI path segment (section 3.3 of RFC2396). Examples: \"/route\", \"route\", \"route/subroute\"." }, "service": { "type": "string", "description": "Name of the GKE service." } }, "type": "object", "required": [ "cluster", "location", "namespace", "path", "service" ] }, "google-native:eventarc/v1:HttpEndpoint": { "description": "Represents a HTTP endpoint destination.", "properties": { "uri": { "type": "string", "description": "The URI of the HTTP enpdoint. The value must be a RFC2396 URI string. Examples: `http://10.10.10.8:80/route`, `http://svc.us-central1.p.local:8080/`. Only HTTP and HTTPS protocols are supported. The host can be either a static IP addressable from the VPC specified by the network config, or an internal DNS hostname of the service resolvable via Cloud DNS." } }, "type": "object", "required": [ "uri" ] }, "google-native:eventarc/v1:HttpEndpointResponse": { "description": "Represents a HTTP endpoint destination.", "properties": { "uri": { "type": "string", "description": "The URI of the HTTP enpdoint. The value must be a RFC2396 URI string. Examples: `http://10.10.10.8:80/route`, `http://svc.us-central1.p.local:8080/`. Only HTTP and HTTPS protocols are supported. The host can be either a static IP addressable from the VPC specified by the network config, or an internal DNS hostname of the service resolvable via Cloud DNS." } }, "type": "object", "required": [ "uri" ] }, "google-native:eventarc/v1:NetworkConfig": { "description": "Represents a network config to be used for destination resolution and connectivity.", "properties": { "networkAttachment": { "type": "string", "description": "Name of the NetworkAttachment that allows access to the destination VPC. Format: `projects/{PROJECT_ID}/regions/{REGION}/networkAttachments/{NETWORK_ATTACHMENT_NAME}`" } }, "type": "object", "required": [ "networkAttachment" ] }, "google-native:eventarc/v1:NetworkConfigResponse": { "description": "Represents a network config to be used for destination resolution and connectivity.", "properties": { "networkAttachment": { "type": "string", "description": "Name of the NetworkAttachment that allows access to the destination VPC. Format: `projects/{PROJECT_ID}/regions/{REGION}/networkAttachments/{NETWORK_ATTACHMENT_NAME}`" } }, "type": "object", "required": [ "networkAttachment" ] }, "google-native:eventarc/v1:Pubsub": { "description": "Represents a Pub/Sub transport.", "properties": { "topic": { "type": "string", "description": "Optional. The name of the Pub/Sub topic created and managed by Eventarc as a transport for the event delivery. Format: `projects/{PROJECT_ID}/topics/{TOPIC_NAME}`. You can set an existing topic for triggers of the type `google.cloud.pubsub.topic.v1.messagePublished`. The topic you provide here is not deleted by Eventarc at trigger deletion." } }, "type": "object" }, "google-native:eventarc/v1:PubsubResponse": { "description": "Represents a Pub/Sub transport.", "properties": { "subscription": { "type": "string", "description": "The name of the Pub/Sub subscription created and managed by Eventarc as a transport for the event delivery. Format: `projects/{PROJECT_ID}/subscriptions/{SUBSCRIPTION_NAME}`." }, "topic": { "type": "string", "description": "Optional. The name of the Pub/Sub topic created and managed by Eventarc as a transport for the event delivery. Format: `projects/{PROJECT_ID}/topics/{TOPIC_NAME}`. You can set an existing topic for triggers of the type `google.cloud.pubsub.topic.v1.messagePublished`. The topic you provide here is not deleted by Eventarc at trigger deletion." } }, "type": "object", "required": [ "subscription", "topic" ] }, "google-native:eventarc/v1:Transport": { "description": "Represents the transport intermediaries created for the trigger to deliver events.", "properties": { "pubsub": { "$ref": "#/types/google-native:eventarc%2Fv1:Pubsub", "description": "The Pub/Sub topic and subscription used by Eventarc as a transport intermediary." } }, "type": "object" }, "google-native:eventarc/v1:TransportResponse": { "description": "Represents the transport intermediaries created for the trigger to deliver events.", "properties": { "pubsub": { "$ref": "#/types/google-native:eventarc%2Fv1:PubsubResponse", "description": "The Pub/Sub topic and subscription used by Eventarc as a transport intermediary." } }, "type": "object", "required": [ "pubsub" ] }, "google-native:eventarc/v1beta1:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:eventarc%2Fv1beta1:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:eventarc/v1beta1:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:eventarc%2Fv1beta1:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:eventarc/v1beta1:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:eventarc%2Fv1beta1:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:eventarc/v1beta1:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:eventarc/v1beta1:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:eventarc/v1beta1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:eventarc%2Fv1beta1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:eventarc/v1beta1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:eventarc%2Fv1beta1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:eventarc/v1beta1:CloudRunService": { "description": "Represents a Cloud Run service destination.", "properties": { "path": { "type": "string", "description": "Optional. The relative path on the Cloud Run service the events should be sent to. The value must conform to the definition of URI path segment (section 3.3 of RFC2396). Examples: \"/route\", \"route\", \"route/subroute\"." }, "region": { "type": "string", "description": "The region the Cloud Run service is deployed in." }, "service": { "type": "string", "description": "The name of the Cloud run service being addressed. See https://cloud.google.com/run/docs/reference/rest/v1/namespaces.services. Only services located in the same project of the trigger object can be addressed." } }, "type": "object", "required": [ "region", "service" ] }, "google-native:eventarc/v1beta1:CloudRunServiceResponse": { "description": "Represents a Cloud Run service destination.", "properties": { "path": { "type": "string", "description": "Optional. The relative path on the Cloud Run service the events should be sent to. The value must conform to the definition of URI path segment (section 3.3 of RFC2396). Examples: \"/route\", \"route\", \"route/subroute\"." }, "region": { "type": "string", "description": "The region the Cloud Run service is deployed in." }, "service": { "type": "string", "description": "The name of the Cloud run service being addressed. See https://cloud.google.com/run/docs/reference/rest/v1/namespaces.services. Only services located in the same project of the trigger object can be addressed." } }, "type": "object", "required": [ "path", "region", "service" ] }, "google-native:eventarc/v1beta1:Destination": { "description": "Represents a target of an invocation over HTTP.", "properties": { "cloudRunService": { "$ref": "#/types/google-native:eventarc%2Fv1beta1:CloudRunService", "description": "Cloud Run fully-managed service that receives the events. The service should be running in the same project as the trigger." } }, "type": "object" }, "google-native:eventarc/v1beta1:DestinationResponse": { "description": "Represents a target of an invocation over HTTP.", "properties": { "cloudRunService": { "$ref": "#/types/google-native:eventarc%2Fv1beta1:CloudRunServiceResponse", "description": "Cloud Run fully-managed service that receives the events. The service should be running in the same project as the trigger." } }, "type": "object", "required": [ "cloudRunService" ] }, "google-native:eventarc/v1beta1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:eventarc/v1beta1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:eventarc/v1beta1:MatchingCriteria": { "description": "Matches events based on exact matches on the CloudEvents attributes.", "properties": { "attribute": { "type": "string", "description": "The name of a CloudEvents attribute. Currently, only a subset of attributes can be specified. All triggers MUST provide a matching criteria for the 'type' attribute." }, "value": { "type": "string", "description": "The value for the attribute." } }, "type": "object", "required": [ "attribute", "value" ] }, "google-native:eventarc/v1beta1:MatchingCriteriaResponse": { "description": "Matches events based on exact matches on the CloudEvents attributes.", "properties": { "attribute": { "type": "string", "description": "The name of a CloudEvents attribute. Currently, only a subset of attributes can be specified. All triggers MUST provide a matching criteria for the 'type' attribute." }, "value": { "type": "string", "description": "The value for the attribute." } }, "type": "object", "required": [ "attribute", "value" ] }, "google-native:eventarc/v1beta1:PubsubResponse": { "description": "Represents a Pub/Sub transport.", "properties": { "subscription": { "type": "string", "description": "The name of the Pub/Sub subscription created and managed by Eventarc system as a transport for the event delivery. Format: `projects/{PROJECT_ID}/subscriptions/{SUBSCRIPTION_NAME}`." }, "topic": { "type": "string", "description": "Optional. The name of the Pub/Sub topic created and managed by Eventarc system as a transport for the event delivery. Format: `projects/{PROJECT_ID}/topics/{TOPIC_NAME}`. You may set an existing topic for triggers of the type `google.cloud.pubsub.topic.v1.messagePublished` only. The topic you provide here will not be deleted by Eventarc at trigger deletion." } }, "type": "object", "required": [ "subscription", "topic" ] }, "google-native:eventarc/v1beta1:TransportResponse": { "description": "Represents the transport intermediaries created for the trigger in order to deliver events.", "properties": { "pubsub": { "$ref": "#/types/google-native:eventarc%2Fv1beta1:PubsubResponse", "description": "The Pub/Sub topic and subscription used by Eventarc as delivery intermediary." } }, "type": "object", "required": [ "pubsub" ] }, "google-native:file/v1:FileShareConfig": { "description": "File share configuration for the instance.", "properties": { "capacityGb": { "type": "string", "description": "File share capacity in gigabytes (GB). Filestore defines 1 GB as 1024^3 bytes." }, "name": { "type": "string", "description": "The name of the file share (must be 16 characters or less)." }, "nfsExportOptions": { "type": "array", "items": { "$ref": "#/types/google-native:file%2Fv1:NfsExportOptions" }, "description": "Nfs Export Options. There is a limit of 10 export options per file share." }, "sourceBackup": { "type": "string", "description": "The resource name of the backup, in the format `projects/{project_number}/locations/{location_id}/backups/{backup_id}`, that this file share has been restored from." } }, "type": "object" }, "google-native:file/v1:FileShareConfigResponse": { "description": "File share configuration for the instance.", "properties": { "capacityGb": { "type": "string", "description": "File share capacity in gigabytes (GB). Filestore defines 1 GB as 1024^3 bytes." }, "name": { "type": "string", "description": "The name of the file share (must be 16 characters or less)." }, "nfsExportOptions": { "type": "array", "items": { "$ref": "#/types/google-native:file%2Fv1:NfsExportOptionsResponse" }, "description": "Nfs Export Options. There is a limit of 10 export options per file share." }, "sourceBackup": { "type": "string", "description": "The resource name of the backup, in the format `projects/{project_number}/locations/{location_id}/backups/{backup_id}`, that this file share has been restored from." } }, "type": "object", "required": [ "capacityGb", "name", "nfsExportOptions", "sourceBackup" ] }, "google-native:file/v1:InstanceTier": { "description": "The service tier of the instance.", "type": "string", "enum": [ { "name": "TierUnspecified", "description": "Not set.", "value": "TIER_UNSPECIFIED" }, { "name": "Standard", "description": "STANDARD tier. BASIC_HDD is the preferred term for this tier.", "value": "STANDARD" }, { "name": "Premium", "description": "PREMIUM tier. BASIC_SSD is the preferred term for this tier.", "value": "PREMIUM" }, { "name": "BasicHdd", "description": "BASIC instances offer a maximum capacity of 63.9 TB. BASIC_HDD is an alias for STANDARD Tier, offering economical performance backed by HDD.", "value": "BASIC_HDD" }, { "name": "BasicSsd", "description": "BASIC instances offer a maximum capacity of 63.9 TB. BASIC_SSD is an alias for PREMIUM Tier, and offers improved performance backed by SSD.", "value": "BASIC_SSD" }, { "name": "HighScaleSsd", "description": "HIGH_SCALE instances offer expanded capacity and performance scaling capabilities.", "value": "HIGH_SCALE_SSD" }, { "name": "Enterprise", "description": "ENTERPRISE instances offer the features and availability needed for mission-critical workloads.", "value": "ENTERPRISE" }, { "name": "Zonal", "description": "ZONAL instances offer expanded capacity and performance scaling capabilities.", "value": "ZONAL" }, { "name": "Regional", "description": "REGIONAL instances offer the features and availability needed for mission-critical workloads.", "value": "REGIONAL" } ] }, "google-native:file/v1:NetworkConfig": { "description": "Network configuration for the instance.", "properties": { "connectMode": { "$ref": "#/types/google-native:file%2Fv1:NetworkConfigConnectMode", "description": "The network connect mode of the Filestore instance. If not provided, the connect mode defaults to DIRECT_PEERING." }, "modes": { "type": "array", "items": { "$ref": "#/types/google-native:file%2Fv1:NetworkConfigModesItem" }, "description": "Internet protocol versions for which the instance has IP addresses assigned. For this version, only MODE_IPV4 is supported." }, "network": { "type": "string", "description": "The name of the Google Compute Engine [VPC network](https://cloud.google.com/vpc/docs/vpc) to which the instance is connected." }, "reservedIpRange": { "type": "string", "description": "Optional, reserved_ip_range can have one of the following two types of values. * CIDR range value when using DIRECT_PEERING connect mode. * [Allocated IP address range](https://cloud.google.com/compute/docs/ip-addresses/reserve-static-internal-ip-address) when using PRIVATE_SERVICE_ACCESS connect mode. When the name of an allocated IP address range is specified, it must be one of the ranges associated with the private service access connection. When specified as a direct CIDR value, it must be a /29 CIDR block for Basic tier, a /24 CIDR block for High Scale tier, or a /26 CIDR block for Enterprise tier in one of the [internal IP address ranges](https://www.arin.net/reference/research/statistics/address_filters/) that identifies the range of IP addresses reserved for this instance. For example, 10.0.0.0/29, 192.168.0.0/24 or 192.168.0.0/26, respectively. The range you specify can't overlap with either existing subnets or assigned IP address ranges for other Filestore instances in the selected VPC network." } }, "type": "object" }, "google-native:file/v1:NetworkConfigConnectMode": { "description": "The network connect mode of the Filestore instance. If not provided, the connect mode defaults to DIRECT_PEERING.", "type": "string", "enum": [ { "name": "ConnectModeUnspecified", "description": "Not set.", "value": "CONNECT_MODE_UNSPECIFIED" }, { "name": "DirectPeering", "description": "Connect via direct peering to the Filestore service.", "value": "DIRECT_PEERING" }, { "name": "PrivateServiceAccess", "description": "Connect to your Filestore instance using Private Service Access. Private services access provides an IP address range for multiple Google Cloud services, including Filestore.", "value": "PRIVATE_SERVICE_ACCESS" } ] }, "google-native:file/v1:NetworkConfigModesItem": { "type": "string", "enum": [ { "name": "AddressModeUnspecified", "description": "Internet protocol not set.", "value": "ADDRESS_MODE_UNSPECIFIED" }, { "name": "ModeIpv4", "description": "Use the IPv4 internet protocol.", "value": "MODE_IPV4" } ] }, "google-native:file/v1:NetworkConfigResponse": { "description": "Network configuration for the instance.", "properties": { "connectMode": { "type": "string", "description": "The network connect mode of the Filestore instance. If not provided, the connect mode defaults to DIRECT_PEERING." }, "ipAddresses": { "type": "array", "items": { "type": "string" }, "description": "IPv4 addresses in the format `{octet1}.{octet2}.{octet3}.{octet4}` or IPv6 addresses in the format `{block1}:{block2}:{block3}:{block4}:{block5}:{block6}:{block7}:{block8}`." }, "modes": { "type": "array", "items": { "type": "string" }, "description": "Internet protocol versions for which the instance has IP addresses assigned. For this version, only MODE_IPV4 is supported." }, "network": { "type": "string", "description": "The name of the Google Compute Engine [VPC network](https://cloud.google.com/vpc/docs/vpc) to which the instance is connected." }, "reservedIpRange": { "type": "string", "description": "Optional, reserved_ip_range can have one of the following two types of values. * CIDR range value when using DIRECT_PEERING connect mode. * [Allocated IP address range](https://cloud.google.com/compute/docs/ip-addresses/reserve-static-internal-ip-address) when using PRIVATE_SERVICE_ACCESS connect mode. When the name of an allocated IP address range is specified, it must be one of the ranges associated with the private service access connection. When specified as a direct CIDR value, it must be a /29 CIDR block for Basic tier, a /24 CIDR block for High Scale tier, or a /26 CIDR block for Enterprise tier in one of the [internal IP address ranges](https://www.arin.net/reference/research/statistics/address_filters/) that identifies the range of IP addresses reserved for this instance. For example, 10.0.0.0/29, 192.168.0.0/24 or 192.168.0.0/26, respectively. The range you specify can't overlap with either existing subnets or assigned IP address ranges for other Filestore instances in the selected VPC network." } }, "type": "object", "required": [ "connectMode", "ipAddresses", "modes", "network", "reservedIpRange" ] }, "google-native:file/v1:NfsExportOptions": { "description": "NFS export options specifications.", "properties": { "accessMode": { "$ref": "#/types/google-native:file%2Fv1:NfsExportOptionsAccessMode", "description": "Either READ_ONLY, for allowing only read requests on the exported directory, or READ_WRITE, for allowing both read and write requests. The default is READ_WRITE." }, "anonGid": { "type": "string", "description": "An integer representing the anonymous group id with a default value of 65534. Anon_gid may only be set with squash_mode of ROOT_SQUASH. An error will be returned if this field is specified for other squash_mode settings." }, "anonUid": { "type": "string", "description": "An integer representing the anonymous user id with a default value of 65534. Anon_uid may only be set with squash_mode of ROOT_SQUASH. An error will be returned if this field is specified for other squash_mode settings." }, "ipRanges": { "type": "array", "items": { "type": "string" }, "description": "List of either an IPv4 addresses in the format `{octet1}.{octet2}.{octet3}.{octet4}` or CIDR ranges in the format `{octet1}.{octet2}.{octet3}.{octet4}/{mask size}` which may mount the file share. Overlapping IP ranges are not allowed, both within and across NfsExportOptions. An error will be returned. The limit is 64 IP ranges/addresses for each FileShareConfig among all NfsExportOptions." }, "squashMode": { "$ref": "#/types/google-native:file%2Fv1:NfsExportOptionsSquashMode", "description": "Either NO_ROOT_SQUASH, for allowing root access on the exported directory, or ROOT_SQUASH, for not allowing root access. The default is NO_ROOT_SQUASH." } }, "type": "object" }, "google-native:file/v1:NfsExportOptionsAccessMode": { "description": "Either READ_ONLY, for allowing only read requests on the exported directory, or READ_WRITE, for allowing both read and write requests. The default is READ_WRITE.", "type": "string", "enum": [ { "name": "AccessModeUnspecified", "description": "AccessMode not set.", "value": "ACCESS_MODE_UNSPECIFIED" }, { "name": "ReadOnly", "description": "The client can only read the file share.", "value": "READ_ONLY" }, { "name": "ReadWrite", "description": "The client can read and write the file share (default).", "value": "READ_WRITE" } ] }, "google-native:file/v1:NfsExportOptionsResponse": { "description": "NFS export options specifications.", "properties": { "accessMode": { "type": "string", "description": "Either READ_ONLY, for allowing only read requests on the exported directory, or READ_WRITE, for allowing both read and write requests. The default is READ_WRITE." }, "anonGid": { "type": "string", "description": "An integer representing the anonymous group id with a default value of 65534. Anon_gid may only be set with squash_mode of ROOT_SQUASH. An error will be returned if this field is specified for other squash_mode settings." }, "anonUid": { "type": "string", "description": "An integer representing the anonymous user id with a default value of 65534. Anon_uid may only be set with squash_mode of ROOT_SQUASH. An error will be returned if this field is specified for other squash_mode settings." }, "ipRanges": { "type": "array", "items": { "type": "string" }, "description": "List of either an IPv4 addresses in the format `{octet1}.{octet2}.{octet3}.{octet4}` or CIDR ranges in the format `{octet1}.{octet2}.{octet3}.{octet4}/{mask size}` which may mount the file share. Overlapping IP ranges are not allowed, both within and across NfsExportOptions. An error will be returned. The limit is 64 IP ranges/addresses for each FileShareConfig among all NfsExportOptions." }, "squashMode": { "type": "string", "description": "Either NO_ROOT_SQUASH, for allowing root access on the exported directory, or ROOT_SQUASH, for not allowing root access. The default is NO_ROOT_SQUASH." } }, "type": "object", "required": [ "accessMode", "anonGid", "anonUid", "ipRanges", "squashMode" ] }, "google-native:file/v1:NfsExportOptionsSquashMode": { "description": "Either NO_ROOT_SQUASH, for allowing root access on the exported directory, or ROOT_SQUASH, for not allowing root access. The default is NO_ROOT_SQUASH.", "type": "string", "enum": [ { "name": "SquashModeUnspecified", "description": "SquashMode not set.", "value": "SQUASH_MODE_UNSPECIFIED" }, { "name": "NoRootSquash", "description": "The Root user has root access to the file share (default).", "value": "NO_ROOT_SQUASH" }, { "name": "RootSquash", "description": "The Root user has squashed access to the anonymous uid/gid.", "value": "ROOT_SQUASH" } ] }, "google-native:file/v1beta1:DirectoryServicesConfig": { "description": "Directory Services configuration for Kerberos-based authentication.", "properties": { "managedActiveDirectory": { "$ref": "#/types/google-native:file%2Fv1beta1:ManagedActiveDirectoryConfig", "description": "Configuration for Managed Service for Microsoft Active Directory." } }, "type": "object" }, "google-native:file/v1beta1:DirectoryServicesConfigResponse": { "description": "Directory Services configuration for Kerberos-based authentication.", "properties": { "managedActiveDirectory": { "$ref": "#/types/google-native:file%2Fv1beta1:ManagedActiveDirectoryConfigResponse", "description": "Configuration for Managed Service for Microsoft Active Directory." } }, "type": "object", "required": [ "managedActiveDirectory" ] }, "google-native:file/v1beta1:FileShareConfig": { "description": "File share configuration for the instance.", "properties": { "capacityGb": { "type": "string", "description": "File share capacity in gigabytes (GB). Filestore defines 1 GB as 1024^3 bytes." }, "name": { "type": "string", "description": "The name of the file share (must be 32 characters or less for Enterprise and High Scale SSD tiers and 16 characters or less for all other tiers)." }, "nfsExportOptions": { "type": "array", "items": { "$ref": "#/types/google-native:file%2Fv1beta1:NfsExportOptions" }, "description": "Nfs Export Options. There is a limit of 10 export options per file share." }, "sourceBackup": { "type": "string", "description": "The resource name of the backup, in the format `projects/{project_id}/locations/{location_id}/backups/{backup_id}`, that this file share has been restored from." } }, "type": "object" }, "google-native:file/v1beta1:FileShareConfigResponse": { "description": "File share configuration for the instance.", "properties": { "capacityGb": { "type": "string", "description": "File share capacity in gigabytes (GB). Filestore defines 1 GB as 1024^3 bytes." }, "name": { "type": "string", "description": "The name of the file share (must be 32 characters or less for Enterprise and High Scale SSD tiers and 16 characters or less for all other tiers)." }, "nfsExportOptions": { "type": "array", "items": { "$ref": "#/types/google-native:file%2Fv1beta1:NfsExportOptionsResponse" }, "description": "Nfs Export Options. There is a limit of 10 export options per file share." }, "sourceBackup": { "type": "string", "description": "The resource name of the backup, in the format `projects/{project_id}/locations/{location_id}/backups/{backup_id}`, that this file share has been restored from." } }, "type": "object", "required": [ "capacityGb", "name", "nfsExportOptions", "sourceBackup" ] }, "google-native:file/v1beta1:InstanceProtocol": { "description": "Immutable. The protocol indicates the access protocol for all shares in the instance. This field is immutable and it cannot be changed after the instance has been created. Default value: `NFS_V3`.", "type": "string", "enum": [ { "name": "FileProtocolUnspecified", "description": "FILE_PROTOCOL_UNSPECIFIED serves a \"not set\" default value when a FileProtocol is a separate field in a message.", "value": "FILE_PROTOCOL_UNSPECIFIED" }, { "name": "NfsV3", "description": "NFS 3.0.", "value": "NFS_V3" }, { "name": "NfsV41", "description": "NFS 4.1.", "value": "NFS_V4_1" } ] }, "google-native:file/v1beta1:InstanceTier": { "description": "The service tier of the instance.", "type": "string", "enum": [ { "name": "TierUnspecified", "description": "Not set.", "value": "TIER_UNSPECIFIED" }, { "name": "Standard", "description": "STANDARD tier. BASIC_HDD is the preferred term for this tier.", "value": "STANDARD" }, { "name": "Premium", "description": "PREMIUM tier. BASIC_SSD is the preferred term for this tier.", "value": "PREMIUM" }, { "name": "BasicHdd", "description": "BASIC instances offer a maximum capacity of 63.9 TB. BASIC_HDD is an alias for STANDARD Tier, offering economical performance backed by HDD.", "value": "BASIC_HDD" }, { "name": "BasicSsd", "description": "BASIC instances offer a maximum capacity of 63.9 TB. BASIC_SSD is an alias for PREMIUM Tier, and offers improved performance backed by SSD.", "value": "BASIC_SSD" }, { "name": "HighScaleSsd", "description": "HIGH_SCALE instances offer expanded capacity and performance scaling capabilities.", "value": "HIGH_SCALE_SSD" }, { "name": "Enterprise", "description": "ENTERPRISE instances offer the features and availability needed for mission-critical workloads.", "value": "ENTERPRISE" }, { "name": "Zonal", "description": "ZONAL instances offer expanded capacity and performance scaling capabilities.", "value": "ZONAL" }, { "name": "Regional", "description": "REGIONAL instances offer the features and availability needed for mission-critical workloads.", "value": "REGIONAL" } ] }, "google-native:file/v1beta1:ManagedActiveDirectoryConfig": { "description": "ManagedActiveDirectoryConfig contains all the parameters for connecting to Managed Active Directory.", "properties": { "computer": { "type": "string", "description": "The computer name is used as a prefix to the mount remote target. Example: if the computer_name is `my-computer`, the mount command will look like: `$mount -o vers=4,sec=krb5 my-computer.filestore.:`." }, "domain": { "type": "string", "description": "Fully qualified domain name." } }, "type": "object" }, "google-native:file/v1beta1:ManagedActiveDirectoryConfigResponse": { "description": "ManagedActiveDirectoryConfig contains all the parameters for connecting to Managed Active Directory.", "properties": { "computer": { "type": "string", "description": "The computer name is used as a prefix to the mount remote target. Example: if the computer_name is `my-computer`, the mount command will look like: `$mount -o vers=4,sec=krb5 my-computer.filestore.:`." }, "domain": { "type": "string", "description": "Fully qualified domain name." } }, "type": "object", "required": [ "computer", "domain" ] }, "google-native:file/v1beta1:NetworkConfig": { "description": "Network configuration for the instance.", "properties": { "connectMode": { "$ref": "#/types/google-native:file%2Fv1beta1:NetworkConfigConnectMode", "description": "The network connect mode of the Filestore instance. If not provided, the connect mode defaults to DIRECT_PEERING." }, "modes": { "type": "array", "items": { "$ref": "#/types/google-native:file%2Fv1beta1:NetworkConfigModesItem" }, "description": "Internet protocol versions for which the instance has IP addresses assigned. For this version, only MODE_IPV4 is supported." }, "network": { "type": "string", "description": "The name of the Google Compute Engine [VPC network](https://cloud.google.com/vpc/docs/vpc) to which the instance is connected." }, "reservedIpRange": { "type": "string", "description": "Optional, reserved_ip_range can have one of the following two types of values. * CIDR range value when using DIRECT_PEERING connect mode. * [Allocated IP address range](https://cloud.google.com/compute/docs/ip-addresses/reserve-static-internal-ip-address) when using PRIVATE_SERVICE_ACCESS connect mode. When the name of an allocated IP address range is specified, it must be one of the ranges associated with the private service access connection. When specified as a direct CIDR value, it must be a /29 CIDR block for Basic tier, a /24 CIDR block for High Scale tier, or a /26 CIDR block for Enterprise tier in one of the [internal IP address ranges](https://www.arin.net/reference/research/statistics/address_filters/) that identifies the range of IP addresses reserved for this instance. For example, 10.0.0.0/29, 192.168.0.0/24, or 192.168.0.0/26, respectively. The range you specify can't overlap with either existing subnets or assigned IP address ranges for other Filestore instances in the selected VPC network." } }, "type": "object" }, "google-native:file/v1beta1:NetworkConfigConnectMode": { "description": "The network connect mode of the Filestore instance. If not provided, the connect mode defaults to DIRECT_PEERING.", "type": "string", "enum": [ { "name": "ConnectModeUnspecified", "description": "ConnectMode not set.", "value": "CONNECT_MODE_UNSPECIFIED" }, { "name": "DirectPeering", "description": "Connect via direct peering to the Filestore service.", "value": "DIRECT_PEERING" }, { "name": "PrivateServiceAccess", "description": "Connect to your Filestore instance using Private Service Access. Private services access provides an IP address range for multiple Google Cloud services, including Filestore.", "value": "PRIVATE_SERVICE_ACCESS" } ] }, "google-native:file/v1beta1:NetworkConfigModesItem": { "type": "string", "enum": [ { "name": "AddressModeUnspecified", "description": "Internet protocol not set.", "value": "ADDRESS_MODE_UNSPECIFIED" }, { "name": "ModeIpv4", "description": "Use the IPv4 internet protocol.", "value": "MODE_IPV4" } ] }, "google-native:file/v1beta1:NetworkConfigResponse": { "description": "Network configuration for the instance.", "properties": { "connectMode": { "type": "string", "description": "The network connect mode of the Filestore instance. If not provided, the connect mode defaults to DIRECT_PEERING." }, "ipAddresses": { "type": "array", "items": { "type": "string" }, "description": "IPv4 addresses in the format `{octet1}.{octet2}.{octet3}.{octet4}` or IPv6 addresses in the format `{block1}:{block2}:{block3}:{block4}:{block5}:{block6}:{block7}:{block8}`." }, "modes": { "type": "array", "items": { "type": "string" }, "description": "Internet protocol versions for which the instance has IP addresses assigned. For this version, only MODE_IPV4 is supported." }, "network": { "type": "string", "description": "The name of the Google Compute Engine [VPC network](https://cloud.google.com/vpc/docs/vpc) to which the instance is connected." }, "reservedIpRange": { "type": "string", "description": "Optional, reserved_ip_range can have one of the following two types of values. * CIDR range value when using DIRECT_PEERING connect mode. * [Allocated IP address range](https://cloud.google.com/compute/docs/ip-addresses/reserve-static-internal-ip-address) when using PRIVATE_SERVICE_ACCESS connect mode. When the name of an allocated IP address range is specified, it must be one of the ranges associated with the private service access connection. When specified as a direct CIDR value, it must be a /29 CIDR block for Basic tier, a /24 CIDR block for High Scale tier, or a /26 CIDR block for Enterprise tier in one of the [internal IP address ranges](https://www.arin.net/reference/research/statistics/address_filters/) that identifies the range of IP addresses reserved for this instance. For example, 10.0.0.0/29, 192.168.0.0/24, or 192.168.0.0/26, respectively. The range you specify can't overlap with either existing subnets or assigned IP address ranges for other Filestore instances in the selected VPC network." } }, "type": "object", "required": [ "connectMode", "ipAddresses", "modes", "network", "reservedIpRange" ] }, "google-native:file/v1beta1:NfsExportOptions": { "description": "NFS export options specifications.", "properties": { "accessMode": { "$ref": "#/types/google-native:file%2Fv1beta1:NfsExportOptionsAccessMode", "description": "Either READ_ONLY, for allowing only read requests on the exported directory, or READ_WRITE, for allowing both read and write requests. The default is READ_WRITE." }, "anonGid": { "type": "string", "description": "An integer representing the anonymous group id with a default value of 65534. Anon_gid may only be set with squash_mode of ROOT_SQUASH. An error will be returned if this field is specified for other squash_mode settings." }, "anonUid": { "type": "string", "description": "An integer representing the anonymous user id with a default value of 65534. Anon_uid may only be set with squash_mode of ROOT_SQUASH. An error will be returned if this field is specified for other squash_mode settings." }, "ipRanges": { "type": "array", "items": { "type": "string" }, "description": "List of either an IPv4 addresses in the format `{octet1}.{octet2}.{octet3}.{octet4}` or CIDR ranges in the format `{octet1}.{octet2}.{octet3}.{octet4}/{mask size}` which may mount the file share. Overlapping IP ranges are not allowed, both within and across NfsExportOptions. An error will be returned. The limit is 64 IP ranges/addresses for each FileShareConfig among all NfsExportOptions." }, "securityFlavors": { "type": "array", "items": { "$ref": "#/types/google-native:file%2Fv1beta1:NfsExportOptionsSecurityFlavorsItem" }, "description": "The security flavors allowed for mount operations. The default is AUTH_SYS." }, "squashMode": { "$ref": "#/types/google-native:file%2Fv1beta1:NfsExportOptionsSquashMode", "description": "Either NO_ROOT_SQUASH, for allowing root access on the exported directory, or ROOT_SQUASH, for not allowing root access. The default is NO_ROOT_SQUASH." } }, "type": "object" }, "google-native:file/v1beta1:NfsExportOptionsAccessMode": { "description": "Either READ_ONLY, for allowing only read requests on the exported directory, or READ_WRITE, for allowing both read and write requests. The default is READ_WRITE.", "type": "string", "enum": [ { "name": "AccessModeUnspecified", "description": "AccessMode not set.", "value": "ACCESS_MODE_UNSPECIFIED" }, { "name": "ReadOnly", "description": "The client can only read the file share.", "value": "READ_ONLY" }, { "name": "ReadWrite", "description": "The client can read and write the file share (default).", "value": "READ_WRITE" } ] }, "google-native:file/v1beta1:NfsExportOptionsResponse": { "description": "NFS export options specifications.", "properties": { "accessMode": { "type": "string", "description": "Either READ_ONLY, for allowing only read requests on the exported directory, or READ_WRITE, for allowing both read and write requests. The default is READ_WRITE." }, "anonGid": { "type": "string", "description": "An integer representing the anonymous group id with a default value of 65534. Anon_gid may only be set with squash_mode of ROOT_SQUASH. An error will be returned if this field is specified for other squash_mode settings." }, "anonUid": { "type": "string", "description": "An integer representing the anonymous user id with a default value of 65534. Anon_uid may only be set with squash_mode of ROOT_SQUASH. An error will be returned if this field is specified for other squash_mode settings." }, "ipRanges": { "type": "array", "items": { "type": "string" }, "description": "List of either an IPv4 addresses in the format `{octet1}.{octet2}.{octet3}.{octet4}` or CIDR ranges in the format `{octet1}.{octet2}.{octet3}.{octet4}/{mask size}` which may mount the file share. Overlapping IP ranges are not allowed, both within and across NfsExportOptions. An error will be returned. The limit is 64 IP ranges/addresses for each FileShareConfig among all NfsExportOptions." }, "securityFlavors": { "type": "array", "items": { "type": "string" }, "description": "The security flavors allowed for mount operations. The default is AUTH_SYS." }, "squashMode": { "type": "string", "description": "Either NO_ROOT_SQUASH, for allowing root access on the exported directory, or ROOT_SQUASH, for not allowing root access. The default is NO_ROOT_SQUASH." } }, "type": "object", "required": [ "accessMode", "anonGid", "anonUid", "ipRanges", "securityFlavors", "squashMode" ] }, "google-native:file/v1beta1:NfsExportOptionsSecurityFlavorsItem": { "type": "string", "enum": [ { "name": "SecurityFlavorUnspecified", "description": "SecurityFlavor not set.", "value": "SECURITY_FLAVOR_UNSPECIFIED" }, { "name": "AuthSys", "description": "The user's UNIX user-id and group-ids are transferred \"in the clear\" (not encrypted) on the network, unauthenticated by the NFS server (default).", "value": "AUTH_SYS" }, { "name": "Krb5", "description": "End-user authentication through Kerberos V5.", "value": "KRB5" }, { "name": "Krb5i", "description": "krb5 plus integrity protection (data packets are tamper proof).", "value": "KRB5I" }, { "name": "Krb5p", "description": "krb5i plus privacy protection (data packets are tamper proof and encrypted).", "value": "KRB5P" } ] }, "google-native:file/v1beta1:NfsExportOptionsSquashMode": { "description": "Either NO_ROOT_SQUASH, for allowing root access on the exported directory, or ROOT_SQUASH, for not allowing root access. The default is NO_ROOT_SQUASH.", "type": "string", "enum": [ { "name": "SquashModeUnspecified", "description": "SquashMode not set.", "value": "SQUASH_MODE_UNSPECIFIED" }, { "name": "NoRootSquash", "description": "The Root user has root access to the file share (default).", "value": "NO_ROOT_SQUASH" }, { "name": "RootSquash", "description": "The Root user has squashed access to the anonymous uid/gid.", "value": "ROOT_SQUASH" } ] }, "google-native:firebasedatabase/v1beta:InstanceType": { "description": "Immutable. The database instance type. On creation only USER_DATABASE is allowed, which is also the default when omitted.", "type": "string", "enum": [ { "name": "DatabaseInstanceTypeUnspecified", "description": "Unknown state, likely the result of an error on the backend. This is only used for distinguishing unset values.", "value": "DATABASE_INSTANCE_TYPE_UNSPECIFIED" }, { "name": "DefaultDatabase", "description": "The default database that is provisioned when a project is created.", "value": "DEFAULT_DATABASE" }, { "name": "UserDatabase", "description": "A database that the user created.", "value": "USER_DATABASE" } ] }, "google-native:firebasehosting/v1beta1:ActingUserResponse": { "description": "Contains metadata about the user who performed an action, such as creating a release or finalizing a version.", "properties": { "email": { "type": "string", "description": "The email address of the user when the user performed the action." }, "imageUrl": { "type": "string", "description": "A profile image URL for the user. May not be present if the user has changed their email address or deleted their account." } }, "type": "object", "required": [ "email", "imageUrl" ] }, "google-native:firebasehosting/v1beta1:CertDnsChallengeResponse": { "description": "Represents a DNS certificate challenge.", "properties": { "domainName": { "type": "string", "description": "The domain name upon which the DNS challenge must be satisfied." }, "token": { "type": "string", "description": "The value that must be present as a TXT record on the domain name to satisfy the challenge." } }, "type": "object", "required": [ "domainName", "token" ] }, "google-native:firebasehosting/v1beta1:CertHttpChallengeResponse": { "description": "Represents an HTTP certificate challenge.", "properties": { "path": { "type": "string", "description": "The URL path on which to serve the specified token to satisfy the certificate challenge." }, "token": { "type": "string", "description": "The token to serve at the specified URL path to satisfy the certificate challenge." } }, "type": "object", "required": [ "path", "token" ] }, "google-native:firebasehosting/v1beta1:CertVerificationResponse": { "description": "A set of ACME challenges you can use to allow Hosting to create an SSL certificate for your domain name before directing traffic to Hosting servers. Use either the DNS or HTTP challenge; it's not necessary to provide both.", "properties": { "dns": { "$ref": "#/types/google-native:firebasehosting%2Fv1beta1:DnsUpdatesResponse", "description": "A `TXT` record to add to your DNS records that confirms your intent to let Hosting create an SSL cert for your domain name." }, "http": { "$ref": "#/types/google-native:firebasehosting%2Fv1beta1:HttpUpdateResponse", "description": "A file to add to your existing, non-Hosting hosting service that confirms your intent to let Hosting create an SSL cert for your domain name." } }, "type": "object", "required": [ "dns", "http" ] }, "google-native:firebasehosting/v1beta1:CertificateResponse": { "description": "An SSL certificate used to provide end-to-end encryption for requests against your domain name. A `Certificate` can be an actual SSL certificate or, for newly-created custom domains, Hosting's intent to create one.", "properties": { "createTime": { "type": "string", "description": "The certificate's creation time. For `TEMPORARY` certs this is the time Hosting first generated challenges for your domain name. For all other cert types, it's the time the actual cert was created." }, "expireTime": { "type": "string", "description": "The certificate's expiration time. After this time, the cert can no longer be used to provide secure communication between Hosting and your site's visitors." }, "issues": { "type": "array", "items": { "$ref": "#/types/google-native:firebasehosting%2Fv1beta1:StatusResponse" }, "description": "A set of errors Hosting encountered when attempting to create a cert for your domain name. Resolve these issues to ensure Hosting is able to provide secure communication with your site's visitors." }, "state": { "type": "string", "description": "The state of the certificate. Only the `CERT_ACTIVE` and `CERT_EXPIRING_SOON` states provide SSL coverage for a domain name. If the state is `PROPAGATING` and Hosting had an active cert for the domain name before, that formerly-active cert provides SSL coverage for the domain name until the current cert propagates." }, "type": { "type": "string", "description": "The certificate's type." }, "verification": { "$ref": "#/types/google-native:firebasehosting%2Fv1beta1:CertVerificationResponse", "description": "A set of ACME challenges you can add to your DNS records or existing, non-Hosting hosting provider to allow Hosting to create an SSL certificate for your domain name before you point traffic toward hosting. You can use thse challenges as part of a zero downtime transition from your old provider to Hosting." } }, "type": "object", "required": [ "createTime", "expireTime", "issues", "state", "type", "verification" ] }, "google-native:firebasehosting/v1beta1:CloudRunRewrite": { "description": "A configured rewrite that directs requests to a Cloud Run service. If the Cloud Run service does not exist when setting or updating your Firebase Hosting configuration, then the request fails. Any errors from the Cloud Run service are passed to the end user (for example, if you delete a service, any requests directed to that service receive a `404` error).", "properties": { "region": { "type": "string", "description": "Optional. User-provided region where the Cloud Run service is hosted. Defaults to `us-central1` if not supplied." }, "serviceId": { "type": "string", "description": "User-defined ID of the Cloud Run service." }, "tag": { "type": "string", "description": "Optional. User-provided TrafficConfig tag to send traffic to. When omitted, traffic is sent to the service-wide URI" } }, "type": "object", "required": [ "serviceId" ] }, "google-native:firebasehosting/v1beta1:CloudRunRewriteResponse": { "description": "A configured rewrite that directs requests to a Cloud Run service. If the Cloud Run service does not exist when setting or updating your Firebase Hosting configuration, then the request fails. Any errors from the Cloud Run service are passed to the end user (for example, if you delete a service, any requests directed to that service receive a `404` error).", "properties": { "region": { "type": "string", "description": "Optional. User-provided region where the Cloud Run service is hosted. Defaults to `us-central1` if not supplied." }, "serviceId": { "type": "string", "description": "User-defined ID of the Cloud Run service." }, "tag": { "type": "string", "description": "Optional. User-provided TrafficConfig tag to send traffic to. When omitted, traffic is sent to the service-wide URI" } }, "type": "object", "required": [ "region", "serviceId", "tag" ] }, "google-native:firebasehosting/v1beta1:CustomDomainCertPreference": { "description": "A field that lets you specify which SSL certificate type Hosting creates for your domain name. Spark plan custom domains only have access to the `GROUPED` cert type, while Blaze plan domains can select any option.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "The certificate's type is unspecified. The message is invalid if this is unspecified.", "value": "TYPE_UNSPECIFIED" }, { "name": "Temporary", "description": "A short-lived certificate type that covers a domain name temporarily, while Hosting creates a more permanent certificate.", "value": "TEMPORARY" }, { "name": "Grouped", "description": "The standard certificate for Spark plan custom domains.", "value": "GROUPED" }, { "name": "ProjectGrouped", "description": "Blaze plan only. A certificate that covers from 1 to 100 domain names with custom domains on the same Firebase project.", "value": "PROJECT_GROUPED" }, { "name": "Dedicated", "description": "Blaze plan only. A certificate that covers a single domain name.", "value": "DEDICATED" } ] }, "google-native:firebasehosting/v1beta1:DnsRecordResponse": { "description": "DNS records are resource records that define how systems and services should behave when handling requests for a domain name. For example, when you add `A` records to your domain name's DNS records, you're informing other systems (such as your users' web browsers) to contact those IPv4 addresses to retrieve resources relevant to your domain name (such as your Hosting site files).", "properties": { "domainName": { "type": "string", "description": "The domain name the record pertains to, e.g. `foo.bar.com.`." }, "rdata": { "type": "string", "description": "The data of the record. The meaning of the value depends on record type: - A and AAAA: IP addresses for the domain name. - CNAME: Another domain to check for records. - TXT: Arbitrary text strings associated with the domain name. Hosting uses TXT records to determine which Firebase projects have permission to act on the domain name's behalf. - CAA: The record's flags, tag, and value, e.g. `0 issue \"pki.goog\"`." }, "requiredAction": { "type": "string", "description": "An enum that indicates the a required action for this record." }, "type": { "type": "string", "description": "The record's type, which determines what data the record contains." } }, "type": "object", "required": [ "domainName", "rdata", "requiredAction", "type" ] }, "google-native:firebasehosting/v1beta1:DnsRecordSetResponse": { "description": "A set of DNS records relevant to the setup and maintenance of a custom domain in Firebase Hosting.", "properties": { "checkError": { "$ref": "#/types/google-native:firebasehosting%2Fv1beta1:StatusResponse", "description": "An error Hosting services encountered when querying your domain name's DNS records. Note: Hosting ignores `NXDOMAIN` errors, as those generally just mean that a domain name hasn't been set up yet." }, "domainName": { "type": "string", "description": "The domain name the record set pertains to." }, "records": { "type": "array", "items": { "$ref": "#/types/google-native:firebasehosting%2Fv1beta1:DnsRecordResponse" }, "description": "Records on the domain." } }, "type": "object", "required": [ "checkError", "domainName", "records" ] }, "google-native:firebasehosting/v1beta1:DnsUpdatesResponse": { "description": "A set of DNS record updates that you should make to allow Hosting to serve secure content in response to requests against your domain name. These updates present the current state of your domain name's DNS records when Hosting last queried them, and the desired set of records that Hosting needs to see before your custom domain can be fully active.", "properties": { "checkTime": { "type": "string", "description": "The last time Hosting checked your custom domain's DNS records." }, "desired": { "type": "array", "items": { "$ref": "#/types/google-native:firebasehosting%2Fv1beta1:DnsRecordSetResponse" }, "description": "The set of DNS records Hosting needs to serve secure content on the domain." }, "discovered": { "type": "array", "items": { "$ref": "#/types/google-native:firebasehosting%2Fv1beta1:DnsRecordSetResponse" }, "description": "The set of DNS records Hosting discovered when inspecting a domain." } }, "type": "object", "required": [ "checkTime", "desired", "discovered" ] }, "google-native:firebasehosting/v1beta1:DomainProvisioningResponse": { "description": "The current certificate provisioning status information for a domain.", "properties": { "certChallengeDiscoveredTxt": { "type": "array", "items": { "type": "string" }, "description": "The TXT records (for the certificate challenge) that were found at the last DNS fetch." }, "certChallengeDns": { "$ref": "#/types/google-native:firebasehosting%2Fv1beta1:CertDnsChallengeResponse", "description": "The DNS challenge for generating a certificate." }, "certChallengeHttp": { "$ref": "#/types/google-native:firebasehosting%2Fv1beta1:CertHttpChallengeResponse", "description": "The HTTP challenge for generating a certificate." }, "certStatus": { "type": "string", "description": "The certificate provisioning status; updated when Firebase Hosting provisions an SSL certificate for the domain." }, "discoveredIps": { "type": "array", "items": { "type": "string" }, "description": "The IPs found at the last DNS fetch." }, "dnsFetchTime": { "type": "string", "description": "The time at which the last DNS fetch occurred." }, "dnsStatus": { "type": "string", "description": "The DNS record match status as of the last DNS fetch." }, "expectedIps": { "type": "array", "items": { "type": "string" }, "description": "The list of IPs to which the domain is expected to resolve." } }, "type": "object", "required": [ "certChallengeDiscoveredTxt", "certChallengeDns", "certChallengeHttp", "certStatus", "discoveredIps", "dnsFetchTime", "dnsStatus", "expectedIps" ] }, "google-native:firebasehosting/v1beta1:DomainRedirect": { "description": "Defines the behavior of a domain-level redirect. Domain redirects preserve the path of the redirect but replace the requested domain with the one specified in the redirect configuration.", "properties": { "domainName": { "type": "string", "description": "The domain name to redirect to." }, "type": { "$ref": "#/types/google-native:firebasehosting%2Fv1beta1:DomainRedirectType", "description": "The redirect status code." } }, "type": "object", "required": [ "domainName", "type" ] }, "google-native:firebasehosting/v1beta1:DomainRedirectResponse": { "description": "Defines the behavior of a domain-level redirect. Domain redirects preserve the path of the redirect but replace the requested domain with the one specified in the redirect configuration.", "properties": { "domainName": { "type": "string", "description": "The domain name to redirect to." }, "type": { "type": "string", "description": "The redirect status code." } }, "type": "object", "required": [ "domainName", "type" ] }, "google-native:firebasehosting/v1beta1:DomainRedirectType": { "description": "Required. The redirect status code.", "type": "string", "enum": [ { "name": "RedirectTypeUnspecified", "description": "The default redirect type; should not be intentionlly used.", "value": "REDIRECT_TYPE_UNSPECIFIED" }, { "name": "MovedPermanently", "description": "The redirect will respond with an HTTP status code of `301 Moved Permanently`.", "value": "MOVED_PERMANENTLY" } ] }, "google-native:firebasehosting/v1beta1:Header": { "description": "A [`Header`](https://firebase.google.com/docs/hosting/full-config#headers) specifies a URL pattern that, if matched to the request URL path, triggers Hosting to apply the specified custom response headers.", "properties": { "glob": { "type": "string", "description": "The user-supplied [glob](https://firebase.google.com/docs/hosting/full-config#glob_pattern_matching) to match against the request URL path." }, "headers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The additional headers to add to the response." }, "regex": { "type": "string", "description": "The user-supplied RE2 regular expression to match against the request URL path." } }, "type": "object", "required": [ "headers" ] }, "google-native:firebasehosting/v1beta1:HeaderResponse": { "description": "A [`Header`](https://firebase.google.com/docs/hosting/full-config#headers) specifies a URL pattern that, if matched to the request URL path, triggers Hosting to apply the specified custom response headers.", "properties": { "glob": { "type": "string", "description": "The user-supplied [glob](https://firebase.google.com/docs/hosting/full-config#glob_pattern_matching) to match against the request URL path." }, "headers": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The additional headers to add to the response." }, "regex": { "type": "string", "description": "The user-supplied RE2 regular expression to match against the request URL path." } }, "type": "object", "required": [ "glob", "headers", "regex" ] }, "google-native:firebasehosting/v1beta1:HttpUpdateResponse": { "description": "A file you can add to your existing, non-Hosting hosting service that confirms your intent to allow Hosting's Certificate Authorities to create an SSL certificate for your domain.", "properties": { "checkError": { "$ref": "#/types/google-native:firebasehosting%2Fv1beta1:StatusResponse", "description": "An error encountered during the last contents check. If null, the check completed successfully." }, "desired": { "type": "string", "description": "A text string to serve at the path." }, "discovered": { "type": "string", "description": "Whether Hosting was able to find the required file contents on the specified path during its last check." }, "lastCheckTime": { "type": "string", "description": "The last time Hosting systems checked for the file contents." }, "path": { "type": "string", "description": "The path to the file." } }, "type": "object", "required": [ "checkError", "desired", "discovered", "lastCheckTime", "path" ] }, "google-native:firebasehosting/v1beta1:I18nConfig": { "description": "If provided, i18n rewrites are enabled.", "properties": { "root": { "type": "string", "description": "The user-supplied path where country and language specific content will be looked for within the public directory." } }, "type": "object", "required": [ "root" ] }, "google-native:firebasehosting/v1beta1:I18nConfigResponse": { "description": "If provided, i18n rewrites are enabled.", "properties": { "root": { "type": "string", "description": "The user-supplied path where country and language specific content will be looked for within the public directory." } }, "type": "object", "required": [ "root" ] }, "google-native:firebasehosting/v1beta1:Redirect": { "description": "A [`Redirect`](https://firebase.google.com/docs/hosting/full-config#redirects) specifies a URL pattern that, if matched to the request URL path, triggers Hosting to respond with a redirect to the specified destination path.", "properties": { "glob": { "type": "string", "description": "The user-supplied [glob](https://firebase.google.com/docs/hosting/full-config#glob_pattern_matching) to match against the request URL path." }, "location": { "type": "string", "description": "The value to put in the HTTP location header of the response. The location can contain capture group values from the pattern using a `:` prefix to identify the segment and an optional `*` to capture the rest of the URL. For example: \"glob\": \"/:capture*\", \"statusCode\": 301, \"location\": \"https://example.com/foo/:capture\"" }, "regex": { "type": "string", "description": "The user-supplied RE2 regular expression to match against the request URL path." }, "statusCode": { "type": "integer", "description": "The status HTTP code to return in the response. It must be a valid 3xx status code." } }, "type": "object", "required": [ "location", "statusCode" ] }, "google-native:firebasehosting/v1beta1:RedirectResponse": { "description": "A [`Redirect`](https://firebase.google.com/docs/hosting/full-config#redirects) specifies a URL pattern that, if matched to the request URL path, triggers Hosting to respond with a redirect to the specified destination path.", "properties": { "glob": { "type": "string", "description": "The user-supplied [glob](https://firebase.google.com/docs/hosting/full-config#glob_pattern_matching) to match against the request URL path." }, "location": { "type": "string", "description": "The value to put in the HTTP location header of the response. The location can contain capture group values from the pattern using a `:` prefix to identify the segment and an optional `*` to capture the rest of the URL. For example: \"glob\": \"/:capture*\", \"statusCode\": 301, \"location\": \"https://example.com/foo/:capture\"" }, "regex": { "type": "string", "description": "The user-supplied RE2 regular expression to match against the request URL path." }, "statusCode": { "type": "integer", "description": "The status HTTP code to return in the response. It must be a valid 3xx status code." } }, "type": "object", "required": [ "glob", "location", "regex", "statusCode" ] }, "google-native:firebasehosting/v1beta1:ReleaseResponse": { "description": " A `Release` is a particular [collection of configurations and files](sites.versions) that is set to be public at a particular time.", "properties": { "message": { "type": "string", "description": "The deploy description when the release was created. The value can be up to 512 characters." }, "name": { "type": "string", "description": "The unique identifier for the release, in either of the following formats: - sites/SITE_ID/releases/RELEASE_ID - sites/SITE_ID/channels/CHANNEL_ID/releases/RELEASE_ID This name is provided in the response body when you call [`releases.create`](sites.releases/create) or [`channels.releases.create`](sites.channels.releases/create)." }, "releaseTime": { "type": "string", "description": "The time at which the version is set to be public." }, "releaseUser": { "$ref": "#/types/google-native:firebasehosting%2Fv1beta1:ActingUserResponse", "description": "Identifies the user who created the release." }, "type": { "type": "string", "description": "Explains the reason for the release. Specify a value for this field only when creating a `SITE_DISABLE` type release." }, "version": { "$ref": "#/types/google-native:firebasehosting%2Fv1beta1:VersionResponse", "description": "The configuration and content that was released." } }, "type": "object", "required": [ "message", "name", "releaseTime", "releaseUser", "type", "version" ] }, "google-native:firebasehosting/v1beta1:ReleaseType": { "description": "Explains the reason for the release. Specify a value for this field only when creating a `SITE_DISABLE` type release.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "An unspecified type. Indicates that a version was released. This is the default value when no other `type` is explicitly specified.", "value": "TYPE_UNSPECIFIED" }, { "name": "Deploy", "description": "A version was uploaded to Firebase Hosting and released.", "value": "DEPLOY" }, { "name": "Rollback", "description": "The release points back to a previously deployed version.", "value": "ROLLBACK" }, { "name": "SiteDisable", "description": "The release prevents the site from serving content. Firebase Hosting acts as if the site never existed.", "value": "SITE_DISABLE" } ] }, "google-native:firebasehosting/v1beta1:Rewrite": { "description": "A [`Rewrite`](https://firebase.google.com/docs/hosting/full-config#rewrites) specifies a URL pattern that, if matched to the request URL path, triggers Hosting to respond as if the service were given the specified destination URL.", "properties": { "dynamicLinks": { "type": "boolean", "description": "The request will be forwarded to Firebase Dynamic Links." }, "function": { "type": "string", "description": "The function to proxy requests to. Must match the exported function name exactly." }, "functionRegion": { "type": "string", "description": "Optional. Specify a Cloud region for rewritten Functions invocations. If not provided, defaults to us-central1." }, "glob": { "type": "string", "description": "The user-supplied [glob](https://firebase.google.com/docs/hosting/full-config#glob_pattern_matching) to match against the request URL path." }, "path": { "type": "string", "description": "The URL path to rewrite the request to." }, "regex": { "type": "string", "description": "The user-supplied RE2 regular expression to match against the request URL path." }, "run": { "$ref": "#/types/google-native:firebasehosting%2Fv1beta1:CloudRunRewrite", "description": "The request will be forwarded to Cloud Run." } }, "type": "object" }, "google-native:firebasehosting/v1beta1:RewriteResponse": { "description": "A [`Rewrite`](https://firebase.google.com/docs/hosting/full-config#rewrites) specifies a URL pattern that, if matched to the request URL path, triggers Hosting to respond as if the service were given the specified destination URL.", "properties": { "dynamicLinks": { "type": "boolean", "description": "The request will be forwarded to Firebase Dynamic Links." }, "function": { "type": "string", "description": "The function to proxy requests to. Must match the exported function name exactly." }, "functionRegion": { "type": "string", "description": "Optional. Specify a Cloud region for rewritten Functions invocations. If not provided, defaults to us-central1." }, "glob": { "type": "string", "description": "The user-supplied [glob](https://firebase.google.com/docs/hosting/full-config#glob_pattern_matching) to match against the request URL path." }, "path": { "type": "string", "description": "The URL path to rewrite the request to." }, "regex": { "type": "string", "description": "The user-supplied RE2 regular expression to match against the request URL path." }, "run": { "$ref": "#/types/google-native:firebasehosting%2Fv1beta1:CloudRunRewriteResponse", "description": "The request will be forwarded to Cloud Run." } }, "type": "object", "required": [ "dynamicLinks", "function", "functionRegion", "glob", "path", "regex", "run" ] }, "google-native:firebasehosting/v1beta1:ServingConfig": { "description": "The configuration for how incoming requests to a site should be routed and processed before serving content. The URL request paths are matched against the specified URL patterns in the configuration, then Hosting applies the applicable configuration according to a specific [priority order](https://firebase.google.com/docs/hosting/full-config#hosting_priority_order).", "properties": { "appAssociation": { "$ref": "#/types/google-native:firebasehosting%2Fv1beta1:ServingConfigAppAssociation", "description": "How to handle well known App Association files." }, "cleanUrls": { "type": "boolean", "description": "Defines whether to drop the file extension from uploaded files." }, "headers": { "type": "array", "items": { "$ref": "#/types/google-native:firebasehosting%2Fv1beta1:Header" }, "description": "An array of objects, where each object specifies a URL pattern that, if matched to the request URL path, triggers Hosting to apply the specified custom response headers." }, "i18n": { "$ref": "#/types/google-native:firebasehosting%2Fv1beta1:I18nConfig", "description": "Optional. Defines i18n rewrite behavior." }, "redirects": { "type": "array", "items": { "$ref": "#/types/google-native:firebasehosting%2Fv1beta1:Redirect" }, "description": "An array of objects (called redirect rules), where each rule specifies a URL pattern that, if matched to the request URL path, triggers Hosting to respond with a redirect to the specified destination path." }, "rewrites": { "type": "array", "items": { "$ref": "#/types/google-native:firebasehosting%2Fv1beta1:Rewrite" }, "description": "An array of objects (called rewrite rules), where each rule specifies a URL pattern that, if matched to the request URL path, triggers Hosting to respond as if the service were given the specified destination URL." }, "trailingSlashBehavior": { "$ref": "#/types/google-native:firebasehosting%2Fv1beta1:ServingConfigTrailingSlashBehavior", "description": "Defines how to handle a trailing slash in the URL path." } }, "type": "object" }, "google-native:firebasehosting/v1beta1:ServingConfigAppAssociation": { "description": "How to handle well known App Association files.", "type": "string", "enum": [ { "name": "Auto", "description": "The app association files will be automatically created from the apps that exist in the Firebase project.", "value": "AUTO" }, { "name": "None", "description": "No special handling of the app association files will occur, these paths will result in a 404 unless caught with a Rewrite.", "value": "NONE" } ] }, "google-native:firebasehosting/v1beta1:ServingConfigResponse": { "description": "The configuration for how incoming requests to a site should be routed and processed before serving content. The URL request paths are matched against the specified URL patterns in the configuration, then Hosting applies the applicable configuration according to a specific [priority order](https://firebase.google.com/docs/hosting/full-config#hosting_priority_order).", "properties": { "appAssociation": { "type": "string", "description": "How to handle well known App Association files." }, "cleanUrls": { "type": "boolean", "description": "Defines whether to drop the file extension from uploaded files." }, "headers": { "type": "array", "items": { "$ref": "#/types/google-native:firebasehosting%2Fv1beta1:HeaderResponse" }, "description": "An array of objects, where each object specifies a URL pattern that, if matched to the request URL path, triggers Hosting to apply the specified custom response headers." }, "i18n": { "$ref": "#/types/google-native:firebasehosting%2Fv1beta1:I18nConfigResponse", "description": "Optional. Defines i18n rewrite behavior." }, "redirects": { "type": "array", "items": { "$ref": "#/types/google-native:firebasehosting%2Fv1beta1:RedirectResponse" }, "description": "An array of objects (called redirect rules), where each rule specifies a URL pattern that, if matched to the request URL path, triggers Hosting to respond with a redirect to the specified destination path." }, "rewrites": { "type": "array", "items": { "$ref": "#/types/google-native:firebasehosting%2Fv1beta1:RewriteResponse" }, "description": "An array of objects (called rewrite rules), where each rule specifies a URL pattern that, if matched to the request URL path, triggers Hosting to respond as if the service were given the specified destination URL." }, "trailingSlashBehavior": { "type": "string", "description": "Defines how to handle a trailing slash in the URL path." } }, "type": "object", "required": [ "appAssociation", "cleanUrls", "headers", "i18n", "redirects", "rewrites", "trailingSlashBehavior" ] }, "google-native:firebasehosting/v1beta1:ServingConfigTrailingSlashBehavior": { "description": "Defines how to handle a trailing slash in the URL path.", "type": "string", "enum": [ { "name": "TrailingSlashBehaviorUnspecified", "description": "No behavior is specified. Files are served at their exact location only, and trailing slashes are only added to directory indexes.", "value": "TRAILING_SLASH_BEHAVIOR_UNSPECIFIED" }, { "name": "Add", "description": "Trailing slashes are _added_ to directory indexes as well as to any URL path not ending in a file extension.", "value": "ADD" }, { "name": "Remove", "description": "Trailing slashes are _removed_ from directory indexes as well as from any URL path not ending in a file extension.", "value": "REMOVE" } ] }, "google-native:firebasehosting/v1beta1:StatusResponse": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object", "required": [ "code", "details", "message" ] }, "google-native:firebasehosting/v1beta1:VersionResponse": { "description": "A `Version` is a configuration and a collection of static files which determine how a site is displayed.", "properties": { "config": { "$ref": "#/types/google-native:firebasehosting%2Fv1beta1:ServingConfigResponse", "description": "The configuration for the behavior of the site. This configuration exists in the [`firebase.json`](https://firebase.google.com/docs/cli/#the_firebasejson_file) file." }, "createTime": { "type": "string", "description": "The time at which the version was created." }, "createUser": { "$ref": "#/types/google-native:firebasehosting%2Fv1beta1:ActingUserResponse", "description": "Identifies the user who created the version." }, "deleteTime": { "type": "string", "description": "The time at which the version was `DELETED`." }, "deleteUser": { "$ref": "#/types/google-native:firebasehosting%2Fv1beta1:ActingUserResponse", "description": "Identifies the user who `DELETED` the version." }, "fileCount": { "type": "string", "description": "The total number of files associated with the version. This value is calculated after a version is `FINALIZED`." }, "finalizeTime": { "type": "string", "description": "The time at which the version was `FINALIZED`." }, "finalizeUser": { "$ref": "#/types/google-native:firebasehosting%2Fv1beta1:ActingUserResponse", "description": "Identifies the user who `FINALIZED` the version." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The labels used for extra metadata and/or filtering." }, "name": { "type": "string", "description": "The fully-qualified resource name for the version, in the format: sites/ SITE_ID/versions/VERSION_ID This name is provided in the response body when you call [`CreateVersion`](sites.versions/create)." }, "status": { "type": "string", "description": "The deploy status of the version. For a successful deploy, call [`CreateVersion`](sites.versions/create) to make a new version (`CREATED` status), [upload all desired files](sites.versions/populateFiles) to the version, then [update](sites.versions/patch) the version to the `FINALIZED` status. Note that if you leave the version in the `CREATED` state for more than 12 hours, the system will automatically mark the version as `ABANDONED`. You can also change the status of a version to `DELETED` by calling [`DeleteVersion`](sites.versions/delete)." }, "versionBytes": { "type": "string", "description": "The total stored bytesize of the version. This value is calculated after a version is `FINALIZED`." } }, "type": "object", "required": [ "config", "createTime", "createUser", "deleteTime", "deleteUser", "fileCount", "finalizeTime", "finalizeUser", "labels", "name", "status", "versionBytes" ] }, "google-native:firebasehosting/v1beta1:VersionStatus": { "description": "The deploy status of the version. For a successful deploy, call [`CreateVersion`](sites.versions/create) to make a new version (`CREATED` status), [upload all desired files](sites.versions/populateFiles) to the version, then [update](sites.versions/patch) the version to the `FINALIZED` status. Note that if you leave the version in the `CREATED` state for more than 12 hours, the system will automatically mark the version as `ABANDONED`. You can also change the status of a version to `DELETED` by calling [`DeleteVersion`](sites.versions/delete).", "type": "string", "enum": [ { "name": "VersionStatusUnspecified", "description": "The default status; should not be intentionally used.", "value": "VERSION_STATUS_UNSPECIFIED" }, { "name": "Created", "description": "The version has been created, and content is currently being added to the version.", "value": "CREATED" }, { "name": "Finalized", "description": "All content has been added to the version, and the version can no longer be changed.", "value": "FINALIZED" }, { "name": "Deleted", "description": "The version has been deleted.", "value": "DELETED" }, { "name": "Abandoned", "description": "The version was not updated to `FINALIZED` within 12 hours and was automatically deleted.", "value": "ABANDONED" }, { "name": "Expired", "description": "The version is outside the site-configured limit for the number of retained versions, so the version's content is scheduled for deletion.", "value": "EXPIRED" }, { "name": "Cloning", "description": "The version is being cloned from another version. All content is still being copied over.", "value": "CLONING" } ] }, "google-native:firebaseml/v1beta2:ModelState": { "description": "State common to all model types. Includes publishing and validation information.", "properties": { "published": { "type": "boolean", "description": "Indicates if this model has been published." } }, "type": "object" }, "google-native:firebaseml/v1beta2:ModelStateResponse": { "description": "State common to all model types. Includes publishing and validation information.", "properties": { "published": { "type": "boolean", "description": "Indicates if this model has been published." }, "validationError": { "$ref": "#/types/google-native:firebaseml%2Fv1beta2:StatusResponse", "description": "Indicates the latest validation error on the model if any. A model may have validation errors if there were problems during the model creation/update. e.g. in the case of a TfLiteModel, if a tflite model file was missing or in the wrong format. This field will be empty for valid models." } }, "type": "object", "required": [ "published", "validationError" ] }, "google-native:firebaseml/v1beta2:OperationResponse": { "description": "This resource represents a long-running operation that is the result of a network API call.", "properties": { "done": { "type": "boolean", "description": "If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available." }, "error": { "$ref": "#/types/google-native:firebaseml%2Fv1beta2:StatusResponse", "description": "The error result of the operation in case of failure or cancellation." }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any." }, "name": { "type": "string", "description": "The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`." }, "response": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The normal, successful response of the operation. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`." } }, "type": "object", "required": [ "done", "error", "metadata", "name", "response" ] }, "google-native:firebaseml/v1beta2:StatusResponse": { "description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).", "properties": { "code": { "type": "integer", "description": "The status code, which should be an enum value of google.rpc.Code." }, "details": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } }, "description": "A list of messages that carry the error details. There is a common set of message types for APIs to use." }, "message": { "type": "string", "description": "A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client." } }, "type": "object", "required": [ "code", "details", "message" ] }, "google-native:firebaseml/v1beta2:TfLiteModel": { "description": "Information that is specific to TfLite models.", "properties": { "automlModel": { "type": "string", "description": "The AutoML model id referencing a model you created with the AutoML API. The name should have format 'projects//locations//models/' (This is the model resource name returned from the AutoML API)" }, "gcsTfliteUri": { "type": "string", "description": "The TfLite file containing the model. (Stored in Google Cloud). The gcs_tflite_uri should have form: gs://some-bucket/some-model.tflite Note: If you update the file in the original location, it is necessary to call UpdateModel for ML to pick up and validate the updated file." } }, "type": "object" }, "google-native:firebaseml/v1beta2:TfLiteModelResponse": { "description": "Information that is specific to TfLite models.", "properties": { "automlModel": { "type": "string", "description": "The AutoML model id referencing a model you created with the AutoML API. The name should have format 'projects//locations//models/' (This is the model resource name returned from the AutoML API)" }, "gcsTfliteUri": { "type": "string", "description": "The TfLite file containing the model. (Stored in Google Cloud). The gcs_tflite_uri should have form: gs://some-bucket/some-model.tflite Note: If you update the file in the original location, it is necessary to call UpdateModel for ML to pick up and validate the updated file." }, "sizeBytes": { "type": "string", "description": "The size of the TFLite model" } }, "type": "object", "required": [ "automlModel", "gcsTfliteUri", "sizeBytes" ] }, "google-native:firebaserules/v1:File": { "description": "`File` containing source content.", "properties": { "content": { "type": "string", "description": "Textual Content." }, "fingerprint": { "type": "string", "description": "Fingerprint (e.g. github sha) associated with the `File`." }, "name": { "type": "string", "description": "File name." } }, "type": "object", "required": [ "content", "name" ] }, "google-native:firebaserules/v1:FileResponse": { "description": "`File` containing source content.", "properties": { "content": { "type": "string", "description": "Textual Content." }, "fingerprint": { "type": "string", "description": "Fingerprint (e.g. github sha) associated with the `File`." }, "name": { "type": "string", "description": "File name." } }, "type": "object", "required": [ "content", "fingerprint", "name" ] }, "google-native:firebaserules/v1:MetadataResponse": { "description": "Metadata for a Ruleset.", "properties": { "services": { "type": "array", "items": { "type": "string" }, "description": "Services that this ruleset has declarations for (e.g., \"cloud.firestore\"). There may be 0+ of these." } }, "type": "object", "required": [ "services" ] }, "google-native:firebaserules/v1:Source": { "description": "`Source` is one or more `File` messages comprising a logical set of rules.", "properties": { "files": { "type": "array", "items": { "$ref": "#/types/google-native:firebaserules%2Fv1:File" }, "description": "`File` set constituting the `Source` bundle." } }, "type": "object", "required": [ "files" ] }, "google-native:firebaserules/v1:SourceResponse": { "description": "`Source` is one or more `File` messages comprising a logical set of rules.", "properties": { "files": { "type": "array", "items": { "$ref": "#/types/google-native:firebaserules%2Fv1:FileResponse" }, "description": "`File` set constituting the `Source` bundle." } }, "type": "object", "required": [ "files" ] }, "google-native:firestore/v1:DatabaseAppEngineIntegrationMode": { "description": "The App Engine integration mode to use for this database.", "type": "string", "enum": [ { "name": "AppEngineIntegrationModeUnspecified", "description": "Not used.", "value": "APP_ENGINE_INTEGRATION_MODE_UNSPECIFIED" }, { "name": "Enabled", "description": "If an App Engine application exists in the same region as this database, App Engine configuration will impact this database. This includes disabling of the application & database, as well as disabling writes to the database.", "value": "ENABLED" }, { "name": "Disabled", "description": "App Engine has no effect on the ability of this database to serve requests. This is the default setting for databases created with the Firestore API.", "value": "DISABLED" } ] }, "google-native:firestore/v1:DatabaseConcurrencyMode": { "description": "The concurrency control mode to use for this database.", "type": "string", "enum": [ { "name": "ConcurrencyModeUnspecified", "description": "Not used.", "value": "CONCURRENCY_MODE_UNSPECIFIED" }, { "name": "Optimistic", "description": "Use optimistic concurrency control by default. This mode is available for Cloud Firestore databases.", "value": "OPTIMISTIC" }, { "name": "Pessimistic", "description": "Use pessimistic concurrency control by default. This mode is available for Cloud Firestore databases. This is the default setting for Cloud Firestore.", "value": "PESSIMISTIC" }, { "name": "OptimisticWithEntityGroups", "description": "Use optimistic concurrency control with entity groups by default. This is the only available mode for Cloud Datastore. This mode is also available for Cloud Firestore with Datastore Mode but is not recommended.", "value": "OPTIMISTIC_WITH_ENTITY_GROUPS" } ] }, "google-native:firestore/v1:DatabaseDeleteProtectionState": { "description": "State of delete protection for the database.", "type": "string", "enum": [ { "name": "DeleteProtectionStateUnspecified", "description": "The default value. Delete protection type is not specified", "value": "DELETE_PROTECTION_STATE_UNSPECIFIED" }, { "name": "DeleteProtectionDisabled", "description": "Delete protection is disabled", "value": "DELETE_PROTECTION_DISABLED" }, { "name": "DeleteProtectionEnabled", "description": "Delete protection is enabled", "value": "DELETE_PROTECTION_ENABLED" } ] }, "google-native:firestore/v1:DatabasePointInTimeRecoveryEnablement": { "description": "Whether to enable the PITR feature on this database.", "type": "string", "enum": [ { "name": "PointInTimeRecoveryEnablementUnspecified", "description": "Not used.", "value": "POINT_IN_TIME_RECOVERY_ENABLEMENT_UNSPECIFIED" }, { "name": "PointInTimeRecoveryEnabled", "description": "Reads are supported on selected versions of the data from within the past 7 days: * Reads against any timestamp within the past hour * Reads against 1-minute snapshots beyond 1 hour and within 7 days `version_retention_period` and `earliest_version_time` can be used to determine the supported versions.", "value": "POINT_IN_TIME_RECOVERY_ENABLED" }, { "name": "PointInTimeRecoveryDisabled", "description": "Reads are supported on any version of the data from within the past 1 hour.", "value": "POINT_IN_TIME_RECOVERY_DISABLED" } ] }, "google-native:firestore/v1:DatabaseType": { "description": "The type of the database. See https://cloud.google.com/datastore/docs/firestore-or-datastore for information about how to choose.", "type": "string", "enum": [ { "name": "DatabaseTypeUnspecified", "description": "The default value. This value is used if the database type is omitted.", "value": "DATABASE_TYPE_UNSPECIFIED" }, { "name": "FirestoreNative", "description": "Firestore Native Mode", "value": "FIRESTORE_NATIVE" }, { "name": "DatastoreMode", "description": "Firestore in Datastore Mode.", "value": "DATASTORE_MODE" } ] }, "google-native:firestore/v1:GoogleFirestoreAdminV1DailyRecurrence": { "description": "Represent a recurring schedule that runs at a specific time every day. The time zone is UTC.", "type": "object" }, "google-native:firestore/v1:GoogleFirestoreAdminV1DailyRecurrenceResponse": { "description": "Represent a recurring schedule that runs at a specific time every day. The time zone is UTC.", "type": "object" }, "google-native:firestore/v1:GoogleFirestoreAdminV1FlatIndex": { "description": "An index that stores vectors in a flat data structure, and supports exhaustive search.", "type": "object" }, "google-native:firestore/v1:GoogleFirestoreAdminV1FlatIndexResponse": { "description": "An index that stores vectors in a flat data structure, and supports exhaustive search.", "type": "object" }, "google-native:firestore/v1:GoogleFirestoreAdminV1IndexField": { "description": "A field in an index. The field_path describes which field is indexed, the value_mode describes how the field value is indexed.", "properties": { "arrayConfig": { "$ref": "#/types/google-native:firestore%2Fv1:GoogleFirestoreAdminV1IndexFieldArrayConfig", "description": "Indicates that this field supports operations on `array_value`s." }, "fieldPath": { "type": "string", "description": "Can be __name__. For single field indexes, this must match the name of the field or may be omitted." }, "order": { "$ref": "#/types/google-native:firestore%2Fv1:GoogleFirestoreAdminV1IndexFieldOrder", "description": "Indicates that this field supports ordering by the specified order or comparing using =, !=, <, <=, >, >=." }, "vectorConfig": { "$ref": "#/types/google-native:firestore%2Fv1:GoogleFirestoreAdminV1VectorConfig", "description": "Indicates that this field supports nearest neighbors and distance operations on vector." } }, "type": "object" }, "google-native:firestore/v1:GoogleFirestoreAdminV1IndexFieldArrayConfig": { "description": "Indicates that this field supports operations on `array_value`s.", "type": "string", "enum": [ { "name": "ArrayConfigUnspecified", "description": "The index does not support additional array queries.", "value": "ARRAY_CONFIG_UNSPECIFIED" }, { "name": "Contains", "description": "The index supports array containment queries.", "value": "CONTAINS" } ] }, "google-native:firestore/v1:GoogleFirestoreAdminV1IndexFieldOrder": { "description": "Indicates that this field supports ordering by the specified order or comparing using =, !=, <, <=, >, >=.", "type": "string", "enum": [ { "name": "OrderUnspecified", "description": "The ordering is unspecified. Not a valid option.", "value": "ORDER_UNSPECIFIED" }, { "name": "Ascending", "description": "The field is ordered by ascending field value.", "value": "ASCENDING" }, { "name": "Descending", "description": "The field is ordered by descending field value.", "value": "DESCENDING" } ] }, "google-native:firestore/v1:GoogleFirestoreAdminV1IndexFieldResponse": { "description": "A field in an index. The field_path describes which field is indexed, the value_mode describes how the field value is indexed.", "properties": { "arrayConfig": { "type": "string", "description": "Indicates that this field supports operations on `array_value`s." }, "fieldPath": { "type": "string", "description": "Can be __name__. For single field indexes, this must match the name of the field or may be omitted." }, "order": { "type": "string", "description": "Indicates that this field supports ordering by the specified order or comparing using =, !=, <, <=, >, >=." }, "vectorConfig": { "$ref": "#/types/google-native:firestore%2Fv1:GoogleFirestoreAdminV1VectorConfigResponse", "description": "Indicates that this field supports nearest neighbors and distance operations on vector." } }, "type": "object", "required": [ "arrayConfig", "fieldPath", "order", "vectorConfig" ] }, "google-native:firestore/v1:GoogleFirestoreAdminV1VectorConfig": { "description": "The index configuration to support vector search operations", "properties": { "dimension": { "type": "integer", "description": "The vector dimension this configuration applies to. The resulting index will only include vectors of this dimension, and can be used for vector search with the same dimension." }, "flat": { "$ref": "#/types/google-native:firestore%2Fv1:GoogleFirestoreAdminV1FlatIndex", "description": "Indicates the vector index is a flat index." } }, "type": "object", "required": [ "dimension" ] }, "google-native:firestore/v1:GoogleFirestoreAdminV1VectorConfigResponse": { "description": "The index configuration to support vector search operations", "properties": { "dimension": { "type": "integer", "description": "The vector dimension this configuration applies to. The resulting index will only include vectors of this dimension, and can be used for vector search with the same dimension." }, "flat": { "$ref": "#/types/google-native:firestore%2Fv1:GoogleFirestoreAdminV1FlatIndexResponse", "description": "Indicates the vector index is a flat index." } }, "type": "object", "required": [ "dimension", "flat" ] }, "google-native:firestore/v1:GoogleFirestoreAdminV1WeeklyRecurrence": { "description": "Represents a recurring schedule that runs on a specified day of the week. The time zone is UTC.", "properties": { "day": { "$ref": "#/types/google-native:firestore%2Fv1:GoogleFirestoreAdminV1WeeklyRecurrenceDay", "description": "The day of week to run. DAY_OF_WEEK_UNSPECIFIED is not allowed." } }, "type": "object" }, "google-native:firestore/v1:GoogleFirestoreAdminV1WeeklyRecurrenceDay": { "description": "The day of week to run. DAY_OF_WEEK_UNSPECIFIED is not allowed.", "type": "string", "enum": [ { "name": "DayOfWeekUnspecified", "description": "The day of the week is unspecified.", "value": "DAY_OF_WEEK_UNSPECIFIED" }, { "name": "Monday", "description": "Monday", "value": "MONDAY" }, { "name": "Tuesday", "description": "Tuesday", "value": "TUESDAY" }, { "name": "Wednesday", "description": "Wednesday", "value": "WEDNESDAY" }, { "name": "Thursday", "description": "Thursday", "value": "THURSDAY" }, { "name": "Friday", "description": "Friday", "value": "FRIDAY" }, { "name": "Saturday", "description": "Saturday", "value": "SATURDAY" }, { "name": "Sunday", "description": "Sunday", "value": "SUNDAY" } ] }, "google-native:firestore/v1:GoogleFirestoreAdminV1WeeklyRecurrenceResponse": { "description": "Represents a recurring schedule that runs on a specified day of the week. The time zone is UTC.", "properties": { "day": { "type": "string", "description": "The day of week to run. DAY_OF_WEEK_UNSPECIFIED is not allowed." } }, "type": "object", "required": [ "day" ] }, "google-native:firestore/v1:IndexApiScope": { "description": "The API scope supported by this index.", "type": "string", "enum": [ { "name": "AnyApi", "description": "The index can only be used by the Firestore Native query API. This is the default.", "value": "ANY_API" }, { "name": "DatastoreModeApi", "description": "The index can only be used by the Firestore in Datastore Mode query API.", "value": "DATASTORE_MODE_API" } ] }, "google-native:firestore/v1:IndexQueryScope": { "description": "Indexes with a collection query scope specified allow queries against a collection that is the child of a specific document, specified at query time, and that has the same collection id. Indexes with a collection group query scope specified allow queries against all collections descended from a specific document, specified at query time, and that have the same collection id as this index.", "type": "string", "enum": [ { "name": "QueryScopeUnspecified", "description": "The query scope is unspecified. Not a valid option.", "value": "QUERY_SCOPE_UNSPECIFIED" }, { "name": "Collection", "description": "Indexes with a collection query scope specified allow queries against a collection that is the child of a specific document, specified at query time, and that has the collection id specified by the index.", "value": "COLLECTION" }, { "name": "CollectionGroup", "description": "Indexes with a collection group query scope specified allow queries against all collections that has the collection id specified by the index.", "value": "COLLECTION_GROUP" }, { "name": "CollectionRecursive", "description": "Include all the collections's ancestor in the index. Only available for Datastore Mode databases.", "value": "COLLECTION_RECURSIVE" } ] }, "google-native:firestore/v1beta1:GoogleFirestoreAdminV1beta1IndexField": { "description": "A field of an index.", "properties": { "fieldPath": { "type": "string", "description": "The path of the field. Must match the field path specification described by google.firestore.v1beta1.Document.fields. Special field path `__name__` may be used by itself or at the end of a path. `__type__` may be used only at the end of path." }, "mode": { "$ref": "#/types/google-native:firestore%2Fv1beta1:GoogleFirestoreAdminV1beta1IndexFieldMode", "description": "The field's mode." } }, "type": "object" }, "google-native:firestore/v1beta1:GoogleFirestoreAdminV1beta1IndexFieldMode": { "description": "The field's mode.", "type": "string", "enum": [ { "name": "ModeUnspecified", "description": "The mode is unspecified.", "value": "MODE_UNSPECIFIED" }, { "name": "Ascending", "description": "The field's values are indexed so as to support sequencing in ascending order and also query by <, >, <=, >=, and =.", "value": "ASCENDING" }, { "name": "Descending", "description": "The field's values are indexed so as to support sequencing in descending order and also query by <, >, <=, >=, and =.", "value": "DESCENDING" }, { "name": "ArrayContains", "description": "The field's array values are indexed so as to support membership using ARRAY_CONTAINS queries.", "value": "ARRAY_CONTAINS" } ] }, "google-native:firestore/v1beta1:GoogleFirestoreAdminV1beta1IndexFieldResponse": { "description": "A field of an index.", "properties": { "fieldPath": { "type": "string", "description": "The path of the field. Must match the field path specification described by google.firestore.v1beta1.Document.fields. Special field path `__name__` may be used by itself or at the end of a path. `__type__` may be used only at the end of path." }, "mode": { "type": "string", "description": "The field's mode." } }, "type": "object", "required": [ "fieldPath", "mode" ] }, "google-native:firestore/v1beta1:IndexState": { "description": "The state of the index. Output only.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "The state is unspecified.", "value": "STATE_UNSPECIFIED" }, { "name": "Creating", "description": "The index is being created. There is an active long-running operation for the index. The index is updated when writing a document. Some index data may exist.", "value": "CREATING" }, { "name": "Ready", "description": "The index is ready to be used. The index is updated when writing a document. The index is fully populated from all stored documents it applies to.", "value": "READY" }, { "name": "Error", "description": "The index was being created, but something went wrong. There is no active long-running operation for the index, and the most recently finished long-running operation failed. The index is not updated when writing a document. Some index data may exist.", "value": "ERROR" } ] }, "google-native:firestore/v1beta2:GoogleFirestoreAdminV1beta2IndexField": { "description": "A field in an index. The field_path describes which field is indexed, the value_mode describes how the field value is indexed.", "properties": { "arrayConfig": { "$ref": "#/types/google-native:firestore%2Fv1beta2:GoogleFirestoreAdminV1beta2IndexFieldArrayConfig", "description": "Indicates that this field supports operations on `array_value`s." }, "fieldPath": { "type": "string", "description": "Can be __name__. For single field indexes, this must match the name of the field or may be omitted." }, "order": { "$ref": "#/types/google-native:firestore%2Fv1beta2:GoogleFirestoreAdminV1beta2IndexFieldOrder", "description": "Indicates that this field supports ordering by the specified order or comparing using =, <, <=, >, >=." } }, "type": "object" }, "google-native:firestore/v1beta2:GoogleFirestoreAdminV1beta2IndexFieldArrayConfig": { "description": "Indicates that this field supports operations on `array_value`s.", "type": "string", "enum": [ { "name": "ArrayConfigUnspecified", "description": "The index does not support additional array queries.", "value": "ARRAY_CONFIG_UNSPECIFIED" }, { "name": "Contains", "description": "The index supports array containment queries.", "value": "CONTAINS" } ] }, "google-native:firestore/v1beta2:GoogleFirestoreAdminV1beta2IndexFieldOrder": { "description": "Indicates that this field supports ordering by the specified order or comparing using =, <, <=, >, >=.", "type": "string", "enum": [ { "name": "OrderUnspecified", "description": "The ordering is unspecified. Not a valid option.", "value": "ORDER_UNSPECIFIED" }, { "name": "Ascending", "description": "The field is ordered by ascending field value.", "value": "ASCENDING" }, { "name": "Descending", "description": "The field is ordered by descending field value.", "value": "DESCENDING" } ] }, "google-native:firestore/v1beta2:GoogleFirestoreAdminV1beta2IndexFieldResponse": { "description": "A field in an index. The field_path describes which field is indexed, the value_mode describes how the field value is indexed.", "properties": { "arrayConfig": { "type": "string", "description": "Indicates that this field supports operations on `array_value`s." }, "fieldPath": { "type": "string", "description": "Can be __name__. For single field indexes, this must match the name of the field or may be omitted." }, "order": { "type": "string", "description": "Indicates that this field supports ordering by the specified order or comparing using =, <, <=, >, >=." } }, "type": "object", "required": [ "arrayConfig", "fieldPath", "order" ] }, "google-native:firestore/v1beta2:IndexQueryScope": { "description": "Indexes with a collection query scope specified allow queries against a collection that is the child of a specific document, specified at query time, and that has the same collection id. Indexes with a collection group query scope specified allow queries against all collections descended from a specific document, specified at query time, and that have the same collection id as this index.", "type": "string", "enum": [ { "name": "QueryScopeUnspecified", "description": "The query scope is unspecified. Not a valid option.", "value": "QUERY_SCOPE_UNSPECIFIED" }, { "name": "Collection", "description": "Indexes with a collection query scope specified allow queries against a collection that is the child of a specific document, specified at query time, and that has the collection id specified by the index.", "value": "COLLECTION" }, { "name": "CollectionGroup", "description": "Indexes with a collection group query scope specified allow queries against all collections that has the collection id specified by the index.", "value": "COLLECTION_GROUP" } ] }, "google-native:gameservices/v1:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:gameservices%2Fv1:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:gameservices/v1:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:gameservices%2Fv1:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:gameservices/v1:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "ignoreChildExemptions": { "type": "boolean" }, "logType": { "$ref": "#/types/google-native:gameservices%2Fv1:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:gameservices/v1:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:gameservices/v1:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "ignoreChildExemptions": { "type": "boolean" }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "ignoreChildExemptions", "logType" ] }, "google-native:gameservices/v1:AuthorizationLoggingOptions": { "description": "Authorization-related information used by Cloud Audit Logging.", "properties": { "permissionType": { "$ref": "#/types/google-native:gameservices%2Fv1:AuthorizationLoggingOptionsPermissionType", "description": "The type of the permission that was checked." } }, "type": "object" }, "google-native:gameservices/v1:AuthorizationLoggingOptionsPermissionType": { "description": "The type of the permission that was checked.", "type": "string", "enum": [ { "name": "PermissionTypeUnspecified", "description": "Default. Should not be used.", "value": "PERMISSION_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "A read of admin (meta) data.", "value": "ADMIN_READ" }, { "name": "AdminWrite", "description": "A write of admin (meta) data.", "value": "ADMIN_WRITE" }, { "name": "DataRead", "description": "A read of standard data.", "value": "DATA_READ" }, { "name": "DataWrite", "description": "A write of standard data.", "value": "DATA_WRITE" } ] }, "google-native:gameservices/v1:AuthorizationLoggingOptionsResponse": { "description": "Authorization-related information used by Cloud Audit Logging.", "properties": { "permissionType": { "type": "string", "description": "The type of the permission that was checked." } }, "type": "object", "required": [ "permissionType" ] }, "google-native:gameservices/v1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "bindingId": { "type": "string" }, "condition": { "$ref": "#/types/google-native:gameservices%2Fv1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:gameservices/v1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "bindingId": { "type": "string" }, "condition": { "$ref": "#/types/google-native:gameservices%2Fv1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "bindingId", "condition", "members", "role" ] }, "google-native:gameservices/v1:CloudAuditOptions": { "description": "Write a Cloud Audit log", "properties": { "authorizationLoggingOptions": { "$ref": "#/types/google-native:gameservices%2Fv1:AuthorizationLoggingOptions", "description": "Information used by the Cloud Audit Logging pipeline." }, "logName": { "$ref": "#/types/google-native:gameservices%2Fv1:CloudAuditOptionsLogName", "description": "The log_name to populate in the Cloud Audit Record." } }, "type": "object" }, "google-native:gameservices/v1:CloudAuditOptionsLogName": { "description": "The log_name to populate in the Cloud Audit Record.", "type": "string", "enum": [ { "name": "UnspecifiedLogName", "description": "Default. Should not be used.", "value": "UNSPECIFIED_LOG_NAME" }, { "name": "AdminActivity", "description": "Corresponds to \"cloudaudit.googleapis.com/activity\"", "value": "ADMIN_ACTIVITY" }, { "name": "DataAccess", "description": "Corresponds to \"cloudaudit.googleapis.com/data_access\"", "value": "DATA_ACCESS" } ] }, "google-native:gameservices/v1:CloudAuditOptionsResponse": { "description": "Write a Cloud Audit log", "properties": { "authorizationLoggingOptions": { "$ref": "#/types/google-native:gameservices%2Fv1:AuthorizationLoggingOptionsResponse", "description": "Information used by the Cloud Audit Logging pipeline." }, "logName": { "type": "string", "description": "The log_name to populate in the Cloud Audit Record." } }, "type": "object", "required": [ "authorizationLoggingOptions", "logName" ] }, "google-native:gameservices/v1:Condition": { "description": "A condition to be met.", "properties": { "iam": { "$ref": "#/types/google-native:gameservices%2Fv1:ConditionIam", "description": "Trusted attributes supplied by the IAM system." }, "op": { "$ref": "#/types/google-native:gameservices%2Fv1:ConditionOp", "description": "An operator to apply the subject with." }, "svc": { "type": "string", "description": "Trusted attributes discharged by the service." }, "sys": { "$ref": "#/types/google-native:gameservices%2Fv1:ConditionSys", "description": "Trusted attributes supplied by any service that owns resources and uses the IAM system for access control." }, "values": { "type": "array", "items": { "type": "string" }, "description": "The objects of the condition." } }, "type": "object" }, "google-native:gameservices/v1:ConditionIam": { "description": "Trusted attributes supplied by the IAM system.", "type": "string", "enum": [ { "name": "NoAttr", "description": "Default non-attribute.", "value": "NO_ATTR" }, { "name": "Authority", "description": "Either principal or (if present) authority selector.", "value": "AUTHORITY" }, { "name": "Attribution", "description": "The principal (even if an authority selector is present), which must only be used for attribution, not authorization.", "value": "ATTRIBUTION" }, { "name": "SecurityRealm", "description": "Any of the security realms in the IAMContext (go/security-realms). When used with IN, the condition indicates \"any of the request's realms match one of the given values; with NOT_IN, \"none of the realms match any of the given values\". Note that a value can be: - 'self:campus' (i.e., clients that are in the same campus) - 'self:metro' (i.e., clients that are in the same metro) - 'self:cloud-region' (i.e., allow connections from clients that are in the same cloud region) - 'self:prod-region' (i.e., allow connections from clients that are in the same prod region) - 'guardians' (i.e., allow connections from its guardian realms. See go/security-realms-glossary#guardian for more information.) - 'self' [DEPRECATED] (i.e., allow connections from clients that are in the same security realm, which is currently but not guaranteed to be campus-sized) - a realm (e.g., 'campus-abc') - a realm group (e.g., 'realms-for-borg-cell-xx', see: go/realm-groups) A match is determined by a realm group membership check performed by a RealmAclRep object (go/realm-acl-howto). It is not permitted to grant access based on the *absence* of a realm, so realm conditions can only be used in a \"positive\" context (e.g., ALLOW/IN or DENY/NOT_IN).", "value": "SECURITY_REALM" }, { "name": "Approver", "description": "An approver (distinct from the requester) that has authorized this request. When used with IN, the condition indicates that one of the approvers associated with the request matches the specified principal, or is a member of the specified group. Approvers can only grant additional access, and are thus only used in a strictly positive context (e.g. ALLOW/IN or DENY/NOT_IN).", "value": "APPROVER" }, { "name": "JustificationType", "description": "What types of justifications have been supplied with this request. String values should match enum names from security.credentials.JustificationType, e.g. \"MANUAL_STRING\". It is not permitted to grant access based on the *absence* of a justification, so justification conditions can only be used in a \"positive\" context (e.g., ALLOW/IN or DENY/NOT_IN). Multiple justifications, e.g., a Buganizer ID and a manually-entered reason, are normal and supported.", "value": "JUSTIFICATION_TYPE" }, { "name": "CredentialsType", "description": "What type of credentials have been supplied with this request. String values should match enum names from security_loas_l2.CredentialsType - currently, only CREDS_TYPE_EMERGENCY is supported. It is not permitted to grant access based on the *absence* of a credentials type, so the conditions can only be used in a \"positive\" context (e.g., ALLOW/IN or DENY/NOT_IN).", "value": "CREDENTIALS_TYPE" }, { "name": "CredsAssertion", "description": "EXPERIMENTAL -- DO NOT USE. The conditions can only be used in a \"positive\" context (e.g., ALLOW/IN or DENY/NOT_IN).", "value": "CREDS_ASSERTION" } ] }, "google-native:gameservices/v1:ConditionOp": { "description": "An operator to apply the subject with.", "type": "string", "enum": [ { "name": "NoOp", "description": "Default no-op.", "value": "NO_OP" }, { "name": "Equals", "description": "DEPRECATED. Use IN instead.", "value": "EQUALS" }, { "name": "NotEquals", "description": "DEPRECATED. Use NOT_IN instead.", "value": "NOT_EQUALS" }, { "name": "In", "description": "The condition is true if the subject (or any element of it if it is a set) matches any of the supplied values.", "value": "IN" }, { "name": "NotIn", "description": "The condition is true if the subject (or every element of it if it is a set) matches none of the supplied values.", "value": "NOT_IN" }, { "name": "Discharged", "description": "Subject is discharged", "value": "DISCHARGED" } ] }, "google-native:gameservices/v1:ConditionResponse": { "description": "A condition to be met.", "properties": { "iam": { "type": "string", "description": "Trusted attributes supplied by the IAM system." }, "op": { "type": "string", "description": "An operator to apply the subject with." }, "svc": { "type": "string", "description": "Trusted attributes discharged by the service." }, "sys": { "type": "string", "description": "Trusted attributes supplied by any service that owns resources and uses the IAM system for access control." }, "values": { "type": "array", "items": { "type": "string" }, "description": "The objects of the condition." } }, "type": "object", "required": [ "iam", "op", "svc", "sys", "values" ] }, "google-native:gameservices/v1:ConditionSys": { "description": "Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.", "type": "string", "enum": [ { "name": "NoAttr", "description": "Default non-attribute type", "value": "NO_ATTR" }, { "name": "Region", "description": "Region of the resource", "value": "REGION" }, { "name": "Service", "description": "Service name", "value": "SERVICE" }, { "name": "Name", "description": "Resource name", "value": "NAME" }, { "name": "Ip", "description": "IP address of the caller", "value": "IP" } ] }, "google-native:gameservices/v1:CounterOptions": { "description": "Increment a streamz counter with the specified metric and field names. Metric names should start with a '/', generally be lowercase-only, and end in \"_count\". Field names should not contain an initial slash. The actual exported metric names will have \"/iam/policy\" prepended. Field names correspond to IAM request parameters and field values are their respective values. Supported field names: - \"authority\", which is \"[token]\" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - \"iam_principal\", a representation of IAMContext.principal even if a token or authority selector is present; or - \"\" (empty string), resulting in a counter with no fields. Examples: counter { metric: \"/debug_access_count\" field: \"iam_principal\" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}", "properties": { "customFields": { "type": "array", "items": { "$ref": "#/types/google-native:gameservices%2Fv1:CustomField" }, "description": "Custom fields." }, "field": { "type": "string", "description": "The field value to attribute." }, "metric": { "type": "string", "description": "The metric to update." } }, "type": "object" }, "google-native:gameservices/v1:CounterOptionsResponse": { "description": "Increment a streamz counter with the specified metric and field names. Metric names should start with a '/', generally be lowercase-only, and end in \"_count\". Field names should not contain an initial slash. The actual exported metric names will have \"/iam/policy\" prepended. Field names correspond to IAM request parameters and field values are their respective values. Supported field names: - \"authority\", which is \"[token]\" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - \"iam_principal\", a representation of IAMContext.principal even if a token or authority selector is present; or - \"\" (empty string), resulting in a counter with no fields. Examples: counter { metric: \"/debug_access_count\" field: \"iam_principal\" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}", "properties": { "customFields": { "type": "array", "items": { "$ref": "#/types/google-native:gameservices%2Fv1:CustomFieldResponse" }, "description": "Custom fields." }, "field": { "type": "string", "description": "The field value to attribute." }, "metric": { "type": "string", "description": "The metric to update." } }, "type": "object", "required": [ "customFields", "field", "metric" ] }, "google-native:gameservices/v1:CustomField": { "description": "Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.", "properties": { "name": { "type": "string", "description": "Name is the field name." }, "value": { "type": "string", "description": "Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext." } }, "type": "object" }, "google-native:gameservices/v1:CustomFieldResponse": { "description": "Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.", "properties": { "name": { "type": "string", "description": "Name is the field name." }, "value": { "type": "string", "description": "Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext." } }, "type": "object", "required": [ "name", "value" ] }, "google-native:gameservices/v1:DataAccessOptions": { "description": "Write a Data Access (Gin) log", "properties": { "logMode": { "$ref": "#/types/google-native:gameservices%2Fv1:DataAccessOptionsLogMode" } }, "type": "object" }, "google-native:gameservices/v1:DataAccessOptionsLogMode": { "type": "string", "enum": [ { "name": "LogModeUnspecified", "description": "Client is not required to write a partial Gin log immediately after the authorization check. If client chooses to write one and it fails, client may either fail open (allow the operation to continue) or fail closed (handle as a DENY outcome).", "value": "LOG_MODE_UNSPECIFIED" }, { "name": "LogFailClosed", "description": "The application's operation in the context of which this authorization check is being made may only be performed if it is successfully logged to Gin. For instance, the authorization library may satisfy this obligation by emitting a partial log entry at authorization check time and only returning ALLOW to the application if it succeeds. If a matching Rule has this directive, but the client has not indicated that it will honor such requirements, then the IAM check will result in authorization failure by setting CheckPolicyResponse.success=false.", "value": "LOG_FAIL_CLOSED" } ] }, "google-native:gameservices/v1:DataAccessOptionsResponse": { "description": "Write a Data Access (Gin) log", "properties": { "logMode": { "type": "string" } }, "type": "object", "required": [ "logMode" ] }, "google-native:gameservices/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:gameservices/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:gameservices/v1:LogConfig": { "description": "Specifies what kind of log the caller must write", "properties": { "cloudAudit": { "$ref": "#/types/google-native:gameservices%2Fv1:CloudAuditOptions", "description": "Cloud audit options." }, "counter": { "$ref": "#/types/google-native:gameservices%2Fv1:CounterOptions", "description": "Counter options." }, "dataAccess": { "$ref": "#/types/google-native:gameservices%2Fv1:DataAccessOptions", "description": "Data access options." } }, "type": "object" }, "google-native:gameservices/v1:LogConfigResponse": { "description": "Specifies what kind of log the caller must write", "properties": { "cloudAudit": { "$ref": "#/types/google-native:gameservices%2Fv1:CloudAuditOptionsResponse", "description": "Cloud audit options." }, "counter": { "$ref": "#/types/google-native:gameservices%2Fv1:CounterOptionsResponse", "description": "Counter options." }, "dataAccess": { "$ref": "#/types/google-native:gameservices%2Fv1:DataAccessOptionsResponse", "description": "Data access options." } }, "type": "object", "required": [ "cloudAudit", "counter", "dataAccess" ] }, "google-native:gameservices/v1:Rule": { "description": "A rule to be applied in a Policy.", "properties": { "action": { "$ref": "#/types/google-native:gameservices%2Fv1:RuleAction", "description": "Required" }, "conditions": { "type": "array", "items": { "$ref": "#/types/google-native:gameservices%2Fv1:Condition" }, "description": "Additional restrictions that must be met. All conditions must pass for the rule to match." }, "description": { "type": "string", "description": "Human-readable description of the rule." }, "in": { "type": "array", "items": { "type": "string" }, "description": "If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries." }, "logConfig": { "type": "array", "items": { "$ref": "#/types/google-native:gameservices%2Fv1:LogConfig" }, "description": "The config returned to callers of CheckPolicy for any entries that match the LOG action." }, "notIn": { "type": "array", "items": { "type": "string" }, "description": "If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries. The format for in and not_in entries can be found at in the Local IAM documentation (see go/local-iam#features)." }, "permissions": { "type": "array", "items": { "type": "string" }, "description": "A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs." } }, "type": "object" }, "google-native:gameservices/v1:RuleAction": { "description": "Required", "type": "string", "enum": [ { "name": "NoAction", "description": "Default no action.", "value": "NO_ACTION" }, { "name": "Allow", "description": "Matching 'Entries' grant access.", "value": "ALLOW" }, { "name": "AllowWithLog", "description": "Matching 'Entries' grant access and the caller promises to log the request per the returned log_configs.", "value": "ALLOW_WITH_LOG" }, { "name": "Deny", "description": "Matching 'Entries' deny access.", "value": "DENY" }, { "name": "DenyWithLog", "description": "Matching 'Entries' deny access and the caller promises to log the request per the returned log_configs.", "value": "DENY_WITH_LOG" }, { "name": "Log", "description": "Matching 'Entries' tell IAM.Check callers to generate logs.", "value": "LOG" } ] }, "google-native:gameservices/v1:RuleResponse": { "description": "A rule to be applied in a Policy.", "properties": { "action": { "type": "string", "description": "Required" }, "conditions": { "type": "array", "items": { "$ref": "#/types/google-native:gameservices%2Fv1:ConditionResponse" }, "description": "Additional restrictions that must be met. All conditions must pass for the rule to match." }, "description": { "type": "string", "description": "Human-readable description of the rule." }, "in": { "type": "array", "items": { "type": "string" }, "description": "If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries." }, "logConfig": { "type": "array", "items": { "$ref": "#/types/google-native:gameservices%2Fv1:LogConfigResponse" }, "description": "The config returned to callers of CheckPolicy for any entries that match the LOG action." }, "notIn": { "type": "array", "items": { "type": "string" }, "description": "If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries. The format for in and not_in entries can be found at in the Local IAM documentation (see go/local-iam#features)." }, "permissions": { "type": "array", "items": { "type": "string" }, "description": "A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs." } }, "type": "object", "required": [ "action", "conditions", "description", "in", "logConfig", "notIn", "permissions" ] }, "google-native:gameservices/v1beta:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:gameservices%2Fv1beta:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:gameservices/v1beta:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:gameservices%2Fv1beta:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:gameservices/v1beta:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "ignoreChildExemptions": { "type": "boolean" }, "logType": { "$ref": "#/types/google-native:gameservices%2Fv1beta:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:gameservices/v1beta:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:gameservices/v1beta:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "ignoreChildExemptions": { "type": "boolean" }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "ignoreChildExemptions", "logType" ] }, "google-native:gameservices/v1beta:AuthorizationLoggingOptions": { "description": "Authorization-related information used by Cloud Audit Logging.", "properties": { "permissionType": { "$ref": "#/types/google-native:gameservices%2Fv1beta:AuthorizationLoggingOptionsPermissionType", "description": "The type of the permission that was checked." } }, "type": "object" }, "google-native:gameservices/v1beta:AuthorizationLoggingOptionsPermissionType": { "description": "The type of the permission that was checked.", "type": "string", "enum": [ { "name": "PermissionTypeUnspecified", "description": "Default. Should not be used.", "value": "PERMISSION_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "A read of admin (meta) data.", "value": "ADMIN_READ" }, { "name": "AdminWrite", "description": "A write of admin (meta) data.", "value": "ADMIN_WRITE" }, { "name": "DataRead", "description": "A read of standard data.", "value": "DATA_READ" }, { "name": "DataWrite", "description": "A write of standard data.", "value": "DATA_WRITE" } ] }, "google-native:gameservices/v1beta:AuthorizationLoggingOptionsResponse": { "description": "Authorization-related information used by Cloud Audit Logging.", "properties": { "permissionType": { "type": "string", "description": "The type of the permission that was checked." } }, "type": "object", "required": [ "permissionType" ] }, "google-native:gameservices/v1beta:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "bindingId": { "type": "string" }, "condition": { "$ref": "#/types/google-native:gameservices%2Fv1beta:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:gameservices/v1beta:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "bindingId": { "type": "string" }, "condition": { "$ref": "#/types/google-native:gameservices%2Fv1beta:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "bindingId", "condition", "members", "role" ] }, "google-native:gameservices/v1beta:CloudAuditOptions": { "description": "Write a Cloud Audit log", "properties": { "authorizationLoggingOptions": { "$ref": "#/types/google-native:gameservices%2Fv1beta:AuthorizationLoggingOptions", "description": "Information used by the Cloud Audit Logging pipeline." }, "logName": { "$ref": "#/types/google-native:gameservices%2Fv1beta:CloudAuditOptionsLogName", "description": "The log_name to populate in the Cloud Audit Record." } }, "type": "object" }, "google-native:gameservices/v1beta:CloudAuditOptionsLogName": { "description": "The log_name to populate in the Cloud Audit Record.", "type": "string", "enum": [ { "name": "UnspecifiedLogName", "description": "Default. Should not be used.", "value": "UNSPECIFIED_LOG_NAME" }, { "name": "AdminActivity", "description": "Corresponds to \"cloudaudit.googleapis.com/activity\"", "value": "ADMIN_ACTIVITY" }, { "name": "DataAccess", "description": "Corresponds to \"cloudaudit.googleapis.com/data_access\"", "value": "DATA_ACCESS" } ] }, "google-native:gameservices/v1beta:CloudAuditOptionsResponse": { "description": "Write a Cloud Audit log", "properties": { "authorizationLoggingOptions": { "$ref": "#/types/google-native:gameservices%2Fv1beta:AuthorizationLoggingOptionsResponse", "description": "Information used by the Cloud Audit Logging pipeline." }, "logName": { "type": "string", "description": "The log_name to populate in the Cloud Audit Record." } }, "type": "object", "required": [ "authorizationLoggingOptions", "logName" ] }, "google-native:gameservices/v1beta:Condition": { "description": "A condition to be met.", "properties": { "iam": { "$ref": "#/types/google-native:gameservices%2Fv1beta:ConditionIam", "description": "Trusted attributes supplied by the IAM system." }, "op": { "$ref": "#/types/google-native:gameservices%2Fv1beta:ConditionOp", "description": "An operator to apply the subject with." }, "svc": { "type": "string", "description": "Trusted attributes discharged by the service." }, "sys": { "$ref": "#/types/google-native:gameservices%2Fv1beta:ConditionSys", "description": "Trusted attributes supplied by any service that owns resources and uses the IAM system for access control." }, "values": { "type": "array", "items": { "type": "string" }, "description": "The objects of the condition." } }, "type": "object" }, "google-native:gameservices/v1beta:ConditionIam": { "description": "Trusted attributes supplied by the IAM system.", "type": "string", "enum": [ { "name": "NoAttr", "description": "Default non-attribute.", "value": "NO_ATTR" }, { "name": "Authority", "description": "Either principal or (if present) authority selector.", "value": "AUTHORITY" }, { "name": "Attribution", "description": "The principal (even if an authority selector is present), which must only be used for attribution, not authorization.", "value": "ATTRIBUTION" }, { "name": "SecurityRealm", "description": "Any of the security realms in the IAMContext (go/security-realms). When used with IN, the condition indicates \"any of the request's realms match one of the given values; with NOT_IN, \"none of the realms match any of the given values\". Note that a value can be: - 'self:campus' (i.e., clients that are in the same campus) - 'self:metro' (i.e., clients that are in the same metro) - 'self:cloud-region' (i.e., allow connections from clients that are in the same cloud region) - 'self:prod-region' (i.e., allow connections from clients that are in the same prod region) - 'guardians' (i.e., allow connections from its guardian realms. See go/security-realms-glossary#guardian for more information.) - 'self' [DEPRECATED] (i.e., allow connections from clients that are in the same security realm, which is currently but not guaranteed to be campus-sized) - a realm (e.g., 'campus-abc') - a realm group (e.g., 'realms-for-borg-cell-xx', see: go/realm-groups) A match is determined by a realm group membership check performed by a RealmAclRep object (go/realm-acl-howto). It is not permitted to grant access based on the *absence* of a realm, so realm conditions can only be used in a \"positive\" context (e.g., ALLOW/IN or DENY/NOT_IN).", "value": "SECURITY_REALM" }, { "name": "Approver", "description": "An approver (distinct from the requester) that has authorized this request. When used with IN, the condition indicates that one of the approvers associated with the request matches the specified principal, or is a member of the specified group. Approvers can only grant additional access, and are thus only used in a strictly positive context (e.g. ALLOW/IN or DENY/NOT_IN).", "value": "APPROVER" }, { "name": "JustificationType", "description": "What types of justifications have been supplied with this request. String values should match enum names from security.credentials.JustificationType, e.g. \"MANUAL_STRING\". It is not permitted to grant access based on the *absence* of a justification, so justification conditions can only be used in a \"positive\" context (e.g., ALLOW/IN or DENY/NOT_IN). Multiple justifications, e.g., a Buganizer ID and a manually-entered reason, are normal and supported.", "value": "JUSTIFICATION_TYPE" }, { "name": "CredentialsType", "description": "What type of credentials have been supplied with this request. String values should match enum names from security_loas_l2.CredentialsType - currently, only CREDS_TYPE_EMERGENCY is supported. It is not permitted to grant access based on the *absence* of a credentials type, so the conditions can only be used in a \"positive\" context (e.g., ALLOW/IN or DENY/NOT_IN).", "value": "CREDENTIALS_TYPE" }, { "name": "CredsAssertion", "description": "EXPERIMENTAL -- DO NOT USE. The conditions can only be used in a \"positive\" context (e.g., ALLOW/IN or DENY/NOT_IN).", "value": "CREDS_ASSERTION" } ] }, "google-native:gameservices/v1beta:ConditionOp": { "description": "An operator to apply the subject with.", "type": "string", "enum": [ { "name": "NoOp", "description": "Default no-op.", "value": "NO_OP" }, { "name": "Equals", "description": "DEPRECATED. Use IN instead.", "value": "EQUALS" }, { "name": "NotEquals", "description": "DEPRECATED. Use NOT_IN instead.", "value": "NOT_EQUALS" }, { "name": "In", "description": "The condition is true if the subject (or any element of it if it is a set) matches any of the supplied values.", "value": "IN" }, { "name": "NotIn", "description": "The condition is true if the subject (or every element of it if it is a set) matches none of the supplied values.", "value": "NOT_IN" }, { "name": "Discharged", "description": "Subject is discharged", "value": "DISCHARGED" } ] }, "google-native:gameservices/v1beta:ConditionResponse": { "description": "A condition to be met.", "properties": { "iam": { "type": "string", "description": "Trusted attributes supplied by the IAM system." }, "op": { "type": "string", "description": "An operator to apply the subject with." }, "svc": { "type": "string", "description": "Trusted attributes discharged by the service." }, "sys": { "type": "string", "description": "Trusted attributes supplied by any service that owns resources and uses the IAM system for access control." }, "values": { "type": "array", "items": { "type": "string" }, "description": "The objects of the condition." } }, "type": "object", "required": [ "iam", "op", "svc", "sys", "values" ] }, "google-native:gameservices/v1beta:ConditionSys": { "description": "Trusted attributes supplied by any service that owns resources and uses the IAM system for access control.", "type": "string", "enum": [ { "name": "NoAttr", "description": "Default non-attribute type", "value": "NO_ATTR" }, { "name": "Region", "description": "Region of the resource", "value": "REGION" }, { "name": "Service", "description": "Service name", "value": "SERVICE" }, { "name": "Name", "description": "Resource name", "value": "NAME" }, { "name": "Ip", "description": "IP address of the caller", "value": "IP" } ] }, "google-native:gameservices/v1beta:CounterOptions": { "description": "Increment a streamz counter with the specified metric and field names. Metric names should start with a '/', generally be lowercase-only, and end in \"_count\". Field names should not contain an initial slash. The actual exported metric names will have \"/iam/policy\" prepended. Field names correspond to IAM request parameters and field values are their respective values. Supported field names: - \"authority\", which is \"[token]\" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - \"iam_principal\", a representation of IAMContext.principal even if a token or authority selector is present; or - \"\" (empty string), resulting in a counter with no fields. Examples: counter { metric: \"/debug_access_count\" field: \"iam_principal\" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}", "properties": { "customFields": { "type": "array", "items": { "$ref": "#/types/google-native:gameservices%2Fv1beta:CustomField" }, "description": "Custom fields." }, "field": { "type": "string", "description": "The field value to attribute." }, "metric": { "type": "string", "description": "The metric to update." } }, "type": "object" }, "google-native:gameservices/v1beta:CounterOptionsResponse": { "description": "Increment a streamz counter with the specified metric and field names. Metric names should start with a '/', generally be lowercase-only, and end in \"_count\". Field names should not contain an initial slash. The actual exported metric names will have \"/iam/policy\" prepended. Field names correspond to IAM request parameters and field values are their respective values. Supported field names: - \"authority\", which is \"[token]\" if IAMContext.token is present, otherwise the value of IAMContext.authority_selector if present, and otherwise a representation of IAMContext.principal; or - \"iam_principal\", a representation of IAMContext.principal even if a token or authority selector is present; or - \"\" (empty string), resulting in a counter with no fields. Examples: counter { metric: \"/debug_access_count\" field: \"iam_principal\" } ==> increment counter /iam/policy/debug_access_count {iam_principal=[value of IAMContext.principal]}", "properties": { "customFields": { "type": "array", "items": { "$ref": "#/types/google-native:gameservices%2Fv1beta:CustomFieldResponse" }, "description": "Custom fields." }, "field": { "type": "string", "description": "The field value to attribute." }, "metric": { "type": "string", "description": "The metric to update." } }, "type": "object", "required": [ "customFields", "field", "metric" ] }, "google-native:gameservices/v1beta:CustomField": { "description": "Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.", "properties": { "name": { "type": "string", "description": "Name is the field name." }, "value": { "type": "string", "description": "Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext." } }, "type": "object" }, "google-native:gameservices/v1beta:CustomFieldResponse": { "description": "Custom fields. These can be used to create a counter with arbitrary field/value pairs. See: go/rpcsp-custom-fields.", "properties": { "name": { "type": "string", "description": "Name is the field name." }, "value": { "type": "string", "description": "Value is the field value. It is important that in contrast to the CounterOptions.field, the value here is a constant that is not derived from the IAMContext." } }, "type": "object", "required": [ "name", "value" ] }, "google-native:gameservices/v1beta:DataAccessOptions": { "description": "Write a Data Access (Gin) log", "properties": { "logMode": { "$ref": "#/types/google-native:gameservices%2Fv1beta:DataAccessOptionsLogMode" } }, "type": "object" }, "google-native:gameservices/v1beta:DataAccessOptionsLogMode": { "type": "string", "enum": [ { "name": "LogModeUnspecified", "description": "Client is not required to write a partial Gin log immediately after the authorization check. If client chooses to write one and it fails, client may either fail open (allow the operation to continue) or fail closed (handle as a DENY outcome).", "value": "LOG_MODE_UNSPECIFIED" }, { "name": "LogFailClosed", "description": "The application's operation in the context of which this authorization check is being made may only be performed if it is successfully logged to Gin. For instance, the authorization library may satisfy this obligation by emitting a partial log entry at authorization check time and only returning ALLOW to the application if it succeeds. If a matching Rule has this directive, but the client has not indicated that it will honor such requirements, then the IAM check will result in authorization failure by setting CheckPolicyResponse.success=false.", "value": "LOG_FAIL_CLOSED" } ] }, "google-native:gameservices/v1beta:DataAccessOptionsResponse": { "description": "Write a Data Access (Gin) log", "properties": { "logMode": { "type": "string" } }, "type": "object", "required": [ "logMode" ] }, "google-native:gameservices/v1beta:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:gameservices/v1beta:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:gameservices/v1beta:LogConfig": { "description": "Specifies what kind of log the caller must write", "properties": { "cloudAudit": { "$ref": "#/types/google-native:gameservices%2Fv1beta:CloudAuditOptions", "description": "Cloud audit options." }, "counter": { "$ref": "#/types/google-native:gameservices%2Fv1beta:CounterOptions", "description": "Counter options." }, "dataAccess": { "$ref": "#/types/google-native:gameservices%2Fv1beta:DataAccessOptions", "description": "Data access options." } }, "type": "object" }, "google-native:gameservices/v1beta:LogConfigResponse": { "description": "Specifies what kind of log the caller must write", "properties": { "cloudAudit": { "$ref": "#/types/google-native:gameservices%2Fv1beta:CloudAuditOptionsResponse", "description": "Cloud audit options." }, "counter": { "$ref": "#/types/google-native:gameservices%2Fv1beta:CounterOptionsResponse", "description": "Counter options." }, "dataAccess": { "$ref": "#/types/google-native:gameservices%2Fv1beta:DataAccessOptionsResponse", "description": "Data access options." } }, "type": "object", "required": [ "cloudAudit", "counter", "dataAccess" ] }, "google-native:gameservices/v1beta:Rule": { "description": "A rule to be applied in a Policy.", "properties": { "action": { "$ref": "#/types/google-native:gameservices%2Fv1beta:RuleAction", "description": "Required" }, "conditions": { "type": "array", "items": { "$ref": "#/types/google-native:gameservices%2Fv1beta:Condition" }, "description": "Additional restrictions that must be met. All conditions must pass for the rule to match." }, "description": { "type": "string", "description": "Human-readable description of the rule." }, "in": { "type": "array", "items": { "type": "string" }, "description": "If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries." }, "logConfig": { "type": "array", "items": { "$ref": "#/types/google-native:gameservices%2Fv1beta:LogConfig" }, "description": "The config returned to callers of CheckPolicy for any entries that match the LOG action." }, "notIn": { "type": "array", "items": { "type": "string" }, "description": "If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries. The format for in and not_in entries can be found at in the Local IAM documentation (see go/local-iam#features)." }, "permissions": { "type": "array", "items": { "type": "string" }, "description": "A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs." } }, "type": "object" }, "google-native:gameservices/v1beta:RuleAction": { "description": "Required", "type": "string", "enum": [ { "name": "NoAction", "description": "Default no action.", "value": "NO_ACTION" }, { "name": "Allow", "description": "Matching 'Entries' grant access.", "value": "ALLOW" }, { "name": "AllowWithLog", "description": "Matching 'Entries' grant access and the caller promises to log the request per the returned log_configs.", "value": "ALLOW_WITH_LOG" }, { "name": "Deny", "description": "Matching 'Entries' deny access.", "value": "DENY" }, { "name": "DenyWithLog", "description": "Matching 'Entries' deny access and the caller promises to log the request per the returned log_configs.", "value": "DENY_WITH_LOG" }, { "name": "Log", "description": "Matching 'Entries' tell IAM.Check callers to generate logs.", "value": "LOG" } ] }, "google-native:gameservices/v1beta:RuleResponse": { "description": "A rule to be applied in a Policy.", "properties": { "action": { "type": "string", "description": "Required" }, "conditions": { "type": "array", "items": { "$ref": "#/types/google-native:gameservices%2Fv1beta:ConditionResponse" }, "description": "Additional restrictions that must be met. All conditions must pass for the rule to match." }, "description": { "type": "string", "description": "Human-readable description of the rule." }, "in": { "type": "array", "items": { "type": "string" }, "description": "If one or more 'in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries." }, "logConfig": { "type": "array", "items": { "$ref": "#/types/google-native:gameservices%2Fv1beta:LogConfigResponse" }, "description": "The config returned to callers of CheckPolicy for any entries that match the LOG action." }, "notIn": { "type": "array", "items": { "type": "string" }, "description": "If one or more 'not_in' clauses are specified, the rule matches if the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entries. The format for in and not_in entries can be found at in the Local IAM documentation (see go/local-iam#features)." }, "permissions": { "type": "array", "items": { "type": "string" }, "description": "A permission is a string of form '..' (e.g., 'storage.buckets.list'). A value of '*' matches all permissions, and a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs." } }, "type": "object", "required": [ "action", "conditions", "description", "in", "logConfig", "notIn", "permissions" ] }, "google-native:genomics/v1alpha2:Disk": { "description": "A Google Compute Engine disk resource specification.", "properties": { "autoDelete": { "type": "boolean", "description": "Deprecated. Disks created by the Pipelines API will be deleted at the end of the pipeline run, regardless of what this field is set to.", "deprecationMessage": "Deprecated. Disks created by the Pipelines API will be deleted at the end of the pipeline run, regardless of what this field is set to." }, "mountPoint": { "type": "string", "description": "Required at create time and cannot be overridden at run time. Specifies the path in the docker container where files on this disk should be located. For example, if `mountPoint` is `/mnt/disk`, and the parameter has `localPath` `inputs/file.txt`, the docker container can access the data at `/mnt/disk/inputs/file.txt`." }, "name": { "type": "string", "description": "The name of the disk that can be used in the pipeline parameters. Must be 1 - 63 characters. The name \"boot\" is reserved for system use." }, "readOnly": { "type": "boolean", "description": "Specifies how a sourced-base persistent disk will be mounted. See https://cloud.google.com/compute/docs/disks/persistent-disks#use_multi_instances for more details. Can only be set at create time." }, "sizeGb": { "type": "integer", "description": "The size of the disk. Defaults to 500 (GB). This field is not applicable for local SSD." }, "source": { "type": "string", "description": "The full or partial URL of the persistent disk to attach. See https://cloud.google.com/compute/docs/reference/latest/instances#resource and https://cloud.google.com/compute/docs/disks/persistent-disks#snapshots for more details." }, "type": { "$ref": "#/types/google-native:genomics%2Fv1alpha2:DiskType", "description": "The type of the disk to create." } }, "type": "object", "required": [ "name", "type" ] }, "google-native:genomics/v1alpha2:DiskResponse": { "description": "A Google Compute Engine disk resource specification.", "properties": { "autoDelete": { "type": "boolean", "description": "Deprecated. Disks created by the Pipelines API will be deleted at the end of the pipeline run, regardless of what this field is set to.", "deprecationMessage": "Deprecated. Disks created by the Pipelines API will be deleted at the end of the pipeline run, regardless of what this field is set to." }, "mountPoint": { "type": "string", "description": "Required at create time and cannot be overridden at run time. Specifies the path in the docker container where files on this disk should be located. For example, if `mountPoint` is `/mnt/disk`, and the parameter has `localPath` `inputs/file.txt`, the docker container can access the data at `/mnt/disk/inputs/file.txt`." }, "name": { "type": "string", "description": "The name of the disk that can be used in the pipeline parameters. Must be 1 - 63 characters. The name \"boot\" is reserved for system use." }, "readOnly": { "type": "boolean", "description": "Specifies how a sourced-base persistent disk will be mounted. See https://cloud.google.com/compute/docs/disks/persistent-disks#use_multi_instances for more details. Can only be set at create time." }, "sizeGb": { "type": "integer", "description": "The size of the disk. Defaults to 500 (GB). This field is not applicable for local SSD." }, "source": { "type": "string", "description": "The full or partial URL of the persistent disk to attach. See https://cloud.google.com/compute/docs/reference/latest/instances#resource and https://cloud.google.com/compute/docs/disks/persistent-disks#snapshots for more details." }, "type": { "type": "string", "description": "The type of the disk to create." } }, "type": "object", "required": [ "autoDelete", "mountPoint", "name", "readOnly", "sizeGb", "source", "type" ] }, "google-native:genomics/v1alpha2:DiskType": { "description": "Required. The type of the disk to create.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Default disk type. Use one of the other options below.", "value": "TYPE_UNSPECIFIED" }, { "name": "PersistentHdd", "description": "Specifies a Google Compute Engine persistent hard disk. See https://cloud.google.com/compute/docs/disks/#pdspecs for details.", "value": "PERSISTENT_HDD" }, { "name": "PersistentSsd", "description": "Specifies a Google Compute Engine persistent solid-state disk. See https://cloud.google.com/compute/docs/disks/#pdspecs for details.", "value": "PERSISTENT_SSD" }, { "name": "LocalSsd", "description": "Specifies a Google Compute Engine local SSD. See https://cloud.google.com/compute/docs/disks/local-ssd for details.", "value": "LOCAL_SSD" } ] }, "google-native:genomics/v1alpha2:DockerExecutor": { "description": "The Docker execuctor specification.", "properties": { "cmd": { "type": "string", "description": "The command or newline delimited script to run. The command string will be executed within a bash shell. If the command exits with a non-zero exit code, output parameter de-localization will be skipped and the pipeline operation's `error` field will be populated. Maximum command string length is 16384." }, "imageName": { "type": "string", "description": "Image name from either Docker Hub or Google Container Registry. Users that run pipelines must have READ access to the image." } }, "type": "object", "required": [ "cmd", "imageName" ] }, "google-native:genomics/v1alpha2:DockerExecutorResponse": { "description": "The Docker execuctor specification.", "properties": { "cmd": { "type": "string", "description": "The command or newline delimited script to run. The command string will be executed within a bash shell. If the command exits with a non-zero exit code, output parameter de-localization will be skipped and the pipeline operation's `error` field will be populated. Maximum command string length is 16384." }, "imageName": { "type": "string", "description": "Image name from either Docker Hub or Google Container Registry. Users that run pipelines must have READ access to the image." } }, "type": "object", "required": [ "cmd", "imageName" ] }, "google-native:genomics/v1alpha2:LocalCopy": { "description": "LocalCopy defines how a remote file should be copied to and from the VM.", "properties": { "disk": { "type": "string", "description": "The name of the disk where this parameter is located. Can be the name of one of the disks specified in the Resources field, or \"boot\", which represents the Docker instance's boot disk and has a mount point of `/`." }, "path": { "type": "string", "description": "The path within the user's docker container where this input should be localized to and from, relative to the specified disk's mount point. For example: file.txt," } }, "type": "object", "required": [ "disk", "path" ] }, "google-native:genomics/v1alpha2:LocalCopyResponse": { "description": "LocalCopy defines how a remote file should be copied to and from the VM.", "properties": { "disk": { "type": "string", "description": "The name of the disk where this parameter is located. Can be the name of one of the disks specified in the Resources field, or \"boot\", which represents the Docker instance's boot disk and has a mount point of `/`." }, "path": { "type": "string", "description": "The path within the user's docker container where this input should be localized to and from, relative to the specified disk's mount point. For example: file.txt," } }, "type": "object", "required": [ "disk", "path" ] }, "google-native:genomics/v1alpha2:PipelineParameter": { "description": "Parameters facilitate setting and delivering data into the pipeline's execution environment. They are defined at create time, with optional defaults, and can be overridden at run time. If `localCopy` is unset, then the parameter specifies a string that is passed as-is into the pipeline, as the value of the environment variable with the given name. A default value can be optionally specified at create time. The default can be overridden at run time using the inputs map. If no default is given, a value must be supplied at runtime. If `localCopy` is defined, then the parameter specifies a data source or sink, both in Google Cloud Storage and on the Docker container where the pipeline computation is run. The service account associated with the Pipeline (by default the project's Compute Engine service account) must have access to the Google Cloud Storage paths. At run time, the Google Cloud Storage paths can be overridden if a default was provided at create time, or must be set otherwise. The pipeline runner should add a key/value pair to either the inputs or outputs map. The indicated data copies will be carried out before/after pipeline execution, just as if the corresponding arguments were provided to `gsutil cp`. For example: Given the following `PipelineParameter`, specified in the `inputParameters` list: ``` {name: \"input_file\", localCopy: {path: \"file.txt\", disk: \"pd1\"}} ``` where `disk` is defined in the `PipelineResources` object as: ``` {name: \"pd1\", mountPoint: \"/mnt/disk/\"} ``` We create a disk named `pd1`, mount it on the host VM, and map `/mnt/pd1` to `/mnt/disk` in the docker container. At runtime, an entry for `input_file` would be required in the inputs map, such as: ``` inputs[\"input_file\"] = \"gs://my-bucket/bar.txt\" ``` This would generate the following gsutil call: ``` gsutil cp gs://my-bucket/bar.txt /mnt/pd1/file.txt ``` The file `/mnt/pd1/file.txt` maps to `/mnt/disk/file.txt` in the Docker container. Acceptable paths are: Google Cloud storage pathLocal path file file glob directory For outputs, the direction of the copy is reversed: ``` gsutil cp /mnt/disk/file.txt gs://my-bucket/bar.txt ``` Acceptable paths are: Local pathGoogle Cloud Storage path file file file directory - directory must already exist glob directory - directory will be created if it doesn't exist One restriction due to docker limitations, is that for outputs that are found on the boot disk, the local path cannot be a glob and must be a file.", "properties": { "defaultValue": { "type": "string", "description": "The default value for this parameter. Can be overridden at runtime. If `localCopy` is present, then this must be a Google Cloud Storage path beginning with `gs://`." }, "description": { "type": "string", "description": "Human-readable description." }, "localCopy": { "$ref": "#/types/google-native:genomics%2Fv1alpha2:LocalCopy", "description": "If present, this parameter is marked for copying to and from the VM. `LocalCopy` indicates where on the VM the file should be. The value given to this parameter (either at runtime or using `defaultValue`) must be the remote path where the file should be." }, "name": { "type": "string", "description": "Name of the parameter - the pipeline runner uses this string as the key to the input and output maps in RunPipeline." } }, "type": "object", "required": [ "name" ] }, "google-native:genomics/v1alpha2:PipelineParameterResponse": { "description": "Parameters facilitate setting and delivering data into the pipeline's execution environment. They are defined at create time, with optional defaults, and can be overridden at run time. If `localCopy` is unset, then the parameter specifies a string that is passed as-is into the pipeline, as the value of the environment variable with the given name. A default value can be optionally specified at create time. The default can be overridden at run time using the inputs map. If no default is given, a value must be supplied at runtime. If `localCopy` is defined, then the parameter specifies a data source or sink, both in Google Cloud Storage and on the Docker container where the pipeline computation is run. The service account associated with the Pipeline (by default the project's Compute Engine service account) must have access to the Google Cloud Storage paths. At run time, the Google Cloud Storage paths can be overridden if a default was provided at create time, or must be set otherwise. The pipeline runner should add a key/value pair to either the inputs or outputs map. The indicated data copies will be carried out before/after pipeline execution, just as if the corresponding arguments were provided to `gsutil cp`. For example: Given the following `PipelineParameter`, specified in the `inputParameters` list: ``` {name: \"input_file\", localCopy: {path: \"file.txt\", disk: \"pd1\"}} ``` where `disk` is defined in the `PipelineResources` object as: ``` {name: \"pd1\", mountPoint: \"/mnt/disk/\"} ``` We create a disk named `pd1`, mount it on the host VM, and map `/mnt/pd1` to `/mnt/disk` in the docker container. At runtime, an entry for `input_file` would be required in the inputs map, such as: ``` inputs[\"input_file\"] = \"gs://my-bucket/bar.txt\" ``` This would generate the following gsutil call: ``` gsutil cp gs://my-bucket/bar.txt /mnt/pd1/file.txt ``` The file `/mnt/pd1/file.txt` maps to `/mnt/disk/file.txt` in the Docker container. Acceptable paths are: Google Cloud storage pathLocal path file file glob directory For outputs, the direction of the copy is reversed: ``` gsutil cp /mnt/disk/file.txt gs://my-bucket/bar.txt ``` Acceptable paths are: Local pathGoogle Cloud Storage path file file file directory - directory must already exist glob directory - directory will be created if it doesn't exist One restriction due to docker limitations, is that for outputs that are found on the boot disk, the local path cannot be a glob and must be a file.", "properties": { "defaultValue": { "type": "string", "description": "The default value for this parameter. Can be overridden at runtime. If `localCopy` is present, then this must be a Google Cloud Storage path beginning with `gs://`." }, "description": { "type": "string", "description": "Human-readable description." }, "localCopy": { "$ref": "#/types/google-native:genomics%2Fv1alpha2:LocalCopyResponse", "description": "If present, this parameter is marked for copying to and from the VM. `LocalCopy` indicates where on the VM the file should be. The value given to this parameter (either at runtime or using `defaultValue`) must be the remote path where the file should be." }, "name": { "type": "string", "description": "Name of the parameter - the pipeline runner uses this string as the key to the input and output maps in RunPipeline." } }, "type": "object", "required": [ "defaultValue", "description", "localCopy", "name" ] }, "google-native:genomics/v1alpha2:PipelineResources": { "description": "The system resources for the pipeline run.", "properties": { "acceleratorCount": { "type": "string", "description": "Optional. The number of accelerators of the specified type to attach. By specifying this parameter, you will download and install the following third-party software onto your managed Compute Engine instances: NVIDIA® Tesla® drivers and NVIDIA® CUDA toolkit." }, "acceleratorType": { "type": "string", "description": "Optional. The Compute Engine defined accelerator type. By specifying this parameter, you will download and install the following third-party software onto your managed Compute Engine instances: NVIDIA® Tesla® drivers and NVIDIA® CUDA toolkit. Please see https://cloud.google.com/compute/docs/gpus/ for a list of available accelerator types." }, "bootDiskSizeGb": { "type": "integer", "description": "The size of the boot disk. Defaults to 10 (GB)." }, "disks": { "type": "array", "items": { "$ref": "#/types/google-native:genomics%2Fv1alpha2:Disk" }, "description": "Disks to attach." }, "minimumCpuCores": { "type": "integer", "description": "The minimum number of cores to use. Defaults to 1." }, "minimumRamGb": { "type": "number", "description": "The minimum amount of RAM to use. Defaults to 3.75 (GB)" }, "noAddress": { "type": "boolean", "description": "Whether to assign an external IP to the instance. This is an experimental feature that may go away. Defaults to false. Corresponds to `--no_address` flag for [gcloud compute instances create] (https://cloud.google.com/sdk/gcloud/reference/compute/instances/create). In order to use this, must be true for both create time and run time. Cannot be true at run time if false at create time. If you need to ssh into a private IP VM for debugging, you can ssh to a public VM and then ssh into the private VM's Internal IP. If noAddress is set, this pipeline run may only load docker images from Google Container Registry and not Docker Hub. Before using this, you must [configure access to Google services from internal IPs](https://cloud.google.com/compute/docs/configure-private-google-access#configuring_access_to_google_services_from_internal_ips)." }, "preemptible": { "type": "boolean", "description": "Whether to use preemptible VMs. Defaults to `false`. In order to use this, must be true for both create time and run time. Cannot be true at run time if false at create time." }, "zones": { "type": "array", "items": { "type": "string" }, "description": "List of Google Compute Engine availability zones to which resource creation will restricted. If empty, any zone may be chosen." } }, "type": "object" }, "google-native:genomics/v1alpha2:PipelineResourcesResponse": { "description": "The system resources for the pipeline run.", "properties": { "acceleratorCount": { "type": "string", "description": "Optional. The number of accelerators of the specified type to attach. By specifying this parameter, you will download and install the following third-party software onto your managed Compute Engine instances: NVIDIA® Tesla® drivers and NVIDIA® CUDA toolkit." }, "acceleratorType": { "type": "string", "description": "Optional. The Compute Engine defined accelerator type. By specifying this parameter, you will download and install the following third-party software onto your managed Compute Engine instances: NVIDIA® Tesla® drivers and NVIDIA® CUDA toolkit. Please see https://cloud.google.com/compute/docs/gpus/ for a list of available accelerator types." }, "bootDiskSizeGb": { "type": "integer", "description": "The size of the boot disk. Defaults to 10 (GB)." }, "disks": { "type": "array", "items": { "$ref": "#/types/google-native:genomics%2Fv1alpha2:DiskResponse" }, "description": "Disks to attach." }, "minimumCpuCores": { "type": "integer", "description": "The minimum number of cores to use. Defaults to 1." }, "minimumRamGb": { "type": "number", "description": "The minimum amount of RAM to use. Defaults to 3.75 (GB)" }, "noAddress": { "type": "boolean", "description": "Whether to assign an external IP to the instance. This is an experimental feature that may go away. Defaults to false. Corresponds to `--no_address` flag for [gcloud compute instances create] (https://cloud.google.com/sdk/gcloud/reference/compute/instances/create). In order to use this, must be true for both create time and run time. Cannot be true at run time if false at create time. If you need to ssh into a private IP VM for debugging, you can ssh to a public VM and then ssh into the private VM's Internal IP. If noAddress is set, this pipeline run may only load docker images from Google Container Registry and not Docker Hub. Before using this, you must [configure access to Google services from internal IPs](https://cloud.google.com/compute/docs/configure-private-google-access#configuring_access_to_google_services_from_internal_ips)." }, "preemptible": { "type": "boolean", "description": "Whether to use preemptible VMs. Defaults to `false`. In order to use this, must be true for both create time and run time. Cannot be true at run time if false at create time." }, "zones": { "type": "array", "items": { "type": "string" }, "description": "List of Google Compute Engine availability zones to which resource creation will restricted. If empty, any zone may be chosen." } }, "type": "object", "required": [ "acceleratorCount", "acceleratorType", "bootDiskSizeGb", "disks", "minimumCpuCores", "minimumRamGb", "noAddress", "preemptible", "zones" ] }, "google-native:gkebackup/v1:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:gkebackup%2Fv1:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:gkebackup/v1:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:gkebackup%2Fv1:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:gkebackup/v1:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:gkebackup%2Fv1:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:gkebackup/v1:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:gkebackup/v1:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:gkebackup/v1:BackupConfig": { "description": "BackupConfig defines the configuration of Backups created via this BackupPlan.", "properties": { "allNamespaces": { "type": "boolean", "description": "If True, include all namespaced resources" }, "encryptionKey": { "$ref": "#/types/google-native:gkebackup%2Fv1:EncryptionKey", "description": "Optional. This defines a customer managed encryption key that will be used to encrypt the \"config\" portion (the Kubernetes resources) of Backups created via this plan. Default (empty): Config backup artifacts will not be encrypted." }, "includeSecrets": { "type": "boolean", "description": "Optional. This flag specifies whether Kubernetes Secret resources should be included when they fall into the scope of Backups. Default: False" }, "includeVolumeData": { "type": "boolean", "description": "Optional. This flag specifies whether volume data should be backed up when PVCs are included in the scope of a Backup. Default: False" }, "selectedApplications": { "$ref": "#/types/google-native:gkebackup%2Fv1:NamespacedNames", "description": "If set, include just the resources referenced by the listed ProtectedApplications." }, "selectedNamespaces": { "$ref": "#/types/google-native:gkebackup%2Fv1:Namespaces", "description": "If set, include just the resources in the listed namespaces." } }, "type": "object" }, "google-native:gkebackup/v1:BackupConfigResponse": { "description": "BackupConfig defines the configuration of Backups created via this BackupPlan.", "properties": { "allNamespaces": { "type": "boolean", "description": "If True, include all namespaced resources" }, "encryptionKey": { "$ref": "#/types/google-native:gkebackup%2Fv1:EncryptionKeyResponse", "description": "Optional. This defines a customer managed encryption key that will be used to encrypt the \"config\" portion (the Kubernetes resources) of Backups created via this plan. Default (empty): Config backup artifacts will not be encrypted." }, "includeSecrets": { "type": "boolean", "description": "Optional. This flag specifies whether Kubernetes Secret resources should be included when they fall into the scope of Backups. Default: False" }, "includeVolumeData": { "type": "boolean", "description": "Optional. This flag specifies whether volume data should be backed up when PVCs are included in the scope of a Backup. Default: False" }, "selectedApplications": { "$ref": "#/types/google-native:gkebackup%2Fv1:NamespacedNamesResponse", "description": "If set, include just the resources referenced by the listed ProtectedApplications." }, "selectedNamespaces": { "$ref": "#/types/google-native:gkebackup%2Fv1:NamespacesResponse", "description": "If set, include just the resources in the listed namespaces." } }, "type": "object", "required": [ "allNamespaces", "encryptionKey", "includeSecrets", "includeVolumeData", "selectedApplications", "selectedNamespaces" ] }, "google-native:gkebackup/v1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:gkebackup%2Fv1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:gkebackup/v1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:gkebackup%2Fv1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:gkebackup/v1:ClusterMetadataResponse": { "description": "Information about the GKE cluster from which this Backup was created.", "properties": { "anthosVersion": { "type": "string", "description": "Anthos version" }, "backupCrdVersions": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A list of the Backup for GKE CRD versions found in the cluster." }, "cluster": { "type": "string", "description": "The source cluster from which this Backup was created. Valid formats: - `projects/*/locations/*/clusters/*` - `projects/*/zones/*/clusters/*` This is inherited from the parent BackupPlan's cluster field." }, "gkeVersion": { "type": "string", "description": "GKE version" }, "k8sVersion": { "type": "string", "description": "The Kubernetes server version of the source cluster." } }, "type": "object", "required": [ "anthosVersion", "backupCrdVersions", "cluster", "gkeVersion", "k8sVersion" ] }, "google-native:gkebackup/v1:ClusterResourceRestoreScope": { "description": "Defines the scope of cluster-scoped resources to restore. Some group kinds are not reasonable choices for a restore, and will cause an error if selected here. Any scope selection that would restore \"all valid\" resources automatically excludes these group kinds. - gkebackup.gke.io/BackupJob - gkebackup.gke.io/RestoreJob - metrics.k8s.io/NodeMetrics - migration.k8s.io/StorageState - migration.k8s.io/StorageVersionMigration - Node - snapshot.storage.k8s.io/VolumeSnapshotContent - storage.k8s.io/CSINode Some group kinds are driven by restore configuration elsewhere, and will cause an error if selected here. - Namespace - PersistentVolume", "properties": { "allGroupKinds": { "type": "boolean", "description": "Optional. If True, all valid cluster-scoped resources will be restored. Mutually exclusive to any other field in the message." }, "excludedGroupKinds": { "type": "array", "items": { "$ref": "#/types/google-native:gkebackup%2Fv1:GroupKind" }, "description": "Optional. A list of cluster-scoped resource group kinds to NOT restore from the backup. If specified, all valid cluster-scoped resources will be restored except for those specified in the list. Mutually exclusive to any other field in the message." }, "noGroupKinds": { "type": "boolean", "description": "Optional. If True, no cluster-scoped resources will be restored. This has the same restore scope as if the message is not defined. Mutually exclusive to any other field in the message." }, "selectedGroupKinds": { "type": "array", "items": { "$ref": "#/types/google-native:gkebackup%2Fv1:GroupKind" }, "description": "Optional. A list of cluster-scoped resource group kinds to restore from the backup. If specified, only the selected resources will be restored. Mutually exclusive to any other field in the message." } }, "type": "object" }, "google-native:gkebackup/v1:ClusterResourceRestoreScopeResponse": { "description": "Defines the scope of cluster-scoped resources to restore. Some group kinds are not reasonable choices for a restore, and will cause an error if selected here. Any scope selection that would restore \"all valid\" resources automatically excludes these group kinds. - gkebackup.gke.io/BackupJob - gkebackup.gke.io/RestoreJob - metrics.k8s.io/NodeMetrics - migration.k8s.io/StorageState - migration.k8s.io/StorageVersionMigration - Node - snapshot.storage.k8s.io/VolumeSnapshotContent - storage.k8s.io/CSINode Some group kinds are driven by restore configuration elsewhere, and will cause an error if selected here. - Namespace - PersistentVolume", "properties": { "allGroupKinds": { "type": "boolean", "description": "Optional. If True, all valid cluster-scoped resources will be restored. Mutually exclusive to any other field in the message." }, "excludedGroupKinds": { "type": "array", "items": { "$ref": "#/types/google-native:gkebackup%2Fv1:GroupKindResponse" }, "description": "Optional. A list of cluster-scoped resource group kinds to NOT restore from the backup. If specified, all valid cluster-scoped resources will be restored except for those specified in the list. Mutually exclusive to any other field in the message." }, "noGroupKinds": { "type": "boolean", "description": "Optional. If True, no cluster-scoped resources will be restored. This has the same restore scope as if the message is not defined. Mutually exclusive to any other field in the message." }, "selectedGroupKinds": { "type": "array", "items": { "$ref": "#/types/google-native:gkebackup%2Fv1:GroupKindResponse" }, "description": "Optional. A list of cluster-scoped resource group kinds to restore from the backup. If specified, only the selected resources will be restored. Mutually exclusive to any other field in the message." } }, "type": "object", "required": [ "allGroupKinds", "excludedGroupKinds", "noGroupKinds", "selectedGroupKinds" ] }, "google-native:gkebackup/v1:EncryptionKey": { "description": "Defined a customer managed encryption key that will be used to encrypt Backup artifacts.", "properties": { "gcpKmsEncryptionKey": { "type": "string", "description": "Optional. Google Cloud KMS encryption key. Format: `projects/*/locations/*/keyRings/*/cryptoKeys/*`" } }, "type": "object" }, "google-native:gkebackup/v1:EncryptionKeyResponse": { "description": "Defined a customer managed encryption key that will be used to encrypt Backup artifacts.", "properties": { "gcpKmsEncryptionKey": { "type": "string", "description": "Optional. Google Cloud KMS encryption key. Format: `projects/*/locations/*/keyRings/*/cryptoKeys/*`" } }, "type": "object", "required": [ "gcpKmsEncryptionKey" ] }, "google-native:gkebackup/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:gkebackup/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:gkebackup/v1:GroupKind": { "description": "This is a direct map to the Kubernetes GroupKind type [GroupKind](https://godoc.org/k8s.io/apimachinery/pkg/runtime/schema#GroupKind) and is used for identifying specific \"types\" of resources to restore.", "properties": { "resourceGroup": { "type": "string", "description": "Optional. API group string of a Kubernetes resource, e.g. \"apiextensions.k8s.io\", \"storage.k8s.io\", etc. Note: use empty string for core API group" }, "resourceKind": { "type": "string", "description": "Optional. Kind of a Kubernetes resource, must be in UpperCamelCase (PascalCase) and singular form. E.g. \"CustomResourceDefinition\", \"StorageClass\", etc." } }, "type": "object" }, "google-native:gkebackup/v1:GroupKindResponse": { "description": "This is a direct map to the Kubernetes GroupKind type [GroupKind](https://godoc.org/k8s.io/apimachinery/pkg/runtime/schema#GroupKind) and is used for identifying specific \"types\" of resources to restore.", "properties": { "resourceGroup": { "type": "string", "description": "Optional. API group string of a Kubernetes resource, e.g. \"apiextensions.k8s.io\", \"storage.k8s.io\", etc. Note: use empty string for core API group" }, "resourceKind": { "type": "string", "description": "Optional. Kind of a Kubernetes resource, must be in UpperCamelCase (PascalCase) and singular form. E.g. \"CustomResourceDefinition\", \"StorageClass\", etc." } }, "type": "object", "required": [ "resourceGroup", "resourceKind" ] }, "google-native:gkebackup/v1:NamespacedName": { "description": "A reference to a namespaced resource in Kubernetes.", "properties": { "name": { "type": "string", "description": "Optional. The name of the Kubernetes resource." }, "namespace": { "type": "string", "description": "Optional. The Namespace of the Kubernetes resource." } }, "type": "object" }, "google-native:gkebackup/v1:NamespacedNameResponse": { "description": "A reference to a namespaced resource in Kubernetes.", "properties": { "name": { "type": "string", "description": "Optional. The name of the Kubernetes resource." }, "namespace": { "type": "string", "description": "Optional. The Namespace of the Kubernetes resource." } }, "type": "object", "required": [ "name", "namespace" ] }, "google-native:gkebackup/v1:NamespacedNames": { "description": "A list of namespaced Kubernetes resources.", "properties": { "namespacedNames": { "type": "array", "items": { "$ref": "#/types/google-native:gkebackup%2Fv1:NamespacedName" }, "description": "Optional. A list of namespaced Kubernetes resources." } }, "type": "object" }, "google-native:gkebackup/v1:NamespacedNamesResponse": { "description": "A list of namespaced Kubernetes resources.", "properties": { "namespacedNames": { "type": "array", "items": { "$ref": "#/types/google-native:gkebackup%2Fv1:NamespacedNameResponse" }, "description": "Optional. A list of namespaced Kubernetes resources." } }, "type": "object", "required": [ "namespacedNames" ] }, "google-native:gkebackup/v1:Namespaces": { "description": "A list of Kubernetes Namespaces", "properties": { "namespaces": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of Kubernetes Namespaces" } }, "type": "object" }, "google-native:gkebackup/v1:NamespacesResponse": { "description": "A list of Kubernetes Namespaces", "properties": { "namespaces": { "type": "array", "items": { "type": "string" }, "description": "Optional. A list of Kubernetes Namespaces" } }, "type": "object", "required": [ "namespaces" ] }, "google-native:gkebackup/v1:ResourceFilter": { "description": "ResourceFilter specifies matching criteria to limit the scope of a change to a specific set of kubernetes resources that are selected for restoration from a backup.", "properties": { "groupKinds": { "type": "array", "items": { "$ref": "#/types/google-native:gkebackup%2Fv1:GroupKind" }, "description": "Optional. (Filtering parameter) Any resource subject to transformation must belong to one of the listed \"types\". If this field is not provided, no type filtering will be performed (all resources of all types matching previous filtering parameters will be candidates for transformation)." }, "jsonPath": { "type": "string", "description": "Optional. This is a [JSONPath] (https://github.com/json-path/JsonPath/blob/master/README.md) expression that matches specific fields of candidate resources and it operates as a filtering parameter (resources that are not matched with this expression will not be candidates for transformation)." }, "namespaces": { "type": "array", "items": { "type": "string" }, "description": "Optional. (Filtering parameter) Any resource subject to transformation must be contained within one of the listed Kubernetes Namespace in the Backup. If this field is not provided, no namespace filtering will be performed (all resources in all Namespaces, including all cluster-scoped resources, will be candidates for transformation)." } }, "type": "object" }, "google-native:gkebackup/v1:ResourceFilterResponse": { "description": "ResourceFilter specifies matching criteria to limit the scope of a change to a specific set of kubernetes resources that are selected for restoration from a backup.", "properties": { "groupKinds": { "type": "array", "items": { "$ref": "#/types/google-native:gkebackup%2Fv1:GroupKindResponse" }, "description": "Optional. (Filtering parameter) Any resource subject to transformation must belong to one of the listed \"types\". If this field is not provided, no type filtering will be performed (all resources of all types matching previous filtering parameters will be candidates for transformation)." }, "jsonPath": { "type": "string", "description": "Optional. This is a [JSONPath] (https://github.com/json-path/JsonPath/blob/master/README.md) expression that matches specific fields of candidate resources and it operates as a filtering parameter (resources that are not matched with this expression will not be candidates for transformation)." }, "namespaces": { "type": "array", "items": { "type": "string" }, "description": "Optional. (Filtering parameter) Any resource subject to transformation must be contained within one of the listed Kubernetes Namespace in the Backup. If this field is not provided, no namespace filtering will be performed (all resources in all Namespaces, including all cluster-scoped resources, will be candidates for transformation)." } }, "type": "object", "required": [ "groupKinds", "jsonPath", "namespaces" ] }, "google-native:gkebackup/v1:RestoreConfig": { "description": "Configuration of a restore. Next id: 13", "properties": { "allNamespaces": { "type": "boolean", "description": "Restore all namespaced resources in the Backup if set to \"True\". Specifying this field to \"False\" is an error." }, "clusterResourceConflictPolicy": { "$ref": "#/types/google-native:gkebackup%2Fv1:RestoreConfigClusterResourceConflictPolicy", "description": "Optional. Defines the behavior for handling the situation where cluster-scoped resources being restored already exist in the target cluster. This MUST be set to a value other than CLUSTER_RESOURCE_CONFLICT_POLICY_UNSPECIFIED if cluster_resource_restore_scope is not empty." }, "clusterResourceRestoreScope": { "$ref": "#/types/google-native:gkebackup%2Fv1:ClusterResourceRestoreScope", "description": "Optional. Identifies the cluster-scoped resources to restore from the Backup. Not specifying it means NO cluster resource will be restored." }, "excludedNamespaces": { "$ref": "#/types/google-native:gkebackup%2Fv1:Namespaces", "description": "A list of selected namespaces excluded from restoration. All namespaces except those in this list will be restored." }, "namespacedResourceRestoreMode": { "$ref": "#/types/google-native:gkebackup%2Fv1:RestoreConfigNamespacedResourceRestoreMode", "description": "Optional. Defines the behavior for handling the situation where sets of namespaced resources being restored already exist in the target cluster. This MUST be set to a value other than NAMESPACED_RESOURCE_RESTORE_MODE_UNSPECIFIED." }, "noNamespaces": { "type": "boolean", "description": "Do not restore any namespaced resources if set to \"True\". Specifying this field to \"False\" is not allowed." }, "selectedApplications": { "$ref": "#/types/google-native:gkebackup%2Fv1:NamespacedNames", "description": "A list of selected ProtectedApplications to restore. The listed ProtectedApplications and all the resources to which they refer will be restored." }, "selectedNamespaces": { "$ref": "#/types/google-native:gkebackup%2Fv1:Namespaces", "description": "A list of selected Namespaces to restore from the Backup. The listed Namespaces and all resources contained in them will be restored." }, "substitutionRules": { "type": "array", "items": { "$ref": "#/types/google-native:gkebackup%2Fv1:SubstitutionRule" }, "description": "Optional. A list of transformation rules to be applied against Kubernetes resources as they are selected for restoration from a Backup. Rules are executed in order defined - this order matters, as changes made by a rule may impact the filtering logic of subsequent rules. An empty list means no substitution will occur." }, "transformationRules": { "type": "array", "items": { "$ref": "#/types/google-native:gkebackup%2Fv1:TransformationRule" }, "description": "Optional. A list of transformation rules to be applied against Kubernetes resources as they are selected for restoration from a Backup. Rules are executed in order defined - this order matters, as changes made by a rule may impact the filtering logic of subsequent rules. An empty list means no transformation will occur." }, "volumeDataRestorePolicy": { "$ref": "#/types/google-native:gkebackup%2Fv1:RestoreConfigVolumeDataRestorePolicy", "description": "Optional. Specifies the mechanism to be used to restore volume data. Default: VOLUME_DATA_RESTORE_POLICY_UNSPECIFIED (will be treated as NO_VOLUME_DATA_RESTORATION)." } }, "type": "object" }, "google-native:gkebackup/v1:RestoreConfigClusterResourceConflictPolicy": { "description": "Optional. Defines the behavior for handling the situation where cluster-scoped resources being restored already exist in the target cluster. This MUST be set to a value other than CLUSTER_RESOURCE_CONFLICT_POLICY_UNSPECIFIED if cluster_resource_restore_scope is not empty.", "type": "string", "enum": [ { "name": "ClusterResourceConflictPolicyUnspecified", "description": "Unspecified. Only allowed if no cluster-scoped resources will be restored.", "value": "CLUSTER_RESOURCE_CONFLICT_POLICY_UNSPECIFIED" }, { "name": "UseExistingVersion", "description": "Do not attempt to restore the conflicting resource.", "value": "USE_EXISTING_VERSION" }, { "name": "UseBackupVersion", "description": "Delete the existing version before re-creating it from the Backup. This is a dangerous option which could cause unintentional data loss if used inappropriately. For example, deleting a CRD will cause Kubernetes to delete all CRs of that type.", "value": "USE_BACKUP_VERSION" } ] }, "google-native:gkebackup/v1:RestoreConfigNamespacedResourceRestoreMode": { "description": "Optional. Defines the behavior for handling the situation where sets of namespaced resources being restored already exist in the target cluster. This MUST be set to a value other than NAMESPACED_RESOURCE_RESTORE_MODE_UNSPECIFIED.", "type": "string", "enum": [ { "name": "NamespacedResourceRestoreModeUnspecified", "description": "Unspecified (invalid).", "value": "NAMESPACED_RESOURCE_RESTORE_MODE_UNSPECIFIED" }, { "name": "DeleteAndRestore", "description": "When conflicting top-level resources (either Namespaces or ProtectedApplications, depending upon the scope) are encountered, this will first trigger a delete of the conflicting resource AND ALL OF ITS REFERENCED RESOURCES (e.g., all resources in the Namespace or all resources referenced by the ProtectedApplication) before restoring the resources from the Backup. This mode should only be used when you are intending to revert some portion of a cluster to an earlier state.", "value": "DELETE_AND_RESTORE" }, { "name": "FailOnConflict", "description": "If conflicting top-level resources (either Namespaces or ProtectedApplications, depending upon the scope) are encountered at the beginning of a restore process, the Restore will fail. If a conflict occurs during the restore process itself (e.g., because an out of band process creates conflicting resources), a conflict will be reported.", "value": "FAIL_ON_CONFLICT" } ] }, "google-native:gkebackup/v1:RestoreConfigResponse": { "description": "Configuration of a restore. Next id: 13", "properties": { "allNamespaces": { "type": "boolean", "description": "Restore all namespaced resources in the Backup if set to \"True\". Specifying this field to \"False\" is an error." }, "clusterResourceConflictPolicy": { "type": "string", "description": "Optional. Defines the behavior for handling the situation where cluster-scoped resources being restored already exist in the target cluster. This MUST be set to a value other than CLUSTER_RESOURCE_CONFLICT_POLICY_UNSPECIFIED if cluster_resource_restore_scope is not empty." }, "clusterResourceRestoreScope": { "$ref": "#/types/google-native:gkebackup%2Fv1:ClusterResourceRestoreScopeResponse", "description": "Optional. Identifies the cluster-scoped resources to restore from the Backup. Not specifying it means NO cluster resource will be restored." }, "excludedNamespaces": { "$ref": "#/types/google-native:gkebackup%2Fv1:NamespacesResponse", "description": "A list of selected namespaces excluded from restoration. All namespaces except those in this list will be restored." }, "namespacedResourceRestoreMode": { "type": "string", "description": "Optional. Defines the behavior for handling the situation where sets of namespaced resources being restored already exist in the target cluster. This MUST be set to a value other than NAMESPACED_RESOURCE_RESTORE_MODE_UNSPECIFIED." }, "noNamespaces": { "type": "boolean", "description": "Do not restore any namespaced resources if set to \"True\". Specifying this field to \"False\" is not allowed." }, "selectedApplications": { "$ref": "#/types/google-native:gkebackup%2Fv1:NamespacedNamesResponse", "description": "A list of selected ProtectedApplications to restore. The listed ProtectedApplications and all the resources to which they refer will be restored." }, "selectedNamespaces": { "$ref": "#/types/google-native:gkebackup%2Fv1:NamespacesResponse", "description": "A list of selected Namespaces to restore from the Backup. The listed Namespaces and all resources contained in them will be restored." }, "substitutionRules": { "type": "array", "items": { "$ref": "#/types/google-native:gkebackup%2Fv1:SubstitutionRuleResponse" }, "description": "Optional. A list of transformation rules to be applied against Kubernetes resources as they are selected for restoration from a Backup. Rules are executed in order defined - this order matters, as changes made by a rule may impact the filtering logic of subsequent rules. An empty list means no substitution will occur." }, "transformationRules": { "type": "array", "items": { "$ref": "#/types/google-native:gkebackup%2Fv1:TransformationRuleResponse" }, "description": "Optional. A list of transformation rules to be applied against Kubernetes resources as they are selected for restoration from a Backup. Rules are executed in order defined - this order matters, as changes made by a rule may impact the filtering logic of subsequent rules. An empty list means no transformation will occur." }, "volumeDataRestorePolicy": { "type": "string", "description": "Optional. Specifies the mechanism to be used to restore volume data. Default: VOLUME_DATA_RESTORE_POLICY_UNSPECIFIED (will be treated as NO_VOLUME_DATA_RESTORATION)." } }, "type": "object", "required": [ "allNamespaces", "clusterResourceConflictPolicy", "clusterResourceRestoreScope", "excludedNamespaces", "namespacedResourceRestoreMode", "noNamespaces", "selectedApplications", "selectedNamespaces", "substitutionRules", "transformationRules", "volumeDataRestorePolicy" ] }, "google-native:gkebackup/v1:RestoreConfigVolumeDataRestorePolicy": { "description": "Optional. Specifies the mechanism to be used to restore volume data. Default: VOLUME_DATA_RESTORE_POLICY_UNSPECIFIED (will be treated as NO_VOLUME_DATA_RESTORATION).", "type": "string", "enum": [ { "name": "VolumeDataRestorePolicyUnspecified", "description": "Unspecified (illegal).", "value": "VOLUME_DATA_RESTORE_POLICY_UNSPECIFIED" }, { "name": "RestoreVolumeDataFromBackup", "description": "For each PVC to be restored, create a new underlying volume and PV from the corresponding VolumeBackup contained within the Backup.", "value": "RESTORE_VOLUME_DATA_FROM_BACKUP" }, { "name": "ReuseVolumeHandleFromBackup", "description": "For each PVC to be restored, attempt to reuse the original PV contained in the Backup (with its original underlying volume). This option is likely only usable when restoring a workload to its original cluster.", "value": "REUSE_VOLUME_HANDLE_FROM_BACKUP" }, { "name": "NoVolumeDataRestoration", "description": "For each PVC to be restored, create PVC without any particular action to restore data. In this case, the normal Kubernetes provisioning logic would kick in, and this would likely result in either dynamically provisioning blank PVs or binding to statically provisioned PVs.", "value": "NO_VOLUME_DATA_RESTORATION" } ] }, "google-native:gkebackup/v1:RetentionPolicy": { "description": "RetentionPolicy defines a Backup retention policy for a BackupPlan.", "properties": { "backupDeleteLockDays": { "type": "integer", "description": "Optional. Minimum age for Backups created via this BackupPlan (in days). This field MUST be an integer value between 0-90 (inclusive). A Backup created under this BackupPlan will NOT be deletable until it reaches Backup's (create_time + backup_delete_lock_days). Updating this field of a BackupPlan does NOT affect existing Backups under it. Backups created AFTER a successful update will inherit the new value. Default: 0 (no delete blocking)" }, "backupRetainDays": { "type": "integer", "description": "Optional. The default maximum age of a Backup created via this BackupPlan. This field MUST be an integer value >= 0 and <= 365. If specified, a Backup created under this BackupPlan will be automatically deleted after its age reaches (create_time + backup_retain_days). If not specified, Backups created under this BackupPlan will NOT be subject to automatic deletion. Updating this field does NOT affect existing Backups under it. Backups created AFTER a successful update will automatically pick up the new value. NOTE: backup_retain_days must be >= backup_delete_lock_days. If cron_schedule is defined, then this must be <= 360 * the creation interval. If rpo_config is defined, then this must be <= 360 * target_rpo_minutes / (1440minutes/day). Default: 0 (no automatic deletion)" }, "locked": { "type": "boolean", "description": "Optional. This flag denotes whether the retention policy of this BackupPlan is locked. If set to True, no further update is allowed on this policy, including the `locked` field itself. Default: False" } }, "type": "object" }, "google-native:gkebackup/v1:RetentionPolicyResponse": { "description": "RetentionPolicy defines a Backup retention policy for a BackupPlan.", "properties": { "backupDeleteLockDays": { "type": "integer", "description": "Optional. Minimum age for Backups created via this BackupPlan (in days). This field MUST be an integer value between 0-90 (inclusive). A Backup created under this BackupPlan will NOT be deletable until it reaches Backup's (create_time + backup_delete_lock_days). Updating this field of a BackupPlan does NOT affect existing Backups under it. Backups created AFTER a successful update will inherit the new value. Default: 0 (no delete blocking)" }, "backupRetainDays": { "type": "integer", "description": "Optional. The default maximum age of a Backup created via this BackupPlan. This field MUST be an integer value >= 0 and <= 365. If specified, a Backup created under this BackupPlan will be automatically deleted after its age reaches (create_time + backup_retain_days). If not specified, Backups created under this BackupPlan will NOT be subject to automatic deletion. Updating this field does NOT affect existing Backups under it. Backups created AFTER a successful update will automatically pick up the new value. NOTE: backup_retain_days must be >= backup_delete_lock_days. If cron_schedule is defined, then this must be <= 360 * the creation interval. If rpo_config is defined, then this must be <= 360 * target_rpo_minutes / (1440minutes/day). Default: 0 (no automatic deletion)" }, "locked": { "type": "boolean", "description": "Optional. This flag denotes whether the retention policy of this BackupPlan is locked. If set to True, no further update is allowed on this policy, including the `locked` field itself. Default: False" } }, "type": "object", "required": [ "backupDeleteLockDays", "backupRetainDays", "locked" ] }, "google-native:gkebackup/v1:Schedule": { "description": "Defines scheduling parameters for automatically creating Backups via this BackupPlan.", "properties": { "cronSchedule": { "type": "string", "description": "Optional. A standard [cron](https://wikipedia.com/wiki/cron) string that defines a repeating schedule for creating Backups via this BackupPlan. This is mutually exclusive with the rpo_config field since at most one schedule can be defined for a BackupPlan. If this is defined, then backup_retain_days must also be defined. Default (empty): no automatic backup creation will occur." }, "paused": { "type": "boolean", "description": "Optional. This flag denotes whether automatic Backup creation is paused for this BackupPlan. Default: False" } }, "type": "object" }, "google-native:gkebackup/v1:ScheduleResponse": { "description": "Defines scheduling parameters for automatically creating Backups via this BackupPlan.", "properties": { "cronSchedule": { "type": "string", "description": "Optional. A standard [cron](https://wikipedia.com/wiki/cron) string that defines a repeating schedule for creating Backups via this BackupPlan. This is mutually exclusive with the rpo_config field since at most one schedule can be defined for a BackupPlan. If this is defined, then backup_retain_days must also be defined. Default (empty): no automatic backup creation will occur." }, "paused": { "type": "boolean", "description": "Optional. This flag denotes whether automatic Backup creation is paused for this BackupPlan. Default: False" } }, "type": "object", "required": [ "cronSchedule", "paused" ] }, "google-native:gkebackup/v1:SubstitutionRule": { "description": "A transformation rule to be applied against Kubernetes resources as they are selected for restoration from a Backup. A rule contains both filtering logic (which resources are subject to substitution) and substitution logic.", "properties": { "newValue": { "type": "string", "description": "Optional. This is the new value to set for any fields that pass the filtering and selection criteria. To remove a value from a Kubernetes resource, either leave this field unspecified, or set it to the empty string (\"\")." }, "originalValuePattern": { "type": "string", "description": "Optional. (Filtering parameter) This is a [regular expression] (https://en.wikipedia.org/wiki/Regular_expression) that is compared against the fields matched by the target_json_path expression (and must also have passed the previous filters). Substitution will not be performed against fields whose value does not match this expression. If this field is NOT specified, then ALL fields matched by the target_json_path expression will undergo substitution. Note that an empty (e.g., \"\", rather than unspecified) value for this field will only match empty fields." }, "targetGroupKinds": { "type": "array", "items": { "$ref": "#/types/google-native:gkebackup%2Fv1:GroupKind" }, "description": "Optional. (Filtering parameter) Any resource subject to substitution must belong to one of the listed \"types\". If this field is not provided, no type filtering will be performed (all resources of all types matching previous filtering parameters will be candidates for substitution)." }, "targetJsonPath": { "type": "string", "description": "This is a [JSONPath] (https://kubernetes.io/docs/reference/kubectl/jsonpath/) expression that matches specific fields of candidate resources and it operates as both a filtering parameter (resources that are not matched with this expression will not be candidates for substitution) as well as a field identifier (identifies exactly which fields out of the candidate resources will be modified)." }, "targetNamespaces": { "type": "array", "items": { "type": "string" }, "description": "Optional. (Filtering parameter) Any resource subject to substitution must be contained within one of the listed Kubernetes Namespace in the Backup. If this field is not provided, no namespace filtering will be performed (all resources in all Namespaces, including all cluster-scoped resources, will be candidates for substitution). To mix cluster-scoped and namespaced resources in the same rule, use an empty string (\"\") as one of the target namespaces." } }, "type": "object", "required": [ "targetJsonPath" ] }, "google-native:gkebackup/v1:SubstitutionRuleResponse": { "description": "A transformation rule to be applied against Kubernetes resources as they are selected for restoration from a Backup. A rule contains both filtering logic (which resources are subject to substitution) and substitution logic.", "properties": { "newValue": { "type": "string", "description": "Optional. This is the new value to set for any fields that pass the filtering and selection criteria. To remove a value from a Kubernetes resource, either leave this field unspecified, or set it to the empty string (\"\")." }, "originalValuePattern": { "type": "string", "description": "Optional. (Filtering parameter) This is a [regular expression] (https://en.wikipedia.org/wiki/Regular_expression) that is compared against the fields matched by the target_json_path expression (and must also have passed the previous filters). Substitution will not be performed against fields whose value does not match this expression. If this field is NOT specified, then ALL fields matched by the target_json_path expression will undergo substitution. Note that an empty (e.g., \"\", rather than unspecified) value for this field will only match empty fields." }, "targetGroupKinds": { "type": "array", "items": { "$ref": "#/types/google-native:gkebackup%2Fv1:GroupKindResponse" }, "description": "Optional. (Filtering parameter) Any resource subject to substitution must belong to one of the listed \"types\". If this field is not provided, no type filtering will be performed (all resources of all types matching previous filtering parameters will be candidates for substitution)." }, "targetJsonPath": { "type": "string", "description": "This is a [JSONPath] (https://kubernetes.io/docs/reference/kubectl/jsonpath/) expression that matches specific fields of candidate resources and it operates as both a filtering parameter (resources that are not matched with this expression will not be candidates for substitution) as well as a field identifier (identifies exactly which fields out of the candidate resources will be modified)." }, "targetNamespaces": { "type": "array", "items": { "type": "string" }, "description": "Optional. (Filtering parameter) Any resource subject to substitution must be contained within one of the listed Kubernetes Namespace in the Backup. If this field is not provided, no namespace filtering will be performed (all resources in all Namespaces, including all cluster-scoped resources, will be candidates for substitution). To mix cluster-scoped and namespaced resources in the same rule, use an empty string (\"\") as one of the target namespaces." } }, "type": "object", "required": [ "newValue", "originalValuePattern", "targetGroupKinds", "targetJsonPath", "targetNamespaces" ] }, "google-native:gkebackup/v1:TransformationRule": { "description": "A transformation rule to be applied against Kubernetes resources as they are selected for restoration from a Backup. A rule contains both filtering logic (which resources are subject to transform) and transformation logic.", "properties": { "description": { "type": "string", "description": "Optional. The description is a user specified string description of the transformation rule." }, "fieldActions": { "type": "array", "items": { "$ref": "#/types/google-native:gkebackup%2Fv1:TransformationRuleAction" }, "description": "A list of transformation rule actions to take against candidate resources. Actions are executed in order defined - this order matters, as they could potentially interfere with each other and the first operation could affect the outcome of the second operation." }, "resourceFilter": { "$ref": "#/types/google-native:gkebackup%2Fv1:ResourceFilter", "description": "Optional. This field is used to specify a set of fields that should be used to determine which resources in backup should be acted upon by the supplied transformation rule actions, and this will ensure that only specific resources are affected by transformation rule actions." } }, "type": "object", "required": [ "fieldActions" ] }, "google-native:gkebackup/v1:TransformationRuleAction": { "description": "TransformationRuleAction defines a TransformationRule action based on the JSON Patch RFC (https://www.rfc-editor.org/rfc/rfc6902)", "properties": { "fromPath": { "type": "string", "description": "Optional. A string containing a JSON Pointer value that references the location in the target document to move the value from." }, "op": { "$ref": "#/types/google-native:gkebackup%2Fv1:TransformationRuleActionOp", "description": "op specifies the operation to perform." }, "path": { "type": "string", "description": "Optional. A string containing a JSON-Pointer value that references a location within the target document where the operation is performed." }, "value": { "type": "string", "description": "Optional. A string that specifies the desired value in string format to use for transformation." } }, "type": "object", "required": [ "op" ] }, "google-native:gkebackup/v1:TransformationRuleActionOp": { "description": "Required. op specifies the operation to perform.", "type": "string", "enum": [ { "name": "OpUnspecified", "description": "Unspecified operation", "value": "OP_UNSPECIFIED" }, { "name": "Remove", "description": "The \"remove\" operation removes the value at the target location.", "value": "REMOVE" }, { "name": "Move", "description": "The \"move\" operation removes the value at a specified location and adds it to the target location.", "value": "MOVE" }, { "name": "Copy", "description": "The \"copy\" operation copies the value at a specified location to the target location.", "value": "COPY" }, { "name": "Add", "description": "The \"add\" operation performs one of the following functions, depending upon what the target location references: 1. If the target location specifies an array index, a new value is inserted into the array at the specified index. 2. If the target location specifies an object member that does not already exist, a new member is added to the object. 3. If the target location specifies an object member that does exist, that member's value is replaced.", "value": "ADD" }, { "name": "Test", "description": "The \"test\" operation tests that a value at the target location is equal to a specified value.", "value": "TEST" }, { "name": "Replace", "description": "The \"replace\" operation replaces the value at the target location with a new value. The operation object MUST contain a \"value\" member whose content specifies the replacement value.", "value": "REPLACE" } ] }, "google-native:gkebackup/v1:TransformationRuleActionResponse": { "description": "TransformationRuleAction defines a TransformationRule action based on the JSON Patch RFC (https://www.rfc-editor.org/rfc/rfc6902)", "properties": { "fromPath": { "type": "string", "description": "Optional. A string containing a JSON Pointer value that references the location in the target document to move the value from." }, "op": { "type": "string", "description": "op specifies the operation to perform." }, "path": { "type": "string", "description": "Optional. A string containing a JSON-Pointer value that references a location within the target document where the operation is performed." }, "value": { "type": "string", "description": "Optional. A string that specifies the desired value in string format to use for transformation." } }, "type": "object", "required": [ "fromPath", "op", "path", "value" ] }, "google-native:gkebackup/v1:TransformationRuleResponse": { "description": "A transformation rule to be applied against Kubernetes resources as they are selected for restoration from a Backup. A rule contains both filtering logic (which resources are subject to transform) and transformation logic.", "properties": { "description": { "type": "string", "description": "Optional. The description is a user specified string description of the transformation rule." }, "fieldActions": { "type": "array", "items": { "$ref": "#/types/google-native:gkebackup%2Fv1:TransformationRuleActionResponse" }, "description": "A list of transformation rule actions to take against candidate resources. Actions are executed in order defined - this order matters, as they could potentially interfere with each other and the first operation could affect the outcome of the second operation." }, "resourceFilter": { "$ref": "#/types/google-native:gkebackup%2Fv1:ResourceFilterResponse", "description": "Optional. This field is used to specify a set of fields that should be used to determine which resources in backup should be acted upon by the supplied transformation rule actions, and this will ensure that only specific resources are affected by transformation rule actions." } }, "type": "object", "required": [ "description", "fieldActions", "resourceFilter" ] }, "google-native:gkehub/v1:AppDevExperienceFeatureSpec": { "description": "Spec for App Dev Experience Feature.", "type": "object" }, "google-native:gkehub/v1:AppDevExperienceFeatureSpecResponse": { "description": "Spec for App Dev Experience Feature.", "type": "object" }, "google-native:gkehub/v1:AppDevExperienceFeatureStateResponse": { "description": "State for App Dev Exp Feature.", "properties": { "networkingInstallSucceeded": { "$ref": "#/types/google-native:gkehub%2Fv1:StatusResponse", "description": "Status of subcomponent that detects configured Service Mesh resources." } }, "type": "object", "required": [ "networkingInstallSucceeded" ] }, "google-native:gkehub/v1:ApplianceCluster": { "description": "ApplianceCluster contains information specific to GDC Edge Appliance Clusters.", "properties": { "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the Appliance Cluster. For example: //transferappliance.googleapis.com/projects/my-project/locations/us-west1-a/appliances/my-appliance" } }, "type": "object" }, "google-native:gkehub/v1:ApplianceClusterResponse": { "description": "ApplianceCluster contains information specific to GDC Edge Appliance Clusters.", "properties": { "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the Appliance Cluster. For example: //transferappliance.googleapis.com/projects/my-project/locations/us-west1-a/appliances/my-appliance" } }, "type": "object", "required": [ "resourceLink" ] }, "google-native:gkehub/v1:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:gkehub/v1:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:gkehub/v1:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:gkehub%2Fv1:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:gkehub/v1:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:gkehub/v1:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:gkehub/v1:Authority": { "description": "Authority encodes how Google will recognize identities from this Membership. See the workload identity documentation for more details: https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity", "properties": { "issuer": { "type": "string", "description": "Optional. A JSON Web Token (JWT) issuer URI. `issuer` must start with `https://` and be a valid URL with length <2000 characters, it must use `location` rather than `zone` for GKE clusters. If set, then Google will allow valid OIDC tokens from this issuer to authenticate within the workload_identity_pool. OIDC discovery will be performed on this URI to validate tokens from the issuer. Clearing `issuer` disables Workload Identity. `issuer` cannot be directly modified; it must be cleared (and Workload Identity disabled) before using a new issuer (and re-enabling Workload Identity)." }, "oidcJwks": { "type": "string", "description": "Optional. OIDC verification keys for this Membership in JWKS format (RFC 7517). When this field is set, OIDC discovery will NOT be performed on `issuer`, and instead OIDC tokens will be validated using this field." } }, "type": "object" }, "google-native:gkehub/v1:AuthorityResponse": { "description": "Authority encodes how Google will recognize identities from this Membership. See the workload identity documentation for more details: https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity", "properties": { "identityProvider": { "type": "string", "description": "An identity provider that reflects the `issuer` in the workload identity pool." }, "issuer": { "type": "string", "description": "Optional. A JSON Web Token (JWT) issuer URI. `issuer` must start with `https://` and be a valid URL with length <2000 characters, it must use `location` rather than `zone` for GKE clusters. If set, then Google will allow valid OIDC tokens from this issuer to authenticate within the workload_identity_pool. OIDC discovery will be performed on this URI to validate tokens from the issuer. Clearing `issuer` disables Workload Identity. `issuer` cannot be directly modified; it must be cleared (and Workload Identity disabled) before using a new issuer (and re-enabling Workload Identity)." }, "oidcJwks": { "type": "string", "description": "Optional. OIDC verification keys for this Membership in JWKS format (RFC 7517). When this field is set, OIDC discovery will NOT be performed on `issuer`, and instead OIDC tokens will be validated using this field." }, "workloadIdentityPool": { "type": "string", "description": "The name of the workload identity pool in which `issuer` will be recognized. There is a single Workload Identity Pool per Hub that is shared between all Memberships that belong to that Hub. For a Hub hosted in {PROJECT_ID}, the workload pool format is `{PROJECT_ID}.hub.id.goog`, although this is subject to change in newer versions of this API." } }, "type": "object", "required": [ "identityProvider", "issuer", "oidcJwks", "workloadIdentityPool" ] }, "google-native:gkehub/v1:BinaryAuthorizationConfig": { "description": "BinaryAuthorizationConfig defines the fleet level configuration of binary authorization feature.", "properties": { "evaluationMode": { "$ref": "#/types/google-native:gkehub%2Fv1:BinaryAuthorizationConfigEvaluationMode", "description": "Optional. Mode of operation for binauthz policy evaluation." }, "policyBindings": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1:PolicyBinding" }, "description": "Optional. Binauthz policies that apply to this cluster." } }, "type": "object" }, "google-native:gkehub/v1:BinaryAuthorizationConfigEvaluationMode": { "description": "Optional. Mode of operation for binauthz policy evaluation.", "type": "string", "enum": [ { "name": "EvaluationModeUnspecified", "description": "Default value", "value": "EVALUATION_MODE_UNSPECIFIED" }, { "name": "Disabled", "description": "Disable BinaryAuthorization", "value": "DISABLED" }, { "name": "PolicyBindings", "description": "Use Binary Authorization with the policies specified in policy_bindings.", "value": "POLICY_BINDINGS" } ] }, "google-native:gkehub/v1:BinaryAuthorizationConfigResponse": { "description": "BinaryAuthorizationConfig defines the fleet level configuration of binary authorization feature.", "properties": { "evaluationMode": { "type": "string", "description": "Optional. Mode of operation for binauthz policy evaluation." }, "policyBindings": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1:PolicyBindingResponse" }, "description": "Optional. Binauthz policies that apply to this cluster." } }, "type": "object", "required": [ "evaluationMode", "policyBindings" ] }, "google-native:gkehub/v1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:gkehub%2Fv1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:gkehub/v1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:gkehub%2Fv1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:gkehub/v1:ClusterUpgradeFleetSpec": { "description": "**ClusterUpgrade**: The configuration for the fleet-level ClusterUpgrade feature.", "properties": { "gkeUpgradeOverrides": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1:ClusterUpgradeGKEUpgradeOverride" }, "description": "Allow users to override some properties of each GKE upgrade." }, "postConditions": { "$ref": "#/types/google-native:gkehub%2Fv1:ClusterUpgradePostConditions", "description": "Post conditions to evaluate to mark an upgrade COMPLETE. Required." }, "upstreamFleets": { "type": "array", "items": { "type": "string" }, "description": "This fleet consumes upgrades that have COMPLETE status code in the upstream fleets. See UpgradeStatus.Code for code definitions. The fleet name should be either fleet project number or id. This is defined as repeated for future proof reasons. Initial implementation will enforce at most one upstream fleet." } }, "type": "object", "required": [ "postConditions" ] }, "google-native:gkehub/v1:ClusterUpgradeFleetSpecResponse": { "description": "**ClusterUpgrade**: The configuration for the fleet-level ClusterUpgrade feature.", "properties": { "gkeUpgradeOverrides": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1:ClusterUpgradeGKEUpgradeOverrideResponse" }, "description": "Allow users to override some properties of each GKE upgrade." }, "postConditions": { "$ref": "#/types/google-native:gkehub%2Fv1:ClusterUpgradePostConditionsResponse", "description": "Post conditions to evaluate to mark an upgrade COMPLETE. Required." }, "upstreamFleets": { "type": "array", "items": { "type": "string" }, "description": "This fleet consumes upgrades that have COMPLETE status code in the upstream fleets. See UpgradeStatus.Code for code definitions. The fleet name should be either fleet project number or id. This is defined as repeated for future proof reasons. Initial implementation will enforce at most one upstream fleet." } }, "type": "object", "required": [ "gkeUpgradeOverrides", "postConditions", "upstreamFleets" ] }, "google-native:gkehub/v1:ClusterUpgradeFleetStateResponse": { "description": "**ClusterUpgrade**: The state for the fleet-level ClusterUpgrade feature.", "properties": { "downstreamFleets": { "type": "array", "items": { "type": "string" }, "description": "This fleets whose upstream_fleets contain the current fleet. The fleet name should be either fleet project number or id." }, "gkeState": { "$ref": "#/types/google-native:gkehub%2Fv1:ClusterUpgradeGKEUpgradeFeatureStateResponse", "description": "Feature state for GKE clusters." }, "ignored": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A list of memberships ignored by the feature. For example, manually upgraded clusters can be ignored if they are newer than the default versions of its release channel. The membership resource is in the format: `projects/{p}/locations/{l}/membership/{m}`." } }, "type": "object", "required": [ "downstreamFleets", "gkeState", "ignored" ] }, "google-native:gkehub/v1:ClusterUpgradeGKEUpgrade": { "description": "GKEUpgrade represents a GKE provided upgrade, e.g., control plane upgrade.", "properties": { "name": { "type": "string", "description": "Name of the upgrade, e.g., \"k8s_control_plane\". It should be a valid upgrade name. It must not exceet 99 characters." }, "version": { "type": "string", "description": "Version of the upgrade, e.g., \"1.22.1-gke.100\". It should be a valid version. It must not exceet 99 characters." } }, "type": "object" }, "google-native:gkehub/v1:ClusterUpgradeGKEUpgradeFeatureConditionResponse": { "description": "GKEUpgradeFeatureCondition describes the condition of the feature for GKE clusters at a certain point of time.", "properties": { "reason": { "type": "string", "description": "Reason why the feature is in this status." }, "status": { "type": "string", "description": "Status of the condition, one of True, False, Unknown." }, "type": { "type": "string", "description": "Type of the condition, for example, \"ready\"." }, "updateTime": { "type": "string", "description": "Last timestamp the condition was updated." } }, "type": "object", "required": [ "reason", "status", "type", "updateTime" ] }, "google-native:gkehub/v1:ClusterUpgradeGKEUpgradeFeatureStateResponse": { "description": "GKEUpgradeFeatureState contains feature states for GKE clusters in the scope.", "properties": { "conditions": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1:ClusterUpgradeGKEUpgradeFeatureConditionResponse" }, "description": "Current conditions of the feature." }, "upgradeState": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1:ClusterUpgradeGKEUpgradeStateResponse" }, "description": "Upgrade state. It will eventually replace `state`." } }, "type": "object", "required": [ "conditions", "upgradeState" ] }, "google-native:gkehub/v1:ClusterUpgradeGKEUpgradeOverride": { "description": "Properties of a GKE upgrade that can be overridden by the user. For example, a user can skip soaking by overriding the soaking to 0.", "properties": { "postConditions": { "$ref": "#/types/google-native:gkehub%2Fv1:ClusterUpgradePostConditions", "description": "Post conditions to override for the specified upgrade (name + version). Required." }, "upgrade": { "$ref": "#/types/google-native:gkehub%2Fv1:ClusterUpgradeGKEUpgrade", "description": "Which upgrade to override. Required." } }, "type": "object", "required": [ "postConditions", "upgrade" ] }, "google-native:gkehub/v1:ClusterUpgradeGKEUpgradeOverrideResponse": { "description": "Properties of a GKE upgrade that can be overridden by the user. For example, a user can skip soaking by overriding the soaking to 0.", "properties": { "postConditions": { "$ref": "#/types/google-native:gkehub%2Fv1:ClusterUpgradePostConditionsResponse", "description": "Post conditions to override for the specified upgrade (name + version). Required." }, "upgrade": { "$ref": "#/types/google-native:gkehub%2Fv1:ClusterUpgradeGKEUpgradeResponse", "description": "Which upgrade to override. Required." } }, "type": "object", "required": [ "postConditions", "upgrade" ] }, "google-native:gkehub/v1:ClusterUpgradeGKEUpgradeResponse": { "description": "GKEUpgrade represents a GKE provided upgrade, e.g., control plane upgrade.", "properties": { "name": { "type": "string", "description": "Name of the upgrade, e.g., \"k8s_control_plane\". It should be a valid upgrade name. It must not exceet 99 characters." }, "version": { "type": "string", "description": "Version of the upgrade, e.g., \"1.22.1-gke.100\". It should be a valid version. It must not exceet 99 characters." } }, "type": "object", "required": [ "name", "version" ] }, "google-native:gkehub/v1:ClusterUpgradeGKEUpgradeStateResponse": { "description": "GKEUpgradeState is a GKEUpgrade and its state at the scope and fleet level.", "properties": { "stats": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Number of GKE clusters in each status code." }, "status": { "$ref": "#/types/google-native:gkehub%2Fv1:ClusterUpgradeUpgradeStatusResponse", "description": "Status of the upgrade." }, "upgrade": { "$ref": "#/types/google-native:gkehub%2Fv1:ClusterUpgradeGKEUpgradeResponse", "description": "Which upgrade to track the state." } }, "type": "object", "required": [ "stats", "status", "upgrade" ] }, "google-native:gkehub/v1:ClusterUpgradePostConditions": { "description": "Post conditional checks after an upgrade has been applied on all eligible clusters.", "properties": { "soaking": { "type": "string", "description": "Amount of time to \"soak\" after a rollout has been finished before marking it COMPLETE. Cannot exceed 30 days. Required." } }, "type": "object", "required": [ "soaking" ] }, "google-native:gkehub/v1:ClusterUpgradePostConditionsResponse": { "description": "Post conditional checks after an upgrade has been applied on all eligible clusters.", "properties": { "soaking": { "type": "string", "description": "Amount of time to \"soak\" after a rollout has been finished before marking it COMPLETE. Cannot exceed 30 days. Required." } }, "type": "object", "required": [ "soaking" ] }, "google-native:gkehub/v1:ClusterUpgradeUpgradeStatusResponse": { "description": "UpgradeStatus provides status information for each upgrade.", "properties": { "code": { "type": "string", "description": "Status code of the upgrade." }, "reason": { "type": "string", "description": "Reason for this status." }, "updateTime": { "type": "string", "description": "Last timestamp the status was updated." } }, "type": "object", "required": [ "code", "reason", "updateTime" ] }, "google-native:gkehub/v1:CommonFeatureSpec": { "description": "CommonFeatureSpec contains Hub-wide configuration information", "properties": { "appdevexperience": { "$ref": "#/types/google-native:gkehub%2Fv1:AppDevExperienceFeatureSpec", "description": "Appdevexperience specific spec." }, "clusterupgrade": { "$ref": "#/types/google-native:gkehub%2Fv1:ClusterUpgradeFleetSpec", "description": "ClusterUpgrade (fleet-based) feature spec." }, "fleetobservability": { "$ref": "#/types/google-native:gkehub%2Fv1:FleetObservabilityFeatureSpec", "description": "FleetObservability feature spec." }, "multiclusteringress": { "$ref": "#/types/google-native:gkehub%2Fv1:MultiClusterIngressFeatureSpec", "description": "Multicluster Ingress-specific spec." } }, "type": "object" }, "google-native:gkehub/v1:CommonFeatureSpecResponse": { "description": "CommonFeatureSpec contains Hub-wide configuration information", "properties": { "appdevexperience": { "$ref": "#/types/google-native:gkehub%2Fv1:AppDevExperienceFeatureSpecResponse", "description": "Appdevexperience specific spec." }, "clusterupgrade": { "$ref": "#/types/google-native:gkehub%2Fv1:ClusterUpgradeFleetSpecResponse", "description": "ClusterUpgrade (fleet-based) feature spec." }, "fleetobservability": { "$ref": "#/types/google-native:gkehub%2Fv1:FleetObservabilityFeatureSpecResponse", "description": "FleetObservability feature spec." }, "multiclusteringress": { "$ref": "#/types/google-native:gkehub%2Fv1:MultiClusterIngressFeatureSpecResponse", "description": "Multicluster Ingress-specific spec." } }, "type": "object", "required": [ "appdevexperience", "clusterupgrade", "fleetobservability", "multiclusteringress" ] }, "google-native:gkehub/v1:CommonFeatureStateResponse": { "description": "CommonFeatureState contains Hub-wide Feature status information.", "properties": { "appdevexperience": { "$ref": "#/types/google-native:gkehub%2Fv1:AppDevExperienceFeatureStateResponse", "description": "Appdevexperience specific state." }, "clusterupgrade": { "$ref": "#/types/google-native:gkehub%2Fv1:ClusterUpgradeFleetStateResponse", "description": "ClusterUpgrade fleet-level state." }, "fleetobservability": { "$ref": "#/types/google-native:gkehub%2Fv1:FleetObservabilityFeatureStateResponse", "description": "FleetObservability feature state." }, "state": { "$ref": "#/types/google-native:gkehub%2Fv1:FeatureStateResponse", "description": "The \"running state\" of the Feature in this Hub." } }, "type": "object", "required": [ "appdevexperience", "clusterupgrade", "fleetobservability", "state" ] }, "google-native:gkehub/v1:CommonFleetDefaultMemberConfigSpec": { "description": "CommonFleetDefaultMemberConfigSpec contains default configuration information for memberships of a fleet", "properties": { "configmanagement": { "$ref": "#/types/google-native:gkehub%2Fv1:ConfigManagementMembershipSpec", "description": "Config Management-specific spec." }, "identityservice": { "$ref": "#/types/google-native:gkehub%2Fv1:IdentityServiceMembershipSpec", "description": "Identity Service-specific spec." }, "mesh": { "$ref": "#/types/google-native:gkehub%2Fv1:ServiceMeshMembershipSpec", "description": "Anthos Service Mesh-specific spec" }, "policycontroller": { "$ref": "#/types/google-native:gkehub%2Fv1:PolicyControllerMembershipSpec", "description": "Policy Controller spec." } }, "type": "object" }, "google-native:gkehub/v1:CommonFleetDefaultMemberConfigSpecResponse": { "description": "CommonFleetDefaultMemberConfigSpec contains default configuration information for memberships of a fleet", "properties": { "configmanagement": { "$ref": "#/types/google-native:gkehub%2Fv1:ConfigManagementMembershipSpecResponse", "description": "Config Management-specific spec." }, "identityservice": { "$ref": "#/types/google-native:gkehub%2Fv1:IdentityServiceMembershipSpecResponse", "description": "Identity Service-specific spec." }, "mesh": { "$ref": "#/types/google-native:gkehub%2Fv1:ServiceMeshMembershipSpecResponse", "description": "Anthos Service Mesh-specific spec" }, "policycontroller": { "$ref": "#/types/google-native:gkehub%2Fv1:PolicyControllerMembershipSpecResponse", "description": "Policy Controller spec." } }, "type": "object", "required": [ "configmanagement", "identityservice", "mesh", "policycontroller" ] }, "google-native:gkehub/v1:ConfigManagementConfigSync": { "description": "Configuration for Config Sync", "properties": { "allowVerticalScale": { "type": "boolean", "description": "Set to true to allow the vertical scaling. Defaults to false which disallows vertical scaling. This field is deprecated.", "deprecationMessage": "Set to true to allow the vertical scaling. Defaults to false which disallows vertical scaling. This field is deprecated." }, "enabled": { "type": "boolean", "description": "Enables the installation of ConfigSync. If set to true, ConfigSync resources will be created and the other ConfigSync fields will be applied if exist. If set to false, all other ConfigSync fields will be ignored, ConfigSync resources will be deleted. If omitted, ConfigSync resources will be managed depends on the presence of the git or oci field." }, "git": { "$ref": "#/types/google-native:gkehub%2Fv1:ConfigManagementGitConfig", "description": "Git repo configuration for the cluster." }, "metricsGcpServiceAccountEmail": { "type": "string", "description": "The Email of the Google Cloud Service Account (GSA) used for exporting Config Sync metrics to Cloud Monitoring and Cloud Monarch when Workload Identity is enabled. The GSA should have the Monitoring Metric Writer (roles/monitoring.metricWriter) IAM role. The Kubernetes ServiceAccount `default` in the namespace `config-management-monitoring` should be bound to the GSA. This field is required when automatic Feature management is enabled." }, "oci": { "$ref": "#/types/google-native:gkehub%2Fv1:ConfigManagementOciConfig", "description": "OCI repo configuration for the cluster" }, "preventDrift": { "type": "boolean", "description": "Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts." }, "sourceFormat": { "type": "string", "description": "Specifies whether the Config Sync Repo is in \"hierarchical\" or \"unstructured\" mode." } }, "type": "object" }, "google-native:gkehub/v1:ConfigManagementConfigSyncResponse": { "description": "Configuration for Config Sync", "properties": { "allowVerticalScale": { "type": "boolean", "description": "Set to true to allow the vertical scaling. Defaults to false which disallows vertical scaling. This field is deprecated.", "deprecationMessage": "Set to true to allow the vertical scaling. Defaults to false which disallows vertical scaling. This field is deprecated." }, "enabled": { "type": "boolean", "description": "Enables the installation of ConfigSync. If set to true, ConfigSync resources will be created and the other ConfigSync fields will be applied if exist. If set to false, all other ConfigSync fields will be ignored, ConfigSync resources will be deleted. If omitted, ConfigSync resources will be managed depends on the presence of the git or oci field." }, "git": { "$ref": "#/types/google-native:gkehub%2Fv1:ConfigManagementGitConfigResponse", "description": "Git repo configuration for the cluster." }, "metricsGcpServiceAccountEmail": { "type": "string", "description": "The Email of the Google Cloud Service Account (GSA) used for exporting Config Sync metrics to Cloud Monitoring and Cloud Monarch when Workload Identity is enabled. The GSA should have the Monitoring Metric Writer (roles/monitoring.metricWriter) IAM role. The Kubernetes ServiceAccount `default` in the namespace `config-management-monitoring` should be bound to the GSA. This field is required when automatic Feature management is enabled." }, "oci": { "$ref": "#/types/google-native:gkehub%2Fv1:ConfigManagementOciConfigResponse", "description": "OCI repo configuration for the cluster" }, "preventDrift": { "type": "boolean", "description": "Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts." }, "sourceFormat": { "type": "string", "description": "Specifies whether the Config Sync Repo is in \"hierarchical\" or \"unstructured\" mode." } }, "type": "object", "required": [ "allowVerticalScale", "enabled", "git", "metricsGcpServiceAccountEmail", "oci", "preventDrift", "sourceFormat" ] }, "google-native:gkehub/v1:ConfigManagementGitConfig": { "description": "Git repo configuration for a single cluster.", "properties": { "gcpServiceAccountEmail": { "type": "string", "description": "The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount." }, "httpsProxy": { "type": "string", "description": "URL for the HTTPS proxy to be used when communicating with the Git repo." }, "policyDir": { "type": "string", "description": "The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository." }, "secretType": { "type": "string", "description": "Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required." }, "syncBranch": { "type": "string", "description": "The branch of the repository to sync from. Default: master." }, "syncRepo": { "type": "string", "description": "The URL of the Git repository to use as the source of truth." }, "syncRev": { "type": "string", "description": "Git revision (tag or hash) to check out. Default HEAD." }, "syncWaitSecs": { "type": "string", "description": "Period in seconds between consecutive syncs. Default: 15." } }, "type": "object" }, "google-native:gkehub/v1:ConfigManagementGitConfigResponse": { "description": "Git repo configuration for a single cluster.", "properties": { "gcpServiceAccountEmail": { "type": "string", "description": "The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount." }, "httpsProxy": { "type": "string", "description": "URL for the HTTPS proxy to be used when communicating with the Git repo." }, "policyDir": { "type": "string", "description": "The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository." }, "secretType": { "type": "string", "description": "Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required." }, "syncBranch": { "type": "string", "description": "The branch of the repository to sync from. Default: master." }, "syncRepo": { "type": "string", "description": "The URL of the Git repository to use as the source of truth." }, "syncRev": { "type": "string", "description": "Git revision (tag or hash) to check out. Default HEAD." }, "syncWaitSecs": { "type": "string", "description": "Period in seconds between consecutive syncs. Default: 15." } }, "type": "object", "required": [ "gcpServiceAccountEmail", "httpsProxy", "policyDir", "secretType", "syncBranch", "syncRepo", "syncRev", "syncWaitSecs" ] }, "google-native:gkehub/v1:ConfigManagementHierarchyControllerConfig": { "description": "Configuration for Hierarchy Controller", "properties": { "enableHierarchicalResourceQuota": { "type": "boolean", "description": "Whether hierarchical resource quota is enabled in this cluster." }, "enablePodTreeLabels": { "type": "boolean", "description": "Whether pod tree labels are enabled in this cluster." }, "enabled": { "type": "boolean", "description": "Whether Hierarchy Controller is enabled in this cluster." } }, "type": "object" }, "google-native:gkehub/v1:ConfigManagementHierarchyControllerConfigResponse": { "description": "Configuration for Hierarchy Controller", "properties": { "enableHierarchicalResourceQuota": { "type": "boolean", "description": "Whether hierarchical resource quota is enabled in this cluster." }, "enablePodTreeLabels": { "type": "boolean", "description": "Whether pod tree labels are enabled in this cluster." }, "enabled": { "type": "boolean", "description": "Whether Hierarchy Controller is enabled in this cluster." } }, "type": "object", "required": [ "enableHierarchicalResourceQuota", "enablePodTreeLabels", "enabled" ] }, "google-native:gkehub/v1:ConfigManagementMembershipSpec": { "description": "**Anthos Config Management**: Configuration for a single cluster. Intended to parallel the ConfigManagement CR.", "properties": { "cluster": { "type": "string", "description": "The user-specified cluster name used by Config Sync cluster-name-selector annotation or ClusterSelector, for applying configs to only a subset of clusters. Omit this field if the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector. Set this field if a name different from the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector." }, "configSync": { "$ref": "#/types/google-native:gkehub%2Fv1:ConfigManagementConfigSync", "description": "Config Sync configuration for the cluster." }, "hierarchyController": { "$ref": "#/types/google-native:gkehub%2Fv1:ConfigManagementHierarchyControllerConfig", "description": "Hierarchy Controller configuration for the cluster." }, "policyController": { "$ref": "#/types/google-native:gkehub%2Fv1:ConfigManagementPolicyController", "description": "Policy Controller configuration for the cluster." }, "version": { "type": "string", "description": "Version of ACM installed." } }, "type": "object" }, "google-native:gkehub/v1:ConfigManagementMembershipSpecResponse": { "description": "**Anthos Config Management**: Configuration for a single cluster. Intended to parallel the ConfigManagement CR.", "properties": { "cluster": { "type": "string", "description": "The user-specified cluster name used by Config Sync cluster-name-selector annotation or ClusterSelector, for applying configs to only a subset of clusters. Omit this field if the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector. Set this field if a name different from the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector." }, "configSync": { "$ref": "#/types/google-native:gkehub%2Fv1:ConfigManagementConfigSyncResponse", "description": "Config Sync configuration for the cluster." }, "hierarchyController": { "$ref": "#/types/google-native:gkehub%2Fv1:ConfigManagementHierarchyControllerConfigResponse", "description": "Hierarchy Controller configuration for the cluster." }, "policyController": { "$ref": "#/types/google-native:gkehub%2Fv1:ConfigManagementPolicyControllerResponse", "description": "Policy Controller configuration for the cluster." }, "version": { "type": "string", "description": "Version of ACM installed." } }, "type": "object", "required": [ "cluster", "configSync", "hierarchyController", "policyController", "version" ] }, "google-native:gkehub/v1:ConfigManagementOciConfig": { "description": "OCI repo configuration for a single cluster", "properties": { "gcpServiceAccountEmail": { "type": "string", "description": "The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount." }, "policyDir": { "type": "string", "description": "The absolute path of the directory that contains the local resources. Default: the root directory of the image." }, "secretType": { "type": "string", "description": "Type of secret configured for access to the Git repo." }, "syncRepo": { "type": "string", "description": "The OCI image repository URL for the package to sync from. e.g. `LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME`." }, "syncWaitSecs": { "type": "string", "description": "Period in seconds between consecutive syncs. Default: 15." } }, "type": "object" }, "google-native:gkehub/v1:ConfigManagementOciConfigResponse": { "description": "OCI repo configuration for a single cluster", "properties": { "gcpServiceAccountEmail": { "type": "string", "description": "The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount." }, "policyDir": { "type": "string", "description": "The absolute path of the directory that contains the local resources. Default: the root directory of the image." }, "secretType": { "type": "string", "description": "Type of secret configured for access to the Git repo." }, "syncRepo": { "type": "string", "description": "The OCI image repository URL for the package to sync from. e.g. `LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME`." }, "syncWaitSecs": { "type": "string", "description": "Period in seconds between consecutive syncs. Default: 15." } }, "type": "object", "required": [ "gcpServiceAccountEmail", "policyDir", "secretType", "syncRepo", "syncWaitSecs" ] }, "google-native:gkehub/v1:ConfigManagementPolicyController": { "description": "Configuration for Policy Controller", "properties": { "auditIntervalSeconds": { "type": "string", "description": "Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether." }, "enabled": { "type": "boolean", "description": "Enables the installation of Policy Controller. If false, the rest of PolicyController fields take no effect." }, "exemptableNamespaces": { "type": "array", "items": { "type": "string" }, "description": "The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster." }, "logDeniesEnabled": { "type": "boolean", "description": "Logs all denies and dry run failures." }, "monitoring": { "$ref": "#/types/google-native:gkehub%2Fv1:ConfigManagementPolicyControllerMonitoring", "description": "Monitoring specifies the configuration of monitoring." }, "mutationEnabled": { "type": "boolean", "description": "Enable or disable mutation in policy controller. If true, mutation CRDs, webhook and controller deployment will be deployed to the cluster." }, "referentialRulesEnabled": { "type": "boolean", "description": "Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated." }, "templateLibraryInstalled": { "type": "boolean", "description": "Installs the default template library along with Policy Controller." } }, "type": "object" }, "google-native:gkehub/v1:ConfigManagementPolicyControllerMonitoring": { "description": "PolicyControllerMonitoring specifies the backends Policy Controller should export metrics to. For example, to specify metrics should be exported to Cloud Monitoring and Prometheus, specify backends: [\"cloudmonitoring\", \"prometheus\"]", "properties": { "backends": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1:ConfigManagementPolicyControllerMonitoringBackendsItem" }, "description": "Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export." } }, "type": "object" }, "google-native:gkehub/v1:ConfigManagementPolicyControllerMonitoringBackendsItem": { "type": "string", "enum": [ { "name": "MonitoringBackendUnspecified", "description": "Backend cannot be determined", "value": "MONITORING_BACKEND_UNSPECIFIED" }, { "name": "Prometheus", "description": "Prometheus backend for monitoring", "value": "PROMETHEUS" }, { "name": "CloudMonitoring", "description": "Stackdriver/Cloud Monitoring backend for monitoring", "value": "CLOUD_MONITORING" } ] }, "google-native:gkehub/v1:ConfigManagementPolicyControllerMonitoringResponse": { "description": "PolicyControllerMonitoring specifies the backends Policy Controller should export metrics to. For example, to specify metrics should be exported to Cloud Monitoring and Prometheus, specify backends: [\"cloudmonitoring\", \"prometheus\"]", "properties": { "backends": { "type": "array", "items": { "type": "string" }, "description": "Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export." } }, "type": "object", "required": [ "backends" ] }, "google-native:gkehub/v1:ConfigManagementPolicyControllerResponse": { "description": "Configuration for Policy Controller", "properties": { "auditIntervalSeconds": { "type": "string", "description": "Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether." }, "enabled": { "type": "boolean", "description": "Enables the installation of Policy Controller. If false, the rest of PolicyController fields take no effect." }, "exemptableNamespaces": { "type": "array", "items": { "type": "string" }, "description": "The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster." }, "logDeniesEnabled": { "type": "boolean", "description": "Logs all denies and dry run failures." }, "monitoring": { "$ref": "#/types/google-native:gkehub%2Fv1:ConfigManagementPolicyControllerMonitoringResponse", "description": "Monitoring specifies the configuration of monitoring." }, "mutationEnabled": { "type": "boolean", "description": "Enable or disable mutation in policy controller. If true, mutation CRDs, webhook and controller deployment will be deployed to the cluster." }, "referentialRulesEnabled": { "type": "boolean", "description": "Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated." }, "templateLibraryInstalled": { "type": "boolean", "description": "Installs the default template library along with Policy Controller." }, "updateTime": { "type": "string", "description": "Last time this membership spec was updated." } }, "type": "object", "required": [ "auditIntervalSeconds", "enabled", "exemptableNamespaces", "logDeniesEnabled", "monitoring", "mutationEnabled", "referentialRulesEnabled", "templateLibraryInstalled", "updateTime" ] }, "google-native:gkehub/v1:DefaultClusterConfig": { "description": "DefaultClusterConfig describes the default cluster configurations to be applied to all clusters born-in-fleet.", "properties": { "binaryAuthorizationConfig": { "$ref": "#/types/google-native:gkehub%2Fv1:BinaryAuthorizationConfig", "description": "Optional. Enable/Disable binary authorization features for the cluster." }, "securityPostureConfig": { "$ref": "#/types/google-native:gkehub%2Fv1:SecurityPostureConfig", "description": "Enable/Disable Security Posture features for the cluster." } }, "type": "object" }, "google-native:gkehub/v1:DefaultClusterConfigResponse": { "description": "DefaultClusterConfig describes the default cluster configurations to be applied to all clusters born-in-fleet.", "properties": { "binaryAuthorizationConfig": { "$ref": "#/types/google-native:gkehub%2Fv1:BinaryAuthorizationConfigResponse", "description": "Optional. Enable/Disable binary authorization features for the cluster." }, "securityPostureConfig": { "$ref": "#/types/google-native:gkehub%2Fv1:SecurityPostureConfigResponse", "description": "Enable/Disable Security Posture features for the cluster." } }, "type": "object", "required": [ "binaryAuthorizationConfig", "securityPostureConfig" ] }, "google-native:gkehub/v1:EdgeCluster": { "description": "EdgeCluster contains information specific to Google Edge Clusters.", "properties": { "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the Edge Cluster. For example: //edgecontainer.googleapis.com/projects/my-project/locations/us-west1-a/clusters/my-cluster" } }, "type": "object" }, "google-native:gkehub/v1:EdgeClusterResponse": { "description": "EdgeCluster contains information specific to Google Edge Clusters.", "properties": { "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the Edge Cluster. For example: //edgecontainer.googleapis.com/projects/my-project/locations/us-west1-a/clusters/my-cluster" } }, "type": "object", "required": [ "resourceLink" ] }, "google-native:gkehub/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:gkehub/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:gkehub/v1:FeatureResourceStateResponse": { "description": "FeatureResourceState describes the state of a Feature *resource* in the GkeHub API. See `FeatureState` for the \"running state\" of the Feature in the Hub and across Memberships.", "properties": { "state": { "type": "string", "description": "The current state of the Feature resource in the Hub API." } }, "type": "object", "required": [ "state" ] }, "google-native:gkehub/v1:FeatureStateResponse": { "description": "FeatureState describes the high-level state of a Feature. It may be used to describe a Feature's state at the environ-level, or per-membershop, depending on the context.", "properties": { "code": { "type": "string", "description": "The high-level, machine-readable status of this Feature." }, "description": { "type": "string", "description": "A human-readable description of the current status." }, "updateTime": { "type": "string", "description": "The time this status and any related Feature-specific details were updated." } }, "type": "object", "required": [ "code", "description", "updateTime" ] }, "google-native:gkehub/v1:FleetLifecycleStateResponse": { "description": "FleetLifecycleState describes the state of a Fleet resource.", "properties": { "code": { "type": "string", "description": "The current state of the Fleet resource." } }, "type": "object", "required": [ "code" ] }, "google-native:gkehub/v1:FleetObservabilityFeatureErrorResponse": { "description": "All error details of the fleet observability feature.", "properties": { "code": { "type": "string", "description": "The code of the error." }, "description": { "type": "string", "description": "A human-readable description of the current status." } }, "type": "object", "required": [ "code", "description" ] }, "google-native:gkehub/v1:FleetObservabilityFeatureSpec": { "description": "**Fleet Observability**: The Hub-wide input for the FleetObservability feature.", "properties": { "loggingConfig": { "$ref": "#/types/google-native:gkehub%2Fv1:FleetObservabilityLoggingConfig", "description": "Specified if fleet logging feature is enabled for the entire fleet. If UNSPECIFIED, fleet logging feature is disabled for the entire fleet." } }, "type": "object" }, "google-native:gkehub/v1:FleetObservabilityFeatureSpecResponse": { "description": "**Fleet Observability**: The Hub-wide input for the FleetObservability feature.", "properties": { "loggingConfig": { "$ref": "#/types/google-native:gkehub%2Fv1:FleetObservabilityLoggingConfigResponse", "description": "Specified if fleet logging feature is enabled for the entire fleet. If UNSPECIFIED, fleet logging feature is disabled for the entire fleet." } }, "type": "object", "required": [ "loggingConfig" ] }, "google-native:gkehub/v1:FleetObservabilityFeatureStateResponse": { "description": "**FleetObservability**: Hub-wide Feature for FleetObservability feature. state.", "properties": { "logging": { "$ref": "#/types/google-native:gkehub%2Fv1:FleetObservabilityFleetObservabilityLoggingStateResponse", "description": "The feature state of default logging." }, "monitoring": { "$ref": "#/types/google-native:gkehub%2Fv1:FleetObservabilityFleetObservabilityMonitoringStateResponse", "description": "The feature state of fleet monitoring." } }, "type": "object", "required": [ "logging", "monitoring" ] }, "google-native:gkehub/v1:FleetObservabilityFleetObservabilityBaseFeatureStateResponse": { "description": "Base state for fleet observability feature.", "properties": { "code": { "type": "string", "description": "The high-level, machine-readable status of this Feature." }, "errors": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1:FleetObservabilityFeatureErrorResponse" }, "description": "Errors after reconciling the monitoring and logging feature if the code is not OK." } }, "type": "object", "required": [ "code", "errors" ] }, "google-native:gkehub/v1:FleetObservabilityFleetObservabilityLoggingStateResponse": { "description": "Feature state for logging feature.", "properties": { "defaultLog": { "$ref": "#/types/google-native:gkehub%2Fv1:FleetObservabilityFleetObservabilityBaseFeatureStateResponse", "description": "The base feature state of fleet default log." }, "scopeLog": { "$ref": "#/types/google-native:gkehub%2Fv1:FleetObservabilityFleetObservabilityBaseFeatureStateResponse", "description": "The base feature state of fleet scope log." } }, "type": "object", "required": [ "defaultLog", "scopeLog" ] }, "google-native:gkehub/v1:FleetObservabilityFleetObservabilityMonitoringStateResponse": { "description": "Feature state for monitoring feature.", "properties": { "state": { "$ref": "#/types/google-native:gkehub%2Fv1:FleetObservabilityFleetObservabilityBaseFeatureStateResponse", "description": "The base feature state of fleet monitoring feature." } }, "type": "object", "required": [ "state" ] }, "google-native:gkehub/v1:FleetObservabilityLoggingConfig": { "description": "LoggingConfig defines the configuration for different types of logs.", "properties": { "defaultConfig": { "$ref": "#/types/google-native:gkehub%2Fv1:FleetObservabilityRoutingConfig", "description": "Specified if applying the default routing config to logs not specified in other configs." }, "fleetScopeLogsConfig": { "$ref": "#/types/google-native:gkehub%2Fv1:FleetObservabilityRoutingConfig", "description": "Specified if applying the routing config to all logs for all fleet scopes." } }, "type": "object" }, "google-native:gkehub/v1:FleetObservabilityLoggingConfigResponse": { "description": "LoggingConfig defines the configuration for different types of logs.", "properties": { "defaultConfig": { "$ref": "#/types/google-native:gkehub%2Fv1:FleetObservabilityRoutingConfigResponse", "description": "Specified if applying the default routing config to logs not specified in other configs." }, "fleetScopeLogsConfig": { "$ref": "#/types/google-native:gkehub%2Fv1:FleetObservabilityRoutingConfigResponse", "description": "Specified if applying the routing config to all logs for all fleet scopes." } }, "type": "object", "required": [ "defaultConfig", "fleetScopeLogsConfig" ] }, "google-native:gkehub/v1:FleetObservabilityRoutingConfig": { "description": "RoutingConfig configures the behaviour of fleet logging feature.", "properties": { "mode": { "$ref": "#/types/google-native:gkehub%2Fv1:FleetObservabilityRoutingConfigMode", "description": "mode configures the logs routing mode." } }, "type": "object" }, "google-native:gkehub/v1:FleetObservabilityRoutingConfigMode": { "description": "mode configures the logs routing mode.", "type": "string", "enum": [ { "name": "ModeUnspecified", "description": "If UNSPECIFIED, fleet logging feature is disabled.", "value": "MODE_UNSPECIFIED" }, { "name": "Copy", "description": "logs will be copied to the destination project.", "value": "COPY" }, { "name": "Move", "description": "logs will be moved to the destination project.", "value": "MOVE" } ] }, "google-native:gkehub/v1:FleetObservabilityRoutingConfigResponse": { "description": "RoutingConfig configures the behaviour of fleet logging feature.", "properties": { "mode": { "type": "string", "description": "mode configures the logs routing mode." } }, "type": "object", "required": [ "mode" ] }, "google-native:gkehub/v1:GkeCluster": { "description": "GkeCluster contains information specific to GKE clusters.", "properties": { "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the GKE cluster. For example: //container.googleapis.com/projects/my-project/locations/us-west1-a/clusters/my-cluster Zonal clusters are also supported." } }, "type": "object" }, "google-native:gkehub/v1:GkeClusterResponse": { "description": "GkeCluster contains information specific to GKE clusters.", "properties": { "clusterMissing": { "type": "boolean", "description": "If cluster_missing is set then it denotes that the GKE cluster no longer exists in the GKE Control Plane." }, "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the GKE cluster. For example: //container.googleapis.com/projects/my-project/locations/us-west1-a/clusters/my-cluster Zonal clusters are also supported." } }, "type": "object", "required": [ "clusterMissing", "resourceLink" ] }, "google-native:gkehub/v1:IdentityServiceAuthMethod": { "description": "Configuration of an auth method for a member/cluster. Only one authentication method (e.g., OIDC and LDAP) can be set per AuthMethod.", "properties": { "azureadConfig": { "$ref": "#/types/google-native:gkehub%2Fv1:IdentityServiceAzureADConfig", "description": "AzureAD specific Configuration." }, "googleConfig": { "$ref": "#/types/google-native:gkehub%2Fv1:IdentityServiceGoogleConfig", "description": "GoogleConfig specific configuration." }, "name": { "type": "string", "description": "Identifier for auth config." }, "oidcConfig": { "$ref": "#/types/google-native:gkehub%2Fv1:IdentityServiceOidcConfig", "description": "OIDC specific configuration." }, "proxy": { "type": "string", "description": "Proxy server address to use for auth method." } }, "type": "object" }, "google-native:gkehub/v1:IdentityServiceAuthMethodResponse": { "description": "Configuration of an auth method for a member/cluster. Only one authentication method (e.g., OIDC and LDAP) can be set per AuthMethod.", "properties": { "azureadConfig": { "$ref": "#/types/google-native:gkehub%2Fv1:IdentityServiceAzureADConfigResponse", "description": "AzureAD specific Configuration." }, "googleConfig": { "$ref": "#/types/google-native:gkehub%2Fv1:IdentityServiceGoogleConfigResponse", "description": "GoogleConfig specific configuration." }, "name": { "type": "string", "description": "Identifier for auth config." }, "oidcConfig": { "$ref": "#/types/google-native:gkehub%2Fv1:IdentityServiceOidcConfigResponse", "description": "OIDC specific configuration." }, "proxy": { "type": "string", "description": "Proxy server address to use for auth method." } }, "type": "object", "required": [ "azureadConfig", "googleConfig", "name", "oidcConfig", "proxy" ] }, "google-native:gkehub/v1:IdentityServiceAzureADConfig": { "description": "Configuration for the AzureAD Auth flow.", "properties": { "clientId": { "type": "string", "description": "ID for the registered client application that makes authentication requests to the Azure AD identity provider." }, "clientSecret": { "type": "string", "description": "Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH." }, "kubectlRedirectUri": { "type": "string", "description": "The redirect URL that kubectl uses for authorization." }, "tenant": { "type": "string", "description": "Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant." } }, "type": "object" }, "google-native:gkehub/v1:IdentityServiceAzureADConfigResponse": { "description": "Configuration for the AzureAD Auth flow.", "properties": { "clientId": { "type": "string", "description": "ID for the registered client application that makes authentication requests to the Azure AD identity provider." }, "clientSecret": { "type": "string", "description": "Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH." }, "encryptedClientSecret": { "type": "string", "description": "Encrypted AzureAD client secret." }, "kubectlRedirectUri": { "type": "string", "description": "The redirect URL that kubectl uses for authorization." }, "tenant": { "type": "string", "description": "Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant." } }, "type": "object", "required": [ "clientId", "clientSecret", "encryptedClientSecret", "kubectlRedirectUri", "tenant" ] }, "google-native:gkehub/v1:IdentityServiceGoogleConfig": { "description": "Configuration for the Google Plugin Auth flow.", "properties": { "disable": { "type": "boolean", "description": "Disable automatic configuration of Google Plugin on supported platforms." } }, "type": "object" }, "google-native:gkehub/v1:IdentityServiceGoogleConfigResponse": { "description": "Configuration for the Google Plugin Auth flow.", "properties": { "disable": { "type": "boolean", "description": "Disable automatic configuration of Google Plugin on supported platforms." } }, "type": "object", "required": [ "disable" ] }, "google-native:gkehub/v1:IdentityServiceMembershipSpec": { "description": "**Anthos Identity Service**: Configuration for a single Membership.", "properties": { "authMethods": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1:IdentityServiceAuthMethod" }, "description": "A member may support multiple auth methods." } }, "type": "object" }, "google-native:gkehub/v1:IdentityServiceMembershipSpecResponse": { "description": "**Anthos Identity Service**: Configuration for a single Membership.", "properties": { "authMethods": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1:IdentityServiceAuthMethodResponse" }, "description": "A member may support multiple auth methods." } }, "type": "object", "required": [ "authMethods" ] }, "google-native:gkehub/v1:IdentityServiceOidcConfig": { "description": "Configuration for OIDC Auth flow.", "properties": { "certificateAuthorityData": { "type": "string", "description": "PEM-encoded CA for OIDC provider." }, "clientId": { "type": "string", "description": "ID for OIDC client application." }, "clientSecret": { "type": "string", "description": "Input only. Unencrypted OIDC client secret will be passed to the GKE Hub CLH." }, "deployCloudConsoleProxy": { "type": "boolean", "description": "Flag to denote if reverse proxy is used to connect to auth provider. This flag should be set to true when provider is not reachable by Google Cloud Console." }, "enableAccessToken": { "type": "boolean", "description": "Enable access token." }, "extraParams": { "type": "string", "description": "Comma-separated list of key-value pairs." }, "groupPrefix": { "type": "string", "description": "Prefix to prepend to group name." }, "groupsClaim": { "type": "string", "description": "Claim in OIDC ID token that holds group information." }, "issuerUri": { "type": "string", "description": "URI for the OIDC provider. This should point to the level below .well-known/openid-configuration." }, "kubectlRedirectUri": { "type": "string", "description": "Registered redirect uri to redirect users going through OAuth flow using kubectl plugin." }, "scopes": { "type": "string", "description": "Comma-separated list of identifiers." }, "userClaim": { "type": "string", "description": "Claim in OIDC ID token that holds username." }, "userPrefix": { "type": "string", "description": "Prefix to prepend to user name." } }, "type": "object" }, "google-native:gkehub/v1:IdentityServiceOidcConfigResponse": { "description": "Configuration for OIDC Auth flow.", "properties": { "certificateAuthorityData": { "type": "string", "description": "PEM-encoded CA for OIDC provider." }, "clientId": { "type": "string", "description": "ID for OIDC client application." }, "clientSecret": { "type": "string", "description": "Input only. Unencrypted OIDC client secret will be passed to the GKE Hub CLH." }, "deployCloudConsoleProxy": { "type": "boolean", "description": "Flag to denote if reverse proxy is used to connect to auth provider. This flag should be set to true when provider is not reachable by Google Cloud Console." }, "enableAccessToken": { "type": "boolean", "description": "Enable access token." }, "encryptedClientSecret": { "type": "string", "description": "Encrypted OIDC Client secret" }, "extraParams": { "type": "string", "description": "Comma-separated list of key-value pairs." }, "groupPrefix": { "type": "string", "description": "Prefix to prepend to group name." }, "groupsClaim": { "type": "string", "description": "Claim in OIDC ID token that holds group information." }, "issuerUri": { "type": "string", "description": "URI for the OIDC provider. This should point to the level below .well-known/openid-configuration." }, "kubectlRedirectUri": { "type": "string", "description": "Registered redirect uri to redirect users going through OAuth flow using kubectl plugin." }, "scopes": { "type": "string", "description": "Comma-separated list of identifiers." }, "userClaim": { "type": "string", "description": "Claim in OIDC ID token that holds username." }, "userPrefix": { "type": "string", "description": "Prefix to prepend to user name." } }, "type": "object", "required": [ "certificateAuthorityData", "clientId", "clientSecret", "deployCloudConsoleProxy", "enableAccessToken", "encryptedClientSecret", "extraParams", "groupPrefix", "groupsClaim", "issuerUri", "kubectlRedirectUri", "scopes", "userClaim", "userPrefix" ] }, "google-native:gkehub/v1:KubernetesMetadataResponse": { "description": "KubernetesMetadata provides informational metadata for Memberships representing Kubernetes clusters.", "properties": { "kubernetesApiServerVersion": { "type": "string", "description": "Kubernetes API server version string as reported by `/version`." }, "memoryMb": { "type": "integer", "description": "The total memory capacity as reported by the sum of all Kubernetes nodes resources, defined in MB." }, "nodeCount": { "type": "integer", "description": "Node count as reported by Kubernetes nodes resources." }, "nodeProviderId": { "type": "string", "description": "Node providerID as reported by the first node in the list of nodes on the Kubernetes endpoint. On Kubernetes platforms that support zero-node clusters (like GKE-on-GCP), the node_count will be zero and the node_provider_id will be empty." }, "updateTime": { "type": "string", "description": "The time at which these details were last updated. This update_time is different from the Membership-level update_time since EndpointDetails are updated internally for API consumers." }, "vcpuCount": { "type": "integer", "description": "vCPU count as reported by Kubernetes nodes resources." } }, "type": "object", "required": [ "kubernetesApiServerVersion", "memoryMb", "nodeCount", "nodeProviderId", "updateTime", "vcpuCount" ] }, "google-native:gkehub/v1:KubernetesResource": { "description": "KubernetesResource contains the YAML manifests and configuration for Membership Kubernetes resources in the cluster. After CreateMembership or UpdateMembership, these resources should be re-applied in the cluster.", "properties": { "membershipCrManifest": { "type": "string", "description": "Input only. The YAML representation of the Membership CR. This field is ignored for GKE clusters where Hub can read the CR directly. Callers should provide the CR that is currently present in the cluster during CreateMembership or UpdateMembership, or leave this field empty if none exists. The CR manifest is used to validate the cluster has not been registered with another Membership." }, "resourceOptions": { "$ref": "#/types/google-native:gkehub%2Fv1:ResourceOptions", "description": "Optional. Options for Kubernetes resource generation." } }, "type": "object" }, "google-native:gkehub/v1:KubernetesResourceResponse": { "description": "KubernetesResource contains the YAML manifests and configuration for Membership Kubernetes resources in the cluster. After CreateMembership or UpdateMembership, these resources should be re-applied in the cluster.", "properties": { "connectResources": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1:ResourceManifestResponse" }, "description": "The Kubernetes resources for installing the GKE Connect agent This field is only populated in the Membership returned from a successful long-running operation from CreateMembership or UpdateMembership. It is not populated during normal GetMembership or ListMemberships requests. To get the resource manifest after the initial registration, the caller should make a UpdateMembership call with an empty field mask." }, "membershipCrManifest": { "type": "string", "description": "Input only. The YAML representation of the Membership CR. This field is ignored for GKE clusters where Hub can read the CR directly. Callers should provide the CR that is currently present in the cluster during CreateMembership or UpdateMembership, or leave this field empty if none exists. The CR manifest is used to validate the cluster has not been registered with another Membership." }, "membershipResources": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1:ResourceManifestResponse" }, "description": "Additional Kubernetes resources that need to be applied to the cluster after Membership creation, and after every update. This field is only populated in the Membership returned from a successful long-running operation from CreateMembership or UpdateMembership. It is not populated during normal GetMembership or ListMemberships requests. To get the resource manifest after the initial registration, the caller should make a UpdateMembership call with an empty field mask." }, "resourceOptions": { "$ref": "#/types/google-native:gkehub%2Fv1:ResourceOptionsResponse", "description": "Optional. Options for Kubernetes resource generation." } }, "type": "object", "required": [ "connectResources", "membershipCrManifest", "membershipResources", "resourceOptions" ] }, "google-native:gkehub/v1:MembershipBindingLifecycleStateResponse": { "description": "MembershipBindingLifecycleState describes the state of a Binding resource.", "properties": { "code": { "type": "string", "description": "The current state of the MembershipBinding resource." } }, "type": "object", "required": [ "code" ] }, "google-native:gkehub/v1:MembershipEndpoint": { "description": "MembershipEndpoint contains information needed to contact a Kubernetes API, endpoint and any additional Kubernetes metadata.", "properties": { "applianceCluster": { "$ref": "#/types/google-native:gkehub%2Fv1:ApplianceCluster", "description": "Optional. Specific information for a GDC Edge Appliance cluster." }, "edgeCluster": { "$ref": "#/types/google-native:gkehub%2Fv1:EdgeCluster", "description": "Optional. Specific information for a Google Edge cluster." }, "gkeCluster": { "$ref": "#/types/google-native:gkehub%2Fv1:GkeCluster", "description": "Optional. Specific information for a GKE-on-GCP cluster." }, "kubernetesResource": { "$ref": "#/types/google-native:gkehub%2Fv1:KubernetesResource", "description": "Optional. The in-cluster Kubernetes Resources that should be applied for a correctly registered cluster, in the steady state. These resources: * Ensure that the cluster is exclusively registered to one and only one Hub Membership. * Propagate Workload Pool Information available in the Membership Authority field. * Ensure proper initial configuration of default Hub Features." }, "multiCloudCluster": { "$ref": "#/types/google-native:gkehub%2Fv1:MultiCloudCluster", "description": "Optional. Specific information for a GKE Multi-Cloud cluster." }, "onPremCluster": { "$ref": "#/types/google-native:gkehub%2Fv1:OnPremCluster", "description": "Optional. Specific information for a GKE On-Prem cluster. An onprem user-cluster who has no resourceLink is not allowed to use this field, it should have a nil \"type\" instead." } }, "type": "object" }, "google-native:gkehub/v1:MembershipEndpointResponse": { "description": "MembershipEndpoint contains information needed to contact a Kubernetes API, endpoint and any additional Kubernetes metadata.", "properties": { "applianceCluster": { "$ref": "#/types/google-native:gkehub%2Fv1:ApplianceClusterResponse", "description": "Optional. Specific information for a GDC Edge Appliance cluster." }, "edgeCluster": { "$ref": "#/types/google-native:gkehub%2Fv1:EdgeClusterResponse", "description": "Optional. Specific information for a Google Edge cluster." }, "gkeCluster": { "$ref": "#/types/google-native:gkehub%2Fv1:GkeClusterResponse", "description": "Optional. Specific information for a GKE-on-GCP cluster." }, "googleManaged": { "type": "boolean", "description": "Whether the lifecycle of this membership is managed by a google cluster platform service." }, "kubernetesMetadata": { "$ref": "#/types/google-native:gkehub%2Fv1:KubernetesMetadataResponse", "description": "Useful Kubernetes-specific metadata." }, "kubernetesResource": { "$ref": "#/types/google-native:gkehub%2Fv1:KubernetesResourceResponse", "description": "Optional. The in-cluster Kubernetes Resources that should be applied for a correctly registered cluster, in the steady state. These resources: * Ensure that the cluster is exclusively registered to one and only one Hub Membership. * Propagate Workload Pool Information available in the Membership Authority field. * Ensure proper initial configuration of default Hub Features." }, "multiCloudCluster": { "$ref": "#/types/google-native:gkehub%2Fv1:MultiCloudClusterResponse", "description": "Optional. Specific information for a GKE Multi-Cloud cluster." }, "onPremCluster": { "$ref": "#/types/google-native:gkehub%2Fv1:OnPremClusterResponse", "description": "Optional. Specific information for a GKE On-Prem cluster. An onprem user-cluster who has no resourceLink is not allowed to use this field, it should have a nil \"type\" instead." } }, "type": "object", "required": [ "applianceCluster", "edgeCluster", "gkeCluster", "googleManaged", "kubernetesMetadata", "kubernetesResource", "multiCloudCluster", "onPremCluster" ] }, "google-native:gkehub/v1:MembershipStateResponse": { "description": "MembershipState describes the state of a Membership resource.", "properties": { "code": { "type": "string", "description": "The current state of the Membership resource." } }, "type": "object", "required": [ "code" ] }, "google-native:gkehub/v1:MonitoringConfig": { "description": "MonitoringConfig informs Fleet-based applications/services/UIs how the metrics for the underlying cluster is reported to cloud monitoring services. It can be set from empty to non-empty, but can't be mutated directly to prevent accidentally breaking the constinousty of metrics.", "properties": { "cluster": { "type": "string", "description": "Optional. Cluster name used to report metrics. For Anthos on VMWare/Baremetal/MultiCloud clusters, it would be in format {cluster_type}/{cluster_name}, e.g., \"awsClusters/cluster_1\"." }, "clusterHash": { "type": "string", "description": "Optional. For GKE and Multicloud clusters, this is the UUID of the cluster resource. For VMWare and Baremetal clusters, this is the kube-system UID." }, "kubernetesMetricsPrefix": { "type": "string", "description": "Optional. Kubernetes system metrics, if available, are written to this prefix. This defaults to kubernetes.io for GKE, and kubernetes.io/anthos for Anthos eventually. Noted: Anthos MultiCloud will have kubernetes.io prefix today but will migration to be under kubernetes.io/anthos." }, "location": { "type": "string", "description": "Optional. Location used to report Metrics" }, "project": { "type": "string", "description": "Optional. Project used to report Metrics" } }, "type": "object" }, "google-native:gkehub/v1:MonitoringConfigResponse": { "description": "MonitoringConfig informs Fleet-based applications/services/UIs how the metrics for the underlying cluster is reported to cloud monitoring services. It can be set from empty to non-empty, but can't be mutated directly to prevent accidentally breaking the constinousty of metrics.", "properties": { "cluster": { "type": "string", "description": "Optional. Cluster name used to report metrics. For Anthos on VMWare/Baremetal/MultiCloud clusters, it would be in format {cluster_type}/{cluster_name}, e.g., \"awsClusters/cluster_1\"." }, "clusterHash": { "type": "string", "description": "Optional. For GKE and Multicloud clusters, this is the UUID of the cluster resource. For VMWare and Baremetal clusters, this is the kube-system UID." }, "kubernetesMetricsPrefix": { "type": "string", "description": "Optional. Kubernetes system metrics, if available, are written to this prefix. This defaults to kubernetes.io for GKE, and kubernetes.io/anthos for Anthos eventually. Noted: Anthos MultiCloud will have kubernetes.io prefix today but will migration to be under kubernetes.io/anthos." }, "location": { "type": "string", "description": "Optional. Location used to report Metrics" }, "project": { "type": "string", "description": "Optional. Project used to report Metrics" } }, "type": "object", "required": [ "cluster", "clusterHash", "kubernetesMetricsPrefix", "location", "project" ] }, "google-native:gkehub/v1:MultiCloudCluster": { "description": "MultiCloudCluster contains information specific to GKE Multi-Cloud clusters.", "properties": { "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the GKE Multi-Cloud cluster. For example: //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/awsClusters/my-cluster //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/azureClusters/my-cluster //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/attachedClusters/my-cluster" } }, "type": "object" }, "google-native:gkehub/v1:MultiCloudClusterResponse": { "description": "MultiCloudCluster contains information specific to GKE Multi-Cloud clusters.", "properties": { "clusterMissing": { "type": "boolean", "description": "If cluster_missing is set then it denotes that API(gkemulticloud.googleapis.com) resource for this GKE Multi-Cloud cluster no longer exists." }, "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the GKE Multi-Cloud cluster. For example: //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/awsClusters/my-cluster //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/azureClusters/my-cluster //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/attachedClusters/my-cluster" } }, "type": "object", "required": [ "clusterMissing", "resourceLink" ] }, "google-native:gkehub/v1:MultiClusterIngressFeatureSpec": { "description": "**Multi-cluster Ingress**: The configuration for the MultiClusterIngress feature.", "properties": { "configMembership": { "type": "string", "description": "Fully-qualified Membership name which hosts the MultiClusterIngress CRD. Example: `projects/foo-proj/locations/global/memberships/bar`" } }, "type": "object" }, "google-native:gkehub/v1:MultiClusterIngressFeatureSpecResponse": { "description": "**Multi-cluster Ingress**: The configuration for the MultiClusterIngress feature.", "properties": { "configMembership": { "type": "string", "description": "Fully-qualified Membership name which hosts the MultiClusterIngress CRD. Example: `projects/foo-proj/locations/global/memberships/bar`" } }, "type": "object", "required": [ "configMembership" ] }, "google-native:gkehub/v1:NamespaceLifecycleStateResponse": { "description": "NamespaceLifecycleState describes the state of a Namespace resource.", "properties": { "code": { "type": "string", "description": "The current state of the Namespace resource." } }, "type": "object", "required": [ "code" ] }, "google-native:gkehub/v1:OnPremCluster": { "description": "OnPremCluster contains information specific to GKE On-Prem clusters.", "properties": { "adminCluster": { "type": "boolean", "description": "Immutable. Whether the cluster is an admin cluster." }, "clusterType": { "$ref": "#/types/google-native:gkehub%2Fv1:OnPremClusterClusterType", "description": "Immutable. The on prem cluster's type." }, "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the GKE On-Prem cluster. For example: //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/vmwareClusters/my-cluster //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/bareMetalClusters/my-cluster" } }, "type": "object" }, "google-native:gkehub/v1:OnPremClusterClusterType": { "description": "Immutable. The on prem cluster's type.", "type": "string", "enum": [ { "name": "ClustertypeUnspecified", "description": "The ClusterType is not set.", "value": "CLUSTERTYPE_UNSPECIFIED" }, { "name": "Bootstrap", "description": "The ClusterType is bootstrap cluster.", "value": "BOOTSTRAP" }, { "name": "Hybrid", "description": "The ClusterType is baremetal hybrid cluster.", "value": "HYBRID" }, { "name": "Standalone", "description": "The ClusterType is baremetal standalone cluster.", "value": "STANDALONE" }, { "name": "User", "description": "The ClusterType is user cluster.", "value": "USER" } ] }, "google-native:gkehub/v1:OnPremClusterResponse": { "description": "OnPremCluster contains information specific to GKE On-Prem clusters.", "properties": { "adminCluster": { "type": "boolean", "description": "Immutable. Whether the cluster is an admin cluster." }, "clusterMissing": { "type": "boolean", "description": "If cluster_missing is set then it denotes that API(gkeonprem.googleapis.com) resource for this GKE On-Prem cluster no longer exists." }, "clusterType": { "type": "string", "description": "Immutable. The on prem cluster's type." }, "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the GKE On-Prem cluster. For example: //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/vmwareClusters/my-cluster //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/bareMetalClusters/my-cluster" } }, "type": "object", "required": [ "adminCluster", "clusterMissing", "clusterType", "resourceLink" ] }, "google-native:gkehub/v1:PolicyBinding": { "description": "Binauthz policy that applies to this cluster.", "properties": { "name": { "type": "string", "description": "The relative resource name of the binauthz platform policy to audit. GKE platform policies have the following format: `projects/{project_number}/platforms/gke/policies/{policy_id}`." } }, "type": "object" }, "google-native:gkehub/v1:PolicyBindingResponse": { "description": "Binauthz policy that applies to this cluster.", "properties": { "name": { "type": "string", "description": "The relative resource name of the binauthz platform policy to audit. GKE platform policies have the following format: `projects/{project_number}/platforms/gke/policies/{policy_id}`." } }, "type": "object", "required": [ "name" ] }, "google-native:gkehub/v1:PolicyControllerHubConfig": { "description": "Configuration for Policy Controller", "properties": { "auditIntervalSeconds": { "type": "string", "description": "Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether." }, "constraintViolationLimit": { "type": "string", "description": "The maximum number of audit violations to be stored in a constraint. If not set, the internal default (currently 20) will be used." }, "deploymentConfigs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of deployment configs to deployments (\"admission\", \"audit\", \"mutation')." }, "exemptableNamespaces": { "type": "array", "items": { "type": "string" }, "description": "The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster." }, "installSpec": { "$ref": "#/types/google-native:gkehub%2Fv1:PolicyControllerHubConfigInstallSpec", "description": "The install_spec represents the intended state specified by the latest request that mutated install_spec in the feature spec, not the lifecycle state of the feature observed by the Hub feature controller that is reported in the feature state." }, "logDeniesEnabled": { "type": "boolean", "description": "Logs all denies and dry run failures." }, "monitoring": { "$ref": "#/types/google-native:gkehub%2Fv1:PolicyControllerMonitoringConfig", "description": "Monitoring specifies the configuration of monitoring." }, "mutationEnabled": { "type": "boolean", "description": "Enables the ability to mutate resources using Policy Controller." }, "policyContent": { "$ref": "#/types/google-native:gkehub%2Fv1:PolicyControllerPolicyContentSpec", "description": "Specifies the desired policy content on the cluster" }, "referentialRulesEnabled": { "type": "boolean", "description": "Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated." } }, "type": "object" }, "google-native:gkehub/v1:PolicyControllerHubConfigInstallSpec": { "description": "The install_spec represents the intended state specified by the latest request that mutated install_spec in the feature spec, not the lifecycle state of the feature observed by the Hub feature controller that is reported in the feature state.", "type": "string", "enum": [ { "name": "InstallSpecUnspecified", "description": "Spec is unknown.", "value": "INSTALL_SPEC_UNSPECIFIED" }, { "name": "InstallSpecNotInstalled", "description": "Request to uninstall Policy Controller.", "value": "INSTALL_SPEC_NOT_INSTALLED" }, { "name": "InstallSpecEnabled", "description": "Request to install and enable Policy Controller.", "value": "INSTALL_SPEC_ENABLED" }, { "name": "InstallSpecSuspended", "description": "Request to suspend Policy Controller i.e. its webhooks. If Policy Controller is not installed, it will be installed but suspended.", "value": "INSTALL_SPEC_SUSPENDED" }, { "name": "InstallSpecDetached", "description": "Request to stop all reconciliation actions by PoCo Hub controller. This is a breakglass mechanism to stop PoCo Hub from affecting cluster resources.", "value": "INSTALL_SPEC_DETACHED" } ] }, "google-native:gkehub/v1:PolicyControllerHubConfigResponse": { "description": "Configuration for Policy Controller", "properties": { "auditIntervalSeconds": { "type": "string", "description": "Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether." }, "constraintViolationLimit": { "type": "string", "description": "The maximum number of audit violations to be stored in a constraint. If not set, the internal default (currently 20) will be used." }, "deploymentConfigs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of deployment configs to deployments (\"admission\", \"audit\", \"mutation')." }, "exemptableNamespaces": { "type": "array", "items": { "type": "string" }, "description": "The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster." }, "installSpec": { "type": "string", "description": "The install_spec represents the intended state specified by the latest request that mutated install_spec in the feature spec, not the lifecycle state of the feature observed by the Hub feature controller that is reported in the feature state." }, "logDeniesEnabled": { "type": "boolean", "description": "Logs all denies and dry run failures." }, "monitoring": { "$ref": "#/types/google-native:gkehub%2Fv1:PolicyControllerMonitoringConfigResponse", "description": "Monitoring specifies the configuration of monitoring." }, "mutationEnabled": { "type": "boolean", "description": "Enables the ability to mutate resources using Policy Controller." }, "policyContent": { "$ref": "#/types/google-native:gkehub%2Fv1:PolicyControllerPolicyContentSpecResponse", "description": "Specifies the desired policy content on the cluster" }, "referentialRulesEnabled": { "type": "boolean", "description": "Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated." } }, "type": "object", "required": [ "auditIntervalSeconds", "constraintViolationLimit", "deploymentConfigs", "exemptableNamespaces", "installSpec", "logDeniesEnabled", "monitoring", "mutationEnabled", "policyContent", "referentialRulesEnabled" ] }, "google-native:gkehub/v1:PolicyControllerMembershipSpec": { "description": "**Policy Controller**: Configuration for a single cluster. Intended to parallel the PolicyController CR.", "properties": { "policyControllerHubConfig": { "$ref": "#/types/google-native:gkehub%2Fv1:PolicyControllerHubConfig", "description": "Policy Controller configuration for the cluster." }, "version": { "type": "string", "description": "Version of Policy Controller installed." } }, "type": "object" }, "google-native:gkehub/v1:PolicyControllerMembershipSpecResponse": { "description": "**Policy Controller**: Configuration for a single cluster. Intended to parallel the PolicyController CR.", "properties": { "policyControllerHubConfig": { "$ref": "#/types/google-native:gkehub%2Fv1:PolicyControllerHubConfigResponse", "description": "Policy Controller configuration for the cluster." }, "version": { "type": "string", "description": "Version of Policy Controller installed." } }, "type": "object", "required": [ "policyControllerHubConfig", "version" ] }, "google-native:gkehub/v1:PolicyControllerMonitoringConfig": { "description": "MonitoringConfig specifies the backends Policy Controller should export metrics to. For example, to specify metrics should be exported to Cloud Monitoring and Prometheus, specify backends: [\"cloudmonitoring\", \"prometheus\"]", "properties": { "backends": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1:PolicyControllerMonitoringConfigBackendsItem" }, "description": "Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export." } }, "type": "object" }, "google-native:gkehub/v1:PolicyControllerMonitoringConfigBackendsItem": { "type": "string", "enum": [ { "name": "MonitoringBackendUnspecified", "description": "Backend cannot be determined", "value": "MONITORING_BACKEND_UNSPECIFIED" }, { "name": "Prometheus", "description": "Prometheus backend for monitoring", "value": "PROMETHEUS" }, { "name": "CloudMonitoring", "description": "Stackdriver/Cloud Monitoring backend for monitoring", "value": "CLOUD_MONITORING" } ] }, "google-native:gkehub/v1:PolicyControllerMonitoringConfigResponse": { "description": "MonitoringConfig specifies the backends Policy Controller should export metrics to. For example, to specify metrics should be exported to Cloud Monitoring and Prometheus, specify backends: [\"cloudmonitoring\", \"prometheus\"]", "properties": { "backends": { "type": "array", "items": { "type": "string" }, "description": "Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export." } }, "type": "object", "required": [ "backends" ] }, "google-native:gkehub/v1:PolicyControllerPolicyContentSpec": { "description": "PolicyContentSpec defines the user's desired content configuration on the cluster.", "properties": { "bundles": { "type": "object", "additionalProperties": { "type": "string" }, "description": "map of bundle name to BundleInstallSpec. The bundle name maps to the `bundleName` key in the `policycontroller.gke.io/constraintData` annotation on a constraint." }, "templateLibrary": { "$ref": "#/types/google-native:gkehub%2Fv1:PolicyControllerTemplateLibraryConfig", "description": "Configures the installation of the Template Library." } }, "type": "object" }, "google-native:gkehub/v1:PolicyControllerPolicyContentSpecResponse": { "description": "PolicyContentSpec defines the user's desired content configuration on the cluster.", "properties": { "bundles": { "type": "object", "additionalProperties": { "type": "string" }, "description": "map of bundle name to BundleInstallSpec. The bundle name maps to the `bundleName` key in the `policycontroller.gke.io/constraintData` annotation on a constraint." }, "templateLibrary": { "$ref": "#/types/google-native:gkehub%2Fv1:PolicyControllerTemplateLibraryConfigResponse", "description": "Configures the installation of the Template Library." } }, "type": "object", "required": [ "bundles", "templateLibrary" ] }, "google-native:gkehub/v1:PolicyControllerTemplateLibraryConfig": { "description": "The config specifying which default library templates to install.", "properties": { "installation": { "$ref": "#/types/google-native:gkehub%2Fv1:PolicyControllerTemplateLibraryConfigInstallation", "description": "Configures the manner in which the template library is installed on the cluster." } }, "type": "object" }, "google-native:gkehub/v1:PolicyControllerTemplateLibraryConfigInstallation": { "description": "Configures the manner in which the template library is installed on the cluster.", "type": "string", "enum": [ { "name": "InstallationUnspecified", "description": "No installation strategy has been specified.", "value": "INSTALLATION_UNSPECIFIED" }, { "name": "NotInstalled", "description": "Do not install the template library.", "value": "NOT_INSTALLED" }, { "name": "All", "description": "Install the entire template library.", "value": "ALL" } ] }, "google-native:gkehub/v1:PolicyControllerTemplateLibraryConfigResponse": { "description": "The config specifying which default library templates to install.", "properties": { "installation": { "type": "string", "description": "Configures the manner in which the template library is installed on the cluster." } }, "type": "object", "required": [ "installation" ] }, "google-native:gkehub/v1:RBACRoleBindingLifecycleStateResponse": { "description": "RBACRoleBindingLifecycleState describes the state of a RbacRoleBinding resource.", "properties": { "code": { "type": "string", "description": "The current state of the rbacrolebinding resource." } }, "type": "object", "required": [ "code" ] }, "google-native:gkehub/v1:ResourceManifestResponse": { "description": "ResourceManifest represents a single Kubernetes resource to be applied to the cluster.", "properties": { "clusterScoped": { "type": "boolean", "description": "Whether the resource provided in the manifest is `cluster_scoped`. If unset, the manifest is assumed to be namespace scoped. This field is used for REST mapping when applying the resource in a cluster." }, "manifest": { "type": "string", "description": "YAML manifest of the resource." } }, "type": "object", "required": [ "clusterScoped", "manifest" ] }, "google-native:gkehub/v1:ResourceOptions": { "description": "ResourceOptions represent options for Kubernetes resource generation.", "properties": { "connectVersion": { "type": "string", "description": "Optional. The Connect agent version to use for connect_resources. Defaults to the latest GKE Connect version. The version must be a currently supported version, obsolete versions will be rejected." }, "k8sVersion": { "type": "string", "description": "Optional. Major version of the Kubernetes cluster. This is only used to determine which version to use for the CustomResourceDefinition resources, `apiextensions/v1beta1` or`apiextensions/v1`." }, "v1beta1Crd": { "type": "boolean", "description": "Optional. Use `apiextensions/v1beta1` instead of `apiextensions/v1` for CustomResourceDefinition resources. This option should be set for clusters with Kubernetes apiserver versions <1.16." } }, "type": "object" }, "google-native:gkehub/v1:ResourceOptionsResponse": { "description": "ResourceOptions represent options for Kubernetes resource generation.", "properties": { "connectVersion": { "type": "string", "description": "Optional. The Connect agent version to use for connect_resources. Defaults to the latest GKE Connect version. The version must be a currently supported version, obsolete versions will be rejected." }, "k8sVersion": { "type": "string", "description": "Optional. Major version of the Kubernetes cluster. This is only used to determine which version to use for the CustomResourceDefinition resources, `apiextensions/v1beta1` or`apiextensions/v1`." }, "v1beta1Crd": { "type": "boolean", "description": "Optional. Use `apiextensions/v1beta1` instead of `apiextensions/v1` for CustomResourceDefinition resources. This option should be set for clusters with Kubernetes apiserver versions <1.16." } }, "type": "object", "required": [ "connectVersion", "k8sVersion", "v1beta1Crd" ] }, "google-native:gkehub/v1:Role": { "description": "Role is the type for Kubernetes roles", "properties": { "predefinedRole": { "$ref": "#/types/google-native:gkehub%2Fv1:RolePredefinedRole", "description": "predefined_role is the Kubernetes default role to use" } }, "type": "object" }, "google-native:gkehub/v1:RolePredefinedRole": { "description": "predefined_role is the Kubernetes default role to use", "type": "string", "enum": [ { "name": "Unknown", "description": "UNKNOWN", "value": "UNKNOWN" }, { "name": "Admin", "description": "ADMIN has EDIT and RBAC permissions", "value": "ADMIN" }, { "name": "Edit", "description": "EDIT can edit all resources except RBAC", "value": "EDIT" }, { "name": "View", "description": "VIEW can only read resources", "value": "VIEW" }, { "name": "AnthosSupport", "description": "ANTHOS_SUPPORT gives Google Support read-only access to a number of cluster resources.", "value": "ANTHOS_SUPPORT" } ] }, "google-native:gkehub/v1:RoleResponse": { "description": "Role is the type for Kubernetes roles", "properties": { "predefinedRole": { "type": "string", "description": "predefined_role is the Kubernetes default role to use" } }, "type": "object", "required": [ "predefinedRole" ] }, "google-native:gkehub/v1:ScopeLifecycleStateResponse": { "description": "ScopeLifecycleState describes the state of a Scope resource.", "properties": { "code": { "type": "string", "description": "The current state of the scope resource." } }, "type": "object", "required": [ "code" ] }, "google-native:gkehub/v1:SecurityPostureConfig": { "description": "SecurityPostureConfig defines the flags needed to enable/disable features for the Security Posture API.", "properties": { "mode": { "$ref": "#/types/google-native:gkehub%2Fv1:SecurityPostureConfigMode", "description": "Sets which mode to use for Security Posture features." }, "vulnerabilityMode": { "$ref": "#/types/google-native:gkehub%2Fv1:SecurityPostureConfigVulnerabilityMode", "description": "Sets which mode to use for vulnerability scanning." } }, "type": "object" }, "google-native:gkehub/v1:SecurityPostureConfigMode": { "description": "Sets which mode to use for Security Posture features.", "type": "string", "enum": [ { "name": "ModeUnspecified", "description": "Default value not specified.", "value": "MODE_UNSPECIFIED" }, { "name": "Disabled", "description": "Disables Security Posture features on the cluster.", "value": "DISABLED" }, { "name": "Basic", "description": "Applies Security Posture features on the cluster.", "value": "BASIC" } ] }, "google-native:gkehub/v1:SecurityPostureConfigResponse": { "description": "SecurityPostureConfig defines the flags needed to enable/disable features for the Security Posture API.", "properties": { "mode": { "type": "string", "description": "Sets which mode to use for Security Posture features." }, "vulnerabilityMode": { "type": "string", "description": "Sets which mode to use for vulnerability scanning." } }, "type": "object", "required": [ "mode", "vulnerabilityMode" ] }, "google-native:gkehub/v1:SecurityPostureConfigVulnerabilityMode": { "description": "Sets which mode to use for vulnerability scanning.", "type": "string", "enum": [ { "name": "VulnerabilityModeUnspecified", "description": "Default value not specified.", "value": "VULNERABILITY_MODE_UNSPECIFIED" }, { "name": "VulnerabilityDisabled", "description": "Disables vulnerability scanning on the cluster.", "value": "VULNERABILITY_DISABLED" }, { "name": "VulnerabilityBasic", "description": "Applies basic vulnerability scanning on the cluster.", "value": "VULNERABILITY_BASIC" }, { "name": "VulnerabilityEnterprise", "description": "Applies the Security Posture's vulnerability on cluster Enterprise level features.", "value": "VULNERABILITY_ENTERPRISE" } ] }, "google-native:gkehub/v1:ServiceMeshMembershipSpec": { "description": "**Service Mesh**: Spec for a single Membership for the servicemesh feature", "properties": { "controlPlane": { "$ref": "#/types/google-native:gkehub%2Fv1:ServiceMeshMembershipSpecControlPlane", "description": "Deprecated: use `management` instead Enables automatic control plane management.", "deprecationMessage": "Deprecated: use `management` instead Enables automatic control plane management." }, "management": { "$ref": "#/types/google-native:gkehub%2Fv1:ServiceMeshMembershipSpecManagement", "description": "Enables automatic Service Mesh management." } }, "type": "object" }, "google-native:gkehub/v1:ServiceMeshMembershipSpecControlPlane": { "description": "Deprecated: use `management` instead Enables automatic control plane management.", "type": "string", "enum": [ { "name": "ControlPlaneManagementUnspecified", "description": "Unspecified", "value": "CONTROL_PLANE_MANAGEMENT_UNSPECIFIED" }, { "name": "Automatic", "description": "Google should provision a control plane revision and make it available in the cluster. Google will enroll this revision in a release channel and keep it up to date. The control plane revision may be a managed service, or a managed install.", "value": "AUTOMATIC" }, { "name": "Manual", "description": "User will manually configure the control plane (e.g. via CLI, or via the ControlPlaneRevision KRM API)", "value": "MANUAL" } ] }, "google-native:gkehub/v1:ServiceMeshMembershipSpecManagement": { "description": "Enables automatic Service Mesh management.", "type": "string", "enum": [ { "name": "ManagementUnspecified", "description": "Unspecified", "value": "MANAGEMENT_UNSPECIFIED" }, { "name": "ManagementAutomatic", "description": "Google should manage my Service Mesh for the cluster.", "value": "MANAGEMENT_AUTOMATIC" }, { "name": "ManagementManual", "description": "User will manually configure their service mesh components.", "value": "MANAGEMENT_MANUAL" } ] }, "google-native:gkehub/v1:ServiceMeshMembershipSpecResponse": { "description": "**Service Mesh**: Spec for a single Membership for the servicemesh feature", "properties": { "controlPlane": { "type": "string", "description": "Deprecated: use `management` instead Enables automatic control plane management.", "deprecationMessage": "Deprecated: use `management` instead Enables automatic control plane management." }, "management": { "type": "string", "description": "Enables automatic Service Mesh management." } }, "type": "object", "required": [ "controlPlane", "management" ] }, "google-native:gkehub/v1:StatusResponse": { "description": "Status specifies state for the subcomponent.", "properties": { "code": { "type": "string", "description": "Code specifies AppDevExperienceFeature's subcomponent ready state." }, "description": { "type": "string", "description": "Description is populated if Code is Failed, explaining why it has failed." } }, "type": "object", "required": [ "code", "description" ] }, "google-native:gkehub/v1alpha2:ApplianceCluster": { "description": "ApplianceCluster contains information specific to GDC Edge Appliance Clusters.", "properties": { "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the Appliance Cluster. For example: //transferappliance.googleapis.com/projects/my-project/locations/us-west1-a/appliances/my-appliance" } }, "type": "object" }, "google-native:gkehub/v1alpha2:ApplianceClusterResponse": { "description": "ApplianceCluster contains information specific to GDC Edge Appliance Clusters.", "properties": { "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the Appliance Cluster. For example: //transferappliance.googleapis.com/projects/my-project/locations/us-west1-a/appliances/my-appliance" } }, "type": "object", "required": [ "resourceLink" ] }, "google-native:gkehub/v1alpha2:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1alpha2:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:gkehub/v1alpha2:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1alpha2:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:gkehub/v1alpha2:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:gkehub%2Fv1alpha2:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:gkehub/v1alpha2:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:gkehub/v1alpha2:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:gkehub/v1alpha2:Authority": { "description": "Authority encodes how Google will recognize identities from this Membership. See the workload identity documentation for more details: https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity", "properties": { "issuer": { "type": "string", "description": "Optional. A JSON Web Token (JWT) issuer URI. `issuer` must start with `https://` and be a valid URL with length <2000 characters. If set, then Google will allow valid OIDC tokens from this issuer to authenticate within the workload_identity_pool. OIDC discovery will be performed on this URI to validate tokens from the issuer, unless `oidc_jwks` is set. Clearing `issuer` disables Workload Identity. `issuer` cannot be directly modified; it must be cleared (and Workload Identity disabled) before using a new issuer (and re-enabling Workload Identity)." }, "oidcJwks": { "type": "string", "description": "Optional. OIDC verification keys for this Membership in JWKS format (RFC 7517). When this field is set, OIDC discovery will NOT be performed on `issuer`, and instead OIDC tokens will be validated using this field." } }, "type": "object" }, "google-native:gkehub/v1alpha2:AuthorityResponse": { "description": "Authority encodes how Google will recognize identities from this Membership. See the workload identity documentation for more details: https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity", "properties": { "identityProvider": { "type": "string", "description": "An identity provider that reflects the `issuer` in the workload identity pool." }, "issuer": { "type": "string", "description": "Optional. A JSON Web Token (JWT) issuer URI. `issuer` must start with `https://` and be a valid URL with length <2000 characters. If set, then Google will allow valid OIDC tokens from this issuer to authenticate within the workload_identity_pool. OIDC discovery will be performed on this URI to validate tokens from the issuer, unless `oidc_jwks` is set. Clearing `issuer` disables Workload Identity. `issuer` cannot be directly modified; it must be cleared (and Workload Identity disabled) before using a new issuer (and re-enabling Workload Identity)." }, "oidcJwks": { "type": "string", "description": "Optional. OIDC verification keys for this Membership in JWKS format (RFC 7517). When this field is set, OIDC discovery will NOT be performed on `issuer`, and instead OIDC tokens will be validated using this field." }, "workloadIdentityPool": { "type": "string", "description": "The name of the workload identity pool in which `issuer` will be recognized. There is a single Workload Identity Pool per Hub that is shared between all Memberships that belong to that Hub. For a Hub hosted in {PROJECT_ID}, the workload pool format is `{PROJECT_ID}.hub.id.goog`, although this is subject to change in newer versions of this API." } }, "type": "object", "required": [ "identityProvider", "issuer", "oidcJwks", "workloadIdentityPool" ] }, "google-native:gkehub/v1alpha2:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:gkehub%2Fv1alpha2:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:gkehub/v1alpha2:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:gkehub%2Fv1alpha2:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:gkehub/v1alpha2:EdgeCluster": { "description": "EdgeCluster contains information specific to Google Edge Clusters.", "properties": { "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the Edge Cluster. For example: //edgecontainer.googleapis.com/projects/my-project/locations/us-west1-a/clusters/my-cluster" } }, "type": "object" }, "google-native:gkehub/v1alpha2:EdgeClusterResponse": { "description": "EdgeCluster contains information specific to Google Edge Clusters.", "properties": { "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the Edge Cluster. For example: //edgecontainer.googleapis.com/projects/my-project/locations/us-west1-a/clusters/my-cluster" } }, "type": "object", "required": [ "resourceLink" ] }, "google-native:gkehub/v1alpha2:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:gkehub/v1alpha2:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:gkehub/v1alpha2:GkeCluster": { "description": "GkeCluster contains information specific to GKE clusters.", "properties": { "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the GKE cluster. For example: //container.googleapis.com/projects/my-project/locations/us-west1-a/clusters/my-cluster Zonal clusters are also supported." } }, "type": "object" }, "google-native:gkehub/v1alpha2:GkeClusterResponse": { "description": "GkeCluster contains information specific to GKE clusters.", "properties": { "clusterMissing": { "type": "boolean", "description": "If cluster_missing is set then it denotes that the GKE cluster no longer exists in the GKE Control Plane." }, "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the GKE cluster. For example: //container.googleapis.com/projects/my-project/locations/us-west1-a/clusters/my-cluster Zonal clusters are also supported." } }, "type": "object", "required": [ "clusterMissing", "resourceLink" ] }, "google-native:gkehub/v1alpha2:KubernetesMetadataResponse": { "description": "KubernetesMetadata provides informational metadata for Memberships that are created from Kubernetes Endpoints (currently, these are equivalent to Kubernetes clusters).", "properties": { "kubernetesApiServerVersion": { "type": "string", "description": "Kubernetes API server version string as reported by '/version'." }, "memoryMb": { "type": "integer", "description": "The total memory capacity as reported by the sum of all Kubernetes nodes resources, defined in MB." }, "nodeCount": { "type": "integer", "description": "Node count as reported by Kubernetes nodes resources." }, "nodeProviderId": { "type": "string", "description": "Node providerID as reported by the first node in the list of nodes on the Kubernetes endpoint. On Kubernetes platforms that support zero-node clusters (like GKE-on-GCP), the node_count will be zero and the node_provider_id will be empty." }, "updateTime": { "type": "string", "description": "The time at which these details were last updated. This update_time is different from the Membership-level update_time since EndpointDetails are updated internally for API consumers." }, "vcpuCount": { "type": "integer", "description": "vCPU count as reported by Kubernetes nodes resources." } }, "type": "object", "required": [ "kubernetesApiServerVersion", "memoryMb", "nodeCount", "nodeProviderId", "updateTime", "vcpuCount" ] }, "google-native:gkehub/v1alpha2:KubernetesResource": { "description": "KubernetesResource contains the YAML manifests and configuration for Membership Kubernetes resources in the cluster. After CreateMembership or UpdateMembership, these resources should be re-applied in the cluster.", "properties": { "membershipCrManifest": { "type": "string", "description": "Input only. The YAML representation of the Membership CR. This field is ignored for GKE clusters where Hub can read the CR directly. Callers should provide the CR that is currently present in the cluster during Create or Update, or leave this field empty if none exists. The CR manifest is used to validate the cluster has not been registered with another Membership." }, "resourceOptions": { "$ref": "#/types/google-native:gkehub%2Fv1alpha2:ResourceOptions", "description": "Optional. Options for Kubernetes resource generation." } }, "type": "object" }, "google-native:gkehub/v1alpha2:KubernetesResourceResponse": { "description": "KubernetesResource contains the YAML manifests and configuration for Membership Kubernetes resources in the cluster. After CreateMembership or UpdateMembership, these resources should be re-applied in the cluster.", "properties": { "connectResources": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1alpha2:ResourceManifestResponse" }, "description": "The Kubernetes resources for installing the GKE Connect agent. This field is only populated in the Membership returned from a successful long-running operation from CreateMembership or UpdateMembership. It is not populated during normal GetMembership or ListMemberships requests. To get the resource manifest after the initial registration, the caller should make a UpdateMembership call with an empty field mask." }, "membershipCrManifest": { "type": "string", "description": "Input only. The YAML representation of the Membership CR. This field is ignored for GKE clusters where Hub can read the CR directly. Callers should provide the CR that is currently present in the cluster during Create or Update, or leave this field empty if none exists. The CR manifest is used to validate the cluster has not been registered with another Membership." }, "membershipResources": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1alpha2:ResourceManifestResponse" }, "description": "Additional Kubernetes resources that need to be applied to the cluster after Membership creation, and after every update. This field is only populated in the Membership returned from a successful long-running operation from CreateMembership or UpdateMembership. It is not populated during normal GetMembership or ListMemberships requests. To get the resource manifest after the initial registration, the caller should make a UpdateMembership call with an empty field mask." }, "resourceOptions": { "$ref": "#/types/google-native:gkehub%2Fv1alpha2:ResourceOptionsResponse", "description": "Optional. Options for Kubernetes resource generation." } }, "type": "object", "required": [ "connectResources", "membershipCrManifest", "membershipResources", "resourceOptions" ] }, "google-native:gkehub/v1alpha2:MembershipEndpoint": { "description": "MembershipEndpoint contains information needed to contact a Kubernetes API, endpoint and any additional Kubernetes metadata.", "properties": { "applianceCluster": { "$ref": "#/types/google-native:gkehub%2Fv1alpha2:ApplianceCluster", "description": "Optional. Specific information for a GDC Edge Appliance cluster." }, "edgeCluster": { "$ref": "#/types/google-native:gkehub%2Fv1alpha2:EdgeCluster", "description": "Optional. Specific information for a Google Edge cluster." }, "gkeCluster": { "$ref": "#/types/google-native:gkehub%2Fv1alpha2:GkeCluster", "description": "Optional. Specific information for a GKE-on-GCP cluster." }, "kubernetesResource": { "$ref": "#/types/google-native:gkehub%2Fv1alpha2:KubernetesResource", "description": "Optional. The in-cluster Kubernetes Resources that should be applied for a correctly registered cluster, in the steady state. These resources: * Ensure that the cluster is exclusively registered to one and only one Hub Membership. * Propagate Workload Pool Information available in the Membership Authority field. * Ensure proper initial configuration of default Hub Features." }, "multiCloudCluster": { "$ref": "#/types/google-native:gkehub%2Fv1alpha2:MultiCloudCluster", "description": "Optional. Specific information for a GKE Multi-Cloud cluster." }, "onPremCluster": { "$ref": "#/types/google-native:gkehub%2Fv1alpha2:OnPremCluster", "description": "Optional. Specific information for a GKE On-Prem cluster. An onprem user-cluster who has no resourceLink is not allowed to use this field, it should have a nil \"type\" instead." } }, "type": "object" }, "google-native:gkehub/v1alpha2:MembershipEndpointResponse": { "description": "MembershipEndpoint contains information needed to contact a Kubernetes API, endpoint and any additional Kubernetes metadata.", "properties": { "applianceCluster": { "$ref": "#/types/google-native:gkehub%2Fv1alpha2:ApplianceClusterResponse", "description": "Optional. Specific information for a GDC Edge Appliance cluster." }, "edgeCluster": { "$ref": "#/types/google-native:gkehub%2Fv1alpha2:EdgeClusterResponse", "description": "Optional. Specific information for a Google Edge cluster." }, "gkeCluster": { "$ref": "#/types/google-native:gkehub%2Fv1alpha2:GkeClusterResponse", "description": "Optional. Specific information for a GKE-on-GCP cluster." }, "kubernetesMetadata": { "$ref": "#/types/google-native:gkehub%2Fv1alpha2:KubernetesMetadataResponse", "description": "Useful Kubernetes-specific metadata." }, "kubernetesResource": { "$ref": "#/types/google-native:gkehub%2Fv1alpha2:KubernetesResourceResponse", "description": "Optional. The in-cluster Kubernetes Resources that should be applied for a correctly registered cluster, in the steady state. These resources: * Ensure that the cluster is exclusively registered to one and only one Hub Membership. * Propagate Workload Pool Information available in the Membership Authority field. * Ensure proper initial configuration of default Hub Features." }, "multiCloudCluster": { "$ref": "#/types/google-native:gkehub%2Fv1alpha2:MultiCloudClusterResponse", "description": "Optional. Specific information for a GKE Multi-Cloud cluster." }, "onPremCluster": { "$ref": "#/types/google-native:gkehub%2Fv1alpha2:OnPremClusterResponse", "description": "Optional. Specific information for a GKE On-Prem cluster. An onprem user-cluster who has no resourceLink is not allowed to use this field, it should have a nil \"type\" instead." } }, "type": "object", "required": [ "applianceCluster", "edgeCluster", "gkeCluster", "kubernetesMetadata", "kubernetesResource", "multiCloudCluster", "onPremCluster" ] }, "google-native:gkehub/v1alpha2:MembershipInfrastructureType": { "description": "Optional. The infrastructure type this Membership is running on.", "type": "string", "enum": [ { "name": "InfrastructureTypeUnspecified", "description": "No type was specified. Some Hub functionality may require a type be specified, and will not support Memberships with this value.", "value": "INFRASTRUCTURE_TYPE_UNSPECIFIED" }, { "name": "OnPrem", "description": "Private infrastructure that is owned or operated by customer. This includes GKE distributions such as GKE-OnPrem and GKE-OnBareMetal.", "value": "ON_PREM" }, { "name": "MultiCloud", "description": "Public cloud infrastructure.", "value": "MULTI_CLOUD" } ] }, "google-native:gkehub/v1alpha2:MembershipStateResponse": { "description": "MembershipState describes the state of a Membership resource.", "properties": { "code": { "type": "string", "description": "The current state of the Membership resource." } }, "type": "object", "required": [ "code" ] }, "google-native:gkehub/v1alpha2:MonitoringConfig": { "description": "MonitoringConfig informs Fleet-based applications/services/UIs how the metrics for the underlying cluster is reported to cloud monitoring services. It can be set from empty to non-empty, but can't be mutated directly to prevent accidentally breaking the constinousty of metrics.", "properties": { "cluster": { "type": "string", "description": "Optional. Cluster name used to report metrics. For Anthos on VMWare/Baremetal/MultiCloud clusters, it would be in format {cluster_type}/{cluster_name}, e.g., \"awsClusters/cluster_1\"." }, "clusterHash": { "type": "string", "description": "Optional. For GKE and Multicloud clusters, this is the UUID of the cluster resource. For VMWare and Baremetal clusters, this is the kube-system UID." }, "kubernetesMetricsPrefix": { "type": "string", "description": "Optional. Kubernetes system metrics, if available, are written to this prefix. This defaults to kubernetes.io for GKE, and kubernetes.io/anthos for Anthos eventually. Noted: Anthos MultiCloud will have kubernetes.io prefix today but will migration to be under kubernetes.io/anthos." }, "location": { "type": "string", "description": "Optional. Location used to report Metrics" }, "project": { "type": "string", "description": "Optional. Project used to report Metrics" } }, "type": "object" }, "google-native:gkehub/v1alpha2:MonitoringConfigResponse": { "description": "MonitoringConfig informs Fleet-based applications/services/UIs how the metrics for the underlying cluster is reported to cloud monitoring services. It can be set from empty to non-empty, but can't be mutated directly to prevent accidentally breaking the constinousty of metrics.", "properties": { "cluster": { "type": "string", "description": "Optional. Cluster name used to report metrics. For Anthos on VMWare/Baremetal/MultiCloud clusters, it would be in format {cluster_type}/{cluster_name}, e.g., \"awsClusters/cluster_1\"." }, "clusterHash": { "type": "string", "description": "Optional. For GKE and Multicloud clusters, this is the UUID of the cluster resource. For VMWare and Baremetal clusters, this is the kube-system UID." }, "kubernetesMetricsPrefix": { "type": "string", "description": "Optional. Kubernetes system metrics, if available, are written to this prefix. This defaults to kubernetes.io for GKE, and kubernetes.io/anthos for Anthos eventually. Noted: Anthos MultiCloud will have kubernetes.io prefix today but will migration to be under kubernetes.io/anthos." }, "location": { "type": "string", "description": "Optional. Location used to report Metrics" }, "project": { "type": "string", "description": "Optional. Project used to report Metrics" } }, "type": "object", "required": [ "cluster", "clusterHash", "kubernetesMetricsPrefix", "location", "project" ] }, "google-native:gkehub/v1alpha2:MultiCloudCluster": { "description": "MultiCloudCluster contains information specific to GKE Multi-Cloud clusters.", "properties": { "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the GKE Multi-Cloud cluster. For example: //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/awsClusters/my-cluster //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/azureClusters/my-cluster //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/attachedClusters/my-cluster" } }, "type": "object" }, "google-native:gkehub/v1alpha2:MultiCloudClusterResponse": { "description": "MultiCloudCluster contains information specific to GKE Multi-Cloud clusters.", "properties": { "clusterMissing": { "type": "boolean", "description": "If cluster_missing is set then it denotes that API(gkemulticloud.googleapis.com) resource for this GKE Multi-Cloud cluster no longer exists." }, "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the GKE Multi-Cloud cluster. For example: //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/awsClusters/my-cluster //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/azureClusters/my-cluster //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/attachedClusters/my-cluster" } }, "type": "object", "required": [ "clusterMissing", "resourceLink" ] }, "google-native:gkehub/v1alpha2:OnPremCluster": { "description": "OnPremCluster contains information specific to GKE On-Prem clusters.", "properties": { "adminCluster": { "type": "boolean", "description": "Immutable. Whether the cluster is an admin cluster." }, "clusterType": { "$ref": "#/types/google-native:gkehub%2Fv1alpha2:OnPremClusterClusterType", "description": "Immutable. The on prem cluster's type." }, "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the GKE On-Prem cluster. For example: //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/vmwareClusters/my-cluster //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/bareMetalClusters/my-cluster" } }, "type": "object" }, "google-native:gkehub/v1alpha2:OnPremClusterClusterType": { "description": "Immutable. The on prem cluster's type.", "type": "string", "enum": [ { "name": "ClustertypeUnspecified", "description": "The ClusterType is not set.", "value": "CLUSTERTYPE_UNSPECIFIED" }, { "name": "Bootstrap", "description": "The ClusterType is bootstrap cluster.", "value": "BOOTSTRAP" }, { "name": "Hybrid", "description": "The ClusterType is baremetal hybrid cluster.", "value": "HYBRID" }, { "name": "Standalone", "description": "The ClusterType is baremetal standalone cluster.", "value": "STANDALONE" }, { "name": "User", "description": "The ClusterType is user cluster.", "value": "USER" } ] }, "google-native:gkehub/v1alpha2:OnPremClusterResponse": { "description": "OnPremCluster contains information specific to GKE On-Prem clusters.", "properties": { "adminCluster": { "type": "boolean", "description": "Immutable. Whether the cluster is an admin cluster." }, "clusterMissing": { "type": "boolean", "description": "If cluster_missing is set then it denotes that API(gkeonprem.googleapis.com) resource for this GKE On-Prem cluster no longer exists." }, "clusterType": { "type": "string", "description": "Immutable. The on prem cluster's type." }, "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the GKE On-Prem cluster. For example: //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/vmwareClusters/my-cluster //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/bareMetalClusters/my-cluster" } }, "type": "object", "required": [ "adminCluster", "clusterMissing", "clusterType", "resourceLink" ] }, "google-native:gkehub/v1alpha2:ResourceManifestResponse": { "description": "ResourceManifest represents a single Kubernetes resource to be applied to the cluster.", "properties": { "clusterScoped": { "type": "boolean", "description": "Whether the resource provided in the manifest is `cluster_scoped`. If unset, the manifest is assumed to be namespace scoped. This field is used for REST mapping when applying the resource in a cluster." }, "manifest": { "type": "string", "description": "YAML manifest of the resource." } }, "type": "object", "required": [ "clusterScoped", "manifest" ] }, "google-native:gkehub/v1alpha2:ResourceOptions": { "description": "ResourceOptions represent options for Kubernetes resource generation.", "properties": { "connectVersion": { "type": "string", "description": "Optional. The Connect agent version to use for connect_resources. Defaults to the latest GKE Connect version. The version must be a currently supported version, obsolete versions will be rejected." }, "k8sVersion": { "type": "string", "description": "Optional. Major version of the Kubernetes cluster. This is only used to determine which version to use for the CustomResourceDefinition resources, `apiextensions/v1beta1` or`apiextensions/v1`." }, "v1beta1Crd": { "type": "boolean", "description": "Optional. Use `apiextensions/v1beta1` instead of `apiextensions/v1` for CustomResourceDefinition resources. This option should be set for clusters with Kubernetes apiserver versions <1.16." } }, "type": "object" }, "google-native:gkehub/v1alpha2:ResourceOptionsResponse": { "description": "ResourceOptions represent options for Kubernetes resource generation.", "properties": { "connectVersion": { "type": "string", "description": "Optional. The Connect agent version to use for connect_resources. Defaults to the latest GKE Connect version. The version must be a currently supported version, obsolete versions will be rejected." }, "k8sVersion": { "type": "string", "description": "Optional. Major version of the Kubernetes cluster. This is only used to determine which version to use for the CustomResourceDefinition resources, `apiextensions/v1beta1` or`apiextensions/v1`." }, "v1beta1Crd": { "type": "boolean", "description": "Optional. Use `apiextensions/v1beta1` instead of `apiextensions/v1` for CustomResourceDefinition resources. This option should be set for clusters with Kubernetes apiserver versions <1.16." } }, "type": "object", "required": [ "connectVersion", "k8sVersion", "v1beta1Crd" ] }, "google-native:gkehub/v1alpha:AnthosObservabilityFeatureSpec": { "description": "**Anthos Observability**: Spec", "properties": { "defaultMembershipSpec": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:AnthosObservabilityMembershipSpec", "description": "Default membership spec for unconfigured memberships" } }, "type": "object" }, "google-native:gkehub/v1alpha:AnthosObservabilityFeatureSpecResponse": { "description": "**Anthos Observability**: Spec", "properties": { "defaultMembershipSpec": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:AnthosObservabilityMembershipSpecResponse", "description": "Default membership spec for unconfigured memberships" } }, "type": "object", "required": [ "defaultMembershipSpec" ] }, "google-native:gkehub/v1alpha:AnthosObservabilityMembershipSpec": { "description": "**Anthosobservability**: Per-Membership Feature spec.", "properties": { "doNotOptimizeMetrics": { "type": "boolean", "description": "Use full of metrics rather than optimized metrics. See https://cloud.google.com/anthos/clusters/docs/on-prem/1.8/concepts/logging-and-monitoring#optimized_metrics_default_metrics" }, "enableStackdriverOnApplications": { "type": "boolean", "description": "Enable collecting and reporting metrics and logs from user apps." }, "version": { "type": "string", "description": "the version of stackdriver operator used by this feature" } }, "type": "object" }, "google-native:gkehub/v1alpha:AnthosObservabilityMembershipSpecResponse": { "description": "**Anthosobservability**: Per-Membership Feature spec.", "properties": { "doNotOptimizeMetrics": { "type": "boolean", "description": "Use full of metrics rather than optimized metrics. See https://cloud.google.com/anthos/clusters/docs/on-prem/1.8/concepts/logging-and-monitoring#optimized_metrics_default_metrics" }, "enableStackdriverOnApplications": { "type": "boolean", "description": "Enable collecting and reporting metrics and logs from user apps." }, "version": { "type": "string", "description": "the version of stackdriver operator used by this feature" } }, "type": "object", "required": [ "doNotOptimizeMetrics", "enableStackdriverOnApplications", "version" ] }, "google-native:gkehub/v1alpha:AppDevExperienceFeatureSpec": { "description": "Spec for App Dev Experience Feature.", "type": "object" }, "google-native:gkehub/v1alpha:AppDevExperienceFeatureSpecResponse": { "description": "Spec for App Dev Experience Feature.", "type": "object" }, "google-native:gkehub/v1alpha:AppDevExperienceFeatureStateResponse": { "description": "State for App Dev Exp Feature.", "properties": { "networkingInstallSucceeded": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:StatusResponse", "description": "Status of subcomponent that detects configured Service Mesh resources." } }, "type": "object", "required": [ "networkingInstallSucceeded" ] }, "google-native:gkehub/v1alpha:ApplianceCluster": { "description": "ApplianceCluster contains information specific to GDC Edge Appliance Clusters.", "properties": { "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the Appliance Cluster. For example: //transferappliance.googleapis.com/projects/my-project/locations/us-west1-a/appliances/my-appliance" } }, "type": "object" }, "google-native:gkehub/v1alpha:ApplianceClusterResponse": { "description": "ApplianceCluster contains information specific to GDC Edge Appliance Clusters.", "properties": { "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the Appliance Cluster. For example: //transferappliance.googleapis.com/projects/my-project/locations/us-west1-a/appliances/my-appliance" } }, "type": "object", "required": [ "resourceLink" ] }, "google-native:gkehub/v1alpha:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:gkehub/v1alpha:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:gkehub/v1alpha:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:gkehub/v1alpha:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:gkehub/v1alpha:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:gkehub/v1alpha:Authority": { "description": "Authority encodes how Google will recognize identities from this Membership. See the workload identity documentation for more details: https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity", "properties": { "issuer": { "type": "string", "description": "Optional. A JSON Web Token (JWT) issuer URI. `issuer` must start with `https://` and be a valid URL with length <2000 characters, it must use `location` rather than `zone` for GKE clusters. If set, then Google will allow valid OIDC tokens from this issuer to authenticate within the workload_identity_pool. OIDC discovery will be performed on this URI to validate tokens from the issuer. Clearing `issuer` disables Workload Identity. `issuer` cannot be directly modified; it must be cleared (and Workload Identity disabled) before using a new issuer (and re-enabling Workload Identity)." }, "oidcJwks": { "type": "string", "description": "Optional. OIDC verification keys for this Membership in JWKS format (RFC 7517). When this field is set, OIDC discovery will NOT be performed on `issuer`, and instead OIDC tokens will be validated using this field." } }, "type": "object" }, "google-native:gkehub/v1alpha:AuthorityResponse": { "description": "Authority encodes how Google will recognize identities from this Membership. See the workload identity documentation for more details: https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity", "properties": { "identityProvider": { "type": "string", "description": "An identity provider that reflects the `issuer` in the workload identity pool." }, "issuer": { "type": "string", "description": "Optional. A JSON Web Token (JWT) issuer URI. `issuer` must start with `https://` and be a valid URL with length <2000 characters, it must use `location` rather than `zone` for GKE clusters. If set, then Google will allow valid OIDC tokens from this issuer to authenticate within the workload_identity_pool. OIDC discovery will be performed on this URI to validate tokens from the issuer. Clearing `issuer` disables Workload Identity. `issuer` cannot be directly modified; it must be cleared (and Workload Identity disabled) before using a new issuer (and re-enabling Workload Identity)." }, "oidcJwks": { "type": "string", "description": "Optional. OIDC verification keys for this Membership in JWKS format (RFC 7517). When this field is set, OIDC discovery will NOT be performed on `issuer`, and instead OIDC tokens will be validated using this field." }, "workloadIdentityPool": { "type": "string", "description": "The name of the workload identity pool in which `issuer` will be recognized. There is a single Workload Identity Pool per Hub that is shared between all Memberships that belong to that Hub. For a Hub hosted in {PROJECT_ID}, the workload pool format is `{PROJECT_ID}.hub.id.goog`, although this is subject to change in newer versions of this API." } }, "type": "object", "required": [ "identityProvider", "issuer", "oidcJwks", "workloadIdentityPool" ] }, "google-native:gkehub/v1alpha:BinaryAuthorizationConfig": { "description": "BinaryAuthorizationConfig defines the fleet level configuration of binary authorization feature.", "properties": { "evaluationMode": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:BinaryAuthorizationConfigEvaluationMode", "description": "Optional. Mode of operation for binauthz policy evaluation." }, "policyBindings": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:PolicyBinding" }, "description": "Optional. Binauthz policies that apply to this cluster." } }, "type": "object" }, "google-native:gkehub/v1alpha:BinaryAuthorizationConfigEvaluationMode": { "description": "Optional. Mode of operation for binauthz policy evaluation.", "type": "string", "enum": [ { "name": "EvaluationModeUnspecified", "description": "Default value", "value": "EVALUATION_MODE_UNSPECIFIED" }, { "name": "Disabled", "description": "Disable BinaryAuthorization", "value": "DISABLED" }, { "name": "PolicyBindings", "description": "Use Binary Authorization with the policies specified in policy_bindings.", "value": "POLICY_BINDINGS" } ] }, "google-native:gkehub/v1alpha:BinaryAuthorizationConfigResponse": { "description": "BinaryAuthorizationConfig defines the fleet level configuration of binary authorization feature.", "properties": { "evaluationMode": { "type": "string", "description": "Optional. Mode of operation for binauthz policy evaluation." }, "policyBindings": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:PolicyBindingResponse" }, "description": "Optional. Binauthz policies that apply to this cluster." } }, "type": "object", "required": [ "evaluationMode", "policyBindings" ] }, "google-native:gkehub/v1alpha:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:gkehub/v1alpha:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:gkehub/v1alpha:CloudAuditLoggingFeatureSpec": { "description": "**Cloud Audit Logging**: Spec for Audit Logging Allowlisting.", "properties": { "allowlistedServiceAccounts": { "type": "array", "items": { "type": "string" }, "description": "Service account that should be allowlisted to send the audit logs; eg cloudauditlogging@gcp-project.iam.gserviceaccount.com. These accounts must already exist, but do not need to have any permissions granted to them. The customer's entitlements will be checked prior to allowlisting (i.e. the customer must be an Anthos customer.)" } }, "type": "object" }, "google-native:gkehub/v1alpha:CloudAuditLoggingFeatureSpecResponse": { "description": "**Cloud Audit Logging**: Spec for Audit Logging Allowlisting.", "properties": { "allowlistedServiceAccounts": { "type": "array", "items": { "type": "string" }, "description": "Service account that should be allowlisted to send the audit logs; eg cloudauditlogging@gcp-project.iam.gserviceaccount.com. These accounts must already exist, but do not need to have any permissions granted to them. The customer's entitlements will be checked prior to allowlisting (i.e. the customer must be an Anthos customer.)" } }, "type": "object", "required": [ "allowlistedServiceAccounts" ] }, "google-native:gkehub/v1alpha:ClusterUpgradeFleetSpec": { "description": "**ClusterUpgrade**: The configuration for the fleet-level ClusterUpgrade feature.", "properties": { "gkeUpgradeOverrides": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ClusterUpgradeGKEUpgradeOverride" }, "description": "Allow users to override some properties of each GKE upgrade." }, "postConditions": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ClusterUpgradePostConditions", "description": "Post conditions to evaluate to mark an upgrade COMPLETE. Required." }, "upstreamFleets": { "type": "array", "items": { "type": "string" }, "description": "This fleet consumes upgrades that have COMPLETE status code in the upstream fleets. See UpgradeStatus.Code for code definitions. The fleet name should be either fleet project number or id. This is defined as repeated for future proof reasons. Initial implementation will enforce at most one upstream fleet." } }, "type": "object", "required": [ "postConditions" ] }, "google-native:gkehub/v1alpha:ClusterUpgradeFleetSpecResponse": { "description": "**ClusterUpgrade**: The configuration for the fleet-level ClusterUpgrade feature.", "properties": { "gkeUpgradeOverrides": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ClusterUpgradeGKEUpgradeOverrideResponse" }, "description": "Allow users to override some properties of each GKE upgrade." }, "postConditions": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ClusterUpgradePostConditionsResponse", "description": "Post conditions to evaluate to mark an upgrade COMPLETE. Required." }, "upstreamFleets": { "type": "array", "items": { "type": "string" }, "description": "This fleet consumes upgrades that have COMPLETE status code in the upstream fleets. See UpgradeStatus.Code for code definitions. The fleet name should be either fleet project number or id. This is defined as repeated for future proof reasons. Initial implementation will enforce at most one upstream fleet." } }, "type": "object", "required": [ "gkeUpgradeOverrides", "postConditions", "upstreamFleets" ] }, "google-native:gkehub/v1alpha:ClusterUpgradeFleetStateResponse": { "description": "**ClusterUpgrade**: The state for the fleet-level ClusterUpgrade feature.", "properties": { "downstreamFleets": { "type": "array", "items": { "type": "string" }, "description": "This fleets whose upstream_fleets contain the current fleet. The fleet name should be either fleet project number or id." }, "gkeState": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ClusterUpgradeGKEUpgradeFeatureStateResponse", "description": "Feature state for GKE clusters." }, "ignored": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A list of memberships ignored by the feature. For example, manually upgraded clusters can be ignored if they are newer than the default versions of its release channel. The membership resource is in the format: `projects/{p}/locations/{l}/membership/{m}`." } }, "type": "object", "required": [ "downstreamFleets", "gkeState", "ignored" ] }, "google-native:gkehub/v1alpha:ClusterUpgradeGKEUpgrade": { "description": "GKEUpgrade represents a GKE provided upgrade, e.g., control plane upgrade.", "properties": { "name": { "type": "string", "description": "Name of the upgrade, e.g., \"k8s_control_plane\". It should be a valid upgrade name. It must not exceet 99 characters." }, "version": { "type": "string", "description": "Version of the upgrade, e.g., \"1.22.1-gke.100\". It should be a valid version. It must not exceet 99 characters." } }, "type": "object" }, "google-native:gkehub/v1alpha:ClusterUpgradeGKEUpgradeFeatureConditionResponse": { "description": "GKEUpgradeFeatureCondition describes the condition of the feature for GKE clusters at a certain point of time.", "properties": { "reason": { "type": "string", "description": "Reason why the feature is in this status." }, "status": { "type": "string", "description": "Status of the condition, one of True, False, Unknown." }, "type": { "type": "string", "description": "Type of the condition, for example, \"ready\"." }, "updateTime": { "type": "string", "description": "Last timestamp the condition was updated." } }, "type": "object", "required": [ "reason", "status", "type", "updateTime" ] }, "google-native:gkehub/v1alpha:ClusterUpgradeGKEUpgradeFeatureStateResponse": { "description": "GKEUpgradeFeatureState contains feature states for GKE clusters in the scope.", "properties": { "conditions": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ClusterUpgradeGKEUpgradeFeatureConditionResponse" }, "description": "Current conditions of the feature." }, "upgradeState": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ClusterUpgradeGKEUpgradeStateResponse" }, "description": "Upgrade state. It will eventually replace `state`." } }, "type": "object", "required": [ "conditions", "upgradeState" ] }, "google-native:gkehub/v1alpha:ClusterUpgradeGKEUpgradeOverride": { "description": "Properties of a GKE upgrade that can be overridden by the user. For example, a user can skip soaking by overriding the soaking to 0.", "properties": { "postConditions": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ClusterUpgradePostConditions", "description": "Post conditions to override for the specified upgrade (name + version). Required." }, "upgrade": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ClusterUpgradeGKEUpgrade", "description": "Which upgrade to override. Required." } }, "type": "object", "required": [ "postConditions", "upgrade" ] }, "google-native:gkehub/v1alpha:ClusterUpgradeGKEUpgradeOverrideResponse": { "description": "Properties of a GKE upgrade that can be overridden by the user. For example, a user can skip soaking by overriding the soaking to 0.", "properties": { "postConditions": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ClusterUpgradePostConditionsResponse", "description": "Post conditions to override for the specified upgrade (name + version). Required." }, "upgrade": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ClusterUpgradeGKEUpgradeResponse", "description": "Which upgrade to override. Required." } }, "type": "object", "required": [ "postConditions", "upgrade" ] }, "google-native:gkehub/v1alpha:ClusterUpgradeGKEUpgradeResponse": { "description": "GKEUpgrade represents a GKE provided upgrade, e.g., control plane upgrade.", "properties": { "name": { "type": "string", "description": "Name of the upgrade, e.g., \"k8s_control_plane\". It should be a valid upgrade name. It must not exceet 99 characters." }, "version": { "type": "string", "description": "Version of the upgrade, e.g., \"1.22.1-gke.100\". It should be a valid version. It must not exceet 99 characters." } }, "type": "object", "required": [ "name", "version" ] }, "google-native:gkehub/v1alpha:ClusterUpgradeGKEUpgradeStateResponse": { "description": "GKEUpgradeState is a GKEUpgrade and its state at the scope and fleet level.", "properties": { "stats": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Number of GKE clusters in each status code." }, "status": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ClusterUpgradeUpgradeStatusResponse", "description": "Status of the upgrade." }, "upgrade": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ClusterUpgradeGKEUpgradeResponse", "description": "Which upgrade to track the state." } }, "type": "object", "required": [ "stats", "status", "upgrade" ] }, "google-native:gkehub/v1alpha:ClusterUpgradePostConditions": { "description": "Post conditional checks after an upgrade has been applied on all eligible clusters.", "properties": { "soaking": { "type": "string", "description": "Amount of time to \"soak\" after a rollout has been finished before marking it COMPLETE. Cannot exceed 30 days. Required." } }, "type": "object", "required": [ "soaking" ] }, "google-native:gkehub/v1alpha:ClusterUpgradePostConditionsResponse": { "description": "Post conditional checks after an upgrade has been applied on all eligible clusters.", "properties": { "soaking": { "type": "string", "description": "Amount of time to \"soak\" after a rollout has been finished before marking it COMPLETE. Cannot exceed 30 days. Required." } }, "type": "object", "required": [ "soaking" ] }, "google-native:gkehub/v1alpha:ClusterUpgradeUpgradeStatusResponse": { "description": "UpgradeStatus provides status information for each upgrade.", "properties": { "code": { "type": "string", "description": "Status code of the upgrade." }, "reason": { "type": "string", "description": "Reason for this status." }, "updateTime": { "type": "string", "description": "Last timestamp the status was updated." } }, "type": "object", "required": [ "code", "reason", "updateTime" ] }, "google-native:gkehub/v1alpha:CommonFeatureSpec": { "description": "CommonFeatureSpec contains Hub-wide configuration information", "properties": { "anthosobservability": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:AnthosObservabilityFeatureSpec", "description": "Anthos Observability spec" }, "appdevexperience": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:AppDevExperienceFeatureSpec", "description": "Appdevexperience specific spec." }, "cloudauditlogging": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:CloudAuditLoggingFeatureSpec", "description": "Cloud Audit Logging-specific spec." }, "clusterupgrade": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ClusterUpgradeFleetSpec", "description": "ClusterUpgrade (fleet-based) feature spec." }, "fleetobservability": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:FleetObservabilityFeatureSpec", "description": "FleetObservability feature spec." }, "multiclusteringress": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:MultiClusterIngressFeatureSpec", "description": "Multicluster Ingress-specific spec." }, "namespaceactuation": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:NamespaceActuationFeatureSpec", "description": "Namespace Actuation feature spec" }, "workloadcertificate": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:FeatureSpec", "description": "Workload Certificate spec." } }, "type": "object" }, "google-native:gkehub/v1alpha:CommonFeatureSpecResponse": { "description": "CommonFeatureSpec contains Hub-wide configuration information", "properties": { "anthosobservability": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:AnthosObservabilityFeatureSpecResponse", "description": "Anthos Observability spec" }, "appdevexperience": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:AppDevExperienceFeatureSpecResponse", "description": "Appdevexperience specific spec." }, "cloudauditlogging": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:CloudAuditLoggingFeatureSpecResponse", "description": "Cloud Audit Logging-specific spec." }, "clusterupgrade": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ClusterUpgradeFleetSpecResponse", "description": "ClusterUpgrade (fleet-based) feature spec." }, "fleetobservability": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:FleetObservabilityFeatureSpecResponse", "description": "FleetObservability feature spec." }, "multiclusteringress": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:MultiClusterIngressFeatureSpecResponse", "description": "Multicluster Ingress-specific spec." }, "namespaceactuation": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:NamespaceActuationFeatureSpecResponse", "description": "Namespace Actuation feature spec" }, "workloadcertificate": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:FeatureSpecResponse", "description": "Workload Certificate spec." } }, "type": "object", "required": [ "anthosobservability", "appdevexperience", "cloudauditlogging", "clusterupgrade", "fleetobservability", "multiclusteringress", "namespaceactuation", "workloadcertificate" ] }, "google-native:gkehub/v1alpha:CommonFeatureStateResponse": { "description": "CommonFeatureState contains Hub-wide Feature status information.", "properties": { "appdevexperience": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:AppDevExperienceFeatureStateResponse", "description": "Appdevexperience specific state." }, "clusterupgrade": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ClusterUpgradeFleetStateResponse", "description": "ClusterUpgrade fleet-level state." }, "fleetobservability": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:FleetObservabilityFeatureStateResponse", "description": "FleetObservability feature state." }, "namespaceactuation": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:NamespaceActuationFeatureStateResponse", "description": "Namespace Actuation feature state." }, "servicemesh": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ServiceMeshFeatureStateResponse", "description": "Service Mesh-specific state." }, "state": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:FeatureStateResponse", "description": "The \"running state\" of the Feature in this Hub." } }, "type": "object", "required": [ "appdevexperience", "clusterupgrade", "fleetobservability", "namespaceactuation", "servicemesh", "state" ] }, "google-native:gkehub/v1alpha:CommonFleetDefaultMemberConfigSpec": { "description": "CommonFleetDefaultMemberConfigSpec contains default configuration information for memberships of a fleet", "properties": { "configmanagement": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ConfigManagementMembershipSpec", "description": "Config Management-specific spec." }, "identityservice": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:IdentityServiceMembershipSpec", "description": "Identity Service-specific spec." }, "mesh": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ServiceMeshMembershipSpec", "description": "Anthos Service Mesh-specific spec" }, "policycontroller": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:PolicyControllerMembershipSpec", "description": "Policy Controller spec." } }, "type": "object" }, "google-native:gkehub/v1alpha:CommonFleetDefaultMemberConfigSpecResponse": { "description": "CommonFleetDefaultMemberConfigSpec contains default configuration information for memberships of a fleet", "properties": { "configmanagement": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ConfigManagementMembershipSpecResponse", "description": "Config Management-specific spec." }, "identityservice": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:IdentityServiceMembershipSpecResponse", "description": "Identity Service-specific spec." }, "mesh": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ServiceMeshMembershipSpecResponse", "description": "Anthos Service Mesh-specific spec" }, "policycontroller": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:PolicyControllerMembershipSpecResponse", "description": "Policy Controller spec." } }, "type": "object", "required": [ "configmanagement", "identityservice", "mesh", "policycontroller" ] }, "google-native:gkehub/v1alpha:ConfigManagementBinauthzConfig": { "description": "Configuration for Binauthz", "properties": { "enabled": { "type": "boolean", "description": "Whether binauthz is enabled in this cluster." } }, "type": "object" }, "google-native:gkehub/v1alpha:ConfigManagementBinauthzConfigResponse": { "description": "Configuration for Binauthz", "properties": { "enabled": { "type": "boolean", "description": "Whether binauthz is enabled in this cluster." } }, "type": "object", "required": [ "enabled" ] }, "google-native:gkehub/v1alpha:ConfigManagementConfigSync": { "description": "Configuration for Config Sync", "properties": { "allowVerticalScale": { "type": "boolean", "description": "Set to true to allow the vertical scaling. Defaults to false which disallows vertical scaling. This field is deprecated.", "deprecationMessage": "Set to true to allow the vertical scaling. Defaults to false which disallows vertical scaling. This field is deprecated." }, "enabled": { "type": "boolean", "description": "Enables the installation of ConfigSync. If set to true, ConfigSync resources will be created and the other ConfigSync fields will be applied if exist. If set to false, all other ConfigSync fields will be ignored, ConfigSync resources will be deleted. If omitted, ConfigSync resources will be managed depends on the presence of the git or oci field." }, "git": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ConfigManagementGitConfig", "description": "Git repo configuration for the cluster." }, "metricsGcpServiceAccountEmail": { "type": "string", "description": "The Email of the Google Cloud Service Account (GSA) used for exporting Config Sync metrics to Cloud Monitoring and Cloud Monarch when Workload Identity is enabled. The GSA should have the Monitoring Metric Writer (roles/monitoring.metricWriter) IAM role. The Kubernetes ServiceAccount `default` in the namespace `config-management-monitoring` should be bound to the GSA. This field is required when automatic Feature management is enabled." }, "oci": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ConfigManagementOciConfig", "description": "OCI repo configuration for the cluster" }, "preventDrift": { "type": "boolean", "description": "Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts." }, "sourceFormat": { "type": "string", "description": "Specifies whether the Config Sync Repo is in \"hierarchical\" or \"unstructured\" mode." } }, "type": "object" }, "google-native:gkehub/v1alpha:ConfigManagementConfigSyncResponse": { "description": "Configuration for Config Sync", "properties": { "allowVerticalScale": { "type": "boolean", "description": "Set to true to allow the vertical scaling. Defaults to false which disallows vertical scaling. This field is deprecated.", "deprecationMessage": "Set to true to allow the vertical scaling. Defaults to false which disallows vertical scaling. This field is deprecated." }, "enabled": { "type": "boolean", "description": "Enables the installation of ConfigSync. If set to true, ConfigSync resources will be created and the other ConfigSync fields will be applied if exist. If set to false, all other ConfigSync fields will be ignored, ConfigSync resources will be deleted. If omitted, ConfigSync resources will be managed depends on the presence of the git or oci field." }, "git": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ConfigManagementGitConfigResponse", "description": "Git repo configuration for the cluster." }, "metricsGcpServiceAccountEmail": { "type": "string", "description": "The Email of the Google Cloud Service Account (GSA) used for exporting Config Sync metrics to Cloud Monitoring and Cloud Monarch when Workload Identity is enabled. The GSA should have the Monitoring Metric Writer (roles/monitoring.metricWriter) IAM role. The Kubernetes ServiceAccount `default` in the namespace `config-management-monitoring` should be bound to the GSA. This field is required when automatic Feature management is enabled." }, "oci": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ConfigManagementOciConfigResponse", "description": "OCI repo configuration for the cluster" }, "preventDrift": { "type": "boolean", "description": "Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts." }, "sourceFormat": { "type": "string", "description": "Specifies whether the Config Sync Repo is in \"hierarchical\" or \"unstructured\" mode." } }, "type": "object", "required": [ "allowVerticalScale", "enabled", "git", "metricsGcpServiceAccountEmail", "oci", "preventDrift", "sourceFormat" ] }, "google-native:gkehub/v1alpha:ConfigManagementGitConfig": { "description": "Git repo configuration for a single cluster.", "properties": { "gcpServiceAccountEmail": { "type": "string", "description": "The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount." }, "httpsProxy": { "type": "string", "description": "URL for the HTTPS proxy to be used when communicating with the Git repo." }, "policyDir": { "type": "string", "description": "The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository." }, "secretType": { "type": "string", "description": "Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required." }, "syncBranch": { "type": "string", "description": "The branch of the repository to sync from. Default: master." }, "syncRepo": { "type": "string", "description": "The URL of the Git repository to use as the source of truth." }, "syncRev": { "type": "string", "description": "Git revision (tag or hash) to check out. Default HEAD." }, "syncWaitSecs": { "type": "string", "description": "Period in seconds between consecutive syncs. Default: 15." } }, "type": "object" }, "google-native:gkehub/v1alpha:ConfigManagementGitConfigResponse": { "description": "Git repo configuration for a single cluster.", "properties": { "gcpServiceAccountEmail": { "type": "string", "description": "The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount." }, "httpsProxy": { "type": "string", "description": "URL for the HTTPS proxy to be used when communicating with the Git repo." }, "policyDir": { "type": "string", "description": "The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository." }, "secretType": { "type": "string", "description": "Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required." }, "syncBranch": { "type": "string", "description": "The branch of the repository to sync from. Default: master." }, "syncRepo": { "type": "string", "description": "The URL of the Git repository to use as the source of truth." }, "syncRev": { "type": "string", "description": "Git revision (tag or hash) to check out. Default HEAD." }, "syncWaitSecs": { "type": "string", "description": "Period in seconds between consecutive syncs. Default: 15." } }, "type": "object", "required": [ "gcpServiceAccountEmail", "httpsProxy", "policyDir", "secretType", "syncBranch", "syncRepo", "syncRev", "syncWaitSecs" ] }, "google-native:gkehub/v1alpha:ConfigManagementHierarchyControllerConfig": { "description": "Configuration for Hierarchy Controller", "properties": { "enableHierarchicalResourceQuota": { "type": "boolean", "description": "Whether hierarchical resource quota is enabled in this cluster." }, "enablePodTreeLabels": { "type": "boolean", "description": "Whether pod tree labels are enabled in this cluster." }, "enabled": { "type": "boolean", "description": "Whether Hierarchy Controller is enabled in this cluster." } }, "type": "object" }, "google-native:gkehub/v1alpha:ConfigManagementHierarchyControllerConfigResponse": { "description": "Configuration for Hierarchy Controller", "properties": { "enableHierarchicalResourceQuota": { "type": "boolean", "description": "Whether hierarchical resource quota is enabled in this cluster." }, "enablePodTreeLabels": { "type": "boolean", "description": "Whether pod tree labels are enabled in this cluster." }, "enabled": { "type": "boolean", "description": "Whether Hierarchy Controller is enabled in this cluster." } }, "type": "object", "required": [ "enableHierarchicalResourceQuota", "enablePodTreeLabels", "enabled" ] }, "google-native:gkehub/v1alpha:ConfigManagementMembershipSpec": { "description": "**Anthos Config Management**: Configuration for a single cluster. Intended to parallel the ConfigManagement CR.", "properties": { "binauthz": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ConfigManagementBinauthzConfig", "description": "Binauthz conifguration for the cluster. Deprecated: This field will be ignored and should not be set.", "deprecationMessage": "Binauthz conifguration for the cluster. Deprecated: This field will be ignored and should not be set." }, "cluster": { "type": "string", "description": "The user-specified cluster name used by Config Sync cluster-name-selector annotation or ClusterSelector, for applying configs to only a subset of clusters. Omit this field if the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector. Set this field if a name different from the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector." }, "configSync": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ConfigManagementConfigSync", "description": "Config Sync configuration for the cluster." }, "hierarchyController": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ConfigManagementHierarchyControllerConfig", "description": "Hierarchy Controller configuration for the cluster." }, "policyController": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ConfigManagementPolicyController", "description": "Policy Controller configuration for the cluster." }, "version": { "type": "string", "description": "Version of ACM installed." } }, "type": "object" }, "google-native:gkehub/v1alpha:ConfigManagementMembershipSpecResponse": { "description": "**Anthos Config Management**: Configuration for a single cluster. Intended to parallel the ConfigManagement CR.", "properties": { "binauthz": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ConfigManagementBinauthzConfigResponse", "description": "Binauthz conifguration for the cluster. Deprecated: This field will be ignored and should not be set.", "deprecationMessage": "Binauthz conifguration for the cluster. Deprecated: This field will be ignored and should not be set." }, "cluster": { "type": "string", "description": "The user-specified cluster name used by Config Sync cluster-name-selector annotation or ClusterSelector, for applying configs to only a subset of clusters. Omit this field if the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector. Set this field if a name different from the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector." }, "configSync": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ConfigManagementConfigSyncResponse", "description": "Config Sync configuration for the cluster." }, "hierarchyController": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ConfigManagementHierarchyControllerConfigResponse", "description": "Hierarchy Controller configuration for the cluster." }, "policyController": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ConfigManagementPolicyControllerResponse", "description": "Policy Controller configuration for the cluster." }, "version": { "type": "string", "description": "Version of ACM installed." } }, "type": "object", "required": [ "binauthz", "cluster", "configSync", "hierarchyController", "policyController", "version" ] }, "google-native:gkehub/v1alpha:ConfigManagementOciConfig": { "description": "OCI repo configuration for a single cluster", "properties": { "gcpServiceAccountEmail": { "type": "string", "description": "The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount." }, "policyDir": { "type": "string", "description": "The absolute path of the directory that contains the local resources. Default: the root directory of the image." }, "secretType": { "type": "string", "description": "Type of secret configured for access to the Git repo." }, "syncRepo": { "type": "string", "description": "The OCI image repository URL for the package to sync from. e.g. `LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME`." }, "syncWaitSecs": { "type": "string", "description": "Period in seconds between consecutive syncs. Default: 15." } }, "type": "object" }, "google-native:gkehub/v1alpha:ConfigManagementOciConfigResponse": { "description": "OCI repo configuration for a single cluster", "properties": { "gcpServiceAccountEmail": { "type": "string", "description": "The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount." }, "policyDir": { "type": "string", "description": "The absolute path of the directory that contains the local resources. Default: the root directory of the image." }, "secretType": { "type": "string", "description": "Type of secret configured for access to the Git repo." }, "syncRepo": { "type": "string", "description": "The OCI image repository URL for the package to sync from. e.g. `LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME`." }, "syncWaitSecs": { "type": "string", "description": "Period in seconds between consecutive syncs. Default: 15." } }, "type": "object", "required": [ "gcpServiceAccountEmail", "policyDir", "secretType", "syncRepo", "syncWaitSecs" ] }, "google-native:gkehub/v1alpha:ConfigManagementPolicyController": { "description": "Configuration for Policy Controller", "properties": { "auditIntervalSeconds": { "type": "string", "description": "Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether." }, "enabled": { "type": "boolean", "description": "Enables the installation of Policy Controller. If false, the rest of PolicyController fields take no effect." }, "exemptableNamespaces": { "type": "array", "items": { "type": "string" }, "description": "The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster." }, "logDeniesEnabled": { "type": "boolean", "description": "Logs all denies and dry run failures." }, "monitoring": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ConfigManagementPolicyControllerMonitoring", "description": "Monitoring specifies the configuration of monitoring." }, "mutationEnabled": { "type": "boolean", "description": "Enable or disable mutation in policy controller. If true, mutation CRDs, webhook and controller deployment will be deployed to the cluster." }, "referentialRulesEnabled": { "type": "boolean", "description": "Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated." }, "templateLibraryInstalled": { "type": "boolean", "description": "Installs the default template library along with Policy Controller." } }, "type": "object" }, "google-native:gkehub/v1alpha:ConfigManagementPolicyControllerMonitoring": { "description": "PolicyControllerMonitoring specifies the backends Policy Controller should export metrics to. For example, to specify metrics should be exported to Cloud Monitoring and Prometheus, specify backends: [\"cloudmonitoring\", \"prometheus\"]", "properties": { "backends": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ConfigManagementPolicyControllerMonitoringBackendsItem" }, "description": "Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export." } }, "type": "object" }, "google-native:gkehub/v1alpha:ConfigManagementPolicyControllerMonitoringBackendsItem": { "type": "string", "enum": [ { "name": "MonitoringBackendUnspecified", "description": "Backend cannot be determined", "value": "MONITORING_BACKEND_UNSPECIFIED" }, { "name": "Prometheus", "description": "Prometheus backend for monitoring", "value": "PROMETHEUS" }, { "name": "CloudMonitoring", "description": "Stackdriver/Cloud Monitoring backend for monitoring", "value": "CLOUD_MONITORING" } ] }, "google-native:gkehub/v1alpha:ConfigManagementPolicyControllerMonitoringResponse": { "description": "PolicyControllerMonitoring specifies the backends Policy Controller should export metrics to. For example, to specify metrics should be exported to Cloud Monitoring and Prometheus, specify backends: [\"cloudmonitoring\", \"prometheus\"]", "properties": { "backends": { "type": "array", "items": { "type": "string" }, "description": "Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export." } }, "type": "object", "required": [ "backends" ] }, "google-native:gkehub/v1alpha:ConfigManagementPolicyControllerResponse": { "description": "Configuration for Policy Controller", "properties": { "auditIntervalSeconds": { "type": "string", "description": "Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether." }, "enabled": { "type": "boolean", "description": "Enables the installation of Policy Controller. If false, the rest of PolicyController fields take no effect." }, "exemptableNamespaces": { "type": "array", "items": { "type": "string" }, "description": "The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster." }, "logDeniesEnabled": { "type": "boolean", "description": "Logs all denies and dry run failures." }, "monitoring": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ConfigManagementPolicyControllerMonitoringResponse", "description": "Monitoring specifies the configuration of monitoring." }, "mutationEnabled": { "type": "boolean", "description": "Enable or disable mutation in policy controller. If true, mutation CRDs, webhook and controller deployment will be deployed to the cluster." }, "referentialRulesEnabled": { "type": "boolean", "description": "Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated." }, "templateLibraryInstalled": { "type": "boolean", "description": "Installs the default template library along with Policy Controller." }, "updateTime": { "type": "string", "description": "Last time this membership spec was updated." } }, "type": "object", "required": [ "auditIntervalSeconds", "enabled", "exemptableNamespaces", "logDeniesEnabled", "monitoring", "mutationEnabled", "referentialRulesEnabled", "templateLibraryInstalled", "updateTime" ] }, "google-native:gkehub/v1alpha:DefaultClusterConfig": { "description": "DefaultClusterConfig describes the default cluster configurations to be applied to all clusters born-in-fleet.", "properties": { "binaryAuthorizationConfig": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:BinaryAuthorizationConfig", "description": "Optional. Enable/Disable binary authorization features for the cluster." }, "securityPostureConfig": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:SecurityPostureConfig", "description": "Enable/Disable Security Posture features for the cluster." } }, "type": "object" }, "google-native:gkehub/v1alpha:DefaultClusterConfigResponse": { "description": "DefaultClusterConfig describes the default cluster configurations to be applied to all clusters born-in-fleet.", "properties": { "binaryAuthorizationConfig": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:BinaryAuthorizationConfigResponse", "description": "Optional. Enable/Disable binary authorization features for the cluster." }, "securityPostureConfig": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:SecurityPostureConfigResponse", "description": "Enable/Disable Security Posture features for the cluster." } }, "type": "object", "required": [ "binaryAuthorizationConfig", "securityPostureConfig" ] }, "google-native:gkehub/v1alpha:EdgeCluster": { "description": "EdgeCluster contains information specific to Google Edge Clusters.", "properties": { "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the Edge Cluster. For example: //edgecontainer.googleapis.com/projects/my-project/locations/us-west1-a/clusters/my-cluster" } }, "type": "object" }, "google-native:gkehub/v1alpha:EdgeClusterResponse": { "description": "EdgeCluster contains information specific to Google Edge Clusters.", "properties": { "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the Edge Cluster. For example: //edgecontainer.googleapis.com/projects/my-project/locations/us-west1-a/clusters/my-cluster" } }, "type": "object", "required": [ "resourceLink" ] }, "google-native:gkehub/v1alpha:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:gkehub/v1alpha:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:gkehub/v1alpha:FeatureResourceStateResponse": { "description": "FeatureResourceState describes the state of a Feature *resource* in the GkeHub API. See `FeatureState` for the \"running state\" of the Feature in the Hub and across Memberships.", "properties": { "state": { "type": "string", "description": "The current state of the Feature resource in the Hub API." } }, "type": "object", "required": [ "state" ] }, "google-native:gkehub/v1alpha:FeatureSpec": { "description": "**Workload Certificate**: The Hub-wide input for the WorkloadCertificate feature.", "properties": { "defaultConfig": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:MembershipSpec", "description": "Specifies default membership spec. Users can override the default in the member_configs for each member." }, "provisionGoogleCa": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:FeatureSpecProvisionGoogleCa", "description": "Immutable. Specifies CA configuration." } }, "type": "object" }, "google-native:gkehub/v1alpha:FeatureSpecProvisionGoogleCa": { "description": "Immutable. Specifies CA configuration.", "type": "string", "enum": [ { "name": "GoogleCaProvisioningUnspecified", "description": "Disable default Google managed CA.", "value": "GOOGLE_CA_PROVISIONING_UNSPECIFIED" }, { "name": "Disabled", "description": "Disable default Google managed CA.", "value": "DISABLED" }, { "name": "Enabled", "description": "Use default Google managed CA.", "value": "ENABLED" }, { "name": "EnabledWithManagedCa", "description": "Workload certificate feature is enabled, and the entire certificate provisioning process is managed by Google with managed CAS which is more secure than the default CA.", "value": "ENABLED_WITH_MANAGED_CA" }, { "name": "EnabledWithDefaultCa", "description": "Workload certificate feature is enabled, and the entire certificate provisioning process is using the default CA which is free.", "value": "ENABLED_WITH_DEFAULT_CA" } ] }, "google-native:gkehub/v1alpha:FeatureSpecResponse": { "description": "**Workload Certificate**: The Hub-wide input for the WorkloadCertificate feature.", "properties": { "defaultConfig": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:MembershipSpecResponse", "description": "Specifies default membership spec. Users can override the default in the member_configs for each member." }, "provisionGoogleCa": { "type": "string", "description": "Immutable. Specifies CA configuration." } }, "type": "object", "required": [ "defaultConfig", "provisionGoogleCa" ] }, "google-native:gkehub/v1alpha:FeatureStateResponse": { "description": "FeatureState describes the high-level state of a Feature. It may be used to describe a Feature's state at the environ-level, or per-membershop, depending on the context.", "properties": { "code": { "type": "string", "description": "The high-level, machine-readable status of this Feature." }, "description": { "type": "string", "description": "A human-readable description of the current status." }, "updateTime": { "type": "string", "description": "The time this status and any related Feature-specific details were updated." } }, "type": "object", "required": [ "code", "description", "updateTime" ] }, "google-native:gkehub/v1alpha:FleetLifecycleStateResponse": { "description": "FleetLifecycleState describes the state of a Fleet resource.", "properties": { "code": { "type": "string", "description": "The current state of the Fleet resource." } }, "type": "object", "required": [ "code" ] }, "google-native:gkehub/v1alpha:FleetObservabilityFeatureErrorResponse": { "description": "All error details of the fleet observability feature.", "properties": { "code": { "type": "string", "description": "The code of the error." }, "description": { "type": "string", "description": "A human-readable description of the current status." } }, "type": "object", "required": [ "code", "description" ] }, "google-native:gkehub/v1alpha:FleetObservabilityFeatureSpec": { "description": "**Fleet Observability**: The Hub-wide input for the FleetObservability feature.", "properties": { "loggingConfig": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:FleetObservabilityLoggingConfig", "description": "Specified if fleet logging feature is enabled for the entire fleet. If UNSPECIFIED, fleet logging feature is disabled for the entire fleet." } }, "type": "object" }, "google-native:gkehub/v1alpha:FleetObservabilityFeatureSpecResponse": { "description": "**Fleet Observability**: The Hub-wide input for the FleetObservability feature.", "properties": { "loggingConfig": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:FleetObservabilityLoggingConfigResponse", "description": "Specified if fleet logging feature is enabled for the entire fleet. If UNSPECIFIED, fleet logging feature is disabled for the entire fleet." } }, "type": "object", "required": [ "loggingConfig" ] }, "google-native:gkehub/v1alpha:FleetObservabilityFeatureStateResponse": { "description": "**FleetObservability**: Hub-wide Feature for FleetObservability feature. state.", "properties": { "logging": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:FleetObservabilityFleetObservabilityLoggingStateResponse", "description": "The feature state of default logging." }, "monitoring": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:FleetObservabilityFleetObservabilityMonitoringStateResponse", "description": "The feature state of fleet monitoring." } }, "type": "object", "required": [ "logging", "monitoring" ] }, "google-native:gkehub/v1alpha:FleetObservabilityFleetObservabilityBaseFeatureStateResponse": { "description": "Base state for fleet observability feature.", "properties": { "code": { "type": "string", "description": "The high-level, machine-readable status of this Feature." }, "errors": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:FleetObservabilityFeatureErrorResponse" }, "description": "Errors after reconciling the monitoring and logging feature if the code is not OK." } }, "type": "object", "required": [ "code", "errors" ] }, "google-native:gkehub/v1alpha:FleetObservabilityFleetObservabilityLoggingStateResponse": { "description": "Feature state for logging feature.", "properties": { "defaultLog": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:FleetObservabilityFleetObservabilityBaseFeatureStateResponse", "description": "The base feature state of fleet default log." }, "scopeLog": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:FleetObservabilityFleetObservabilityBaseFeatureStateResponse", "description": "The base feature state of fleet scope log." } }, "type": "object", "required": [ "defaultLog", "scopeLog" ] }, "google-native:gkehub/v1alpha:FleetObservabilityFleetObservabilityMonitoringStateResponse": { "description": "Feature state for monitoring feature.", "properties": { "state": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:FleetObservabilityFleetObservabilityBaseFeatureStateResponse", "description": "The base feature state of fleet monitoring feature." } }, "type": "object", "required": [ "state" ] }, "google-native:gkehub/v1alpha:FleetObservabilityLoggingConfig": { "description": "LoggingConfig defines the configuration for different types of logs.", "properties": { "defaultConfig": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:FleetObservabilityRoutingConfig", "description": "Specified if applying the default routing config to logs not specified in other configs." }, "fleetScopeLogsConfig": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:FleetObservabilityRoutingConfig", "description": "Specified if applying the routing config to all logs for all fleet scopes." } }, "type": "object" }, "google-native:gkehub/v1alpha:FleetObservabilityLoggingConfigResponse": { "description": "LoggingConfig defines the configuration for different types of logs.", "properties": { "defaultConfig": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:FleetObservabilityRoutingConfigResponse", "description": "Specified if applying the default routing config to logs not specified in other configs." }, "fleetScopeLogsConfig": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:FleetObservabilityRoutingConfigResponse", "description": "Specified if applying the routing config to all logs for all fleet scopes." } }, "type": "object", "required": [ "defaultConfig", "fleetScopeLogsConfig" ] }, "google-native:gkehub/v1alpha:FleetObservabilityRoutingConfig": { "description": "RoutingConfig configures the behaviour of fleet logging feature.", "properties": { "mode": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:FleetObservabilityRoutingConfigMode", "description": "mode configures the logs routing mode." } }, "type": "object" }, "google-native:gkehub/v1alpha:FleetObservabilityRoutingConfigMode": { "description": "mode configures the logs routing mode.", "type": "string", "enum": [ { "name": "ModeUnspecified", "description": "If UNSPECIFIED, fleet logging feature is disabled.", "value": "MODE_UNSPECIFIED" }, { "name": "Copy", "description": "logs will be copied to the destination project.", "value": "COPY" }, { "name": "Move", "description": "logs will be moved to the destination project.", "value": "MOVE" } ] }, "google-native:gkehub/v1alpha:FleetObservabilityRoutingConfigResponse": { "description": "RoutingConfig configures the behaviour of fleet logging feature.", "properties": { "mode": { "type": "string", "description": "mode configures the logs routing mode." } }, "type": "object", "required": [ "mode" ] }, "google-native:gkehub/v1alpha:GkeCluster": { "description": "GkeCluster contains information specific to GKE clusters.", "properties": { "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the GKE cluster. For example: //container.googleapis.com/projects/my-project/locations/us-west1-a/clusters/my-cluster Zonal clusters are also supported." } }, "type": "object" }, "google-native:gkehub/v1alpha:GkeClusterResponse": { "description": "GkeCluster contains information specific to GKE clusters.", "properties": { "clusterMissing": { "type": "boolean", "description": "If cluster_missing is set then it denotes that the GKE cluster no longer exists in the GKE Control Plane." }, "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the GKE cluster. For example: //container.googleapis.com/projects/my-project/locations/us-west1-a/clusters/my-cluster Zonal clusters are also supported." } }, "type": "object", "required": [ "clusterMissing", "resourceLink" ] }, "google-native:gkehub/v1alpha:IdentityServiceAuthMethod": { "description": "Configuration of an auth method for a member/cluster. Only one authentication method (e.g., OIDC and LDAP) can be set per AuthMethod.", "properties": { "azureadConfig": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:IdentityServiceAzureADConfig", "description": "AzureAD specific Configuration." }, "googleConfig": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:IdentityServiceGoogleConfig", "description": "GoogleConfig specific configuration." }, "name": { "type": "string", "description": "Identifier for auth config." }, "oidcConfig": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:IdentityServiceOidcConfig", "description": "OIDC specific configuration." }, "proxy": { "type": "string", "description": "Proxy server address to use for auth method." } }, "type": "object" }, "google-native:gkehub/v1alpha:IdentityServiceAuthMethodResponse": { "description": "Configuration of an auth method for a member/cluster. Only one authentication method (e.g., OIDC and LDAP) can be set per AuthMethod.", "properties": { "azureadConfig": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:IdentityServiceAzureADConfigResponse", "description": "AzureAD specific Configuration." }, "googleConfig": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:IdentityServiceGoogleConfigResponse", "description": "GoogleConfig specific configuration." }, "name": { "type": "string", "description": "Identifier for auth config." }, "oidcConfig": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:IdentityServiceOidcConfigResponse", "description": "OIDC specific configuration." }, "proxy": { "type": "string", "description": "Proxy server address to use for auth method." } }, "type": "object", "required": [ "azureadConfig", "googleConfig", "name", "oidcConfig", "proxy" ] }, "google-native:gkehub/v1alpha:IdentityServiceAzureADConfig": { "description": "Configuration for the AzureAD Auth flow.", "properties": { "clientId": { "type": "string", "description": "ID for the registered client application that makes authentication requests to the Azure AD identity provider." }, "clientSecret": { "type": "string", "description": "Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH." }, "kubectlRedirectUri": { "type": "string", "description": "The redirect URL that kubectl uses for authorization." }, "tenant": { "type": "string", "description": "Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant." } }, "type": "object" }, "google-native:gkehub/v1alpha:IdentityServiceAzureADConfigResponse": { "description": "Configuration for the AzureAD Auth flow.", "properties": { "clientId": { "type": "string", "description": "ID for the registered client application that makes authentication requests to the Azure AD identity provider." }, "clientSecret": { "type": "string", "description": "Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH." }, "encryptedClientSecret": { "type": "string", "description": "Encrypted AzureAD client secret." }, "kubectlRedirectUri": { "type": "string", "description": "The redirect URL that kubectl uses for authorization." }, "tenant": { "type": "string", "description": "Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant." } }, "type": "object", "required": [ "clientId", "clientSecret", "encryptedClientSecret", "kubectlRedirectUri", "tenant" ] }, "google-native:gkehub/v1alpha:IdentityServiceGoogleConfig": { "description": "Configuration for the Google Plugin Auth flow.", "properties": { "disable": { "type": "boolean", "description": "Disable automatic configuration of Google Plugin on supported platforms." } }, "type": "object" }, "google-native:gkehub/v1alpha:IdentityServiceGoogleConfigResponse": { "description": "Configuration for the Google Plugin Auth flow.", "properties": { "disable": { "type": "boolean", "description": "Disable automatic configuration of Google Plugin on supported platforms." } }, "type": "object", "required": [ "disable" ] }, "google-native:gkehub/v1alpha:IdentityServiceMembershipSpec": { "description": "**Anthos Identity Service**: Configuration for a single Membership.", "properties": { "authMethods": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:IdentityServiceAuthMethod" }, "description": "A member may support multiple auth methods." } }, "type": "object" }, "google-native:gkehub/v1alpha:IdentityServiceMembershipSpecResponse": { "description": "**Anthos Identity Service**: Configuration for a single Membership.", "properties": { "authMethods": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:IdentityServiceAuthMethodResponse" }, "description": "A member may support multiple auth methods." } }, "type": "object", "required": [ "authMethods" ] }, "google-native:gkehub/v1alpha:IdentityServiceOidcConfig": { "description": "Configuration for OIDC Auth flow.", "properties": { "certificateAuthorityData": { "type": "string", "description": "PEM-encoded CA for OIDC provider." }, "clientId": { "type": "string", "description": "ID for OIDC client application." }, "clientSecret": { "type": "string", "description": "Input only. Unencrypted OIDC client secret will be passed to the GKE Hub CLH." }, "deployCloudConsoleProxy": { "type": "boolean", "description": "Flag to denote if reverse proxy is used to connect to auth provider. This flag should be set to true when provider is not reachable by Google Cloud Console." }, "enableAccessToken": { "type": "boolean", "description": "Enable access token." }, "extraParams": { "type": "string", "description": "Comma-separated list of key-value pairs." }, "groupPrefix": { "type": "string", "description": "Prefix to prepend to group name." }, "groupsClaim": { "type": "string", "description": "Claim in OIDC ID token that holds group information." }, "issuerUri": { "type": "string", "description": "URI for the OIDC provider. This should point to the level below .well-known/openid-configuration." }, "kubectlRedirectUri": { "type": "string", "description": "Registered redirect uri to redirect users going through OAuth flow using kubectl plugin." }, "scopes": { "type": "string", "description": "Comma-separated list of identifiers." }, "userClaim": { "type": "string", "description": "Claim in OIDC ID token that holds username." }, "userPrefix": { "type": "string", "description": "Prefix to prepend to user name." } }, "type": "object" }, "google-native:gkehub/v1alpha:IdentityServiceOidcConfigResponse": { "description": "Configuration for OIDC Auth flow.", "properties": { "certificateAuthorityData": { "type": "string", "description": "PEM-encoded CA for OIDC provider." }, "clientId": { "type": "string", "description": "ID for OIDC client application." }, "clientSecret": { "type": "string", "description": "Input only. Unencrypted OIDC client secret will be passed to the GKE Hub CLH." }, "deployCloudConsoleProxy": { "type": "boolean", "description": "Flag to denote if reverse proxy is used to connect to auth provider. This flag should be set to true when provider is not reachable by Google Cloud Console." }, "enableAccessToken": { "type": "boolean", "description": "Enable access token." }, "encryptedClientSecret": { "type": "string", "description": "Encrypted OIDC Client secret" }, "extraParams": { "type": "string", "description": "Comma-separated list of key-value pairs." }, "groupPrefix": { "type": "string", "description": "Prefix to prepend to group name." }, "groupsClaim": { "type": "string", "description": "Claim in OIDC ID token that holds group information." }, "issuerUri": { "type": "string", "description": "URI for the OIDC provider. This should point to the level below .well-known/openid-configuration." }, "kubectlRedirectUri": { "type": "string", "description": "Registered redirect uri to redirect users going through OAuth flow using kubectl plugin." }, "scopes": { "type": "string", "description": "Comma-separated list of identifiers." }, "userClaim": { "type": "string", "description": "Claim in OIDC ID token that holds username." }, "userPrefix": { "type": "string", "description": "Prefix to prepend to user name." } }, "type": "object", "required": [ "certificateAuthorityData", "clientId", "clientSecret", "deployCloudConsoleProxy", "enableAccessToken", "encryptedClientSecret", "extraParams", "groupPrefix", "groupsClaim", "issuerUri", "kubectlRedirectUri", "scopes", "userClaim", "userPrefix" ] }, "google-native:gkehub/v1alpha:KubernetesMetadataResponse": { "description": "KubernetesMetadata provides informational metadata for Memberships representing Kubernetes clusters.", "properties": { "kubernetesApiServerVersion": { "type": "string", "description": "Kubernetes API server version string as reported by `/version`." }, "memoryMb": { "type": "integer", "description": "The total memory capacity as reported by the sum of all Kubernetes nodes resources, defined in MB." }, "nodeCount": { "type": "integer", "description": "Node count as reported by Kubernetes nodes resources." }, "nodeProviderId": { "type": "string", "description": "Node providerID as reported by the first node in the list of nodes on the Kubernetes endpoint. On Kubernetes platforms that support zero-node clusters (like GKE-on-GCP), the node_count will be zero and the node_provider_id will be empty." }, "updateTime": { "type": "string", "description": "The time at which these details were last updated. This update_time is different from the Membership-level update_time since EndpointDetails are updated internally for API consumers." }, "vcpuCount": { "type": "integer", "description": "vCPU count as reported by Kubernetes nodes resources." } }, "type": "object", "required": [ "kubernetesApiServerVersion", "memoryMb", "nodeCount", "nodeProviderId", "updateTime", "vcpuCount" ] }, "google-native:gkehub/v1alpha:KubernetesResource": { "description": "KubernetesResource contains the YAML manifests and configuration for Membership Kubernetes resources in the cluster. After CreateMembership or UpdateMembership, these resources should be re-applied in the cluster.", "properties": { "membershipCrManifest": { "type": "string", "description": "Input only. The YAML representation of the Membership CR. This field is ignored for GKE clusters where Hub can read the CR directly. Callers should provide the CR that is currently present in the cluster during CreateMembership or UpdateMembership, or leave this field empty if none exists. The CR manifest is used to validate the cluster has not been registered with another Membership." }, "resourceOptions": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ResourceOptions", "description": "Optional. Options for Kubernetes resource generation." } }, "type": "object" }, "google-native:gkehub/v1alpha:KubernetesResourceResponse": { "description": "KubernetesResource contains the YAML manifests and configuration for Membership Kubernetes resources in the cluster. After CreateMembership or UpdateMembership, these resources should be re-applied in the cluster.", "properties": { "connectResources": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ResourceManifestResponse" }, "description": "The Kubernetes resources for installing the GKE Connect agent This field is only populated in the Membership returned from a successful long-running operation from CreateMembership or UpdateMembership. It is not populated during normal GetMembership or ListMemberships requests. To get the resource manifest after the initial registration, the caller should make a UpdateMembership call with an empty field mask." }, "membershipCrManifest": { "type": "string", "description": "Input only. The YAML representation of the Membership CR. This field is ignored for GKE clusters where Hub can read the CR directly. Callers should provide the CR that is currently present in the cluster during CreateMembership or UpdateMembership, or leave this field empty if none exists. The CR manifest is used to validate the cluster has not been registered with another Membership." }, "membershipResources": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ResourceManifestResponse" }, "description": "Additional Kubernetes resources that need to be applied to the cluster after Membership creation, and after every update. This field is only populated in the Membership returned from a successful long-running operation from CreateMembership or UpdateMembership. It is not populated during normal GetMembership or ListMemberships requests. To get the resource manifest after the initial registration, the caller should make a UpdateMembership call with an empty field mask." }, "resourceOptions": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ResourceOptionsResponse", "description": "Optional. Options for Kubernetes resource generation." } }, "type": "object", "required": [ "connectResources", "membershipCrManifest", "membershipResources", "resourceOptions" ] }, "google-native:gkehub/v1alpha:MembershipBindingLifecycleStateResponse": { "description": "MembershipBindingLifecycleState describes the state of a Binding resource.", "properties": { "code": { "type": "string", "description": "The current state of the MembershipBinding resource." } }, "type": "object", "required": [ "code" ] }, "google-native:gkehub/v1alpha:MembershipEndpoint": { "description": "MembershipEndpoint contains information needed to contact a Kubernetes API, endpoint and any additional Kubernetes metadata.", "properties": { "applianceCluster": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ApplianceCluster", "description": "Optional. Specific information for a GDC Edge Appliance cluster." }, "edgeCluster": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:EdgeCluster", "description": "Optional. Specific information for a Google Edge cluster." }, "gkeCluster": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:GkeCluster", "description": "Optional. Specific information for a GKE-on-GCP cluster." }, "kubernetesResource": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:KubernetesResource", "description": "Optional. The in-cluster Kubernetes Resources that should be applied for a correctly registered cluster, in the steady state. These resources: * Ensure that the cluster is exclusively registered to one and only one Hub Membership. * Propagate Workload Pool Information available in the Membership Authority field. * Ensure proper initial configuration of default Hub Features." }, "multiCloudCluster": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:MultiCloudCluster", "description": "Optional. Specific information for a GKE Multi-Cloud cluster." }, "onPremCluster": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:OnPremCluster", "description": "Optional. Specific information for a GKE On-Prem cluster. An onprem user-cluster who has no resourceLink is not allowed to use this field, it should have a nil \"type\" instead." } }, "type": "object" }, "google-native:gkehub/v1alpha:MembershipEndpointResponse": { "description": "MembershipEndpoint contains information needed to contact a Kubernetes API, endpoint and any additional Kubernetes metadata.", "properties": { "applianceCluster": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ApplianceClusterResponse", "description": "Optional. Specific information for a GDC Edge Appliance cluster." }, "edgeCluster": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:EdgeClusterResponse", "description": "Optional. Specific information for a Google Edge cluster." }, "gkeCluster": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:GkeClusterResponse", "description": "Optional. Specific information for a GKE-on-GCP cluster." }, "googleManaged": { "type": "boolean", "description": "Whether the lifecycle of this membership is managed by a google cluster platform service." }, "kubernetesMetadata": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:KubernetesMetadataResponse", "description": "Useful Kubernetes-specific metadata." }, "kubernetesResource": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:KubernetesResourceResponse", "description": "Optional. The in-cluster Kubernetes Resources that should be applied for a correctly registered cluster, in the steady state. These resources: * Ensure that the cluster is exclusively registered to one and only one Hub Membership. * Propagate Workload Pool Information available in the Membership Authority field. * Ensure proper initial configuration of default Hub Features." }, "multiCloudCluster": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:MultiCloudClusterResponse", "description": "Optional. Specific information for a GKE Multi-Cloud cluster." }, "onPremCluster": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:OnPremClusterResponse", "description": "Optional. Specific information for a GKE On-Prem cluster. An onprem user-cluster who has no resourceLink is not allowed to use this field, it should have a nil \"type\" instead." } }, "type": "object", "required": [ "applianceCluster", "edgeCluster", "gkeCluster", "googleManaged", "kubernetesMetadata", "kubernetesResource", "multiCloudCluster", "onPremCluster" ] }, "google-native:gkehub/v1alpha:MembershipSpec": { "description": "**Workload Certificate**: The membership-specific input for WorkloadCertificate feature.", "properties": { "certificateManagement": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:MembershipSpecCertificateManagement", "description": "Specifies workload certificate management." } }, "type": "object" }, "google-native:gkehub/v1alpha:MembershipSpecCertificateManagement": { "description": "Specifies workload certificate management.", "type": "string", "enum": [ { "name": "CertificateManagementUnspecified", "description": "Disable workload certificate feature.", "value": "CERTIFICATE_MANAGEMENT_UNSPECIFIED" }, { "name": "Disabled", "description": "Disable workload certificate feature.", "value": "DISABLED" }, { "name": "Enabled", "description": "Enable workload certificate feature.", "value": "ENABLED" } ] }, "google-native:gkehub/v1alpha:MembershipSpecResponse": { "description": "**Workload Certificate**: The membership-specific input for WorkloadCertificate feature.", "properties": { "certificateManagement": { "type": "string", "description": "Specifies workload certificate management." } }, "type": "object", "required": [ "certificateManagement" ] }, "google-native:gkehub/v1alpha:MembershipStateResponse": { "description": "MembershipState describes the state of a Membership resource.", "properties": { "code": { "type": "string", "description": "The current state of the Membership resource." } }, "type": "object", "required": [ "code" ] }, "google-native:gkehub/v1alpha:MonitoringConfig": { "description": "MonitoringConfig informs Fleet-based applications/services/UIs how the metrics for the underlying cluster is reported to cloud monitoring services. It can be set from empty to non-empty, but can't be mutated directly to prevent accidentally breaking the constinousty of metrics.", "properties": { "cluster": { "type": "string", "description": "Optional. Cluster name used to report metrics. For Anthos on VMWare/Baremetal/MultiCloud clusters, it would be in format {cluster_type}/{cluster_name}, e.g., \"awsClusters/cluster_1\"." }, "clusterHash": { "type": "string", "description": "Optional. For GKE and Multicloud clusters, this is the UUID of the cluster resource. For VMWare and Baremetal clusters, this is the kube-system UID." }, "kubernetesMetricsPrefix": { "type": "string", "description": "Optional. Kubernetes system metrics, if available, are written to this prefix. This defaults to kubernetes.io for GKE, and kubernetes.io/anthos for Anthos eventually. Noted: Anthos MultiCloud will have kubernetes.io prefix today but will migration to be under kubernetes.io/anthos." }, "location": { "type": "string", "description": "Optional. Location used to report Metrics" }, "project": { "type": "string", "description": "Optional. Project used to report Metrics" } }, "type": "object" }, "google-native:gkehub/v1alpha:MonitoringConfigResponse": { "description": "MonitoringConfig informs Fleet-based applications/services/UIs how the metrics for the underlying cluster is reported to cloud monitoring services. It can be set from empty to non-empty, but can't be mutated directly to prevent accidentally breaking the constinousty of metrics.", "properties": { "cluster": { "type": "string", "description": "Optional. Cluster name used to report metrics. For Anthos on VMWare/Baremetal/MultiCloud clusters, it would be in format {cluster_type}/{cluster_name}, e.g., \"awsClusters/cluster_1\"." }, "clusterHash": { "type": "string", "description": "Optional. For GKE and Multicloud clusters, this is the UUID of the cluster resource. For VMWare and Baremetal clusters, this is the kube-system UID." }, "kubernetesMetricsPrefix": { "type": "string", "description": "Optional. Kubernetes system metrics, if available, are written to this prefix. This defaults to kubernetes.io for GKE, and kubernetes.io/anthos for Anthos eventually. Noted: Anthos MultiCloud will have kubernetes.io prefix today but will migration to be under kubernetes.io/anthos." }, "location": { "type": "string", "description": "Optional. Location used to report Metrics" }, "project": { "type": "string", "description": "Optional. Project used to report Metrics" } }, "type": "object", "required": [ "cluster", "clusterHash", "kubernetesMetricsPrefix", "location", "project" ] }, "google-native:gkehub/v1alpha:MultiCloudCluster": { "description": "MultiCloudCluster contains information specific to GKE Multi-Cloud clusters.", "properties": { "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the GKE Multi-Cloud cluster. For example: //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/awsClusters/my-cluster //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/azureClusters/my-cluster //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/attachedClusters/my-cluster" } }, "type": "object" }, "google-native:gkehub/v1alpha:MultiCloudClusterResponse": { "description": "MultiCloudCluster contains information specific to GKE Multi-Cloud clusters.", "properties": { "clusterMissing": { "type": "boolean", "description": "If cluster_missing is set then it denotes that API(gkemulticloud.googleapis.com) resource for this GKE Multi-Cloud cluster no longer exists." }, "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the GKE Multi-Cloud cluster. For example: //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/awsClusters/my-cluster //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/azureClusters/my-cluster //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/attachedClusters/my-cluster" } }, "type": "object", "required": [ "clusterMissing", "resourceLink" ] }, "google-native:gkehub/v1alpha:MultiClusterIngressFeatureSpec": { "description": "**Multi-cluster Ingress**: The configuration for the MultiClusterIngress feature.", "properties": { "billing": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:MultiClusterIngressFeatureSpecBilling", "description": "Deprecated: This field will be ignored and should not be set. Customer's billing structure.", "deprecationMessage": "Deprecated: This field will be ignored and should not be set. Customer's billing structure." }, "configMembership": { "type": "string", "description": "Fully-qualified Membership name which hosts the MultiClusterIngress CRD. Example: `projects/foo-proj/locations/global/memberships/bar`" } }, "type": "object" }, "google-native:gkehub/v1alpha:MultiClusterIngressFeatureSpecBilling": { "description": "Deprecated: This field will be ignored and should not be set. Customer's billing structure.", "type": "string", "enum": [ { "name": "BillingUnspecified", "description": "Unknown", "value": "BILLING_UNSPECIFIED" }, { "name": "PayAsYouGo", "description": "User pays a fee per-endpoint.", "value": "PAY_AS_YOU_GO" }, { "name": "AnthosLicense", "description": "User is paying for Anthos as a whole.", "value": "ANTHOS_LICENSE" } ] }, "google-native:gkehub/v1alpha:MultiClusterIngressFeatureSpecResponse": { "description": "**Multi-cluster Ingress**: The configuration for the MultiClusterIngress feature.", "properties": { "billing": { "type": "string", "description": "Deprecated: This field will be ignored and should not be set. Customer's billing structure.", "deprecationMessage": "Deprecated: This field will be ignored and should not be set. Customer's billing structure." }, "configMembership": { "type": "string", "description": "Fully-qualified Membership name which hosts the MultiClusterIngress CRD. Example: `projects/foo-proj/locations/global/memberships/bar`" } }, "type": "object", "required": [ "billing", "configMembership" ] }, "google-native:gkehub/v1alpha:NamespaceActuationFeatureSpec": { "description": "An empty spec for actuation feature. This is required since Feature proto requires a spec.", "properties": { "actuationMode": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:NamespaceActuationFeatureSpecActuationMode", "description": "actuation_mode controls the behavior of the controller" } }, "type": "object" }, "google-native:gkehub/v1alpha:NamespaceActuationFeatureSpecActuationMode": { "description": "actuation_mode controls the behavior of the controller", "type": "string", "enum": [ { "name": "ActuationModeUnspecified", "description": "ACTUATION_MODE_UNSPECIFIED is similar to CREATE_AND_DELETE_IF_CREATED in the default controller behavior.", "value": "ACTUATION_MODE_UNSPECIFIED" }, { "name": "ActuationModeCreateAndDeleteIfCreated", "description": "ACTUATION_MODE_CREATE_AND_DELETE_IF_CREATED has the controller create cluster namespaces for each fleet namespace and it deletes only the ones it created, which are identified by a label.", "value": "ACTUATION_MODE_CREATE_AND_DELETE_IF_CREATED" }, { "name": "ActuationModeAddAndRemoveFleetLabels", "description": "ACTUATION_MODE_ADD_AND_REMOVE_FLEET_LABELS has the controller only apply labels to cluster namespaces to signal fleet namespace enablement. It doesn't create or delete cluster namespaces.", "value": "ACTUATION_MODE_ADD_AND_REMOVE_FLEET_LABELS" } ] }, "google-native:gkehub/v1alpha:NamespaceActuationFeatureSpecResponse": { "description": "An empty spec for actuation feature. This is required since Feature proto requires a spec.", "properties": { "actuationMode": { "type": "string", "description": "actuation_mode controls the behavior of the controller" } }, "type": "object", "required": [ "actuationMode" ] }, "google-native:gkehub/v1alpha:NamespaceActuationFeatureStateResponse": { "description": "NamespaceActuation Feature State.", "type": "object" }, "google-native:gkehub/v1alpha:NamespaceLifecycleStateResponse": { "description": "NamespaceLifecycleState describes the state of a Namespace resource.", "properties": { "code": { "type": "string", "description": "The current state of the Namespace resource." } }, "type": "object", "required": [ "code" ] }, "google-native:gkehub/v1alpha:OnPremCluster": { "description": "OnPremCluster contains information specific to GKE On-Prem clusters.", "properties": { "adminCluster": { "type": "boolean", "description": "Immutable. Whether the cluster is an admin cluster." }, "clusterType": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:OnPremClusterClusterType", "description": "Immutable. The on prem cluster's type." }, "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the GKE On-Prem cluster. For example: //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/vmwareClusters/my-cluster //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/bareMetalClusters/my-cluster" } }, "type": "object" }, "google-native:gkehub/v1alpha:OnPremClusterClusterType": { "description": "Immutable. The on prem cluster's type.", "type": "string", "enum": [ { "name": "ClustertypeUnspecified", "description": "The ClusterType is not set.", "value": "CLUSTERTYPE_UNSPECIFIED" }, { "name": "Bootstrap", "description": "The ClusterType is bootstrap cluster.", "value": "BOOTSTRAP" }, { "name": "Hybrid", "description": "The ClusterType is baremetal hybrid cluster.", "value": "HYBRID" }, { "name": "Standalone", "description": "The ClusterType is baremetal standalone cluster.", "value": "STANDALONE" }, { "name": "User", "description": "The ClusterType is user cluster.", "value": "USER" } ] }, "google-native:gkehub/v1alpha:OnPremClusterResponse": { "description": "OnPremCluster contains information specific to GKE On-Prem clusters.", "properties": { "adminCluster": { "type": "boolean", "description": "Immutable. Whether the cluster is an admin cluster." }, "clusterMissing": { "type": "boolean", "description": "If cluster_missing is set then it denotes that API(gkeonprem.googleapis.com) resource for this GKE On-Prem cluster no longer exists." }, "clusterType": { "type": "string", "description": "Immutable. The on prem cluster's type." }, "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the GKE On-Prem cluster. For example: //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/vmwareClusters/my-cluster //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/bareMetalClusters/my-cluster" } }, "type": "object", "required": [ "adminCluster", "clusterMissing", "clusterType", "resourceLink" ] }, "google-native:gkehub/v1alpha:PolicyBinding": { "description": "Binauthz policy that applies to this cluster.", "properties": { "name": { "type": "string", "description": "The relative resource name of the binauthz platform policy to audit. GKE platform policies have the following format: `projects/{project_number}/platforms/gke/policies/{policy_id}`." } }, "type": "object" }, "google-native:gkehub/v1alpha:PolicyBindingResponse": { "description": "Binauthz policy that applies to this cluster.", "properties": { "name": { "type": "string", "description": "The relative resource name of the binauthz platform policy to audit. GKE platform policies have the following format: `projects/{project_number}/platforms/gke/policies/{policy_id}`." } }, "type": "object", "required": [ "name" ] }, "google-native:gkehub/v1alpha:PolicyControllerHubConfig": { "description": "Configuration for Policy Controller", "properties": { "auditIntervalSeconds": { "type": "string", "description": "Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether." }, "constraintViolationLimit": { "type": "string", "description": "The maximum number of audit violations to be stored in a constraint. If not set, the internal default (currently 20) will be used." }, "deploymentConfigs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of deployment configs to deployments (\"admission\", \"audit\", \"mutation')." }, "exemptableNamespaces": { "type": "array", "items": { "type": "string" }, "description": "The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster." }, "installSpec": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:PolicyControllerHubConfigInstallSpec", "description": "The install_spec represents the intended state specified by the latest request that mutated install_spec in the feature spec, not the lifecycle state of the feature observed by the Hub feature controller that is reported in the feature state." }, "logDeniesEnabled": { "type": "boolean", "description": "Logs all denies and dry run failures." }, "monitoring": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:PolicyControllerMonitoringConfig", "description": "Monitoring specifies the configuration of monitoring." }, "mutationEnabled": { "type": "boolean", "description": "Enables the ability to mutate resources using Policy Controller." }, "policyContent": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:PolicyControllerPolicyContentSpec", "description": "Specifies the desired policy content on the cluster" }, "referentialRulesEnabled": { "type": "boolean", "description": "Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated." } }, "type": "object" }, "google-native:gkehub/v1alpha:PolicyControllerHubConfigInstallSpec": { "description": "The install_spec represents the intended state specified by the latest request that mutated install_spec in the feature spec, not the lifecycle state of the feature observed by the Hub feature controller that is reported in the feature state.", "type": "string", "enum": [ { "name": "InstallSpecUnspecified", "description": "Spec is unknown.", "value": "INSTALL_SPEC_UNSPECIFIED" }, { "name": "InstallSpecNotInstalled", "description": "Request to uninstall Policy Controller.", "value": "INSTALL_SPEC_NOT_INSTALLED" }, { "name": "InstallSpecEnabled", "description": "Request to install and enable Policy Controller.", "value": "INSTALL_SPEC_ENABLED" }, { "name": "InstallSpecSuspended", "description": "Request to suspend Policy Controller i.e. its webhooks. If Policy Controller is not installed, it will be installed but suspended.", "value": "INSTALL_SPEC_SUSPENDED" }, { "name": "InstallSpecDetached", "description": "Request to stop all reconciliation actions by PoCo Hub controller. This is a breakglass mechanism to stop PoCo Hub from affecting cluster resources.", "value": "INSTALL_SPEC_DETACHED" } ] }, "google-native:gkehub/v1alpha:PolicyControllerHubConfigResponse": { "description": "Configuration for Policy Controller", "properties": { "auditIntervalSeconds": { "type": "string", "description": "Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether." }, "constraintViolationLimit": { "type": "string", "description": "The maximum number of audit violations to be stored in a constraint. If not set, the internal default (currently 20) will be used." }, "deploymentConfigs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of deployment configs to deployments (\"admission\", \"audit\", \"mutation')." }, "exemptableNamespaces": { "type": "array", "items": { "type": "string" }, "description": "The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster." }, "installSpec": { "type": "string", "description": "The install_spec represents the intended state specified by the latest request that mutated install_spec in the feature spec, not the lifecycle state of the feature observed by the Hub feature controller that is reported in the feature state." }, "logDeniesEnabled": { "type": "boolean", "description": "Logs all denies and dry run failures." }, "monitoring": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:PolicyControllerMonitoringConfigResponse", "description": "Monitoring specifies the configuration of monitoring." }, "mutationEnabled": { "type": "boolean", "description": "Enables the ability to mutate resources using Policy Controller." }, "policyContent": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:PolicyControllerPolicyContentSpecResponse", "description": "Specifies the desired policy content on the cluster" }, "referentialRulesEnabled": { "type": "boolean", "description": "Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated." } }, "type": "object", "required": [ "auditIntervalSeconds", "constraintViolationLimit", "deploymentConfigs", "exemptableNamespaces", "installSpec", "logDeniesEnabled", "monitoring", "mutationEnabled", "policyContent", "referentialRulesEnabled" ] }, "google-native:gkehub/v1alpha:PolicyControllerMembershipSpec": { "description": "**Policy Controller**: Configuration for a single cluster. Intended to parallel the PolicyController CR.", "properties": { "policyControllerHubConfig": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:PolicyControllerHubConfig", "description": "Policy Controller configuration for the cluster." }, "version": { "type": "string", "description": "Version of Policy Controller installed." } }, "type": "object" }, "google-native:gkehub/v1alpha:PolicyControllerMembershipSpecResponse": { "description": "**Policy Controller**: Configuration for a single cluster. Intended to parallel the PolicyController CR.", "properties": { "policyControllerHubConfig": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:PolicyControllerHubConfigResponse", "description": "Policy Controller configuration for the cluster." }, "version": { "type": "string", "description": "Version of Policy Controller installed." } }, "type": "object", "required": [ "policyControllerHubConfig", "version" ] }, "google-native:gkehub/v1alpha:PolicyControllerMonitoringConfig": { "description": "MonitoringConfig specifies the backends Policy Controller should export metrics to. For example, to specify metrics should be exported to Cloud Monitoring and Prometheus, specify backends: [\"cloudmonitoring\", \"prometheus\"]", "properties": { "backends": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:PolicyControllerMonitoringConfigBackendsItem" }, "description": "Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export." } }, "type": "object" }, "google-native:gkehub/v1alpha:PolicyControllerMonitoringConfigBackendsItem": { "type": "string", "enum": [ { "name": "MonitoringBackendUnspecified", "description": "Backend cannot be determined", "value": "MONITORING_BACKEND_UNSPECIFIED" }, { "name": "Prometheus", "description": "Prometheus backend for monitoring", "value": "PROMETHEUS" }, { "name": "CloudMonitoring", "description": "Stackdriver/Cloud Monitoring backend for monitoring", "value": "CLOUD_MONITORING" } ] }, "google-native:gkehub/v1alpha:PolicyControllerMonitoringConfigResponse": { "description": "MonitoringConfig specifies the backends Policy Controller should export metrics to. For example, to specify metrics should be exported to Cloud Monitoring and Prometheus, specify backends: [\"cloudmonitoring\", \"prometheus\"]", "properties": { "backends": { "type": "array", "items": { "type": "string" }, "description": "Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export." } }, "type": "object", "required": [ "backends" ] }, "google-native:gkehub/v1alpha:PolicyControllerPolicyContentSpec": { "description": "PolicyContentSpec defines the user's desired content configuration on the cluster.", "properties": { "bundles": { "type": "object", "additionalProperties": { "type": "string" }, "description": "map of bundle name to BundleInstallSpec. The bundle name maps to the `bundleName` key in the `policycontroller.gke.io/constraintData` annotation on a constraint." }, "templateLibrary": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:PolicyControllerTemplateLibraryConfig", "description": "Configures the installation of the Template Library." } }, "type": "object" }, "google-native:gkehub/v1alpha:PolicyControllerPolicyContentSpecResponse": { "description": "PolicyContentSpec defines the user's desired content configuration on the cluster.", "properties": { "bundles": { "type": "object", "additionalProperties": { "type": "string" }, "description": "map of bundle name to BundleInstallSpec. The bundle name maps to the `bundleName` key in the `policycontroller.gke.io/constraintData` annotation on a constraint." }, "templateLibrary": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:PolicyControllerTemplateLibraryConfigResponse", "description": "Configures the installation of the Template Library." } }, "type": "object", "required": [ "bundles", "templateLibrary" ] }, "google-native:gkehub/v1alpha:PolicyControllerTemplateLibraryConfig": { "description": "The config specifying which default library templates to install.", "properties": { "installation": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:PolicyControllerTemplateLibraryConfigInstallation", "description": "Configures the manner in which the template library is installed on the cluster." } }, "type": "object" }, "google-native:gkehub/v1alpha:PolicyControllerTemplateLibraryConfigInstallation": { "description": "Configures the manner in which the template library is installed on the cluster.", "type": "string", "enum": [ { "name": "InstallationUnspecified", "description": "No installation strategy has been specified.", "value": "INSTALLATION_UNSPECIFIED" }, { "name": "NotInstalled", "description": "Do not install the template library.", "value": "NOT_INSTALLED" }, { "name": "All", "description": "Install the entire template library.", "value": "ALL" } ] }, "google-native:gkehub/v1alpha:PolicyControllerTemplateLibraryConfigResponse": { "description": "The config specifying which default library templates to install.", "properties": { "installation": { "type": "string", "description": "Configures the manner in which the template library is installed on the cluster." } }, "type": "object", "required": [ "installation" ] }, "google-native:gkehub/v1alpha:RBACRoleBindingLifecycleStateResponse": { "description": "RBACRoleBindingLifecycleState describes the state of a RbacRoleBinding resource.", "properties": { "code": { "type": "string", "description": "The current state of the rbacrolebinding resource." } }, "type": "object", "required": [ "code" ] }, "google-native:gkehub/v1alpha:ResourceManifestResponse": { "description": "ResourceManifest represents a single Kubernetes resource to be applied to the cluster.", "properties": { "clusterScoped": { "type": "boolean", "description": "Whether the resource provided in the manifest is `cluster_scoped`. If unset, the manifest is assumed to be namespace scoped. This field is used for REST mapping when applying the resource in a cluster." }, "manifest": { "type": "string", "description": "YAML manifest of the resource." } }, "type": "object", "required": [ "clusterScoped", "manifest" ] }, "google-native:gkehub/v1alpha:ResourceOptions": { "description": "ResourceOptions represent options for Kubernetes resource generation.", "properties": { "connectVersion": { "type": "string", "description": "Optional. The Connect agent version to use for connect_resources. Defaults to the latest GKE Connect version. The version must be a currently supported version, obsolete versions will be rejected." }, "k8sVersion": { "type": "string", "description": "Optional. Major version of the Kubernetes cluster. This is only used to determine which version to use for the CustomResourceDefinition resources, `apiextensions/v1beta1` or`apiextensions/v1`." }, "v1beta1Crd": { "type": "boolean", "description": "Optional. Use `apiextensions/v1beta1` instead of `apiextensions/v1` for CustomResourceDefinition resources. This option should be set for clusters with Kubernetes apiserver versions <1.16." } }, "type": "object" }, "google-native:gkehub/v1alpha:ResourceOptionsResponse": { "description": "ResourceOptions represent options for Kubernetes resource generation.", "properties": { "connectVersion": { "type": "string", "description": "Optional. The Connect agent version to use for connect_resources. Defaults to the latest GKE Connect version. The version must be a currently supported version, obsolete versions will be rejected." }, "k8sVersion": { "type": "string", "description": "Optional. Major version of the Kubernetes cluster. This is only used to determine which version to use for the CustomResourceDefinition resources, `apiextensions/v1beta1` or`apiextensions/v1`." }, "v1beta1Crd": { "type": "boolean", "description": "Optional. Use `apiextensions/v1beta1` instead of `apiextensions/v1` for CustomResourceDefinition resources. This option should be set for clusters with Kubernetes apiserver versions <1.16." } }, "type": "object", "required": [ "connectVersion", "k8sVersion", "v1beta1Crd" ] }, "google-native:gkehub/v1alpha:Role": { "description": "Role is the type for Kubernetes roles", "properties": { "predefinedRole": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:RolePredefinedRole", "description": "predefined_role is the Kubernetes default role to use" } }, "type": "object" }, "google-native:gkehub/v1alpha:RolePredefinedRole": { "description": "predefined_role is the Kubernetes default role to use", "type": "string", "enum": [ { "name": "Unknown", "description": "UNKNOWN", "value": "UNKNOWN" }, { "name": "Admin", "description": "ADMIN has EDIT and RBAC permissions", "value": "ADMIN" }, { "name": "Edit", "description": "EDIT can edit all resources except RBAC", "value": "EDIT" }, { "name": "View", "description": "VIEW can only read resources", "value": "VIEW" }, { "name": "AnthosSupport", "description": "ANTHOS_SUPPORT gives Google Support read-only access to a number of cluster resources.", "value": "ANTHOS_SUPPORT" } ] }, "google-native:gkehub/v1alpha:RoleResponse": { "description": "Role is the type for Kubernetes roles", "properties": { "predefinedRole": { "type": "string", "description": "predefined_role is the Kubernetes default role to use" } }, "type": "object", "required": [ "predefinedRole" ] }, "google-native:gkehub/v1alpha:ScopeLifecycleStateResponse": { "description": "ScopeLifecycleState describes the state of a Scope resource.", "properties": { "code": { "type": "string", "description": "The current state of the scope resource." } }, "type": "object", "required": [ "code" ] }, "google-native:gkehub/v1alpha:SecurityPostureConfig": { "description": "SecurityPostureConfig defines the flags needed to enable/disable features for the Security Posture API.", "properties": { "mode": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:SecurityPostureConfigMode", "description": "Sets which mode to use for Security Posture features." }, "vulnerabilityMode": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:SecurityPostureConfigVulnerabilityMode", "description": "Sets which mode to use for vulnerability scanning." } }, "type": "object" }, "google-native:gkehub/v1alpha:SecurityPostureConfigMode": { "description": "Sets which mode to use for Security Posture features.", "type": "string", "enum": [ { "name": "ModeUnspecified", "description": "Default value not specified.", "value": "MODE_UNSPECIFIED" }, { "name": "Disabled", "description": "Disables Security Posture features on the cluster.", "value": "DISABLED" }, { "name": "Basic", "description": "Applies Security Posture features on the cluster.", "value": "BASIC" } ] }, "google-native:gkehub/v1alpha:SecurityPostureConfigResponse": { "description": "SecurityPostureConfig defines the flags needed to enable/disable features for the Security Posture API.", "properties": { "mode": { "type": "string", "description": "Sets which mode to use for Security Posture features." }, "vulnerabilityMode": { "type": "string", "description": "Sets which mode to use for vulnerability scanning." } }, "type": "object", "required": [ "mode", "vulnerabilityMode" ] }, "google-native:gkehub/v1alpha:SecurityPostureConfigVulnerabilityMode": { "description": "Sets which mode to use for vulnerability scanning.", "type": "string", "enum": [ { "name": "VulnerabilityModeUnspecified", "description": "Default value not specified.", "value": "VULNERABILITY_MODE_UNSPECIFIED" }, { "name": "VulnerabilityDisabled", "description": "Disables vulnerability scanning on the cluster.", "value": "VULNERABILITY_DISABLED" }, { "name": "VulnerabilityBasic", "description": "Applies basic vulnerability scanning on the cluster.", "value": "VULNERABILITY_BASIC" }, { "name": "VulnerabilityEnterprise", "description": "Applies the Security Posture's vulnerability on cluster Enterprise level features.", "value": "VULNERABILITY_ENTERPRISE" } ] }, "google-native:gkehub/v1alpha:ServiceMeshAnalysisMessageBaseResponse": { "description": "AnalysisMessageBase describes some common information that is needed for all messages.", "properties": { "documentationUrl": { "type": "string", "description": "A url pointing to the Service Mesh or Istio documentation for this specific error type." }, "level": { "type": "string", "description": "Represents how severe a message is." }, "type": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ServiceMeshTypeResponse", "description": "Represents the specific type of a message." } }, "type": "object", "required": [ "documentationUrl", "level", "type" ] }, "google-native:gkehub/v1alpha:ServiceMeshAnalysisMessageResponse": { "description": "AnalysisMessage is a single message produced by an analyzer, and it used to communicate to the end user about the state of their Service Mesh configuration.", "properties": { "args": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A UI can combine these args with a template (based on message_base.type) to produce an internationalized message." }, "description": { "type": "string", "description": "A human readable description of what the error means. It is suitable for non-internationalize display purposes." }, "messageBase": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ServiceMeshAnalysisMessageBaseResponse", "description": "Details common to all types of Istio and ServiceMesh analysis messages." }, "resourcePaths": { "type": "array", "items": { "type": "string" }, "description": "A list of strings specifying the resource identifiers that were the cause of message generation. A \"path\" here may be: * MEMBERSHIP_ID if the cause is a specific member cluster * MEMBERSHIP_ID/(NAMESPACE\\/)?RESOURCETYPE/NAME if the cause is a resource in a cluster" } }, "type": "object", "required": [ "args", "description", "messageBase", "resourcePaths" ] }, "google-native:gkehub/v1alpha:ServiceMeshFeatureStateResponse": { "description": "**Service Mesh**: State for the whole Hub, as analyzed by the Service Mesh Hub Controller.", "properties": { "analysisMessages": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ServiceMeshAnalysisMessageResponse" }, "description": "Results of running Service Mesh analyzers." } }, "type": "object", "required": [ "analysisMessages" ] }, "google-native:gkehub/v1alpha:ServiceMeshMembershipSpec": { "description": "**Service Mesh**: Spec for a single Membership for the servicemesh feature", "properties": { "controlPlane": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ServiceMeshMembershipSpecControlPlane", "description": "Deprecated: use `management` instead Enables automatic control plane management.", "deprecationMessage": "Deprecated: use `management` instead Enables automatic control plane management." }, "defaultChannel": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ServiceMeshMembershipSpecDefaultChannel", "description": "Determines which release channel to use for default injection and service mesh APIs." }, "management": { "$ref": "#/types/google-native:gkehub%2Fv1alpha:ServiceMeshMembershipSpecManagement", "description": "Enables automatic Service Mesh management." } }, "type": "object" }, "google-native:gkehub/v1alpha:ServiceMeshMembershipSpecControlPlane": { "description": "Deprecated: use `management` instead Enables automatic control plane management.", "type": "string", "enum": [ { "name": "ControlPlaneManagementUnspecified", "description": "Unspecified", "value": "CONTROL_PLANE_MANAGEMENT_UNSPECIFIED" }, { "name": "Automatic", "description": "Google should provision a control plane revision and make it available in the cluster. Google will enroll this revision in a release channel and keep it up to date. The control plane revision may be a managed service, or a managed install.", "value": "AUTOMATIC" }, { "name": "Manual", "description": "User will manually configure the control plane (e.g. via CLI, or via the ControlPlaneRevision KRM API)", "value": "MANUAL" } ] }, "google-native:gkehub/v1alpha:ServiceMeshMembershipSpecDefaultChannel": { "description": "Determines which release channel to use for default injection and service mesh APIs.", "type": "string", "enum": [ { "name": "ChannelUnspecified", "description": "Unspecified", "value": "CHANNEL_UNSPECIFIED" }, { "name": "Rapid", "description": "RAPID channel is offered on an early access basis for customers who want to test new releases.", "value": "RAPID" }, { "name": "Regular", "description": "REGULAR channel is intended for production users who want to take advantage of new features.", "value": "REGULAR" }, { "name": "Stable", "description": "STABLE channel includes versions that are known to be stable and reliable in production.", "value": "STABLE" } ] }, "google-native:gkehub/v1alpha:ServiceMeshMembershipSpecManagement": { "description": "Enables automatic Service Mesh management.", "type": "string", "enum": [ { "name": "ManagementUnspecified", "description": "Unspecified", "value": "MANAGEMENT_UNSPECIFIED" }, { "name": "ManagementAutomatic", "description": "Google should manage my Service Mesh for the cluster.", "value": "MANAGEMENT_AUTOMATIC" }, { "name": "ManagementManual", "description": "User will manually configure their service mesh components.", "value": "MANAGEMENT_MANUAL" } ] }, "google-native:gkehub/v1alpha:ServiceMeshMembershipSpecResponse": { "description": "**Service Mesh**: Spec for a single Membership for the servicemesh feature", "properties": { "controlPlane": { "type": "string", "description": "Deprecated: use `management` instead Enables automatic control plane management.", "deprecationMessage": "Deprecated: use `management` instead Enables automatic control plane management." }, "defaultChannel": { "type": "string", "description": "Determines which release channel to use for default injection and service mesh APIs." }, "management": { "type": "string", "description": "Enables automatic Service Mesh management." } }, "type": "object", "required": [ "controlPlane", "defaultChannel", "management" ] }, "google-native:gkehub/v1alpha:ServiceMeshTypeResponse": { "description": "A unique identifier for the type of message. Display_name is intended to be human-readable, code is intended to be machine readable. There should be a one-to-one mapping between display_name and code. (i.e. do not re-use display_names or codes between message types.) See istio.analysis.v1alpha1.AnalysisMessageBase.Type", "properties": { "code": { "type": "string", "description": "A 7 character code matching `^IST[0-9]{4}$` or `^ASM[0-9]{4}$`, intended to uniquely identify the message type. (e.g. \"IST0001\" is mapped to the \"InternalError\" message type.)" }, "displayName": { "type": "string", "description": "A human-readable name for the message type. e.g. \"InternalError\", \"PodMissingProxy\". This should be the same for all messages of the same type. (This corresponds to the `name` field in open-source Istio.)" } }, "type": "object", "required": [ "code", "displayName" ] }, "google-native:gkehub/v1alpha:StatusResponse": { "description": "Status specifies state for the subcomponent.", "properties": { "code": { "type": "string", "description": "Code specifies AppDevExperienceFeature's subcomponent ready state." }, "description": { "type": "string", "description": "Description is populated if Code is Failed, explaining why it has failed." } }, "type": "object", "required": [ "code", "description" ] }, "google-native:gkehub/v1beta1:ApplianceCluster": { "description": "ApplianceCluster contains information specific to GDC Edge Appliance Clusters.", "properties": { "resourceLink": { "type": "string", "description": "Immutable. Self-link of the GCP resource for the Appliance Cluster. For example: //transferappliance.googleapis.com/projects/my-project/locations/us-west1-a/appliances/my-appliance" } }, "type": "object" }, "google-native:gkehub/v1beta1:ApplianceClusterResponse": { "description": "ApplianceCluster contains information specific to GDC Edge Appliance Clusters.", "properties": { "resourceLink": { "type": "string", "description": "Immutable. Self-link of the GCP resource for the Appliance Cluster. For example: //transferappliance.googleapis.com/projects/my-project/locations/us-west1-a/appliances/my-appliance" } }, "type": "object", "required": [ "resourceLink" ] }, "google-native:gkehub/v1beta1:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1beta1:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:gkehub/v1beta1:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1beta1:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:gkehub/v1beta1:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:gkehub%2Fv1beta1:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:gkehub/v1beta1:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:gkehub/v1beta1:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:gkehub/v1beta1:Authority": { "description": "Authority encodes how Google will recognize identities from this Membership. See the workload identity documentation for more details: https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity", "properties": { "issuer": { "type": "string", "description": "Optional. A JSON Web Token (JWT) issuer URI. `issuer` must start with `https://` and be a valid URL with length <2000 characters. If set, then Google will allow valid OIDC tokens from this issuer to authenticate within the workload_identity_pool. OIDC discovery will be performed on this URI to validate tokens from the issuer. Clearing `issuer` disables Workload Identity. `issuer` cannot be directly modified; it must be cleared (and Workload Identity disabled) before using a new issuer (and re-enabling Workload Identity)." }, "oidcJwks": { "type": "string", "description": "Optional. OIDC verification keys for this Membership in JWKS format (RFC 7517). When this field is set, OIDC discovery will NOT be performed on `issuer`, and instead OIDC tokens will be validated using this field." } }, "type": "object" }, "google-native:gkehub/v1beta1:AuthorityResponse": { "description": "Authority encodes how Google will recognize identities from this Membership. See the workload identity documentation for more details: https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity", "properties": { "identityProvider": { "type": "string", "description": "An identity provider that reflects the `issuer` in the workload identity pool." }, "issuer": { "type": "string", "description": "Optional. A JSON Web Token (JWT) issuer URI. `issuer` must start with `https://` and be a valid URL with length <2000 characters. If set, then Google will allow valid OIDC tokens from this issuer to authenticate within the workload_identity_pool. OIDC discovery will be performed on this URI to validate tokens from the issuer. Clearing `issuer` disables Workload Identity. `issuer` cannot be directly modified; it must be cleared (and Workload Identity disabled) before using a new issuer (and re-enabling Workload Identity)." }, "oidcJwks": { "type": "string", "description": "Optional. OIDC verification keys for this Membership in JWKS format (RFC 7517). When this field is set, OIDC discovery will NOT be performed on `issuer`, and instead OIDC tokens will be validated using this field." }, "workloadIdentityPool": { "type": "string", "description": "The name of the workload identity pool in which `issuer` will be recognized. There is a single Workload Identity Pool per Hub that is shared between all Memberships that belong to that Hub. For a Hub hosted in {PROJECT_ID}, the workload pool format is `{PROJECT_ID}.hub.id.goog`, although this is subject to change in newer versions of this API." } }, "type": "object", "required": [ "identityProvider", "issuer", "oidcJwks", "workloadIdentityPool" ] }, "google-native:gkehub/v1beta1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:gkehub%2Fv1beta1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:gkehub/v1beta1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:gkehub%2Fv1beta1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:gkehub/v1beta1:EdgeCluster": { "description": "EdgeCluster contains information specific to Google Edge Clusters.", "properties": { "resourceLink": { "type": "string", "description": "Immutable. Self-link of the GCP resource for the Edge Cluster. For example: //edgecontainer.googleapis.com/projects/my-project/locations/us-west1-a/clusters/my-cluster" } }, "type": "object" }, "google-native:gkehub/v1beta1:EdgeClusterResponse": { "description": "EdgeCluster contains information specific to Google Edge Clusters.", "properties": { "resourceLink": { "type": "string", "description": "Immutable. Self-link of the GCP resource for the Edge Cluster. For example: //edgecontainer.googleapis.com/projects/my-project/locations/us-west1-a/clusters/my-cluster" } }, "type": "object", "required": [ "resourceLink" ] }, "google-native:gkehub/v1beta1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:gkehub/v1beta1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:gkehub/v1beta1:GkeCluster": { "description": "GkeCluster contains information specific to GKE clusters.", "properties": { "resourceLink": { "type": "string", "description": "Immutable. Self-link of the GCP resource for the GKE cluster. For example: //container.googleapis.com/projects/my-project/locations/us-west1-a/clusters/my-cluster Zonal clusters are also supported." } }, "type": "object" }, "google-native:gkehub/v1beta1:GkeClusterResponse": { "description": "GkeCluster contains information specific to GKE clusters.", "properties": { "clusterMissing": { "type": "boolean", "description": "If cluster_missing is set then it denotes that the GKE cluster no longer exists in the GKE Control Plane." }, "resourceLink": { "type": "string", "description": "Immutable. Self-link of the GCP resource for the GKE cluster. For example: //container.googleapis.com/projects/my-project/locations/us-west1-a/clusters/my-cluster Zonal clusters are also supported." } }, "type": "object", "required": [ "clusterMissing", "resourceLink" ] }, "google-native:gkehub/v1beta1:KubernetesMetadataResponse": { "description": "KubernetesMetadata provides informational metadata for Memberships representing Kubernetes clusters.", "properties": { "kubernetesApiServerVersion": { "type": "string", "description": "Kubernetes API server version string as reported by '/version'." }, "memoryMb": { "type": "integer", "description": "The total memory capacity as reported by the sum of all Kubernetes nodes resources, defined in MB." }, "nodeCount": { "type": "integer", "description": "Node count as reported by Kubernetes nodes resources." }, "nodeProviderId": { "type": "string", "description": "Node providerID as reported by the first node in the list of nodes on the Kubernetes endpoint. On Kubernetes platforms that support zero-node clusters (like GKE-on-GCP), the node_count will be zero and the node_provider_id will be empty." }, "updateTime": { "type": "string", "description": "The time at which these details were last updated. This update_time is different from the Membership-level update_time since EndpointDetails are updated internally for API consumers." }, "vcpuCount": { "type": "integer", "description": "vCPU count as reported by Kubernetes nodes resources." } }, "type": "object", "required": [ "kubernetesApiServerVersion", "memoryMb", "nodeCount", "nodeProviderId", "updateTime", "vcpuCount" ] }, "google-native:gkehub/v1beta1:KubernetesResource": { "description": "KubernetesResource contains the YAML manifests and configuration for Membership Kubernetes resources in the cluster. After CreateMembership or UpdateMembership, these resources should be re-applied in the cluster.", "properties": { "membershipCrManifest": { "type": "string", "description": "Input only. The YAML representation of the Membership CR. This field is ignored for GKE clusters where Hub can read the CR directly. Callers should provide the CR that is currently present in the cluster during CreateMembership or UpdateMembership, or leave this field empty if none exists. The CR manifest is used to validate the cluster has not been registered with another Membership." }, "resourceOptions": { "$ref": "#/types/google-native:gkehub%2Fv1beta1:ResourceOptions", "description": "Optional. Options for Kubernetes resource generation." } }, "type": "object" }, "google-native:gkehub/v1beta1:KubernetesResourceResponse": { "description": "KubernetesResource contains the YAML manifests and configuration for Membership Kubernetes resources in the cluster. After CreateMembership or UpdateMembership, these resources should be re-applied in the cluster.", "properties": { "connectResources": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1beta1:ResourceManifestResponse" }, "description": "The Kubernetes resources for installing the GKE Connect agent This field is only populated in the Membership returned from a successful long-running operation from CreateMembership or UpdateMembership. It is not populated during normal GetMembership or ListMemberships requests. To get the resource manifest after the initial registration, the caller should make a UpdateMembership call with an empty field mask." }, "membershipCrManifest": { "type": "string", "description": "Input only. The YAML representation of the Membership CR. This field is ignored for GKE clusters where Hub can read the CR directly. Callers should provide the CR that is currently present in the cluster during CreateMembership or UpdateMembership, or leave this field empty if none exists. The CR manifest is used to validate the cluster has not been registered with another Membership." }, "membershipResources": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1beta1:ResourceManifestResponse" }, "description": "Additional Kubernetes resources that need to be applied to the cluster after Membership creation, and after every update. This field is only populated in the Membership returned from a successful long-running operation from CreateMembership or UpdateMembership. It is not populated during normal GetMembership or ListMemberships requests. To get the resource manifest after the initial registration, the caller should make a UpdateMembership call with an empty field mask." }, "resourceOptions": { "$ref": "#/types/google-native:gkehub%2Fv1beta1:ResourceOptionsResponse", "description": "Optional. Options for Kubernetes resource generation." } }, "type": "object", "required": [ "connectResources", "membershipCrManifest", "membershipResources", "resourceOptions" ] }, "google-native:gkehub/v1beta1:MembershipEndpoint": { "description": "MembershipEndpoint contains information needed to contact a Kubernetes API, endpoint and any additional Kubernetes metadata.", "properties": { "applianceCluster": { "$ref": "#/types/google-native:gkehub%2Fv1beta1:ApplianceCluster", "description": "Optional. Specific information for a GDC Edge Appliance cluster." }, "edgeCluster": { "$ref": "#/types/google-native:gkehub%2Fv1beta1:EdgeCluster", "description": "Optional. Specific information for a Google Edge cluster." }, "gkeCluster": { "$ref": "#/types/google-native:gkehub%2Fv1beta1:GkeCluster", "description": "Optional. Specific information for a GKE-on-GCP cluster." }, "kubernetesResource": { "$ref": "#/types/google-native:gkehub%2Fv1beta1:KubernetesResource", "description": "Optional. The in-cluster Kubernetes Resources that should be applied for a correctly registered cluster, in the steady state. These resources: * Ensure that the cluster is exclusively registered to one and only one Hub Membership. * Propagate Workload Pool Information available in the Membership Authority field. * Ensure proper initial configuration of default Hub Features." }, "multiCloudCluster": { "$ref": "#/types/google-native:gkehub%2Fv1beta1:MultiCloudCluster", "description": "Optional. Specific information for a GKE Multi-Cloud cluster." }, "onPremCluster": { "$ref": "#/types/google-native:gkehub%2Fv1beta1:OnPremCluster", "description": "Optional. Specific information for a GKE On-Prem cluster. An onprem user-cluster who has no resourceLink is not allowed to use this field, it should have a nil \"type\" instead." } }, "type": "object" }, "google-native:gkehub/v1beta1:MembershipEndpointResponse": { "description": "MembershipEndpoint contains information needed to contact a Kubernetes API, endpoint and any additional Kubernetes metadata.", "properties": { "applianceCluster": { "$ref": "#/types/google-native:gkehub%2Fv1beta1:ApplianceClusterResponse", "description": "Optional. Specific information for a GDC Edge Appliance cluster." }, "edgeCluster": { "$ref": "#/types/google-native:gkehub%2Fv1beta1:EdgeClusterResponse", "description": "Optional. Specific information for a Google Edge cluster." }, "gkeCluster": { "$ref": "#/types/google-native:gkehub%2Fv1beta1:GkeClusterResponse", "description": "Optional. Specific information for a GKE-on-GCP cluster." }, "kubernetesMetadata": { "$ref": "#/types/google-native:gkehub%2Fv1beta1:KubernetesMetadataResponse", "description": "Useful Kubernetes-specific metadata." }, "kubernetesResource": { "$ref": "#/types/google-native:gkehub%2Fv1beta1:KubernetesResourceResponse", "description": "Optional. The in-cluster Kubernetes Resources that should be applied for a correctly registered cluster, in the steady state. These resources: * Ensure that the cluster is exclusively registered to one and only one Hub Membership. * Propagate Workload Pool Information available in the Membership Authority field. * Ensure proper initial configuration of default Hub Features." }, "multiCloudCluster": { "$ref": "#/types/google-native:gkehub%2Fv1beta1:MultiCloudClusterResponse", "description": "Optional. Specific information for a GKE Multi-Cloud cluster." }, "onPremCluster": { "$ref": "#/types/google-native:gkehub%2Fv1beta1:OnPremClusterResponse", "description": "Optional. Specific information for a GKE On-Prem cluster. An onprem user-cluster who has no resourceLink is not allowed to use this field, it should have a nil \"type\" instead." } }, "type": "object", "required": [ "applianceCluster", "edgeCluster", "gkeCluster", "kubernetesMetadata", "kubernetesResource", "multiCloudCluster", "onPremCluster" ] }, "google-native:gkehub/v1beta1:MembershipInfrastructureType": { "description": "Optional. The infrastructure type this Membership is running on.", "type": "string", "enum": [ { "name": "InfrastructureTypeUnspecified", "description": "No type was specified. Some Hub functionality may require a type be specified, and will not support Memberships with this value.", "value": "INFRASTRUCTURE_TYPE_UNSPECIFIED" }, { "name": "OnPrem", "description": "Private infrastructure that is owned or operated by customer. This includes GKE distributions such as GKE-OnPrem and GKE-OnBareMetal.", "value": "ON_PREM" }, { "name": "MultiCloud", "description": "Public cloud infrastructure.", "value": "MULTI_CLOUD" } ] }, "google-native:gkehub/v1beta1:MembershipStateResponse": { "description": "State of the Membership resource.", "properties": { "code": { "type": "string", "description": "The current state of the Membership resource." }, "description": { "type": "string", "description": "This field is never set by the Hub Service." }, "updateTime": { "type": "string", "description": "This field is never set by the Hub Service." } }, "type": "object", "required": [ "code", "description", "updateTime" ] }, "google-native:gkehub/v1beta1:MonitoringConfig": { "description": "MonitoringConfig informs Fleet-based applications/services/UIs how the metrics for the underlying cluster is reported to cloud monitoring services. It can be set from empty to non-empty, but can't be mutated directly to prevent accidentally breaking the constinousty of metrics.", "properties": { "cluster": { "type": "string", "description": "Optional. Cluster name used to report metrics. For Anthos on VMWare/Baremetal/MultiCloud clusters, it would be in format {cluster_type}/{cluster_name}, e.g., \"awsClusters/cluster_1\"." }, "clusterHash": { "type": "string", "description": "Optional. For GKE and Multicloud clusters, this is the UUID of the cluster resource. For VMWare and Baremetal clusters, this is the kube-system UID." }, "kubernetesMetricsPrefix": { "type": "string", "description": "Optional. Kubernetes system metrics, if available, are written to this prefix. This defaults to kubernetes.io for GKE, and kubernetes.io/anthos for Anthos eventually. Noted: Anthos MultiCloud will have kubernetes.io prefix today but will migration to be under kubernetes.io/anthos." }, "location": { "type": "string", "description": "Optional. Location used to report Metrics" }, "project": { "type": "string", "description": "Optional. Project used to report Metrics" } }, "type": "object" }, "google-native:gkehub/v1beta1:MonitoringConfigResponse": { "description": "MonitoringConfig informs Fleet-based applications/services/UIs how the metrics for the underlying cluster is reported to cloud monitoring services. It can be set from empty to non-empty, but can't be mutated directly to prevent accidentally breaking the constinousty of metrics.", "properties": { "cluster": { "type": "string", "description": "Optional. Cluster name used to report metrics. For Anthos on VMWare/Baremetal/MultiCloud clusters, it would be in format {cluster_type}/{cluster_name}, e.g., \"awsClusters/cluster_1\"." }, "clusterHash": { "type": "string", "description": "Optional. For GKE and Multicloud clusters, this is the UUID of the cluster resource. For VMWare and Baremetal clusters, this is the kube-system UID." }, "kubernetesMetricsPrefix": { "type": "string", "description": "Optional. Kubernetes system metrics, if available, are written to this prefix. This defaults to kubernetes.io for GKE, and kubernetes.io/anthos for Anthos eventually. Noted: Anthos MultiCloud will have kubernetes.io prefix today but will migration to be under kubernetes.io/anthos." }, "location": { "type": "string", "description": "Optional. Location used to report Metrics" }, "project": { "type": "string", "description": "Optional. Project used to report Metrics" } }, "type": "object", "required": [ "cluster", "clusterHash", "kubernetesMetricsPrefix", "location", "project" ] }, "google-native:gkehub/v1beta1:MultiCloudCluster": { "description": "MultiCloudCluster contains information specific to GKE Multi-Cloud clusters.", "properties": { "resourceLink": { "type": "string", "description": "Immutable. Self-link of the GCP resource for the GKE Multi-Cloud cluster. For example: //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/awsClusters/my-cluster //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/azureClusters/my-cluster //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/attachedClusters/my-cluster" } }, "type": "object" }, "google-native:gkehub/v1beta1:MultiCloudClusterResponse": { "description": "MultiCloudCluster contains information specific to GKE Multi-Cloud clusters.", "properties": { "clusterMissing": { "type": "boolean", "description": "If cluster_missing is set then it denotes that API(gkemulticloud.googleapis.com) resource for this GKE Multi-Cloud cluster no longer exists." }, "resourceLink": { "type": "string", "description": "Immutable. Self-link of the GCP resource for the GKE Multi-Cloud cluster. For example: //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/awsClusters/my-cluster //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/azureClusters/my-cluster //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/attachedClusters/my-cluster" } }, "type": "object", "required": [ "clusterMissing", "resourceLink" ] }, "google-native:gkehub/v1beta1:OnPremCluster": { "description": "OnPremCluster contains information specific to GKE On-Prem clusters.", "properties": { "adminCluster": { "type": "boolean", "description": "Immutable. Whether the cluster is an admin cluster." }, "clusterType": { "$ref": "#/types/google-native:gkehub%2Fv1beta1:OnPremClusterClusterType", "description": "Immutable. The on prem cluster's type." }, "resourceLink": { "type": "string", "description": "Immutable. Self-link of the GCP resource for the GKE On-Prem cluster. For example: //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/vmwareClusters/my-cluster //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/bareMetalClusters/my-cluster" } }, "type": "object" }, "google-native:gkehub/v1beta1:OnPremClusterClusterType": { "description": "Immutable. The on prem cluster's type.", "type": "string", "enum": [ { "name": "ClustertypeUnspecified", "description": "The ClusterType is not set.", "value": "CLUSTERTYPE_UNSPECIFIED" }, { "name": "Bootstrap", "description": "The ClusterType is bootstrap cluster.", "value": "BOOTSTRAP" }, { "name": "Hybrid", "description": "The ClusterType is baremetal hybrid cluster.", "value": "HYBRID" }, { "name": "Standalone", "description": "The ClusterType is baremetal standalone cluster.", "value": "STANDALONE" }, { "name": "User", "description": "The ClusterType is user cluster.", "value": "USER" } ] }, "google-native:gkehub/v1beta1:OnPremClusterResponse": { "description": "OnPremCluster contains information specific to GKE On-Prem clusters.", "properties": { "adminCluster": { "type": "boolean", "description": "Immutable. Whether the cluster is an admin cluster." }, "clusterMissing": { "type": "boolean", "description": "If cluster_missing is set then it denotes that API(gkeonprem.googleapis.com) resource for this GKE On-Prem cluster no longer exists." }, "clusterType": { "type": "string", "description": "Immutable. The on prem cluster's type." }, "resourceLink": { "type": "string", "description": "Immutable. Self-link of the GCP resource for the GKE On-Prem cluster. For example: //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/vmwareClusters/my-cluster //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/bareMetalClusters/my-cluster" } }, "type": "object", "required": [ "adminCluster", "clusterMissing", "clusterType", "resourceLink" ] }, "google-native:gkehub/v1beta1:ResourceManifestResponse": { "description": "ResourceManifest represents a single Kubernetes resource to be applied to the cluster.", "properties": { "clusterScoped": { "type": "boolean", "description": "Whether the resource provided in the manifest is `cluster_scoped`. If unset, the manifest is assumed to be namespace scoped. This field is used for REST mapping when applying the resource in a cluster." }, "manifest": { "type": "string", "description": "YAML manifest of the resource." } }, "type": "object", "required": [ "clusterScoped", "manifest" ] }, "google-native:gkehub/v1beta1:ResourceOptions": { "description": "ResourceOptions represent options for Kubernetes resource generation.", "properties": { "connectVersion": { "type": "string", "description": "Optional. The Connect agent version to use for connect_resources. Defaults to the latest GKE Connect version. The version must be a currently supported version, obsolete versions will be rejected." }, "k8sVersion": { "type": "string", "description": "Optional. Major version of the Kubernetes cluster. This is only used to determine which version to use for the CustomResourceDefinition resources, `apiextensions/v1beta1` or`apiextensions/v1`." }, "v1beta1Crd": { "type": "boolean", "description": "Optional. Use `apiextensions/v1beta1` instead of `apiextensions/v1` for CustomResourceDefinition resources. This option should be set for clusters with Kubernetes apiserver versions <1.16." } }, "type": "object" }, "google-native:gkehub/v1beta1:ResourceOptionsResponse": { "description": "ResourceOptions represent options for Kubernetes resource generation.", "properties": { "connectVersion": { "type": "string", "description": "Optional. The Connect agent version to use for connect_resources. Defaults to the latest GKE Connect version. The version must be a currently supported version, obsolete versions will be rejected." }, "k8sVersion": { "type": "string", "description": "Optional. Major version of the Kubernetes cluster. This is only used to determine which version to use for the CustomResourceDefinition resources, `apiextensions/v1beta1` or`apiextensions/v1`." }, "v1beta1Crd": { "type": "boolean", "description": "Optional. Use `apiextensions/v1beta1` instead of `apiextensions/v1` for CustomResourceDefinition resources. This option should be set for clusters with Kubernetes apiserver versions <1.16." } }, "type": "object", "required": [ "connectVersion", "k8sVersion", "v1beta1Crd" ] }, "google-native:gkehub/v1beta:AnthosObservabilityFeatureSpec": { "description": "**Anthos Observability**: Spec", "properties": { "defaultMembershipSpec": { "$ref": "#/types/google-native:gkehub%2Fv1beta:AnthosObservabilityMembershipSpec", "description": "Default membership spec for unconfigured memberships" } }, "type": "object" }, "google-native:gkehub/v1beta:AnthosObservabilityFeatureSpecResponse": { "description": "**Anthos Observability**: Spec", "properties": { "defaultMembershipSpec": { "$ref": "#/types/google-native:gkehub%2Fv1beta:AnthosObservabilityMembershipSpecResponse", "description": "Default membership spec for unconfigured memberships" } }, "type": "object", "required": [ "defaultMembershipSpec" ] }, "google-native:gkehub/v1beta:AnthosObservabilityMembershipSpec": { "description": "**Anthosobservability**: Per-Membership Feature spec.", "properties": { "doNotOptimizeMetrics": { "type": "boolean", "description": "Use full of metrics rather than optimized metrics. See https://cloud.google.com/anthos/clusters/docs/on-prem/1.8/concepts/logging-and-monitoring#optimized_metrics_default_metrics" }, "enableStackdriverOnApplications": { "type": "boolean", "description": "Enable collecting and reporting metrics and logs from user apps." }, "version": { "type": "string", "description": "the version of stackdriver operator used by this feature" } }, "type": "object" }, "google-native:gkehub/v1beta:AnthosObservabilityMembershipSpecResponse": { "description": "**Anthosobservability**: Per-Membership Feature spec.", "properties": { "doNotOptimizeMetrics": { "type": "boolean", "description": "Use full of metrics rather than optimized metrics. See https://cloud.google.com/anthos/clusters/docs/on-prem/1.8/concepts/logging-and-monitoring#optimized_metrics_default_metrics" }, "enableStackdriverOnApplications": { "type": "boolean", "description": "Enable collecting and reporting metrics and logs from user apps." }, "version": { "type": "string", "description": "the version of stackdriver operator used by this feature" } }, "type": "object", "required": [ "doNotOptimizeMetrics", "enableStackdriverOnApplications", "version" ] }, "google-native:gkehub/v1beta:AppDevExperienceFeatureSpec": { "description": "Spec for App Dev Experience Feature.", "type": "object" }, "google-native:gkehub/v1beta:AppDevExperienceFeatureSpecResponse": { "description": "Spec for App Dev Experience Feature.", "type": "object" }, "google-native:gkehub/v1beta:AppDevExperienceFeatureStateResponse": { "description": "State for App Dev Exp Feature.", "properties": { "networkingInstallSucceeded": { "$ref": "#/types/google-native:gkehub%2Fv1beta:StatusResponse", "description": "Status of subcomponent that detects configured Service Mesh resources." } }, "type": "object", "required": [ "networkingInstallSucceeded" ] }, "google-native:gkehub/v1beta:ApplianceCluster": { "description": "ApplianceCluster contains information specific to GDC Edge Appliance Clusters.", "properties": { "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the Appliance Cluster. For example: //transferappliance.googleapis.com/projects/my-project/locations/us-west1-a/appliances/my-appliance" } }, "type": "object" }, "google-native:gkehub/v1beta:ApplianceClusterResponse": { "description": "ApplianceCluster contains information specific to GDC Edge Appliance Clusters.", "properties": { "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the Appliance Cluster. For example: //transferappliance.googleapis.com/projects/my-project/locations/us-west1-a/appliances/my-appliance" } }, "type": "object", "required": [ "resourceLink" ] }, "google-native:gkehub/v1beta:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1beta:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:gkehub/v1beta:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1beta:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:gkehub/v1beta:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:gkehub%2Fv1beta:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:gkehub/v1beta:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:gkehub/v1beta:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:gkehub/v1beta:Authority": { "description": "Authority encodes how Google will recognize identities from this Membership. See the workload identity documentation for more details: https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity", "properties": { "issuer": { "type": "string", "description": "Optional. A JSON Web Token (JWT) issuer URI. `issuer` must start with `https://` and be a valid URL with length <2000 characters, it must use `location` rather than `zone` for GKE clusters. If set, then Google will allow valid OIDC tokens from this issuer to authenticate within the workload_identity_pool. OIDC discovery will be performed on this URI to validate tokens from the issuer. Clearing `issuer` disables Workload Identity. `issuer` cannot be directly modified; it must be cleared (and Workload Identity disabled) before using a new issuer (and re-enabling Workload Identity)." }, "oidcJwks": { "type": "string", "description": "Optional. OIDC verification keys for this Membership in JWKS format (RFC 7517). When this field is set, OIDC discovery will NOT be performed on `issuer`, and instead OIDC tokens will be validated using this field." } }, "type": "object" }, "google-native:gkehub/v1beta:AuthorityResponse": { "description": "Authority encodes how Google will recognize identities from this Membership. See the workload identity documentation for more details: https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity", "properties": { "identityProvider": { "type": "string", "description": "An identity provider that reflects the `issuer` in the workload identity pool." }, "issuer": { "type": "string", "description": "Optional. A JSON Web Token (JWT) issuer URI. `issuer` must start with `https://` and be a valid URL with length <2000 characters, it must use `location` rather than `zone` for GKE clusters. If set, then Google will allow valid OIDC tokens from this issuer to authenticate within the workload_identity_pool. OIDC discovery will be performed on this URI to validate tokens from the issuer. Clearing `issuer` disables Workload Identity. `issuer` cannot be directly modified; it must be cleared (and Workload Identity disabled) before using a new issuer (and re-enabling Workload Identity)." }, "oidcJwks": { "type": "string", "description": "Optional. OIDC verification keys for this Membership in JWKS format (RFC 7517). When this field is set, OIDC discovery will NOT be performed on `issuer`, and instead OIDC tokens will be validated using this field." }, "workloadIdentityPool": { "type": "string", "description": "The name of the workload identity pool in which `issuer` will be recognized. There is a single Workload Identity Pool per Hub that is shared between all Memberships that belong to that Hub. For a Hub hosted in {PROJECT_ID}, the workload pool format is `{PROJECT_ID}.hub.id.goog`, although this is subject to change in newer versions of this API." } }, "type": "object", "required": [ "identityProvider", "issuer", "oidcJwks", "workloadIdentityPool" ] }, "google-native:gkehub/v1beta:BinaryAuthorizationConfig": { "description": "BinaryAuthorizationConfig defines the fleet level configuration of binary authorization feature.", "properties": { "evaluationMode": { "$ref": "#/types/google-native:gkehub%2Fv1beta:BinaryAuthorizationConfigEvaluationMode", "description": "Optional. Mode of operation for binauthz policy evaluation." }, "policyBindings": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1beta:PolicyBinding" }, "description": "Optional. Binauthz policies that apply to this cluster." } }, "type": "object" }, "google-native:gkehub/v1beta:BinaryAuthorizationConfigEvaluationMode": { "description": "Optional. Mode of operation for binauthz policy evaluation.", "type": "string", "enum": [ { "name": "EvaluationModeUnspecified", "description": "Default value", "value": "EVALUATION_MODE_UNSPECIFIED" }, { "name": "Disabled", "description": "Disable BinaryAuthorization", "value": "DISABLED" }, { "name": "PolicyBindings", "description": "Use Binary Authorization with the policies specified in policy_bindings.", "value": "POLICY_BINDINGS" } ] }, "google-native:gkehub/v1beta:BinaryAuthorizationConfigResponse": { "description": "BinaryAuthorizationConfig defines the fleet level configuration of binary authorization feature.", "properties": { "evaluationMode": { "type": "string", "description": "Optional. Mode of operation for binauthz policy evaluation." }, "policyBindings": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1beta:PolicyBindingResponse" }, "description": "Optional. Binauthz policies that apply to this cluster." } }, "type": "object", "required": [ "evaluationMode", "policyBindings" ] }, "google-native:gkehub/v1beta:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:gkehub%2Fv1beta:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:gkehub/v1beta:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:gkehub/v1beta:ClusterUpgradeFleetSpec": { "description": "**ClusterUpgrade**: The configuration for the fleet-level ClusterUpgrade feature.", "properties": { "gkeUpgradeOverrides": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ClusterUpgradeGKEUpgradeOverride" }, "description": "Allow users to override some properties of each GKE upgrade." }, "postConditions": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ClusterUpgradePostConditions", "description": "Post conditions to evaluate to mark an upgrade COMPLETE. Required." }, "upstreamFleets": { "type": "array", "items": { "type": "string" }, "description": "This fleet consumes upgrades that have COMPLETE status code in the upstream fleets. See UpgradeStatus.Code for code definitions. The fleet name should be either fleet project number or id. This is defined as repeated for future proof reasons. Initial implementation will enforce at most one upstream fleet." } }, "type": "object", "required": [ "postConditions" ] }, "google-native:gkehub/v1beta:ClusterUpgradeFleetSpecResponse": { "description": "**ClusterUpgrade**: The configuration for the fleet-level ClusterUpgrade feature.", "properties": { "gkeUpgradeOverrides": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ClusterUpgradeGKEUpgradeOverrideResponse" }, "description": "Allow users to override some properties of each GKE upgrade." }, "postConditions": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ClusterUpgradePostConditionsResponse", "description": "Post conditions to evaluate to mark an upgrade COMPLETE. Required." }, "upstreamFleets": { "type": "array", "items": { "type": "string" }, "description": "This fleet consumes upgrades that have COMPLETE status code in the upstream fleets. See UpgradeStatus.Code for code definitions. The fleet name should be either fleet project number or id. This is defined as repeated for future proof reasons. Initial implementation will enforce at most one upstream fleet." } }, "type": "object", "required": [ "gkeUpgradeOverrides", "postConditions", "upstreamFleets" ] }, "google-native:gkehub/v1beta:ClusterUpgradeFleetStateResponse": { "description": "**ClusterUpgrade**: The state for the fleet-level ClusterUpgrade feature.", "properties": { "downstreamFleets": { "type": "array", "items": { "type": "string" }, "description": "This fleets whose upstream_fleets contain the current fleet. The fleet name should be either fleet project number or id." }, "gkeState": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ClusterUpgradeGKEUpgradeFeatureStateResponse", "description": "Feature state for GKE clusters." }, "ignored": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A list of memberships ignored by the feature. For example, manually upgraded clusters can be ignored if they are newer than the default versions of its release channel. The membership resource is in the format: `projects/{p}/locations/{l}/membership/{m}`." } }, "type": "object", "required": [ "downstreamFleets", "gkeState", "ignored" ] }, "google-native:gkehub/v1beta:ClusterUpgradeGKEUpgrade": { "description": "GKEUpgrade represents a GKE provided upgrade, e.g., control plane upgrade.", "properties": { "name": { "type": "string", "description": "Name of the upgrade, e.g., \"k8s_control_plane\". It should be a valid upgrade name. It must not exceet 99 characters." }, "version": { "type": "string", "description": "Version of the upgrade, e.g., \"1.22.1-gke.100\". It should be a valid version. It must not exceet 99 characters." } }, "type": "object" }, "google-native:gkehub/v1beta:ClusterUpgradeGKEUpgradeFeatureConditionResponse": { "description": "GKEUpgradeFeatureCondition describes the condition of the feature for GKE clusters at a certain point of time.", "properties": { "reason": { "type": "string", "description": "Reason why the feature is in this status." }, "status": { "type": "string", "description": "Status of the condition, one of True, False, Unknown." }, "type": { "type": "string", "description": "Type of the condition, for example, \"ready\"." }, "updateTime": { "type": "string", "description": "Last timestamp the condition was updated." } }, "type": "object", "required": [ "reason", "status", "type", "updateTime" ] }, "google-native:gkehub/v1beta:ClusterUpgradeGKEUpgradeFeatureStateResponse": { "description": "GKEUpgradeFeatureState contains feature states for GKE clusters in the scope.", "properties": { "conditions": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ClusterUpgradeGKEUpgradeFeatureConditionResponse" }, "description": "Current conditions of the feature." }, "upgradeState": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ClusterUpgradeGKEUpgradeStateResponse" }, "description": "Upgrade state. It will eventually replace `state`." } }, "type": "object", "required": [ "conditions", "upgradeState" ] }, "google-native:gkehub/v1beta:ClusterUpgradeGKEUpgradeOverride": { "description": "Properties of a GKE upgrade that can be overridden by the user. For example, a user can skip soaking by overriding the soaking to 0.", "properties": { "postConditions": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ClusterUpgradePostConditions", "description": "Post conditions to override for the specified upgrade (name + version). Required." }, "upgrade": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ClusterUpgradeGKEUpgrade", "description": "Which upgrade to override. Required." } }, "type": "object", "required": [ "postConditions", "upgrade" ] }, "google-native:gkehub/v1beta:ClusterUpgradeGKEUpgradeOverrideResponse": { "description": "Properties of a GKE upgrade that can be overridden by the user. For example, a user can skip soaking by overriding the soaking to 0.", "properties": { "postConditions": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ClusterUpgradePostConditionsResponse", "description": "Post conditions to override for the specified upgrade (name + version). Required." }, "upgrade": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ClusterUpgradeGKEUpgradeResponse", "description": "Which upgrade to override. Required." } }, "type": "object", "required": [ "postConditions", "upgrade" ] }, "google-native:gkehub/v1beta:ClusterUpgradeGKEUpgradeResponse": { "description": "GKEUpgrade represents a GKE provided upgrade, e.g., control plane upgrade.", "properties": { "name": { "type": "string", "description": "Name of the upgrade, e.g., \"k8s_control_plane\". It should be a valid upgrade name. It must not exceet 99 characters." }, "version": { "type": "string", "description": "Version of the upgrade, e.g., \"1.22.1-gke.100\". It should be a valid version. It must not exceet 99 characters." } }, "type": "object", "required": [ "name", "version" ] }, "google-native:gkehub/v1beta:ClusterUpgradeGKEUpgradeStateResponse": { "description": "GKEUpgradeState is a GKEUpgrade and its state at the scope and fleet level.", "properties": { "stats": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Number of GKE clusters in each status code." }, "status": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ClusterUpgradeUpgradeStatusResponse", "description": "Status of the upgrade." }, "upgrade": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ClusterUpgradeGKEUpgradeResponse", "description": "Which upgrade to track the state." } }, "type": "object", "required": [ "stats", "status", "upgrade" ] }, "google-native:gkehub/v1beta:ClusterUpgradePostConditions": { "description": "Post conditional checks after an upgrade has been applied on all eligible clusters.", "properties": { "soaking": { "type": "string", "description": "Amount of time to \"soak\" after a rollout has been finished before marking it COMPLETE. Cannot exceed 30 days. Required." } }, "type": "object", "required": [ "soaking" ] }, "google-native:gkehub/v1beta:ClusterUpgradePostConditionsResponse": { "description": "Post conditional checks after an upgrade has been applied on all eligible clusters.", "properties": { "soaking": { "type": "string", "description": "Amount of time to \"soak\" after a rollout has been finished before marking it COMPLETE. Cannot exceed 30 days. Required." } }, "type": "object", "required": [ "soaking" ] }, "google-native:gkehub/v1beta:ClusterUpgradeUpgradeStatusResponse": { "description": "UpgradeStatus provides status information for each upgrade.", "properties": { "code": { "type": "string", "description": "Status code of the upgrade." }, "reason": { "type": "string", "description": "Reason for this status." }, "updateTime": { "type": "string", "description": "Last timestamp the status was updated." } }, "type": "object", "required": [ "code", "reason", "updateTime" ] }, "google-native:gkehub/v1beta:CommonFeatureSpec": { "description": "CommonFeatureSpec contains Hub-wide configuration information", "properties": { "anthosobservability": { "$ref": "#/types/google-native:gkehub%2Fv1beta:AnthosObservabilityFeatureSpec", "description": "Anthos Observability spec" }, "appdevexperience": { "$ref": "#/types/google-native:gkehub%2Fv1beta:AppDevExperienceFeatureSpec", "description": "Appdevexperience specific spec." }, "clusterupgrade": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ClusterUpgradeFleetSpec", "description": "ClusterUpgrade (fleet-based) feature spec." }, "fleetobservability": { "$ref": "#/types/google-native:gkehub%2Fv1beta:FleetObservabilityFeatureSpec", "description": "FleetObservability feature spec." }, "multiclusteringress": { "$ref": "#/types/google-native:gkehub%2Fv1beta:MultiClusterIngressFeatureSpec", "description": "Multicluster Ingress-specific spec." } }, "type": "object" }, "google-native:gkehub/v1beta:CommonFeatureSpecResponse": { "description": "CommonFeatureSpec contains Hub-wide configuration information", "properties": { "anthosobservability": { "$ref": "#/types/google-native:gkehub%2Fv1beta:AnthosObservabilityFeatureSpecResponse", "description": "Anthos Observability spec" }, "appdevexperience": { "$ref": "#/types/google-native:gkehub%2Fv1beta:AppDevExperienceFeatureSpecResponse", "description": "Appdevexperience specific spec." }, "clusterupgrade": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ClusterUpgradeFleetSpecResponse", "description": "ClusterUpgrade (fleet-based) feature spec." }, "fleetobservability": { "$ref": "#/types/google-native:gkehub%2Fv1beta:FleetObservabilityFeatureSpecResponse", "description": "FleetObservability feature spec." }, "multiclusteringress": { "$ref": "#/types/google-native:gkehub%2Fv1beta:MultiClusterIngressFeatureSpecResponse", "description": "Multicluster Ingress-specific spec." } }, "type": "object", "required": [ "anthosobservability", "appdevexperience", "clusterupgrade", "fleetobservability", "multiclusteringress" ] }, "google-native:gkehub/v1beta:CommonFeatureStateResponse": { "description": "CommonFeatureState contains Hub-wide Feature status information.", "properties": { "appdevexperience": { "$ref": "#/types/google-native:gkehub%2Fv1beta:AppDevExperienceFeatureStateResponse", "description": "Appdevexperience specific state." }, "clusterupgrade": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ClusterUpgradeFleetStateResponse", "description": "ClusterUpgrade fleet-level state." }, "fleetobservability": { "$ref": "#/types/google-native:gkehub%2Fv1beta:FleetObservabilityFeatureStateResponse", "description": "FleetObservability feature state." }, "state": { "$ref": "#/types/google-native:gkehub%2Fv1beta:FeatureStateResponse", "description": "The \"running state\" of the Feature in this Hub." } }, "type": "object", "required": [ "appdevexperience", "clusterupgrade", "fleetobservability", "state" ] }, "google-native:gkehub/v1beta:CommonFleetDefaultMemberConfigSpec": { "description": "CommonFleetDefaultMemberConfigSpec contains default configuration information for memberships of a fleet", "properties": { "configmanagement": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ConfigManagementMembershipSpec", "description": "Config Management-specific spec." }, "identityservice": { "$ref": "#/types/google-native:gkehub%2Fv1beta:IdentityServiceMembershipSpec", "description": "Identity Service-specific spec." }, "mesh": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ServiceMeshMembershipSpec", "description": "Anthos Service Mesh-specific spec" }, "policycontroller": { "$ref": "#/types/google-native:gkehub%2Fv1beta:PolicyControllerMembershipSpec", "description": "Policy Controller spec." } }, "type": "object" }, "google-native:gkehub/v1beta:CommonFleetDefaultMemberConfigSpecResponse": { "description": "CommonFleetDefaultMemberConfigSpec contains default configuration information for memberships of a fleet", "properties": { "configmanagement": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ConfigManagementMembershipSpecResponse", "description": "Config Management-specific spec." }, "identityservice": { "$ref": "#/types/google-native:gkehub%2Fv1beta:IdentityServiceMembershipSpecResponse", "description": "Identity Service-specific spec." }, "mesh": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ServiceMeshMembershipSpecResponse", "description": "Anthos Service Mesh-specific spec" }, "policycontroller": { "$ref": "#/types/google-native:gkehub%2Fv1beta:PolicyControllerMembershipSpecResponse", "description": "Policy Controller spec." } }, "type": "object", "required": [ "configmanagement", "identityservice", "mesh", "policycontroller" ] }, "google-native:gkehub/v1beta:ConfigManagementBinauthzConfig": { "description": "Configuration for Binauthz", "properties": { "enabled": { "type": "boolean", "description": "Whether binauthz is enabled in this cluster." } }, "type": "object" }, "google-native:gkehub/v1beta:ConfigManagementBinauthzConfigResponse": { "description": "Configuration for Binauthz", "properties": { "enabled": { "type": "boolean", "description": "Whether binauthz is enabled in this cluster." } }, "type": "object", "required": [ "enabled" ] }, "google-native:gkehub/v1beta:ConfigManagementConfigSync": { "description": "Configuration for Config Sync", "properties": { "allowVerticalScale": { "type": "boolean", "description": "Set to true to allow the vertical scaling. Defaults to false which disallows vertical scaling. This field is deprecated.", "deprecationMessage": "Set to true to allow the vertical scaling. Defaults to false which disallows vertical scaling. This field is deprecated." }, "enabled": { "type": "boolean", "description": "Enables the installation of ConfigSync. If set to true, ConfigSync resources will be created and the other ConfigSync fields will be applied if exist. If set to false, all other ConfigSync fields will be ignored, ConfigSync resources will be deleted. If omitted, ConfigSync resources will be managed depends on the presence of the git or oci field." }, "git": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ConfigManagementGitConfig", "description": "Git repo configuration for the cluster." }, "metricsGcpServiceAccountEmail": { "type": "string", "description": "The Email of the Google Cloud Service Account (GSA) used for exporting Config Sync metrics to Cloud Monitoring and Cloud Monarch when Workload Identity is enabled. The GSA should have the Monitoring Metric Writer (roles/monitoring.metricWriter) IAM role. The Kubernetes ServiceAccount `default` in the namespace `config-management-monitoring` should be bound to the GSA. This field is required when automatic Feature management is enabled." }, "oci": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ConfigManagementOciConfig", "description": "OCI repo configuration for the cluster" }, "preventDrift": { "type": "boolean", "description": "Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts." }, "sourceFormat": { "type": "string", "description": "Specifies whether the Config Sync Repo is in \"hierarchical\" or \"unstructured\" mode." } }, "type": "object" }, "google-native:gkehub/v1beta:ConfigManagementConfigSyncResponse": { "description": "Configuration for Config Sync", "properties": { "allowVerticalScale": { "type": "boolean", "description": "Set to true to allow the vertical scaling. Defaults to false which disallows vertical scaling. This field is deprecated.", "deprecationMessage": "Set to true to allow the vertical scaling. Defaults to false which disallows vertical scaling. This field is deprecated." }, "enabled": { "type": "boolean", "description": "Enables the installation of ConfigSync. If set to true, ConfigSync resources will be created and the other ConfigSync fields will be applied if exist. If set to false, all other ConfigSync fields will be ignored, ConfigSync resources will be deleted. If omitted, ConfigSync resources will be managed depends on the presence of the git or oci field." }, "git": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ConfigManagementGitConfigResponse", "description": "Git repo configuration for the cluster." }, "metricsGcpServiceAccountEmail": { "type": "string", "description": "The Email of the Google Cloud Service Account (GSA) used for exporting Config Sync metrics to Cloud Monitoring and Cloud Monarch when Workload Identity is enabled. The GSA should have the Monitoring Metric Writer (roles/monitoring.metricWriter) IAM role. The Kubernetes ServiceAccount `default` in the namespace `config-management-monitoring` should be bound to the GSA. This field is required when automatic Feature management is enabled." }, "oci": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ConfigManagementOciConfigResponse", "description": "OCI repo configuration for the cluster" }, "preventDrift": { "type": "boolean", "description": "Set to true to enable the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts." }, "sourceFormat": { "type": "string", "description": "Specifies whether the Config Sync Repo is in \"hierarchical\" or \"unstructured\" mode." } }, "type": "object", "required": [ "allowVerticalScale", "enabled", "git", "metricsGcpServiceAccountEmail", "oci", "preventDrift", "sourceFormat" ] }, "google-native:gkehub/v1beta:ConfigManagementGitConfig": { "description": "Git repo configuration for a single cluster.", "properties": { "gcpServiceAccountEmail": { "type": "string", "description": "The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount." }, "httpsProxy": { "type": "string", "description": "URL for the HTTPS proxy to be used when communicating with the Git repo." }, "policyDir": { "type": "string", "description": "The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository." }, "secretType": { "type": "string", "description": "Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required." }, "syncBranch": { "type": "string", "description": "The branch of the repository to sync from. Default: master." }, "syncRepo": { "type": "string", "description": "The URL of the Git repository to use as the source of truth." }, "syncRev": { "type": "string", "description": "Git revision (tag or hash) to check out. Default HEAD." }, "syncWaitSecs": { "type": "string", "description": "Period in seconds between consecutive syncs. Default: 15." } }, "type": "object" }, "google-native:gkehub/v1beta:ConfigManagementGitConfigResponse": { "description": "Git repo configuration for a single cluster.", "properties": { "gcpServiceAccountEmail": { "type": "string", "description": "The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount." }, "httpsProxy": { "type": "string", "description": "URL for the HTTPS proxy to be used when communicating with the Git repo." }, "policyDir": { "type": "string", "description": "The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository." }, "secretType": { "type": "string", "description": "Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required." }, "syncBranch": { "type": "string", "description": "The branch of the repository to sync from. Default: master." }, "syncRepo": { "type": "string", "description": "The URL of the Git repository to use as the source of truth." }, "syncRev": { "type": "string", "description": "Git revision (tag or hash) to check out. Default HEAD." }, "syncWaitSecs": { "type": "string", "description": "Period in seconds between consecutive syncs. Default: 15." } }, "type": "object", "required": [ "gcpServiceAccountEmail", "httpsProxy", "policyDir", "secretType", "syncBranch", "syncRepo", "syncRev", "syncWaitSecs" ] }, "google-native:gkehub/v1beta:ConfigManagementHierarchyControllerConfig": { "description": "Configuration for Hierarchy Controller", "properties": { "enableHierarchicalResourceQuota": { "type": "boolean", "description": "Whether hierarchical resource quota is enabled in this cluster." }, "enablePodTreeLabels": { "type": "boolean", "description": "Whether pod tree labels are enabled in this cluster." }, "enabled": { "type": "boolean", "description": "Whether Hierarchy Controller is enabled in this cluster." } }, "type": "object" }, "google-native:gkehub/v1beta:ConfigManagementHierarchyControllerConfigResponse": { "description": "Configuration for Hierarchy Controller", "properties": { "enableHierarchicalResourceQuota": { "type": "boolean", "description": "Whether hierarchical resource quota is enabled in this cluster." }, "enablePodTreeLabels": { "type": "boolean", "description": "Whether pod tree labels are enabled in this cluster." }, "enabled": { "type": "boolean", "description": "Whether Hierarchy Controller is enabled in this cluster." } }, "type": "object", "required": [ "enableHierarchicalResourceQuota", "enablePodTreeLabels", "enabled" ] }, "google-native:gkehub/v1beta:ConfigManagementMembershipSpec": { "description": "**Anthos Config Management**: Configuration for a single cluster. Intended to parallel the ConfigManagement CR.", "properties": { "binauthz": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ConfigManagementBinauthzConfig", "description": "Binauthz conifguration for the cluster. Deprecated: This field will be ignored and should not be set.", "deprecationMessage": "Binauthz conifguration for the cluster. Deprecated: This field will be ignored and should not be set." }, "cluster": { "type": "string", "description": "The user-specified cluster name used by Config Sync cluster-name-selector annotation or ClusterSelector, for applying configs to only a subset of clusters. Omit this field if the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector. Set this field if a name different from the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector." }, "configSync": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ConfigManagementConfigSync", "description": "Config Sync configuration for the cluster." }, "hierarchyController": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ConfigManagementHierarchyControllerConfig", "description": "Hierarchy Controller configuration for the cluster." }, "policyController": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ConfigManagementPolicyController", "description": "Policy Controller configuration for the cluster." }, "version": { "type": "string", "description": "Version of ACM installed." } }, "type": "object" }, "google-native:gkehub/v1beta:ConfigManagementMembershipSpecResponse": { "description": "**Anthos Config Management**: Configuration for a single cluster. Intended to parallel the ConfigManagement CR.", "properties": { "binauthz": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ConfigManagementBinauthzConfigResponse", "description": "Binauthz conifguration for the cluster. Deprecated: This field will be ignored and should not be set.", "deprecationMessage": "Binauthz conifguration for the cluster. Deprecated: This field will be ignored and should not be set." }, "cluster": { "type": "string", "description": "The user-specified cluster name used by Config Sync cluster-name-selector annotation or ClusterSelector, for applying configs to only a subset of clusters. Omit this field if the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector. Set this field if a name different from the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector." }, "configSync": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ConfigManagementConfigSyncResponse", "description": "Config Sync configuration for the cluster." }, "hierarchyController": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ConfigManagementHierarchyControllerConfigResponse", "description": "Hierarchy Controller configuration for the cluster." }, "policyController": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ConfigManagementPolicyControllerResponse", "description": "Policy Controller configuration for the cluster." }, "version": { "type": "string", "description": "Version of ACM installed." } }, "type": "object", "required": [ "binauthz", "cluster", "configSync", "hierarchyController", "policyController", "version" ] }, "google-native:gkehub/v1beta:ConfigManagementOciConfig": { "description": "OCI repo configuration for a single cluster", "properties": { "gcpServiceAccountEmail": { "type": "string", "description": "The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount." }, "policyDir": { "type": "string", "description": "The absolute path of the directory that contains the local resources. Default: the root directory of the image." }, "secretType": { "type": "string", "description": "Type of secret configured for access to the Git repo." }, "syncRepo": { "type": "string", "description": "The OCI image repository URL for the package to sync from. e.g. `LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME`." }, "syncWaitSecs": { "type": "string", "description": "Period in seconds between consecutive syncs. Default: 15." } }, "type": "object" }, "google-native:gkehub/v1beta:ConfigManagementOciConfigResponse": { "description": "OCI repo configuration for a single cluster", "properties": { "gcpServiceAccountEmail": { "type": "string", "description": "The Google Cloud Service Account Email used for auth when secret_type is gcpServiceAccount." }, "policyDir": { "type": "string", "description": "The absolute path of the directory that contains the local resources. Default: the root directory of the image." }, "secretType": { "type": "string", "description": "Type of secret configured for access to the Git repo." }, "syncRepo": { "type": "string", "description": "The OCI image repository URL for the package to sync from. e.g. `LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME`." }, "syncWaitSecs": { "type": "string", "description": "Period in seconds between consecutive syncs. Default: 15." } }, "type": "object", "required": [ "gcpServiceAccountEmail", "policyDir", "secretType", "syncRepo", "syncWaitSecs" ] }, "google-native:gkehub/v1beta:ConfigManagementPolicyController": { "description": "Configuration for Policy Controller", "properties": { "auditIntervalSeconds": { "type": "string", "description": "Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether." }, "enabled": { "type": "boolean", "description": "Enables the installation of Policy Controller. If false, the rest of PolicyController fields take no effect." }, "exemptableNamespaces": { "type": "array", "items": { "type": "string" }, "description": "The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster." }, "logDeniesEnabled": { "type": "boolean", "description": "Logs all denies and dry run failures." }, "monitoring": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ConfigManagementPolicyControllerMonitoring", "description": "Monitoring specifies the configuration of monitoring." }, "mutationEnabled": { "type": "boolean", "description": "Enable or disable mutation in policy controller. If true, mutation CRDs, webhook and controller deployment will be deployed to the cluster." }, "referentialRulesEnabled": { "type": "boolean", "description": "Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated." }, "templateLibraryInstalled": { "type": "boolean", "description": "Installs the default template library along with Policy Controller." } }, "type": "object" }, "google-native:gkehub/v1beta:ConfigManagementPolicyControllerMonitoring": { "description": "PolicyControllerMonitoring specifies the backends Policy Controller should export metrics to. For example, to specify metrics should be exported to Cloud Monitoring and Prometheus, specify backends: [\"cloudmonitoring\", \"prometheus\"]", "properties": { "backends": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ConfigManagementPolicyControllerMonitoringBackendsItem" }, "description": "Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export." } }, "type": "object" }, "google-native:gkehub/v1beta:ConfigManagementPolicyControllerMonitoringBackendsItem": { "type": "string", "enum": [ { "name": "MonitoringBackendUnspecified", "description": "Backend cannot be determined", "value": "MONITORING_BACKEND_UNSPECIFIED" }, { "name": "Prometheus", "description": "Prometheus backend for monitoring", "value": "PROMETHEUS" }, { "name": "CloudMonitoring", "description": "Stackdriver/Cloud Monitoring backend for monitoring", "value": "CLOUD_MONITORING" } ] }, "google-native:gkehub/v1beta:ConfigManagementPolicyControllerMonitoringResponse": { "description": "PolicyControllerMonitoring specifies the backends Policy Controller should export metrics to. For example, to specify metrics should be exported to Cloud Monitoring and Prometheus, specify backends: [\"cloudmonitoring\", \"prometheus\"]", "properties": { "backends": { "type": "array", "items": { "type": "string" }, "description": "Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export." } }, "type": "object", "required": [ "backends" ] }, "google-native:gkehub/v1beta:ConfigManagementPolicyControllerResponse": { "description": "Configuration for Policy Controller", "properties": { "auditIntervalSeconds": { "type": "string", "description": "Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether." }, "enabled": { "type": "boolean", "description": "Enables the installation of Policy Controller. If false, the rest of PolicyController fields take no effect." }, "exemptableNamespaces": { "type": "array", "items": { "type": "string" }, "description": "The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster." }, "logDeniesEnabled": { "type": "boolean", "description": "Logs all denies and dry run failures." }, "monitoring": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ConfigManagementPolicyControllerMonitoringResponse", "description": "Monitoring specifies the configuration of monitoring." }, "mutationEnabled": { "type": "boolean", "description": "Enable or disable mutation in policy controller. If true, mutation CRDs, webhook and controller deployment will be deployed to the cluster." }, "referentialRulesEnabled": { "type": "boolean", "description": "Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated." }, "templateLibraryInstalled": { "type": "boolean", "description": "Installs the default template library along with Policy Controller." }, "updateTime": { "type": "string", "description": "Last time this membership spec was updated." } }, "type": "object", "required": [ "auditIntervalSeconds", "enabled", "exemptableNamespaces", "logDeniesEnabled", "monitoring", "mutationEnabled", "referentialRulesEnabled", "templateLibraryInstalled", "updateTime" ] }, "google-native:gkehub/v1beta:DefaultClusterConfig": { "description": "DefaultClusterConfig describes the default cluster configurations to be applied to all clusters born-in-fleet.", "properties": { "binaryAuthorizationConfig": { "$ref": "#/types/google-native:gkehub%2Fv1beta:BinaryAuthorizationConfig", "description": "Optional. Enable/Disable binary authorization features for the cluster." }, "securityPostureConfig": { "$ref": "#/types/google-native:gkehub%2Fv1beta:SecurityPostureConfig", "description": "Enable/Disable Security Posture features for the cluster." } }, "type": "object" }, "google-native:gkehub/v1beta:DefaultClusterConfigResponse": { "description": "DefaultClusterConfig describes the default cluster configurations to be applied to all clusters born-in-fleet.", "properties": { "binaryAuthorizationConfig": { "$ref": "#/types/google-native:gkehub%2Fv1beta:BinaryAuthorizationConfigResponse", "description": "Optional. Enable/Disable binary authorization features for the cluster." }, "securityPostureConfig": { "$ref": "#/types/google-native:gkehub%2Fv1beta:SecurityPostureConfigResponse", "description": "Enable/Disable Security Posture features for the cluster." } }, "type": "object", "required": [ "binaryAuthorizationConfig", "securityPostureConfig" ] }, "google-native:gkehub/v1beta:EdgeCluster": { "description": "EdgeCluster contains information specific to Google Edge Clusters.", "properties": { "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the Edge Cluster. For example: //edgecontainer.googleapis.com/projects/my-project/locations/us-west1-a/clusters/my-cluster" } }, "type": "object" }, "google-native:gkehub/v1beta:EdgeClusterResponse": { "description": "EdgeCluster contains information specific to Google Edge Clusters.", "properties": { "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the Edge Cluster. For example: //edgecontainer.googleapis.com/projects/my-project/locations/us-west1-a/clusters/my-cluster" } }, "type": "object", "required": [ "resourceLink" ] }, "google-native:gkehub/v1beta:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:gkehub/v1beta:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:gkehub/v1beta:FeatureResourceStateResponse": { "description": "FeatureResourceState describes the state of a Feature *resource* in the GkeHub API. See `FeatureState` for the \"running state\" of the Feature in the Hub and across Memberships.", "properties": { "state": { "type": "string", "description": "The current state of the Feature resource in the Hub API." } }, "type": "object", "required": [ "state" ] }, "google-native:gkehub/v1beta:FeatureStateResponse": { "description": "FeatureState describes the high-level state of a Feature. It may be used to describe a Feature's state at the environ-level, or per-membershop, depending on the context.", "properties": { "code": { "type": "string", "description": "The high-level, machine-readable status of this Feature." }, "description": { "type": "string", "description": "A human-readable description of the current status." }, "updateTime": { "type": "string", "description": "The time this status and any related Feature-specific details were updated." } }, "type": "object", "required": [ "code", "description", "updateTime" ] }, "google-native:gkehub/v1beta:FleetLifecycleStateResponse": { "description": "FleetLifecycleState describes the state of a Fleet resource.", "properties": { "code": { "type": "string", "description": "The current state of the Fleet resource." } }, "type": "object", "required": [ "code" ] }, "google-native:gkehub/v1beta:FleetObservabilityFeatureErrorResponse": { "description": "All error details of the fleet observability feature.", "properties": { "code": { "type": "string", "description": "The code of the error." }, "description": { "type": "string", "description": "A human-readable description of the current status." } }, "type": "object", "required": [ "code", "description" ] }, "google-native:gkehub/v1beta:FleetObservabilityFeatureSpec": { "description": "**Fleet Observability**: The Hub-wide input for the FleetObservability feature.", "properties": { "loggingConfig": { "$ref": "#/types/google-native:gkehub%2Fv1beta:FleetObservabilityLoggingConfig", "description": "Specified if fleet logging feature is enabled for the entire fleet. If UNSPECIFIED, fleet logging feature is disabled for the entire fleet." } }, "type": "object" }, "google-native:gkehub/v1beta:FleetObservabilityFeatureSpecResponse": { "description": "**Fleet Observability**: The Hub-wide input for the FleetObservability feature.", "properties": { "loggingConfig": { "$ref": "#/types/google-native:gkehub%2Fv1beta:FleetObservabilityLoggingConfigResponse", "description": "Specified if fleet logging feature is enabled for the entire fleet. If UNSPECIFIED, fleet logging feature is disabled for the entire fleet." } }, "type": "object", "required": [ "loggingConfig" ] }, "google-native:gkehub/v1beta:FleetObservabilityFeatureStateResponse": { "description": "**FleetObservability**: Hub-wide Feature for FleetObservability feature. state.", "properties": { "logging": { "$ref": "#/types/google-native:gkehub%2Fv1beta:FleetObservabilityFleetObservabilityLoggingStateResponse", "description": "The feature state of default logging." }, "monitoring": { "$ref": "#/types/google-native:gkehub%2Fv1beta:FleetObservabilityFleetObservabilityMonitoringStateResponse", "description": "The feature state of fleet monitoring." } }, "type": "object", "required": [ "logging", "monitoring" ] }, "google-native:gkehub/v1beta:FleetObservabilityFleetObservabilityBaseFeatureStateResponse": { "description": "Base state for fleet observability feature.", "properties": { "code": { "type": "string", "description": "The high-level, machine-readable status of this Feature." }, "errors": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1beta:FleetObservabilityFeatureErrorResponse" }, "description": "Errors after reconciling the monitoring and logging feature if the code is not OK." } }, "type": "object", "required": [ "code", "errors" ] }, "google-native:gkehub/v1beta:FleetObservabilityFleetObservabilityLoggingStateResponse": { "description": "Feature state for logging feature.", "properties": { "defaultLog": { "$ref": "#/types/google-native:gkehub%2Fv1beta:FleetObservabilityFleetObservabilityBaseFeatureStateResponse", "description": "The base feature state of fleet default log." }, "scopeLog": { "$ref": "#/types/google-native:gkehub%2Fv1beta:FleetObservabilityFleetObservabilityBaseFeatureStateResponse", "description": "The base feature state of fleet scope log." } }, "type": "object", "required": [ "defaultLog", "scopeLog" ] }, "google-native:gkehub/v1beta:FleetObservabilityFleetObservabilityMonitoringStateResponse": { "description": "Feature state for monitoring feature.", "properties": { "state": { "$ref": "#/types/google-native:gkehub%2Fv1beta:FleetObservabilityFleetObservabilityBaseFeatureStateResponse", "description": "The base feature state of fleet monitoring feature." } }, "type": "object", "required": [ "state" ] }, "google-native:gkehub/v1beta:FleetObservabilityLoggingConfig": { "description": "LoggingConfig defines the configuration for different types of logs.", "properties": { "defaultConfig": { "$ref": "#/types/google-native:gkehub%2Fv1beta:FleetObservabilityRoutingConfig", "description": "Specified if applying the default routing config to logs not specified in other configs." }, "fleetScopeLogsConfig": { "$ref": "#/types/google-native:gkehub%2Fv1beta:FleetObservabilityRoutingConfig", "description": "Specified if applying the routing config to all logs for all fleet scopes." } }, "type": "object" }, "google-native:gkehub/v1beta:FleetObservabilityLoggingConfigResponse": { "description": "LoggingConfig defines the configuration for different types of logs.", "properties": { "defaultConfig": { "$ref": "#/types/google-native:gkehub%2Fv1beta:FleetObservabilityRoutingConfigResponse", "description": "Specified if applying the default routing config to logs not specified in other configs." }, "fleetScopeLogsConfig": { "$ref": "#/types/google-native:gkehub%2Fv1beta:FleetObservabilityRoutingConfigResponse", "description": "Specified if applying the routing config to all logs for all fleet scopes." } }, "type": "object", "required": [ "defaultConfig", "fleetScopeLogsConfig" ] }, "google-native:gkehub/v1beta:FleetObservabilityRoutingConfig": { "description": "RoutingConfig configures the behaviour of fleet logging feature.", "properties": { "mode": { "$ref": "#/types/google-native:gkehub%2Fv1beta:FleetObservabilityRoutingConfigMode", "description": "mode configures the logs routing mode." } }, "type": "object" }, "google-native:gkehub/v1beta:FleetObservabilityRoutingConfigMode": { "description": "mode configures the logs routing mode.", "type": "string", "enum": [ { "name": "ModeUnspecified", "description": "If UNSPECIFIED, fleet logging feature is disabled.", "value": "MODE_UNSPECIFIED" }, { "name": "Copy", "description": "logs will be copied to the destination project.", "value": "COPY" }, { "name": "Move", "description": "logs will be moved to the destination project.", "value": "MOVE" } ] }, "google-native:gkehub/v1beta:FleetObservabilityRoutingConfigResponse": { "description": "RoutingConfig configures the behaviour of fleet logging feature.", "properties": { "mode": { "type": "string", "description": "mode configures the logs routing mode." } }, "type": "object", "required": [ "mode" ] }, "google-native:gkehub/v1beta:GkeCluster": { "description": "GkeCluster contains information specific to GKE clusters.", "properties": { "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the GKE cluster. For example: //container.googleapis.com/projects/my-project/locations/us-west1-a/clusters/my-cluster Zonal clusters are also supported." } }, "type": "object" }, "google-native:gkehub/v1beta:GkeClusterResponse": { "description": "GkeCluster contains information specific to GKE clusters.", "properties": { "clusterMissing": { "type": "boolean", "description": "If cluster_missing is set then it denotes that the GKE cluster no longer exists in the GKE Control Plane." }, "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the GKE cluster. For example: //container.googleapis.com/projects/my-project/locations/us-west1-a/clusters/my-cluster Zonal clusters are also supported." } }, "type": "object", "required": [ "clusterMissing", "resourceLink" ] }, "google-native:gkehub/v1beta:IdentityServiceAuthMethod": { "description": "Configuration of an auth method for a member/cluster. Only one authentication method (e.g., OIDC and LDAP) can be set per AuthMethod.", "properties": { "azureadConfig": { "$ref": "#/types/google-native:gkehub%2Fv1beta:IdentityServiceAzureADConfig", "description": "AzureAD specific Configuration." }, "googleConfig": { "$ref": "#/types/google-native:gkehub%2Fv1beta:IdentityServiceGoogleConfig", "description": "GoogleConfig specific configuration." }, "name": { "type": "string", "description": "Identifier for auth config." }, "oidcConfig": { "$ref": "#/types/google-native:gkehub%2Fv1beta:IdentityServiceOidcConfig", "description": "OIDC specific configuration." }, "proxy": { "type": "string", "description": "Proxy server address to use for auth method." } }, "type": "object" }, "google-native:gkehub/v1beta:IdentityServiceAuthMethodResponse": { "description": "Configuration of an auth method for a member/cluster. Only one authentication method (e.g., OIDC and LDAP) can be set per AuthMethod.", "properties": { "azureadConfig": { "$ref": "#/types/google-native:gkehub%2Fv1beta:IdentityServiceAzureADConfigResponse", "description": "AzureAD specific Configuration." }, "googleConfig": { "$ref": "#/types/google-native:gkehub%2Fv1beta:IdentityServiceGoogleConfigResponse", "description": "GoogleConfig specific configuration." }, "name": { "type": "string", "description": "Identifier for auth config." }, "oidcConfig": { "$ref": "#/types/google-native:gkehub%2Fv1beta:IdentityServiceOidcConfigResponse", "description": "OIDC specific configuration." }, "proxy": { "type": "string", "description": "Proxy server address to use for auth method." } }, "type": "object", "required": [ "azureadConfig", "googleConfig", "name", "oidcConfig", "proxy" ] }, "google-native:gkehub/v1beta:IdentityServiceAzureADConfig": { "description": "Configuration for the AzureAD Auth flow.", "properties": { "clientId": { "type": "string", "description": "ID for the registered client application that makes authentication requests to the Azure AD identity provider." }, "clientSecret": { "type": "string", "description": "Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH." }, "kubectlRedirectUri": { "type": "string", "description": "The redirect URL that kubectl uses for authorization." }, "tenant": { "type": "string", "description": "Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant." } }, "type": "object" }, "google-native:gkehub/v1beta:IdentityServiceAzureADConfigResponse": { "description": "Configuration for the AzureAD Auth flow.", "properties": { "clientId": { "type": "string", "description": "ID for the registered client application that makes authentication requests to the Azure AD identity provider." }, "clientSecret": { "type": "string", "description": "Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH." }, "encryptedClientSecret": { "type": "string", "description": "Encrypted AzureAD client secret." }, "kubectlRedirectUri": { "type": "string", "description": "The redirect URL that kubectl uses for authorization." }, "tenant": { "type": "string", "description": "Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant." } }, "type": "object", "required": [ "clientId", "clientSecret", "encryptedClientSecret", "kubectlRedirectUri", "tenant" ] }, "google-native:gkehub/v1beta:IdentityServiceGoogleConfig": { "description": "Configuration for the Google Plugin Auth flow.", "properties": { "disable": { "type": "boolean", "description": "Disable automatic configuration of Google Plugin on supported platforms." } }, "type": "object" }, "google-native:gkehub/v1beta:IdentityServiceGoogleConfigResponse": { "description": "Configuration for the Google Plugin Auth flow.", "properties": { "disable": { "type": "boolean", "description": "Disable automatic configuration of Google Plugin on supported platforms." } }, "type": "object", "required": [ "disable" ] }, "google-native:gkehub/v1beta:IdentityServiceMembershipSpec": { "description": "**Anthos Identity Service**: Configuration for a single Membership.", "properties": { "authMethods": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1beta:IdentityServiceAuthMethod" }, "description": "A member may support multiple auth methods." } }, "type": "object" }, "google-native:gkehub/v1beta:IdentityServiceMembershipSpecResponse": { "description": "**Anthos Identity Service**: Configuration for a single Membership.", "properties": { "authMethods": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1beta:IdentityServiceAuthMethodResponse" }, "description": "A member may support multiple auth methods." } }, "type": "object", "required": [ "authMethods" ] }, "google-native:gkehub/v1beta:IdentityServiceOidcConfig": { "description": "Configuration for OIDC Auth flow.", "properties": { "certificateAuthorityData": { "type": "string", "description": "PEM-encoded CA for OIDC provider." }, "clientId": { "type": "string", "description": "ID for OIDC client application." }, "clientSecret": { "type": "string", "description": "Input only. Unencrypted OIDC client secret will be passed to the GKE Hub CLH." }, "deployCloudConsoleProxy": { "type": "boolean", "description": "Flag to denote if reverse proxy is used to connect to auth provider. This flag should be set to true when provider is not reachable by Google Cloud Console." }, "enableAccessToken": { "type": "boolean", "description": "Enable access token." }, "extraParams": { "type": "string", "description": "Comma-separated list of key-value pairs." }, "groupPrefix": { "type": "string", "description": "Prefix to prepend to group name." }, "groupsClaim": { "type": "string", "description": "Claim in OIDC ID token that holds group information." }, "issuerUri": { "type": "string", "description": "URI for the OIDC provider. This should point to the level below .well-known/openid-configuration." }, "kubectlRedirectUri": { "type": "string", "description": "Registered redirect uri to redirect users going through OAuth flow using kubectl plugin." }, "scopes": { "type": "string", "description": "Comma-separated list of identifiers." }, "userClaim": { "type": "string", "description": "Claim in OIDC ID token that holds username." }, "userPrefix": { "type": "string", "description": "Prefix to prepend to user name." } }, "type": "object" }, "google-native:gkehub/v1beta:IdentityServiceOidcConfigResponse": { "description": "Configuration for OIDC Auth flow.", "properties": { "certificateAuthorityData": { "type": "string", "description": "PEM-encoded CA for OIDC provider." }, "clientId": { "type": "string", "description": "ID for OIDC client application." }, "clientSecret": { "type": "string", "description": "Input only. Unencrypted OIDC client secret will be passed to the GKE Hub CLH." }, "deployCloudConsoleProxy": { "type": "boolean", "description": "Flag to denote if reverse proxy is used to connect to auth provider. This flag should be set to true when provider is not reachable by Google Cloud Console." }, "enableAccessToken": { "type": "boolean", "description": "Enable access token." }, "encryptedClientSecret": { "type": "string", "description": "Encrypted OIDC Client secret" }, "extraParams": { "type": "string", "description": "Comma-separated list of key-value pairs." }, "groupPrefix": { "type": "string", "description": "Prefix to prepend to group name." }, "groupsClaim": { "type": "string", "description": "Claim in OIDC ID token that holds group information." }, "issuerUri": { "type": "string", "description": "URI for the OIDC provider. This should point to the level below .well-known/openid-configuration." }, "kubectlRedirectUri": { "type": "string", "description": "Registered redirect uri to redirect users going through OAuth flow using kubectl plugin." }, "scopes": { "type": "string", "description": "Comma-separated list of identifiers." }, "userClaim": { "type": "string", "description": "Claim in OIDC ID token that holds username." }, "userPrefix": { "type": "string", "description": "Prefix to prepend to user name." } }, "type": "object", "required": [ "certificateAuthorityData", "clientId", "clientSecret", "deployCloudConsoleProxy", "enableAccessToken", "encryptedClientSecret", "extraParams", "groupPrefix", "groupsClaim", "issuerUri", "kubectlRedirectUri", "scopes", "userClaim", "userPrefix" ] }, "google-native:gkehub/v1beta:KubernetesMetadataResponse": { "description": "KubernetesMetadata provides informational metadata for Memberships representing Kubernetes clusters.", "properties": { "kubernetesApiServerVersion": { "type": "string", "description": "Kubernetes API server version string as reported by `/version`." }, "memoryMb": { "type": "integer", "description": "The total memory capacity as reported by the sum of all Kubernetes nodes resources, defined in MB." }, "nodeCount": { "type": "integer", "description": "Node count as reported by Kubernetes nodes resources." }, "nodeProviderId": { "type": "string", "description": "Node providerID as reported by the first node in the list of nodes on the Kubernetes endpoint. On Kubernetes platforms that support zero-node clusters (like GKE-on-GCP), the node_count will be zero and the node_provider_id will be empty." }, "updateTime": { "type": "string", "description": "The time at which these details were last updated. This update_time is different from the Membership-level update_time since EndpointDetails are updated internally for API consumers." }, "vcpuCount": { "type": "integer", "description": "vCPU count as reported by Kubernetes nodes resources." } }, "type": "object", "required": [ "kubernetesApiServerVersion", "memoryMb", "nodeCount", "nodeProviderId", "updateTime", "vcpuCount" ] }, "google-native:gkehub/v1beta:KubernetesResource": { "description": "KubernetesResource contains the YAML manifests and configuration for Membership Kubernetes resources in the cluster. After CreateMembership or UpdateMembership, these resources should be re-applied in the cluster.", "properties": { "membershipCrManifest": { "type": "string", "description": "Input only. The YAML representation of the Membership CR. This field is ignored for GKE clusters where Hub can read the CR directly. Callers should provide the CR that is currently present in the cluster during CreateMembership or UpdateMembership, or leave this field empty if none exists. The CR manifest is used to validate the cluster has not been registered with another Membership." }, "resourceOptions": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ResourceOptions", "description": "Optional. Options for Kubernetes resource generation." } }, "type": "object" }, "google-native:gkehub/v1beta:KubernetesResourceResponse": { "description": "KubernetesResource contains the YAML manifests and configuration for Membership Kubernetes resources in the cluster. After CreateMembership or UpdateMembership, these resources should be re-applied in the cluster.", "properties": { "connectResources": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ResourceManifestResponse" }, "description": "The Kubernetes resources for installing the GKE Connect agent This field is only populated in the Membership returned from a successful long-running operation from CreateMembership or UpdateMembership. It is not populated during normal GetMembership or ListMemberships requests. To get the resource manifest after the initial registration, the caller should make a UpdateMembership call with an empty field mask." }, "membershipCrManifest": { "type": "string", "description": "Input only. The YAML representation of the Membership CR. This field is ignored for GKE clusters where Hub can read the CR directly. Callers should provide the CR that is currently present in the cluster during CreateMembership or UpdateMembership, or leave this field empty if none exists. The CR manifest is used to validate the cluster has not been registered with another Membership." }, "membershipResources": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ResourceManifestResponse" }, "description": "Additional Kubernetes resources that need to be applied to the cluster after Membership creation, and after every update. This field is only populated in the Membership returned from a successful long-running operation from CreateMembership or UpdateMembership. It is not populated during normal GetMembership or ListMemberships requests. To get the resource manifest after the initial registration, the caller should make a UpdateMembership call with an empty field mask." }, "resourceOptions": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ResourceOptionsResponse", "description": "Optional. Options for Kubernetes resource generation." } }, "type": "object", "required": [ "connectResources", "membershipCrManifest", "membershipResources", "resourceOptions" ] }, "google-native:gkehub/v1beta:MembershipBindingLifecycleStateResponse": { "description": "MembershipBindingLifecycleState describes the state of a Binding resource.", "properties": { "code": { "type": "string", "description": "The current state of the MembershipBinding resource." } }, "type": "object", "required": [ "code" ] }, "google-native:gkehub/v1beta:MembershipEndpoint": { "description": "MembershipEndpoint contains information needed to contact a Kubernetes API, endpoint and any additional Kubernetes metadata.", "properties": { "applianceCluster": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ApplianceCluster", "description": "Optional. Specific information for a GDC Edge Appliance cluster." }, "edgeCluster": { "$ref": "#/types/google-native:gkehub%2Fv1beta:EdgeCluster", "description": "Optional. Specific information for a Google Edge cluster." }, "gkeCluster": { "$ref": "#/types/google-native:gkehub%2Fv1beta:GkeCluster", "description": "Optional. Specific information for a GKE-on-GCP cluster." }, "kubernetesResource": { "$ref": "#/types/google-native:gkehub%2Fv1beta:KubernetesResource", "description": "Optional. The in-cluster Kubernetes Resources that should be applied for a correctly registered cluster, in the steady state. These resources: * Ensure that the cluster is exclusively registered to one and only one Hub Membership. * Propagate Workload Pool Information available in the Membership Authority field. * Ensure proper initial configuration of default Hub Features." }, "multiCloudCluster": { "$ref": "#/types/google-native:gkehub%2Fv1beta:MultiCloudCluster", "description": "Optional. Specific information for a GKE Multi-Cloud cluster." }, "onPremCluster": { "$ref": "#/types/google-native:gkehub%2Fv1beta:OnPremCluster", "description": "Optional. Specific information for a GKE On-Prem cluster. An onprem user-cluster who has no resourceLink is not allowed to use this field, it should have a nil \"type\" instead." } }, "type": "object" }, "google-native:gkehub/v1beta:MembershipEndpointResponse": { "description": "MembershipEndpoint contains information needed to contact a Kubernetes API, endpoint and any additional Kubernetes metadata.", "properties": { "applianceCluster": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ApplianceClusterResponse", "description": "Optional. Specific information for a GDC Edge Appliance cluster." }, "edgeCluster": { "$ref": "#/types/google-native:gkehub%2Fv1beta:EdgeClusterResponse", "description": "Optional. Specific information for a Google Edge cluster." }, "gkeCluster": { "$ref": "#/types/google-native:gkehub%2Fv1beta:GkeClusterResponse", "description": "Optional. Specific information for a GKE-on-GCP cluster." }, "googleManaged": { "type": "boolean", "description": "Whether the lifecycle of this membership is managed by a google cluster platform service." }, "kubernetesMetadata": { "$ref": "#/types/google-native:gkehub%2Fv1beta:KubernetesMetadataResponse", "description": "Useful Kubernetes-specific metadata." }, "kubernetesResource": { "$ref": "#/types/google-native:gkehub%2Fv1beta:KubernetesResourceResponse", "description": "Optional. The in-cluster Kubernetes Resources that should be applied for a correctly registered cluster, in the steady state. These resources: * Ensure that the cluster is exclusively registered to one and only one Hub Membership. * Propagate Workload Pool Information available in the Membership Authority field. * Ensure proper initial configuration of default Hub Features." }, "multiCloudCluster": { "$ref": "#/types/google-native:gkehub%2Fv1beta:MultiCloudClusterResponse", "description": "Optional. Specific information for a GKE Multi-Cloud cluster." }, "onPremCluster": { "$ref": "#/types/google-native:gkehub%2Fv1beta:OnPremClusterResponse", "description": "Optional. Specific information for a GKE On-Prem cluster. An onprem user-cluster who has no resourceLink is not allowed to use this field, it should have a nil \"type\" instead." } }, "type": "object", "required": [ "applianceCluster", "edgeCluster", "gkeCluster", "googleManaged", "kubernetesMetadata", "kubernetesResource", "multiCloudCluster", "onPremCluster" ] }, "google-native:gkehub/v1beta:MembershipStateResponse": { "description": "MembershipState describes the state of a Membership resource.", "properties": { "code": { "type": "string", "description": "The current state of the Membership resource." } }, "type": "object", "required": [ "code" ] }, "google-native:gkehub/v1beta:MonitoringConfig": { "description": "MonitoringConfig informs Fleet-based applications/services/UIs how the metrics for the underlying cluster is reported to cloud monitoring services. It can be set from empty to non-empty, but can't be mutated directly to prevent accidentally breaking the constinousty of metrics.", "properties": { "cluster": { "type": "string", "description": "Optional. Cluster name used to report metrics. For Anthos on VMWare/Baremetal/MultiCloud clusters, it would be in format {cluster_type}/{cluster_name}, e.g., \"awsClusters/cluster_1\"." }, "clusterHash": { "type": "string", "description": "Optional. For GKE and Multicloud clusters, this is the UUID of the cluster resource. For VMWare and Baremetal clusters, this is the kube-system UID." }, "kubernetesMetricsPrefix": { "type": "string", "description": "Optional. Kubernetes system metrics, if available, are written to this prefix. This defaults to kubernetes.io for GKE, and kubernetes.io/anthos for Anthos eventually. Noted: Anthos MultiCloud will have kubernetes.io prefix today but will migration to be under kubernetes.io/anthos." }, "location": { "type": "string", "description": "Optional. Location used to report Metrics" }, "project": { "type": "string", "description": "Optional. Project used to report Metrics" } }, "type": "object" }, "google-native:gkehub/v1beta:MonitoringConfigResponse": { "description": "MonitoringConfig informs Fleet-based applications/services/UIs how the metrics for the underlying cluster is reported to cloud monitoring services. It can be set from empty to non-empty, but can't be mutated directly to prevent accidentally breaking the constinousty of metrics.", "properties": { "cluster": { "type": "string", "description": "Optional. Cluster name used to report metrics. For Anthos on VMWare/Baremetal/MultiCloud clusters, it would be in format {cluster_type}/{cluster_name}, e.g., \"awsClusters/cluster_1\"." }, "clusterHash": { "type": "string", "description": "Optional. For GKE and Multicloud clusters, this is the UUID of the cluster resource. For VMWare and Baremetal clusters, this is the kube-system UID." }, "kubernetesMetricsPrefix": { "type": "string", "description": "Optional. Kubernetes system metrics, if available, are written to this prefix. This defaults to kubernetes.io for GKE, and kubernetes.io/anthos for Anthos eventually. Noted: Anthos MultiCloud will have kubernetes.io prefix today but will migration to be under kubernetes.io/anthos." }, "location": { "type": "string", "description": "Optional. Location used to report Metrics" }, "project": { "type": "string", "description": "Optional. Project used to report Metrics" } }, "type": "object", "required": [ "cluster", "clusterHash", "kubernetesMetricsPrefix", "location", "project" ] }, "google-native:gkehub/v1beta:MultiCloudCluster": { "description": "MultiCloudCluster contains information specific to GKE Multi-Cloud clusters.", "properties": { "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the GKE Multi-Cloud cluster. For example: //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/awsClusters/my-cluster //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/azureClusters/my-cluster //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/attachedClusters/my-cluster" } }, "type": "object" }, "google-native:gkehub/v1beta:MultiCloudClusterResponse": { "description": "MultiCloudCluster contains information specific to GKE Multi-Cloud clusters.", "properties": { "clusterMissing": { "type": "boolean", "description": "If cluster_missing is set then it denotes that API(gkemulticloud.googleapis.com) resource for this GKE Multi-Cloud cluster no longer exists." }, "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the GKE Multi-Cloud cluster. For example: //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/awsClusters/my-cluster //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/azureClusters/my-cluster //gkemulticloud.googleapis.com/projects/my-project/locations/us-west1-a/attachedClusters/my-cluster" } }, "type": "object", "required": [ "clusterMissing", "resourceLink" ] }, "google-native:gkehub/v1beta:MultiClusterIngressFeatureSpec": { "description": "**Multi-cluster Ingress**: The configuration for the MultiClusterIngress feature.", "properties": { "billing": { "$ref": "#/types/google-native:gkehub%2Fv1beta:MultiClusterIngressFeatureSpecBilling", "description": "Deprecated: This field will be ignored and should not be set. Customer's billing structure.", "deprecationMessage": "Deprecated: This field will be ignored and should not be set. Customer's billing structure." }, "configMembership": { "type": "string", "description": "Fully-qualified Membership name which hosts the MultiClusterIngress CRD. Example: `projects/foo-proj/locations/global/memberships/bar`" } }, "type": "object" }, "google-native:gkehub/v1beta:MultiClusterIngressFeatureSpecBilling": { "description": "Deprecated: This field will be ignored and should not be set. Customer's billing structure.", "type": "string", "enum": [ { "name": "BillingUnspecified", "description": "Unknown", "value": "BILLING_UNSPECIFIED" }, { "name": "PayAsYouGo", "description": "User pays a fee per-endpoint.", "value": "PAY_AS_YOU_GO" }, { "name": "AnthosLicense", "description": "User is paying for Anthos as a whole.", "value": "ANTHOS_LICENSE" } ] }, "google-native:gkehub/v1beta:MultiClusterIngressFeatureSpecResponse": { "description": "**Multi-cluster Ingress**: The configuration for the MultiClusterIngress feature.", "properties": { "billing": { "type": "string", "description": "Deprecated: This field will be ignored and should not be set. Customer's billing structure.", "deprecationMessage": "Deprecated: This field will be ignored and should not be set. Customer's billing structure." }, "configMembership": { "type": "string", "description": "Fully-qualified Membership name which hosts the MultiClusterIngress CRD. Example: `projects/foo-proj/locations/global/memberships/bar`" } }, "type": "object", "required": [ "billing", "configMembership" ] }, "google-native:gkehub/v1beta:NamespaceLifecycleStateResponse": { "description": "NamespaceLifecycleState describes the state of a Namespace resource.", "properties": { "code": { "type": "string", "description": "The current state of the Namespace resource." } }, "type": "object", "required": [ "code" ] }, "google-native:gkehub/v1beta:OnPremCluster": { "description": "OnPremCluster contains information specific to GKE On-Prem clusters.", "properties": { "adminCluster": { "type": "boolean", "description": "Immutable. Whether the cluster is an admin cluster." }, "clusterType": { "$ref": "#/types/google-native:gkehub%2Fv1beta:OnPremClusterClusterType", "description": "Immutable. The on prem cluster's type." }, "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the GKE On-Prem cluster. For example: //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/vmwareClusters/my-cluster //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/bareMetalClusters/my-cluster" } }, "type": "object" }, "google-native:gkehub/v1beta:OnPremClusterClusterType": { "description": "Immutable. The on prem cluster's type.", "type": "string", "enum": [ { "name": "ClustertypeUnspecified", "description": "The ClusterType is not set.", "value": "CLUSTERTYPE_UNSPECIFIED" }, { "name": "Bootstrap", "description": "The ClusterType is bootstrap cluster.", "value": "BOOTSTRAP" }, { "name": "Hybrid", "description": "The ClusterType is baremetal hybrid cluster.", "value": "HYBRID" }, { "name": "Standalone", "description": "The ClusterType is baremetal standalone cluster.", "value": "STANDALONE" }, { "name": "User", "description": "The ClusterType is user cluster.", "value": "USER" } ] }, "google-native:gkehub/v1beta:OnPremClusterResponse": { "description": "OnPremCluster contains information specific to GKE On-Prem clusters.", "properties": { "adminCluster": { "type": "boolean", "description": "Immutable. Whether the cluster is an admin cluster." }, "clusterMissing": { "type": "boolean", "description": "If cluster_missing is set then it denotes that API(gkeonprem.googleapis.com) resource for this GKE On-Prem cluster no longer exists." }, "clusterType": { "type": "string", "description": "Immutable. The on prem cluster's type." }, "resourceLink": { "type": "string", "description": "Immutable. Self-link of the Google Cloud resource for the GKE On-Prem cluster. For example: //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/vmwareClusters/my-cluster //gkeonprem.googleapis.com/projects/my-project/locations/us-west1-a/bareMetalClusters/my-cluster" } }, "type": "object", "required": [ "adminCluster", "clusterMissing", "clusterType", "resourceLink" ] }, "google-native:gkehub/v1beta:PolicyBinding": { "description": "Binauthz policy that applies to this cluster.", "properties": { "name": { "type": "string", "description": "The relative resource name of the binauthz platform policy to audit. GKE platform policies have the following format: `projects/{project_number}/platforms/gke/policies/{policy_id}`." } }, "type": "object" }, "google-native:gkehub/v1beta:PolicyBindingResponse": { "description": "Binauthz policy that applies to this cluster.", "properties": { "name": { "type": "string", "description": "The relative resource name of the binauthz platform policy to audit. GKE platform policies have the following format: `projects/{project_number}/platforms/gke/policies/{policy_id}`." } }, "type": "object", "required": [ "name" ] }, "google-native:gkehub/v1beta:PolicyControllerHubConfig": { "description": "Configuration for Policy Controller", "properties": { "auditIntervalSeconds": { "type": "string", "description": "Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether." }, "constraintViolationLimit": { "type": "string", "description": "The maximum number of audit violations to be stored in a constraint. If not set, the internal default (currently 20) will be used." }, "deploymentConfigs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of deployment configs to deployments (\"admission\", \"audit\", \"mutation')." }, "exemptableNamespaces": { "type": "array", "items": { "type": "string" }, "description": "The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster." }, "installSpec": { "$ref": "#/types/google-native:gkehub%2Fv1beta:PolicyControllerHubConfigInstallSpec", "description": "The install_spec represents the intended state specified by the latest request that mutated install_spec in the feature spec, not the lifecycle state of the feature observed by the Hub feature controller that is reported in the feature state." }, "logDeniesEnabled": { "type": "boolean", "description": "Logs all denies and dry run failures." }, "monitoring": { "$ref": "#/types/google-native:gkehub%2Fv1beta:PolicyControllerMonitoringConfig", "description": "Monitoring specifies the configuration of monitoring." }, "mutationEnabled": { "type": "boolean", "description": "Enables the ability to mutate resources using Policy Controller." }, "policyContent": { "$ref": "#/types/google-native:gkehub%2Fv1beta:PolicyControllerPolicyContentSpec", "description": "Specifies the desired policy content on the cluster" }, "referentialRulesEnabled": { "type": "boolean", "description": "Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated." } }, "type": "object" }, "google-native:gkehub/v1beta:PolicyControllerHubConfigInstallSpec": { "description": "The install_spec represents the intended state specified by the latest request that mutated install_spec in the feature spec, not the lifecycle state of the feature observed by the Hub feature controller that is reported in the feature state.", "type": "string", "enum": [ { "name": "InstallSpecUnspecified", "description": "Spec is unknown.", "value": "INSTALL_SPEC_UNSPECIFIED" }, { "name": "InstallSpecNotInstalled", "description": "Request to uninstall Policy Controller.", "value": "INSTALL_SPEC_NOT_INSTALLED" }, { "name": "InstallSpecEnabled", "description": "Request to install and enable Policy Controller.", "value": "INSTALL_SPEC_ENABLED" }, { "name": "InstallSpecSuspended", "description": "Request to suspend Policy Controller i.e. its webhooks. If Policy Controller is not installed, it will be installed but suspended.", "value": "INSTALL_SPEC_SUSPENDED" }, { "name": "InstallSpecDetached", "description": "Request to stop all reconciliation actions by PoCo Hub controller. This is a breakglass mechanism to stop PoCo Hub from affecting cluster resources.", "value": "INSTALL_SPEC_DETACHED" } ] }, "google-native:gkehub/v1beta:PolicyControllerHubConfigResponse": { "description": "Configuration for Policy Controller", "properties": { "auditIntervalSeconds": { "type": "string", "description": "Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether." }, "constraintViolationLimit": { "type": "string", "description": "The maximum number of audit violations to be stored in a constraint. If not set, the internal default (currently 20) will be used." }, "deploymentConfigs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map of deployment configs to deployments (\"admission\", \"audit\", \"mutation')." }, "exemptableNamespaces": { "type": "array", "items": { "type": "string" }, "description": "The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster." }, "installSpec": { "type": "string", "description": "The install_spec represents the intended state specified by the latest request that mutated install_spec in the feature spec, not the lifecycle state of the feature observed by the Hub feature controller that is reported in the feature state." }, "logDeniesEnabled": { "type": "boolean", "description": "Logs all denies and dry run failures." }, "monitoring": { "$ref": "#/types/google-native:gkehub%2Fv1beta:PolicyControllerMonitoringConfigResponse", "description": "Monitoring specifies the configuration of monitoring." }, "mutationEnabled": { "type": "boolean", "description": "Enables the ability to mutate resources using Policy Controller." }, "policyContent": { "$ref": "#/types/google-native:gkehub%2Fv1beta:PolicyControllerPolicyContentSpecResponse", "description": "Specifies the desired policy content on the cluster" }, "referentialRulesEnabled": { "type": "boolean", "description": "Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated." } }, "type": "object", "required": [ "auditIntervalSeconds", "constraintViolationLimit", "deploymentConfigs", "exemptableNamespaces", "installSpec", "logDeniesEnabled", "monitoring", "mutationEnabled", "policyContent", "referentialRulesEnabled" ] }, "google-native:gkehub/v1beta:PolicyControllerMembershipSpec": { "description": "**Policy Controller**: Configuration for a single cluster. Intended to parallel the PolicyController CR.", "properties": { "policyControllerHubConfig": { "$ref": "#/types/google-native:gkehub%2Fv1beta:PolicyControllerHubConfig", "description": "Policy Controller configuration for the cluster." }, "version": { "type": "string", "description": "Version of Policy Controller installed." } }, "type": "object" }, "google-native:gkehub/v1beta:PolicyControllerMembershipSpecResponse": { "description": "**Policy Controller**: Configuration for a single cluster. Intended to parallel the PolicyController CR.", "properties": { "policyControllerHubConfig": { "$ref": "#/types/google-native:gkehub%2Fv1beta:PolicyControllerHubConfigResponse", "description": "Policy Controller configuration for the cluster." }, "version": { "type": "string", "description": "Version of Policy Controller installed." } }, "type": "object", "required": [ "policyControllerHubConfig", "version" ] }, "google-native:gkehub/v1beta:PolicyControllerMonitoringConfig": { "description": "MonitoringConfig specifies the backends Policy Controller should export metrics to. For example, to specify metrics should be exported to Cloud Monitoring and Prometheus, specify backends: [\"cloudmonitoring\", \"prometheus\"]", "properties": { "backends": { "type": "array", "items": { "$ref": "#/types/google-native:gkehub%2Fv1beta:PolicyControllerMonitoringConfigBackendsItem" }, "description": "Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export." } }, "type": "object" }, "google-native:gkehub/v1beta:PolicyControllerMonitoringConfigBackendsItem": { "type": "string", "enum": [ { "name": "MonitoringBackendUnspecified", "description": "Backend cannot be determined", "value": "MONITORING_BACKEND_UNSPECIFIED" }, { "name": "Prometheus", "description": "Prometheus backend for monitoring", "value": "PROMETHEUS" }, { "name": "CloudMonitoring", "description": "Stackdriver/Cloud Monitoring backend for monitoring", "value": "CLOUD_MONITORING" } ] }, "google-native:gkehub/v1beta:PolicyControllerMonitoringConfigResponse": { "description": "MonitoringConfig specifies the backends Policy Controller should export metrics to. For example, to specify metrics should be exported to Cloud Monitoring and Prometheus, specify backends: [\"cloudmonitoring\", \"prometheus\"]", "properties": { "backends": { "type": "array", "items": { "type": "string" }, "description": "Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export." } }, "type": "object", "required": [ "backends" ] }, "google-native:gkehub/v1beta:PolicyControllerPolicyContentSpec": { "description": "PolicyContentSpec defines the user's desired content configuration on the cluster.", "properties": { "bundles": { "type": "object", "additionalProperties": { "type": "string" }, "description": "map of bundle name to BundleInstallSpec. The bundle name maps to the `bundleName` key in the `policycontroller.gke.io/constraintData` annotation on a constraint." }, "templateLibrary": { "$ref": "#/types/google-native:gkehub%2Fv1beta:PolicyControllerTemplateLibraryConfig", "description": "Configures the installation of the Template Library." } }, "type": "object" }, "google-native:gkehub/v1beta:PolicyControllerPolicyContentSpecResponse": { "description": "PolicyContentSpec defines the user's desired content configuration on the cluster.", "properties": { "bundles": { "type": "object", "additionalProperties": { "type": "string" }, "description": "map of bundle name to BundleInstallSpec. The bundle name maps to the `bundleName` key in the `policycontroller.gke.io/constraintData` annotation on a constraint." }, "templateLibrary": { "$ref": "#/types/google-native:gkehub%2Fv1beta:PolicyControllerTemplateLibraryConfigResponse", "description": "Configures the installation of the Template Library." } }, "type": "object", "required": [ "bundles", "templateLibrary" ] }, "google-native:gkehub/v1beta:PolicyControllerTemplateLibraryConfig": { "description": "The config specifying which default library templates to install.", "properties": { "installation": { "$ref": "#/types/google-native:gkehub%2Fv1beta:PolicyControllerTemplateLibraryConfigInstallation", "description": "Configures the manner in which the template library is installed on the cluster." } }, "type": "object" }, "google-native:gkehub/v1beta:PolicyControllerTemplateLibraryConfigInstallation": { "description": "Configures the manner in which the template library is installed on the cluster.", "type": "string", "enum": [ { "name": "InstallationUnspecified", "description": "No installation strategy has been specified.", "value": "INSTALLATION_UNSPECIFIED" }, { "name": "NotInstalled", "description": "Do not install the template library.", "value": "NOT_INSTALLED" }, { "name": "All", "description": "Install the entire template library.", "value": "ALL" } ] }, "google-native:gkehub/v1beta:PolicyControllerTemplateLibraryConfigResponse": { "description": "The config specifying which default library templates to install.", "properties": { "installation": { "type": "string", "description": "Configures the manner in which the template library is installed on the cluster." } }, "type": "object", "required": [ "installation" ] }, "google-native:gkehub/v1beta:RBACRoleBindingLifecycleStateResponse": { "description": "RBACRoleBindingLifecycleState describes the state of a RbacRoleBinding resource.", "properties": { "code": { "type": "string", "description": "The current state of the rbacrolebinding resource." } }, "type": "object", "required": [ "code" ] }, "google-native:gkehub/v1beta:ResourceManifestResponse": { "description": "ResourceManifest represents a single Kubernetes resource to be applied to the cluster.", "properties": { "clusterScoped": { "type": "boolean", "description": "Whether the resource provided in the manifest is `cluster_scoped`. If unset, the manifest is assumed to be namespace scoped. This field is used for REST mapping when applying the resource in a cluster." }, "manifest": { "type": "string", "description": "YAML manifest of the resource." } }, "type": "object", "required": [ "clusterScoped", "manifest" ] }, "google-native:gkehub/v1beta:ResourceOptions": { "description": "ResourceOptions represent options for Kubernetes resource generation.", "properties": { "connectVersion": { "type": "string", "description": "Optional. The Connect agent version to use for connect_resources. Defaults to the latest GKE Connect version. The version must be a currently supported version, obsolete versions will be rejected." }, "k8sVersion": { "type": "string", "description": "Optional. Major version of the Kubernetes cluster. This is only used to determine which version to use for the CustomResourceDefinition resources, `apiextensions/v1beta1` or`apiextensions/v1`." }, "v1beta1Crd": { "type": "boolean", "description": "Optional. Use `apiextensions/v1beta1` instead of `apiextensions/v1` for CustomResourceDefinition resources. This option should be set for clusters with Kubernetes apiserver versions <1.16." } }, "type": "object" }, "google-native:gkehub/v1beta:ResourceOptionsResponse": { "description": "ResourceOptions represent options for Kubernetes resource generation.", "properties": { "connectVersion": { "type": "string", "description": "Optional. The Connect agent version to use for connect_resources. Defaults to the latest GKE Connect version. The version must be a currently supported version, obsolete versions will be rejected." }, "k8sVersion": { "type": "string", "description": "Optional. Major version of the Kubernetes cluster. This is only used to determine which version to use for the CustomResourceDefinition resources, `apiextensions/v1beta1` or`apiextensions/v1`." }, "v1beta1Crd": { "type": "boolean", "description": "Optional. Use `apiextensions/v1beta1` instead of `apiextensions/v1` for CustomResourceDefinition resources. This option should be set for clusters with Kubernetes apiserver versions <1.16." } }, "type": "object", "required": [ "connectVersion", "k8sVersion", "v1beta1Crd" ] }, "google-native:gkehub/v1beta:Role": { "description": "Role is the type for Kubernetes roles", "properties": { "predefinedRole": { "$ref": "#/types/google-native:gkehub%2Fv1beta:RolePredefinedRole", "description": "predefined_role is the Kubernetes default role to use" } }, "type": "object" }, "google-native:gkehub/v1beta:RolePredefinedRole": { "description": "predefined_role is the Kubernetes default role to use", "type": "string", "enum": [ { "name": "Unknown", "description": "UNKNOWN", "value": "UNKNOWN" }, { "name": "Admin", "description": "ADMIN has EDIT and RBAC permissions", "value": "ADMIN" }, { "name": "Edit", "description": "EDIT can edit all resources except RBAC", "value": "EDIT" }, { "name": "View", "description": "VIEW can only read resources", "value": "VIEW" }, { "name": "AnthosSupport", "description": "ANTHOS_SUPPORT gives Google Support read-only access to a number of cluster resources.", "value": "ANTHOS_SUPPORT" } ] }, "google-native:gkehub/v1beta:RoleResponse": { "description": "Role is the type for Kubernetes roles", "properties": { "predefinedRole": { "type": "string", "description": "predefined_role is the Kubernetes default role to use" } }, "type": "object", "required": [ "predefinedRole" ] }, "google-native:gkehub/v1beta:ScopeLifecycleStateResponse": { "description": "ScopeLifecycleState describes the state of a Scope resource.", "properties": { "code": { "type": "string", "description": "The current state of the scope resource." } }, "type": "object", "required": [ "code" ] }, "google-native:gkehub/v1beta:SecurityPostureConfig": { "description": "SecurityPostureConfig defines the flags needed to enable/disable features for the Security Posture API.", "properties": { "mode": { "$ref": "#/types/google-native:gkehub%2Fv1beta:SecurityPostureConfigMode", "description": "Sets which mode to use for Security Posture features." }, "vulnerabilityMode": { "$ref": "#/types/google-native:gkehub%2Fv1beta:SecurityPostureConfigVulnerabilityMode", "description": "Sets which mode to use for vulnerability scanning." } }, "type": "object" }, "google-native:gkehub/v1beta:SecurityPostureConfigMode": { "description": "Sets which mode to use for Security Posture features.", "type": "string", "enum": [ { "name": "ModeUnspecified", "description": "Default value not specified.", "value": "MODE_UNSPECIFIED" }, { "name": "Disabled", "description": "Disables Security Posture features on the cluster.", "value": "DISABLED" }, { "name": "Basic", "description": "Applies Security Posture features on the cluster.", "value": "BASIC" } ] }, "google-native:gkehub/v1beta:SecurityPostureConfigResponse": { "description": "SecurityPostureConfig defines the flags needed to enable/disable features for the Security Posture API.", "properties": { "mode": { "type": "string", "description": "Sets which mode to use for Security Posture features." }, "vulnerabilityMode": { "type": "string", "description": "Sets which mode to use for vulnerability scanning." } }, "type": "object", "required": [ "mode", "vulnerabilityMode" ] }, "google-native:gkehub/v1beta:SecurityPostureConfigVulnerabilityMode": { "description": "Sets which mode to use for vulnerability scanning.", "type": "string", "enum": [ { "name": "VulnerabilityModeUnspecified", "description": "Default value not specified.", "value": "VULNERABILITY_MODE_UNSPECIFIED" }, { "name": "VulnerabilityDisabled", "description": "Disables vulnerability scanning on the cluster.", "value": "VULNERABILITY_DISABLED" }, { "name": "VulnerabilityBasic", "description": "Applies basic vulnerability scanning on the cluster.", "value": "VULNERABILITY_BASIC" }, { "name": "VulnerabilityEnterprise", "description": "Applies the Security Posture's vulnerability on cluster Enterprise level features.", "value": "VULNERABILITY_ENTERPRISE" } ] }, "google-native:gkehub/v1beta:ServiceMeshMembershipSpec": { "description": "**Service Mesh**: Spec for a single Membership for the servicemesh feature", "properties": { "controlPlane": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ServiceMeshMembershipSpecControlPlane", "description": "Deprecated: use `management` instead Enables automatic control plane management.", "deprecationMessage": "Deprecated: use `management` instead Enables automatic control plane management." }, "management": { "$ref": "#/types/google-native:gkehub%2Fv1beta:ServiceMeshMembershipSpecManagement", "description": "Enables automatic Service Mesh management." } }, "type": "object" }, "google-native:gkehub/v1beta:ServiceMeshMembershipSpecControlPlane": { "description": "Deprecated: use `management` instead Enables automatic control plane management.", "type": "string", "enum": [ { "name": "ControlPlaneManagementUnspecified", "description": "Unspecified", "value": "CONTROL_PLANE_MANAGEMENT_UNSPECIFIED" }, { "name": "Automatic", "description": "Google should provision a control plane revision and make it available in the cluster. Google will enroll this revision in a release channel and keep it up to date. The control plane revision may be a managed service, or a managed install.", "value": "AUTOMATIC" }, { "name": "Manual", "description": "User will manually configure the control plane (e.g. via CLI, or via the ControlPlaneRevision KRM API)", "value": "MANUAL" } ] }, "google-native:gkehub/v1beta:ServiceMeshMembershipSpecManagement": { "description": "Enables automatic Service Mesh management.", "type": "string", "enum": [ { "name": "ManagementUnspecified", "description": "Unspecified", "value": "MANAGEMENT_UNSPECIFIED" }, { "name": "ManagementAutomatic", "description": "Google should manage my Service Mesh for the cluster.", "value": "MANAGEMENT_AUTOMATIC" }, { "name": "ManagementManual", "description": "User will manually configure their service mesh components.", "value": "MANAGEMENT_MANUAL" } ] }, "google-native:gkehub/v1beta:ServiceMeshMembershipSpecResponse": { "description": "**Service Mesh**: Spec for a single Membership for the servicemesh feature", "properties": { "controlPlane": { "type": "string", "description": "Deprecated: use `management` instead Enables automatic control plane management.", "deprecationMessage": "Deprecated: use `management` instead Enables automatic control plane management." }, "management": { "type": "string", "description": "Enables automatic Service Mesh management." } }, "type": "object", "required": [ "controlPlane", "management" ] }, "google-native:gkehub/v1beta:StatusResponse": { "description": "Status specifies state for the subcomponent.", "properties": { "code": { "type": "string", "description": "Code specifies AppDevExperienceFeature's subcomponent ready state." }, "description": { "type": "string", "description": "Description is populated if Code is Failed, explaining why it has failed." } }, "type": "object", "required": [ "code", "description" ] }, "google-native:gkeonprem/v1:Authorization": { "description": "Authorization defines the On-Prem cluster authorization configuration to bootstrap onto the admin cluster.", "properties": { "adminUsers": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:ClusterUser" }, "description": "For VMware and bare metal user clusters, users will be granted the cluster-admin role on the cluster, which provides full administrative access to the cluster. For bare metal admin clusters, users will be granted the cluster-view role, which limits users to read-only access." } }, "type": "object" }, "google-native:gkeonprem/v1:AuthorizationResponse": { "description": "Authorization defines the On-Prem cluster authorization configuration to bootstrap onto the admin cluster.", "properties": { "adminUsers": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:ClusterUserResponse" }, "description": "For VMware and bare metal user clusters, users will be granted the cluster-admin role on the cluster, which provides full administrative access to the cluster. For bare metal admin clusters, users will be granted the cluster-view role, which limits users to read-only access." } }, "type": "object", "required": [ "adminUsers" ] }, "google-native:gkeonprem/v1:BareMetalAdminApiServerArgument": { "description": "BareMetalAdminApiServerArgument represents an arg name->value pair. Only a subset of customized flags are supported. Please refer to the API server documentation below to know the exact format: https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/", "properties": { "argument": { "type": "string", "description": "The argument name as it appears on the API Server command line please make sure to remove the leading dashes." }, "value": { "type": "string", "description": "The value of the arg as it will be passed to the API Server command line." } }, "type": "object", "required": [ "argument", "value" ] }, "google-native:gkeonprem/v1:BareMetalAdminApiServerArgumentResponse": { "description": "BareMetalAdminApiServerArgument represents an arg name->value pair. Only a subset of customized flags are supported. Please refer to the API server documentation below to know the exact format: https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/", "properties": { "argument": { "type": "string", "description": "The argument name as it appears on the API Server command line please make sure to remove the leading dashes." }, "value": { "type": "string", "description": "The value of the arg as it will be passed to the API Server command line." } }, "type": "object", "required": [ "argument", "value" ] }, "google-native:gkeonprem/v1:BareMetalAdminClusterOperationsConfig": { "description": "BareMetalAdminClusterOperationsConfig specifies the admin cluster's observability infrastructure.", "properties": { "enableApplicationLogs": { "type": "boolean", "description": "Whether collection of application logs/metrics should be enabled (in addition to system logs/metrics)." } }, "type": "object" }, "google-native:gkeonprem/v1:BareMetalAdminClusterOperationsConfigResponse": { "description": "BareMetalAdminClusterOperationsConfig specifies the admin cluster's observability infrastructure.", "properties": { "enableApplicationLogs": { "type": "boolean", "description": "Whether collection of application logs/metrics should be enabled (in addition to system logs/metrics)." } }, "type": "object", "required": [ "enableApplicationLogs" ] }, "google-native:gkeonprem/v1:BareMetalAdminControlPlaneConfig": { "description": "BareMetalAdminControlPlaneConfig specifies the control plane configuration.", "properties": { "apiServerArgs": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalAdminApiServerArgument" }, "description": "Customizes the default API server args. Only a subset of customized flags are supported. Please refer to the API server documentation below to know the exact format: https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/" }, "controlPlaneNodePoolConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalAdminControlPlaneNodePoolConfig", "description": "Configures the node pool running the control plane. If specified the corresponding NodePool will be created for the cluster's control plane. The NodePool will have the same name and namespace as the cluster." } }, "type": "object", "required": [ "controlPlaneNodePoolConfig" ] }, "google-native:gkeonprem/v1:BareMetalAdminControlPlaneConfigResponse": { "description": "BareMetalAdminControlPlaneConfig specifies the control plane configuration.", "properties": { "apiServerArgs": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalAdminApiServerArgumentResponse" }, "description": "Customizes the default API server args. Only a subset of customized flags are supported. Please refer to the API server documentation below to know the exact format: https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/" }, "controlPlaneNodePoolConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalAdminControlPlaneNodePoolConfigResponse", "description": "Configures the node pool running the control plane. If specified the corresponding NodePool will be created for the cluster's control plane. The NodePool will have the same name and namespace as the cluster." } }, "type": "object", "required": [ "apiServerArgs", "controlPlaneNodePoolConfig" ] }, "google-native:gkeonprem/v1:BareMetalAdminControlPlaneNodePoolConfig": { "description": "BareMetalAdminControlPlaneNodePoolConfig specifies the control plane node pool configuration. We have a control plane specific node pool config so that we can flexible about supporting control plane specific fields in the future.", "properties": { "nodePoolConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalNodePoolConfig", "description": "The generic configuration for a node pool running the control plane." } }, "type": "object", "required": [ "nodePoolConfig" ] }, "google-native:gkeonprem/v1:BareMetalAdminControlPlaneNodePoolConfigResponse": { "description": "BareMetalAdminControlPlaneNodePoolConfig specifies the control plane node pool configuration. We have a control plane specific node pool config so that we can flexible about supporting control plane specific fields in the future.", "properties": { "nodePoolConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalNodePoolConfigResponse", "description": "The generic configuration for a node pool running the control plane." } }, "type": "object", "required": [ "nodePoolConfig" ] }, "google-native:gkeonprem/v1:BareMetalAdminDrainedMachineResponse": { "description": "BareMetalAdminDrainedMachine represents the machines that are drained.", "properties": { "nodeIp": { "type": "string", "description": "Drained machine IP address." } }, "type": "object", "required": [ "nodeIp" ] }, "google-native:gkeonprem/v1:BareMetalAdminDrainingMachineResponse": { "description": "BareMetalAdminDrainingMachine represents the machines that are currently draining.", "properties": { "nodeIp": { "type": "string", "description": "Draining machine IP address." }, "podCount": { "type": "integer", "description": "The count of pods yet to drain." } }, "type": "object", "required": [ "nodeIp", "podCount" ] }, "google-native:gkeonprem/v1:BareMetalAdminIslandModeCidrConfig": { "description": "BareMetalAdminIslandModeCidrConfig specifies the cluster CIDR configuration while running in island mode.", "properties": { "podAddressCidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "All pods in the cluster are assigned an RFC1918 IPv4 address from these ranges. This field cannot be changed after creation." }, "serviceAddressCidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "All services in the cluster are assigned an RFC1918 IPv4 address from these ranges. This field cannot be changed after creation." } }, "type": "object", "required": [ "podAddressCidrBlocks", "serviceAddressCidrBlocks" ] }, "google-native:gkeonprem/v1:BareMetalAdminIslandModeCidrConfigResponse": { "description": "BareMetalAdminIslandModeCidrConfig specifies the cluster CIDR configuration while running in island mode.", "properties": { "podAddressCidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "All pods in the cluster are assigned an RFC1918 IPv4 address from these ranges. This field cannot be changed after creation." }, "serviceAddressCidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "All services in the cluster are assigned an RFC1918 IPv4 address from these ranges. This field cannot be changed after creation." } }, "type": "object", "required": [ "podAddressCidrBlocks", "serviceAddressCidrBlocks" ] }, "google-native:gkeonprem/v1:BareMetalAdminLoadBalancerConfig": { "description": "BareMetalAdminLoadBalancerConfig specifies the load balancer configuration.", "properties": { "manualLbConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalAdminManualLbConfig", "description": "Manually configured load balancers." }, "portConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalAdminPortConfig", "description": "Configures the ports that the load balancer will listen on." }, "vipConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalAdminVipConfig", "description": "The VIPs used by the load balancer." } }, "type": "object" }, "google-native:gkeonprem/v1:BareMetalAdminLoadBalancerConfigResponse": { "description": "BareMetalAdminLoadBalancerConfig specifies the load balancer configuration.", "properties": { "manualLbConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalAdminManualLbConfigResponse", "description": "Manually configured load balancers." }, "portConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalAdminPortConfigResponse", "description": "Configures the ports that the load balancer will listen on." }, "vipConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalAdminVipConfigResponse", "description": "The VIPs used by the load balancer." } }, "type": "object", "required": [ "manualLbConfig", "portConfig", "vipConfig" ] }, "google-native:gkeonprem/v1:BareMetalAdminMachineDrainStatusResponse": { "description": "BareMetalAdminMachineDrainStatus represents the status of bare metal node machines that are undergoing drain operations.", "properties": { "drainedMachines": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalAdminDrainedMachineResponse" }, "description": "The list of drained machines." }, "drainingMachines": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalAdminDrainingMachineResponse" }, "description": "The list of draning machines." } }, "type": "object", "required": [ "drainedMachines", "drainingMachines" ] }, "google-native:gkeonprem/v1:BareMetalAdminMaintenanceConfig": { "description": "BareMetalAdminMaintenanceConfig specifies configurations to put bare metal Admin cluster CRs nodes in and out of maintenance.", "properties": { "maintenanceAddressCidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "All IPv4 address from these ranges will be placed into maintenance mode. Nodes in maintenance mode will be cordoned and drained. When both of these are true, the \"baremetal.cluster.gke.io/maintenance\" annotation will be set on the node resource." } }, "type": "object", "required": [ "maintenanceAddressCidrBlocks" ] }, "google-native:gkeonprem/v1:BareMetalAdminMaintenanceConfigResponse": { "description": "BareMetalAdminMaintenanceConfig specifies configurations to put bare metal Admin cluster CRs nodes in and out of maintenance.", "properties": { "maintenanceAddressCidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "All IPv4 address from these ranges will be placed into maintenance mode. Nodes in maintenance mode will be cordoned and drained. When both of these are true, the \"baremetal.cluster.gke.io/maintenance\" annotation will be set on the node resource." } }, "type": "object", "required": [ "maintenanceAddressCidrBlocks" ] }, "google-native:gkeonprem/v1:BareMetalAdminMaintenanceStatusResponse": { "description": "BareMetalAdminMaintenanceStatus represents the maintenance status for bare metal Admin cluster CR's nodes.", "properties": { "machineDrainStatus": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalAdminMachineDrainStatusResponse", "description": "Represents the status of draining and drained machine nodes. This is used to show the progress of cluster upgrade." } }, "type": "object", "required": [ "machineDrainStatus" ] }, "google-native:gkeonprem/v1:BareMetalAdminManualLbConfig": { "description": "BareMetalAdminManualLbConfig represents configuration parameters for a manual load balancer.", "properties": { "enabled": { "type": "boolean", "description": "Whether manual load balancing is enabled." } }, "type": "object" }, "google-native:gkeonprem/v1:BareMetalAdminManualLbConfigResponse": { "description": "BareMetalAdminManualLbConfig represents configuration parameters for a manual load balancer.", "properties": { "enabled": { "type": "boolean", "description": "Whether manual load balancing is enabled." } }, "type": "object", "required": [ "enabled" ] }, "google-native:gkeonprem/v1:BareMetalAdminNetworkConfig": { "description": "BareMetalAdminNetworkConfig specifies the cluster network configuration.", "properties": { "islandModeCidr": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalAdminIslandModeCidrConfig", "description": "Configuration for Island mode CIDR." } }, "type": "object" }, "google-native:gkeonprem/v1:BareMetalAdminNetworkConfigResponse": { "description": "BareMetalAdminNetworkConfig specifies the cluster network configuration.", "properties": { "islandModeCidr": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalAdminIslandModeCidrConfigResponse", "description": "Configuration for Island mode CIDR." } }, "type": "object", "required": [ "islandModeCidr" ] }, "google-native:gkeonprem/v1:BareMetalAdminNodeAccessConfig": { "description": "Specifies the node access related settings for the bare metal admin cluster.", "properties": { "loginUser": { "type": "string", "description": "LoginUser is the user name used to access node machines. It defaults to \"root\" if not set." } }, "type": "object", "required": [ "loginUser" ] }, "google-native:gkeonprem/v1:BareMetalAdminNodeAccessConfigResponse": { "description": "Specifies the node access related settings for the bare metal admin cluster.", "properties": { "loginUser": { "type": "string", "description": "LoginUser is the user name used to access node machines. It defaults to \"root\" if not set." } }, "type": "object", "required": [ "loginUser" ] }, "google-native:gkeonprem/v1:BareMetalAdminOsEnvironmentConfig": { "description": "Specifies operating system operation settings for cluster provisioning.", "properties": { "packageRepoExcluded": { "type": "boolean", "description": "Whether the package repo should be added when initializing bare metal machines." } }, "type": "object" }, "google-native:gkeonprem/v1:BareMetalAdminOsEnvironmentConfigResponse": { "description": "Specifies operating system operation settings for cluster provisioning.", "properties": { "packageRepoExcluded": { "type": "boolean", "description": "Whether the package repo should be added when initializing bare metal machines." } }, "type": "object", "required": [ "packageRepoExcluded" ] }, "google-native:gkeonprem/v1:BareMetalAdminPortConfig": { "description": "BareMetalAdminPortConfig is the specification of load balancer ports.", "properties": { "controlPlaneLoadBalancerPort": { "type": "integer", "description": "The port that control plane hosted load balancers will listen on." } }, "type": "object" }, "google-native:gkeonprem/v1:BareMetalAdminPortConfigResponse": { "description": "BareMetalAdminPortConfig is the specification of load balancer ports.", "properties": { "controlPlaneLoadBalancerPort": { "type": "integer", "description": "The port that control plane hosted load balancers will listen on." } }, "type": "object", "required": [ "controlPlaneLoadBalancerPort" ] }, "google-native:gkeonprem/v1:BareMetalAdminProxyConfig": { "description": "BareMetalAdminProxyConfig specifies the cluster proxy configuration.", "properties": { "noProxy": { "type": "array", "items": { "type": "string" }, "description": "A list of IPs, hostnames, and domains that should skip the proxy. Examples: [\"127.0.0.1\", \"example.com\", \".corp\", \"localhost\"]." }, "uri": { "type": "string", "description": "Specifies the address of your proxy server. Examples: `http://domain` WARNING: Do not provide credentials in the format `http://(username:password@)domain` these will be rejected by the server." } }, "type": "object", "required": [ "uri" ] }, "google-native:gkeonprem/v1:BareMetalAdminProxyConfigResponse": { "description": "BareMetalAdminProxyConfig specifies the cluster proxy configuration.", "properties": { "noProxy": { "type": "array", "items": { "type": "string" }, "description": "A list of IPs, hostnames, and domains that should skip the proxy. Examples: [\"127.0.0.1\", \"example.com\", \".corp\", \"localhost\"]." }, "uri": { "type": "string", "description": "Specifies the address of your proxy server. Examples: `http://domain` WARNING: Do not provide credentials in the format `http://(username:password@)domain` these will be rejected by the server." } }, "type": "object", "required": [ "noProxy", "uri" ] }, "google-native:gkeonprem/v1:BareMetalAdminSecurityConfig": { "description": "Specifies the security related settings for the bare metal admin cluster.", "properties": { "authorization": { "$ref": "#/types/google-native:gkeonprem%2Fv1:Authorization", "description": "Configures user access to the admin cluster." } }, "type": "object" }, "google-native:gkeonprem/v1:BareMetalAdminSecurityConfigResponse": { "description": "Specifies the security related settings for the bare metal admin cluster.", "properties": { "authorization": { "$ref": "#/types/google-native:gkeonprem%2Fv1:AuthorizationResponse", "description": "Configures user access to the admin cluster." } }, "type": "object", "required": [ "authorization" ] }, "google-native:gkeonprem/v1:BareMetalAdminStorageConfig": { "description": "BareMetalAdminStorageConfig specifies the cluster storage configuration.", "properties": { "lvpNodeMountsConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalLvpConfig", "description": "Specifies the config for local PersistentVolumes backed by mounted node disks. These disks need to be formatted and mounted by the user, which can be done before or after cluster creation." }, "lvpShareConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalLvpShareConfig", "description": "Specifies the config for local PersistentVolumes backed by subdirectories in a shared filesystem. These subdirectores are automatically created during cluster creation." } }, "type": "object", "required": [ "lvpNodeMountsConfig", "lvpShareConfig" ] }, "google-native:gkeonprem/v1:BareMetalAdminStorageConfigResponse": { "description": "BareMetalAdminStorageConfig specifies the cluster storage configuration.", "properties": { "lvpNodeMountsConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalLvpConfigResponse", "description": "Specifies the config for local PersistentVolumes backed by mounted node disks. These disks need to be formatted and mounted by the user, which can be done before or after cluster creation." }, "lvpShareConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalLvpShareConfigResponse", "description": "Specifies the config for local PersistentVolumes backed by subdirectories in a shared filesystem. These subdirectores are automatically created during cluster creation." } }, "type": "object", "required": [ "lvpNodeMountsConfig", "lvpShareConfig" ] }, "google-native:gkeonprem/v1:BareMetalAdminVipConfig": { "description": "BareMetalAdminVipConfig for bare metal load balancer configurations.", "properties": { "controlPlaneVip": { "type": "string", "description": "The VIP which you previously set aside for the Kubernetes API of this bare metal admin cluster." } }, "type": "object" }, "google-native:gkeonprem/v1:BareMetalAdminVipConfigResponse": { "description": "BareMetalAdminVipConfig for bare metal load balancer configurations.", "properties": { "controlPlaneVip": { "type": "string", "description": "The VIP which you previously set aside for the Kubernetes API of this bare metal admin cluster." } }, "type": "object", "required": [ "controlPlaneVip" ] }, "google-native:gkeonprem/v1:BareMetalAdminWorkloadNodeConfig": { "description": "BareMetalAdminWorkloadNodeConfig specifies the workload node configurations.", "properties": { "maxPodsPerNode": { "type": "string", "description": "The maximum number of pods a node can run. The size of the CIDR range assigned to the node will be derived from this parameter. By default 110 Pods are created per Node. Upper bound is 250 for both HA and non-HA admin cluster. Lower bound is 64 for non-HA admin cluster and 32 for HA admin cluster." } }, "type": "object" }, "google-native:gkeonprem/v1:BareMetalAdminWorkloadNodeConfigResponse": { "description": "BareMetalAdminWorkloadNodeConfig specifies the workload node configurations.", "properties": { "maxPodsPerNode": { "type": "string", "description": "The maximum number of pods a node can run. The size of the CIDR range assigned to the node will be derived from this parameter. By default 110 Pods are created per Node. Upper bound is 250 for both HA and non-HA admin cluster. Lower bound is 64 for non-HA admin cluster and 32 for HA admin cluster." } }, "type": "object", "required": [ "maxPodsPerNode" ] }, "google-native:gkeonprem/v1:BareMetalApiServerArgument": { "description": "Represents an arg name->value pair. Only a subset of customized flags are supported. For the exact format, refer to the [API server documentation](https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/).", "properties": { "argument": { "type": "string", "description": "The argument name as it appears on the API Server command line, make sure to remove the leading dashes." }, "value": { "type": "string", "description": "The value of the arg as it will be passed to the API Server command line." } }, "type": "object", "required": [ "argument", "value" ] }, "google-native:gkeonprem/v1:BareMetalApiServerArgumentResponse": { "description": "Represents an arg name->value pair. Only a subset of customized flags are supported. For the exact format, refer to the [API server documentation](https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/).", "properties": { "argument": { "type": "string", "description": "The argument name as it appears on the API Server command line, make sure to remove the leading dashes." }, "value": { "type": "string", "description": "The value of the arg as it will be passed to the API Server command line." } }, "type": "object", "required": [ "argument", "value" ] }, "google-native:gkeonprem/v1:BareMetalBgpLbConfig": { "description": "BareMetalBgpLbConfig represents configuration parameters for a Border Gateway Protocol (BGP) load balancer.", "properties": { "addressPools": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalLoadBalancerAddressPool" }, "description": "AddressPools is a list of non-overlapping IP pools used by load balancer typed services. All addresses must be routable to load balancer nodes. IngressVIP must be included in the pools." }, "asn": { "type": "string", "description": "BGP autonomous system number (ASN) of the cluster. This field can be updated after cluster creation." }, "bgpPeerConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalBgpPeerConfig" }, "description": "The list of BGP peers that the cluster will connect to. At least one peer must be configured for each control plane node. Control plane nodes will connect to these peers to advertise the control plane VIP. The Services load balancer also uses these peers by default. This field can be updated after cluster creation." }, "loadBalancerNodePoolConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalLoadBalancerNodePoolConfig", "description": "Specifies the node pool running data plane load balancing. L2 connectivity is required among nodes in this pool. If missing, the control plane node pool is used for data plane load balancing." } }, "type": "object", "required": [ "addressPools", "asn", "bgpPeerConfigs" ] }, "google-native:gkeonprem/v1:BareMetalBgpLbConfigResponse": { "description": "BareMetalBgpLbConfig represents configuration parameters for a Border Gateway Protocol (BGP) load balancer.", "properties": { "addressPools": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalLoadBalancerAddressPoolResponse" }, "description": "AddressPools is a list of non-overlapping IP pools used by load balancer typed services. All addresses must be routable to load balancer nodes. IngressVIP must be included in the pools." }, "asn": { "type": "string", "description": "BGP autonomous system number (ASN) of the cluster. This field can be updated after cluster creation." }, "bgpPeerConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalBgpPeerConfigResponse" }, "description": "The list of BGP peers that the cluster will connect to. At least one peer must be configured for each control plane node. Control plane nodes will connect to these peers to advertise the control plane VIP. The Services load balancer also uses these peers by default. This field can be updated after cluster creation." }, "loadBalancerNodePoolConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalLoadBalancerNodePoolConfigResponse", "description": "Specifies the node pool running data plane load balancing. L2 connectivity is required among nodes in this pool. If missing, the control plane node pool is used for data plane load balancing." } }, "type": "object", "required": [ "addressPools", "asn", "bgpPeerConfigs", "loadBalancerNodePoolConfig" ] }, "google-native:gkeonprem/v1:BareMetalBgpPeerConfig": { "description": "BareMetalBgpPeerConfig represents configuration parameters for a Border Gateway Protocol (BGP) peer.", "properties": { "asn": { "type": "string", "description": "BGP autonomous system number (ASN) for the network that contains the external peer device." }, "controlPlaneNodes": { "type": "array", "items": { "type": "string" }, "description": "The IP address of the control plane node that connects to the external peer. If you don't specify any control plane nodes, all control plane nodes can connect to the external peer. If you specify one or more IP addresses, only the nodes specified participate in peering sessions." }, "ipAddress": { "type": "string", "description": "The IP address of the external peer device." } }, "type": "object", "required": [ "asn", "ipAddress" ] }, "google-native:gkeonprem/v1:BareMetalBgpPeerConfigResponse": { "description": "BareMetalBgpPeerConfig represents configuration parameters for a Border Gateway Protocol (BGP) peer.", "properties": { "asn": { "type": "string", "description": "BGP autonomous system number (ASN) for the network that contains the external peer device." }, "controlPlaneNodes": { "type": "array", "items": { "type": "string" }, "description": "The IP address of the control plane node that connects to the external peer. If you don't specify any control plane nodes, all control plane nodes can connect to the external peer. If you specify one or more IP addresses, only the nodes specified participate in peering sessions." }, "ipAddress": { "type": "string", "description": "The IP address of the external peer device." } }, "type": "object", "required": [ "asn", "controlPlaneNodes", "ipAddress" ] }, "google-native:gkeonprem/v1:BareMetalClusterOperationsConfig": { "description": "Specifies the bare metal user cluster's observability infrastructure.", "properties": { "enableApplicationLogs": { "type": "boolean", "description": "Whether collection of application logs/metrics should be enabled (in addition to system logs/metrics)." } }, "type": "object" }, "google-native:gkeonprem/v1:BareMetalClusterOperationsConfigResponse": { "description": "Specifies the bare metal user cluster's observability infrastructure.", "properties": { "enableApplicationLogs": { "type": "boolean", "description": "Whether collection of application logs/metrics should be enabled (in addition to system logs/metrics)." } }, "type": "object", "required": [ "enableApplicationLogs" ] }, "google-native:gkeonprem/v1:BareMetalClusterUpgradePolicy": { "description": "BareMetalClusterUpgradePolicy defines the cluster upgrade policy.", "properties": { "policy": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalClusterUpgradePolicyPolicy", "description": "Specifies which upgrade policy to use." } }, "type": "object" }, "google-native:gkeonprem/v1:BareMetalClusterUpgradePolicyPolicy": { "description": "Specifies which upgrade policy to use.", "type": "string", "enum": [ { "name": "NodePoolPolicyUnspecified", "description": "No upgrade policy selected.", "value": "NODE_POOL_POLICY_UNSPECIFIED" }, { "name": "Serial", "description": "Upgrade worker node pools sequentially.", "value": "SERIAL" }, { "name": "Concurrent", "description": "Upgrade all worker node pools in parallel.", "value": "CONCURRENT" } ] }, "google-native:gkeonprem/v1:BareMetalClusterUpgradePolicyResponse": { "description": "BareMetalClusterUpgradePolicy defines the cluster upgrade policy.", "properties": { "policy": { "type": "string", "description": "Specifies which upgrade policy to use." } }, "type": "object", "required": [ "policy" ] }, "google-native:gkeonprem/v1:BareMetalControlPlaneConfig": { "description": "Specifies the control plane configuration.", "properties": { "apiServerArgs": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalApiServerArgument" }, "description": "Customizes the default API server args. Only a subset of customized flags are supported. For the exact format, refer to the [API server documentation](https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/)." }, "controlPlaneNodePoolConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalControlPlaneNodePoolConfig", "description": "Configures the node pool running the control plane." } }, "type": "object", "required": [ "controlPlaneNodePoolConfig" ] }, "google-native:gkeonprem/v1:BareMetalControlPlaneConfigResponse": { "description": "Specifies the control plane configuration.", "properties": { "apiServerArgs": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalApiServerArgumentResponse" }, "description": "Customizes the default API server args. Only a subset of customized flags are supported. For the exact format, refer to the [API server documentation](https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/)." }, "controlPlaneNodePoolConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalControlPlaneNodePoolConfigResponse", "description": "Configures the node pool running the control plane." } }, "type": "object", "required": [ "apiServerArgs", "controlPlaneNodePoolConfig" ] }, "google-native:gkeonprem/v1:BareMetalControlPlaneNodePoolConfig": { "description": "Specifies the control plane node pool configuration.", "properties": { "nodePoolConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalNodePoolConfig", "description": "The generic configuration for a node pool running the control plane." } }, "type": "object", "required": [ "nodePoolConfig" ] }, "google-native:gkeonprem/v1:BareMetalControlPlaneNodePoolConfigResponse": { "description": "Specifies the control plane node pool configuration.", "properties": { "nodePoolConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalNodePoolConfigResponse", "description": "The generic configuration for a node pool running the control plane." } }, "type": "object", "required": [ "nodePoolConfig" ] }, "google-native:gkeonprem/v1:BareMetalDrainedMachineResponse": { "description": "Represents a machine that is currently drained.", "properties": { "nodeIp": { "type": "string", "description": "Drained machine IP address." } }, "type": "object", "required": [ "nodeIp" ] }, "google-native:gkeonprem/v1:BareMetalDrainingMachineResponse": { "description": "Represents a machine that is currently draining.", "properties": { "nodeIp": { "type": "string", "description": "Draining machine IP address." }, "podCount": { "type": "integer", "description": "The count of pods yet to drain." } }, "type": "object", "required": [ "nodeIp", "podCount" ] }, "google-native:gkeonprem/v1:BareMetalIslandModeCidrConfig": { "description": "Specifies the cluster CIDR configuration while running in island mode.", "properties": { "podAddressCidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "All pods in the cluster are assigned an RFC1918 IPv4 address from these ranges. This field cannot be changed after creation." }, "serviceAddressCidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "All services in the cluster are assigned an RFC1918 IPv4 address from these ranges. This field is mutable after creation starting with version 1.15." } }, "type": "object", "required": [ "podAddressCidrBlocks", "serviceAddressCidrBlocks" ] }, "google-native:gkeonprem/v1:BareMetalIslandModeCidrConfigResponse": { "description": "Specifies the cluster CIDR configuration while running in island mode.", "properties": { "podAddressCidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "All pods in the cluster are assigned an RFC1918 IPv4 address from these ranges. This field cannot be changed after creation." }, "serviceAddressCidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "All services in the cluster are assigned an RFC1918 IPv4 address from these ranges. This field is mutable after creation starting with version 1.15." } }, "type": "object", "required": [ "podAddressCidrBlocks", "serviceAddressCidrBlocks" ] }, "google-native:gkeonprem/v1:BareMetalKubeletConfig": { "description": "KubeletConfig defines the modifiable kubelet configurations for bare metal machines. Note: this list includes fields supported in GKE (see https://cloud.google.com/kubernetes-engine/docs/how-to/node-system-config#kubelet-options).", "properties": { "registryBurst": { "type": "integer", "description": "The maximum size of bursty pulls, temporarily allows pulls to burst to this number, while still not exceeding registry_pull_qps. The value must not be a negative number. Updating this field may impact scalability by changing the amount of traffic produced by image pulls. Defaults to 10." }, "registryPullQps": { "type": "integer", "description": "The limit of registry pulls per second. Setting this value to 0 means no limit. Updating this field may impact scalability by changing the amount of traffic produced by image pulls. Defaults to 5." }, "serializeImagePullsDisabled": { "type": "boolean", "description": "Prevents the Kubelet from pulling multiple images at a time. We recommend *not* changing the default value on nodes that run docker daemon with version < 1.9 or an Another Union File System (Aufs) storage backend. Issue https://github.com/kubernetes/kubernetes/issues/10959 has more details." } }, "type": "object" }, "google-native:gkeonprem/v1:BareMetalKubeletConfigResponse": { "description": "KubeletConfig defines the modifiable kubelet configurations for bare metal machines. Note: this list includes fields supported in GKE (see https://cloud.google.com/kubernetes-engine/docs/how-to/node-system-config#kubelet-options).", "properties": { "registryBurst": { "type": "integer", "description": "The maximum size of bursty pulls, temporarily allows pulls to burst to this number, while still not exceeding registry_pull_qps. The value must not be a negative number. Updating this field may impact scalability by changing the amount of traffic produced by image pulls. Defaults to 10." }, "registryPullQps": { "type": "integer", "description": "The limit of registry pulls per second. Setting this value to 0 means no limit. Updating this field may impact scalability by changing the amount of traffic produced by image pulls. Defaults to 5." }, "serializeImagePullsDisabled": { "type": "boolean", "description": "Prevents the Kubelet from pulling multiple images at a time. We recommend *not* changing the default value on nodes that run docker daemon with version < 1.9 or an Another Union File System (Aufs) storage backend. Issue https://github.com/kubernetes/kubernetes/issues/10959 has more details." } }, "type": "object", "required": [ "registryBurst", "registryPullQps", "serializeImagePullsDisabled" ] }, "google-native:gkeonprem/v1:BareMetalLoadBalancerAddressPool": { "description": "Represents an IP pool used by the load balancer.", "properties": { "addresses": { "type": "array", "items": { "type": "string" }, "description": "The addresses that are part of this pool. Each address must be either in the CIDR form (1.2.3.0/24) or range form (1.2.3.1-1.2.3.5)." }, "avoidBuggyIps": { "type": "boolean", "description": "If true, avoid using IPs ending in .0 or .255. This avoids buggy consumer devices mistakenly dropping IPv4 traffic for those special IP addresses." }, "manualAssign": { "type": "boolean", "description": "If true, prevent IP addresses from being automatically assigned." }, "pool": { "type": "string", "description": "The name of the address pool." } }, "type": "object", "required": [ "addresses", "pool" ] }, "google-native:gkeonprem/v1:BareMetalLoadBalancerAddressPoolResponse": { "description": "Represents an IP pool used by the load balancer.", "properties": { "addresses": { "type": "array", "items": { "type": "string" }, "description": "The addresses that are part of this pool. Each address must be either in the CIDR form (1.2.3.0/24) or range form (1.2.3.1-1.2.3.5)." }, "avoidBuggyIps": { "type": "boolean", "description": "If true, avoid using IPs ending in .0 or .255. This avoids buggy consumer devices mistakenly dropping IPv4 traffic for those special IP addresses." }, "manualAssign": { "type": "boolean", "description": "If true, prevent IP addresses from being automatically assigned." }, "pool": { "type": "string", "description": "The name of the address pool." } }, "type": "object", "required": [ "addresses", "avoidBuggyIps", "manualAssign", "pool" ] }, "google-native:gkeonprem/v1:BareMetalLoadBalancerConfig": { "description": "Specifies the load balancer configuration.", "properties": { "bgpLbConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalBgpLbConfig", "description": "Configuration for BGP typed load balancers. When set network_config.advanced_networking is automatically set to true." }, "manualLbConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalManualLbConfig", "description": "Manually configured load balancers." }, "metalLbConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalMetalLbConfig", "description": "Configuration for MetalLB load balancers." }, "portConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalPortConfig", "description": "Configures the ports that the load balancer will listen on." }, "vipConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalVipConfig", "description": "The VIPs used by the load balancer." } }, "type": "object" }, "google-native:gkeonprem/v1:BareMetalLoadBalancerConfigResponse": { "description": "Specifies the load balancer configuration.", "properties": { "bgpLbConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalBgpLbConfigResponse", "description": "Configuration for BGP typed load balancers. When set network_config.advanced_networking is automatically set to true." }, "manualLbConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalManualLbConfigResponse", "description": "Manually configured load balancers." }, "metalLbConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalMetalLbConfigResponse", "description": "Configuration for MetalLB load balancers." }, "portConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalPortConfigResponse", "description": "Configures the ports that the load balancer will listen on." }, "vipConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalVipConfigResponse", "description": "The VIPs used by the load balancer." } }, "type": "object", "required": [ "bgpLbConfig", "manualLbConfig", "metalLbConfig", "portConfig", "vipConfig" ] }, "google-native:gkeonprem/v1:BareMetalLoadBalancerNodePoolConfig": { "description": "Specifies the load balancer's node pool configuration.", "properties": { "nodePoolConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalNodePoolConfig", "description": "The generic configuration for a node pool running a load balancer." } }, "type": "object" }, "google-native:gkeonprem/v1:BareMetalLoadBalancerNodePoolConfigResponse": { "description": "Specifies the load balancer's node pool configuration.", "properties": { "nodePoolConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalNodePoolConfigResponse", "description": "The generic configuration for a node pool running a load balancer." } }, "type": "object", "required": [ "nodePoolConfig" ] }, "google-native:gkeonprem/v1:BareMetalLvpConfig": { "description": "Specifies the configs for local persistent volumes (PVs).", "properties": { "path": { "type": "string", "description": "The host machine path." }, "storageClass": { "type": "string", "description": "The StorageClass name that PVs will be created with." } }, "type": "object", "required": [ "path", "storageClass" ] }, "google-native:gkeonprem/v1:BareMetalLvpConfigResponse": { "description": "Specifies the configs for local persistent volumes (PVs).", "properties": { "path": { "type": "string", "description": "The host machine path." }, "storageClass": { "type": "string", "description": "The StorageClass name that PVs will be created with." } }, "type": "object", "required": [ "path", "storageClass" ] }, "google-native:gkeonprem/v1:BareMetalLvpShareConfig": { "description": "Specifies the configs for local persistent volumes under a shared file system.", "properties": { "lvpConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalLvpConfig", "description": "Defines the machine path and storage class for the LVP Share." }, "sharedPathPvCount": { "type": "integer", "description": "The number of subdirectories to create under path." } }, "type": "object", "required": [ "lvpConfig" ] }, "google-native:gkeonprem/v1:BareMetalLvpShareConfigResponse": { "description": "Specifies the configs for local persistent volumes under a shared file system.", "properties": { "lvpConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalLvpConfigResponse", "description": "Defines the machine path and storage class for the LVP Share." }, "sharedPathPvCount": { "type": "integer", "description": "The number of subdirectories to create under path." } }, "type": "object", "required": [ "lvpConfig", "sharedPathPvCount" ] }, "google-native:gkeonprem/v1:BareMetalMachineDrainStatusResponse": { "description": "Represents the status of node machines that are undergoing drain operations.", "properties": { "drainedMachines": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalDrainedMachineResponse" }, "description": "The list of drained machines." }, "drainingMachines": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalDrainingMachineResponse" }, "description": "The list of draning machines." } }, "type": "object", "required": [ "drainedMachines", "drainingMachines" ] }, "google-native:gkeonprem/v1:BareMetalMaintenanceConfig": { "description": "Specifies configurations to put bare metal nodes in and out of maintenance.", "properties": { "maintenanceAddressCidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "All IPv4 address from these ranges will be placed into maintenance mode. Nodes in maintenance mode will be cordoned and drained. When both of these are true, the \"baremetal.cluster.gke.io/maintenance\" annotation will be set on the node resource." } }, "type": "object", "required": [ "maintenanceAddressCidrBlocks" ] }, "google-native:gkeonprem/v1:BareMetalMaintenanceConfigResponse": { "description": "Specifies configurations to put bare metal nodes in and out of maintenance.", "properties": { "maintenanceAddressCidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "All IPv4 address from these ranges will be placed into maintenance mode. Nodes in maintenance mode will be cordoned and drained. When both of these are true, the \"baremetal.cluster.gke.io/maintenance\" annotation will be set on the node resource." } }, "type": "object", "required": [ "maintenanceAddressCidrBlocks" ] }, "google-native:gkeonprem/v1:BareMetalMaintenanceStatusResponse": { "description": "Represents the maintenance status of the bare metal user cluster.", "properties": { "machineDrainStatus": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalMachineDrainStatusResponse", "description": "The maintenance status of node machines." } }, "type": "object", "required": [ "machineDrainStatus" ] }, "google-native:gkeonprem/v1:BareMetalManualLbConfig": { "description": "Represents configuration parameters for a manual load balancer.", "properties": { "enabled": { "type": "boolean", "description": "Whether manual load balancing is enabled." } }, "type": "object" }, "google-native:gkeonprem/v1:BareMetalManualLbConfigResponse": { "description": "Represents configuration parameters for a manual load balancer.", "properties": { "enabled": { "type": "boolean", "description": "Whether manual load balancing is enabled." } }, "type": "object", "required": [ "enabled" ] }, "google-native:gkeonprem/v1:BareMetalMetalLbConfig": { "description": "Represents configuration parameters for a MetalLB load balancer.", "properties": { "addressPools": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalLoadBalancerAddressPool" }, "description": "AddressPools is a list of non-overlapping IP pools used by load balancer typed services. All addresses must be routable to load balancer nodes. IngressVIP must be included in the pools." }, "loadBalancerNodePoolConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalLoadBalancerNodePoolConfig", "description": "Specifies the node pool running the load balancer. L2 connectivity is required among nodes in this pool. If missing, the control plane node pool is used as the load balancer pool." } }, "type": "object", "required": [ "addressPools" ] }, "google-native:gkeonprem/v1:BareMetalMetalLbConfigResponse": { "description": "Represents configuration parameters for a MetalLB load balancer.", "properties": { "addressPools": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalLoadBalancerAddressPoolResponse" }, "description": "AddressPools is a list of non-overlapping IP pools used by load balancer typed services. All addresses must be routable to load balancer nodes. IngressVIP must be included in the pools." }, "loadBalancerNodePoolConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalLoadBalancerNodePoolConfigResponse", "description": "Specifies the node pool running the load balancer. L2 connectivity is required among nodes in this pool. If missing, the control plane node pool is used as the load balancer pool." } }, "type": "object", "required": [ "addressPools", "loadBalancerNodePoolConfig" ] }, "google-native:gkeonprem/v1:BareMetalMultipleNetworkInterfacesConfig": { "description": "Specifies the multiple networking interfaces cluster configuration.", "properties": { "enabled": { "type": "boolean", "description": "Whether to enable multiple network interfaces for your pods. When set network_config.advanced_networking is automatically set to true." } }, "type": "object" }, "google-native:gkeonprem/v1:BareMetalMultipleNetworkInterfacesConfigResponse": { "description": "Specifies the multiple networking interfaces cluster configuration.", "properties": { "enabled": { "type": "boolean", "description": "Whether to enable multiple network interfaces for your pods. When set network_config.advanced_networking is automatically set to true." } }, "type": "object", "required": [ "enabled" ] }, "google-native:gkeonprem/v1:BareMetalNetworkConfig": { "description": "Specifies the cluster network configuration.", "properties": { "advancedNetworking": { "type": "boolean", "description": "Enables the use of advanced Anthos networking features, such as Bundled Load Balancing with BGP or the egress NAT gateway. Setting configuration for advanced networking features will automatically set this flag." }, "islandModeCidr": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalIslandModeCidrConfig", "description": "Configuration for island mode CIDR. In an island-mode network, nodes have unique IP addresses, but pods don't have unique addresses across clusters. This doesn't cause problems because pods in one cluster never directly communicate with pods in another cluster. Instead, there are gateways that mediate between a pod in one cluster and a pod in another cluster." }, "multipleNetworkInterfacesConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalMultipleNetworkInterfacesConfig", "description": "Configuration for multiple network interfaces." }, "srIovConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalSrIovConfig", "description": "Configuration for SR-IOV." } }, "type": "object" }, "google-native:gkeonprem/v1:BareMetalNetworkConfigResponse": { "description": "Specifies the cluster network configuration.", "properties": { "advancedNetworking": { "type": "boolean", "description": "Enables the use of advanced Anthos networking features, such as Bundled Load Balancing with BGP or the egress NAT gateway. Setting configuration for advanced networking features will automatically set this flag." }, "islandModeCidr": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalIslandModeCidrConfigResponse", "description": "Configuration for island mode CIDR. In an island-mode network, nodes have unique IP addresses, but pods don't have unique addresses across clusters. This doesn't cause problems because pods in one cluster never directly communicate with pods in another cluster. Instead, there are gateways that mediate between a pod in one cluster and a pod in another cluster." }, "multipleNetworkInterfacesConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalMultipleNetworkInterfacesConfigResponse", "description": "Configuration for multiple network interfaces." }, "srIovConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalSrIovConfigResponse", "description": "Configuration for SR-IOV." } }, "type": "object", "required": [ "advancedNetworking", "islandModeCidr", "multipleNetworkInterfacesConfig", "srIovConfig" ] }, "google-native:gkeonprem/v1:BareMetalNodeAccessConfig": { "description": "Specifies the node access related settings for the bare metal user cluster.", "properties": { "loginUser": { "type": "string", "description": "LoginUser is the user name used to access node machines. It defaults to \"root\" if not set." } }, "type": "object" }, "google-native:gkeonprem/v1:BareMetalNodeAccessConfigResponse": { "description": "Specifies the node access related settings for the bare metal user cluster.", "properties": { "loginUser": { "type": "string", "description": "LoginUser is the user name used to access node machines. It defaults to \"root\" if not set." } }, "type": "object", "required": [ "loginUser" ] }, "google-native:gkeonprem/v1:BareMetalNodeConfig": { "description": "BareMetalNodeConfig lists machine addresses to access Nodes.", "properties": { "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The labels assigned to this node. An object containing a list of key/value pairs. The labels here, unioned with the labels set on BareMetalNodePoolConfig are the set of labels that will be applied to the node. If there are any conflicts, the BareMetalNodeConfig labels take precedence. Example: { \"name\": \"wrench\", \"mass\": \"1.3kg\", \"count\": \"3\" }." }, "nodeIp": { "type": "string", "description": "The default IPv4 address for SSH access and Kubernetes node. Example: 192.168.0.1" } }, "type": "object" }, "google-native:gkeonprem/v1:BareMetalNodeConfigResponse": { "description": "BareMetalNodeConfig lists machine addresses to access Nodes.", "properties": { "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The labels assigned to this node. An object containing a list of key/value pairs. The labels here, unioned with the labels set on BareMetalNodePoolConfig are the set of labels that will be applied to the node. If there are any conflicts, the BareMetalNodeConfig labels take precedence. Example: { \"name\": \"wrench\", \"mass\": \"1.3kg\", \"count\": \"3\" }." }, "nodeIp": { "type": "string", "description": "The default IPv4 address for SSH access and Kubernetes node. Example: 192.168.0.1" } }, "type": "object", "required": [ "labels", "nodeIp" ] }, "google-native:gkeonprem/v1:BareMetalNodePoolConfig": { "description": "BareMetalNodePoolConfig describes the configuration of all nodes within a given bare metal node pool.", "properties": { "kubeletConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalKubeletConfig", "description": "The modifiable kubelet configurations for the bare metal machines." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The labels assigned to nodes of this node pool. An object containing a list of key/value pairs. Example: { \"name\": \"wrench\", \"mass\": \"1.3kg\", \"count\": \"3\" }." }, "nodeConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalNodeConfig" }, "description": "The list of machine addresses in the bare metal node pool." }, "operatingSystem": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalNodePoolConfigOperatingSystem", "description": "Specifies the nodes operating system (default: LINUX)." }, "taints": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:NodeTaint" }, "description": "The initial taints assigned to nodes of this node pool." } }, "type": "object", "required": [ "nodeConfigs" ] }, "google-native:gkeonprem/v1:BareMetalNodePoolConfigOperatingSystem": { "description": "Specifies the nodes operating system (default: LINUX).", "type": "string", "enum": [ { "name": "OperatingSystemUnspecified", "description": "No operating system runtime selected.", "value": "OPERATING_SYSTEM_UNSPECIFIED" }, { "name": "Linux", "description": "Linux operating system.", "value": "LINUX" } ] }, "google-native:gkeonprem/v1:BareMetalNodePoolConfigResponse": { "description": "BareMetalNodePoolConfig describes the configuration of all nodes within a given bare metal node pool.", "properties": { "kubeletConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalKubeletConfigResponse", "description": "The modifiable kubelet configurations for the bare metal machines." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The labels assigned to nodes of this node pool. An object containing a list of key/value pairs. Example: { \"name\": \"wrench\", \"mass\": \"1.3kg\", \"count\": \"3\" }." }, "nodeConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalNodeConfigResponse" }, "description": "The list of machine addresses in the bare metal node pool." }, "operatingSystem": { "type": "string", "description": "Specifies the nodes operating system (default: LINUX)." }, "taints": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:NodeTaintResponse" }, "description": "The initial taints assigned to nodes of this node pool." } }, "type": "object", "required": [ "kubeletConfig", "labels", "nodeConfigs", "operatingSystem", "taints" ] }, "google-native:gkeonprem/v1:BareMetalNodePoolUpgradePolicy": { "description": "BareMetalNodePoolUpgradePolicy defines the node pool upgrade policy.", "properties": { "parallelUpgradeConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalParallelUpgradeConfig", "description": "The parallel upgrade settings for worker node pools." } }, "type": "object" }, "google-native:gkeonprem/v1:BareMetalNodePoolUpgradePolicyResponse": { "description": "BareMetalNodePoolUpgradePolicy defines the node pool upgrade policy.", "properties": { "parallelUpgradeConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalParallelUpgradeConfigResponse", "description": "The parallel upgrade settings for worker node pools." } }, "type": "object", "required": [ "parallelUpgradeConfig" ] }, "google-native:gkeonprem/v1:BareMetalOsEnvironmentConfig": { "description": "Specifies operating system settings for cluster provisioning.", "properties": { "packageRepoExcluded": { "type": "boolean", "description": "Whether the package repo should not be included when initializing bare metal machines." } }, "type": "object" }, "google-native:gkeonprem/v1:BareMetalOsEnvironmentConfigResponse": { "description": "Specifies operating system settings for cluster provisioning.", "properties": { "packageRepoExcluded": { "type": "boolean", "description": "Whether the package repo should not be included when initializing bare metal machines." } }, "type": "object", "required": [ "packageRepoExcluded" ] }, "google-native:gkeonprem/v1:BareMetalParallelUpgradeConfig": { "description": "BareMetalParallelUpgradeConfig defines the parallel upgrade settings for worker node pools.", "properties": { "concurrentNodes": { "type": "integer", "description": "The maximum number of nodes that can be upgraded at once." }, "minimumAvailableNodes": { "type": "integer", "description": "The minimum number of nodes that should be healthy and available during an upgrade. If set to the default value of 0, it is possible that none of the nodes will be available during an upgrade." } }, "type": "object" }, "google-native:gkeonprem/v1:BareMetalParallelUpgradeConfigResponse": { "description": "BareMetalParallelUpgradeConfig defines the parallel upgrade settings for worker node pools.", "properties": { "concurrentNodes": { "type": "integer", "description": "The maximum number of nodes that can be upgraded at once." }, "minimumAvailableNodes": { "type": "integer", "description": "The minimum number of nodes that should be healthy and available during an upgrade. If set to the default value of 0, it is possible that none of the nodes will be available during an upgrade." } }, "type": "object", "required": [ "concurrentNodes", "minimumAvailableNodes" ] }, "google-native:gkeonprem/v1:BareMetalPortConfig": { "description": "Specifies load balancer ports for the bare metal user cluster.", "properties": { "controlPlaneLoadBalancerPort": { "type": "integer", "description": "The port that control plane hosted load balancers will listen on." } }, "type": "object" }, "google-native:gkeonprem/v1:BareMetalPortConfigResponse": { "description": "Specifies load balancer ports for the bare metal user cluster.", "properties": { "controlPlaneLoadBalancerPort": { "type": "integer", "description": "The port that control plane hosted load balancers will listen on." } }, "type": "object", "required": [ "controlPlaneLoadBalancerPort" ] }, "google-native:gkeonprem/v1:BareMetalProxyConfig": { "description": "Specifies the cluster proxy configuration.", "properties": { "noProxy": { "type": "array", "items": { "type": "string" }, "description": "A list of IPs, hostnames, and domains that should skip the proxy. Examples: [\"127.0.0.1\", \"example.com\", \".corp\", \"localhost\"]." }, "uri": { "type": "string", "description": "Specifies the address of your proxy server. Examples: `http://domain` Do not provide credentials in the format `http://(username:password@)domain` these will be rejected by the server." } }, "type": "object", "required": [ "uri" ] }, "google-native:gkeonprem/v1:BareMetalProxyConfigResponse": { "description": "Specifies the cluster proxy configuration.", "properties": { "noProxy": { "type": "array", "items": { "type": "string" }, "description": "A list of IPs, hostnames, and domains that should skip the proxy. Examples: [\"127.0.0.1\", \"example.com\", \".corp\", \"localhost\"]." }, "uri": { "type": "string", "description": "Specifies the address of your proxy server. Examples: `http://domain` Do not provide credentials in the format `http://(username:password@)domain` these will be rejected by the server." } }, "type": "object", "required": [ "noProxy", "uri" ] }, "google-native:gkeonprem/v1:BareMetalSecurityConfig": { "description": "Specifies the security related settings for the bare metal user cluster.", "properties": { "authorization": { "$ref": "#/types/google-native:gkeonprem%2Fv1:Authorization", "description": "Configures user access to the user cluster." } }, "type": "object" }, "google-native:gkeonprem/v1:BareMetalSecurityConfigResponse": { "description": "Specifies the security related settings for the bare metal user cluster.", "properties": { "authorization": { "$ref": "#/types/google-native:gkeonprem%2Fv1:AuthorizationResponse", "description": "Configures user access to the user cluster." } }, "type": "object", "required": [ "authorization" ] }, "google-native:gkeonprem/v1:BareMetalSrIovConfig": { "description": "Specifies the SR-IOV networking operator config.", "properties": { "enabled": { "type": "boolean", "description": "Whether to install the SR-IOV operator." } }, "type": "object" }, "google-native:gkeonprem/v1:BareMetalSrIovConfigResponse": { "description": "Specifies the SR-IOV networking operator config.", "properties": { "enabled": { "type": "boolean", "description": "Whether to install the SR-IOV operator." } }, "type": "object", "required": [ "enabled" ] }, "google-native:gkeonprem/v1:BareMetalStorageConfig": { "description": "BareMetalStorageConfig specifies the cluster storage configuration.", "properties": { "lvpNodeMountsConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalLvpConfig", "description": "Specifies the config for local PersistentVolumes backed by mounted node disks. These disks need to be formatted and mounted by the user, which can be done before or after cluster creation." }, "lvpShareConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalLvpShareConfig", "description": "Specifies the config for local PersistentVolumes backed by subdirectories in a shared filesystem. These subdirectores are automatically created during cluster creation." } }, "type": "object", "required": [ "lvpNodeMountsConfig", "lvpShareConfig" ] }, "google-native:gkeonprem/v1:BareMetalStorageConfigResponse": { "description": "BareMetalStorageConfig specifies the cluster storage configuration.", "properties": { "lvpNodeMountsConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalLvpConfigResponse", "description": "Specifies the config for local PersistentVolumes backed by mounted node disks. These disks need to be formatted and mounted by the user, which can be done before or after cluster creation." }, "lvpShareConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalLvpShareConfigResponse", "description": "Specifies the config for local PersistentVolumes backed by subdirectories in a shared filesystem. These subdirectores are automatically created during cluster creation." } }, "type": "object", "required": [ "lvpNodeMountsConfig", "lvpShareConfig" ] }, "google-native:gkeonprem/v1:BareMetalVipConfig": { "description": "Specifies the VIP config for the bare metal load balancer.", "properties": { "controlPlaneVip": { "type": "string", "description": "The VIP which you previously set aside for the Kubernetes API of this bare metal user cluster." }, "ingressVip": { "type": "string", "description": "The VIP which you previously set aside for ingress traffic into this bare metal user cluster." } }, "type": "object" }, "google-native:gkeonprem/v1:BareMetalVipConfigResponse": { "description": "Specifies the VIP config for the bare metal load balancer.", "properties": { "controlPlaneVip": { "type": "string", "description": "The VIP which you previously set aside for the Kubernetes API of this bare metal user cluster." }, "ingressVip": { "type": "string", "description": "The VIP which you previously set aside for ingress traffic into this bare metal user cluster." } }, "type": "object", "required": [ "controlPlaneVip", "ingressVip" ] }, "google-native:gkeonprem/v1:BareMetalWorkloadNodeConfig": { "description": "Specifies the workload node configurations.", "properties": { "containerRuntime": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BareMetalWorkloadNodeConfigContainerRuntime", "description": "Specifies which container runtime will be used." }, "maxPodsPerNode": { "type": "string", "description": "The maximum number of pods a node can run. The size of the CIDR range assigned to the node will be derived from this parameter." } }, "type": "object" }, "google-native:gkeonprem/v1:BareMetalWorkloadNodeConfigContainerRuntime": { "description": "Specifies which container runtime will be used.", "type": "string", "enum": [ { "name": "ContainerRuntimeUnspecified", "description": "No container runtime selected.", "value": "CONTAINER_RUNTIME_UNSPECIFIED" }, { "name": "Containerd", "description": "Containerd runtime.", "value": "CONTAINERD" } ] }, "google-native:gkeonprem/v1:BareMetalWorkloadNodeConfigResponse": { "description": "Specifies the workload node configurations.", "properties": { "containerRuntime": { "type": "string", "description": "Specifies which container runtime will be used." }, "maxPodsPerNode": { "type": "string", "description": "The maximum number of pods a node can run. The size of the CIDR range assigned to the node will be derived from this parameter." } }, "type": "object", "required": [ "containerRuntime", "maxPodsPerNode" ] }, "google-native:gkeonprem/v1:BinaryAuthorization": { "description": "Configuration for Binary Authorization.", "properties": { "evaluationMode": { "$ref": "#/types/google-native:gkeonprem%2Fv1:BinaryAuthorizationEvaluationMode", "description": "Mode of operation for binauthz policy evaluation. If unspecified, defaults to DISABLED." } }, "type": "object" }, "google-native:gkeonprem/v1:BinaryAuthorizationEvaluationMode": { "description": "Mode of operation for binauthz policy evaluation. If unspecified, defaults to DISABLED.", "type": "string", "enum": [ { "name": "EvaluationModeUnspecified", "description": "Default value", "value": "EVALUATION_MODE_UNSPECIFIED" }, { "name": "Disabled", "description": "Disable BinaryAuthorization", "value": "DISABLED" }, { "name": "ProjectSingletonPolicyEnforce", "description": "Enforce Kubernetes admission requests with BinaryAuthorization using the project's singleton policy.", "value": "PROJECT_SINGLETON_POLICY_ENFORCE" } ] }, "google-native:gkeonprem/v1:BinaryAuthorizationResponse": { "description": "Configuration for Binary Authorization.", "properties": { "evaluationMode": { "type": "string", "description": "Mode of operation for binauthz policy evaluation. If unspecified, defaults to DISABLED." } }, "type": "object", "required": [ "evaluationMode" ] }, "google-native:gkeonprem/v1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:gkeonprem%2Fv1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:gkeonprem/v1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:gkeonprem%2Fv1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:gkeonprem/v1:ClusterUser": { "description": "ClusterUser configures user principals for an RBAC policy.", "properties": { "username": { "type": "string", "description": "The name of the user, e.g. `my-gcp-id@gmail.com`." } }, "type": "object", "required": [ "username" ] }, "google-native:gkeonprem/v1:ClusterUserResponse": { "description": "ClusterUser configures user principals for an RBAC policy.", "properties": { "username": { "type": "string", "description": "The name of the user, e.g. `my-gcp-id@gmail.com`." } }, "type": "object", "required": [ "username" ] }, "google-native:gkeonprem/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:gkeonprem/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:gkeonprem/v1:FleetResponse": { "description": "Fleet related configuration. Fleets are a Google Cloud concept for logically organizing clusters, letting you use and manage multi-cluster capabilities and apply consistent policies across your systems. See [Anthos Fleets](`https://cloud.google.com/anthos/multicluster-management/fleets`) for more details on Anthos multi-cluster capabilities using Fleets. ##", "properties": { "membership": { "type": "string", "description": "The name of the managed fleet Membership resource associated to this cluster. Membership names are formatted as `projects//locations//memberships/`." } }, "type": "object", "required": [ "membership" ] }, "google-native:gkeonprem/v1:NodeTaint": { "description": "NodeTaint applied to every Kubernetes node in a node pool. Kubernetes taints can be used together with tolerations to control how workloads are scheduled to your nodes. Node taints are permanent.", "properties": { "effect": { "$ref": "#/types/google-native:gkeonprem%2Fv1:NodeTaintEffect", "description": "The taint effect." }, "key": { "type": "string", "description": "Key associated with the effect." }, "value": { "type": "string", "description": "Value associated with the effect." } }, "type": "object" }, "google-native:gkeonprem/v1:NodeTaintEffect": { "description": "The taint effect.", "type": "string", "enum": [ { "name": "EffectUnspecified", "description": "Not set.", "value": "EFFECT_UNSPECIFIED" }, { "name": "NoSchedule", "description": "Do not allow new pods to schedule onto the node unless they tolerate the taint, but allow all pods submitted to Kubelet without going through the scheduler to start, and allow all already-running pods to continue running. Enforced by the scheduler.", "value": "NO_SCHEDULE" }, { "name": "PreferNoSchedule", "description": "Like TaintEffectNoSchedule, but the scheduler tries not to schedule new pods onto the node, rather than prohibiting new pods from scheduling onto the node entirely. Enforced by the scheduler.", "value": "PREFER_NO_SCHEDULE" }, { "name": "NoExecute", "description": "Evict any already-running pods that do not tolerate the taint. Currently enforced by NodeController.", "value": "NO_EXECUTE" } ] }, "google-native:gkeonprem/v1:NodeTaintResponse": { "description": "NodeTaint applied to every Kubernetes node in a node pool. Kubernetes taints can be used together with tolerations to control how workloads are scheduled to your nodes. Node taints are permanent.", "properties": { "effect": { "type": "string", "description": "The taint effect." }, "key": { "type": "string", "description": "Key associated with the effect." }, "value": { "type": "string", "description": "Value associated with the effect." } }, "type": "object", "required": [ "effect", "key", "value" ] }, "google-native:gkeonprem/v1:ResourceConditionResponse": { "description": "ResourceCondition provides a standard mechanism for higher-level status reporting from controller.", "properties": { "lastTransitionTime": { "type": "string", "description": "Last time the condition transit from one status to another." }, "message": { "type": "string", "description": "Human-readable message indicating details about last transition." }, "reason": { "type": "string", "description": "Machine-readable message indicating details about last transition." }, "state": { "type": "string", "description": "state of the condition." }, "type": { "type": "string", "description": "Type of the condition. (e.g., ClusterRunning, NodePoolRunning or ServerSidePreflightReady)" } }, "type": "object", "required": [ "lastTransitionTime", "message", "reason", "state", "type" ] }, "google-native:gkeonprem/v1:ResourceStatusResponse": { "description": "ResourceStatus describes why a cluster or node pool has a certain status. (e.g., ERROR or DEGRADED).", "properties": { "conditions": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:ResourceConditionResponse" }, "description": "ResourceCondition provide a standard mechanism for higher-level status reporting from controller." }, "errorMessage": { "type": "string", "description": "Human-friendly representation of the error message from controller. The error message can be temporary as the controller controller creates a cluster or node pool. If the error message persists for a longer period of time, it can be used to surface error message to indicate real problems requiring user intervention." } }, "type": "object", "required": [ "conditions", "errorMessage" ] }, "google-native:gkeonprem/v1:ValidationCheckResponse": { "description": "ValidationCheck represents the result of preflight check.", "properties": { "option": { "type": "string", "description": "Options used for the validation check" }, "scenario": { "type": "string", "description": "The scenario when the preflight checks were run." }, "status": { "$ref": "#/types/google-native:gkeonprem%2Fv1:ValidationCheckStatusResponse", "description": "The detailed validation check status." } }, "type": "object", "required": [ "option", "scenario", "status" ] }, "google-native:gkeonprem/v1:ValidationCheckResultResponse": { "description": "ValidationCheckResult defines the details about the validation check.", "properties": { "category": { "type": "string", "description": "The category of the validation." }, "description": { "type": "string", "description": "The description of the validation check." }, "details": { "type": "string", "description": "Detailed failure information, which might be unformatted." }, "reason": { "type": "string", "description": "A human-readable message of the check failure." }, "state": { "type": "string", "description": "The validation check state." } }, "type": "object", "required": [ "category", "description", "details", "reason", "state" ] }, "google-native:gkeonprem/v1:ValidationCheckStatusResponse": { "description": "ValidationCheckStatus defines the detailed validation check status.", "properties": { "result": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:ValidationCheckResultResponse" }, "description": "Individual checks which failed as part of the Preflight check execution." } }, "type": "object", "required": [ "result" ] }, "google-native:gkeonprem/v1:VmwareAAGConfig": { "description": "Specifies anti affinity group config for the VMware user cluster.", "properties": { "aagConfigDisabled": { "type": "boolean", "description": "Spread nodes across at least three physical hosts (requires at least three hosts). Enabled by default." } }, "type": "object" }, "google-native:gkeonprem/v1:VmwareAAGConfigResponse": { "description": "Specifies anti affinity group config for the VMware user cluster.", "properties": { "aagConfigDisabled": { "type": "boolean", "description": "Spread nodes across at least three physical hosts (requires at least three hosts). Enabled by default." } }, "type": "object", "required": [ "aagConfigDisabled" ] }, "google-native:gkeonprem/v1:VmwareAddressPool": { "description": "Represents an IP pool used by the load balancer.", "properties": { "addresses": { "type": "array", "items": { "type": "string" }, "description": "The addresses that are part of this pool. Each address must be either in the CIDR form (1.2.3.0/24) or range form (1.2.3.1-1.2.3.5)." }, "avoidBuggyIps": { "type": "boolean", "description": "If true, avoid using IPs ending in .0 or .255. This avoids buggy consumer devices mistakenly dropping IPv4 traffic for those special IP addresses." }, "manualAssign": { "type": "boolean", "description": "If true, prevent IP addresses from being automatically assigned." }, "pool": { "type": "string", "description": "The name of the address pool." } }, "type": "object", "required": [ "addresses", "pool" ] }, "google-native:gkeonprem/v1:VmwareAddressPoolResponse": { "description": "Represents an IP pool used by the load balancer.", "properties": { "addresses": { "type": "array", "items": { "type": "string" }, "description": "The addresses that are part of this pool. Each address must be either in the CIDR form (1.2.3.0/24) or range form (1.2.3.1-1.2.3.5)." }, "avoidBuggyIps": { "type": "boolean", "description": "If true, avoid using IPs ending in .0 or .255. This avoids buggy consumer devices mistakenly dropping IPv4 traffic for those special IP addresses." }, "manualAssign": { "type": "boolean", "description": "If true, prevent IP addresses from being automatically assigned." }, "pool": { "type": "string", "description": "The name of the address pool." } }, "type": "object", "required": [ "addresses", "avoidBuggyIps", "manualAssign", "pool" ] }, "google-native:gkeonprem/v1:VmwareAutoRepairConfig": { "description": "Specifies config to enable/disable auto repair. The cluster-health-controller is deployed only if Enabled is true.", "properties": { "enabled": { "type": "boolean", "description": "Whether auto repair is enabled." } }, "type": "object" }, "google-native:gkeonprem/v1:VmwareAutoRepairConfigResponse": { "description": "Specifies config to enable/disable auto repair. The cluster-health-controller is deployed only if Enabled is true.", "properties": { "enabled": { "type": "boolean", "description": "Whether auto repair is enabled." } }, "type": "object", "required": [ "enabled" ] }, "google-native:gkeonprem/v1:VmwareAutoResizeConfig": { "description": "Represents auto resizing configurations for the VMware user cluster.", "properties": { "enabled": { "type": "boolean", "description": "Whether to enable controle plane node auto resizing." } }, "type": "object" }, "google-native:gkeonprem/v1:VmwareAutoResizeConfigResponse": { "description": "Represents auto resizing configurations for the VMware user cluster.", "properties": { "enabled": { "type": "boolean", "description": "Whether to enable controle plane node auto resizing." } }, "type": "object", "required": [ "enabled" ] }, "google-native:gkeonprem/v1:VmwareClusterUpgradePolicy": { "description": "VmwareClusterUpgradePolicy defines the cluster upgrade policy.", "properties": { "controlPlaneOnly": { "type": "boolean", "description": "Controls whether the upgrade applies to the control plane only." } }, "type": "object" }, "google-native:gkeonprem/v1:VmwareClusterUpgradePolicyResponse": { "description": "VmwareClusterUpgradePolicy defines the cluster upgrade policy.", "properties": { "controlPlaneOnly": { "type": "boolean", "description": "Controls whether the upgrade applies to the control plane only." } }, "type": "object", "required": [ "controlPlaneOnly" ] }, "google-native:gkeonprem/v1:VmwareControlPlaneNodeConfig": { "description": "Specifies control plane node config for the VMware user cluster.", "properties": { "autoResizeConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareAutoResizeConfig", "description": "AutoResizeConfig provides auto resizing configurations." }, "cpus": { "type": "string", "description": "The number of CPUs for each admin cluster node that serve as control planes for this VMware user cluster. (default: 4 CPUs)" }, "memory": { "type": "string", "description": "The megabytes of memory for each admin cluster node that serves as a control plane for this VMware user cluster (default: 8192 MB memory)." }, "replicas": { "type": "string", "description": "The number of control plane nodes for this VMware user cluster. (default: 1 replica)." }, "vsphereConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareControlPlaneVsphereConfig", "description": "Vsphere-specific config." } }, "type": "object" }, "google-native:gkeonprem/v1:VmwareControlPlaneNodeConfigResponse": { "description": "Specifies control plane node config for the VMware user cluster.", "properties": { "autoResizeConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareAutoResizeConfigResponse", "description": "AutoResizeConfig provides auto resizing configurations." }, "cpus": { "type": "string", "description": "The number of CPUs for each admin cluster node that serve as control planes for this VMware user cluster. (default: 4 CPUs)" }, "memory": { "type": "string", "description": "The megabytes of memory for each admin cluster node that serves as a control plane for this VMware user cluster (default: 8192 MB memory)." }, "replicas": { "type": "string", "description": "The number of control plane nodes for this VMware user cluster. (default: 1 replica)." }, "vsphereConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareControlPlaneVsphereConfigResponse", "description": "Vsphere-specific config." } }, "type": "object", "required": [ "autoResizeConfig", "cpus", "memory", "replicas", "vsphereConfig" ] }, "google-native:gkeonprem/v1:VmwareControlPlaneV2Config": { "description": "Specifies control plane V2 config.", "properties": { "controlPlaneIpBlock": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareIpBlock", "description": "Static IP addresses for the control plane nodes." } }, "type": "object" }, "google-native:gkeonprem/v1:VmwareControlPlaneV2ConfigResponse": { "description": "Specifies control plane V2 config.", "properties": { "controlPlaneIpBlock": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareIpBlockResponse", "description": "Static IP addresses for the control plane nodes." } }, "type": "object", "required": [ "controlPlaneIpBlock" ] }, "google-native:gkeonprem/v1:VmwareControlPlaneVsphereConfig": { "description": "Specifies control plane node config.", "properties": { "datastore": { "type": "string", "description": "The Vsphere datastore used by the control plane Node." }, "storagePolicyName": { "type": "string", "description": "The Vsphere storage policy used by the control plane Node." } }, "type": "object" }, "google-native:gkeonprem/v1:VmwareControlPlaneVsphereConfigResponse": { "description": "Specifies control plane node config.", "properties": { "datastore": { "type": "string", "description": "The Vsphere datastore used by the control plane Node." }, "storagePolicyName": { "type": "string", "description": "The Vsphere storage policy used by the control plane Node." } }, "type": "object", "required": [ "datastore", "storagePolicyName" ] }, "google-native:gkeonprem/v1:VmwareDataplaneV2Config": { "description": "Contains configurations for Dataplane V2, which is optimized dataplane for Kubernetes networking. For more information, see: https://cloud.google.com/kubernetes-engine/docs/concepts/dataplane-v2", "properties": { "advancedNetworking": { "type": "boolean", "description": "Enable advanced networking which requires dataplane_v2_enabled to be set true." }, "dataplaneV2Enabled": { "type": "boolean", "description": "Enables Dataplane V2." }, "windowsDataplaneV2Enabled": { "type": "boolean", "description": "Enable Dataplane V2 for clusters with Windows nodes." } }, "type": "object" }, "google-native:gkeonprem/v1:VmwareDataplaneV2ConfigResponse": { "description": "Contains configurations for Dataplane V2, which is optimized dataplane for Kubernetes networking. For more information, see: https://cloud.google.com/kubernetes-engine/docs/concepts/dataplane-v2", "properties": { "advancedNetworking": { "type": "boolean", "description": "Enable advanced networking which requires dataplane_v2_enabled to be set true." }, "dataplaneV2Enabled": { "type": "boolean", "description": "Enables Dataplane V2." }, "windowsDataplaneV2Enabled": { "type": "boolean", "description": "Enable Dataplane V2 for clusters with Windows nodes." } }, "type": "object", "required": [ "advancedNetworking", "dataplaneV2Enabled", "windowsDataplaneV2Enabled" ] }, "google-native:gkeonprem/v1:VmwareDhcpIpConfig": { "description": "Represents the network configuration required for the VMware user clusters with DHCP IP configurations.", "properties": { "enabled": { "type": "boolean", "description": "enabled is a flag to mark if DHCP IP allocation is used for VMware user clusters." } }, "type": "object" }, "google-native:gkeonprem/v1:VmwareDhcpIpConfigResponse": { "description": "Represents the network configuration required for the VMware user clusters with DHCP IP configurations.", "properties": { "enabled": { "type": "boolean", "description": "enabled is a flag to mark if DHCP IP allocation is used for VMware user clusters." } }, "type": "object", "required": [ "enabled" ] }, "google-native:gkeonprem/v1:VmwareF5BigIpConfig": { "description": "Represents configuration parameters for an F5 BIG-IP load balancer.", "properties": { "address": { "type": "string", "description": "The load balancer's IP address." }, "partition": { "type": "string", "description": "The preexisting partition to be used by the load balancer. This partition is usually created for the admin cluster for example: 'my-f5-admin-partition'." }, "snatPool": { "type": "string", "description": "The pool name. Only necessary, if using SNAT." } }, "type": "object" }, "google-native:gkeonprem/v1:VmwareF5BigIpConfigResponse": { "description": "Represents configuration parameters for an F5 BIG-IP load balancer.", "properties": { "address": { "type": "string", "description": "The load balancer's IP address." }, "partition": { "type": "string", "description": "The preexisting partition to be used by the load balancer. This partition is usually created for the admin cluster for example: 'my-f5-admin-partition'." }, "snatPool": { "type": "string", "description": "The pool name. Only necessary, if using SNAT." } }, "type": "object", "required": [ "address", "partition", "snatPool" ] }, "google-native:gkeonprem/v1:VmwareHostConfig": { "description": "Represents the common parameters for all the hosts irrespective of their IP address.", "properties": { "dnsSearchDomains": { "type": "array", "items": { "type": "string" }, "description": "DNS search domains." }, "dnsServers": { "type": "array", "items": { "type": "string" }, "description": "DNS servers." }, "ntpServers": { "type": "array", "items": { "type": "string" }, "description": "NTP servers." } }, "type": "object" }, "google-native:gkeonprem/v1:VmwareHostConfigResponse": { "description": "Represents the common parameters for all the hosts irrespective of their IP address.", "properties": { "dnsSearchDomains": { "type": "array", "items": { "type": "string" }, "description": "DNS search domains." }, "dnsServers": { "type": "array", "items": { "type": "string" }, "description": "DNS servers." }, "ntpServers": { "type": "array", "items": { "type": "string" }, "description": "NTP servers." } }, "type": "object", "required": [ "dnsSearchDomains", "dnsServers", "ntpServers" ] }, "google-native:gkeonprem/v1:VmwareHostIp": { "description": "Represents VMware user cluster node's network configuration.", "properties": { "hostname": { "type": "string", "description": "Hostname of the machine. VM's name will be used if this field is empty." }, "ip": { "type": "string", "description": "IP could be an IP address (like 1.2.3.4) or a CIDR (like 1.2.3.0/24)." } }, "type": "object" }, "google-native:gkeonprem/v1:VmwareHostIpResponse": { "description": "Represents VMware user cluster node's network configuration.", "properties": { "hostname": { "type": "string", "description": "Hostname of the machine. VM's name will be used if this field is empty." }, "ip": { "type": "string", "description": "IP could be an IP address (like 1.2.3.4) or a CIDR (like 1.2.3.0/24)." } }, "type": "object", "required": [ "hostname", "ip" ] }, "google-native:gkeonprem/v1:VmwareIpBlock": { "description": "Represents a collection of IP addresses to assign to nodes.", "properties": { "gateway": { "type": "string", "description": "The network gateway used by the VMware user cluster." }, "ips": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareHostIp" }, "description": "The node's network configurations used by the VMware user cluster." }, "netmask": { "type": "string", "description": "The netmask used by the VMware user cluster." } }, "type": "object" }, "google-native:gkeonprem/v1:VmwareIpBlockResponse": { "description": "Represents a collection of IP addresses to assign to nodes.", "properties": { "gateway": { "type": "string", "description": "The network gateway used by the VMware user cluster." }, "ips": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareHostIpResponse" }, "description": "The node's network configurations used by the VMware user cluster." }, "netmask": { "type": "string", "description": "The netmask used by the VMware user cluster." } }, "type": "object", "required": [ "gateway", "ips", "netmask" ] }, "google-native:gkeonprem/v1:VmwareLoadBalancerConfig": { "description": "Specifies the locad balancer config for the VMware user cluster.", "properties": { "f5Config": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareF5BigIpConfig", "description": "Configuration for F5 Big IP typed load balancers." }, "manualLbConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareManualLbConfig", "description": "Manually configured load balancers." }, "metalLbConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareMetalLbConfig", "description": "Configuration for MetalLB typed load balancers." }, "vipConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareVipConfig", "description": "The VIPs used by the load balancer." } }, "type": "object" }, "google-native:gkeonprem/v1:VmwareLoadBalancerConfigResponse": { "description": "Specifies the locad balancer config for the VMware user cluster.", "properties": { "f5Config": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareF5BigIpConfigResponse", "description": "Configuration for F5 Big IP typed load balancers." }, "manualLbConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareManualLbConfigResponse", "description": "Manually configured load balancers." }, "metalLbConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareMetalLbConfigResponse", "description": "Configuration for MetalLB typed load balancers." }, "seesawConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareSeesawConfigResponse", "description": "Configuration for Seesaw typed load balancers." }, "vipConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareVipConfigResponse", "description": "The VIPs used by the load balancer." } }, "type": "object", "required": [ "f5Config", "manualLbConfig", "metalLbConfig", "seesawConfig", "vipConfig" ] }, "google-native:gkeonprem/v1:VmwareManualLbConfig": { "description": "Represents configuration parameters for an already existing manual load balancer. Given the nature of manual load balancers it is expected that said load balancer will be fully managed by users. IMPORTANT: Please note that the Anthos On-Prem API will not generate or update ManualLB configurations it can only bind a pre-existing configuration to a new VMware user cluster.", "properties": { "controlPlaneNodePort": { "type": "integer", "description": "NodePort for control plane service. The Kubernetes API server in the admin cluster is implemented as a Service of type NodePort (ex. 30968)." }, "ingressHttpNodePort": { "type": "integer", "description": "NodePort for ingress service's http. The ingress service in the admin cluster is implemented as a Service of type NodePort (ex. 32527)." }, "ingressHttpsNodePort": { "type": "integer", "description": "NodePort for ingress service's https. The ingress service in the admin cluster is implemented as a Service of type NodePort (ex. 30139)." }, "konnectivityServerNodePort": { "type": "integer", "description": "NodePort for konnectivity server service running as a sidecar in each kube-apiserver pod (ex. 30564)." } }, "type": "object" }, "google-native:gkeonprem/v1:VmwareManualLbConfigResponse": { "description": "Represents configuration parameters for an already existing manual load balancer. Given the nature of manual load balancers it is expected that said load balancer will be fully managed by users. IMPORTANT: Please note that the Anthos On-Prem API will not generate or update ManualLB configurations it can only bind a pre-existing configuration to a new VMware user cluster.", "properties": { "controlPlaneNodePort": { "type": "integer", "description": "NodePort for control plane service. The Kubernetes API server in the admin cluster is implemented as a Service of type NodePort (ex. 30968)." }, "ingressHttpNodePort": { "type": "integer", "description": "NodePort for ingress service's http. The ingress service in the admin cluster is implemented as a Service of type NodePort (ex. 32527)." }, "ingressHttpsNodePort": { "type": "integer", "description": "NodePort for ingress service's https. The ingress service in the admin cluster is implemented as a Service of type NodePort (ex. 30139)." }, "konnectivityServerNodePort": { "type": "integer", "description": "NodePort for konnectivity server service running as a sidecar in each kube-apiserver pod (ex. 30564)." } }, "type": "object", "required": [ "controlPlaneNodePort", "ingressHttpNodePort", "ingressHttpsNodePort", "konnectivityServerNodePort" ] }, "google-native:gkeonprem/v1:VmwareMetalLbConfig": { "description": "Represents configuration parameters for the MetalLB load balancer.", "properties": { "addressPools": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareAddressPool" }, "description": "AddressPools is a list of non-overlapping IP pools used by load balancer typed services. All addresses must be routable to load balancer nodes. IngressVIP must be included in the pools." } }, "type": "object", "required": [ "addressPools" ] }, "google-native:gkeonprem/v1:VmwareMetalLbConfigResponse": { "description": "Represents configuration parameters for the MetalLB load balancer.", "properties": { "addressPools": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareAddressPoolResponse" }, "description": "AddressPools is a list of non-overlapping IP pools used by load balancer typed services. All addresses must be routable to load balancer nodes. IngressVIP must be included in the pools." } }, "type": "object", "required": [ "addressPools" ] }, "google-native:gkeonprem/v1:VmwareNetworkConfig": { "description": "Specifies network config for the VMware user cluster.", "properties": { "controlPlaneV2Config": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareControlPlaneV2Config", "description": "Configuration for control plane V2 mode." }, "dhcpIpConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareDhcpIpConfig", "description": "Configuration settings for a DHCP IP configuration." }, "hostConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareHostConfig", "description": "Represents common network settings irrespective of the host's IP address." }, "podAddressCidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "All pods in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation." }, "serviceAddressCidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "All services in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation." }, "staticIpConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareStaticIpConfig", "description": "Configuration settings for a static IP configuration." }, "vcenterNetwork": { "type": "string", "description": "vcenter_network specifies vCenter network name. Inherited from the admin cluster." } }, "type": "object", "required": [ "podAddressCidrBlocks", "serviceAddressCidrBlocks" ] }, "google-native:gkeonprem/v1:VmwareNetworkConfigResponse": { "description": "Specifies network config for the VMware user cluster.", "properties": { "controlPlaneV2Config": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareControlPlaneV2ConfigResponse", "description": "Configuration for control plane V2 mode." }, "dhcpIpConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareDhcpIpConfigResponse", "description": "Configuration settings for a DHCP IP configuration." }, "hostConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareHostConfigResponse", "description": "Represents common network settings irrespective of the host's IP address." }, "podAddressCidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "All pods in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation." }, "serviceAddressCidrBlocks": { "type": "array", "items": { "type": "string" }, "description": "All services in the cluster are assigned an RFC1918 IPv4 address from these ranges. Only a single range is supported. This field cannot be changed after creation." }, "staticIpConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareStaticIpConfigResponse", "description": "Configuration settings for a static IP configuration." }, "vcenterNetwork": { "type": "string", "description": "vcenter_network specifies vCenter network name. Inherited from the admin cluster." } }, "type": "object", "required": [ "controlPlaneV2Config", "dhcpIpConfig", "hostConfig", "podAddressCidrBlocks", "serviceAddressCidrBlocks", "staticIpConfig", "vcenterNetwork" ] }, "google-native:gkeonprem/v1:VmwareNodeConfig": { "description": "Parameters that describe the configuration of all nodes within a given node pool.", "properties": { "bootDiskSizeGb": { "type": "string", "description": "VMware disk size to be used during creation." }, "cpus": { "type": "string", "description": "The number of CPUs for each node in the node pool." }, "enableLoadBalancer": { "type": "boolean", "description": "Allow node pool traffic to be load balanced. Only works for clusters with MetalLB load balancers." }, "image": { "type": "string", "description": "The OS image name in vCenter, only valid when using Windows." }, "imageType": { "type": "string", "description": "The OS image to be used for each node in a node pool. Currently `cos`, `ubuntu`, `ubuntu_containerd` and `windows` are supported." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of Kubernetes labels (key/value pairs) to be applied to each node. These will added in addition to any default label(s) that Kubernetes may apply to the node. In case of conflict in label keys, the applied set may differ depending on the Kubernetes version -- it's best to assume the behavior is undefined and conflicts should be avoided. For more information, including usage and the valid values, see: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/" }, "memoryMb": { "type": "string", "description": "The megabytes of memory for each node in the node pool." }, "replicas": { "type": "string", "description": "The number of nodes in the node pool." }, "taints": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:NodeTaint" }, "description": "The initial taints assigned to nodes of this node pool." }, "vsphereConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareVsphereConfig", "description": "Specifies the vSphere config for node pool." } }, "type": "object", "required": [ "imageType" ] }, "google-native:gkeonprem/v1:VmwareNodeConfigResponse": { "description": "Parameters that describe the configuration of all nodes within a given node pool.", "properties": { "bootDiskSizeGb": { "type": "string", "description": "VMware disk size to be used during creation." }, "cpus": { "type": "string", "description": "The number of CPUs for each node in the node pool." }, "enableLoadBalancer": { "type": "boolean", "description": "Allow node pool traffic to be load balanced. Only works for clusters with MetalLB load balancers." }, "image": { "type": "string", "description": "The OS image name in vCenter, only valid when using Windows." }, "imageType": { "type": "string", "description": "The OS image to be used for each node in a node pool. Currently `cos`, `ubuntu`, `ubuntu_containerd` and `windows` are supported." }, "labels": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The map of Kubernetes labels (key/value pairs) to be applied to each node. These will added in addition to any default label(s) that Kubernetes may apply to the node. In case of conflict in label keys, the applied set may differ depending on the Kubernetes version -- it's best to assume the behavior is undefined and conflicts should be avoided. For more information, including usage and the valid values, see: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/" }, "memoryMb": { "type": "string", "description": "The megabytes of memory for each node in the node pool." }, "replicas": { "type": "string", "description": "The number of nodes in the node pool." }, "taints": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:NodeTaintResponse" }, "description": "The initial taints assigned to nodes of this node pool." }, "vsphereConfig": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareVsphereConfigResponse", "description": "Specifies the vSphere config for node pool." } }, "type": "object", "required": [ "bootDiskSizeGb", "cpus", "enableLoadBalancer", "image", "imageType", "labels", "memoryMb", "replicas", "taints", "vsphereConfig" ] }, "google-native:gkeonprem/v1:VmwareNodePoolAutoscalingConfig": { "description": "NodePoolAutoscaling config for the NodePool to allow for the kubernetes to scale NodePool.", "properties": { "maxReplicas": { "type": "integer", "description": "Maximum number of replicas in the NodePool." }, "minReplicas": { "type": "integer", "description": "Minimum number of replicas in the NodePool." } }, "type": "object" }, "google-native:gkeonprem/v1:VmwareNodePoolAutoscalingConfigResponse": { "description": "NodePoolAutoscaling config for the NodePool to allow for the kubernetes to scale NodePool.", "properties": { "maxReplicas": { "type": "integer", "description": "Maximum number of replicas in the NodePool." }, "minReplicas": { "type": "integer", "description": "Minimum number of replicas in the NodePool." } }, "type": "object", "required": [ "maxReplicas", "minReplicas" ] }, "google-native:gkeonprem/v1:VmwareSeesawConfigResponse": { "description": "VmwareSeesawConfig represents configuration parameters for an already existing Seesaw load balancer. IMPORTANT: Please note that the Anthos On-Prem API will not generate or update Seesaw configurations it can only bind a pre-existing configuration to a new user cluster. IMPORTANT: When attempting to create a user cluster with a pre-existing Seesaw load balancer you will need to follow some preparation steps before calling the 'CreateVmwareCluster' API method. First you will need to create the user cluster's namespace via kubectl. The namespace will need to use the following naming convention : -gke-onprem-mgmt or -gke-onprem-mgmt depending on whether you used the 'VmwareCluster.local_name' to disambiguate collisions; for more context see the documentation of 'VmwareCluster.local_name'. Once the namespace is created you will need to create a secret resource via kubectl. This secret will contain copies of your Seesaw credentials. The Secret must be called 'user-cluster-creds' and contain Seesaw's SSH and Cert credentials. The credentials must be keyed with the following names: 'seesaw-ssh-private-key', 'seesaw-ssh-public-key', 'seesaw-ssh-ca-key', 'seesaw-ssh-ca-cert'.", "properties": { "enableHa": { "type": "boolean", "description": "Enable two load balancer VMs to achieve a highly-available Seesaw load balancer." }, "group": { "type": "string", "description": "In general the following format should be used for the Seesaw group name: seesaw-for-[cluster_name]." }, "ipBlocks": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareIpBlockResponse" }, "description": "The IP Blocks to be used by the Seesaw load balancer" }, "masterIp": { "type": "string", "description": "MasterIP is the IP announced by the master of Seesaw group." }, "stackdriverName": { "type": "string", "description": "Name to be used by Stackdriver." }, "vms": { "type": "array", "items": { "type": "string" }, "description": "Names of the VMs created for this Seesaw group." } }, "type": "object", "required": [ "enableHa", "group", "ipBlocks", "masterIp", "stackdriverName", "vms" ] }, "google-native:gkeonprem/v1:VmwareStaticIpConfig": { "description": "Represents the network configuration required for the VMware user clusters with Static IP configurations.", "properties": { "ipBlocks": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareIpBlock" }, "description": "Represents the configuration values for static IP allocation to nodes." } }, "type": "object" }, "google-native:gkeonprem/v1:VmwareStaticIpConfigResponse": { "description": "Represents the network configuration required for the VMware user clusters with Static IP configurations.", "properties": { "ipBlocks": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareIpBlockResponse" }, "description": "Represents the configuration values for static IP allocation to nodes." } }, "type": "object", "required": [ "ipBlocks" ] }, "google-native:gkeonprem/v1:VmwareStorageConfig": { "description": "Specifies vSphere CSI components deployment config in the VMware user cluster.", "properties": { "vsphereCsiDisabled": { "type": "boolean", "description": "Whether or not to deploy vSphere CSI components in the VMware user cluster. Enabled by default." } }, "type": "object" }, "google-native:gkeonprem/v1:VmwareStorageConfigResponse": { "description": "Specifies vSphere CSI components deployment config in the VMware user cluster.", "properties": { "vsphereCsiDisabled": { "type": "boolean", "description": "Whether or not to deploy vSphere CSI components in the VMware user cluster. Enabled by default." } }, "type": "object", "required": [ "vsphereCsiDisabled" ] }, "google-native:gkeonprem/v1:VmwareVCenterConfig": { "description": "Represents configuration for the VMware VCenter for the user cluster.", "properties": { "caCertData": { "type": "string", "description": "Contains the vCenter CA certificate public key for SSL verification." }, "cluster": { "type": "string", "description": "The name of the vCenter cluster for the user cluster." }, "datacenter": { "type": "string", "description": "The name of the vCenter datacenter for the user cluster." }, "datastore": { "type": "string", "description": "The name of the vCenter datastore for the user cluster." }, "folder": { "type": "string", "description": "The name of the vCenter folder for the user cluster." }, "resourcePool": { "type": "string", "description": "The name of the vCenter resource pool for the user cluster." }, "storagePolicyName": { "type": "string", "description": "The name of the vCenter storage policy for the user cluster." } }, "type": "object" }, "google-native:gkeonprem/v1:VmwareVCenterConfigResponse": { "description": "Represents configuration for the VMware VCenter for the user cluster.", "properties": { "address": { "type": "string", "description": "The vCenter IP address." }, "caCertData": { "type": "string", "description": "Contains the vCenter CA certificate public key for SSL verification." }, "cluster": { "type": "string", "description": "The name of the vCenter cluster for the user cluster." }, "datacenter": { "type": "string", "description": "The name of the vCenter datacenter for the user cluster." }, "datastore": { "type": "string", "description": "The name of the vCenter datastore for the user cluster." }, "folder": { "type": "string", "description": "The name of the vCenter folder for the user cluster." }, "resourcePool": { "type": "string", "description": "The name of the vCenter resource pool for the user cluster." }, "storagePolicyName": { "type": "string", "description": "The name of the vCenter storage policy for the user cluster." } }, "type": "object", "required": [ "address", "caCertData", "cluster", "datacenter", "datastore", "folder", "resourcePool", "storagePolicyName" ] }, "google-native:gkeonprem/v1:VmwareVipConfig": { "description": "Specifies the VIP config for the VMware user cluster load balancer.", "properties": { "controlPlaneVip": { "type": "string", "description": "The VIP which you previously set aside for the Kubernetes API of this cluster." }, "ingressVip": { "type": "string", "description": "The VIP which you previously set aside for ingress traffic into this cluster." } }, "type": "object" }, "google-native:gkeonprem/v1:VmwareVipConfigResponse": { "description": "Specifies the VIP config for the VMware user cluster load balancer.", "properties": { "controlPlaneVip": { "type": "string", "description": "The VIP which you previously set aside for the Kubernetes API of this cluster." }, "ingressVip": { "type": "string", "description": "The VIP which you previously set aside for ingress traffic into this cluster." } }, "type": "object", "required": [ "controlPlaneVip", "ingressVip" ] }, "google-native:gkeonprem/v1:VmwareVsphereConfig": { "description": "VmwareVsphereConfig represents configuration for the VMware VCenter for node pool.", "properties": { "datastore": { "type": "string", "description": "The name of the vCenter datastore. Inherited from the user cluster." }, "hostGroups": { "type": "array", "items": { "type": "string" }, "description": "Vsphere host groups to apply to all VMs in the node pool" }, "tags": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareVsphereTag" }, "description": "Tags to apply to VMs." } }, "type": "object" }, "google-native:gkeonprem/v1:VmwareVsphereConfigResponse": { "description": "VmwareVsphereConfig represents configuration for the VMware VCenter for node pool.", "properties": { "datastore": { "type": "string", "description": "The name of the vCenter datastore. Inherited from the user cluster." }, "hostGroups": { "type": "array", "items": { "type": "string" }, "description": "Vsphere host groups to apply to all VMs in the node pool" }, "tags": { "type": "array", "items": { "$ref": "#/types/google-native:gkeonprem%2Fv1:VmwareVsphereTagResponse" }, "description": "Tags to apply to VMs." } }, "type": "object", "required": [ "datastore", "hostGroups", "tags" ] }, "google-native:gkeonprem/v1:VmwareVsphereTag": { "description": "VmwareVsphereTag describes a vSphere tag to be placed on VMs in the node pool. For more information, see https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.vcenterhost.doc/GUID-E8E854DD-AA97-4E0C-8419-CE84F93C4058.html", "properties": { "category": { "type": "string", "description": "The Vsphere tag category." }, "tag": { "type": "string", "description": "The Vsphere tag name." } }, "type": "object" }, "google-native:gkeonprem/v1:VmwareVsphereTagResponse": { "description": "VmwareVsphereTag describes a vSphere tag to be placed on VMs in the node pool. For more information, see https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.vcenterhost.doc/GUID-E8E854DD-AA97-4E0C-8419-CE84F93C4058.html", "properties": { "category": { "type": "string", "description": "The Vsphere tag category." }, "tag": { "type": "string", "description": "The Vsphere tag name." } }, "type": "object", "required": [ "category", "tag" ] }, "google-native:healthcare/v1:Attribute": { "description": "An attribute value for a Consent or User data mapping. Each Attribute must have a corresponding AttributeDefinition in the consent store that defines the default and allowed values.", "properties": { "attributeDefinitionId": { "type": "string", "description": "Indicates the name of an attribute defined in the consent store." }, "values": { "type": "array", "items": { "type": "string" }, "description": "The value of the attribute. Must be an acceptable value as defined in the consent store. For example, if the consent store defines \"data type\" with acceptable values \"questionnaire\" and \"step-count\", when the attribute name is data type, this field must contain one of those values." } }, "type": "object", "required": [ "values" ] }, "google-native:healthcare/v1:AttributeDefinitionCategory": { "description": "Required. The category of the attribute. The value of this field cannot be changed after creation.", "type": "string", "enum": [ { "name": "CategoryUnspecified", "description": "No category specified. This option is invalid.", "value": "CATEGORY_UNSPECIFIED" }, { "name": "Resource", "description": "Specify this category when this attribute describes the properties of resources. For example, data anonymity or data type.", "value": "RESOURCE" }, { "name": "Request", "description": "Specify this category when this attribute describes the properties of requests. For example, requester's role or requester's organization.", "value": "REQUEST" } ] }, "google-native:healthcare/v1:AttributeResponse": { "description": "An attribute value for a Consent or User data mapping. Each Attribute must have a corresponding AttributeDefinition in the consent store that defines the default and allowed values.", "properties": { "attributeDefinitionId": { "type": "string", "description": "Indicates the name of an attribute defined in the consent store." }, "values": { "type": "array", "items": { "type": "string" }, "description": "The value of the attribute. Must be an acceptable value as defined in the consent store. For example, if the consent store defines \"data type\" with acceptable values \"questionnaire\" and \"step-count\", when the attribute name is data type, this field must contain one of those values." } }, "type": "object", "required": [ "attributeDefinitionId", "values" ] }, "google-native:healthcare/v1:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:healthcare/v1:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:healthcare/v1:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:healthcare%2Fv1:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:healthcare/v1:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:healthcare/v1:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:healthcare/v1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:healthcare%2Fv1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:healthcare/v1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:healthcare%2Fv1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:healthcare/v1:CharacterMaskConfig": { "description": "Mask a string by replacing its characters with a fixed character.", "properties": { "maskingCharacter": { "type": "string", "description": "Character to mask the sensitive values. If not supplied, defaults to \"*\"." } }, "type": "object" }, "google-native:healthcare/v1:CharacterMaskConfigResponse": { "description": "Mask a string by replacing its characters with a fixed character.", "properties": { "maskingCharacter": { "type": "string", "description": "Character to mask the sensitive values. If not supplied, defaults to \"*\"." } }, "type": "object", "required": [ "maskingCharacter" ] }, "google-native:healthcare/v1:ConsentState": { "description": "Required. Indicates the current state of this Consent.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "No state specified. Treated as ACTIVE only at the time of resource creation.", "value": "STATE_UNSPECIFIED" }, { "name": "Active", "description": "The Consent is active and is considered when evaluating a user's consent on resources.", "value": "ACTIVE" }, { "name": "Archived", "description": "The archived state is currently not being used.", "value": "ARCHIVED" }, { "name": "Revoked", "description": "A revoked Consent is not considered when evaluating a user's consent on resources.", "value": "REVOKED" }, { "name": "Draft", "description": "A draft Consent is not considered when evaluating a user's consent on resources unless explicitly specified.", "value": "DRAFT" }, { "name": "Rejected", "description": "When a draft Consent is rejected by a user, it is set to a rejected state. A rejected Consent is not considered when evaluating a user's consent on resources.", "value": "REJECTED" } ] }, "google-native:healthcare/v1:CryptoHashConfig": { "description": "Pseudonymization method that generates surrogates via cryptographic hashing. Uses SHA-256. Outputs a base64-encoded representation of the hashed output (for example, `L7k0BHmF1ha5U3NfGykjro4xWi1MPVQPjhMAZbSV9mM=`).", "properties": { "cryptoKey": { "type": "string", "description": "An AES 128/192/256 bit key. Causes the hash to be computed based on this key. A default key is generated for each Deidentify operation and is used when neither `crypto_key` nor `kms_wrapped` is specified. Must not be set if `kms_wrapped` is set." }, "kmsWrapped": { "$ref": "#/types/google-native:healthcare%2Fv1:KmsWrappedCryptoKey", "description": "KMS wrapped key. Must not be set if `crypto_key` is set." } }, "type": "object" }, "google-native:healthcare/v1:CryptoHashConfigResponse": { "description": "Pseudonymization method that generates surrogates via cryptographic hashing. Uses SHA-256. Outputs a base64-encoded representation of the hashed output (for example, `L7k0BHmF1ha5U3NfGykjro4xWi1MPVQPjhMAZbSV9mM=`).", "properties": { "cryptoKey": { "type": "string", "description": "An AES 128/192/256 bit key. Causes the hash to be computed based on this key. A default key is generated for each Deidentify operation and is used when neither `crypto_key` nor `kms_wrapped` is specified. Must not be set if `kms_wrapped` is set." }, "kmsWrapped": { "$ref": "#/types/google-native:healthcare%2Fv1:KmsWrappedCryptoKeyResponse", "description": "KMS wrapped key. Must not be set if `crypto_key` is set." } }, "type": "object", "required": [ "cryptoKey", "kmsWrapped" ] }, "google-native:healthcare/v1:DateShiftConfig": { "description": "Shift a date forward or backward in time by a random amount which is consistent for a given patient and crypto key combination.", "properties": { "cryptoKey": { "type": "string", "description": "An AES 128/192/256 bit key. The date shift is computed based on this key and the patient ID. If the patient ID is empty for a DICOM resource, the date shift is computed based on this key and the study instance UID. If `crypto_key` is not set, then `kms_wrapped` is used to calculate the date shift. If neither is set, a default key is generated for each de-identify operation. Must not be set if `kms_wrapped` is set." }, "kmsWrapped": { "$ref": "#/types/google-native:healthcare%2Fv1:KmsWrappedCryptoKey", "description": "KMS wrapped key. If `kms_wrapped` is not set, then `crypto_key` is used to calculate the date shift. If neither is set, a default key is generated for each de-identify operation. Must not be set if `crypto_key` is set." } }, "type": "object" }, "google-native:healthcare/v1:DateShiftConfigResponse": { "description": "Shift a date forward or backward in time by a random amount which is consistent for a given patient and crypto key combination.", "properties": { "cryptoKey": { "type": "string", "description": "An AES 128/192/256 bit key. The date shift is computed based on this key and the patient ID. If the patient ID is empty for a DICOM resource, the date shift is computed based on this key and the study instance UID. If `crypto_key` is not set, then `kms_wrapped` is used to calculate the date shift. If neither is set, a default key is generated for each de-identify operation. Must not be set if `kms_wrapped` is set." }, "kmsWrapped": { "$ref": "#/types/google-native:healthcare%2Fv1:KmsWrappedCryptoKeyResponse", "description": "KMS wrapped key. If `kms_wrapped` is not set, then `crypto_key` is used to calculate the date shift. If neither is set, a default key is generated for each de-identify operation. Must not be set if `crypto_key` is set." } }, "type": "object", "required": [ "cryptoKey", "kmsWrapped" ] }, "google-native:healthcare/v1:DeidentifiedStoreDestination": { "description": "Contains configuration for streaming de-identified FHIR export.", "properties": { "config": { "$ref": "#/types/google-native:healthcare%2Fv1:DeidentifyConfig", "description": "The configuration to use when de-identifying resources that are added to this store." }, "store": { "type": "string", "description": "The full resource name of a Cloud Healthcare FHIR store, for example, `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}`." } }, "type": "object" }, "google-native:healthcare/v1:DeidentifiedStoreDestinationResponse": { "description": "Contains configuration for streaming de-identified FHIR export.", "properties": { "config": { "$ref": "#/types/google-native:healthcare%2Fv1:DeidentifyConfigResponse", "description": "The configuration to use when de-identifying resources that are added to this store." }, "store": { "type": "string", "description": "The full resource name of a Cloud Healthcare FHIR store, for example, `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}`." } }, "type": "object", "required": [ "config", "store" ] }, "google-native:healthcare/v1:DeidentifyConfig": { "description": "Configures de-id options specific to different types of content. Each submessage customizes the handling of an https://tools.ietf.org/html/rfc6838 media type or subtype. Configs are applied in a nested manner at runtime.", "properties": { "dicom": { "$ref": "#/types/google-native:healthcare%2Fv1:DicomConfig", "description": "Configures de-id of application/DICOM content." }, "fhir": { "$ref": "#/types/google-native:healthcare%2Fv1:FhirConfig", "description": "Configures de-id of application/FHIR content." }, "image": { "$ref": "#/types/google-native:healthcare%2Fv1:ImageConfig", "description": "Configures de-identification of image pixels wherever they are found in the source_dataset." }, "text": { "$ref": "#/types/google-native:healthcare%2Fv1:TextConfig", "description": "Configures de-identification of text wherever it is found in the source_dataset." }, "useRegionalDataProcessing": { "type": "boolean", "description": "Ensures in-flight data remains in the region of origin during de-identification. Using this option results in a significant reduction of throughput, and is not compatible with `LOCATION` or `ORGANIZATION_NAME` infoTypes. `LOCATION` must be excluded within TextConfig, and must also be excluded within ImageConfig if image redaction is required." } }, "type": "object" }, "google-native:healthcare/v1:DeidentifyConfigResponse": { "description": "Configures de-id options specific to different types of content. Each submessage customizes the handling of an https://tools.ietf.org/html/rfc6838 media type or subtype. Configs are applied in a nested manner at runtime.", "properties": { "dicom": { "$ref": "#/types/google-native:healthcare%2Fv1:DicomConfigResponse", "description": "Configures de-id of application/DICOM content." }, "fhir": { "$ref": "#/types/google-native:healthcare%2Fv1:FhirConfigResponse", "description": "Configures de-id of application/FHIR content." }, "image": { "$ref": "#/types/google-native:healthcare%2Fv1:ImageConfigResponse", "description": "Configures de-identification of image pixels wherever they are found in the source_dataset." }, "text": { "$ref": "#/types/google-native:healthcare%2Fv1:TextConfigResponse", "description": "Configures de-identification of text wherever it is found in the source_dataset." }, "useRegionalDataProcessing": { "type": "boolean", "description": "Ensures in-flight data remains in the region of origin during de-identification. Using this option results in a significant reduction of throughput, and is not compatible with `LOCATION` or `ORGANIZATION_NAME` infoTypes. `LOCATION` must be excluded within TextConfig, and must also be excluded within ImageConfig if image redaction is required." } }, "type": "object", "required": [ "dicom", "fhir", "image", "text", "useRegionalDataProcessing" ] }, "google-native:healthcare/v1:DicomConfig": { "description": "Specifies the parameters needed for de-identification of DICOM stores.", "properties": { "filterProfile": { "$ref": "#/types/google-native:healthcare%2Fv1:DicomConfigFilterProfile", "description": "Tag filtering profile that determines which tags to keep/remove." }, "keepList": { "$ref": "#/types/google-native:healthcare%2Fv1:TagFilterList", "description": "List of tags to keep. Remove all other tags." }, "removeList": { "$ref": "#/types/google-native:healthcare%2Fv1:TagFilterList", "description": "List of tags to remove. Keep all other tags." }, "skipIdRedaction": { "type": "boolean", "description": "If true, skip replacing StudyInstanceUID, SeriesInstanceUID, SOPInstanceUID, and MediaStorageSOPInstanceUID and leave them untouched. The Cloud Healthcare API regenerates these UIDs by default based on the DICOM Standard's reasoning: \"Whilst these UIDs cannot be mapped directly to an individual out of context, given access to the original images, or to a database of the original images containing the UIDs, it would be possible to recover the individual's identity.\" http://dicom.nema.org/medical/dicom/current/output/chtml/part15/sect_E.3.9.html" } }, "type": "object" }, "google-native:healthcare/v1:DicomConfigFilterProfile": { "description": "Tag filtering profile that determines which tags to keep/remove.", "type": "string", "enum": [ { "name": "TagFilterProfileUnspecified", "description": "No tag filtration profile provided. Same as KEEP_ALL_PROFILE.", "value": "TAG_FILTER_PROFILE_UNSPECIFIED" }, { "name": "MinimalKeepListProfile", "description": "Keep only tags required to produce valid DICOM.", "value": "MINIMAL_KEEP_LIST_PROFILE" }, { "name": "AttributeConfidentialityBasicProfile", "description": "Remove tags based on DICOM Standard's Attribute Confidentiality Basic Profile (DICOM Standard Edition 2018e) http://dicom.nema.org/medical/dicom/2018e/output/chtml/part15/chapter_E.html.", "value": "ATTRIBUTE_CONFIDENTIALITY_BASIC_PROFILE" }, { "name": "KeepAllProfile", "description": "Keep all tags.", "value": "KEEP_ALL_PROFILE" }, { "name": "DeidentifyTagContents", "description": "Inspects within tag contents and replaces sensitive text. The process can be configured using the TextConfig. Applies to all tags with the following Value Representation names: AE, LO, LT, PN, SH, ST, UC, UT, DA, DT, AS", "value": "DEIDENTIFY_TAG_CONTENTS" } ] }, "google-native:healthcare/v1:DicomConfigResponse": { "description": "Specifies the parameters needed for de-identification of DICOM stores.", "properties": { "filterProfile": { "type": "string", "description": "Tag filtering profile that determines which tags to keep/remove." }, "keepList": { "$ref": "#/types/google-native:healthcare%2Fv1:TagFilterListResponse", "description": "List of tags to keep. Remove all other tags." }, "removeList": { "$ref": "#/types/google-native:healthcare%2Fv1:TagFilterListResponse", "description": "List of tags to remove. Keep all other tags." }, "skipIdRedaction": { "type": "boolean", "description": "If true, skip replacing StudyInstanceUID, SeriesInstanceUID, SOPInstanceUID, and MediaStorageSOPInstanceUID and leave them untouched. The Cloud Healthcare API regenerates these UIDs by default based on the DICOM Standard's reasoning: \"Whilst these UIDs cannot be mapped directly to an individual out of context, given access to the original images, or to a database of the original images containing the UIDs, it would be possible to recover the individual's identity.\" http://dicom.nema.org/medical/dicom/current/output/chtml/part15/sect_E.3.9.html" } }, "type": "object", "required": [ "filterProfile", "keepList", "removeList", "skipIdRedaction" ] }, "google-native:healthcare/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:healthcare/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:healthcare/v1:FhirConfig": { "description": "Specifies how to handle de-identification of a FHIR store.", "properties": { "defaultKeepExtensions": { "type": "boolean", "description": "The behaviour for handling FHIR extensions that aren't otherwise specified for de-identification. If true, all extensions are preserved during de-identification by default. If false or unspecified, all extensions are removed during de-identification by default." }, "fieldMetadataList": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1:FieldMetadata" }, "description": "Specifies FHIR paths to match and how to transform them. Any field that is not matched by a FieldMetadata is passed through to the output dataset unmodified. All extensions will be processed according to `default_keep_extensions`." } }, "type": "object" }, "google-native:healthcare/v1:FhirConfigResponse": { "description": "Specifies how to handle de-identification of a FHIR store.", "properties": { "defaultKeepExtensions": { "type": "boolean", "description": "The behaviour for handling FHIR extensions that aren't otherwise specified for de-identification. If true, all extensions are preserved during de-identification by default. If false or unspecified, all extensions are removed during de-identification by default." }, "fieldMetadataList": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1:FieldMetadataResponse" }, "description": "Specifies FHIR paths to match and how to transform them. Any field that is not matched by a FieldMetadata is passed through to the output dataset unmodified. All extensions will be processed according to `default_keep_extensions`." } }, "type": "object", "required": [ "defaultKeepExtensions", "fieldMetadataList" ] }, "google-native:healthcare/v1:FhirNotificationConfig": { "description": "Contains the configuration for FHIR notifications.", "properties": { "pubsubTopic": { "type": "string", "description": "The [Pub/Sub](https://cloud.google.com/pubsub/docs/) topic that notifications of changes are published on. Supplied by the client. The notification is a `PubsubMessage` with the following fields: * `PubsubMessage.Data` contains the resource name. * `PubsubMessage.MessageId` is the ID of this notification. It is guaranteed to be unique within the topic. * `PubsubMessage.PublishTime` is the time when the message was published. Note that notifications are only sent if the topic is non-empty. [Topic names](https://cloud.google.com/pubsub/docs/overview#names) must be scoped to a project. The Cloud Healthcare API service account, service-@gcp-sa-healthcare.iam.gserviceaccount.com, must have publisher permissions on the given Pub/Sub topic. Not having adequate permissions causes the calls that send notifications to fail (https://cloud.google.com/healthcare-api/docs/permissions-healthcare-api-gcp-products#dicom_fhir_and_hl7v2_store_cloud_pubsub_permissions). If a notification can't be published to Pub/Sub, errors are logged to Cloud Logging. For more information, see [Viewing error logs in Cloud Logging](https://cloud.google.com/healthcare-api/docs/how-tos/logging)." }, "sendFullResource": { "type": "boolean", "description": "Whether to send full FHIR resource to this Pub/Sub topic." }, "sendPreviousResourceOnDelete": { "type": "boolean", "description": "Whether to send full FHIR resource to this Pub/Sub topic for deleting FHIR resource. Note that setting this to true does not guarantee that all previous resources will be sent in the format of full FHIR resource. When a resource change is too large or during heavy traffic, only the resource name will be sent. Clients should always check the \"payloadType\" label from a Pub/Sub message to determine whether it needs to fetch the full previous resource as a separate operation." } }, "type": "object" }, "google-native:healthcare/v1:FhirNotificationConfigResponse": { "description": "Contains the configuration for FHIR notifications.", "properties": { "pubsubTopic": { "type": "string", "description": "The [Pub/Sub](https://cloud.google.com/pubsub/docs/) topic that notifications of changes are published on. Supplied by the client. The notification is a `PubsubMessage` with the following fields: * `PubsubMessage.Data` contains the resource name. * `PubsubMessage.MessageId` is the ID of this notification. It is guaranteed to be unique within the topic. * `PubsubMessage.PublishTime` is the time when the message was published. Note that notifications are only sent if the topic is non-empty. [Topic names](https://cloud.google.com/pubsub/docs/overview#names) must be scoped to a project. The Cloud Healthcare API service account, service-@gcp-sa-healthcare.iam.gserviceaccount.com, must have publisher permissions on the given Pub/Sub topic. Not having adequate permissions causes the calls that send notifications to fail (https://cloud.google.com/healthcare-api/docs/permissions-healthcare-api-gcp-products#dicom_fhir_and_hl7v2_store_cloud_pubsub_permissions). If a notification can't be published to Pub/Sub, errors are logged to Cloud Logging. For more information, see [Viewing error logs in Cloud Logging](https://cloud.google.com/healthcare-api/docs/how-tos/logging)." }, "sendFullResource": { "type": "boolean", "description": "Whether to send full FHIR resource to this Pub/Sub topic." }, "sendPreviousResourceOnDelete": { "type": "boolean", "description": "Whether to send full FHIR resource to this Pub/Sub topic for deleting FHIR resource. Note that setting this to true does not guarantee that all previous resources will be sent in the format of full FHIR resource. When a resource change is too large or during heavy traffic, only the resource name will be sent. Clients should always check the \"payloadType\" label from a Pub/Sub message to determine whether it needs to fetch the full previous resource as a separate operation." } }, "type": "object", "required": [ "pubsubTopic", "sendFullResource", "sendPreviousResourceOnDelete" ] }, "google-native:healthcare/v1:FhirStoreComplexDataTypeReferenceParsing": { "description": "Enable parsing of references within complex FHIR data types such as Extensions. If this value is set to ENABLED, then features like referential integrity and Bundle reference rewriting apply to all references. If this flag has not been specified the behavior of the FHIR store will not change, references in complex data types will not be parsed. New stores will have this value set to ENABLED after a notification period. Warning: turning on this flag causes processing existing resources to fail if they contain references to non-existent resources.", "type": "string", "enum": [ { "name": "ComplexDataTypeReferenceParsingUnspecified", "description": "No parsing behavior specified. This is the same as DISABLED for backwards compatibility.", "value": "COMPLEX_DATA_TYPE_REFERENCE_PARSING_UNSPECIFIED" }, { "name": "Disabled", "description": "References in complex data types are ignored.", "value": "DISABLED" }, { "name": "Enabled", "description": "References in complex data types are parsed.", "value": "ENABLED" } ] }, "google-native:healthcare/v1:FhirStoreVersion": { "description": "Immutable. The FHIR specification version that this FHIR store supports natively. This field is immutable after store creation. Requests are rejected if they contain FHIR resources of a different version. Version is required for every FHIR store.", "type": "string", "enum": [ { "name": "VersionUnspecified", "description": "Users must specify a version on store creation or an error is returned.", "value": "VERSION_UNSPECIFIED" }, { "name": "Dstu2", "description": "Draft Standard for Trial Use, [Release 2](https://www.hl7.org/fhir/DSTU2)", "value": "DSTU2" }, { "name": "Stu3", "description": "Standard for Trial Use, [Release 3](https://www.hl7.org/fhir/STU3)", "value": "STU3" }, { "name": "R4", "description": "[Release 4](https://www.hl7.org/fhir/R4)", "value": "R4" } ] }, "google-native:healthcare/v1:Field": { "description": "A (sub) field of a type.", "properties": { "maxOccurs": { "type": "integer", "description": "The maximum number of times this field can be repeated. 0 or -1 means unbounded." }, "minOccurs": { "type": "integer", "description": "The minimum number of times this field must be present/repeated." }, "name": { "type": "string", "description": "The name of the field. For example, \"PID-1\" or just \"1\"." }, "table": { "type": "string", "description": "The HL7v2 table this field refers to. For example, PID-15 (Patient's Primary Language) usually refers to table \"0296\"." }, "type": { "type": "string", "description": "The type of this field. A Type with this name must be defined in an Hl7TypesConfig." } }, "type": "object" }, "google-native:healthcare/v1:FieldMetadata": { "description": "Specifies FHIR paths to match, and how to handle de-identification of matching fields.", "properties": { "action": { "$ref": "#/types/google-native:healthcare%2Fv1:FieldMetadataAction", "description": "Deidentify action for one field." }, "paths": { "type": "array", "items": { "type": "string" }, "description": "List of paths to FHIR fields to be redacted. Each path is a period-separated list where each component is either a field name or FHIR type name, for example: Patient, HumanName. For \"choice\" types (those defined in the FHIR spec with the form: field[x]) we use two separate components. For example, \"deceasedAge.unit\" is matched by \"Deceased.Age.unit\". Supported types are: AdministrativeGenderCode, Base64Binary, Boolean, Code, Date, DateTime, Decimal, HumanName, Id, Instant, Integer, LanguageCode, Markdown, Oid, PositiveInt, String, UnsignedInt, Uri, Uuid, Xhtml." } }, "type": "object" }, "google-native:healthcare/v1:FieldMetadataAction": { "description": "Deidentify action for one field.", "type": "string", "enum": [ { "name": "ActionUnspecified", "description": "No action specified.", "value": "ACTION_UNSPECIFIED" }, { "name": "Transform", "description": "Transform the entire field.", "value": "TRANSFORM" }, { "name": "InspectAndTransform", "description": "Inspect and transform any found PHI.", "value": "INSPECT_AND_TRANSFORM" }, { "name": "DoNotTransform", "description": "Do not transform.", "value": "DO_NOT_TRANSFORM" } ] }, "google-native:healthcare/v1:FieldMetadataResponse": { "description": "Specifies FHIR paths to match, and how to handle de-identification of matching fields.", "properties": { "action": { "type": "string", "description": "Deidentify action for one field." }, "paths": { "type": "array", "items": { "type": "string" }, "description": "List of paths to FHIR fields to be redacted. Each path is a period-separated list where each component is either a field name or FHIR type name, for example: Patient, HumanName. For \"choice\" types (those defined in the FHIR spec with the form: field[x]) we use two separate components. For example, \"deceasedAge.unit\" is matched by \"Deceased.Age.unit\". Supported types are: AdministrativeGenderCode, Base64Binary, Boolean, Code, Date, DateTime, Decimal, HumanName, Id, Instant, Integer, LanguageCode, Markdown, Oid, PositiveInt, String, UnsignedInt, Uri, Uuid, Xhtml." } }, "type": "object", "required": [ "action", "paths" ] }, "google-native:healthcare/v1:FieldResponse": { "description": "A (sub) field of a type.", "properties": { "maxOccurs": { "type": "integer", "description": "The maximum number of times this field can be repeated. 0 or -1 means unbounded." }, "minOccurs": { "type": "integer", "description": "The minimum number of times this field must be present/repeated." }, "name": { "type": "string", "description": "The name of the field. For example, \"PID-1\" or just \"1\"." }, "table": { "type": "string", "description": "The HL7v2 table this field refers to. For example, PID-15 (Patient's Primary Language) usually refers to table \"0296\"." }, "type": { "type": "string", "description": "The type of this field. A Type with this name must be defined in an Hl7TypesConfig." } }, "type": "object", "required": [ "maxOccurs", "minOccurs", "name", "table", "type" ] }, "google-native:healthcare/v1:GoogleCloudHealthcareV1ConsentPolicy": { "description": "Represents a user's consent in terms of the resources that can be accessed and under what conditions.", "properties": { "authorizationRule": { "$ref": "#/types/google-native:healthcare%2Fv1:Expr", "description": "The request conditions to meet to grant access. In addition to any supported comparison operators, authorization rules may have `IN` operator as well as at most 10 logical operators that are limited to `AND` (`&&`), `OR` (`||`)." }, "resourceAttributes": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1:Attribute" }, "description": "The resources that this policy applies to. A resource is a match if it matches all the attributes listed here. If empty, this policy applies to all User data mappings for the given user." } }, "type": "object", "required": [ "authorizationRule" ] }, "google-native:healthcare/v1:GoogleCloudHealthcareV1ConsentPolicyResponse": { "description": "Represents a user's consent in terms of the resources that can be accessed and under what conditions.", "properties": { "authorizationRule": { "$ref": "#/types/google-native:healthcare%2Fv1:ExprResponse", "description": "The request conditions to meet to grant access. In addition to any supported comparison operators, authorization rules may have `IN` operator as well as at most 10 logical operators that are limited to `AND` (`&&`), `OR` (`||`)." }, "resourceAttributes": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1:AttributeResponse" }, "description": "The resources that this policy applies to. A resource is a match if it matches all the attributes listed here. If empty, this policy applies to all User data mappings for the given user." } }, "type": "object", "required": [ "authorizationRule", "resourceAttributes" ] }, "google-native:healthcare/v1:GoogleCloudHealthcareV1DicomBigQueryDestination": { "description": "The BigQuery table where the server writes the output.", "properties": { "force": { "type": "boolean", "description": "Use `write_disposition` instead. If `write_disposition` is specified, this parameter is ignored. force=false is equivalent to write_disposition=WRITE_EMPTY and force=true is equivalent to write_disposition=WRITE_TRUNCATE." }, "tableUri": { "type": "string", "description": "BigQuery URI to a table, up to 2000 characters long, in the format `bq://projectId.bqDatasetId.tableId`" }, "writeDisposition": { "$ref": "#/types/google-native:healthcare%2Fv1:GoogleCloudHealthcareV1DicomBigQueryDestinationWriteDisposition", "description": "Determines whether the existing table in the destination is to be overwritten or appended to. If a write_disposition is specified, the `force` parameter is ignored." } }, "type": "object" }, "google-native:healthcare/v1:GoogleCloudHealthcareV1DicomBigQueryDestinationResponse": { "description": "The BigQuery table where the server writes the output.", "properties": { "force": { "type": "boolean", "description": "Use `write_disposition` instead. If `write_disposition` is specified, this parameter is ignored. force=false is equivalent to write_disposition=WRITE_EMPTY and force=true is equivalent to write_disposition=WRITE_TRUNCATE." }, "tableUri": { "type": "string", "description": "BigQuery URI to a table, up to 2000 characters long, in the format `bq://projectId.bqDatasetId.tableId`" }, "writeDisposition": { "type": "string", "description": "Determines whether the existing table in the destination is to be overwritten or appended to. If a write_disposition is specified, the `force` parameter is ignored." } }, "type": "object", "required": [ "force", "tableUri", "writeDisposition" ] }, "google-native:healthcare/v1:GoogleCloudHealthcareV1DicomBigQueryDestinationWriteDisposition": { "description": "Determines whether the existing table in the destination is to be overwritten or appended to. If a write_disposition is specified, the `force` parameter is ignored.", "type": "string", "enum": [ { "name": "WriteDispositionUnspecified", "description": "Default behavior is the same as WRITE_EMPTY.", "value": "WRITE_DISPOSITION_UNSPECIFIED" }, { "name": "WriteEmpty", "description": "Only export data if the destination table is empty.", "value": "WRITE_EMPTY" }, { "name": "WriteTruncate", "description": "Erase all existing data in the destination table before writing the instances.", "value": "WRITE_TRUNCATE" }, { "name": "WriteAppend", "description": "Append data to the destination table.", "value": "WRITE_APPEND" } ] }, "google-native:healthcare/v1:GoogleCloudHealthcareV1DicomStreamConfig": { "description": "StreamConfig specifies configuration for a streaming DICOM export.", "properties": { "bigqueryDestination": { "$ref": "#/types/google-native:healthcare%2Fv1:GoogleCloudHealthcareV1DicomBigQueryDestination", "description": "Results are appended to this table. The server creates a new table in the given BigQuery dataset if the specified table does not exist. To enable the Cloud Healthcare API to write to your BigQuery table, you must give the Cloud Healthcare API service account the bigquery.dataEditor role. The service account is: `service-{PROJECT_NUMBER}@gcp-sa-healthcare.iam.gserviceaccount.com`. The PROJECT_NUMBER identifies the project that the DICOM store resides in. To get the project number, go to the Cloud Console Dashboard. It is recommended to not have a custom schema in the destination table which could conflict with the schema created by the Cloud Healthcare API. Instance deletions are not applied to the destination table. The destination's table schema will be automatically updated in case a new instance's data is incompatible with the current schema. The schema should not be updated manually as this can cause incompatibilies that cannot be resolved automatically. One resolution in this case is to delete the incompatible table and let the server recreate one, though the newly created table only contains data after the table recreation. BigQuery imposes a 1 MB limit on streaming insert row size, therefore any instance that generates more than 1 MB of BigQuery data will not be streamed. If an instance cannot be streamed to BigQuery, errors will be logged to Cloud Logging (see [Viewing error logs in Cloud Logging](https://cloud.google.com/healthcare/docs/how-tos/logging))." } }, "type": "object" }, "google-native:healthcare/v1:GoogleCloudHealthcareV1DicomStreamConfigResponse": { "description": "StreamConfig specifies configuration for a streaming DICOM export.", "properties": { "bigqueryDestination": { "$ref": "#/types/google-native:healthcare%2Fv1:GoogleCloudHealthcareV1DicomBigQueryDestinationResponse", "description": "Results are appended to this table. The server creates a new table in the given BigQuery dataset if the specified table does not exist. To enable the Cloud Healthcare API to write to your BigQuery table, you must give the Cloud Healthcare API service account the bigquery.dataEditor role. The service account is: `service-{PROJECT_NUMBER}@gcp-sa-healthcare.iam.gserviceaccount.com`. The PROJECT_NUMBER identifies the project that the DICOM store resides in. To get the project number, go to the Cloud Console Dashboard. It is recommended to not have a custom schema in the destination table which could conflict with the schema created by the Cloud Healthcare API. Instance deletions are not applied to the destination table. The destination's table schema will be automatically updated in case a new instance's data is incompatible with the current schema. The schema should not be updated manually as this can cause incompatibilies that cannot be resolved automatically. One resolution in this case is to delete the incompatible table and let the server recreate one, though the newly created table only contains data after the table recreation. BigQuery imposes a 1 MB limit on streaming insert row size, therefore any instance that generates more than 1 MB of BigQuery data will not be streamed. If an instance cannot be streamed to BigQuery, errors will be logged to Cloud Logging (see [Viewing error logs in Cloud Logging](https://cloud.google.com/healthcare/docs/how-tos/logging))." } }, "type": "object", "required": [ "bigqueryDestination" ] }, "google-native:healthcare/v1:GoogleCloudHealthcareV1FhirBigQueryDestination": { "description": "The configuration for exporting to BigQuery.", "properties": { "datasetUri": { "type": "string", "description": "BigQuery URI to an existing dataset, up to 2000 characters long, in the format `bq://projectId.bqDatasetId`." }, "force": { "type": "boolean", "description": "If this flag is `TRUE`, all tables are deleted from the dataset before the new exported tables are written. If the flag is not set and the destination dataset contains tables, the export call returns an error. If `write_disposition` is specified, this parameter is ignored. force=false is equivalent to write_disposition=WRITE_EMPTY and force=true is equivalent to write_disposition=WRITE_TRUNCATE." }, "schemaConfig": { "$ref": "#/types/google-native:healthcare%2Fv1:SchemaConfig", "description": "The configuration for the exported BigQuery schema." }, "writeDisposition": { "$ref": "#/types/google-native:healthcare%2Fv1:GoogleCloudHealthcareV1FhirBigQueryDestinationWriteDisposition", "description": "Determines if existing data in the destination dataset is overwritten, appended to, or not written if the tables contain data. If a write_disposition is specified, the `force` parameter is ignored." } }, "type": "object" }, "google-native:healthcare/v1:GoogleCloudHealthcareV1FhirBigQueryDestinationResponse": { "description": "The configuration for exporting to BigQuery.", "properties": { "datasetUri": { "type": "string", "description": "BigQuery URI to an existing dataset, up to 2000 characters long, in the format `bq://projectId.bqDatasetId`." }, "force": { "type": "boolean", "description": "If this flag is `TRUE`, all tables are deleted from the dataset before the new exported tables are written. If the flag is not set and the destination dataset contains tables, the export call returns an error. If `write_disposition` is specified, this parameter is ignored. force=false is equivalent to write_disposition=WRITE_EMPTY and force=true is equivalent to write_disposition=WRITE_TRUNCATE." }, "schemaConfig": { "$ref": "#/types/google-native:healthcare%2Fv1:SchemaConfigResponse", "description": "The configuration for the exported BigQuery schema." }, "writeDisposition": { "type": "string", "description": "Determines if existing data in the destination dataset is overwritten, appended to, or not written if the tables contain data. If a write_disposition is specified, the `force` parameter is ignored." } }, "type": "object", "required": [ "datasetUri", "force", "schemaConfig", "writeDisposition" ] }, "google-native:healthcare/v1:GoogleCloudHealthcareV1FhirBigQueryDestinationWriteDisposition": { "description": "Determines if existing data in the destination dataset is overwritten, appended to, or not written if the tables contain data. If a write_disposition is specified, the `force` parameter is ignored.", "type": "string", "enum": [ { "name": "WriteDispositionUnspecified", "description": "Default behavior is the same as WRITE_EMPTY.", "value": "WRITE_DISPOSITION_UNSPECIFIED" }, { "name": "WriteEmpty", "description": "Only export data if the destination tables are empty.", "value": "WRITE_EMPTY" }, { "name": "WriteTruncate", "description": "Erase all existing data in the destination tables before writing the FHIR resources.", "value": "WRITE_TRUNCATE" }, { "name": "WriteAppend", "description": "Append data to the destination tables.", "value": "WRITE_APPEND" } ] }, "google-native:healthcare/v1:Hl7SchemaConfig": { "description": "Root config message for HL7v2 schema. This contains a schema structure of groups and segments, and filters that determine which messages to apply the schema structure to.", "properties": { "messageSchemaConfigs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map from each HL7v2 message type and trigger event pair, such as ADT_A04, to its schema configuration root group." }, "version": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1:VersionSource" }, "description": "Each VersionSource is tested and only if they all match is the schema used for the message." } }, "type": "object" }, "google-native:healthcare/v1:Hl7SchemaConfigResponse": { "description": "Root config message for HL7v2 schema. This contains a schema structure of groups and segments, and filters that determine which messages to apply the schema structure to.", "properties": { "messageSchemaConfigs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map from each HL7v2 message type and trigger event pair, such as ADT_A04, to its schema configuration root group." }, "version": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1:VersionSourceResponse" }, "description": "Each VersionSource is tested and only if they all match is the schema used for the message." } }, "type": "object", "required": [ "messageSchemaConfigs", "version" ] }, "google-native:healthcare/v1:Hl7TypesConfig": { "description": "Root config for HL7v2 datatype definitions for a specific HL7v2 version.", "properties": { "type": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1:Type" }, "description": "The HL7v2 type definitions." }, "version": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1:VersionSource" }, "description": "The version selectors that this config applies to. A message must match ALL version sources to apply." } }, "type": "object" }, "google-native:healthcare/v1:Hl7TypesConfigResponse": { "description": "Root config for HL7v2 datatype definitions for a specific HL7v2 version.", "properties": { "type": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1:TypeResponse" }, "description": "The HL7v2 type definitions." }, "version": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1:VersionSourceResponse" }, "description": "The version selectors that this config applies to. A message must match ALL version sources to apply." } }, "type": "object", "required": [ "type", "version" ] }, "google-native:healthcare/v1:Hl7V2NotificationConfig": { "description": "Specifies where and whether to send notifications upon changes to a data store.", "properties": { "filter": { "type": "string", "description": "Restricts notifications sent for messages matching a filter. If this is empty, all messages are matched. The following syntax is available: * A string field value can be written as text inside quotation marks, for example `\"query text\"`. The only valid relational operation for text fields is equality (`=`), where text is searched within the field, rather than having the field be equal to the text. For example, `\"Comment = great\"` returns messages with `great` in the comment field. * A number field value can be written as an integer, a decimal, or an exponential. The valid relational operators for number fields are the equality operator (`=`), along with the less than/greater than operators (`<`, `<=`, `>`, `>=`). Note that there is no inequality (`!=`) operator. You can prepend the `NOT` operator to an expression to negate it. * A date field value must be written in `yyyy-mm-dd` form. Fields with date and time use the RFC3339 time format. Leading zeros are required for one-digit months and days. The valid relational operators for date fields are the equality operator (`=`) , along with the less than/greater than operators (`<`, `<=`, `>`, `>=`). Note that there is no inequality (`!=`) operator. You can prepend the `NOT` operator to an expression to negate it. * Multiple field query expressions can be combined in one query by adding `AND` or `OR` operators between the expressions. If a boolean operator appears within a quoted string, it is not treated as special, it's just another part of the character string to be matched. You can prepend the `NOT` operator to an expression to negate it. The following fields and functions are available for filtering: * `message_type`, from the MSH-9.1 field. For example, `NOT message_type = \"ADT\"`. * `send_date` or `sendDate`, the YYYY-MM-DD date the message was sent in the dataset's time_zone, from the MSH-7 segment. For example, `send_date < \"2017-01-02\"`. * `send_time`, the timestamp when the message was sent, using the RFC3339 time format for comparisons, from the MSH-7 segment. For example, `send_time < \"2017-01-02T00:00:00-05:00\"`. * `create_time`, the timestamp when the message was created in the HL7v2 store. Use the RFC3339 time format for comparisons. For example, `create_time < \"2017-01-02T00:00:00-05:00\"`. * `send_facility`, the care center that the message came from, from the MSH-4 segment. For example, `send_facility = \"ABC\"`. * `PatientId(value, type)`, which matches if the message lists a patient having an ID of the given value and type in the PID-2, PID-3, or PID-4 segments. For example, `PatientId(\"123456\", \"MRN\")`. * `labels.x`, a string value of the label with key `x` as set using the Message.labels map. For example, `labels.\"priority\"=\"high\"`. The operator `:*` can be used to assert the existence of a label. For example, `labels.\"priority\":*`." }, "pubsubTopic": { "type": "string", "description": "The [Pub/Sub](https://cloud.google.com/pubsub/docs/) topic that notifications of changes are published on. Supplied by the client. The notification is a `PubsubMessage` with the following fields: * `PubsubMessage.Data` contains the resource name. * `PubsubMessage.MessageId` is the ID of this notification. It's guaranteed to be unique within the topic. * `PubsubMessage.PublishTime` is the time when the message was published. Note that notifications are only sent if the topic is non-empty. [Topic names](https://cloud.google.com/pubsub/docs/overview#names) must be scoped to a project. The Cloud Healthcare API service account, service-PROJECT_NUMBER@gcp-sa-healthcare.iam.gserviceaccount.com, must have publisher permissions on the given Pub/Sub topic. Not having adequate permissions causes the calls that send notifications to fail. If a notification cannot be published to Pub/Sub, errors are logged to Cloud Logging. For more information, see [Viewing error logs in Cloud Logging](https://cloud.google.com/healthcare/docs/how-tos/logging))." } }, "type": "object" }, "google-native:healthcare/v1:Hl7V2NotificationConfigResponse": { "description": "Specifies where and whether to send notifications upon changes to a data store.", "properties": { "filter": { "type": "string", "description": "Restricts notifications sent for messages matching a filter. If this is empty, all messages are matched. The following syntax is available: * A string field value can be written as text inside quotation marks, for example `\"query text\"`. The only valid relational operation for text fields is equality (`=`), where text is searched within the field, rather than having the field be equal to the text. For example, `\"Comment = great\"` returns messages with `great` in the comment field. * A number field value can be written as an integer, a decimal, or an exponential. The valid relational operators for number fields are the equality operator (`=`), along with the less than/greater than operators (`<`, `<=`, `>`, `>=`). Note that there is no inequality (`!=`) operator. You can prepend the `NOT` operator to an expression to negate it. * A date field value must be written in `yyyy-mm-dd` form. Fields with date and time use the RFC3339 time format. Leading zeros are required for one-digit months and days. The valid relational operators for date fields are the equality operator (`=`) , along with the less than/greater than operators (`<`, `<=`, `>`, `>=`). Note that there is no inequality (`!=`) operator. You can prepend the `NOT` operator to an expression to negate it. * Multiple field query expressions can be combined in one query by adding `AND` or `OR` operators between the expressions. If a boolean operator appears within a quoted string, it is not treated as special, it's just another part of the character string to be matched. You can prepend the `NOT` operator to an expression to negate it. The following fields and functions are available for filtering: * `message_type`, from the MSH-9.1 field. For example, `NOT message_type = \"ADT\"`. * `send_date` or `sendDate`, the YYYY-MM-DD date the message was sent in the dataset's time_zone, from the MSH-7 segment. For example, `send_date < \"2017-01-02\"`. * `send_time`, the timestamp when the message was sent, using the RFC3339 time format for comparisons, from the MSH-7 segment. For example, `send_time < \"2017-01-02T00:00:00-05:00\"`. * `create_time`, the timestamp when the message was created in the HL7v2 store. Use the RFC3339 time format for comparisons. For example, `create_time < \"2017-01-02T00:00:00-05:00\"`. * `send_facility`, the care center that the message came from, from the MSH-4 segment. For example, `send_facility = \"ABC\"`. * `PatientId(value, type)`, which matches if the message lists a patient having an ID of the given value and type in the PID-2, PID-3, or PID-4 segments. For example, `PatientId(\"123456\", \"MRN\")`. * `labels.x`, a string value of the label with key `x` as set using the Message.labels map. For example, `labels.\"priority\"=\"high\"`. The operator `:*` can be used to assert the existence of a label. For example, `labels.\"priority\":*`." }, "pubsubTopic": { "type": "string", "description": "The [Pub/Sub](https://cloud.google.com/pubsub/docs/) topic that notifications of changes are published on. Supplied by the client. The notification is a `PubsubMessage` with the following fields: * `PubsubMessage.Data` contains the resource name. * `PubsubMessage.MessageId` is the ID of this notification. It's guaranteed to be unique within the topic. * `PubsubMessage.PublishTime` is the time when the message was published. Note that notifications are only sent if the topic is non-empty. [Topic names](https://cloud.google.com/pubsub/docs/overview#names) must be scoped to a project. The Cloud Healthcare API service account, service-PROJECT_NUMBER@gcp-sa-healthcare.iam.gserviceaccount.com, must have publisher permissions on the given Pub/Sub topic. Not having adequate permissions causes the calls that send notifications to fail. If a notification cannot be published to Pub/Sub, errors are logged to Cloud Logging. For more information, see [Viewing error logs in Cloud Logging](https://cloud.google.com/healthcare/docs/how-tos/logging))." } }, "type": "object", "required": [ "filter", "pubsubTopic" ] }, "google-native:healthcare/v1:Image": { "description": "Raw bytes representing consent artifact content.", "properties": { "gcsUri": { "type": "string", "description": "Input only. Points to a Cloud Storage URI containing the consent artifact content. The URI must be in the following format: `gs://{bucket_id}/{object_id}`. The Cloud Healthcare API service account must have the `roles/storage.objectViewer` Cloud IAM role for this Cloud Storage location. The consent artifact content at this URI is copied to a Cloud Storage location managed by the Cloud Healthcare API. Responses to fetching requests return the consent artifact content in raw_bytes." }, "rawBytes": { "type": "string", "description": "Consent artifact content represented as a stream of bytes. This field is populated when returned in GetConsentArtifact response, but not included in CreateConsentArtifact and ListConsentArtifact response." } }, "type": "object" }, "google-native:healthcare/v1:ImageConfig": { "description": "Specifies how to handle de-identification of image pixels.", "properties": { "textRedactionMode": { "$ref": "#/types/google-native:healthcare%2Fv1:ImageConfigTextRedactionMode", "description": "Determines how to redact text from image." } }, "type": "object" }, "google-native:healthcare/v1:ImageConfigResponse": { "description": "Specifies how to handle de-identification of image pixels.", "properties": { "textRedactionMode": { "type": "string", "description": "Determines how to redact text from image." } }, "type": "object", "required": [ "textRedactionMode" ] }, "google-native:healthcare/v1:ImageConfigTextRedactionMode": { "description": "Determines how to redact text from image.", "type": "string", "enum": [ { "name": "TextRedactionModeUnspecified", "description": "No text redaction specified. Same as REDACT_NO_TEXT.", "value": "TEXT_REDACTION_MODE_UNSPECIFIED" }, { "name": "RedactAllText", "description": "Redact all text.", "value": "REDACT_ALL_TEXT" }, { "name": "RedactSensitiveText", "description": "Redact sensitive text. Uses the set of [Default DICOM InfoTypes](https://cloud.google.com/healthcare-api/docs/how-tos/dicom-deidentify#default_dicom_infotypes).", "value": "REDACT_SENSITIVE_TEXT" }, { "name": "RedactNoText", "description": "Do not redact text.", "value": "REDACT_NO_TEXT" } ] }, "google-native:healthcare/v1:ImageResponse": { "description": "Raw bytes representing consent artifact content.", "properties": { "gcsUri": { "type": "string", "description": "Input only. Points to a Cloud Storage URI containing the consent artifact content. The URI must be in the following format: `gs://{bucket_id}/{object_id}`. The Cloud Healthcare API service account must have the `roles/storage.objectViewer` Cloud IAM role for this Cloud Storage location. The consent artifact content at this URI is copied to a Cloud Storage location managed by the Cloud Healthcare API. Responses to fetching requests return the consent artifact content in raw_bytes." }, "rawBytes": { "type": "string", "description": "Consent artifact content represented as a stream of bytes. This field is populated when returned in GetConsentArtifact response, but not included in CreateConsentArtifact and ListConsentArtifact response." } }, "type": "object", "required": [ "gcsUri", "rawBytes" ] }, "google-native:healthcare/v1:InfoTypeTransformation": { "description": "A transformation to apply to text that is identified as a specific info_type.", "properties": { "characterMaskConfig": { "$ref": "#/types/google-native:healthcare%2Fv1:CharacterMaskConfig", "description": "Config for character mask." }, "cryptoHashConfig": { "$ref": "#/types/google-native:healthcare%2Fv1:CryptoHashConfig", "description": "Config for crypto hash." }, "dateShiftConfig": { "$ref": "#/types/google-native:healthcare%2Fv1:DateShiftConfig", "description": "Config for date shift." }, "infoTypes": { "type": "array", "items": { "type": "string" }, "description": "InfoTypes to apply this transformation to. If this is not specified, the transformation applies to any info_type." }, "redactConfig": { "$ref": "#/types/google-native:healthcare%2Fv1:RedactConfig", "description": "Config for text redaction." }, "replaceWithInfoTypeConfig": { "$ref": "#/types/google-native:healthcare%2Fv1:ReplaceWithInfoTypeConfig", "description": "Config for replace with InfoType." } }, "type": "object" }, "google-native:healthcare/v1:InfoTypeTransformationResponse": { "description": "A transformation to apply to text that is identified as a specific info_type.", "properties": { "characterMaskConfig": { "$ref": "#/types/google-native:healthcare%2Fv1:CharacterMaskConfigResponse", "description": "Config for character mask." }, "cryptoHashConfig": { "$ref": "#/types/google-native:healthcare%2Fv1:CryptoHashConfigResponse", "description": "Config for crypto hash." }, "dateShiftConfig": { "$ref": "#/types/google-native:healthcare%2Fv1:DateShiftConfigResponse", "description": "Config for date shift." }, "infoTypes": { "type": "array", "items": { "type": "string" }, "description": "InfoTypes to apply this transformation to. If this is not specified, the transformation applies to any info_type." }, "redactConfig": { "$ref": "#/types/google-native:healthcare%2Fv1:RedactConfigResponse", "description": "Config for text redaction." }, "replaceWithInfoTypeConfig": { "$ref": "#/types/google-native:healthcare%2Fv1:ReplaceWithInfoTypeConfigResponse", "description": "Config for replace with InfoType." } }, "type": "object", "required": [ "characterMaskConfig", "cryptoHashConfig", "dateShiftConfig", "infoTypes", "redactConfig", "replaceWithInfoTypeConfig" ] }, "google-native:healthcare/v1:KmsWrappedCryptoKey": { "description": "Include to use an existing data crypto key wrapped by KMS. The wrapped key must be a 128-, 192-, or 256-bit key. The key must grant the Cloud IAM permission `cloudkms.cryptoKeyVersions.useToDecrypt` to the project's Cloud Healthcare Service Agent service account. For more information, see [Creating a wrapped key] (https://cloud.google.com/dlp/docs/create-wrapped-key).", "properties": { "cryptoKey": { "type": "string", "description": "The resource name of the KMS CryptoKey to use for unwrapping. For example, `projects/{project_id}/locations/{location_id}/keyRings/{keyring}/cryptoKeys/{key}`." }, "wrappedKey": { "type": "string", "description": "The wrapped data crypto key." } }, "type": "object", "required": [ "cryptoKey", "wrappedKey" ] }, "google-native:healthcare/v1:KmsWrappedCryptoKeyResponse": { "description": "Include to use an existing data crypto key wrapped by KMS. The wrapped key must be a 128-, 192-, or 256-bit key. The key must grant the Cloud IAM permission `cloudkms.cryptoKeyVersions.useToDecrypt` to the project's Cloud Healthcare Service Agent service account. For more information, see [Creating a wrapped key] (https://cloud.google.com/dlp/docs/create-wrapped-key).", "properties": { "cryptoKey": { "type": "string", "description": "The resource name of the KMS CryptoKey to use for unwrapping. For example, `projects/{project_id}/locations/{location_id}/keyRings/{keyring}/cryptoKeys/{key}`." }, "wrappedKey": { "type": "string", "description": "The wrapped data crypto key." } }, "type": "object", "required": [ "cryptoKey", "wrappedKey" ] }, "google-native:healthcare/v1:NotificationConfig": { "description": "Specifies where to send notifications upon changes to a data store.", "properties": { "pubsubTopic": { "type": "string", "description": "The [Pub/Sub](https://cloud.google.com/pubsub/docs/) topic that notifications of changes are published on. Supplied by the client. PubsubMessage.Data contains the resource name. PubsubMessage.MessageId is the ID of this message. It is guaranteed to be unique within the topic. PubsubMessage.PublishTime is the time at which the message was published. Notifications are only sent if the topic is non-empty. [Topic names](https://cloud.google.com/pubsub/docs/overview#names) must be scoped to a project. Cloud Healthcare API service account must have publisher permissions on the given Pub/Sub topic. Not having adequate permissions causes the calls that send notifications to fail. If a notification can't be published to Pub/Sub, errors are logged to Cloud Logging (see [Viewing error logs in Cloud Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). If the number of errors exceeds a certain rate, some aren't submitted. Note that not all operations trigger notifications, see [Configuring Pub/Sub notifications](https://cloud.google.com/healthcare/docs/how-tos/pubsub) for specific details." }, "sendForBulkImport": { "type": "boolean", "description": "Indicates whether or not to send Pub/Sub notifications on bulk import. Only supported for DICOM imports." } }, "type": "object" }, "google-native:healthcare/v1:NotificationConfigResponse": { "description": "Specifies where to send notifications upon changes to a data store.", "properties": { "pubsubTopic": { "type": "string", "description": "The [Pub/Sub](https://cloud.google.com/pubsub/docs/) topic that notifications of changes are published on. Supplied by the client. PubsubMessage.Data contains the resource name. PubsubMessage.MessageId is the ID of this message. It is guaranteed to be unique within the topic. PubsubMessage.PublishTime is the time at which the message was published. Notifications are only sent if the topic is non-empty. [Topic names](https://cloud.google.com/pubsub/docs/overview#names) must be scoped to a project. Cloud Healthcare API service account must have publisher permissions on the given Pub/Sub topic. Not having adequate permissions causes the calls that send notifications to fail. If a notification can't be published to Pub/Sub, errors are logged to Cloud Logging (see [Viewing error logs in Cloud Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). If the number of errors exceeds a certain rate, some aren't submitted. Note that not all operations trigger notifications, see [Configuring Pub/Sub notifications](https://cloud.google.com/healthcare/docs/how-tos/pubsub) for specific details." }, "sendForBulkImport": { "type": "boolean", "description": "Indicates whether or not to send Pub/Sub notifications on bulk import. Only supported for DICOM imports." } }, "type": "object", "required": [ "pubsubTopic", "sendForBulkImport" ] }, "google-native:healthcare/v1:ParsedDataResponse": { "description": "The content of a HL7v2 message in a structured format.", "properties": { "segments": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1:SegmentResponse" } } }, "type": "object", "required": [ "segments" ] }, "google-native:healthcare/v1:ParserConfig": { "description": "The configuration for the parser. It determines how the server parses the messages.", "properties": { "allowNullHeader": { "type": "boolean", "description": "Determines whether messages with no header are allowed." }, "schema": { "$ref": "#/types/google-native:healthcare%2Fv1:SchemaPackage", "description": "Schemas used to parse messages in this store, if schematized parsing is desired." }, "segmentTerminator": { "type": "string", "description": "Byte(s) to use as the segment terminator. If this is unset, '\\r' is used as segment terminator, matching the HL7 version 2 specification." }, "version": { "$ref": "#/types/google-native:healthcare%2Fv1:ParserConfigVersion", "description": "Immutable. Determines the version of both the default parser to be used when `schema` is not given, as well as the schematized parser used when `schema` is specified. This field is immutable after HL7v2 store creation." } }, "type": "object" }, "google-native:healthcare/v1:ParserConfigResponse": { "description": "The configuration for the parser. It determines how the server parses the messages.", "properties": { "allowNullHeader": { "type": "boolean", "description": "Determines whether messages with no header are allowed." }, "schema": { "$ref": "#/types/google-native:healthcare%2Fv1:SchemaPackageResponse", "description": "Schemas used to parse messages in this store, if schematized parsing is desired." }, "segmentTerminator": { "type": "string", "description": "Byte(s) to use as the segment terminator. If this is unset, '\\r' is used as segment terminator, matching the HL7 version 2 specification." }, "version": { "type": "string", "description": "Immutable. Determines the version of both the default parser to be used when `schema` is not given, as well as the schematized parser used when `schema` is specified. This field is immutable after HL7v2 store creation." } }, "type": "object", "required": [ "allowNullHeader", "schema", "segmentTerminator", "version" ] }, "google-native:healthcare/v1:ParserConfigVersion": { "description": "Immutable. Determines the version of both the default parser to be used when `schema` is not given, as well as the schematized parser used when `schema` is specified. This field is immutable after HL7v2 store creation.", "type": "string", "enum": [ { "name": "ParserVersionUnspecified", "description": "Unspecified parser version, equivalent to V1.", "value": "PARSER_VERSION_UNSPECIFIED" }, { "name": "V1", "description": "The `parsed_data` includes every given non-empty message field except the Field Separator (MSH-1) field. As a result, the parsed MSH segment starts with the MSH-2 field and the field numbers are off-by-one with respect to the HL7 standard.", "value": "V1" }, { "name": "V2", "description": "The `parsed_data` includes every given non-empty message field.", "value": "V2" }, { "name": "V3", "description": "This version is the same as V2, with the following change. The `parsed_data` contains unescaped escaped field separators, component separators, sub-component separators, repetition separators, escape characters, and truncation characters. If `schema` is specified, the schematized parser uses improved parsing heuristics compared to previous versions.", "value": "V3" } ] }, "google-native:healthcare/v1:PatientId": { "description": "A patient identifier and associated type.", "properties": { "type": { "type": "string", "description": "ID type. For example, MRN or NHS." }, "value": { "type": "string", "description": "The patient's unique identifier." } }, "type": "object" }, "google-native:healthcare/v1:PatientIdResponse": { "description": "A patient identifier and associated type.", "properties": { "type": { "type": "string", "description": "ID type. For example, MRN or NHS." }, "value": { "type": "string", "description": "The patient's unique identifier." } }, "type": "object", "required": [ "type", "value" ] }, "google-native:healthcare/v1:RedactConfig": { "description": "Define how to redact sensitive values. Default behaviour is erase. For example, \"My name is Jane.\" becomes \"My name is .\"", "type": "object" }, "google-native:healthcare/v1:RedactConfigResponse": { "description": "Define how to redact sensitive values. Default behaviour is erase. For example, \"My name is Jane.\" becomes \"My name is .\"", "type": "object" }, "google-native:healthcare/v1:ReplaceWithInfoTypeConfig": { "description": "When using the INSPECT_AND_TRANSFORM action, each match is replaced with the name of the info_type. For example, \"My name is Jane\" becomes \"My name is [PERSON_NAME].\" The TRANSFORM action is equivalent to redacting.", "type": "object" }, "google-native:healthcare/v1:ReplaceWithInfoTypeConfigResponse": { "description": "When using the INSPECT_AND_TRANSFORM action, each match is replaced with the name of the info_type. For example, \"My name is Jane\" becomes \"My name is [PERSON_NAME].\" The TRANSFORM action is equivalent to redacting.", "type": "object" }, "google-native:healthcare/v1:SchemaConfig": { "description": "Configuration for the FHIR BigQuery schema. Determines how the server generates the schema.", "properties": { "lastUpdatedPartitionConfig": { "$ref": "#/types/google-native:healthcare%2Fv1:TimePartitioning", "description": "The configuration for exported BigQuery tables to be partitioned by FHIR resource's last updated time column." }, "recursiveStructureDepth": { "type": "string", "description": "The depth for all recursive structures in the output analytics schema. For example, `concept` in the CodeSystem resource is a recursive structure; when the depth is 2, the CodeSystem table will have a column called `concept.concept` but not `concept.concept.concept`. If not specified or set to 0, the server will use the default value 2. The maximum depth allowed is 5." }, "schemaType": { "$ref": "#/types/google-native:healthcare%2Fv1:SchemaConfigSchemaType", "description": "Specifies the output schema type. Schema type is required." } }, "type": "object" }, "google-native:healthcare/v1:SchemaConfigResponse": { "description": "Configuration for the FHIR BigQuery schema. Determines how the server generates the schema.", "properties": { "lastUpdatedPartitionConfig": { "$ref": "#/types/google-native:healthcare%2Fv1:TimePartitioningResponse", "description": "The configuration for exported BigQuery tables to be partitioned by FHIR resource's last updated time column." }, "recursiveStructureDepth": { "type": "string", "description": "The depth for all recursive structures in the output analytics schema. For example, `concept` in the CodeSystem resource is a recursive structure; when the depth is 2, the CodeSystem table will have a column called `concept.concept` but not `concept.concept.concept`. If not specified or set to 0, the server will use the default value 2. The maximum depth allowed is 5." }, "schemaType": { "type": "string", "description": "Specifies the output schema type. Schema type is required." } }, "type": "object", "required": [ "lastUpdatedPartitionConfig", "recursiveStructureDepth", "schemaType" ] }, "google-native:healthcare/v1:SchemaConfigSchemaType": { "description": "Specifies the output schema type. Schema type is required.", "type": "string", "enum": [ { "name": "SchemaTypeUnspecified", "description": "No schema type specified. This type is unsupported.", "value": "SCHEMA_TYPE_UNSPECIFIED" }, { "name": "Analytics", "description": "Analytics schema defined by the FHIR community. See https://github.com/FHIR/sql-on-fhir/blob/master/sql-on-fhir.md. BigQuery only allows a maximum of 10,000 columns per table. Due to this limitation, the server will not generate schemas for fields of type `Resource`, which can hold any resource type. The affected fields are `Parameters.parameter.resource`, `Bundle.entry.resource`, and `Bundle.entry.response.outcome`. Analytics schema does not gracefully handle extensions with one or more occurrences, anaytics schema also does not handle contained resource.", "value": "ANALYTICS" }, { "name": "AnalyticsV2", "description": "Analytics V2, similar to schema defined by the FHIR community, with added support for extensions with one or more occurrences and contained resources in stringified JSON. Analytics V2 uses more space in the destination table than Analytics V1. It is generally recommended to use Analytics V2 over Analytics.", "value": "ANALYTICS_V2" } ] }, "google-native:healthcare/v1:SchemaPackage": { "description": "A schema package contains a set of schemas and type definitions.", "properties": { "ignoreMinOccurs": { "type": "boolean", "description": "Flag to ignore all min_occurs restrictions in the schema. This means that incoming messages can omit any group, segment, field, component, or subcomponent." }, "schemas": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1:Hl7SchemaConfig" }, "description": "Schema configs that are layered based on their VersionSources that match the incoming message. Schema configs present in higher indices override those in lower indices with the same message type and trigger event if their VersionSources all match an incoming message." }, "schematizedParsingType": { "$ref": "#/types/google-native:healthcare%2Fv1:SchemaPackageSchematizedParsingType", "description": "Determines how messages that fail to parse are handled." }, "types": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1:Hl7TypesConfig" }, "description": "Schema type definitions that are layered based on their VersionSources that match the incoming message. Type definitions present in higher indices override those in lower indices with the same type name if their VersionSources all match an incoming message." }, "unexpectedSegmentHandling": { "$ref": "#/types/google-native:healthcare%2Fv1:SchemaPackageUnexpectedSegmentHandling", "description": "Determines how unexpected segments (segments not matched to the schema) are handled." } }, "type": "object" }, "google-native:healthcare/v1:SchemaPackageResponse": { "description": "A schema package contains a set of schemas and type definitions.", "properties": { "ignoreMinOccurs": { "type": "boolean", "description": "Flag to ignore all min_occurs restrictions in the schema. This means that incoming messages can omit any group, segment, field, component, or subcomponent." }, "schemas": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1:Hl7SchemaConfigResponse" }, "description": "Schema configs that are layered based on their VersionSources that match the incoming message. Schema configs present in higher indices override those in lower indices with the same message type and trigger event if their VersionSources all match an incoming message." }, "schematizedParsingType": { "type": "string", "description": "Determines how messages that fail to parse are handled." }, "types": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1:Hl7TypesConfigResponse" }, "description": "Schema type definitions that are layered based on their VersionSources that match the incoming message. Type definitions present in higher indices override those in lower indices with the same type name if their VersionSources all match an incoming message." }, "unexpectedSegmentHandling": { "type": "string", "description": "Determines how unexpected segments (segments not matched to the schema) are handled." } }, "type": "object", "required": [ "ignoreMinOccurs", "schemas", "schematizedParsingType", "types", "unexpectedSegmentHandling" ] }, "google-native:healthcare/v1:SchemaPackageSchematizedParsingType": { "description": "Determines how messages that fail to parse are handled.", "type": "string", "enum": [ { "name": "SchematizedParsingTypeUnspecified", "description": "Unspecified schematized parsing type, equivalent to `SOFT_FAIL`.", "value": "SCHEMATIZED_PARSING_TYPE_UNSPECIFIED" }, { "name": "SoftFail", "description": "Messages that fail to parse are still stored and ACKed but a parser error is stored in place of the schematized data.", "value": "SOFT_FAIL" }, { "name": "HardFail", "description": "Messages that fail to parse are rejected from ingestion/insertion and return an error code.", "value": "HARD_FAIL" } ] }, "google-native:healthcare/v1:SchemaPackageUnexpectedSegmentHandling": { "description": "Determines how unexpected segments (segments not matched to the schema) are handled.", "type": "string", "enum": [ { "name": "UnexpectedSegmentHandlingModeUnspecified", "description": "Unspecified handling mode, equivalent to FAIL.", "value": "UNEXPECTED_SEGMENT_HANDLING_MODE_UNSPECIFIED" }, { "name": "Fail", "description": "Unexpected segments fail to parse and return an error.", "value": "FAIL" }, { "name": "Skip", "description": "Unexpected segments do not fail, but are omitted from the output.", "value": "SKIP" }, { "name": "Parse", "description": "Unexpected segments do not fail, but are parsed in place and added to the current group. If a segment has a type definition, it is used, otherwise it is parsed as VARIES.", "value": "PARSE" } ] }, "google-native:healthcare/v1:SchematizedData": { "description": "The content of an HL7v2 message in a structured format as specified by a schema.", "properties": { "data": { "type": "string", "description": "JSON output of the parser." }, "error": { "type": "string", "description": "The error output of the parser." } }, "type": "object" }, "google-native:healthcare/v1:SchematizedDataResponse": { "description": "The content of an HL7v2 message in a structured format as specified by a schema.", "properties": { "data": { "type": "string", "description": "JSON output of the parser." }, "error": { "type": "string", "description": "The error output of the parser." } }, "type": "object", "required": [ "data", "error" ] }, "google-native:healthcare/v1:SegmentResponse": { "description": "A segment in a structured format.", "properties": { "fields": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping from the positional location to the value. The key string uses zero-based indexes separated by dots to identify Fields, components and sub-components. A bracket notation is also used to identify different instances of a repeated field. Regex for key: (\\d+)(\\[\\d+\\])?(.\\d+)?(.\\d+)? Examples of (key, value) pairs: * (0.1, \"hemoglobin\") denotes that the first component of Field 0 has the value \"hemoglobin\". * (1.1.2, \"CBC\") denotes that the second sub-component of the first component of Field 1 has the value \"CBC\". * (1[0].1, \"HbA1c\") denotes that the first component of the first Instance of Field 1, which is repeated, has the value \"HbA1c\"." }, "segmentId": { "type": "string", "description": "A string that indicates the type of segment. For example, EVN or PID." }, "setId": { "type": "string", "description": "Set ID for segments that can be in a set. This can be empty if it's missing or isn't applicable." } }, "type": "object", "required": [ "fields", "segmentId", "setId" ] }, "google-native:healthcare/v1:Signature": { "description": "User signature.", "properties": { "image": { "$ref": "#/types/google-native:healthcare%2Fv1:Image", "description": "Optional. An image of the user's signature." }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Metadata associated with the user's signature. For example, the user's name or the user's title." }, "signatureTime": { "type": "string", "description": "Optional. Timestamp of the signature." }, "userId": { "type": "string", "description": "User's UUID provided by the client." } }, "type": "object", "required": [ "userId" ] }, "google-native:healthcare/v1:SignatureResponse": { "description": "User signature.", "properties": { "image": { "$ref": "#/types/google-native:healthcare%2Fv1:ImageResponse", "description": "Optional. An image of the user's signature." }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Metadata associated with the user's signature. For example, the user's name or the user's title." }, "signatureTime": { "type": "string", "description": "Optional. Timestamp of the signature." }, "userId": { "type": "string", "description": "User's UUID provided by the client." } }, "type": "object", "required": [ "image", "metadata", "signatureTime", "userId" ] }, "google-native:healthcare/v1:StreamConfig": { "description": "Contains configuration for streaming FHIR export.", "properties": { "bigqueryDestination": { "$ref": "#/types/google-native:healthcare%2Fv1:GoogleCloudHealthcareV1FhirBigQueryDestination", "description": "The destination BigQuery structure that contains both the dataset location and corresponding schema config. The output is organized in one table per resource type. The server reuses the existing tables (if any) that are named after the resource types. For example, \"Patient\", \"Observation\". When there is no existing table for a given resource type, the server attempts to create one. When a table schema doesn't align with the schema config, either because of existing incompatible schema or out of band incompatible modification, the server does not stream in new data. BigQuery imposes a 1 MB limit on streaming insert row size, therefore any resource mutation that generates more than 1 MB of BigQuery data is not streamed. One resolution in this case is to delete the incompatible table and let the server recreate one, though the newly created table only contains data after the table recreation. Results are written to BigQuery tables according to the parameters in BigQueryDestination.WriteDisposition. Different versions of the same resource are distinguishable by the meta.versionId and meta.lastUpdated columns. The operation (CREATE/UPDATE/DELETE) that results in the new version is recorded in the meta.tag. The tables contain all historical resource versions since streaming was enabled. For query convenience, the server also creates one view per table of the same name containing only the current resource version. The streamed data in the BigQuery dataset is not guaranteed to be completely unique. The combination of the id and meta.versionId columns should ideally identify a single unique row. But in rare cases, duplicates may exist. At query time, users may use the SQL select statement to keep only one of the duplicate rows given an id and meta.versionId pair. Alternatively, the server created view mentioned above also filters out duplicates. If a resource mutation cannot be streamed to BigQuery, errors are logged to Cloud Logging. For more information, see [Viewing error logs in Cloud Logging](https://cloud.google.com/healthcare/docs/how-tos/logging))." }, "deidentifiedStoreDestination": { "$ref": "#/types/google-native:healthcare%2Fv1:DeidentifiedStoreDestination", "description": "The destination FHIR store for de-identified resources. After this field is added, all subsequent creates/updates/patches to the source store will be de-identified using the provided configuration and applied to the destination store. Importing resources to the source store will not trigger the streaming. If the source store already contains resources when this option is enabled, those resources will not be copied to the destination store unless they are subsequently updated. This may result in invalid references in the destination store. Before adding this config, you must grant the healthcare.fhirResources.update permission on the destination store to your project's **Cloud Healthcare Service Agent** [service account](https://cloud.google.com/healthcare/docs/how-tos/permissions-healthcare-api-gcp-products#the_cloud_healthcare_service_agent). The destination store must set enable_update_create to true. The destination store must have disable_referential_integrity set to true. If a resource cannot be de-identified, errors will be logged to Cloud Logging (see [Viewing error logs in Cloud Logging](https://cloud.google.com/healthcare/docs/how-tos/logging))." }, "resourceTypes": { "type": "array", "items": { "type": "string" }, "description": "Supply a FHIR resource type (such as \"Patient\" or \"Observation\"). See https://www.hl7.org/fhir/valueset-resource-types.html for a list of all FHIR resource types. The server treats an empty list as an intent to stream all the supported resource types in this FHIR store." } }, "type": "object" }, "google-native:healthcare/v1:StreamConfigResponse": { "description": "Contains configuration for streaming FHIR export.", "properties": { "bigqueryDestination": { "$ref": "#/types/google-native:healthcare%2Fv1:GoogleCloudHealthcareV1FhirBigQueryDestinationResponse", "description": "The destination BigQuery structure that contains both the dataset location and corresponding schema config. The output is organized in one table per resource type. The server reuses the existing tables (if any) that are named after the resource types. For example, \"Patient\", \"Observation\". When there is no existing table for a given resource type, the server attempts to create one. When a table schema doesn't align with the schema config, either because of existing incompatible schema or out of band incompatible modification, the server does not stream in new data. BigQuery imposes a 1 MB limit on streaming insert row size, therefore any resource mutation that generates more than 1 MB of BigQuery data is not streamed. One resolution in this case is to delete the incompatible table and let the server recreate one, though the newly created table only contains data after the table recreation. Results are written to BigQuery tables according to the parameters in BigQueryDestination.WriteDisposition. Different versions of the same resource are distinguishable by the meta.versionId and meta.lastUpdated columns. The operation (CREATE/UPDATE/DELETE) that results in the new version is recorded in the meta.tag. The tables contain all historical resource versions since streaming was enabled. For query convenience, the server also creates one view per table of the same name containing only the current resource version. The streamed data in the BigQuery dataset is not guaranteed to be completely unique. The combination of the id and meta.versionId columns should ideally identify a single unique row. But in rare cases, duplicates may exist. At query time, users may use the SQL select statement to keep only one of the duplicate rows given an id and meta.versionId pair. Alternatively, the server created view mentioned above also filters out duplicates. If a resource mutation cannot be streamed to BigQuery, errors are logged to Cloud Logging. For more information, see [Viewing error logs in Cloud Logging](https://cloud.google.com/healthcare/docs/how-tos/logging))." }, "deidentifiedStoreDestination": { "$ref": "#/types/google-native:healthcare%2Fv1:DeidentifiedStoreDestinationResponse", "description": "The destination FHIR store for de-identified resources. After this field is added, all subsequent creates/updates/patches to the source store will be de-identified using the provided configuration and applied to the destination store. Importing resources to the source store will not trigger the streaming. If the source store already contains resources when this option is enabled, those resources will not be copied to the destination store unless they are subsequently updated. This may result in invalid references in the destination store. Before adding this config, you must grant the healthcare.fhirResources.update permission on the destination store to your project's **Cloud Healthcare Service Agent** [service account](https://cloud.google.com/healthcare/docs/how-tos/permissions-healthcare-api-gcp-products#the_cloud_healthcare_service_agent). The destination store must set enable_update_create to true. The destination store must have disable_referential_integrity set to true. If a resource cannot be de-identified, errors will be logged to Cloud Logging (see [Viewing error logs in Cloud Logging](https://cloud.google.com/healthcare/docs/how-tos/logging))." }, "resourceTypes": { "type": "array", "items": { "type": "string" }, "description": "Supply a FHIR resource type (such as \"Patient\" or \"Observation\"). See https://www.hl7.org/fhir/valueset-resource-types.html for a list of all FHIR resource types. The server treats an empty list as an intent to stream all the supported resource types in this FHIR store." } }, "type": "object", "required": [ "bigqueryDestination", "deidentifiedStoreDestination", "resourceTypes" ] }, "google-native:healthcare/v1:TagFilterList": { "description": "List of tags to be filtered.", "properties": { "tags": { "type": "array", "items": { "type": "string" }, "description": "Tags to be filtered. Tags must be DICOM Data Elements, File Meta Elements, or Directory Structuring Elements, as defined at: http://dicom.nema.org/medical/dicom/current/output/html/part06.html#table_6-1,. They may be provided by \"Keyword\" or \"Tag\". For example \"PatientID\", \"00100010\"." } }, "type": "object" }, "google-native:healthcare/v1:TagFilterListResponse": { "description": "List of tags to be filtered.", "properties": { "tags": { "type": "array", "items": { "type": "string" }, "description": "Tags to be filtered. Tags must be DICOM Data Elements, File Meta Elements, or Directory Structuring Elements, as defined at: http://dicom.nema.org/medical/dicom/current/output/html/part06.html#table_6-1,. They may be provided by \"Keyword\" or \"Tag\". For example \"PatientID\", \"00100010\"." } }, "type": "object", "required": [ "tags" ] }, "google-native:healthcare/v1:TextConfig": { "properties": { "additionalTransformations": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1:InfoTypeTransformation" }, "description": "Transformations to apply to the detected data, overridden by `exclude_info_types`." }, "excludeInfoTypes": { "type": "array", "items": { "type": "string" }, "description": "InfoTypes to skip transforming, overriding `additional_transformations`." }, "transformations": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1:InfoTypeTransformation" }, "description": "The transformations to apply to the detected data. Deprecated. Use `additional_transformations` instead.", "deprecationMessage": "The transformations to apply to the detected data. Deprecated. Use `additional_transformations` instead." } }, "type": "object" }, "google-native:healthcare/v1:TextConfigResponse": { "properties": { "additionalTransformations": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1:InfoTypeTransformationResponse" }, "description": "Transformations to apply to the detected data, overridden by `exclude_info_types`." }, "excludeInfoTypes": { "type": "array", "items": { "type": "string" }, "description": "InfoTypes to skip transforming, overriding `additional_transformations`." }, "transformations": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1:InfoTypeTransformationResponse" }, "description": "The transformations to apply to the detected data. Deprecated. Use `additional_transformations` instead.", "deprecationMessage": "The transformations to apply to the detected data. Deprecated. Use `additional_transformations` instead." } }, "type": "object", "required": [ "additionalTransformations", "excludeInfoTypes", "transformations" ] }, "google-native:healthcare/v1:TimePartitioning": { "description": "Configuration for FHIR BigQuery time-partitioned tables.", "properties": { "expirationMs": { "type": "string", "description": "Number of milliseconds for which to keep the storage for a partition." }, "type": { "$ref": "#/types/google-native:healthcare%2Fv1:TimePartitioningType", "description": "Type of partitioning." } }, "type": "object" }, "google-native:healthcare/v1:TimePartitioningResponse": { "description": "Configuration for FHIR BigQuery time-partitioned tables.", "properties": { "expirationMs": { "type": "string", "description": "Number of milliseconds for which to keep the storage for a partition." }, "type": { "type": "string", "description": "Type of partitioning." } }, "type": "object", "required": [ "expirationMs", "type" ] }, "google-native:healthcare/v1:TimePartitioningType": { "description": "Type of partitioning.", "type": "string", "enum": [ { "name": "PartitionTypeUnspecified", "description": "Default unknown time.", "value": "PARTITION_TYPE_UNSPECIFIED" }, { "name": "Hour", "description": "Data partitioned by hour.", "value": "HOUR" }, { "name": "Day", "description": "Data partitioned by day.", "value": "DAY" }, { "name": "Month", "description": "Data partitioned by month.", "value": "MONTH" }, { "name": "Year", "description": "Data partitioned by year.", "value": "YEAR" } ] }, "google-native:healthcare/v1:Type": { "description": "A type definition for some HL7v2 type (incl. Segments and Datatypes).", "properties": { "fields": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1:Field" }, "description": "The (sub) fields this type has (if not primitive)." }, "name": { "type": "string", "description": "The name of this type. This would be the segment or datatype name. For example, \"PID\" or \"XPN\"." }, "primitive": { "$ref": "#/types/google-native:healthcare%2Fv1:TypePrimitive", "description": "If this is a primitive type then this field is the type of the primitive For example, STRING. Leave unspecified for composite types." } }, "type": "object" }, "google-native:healthcare/v1:TypePrimitive": { "description": "If this is a primitive type then this field is the type of the primitive For example, STRING. Leave unspecified for composite types.", "type": "string", "enum": [ { "name": "PrimitiveUnspecified", "description": "Not a primitive.", "value": "PRIMITIVE_UNSPECIFIED" }, { "name": "String", "description": "String primitive.", "value": "STRING" }, { "name": "Varies", "description": "Element that can have unschematized children.", "value": "VARIES" }, { "name": "UnescapedString", "description": "Like STRING, but all delimiters below this element are ignored.", "value": "UNESCAPED_STRING" } ] }, "google-native:healthcare/v1:TypeResponse": { "description": "A type definition for some HL7v2 type (incl. Segments and Datatypes).", "properties": { "fields": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1:FieldResponse" }, "description": "The (sub) fields this type has (if not primitive)." }, "name": { "type": "string", "description": "The name of this type. This would be the segment or datatype name. For example, \"PID\" or \"XPN\"." }, "primitive": { "type": "string", "description": "If this is a primitive type then this field is the type of the primitive For example, STRING. Leave unspecified for composite types." } }, "type": "object", "required": [ "fields", "name", "primitive" ] }, "google-native:healthcare/v1:ValidationConfig": { "description": "Contains the configuration for FHIR profiles and validation.", "properties": { "disableFhirpathValidation": { "type": "boolean", "description": "Whether to disable FHIRPath validation for incoming resources. Set this to true to disable checking incoming resources for conformance against FHIRPath requirement defined in the FHIR specification. This property only affects resource types that do not have profiles configured for them, any rules in enabled implementation guides will still be enforced." }, "disableProfileValidation": { "type": "boolean", "description": "Whether to disable profile validation for this FHIR store. Set this to true to disable checking incoming resources for conformance against structure definitions in this FHIR store." }, "disableReferenceTypeValidation": { "type": "boolean", "description": "Whether to disable reference type validation for incoming resources. Set this to true to disable checking incoming resources for conformance against reference type requirement defined in the FHIR specification. This property only affects resource types that do not have profiles configured for them, any rules in enabled implementation guides will still be enforced." }, "disableRequiredFieldValidation": { "type": "boolean", "description": "Whether to disable required fields validation for incoming resources. Set this to true to disable checking incoming resources for conformance against required fields requirement defined in the FHIR specification. This property only affects resource types that do not have profiles configured for them, any rules in enabled implementation guides will still be enforced." }, "enabledImplementationGuides": { "type": "array", "items": { "type": "string" }, "description": "A list of implementation guide URLs in this FHIR store that are used to configure the profiles to use for validation. For example, to use the US Core profiles for validation, set `enabled_implementation_guides` to `[\"http://hl7.org/fhir/us/core/ImplementationGuide/ig\"]`. If `enabled_implementation_guides` is empty or omitted, then incoming resources are only required to conform to the base FHIR profiles. Otherwise, a resource must conform to at least one profile listed in the `global` property of one of the enabled ImplementationGuides. The Cloud Healthcare API does not currently enforce all of the rules in a StructureDefinition. The following rules are supported: - min/max - minValue/maxValue - maxLength - type - fixed[x] - pattern[x] on simple types - slicing, when using \"value\" as the discriminator type When a URL cannot be resolved (for example, in a type assertion), the server does not return an error." } }, "type": "object" }, "google-native:healthcare/v1:ValidationConfigResponse": { "description": "Contains the configuration for FHIR profiles and validation.", "properties": { "disableFhirpathValidation": { "type": "boolean", "description": "Whether to disable FHIRPath validation for incoming resources. Set this to true to disable checking incoming resources for conformance against FHIRPath requirement defined in the FHIR specification. This property only affects resource types that do not have profiles configured for them, any rules in enabled implementation guides will still be enforced." }, "disableProfileValidation": { "type": "boolean", "description": "Whether to disable profile validation for this FHIR store. Set this to true to disable checking incoming resources for conformance against structure definitions in this FHIR store." }, "disableReferenceTypeValidation": { "type": "boolean", "description": "Whether to disable reference type validation for incoming resources. Set this to true to disable checking incoming resources for conformance against reference type requirement defined in the FHIR specification. This property only affects resource types that do not have profiles configured for them, any rules in enabled implementation guides will still be enforced." }, "disableRequiredFieldValidation": { "type": "boolean", "description": "Whether to disable required fields validation for incoming resources. Set this to true to disable checking incoming resources for conformance against required fields requirement defined in the FHIR specification. This property only affects resource types that do not have profiles configured for them, any rules in enabled implementation guides will still be enforced." }, "enabledImplementationGuides": { "type": "array", "items": { "type": "string" }, "description": "A list of implementation guide URLs in this FHIR store that are used to configure the profiles to use for validation. For example, to use the US Core profiles for validation, set `enabled_implementation_guides` to `[\"http://hl7.org/fhir/us/core/ImplementationGuide/ig\"]`. If `enabled_implementation_guides` is empty or omitted, then incoming resources are only required to conform to the base FHIR profiles. Otherwise, a resource must conform to at least one profile listed in the `global` property of one of the enabled ImplementationGuides. The Cloud Healthcare API does not currently enforce all of the rules in a StructureDefinition. The following rules are supported: - min/max - minValue/maxValue - maxLength - type - fixed[x] - pattern[x] on simple types - slicing, when using \"value\" as the discriminator type When a URL cannot be resolved (for example, in a type assertion), the server does not return an error." } }, "type": "object", "required": [ "disableFhirpathValidation", "disableProfileValidation", "disableReferenceTypeValidation", "disableRequiredFieldValidation", "enabledImplementationGuides" ] }, "google-native:healthcare/v1:VersionSource": { "description": "Describes a selector for extracting and matching an MSH field to a value.", "properties": { "mshField": { "type": "string", "description": "The field to extract from the MSH segment. For example, \"3.1\" or \"18[1].1\"." }, "value": { "type": "string", "description": "The value to match with the field. For example, \"My Application Name\" or \"2.3\"." } }, "type": "object" }, "google-native:healthcare/v1:VersionSourceResponse": { "description": "Describes a selector for extracting and matching an MSH field to a value.", "properties": { "mshField": { "type": "string", "description": "The field to extract from the MSH segment. For example, \"3.1\" or \"18[1].1\"." }, "value": { "type": "string", "description": "The value to match with the field. For example, \"My Application Name\" or \"2.3\"." } }, "type": "object", "required": [ "mshField", "value" ] }, "google-native:healthcare/v1beta1:AccessDeterminationLogConfig": { "description": "Configures consent audit log config for FHIR create, read, update, and delete (CRUD) operations. Cloud audit log for healthcare API must be [enabled](https://cloud.google.com/logging/docs/audit/configure-data-access#config-console-enable). The consent-related logs are included as part of `protoPayload.metadata`.", "properties": { "logLevel": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:AccessDeterminationLogConfigLogLevel", "description": "Optional. Controls the amount of detail to include as part of the audit logs." } }, "type": "object" }, "google-native:healthcare/v1beta1:AccessDeterminationLogConfigLogLevel": { "description": "Optional. Controls the amount of detail to include as part of the audit logs.", "type": "string", "enum": [ { "name": "LogLevelUnspecified", "description": "No log level specified. This value is unused.", "value": "LOG_LEVEL_UNSPECIFIED" }, { "name": "Disabled", "description": "No additional consent-related logging is added to audit logs.", "value": "DISABLED" }, { "name": "Minimum", "description": "The following information is included: - One of the following [`consentMode`](https://cloud.google.com/healthcare-api/private/docs/how-tos/fhir-consent#audit_logs) fields: (`off`|`emptyScope`|`enforced`|`btg`|`bypass`). - The accessor's request headers - The `log_level` of the [AccessDeterminationLogConfig](google.cloud.healthcare.v1beta1.fhir.FhirStore.ConsentConfig.AccessDeterminationLogConfig) - The final consent evaluation (`PERMIT`, `DENY`, or `NO_CONSENT`) - A human-readable summary of the evaluation", "value": "MINIMUM" }, { "name": "Verbose", "description": "Includes `MINIMUM` and, for each resource owner, returns: - The resource owner's name - Most specific part of the `X-Consent-Scope` resulting in consensual determination - Timestamp of the applied enforcement leading to the decision - Enforcement version at the time the applicable consents were applied - The Consent resource name - The timestamp of the Consent resource used for enforcement - Policy type (PATIENT or ADMIN) Note that this mode adds some overhead to CRUD operations.", "value": "VERBOSE" } ] }, "google-native:healthcare/v1beta1:AccessDeterminationLogConfigResponse": { "description": "Configures consent audit log config for FHIR create, read, update, and delete (CRUD) operations. Cloud audit log for healthcare API must be [enabled](https://cloud.google.com/logging/docs/audit/configure-data-access#config-console-enable). The consent-related logs are included as part of `protoPayload.metadata`.", "properties": { "logLevel": { "type": "string", "description": "Optional. Controls the amount of detail to include as part of the audit logs." } }, "type": "object", "required": [ "logLevel" ] }, "google-native:healthcare/v1beta1:Action": { "description": "Specifies a selection of tags and an `Action` to apply to each one.", "properties": { "cleanImageTag": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:ImageConfig", "description": "Inspect image and transform sensitive burnt-in text. Doesn't apply to elements nested in a sequence, which revert to `Keep`. Supported [tags](http://dicom.nema.org/medical/dicom/2018e/output/chtml/part06/chapter_6.html): PixelData" }, "cleanTextTag": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:CleanTextTag", "description": "Inspect text and transform sensitive text. Configurable via TextConfig. Supported Value Representations: AE, LO, LT, PN, SH, ST, UC, UT, DA, DT, AS" }, "deleteTag": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:DeleteTag", "description": "Delete tag." }, "keepTag": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:KeepTag", "description": "Keep tag unchanged." }, "queries": { "type": "array", "items": { "type": "string" }, "description": "Select all tags with the listed tag IDs, names, or Value Representations (VRs). Examples: ID: \"00100010\" Keyword: \"PatientName\" VR: \"PN\"" }, "recurseTag": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:RecurseTag", "description": "Recursively apply DICOM de-id to tags nested in a sequence. Supported [Value Representation] (http://dicom.nema.org/medical/dicom/2018e/output/chtml/part05/sect_6.2.html#table_6.2-1): SQ" }, "regenUidTag": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:RegenUidTag", "description": "Replace UID with a new generated UID. Supported [Value Representation] (http://dicom.nema.org/medical/dicom/2018e/output/chtml/part05/sect_6.2.html#table_6.2-1): UI" }, "removeTag": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:RemoveTag", "description": "Replace with empty tag." }, "resetTag": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:ResetTag", "description": "Reset tag to a placeholder value." } }, "type": "object" }, "google-native:healthcare/v1beta1:ActionResponse": { "description": "Specifies a selection of tags and an `Action` to apply to each one.", "properties": { "cleanImageTag": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:ImageConfigResponse", "description": "Inspect image and transform sensitive burnt-in text. Doesn't apply to elements nested in a sequence, which revert to `Keep`. Supported [tags](http://dicom.nema.org/medical/dicom/2018e/output/chtml/part06/chapter_6.html): PixelData" }, "cleanTextTag": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:CleanTextTagResponse", "description": "Inspect text and transform sensitive text. Configurable via TextConfig. Supported Value Representations: AE, LO, LT, PN, SH, ST, UC, UT, DA, DT, AS" }, "deleteTag": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:DeleteTagResponse", "description": "Delete tag." }, "keepTag": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:KeepTagResponse", "description": "Keep tag unchanged." }, "queries": { "type": "array", "items": { "type": "string" }, "description": "Select all tags with the listed tag IDs, names, or Value Representations (VRs). Examples: ID: \"00100010\" Keyword: \"PatientName\" VR: \"PN\"" }, "recurseTag": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:RecurseTagResponse", "description": "Recursively apply DICOM de-id to tags nested in a sequence. Supported [Value Representation] (http://dicom.nema.org/medical/dicom/2018e/output/chtml/part05/sect_6.2.html#table_6.2-1): SQ" }, "regenUidTag": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:RegenUidTagResponse", "description": "Replace UID with a new generated UID. Supported [Value Representation] (http://dicom.nema.org/medical/dicom/2018e/output/chtml/part05/sect_6.2.html#table_6.2-1): UI" }, "removeTag": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:RemoveTagResponse", "description": "Replace with empty tag." }, "resetTag": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:ResetTagResponse", "description": "Reset tag to a placeholder value." } }, "type": "object", "required": [ "cleanImageTag", "cleanTextTag", "deleteTag", "keepTag", "queries", "recurseTag", "regenUidTag", "removeTag", "resetTag" ] }, "google-native:healthcare/v1beta1:AnnotationConfig": { "description": "Specifies how to store annotations during de-identification operation.", "properties": { "annotationStoreName": { "type": "string", "description": "The name of the annotation store, in the form `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/annotationStores/{annotation_store_id}`). * The destination annotation store must be in the same project as the source data. De-identifying data across multiple projects is not supported. * The destination annotation store must exist when using DeidentifyDicomStore or DeidentifyFhirStore. DeidentifyDataset automatically creates the destination annotation store." }, "storeQuote": { "type": "boolean", "description": "If set to true, the sensitive texts are included in SensitiveTextAnnotation of Annotation." } }, "type": "object" }, "google-native:healthcare/v1beta1:AnnotationConfigResponse": { "description": "Specifies how to store annotations during de-identification operation.", "properties": { "annotationStoreName": { "type": "string", "description": "The name of the annotation store, in the form `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/annotationStores/{annotation_store_id}`). * The destination annotation store must be in the same project as the source data. De-identifying data across multiple projects is not supported. * The destination annotation store must exist when using DeidentifyDicomStore or DeidentifyFhirStore. DeidentifyDataset automatically creates the destination annotation store." }, "storeQuote": { "type": "boolean", "description": "If set to true, the sensitive texts are included in SensitiveTextAnnotation of Annotation." } }, "type": "object", "required": [ "annotationStoreName", "storeQuote" ] }, "google-native:healthcare/v1beta1:AnnotationSource": { "description": "AnnotationSource holds the source information of the annotation.", "properties": { "cloudHealthcareSource": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:CloudHealthcareSource", "description": "Cloud Healthcare API resource." } }, "type": "object" }, "google-native:healthcare/v1beta1:AnnotationSourceResponse": { "description": "AnnotationSource holds the source information of the annotation.", "properties": { "cloudHealthcareSource": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:CloudHealthcareSourceResponse", "description": "Cloud Healthcare API resource." } }, "type": "object", "required": [ "cloudHealthcareSource" ] }, "google-native:healthcare/v1beta1:Attribute": { "description": "An attribute value for a Consent or User data mapping. Each Attribute must have a corresponding AttributeDefinition in the consent store that defines the default and allowed values.", "properties": { "attributeDefinitionId": { "type": "string", "description": "Indicates the name of an attribute defined in the consent store." }, "values": { "type": "array", "items": { "type": "string" }, "description": "The value of the attribute. Must be an acceptable value as defined in the consent store. For example, if the consent store defines \"data type\" with acceptable values \"questionnaire\" and \"step-count\", when the attribute name is data type, this field must contain one of those values." } }, "type": "object" }, "google-native:healthcare/v1beta1:AttributeDefinitionCategory": { "description": "Required. The category of the attribute. The value of this field cannot be changed after creation.", "type": "string", "enum": [ { "name": "CategoryUnspecified", "description": "No category specified. This option is invalid.", "value": "CATEGORY_UNSPECIFIED" }, { "name": "Resource", "description": "Specify this category when this attribute describes the properties of resources. For example, data anonymity or data type.", "value": "RESOURCE" }, { "name": "Request", "description": "Specify this category when this attribute describes the properties of requests. For example, requester's role or requester's organization.", "value": "REQUEST" } ] }, "google-native:healthcare/v1beta1:AttributeResponse": { "description": "An attribute value for a Consent or User data mapping. Each Attribute must have a corresponding AttributeDefinition in the consent store that defines the default and allowed values.", "properties": { "attributeDefinitionId": { "type": "string", "description": "Indicates the name of an attribute defined in the consent store." }, "values": { "type": "array", "items": { "type": "string" }, "description": "The value of the attribute. Must be an acceptable value as defined in the consent store. For example, if the consent store defines \"data type\" with acceptable values \"questionnaire\" and \"step-count\", when the attribute name is data type, this field must contain one of those values." } }, "type": "object", "required": [ "attributeDefinitionId", "values" ] }, "google-native:healthcare/v1beta1:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:healthcare/v1beta1:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:healthcare/v1beta1:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:healthcare/v1beta1:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:healthcare/v1beta1:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:healthcare/v1beta1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:healthcare/v1beta1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:healthcare/v1beta1:BoundingPoly": { "description": "A bounding polygon for the detected image annotation.", "properties": { "label": { "type": "string", "description": "A description of this polygon." }, "vertices": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:Vertex" }, "description": "List of the vertices of this polygon." } }, "type": "object" }, "google-native:healthcare/v1beta1:BoundingPolyResponse": { "description": "A bounding polygon for the detected image annotation.", "properties": { "label": { "type": "string", "description": "A description of this polygon." }, "vertices": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:VertexResponse" }, "description": "List of the vertices of this polygon." } }, "type": "object", "required": [ "label", "vertices" ] }, "google-native:healthcare/v1beta1:CharacterMaskConfig": { "description": "Mask a string by replacing its characters with a fixed character.", "properties": { "maskingCharacter": { "type": "string", "description": "Character to mask the sensitive values. If not supplied, defaults to \"*\"." } }, "type": "object" }, "google-native:healthcare/v1beta1:CharacterMaskConfigResponse": { "description": "Mask a string by replacing its characters with a fixed character.", "properties": { "maskingCharacter": { "type": "string", "description": "Character to mask the sensitive values. If not supplied, defaults to \"*\"." } }, "type": "object", "required": [ "maskingCharacter" ] }, "google-native:healthcare/v1beta1:CharacterMaskField": { "description": "Replace field value with masking character. Supported [types](https://www.hl7.org/fhir/datatypes.html): Code, Decimal, HumanName, Id, LanguageCode, Markdown, Oid, String, Uri, Uuid, Xhtml.", "type": "object" }, "google-native:healthcare/v1beta1:CharacterMaskFieldResponse": { "description": "Replace field value with masking character. Supported [types](https://www.hl7.org/fhir/datatypes.html): Code, Decimal, HumanName, Id, LanguageCode, Markdown, Oid, String, Uri, Uuid, Xhtml.", "type": "object" }, "google-native:healthcare/v1beta1:CleanDescriptorsOption": { "description": "This option is based on the DICOM Standard's [Clean Descriptors Option](http://dicom.nema.org/medical/dicom/2018e/output/chtml/part15/sect_E.3.5.html), and the `CleanText` `Action` is applied to all the specified fields. When cleaning text, the process attempts to transform phrases matching any of the tags marked for removal (action codes D, Z, X, and U) in the [Basic Profile](http://dicom.nema.org/medical/dicom/2018e/output/chtml/part15/chapter_E.html). These contextual phrases are replaced with the token \"[CTX]\". This option uses an additional infoType during inspection.", "type": "object" }, "google-native:healthcare/v1beta1:CleanDescriptorsOptionResponse": { "description": "This option is based on the DICOM Standard's [Clean Descriptors Option](http://dicom.nema.org/medical/dicom/2018e/output/chtml/part15/sect_E.3.5.html), and the `CleanText` `Action` is applied to all the specified fields. When cleaning text, the process attempts to transform phrases matching any of the tags marked for removal (action codes D, Z, X, and U) in the [Basic Profile](http://dicom.nema.org/medical/dicom/2018e/output/chtml/part15/chapter_E.html). These contextual phrases are replaced with the token \"[CTX]\". This option uses an additional infoType during inspection.", "type": "object" }, "google-native:healthcare/v1beta1:CleanTextField": { "description": "Inspect text and transform sensitive text. Configure using TextConfig. Supported [types](https://www.hl7.org/fhir/datatypes.html): Code, Date, DateTime, Decimal, HumanName, Id, LanguageCode, Markdown, Oid, String, Uri, Uuid, Xhtml.", "type": "object" }, "google-native:healthcare/v1beta1:CleanTextFieldResponse": { "description": "Inspect text and transform sensitive text. Configure using TextConfig. Supported [types](https://www.hl7.org/fhir/datatypes.html): Code, Date, DateTime, Decimal, HumanName, Id, LanguageCode, Markdown, Oid, String, Uri, Uuid, Xhtml.", "type": "object" }, "google-native:healthcare/v1beta1:CleanTextTag": { "description": "Inspect text and transform sensitive text. Configurable using TextConfig. Supported [Value Representations] (http://dicom.nema.org/medical/dicom/2018e/output/chtml/part05/sect_6.2.html#table_6.2-1): AE, LO, LT, PN, SH, ST, UC, UT, DA, DT, AS", "type": "object" }, "google-native:healthcare/v1beta1:CleanTextTagResponse": { "description": "Inspect text and transform sensitive text. Configurable using TextConfig. Supported [Value Representations] (http://dicom.nema.org/medical/dicom/2018e/output/chtml/part05/sect_6.2.html#table_6.2-1): AE, LO, LT, PN, SH, ST, UC, UT, DA, DT, AS", "type": "object" }, "google-native:healthcare/v1beta1:CloudHealthcareSource": { "description": "Cloud Healthcare API resource.", "properties": { "name": { "type": "string", "description": "Full path of a Cloud Healthcare API resource." } }, "type": "object" }, "google-native:healthcare/v1beta1:CloudHealthcareSourceResponse": { "description": "Cloud Healthcare API resource.", "properties": { "name": { "type": "string", "description": "Full path of a Cloud Healthcare API resource." } }, "type": "object", "required": [ "name" ] }, "google-native:healthcare/v1beta1:ConsentConfig": { "description": "Configures whether to enforce consent for the FHIR store and which consent enforcement version is being used.", "properties": { "accessDeterminationLogConfig": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:AccessDeterminationLogConfig", "description": "Optional. Specifies how the server logs the consent-aware requests. If not specified, the `AccessDeterminationLogConfig.LogLevel.MINIMUM` option is used." }, "accessEnforced": { "type": "boolean", "description": "Optional. If set to true, when accessing FHIR resources, the consent headers provided using [SMART-on-FHIR](https://cloud.google.com/healthcare/private/docs/how-tos/smart-on-fhir) will be verified against consents given by patients. See the ConsentEnforcementVersion for the supported consent headers." }, "consentHeaderHandling": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:ConsentHeaderHandling", "description": "Optional. Different options to configure the behaviour of the server when handling the `X-Consent-Scope` header." }, "enforcedAdminConsents": { "type": "array", "items": { "type": "string" }, "description": "The versioned names of the enforced admin Consent resource(s), in the format `projects/{project_id}/locations/{location}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/fhir/Consent/{resource_id}/_history/{version_id}`. For FHIR stores with `disable_resource_versioning=true`, the format is `projects/{project_id}/locations/{location}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/fhir/Consent/{resource_id}`. This field can only be updated using ApplyAdminConsents." }, "version": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:ConsentConfigVersion", "description": "Specifies which consent enforcement version is being used for this FHIR store. This field can only be set once by either CreateFhirStore or UpdateFhirStore. After that, you must call ApplyConsents to change the version." } }, "type": "object", "required": [ "version" ] }, "google-native:healthcare/v1beta1:ConsentConfigResponse": { "description": "Configures whether to enforce consent for the FHIR store and which consent enforcement version is being used.", "properties": { "accessDeterminationLogConfig": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:AccessDeterminationLogConfigResponse", "description": "Optional. Specifies how the server logs the consent-aware requests. If not specified, the `AccessDeterminationLogConfig.LogLevel.MINIMUM` option is used." }, "accessEnforced": { "type": "boolean", "description": "Optional. If set to true, when accessing FHIR resources, the consent headers provided using [SMART-on-FHIR](https://cloud.google.com/healthcare/private/docs/how-tos/smart-on-fhir) will be verified against consents given by patients. See the ConsentEnforcementVersion for the supported consent headers." }, "consentHeaderHandling": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:ConsentHeaderHandlingResponse", "description": "Optional. Different options to configure the behaviour of the server when handling the `X-Consent-Scope` header." }, "enforcedAdminConsents": { "type": "array", "items": { "type": "string" }, "description": "The versioned names of the enforced admin Consent resource(s), in the format `projects/{project_id}/locations/{location}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/fhir/Consent/{resource_id}/_history/{version_id}`. For FHIR stores with `disable_resource_versioning=true`, the format is `projects/{project_id}/locations/{location}/datasets/{dataset_id}/fhirStores/{fhir_store_id}/fhir/Consent/{resource_id}`. This field can only be updated using ApplyAdminConsents." }, "version": { "type": "string", "description": "Specifies which consent enforcement version is being used for this FHIR store. This field can only be set once by either CreateFhirStore or UpdateFhirStore. After that, you must call ApplyConsents to change the version." } }, "type": "object", "required": [ "accessDeterminationLogConfig", "accessEnforced", "consentHeaderHandling", "enforcedAdminConsents", "version" ] }, "google-native:healthcare/v1beta1:ConsentConfigVersion": { "description": "Required. Specifies which consent enforcement version is being used for this FHIR store. This field can only be set once by either CreateFhirStore or UpdateFhirStore. After that, you must call ApplyConsents to change the version.", "type": "string", "enum": [ { "name": "ConsentEnforcementVersionUnspecified", "description": "Users must specify an enforcement version or an error is returned.", "value": "CONSENT_ENFORCEMENT_VERSION_UNSPECIFIED" }, { "name": "V1", "description": "Enforcement version 1. See the [FHIR Consent resources in the Cloud Healthcare API](https://cloud.google.com/healthcare-api/private/docs/how-tos/fhir-consent) guide for more details.", "value": "V1" } ] }, "google-native:healthcare/v1beta1:ConsentHeaderHandling": { "description": "How the server handles the consent header.", "properties": { "profile": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:ConsentHeaderHandlingProfile", "description": "Optional. Specifies the default server behavior when the header is empty. If not specified, the `ScopeProfile.PERMIT_EMPTY_SCOPE` option is used." } }, "type": "object" }, "google-native:healthcare/v1beta1:ConsentHeaderHandlingProfile": { "description": "Optional. Specifies the default server behavior when the header is empty. If not specified, the `ScopeProfile.PERMIT_EMPTY_SCOPE` option is used.", "type": "string", "enum": [ { "name": "ScopeProfileUnspecified", "description": "If not specified, the default value `PERMIT_EMPTY_SCOPE` is used.", "value": "SCOPE_PROFILE_UNSPECIFIED" }, { "name": "PermitEmptyScope", "description": "When no consent scopes are provided (for example, if there's an empty or missing header), then consent check is disabled, similar to when `access_enforced` is `false`. You can use audit logs to differentiate these two cases by looking at the value of `protopayload.metadata.consentMode`. If consents scopes are present, they must be valid and within the allowed limits, otherwise the request will be rejected with a `4xx` code.", "value": "PERMIT_EMPTY_SCOPE" }, { "name": "RequiredOnRead", "description": "The consent header must be non-empty when performing read and search operations, otherwise the request is rejected with a `4xx` code. Additionally, invalid consent scopes or scopes exceeding the allowed limits are rejected.", "value": "REQUIRED_ON_READ" } ] }, "google-native:healthcare/v1beta1:ConsentHeaderHandlingResponse": { "description": "How the server handles the consent header.", "properties": { "profile": { "type": "string", "description": "Optional. Specifies the default server behavior when the header is empty. If not specified, the `ScopeProfile.PERMIT_EMPTY_SCOPE` option is used." } }, "type": "object", "required": [ "profile" ] }, "google-native:healthcare/v1beta1:ConsentState": { "description": "Required. Indicates the current state of this Consent.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "No state specified. Treated as ACTIVE only at the time of resource creation.", "value": "STATE_UNSPECIFIED" }, { "name": "Active", "description": "The Consent is active and is considered when evaluating a user's consent on resources.", "value": "ACTIVE" }, { "name": "Archived", "description": "The archived state is currently not being used.", "value": "ARCHIVED" }, { "name": "Revoked", "description": "A revoked Consent is not considered when evaluating a user's consent on resources.", "value": "REVOKED" }, { "name": "Draft", "description": "A draft Consent is not considered when evaluating a user's consent on resources unless explicitly specified.", "value": "DRAFT" }, { "name": "Rejected", "description": "When a draft Consent is rejected by a user, it is set to a rejected state. A rejected Consent is not considered when evaluating a user's consent on resources.", "value": "REJECTED" } ] }, "google-native:healthcare/v1beta1:ContextualDeidConfig": { "description": "Fields that don't match a KeepField or CleanTextField `action` in the BASIC profile are collected into a contextual phrase list. For fields that match a CleanTextField `action` in FieldMetadata or ProfileType, the process attempts to transform phrases matching these contextual entries. These contextual phrases are replaced with the token \"[CTX]\". This feature uses an additional InfoType during inspection.", "type": "object" }, "google-native:healthcare/v1beta1:ContextualDeidConfigResponse": { "description": "Fields that don't match a KeepField or CleanTextField `action` in the BASIC profile are collected into a contextual phrase list. For fields that match a CleanTextField `action` in FieldMetadata or ProfileType, the process attempts to transform phrases matching these contextual entries. These contextual phrases are replaced with the token \"[CTX]\". This feature uses an additional InfoType during inspection.", "type": "object" }, "google-native:healthcare/v1beta1:CryptoHashConfig": { "description": "Pseudonymization method that generates surrogates via cryptographic hashing. Uses SHA-256. Outputs a base64-encoded representation of the hashed output. For example, `L7k0BHmF1ha5U3NfGykjro4xWi1MPVQPjhMAZbSV9mM=`.", "properties": { "cryptoKey": { "type": "string", "description": "An AES 128/192/256 bit key. Causes the hash to be computed based on this key. A default key is generated for each Deidentify operation and is used when neither crypto_key nor kms_wrapped is specified. Must not be set if kms_wrapped is set." }, "kmsWrapped": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:KmsWrappedCryptoKey", "description": "KMS wrapped key. Must not be set if crypto_key is set." } }, "type": "object" }, "google-native:healthcare/v1beta1:CryptoHashConfigResponse": { "description": "Pseudonymization method that generates surrogates via cryptographic hashing. Uses SHA-256. Outputs a base64-encoded representation of the hashed output. For example, `L7k0BHmF1ha5U3NfGykjro4xWi1MPVQPjhMAZbSV9mM=`.", "properties": { "cryptoKey": { "type": "string", "description": "An AES 128/192/256 bit key. Causes the hash to be computed based on this key. A default key is generated for each Deidentify operation and is used when neither crypto_key nor kms_wrapped is specified. Must not be set if kms_wrapped is set." }, "kmsWrapped": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:KmsWrappedCryptoKeyResponse", "description": "KMS wrapped key. Must not be set if crypto_key is set." } }, "type": "object", "required": [ "cryptoKey", "kmsWrapped" ] }, "google-native:healthcare/v1beta1:CryptoHashField": { "description": "Replace field value with a hash of that value. Supported [types](https://www.hl7.org/fhir/datatypes.html): Code, Decimal, HumanName, Id, LanguageCode, Markdown, Oid, String, Uri, Uuid, Xhtml.", "type": "object" }, "google-native:healthcare/v1beta1:CryptoHashFieldResponse": { "description": "Replace field value with a hash of that value. Supported [types](https://www.hl7.org/fhir/datatypes.html): Code, Decimal, HumanName, Id, LanguageCode, Markdown, Oid, String, Uri, Uuid, Xhtml.", "type": "object" }, "google-native:healthcare/v1beta1:DateShiftConfig": { "description": "Shift a date forward or backward in time by a random amount which is consistent for a given patient and crypto key combination.", "properties": { "cryptoKey": { "type": "string", "description": "An AES 128/192/256 bit key. The date shift is computed based on this key and the patient ID. If the patient ID is empty for a DICOM resource, the date shift is computed based on this key and the study instance UID. If crypto_key is not set, then kms_wrapped is used to calculate the date shift. If neither is set, a default key is generated for each de-identify operation. Must not be set if kms_wrapped is set." }, "kmsWrapped": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:KmsWrappedCryptoKey", "description": "KMS wrapped key. If kms_wrapped is not set, then crypto_key is used to calculate the date shift. If neither is set, a default key is generated for each de-identify operation. Must not be set if crypto_key is set." } }, "type": "object" }, "google-native:healthcare/v1beta1:DateShiftConfigResponse": { "description": "Shift a date forward or backward in time by a random amount which is consistent for a given patient and crypto key combination.", "properties": { "cryptoKey": { "type": "string", "description": "An AES 128/192/256 bit key. The date shift is computed based on this key and the patient ID. If the patient ID is empty for a DICOM resource, the date shift is computed based on this key and the study instance UID. If crypto_key is not set, then kms_wrapped is used to calculate the date shift. If neither is set, a default key is generated for each de-identify operation. Must not be set if kms_wrapped is set." }, "kmsWrapped": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:KmsWrappedCryptoKeyResponse", "description": "KMS wrapped key. If kms_wrapped is not set, then crypto_key is used to calculate the date shift. If neither is set, a default key is generated for each de-identify operation. Must not be set if crypto_key is set." } }, "type": "object", "required": [ "cryptoKey", "kmsWrapped" ] }, "google-native:healthcare/v1beta1:DateShiftField": { "description": "Shift the date by a randomized number of days. See [date shifting](https://cloud.google.com/dlp/docs/concepts-date-shifting) for more information. Supported [types](https://www.hl7.org/fhir/datatypes.html): Date, DateTime.", "type": "object" }, "google-native:healthcare/v1beta1:DateShiftFieldResponse": { "description": "Shift the date by a randomized number of days. See [date shifting](https://cloud.google.com/dlp/docs/concepts-date-shifting) for more information. Supported [types](https://www.hl7.org/fhir/datatypes.html): Date, DateTime.", "type": "object" }, "google-native:healthcare/v1beta1:DeidentifiedStoreDestination": { "description": "Contains configuration for streaming de-identified FHIR export.", "properties": { "config": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:DeidentifyConfig", "description": "The configuration to use when de-identifying resources that are added to this store." }, "store": { "type": "string", "description": "The full resource name of a Cloud Healthcare FHIR store, for example, `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}`." } }, "type": "object" }, "google-native:healthcare/v1beta1:DeidentifiedStoreDestinationResponse": { "description": "Contains configuration for streaming de-identified FHIR export.", "properties": { "config": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:DeidentifyConfigResponse", "description": "The configuration to use when de-identifying resources that are added to this store." }, "store": { "type": "string", "description": "The full resource name of a Cloud Healthcare FHIR store, for example, `projects/{project_id}/locations/{location_id}/datasets/{dataset_id}/fhirStores/{fhir_store_id}`." } }, "type": "object", "required": [ "config", "store" ] }, "google-native:healthcare/v1beta1:DeidentifyConfig": { "description": "Configures de-id options specific to different types of content. Each submessage customizes the handling of an https://tools.ietf.org/html/rfc6838 media type or subtype. Configs are applied in a nested manner at runtime.", "properties": { "annotation": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:AnnotationConfig", "description": "Configures how annotations, meaning that the location and infoType of sensitive information findings, are created during de-identification. If unspecified, no annotations are created." }, "dicom": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:DicomConfig", "description": "Configures de-id of application/DICOM content. Deprecated. Use `dicom_tag_config` instead.", "deprecationMessage": "Configures de-id of application/DICOM content. Deprecated. Use `dicom_tag_config` instead." }, "dicomTagConfig": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:DicomTagConfig", "description": "Configures de-id of application/DICOM content." }, "fhir": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:FhirConfig", "description": "Configures de-id of application/FHIR content. Deprecated. Use `fhir_field_config` instead.", "deprecationMessage": "Configures de-id of application/FHIR content. Deprecated. Use `fhir_field_config` instead." }, "fhirFieldConfig": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:FhirFieldConfig", "description": "Configures de-id of application/FHIR content." }, "image": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:ImageConfig", "description": "Configures the de-identification of image pixels in the source_dataset. Deprecated. Use `dicom_tag_config.options.clean_image` instead.", "deprecationMessage": "Configures the de-identification of image pixels in the source_dataset. Deprecated. Use `dicom_tag_config.options.clean_image` instead." }, "operationMetadata": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:DeidentifyOperationMetadata", "description": "Details about the work the de-identify operation performed." }, "text": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:TextConfig", "description": "Configures de-identification of text wherever it is found in the source_dataset." }, "useRegionalDataProcessing": { "type": "boolean", "description": "Ensures in-flight data remains in the region of origin during de-identification. Using this option results in a significant reduction of throughput, and is not compatible with `LOCATION` or `ORGANIZATION_NAME` infoTypes. If the deprecated DicomConfig or FhirConfig are used, then `LOCATION` must be excluded within TextConfig, and must also be excluded within ImageConfig if image redaction is required." } }, "type": "object" }, "google-native:healthcare/v1beta1:DeidentifyConfigResponse": { "description": "Configures de-id options specific to different types of content. Each submessage customizes the handling of an https://tools.ietf.org/html/rfc6838 media type or subtype. Configs are applied in a nested manner at runtime.", "properties": { "annotation": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:AnnotationConfigResponse", "description": "Configures how annotations, meaning that the location and infoType of sensitive information findings, are created during de-identification. If unspecified, no annotations are created." }, "dicom": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:DicomConfigResponse", "description": "Configures de-id of application/DICOM content. Deprecated. Use `dicom_tag_config` instead.", "deprecationMessage": "Configures de-id of application/DICOM content. Deprecated. Use `dicom_tag_config` instead." }, "dicomTagConfig": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:DicomTagConfigResponse", "description": "Configures de-id of application/DICOM content." }, "fhir": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:FhirConfigResponse", "description": "Configures de-id of application/FHIR content. Deprecated. Use `fhir_field_config` instead.", "deprecationMessage": "Configures de-id of application/FHIR content. Deprecated. Use `fhir_field_config` instead." }, "fhirFieldConfig": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:FhirFieldConfigResponse", "description": "Configures de-id of application/FHIR content." }, "image": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:ImageConfigResponse", "description": "Configures the de-identification of image pixels in the source_dataset. Deprecated. Use `dicom_tag_config.options.clean_image` instead.", "deprecationMessage": "Configures the de-identification of image pixels in the source_dataset. Deprecated. Use `dicom_tag_config.options.clean_image` instead." }, "operationMetadata": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:DeidentifyOperationMetadataResponse", "description": "Details about the work the de-identify operation performed." }, "text": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:TextConfigResponse", "description": "Configures de-identification of text wherever it is found in the source_dataset." }, "useRegionalDataProcessing": { "type": "boolean", "description": "Ensures in-flight data remains in the region of origin during de-identification. Using this option results in a significant reduction of throughput, and is not compatible with `LOCATION` or `ORGANIZATION_NAME` infoTypes. If the deprecated DicomConfig or FhirConfig are used, then `LOCATION` must be excluded within TextConfig, and must also be excluded within ImageConfig if image redaction is required." } }, "type": "object", "required": [ "annotation", "dicom", "dicomTagConfig", "fhir", "fhirFieldConfig", "image", "operationMetadata", "text", "useRegionalDataProcessing" ] }, "google-native:healthcare/v1beta1:DeidentifyOperationMetadata": { "description": "Details about the work the de-identify operation performed.", "properties": { "fhirOutput": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:FhirOutput", "description": "Details about the FHIR store to write the output to." } }, "type": "object" }, "google-native:healthcare/v1beta1:DeidentifyOperationMetadataResponse": { "description": "Details about the work the de-identify operation performed.", "properties": { "fhirOutput": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:FhirOutputResponse", "description": "Details about the FHIR store to write the output to." } }, "type": "object", "required": [ "fhirOutput" ] }, "google-native:healthcare/v1beta1:DeleteTag": { "description": "Delete tag.", "type": "object" }, "google-native:healthcare/v1beta1:DeleteTagResponse": { "description": "Delete tag.", "type": "object" }, "google-native:healthcare/v1beta1:DicomConfig": { "description": "Specifies the parameters needed for de-identification of DICOM stores.", "properties": { "filterProfile": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:DicomConfigFilterProfile", "description": "Tag filtering profile that determines which tags to keep/remove." }, "keepList": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:TagFilterList", "description": "List of tags to keep. Remove all other tags." }, "removeList": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:TagFilterList", "description": "List of tags to remove. Keep all other tags." }, "skipIdRedaction": { "type": "boolean", "description": "If true, skip replacing StudyInstanceUID, SeriesInstanceUID, SOPInstanceUID, and MediaStorageSOPInstanceUID and leave them untouched. The Cloud Healthcare API regenerates these UIDs by default based on the DICOM Standard's reasoning: \"Whilst these UIDs cannot be mapped directly to an individual out of context, given access to the original images, or to a database of the original images containing the UIDs, it would be possible to recover the individual's identity.\" http://dicom.nema.org/medical/dicom/current/output/chtml/part15/sect_E.3.9.html" } }, "type": "object" }, "google-native:healthcare/v1beta1:DicomConfigFilterProfile": { "description": "Tag filtering profile that determines which tags to keep/remove.", "type": "string", "enum": [ { "name": "TagFilterProfileUnspecified", "description": "No tag filtration profile provided. Same as KEEP_ALL_PROFILE.", "value": "TAG_FILTER_PROFILE_UNSPECIFIED" }, { "name": "MinimalKeepListProfile", "description": "Keep only the tags required to produce valid DICOM objects.", "value": "MINIMAL_KEEP_LIST_PROFILE" }, { "name": "AttributeConfidentialityBasicProfile", "description": "Remove tags based on DICOM Standard's Attribute Confidentiality Basic Profile (DICOM Standard Edition 2018e) http://dicom.nema.org/medical/dicom/2018e/output/chtml/part15/chapter_E.html.", "value": "ATTRIBUTE_CONFIDENTIALITY_BASIC_PROFILE" }, { "name": "KeepAllProfile", "description": "Keep all tags.", "value": "KEEP_ALL_PROFILE" }, { "name": "DeidentifyTagContents", "description": "Inspect within tag contents and replace sensitive text. The process can be configured using the TextConfig. Applies to all tags with the following Value Representation names: AE, LO, LT, PN, SH, ST, UC, UT, DA, DT, AS", "value": "DEIDENTIFY_TAG_CONTENTS" } ] }, "google-native:healthcare/v1beta1:DicomConfigResponse": { "description": "Specifies the parameters needed for de-identification of DICOM stores.", "properties": { "filterProfile": { "type": "string", "description": "Tag filtering profile that determines which tags to keep/remove." }, "keepList": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:TagFilterListResponse", "description": "List of tags to keep. Remove all other tags." }, "removeList": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:TagFilterListResponse", "description": "List of tags to remove. Keep all other tags." }, "skipIdRedaction": { "type": "boolean", "description": "If true, skip replacing StudyInstanceUID, SeriesInstanceUID, SOPInstanceUID, and MediaStorageSOPInstanceUID and leave them untouched. The Cloud Healthcare API regenerates these UIDs by default based on the DICOM Standard's reasoning: \"Whilst these UIDs cannot be mapped directly to an individual out of context, given access to the original images, or to a database of the original images containing the UIDs, it would be possible to recover the individual's identity.\" http://dicom.nema.org/medical/dicom/current/output/chtml/part15/sect_E.3.9.html" } }, "type": "object", "required": [ "filterProfile", "keepList", "removeList", "skipIdRedaction" ] }, "google-native:healthcare/v1beta1:DicomTagConfig": { "description": "Specifies the parameters needed for the de-identification of DICOM stores.", "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:Action" }, "description": "Specifies custom tag selections and `Actions` to apply to them. Overrides `options` and `profile`. Conflicting `Actions` are applied in the order given." }, "options": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:Options", "description": "Specifies additional options to apply, overriding the base `profile`." }, "profileType": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:DicomTagConfigProfileType", "description": "Base profile type for handling DICOM tags." } }, "type": "object" }, "google-native:healthcare/v1beta1:DicomTagConfigProfileType": { "description": "Base profile type for handling DICOM tags.", "type": "string", "enum": [ { "name": "ProfileTypeUnspecified", "description": "No profile provided. Same as `ATTRIBUTE_CONFIDENTIALITY_BASIC_PROFILE`.", "value": "PROFILE_TYPE_UNSPECIFIED" }, { "name": "MinimalKeepListProfile", "description": "Keep only the tags required to produce valid DICOM objects.", "value": "MINIMAL_KEEP_LIST_PROFILE" }, { "name": "AttributeConfidentialityBasicProfile", "description": "Remove tags based on DICOM Standard's [Attribute Confidentiality Basic Profile (DICOM Standard Edition 2018e)](http://dicom.nema.org/medical/dicom/2018e/output/chtml/part15/chapter_E.html).", "value": "ATTRIBUTE_CONFIDENTIALITY_BASIC_PROFILE" }, { "name": "KeepAllProfile", "description": "Keep all tags.", "value": "KEEP_ALL_PROFILE" }, { "name": "DeidentifyTagContents", "description": "Inspect tag contents and replace sensitive text. The process can be configured using the TextConfig. Applies to all tags with the following [Value Representations] (http://dicom.nema.org/medical/dicom/2018e/output/chtml/part05/sect_6.2.html#table_6.2-1): AE, LO, LT, PN, SH, ST, UC, UT, DA, DT, AS", "value": "DEIDENTIFY_TAG_CONTENTS" } ] }, "google-native:healthcare/v1beta1:DicomTagConfigResponse": { "description": "Specifies the parameters needed for the de-identification of DICOM stores.", "properties": { "actions": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:ActionResponse" }, "description": "Specifies custom tag selections and `Actions` to apply to them. Overrides `options` and `profile`. Conflicting `Actions` are applied in the order given." }, "options": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:OptionsResponse", "description": "Specifies additional options to apply, overriding the base `profile`." }, "profileType": { "type": "string", "description": "Base profile type for handling DICOM tags." } }, "type": "object", "required": [ "actions", "options", "profileType" ] }, "google-native:healthcare/v1beta1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:healthcare/v1beta1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:healthcare/v1beta1:FhirConfig": { "description": "Specifies how to handle de-identification of a FHIR store.", "properties": { "defaultKeepExtensions": { "type": "boolean", "description": "The behaviour for handling FHIR extensions that aren't otherwise specified for de-identification. If true, all extensions are preserved during de-identification by default. If false or unspecified, all extensions are removed during de-identification by default." }, "fieldMetadataList": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:FieldMetadata" }, "description": "Specifies FHIR paths to match and how to transform them. Any field that is not matched by a FieldMetadata is passed through to the output dataset unmodified. All extensions will be processed according to `default_keep_extensions`. If a field can be matched by more than one FieldMetadata, the first FieldMetadata.Action is applied." } }, "type": "object" }, "google-native:healthcare/v1beta1:FhirConfigResponse": { "description": "Specifies how to handle de-identification of a FHIR store.", "properties": { "defaultKeepExtensions": { "type": "boolean", "description": "The behaviour for handling FHIR extensions that aren't otherwise specified for de-identification. If true, all extensions are preserved during de-identification by default. If false or unspecified, all extensions are removed during de-identification by default." }, "fieldMetadataList": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:FieldMetadataResponse" }, "description": "Specifies FHIR paths to match and how to transform them. Any field that is not matched by a FieldMetadata is passed through to the output dataset unmodified. All extensions will be processed according to `default_keep_extensions`. If a field can be matched by more than one FieldMetadata, the first FieldMetadata.Action is applied." } }, "type": "object", "required": [ "defaultKeepExtensions", "fieldMetadataList" ] }, "google-native:healthcare/v1beta1:FhirFieldConfig": { "description": "Specifies how to handle the de-identification of a FHIR store.", "properties": { "fieldMetadataList": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:GoogleCloudHealthcareV1beta1DeidentifyFieldMetadata" }, "description": "Specifies FHIR paths to match and how to transform them. Any field that is not matched by a FieldMetadata `action` is passed through to the output dataset unmodified. All extensions will be processed according to keep_extensions. If a field can be matched by more than one FieldMetadata `action`, the first `action` option is applied. Overrides options and the union field `profile` in FhirFieldConfig." }, "options": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:GoogleCloudHealthcareV1beta1DeidentifyOptions", "description": "Specifies additional options, overriding the base ProfileType." }, "profileType": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:FhirFieldConfigProfileType", "description": "Base profile type for handling FHIR fields." } }, "type": "object" }, "google-native:healthcare/v1beta1:FhirFieldConfigProfileType": { "description": "Base profile type for handling FHIR fields.", "type": "string", "enum": [ { "name": "ProfileTypeUnspecified", "description": "No profile provided. Same as `BASIC`.", "value": "PROFILE_TYPE_UNSPECIFIED" }, { "name": "KeepAll", "description": "Keep all fields.", "value": "KEEP_ALL" }, { "name": "Basic", "description": "Transforms known [HIPAA 18](https://www.hhs.gov/hipaa/for-professionals/privacy/special-topics/de-identification/index.html#standard) fields and cleans known unstructured text fields.", "value": "BASIC" }, { "name": "CleanAll", "description": "Cleans all supported tags. Applies to types: Code, Date, DateTime, Decimal, HumanName, Id, LanguageCode, Markdown, Oid, String, Uri, Uuid, Xhtml.", "value": "CLEAN_ALL" } ] }, "google-native:healthcare/v1beta1:FhirFieldConfigResponse": { "description": "Specifies how to handle the de-identification of a FHIR store.", "properties": { "fieldMetadataList": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:GoogleCloudHealthcareV1beta1DeidentifyFieldMetadataResponse" }, "description": "Specifies FHIR paths to match and how to transform them. Any field that is not matched by a FieldMetadata `action` is passed through to the output dataset unmodified. All extensions will be processed according to keep_extensions. If a field can be matched by more than one FieldMetadata `action`, the first `action` option is applied. Overrides options and the union field `profile` in FhirFieldConfig." }, "options": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:GoogleCloudHealthcareV1beta1DeidentifyOptionsResponse", "description": "Specifies additional options, overriding the base ProfileType." }, "profileType": { "type": "string", "description": "Base profile type for handling FHIR fields." } }, "type": "object", "required": [ "fieldMetadataList", "options", "profileType" ] }, "google-native:healthcare/v1beta1:FhirNotificationConfig": { "description": "Contains the configuration for FHIR notifications.", "properties": { "pubsubTopic": { "type": "string", "description": "The [Pub/Sub](https://cloud.google.com/pubsub/docs/) topic that notifications of changes are published on. Supplied by the client. The notification is a `PubsubMessage` with the following fields: * `PubsubMessage.Data` contains the resource name. * `PubsubMessage.MessageId` is the ID of this notification. It is guaranteed to be unique within the topic. * `PubsubMessage.PublishTime` is the time when the message was published. Note that notifications are only sent if the topic is non-empty. [Topic names](https://cloud.google.com/pubsub/docs/overview#names) must be scoped to a project. The Cloud Healthcare API service account, service-@gcp-sa-healthcare.iam.gserviceaccount.com, must have publisher permissions on the given Pub/Sub topic. Not having adequate permissions causes the calls that send notifications to fail (https://cloud.google.com/healthcare-api/docs/permissions-healthcare-api-gcp-products#dicom_fhir_and_hl7v2_store_cloud_pubsub_permissions). If a notification can't be published to Pub/Sub, errors are logged to Cloud Logging. For more information, see [Viewing error logs in Cloud Logging](https://cloud.google.com/healthcare-api/docs/how-tos/logging)." }, "sendFullResource": { "type": "boolean", "description": "Whether to send full FHIR resource to this Pub/Sub topic for Create and Update operation. Note that setting this to true does not guarantee that all resources will be sent in the format of full FHIR resource. When a resource change is too large or during heavy traffic, only the resource name will be sent. Clients should always check the \"payloadType\" label from a Pub/Sub message to determine whether it needs to fetch the full resource as a separate operation." }, "sendPreviousResourceOnDelete": { "type": "boolean", "description": "Whether to send full FHIR resource to this Pub/Sub topic for deleting FHIR resource. Note that setting this to true does not guarantee that all previous resources will be sent in the format of full FHIR resource. When a resource change is too large or during heavy traffic, only the resource name will be sent. Clients should always check the \"payloadType\" label from a Pub/Sub message to determine whether it needs to fetch the full previous resource as a separate operation." } }, "type": "object" }, "google-native:healthcare/v1beta1:FhirNotificationConfigResponse": { "description": "Contains the configuration for FHIR notifications.", "properties": { "pubsubTopic": { "type": "string", "description": "The [Pub/Sub](https://cloud.google.com/pubsub/docs/) topic that notifications of changes are published on. Supplied by the client. The notification is a `PubsubMessage` with the following fields: * `PubsubMessage.Data` contains the resource name. * `PubsubMessage.MessageId` is the ID of this notification. It is guaranteed to be unique within the topic. * `PubsubMessage.PublishTime` is the time when the message was published. Note that notifications are only sent if the topic is non-empty. [Topic names](https://cloud.google.com/pubsub/docs/overview#names) must be scoped to a project. The Cloud Healthcare API service account, service-@gcp-sa-healthcare.iam.gserviceaccount.com, must have publisher permissions on the given Pub/Sub topic. Not having adequate permissions causes the calls that send notifications to fail (https://cloud.google.com/healthcare-api/docs/permissions-healthcare-api-gcp-products#dicom_fhir_and_hl7v2_store_cloud_pubsub_permissions). If a notification can't be published to Pub/Sub, errors are logged to Cloud Logging. For more information, see [Viewing error logs in Cloud Logging](https://cloud.google.com/healthcare-api/docs/how-tos/logging)." }, "sendFullResource": { "type": "boolean", "description": "Whether to send full FHIR resource to this Pub/Sub topic for Create and Update operation. Note that setting this to true does not guarantee that all resources will be sent in the format of full FHIR resource. When a resource change is too large or during heavy traffic, only the resource name will be sent. Clients should always check the \"payloadType\" label from a Pub/Sub message to determine whether it needs to fetch the full resource as a separate operation." }, "sendPreviousResourceOnDelete": { "type": "boolean", "description": "Whether to send full FHIR resource to this Pub/Sub topic for deleting FHIR resource. Note that setting this to true does not guarantee that all previous resources will be sent in the format of full FHIR resource. When a resource change is too large or during heavy traffic, only the resource name will be sent. Clients should always check the \"payloadType\" label from a Pub/Sub message to determine whether it needs to fetch the full previous resource as a separate operation." } }, "type": "object", "required": [ "pubsubTopic", "sendFullResource", "sendPreviousResourceOnDelete" ] }, "google-native:healthcare/v1beta1:FhirOutput": { "description": "Details about the FHIR store to write the output to.", "properties": { "fhirStore": { "type": "string", "description": "Name of the output FHIR store, which must already exist. You must grant the healthcare.fhirResources.update permission on the destination store to your project's **Cloud Healthcare Service Agent** [service account](https://cloud.google.com/healthcare/docs/how-tos/permissions-healthcare-api-gcp-products#the_cloud_healthcare_service_agent). The destination store must set enableUpdateCreate to true. The destination store must use FHIR version R4. Writing these resources will consume FHIR operations quota from the project containing the source data. De-identify operation metadata is only generated for DICOM de-identification operations." } }, "type": "object" }, "google-native:healthcare/v1beta1:FhirOutputResponse": { "description": "Details about the FHIR store to write the output to.", "properties": { "fhirStore": { "type": "string", "description": "Name of the output FHIR store, which must already exist. You must grant the healthcare.fhirResources.update permission on the destination store to your project's **Cloud Healthcare Service Agent** [service account](https://cloud.google.com/healthcare/docs/how-tos/permissions-healthcare-api-gcp-products#the_cloud_healthcare_service_agent). The destination store must set enableUpdateCreate to true. The destination store must use FHIR version R4. Writing these resources will consume FHIR operations quota from the project containing the source data. De-identify operation metadata is only generated for DICOM de-identification operations." } }, "type": "object", "required": [ "fhirStore" ] }, "google-native:healthcare/v1beta1:FhirStoreComplexDataTypeReferenceParsing": { "description": "Enable parsing of references within complex FHIR data types such as Extensions. If this value is set to ENABLED, then features like referential integrity and Bundle reference rewriting apply to all references. If this flag has not been specified the behavior of the FHIR store will not change, references in complex data types will not be parsed. New stores will have this value set to ENABLED after a notification period. Warning: turning on this flag causes processing existing resources to fail if they contain references to non-existent resources.", "type": "string", "enum": [ { "name": "ComplexDataTypeReferenceParsingUnspecified", "description": "No parsing behavior specified. This is the same as DISABLED for backwards compatibility.", "value": "COMPLEX_DATA_TYPE_REFERENCE_PARSING_UNSPECIFIED" }, { "name": "Disabled", "description": "References in complex data types are ignored.", "value": "DISABLED" }, { "name": "Enabled", "description": "References in complex data types are parsed.", "value": "ENABLED" } ] }, "google-native:healthcare/v1beta1:FhirStoreVersion": { "description": "Immutable. The FHIR specification version that this FHIR store supports natively. This field is immutable after store creation. Requests are rejected if they contain FHIR resources of a different version. Version is required for every FHIR store.", "type": "string", "enum": [ { "name": "VersionUnspecified", "description": "VERSION_UNSPECIFIED is treated as STU3 to accommodate the existing FHIR stores.", "value": "VERSION_UNSPECIFIED" }, { "name": "Dstu2", "description": "Draft Standard for Trial Use, [Release 2](https://www.hl7.org/fhir/DSTU2)", "value": "DSTU2" }, { "name": "Stu3", "description": "Standard for Trial Use, [Release 3](https://www.hl7.org/fhir/STU3)", "value": "STU3" }, { "name": "R4", "description": "[Release 4](https://www.hl7.org/fhir/R4)", "value": "R4" } ] }, "google-native:healthcare/v1beta1:Field": { "description": "A (sub) field of a type.", "properties": { "maxOccurs": { "type": "integer", "description": "The maximum number of times this field can be repeated. 0 or -1 means unbounded." }, "minOccurs": { "type": "integer", "description": "The minimum number of times this field must be present/repeated." }, "name": { "type": "string", "description": "The name of the field. For example, \"PID-1\" or just \"1\"." }, "table": { "type": "string", "description": "The HL7v2 table this field refers to. For example, PID-15 (Patient's Primary Language) usually refers to table \"0296\"." }, "type": { "type": "string", "description": "The type of this field. A Type with this name must be defined in an Hl7TypesConfig." } }, "type": "object" }, "google-native:healthcare/v1beta1:FieldMetadata": { "description": "Specifies FHIR paths to match, and how to handle de-identification of matching fields.", "properties": { "action": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:FieldMetadataAction", "description": "Deidentify action for one field." }, "paths": { "type": "array", "items": { "type": "string" }, "description": "List of paths to FHIR fields to redact. Each path is a period-separated list where each component is either a field name or FHIR type name. All types begin with an upper case letter. For example, the resource field \"Patient.Address.city\", which uses a string type, can be matched by \"Patient.Address.String\". Path also supports partial matching. For example, \"Patient.Address.city\" can be matched by \"Address.city\" (Patient omitted). Partial matching and type matching can be combined. For example, \"Patient.Address.city\" can be matched by \"Address.String\". For \"choice\" types (those defined in the FHIR spec with the form: field[x]), use two separate components. For example, \"deceasedAge.unit\" is matched by \"Deceased.Age.unit\". Supported types are: AdministrativeGenderCode, Base64Binary, Boolean, Code, Date, DateTime, Decimal, HumanName, Id, Instant, Integer, LanguageCode, Markdown, Oid, PositiveInt, String, UnsignedInt, Uri, Uuid, Xhtml. The sub-type for HumanName(for example HumanName.given, HumanName.family) can be omitted." } }, "type": "object" }, "google-native:healthcare/v1beta1:FieldMetadataAction": { "description": "Deidentify action for one field.", "type": "string", "enum": [ { "name": "ActionUnspecified", "description": "No action specified.", "value": "ACTION_UNSPECIFIED" }, { "name": "Transform", "description": "Transform the entire field based on transformations specified in TextConfig. When the specified transformation cannot be applied to a field, RedactConfig is used. For example, a Crypto Hash transformation can't be applied to a FHIR Date field.", "value": "TRANSFORM" }, { "name": "InspectAndTransform", "description": "Inspect and transform any found PHI. When `AnnotationConfig` is provided, annotations of PHI will be generated, except for Date and Datetime.", "value": "INSPECT_AND_TRANSFORM" }, { "name": "DoNotTransform", "description": "Do not transform.", "value": "DO_NOT_TRANSFORM" } ] }, "google-native:healthcare/v1beta1:FieldMetadataResponse": { "description": "Specifies FHIR paths to match, and how to handle de-identification of matching fields.", "properties": { "action": { "type": "string", "description": "Deidentify action for one field." }, "paths": { "type": "array", "items": { "type": "string" }, "description": "List of paths to FHIR fields to redact. Each path is a period-separated list where each component is either a field name or FHIR type name. All types begin with an upper case letter. For example, the resource field \"Patient.Address.city\", which uses a string type, can be matched by \"Patient.Address.String\". Path also supports partial matching. For example, \"Patient.Address.city\" can be matched by \"Address.city\" (Patient omitted). Partial matching and type matching can be combined. For example, \"Patient.Address.city\" can be matched by \"Address.String\". For \"choice\" types (those defined in the FHIR spec with the form: field[x]), use two separate components. For example, \"deceasedAge.unit\" is matched by \"Deceased.Age.unit\". Supported types are: AdministrativeGenderCode, Base64Binary, Boolean, Code, Date, DateTime, Decimal, HumanName, Id, Instant, Integer, LanguageCode, Markdown, Oid, PositiveInt, String, UnsignedInt, Uri, Uuid, Xhtml. The sub-type for HumanName(for example HumanName.given, HumanName.family) can be omitted." } }, "type": "object", "required": [ "action", "paths" ] }, "google-native:healthcare/v1beta1:FieldResponse": { "description": "A (sub) field of a type.", "properties": { "maxOccurs": { "type": "integer", "description": "The maximum number of times this field can be repeated. 0 or -1 means unbounded." }, "minOccurs": { "type": "integer", "description": "The minimum number of times this field must be present/repeated." }, "name": { "type": "string", "description": "The name of the field. For example, \"PID-1\" or just \"1\"." }, "table": { "type": "string", "description": "The HL7v2 table this field refers to. For example, PID-15 (Patient's Primary Language) usually refers to table \"0296\"." }, "type": { "type": "string", "description": "The type of this field. A Type with this name must be defined in an Hl7TypesConfig." } }, "type": "object", "required": [ "maxOccurs", "minOccurs", "name", "table", "type" ] }, "google-native:healthcare/v1beta1:GoogleCloudHealthcareV1beta1ConsentPolicy": { "description": "Represents a user's consent in terms of the resources that can be accessed and under what conditions.", "properties": { "authorizationRule": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:Expr", "description": "The request conditions to meet to grant access. In addition to any supported comparison operators, authorization rules may have `IN` operator as well as at most 10 logical operators that are limited to `AND` (`&&`), `OR` (`||`)." }, "resourceAttributes": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:Attribute" }, "description": "The resources that this policy applies to. A resource is a match if it matches all the attributes listed here. If empty, this policy applies to all User data mappings for the given user." } }, "type": "object", "required": [ "authorizationRule" ] }, "google-native:healthcare/v1beta1:GoogleCloudHealthcareV1beta1ConsentPolicyResponse": { "description": "Represents a user's consent in terms of the resources that can be accessed and under what conditions.", "properties": { "authorizationRule": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:ExprResponse", "description": "The request conditions to meet to grant access. In addition to any supported comparison operators, authorization rules may have `IN` operator as well as at most 10 logical operators that are limited to `AND` (`&&`), `OR` (`||`)." }, "resourceAttributes": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:AttributeResponse" }, "description": "The resources that this policy applies to. A resource is a match if it matches all the attributes listed here. If empty, this policy applies to all User data mappings for the given user." } }, "type": "object", "required": [ "authorizationRule", "resourceAttributes" ] }, "google-native:healthcare/v1beta1:GoogleCloudHealthcareV1beta1DeidentifyFieldMetadata": { "description": "Specifies the FHIR paths to match and how to handle the de-identification of matching fields.", "properties": { "characterMaskField": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:CharacterMaskField", "description": "Replace the field's value with a masking character. Supported [types](https://www.hl7.org/fhir/datatypes.html): Code, Decimal, HumanName, Id, LanguageCode, Markdown, Oid, String, Uri, Uuid, Xhtml." }, "cleanTextField": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:CleanTextField", "description": "Inspect the field's text and transform sensitive text. Configure using TextConfig. Supported [types](https://www.hl7.org/fhir/datatypes.html): Code, Date, DateTime, Decimal, HumanName, Id, LanguageCode, Markdown, Oid, String, Uri, Uuid, Xhtml." }, "cryptoHashField": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:CryptoHashField", "description": "Replace field value with a hash of that value. Supported [types](https://www.hl7.org/fhir/datatypes.html): Code, Decimal, HumanName, Id, LanguageCode, Markdown, Oid, String, Uri, Uuid, Xhtml." }, "dateShiftField": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:DateShiftField", "description": "Shift the date by a randomized number of days. See [date shifting](https://cloud.google.com/dlp/docs/concepts-date-shifting) for more information. Supported [types](https://www.hl7.org/fhir/datatypes.html): Date, DateTime." }, "keepField": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:KeepField", "description": "Keep the field unchanged." }, "paths": { "type": "array", "items": { "type": "string" }, "description": "List of paths to FHIR fields to redact. Each path is a period-separated list where each component is either a field name or FHIR [type](https://www.hl7.org/fhir/datatypes.html) name. All types begin with an upper case letter. For example, the resource field `Patient.Address.city`, which uses a [string](https://www.hl7.org/fhir/datatypes-definitions.html#Address.city) type, can be matched by `Patient.Address.String`. Partial matching is supported. For example, `Patient.Address.city` can be matched by `Address.city` (with `Patient` omitted). Partial matching and type matching can be combined, for example `Patient.Address.city` can be matched by `Address.String`. For \"choice\" types (those defined in the FHIR spec with the format `field[x]`), use two separate components. For example, `deceasedAge.unit` is matched by `Deceased.Age.unit`. The following types are supported: AdministrativeGenderCode, Base64Binary, Boolean, Code, Date, DateTime, Decimal, HumanName, Id, Instant, Integer, LanguageCode, Markdown, Oid, PositiveInt, String, UnsignedInt, Uri, Uuid, Xhtml. The sub-type for HumanName (for example `HumanName.given`, `HumanName.family`) can be omitted." }, "removeField": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:RemoveField", "description": "Remove the field." } }, "type": "object" }, "google-native:healthcare/v1beta1:GoogleCloudHealthcareV1beta1DeidentifyFieldMetadataResponse": { "description": "Specifies the FHIR paths to match and how to handle the de-identification of matching fields.", "properties": { "characterMaskField": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:CharacterMaskFieldResponse", "description": "Replace the field's value with a masking character. Supported [types](https://www.hl7.org/fhir/datatypes.html): Code, Decimal, HumanName, Id, LanguageCode, Markdown, Oid, String, Uri, Uuid, Xhtml." }, "cleanTextField": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:CleanTextFieldResponse", "description": "Inspect the field's text and transform sensitive text. Configure using TextConfig. Supported [types](https://www.hl7.org/fhir/datatypes.html): Code, Date, DateTime, Decimal, HumanName, Id, LanguageCode, Markdown, Oid, String, Uri, Uuid, Xhtml." }, "cryptoHashField": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:CryptoHashFieldResponse", "description": "Replace field value with a hash of that value. Supported [types](https://www.hl7.org/fhir/datatypes.html): Code, Decimal, HumanName, Id, LanguageCode, Markdown, Oid, String, Uri, Uuid, Xhtml." }, "dateShiftField": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:DateShiftFieldResponse", "description": "Shift the date by a randomized number of days. See [date shifting](https://cloud.google.com/dlp/docs/concepts-date-shifting) for more information. Supported [types](https://www.hl7.org/fhir/datatypes.html): Date, DateTime." }, "keepField": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:KeepFieldResponse", "description": "Keep the field unchanged." }, "paths": { "type": "array", "items": { "type": "string" }, "description": "List of paths to FHIR fields to redact. Each path is a period-separated list where each component is either a field name or FHIR [type](https://www.hl7.org/fhir/datatypes.html) name. All types begin with an upper case letter. For example, the resource field `Patient.Address.city`, which uses a [string](https://www.hl7.org/fhir/datatypes-definitions.html#Address.city) type, can be matched by `Patient.Address.String`. Partial matching is supported. For example, `Patient.Address.city` can be matched by `Address.city` (with `Patient` omitted). Partial matching and type matching can be combined, for example `Patient.Address.city` can be matched by `Address.String`. For \"choice\" types (those defined in the FHIR spec with the format `field[x]`), use two separate components. For example, `deceasedAge.unit` is matched by `Deceased.Age.unit`. The following types are supported: AdministrativeGenderCode, Base64Binary, Boolean, Code, Date, DateTime, Decimal, HumanName, Id, Instant, Integer, LanguageCode, Markdown, Oid, PositiveInt, String, UnsignedInt, Uri, Uuid, Xhtml. The sub-type for HumanName (for example `HumanName.given`, `HumanName.family`) can be omitted." }, "removeField": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:RemoveFieldResponse", "description": "Remove the field." } }, "type": "object", "required": [ "characterMaskField", "cleanTextField", "cryptoHashField", "dateShiftField", "keepField", "paths", "removeField" ] }, "google-native:healthcare/v1beta1:GoogleCloudHealthcareV1beta1DeidentifyOptions": { "description": "Specifies additional options to apply to the base ProfileType.", "properties": { "characterMaskConfig": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:CharacterMaskConfig", "description": "Character mask config for CharacterMaskField." }, "contextualDeid": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:ContextualDeidConfig", "description": "Configure contextual de-id." }, "cryptoHashConfig": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:CryptoHashConfig", "description": "Crypto hash config for CharacterMaskField." }, "dateShiftConfig": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:DateShiftConfig", "description": "Date shifting config for CharacterMaskField." }, "keepExtensions": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:KeepExtensionsConfig", "description": "Configure keeping extensions by default." } }, "type": "object" }, "google-native:healthcare/v1beta1:GoogleCloudHealthcareV1beta1DeidentifyOptionsResponse": { "description": "Specifies additional options to apply to the base ProfileType.", "properties": { "characterMaskConfig": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:CharacterMaskConfigResponse", "description": "Character mask config for CharacterMaskField." }, "contextualDeid": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:ContextualDeidConfigResponse", "description": "Configure contextual de-id." }, "cryptoHashConfig": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:CryptoHashConfigResponse", "description": "Crypto hash config for CharacterMaskField." }, "dateShiftConfig": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:DateShiftConfigResponse", "description": "Date shifting config for CharacterMaskField." }, "keepExtensions": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:KeepExtensionsConfigResponse", "description": "Configure keeping extensions by default." } }, "type": "object", "required": [ "characterMaskConfig", "contextualDeid", "cryptoHashConfig", "dateShiftConfig", "keepExtensions" ] }, "google-native:healthcare/v1beta1:GoogleCloudHealthcareV1beta1DicomBigQueryDestination": { "description": "The BigQuery table where the server writes output.", "properties": { "force": { "type": "boolean", "description": "Use `write_disposition` instead. If `write_disposition` is specified, this parameter is ignored. force=false is equivalent to write_disposition=WRITE_EMPTY and force=true is equivalent to write_disposition=WRITE_TRUNCATE." }, "tableUri": { "type": "string", "description": "BigQuery URI to a table, up to 2000 characters long, in the format `bq://projectId.bqDatasetId.tableId`" }, "writeDisposition": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:GoogleCloudHealthcareV1beta1DicomBigQueryDestinationWriteDisposition", "description": "Determines whether the existing table in the destination is to be overwritten or appended to. If a write_disposition is specified, the `force` parameter is ignored." } }, "type": "object" }, "google-native:healthcare/v1beta1:GoogleCloudHealthcareV1beta1DicomBigQueryDestinationResponse": { "description": "The BigQuery table where the server writes output.", "properties": { "force": { "type": "boolean", "description": "Use `write_disposition` instead. If `write_disposition` is specified, this parameter is ignored. force=false is equivalent to write_disposition=WRITE_EMPTY and force=true is equivalent to write_disposition=WRITE_TRUNCATE." }, "tableUri": { "type": "string", "description": "BigQuery URI to a table, up to 2000 characters long, in the format `bq://projectId.bqDatasetId.tableId`" }, "writeDisposition": { "type": "string", "description": "Determines whether the existing table in the destination is to be overwritten or appended to. If a write_disposition is specified, the `force` parameter is ignored." } }, "type": "object", "required": [ "force", "tableUri", "writeDisposition" ] }, "google-native:healthcare/v1beta1:GoogleCloudHealthcareV1beta1DicomBigQueryDestinationWriteDisposition": { "description": "Determines whether the existing table in the destination is to be overwritten or appended to. If a write_disposition is specified, the `force` parameter is ignored.", "type": "string", "enum": [ { "name": "WriteDispositionUnspecified", "description": "Default behavior is the same as WRITE_EMPTY.", "value": "WRITE_DISPOSITION_UNSPECIFIED" }, { "name": "WriteEmpty", "description": "Only export data if the destination table is empty.", "value": "WRITE_EMPTY" }, { "name": "WriteTruncate", "description": "Erase all existing data in the destination table before writing the instances.", "value": "WRITE_TRUNCATE" }, { "name": "WriteAppend", "description": "Append data to the destination table.", "value": "WRITE_APPEND" } ] }, "google-native:healthcare/v1beta1:GoogleCloudHealthcareV1beta1DicomStreamConfig": { "description": "StreamConfig specifies configuration for a streaming DICOM export.", "properties": { "bigqueryDestination": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:GoogleCloudHealthcareV1beta1DicomBigQueryDestination", "description": "Results are appended to this table. The server creates a new table in the given BigQuery dataset if the specified table does not exist. To enable the Cloud Healthcare API to write to your BigQuery table, you must give the Cloud Healthcare API service account the bigquery.dataEditor role. The service account is: `service-{PROJECT_NUMBER}@gcp-sa-healthcare.iam.gserviceaccount.com`. The PROJECT_NUMBER identifies the project that the DICOM store resides in. To get the project number, go to the Cloud Console Dashboard. It is recommended to not have a custom schema in the destination table which could conflict with the schema created by the Cloud Healthcare API. Instance deletions are not applied to the destination table. The destination's table schema will be automatically updated in case a new instance's data is incompatible with the current schema. The schema should not be updated manually as this can cause incompatibilies that cannot be resolved automatically. One resolution in this case is to delete the incompatible table and let the server recreate one, though the newly created table only contains data after the table recreation. BigQuery imposes a 1 MB limit on streaming insert row size, therefore any instance that generates more than 1 MB of BigQuery data will not be streamed. If an instance cannot be streamed to BigQuery, errors will be logged to Cloud Logging (see [Viewing error logs in Cloud Logging](https://cloud.google.com/healthcare/docs/how-tos/logging))." } }, "type": "object" }, "google-native:healthcare/v1beta1:GoogleCloudHealthcareV1beta1DicomStreamConfigResponse": { "description": "StreamConfig specifies configuration for a streaming DICOM export.", "properties": { "bigqueryDestination": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:GoogleCloudHealthcareV1beta1DicomBigQueryDestinationResponse", "description": "Results are appended to this table. The server creates a new table in the given BigQuery dataset if the specified table does not exist. To enable the Cloud Healthcare API to write to your BigQuery table, you must give the Cloud Healthcare API service account the bigquery.dataEditor role. The service account is: `service-{PROJECT_NUMBER}@gcp-sa-healthcare.iam.gserviceaccount.com`. The PROJECT_NUMBER identifies the project that the DICOM store resides in. To get the project number, go to the Cloud Console Dashboard. It is recommended to not have a custom schema in the destination table which could conflict with the schema created by the Cloud Healthcare API. Instance deletions are not applied to the destination table. The destination's table schema will be automatically updated in case a new instance's data is incompatible with the current schema. The schema should not be updated manually as this can cause incompatibilies that cannot be resolved automatically. One resolution in this case is to delete the incompatible table and let the server recreate one, though the newly created table only contains data after the table recreation. BigQuery imposes a 1 MB limit on streaming insert row size, therefore any instance that generates more than 1 MB of BigQuery data will not be streamed. If an instance cannot be streamed to BigQuery, errors will be logged to Cloud Logging (see [Viewing error logs in Cloud Logging](https://cloud.google.com/healthcare/docs/how-tos/logging))." } }, "type": "object", "required": [ "bigqueryDestination" ] }, "google-native:healthcare/v1beta1:GoogleCloudHealthcareV1beta1FhirBigQueryDestination": { "description": "The configuration for exporting to BigQuery.", "properties": { "datasetUri": { "type": "string", "description": "BigQuery URI to an existing dataset, up to 2000 characters long, in the format `bq://projectId.bqDatasetId`." }, "force": { "type": "boolean", "description": "Use `write_disposition` instead. If `write_disposition` is specified, this parameter is ignored. force=false is equivalent to write_disposition=WRITE_EMPTY and force=true is equivalent to write_disposition=WRITE_TRUNCATE." }, "schemaConfig": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:SchemaConfig", "description": "The configuration for the exported BigQuery schema." }, "writeDisposition": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:GoogleCloudHealthcareV1beta1FhirBigQueryDestinationWriteDisposition", "description": "Determines if existing data in the destination dataset is overwritten, appended to, or not written if the tables contain data. If a write_disposition is specified, the `force` parameter is ignored." } }, "type": "object" }, "google-native:healthcare/v1beta1:GoogleCloudHealthcareV1beta1FhirBigQueryDestinationResponse": { "description": "The configuration for exporting to BigQuery.", "properties": { "datasetUri": { "type": "string", "description": "BigQuery URI to an existing dataset, up to 2000 characters long, in the format `bq://projectId.bqDatasetId`." }, "force": { "type": "boolean", "description": "Use `write_disposition` instead. If `write_disposition` is specified, this parameter is ignored. force=false is equivalent to write_disposition=WRITE_EMPTY and force=true is equivalent to write_disposition=WRITE_TRUNCATE." }, "schemaConfig": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:SchemaConfigResponse", "description": "The configuration for the exported BigQuery schema." }, "writeDisposition": { "type": "string", "description": "Determines if existing data in the destination dataset is overwritten, appended to, or not written if the tables contain data. If a write_disposition is specified, the `force` parameter is ignored." } }, "type": "object", "required": [ "datasetUri", "force", "schemaConfig", "writeDisposition" ] }, "google-native:healthcare/v1beta1:GoogleCloudHealthcareV1beta1FhirBigQueryDestinationWriteDisposition": { "description": "Determines if existing data in the destination dataset is overwritten, appended to, or not written if the tables contain data. If a write_disposition is specified, the `force` parameter is ignored.", "type": "string", "enum": [ { "name": "WriteDispositionUnspecified", "description": "Default behavior is the same as WRITE_EMPTY.", "value": "WRITE_DISPOSITION_UNSPECIFIED" }, { "name": "WriteEmpty", "description": "Only export data if the destination tables are empty.", "value": "WRITE_EMPTY" }, { "name": "WriteTruncate", "description": "Erase all existing data in the destination tables before writing the FHIR resources.", "value": "WRITE_TRUNCATE" }, { "name": "WriteAppend", "description": "Append data to the destination tables.", "value": "WRITE_APPEND" } ] }, "google-native:healthcare/v1beta1:Hl7SchemaConfig": { "description": "Root config message for HL7v2 schema. This contains a schema structure of groups and segments, and filters that determine which messages to apply the schema structure to.", "properties": { "messageSchemaConfigs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map from each HL7v2 message type and trigger event pair, such as ADT_A04, to its schema configuration root group." }, "version": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:VersionSource" }, "description": "Each VersionSource is tested and only if they all match is the schema used for the message." } }, "type": "object" }, "google-native:healthcare/v1beta1:Hl7SchemaConfigResponse": { "description": "Root config message for HL7v2 schema. This contains a schema structure of groups and segments, and filters that determine which messages to apply the schema structure to.", "properties": { "messageSchemaConfigs": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Map from each HL7v2 message type and trigger event pair, such as ADT_A04, to its schema configuration root group." }, "version": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:VersionSourceResponse" }, "description": "Each VersionSource is tested and only if they all match is the schema used for the message." } }, "type": "object", "required": [ "messageSchemaConfigs", "version" ] }, "google-native:healthcare/v1beta1:Hl7TypesConfig": { "description": "Root config for HL7v2 datatype definitions for a specific HL7v2 version.", "properties": { "type": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:Type" }, "description": "The HL7v2 type definitions." }, "version": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:VersionSource" }, "description": "The version selectors that this config applies to. A message must match ALL version sources to apply." } }, "type": "object" }, "google-native:healthcare/v1beta1:Hl7TypesConfigResponse": { "description": "Root config for HL7v2 datatype definitions for a specific HL7v2 version.", "properties": { "type": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:TypeResponse" }, "description": "The HL7v2 type definitions." }, "version": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:VersionSourceResponse" }, "description": "The version selectors that this config applies to. A message must match ALL version sources to apply." } }, "type": "object", "required": [ "type", "version" ] }, "google-native:healthcare/v1beta1:Hl7V2NotificationConfig": { "description": "Specifies where and whether to send notifications upon changes to a data store.", "properties": { "filter": { "type": "string", "description": "Restricts notifications sent for messages matching a filter. If this is empty, all messages are matched. The following syntax is available: * A string field value can be written as text inside quotation marks, for example `\"query text\"`. The only valid relational operation for text fields is equality (`=`), where text is searched within the field, rather than having the field be equal to the text. For example, `\"Comment = great\"` returns messages with `great` in the comment field. * A number field value can be written as an integer, a decimal, or an exponential. The valid relational operators for number fields are the equality operator (`=`), along with the less than/greater than operators (`<`, `<=`, `>`, `>=`). Note that there is no inequality (`!=`) operator. You can prepend the `NOT` operator to an expression to negate it. * A date field value must be written in `yyyy-mm-dd` form. Fields with date and time use the RFC3339 time format. Leading zeros are required for one-digit months and days. The valid relational operators for date fields are the equality operator (`=`) , along with the less than/greater than operators (`<`, `<=`, `>`, `>=`). Note that there is no inequality (`!=`) operator. You can prepend the `NOT` operator to an expression to negate it. * Multiple field query expressions can be combined in one query by adding `AND` or `OR` operators between the expressions. If a boolean operator appears within a quoted string, it is not treated as special, it's just another part of the character string to be matched. You can prepend the `NOT` operator to an expression to negate it. Fields/functions available for filtering are: * `message_type`, from the MSH-9.1 field. For example, `NOT message_type = \"ADT\"`. * `send_date` or `sendDate`, the YYYY-MM-DD date the message was sent in the dataset's time_zone, from the MSH-7 segment. For example, `send_date < \"2017-01-02\"`. * `send_time`, the timestamp when the message was sent, using the RFC3339 time format for comparisons, from the MSH-7 segment. For example, `send_time < \"2017-01-02T00:00:00-05:00\"`. * `create_time`, the timestamp when the message was created in the HL7v2 store. Use the RFC3339 time format for comparisons. For example, `create_time < \"2017-01-02T00:00:00-05:00\"`. * `send_facility`, the care center that the message came from, from the MSH-4 segment. For example, `send_facility = \"ABC\"`. * `PatientId(value, type)`, which matches if the message lists a patient having an ID of the given value and type in the PID-2, PID-3, or PID-4 segments. For example, `PatientId(\"123456\", \"MRN\")`. * `labels.x`, a string value of the label with key `x` as set using the Message.labels map. For example, `labels.\"priority\"=\"high\"`. The operator `:*` can be used to assert the existence of a label. For example, `labels.\"priority\":*`." }, "pubsubTopic": { "type": "string", "description": "The [Pub/Sub](https://cloud.google.com/pubsub/docs/) topic that notifications of changes are published on. Supplied by the client. The notification is a `PubsubMessage` with the following fields: * `PubsubMessage.Data` contains the resource name. * `PubsubMessage.MessageId` is the ID of this notification. It is guaranteed to be unique within the topic. * `PubsubMessage.PublishTime` is the time when the message was published. Note that notifications are only sent if the topic is non-empty. [Topic names](https://cloud.google.com/pubsub/docs/overview#names) must be scoped to a project. Cloud Healthcare API service account must have publisher permissions on the given Pub/Sub topic. Not having adequate permissions causes the calls that send notifications to fail. If a notification can't be published to Pub/Sub, errors are logged to Cloud Logging. For more information, see [Viewing error logs in Cloud Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)." } }, "type": "object" }, "google-native:healthcare/v1beta1:Hl7V2NotificationConfigResponse": { "description": "Specifies where and whether to send notifications upon changes to a data store.", "properties": { "filter": { "type": "string", "description": "Restricts notifications sent for messages matching a filter. If this is empty, all messages are matched. The following syntax is available: * A string field value can be written as text inside quotation marks, for example `\"query text\"`. The only valid relational operation for text fields is equality (`=`), where text is searched within the field, rather than having the field be equal to the text. For example, `\"Comment = great\"` returns messages with `great` in the comment field. * A number field value can be written as an integer, a decimal, or an exponential. The valid relational operators for number fields are the equality operator (`=`), along with the less than/greater than operators (`<`, `<=`, `>`, `>=`). Note that there is no inequality (`!=`) operator. You can prepend the `NOT` operator to an expression to negate it. * A date field value must be written in `yyyy-mm-dd` form. Fields with date and time use the RFC3339 time format. Leading zeros are required for one-digit months and days. The valid relational operators for date fields are the equality operator (`=`) , along with the less than/greater than operators (`<`, `<=`, `>`, `>=`). Note that there is no inequality (`!=`) operator. You can prepend the `NOT` operator to an expression to negate it. * Multiple field query expressions can be combined in one query by adding `AND` or `OR` operators between the expressions. If a boolean operator appears within a quoted string, it is not treated as special, it's just another part of the character string to be matched. You can prepend the `NOT` operator to an expression to negate it. Fields/functions available for filtering are: * `message_type`, from the MSH-9.1 field. For example, `NOT message_type = \"ADT\"`. * `send_date` or `sendDate`, the YYYY-MM-DD date the message was sent in the dataset's time_zone, from the MSH-7 segment. For example, `send_date < \"2017-01-02\"`. * `send_time`, the timestamp when the message was sent, using the RFC3339 time format for comparisons, from the MSH-7 segment. For example, `send_time < \"2017-01-02T00:00:00-05:00\"`. * `create_time`, the timestamp when the message was created in the HL7v2 store. Use the RFC3339 time format for comparisons. For example, `create_time < \"2017-01-02T00:00:00-05:00\"`. * `send_facility`, the care center that the message came from, from the MSH-4 segment. For example, `send_facility = \"ABC\"`. * `PatientId(value, type)`, which matches if the message lists a patient having an ID of the given value and type in the PID-2, PID-3, or PID-4 segments. For example, `PatientId(\"123456\", \"MRN\")`. * `labels.x`, a string value of the label with key `x` as set using the Message.labels map. For example, `labels.\"priority\"=\"high\"`. The operator `:*` can be used to assert the existence of a label. For example, `labels.\"priority\":*`." }, "pubsubTopic": { "type": "string", "description": "The [Pub/Sub](https://cloud.google.com/pubsub/docs/) topic that notifications of changes are published on. Supplied by the client. The notification is a `PubsubMessage` with the following fields: * `PubsubMessage.Data` contains the resource name. * `PubsubMessage.MessageId` is the ID of this notification. It is guaranteed to be unique within the topic. * `PubsubMessage.PublishTime` is the time when the message was published. Note that notifications are only sent if the topic is non-empty. [Topic names](https://cloud.google.com/pubsub/docs/overview#names) must be scoped to a project. Cloud Healthcare API service account must have publisher permissions on the given Pub/Sub topic. Not having adequate permissions causes the calls that send notifications to fail. If a notification can't be published to Pub/Sub, errors are logged to Cloud Logging. For more information, see [Viewing error logs in Cloud Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)." } }, "type": "object", "required": [ "filter", "pubsubTopic" ] }, "google-native:healthcare/v1beta1:Image": { "description": "Raw bytes representing consent artifact content.", "properties": { "gcsUri": { "type": "string", "description": "Input only. Points to a Cloud Storage URI containing the consent artifact content. The URI must be in the following format: `gs://{bucket_id}/{object_id}`. The Cloud Healthcare API service account must have the `roles/storage.objectViewer` Cloud IAM role for this Cloud Storage location. The consent artifact content at this URI is copied to a Cloud Storage location managed by the Cloud Healthcare API. Responses to fetching requests return the consent artifact content in raw_bytes." }, "rawBytes": { "type": "string", "description": "Consent artifact content represented as a stream of bytes. This field is populated when returned in GetConsentArtifact response, but not included in CreateConsentArtifact and ListConsentArtifact response." } }, "type": "object" }, "google-native:healthcare/v1beta1:ImageAnnotation": { "description": "Image annotation.", "properties": { "boundingPolys": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:BoundingPoly" }, "description": "The list of polygons outlining the sensitive regions in the image." }, "frameIndex": { "type": "integer", "description": "0-based index of the image frame. For example, an image frame in a DICOM instance." } }, "type": "object" }, "google-native:healthcare/v1beta1:ImageAnnotationResponse": { "description": "Image annotation.", "properties": { "boundingPolys": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:BoundingPolyResponse" }, "description": "The list of polygons outlining the sensitive regions in the image." }, "frameIndex": { "type": "integer", "description": "0-based index of the image frame. For example, an image frame in a DICOM instance." } }, "type": "object", "required": [ "boundingPolys", "frameIndex" ] }, "google-native:healthcare/v1beta1:ImageConfig": { "description": "Specifies how to handle de-identification of image pixels.", "properties": { "additionalInfoTypes": { "type": "array", "items": { "type": "string" }, "description": "Additional InfoTypes to redact in the images in addition to those used by `text_redaction_mode`. Can only be used when `text_redaction_mode` is set to `REDACT_SENSITIVE_TEXT`, `REDACT_SENSITIVE_TEXT_CLEAN_DESCRIPTORS` or `TEXT_REDACTION_MODE_UNSPECIFIED`." }, "excludeInfoTypes": { "type": "array", "items": { "type": "string" }, "description": "InfoTypes to skip redacting, overriding those used by `text_redaction_mode`. Can only be used when `text_redaction_mode` is set to `REDACT_SENSITIVE_TEXT` or `REDACT_SENSITIVE_TEXT_CLEAN_DESCRIPTORS`." }, "textRedactionMode": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:ImageConfigTextRedactionMode", "description": "Determines how to redact text from image." } }, "type": "object" }, "google-native:healthcare/v1beta1:ImageConfigResponse": { "description": "Specifies how to handle de-identification of image pixels.", "properties": { "additionalInfoTypes": { "type": "array", "items": { "type": "string" }, "description": "Additional InfoTypes to redact in the images in addition to those used by `text_redaction_mode`. Can only be used when `text_redaction_mode` is set to `REDACT_SENSITIVE_TEXT`, `REDACT_SENSITIVE_TEXT_CLEAN_DESCRIPTORS` or `TEXT_REDACTION_MODE_UNSPECIFIED`." }, "excludeInfoTypes": { "type": "array", "items": { "type": "string" }, "description": "InfoTypes to skip redacting, overriding those used by `text_redaction_mode`. Can only be used when `text_redaction_mode` is set to `REDACT_SENSITIVE_TEXT` or `REDACT_SENSITIVE_TEXT_CLEAN_DESCRIPTORS`." }, "textRedactionMode": { "type": "string", "description": "Determines how to redact text from image." } }, "type": "object", "required": [ "additionalInfoTypes", "excludeInfoTypes", "textRedactionMode" ] }, "google-native:healthcare/v1beta1:ImageConfigTextRedactionMode": { "description": "Determines how to redact text from image.", "type": "string", "enum": [ { "name": "TextRedactionModeUnspecified", "description": "No text redaction specified. Same as REDACT_NO_TEXT.", "value": "TEXT_REDACTION_MODE_UNSPECIFIED" }, { "name": "RedactAllText", "description": "Redact all text.", "value": "REDACT_ALL_TEXT" }, { "name": "RedactSensitiveText", "description": "Redact sensitive text. Uses the set of [Default DICOM InfoTypes](https://cloud.google.com/healthcare-api/docs/how-tos/dicom-deidentify#default_dicom_infotypes).", "value": "REDACT_SENSITIVE_TEXT" }, { "name": "RedactNoText", "description": "Do not redact text.", "value": "REDACT_NO_TEXT" }, { "name": "RedactSensitiveTextCleanDescriptors", "description": "This mode is like `REDACT_SENSITIVE_TEXT` with the addition of the [Clean Descriptors Option] (https://dicom.nema.org/medical/dicom/2018e/output/chtml/part15/sect_E.3.5.html) enabled: When cleaning text, the process attempts to transform phrases matching any of the tags marked for removal (action codes D, Z, X, and U) in the [Basic Profile] (https://dicom.nema.org/medical/dicom/2018e/output/chtml/part15/chapter_E.html). These contextual phrases are replaced with the token \"[CTX]\". This mode uses an additional InfoType during inspection.", "value": "REDACT_SENSITIVE_TEXT_CLEAN_DESCRIPTORS" } ] }, "google-native:healthcare/v1beta1:ImageResponse": { "description": "Raw bytes representing consent artifact content.", "properties": { "gcsUri": { "type": "string", "description": "Input only. Points to a Cloud Storage URI containing the consent artifact content. The URI must be in the following format: `gs://{bucket_id}/{object_id}`. The Cloud Healthcare API service account must have the `roles/storage.objectViewer` Cloud IAM role for this Cloud Storage location. The consent artifact content at this URI is copied to a Cloud Storage location managed by the Cloud Healthcare API. Responses to fetching requests return the consent artifact content in raw_bytes." }, "rawBytes": { "type": "string", "description": "Consent artifact content represented as a stream of bytes. This field is populated when returned in GetConsentArtifact response, but not included in CreateConsentArtifact and ListConsentArtifact response." } }, "type": "object", "required": [ "gcsUri", "rawBytes" ] }, "google-native:healthcare/v1beta1:InfoTypeTransformation": { "description": "A transformation to apply to text that is identified as a specific info_type.", "properties": { "characterMaskConfig": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:CharacterMaskConfig", "description": "Config for character mask." }, "cryptoHashConfig": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:CryptoHashConfig", "description": "Config for crypto hash." }, "dateShiftConfig": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:DateShiftConfig", "description": "Config for date shift." }, "infoTypes": { "type": "array", "items": { "type": "string" }, "description": "`InfoTypes` to apply this transformation to. If this is not specified, this transformation becomes the default transformation, and is used for any `info_type` that is not specified in another transformation." }, "redactConfig": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:RedactConfig", "description": "Config for text redaction." }, "replaceWithInfoTypeConfig": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:ReplaceWithInfoTypeConfig", "description": "Config for replace with InfoType." } }, "type": "object" }, "google-native:healthcare/v1beta1:InfoTypeTransformationResponse": { "description": "A transformation to apply to text that is identified as a specific info_type.", "properties": { "characterMaskConfig": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:CharacterMaskConfigResponse", "description": "Config for character mask." }, "cryptoHashConfig": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:CryptoHashConfigResponse", "description": "Config for crypto hash." }, "dateShiftConfig": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:DateShiftConfigResponse", "description": "Config for date shift." }, "infoTypes": { "type": "array", "items": { "type": "string" }, "description": "`InfoTypes` to apply this transformation to. If this is not specified, this transformation becomes the default transformation, and is used for any `info_type` that is not specified in another transformation." }, "redactConfig": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:RedactConfigResponse", "description": "Config for text redaction." }, "replaceWithInfoTypeConfig": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:ReplaceWithInfoTypeConfigResponse", "description": "Config for replace with InfoType." } }, "type": "object", "required": [ "characterMaskConfig", "cryptoHashConfig", "dateShiftConfig", "infoTypes", "redactConfig", "replaceWithInfoTypeConfig" ] }, "google-native:healthcare/v1beta1:KeepExtensionsConfig": { "description": "The behavior for handling FHIR extensions that aren't otherwise specified for de-identification. If provided, all extensions are preserved during de-identification by default. If unspecified, all extensions are removed during de-identification by default.", "type": "object" }, "google-native:healthcare/v1beta1:KeepExtensionsConfigResponse": { "description": "The behavior for handling FHIR extensions that aren't otherwise specified for de-identification. If provided, all extensions are preserved during de-identification by default. If unspecified, all extensions are removed during de-identification by default.", "type": "object" }, "google-native:healthcare/v1beta1:KeepField": { "description": "Keep field unchanged.", "type": "object" }, "google-native:healthcare/v1beta1:KeepFieldResponse": { "description": "Keep field unchanged.", "type": "object" }, "google-native:healthcare/v1beta1:KeepTag": { "description": "Keep tag unchanged.", "type": "object" }, "google-native:healthcare/v1beta1:KeepTagResponse": { "description": "Keep tag unchanged.", "type": "object" }, "google-native:healthcare/v1beta1:KmsWrappedCryptoKey": { "description": "Include to use an existing data crypto key wrapped by KMS. The wrapped key must be a 128-, 192-, or 256-bit key. The key must grant the Cloud IAM permission `cloudkms.cryptoKeyVersions.useToDecrypt` to the project's Cloud Healthcare Service Agent service account. For more information, see [Creating a wrapped key] (https://cloud.google.com/dlp/docs/create-wrapped-key).", "properties": { "cryptoKey": { "type": "string", "description": "The resource name of the KMS CryptoKey to use for unwrapping. For example, `projects/{project_id}/locations/{location_id}/keyRings/{keyring}/cryptoKeys/{key}`." }, "wrappedKey": { "type": "string", "description": "The wrapped data crypto key." } }, "type": "object", "required": [ "cryptoKey", "wrappedKey" ] }, "google-native:healthcare/v1beta1:KmsWrappedCryptoKeyResponse": { "description": "Include to use an existing data crypto key wrapped by KMS. The wrapped key must be a 128-, 192-, or 256-bit key. The key must grant the Cloud IAM permission `cloudkms.cryptoKeyVersions.useToDecrypt` to the project's Cloud Healthcare Service Agent service account. For more information, see [Creating a wrapped key] (https://cloud.google.com/dlp/docs/create-wrapped-key).", "properties": { "cryptoKey": { "type": "string", "description": "The resource name of the KMS CryptoKey to use for unwrapping. For example, `projects/{project_id}/locations/{location_id}/keyRings/{keyring}/cryptoKeys/{key}`." }, "wrappedKey": { "type": "string", "description": "The wrapped data crypto key." } }, "type": "object", "required": [ "cryptoKey", "wrappedKey" ] }, "google-native:healthcare/v1beta1:NotificationConfig": { "description": "Specifies where to send notifications upon changes to a data store.", "properties": { "pubsubTopic": { "type": "string", "description": "The [Pub/Sub](https://cloud.google.com/pubsub/docs/) topic that notifications of changes are published on. Supplied by the client. PubsubMessage.Data contains the resource name. PubsubMessage.MessageId is the ID of this message. It is guaranteed to be unique within the topic. PubsubMessage.PublishTime is the time at which the message was published. Notifications are only sent if the topic is non-empty. [Topic names](https://cloud.google.com/pubsub/docs/overview#names) must be scoped to a project. Cloud Healthcare API service account must have publisher permissions on the given Pub/Sub topic. Not having adequate permissions causes the calls that send notifications to fail. If a notification can't be published to Pub/Sub, errors are logged to Cloud Logging (see [Viewing error logs in Cloud Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). If the number of errors exceeds a certain rate, some aren't submitted. Note that not all operations trigger notifications, see [Configuring Pub/Sub notifications](https://cloud.google.com/healthcare/docs/how-tos/pubsub) for specific details." }, "sendForBulkImport": { "type": "boolean", "description": "Indicates whether or not to send Pub/Sub notifications on bulk import. Only supported for DICOM imports." } }, "type": "object" }, "google-native:healthcare/v1beta1:NotificationConfigResponse": { "description": "Specifies where to send notifications upon changes to a data store.", "properties": { "pubsubTopic": { "type": "string", "description": "The [Pub/Sub](https://cloud.google.com/pubsub/docs/) topic that notifications of changes are published on. Supplied by the client. PubsubMessage.Data contains the resource name. PubsubMessage.MessageId is the ID of this message. It is guaranteed to be unique within the topic. PubsubMessage.PublishTime is the time at which the message was published. Notifications are only sent if the topic is non-empty. [Topic names](https://cloud.google.com/pubsub/docs/overview#names) must be scoped to a project. Cloud Healthcare API service account must have publisher permissions on the given Pub/Sub topic. Not having adequate permissions causes the calls that send notifications to fail. If a notification can't be published to Pub/Sub, errors are logged to Cloud Logging (see [Viewing error logs in Cloud Logging](https://cloud.google.com/healthcare/docs/how-tos/logging)). If the number of errors exceeds a certain rate, some aren't submitted. Note that not all operations trigger notifications, see [Configuring Pub/Sub notifications](https://cloud.google.com/healthcare/docs/how-tos/pubsub) for specific details." }, "sendForBulkImport": { "type": "boolean", "description": "Indicates whether or not to send Pub/Sub notifications on bulk import. Only supported for DICOM imports." } }, "type": "object", "required": [ "pubsubTopic", "sendForBulkImport" ] }, "google-native:healthcare/v1beta1:Options": { "description": "Specifies additional options to apply to the base profile.", "properties": { "cleanDescriptors": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:CleanDescriptorsOption", "description": "Set Clean Descriptors Option." }, "cleanImage": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:ImageConfig", "description": "Apply `Action.clean_image` to [`PixelData`](http://dicom.nema.org/medical/dicom/2018e/output/chtml/part06/chapter_6.html) as configured." }, "primaryIds": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:OptionsPrimaryIds", "description": "Set `Action` for [`StudyInstanceUID`, `SeriesInstanceUID`, `SOPInstanceUID`, and `MediaStorageSOPInstanceUID`](http://dicom.nema.org/medical/dicom/2018e/output/chtml/part06/chapter_6.html)." } }, "type": "object" }, "google-native:healthcare/v1beta1:OptionsPrimaryIds": { "description": "Set `Action` for [`StudyInstanceUID`, `SeriesInstanceUID`, `SOPInstanceUID`, and `MediaStorageSOPInstanceUID`](http://dicom.nema.org/medical/dicom/2018e/output/chtml/part06/chapter_6.html).", "type": "string", "enum": [ { "name": "PrimaryIdsOptionUnspecified", "description": "No value provided. Default to the behavior specified by the base profile.", "value": "PRIMARY_IDS_OPTION_UNSPECIFIED" }, { "name": "Keep", "description": "Keep primary IDs.", "value": "KEEP" }, { "name": "Regen", "description": "Regenerate primary IDs.", "value": "REGEN" } ] }, "google-native:healthcare/v1beta1:OptionsResponse": { "description": "Specifies additional options to apply to the base profile.", "properties": { "cleanDescriptors": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:CleanDescriptorsOptionResponse", "description": "Set Clean Descriptors Option." }, "cleanImage": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:ImageConfigResponse", "description": "Apply `Action.clean_image` to [`PixelData`](http://dicom.nema.org/medical/dicom/2018e/output/chtml/part06/chapter_6.html) as configured." }, "primaryIds": { "type": "string", "description": "Set `Action` for [`StudyInstanceUID`, `SeriesInstanceUID`, `SOPInstanceUID`, and `MediaStorageSOPInstanceUID`](http://dicom.nema.org/medical/dicom/2018e/output/chtml/part06/chapter_6.html)." } }, "type": "object", "required": [ "cleanDescriptors", "cleanImage", "primaryIds" ] }, "google-native:healthcare/v1beta1:ParsedDataResponse": { "description": "The content of an HL7v2 message in a structured format.", "properties": { "segments": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:SegmentResponse" } } }, "type": "object", "required": [ "segments" ] }, "google-native:healthcare/v1beta1:ParserConfig": { "description": "The configuration for the parser. It determines how the server parses the messages.", "properties": { "allowNullHeader": { "type": "boolean", "description": "Determines whether messages with no header are allowed." }, "schema": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:SchemaPackage", "description": "Schemas used to parse messages in this store, if schematized parsing is desired." }, "segmentTerminator": { "type": "string", "description": "Byte(s) to use as the segment terminator. If this is unset, '\\r' is used as segment terminator, matching the HL7 version 2 specification." }, "version": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:ParserConfigVersion", "description": "Immutable. Determines the version of both the default parser to be used when `schema` is not given, as well as the schematized parser used when `schema` is specified. This field is immutable after HL7v2 store creation." } }, "type": "object" }, "google-native:healthcare/v1beta1:ParserConfigResponse": { "description": "The configuration for the parser. It determines how the server parses the messages.", "properties": { "allowNullHeader": { "type": "boolean", "description": "Determines whether messages with no header are allowed." }, "schema": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:SchemaPackageResponse", "description": "Schemas used to parse messages in this store, if schematized parsing is desired." }, "segmentTerminator": { "type": "string", "description": "Byte(s) to use as the segment terminator. If this is unset, '\\r' is used as segment terminator, matching the HL7 version 2 specification." }, "version": { "type": "string", "description": "Immutable. Determines the version of both the default parser to be used when `schema` is not given, as well as the schematized parser used when `schema` is specified. This field is immutable after HL7v2 store creation." } }, "type": "object", "required": [ "allowNullHeader", "schema", "segmentTerminator", "version" ] }, "google-native:healthcare/v1beta1:ParserConfigVersion": { "description": "Immutable. Determines the version of both the default parser to be used when `schema` is not given, as well as the schematized parser used when `schema` is specified. This field is immutable after HL7v2 store creation.", "type": "string", "enum": [ { "name": "ParserVersionUnspecified", "description": "Unspecified parser version, equivalent to V1.", "value": "PARSER_VERSION_UNSPECIFIED" }, { "name": "V1", "description": "The `parsed_data` includes every given non-empty message field except the Field Separator (MSH-1) field. As a result, the parsed MSH segment starts with the MSH-2 field and the field numbers are off-by-one with respect to the HL7 standard.", "value": "V1" }, { "name": "V2", "description": "The `parsed_data` includes every given non-empty message field.", "value": "V2" }, { "name": "V3", "description": "This version is the same as V2, with the following change. The `parsed_data` contains unescaped escaped field separators, component separators, sub-component separators, repetition separators, escape characters, and truncation characters. If `schema` is specified, the schematized parser uses improved parsing heuristics compared to previous versions.", "value": "V3" } ] }, "google-native:healthcare/v1beta1:PatientId": { "description": "A patient identifier and associated type.", "properties": { "type": { "type": "string", "description": "ID type. For example, MRN or NHS." }, "value": { "type": "string", "description": "The patient's unique identifier." } }, "type": "object" }, "google-native:healthcare/v1beta1:PatientIdResponse": { "description": "A patient identifier and associated type.", "properties": { "type": { "type": "string", "description": "ID type. For example, MRN or NHS." }, "value": { "type": "string", "description": "The patient's unique identifier." } }, "type": "object", "required": [ "type", "value" ] }, "google-native:healthcare/v1beta1:RecurseTag": { "description": "Recursively apply DICOM de-id to tags nested in a sequence. Supported [Value Representation] (http://dicom.nema.org/medical/dicom/2018e/output/chtml/part05/sect_6.2.html#table_6.2-1): SQ", "type": "object" }, "google-native:healthcare/v1beta1:RecurseTagResponse": { "description": "Recursively apply DICOM de-id to tags nested in a sequence. Supported [Value Representation] (http://dicom.nema.org/medical/dicom/2018e/output/chtml/part05/sect_6.2.html#table_6.2-1): SQ", "type": "object" }, "google-native:healthcare/v1beta1:RedactConfig": { "description": "Define how to redact sensitive values. Default behaviour is erase. For example, \"My name is Jane.\" becomes \"My name is .\"", "type": "object" }, "google-native:healthcare/v1beta1:RedactConfigResponse": { "description": "Define how to redact sensitive values. Default behaviour is erase. For example, \"My name is Jane.\" becomes \"My name is .\"", "type": "object" }, "google-native:healthcare/v1beta1:RegenUidTag": { "description": "Replace UID with a new generated UID. Supported [Value Representation] (http://dicom.nema.org/medical/dicom/2018e/output/chtml/part05/sect_6.2.html#table_6.2-1): UI", "type": "object" }, "google-native:healthcare/v1beta1:RegenUidTagResponse": { "description": "Replace UID with a new generated UID. Supported [Value Representation] (http://dicom.nema.org/medical/dicom/2018e/output/chtml/part05/sect_6.2.html#table_6.2-1): UI", "type": "object" }, "google-native:healthcare/v1beta1:RemoveField": { "description": "Remove field.", "type": "object" }, "google-native:healthcare/v1beta1:RemoveFieldResponse": { "description": "Remove field.", "type": "object" }, "google-native:healthcare/v1beta1:RemoveTag": { "description": "Replace with empty tag.", "type": "object" }, "google-native:healthcare/v1beta1:RemoveTagResponse": { "description": "Replace with empty tag.", "type": "object" }, "google-native:healthcare/v1beta1:ReplaceWithInfoTypeConfig": { "description": "When using the INSPECT_AND_TRANSFORM action, each match is replaced with the name of the info_type. For example, \"My name is Jane\" becomes \"My name is [PERSON_NAME].\" The TRANSFORM action is equivalent to redacting.", "type": "object" }, "google-native:healthcare/v1beta1:ReplaceWithInfoTypeConfigResponse": { "description": "When using the INSPECT_AND_TRANSFORM action, each match is replaced with the name of the info_type. For example, \"My name is Jane\" becomes \"My name is [PERSON_NAME].\" The TRANSFORM action is equivalent to redacting.", "type": "object" }, "google-native:healthcare/v1beta1:ResetTag": { "description": "Reset tag to a placeholder value.", "type": "object" }, "google-native:healthcare/v1beta1:ResetTagResponse": { "description": "Reset tag to a placeholder value.", "type": "object" }, "google-native:healthcare/v1beta1:ResourceAnnotation": { "description": "Resource level annotation.", "properties": { "label": { "type": "string", "description": "A description of the annotation record." } }, "type": "object" }, "google-native:healthcare/v1beta1:ResourceAnnotationResponse": { "description": "Resource level annotation.", "properties": { "label": { "type": "string", "description": "A description of the annotation record." } }, "type": "object", "required": [ "label" ] }, "google-native:healthcare/v1beta1:SchemaConfig": { "description": "Configuration for the FHIR BigQuery schema. Determines how the server generates the schema.", "properties": { "lastUpdatedPartitionConfig": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:TimePartitioning", "description": "The configuration for exported BigQuery tables to be partitioned by FHIR resource's last updated time column." }, "recursiveStructureDepth": { "type": "string", "description": "The depth for all recursive structures in the output analytics schema. For example, `concept` in the CodeSystem resource is a recursive structure; when the depth is 2, the CodeSystem table will have a column called `concept.concept` but not `concept.concept.concept`. If not specified or set to 0, the server will use the default value 2. The maximum depth allowed is 5." }, "schemaType": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:SchemaConfigSchemaType", "description": "Specifies the output schema type. Schema type is required." } }, "type": "object" }, "google-native:healthcare/v1beta1:SchemaConfigResponse": { "description": "Configuration for the FHIR BigQuery schema. Determines how the server generates the schema.", "properties": { "lastUpdatedPartitionConfig": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:TimePartitioningResponse", "description": "The configuration for exported BigQuery tables to be partitioned by FHIR resource's last updated time column." }, "recursiveStructureDepth": { "type": "string", "description": "The depth for all recursive structures in the output analytics schema. For example, `concept` in the CodeSystem resource is a recursive structure; when the depth is 2, the CodeSystem table will have a column called `concept.concept` but not `concept.concept.concept`. If not specified or set to 0, the server will use the default value 2. The maximum depth allowed is 5." }, "schemaType": { "type": "string", "description": "Specifies the output schema type. Schema type is required." } }, "type": "object", "required": [ "lastUpdatedPartitionConfig", "recursiveStructureDepth", "schemaType" ] }, "google-native:healthcare/v1beta1:SchemaConfigSchemaType": { "description": "Specifies the output schema type. Schema type is required.", "type": "string", "enum": [ { "name": "SchemaTypeUnspecified", "description": "No schema type specified. This type is unsupported.", "value": "SCHEMA_TYPE_UNSPECIFIED" }, { "name": "Lossless", "description": "A data-driven schema generated from the fields present in the FHIR data being exported, with no additional simplification. This type cannot be used for streaming to BigQuery.", "value": "LOSSLESS" }, { "name": "Analytics", "description": "Analytics schema defined by the FHIR community. See https://github.com/FHIR/sql-on-fhir/blob/master/sql-on-fhir.md. BigQuery only allows a maximum of 10,000 columns per table. Due to this limitation, the server will not generate schemas for fields of type `Resource`, which can hold any resource type. The affected fields are `Parameters.parameter.resource`, `Bundle.entry.resource`, and `Bundle.entry.response.outcome`. Analytics schema does not gracefully handle extensions with one or more occurrences, anaytics schema also does not handle contained resource.", "value": "ANALYTICS" }, { "name": "AnalyticsV2", "description": "Analytics V2, similar to schema defined by the FHIR community, with added support for extensions with one or more occurrences and contained resources in stringified JSON. Analytics V2 uses more space in the destination table than Analytics V1. It is generally recommended to use Analytics V2 over Analytics.", "value": "ANALYTICS_V2" } ] }, "google-native:healthcare/v1beta1:SchemaPackage": { "description": "A schema package contains a set of schemas and type definitions.", "properties": { "ignoreMinOccurs": { "type": "boolean", "description": "Flag to ignore all min_occurs restrictions in the schema. This means that incoming messages can omit any group, segment, field, component, or subcomponent." }, "schemas": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:Hl7SchemaConfig" }, "description": "Schema configs that are layered based on their VersionSources that match the incoming message. Schema configs present in higher indices override those in lower indices with the same message type and trigger event if their VersionSources all match an incoming message." }, "schematizedParsingType": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:SchemaPackageSchematizedParsingType", "description": "Determines how messages that fail to parse are handled." }, "types": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:Hl7TypesConfig" }, "description": "Schema type definitions that are layered based on their VersionSources that match the incoming message. Type definitions present in higher indices override those in lower indices with the same type name if their VersionSources all match an incoming message." }, "unexpectedSegmentHandling": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:SchemaPackageUnexpectedSegmentHandling", "description": "Determines how unexpected segments (segments not matched to the schema) are handled." } }, "type": "object" }, "google-native:healthcare/v1beta1:SchemaPackageResponse": { "description": "A schema package contains a set of schemas and type definitions.", "properties": { "ignoreMinOccurs": { "type": "boolean", "description": "Flag to ignore all min_occurs restrictions in the schema. This means that incoming messages can omit any group, segment, field, component, or subcomponent." }, "schemas": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:Hl7SchemaConfigResponse" }, "description": "Schema configs that are layered based on their VersionSources that match the incoming message. Schema configs present in higher indices override those in lower indices with the same message type and trigger event if their VersionSources all match an incoming message." }, "schematizedParsingType": { "type": "string", "description": "Determines how messages that fail to parse are handled." }, "types": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:Hl7TypesConfigResponse" }, "description": "Schema type definitions that are layered based on their VersionSources that match the incoming message. Type definitions present in higher indices override those in lower indices with the same type name if their VersionSources all match an incoming message." }, "unexpectedSegmentHandling": { "type": "string", "description": "Determines how unexpected segments (segments not matched to the schema) are handled." } }, "type": "object", "required": [ "ignoreMinOccurs", "schemas", "schematizedParsingType", "types", "unexpectedSegmentHandling" ] }, "google-native:healthcare/v1beta1:SchemaPackageSchematizedParsingType": { "description": "Determines how messages that fail to parse are handled.", "type": "string", "enum": [ { "name": "SchematizedParsingTypeUnspecified", "description": "Unspecified schematized parsing type, equivalent to `SOFT_FAIL`.", "value": "SCHEMATIZED_PARSING_TYPE_UNSPECIFIED" }, { "name": "SoftFail", "description": "Messages that fail to parse are still stored and ACKed but a parser error is stored in place of the schematized data.", "value": "SOFT_FAIL" }, { "name": "HardFail", "description": "Messages that fail to parse are rejected from ingestion/insertion and return an error code.", "value": "HARD_FAIL" } ] }, "google-native:healthcare/v1beta1:SchemaPackageUnexpectedSegmentHandling": { "description": "Determines how unexpected segments (segments not matched to the schema) are handled.", "type": "string", "enum": [ { "name": "UnexpectedSegmentHandlingModeUnspecified", "description": "Unspecified handling mode, equivalent to FAIL.", "value": "UNEXPECTED_SEGMENT_HANDLING_MODE_UNSPECIFIED" }, { "name": "Fail", "description": "Unexpected segments fail to parse and return an error.", "value": "FAIL" }, { "name": "Skip", "description": "Unexpected segments do not fail, but are omitted from the output.", "value": "SKIP" }, { "name": "Parse", "description": "Unexpected segments do not fail, but are parsed in place and added to the current group. If a segment has a type definition, it is used, otherwise it is parsed as VARIES.", "value": "PARSE" } ] }, "google-native:healthcare/v1beta1:SchematizedData": { "description": "The content of an HL7v2 message in a structured format as specified by a schema.", "properties": { "data": { "type": "string", "description": "JSON output of the parser." }, "error": { "type": "string", "description": "The error output of the parser." } }, "type": "object" }, "google-native:healthcare/v1beta1:SchematizedDataResponse": { "description": "The content of an HL7v2 message in a structured format as specified by a schema.", "properties": { "data": { "type": "string", "description": "JSON output of the parser." }, "error": { "type": "string", "description": "The error output of the parser." } }, "type": "object", "required": [ "data", "error" ] }, "google-native:healthcare/v1beta1:SearchConfig": { "description": "Contains the configuration for FHIR search.", "properties": { "searchParameters": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:SearchParameter" }, "description": "A list of search parameters in this FHIR store that are used to configure this FHIR store." } }, "type": "object" }, "google-native:healthcare/v1beta1:SearchConfigResponse": { "description": "Contains the configuration for FHIR search.", "properties": { "searchParameters": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:SearchParameterResponse" }, "description": "A list of search parameters in this FHIR store that are used to configure this FHIR store." } }, "type": "object", "required": [ "searchParameters" ] }, "google-native:healthcare/v1beta1:SearchParameter": { "description": "Contains the versioned name and the URL for one SearchParameter.", "properties": { "canonicalUrl": { "type": "string", "description": "The canonical url of the search parameter resource." }, "parameter": { "type": "string", "description": "The versioned name of the search parameter resource. The format is projects/{project-id}/locations/{location}/datasets/{dataset-id}/fhirStores/{fhirStore-id}/fhir/SearchParameter/{resource-id}/_history/{version-id} For fhir stores with disable_resource_versioning=true, the format is projects/{project-id}/locations/{location}/datasets/{dataset-id}/fhirStores/{fhirStore-id}/fhir/SearchParameter/{resource-id}/" } }, "type": "object" }, "google-native:healthcare/v1beta1:SearchParameterResponse": { "description": "Contains the versioned name and the URL for one SearchParameter.", "properties": { "canonicalUrl": { "type": "string", "description": "The canonical url of the search parameter resource." }, "parameter": { "type": "string", "description": "The versioned name of the search parameter resource. The format is projects/{project-id}/locations/{location}/datasets/{dataset-id}/fhirStores/{fhirStore-id}/fhir/SearchParameter/{resource-id}/_history/{version-id} For fhir stores with disable_resource_versioning=true, the format is projects/{project-id}/locations/{location}/datasets/{dataset-id}/fhirStores/{fhirStore-id}/fhir/SearchParameter/{resource-id}/" } }, "type": "object", "required": [ "canonicalUrl", "parameter" ] }, "google-native:healthcare/v1beta1:SegmentResponse": { "description": "A segment in a structured format.", "properties": { "fields": { "type": "object", "additionalProperties": { "type": "string" }, "description": "A mapping from the positional location to the value. The key string uses zero-based indexes separated by dots to identify Fields, components and sub-components. A bracket notation is also used to identify different instances of a repeated field. Regex for key: (\\d+)(\\[\\d+\\])?(.\\d+)?(.\\d+)? Examples of (key, value) pairs: * (0.1, \"hemoglobin\") denotes that the first component of Field 0 has the value \"hemoglobin\". * (1.1.2, \"CBC\") denotes that the second sub-component of the first component of Field 1 has the value \"CBC\". * (1[0].1, \"HbA1c\") denotes that the first component of the first Instance of Field 1, which is repeated, has the value \"HbA1c\"." }, "segmentId": { "type": "string", "description": "A string that indicates the type of segment. For example, EVN or PID." }, "setId": { "type": "string", "description": "Set ID for segments that can be in a set. This can be empty if it's missing or isn't applicable." } }, "type": "object", "required": [ "fields", "segmentId", "setId" ] }, "google-native:healthcare/v1beta1:SensitiveTextAnnotation": { "description": "A TextAnnotation specifies a text range that includes sensitive information.", "properties": { "details": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Maps from a resource slice. For example, FHIR resource field path to a set of sensitive text findings. For example, Appointment.Narrative text1 --> {findings_1, findings_2, findings_3}" } }, "type": "object" }, "google-native:healthcare/v1beta1:SensitiveTextAnnotationResponse": { "description": "A TextAnnotation specifies a text range that includes sensitive information.", "properties": { "details": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Maps from a resource slice. For example, FHIR resource field path to a set of sensitive text findings. For example, Appointment.Narrative text1 --> {findings_1, findings_2, findings_3}" } }, "type": "object", "required": [ "details" ] }, "google-native:healthcare/v1beta1:Signature": { "description": "User signature.", "properties": { "image": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:Image", "description": "Optional. An image of the user's signature." }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Metadata associated with the user's signature. For example, the user's name or the user's title." }, "signatureTime": { "type": "string", "description": "Optional. Timestamp of the signature." }, "userId": { "type": "string", "description": "User's UUID provided by the client." } }, "type": "object", "required": [ "userId" ] }, "google-native:healthcare/v1beta1:SignatureResponse": { "description": "User signature.", "properties": { "image": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:ImageResponse", "description": "Optional. An image of the user's signature." }, "metadata": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Metadata associated with the user's signature. For example, the user's name or the user's title." }, "signatureTime": { "type": "string", "description": "Optional. Timestamp of the signature." }, "userId": { "type": "string", "description": "User's UUID provided by the client." } }, "type": "object", "required": [ "image", "metadata", "signatureTime", "userId" ] }, "google-native:healthcare/v1beta1:StreamConfig": { "description": "Contains configuration for streaming FHIR export.", "properties": { "bigqueryDestination": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:GoogleCloudHealthcareV1beta1FhirBigQueryDestination", "description": "The destination BigQuery structure that contains both the dataset location and corresponding schema config. The output is organized in one table per resource type. The server reuses the existing tables (if any) that are named after the resource types, e.g. \"Patient\", \"Observation\". When there is no existing table for a given resource type, the server attempts to create one. When a table schema doesn't align with the schema config, either because of existing incompatible schema or out of band incompatible modification, the server does not stream in new data. One resolution in this case is to delete the incompatible table and let the server recreate one, though the newly created table only contains data after the table recreation. BigQuery imposes a 1 MB limit on streaming insert row size, therefore any resource mutation that generates more than 1 MB of BigQuery data will not be streamed. Results are written to BigQuery tables according to the parameters in BigQueryDestination.WriteDisposition. Different versions of the same resource are distinguishable by the meta.versionId and meta.lastUpdated columns. The operation (CREATE/UPDATE/DELETE) that results in the new version is recorded in the meta.tag. The tables contain all historical resource versions since streaming was enabled. For query convenience, the server also creates one view per table of the same name containing only the current resource version. The streamed data in the BigQuery dataset is not guaranteed to be completely unique. The combination of the id and meta.versionId columns should ideally identify a single unique row. But in rare cases, duplicates may exist. At query time, users may use the SQL select statement to keep only one of the duplicate rows given an id and meta.versionId pair. Alternatively, the server created view mentioned above also filters out duplicates. If a resource mutation cannot be streamed to BigQuery, errors will be logged to Cloud Logging (see [Viewing error logs in Cloud Logging](https://cloud.google.com/healthcare/docs/how-tos/logging))." }, "deidentifiedStoreDestination": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:DeidentifiedStoreDestination", "description": "The destination FHIR store for de-identified resources. After this field is added, all subsequent creates/updates/patches to the source store will be de-identified using the provided configuration and applied to the destination store. Importing resources to the source store will not trigger the streaming. If the source store already contains resources when this option is enabled, those resources will not be copied to the destination store unless they are subsequently updated. This may result in invalid references in the destination store. Before adding this config, you must grant the healthcare.fhirResources.update permission on the destination store to your project's **Cloud Healthcare Service Agent** [service account](https://cloud.google.com/healthcare/docs/how-tos/permissions-healthcare-api-gcp-products#the_cloud_healthcare_service_agent). The destination store must set enable_update_create to true. The destination store must have disable_referential_integrity set to true. If a resource cannot be de-identified, errors will be logged to Cloud Logging (see [Viewing error logs in Cloud Logging](https://cloud.google.com/healthcare/docs/how-tos/logging))." }, "resourceTypes": { "type": "array", "items": { "type": "string" }, "description": "Supply a FHIR resource type (such as \"Patient\" or \"Observation\"). See https://www.hl7.org/fhir/valueset-resource-types.html for a list of all FHIR resource types. The server treats an empty list as an intent to stream all the supported resource types in this FHIR store." } }, "type": "object" }, "google-native:healthcare/v1beta1:StreamConfigResponse": { "description": "Contains configuration for streaming FHIR export.", "properties": { "bigqueryDestination": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:GoogleCloudHealthcareV1beta1FhirBigQueryDestinationResponse", "description": "The destination BigQuery structure that contains both the dataset location and corresponding schema config. The output is organized in one table per resource type. The server reuses the existing tables (if any) that are named after the resource types, e.g. \"Patient\", \"Observation\". When there is no existing table for a given resource type, the server attempts to create one. When a table schema doesn't align with the schema config, either because of existing incompatible schema or out of band incompatible modification, the server does not stream in new data. One resolution in this case is to delete the incompatible table and let the server recreate one, though the newly created table only contains data after the table recreation. BigQuery imposes a 1 MB limit on streaming insert row size, therefore any resource mutation that generates more than 1 MB of BigQuery data will not be streamed. Results are written to BigQuery tables according to the parameters in BigQueryDestination.WriteDisposition. Different versions of the same resource are distinguishable by the meta.versionId and meta.lastUpdated columns. The operation (CREATE/UPDATE/DELETE) that results in the new version is recorded in the meta.tag. The tables contain all historical resource versions since streaming was enabled. For query convenience, the server also creates one view per table of the same name containing only the current resource version. The streamed data in the BigQuery dataset is not guaranteed to be completely unique. The combination of the id and meta.versionId columns should ideally identify a single unique row. But in rare cases, duplicates may exist. At query time, users may use the SQL select statement to keep only one of the duplicate rows given an id and meta.versionId pair. Alternatively, the server created view mentioned above also filters out duplicates. If a resource mutation cannot be streamed to BigQuery, errors will be logged to Cloud Logging (see [Viewing error logs in Cloud Logging](https://cloud.google.com/healthcare/docs/how-tos/logging))." }, "deidentifiedStoreDestination": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:DeidentifiedStoreDestinationResponse", "description": "The destination FHIR store for de-identified resources. After this field is added, all subsequent creates/updates/patches to the source store will be de-identified using the provided configuration and applied to the destination store. Importing resources to the source store will not trigger the streaming. If the source store already contains resources when this option is enabled, those resources will not be copied to the destination store unless they are subsequently updated. This may result in invalid references in the destination store. Before adding this config, you must grant the healthcare.fhirResources.update permission on the destination store to your project's **Cloud Healthcare Service Agent** [service account](https://cloud.google.com/healthcare/docs/how-tos/permissions-healthcare-api-gcp-products#the_cloud_healthcare_service_agent). The destination store must set enable_update_create to true. The destination store must have disable_referential_integrity set to true. If a resource cannot be de-identified, errors will be logged to Cloud Logging (see [Viewing error logs in Cloud Logging](https://cloud.google.com/healthcare/docs/how-tos/logging))." }, "resourceTypes": { "type": "array", "items": { "type": "string" }, "description": "Supply a FHIR resource type (such as \"Patient\" or \"Observation\"). See https://www.hl7.org/fhir/valueset-resource-types.html for a list of all FHIR resource types. The server treats an empty list as an intent to stream all the supported resource types in this FHIR store." } }, "type": "object", "required": [ "bigqueryDestination", "deidentifiedStoreDestination", "resourceTypes" ] }, "google-native:healthcare/v1beta1:TagFilterList": { "description": "List of tags to be filtered.", "properties": { "tags": { "type": "array", "items": { "type": "string" }, "description": "Tags to be filtered. Tags must be DICOM Data Elements, File Meta Elements, or Directory Structuring Elements, as defined at: http://dicom.nema.org/medical/dicom/current/output/html/part06.html#table_6-1,. They may be provided by \"Keyword\" or \"Tag\". For example, \"PatientID\", \"00100010\"." } }, "type": "object" }, "google-native:healthcare/v1beta1:TagFilterListResponse": { "description": "List of tags to be filtered.", "properties": { "tags": { "type": "array", "items": { "type": "string" }, "description": "Tags to be filtered. Tags must be DICOM Data Elements, File Meta Elements, or Directory Structuring Elements, as defined at: http://dicom.nema.org/medical/dicom/current/output/html/part06.html#table_6-1,. They may be provided by \"Keyword\" or \"Tag\". For example, \"PatientID\", \"00100010\"." } }, "type": "object", "required": [ "tags" ] }, "google-native:healthcare/v1beta1:TextConfig": { "description": "Configures how to transform sensitive text `InfoTypes`.", "properties": { "additionalTransformations": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:InfoTypeTransformation" }, "description": "Additional transformations to apply to the detected data, overriding `profile`." }, "excludeInfoTypes": { "type": "array", "items": { "type": "string" }, "description": "InfoTypes to skip transforming, overriding `profile`." }, "profileType": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:TextConfigProfileType", "description": "Base profile type for text transformation." }, "transformations": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:InfoTypeTransformation" }, "description": "The transformations to apply to the detected data. Deprecated. Use `additional_transformations` instead.", "deprecationMessage": "The transformations to apply to the detected data. Deprecated. Use `additional_transformations` instead." } }, "type": "object" }, "google-native:healthcare/v1beta1:TextConfigProfileType": { "description": "Base profile type for text transformation.", "type": "string", "enum": [ { "name": "ProfileTypeUnspecified", "description": "No profile provided. Same as BASIC.", "value": "PROFILE_TYPE_UNSPECIFIED" }, { "name": "Empty", "description": "Empty profile which does not perform any transformations.", "value": "EMPTY" }, { "name": "Basic", "description": "Automatically converts \"DATE\" infoTypes using a DateShiftConfig, and all other infoTypes using a ReplaceWithInfoTypeConfig.", "value": "BASIC" } ] }, "google-native:healthcare/v1beta1:TextConfigResponse": { "description": "Configures how to transform sensitive text `InfoTypes`.", "properties": { "additionalTransformations": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:InfoTypeTransformationResponse" }, "description": "Additional transformations to apply to the detected data, overriding `profile`." }, "excludeInfoTypes": { "type": "array", "items": { "type": "string" }, "description": "InfoTypes to skip transforming, overriding `profile`." }, "profileType": { "type": "string", "description": "Base profile type for text transformation." }, "transformations": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:InfoTypeTransformationResponse" }, "description": "The transformations to apply to the detected data. Deprecated. Use `additional_transformations` instead.", "deprecationMessage": "The transformations to apply to the detected data. Deprecated. Use `additional_transformations` instead." } }, "type": "object", "required": [ "additionalTransformations", "excludeInfoTypes", "profileType", "transformations" ] }, "google-native:healthcare/v1beta1:TimePartitioning": { "description": "Configuration for FHIR BigQuery time-partitioned tables.", "properties": { "expirationMs": { "type": "string", "description": "Number of milliseconds for which to keep the storage for a partition." }, "type": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:TimePartitioningType", "description": "Type of partitioning." } }, "type": "object" }, "google-native:healthcare/v1beta1:TimePartitioningResponse": { "description": "Configuration for FHIR BigQuery time-partitioned tables.", "properties": { "expirationMs": { "type": "string", "description": "Number of milliseconds for which to keep the storage for a partition." }, "type": { "type": "string", "description": "Type of partitioning." } }, "type": "object", "required": [ "expirationMs", "type" ] }, "google-native:healthcare/v1beta1:TimePartitioningType": { "description": "Type of partitioning.", "type": "string", "enum": [ { "name": "PartitionTypeUnspecified", "description": "Default unknown time.", "value": "PARTITION_TYPE_UNSPECIFIED" }, { "name": "Hour", "description": "Data partitioned by hour.", "value": "HOUR" }, { "name": "Day", "description": "Data partitioned by day.", "value": "DAY" }, { "name": "Month", "description": "Data partitioned by month.", "value": "MONTH" }, { "name": "Year", "description": "Data partitioned by year.", "value": "YEAR" } ] }, "google-native:healthcare/v1beta1:Type": { "description": "A type definition for some HL7v2 type (incl. Segments and Datatypes).", "properties": { "fields": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:Field" }, "description": "The (sub) fields this type has (if not primitive)." }, "name": { "type": "string", "description": "The name of this type. This would be the segment or datatype name. For example, \"PID\" or \"XPN\"." }, "primitive": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:TypePrimitive", "description": "If this is a primitive type then this field is the type of the primitive For example, STRING. Leave unspecified for composite types." } }, "type": "object" }, "google-native:healthcare/v1beta1:TypePrimitive": { "description": "If this is a primitive type then this field is the type of the primitive For example, STRING. Leave unspecified for composite types.", "type": "string", "enum": [ { "name": "PrimitiveUnspecified", "description": "Not a primitive.", "value": "PRIMITIVE_UNSPECIFIED" }, { "name": "String", "description": "String primitive.", "value": "STRING" }, { "name": "Varies", "description": "Element that can have unschematized children.", "value": "VARIES" }, { "name": "UnescapedString", "description": "Like STRING, but all delimiters below this element are ignored.", "value": "UNESCAPED_STRING" } ] }, "google-native:healthcare/v1beta1:TypeResponse": { "description": "A type definition for some HL7v2 type (incl. Segments and Datatypes).", "properties": { "fields": { "type": "array", "items": { "$ref": "#/types/google-native:healthcare%2Fv1beta1:FieldResponse" }, "description": "The (sub) fields this type has (if not primitive)." }, "name": { "type": "string", "description": "The name of this type. This would be the segment or datatype name. For example, \"PID\" or \"XPN\"." }, "primitive": { "type": "string", "description": "If this is a primitive type then this field is the type of the primitive For example, STRING. Leave unspecified for composite types." } }, "type": "object", "required": [ "fields", "name", "primitive" ] }, "google-native:healthcare/v1beta1:ValidationConfig": { "description": "Contains the configuration for FHIR profiles and validation.", "properties": { "disableFhirpathValidation": { "type": "boolean", "description": "Whether to disable FHIRPath validation for incoming resources. Set this to true to disable checking incoming resources for conformance against FHIRPath requirement defined in the FHIR specification. This property only affects resource types that do not have profiles configured for them, any rules in enabled implementation guides will still be enforced." }, "disableProfileValidation": { "type": "boolean", "description": "Whether to disable profile validation for this FHIR store. Set this to true to disable checking incoming resources for conformance against StructureDefinitions in this FHIR store." }, "disableReferenceTypeValidation": { "type": "boolean", "description": "Whether to disable reference type validation for incoming resources. Set this to true to disable checking incoming resources for conformance against reference type requirement defined in the FHIR specification. This property only affects resource types that do not have profiles configured for them, any rules in enabled implementation guides will still be enforced." }, "disableRequiredFieldValidation": { "type": "boolean", "description": "Whether to disable required fields validation for incoming resources. Set this to true to disable checking incoming resources for conformance against required fields requirement defined in the FHIR specification. This property only affects resource types that do not have profiles configured for them, any rules in enabled implementation guides will still be enforced." }, "enabledImplementationGuides": { "type": "array", "items": { "type": "string" }, "description": "A list of ImplementationGuide URLs in this FHIR store that are used to configure the profiles to use for validation. For example, to use the US Core profiles for validation, set `enabled_implementation_guides` to `[\"http://hl7.org/fhir/us/core/ImplementationGuide/ig\"]`. If `enabled_implementation_guides` is empty or omitted, then incoming resources are only required to conform to the base FHIR profiles. Otherwise, a resource must conform to at least one profile listed in the `global` property of one of the enabled ImplementationGuides. The Cloud Healthcare API does not currently enforce all of the rules in a StructureDefinition. The following rules are supported: - min/max - minValue/maxValue - maxLength - type - fixed[x] - pattern[x] on simple types - slicing, when using \"value\" as the discriminator type When a URL cannot be resolved (for example, in a type assertion), the server does not return an error." } }, "type": "object" }, "google-native:healthcare/v1beta1:ValidationConfigResponse": { "description": "Contains the configuration for FHIR profiles and validation.", "properties": { "disableFhirpathValidation": { "type": "boolean", "description": "Whether to disable FHIRPath validation for incoming resources. Set this to true to disable checking incoming resources for conformance against FHIRPath requirement defined in the FHIR specification. This property only affects resource types that do not have profiles configured for them, any rules in enabled implementation guides will still be enforced." }, "disableProfileValidation": { "type": "boolean", "description": "Whether to disable profile validation for this FHIR store. Set this to true to disable checking incoming resources for conformance against StructureDefinitions in this FHIR store." }, "disableReferenceTypeValidation": { "type": "boolean", "description": "Whether to disable reference type validation for incoming resources. Set this to true to disable checking incoming resources for conformance against reference type requirement defined in the FHIR specification. This property only affects resource types that do not have profiles configured for them, any rules in enabled implementation guides will still be enforced." }, "disableRequiredFieldValidation": { "type": "boolean", "description": "Whether to disable required fields validation for incoming resources. Set this to true to disable checking incoming resources for conformance against required fields requirement defined in the FHIR specification. This property only affects resource types that do not have profiles configured for them, any rules in enabled implementation guides will still be enforced." }, "enabledImplementationGuides": { "type": "array", "items": { "type": "string" }, "description": "A list of ImplementationGuide URLs in this FHIR store that are used to configure the profiles to use for validation. For example, to use the US Core profiles for validation, set `enabled_implementation_guides` to `[\"http://hl7.org/fhir/us/core/ImplementationGuide/ig\"]`. If `enabled_implementation_guides` is empty or omitted, then incoming resources are only required to conform to the base FHIR profiles. Otherwise, a resource must conform to at least one profile listed in the `global` property of one of the enabled ImplementationGuides. The Cloud Healthcare API does not currently enforce all of the rules in a StructureDefinition. The following rules are supported: - min/max - minValue/maxValue - maxLength - type - fixed[x] - pattern[x] on simple types - slicing, when using \"value\" as the discriminator type When a URL cannot be resolved (for example, in a type assertion), the server does not return an error." } }, "type": "object", "required": [ "disableFhirpathValidation", "disableProfileValidation", "disableReferenceTypeValidation", "disableRequiredFieldValidation", "enabledImplementationGuides" ] }, "google-native:healthcare/v1beta1:VersionSource": { "description": "Describes a selector for extracting and matching an MSH field to a value.", "properties": { "mshField": { "type": "string", "description": "The field to extract from the MSH segment. For example, \"3.1\" or \"18[1].1\"." }, "value": { "type": "string", "description": "The value to match with the field. For example, \"My Application Name\" or \"2.3\"." } }, "type": "object" }, "google-native:healthcare/v1beta1:VersionSourceResponse": { "description": "Describes a selector for extracting and matching an MSH field to a value.", "properties": { "mshField": { "type": "string", "description": "The field to extract from the MSH segment. For example, \"3.1\" or \"18[1].1\"." }, "value": { "type": "string", "description": "The value to match with the field. For example, \"My Application Name\" or \"2.3\"." } }, "type": "object", "required": [ "mshField", "value" ] }, "google-native:healthcare/v1beta1:Vertex": { "description": "A 2D coordinate in an image. The origin is the top-left.", "properties": { "x": { "type": "number", "description": "X coordinate." }, "y": { "type": "number", "description": "Y coordinate." } }, "type": "object" }, "google-native:healthcare/v1beta1:VertexResponse": { "description": "A 2D coordinate in an image. The origin is the top-left.", "properties": { "x": { "type": "number", "description": "X coordinate." }, "y": { "type": "number", "description": "Y coordinate." } }, "type": "object", "required": [ "x", "y" ] }, "google-native:iam/v1:AccessRestrictions": { "description": "Access related restrictions on the workforce pool.", "properties": { "allowedServices": { "type": "array", "items": { "$ref": "#/types/google-native:iam%2Fv1:ServiceConfig" }, "description": "Optional. Immutable. Services allowed for web sign-in with the workforce pool. If not set by default there are no restrictions." }, "disableProgrammaticSignin": { "type": "boolean", "description": "Optional. Disable programmatic sign-in by disabling token issue via the Security Token API endpoint. See [Security Token Service API] (https://cloud.google.com/iam/docs/reference/sts/rest)." } }, "type": "object" }, "google-native:iam/v1:AccessRestrictionsResponse": { "description": "Access related restrictions on the workforce pool.", "properties": { "allowedServices": { "type": "array", "items": { "$ref": "#/types/google-native:iam%2Fv1:ServiceConfigResponse" }, "description": "Optional. Immutable. Services allowed for web sign-in with the workforce pool. If not set by default there are no restrictions." }, "disableProgrammaticSignin": { "type": "boolean", "description": "Optional. Disable programmatic sign-in by disabling token issue via the Security Token API endpoint. See [Security Token Service API] (https://cloud.google.com/iam/docs/reference/sts/rest)." } }, "type": "object", "required": [ "allowedServices", "disableProgrammaticSignin" ] }, "google-native:iam/v1:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:iam%2Fv1:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:iam/v1:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:iam%2Fv1:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:iam/v1:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:iam%2Fv1:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:iam/v1:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:iam/v1:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:iam/v1:Aws": { "description": "Represents an Amazon Web Services identity provider.", "properties": { "accountId": { "type": "string", "description": "The AWS account ID." } }, "type": "object", "required": [ "accountId" ] }, "google-native:iam/v1:AwsResponse": { "description": "Represents an Amazon Web Services identity provider.", "properties": { "accountId": { "type": "string", "description": "The AWS account ID." } }, "type": "object", "required": [ "accountId" ] }, "google-native:iam/v1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:iam%2Fv1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:iam/v1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:iam%2Fv1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:iam/v1:Condition": { "description": "An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.", "properties": { "description": { "type": "string", "description": "An optional description of the expression. This is a longer text which describes the expression, e.g., when hovering over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "title": { "type": "string", "description": "A title for the expression, i.e. a short string describing its purpose." } }, "type": "object", "required": [ "expression", "title" ] }, "google-native:iam/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:iam/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:iam/v1:GoogleIamAdminV1WorkforcePoolProviderOidc": { "description": "Represents an OpenId Connect 1.0 identity provider.", "properties": { "clientId": { "type": "string", "description": "The client ID. Must match the audience claim of the JWT issued by the identity provider." }, "clientSecret": { "$ref": "#/types/google-native:iam%2Fv1:GoogleIamAdminV1WorkforcePoolProviderOidcClientSecret", "description": "The optional client secret. Required to enable Authorization Code flow for web sign-in." }, "issuerUri": { "type": "string", "description": "The OIDC issuer URI. Must be a valid URI using the 'https' scheme." }, "jwksJson": { "type": "string", "description": "OIDC JWKs in JSON String format. For details on the definition of a JWK, see https://tools.ietf.org/html/rfc7517. If not set, the `jwks_uri` from the discovery document(fetched from the .well-known path of the `issuer_uri`) will be used. Currently, RSA and EC asymmetric keys are supported. The JWK must use following format and include only the following fields: { \"keys\": [ { \"kty\": \"RSA/EC\", \"alg\": \"\", \"use\": \"sig\", \"kid\": \"\", \"n\": \"\", \"e\": \"\", \"x\": \"\", \"y\": \"\", \"crv\": \"\" } ] }" }, "webSsoConfig": { "$ref": "#/types/google-native:iam%2Fv1:GoogleIamAdminV1WorkforcePoolProviderOidcWebSsoConfig", "description": "Configuration for web single sign-on for the OIDC provider. Here, web sign-in refers to console sign-in and gcloud sign-in through the browser." } }, "type": "object", "required": [ "clientId", "issuerUri", "webSsoConfig" ] }, "google-native:iam/v1:GoogleIamAdminV1WorkforcePoolProviderOidcClientSecret": { "description": "Representation of a client secret configured for the OIDC provider.", "properties": { "value": { "$ref": "#/types/google-native:iam%2Fv1:GoogleIamAdminV1WorkforcePoolProviderOidcClientSecretValue", "description": "The value of the client secret." } }, "type": "object" }, "google-native:iam/v1:GoogleIamAdminV1WorkforcePoolProviderOidcClientSecretResponse": { "description": "Representation of a client secret configured for the OIDC provider.", "properties": { "value": { "$ref": "#/types/google-native:iam%2Fv1:GoogleIamAdminV1WorkforcePoolProviderOidcClientSecretValueResponse", "description": "The value of the client secret." } }, "type": "object", "required": [ "value" ] }, "google-native:iam/v1:GoogleIamAdminV1WorkforcePoolProviderOidcClientSecretValue": { "description": "Representation of the value of the client secret.", "properties": { "plainText": { "type": "string", "description": "Input only. The plain text of the client secret value. For security reasons, this field is only used for input and will never be populated in any response." } }, "type": "object" }, "google-native:iam/v1:GoogleIamAdminV1WorkforcePoolProviderOidcClientSecretValueResponse": { "description": "Representation of the value of the client secret.", "properties": { "plainText": { "type": "string", "description": "Input only. The plain text of the client secret value. For security reasons, this field is only used for input and will never be populated in any response." }, "thumbprint": { "type": "string", "description": "A thumbprint to represent the current client secret value." } }, "type": "object", "required": [ "plainText", "thumbprint" ] }, "google-native:iam/v1:GoogleIamAdminV1WorkforcePoolProviderOidcResponse": { "description": "Represents an OpenId Connect 1.0 identity provider.", "properties": { "clientId": { "type": "string", "description": "The client ID. Must match the audience claim of the JWT issued by the identity provider." }, "clientSecret": { "$ref": "#/types/google-native:iam%2Fv1:GoogleIamAdminV1WorkforcePoolProviderOidcClientSecretResponse", "description": "The optional client secret. Required to enable Authorization Code flow for web sign-in." }, "issuerUri": { "type": "string", "description": "The OIDC issuer URI. Must be a valid URI using the 'https' scheme." }, "jwksJson": { "type": "string", "description": "OIDC JWKs in JSON String format. For details on the definition of a JWK, see https://tools.ietf.org/html/rfc7517. If not set, the `jwks_uri` from the discovery document(fetched from the .well-known path of the `issuer_uri`) will be used. Currently, RSA and EC asymmetric keys are supported. The JWK must use following format and include only the following fields: { \"keys\": [ { \"kty\": \"RSA/EC\", \"alg\": \"\", \"use\": \"sig\", \"kid\": \"\", \"n\": \"\", \"e\": \"\", \"x\": \"\", \"y\": \"\", \"crv\": \"\" } ] }" }, "webSsoConfig": { "$ref": "#/types/google-native:iam%2Fv1:GoogleIamAdminV1WorkforcePoolProviderOidcWebSsoConfigResponse", "description": "Configuration for web single sign-on for the OIDC provider. Here, web sign-in refers to console sign-in and gcloud sign-in through the browser." } }, "type": "object", "required": [ "clientId", "clientSecret", "issuerUri", "jwksJson", "webSsoConfig" ] }, "google-native:iam/v1:GoogleIamAdminV1WorkforcePoolProviderOidcWebSsoConfig": { "description": "Configuration for web single sign-on for the OIDC provider.", "properties": { "additionalScopes": { "type": "array", "items": { "type": "string" }, "description": "Additional scopes to request for in the OIDC authentication request on top of scopes requested by default. By default, the `openid`, `profile` and `email` scopes that are supported by the identity provider are requested. Each additional scope may be at most 256 characters. A maximum of 10 additional scopes may be configured." }, "assertionClaimsBehavior": { "$ref": "#/types/google-native:iam%2Fv1:GoogleIamAdminV1WorkforcePoolProviderOidcWebSsoConfigAssertionClaimsBehavior", "description": "The behavior for how OIDC Claims are included in the `assertion` object used for attribute mapping and attribute condition." }, "responseType": { "$ref": "#/types/google-native:iam%2Fv1:GoogleIamAdminV1WorkforcePoolProviderOidcWebSsoConfigResponseType", "description": "The Response Type to request for in the OIDC Authorization Request for web sign-in. The `CODE` Response Type is recommended to avoid the Implicit Flow, for security reasons." } }, "type": "object", "required": [ "assertionClaimsBehavior", "responseType" ] }, "google-native:iam/v1:GoogleIamAdminV1WorkforcePoolProviderOidcWebSsoConfigAssertionClaimsBehavior": { "description": "Required. The behavior for how OIDC Claims are included in the `assertion` object used for attribute mapping and attribute condition.", "type": "string", "enum": [ { "name": "AssertionClaimsBehaviorUnspecified", "description": "No assertion claims behavior specified.", "value": "ASSERTION_CLAIMS_BEHAVIOR_UNSPECIFIED" }, { "name": "MergeUserInfoOverIdTokenClaims", "description": "Merge the UserInfo Endpoint Claims with ID Token Claims, preferring UserInfo Claim Values for the same Claim Name. This option is available only for the Authorization Code Flow.", "value": "MERGE_USER_INFO_OVER_ID_TOKEN_CLAIMS" }, { "name": "OnlyIdTokenClaims", "description": "Only include ID Token Claims.", "value": "ONLY_ID_TOKEN_CLAIMS" } ] }, "google-native:iam/v1:GoogleIamAdminV1WorkforcePoolProviderOidcWebSsoConfigResponse": { "description": "Configuration for web single sign-on for the OIDC provider.", "properties": { "additionalScopes": { "type": "array", "items": { "type": "string" }, "description": "Additional scopes to request for in the OIDC authentication request on top of scopes requested by default. By default, the `openid`, `profile` and `email` scopes that are supported by the identity provider are requested. Each additional scope may be at most 256 characters. A maximum of 10 additional scopes may be configured." }, "assertionClaimsBehavior": { "type": "string", "description": "The behavior for how OIDC Claims are included in the `assertion` object used for attribute mapping and attribute condition." }, "responseType": { "type": "string", "description": "The Response Type to request for in the OIDC Authorization Request for web sign-in. The `CODE` Response Type is recommended to avoid the Implicit Flow, for security reasons." } }, "type": "object", "required": [ "additionalScopes", "assertionClaimsBehavior", "responseType" ] }, "google-native:iam/v1:GoogleIamAdminV1WorkforcePoolProviderOidcWebSsoConfigResponseType": { "description": "Required. The Response Type to request for in the OIDC Authorization Request for web sign-in. The `CODE` Response Type is recommended to avoid the Implicit Flow, for security reasons.", "type": "string", "enum": [ { "name": "ResponseTypeUnspecified", "description": "No Response Type specified.", "value": "RESPONSE_TYPE_UNSPECIFIED" }, { "name": "Code", "description": "The `response_type=code` selection uses the Authorization Code Flow for web sign-in. Requires a configured client secret.", "value": "CODE" }, { "name": "IdToken", "description": "The `response_type=id_token` selection uses the Implicit Flow for web sign-in.", "value": "ID_TOKEN" } ] }, "google-native:iam/v1:GoogleIamAdminV1WorkforcePoolProviderSaml": { "description": "Represents a SAML identity provider.", "properties": { "idpMetadataXml": { "type": "string", "description": "SAML Identity provider configuration metadata xml doc. The xml document should comply with [SAML 2.0 specification](https://docs.oasis-open.org/security/saml/v2.0/saml-metadata-2.0-os.pdf). The max size of the acceptable xml document will be bounded to 128k characters. The metadata xml document should satisfy the following constraints: 1) Must contain an Identity Provider Entity ID. 2) Must contain at least one non-expired signing key certificate. 3) For each signing key: a) Valid from should be no more than 7 days from now. b) Valid to should be no more than 15 years in the future. 4) Up to 3 IdP signing keys are allowed in the metadata xml. When updating the provider's metadata xml, at least one non-expired signing key must overlap with the existing metadata. This requirement is skipped if there are no non-expired signing keys present in the existing metadata." } }, "type": "object", "required": [ "idpMetadataXml" ] }, "google-native:iam/v1:GoogleIamAdminV1WorkforcePoolProviderSamlResponse": { "description": "Represents a SAML identity provider.", "properties": { "idpMetadataXml": { "type": "string", "description": "SAML Identity provider configuration metadata xml doc. The xml document should comply with [SAML 2.0 specification](https://docs.oasis-open.org/security/saml/v2.0/saml-metadata-2.0-os.pdf). The max size of the acceptable xml document will be bounded to 128k characters. The metadata xml document should satisfy the following constraints: 1) Must contain an Identity Provider Entity ID. 2) Must contain at least one non-expired signing key certificate. 3) For each signing key: a) Valid from should be no more than 7 days from now. b) Valid to should be no more than 15 years in the future. 4) Up to 3 IdP signing keys are allowed in the metadata xml. When updating the provider's metadata xml, at least one non-expired signing key must overlap with the existing metadata. This requirement is skipped if there are no non-expired signing keys present in the existing metadata." } }, "type": "object", "required": [ "idpMetadataXml" ] }, "google-native:iam/v1:KeyData": { "description": "Represents a public key data along with its format.", "properties": { "keySpec": { "$ref": "#/types/google-native:iam%2Fv1:KeyDataKeySpec", "description": "The specifications for the key." } }, "type": "object", "required": [ "keySpec" ] }, "google-native:iam/v1:KeyDataKeySpec": { "description": "Required. The specifications for the key.", "type": "string", "enum": [ { "name": "KeySpecUnspecified", "description": "No key specification specified.", "value": "KEY_SPEC_UNSPECIFIED" }, { "name": "Rsa2048", "description": "A 2048 bit RSA key.", "value": "RSA_2048" }, { "name": "Rsa3072", "description": "A 3072 bit RSA key.", "value": "RSA_3072" }, { "name": "Rsa4096", "description": "A 4096 bit RSA key.", "value": "RSA_4096" } ] }, "google-native:iam/v1:KeyDataResponse": { "description": "Represents a public key data along with its format.", "properties": { "format": { "type": "string", "description": "The format of the key." }, "key": { "type": "string", "description": "The key data. The format of the key is represented by the format field." }, "keySpec": { "type": "string", "description": "The specifications for the key." }, "notAfterTime": { "type": "string", "description": "Latest timestamp when this key is valid. Attempts to use this key after this time will fail. Only present if the key data represents a X.509 certificate." }, "notBeforeTime": { "type": "string", "description": "Earliest timestamp when this key is valid. Attempts to use this key before this time will fail. Only present if the key data represents a X.509 certificate." } }, "type": "object", "required": [ "format", "key", "keySpec", "notAfterTime", "notBeforeTime" ] }, "google-native:iam/v1:KeyKeyAlgorithm": { "description": "Which type of key and algorithm to use for the key. The default is currently a 2K RSA key. However this may change in the future.", "type": "string", "enum": [ { "name": "KeyAlgUnspecified", "description": "An unspecified key algorithm.", "value": "KEY_ALG_UNSPECIFIED" }, { "name": "KeyAlgRsa1024", "description": "1k RSA Key.", "value": "KEY_ALG_RSA_1024" }, { "name": "KeyAlgRsa2048", "description": "2k RSA Key.", "value": "KEY_ALG_RSA_2048" } ] }, "google-native:iam/v1:KeyPrivateKeyType": { "description": "The output format of the private key. The default value is `TYPE_GOOGLE_CREDENTIALS_FILE`, which is the Google Credentials File format.", "type": "string", "enum": [ { "name": "TypeUnspecified", "description": "Unspecified. Equivalent to `TYPE_GOOGLE_CREDENTIALS_FILE`.", "value": "TYPE_UNSPECIFIED" }, { "name": "TypePkcs12File", "description": "PKCS12 format. The password for the PKCS12 file is `notasecret`. For more information, see https://tools.ietf.org/html/rfc7292.", "value": "TYPE_PKCS12_FILE" }, { "name": "TypeGoogleCredentialsFile", "description": "Google Credentials File format.", "value": "TYPE_GOOGLE_CREDENTIALS_FILE" } ] }, "google-native:iam/v1:Oidc": { "description": "Represents an OpenId Connect 1.0 identity provider.", "properties": { "allowedAudiences": { "type": "array", "items": { "type": "string" }, "description": "Acceptable values for the `aud` field (audience) in the OIDC token. Token exchange requests are rejected if the token audience does not match one of the configured values. Each audience may be at most 256 characters. A maximum of 10 audiences may be configured. If this list is empty, the OIDC token audience must be equal to the full canonical resource name of the WorkloadIdentityPoolProvider, with or without the HTTPS prefix. For example: ``` //iam.googleapis.com/projects//locations//workloadIdentityPools//providers/ https://iam.googleapis.com/projects//locations//workloadIdentityPools//providers/ ```" }, "issuerUri": { "type": "string", "description": "The OIDC issuer URL. Must be an HTTPS endpoint." }, "jwksJson": { "type": "string", "description": "Optional. OIDC JWKs in JSON String format. For details on the definition of a JWK, see https://tools.ietf.org/html/rfc7517. If not set, the `jwks_uri` from the discovery document(fetched from the .well-known path of the `issuer_uri`) will be used. Currently, RSA and EC asymmetric keys are supported. The JWK must use following format and include only the following fields: { \"keys\": [ { \"kty\": \"RSA/EC\", \"alg\": \"\", \"use\": \"sig\", \"kid\": \"\", \"n\": \"\", \"e\": \"\", \"x\": \"\", \"y\": \"\", \"crv\": \"\" } ] }" } }, "type": "object", "required": [ "issuerUri" ] }, "google-native:iam/v1:OidcResponse": { "description": "Represents an OpenId Connect 1.0 identity provider.", "properties": { "allowedAudiences": { "type": "array", "items": { "type": "string" }, "description": "Acceptable values for the `aud` field (audience) in the OIDC token. Token exchange requests are rejected if the token audience does not match one of the configured values. Each audience may be at most 256 characters. A maximum of 10 audiences may be configured. If this list is empty, the OIDC token audience must be equal to the full canonical resource name of the WorkloadIdentityPoolProvider, with or without the HTTPS prefix. For example: ``` //iam.googleapis.com/projects//locations//workloadIdentityPools//providers/ https://iam.googleapis.com/projects//locations//workloadIdentityPools//providers/ ```" }, "issuerUri": { "type": "string", "description": "The OIDC issuer URL. Must be an HTTPS endpoint." }, "jwksJson": { "type": "string", "description": "Optional. OIDC JWKs in JSON String format. For details on the definition of a JWK, see https://tools.ietf.org/html/rfc7517. If not set, the `jwks_uri` from the discovery document(fetched from the .well-known path of the `issuer_uri`) will be used. Currently, RSA and EC asymmetric keys are supported. The JWK must use following format and include only the following fields: { \"keys\": [ { \"kty\": \"RSA/EC\", \"alg\": \"\", \"use\": \"sig\", \"kid\": \"\", \"n\": \"\", \"e\": \"\", \"x\": \"\", \"y\": \"\", \"crv\": \"\" } ] }" } }, "type": "object", "required": [ "allowedAudiences", "issuerUri", "jwksJson" ] }, "google-native:iam/v1:OrganizationRoleStage": { "description": "The current launch stage of the role. If the `ALPHA` launch stage has been selected for a role, the `stage` field will not be included in the returned definition for the role.", "type": "string", "enum": [ { "name": "Alpha", "description": "The user has indicated this role is currently in an Alpha phase. If this launch stage is selected, the `stage` field will not be included when requesting the definition for a given role.", "value": "ALPHA" }, { "name": "Beta", "description": "The user has indicated this role is currently in a Beta phase.", "value": "BETA" }, { "name": "Ga", "description": "The user has indicated this role is generally available.", "value": "GA" }, { "name": "Deprecated", "description": "The user has indicated this role is being deprecated.", "value": "DEPRECATED" }, { "name": "Disabled", "description": "This role is disabled and will not contribute permissions to any principals it is granted to in policies.", "value": "DISABLED" }, { "name": "Eap", "description": "The user has indicated this role is currently in an EAP phase.", "value": "EAP" } ] }, "google-native:iam/v1:RoleStage": { "description": "The current launch stage of the role. If the `ALPHA` launch stage has been selected for a role, the `stage` field will not be included in the returned definition for the role.", "type": "string", "enum": [ { "name": "Alpha", "description": "The user has indicated this role is currently in an Alpha phase. If this launch stage is selected, the `stage` field will not be included when requesting the definition for a given role.", "value": "ALPHA" }, { "name": "Beta", "description": "The user has indicated this role is currently in a Beta phase.", "value": "BETA" }, { "name": "Ga", "description": "The user has indicated this role is generally available.", "value": "GA" }, { "name": "Deprecated", "description": "The user has indicated this role is being deprecated.", "value": "DEPRECATED" }, { "name": "Disabled", "description": "This role is disabled and will not contribute permissions to any principals it is granted to in policies.", "value": "DISABLED" }, { "name": "Eap", "description": "The user has indicated this role is currently in an EAP phase.", "value": "EAP" } ] }, "google-native:iam/v1:Saml": { "description": "Represents an SAML 2.0 identity provider.", "properties": { "idpMetadataXml": { "type": "string", "description": "SAML Identity provider configuration metadata xml doc. The xml document should comply with [SAML 2.0 specification](https://www.oasis-open.org/committees/download.php/56785/sstc-saml-metadata-errata-2.0-wd-05.pdf). The max size of the acceptable xml document will be bounded to 128k characters. The metadata xml document should satisfy the following constraints: 1) Must contain an Identity Provider Entity ID. 2) Must contain at least one non-expired signing key certificate. 3) For each signing key: a) Valid from should be no more than 7 days from now. b) Valid to should be no more than 15 years in the future. 4) Upto 3 IdP signing keys are allowed in the metadata xml. When updating the provider's metadata xml, at lease one non-expired signing key must overlap with the existing metadata. This requirement is skipped if there are no non-expired signing keys present in the existing metadata" } }, "type": "object", "required": [ "idpMetadataXml" ] }, "google-native:iam/v1:SamlResponse": { "description": "Represents an SAML 2.0 identity provider.", "properties": { "idpMetadataXml": { "type": "string", "description": "SAML Identity provider configuration metadata xml doc. The xml document should comply with [SAML 2.0 specification](https://www.oasis-open.org/committees/download.php/56785/sstc-saml-metadata-errata-2.0-wd-05.pdf). The max size of the acceptable xml document will be bounded to 128k characters. The metadata xml document should satisfy the following constraints: 1) Must contain an Identity Provider Entity ID. 2) Must contain at least one non-expired signing key certificate. 3) For each signing key: a) Valid from should be no more than 7 days from now. b) Valid to should be no more than 15 years in the future. 4) Upto 3 IdP signing keys are allowed in the metadata xml. When updating the provider's metadata xml, at lease one non-expired signing key must overlap with the existing metadata. This requirement is skipped if there are no non-expired signing keys present in the existing metadata" } }, "type": "object", "required": [ "idpMetadataXml" ] }, "google-native:iam/v1:ServiceConfig": { "description": "Configuration for a service.", "properties": { "domain": { "type": "string", "description": "Optional. Domain name of the service. Example: console.cloud.google" } }, "type": "object" }, "google-native:iam/v1:ServiceConfigResponse": { "description": "Configuration for a service.", "properties": { "domain": { "type": "string", "description": "Optional. Domain name of the service. Example: console.cloud.google" } }, "type": "object", "required": [ "domain" ] }, "google-native:iam/v1:WorkforcePoolKeyUse": { "description": "Required. The purpose of the key.", "type": "string", "enum": [ { "name": "KeyUseUnspecified", "description": "KeyUse unspecified.", "value": "KEY_USE_UNSPECIFIED" }, { "name": "Encryption", "description": "The key is used for encryption.", "value": "ENCRYPTION" } ] }, "google-native:iam/v1:WorkloadIdentityPoolKeyUse": { "description": "Required. The purpose of the key.", "type": "string", "enum": [ { "name": "KeyUseUnspecified", "description": "The key use is not known.", "value": "KEY_USE_UNSPECIFIED" }, { "name": "Encryption", "description": "The public key is used for encryption purposes.", "value": "ENCRYPTION" } ] }, "google-native:iap/v1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:iap%2Fv1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:iap/v1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:iap%2Fv1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:iap/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:iap/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:iap/v1beta1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:iap%2Fv1beta1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:iap/v1beta1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:iap%2Fv1beta1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:iap/v1beta1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:iap/v1beta1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2AllowByDefault": { "description": "Defines a policy of allowing every region by default and adding disallowed regions to a disallow list.", "properties": { "disallowedRegions": { "type": "array", "items": { "type": "string" }, "description": "Two letter unicode region codes to disallow as defined by https://cldr.unicode.org/ The full list of these region codes is here: https://github.com/unicode-cldr/cldr-localenames-full/blob/master/main/en/territories.json" } }, "type": "object" }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2AllowByDefaultResponse": { "description": "Defines a policy of allowing every region by default and adding disallowed regions to a disallow list.", "properties": { "disallowedRegions": { "type": "array", "items": { "type": "string" }, "description": "Two letter unicode region codes to disallow as defined by https://cldr.unicode.org/ The full list of these region codes is here: https://github.com/unicode-cldr/cldr-localenames-full/blob/master/main/en/territories.json" } }, "type": "object", "required": [ "disallowedRegions" ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2AllowlistOnly": { "description": "Defines a policy of only allowing regions by explicitly adding them to an allowlist.", "properties": { "allowedRegions": { "type": "array", "items": { "type": "string" }, "description": "Two letter unicode region codes to allow as defined by https://cldr.unicode.org/ The full list of these region codes is here: https://github.com/unicode-cldr/cldr-localenames-full/blob/master/main/en/territories.json" } }, "type": "object" }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2AllowlistOnlyResponse": { "description": "Defines a policy of only allowing regions by explicitly adding them to an allowlist.", "properties": { "allowedRegions": { "type": "array", "items": { "type": "string" }, "description": "Two letter unicode region codes to allow as defined by https://cldr.unicode.org/ The full list of these region codes is here: https://github.com/unicode-cldr/cldr-localenames-full/blob/master/main/en/territories.json" } }, "type": "object", "required": [ "allowedRegions" ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2AppleSignInConfig": { "description": "Additional config for SignInWithApple.", "properties": { "bundleIds": { "type": "array", "items": { "type": "string" }, "description": "A list of Bundle ID's usable by this project" }, "codeFlowConfig": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleCloudIdentitytoolkitAdminV2CodeFlowConfig" } }, "type": "object" }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2AppleSignInConfigResponse": { "description": "Additional config for SignInWithApple.", "properties": { "bundleIds": { "type": "array", "items": { "type": "string" }, "description": "A list of Bundle ID's usable by this project" }, "codeFlowConfig": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleCloudIdentitytoolkitAdminV2CodeFlowConfigResponse" } }, "type": "object", "required": [ "bundleIds", "codeFlowConfig" ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2ClientPermissionConfig": { "description": "Options related to how clients making requests on behalf of a tenant should be configured.", "properties": { "permissions": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleCloudIdentitytoolkitAdminV2ClientPermissions", "description": "Configuration related to restricting a user's ability to affect their account." } }, "type": "object" }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2ClientPermissionConfigResponse": { "description": "Options related to how clients making requests on behalf of a tenant should be configured.", "properties": { "permissions": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleCloudIdentitytoolkitAdminV2ClientPermissionsResponse", "description": "Configuration related to restricting a user's ability to affect their account." } }, "type": "object", "required": [ "permissions" ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2ClientPermissions": { "description": "Configuration related to restricting a user's ability to affect their account.", "properties": { "disabledUserDeletion": { "type": "boolean", "description": "When true, end users cannot delete their account on the associated project through any of our API methods" }, "disabledUserSignup": { "type": "boolean", "description": "When true, end users cannot sign up for a new account on the associated project through any of our API methods" } }, "type": "object" }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2ClientPermissionsResponse": { "description": "Configuration related to restricting a user's ability to affect their account.", "properties": { "disabledUserDeletion": { "type": "boolean", "description": "When true, end users cannot delete their account on the associated project through any of our API methods" }, "disabledUserSignup": { "type": "boolean", "description": "When true, end users cannot sign up for a new account on the associated project through any of our API methods" } }, "type": "object", "required": [ "disabledUserDeletion", "disabledUserSignup" ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2CodeFlowConfig": { "description": "Additional config for Apple for code flow.", "properties": { "keyId": { "type": "string", "description": "Key ID for the private key." }, "privateKey": { "type": "string", "description": "Private key used for signing the client secret JWT." }, "teamId": { "type": "string", "description": "Apple Developer Team ID." } }, "type": "object" }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2CodeFlowConfigResponse": { "description": "Additional config for Apple for code flow.", "properties": { "keyId": { "type": "string", "description": "Key ID for the private key." }, "privateKey": { "type": "string", "description": "Private key used for signing the client secret JWT." }, "teamId": { "type": "string", "description": "Apple Developer Team ID." } }, "type": "object", "required": [ "keyId", "privateKey", "teamId" ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2CustomStrengthOptions": { "description": "Custom strength options to enforce on user passwords.", "properties": { "containsLowercaseCharacter": { "type": "boolean", "description": "The password must contain a lower case character." }, "containsNonAlphanumericCharacter": { "type": "boolean", "description": "The password must contain a non alpha numeric character." }, "containsNumericCharacter": { "type": "boolean", "description": "The password must contain a number." }, "containsUppercaseCharacter": { "type": "boolean", "description": "The password must contain an upper case character." }, "maxPasswordLength": { "type": "integer", "description": "Maximum password length. No default max length" }, "minPasswordLength": { "type": "integer", "description": "Minimum password length. Range from 6 to 30" } }, "type": "object" }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2CustomStrengthOptionsResponse": { "description": "Custom strength options to enforce on user passwords.", "properties": { "containsLowercaseCharacter": { "type": "boolean", "description": "The password must contain a lower case character." }, "containsNonAlphanumericCharacter": { "type": "boolean", "description": "The password must contain a non alpha numeric character." }, "containsNumericCharacter": { "type": "boolean", "description": "The password must contain a number." }, "containsUppercaseCharacter": { "type": "boolean", "description": "The password must contain an upper case character." }, "maxPasswordLength": { "type": "integer", "description": "Maximum password length. No default max length" }, "minPasswordLength": { "type": "integer", "description": "Minimum password length. Range from 6 to 30" } }, "type": "object", "required": [ "containsLowercaseCharacter", "containsNonAlphanumericCharacter", "containsNumericCharacter", "containsUppercaseCharacter", "maxPasswordLength", "minPasswordLength" ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2EmailPrivacyConfig": { "description": "Configuration for settings related to email privacy and public visibility. Settings in this config protect against email enumeration, but may make some trade-offs in user-friendliness.", "properties": { "enableImprovedEmailPrivacy": { "type": "boolean", "description": "Migrates the project to a state of improved email privacy. For example certain error codes are more generic to avoid giving away information on whether the account exists. In addition, this disables certain features that as a side-effect allow user enumeration. Enabling this toggle disables the fetchSignInMethodsForEmail functionality and changing the user's email to an unverified email. It is recommended to remove dependence on this functionality and enable this toggle to improve user privacy." } }, "type": "object" }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2EmailPrivacyConfigResponse": { "description": "Configuration for settings related to email privacy and public visibility. Settings in this config protect against email enumeration, but may make some trade-offs in user-friendliness.", "properties": { "enableImprovedEmailPrivacy": { "type": "boolean", "description": "Migrates the project to a state of improved email privacy. For example certain error codes are more generic to avoid giving away information on whether the account exists. In addition, this disables certain features that as a side-effect allow user enumeration. Enabling this toggle disables the fetchSignInMethodsForEmail functionality and changing the user's email to an unverified email. It is recommended to remove dependence on this functionality and enable this toggle to improve user privacy." } }, "type": "object", "required": [ "enableImprovedEmailPrivacy" ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2HashConfigResponse": { "description": "History information of the hash algorithm and key. Different accounts' passwords may be generated by different version.", "properties": { "algorithm": { "type": "string", "description": "Different password hash algorithms used in Identity Toolkit." }, "memoryCost": { "type": "integer", "description": "Memory cost for hash calculation. Used by scrypt and other similar password derivation algorithms. See https://tools.ietf.org/html/rfc7914 for explanation of field." }, "rounds": { "type": "integer", "description": "How many rounds for hash calculation. Used by scrypt and other similar password derivation algorithms." }, "saltSeparator": { "type": "string", "description": "Non-printable character to be inserted between the salt and plain text password in base64." }, "signerKey": { "type": "string", "description": "Signer key in base64." } }, "type": "object", "required": [ "algorithm", "memoryCost", "rounds", "saltSeparator", "signerKey" ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2IdpCertificate": { "description": "The IDP's certificate data to verify the signature in the SAMLResponse issued by the IDP.", "properties": { "x509Certificate": { "type": "string", "description": "The x509 certificate" } }, "type": "object" }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2IdpCertificateResponse": { "description": "The IDP's certificate data to verify the signature in the SAMLResponse issued by the IDP.", "properties": { "x509Certificate": { "type": "string", "description": "The x509 certificate" } }, "type": "object", "required": [ "x509Certificate" ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2IdpConfig": { "description": "The SAML IdP (Identity Provider) configuration when the project acts as the relying party.", "properties": { "idpCertificates": { "type": "array", "items": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleCloudIdentitytoolkitAdminV2IdpCertificate" }, "description": "IDP's public keys for verifying signature in the assertions." }, "idpEntityId": { "type": "string", "description": "Unique identifier for all SAML entities." }, "signRequest": { "type": "boolean", "description": "Indicates if outbounding SAMLRequest should be signed." }, "ssoUrl": { "type": "string", "description": "URL to send Authentication request to." } }, "type": "object" }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2IdpConfigResponse": { "description": "The SAML IdP (Identity Provider) configuration when the project acts as the relying party.", "properties": { "idpCertificates": { "type": "array", "items": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleCloudIdentitytoolkitAdminV2IdpCertificateResponse" }, "description": "IDP's public keys for verifying signature in the assertions." }, "idpEntityId": { "type": "string", "description": "Unique identifier for all SAML entities." }, "signRequest": { "type": "boolean", "description": "Indicates if outbounding SAMLRequest should be signed." }, "ssoUrl": { "type": "string", "description": "URL to send Authentication request to." } }, "type": "object", "required": [ "idpCertificates", "idpEntityId", "signRequest", "ssoUrl" ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2Inheritance": { "description": "Settings that the tenants will inherit from project level.", "properties": { "emailSendingConfig": { "type": "boolean", "description": "Whether to allow the tenant to inherit custom domains, email templates, and custom SMTP settings. If true, email sent from tenant will follow the project level email sending configurations. If false (by default), emails will go with the default settings with no customizations." } }, "type": "object" }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2InheritanceResponse": { "description": "Settings that the tenants will inherit from project level.", "properties": { "emailSendingConfig": { "type": "boolean", "description": "Whether to allow the tenant to inherit custom domains, email templates, and custom SMTP settings. If true, email sent from tenant will follow the project level email sending configurations. If false (by default), emails will go with the default settings with no customizations." } }, "type": "object", "required": [ "emailSendingConfig" ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2MonitoringConfig": { "description": "Configuration related to monitoring project activity.", "properties": { "requestLogging": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleCloudIdentitytoolkitAdminV2RequestLogging", "description": "Configuration for logging requests made to this project to Stackdriver Logging" } }, "type": "object" }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2MonitoringConfigResponse": { "description": "Configuration related to monitoring project activity.", "properties": { "requestLogging": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleCloudIdentitytoolkitAdminV2RequestLoggingResponse", "description": "Configuration for logging requests made to this project to Stackdriver Logging" } }, "type": "object", "required": [ "requestLogging" ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2MultiFactorAuthConfig": { "description": "Options related to MultiFactor Authentication for the project.", "properties": { "enabledProviders": { "type": "array", "items": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleCloudIdentitytoolkitAdminV2MultiFactorAuthConfigEnabledProvidersItem" }, "description": "A list of usable second factors for this project." }, "providerConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleCloudIdentitytoolkitAdminV2ProviderConfig" }, "description": "A list of usable second factors for this project along with their configurations. This field does not support phone based MFA, for that use the 'enabled_providers' field." }, "state": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleCloudIdentitytoolkitAdminV2MultiFactorAuthConfigState", "description": "Whether MultiFactor Authentication has been enabled for this project." } }, "type": "object" }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2MultiFactorAuthConfigEnabledProvidersItem": { "type": "string", "enum": [ { "name": "ProviderUnspecified", "description": "Illegal Provider, should not be used", "value": "PROVIDER_UNSPECIFIED" }, { "name": "PhoneSms", "description": "SMS is enabled as a second factor for this project.", "value": "PHONE_SMS" } ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2MultiFactorAuthConfigResponse": { "description": "Options related to MultiFactor Authentication for the project.", "properties": { "enabledProviders": { "type": "array", "items": { "type": "string" }, "description": "A list of usable second factors for this project." }, "providerConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleCloudIdentitytoolkitAdminV2ProviderConfigResponse" }, "description": "A list of usable second factors for this project along with their configurations. This field does not support phone based MFA, for that use the 'enabled_providers' field." }, "state": { "type": "string", "description": "Whether MultiFactor Authentication has been enabled for this project." } }, "type": "object", "required": [ "enabledProviders", "providerConfigs", "state" ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2MultiFactorAuthConfigState": { "description": "Whether MultiFactor Authentication has been enabled for this project.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "Illegal State, should not be used.", "value": "STATE_UNSPECIFIED" }, { "name": "Disabled", "description": "Multi-factor authentication cannot be used for this project", "value": "DISABLED" }, { "name": "Enabled", "description": "Multi-factor authentication can be used for this project", "value": "ENABLED" }, { "name": "Mandatory", "description": "Multi-factor authentication is required for this project. Users from this project must authenticate with the second factor.", "value": "MANDATORY" } ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2OAuthResponseType": { "description": "The response type to request for in the OAuth authorization flow. You can set either `id_token` or `code` to true, but not both. Setting both types to be simultaneously true (`{code: true, id_token: true}`) is not yet supported. See https://openid.net/specs/openid-connect-core-1_0.html#Authentication for a mapping of response type to OAuth 2.0 flow.", "properties": { "code": { "type": "boolean", "description": "If true, authorization code is returned from IdP's authorization endpoint." }, "idToken": { "type": "boolean", "description": "If true, ID token is returned from IdP's authorization endpoint." }, "token": { "type": "boolean", "description": "Do not use. The `token` response type is not supported at the moment." } }, "type": "object" }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2OAuthResponseTypeResponse": { "description": "The response type to request for in the OAuth authorization flow. You can set either `id_token` or `code` to true, but not both. Setting both types to be simultaneously true (`{code: true, id_token: true}`) is not yet supported. See https://openid.net/specs/openid-connect-core-1_0.html#Authentication for a mapping of response type to OAuth 2.0 flow.", "properties": { "code": { "type": "boolean", "description": "If true, authorization code is returned from IdP's authorization endpoint." }, "idToken": { "type": "boolean", "description": "If true, ID token is returned from IdP's authorization endpoint." }, "token": { "type": "boolean", "description": "Do not use. The `token` response type is not supported at the moment." } }, "type": "object", "required": [ "code", "idToken", "token" ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2PasswordPolicyConfig": { "description": "The configuration for the password policy on the project.", "properties": { "forceUpgradeOnSignin": { "type": "boolean", "description": "Users must have a password compliant with the password policy to sign-in." }, "passwordPolicyEnforcementState": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleCloudIdentitytoolkitAdminV2PasswordPolicyConfigPasswordPolicyEnforcementState", "description": "Which enforcement mode to use for the password policy." }, "passwordPolicyVersions": { "type": "array", "items": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleCloudIdentitytoolkitAdminV2PasswordPolicyVersion" }, "description": "Must be of length 1. Contains the strength attributes for the password policy." } }, "type": "object" }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2PasswordPolicyConfigPasswordPolicyEnforcementState": { "description": "Which enforcement mode to use for the password policy.", "type": "string", "enum": [ { "name": "PasswordPolicyEnforcementStateUnspecified", "description": "Illegal State, should not be used.", "value": "PASSWORD_POLICY_ENFORCEMENT_STATE_UNSPECIFIED" }, { "name": "Off", "description": "Password Policy will not be used on the project.", "value": "OFF" }, { "name": "Enforce", "description": "Passwords non-compliant with the password policy will be rejected with an error thrown.", "value": "ENFORCE" } ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2PasswordPolicyConfigResponse": { "description": "The configuration for the password policy on the project.", "properties": { "forceUpgradeOnSignin": { "type": "boolean", "description": "Users must have a password compliant with the password policy to sign-in." }, "lastUpdateTime": { "type": "string", "description": "The last time the password policy on the project was updated." }, "passwordPolicyEnforcementState": { "type": "string", "description": "Which enforcement mode to use for the password policy." }, "passwordPolicyVersions": { "type": "array", "items": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleCloudIdentitytoolkitAdminV2PasswordPolicyVersionResponse" }, "description": "Must be of length 1. Contains the strength attributes for the password policy." } }, "type": "object", "required": [ "forceUpgradeOnSignin", "lastUpdateTime", "passwordPolicyEnforcementState", "passwordPolicyVersions" ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2PasswordPolicyVersion": { "description": "The strength attributes for the password policy on the project.", "properties": { "customStrengthOptions": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleCloudIdentitytoolkitAdminV2CustomStrengthOptions", "description": "The custom strength options enforced by the password policy." } }, "type": "object" }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2PasswordPolicyVersionResponse": { "description": "The strength attributes for the password policy on the project.", "properties": { "customStrengthOptions": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleCloudIdentitytoolkitAdminV2CustomStrengthOptionsResponse", "description": "The custom strength options enforced by the password policy." }, "schemaVersion": { "type": "integer", "description": "schema version number for the password policy" } }, "type": "object", "required": [ "customStrengthOptions", "schemaVersion" ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2ProviderConfig": { "description": "ProviderConfig describes the supported MFA providers along with their configurations.", "properties": { "state": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleCloudIdentitytoolkitAdminV2ProviderConfigState", "description": "Describes the state of the MultiFactor Authentication type." }, "totpProviderConfig": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleCloudIdentitytoolkitAdminV2TotpMfaProviderConfig", "description": "TOTP MFA provider config for this project." } }, "type": "object" }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2ProviderConfigResponse": { "description": "ProviderConfig describes the supported MFA providers along with their configurations.", "properties": { "state": { "type": "string", "description": "Describes the state of the MultiFactor Authentication type." }, "totpProviderConfig": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleCloudIdentitytoolkitAdminV2TotpMfaProviderConfigResponse", "description": "TOTP MFA provider config for this project." } }, "type": "object", "required": [ "state", "totpProviderConfig" ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2ProviderConfigState": { "description": "Describes the state of the MultiFactor Authentication type.", "type": "string", "enum": [ { "name": "MfaStateUnspecified", "description": "Illegal State, should not be used.", "value": "MFA_STATE_UNSPECIFIED" }, { "name": "Disabled", "description": "Multi-factor authentication cannot be used for this project.", "value": "DISABLED" }, { "name": "Enabled", "description": "Multi-factor authentication can be used for this project.", "value": "ENABLED" }, { "name": "Mandatory", "description": "Multi-factor authentication is required for this project. Users from this project must authenticate with the second factor.", "value": "MANDATORY" } ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2RecaptchaConfig": { "description": "The reCAPTCHA Enterprise integration config.", "properties": { "emailPasswordEnforcementState": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleCloudIdentitytoolkitAdminV2RecaptchaConfigEmailPasswordEnforcementState", "description": "The reCAPTCHA config for email/password provider, containing the enforcement status. The email/password provider contains all related user flows protected by reCAPTCHA." }, "managedRules": { "type": "array", "items": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleCloudIdentitytoolkitAdminV2RecaptchaManagedRule" }, "description": "The managed rules for authentication action based on reCAPTCHA scores. The rules are shared across providers for a given tenant project." }, "useAccountDefender": { "type": "boolean", "description": "Whether to use the account defender for reCAPTCHA assessment. Defaults to `false`." } }, "type": "object" }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2RecaptchaConfigEmailPasswordEnforcementState": { "description": "The reCAPTCHA config for email/password provider, containing the enforcement status. The email/password provider contains all related user flows protected by reCAPTCHA.", "type": "string", "enum": [ { "name": "RecaptchaProviderEnforcementStateUnspecified", "description": "Enforcement state has not been set.", "value": "RECAPTCHA_PROVIDER_ENFORCEMENT_STATE_UNSPECIFIED" }, { "name": "Off", "description": "Unenforced.", "value": "OFF" }, { "name": "Audit", "description": "reCAPTCHA assessment is created, result is not used to enforce.", "value": "AUDIT" }, { "name": "Enforce", "description": "reCAPTCHA assessment is created, result is used to enforce.", "value": "ENFORCE" } ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2RecaptchaConfigResponse": { "description": "The reCAPTCHA Enterprise integration config.", "properties": { "emailPasswordEnforcementState": { "type": "string", "description": "The reCAPTCHA config for email/password provider, containing the enforcement status. The email/password provider contains all related user flows protected by reCAPTCHA." }, "managedRules": { "type": "array", "items": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleCloudIdentitytoolkitAdminV2RecaptchaManagedRuleResponse" }, "description": "The managed rules for authentication action based on reCAPTCHA scores. The rules are shared across providers for a given tenant project." }, "recaptchaKeys": { "type": "array", "items": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleCloudIdentitytoolkitAdminV2RecaptchaKeyResponse" }, "description": "The reCAPTCHA keys." }, "useAccountDefender": { "type": "boolean", "description": "Whether to use the account defender for reCAPTCHA assessment. Defaults to `false`." } }, "type": "object", "required": [ "emailPasswordEnforcementState", "managedRules", "recaptchaKeys", "useAccountDefender" ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2RecaptchaKeyResponse": { "description": "The reCAPTCHA key config. reCAPTCHA Enterprise offers different keys for different client platforms.", "properties": { "key": { "type": "string", "description": "The reCAPTCHA Enterprise key resource name, e.g. \"projects/{project}/keys/{key}\"" }, "type": { "type": "string", "description": "The client's platform type." } }, "type": "object", "required": [ "key", "type" ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2RecaptchaManagedRule": { "description": "The config for a reCAPTCHA managed rule. Models a single interval [start_score, end_score]. The start_score is implicit. It is either the closest smaller end_score (if one is available) or 0. Intervals in aggregate span [0, 1] without overlapping.", "properties": { "action": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleCloudIdentitytoolkitAdminV2RecaptchaManagedRuleAction", "description": "The action taken if the reCAPTCHA score of a request is within the interval [start_score, end_score]." }, "endScore": { "type": "number", "description": "The end score (inclusive) of the score range for an action. Must be a value between 0.0 and 1.0, at 11 discrete values; e.g. 0, 0.1, 0.2, 0.3, ... 0.9, 1.0. A score of 0.0 indicates the riskiest request (likely a bot), whereas 1.0 indicates the safest request (likely a human). See https://cloud.google.com/recaptcha-enterprise/docs/interpret-assessment." } }, "type": "object" }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2RecaptchaManagedRuleAction": { "description": "The action taken if the reCAPTCHA score of a request is within the interval [start_score, end_score].", "type": "string", "enum": [ { "name": "RecaptchaActionUnspecified", "description": "The reCAPTCHA action is not specified.", "value": "RECAPTCHA_ACTION_UNSPECIFIED" }, { "name": "Block", "description": "The reCAPTCHA-protected request will be blocked.", "value": "BLOCK" } ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2RecaptchaManagedRuleResponse": { "description": "The config for a reCAPTCHA managed rule. Models a single interval [start_score, end_score]. The start_score is implicit. It is either the closest smaller end_score (if one is available) or 0. Intervals in aggregate span [0, 1] without overlapping.", "properties": { "action": { "type": "string", "description": "The action taken if the reCAPTCHA score of a request is within the interval [start_score, end_score]." }, "endScore": { "type": "number", "description": "The end score (inclusive) of the score range for an action. Must be a value between 0.0 and 1.0, at 11 discrete values; e.g. 0, 0.1, 0.2, 0.3, ... 0.9, 1.0. A score of 0.0 indicates the riskiest request (likely a bot), whereas 1.0 indicates the safest request (likely a human). See https://cloud.google.com/recaptcha-enterprise/docs/interpret-assessment." } }, "type": "object", "required": [ "action", "endScore" ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2RequestLogging": { "description": "Configuration for logging requests made to this project to Stackdriver Logging", "properties": { "enabled": { "type": "boolean", "description": "Whether logging is enabled for this project or not." } }, "type": "object" }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2RequestLoggingResponse": { "description": "Configuration for logging requests made to this project to Stackdriver Logging", "properties": { "enabled": { "type": "boolean", "description": "Whether logging is enabled for this project or not." } }, "type": "object", "required": [ "enabled" ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2SmsRegionConfig": { "description": "Configures the regions where users are allowed to send verification SMS for the project or tenant. This is based on the calling code of the destination phone number.", "properties": { "allowByDefault": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleCloudIdentitytoolkitAdminV2AllowByDefault", "description": "A policy of allowing SMS to every region by default and adding disallowed regions to a disallow list." }, "allowlistOnly": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleCloudIdentitytoolkitAdminV2AllowlistOnly", "description": "A policy of only allowing regions by explicitly adding them to an allowlist." } }, "type": "object" }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2SmsRegionConfigResponse": { "description": "Configures the regions where users are allowed to send verification SMS for the project or tenant. This is based on the calling code of the destination phone number.", "properties": { "allowByDefault": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleCloudIdentitytoolkitAdminV2AllowByDefaultResponse", "description": "A policy of allowing SMS to every region by default and adding disallowed regions to a disallow list." }, "allowlistOnly": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleCloudIdentitytoolkitAdminV2AllowlistOnlyResponse", "description": "A policy of only allowing regions by explicitly adding them to an allowlist." } }, "type": "object", "required": [ "allowByDefault", "allowlistOnly" ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2SpCertificateResponse": { "description": "The SP's certificate data for IDP to verify the SAMLRequest generated by the SP.", "properties": { "expiresAt": { "type": "string", "description": "Timestamp of the cert expiration instance." }, "x509Certificate": { "type": "string", "description": "Self-signed public certificate." } }, "type": "object", "required": [ "expiresAt", "x509Certificate" ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2SpConfig": { "description": "The SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider.", "properties": { "callbackUri": { "type": "string", "description": "Callback URI where responses from IDP are handled." }, "spEntityId": { "type": "string", "description": "Unique identifier for all SAML entities." } }, "type": "object" }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2SpConfigResponse": { "description": "The SAML SP (Service Provider) configuration when the project acts as the relying party to receive and accept an authentication assertion issued by a SAML identity provider.", "properties": { "callbackUri": { "type": "string", "description": "Callback URI where responses from IDP are handled." }, "spCertificates": { "type": "array", "items": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleCloudIdentitytoolkitAdminV2SpCertificateResponse" }, "description": "Public certificates generated by the server to verify the signature in SAMLRequest in the SP-initiated flow." }, "spEntityId": { "type": "string", "description": "Unique identifier for all SAML entities." } }, "type": "object", "required": [ "callbackUri", "spCertificates", "spEntityId" ] }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2TotpMfaProviderConfig": { "description": "TotpMFAProviderConfig represents the TOTP based MFA provider.", "properties": { "adjacentIntervals": { "type": "integer", "description": "The allowed number of adjacent intervals that will be used for verification to avoid clock skew." } }, "type": "object" }, "google-native:identitytoolkit/v2:GoogleCloudIdentitytoolkitAdminV2TotpMfaProviderConfigResponse": { "description": "TotpMFAProviderConfig represents the TOTP based MFA provider.", "properties": { "adjacentIntervals": { "type": "integer", "description": "The allowed number of adjacent intervals that will be used for verification to avoid clock skew." } }, "type": "object", "required": [ "adjacentIntervals" ] }, "google-native:identitytoolkit/v2:GoogleIamV1AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleIamV1AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:identitytoolkit/v2:GoogleIamV1AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleIamV1AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:identitytoolkit/v2:GoogleIamV1AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleIamV1AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:identitytoolkit/v2:GoogleIamV1AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:identitytoolkit/v2:GoogleIamV1AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:identitytoolkit/v2:GoogleIamV1Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleTypeExpr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:identitytoolkit/v2:GoogleIamV1BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:identitytoolkit%2Fv2:GoogleTypeExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:identitytoolkit/v2:GoogleTypeExpr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:identitytoolkit/v2:GoogleTypeExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:ids/v1:AuditConfig": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:ids%2Fv1:AuditLogConfig" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object" }, "google-native:ids/v1:AuditConfigResponse": { "description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.", "properties": { "auditLogConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:ids%2Fv1:AuditLogConfigResponse" }, "description": "The configuration for logging of each type of permission." }, "service": { "type": "string", "description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services." } }, "type": "object", "required": [ "auditLogConfigs", "service" ] }, "google-native:ids/v1:AuditLogConfig": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "$ref": "#/types/google-native:ids%2Fv1:AuditLogConfigLogType", "description": "The log type that this config enables." } }, "type": "object" }, "google-native:ids/v1:AuditLogConfigLogType": { "description": "The log type that this config enables.", "type": "string", "enum": [ { "name": "LogTypeUnspecified", "description": "Default case. Should never be this.", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "AdminRead", "description": "Admin reads. Example: CloudIAM getIamPolicy", "value": "ADMIN_READ" }, { "name": "DataWrite", "description": "Data writes. Example: CloudSQL Users create", "value": "DATA_WRITE" }, { "name": "DataRead", "description": "Data reads. Example: CloudSQL Users list", "value": "DATA_READ" } ] }, "google-native:ids/v1:AuditLogConfigResponse": { "description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.", "properties": { "exemptedMembers": { "type": "array", "items": { "type": "string" }, "description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members." }, "logType": { "type": "string", "description": "The log type that this config enables." } }, "type": "object", "required": [ "exemptedMembers", "logType" ] }, "google-native:ids/v1:Binding": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:ids%2Fv1:Expr", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object" }, "google-native:ids/v1:BindingResponse": { "description": "Associates `members`, or principals, with a `role`.", "properties": { "condition": { "$ref": "#/types/google-native:ids%2Fv1:ExprResponse", "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { "type": "array", "items": { "type": "string" }, "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding." }, "role": { "type": "string", "description": "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`." } }, "type": "object", "required": [ "condition", "members", "role" ] }, "google-native:ids/v1:EndpointSeverity": { "description": "Required. Lowest threat severity that this endpoint will alert on.", "type": "string", "enum": [ { "name": "SeverityUnspecified", "description": "Not set.", "value": "SEVERITY_UNSPECIFIED" }, { "name": "Informational", "description": "Informational alerts.", "value": "INFORMATIONAL" }, { "name": "Low", "description": "Low severity alerts.", "value": "LOW" }, { "name": "Medium", "description": "Medium severity alerts.", "value": "MEDIUM" }, { "name": "High", "description": "High severity alerts.", "value": "HIGH" }, { "name": "Critical", "description": "Critical severity alerts.", "value": "CRITICAL" } ] }, "google-native:ids/v1:Expr": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object" }, "google-native:ids/v1:ExprResponse": { "description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.", "properties": { "description": { "type": "string", "description": "Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI." }, "expression": { "type": "string", "description": "Textual representation of an expression in Common Expression Language syntax." }, "location": { "type": "string", "description": "Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file." }, "title": { "type": "string", "description": "Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression." } }, "type": "object", "required": [ "description", "expression", "location", "title" ] }, "google-native:integrations/v1alpha:AuthConfigCredentialType": { "description": "Credential type of the encrypted credential.", "type": "string", "enum": [ { "name": "CredentialTypeUnspecified", "description": "Unspecified credential type", "value": "CREDENTIAL_TYPE_UNSPECIFIED" }, { "name": "UsernameAndPassword", "description": "Regular username/password pair.", "value": "USERNAME_AND_PASSWORD" }, { "name": "ApiKey", "description": "API key.", "value": "API_KEY" }, { "name": "Oauth2AuthorizationCode", "description": "OAuth 2.0 Authorization Code Grant Type.", "value": "OAUTH2_AUTHORIZATION_CODE" }, { "name": "Oauth2Implicit", "description": "OAuth 2.0 Implicit Grant Type.", "value": "OAUTH2_IMPLICIT" }, { "name": "Oauth2ClientCredentials", "description": "OAuth 2.0 Client Credentials Grant Type.", "value": "OAUTH2_CLIENT_CREDENTIALS" }, { "name": "Oauth2ResourceOwnerCredentials", "description": "OAuth 2.0 Resource Owner Credentials Grant Type.", "value": "OAUTH2_RESOURCE_OWNER_CREDENTIALS" }, { "name": "Jwt", "description": "JWT Token.", "value": "JWT" }, { "name": "AuthToken", "description": "Auth Token, e.g. bearer token.", "value": "AUTH_TOKEN" }, { "name": "ServiceAccount", "description": "Service Account which can be used to generate token for authentication.", "value": "SERVICE_ACCOUNT" }, { "name": "ClientCertificateOnly", "description": "Client Certificate only.", "value": "CLIENT_CERTIFICATE_ONLY" }, { "name": "OidcToken", "description": "Google OIDC ID Token", "value": "OIDC_TOKEN" } ] }, "google-native:integrations/v1alpha:AuthConfigState": { "description": "The status of the auth config.", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "Status not specified.", "value": "STATE_UNSPECIFIED" }, { "name": "Valid", "description": "Valid Auth config.", "value": "VALID" }, { "name": "Invalid", "description": "General invalidity, if it doesn't fits in the detailed issue below.", "value": "INVALID" }, { "name": "SoftDeleted", "description": "Auth config soft deleted.", "value": "SOFT_DELETED" }, { "name": "Expired", "description": "Auth config expired.", "value": "EXPIRED" }, { "name": "Unauthorized", "description": "Auth config unauthorized.", "value": "UNAUTHORIZED" }, { "name": "Unsupported", "description": "Auth config not supported.", "value": "UNSUPPORTED" } ] }, "google-native:integrations/v1alpha:AuthConfigVisibility": { "description": "The visibility of the auth config.", "type": "string", "enum": [ { "name": "AuthConfigVisibilityUnspecified", "description": "Visibility not specified.", "value": "AUTH_CONFIG_VISIBILITY_UNSPECIFIED" }, { "name": "Private", "description": "Profile visible to the creator only.", "value": "PRIVATE" }, { "name": "ClientVisible", "description": "Profile visible within the client.", "value": "CLIENT_VISIBLE" } ] }, "google-native:integrations/v1alpha:CertificateCertificateStatus": { "description": "Status of the certificate", "type": "string", "enum": [ { "name": "StateUnspecified", "description": "Unspecified certificate status", "value": "STATE_UNSPECIFIED" }, { "name": "Active", "description": "Certificate in active state will be able to use", "value": "ACTIVE" }, { "name": "Expired", "description": "Certificate in expired state needs to be updated", "value": "EXPIRED" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoAttributes": { "description": "Attributes are additional options that can be associated with each event property. For more information, see", "properties": { "dataType": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoAttributesDataType", "description": "Things like URL, Email, Currency, Timestamp (rather than string, int64...)" }, "defaultValue": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoValueType", "description": "Used to define defaults." }, "isRequired": { "type": "boolean", "description": "Required for event execution. The validation will be done by the event bus when the event is triggered." }, "isSearchable": { "type": "boolean", "description": "Used to indicate if a ParameterEntry should be converted to ParamIndexes for ST-Spanner full-text search. DEPRECATED: use searchable.", "deprecationMessage": "Used to indicate if a ParameterEntry should be converted to ParamIndexes for ST-Spanner full-text search. DEPRECATED: use searchable." }, "logSettings": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoLogSettings", "description": "See" }, "readOnly": { "type": "boolean", "description": "Used to indicate if the ParameterEntry is a read only field or not." }, "searchable": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoAttributesSearchable" }, "taskVisibility": { "type": "array", "items": { "type": "string" }, "description": "List of tasks that can view this property, if empty then all." } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoAttributesDataType": { "description": "Things like URL, Email, Currency, Timestamp (rather than string, int64...)", "type": "string", "enum": [ { "name": "DataTypeUnspecified", "value": "DATA_TYPE_UNSPECIFIED" }, { "name": "Email", "value": "EMAIL" }, { "name": "Url", "value": "URL" }, { "name": "Currency", "value": "CURRENCY" }, { "name": "Timestamp", "value": "TIMESTAMP" }, { "name": "DomainName", "description": "Domain is a web url string with one top-level private domain and a suffix (for example: google.com, walmart.com)", "value": "DOMAIN_NAME" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoAttributesResponse": { "description": "Attributes are additional options that can be associated with each event property. For more information, see", "properties": { "dataType": { "type": "string", "description": "Things like URL, Email, Currency, Timestamp (rather than string, int64...)" }, "defaultValue": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoValueTypeResponse", "description": "Used to define defaults." }, "isRequired": { "type": "boolean", "description": "Required for event execution. The validation will be done by the event bus when the event is triggered." }, "isSearchable": { "type": "boolean", "description": "Used to indicate if a ParameterEntry should be converted to ParamIndexes for ST-Spanner full-text search. DEPRECATED: use searchable.", "deprecationMessage": "Used to indicate if a ParameterEntry should be converted to ParamIndexes for ST-Spanner full-text search. DEPRECATED: use searchable." }, "logSettings": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoLogSettingsResponse", "description": "See" }, "readOnly": { "type": "boolean", "description": "Used to indicate if the ParameterEntry is a read only field or not." }, "searchable": { "type": "string" }, "taskVisibility": { "type": "array", "items": { "type": "string" }, "description": "List of tasks that can view this property, if empty then all." } }, "type": "object", "required": [ "dataType", "defaultValue", "isRequired", "isSearchable", "logSettings", "readOnly", "searchable", "taskVisibility" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoAttributesSearchable": { "type": "string", "enum": [ { "name": "Unspecified", "value": "UNSPECIFIED" }, { "name": "Yes", "description": "If yes, the parameter key and value will be full-text indexed. In a proto, this value will propagate to all children whose searchable is unspecified.", "value": "YES" }, { "name": "No", "description": "If no, the parameter key and value will not be full-text indexed. In a proto, this value will propagate to all children whose searchable is unspecified.", "value": "NO" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoBaseAlertConfigErrorEnumList": { "description": "List of error enums for alerts.", "properties": { "enumStrings": { "type": "array", "items": { "type": "string" } }, "filterType": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoBaseAlertConfigErrorEnumListFilterType" } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoBaseAlertConfigErrorEnumListFilterType": { "type": "string", "enum": [ { "name": "DefaultInclusive", "value": "DEFAULT_INCLUSIVE" }, { "name": "Exclusive", "value": "EXCLUSIVE" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoBaseAlertConfigErrorEnumListResponse": { "description": "List of error enums for alerts.", "properties": { "enumStrings": { "type": "array", "items": { "type": "string" } }, "filterType": { "type": "string" } }, "type": "object", "required": [ "enumStrings", "filterType" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoBaseAlertConfigThresholdValue": { "description": "The threshold value of the metric, above or below which the alert should be triggered. See EventAlertConfig or TaskAlertConfig for the different alert metric types in each case. For the *RATE metrics, one or both of these fields may be set. Zero is the default value and can be left at that. For *PERCENTILE_DURATION metrics, one or both of these fields may be set, and also, the duration threshold value should be specified in the threshold_duration_ms member below. For *AVERAGE_DURATION metrics, these fields should not be set at all. A different member, threshold_duration_ms, must be set in the EventAlertConfig or the TaskAlertConfig.", "properties": { "absolute": { "type": "string" }, "percentage": { "type": "integer" } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoBaseAlertConfigThresholdValueResponse": { "description": "The threshold value of the metric, above or below which the alert should be triggered. See EventAlertConfig or TaskAlertConfig for the different alert metric types in each case. For the *RATE metrics, one or both of these fields may be set. Zero is the default value and can be left at that. For *PERCENTILE_DURATION metrics, one or both of these fields may be set, and also, the duration threshold value should be specified in the threshold_duration_ms member below. For *AVERAGE_DURATION metrics, these fields should not be set at all. A different member, threshold_duration_ms, must be set in the EventAlertConfig or the TaskAlertConfig.", "properties": { "absolute": { "type": "string" }, "percentage": { "type": "integer" } }, "type": "object", "required": [ "absolute", "percentage" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoBooleanParameterArray": { "properties": { "booleanValues": { "type": "array", "items": { "type": "boolean" } } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoBooleanParameterArrayResponse": { "properties": { "booleanValues": { "type": "array", "items": { "type": "boolean" } } }, "type": "object", "required": [ "booleanValues" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoCloudSchedulerConfig": { "description": "Cloud Scheduler Trigger configuration", "properties": { "cronTab": { "type": "string", "description": "The cron tab of cloud scheduler trigger." }, "errorMessage": { "type": "string", "description": "Optional. When the job was deleted from Pantheon UI, error_message will be populated when Get/List integrations" }, "location": { "type": "string", "description": "The location where associated cloud scheduler job will be created" }, "serviceAccountEmail": { "type": "string", "description": "Service account used by Cloud Scheduler to trigger the integration at scheduled time" } }, "type": "object", "required": [ "cronTab", "location", "serviceAccountEmail" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoCloudSchedulerConfigResponse": { "description": "Cloud Scheduler Trigger configuration", "properties": { "cronTab": { "type": "string", "description": "The cron tab of cloud scheduler trigger." }, "errorMessage": { "type": "string", "description": "Optional. When the job was deleted from Pantheon UI, error_message will be populated when Get/List integrations" }, "location": { "type": "string", "description": "The location where associated cloud scheduler job will be created" }, "serviceAccountEmail": { "type": "string", "description": "Service account used by Cloud Scheduler to trigger the integration at scheduled time" } }, "type": "object", "required": [ "cronTab", "errorMessage", "location", "serviceAccountEmail" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoCombinedCondition": { "description": "This message recursively combines constituent conditions using logical AND.", "properties": { "conditions": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoCondition" }, "description": "A set of individual constituent conditions." } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoCombinedConditionResponse": { "description": "This message recursively combines constituent conditions using logical AND.", "properties": { "conditions": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoConditionResponse" }, "description": "A set of individual constituent conditions." } }, "type": "object", "required": [ "conditions" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoCondition": { "description": "Condition that uses `operator` to evaluate the key against the value.", "properties": { "eventPropertyKey": { "type": "string", "description": "Key that's evaluated against the `value`. Please note the data type of the runtime value associated with the key should match the data type of `value`, else an IllegalArgumentException is thrown." }, "operator": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoConditionOperator", "description": "Operator used to evaluate the condition. Please note that an operator with an inappropriate key/value operand will result in IllegalArgumentException, e.g. CONTAINS with boolean key/value pair." }, "value": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoValueType", "description": "Value that's checked for the key." } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoConditionOperator": { "description": "Operator used to evaluate the condition. Please note that an operator with an inappropriate key/value operand will result in IllegalArgumentException, e.g. CONTAINS with boolean key/value pair.", "type": "string", "enum": [ { "name": "Unset", "value": "UNSET" }, { "name": "Equals", "value": "EQUALS" }, { "name": "Contains", "value": "CONTAINS" }, { "name": "LessThan", "value": "LESS_THAN" }, { "name": "GreaterThan", "value": "GREATER_THAN" }, { "name": "Exists", "value": "EXISTS" }, { "name": "DoesNotExist", "value": "DOES_NOT_EXIST" }, { "name": "IsEmpty", "value": "IS_EMPTY" }, { "name": "IsNotEmpty", "value": "IS_NOT_EMPTY" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoConditionResponse": { "description": "Condition that uses `operator` to evaluate the key against the value.", "properties": { "eventPropertyKey": { "type": "string", "description": "Key that's evaluated against the `value`. Please note the data type of the runtime value associated with the key should match the data type of `value`, else an IllegalArgumentException is thrown." }, "operator": { "type": "string", "description": "Operator used to evaluate the condition. Please note that an operator with an inappropriate key/value operand will result in IllegalArgumentException, e.g. CONTAINS with boolean key/value pair." }, "value": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoValueTypeResponse", "description": "Value that's checked for the key." } }, "type": "object", "required": [ "eventPropertyKey", "operator", "value" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoCoordinate": { "description": "Represents two-dimensional positions.", "properties": { "x": { "type": "integer" }, "y": { "type": "integer" } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoCoordinateResponse": { "description": "Represents two-dimensional positions.", "properties": { "x": { "type": "integer" }, "y": { "type": "integer" } }, "type": "object", "required": [ "x", "y" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoDoubleArray": { "properties": { "values": { "type": "array", "items": { "type": "number" } } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoDoubleArrayResponse": { "properties": { "values": { "type": "array", "items": { "type": "number" } } }, "type": "object", "required": [ "values" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoDoubleParameterArray": { "properties": { "doubleValues": { "type": "array", "items": { "type": "number" } } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoDoubleParameterArrayResponse": { "properties": { "doubleValues": { "type": "array", "items": { "type": "number" } } }, "type": "object", "required": [ "doubleValues" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoEventBusProperties": { "description": "LINT.IfChange This message is used for storing key value pair properties for each Event / Task in the EventBus.", "properties": { "properties": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoPropertyEntry" }, "description": "An unordered list of property entries." } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoEventBusPropertiesResponse": { "description": "LINT.IfChange This message is used for storing key value pair properties for each Event / Task in the EventBus.", "properties": { "properties": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoPropertyEntryResponse" }, "description": "An unordered list of property entries." } }, "type": "object", "required": [ "properties" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoEventParameters": { "description": "LINT.IfChange This message is used for processing and persisting (when applicable) key value pair parameters for each event in the event bus. Please see", "properties": { "parameters": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoParameterEntry" }, "description": "Parameters are a part of Event and can be used to communicate between different tasks that are part of the same integration execution." } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoEventParametersResponse": { "description": "LINT.IfChange This message is used for processing and persisting (when applicable) key value pair parameters for each event in the event bus. Please see", "properties": { "parameters": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoParameterEntryResponse" }, "description": "Parameters are a part of Event and can be used to communicate between different tasks that are part of the same integration execution." } }, "type": "object", "required": [ "parameters" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoFailurePolicy": { "description": "Policy that defines the task retry logic and failure type. If no FailurePolicy is defined for a task, all its dependent tasks will not be executed (i.e, a `retry_strategy` of NONE will be applied).", "properties": { "intervalInSeconds": { "type": "string", "description": "Required if retry_strategy is FIXED_INTERVAL or LINEAR/EXPONENTIAL_BACKOFF/RESTART_WORKFLOW_WITH_BACKOFF. Defines the initial interval for backoff." }, "maxNumRetries": { "type": "integer", "description": "Required if retry_strategy is FIXED_INTERVAL or LINEAR/EXPONENTIAL_BACKOFF/RESTART_WORKFLOW_WITH_BACKOFF. Defines the number of times the task will be retried if failed." }, "retryStrategy": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoFailurePolicyRetryStrategy", "description": "Defines what happens to the task upon failure." } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoFailurePolicyResponse": { "description": "Policy that defines the task retry logic and failure type. If no FailurePolicy is defined for a task, all its dependent tasks will not be executed (i.e, a `retry_strategy` of NONE will be applied).", "properties": { "intervalInSeconds": { "type": "string", "description": "Required if retry_strategy is FIXED_INTERVAL or LINEAR/EXPONENTIAL_BACKOFF/RESTART_WORKFLOW_WITH_BACKOFF. Defines the initial interval for backoff." }, "maxNumRetries": { "type": "integer", "description": "Required if retry_strategy is FIXED_INTERVAL or LINEAR/EXPONENTIAL_BACKOFF/RESTART_WORKFLOW_WITH_BACKOFF. Defines the number of times the task will be retried if failed." }, "retryStrategy": { "type": "string", "description": "Defines what happens to the task upon failure." } }, "type": "object", "required": [ "intervalInSeconds", "maxNumRetries", "retryStrategy" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoFailurePolicyRetryStrategy": { "description": "Defines what happens to the task upon failure.", "type": "string", "enum": [ { "name": "Unspecified", "value": "UNSPECIFIED" }, { "name": "Ignore", "description": "Ignores the failure of this task. The rest of the workflow will be executed Assuming this task succeeded.", "value": "IGNORE" }, { "name": "None", "description": "Causes a permanent failure of the task. However, if the last task(s) of event was successfully completed despite the failure of this task, it has no impact on the workflow.", "value": "NONE" }, { "name": "Fatal", "description": "Causes a permanent failure of the event. It is different from NONE because this will mark the event as FAILED by shutting down the event execution.", "value": "FATAL" }, { "name": "FixedInterval", "description": "The task will be retried from the failed task onwards after a fixed delay. A max-retry count is required to be specified with this strategy. A jitter is added to each exponential interval so that concurrently failing tasks of the same type do not end up retrying after the exact same exponential interval. Max_num_retries and interval_in_seconds must be specified.", "value": "FIXED_INTERVAL" }, { "name": "LinearBackoff", "description": "The task will be retried from the failed task onwards after a fixed delay that linearly increases with each retry attempt. A jitter is added to each exponential interval so that concurrently failing tasks of the same type do not end up retrying after the exact same exponential interval. A max-retry count is required to be specified with this strategy. Max_num_retries and interval_in_seconds must be specified.", "value": "LINEAR_BACKOFF" }, { "name": "ExponentialBackoff", "description": "The task will be retried after an exponentially increasing period of time with each failure. A jitter is added to each exponential interval so that concurrently failing tasks of the same type do not end up retrying after the exact same exponential interval. A max-retry count is required to be specified with this strategy. `max_num_retries` and `interval_in_seconds` must be specified.", "value": "EXPONENTIAL_BACKOFF" }, { "name": "RestartWorkflowWithBackoff", "description": "The entire workflow will be restarted with the initial parameters that were set when the event was fired. A max-retry count is required to be specified with this strategy. `max_num_retries` and `interval_in_seconds` must be specified.", "value": "RESTART_WORKFLOW_WITH_BACKOFF" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoIntArray": { "properties": { "values": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoIntArrayResponse": { "properties": { "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "values" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoIntParameterArray": { "properties": { "intValues": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoIntParameterArrayResponse": { "properties": { "intValues": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "intValues" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoLogSettings": { "description": "The LogSettings define the logging attributes for an event property. These attributes are used to map the property to the parameter in the log proto. Also used to define scrubbing/truncation behavior and PII information.", "properties": { "logFieldName": { "type": "string", "description": "The name of corresponding logging field of the event property. If omitted, assumes the same name as the event property key." }, "sanitizeOptions": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmLoggingGwsSanitizeOptions", "description": "Contains the scrubbing options, such as whether to scrub, obfuscate, etc." }, "seedPeriod": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoLogSettingsSeedPeriod" }, "seedScope": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoLogSettingsSeedScope" }, "shorteningLimits": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmLoggingGwsFieldLimits", "description": "Contains the field limits for shortening, such as max string length and max array length." } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoLogSettingsResponse": { "description": "The LogSettings define the logging attributes for an event property. These attributes are used to map the property to the parameter in the log proto. Also used to define scrubbing/truncation behavior and PII information.", "properties": { "logFieldName": { "type": "string", "description": "The name of corresponding logging field of the event property. If omitted, assumes the same name as the event property key." }, "sanitizeOptions": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmLoggingGwsSanitizeOptionsResponse", "description": "Contains the scrubbing options, such as whether to scrub, obfuscate, etc." }, "seedPeriod": { "type": "string" }, "seedScope": { "type": "string" }, "shorteningLimits": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmLoggingGwsFieldLimitsResponse", "description": "Contains the field limits for shortening, such as max string length and max array length." } }, "type": "object", "required": [ "logFieldName", "sanitizeOptions", "seedPeriod", "seedScope", "shorteningLimits" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoLogSettingsSeedPeriod": { "type": "string", "enum": [ { "name": "SeedPeriodUnspecified", "value": "SEED_PERIOD_UNSPECIFIED" }, { "name": "Day", "description": "Sanitized values remain constant for the day of the event.", "value": "DAY" }, { "name": "Week", "description": "Sanitized values remain constant for the week of the event; may cross month boundaries.", "value": "WEEK" }, { "name": "Month", "description": "Sanitized values remain constant for the month of the event.", "value": "MONTH" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoLogSettingsSeedScope": { "type": "string", "enum": [ { "name": "SeedScopeUnspecified", "value": "SEED_SCOPE_UNSPECIFIED" }, { "name": "EventName", "description": "Hash computations include the event name.", "value": "EVENT_NAME" }, { "name": "TimePeriod", "description": "Hash computations include a time period.", "value": "TIME_PERIOD" }, { "name": "ParamName", "description": "Hash computations include the param name.", "value": "PARAM_NAME" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoNextTask": { "description": "The task that is next in line to be executed, if the condition specified evaluated to true.", "properties": { "combinedConditions": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoCombinedCondition" }, "description": "Combined condition for this task to become an eligible next task. Each of these combined_conditions are joined with logical OR. DEPRECATED: use `condition`", "deprecationMessage": "Combined condition for this task to become an eligible next task. Each of these combined_conditions are joined with logical OR. DEPRECATED: use `condition`" }, "condition": { "type": "string", "description": "Standard filter expression for this task to become an eligible next task." }, "description": { "type": "string", "description": "User-provided description intended to give more business context about the next task edge or condition." }, "label": { "type": "string", "description": "User-provided label that is attached to this edge in the UI." }, "taskConfigId": { "type": "string", "description": "ID of the next task." }, "taskNumber": { "type": "string", "description": "Task number of the next task." } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoNextTaskResponse": { "description": "The task that is next in line to be executed, if the condition specified evaluated to true.", "properties": { "combinedConditions": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoCombinedConditionResponse" }, "description": "Combined condition for this task to become an eligible next task. Each of these combined_conditions are joined with logical OR. DEPRECATED: use `condition`", "deprecationMessage": "Combined condition for this task to become an eligible next task. Each of these combined_conditions are joined with logical OR. DEPRECATED: use `condition`" }, "condition": { "type": "string", "description": "Standard filter expression for this task to become an eligible next task." }, "description": { "type": "string", "description": "User-provided description intended to give more business context about the next task edge or condition." }, "label": { "type": "string", "description": "User-provided label that is attached to this edge in the UI." }, "taskConfigId": { "type": "string", "description": "ID of the next task." }, "taskNumber": { "type": "string", "description": "Task number of the next task." } }, "type": "object", "required": [ "combinedConditions", "condition", "description", "label", "taskConfigId", "taskNumber" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoNextTeardownTask": { "description": "The teardown task that is next in line to be executed. We support only sequential execution of teardown tasks (i.e. no branching).", "properties": { "name": { "type": "string", "description": "Name of the next teardown task." } }, "type": "object", "required": [ "name" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoNextTeardownTaskResponse": { "description": "The teardown task that is next in line to be executed. We support only sequential execution of teardown tasks (i.e. no branching).", "properties": { "name": { "type": "string", "description": "Name of the next teardown task." } }, "type": "object", "required": [ "name" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoNodeIdentifier": { "description": "Represents a node identifier (type + id). Next highest id: 3", "properties": { "elementIdentifier": { "type": "string", "description": "Configuration of the edge." }, "elementType": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoNodeIdentifierElementType", "description": "Destination node where the edge ends. It can only be a task config." } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoNodeIdentifierElementType": { "description": "Destination node where the edge ends. It can only be a task config.", "type": "string", "enum": [ { "name": "UnknownType", "value": "UNKNOWN_TYPE" }, { "name": "TaskConfig", "value": "TASK_CONFIG" }, { "name": "TriggerConfig", "value": "TRIGGER_CONFIG" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoNodeIdentifierResponse": { "description": "Represents a node identifier (type + id). Next highest id: 3", "properties": { "elementIdentifier": { "type": "string", "description": "Configuration of the edge." }, "elementType": { "type": "string", "description": "Destination node where the edge ends. It can only be a task config." } }, "type": "object", "required": [ "elementIdentifier", "elementType" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoParamSpecEntryConfig": { "properties": { "descriptivePhrase": { "type": "string", "description": "A short phrase to describe what this parameter contains." }, "helpText": { "type": "string", "description": "Detailed help text for this parameter containing information not provided elsewhere. For example, instructions on how to migrate from a deprecated parameter." }, "hideDefaultValue": { "type": "boolean", "description": "Whether the default value is hidden in the UI." }, "inputDisplayOption": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoParamSpecEntryConfigInputDisplayOption" }, "isHidden": { "type": "boolean", "description": "Whether this field is hidden in the UI." }, "label": { "type": "string", "description": "A user-friendly label for the parameter." }, "parameterNameOption": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoParamSpecEntryConfigParameterNameOption" }, "subSectionLabel": { "type": "string", "description": "A user-friendly label for subSection under which the parameter will be displayed." }, "uiPlaceholderText": { "type": "string", "description": "Placeholder text which will appear in the UI input form for this parameter." } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoParamSpecEntryConfigInputDisplayOption": { "type": "string", "enum": [ { "name": "Default", "description": "A single-line input for strings, a numeric input box for numbers, or a checkbox for booleans.", "value": "DEFAULT" }, { "name": "StringMultiLine", "description": "A multi-line input box for longer strings/string templates.", "value": "STRING_MULTI_LINE" }, { "name": "NumberSlider", "description": "A slider to select a numerical value. The default range is [0, 100].", "value": "NUMBER_SLIDER" }, { "name": "BooleanToggle", "description": "A toggle button for boolean parameters.", "value": "BOOLEAN_TOGGLE" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoParamSpecEntryConfigParameterNameOption": { "type": "string", "enum": [ { "name": "DefaultNotParameterName", "description": "This field is not a parameter name.", "value": "DEFAULT_NOT_PARAMETER_NAME" }, { "name": "IsParameterName", "description": "If this field is a string and this option is selected, the field will be interpreted as a parameter name. Users will be able to choose a variable using the autocomplete, but the name will be stored as a literal string.", "value": "IS_PARAMETER_NAME" }, { "name": "KeyIsParameterName", "description": "If this field is a ParameterMap and this option is selected, the map's keys will be interpreted as parameter names. Ignored if this field is not a ParameterMap.", "value": "KEY_IS_PARAMETER_NAME" }, { "name": "ValueIsParameterName", "description": "If this field is a ParameterMap and this option is selected, the map's values will be interpreted as parameter names. Ignored if this field is not a ParameterMap.", "value": "VALUE_IS_PARAMETER_NAME" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoParamSpecEntryConfigResponse": { "properties": { "descriptivePhrase": { "type": "string", "description": "A short phrase to describe what this parameter contains." }, "helpText": { "type": "string", "description": "Detailed help text for this parameter containing information not provided elsewhere. For example, instructions on how to migrate from a deprecated parameter." }, "hideDefaultValue": { "type": "boolean", "description": "Whether the default value is hidden in the UI." }, "inputDisplayOption": { "type": "string" }, "isHidden": { "type": "boolean", "description": "Whether this field is hidden in the UI." }, "label": { "type": "string", "description": "A user-friendly label for the parameter." }, "parameterNameOption": { "type": "string" }, "subSectionLabel": { "type": "string", "description": "A user-friendly label for subSection under which the parameter will be displayed." }, "uiPlaceholderText": { "type": "string", "description": "Placeholder text which will appear in the UI input form for this parameter." } }, "type": "object", "required": [ "descriptivePhrase", "helpText", "hideDefaultValue", "inputDisplayOption", "isHidden", "label", "parameterNameOption", "subSectionLabel", "uiPlaceholderText" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoParamSpecEntryProtoDefinition": { "properties": { "fullName": { "type": "string", "description": "The fully-qualified proto name. This message, for example, would be \"enterprise.crm.eventbus.proto.ParamSpecEntry.ProtoDefinition\"." }, "path": { "type": "string", "description": "Path to the proto file that contains the message type's definition." } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoParamSpecEntryProtoDefinitionResponse": { "properties": { "fullName": { "type": "string", "description": "The fully-qualified proto name. This message, for example, would be \"enterprise.crm.eventbus.proto.ParamSpecEntry.ProtoDefinition\"." }, "path": { "type": "string", "description": "Path to the proto file that contains the message type's definition." } }, "type": "object", "required": [ "fullName", "path" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoParamSpecEntryValidationRule": { "properties": { "doubleRange": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleDoubleRange" }, "intRange": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleIntRange" }, "stringRegex": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleStringRegex" } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleDoubleRange": { "description": "Range used to validate doubles and floats.", "properties": { "max": { "type": "number", "description": "The inclusive maximum of the acceptable range." }, "min": { "type": "number", "description": "The inclusive minimum of the acceptable range." } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleDoubleRangeResponse": { "description": "Range used to validate doubles and floats.", "properties": { "max": { "type": "number", "description": "The inclusive maximum of the acceptable range." }, "min": { "type": "number", "description": "The inclusive minimum of the acceptable range." } }, "type": "object", "required": [ "max", "min" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleIntRange": { "description": "Range used to validate longs and ints.", "properties": { "max": { "type": "string", "description": "The inclusive maximum of the acceptable range." }, "min": { "type": "string", "description": "The inclusive minimum of the acceptable range." } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleIntRangeResponse": { "description": "Range used to validate longs and ints.", "properties": { "max": { "type": "string", "description": "The inclusive maximum of the acceptable range." }, "min": { "type": "string", "description": "The inclusive minimum of the acceptable range." } }, "type": "object", "required": [ "max", "min" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleResponse": { "properties": { "doubleRange": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleDoubleRangeResponse" }, "intRange": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleIntRangeResponse" }, "stringRegex": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleStringRegexResponse" } }, "type": "object", "required": [ "doubleRange", "intRange", "stringRegex" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleStringRegex": { "description": "Rule used to validate strings.", "properties": { "exclusive": { "type": "boolean", "description": "Whether the regex matcher is applied exclusively (if true, matching values will be rejected)." }, "regex": { "type": "string", "description": "The regex applied to the input value(s)." } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleStringRegexResponse": { "description": "Rule used to validate strings.", "properties": { "exclusive": { "type": "boolean", "description": "Whether the regex matcher is applied exclusively (if true, matching values will be rejected)." }, "regex": { "type": "string", "description": "The regex applied to the input value(s)." } }, "type": "object", "required": [ "exclusive", "regex" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoParameterEntry": { "description": "Key-value pair of EventBus parameters.", "properties": { "key": { "type": "string", "description": "Key is used to retrieve the corresponding parameter value. This should be unique for a given fired event. These parameters must be predefined in the integration definition." }, "value": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoParameterValueType", "description": "Values for the defined keys. Each value can either be string, int, double or any proto message." } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoParameterEntryResponse": { "description": "Key-value pair of EventBus parameters.", "properties": { "key": { "type": "string", "description": "Key is used to retrieve the corresponding parameter value. This should be unique for a given fired event. These parameters must be predefined in the integration definition." }, "value": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoParameterValueTypeResponse", "description": "Values for the defined keys. Each value can either be string, int, double or any proto message." } }, "type": "object", "required": [ "key", "value" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoParameterValueType": { "description": "LINT.IfChange To support various types of parameter values. Next available id: 14", "properties": { "booleanArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoBooleanParameterArray" }, "booleanValue": { "type": "boolean" }, "doubleArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoDoubleParameterArray" }, "doubleValue": { "type": "number" }, "intArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoIntParameterArray" }, "intValue": { "type": "string" }, "protoArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoProtoParameterArray" }, "protoValue": { "type": "object", "additionalProperties": { "type": "string" } }, "serializedObjectValue": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoSerializedObjectParameter" }, "stringArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoStringParameterArray" }, "stringValue": { "type": "string" } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoParameterValueTypeResponse": { "description": "LINT.IfChange To support various types of parameter values. Next available id: 14", "properties": { "booleanArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoBooleanParameterArrayResponse" }, "booleanValue": { "type": "boolean" }, "doubleArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoDoubleParameterArrayResponse" }, "doubleValue": { "type": "number" }, "intArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoIntParameterArrayResponse" }, "intValue": { "type": "string" }, "protoArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoProtoParameterArrayResponse" }, "protoValue": { "type": "object", "additionalProperties": { "type": "string" } }, "serializedObjectValue": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoSerializedObjectParameterResponse" }, "stringArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoStringParameterArrayResponse" }, "stringValue": { "type": "string" } }, "type": "object", "required": [ "booleanArray", "booleanValue", "doubleArray", "doubleValue", "intArray", "intValue", "protoArray", "protoValue", "serializedObjectValue", "stringArray", "stringValue" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoPropertyEntry": { "description": "Key-value pair of EventBus property.", "properties": { "key": { "type": "string", "description": "Key is used to retrieve the corresponding property value. This should be unique for a given fired event. The Tasks should be aware of the keys used while firing the events for them to be able to retrieve the values." }, "value": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoValueType", "description": "Values for the defined keys. Each value can either be string, int, double or any proto message." } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoPropertyEntryResponse": { "description": "Key-value pair of EventBus property.", "properties": { "key": { "type": "string", "description": "Key is used to retrieve the corresponding property value. This should be unique for a given fired event. The Tasks should be aware of the keys used while firing the events for them to be able to retrieve the values." }, "value": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoValueTypeResponse", "description": "Values for the defined keys. Each value can either be string, int, double or any proto message." } }, "type": "object", "required": [ "key", "value" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoProtoParameterArray": { "properties": { "protoValues": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } } } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoProtoParameterArrayResponse": { "properties": { "protoValues": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } } } }, "type": "object", "required": [ "protoValues" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoSerializedObjectParameter": { "properties": { "objectValue": { "type": "string" } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoSerializedObjectParameterResponse": { "properties": { "objectValue": { "type": "string" } }, "type": "object", "required": [ "objectValue" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoStringArray": { "properties": { "values": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoStringArrayResponse": { "properties": { "values": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "values" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoStringParameterArray": { "properties": { "stringValues": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoStringParameterArrayResponse": { "properties": { "stringValues": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "stringValues" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoSuccessPolicy": { "description": "Policy that dictates the behavior for the task after it completes successfully.", "properties": { "finalState": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoSuccessPolicyFinalState", "description": "State to which the execution snapshot status will be set if the task succeeds." } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoSuccessPolicyFinalState": { "description": "State to which the execution snapshot status will be set if the task succeeds.", "type": "string", "enum": [ { "name": "Unspecified", "value": "UNSPECIFIED" }, { "name": "Succeeded", "description": "The default behavior, where successful tasks will be marked as SUCCEEDED.", "value": "SUCCEEDED" }, { "name": "Suspended", "description": "Sets the state to SUSPENDED after executing. This is required for SuspensionTask; event execution will continue once the user calls ResolveSuspensions with the event_execution_info_id and the task number.", "value": "SUSPENDED" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoSuccessPolicyResponse": { "description": "Policy that dictates the behavior for the task after it completes successfully.", "properties": { "finalState": { "type": "string", "description": "State to which the execution snapshot status will be set if the task succeeds." } }, "type": "object", "required": [ "finalState" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoTaskAlertConfig": { "description": "Message to be used to configure alerting in the {@code TaskConfig} protos for tasks in an event.", "properties": { "aggregationPeriod": { "type": "string", "description": "The period over which the metric value should be aggregated and evaluated. Format is , where integer should be a positive integer and unit should be one of (s,m,h,d,w) meaning (second, minute, hour, day, week)." }, "alertDisabled": { "type": "boolean", "description": "Set to false by default. When set to true, the metrics are not aggregated or pushed to Monarch for this workflow alert." }, "alertName": { "type": "string", "description": "A name to identify this alert. This will be displayed in the alert subject. If set, this name should be unique in within the scope of the containing workflow." }, "clientId": { "type": "string", "description": "Client associated with this alert configuration. Must be a client enabled in one of the containing workflow's triggers." }, "durationThresholdMs": { "type": "string", "description": "Should be specified only for TASK_AVERAGE_DURATION and TASK_PERCENTILE_DURATION metrics. This member should be used to specify what duration value the metrics should exceed for the alert to trigger." }, "errorEnumList": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoBaseAlertConfigErrorEnumList" }, "metricType": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoTaskAlertConfigMetricType" }, "numAggregationPeriods": { "type": "integer", "description": "For how many contiguous aggregation periods should the expected min or max be violated for the alert to be fired." }, "onlyFinalAttempt": { "type": "boolean", "description": "Only count final task attempts, not retries." }, "playbookUrl": { "type": "string", "description": "Link to a playbook for resolving the issue that triggered this alert." }, "thresholdType": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoTaskAlertConfigThresholdType", "description": "The threshold type for which this alert is being configured. If value falls below expected_min or exceeds expected_max, an alert will be fired." }, "thresholdValue": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoBaseAlertConfigThresholdValue", "description": "The metric value, above or below which the alert should be triggered." }, "warningEnumList": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoBaseAlertConfigErrorEnumList" } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoTaskAlertConfigMetricType": { "type": "string", "enum": [ { "name": "MetricTypeUnspecified", "description": "The default value. Metric type should always be set to one of the other non-default values, otherwise it will result in an INVALID_ARGUMENT error.", "value": "METRIC_TYPE_UNSPECIFIED" }, { "name": "TaskErrorRate", "description": "Specifies alerting on the rate of errors (potentially for a specific set of enum values) for the enclosing TaskConfig.", "value": "TASK_ERROR_RATE" }, { "name": "TaskWarningRate", "description": "Specifies alerting on the rate of warnings (potentially for a specific set of enum values) for the enclosing TaskConfig. Warnings use the same enum values as errors.", "value": "TASK_WARNING_RATE" }, { "name": "TaskRate", "description": "Specifies alerting on the number of instances for the enclosing TaskConfig executed in the given aggregation_period.", "value": "TASK_RATE" }, { "name": "TaskAverageDuration", "description": "Specifies alerting on the average duration of execution for the enclosing task.", "value": "TASK_AVERAGE_DURATION" }, { "name": "TaskPercentileDuration", "description": "Specifies alerting on the duration of a particular percentile of task executions. E.g. If 10% or more of the task executions have durations above 5 seconds, alert.", "value": "TASK_PERCENTILE_DURATION" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoTaskAlertConfigResponse": { "description": "Message to be used to configure alerting in the {@code TaskConfig} protos for tasks in an event.", "properties": { "aggregationPeriod": { "type": "string", "description": "The period over which the metric value should be aggregated and evaluated. Format is , where integer should be a positive integer and unit should be one of (s,m,h,d,w) meaning (second, minute, hour, day, week)." }, "alertDisabled": { "type": "boolean", "description": "Set to false by default. When set to true, the metrics are not aggregated or pushed to Monarch for this workflow alert." }, "alertName": { "type": "string", "description": "A name to identify this alert. This will be displayed in the alert subject. If set, this name should be unique in within the scope of the containing workflow." }, "clientId": { "type": "string", "description": "Client associated with this alert configuration. Must be a client enabled in one of the containing workflow's triggers." }, "durationThresholdMs": { "type": "string", "description": "Should be specified only for TASK_AVERAGE_DURATION and TASK_PERCENTILE_DURATION metrics. This member should be used to specify what duration value the metrics should exceed for the alert to trigger." }, "errorEnumList": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoBaseAlertConfigErrorEnumListResponse" }, "metricType": { "type": "string" }, "numAggregationPeriods": { "type": "integer", "description": "For how many contiguous aggregation periods should the expected min or max be violated for the alert to be fired." }, "onlyFinalAttempt": { "type": "boolean", "description": "Only count final task attempts, not retries." }, "playbookUrl": { "type": "string", "description": "Link to a playbook for resolving the issue that triggered this alert." }, "thresholdType": { "type": "string", "description": "The threshold type for which this alert is being configured. If value falls below expected_min or exceeds expected_max, an alert will be fired." }, "thresholdValue": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoBaseAlertConfigThresholdValueResponse", "description": "The metric value, above or below which the alert should be triggered." }, "warningEnumList": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoBaseAlertConfigErrorEnumListResponse" } }, "type": "object", "required": [ "aggregationPeriod", "alertDisabled", "alertName", "clientId", "durationThresholdMs", "errorEnumList", "metricType", "numAggregationPeriods", "onlyFinalAttempt", "playbookUrl", "thresholdType", "thresholdValue", "warningEnumList" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoTaskAlertConfigThresholdType": { "description": "The threshold type for which this alert is being configured. If value falls below expected_min or exceeds expected_max, an alert will be fired.", "type": "string", "enum": [ { "name": "UnspecifiedThresholdType", "value": "UNSPECIFIED_THRESHOLD_TYPE" }, { "name": "ExpectedMin", "description": "Note that this field will only trigger alerts if the workflow specifying it runs at least once in 24 hours (which is our in-memory retention period for monarch streams). Also note that `aggregation_period` for this alert configuration must be less than 24 hours.", "value": "EXPECTED_MIN" }, { "name": "ExpectedMax", "value": "EXPECTED_MAX" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoTaskMetadata": { "description": "TaskMetadata are attributes that are associated to every common Task we have.", "properties": { "activeTaskName": { "type": "string", "description": "The new task name to replace the current task if it is deprecated. Otherwise, it is the same as the current task name." }, "admins": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoTaskMetadataAdmin" } }, "category": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoTaskMetadataCategory" }, "codeSearchLink": { "type": "string", "description": "The Code Search link to the Task Java file." }, "defaultJsonValidationOption": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoTaskMetadataDefaultJsonValidationOption", "description": "Controls whether JSON workflow parameters are validated against provided schemas before and/or after this task's execution." }, "defaultSpec": { "type": "string", "description": "Contains the initial configuration of the task with default values set. For now, The string should be compatible to an ASCII-proto format." }, "description": { "type": "string", "description": "In a few sentences, describe the purpose and usage of the task." }, "descriptiveName": { "type": "string", "description": "The string name to show on the task list on the Workflow editor screen. This should be a very short, one to two words name for the task. (e.g. \"Send Mail\")" }, "docMarkdown": { "type": "string", "description": "Snippet of markdown documentation to embed in the RHP for this task." }, "externalCategory": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoTaskMetadataExternalCategory" }, "externalCategorySequence": { "type": "integer", "description": "Sequence with which the task in specific category to be displayed in task discovery panel for external users." }, "externalDocHtml": { "type": "string", "description": "External-facing documention embedded in the RHP for this task." }, "externalDocLink": { "type": "string", "description": "Doc link for external-facing documentation (separate from g3doc)." }, "externalDocMarkdown": { "type": "string", "description": "DEPRECATED: Use external_doc_html.", "deprecationMessage": "DEPRECATED: Use external_doc_html." }, "g3DocLink": { "type": "string", "description": "URL to the associated G3 Doc for the task if available" }, "iconLink": { "type": "string", "description": "URL to gstatic image icon for this task. This icon shows up on the task list panel along with the task name in the Workflow Editor screen. Use the 24p, 2x, gray color icon image format." }, "isDeprecated": { "type": "boolean", "description": "The deprecation status of the current task. Default value is false;" }, "name": { "type": "string", "description": "The actual class name or the annotated name of the task. Task Author should initialize this field with value from the getName() method of the Task class." }, "standaloneExternalDocHtml": { "type": "string", "description": "External-facing documention for standalone IP in pantheon embedded in the RHP for this task. Non null only if different from external_doc_html" }, "status": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoTaskMetadataStatus", "description": "Allows author to indicate if the task is ready to use or not. If not set, then it will default to INACTIVE." }, "system": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoTaskMetadataSystem" }, "tags": { "type": "array", "items": { "type": "string" }, "description": "A set of tags that pertain to a particular task. This can be used to improve the searchability of tasks with several names (\"REST Caller\" vs. \"Call REST Endpoint\") or to help users find tasks based on related words." } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoTaskMetadataAdmin": { "description": "Admins are owners of a Task, and have all permissions on a particular task identified by the task name. By default, Eventbus periodically scans all task metadata and syncs (adds) any new admins defined here to Zanzibar.", "properties": { "googleGroupEmail": { "type": "string" }, "userEmail": { "type": "string" } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoTaskMetadataAdminResponse": { "description": "Admins are owners of a Task, and have all permissions on a particular task identified by the task name. By default, Eventbus periodically scans all task metadata and syncs (adds) any new admins defined here to Zanzibar.", "properties": { "googleGroupEmail": { "type": "string" }, "userEmail": { "type": "string" } }, "type": "object", "required": [ "googleGroupEmail", "userEmail" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoTaskMetadataCategory": { "type": "string", "enum": [ { "name": "UnspecifiedCategory", "value": "UNSPECIFIED_CATEGORY" }, { "name": "Custom", "value": "CUSTOM" }, { "name": "FlowControl", "value": "FLOW_CONTROL" }, { "name": "DataManipulation", "value": "DATA_MANIPULATION" }, { "name": "Scripting", "value": "SCRIPTING" }, { "name": "Connector", "value": "CONNECTOR" }, { "name": "Hidden", "description": "Internal IP tasks that should not be available in the UI.", "value": "HIDDEN" }, { "name": "CloudSystems", "description": "Tasks that are relevant to cloud systems teams and typically", "value": "CLOUD_SYSTEMS" }, { "name": "CustomTaskTemplate", "description": "include connecting to Vector salesforce, CRM Hub Spanner etc. Task entities that derive from a custom task template.", "value": "CUSTOM_TASK_TEMPLATE" }, { "name": "TaskRecommendations", "description": "Category to show task recommendations", "value": "TASK_RECOMMENDATIONS" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoTaskMetadataDefaultJsonValidationOption": { "description": "Controls whether JSON workflow parameters are validated against provided schemas before and/or after this task's execution.", "type": "string", "enum": [ { "name": "UnspecifiedJsonValidationOption", "description": "As per the default behavior, no validation will be run. Will not override any option set in a Task.", "value": "UNSPECIFIED_JSON_VALIDATION_OPTION" }, { "name": "Skip", "description": "Do not run any validation against JSON schemas.", "value": "SKIP" }, { "name": "PreExecution", "description": "Validate all potential input JSON parameters against schemas specified in WorkflowParameters.", "value": "PRE_EXECUTION" }, { "name": "PostExecution", "description": "Validate all potential output JSON parameters against schemas specified in WorkflowParameters.", "value": "POST_EXECUTION" }, { "name": "PrePostExecution", "description": "Perform both PRE_EXECUTION and POST_EXECUTION validations.", "value": "PRE_POST_EXECUTION" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoTaskMetadataExternalCategory": { "type": "string", "enum": [ { "name": "UnspecifiedExternalCategory", "value": "UNSPECIFIED_EXTERNAL_CATEGORY" }, { "name": "Core", "value": "CORE" }, { "name": "Connectors", "value": "CONNECTORS" }, { "name": "ExternalHttp", "description": "HTTP tasks, e.g. rest api call task", "value": "EXTERNAL_HTTP" }, { "name": "ExternalIntegrationServices", "description": "Integration services, e.g. connector task", "value": "EXTERNAL_INTEGRATION_SERVICES" }, { "name": "ExternalCustomerActions", "description": "Customer ations, e.g. email task", "value": "EXTERNAL_CUSTOMER_ACTIONS" }, { "name": "ExternalFlowControl", "description": "Flow control, e.g. while loop task", "value": "EXTERNAL_FLOW_CONTROL" }, { "name": "ExternalWorkspace", "description": "Workspace tasks, e.g. list drive task", "value": "EXTERNAL_WORKSPACE" }, { "name": "ExternalSecurity", "description": "Security, e.g. kms related tasks", "value": "EXTERNAL_SECURITY" }, { "name": "ExternalDatabases", "description": "Database operation tasks, e.g. read firestore info tasks", "value": "EXTERNAL_DATABASES" }, { "name": "ExternalAnalytics", "description": "Analytics tasks, e.g. dataflow creattion tasks", "value": "EXTERNAL_ANALYTICS" }, { "name": "ExternalByoc", "description": "BYOC tasks", "value": "EXTERNAL_BYOC" }, { "name": "ExternalByot", "description": "BYOT tasks", "value": "EXTERNAL_BYOT" }, { "name": "ExternalArtificialInteligence", "description": "AI related tasks.", "value": "EXTERNAL_ARTIFICIAL_INTELIGENCE" }, { "name": "ExternalDataManipulation", "description": "Data manipulation related tasks, e.g. data mapping task", "value": "EXTERNAL_DATA_MANIPULATION" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoTaskMetadataResponse": { "description": "TaskMetadata are attributes that are associated to every common Task we have.", "properties": { "activeTaskName": { "type": "string", "description": "The new task name to replace the current task if it is deprecated. Otherwise, it is the same as the current task name." }, "admins": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoTaskMetadataAdminResponse" } }, "category": { "type": "string" }, "codeSearchLink": { "type": "string", "description": "The Code Search link to the Task Java file." }, "defaultJsonValidationOption": { "type": "string", "description": "Controls whether JSON workflow parameters are validated against provided schemas before and/or after this task's execution." }, "defaultSpec": { "type": "string", "description": "Contains the initial configuration of the task with default values set. For now, The string should be compatible to an ASCII-proto format." }, "description": { "type": "string", "description": "In a few sentences, describe the purpose and usage of the task." }, "descriptiveName": { "type": "string", "description": "The string name to show on the task list on the Workflow editor screen. This should be a very short, one to two words name for the task. (e.g. \"Send Mail\")" }, "docMarkdown": { "type": "string", "description": "Snippet of markdown documentation to embed in the RHP for this task." }, "externalCategory": { "type": "string" }, "externalCategorySequence": { "type": "integer", "description": "Sequence with which the task in specific category to be displayed in task discovery panel for external users." }, "externalDocHtml": { "type": "string", "description": "External-facing documention embedded in the RHP for this task." }, "externalDocLink": { "type": "string", "description": "Doc link for external-facing documentation (separate from g3doc)." }, "externalDocMarkdown": { "type": "string", "description": "DEPRECATED: Use external_doc_html.", "deprecationMessage": "DEPRECATED: Use external_doc_html." }, "g3DocLink": { "type": "string", "description": "URL to the associated G3 Doc for the task if available" }, "iconLink": { "type": "string", "description": "URL to gstatic image icon for this task. This icon shows up on the task list panel along with the task name in the Workflow Editor screen. Use the 24p, 2x, gray color icon image format." }, "isDeprecated": { "type": "boolean", "description": "The deprecation status of the current task. Default value is false;" }, "name": { "type": "string", "description": "The actual class name or the annotated name of the task. Task Author should initialize this field with value from the getName() method of the Task class." }, "standaloneExternalDocHtml": { "type": "string", "description": "External-facing documention for standalone IP in pantheon embedded in the RHP for this task. Non null only if different from external_doc_html" }, "status": { "type": "string", "description": "Allows author to indicate if the task is ready to use or not. If not set, then it will default to INACTIVE." }, "system": { "type": "string" }, "tags": { "type": "array", "items": { "type": "string" }, "description": "A set of tags that pertain to a particular task. This can be used to improve the searchability of tasks with several names (\"REST Caller\" vs. \"Call REST Endpoint\") or to help users find tasks based on related words." } }, "type": "object", "required": [ "activeTaskName", "admins", "category", "codeSearchLink", "defaultJsonValidationOption", "defaultSpec", "description", "descriptiveName", "docMarkdown", "externalCategory", "externalCategorySequence", "externalDocHtml", "externalDocLink", "externalDocMarkdown", "g3DocLink", "iconLink", "isDeprecated", "name", "standaloneExternalDocHtml", "status", "system", "tags" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoTaskMetadataStatus": { "description": "Allows author to indicate if the task is ready to use or not. If not set, then it will default to INACTIVE.", "type": "string", "enum": [ { "name": "UnspecifiedStatus", "description": "Default value. Actual Task Status should always be set to either INACTIVE or ACTIVE. If none is specified at runtime, it will be set to INACTIVE.", "value": "UNSPECIFIED_STATUS" }, { "name": "DefaultInactive", "description": "Still in-progress or incomplete, and not intended for use.", "value": "DEFAULT_INACTIVE" }, { "name": "Active", "description": "Available for use.", "value": "ACTIVE" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoTaskMetadataSystem": { "type": "string", "enum": [ { "name": "UnspecifiedSystem", "value": "UNSPECIFIED_SYSTEM" }, { "name": "Generic", "value": "GENERIC" }, { "name": "Buganizer", "value": "BUGANIZER" }, { "name": "Salesforce", "value": "SALESFORCE" }, { "name": "CloudSql", "value": "CLOUD_SQL" }, { "name": "Plx", "value": "PLX" }, { "name": "Sheets", "value": "SHEETS" }, { "name": "GoogleGroups", "value": "GOOGLE_GROUPS" }, { "name": "Email", "value": "EMAIL" }, { "name": "Spanner", "value": "SPANNER" }, { "name": "DataBridge", "value": "DATA_BRIDGE" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoTaskUiConfig": { "description": "Task authors would use this type to configure the UI for a particular task by specifying what UI config modules should be included to compose the UI. Learn more about config module framework:", "properties": { "taskUiModuleConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoTaskUiModuleConfig" }, "description": "Configurations of included config modules." } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoTaskUiConfigResponse": { "description": "Task authors would use this type to configure the UI for a particular task by specifying what UI config modules should be included to compose the UI. Learn more about config module framework:", "properties": { "taskUiModuleConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoTaskUiModuleConfigResponse" }, "description": "Configurations of included config modules." } }, "type": "object", "required": [ "taskUiModuleConfigs" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoTaskUiModuleConfig": { "description": "Task author would use this type to configure a config module.", "properties": { "moduleId": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoTaskUiModuleConfigModuleId", "description": "ID of the config module." } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoTaskUiModuleConfigModuleId": { "description": "ID of the config module.", "type": "string", "enum": [ { "name": "UnspecifiedTaskModule", "description": "Default", "value": "UNSPECIFIED_TASK_MODULE" }, { "name": "Label", "description": "Supports editing label of a task config.", "value": "LABEL" }, { "name": "ErrorHandling", "description": "Supports editing error handling settings such as retry strategy.", "value": "ERROR_HANDLING" }, { "name": "TaskParamTable", "description": "Supports adding, removing and editing task parameter values in a table with little assistance or restriction.", "value": "TASK_PARAM_TABLE" }, { "name": "TaskParamForm", "description": "Supports editing values of declared input parameters of a task. Think of it as a \"strongly typed\" upgrade to the TASK_PARAM_TABLE.", "value": "TASK_PARAM_FORM" }, { "name": "Precondition", "description": "Supports editing preconditions of a task config.", "value": "PRECONDITION" }, { "name": "ScriptEditor", "description": "Supports adding, editing, and deleting the scripts associated with a script task, as well as modifying the input/output parameters.", "value": "SCRIPT_EDITOR" }, { "name": "Rpc", "description": "Supports editing task parameters associated with an RPC/stubby task.", "value": "RPC" }, { "name": "TaskSummary", "description": "Contains readonly task information, including input/output type info.", "value": "TASK_SUMMARY" }, { "name": "Suspension", "description": "Configures a SuspensionTask.", "value": "SUSPENSION" }, { "name": "RpcTyped", "description": "Configures a GenericStubbyTypedTask.", "value": "RPC_TYPED" }, { "name": "SubWorkflow", "description": "Configures a SubWorkflowExecutorTask.", "value": "SUB_WORKFLOW" }, { "name": "AppsScriptNavigator", "description": "Supports navigating to Apps Script editor", "value": "APPS_SCRIPT_NAVIGATOR" }, { "name": "SubWorkflowForEachLoop", "description": "Configures a SubWorkflowForEachLoopTask.", "value": "SUB_WORKFLOW_FOR_EACH_LOOP" }, { "name": "FieldMapping", "description": "Configures a FieldMappingTask.", "value": "FIELD_MAPPING" }, { "name": "Readme", "description": "Contains embedded in-product documentation for a task.", "value": "README" }, { "name": "RestCaller", "description": "UI widget for the rest caller task.", "value": "REST_CALLER" }, { "name": "SubWorkflowScatterGather", "description": "Configures a SubWorkflowScatterGatherTask.", "value": "SUB_WORKFLOW_SCATTER_GATHER" }, { "name": "CloudSql", "description": "Configures a CloudSql Task.", "value": "CLOUD_SQL" }, { "name": "GenericConnectorTask", "description": "Configure a GenericConnectorTask.", "value": "GENERIC_CONNECTOR_TASK" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoTaskUiModuleConfigResponse": { "description": "Task author would use this type to configure a config module.", "properties": { "moduleId": { "type": "string", "description": "ID of the config module." } }, "type": "object", "required": [ "moduleId" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoTeardown": { "properties": { "teardownTaskConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoTeardownTaskConfig" }, "description": "Required." } }, "type": "object", "required": [ "teardownTaskConfigs" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoTeardownResponse": { "properties": { "teardownTaskConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoTeardownTaskConfigResponse" }, "description": "Required." } }, "type": "object", "required": [ "teardownTaskConfigs" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoTeardownTaskConfig": { "properties": { "creatorEmail": { "type": "string", "description": "The creator's email address." }, "name": { "type": "string", "description": "Unique identifier of the teardown task within this Config. We use this field as the identifier to find next teardown tasks." }, "nextTeardownTask": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoNextTeardownTask" }, "parameters": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoEventParameters", "description": "The parameters the user can pass to this task." }, "properties": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoEventBusProperties" }, "teardownTaskImplementationClassName": { "type": "string", "description": "Implementation class name." } }, "type": "object", "required": [ "name", "teardownTaskImplementationClassName" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoTeardownTaskConfigResponse": { "properties": { "creatorEmail": { "type": "string", "description": "The creator's email address." }, "name": { "type": "string", "description": "Unique identifier of the teardown task within this Config. We use this field as the identifier to find next teardown tasks." }, "nextTeardownTask": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoNextTeardownTaskResponse" }, "parameters": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoEventParametersResponse", "description": "The parameters the user can pass to this task." }, "properties": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoEventBusPropertiesResponse" }, "teardownTaskImplementationClassName": { "type": "string", "description": "Implementation class name." } }, "type": "object", "required": [ "creatorEmail", "name", "nextTeardownTask", "parameters", "properties", "teardownTaskImplementationClassName" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoTriggerCriteria": { "properties": { "condition": { "type": "string", "description": "Standard filter expression, when true the workflow will be executed. If there's no trigger_criteria_task_implementation_class_name specified, the condition will be validated directly." }, "parameters": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoEventParameters", "description": "Optional. To be used in TaskConfig for the implementation class." }, "triggerCriteriaTaskImplementationClassName": { "type": "string", "description": "Optional. Implementation class name. The class should implement the “TypedTask” interface." } }, "type": "object", "required": [ "condition" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoTriggerCriteriaResponse": { "properties": { "condition": { "type": "string", "description": "Standard filter expression, when true the workflow will be executed. If there's no trigger_criteria_task_implementation_class_name specified, the condition will be validated directly." }, "parameters": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoEventParametersResponse", "description": "Optional. To be used in TaskConfig for the implementation class." }, "triggerCriteriaTaskImplementationClassName": { "type": "string", "description": "Optional. Implementation class name. The class should implement the “TypedTask” interface." } }, "type": "object", "required": [ "condition", "parameters", "triggerCriteriaTaskImplementationClassName" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoValueType": { "description": "Used for define type for values. Currently supported value types include int, string, double, array, and any proto message.", "properties": { "booleanValue": { "type": "boolean" }, "doubleArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoDoubleArray" }, "doubleValue": { "type": "number" }, "intArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoIntArray" }, "intValue": { "type": "string" }, "protoValue": { "type": "object", "additionalProperties": { "type": "string" } }, "stringArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoStringArray" }, "stringValue": { "type": "string" } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoValueTypeResponse": { "description": "Used for define type for values. Currently supported value types include int, string, double, array, and any proto message.", "properties": { "booleanValue": { "type": "boolean" }, "doubleArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoDoubleArrayResponse" }, "doubleValue": { "type": "number" }, "intArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoIntArrayResponse" }, "intValue": { "type": "string" }, "protoValue": { "type": "object", "additionalProperties": { "type": "string" } }, "stringArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoStringArrayResponse" }, "stringValue": { "type": "string" } }, "type": "object", "required": [ "booleanValue", "doubleArray", "doubleValue", "intArray", "intValue", "protoValue", "stringArray", "stringValue" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoWorkflowAlertConfig": { "description": "Message to be used to configure custom alerting in the {@code EventConfig} protos for an event.", "properties": { "aggregationPeriod": { "type": "string", "description": "For an EXPECTED_MIN threshold, this aggregation_period must be lesser than 24 hours." }, "alertDisabled": { "type": "boolean", "description": "Set to false by default. When set to true, the metrics are not aggregated or pushed to Monarch for this workflow alert." }, "alertName": { "type": "string", "description": "A name to identify this alert. This will be displayed in the alert subject. If set, this name should be unique within the scope of the workflow." }, "clientId": { "type": "string", "description": "Client associated with this alert configuration." }, "durationThresholdMs": { "type": "string", "description": "Should be specified only for *AVERAGE_DURATION and *PERCENTILE_DURATION metrics. This member should be used to specify what duration value the metrics should exceed for the alert to trigger." }, "errorEnumList": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoBaseAlertConfigErrorEnumList" }, "metricType": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoWorkflowAlertConfigMetricType" }, "numAggregationPeriods": { "type": "integer", "description": "For how many contiguous aggregation periods should the expected min or max be violated for the alert to be fired." }, "onlyFinalAttempt": { "type": "boolean", "description": "For either events or tasks, depending on the type of alert, count only final attempts, not retries." }, "playbookUrl": { "type": "string", "description": "Link to a playbook for resolving the issue that triggered this alert." }, "thresholdType": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoWorkflowAlertConfigThresholdType", "description": "The threshold type, whether lower(expected_min) or upper(expected_max), for which this alert is being configured. If value falls below expected_min or exceeds expected_max, an alert will be fired." }, "thresholdValue": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoBaseAlertConfigThresholdValue", "description": "The metric value, above or below which the alert should be triggered." }, "warningEnumList": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoBaseAlertConfigErrorEnumList" } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoWorkflowAlertConfigMetricType": { "type": "string", "enum": [ { "name": "MetricTypeUnspecified", "description": "The default value. Metric type should always be set to one of the other non-default values, otherwise it will result in an INVALID_ARGUMENT error.", "value": "METRIC_TYPE_UNSPECIFIED" }, { "name": "EventErrorRate", "description": "Specifies alerting on the rate of errors for the enclosing workflow.", "value": "EVENT_ERROR_RATE" }, { "name": "EventWarningRate", "description": "Specifies alerting on the rate of warnings for the enclosing workflow. Warnings use the same enum values as errors.", "value": "EVENT_WARNING_RATE" }, { "name": "TaskErrorRate", "description": "Specifies alerting on the rate of errors for any task in the enclosing workflow.", "value": "TASK_ERROR_RATE" }, { "name": "TaskWarningRate", "description": "Specifies alerting on the rate of warnings for any task in the enclosing workflow.", "value": "TASK_WARNING_RATE" }, { "name": "TaskRate", "description": "Specifies alerting on the rate of executions over all tasks in the enclosing workflow.", "value": "TASK_RATE" }, { "name": "EventRate", "description": "Specifies alerting on the number of events executed in the given aggregation_period.", "value": "EVENT_RATE" }, { "name": "EventAverageDuration", "description": "Specifies alerting on the average duration of executions for this workflow.", "value": "EVENT_AVERAGE_DURATION" }, { "name": "EventPercentileDuration", "description": "Specifies alerting on the duration value of a particular percentile of workflow executions. E.g. If 10% or more of the workflow executions have durations above 5 seconds, alert.", "value": "EVENT_PERCENTILE_DURATION" }, { "name": "TaskAverageDuration", "description": "Specifies alerting on the average duration of any task in the enclosing workflow,", "value": "TASK_AVERAGE_DURATION" }, { "name": "TaskPercentileDuration", "description": "Specifies alerting on the duration value of a particular percentile of any task executions within the enclosing workflow. E.g. If 10% or more of the task executions in the workflow have durations above 5 seconds, alert.", "value": "TASK_PERCENTILE_DURATION" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoWorkflowAlertConfigResponse": { "description": "Message to be used to configure custom alerting in the {@code EventConfig} protos for an event.", "properties": { "aggregationPeriod": { "type": "string", "description": "For an EXPECTED_MIN threshold, this aggregation_period must be lesser than 24 hours." }, "alertDisabled": { "type": "boolean", "description": "Set to false by default. When set to true, the metrics are not aggregated or pushed to Monarch for this workflow alert." }, "alertName": { "type": "string", "description": "A name to identify this alert. This will be displayed in the alert subject. If set, this name should be unique within the scope of the workflow." }, "clientId": { "type": "string", "description": "Client associated with this alert configuration." }, "durationThresholdMs": { "type": "string", "description": "Should be specified only for *AVERAGE_DURATION and *PERCENTILE_DURATION metrics. This member should be used to specify what duration value the metrics should exceed for the alert to trigger." }, "errorEnumList": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoBaseAlertConfigErrorEnumListResponse" }, "metricType": { "type": "string" }, "numAggregationPeriods": { "type": "integer", "description": "For how many contiguous aggregation periods should the expected min or max be violated for the alert to be fired." }, "onlyFinalAttempt": { "type": "boolean", "description": "For either events or tasks, depending on the type of alert, count only final attempts, not retries." }, "playbookUrl": { "type": "string", "description": "Link to a playbook for resolving the issue that triggered this alert." }, "thresholdType": { "type": "string", "description": "The threshold type, whether lower(expected_min) or upper(expected_max), for which this alert is being configured. If value falls below expected_min or exceeds expected_max, an alert will be fired." }, "thresholdValue": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoBaseAlertConfigThresholdValueResponse", "description": "The metric value, above or below which the alert should be triggered." }, "warningEnumList": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoBaseAlertConfigErrorEnumListResponse" } }, "type": "object", "required": [ "aggregationPeriod", "alertDisabled", "alertName", "clientId", "durationThresholdMs", "errorEnumList", "metricType", "numAggregationPeriods", "onlyFinalAttempt", "playbookUrl", "thresholdType", "thresholdValue", "warningEnumList" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusProtoWorkflowAlertConfigThresholdType": { "description": "The threshold type, whether lower(expected_min) or upper(expected_max), for which this alert is being configured. If value falls below expected_min or exceeds expected_max, an alert will be fired.", "type": "string", "enum": [ { "name": "UnspecifiedThresholdType", "value": "UNSPECIFIED_THRESHOLD_TYPE" }, { "name": "ExpectedMin", "description": "Note that this field will only trigger alerts if the workflow specifying it runs at least once in 24 hours (which is our in-memory retention period for monarch streams). Also note that `aggregation_period` for this alert configuration must be less than 24 hours.", "value": "EXPECTED_MIN" }, { "name": "ExpectedMax", "value": "EXPECTED_MAX" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusStats": { "description": "Stats for the requested dimensions: QPS, duration, and error/warning rate", "properties": { "dimensions": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusStatsDimensions", "description": "Dimensions that these stats have been aggregated on." }, "durationInSeconds": { "type": "number", "description": "Average duration in seconds." }, "errorRate": { "type": "number", "description": "Average error rate." }, "qps": { "type": "number", "description": "Queries per second." }, "warningRate": { "type": "number", "description": "Average warning rate." } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusStatsDimensions": { "properties": { "clientId": { "type": "string" }, "enumFilterType": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusStatsDimensionsEnumFilterType", "description": "Whether to include or exclude the enums matching the regex." }, "errorEnumString": { "type": "string" }, "retryAttempt": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusStatsDimensionsRetryAttempt" }, "taskName": { "type": "string" }, "taskNumber": { "type": "string" }, "triggerId": { "type": "string", "description": "Stats have been or will be aggregated on set fields for any semantically-meaningful combination." }, "warningEnumString": { "type": "string" }, "workflowId": { "type": "string" }, "workflowName": { "type": "string" } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusStatsDimensionsEnumFilterType": { "description": "Whether to include or exclude the enums matching the regex.", "type": "string", "enum": [ { "name": "DefaultInclusive", "value": "DEFAULT_INCLUSIVE" }, { "name": "Exclusive", "value": "EXCLUSIVE" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusStatsDimensionsResponse": { "properties": { "clientId": { "type": "string" }, "enumFilterType": { "type": "string", "description": "Whether to include or exclude the enums matching the regex." }, "errorEnumString": { "type": "string" }, "retryAttempt": { "type": "string" }, "taskName": { "type": "string" }, "taskNumber": { "type": "string" }, "triggerId": { "type": "string", "description": "Stats have been or will be aggregated on set fields for any semantically-meaningful combination." }, "warningEnumString": { "type": "string" }, "workflowId": { "type": "string" }, "workflowName": { "type": "string" } }, "type": "object", "required": [ "clientId", "enumFilterType", "errorEnumString", "retryAttempt", "taskName", "taskNumber", "triggerId", "warningEnumString", "workflowId", "workflowName" ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusStatsDimensionsRetryAttempt": { "type": "string", "enum": [ { "name": "Unspecified", "value": "UNSPECIFIED" }, { "name": "Final", "description": "Task has completed successfully or has depleted all retry attempts.", "value": "FINAL" }, { "name": "Retryable", "description": "Task has failed but may be retried.", "value": "RETRYABLE" }, { "name": "Canceled", "description": "Task has been deliberately canceled.", "value": "CANCELED" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmEventbusStatsResponse": { "description": "Stats for the requested dimensions: QPS, duration, and error/warning rate", "properties": { "dimensions": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusStatsDimensionsResponse", "description": "Dimensions that these stats have been aggregated on." }, "durationInSeconds": { "type": "number", "description": "Average duration in seconds." }, "errorRate": { "type": "number", "description": "Average error rate." }, "qps": { "type": "number", "description": "Queries per second." }, "warningRate": { "type": "number", "description": "Average warning rate." } }, "type": "object", "required": [ "dimensions", "durationInSeconds", "errorRate", "qps", "warningRate" ] }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoBooleanParameterArray": { "properties": { "booleanValues": { "type": "array", "items": { "type": "boolean" } } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoBooleanParameterArrayResponse": { "properties": { "booleanValues": { "type": "array", "items": { "type": "boolean" } } }, "type": "object", "required": [ "booleanValues" ] }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoDoubleParameterArray": { "properties": { "doubleValues": { "type": "array", "items": { "type": "number" } } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoDoubleParameterArrayResponse": { "properties": { "doubleValues": { "type": "array", "items": { "type": "number" } } }, "type": "object", "required": [ "doubleValues" ] }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoEventParameters": { "description": "LINT.IfChange This message is used for processing and persisting (when applicable) key value pair parameters for each event in the event bus. Please see", "properties": { "parameters": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoParameterEntry" }, "description": "Parameters are a part of Event and can be used to communicate between different tasks that are part of the same workflow execution." } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoEventParametersResponse": { "description": "LINT.IfChange This message is used for processing and persisting (when applicable) key value pair parameters for each event in the event bus. Please see", "properties": { "parameters": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoParameterEntryResponse" }, "description": "Parameters are a part of Event and can be used to communicate between different tasks that are part of the same workflow execution." } }, "type": "object", "required": [ "parameters" ] }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoIntParameterArray": { "properties": { "intValues": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoIntParameterArrayResponse": { "properties": { "intValues": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "intValues" ] }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoParamSpecEntry": { "description": "Key-value pair of EventBus task parameters. Next id: 13", "properties": { "className": { "type": "string", "description": "The FQCN of the Java object this represents. A string, for example, would be \"java.lang.String\". If this is \"java.lang.Object\", the parameter can be of any type." }, "collectionElementClassName": { "type": "string", "description": "If it is a collection of objects, this would be the FCQN of every individual element in the collection. If this is \"java.lang.Object\", the parameter is a collection of any type." }, "config": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoParamSpecEntryConfig", "description": "Optional fields, such as help text and other useful info." }, "dataType": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoParamSpecEntryDataType", "description": "The data type of the parameter." }, "defaultValue": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoParameterValueType", "description": "Default values for the defined keys. Each value can either be string, int, double or any proto message or a serialized object." }, "isDeprecated": { "type": "boolean", "description": "If set, this entry is deprecated, so further use of this parameter should be prohibited." }, "isOutput": { "type": "boolean" }, "jsonSchema": { "type": "string", "description": "If the data_type is JSON_VALUE, then this will define its schema." }, "key": { "type": "string", "description": "Key is used to retrieve the corresponding parameter value. This should be unique for a given task. These parameters must be predefined in the workflow definition." }, "protoDef": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoParamSpecEntryProtoDefinition", "description": "Populated if this represents a proto or proto array." }, "required": { "type": "boolean", "description": "If set, the user must provide an input value for this parameter." }, "validationRule": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoParamSpecEntryValidationRule", "description": "Rule used to validate inputs (individual values and collection elements) for this parameter." } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoParamSpecEntryDataType": { "description": "The data type of the parameter.", "type": "string", "enum": [ { "name": "DataTypeUnspecified", "value": "DATA_TYPE_UNSPECIFIED" }, { "name": "StringValue", "value": "STRING_VALUE" }, { "name": "IntValue", "value": "INT_VALUE" }, { "name": "DoubleValue", "value": "DOUBLE_VALUE" }, { "name": "BooleanValue", "value": "BOOLEAN_VALUE" }, { "name": "ProtoValue", "value": "PROTO_VALUE" }, { "name": "SerializedObjectValue", "value": "SERIALIZED_OBJECT_VALUE" }, { "name": "StringArray", "value": "STRING_ARRAY" }, { "name": "IntArray", "value": "INT_ARRAY" }, { "name": "DoubleArray", "value": "DOUBLE_ARRAY" }, { "name": "ProtoArray", "value": "PROTO_ARRAY" }, { "name": "ProtoEnum", "value": "PROTO_ENUM" }, { "name": "BooleanArray", "value": "BOOLEAN_ARRAY" }, { "name": "ProtoEnumArray", "value": "PROTO_ENUM_ARRAY" }, { "name": "Bytes", "description": "BYTES and BYTES_ARRAY data types are not allowed for top-level params. They're only meant to support protobufs with BYTES (sub)fields.", "value": "BYTES" }, { "name": "BytesArray", "value": "BYTES_ARRAY" }, { "name": "NonSerializableObject", "value": "NON_SERIALIZABLE_OBJECT" }, { "name": "JsonValue", "value": "JSON_VALUE" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoParamSpecEntryResponse": { "description": "Key-value pair of EventBus task parameters. Next id: 13", "properties": { "className": { "type": "string", "description": "The FQCN of the Java object this represents. A string, for example, would be \"java.lang.String\". If this is \"java.lang.Object\", the parameter can be of any type." }, "collectionElementClassName": { "type": "string", "description": "If it is a collection of objects, this would be the FCQN of every individual element in the collection. If this is \"java.lang.Object\", the parameter is a collection of any type." }, "config": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoParamSpecEntryConfigResponse", "description": "Optional fields, such as help text and other useful info." }, "dataType": { "type": "string", "description": "The data type of the parameter." }, "defaultValue": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoParameterValueTypeResponse", "description": "Default values for the defined keys. Each value can either be string, int, double or any proto message or a serialized object." }, "isDeprecated": { "type": "boolean", "description": "If set, this entry is deprecated, so further use of this parameter should be prohibited." }, "isOutput": { "type": "boolean" }, "jsonSchema": { "type": "string", "description": "If the data_type is JSON_VALUE, then this will define its schema." }, "key": { "type": "string", "description": "Key is used to retrieve the corresponding parameter value. This should be unique for a given task. These parameters must be predefined in the workflow definition." }, "protoDef": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoParamSpecEntryProtoDefinitionResponse", "description": "Populated if this represents a proto or proto array." }, "required": { "type": "boolean", "description": "If set, the user must provide an input value for this parameter." }, "validationRule": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoParamSpecEntryValidationRuleResponse", "description": "Rule used to validate inputs (individual values and collection elements) for this parameter." } }, "type": "object", "required": [ "className", "collectionElementClassName", "config", "dataType", "defaultValue", "isDeprecated", "isOutput", "jsonSchema", "key", "protoDef", "required", "validationRule" ] }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoParamSpecsMessage": { "properties": { "parameters": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoParamSpecEntry" } } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoParamSpecsMessageResponse": { "properties": { "parameters": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoParamSpecEntryResponse" } } }, "type": "object", "required": [ "parameters" ] }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoParameterEntry": { "description": "Key-value pair of EventBus parameters.", "properties": { "dataType": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoParameterEntryDataType", "description": "Explicitly getting the type of the parameter." }, "key": { "type": "string", "description": "Key is used to retrieve the corresponding parameter value. This should be unique for a given fired event. These parameters must be predefined in the workflow definition." }, "value": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoParameterValueType", "description": "Values for the defined keys. Each value can either be string, int, double or any proto message." } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoParameterEntryDataType": { "description": "Explicitly getting the type of the parameter.", "type": "string", "enum": [ { "name": "DataTypeUnspecified", "value": "DATA_TYPE_UNSPECIFIED" }, { "name": "StringValue", "value": "STRING_VALUE" }, { "name": "IntValue", "value": "INT_VALUE" }, { "name": "DoubleValue", "value": "DOUBLE_VALUE" }, { "name": "BooleanValue", "value": "BOOLEAN_VALUE" }, { "name": "ProtoValue", "value": "PROTO_VALUE" }, { "name": "SerializedObjectValue", "value": "SERIALIZED_OBJECT_VALUE" }, { "name": "StringArray", "value": "STRING_ARRAY" }, { "name": "IntArray", "value": "INT_ARRAY" }, { "name": "DoubleArray", "value": "DOUBLE_ARRAY" }, { "name": "ProtoArray", "value": "PROTO_ARRAY" }, { "name": "ProtoEnum", "value": "PROTO_ENUM" }, { "name": "BooleanArray", "value": "BOOLEAN_ARRAY" }, { "name": "ProtoEnumArray", "value": "PROTO_ENUM_ARRAY" }, { "name": "Bytes", "description": "BYTES and BYTES_ARRAY data types are not allowed for top-level params. They're only meant to support protobufs with BYTES (sub)fields.", "value": "BYTES" }, { "name": "BytesArray", "value": "BYTES_ARRAY" }, { "name": "NonSerializableObject", "value": "NON_SERIALIZABLE_OBJECT" }, { "name": "JsonValue", "value": "JSON_VALUE" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoParameterEntryResponse": { "description": "Key-value pair of EventBus parameters.", "properties": { "dataType": { "type": "string", "description": "Explicitly getting the type of the parameter." }, "key": { "type": "string", "description": "Key is used to retrieve the corresponding parameter value. This should be unique for a given fired event. These parameters must be predefined in the workflow definition." }, "value": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoParameterValueTypeResponse", "description": "Values for the defined keys. Each value can either be string, int, double or any proto message." } }, "type": "object", "required": [ "dataType", "key", "value" ] }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoParameterValueType": { "description": "To support various types of parameter values. Next available id: 14", "properties": { "booleanArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoBooleanParameterArray" }, "booleanValue": { "type": "boolean" }, "doubleArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoDoubleParameterArray" }, "doubleValue": { "type": "number" }, "intArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoIntParameterArray" }, "intValue": { "type": "string" }, "jsonValue": { "type": "string" }, "protoArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoProtoParameterArray" }, "protoValue": { "type": "object", "additionalProperties": { "type": "string" } }, "serializedObjectValue": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoSerializedObjectParameter" }, "stringArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoStringParameterArray" }, "stringValue": { "type": "string" } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoParameterValueTypeResponse": { "description": "To support various types of parameter values. Next available id: 14", "properties": { "booleanArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoBooleanParameterArrayResponse" }, "booleanValue": { "type": "boolean" }, "doubleArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoDoubleParameterArrayResponse" }, "doubleValue": { "type": "number" }, "intArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoIntParameterArrayResponse" }, "intValue": { "type": "string" }, "jsonValue": { "type": "string" }, "protoArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoProtoParameterArrayResponse" }, "protoValue": { "type": "object", "additionalProperties": { "type": "string" } }, "serializedObjectValue": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoSerializedObjectParameterResponse" }, "stringArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoStringParameterArrayResponse" }, "stringValue": { "type": "string" } }, "type": "object", "required": [ "booleanArray", "booleanValue", "doubleArray", "doubleValue", "intArray", "intValue", "jsonValue", "protoArray", "protoValue", "serializedObjectValue", "stringArray", "stringValue" ] }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoProtoParameterArray": { "properties": { "protoValues": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } } } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoProtoParameterArrayResponse": { "properties": { "protoValues": { "type": "array", "items": { "type": "object", "additionalProperties": { "type": "string" } } } }, "type": "object", "required": [ "protoValues" ] }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoRollbackStrategy": { "description": "Next available id: 4", "properties": { "parameters": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoEventParameters", "description": "Optional. The customized parameters the user can pass to this task." }, "rollbackTaskImplementationClassName": { "type": "string", "description": "This is the name of the task that needs to be executed upon rollback of this task." }, "taskNumbersToRollback": { "type": "array", "items": { "type": "string" }, "description": "These are the tasks numbers of the tasks whose `rollback_strategy.rollback_task_implementation_class_name` needs to be executed upon failure of this task." } }, "type": "object", "required": [ "rollbackTaskImplementationClassName", "taskNumbersToRollback" ] }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoRollbackStrategyResponse": { "description": "Next available id: 4", "properties": { "parameters": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoEventParametersResponse", "description": "Optional. The customized parameters the user can pass to this task." }, "rollbackTaskImplementationClassName": { "type": "string", "description": "This is the name of the task that needs to be executed upon rollback of this task." }, "taskNumbersToRollback": { "type": "array", "items": { "type": "string" }, "description": "These are the tasks numbers of the tasks whose `rollback_strategy.rollback_task_implementation_class_name` needs to be executed upon failure of this task." } }, "type": "object", "required": [ "parameters", "rollbackTaskImplementationClassName", "taskNumbersToRollback" ] }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoSerializedObjectParameter": { "properties": { "objectValue": { "type": "string" } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoSerializedObjectParameterResponse": { "properties": { "objectValue": { "type": "string" } }, "type": "object", "required": [ "objectValue" ] }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoStringParameterArray": { "properties": { "stringValues": { "type": "array", "items": { "type": "string" } } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoStringParameterArrayResponse": { "properties": { "stringValues": { "type": "array", "items": { "type": "string" } } }, "type": "object", "required": [ "stringValues" ] }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoTaskConfig": { "description": "The task configuration details. This is not the implementation of Task. There might be multiple TaskConfigs for the same Task.", "properties": { "alertConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoTaskAlertConfig" }, "description": "Alert configurations on error rate, warning rate, number of runs, durations, etc." }, "createTime": { "type": "string", "description": "Auto-generated." }, "creatorEmail": { "type": "string", "description": "The creator's email address. Auto-generated from the user's email." }, "description": { "type": "string", "description": "User-provided description intended to give more business context about the task." }, "disableStrictTypeValidation": { "type": "boolean", "description": "If this config contains a TypedTask, allow validation to succeed if an input is read from the output of another TypedTask whose output type is declared as a superclass of the requested input type. For instance, if the previous task declares an output of type Message, any task with this flag enabled will pass validation when attempting to read any proto Message type from the resultant Event parameter." }, "errorCatcherId": { "type": "string", "description": "Optional Error catcher id of the error catch flow which will be executed when execution error happens in the task" }, "externalTaskType": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoTaskConfigExternalTaskType" }, "failurePolicy": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoFailurePolicy", "description": "Optional. Determines the number of times the task will be retried on failure and with what retry strategy. This is applicable for asynchronous calls to Eventbus alone (Post To Queue, Schedule etc.)." }, "incomingEdgeCount": { "type": "integer", "description": "The number of edges leading into this TaskConfig." }, "jsonValidationOption": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoTaskConfigJsonValidationOption", "description": "If set, overrides the option configured in the Task implementation class." }, "label": { "type": "string", "description": "User-provided label that is attached to this TaskConfig in the UI." }, "lastModifiedTime": { "type": "string", "description": "Auto-generated." }, "nextTasks": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoNextTask" }, "description": "The set of tasks that are next in line to be executed as per the execution graph defined for the parent event, specified by `event_config_id`. Each of these next tasks are executed only if the condition associated with them evaluates to true." }, "nextTasksExecutionPolicy": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoTaskConfigNextTasksExecutionPolicy", "description": "The policy dictating the execution of the next set of tasks for the current task." }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The customized parameters the user can pass to this task." }, "position": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoCoordinate", "description": "Optional. Informs the front-end application where to draw this task config on the UI." }, "precondition": { "type": "string", "description": "Optional. Standard filter expression evaluated before execution. Independent of other conditions and tasks. Can be used to enable rollout. e.g. \"rollout(5)\" will only allow 5% of incoming traffic to task." }, "preconditionLabel": { "type": "string", "description": "Optional. User-provided label that is attached to precondition in the UI." }, "rollbackStrategy": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoRollbackStrategy", "description": "Optional. Contains information about what needs to be done upon failure (either a permanent error or after it has been retried too many times)." }, "successPolicy": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoSuccessPolicy", "description": "Determines what action to take upon successful task completion." }, "synchronousCallFailurePolicy": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoFailurePolicy", "description": "Optional. Determines the number of times the task will be retried on failure and with what retry strategy. This is applicable for synchronous calls to Eventbus alone (Post)." }, "taskEntity": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoTaskEntity", "description": "Copy of the task entity that this task config is an instance of." }, "taskExecutionStrategy": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoTaskConfigTaskExecutionStrategy", "description": "The policy dictating the execution strategy of this task." }, "taskName": { "type": "string", "description": "The name for the task." }, "taskNumber": { "type": "string", "description": "REQUIRED: the identifier of this task within its parent event config, specified by the client. This should be unique among all the tasks belong to the same event config. We use this field as the identifier to find next tasks (via field `next_tasks.task_number`)." }, "taskSpec": { "type": "string", "description": "A string template that allows user to configure task parameters (with either literal default values or tokens which will be resolved at execution time) for the task. It will eventually replace the old \"parameters\" field." }, "taskTemplateName": { "type": "string", "description": "Used to define task-template name if task is of type task-template" }, "taskType": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoTaskConfigTaskType", "description": "Defines the type of the task" } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoTaskConfigExternalTaskType": { "type": "string", "enum": [ { "name": "ExternalTaskTypeUnspecified", "description": "Default value. External task type is not specified", "value": "EXTERNAL_TASK_TYPE_UNSPECIFIED" }, { "name": "NormalTask", "description": "Tasks belongs to the normal task flows", "value": "NORMAL_TASK" }, { "name": "ErrorTask", "description": "Task belongs to the error catch task flows", "value": "ERROR_TASK" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoTaskConfigJsonValidationOption": { "description": "If set, overrides the option configured in the Task implementation class.", "type": "string", "enum": [ { "name": "UnspecifiedJsonValidationOption", "description": "As per the default behavior, no validation will be run. Will not override any option set in a Task.", "value": "UNSPECIFIED_JSON_VALIDATION_OPTION" }, { "name": "Skip", "description": "Do not run any validation against JSON schemas.", "value": "SKIP" }, { "name": "PreExecution", "description": "Validate all potential input JSON parameters against schemas specified in WorkflowParameters.", "value": "PRE_EXECUTION" }, { "name": "PostExecution", "description": "Validate all potential output JSON parameters against schemas specified in WorkflowParameters.", "value": "POST_EXECUTION" }, { "name": "PrePostExecution", "description": "Perform both PRE_EXECUTION and POST_EXECUTION validations.", "value": "PRE_POST_EXECUTION" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoTaskConfigNextTasksExecutionPolicy": { "description": "The policy dictating the execution of the next set of tasks for the current task.", "type": "string", "enum": [ { "name": "Unspecified", "description": "Default", "value": "UNSPECIFIED" }, { "name": "RunAllMatch", "description": "Execute all the tasks that satisfy their associated condition.", "value": "RUN_ALL_MATCH" }, { "name": "RunFirstMatch", "description": "Execute the first task that satisfies the associated condition.", "value": "RUN_FIRST_MATCH" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoTaskConfigResponse": { "description": "The task configuration details. This is not the implementation of Task. There might be multiple TaskConfigs for the same Task.", "properties": { "alertConfigs": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoTaskAlertConfigResponse" }, "description": "Alert configurations on error rate, warning rate, number of runs, durations, etc." }, "createTime": { "type": "string", "description": "Auto-generated." }, "creatorEmail": { "type": "string", "description": "The creator's email address. Auto-generated from the user's email." }, "description": { "type": "string", "description": "User-provided description intended to give more business context about the task." }, "disableStrictTypeValidation": { "type": "boolean", "description": "If this config contains a TypedTask, allow validation to succeed if an input is read from the output of another TypedTask whose output type is declared as a superclass of the requested input type. For instance, if the previous task declares an output of type Message, any task with this flag enabled will pass validation when attempting to read any proto Message type from the resultant Event parameter." }, "errorCatcherId": { "type": "string", "description": "Optional Error catcher id of the error catch flow which will be executed when execution error happens in the task" }, "externalTaskType": { "type": "string" }, "failurePolicy": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoFailurePolicyResponse", "description": "Optional. Determines the number of times the task will be retried on failure and with what retry strategy. This is applicable for asynchronous calls to Eventbus alone (Post To Queue, Schedule etc.)." }, "incomingEdgeCount": { "type": "integer", "description": "The number of edges leading into this TaskConfig." }, "jsonValidationOption": { "type": "string", "description": "If set, overrides the option configured in the Task implementation class." }, "label": { "type": "string", "description": "User-provided label that is attached to this TaskConfig in the UI." }, "lastModifiedTime": { "type": "string", "description": "Auto-generated." }, "nextTasks": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoNextTaskResponse" }, "description": "The set of tasks that are next in line to be executed as per the execution graph defined for the parent event, specified by `event_config_id`. Each of these next tasks are executed only if the condition associated with them evaluates to true." }, "nextTasksExecutionPolicy": { "type": "string", "description": "The policy dictating the execution of the next set of tasks for the current task." }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "The customized parameters the user can pass to this task." }, "position": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoCoordinateResponse", "description": "Optional. Informs the front-end application where to draw this task config on the UI." }, "precondition": { "type": "string", "description": "Optional. Standard filter expression evaluated before execution. Independent of other conditions and tasks. Can be used to enable rollout. e.g. \"rollout(5)\" will only allow 5% of incoming traffic to task." }, "preconditionLabel": { "type": "string", "description": "Optional. User-provided label that is attached to precondition in the UI." }, "rollbackStrategy": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoRollbackStrategyResponse", "description": "Optional. Contains information about what needs to be done upon failure (either a permanent error or after it has been retried too many times)." }, "successPolicy": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoSuccessPolicyResponse", "description": "Determines what action to take upon successful task completion." }, "synchronousCallFailurePolicy": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoFailurePolicyResponse", "description": "Optional. Determines the number of times the task will be retried on failure and with what retry strategy. This is applicable for synchronous calls to Eventbus alone (Post)." }, "taskEntity": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoTaskEntityResponse", "description": "Copy of the task entity that this task config is an instance of." }, "taskExecutionStrategy": { "type": "string", "description": "The policy dictating the execution strategy of this task." }, "taskName": { "type": "string", "description": "The name for the task." }, "taskNumber": { "type": "string", "description": "REQUIRED: the identifier of this task within its parent event config, specified by the client. This should be unique among all the tasks belong to the same event config. We use this field as the identifier to find next tasks (via field `next_tasks.task_number`)." }, "taskSpec": { "type": "string", "description": "A string template that allows user to configure task parameters (with either literal default values or tokens which will be resolved at execution time) for the task. It will eventually replace the old \"parameters\" field." }, "taskTemplateName": { "type": "string", "description": "Used to define task-template name if task is of type task-template" }, "taskType": { "type": "string", "description": "Defines the type of the task" } }, "type": "object", "required": [ "alertConfigs", "createTime", "creatorEmail", "description", "disableStrictTypeValidation", "errorCatcherId", "externalTaskType", "failurePolicy", "incomingEdgeCount", "jsonValidationOption", "label", "lastModifiedTime", "nextTasks", "nextTasksExecutionPolicy", "parameters", "position", "precondition", "preconditionLabel", "rollbackStrategy", "successPolicy", "synchronousCallFailurePolicy", "taskEntity", "taskExecutionStrategy", "taskName", "taskNumber", "taskSpec", "taskTemplateName", "taskType" ] }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoTaskConfigTaskExecutionStrategy": { "description": "The policy dictating the execution strategy of this task.", "type": "string", "enum": [ { "name": "WhenAllSucceed", "description": "Wait until all of its previous tasks finished execution, then verify at least one of the edge conditions is met, and execute if possible. This should be considered as WHEN_ALL_TASKS_SUCCEED.", "value": "WHEN_ALL_SUCCEED" }, { "name": "WhenAnySucceed", "description": "Start execution as long as any of its previous tasks finished execution and the corresponding edge condition is met (since we will execute if only that succeeding edge condition is met).", "value": "WHEN_ANY_SUCCEED" }, { "name": "WhenAllTasksAndConditionsSucceed", "description": "Wait until all of its previous tasks finished execution, then verify the all edge conditions are met and execute if possible.", "value": "WHEN_ALL_TASKS_AND_CONDITIONS_SUCCEED" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoTaskConfigTaskType": { "description": "Defines the type of the task", "type": "string", "enum": [ { "name": "Task", "description": "Normal IP task", "value": "TASK" }, { "name": "AsisTemplate", "description": "Task is of As-Is Template type", "value": "ASIS_TEMPLATE" }, { "name": "IoTemplate", "description": "Task is of I/O template type with a different underlying task", "value": "IO_TEMPLATE" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoTaskEntity": { "description": "Contains a task's metadata and associated information. Next available id: 7", "properties": { "disabledForVpcSc": { "type": "boolean", "description": "True if the task has conflict with vpcsc" }, "metadata": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoTaskMetadata", "description": "Metadata inclueds the task name, author and so on." }, "paramSpecs": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoParamSpecsMessage", "description": "Declarations for inputs/outputs for a TypedTask. This is also associated with the METADATA mask." }, "stats": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusStats", "description": "Deprecated - statistics from the Monarch query.", "deprecationMessage": "Deprecated - statistics from the Monarch query." }, "taskType": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoTaskEntityTaskType", "description": "Defines the type of the task" }, "uiConfig": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoTaskUiConfig", "description": "UI configuration for this task Also associated with the METADATA mask." } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoTaskEntityResponse": { "description": "Contains a task's metadata and associated information. Next available id: 7", "properties": { "disabledForVpcSc": { "type": "boolean", "description": "True if the task has conflict with vpcsc" }, "metadata": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoTaskMetadataResponse", "description": "Metadata inclueds the task name, author and so on." }, "paramSpecs": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoParamSpecsMessageResponse", "description": "Declarations for inputs/outputs for a TypedTask. This is also associated with the METADATA mask." }, "stats": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusStatsResponse", "description": "Deprecated - statistics from the Monarch query.", "deprecationMessage": "Deprecated - statistics from the Monarch query." }, "taskType": { "type": "string", "description": "Defines the type of the task" }, "uiConfig": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoTaskUiConfigResponse", "description": "UI configuration for this task Also associated with the METADATA mask." } }, "type": "object", "required": [ "disabledForVpcSc", "metadata", "paramSpecs", "stats", "taskType", "uiConfig" ] }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoTaskEntityTaskType": { "description": "Defines the type of the task", "type": "string", "enum": [ { "name": "Task", "description": "Normal IP task", "value": "TASK" }, { "name": "AsisTemplate", "description": "Task is of As-Is Template type", "value": "ASIS_TEMPLATE" }, { "name": "IoTemplate", "description": "Task is of I/O template type with a different underlying task", "value": "IO_TEMPLATE" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoTriggerConfig": { "description": "Configuration detail of a trigger. Next available id: 20", "properties": { "alertConfig": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoWorkflowAlertConfig" }, "description": "An alert threshold configuration for the [trigger + client + workflow] tuple. If these values are not specified in the trigger config, default values will be populated by the system. Note that there must be exactly one alert threshold configured per [client + trigger + workflow] when published." }, "cloudSchedulerConfig": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoCloudSchedulerConfig" }, "description": { "type": "string", "description": "User-provided description intended to give more business context about the task." }, "enabledClients": { "type": "array", "items": { "type": "string" }, "description": "The list of client ids which are enabled to execute the workflow using this trigger. In other words, these clients have the workflow execution privledges for this trigger. For API trigger, the client id in the incoming request is validated against the list of enabled clients. For non-API triggers, one workflow execution is triggered on behalf of each enabled client." }, "errorCatcherId": { "type": "string", "description": "Optional Error catcher id of the error catch flow which will be executed when execution error happens in the task" }, "label": { "type": "string", "description": "The user created label for a particular trigger." }, "nextTasksExecutionPolicy": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoTriggerConfigNextTasksExecutionPolicy", "description": "Dictates how next tasks will be executed." }, "pauseWorkflowExecutions": { "type": "boolean", "description": "Optional. If set to true, any upcoming requests for this trigger config will be paused and the executions will be resumed later when the flag is reset. The workflow to which this trigger config belongs has to be in ACTIVE status for the executions to be paused or resumed." }, "position": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoCoordinate", "description": "Optional. Informs the front-end application where to draw this trigger config on the UI." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Configurable properties of the trigger, not to be confused with workflow parameters. E.g. \"name\" is a property for API triggers and \"subscription\" is a property for Cloud Pubsub triggers." }, "startTasks": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoNextTask" }, "description": "Set of tasks numbers from where the workflow execution is started by this trigger. If this is empty, then workflow is executed with default start tasks. In the list of start tasks, none of two tasks can have direct ancestor-descendant relationships (i.e. in a same workflow execution graph)." }, "triggerCriteria": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoTriggerCriteria", "description": "Optional. When set, Eventbus will run the task specified in the trigger_criteria and validate the result using the trigger_criteria.condition, and only execute the workflow when result is true." }, "triggerId": { "type": "string", "description": "The backend trigger ID." }, "triggerName": { "type": "string", "description": "Optional. Name of the trigger This is added to identify the type of trigger. This is avoid the logic on triggerId to identify the trigger_type and push the same to monitoring." }, "triggerNumber": { "type": "string", "description": "A number to uniquely identify each trigger config within the workflow on UI." }, "triggerType": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoTriggerConfigTriggerType" } }, "type": "object", "required": [ "enabledClients", "triggerNumber" ] }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoTriggerConfigNextTasksExecutionPolicy": { "description": "Dictates how next tasks will be executed.", "type": "string", "enum": [ { "name": "Unspecified", "description": "Default", "value": "UNSPECIFIED" }, { "name": "RunAllMatch", "description": "Execute all the tasks that satisfy their associated condition.", "value": "RUN_ALL_MATCH" }, { "name": "RunFirstMatch", "description": "Execute the first task that satisfies the associated condition.", "value": "RUN_FIRST_MATCH" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoTriggerConfigResponse": { "description": "Configuration detail of a trigger. Next available id: 20", "properties": { "alertConfig": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoWorkflowAlertConfigResponse" }, "description": "An alert threshold configuration for the [trigger + client + workflow] tuple. If these values are not specified in the trigger config, default values will be populated by the system. Note that there must be exactly one alert threshold configured per [client + trigger + workflow] when published." }, "cloudSchedulerConfig": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoCloudSchedulerConfigResponse" }, "description": { "type": "string", "description": "User-provided description intended to give more business context about the task." }, "enabledClients": { "type": "array", "items": { "type": "string" }, "description": "The list of client ids which are enabled to execute the workflow using this trigger. In other words, these clients have the workflow execution privledges for this trigger. For API trigger, the client id in the incoming request is validated against the list of enabled clients. For non-API triggers, one workflow execution is triggered on behalf of each enabled client." }, "errorCatcherId": { "type": "string", "description": "Optional Error catcher id of the error catch flow which will be executed when execution error happens in the task" }, "label": { "type": "string", "description": "The user created label for a particular trigger." }, "nextTasksExecutionPolicy": { "type": "string", "description": "Dictates how next tasks will be executed." }, "pauseWorkflowExecutions": { "type": "boolean", "description": "Optional. If set to true, any upcoming requests for this trigger config will be paused and the executions will be resumed later when the flag is reset. The workflow to which this trigger config belongs has to be in ACTIVE status for the executions to be paused or resumed." }, "position": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoCoordinateResponse", "description": "Optional. Informs the front-end application where to draw this trigger config on the UI." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Configurable properties of the trigger, not to be confused with workflow parameters. E.g. \"name\" is a property for API triggers and \"subscription\" is a property for Cloud Pubsub triggers." }, "startTasks": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoNextTaskResponse" }, "description": "Set of tasks numbers from where the workflow execution is started by this trigger. If this is empty, then workflow is executed with default start tasks. In the list of start tasks, none of two tasks can have direct ancestor-descendant relationships (i.e. in a same workflow execution graph)." }, "triggerCriteria": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoTriggerCriteriaResponse", "description": "Optional. When set, Eventbus will run the task specified in the trigger_criteria and validate the result using the trigger_criteria.condition, and only execute the workflow when result is true." }, "triggerId": { "type": "string", "description": "The backend trigger ID." }, "triggerName": { "type": "string", "description": "Optional. Name of the trigger This is added to identify the type of trigger. This is avoid the logic on triggerId to identify the trigger_type and push the same to monitoring." }, "triggerNumber": { "type": "string", "description": "A number to uniquely identify each trigger config within the workflow on UI." }, "triggerType": { "type": "string" } }, "type": "object", "required": [ "alertConfig", "cloudSchedulerConfig", "description", "enabledClients", "errorCatcherId", "label", "nextTasksExecutionPolicy", "pauseWorkflowExecutions", "position", "properties", "startTasks", "triggerCriteria", "triggerId", "triggerName", "triggerNumber", "triggerType" ] }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoTriggerConfigTriggerType": { "type": "string", "enum": [ { "name": "Unknown", "value": "UNKNOWN" }, { "name": "CloudPubsub", "value": "CLOUD_PUBSUB" }, { "name": "Goops", "value": "GOOPS" }, { "name": "SfdcSync", "value": "SFDC_SYNC" }, { "name": "Cron", "value": "CRON" }, { "name": "Api", "value": "API" }, { "name": "ManifoldTrigger", "value": "MANIFOLD_TRIGGER" }, { "name": "DatalayerDataChange", "value": "DATALAYER_DATA_CHANGE" }, { "name": "SfdcChannel", "value": "SFDC_CHANNEL" }, { "name": "CloudPubsubExternal", "value": "CLOUD_PUBSUB_EXTERNAL" }, { "name": "SfdcCdcChannel", "value": "SFDC_CDC_CHANNEL" }, { "name": "SfdcPlatformEventsChannel", "value": "SFDC_PLATFORM_EVENTS_CHANNEL" }, { "name": "CloudScheduler", "value": "CLOUD_SCHEDULER" }, { "name": "IntegrationConnectorTrigger", "value": "INTEGRATION_CONNECTOR_TRIGGER" }, { "name": "PrivateTrigger", "value": "PRIVATE_TRIGGER" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoWorkflowParameterEntry": { "properties": { "attributes": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoAttributes", "description": "Metadata information about the parameters." }, "children": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoWorkflowParameterEntry" }, "description": "Child parameters nested within this parameter. This field only applies to protobuf parameters" }, "dataType": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoWorkflowParameterEntryDataType", "description": "The data type of the parameter." }, "defaultValue": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoParameterValueType", "description": "Default values for the defined keys. Each value can either be string, int, double or any proto message or a serialized object." }, "description": { "type": "string", "description": "Optional. The description about the parameter" }, "inOutType": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoWorkflowParameterEntryInOutType", "description": "Specifies the input/output type for the parameter." }, "isTransient": { "type": "boolean", "description": "Whether this parameter is a transient parameter." }, "jsonSchema": { "type": "string", "description": "This schema will be used to validate runtime JSON-typed values of this parameter." }, "key": { "type": "string", "description": "Key is used to retrieve the corresponding parameter value. This should be unique for a given fired event. These parameters must be predefined in the workflow definition." }, "name": { "type": "string", "description": "The name (without prefix) to be displayed in the UI for this parameter. E.g. if the key is \"foo.bar.myName\", then the name would be \"myName\"." }, "producedBy": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoNodeIdentifier", "description": "The identifier of the node (TaskConfig/TriggerConfig) this parameter was produced by, if it is a transient param or a copy of an input param." }, "producer": { "type": "string" }, "protoDefName": { "type": "string", "description": "The name of the protobuf type if the parameter has a protobuf data type." }, "protoDefPath": { "type": "string", "description": "If the data type is of type proto or proto array, this field needs to be populated with the fully qualified proto name. This message, for example, would be \"enterprise.crm.frontends.eventbus.proto.WorkflowParameterEntry\"." } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoWorkflowParameterEntryDataType": { "description": "The data type of the parameter.", "type": "string", "enum": [ { "name": "DataTypeUnspecified", "value": "DATA_TYPE_UNSPECIFIED" }, { "name": "StringValue", "value": "STRING_VALUE" }, { "name": "IntValue", "value": "INT_VALUE" }, { "name": "DoubleValue", "value": "DOUBLE_VALUE" }, { "name": "BooleanValue", "value": "BOOLEAN_VALUE" }, { "name": "ProtoValue", "value": "PROTO_VALUE" }, { "name": "SerializedObjectValue", "value": "SERIALIZED_OBJECT_VALUE" }, { "name": "StringArray", "value": "STRING_ARRAY" }, { "name": "IntArray", "value": "INT_ARRAY" }, { "name": "DoubleArray", "value": "DOUBLE_ARRAY" }, { "name": "ProtoArray", "value": "PROTO_ARRAY" }, { "name": "ProtoEnum", "value": "PROTO_ENUM" }, { "name": "BooleanArray", "value": "BOOLEAN_ARRAY" }, { "name": "ProtoEnumArray", "value": "PROTO_ENUM_ARRAY" }, { "name": "Bytes", "description": "BYTES and BYTES_ARRAY data types are not allowed for top-level params. They're only meant to support protobufs with BYTES (sub)fields.", "value": "BYTES" }, { "name": "BytesArray", "value": "BYTES_ARRAY" }, { "name": "NonSerializableObject", "value": "NON_SERIALIZABLE_OBJECT" }, { "name": "JsonValue", "value": "JSON_VALUE" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoWorkflowParameterEntryInOutType": { "description": "Specifies the input/output type for the parameter.", "type": "string", "enum": [ { "name": "InOutTypeUnspecified", "value": "IN_OUT_TYPE_UNSPECIFIED" }, { "name": "In", "description": "Input parameters for the workflow. EventBus validates that these parameters exist in the workflows before execution.", "value": "IN" }, { "name": "Out", "description": "Output Parameters for the workflow. EventBus will only return the workflow parameters tagged with OUT in the response back.", "value": "OUT" }, { "name": "InOut", "description": "Input or Output Parameters. These can be used as both input and output. EventBus will validate for the existence of these parameters before execution and will also return this parameter back in the response.", "value": "IN_OUT" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoWorkflowParameterEntryResponse": { "properties": { "attributes": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoAttributesResponse", "description": "Metadata information about the parameters." }, "children": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoWorkflowParameterEntryResponse" }, "description": "Child parameters nested within this parameter. This field only applies to protobuf parameters" }, "dataType": { "type": "string", "description": "The data type of the parameter." }, "defaultValue": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoParameterValueTypeResponse", "description": "Default values for the defined keys. Each value can either be string, int, double or any proto message or a serialized object." }, "description": { "type": "string", "description": "Optional. The description about the parameter" }, "inOutType": { "type": "string", "description": "Specifies the input/output type for the parameter." }, "isTransient": { "type": "boolean", "description": "Whether this parameter is a transient parameter." }, "jsonSchema": { "type": "string", "description": "This schema will be used to validate runtime JSON-typed values of this parameter." }, "key": { "type": "string", "description": "Key is used to retrieve the corresponding parameter value. This should be unique for a given fired event. These parameters must be predefined in the workflow definition." }, "name": { "type": "string", "description": "The name (without prefix) to be displayed in the UI for this parameter. E.g. if the key is \"foo.bar.myName\", then the name would be \"myName\"." }, "producedBy": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmEventbusProtoNodeIdentifierResponse", "description": "The identifier of the node (TaskConfig/TriggerConfig) this parameter was produced by, if it is a transient param or a copy of an input param." }, "producer": { "type": "string" }, "protoDefName": { "type": "string", "description": "The name of the protobuf type if the parameter has a protobuf data type." }, "protoDefPath": { "type": "string", "description": "If the data type is of type proto or proto array, this field needs to be populated with the fully qualified proto name. This message, for example, would be \"enterprise.crm.frontends.eventbus.proto.WorkflowParameterEntry\"." } }, "type": "object", "required": [ "attributes", "children", "dataType", "defaultValue", "description", "inOutType", "isTransient", "jsonSchema", "key", "name", "producedBy", "producer", "protoDefName", "protoDefPath" ] }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoWorkflowParameters": { "description": "LINT.IfChange This is the frontend version of WorkflowParameters. It's exactly like the backend version except that instead of flattening protobuf parameters and treating every field and subfield of a protobuf parameter as a separate parameter, the fields/subfields of a protobuf parameter will be nested as \"children\" (see 'children' field below) parameters of the parent parameter. Please refer to enterprise/crm/eventbus/proto/workflow_parameters.proto for more information about WorkflowParameters.", "properties": { "parameters": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoWorkflowParameterEntry" }, "description": "Parameters are a part of Event and can be used to communiticate between different tasks that are part of the same workflow execution." } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmFrontendsEventbusProtoWorkflowParametersResponse": { "description": "LINT.IfChange This is the frontend version of WorkflowParameters. It's exactly like the backend version except that instead of flattening protobuf parameters and treating every field and subfield of a protobuf parameter as a separate parameter, the fields/subfields of a protobuf parameter will be nested as \"children\" (see 'children' field below) parameters of the parent parameter. Please refer to enterprise/crm/eventbus/proto/workflow_parameters.proto for more information about WorkflowParameters.", "properties": { "parameters": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmFrontendsEventbusProtoWorkflowParameterEntryResponse" }, "description": "Parameters are a part of Event and can be used to communiticate between different tasks that are part of the same workflow execution." } }, "type": "object", "required": [ "parameters" ] }, "google-native:integrations/v1alpha:EnterpriseCrmLoggingGwsFieldLimits": { "description": "Describes string and array limits when writing to logs. When a limit is exceeded the *shortener_type* describes how to shorten the field. next_id: 6", "properties": { "logAction": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmLoggingGwsFieldLimitsLogAction" }, "logType": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmLoggingGwsFieldLimitsLogTypeItem" }, "description": "To which type(s) of logs the limits apply." }, "maxArraySize": { "type": "integer", "description": "maximum array size. If the array exceds this size, the field (list) is truncated." }, "maxStringLength": { "type": "integer", "description": "maximum string length. If the field exceeds this amount the field is shortened." }, "shortenerType": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmLoggingGwsFieldLimitsShortenerType" } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmLoggingGwsFieldLimitsLogAction": { "type": "string", "enum": [ { "name": "LogActionUnspecified", "value": "LOG_ACTION_UNSPECIFIED" }, { "name": "DontLog", "value": "DONT_LOG" }, { "name": "Log", "value": "LOG" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmLoggingGwsFieldLimitsLogTypeItem": { "type": "string", "enum": [ { "name": "LogTypeUnspecified", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "Gws", "description": "Limits apply when log detail records are written to GWS.", "value": "GWS" }, { "name": "Gts", "description": "Limits apply when log detail records are written to GTS (e.g., RecordIO files).", "value": "GTS" }, { "name": "All", "description": "Limits apply to *all* output log types.", "value": "ALL" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmLoggingGwsFieldLimitsResponse": { "description": "Describes string and array limits when writing to logs. When a limit is exceeded the *shortener_type* describes how to shorten the field. next_id: 6", "properties": { "logAction": { "type": "string" }, "logType": { "type": "array", "items": { "type": "string" }, "description": "To which type(s) of logs the limits apply." }, "maxArraySize": { "type": "integer", "description": "maximum array size. If the array exceds this size, the field (list) is truncated." }, "maxStringLength": { "type": "integer", "description": "maximum string length. If the field exceeds this amount the field is shortened." }, "shortenerType": { "type": "string" } }, "type": "object", "required": [ "logAction", "logType", "maxArraySize", "maxStringLength", "shortenerType" ] }, "google-native:integrations/v1alpha:EnterpriseCrmLoggingGwsFieldLimitsShortenerType": { "type": "string", "enum": [ { "name": "ShortenerTypeUnspecified", "value": "SHORTENER_TYPE_UNSPECIFIED" }, { "name": "Shorten", "description": "String is shortened to max_string_length.", "value": "SHORTEN" }, { "name": "Hash", "description": "String is replaced by its hex-string hash.", "value": "HASH" }, { "name": "ShortenWithHash", "description": "String is replaced by a combination of string shortening and a hex-string hash.", "value": "SHORTEN_WITH_HASH" }, { "name": "ShortenEmail", "description": "String shortening for email addresses. Shortening may be done on the user and/or domain portion of the email address.", "value": "SHORTEN_EMAIL" }, { "name": "ShortenEmailWithHash", "description": "String is replaced by a combination of string shortening and a hex-string hash for an email address.", "value": "SHORTEN_EMAIL_WITH_HASH" }, { "name": "ShortenDomain", "description": "Shortens a domain name (e.g., as part of an email address or URL).", "value": "SHORTEN_DOMAIN" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmLoggingGwsSanitizeOptions": { "description": "Identifies whether a field contains, or may contain, PII or sensitive data, and how to sanitize the field if it does. If a field's privacy type cannot be determined then it is sanitized (e.g., scrubbed). The specific sanitizer implementation is determined by run-time configuration and environment options (e.g., prod vs. qa). next_id: 5", "properties": { "isAlreadySanitized": { "type": "boolean", "description": "If true, the value has already been sanitized and needs no further sanitization. For instance, a D3 customer id is already an obfuscated entity and *might not* need further sanitization." }, "logType": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmLoggingGwsSanitizeOptionsLogTypeItem" }, "description": "To which type(s) of logs the sanitize options apply." }, "privacy": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmLoggingGwsSanitizeOptionsPrivacy" }, "sanitizeType": { "$ref": "#/types/google-native:integrations%2Fv1alpha:EnterpriseCrmLoggingGwsSanitizeOptionsSanitizeType" } }, "type": "object" }, "google-native:integrations/v1alpha:EnterpriseCrmLoggingGwsSanitizeOptionsLogTypeItem": { "type": "string", "enum": [ { "name": "LogTypeUnspecified", "value": "LOG_TYPE_UNSPECIFIED" }, { "name": "Gws", "description": "Limits apply when log detail records are written to GWS.", "value": "GWS" }, { "name": "Gts", "description": "Limits apply when log detail records are written to GTS (e.g., RecordIO files).", "value": "GTS" }, { "name": "All", "description": "Limits apply to *all* output log types.", "value": "ALL" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmLoggingGwsSanitizeOptionsPrivacy": { "type": "string", "enum": [ { "name": "PrivacyTypeUnspecified", "value": "PRIVACY_TYPE_UNSPECIFIED" }, { "name": "NotPii", "description": "Field does *NOT* contain PII or sensitive data.", "value": "NOT_PII" }, { "name": "Pii", "description": "Field contains PII.", "value": "PII" }, { "name": "Spii", "description": "Field contains Sensitive PII.", "value": "SPII" }, { "name": "Unsure", "description": "Unsure if field contains PII.", "value": "UNSURE" } ] }, "google-native:integrations/v1alpha:EnterpriseCrmLoggingGwsSanitizeOptionsResponse": { "description": "Identifies whether a field contains, or may contain, PII or sensitive data, and how to sanitize the field if it does. If a field's privacy type cannot be determined then it is sanitized (e.g., scrubbed). The specific sanitizer implementation is determined by run-time configuration and environment options (e.g., prod vs. qa). next_id: 5", "properties": { "isAlreadySanitized": { "type": "boolean", "description": "If true, the value has already been sanitized and needs no further sanitization. For instance, a D3 customer id is already an obfuscated entity and *might not* need further sanitization." }, "logType": { "type": "array", "items": { "type": "string" }, "description": "To which type(s) of logs the sanitize options apply." }, "privacy": { "type": "string" }, "sanitizeType": { "type": "string" } }, "type": "object", "required": [ "isAlreadySanitized", "logType", "privacy", "sanitizeType" ] }, "google-native:integrations/v1alpha:EnterpriseCrmLoggingGwsSanitizeOptionsSanitizeType": { "type": "string", "enum": [ { "name": "SanitizeTypeUnspecified", "value": "SANITIZE_TYPE_UNSPECIFIED" }, { "name": "Scrub", "description": "Replace value with a scrubbed value (usu. a constant).", "value": "SCRUB" }, { "name": "Anonymize", "description": "Transform a value so that it cannot be tracked across events. However, a given value, is transformed to the same value *within* an event. E.g., \"foo.com\" is transformed to \"0xabcdef\" for event 1001, and to \"0xfedcba\" for event 1002.", "value": "ANONYMIZE" }, { "name": "AnonymizeLimitedRepeatable", "description": "Transform values as with ANONYMIZER, but the same transformation is repeated for a limited time (e.g., 1 day).", "value": "ANONYMIZE_LIMITED_REPEATABLE" }, { "name": "Obfuscate", "description": "The value is transformed using a well-defined obfuscator (e.g., D3_CUSTOMER_ID).", "value": "OBFUSCATE" }, { "name": "Encrypt", "description": "The value is encrypted.", "value": "ENCRYPT" }, { "name": "DoNotSanitize", "description": "No sanitization is required.", "value": "DO_NOT_SANITIZE" } ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaAccessToken": { "description": "The access token represents the authorization of a specific application to access specific parts of a user’s data.", "properties": { "accessToken": { "type": "string", "description": "The access token encapsulating the security identity of a process or thread." }, "accessTokenExpireTime": { "type": "string", "description": "The approximate time until the access token retrieved is valid." }, "refreshToken": { "type": "string", "description": "If the access token will expire, use the refresh token to obtain another access token." }, "refreshTokenExpireTime": { "type": "string", "description": "The approximate time until the refresh token retrieved is valid." }, "tokenType": { "type": "string", "description": "Only support \"bearer\" token in v1 as bearer token is the predominant type used with OAuth 2.0." } }, "type": "object", "required": [ "accessTokenExpireTime" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaAccessTokenResponse": { "description": "The access token represents the authorization of a specific application to access specific parts of a user’s data.", "properties": { "accessToken": { "type": "string", "description": "The access token encapsulating the security identity of a process or thread." }, "accessTokenExpireTime": { "type": "string", "description": "The approximate time until the access token retrieved is valid." }, "refreshToken": { "type": "string", "description": "If the access token will expire, use the refresh token to obtain another access token." }, "refreshTokenExpireTime": { "type": "string", "description": "The approximate time until the refresh token retrieved is valid." }, "tokenType": { "type": "string", "description": "Only support \"bearer\" token in v1 as bearer token is the predominant type used with OAuth 2.0." } }, "type": "object", "required": [ "accessToken", "accessTokenExpireTime", "refreshToken", "refreshTokenExpireTime", "tokenType" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaAssertion": { "description": "An assertion which will check for a condition over task execution status or an expression for task output variables Next available id: 5", "properties": { "assertionStrategy": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaAssertionAssertionStrategy", "description": "The type of assertion to perform." }, "condition": { "type": "string", "description": "Optional. Standard filter expression for ASSERT_CONDITION to succeed" }, "parameter": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaEventParameter", "description": "Optional. Key-value pair for ASSERT_EQUALS, ASSERT_NOT_EQUALS, ASSERT_CONTAINS to succeed" }, "retryCount": { "type": "integer", "description": "Number of times given task should be retried in case of ASSERT_FAILED_EXECUTION" } }, "type": "object" }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaAssertionAssertionStrategy": { "description": "The type of assertion to perform.", "type": "string", "enum": [ { "name": "AssertionStrategyUnspecified", "description": "Unspecified Assertion strategy", "value": "ASSERTION_STRATEGY_UNSPECIFIED" }, { "name": "AssertSuccessfulExecution", "description": "Test a successful execution", "value": "ASSERT_SUCCESSFUL_EXECUTION" }, { "name": "AssertFailedExecution", "description": "Test a failed execution", "value": "ASSERT_FAILED_EXECUTION" }, { "name": "AssertNoExecution", "description": "Test that the task was never executed", "value": "ASSERT_NO_EXECUTION" }, { "name": "AssertEquals", "description": "Test the parameter selected is equal to the expected value", "value": "ASSERT_EQUALS" }, { "name": "AssertNotEquals", "description": "Test the parameter selected is not equal to the expected value", "value": "ASSERT_NOT_EQUALS" }, { "name": "AssertContains", "description": "Test the parameter selected contains the configured value", "value": "ASSERT_CONTAINS" }, { "name": "AssertCondition", "description": "Test a specific condition", "value": "ASSERT_CONDITION" } ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaAssertionResponse": { "description": "An assertion which will check for a condition over task execution status or an expression for task output variables Next available id: 5", "properties": { "assertionStrategy": { "type": "string", "description": "The type of assertion to perform." }, "condition": { "type": "string", "description": "Optional. Standard filter expression for ASSERT_CONDITION to succeed" }, "parameter": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaEventParameterResponse", "description": "Optional. Key-value pair for ASSERT_EQUALS, ASSERT_NOT_EQUALS, ASSERT_CONTAINS to succeed" }, "retryCount": { "type": "integer", "description": "Number of times given task should be retried in case of ASSERT_FAILED_EXECUTION" } }, "type": "object", "required": [ "assertionStrategy", "condition", "parameter", "retryCount" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaAuthToken": { "description": "The credentials to authenticate a user agent with a server that is put in HTTP Authorization request header.", "properties": { "token": { "type": "string", "description": "The token for the auth type." }, "type": { "type": "string", "description": "Authentication type, e.g. \"Basic\", \"Bearer\", etc." } }, "type": "object" }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaAuthTokenResponse": { "description": "The credentials to authenticate a user agent with a server that is put in HTTP Authorization request header.", "properties": { "token": { "type": "string", "description": "The token for the auth type." }, "type": { "type": "string", "description": "Authentication type, e.g. \"Basic\", \"Bearer\", etc." } }, "type": "object", "required": [ "token", "type" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaBooleanParameterArray": { "description": "This message only contains a field of boolean array.", "properties": { "booleanValues": { "type": "array", "items": { "type": "boolean" }, "description": "Boolean array." } }, "type": "object" }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaBooleanParameterArrayResponse": { "description": "This message only contains a field of boolean array.", "properties": { "booleanValues": { "type": "array", "items": { "type": "boolean" }, "description": "Boolean array." } }, "type": "object", "required": [ "booleanValues" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaClientCertificate": { "description": "Contains client certificate information", "properties": { "encryptedPrivateKey": { "type": "string", "description": "The ssl certificate encoded in PEM format. This string must include the begin header and end footer lines. For example, -----BEGIN CERTIFICATE----- MIICTTCCAbagAwIBAgIJAPT0tSKNxan/MA0GCSqGSIb3DQEBCwUAMCoxFzAVBgNV BAoTDkdvb2dsZSBURVNUSU5HMQ8wDQYDVQQDEwZ0ZXN0Q0EwHhcNMTUwMTAxMDAw MDAwWhcNMjUwMTAxMDAwMDAwWjAuMRcwFQYDVQQKEw5Hb29nbGUgVEVTVElORzET MBEGA1UEAwwKam9lQGJhbmFuYTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA vDYFgMgxi5W488d9J7UpCInl0NXmZQpJDEHE4hvkaRlH7pnC71H0DLt0/3zATRP1 JzY2+eqBmbGl4/sgZKYv8UrLnNyQNUTsNx1iZAfPUflf5FwgVsai8BM0pUciq1NB xD429VFcrGZNucvFLh72RuRFIKH8WUpiK/iZNFkWhZ0CAwEAAaN3MHUwDgYDVR0P AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB Af8EAjAAMBkGA1UdDgQSBBCVgnFBCWgL/iwCqnGrhTPQMBsGA1UdIwQUMBKAEKey Um2o4k2WiEVA0ldQvNYwDQYJKoZIhvcNAQELBQADgYEAYK986R4E3L1v+Q6esBtW JrUwA9UmJRSQr0N5w3o9XzarU37/bkjOP0Fw0k/A6Vv1n3vlciYfBFaBIam1qRHr 5dMsYf4CZS6w50r7hyzqyrwDoyNxkLnd2PdcHT/sym1QmflsjEs7pejtnohO6N2H wQW6M0H7Zt8claGRla4fKkg= -----END CERTIFICATE-----" }, "passphrase": { "type": "string", "description": "'passphrase' should be left unset if private key is not encrypted. Note that 'passphrase' is not the password for web server, but an extra layer of security to protected private key." }, "sslCertificate": { "type": "string", "description": "The ssl certificate encoded in PEM format. This string must include the begin header and end footer lines. For example, -----BEGIN CERTIFICATE----- MIICTTCCAbagAwIBAgIJAPT0tSKNxan/MA0GCSqGSIb3DQEBCwUAMCoxFzAVBgNV BAoTDkdvb2dsZSBURVNUSU5HMQ8wDQYDVQQDEwZ0ZXN0Q0EwHhcNMTUwMTAxMDAw MDAwWhcNMjUwMTAxMDAwMDAwWjAuMRcwFQYDVQQKEw5Hb29nbGUgVEVTVElORzET MBEGA1UEAwwKam9lQGJhbmFuYTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA vDYFgMgxi5W488d9J7UpCInl0NXmZQpJDEHE4hvkaRlH7pnC71H0DLt0/3zATRP1 JzY2+eqBmbGl4/sgZKYv8UrLnNyQNUTsNx1iZAfPUflf5FwgVsai8BM0pUciq1NB xD429VFcrGZNucvFLh72RuRFIKH8WUpiK/iZNFkWhZ0CAwEAAaN3MHUwDgYDVR0P AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB Af8EAjAAMBkGA1UdDgQSBBCVgnFBCWgL/iwCqnGrhTPQMBsGA1UdIwQUMBKAEKey Um2o4k2WiEVA0ldQvNYwDQYJKoZIhvcNAQELBQADgYEAYK986R4E3L1v+Q6esBtW JrUwA9UmJRSQr0N5w3o9XzarU37/bkjOP0Fw0k/A6Vv1n3vlciYfBFaBIam1qRHr 5dMsYf4CZS6w50r7hyzqyrwDoyNxkLnd2PdcHT/sym1QmflsjEs7pejtnohO6N2H wQW6M0H7Zt8claGRla4fKkg= -----END CERTIFICATE-----" } }, "type": "object" }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaClientCertificateResponse": { "description": "Contains client certificate information", "properties": { "encryptedPrivateKey": { "type": "string", "description": "The ssl certificate encoded in PEM format. This string must include the begin header and end footer lines. For example, -----BEGIN CERTIFICATE----- MIICTTCCAbagAwIBAgIJAPT0tSKNxan/MA0GCSqGSIb3DQEBCwUAMCoxFzAVBgNV BAoTDkdvb2dsZSBURVNUSU5HMQ8wDQYDVQQDEwZ0ZXN0Q0EwHhcNMTUwMTAxMDAw MDAwWhcNMjUwMTAxMDAwMDAwWjAuMRcwFQYDVQQKEw5Hb29nbGUgVEVTVElORzET MBEGA1UEAwwKam9lQGJhbmFuYTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA vDYFgMgxi5W488d9J7UpCInl0NXmZQpJDEHE4hvkaRlH7pnC71H0DLt0/3zATRP1 JzY2+eqBmbGl4/sgZKYv8UrLnNyQNUTsNx1iZAfPUflf5FwgVsai8BM0pUciq1NB xD429VFcrGZNucvFLh72RuRFIKH8WUpiK/iZNFkWhZ0CAwEAAaN3MHUwDgYDVR0P AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB Af8EAjAAMBkGA1UdDgQSBBCVgnFBCWgL/iwCqnGrhTPQMBsGA1UdIwQUMBKAEKey Um2o4k2WiEVA0ldQvNYwDQYJKoZIhvcNAQELBQADgYEAYK986R4E3L1v+Q6esBtW JrUwA9UmJRSQr0N5w3o9XzarU37/bkjOP0Fw0k/A6Vv1n3vlciYfBFaBIam1qRHr 5dMsYf4CZS6w50r7hyzqyrwDoyNxkLnd2PdcHT/sym1QmflsjEs7pejtnohO6N2H wQW6M0H7Zt8claGRla4fKkg= -----END CERTIFICATE-----" }, "passphrase": { "type": "string", "description": "'passphrase' should be left unset if private key is not encrypted. Note that 'passphrase' is not the password for web server, but an extra layer of security to protected private key." }, "sslCertificate": { "type": "string", "description": "The ssl certificate encoded in PEM format. This string must include the begin header and end footer lines. For example, -----BEGIN CERTIFICATE----- MIICTTCCAbagAwIBAgIJAPT0tSKNxan/MA0GCSqGSIb3DQEBCwUAMCoxFzAVBgNV BAoTDkdvb2dsZSBURVNUSU5HMQ8wDQYDVQQDEwZ0ZXN0Q0EwHhcNMTUwMTAxMDAw MDAwWhcNMjUwMTAxMDAwMDAwWjAuMRcwFQYDVQQKEw5Hb29nbGUgVEVTVElORzET MBEGA1UEAwwKam9lQGJhbmFuYTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA vDYFgMgxi5W488d9J7UpCInl0NXmZQpJDEHE4hvkaRlH7pnC71H0DLt0/3zATRP1 JzY2+eqBmbGl4/sgZKYv8UrLnNyQNUTsNx1iZAfPUflf5FwgVsai8BM0pUciq1NB xD429VFcrGZNucvFLh72RuRFIKH8WUpiK/iZNFkWhZ0CAwEAAaN3MHUwDgYDVR0P AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB Af8EAjAAMBkGA1UdDgQSBBCVgnFBCWgL/iwCqnGrhTPQMBsGA1UdIwQUMBKAEKey Um2o4k2WiEVA0ldQvNYwDQYJKoZIhvcNAQELBQADgYEAYK986R4E3L1v+Q6esBtW JrUwA9UmJRSQr0N5w3o9XzarU37/bkjOP0Fw0k/A6Vv1n3vlciYfBFaBIam1qRHr 5dMsYf4CZS6w50r7hyzqyrwDoyNxkLnd2PdcHT/sym1QmflsjEs7pejtnohO6N2H wQW6M0H7Zt8claGRla4fKkg= -----END CERTIFICATE-----" } }, "type": "object", "required": [ "encryptedPrivateKey", "passphrase", "sslCertificate" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaCloudLoggingDetails": { "description": "Cloud Logging details for execution info", "properties": { "cloudLoggingSeverity": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaCloudLoggingDetailsCloudLoggingSeverity", "description": "Optional. Severity selected by the customer for the logs to be sent to Cloud Logging, for the integration version getting executed." }, "enableCloudLogging": { "type": "boolean", "description": "Optional. Status of whether Cloud Logging is enabled or not for the integration version getting executed." } }, "type": "object" }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaCloudLoggingDetailsCloudLoggingSeverity": { "description": "Optional. Severity selected by the customer for the logs to be sent to Cloud Logging, for the integration version getting executed.", "type": "string", "enum": [ { "name": "CloudLoggingSeverityUnspecified", "description": "Unspecified", "value": "CLOUD_LOGGING_SEVERITY_UNSPECIFIED" }, { "name": "Default", "description": "If Severity selected is `DEFAULT`, then all the Integration Execution States will be sent to Cloud Logging.", "value": "DEFAULT" }, { "name": "Info", "description": "If Severity selected is `INFO`, then only the following Integration Execution States (`IN_PROCESS`, `ON_HOLD`, `SUCCEEDED` and `SUSPENDED`) will be sent to Cloud Logging.", "value": "INFO" }, { "name": "Error", "description": "If Severity selected is `ERROR`, then only the following Integration Execution States (`ERROR`, `CANCELLED`) will be sent to Cloud Logging.", "value": "ERROR" }, { "name": "Warning", "description": "If Severity selected is `WARNING`, then only the following Integration Execution States (`RETRY_ON_HOLD`) will be sent to Cloud Logging.", "value": "WARNING" } ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaCloudLoggingDetailsResponse": { "description": "Cloud Logging details for execution info", "properties": { "cloudLoggingSeverity": { "type": "string", "description": "Optional. Severity selected by the customer for the logs to be sent to Cloud Logging, for the integration version getting executed." }, "enableCloudLogging": { "type": "boolean", "description": "Optional. Status of whether Cloud Logging is enabled or not for the integration version getting executed." } }, "type": "object", "required": [ "cloudLoggingSeverity", "enableCloudLogging" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaCloudSchedulerConfig": { "description": "Cloud Scheduler Trigger configuration", "properties": { "cronTab": { "type": "string", "description": "The cron tab of cloud scheduler trigger." }, "errorMessage": { "type": "string", "description": "Optional. When the job was deleted from Pantheon UI, error_message will be populated when Get/List integrations" }, "location": { "type": "string", "description": "The location where associated cloud scheduler job will be created" }, "serviceAccountEmail": { "type": "string", "description": "Service account used by Cloud Scheduler to trigger the integration at scheduled time" } }, "type": "object", "required": [ "cronTab", "location", "serviceAccountEmail" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaCloudSchedulerConfigResponse": { "description": "Cloud Scheduler Trigger configuration", "properties": { "cronTab": { "type": "string", "description": "The cron tab of cloud scheduler trigger." }, "errorMessage": { "type": "string", "description": "Optional. When the job was deleted from Pantheon UI, error_message will be populated when Get/List integrations" }, "location": { "type": "string", "description": "The location where associated cloud scheduler job will be created" }, "serviceAccountEmail": { "type": "string", "description": "Service account used by Cloud Scheduler to trigger the integration at scheduled time" } }, "type": "object", "required": [ "cronTab", "errorMessage", "location", "serviceAccountEmail" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaCoordinate": { "description": "Configuration detail of coordinate, it used for UI", "properties": { "x": { "type": "integer", "description": "X axis of the coordinate" }, "y": { "type": "integer", "description": "Y axis of the coordinate" } }, "type": "object", "required": [ "x", "y" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaCoordinateResponse": { "description": "Configuration detail of coordinate, it used for UI", "properties": { "x": { "type": "integer", "description": "X axis of the coordinate" }, "y": { "type": "integer", "description": "Y axis of the coordinate" } }, "type": "object", "required": [ "x", "y" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaCredential": { "description": "Defines parameters for a single, canonical credential.", "properties": { "authToken": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaAuthToken", "description": "Auth token credential" }, "credentialType": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaCredentialCredentialType", "description": "Credential type associated with auth config." }, "jwt": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaJwt", "description": "JWT credential" }, "oauth2AuthorizationCode": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaOAuth2AuthorizationCode", "description": "The api_key and oauth2_implicit are not covered in v1 and will be picked up once v1 is implemented. ApiKey api_key = 3; OAuth2 authorization code credential" }, "oauth2ClientCredentials": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaOAuth2ClientCredentials", "description": "OAuth2Implicit oauth2_implicit = 5; OAuth2 client credentials" }, "oauth2ResourceOwnerCredentials": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaOAuth2ResourceOwnerCredentials", "description": "OAuth2 resource owner credentials" }, "oidcToken": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaOidcToken", "description": "Google OIDC ID Token" }, "serviceAccountCredentials": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaServiceAccountCredentials", "description": "Service account credential" }, "usernameAndPassword": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaUsernameAndPassword", "description": "Username and password credential" } }, "type": "object" }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaCredentialCredentialType": { "description": "Credential type associated with auth config.", "type": "string", "enum": [ { "name": "CredentialTypeUnspecified", "description": "Unspecified credential type", "value": "CREDENTIAL_TYPE_UNSPECIFIED" }, { "name": "UsernameAndPassword", "description": "Regular username/password pair.", "value": "USERNAME_AND_PASSWORD" }, { "name": "ApiKey", "description": "API key.", "value": "API_KEY" }, { "name": "Oauth2AuthorizationCode", "description": "OAuth 2.0 Authorization Code Grant Type.", "value": "OAUTH2_AUTHORIZATION_CODE" }, { "name": "Oauth2Implicit", "description": "OAuth 2.0 Implicit Grant Type.", "value": "OAUTH2_IMPLICIT" }, { "name": "Oauth2ClientCredentials", "description": "OAuth 2.0 Client Credentials Grant Type.", "value": "OAUTH2_CLIENT_CREDENTIALS" }, { "name": "Oauth2ResourceOwnerCredentials", "description": "OAuth 2.0 Resource Owner Credentials Grant Type.", "value": "OAUTH2_RESOURCE_OWNER_CREDENTIALS" }, { "name": "Jwt", "description": "JWT Token.", "value": "JWT" }, { "name": "AuthToken", "description": "Auth Token, e.g. bearer token.", "value": "AUTH_TOKEN" }, { "name": "ServiceAccount", "description": "Service Account which can be used to generate token for authentication.", "value": "SERVICE_ACCOUNT" }, { "name": "ClientCertificateOnly", "description": "Client Certificate only.", "value": "CLIENT_CERTIFICATE_ONLY" }, { "name": "OidcToken", "description": "Google OIDC ID Token", "value": "OIDC_TOKEN" } ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaCredentialResponse": { "description": "Defines parameters for a single, canonical credential.", "properties": { "authToken": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaAuthTokenResponse", "description": "Auth token credential" }, "credentialType": { "type": "string", "description": "Credential type associated with auth config." }, "jwt": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaJwtResponse", "description": "JWT credential" }, "oauth2AuthorizationCode": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaOAuth2AuthorizationCodeResponse", "description": "The api_key and oauth2_implicit are not covered in v1 and will be picked up once v1 is implemented. ApiKey api_key = 3; OAuth2 authorization code credential" }, "oauth2ClientCredentials": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaOAuth2ClientCredentialsResponse", "description": "OAuth2Implicit oauth2_implicit = 5; OAuth2 client credentials" }, "oauth2ResourceOwnerCredentials": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaOAuth2ResourceOwnerCredentialsResponse", "description": "OAuth2 resource owner credentials" }, "oidcToken": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaOidcTokenResponse", "description": "Google OIDC ID Token" }, "serviceAccountCredentials": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaServiceAccountCredentialsResponse", "description": "Service account credential" }, "usernameAndPassword": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaUsernameAndPasswordResponse", "description": "Username and password credential" } }, "type": "object", "required": [ "authToken", "credentialType", "jwt", "oauth2AuthorizationCode", "oauth2ClientCredentials", "oauth2ResourceOwnerCredentials", "oidcToken", "serviceAccountCredentials", "usernameAndPassword" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaDoubleParameterArray": { "description": "This message only contains a field of double number array.", "properties": { "doubleValues": { "type": "array", "items": { "type": "number" }, "description": "Double number array." } }, "type": "object" }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaDoubleParameterArrayResponse": { "description": "This message only contains a field of double number array.", "properties": { "doubleValues": { "type": "array", "items": { "type": "number" }, "description": "Double number array." } }, "type": "object", "required": [ "doubleValues" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaErrorCatcherConfig": { "description": "Configuration detail of a error catch task", "properties": { "description": { "type": "string", "description": "Optional. User-provided description intended to give more business context about the error catcher config." }, "errorCatcherId": { "type": "string", "description": "An error catcher id is string representation for the error catcher config. Within a workflow, error_catcher_id uniquely identifies an error catcher config among all error catcher configs for the workflow" }, "errorCatcherNumber": { "type": "string", "description": "A number to uniquely identify each error catcher config within the workflow on UI." }, "label": { "type": "string", "description": "Optional. The user created label for a particular error catcher. Optional." }, "position": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaCoordinate", "description": "Optional. Informs the front-end application where to draw this error catcher config on the UI." }, "startErrorTasks": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaNextTask" }, "description": "The set of start tasks that are to be executed for the error catch flow" } }, "type": "object", "required": [ "errorCatcherId", "errorCatcherNumber", "startErrorTasks" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaErrorCatcherConfigResponse": { "description": "Configuration detail of a error catch task", "properties": { "description": { "type": "string", "description": "Optional. User-provided description intended to give more business context about the error catcher config." }, "errorCatcherId": { "type": "string", "description": "An error catcher id is string representation for the error catcher config. Within a workflow, error_catcher_id uniquely identifies an error catcher config among all error catcher configs for the workflow" }, "errorCatcherNumber": { "type": "string", "description": "A number to uniquely identify each error catcher config within the workflow on UI." }, "label": { "type": "string", "description": "Optional. The user created label for a particular error catcher. Optional." }, "position": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaCoordinateResponse", "description": "Optional. Informs the front-end application where to draw this error catcher config on the UI." }, "startErrorTasks": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaNextTaskResponse" }, "description": "The set of start tasks that are to be executed for the error catch flow" } }, "type": "object", "required": [ "description", "errorCatcherId", "errorCatcherNumber", "label", "position", "startErrorTasks" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaEventParameter": { "description": "This message is used for processing and persisting (when applicable) key value pair parameters for each event in the event bus.", "properties": { "key": { "type": "string", "description": "Key is used to retrieve the corresponding parameter value. This should be unique for a given fired event. These parameters must be predefined in the integration definition." }, "value": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaValueType", "description": "Values for the defined keys. Each value can either be string, int, double or any proto message." } }, "type": "object" }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaEventParameterResponse": { "description": "This message is used for processing and persisting (when applicable) key value pair parameters for each event in the event bus.", "properties": { "key": { "type": "string", "description": "Key is used to retrieve the corresponding parameter value. This should be unique for a given fired event. These parameters must be predefined in the integration definition." }, "value": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaValueTypeResponse", "description": "Values for the defined keys. Each value can either be string, int, double or any proto message." } }, "type": "object", "required": [ "key", "value" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaFailurePolicy": { "description": "Policy that defines the task retry logic and failure type. If no FailurePolicy is defined for a task, all its dependent tasks will not be executed (i.e, a `retry_strategy` of NONE will be applied).", "properties": { "intervalTime": { "type": "string", "description": "Required if retry_strategy is FIXED_INTERVAL or LINEAR/EXPONENTIAL_BACKOFF/RESTART_INTEGRATION_WITH_BACKOFF. Defines the initial interval in seconds for backoff." }, "maxRetries": { "type": "integer", "description": "Required if retry_strategy is FIXED_INTERVAL or LINEAR/EXPONENTIAL_BACKOFF/RESTART_INTEGRATION_WITH_BACKOFF. Defines the number of times the task will be retried if failed." }, "retryStrategy": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaFailurePolicyRetryStrategy", "description": "Defines what happens to the task upon failure." } }, "type": "object" }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaFailurePolicyResponse": { "description": "Policy that defines the task retry logic and failure type. If no FailurePolicy is defined for a task, all its dependent tasks will not be executed (i.e, a `retry_strategy` of NONE will be applied).", "properties": { "intervalTime": { "type": "string", "description": "Required if retry_strategy is FIXED_INTERVAL or LINEAR/EXPONENTIAL_BACKOFF/RESTART_INTEGRATION_WITH_BACKOFF. Defines the initial interval in seconds for backoff." }, "maxRetries": { "type": "integer", "description": "Required if retry_strategy is FIXED_INTERVAL or LINEAR/EXPONENTIAL_BACKOFF/RESTART_INTEGRATION_WITH_BACKOFF. Defines the number of times the task will be retried if failed." }, "retryStrategy": { "type": "string", "description": "Defines what happens to the task upon failure." } }, "type": "object", "required": [ "intervalTime", "maxRetries", "retryStrategy" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaFailurePolicyRetryStrategy": { "description": "Defines what happens to the task upon failure.", "type": "string", "enum": [ { "name": "RetryStrategyUnspecified", "description": "UNSPECIFIED.", "value": "RETRY_STRATEGY_UNSPECIFIED" }, { "name": "Ignore", "description": "Ignores the failure of this task. The rest of the integration will be executed Assuming this task succeeded.", "value": "IGNORE" }, { "name": "None", "description": "Causes a permanent failure of the task. However, if the last task(s) of event was successfully completed despite the failure of this task, it has no impact on the integration.", "value": "NONE" }, { "name": "Fatal", "description": "Causes a permanent failure of the event. It is different from NONE because this will mark the event as FAILED by shutting down the event execution.", "value": "FATAL" }, { "name": "FixedInterval", "description": "The task will be retried from the failed task onwards after a fixed delay. A max-retry count is required to be specified with this strategy. A jitter is added to each exponential interval so that concurrently failing tasks of the same type do not end up retrying after the exact same exponential interval. max_retries and interval_in_seconds must be specified.", "value": "FIXED_INTERVAL" }, { "name": "LinearBackoff", "description": "The task will be retried from the failed task onwards after a fixed delay that linearly increases with each retry attempt. A jitter is added to each exponential interval so that concurrently failing tasks of the same type do not end up retrying after the exact same exponential interval. A max-retry count is required to be specified with this strategy. max_retries and interval_in_seconds must be specified.", "value": "LINEAR_BACKOFF" }, { "name": "ExponentialBackoff", "description": "The task will be retried after an exponentially increasing period of time with each failure. A jitter is added to each exponential interval so that concurrently failing tasks of the same type do not end up retrying after the exact same exponential interval. A max-retry count is required to be specified with this strategy. `max_retries` and `interval_in_seconds` must be specified.", "value": "EXPONENTIAL_BACKOFF" }, { "name": "RestartIntegrationWithBackoff", "description": "The entire integration will be restarted with the initial parameters that were set when the event was fired. A max-retry count is required to be specified with this strategy. `max_retries` and `interval_in_seconds` must be specified.", "value": "RESTART_INTEGRATION_WITH_BACKOFF" } ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaIntParameterArray": { "description": "This message only contains a field of integer array.", "properties": { "intValues": { "type": "array", "items": { "type": "string" }, "description": "Integer array." } }, "type": "object" }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaIntParameterArrayResponse": { "description": "This message only contains a field of integer array.", "properties": { "intValues": { "type": "array", "items": { "type": "string" }, "description": "Integer array." } }, "type": "object", "required": [ "intValues" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaIntegrationAlertConfig": { "description": "Message to be used to configure custom alerting in the {@code EventConfig} protos for an event.", "properties": { "aggregationPeriod": { "type": "string", "description": "The period over which the metric value should be aggregated and evaluated. Format is , where integer should be a positive integer and unit should be one of (s,m,h,d,w) meaning (second, minute, hour, day, week). For an EXPECTED_MIN threshold, this aggregation_period must be lesser than 24 hours." }, "alertThreshold": { "type": "integer", "description": "For how many contiguous aggregation periods should the expected min or max be violated for the alert to be fired." }, "disableAlert": { "type": "boolean", "description": "Set to false by default. When set to true, the metrics are not aggregated or pushed to Monarch for this integration alert." }, "displayName": { "type": "string", "description": "Name of the alert. This will be displayed in the alert subject. If set, this name should be unique within the scope of the integration." }, "durationThreshold": { "type": "string", "description": "Should be specified only for *AVERAGE_DURATION and *PERCENTILE_DURATION metrics. This member should be used to specify what duration value the metrics should exceed for the alert to trigger." }, "metricType": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaIntegrationAlertConfigMetricType", "description": "The type of metric." }, "onlyFinalAttempt": { "type": "boolean", "description": "For either events or tasks, depending on the type of alert, count only final attempts, not retries." }, "thresholdType": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaIntegrationAlertConfigThresholdType", "description": "The threshold type, whether lower(expected_min) or upper(expected_max), for which this alert is being configured. If value falls below expected_min or exceeds expected_max, an alert will be fired." }, "thresholdValue": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaIntegrationAlertConfigThresholdValue", "description": "The metric value, above or below which the alert should be triggered." } }, "type": "object" }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaIntegrationAlertConfigMetricType": { "description": "The type of metric.", "type": "string", "enum": [ { "name": "MetricTypeUnspecified", "description": "The default value. Metric type should always be set to one of the other non-default values, otherwise it will result in an INVALID_ARGUMENT error.", "value": "METRIC_TYPE_UNSPECIFIED" }, { "name": "EventErrorRate", "description": "Specifies alerting on the rate of errors for the enclosing integration.", "value": "EVENT_ERROR_RATE" }, { "name": "EventWarningRate", "description": "Specifies alerting on the rate of warnings for the enclosing integration. Warnings use the same enum values as errors.", "value": "EVENT_WARNING_RATE" }, { "name": "TaskErrorRate", "description": "Specifies alerting on the rate of errors for any task in the enclosing integration.", "value": "TASK_ERROR_RATE" }, { "name": "TaskWarningRate", "description": "Specifies alerting on the rate of warnings for any task in the enclosing integration.", "value": "TASK_WARNING_RATE" }, { "name": "TaskRate", "description": "Specifies alerting on the rate of executions over all tasks in the enclosing integration.", "value": "TASK_RATE" }, { "name": "EventRate", "description": "Specifies alerting on the number of events executed in the given aggregation_period.", "value": "EVENT_RATE" }, { "name": "EventAverageDuration", "description": "Specifies alerting on the average duration of executions for this integration.", "value": "EVENT_AVERAGE_DURATION" }, { "name": "EventPercentileDuration", "description": "Specifies alerting on the duration value of a particular percentile of integration executions. E.g. If 10% or more of the integration executions have durations above 5 seconds, alert.", "value": "EVENT_PERCENTILE_DURATION" }, { "name": "TaskAverageDuration", "description": "Specifies alerting on the average duration of any task in the enclosing integration,", "value": "TASK_AVERAGE_DURATION" }, { "name": "TaskPercentileDuration", "description": "Specifies alerting on the duration value of a particular percentile of any task executions within the enclosing integration. E.g. If 10% or more of the task executions in the integration have durations above 5 seconds, alert.", "value": "TASK_PERCENTILE_DURATION" } ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaIntegrationAlertConfigResponse": { "description": "Message to be used to configure custom alerting in the {@code EventConfig} protos for an event.", "properties": { "aggregationPeriod": { "type": "string", "description": "The period over which the metric value should be aggregated and evaluated. Format is , where integer should be a positive integer and unit should be one of (s,m,h,d,w) meaning (second, minute, hour, day, week). For an EXPECTED_MIN threshold, this aggregation_period must be lesser than 24 hours." }, "alertThreshold": { "type": "integer", "description": "For how many contiguous aggregation periods should the expected min or max be violated for the alert to be fired." }, "disableAlert": { "type": "boolean", "description": "Set to false by default. When set to true, the metrics are not aggregated or pushed to Monarch for this integration alert." }, "displayName": { "type": "string", "description": "Name of the alert. This will be displayed in the alert subject. If set, this name should be unique within the scope of the integration." }, "durationThreshold": { "type": "string", "description": "Should be specified only for *AVERAGE_DURATION and *PERCENTILE_DURATION metrics. This member should be used to specify what duration value the metrics should exceed for the alert to trigger." }, "metricType": { "type": "string", "description": "The type of metric." }, "onlyFinalAttempt": { "type": "boolean", "description": "For either events or tasks, depending on the type of alert, count only final attempts, not retries." }, "thresholdType": { "type": "string", "description": "The threshold type, whether lower(expected_min) or upper(expected_max), for which this alert is being configured. If value falls below expected_min or exceeds expected_max, an alert will be fired." }, "thresholdValue": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaIntegrationAlertConfigThresholdValueResponse", "description": "The metric value, above or below which the alert should be triggered." } }, "type": "object", "required": [ "aggregationPeriod", "alertThreshold", "disableAlert", "displayName", "durationThreshold", "metricType", "onlyFinalAttempt", "thresholdType", "thresholdValue" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaIntegrationAlertConfigThresholdType": { "description": "The threshold type, whether lower(expected_min) or upper(expected_max), for which this alert is being configured. If value falls below expected_min or exceeds expected_max, an alert will be fired.", "type": "string", "enum": [ { "name": "ThresholdTypeUnspecified", "description": "Default.", "value": "THRESHOLD_TYPE_UNSPECIFIED" }, { "name": "ExpectedMin", "description": "Note that this field will only trigger alerts if the integration specifying it runs at least once in 24 hours (which is our in-memory retention period for monarch streams). Also note that `aggregation_period` for this alert configuration must be less than 24 hours. Min value threshold.", "value": "EXPECTED_MIN" }, { "name": "ExpectedMax", "description": "Max value threshold.", "value": "EXPECTED_MAX" } ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaIntegrationAlertConfigThresholdValue": { "description": "The threshold value of the metric, above or below which the alert should be triggered. See EventAlertConfig or TaskAlertConfig for the different alert metric types in each case. For the *RATE metrics, one or both of these fields may be set. Zero is the default value and can be left at that. For *PERCENTILE_DURATION metrics, one or both of these fields may be set, and also, the duration threshold value should be specified in the threshold_duration_ms member below. For *AVERAGE_DURATION metrics, these fields should not be set at all. A different member, threshold_duration_ms, must be set in the EventAlertConfig or the TaskAlertConfig.", "properties": { "absolute": { "type": "string", "description": "Absolute value threshold." }, "percentage": { "type": "integer", "description": "Percentage threshold." } }, "type": "object" }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaIntegrationAlertConfigThresholdValueResponse": { "description": "The threshold value of the metric, above or below which the alert should be triggered. See EventAlertConfig or TaskAlertConfig for the different alert metric types in each case. For the *RATE metrics, one or both of these fields may be set. Zero is the default value and can be left at that. For *PERCENTILE_DURATION metrics, one or both of these fields may be set, and also, the duration threshold value should be specified in the threshold_duration_ms member below. For *AVERAGE_DURATION metrics, these fields should not be set at all. A different member, threshold_duration_ms, must be set in the EventAlertConfig or the TaskAlertConfig.", "properties": { "absolute": { "type": "string", "description": "Absolute value threshold." }, "percentage": { "type": "integer", "description": "Percentage threshold." } }, "type": "object", "required": [ "absolute", "percentage" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaIntegrationParameter": { "description": "Integration Parameter is defined in the integration config and are used to provide information about data types of the expected parameters and provide any default values if needed. They can also be used to add custom attributes. These are static in nature and should not be used for dynamic event definition.", "properties": { "dataType": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaIntegrationParameterDataType", "description": "Type of the parameter." }, "defaultValue": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaValueType", "description": "Default values for the defined keys. Each value can either be string, int, double or any proto message or a serialized object." }, "displayName": { "type": "string", "description": "The name (without prefix) to be displayed in the UI for this parameter. E.g. if the key is \"foo.bar.myName\", then the name would be \"myName\"." }, "inputOutputType": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaIntegrationParameterInputOutputType", "description": "Specifies the input/output type for the parameter." }, "isTransient": { "type": "boolean", "description": "Whether this parameter is a transient parameter." }, "jsonSchema": { "type": "string", "description": "This schema will be used to validate runtime JSON-typed values of this parameter." }, "key": { "type": "string", "description": "Key is used to retrieve the corresponding parameter value. This should be unique for a given fired event. These parameters must be predefined in the integration definition." }, "producer": { "type": "string", "description": "The identifier of the node (TaskConfig/TriggerConfig) this parameter was produced by, if it is a transient param or a copy of an input param." }, "searchable": { "type": "boolean", "description": "Searchable in the execution log or not." } }, "type": "object" }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaIntegrationParameterDataType": { "description": "Type of the parameter.", "type": "string", "enum": [ { "name": "IntegrationParameterDataTypeUnspecified", "description": "Unspecified.", "value": "INTEGRATION_PARAMETER_DATA_TYPE_UNSPECIFIED" }, { "name": "StringValue", "description": "String.", "value": "STRING_VALUE" }, { "name": "IntValue", "description": "Integer.", "value": "INT_VALUE" }, { "name": "DoubleValue", "description": "Double Number.", "value": "DOUBLE_VALUE" }, { "name": "BooleanValue", "description": "Boolean.", "value": "BOOLEAN_VALUE" }, { "name": "StringArray", "description": "String Array.", "value": "STRING_ARRAY" }, { "name": "IntArray", "description": "Integer Array.", "value": "INT_ARRAY" }, { "name": "DoubleArray", "description": "Double Number Array.", "value": "DOUBLE_ARRAY" }, { "name": "BooleanArray", "description": "Boolean Array.", "value": "BOOLEAN_ARRAY" }, { "name": "JsonValue", "description": "Json.", "value": "JSON_VALUE" }, { "name": "ProtoValue", "description": "Proto Value (Internal use only).", "value": "PROTO_VALUE" }, { "name": "ProtoArray", "description": "Proto Array (Internal use only).", "value": "PROTO_ARRAY" } ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaIntegrationParameterInputOutputType": { "description": "Specifies the input/output type for the parameter.", "type": "string", "enum": [ { "name": "InOutTypeUnspecified", "description": "Default.", "value": "IN_OUT_TYPE_UNSPECIFIED" }, { "name": "In", "description": "Input parameters for the integration. EventBus validates that these parameters exist in the integrations before execution.", "value": "IN" }, { "name": "Out", "description": "Output Parameters for the integration. EventBus will only return the integration parameters tagged with OUT in the response back.", "value": "OUT" }, { "name": "InOut", "description": "Input and Output Parameters. These can be used as both input and output. EventBus will validate for the existence of these parameters before execution and will also return this parameter back in the response.", "value": "IN_OUT" } ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaIntegrationParameterResponse": { "description": "Integration Parameter is defined in the integration config and are used to provide information about data types of the expected parameters and provide any default values if needed. They can also be used to add custom attributes. These are static in nature and should not be used for dynamic event definition.", "properties": { "dataType": { "type": "string", "description": "Type of the parameter." }, "defaultValue": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaValueTypeResponse", "description": "Default values for the defined keys. Each value can either be string, int, double or any proto message or a serialized object." }, "displayName": { "type": "string", "description": "The name (without prefix) to be displayed in the UI for this parameter. E.g. if the key is \"foo.bar.myName\", then the name would be \"myName\"." }, "inputOutputType": { "type": "string", "description": "Specifies the input/output type for the parameter." }, "isTransient": { "type": "boolean", "description": "Whether this parameter is a transient parameter." }, "jsonSchema": { "type": "string", "description": "This schema will be used to validate runtime JSON-typed values of this parameter." }, "key": { "type": "string", "description": "Key is used to retrieve the corresponding parameter value. This should be unique for a given fired event. These parameters must be predefined in the integration definition." }, "producer": { "type": "string", "description": "The identifier of the node (TaskConfig/TriggerConfig) this parameter was produced by, if it is a transient param or a copy of an input param." }, "searchable": { "type": "boolean", "description": "Searchable in the execution log or not." } }, "type": "object", "required": [ "dataType", "defaultValue", "displayName", "inputOutputType", "isTransient", "jsonSchema", "key", "producer", "searchable" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaJwt": { "description": "Represents JSON web token(JWT), which is a compact, URL-safe means of representing claims to be transferred between two parties, enabling the claims to be digitally signed or integrity protected.", "properties": { "jwt": { "type": "string", "description": "The token calculated by the header, payload and signature." }, "jwtHeader": { "type": "string", "description": "Identifies which algorithm is used to generate the signature." }, "jwtPayload": { "type": "string", "description": "Contains a set of claims. The JWT specification defines seven Registered Claim Names which are the standard fields commonly included in tokens. Custom claims are usually also included, depending on the purpose of the token." }, "secret": { "type": "string", "description": "User's pre-shared secret to sign the token." } }, "type": "object" }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaJwtResponse": { "description": "Represents JSON web token(JWT), which is a compact, URL-safe means of representing claims to be transferred between two parties, enabling the claims to be digitally signed or integrity protected.", "properties": { "jwt": { "type": "string", "description": "The token calculated by the header, payload and signature." }, "jwtHeader": { "type": "string", "description": "Identifies which algorithm is used to generate the signature." }, "jwtPayload": { "type": "string", "description": "Contains a set of claims. The JWT specification defines seven Registered Claim Names which are the standard fields commonly included in tokens. Custom claims are usually also included, depending on the purpose of the token." }, "secret": { "type": "string", "description": "User's pre-shared secret to sign the token." } }, "type": "object", "required": [ "jwt", "jwtHeader", "jwtPayload", "secret" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaMockConfig": { "description": "The configuration for mocking of a task during test execution Next available id: 4", "properties": { "failedExecutions": { "type": "string", "description": "Optional. Number of times the given task should fail for failure mock strategy" }, "mockStrategy": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaMockConfigMockStrategy", "description": "Mockstrategy defines how the particular task should be mocked during test execution" }, "parameters": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaEventParameter" }, "description": "Optional. List of key-value pairs for specific mock strategy" } }, "type": "object" }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaMockConfigMockStrategy": { "description": "Mockstrategy defines how the particular task should be mocked during test execution", "type": "string", "enum": [ { "name": "MockStrategyUnspecified", "description": "This should never be used to annotate a field", "value": "MOCK_STRATEGY_UNSPECIFIED" }, { "name": "NoMockStrategy", "description": "Execute actual task", "value": "NO_MOCK_STRATEGY" }, { "name": "SpecificMockStrategy", "description": "Don't execute actual task, instead use the values specified by user for output of the task", "value": "SPECIFIC_MOCK_STRATEGY" }, { "name": "FailureMockStrategy", "description": "Don't execute actual task, instead return task failure", "value": "FAILURE_MOCK_STRATEGY" }, { "name": "SkipMockStrategy", "description": "Don't execute actual task, instead mark it as successful", "value": "SKIP_MOCK_STRATEGY" } ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaMockConfigResponse": { "description": "The configuration for mocking of a task during test execution Next available id: 4", "properties": { "failedExecutions": { "type": "string", "description": "Optional. Number of times the given task should fail for failure mock strategy" }, "mockStrategy": { "type": "string", "description": "Mockstrategy defines how the particular task should be mocked during test execution" }, "parameters": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaEventParameterResponse" }, "description": "Optional. List of key-value pairs for specific mock strategy" } }, "type": "object", "required": [ "failedExecutions", "mockStrategy", "parameters" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaNextTask": { "description": "The task that is next in line to be executed, if the condition specified evaluated to true.", "properties": { "condition": { "type": "string", "description": "Standard filter expression for this task to become an eligible next task." }, "description": { "type": "string", "description": "User-provided description intended to give additional business context about the task." }, "displayName": { "type": "string", "description": "User-provided label that is attached to this edge in the UI." }, "taskConfigId": { "type": "string", "description": "ID of the next task." }, "taskId": { "type": "string", "description": "Task number of the next task." } }, "type": "object" }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaNextTaskResponse": { "description": "The task that is next in line to be executed, if the condition specified evaluated to true.", "properties": { "condition": { "type": "string", "description": "Standard filter expression for this task to become an eligible next task." }, "description": { "type": "string", "description": "User-provided description intended to give additional business context about the task." }, "displayName": { "type": "string", "description": "User-provided label that is attached to this edge in the UI." }, "taskConfigId": { "type": "string", "description": "ID of the next task." }, "taskId": { "type": "string", "description": "Task number of the next task." } }, "type": "object", "required": [ "condition", "description", "displayName", "taskConfigId", "taskId" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaOAuth2AuthorizationCode": { "description": "The OAuth Type where the client sends request with the client id and requested scopes to auth endpoint. User sees a consent screen and auth code is received at specified redirect url afterwards. The auth code is then combined with the client id and secret and sent to the token endpoint in exchange for the access and refresh token. The refresh token can be used to fetch new access tokens.", "properties": { "accessToken": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaAccessToken", "description": "The access token received from the token endpoint." }, "applyReauthPolicy": { "type": "boolean", "description": "Indicates if the user has opted in Google Reauth Policy. If opted in, the refresh token will be valid for 20 hours, after which time users must re-authenticate in order to obtain a new one." }, "authCode": { "type": "string", "description": "The Auth Code that is used to initially retrieve the access token." }, "authEndpoint": { "type": "string", "description": "The auth url endpoint to send the auth code request to." }, "authParams": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaParameterMap", "description": "The auth parameters sent along with the auth code request." }, "clientId": { "type": "string", "description": "The client's id." }, "clientSecret": { "type": "string", "description": "The client's secret." }, "requestType": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaOAuth2AuthorizationCodeRequestType", "description": "Represent how to pass parameters to fetch access token" }, "scope": { "type": "string", "description": "A space-delimited list of requested scope permissions." }, "tokenEndpoint": { "type": "string", "description": "The token url endpoint to send the token request to." }, "tokenParams": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaParameterMap", "description": "The token parameters sent along with the token request." } }, "type": "object" }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaOAuth2AuthorizationCodeRequestType": { "description": "Represent how to pass parameters to fetch access token", "type": "string", "enum": [ { "name": "RequestTypeUnspecified", "description": "Unspecified request type", "value": "REQUEST_TYPE_UNSPECIFIED" }, { "name": "RequestBody", "description": "To pass all the parameters in post body.", "value": "REQUEST_BODY" }, { "name": "QueryParameters", "description": "To pass all the parameters as a part of query parameter.", "value": "QUERY_PARAMETERS" }, { "name": "EncodedHeader", "description": "To pass client id and client secret as base 64 encoding of client_id:client_password and rest parameters in post body.", "value": "ENCODED_HEADER" } ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaOAuth2AuthorizationCodeResponse": { "description": "The OAuth Type where the client sends request with the client id and requested scopes to auth endpoint. User sees a consent screen and auth code is received at specified redirect url afterwards. The auth code is then combined with the client id and secret and sent to the token endpoint in exchange for the access and refresh token. The refresh token can be used to fetch new access tokens.", "properties": { "accessToken": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaAccessTokenResponse", "description": "The access token received from the token endpoint." }, "applyReauthPolicy": { "type": "boolean", "description": "Indicates if the user has opted in Google Reauth Policy. If opted in, the refresh token will be valid for 20 hours, after which time users must re-authenticate in order to obtain a new one." }, "authCode": { "type": "string", "description": "The Auth Code that is used to initially retrieve the access token." }, "authEndpoint": { "type": "string", "description": "The auth url endpoint to send the auth code request to." }, "authParams": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaParameterMapResponse", "description": "The auth parameters sent along with the auth code request." }, "clientId": { "type": "string", "description": "The client's id." }, "clientSecret": { "type": "string", "description": "The client's secret." }, "requestType": { "type": "string", "description": "Represent how to pass parameters to fetch access token" }, "scope": { "type": "string", "description": "A space-delimited list of requested scope permissions." }, "tokenEndpoint": { "type": "string", "description": "The token url endpoint to send the token request to." }, "tokenParams": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaParameterMapResponse", "description": "The token parameters sent along with the token request." } }, "type": "object", "required": [ "accessToken", "applyReauthPolicy", "authCode", "authEndpoint", "authParams", "clientId", "clientSecret", "requestType", "scope", "tokenEndpoint", "tokenParams" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaOAuth2ClientCredentials": { "description": "For client credentials grant, the client sends a POST request with grant_type as 'client_credentials' to the authorization server. The authorization server will respond with a JSON object containing the access token.", "properties": { "accessToken": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaAccessToken", "description": "Access token fetched from the authorization server." }, "clientId": { "type": "string", "description": "The client's ID." }, "clientSecret": { "type": "string", "description": "The client's secret." }, "requestType": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaOAuth2ClientCredentialsRequestType", "description": "Represent how to pass parameters to fetch access token" }, "scope": { "type": "string", "description": "A space-delimited list of requested scope permissions." }, "tokenEndpoint": { "type": "string", "description": "The token endpoint is used by the client to obtain an access token by presenting its authorization grant or refresh token." }, "tokenParams": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaParameterMap", "description": "Token parameters for the auth request." } }, "type": "object" }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaOAuth2ClientCredentialsRequestType": { "description": "Represent how to pass parameters to fetch access token", "type": "string", "enum": [ { "name": "RequestTypeUnspecified", "description": "Unspecified request type", "value": "REQUEST_TYPE_UNSPECIFIED" }, { "name": "RequestBody", "description": "To pass all the parameters in post body.", "value": "REQUEST_BODY" }, { "name": "QueryParameters", "description": "To pass all the parameters as a part of query parameter.", "value": "QUERY_PARAMETERS" }, { "name": "EncodedHeader", "description": "To pass client id and client secret as base 64 encoding of client_id:client_password and rest parameters in post body.", "value": "ENCODED_HEADER" } ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaOAuth2ClientCredentialsResponse": { "description": "For client credentials grant, the client sends a POST request with grant_type as 'client_credentials' to the authorization server. The authorization server will respond with a JSON object containing the access token.", "properties": { "accessToken": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaAccessTokenResponse", "description": "Access token fetched from the authorization server." }, "clientId": { "type": "string", "description": "The client's ID." }, "clientSecret": { "type": "string", "description": "The client's secret." }, "requestType": { "type": "string", "description": "Represent how to pass parameters to fetch access token" }, "scope": { "type": "string", "description": "A space-delimited list of requested scope permissions." }, "tokenEndpoint": { "type": "string", "description": "The token endpoint is used by the client to obtain an access token by presenting its authorization grant or refresh token." }, "tokenParams": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaParameterMapResponse", "description": "Token parameters for the auth request." } }, "type": "object", "required": [ "accessToken", "clientId", "clientSecret", "requestType", "scope", "tokenEndpoint", "tokenParams" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaOAuth2ResourceOwnerCredentials": { "description": "For resource owner credentials grant, the client will ask the user for their authorization credentials (ususally a username and password) and send a POST request to the authorization server. The authorization server will respond with a JSON object containing the access token.", "properties": { "accessToken": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaAccessToken", "description": "Access token fetched from the authorization server." }, "clientId": { "type": "string", "description": "The client's ID." }, "clientSecret": { "type": "string", "description": "The client's secret." }, "password": { "type": "string", "description": "The user's password." }, "requestType": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaOAuth2ResourceOwnerCredentialsRequestType", "description": "Represent how to pass parameters to fetch access token" }, "scope": { "type": "string", "description": "A space-delimited list of requested scope permissions." }, "tokenEndpoint": { "type": "string", "description": "The token endpoint is used by the client to obtain an access token by presenting its authorization grant or refresh token." }, "tokenParams": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaParameterMap", "description": "Token parameters for the auth request." }, "username": { "type": "string", "description": "The user's username." } }, "type": "object" }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaOAuth2ResourceOwnerCredentialsRequestType": { "description": "Represent how to pass parameters to fetch access token", "type": "string", "enum": [ { "name": "RequestTypeUnspecified", "description": "Unspecified request type", "value": "REQUEST_TYPE_UNSPECIFIED" }, { "name": "RequestBody", "description": "To pass all the parameters in post body.", "value": "REQUEST_BODY" }, { "name": "QueryParameters", "description": "To pass all the parameters as a part of query parameter.", "value": "QUERY_PARAMETERS" }, { "name": "EncodedHeader", "description": "To pass client id and client secret as base 64 encoding of client_id:client_password and rest parameters in post body.", "value": "ENCODED_HEADER" } ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaOAuth2ResourceOwnerCredentialsResponse": { "description": "For resource owner credentials grant, the client will ask the user for their authorization credentials (ususally a username and password) and send a POST request to the authorization server. The authorization server will respond with a JSON object containing the access token.", "properties": { "accessToken": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaAccessTokenResponse", "description": "Access token fetched from the authorization server." }, "clientId": { "type": "string", "description": "The client's ID." }, "clientSecret": { "type": "string", "description": "The client's secret." }, "password": { "type": "string", "description": "The user's password." }, "requestType": { "type": "string", "description": "Represent how to pass parameters to fetch access token" }, "scope": { "type": "string", "description": "A space-delimited list of requested scope permissions." }, "tokenEndpoint": { "type": "string", "description": "The token endpoint is used by the client to obtain an access token by presenting its authorization grant or refresh token." }, "tokenParams": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaParameterMapResponse", "description": "Token parameters for the auth request." }, "username": { "type": "string", "description": "The user's username." } }, "type": "object", "required": [ "accessToken", "clientId", "clientSecret", "password", "requestType", "scope", "tokenEndpoint", "tokenParams", "username" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaOidcToken": { "description": "OIDC Token", "properties": { "audience": { "type": "string", "description": "Audience to be used when generating OIDC token. The audience claim identifies the recipients that the JWT is intended for." }, "serviceAccountEmail": { "type": "string", "description": "The service account email to be used as the identity for the token." }, "token": { "type": "string", "description": "ID token obtained for the service account" }, "tokenExpireTime": { "type": "string", "description": "The approximate time until the token retrieved is valid." } }, "type": "object" }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaOidcTokenResponse": { "description": "OIDC Token", "properties": { "audience": { "type": "string", "description": "Audience to be used when generating OIDC token. The audience claim identifies the recipients that the JWT is intended for." }, "serviceAccountEmail": { "type": "string", "description": "The service account email to be used as the identity for the token." }, "token": { "type": "string", "description": "ID token obtained for the service account" }, "tokenExpireTime": { "type": "string", "description": "The approximate time until the token retrieved is valid." } }, "type": "object", "required": [ "audience", "serviceAccountEmail", "token", "tokenExpireTime" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaParameterMap": { "description": "A generic multi-map that holds key value pairs. They keys and values can be of any type, unless specified.", "properties": { "entries": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaParameterMapEntry" }, "description": "A list of parameter map entries." }, "keyType": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaParameterMapKeyType", "description": "Option to specify key type for all entries of the map. If provided then field types for all entries must conform to this." }, "valueType": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaParameterMapValueType", "description": "Option to specify value type for all entries of the map. If provided then field types for all entries must conform to this." } }, "type": "object" }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaParameterMapEntry": { "description": "Entry is a pair of key and value.", "properties": { "key": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaParameterMapField", "description": "Key of the map entry." }, "value": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaParameterMapField", "description": "Value of the map entry." } }, "type": "object" }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaParameterMapEntryResponse": { "description": "Entry is a pair of key and value.", "properties": { "key": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaParameterMapFieldResponse", "description": "Key of the map entry." }, "value": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaParameterMapFieldResponse", "description": "Value of the map entry." } }, "type": "object", "required": [ "key", "value" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaParameterMapField": { "description": "Field represents either the key or value in an entry.", "properties": { "literalValue": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaValueType", "description": "Passing a literal value." }, "referenceKey": { "type": "string", "description": "Referencing one of the Integration variables." } }, "type": "object" }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaParameterMapFieldResponse": { "description": "Field represents either the key or value in an entry.", "properties": { "literalValue": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaValueTypeResponse", "description": "Passing a literal value." }, "referenceKey": { "type": "string", "description": "Referencing one of the Integration variables." } }, "type": "object", "required": [ "literalValue", "referenceKey" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaParameterMapKeyType": { "description": "Option to specify key type for all entries of the map. If provided then field types for all entries must conform to this.", "type": "string", "enum": [ { "name": "IntegrationParameterDataTypeUnspecified", "description": "Unspecified.", "value": "INTEGRATION_PARAMETER_DATA_TYPE_UNSPECIFIED" }, { "name": "StringValue", "description": "String.", "value": "STRING_VALUE" }, { "name": "IntValue", "description": "Integer.", "value": "INT_VALUE" }, { "name": "DoubleValue", "description": "Double Number.", "value": "DOUBLE_VALUE" }, { "name": "BooleanValue", "description": "Boolean.", "value": "BOOLEAN_VALUE" }, { "name": "StringArray", "description": "String Array.", "value": "STRING_ARRAY" }, { "name": "IntArray", "description": "Integer Array.", "value": "INT_ARRAY" }, { "name": "DoubleArray", "description": "Double Number Array.", "value": "DOUBLE_ARRAY" }, { "name": "BooleanArray", "description": "Boolean Array.", "value": "BOOLEAN_ARRAY" }, { "name": "JsonValue", "description": "Json.", "value": "JSON_VALUE" }, { "name": "ProtoValue", "description": "Proto Value (Internal use only).", "value": "PROTO_VALUE" }, { "name": "ProtoArray", "description": "Proto Array (Internal use only).", "value": "PROTO_ARRAY" } ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaParameterMapResponse": { "description": "A generic multi-map that holds key value pairs. They keys and values can be of any type, unless specified.", "properties": { "entries": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaParameterMapEntryResponse" }, "description": "A list of parameter map entries." }, "keyType": { "type": "string", "description": "Option to specify key type for all entries of the map. If provided then field types for all entries must conform to this." }, "valueType": { "type": "string", "description": "Option to specify value type for all entries of the map. If provided then field types for all entries must conform to this." } }, "type": "object", "required": [ "entries", "keyType", "valueType" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaParameterMapValueType": { "description": "Option to specify value type for all entries of the map. If provided then field types for all entries must conform to this.", "type": "string", "enum": [ { "name": "IntegrationParameterDataTypeUnspecified", "description": "Unspecified.", "value": "INTEGRATION_PARAMETER_DATA_TYPE_UNSPECIFIED" }, { "name": "StringValue", "description": "String.", "value": "STRING_VALUE" }, { "name": "IntValue", "description": "Integer.", "value": "INT_VALUE" }, { "name": "DoubleValue", "description": "Double Number.", "value": "DOUBLE_VALUE" }, { "name": "BooleanValue", "description": "Boolean.", "value": "BOOLEAN_VALUE" }, { "name": "StringArray", "description": "String Array.", "value": "STRING_ARRAY" }, { "name": "IntArray", "description": "Integer Array.", "value": "INT_ARRAY" }, { "name": "DoubleArray", "description": "Double Number Array.", "value": "DOUBLE_ARRAY" }, { "name": "BooleanArray", "description": "Boolean Array.", "value": "BOOLEAN_ARRAY" }, { "name": "JsonValue", "description": "Json.", "value": "JSON_VALUE" }, { "name": "ProtoValue", "description": "Proto Value (Internal use only).", "value": "PROTO_VALUE" }, { "name": "ProtoArray", "description": "Proto Array (Internal use only).", "value": "PROTO_ARRAY" } ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaServiceAccountCredentials": { "description": "Represents the service account which can be used to generate access token for authenticating the service call.", "properties": { "scope": { "type": "string", "description": "A space-delimited list of requested scope permissions." }, "serviceAccount": { "type": "string", "description": "Name of the service account that has the permission to make the request." } }, "type": "object" }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaServiceAccountCredentialsResponse": { "description": "Represents the service account which can be used to generate access token for authenticating the service call.", "properties": { "scope": { "type": "string", "description": "A space-delimited list of requested scope permissions." }, "serviceAccount": { "type": "string", "description": "Name of the service account that has the permission to make the request." } }, "type": "object", "required": [ "scope", "serviceAccount" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaStringParameterArray": { "description": "This message only contains a field of string array.", "properties": { "stringValues": { "type": "array", "items": { "type": "string" }, "description": "String array." } }, "type": "object" }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaStringParameterArrayResponse": { "description": "This message only contains a field of string array.", "properties": { "stringValues": { "type": "array", "items": { "type": "string" }, "description": "String array." } }, "type": "object", "required": [ "stringValues" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaSuccessPolicy": { "description": "Policy that dictates the behavior for the task after it completes successfully.", "properties": { "finalState": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaSuccessPolicyFinalState", "description": "State to which the execution snapshot status will be set if the task succeeds." } }, "type": "object" }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaSuccessPolicyFinalState": { "description": "State to which the execution snapshot status will be set if the task succeeds.", "type": "string", "enum": [ { "name": "FinalStateUnspecified", "description": "UNSPECIFIED.", "value": "FINAL_STATE_UNSPECIFIED" }, { "name": "Succeeded", "description": "The default behavior, where successful tasks will be marked as SUCCEEDED.", "value": "SUCCEEDED" }, { "name": "Suspended", "description": "Sets the state to SUSPENDED after executing. This is required for SuspensionTask; event execution will continue once the user calls ResolveSuspensions with the event_execution_info_id and the task number.", "value": "SUSPENDED" } ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaSuccessPolicyResponse": { "description": "Policy that dictates the behavior for the task after it completes successfully.", "properties": { "finalState": { "type": "string", "description": "State to which the execution snapshot status will be set if the task succeeds." } }, "type": "object", "required": [ "finalState" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaTaskConfig": { "description": "The task configuration details. This is not the implementation of Task. There might be multiple TaskConfigs for the same Task.", "properties": { "description": { "type": "string", "description": "Optional. User-provided description intended to give additional business context about the task." }, "displayName": { "type": "string", "description": "Optional. User-provided label that is attached to this TaskConfig in the UI." }, "errorCatcherId": { "type": "string", "description": "Optional. Optional Error catcher id of the error catch flow which will be executed when execution error happens in the task" }, "externalTaskType": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaTaskConfigExternalTaskType", "description": "Optional. External task type of the task" }, "failurePolicy": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaFailurePolicy", "description": "Optional. Determines the number of times the task will be retried on failure and with what retry strategy. This is applicable for asynchronous calls to Eventbus alone (Post To Queue, Schedule etc.)." }, "jsonValidationOption": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaTaskConfigJsonValidationOption", "description": "Optional. If set, overrides the option configured in the Task implementation class." }, "nextTasks": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaNextTask" }, "description": "Optional. The set of tasks that are next in line to be executed as per the execution graph defined for the parent event, specified by `event_config_id`. Each of these next tasks are executed only if the condition associated with them evaluates to true." }, "nextTasksExecutionPolicy": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaTaskConfigNextTasksExecutionPolicy", "description": "Optional. The policy dictating the execution of the next set of tasks for the current task." }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. The customized parameters the user can pass to this task." }, "position": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaCoordinate", "description": "Optional. Informs the front-end application where to draw this error catcher config on the UI." }, "successPolicy": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaSuccessPolicy", "description": "Optional. Determines what action to take upon successful task completion." }, "synchronousCallFailurePolicy": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaFailurePolicy", "description": "Optional. Determines the number of times the task will be retried on failure and with what retry strategy. This is applicable for synchronous calls to Eventbus alone (Post)." }, "task": { "type": "string", "description": "Optional. The name for the task." }, "taskExecutionStrategy": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaTaskConfigTaskExecutionStrategy", "description": "Optional. The policy dictating the execution strategy of this task." }, "taskId": { "type": "string", "description": "The identifier of this task within its parent event config, specified by the client. This should be unique among all the tasks belong to the same event config. We use this field as the identifier to find next tasks (via field `next_tasks.task_id`)." }, "taskTemplate": { "type": "string", "description": "Optional. Used to define task-template name if task is of type task-template" } }, "type": "object", "required": [ "taskId" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaTaskConfigExternalTaskType": { "description": "Optional. External task type of the task", "type": "string", "enum": [ { "name": "ExternalTaskTypeUnspecified", "description": "Default value. External task type is not specified", "value": "EXTERNAL_TASK_TYPE_UNSPECIFIED" }, { "name": "NormalTask", "description": "Tasks belongs to the normal task flows", "value": "NORMAL_TASK" }, { "name": "ErrorTask", "description": "Task belongs to the error catch task flows", "value": "ERROR_TASK" } ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaTaskConfigJsonValidationOption": { "description": "Optional. If set, overrides the option configured in the Task implementation class.", "type": "string", "enum": [ { "name": "JsonValidationOptionUnspecified", "description": "As per the default behavior, no validation will be run. Will not override any option set in a Task.", "value": "JSON_VALIDATION_OPTION_UNSPECIFIED" }, { "name": "Skip", "description": "Do not run any validation against JSON schemas.", "value": "SKIP" }, { "name": "PreExecution", "description": "Validate all potential input JSON parameters against schemas specified in IntegrationParameter.", "value": "PRE_EXECUTION" }, { "name": "PostExecution", "description": "Validate all potential output JSON parameters against schemas specified in IntegrationParameter.", "value": "POST_EXECUTION" }, { "name": "PrePostExecution", "description": "Perform both PRE_EXECUTION and POST_EXECUTION validations.", "value": "PRE_POST_EXECUTION" } ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaTaskConfigNextTasksExecutionPolicy": { "description": "Optional. The policy dictating the execution of the next set of tasks for the current task.", "type": "string", "enum": [ { "name": "NextTasksExecutionPolicyUnspecified", "description": "Default.", "value": "NEXT_TASKS_EXECUTION_POLICY_UNSPECIFIED" }, { "name": "RunAllMatch", "description": "Execute all the tasks that satisfy their associated condition.", "value": "RUN_ALL_MATCH" }, { "name": "RunFirstMatch", "description": "Execute the first task that satisfies the associated condition.", "value": "RUN_FIRST_MATCH" } ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaTaskConfigResponse": { "description": "The task configuration details. This is not the implementation of Task. There might be multiple TaskConfigs for the same Task.", "properties": { "description": { "type": "string", "description": "Optional. User-provided description intended to give additional business context about the task." }, "displayName": { "type": "string", "description": "Optional. User-provided label that is attached to this TaskConfig in the UI." }, "errorCatcherId": { "type": "string", "description": "Optional. Optional Error catcher id of the error catch flow which will be executed when execution error happens in the task" }, "externalTaskType": { "type": "string", "description": "Optional. External task type of the task" }, "failurePolicy": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaFailurePolicyResponse", "description": "Optional. Determines the number of times the task will be retried on failure and with what retry strategy. This is applicable for asynchronous calls to Eventbus alone (Post To Queue, Schedule etc.)." }, "jsonValidationOption": { "type": "string", "description": "Optional. If set, overrides the option configured in the Task implementation class." }, "nextTasks": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaNextTaskResponse" }, "description": "Optional. The set of tasks that are next in line to be executed as per the execution graph defined for the parent event, specified by `event_config_id`. Each of these next tasks are executed only if the condition associated with them evaluates to true." }, "nextTasksExecutionPolicy": { "type": "string", "description": "Optional. The policy dictating the execution of the next set of tasks for the current task." }, "parameters": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. The customized parameters the user can pass to this task." }, "position": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaCoordinateResponse", "description": "Optional. Informs the front-end application where to draw this error catcher config on the UI." }, "successPolicy": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaSuccessPolicyResponse", "description": "Optional. Determines what action to take upon successful task completion." }, "synchronousCallFailurePolicy": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaFailurePolicyResponse", "description": "Optional. Determines the number of times the task will be retried on failure and with what retry strategy. This is applicable for synchronous calls to Eventbus alone (Post)." }, "task": { "type": "string", "description": "Optional. The name for the task." }, "taskExecutionStrategy": { "type": "string", "description": "Optional. The policy dictating the execution strategy of this task." }, "taskId": { "type": "string", "description": "The identifier of this task within its parent event config, specified by the client. This should be unique among all the tasks belong to the same event config. We use this field as the identifier to find next tasks (via field `next_tasks.task_id`)." }, "taskTemplate": { "type": "string", "description": "Optional. Used to define task-template name if task is of type task-template" } }, "type": "object", "required": [ "description", "displayName", "errorCatcherId", "externalTaskType", "failurePolicy", "jsonValidationOption", "nextTasks", "nextTasksExecutionPolicy", "parameters", "position", "successPolicy", "synchronousCallFailurePolicy", "task", "taskExecutionStrategy", "taskId", "taskTemplate" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaTaskConfigTaskExecutionStrategy": { "description": "Optional. The policy dictating the execution strategy of this task.", "type": "string", "enum": [ { "name": "TaskExecutionStrategyUnspecified", "description": "Default. If the strategy is not set explicitly, it will default to `WHEN_ALL_SUCCEED`.", "value": "TASK_EXECUTION_STRATEGY_UNSPECIFIED" }, { "name": "WhenAllSucceed", "description": "Wait until all of its previous tasks finished execution, then verify at least one of the edge conditions is met, and execute if possible. This should be considered as WHEN_ALL_TASKS_SUCCEED.", "value": "WHEN_ALL_SUCCEED" }, { "name": "WhenAnySucceed", "description": "Start execution as long as any of its previous tasks finished execution and the corresponding edge condition is met (since we will execute if only that succeeding edge condition is met).", "value": "WHEN_ANY_SUCCEED" }, { "name": "WhenAllTasksAndConditionsSucceed", "description": "Wait until all of its previous tasks finished execution, then verify the all edge conditions are met and execute if possible.", "value": "WHEN_ALL_TASKS_AND_CONDITIONS_SUCCEED" } ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaTestTaskConfig": { "description": "The task mock configuration details and assertions for functional tests. Next available id: 5", "properties": { "assertions": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaAssertion" }, "description": "Optional. List of conditions or expressions which should be evaluated to true unless there is a bug/problem in the integration. These are evaluated one the task execution is completed as per the mock strategy in test case" }, "mockConfig": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaMockConfig", "description": "Optional. Defines how to mock the given task during test execution" }, "task": { "type": "string", "description": "This defines in the test case, the task name in integration which will be mocked by this test task config" }, "taskNumber": { "type": "string", "description": "This defines in the test case, the task in integration which will be mocked by this test task config" } }, "type": "object", "required": [ "task", "taskNumber" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaTestTaskConfigResponse": { "description": "The task mock configuration details and assertions for functional tests. Next available id: 5", "properties": { "assertions": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaAssertionResponse" }, "description": "Optional. List of conditions or expressions which should be evaluated to true unless there is a bug/problem in the integration. These are evaluated one the task execution is completed as per the mock strategy in test case" }, "mockConfig": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaMockConfigResponse", "description": "Optional. Defines how to mock the given task during test execution" }, "task": { "type": "string", "description": "This defines in the test case, the task name in integration which will be mocked by this test task config" }, "taskNumber": { "type": "string", "description": "This defines in the test case, the task in integration which will be mocked by this test task config" } }, "type": "object", "required": [ "assertions", "mockConfig", "task", "taskNumber" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaTriggerConfig": { "description": "Configuration detail of a trigger.", "properties": { "alertConfig": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaIntegrationAlertConfig" }, "description": "Optional. An alert threshold configuration for the [trigger + client + integration] tuple. If these values are not specified in the trigger config, default values will be populated by the system. Note that there must be exactly one alert threshold configured per [client + trigger + integration] when published." }, "cloudSchedulerConfig": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaCloudSchedulerConfig", "description": "Optional. Cloud Scheduler Trigger related metadata" }, "description": { "type": "string", "description": "Optional. User-provided description intended to give additional business context about the task." }, "errorCatcherId": { "type": "string", "description": "Optional. Optional Error catcher id of the error catch flow which will be executed when execution error happens in the task" }, "label": { "type": "string", "description": "Optional. The user created label for a particular trigger." }, "nextTasksExecutionPolicy": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaTriggerConfigNextTasksExecutionPolicy", "description": "Optional. Dictates how next tasks will be executed." }, "position": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaCoordinate", "description": "Optional. Informs the front-end application where to draw this error catcher config on the UI." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Configurable properties of the trigger, not to be confused with integration parameters. E.g. \"name\" is a property for API triggers and \"subscription\" is a property for Pub/sub triggers." }, "startTasks": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaNextTask" }, "description": "Optional. Set of tasks numbers from where the integration execution is started by this trigger. If this is empty, then integration is executed with default start tasks. In the list of start tasks, none of two tasks can have direct ancestor-descendant relationships (i.e. in a same integration execution graph)." }, "trigger": { "type": "string", "description": "Optional. Name of the trigger. Example: \"API Trigger\", \"Cloud Pub Sub Trigger\" When set will be sent out to monitoring dashabord for tracking purpose." }, "triggerId": { "type": "string", "description": "Optional. The backend trigger ID." }, "triggerNumber": { "type": "string", "description": "A number to uniquely identify each trigger config within the integration on UI." }, "triggerType": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaTriggerConfigTriggerType", "description": "Optional. Type of trigger" } }, "type": "object", "required": [ "triggerNumber" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaTriggerConfigNextTasksExecutionPolicy": { "description": "Optional. Dictates how next tasks will be executed.", "type": "string", "enum": [ { "name": "NextTasksExecutionPolicyUnspecified", "description": "Default.", "value": "NEXT_TASKS_EXECUTION_POLICY_UNSPECIFIED" }, { "name": "RunAllMatch", "description": "Execute all the tasks that satisfy their associated condition.", "value": "RUN_ALL_MATCH" }, { "name": "RunFirstMatch", "description": "Execute the first task that satisfies the associated condition.", "value": "RUN_FIRST_MATCH" } ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaTriggerConfigResponse": { "description": "Configuration detail of a trigger.", "properties": { "alertConfig": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaIntegrationAlertConfigResponse" }, "description": "Optional. An alert threshold configuration for the [trigger + client + integration] tuple. If these values are not specified in the trigger config, default values will be populated by the system. Note that there must be exactly one alert threshold configured per [client + trigger + integration] when published." }, "cloudSchedulerConfig": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaCloudSchedulerConfigResponse", "description": "Optional. Cloud Scheduler Trigger related metadata" }, "description": { "type": "string", "description": "Optional. User-provided description intended to give additional business context about the task." }, "errorCatcherId": { "type": "string", "description": "Optional. Optional Error catcher id of the error catch flow which will be executed when execution error happens in the task" }, "label": { "type": "string", "description": "Optional. The user created label for a particular trigger." }, "nextTasksExecutionPolicy": { "type": "string", "description": "Optional. Dictates how next tasks will be executed." }, "position": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaCoordinateResponse", "description": "Optional. Informs the front-end application where to draw this error catcher config on the UI." }, "properties": { "type": "object", "additionalProperties": { "type": "string" }, "description": "Optional. Configurable properties of the trigger, not to be confused with integration parameters. E.g. \"name\" is a property for API triggers and \"subscription\" is a property for Pub/sub triggers." }, "startTasks": { "type": "array", "items": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaNextTaskResponse" }, "description": "Optional. Set of tasks numbers from where the integration execution is started by this trigger. If this is empty, then integration is executed with default start tasks. In the list of start tasks, none of two tasks can have direct ancestor-descendant relationships (i.e. in a same integration execution graph)." }, "trigger": { "type": "string", "description": "Optional. Name of the trigger. Example: \"API Trigger\", \"Cloud Pub Sub Trigger\" When set will be sent out to monitoring dashabord for tracking purpose." }, "triggerId": { "type": "string", "description": "Optional. The backend trigger ID." }, "triggerNumber": { "type": "string", "description": "A number to uniquely identify each trigger config within the integration on UI." }, "triggerType": { "type": "string", "description": "Optional. Type of trigger" } }, "type": "object", "required": [ "alertConfig", "cloudSchedulerConfig", "description", "errorCatcherId", "label", "nextTasksExecutionPolicy", "position", "properties", "startTasks", "trigger", "triggerId", "triggerNumber", "triggerType" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaTriggerConfigTriggerType": { "description": "Optional. Type of trigger", "type": "string", "enum": [ { "name": "TriggerTypeUnspecified", "description": "Unknown.", "value": "TRIGGER_TYPE_UNSPECIFIED" }, { "name": "Cron", "description": "Trigger by scheduled time.", "value": "CRON" }, { "name": "Api", "description": "Trigger by API call.", "value": "API" }, { "name": "SfdcChannel", "description": "Trigger by Salesforce Channel.", "value": "SFDC_CHANNEL" }, { "name": "CloudPubsubExternal", "description": "Trigger by Pub/Sub external.", "value": "CLOUD_PUBSUB_EXTERNAL" }, { "name": "SfdcCdcChannel", "description": "SFDC Channel Trigger for CDC.", "value": "SFDC_CDC_CHANNEL" }, { "name": "CloudScheduler", "description": "Trigger by Cloud Scheduler job.", "value": "CLOUD_SCHEDULER" }, { "name": "IntegrationConnectorTrigger", "description": "Trigger by Connector Event", "value": "INTEGRATION_CONNECTOR_TRIGGER" }, { "name": "PrivateTrigger", "description": "Trigger for private workflow", "value": "PRIVATE_TRIGGER" } ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaUsernameAndPassword": { "description": "Username and password pair.", "properties": { "password": { "type": "string", "description": "Password to be used" }, "username": { "type": "string", "description": "Username to be used" } }, "type": "object" }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaUsernameAndPasswordResponse": { "description": "Username and password pair.", "properties": { "password": { "type": "string", "description": "Password to be used" }, "username": { "type": "string", "description": "Username to be used" } }, "type": "object", "required": [ "password", "username" ] }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaValueType": { "description": "The type of the parameter.", "properties": { "booleanArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaBooleanParameterArray", "description": "Boolean Array." }, "booleanValue": { "type": "boolean", "description": "Boolean." }, "doubleArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaDoubleParameterArray", "description": "Double Number Array." }, "doubleValue": { "type": "number", "description": "Double Number." }, "intArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaIntParameterArray", "description": "Integer Array." }, "intValue": { "type": "string", "description": "Integer." }, "jsonValue": { "type": "string", "description": "Json." }, "stringArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaStringParameterArray", "description": "String Array." }, "stringValue": { "type": "string", "description": "String." } }, "type": "object" }, "google-native:integrations/v1alpha:GoogleCloudIntegrationsV1alphaValueTypeResponse": { "description": "The type of the parameter.", "properties": { "booleanArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaBooleanParameterArrayResponse", "description": "Boolean Array." }, "booleanValue": { "type": "boolean", "description": "Boolean." }, "doubleArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaDoubleParameterArrayResponse", "description": "Double Number Array." }, "doubleValue": { "type": "number", "description": "Double Number." }, "intArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaIntParameterArrayResponse", "description": "Integer Array." }, "intValue": { "type": "string", "description": "Integer." }, "jsonValue": { "type": "string", "description": "Json." }, "stringArray": { "$ref": "#/types/google-native:integrations%2Fv1alpha:GoogleCloudIntegrationsV1alphaStringParameterArrayResponse", "description": "String Array." }, "stringValue": { "type": "string", "description": "String." } }, "type": "object", "required": [ "booleanArray", "booleanValue", "doubleArray", "doubleValue", "intArray", "intValue", "jsonValue", "stringArray", "stringValue" ] }, "google-native:integrations/v1alpha:TemplatesVersionDatabasePersistencePolicy": { "description": "Optional. Flag to disable database persistence for execution data, including event execution info, execution export info, execution metadata index and execution param index.", "type": "string", "enum": [ { "name": "DatabasePersistencePolicyUnspecified", "description": "Enables persistence for all execution data.", "value": "DATABASE_PERSISTENCE_POLICY_UNSPECIFIED" }, { "name": "DatabasePersistenceDisabled", "description": "Disables persistence for all execution data.", "value": "DATABASE_PERSISTENCE_DISABLED" }, { "name": "DatabasePersistenceAsync", "description": "Asynchronously persist all execution data.", "value": "DATABASE_PERSISTENCE_ASYNC" } ] }, "google-native:integrations/v1alpha:TemplatesVersionStatus": { "description": "Optional. Generated by eventbus. User should not set it as an input.", "type": "string", "enum": [ { "name": "Unknown", "value": "UNKNOWN" }, { "name": "Draft", "value": "DRAFT" }, { "name": "Active", "value": "ACTIVE" }, { "name": "Archived", "value": "ARCHIVED" }, { "name": "Snapshot", "value": "SNAPSHOT" } ] }, "google-native:integrations/v1alpha:TestCaseDatabasePersistencePolicy": { "description": "Optional. Various policies for how to persist the test execution info including execution info, execution export info, execution metadata index and execution param index..", "type": "string", "enum": [ { "name": "DatabasePersistencePolicyUnspecified", "description": "Enables persistence for all execution data.", "value": "DATABASE_PERSISTENCE_POLICY_UNSPECIFIED" }, { "name": "DatabasePersistenceDisabled", "description": "Disables persistence for all execution data.", "value": "DATABASE_PERSISTENCE_DISABLED" }, { "name": "DatabasePersistenceAsync", "description": "Asynchronously persist all execution data.", "value": "DATABASE_PERSISTENCE_ASYNC" } ] }, "google-native:integrations/v1alpha:VersionDatabasePersistencePolicy": { "description": "Optional. Flag to disable database persistence for execution data, including event execution info, execution export info, execution metadata index and execution param index.", "type": "string", "enum": [ { "name": "DatabasePersistencePolicyUnspecified", "description": "Enables persistence for all execution data.", "value": "DATABASE_PERSISTENCE_POLICY_UNSPECIFIED" }, { "name": "DatabasePersistenceDisabled", "description": "Disables persistence for all execution data.", "value": "DATABASE_PERSISTENCE_DISABLED" }, { "name": "DatabasePersistenceAsync", "description": "Asynchronously persist all execution data.", "value": "DATABASE_PERSISTENCE_ASYNC" } ] }, "google-native:integrations/v1alpha:VersionOrigin": { "description": "Optional. The origin that indicates where this integration is coming from.", "type": "string", "enum": [ { "name": "Unspecified", "value": "UNSPECIFIED" }, { "name": "Ui", "description": "Workflow is being created via event bus UI.", "value": "UI" }, { "name": "PiperV2", "description": "User checked in this workflow in Piper as v2 textproto format and we synced it into spanner.", "value": "PIPER_V2" }, { "name": "PiperV3", "description": "User checked in this workflow in piper as v3 textproto format and we synced it into spanner.", "value": "PIPER_V3" }, { "name": "ApplicationIpProvisioning", "description": "Workflow is being created via Standalone IP Provisioning", "value": "APPLICATION_IP_PROVISIONING" }, { "name": "TestCase", "description": "Workflow is being created via Test Case.", "value": "TEST_CASE" } ] }, "google-native:jobs/v3:ApplicationInfo": { "description": "Application related details of a job posting.", "properties": { "emails": { "type": "array", "items": { "type": "string" }, "description": "Optional but at least one of uris, emails or instruction must be specified. Use this field to specify email address(es) to which resumes or applications can be sent. The maximum number of allowed characters for each entry is 255." }, "instruction": { "type": "string", "description": "Optional but at least one of uris, emails or instruction must be specified. Use this field to provide instructions, such as \"Mail your application to ...\", that a candidate can follow to apply for the job. This field accepts and sanitizes HTML input, and also accepts bold, italic, ordered list, and unordered list markup tags. The maximum number of allowed characters is 3,000." }, "uris": { "type": "array", "items": { "type": "string" }, "description": "Optional but at least one of uris, emails or instruction must be specified. Use this URI field to direct an applicant to a website, for example to link to an online application form. The maximum number of allowed characters for each entry is 2,000." } }, "type": "object" }, "google-native:jobs/v3:ApplicationInfoResponse": { "description": "Application related details of a job posting.", "properties": { "emails": { "type": "array", "items": { "type": "string" }, "description": "Optional but at least one of uris, emails or instruction must be specified. Use this field to specify email address(es) to which resumes or applications can be sent. The maximum number of allowed characters for each entry is 255." }, "instruction": { "type": "string", "description": "Optional but at least one of uris, emails or instruction must be specified. Use this field to provide instructions, such as \"Mail your application to ...\", that a candidate can follow to apply for the job. This field accepts and sanitizes HTML input, and also accepts bold, italic, ordered list, and unordered list markup tags. The maximum number of allowed characters is 3,000." }, "uris": { "type": "array", "items": { "type": "string" }, "description": "Optional but at least one of uris, emails or instruction must be specified. Use this URI field to direct an applicant to a website, for example to link to an online application form. The maximum number of allowed characters for each entry is 2,000." } }, "type": "object", "required": [ "emails", "instruction", "uris" ] }, "google-native:jobs/v3:CompanyDerivedInfoResponse": { "description": "Derived details about the company.", "properties": { "headquartersLocation": { "$ref": "#/types/google-native:jobs%2Fv3:LocationResponse", "description": "A structured headquarters location of the company, resolved from Company.hq_location if provided." } }, "type": "object", "required": [ "headquartersLocation" ] }, "google-native:jobs/v3:CompanySize": { "description": "Optional. The employer's company size.", "type": "string", "enum": [ { "name": "CompanySizeUnspecified", "description": "Default value if the size is not specified.", "value": "COMPANY_SIZE_UNSPECIFIED" }, { "name": "Mini", "description": "The company has less than 50 employees.", "value": "MINI" }, { "name": "Small", "description": "The company has between 50 and 99 employees.", "value": "SMALL" }, { "name": "Smedium", "description": "The company has between 100 and 499 employees.", "value": "SMEDIUM" }, { "name": "Medium", "description": "The company has between 500 and 999 employees.", "value": "MEDIUM" }, { "name": "Big", "description": "The company has between 1,000 and 4,999 employees.", "value": "BIG" }, { "name": "Bigger", "description": "The company has between 5,000 and 9,999 employees.", "value": "BIGGER" }, { "name": "Giant", "description": "The company has 10,000 or more employees.", "value": "GIANT" } ] }, "google-native:jobs/v3:CompensationEntry": { "description": "A compensation entry that represents one component of compensation, such as base pay, bonus, or other compensation type. Annualization: One compensation entry can be annualized if - it contains valid amount or range. - and its expected_units_per_year is set or can be derived. Its annualized range is determined as (amount or range) times expected_units_per_year.", "properties": { "amount": { "$ref": "#/types/google-native:jobs%2Fv3:Money", "description": "Optional. Compensation amount." }, "description": { "type": "string", "description": "Optional. Compensation description. For example, could indicate equity terms or provide additional context to an estimated bonus." }, "expectedUnitsPerYear": { "type": "number", "description": "Optional. Expected number of units paid each year. If not specified, when Job.employment_types is FULLTIME, a default value is inferred based on unit. Default values: - HOURLY: 2080 - DAILY: 260 - WEEKLY: 52 - MONTHLY: 12 - ANNUAL: 1" }, "range": { "$ref": "#/types/google-native:jobs%2Fv3:CompensationRange", "description": "Optional. Compensation range." }, "type": { "$ref": "#/types/google-native:jobs%2Fv3:CompensationEntryType", "description": "Optional. Compensation type. Default is CompensationUnit.COMPENSATION_TYPE_UNSPECIFIED." }, "unit": { "$ref": "#/types/google-native:jobs%2Fv3:CompensationEntryUnit", "description": "Optional. Frequency of the specified amount. Default is CompensationUnit.COMPENSATION_UNIT_UNSPECIFIED." } }, "type": "object" }, "google-native:jobs/v3:CompensationEntryResponse": { "description": "A compensation entry that represents one component of compensation, such as base pay, bonus, or other compensation type. Annualization: One compensation entry can be annualized if - it contains valid amount or range. - and its expected_units_per_year is set or can be derived. Its annualized range is determined as (amount or range) times expected_units_per_year.", "properties": { "amount": { "$ref": "#/types/google-native:jobs%2Fv3:MoneyResponse", "description": "Optional. Compensation amount." }, "description": { "type": "string", "description": "Optional. Compensation description. For example, could indicate equity terms or provide additional context to an estimated bonus." }, "expectedUnitsPerYear": { "type": "number", "description": "Optional. Expected number of units paid each year. If not specified, when Job.employment_types is FULLTIME, a default value is inferred based on unit. Default values: - HOURLY: 2080 - DAILY: 260 - WEEKLY: 52 - MONTHLY: 12 - ANNUAL: 1" }, "range": { "$ref": "#/types/google-native:jobs%2Fv3:CompensationRangeResponse", "description": "Optional. Compensation range." }, "type": { "type": "string", "description": "Optional. Compensation type. Default is CompensationUnit.COMPENSATION_TYPE_UNSPECIFIED." }, "unit": { "type": "string", "description": "Optional. Frequency of the specified amount. Default is CompensationUnit.COMPENSATION_UNIT_UNSPECIFIED." } }, "type": "object", "required": [ "amount", "description", "expectedUnitsPerYear", "range", "type", "unit" ] }, "google-native:jobs/v3:CompensationEntryType": { "description": "Optional. Compensation type. Default is CompensationUnit.COMPENSATION_TYPE_UNSPECIFIED.", "type": "string", "enum": [ { "name": "CompensationTypeUnspecified", "description": "Default value.", "value": "COMPENSATION_TYPE_UNSPECIFIED" }, { "name": "Base", "description": "Base compensation: Refers to the fixed amount of money paid to an employee by an employer in return for work performed. Base compensation does not include benefits, bonuses or any other potential compensation from an employer.", "value": "BASE" }, { "name": "Bonus", "description": "Bonus.", "value": "BONUS" }, { "name": "SigningBonus", "description": "Signing bonus.", "value": "SIGNING_BONUS" }, { "name": "Equity", "description": "Equity.", "value": "EQUITY" }, { "name": "ProfitSharing", "description": "Profit sharing.", "value": "PROFIT_SHARING" }, { "name": "Commissions", "description": "Commission.", "value": "COMMISSIONS" }, { "name": "Tips", "description": "Tips.", "value": "TIPS" }, { "name": "OtherCompensationType", "description": "Other compensation type.", "value": "OTHER_COMPENSATION_TYPE" } ] }, "google-native:jobs/v3:CompensationEntryUnit": { "description": "Optional. Frequency of the specified amount. Default is CompensationUnit.COMPENSATION_UNIT_UNSPECIFIED.", "type": "string", "enum": [ { "name": "CompensationUnitUnspecified", "description": "Default value.", "value": "COMPENSATION_UNIT_UNSPECIFIED" }, { "name": "Hourly", "description": "Hourly.", "value": "HOURLY" }, { "name": "Daily", "description": "Daily.", "value": "DAILY" }, { "name": "Weekly", "description": "Weekly", "value": "WEEKLY" }, { "name": "Monthly", "description": "Monthly.", "value": "MONTHLY" }, { "name": "Yearly", "description": "Yearly.", "value": "YEARLY" }, { "name": "OneTime", "description": "One time.", "value": "ONE_TIME" }, { "name": "OtherCompensationUnit", "description": "Other compensation units.", "value": "OTHER_COMPENSATION_UNIT" } ] }, "google-native:jobs/v3:CompensationInfo": { "description": "Job compensation details.", "properties": { "entries": { "type": "array", "items": { "$ref": "#/types/google-native:jobs%2Fv3:CompensationEntry" }, "description": "Optional. Job compensation information. At most one entry can be of type CompensationInfo.CompensationType.BASE, which is referred as ** base compensation entry ** for the job." } }, "type": "object" }, "google-native:jobs/v3:CompensationInfoResponse": { "description": "Job compensation details.", "properties": { "annualizedBaseCompensationRange": { "$ref": "#/types/google-native:jobs%2Fv3:CompensationRangeResponse", "description": "Annualized base compensation range. Computed as base compensation entry's CompensationEntry.compensation times CompensationEntry.expected_units_per_year. See CompensationEntry for explanation on compensation annualization." }, "annualizedTotalCompensationRange": { "$ref": "#/types/google-native:jobs%2Fv3:CompensationRangeResponse", "description": "Annualized total compensation range. Computed as all compensation entries' CompensationEntry.compensation times CompensationEntry.expected_units_per_year. See CompensationEntry for explanation on compensation annualization." }, "entries": { "type": "array", "items": { "$ref": "#/types/google-native:jobs%2Fv3:CompensationEntryResponse" }, "description": "Optional. Job compensation information. At most one entry can be of type CompensationInfo.CompensationType.BASE, which is referred as ** base compensation entry ** for the job." } }, "type": "object", "required": [ "annualizedBaseCompensationRange", "annualizedTotalCompensationRange", "entries" ] }, "google-native:jobs/v3:CompensationRange": { "description": "Compensation range.", "properties": { "maxCompensation": { "$ref": "#/types/google-native:jobs%2Fv3:Money", "description": "Optional. The maximum amount of compensation. If left empty, the value is set to a maximal compensation value and the currency code is set to match the currency code of min_compensation." }, "minCompensation": { "$ref": "#/types/google-native:jobs%2Fv3:Money", "description": "Optional. The minimum amount of compensation. If left empty, the value is set to zero and the currency code is set to match the currency code of max_compensation." } }, "type": "object" }, "google-native:jobs/v3:CompensationRangeResponse": { "description": "Compensation range.", "properties": { "maxCompensation": { "$ref": "#/types/google-native:jobs%2Fv3:MoneyResponse", "description": "Optional. The maximum amount of compensation. If left empty, the value is set to a maximal compensation value and the currency code is set to match the currency code of min_compensation." }, "minCompensation": { "$ref": "#/types/google-native:jobs%2Fv3:MoneyResponse", "description": "Optional. The minimum amount of compensation. If left empty, the value is set to zero and the currency code is set to match the currency code of max_compensation." } }, "type": "object", "required": [ "maxCompensation", "minCompensation" ] }, "google-native:jobs/v3:JobDegreeTypesItem": { "type": "string", "enum": [ { "name": "DegreeTypeUnspecified", "description": "Default value. Represents no degree, or early childhood education. Maps to ISCED code 0. Ex) Kindergarten", "value": "DEGREE_TYPE_UNSPECIFIED" }, { "name": "PrimaryEducation", "description": "Primary education which is typically the first stage of compulsory education. ISCED code 1. Ex) Elementary school", "value": "PRIMARY_EDUCATION" }, { "name": "LowerSecondaryEducation", "description": "Lower secondary education; First stage of secondary education building on primary education, typically with a more subject-oriented curriculum. ISCED code 2. Ex) Middle school", "value": "LOWER_SECONDARY_EDUCATION" }, { "name": "UpperSecondaryEducation", "description": "Middle education; Second/final stage of secondary education preparing for tertiary education and/or providing skills relevant to employment. Usually with an increased range of subject options and streams. ISCED code 3. Ex) High school", "value": "UPPER_SECONDARY_EDUCATION" }, { "name": "AdultRemedialEducation", "description": "Adult Remedial Education; Programmes providing learning experiences that build on secondary education and prepare for labour market entry and/or tertiary education. The content is broader than secondary but not as complex as tertiary education. ISCED code 4.", "value": "ADULT_REMEDIAL_EDUCATION" }, { "name": "AssociatesOrEquivalent", "description": "Associate's or equivalent; Short first tertiary programmes that are typically practically-based, occupationally-specific and prepare for labour market entry. These programmes may also provide a pathway to other tertiary programmes. ISCED code 5.", "value": "ASSOCIATES_OR_EQUIVALENT" }, { "name": "BachelorsOrEquivalent", "description": "Bachelor's or equivalent; Programmes designed to provide intermediate academic and/or professional knowledge, skills and competencies leading to a first tertiary degree or equivalent qualification. ISCED code 6.", "value": "BACHELORS_OR_EQUIVALENT" }, { "name": "MastersOrEquivalent", "description": "Master's or equivalent; Programmes designed to provide advanced academic and/or professional knowledge, skills and competencies leading to a second tertiary degree or equivalent qualification. ISCED code 7.", "value": "MASTERS_OR_EQUIVALENT" }, { "name": "DoctoralOrEquivalent", "description": "Doctoral or equivalent; Programmes designed primarily to lead to an advanced research qualification, usually concluding with the submission and defense of a substantive dissertation of publishable quality based on original research. ISCED code 8.", "value": "DOCTORAL_OR_EQUIVALENT" } ] }, "google-native:jobs/v3:JobDerivedInfoResponse": { "description": "Output only. Derived details about the job posting.", "properties": { "jobCategories": { "type": "array", "items": { "type": "string" }, "description": "Job categories derived from Job.title and Job.description." }, "locations": { "type": "array", "items": { "$ref": "#/types/google-native:jobs%2Fv3:LocationResponse" }, "description": "Structured locations of the job, resolved from Job.addresses. locations are exactly matched to Job.addresses in the same order." } }, "type": "object", "required": [ "jobCategories", "locations" ] }, "google-native:jobs/v3:JobEmploymentTypesItem": { "type": "string", "enum": [ { "name": "EmploymentTypeUnspecified", "description": "The default value if the employment type is not specified.", "value": "EMPLOYMENT_TYPE_UNSPECIFIED" }, { "name": "FullTime", "description": "The job requires working a number of hours that constitute full time employment, typically 40 or more hours per week.", "value": "FULL_TIME" }, { "name": "PartTime", "description": "The job entails working fewer hours than a full time job, typically less than 40 hours a week.", "value": "PART_TIME" }, { "name": "Contractor", "description": "The job is offered as a contracted, as opposed to a salaried employee, position.", "value": "CONTRACTOR" }, { "name": "ContractToHire", "description": "The job is offered as a contracted position with the understanding that it's converted into a full-time position at the end of the contract. Jobs of this type are also returned by a search for EmploymentType.CONTRACTOR jobs.", "value": "CONTRACT_TO_HIRE" }, { "name": "Temporary", "description": "The job is offered as a temporary employment opportunity, usually a short-term engagement.", "value": "TEMPORARY" }, { "name": "Intern", "description": "The job is a fixed-term opportunity for students or entry-level job seekers to obtain on-the-job training, typically offered as a summer position.", "value": "INTERN" }, { "name": "Volunteer", "description": "The is an opportunity for an individual to volunteer, where there's no expectation of compensation for the provided services.", "value": "VOLUNTEER" }, { "name": "PerDiem", "description": "The job requires an employee to work on an as-needed basis with a flexible schedule.", "value": "PER_DIEM" }, { "name": "FlyInFlyOut", "description": "The job involves employing people in remote areas and flying them temporarily to the work site instead of relocating employees and their families permanently.", "value": "FLY_IN_FLY_OUT" }, { "name": "OtherEmploymentType", "description": "The job does not fit any of the other listed types.", "value": "OTHER_EMPLOYMENT_TYPE" } ] }, "google-native:jobs/v3:JobJobBenefitsItem": { "type": "string", "enum": [ { "name": "JobBenefitUnspecified", "description": "Default value if the type is not specified.", "value": "JOB_BENEFIT_UNSPECIFIED" }, { "name": "ChildCare", "description": "The job includes access to programs that support child care, such as daycare.", "value": "CHILD_CARE" }, { "name": "Dental", "description": "The job includes dental services covered by a dental insurance plan.", "value": "DENTAL" }, { "name": "DomesticPartner", "description": "The job offers specific benefits to domestic partners.", "value": "DOMESTIC_PARTNER" }, { "name": "FlexibleHours", "description": "The job allows for a flexible work schedule.", "value": "FLEXIBLE_HOURS" }, { "name": "Medical", "description": "The job includes health services covered by a medical insurance plan.", "value": "MEDICAL" }, { "name": "LifeInsurance", "description": "The job includes a life insurance plan provided by the employer or available for purchase by the employee.", "value": "LIFE_INSURANCE" }, { "name": "ParentalLeave", "description": "The job allows for a leave of absence to a parent to care for a newborn child.", "value": "PARENTAL_LEAVE" }, { "name": "RetirementPlan", "description": "The job includes a workplace retirement plan provided by the employer or available for purchase by the employee.", "value": "RETIREMENT_PLAN" }, { "name": "SickDays", "description": "The job allows for paid time off due to illness.", "value": "SICK_DAYS" }, { "name": "Vacation", "description": "The job includes paid time off for vacation.", "value": "VACATION" }, { "name": "Vision", "description": "The job includes vision services covered by a vision insurance plan.", "value": "VISION" } ] }, "google-native:jobs/v3:JobJobLevel": { "description": "Optional. The experience level associated with the job, such as \"Entry Level\".", "type": "string", "enum": [ { "name": "JobLevelUnspecified", "description": "The default value if the level is not specified.", "value": "JOB_LEVEL_UNSPECIFIED" }, { "name": "EntryLevel", "description": "Entry-level individual contributors, typically with less than 2 years of experience in a similar role. Includes interns.", "value": "ENTRY_LEVEL" }, { "name": "Experienced", "description": "Experienced individual contributors, typically with 2+ years of experience in a similar role.", "value": "EXPERIENCED" }, { "name": "Manager", "description": "Entry- to mid-level managers responsible for managing a team of people.", "value": "MANAGER" }, { "name": "Director", "description": "Senior-level managers responsible for managing teams of managers.", "value": "DIRECTOR" }, { "name": "Executive", "description": "Executive-level managers and above, including C-level positions.", "value": "EXECUTIVE" } ] }, "google-native:jobs/v3:JobPostingRegion": { "description": "Optional. The job PostingRegion (for example, state, country) throughout which the job is available. If this field is set, a LocationFilter in a search query within the job region finds this job posting if an exact location match isn't specified. If this field is set to PostingRegion.NATION or PostingRegion.ADMINISTRATIVE_AREA, setting job Job.addresses to the same location level as this field is strongly recommended.", "type": "string", "enum": [ { "name": "PostingRegionUnspecified", "description": "If the region is unspecified, the job is only returned if it matches the LocationFilter.", "value": "POSTING_REGION_UNSPECIFIED" }, { "name": "AdministrativeArea", "description": "In addition to exact location matching, job posting is returned when the LocationFilter in the search query is in the same administrative area as the returned job posting. For example, if a `ADMINISTRATIVE_AREA` job is posted in \"CA, USA\", it's returned if LocationFilter has \"Mountain View\". Administrative area refers to top-level administrative subdivision of this country. For example, US state, IT region, UK constituent nation and JP prefecture.", "value": "ADMINISTRATIVE_AREA" }, { "name": "Nation", "description": "In addition to exact location matching, job is returned when LocationFilter in search query is in the same country as this job. For example, if a `NATION_WIDE` job is posted in \"USA\", it's returned if LocationFilter has 'Mountain View'.", "value": "NATION" }, { "name": "Telecommute", "description": "Job allows employees to work remotely (telecommute). If locations are provided with this value, the job is considered as having a location, but telecommuting is allowed.", "value": "TELECOMMUTE" } ] }, "google-native:jobs/v3:JobVisibility": { "description": "Deprecated. The job is only visible to the owner. The visibility of the job. Defaults to Visibility.ACCOUNT_ONLY if not specified.", "type": "string", "enum": [ { "name": "VisibilityUnspecified", "description": "Default value.", "value": "VISIBILITY_UNSPECIFIED" }, { "name": "AccountOnly", "description": "The resource is only visible to the GCP account who owns it.", "value": "ACCOUNT_ONLY" }, { "name": "SharedWithGoogle", "description": "The resource is visible to the owner and may be visible to other applications and processes at Google.", "value": "SHARED_WITH_GOOGLE" }, { "name": "SharedWithPublic", "description": "The resource is visible to the owner and may be visible to all other API clients.", "value": "SHARED_WITH_PUBLIC" } ] }, "google-native:jobs/v3:LatLngResponse": { "description": "An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges.", "properties": { "latitude": { "type": "number", "description": "The latitude in degrees. It must be in the range [-90.0, +90.0]." }, "longitude": { "type": "number", "description": "The longitude in degrees. It must be in the range [-180.0, +180.0]." } }, "type": "object", "required": [ "latitude", "longitude" ] }, "google-native:jobs/v3:LocationResponse": { "description": "Output only. A resource that represents a location with full geographic information.", "properties": { "latLng": { "$ref": "#/types/google-native:jobs%2Fv3:LatLngResponse", "description": "An object representing a latitude/longitude pair." }, "locationType": { "type": "string", "description": "The type of a location, which corresponds to the address lines field of PostalAddress. For example, \"Downtown, Atlanta, GA, USA\" has a type of LocationType#NEIGHBORHOOD, and \"Kansas City, KS, USA\" has a type of LocationType#LOCALITY." }, "postalAddress": { "$ref": "#/types/google-native:jobs%2Fv3:PostalAddressResponse", "description": "Postal address of the location that includes human readable information, such as postal delivery and payments addresses. Given a postal address, a postal service can deliver items to a premises, P.O. Box, or other delivery location." }, "radiusInMiles": { "type": "number", "description": "Radius in miles of the job location. This value is derived from the location bounding box in which a circle with the specified radius centered from LatLng covers the area associated with the job location. For example, currently, \"Mountain View, CA, USA\" has a radius of 6.17 miles." } }, "type": "object", "required": [ "latLng", "locationType", "postalAddress", "radiusInMiles" ] }, "google-native:jobs/v3:Money": { "description": "Represents an amount of money with its currency type.", "properties": { "currencyCode": { "type": "string", "description": "The three-letter currency code defined in ISO 4217." }, "nanos": { "type": "integer", "description": "Number of nano (10^-9) units of the amount. The value must be between -999,999,999 and +999,999,999 inclusive. If `units` is positive, `nanos` must be positive or zero. If `units` is zero, `nanos` can be positive, zero, or negative. If `units` is negative, `nanos` must be negative or zero. For example $-1.75 is represented as `units`=-1 and `nanos`=-750,000,000." }, "units": { "type": "string", "description": "The whole units of the amount. For example if `currencyCode` is `\"USD\"`, then 1 unit is one US dollar." } }, "type": "object" }, "google-native:jobs/v3:MoneyResponse": { "description": "Represents an amount of money with its currency type.", "properties": { "currencyCode": { "type": "string", "description": "The three-letter currency code defined in ISO 4217." }, "nanos": { "type": "integer", "description": "Number of nano (10^-9) units of the amount. The value must be between -999,999,999 and +999,999,999 inclusive. If `units` is positive, `nanos` must be positive or zero. If `units` is zero, `nanos` can be positive, zero, or negative. If `units` is negative, `nanos` must be negative or zero. For example $-1.75 is represented as `units`=-1 and `nanos`=-750,000,000." }, "units": { "type": "string", "description": "The whole units of the amount. For example if `currencyCode` is `\"USD\"`, then 1 unit is one US dollar." } }, "type": "object", "required": [ "currencyCode", "nanos", "units" ] }, "google-native:jobs/v3:PostalAddressResponse": { "description": "Represents a postal address, e.g. for postal delivery or payments addresses. Given a postal address, a postal service can deliver items to a premise, P.O. Box or similar. It is not intended to model geographical locations (roads, towns, mountains). In typical usage an address would be created via user input or from importing existing data, depending on the type of process. Advice on address input / editing: - Use an internationalization-ready address widget such as https://github.com/google/libaddressinput) - Users should not be presented with UI elements for input or editing of fields outside countries where that field is used. For more guidance on how to use this schema, please see: https://support.google.com/business/answer/6397478", "properties": { "addressLines": { "type": "array", "items": { "type": "string" }, "description": "Unstructured address lines describing the lower levels of an address. Because values in address_lines do not have type information and may sometimes contain multiple values in a single field (e.g. \"Austin, TX\"), it is important that the line order is clear. The order of address lines should be \"envelope order\" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. \"ja\" for large-to-small ordering and \"ja-Latn\" or \"en\" for small-to-large). This way, the most specific line of an address can be selected based on the language. The minimum permitted structural representation of an address consists of a region_code with all remaining information placed in the address_lines. It would be possible to format such an address very approximately without geocoding, but no semantic reasoning could be made about any of the address components until it was at least partially resolved. Creating an address only containing a region_code and address_lines, and then geocoding is the recommended way to handle completely unstructured addresses (as opposed to guessing which parts of the address should be localities or administrative areas)." }, "administrativeArea": { "type": "string", "description": "Optional. Highest administrative subdivision which is used for postal addresses of a country or region. For example, this can be a state, a province, an oblast, or a prefecture. Specifically, for Spain this is the province and not the autonomous community (e.g. \"Barcelona\" and not \"Catalonia\"). Many countries don't use an administrative area in postal addresses. E.g. in Switzerland this should be left unpopulated." }, "languageCode": { "type": "string", "description": "Optional. BCP-47 language code of the contents of this address (if known). This is often the UI language of the input form or is expected to match one of the languages used in the address' country/region, or their transliterated equivalents. This can affect formatting in certain countries, but is not critical to the correctness of the data and will never affect any validation or other non-formatting related operations. If this value is not known, it should be omitted (rather than specifying a possibly incorrect default). Examples: \"zh-Hant\", \"ja\", \"ja-Latn\", \"en\"." }, "locality": { "type": "string", "description": "Optional. Generally refers to the city/town portion of the address. Examples: US city, IT comune, UK post town. In regions of the world where localities are not well defined or do not fit into this structure well, leave locality empty and use address_lines." }, "organization": { "type": "string", "description": "Optional. The name of the organization at the address." }, "postalCode": { "type": "string", "description": "Optional. Postal code of the address. Not all countries use or require postal codes to be present, but where they are used, they may trigger additional validation with other parts of the address (e.g. state/zip validation in the U.S.A.)." }, "recipients": { "type": "array", "items": { "type": "string" }, "description": "Optional. The recipient at the address. This field may, under certain circumstances, contain multiline information. For example, it might contain \"care of\" information." }, "regionCode": { "type": "string", "description": "CLDR region code of the country/region of the address. This is never inferred and it is up to the user to ensure the value is correct. See https://cldr.unicode.org/ and https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html for details. Example: \"CH\" for Switzerland." }, "revision": { "type": "integer", "description": "The schema revision of the `PostalAddress`. This must be set to 0, which is the latest revision. All new revisions **must** be backward compatible with old revisions." }, "sortingCode": { "type": "string", "description": "Optional. Additional, country-specific, sorting code. This is not used in most regions. Where it is used, the value is either a string like \"CEDEX\", optionally followed by a number (e.g. \"CEDEX 7\"), or just a number alone, representing the \"sector code\" (Jamaica), \"delivery area indicator\" (Malawi) or \"post office indicator\" (e.g. Côte d'Ivoire)." }, "sublocality": { "type": "string", "description": "Optional. Sublocality of the address. For example, this can be neighborhoods, boroughs, districts." } }, "type": "object", "required": [ "addressLines", "administrativeArea", "languageCode", "locality", "organization", "postalCode", "recipients", "regionCode", "revision", "sortingCode", "sublocality" ] }, "google-native:jobs/v3:ProcessingOptions": { "description": "Input only. Options for job processing.", "properties": { "disableStreetAddressResolution": { "type": "boolean", "description": "Optional. If set to `true`, the service does not attempt to resolve a more precise address for the job." }, "htmlSanitization": { "$ref": "#/types/google-native:jobs%2Fv3:ProcessingOptionsHtmlSanitization", "description": "Optional. Option for job HTML content sanitization. Applied fields are: * description * applicationInfo.instruction * incentives * qualifications * responsibilities HTML tags in these fields may be stripped if sanitiazation is not disabled. Defaults to HtmlSanitization.SIMPLE_FORMATTING_ONLY." } }, "type": "object" }, "google-native:jobs/v3:ProcessingOptionsHtmlSanitization": { "description": "Optional. Option for job HTML content sanitization. Applied fields are: * description * applicationInfo.instruction * incentives * qualifications * responsibilities HTML tags in these fields may be stripped if sanitiazation is not disabled. Defaults to HtmlSanitization.SIMPLE_FORMATTING_ONLY.", "type": "string", "enum": [ { "name": "HtmlSanitizationUnspecified", "description": "Default value.", "value": "HTML_SANITIZATION_UNSPECIFIED" }, { "name": "HtmlSanitizationDisabled", "description": "Disables sanitization on HTML input.", "value": "HTML_SANITIZATION_DISABLED" }, { "name": "SimpleFormattingOnly", "description": "Sanitizes HTML input, only accepts bold, italic, ordered list, and unordered list markup tags.", "value": "SIMPLE_FORMATTING_ONLY" } ] }, "google-native:jobs/v3:ProcessingOptionsResponse": { "description": "Input only. Options for job processing.", "properties": { "disableStreetAddressResolution": { "type": "boolean", "description": "Optional. If set to `true`, the service does not attempt to resolve a more precise address for the job." }, "htmlSanitization": { "type": "string", "description": "Optional. Option for job HTML content sanitization. Applied fields are: * description * applicationInfo.instruction * incentives * qualifications * responsibilities HTML tags in these fields may be stripped if sanitiazation is not disabled. Defaults to HtmlSanitization.SIMPLE_FORMATTING_ONLY." } }, "type": "object", "required": [ "disableStreetAddressResolution", "htmlSanitization" ] }, "google-native:jobs/v4:ApplicationInfo": { "description": "Application related details of a job posting.", "properties": { "emails": { "type": "array", "items": { "type": "string" }, "description": "Use this field to specify email address(es) to which resumes or applications can be sent. The maximum number of allowed characters for each entry is 255." }, "instruction": { "type": "string", "description": "Use this field to provide instructions, such as \"Mail your application to ...\", that a candidate can follow to apply for the job. This field accepts and sanitizes HTML input, and also accepts bold, italic, ordered list, and unordered list markup tags. The maximum number of allowed characters is 3,000." }, "uris": { "type": "array", "items": { "type": "string" }, "description": "Use this URI field to direct an applicant to a website, for example to link to an online application form. The maximum number of allowed characters for each entry is 2,000." } }, "type": "object" }, "google-native:jobs/v4:ApplicationInfoResponse": { "description": "Application related details of a job posting.", "properties": { "emails": { "type": "array", "items": { "type": "string" }, "description": "Use this field to specify email address(es) to which resumes or applications can be sent. The maximum number of allowed characters for each entry is 255." }, "instruction": { "type": "string", "description": "Use this field to provide instructions, such as \"Mail your application to ...\", that a candidate can follow to apply for the job. This field accepts and sanitizes HTML input, and also accepts bold, italic, ordered list, and unordered list markup tags. The maximum number of allowed characters is 3,000." }, "uris": { "type": "array", "items": { "type": "string" }, "description": "Use this URI field to direct an applicant to a website, for example to link to an online application form. The maximum number of allowed characters for each entry is 2,000." } }, "type": "object", "required": [ "emails", "instruction", "uris" ] }, "google-native:jobs/v4:CompanyDerivedInfoResponse": { "description": "Derived details about the company.", "properties": { "headquartersLocation": { "$ref": "#/types/google-native:jobs%2Fv4:LocationResponse", "description": "A structured headquarters location of the company, resolved from Company.headquarters_address if provided." } }, "type": "object", "required": [ "headquartersLocation" ] }, "google-native:jobs/v4:CompanySize": { "description": "The employer's company size.", "type": "string", "enum": [ { "name": "CompanySizeUnspecified", "description": "Default value if the size isn't specified.", "value": "COMPANY_SIZE_UNSPECIFIED" }, { "name": "Mini", "description": "The company has less than 50 employees.", "value": "MINI" }, { "name": "Small", "description": "The company has between 50 and 99 employees.", "value": "SMALL" }, { "name": "Smedium", "description": "The company has between 100 and 499 employees.", "value": "SMEDIUM" }, { "name": "Medium", "description": "The company has between 500 and 999 employees.", "value": "MEDIUM" }, { "name": "Big", "description": "The company has between 1,000 and 4,999 employees.", "value": "BIG" }, { "name": "Bigger", "description": "The company has between 5,000 and 9,999 employees.", "value": "BIGGER" }, { "name": "Giant", "description": "The company has 10,000 or more employees.", "value": "GIANT" } ] }, "google-native:jobs/v4:CompensationEntry": { "description": "A compensation entry that represents one component of compensation, such as base pay, bonus, or other compensation type. Annualization: One compensation entry can be annualized if - it contains valid amount or range. - and its expected_units_per_year is set or can be derived. Its annualized range is determined as (amount or range) times expected_units_per_year.", "properties": { "amount": { "$ref": "#/types/google-native:jobs%2Fv4:Money", "description": "Compensation amount." }, "description": { "type": "string", "description": "Compensation description. For example, could indicate equity terms or provide additional context to an estimated bonus." }, "expectedUnitsPerYear": { "type": "number", "description": "Expected number of units paid each year. If not specified, when Job.employment_types is FULLTIME, a default value is inferred based on unit. Default values: - HOURLY: 2080 - DAILY: 260 - WEEKLY: 52 - MONTHLY: 12 - ANNUAL: 1" }, "range": { "$ref": "#/types/google-native:jobs%2Fv4:CompensationRange", "description": "Compensation range." }, "type": { "$ref": "#/types/google-native:jobs%2Fv4:CompensationEntryType", "description": "Compensation type. Default is CompensationType.COMPENSATION_TYPE_UNSPECIFIED." }, "unit": { "$ref": "#/types/google-native:jobs%2Fv4:CompensationEntryUnit", "description": "Frequency of the specified amount. Default is CompensationUnit.COMPENSATION_UNIT_UNSPECIFIED." } }, "type": "object" }, "google-native:jobs/v4:CompensationEntryResponse": { "description": "A compensation entry that represents one component of compensation, such as base pay, bonus, or other compensation type. Annualization: One compensation entry can be annualized if - it contains valid amount or range. - and its expected_units_per_year is set or can be derived. Its annualized range is determined as (amount or range) times expected_units_per_year.", "properties": { "amount": { "$ref": "#/types/google-native:jobs%2Fv4:MoneyResponse", "description": "Compensation amount." }, "description": { "type": "string", "description": "Compensation description. For example, could indicate equity terms or provide additional context to an estimated bonus." }, "expectedUnitsPerYear": { "type": "number", "description": "Expected number of units paid each year. If not specified, when Job.employment_types is FULLTIME, a default value is inferred based on unit. Default values: - HOURLY: 2080 - DAILY: 260 - WEEKLY: 52 - MONTHLY: 12 - ANNUAL: 1" }, "range": { "$ref": "#/types/google-native:jobs%2Fv4:CompensationRangeResponse", "description": "Compensation range." }, "type": { "type": "string", "description": "Compensation type. Default is CompensationType.COMPENSATION_TYPE_UNSPECIFIED." }, "unit": { "type": "string", "description": "Frequency of the specified amount. Default is CompensationUnit.COMPENSATION_UNIT_UNSPECIFIED." } }, "type": "object", "required": [ "amount", "description", "expectedUnitsPerYear", "range", "type", "unit" ] }, "google-native:jobs/v4:CompensationEntryType": { "description": "Compensation type. Default is CompensationType.COMPENSATION_TYPE_UNSPECIFIED.", "type": "string", "enum": [ { "name": "CompensationTypeUnspecified", "description": "Default value.", "value": "COMPENSATION_TYPE_UNSPECIFIED" }, { "name": "Base", "description": "Base compensation: Refers to the fixed amount of money paid to an employee by an employer in return for work performed. Base compensation does not include benefits, bonuses or any other potential compensation from an employer.", "value": "BASE" }, { "name": "Bonus", "description": "Bonus.", "value": "BONUS" }, { "name": "SigningBonus", "description": "Signing bonus.", "value": "SIGNING_BONUS" }, { "name": "Equity", "description": "Equity.", "value": "EQUITY" }, { "name": "ProfitSharing", "description": "Profit sharing.", "value": "PROFIT_SHARING" }, { "name": "Commissions", "description": "Commission.", "value": "COMMISSIONS" }, { "name": "Tips", "description": "Tips.", "value": "TIPS" }, { "name": "OtherCompensationType", "description": "Other compensation type.", "value": "OTHER_COMPENSATION_TYPE" } ] }, "google-native:jobs/v4:CompensationEntryUnit": { "description": "Frequency of the specified amount. Default is CompensationUnit.COMPENSATION_UNIT_UNSPECIFIED.", "type": "string", "enum": [ { "name": "CompensationUnitUnspecified", "description": "Default value.", "value": "COMPENSATION_UNIT_UNSPECIFIED" }, { "name": "Hourly", "description": "Hourly.", "value": "HOURLY" }, { "name": "Daily", "description": "Daily.", "value": "DAILY" }, { "name": "Weekly", "description": "Weekly", "value": "WEEKLY" }, { "name": "Monthly", "description": "Monthly.", "value": "MONTHLY" }, { "name": "Yearly", "description": "Yearly.", "value": "YEARLY" }, { "name": "OneTime", "description": "One time.", "value": "ONE_TIME" }, { "name": "OtherCompensationUnit", "description": "Other compensation units.", "value": "OTHER_COMPENSATION_UNIT" } ] }, "google-native:jobs/v4:CompensationInfo": { "description": "Job compensation details.", "properties": { "entries": { "type": "array", "items": { "$ref": "#/types/google-native:jobs%2Fv4:CompensationEntry" }, "description": "Job compensation information. At most one entry can be of type CompensationInfo.CompensationType.BASE, which is referred as **base compensation entry** for the job." } }, "type": "object" }, "google-native:jobs/v4:CompensationInfoResponse": { "description": "Job compensation details.", "properties": { "annualizedBaseCompensationRange": { "$ref": "#/types/google-native:jobs%2Fv4:CompensationRangeResponse", "description": "Annualized base compensation range. Computed as base compensation entry's CompensationEntry.amount times CompensationEntry.expected_units_per_year. See CompensationEntry for explanation on compensation annualization." }, "annualizedTotalCompensationRange": { "$ref": "#/types/google-native:jobs%2Fv4:CompensationRangeResponse", "description": "Annualized total compensation range. Computed as all compensation entries' CompensationEntry.amount times CompensationEntry.expected_units_per_year. See CompensationEntry for explanation on compensation annualization." }, "entries": { "type": "array", "items": { "$ref": "#/types/google-native:jobs%2Fv4:CompensationEntryResponse" }, "description": "Job compensation information. At most one entry can be of type CompensationInfo.CompensationType.BASE, which is referred as **base compensation entry** for the job." } }, "type": "object", "required": [ "annualizedBaseCompensationRange", "annualizedTotalCompensationRange", "entries" ] }, "google-native:jobs/v4:CompensationRange": { "description": "Compensation range.", "properties": { "maxCompensation": { "$ref": "#/types/google-native:jobs%2Fv4:Money", "description": "The maximum amount of compensation. If left empty, the value is set to a maximal compensation value and the currency code is set to match the currency code of min_compensation." }, "minCompensation": { "$ref": "#/types/google-native:jobs%2Fv4:Money", "description": "The minimum amount of compensation. If left empty, the value is set to zero and the currency code is set to match the currency code of max_compensation." } }, "type": "object" }, "google-native:jobs/v4:CompensationRangeResponse": { "description": "Compensation range.", "properties": { "maxCompensation": { "$ref": "#/types/google-native:jobs%2Fv4:MoneyResponse", "description": "The maximum amount of compensation. If left empty, the value is set to a maximal compensation value and the currency code is set to match the currency code of min_compensation." }, "minCompensation": { "$ref": "#/types/google-native:jobs%2Fv4:MoneyResponse", "description": "The minimum amount of compensation. If left empty, the value is set to zero and the currency code is set to match the currency code of max_compensation." } }, "type": "object", "required": [ "maxCompensation", "minCompensation" ] }, "google-native:jobs/v4:JobDegreeTypesItem": { "type": "string", "enum": [ { "name": "DegreeTypeUnspecified", "description": "Default value. Represents no degree, or early childhood education. Maps to ISCED code 0. Ex) Kindergarten", "value": "DEGREE_TYPE_UNSPECIFIED" }, { "name": "PrimaryEducation", "description": "Primary education which is typically the first stage of compulsory education. ISCED code 1. Ex) Elementary school", "value": "PRIMARY_EDUCATION" }, { "name": "LowerSecondaryEducation", "description": "Lower secondary education; First stage of secondary education building on primary education, typically with a more subject-oriented curriculum. ISCED code 2. Ex) Middle school", "value": "LOWER_SECONDARY_EDUCATION" }, { "name": "UpperSecondaryEducation", "description": "Middle education; Second/final stage of secondary education preparing for tertiary education and/or providing skills relevant to employment. Usually with an increased range of subject options and streams. ISCED code 3. Ex) High school", "value": "UPPER_SECONDARY_EDUCATION" }, { "name": "AdultRemedialEducation", "description": "Adult Remedial Education; Programmes providing learning experiences that build on secondary education and prepare for labour market entry and/or tertiary education. The content is broader than secondary but not as complex as tertiary education. ISCED code 4.", "value": "ADULT_REMEDIAL_EDUCATION" }, { "name": "AssociatesOrEquivalent", "description": "Associate's or equivalent; Short first tertiary programmes that are typically practically-based, occupationally-specific and prepare for labour market entry. These programmes may also provide a pathway to other tertiary programmes. ISCED code 5.", "value": "ASSOCIATES_OR_EQUIVALENT" }, { "name": "BachelorsOrEquivalent", "description": "Bachelor's or equivalent; Programmes designed to provide intermediate academic and/or professional knowledge, skills and competencies leading to a first tertiary degree or equivalent qualification. ISCED code 6.", "value": "BACHELORS_OR_EQUIVALENT" }, { "name": "MastersOrEquivalent", "description": "Master's or equivalent; Programmes designed to provide advanced academic and/or professional knowledge, skills and competencies leading to a second tertiary degree or equivalent qualification. ISCED code 7.", "value": "MASTERS_OR_EQUIVALENT" }, { "name": "DoctoralOrEquivalent", "description": "Doctoral or equivalent; Programmes designed primarily to lead to an advanced research qualification, usually concluding with the submission and defense of a substantive dissertation of publishable quality based on original research. ISCED code 8.", "value": "DOCTORAL_OR_EQUIVALENT" } ] }, "google-native:jobs/v4:JobDerivedInfoResponse": { "description": "Derived details about the job posting.", "properties": { "jobCategories": { "type": "array", "items": { "type": "string" }, "description": "Job categories derived from Job.title and Job.description." }, "locations": { "type": "array", "items": { "$ref": "#/types/google-native:jobs%2Fv4:LocationResponse" }, "description": "Structured locations of the job, resolved from Job.addresses. locations are exactly matched to Job.addresses in the same order." } }, "type": "object", "required": [ "jobCategories", "locations" ] }, "google-native:jobs/v4:JobEmploymentTypesItem": { "type": "string", "enum": [ { "name": "EmploymentTypeUnspecified", "description": "The default value if the employment type isn't specified.", "value": "EMPLOYMENT_TYPE_UNSPECIFIED" }, { "name": "FullTime", "description": "The job requires working a number of hours that constitute full time employment, typically 40 or more hours per week.", "value": "FULL_TIME" }, { "name": "PartTime", "description": "The job entails working fewer hours than a full time job, typically less than 40 hours a week.", "value": "PART_TIME" }, { "name": "Contractor", "description": "The job is offered as a contracted, as opposed to a salaried employee, position.", "value": "CONTRACTOR" }, { "name": "ContractToHire", "description": "The job is offered as a contracted position with the understanding that it's converted into a full-time position at the end of the contract. Jobs of this type are also returned by a search for EmploymentType.CONTRACTOR jobs.", "value": "CONTRACT_TO_HIRE" }, { "name": "Temporary", "description": "The job is offered as a temporary employment opportunity, usually a short-term engagement.", "value": "TEMPORARY" }, { "name": "Intern", "description": "The job is a fixed-term opportunity for students or entry-level job seekers to obtain on-the-job training, typically offered as a summer position.", "value": "INTERN" }, { "name": "Volunteer", "description": "The is an opportunity for an individual to volunteer, where there's no expectation of compensation for the provided services.", "value": "VOLUNTEER" }, { "name": "PerDiem", "description": "The job requires an employee to work on an as-needed basis with a flexible schedule.", "value": "PER_DIEM" }, { "name": "FlyInFlyOut", "description": "The job involves employing people in remote areas and flying them temporarily to the work site instead of relocating employees and their families permanently.", "value": "FLY_IN_FLY_OUT" }, { "name": "OtherEmploymentType", "description": "The job does not fit any of the other listed types.", "value": "OTHER_EMPLOYMENT_TYPE" } ] }, "google-native:jobs/v4:JobJobBenefitsItem": { "type": "string", "enum": [ { "name": "JobBenefitUnspecified", "description": "Default value if the type isn't specified.", "value": "JOB_BENEFIT_UNSPECIFIED" }, { "name": "ChildCare", "description": "The job includes access to programs that support child care, such as daycare.", "value": "CHILD_CARE" }, { "name": "Dental", "description": "The job includes dental services covered by a dental insurance plan.", "value": "DENTAL" }, { "name": "DomesticPartner", "description": "The job offers specific benefits to domestic partners.", "value": "DOMESTIC_PARTNER" }, { "name": "FlexibleHours", "description": "The job allows for a flexible work schedule.", "value": "FLEXIBLE_HOURS" }, { "name": "Medical", "description": "The job includes health services covered by a medical insurance plan.", "value": "MEDICAL" }, { "name": "LifeInsurance", "description": "The job includes a life insurance plan provided by the employer or available for purchase by the employee.", "value": "LIFE_INSURANCE" }, { "name": "ParentalLeave", "description": "The job allows for a leave of absence to a parent to care for a newborn child.", "value": "PARENTAL_LEAVE" }, { "name": "RetirementPlan", "description": "The job includes a workplace retirement plan provided by the employer or available for purchase by the employee.", "value": "RETIREMENT_PLAN" }, { "name": "SickDays", "description": "The job allows for paid time off due to illness.", "value": "SICK_DAYS" }, { "name": "Vacation", "description": "The job includes paid time off for vacation.", "value": "VACATION" }, { "name": "Vision", "description": "The job includes vision services covered by a vision insurance plan.", "value": "VISION" } ] }, "google-native:jobs/v4:JobJobLevel": { "description": "The experience level associated with the job, such as \"Entry Level\".", "type": "string", "enum": [ { "name": "JobLevelUnspecified", "description": "The default value if the level isn't specified.", "value": "JOB_LEVEL_UNSPECIFIED" }, { "name": "EntryLevel", "description": "Entry-level individual contributors, typically with less than 2 years of experience in a similar role. Includes interns.", "value": "ENTRY_LEVEL" }, { "name": "Experienced", "description": "Experienced individual contributors, typically with 2+ years of experience in a similar role.", "value": "EXPERIENCED" }, { "name": "Manager", "description": "Entry- to mid-level managers responsible for managing a team of people.", "value": "MANAGER" }, { "name": "Director", "description": "Senior-level managers responsible for managing teams of managers.", "value": "DIRECTOR" }, { "name": "Executive", "description": "Executive-level managers and above, including C-level positions.", "value": "EXECUTIVE" } ] }, "google-native:jobs/v4:JobPostingRegion": { "description": "The job PostingRegion (for example, state, country) throughout which the job is available. If this field is set, a LocationFilter in a search query within the job region finds this job posting if an exact location match isn't specified. If this field is set to PostingRegion.NATION or PostingRegion.ADMINISTRATIVE_AREA, setting job Job.addresses to the same location level as this field is strongly recommended.", "type": "string", "enum": [ { "name": "PostingRegionUnspecified", "description": "If the region is unspecified, the job is only returned if it matches the LocationFilter.", "value": "POSTING_REGION_UNSPECIFIED" }, { "name": "AdministrativeArea", "description": "In addition to exact location matching, job posting is returned when the LocationFilter in the search query is in the same administrative area as the returned job posting. For example, if a `ADMINISTRATIVE_AREA` job is posted in \"CA, USA\", it's returned if LocationFilter has \"Mountain View\". Administrative area refers to top-level administrative subdivision of this country. For example, US state, IT region, UK constituent nation and JP prefecture.", "value": "ADMINISTRATIVE_AREA" }, { "name": "Nation", "description": "In addition to exact location matching, job is returned when LocationFilter in search query is in the same country as this job. For example, if a `NATION_WIDE` job is posted in \"USA\", it's returned if LocationFilter has 'Mountain View'.", "value": "NATION" }, { "name": "Telecommute", "description": "Job allows employees to work remotely (telecommute). If locations are provided with this value, the job is considered as having a location, but telecommuting is allowed.", "value": "TELECOMMUTE" } ] }, "google-native:jobs/v4:JobVisibility": { "description": "Deprecated. The job is only visible to the owner. The visibility of the job. Defaults to Visibility.ACCOUNT_ONLY if not specified.", "type": "string", "enum": [ { "name": "VisibilityUnspecified", "description": "Default value.", "value": "VISIBILITY_UNSPECIFIED" }, { "name": "AccountOnly", "description": "The resource is only visible to the GCP account who owns it.", "value": "ACCOUNT_ONLY" }, { "name": "SharedWithGoogle", "description": "The resource is visible to the owner and may be visible to other applications and processes at Google.", "value": "SHARED_WITH_GOOGLE" }, { "name": "SharedWithPublic", "description": "The resource is visible to the owner and may be visible to all other API clients.", "value": "SHARED_WITH_PUBLIC" } ] }, "google-native:jobs/v4:LatLngResponse": { "description": "An object that represents a latitude/longitude pair. This is expressed as a pair of doubles to represent degrees latitude and degrees longitude. Unless specified otherwise, this object must conform to the WGS84 standard. Values must be within normalized ranges.", "properties": { "latitude": { "type": "number", "description": "The latitude in degrees. It must be in the range [-90.0, +90.0]." }, "longitude": { "type": "number", "description": "The longitude in degrees. It must be in the range [-180.0, +180.0]." } }, "type": "object", "required": [ "latitude", "longitude" ] }, "google-native:jobs/v4:LocationResponse": { "description": "A resource that represents a location with full geographic information.", "properties": { "latLng": { "$ref": "#/types/google-native:jobs%2Fv4:LatLngResponse", "description": "An object representing a latitude/longitude pair." }, "locationType": { "type": "string", "description": "The type of a location, which corresponds to the address lines field of google.type.PostalAddress. For example, \"Downtown, Atlanta, GA, USA\" has a type of LocationType.NEIGHBORHOOD, and \"Kansas City, KS, USA\" has a type of LocationType.LOCALITY." }, "postalAddress": { "$ref": "#/types/google-native:jobs%2Fv4:PostalAddressResponse", "description": "Postal address of the location that includes human readable information, such as postal delivery and payments addresses. Given a postal address, a postal service can deliver items to a premises, P.O. Box, or other delivery location." }, "radiusMiles": { "type": "number", "description": "Radius in miles of the job location. This value is derived from the location bounding box in which a circle with the specified radius centered from google.type.LatLng covers the area associated with the job location. For example, currently, \"Mountain View, CA, USA\" has a radius of 6.17 miles." } }, "type": "object", "required": [ "latLng", "locationType", "postalAddress", "radiusMiles" ] }, "google-native:jobs/v4:Money": { "description": "Represents an amount of money with its currency type.", "properties": { "currencyCode": { "type": "string", "description": "The three-letter currency code defined in ISO 4217." }, "nanos": { "type": "integer", "description": "Number of nano (10^-9) units of the amount. The value must be between -999,999,999 and +999,999,999 inclusive. If `units` is positive, `nanos` must be positive or zero. If `units` is zero, `nanos` can be positive, zero, or negative. If `units` is negative, `nanos` must be negative or zero. For example $-1.75 is represented as `units`=-1 and `nanos`=-750,000,000." }, "units": { "type": "string", "description": "The whole units of the amount. For example if `currencyCode` is `\"USD\"`, then 1 unit is one US dollar." } }, "type": "object" }, "google-native:jobs/v4:MoneyResponse": { "description": "Represents an amount of money with its currency type.", "properties": { "currencyCode": { "type": "string", "description": "The three-letter currency code defined in ISO 4217." }, "nanos": { "type": "integer", "description": "Number of nano (10^-9) units of the amount. The value must be between -999,999,999 and +999,999,999 inclusive. If `units` is positive, `nanos` must be positive or zero. If `units` is zero, `nanos` can be positive, zero, or negative. If `units` is negative, `nanos` must be negative or zero. For example $-1.75 is represented as `units`=-1 and `nanos`=-750,000,000." }, "units": { "type": "string", "description": "The whole units of the amount. For example if `currencyCode` is `\"USD\"`, then 1 unit is one US dollar." } }, "type": "object", "required": [ "currencyCode", "nanos", "units" ] }, "google-native:jobs/v4:PostalAddressResponse": { "description": "Represents a postal address, e.g. for postal delivery or payments addresses. Given a postal address, a postal service can deliver items to a premise, P.O. Box or similar. It is not intended to model geographical locations (roads, towns, mountains). In typical usage an address would be created via user input or from importing existing data, depending on the type of process. Advice on address input / editing: - Use an internationalization-ready address widget such as https://github.com/google/libaddressinput) - Users should not be presented with UI elements for input or editing of fields outside countries where that field is used. For more guidance on how to use this schema, please see: https://support.google.com/business/answer/6397478", "properties": { "addressLines": { "type": "array", "items": { "type": "string" }, "description": "Unstructured address lines describing the lower levels of an address. Because values in address_lines do not have type information and may sometimes contain multiple values in a single field (e.g. \"Austin, TX\"), it is important that the line order is clear. The order of address lines should be \"envelope order\" for the country/region of the address. In places where this can vary (e.g. Japan), address_language is used to make it explicit (e.g. \"ja\" for large-to-small ordering and \"ja-Latn\" or \"en\" for small-to-large). This way, the most specific line of an address can be selected based on the language. The minimum permitted structural representation of an address consists of a region_code with all remaining information placed in the address_lines. It would be possible to format such an address very approximately without geocoding, but no semantic reasoning could be made about any of the address components until it was at least partially resolved. Creating an address only containing a region_code and address_lines, and then geocoding is the recommended way to handle completely unstructured addresses (as opposed to guessing which parts of the address should be localities or administrative areas)." }, "administrativeArea": { "type": "string", "description": "Optional. Highest administrative subdivision which is used for postal addresses of a country or region. For example, this can be a state, a province, an oblast, or a prefecture. Specifically, for Spain this is the province and not the autonomous community (e.g. \"Barcelona\" and not \"Catalonia\"). Many countries don't use an administrative area in postal addresses. E.g. in Switzerland this should be left unpopulated." }, "languageCode": { "type": "string", "description": "Optional. BCP-47 language code of the contents of this address (if known). This is often the UI language of the input form or is expected to match one of the languages used in the address' country/region, or their transliterated equivalents. This can affect formatting in certain countries, but is not critical to the correctness of the data and will never affect any validation or other non-formatting related operations. If this value is not known, it should be omitted (rather than specifying a possibly incorrect default). Examples: \"zh-Hant\", \"ja\", \"ja-Latn\", \"en\"." }, "locality": { "type": "string", "description": "Optional. Generally refers to the city/town portion of the address. Examples: US city, IT comune, UK post town. In regions of the world where localities are not well defined or do not fit into this structure well, leave locality empty and use address_lines." }, "organization": { "type": "string", "description": "Optional. The name of the organization at the address." }, "postalCode": { "type": "string", "description": "Optional. Postal code of the address. Not all countries use or require postal codes to be present, but where they are used, they may trigger additional validation with other parts of the address (e.g. state/zip validation in the U.S.A.)." }, "recipients": { "type": "array", "items": { "type": "string" }, "description": "Optional. The recipient at the address. This field may, under certain circumstances, contain multiline information. For example, it might contain \"care of\" information." }, "regionCode": { "type": "string", "description": "CLDR region code of the country/region of the address. This is never inferred and it is up to the user to ensure the value is correct. See https://cldr.unicode.org/ and https://www.unicode.org/cldr/charts/30/supplemental/territory_information.html for details. Example: \"CH\" for Switzerland." }, "revision": { "type": "integer", "description": "The schema revision of the `PostalAddress`. This must be set to 0, which is the latest revision. All new revisions **must** be backward compatible with old revisions." }, "sortingCode": { "type": "string", "description": "Optional. Additional, country-specific, sorting code. This is not used in most regions. Where it is used, the value is either a string like \"CEDEX\", optionally followed by a number (e.g. \"CEDEX 7\"), or just a number alone, representing the \"sector code\" (Jamaica), \"delivery area indicator\" (Malawi) or \"post office indicator\" (e.g. Côte d'Ivoire)." }, "sublocality": { "type": "string", "description": "Optional. Sublocality of the address. For example, this can be neighborhoods, boroughs, districts." } }, "type": "object", "required": [ "addressLines", "administrativeArea", "languageCode", "locality", "organization", "postalCode", "recipients", "regionCode", "revision", "sortingCode", "sublocality" ] }, "google-native:jobs/v4:ProcessingOptions": { "description": "Options for job processing.", "properties": { "disableStreetAddressResolution": { "type": "boolean", "description": "If set to `true`, the service does not attempt to resolve a more precise address for the job." }, "htmlSanitization": { "$ref": "#/types/google-native:jobs%2Fv4:ProcessingOptionsHtmlSanitization", "description": "Option for job HTML content sanitization. Applied fields are: * description * applicationInfo.instruction * incentives * qualifications * responsibilities HTML tags in these fields may be stripped if sanitiazation isn't disabled. Defaults to HtmlSanitization.SIMPLE_FORMATTING_ONLY." } }, "type": "object" }, "google-native:jobs/v4:ProcessingOptionsHtmlSanitization": { "description": "Option for job HTML content sanitization. Applied fields are: * description * applicationInfo.instruction * incentives * qualifications * responsibilities HTML tags in these fields may be stripped if sanitiazation isn't disabled. Defaults to HtmlSanitization.SIMPLE_FORMATTING_ONLY.", "type": "string", "enum": [ { "name": "HtmlSanitizationUnspecified", "description": "Default value.", "value": "HTML_SANITIZATION_UNSPECIFIED" }, { "name": "HtmlSanitizationDisabled", "description": "Disables sanitization on HTML input.", "value": "HTML_SANITIZATION_DISABLED" }, { "name": "SimpleFormattingOnly", "description": "Sanitizes HTML input, only accepts bold, italic, ordered list, and unordered list markup tags.", "value": "SIMPLE_FORMATTING_ONLY" } ] }, "google-native:jobs/v4:ProcessingOptionsResponse": { "description": "Options for job processing.", "properties": { "disableStreetAddressResolution": { "type": "boolean", "description": "If set to `true`, the service does not attempt to resolve a more precise address for the job." }, "htmlSanitization": { "type": "string", "description": "Option for job HTML content sanitization. Applied fields are: * description * applicationInfo.instruction * incentives * qualifications * responsibilities HTML tags in these fields may be stripped if sanitiazation isn't disabled. Defaults to HtmlSanitization.SIMPLE_FORMATTING_ONLY." } }, "type": "object", "required": [ "disableStreetAddressResolution", "htmlSanitization" ] }, "google-native:logging/v2:BigQueryDataset": { "description": "Describes a BigQuery dataset that was created by a link.", "type": "object" }, "google-native:logging/v2:BigQueryDatasetResponse": { "description": "Describes a BigQuery dataset that was created by a link.", "properties": { "datasetId": { "type": "string", "description": "The full resource name of the BigQuery dataset. The DATASET_ID will match the ID of the link, so the link must match the naming restrictions of BigQuery datasets (alphanumeric characters and underscores only).The dataset will have a resource path of \"bigquery.googleapis.com/projects/PROJECT_ID/datasets/DATASET_ID\"" } }, "type": "object", "required": [ "datasetId" ] }, "google-native:logging/v2:BigQueryOptions": { "description": "Options that change functionality of a sink exporting data to BigQuery.", "properties": { "usePartitionedTables": { "type": "boolean", "description": "Optional. Whether to use BigQuery's partition tables (https://cloud.google.com/bigquery/docs/partitioned-tables). By default, Cloud Logging creates dated tables based on the log entries' timestamps, e.g. syslog_20170523. With partitioned tables the date suffix is no longer present and special query syntax (https://cloud.google.com/bigquery/docs/querying-partitioned-tables) has to be used instead. In both cases, tables are sharded based on UTC timezone." } }, "type": "object" }, "google-native:logging/v2:BigQueryOptionsResponse": { "description": "Options that change functionality of a sink exporting data to BigQuery.", "properties": { "usePartitionedTables": { "type": "boolean", "description": "Optional. Whether to use BigQuery's partition tables (https://cloud.google.com/bigquery/docs/partitioned-tables). By default, Cloud Logging creates dated tables based on the log entries' timestamps, e.g. syslog_20170523. With partitioned tables the date suffix is no longer present and special query syntax (https://cloud.google.com/bigquery/docs/querying-partitioned-tables) has to be used instead. In both cases, tables are sharded based on UTC timezone." }, "usesTimestampColumnPartitioning": { "type": "boolean", "description": "True if new timestamp column based partitioning is in use, false if legacy ingress-time partitioning is in use.All new sinks will have this field set true and will use timestamp column based partitioning. If use_partitioned_tables is false, this value has no meaning and will be false. Legacy sinks using partitioned tables will have this field set to false." } }, "type": "object", "required": [ "usePartitionedTables", "usesTimestampColumnPartitioning" ] }, "google-native:logging/v2:BillingAccountSinkOutputVersionFormat": { "description": "Deprecated. This field is unused.", "type": "string", "enum": [ { "name": "VersionFormatUnspecified", "description": "An unspecified format version that will default to V2.", "value": "VERSION_FORMAT_UNSPECIFIED" }, { "name": "V2", "description": "LogEntry version 2 format.", "value": "V2" }, { "name": "V1", "description": "LogEntry version 1 format.", "value": "V1" } ] }, "google-native:logging/v2:BucketOptions": { "description": "BucketOptions describes the bucket boundaries used to create a histogram for the distribution. The buckets can be in a linear sequence, an exponential sequence, or each bucket can be specified explicitly. BucketOptions does not include the number of values in each bucket.A bucket has an inclusive lower bound and exclusive upper bound for the values that are counted for that bucket. The upper bound of a bucket must be strictly greater than the lower bound. The sequence of N buckets for a distribution consists of an underflow bucket (number 0), zero or more finite buckets (number 1 through N - 2) and an overflow bucket (number N - 1). The buckets are contiguous: the lower bound of bucket i (i > 0) is the same as the upper bound of bucket i - 1. The buckets span the whole range of finite values: lower bound of the underflow bucket is -infinity and the upper bound of the overflow bucket is +infinity. The finite buckets are so-called because both bounds are finite.", "properties": { "explicitBuckets": { "$ref": "#/types/google-native:logging%2Fv2:Explicit", "description": "The explicit buckets." }, "exponentialBuckets": { "$ref": "#/types/google-native:logging%2Fv2:Exponential", "description": "The exponential buckets." }, "linearBuckets": { "$ref": "#/types/google-native:logging%2Fv2:Linear", "description": "The linear bucket." } }, "type": "object" }, "google-native:logging/v2:BucketOptionsResponse": { "description": "BucketOptions describes the bucket boundaries used to create a histogram for the distribution. The buckets can be in a linear sequence, an exponential sequence, or each bucket can be specified explicitly. BucketOptions does not include the number of values in each bucket.A bucket has an inclusive lower bound and exclusive upper bound for the values that are counted for that bucket. The upper bound of a bucket must be strictly greater than the lower bound. The sequence of N buckets for a distribution consists of an underflow bucket (number 0), zero or more finite buckets (number 1 through N - 2) and an overflow bucket (number N - 1). The buckets are contiguous: the lower bound of bucket i (i > 0) is the same as the upper bound of bucket i - 1. The buckets span the whole range of finite values: lower bound of the underflow bucket is -infinity and the upper bound of the overflow bucket is +infinity. The finite buckets are so-called because both bounds are finite.", "properties": { "explicitBuckets": { "$ref": "#/types/google-native:logging%2Fv2:ExplicitResponse", "description": "The explicit buckets." }, "exponentialBuckets": { "$ref": "#/types/google-native:logging%2Fv2:ExponentialResponse", "description": "The exponential buckets." }, "linearBuckets": { "$ref": "#/types/google-native:logging%2Fv2:LinearResponse", "description": "The linear bucket." } }, "type": "object", "required": [ "explicitBuckets", "exponentialBuckets", "linearBuckets" ] }, "google-native:logging/v2:CmekSettings": { "description": "Describes the customer-managed encryption key (CMEK) settings associated with a project, folder, organization, billing account, or flexible resource.Note: CMEK for the Log Router can currently only be configured for Google Cloud organizations. Once configured, it applies to all projects and folders in the Google Cloud organization.See Enabling CMEK for Log Router (https://cloud.google.com/logging/docs/routing/managed-encryption) for more information.", "properties": { "kmsKeyName": { "type": "string", "description": "The resource name for the configured Cloud KMS key.KMS key name format: \"projects/[PROJECT_ID]/locations/[LOCATION]/keyRings/[KEYRING]/cryptoKeys/[KEY]\" For example:\"projects/my-project/locations/us-central1/keyRings/my-ring/cryptoKeys/my-key\"To enable CMEK for the Log Router, set this field to a valid kms_key_name for which the associated service account has the needed cloudkms.cryptoKeyEncrypterDecrypter roles assigned for the key.The Cloud KMS key used by the Log Router can be updated by changing the kms_key_name to a new valid key name or disabled by setting the key name to an empty string. Encryption operations that are in progress will be completed with the key that was in use when they started. Decryption operations will be completed using the key that was used at the time of encryption unless access to that key has been revoked.To disable CMEK for the Log Router, set this field to an empty string.See Enabling CMEK for Log Router (https://cloud.google.com/logging/docs/routing/managed-encryption) for more information." }, "kmsKeyVersionName": { "type": "string", "description": "The CryptoKeyVersion resource name for the configured Cloud KMS key.KMS key name format: \"projects/[PROJECT_ID]/locations/[LOCATION]/keyRings/[KEYRING]/cryptoKeys/[KEY]/cryptoKeyVersions/[VERSION]\" For example:\"projects/my-project/locations/us-central1/keyRings/my-ring/cryptoKeys/my-key/cryptoKeyVersions/1\"This is a read-only field used to convey the specific configured CryptoKeyVersion of kms_key that has been configured. It will be populated in cases where the CMEK settings are bound to a single key version.If this field is populated, the kms_key is tied to a specific CryptoKeyVersion." } }, "type": "object" }, "google-native:logging/v2:CmekSettingsResponse": { "description": "Describes the customer-managed encryption key (CMEK) settings associated with a project, folder, organization, billing account, or flexible resource.Note: CMEK for the Log Router can currently only be configured for Google Cloud organizations. Once configured, it applies to all projects and folders in the Google Cloud organization.See Enabling CMEK for Log Router (https://cloud.google.com/logging/docs/routing/managed-encryption) for more information.", "properties": { "kmsKeyName": { "type": "string", "description": "The resource name for the configured Cloud KMS key.KMS key name format: \"projects/[PROJECT_ID]/locations/[LOCATION]/keyRings/[KEYRING]/cryptoKeys/[KEY]\" For example:\"projects/my-project/locations/us-central1/keyRings/my-ring/cryptoKeys/my-key\"To enable CMEK for the Log Router, set this field to a valid kms_key_name for which the associated service account has the needed cloudkms.cryptoKeyEncrypterDecrypter roles assigned for the key.The Cloud KMS key used by the Log Router can be updated by changing the kms_key_name to a new valid key name or disabled by setting the key name to an empty string. Encryption operations that are in progress will be completed with the key that was in use when they started. Decryption operations will be completed using the key that was used at the time of encryption unless access to that key has been revoked.To disable CMEK for the Log Router, set this field to an empty string.See Enabling CMEK for Log Router (https://cloud.google.com/logging/docs/routing/managed-encryption) for more information." }, "kmsKeyVersionName": { "type": "string", "description": "The CryptoKeyVersion resource name for the configured Cloud KMS key.KMS key name format: \"projects/[PROJECT_ID]/locations/[LOCATION]/keyRings/[KEYRING]/cryptoKeys/[KEY]/cryptoKeyVersions/[VERSION]\" For example:\"projects/my-project/locations/us-central1/keyRings/my-ring/cryptoKeys/my-key/cryptoKeyVersions/1\"This is a read-only field used to convey the specific configured CryptoKeyVersion of kms_key that has been configured. It will be populated in cases where the CMEK settings are bound to a single key version.If this field is populated, the kms_key is tied to a specific CryptoKeyVersion." }, "name": { "type": "string", "description": "The resource name of the CMEK settings." }, "serviceAccountId": { "type": "string", "description": "The service account that will be used by the Log Router to access your Cloud KMS key.Before enabling CMEK for Log Router, you must first assign the cloudkms.cryptoKeyEncrypterDecrypter role to the service account that the Log Router will use to access your Cloud KMS key. Use GetCmekSettings to obtain the service account ID.See Enabling CMEK for Log Router (https://cloud.google.com/logging/docs/routing/managed-encryption) for more information." } }, "type": "object", "required": [ "kmsKeyName", "kmsKeyVersionName", "name", "serviceAccountId" ] }, "google-native:logging/v2:Explicit": { "description": "Specifies a set of buckets with arbitrary widths.There are size(bounds) + 1 (= N) buckets. Bucket i has the following boundaries:Upper bound (0 <= i < N-1): boundsi Lower bound (1 <= i < N); boundsi - 1The bounds field must contain at least one element. If bounds has only one element, then there are no finite buckets, and that single element is the common boundary of the overflow and underflow buckets.", "properties": { "bounds": { "type": "array", "items": { "type": "number" }, "description": "The values must be monotonically increasing." } }, "type": "object" }, "google-native:logging/v2:ExplicitResponse": { "description": "Specifies a set of buckets with arbitrary widths.There are size(bounds) + 1 (= N) buckets. Bucket i has the following boundaries:Upper bound (0 <= i < N-1): boundsi Lower bound (1 <= i < N); boundsi - 1The bounds field must contain at least one element. If bounds has only one element, then there are no finite buckets, and that single element is the common boundary of the overflow and underflow buckets.", "properties": { "bounds": { "type": "array", "items": { "type": "number" }, "description": "The values must be monotonically increasing." } }, "type": "object", "required": [ "bounds" ] }, "google-native:logging/v2:Exponential": { "description": "Specifies an exponential sequence of buckets that have a width that is proportional to the value of the lower bound. Each bucket represents a constant relative uncertainty on a specific value in the bucket.There are num_finite_buckets + 2 (= N) buckets. Bucket i has the following boundaries:Upper bound (0 <= i < N-1): scale * (growth_factor ^ i).Lower bound (1 <= i < N): scale * (growth_factor ^ (i - 1)).", "properties": { "growthFactor": { "type": "number", "description": "Must be greater than 1." }, "numFiniteBuckets": { "type": "integer", "description": "Must be greater than 0." }, "scale": { "type": "number", "description": "Must be greater than 0." } }, "type": "object" }, "google-native:logging/v2:ExponentialResponse": { "description": "Specifies an exponential sequence of buckets that have a width that is proportional to the value of the lower bound. Each bucket represents a constant relative uncertainty on a specific value in the bucket.There are num_finite_buckets + 2 (= N) buckets. Bucket i has the following boundaries:Upper bound (0 <= i < N-1): scale * (growth_factor ^ i).Lower bound (1 <= i < N): scale * (growth_factor ^ (i - 1)).", "properties": { "growthFactor": { "type": "number", "description": "Must be greater than 1." }, "numFiniteBuckets": { "type": "integer", "description": "Must be greater than 0." }, "scale": { "type": "number", "description": "Must be greater than 0." } }, "type": "object", "required": [ "growthFactor", "numFiniteBuckets", "scale" ] }, "google-native:logging/v2:FolderSinkOutputVersionFormat": { "description": "Deprecated. This field is unused.", "type": "string", "enum": [ { "name": "VersionFormatUnspecified", "description": "An unspecified format version that will default to V2.", "value": "VERSION_FORMAT_UNSPECIFIED" }, { "name": "V2", "description": "LogEntry version 2 format.", "value": "V2" }, { "name": "V1", "description": "LogEntry version 1 format.", "value": "V1" } ] }, "google-native:logging/v2:IndexConfig": { "description": "Configuration for an indexed field.", "properties": { "fieldPath": { "type": "string", "description": "The LogEntry field path to index.Note that some paths are automatically indexed, and other paths are not eligible for indexing. See indexing documentation( https://cloud.google.com/logging/docs/view/advanced-queries#indexed-fields) for details.For example: jsonPayload.request.status" }, "type": { "$ref": "#/types/google-native:logging%2Fv2:IndexConfigType", "description": "The type of data in this index." } }, "type": "object", "required": [ "fieldPath", "type" ] }, "google-native:logging/v2:IndexConfigResponse": { "description": "Configuration for an indexed field.", "properties": { "createTime": { "type": "string", "description": "The timestamp when the index was last modified.This is used to return the timestamp, and will be ignored if supplied during update." }, "fieldPath": { "type": "string", "description": "The LogEntry field path to index.Note that some paths are automatically indexed, and other paths are not eligible for indexing. See indexing documentation( https://cloud.google.com/logging/docs/view/advanced-queries#indexed-fields) for details.For example: jsonPayload.request.status" }, "type": { "type": "string", "description": "The type of data in this index." } }, "type": "object", "required": [ "createTime", "fieldPath", "type" ] }, "google-native:logging/v2:IndexConfigType": { "description": "Required. The type of data in this index.", "type": "string", "enum": [ { "name": "IndexTypeUnspecified", "description": "The index's type is unspecified.", "value": "INDEX_TYPE_UNSPECIFIED" }, { "name": "IndexTypeString", "description": "The index is a string-type index.", "value": "INDEX_TYPE_STRING" }, { "name": "IndexTypeInteger", "description": "The index is a integer-type index.", "value": "INDEX_TYPE_INTEGER" } ] }, "google-native:logging/v2:LabelDescriptor": { "description": "A description of a label.", "properties": { "description": { "type": "string", "description": "A human-readable description for the label." }, "key": { "type": "string", "description": "The label key." }, "valueType": { "$ref": "#/types/google-native:logging%2Fv2:LabelDescriptorValueType", "description": "The type of data that can be assigned to the label." } }, "type": "object" }, "google-native:logging/v2:LabelDescriptorResponse": { "description": "A description of a label.", "properties": { "description": { "type": "string", "description": "A human-readable description for the label." }, "key": { "type": "string", "description": "The label key." }, "valueType": { "type": "string", "description": "The type of data that can be assigned to the label." } }, "type": "object", "required": [ "description", "key", "valueType" ] }, "google-native:logging/v2:LabelDescriptorValueType": { "description": "The type of data that can be assigned to the label.", "type": "string", "enum": [ { "name": "String", "description": "A variable-length string. This is the default.", "value": "STRING" }, { "name": "Bool", "description": "Boolean; true or false.", "value": "BOOL" }, { "name": "Int64", "description": "A 64-bit signed integer.", "value": "INT64" } ] }, "google-native:logging/v2:Linear": { "description": "Specifies a linear sequence of buckets that all have the same width (except overflow and underflow). Each bucket represents a constant absolute uncertainty on the specific value in the bucket.There are num_finite_buckets + 2 (= N) buckets. Bucket i has the following boundaries:Upper bound (0 <= i < N-1): offset + (width * i).Lower bound (1 <= i < N): offset + (width * (i - 1)).", "properties": { "numFiniteBuckets": { "type": "integer", "description": "Must be greater than 0." }, "offset": { "type": "number", "description": "Lower bound of the first bucket." }, "width": { "type": "number", "description": "Must be greater than 0." } }, "type": "object" }, "google-native:logging/v2:LinearResponse": { "description": "Specifies a linear sequence of buckets that all have the same width (except overflow and underflow). Each bucket represents a constant absolute uncertainty on the specific value in the bucket.There are num_finite_buckets + 2 (= N) buckets. Bucket i has the following boundaries:Upper bound (0 <= i < N-1): offset + (width * i).Lower bound (1 <= i < N): offset + (width * (i - 1)).", "properties": { "numFiniteBuckets": { "type": "integer", "description": "Must be greater than 0." }, "offset": { "type": "number", "description": "Lower bound of the first bucket." }, "width": { "type": "number", "description": "Must be greater than 0." } }, "type": "object", "required": [ "numFiniteBuckets", "offset", "width" ] }, "google-native:logging/v2:LogExclusion": { "description": "Specifies a set of log entries that are filtered out by a sink. If your Google Cloud resource receives a large volume of log entries, you can use exclusions to reduce your chargeable logs. Note that exclusions on organization-level and folder-level sinks don't apply to child resources. Note also that you cannot modify the _Required sink or exclude logs from it.", "properties": { "description": { "type": "string", "description": "Optional. A description of this exclusion." }, "disabled": { "type": "boolean", "description": "Optional. If set to True, then this exclusion is disabled and it does not exclude any log entries. You can update an exclusion to change the value of this field." }, "filter": { "type": "string", "description": "An advanced logs filter (https://cloud.google.com/logging/docs/view/advanced-queries) that matches the log entries to be excluded. By using the sample function (https://cloud.google.com/logging/docs/view/advanced-queries#sample), you can exclude less than 100% of the matching log entries.For example, the following query matches 99% of low-severity log entries from Google Cloud Storage buckets:resource.type=gcs_bucket severity